Re: mounting a .iso image? ... missing man page
On 10/09/2013 10:14 pm, Gary Aitken wrote: For some strange reason, my 9.1 system seems to be missing the section 1 man page for tar, although everything else seems to be there. I have an iso9660 image of 9.1 release which I tried to mount to copy the missing file, but that didn't work (can't find the CD I burned...). #mount -t cd9660 -o ro FreeBSD-9.1-RELEASE-amd64-disc1.iso /mnt/tmp mount_cd9660: /hd1/Downloads/FreeBSD/9_1/FreeBSD-9.1-RELEASE-amd64-disc1.iso: Block device required Seems like it must be possible to mount a cd9660 image somehow without burning an actual disc? Gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org mdconfig -a -t vnode -f /path/to/file.iso this will create a /dev/md# where # starts at 0 for first one mount it with mount -t cd9660 -o ro /dev/md# /mnt -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9.1 - 9.2 upgrade
On 10/08/2013 4:27 am, Doug Hardie wrote: On 5 October 2013, at 05:08, Polytropon free...@edvax.de wrote: On Fri, 4 Oct 2013 21:49:18 -0700, Doug Hardie wrote: On 4 October 2013, at 20:03, Polytropon free...@edvax.de wrote: On Fri, 4 Oct 2013 19:42:15 -0700, Doug Hardie wrote: On 4 October 2013, at 19:08, Polytropon free...@edvax.de wrote: On Fri, 4 Oct 2013 18:58:52 -0700, Doug Hardie wrote: The exact sequence was: Step 1: freebsd-update from 9.1 to 9.2 Have you verified in /etc/freebsd-update.conf that src is definitely part of what should be updated? System is not bootable - can't verify anything… Does the system (or better, its enclosure, software-wise) allow booting a rescue system or an emergency media, such as a FreeBSD v9 live system? Yes - but there is no one there who can successfully be told how to run it. Not even inserting a USB stick (with the FreeBSD memstick data) or a CD? We have serious communications issues - they want to use back slashes and have no idea what a slash is. Maybe that is the result of many years of administration on Windows PCs. :-) Even if you tell them which key to use, they know better and use a back slash cause thats what Windoze uses. Uh... knowing better would disqualify them as maintainers of a server installation. The inability to learn (or even to read and follow instructions) is a dangerous thing. The disk should be in the mail to me now. I will be able to work with it when it arrives. Okay, that's also a possible alternative. To be honest, that's the first time I hear about this procedure. But doable. The file /etc/freebsd-update.conf should contain the line Components src world kernel if you want to make sure the source is properly updated, along with the world and kernel (GENERIC). As indicated before, I don't think all the source got updated. The kernel showed 9.2 after recompilation. However UPDATING was not updated. Thats as much as I could check before. I assume that this could be possible by inconsistently updated sources. It would be a good start to remove /usr/src and download the sources of the correct version via SVN _or_ freebsd-update again. Before the next installation attempt, /usr/obj should be removed as well, just to be sure. Step 5: reboot Attention: Into single-user mode. Not possible since the system is located over 100 miles away. Everything has to be done via remote console. Does this mean SSH only or do you have a _real_ console transmission by which you can access the system _prior_ to the OS providing the SSH access? I'm mentioning this because the traditional approach requires (few) steps done in the single-user mode where no SSH connectivity is provided in the normal way… I have a telnet box that has serial connections to the console ports. That approach has been used without any issues since FreeBSD 2.5. I do disable all ports during the process via an reduced rc.conf file. A serial console should also work, but even though I've been using serial consoles (and _real_ serial terminals), one thing I'm not sure about: Is it possible to interrupt (!) the boot process at an early stage to get to the loader prompt and boot into single user mode from there? Ok boot -s If not, do you have the beastie menu (or whatever it is called today) enabled to go to SUM to perform the make installworld step? Anyway, if you can install everything is required with the disk at home, and then send it back to that datacenter (according to your characterization, the quotes are deserved), that should solve the problems and make sure everything works as intended. The Thick Plottens… I received the drives and installed them on a working system. The failed system is structured with a single partition for the system and another for swap. For some unknown reason, the BIOS got left configured to boot the extra disk if its powered up. That turns out to be handy. I can boot a working system with the corrupt drive powered off. Booting from the corrupt drive yields the normal hardware info followed by the Beastie image and immediately by a multitude of lines (repeated many times): Consoles: internal video/keyboard serial port BIOS drive C: is disk0 BIOS drive D: is disk1 BIOS 639kB/1037824kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (d...@zool.lafn.org, Thu Oct 3 04:23:13 PDT 2013) Can't work out which disk we are booting from. Guessed BIOS device 0x not found by probes, defaulting to disk0: I was able to capture these by using a serial console connected to another computer. The lines only appear on the serial console once. They scroll by on the real console many time - all too fast to read anything. Then after a few seconds of that, the screen goes black, and the system reboots. The cycle then repeats… Pressing any key does nothing. I even filled the keyboard buffer with spaces hoping to stop boot, but nothing seems to stop
Re: 9.1 - 9.2 upgrade
On 10/04/2013 1:36 am, Doug Hardie wrote: On 3 October 2013, at 11:48, Doug Hardie bc...@lafn.org wrote: On 3 October 2013, at 10:49, Doug Hardie bc...@lafn.org wrote: I just did an upgrade using freebsd-update to 9.2. This system uses a custom kernel so I am rebuilding everything after the update completed. However, I noticed that /usr/src/UPDATING has not been updated. The first entry still says: 9.1-RELEASE. Is this correct? Well, it just got worse - The last reboot now fails: I am using a remote console and it shows: -- Press a key on the console to reboot -- Rebooting... Consoles: internal video/keyboard serial port BIOS drive A: is disk0 BIOS drive C: is disk1 BIOS 639kB/2087360kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (d...@zool.lafn.org, Thu Oct 3 04:23:13 PDT 2013) Can't work out which disk we are booting from. Guessed BIOS device 0x not found by probes, defaulting to disk0: panic: free: guard1 fail @ 0x7f481ed0 from /usr/src/sys/boot/i386/loader/../../common/module.c:1004 -- Press a key on the console to reboot -- I can enter a string as it doesn't try to reboot again till the return is entered. I've tried b disk1, but it still only tries disk0. The system rebooted fine after the reboot after make kernel. Mergemaster didn't seem to affect anything dealing with boot. Don't know what make delete-old does but the descriptions lead me to not believe it could cause this. This system is on the other side of LA from me so its a major trip timewise. Any ideas how this can be recovered remotely? Booting off the live CD didn't find anything obviously wrong. I replaced the kernel with the old one and still the same error. I am having the drive mailed to me and will work with it here. However, it appears a new install is going to be required. The old sysinstall had the capability to skip over the formatting of the disk by just entering quit. It would then just replace the system components and leave everything else alone. I don't see any obvious way to do the same thing with bsdinstall. Is there a way to do that. I don't want to have to completely rebuild the drive, but just replace the system. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Just want to clarify the steps that started this if I read everything right: Step 1: freebsd-update from 9.1 to 9.2 Step 2: compile from source ? Was this world, or just the custom kernel?? Step 3: make delete-old Step 4: mergemaster Step 5: reboot oops, something went wrong.. If my suspicions are correct, the source was still 9.1 patch 7, but the system was running 9.2 from the binary update. This may have caused the make delete-old to delete things it shouldn't have The very first thing I would do is bring the disk up in another system and make a backup copy of the data. I have never tried this process, I am basically just taking the steps I use for updating a zfs system using boot environments, and applying them in order to build a new kernel and world to an alternate directory, as a method of recovering the system. The next step I would take is to then mount the file systems in an alternate location, /mnt for example make MAKEOBJDIRPREFIX /mnt/usr/obj make DESTDIR /mnt cd /mnt/usr/src rm -r * .svn rm -r /usr/obj/* svn co https://svn0.us-west.freebsd.org/base/releng/9.2 make buildwolrd make buildkernel make installkernel make installworld make -DBATCH_DELETE_OLD_FILES delete-old make -DBATCH_DELETE_OLD_FILES delete-old-libs mergemaster -Ui /mnt/usr/src -D /mnt With some luck the file system will now contain a boot-able FreeBSD install, that will still have all the settings in place, except it will be the generic kernel. You should then just be able to build and install the custom kernel, from the booted system as you normally would. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
9.1 - 9.2 upgrade, clang question
When upgrading from 9.1 to 9.2 using source, is there any benefit to rebuilding twice, due to the clang version change? So that the second buildworld/kernel is done from the updated clang 3.3, instead of the clang 3.1 that was in FreeBSD 9.1? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9.1 - 9.2 upgrade
On 10/03/2013 1:48 pm, Doug Hardie wrote: On 3 October 2013, at 10:49, Doug Hardie bc...@lafn.org wrote: I just did an upgrade using freebsd-update to 9.2. This system uses a custom kernel so I am rebuilding everything after the update completed. However, I noticed that /usr/src/UPDATING has not been updated. The first entry still says: 9.1-RELEASE. Is this correct? Well, it just got worse - The last reboot now fails: I am using a remote console and it shows: -- Press a key on the console to reboot -- Rebooting... Consoles: internal video/keyboard serial port BIOS drive A: is disk0 BIOS drive C: is disk1 BIOS 639kB/2087360kB available memory FreeBSD/x86 bootstrap loader, Revision 1.1 (d...@zool.lafn.org, Thu Oct 3 04:23:13 PDT 2013) Can't work out which disk we are booting from. Guessed BIOS device 0x not found by probes, defaulting to disk0: panic: free: guard1 fail @ 0x7f481ed0 from /usr/src/sys/boot/i386/loader/../../common/module.c:1004 -- Press a key on the console to reboot -- I can enter a string as it doesn't try to reboot again till the return is entered. I've tried b disk1, but it still only tries disk0. The system rebooted fine after the reboot after make kernel. Mergemaster didn't seem to affect anything dealing with boot. Don't know what make delete-old does but the descriptions lead me to not believe it could cause this. This system is on the other side of LA from me so its a major trip timewise. Any ideas how this can be recovered remotely? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I wonder if your source update didn't correctly download, mine starts with: Updating Information for FreeBSD current users ...[snip]... Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. 20130705: hastctl(8)'s `status' command output changed to terse one-liner format. Scripts using this should switch to `list' command or be rewritten. 20130618: Fix a bug that allowed a tracing process (e.g. gdb) to write ...[snip]... 20121218: With the addition of auditdistd(8), a new auditdistd user is now depended on during installworld. mergemaster -p can be used to add the user prior to installworld, as documented in the handbook. 20121205: 9.1-RELEASE. ...[snip]... I haven't a clue how to fix your non booting system short of booting off a FreeBSD disc, going to live CD, mounting the filesystems in a temp location and doing a buildworld/kernel over again with correct source tree. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Port of icedtea-web-1.4_1, on 64 bit system might have a problem in the install process.
On 10/02/2013 6:35 am, Volodymyr Kostyrko wrote: 01.10.2013 21:12, dweimer wrote: On 10/01/2013 11:09 am, dweimer wrote: I was struggling to get itweb-javaws to execute, due to it not being able to find libjava.so, after running it through truss, I was able to determine that its looking for the library under /usr/local/lib/amd64, the file is located in /usr/local/openjdk7/jre/lib/amd64, I was able to work around the problem by creating a symbolic link to point /usr/local/lib/amd64 to /usr/local/openjdk/jre/lib/amd64, as the amd64 sub-directory didn't exist in /usr/local/lib. This does make me wonder though, if I am just missing something from my environment, that's causing this. Or is the port install not doing something that it should be doing? System is a new build of 9.2-RELEASE, compiled from source, source and ports all built with clang where possible. Just an update, this only worked the first time I executed it, now all I get is: java.lang.UnsatisfiedLinkError: /usr/local/openjdk7/jre/lib/amd64/libsplashscreen.so: /usr/local/openjdk7/jre/lib/amd64/libsplashscreen.so: Undefined symbol jpeg_resync_to_restart Try `-headless`. You wont see the shiny logo though... Thank you, this fixed that part, silly me, I was searching the help for things like -nosplash, and disable splash screen. Didn't realize that this was the same thing: -headless Disables download window, other UIs. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Port of icedtea-web-1.4_1, on 64 bit system might have a problem in the install process.
I was struggling to get itweb-javaws to execute, due to it not being able to find libjava.so, after running it through truss, I was able to determine that its looking for the library under /usr/local/lib/amd64, the file is located in /usr/local/openjdk7/jre/lib/amd64, I was able to work around the problem by creating a symbolic link to point /usr/local/lib/amd64 to /usr/local/openjdk/jre/lib/amd64, as the amd64 sub-directory didn't exist in /usr/local/lib. This does make me wonder though, if I am just missing something from my environment, that's causing this. Or is the port install not doing something that it should be doing? System is a new build of 9.2-RELEASE, compiled from source, source and ports all built with clang where possible. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Port of icedtea-web-1.4_1, on 64 bit system might have a problem in the install process.
On 10/01/2013 11:09 am, dweimer wrote: I was struggling to get itweb-javaws to execute, due to it not being able to find libjava.so, after running it through truss, I was able to determine that its looking for the library under /usr/local/lib/amd64, the file is located in /usr/local/openjdk7/jre/lib/amd64, I was able to work around the problem by creating a symbolic link to point /usr/local/lib/amd64 to /usr/local/openjdk/jre/lib/amd64, as the amd64 sub-directory didn't exist in /usr/local/lib. This does make me wonder though, if I am just missing something from my environment, that's causing this. Or is the port install not doing something that it should be doing? System is a new build of 9.2-RELEASE, compiled from source, source and ports all built with clang where possible. Just an update, this only worked the first time I executed it, now all I get is: java.lang.UnsatisfiedLinkError: /usr/local/openjdk7/jre/lib/amd64/libsplashscreen.so: /usr/local/openjdk7/jre/lib/amd64/libsplashscreen.so: Undefined symbol jpeg_resync_to_restart I somewhat worked around it by installing the linux_sun_jre 7.40, and pointing icedtea webstart at it, searching online shows this to be most likely be a bug in the port of openjdk. http://www.freebsd.org/cgi/query-pr.cgi?pr=119654 -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Snapshots Not able to be accessed under .zfs/snapshot/name
On 08/16/2013 8:49 am, dweimer wrote: On 08/15/2013 10:00 am, dweimer wrote: On 08/14/2013 9:43 pm, Shane Ambler wrote: On 14/08/2013 22:57, dweimer wrote: I have a few systems running on ZFS with a backup script that creates snapshots, then backs up the .zfs/snapshot/name directory to make sure open files are not missed. This has been working great but all of the sudden one of my systems has stopped working. It takes the snapshots fine, zfs list -t spnapshot shows the snapshots, but if you do an ls command, on the .zfs/snapshot/ directory it returns not a directory. part of the zfs list output: NAMEUSED AVAIL REFER MOUNTPOINT zroot 4.48G 29.7G31K none zroot/ROOT 2.92G 29.7G31K none zroot/ROOT/91p5-20130812 2.92G 29.7G 2.92G legacy zroot/home 144K 29.7G 122K /home part of the zfs list -t snapshot output: NAMEUSED AVAIL REFER MOUNTPOINT zroot/ROOT/91p5-20130812@91p5-20130812--bsnap 340K - 2.92G - zroot/home@home--bsnap 22K - 122K - ls /.zfs/snapshot/91p5-20130812--bsnap/ Does work at the right now, since the last reboot, but wasn't always working, this is my boot environment. if I do ls /home/.zfs/snapshot/, result is: ls: /home/.zfs/snapshot/: Not a directory if I do ls /home/.zfs, result is: ls: snapshot: Bad file descriptor shares I have tried zpool scrub zroot, no errors were found, if I reboot the system I can get one good backup, then I start having problems. Anyone else ever ran into this, any suggestions as to a fix? System is running FreeBSD 9.1-RELEASE-p5 #1 r253764: Mon Jul 29 15:07:35 CDT 2013, zpool is running version 28, zfs is running version 5 I can say I've had this problem. Not certain what fixed it. I do remember I decided to stop snapshoting if I couldn't access them and deleted existing snapshots. I later restarted the machine before I went back for another look and they were working. So my guess is a restart without existing snapshots may be the key. Now if only we could find out what started the issue so we can stop it happening again. I had actually rebooted it last night, prior to seeing this message, I do know it didn't have any snapshots this time. As I am booting from ZFS using boot environments I may have had an older boot environment still on the system the last time it was rebooted. Backups ran great last night after the reboot, and I was able to kick off my pre-backup job and access all the snapshots today. Hopefully it doesn't come back, but if it does I will see if I can find anything else wrong. FYI, It didn't shutdown cleanly, so if this helps anyone find the issue, this is from my system logs: Aug 14 22:08:04 cblproxy1 kernel: Aug 14 22:08:04 cblproxy1 kernel: Fatal trap 12: page fault while in kernel mode Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0; apic id = 00 Aug 14 22:08:04 cblproxy1 kernel: fault virtual address = 0xa8 Aug 14 22:08:04 cblproxy1 kernel: fault code= supervisor write data, page not present Aug 14 22:08:04 cblproxy1 kernel: instruction pointer = 0x20:0x808b0562 Aug 14 22:08:04 cblproxy1 kernel: stack pointer = 0x28:0xff80002238f0 Aug 14 22:08:04 cblproxy1 kernel: frame pointer = 0x28:0xff8000223910 Aug 14 22:08:04 cblproxy1 kernel: code segment = base 0x0, limit 0xf, type 0x1b Aug 14 22:08:04 cblproxy1 kernel: = DPL 0, pres 1, long 1, def32 0, gran 1 Aug 14 22:08:04 cblproxy1 kernel: processor eflags = interrupt enabled, resume, IOPL = 0 Aug 14 22:08:04 cblproxy1 kernel: current process = 1 (init) Aug 14 22:08:04 cblproxy1 kernel: trap number = 12 Aug 14 22:08:04 cblproxy1 kernel: panic: page fault Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0 Aug 14 22:08:04 cblproxy1 kernel: KDB: stack backtrace: Aug 14 22:08:04 cblproxy1 kernel: #0 0x808ddaf0 at kdb_backtrace+0x60 Aug 14 22:08:04 cblproxy1 kernel: #1 0x808a951d at panic+0x1fd Aug 14 22:08:04 cblproxy1 kernel: #2 0x80b81578 at trap_fatal+0x388 Aug 14 22:08:04 cblproxy1 kernel: #3 0x80b81836 at trap_pfault+0x2a6 Aug 14 22:08:04 cblproxy1 kernel: #4 0x80b80ea1 at trap+0x2a1 Aug 14 22:08:04 cblproxy1 kernel: #5 0x80b6c7b3 at calltrap+0x8 Aug 14 22:08:04 cblproxy1 kernel: #6 0x815276da at zfsctl_umount_snapshots+0x8a Aug 14 22:08:04 cblproxy1 kernel: #7 0x81536766 at zfs_umount+0x76 Aug 14 22:08:04 cblproxy1 kernel: #8 0x809340bc at dounmount+0x3cc Aug 14 22:08:04 cblproxy1 kernel: #9 0x8093c101 at vfs_unmountall+0x71 Aug 14 22:08:04 cblproxy1 kernel: #10 0x808a8eae at kern_reboot+0x4ee Aug 14 22:08:04 cblproxy1 kernel: #11 0x808a89c0 at kern_reboot+0 Aug 14 22:08:04 cblproxy1 kernel: #12 0x80b81dab at amd64_syscall+0x29b Aug 14 22:08:04 cblproxy1 kernel: #13
Re: FreeBSD Squid 3.2 Reverse Proxy with HTTPS
On 09/05/2013 7:24 pm, Daniel Duerr wrote: Hi Dean, Just stumbled upon your post. I'm encountering the exact same issue as you with my freebsd 8.3 squid-3.2.13 server. Have you learned anything new on this issue? Best, Daniel -- daniel duerr | president | ouido.net d...@ouido.net | +1 (831) 531-2272 x103 Managed hosting services for Business ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Well Yes and No, I never did find the exact cause or fix, but when I tried the Squid 3.3 after the FreeBSD port was available on 9.1 the problem was gone. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Snapshots Not able to be accessed under .zfs/snapshot/name
On 08/15/2013 10:00 am, dweimer wrote: On 08/14/2013 9:43 pm, Shane Ambler wrote: On 14/08/2013 22:57, dweimer wrote: I have a few systems running on ZFS with a backup script that creates snapshots, then backs up the .zfs/snapshot/name directory to make sure open files are not missed. This has been working great but all of the sudden one of my systems has stopped working. It takes the snapshots fine, zfs list -t spnapshot shows the snapshots, but if you do an ls command, on the .zfs/snapshot/ directory it returns not a directory. part of the zfs list output: NAMEUSED AVAIL REFER MOUNTPOINT zroot 4.48G 29.7G31K none zroot/ROOT 2.92G 29.7G31K none zroot/ROOT/91p5-20130812 2.92G 29.7G 2.92G legacy zroot/home 144K 29.7G 122K /home part of the zfs list -t snapshot output: NAMEUSED AVAIL REFER MOUNTPOINT zroot/ROOT/91p5-20130812@91p5-20130812--bsnap 340K - 2.92G - zroot/home@home--bsnap 22K - 122K - ls /.zfs/snapshot/91p5-20130812--bsnap/ Does work at the right now, since the last reboot, but wasn't always working, this is my boot environment. if I do ls /home/.zfs/snapshot/, result is: ls: /home/.zfs/snapshot/: Not a directory if I do ls /home/.zfs, result is: ls: snapshot: Bad file descriptor shares I have tried zpool scrub zroot, no errors were found, if I reboot the system I can get one good backup, then I start having problems. Anyone else ever ran into this, any suggestions as to a fix? System is running FreeBSD 9.1-RELEASE-p5 #1 r253764: Mon Jul 29 15:07:35 CDT 2013, zpool is running version 28, zfs is running version 5 I can say I've had this problem. Not certain what fixed it. I do remember I decided to stop snapshoting if I couldn't access them and deleted existing snapshots. I later restarted the machine before I went back for another look and they were working. So my guess is a restart without existing snapshots may be the key. Now if only we could find out what started the issue so we can stop it happening again. I had actually rebooted it last night, prior to seeing this message, I do know it didn't have any snapshots this time. As I am booting from ZFS using boot environments I may have had an older boot environment still on the system the last time it was rebooted. Backups ran great last night after the reboot, and I was able to kick off my pre-backup job and access all the snapshots today. Hopefully it doesn't come back, but if it does I will see if I can find anything else wrong. FYI, It didn't shutdown cleanly, so if this helps anyone find the issue, this is from my system logs: Aug 14 22:08:04 cblproxy1 kernel: Aug 14 22:08:04 cblproxy1 kernel: Fatal trap 12: page fault while in kernel mode Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0; apic id = 00 Aug 14 22:08:04 cblproxy1 kernel: fault virtual address = 0xa8 Aug 14 22:08:04 cblproxy1 kernel: fault code= supervisor write data, page not present Aug 14 22:08:04 cblproxy1 kernel: instruction pointer = 0x20:0x808b0562 Aug 14 22:08:04 cblproxy1 kernel: stack pointer = 0x28:0xff80002238f0 Aug 14 22:08:04 cblproxy1 kernel: frame pointer = 0x28:0xff8000223910 Aug 14 22:08:04 cblproxy1 kernel: code segment = base 0x0, limit 0xf, type 0x1b Aug 14 22:08:04 cblproxy1 kernel: = DPL 0, pres 1, long 1, def32 0, gran 1 Aug 14 22:08:04 cblproxy1 kernel: processor eflags = interrupt enabled, resume, IOPL = 0 Aug 14 22:08:04 cblproxy1 kernel: current process = 1 (init) Aug 14 22:08:04 cblproxy1 kernel: trap number = 12 Aug 14 22:08:04 cblproxy1 kernel: panic: page fault Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0 Aug 14 22:08:04 cblproxy1 kernel: KDB: stack backtrace: Aug 14 22:08:04 cblproxy1 kernel: #0 0x808ddaf0 at kdb_backtrace+0x60 Aug 14 22:08:04 cblproxy1 kernel: #1 0x808a951d at panic+0x1fd Aug 14 22:08:04 cblproxy1 kernel: #2 0x80b81578 at trap_fatal+0x388 Aug 14 22:08:04 cblproxy1 kernel: #3 0x80b81836 at trap_pfault+0x2a6 Aug 14 22:08:04 cblproxy1 kernel: #4 0x80b80ea1 at trap+0x2a1 Aug 14 22:08:04 cblproxy1 kernel: #5 0x80b6c7b3 at calltrap+0x8 Aug 14 22:08:04 cblproxy1 kernel: #6 0x815276da at zfsctl_umount_snapshots+0x8a Aug 14 22:08:04 cblproxy1 kernel: #7 0x81536766 at zfs_umount+0x76 Aug 14 22:08:04 cblproxy1 kernel: #8 0x809340bc at dounmount+0x3cc Aug 14 22:08:04 cblproxy1 kernel: #9 0x8093c101 at vfs_unmountall+0x71 Aug 14 22:08:04 cblproxy1 kernel: #10 0x808a8eae at kern_reboot+0x4ee Aug 14 22:08:04 cblproxy1 kernel: #11 0x808a89c0 at kern_reboot+0 Aug 14 22:08:04 cblproxy1 kernel: #12 0x80b81dab at amd64_syscall+0x29b Aug 14 22:08:04 cblproxy1 kernel: #13 0x80b6ca9b at Xfast_syscall+0xfb Well its
Re: ZFS Snapshots Not able to be accessed under .zfs/snapshot/name
On 08/14/2013 9:43 pm, Shane Ambler wrote: On 14/08/2013 22:57, dweimer wrote: I have a few systems running on ZFS with a backup script that creates snapshots, then backs up the .zfs/snapshot/name directory to make sure open files are not missed. This has been working great but all of the sudden one of my systems has stopped working. It takes the snapshots fine, zfs list -t spnapshot shows the snapshots, but if you do an ls command, on the .zfs/snapshot/ directory it returns not a directory. part of the zfs list output: NAMEUSED AVAIL REFER MOUNTPOINT zroot 4.48G 29.7G31K none zroot/ROOT 2.92G 29.7G31K none zroot/ROOT/91p5-20130812 2.92G 29.7G 2.92G legacy zroot/home 144K 29.7G 122K /home part of the zfs list -t snapshot output: NAMEUSED AVAIL REFER MOUNTPOINT zroot/ROOT/91p5-20130812@91p5-20130812--bsnap 340K - 2.92G - zroot/home@home--bsnap 22K - 122K - ls /.zfs/snapshot/91p5-20130812--bsnap/ Does work at the right now, since the last reboot, but wasn't always working, this is my boot environment. if I do ls /home/.zfs/snapshot/, result is: ls: /home/.zfs/snapshot/: Not a directory if I do ls /home/.zfs, result is: ls: snapshot: Bad file descriptor shares I have tried zpool scrub zroot, no errors were found, if I reboot the system I can get one good backup, then I start having problems. Anyone else ever ran into this, any suggestions as to a fix? System is running FreeBSD 9.1-RELEASE-p5 #1 r253764: Mon Jul 29 15:07:35 CDT 2013, zpool is running version 28, zfs is running version 5 I can say I've had this problem. Not certain what fixed it. I do remember I decided to stop snapshoting if I couldn't access them and deleted existing snapshots. I later restarted the machine before I went back for another look and they were working. So my guess is a restart without existing snapshots may be the key. Now if only we could find out what started the issue so we can stop it happening again. I had actually rebooted it last night, prior to seeing this message, I do know it didn't have any snapshots this time. As I am booting from ZFS using boot environments I may have had an older boot environment still on the system the last time it was rebooted. Backups ran great last night after the reboot, and I was able to kick off my pre-backup job and access all the snapshots today. Hopefully it doesn't come back, but if it does I will see if I can find anything else wrong. FYI, It didn't shutdown cleanly, so if this helps anyone find the issue, this is from my system logs: Aug 14 22:08:04 cblproxy1 kernel: Aug 14 22:08:04 cblproxy1 kernel: Fatal trap 12: page fault while in kernel mode Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0; apic id = 00 Aug 14 22:08:04 cblproxy1 kernel: fault virtual address = 0xa8 Aug 14 22:08:04 cblproxy1 kernel: fault code= supervisor write data, page not present Aug 14 22:08:04 cblproxy1 kernel: instruction pointer = 0x20:0x808b0562 Aug 14 22:08:04 cblproxy1 kernel: stack pointer = 0x28:0xff80002238f0 Aug 14 22:08:04 cblproxy1 kernel: frame pointer = 0x28:0xff8000223910 Aug 14 22:08:04 cblproxy1 kernel: code segment = base 0x0, limit 0xf, type 0x1b Aug 14 22:08:04 cblproxy1 kernel: = DPL 0, pres 1, long 1, def32 0, gran 1 Aug 14 22:08:04 cblproxy1 kernel: processor eflags = interrupt enabled, resume, IOPL = 0 Aug 14 22:08:04 cblproxy1 kernel: current process = 1 (init) Aug 14 22:08:04 cblproxy1 kernel: trap number = 12 Aug 14 22:08:04 cblproxy1 kernel: panic: page fault Aug 14 22:08:04 cblproxy1 kernel: cpuid = 0 Aug 14 22:08:04 cblproxy1 kernel: KDB: stack backtrace: Aug 14 22:08:04 cblproxy1 kernel: #0 0x808ddaf0 at kdb_backtrace+0x60 Aug 14 22:08:04 cblproxy1 kernel: #1 0x808a951d at panic+0x1fd Aug 14 22:08:04 cblproxy1 kernel: #2 0x80b81578 at trap_fatal+0x388 Aug 14 22:08:04 cblproxy1 kernel: #3 0x80b81836 at trap_pfault+0x2a6 Aug 14 22:08:04 cblproxy1 kernel: #4 0x80b80ea1 at trap+0x2a1 Aug 14 22:08:04 cblproxy1 kernel: #5 0x80b6c7b3 at calltrap+0x8 Aug 14 22:08:04 cblproxy1 kernel: #6 0x815276da at zfsctl_umount_snapshots+0x8a Aug 14 22:08:04 cblproxy1 kernel: #7 0x81536766 at zfs_umount+0x76 Aug 14 22:08:04 cblproxy1 kernel: #8 0x809340bc at dounmount+0x3cc Aug 14 22:08:04 cblproxy1 kernel: #9 0x8093c101 at vfs_unmountall+0x71 Aug 14 22:08:04 cblproxy1 kernel: #10 0x808a8eae at kern_reboot+0x4ee Aug 14 22:08:04 cblproxy1 kernel: #11 0x808a89c0 at kern_reboot+0 Aug 14 22:08:04 cblproxy1 kernel: #12 0x80b81dab at amd64_syscall+0x29b Aug 14 22:08:04 cblproxy1 kernel: #13 0x80b6ca9b at Xfast_syscall+0xfb -- Thanks, Dean E. Weimer http
ZFS Snapshots Not able to be accessed under .zfs/snapshot/name
I have a few systems running on ZFS with a backup script that creates snapshots, then backs up the .zfs/snapshot/name directory to make sure open files are not missed. This has been working great but all of the sudden one of my systems has stopped working. It takes the snapshots fine, zfs list -t spnapshot shows the snapshots, but if you do an ls command, on the .zfs/snapshot/ directory it returns not a directory. part of the zfs list output: NAMEUSED AVAIL REFER MOUNTPOINT zroot 4.48G 29.7G31K none zroot/ROOT 2.92G 29.7G31K none zroot/ROOT/91p5-20130812 2.92G 29.7G 2.92G legacy zroot/home 144K 29.7G 122K /home part of the zfs list -t snapshot output: NAMEUSED AVAIL REFER MOUNTPOINT zroot/ROOT/91p5-20130812@91p5-20130812--bsnap 340K - 2.92G - zroot/home@home--bsnap 22K - 122K - ls /.zfs/snapshot/91p5-20130812--bsnap/ Does work at the right now, since the last reboot, but wasn't always working, this is my boot environment. if I do ls /home/.zfs/snapshot/, result is: ls: /home/.zfs/snapshot/: Not a directory if I do ls /home/.zfs, result is: ls: snapshot: Bad file descriptor shares I have tried zpool scrub zroot, no errors were found, if I reboot the system I can get one good backup, then I start having problems. Anyone else ever ran into this, any suggestions as to a fix? System is running FreeBSD 9.1-RELEASE-p5 #1 r253764: Mon Jul 29 15:07:35 CDT 2013, zpool is running version 28, zfs is running version 5 -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
How to Fix Port Audit showing ports not installed on a system
I have a system that I just recently setup port audit, after realizing I forgot to install it on the machine. The problem is that it is finding vulnerabilities in several ports that are not installed on the system. These may have been installed at one point and removed. Firefox is one of the ones listed, I know that it was on the system previously, but was removed a few months back. portmaster -l and pkg info don't list it as installed, but port audit shows: firefox-20.0,1. Where would portaudit be picking up these ports from? Is there anyway to reset its database? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to Fix Port Audit showing ports not installed on a system
On 08/06/2013 11:58 am, Paul Macdonald wrote: On 06/08/2013 17:25, dweimer wrote: I have a system that I just recently setup port audit, after realizing I forgot to install it on the machine. The problem is that it is finding vulnerabilities in several ports that are not installed on the system. These may have been installed at one point and removed. Firefox is one of the ones listed, I know that it was on the system previously, but was removed a few months back. portmaster -l and pkg info don't list it as installed, but port audit shows: firefox-20.0,1. Where would portaudit be picking up these ports from? Is there anyway to reset its database? rm -R /var/db/portaudit/ then run portaudit -Fda -- Already tried that, but that data only contains the list of known vulnerabilities, not the installed ports/packages. Perhaps, its not using pkgng I discovered if I do a pkg info command I get the correct list of installed ports and packages. If I do a pkg_info I get a much larger list showing everything as corrupted. ... pkg_info: the package info for package 'fftw3-3.3.3_1' is corrupt pkg_info: the package info for package 'filelight-4.10.1' is corrupt pkg_info: the package info for package 'firefox-20.0,1' is corrupt pkg_info: the package info for package 'fixesproto-5.0' is corrupt pkg_info: the package info for package 'flac-1.2.1_3' is corrupt pkg_info: the package info for package 'flex-2.5.37_1' is corrupt ... Of course I have WITH_PKGNG=YES in the make.conf, and I believe that has been there ever since the server was built. Is my best option to get the correct list from pkg info use rm -r /var/db/pkg/* to clear everything out and then reinstall all of the ports? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to Fix Port Audit showing ports not installed on a system
On 08/06/2013 2:55 pm, Matthew Seaman wrote: On 06/08/2013 19:23, dweimer wrote: Of course I have WITH_PKGNG=YES in the make.conf, and I believe that has been there ever since the server was built. Is my best option to get the correct list from pkg info use rm -r /var/db/pkg/* to clear everything out and then reinstall all of the ports? If you've had WITH_PKGNG=YES ever since the server was built then you shouldn't have any of the old-style pkg_tools entries in /var/db/pkg. Unless, that is, you've been using pkg_add(1) directly. Don't do that. You just end up with a complete mess. Remember folks -- pkgng is like getting married. Once you go with pkgng, you're not meant to dally with other package tools, but to stay faithful to pkgng from henceforth. I hope you've got the old-style pkg_tools per-package subdirectories in /var/db/pkg because either (i) you used to use pkg_tools and you ran pkg2ng to convert or (ii) you've been using portmaster, in which case those sub-directories only /look/ like the result of what pkg_tools generates, but are really just a place for portmaster to stash a few things. If those sub-directories contain files called thing like +CONTENTS or +COMMENT or other names beginning with '+' then you do have a messed up mixture of old pkg_tools and pkgng. First: remove all the subdirectories but *not* local.sqlite or repo.sqlite -- those are rather important bits of pkgng. Then you can force a reinstall of all packages by pkg upgrade -f Obviusly, you'll need pkg(8) configured to use a repo with all the appropriate packages available. Cheers, Matthew Thanks for the info, I have never used pkg_add, everything has been installed via ports and portmaster, but it is possible that some ports were installed prior to having the with pkgng added in make.conf, and that something happened in the pk2ng conversion. I thought I had built this machine after I had been running with pkgng, but perhaps this one was built right as I was switching over to it. I had originally built this machine with Xorg and KDE to use virtual box GUI, and once I became comfortable with the commands, switched to vboxheadless and removed all the GUI components. Which is where all the extra ports that were removed came from. I have removed the sub directories, now portaudit doesn't show any vulnerabilities in non existent ports, pkg info displays the correct installed packages, and portmaster -l matches the installed ports that pkg info displays. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Dell Latitude E6520 Xorg Problems
Is anyone out there running FreeBSD on a Dell Latitude E6520? I am struggling to Xorg to start, doing the Xorg -configure I get number of created screens does not match number of detected devices I have tried with an external monitor attached and laptop closed, with external monitor attached and laptop open, and with no external monitor. All same results, I did remember to disable the Optimus feature in the bios, even tried enabling it, no change. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dell Latitude E6520 Xorg Problems
On 07/18/2013 9:18 am, Dean E. Weimer wrote: Success X is running after some more playing to verify what works and doesn't I will post back with full config, FYI I did have to re-enable Optimus after rebuilding with KMS. So far I still haven't been able to get the external monitor working, I have rebuilt the system using options KMS and NEW_XORG, in the make.conf, here is the full make.conf file. # Port Options WITH_OPENSSL_PORT=YES WRKDIRPREFIX=/var/ports PACKAGES=/var/ports/packages WITH_PKGNG=YES WITH_KMS=YES WITH_NEW_XORG=YES # Build Options NO_WERROR= WERROR= #${.CURDIR:M*/www/squid*} | \ # Use Clang instead of GCC .if target(index) | \ ${.CURDIR:M*/lang/gcc*} USE_GCC?=4.2 .endif .if !defined(USE_GCC) .if !defined(CC) || ${CC} == cc CC=clang .endif .if !defined(CXX) || ${CXX} == c++ CXX=clang++ .endif .if !defined(CPP) || ${CPP} == cpp CPP=clang-cpp .endif .endif # added by use.perl 2013-07-18 17:54:32 PERL_VERSION=5.16.3 Here is the content of /etc/X11/xorg.conf: Section ServerLayout Identifier X.org Configured Screen 0 Screen0 0 0 Screen 1 Screen1 LeftOf Screen0 InputDeviceMouse0 CorePointer InputDeviceKeyboard0 CoreKeyboard EndSection Section Files ModulePath /usr/local/lib/xorg/modules FontPath /usr/local/lib/X11/fonts/misc/ FontPath /usr/local/lib/X11/fonts/TTF/ FontPath /usr/local/lib/X11/fonts/OTF/ FontPath /usr/local/lib/X11/fonts/Type1/ FontPath /usr/local/lib/X11/fonts/100dpi/ FontPath /usr/local/lib/X11/fonts/75dpi/ EndSection Section Module Load extmod Load dri2 Load dbe Load dri Load record Load glx EndSection Section InputDevice Identifier Keyboard0 Driver kbd EndSection Section InputDevice Identifier Mouse0 Driver mouse Option Protocol auto Option Device /dev/sysmouse Option ZAxisMapping 4 5 6 7 EndSection Section Monitor Identifier Monitor0 VendorName Monitor Vendor ModelNameMonitor Model EndSection Section Monitor Identifier Monitor1 VendorName Monitor Vendor ModelNameMonitor Model EndSection Section Device ### Available Driver options are:- ### Values: i: integer, f: float, bool: True/False, ### string: String, freq: f Hz/kHz/MHz, ### percent: f% ### [arg]: arg optional #Option SWcursor # [bool] #Option HWcursor # [bool] #Option NoAccel # [bool] #Option ShadowFB # [bool] #Option UseFBDev # [bool] #Option Rotate# [str] #Option VideoKey # i #Option FlatPanel # [bool] #Option FPDither # [bool] #Option CrtcNumber# i #Option FPScale # [bool] #Option FPTweak # i #Option DualHead # [bool] Identifier Card0 Driver nv BusID PCI:1:0:0 EndSection Section Device ### Available Driver options are:- ### Values: i: integer, f: float, bool: True/False, ### string: String, freq: f Hz/kHz/MHz, ### percent: f% ### [arg]: arg optional #Option NoAccel # [bool] #Option AccelMethod # str #Option Backlight # str #Option DRI # str #Option ColorKey # i #Option VideoKey # i #Option Tiling# [bool] #Option LinearFramebuffer # [bool] #Option SwapbuffersWait # [bool] #Option TripleBuffer # [bool] #Option XvPreferOverlay # [bool] #Option HotPlug # [bool] #Option RelaxedFencing# [bool] #Option XvMC # [bool] #Option ZaphodHeads # str #Option TearFree # [bool] #Option PerCrtcPixmaps# [bool] #Option FallbackDebug # [bool] #Option DebugFlushBatches # [bool] #Option DebugFlushCaches # [bool] #Option DebugWait # [bool] #Option BufferCache # [bool] Identifier Card1 Driver intel BusID PCI:0:2:0 EndSection Section Screen Identifier Screen0 Device Card1 MonitorMonitor0 SubSection Display Viewport 0 0
Problems Installing /usr/ports/devel/pear
Is anyone else having problems installing pear with PHP 5.5? Or do I just have a misconfiguration on my system that is causing the install process to look at my /tmp directory. My ports tree is updated to svn revision 322502, and the system is running FreeBSD 9.1p4, so everything is up to date prior to this install. root@webmail:/usr/ports/devel/pear # make === pear-1.9.4_1 depends on file: /usr/local/sbin/pkg - found === Fetching all distfiles required by pear-1.9.4_1 for building === Extracting for pear-1.9.4_1 = SHA256 Checksum OK for pear-1.9.4.tar.bz2. === Patching for pear-1.9.4_1 === Applying FreeBSD patches for pear-1.9.4_1 === pear-1.9.4_1 depends on file: /usr/local/include/php/main/php.h - found === pear-1.9.4_1 depends on file: /usr/local/lib/php/20121212/xml.so - found === Configuring for pear-1.9.4_1 root@webmail:/usr/ports/devel/pear # make install === Installing for pear-1.9.4_1 === pear-1.9.4_1 depends on file: /usr/local/include/php/main/php.h - found === pear-1.9.4_1 depends on file: /usr/local/lib/php/20121212/xml.so - found === Generating temporary packing list === Checking if devel/pear already installed Bootstrapping Installer... Bootstrapping PEAR.php(local) ok Bootstrapping Archive/Tar.php(local) ok Bootstrapping Console/Getopt.php(local) ok Strict Standards: Non-static method PEAR::setErrorHandling() should not be called statically in /var/ports/usr/ports/devel/pear/work/pear-1.9.4/go-pear on line 689 Extracting installer.. Using local package: PEAR. Warning: file_exists() expects parameter 1 to be a valid path, string given in /tmp/pear/Archive/Tar.php on line 1582 Error while opening {/tmp/pear/package2.xml} in write binary mode sed: /usr/local/share/pear/peclcmd.php: No such file or directory *** [do-install] Error code 1 Stop in /usr/ports/devel/pear -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: /etc/jail.conf for automatically started jails listed in /etc/rc.conf
On 05/14/2013 8:20 am, Joe wrote: David Demelier wrote: 2013/5/14 Joe fb...@a1poweruser.com: David Demelier wrote: Le lundi 13 mai 2013 16:32:01 Joe a écrit : David Demelier wrote: Hello dear, Does jail.conf(5) does not work for jails listed in the rc.conf ? I've added in /etc/jail.conf: foo { hostname=Foo; path=/jails/foo; allow.sysvipc=1; } And in /etc/rc.conf only foo in the jail_list parameter, but when I try to start the jail it still complain about missing hostname. Regards, There are 2 methods for configuring jails. The legacy method which you put the jail config statements in the hosts /etc/rc.conf file and start and stop control is done by the hosts /etc/rc.d/jail script at boot time. The jail(8) method which has it's own jail config statements in the hosts /etc/jail.conf file and uses the jail(8) program for starting and stopping. You can create a jail.conf file for each jail(8) and start it using jail -c -f /etc/jailname.jail.conf and stop by issuing jail -f /etc/jailname.jail.conf -r jailname You can not mix the 2 methods. My real problem is that I wanted to add allow.sysvipc only for *one* jail and I can't find a real solution by jail_* flags in /etc/rc.conf There is jail_allow_sysvipc but it enable it for all jails. The jail(8) method does have a allow_sysvipc on a per jail basis. To use it you have to use the jail(8) method. The 9.1-RELEASE legacy method is a work in process to incorporate the jail(8) parameters into the rc.conf config statements. About the allow_sysvipc parameter, this breaks the security the jail is designed to provide and should NOT be used on any jails having public internet access. What are you trying to do that you think you need to use the allow_sysvipc parameter? PostgreSQL, usually I install it on the host instead of jails, but I needed a second instance on a different port for a public access.. Regards, -- Demelier David That all sounds logical and is what jails are designed to do. Why would running PostgreSQL in a jail need sysvipc? Have you tried it? Did you get some PostgreSQL error? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I can confirm that PostgreSQL will not run in a jail without sysvipc enabled, I just setup a jail running PostgreSQL a few weeks ago and had to do that as well. PostgreSQL will not start without it enabled, though perhaps there is some setting change in PostgreSQL that will make it not require this. In my case its the only jail, and I am the only user with access to both the base system and the jail so I wasn't to concerned about it allowing more access to the base system from the jail. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: small fanless mini-pc for home router/firewall?
On 05/08/2013 9:10 am, firm...@gmail.com wrote: What is the best option out there for a mini-pc to run FreeBSD as a home router/firewall? (needs to have 2 nic's) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org You might want to look at the pfSense project, works great for this use, Embedded FreeBSD with Web configuration. http://www.pfsense.org they have a hardware page on the website with links to vendors where you can get some complete kits and do it your self assembly and installation for around $200 (using PC Engines Alix Boards), or for a little more pre-assembled, and installed systems. I have been running it at my house and 3 installations at work for well over a year, on the Alix platforms. Performance and stability have been great, though the Alix platform does lack memory and processor for doing much more than routing/dhcp/firewall/ipsec. I used one of the do it your-self kits at my house, and used pre-assembled and installed setups for work, big difference is writing the image to the compact flash yourself. Assembly is so simple it might as well not be called assembly. If you are wanting IPSEC do pay attention though to the throughput on the Alix systems, and what you have available on your bandwidth, the same would likely go for any of the low boarded fan less systems, they should all handle routing/firewall just fine for whatever bandwidth you likely have but once you starting getting into 15Mbits and up these smaller boards will likely struggle with IPSEC. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Virtual Box service vboxheadless shutdown problems.
I have recently setup a FreeBSD server to run virtual box, and a couple of FreeBSD jails. Performance is running great, but upon getting my UPS setup with NUT, and running some reboot tests to verify that everything is shutting down and starting up properly I ran into an issue. The /usr/local/etc/rc.d/vboxheadless script is not shutting down the VM properly, which in turn is causing other services to not stop properly. I have set the following options in my rc.conf file vboxnet_enable=YES vboxheadless_enable=YES vboxheadless_machines=HomeServer vboxheadless_user=dweimer vboxheadless_stop=acpipowerbutton vboxheadless_delay=0 issuing service vboxheadless stop, does correctly shutdown the VM cleanly, and of course service vboxheadless start starts everything OK. But when running a shutdown command the shutdown process hangs, until it gets a 90 sec watchdog timeout on the vboxheadless stop command. The VNC console to the VM, never shows any attempt for the VM to shutdown. The windows VM, also doesn't show any events in the log as if it tried to shutdown. Has anyone else ran into this? Or have any idea what to check to find out more information as to what is happening to stop the shutdown process from running correctly? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Virtual Box on FreeBSD Server
On 04/19/2013 7:37 am, Bill Tillman wrote: I've been looking into setting up some Linux servers but instead I'm thinking that I could use Virtual Box on my FreeBSD servers to do this. I would like some seasoned advice from others on the following before proceeding: 1. As I understand it you can install Virtual Box from the ports collection. But then I see the instructions in the Handbook: To launch VirtualBox, type from a Xorg session: % VirtualBox So am I to assume the only way to run Virtual Box is to have Xorg installed and running on the FreeBSD server? Which is a drag because my current FreeBSD servers are exactly that, servers, and do not have the fancy video cards, monitors, etc.. to run Xorg. Is there an alternative to running the interface from Xorg. I'm a command line fanatic when it comes to servers. Or would I be able to install Xvnc or something like that and run it from one of my Windows 7 machines which has all the fancy video capabilities? 2. Once installed, I will be able to install something like Fedora or openSUSE? These will only be installed as server so I can run databases like MySQL in the Linux environment. The client I'm working for insists on using SUSE...no FreeBSD allowed. They think it's poison and are very biased on this so there's no talking them out of it. I need to gain experience using these databases on Linux, not FreeBSD. 3. I'm going to buy a 1 TB SATA drive for this setup. It will be running on an AMD64 server with FreeBSD 9.x or whatever is the latest release as of this weekend. 4. There is also a Plan 'B' to go the other way. Since I already have two i7 machines running Windows 7, perhaps it might be better to install the Windows version of Virtual Box or even VMWare and create my instances of Linux on one or even both of these machines. Any advice would be appreciated. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I just setup a FreeBSD 9.1p2 server to run Virtual Box myself, you don't need X, you can launch machines with VBoxHeadless --startvm VM NAME. (using VNC to connect to the consoles of them) Creating and configuring them takes a bit more, and as I am only on the second day of getting this figured out, I am not the best person to go more into detail. I actually created my vms on windows moved them over to FreeBSD the server to run them. It can all be done command line, just takes a while to learn. I am running mine on a AMD Phenom(tm) II X6 1075T Processor, with 16G ram, so far I have had three VMs running at once, two FreeBSD 9.1p2 and one windows 2008r2, 3G ram assigned to each. Performance so far has been great, I will have it down to one VM in a few days, as I will convert the two FreeBSD VMs into jails, and just be left with the windows 2008r2 vm. the disks in my system are 2 Sata3 1TB volumes, with FreeBSD host installed on ZFS in mirrored zpool. Also running the 2 FreeBSD VMs from this mirror as well, and the sytem drive of the Windows server. The Windows server has a second data drive, that is mounted off 4 500MB SATA2 drives in a zfs raidz. Disk performance is better than what I had testing this setup on Windows 7 with Virtual box, using a hardware raid 10 on the 500MB drives and hardware mirror on the 1TB drives. I intend to migrate the windows data drive from a virtual disk to an iSCSI disk pointed to the same 500MB raidz once I get the FreeBSD iSCSI target setup figured out. This should hopefully get a little more speed out of the setup. Unfortunately as this setup is still in its early stages, I can't attest to how stable it will be. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD on VMware ESXi with PCI Pass Through enabled
Just curious if anyone has any good recommendations of settings for running FreeBSD under VMware ESXi 5.1 with PCI(e) pass through enabled. I have been doing some initial testing with a new motherboard processor and RAM. That I am hoping to be able to run 3 Servers on. The intended virtual machines for the setup. 1.) A FreeBSD system to run Bacula, which will require PCI pass through for an eSATA drive dock so backups volumes can be Rotated. 2.) A FreeBSD system to host my web/email server, no pass through required. 3.) A FreeNAS box host SMB shares and iSCSI, will use a PCI pass through to allow direct access to 4 Hard drives, attached to a separate SATA controller. Current Hardware Information: eSATA Controller for backups: Koutech IO-PESA111 PCI Express SATA II (3.0Gb/s) - uses Silicon Image 3132 Chipset System Board: ASUS F2A85-M PRO FM2 AMD A85X (Hudson D4) CPU: AMD A10-5800K Trinity 3.8GHz (4.2GHz Turbo) Socket FM2 100W Quad-Core Desktop APU (CPU + GPU) RAM: CORSAIR Vengeance 16GB (4 x 4GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800) I still need to add an additional controller SATA controller for the FreeNAS VM, but so far testing with a new machine built for the Bacula install has only been consistently able to trigger a complete core dump and crash of the ESXi host machine, sometimes at boot of the VM with PCI pass through, sometimes not until a load has been applied to the external hard drive on the Pass through SATA controller. I have tried the following things to fix this that I have come across while searching for help. Added the following to /boot/loader.conf: hw.pci.enable_msi=0 hw.pci.enable_msix=0 Added the following to the Vmware Virtual Machine Configuration: pciPassthru0.msiEnabled = FALSE -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD Squid 3.2 Reverse Proxy with HTTPS
I am stuck in a kind of desperate situation, I have been managing several FreeBSD systems as forward proxy servers with Squid on them for 13 years, and a few with reverse proxies for around 4 years. But for the last few months, I have been struggling with HTTPS uploads failing on the reverse proxies. I have personally built and destroyed over 20 virtual machines, and spent countless hours on this. Every time duplicating the problem, no matter how basic I strip the process down, I have tried FreeBSD 8.3, 9.0, 9.1, with Squid 3.2.6, 3.2.7, 3.2.8, and a couple different versions of the Squid 3.1 port. Everything installs without errors, services all start, pages load all looks great, until you try to do a POST on HTTPS. I thought at first it was just when the size was over a certain amount, but that turned out to be a wrong assumption. I have a test scenario that can duplicate the problem with exact same results every time. In the end my test is just simple HTML form that submits a file to a PHP script that saves it. I have a directory of 7 .png image files that are screenshots from some documentation I wrote for our PC support desk. 3 of the files upload successfully, and 4 of them fail. Its the same 3 and 4 every time, I can't find any thing in common between that ones that succeed and fail. They will all work if you use http going to the same exact HTML form and PHP script. If I remove Squid and go directly to the Apache process using HTTPS all files upload fine. After a lot of debugging, and painstakingly reading very long Squid debugging logs. I found out that Squid appears to continue waiting for the end of the file after the client browser has stopped sending data, for almost 5 minutes, before just returning complete, and not actually submitting the file to the Apache process. If you actually stop the browser while its sitting there waiting for a response, the file gets submitted to Apache process and saves successfully. I have a couple existing production servers that are running 9.0, with Squid 3.1.21, that are working, but I am in desperate need of updating them to meet requirements. I have posted several messages to the Squid mailing list, received some initial suggestions that didn't get anywhere, but I haven't been able to get any more help. I am hoping to find someone else out there that is running FreeBSD with Squid in a Reverse proxy setup with HTTPS that has not ran into this issue and is willing to share configurations with me, so I can possibly find out what's wrong with my setup. Or if you have also ran into this issue, perhaps we can share notes and possibly find something to will make it possible to file a bug report somewhere. Even though I can reproduce this without fail none of my debugging output actually gives an error, it just doesn't behave correctly. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SPAM: Re: ZFS root, error 2 when mounting root
On 02/25/2013 10:00 am, bw wrote: That was my understanding, too, but the instructions on the wiki say there's no need to copy the cache file. In fact, there is no cache file to copy, since the pool is created with zpool create -o altroot=/mnt -O canmount=off zroot mirror /dev/gpt/g0zfs /dev/gpt/g1zfs No cache file. The wiki article was changed recently to eliminate that part, the message on the wiki is: Fix so that the default instructions does not install data directly to the zroot pool. Simplify instructions regarding cache files, they are no longer needed. Fixes and cleanups. Either the instructions are wrong, or something in my script is. I assume it's my script. The instructions noted above are now INCORRECT for 9.0 (I have not tried this with 9.1 yet) as you MUST manually put the zpool.cache file in place for it to work correctly (I tried a couple different variations when I first setup my systems a few months ago and learned this the hard way :-) I have *lost* of experience with ZFS under Solaris 10 but am relatively new (about a year) to FreeBSD. I tried it on 9.1, failed to specify. There is a change coming down through the stable or current channel, that doesn't require the zpool.cache file. But I don't believe that it has made it's to any of the releases. I haven't been able to track down the original message yet, but here is some of the relevant text from a reply on the freebsd-stable mailing list, the subject of the thread is [HEADSUP] zfs root pool mounting, if you chose to search for it on your own. on 28/11/2012 20:35 Andriy Gapon said the following: Recently some changes were made to how a root pool is opened for root filesystem mounting. Previously the root pool had to be present in zpool.cache. Now it is automatically discovered by probing available GEOM providers. The new scheme is believed to be more flexible. For example, it allows to prepare a new root pool at one system, then export it and then boot from it on a new system without doing any extra/magical steps with zpool.cache. It could also be convenient after zpool split and in some other situations. The change was introduced via multiple commits, the latest relevant revision in head is r243502. The changes are partially MFC-ed, the remaining parts are scheduled to be MFC-ed soon. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Can anyone direct me to some information about what WITHOUT_PROFILE=YES actually means.
I have ran into a recent issue, after a lot of trouble shooting I have narrowed it down to something in my /etc/src.conf the full file just has: WITHOUT_BIND=YES WITHOUT_NTP=YES WITHOUT_FLOPPY=YES WITHOUT_FREEBSD_UPDATE=YES WITHOUT_PROFILE=YES Of course bind and ntp are added in by ports after the system is built, everything compiles, I have a very specific issue with one thing not working on an installed port, with no apparent error. To make a long story short though one of my build attempts, I forgot to copy the /etc/src.conf file to the new system. And well the problem was gone, when I discovered that's what I did differently, I commented out all lines on a different system rebuilt and installed, sure enough it worked. Looking at the src.conf options that I was using, I can't see how any option other than the WITHOUT_PROFILE could possibly be causing the problem. Though I am in the process of building systems with different options removed in an attempt to find out for sure. The WITHOUT_PROFILE was added from a help document I read some time ago about upgrading from source, and hasn't caused any problems before now. I know it instructs the build process to avoid compiling profiled libraries. But my searching hasn't been able to lead me to what the difference is between a profiled and non-profiled library is. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: geli overhead?
On 02/04/2013 2:56 pm, mhca12 wrote: Is there some overhead associated with the geli setup as described earlier? $ df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/ada0p3.eli127G6.9G119G 5%/ devfs 1.0k1.0k 0B 100%/dev /dev/gpt/boot 991M339M642M35%/bootdir $ gpart show = 34 312581741 ada0 GPT (149G) 34128 1 freebsd-boot (64k) 1622097152 2 freebsd-ufs (1.0G) 2097314 310484461 3 freebsd-ufs (148G) Where did 21G from the 148G go? As suggested in dan.me.uk geli install guide I used geli init -a HMAC/SHA256 and also ran dd if=/dev/zero of=/dev/gpt/enc.eli across the eli volume. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Did you use the -a option when doing the geli init? -a aalgoEnable data integrity verification (authenti- cation) using the given algorithm. This will reduce size of available storage and also reduce speed. For example, when using 4096 bytes sector and HMAC/SHA256 algorithm, 89% of the original provider storage will be avail- able for use. Currently supported algorithms are: HMAC/MD5, HMAC/SHA1, HMAC/RIPEMD160, HMAC/SHA256, HMAC/SHA384 and HMAC/SHA512. If the option is not given, there will be no authentication, only encryption. The recom- mended algorithm is HMAC/SHA256. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Can anyone direct me to some information about what WITHOUT_PROFILE=YES actually means.
On 02/04/2013 3:25 pm, Michael Powell wrote: dweimer wrote: I have ran into a recent issue, after a lot of trouble shooting I have narrowed it down to something in my /etc/src.conf the full file just has: WITHOUT_BIND=YES WITHOUT_NTP=YES WITHOUT_FLOPPY=YES WITHOUT_FREEBSD_UPDATE=YES WITHOUT_PROFILE=YES Of course bind and ntp are added in by ports after the system is built, everything compiles, I have a very specific issue with one thing not working on an installed port, with no apparent error. To make a long story short though one of my build attempts, I forgot to copy the /etc/src.conf file to the new system. And well the problem was gone, when I discovered that's what I did differently, I commented out all lines on a different system rebuilt and installed, sure enough it worked. Looking at the src.conf options that I was using, I can't see how any option other than the WITHOUT_PROFILE could possibly be causing the problem. Though I am in the process of building systems with different options removed in an attempt to find out for sure. The WITHOUT_PROFILE was added from a help document I read some time ago about upgrading from source, and hasn't caused any problems before now. I know it instructs the build process to avoid compiling profiled libraries. But my searching hasn't been able to lead me to what the difference is between a profiled and non-profiled library is. I'm not a code hacker, so take with pinch of salt. In the man page for src.conf it declares that variable values would be ignored, and of course I missed that. While I have WITHOUT_PROFILE= true in my src.conf, the correct use is simply WITHOUT_PROFILE by itself. Since I have never experienced any form of difficulty perhaps the difference here is the quotation marks. Maybe something is malfunctioning from the . See if removing these helps? Also, from what I understand what's in src.conf should only apply to building the system, e.g code located under /usr/src. I've always taken this to mean it should not apply to building anything in ports. My limited understanding is that when you build profiled code you are inserting a little extra debug code which is utilized to measure the time spent within internal structures, such as functions and other sub-routines. Not that I even know how such info would get extracted at runtime, programmers use this to look for areas within their code that hog resources time-wise and zero in on those to concentrate on makeing more efficient/faster. -Mike if I remember right, from information about src.conf, I believe that WITHOUT_PROFILE WITHOUT_PROFILE= WITHOUT_PROFILE=true WITHOUT_PROFILE=YES ... are all functionally equivalent as it does ignore the rest, though I could be wrong and this could be my problem. I do know for sure that the WIHTOUT_BIND, WITHOUT_NTP, are working correctly as they are gone form the system, prior to me installing the versions from ports after the build/install world. Yes this does apply only to system. With the above options buildworld / buildkernel / install kernel / install world/ mergemaster / reinstall all ports, I have my problem. Remove all options, repeat no problem. Remove just WITHOUT_PROFILE repeat again, problem is back. So I was wrong as to that line being the cause, at least by itself. I did a lot of initial testing with port option changes, and changes to make.conf on my system, thought maybe it was clang, etc. Didn't get anywhere, the system is running on a ZFS boot partition, and as a last effort I tried on UFS. It worked, but I also realized I forgot the src.conf settings. I copied my ZFS systems boot environment and rebuilt without src.conf, it now works as well. Currently doing a fresh install on ZFS to build from ground up with the same process used originally, except without the src.conf and confirm I can repeat its success. Then I can do some more testing with adding options back into the src.conf to try and narrow down which of those options is causing the problem. If I can figure out which one, or combination of them is the cause, then I will hopefully have something that can lead to someone with more knowledge than I have being able to discover why its having the problem. The port doesn't fail to compile it installs fine, and 99.5% of it runs perfect, just one little thing that I need to work hangs up for about 5 minutes, before timing out, but doesn't log an error, even with insanely verbose debugging, it acts as if it completed but it didn't. I posted another message about the specific problem several days ago, before I had it figured out to be caused somehow by something in the src.conf file. I am trying to run Squid (version 3.2.6 is the current port) in reverse proxy, the problem is only when doing a post via HTTPS above a certain size, somewhere between 2k and 3.2k is where it begins. -- Thanks, Dean E. Weimer http://www.dweimer.net
Re: Locking USB Serial Device to Specific Com port
On 2013-01-26 16:40, Shane Ambler wrote: On 27/01/2013 08:15, dweimer wrote: I would like to lock down the USB serial port adapter used on the UPS to /dev/cuaU0, to make sure the UPS is always monitored and I will get a clean shutdown in event of a power failure. I believe that this requires setting a hint line of some sort in the /boot/loader.conf file, but I am having trouble tracking down what this should be, or maybe I am on the wrong track. Here is the current information from the adpapters, the UPS adapter was connected at boot, is on /dev/cuaU0, the other one was plugged in after boot, and is on /dev/cuaU1. start with man devd.conf You can add your own devd files in /usr/local/etc/devd/ Something along the lines of - attach 200 { device-name cuaU[0-9]+; match vendor 0x067b; match product 0x2303; action sleep 2; cd /dev; ln -s ${device-name} upsmonitor; }; use usbconfig to get info. I am thinking with the similarity of the two you may need to rely on bus and hubaddr or devaddr to keep each device identified by usb port location. OK, so I was looking in the wrong direction, which might explain why my searching wasn't finding anything. However I might still be out of luck, after doing some checking, and a reboot the only difference I can find is below. dev.uplcom.0.%location: bus=1 hubaddr=1 port=0 devaddr=2 interface=0 dev.uplcom.1.%location: bus=1 hubaddr=3 port=0 devaddr=3 interface=0 The devices have switch at this point, all info from usbconfig, dmesg, looks identical, these two lines from the sysctl -a | grep uplcom output is all that changed, the hubaddr=1 and hubaddr=3 have switched, however the man devd.conf has a variable list, to use, and doesn't seem to have an option to match agains that hubaddr variable. Variable Description bus Device name of parent bus. cdev Device node path if one is created by the devfs(5) filesys- tem. cisproductCIS-product. cisvendor CIS-vendor. class Device class. deviceDevice ID. devclass Device Class (USB) devsubclass Device Sub-class (USB) device-name Name of attached/detached device. endpoints Endpoint count (USB) function Card functions. interface Interface ID (USB) intclass Interface Class (USB) intprotocol Interface Protocol (USB) intsubclass Interface Sub-class (USB) manufacturer Manufacturer ID (pccard). mode Peripheral mode (USB) notifyMatch the value of the ``notify'' variable. parentParent device port Hub port number (USB) product Product ID (pccard/USB). release Hardware revision (USB) sernumSerial Number (USB). slot Card slot. subvendor Sub-vendor ID. subdevice Sub-device ID. subsystem Matches a subsystem of a system, see below. systemMatches a system type, see below. type Type of notification, see below. vendorVendor ID. But the action line above does give me an idea though, I should be able to write a script to run at startup to find the line, and create the link to the device. The only one I care about is the UPS monitor, as the other is only occasionally used, and I can easily check which com port its on before connecting to it. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Locking USB Serial Device to Specific Com port
On 2013-01-27 08:48, dweimer wrote: On 2013-01-26 16:40, Shane Ambler wrote: On 27/01/2013 08:15, dweimer wrote: I would like to lock down the USB serial port adapter used on the UPS to /dev/cuaU0, to make sure the UPS is always monitored and I will get a clean shutdown in event of a power failure. I believe that this requires setting a hint line of some sort in the /boot/loader.conf file, but I am having trouble tracking down what this should be, or maybe I am on the wrong track. Here is the current information from the adpapters, the UPS adapter was connected at boot, is on /dev/cuaU0, the other one was plugged in after boot, and is on /dev/cuaU1. start with man devd.conf You can add your own devd files in /usr/local/etc/devd/ Something along the lines of - attach 200 { device-name cuaU[0-9]+; match vendor 0x067b; match product 0x2303; action sleep 2; cd /dev; ln -s ${device-name} upsmonitor; }; use usbconfig to get info. I am thinking with the similarity of the two you may need to rely on bus and hubaddr or devaddr to keep each device identified by usb port location. OK, so I was looking in the wrong direction, which might explain why my searching wasn't finding anything. However I might still be out of luck, after doing some checking, and a reboot the only difference I can find is below. dev.uplcom.0.%location: bus=1 hubaddr=1 port=0 devaddr=2 interface=0 dev.uplcom.1.%location: bus=1 hubaddr=3 port=0 devaddr=3 interface=0 The devices have switch at this point, all info from usbconfig, dmesg, looks identical, these two lines from the sysctl -a | grep uplcom output is all that changed, the hubaddr=1 and hubaddr=3 have switched, however the man devd.conf has a variable list, to use, and doesn't seem to have an option to match agains that hubaddr variable. Variable Description bus Device name of parent bus. cdev Device node path if one is created by the devfs(5) filesys- tem. cisproductCIS-product. cisvendor CIS-vendor. class Device class. deviceDevice ID. devclass Device Class (USB) devsubclass Device Sub-class (USB) device-name Name of attached/detached device. endpoints Endpoint count (USB) function Card functions. interface Interface ID (USB) intclass Interface Class (USB) intprotocol Interface Protocol (USB) intsubclass Interface Sub-class (USB) manufacturer Manufacturer ID (pccard). mode Peripheral mode (USB) notifyMatch the value of the ``notify'' variable. parentParent device port Hub port number (USB) product Product ID (pccard/USB). release Hardware revision (USB) sernumSerial Number (USB). slot Card slot. subvendor Sub-vendor ID. subdevice Sub-device ID. subsystem Matches a subsystem of a system, see below. systemMatches a system type, see below. type Type of notification, see below. vendorVendor ID. But the action line above does give me an idea though, I should be able to write a script to run at startup to find the line, and create the link to the device. The only one I care about is the UPS monitor, as the other is only occasionally used, and I can easily check which com port its on before connecting to it. This probably wouldn't work for anyone else, but here is my solution in case it does help someone else. Created a new script in /usr/local/etc/rc.d/nutusblink #!/bin/sh # PROVIDE: NUTUSBLINK # REQUIRE: NETWORKING # BEFORE: nut # KEYWORD: shutdown . /etc/rc.subr name=nutusblink start_cmd=nutusblink_start stop_cmd=nutusblink_stop rcvar=nutusblink_enable find_comport() { grepstring='uplcom.*hubaddr='${nutusblink_hubaddr} comnum=`sysctl -a | grep ${grepstring} | awk '{print $1}' | awk -F . '{print $3}'` } nutusblink_start() { find_comport echo echo ...Creating USB Serial Adapter Comport Link for NUT UPS Monitoring... ln -s /dev/cuaU${comnum} /dev/${nutusblink_link} echo/dev/${nutusblink_link} Linked to /dev/cuaU${comnum} echo } nutusblink_stop() { find_comport echo echo ...Removing USB Serial Adapter Comport Link for NUT UPS Monitoring... rm /dev/${nutusblink_link} echo/dev/${nutusblink_link} No longer linked to /dev/cuaU${comnum} echo } load_rc_config $name : ${nutusblink_enable=NO} : ${nutusblink_hubaddr=} : ${nutusblink_link=} run_rc_command $1 Added these lines to /etc/rc.conf # Create NUT USB Link nutusblink_enable=YES nutusblink_hubaddr=3 nutusblink_link=nutusblink End Result, I now have a link /dev/nutusblink pointed at /dev/cuaU#, where # is the correct port number. I have tested on a couple of reboots, and configured NUT to use the link instead of the actual com port. Using the BEFORE: nut in the script ensures that it gets ran
Re: Locking USB Serial Device to Specific Com port
On 2013-01-27 09:29, Warren Block wrote: On Sun, 27 Jan 2013, dweimer wrote: On 2013-01-26 16:40, Shane Ambler wrote: On 27/01/2013 08:15, dweimer wrote: I would like to lock down the USB serial port adapter used on the UPS to /dev/cuaU0, to make sure the UPS is always monitored and I will get a clean shutdown in event of a power failure. I believe that this requires setting a hint line of some sort in the /boot/loader.conf file, but I am having trouble tracking down what this should be, or maybe I am on the wrong track. Here is the current information from the adpapters, the UPS adapter was connected at boot, is on /dev/cuaU0, the other one was plugged in after boot, and is on /dev/cuaU1. start with man devd.conf You can add your own devd files in /usr/local/etc/devd/ Something along the lines of - attach 200 { device-name cuaU[0-9]+; match vendor 0x067b; match product 0x2303; action sleep 2; cd /dev; ln -s ${device-name} upsmonitor; }; use usbconfig to get info. I am thinking with the similarity of the two you may need to rely on bus and hubaddr or devaddr to keep each device identified by usb port location. OK, so I was looking in the wrong direction, which might explain why my searching wasn't finding anything. However I might still be out of luck, after doing some checking, and a reboot the only difference I can find is below. dev.uplcom.0.%location: bus=1 hubaddr=1 port=0 devaddr=2 interface=0 dev.uplcom.1.%location: bus=1 hubaddr=3 port=0 devaddr=3 interface=0 usbconfig may be able to get the device serial number, although they may not be unique. Jamming useful scripts inside an action can be complicated. It may be easier to just trigger an external script. That's just it, can't get usbconfig to give me anything different between the two, they don't appear to have a serial number set on them. # usbconfig -d ugen0.2 dump_device_desc ugen0.2: USB-Serial Controller Prolific Technology Inc. at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON bLength = 0x0012 bDescriptorType = 0x0001 bcdUSB = 0x0110 bDeviceClass = 0x bDeviceSubClass = 0x bDeviceProtocol = 0x bMaxPacketSize0 = 0x0040 idVendor = 0x067b idProduct = 0x2303 bcdDevice = 0x0300 iManufacturer = 0x0001 Prolific Technology Inc. iProduct = 0x0002 USB-Serial Controller iSerialNumber = 0x no string bNumConfigurations = 0x0001 # usbconfig -d ugen0.3 dump_device_desc ugen0.3: USB-Serial Controller Prolific Technology Inc. at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON bLength = 0x0012 bDescriptorType = 0x0001 bcdUSB = 0x0110 bDeviceClass = 0x bDeviceSubClass = 0x bDeviceProtocol = 0x bMaxPacketSize0 = 0x0040 idVendor = 0x067b idProduct = 0x2303 bcdDevice = 0x0300 iManufacturer = 0x0001 Prolific Technology Inc. iProduct = 0x0002 USB-Serial Controller iSerialNumber = 0x no string bNumConfigurations = 0x0001 -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Locking USB Serial Device to Specific Com port
I have two USB Serial adapters I use on my web server, ones always connected, to allow NUT to monitor my UPS. The other I use to view the console of my pfSense firewall, however I sometimes disconnect this one to use it with my laptop to configure switches. Because this one is unplugged and plugged back in, sometimes on reboot it ends up switching its com port with the UPS, so NUT fails to start and the UPS is unmonitored. I would like to lock down the USB serial port adapter used on the UPS to /dev/cuaU0, to make sure the UPS is always monitored and I will get a clean shutdown in event of a power failure. I believe that this requires setting a hint line of some sort in the /boot/loader.conf file, but I am having trouble tracking down what this should be, or maybe I am on the wrong track. Here is the current information from the adpapters, the UPS adapter was connected at boot, is on /dev/cuaU0, the other one was plugged in after boot, and is on /dev/cuaU1. dmesg output: ugen0.2: Prolific Technology Inc. at usbus0 uplcom0: Prolific Technology Inc. USB-Serial Controller, class 0/0, rev 1.10/3.00, addr 2 on usbus0 ugen0.3: Prolific Technology Inc. at usbus0 uplcom1: Prolific Technology Inc. USB-Serial Controller, class 0/0, rev 1.10/3.00, addr 3 on usbus0 sysctl -a | grep uplmon: device uplcom hw.usb.uplcom.debug: 0 dev.uplcom.0.%desc: Prolific Technology Inc. USB-Serial Controller, class 0/0, rev 1.10/3.00, addr 2 dev.uplcom.0.%driver: uplcom dev.uplcom.0.%location: bus=1 hubaddr=3 port=0 devaddr=2 interface=0 dev.uplcom.0.%pnpinfo: vendor=0x067b product=0x2303 devclass=0x00 devsubclass=0x00 sernum= release=0x0300 mode=host intclass=0xff intsubclass=0x00 intprotocol=0x00 ttyname=U0 ttyports=1 dev.uplcom.0.%parent: uhub0 dev.uplcom.0.ttyname: U0 dev.uplcom.0.ttyports: 1 dev.uplcom.1.%desc: Prolific Technology Inc. USB-Serial Controller, class 0/0, rev 1.10/3.00, addr 3 dev.uplcom.1.%driver: uplcom dev.uplcom.1.%location: bus=1 hubaddr=1 port=0 devaddr=3 interface=0 dev.uplcom.1.%pnpinfo: vendor=0x067b product=0x2303 devclass=0x00 devsubclass=0x00 sernum= release=0x0300 mode=host intclass=0xff intsubclass=0x00 intprotocol=0x00 ttyname=U1 ttyports=1 dev.uplcom.1.%parent: uhub0 dev.uplcom.1.ttyname: U1 dev.uplcom.1.ttyports: 1 Does anyone have any suggestions on how to do this? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Squid 3.2 Reverse Proxy Problems on FreeBSD
Is anyone running else running the Squid 3.2 branch on FreeBSD as a reverse proxy? Specifically using HTTPS and uploading data? The reason I ask, I have a server Running FreeBSD 9.0-p4 and Squid 3.1.21, all works I tried upgrading to a new server running FreeBSD 9.1 with Squid 3.2.6, thought everything was working, then we started getting complaints on to of the back end applications. Tracked the issue down to any submit forms on HTTPS, if somewhere between 2.2k and 3k it breaks, if the post is under that very small size instant success, if over that size the browser churns for a few minutes then returns a Bad Request Your browser sent a request that this server could not understand. On the Squid side there is a TCP_MISS_ABORTED log entry that gets logged. The problem doesn't show up on HTTP, I can upload large files, tested up to 50M. I just wanted to see if any one else is successfully doing this, maybe something specific to my server build and I just need to start over. Both servers have been built from source, both using clang, including ports, except on gcc, open-vm-tools, and squid. They are both running on the same cluster of ESX 4.1 servers. Other than the FreeBSD version and Squid version the other difference is ZFS used on the file system for the FreeBSD 9.1 and UFS used for the FreeBSD 9.0-p4. I have already started a thread on the Squid mailing list on the issue as well, but haven't gotten any help yet. But now that I have the production setup going through the old server again, I can do some more testing and enable debugging and possibly get some useful information as to whats happening. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zfs configuration
On 2013-01-21 09:50, Don Dugger wrote: Hi All, So I use zfs for the root file system. Works well. However now I want to move /tmp to ram-disk (memory disk or what ever). When I try to unmount /tmp with the zfs command of course it won't because its busy. With ufs I would just edit fstab and reboot what do I don with zfs?? Your best option is to reboot into single user mode, however if that's not possible, zfs umount -f will force it to unmount. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Syncing Two Dirs With Rsync
On 2013-01-10 12:57, Tim Daneliuk wrote: I have used rsync for many years to make sure a destination machine:directory is kept up-to-date with some source master directory. I now need to find a way to keep two different machine:dirs in sync with each other. But for any given file, I don't know which of these is newer so I don't know which way to sync. For example given: machineA::/dir/foo machineB:/dir/foo machineA::/dir/bar machineB:/dir/bar Say the machineA has the newest foo, but machineB has the newest bar. At the end of syncing, I want both machines to have the latest copies of everything. I'm guessing there's a way to do this with rsync but I'm kind of stumped. Ideas? Never tried it before, but I would think you could use the -u option to skip newer files, and do a push followed by a pull so that the newer files from each side get copied. However you wouldn't be able to use the delete files option as new files could get deleted instead of copied, depending on which side ran first. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: static ip address and ifconfig
On 2012-12-29 12:45, Fbsd8 wrote: Polytropon wrote: On Sat, 29 Dec 2012 13:05:30 -0500, Fbsd8 wrote: Mike Jeays wrote: On Sat, 29 Dec 2012 12:13:32 -0500 Fbsd8 fb...@a1poweruser.com wrote: I don't have static ip address so I can not find out for myself. Lets say I am a company that my ISP has assigned us 25 static ip address. When I issue the ifconfig command what will it show me? Just the single primary static ip address or all 25 of them in a list? Thanks ___ It will just show the one currently assigned. Try it - just bring up an xterm and type 'ifconfig' You don't have to be root, and you can't do any harm. em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 08:00:27:40:ca:a9 inet 10.0.2.15 netmask 0xff00 broadcast 10.0.2.255 # HERE IT IS media: Ethernet autoselect (1000baseT full-duplex) status: active Nope 10.0.2.15 is a private lan IP address, its not public routable. question has to be answered by some body who has multiple static public routable ip address assigned by their ISP. The presented example simply shows a typical ifconfig output. On the inet line, you can see the assigned IP addresses. As per definition, one interface can be assigned more than one IP address, and maybe those will show in the ifconfig output - however, this depends on your actual setup, for example when you have specific network gear that translates one or more static IP addresses into local addresses that are _then_ assigned to individual network interfaces. However, at my old location I had assigned one static IP address directly delivered to the NIC, and ifconfig did show exactly that address. Simply try ifconfig and show what it prints for YOU. Yes I understand all that, but lets go deeper into difference between static and dynamic ip address assigned by the ISP. For anyone being a professional company who wants permanent presents on the internet will pay extra fees for static ip address because static ip address never change and this is required for domain name registration. Dynamic ip address are normally assigned by the ISP for home users having dsl or tv cable internet connections. Dynamic ip address can change and if used for domain name registration the users FQDN will no longer point to the correct host. Now to return to the original question. Say I am a professional company and my ISP assigned me 25 static ip address. What will ifconfig show me on the interface facing the public internet? Just the single primary static ip address or all 25 of them in a list? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org It still all depends on your configuration, it won't look any different than a static private IP address shows when doing an ifconfig except it will be the public IP. Generally if you have a static IP you will have to set it manually, and it won't get it via DHCP. But I have worked with some DSL connections though that assigned the static IP through a DHCP reservation based on your modem/routers MAC address. However that would only work for a single IP. If you get 25, you can assign those with aliases to make a single server answer on the others as well, common for servers hosting multiple https web sites. Here's an example with Aliases, its from a LAN with private range, but would look no different except IPs if it was public range addresses. This is from my web/email server (the very one this message comes from), the secondary IP is for running jails, when testing upgrades. LAN: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 9000 options=209bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC ether 00:07:e9:09:be:4f inet 192.168.5.1 netmask 0xff00 broadcast 192.168.5.255 inet 192.168.5.21 netmask 0xff00 broadcast 192.168.5.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect (1000baseT full-duplex) status: active Here's an example from a public range, pulled this from my pfSense box, which is on a Cable Connection with a block of 5 static IP Addresses. vr1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=8280bRXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE ether 00:0d:b9:1c:78:2d inet 24.240.198.186 netmask 0xfff8 broadcast 24.240.198.191 inet6 fe80::20d:b9ff:fe1c:782d%vr1 prefixlen 64 scopeid 0x2 nd6 options=43PERFORMNUD,ACCEPT_RTADV media: Ethernet autoselect (100baseTX full-duplex) status: active There's just a single IP set, though it does relay connections on other IPs, using proxy
Re: ZFS info WAS: new backup server file system options
On 2012-12-21 11:28, Arthur Chance wrote: On 12/21/12 14:06, Paul Kraus wrote: On Dec 21, 2012, at 7:49 AM, yudi v wrote: I am building a new freebsd fileserver to use for backups, will be using 2 disk raid mirroring in a HP microserver n40l. I have gone through some of the documentation and would like to know what file systems to choose. According to the docs, ufs is suggested for the system partitions but someone on the freebsd irc channel suggested using zfs for the rootfs as well Are there any disadvantages of using zfs for the whole system rather than going with ufs for the system files and zfs for the user data? First a disclaimer, I have been working with Solaris since 1995 and managed lots of data under ZFS, I have only been working with FreeBSD for about the past 6 months. UFS is clearly very stable and solid, but to get redundancy you need to use a separate volume manager. Slight correction here - you don't need a volume manager (as I understand the term), you'd use the GEOM subsystem, specifically gmirror in this case. See man gmirror for details ZFS is a completely different way of thinking about managing storage (not just a filesystem). I prefer ZFS for a number of reasons: 1) End to end data integrity through checksums. With the advent of 1 TB plus drives, the uncorrectable error rate (typically 10^-14 or 10^-15) means that over the life of any drive you *are* now likely to run into uncorrectable errors. This means that traditional volume managers (which rely on the drive reporting an bad reads and writes) cannot detect these errors and bad data will be returned to the application. 2) Simplicity of management. Since the volume management and filesystem layers have been combined, you don't have to manage each separately. 3) Flexibility of storage. Once you build a zpool, the filesystems that reside on it share the storage of the entire zpool. This means you don't have to decide how much space to commit to a given filesystem at creation. It also means that all the filesystems residing in that one zpool share the performance of all the drives in that zpool. 4) Specific to booting off of a ZFS, if you move drives around (as I tend to do in at least one of my lab systems) the bootloader can still find the root filesystem under ZFS as it refers to it by zfs device name, not physical drive device name. Yes, you can tell the bootloader where to find root if you move it, but zfs does that automatically. 5) Zero performance penalty snapshots. The only cost to snapshots is the space necessary to hold the data. I have managed systems with over 100,000 snapshots. I am running two production, one lab, and a bunch of VBox VMs all with ZFS. The only issue I have seen is one I have also seen under Solaris with ZFS. Certain kinds of hardware layer faults will cause the zfs management tools (the zpool and zfs commands) to hang waiting on a blocking I/O that will never return. The data continuos to be available, you just can't manage the zfs infrastructure until the device issues are cleared. For example, if you remove a USB drive that hosts a mounted ZFS, then any attempt to manage that ZFS device will hang (zpool export -f zpool name hangs until a reboot). Previously I had been running (at home) a fileserver under OpenSolaris using ZFS and it saved my data when I had multiple drive failures. At a certain client we had a 45 TB configuration built on top of 120 750GB drives. We had multiple redundancy and could survive a complete failure of 2 of the 5 disk enclosures (yes, we tested this in pre-production). There are a number of good writeups on how setup a FreeBSD system to boot off of ZFS, I like this one the best http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/9.0-RELEASE , but I do the zpool/zfs configuration slightly differently (based on some hard learned lessons on Solaris). I am writing up my configuration (and why I do it this way), but it is not ready yet. Make sure you look at all the information here: http://wiki.freebsd.org/ZFS , keeping in mind that lots of it was written before FreeBSD 9. I would NOT use ZFS, especially for booting, prior to release 9 of FreeBSD. Some of the reason for this is the bugs that were fixed in zpool version 28 (included in release 9). I would agree with all that. My current system uses UFS filesystems for the base install, and ZFS with a raidz zpool for everything else, but that's only because I started using ZFS in REL 8.0 when it was just out of experimental status, and I didn't want to risk having an unbootable system. (That last paragraph suggests I was wise in that decision.) My next machine I'm specing out now will be pure ZFS so I get the boot environment stuff. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to
FreeBSD as an Access Point
Just wondering if anyone has used FreeBSD (or NanoBSD) on any small form factor broads such as PC Engines Alix, or similar hardware. And how well it has worked for them, and what hardware they used. I have been having a lot of performance issues with my home wireless, and am considering replacing the current APs early next year. I wanted something a little more flexible than the standard consumer AP, without spending the money for a high end Cisco AP (I do realize that the hardware will run me in the range of their low end APs). My early searching shows I should be able to get an Alix board, Wireless Card, and Antennas for around $300. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD as an Access Point
On 2012-12-21 19:55, Chris Hill wrote: On Fri, 21 Dec 2012, dweimer wrote: I have been having a lot of performance issues with my home wireless, and am considering replacing the current APs early next year. I wanted something a little more flexible than the standard consumer AP, without spending the money for a high end Cisco AP (I do realize that the hardware will run me in the range of their low end APs). My early searching shows I should be able to get an Alix board, Wireless Card, and Antennas for around $300. Not really an answer to the question, but maybe a solution to the problem... At my work we deploy a fair amount of wi-fi at clients' sites. The access points we like are Pakedge brand. These are solid, high-powered industrial-grade equipment, and in your price range. For what it's worth. I will look into those, currently running UniFi, worked out great at first, but struggling now, can only get 1-3Mbps download, yet 50-60Mbps upload. working with their support now via email ot hopefully resolve it, but looking into other options as well. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD as an Access Point
On 2012-12-21 16:19, Jason Taylor wrote: Maybe the pfSense project might have some useful info for you. http://doc.pfsense.org/index.php/Is_there_a_Compact_Flash,_embedded_hardware,_or_Soekris_or_ALIX_version_of_pfSense%3F On Fri, Dec 21, 2012 at 4:39 PM, Derek Funk dfu...@cox.net wrote: Not familiar with it my self but soekris http://search.yahoo.com/r/_** ylt=A0oGkkuf1tRQfAUASA5XNyoA;_**ylu=**X3oDMTE1aTNzamNlBHNlYwNzcgRwb3** MDMQRjb2xvA3NrMQR2dGlkA1JDRjAz**OF8yMzU-/SIG=117fj2pvu/EXP=** 1356154655/**http%3a//soekris.**com/http://search.yahoo.com/r/_ylt=A0oGkkuf1tRQfAUASA5XNyoA;_ylu=X3oDMTE1aTNzamNlBHNlYwNzcgRwb3MDMQRjb2xvA3NrMQR2dGlkA1JDRjAzOF8yMzU-/SIG=117fj2pvu/EXP=1356154655/**http%3a//soekris.com/ are embedded systems with BSD in mind. On 12/21/2012 3:12 PM, dweimer wrote: Just wondering if anyone has used FreeBSD (or NanoBSD) on any small form factor broads such as PC Engines Alix, or similar hardware. And how well it has worked for them, and what hardware they used. I have been having a lot of performance issues with my home wireless, and am considering replacing the current APs early next year. I wanted something a little more flexible than the standard consumer AP, without spending the money for a high end Cisco AP (I do realize that the hardware will run me in the range of their low end APs). My early searching shows I should be able to get an Alix board, Wireless Card, and Antennas for around $300. __**_ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/**mailman/listinfo/freebsd-**questionshttp://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-** unsubscr...@freebsd.org freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Probably should have been more clear, when I was asking about FreeBSD on something like Alix, left out the as an access point that I was thinking. I have a pfSense system running on an Alix board as my Router/Firewall, incredibly happy with it, but already using a Soekris VPN1411: Crypto accelerator in the miniPCI slot to help out with my IPSec tunnel to work. Otherwise I would just add a wireless card to test it out on that box. Definitely don't want wireless and router together long term though, as I like to be able to take one down without the other when doing upgrades. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Curious question about using zfs send -R and receive on FreeBSD
On 2012-12-19 07:01, Christopher J. Ruwe wrote: On Mon, 17 Dec 2012 16:00:06 -0600 dweimer dwei...@dweimer.net wrote: I recently migrated a machine that was built on a VM to physical hardware using the zfs send -R option against a snapshot of its root zfs setup. I went from smaller drives to larger, both using a mirrored zpool. However the devices were different, the device IDs on the VM were da0 and da1, the device IDs on the physical hardware were ada0 and ada1. I had used labels when creating the gpt layout to plan for this. And all worked great, in fact it was the fastest I have ever converted a virtual machine to a physical machine. After I finished though, I got curious, was it actually necessary for me to mount the new boot zfs partition while running on the live cd and copy the zpool.cache file I had created when creating the zpool or would have the existing cache file that would have been included in the zfs send contained the right information? As the zpool was pointed at the gpt label devices, or was the fact that the size changed enough difference that copying the file was indeed necessary? I fear you might be mixing things up here. You did a zfs-migrate, not a zpool-migrate, you created a new zpool and received the datasets on that new zpool, even if the zpool names were the same. The function of zpool.cache is to tell the OS about available device-zpool combinations. Without, the OS does not know which zpools are available and accordingly cannot mount the root-ZFS passed in the vfs.root.mountfrom directive in loader.conf, which is why you needed to copy the zpool.cache and, if you changed the zpool-names, needed to adapt loader.conf. There are plans to change this behaviour, as it is deemed superfluous at least in the case of disks, but I do not know how much that has progressed so far. http://lists.freebsd.org/pipermail/freebsd-fs/2012-October/015328.html Hope I could shed some light on that issue, although I am by no means an expert on this. Cheers, Yes that did explain it, and I did keep the zpool the same name to avoid having to change the loader.conf. This also does answer other things as well for me. In that this should be able to be done from a mirror to a zraid, or single disk pool. But as you have pointed out the migration is done on the ZFS data layer that is on top of the zpool layer, so it shouldn't matter what the underlying zpool raid level is. And likewise wouldn't matter if the hardware devices behind it changed even if I hadn't used gpt labels to configure the zpool. Good information to know going forward, thanks for the explanation. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Curious question about using zfs send -R and receive on FreeBSD
I recently migrated a machine that was built on a VM to physical hardware using the zfs send -R option against a snapshot of its root zfs setup. I went from smaller drives to larger, both using a mirrored zpool. However the devices were different, the device IDs on the VM were da0 and da1, the device IDs on the physical hardware were ada0 and ada1. I had used labels when creating the gpt layout to plan for this. And all worked great, in fact it was the fastest I have ever converted a virtual machine to a physical machine. After I finished though, I got curious, was it actually necessary for me to mount the new boot zfs partition while running on the live cd and copy the zpool.cache file I had created when creating the zpool or would have the existing cache file that would have been included in the zfs send contained the right information? As the zpool was pointed at the gpt label devices, or was the fact that the size changed enough difference that copying the file was indeed necessary? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SMS application
On 2012-12-06 13:59, Carmel wrote: Can anyone recommend a good SMS application that works on FreeBSD? I have used several different ones on MS Windows; however, I cannot find one that works on FreeBSD. There doesn't appear to be a fully functional one in the ports system either, although I might have missed it. Why not just check here: http://www.freebsd.org/cgi/ports.cgi?query=smsstype=all -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
openjdk port build failures
I am working on a 9.1-Release system built from source (Original Install from 9.1RC1), and am having trouble getting openjdk to build. I tried 7 first, and after that failed tried 6, has anyone else ran into this, Is it possibly because I have the system and ports where possible built with clang? Below is the output from the end of the openjdk6 build attempt. uname -v: FreeBSD 9.1-RELEASE #1 r243900: Wed Dec 5 14:05:38 CST 2012 Recursively making corbalogcompile build @ Fri Dec 7 15:48:25 CST 2012 ... gmake[5]: Entering directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi/corbalogcompile' # Java sources to be compiled: (listed in file /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/tmp/sun/com.sun.corba.se.impl.logging/.classes.list) /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/ActivationSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/IORSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/InterceptorsSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/NamingSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/OMGSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/ORBUtilSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/POASystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/UtilSystemException.java # Running javac: /usr/local/bootstrap-openjdk/bin/java -Xmx874m -Xms128m -Xbootclasspath/p:/var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/langtools/dist/bootstrap/lib/javac.jar -jar /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/langtools/dist/bootstrap/lib/javac.jar -XDignore.symbol.file=true -source 1.5 -target 5 -encoding ascii -classpath /usr/local/bootstrap-openjdk/lib/tools.jar -Xprefer:source -sourcepath /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc:../../../../src/solaris/classes:../../../../src/share/classes -d /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/classes @/var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/tmp/sun/com.sun.corba.se.impl.logging/.classes.list gmake[5]: *** [.compile.classlist] Killed: 9 gmake[5]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi/corbalogcompile' gmake[4]: *** [build] Error 1 gmake[4]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi' gmake[3]: *** [build] Error 1 gmake[3]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun' gmake[2]: *** [build] Error 1 gmake[2]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make' gmake[1]: *** [corba-build] Error 2 gmake[1]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work' gmake: *** [build_product_image] Error 2 *** [do-build] Error code 1 Stop in /usr/ports/java/openjdk6. *** [install] Error code 1 Stop in /usr/ports/java/openjdk6. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: openjdk port build failures
On 2012-12-07 16:01, dweimer wrote: I am working on a 9.1-Release system built from source (Original Install from 9.1RC1), and am having trouble getting openjdk to build. I tried 7 first, and after that failed tried 6, has anyone else ran into this, Is it possibly because I have the system and ports where possible built with clang? Below is the output from the end of the openjdk6 build attempt. uname -v: FreeBSD 9.1-RELEASE #1 r243900: Wed Dec 5 14:05:38 CST 2012 Recursively making corbalogcompile build @ Fri Dec 7 15:48:25 CST 2012 ... gmake[5]: Entering directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi/corbalogcompile' # Java sources to be compiled: (listed in file /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/tmp/sun/com.sun.corba.se.impl.logging/.classes.list) /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/ActivationSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/IORSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/InterceptorsSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/NamingSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/OMGSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/ORBUtilSystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/POASystemException.java /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc/com/sun/corba/se/impl/logging/UtilSystemException.java # Running javac: /usr/local/bootstrap-openjdk/bin/java -Xmx874m -Xms128m -Xbootclasspath/p:/var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/langtools/dist/bootstrap/lib/javac.jar -jar /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/langtools/dist/bootstrap/lib/javac.jar -XDignore.symbol.file=true -source 1.5 -target 5 -encoding ascii -classpath /usr/local/bootstrap-openjdk/lib/tools.jar -Xprefer:source -sourcepath /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/gensrc:../../../../src/solaris/classes:../../../../src/share/classes -d /var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/classes @/var/ports/usr/ports/java/openjdk6/work/build/bsd-amd64/corba/tmp/sun/com.sun.corba.se.impl.logging/.classes.list gmake[5]: *** [.compile.classlist] Killed: 9 gmake[5]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi/corbalogcompile' gmake[4]: *** [build] Error 1 gmake[4]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun/rmi' gmake[3]: *** [build] Error 1 gmake[3]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make/sun' gmake[2]: *** [build] Error 1 gmake[2]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work/corba/make' gmake[1]: *** [corba-build] Error 2 gmake[1]: Leaving directory `/var/ports/usr/ports/java/openjdk6/work' gmake: *** [build_product_image] Error 2 *** [do-build] Error code 1 Stop in /usr/ports/java/openjdk6. *** [install] Error code 1 Stop in /usr/ports/java/openjdk6. Well, think I just noticed the cause, this test Virtual machine only has 1G of ram setup on it, I did create and additional 1G of swap space, but forgot to setup the fstab file so it wasn't turned on. Just happened to look at the console while closing windows on my laptop to head home from the office, and saw several processes were killed reason given: out of swap space. Will give this another go around with the swap active and see if it works.. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: CARP within VirtualBox Does it work?
On 2012-12-01 03:14, Damien Fleuriot wrote: On 30 November 2012 20:44, dweimer dwei...@dweimer.net wrote: On 2012-11-29 14:07, dweimer wrote: On 2012-11-29 12:53, Fleuriot Damien wrote: On Nov 29, 2012, at 6:43 PM, dweimer dwei...@dweimer.net wrote: I was trying to setup a test of CARP on two virtual machines running in VirtualBox 4.2.4r81684 I am not sure if I have something wrong with my CARP configuration or if VirtualBox just doesn't work right with it. I can only ping the CARP interface IP address from the machine listed as MASTER, if I do an ifconfig carp0 down on the MASTER the other machine correctly switches form BACKUP to MASTER and then I can ping the interface from it but not from the Original system. The VirtualBox systems are both using bridged networking, and the host cannot ping the carp0 IP address but can ping the interface IP address. Before I go through more trouble shooting, does anyone know if CARP doesn't work with VirtualBox? carp configuration Machine1: ifconfig_em0=UP ifconfig_em0_name=LAN ipv4_addrs_LAN=10.20.190.201/16 defaultrouter=10.20.111.2 cloned_interfaces=carp0 ifconfig_carp0=vhid 1 advskew 100 pass ReduntantCarpTest 10.20.190.203/16 ifconfig carp0: carp0 flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 10.20.190.203 netmask 0x nd6 options=29PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL carp: MASTER vhid 1 advbase 1 advskew 100 Machine2: ifconfig_em0=UP ifconfig_em0_name=LAN ipv4_addrs_LAN=10.20.190.202/16 defaultrouter=10.20.111.2 cloned_interfaces=carp0 ifconfig_carp0=vhid 1 pass ReduntantCarpTest 10.20.190.203/16 ifconfig carp0: carp0 flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 10.20.190.203 netmask 0x nd6 options=29PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL carp: BACKUP vhid 1 advbase 1 advskew 0 FreeBSD version is 9.1RC3 on both test machines. We're using FreeBSD and CARP in virtualized environments at work, albeit not on VirtualBox but on Proxmox/KVM. First, I would advise replacing 10.20.190.203/16 with 10.20.190.203/32 I notice your carp0 is MASTER on machine1 with an advskew of 100 vs machine 2 advskew 0, same advbase. Confirm this is *after* you've set carp0 down on machine2. If both carps are up and machine1 with advskew 100 beats machine2 with advskew 0, you have an additional problem. See if you have any more luck with the /32 address on carp0 anyway. The documentation shows the mask matching that of the interface: hostname=hostb.example.org ifconfig_fxp0=inet 192.168.1.4 netmask 255.255.255.0 cloned_interfaces=carp0 ifconfig_carp0=vhid 2 pass testpass 192.168.1.51/24 This is consistent with the man page for CARP on the system as well. Regardless I tried with the /32 and had the same result as I did with the /16. I had done various UP/DOWN on interfaces so the current MASTER was just the last one to have not been DOWN. I think I might just copy these VMs to my VMWARE Workstation 9 install on my home PC after work tonight and see if the problem persists. The behavior definitely changed going from VirtualBox to VMWare, the only change in my configuration was the IP addresses to match the home network. However now I can talk to the carp interface form other machines, but they receive two response one from each of the test systems. TCPDUMP shows that they are each seeing the others broadcasts, but for some reason they are both running as MASTER. If you run a DOWN/UP on the interface, it briefly shows as BACKUP before switching to MASTER. I tried with both /24 subnet of my home network, and setting the carp0 interface to /32, both behaved the same. Any one have any other ideas, as to whether this comes down to a Virtual Network Issue, or a setup issue on my part. Well, it definitely works here for us on Proxmox/KVM. When you tcpdump on your either host, do you see the CARP advertisements from the other ? FInd below the advertisements as seen from our CARP backup firewall: $ sudo tcpdump -ni vlan14 vrrp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vlan14, link-type EN10MB (Ethernet), capture size 96 bytes 10:11:09.084568 IP 195.158.240.[snip] 224.0.0.18: VRRPv2, Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 10:11:10.282826 IP 195.158.240.[snip] 224.0.0.18: VRRPv2, Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 10:11:11.481075 IP 195.158.240.[snip] 224.0.0.18: VRRPv2, Advertisement, vrid 114, prio 50, authtype none, intvl 1s, length 36 Proabbly should have been more clear early when I mentioned I could see the others broadcasts, this is what I menat, yes they do see the others advertisements. It most definitely was virtual network related, found some information on the pfSense wiki that directed me to the advanced settings on the ethernet adapters within the VirtualBox network settings on the virtual machines. Promiscuous mode was set to Deny, change this to Enable All
CARP within VirtualBox Does it work?
I was trying to setup a test of CARP on two virtual machines running in VirtualBox 4.2.4r81684 I am not sure if I have something wrong with my CARP configuration or if VirtualBox just doesn't work right with it. I can only ping the CARP interface IP address from the machine listed as MASTER, if I do an ifconfig carp0 down on the MASTER the other machine correctly switches form BACKUP to MASTER and then I can ping the interface from it but not from the Original system. The VirtualBox systems are both using bridged networking, and the host cannot ping the carp0 IP address but can ping the interface IP address. Before I go through more trouble shooting, does anyone know if CARP doesn't work with VirtualBox? carp configuration Machine1: ifconfig_em0=UP ifconfig_em0_name=LAN ipv4_addrs_LAN=10.20.190.201/16 defaultrouter=10.20.111.2 cloned_interfaces=carp0 ifconfig_carp0=vhid 1 advskew 100 pass ReduntantCarpTest 10.20.190.203/16 ifconfig carp0: carp0 flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 10.20.190.203 netmask 0x nd6 options=29PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL carp: MASTER vhid 1 advbase 1 advskew 100 Machine2: ifconfig_em0=UP ifconfig_em0_name=LAN ipv4_addrs_LAN=10.20.190.202/16 defaultrouter=10.20.111.2 cloned_interfaces=carp0 ifconfig_carp0=vhid 1 pass ReduntantCarpTest 10.20.190.203/16 ifconfig carp0: carp0 flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500 inet 10.20.190.203 netmask 0x nd6 options=29PREFORMNUD,IFDISABLED,AUTO_LINKLOCAL carp: BACKUP vhid 1 advbase 1 advskew 0 FreeBSD version is 9.1RC3 on both test machines. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dd command: BSD analog of conv=fsync?
On 2012-11-19 07:42, Thomas Mueller wrote: In the last episode (Nov 18), Thomas Mueller said: What is the (Free)BSD counterpart of conv=fsync in dd command? Command in question is dd if=GNOME-3.6.0.iso of=/dev/DRIVE bs=8M conv=fsync This is for writing to a USB stick, and of course DRIVE is replaced by the actual device node; also I believe bs=8M, good for Linux, would be bs=8m in FreeBSD. I don't really know if conv=fsync is necessary, but that's what was advised in the GNOME test-drive download page. It isn't. Writing to raw devices in FreeBSD immediately writes to the physical media. No flushing is needed. -- Dan Nelson dnel...@allantgroup.com I was able to dd GNOME-3.6.0.iso to that USB stick, a discontinued Kingston Data Traveler model that was inaccessible to NetBSD until they fixed that USB bug recently. I got CAM SCSI error messages in FreeBSD, couldn't access the USB stick in the normal way, but apparently dd worked. These particular Kingston Data Travelers worked normally with previous builds of FreeBSD. That USB stick proved bootable, so I got a test drive of GNOME 3.6.0. I had a difficult time finding my way around the graphical interface,. When I got to a command prompt, I found first there was no nslookup, and then found there was no man command. I thought these were a standard part of (quasi-)Unix OSes. I didn't really get a good impression. Also, the print/text was very small, a recipe for eyestrain. Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Some Linux distributions tried doing away with nslookup in favor of dig a while back, most have added it back in though. However it looks like you found something that hasn't put it back in. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Advanced Format Drive ?
On 2012-11-15 17:31, Ronald F. Guilmette wrote: (This stuff would probably be a lot less confiusing if I actually knew what I was doing, but...) OK, Warren, I've just done the following steps. The first two I drew from the manpage examples, and then followed those up with two commands from your tutorial. /sbin/gpart create -s GPT ada0# manpage example is wrong, ad0 - ada0 /sbin/gpart bootcode -b /boot/mbr ad0 # manpage wrong again, pmbr - mbr gpart add -t freebsd-boot -l gpboot -b 40 -s 512K ada0 gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 ada0 That last one, done at the suggestion of your tutorial page, has me completely perplexed, because of what is said, very explicitly, in the gpart(8) manpage: bootcode Embed bootstrap code into the partitioning scheme's metadata on the geom (using -b bootcode) or write bootstrap code into a partition (using -p partcode and -i index). Please note the use of the word or. The man page is telling me to _either_ use the -p option _or else_ use the -p and -i options together. But you are telling me to use all three in one go! Forgive me, but I'm confused. (As you can tell by now, I am often easily confused. Sorry.) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I saw this, and well started wondering myself, as I have been using this while doing work on booting FreeBSD via ZFS (of course using -p /boot/gptzfsboot), I got the line from a tutorial on booting from ZFS. Never thought much of it, until now, but I believe I see now why, the secret is the pmbr, notice the p. Its the protective mbr, it lets formatting tools that understand mbr, but not gpart know that there is something there, the actual boot code is in the partition. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: WARNING: FreeBSD 9.0-RELEASE is approaching its End-of-Life date.
On 2012-11-15 15:57, Matthias Petermann wrote: Hello, from a freshly installed FreeBSD 9.0-RELEASE I did a freebsd-update to bring it to the latest patch level. After: # freebsd-update fetch I got this message: WARNING: FreeBSD 9.0-RELEASE is approaching its End-of-Life date. It is strongly recommended that you upgrade to a newer release within the next 2 months. What does this exactly mean? Is the whole 9.0 Series approaching EOL, or does this only apply to the initial 9.0-RELEASE _AND NOT_ to e.g. 9.0-RELEASE-p3 ? Where can I find more information on the planned lifecycles of the current and upcoming releases? Are there any? Thanks kind regards Matthias Its all on the website, Current Release Information: http://www.freebsd.org/releases/ Release engineering Information: http://www.freebsd.org/releng/ Next release information: http://www.freebsd.org/releases/9.1R/schedule.html Its running a touch behind (11-12-2012 was target release announcement), but I am glad they prefer to do it right rather than on time. FreeBSD 9.0-RElEASE-p4 is actually current, but I believe the p4 doesn't show up unless you do a build world. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Custom ISO mount script problem
I have a server that I use to host ISO images, and mount them so they are available via network shares. I ran into a problem today, I temporarily made an ISO image accessible via a md device and mounted it under /mnt just to check the data on the ISO image. My ISO mount script ran its updated check while this was there, and hung up because of it. Now the obvious solution is to fix my script, but as I am baffled as to why it hung-up, it does do a query on md devices, and will try to dismount any that are mounted if they don't match its criteria, and delete the md device as well. However as it would have found this one in use, it should have just returned a failure and continued on. However it didn't and then when I tried to manually umount it, my umount command hung as well. What I was left with was two umount commands attempting to umount /dev/md1000 both stuck, they wouldn't respond to a kill -9 I couldn't use mdconfig -d -u 1000 to delete the md device, even with a -o force (had yet another process stuck). After 1 hour all processes were still hung, killing the shell left them zombied, but still hung there, tying up the md device. I was left with rebooting the server, until I can figure out why my script broke and didn't just error and continue the remaining checks in its list. Does anyone have any idea how if this happens again to kill these hung-up umount processes, without rebooting the server? This could be a fun one to fix, because so far attempting to duplicate the problem hasn't worked, think I just have to time something just right, or wrong depended how you look at it. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Freebsd iSCSI client ?
On 2012-10-29 17:08, dweimer wrote: On 2012-10-29 13:51, dweimer wrote: On 2012-10-29 08:29, John Levine wrote: I'm trying to set up a freebsd image under vmware, but I need more disk space than the vmware hosts offer. So the guy who runs the hosting place suggests getting a 1U disk server and using iSCSI over gigabit Ethernet so I can build zfs volumes from the iSCSI disks. Poking around, the reports say that FreeBSD is a pretty good iSCSI server in such forms as freenas, but a lousy iSCSI client, with the first problem being that that kludges are required to get iSCSI volumes mounted early enough in the boot process for ZFS to find them. Is this still the case in FreeBSD 9? I'd rather not use NFS, since the remote disks have mysql databases, and mysql and NFS are not friends. An alternative is to mount the iSCSI under vmware, so zfs sees them as normal disks. Anyone tried that? TIA, John I don't have an answer for you at the moment, but I can tell you that I just started a new server build this morning with the intent of using it as an iSCSI client and running ZFS on the drive. In my case however its going to be a file server that doesn't have very much heavy I/O, with the intention of using compression on the ZFS file set. In my case a script ran after start up to mount the drive would work if it fails. I will let you know what I find out, server is in the middle of a buildworld to get it updated to the p4 release. Yes you can mount as a drive through VMware and use ZFS just fine, I have done a lot of recent tests using ZFS as the boot volume under VMware. This new server will be my first production server to use what I have learned from those tests, as its system drive mounted through VMware (ESX 4.1) and is booting from ZFS. Once the install of the buildworld is complete I will add a 150G ZFS data set on our HP Lefthand Networks SAN, run some tests and let you know the outcome of them. Looks like I have some learning to do, system is up and running and talks to the iscsi volume just fine, however as you mentioned, the big problem is mounting the volume at start up. can't find any options at all to launch iscontrol at boot. Found an example /usr/local/etc/rc.d/ script from a mail forum a ways back however it was setup to use UFS volumes and a secondary fstab file for the iscsi volumes. I don't see any reason that one can't be made to make use of zfs with the volumes set with option canmount=noauto and using an rc.conf variable to pass which volumes to mount at boot, and umount at shutdown to the script. However, I have some reading to do before I get started, as I haven't tried to create an rc.d script, and need to get an understanding of how to properly create one which follows all the proper guidelines, and allows itself to be a requirement for other scripts. I don't see any reason it would work successfully to host a MySQL database as the OP was looking for or a Samba share as I intend to use it as long as their start up can be set to require the iSCSI start up to run first. If anyone has already done something similar to this and has some information to pass on that would be great. I probably won't have time to even start researching this till Thursday this week Well I got stuck waiting at work today for a replacement array controller, and got some time to work on this. This still needs some work, and I am not sure its the best way to handle it as it does an export on the zpool at shutdown and import at start up. I also don't know at this point about other services waiting on it. But I have verified that a server reboot cleanly dismounts the volumes and a reboot remounts them. Things to note, the # BEFORE: line below, that was copied from the old mailing list thread I found, not sure if that is something real or not. The ZFS data set I was using was set with option canmount=noauto. the zpool import/export and zfs mount/umount are just typed in there, it needs to be broken up and pulled form an rc.conf variable option instead #!/bin/sh # PROVIDE: iscsi # REQUIRE: NETWORKING # BEFORE: mountcritremote # KEYWORD: shutdown . /etc/rc.subr name=iscsi start_cmd=iscsi_start stop_cmd=iscsi_stop rcvar=iscsi_enable required_modules=iscsi_initiator:iscsi iscsi_start() { ${iscsi_command} -c ${iscsi_config} -n ${iscsi_nickname} sleep 1 zpool import ziscsi zfs mount ziscsi/storage } iscsi_stop() { zfs umount ziscsi/storage zpool export ziscsi killall -HUP ${iscsi_command} } load_rc_config $name : ${iscsi_enable=NO} : ${iscsi_command=iscontrol} : ${iscsi_config=/etc/iscsi.conf} : ${iscsi_nickname=} run_rc_command $1 Other files information used: rc.conf: ... # Enable iscsi iscsi_enable=YES iscsi_command=iscontrol iscsi_nickname=LHMG002 iscsi_config=/etc/iscsi.conf ... iscsi.conf: # Globals port = 3260 InitiatorName = iqn.2005-01.il.ac.huji.cs:testvm.local LHMG002 { TargetAddress = 10.31.120.102:3260,1
Re: Freebsd iSCSI client ?
On 2012-10-29 08:29, John Levine wrote: I'm trying to set up a freebsd image under vmware, but I need more disk space than the vmware hosts offer. So the guy who runs the hosting place suggests getting a 1U disk server and using iSCSI over gigabit Ethernet so I can build zfs volumes from the iSCSI disks. Poking around, the reports say that FreeBSD is a pretty good iSCSI server in such forms as freenas, but a lousy iSCSI client, with the first problem being that that kludges are required to get iSCSI volumes mounted early enough in the boot process for ZFS to find them. Is this still the case in FreeBSD 9? I'd rather not use NFS, since the remote disks have mysql databases, and mysql and NFS are not friends. An alternative is to mount the iSCSI under vmware, so zfs sees them as normal disks. Anyone tried that? TIA, John I don't have an answer for you at the moment, but I can tell you that I just started a new server build this morning with the intent of using it as an iSCSI client and running ZFS on the drive. In my case however its going to be a file server that doesn't have very much heavy I/O, with the intention of using compression on the ZFS file set. In my case a script ran after start up to mount the drive would work if it fails. I will let you know what I find out, server is in the middle of a buildworld to get it updated to the p4 release. Yes you can mount as a drive through VMware and use ZFS just fine, I have done a lot of recent tests using ZFS as the boot volume under VMware. This new server will be my first production server to use what I have learned from those tests, as its system drive mounted through VMware (ESX 4.1) and is booting from ZFS. Once the install of the buildworld is complete I will add a 150G ZFS data set on our HP Lefthand Networks SAN, run some tests and let you know the outcome of them. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bug in LAGG driver at 9.0 ?
On 2012-10-23 06:02, Frank Bonnet wrote: Hello I cannot get the lagg driver to work properly at 9.0 the Cisco switch is well configured to support LACP no problem on that side it supports another Linux server with two aggregated eth ports that works well. here is the config of the FreeBSD 9.0-P3 server ifconfig_bce0=up ifconfig_bce1=up ifconfig_bce2=up cloned_interfaces=lagg0 ifconfig_lagg0=laggproto lacp laggport bce0 laggport bce1 laggport bce2 ipv4_addrs_lagg0=147.215.201.21/24 defaultrouter=147.215.201.1 showing the lagg configuration give the following , only one ethernet port is active. ifconfig lagg0 lagg0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=c01bbRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE ether 00:9c:02:9a:97:b0 inet 147.215.201.21 netmask 0xff00 broadcast 147.215.201.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect status: active laggproto lacp laggport: bce2 flags=0 laggport: bce1 flags=0 laggport: bce0 flags=1cACTIVE,COLLECTING,DISTRIBUTING Thanks for any info/idea ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Can you post your Cisco Switch port configuration? I have a two port LAGG using lacp on two separate Dell PowerEdge servers running 9.0-RELEASEp3, below is my config in FreeBSD the only differences I see apart form 2 instead of three ports, is that I named the interface, and used a different syntax to specify the ip addresses, but yours should be correct as well. uname -v FreeBSD 9.0-RELEASE-p3 #0: Tue Jun 26 10:27:21 CDT 2012 ifconfig_bce0=up ifconfig_bce1=up cloned_interfaces=lagg6 ifconfig_lagg6_name=DMZ ifconfig_DMZ=laggproto lacp laggport bce0 laggport bce1 ifconfig_DMZ_alias0=inet 10.50.20.5 netmask 0x ifconfig_DMZ_alias1=inet 10.52.20.5 netmask 0x defaultrouter=10.50.110.4 DMZ: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=c01bbRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE ether 78:2b:cb:68:9f:1e inet 10.50.20.5 netmask 0x broadcast 10.50.255.255 inet 10.52.20.5 netmask 0x broadcast 10.52.255.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect status: active laggproto lacp laggport: bce1 flags=1cACTIVE,COLLECTING,DISTRIBUTING laggport: bce0 flags=1cACTIVE,COLLECTING,DISTRIBUTING -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS / Boot Environments / Jails / Upgrading form Source Code
On 2012-10-19 02:48, Shane Ambler wrote: On 19/10/2012 07:44, dweimer wrote: First step replace the usr/src within the jail with new source using svn, easy enough. Then start make buildworld... oops, I have a problem now, the usr/obj/usr stuff is now under /usr/obj/usr/jails/release91rc2..., However I want it to be under /usr/jails/release91rc2/usr/obj/usr. If the jails base dir is /usr/obj/usr/jails/release91rc2 then it can only access files below that base dir. That is part of the jails security. If your jail is based at /usr/obj/usr/jails/release91rc2 then the jail by default will buildworld into /usr/obj of the jail system which translates to /usr/obj/usr/jails/release91rc2/usr/obj on the base system. You can adjust the settings within the jail but it will always be within the release91rc2 dir so you can't use the jail to install into /usr/jails of the base system. The base of the Jail, is /usr/jails/release91rc2, however, I did forget to mention that I was running the buildworld and buildkernel from the base system, with the intent to install using the DESTDIR=/usr/jails/release91rc2 command line option From looking at the usr/src/Makefile It looks like I need to set the MAKEOBJDIRPREFIX=/usr/jails/relase91rc2/usr/obj/usr/src/tmp environment variable, but is that the best solution here? There's also a /usr/obj/lib32 directory (system is running amd64, I assume this is for 32 bit libraries), so I would likely need to do something here as well, that I haven't gotten to yet. lib32 is part of the final system - you don't need to handle it separately. See man src.conf if you want to turn off the creation of 32bit libs. Got it, Fine with leaving it there, just wanted to know if there was a separate option to define where it ended up. You can set MAKEOBJDIRPREFIX (default /usr/obj ) to define where the binary files are made. You can also set DESTDIR (default is / ) for the installworld step to define where they get installed. It appears I went to deep on my definition of the MAKOBJDIRPREFIX, made the above path after seeing some output at the start of one of my buildworld attempts, which is what led me to believe there would be a second choice. When you start a buildworld or buildkernel the compiled binaries are stored within MAKEOBJDIRPREFIX. When that is complete the installworld or installkernel steps install the files from MAKEOBJDIRPREFIX into DESTDIR to create a workable system. That prevents a failed build from destroying part of your running system. If you want to experiment with different versions then you can also try- mkdir /usr/jails cd /usr/jails svn co http://svn0.us-west.FreeBSD.org/base/releng/9.0 9.0-src cd 9.0-src set MAKEOBJDIRPREFIX = /usr/jails/9.0-obj set DESTDIR = /usr/jails/9.0-base make buildworld make installworld cd /usr/jails svn co http://svn0.us-east.FreeBSD.org/base/releng/9.1 9.1-src cd 9.1-src set MAKEOBJDIRPREFIX = /usr/jails/9.1-obj set DESTDIR = /usr/jails/9.1-base make buildworld make installworld Here was the key information I needed, found several examples searching but none stated the MAKEOBJDIRPREFIX=, as you state below they are not needed for the running system, guessing most people clean them up afterwards so they aren't concerned they don't exist in the same boot environment in the end. I prefer to keep them in the same boot environment if possible, just so that if I delete a boot environment I know I got rid of everything that belonged to it and don't end up uselessly eating up extra disk space. I do delete the /usr/obj/usr directory prior to any rebuild, from old documentation I read when I first started doing source upgrades as a method of improving the speed of the buildworld. I am sure those were written for a 32bit system, which is why the lib32 directory wasn't included in those instructions. I know the /usr/obj/usr directory can be deleted after the installation of the source, does the same go for the /usr/obj/lib32 directory? if so Anything in MAKEOBJDIRPREFIX (/usr/obj) can be deleted after you have installed it, including lib32 which are libs to allow running 32bit programs on a 64bit system. Looks like I am on the right path, now time to give it a try with the new environment variables, thanks for your help Shane. If all goes well on this step, only things I have left to figured out and test is creating zfs snapshots by hand of volumes outside my boot environment, and mounting those read write within the jailed systems base so that I can fully test my applications against the latest live data without changing the actual data. Don't expect to have any trouble with this one. And then last of all need to test removing a HD from my Virtual Machine, adding a replacement, and rebuilding the mirror, again don't expect this to be a problem, just need to work my way through them and get the steps down before I am comfortable doing these procedures on a system
ZFS / Boot Environments / Jails / Upgrading form Source Code
I have been playing around with different build layouts etc trying to come up with a plan to make updates smoother and more easily recoverable if it goes horribly wrong. I think I have almost figured things out, just have a couple things left to figure out, one of which I am hoping someone on this list can help em out with, to save me some trial an error. Steps already figured out, mount new boot environment (using 9.1rc2 to test with) in /usr/jails/release91rc2, added the necessary settings to rc.conf, started jail, so far so good. I now know I can run the boot environment from within the jail, stop the jail and begin the upgrade from source. First step replace the usr/src within the jail with new source using svn, easy enough. Then start make buildworld... oops, I have a problem now, the usr/obj/usr stuff is now under /usr/obj/usr/jails/release91rc2..., However I want it to be under /usr/jails/release91rc2/usr/obj/usr. From looking at the usr/src/Makefile It looks like I need to set the MAKEOBJDIRPREFIX=/usr/jails/relase91rc2/usr/obj/usr/src/tmp environment variable, but is that the best solution here? There's also a /usr/obj/lib32 directory (system is running amd64, I assume this is for 32 bit libraries), so I would likely need to do something here as well, that I haven't gotten to yet. I know the /usr/obj/usr directory can be deleted after the installation of the source, does the same go for the /usr/obj/lib32 directory? if so perhaps it is a better option to make a new zfs data set outside the boot environments to mount under /usr/obj directory, let the default prefixes handle which sub directory to use, and just delete the directories when I am done working with the boot environment. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Updating ports tree with subversion behind an http proxy server
I am working on switching from updating my systems with csup to subversion, for the systems I have behind a proxy server. When I was using csup, I used an SSH connection, tunneling the 5999 port through the proxy server. Now that I am looking at subversion, I have found the ~/.subverison/servers file, edited the [global] section removed the comment # from the front of the http-proxy-host and http-proxy-port lines, and added the correct values. Realizing I may still have to add some configuration settings to allow the subversion http methods through to the proxy, I went ahead and tried to run a test check out command. However it doesn't try to hit the proxy server, I just get an immediate no route to host error returned. I know the server has access to the proxy, I was able to use pkg_add with the necessary environment variables to add subversion to this system. The system is a fresh clean install of FreeBSD 9.0-release, with only the packages added for subversion. Looking at the proxy server logs the check out doesn't log anything, which leads me to believe that svn isn't reading its configuration file, or is simply ignoring the http-proxy-host and http-proxy-port lines. Has anyone setup one of their FreeBSD systems to use subversion behind an http proxy, and know what I am missing? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Updating ports tree with subversion behind an http proxy server
On 2012-10-05 10:16, dweimer wrote: I am working on switching from updating my systems with csup to subversion, for the systems I have behind a proxy server. When I was using csup, I used an SSH connection, tunneling the 5999 port through the proxy server. Now that I am looking at subversion, I have found the ~/.subverison/servers file, edited the [global] section removed the comment # from the front of the http-proxy-host and http-proxy-port lines, and added the correct values. Realizing I may still have to add some configuration settings to allow the subversion http methods through to the proxy, I went ahead and tried to run a test check out command. However it doesn't try to hit the proxy server, I just get an immediate no route to host error returned. I know the server has access to the proxy, I was able to use pkg_add with the necessary environment variables to add subversion to this system. The system is a fresh clean install of FreeBSD 9.0-release, with only the packages added for subversion. Looking at the proxy server logs the check out doesn't log anything, which leads me to believe that svn isn't reading its configuration file, or is simply ignoring the http-proxy-host and http-proxy-port lines. Has anyone setup one of their FreeBSD systems to use subversion behind an http proxy, and know what I am missing? Never mind, turns out I was just doing something stupid, had to use svn co http:// instead of svn co svn://... -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PC-BSD 9.0 in VirtualBox
On 2012-09-28 07:03, Rares Aioanei wrote: On Thu, 27 Sep 2012 22:56:42 -0400 Mike Jeays mike.je...@rogers.com wrote: I have been running PC-BSD 9.0 with the KDE interface in a VirtualBox VM, and notice that it uses CPU resources when idle, driving up my CPU temperature about 15 degrees on an otherwise idle machine. (It is an Intel i5 quad four). Is this to be expected? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Yes. Any chance the CPU load actually drops when you are doing something? I remember some issues a while back with FreeBSD in VMware consuming 100% CPU when idle. Possible this could be related. The other thought would be screen savers, if you are running one in the VM, the VM has to use CPU to process the graphics, and that could be cause. KDE itsefl does use a decent amount of memory, but while idle it shouldn't be stressing the CPU. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: PC-BSD 9.0 in VirtualBox
On 2012-09-28 12:06, Warren Block wrote: On Thu, 27 Sep 2012, Mike Jeays wrote: I have been running PC-BSD 9.0 with the KDE interface in a VirtualBox VM, and notice that it uses CPU resources when idle, driving up my CPU temperature about 15 degrees on an otherwise idle machine. (It is an Intel i5 quad four). Is this to be expected? It may help to add kern.hz=100 to /boot/loader.conf. Ah yes, that was the fix I was vaguely remembering when I mentioned the old VMware issue, oddly enough I haven't seen it recently. But then, maybe not so odd, just checked with sysctl kern | grep hz on two machines, one running on physical hardware the other on vmware workstation 9. Both were compiled from source, running 9.0-RELEASE-p4, the physical system lists kern.hz: 1000, while the virtual lists ker.hz: 100. No value is set in /boot/loader.conf on either system, however the detection mechanism (whatever that might happen to be) that is setting this to the lower value on the VMware virtual machine might not be working in a Virtual Box virtual machine. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Anyone Tried to use iPXE to boot with iSCSI?
On 2012-09-20 09:42, Vincent Hoffman wrote: On 19/09/2012 06:53, dweimer wrote: I was just trying some proof of concept testing to see if I could get a system booting with no local disk using iSCSI running from my FreeNAS box. I got started, by first booting a 9.1-RC1 CD, into live CD, created a /tmp/iscsi.conf used kldload to load the iscsi initiator, connected to the target, created a gpt boot partition, swap partition and just a single / volume using remianing space. Copied the bootcode, created the file system, extracted the system etc. Created a loader.conf file, added the iscsi_initiator_load=YES option, copied my /tmp/iscsi.conf file to the new file system at /etc/iscsi.conf created a /etc/fstab file using the gpart labels to mount / and swap partitions. Booted the system from the iPXE.iso, ran the necessary configuration options, connected to the iscsi volume, and booted from it. It does launch the bootcode, as expected, and then breaks failing to mount root. Whoch I actually expected, I have proved I can install to an iSCSI volume, I can connect to that iSCSI volume prior to loading the kernel, and load the kernel from it. What I can't seem to find any information on is how to mount iSCSI volumes at boot on FreeBSD, so that the kernel can mount the root partition. Does anyone have any idea how to do this, or if its even possible? Sounds like you need this http://freebsd.1045724.n5.nabble.com/iSCSI-boot-driver-0-2-5-isboot-ko-has-been-released-td5736301.html Vince That's looking promising, I had actually ran across an earlier version of this last night, of course that was all dealing with 8.1. Will definitely do more looking into it, however it doesn't seem to be at a point I would consider running anything more than a test environment from it. My actual goal with this project if the proof of concept panned out was to replace the old aging internal SATA Mirrored drives in my Home web/email server (They are showing a decent number of smart pre-fail indicators, but still working for now). I have fairly new SATA drives in my FreeNAS box, and thought maybe since my Gig network is barely being taxed, that I could save some cash for new disk drives, to be put towards future upgrades to the FreeNAS box instead. However I am not ruling out the possibility altogether yet, and am going to run some tests with booting from a very minimal set of required files on a USB thumb Drive, and mounting everything else from iSCSI. I am already running all my VMware Test Virtual Machines on my workstation from an iSCSI volume mounted from my FreeNAS box, and know that it performs well enough in my network to handle the small amount of traffic to my website and my email without any problems. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Anyone Tried to use iPXE to boot with iSCSI?
I was just trying some proof of concept testing to see if I could get a system booting with no local disk using iSCSI running from my FreeNAS box. I got started, by first booting a 9.1-RC1 CD, into live CD, created a /tmp/iscsi.conf used kldload to load the iscsi initiator, connected to the target, created a gpt boot partition, swap partition and just a single / volume using remianing space. Copied the bootcode, created the file system, extracted the system etc. Created a loader.conf file, added the iscsi_initiator_load=YES option, copied my /tmp/iscsi.conf file to the new file system at /etc/iscsi.conf created a /etc/fstab file using the gpart labels to mount / and swap partitions. Booted the system from the iPXE.iso, ran the necessary configuration options, connected to the iscsi volume, and booted from it. It does launch the bootcode, as expected, and then breaks failing to mount root. Whoch I actually expected, I have proved I can install to an iSCSI volume, I can connect to that iSCSI volume prior to loading the kernel, and load the kernel from it. What I can't seem to find any information on is how to mount iSCSI volumes at boot on FreeBSD, so that the kernel can mount the root partition. Does anyone have any idea how to do this, or if its even possible? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Bacula on FreeBSD Concurrent Jobs
I am trying to set-up my FreeBSD Bacula server to run concurrent jobs, however it only runs one job at a time, and doesn't report why its waiting to execute the second job. I have contacted the Bacula-Users mail list, and know one there seems to have an idea why my configuration isn't working. Thought I would check here and see if anyone else is running concurrent Bacula jobs on their FreeBSD servers. I have Bacula 5.2.10 installed from ports on a 9.0-RELEASE-P3 system, my backups are being written to a eSATA disk volumes. I have added the Max Concurrent Jobs entries everywhere that the Bacula tips and tricks manual page says to add them. Even though I am running backups to disk I went the extra step of adding a spool directory, after it wasn't working and still no dice. If anyone has this working and knows of any special tricks required on FreeBSD to do this, and could pass those on that would be great. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Disk Errors
Just curious, I am sure the likely issue is a bad disk, but I thought there might be a chance this could be caused by possibly by something else. I have three 1TB disks I use for backup, two of them are Western Digital drives I bought specifically for this purpose. One is a Seagate drive that came out of a barebones PC that I replaced with a couple smaller drives in a stripe to gain performance. I use the drives in an external SATA dock, using geom eli encryption, the western digital drives give me no problems, but the seagate drive gives me a lot of the following errors under load. ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=817755328 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=837397120 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=879786112 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=882931200 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=890542016 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=902767296 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=904071296 dmesg info about the drive at connection time: ad4: 953869MB Seagate ST31000528AS CC46 at ata2-master UDMA100 SATA 3Gb/s dmesg info about one of the western digital drives: ad4: 953869MB WDC WD10EARS-00Y5B1 80.00A80 at ata2-master UDMA100 SATA 3Gb/s Before I scrap the drive I just wanted to see if anyone could either say for sure its hardware, or if something else could possibly cause this. I don't suspect the controller, cable or dock as the problems would likely occur with the western Digital drives as well if one of them were involved. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disk Errors
On 2012-07-24 12:50, Wojciech Puchar wrote: Just curious, I am sure the likely issue is a bad disk, but I thought there actually not that likely. i had such problems, occurring randomly on many drives, and all problems disappeared after changing computer, with the same disk. BTW i would recommend you to turn on AHCI driver Now that made me just notice something interesting, my software mirror running on the internal SATA disks that contain the Operating System on this server is using the ahci driver but the external SATA drive isn't guess I am going to have to reboot tonight and check and see if something is set on the controllers BIOS that keeps it from running AHCI. Just an FYI, the server is running entirely on commodity PC hardware, as this is my home web server. Though its running all well known major brands for hardware. It is running FreeBSD 9.0-RELEASE-P3, upgraded a few times via source from an original install of 8.2 on this hardware. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disk Errors
On 2012-07-24 13:04, Dan Nelson wrote: In the last episode (Jul 24), dweimer said: I have three 1TB disks I use for backup, two of them are Western Digital drives I bought specifically for this purpose. One is a Seagate drive that came out of a barebones PC that I replaced with a couple smaller drives in a stripe to gain performance. I use the drives in an external SATA dock, using geom eli encryption, the western digital drives give me no problems, but the seagate drive gives me a lot of the following errors under load. ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=817755328 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=837397120 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=879786112 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=882931200 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=890542016 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=902767296 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=904071296 If you install the sysutils/smartmontools port, you can run smartctl -x /dev/ad4 to dump the drive's SMART attribute table and error logs. Those should give you an indication of whether the drive is going bad. If the drive is logging those write errors in its internal log, then you know it's not a cabling issue. If it's not logging errors, I suppose you might have a loose SATA plug on the drive itself, which would explain why the problem follows the drive around. Running a long test on the drive now, doesn't seem to show anything that sticks out at me as failing right now. smartctl 5.43 2012-06-30 r3573 [FreeBSD 9.0-RELEASE-p3 amd64] (local build) Copyright (C) 2002-12 by Bruce Allen, http://smartmontools.sourceforge.net === START OF INFORMATION SECTION === Model Family: Seagate Barracuda 7200.12 Device Model: ST31000528AS Serial Number:5VP7ST1C LU WWN Device Id: 5 000c50 02f7a3bb4 Firmware Version: CC46 User Capacity:1,000,204,886,016 bytes [1.00 TB] Sector Size: 512 bytes logical/physical Device is:In smartctl database [for details use: -P show] ATA Version is: 8 ATA Standard is: ATA-8-ACS revision 4 Local Time is:Tue Jul 24 14:29:08 2012 CDT SMART support is: Available - device has SMART capability. SMART support is: Enabled AAM level is: 208 (intermediate), recommended: 208 APM feature is: Unavailable Rd look-ahead is: Enabled Write cache is: Enabled ATA Security is: Disabled, NOT FROZEN [SEC1] === START OF READ SMART DATA SECTION === SMART overall-health self-assessment test result: PASSED General SMART Values: Offline data collection status: (0x82) Offline data collection activity was completed without error. Auto Offline Data Collection: Enabled. Self-test execution status: ( 248) Self-test routine in progress... 80% of test remaining. Total time to complete Offline data collection:( 600) seconds. Offline data collection capabilities:(0x7b) SMART execute Offline immediate. Auto Offline data collection on/off support. Suspend Offline collection upon new command. Offline surface scan supported. Self-test supported. Conveyance Self-test supported. Selective Self-test supported. SMART capabilities:(0x0003) Saves SMART data before entering power-saving mode. Supports SMART auto save timer. Error logging capability:(0x01) Error logging supported. General Purpose Logging supported. Short self-test routine recommended polling time:( 1) minutes. Extended self-test routine recommended polling time:( 173) minutes. Conveyance self-test routine recommended polling time:( 2) minutes. SCT capabilities: (0x103f) SCT Status supported. SCT Error Recovery Control supported. SCT Feature Control supported. SCT Data Table supported. SMART Attributes Data Structure revision number: 10 Vendor Specific SMART Attributes with Thresholds: ID# ATTRIBUTE_NAME FLAGSVALUE WORST THRESH FAIL RAW_VALUE 1 Raw_Read_Error_Rate POSR-- 117 099 006-145191418 3 Spin_Up_TimePO 095 095 000-0 4 Start_Stop_Count-O--CK 100 100 020-114 5 Reallocated_Sector_Ct PO--CK 100 100 036-0 7 Seek_Error_Rate POSR
Re: Disk Errors
On 2012-07-24 13:37, jb wrote: dweimer dweimer at dweimer.net writes: ... ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=817755328 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=837397120 ... There is a story about it: http://linux-bsd-sharing.blogspot.com/2009/03/howto-fix-sata-dma-timeout-issues-on.html But do not rush, read the comments as well: ... Tony Schwartz said... Thing is though, I have a secondary issue. This second issue is probably what caused the first issue (DMA TIMEOUTS) to begin with. My disks keep spinning down then up, every 20 seconds or so. I have no idea why this is happening, but it's not just one disk. I think that it was timing out because he disk goes to spin up and that takes too long. Any ideas here? I've used atacontrol and it's not configured to spindown. Thanks. ... Benjamin said... LoL, found the solution and feeling a little embarrassed by it. Good thing I got a GURU in the forums to look at it. It was just the power supply and my disk was spinning down cos the power wasn't sufficient to run 6 HDs and 9 fans for cooling ha ha ha. ... I wouldn't expect power as the external dock has its own power supply, I would expect this to occur on the other drives as well. Though its possible the Seagate drive requires more power than the Western Digital drives, I think I will look up the specs tonight on that, as well as do some searching on the eSATA doc to verify that there haven't been any problems with it and Seagate drives CyberRax said... Just for information: while this hasn't been fixed as elegantly as in the patch FreeBSD does incorporate since 8-STABLE r199158 a solution for the problem: ATA_REQUEST_TIMEOUT kernel option that be be set higher than the default 5. What is needed is adding options ATA_REQUEST_TIMEOUT=X (where X is timeout in seconds) into the kernel configuration file. Changing the timeout will need rebuilding and installing the kernel, but it's still better than nothing. jb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disk Errors
On 2012-07-24 16:10, Warren Block wrote: On Tue, 24 Jul 2012, dweimer wrote: Just curious, I am sure the likely issue is a bad disk, but I thought there might be a chance this could be caused by possibly by something else. I have three 1TB disks I use for backup, two of them are Western Digital drives I bought specifically for this purpose. One is a Seagate drive that came out of a barebones PC that I replaced with a couple smaller drives in a stripe to gain performance. I use the drives in an external SATA dock, using geom eli encryption, the western digital drives give me no problems, but the seagate drive gives me a lot of the following errors under load. ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=817755328 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=837397120 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=879786112 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=882931200 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=890542016 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=902767296 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=904071296 dmesg info about the drive at connection time: ad4: 953869MB Seagate ST31000528AS CC46 at ata2-master UDMA100 SATA 3Gb/s There are more than a few problem reports on the net concerning that drive, even on Seagate's own forums. Both hardware problems and firmware problems. Your later post says you have firmware version CC46, and Seagate has an update to CC49. That's worth a try. http://knowledge.seagate.com/articles/en_US/FAQ/213891en?language=en_US Definately going to try this firmware update, if only it would see the disk through the eSATA controller, but unfortunately it marks it as a JBOD raid instead of straight access to the disk. So this will have to wait until I put my puppy to bed for the night as she keeps trying to eat the pillow from my bed while I am working on this. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disk Errors
On 2012-07-24 21:29, Adam Vande More wrote: On Tue, Jul 24, 2012 at 11:40 AM, dweimer dwei...@dweimer.net wrote: Just curious, I am sure the likely issue is a bad disk, but I thought there might be a chance this could be caused by possibly by something else. I have three 1TB disks I use for backup, two of them are Western Digital drives I bought specifically for this purpose. One is a Seagate drive that came out of a barebones PC that I replaced with a couple smaller drives in a stripe to gain performance. I use the drives in an external SATA dock, using geom eli encryption, the western digital drives give me no problems, but the seagate drive gives me a lot of the following errors under load. ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=817755328 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=837397120 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=879786112 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=882931200 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=890542016 ad4: WARNING - WRITE_DMA48 UDMA ICRC error (retrying request) LBA=902767296 ad4: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=904071296 This type of problem has been a consistent problem on FreeBSD until mid 8.x range. Try upgrading your system to something a little more modern. -- Adam Vande More Its running 9.0-RELEASE-P3 updated from source from an original install of 8.2 on this hardware. I have done the firmware update on the drive, so hopefully I will see an improvement in about 2 hours when tonights backups kick off. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Invalid GPT backup header
On 2012-07-09 15:11, dweimer wrote: I have had a few virtual machine installations come up with gptboot: invalid GPT backup header error message while booting. (some immediately on first boot after install) They still boot fine, and run without problems, but I would like to find a way to fix the problem. Does anyone know how you can write a new GPT backup header to the partition table. I have even gone to the extent of adding a second virtual disk, using gpart to create a partition table and then add new partitions and setup bootstrap then use cpio to copy data over and switched the drive SCSI IDs within the virtual machines configuration to boot from the second drive instead. Still same error message when booting off the new drive. I did however leave out the size option when creating the last UFS partition so it may have filled to the end and overwrote the backup GPT table. I have searched online for a solution to recreating the backup GPT header from the main header, but I have been unable to find anything. Not sure if I am missing something simple, if no one else has had this problem, or if others are just ignoring it since their system works even with it? All the machines with the problem are VMware hosted machines, some on ESX, and some on VMware Workstations. Just a quick update in case someone else runs into this and finds this thread, this problem maybe related to a quirk of some sort in the older version of VMware workstation I am running on my work laptop its running version 6.5 (can't get boss to approve upgrade as the other admins have just decided its better to test on the ESX servers instead of their local machines, which I don't agree with) I had an urgent need to use a this machine to put a temporary work around in place on another problem and used vmware converter to migrate it from my workstation to the ESX servers. No more invalid backup GPT message when booting the one copy on the ESX servers. I am going to manually copy the files for this VM to the version 8 workstation installation on my home machine and see if that one does or doesn't show the warning on boot, to attempt to better narrow down this cause. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is there a way to run FreeBSD ports through port 80?
On 2012-07-12 15:26, Kaya Saman wrote: On 07/12/2012 07:54 PM, Peter Vereshagin wrote: Hello. Why don't you use a portsnap? it's over http... 2012/07/12 19:01:15 +0100 Kaya Saman kayasa...@gmail.com = To Peter Vereshagin : KS I will check it out however and see if that method is best, however KS CVSup would be the best way for us and I'm already looking at this: KS KS http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html 1. cvsup is not about comparison to ftp. cvsup is a way to obtain fresh port for the program distribution, ie set of patches, list of package's files, sample configuration files for the particular program(s) those are not the part of the base system but supplied with taking the OS specs in mind. ftp is a way to obtain a distfile, ie what the 3rd party software developer use to distribute. For FreeBSD ports cvsup and ftp are not competent in the daiy use as they have different purposes. Some 3rd party software is released and published authoritatively on ftp only. And that is the only problem possible for you on ftp usage by freebsd ports. But I believe there is only a few of them you need if any at all. I guess you may want to download the initial ports tree tarball, the ports.tgz, via the ftp. But it's certainly a) available over there via the http and b) is outdated and is needed to be updated via the portsnap and/or cvsup. 2. Use csup from the base system, don't use cvsup from ports if you use its protocol. And, portsnap seems to be even more recommended since some days. KS which should be enough to get a demo up and running. A Demo? Am I invited for the show? ;-) -- Peter Vereshagin pe...@vereshagin.org (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Hi Peter, portsnap works fine :-) My issues start coming into play when building the actual port itself. Ie. fetching the distfile, as you suggested above. As soon as I start running portmaster -a or a 'make install clean' on certain ports, the progress just bombs out totally. It would be really cool if I could find a way to centrally manage all of this. So perhaps in conjunction with CVSup. Something like a Linux repo server if you will - though I mention the term very loosely. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org If the volume of machines you have isn't very high I would consider asking the Director if you could have a machine in the DMZ that would be able to use FTP, and cvsup to get outbound. Install Squid on that, and allow Squid to use FTP then allow only SSH from the inside systems to that machine. From there you can use SSH on the inside systems to tunnel the cvsup data outbound for source updates, and to tunnel the Squid connection outbound to be able to use FTP for the port updates via the SSH tunnel using Squids FTP connect over HTTP. This method would eliminate the need to setup your own local cvsup mirror, but does still allow FTP, but it doesn't leave any internal connections possible except when intended. It doesn't open it up to any users without SSH access into the DMZ machine so it can be controlled who has access to it. As the goto guy at my company for internet security I understand the need to lock things down and sadly wish my boss would allow me to lock down ours more than it is, though I don't see blocking outbound FTP as a requirement (though we only allow passive). Its interesting to see this from the side of the other guy who's stuff doesn't work due to the restrictions in place. I deal all the time with employees trying to do online conferences or file downloads with other companies using obscure tools that won't work through an HTTP proxy, use some random high port like 1 and want me to open up the port through the firewall right then so they can do the conference or get the file without any time to make sure the application is actually safe. Of course the main response to no I can't do that, is why does it work for everyone else on the conference. Can't seem to make them understand that the other people might not have to explain to the bank why they weren't following the PCI (payment card industry) guidelines they signed a document stating we would adhere to. And its my job on the line and not theirs if my allowing the port through the firewall for them allows the security breach. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list
Invalid GPT backup header
I have had a few virtual machine installations come up with gptboot: invalid GPT backup header error message while booting. (some immediately on first boot after install) They still boot fine, and run without problems, but I would like to find a way to fix the problem. Does anyone know how you can write a new GPT backup header to the partition table. I have even gone to the extent of adding a second virtual disk, using gpart to create a partition table and then add new partitions and setup bootstrap then use cpio to copy data over and switched the drive SCSI IDs within the virtual machines configuration to boot from the second drive instead. Still same error message when booting off the new drive. I did however leave out the size option when creating the last UFS partition so it may have filled to the end and overwrote the backup GPT table. I have searched online for a solution to recreating the backup GPT header from the main header, but I have been unable to find anything. Not sure if I am missing something simple, if no one else has had this problem, or if others are just ignoring it since their system works even with it? All the machines with the problem are VMware hosted machines, some on ESX, and some on VMware Workstations. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org