Maildir Format
Hello, I'm setting up the email system on my server. I got rid of sendmail and installed postfix, and I will be installing dovecot. I researched the difference between mbox and maildir formats, and I'm going to go with the Maildir. I'm running everything on ZFS, so many small files shouldn't be a problem. My problem is, before I made any of these changes and was using the default sendmail setup, I was using /usr/bin/mail to read my periodic and cron outputs. However, after I installed postfix with the Maildir delivery option, I quickly realized that /usr/bin/mail doesn't support Maildir. Can anyone suggest a MUA which has support for Maildir that I can use? I'm looking for something simple and command line, similar to /usr/bin/mail that I can use until I get around to installing Dovecot. The only one I know of off the top of my head is mutt. I've never had much use, and thus experience, with unix MUAs. Thank you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: corrupted tar.gz archive - I lost my backups :)/:(
On Mon, Feb 13, 2012 at 8:56 PM, _ wrote: > Hi, > > Before making the move from 7.0 to 8.2, I ran a little script that did a > backup of selected files > and folders. > > Trying to recover these files on 8.2, I found that some of the archives - > unfortunately those with > the files that are dear to me - are corrupted. > > In other words, I just wanted to ask if there's anyone on here, who knows > of a good repair > utility for corrupted tar.gz archives? > > Thanks > > pancakeking79 HrmWhat command/script did you run to create the archive? How did you transfer it over to the new system? What command are you using to attempt to extract it, and what error is it giving? You can try: gunzip < archive.tar.gz > archive.partial.tar Which may or may not giving you some of the files into the archive.partial.tar file. What does gzip --test archive.tar.gz give? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ZFS Root Won't Mount - Unknown Filesystem
On Sat, Jan 7, 2012 at 11:14 AM, Mark Felder wrote: > Hi Drew, > > I'm pretty sure you can't run a RAIDZ as your root pool. That's likely the > problem. Kind of sucks, I know :-( > You can use raidz1 as your root pool. I'm running it right now on my 9.0 system. Drew: My first suggestion is to confirm that you added the proper options in /boot/loader.conf. Mine looks like this: vfs.root.mountfrom="zfs:zroot" zfs_load="YES" In addition, zfs_enable="YES" in your /etc/rc.conf to automount the other zfs filesystems, such as /usr, /var, or whichever ones you setup. Did you set the proper mountpoints on your zfs filesystems before rebooting? As in, `zfs set mountpoint=legacy zroot` and `zfs set mountpoint=/usr zroot/usr` and so on, for each for your file systems. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
PF/ALTQ - Stable TSC?
Hello, I'm setting up pf with altq support in my kernel on freebsd 9.0-Stable (soon to switch to the -RELEASE once it's available). The system is a quad-core Xeon E31220, running amd64. I've done a bit of googling and found various results. I know the freebsd handbook says ALTQ_NOPCC is required on SMP systems. My kern.timecounter.smp_tsc=1, which says the TSC is safe to use in SMP mode. Is it still required to use ALTQ_NOPCC on _ALL_ smp systems? Basically I'm just seeing very different answers with my own research, which is why I'm posting to this list. Thank you! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FreeBSD Gateway, Crossover
Hello, I'm trying to setup a small home network, It consists of my FreeBSD 9.0-RC2 box connected to my modem (just a modem, not modem/router) and two other systems connected directly via ethernet to the freebsd box. I'm able to connect to the internet with the FreeBSD box. I can get an IP via DHCP from my ISP. However, I can't seem to figure out how to setup the gateway routes and the IP addresses for the other system. I'd like to have the internal network be on 192.168.1.0/24. I have 2x 2-port NICs in the freebsd box. em0 - Internet - 1.2.3.4 em1 - System1 - 192.168.1.1 em2 - System2 - 192.168.1.2 I'm kindof lost here. I've played with it a bit, trying to set 192.168.1.0/24 on em1 and em2, then setting the specific IP address on system1 and system2 respectively. I've also tried manually adding routes from 192.168.1.0/24 to 1.2.3.4 (my external IP) to no avail. The system1/2 boxes cannot ping the freebsd box, nor vise-versa. That implies it's not a routing problem, but a problem with the systems getting a proper IP address. Anyone have any tips? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ZFS Filesystems wont auto-mount on boot
On Sat, Dec 3, 2011 at 6:56 AM, CyberLeo Kitsana wrote: > On 12/03/2011 12:28 AM, APseudoUtopia wrote: >> Hello, >> >> I followed a couple tutorials I found through google to setup RAID-Z1 >> on root on FreeBSD 9.0-RC2. Everything works well, except it always >> drops me into a recovery shell on boot. I'm forced to run `zfs mount >> -a` to get all my data visible. Here's the boot log: >> >> Trying to mount root from zfs:root []... >> Dec 3 01:23:07 init: login_getclass: unknown class `daemon` >> cannot open /etc/rc: No such file or directory > > You did not provide a list of your filesystems, so this is just a guess, > but I'd say that, judging by this error, you have /etc on a separate > filesystem. > > At least /bin, /sbin, /lib, /libexec, and /etc must be on your root > filesystem for the boot process to function, since the system bootstrap > (/etc/rc et alia) resides in /etc and uses components in the other > listed directories; it is the system bootstrap which automounts your ZFS > filesystems on boot (zfs_enable). > Ah! That was my problem. Thank you! I read every fine manual I could find, but none of them said anything about those directories required to be on the root filesystem. I appreciate the help! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
ZFS Filesystems wont auto-mount on boot
Hello, I followed a couple tutorials I found through google to setup RAID-Z1 on root on FreeBSD 9.0-RC2. Everything works well, except it always drops me into a recovery shell on boot. I'm forced to run `zfs mount -a` to get all my data visible. Here's the boot log: Trying to mount root from zfs:root []... Dec 3 01:23:07 init: login_getclass: unknown class `daemon` cannot open /etc/rc: No such file or directory Enter full pathname of shell or RETURN for /bin/sh: I then hit return, then run `zfs mount -a` to mount all my zfs filesystems. How can I have zfs automount these filesystems on boot so that the system can continue booting without being interrupted? Thank you! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting up ZFS - Filesystem Properties and Installing on Root
On Thu, Nov 24, 2011 at 2:26 PM, Matthew Seaman wrote: > On 24/11/2011 19:19, APseudoUtopia wrote: >> On Tue, Nov 22, 2011 at 3:06 AM, Matthew Seaman >> wrote: >>> On 22/11/2011 02:09, APseudoUtopia wrote: >>>> Another quick question about swap: If I have 4 drives, with 512MB >>>> swap, the system uses all 4 swap partitions, correct? So it's not like >>>> it'd be going to waste? I'd have a total of 2 GB swap? >>> >>> Well, yes. If you just declare those raw partitions to be swap areas, >>> that will be the case. However, doing this is asking for trouble: you >>> subvert any resilience features obtained by using ZFS with raidz1. If >>> any one of the drives fails, your swap area will break and your system >>> will probably crash. >>> >>> Better to set up two pairs of gmirrors for swap -- the procedure is >>> described here: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/Mirror >>> in section3 "Finish Install." This will effectively give you a raid10 >>> for your swap, with a total size of 1GB. >>> >> >> I'm not sure I understand this. How would that negatively affect the >> raidz1? The swap isn't in the zpool. I understand the system may crash >> if the OS was using the swap space and the drive failed. But would you >> not be able to reboot into a degraded zpool state and still have a >> usable system? >> > > No -- it means a failed disk can cause your system to crash. That's not > resilient behaviour. Yes, the data on the ZFS raidz1 should survive the > crash and the reboot, but the point is ZFS raidz1 should be able to > survive a disk failure like that /without/ a system crash. > Ah! I understand. Thank you for the explanation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting up ZFS - Filesystem Properties and Installing on Root
On Tue, Nov 22, 2011 at 3:06 AM, Matthew Seaman wrote: > On 22/11/2011 02:09, APseudoUtopia wrote: >> Another quick question about swap: If I have 4 drives, with 512MB >> swap, the system uses all 4 swap partitions, correct? So it's not like >> it'd be going to waste? I'd have a total of 2 GB swap? > > Well, yes. If you just declare those raw partitions to be swap areas, > that will be the case. However, doing this is asking for trouble: you > subvert any resilience features obtained by using ZFS with raidz1. If > any one of the drives fails, your swap area will break and your system > will probably crash. > > Better to set up two pairs of gmirrors for swap -- the procedure is > described here: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/Mirror > in section3 "Finish Install." This will effectively give you a raid10 > for your swap, with a total size of 1GB. > I'm not sure I understand this. How would that negatively affect the raidz1? The swap isn't in the zpool. I understand the system may crash if the OS was using the swap space and the drive failed. But would you not be able to reboot into a degraded zpool state and still have a usable system? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting up ZFS - Filesystem Properties and Installing on Root
On Mon, Nov 21, 2011 at 10:14 AM, Daniel Staal wrote: > > On Sun, November 20, 2011 10:34 pm, APseudoUtopia wrote: >> Hello, >> >> I'll be setting up a server with ZFS on 9.0-RELEASE (when it's >> released...). I've never used ZFS before, and although I've been >> reading quite a bit about it, I have some questions. >> >> My plan is to use RAID-Z1 across 4 disks. I'll be using GPT, and I >> would like the root to be ZFS as well. I found a guide: >> http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/RAIDZ1 >> >> In step #4, it has you create boot, swap, and zfs partitions on all 3 >> (which would be 4 in my case) disks. Then, in step #5, you install the >> bootloader into all 3 (4) drives. Why do you need boot and swap >> partitions on EACH disk? It seems to me that you would only need disk >> 1 to have boot, swap, and zfs, and the other 3 disks only have one >> partition (using the entire drive) for zfs's pool. Does it have to do >> with the RAIDZ1 setup? Even then, I don't understand it because it's >> not disk mirroring, it's RAID. The BIOS is set to look on one specific >> disk for the loader, not all of them. It seems I'm not understanding >> something entirely here. > > As someone else said, the BIOS will search attached drives. And remember > that one of the points to using a ZFS raid is that you can get hotswap > drives. If your one drive with a bootloader fails, you can hotswap it and > not notice that it was that drive, which then means your next boot will > fail. > > Personally, I dedicated one small drive to the boot code, and put > everything else in ZFS. There are varying opinions on whether that is a > good idea. ;) > > Swap in theory can be put on the ZFS volume - and I have done so - but I > would not recommend it. It's caused lockups in some situations, which > would have been avoided by putting swap on it's own volume. > >> Also, with ZFS, you can have an unlimited number of filesystems, >> correct? I've been trying to figure out the best way to create these >> filesystems with the appropriate flags (specifically: atime, >> compression, devices, exec, quota, readonly, and setuid). If, for >> example, I set devices=off and suid=off on the tank/var filesystem, it >> is applied to the children filesystem, such as, /var/log, /var/db, and >> so on? The flags/properties can be changed on-the-fly, correct? If, >> for example, I set a filesystem noexec, but later realize I need exec, >> I can change it without issue? > > Yep. As long as you didn't set the volume that has the zfs tools to > noexec. ;) > >> Does anyone with zfs experience have any tips on creating a filesystem >> layout, in terms of which filesystems to create and what >> flags/properties? Would it be bad to set noatime, nosuid, nodev, and >> noexec all on the tank, then allow each property appropriately for >> each directory as necessary? As in, set the whole tank noexec, but >> allow exec for /bin, /usr/home, /usr/local/bin, etc.? > > Well, you already linked to a decent guide to the filesystem layout. > Following it won't get you too far wrong. A couple of thoughts though: > > One thing that might have been useful in my experience is not having / be > /zroot. If I'd set /zroot/root to / (and built everything else below > that) I'd be able to play around a bit more, by setting up other > filesystems under /zroot. (Including things like making a new root volume, > or excluding volumes from snapshots.) Note that would cause changes in > the bootloader code from the wiki example. > > And don't be to worried about getting it 'right the first time': Because > ZFS allows you to create filesystems so easily, you can play around with > it. It's not too hard to move a directory tree to a new filesystem, even > on a live box. ;) You can create copies, try things out, and then use > whatever's the best system for you. > > As for noexec on /... I'd be hesitant. Without being an absolute master > on what is run from where under all circumstances in FreeBSD, it would > worry me. (Does /etc need exec? How about /root? /boot? etc.) I'd > rather err on the side of turning it off where I know I don't need it, > instead of turning it on where I do. If I forget one, it's less likely to > break my system. ;) > > The one other place where I'd disagree with the wiki page you linked would > be on compression: If you have a fairly recent processor in the box, I'd > recommend gzip for just about everywhere. In most cases it'll actually >
Re: Setting up ZFS - Filesystem Properties and Installing on Root
On Sun, Nov 20, 2011 at 11:26 PM, Mehmet Erol Sanliturk wrote: > > > On Sun, Nov 20, 2011 at 10:34 PM, APseudoUtopia > wrote: >> >> Hello, >> >> I'll be setting up a server with ZFS on 9.0-RELEASE (when it's >> released...). I've never used ZFS before, and although I've been >> reading quite a bit about it, I have some questions. >> >> My plan is to use RAID-Z1 across 4 disks. I'll be using GPT, and I >> would like the root to be ZFS as well. I found a guide: >> http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/RAIDZ1 >> >> In step #4, it has you create boot, swap, and zfs partitions on all 3 >> (which would be 4 in my case) disks. Then, in step #5, you install the >> bootloader into all 3 (4) drives. Why do you need boot and swap >> partitions on EACH disk? It seems to me that you would only need disk >> 1 to have boot, swap, and zfs, and the other 3 disks only have one >> partition (using the entire drive) for zfs's pool. Does it have to do >> with the RAIDZ1 setup? Even then, I don't understand it because it's >> not disk mirroring, it's RAID. The BIOS is set to look on one specific >> disk for the loader, not all of them. It seems I'm not understanding >> something entirely here. > > > > http://en.wikipedia.org/wiki/RAID > http://en.wikipedia.org/wiki/Category:RAID > > > If disk 1 fails , the computer ( BIOS ) will look disk 2 . > If disk 2 fails , the computer ( BIOS ) will look disk 3 . > > > If disk ( n - 1 ) fails , the computer ( BIOS ) will look disk ( n ) . > Ah! That makes sense. Thank you! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Setting up ZFS - Filesystem Properties and Installing on Root
Hello, I'll be setting up a server with ZFS on 9.0-RELEASE (when it's released...). I've never used ZFS before, and although I've been reading quite a bit about it, I have some questions. My plan is to use RAID-Z1 across 4 disks. I'll be using GPT, and I would like the root to be ZFS as well. I found a guide: http://wiki.freebsd.org/RootOnZFS/GPTZFSBoot/RAIDZ1 In step #4, it has you create boot, swap, and zfs partitions on all 3 (which would be 4 in my case) disks. Then, in step #5, you install the bootloader into all 3 (4) drives. Why do you need boot and swap partitions on EACH disk? It seems to me that you would only need disk 1 to have boot, swap, and zfs, and the other 3 disks only have one partition (using the entire drive) for zfs's pool. Does it have to do with the RAIDZ1 setup? Even then, I don't understand it because it's not disk mirroring, it's RAID. The BIOS is set to look on one specific disk for the loader, not all of them. It seems I'm not understanding something entirely here. Also, with ZFS, you can have an unlimited number of filesystems, correct? I've been trying to figure out the best way to create these filesystems with the appropriate flags (specifically: atime, compression, devices, exec, quota, readonly, and setuid). If, for example, I set devices=off and suid=off on the tank/var filesystem, it is applied to the children filesystem, such as, /var/log, /var/db, and so on? The flags/properties can be changed on-the-fly, correct? If, for example, I set a filesystem noexec, but later realize I need exec, I can change it without issue? Does anyone with zfs experience have any tips on creating a filesystem layout, in terms of which filesystems to create and what flags/properties? Would it be bad to set noatime, nosuid, nodev, and noexec all on the tank, then allow each property appropriately for each directory as necessary? As in, set the whole tank noexec, but allow exec for /bin, /usr/home, /usr/local/bin, etc.? Thank you all very much! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: gmake format
On Tue, Jan 25, 2011 at 8:37 PM, Da Rock wrote: > You'll have to excuse my ignorance (and my curious mind...), but I can't > seem to find a straight answer to this. I know linux uses gmake, and gmake > is installed via ports on FreeBSD, but does that mean gmake will only create > linux binaries using the abi compatibility? > > Is it possible to translate the Makefile to use make instead and build as a > native binary instead? No, gmake can make binaries that work on freebsd. For example, the Atheme IRC services require gmake, not make on freebsd (at least, last I checked). It's just a difference in the format of the Makefile. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: cron not sending emails
2010/5/28 Laszlo Nagy : > Hi All! > > After upgrading to 8.0 RELEASE, I'm not getting any emails from cron. > > If I put this into root's crontab > > * * * * * echo "TEST" > > then I see this in the maillog: > > May 14 10:53:00 server postfix/sendmail[2958]: fatal: user(1001): No > recipient addresses found in message header > > Just as a side note, I started having this problem a while ago with 7.2-RELEASE, I believe. I was using the base-system sendmail and no special configuration with cron or anything. I never found a solution. I posted on this mailing list and nothing anyone suggested solved it. I ended up just piping every single cron command into /usr/bin/mail: 0 */4 * * * root /usr/local/backups/daily_backup.sh | /usr/bin/mail -E -s "Daily Backup" em...@address.tld That works fine. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: php5-5.3.2 problems since upgrade from php5-5.2.12
On Thu, Apr 22, 2010 at 11:08 AM, Антон Клесс wrote: > > 2010/4/22 APseudoUtopia >> >> On Thu, Apr 22, 2010 at 1:44 AM, n dhert wrote: >> > People using php in webpages are getting all kind of errors concerning >> > depricated functions >> > such as: >> > >> >> Deprecated: Assigning the return value of new by reference is >> >> deprecated >> > It there a way to specify somewhere something so that these funtions >> > still >> > can be used ? >> >> The functions can still be used. It's just a notice saying that their >> usage is deprecated and they will be removed in future versions of >> PHP. >> >> Try asking on the PHP mailing list for non-deprecated ways to do what >> you're trying to do. > > APseudoUtopia, > > which one maillist do you mean? > The PHP-General mailing list: http://www.php.net/mailing-lists.php They would be able to help more. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: php5-5.3.2 problems since upgrade from php5-5.2.12
On Thu, Apr 22, 2010 at 1:44 AM, n dhert wrote: > People using php in webpages are getting all kind of errors concerning > depricated functions > such as: > >> Deprecated: Assigning the return value of new by reference is deprecated > It there a way to specify somewhere something so that these funtions still > can be used ? The functions can still be used. It's just a notice saying that their usage is deprecated and they will be removed in future versions of PHP. Try asking on the PHP mailing list for non-deprecated ways to do what you're trying to do. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Ping from jail not permitted error
On Sat, Apr 17, 2010 at 8:39 PM, Aiza wrote: > My jail has public internet access because i can do pkg_add -r unix2dos and > the package does install. But when I enter ping -c 2 freebsd.org I get > message "ping: socket: Operation not permitted" There is no firewall > running in the jail. > > Any ideas would be helpful. > > Thanks There is a sysctl option on the host which disallows raw sockets from inside any jails, security.jail.allow.raw_sockets See the jail manpage. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: is there a tool for estimating loss rates
2010/2/18 Yavuz Maşlak : > I have 2 leasedlines for internet. the one is in a country. other one is in > a another country. > I am looking for a tool for estimating loss packets between 2 lines. > is there a tool for it? > for instance , while searching, I found badabing tool for that. But I > couldn't understand how it estimates loss packets. > could you give me an example? > > Look into ports/net/mtr. It has a percentage of loss statistic. http://www.bitwizard.nl/mtr/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: speed test in ports?
On Mon, Jan 11, 2010 at 12:45 PM, David Banning wrote: > I wonder if there is something in the ports that tests my DSL speed. > I am guessing that if I installed firefox3 and then installed flash > or Java then I could go to speedtest.net, but I wonder if there is > a simpler solution. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > You don't need ports for thatJust use fetch(1) and grab an ISO of a DVD (or even a CD) from somewhere. Eg, a debian DVD image or freebsd image or whatever. A lot of ISPs boost the first x MB of a transfer to give the illusion that you can download faster when doing speed tests (since speed tests only transfer a small amount of data). Comcast's "PowerBoost" is a perfect example of this. So if you get something bigger, you can monitor the speed of the download and get your speed test that way. If you really want to be accurate, you can do the test several times using mirrors in various geographical areas as well to get a better overall idea of your available bandwidth. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Security Hardening: Removing Permissions; Suggestions
Hey list, I'm working on a shell script that basically removes the group and the other permissions from certain files to harden my system. Right now, the only files I'm doing this on is the GCC compiler collection. I'm asking for suggestions on other files that these permissions can be removed from in order to help further secure the system (a headless db and web server). $CHMOD o=,g= /usr/bin/cc $CHMOD o=,g= /usr/bin/cpp $CHMOD o=,g= /usr/bin/gcov $CHMOD o=,g= /usr/bin/ld $CHMOD o=,g= /usr/bin/gdb $CHMOD o=,g= /usr/bin/c++ Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: cvsup blues
On Mon, Jan 4, 2010 at 9:13 AM, John Almberg wrote: > I am trying to update my ports collection on a new server using cvsup. I've > added a mirror site to my ports-supfile, but keep getting the following > error message: > > on# csup -g -L 2 /root/ports-supfile > Parsing supfile "/root/ports-supfile" > Connecting to cvsup7.us.FreeBSD.org > Cannot connect to 64.215.216.140: Operation not permitted > Will retry at 09:13:28 > > > I've tried several different mirror sites, so the problem seems to be on my > side (unless all the mirror sites are locked?) > > Any ideas? > > Thanks: John The csup servers do have a rate-limiting feature on them. However, I think it gives a different error message than that. "Operating not permitted" makes it seem more like a networking issue on the local machine. Can you ping the IP? Firewall blocking outgoing ports? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
atrun: Missing Shared Object: libpam
# /usr/libexec/atrun /libexec/ld-elf.so.1: Shared object "libpam.so.4" not found, required by "atrun" # find / -type f -name "libpam*" -ls 3274162 284 -r--r--r--1 root wheel 143412 Dec 5 04:48 /usr/lib/libpam.a 3273935 56 -r--r--r--1 root wheel 28296 Dec 4 20:33 /usr/lib/libpam.so.5 # uname -a FreeBSD x.x.x 8.0-RELEASE-p1 FreeBSD 8.0-RELEASE-p1 #0: Sat Dec 5 04:15:16 UTC 2009 r...@x.x.x:/usr/obj/usr/src/sys/TTR i386 Is there a way to recompile at to use the new libpam library (5, instead of 4), without having to compile and/or install all of world? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I have mail, but where?
On Tue, Dec 22, 2009 at 4:55 PM, Andrea Venturoli wrote: > Hello. > > This evening something new appeared on my box. > When I open an xterm or a KDE shell, I get: > "You have 10 mail messages in /var/mail/." > > This does not happen when I login on ttyvX. > > Nothing mail related is on this box (apart from KMail and Thunderbird) and > "ls -l /var/mail" gives only zero size files, none of which is named after > me. > > My home is NFS mounted on a mail server, but that uses Cyrus IMAP, so, > again, nothing relevant is in /var/mail even there. > > Where do I look? > > This is no stopper, but I'm just curious... > > bye & Thanks > av. Type "mail" man 1 mail FreeBSD has a daily cron security and status script that run and send email to root (which then is usually redirected to another user's account). This is probably what is sending the emails - check it and see. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Use of COMPAT Kernel Options
On Fri, Dec 4, 2009 at 5:04 PM, Gardner Bell wrote: > --- On Fri, 12/4/09, Roland Smith wrote: > >> From: Roland Smith >> Subject: Re: Use of COMPAT Kernel Options >> To: "APseudoUtopia" >> Cc: "FreeBSD Questions" >> Date: Friday, December 4, 2009, 9:52 PM >> On Fri, Dec 04, 2009 at 04:39:59PM >> -0500, APseudoUtopia wrote: >> > Hello, >> > >> > I'm working on editing the kernel configuration file >> for a custom >> > kernel. The system will be running FreeBSD >> 8.0-RELEASE-p1. I'm >> > wondering about the use of the COMPAT options in the >> kernel config. >> > COMPAT_43 >> >> Well, COMPAT_43 one isn't even in GENERIC anymore, so I >> guess it is not that >> important anymore. >> >> > COMPAT_43TTY >> >> This is still in the GENERIC kernel. I'd keep it in >> initially. Then build a >> kernel without it. If that fails to start the system >> properly, you'll always >> have a good kernel to fall back on. >> >> Have a look at what is written under COMPATIBILITY OPTIONS >> in /sys/conf/NOTES. >> >> > COMPAT_FREEBSD[4-7] >> >> If you do not have binaries from ealier FreeBSD versions >> around, you can skip >> these. >> > > FWIW, a FreeBSD 8.0 kernel fails to build without COMPAT_FREEBSD7 so I'd keep > that. > > It didn't for meI initially compiled with not a single COMPAT option before I sent the mail to this list. I wanted to inquire about it before I installed the kernel. But it did build with no COMPAT options at all ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Use of COMPAT Kernel Options
Hello, I'm working on editing the kernel configuration file for a custom kernel. The system will be running FreeBSD 8.0-RELEASE-p1. I'm wondering about the use of the COMPAT options in the kernel config. COMPAT_43 COMPAT_43TTY COMPAT_FREEBSD[4-7] I'm not aware of any software I use which requires certain compatibility with old system calls. The system will be running PHP, Nginx, PostgreSQL, InspIRCd, and other small applications (The latest stable releases of each). Is it recommended that I keep certain compatibility flags? If I recall correctly, previous documentation claimed that it was required to keep COMPAT_43TTY, but I no longer see this in the handbook. Thanks for the help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
SMP and ALTQ_NOPCC
Hello, With the improvements in SMP in FreeBSD 8.0, is the ALTQ_NOPCC option still required? In the handbook and other older documentation, it says ALTQ_NOPCC is in fact required on SMP systems because the TSC is unstable. I was wondering if this is still the case after the improvements done with SMP. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Tracking commit messages from cli
On Sun, Nov 8, 2009 at 2:06 PM, Troels Kofoed Jacobsen wrote: > Hi all > > With pkg_version I can easily see which installed ports has newer > versions available, but what I miss is a way to see what has changed. > The reason for this is that commit messages often say that only the > pkg-plist has changed or something that does not make me want to update. > > Right now I'm reading the commit messages from the cvs web frontend, but > it would be awesome with a program that could say: > gd-2.0.35_1,1 < needs updating (index has 2.0.35_2,1) > Commit messages between the versions: > blah blah blah > blah ... ... > ... > > I know freshports exist, but I would rather not have to open a web > browser. > > Does such a program exist or do I have to write my own. In the latter > case can anyone point me to an easy way to get raw-text versions of > commit messages without having to track the whole tree. Does freshports > e.g. have an api -- it has all the necessary information, just not > available in a suitable form (to my knowledge) > > Best regards > Troels Kofoed Jacobsen I asked this question some time ago and never got a response. I currently just use a browser and visit www.freebsd.org/ports/ and read the commit log there. So far, I haven't found any other alternative. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: command to dump entire server config
On Mon, Nov 2, 2009 at 7:25 AM, Mark Powell wrote: > Hi, > I seem to recall a command was added recently to FreeBSD which provides a > dump of the entire server config, in one go. > A google for this yields nothing. > Anyone tell me this timesaving command? > Cheers. > Maybe dump(8) is what you're looking for? I don't know of any command to dump the configuration of a server. Although, it still may exist, I just don't know of it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: APACHE/PHP/MYSQL Password Hash
On Thu, Oct 29, 2009 at 8:52 PM, Monty Pyth wrote: > I have inherited a website to work on that users authenticate to using a > login and password from a login page. The server is FreeBSD 6.2 running > APACHE/PHP/MYSQL. There is a MYSQL table that maintains all of the users. The > table has a users name and password. The password is hashed and some examples > are: > > 02SvtVJnRLzuQ > 42jhVP6kxUBX6 > > Can anyone tell me what file I would look at to see what hash algorithm is > being used to store the passwords in the table? Any help would be great. > > > Looking in the website file that processes the login page. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: freebsd jail: web and database server config questions
On Tue, Oct 13, 2009 at 9:51 AM, Dino Vliet wrote: > > Dear Freebsd people, > > To consolditae on resources I have configured a machine to run both a web and > database server (powering my database driven website). > > Due to security concerns I'm contemplating on introducing a jailed > environment on this machine and want to know if this would be feasible. I > have a few questions for the freebsd community regarding this approach and > hope someone would give me some advice. > > Is it advisable/wise/okay/clever to run a webserver on my host system and a > database server on my jailed system? The webserver will need to connect to > the database system on startup and update the database based on client access. I would recommend either doing it the other way around (webserver inside the jail) or have both web and db inside separate jails. > > However, if a machine gets compromised, it would rather be the webserver, > therefore running the webserver in the jailed environment seems better to me. > But how could that be done, if the webserver requires to connect through > tcp/ip to the database server running on the host system? I thought that a > key-feature of a jailed system is that it can't access resources outside the > jail. > It *may* be possible to set your database software to listen on a unix socket inside the jail dir on the host. For example, if your webserver jail is in /usr/jails/httpd/ on the host, you may be able to have your database listen on a unix socket in, say, /usr/jails/httpd/tmp/. Inside the jail, you can point your web app to use the socket inside /tmp/. I'm not sure if this is possible as I never actually implemented it with my setup, but you can try. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Security blocking question
On Fri, Oct 9, 2009 at 5:45 PM, Aflatoon Aflatooni wrote: > Hi, > The production server that has a public IP address has SSH enabled. This > server is continuously under dictionary attack: > Oct 8 12:58:40 seven sshd[32248]: Invalid user europa from 83.65.199.91 > Oct 8 12:58:40 seven sshd[32250]: Invalid user hacked from 83.65.199.91 > Oct 8 12:58:40 seven sshd[32251]: Invalid user cop\r from 83.65.199.91 > Oct 8 12:58:41 seven sshd[32254]: Invalid user gel from 83.65.199.91 > Oct 8 12:58:41 seven sshd[32255]: Invalid user dork from 83.65.199.91 > Oct 8 12:58:41 seven sshd[32258]: Invalid user eva from 83.65.199.91 > Oct 8 12:58:41 seven sshd[32260]: Invalid user hacker from 83.65.199.91 > Oct 8 12:58:41 seven sshd[32261]: Invalid user copila\r from 83.65.199.91 > Oct 8 12:58:42 seven sshd[32265]: Invalid user dorna from 83.65.199.91 > Oct 8 12:58:42 seven sshd[32264]: Invalid user gelo from 83.65.199.91 > Oct 8 12:58:42 seven sshd[32268]: Invalid user evara from 83.65.199.91 > Oct 8 12:58:43 seven sshd[32270]: Invalid user hack from 83.65.199.91 > Oct 8 12:58:43 seven sshd[32271]: Invalid user copil\r from 83.65.199.91 > Oct 8 12:58:43 seven sshd[32274]: Invalid user Doubled from 83.65.199.91 > Oct 8 12:58:43 seven sshd[32275]: Invalid user gelos from 83.65.199.91 > Oct 8 12:58:44 seven sshd[32278]: Invalid user eve from 83.65.199.91 > > Is there a way that I could configure the server so that if there are for > example X attempts from an IP address then for the next Y hours all the SSH > requests would be ignored from that IP address? > There are only a handful of people who have access to that server. > > Thanks > I don't think OpenSSH has this feature. You would have to look to a firewall solution for this (I recommend PF). There is also software in the ports collection that I've heard of to help this problem. I've never used any of them, but fail2ban seems to be a popular one. I would also recommend using a non-standard SSH port if possible. It would cut down on the bot spam considerably. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jails: /bin/tcsh: Permission Denied
On Mon, Oct 5, 2009 at 4:08 AM, APseudoUtopia wrote: > Hey list, > > I'm setting up jails on my system. I started with a httpd jail for > nginx and php to run in. I used ezjail to create it. I went through > all the steps, and got a jail setup and working. I've logged in and > out several times and installed a couple ports within the jail. I then > added a non-privileged user by running "adduser" as root. However, > that is when the problem came up. For some reason, I cannot switch to > the unprivileged user. The shell is giving me a "Permission Denied" > error. > [snip] I have solved the problem with the help of Google and this thread: https://elektropost.org/ezjail/threads.html#00263 The permissions on the HOST for /usr/jails/httpd and /usr/jails/basejail were set incorrectly. When I installed the jail, I used umask 0077. Those jail directories needed to be chmod'ed 755. Everything works successfully now. Thanks very much for the tips, suggestions, and overall help. If I hadn't found that ezjail mailing list thread, I would've been ripping my hair out for days. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jails: /bin/tcsh: Permission Denied
On Mon, Oct 5, 2009 at 9:28 AM, Glen Barber wrote: > On Mon, Oct 5, 2009 at 1:24 PM, APseudoUtopia wrote: > > [snip] > >> >> Sorry to reply again, but I have some further information. >> >> I used chpass to change the shell of the jailuser account. I tried >> /bin/sh, /bin/csh, /bin/tcsh, and /sbin/nologin. All of those gave the >> same "Permission denied" error. Even nologin gave "Permission denied" >> instead of "This account is currently not available." > > What happens with /bin/false ? > > -- > Glen Barber > Same thing: jailuser:*:1001:1001:User &:/home/jailuser:/bin/false # su jailuser su: /bin/false: Permission denied ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jails: /bin/tcsh: Permission Denied
On Mon, Oct 5, 2009 at 9:19 AM, APseudoUtopia wrote: > On Mon, Oct 5, 2009 at 5:51 AM, Oliver Fromme wrote: >> APseudoUtopia wrote: >> > I'm setting up jails on my system. I started with a httpd jail for >> > nginx and php to run in. I used ezjail to create it. I went through >> > all the steps, and got a jail setup and working. I've logged in and >> > out several times and installed a couple ports within the jail. I then >> > added a non-privileged user by running "adduser" as root. However, >> > that is when the problem came up. For some reason, I cannot switch to >> > the unprivileged user. The shell is giving me a "Permission Denied" >> > error. >> >> What are the permissions on /bin/tcsh inside the jail? >> Is it executable? Are the permissions of all of its >> libraries correct? ("ldd /bin/tcsh" will list the libs.) >> Are the permissions on the home directory correct? >> >> If everything else fails, trace the shell inside the jail >> (with strace, truss or ktrace). It will list the exact >> system call that fails. >> >> By the way, I recommend that jails which contain daemons >> (such as webservers, databases etc.) do not contain login >> accounts. In fact, I never put /bin/tcsh inside a jail >> that contains a webserver. Apache certainly doesn't need >> it. Some ports do need /bin/csh during the build process, >> but for building ports I recommend to use a separate jail >> anyway, create packages and pkg_add them in the actual >> webserver jail. >> >> Just my 2 cents. >> >> Best regards >> Oliver >> >> > > Hi, > > Thanks for the tips. I'm new to jails, and I didn't think it was > possible to build a jail without tcsh. What shell do you use then? > Just /bin/sh? > > /bin/tcsh works for fine for root. I log into the jail by using the > "ezjail-admin console" option, which in turn executes /usr/bin/login. > It logs in as root with a working tcsh shell. I've even changed the > prompt of the shell in /root/.cshrc within the jail. I don't think > it's the tcsh binary itself, rather some other permission. However, > the information you asked for is below. > > As a matter-of-fact, I first ran into this problem when my web server > (nginx) received a "permission denied" error for every file. While > debugging it, I was asked to su to the "www" user. This is when I ran > into this problem of getting a permission denied error for tcsh. > > -r-xr-xr-x 2 root wheel 311400 Oct 5 05:34 /bin/tcsh > > /bin/tcsh: > libncurses.so.7 => /lib/libncurses.so.7 (0x280c5000) > libcrypt.so.4 => /lib/libcrypt.so.4 (0x28104000) > libc.so.7 => /lib/libc.so.7 (0x2811d000) > > -r--r--r-- 1 root wheel 258572 Oct 5 05:34 /lib/libncurses.so.7 > -r--r--r-- 1 root wheel 32020 Oct 5 05:34 /lib/libcrypt.so.4 > -r--r--r-- 1 root wheel 993092 Oct 5 05:34 /lib/libc.so.7 > > drwxr-xr-x 3 root wheel 512 Oct 5 07:49 home > drwxr-xr-x 2 jailuser jailuser 512 Oct 5 07:49 jailuser > > The truss trace is on a pastebin (the output seemed too long for an > email) located at http://pastebin.ca/1594445 > Sorry to reply again, but I have some further information. I used chpass to change the shell of the jailuser account. I tried /bin/sh, /bin/csh, /bin/tcsh, and /sbin/nologin. All of those gave the same "Permission denied" error. Even nologin gave "Permission denied" instead of "This account is currently not available." ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jails: /bin/tcsh: Permission Denied
On Mon, Oct 5, 2009 at 5:51 AM, Oliver Fromme wrote: > APseudoUtopia wrote: > > I'm setting up jails on my system. I started with a httpd jail for > > nginx and php to run in. I used ezjail to create it. I went through > > all the steps, and got a jail setup and working. I've logged in and > > out several times and installed a couple ports within the jail. I then > > added a non-privileged user by running "adduser" as root. However, > > that is when the problem came up. For some reason, I cannot switch to > > the unprivileged user. The shell is giving me a "Permission Denied" > > error. > > What are the permissions on /bin/tcsh inside the jail? > Is it executable? Are the permissions of all of its > libraries correct? ("ldd /bin/tcsh" will list the libs.) > Are the permissions on the home directory correct? > > If everything else fails, trace the shell inside the jail > (with strace, truss or ktrace). It will list the exact > system call that fails. > > By the way, I recommend that jails which contain daemons > (such as webservers, databases etc.) do not contain login > accounts. In fact, I never put /bin/tcsh inside a jail > that contains a webserver. Apache certainly doesn't need > it. Some ports do need /bin/csh during the build process, > but for building ports I recommend to use a separate jail > anyway, create packages and pkg_add them in the actual > webserver jail. > > Just my 2 cents. > > Best regards > Oliver > > Hi, Thanks for the tips. I'm new to jails, and I didn't think it was possible to build a jail without tcsh. What shell do you use then? Just /bin/sh? /bin/tcsh works for fine for root. I log into the jail by using the "ezjail-admin console" option, which in turn executes /usr/bin/login. It logs in as root with a working tcsh shell. I've even changed the prompt of the shell in /root/.cshrc within the jail. I don't think it's the tcsh binary itself, rather some other permission. However, the information you asked for is below. As a matter-of-fact, I first ran into this problem when my web server (nginx) received a "permission denied" error for every file. While debugging it, I was asked to su to the "www" user. This is when I ran into this problem of getting a permission denied error for tcsh. -r-xr-xr-x 2 root wheel 311400 Oct 5 05:34 /bin/tcsh /bin/tcsh: libncurses.so.7 => /lib/libncurses.so.7 (0x280c5000) libcrypt.so.4 => /lib/libcrypt.so.4 (0x28104000) libc.so.7 => /lib/libc.so.7 (0x2811d000) -r--r--r-- 1 root wheel 258572 Oct 5 05:34 /lib/libncurses.so.7 -r--r--r-- 1 root wheel 32020 Oct 5 05:34 /lib/libcrypt.so.4 -r--r--r-- 1 root wheel 993092 Oct 5 05:34 /lib/libc.so.7 drwxr-xr-x 3 root wheel 512 Oct 5 07:49 home drwxr-xr-x 2 jailuser jailuser 512 Oct 5 07:49 jailuser The truss trace is on a pastebin (the output seemed too long for an email) located at http://pastebin.ca/1594445 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Jails: /bin/tcsh: Permission Denied
Hey list, I'm setting up jails on my system. I started with a httpd jail for nginx and php to run in. I used ezjail to create it. I went through all the steps, and got a jail setup and working. I've logged in and out several times and installed a couple ports within the jail. I then added a non-privileged user by running "adduser" as root. However, that is when the problem came up. For some reason, I cannot switch to the unprivileged user. The shell is giving me a "Permission Denied" error. # su - jailuser su: no directory # su jailuser su: /bin/tcsh: Permission denied The line in /etc/passwd of the jail: jailuser:*:1001:1001:User &:/home/jailuser:/bin/tcsh The host and jail are running 7.2-RELEASE-p4. /bin/tcsh is listed in /etc/shells. I tried running "pwd_mkdb /etc/master.passwd" to no avail. Any ideas on why I am getting a permission denied error? More info, if needed: Mount on the host system: /dev/ad2s1a on / (ufs, local, noatime) devfs on /dev (devfs, local) /dev/ufs/tmp on /tmp (ufs, local, noatime, soft-updates) /dev/ad2s1f on /usr (ufs, local, noatime, soft-updates) /dev/ad2s1e on /var (ufs, local, noatime, soft-updates) /usr/jails/basejail on /usr/jails/httpd/basejail (nullfs, local, read-only) devfs on /usr/jails/httpd/dev (devfs, local) Mount on the jail: /dev/ad2s1f on / (ufs, local, noatime, soft-updates) /etc/fstab.httpd on host: /usr/jails/basejail /usr/jails/httpd/basejail nullfs ro 0 0 # ls -al /usr/jails/ drwx-- 9 root wheel 512 Oct 5 05:34 basejail drwx-- 3 root wheel 512 Oct 5 05:34 flavours drwx-- 12 root wheel 512 Oct 5 07:49 httpd drwxr-xr-x 12 root wheel 512 Oct 5 05:34 newjail Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: measuring mysql usage
On Mon, Aug 31, 2009 at 12:20 PM, John Almberg wrote: > Anyone know of a tool that can measure mysql usage per mysql user? > > My database is getting hammered by something, but I'm having a hard time > figuring out what. It seems to come and go. Perhaps I have one or two > websites that are just getting a lot of traffic, and maybe they just need > their own machines. I'm not sure, which is why I'm looking for ways to start > monitoring these sites and their resource usage - particularly db usage - > more closely. > > Any thoughts or tips, much appreciated. > > Thanks: John > Check out mTop. http://mtop.sourceforge.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Information on Setting up a Jailed Webserver
On Thu, Aug 27, 2009 at 11:03 AM, Adam Vande More wrote: > On Thu, Aug 27, 2009 at 9:13 AM, APseudoUtopia > wrote: >> >> On Wed, Aug 26, 2009 at 11:35 PM, Erich Dollansky >> wrote: >> > Hi, >> > >> > On 27 August 2009 am 11:10:37 Adam Vande More wrote: >> >> On Wed, Aug 26, 2009 at 9:59 PM, APseudoUtopia >> > wrote: >> >> > >> >> > Also, how memory-intensive is a jail? >> >> >> >> Very light when compared to other virtualization methods. >> > >> > jails share the kernel but not the world. >> > >> > So, there will be only one kernel loaded but all libraries in use >> > will be loaded individually by each jail when needed. >> > >> > Jails need some more disk space as the world, all libraries needed >> > and all applications needed are installed individually in each >> > jail. >> > >> > This can be minimised with proper planning of what runs it what >> > jail. >> > >> > Erich >> > >> >> Thanks for the helpful replies. I have a couple of questions: >> >> When a jail is compromised, the only thing I have to do to recover the >> system is delete the jail and create a new one, correct? The host >> system is untouched even if a jail is compromised? > > Really depends on how you're using the jail, but under standard usage yes. >> >> >> And how does the upgrade process work? I know the userland must be the >> same for the host system and the jail. If I want to upgrade to, say, >> FreeBSD 8 when released, what is the process? I'd imagine it goes >> something like this, but I'm not sure: >> -Shut down jail >> -Upgrade host system >> -Install host binaries >> -Install jail binaries >> -Restart jail >> >> Or is there more to the process than what it seems? > > That's the basic process, however as mentioned before checkout ezjail. It > makes administering multiple jails much easier and can save you disk space. >> >> >> Thanks again. Ok, thanks. Two more questions then I should be ready to go with my jail(s). In order to minimize the HDD space of the jail, can I add things in my src.conf such as WITHOUT_BOOT, WITHOUT_ACPI, WITHOUT_PF? I do use pf on the host system, but it isn't needed inside the jail as well, correct? Also, is it possible to compile a port (specifically nginx) inside the host, then simply cp it into the jail and run it? I'd like to do this to avoid installing a compiler into the jail itself. Thanks again for the help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Information on Setting up a Jailed Webserver
On Wed, Aug 26, 2009 at 11:35 PM, Erich Dollansky wrote: > Hi, > > On 27 August 2009 am 11:10:37 Adam Vande More wrote: >> On Wed, Aug 26, 2009 at 9:59 PM, APseudoUtopia > wrote: >> > >> > Also, how memory-intensive is a jail? >> >> Very light when compared to other virtualization methods. > > jails share the kernel but not the world. > > So, there will be only one kernel loaded but all libraries in use > will be loaded individually by each jail when needed. > > Jails need some more disk space as the world, all libraries needed > and all applications needed are installed individually in each > jail. > > This can be minimised with proper planning of what runs it what > jail. > > Erich > Thanks for the helpful replies. I have a couple of questions: When a jail is compromised, the only thing I have to do to recover the system is delete the jail and create a new one, correct? The host system is untouched even if a jail is compromised? And how does the upgrade process work? I know the userland must be the same for the host system and the jail. If I want to upgrade to, say, FreeBSD 8 when released, what is the process? I'd imagine it goes something like this, but I'm not sure: -Shut down jail -Upgrade host system -Install host binaries -Install jail binaries -Restart jail Or is there more to the process than what it seems? Thanks again. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Information on Setting up a Jailed Webserver
Hello, I have a small site which runs PostgreSQL, Nginx, and PHP. I'm looking into running nginx inside a jailed host on my server for security reasons (eg, if there is a hole in a php script). The website root is actually a working copy of my subversion repository. I have svnserve running through OpenVPN. My plan would be to have svnserve and OpenVPN running on the "main" system, and nginx/php running inside a jail. I was wondering if it would be somehow possible to run a command on the main system that updates the svn working copy inside the jail for nginx to serve. Would I need to do the "svn up" over tcp/ip from the jail to the main system? Or can I somehow update it via file://path/to/main/repo? I've never used or setup a jail before, so how everything works is a bit confusing to me. Right now, I use an svn post-commit hook to update the www working copy. Also, how memory-intensive is a jail? I'm willing to run postgresql in another jail as well if it wouldn't be too memory-intensive. And possibly even an IRC server. I'm running FreeBSD 7.2-RELEASE-p3. Thank you for the suggestions, advise, and criticisms. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Trouble Upgrading VIM
On Tue, Jun 30, 2009 at 6:58 PM, Glen Barber wrote: > On Tue, Jun 30, 2009 at 6:48 PM, APseudoUtopia wrote: >> >> Yes, it is current (I mentioned this in the original email). > > Sorry, I missed it initially. > >> >> I run portsnap fetch update on a daily basis. This didn't solve the >> problem after a week or so, so I decided to `rm -rf /usr/ports/*` and >> run portsnap fetch extract to see if it helped. It did not. >> >> Do you mean editing the Makefile and adding quotes? I'll try doing >> that now and see if it works. >> > > Here's the PR that was filed as a result of the original thread: > http://www.freebsd.org/cgi/query-pr.cgi?pr=136027 > > -- > Glen Barber > Thanks. I changed some stuff in my Makefile around from the PR and it solved the problem. I appreciate it. I'm not sure why portsnap isn't receiving the updated file. It seems very odd. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Trouble Upgrading VIM
On Tue, Jun 30, 2009 at 6:38 PM, Glen Barber wrote: > On Tue, Jun 30, 2009 at 6:15 PM, APseudoUtopia wrote: >> Hey, >> >> I emailed the list about two weeks ago, but received no responses. I'm >> having problems upgrading the VIM-Lite port from version 7.2.171 to >> 7.2.209. I'm getting the following error: >> >> => 7.2.041% doesn't seem to exist in /usr/ports/distfiles/vim. >> => Attempting to fetch from http://ftp.vim.org/pub/vim/patches/7.2/. >> fetch: http://ftp.vim.org/pub/vim/patches/7.2/7.2.041%: Bad Request >> > > I saw this in a thread a few days (weeks) ago. > > Try putting "quotes" around the patch with the "%" sign. That is > (most likely) what is causing problems. > > I thought this was patched -- is your ports tree current? > > -- > Glen Barber > Yes, it is current (I mentioned this in the original email). I run portsnap fetch update on a daily basis. This didn't solve the problem after a week or so, so I decided to `rm -rf /usr/ports/*` and run portsnap fetch extract to see if it helped. It did not. Do you mean editing the Makefile and adding quotes? I'll try doing that now and see if it works. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Trouble Upgrading VIM
Hey, I emailed the list about two weeks ago, but received no responses. I'm having problems upgrading the VIM-Lite port from version 7.2.171 to 7.2.209. I'm getting the following error: => 7.2.041% doesn't seem to exist in /usr/ports/distfiles/vim. => Attempting to fetch from http://ftp.vim.org/pub/vim/patches/7.2/. fetch: http://ftp.vim.org/pub/vim/patches/7.2/7.2.041%: Bad Request This "Bad Request" continues for all the mirrors of the patch file. It seems that a percent sign is being appended to the URL for some reason. I was informed on IRC that this was a known problem and it was corrected some time ago. I have been updating my ports tree both daily (via the cron option) and immediately before I try updating. I use Portsnap to update the tree. This did not solve the problem. I then deleted my entire ports tree, along with all files in /var/db/portsnap, then ran portsnap fetch extract. After extracting an entirely new ports tree, the error upgrading VIM-Lite still occurred. Any ideas on how to solve this problem? It's been going on for some time now. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Vim-Lite Port Refuses to Update
Hey, I'm having issues with the vim-lite port. I have it installed, and I'm trying to update it. However, when the system attempts to fetch the patches, it fails. Here's the log: http://pastebin.ca/1468178 It seems like it's putting a % on the end of the URL that it is trying to fetch. Any ideas? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: difference between cvsup and portsnap
On Fri, May 29, 2009 at 1:09 PM, Barry McCormick wrote: > Here at my work we use FreeBSD in production. We have the following > debate and wish to know better the differences between cvsup(csup) and > portsnap. One of my co-workers think that portsnap should NOT be used > and only gets the latest and greatest port collection, no matter what > version of FreeBSD is on the server. For example, if you are still > running a 5.4 stable box in production and use any of the portsnap, > portupgrade, etc utilities, you would pull the current version ports and > NOT from teh directory of the 5.4 ports. I.E, risk breaking the > production box. So you should not use portsnap ever except for dev > boxes. > > I have always used portsnap to set up a new machine. I have never had > it pull a wrong port that I knew of. I think it has to pay attention to > the version of the ports it is pulling. > > > which is right? This is a major issue with our production servers. > Thanks > There is no "5.4" branch of the ports collection. If you're running FreeBSD 2, you have the same exact ports collection as FreeBSD 8 does (as long as you get an updated copy of the ports collection, of course). CSup gets the instant CVS revision of the ports collection. Portsnap is a bit delayed because it fetches a tarball of the collection (it doesn't check out from CVS). However, portsnap uses a secure key to verify the integrity of the snapshot retrieved. I personally use portsnap. It's also easier to script. I have this in my crontab; 0 0 * * * root/usr/sbin/portsnap -I cron update && /usr/sbin/pkg_version -I -L = -v It updates the index files, not the actual ports collection itself. This way, it wont interrupt any currently running compiles or upgrades. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Another uptime story
On Wed, May 27, 2009 at 5:00 PM, Karl Vogel wrote: >>> On Wed, 27 May 2009 09:02:08 -0500, >>> Andrew Gould said: > > A> You could write a script that sends uptime output and a start/stop > A> flag to a database when the system starts and stops. This wouldn't > A> account for improper shutdowns, although you could tell when a "stop" > A> date/time was missing. > > I have a script which runs fping on a bunch of servers and writes > a timestamp for any host that answers. It's run every minute from > cron on our loghost. Another script watches the results and sends > me an IM if any of my boxes fails to respond for 3 minutes. > > I can put up a tarball if anyone's interested. > I'd be interested in a set of scripts like that. I appreciate it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: silly Q: any script running before make install /w ports ?
On Sun, May 24, 2009 at 8:31 AM, Robert Joosten wrote: > Hi, > > I have a standard umask of 0077 on a box. > > I grabbed irssi from ports, but he doesn't connect to any irc server... > running it as root will. Now I suspect that umask setting of mine. > > That leaves me with a silly question: is there any script running before I > enter 'make install' ? I cannot find it in the dev. section of the > handbook about creating ports. > > Regards, > Robert I've had the same problem. Not with irssi, but with other pieces of software from the ports collection. I've just gotten into the habit of running `umask 0022` before I use portmaster, then `umask 0077` afterwords. I don't think there's any way to automatically run a certain command/script before compiling or installing a port. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Upgrading to New Kernel - Hung on Boot
On Sun, May 10, 2009 at 8:05 AM, Boris Samorodov wrote: > On Sun, 10 May 2009 00:08:42 -0400 APseudoUtopia wrote: > >> I have a FreeBSD 7.0-RELEASE system. I'm trying to upgrade to 7.2, >> specifically the RELENG_7_2 tag. > >> I synced my sources via csup, built world, built kernel, and installed >> kernel. All went well. I rebooted into single user mode, and the >> kernel hung. The loader menu came up, but when the kernel starts >> loading it hangs. > >> I recovered it by dropping to a loader prompt and loading kernel.old. >> It booted up fine. > >> I have attached the kernel config I used to buildkernel. I'm guessing >> it has something to do with this. > >> In case it's relevant, the system is a dual-core Intel Xeon, with >> HyperThreading disabled. > > If you have a custom kernel and get any problems than the first thing to > do is to build GENERIC kernel and see if the problem still exists. BTW, > don't forget to copy your /boot/kernel.old directory to > /boot/kernel.good, else it will be deletted when installing a new > kernel. > > Ah, yes, sorry, I forgot to mention that I have GENERIC installed to /boot/GENERIC, and it does load perfectly fine without any problems. It's just the new kernel that hangs on boot. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Upgrading to New Kernel - Hung on Boot
Hey, I have a FreeBSD 7.0-RELEASE system. I'm trying to upgrade to 7.2, specifically the RELENG_7_2 tag. I synced my sources via csup, built world, built kernel, and installed kernel. All went well. I rebooted into single user mode, and the kernel hung. The loader menu came up, but when the kernel starts loading it hangs. I recovered it by dropping to a loader prompt and loading kernel.old. It booted up fine. I have attached the kernel config I used to buildkernel. I'm guessing it has something to do with this. In case it's relevant, the system is a dual-core Intel Xeon, with HyperThreading disabled. Thanks. # # Kernel configuration file for FreeBSD/i386 # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ../../conf/NOTES and NOTES files. # If you are in doubt as to the purpose or necessity of a line, check first # in NOTES. # cpu I686_CPU ident KERN options SCHED_ULE # ULE scheduler options PREEMPTION # Enable kernel thread preemption options INET# InterNETworking options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support #optionsUFS_ACL # Support for access control lists #optionsUFS_DIRHASH # Improve performance on big directories options UFS_GJOURNAL# Enable gjournal-based UFS journaling #optionsMD_ROOT # MD is a potential root device options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS# Pseudo-filesystem framework options GEOM_PART_GPT # GUID Partition Tables. options GEOM_LABEL # Provides labelization options COMPAT_43TTY# BSD 4.3 TTY compat [KEEP THIS!] options SCSI_DELAY=100 # Delay (in ms) before probing SCSI #optionsKTRACE # ktrace(1) support #optionsSTACK # stack(9) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options KBD_INSTALL_CDEV# install a CDEV entry in /dev options ADAPTIVE_GIANT # Giant mutex is adaptive. options STOP_NMI# Stop CPUS using NMI instead of IPI #optionsAUDIT # Security event auditing #optionsKDTRACE_HOOKS # Kernel DTrace hooks # SMP options SMP # Symmetric MultiProcessor Kernel device apic# I/O APIC options IPI_PREEMPTION # Preempt threads running on other CPUs if needed # Networking options DEVICE_POLLING options HZ=1000 device em # Intel PRO/1000 Gigabit Ethernet Family device loop# Network loopback device ether # Ethernet support device tun # Packet tunnel. device bpf # Berkeley packet filter device pf # OpenBSD's Packet Filter device pflog options ALTQ options ALTQ_RED# Random Early Detection options ALTQ_RIO# RED In/Out options ALTQ_PRIQ # Priority Queueing options ALTQ_NOPCC # Required for SMP options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP # Misc device pci # PCI Bus Support options PANIC_REBOOT_WAIT_TIME=-1 # Wait indefinitely after kernel panic # ATA and ATAPI devices device ata device atadisk # ATA disk drives options ATA_STATIC_ID # Static device numbering # atkbdc0 controls both the keyboard and the PS/2 mouse #device atkbdc # AT keyboard controller #device atkbd # AT keyboard #device kbdmux # keyboard multiplexer #device splash # Splash screen and screen saver support # syscons is the default console driver, resembling an SCO console #device sc # Pseudo devices. device random # Entropy device device pty # Pseudo-ttys (telnet etc) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Frozen on Boot - Kernel Hanging?
Hey, My server was fine when I went to work. When I got back, it was dead. I had the datacenter reboot it, and it refused to boot. It just hangs with no error message when booting. After the "Welcome to FreeBSD" menu, it just freezes up. I have no idea where to start to fix this. Any ideas? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
HyperThreading
Hello, I'm running FreeBSD 7.2-RELEASE on a dual-core Xeon. It has a custom compiled SMP kernel, ACPI enabled, with the ULE scheduler. I've been looking into HyperThreading, and I've come to the conclusion that I should not use it. I've been told that HTT is disabled by default, however sysctl and dmesg seems to contradict that: CPU: Intel(R) Xeon(TM) CPU 2.40GHz (2395.93-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf29 Stepping = 9 Features=0xbfebfbff Features2=0x4400 Logical CPUs per core: 2 FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP/HT): APIC ID: 1 cpu2 (AP): APIC ID: 2 cpu3 (AP/HT): APIC ID: 3 cpu0: on acpi0 cpu1: on acpi0 cpu2: on acpi0 cpu3: on acpi0 SMP: AP CPU #2 Launched! SMP: AP CPU #3 Launched! SMP: AP CPU #1 Launched! machdep.hyperthreading_allowed: 1 hw.ncpu: 4 kern.smp.disabled: 0 kern.smp.active: 1 Am I correct to assume that the above means that HTT is enabled? There is nothing in my loader.conf, sysctl.conf, or kernel config file related to hyperthreading. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Problem with make config and OPTIONS
On Wed, Apr 29, 2009 at 10:20 AM, Aurélien Ansel wrote: > Hi, > (sorry for my poor english) > > I have a problem, I'm trying to upgrade an existing port (net/scapy) , I > have done some changes in the Makefile but when I test the command 'make > config' I have : > > ===> Options unchanged > > I haven't the dialog box with the differents kinds of Options that are > written in the Makefile, i have try the 'make rmconfig' but no change. > I am working on my personnal directory, not in /usr/ports/... > > The Makefile is: > > # New ports collection makefile for: scapy > # Date created: 08 dec 2005 > # Whom: vanhu > # > # $FreeBSD: ports/net/scapy/Makefile,v 1.6 2008/11/19 20:41:56 lwhsu Exp $ > # > # TODO: - configurable --enable-xxx for various additional dependancies > > PORTNAME= scapy > PORTVERSION= 2.0.0.10 > CATEGORIES= net > MASTER_SITES= http://secdev.org/projects/scapy/files/ > > MAINTAINER= va...@netasq.com > COMMENT= Powerful interactive packet manipulation program in python > > RUN_DEPENDS= ${PYTHON_SITELIBDIR}/dnet.so:${PORTSDIR}/net/py-libdnet \ > ${PYTHON_SITELIBDIR}/pcap.py:${PORTSDIR}/net/py-pcap > > MAN1= scapy.1 > MANCOMPRESSED= yes > > USE_PYTHON= 2.5+ > USE_PYDISTUTILS=yes > > OPTIONS= PYX "Support for PostScript and PDF graphs drawing" off \ > PYCRYPTO "Support for py-crypto for WEP decoding" off \ > PYGNUPLOT "Support for py-gnuplot wrapper to plot graphs" off \ > P0F_BASE "Support for p0f OS signatures database" off \ > QUESO_BASE "Support for queso OS signatures database" off \ > NMAP "Support for nmap OS signatures database" off \ > MANUF "Support for wireshark's MANUF MAC database" off > > .include > > .if defined(WITH_PYX) > RUN_DEPENDS+= > ${PYTHON_SITELIBDIR}/pyx/__init__.py:${PORTSDIR}/graphics/py-PyX > .endif > > .if defined(WITH_PYCRYPTO) > RUN_DEPENDS+= > ${PYTHON_SITELIBDIR}/Crypto/__init__.py:${PORTSDIR}/security/py-pycrypto > .endif > > .if defined(WITH_PYGNUPLOT) > RUN_DEPENDS+= > ${PYTHON_SITELIBDIR}/Gnuplot/__init__.py:${PORTSDIR}/math/py-gnuplot > .endif > > .if defined(WITH_P0F_BASE) > RUN_DEPENDS+= ${LOCALBASE}/etc/p0f/p0f.fp:${PORTSDIR}/net-mgmt/p0f > .endif > > .if defined(WITH_QUESO_BASE) > RUN_DEPENDS+= ${LOCALBASE}/etc/queso.conf:${PORTSDIR}/net/queso > .endif > > .if defined(WITH_NMAP) > RUN_DEPENDS+= > ${LOCALBASE}/share/nmap/nmap-os-fingerprints:${PORTSDIR}/security/nmap > .endif > > .if defined(WITH_MANUF) > RUN_DEPENDS+= > ${LOCALBASE}/share/wireshark/manuf:${PORTSDIR}/net/wireshark > .endif > > SCAPY_MODULES= nmap.py p0f.py queso.py > > post-patch: > @${REINPLACE_CMD} "s,share/man/man1,man/man1," ${WRKSRC}/setup.py > @${REINPLACE_CMD} "s,%%LOCALBASE%%,${LOCALBASE}," \ > ${SCAPY_MODULES:S,^,${WRKSRC}/scapy/modules/,} \ > ${WRKSRC}/scapy/config.py \ > ${WRKSRC}/scapy/utils6.py > > .include > > > > > - Aurélien Ansel The port options are stored in /var/db/ports. You can delete the "options" file for your package from that dir. There's also ways to force the configuration of files using portupgrade/portmaster. For portmaster, the command is "portmaster --force-config". I don't know about portupgrade. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: lightweight webserver that can run php
On Sat, Apr 18, 2009 at 2:19 AM, Andrew wrote: > Hi All, > > Does anyone have any suggestions for a lightweight webserver that will run > php? > Apache is too bulky for what I need and thttpd won't allow me to run php. > > TIA > Andrew If you choose to run php via FastCGI, check out PHP-FPM. It's a patch that greatly speeds up php's FastCGI performance. It honestly does help significantly. There's a FreeBSD port in the "Archives Download" section of the website. http://php-fpm.anight.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: 7.1 System Crashing
On Tue, Apr 14, 2009 at 8:49 PM, Fbsd1 wrote: > APseudoUtopia wrote: >> >> My FreeBSD 7.1-RELEASE-p3 system has gone down a few times in the last >> two days. I'm trying to figure out why, but there is nothing in >> /var/log/messages or dmesg about the incident. >> >> Here's the output from the `last` command: >> User ttyp0 1.2.3.4 Tue Apr 14 19:02 still logged in >> User ttyp0 1.2.3.4 Tue Apr 14 18:52 - 19:02 (00:09) >> reboot ~ Tue Apr 14 18:52 >> User ttyp0 1.2.3.4 Tue Apr 14 18:42 - crash (00:09) >> User ttyp0 1.2.3.4 Tue Apr 14 16:06 - 18:42 (02:36) >> User ttyp0 1.2.3.4 Tue Apr 14 11:23 - 12:53 (01:29) >> reboot ~ Tue Apr 14 07:44 >> User ttyp0 1.2.3.4 Mon Apr 13 20:01 - 22:58 (02:57) >> User ttyp0 1.2.3.4 Mon Apr 13 19:56 - 20:01 (00:04) >> User ttyp0 1.2.3.4 Mon Apr 13 19:31 - 19:56 (00:25) >> User ttyp0 1.2.3.4 Sun Apr 12 15:02 - 16:15 (01:12) >> User ttyp0 1.2.3.4 Sun Apr 12 14:48 - 15:02 (00:14) >> reboot ~ Sun Apr 12 14:48 >> shutdown ~ Sun Apr 12 14:45 >> User ttyp0 1.2.3.4 Sun Apr 12 14:24 - shutdown (00:21) >> User ttyp0 1.2.3.4 Sat Apr 11 13:03 - 17:00 (03:56) >> wtmp begins Wed Apr 1 21:21:28 UTC 2009 >> >> >> >> As you can see, the system reboot several times, and crashed the most >> recent time. Only one of the shutdown/reboots listed is valid - the >> furthest one. >> I have no idea why it is rebooting/crashing. It has been completely >> stable until about 1-2 days ago. If anyone can direct me to post the >> output to any commands or any log messages, I'd be more than willing >> to do so in order to help anyone diagnose my problem. >> >> Thank you for your time. >> >> > > What you are experiencing are the early warning signs of disk drive failure > or over heating problems. > > Before doing any thing else make backup of your user data if you have not > done so already. > > Then open your box and use a small brush and a can of compressed air to blow > the dust off the motherboard and the fans. Give special attention to the fan > in the power supply. If PC is older than 3 years or has over 1 year of > continues use then replace the power supply. > > IF problem still happens replace hard drive. > > > The system is in a colocation center which I don't have access to. The HDD crashed several months ago and was replaced by a brand new drive (or so I was told). So I'm leaning towards a heat or PSU problem. I installed Healthd on the system to monitor such things, however it didn't detect the hardware properly. Apparently the voltage in my CPU core was 0.00, as was the temperature. Is there any other way to monitor these things? Everyone: Thanks for all the help. I'll open up a ticket with my host to get them to look at it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
7.1 System Crashing
My FreeBSD 7.1-RELEASE-p3 system has gone down a few times in the last two days. I'm trying to figure out why, but there is nothing in /var/log/messages or dmesg about the incident. Here's the output from the `last` command: User ttyp01.2.3.4Tue Apr 14 19:02 still logged in User ttyp01.2.3.4Tue Apr 14 18:52 - 19:02 (00:09) reboot ~ Tue Apr 14 18:52 User ttyp01.2.3.4Tue Apr 14 18:42 - crash (00:09) User ttyp01.2.3.4Tue Apr 14 16:06 - 18:42 (02:36) User ttyp01.2.3.4Tue Apr 14 11:23 - 12:53 (01:29) reboot ~ Tue Apr 14 07:44 User ttyp01.2.3.4Mon Apr 13 20:01 - 22:58 (02:57) User ttyp01.2.3.4Mon Apr 13 19:56 - 20:01 (00:04) User ttyp01.2.3.4Mon Apr 13 19:31 - 19:56 (00:25) User ttyp01.2.3.4Sun Apr 12 15:02 - 16:15 (01:12) User ttyp01.2.3.4Sun Apr 12 14:48 - 15:02 (00:14) reboot ~ Sun Apr 12 14:48 shutdown ~ Sun Apr 12 14:45 User ttyp01.2.3.4Sun Apr 12 14:24 - shutdown (00:21) User ttyp01.2.3.4Sat Apr 11 13:03 - 17:00 (03:56) wtmp begins Wed Apr 1 21:21:28 UTC 2009 As you can see, the system reboot several times, and crashed the most recent time. Only one of the shutdown/reboots listed is valid - the furthest one. I have no idea why it is rebooting/crashing. It has been completely stable until about 1-2 days ago. If anyone can direct me to post the output to any commands or any log messages, I'd be more than willing to do so in order to help anyone diagnose my problem. Thank you for your time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Build/Install world via ssh
On Wed, Apr 1, 2009 at 5:38 PM, Simon Griffiths wrote: > Hello, > > I tried to get an answer to this via web searches etc. I have a freebsd 7 > box that I plan on upgrading remotely via > > Make buildworld > Make buildkernel KERNCONF=xyz > > Now im stuck, I cannot get it down to single user because I only have > access via ssh. Would it hurt to > > Make installkernel KERNCONF=xyz > Make installworld > > Mergemaster etc. > > Reboot > > ? > > TIA, > > Simon > I upgrade, compile, and install kernels and the world remotely on a semi-regular basis. You just have to be careful with things, such as installing the kernel to an alternate dir in /boot/ and using nextboot(8) to test the kernel. You ABSOLUTELY have a chance of something going wrong and hosing your system. Make sure you back up files (and transfer those backups to another system). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Portsnap vs CSup
On Thu, Mar 19, 2009 at 2:39 PM, Kalle Møller wrote: > Hi > > I've been digging around, but I can't find a clear answer, which of those > two is the "correct" to use. Hence I don't use one now, so if I'm going to > learn one, I would prefer it to be the right one. > > -- > /km I'm sure they're both "correct." I used to use csup (because that was what I learned first - no real reason). Then I switched to portsnap because I read that it has a secure key system to verify the integrity of the download. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Wed, Mar 4, 2009 at 11:38 AM, Morgan Wesström wrote: >> Yeah, I am aware what "dnl" does. The reason I commented that stuff >> out is because I have no use for any of it - all those files (access, >> local-host-names, mailertable, virtusertable, etc) are all empty by >> default and I had no reason to add anything to them. I'll try going >> back to the default config and putting the RELAY line in the access >> file. >> >> Thanks once again for the help. I really do appreciate the time. > > Sendmail is not an open relay by default so you need at least one RELAY > entry in /etc/mail/access for it to forward mail externally. I'm still > curious of where it picks up that w...@localhost but chances are it will > disappear as soon as you have a valid access config. > /Morgan > ___ I still can't figure this whole issue out. I've tried everything suggested in this thread, including reverting back to the default sendmail config files. I created a work-around by just piping all my crontabs into /usr/bin/mail and sending output using that method. It doesn't solve it, but it works for now. Thanks for all the help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Wed, Mar 4, 2009 at 5:36 AM, Morgan Wesström wrote: > APseudoUtopia wrote: >>> In my case I only see either "local" there or my smart host as defined >>> in /var/mail/{hostname}.mc >>> Can you provide a "diff -u" between /etc/mail/freebsd.mc and >>> /etc/mail/{hostname}.mc ? >>> >>> /Morgan >> >> I'd switch over to postfix, but I'm only using this to send output >> from cron and the daily security run scripts. I don't receive any mail >> over the network, so I think it'd be pointless to go through the >> effort of switching and configuring another MTA. >> >> Here's the diff. I figured it was too long to include in the email >> (word wrap will make it hard to read :-P) >> http://pastebin.ca/1352338 >> > > > I'm no expert on Sendmail but you are aware that "dnl" is Sendmail's way > of commenting out a line, aren't you? In your config you have disabled > pretty much every configuration file in /etc/mail, especially > /etc/mail/access which defines who can relay mail through the local MTA. > I'm pretty sure this isn't a good idea. Apart from this I couldn't see > any major differences between your config and FreeBSD's default. Why not > try to use the default config and make sure to populate /etc/mail/access > with at least "127.0.0.1 RELAY" and try again? > /Morgan Yeah, I am aware what "dnl" does. The reason I commented that stuff out is because I have no use for any of it - all those files (access, local-host-names, mailertable, virtusertable, etc) are all empty by default and I had no reason to add anything to them. I'll try going back to the default config and putting the RELAY line in the access file. Thanks once again for the help. I really do appreciate the time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Tue, Mar 3, 2009 at 6:48 PM, Morgan Wesström wrote: >> relay=...@localhost Isn't "w...@localhost" a very weird hostname for a relay? Can you really resolve that into an IP address? /Morgan >>> Hm, I'm not sure where it's getting that from. The MAILTO variable is >>> set in the crontab, so it shouldn't be going to or relaying through >>> localhost at all, right? It should go directly to gmail's servers? >> >> If grep 'n23LA0td086797' /var/log/maillog only yields one entry, then >> something is wrong with your email setup. There should at least be one more >> entry from the spooler to pickup final destination. And yes, the >> relay 'w...@localhost' seems odd, but since I gave up sendmail for postfix >> years ago, I'm not current with how it spits things into syslog. >> > > In my case I only see either "local" there or my smart host as defined > in /var/mail/{hostname}.mc > Can you provide a "diff -u" between /etc/mail/freebsd.mc and > /etc/mail/{hostname}.mc ? > > /Morgan I'd switch over to postfix, but I'm only using this to send output from cron and the daily security run scripts. I don't receive any mail over the network, so I think it'd be pointless to go through the effort of switching and configuring another MTA. Here's the diff. I figured it was too long to include in the email (word wrap will make it hard to read :-P) http://pastebin.ca/1352338 Here's the full contents of /etc/mail/{hostname}.mc http://pastebin.ca/1352340 Thanks for the help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Tue, Mar 3, 2009 at 5:44 PM, Glen Barber wrote: > On Tue, Mar 3, 2009 at 5:29 PM, APseudoUtopia wrote: >> >> I have tested it - and sending mail manually from command line to the >> gmail account works fine without any problems. >> > > What I'm saying is that you changed two of the variables without > actually verifying one or the other work first. Change the MAILTO > back to root and retest. > > > -- > Glen Barber > SHELL=/bin/sh #mailto=st...@tastetherainbow.ws MAILTO=root * * * * * /sbin/ping -c4 localhost Still no email. Same message in the maillog: Mar 3 22:48:00 youcant sendmail[92113]: n23Mm0vP092113: from=www, size=0, class=0, nrcpts=0, msgid=<200903032248.n23mm0vp092...@youcant.tastetherainbow.ws>, relay=...@localhost This is driving me crazy :-\ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Tue, Mar 3, 2009 at 4:52 PM, Morgan Wesström wrote: > > Glen Barber wrote: >> On Tue, Mar 3, 2009 at 4:10 PM, APseudoUtopia >> wrote: >>> Thanks for the tips. I've put the following line in my normal user >>> account's crontab (This account does have a shell, it's one I use on a >>> daily basis): >>> >>> SHELL=/bin/sh >>> mailto=my_email_acco...@gmail.com >>> * * * * * /sbin/ping -c4 localhost >>> >>> I'm getting no emails at all. In /var/log/maillog, I'm getting the >>> following output: >>> >>> Mar 3 21:10:00 domain sendmail[86797]: n23LA0td086797: from=www, >>> size=0, class=0, nrcpts=0, >>> msgid=<200903032110.n23la0td086...@subdomain.domain.tld>, >>> relay=...@localhost > > Isn't "w...@localhost" a very weird hostname for a relay? Can you really > resolve that into an IP address? > /Morgan Hm, I'm not sure where it's getting that from. The MAILTO variable is set in the crontab, so it shouldn't be going to or relaying through localhost at all, right? It should go directly to gmail's servers? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Tue, Mar 3, 2009 at 4:17 PM, Glen Barber wrote: > On Tue, Mar 3, 2009 at 4:10 PM, APseudoUtopia wrote: >> Thanks for the tips. I've put the following line in my normal user >> account's crontab (This account does have a shell, it's one I use on a >> daily basis): >> >> SHELL=/bin/sh >> mailto=my_email_acco...@gmail.com >> * * * * * /sbin/ping -c4 localhost >> >> I'm getting no emails at all. In /var/log/maillog, I'm getting the >> following output: >> >> Mar 3 21:10:00 domain sendmail[86797]: n23LA0td086797: from=www, >> size=0, class=0, nrcpts=0, >> msgid=<200903032110.n23la0td086...@subdomain.domain.tld>, >> relay=...@localhost >> > > You've replaced a problem with another problem. Have you tried to > send the mail locally first? > > -- > Glen Barber > I have tested it - and sending mail manually from command line to the gmail account works fine without any problems. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Mon, Mar 2, 2009 at 10:14 PM, Glen Barber wrote: > On Sun, Mar 1, 2009 at 2:24 PM, APseudoUtopia wrote: > [snip] >> >> # >> # User www's crontab >> # Note, I also tried removing the MAILTO to no avail >> # >> MAILTO=root >> # m h dom mon dow cmd >> * * * * * echo "Hello" >> >> > [snip] > > 1.) You are not using the full path to /bin/echo, which is why it is failing. > > 2.) This is a poor designed way to test cron's mail output. > > A Better(tm) way would be something like: > MAILTO=root > */5 * * * * /bin/ping -c1 localhost >/dev/null > > which would mail to root on success or failure. > > Regards, > > -- > Glen Barber > Thanks for the tips. I've put the following line in my normal user account's crontab (This account does have a shell, it's one I use on a daily basis): SHELL=/bin/sh mailto=my_email_acco...@gmail.com * * * * * /sbin/ping -c4 localhost I'm getting no emails at all. In /var/log/maillog, I'm getting the following output: Mar 3 21:10:00 domain sendmail[86797]: n23LA0td086797: from=www, size=0, class=0, nrcpts=0, msgid=<200903032110.n23la0td086...@subdomain.domain.tld>, relay=...@localhost ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Cron Not Sending Mail
On Sun, Mar 1, 2009 at 9:03 PM, Frank Shute wrote: > On Sun, Mar 01, 2009 at 02:24:47PM -0500, APseudoUtopia wrote: >> >> Cron is not sending output as emails. I noticed this when I stopped >> seeing the output of a backup script in my daily email. I thought >> there was a problem with the backup script - but no, it's cron not >> sending the emails. >> >> I had this problem before on 6.1, which I never found a solution to. I >> gave up on it, and eventually I upgraded to 7.1. After the upgrade, >> cron worked perfectly. However, I just noticed that it stopped working >> again. I have no idea what changed (It's a production server, I >> haven't been playing with config files). >> >> User www's mail is redirected to root, which is redirected to a @gmail >> account via /etc/aliases. >> This is on 7.1-RELEASE-p3 running a custom kernel. >> >> Any solution to this problem would be fantastic. I use the emails from >> cron on a daily basis, and it really messes me up to have it not >> working. >> >> # >> # User www's crontab >> # Note, I also tried removing the MAILTO to no avail >> # >> MAILTO=root >> # m h dom mon dow cmd >> * * * * * echo "Hello" >> >> >> >> # /var/log/cron >> >> Mar 1 19:22:00 youcant /usr/sbin/cron[22627]: (operator) CMD >> (/usr/libexec/save-entropy) >> Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, >> group_compat, setgrent, not found >> Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, >> group_compat, endgrent, not found >> Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, >> passwd_compat, endpwent, not found >> Mar 1 19:22:00 youcant /usr/sbin/cron[22628]: (www) CMD (echo "Hello") >> Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, >> group_compat, setgrent, not found >> Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, >> group_compat, endgrent, not found >> Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, >> passwd_compat, endpwent, not found >> Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, >> group_compat, setgrent, not found >> Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, >> group_compat, endgrent, not found >> Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, >> passwd_compat, endpwent, not found >> >> >> >> >> # /var/log/maillog >> >> Mar 1 19:22:00 youcant sendmail[22630]: n21JM0Gl022630: from=www, >> size=0, class=0, nrcpts=0, >> msgid=<200903011922.n21jm0gl022...@youcant.tastetherainbow.ws>, >> relay=...@localhost > > It looks like you're using user: www for your crontab. > > Unfortunately, from /etc/passwd: > > www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin > > i.e user www can't do much without a shell. > > Create a crontab as a user with a shell, MAILTO to your gmail account. > > The user may want to be a member of a group with privileges. Or use > sudo. > > Don't forget to add him to /var/cron/allow as per manpage for > crontab(1). > > You could set SHELL in your crontab for www (might work) but I'd use a > different user who's a member of group operator maybe. > > Hope that helps. > > Regards, > > -- > > Frank > > > Contact info: http://www.shute.org.uk/misc/contact.html > > Thanks for the suggestions. The backup script I have in the crontab still runs perfectly fine - there's just no output. So cron itself is working, just not any email output. I'll try playing around with the MAILTO and the SHELL and such to try and get it working. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Cron Not Sending Mail
Cron is not sending output as emails. I noticed this when I stopped seeing the output of a backup script in my daily email. I thought there was a problem with the backup script - but no, it's cron not sending the emails. I had this problem before on 6.1, which I never found a solution to. I gave up on it, and eventually I upgraded to 7.1. After the upgrade, cron worked perfectly. However, I just noticed that it stopped working again. I have no idea what changed (It's a production server, I haven't been playing with config files). User www's mail is redirected to root, which is redirected to a @gmail account via /etc/aliases. This is on 7.1-RELEASE-p3 running a custom kernel. Any solution to this problem would be fantastic. I use the emails from cron on a daily basis, and it really messes me up to have it not working. # # User www's crontab # Note, I also tried removing the MAILTO to no avail # MAILTO=root # m h dom mon dow cmd * * * * * echo "Hello" # /var/log/cron Mar 1 19:22:00 youcant /usr/sbin/cron[22627]: (operator) CMD (/usr/libexec/save-entropy) Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, group_compat, setgrent, not found Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, group_compat, endgrent, not found Mar 1 19:22:00 youcant cron[22627]: NSSWITCH(nss_method_lookup): nis, passwd_compat, endpwent, not found Mar 1 19:22:00 youcant /usr/sbin/cron[22628]: (www) CMD (echo "Hello") Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, group_compat, setgrent, not found Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, group_compat, endgrent, not found Mar 1 19:22:00 youcant cron[22628]: NSSWITCH(nss_method_lookup): nis, passwd_compat, endpwent, not found Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, group_compat, setgrent, not found Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, group_compat, endgrent, not found Mar 1 19:22:00 youcant cron[22630]: NSSWITCH(nss_method_lookup): nis, passwd_compat, endpwent, not found # /var/log/maillog Mar 1 19:22:00 youcant sendmail[22630]: n21JM0Gl022630: from=www, size=0, class=0, nrcpts=0, msgid=<200903011922.n21jm0gl022...@youcant.tastetherainbow.ws>, relay=...@localhost ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: change root pasword
On Wed, Jan 21, 2009 at 2:35 PM, Valdis Ziediņš wrote: > hi, > i'm new your product user! my first admin leave new server with freebsd! > someone change root pasword can you help me step by step change this > pasword! i'll be thankfull! > > i'm now studing your product but if you can help me it would be nice! > > best regart valdis > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > man passwd ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD 7.0-Stable Crashed with Cacti
On Tue, Jan 6, 2009 at 3:30 AM, Kalpin Erlangga Silaen wrote: > Dear All, > > we face problem with running cacti on FreeBSD 7.0-Stable. From top command > output: > - snip - > We realized that all cacti process just eat my cpu and memory (STATE: pfault) > and my server should be reboot. > Is there any way how to fix it? > > Thank you > > Kalpin Erlangga Silaen Cacti runs the poller script using php. It looks like the poller script is taking too long to finish, and it ends up having several instances running at the same time. I'd recommend that you look into the 'Spine' poller (formally known as Cactid). It's a threading C program, which is _MUCH_ faster than php will ever be. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: PHP Apache module no longer loads /usr/local/etc/php.ini
On Tue, Jan 6, 2009 at 12:26 AM, Morgan Wesström wrote: > Hi. > > I have two almost identical FreeBSD servers with FreeBSD 7.0, Apache > 2.2.11 and PHP 5.2.8. After a restart of Apache four days ago, the PHP > module on one of those servers no longer loads /usr/local/etc/php.ini > and I can't for my world figure out what's preventing it. My workaround > right now is to move php.ini to / where it is loaded properly. > > phpinfo on non-working server: > http://pp.dyndns.biz/phpinfo.php > > phpinfo on working server: > http://prefectftp.no-ip.com/phpinfo.php > > According to php.net the default location for php.ini is /usr/local/lib > and to change that you have to compile PHP with > --with-config-file-path=/some/path but I can't see that this is done on > FreeBSD. Still /usr/local/etc is listed in phpinfo's "Configuration File > (php.ini) Path". What mechanism does FreeBSD use to alter the default > location of the ini file? Can I somehow have interfered with that mechanism? > > The following things DO work though: > - Setting PHPRC to /usr/local/etc (as described in php.ini) and > restarting Apache loads /usr/local/etc/php.ini correctly. > - CLI version works correctly regardless of PHPRC: > # php -i | grep php.ini > Configuration File (php.ini) Path => /usr/local/etc > Loaded Configuration File => /usr/local/etc/php.ini > > No errors are listed in any log-file and I've been banging my head > against the wall for four days now trying to solve this... Any help > would be appreciated to figure out what stupid mistake I've made. :-) > > Regards > Morgan > Notice: Configuration File (php.ini) Path /usr/local/etc Loaded Configuration File /php.ini So it _IS_ looking in /usr/local/etc/ for a php.ini file, it just can't find it. Move the file back to /usr/local/etc/, then make sure the permissions are correct (so the www-data user can read) on both the php.ini file and the directories above it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Portsnap "Not Found" Issues
Running FreeBSD 7.0-RELEASE-p5. [r...@host][/tmp] # portsnap fetch update Looking up portsnap.FreeBSD.org mirrors... 3 mirrors found. Fetching snapshot tag from portsnap2.FreeBSD.org... done. Fetching snapshot metadata... fetch: http://portsnap2.FreeBSD.org/t/c503dc715eebbd771a82ca25cdda8e7977af043b914af2726a3bcea67360db30: Not Found sha256: c503dc715eebbd771a82ca25cdda8e7977af043b914af2726a3bcea67360db30: No such file or directory [: !=: unexpected operator mv: rename c503dc715eebbd771a82ca25cdda8e7977af043b914af2726a3bcea67360db30 to tINDEX.new: No such file or directory done. grep: tINDEX.new: No such file or directory look: tINDEX.new: No such file or directory Portsnap metadata appears bogus. Cowardly refusing to proceed any further. [r...@host][/tmp] # Any solutions? I didn't touch any portsnap.conf file or anything. It was working fine last I checked. A week later I run the command, and this happens. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: MySQL version upgrade
On Fri, Jan 2, 2009 at 10:40 AM, Jos Chrispijn wrote: > I currently have running: > > mysql-client-4.0.27 & mysql-server-4.0.27, who I would like to upgrade to > mysql-client-5.0.75 & mysql-server-5.0.75 > > I can imagine that there is a database issue here as the 4.0 records might > differ from the 5.0 ones. > Is there a way of upgrading smoothly? I did upgrade my databases in advance. > > -- best Wishes for 2009 and thank you for your support in the last year. > ___ > freebsd-questions@freebsd.org mailing list I'd recommend that you read up on the MySQL documentation on the subject of upgrading. I don't mean to be mean, but it's not exactly a FreeBSD issue :-P http://dev.mysql.com/doc/refman/5.0/en/upgrade.html and http://dev.mysql.com/doc/refman/5.0/en/upgrading-from-4-1.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Security Exploits...to report, or not to report?
On Thu, Dec 25, 2008 at 4:39 PM, Modulok wrote: > List, > > This isn't really FreeBSD related, but I have no one else to consult: > > I was given an FTP account on a server for company X. Being a UNIX > guy, I did some poking around and discovered a security flaw in how > they set their web server up, which would permit anyone at the company > with an FTP account, to intercept ANY data that passed through the > company website. > > Question: > Do I tell them about it? On the one hand I want to do the 'right > thing' and tell them about it and how to fix it. On the other, I don't > want to be criminally prosecuted for finding the flaw. I'm not > implying that they would do such a thing, but in order to find said > flaw, I had to be poking around. > > Suggestions? > -Modulok- Personally, I'd tell them. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Unable to load dynamic library '/usr/local/lib/php/20060613/gd.so
On Tue, Dec 9, 2008 at 2:58 AM, Zbigniew Szalbot <[EMAIL PROTECTED]> wrote: > Hi, > > I have upgraded php to 5.2.8 because of security notices and then got > this problem. > > PHP Warning: PHP Startup: Unable to load dynamic library > '/usr/local/lib/php/20060613/gd.so' - > /usr/local/lib/php/20060613/gd.so: Undefined symbol > "gdImageCreateFromXpm" in Unknown on line 0 > > It comes from one of the php scripts run by cron. I googled and found > out Roberto's advice what to do (in short reinstall php5-gd): > http://lists.freebsd.org/pipermail/freebsd-questions/2007-May/149974.html > > It seems to have solved this issue. I am mentioning it in case someone > runs across the same problem. > > Have a nice day! > > -- I've run across this problem several times while upgrading PHP. You just gotta reinstall the various PHP extensions until it fixes the problem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pf or ipf rules to allow p2p Limewire through
On Thu, Nov 27, 2008 at 3:56 AM, Fbsd1 <[EMAIL PROTECTED]> wrote: > What pf or ipf firewall keep-state rules needed to allow p2p application > such as limewire through? Using same firewall rules as in handbook example. Well, what port does limewire use? You need to figure out what port each application uses, then open the port in your firewall rules. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall rules for bitlord, yahoo, limewire
On Thu, Nov 27, 2008 at 12:25 AM, Andrew Gould <[EMAIL PROTECTED]> wrote: > On Wed, Nov 26, 2008 at 6:40 PM, Fbsd1 <[EMAIL PROTECTED]> wrote: > >> dick hoogendijk wrote: >> >> > My unofficial take on it is that limewire is a peer-to-peer sharing application used by Windows, Mac OS X and Linux users to share files, usually music, often copyrighted, over the internet. It is one of the fastest, most effective ways to spread viruses, trojans, spyware, etc. >>> >>> Is this your FreeBSD POV or more windows oriented? >>> >>> The program does not use fixed ports, so the services are hard to block. In essence, the program gets the user to bypass security measures from the inside. >>> >>> I have never needed a block on limewire. Firstly, all main conmputers >>> run solaris and therefore also limewire on solaris and secondly, all >>> windows machines are virtual. So -IF- one of them is infected I just >>> put a recent snapshot ;-) >>> >>> >> Limewire is a windows only application. >> So how can you say it runs on solaris which is a flavor Unix? > > > The Limewire website says it has versions for Windows, Mac OS X, Linux and > others, including OS/2 and Solaris. Yeah. Limewire is written in Java (iirc), which makes it extremely easy to port it to any system that can run java. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Regarding beer and optimal hacker productivity
On Mon, Nov 24, 2008 at 2:03 PM, Bill Moran <[EMAIL PROTECTED]> wrote: > > Somewhere, out on the WWW, there was a study (perhaps an imaginary study) > on what the optimal blood alcohol level was for software development. > > Someone on this list must know what I'm talking about and have a link to > the study and/or the name of it ... > > I'm putting together a business case for beer at work ;) > > -- > Bill Moran > http://www.potentialtech.com http://xkcd.com/323/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PHP Session Support in /tmp
Hey. PHP stores session data for the 'file' handler in /tmp, by default. For organizational purposes, I'd like to change this to something like /tmp/php_sessions/ or so. However, I have the clear_tmp_enable feature enabled, so /tmp is cleared on reboot. PHP wont create the php_sessions dir on it's own. So basically, I'm looking for a way to create the dir /tmp/php_sessions/ each time the server is booted BEFORE apache starts. I'm sure I could do this somehow with the rc.d scripts, but I really have no idea how. Thanks very much. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Permission Denied for "find" command; No idea why
Hey. I've been writing a set of sh backup scripts over the past few days. I'm having some trouble with the final thing with them. This is the command that is being run by the "www" user via cron: /usr/bin/find /usr/local/backups/ -ctime +7d -type f -not -name "*daily_backup*" -ls (Eventually, I'm going to change the "-ls" to "-delete") This is the "ls -al" of /usr/local/backups: drwxrwx--- 2 www wheel512 Nov 13 04:29 . drwxr-xr-x 15 root wheel512 Nov 12 20:24 .. -rw--- 1 www wheel 22250785 Nov 13 04:18 2008-11-13.mysql-main.sql -rw--- 1 www wheel 124781 Nov 13 04:18 2008-11-13.mysql-staffwiki.sql -rw--- 1 www wheel 674306 Nov 13 04:18 2008-11-13.mysql-wiki.sql -rw--- 1 www wheel 111845376 Nov 13 04:18 2008-11-13.www.tar -r-xrw 1 www wheel 8109 Nov 13 04:16 daily_backup.sh For some reason, the "find" command above is getting a "permission denied." And, again, the "find" command is being run by the "www" user, who owns the files and dir. The exact message is: "find: .: Permission denied" The "find" permissions: -r-xr-xr-x 1 root wheel 36800 Oct 23 01:17 /usr/bin/find Also, all dirs above /usr/local/backups (/usr and /usr/local) are +x for the "other" user, so the www should be able to enter them: drwxr-xr-x 17 root wheel 512 Nov 12 20:38 usr drwxr-xr-x 15 root wheel 512 Nov 12 20:24 local Does anyone have any idea what's causing this permission denied error? Obviously it's some sort of permissions problem, but I have no idea where or what exactly it is. It's driving me crazy. Thanks a lot in advance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: port versions query
On Fri, Oct 31, 2008 at 7:50 PM, Jim Pazarena <[EMAIL PROTECTED]> wrote: > > I tried the 5.1 mysql port, and found that it was a 5.1.26-rc ... RC > > so I rolled back to 5.0.67 > > Is there a way to tell in general what version is 'current' for FreeBSD 7? > How could I query any given port in general and see which version it would > install? > -- > Jim Pazarena [EMAIL PROTECTED] You could view the ports tree online at http://www.freebsd.org/ports/ If you read the Makefile, changelog, and/or description, it'll tell you which version it is. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Locked out of Root
Hey, I have one user (other than root and the other system users) on my box, and that user is _NOT_ in the wheel group. I also have root logins disabled via SSH. This is a remote server and all I have is SSH access. Is there any way that I can gain root? I know the root password and everything, but I just can't get to it. The user is not in the wheel group, and root login is disabled in SSH. Thanks for any help/advice. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"