Re: is is able to setting up DNS server reverse lookup with DynamicIP?
Chuck Swiger wrote: On Jul 12, 2007, at 10:09 PM, vuthecuong wrote: I just confirm only: I'm using dynamicDNS, so I will able to specify the forward *AND* reverse lookups? No. Reverse lookups are controlled by whoever owns the IP delegation for the netblock in question, and they are not going to configure PTR records for dynamic IPs. If you want to have reverse lookups you control, you'll need to get static IPs. Slight correction. To do what you want, you will need to get a static ip. Then you can request your isp (or whoever owns the ip block) to setup the PTR record for you. *whois -a 192.41.170.214* OrgName:Asia Pacific Network Information Centre OrgID: APNIC Address:PO Box 2131 City: Milton StateProv: QLD PostalCode: 4064 Country:AU ReferralServer: whois://whois.apnic.net NetRange: 192.41.170.0 - 192.41.170.255 CIDR: 192.41.170.0/24 NetName:APNIC-ERX-192-41-170-0 NetHandle: NET-192-41-170-0-1 Parent: NET-192-0-0-0-0 NetType:Early Registrations, Transferred to APNIC Comment:This IP address range is not registered in the ARIN database. Comment:This range was transferred to the APNIC Whois Database as Comment:part of the ERX (Early Registration Transfer) project. Comment:For details, refer to the APNIC Whois Database via Comment:WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl Comment:** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment:for the Asia Pacific region. APNIC does not operate networks Comment:using this IP address range and is not able to investigate Comment:spam or abuse reports relating to these addresses. For more Comment:help, refer to http://www.apnic.net/info/faq/abuse RegDate:2005-01-31 Updated:2005-01-31 OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3100 OrgTechEmail: [EMAIL PROTECTED] # ARIN WHOIS database, last updated 2007-07-12 19:10 # Enter ? for additional hints on searching ARIN's WHOIS database. *whois -h WHOIS.APNIC.NET 192.41.170.214* % [whois.apnic.net node-1] % Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html inetnum: 192.41.170.0 - 192.41.170.255 netname: AIT-CS-NET descr:imported inetnum object for AIT-4 country: TH admin-c: KK705-AP tech-c: KK705-AP status: ASSIGNED PORTABLE remarks: -- remarks: imported from ARIN object: remarks: remarks: inetnum: 192.41.170.0 - 192.41.170.255 remarks: netname: AIT-CS-NET remarks: org-id: AIT-4 remarks: status: assignment remarks: rev-srv: CS4.CS.AIT.AC.TH NS.THNIC.NET NS.UU.NET remarks: tech-c: KK96-ARIN remarks: reg-date:1988-07-08 remarks: changed: [EMAIL PROTECTED] 19950525 remarks: source: ARIN remarks: remarks: -- notify: [EMAIL PROTECTED] mnt-by: APNIC-HM changed: [EMAIL PROTECTED] 19950525 changed: [EMAIL PROTECTED] 20041222 source: APNIC person: Kanchana Kanchanasut address: Asian Institute of Technology Km 42 Paholtothin Road Pratumthani Province country: TH phone:+662 5245703 e-mail: [EMAIL PROTECTED] nic-hdl: KK705-AP remarks: -- remarks: imported from ARIN object: remarks: remarks: poc-handle: KK96-ARIN remarks: is-role: N remarks: last-name: Kanchanasut remarks: first-name: Kanchana remarks: street: Asian Institute of Technology Km 42 Paholtothin Road Pratumthani Province remarks: country: TH remarks: mailbox: [EMAIL PROTECTED] remarks: bus-phone: +662 5245703 remarks: reg-date:1992-11-23 remarks: changed: [EMAIL PROTECTED] 19921123 remarks: source: ARIN remarks: remarks: -- notify: [EMAIL PROTECTED] mnt-by: MNT-ERX-ASIANINSTIOFTECHN-NON-TH changed: [EMAIL PROTECTED] 20041222 source: APNIC ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Adding a new command
Lisa I just went through the same migration about a month ago. Here some things that may help. 1. As far as the location of custom scripts go. I would make your own location. Either /opt/companyname/bin sbin etc. or /usr/local/companyname/bin sbin and etc. This type of setup makes it very easier to tar a single directory and move it to another server. 2.Edit the /etc/bash_profile, /etc/profile, /etc/csh.cshc or other global shell config files, and make sure your custom binary directories are in everyones path by default. 3. Don't fight it. Symlink /bin/bash to /usr/local/bin/bash. There is nothing wrong with doing this, and will save you a headache when things start to break. 4. Fix your custom scripts. The /bin/bash should have already been taken care of via the symlink. Another useful thing you may want to do is go through all your shell scripts and fix paths. A lot of my scripts start with a bunch of lines that look like: awk=`which awk` perl=`which perl` rather then hard coding the path. This can be helpful, but be careful as it allows users to hijack your scripts.. Ie: in the above scenario I could create a script in my homedir called awk, and put my homedir in the beginning of my path. 5. Test you scripts extensively. GNU tools are not the same as BSD's. Many commands such as cp, rm, sed, and others can have very different results on both systems. Read the man pages to make sure the flags your are passing to these commands are doing what you want them to do. 6. Get used to using unlink in place of rm. I linux you can safely rm -rf a symlink. In BSD depending on if you end the command with a slash, you could wipe out the the actual contents. Lisa Casey wrote: Hi, Once I get this new system going I promise I'll quit pestering you folks :-) Got another question. This should be simple to answer. I've done this before but can't seem to replicate it this morning. I have a few scripts my employees use to do things such as add a new radius user, restart the radius server and tail the radius log file. The most simple one is radlog. The file radlog contains the line: tail -f /var/log/radius.log I need to be able to type radlog from anywhere on the system and have it work. I put the file radlog in /bin (/bin and /sbin are all in my shell's path). Ownership is root/wheel permissions are 555 (I've tried 700 and 777 - these don't need write access though). But when I type radlog I get command not found. I can type ./bin/radlog and it works but I don't want that. I thought if the file was in my path and if it was executable just typing the name of the file from anywhere would work but evidently I'm overlooking something. What? Thanks, Lisa Casey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: passwd file and user accounts
I didn't have as many accounts so I didn't even bother migrating them. I add all my new accounts using pw rather then adduser. It is much easier to script with this then adduser. My first approach would be the following: 1. add one account to freebsd. 2. Using chsh or vipw, copy the redhat password hash into the account, and see if the password works as is. If I remember correctly I think they do. 3. See if you have any accounts on your freebsd with a user or group higher then 500. 4. Write a quick script to create the new user accounts. Make sure you installed shells/bash. Should be simple enough using awk or cut. I would keep the existing values from the linux passwd/shadow files, just make them properly formatted for bsd. Keeping the old uid numbers where possible is much less labor intensive then giving the users a new uid. pw will let you script this easily too if you do not want to manually edit the password files. If you create new uid's you will have to do a find across the entire system and chown chgrp all your files for 700 users. If you do choose to manually edit the password files, make sure to backup and rebuild the hash properly with pwd_mkdb. Lisa Casey wrote: Hi, This is probably a stupid question, but I'll ask it anyway... I have a Red Hat Linux system I need to get rid of. It is currently doing e-mail for approximately 700 users and is also doing radius authentication. I have setup a new FreeBSD computer to take it's place. I have everything setup now on the FreeBSD computer except for the user accounts and mailboxes. The mailboxes aren't a problem, I've used tar to move mailboxes before. I suppose I cannot simply copy /etc/passwd, /etc/group and /home from the Redhat computer to the FreeBSD computer due to the password hash in /etc/passwd. Am I correct on this? Would it be possible to copy /etc/passwd then (before the new system goes live) reset all the passwords with the passwd command? That might be easier than adding in close to 700 accounts using adduser. Does anyone have a better idea of how I might go about doing this? Thanks, Lisa Casey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NFS without rpcbind?
That makes more sense. Actually I do not care if it is tcp or udp, so long as the ports are not dynamically assigned. I'll have to give what you said a try. Up until now I thought there was now way to do this without dynamic ports. Erik Norgaard wrote: On Mon, 23 Apr 2007, Dan Casey wrote: It was my understanding that NFS worked off of RPC. I accidently stumbled upon some redhat docs that said you use TCP based NFS which will not require rpc? I think this is an NFSv4 feature, but I'm not sure. I would like to achieve this using FreeBSD 6.2. My goal that I'm trying to accomplish is to get nfs to work in an environment where all traffic is denied by default. Using rpcbind doesn't work well with that type of setup. I tried the following nfs_reserved_port_only=YES nfs_server_enable=YES nfs_server_flags=-t -n 4 -h 10.a.b.c This spawned rpcbind which I didn't want. Does anyone know how to do a tcp only nfs implimentation? AFAIK nfs v4 is not done yet, the client side is but not the server side. But FBSD do have a tcp based nfs. This doesn't however change anything with respect to avoiding rpcbind. RPC is used to tell the client at which port the daemons bind. These may be assigned dynamically (I think mountd is dynamic but nfsd static to 2049). Basically the client connects to the rpcbind deamon to request which ports the mountd and nfsd are on. You can force both to bind to a static port. rpcbind_enable=NO # Run the portmapper service (YES/NO). nfs_server_enable=YES # This host is an NFS server (or NO). mountd_enable=YES # Run mountd (or NO). mountd_flags=-r -p 59 # Force mountd to bind on port 59 will force mountd to bind to port 59. Then it should be possible to run the nfs server without rpcbind, but I don't remember how to configure the client side. Cheers, Erik ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NFS without rpcbind?
It was my understanding that NFS worked off of RPC. I accidently stumbled upon some redhat docs that said you use TCP based NFS which will not require rpc? I think this is an NFSv4 feature, but I'm not sure. I would like to achieve this using FreeBSD 6.2. My goal that I'm trying to accomplish is to get nfs to work in an environment where all traffic is denied by default. Using rpcbind doesn't work well with that type of setup. I tried the following nfs_reserved_port_only=YES nfs_server_enable=YES nfs_server_flags=-t -n 4 -h 10.a.b.c This spawned rpcbind which I didn't want. Does anyone know how to do a tcp only nfs implimentation? -dc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CVS (freebsd /src) confusion
Using cvsup I am upgrading my boxes from RELENG_6_1, to RELENG_6_2. I've been noticing something strange, and I'm wondering if I'm thinking too much into it. I've modified mergemaster so that instead of using diff, it would just append to a text the files that need to be diffed. This way i can do it with vimdiff instead. I would think that the RELENG_6_2 would have more recent files then 6_1. Here are a few examples. I'm looking at cvsweb, which seems to confirm that that the versions of these files are correct. /etc/defaults/devfs.rules version in 6.1 - $FreeBSD: src/etc/defaults/devfs.rules,v 1.3.12.1 2006/04/26 18:39:17 version in 6.2 - $FreeBSD: src/etc/defaults/devfs.rules,v 1.3.8.1 2006/04/26 18:38:43 /etc/defaults/periodic.conf version in 6.1 - $FreeBSD: src/etc/defaults/periodic.conf,v 1.33.2.1 2006/03/08 23:01:18 version in 6.2 - $FreeBSD: src/etc/defaults/periodic.conf,v 1.33.2.2 2006/09/28 01:59:29 Did freebsd tag older versions a some files, or am I going nuts? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: CVS (freebsd /src) confusion
Were it gets even more confusing is files like freebsd.submit.cf where there are multiple version numbers. The version in my temproot is $FreeBSD: src/etc/sendmail/freebsd.submit.mc,v 1.1.12.2 2006/08/23 $Id: proto.m4,v 8.719 2006/03/30 20:50:13 And on my system I have: $FreeBSD: src/etc/sendmail/freebsd.submit.mc,v 1.1.16.1 2006/04/13 $Id: proto.m4,v 8.718 2005/08/24 18:07:23 Now each file is newer and older then the other :) Basically I just want to make sure i'm merging in the right direction. I don't want to accidentally break something. N.J. Mann wrote: On Monday, 5 February, 2007 at 12:17:18 -0500, Dan Casey wrote: Using cvsup I am upgrading my boxes from RELENG_6_1, to RELENG_6_2. I've been noticing something strange, and I'm wondering if I'm thinking too much into it. I've modified mergemaster so that instead of using diff, it would just append to a text the files that need to be diffed. This way i can do it with vimdiff instead. I would think that the RELENG_6_2 would have more recent files then 6_1. Here are a few examples. I'm looking at cvsweb, which seems to confirm that that the versions of these files are correct. /etc/defaults/devfs.rules version in 6.1 - $FreeBSD: src/etc/defaults/devfs.rules,v 1.3.12.1 2006/04/26 18:39:17 version in 6.2 - $FreeBSD: src/etc/defaults/devfs.rules,v 1.3.8.1 2006/04/26 18:38:43 /etc/defaults/periodic.conf version in 6.1 - $FreeBSD: src/etc/defaults/periodic.conf,v 1.33.2.1 2006/03/08 23:01:18 version in 6.2 - $FreeBSD: src/etc/defaults/periodic.conf,v 1.33.2.2 2006/09/28 01:59:29 I just checked in the CVS repository using the web interface at http://www.freebsd.org/cgi/cvsweb.cgi and it appears you have the correct versions of the files. As to why the devfs.rules is (an apparently) earlier version, I don't know. You could try browsing the CVS repository if you really want to know. :-) Cheers, Nick. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mysql5.1-server Refuses to Start.
Does the directory /var/db/mysql/mysql exist? If your missing that directory, then mysql cannot authenticate. I'm assuming this is a fresh install. Try backing up your files, then run mysql_install_db. This will create the mysql database for you. Martin McCormick wrote: If one does a Google search on the following error message from the mysql server, there is a long and painful discussion ona mysql mailing list in which lots of people have had the same exact problem. The solutions, however, were for Sun Work Stations and a similar solution I tried here, had no effect at all. I am trying to start mysqld in safe mode on a FreeBSD5.4 system in such a way that only local users can access it. The suggested command for this is /usr/local/bin/mysqld_safe --skip-networking --user=mysql The mysql server is defaulted to use /var/db/mysql and that is where it appears to initially be happy. The mysql directory is chowned to be owned by the user mysql and it does start creating new table files: 070201 10:30:55 mysqld started /usr/local/libexec/mysqld: Table 'mysql.general_log' doesn't exist InnoDB: The first specified data file ./ibdata1 did not exist: InnoDB: a new database to be created! 070201 10:30:55 InnoDB: Setting file ./ibdata1 size to 10 MB InnoDB: Database physically writes the file full: wait... mysql creates a couple more files and then disaster strikes! 070201 10:30:59 [ERROR] Fatal error: Can't open and lock privilege tables: Table 'mysql.host' doesn't exist 070201 10:30:59 mysqld ended I do have a my.cnf file in /usr/local but it only contains one line which doesn't change anything. basedir=/var/db/mysql It seemed to already default to this directory. The datadir variable which some of the posters mentioned is no longer needed. Has anybody gotten sqld_safe to work in FreeBSD? Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Network Operations Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Adjusting NGROUPS_MAX constant
I am running into trouble with users who are in more then 16 groups. I fail to ssh in with the following message: sshd[96785]: initgroups(username,1002): Invalid argument sysctl -a kern.ngroups kern.ngroups: 16 Is there any reason why I should not raise NGROUPS_MAX in the following two files? /usr/include/sys/syslimits.h /usr/src/sys/sys/syslimits.h What could I accidentally break.. Or should I say, is there a good reason why the number 16 is hard coded in there? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mergemaster and vimdiff
Is there anyway to use vimdiff with mergemaster. Or is it safe to just see what files are different in etc, and vimdiff them manually? I see /var/tmp/temproot has a lot more in it that I was expecting. I thought it would be just etc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NIS intermittent connection trouble
I have an NIS server setup on a specific vlan. All my nis clients are setup on separate vlans with different networks. All of my clients have the same problem. When i run /etc/rc.d/ypbind start then /etc/rc.d/ypset start, everything works properly. However it will stop working for no apparent reason, and just timeout until it is restarted. Also If i make the server unavailable, then bring it back it has the same affect. It is as if it fails once, and never retries the same server. How can i fix this? Currently I have a cronjob set to restart ypbind and ypset. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NIS intermittent connection trouble
I have an NIS server setup on a specific vlan. All my nis clients are setup on separate vlans with different networks. All of my clients have the same problem. When i run /etc/rc.d/ypbind start then /etc/rc.d/ypset start, everything works properly. However it will stop working for no apparent reason, and just timeout until it is restarted. Also If i make the server unavailable, then bring it back it has the same affect. It is as if it fails once, and never retries the same server. How can i fix this? Currently I have a cronjob set to restart ypbind and ypset. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
