Re: FreeBSD vs Linux

[Dick Davies]

[Let me first point out I've seen about 4 different 'unix/windows is
teh gayz0r' threads on completely unrelated mailing lists in the last
24 hours.
If I sound bored rigid with the whole subject that might be why.]

Can we please stop comparing *NIX to windows. They're nothing
like each other. Like all software, they bothsuck in their own unique ways,
it's just that BSD sucks in areas I mainly don't care about, and
windows sucks at most of the things I do care about.

On 18/01/06, Martin Tournoy [EMAIL PROTECTED] wrote:
  Windows almost runs everything

 Quite the opposite, try running some application from a few years back
 on windows 200 or XP, big chance it won't work.

So what? That's exactly the same for FreeBSD, even it's core apps.
And vendors rush to support MS' new OSes.

  Microsoft pays hardware manufacturers to
 make drivers for their OS,

I seriously doubt it. They don't need to with their market share.

 Upgrading is a pain on windows, upgrading from 98 to 2000 more or less
 needs a format and clean install, while on FreeBSD you have much more
 flexibility, so you can upgrade much easy er.

Have you ever brought 4.x up to 6.x? It doesn't sound like it.

There are tools to solve this for windows, and there has been
for a long time.
Try updating 200 FreeBSD boxes, then try the same with a decent imaging
system for windows.

 Unix is for the masses, the only problem it has is a proper user friendly GUI.

Then it isn't for the masses. Deal with it.

 With Windows on the other hand, you *HAVE* to do things as the
 Microsoft programmers envisioned and liked things, and lacks a lot of
 flexibility that FreeBSD does have

Can you justify that at all? If what you're saying boils down to
'you have the source' then I don't think that applies to 99% of users.

 Say whatever you want, but the Unix permission system is better than
 Window's, it much more simple

It's also very outdated and has been reinvented several times.
RBAC, SeLinux and MAC would indicate it's not flexible enough for
most people.

 The same goes for window's configuration, the registry, it's not a bad
 idea, but horribly failed, now you have a huge file with a lot of
 data, half of it redundant, and the worst is that it's undocumented.
 FreeBSD simply has a set of configuration files, mostly in /etc and
 /usr/local/etc most of them have a man page, and an example file in
 /usr/share/examples/etc

That's not in itself a good thing. As I understand it, the registry is a central
place for storing configuration details. /etc has nothing like that.

Think of something simple like a webserver docroot. Apache obviously needs
to know about that, so might your ftp server, your backup/mirror scripts and
so on. If you ever change that directories location, you'll have to
update everything
that references that path. That's a pain in the arse, and it's only
one of dozens
of annoyances with /etc.

The arguments you're making above equally
apply to 4.x /etc, and I don't think you'd argue that rcNG is a vast
improvement.
Have a look at things like Solaris SMF and you realise that rcNG isn't as good
as it could be either.



--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD vs Linux

[Dick Davies]

On 18/01/06, Danial Thom [EMAIL PROTECTED] wrote:

Microsoft pays hardware manufacturers to
   make drivers for their OS,
 
  I seriously doubt it. They don't need to with
  their market share.

 Ok, what do you guys live in a shoe or something?

 MS doesn't have to pay vendors, you toad.

Did you read what I just typed Daniel?
Because you're coming across as a bit of an
ignorant twat.



--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD vs Linux

[Dick Davies]

On 18/01/06, Martin Tournoy [EMAIL PROTECTED] wrote:

  So what? That's exactly the same for FreeBSD, even it's core apps.
  And vendors rush to support MS' new OSes.

 There's a very big dump of unmaintained software, whenever I want to
 play an old classic game like cc, x-com or even system shock
 2(which is from '99) I have serious problems, and have to resort to
 emulation software (which is quite different from compat4x for
 example, which is compatibility and not emulation)

I'm not disputing that, I'm just saying rebuilding world so top still works
with a new kernel might not be that much of a leap forward.

[Incidentally, breaking backwards compatibilty was a conscious decision by MS,
according to:

   http://www.joelonsoftware.com/articles/APIWar.html

(briefly, they'd always tried hard to support older apps, which
is where a lot of windows 'bloat' comes from. They dropped that fairly
recently, and people (developers) are very unhappy about it)

  Have you ever brought 4.x up to 6.x? It doesn't sound like it.

 Note that I used much easy er and not easy

:) All I'm saying is these are universal problems.

  Try updating 200 FreeBSD boxes, then try the same with a decent
  imaging system for windows.

 Shell script...?

as in: 'a simple matter of programming'? :)
My point is you need to write it, whereas you can get a supported solution
for MS off the shelf. That sort of thing matters to an IT manager/director, and
they decide the budgets.

   Unix is for the masses, the only problem it has is a proper user friendly 
   GUI.

  Then it isn't for the masses. Deal with it.

 This really wasn't my point, what I tried to say was that UNIX isn't
 the big user-unfriendly beast some people like you to believe, and
 that it can serve as user-friendly desktop just as well as Windows can
 (MacOS is a good example of this)

True, but OSX doesn't expose the CLI to the same extent BSD does.
I wonder how many OSX users have subsequently started using BSD.

  RBAC, SeLinux and MAC would indicate it's not flexible enough for
  most people.

 Not flexible enough for some people that is, not most, every system
 has it's ups and downs, and the standard permissions work for just
 about all desktop PCs and most hobby-servers

But there is a need for that sort of granularity in many cases.
(I for one dislike running webservers as root just so they
can open port 80, for instance). It could be (and is) done better elsewhere,
but 'good enough' stops it becoming widespread.


 Never used Solaris so I can't say anything about their SMF, a (very)
 quick glance reminded me of linux...

check docs.sun.com when you have a spare few hours, you'll be surprised.

 Anyway, rc isn't perfect, but it works for me, it atleast makes sense...

Yeah, I much prefer it to the sysvinit nonsense shudder.
--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD vs Linux

[Dick Davies]

On 18/01/06, Danial Thom [EMAIL PROTECTED] wrote:
 --- Dick Davies [EMAIL PROTECTED] wrote:
  On 18/01/06, Danial Thom
  [EMAIL PROTECTED] wrote:

(actually, no he didn't. your mail clients quoting is insane)

(some guy:)
  Microsoft pays hardware manufacturers to make drivers for their OS,

(me:)
I seriously doubt it. They don't need to with their market share.

(danial:)
   Ok, what do you guys live in a shoe or something?

   MS doesn't have to pay vendors, you toad.

(me:)
  Did you read what I just typed Daniel?
  Because you're coming across as a bit of an
  ignorant twat.

(danial:)
 Sorry, but I find it impossible that people don't
 know that vendors pay microsoft to write drivers.

Maybe he meant 'it pays to write drivers for MS' or
something? I didn't feel the need to call him names over it.

 And you clearly weren't certain of your answer.

Yeah, I probably should have said something about
his mother to help clarify things. sheesh :)



--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: New FreeBSD 6.0 system advice sought

[Dick Davies]

On 17/01/06, Jason King [EMAIL PROTECTED] wrote:
 I would stay with the apache 1.3 branch because of some compatibility
 issues with the 2.0 branch.

Compatibility with what?
2.2 is out now, 1.3 seems to be getting mainly security fixes.

To the OP:

you'll  get a better answer if you say
what apps you're planning to use. php5,  mysql4 and apache2 play nicely
together, and have for years now.

I understand there were some issues with php and the worker MPM, since php
is'nt thread safe, but nobody uses worker anyway.


--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: partitioning after the fact

[Dick Davies]

On 17/01/06, Rob [EMAIL PROTECTED] wrote:

 #2 containing empty space recovered from a previous Linux install, 15G 
 primary partition


 t I would like to make partition #2 to also contain
 FreeBSD.  But if I remember correctly there is no way to do such a
 thing without starting all over again in setting up the disk.

course you can. man fdisk and disklabel, or just use sysinstall:

  http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-adding.html


--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD vs Linux

[Dick Davies]

On 17/01/06, David Kelly [EMAIL PROTECTED] wrote:

 Someone has an unsupported sound card with a Linux example. All the
 tough details about the hardware are spelled out in the Linux driver.
 Plenty of FreeBSD drivers have been ported to Linux and vice versa.


Danger Will Robinson! The GPL can make Linux - FreeBSD
copying^W inspiration very tricksy indeed.



--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: System hangs for 30 minutes before booting normally into freebsd 6.0

[Dick Davies]

Also, try toggling 'pnp os installed' in the bios.

On 16 Jan 2006 09:22:55 -0500, Lowell Gilbert
[EMAIL PROTECTED] wrote:
 Ravi Kumar [EMAIL PROTECTED] writes:


  pnp_identify: Trying Read_Port at 203


 Then try disabling ACPI; I wouldn't be surprised if your system had
 no support for it anyway.  And maybe try a verbose boot without ACPI.

--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Syntax of dhclient.conf(5)

[Dick Davies]

There should be semicolons after each line.

On 13/01/06, Parv [EMAIL PROTECTED] wrote:
 I failed to find detailed syntax layout in dhclient.conf(5) man page,
 via web search, or be able to deduce from files in
 /misc/src/sbin/dhclient.  I was looking for something like as given in
 (i)pf.conf(5) man pages.

 Could somebody point me to a detailed document documenting the syntax?
 Alternatively, please help me understand what am i missing from the
 dhclient.conf listed below which results in following parsing error
 messages ...

   /etc/dhclient.conf line 11: expecting identifier after option keyword.
 {
 ^
   /etc/dhclient.conf line 18: expecting a statement.
   }
   ^
   /etc/dhclient.conf line 32: semicolon expected.

   ^

 ... dhclient.conf ...

1
2  #  FreeBSD 6.0-STABLE's dhclient empties /etc/resolv.conf  default 
 route is
3  #  not being assigned.  Remedy this by having sane entries here in 
 dhclient.conf.
4
5  request subnet-mask , routers , domain-name-servers;
6  require routers , domain-name-servers;
7
8  interface em0
9  {
   10default
   11{
   12  fixed-address 192.168.2.100
   13, option subnet-mask 0xff00
   14, option routers 192.168.2.1
   15}

(if you're setting all these yourself, why are you bothering to
do dhcp on that interface?)

There should be semicolons after each line in the braces,
and the leading dots before option aren't something I recognize.

It's a pity there isn't a simple (but not blank!) one in
/usr/share/examples, I could
have sworn there used to be.

--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: pf question

[Dick Davies]

On 12/01/06, Vasile Cristescu [EMAIL PROTECTED] wrote:
 does pf has something like  ipfw -d show  ?

I don't know. What does 'ipfw -d show' do?

--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: WEIRD: telnet

[Dick Davies]

* Colin J. Raven [EMAIL PROTECTED] [0205 15:05]:

 Some tangential observations:
 1. Unless you *must* use telnet for some reason, it's a good idea to 
 turn it off.

This is a telnet client, how would you 'turn that off'.

This is a very common way to test if a socket is listening, and there are
no security issues with connecting to a socket on your own machine anyway.

 2. Please tell us that - in the example above - you weren't telnet'ing 
 as root? I see it was to locahost...but even so that's not a great 
 practice.

This makes no sense at all.
Can we all stop knee-jerking at the word telnet?

-- 
'Aww, you know what always cheers me up? Laughing at other people's 
misfortunes.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Why in the world you should have a vote: was RE: Please don't change Beastie to another crap logo suchas NetBSD!!!

[Dick Davies]

* Anthony Atkielski [EMAIL PROTECTED] [0216 21:16]:
 Peter N. M. Hansteen writes:
 
  Because they wrote the software in question, perhaps?
 
 So?  If it's truly open source, the copyrights should be assigned.  All
 it takes is one copyright holder who withdraws a license and an entire
 package can become unusable.

Shut up now, ok? or take it elsewhere.

-- 
'A little rudeness and disrespect can elevate a meaningless interaction
into a battle of wills and add drama to an otherwise dull day.'
-- Calvin discovers Usenet
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD - Is it ok

[Dick Davies]

* Tony King [EMAIL PROTECTED] [0219 15:19]:
 Hi
 I use a Mac G4 and have a spare hard drive.
 I would like to put a Unix OS on it but do not know what I can use.

I think it comes with one.

-- 
'The State is the kind of organization which, though it does big things
 badly, does small things badly too.'
-- John Kenneth Galbraith
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Please don't change Beastie to another crap logo suchasNetBSD!!!

[Dick Davies]

* Ted Mittelstaedt [EMAIL PROTECTED] [0238 05:38]:
 
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED] Behalf Of Dick Davies
  Sent: Thursday, February 10, 2005 12:10 PM
  To: FreeBSD Questions
  Subject: Re: Please don't change Beastie to another crap logo
  suchasNetBSD!!!
 
 
  * Ted Mittelstaedt [EMAIL PROTECTED] [0255 08:55]:
 
 Yep, I was wondering how long it would take before someone figured
   this one out.  We know the real rea$on$ that this logo change is
   being contemplated, don't we.
 
  You seem to think you do, certainly. Why don't you ask core instead of
  reading their minds?
 
 
 Why should I when Robert Watson made the following quote in Advocacy:

Because Robert Watson is'nt involved. Also then maybe this thread would die.
 
-- 
'Yeah, well I'm gonna build my own themepark! With blackjack aaand Hookers!
Actually, forget the park. And the blackjack.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: I can't BOOT! You all need to WAKE UP and HELP a BROTHER!!!

[Dick Davies]

* Fafa Diliha Romanova [EMAIL PROTECTED] [0239 10:39]:
 
 Hello!
 
 I am running a new HP Compaq DC7100 CMT. For more information, check:
 http://www.antonline.com/p_PC928A-ABA--DC7100-CMT-P4-3.0-512MB-40GB-DVD-WXPP-3-3-3-_102136.htm
 
 I've been trying to install FreeBSD 5.3-RELEASE for a long time now.
 Nobody has bothered to offer me a solution. Let alone a reason!

Well, no one knows an answer probably mate. 

As a a total stab, try toggling 'pnp os installed'.
 
 FreeBSD doesn't boot at all. It doesn't enter the loader prompt, it reboots
 before it gets to it.

Then it sounds like the bootcode does'nt like your machine to me.
Does 4.x work?

-- 
'common sense is what tells you that the world is flat.'
-- Principia Discordia
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Please don't change Beastie to another crap logo such as NetBSD!!!

[Dick Davies]

* Bart Silverstrim [EMAIL PROTECTED] [0201 13:01]:
 
 On Feb 11, 2005, at 2:18 AM, Anthony Atkielski wrote:
 
 Ted Mittelstaedt writes:
 
 That is so not true that it makes me almost as angry as the original
 debate.
 
 Maybe getting angry about a mere logo is a bad sign.
 
 Just to sum up things as I understand it...
 
 People want to change the logo from Beastie to something else because 
 Beastie isn't professional enough, so some committers decided to hold a 
 contest for a new logo?

Let me correct you there. This is what happened.

Someone wanted a logo in addition to beastie.
Someone got the wrong end of the stick.
Everyone with an opinion decided to tell everyone it.
 

-- 
'My life, and by extension everyone else's, is meaningless.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Please don't change Beastie to another crap logo such asNetBSD!!!

[Dick Davies]

* Ted Mittelstaedt [EMAIL PROTECTED] [0255 08:55]:
 
   Yep, I was wondering how long it would take before someone figured
 this one out.  We know the real rea$on$ that this logo change is
 being contemplated, don't we.

You seem to think you do, certainly. Why don't you ask core instead of 
reading their minds?

-- 
'A little rudeness and disrespect can elevate a meaningless interaction
into a battle of wills and add drama to an otherwise dull day.'
-- Calvin discovers Usenet
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

firefox creating oddly named profile directories

[Dick Davies]

anyone else seeing this?

I rebuilt my laptop yesterday after an 'incident'
(tip of the week; don't mix up ad0 and da0) and rsynced bacx
/etc /home and /root, then pkg_add -r'ed my way back to a desktop
without too much bother.

But firefox (latest one with the hole, 1.0.7mumblemumble)
refuses to use the old ~/.mozilla/firefox profile folder,
instead it creates 4 new ones with gibberish names (start with .h
and then unprintable characters).

Anyone have a clue why?

-- 
'Ugh, it's like there's a party in my mouth and everyone's throwing up.'
-- Fry
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Very general shutdown question

[Dick Davies]

* Steven [EMAIL PROTECTED] [0203 23:03]:
 Hello Ned,
 
 you can add the user to the operator group. it is possible to run 
 shutdown then (but not halt etc).

Be caneful of that, I think operator  has other privileges too
(can read from any disk for starters).

 
 You could also create a shutdown user with a login shell pointing to a 
 shutdown script.

But that won't work if they still don't have permission to run it...

-- 
'...and then we wrote scripts to write the configs for us, and using
these scripts, we made mistakes in a faster, more automated manner.'
-- A Gentle Introduction to Cricket, on MRTG configuration
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

postgres 8 init script problem?

[Dick Davies]

Anyone else having problems starting postgres 8.0.1 (from ports)
on RELENG_5?

It seems to start alright, but clankily:

root$ /usr/local/etc/rc.d/010.pgsql.sh start
hang for about a minute
could not start postmaster
root$ /usr/local/etc/rc.d/010.pgsql.sh status
pg_ctl: postmaster is running (PID: 54846)
/usr/local/bin/postgres -D /usr/local/pgsql/data

-- 
'You were doing well until everyone died'
-- God
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: postgres 8 init script problem?

[Dick Davies]

* Dick Davies [EMAIL PROTECTED] [0237 21:37]:
 Anyone else having problems starting postgres 8.0.1 (from ports)
 on RELENG_5?
 
 It seems to start alright, but clankily:
 
 root$ /usr/local/etc/rc.d/010.pgsql.sh start
 hang for about a minute
 could not start postmaster
 root$ /usr/local/etc/rc.d/010.pgsql.sh status
 pg_ctl: postmaster is running (PID: 54846)
 /usr/local/bin/postgres -D /usr/local/pgsql/data

Ah, found it. I had PGHOST set in roots environment
(after 'su'ing rather than 'su -'ing).

unset PG_HOST

gets it running in no time.

(Looks like a bug in 010.pgsql.sh, though. roots environment 
shouldn't get picked up, surely?)

-- 
'A little rudeness and disrespect can elevate a meaningless interaction
into a battle of wills and add drama to an otherwise dull day.'
-- Calvin discovers Usenet
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: de-installing kde Xfree86 from 5.2.1

[Dick Davies]

* bsd @ todoo. biz [EMAIL PROTECTED] [0129 21:29]:
 Hello,
 
 I am looking for a fast and secure way to remove all kde* things from 
 my system.
 
 We are using this machine as a headless server and do not need this 
 kind of things at all.

then why did you install them ? :)

 This is bothering me when I update de port tree and do my cvsup things.
 
 ON THE OTHER HAND we absolutely need the deinstall not to compromise 
 our server !!

ssh. pkg_delete will check before deinstalling stuff.

pkg_delete `pkg_info |grep -i kde | awk '{print $1}'`
 
 Libraries used by other program must not be touched by the deinstall 
 process as this is a quite busy mail server.

Don't see how mail is going to need kde.
 
-- 
'Everybody I know who is right always agrees with ME.'
-- Rev Lady Mal
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Syncing 3 Freebsd servers' accounts Question

[Dick Davies]

* Erik Norgaard [EMAIL PROTECTED] [0129 20:29]:
 I forgot:
 
 O'Reilly has a really good book on LDAP LDAP System Administration - 
 includes a chapter on how to migrate from NIS to LDAP.

IMO that's one of the few bad oreilly books - if you want a really good
ldap tutorial, get

Understanding and Deploying LDAP Directory Services

the orielly book is more of a cookbook, but does'nt really explain what's
going on.
 
 And an honest advantage of NIS: Text files only, and LDAP with pam/nss 
 is not supported on OpenBSD if you some day need to integrate with that OS.

Yeah, but NIS is horribly insecure. I doubt Theo would embrace it with open 
arms :)
NetBSD is almost finished integrating pluggable nsswitch modules, I doubt 
openbsd
will be far behind. No offence to the openbsd crew but if you waited for them 
to support
something before using it on freebsd you wouldn't be running much...

The flat file thing is a double-edged sword; it's trivial to dump and restore
a directory (at least openldap), and doesn't have the 'issues' I've had with, 
say,
SQL databases, where either you get too much (accidentally try to restore the 
system
tables) or too little (forget the users).

And an LDAP directory is useful for much more than just distributed password 
files,
and is straightforward to replicate (don't know how you'd do that with NIS) and 
fast too.

 Also, LDAP requires you to obtain Object Identifiers if you defnine new 
 types, I haven't heard of OID that can be used for private/experimental 
 purposes only (like the private ip address spaces).

There's no need to get an OID registered (unlike IP addresses; it's not like
it's routed) but it's free and they'll happily give you one if you ask.


-- 
'What have you done to the cat? It looks half-dead.'
-- Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: perl and ports

[Dick Davies]

* Gert Cuykens [EMAIL PROTECTED] [0137 23:37]:

 No i dont know anything about c++ or perl, ok i know what a class is :P
 For me is not realy about perl it self its about the way it get used
 as a tool to help build things. For me freebsd is build as a base that
 can handle everything designed for it.

Like you said, you're not a developer, so no offence but you don't know
what you're talking about.

 So if want to (install) buy a car and go to the (ports) shop i dont
 expect to bring my (perl) wrench to the (ports) shop .

That's not what you're saying. you're asking the people who build your
car not to use a wrench but their bare hands because you have something
against wrenches for some reason.
 

-- 
'Some people, when confronted with a problem, think I know, I'll use
regular expressions. Now they have two problems.'
-- Jamie Zawinski
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Authentication with ldap very slow

[Dick Davies]

* Albert Shih [EMAIL PROTECTED] [0105 22:05]:
 Hi 
 
 I've a server (FreeBSD 5.3-p5) to use a openldap for authentication.
 
 Everthing work fine butit's very slow when some operation need to known
 the id -- uid. For example if I try to execute some
 
   cd /home
   ls -l *
 
 It's very very slow.
 
 On a linux server authenticate with same openldap server I can use nscd for
 caching. But I don't find something like nscd for FreeBSD. Mayby I's wrong
 (I hope so).

You shouldn't need that. LDAP is designed to be very fast.
First thing I'd look at is the LDAP server - are general searches slow?
Are you on a dialup or something?

-- 
'That question was less stupid; though you asked it in a profoundly stupid way.'
-- Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Authentication with ldap very slow

[Dick Davies]

* Albert Shih [EMAIL PROTECTED] [0131 23:31]:
  Le 26/01/2005 ? 23:28:02+, Dick Davies a ?crit
  * Albert Shih [EMAIL PROTECTED] [0105 22:05]:
   Hi 
   
   I've a server (FreeBSD 5.3-p5) to use a openldap for authentication.
   
   Everthing work fine butit's very slow when some operation need to 
   known
   the id -- uid. For example if I try to execute some
   
 cd /home
 ls -l *
   
   It's very very slow.

 
  Are you on a dialup or something?
 
 no on 100 Mbits/s switching network ;-) soon on 1Gbits/s ;-))

Wierd - I've got a wireless (11mbit) client using nss_ldap via startTLS and have
no trouble at all (and the server is a 600Mhz mini-itx box).

i just tried :

make /tmp/mydir
ls -lR that and tcpdump what i'm sending to the server
(about a dozen lines of output)
ls -lR /usr/local/misc (about 3Gb of mp3s owned by me) and tcpdump what i'm 
sending to the server
(about a dozen lines of output)

so it looks like only the one query is done by ls (i.e. it only looks up the 
name when it displays
the output). How many directories are under /home? Unless we're talking 
hundreds, it shouldn't be 
more than a second or so delay, tops.

It does'nt appear to caching (repeating the ls a couple of seconds later sends 
the 
same query), but then i don't think that accounts for your huge delays.


It's definitely the uid lookup?  Not NFS /home or something
(Is ls * much faster than ls -l)?

Anything in your logs? I know you can turn on debugging in PAM, don't know how 
to 
do it in nsswitch


-- 
'One cannot make an omelette without breaking eggs --
 but it is amazing
how many eggs one can break without making a decent omelette.'
-- Charles P. Issawi
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: dns question

[Dick Davies]

* Jeff MacDonald [EMAIL PROTECTED] [0157 12:57]:
 Not really a freebsdquestion specifically.
 
 My company uses 
ns.foo.com  and ns1.foo.com for primay/secondary dns, about 200
 domains rely on these.
 
 We want a new physical machine , in a different location, with a
 different IP to be our secondary dns. lets call it  www.jerky.com ip =
 244.233.222.211 imaginary..
 
 Can I just make ns1.foo.com point to the new ip address, and update
 the registrar with the new ip for ns1.foo.com, and here's the kicker
 
 _ NOT have to worry about changing the secondary dns info for all 200
 other domains _

Is the second NS server listed in the domain by hostname?
If so, you'll be alright.
 
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

-- 
'When you have to kill a man it costs nothing to be polite.'
-- Winston Churchill, On formal declarations of war
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Web Email

[Dick Davies]

* Jerry McAllister [EMAIL PROTECTED] [0158 02:58]:
  
  Hi,
  
  I'd like to have access to my spool via web browser.  What kind of
  applications can I use?
 
 Nobody's perfect, but we have, on average, been generally happy
 with squirrel.

Worth  pointing out you need an imap server first.
'access to my spool' makes me think we're talking /var/mail here...

-- 
'And if you think you're going to bleed all over me
you're even wronger than you normally be'
-- The Specials, 'Little Bitch'
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: 5.3 Install

[Dick Davies]

* Ramiro Aceves [EMAIL PROTECTED] [0109 11:09]:
 Lyn Robie wrote:
 
 Rarely have I found such an amateurish installation procedure.  It's 
 obvious you guys are hard put to find anyone competent in the user 
 interfaces.

snip I can't find my ass with both hands and it's all your fault troll

 Never heard such a stupid e-mail!
 
 If you do not like the installer, learn how to fix it and do it!

Sorry, but that's nonsense, it smacks of 'where's the doc'/'read the source'
attitude of a decade ago.

People are allowed to say 'your installer sucks' without having to learn C.
I don't need to sign an NDA to be able to hate Outlook Express.

Although I agree that some constructive suggestions would be useful, rather
than flamebait. 


Incidentally, next time one of these guys posts a 'you suck,bye bye' mail,
can we try to avoid mailing the list about it for two weeks?

If you want to send a 'piss off back to linux' message, you can do it off list.


-- 
'My life, and by extension everyone else's, is meaningless.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: DNS: querying route DNS

[Dick Davies]

* Andrew P. [EMAIL PROTECTED] [0122 14:22]:
 Matthew Seaman wrote:
 If your ISPs nameservers are unreliable or overloaded, and not giving 
 you a good service, then one course of action you might consider is just 
 configuring the named(8) built into your FreeBSD system to do recursive 
 DNS lookups for you.

 I'm sure it won't be difficult for anyone to find a named(8) how-to,

On a hard drive near you. Or try:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html


-- 
'My life, and by extension everyone else's, is meaningless.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Freebsd 5.3 Performance

[Dick Davies]

* Anthony Atkielski [EMAIL PROTECTED] [0154 09:54]:
 Mark writes:
 
 M Ah, this point fascinates me. Running for years? Do you ever have
 M to recompile your kernel? :)
 
 Usually once when I first install the OS, then never again (unless I
 change something in the hardware, which I hardly ever do).  Windows
 often has to be rebooted just to install a new application (although
 that's a problem with the application, not a problem with the OS, in
 most cases).

And what about security patches?
 
-- 
'If we can hit that bull's-eye, the rest of the dominoes will fall like a
house of cards... Checkmate!'
-- Zapp. Brannigan
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Supermicro Hardware and FreeBSD

[Dick Davies]

* Ted Mittelstaedt [EMAIL PROTECTED] [0135 07:35]:
   Perhaps we all should ask why it is OK for SuperMicro to release
 a
 motherboard that is incompatible with the existing FreeBSD versions?

Because they hate our freedom, of course...

-- 
'One cannot make an omelette without breaking eggs -- but it is amazing
how many eggs one can break without making a decent omelette.'
-- Charles P. Issawi
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Sun revokes FreeBSD license for Java

[Dick Davies]

* Ted Mittelstaedt [EMAIL PROTECTED] [0157 06:57]:
  Tom Vilot writes:
  I tend to agree.  Are people still using Java? 
 
 Keep in mind that Sun's main Java push was into micro-code for embedded
 devices, that is why Java was written in the first place.

And somehow this mutated into J2EE :D

 .  On the corporate side of the house, people sometimes
 are forced to use tools that some salesmanager or CEO has decided
 need to be used, and if they don't like that their jobs are outsourced
 to India.

The phrase 'Java is the COBOL of the nineties' springs to mind
 
 If FreeBSD can get a current binary JRE distributed then it helps
 out those companies that use FreeBSD that have applications like that
 which they are attempting to sell, without bothering the rest of
 us who aren't in this boat.  In this case why not make friends with
 them when it costs you nothing?

I don't think it does cost the Foundation nothing, that's the trouble. You 
spend years jumping through hoops to get the certification (the only benefit
of which is it pleases the  managers) and then they turn round and make you
do it again. 

With this attitude it's hardly suprising they piss some people off (especially
when the product you're doing all this for is pretty second rate when compared
to python or ruby imo)...

-- 
'Yeah, well I'm gonna build my own themepark! With blackjack aaand Hookers!
Actually, forget the park. And the blackjack.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Sun revokes FreeBSD license for Java

[Dick Davies]

* Ted Mittelstaedt [EMAIL PROTECTED] [0125 07:25]:
 
  [mailto:[EMAIL PROTECTED] Behalf Of Dick Davies
 
  I don't think it does cost the Foundation nothing, that's the
  trouble. You spend years jumping through hoops to get the certification (the
  only benefit of which is it pleases the  managers) and then they turn round
  and make you do it again.
 
 Hmm - sounds like what Microsoft does.

I've heard of them - don't they make lawsuits?
 
-- 
'Everybody's a jerk. You, me, this jerk.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

re: bash- superuser

[Dick Davies]

(sorry if I cocked up your threading, readers - I accidentally deleted
Gregs mail and so pasted this from google groups).

  There are a couple of reasons why this shouldn't
 happen:
 
 1. You don't normally start networking until you have mounted your
local file systems.
 2. The problem is related to the invocation of su(1). It's not clear
why that's there.
 
 Still, it shows that there are issues. It may be sufficient to
 document them. People who follow the advice in The Complete FreeBSD
 won't run into this problem, since they won't install a separate /usr
 file system.

I thought the issue was the ldconfig path not being set up at the point
that pppd called su?

pppd lives in /usr, after all :)

Assuming that's wrong, doesn't freebsd have a notion of 'critical filesystems'
and and 'pre-networking filesystems' a la NetBSD?
I used to have to set this on netbsd to get wicontrol from /usr before dhcp

  and would be a non-issue if you statically linked bash (I can't
  think of any reason to want a dynamically linked one).
 
 One reason is that bash pulls in a lot of libraries. That's why we
 used dynamic libraries in the first place. 

That's a bit of a circular argument, isn't it? :) People Who Know have 
advised me in the past that the VM system performs better if you statically
link common binaries - you get better reuse of memory.


-- 
'The pie is ready. You guys like swarms of things, right?'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: bash- superuser

[Dick Davies]

* Erik Trulsson [EMAIL PROTECTED] [1234 11:34]:
 On Tue, Dec 21, 2004 at 10:14:15AM +, Dick Davies wrote:

  I thought the issue was the ldconfig path not being set up at the point
  that pppd called su?
  
  pppd lives in /usr, after all :)
 
 Not quite.  The issue was that the /etc/rc.d/ppp-user script calls su.
 su starts a shell - in this case it tried to start bash since that was
 root's shell. At that point in the process the system was not yet
 configured to find the libraries bash needed.  ppp as such was fairly
 irrelevant - it was su that caused the problems.

Sure, I mean that the filesystem *is* mounted at this point, so
Greg not having a separate /usr won't help in this case.
 
  Assuming that's wrong, doesn't freebsd have a notion of 'critical 
  filesystems'
  and and 'pre-networking filesystems' a la NetBSD?
  I used to have to set this on netbsd to get wicontrol from /usr before 
  dhcp
 
 Probably, but /usr/local is probably not normally considered to be one.

No, exactly, but my point is that if you were going to be using stuff
from /usr/local, then you could set this in rc.conf and be sure:

a) it was mounted
b) ldconfig had at least looked at /usr/local/lib

b) is tricky, on netbsd we generally do our linking at compile time
so this kind of thing isn't an issue, so long as /usr/local/lib is
available bash will work).
 

-- 
'When the door hits you in the ass on the way out, clean off the smudge
 your ass leaves, please'
-- Alien loves Predator
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: [OT] rrdtool examples

[Dick Davies]

* Jorn Argelo [EMAIL PROTECTED] [1218 11:18]:
 Hi all,
 
 I've been playing around with rrdtool for quite a while, but I still don't 
 really get it. I've been trying to find some example scripts for rrdtool, but 
 I really can't find much of them. I have found Erik de Mare's perl scripts 
 already. However, the author does not reply to his mail, and only a few of 
 his scripts work. Unfortunately I don't have any perl knowledge, so I cannot 
 fix them myself.
 
 So my question is, do you guys know where I can find some other RRDtool 
 example scripts? Preferably something involving with CPU load, apache stats 
 and MySQL stats. All examples are welcome though :)

Have a look at rrdtutorial (in a man/ directory near you), its' fairly 
well written.

I knocked together some simple scripts to monitor some appservers 
(disk,cpu,process
count etc) but they get unwieldy very quickly - just a few boxes and it started
to get out of hand.

If you're going to be doing any gathering/graphing for this kind of thing, have
a look at cricket (ports/net-mgmt/cricket) - it makes using RRD a breeze
(though I would still read the tutorial at least, it does help to have a rough
understanding of the backend).

Favours SNMP, but you can use any script you like easily enough
(I have a ruby-ldap based version that pulls stats directly from
openldap, and it took an hour to get it graphing).


-- 
'In the beginning the Universe was created. This has made a lot of people
very angry and been widely regarded as a bad move.'
-- The Guide
Rasputin :: Jack of All Trades - Master of Nuns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: bash - superuser

[Dick Davies]

* Gerhard Meier [EMAIL PROTECTED] [1207 12:07]:
 On Mon, Dec 20, 2004 at 08:41:57AM -0200, Giuliano Cardozo Medalha wrote:
  I have a machine with FreeBSD 5.3 - release -p2.
  
  I have installed bash from ports.
  
  How is possible to use bash in root account ?
 
 Do not change the shell of the root account. If you have /usr or
 /usr/local on a separate partition, and you cannot mount for some
 reason, you wont be able to fix that, without booting from
 another device.

No, but you'll still be able to use /bin/sh when going single user, so
what's the big deal? 

I really don't get what the problem is with this 'sh is on the root' argument.
Using bash is a lot more productive for many people, so why not let them use it?
If you're really terrified of not knowing how to use sh, then stick a static 
bash
in /bin. 

To the original poster: just be root and run 'chsh'.

-- 
'I should have been a plumber.'
-- Albert Einstein
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: bash - superuser

[Dick Davies]

* Ruben de Groot [EMAIL PROTECTED] [1250 14:50]:
 
 Using a shell not contained in the root filesystem can cause problems 
 even when not in single user mode. There are enough examples in the archives.

Indulge me with an example?
 

-- 
'When the door hits you in the ass on the way out, clean off the smudge
 your ass leaves, please'
-- Alien loves Predator
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: bash - superuser

[Dick Davies]

* David Landgren [EMAIL PROTECTED] [1241 17:41]:
 Dick Davies wrote:

 To the original poster: just be root and run 'chsh'.
 
 No.
 
 When you are logged in as root, you *should* have to go through extra 
 hoops to get comfortable.

On my box I have a # prompt to tell me I'm root. I don't sit on a drawing
pin when I su just to remind me I have godly powers, and I don't see why I 
should be banging zeroes together to get ones when I can be more productive 
(and therefore spend less time with escalated privileges) in bash.

 I am not saying that you should not use bash when logged in as root. I 
 am saying that you should not configure your root account to login with 
 shell that is dysfunctional if /usr is unmounted. 

Look, if /usr is unmounted and you are logged in, you are on the console :

[EMAIL PROTECTED] gdm2 # which sshd
/usr/sbin/sshd

so you may as well be single user and pick the shell you want. If /usr is
hosed, run /bin/*sh. What's the problem?

Yes, 'exec zsh' or 
 whatever is a minor hassle, but it's there to remind you that root is 
 different.

Sorry, but this is just dogma. Give me a benefit of not changing roots shell
that isn't either:

a) csh is really shitty, so encourages you not to su
b) if your shell is in /usr you will be screwed if /usr is unmounted
c) 'bash is for teh lam0rs' ( ok no-ones explicitly mentioned this yet, but 
admit it,
   it entered your head :) )

or let's just drop it.

This thread has come back from the dead more than Captain Scarlet,
it just gets my goat everytime I hear the same dubious arguments.


-- 
'Everyone's always in favour of saving Hitler's brain, but when you put it
in the body of a Great White shark suddenly you've gone too far..'
-- Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: bash - superuser

[Dick Davies]

* Erik Trulsson [EMAIL PROTECTED] [1224 00:24]:
 On Tue, Dec 21, 2004 at 10:30:20AM +1030, Greg 'groggy' Lehey wrote:
  On Monday, 20 December 2004 at 15:52:27 +0100, Ruben de Groot wrote:
   On Mon, Dec 20, 2004 at 01:32:53PM +, Dick Davies typed:
   * Gerhard Meier [EMAIL PROTECTED] [1207 12:07]:
   On Mon, Dec 20, 2004 at 08:41:57AM -0200, Giuliano Cardozo Medalha 
   wrote:
   I have a machine with FreeBSD 5.3 - release -p2.
  
   I have installed bash from ports.
  
   How is possible to use bash in root account ?
  
   Do not change the shell of the root account. If you have /usr or
   /usr/local on a separate partition, and you cannot mount for some
   reason, you wont be able to fix that, without booting from
   another device.
  
   No, but you'll still be able to use /bin/sh when going single user, so
   what's the big deal?
  
   Using a shell not contained in the root filesystem can cause
   problems even when not in single user mode. There are enough
   examples in the archives.
  
  This is a particularly tenacious rumour.  I've been using bash as my
  root shell on many different UNIX platforms for nearly 14 years, and
  I've never had any problems.  I've also never seen any substantiated
  problems reported anywhere.
 
 There was actually an actual problem with having bash as root shell
 reported on this very list about a week ago. See
 http://docs.FreeBSD.org/cgi/mid.cgi?41C0CC10.4020109
 and
 http://docs.FreeBSD.org/cgi/mid.cgi?20041216001329.GA37679
 for the conclusion of the thread.

I can't see the beginning of the thread there, but ISTR that's a problem with
the pppd script running before the dynamic library path is set up (so being 
unable
to see /usr/local/lib). 

That's hardly a bash issue, and would be a non-issue if you statically linked 
bash
(I can't think of any reason to want a dynamically linked one).

-- 
'In the beginning the Universe was created. This has made a lot of people
very angry and been widely regarded as a bad move.'
-- The Guide
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: courier imap keys and self-signed ca signing

[Dick Davies]

* Louis LeBlanc [EMAIL PROTECTED] [1204 18:04]:
 On 12/19/04 12:45 PM, dave sat at the `puter and typed:
  Hello,
  I've got a 5.3 box that i'm using as a self-signing ca. I want to get
  keys going for all the various protocols i use, http, which i've done, pop
  and imap, and smtp. It's these last three i'm having the headache. I'm using
  postfix as my MTA and courier imap for pop/imap, i know that the latter has
  a program to generate keys but not csr's, i'm not sure how to get keys from
  courier and/or postfix to the ca for signing. I'm probably missing somehing
  very basic, and would appreciate any help.

Dave, why not just generate the csrs on the CA, then scp them to the individual
servers? If you have a CA, just do:

# generate a request
# (do a find for CA.pl, it should be under /etc/ somewhere.)
./CA.pl -newreq-nodes

# then sign it 

./CA.pl -sign

That produces newcert.pem Then:

newreq.pem = the server key
newcert.pem = the server certificate

rename the two files to something memorable 

mv newreq.pem imap.domain.key
mv newcert.pem imap.domain.cert

and scp them to whereever they should live.

 Why would you want to use multiple methods?  Just create a single self
 signed CA from OpenSSL and use it to sign a single cert for all your
 servers.  You could also just use a self signed cert for all of them.

Unless I read that wrong, you're suggesting having all servers 
(imap/https/database/etc) on a host share a single server cert.

Don't you think thats a bit iffy security-wise?
Then I have to have a server key readable by all the servers (many of which run
as different users), and if one is taken they are all impersonatable.

 
 Check out this info:
 http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
 
 That will tell you about using a single cert for multiple domains if
 that is what you need.

Useful link.
I've used that for situations where I have two or more hosts in a load balance
group, where I set the subjectAltName to ldap.domain, and the CNs are 
ldap1...n.domain.
Then clients that aren't ldap-uri (which allows multiple servers to be listed) 
aware
can just use a round-robin  DNS entry of ldap.domain and still see that the 
server is 
what they expected.

I'm not sure http browsers (for example) are aware of that field, however.

-- 
'You may need to metaphorically make a deal with the devil.
By 'devil' I mean robot devil and by 'metaphorically' I mean get your coat.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

linux-base borked?

[Dick Davies]

just a quick sanity check - I'm trying to install linux stuff, and getting 
security warnings from portaudit about linux-base-7 having xpm vulns.

Is that right? 

-- 
'Some people, when confronted with a problem, think I know, I'll use
regular expressions. Now they have two problems.'
-- Jamie Zawinski
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: for Centrino (Pentium-M) - ways to decrease CPU power?

[Dick Davies]

* Miles Keaton [EMAIL PROTECTED] [1236 13:36]:
 Can FreeBSD tell a Centrino (Pentium-M) CPU to decrease its CPU power?
 
 I have a laptop (Gateway 450ROG) whose CPU seems to run hotter in
 FreeBSD doing *nothing* than it does in Windows doing almost anything.
   So much so that the loud emergency fan kicks on often to cool the
 CPU, even when the computer is doing nothing at all.
 
 I'm using the newest FreeBSD 5.3 release, but had this same problem with 4.10.
 
 Any advice?  Anything I can put in the kernel or boot-scripts to tell
 this Centrino to take it easy?

Install sysutils/estctrl, works for me.

-- 
What have you done to the cat? It looks half-dead. - Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: routing monitoring ?

[Dick Davies]

* Frank Bonnet [EMAIL PROTECTED] [1236 11:36]:
 Hi
 
 I've installed an old PC ( PII 350 Mhz ) as a router
 it works like a charm ;-) I wonder which tool I could install
 on it to monitor a bit the routing process.

cricket kicks the ass.

built on perl and rrdtool, really powerful config syntax once you
get your head round it:

http://cricket.sourceforge.net/support/doc/beginner.html

ports/net-mgmt/cricket

-- 
With that big new contract, I've been able to make those government mandated
upgrades you've all been suing me about. - Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: different passwords for local and remote login?

[Dick Davies]

* Geert Hendrickx [EMAIL PROTECTED] [1217 08:17]:
 Hi,
 
 is it possible to have a different password for local (console, xdm) and
 remote (ssh) logins?

absolutely, you need to tweak pam settings for each service.
 
 I have a separate password database for my imap-server (dovecot), and I
 was wondering whether this is possible with OpenSSH, too.
 
 GH
 ___
 [EMAIL PROTECTED] mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

-- 
Everyone's always in favour of saving Hitler's brain, but when you put it
in the body of a Great White shark suddenly you've gone too far.. - Prof. 
Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Two versions of ruby == problem?

[Dick Davies]

* Roger Merritt [EMAIL PROTECTED] [1210 09:10]:
 After doing a cvsup on one of my machines I like to run 'portversion -c  
 needs.update' to see what needs updating. If the output is small enough I 
 might try doing 'portupgrade -a', but usually I go through the list one by 
 one to set the flags I think portupgrade will need for that case. This time 
 I was a little surprised to find two entries for ruby:
 
 #
 #  ruby
 #  needs updating (port has 1.6.8.2004.07.28_1)
 #
 pkgs=$pkgs ruby-1.6.8.2004.07.28
 
 #
 #  ruby
 #  needs updating (port has 1.8.2.p2_2)
 #
 pkgs=$pkgs ruby-1.8.2.p2_1
 
 I don't know how I got two versions installed, but more importantly I 
 wonder if this is a problem? Should I deinstall one or the other?

I'd imagine you installed an old port that was hardcoded to depend on ruby16,
if you pkg_deinstall the 16 version it should warn you what was using it.

 I deinstall both and reinstall one (I suppose 1.8.2.p2_2 is the most 
 recent)? Or should I just go ahead and upgrade both?

I'd get rid of 16 unless you have a real need for it, 1.8 is a lot faster in
my experience.

-- 
Ugh, it's like there's a party in my mouth and everyone's throwing up. - Fry
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD or OpenBSD

[Dick Davies]

* Damien Hull [EMAIL PROTECTED] [1247 21:47]:
 I've been a FreeBSD user for a while now and I love it. I'm running 4.10
 and plan on upgrading soon. I'm also an OpenBSD user but I tend to use
 it for firewalls and routers. I setup Apache and Subversion on OpenBSD
 3.6 last week. This is the first time I have ever done anything other
 then a firewall on OpenBSD. 
 
 I'm thinking about using OpenBSD on more servers. Before I do that I
 would like to know what people on the list think. 
 
 Why I want to switch to OpenBSD.
 1. OpenBSD has good security
 2. Stable
 3. Firewall and routing support is built in

None of that is any better in openbsd, at least in my experience.
pf would have been a seller, but all three bsds have that now.

In my experience (of openbsd 3.6) you have less ported software, the system
is slower, the installer is primitive, kernel/world compiles are difficult...
and there's no portupgrade, which is really what brought me back to freebsd from
netbsd. I really don't understand what all the fuss is about with openbsd, 
smells like
marketing to me...

(no, I don't want to get into a long 'your os is lamer than mine' scrum, thanks.
This is my opinion, and it's worth what you paid for it.)

-- 
Tempers are wearing thin. Let's hope some robot doesn't kill everybody. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: /usr/local/etc/rc.d vs /etc/rc.conf question

[Dick Davies]

* Paul Schmehl [EMAIL PROTECTED] [1210 17:10]:
 --On Thursday, December 02, 2004 07:39:00 AM -0900 Andy Firman 
 [EMAIL PROTECTED] wrote:
 
 
 I just took over a FreeBSD box and there is a
 proftpd.sh script in the /usr/local/etc/rc.d directory.
 
 There is also this entry in /etc/rc.conf:
 proftpd_enable=YES
 
 There is no need for entries in /etc/rc.conf
 if the script exists in /usr/local/etc/rc.d right?
 
 If you remove the /etc/rc.conf entry, you can still start the daemon 
 manually (/usr/local/etc/rc.d/proftpd.sh start), but it will not start on 
 boot.

No, that still won't work (which makes sense if you think about it, how would 
the
script know whether the system is booting or not?).

 If you read the link below, you should see that you need
to 'scriptname forcestart' etc if there is no service=YES in rc.conf.
Similarly 'forcestop' to shut it down.
 
 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-rcng.html

-- 
Tempers are wearing thin. Let's hope some robot doesn't kill everybody. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: linux emulation

[Dick Davies]

* Mikko Heiskanen [EMAIL PROTECTED] [1244 16:44]:
 I've been wondering about this some time now.
 The linux compatibility layer (kernel module + linux_base -port)
 is told to be able to run linux binaries. The handbook even describes
 for a couple of heavy-duty applications how this is done.
 However, after reading that part of the handbook and googling around the
 net, I haven't the slightest idea how I'm supposed to run such program.

Same as any other binary.

 Let's say I have a program. Should I put it in /compat/linux/somewhere,
 run it like /compat/linux/somewhere/executable and it just somehow
 works? Or should I chroot to /compat/linux?
 How does FreeBSD know when to use linuxemu? 

A Linux binary looks different to a native one. The system notices and 
kicks off the emulation layer. (effectively you have a different system
call table for each emulated OS, if that means anything to you).

There's a detailed explanation of NetBSDs way of doing this (I expect
FreeBSDs is very similar) in a six part onlamp series starting at:

http://www.onlamp.com/lpt/a/2623


-- 
And if you think you're going to bleed all over me
you're even wronger than you normally be - The Specials, 'Little Bitch'
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: JDK Issues

[Dick Davies]

* Lars Eighner [EMAIL PROTECTED] [1126 22:26]:

 Java HotSpot(TM) Client VM warning: Can't detect initial thread stack 
 location
^

Mount linprocfs. (Incidentally, you could have just googled this.
'If you can't figure this out for yourself.' :) )

-- 
If we can hit that bull's-eye, the rest of the dominoes will fall like a
house of cards... Checkmate! - Zapp. Brannigan
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: JDK Issues

[Dick Davies]

* Lars Eighner [EMAIL PROTECTED] [ 16:11]:
 On Mon, 29 Nov 2004, Dick Davies wrote:
 
 * Lars Eighner [EMAIL PROTECTED] [1126 22:26]:
 
 Java HotSpot(TM) Client VM warning: Can't detect initial thread stack
 location
^
 
 Mount linprocfs. (Incidentally, you could have just googled this.
 'If you can't figure this out for yourself.' :) )
 
 
 
 Still did not work according to the recommended googled solution,
 which was *not* to make clean, load and mount linuxprocfs, and
 restart.   That resulted in a breakdown somewhere in building 
 Hotspot.  

Sorry, the post I saw mentioned a make clean.

 It does work if you make clean, but then of course
 unless you have a really fast-ass machine, you've got a hell of
 a lot of make to do over.
 
 Pity there is no way a port could test for linuxprocfs and warn
 you before you got started.

That's the trouble - the linux jdk14 *does* tell you you need to build 
linprocfs:

[EMAIL PROTECTED]:linux-sun-jdk14$ cat 
/usr/ports/java/linux-sun-jdk14/pkg-message 
==
Warning: This JDK may be unstable. You are advised to use the native
FreeBSD JDK, in ports/java/jdk14.

This Java VM will attempt to obtain some system information by
accessing files in linux's procfs.  You must install the Linux
emulation procfs filesystem for this to work correctly.  The JVM
will exhibit various problems otherwise.  This can be accomplished
by adding the following line to your /etc/fstab file:

 linprocfs   /compat/linux/proc   linprocfs   rw   0  0

and then, as root, executing the commands:

kldload linprocfs
mount /compat/linux/proc 

==


but of course this is only helpful if you are building ports one at a time
(otherwise you don't see the messages from the dependencies you are installing).

That's a general problem IMO with all the BSD pkgsrc/ports tree implementations
BTW, and should be fixed - maybe by buffering all the dependant pkg-messages 
generated
and echoing them one after the other when the final build finishes?
(trouble is I don't think ports/pkgsrc is aware of whether it just built a 
dependency,
or whether you've had it installed for two years).

In this case I think an argument could be made for the native jdk port to check 
for
linprocfs, as you say. Have you contacted the port maintainer (try [EMAIL 
PROTECTED] if
you get no joy elsewhere, they're a good bunch)?



-- 
Robots don't have emotions, and that sometimes makes me feel sad. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: kernel compile error

[Dick Davies]

* Brian Bobowski [EMAIL PROTECTED] [1134 14:34]:
 Joshua Lokken wrote:
 
 On Fri, Nov 26, 2004 at 04:03:52PM +0900, Rob wrote:

 
 Matt Emmerton wrote:
  
 
 Having such a mechanism, would prevent lots of beginners in the
 kernel compiling stuff, to get frustrated with errors like above.
  
 
 Also, as you see, it's well-documented in the kernel config file ;)
  
 
 While this is true, it's also easy enough for someone to snip the 
 directions when slicing things out of the config file. Assuming that the 
 user won't do things the wrong way is a sure way to succumb to Murphy's 
 Law(the real one).

Yeah, but assuming a user who can't read a comment is happy enough to 
go editing a kernel config file, that's their funeral.

we'll err on the side of handing out rope and guns to all interested
parties while hoping you have enough smarts to keep from hanging yourself
or shooting yourself in the foot. - html, the definitive guide

 The main barrier I can see to this is getting whatever parses the config 
 file to recognise such dependencies

I agree it should be fixed in config if anywhere, but it's worth bearing
in mind that kernel compiles on any platform are still non-trivial.

I did a kernel build on Debian yesterday and it took half a dozen goes to 
get a USB mouse working because usbhid wasn't there. No warnings, just 
shedloads of insmod failures on reboot. Nice.

At least our compiler craps out :)

-- 
What have you done to the cat? It looks half-dead. - Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Copyright Issues

[Dick Davies]

* Jonathan T. Sage [EMAIL PROTECTED] [1102 07:02]:
 Ted Mittelstaedt wrote:
 
 Besides, I am amazed this company hasn't already had problems with theft,
 if one of these condom dispensers showed up around here, I can think of
 a dozen people who would be trying to figure out how to steal it.
 
 
 and on that note, did they continue that copyright infringment on the 
 actual product? Cause my spidey sense is sensing that machine being sold 
 out soon.  (come on, you're all thinking how much you want a daemon 
 packaged condom on your workstation.  admit it.)

Er, it doesn't sell condoms. 

I'll leave it at that O_o


-- 
Ugh, it's like there's a party in my mouth and everyone's throwing up. - Fry
Rasputin :: Jack of All Trades - Master of Nuns


pgpObJWKpTut7.pgp
Description: PGP signature

Re: How do you make install without direct internet access?

[Dick Davies]

* Doug Poland [EMAIL PROTECTED] [1129 21:29]:
 On Tue, Nov 23, 2004 at 01:22:07PM -0800, Ralph wrote:

  actually, since I was in csh, the setenv FTP_PROXY
  my.internal.proxy:80 worked like a charm, except that,
  for some reason, fetch refuses to work without
  internet DNS resolution.  As with our environment, no
  internal hosts have external DNS resolution - how do
  you solve that?
  
 If you have ssh access out through the firewall, you can tunnel DNS (and
 http/ftp) requests through a *well-connected* Unix host.  

Well, yeah, but then you might as well not bother with a proxy...

That sounds like a bug to me - I guess most people use fetch with proxies
so the proxy will cache the distfiles rather than to allow isolated machines
to get on the network, which might explain why it's not been spotted before?

-- 
The State is the kind of organization which, though it does big things
badly, does small things badly too. - John Kenneth Galbraith
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: 4 part domain names

[Dick Davies]

* stheg olloydson [EMAIL PROTECTED] [1157 00:57]:

 .. Generally, however,
 the tertiary domain level is the system's function: www, ftp, mail,
 etc. if the system is public.

nitpick
the function is often the leftmost component, not the tertiary - plenty
of domains have more than 2 domain components.
/nitpick

-- 
In the beginning the Universe was created. This has made a lot of people
very angry and been widely regarded as a bad move. - The Guide
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: 4 part domain names

[Dick Davies]

* Peter Risdon [EMAIL PROTECTED] [1140 15:40]:
 Hexren wrote:
 JM On Wed, Nov 24, 2004 at 04:08:06PM +0100, Hexren wrote:
 JM : location. 510 could identify a rack or a datacenter so that
 JM : us.510.mail.example.com means a mail server in the datecenter with
 JM : the id 510 which serves the United States.
 
 JM So 'us.510.mail' is an atomic, arbitrary identifier.  All three as a 
 unit
 JM identify a certain node, and are selected purely for convenience of 
 human
 JM operators, right?
 
 I would say yes.
 
 
 JM I'm just making sure that the network doesn't treat 'us.510.mail' any
 JM different than it would treat 'foobar', right?
 
 I would say yes too.
 
 
 How does this square with the fact, as I understand it, that I can 
 delegate authority for mail.example.com to new nameservers which can 
 then publish host information about this zone?

That's got nothing to do with the network.
For example, I can create a host in example.com called
 
us.510.mail

and you can't stop me (evil laughter).


-- 
Robots don't have emotions, and that sometimes makes me feel sad. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: httpd.conf

[Dick Davies]

* metallarch [EMAIL PROTECTED] [1131 16:31]:
  
 I made a virtualhost on apache 2.0 ..  
 Here is my configs
 rc.conf:
 gateway_enable=yes
 ifconfig_rl0=inet 192.168.0.249 netmask 255.255.255.0
 ifconfig_rl0_alias0=inet 192.168.1.35 netmask 255.255.255.0
 httpd.conf:
 Listen 80
 ServerName 192.168.0.249:80
 DocumentRoot /../../../ (e.t.c)
 NameVirtualHost 192.168.1.35:80
 VirtualHost 192.168.1.35
  DocumentRoot /../../../
  Servername 192.168.1.35 
 /VirtualHost 
 
 And after starting apache when i write
 links 192.168.1.35  it gives me error 403 Forbidden 
  you don`t have permission to access  192.168.1.35:80

You don't have permission to show the contents of the docroot
and it won't show you an index because you haven't configured it.

-- 
Ugh, it's like there's a party in my mouth and everyone's throwing up. - Fry
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: 4 part domain names

[Dick Davies]

* Peter Risdon [EMAIL PROTECTED] [1153 16:53]:

 For example, I can create a host in example.com called
  
 us.510.mail
 
 and you can't stop me (evil laughter).

 Sent the RFC mail prematurely...
 
 RFC 952 says:
 
 quote A name (Net, Host, Gateway, or Domain name) is a text string 
 up to 24 characters drawn from the alphabet (A-Z), digits (0-9), minus 
 sign (-), and period (.). Note that periods are only allowed when they 
 serve to delimit components of domain style names. (See RFC-921, 
 Domain Name System Implementation Schedule, for background).
 /quote
 
 
 So I guess you could, but it wouldn't be canonical. If authority ever 
 gets delegated for mail.example.com, then for 510.mail.example.com, then 
 a host called us is published, there's going to be a bit of a problem 
 with your network.

Oh my god yes. I've done this for shuddercustomers/shudder.
It works. And is horribly confusing for everyone.

I stand by my demented cackle ^_^

-- 
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Copyright Issues

[Dick Davies]

* Mick Walker [EMAIL PROTECTED] [1137 14:37]:
 Hi all,
 
 Sorry if this post is off topic.
 Last night me and a few friends decided to go for a few quiet drinks
 after playing football for a few hours. For this we choose a little pub
 in the village of Yarm (Close to Middlesbrough in the north east of the
 UK), the name does escapes me at this time, but I believe it had some
 reference to a 'Ox' in the title.
 
 Now, getting to the point, I was shocked when I went into the toilet
 facilities in the pub, and found one of those vending machines that sell
 novelty items of a sexual nature, featuring on the design something that
 looked remarkably similar to the BSD Daemon.
 Having my camera cell phone with me, I took a few snaps which are
 located here:
 http://codegurus.org/~mwalker/Image045.jpg
 http://codegurus.org/~mwalker/Image046.jpg
 http://codegurus.org/~mwalker/Image047.jpg
 http://codegurus.org/~mwalker/Image049.jpg
 http://codegurus.org/~mwalker/Image050.jpg

Haha, yeah they are in the gents in the Springbox bar in Cardiff too.

Aren't they official merchandise then ?


-- 
You may need to metaphorically make a deal with the devil.
By 'devil' I mean robot devil and by 'metaphorically' I mean get your coat. - 
Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: How do you make install without direct internet access?

[Dick Davies]

* Ralph [EMAIL PROTECTED] [1132 20:32]:
 Hey, I've got a proxy-out connection where these boxes
 are installed.  In other words, the only way to get
 out to the internet is through the http/ftp proxy.  So
 in my /etc/profile I have a line
 
 HTTP_PROXY=my.internal.proxy:80

try http_proxy=http://my.internal.proxy:80



-- 
Good news, everyone! I've taught the toaster to feel love! - Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: NEW: cannot ssh to my computer

[Dick Davies]

* Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]:
 On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote:
  Just another thing ...
  
  If I remove myself from the group wheel then I CAN ssh to my computer; if I
  put myself back to wheel - then CANNOT ssh to the computer.
  
  How can I ssh and be a member of the wheel group?
 
 In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and
 restarting sshd would help.

That setting shouldn't affect wheel logins.

-- 
Yeah, life is hilariously cruel. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: unsure about /etc/hosts

[Dick Davies]

* Oliver Fuchs [EMAIL PROTECTED] [1107 21:07]:

 # Host Database
 #
 # This file should contain the addresses and aliases for local hosts that
 # share this file.  Replace 'my.domain' below with the domainname of your
 # machine.
 #
 #
 ::1   localhost localhost.my.domain
 127.0.0.1 localhost localhost.my.domain
 
 So my hostname is I.and.I so the /etc/hosts entry must be:
 ::1   localhost localhost.and.I
 127.0.0.1 localhost localhost.and.I
 
 Now regarding some programs (e.g. mutt) this option is not able to deliver
 mail locally instead putting it in /var/spool/mqueue or
 /var/spool/clientmqueue.
 
 If I use this:
 ::1   localhost I.and.I
 127.0.0.1 localhost I.and.I

This sets your hostname to point to the localhost address - is that what you 
want? Normally, you set your hostname to a public IP (or at least a network
connected IP)

i.e.

::1 localhost localhost.and.I
127.0.0.1   localhost localhost.and.I
1.2.3.4 I.and.I

Jah love.

 
-- 
Oh how awful. Did he at least die peacefully? To shreds you say, tsk tsk 
tsk.
Well, how's his wife holding up? To shreds, you say... - Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: your mail

[Dick Davies]

* Antoine Solomon [EMAIL PROTECTED] [1159 00:59]:
 Hello, I am unable to build the jdk14 port.  Here are the errors that I get
 
 
 .java ; \
 fi
 /usr/ports/java/jdk14/work/control/build/bsd-i586/gensrc/java/util/CurrencyData.java:1:
 'class' or 'interface' expected
 Java HotSpot(TM) Client VM warning: Can't detect initial thread stack location
 ^
 /usr/ports/java/jdk14/work/control/build/bsd-i586/gensrc/java/util/CurrencyData.java:1:
 unclosed character literalJava HotSpot(TM) Client VM warning: Can't
 detect initial thread stack location
^

ISTR you need linprocfs mounted for the linux jvm to run correctly (which is 
used to 
build the native one).

 2 errors
 gmake[4]: *** [.compile.classlist] Error 1
 gmake[4]: Leaving directory `/usr/ports/java/jdk14/work/j2se/make/java/java'
 gmake[3]: *** [optimized] Error 2
 gmake[3]: Leaving directory `/usr/ports/java/jdk14/work/j2se/make/java/java'
 gmake[2]: *** [all] Error 1
 gmake[2]: Leaving directory `/usr/ports/java/jdk14/work/j2se/make/java'
 gmake[1]: *** [all] Error 1
 gmake[1]: Leaving directory `/usr/ports/java/jdk14/work/j2se/make'
 gmake: *** [j2se-build] Error 2
 *** Error code 2
 
 Stop in /usr/ports/java/jdk14.
 
 -- 
 Antoine W. Solomon Jr.
 ___
 [EMAIL PROTECTED] mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

-- 
My life, and by extension everyone else's, is meaningless. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: User CD Mount

[Dick Davies]

* Graham Bentley [EMAIL PROTECTED] [1103 15:03]:
 
 Hi All,
 
 I am trying to get permission to mount CD's when logged in non root
 Following the handbook advice I have :-
 
 As root set the sysctl variable vfs.usermount to 1.
 # sysctl -w vfs.usermount=1
 Added the line vfs.usermount=1 to the file /etc/sysctl.conf
 
 Changed group perms on devs
 # chgrp operator /dev/acd0
 # chgrp operator /dev/acd1
 
 Changed access perms
 # chmod 640 /dev/acd0
 # chmod 640 /dev/acd1
 
 Changed group perms on the mount points
 # chgrp operator /cdrom
 # chgrp operator /cdrom1
 
 Added myself to the operator group in /etc/group
 operator:*:5:root,graham
 
 However non of this worked - I could still not mount as non root
 even though I was in the operator group.

You need to own the mount point, I think - group writablity is'nt
enough.
 

-- 
common sense is what tells you that the world is flat. - Principia Discordia
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: uninstall freebsd

[Dick Davies]

* Ton Keesmaat [EMAIL PROTECTED] [1106 13:06]:
 Question:
 
 I got a PC where freeBSD is installed. I want to uninstall freeBSD and
 format my the harddrive so i can install Windows.
 When starting the PC it asks for a login name and password which i don't
 know. Booting with a floppy with MS Windows 98 works...finally i am at the
 A: drive but i cannot go to the c: drive because he does not recognise this.
 Can i get some info for how to to this? Or is there an internetpage with
 info about this problem

www.microsoft.com?

Seriously, just format the drive and start again.

-- 
My life, and by extension everyone else's, is meaningless. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Caching DNS Server?

[Dick Davies]

* Andrew Smith [EMAIL PROTECTED] [1104 17:04]:
 I want to setup a Caching DNS server for my network using FreeBSD 5.3.  
 Can someone point me in the right direction with what port I need to install
 and any links to installation guides?

You can use bind as others have suggested , though I found that pdnsd was good 
for 
frequently rebooted machines (dual-boot laptops for example) as it saves cached 
zones
to disk.

-- 
That question was less stupid; though you asked it in a profoundly stupid way. 
- Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Naming confusion

[Dick Davies]

* Lloyd Hayes [EMAIL PROTECTED] [1109 16:09]:
 Here's a new thread.
 Naming the computer host?
 
 I'm confused by this. As I understand it, I get a different DNS 
 assignment every time that I hook into the Internet from a different 
 location. Yet FBSD seems to want a permanent assignment which I would 
 normally get from my ISP. I don't have a permanent ISP. I mainly use 2 
 services at locations all across the USA. Normally I simply assign a 
 name to the computer, but it appears that FBSD wants a complete Internet 
 address.

No, it shouldn't do. But life does get a lot saner if you get a free
dynamic domain name from somewhere like dyndns.org and use ddclient from
ports to automatically update it when you change IP.

-- 
Oh how awful. Did he at least die peacefully? To shreds you say, tsk tsk tsk.
Well, how's his wife holding up? To shreds, you say... - Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Postgresql not starting...

[Dick Davies]

* [EMAIL PROTECTED] [EMAIL PROTECTED] [1153 22:53]:

 In /usr/local/etc/rc.d I find 010.pgsql.sh to start the service but
 /usr/local/etc/rc.d/010.pgsql.sh start
 doesn't look to do anything.
 
 if I su - pgsql then try to createdb an error of missing server pops
 up.
 Could you please help in a straightforward way how to set postgresql straight?

less ~pgsql/post-install-notes 

you want 

 su -l pgsql -c initdb

initdb creates the postgres system catalogs etc, you can't use createdb without
them (since createdb makes databases by copying the template1  database).

 By the way how can I tell FreeBSD I want the postgresql to be started at
 boot time?

'/usr/local/etc/rc.d/010.pgsql.sh start'  should work after you've run that.

Once the postmaster starts, then createdb will work.

-- 
Aww, you know what always cheers me up? Laughing at other people's misfortunes. - 
Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: WiFi 802.11b or g setup

[Dick Davies]

* Lloyd Hayes [EMAIL PROTECTED] [1113 00:13]:
 Start with the basics
 
 Exactly!
 Here you go:
 
 plip0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
 
 On FreeBSD, I've been trying to use the Sysinstall menus.

Not sure they support wireless NIC configuration, but since the card isn't 
even detected, that's the least of your worries.

 The modem is currently in the PCMCIA slot and I am in an area with WiFi 
 access. Also in a PCMCIA slot is a card which is a USB2 hub.

By modem you mean network card, yeah? Do the usb2 hub and the pcmcia slot
show up? And have you tried removing that - don't think freebsd supports usb2
hubs yet, it might be causing some conflicts.

--
Ugh, it's like there's a party in my mouth and everyone's throwing up. - Fry
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: WiFi 802.11b or g setup

[Dick Davies]

* Lloyd Hayes [EMAIL PROTECTED] [1057 19:57]:
 I have several wifi modems. I've read where the Linksys 802.11b seems 
 the most compatable with UNIX type systems. I bought this one recently. 
 I also have the US Robodics 802.11g, Netware 802.11b, and a generic 
 wavelan 802.11b PCMCIA card. I have yet to get any of these to work 
 under a UNIX type system. Obviously there is something here that I don't 
 understand.
 
 Anyone have some step-by-step instuctions for this idiot?

What have you tried, and what didn't work?

-- 
With that big new contract, I've been able to make those government mandated
upgrades you've all been suing me about. - Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: External Hard drive

[Dick Davies]

* Lloyd Hayes [EMAIL PROTECTED] [1056 19:56]:
 I have been using this 6 year old laptop as a test bed for the different 
 versions of Linux and FreeBSD. (The built-in CD ROM is almost worn out.) 
 I just put v5.2.1 back on this laptop. It doesn't want to recognize this 
 hard drive. I have checked the 'dmesg' and can't see any mention of this 
 connection. I can connect and disconnect this drive while the system is 
 running and not get any messages. I have ssh running and it is obviously 
 doing something to the drive since I hear the drive clicking on/off. In 
 fact, it sounds like a clock. (I am constantly getting messages from ssh.)

Drive has died? Can you see it under winders?

-- 
Bender, Ship, stop arguing or I'll come back there and change
your opinions manually. - Leela
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD wireless access point (under 5.2.1)

[Dick Davies]

* Jason Mann [EMAIL PROTECTED] [1157 10:57]:
 Hi folks.
 
 I am trying to set up a FreeBSD wireless access point as per the
 instructions in chapter 24.3 of the handbook.
 
 I have successfully done this in the past using FreeBSD 4.8.
 
 My network topology is illustrated here:
 http://b0rken.org/~jason/homenet.png
 
 My FreeBSD machine has an xl0 wired interface, addressed as 192.168.0.1, and
 a wi0 wireless interface with no address assigned.
 
 It is also running a DHCP server, and my wireless laptop successfully leases
 192.168.0.20.
 
 options BRIDGE is in my kernel and the following sysctls are set:
 net.link.ether.bridge.enable=1
 net.link.ether.bridge.config=wi0,xl0
 net.inet.ip.forwarding=1
 
 
 After following the instructions to the letter, I am having the following
 problems:
 
 1. My wireless laptop can not ping the FreeBSD machine itself.
 
 2. Hosts on my wired network can not ping the wireless laptop, even though
 the wireless laptop CAN ping hosts on my wired network.

I could be wrong, but you'd expect that if you are bridging. That's a layer 2
thing (below IP).
 
 The fact that my laptop can ping the wired hosts proves to me that there is
 no configuration issues with wi0 on the FreeBSD machine.

-- 
My life, and by extension everyone else's, is meaningless. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: WiFi 802.11b or g setup

[Dick Davies]

* Lloyd Hayes [EMAIL PROTECTED] [1138 20:38]:

 When I go to configure an Internet connection over a network, I seem to 
 be getting the same errors with FreeBSD and the wifi card that I got 
 with Linux. I am probably approaching it wrong, someway. Trying to do 
 something (?) that I shouldn't, or not doing something that I should.

Start with the basics.

What does the card show up as in ifconfig -a?
then what does dmesg show for that card?

Finally, what commands have you tried? 'configure an Internet connection' 
doesn't explain what you're doing.


-- 
Bender, Ship, stop arguing or I'll come back there and change
your opinions manually. - Leela
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Laptops as routers

[Dick Davies]

* Robert Storey [EMAIL PROTECTED] [1036 04:36]:
 On Sun, 31 Oct 2004 01:12:19 +0200
 Emanuel Strobl [EMAIL PROTECTED] wrote:
 
  Am Sonntag, 31. Oktober 2004 00:20 schrieb Paul Hoffman:
   Greetings again. I'm looking to buy a couple of cheap old laptops to
   be used as temporary routers. They just need to be able to handle
   PCMCIA Ethernet cards, not much more (having an Ethernet connector
   on the motherboard is fine, of course.) I don't want to run
   XWindows, and I'm sure 64 MB and a 1gig hard drive would suffice.
  
   Are there any brands/models I should lean towards? Ones I should
   avoid?
  
  Bad idea IMHO. I'd suggest having a look at http://www.soekris.com/
  (net4501 for easiest requirements, better 4801, all in one extendable
  box) or if you 
 
 Or else take a look at mini-ITX:
 
 http://www.via.com.tw/en/initiatives/spearhead/mini-itx/

Good things about laptops:

1. built in console
2. built in UPS - if there's a power cut the box just runs on its battery

-- 
common sense is what tells you that the world is flat. - Principia Discordia
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Hostname

[Dick Davies]

* Mick Walker [EMAIL PROTECTED] [1004 10:04]:
 On Fri, 2004-10-29 at 00:25, Kris Kennaway wrote:
 
  On Fri, Oct 29, 2004 at 12:19:01AM +0100, Mick Walker wrote:
   Hi,
   
   I recently (today) upgraded to 5.3-STABLE.
   I am wondering why I cant set my hostname.
   It works if I issue the command hostname whatever.com, but on reboot it
   is reset to nothing.
   I have it set up in my /etc/rc.conf so it applies at boot time.
   
   Does anyone know how I can fix this?
  
  Show us what you've done first, don't describe what you think you did :-)
  
  Kris
 
 
 $ hostname 
 
 $
 $ hostname laptop.codegurus.org
 $ hostname
 laptop.codegurus.org
 $
 
 And in my /etc/rc.conf file I have:
 hostname=laptop.codegurus.org

Personally I'd just put 'laptop' in there, and add a 
search codegurus.org
at the top of resolv.conf, but that's not what's breaking your config.
Is dhcp or something unsetting the hostname ? There should be a line in the
boot messages that says

Setting hostname: laptop.codegurus.org
 
- look out for that, if it appears then something is resetting it later in
the boot.

-- 
common sense is what tells you that the world is flat. - Principia Discordia
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: question about openssh authentication.

[Dick Davies]

* joshua [EMAIL PROTECTED] [1036 13:36]:
 dear firends:
 
 there is a puzzle about openssh authentication, i try to solve it,
 but i could not, could you help me?
 there is two account named as 'joshua' and 'moon' on my server. i
 want to disable password authentication method for 'joshua', let he can
 login only use public key authentication. but account 'moon' can use
 both public key and password authentication. here, how to config
 openssh?

Could you just enable both methods and disable the 'joshua' accounts password?

-- 
One cannot make an omelette without breaking eggs -- but it is amazing
how many eggs one can break without making a decent omelette. - Charles P. Issawi
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: portupgrade and pkgtools.conf

[Dick Davies]

* Uros [EMAIL PROTECTED] [1054 10:54]:
 Hello!
 
 I'm trying to update subversion from ports and I have
 WITH parameters in my pkgtools.conf
 
 'devel/subversion' = [
 'WITHOUT_NEON=1',
 'WITH_APACHE2_APR=1',
 'WITH_BERKELEYDB=42'
 ]
   
 but when I do porupgrade subversion it looks like there was no parameters
 added to make. Because I always get error that devel/apr is not properly
 builded.
 
 Am I doing something wrong here.

The port is broken - google for the error message and you'll find a patch
to 1.1.0 that works (why it hasn't been committed yet is beyond me).

-- 
In the beginning the Universe was created. This has made a lot of people
very angry and been widely regarded as a bad move. - The Guide
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Can't login to Nessus

[Dick Davies]

* Alexandr [EMAIL PROTECTED] [1030 12:30]:
 I cvsuped my ports tree and install nessus and nessus-plugins.
 As root a run nessusd and run nessus, when I type my user name and password
 I get message in concole:
 
 SSL_CTX_load_verify_locations: error:02001002:system library:fopen:No such file or 
 directory

I'd guess it's trying to load an SSL key - did you create them?
(by default ISTR nessus talks to the nessusd over SSL).

-- 
Blackmail's such an ugly word. I prefer extortion. The x makes it sound cool. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

5.3 external ehci dvd drive

[Dick Davies]

Just got a new usb 2 enclosure and swapped out my internal cd/dvd drive to
it. I can mount it fine on 5.3 as cd(4) over umass(4) but it's too slow to
play DVDs over. 

Has anyone got this working, and is there a step I've missed?
The 1Mb/s speed line looks worrying, though usbdevs does show it hanging off
echi

cd0 at umass-sim0 bus 0 target 0 lun 0
cd0: SAMSUNG CDRW/DVD SM-348B T503 Removable CD-ROM SCSI-0 device 
cd0: 1.000MB/s transfers

?

-- 
And if you think you're going to bleed all over me
you're even wronger than you normally be - The Specials, 'Little Bitch'
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: 5.3 external ehci dvd drive

[Dick Davies]

* Brian McCann [EMAIL PROTECTED] [1032 12:32]:
 Did you compile ehci into the kernel?  I chose to upgrade to 5.3 RC1
 since it seamed to have better ehci support...still didn't work all
 that well with my drives...but it worked.  Remember, ehci is new and
 buggy. :)

Yeah, that's what I thought :) Luckily the enclosure has a firewire port
too, might I have more luck with that?
 

-- 
Power corrupts.  Absolute power - is kind of neat. - John Lehman, Secretary of the 
Navy, 1981-1987
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Apache2 + SSL

[Dick Davies]

* Nelis Lamprecht [EMAIL PROTECTED] [1041 11:41]:
 Hi,
 
 I've recently just installed apache-2.0.52_1 from ports on a new system.
 I've taken an already working configuration from an older machine and
 transferred it to the new server. No matter what I do I can't get SSL
 working even though it shows up as being used.
 
 www  54695  0.0  0.4 14256 9024  ??  I12:25PM   0:00.00
 /usr/local/sbin/httpd -DSSL
 
 It's as if anything I put between IfModule mod_ssl.c and /IfModule
 gets totally ignored.
 
 IfModule mod_ssl.c
 Include etc/apache2/ssl.conf
 /IfModule

Try 

IfDefine SSL
 Include etc/apache2/ssl.conf
/IfDefine


 httpd -S shows only the virtual hosts in httpd.conf and nothing from
 ssl.conf 

httpd -S -DSSL

-- 
My life, and by extension everyone else's, is meaningless. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Status of high-speed usb drivers

[Dick Davies]

* Davon Shire [EMAIL PROTECTED] [1016 12:16]:

 If by high-speed support you mean 'as fast as a local disk' then try it. It
 works.

  While I appreciate the quick reply. Reading my messages in detail
 might have been a little more enlightening in the kind of info I wanted.

If there was information in there you might get more useful responses.
You haven't even said what controller you use yet

 It would have taken you less time to type 'kldload ehci'
 than to write a sarcastic email.

 No sarcasm. Just a straight reply.

   I have already and on several dozen occassions loaded the ehci module.

Well say so and stop wasting peoples time then.
Hopefully someone else can help, sadly I have better things to do
than second guess your setup.

-- 
When you have to kill a man it costs nothing to be polite.
 - Winston Churchill, On formal declarations of war
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Status of high-speed usb drivers

[Dick Davies]

* Davon Shire [EMAIL PROTECTED] [1044 15:44]:
 Hello,
  I want to start this email saying I'm a very devoted FreeBSD user.
 I've been using it a very long time. Did the subscription thing. Etc etc
 
  That said, I'd very much like to know where on the horizon do USB 2.0
 highspeed drivers sit? I've seen that current is now into 6.0 but from what
 I've read USB functionality is not even on the agenda.

It's already in. man 4 ehci.
 

-- 
If it looks like a duck, and quacks like a duck, we have at least to consider
the possibility that we have a small aquatic bird of the family anatidae on our hands. 
- Dirk Gently
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Named configuration question

[Dick Davies]

* Albert Vila [EMAIL PROTECTED] [1023 10:23]:
 Hi all, 
 
  I've got a freebsd dedicated server in germany. My web page is only
 accessible by www.mydomain.com. Now, I wanna create subdomains by
 country, for instance, france.mydomain.com, spain.mydomain.com, 
 
 I think I have to set-up the named and create virtual-hosts in my
 apache. 

Are you running primary DNS for mydomain.com? Probably not, since you
don't have BIND running :)

Then you don't need to run bind, you need to speak to whoever looks
after that domain for you and get them to add the extra hostnames
for you.


-- 
If it looks like a duck, and quacks like a duck, we have at least to consider
the possibility that we have a small aquatic bird of the family anatidae on our hands. 
- Dirk Gently
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Compiling mod_proxy WITHOUT apache2

[Dick Davies]

* Stephan A. Rickauer [EMAIL PROTECTED] [1041 16:41]:
 Hi there,
 
 I successfully run an apache2 server on freebsd 4.10. Now I realised 
 that I've forgot to compile mod_proxy. Is there a way to only compile 
 the module without compiling whole apache2 and destroying my current 
 binary? Maybe a stupid question - I am rather new to bsd ..

you may as well rebuild it, it shouldn't take long.
Backup your config first just in case.

WITH_PROXY_MODULES make  install

should do it.

-- 
You were doing well until everyone died - God
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Postgres

[Dick Davies]

* Norman Uittenbogaart [EMAIL PROTECTED] [1010 16:10]:
 I'm trying to write a backup script for postgres and us a crontab on it.
 In the manual it says for pg_dumpall make $HOME/.pgpass so it won't ask 
 for a password.
 Now I made the .pgpass in root's homedir (i wanted to use root's 
 crontab) paste the password in it, chmod 400 it ...

Can't you just pgdump from the local socket? And not bother with the password
thing at all?


-- 
I never meant to hurt you. Just destroy everything you ever believed in. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ports freeze and portaudit alerts

[Dick Davies]

* Jacques Vidrine [EMAIL PROTECTED] [1027 17:27]:
 
 On Oct 10, 2004, at 3:43 PM, Dick Davies wrote:
   Shouldn't serious bugs (like the JPEG vuln
 in firefox for example) to override the freeze?
 
 What JPEG vuln in firefox?

Sorry, that was from memory - I was thinking of the libpng hole
(which of course isn't firefox specific).

But I'm still seeing this:

s known vulnerabilities:
 mozilla -- scripting vulnerabilities.
   Reference: 
http://www.FreeBSD.org/ports/portaudit/b2e6d1d6-1339-11d9-bc4a-000c41e2cdad.html
 Please update your ports tree and try again.
*** Error code 1


--
What have you done to the cat? It looks half-dead. - Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Installer

[Dick Davies]

* Jerry McAllister [EMAIL PROTECTED] [1009 23:09]:
  
 
 Geez, another top poster who mangles the flow of the thread!!
 
 jerry

Can we all shut up about top or bottom postings now please?

We know how everybody feels about it, because they've told us
a dozen times.  

Since we're all pouring our hearts out, I'd like to express how
annoying I find  pointless threads that go on for days and effectively
say:

'I would like my incoming mail to look like this please.'

Here's a fix -  only accept mail from yourself. Sheesh.


-- 
What have you done to the cat? It looks half-dead. - Schroedinger's wife
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Java5 and FreeBSD

[Dick Davies]

* Adam Smith [EMAIL PROTECTED] [1005 02:05]:
 On Sat, Oct 02, 2004 at 01:46:51AM +0100, Dick Davies said:
  * De Savant [EMAIL PROTECTED] [1038 01:38]:
   I was looking around with this latest announcement of Sun's Java2 1.5, 
   since I was considering using FreeBSD on our server (amd64) instead of 
   Linux. I made my way to Sun's java page, and then to the newest Java2 
   Enterprise Edition 1.4 release. Yet no FreeBSD Java?
  
  Sun have never released any VM for FreeBSD. The linux one will probably work
  out of the box under the Linuxulator.
 
 Don't they suck? :)

Well of course they do - they're Java VMs.
But they're no slower than a native one, and have the advantage of *existing* :)

-- 
If there's an alien out there I can't kill, I haven't met him
and killed him yet. - Zapp. Brannigan
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Pam_ldap

[Dick Davies]

* Bret Walker [EMAIL PROTECTED] [1028 00:28]:
 I've been trying all day to get pam_ldap to authenticate an ssh session
 against Active Directory.  I thought that I had found the perfect HOWTO
 (read: one that didn't require nss_ldap), but its instructions didn't seem
 to get it working on my system.
 
 I've read that can authenticate to AD with pam_ldap alone, and I've read
 that you can't, as well.  Does anyone have any experience doing this w/o
 nss_ldap.  I'm running 4.10, and I don't think it has support for
 nss_ldap.
 
 If anyone has any advice, I'd love to hear it.

You're not going to need nss_ldap if you just want to validate a password.
But it sounds a bit odd to have existing users in /etc/passwd and only have
the password itself from AD - and if the users don't exist in /etc/passwd
the system won't be able to log them in.

What was the howto you used?


-- 
I think it is true for all _n. I was just playing it safe with _n = 3
because I couldn't remember the proof.
-- Baker, Pure Math 351a
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Pam_ldap

[Dick Davies]

Right, basically this is doing what I thought - just checking passwords
in AD without looking up user info, so the accounts need to exist on the bsd server
(that may become a real pain in the arse, by the way).

couple of quick checks;

1) the ldap.conf referred to should  be /usr/local/etc/ldap.conf *NOT* 
/etc/openldap/ldap.conf

2) can you log onto the console as these users? If you're sshing you may need
to edit /etc/pam.d/sshd, and not login.


3) what's in your logs? If you have the 'debug' flag on, something will be getting
written to - check /var/log/secure and /var/log/messages


* Bret Walker [EMAIL PROTECTED] [1043 13:43]:
 It is here: http://www.netsys.com/pamldap/2002/04/msg00074.html
 
 Thanks,
 Bret
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Dick Davies
 Sent: Friday, October 01, 2004 4:31 AM
 To: Bret Walker
 Cc: FreeBSD Questions
 Subject: Re: Pam_ldap
 
 
 * Bret Walker [EMAIL PROTECTED] [1028 00:28]:
  I've been trying all day to get pam_ldap to authenticate an ssh 
  session against Active Directory.  I thought that I had found the 
  perfect HOWTO
  (read: one that didn't require nss_ldap), but its instructions didn't
 seem
  to get it working on my system.
  
  I've read that can authenticate to AD with pam_ldap alone, and I've 
  read that you can't, as well.  Does anyone have any experience doing 
  this w/o nss_ldap.  I'm running 4.10, and I don't think it has support 
  for nss_ldap.
  
  If anyone has any advice, I'd love to hear it.
 
 You're not going to need nss_ldap if you just want to validate a password.
 But it sounds a bit odd to have existing users in /etc/passwd and only
 have the password itself from AD - and if the users don't exist in
 /etc/passwd the system won't be able to log them in.
 
 What was the howto you used?

-- 
Yeah, life is hilariously cruel. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Pam_ldap

[Dick Davies]

* Bret Walker [EMAIL PROTECTED] [1023 15:23]:
 I have ldap.conf in /etc/ and in /usr/local/etc/ldap.conf


The one in /etc isn't doing anything, so get rid of it.

The  /usr/local/etc/ldap.conf should be holding the ad stuff 
(what user to bind as , etc).

 I am able to log into the console as these users using the local password,
 but not using the ldap password.  All of my pam info is in /etc/pam.conf,
 I don't have /etc/pam.d.

Then you're on 4.X right? Shouldn't stop this working.

 
 sshd  authsufficient  pam_skey.so
 sshd  authsufficient  pam_opie.so no_fake_prompts
 sshd  authsufficient  pam_unix.so try_first_pass
 sshd  authsufficient  /usr/local/lib/pam_ldap.so
 try_first_pass debug
 sshd  account requiredpam_unix.so
 sshd  passwordrequiredpam_permit.so
 sshd  session requiredpam_permit.co
 
 
 All I see in the logs are messages saying:
 error: PAM: User not known to the underlying authentication module

Right, so sshd is using pam. That's something.

The error could mean several things, one of which is that the user doesn't exist.

If you look through your ldap.conf, you  should have enough info to pretend to be
PAM.

use ldapsearch and try 

ldapsearch -H ldap://host from ldap.conf -D binddn from ldap.conf -W \
  pam_login_attribute from ldap.conf=username

and enter the bindpw from ldap.conf

If you don't get the AD account  back, then your ldap.conf is screwed.

 I'm pretty sure the ldap.conf files are correct, because I've followed the
 instructions from several places to the T.

The nice thing about definitive LDAP howtos is there are so many to choose from :) 

-- 
You may need to metaphorically make a deal with the devil.
By 'devil' I mean robot devil and by 'metaphorically' I mean get your coat. - Bender
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Java5 and FreeBSD

[Dick Davies]

* De Savant [EMAIL PROTECTED] [1038 01:38]:
 I was looking around with this latest announcement of Sun's Java2 1.5, 
 since I was considering using FreeBSD on our server (amd64) instead of 
 Linux. I made my way to Sun's java page, and then to the newest Java2 
 Enterprise Edition 1.4 release. Yet no FreeBSD Java?

Sun have never released any VM for FreeBSD. The linux one will probably work
out of the box under the Linuxulator.
 
 This release of the J2EE 1.4 SDK and the Sun Java System Application 
 Server Platform Edition 8 is available for the following platforms:
 Solaris 9 (SPARC and x86)
 Sun Java Desktop System
 Windows 2000 Advanced Server
 Windows XP
 Red Hat Enterprise Linux 2.1, 3.0
 
 That's odd, but Linux wasn't taken very seriously either for a long 
 time, so maybe it's under J2SE instead? Nope. Windows, Linux (x86), 
 Linux (amd64), Solaris (SPARC), and Solaris (x86). The same for 1.4 sdk 
 too. WTF, Right? Now I found:
 
 http://www.freebsd.org/java/
 
 This I'm guessing is not the J2EE that you read about in Sun's Java 
 books, but J2SE. So now I'm approaching my question. Will there ever be 
 plans to port J2EE to FreeBSD running as a server? 

J2EE is just a buttload of jarfiles, effectively. Install jboss from ports
and you have all the j2ee stuff you could ever want^W need^W , uh, put up with.


-- 
When you have to kill a man it costs nothing to be polite.
- Winston Churchill, On formal declarations of war
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

daemon book discounts

[Dick Davies]

http://www.theregister.co.uk/2004/09/21/freebsd_books/
-- 
The trouble with a kitten is that
When it grows up, it's always a cat
-- Ogden Nash
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Using port system in network using proxy server

[Dick Davies]

* Mark Jayson Alvarez [EMAIL PROTECTED] [0933 14:33]:
 Good day!
 
Do you have any idea on how I can install through
 freebsd port system when my internet connection is on
 LAN and our LAN uses proxy server? I can set the proxy
 details easily in my web browsers but I don't know how
 to do it in making ports. Some sort of proxy
 environment variable perhaps?

export http_proxy=http://your.proxy:3128

(don't forget the http:// prefix - I think there's a ftp_proxy too?)

-- 
A sine curve goes off to infinity or at least the end of the blackboard.
-- Prof. Steiner
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: What to backup

[Dick Davies]

* Gary Aitken [EMAIL PROTECTED] [0911 20:11]:
 Scott Gerhardt wrote:
 
 On Sep 15, 2004, at 12:19 PM, Curtis Vaughan wrote:
 
 I have a question about what exactly I should backup on my 5.3 FreeBSD 
 Server. So far I have chosen the following directories for full 
 backup.  But perhaps some is overkill.
 
 /etc
 /boot
 /home
 /var/log
 /usr/ports
 /root
 /usr/local
 /usr/src
 
 You probably do want to back up /usr/src/sys/xxx/conf,
 where xxx is i386 or whatever for your sys, since that is
 where your kernel config for custom kernels normally resides.

What I do is keep my kernel config in my home directory (under CVS
control) and symlink to it from /usr/src. I have 'rm -rf /usr/src'ed
once too often in anger :)
Also I prefer to have /usr/local/etc as a symlik into /etc/local/ , again
so I can 'cp -Rp /etc /etc.ok' before I start to reconfigure the system
(changing network IPs or similar) and restore everything easily.

-- 
The only real way to look younger is not to be born so soon.
-- Charles Schulz, Things I've Had to Learn Over and
   Over and Over
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: /root default permisions

[Dick Davies]

* Matthew Seaman [EMAIL PROTECTED] [0956 09:56]:
 On Tue, Sep 14, 2004 at 11:36:59PM +0200, Martin Vana wrote:
 
  I installed FBSD 5.3 Beta 3 - Default install, and as a regular user
  I can 'cat /root/.cshrc' or any other file in admin's directory?
  is it a bug?
 
 No, that's not wrong.  The /root directory should be mode 755, which
 means anyone can chdir to it, or list the contents.

s/should/is/

Is there any reason why it should be like this?


-- 
I have the world's largest collection of seashells.  I keep it
scattered around the beaches of the world ... Perhaps you've seen it.
-- Steven Wright
Rasputin :: Jack of All Trades - Master of Nuns


pgpryl1p1Gob0.pgp
Description: PGP signature

re: Which Distro?

[Dick Davies]

  I am going to buy a Mac g4 soon, and I am thinking
  about turning it into a server. I asked around and
  everybody rocommended FreeBSD to me. So what distro of
  FreeBSD would I use for a mac computer?

Everybody recommended you run FreeBSD on a Mac?  Get some new friends :)

OSX is a pretty good UNIX, so why not use that?

-- 
She is not refined.  She is not unrefined.  She keeps a parrot.
-- Mark Twain
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: does java needs linux base?

[Dick Davies]

You need a linux jdk tp build the native one.

* Jorge Mario G. [EMAIL PROTECTED] [0937 05:37]:
 Hi there
 I built the native java from ports
 and I see it uses the linux_base which I dont want
 because I'm running out of space
 can I remove it??? completely?? and how by the way
 I mean all the linux_base and itss dependencies
 
 
 
 
 Jorge
 
 =
 
 
 _
 Do You Yahoo!?
 Informaci?n de Estados Unidos y Am?rica Latina, en Yahoo! Noticias.
 Vis?tanos en http://noticias.espanol.yahoo.com
 ___
 [EMAIL PROTECTED] mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

-- 
Man invented language to satisfy his deep need to complain.
-- Lily Tomlin
Rasputin :: Jack of All Trades - Master of Nuns
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]