automount and sshfs
sshfs is a file system that lets you mount a remote ftp dir on a directory using fuse. I have it working fine on freebsd. Instead of using the mount command to mount the fs, it's mounted by running the sshfs command. Is there some generic thing like amd that is not NFS specific that I could use to automatically run the sshfs command when something accessed a particular directory? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
getting pam to put the ip address in the log
Recently I have been seeing lots of connections to my sshd trying to guess passwords. One thing I noticed was the hostname reported in the auth.log without reverse dns. sshd never puts in the ip address, this is all I see: sshd[14450]: error: PAM: authentication error for illegal user access from host1.xxx.br Is it possible to get pam or sshd or whatever is ultimatly logging this to put the ip address in the log so I can see where this is really coming from? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: getting pam to put the ip address in the log
On Tue, Aug 19, 2008 at 2:02 PM, Michael Grant [EMAIL PROTECTED] wrote: Recently I have been seeing lots of connections to my sshd trying to guess passwords. One thing I noticed was the hostname reported in the auth.log without reverse dns. sshd never puts in the ip address, this is all I see: sshd[14450]: error: PAM: authentication error for illegal user access from host1.xxx.br Is it possible to get pam or sshd or whatever is ultimatly logging this to put the ip address in the log so I can see where this is really coming from? Michael Grant Ths seems to work: Put this in /etc/ssh/sshd_config: UseDNS no ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
shutdown/reboot suggestion
More than once, through carelessness, and I'm sure I'm not alone, I have inadvertently shutdown or rebooted the wrong machine. I'm sure some of you know that all too familiar feeling when you see Connection closed instead of your desktop being rebooted. I have a suggestion with respect to these commands. What if they could be modified to require the hostname of the machine as their first argument, otherwise, they refuse to bring the machine down? shutdown -h now becomes: shutdown example.com -h now and reboot becomes reboot example.com How hard would it to get the other *nix distributions to take up this up too? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: shutdown/reboot suggestion
I have such a script, I put it in /bin/require_hostname and symlinked shutdown, halt, reboot, fastboot, and fasthalt to this script: #!/bin/sh if [ $1 = `hostname` ]; then shift exec /sbin/`basename $0` $@ else echo For your protection, use: $0 hostname ... fi I realize a lot of people have their own tricks and habits for avoiding such stupidity, but what is the problem of fixing the problem globally by getting these commands to take a hostname argument? This could certainly be the basis for another thread (and this is perhaps not the correct list), but is there some way to request a modification across all the unix/linux distributions out there to maintain some level of consistency across them? Except for Posix, is there some overall list which deals with this conformity of all these sibling platforms? Michael Grant On Sun, Aug 10, 2008 at 3:45 AM, Jeffrey Goldberg [EMAIL PROTECTED] wrote: On Aug 9, 2008, at 3:22 PM, Michael Grant wrote: More than once, through carelessness, and I'm sure I'm not alone, I have inadvertently shutdown or rebooted the wrong machine. I'm sure some of you know that all too familiar feeling when you see Connection closed instead of your desktop being rebooted. I use a combination of tricks. 1. I have the hostname in my prompt. 2. I have a separate color scheme for ssh sessions for each host I commonly connect to, and a generic color scheme for ssh sessions for other hosts. These are all distinct from my term window color scheme for my local host. 3. I rarely run as root, so all of my shutdown's use sudo. My password isn't the same on all hosts. This doesn't work perfectly, but it does help avoid this kind of problem. I have a suggestion with respect to these commands. What if they could be modified to require the hostname of the machine as their first argument, otherwise, they refuse to bring the machine down? shutdown -h now becomes: shutdown example.com -h now As others have pointed out, you can easily make scripts to do that. -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
panics and crash dumps
I'm having problems getting a crash dump on my panics. A bog standard crash dump on panic to swap hangs during the dump. Kris recommended trying minidump or DDB. With minidump enabled, it hangs, doesn't even try to dump on panic. So on to try DDB, have these lines in my kernel: makeoptions DEBUG=-g options KDB options DDB and now this kernel, when it boots, it doesn't see all of the sata drives. I have 2 sata controllers, one on the motherboard, the other a pci card (a supermicro controller). The only difference in the kernel conf files are the latter 2 options lines above being added. I did not see any errors while compiling this kernel. The same kernel modules are in kernel.old as in kernel, however, these are the ones that differ: [#1022] diff -r kernel kernel.ddb.broken Files kernel/bktr.ko and kernel.ddb.broken/bktr.ko differ Files kernel/geom_eli.ko and kernel.ddb.broken/geom_eli.ko differ Files kernel/hptrr.ko and kernel.ddb.broken/hptrr.ko differ Files kernel/ibcs2.ko and kernel.ddb.broken/ibcs2.ko differ Files kernel/if_ed.ko and kernel.ddb.broken/if_ed.ko differ Files kernel/if_oltr.ko and kernel.ddb.broken/if_oltr.ko differ Files kernel/kernel and kernel.ddb.broken/kernel differ Files kernel/linker.hints and kernel.ddb.broken/linker.hints differ Files kernel/logo_saver.ko and kernel.ddb.broken/logo_saver.ko differ Files kernel/mem.ko and kernel.ddb.broken/mem.ko differ Files kernel/rr232x.ko and kernel.ddb.broken/rr232x.ko differ Files kernel/udf.ko and kernel.ddb.broken/udf.ko differ When my DDB kernel boots, not only does it not see the sata drives, upon a quick reboot, it panics and does not throw me into the debugger. And then, to my surprise, it does a crash dump into swap. But when the machine reboots, it can't read it! I get: Checking for core dump on /dev/ad1s1b... savecore: error reading last dump header at offset 10005032448 in /dev/ad1s1b: Input/output error savecore: no dumps found Jul 21 04:45:17 charm savecore: error reading last dump header at offset 10005032448 in /dev/ad1s1b: Input/output error Here is the screen output of the crash of the kernel with DDB which did not recognize the second sata controller: charm# reboot Jul 21 04:32:16 charm reboot: rebooted by root Jul 21 04:32:16 charm syslogd: exiting on signal 15 Waiting (max 60 seconds) for system process `vnlru' to stop...done Waiting (max 60 seconds) for system process `bufdaemon' to stop...done Waiting (max 60 seconds) for system process `syncer' to stop... Syncing disks, vnodes remaining...7 0 0 done All buffers synced. Uptime: 3m46s Fatal trap 12: page fault while in kernel mode fault virtual address = 0x0 fault code = supervisor write, page not present instruction pointer = 0x20:0xc08da707 stack pointer = 0x28:0xff96fc48 frame pointer = 0x28:0xff96fc48 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 2151 (reboot) trap number = 12 panic: page fault Uptime: 3m46s Dumping 3327 MB (2 chunks) chunk 0: 1MB (151 pages) ... ok chunk 1: 3327MB (851568 pages) 3311 3295 3279 3263 3247 3231 3215 3199 3183 3167 3151 3135 3119 3103 3087 3071 3055 3039 3023 3007 2991 2975 2959 2943 2927 2911 2895 2879 2863 2847 2831 2815 2799 2783 2767 2751 2735 2719 2703 2687 2671 2655 2639 2623 2607 2591 2575 2559 2543 2527 2511 2495 2479 2463 2447 2431 2415 2399 2383 2367 2351 2335 2319 2303 2287 2271 2255 2239 2223 2207 2191 2175 2159 2143 2127 2111 2095 2079 2063 2047 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 ... ok Dump complete Fatal trap 12: page fault while in kernel mode fault virtual address = 0x0 fault code = supervisor write, page not present instruction pointer = 0x20:0xc08da707 stack pointer = 0x28:0xff96fad8 frame pointer = 0x28:0xff96fad8 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 2151 (reboot) trap number = 12 panic: page fault Uptime: 5m40s Fatal trap 12: page fault while in kernel mode fault virtual address = 0x0 fault code = supervisor write, page not present instruction pointer = 0x20:0xc08da707 stack pointer =
Re: panic
On Tue, Jul 15, 2008 at 10:44 PM, Kris Kennaway [EMAIL PROTECTED] wrote: Michael Grant wrote: I have been having panics on one of my machines, roughly every week or so. I was running 6.3 pre-release and then I updated to 6.3 p2 and I still have the panic, here's the message that appears on the console: panic: kmem_kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 2; apic id = 06 fault virtual address = 0x2c fault code = supervisor read, page not present instruction pointer = 0x20:0xc06c5a5a stack pointer = 0x28:0xe6ea49ec frame pointer = 0x28:0xe6ea4a00 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags= resume, IOPL = 0 current process = 14 (swi1: net) trap number = 12 Is this possibly a hardware problem? Yes, but who can say? :) To complete your bug report please submit a backtrace. See the developers handbook for details. Kris Another crash: panic: kmem_malloc(16384): kmem_map too small: 335527936 total allocated cpuid = 0 Uptime: 3d22h55m59s Dumping 3327 MB (2 chunks) chunk 0: 1MB (151 pages) ... ok chunk 1: 3327MB (851568 pages) 3311 --- hangs here I waited about a half hour before pulling the plug. Then, during reboot: ... savecore: error reading last dump header at offset 10005032448 in /dev/ad1s1b: Input/output error savecore: no dumps found Jul 19 15:50:19 charm savecore: error reading last dump header at offset 10005032448 in /dev/ad1s1b: Input/output error ... I will wait and see if the next time it crashes I get a better dump, but in the mean time, still no ideas? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
panic
I have been having panics on one of my machines, roughly every week or so. I was running 6.3 pre-release and then I updated to 6.3 p2 and I still have the panic, here's the message that appears on the console: panic: kmem_kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 2; apic id = 06 fault virtual address = 0x2c fault code = supervisor read, page not present instruction pointer = 0x20:0xc06c5a5a stack pointer = 0x28:0xe6ea49ec frame pointer = 0x28:0xe6ea4a00 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags= resume, IOPL = 0 current process = 14 (swi1: net) trap number = 12 Is this possibly a hardware problem? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
system needing fsck at reboot, manual intervention necessary
One of my freebsd 6.3 boxes is crashing and when it reboots, it comes up in single user mode. Unfortunately, it's a remote box and I don't have access to a history of the console and there's nothing in /var/log/messages. I think it's a hardware problem, or at least it seems to be. It's as if it's a bad power supply. Anyway, what I'd like to know, where is the fsck that is done at reboot such that I can modify it to do an fsck -y? Some people will argue this is dangerous, but I'm not sure what else one would do. The goal is to make it reboot without intervention. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
healthd
I installed healthd hoping it would show me the cpu temperatures and fan speeds for my motherboard but it's reporting some crazy values like fan speeds of -48C and fan speeds of 13000 rpms. My motherboard is a SuperMicro X6DH3-G2 which does support this feature. There's a 6300ESB on the board which has an SMBus controller, so I think that healthd should be started with the -S option. However, I don't know if healthd will work with my chipset. It's not clear to me if the 6300ESB is the chipset or just the smbus controller which talks to the chipset. SuperMicro provides a windows utility which reads this data, so in theory I should be able to read this data somehow. If healthd isn't going to work here, perhaps I can just use smbmsg to extract the data directly from the chipset? Does anyone know how to figure out which parameters to give smbmsg to do that? And if not via smbmsg, is there some way to get this data? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: healthd
On Dec 30, 2007 4:56 PM, Roland Smith [EMAIL PROTECTED] wrote: On Sun, Dec 30, 2007 at 04:00:12PM +0100, Michael Grant wrote: I installed healthd hoping it would show me the cpu temperatures and fan speeds for my motherboard but it's reporting some crazy values like fan speeds of -48C and fan speeds of 13000 rpms. :-) [snip] SuperMicro provides a windows utility which reads this data, so in theory I should be able to read this data somehow. [snip] And if not via smbmsg, is there some way to get this data? Try sysutils/mbmon. It can access monitoring chips in multiple ways. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) Ok, I tried mbmon. It produces equally strange results: # mbmon -I Temp.= 208.0, 0.0, 0.0; Rot.= 8035, 3443, 3515 Vcore = 4.08, 4.08; Volt. = 4.08, 5.03, 11.49, 0.72, 1.94 That's 208 degrees C, not believable. mbmon wouldn't talk to the smbus, if I ran it like this it produced the following: # mbmon -S InitMBInfo: Device not configured # mbmon -d -A SMBus[Intel8XX(ICH/ICH2/ICH3/ICH4/ICH5/ICH6)] found, but No HWM available on it!! Summary of Detection: * ISA monitor(s): ** Winbond Chip W83627HF/THF/THF-A found. This chip is definitely supported by mbmon. I read through the motherboard manual. It makes no mention to this chip. The sensor appears to be built into the motherboard and supported by the cpu. In other words, there's nothing special to do, I do not need a separate sensor under the chip, it's all built-in. The temperature should be more like 40C and the system should automatically shut down at about 80C, so 208C is definitely not right. What other things have people done when this data reported by healthd and mbmon are totally wacko? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bash and $LANG and meta-key bindings
I upgraded from 6.2 to 6.3-prerelease and I noticed something very strange with bash (or perhaps readline). I have had for many hears this in my .bash_login: export LANG=en_US.ISO8859-15 This makes 8-bit characters come out as accented characters instead of character codes like C6. However, with the upgrade to 6.3pre, something has changed. Same bash binary. If I set $LANG like this, certain meta-bindings like this do not work: bind '\M-p: history-search-backward' bind '\M-n: history-search-forward' Before the upgrade, m-p would go to the previous command or the previous command like the one that was partially typed in. Now, it produces a : prompt. If I remove the LANG setting from my .bash_login, it works fine. So either I can have proper accented characters or I can have working meta key bindings with bash (and readline), but not both. Anyone know of a fix for this? Am I setting LANG in the wrong place? I have tried putting these bindings into my .inputrc but that didn't help. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: imap-uw and sasl
On 11/1/07, Thomas Abthorpe [EMAIL PROTECTED] wrote: Try adding the following you /etc/make.conf WITH_SSL_AND_PLAINTEXT=yes # imap-uw WITH_ENTOURAGE_BRAIN_DAMAGE=yes # imap-uw On 01/11/2007, Michael Grant [EMAIL PROTECTED] wrote: I just installed imap-uw and saslauthd on my box. I'm having trouble getting it to accept plain text logins (in fact any logins at all). I'm trying to authenticate people in the passwd file. I get the following in the maillog: Nov 1 11:14:53 myhost ipop3d[97953]: Unexpected client disconnect, while reading line user=??? host=example.com [10.20.30.40] Yes, the user=??? is just like that with the question marks. I am definitely sending the username. I'm thinking it might be a sasl problem or something I've not configured with saslauthd but I don't see it. I see these messages in /var/log/messages but they do not seem correlated with the time of the I tried to login (and there's many fewer of them): Nov 1 11:00:32 charm ipop3d[87124]: Login failed user=myname auth=myname host=example.com [10.20.30.40] Ideas? Suggestions where to look for more error messages? Michael Grant ___ At first I thought that this couldn't possibly have anything to it, but after some experimentation, I discovered that things worked if I was using SSL. I tried this and did a make clean and reinstalled but it didn't change anything. I also tried selecting Allow plain text passwords and SSL on the menu during the make process of imap-uw. No, still the same behavior. I think I'm going to give up and force everyone to use SSL which probably isn't a bad thing. However, it sure would have been nice if the error imap-uw generated was a little more revealing. Especially when the user connected without SSL, it could have returned a very explicit error message like Clear connections no longer supported, use port 995 with SSL. Thanks for the response, it did help. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
imap-uw and sasl
I just installed imap-uw and saslauthd on my box. I'm having trouble getting it to accept plain text logins (in fact any logins at all). I'm trying to authenticate people in the passwd file. I get the following in the maillog: Nov 1 11:14:53 myhost ipop3d[97953]: Unexpected client disconnect, while reading line user=??? host=example.com [10.20.30.40] Yes, the user=??? is just like that with the question marks. I am definitely sending the username. I'm thinking it might be a sasl problem or something I've not configured with saslauthd but I don't see it. I see these messages in /var/log/messages but they do not seem correlated with the time of the I tried to login (and there's many fewer of them): Nov 1 11:00:32 charm ipop3d[87124]: Login failed user=myname auth=myname host=example.com [10.20.30.40] Ideas? Suggestions where to look for more error messages? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ssh
If I'm sued as root and I ssh somewhere, ssh/scp reads it's files from /root/.ssh/. The docs say it reads from ~/.ssh which is what I want, but it's not doing that. When sued, the shell is properly expanding ~ to my home dir. Anyone know of a way around this behavior? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh
On 10/31/07, James [EMAIL PROTECTED] wrote: On 10/31/07, Michael Grant [EMAIL PROTECTED] wrote: If I'm sued as root and I ssh somewhere, ssh/scp reads it's files from /root/.ssh/. The docs say it reads from ~/.ssh which is what I want, but it's not doing that. When sued, the shell is properly expanding ~ to my home dir. Anyone know of a way around this behavior? Michael Grant su - root Nope. One other suggestion was 'su -l root'. This does not change the situation either. I went into the source for ssh and it does a getuid() and then gets the homedir of that uid. So no amount of fooling with su is gonig to fix this. I guess it's like this for security reasons, it sure seems like a bug to me. I'd have used the HOME enviroment variable. So far, the best fix I've found is to create some aliases in bash as follows: alias scp=scp -o User=username -i ~/.ssh/id_rsa alias ssh=ssh -l username -i ~/.ssh/id_rsa alias rsync=rsync -op -e 'ssh -l username -i /home/username/.ssh/id_rsa' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh
On 10/31/07, James [EMAIL PROTECTED] wrote: On 10/31/07, Michael Grant [EMAIL PROTECTED] wrote: On 10/31/07, James [EMAIL PROTECTED] wrote: On 10/31/07, Michael Grant [EMAIL PROTECTED] wrote: If I'm sued as root and I ssh somewhere, ssh/scp reads it's files from /root/.ssh/. The docs say it reads from ~/.ssh which is what I want, but it's not doing that. When sued, the shell is properly expanding ~ to my home dir. Anyone know of a way around this behavior? Michael Grant su - root Nope. One other suggestion was 'su -l root'. This does not change the situation either. I went into the source for ssh and it does a getuid() and then gets the homedir of that uid. So no amount of fooling with su is gonig to fix this. I guess it's like this for security reasons, it sure seems like a bug to me. I'd have used the HOME enviroment variable. So far, the best fix I've found is to create some aliases in bash as follows: alias scp=scp -o User=username -i ~/.ssh/id_rsa alias ssh=ssh -l username -i ~/.ssh/id_rsa alias rsync=rsync -op -e 'ssh -l username -i /home/username/.ssh/id_rsa' Yeah, I misread your problem. Are you saying that you want to su to root, but still have some variables set as they were on the account you sued from? So you have a user named Michael, say, and you su to root, but when you ssh you want Michael's .ssh to be the effective one? Well sort of. When I su, $HOME is set to my homedir and $USER set to mgrant. This is fine. However, ssh (when sued) doesn't read $HOME/.ssh, it reads /root/.ssh. And it's not defaulting to logging into the remote machine as $USER, it tries to log in as root. It does this because it's hardwired in the code more or less as follows (I've extracted the relevant code from ssh.c): original_real_uid = getuid(); pw = getpwuid(original_real_uid); sprintf(buf, %s/%s, pw-pw_dir, ssh-config); read_config_file(buf); options.user = strdup(pw-pw_name); Like I said, it seems like a bug to me. Personally I would have done a getenv(HOME) and getenv(USER) myself instead of depending on the userid. Probably they had good reason for doing it the way they did it. So I think the problem is unsolvable using options to su. Only solution I found so far was the aliases above. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
relaying mail
In one of my domains, I have the MX record for it set up to my server. But for one of the users within that domain, their mail needs to be shuffled off to a different server at google. But I can't just forward it because it's like an MX host I'd need to forward it to. And I can't alter the MX to point to google for the entire domain because it's only one user within that domain, the other users will be screwed in that case. For example, mydomain.com, let's say the mx for that comes to my box. For [EMAIL PROTECTED], I need to send his mail to ASPMX.L.GOOGLE.COM as if it were the MX for mydomain.com. In the old days, one would simply forward email to [EMAIL PROTECTED] That would cause mydomain.com's sendmail to connect to ASPMX.L.GOOGLE.COM and shove down a message for [EMAIL PROTECTED] But that seems long deprecated because it didn't seem to work. I am using sendmail and procmail. Can anyone think of some way I can cause something like this to happen for just one user, ideally in a .procmailrc file? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
XEN questions
Does XEN work with freebsd 6.x? Does one run XEN inside of freebsd and then VMs inside that, or does one run XEN on the bare hardware and then run freebsd inside that? If I've already got freebsd running on my box, do I have to reload it from scratch or is there a way I can virtualize what I already have runing? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mrtg
I updated something which updated Storable.pm and now I'm getting this error when mrtg runs: Byte order is not compatible at blib/lib/Storable.pm (autosplit into blib/lib/auto/Storable/thaw.al) line 415, at /usr/local/etc/mrtg/hoststat line 51 So it appears that my mrtg data files need to be migrated to use the new version of Storable. Anyone come across this before? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
keeping all things up to date
Is there some sort of automated way to keep freebsd and all the installed ports/packages up to date automatically? I don't mean just the source, that part is easy. I mean something that actually reinstalls the things ad needed, sort of like windows update or the updater on ubuntu. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: keeping all things up to date
Just as an example that just came up recently: gettext was updated in the ports tree, which required a rebuild of all ports that depend on it. I missed reading /usr/ports/UPDATING before, so I didn't notice this fact. I did an update on my girlfriends laptop which resulted in several applications not being usable anymore. Imagine my face as I had to explain to her why she was unable to use her machine for one and a half day. Another lesson learned... That's why I agree to Chad: Doing automatic updates isn't advisable. They might even come at the wrong time, e.g. when you need your system resources. I'm thinking about monsters like OpenOffice, GNOME or KDE. Wait, before this gets out of hand, yes, I've been bitten with gettext more than once over the years. Mostly I'm worried about bug fixes in the OS and in the ports I've installed. I'm not talking about massive upgrade from one version of the OS to another. What would be nice to see is some script that would sort out dependencies and update things sanely. I think we're all guilty at some point of not having read UPDATING and updating something.It would be nice if there was something could watch out for certain conditions and then print out the relevant section from UPDATING on the screen. Those are just some obvious ideas. However, there are unix systems, for example Ubuntu, which has a sort of package manager that handles automated updates that sorts out dependencies. I was just wondering if anyone had done anything like that for FreeBSD? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ping
A while ago I installed 6.1 on a box. I noticed that I cannot ping this box even though I can log into it. The pings are arriving at the box because I can see them with tcp dump. They're not being blocked by ipf because nothing shows up in ipmon. I added rules specifically to allow icmp in ipfw, even though ipfw was wide open allowing everything in and out. My box still does not respond to pings. Is there something I need to do to manually enable pings on freebsd 6? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ping
I'm fairly sure the problem is not in ipf, something I've been running for years on other machines. If run ipmon, it shows me what's being blocked and by which rule. Pings are not being blocked by ipf. The relevent ipf rules are: block in log on em0 all head 100 pass in quick proto icmp from any to any keep frags group 100 block outon em0 all head 200 pass out quick proto icmp all keep state keep frags group 200 ipfw, which I didn't really intend on using but it seems to be enabled anyway, I have this: 1 allow icmp from any to any icmptypes 8 out 10100 allow icmp from any to any icmptypes 0 in 10200 allow icmp from any to any icmptypes 11 in 65535 allow ip from any to any Is there an equivalent of ipmon for ipfw? Michael Grant Is there On 3/29/07, Bill Moran [EMAIL PROTECTED] wrote: In response to Michael Grant [EMAIL PROTECTED]: A while ago I installed 6.1 on a box. I noticed that I cannot ping this box even though I can log into it. The pings are arriving at the box because I can see them with tcp dump. They're not being blocked by ipf because nothing shows up in ipmon. I added rules specifically to allow icmp in ipfw, even though ipfw was wide open allowing everything in and out. My box still does not respond to pings. Is there something I need to do to manually enable pings on freebsd 6? There is nothing special that needs done for FreeBSD 6 to respond to pings. Are you using IPFW or ipfilter? You seem to indicate that you're using both, which would not be the best of ideas. Post your firewall rules so list members can have a look. Are you sure the machine that is sending pings is not firewalling off the ICMP responses? -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ping
On 3/29/07, Steve Bertrand [EMAIL PROTECTED] wrote: Michael Grant wrote: I'm fairly sure the problem is not in ipf, something I've been running for years on other machines. If run ipmon, it shows me what's being blocked and by which rule. Pings are not being blocked by ipf. The relevent ipf rules are: block in log on em0 all head 100 pass in quick proto icmp from any to any keep frags group 100 block outon em0 all head 200 pass out quick proto icmp all keep state keep frags group 200 ipfw, which I didn't really intend on using but it seems to be enabled anyway, I have this: 1 allow icmp from any to any icmptypes 8 out 10100 allow icmp from any to any icmptypes 0 in 10200 allow icmp from any to any icmptypes 11 in 65535 allow ip from any to any Is there an equivalent of ipmon for ipfw? # ipfw show Also, during your tcpdump, did you see the icmp replies going back out, or just coming in? I saw the pings arriving but no response. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ping
I solved the ping problem. I removed the 'keep state' from the outgoing icmp rule and now pings work. Thanks. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
where to get GENERIC file
I'm upgrading from 4.x to 5.5. I am at the step where I need to make a generic 5.x kernel, but my GENERIC file is for 4.x. When I did a 'make update' in /usr/src (which updated my source tree from cvspu), it didn't suck over /usr/src/sys/i386/conf/GENERIC for 5.5. Where is this or how do I generate it? I was surprised this didn't come over when I sucked over 5.5 via cvsup. It raises question in my mind as to what else it didn't suck over. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/dev/null in a chroot
I chrooted apache to /www. In order to run a java program from a web page, java needs a /dev/null inside the chroot. I don't want to create another whole /dev/ dir with all the disk raw devices there to be read for anyone who cracks root. I just want a /www/dev/null file. I tried creating a node with mknod exactly like the node in /dev but it doesn't work in freebsd 6. /dev/ is special now and you can't just create nodes anywhere like the old days. Is there a way to create a /www/dev/null which acts just like /dev/null? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/dev/null in a chroot
I chrooted apache to /www. In order to run a java program from a web page, java needs a /dev/null inside the chroot. I don't want to create another whole /dev/ dir with all the disk raw devices there to be read for anyone who cracks root. I just want a /www/dev/null file. I tried creating a node with mknod exactly like the node in /dev but it doesn't work in freebsd 6. /dev/ is special now and you can't just create nodes anywhere like the old days. Is there a way to create a /www/dev/null which acts just like /dev/null? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
which web mail / calendar to use
I'm looking for a web mail and calendar to install on my freebsd box. Ideally something web 2.0 like gmail and google calendar is what my users are after. In some searching around, I turned up Hula (http://hula-project.org) and Zimbra (http://www.zimbra.com). Both have open-source versions. Zimbra seems more mature. Neither seems to be easy to install on an existing freebsd box and both seem to replace everything including the mailer and popd/imapd. It's not clear to me if anyone has ever succeeded in getting Hula working on Freebsd. Has anyone had any luck with any other packages? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
compiling a port unstripped for debugging
Can someone please tell me if there is an easy way to compile and install a port without stripping it (i.e. compiling it with -g and not running strip when it's installed)? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvs question
env | sort | grep CVS returns nothing. There are no CVS* variables set! Strange. Where is it getting the cvsroot from? Even if I remove the .cvspass file, it still uses the pserver line from before. It's definitely getting cached somewhere. greping the env for pserver shows nothing. Incidently, I also removed root's ~root/.cvspass but it didn't change anything. Still open for ideas. Michael Grant On 9/15/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2006-09-14 19:11, Michael Grant [EMAIL PROTECTED] wrote: I'm being driven slowly mad by cvs... I have 3 boxes, one is acting as a cvs server. The cvs clients (for lack of a better term) are running 6.1 and should be configured the same. Yet, one machine lets me do a cvs login, the other requires I use cvs -d :psserver:.. with each cvs command. I do not have CVSROOT set on either machine. What I get is this: [#822] cvs login Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar cvs login: authorization failed: server myserver rejected access to /home/foo/bar for user mgrant yet, on the other machine, I get a password prompt and all is fine. Someone sets CVSROOT, if you can just type cvs login and get a prompt for ``Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar''. Can you run, on both systems, the following? $ env | sort | grep CVS ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvs question
[#786] ls -l CVS total 6 -rw-r--r-- 1 mgrant 1001 197 Oct 16 2005 Entries -rw-r--r-- 1 mgrant 10018 May 30 2005 Repository -rw-r--r-- 1 mgrant 1001 55 May 30 2005 Root [#787] cat CVS/Root :pserver:xgrant:[EMAIL PROTECTED]/home/ng/tools/cvsroot Ok, so that solve that mystery. However, I still cannot log in on one machine yet I can on the other: Except for the Entries file, Root and Repository are identical in the CVS directory. cvs login Logging in to :pserver:[EMAIL PROTECTED]:2401/home/ng/tools/cvsroot cvs login: authorization failed: server grant.org rejected access to /home/ng/tools/cvsroot for user mgrant Michael Grant On 9/15/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2006-09-15 13:56, Michael Grant [EMAIL PROTECTED] wrote: On 9/15/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2006-09-14 19:11, Michael Grant [EMAIL PROTECTED] wrote: I'm being driven slowly mad by cvs... I have 3 boxes, one is acting as a cvs server. The cvs clients (for lack of a better term) are running 6.1 and should be configured the same. Yet, one machine lets me do a cvs login, the other requires I use cvs -d :psserver:.. with each cvs command. I do not have CVSROOT set on either machine. What I get is this: [#822] cvs login Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar cvs login: authorization failed: server myserver rejected access to /home/foo/bar for user mgrant yet, on the other machine, I get a password prompt and all is fine. Someone sets CVSROOT, if you can just type cvs login and get a prompt for ``Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar''. Can you run, on both systems, the following? $ env | sort | grep CVS env | sort | grep CVS returns nothing. There are no CVS* variables set! Strange. Where is it getting the cvsroot from? Even if I remove the .cvspass file, it still uses the pserver line from before. It's definitely getting cached somewhere. greping the env for pserver shows nothing. Do you have a local CVS/ subdirectory when you try cvs login? If yes, what does it contain? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvs question
On 9/15/06, Giorgos Keramidas [EMAIL PROTECTED] wrote: The CVS server seems to be using some sort of CVS access control, i.e. by a CVSROOT/readers or CVSROOT/writers file or something similar. I didn't set anything like that up. I simply added this line to /etc/inetd.conf: cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/home/ng/tools/cvsroot --allow-root=/home/somewhere/else pserver I am not sure of all the gory details about your particular setup, but the message seems to imply that `mgrant' is blocked by the access controls of the server itself. It sure seems that way. Or it seems that somehow it's proposing the wrong password. Hmm, now, here's something funny, the password in CVSROOT/Root is all lower case and my password is mixed case. I tried editing this file and adding the mixed case, but no, that didn't help. Then, I tried changing my password on the server to match the all lower case password it insists on putting in the Root file and now I can get in, but only if I provide the -d :pserver: on the command line. I tried setting CVSROOT but again, the same auth error. Do you have a CVSROOT/readers or CVSROOT/writers in /home/ng/tools/cvsroot/CVSROOT/ on the CVS server? If yes, what do they contain? Please take care of masking any sensitive data (like user passwords), if you sent their contents!!! No, don't have any of these files on the server. At least I can now update my local copy from the cvs server using the long cmd line with the -d :pserver:... stuff. However, I'm still curious why setting CVSROOT isn't working. By the way, thanks for all your help. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cvs question
I'm being driven slowly mad by cvs... I have 3 boxes, one is acting as a cvs server. The cvs clients (for lack of a better term) are running 6.1 and should be configured the same. Yet, one machine lets me do a cvs login, the other requires I use cvs -d :psserver:.. with each cvs command. I do not have CVSROOT set on either machine. What I get is this: [#822] cvs login Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar cvs login: authorization failed: server myserver rejected access to /home/foo/bar for user mgrant yet, on the other machine, I get a password prompt and all is fine. Ideas? Suggestions? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvs question
Yes, I'm su'ed on both machines: uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) -Mike On 9/14/06, Bill Moran [EMAIL PROTECTED] wrote: In response to Michael Grant [EMAIL PROTECTED]: I'm being driven slowly mad by cvs... I have 3 boxes, one is acting as a cvs server. The cvs clients (for lack of a better term) are running 6.1 and should be configured the same. Yet, one machine lets me do a cvs login, the other requires I use cvs -d :psserver:.. with each cvs command. I do not have CVSROOT set on either machine. What I get is this: [#822] cvs login Logging in to :pserver:[EMAIL PROTECTED]/home/foo/bar cvs login: authorization failed: server myserver rejected access to /home/foo/bar for user mgrant yet, on the other machine, I get a password prompt and all is fine. Ideas? Suggestions? Are the UIDs synchronized across machines? Do id on each machine and see if the output is the same. Just a thought. -- Bill Moran Collaborative Fusion Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jails or chroot?
I host a bunch of websites on my box. Recently I had some problems with file access problems with php which caused me to look into putting each of my clients into their own jail or chroot. I have roughly 100 different domains I'd need to split. Has anyone done this for more than a handfull of clients? Using apache and their mass virtual hosting, 100 domains is a breeze. But with a jail or chroot, I need a separate apache process for each domain. This is going to mean hundreds of apache processes. This seems unreasonable. When it comes time to upgrade, how does one upgrade 100 different jails? This will be a nightmare! What do you folks do who run lots of domains on freebsd? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: jails or chroot?
I'll try to be more explicit on my requirements. I'm not worried about mail. I'm mostly worried about web. Each client has a web site with one or more domains. I currently offer them apache+php+mysql+mod_perl+mod_ssl. One of them needs java server pages, tomcat I think. Everyone gets access to their own logs and to geolizer (webalizer). Some clients would like shell access. Most clients write their web site using ftp. Certain ones need also the MS Front Page Extensions. Some clients want an ftp upload area. Ssl poses a special problem in that I need to allocate an ip address for those who have their own ssl certificate. It's pretty much all standard stuff. But yes, I totally agree with you, it is an administration nightmare to set up separate jails and keep track of which has which version of what and so on. There must be an easier way to do this. Some of you folks who run hosting sites, how do you manage large numbers of clients? Michael Grant On 5/9/06, Subhro [EMAIL PROTECTED] wrote: On 5/9/06, Michael Grant [EMAIL PROTECTED] wrote: I host a bunch of websites on my box. Recently I had some problems with file access problems with php which caused me to look into putting each of my clients into their own jail or chroot. I have roughly 100 different domains I'd need to split. I won't be doing this even if someone pays me twice for doing it. This is going to create a HELL lot of problems later on, especially during upgrades. BTW can you tell us your exact requirements? Thanks and Best Regards Subhro -- Subhro Kar Security Engineer iViZ Techno Solutions Pvt. Ltd. eRevMax House, 1st Floor Plot XI-16, Sector V Salt Lake City 700091 India ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: top for tcpdump
Well, I tried ntop. It seems fairly complicated. I wasn't expecting a web interface. Unfortunatly, after a while it segvs, so I guess it's not so stable. Also, lots of complaints about missing XML library and such. I tried trafshow but it also dumps core on my 4.x system. Hmm. But ok, thanks people, some good tools out there. Michael Grant On 4/19/06, Kurt Buff [EMAIL PROTECTED] wrote: ntop is your best bet. http://www.ntop.org, and look in ports for it. On 4/19/06, Michael Grant [EMAIL PROTECTED] wrote: Does anyone know of a tool like top that displays the open tcp connections and sorts them by which is causing the most bandwidth? I have someone consuming a lot of bandwidth but with so many tcp connections, I'm not sure who it is. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
top for tcpdump
Does anyone know of a tool like top that displays the open tcp connections and sorts them by which is causing the most bandwidth? I have someone consuming a lot of bandwidth but with so many tcp connections, I'm not sure who it is. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ports and a new version of perl
I installed perl in /usr/local to have a later version of perl. Certain ports require the new version. How can I set the default version of perl that make uses in /usr/ports? I tried make.conf, that didn't work. I also tried editing /usr/ports/Mk/bsd.port.mk but the change goes away when I update ports. What's the right answer? Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
devfs
I just installed freebsd 5.2. I have 2 disks, both the same. I am pretty sure they're both dangerously dedicated (henceforth dd). Sysinstall made my first disk da0s1, but the second disk (which already had a root and swap on it from an older 5.1 install) came up as simply da1. So things look like this: Filesystem 1K-blocksUsedAvail Capacity Mounted on /dev/da0s1a 32933964 2219976 28079272 7%/ devfs 1 10 100%/dev /dev/da1a32933964 1494196 28805052 5%/mnt I know it's just esthetics, but how do I get da0s1a to be da0a in the context of 5.x's devfs? Since this is a dd partition, there really shouldn't be a s1 in the name in my oppinion. Michael Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
installing freebsd on another disk
I'd like to install freebsd on another disk from source. Can I do something like?: cd /usr/src make buildworld make PREFIX=/mnt installworld make PREFIX=/mnt kernel If not $PREFIX, what's the right answer? I'd try it and see...but I only have my one live box. Thanks Michael Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
restricting certain users to certain things (pam?)
I have a requirement to restrict certain users to logging in in certain ways. For example, some users can ftp, others can ftp, ssh, and get a shell, other users can relay mail using auth login. I am pretty sure I can do this though pam.conf. Has anyone actually done this? Can someone slide me some examples? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Why won't linux_base install for me?
Try upgrading your version of rpm from the ports collection. Michael Grant I'm running 4.7-R with a recent (~1 week) ports tree, and the install of linux_base is failing for me. [EMAIL PROTECTED] make install === Installing for linux_base-7.1_2 kern.fallback_elf_brand: 3 - 3 glibc-common-2.2.4-31.i386.rpm glibc-2.2.4-31.i386.rpm execution of glibc-2.2.4-31 script failed, exit status 0 *** Error code 1 This this is all RPM gunk, I have no idea how to figure out what is failing. Does anyone have any tips? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
rpm problems
I'm trying to install something from an rpm which uses the linux emulation. I have tried the following: rpm -vv -i --force --ignoreos --nodeps fmserver-trial-5.5-1.i386.rpm and rpm -vv -i --force --root /compat/linux --dbpath /var/lib/rpm --ignoreos --nodeps fmserver-trial-5.5-1.i386.rpm both report that it creates a bunch of files but nothing seems to actually get installed! rpm --version reports: RPM version 3.0.6 Any clues? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
setuid sendmail
It seems that sendmail is no longer setuid root. (I have 4.7 on one box where it's not setuid and 4.2 stable on another box where it is). When I run mailq from my 4.7 box, I get a permission denied error when run as a normal user. Is this now the expected behavior? Is there any relatively secure way to make mailq work again from a non-root user? Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
installing software question
When I install something from the ports collection, the makefile nicely generates a packing list so I can deinstall it at a later time. Is there an easy way to do this if I download some random tar file for which I would normally untar it, ./configure, and make install? In other words, I install something which is not in the ports collection manually, I'd like to generate a packing list so I can use pkg_delete to remove it. Is there an easy way to do this? Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
ppp over usb
Is it possible to run ppp between 2 freebsd boxes over a usb connection? If so, what's needed to wire them together, some sort of usb cross-over cable? Michael grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
syslog question
I have these lines in my syslog.conf: *.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages !ipmon *.* /var/log/ipflog The first line says send *.notice, kern.debug...etc to messages. The second line starts a block specifically referring to the program name ipmon. The third line says send all errors from ipmon to ipflog. I'm getting duplicate logging for ipf in both messages and ipflog. It's because ipmon sends the syslog messages at the LOG_NOTICE level. Is there any way to say in the first line send *.notice except where programname=ipmon to /var/log/messages? I read through the syslog.conf man page, but there doesn't seem to be any way to do this. I was just curious if anyone else has configured something like this in syslog? Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
high availability disk mirror
Anyone have any good pointers to ideas how to set up multiple freebsd boxes such that I end up with something that's fault tolerant and highly available? Anyone know of a way to mirror a disk across a network? My current thinking is to create a second box as a hot spare. Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
automating backups of files
I'd like to write something to automatically backup files as they change on disk. Perhaps not every byte, but say at reasonable intervals and especially when a file is closed. Does anyone know of any way I could get an indication in a userland process when an arbitrary file has been opened, closed, or modified? I can imagine a special device which I read which just feed me things like: /foo/bar modified /bar/baz close Before everyone bombards me with comments that I'm being completely stupid, I have my reasons for wanting to do this rather than using RAID to create a mirror. What I really want would certainly be best done if I were to write my own file system. But I don't have the time to do that right now. I've been looking long and hard for a sort of roll-back filesystem, but I've never seen this for unix. So, I'd like to create something somewhat close. What I want to do today is backup a file in many different states rather than just once per day. To do that, I need to know when the files change, rather than scanning through the entire file system constantly, hence my question. I realize that there's going to be some overhead to do this, but I suspect that the amount of overhead isn't going to be that much greater than say using RAID to mirror. Ideas and comments welcome... Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: spamass-milter
When I send a test spam, logging in /var/log/maillog shows: spamd[5955]: info: setuid to root succeeded spamd[5955]: Still running as root: user not specified, not found, or set to root. Fall back to nobody. You should only see that once, when you start it. Each email should put something like this in maillog: I definitely see the Still running message with each mail message. It seems spamd restarts over and over and prints this each time it starts. Jul 23 00:12:58 2.6 dan spamd[852]: connection from localhost [ 127.0.0.1 ] at port 61541 Jul 23 00:13:00 2.6 dan spamd[81022]: clean message (2.3/8.0) for root:26 in 2 seconds, 6170 bytes. Jul 23 00:13:00 2.6 dan sm-mta[81020]: g6N5Cvfs081020: Milter change: header X-Spam-Status: (etc) Jul 23 00:13:00 2.6 dan sm-mta[81020]: g6N5Cvfs081020: Milter change: header X-Spam-Level: (etc) Is the milter running? You have to start it separately from sendmail. Here's what's running, if by milter you mean spamass-milter which creates the socket, yes, that's running. ps -ax | grep spam 6303 ?? Is 0:02.37 /usr/bin/perl /usr/local/bin/spamd -a -c -d 10319 ?? I 0:00.01 /usr/local/bin/spamc 10440 ?? I 0:00.01 /usr/local/bin/spamc 10482 ?? I 0:00.02 /usr/local/bin/spamc 10518 ?? I 0:00.01 /usr/local/bin/spamc 10562 ?? I 0:00.01 /usr/local/bin/spamc 10575 ?? I 0:00.01 /usr/local/bin/spamc 10613 ?? I 0:00.01 /usr/local/bin/spamc 10662 ?? I 0:00.01 /usr/local/bin/spamc 10698 ?? I 0:00.01 /usr/local/bin/spamc 10750 ?? I 0:00.01 /usr/local/bin/spamc 10784 ?? I 0:00.01 /usr/local/bin/spamc 10826 ?? I 0:00.01 /usr/local/bin/spamc 10863 ?? I 0:00.01 /usr/local/bin/spamc 10901 ?? I 0:00.01 /usr/local/bin/spamc 10959 ?? I 0:00.01 /usr/local/bin/spamc 10995 ?? I 0:00.01 /usr/local/bin/spamc 11013 ?? I 0:00.01 /usr/local/bin/spamc 11045 ?? I 0:00.01 /usr/local/bin/spamc 11088 ?? I 0:00.01 /usr/local/bin/spamc 11181 ?? I 0:00.01 /usr/local/bin/spamc 11182 ?? I 0:00.00 /usr/bin/perl /usr/local/bin/spamd -a -c -d 11183 ?? I 0:00.01 /usr/local/bin/spamc 11184 ?? I 0:00.00 /usr/bin/perl /usr/local/bin/spamd -a -c -d 3472 p0- I 0:01.86 /usr/local/sbin/spamass-milter /var/run/spamass/spamass-milter.sock I still can't get it to add the x-spam headers. Any clues as to how to get some better debugging so I can track down where exactly the problem is? setting the -D option on spamd only told me that spamd was in fact getting the mail, but after that, I'm not sure whats happening. Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
spamass-milter
I installed spamass-milter from ports. I followed the instructions, installing the line: INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass/spamass-milter.sock, F=,T=C:15m;S:4m;R:4m;E:10m') The socket is there. The spamd is running. I'm running freebsd 4.6 which should have libmilter in sendmail. (a strings on /usr/libexec/sendmail/sendmail confirms this). When I send a test spam, logging in /var/log/maillog shows: spamd[5955]: info: setuid to root succeeded spamd[5955]: Still running as root: user not specified, not found, or set to root. Fall back to nobody. Yet spamd never adds the x-spam header to my mails. I see that spamd definitely examins the message if I run it in debug mode. It's as if the message once processed by spamd is discarded and the original is delivered. I'm running procmail as a mailer to deliver mail locally, could that be interfearing? Michael Grant To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message