Tape drive recommendations
Hi all, I know this is a bit off-topic, but I'm looking for suggestions. In one of my corporate sites, I've got a Tandberg Magnum 2x24 dual 10-slot tape backup device that I feel is on its way out. The storage amount for this site is adequate with the existing device and so is the performance, but I'm just curious to find out others opinions on what they use for tape backup machines nowadays before I purchase something new. I back up between 2 and 4 TB per day at this particular site. Off-list replies if you don't feel comfortable specifying vendors publicly are welcome. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Uptime [OT]
On 14/06/2012 9:43 PM, Mark Felder wrote: On Thu, 14 Jun 2012 22:37:59 -0500, Steve Bertrand wrote: That's hardcore homie... wow! What does this box survive to do? Transparent traffic shaping/firewalling via IPFW; it's not actually visible to the internet. There isn't much load at all, but the hardware is quickly aging. The dual power supply has saved it a few times, too. I think there's another server which I believe is close to 2600 days uptime but I'll have to brainstorm and see if I can remember which one it is. lmao... you must be a sysadmin ;) IPFW is all I've used on FreeBSD. I designed an ISP edge based on Microtic hardware with flash-based FBSD installs with Quagga and IPFW. I was hesitant to change to anything else, because I wrote an awful lot of Perl code that automated IPFW changes across the network. I don't use FBSD as much as I used to, but I still stick to my roots and write most of my code on it. I don't maintain many servers with it anymore though. This is why I thought I'd speak up... to let everyone know I'm still alive and kicking. Apparently, so is one of my boxes ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Uptime [OT]
On 14/06/2012 9:35 PM, Mark Felder wrote: In production and survived many area-wide power outages: % uptime 10:34PM up 2021 days, 18:02, 1 user, load averages: 0.00, 0.00, 0.00 That's hardcore homie... wow! What does this box survive to do? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Uptime [OT]
On 14/06/2012 9:20 PM, Steve Bertrand wrote: I still have non-root access to a box from my old job... it is non-available and doing nothing, so updates are irrelevant: %uptime 9:01PM up 1142 days, 5:29, 1 user, load averages: 0.00, 0.00, 0.00 fwiw: %uname -a FreeBSD ..xxx 7.2-PRERELEASE FreeBSD 7.2-PRERELEASE #1: Wed Apr 29 06:34:04 EDT 2009 st...@xxx..xxx:/usr/obj/usr/src/sys/ i386 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Uptime [OT]
I still have non-root access to a box from my old job... it is non-available and doing nothing, so updates are irrelevant: %uptime 9:01PM up 1142 days, 5:29, 1 user, load averages: 0.00, 0.00, 0.00 Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: editor that understands CTRL/B, CTRL/I, CTRL/U
On 2012-04-24 11:50, Anton Shterenlikht wrote: My daughter is doing a touch typing course that presumes MS Word. So far she was fine with pico, but now they want the kids to practice CTRL/B (bold), CTRL/I (italic), CTRL/U (underline). She really needs to use these particular combinations because that is how the on-line assessment tool is set out. I use nothing but vi, so have no clue which, if any, editor from ports/editors will have these particular combinations implemented. Please recommend one, preferably as simple and as small as possible. I'm a serious vi(m) advocate, but in this case, due to the use case, I also ++ Abiword. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Convert mp3 to audio CD
I know this is a backwards request, as I haven't had to go from mp3 to audio CD format in at least 10 years, but I do now. What is available to do so? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Editor With NO Shell Access?
On 2012-03-12 15:19, Tim Daneliuk wrote: I have a situation where I need to provide people with the ability to edit files. However, under no circumstances do I want them to be able to exit to the shell. The client in question has strong (and unyielding) InfoSec requirements in this regard. So ... are there editors without this feature? Can I compile something like joe or vi to inhibit this feature? I don't know if this will help, but it may provide an idea that could spark something further. You can force a user directly into an editor so they have no shell access. For example, if the user has '/bin/csh' as their login shell, adding: exec /usr/local/bin/vim into their ~/.cshrc file will force them directly into vim. When they exit vim, they are immediately logged off. However, I don't believe this will provide them any way to see their files though. vim's ":open filename" and ":w filename" still work, but shell commands (eg ":! ls -la") don't. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Joseph Campbell on PBS today
On 2012-03-11 11:38, Jerry wrote:
On Sun, 11 Mar 2012 10:16:54 -0500
Conrad J. Sabatier articulated:
{snip}
WTF
With this, the ReactOS crap, and the Microsoft sucks debacle, I woke up
this morning thinking it may be April 1st :)
Steve
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Why is this Symbol in the front of your website. A humble request.
On 2012-02-23 10:17, Erich Dollansky wrote: I suggest to everyone of you that you recommend to change/replace the unnecessary picture right in front of your website. Are you talking about this ugly ball? Some say that it is a sex toy. Don't you like sex toys? lol iirc, Ted Mittelstaedt started the sex-toy thing sometime in the mid 2000's. I see some things just stick ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to prevent gam_server from running?
On 2012.02.15 19:19, Conrad J. Sabatier wrote: On Wed, 15 Feb 2012 18:23:21 -0500 Steve Bertrand wrote: On 2012.02.15 17:57, Conrad J. Sabatier wrote: Lately, I've been hovering hither and thither when it comes to which desktop environment I choose when logging in, but several of them seem to insist on starting gam_server, which is just a real CPU hog, and once this thing is started, there's no stopping it. I've looked and looked and still can't figure out how to disable it. I can't even figure out where exactly it's being started from. Whether it's GNOME or XFCE or what-have-you, at login, some add-on tool somewhere is launching this thing, and I just plain don't want it! :-) Any clues, anyone? I'm really worn out from trying to solve this one. Is there anything in /etc/rc.conf relating to this server? Well, naturally, that was the first place I checked, along with probing /usr/local/etc, but no, I don't see any signs of anything anywhere that could be causing this thing to run. Nothing helpful in the package's plist, either. Undoubtedly, one of its REQUIRED_BYs is responsible, but none of them are making it easy to track down. It's really quite maddening. This thing is a persistent little bugger, I tell ya. I've tried manually killing it repeatedly, using various signals, and it just keeps resurrecting itself immediately, sometimes in even higher numbers, like some evil being in a horror movie. Kill one, and two or more spring up in its place. It's *evil*, I tell ya! :-) Well, where there's a will, there's a way. I'll get to the bottom of this eventually. I would just uninstall it, but then it will most likely be automatically reinstalled, too, when I upgrade something that depends on it. As Caiaphas sang in his menacing basso voice in "Jesus Christ Superstar", "We need a more permanent solution to our problem". :-) lol :) I figured you've checked there, but one never knows. I've never heard such of a rogue problem on FBSD before. Do you see anything odd if you run lsof? Won't say what started it, but it may give hints. Also, perhaps you could display to the list what you are starting willingly to see if someone can identify a potential problem. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to prevent gam_server from running?
On 2012.02.15 17:57, Conrad J. Sabatier wrote: Lately, I've been hovering hither and thither when it comes to which desktop environment I choose when logging in, but several of them seem to insist on starting gam_server, which is just a real CPU hog, and once this thing is started, there's no stopping it. I've looked and looked and still can't figure out how to disable it. I can't even figure out where exactly it's being started from. Whether it's GNOME or XFCE or what-have-you, at login, some add-on tool somewhere is launching this thing, and I just plain don't want it! :-) Any clues, anyone? I'm really worn out from trying to solve this one. Is there anything in /etc/rc.conf relating to this server? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: on hammer's, security, and centrifuges...
On 2012.02.07 07:03, Henry Olyer wrote: Look, I'm going to use FreeBSD as long as both it and I am around, it's just the best choice for me, for my user's. But we need to improve security. I'm very happy with the security and stability of FreeBSD, and praise the sec team and contributors to make it so. I've run literally hundreds of FreeBSD boxes, mostly in a busy ISP environment since 4.3, and never have been hacked after normal system protections are in place. For now, until I remake my laptop, I'm going to disable the ath0 wireless. How? What's the best method to make certain that my wireless chip is turned off? Comment out the configuration lines for the ath interface in rc.conf, or to remove it completely, recompile the kernel after removing 'device ath'. Or is this something best accomplished with a hammer? For the overly paranoid. Is their something I can do that would help the FBSD security people? Document how your security suggestions will rectify the problem you perceive, file PRs, then write patches. You are after all a developer :) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Add to vendors list
On 2012.02.06 04:02, Matthijs Openneer wrote: With this we would like to be added to your vendor list overview: http://www.freebsd.org/commercial/isp.html Could you please tell us what to do to make this happen. As it states within the 2nd paragraph on that page, fill out a PR (the 'problem report' link is within the paragraph) and select 'www' as the category. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Unable to upgrade packages on FreeBSD
On 2012.01.30 18:40, David Jackson wrote: Perhaps that is because the people who want to use packages have given up on FreeBSD. WTF?!? hint: I'm standing right beside you as you're saying this. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: IPv6 VM
On 2012.01.26 16:03, Robert Boyer wrote: I can probably arrange for a tunneled v6 address - should be the same thing at the end of the day…. how much time/mem you need? Thanks Robert, As far as time/mem, I'm not all too sure as it has been some time since I've run anything virtualized, so anything deemed standard, even minimum requirements is perfect. Regarding a v6 tunnel, I have a couple tunnel accounts (both end-user and BGP peering) over at he.net. One of the individual ones could be easily redirected. Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
IPv6 VM
Hi all! I've been away for some time, but I'm now getting back into the full swing of things. I'm wondering if there is anyone out there who can let me temporarily borrow a CLI-only clean install FBSD virtual machine with a publicly facing IPv4 and native IPv6 address. It will be extremely low bandwidth (almost none at all) for testing some v6 DNS software and other v6 statistical programs I'm writing. Please contact off list. Thanks! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Why do you use a devil as a mascot?
On 2010.11.11 23:49, Adam Vande More wrote: > I thought I remembered this little gem: > > http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177810.html LMFAO!! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Why do you use a devil as a mascot?
On 2010.11.11 19:44, Ryan Coleman wrote: > Not this shit again... Amen! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VPN IPsec Help
On 2010.07.08 10:54, Steve Bertrand wrote: > On 2010.07.08 10:51, Steve Bertrand wrote: >> On 2010.07.08 10:00, Matheus Weber da Conceição wrote: >>>> It has been a long time since I've done IPSec on FBSD, but I'm willing >>>> to bet that this has to do with routing, possibly amongst other things. >>>> On peer 'B' (FBSD box), what internal IP range are you trying to access >>>> the A network from...the same ones (ie. are you trying to bridge the >>>> networks)? >>>> >>> The -peer A- doesn't need to access any -peer B- networks. >>> >>>> Do you have access to the Cisco gear? >>> No. >>> >>>> If so, on FreeBSD, post the output of: >>>> >>>> % netstat -rn >>> >>> Notes: >>> tun0 is my ppp pseudo-device >>> tun5 is my openvpn tunel (192.168.5.0/24) >>> >>> # netstat -rn >>> Routing tables >> >> [ big snip ] >> >> IIRC, you don't need a gre tunnel through IPSec, ...and, I meant to say gif interface, not gre tunnel. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VPN IPsec Help
On 2010.07.08 10:51, Steve Bertrand wrote: > On 2010.07.08 10:00, Matheus Weber da Conceição wrote: >>> It has been a long time since I've done IPSec on FBSD, but I'm willing >>> to bet that this has to do with routing, possibly amongst other things. >>> On peer 'B' (FBSD box), what internal IP range are you trying to access >>> the A network from...the same ones (ie. are you trying to bridge the >>> networks)? >>> >> The -peer A- doesn't need to access any -peer B- networks. >> >>> Do you have access to the Cisco gear? >> No. >> >>> If so, on FreeBSD, post the output of: >>> >>> % netstat -rn >> >> Notes: >> tun0 is my ppp pseudo-device >> tun5 is my openvpn tunel (192.168.5.0/24) >> >> # netstat -rn >> Routing tables > > [ big snip ] > > IIRC, you don't need a gre tunnel through IPSec, as you are simply > routing between two dissimilar networks. Don't quote me on this though, > as I said earlier, it has been a very long time. > > On the FreeBSD box, assuming that you *only* want to access the three > specific IPs you stated, do this: > > % route add 192.168.10.24/32 200.x.x.x > % route add 192.168.201.196/32 200.x.x.x > % route add 10.115.90.236/32 200.x.x.x > > On the Cisco side: D'oh! I wasn't paying enough attention! > % ip route 192.168.5.0 255.255.255.0 187.x.x.x.x This.^^^ should read 192.168.1.0 (by the looks of things). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VPN IPsec Help
On 2010.07.08 10:00, Matheus Weber da Conceição wrote: >> It has been a long time since I've done IPSec on FBSD, but I'm willing >> to bet that this has to do with routing, possibly amongst other things. >> On peer 'B' (FBSD box), what internal IP range are you trying to access >> the A network from...the same ones (ie. are you trying to bridge the >> networks)? >> > The -peer A- doesn't need to access any -peer B- networks. > >> Do you have access to the Cisco gear? > No. > >> If so, on FreeBSD, post the output of: >> >> % netstat -rn > > Notes: > tun0 is my ppp pseudo-device > tun5 is my openvpn tunel (192.168.5.0/24) > > # netstat -rn > Routing tables [ big snip ] IIRC, you don't need a gre tunnel through IPSec, as you are simply routing between two dissimilar networks. Don't quote me on this though, as I said earlier, it has been a very long time. On the FreeBSD box, assuming that you *only* want to access the three specific IPs you stated, do this: % route add 192.168.10.24/32 200.x.x.x % route add 192.168.201.196/32 200.x.x.x % route add 10.115.90.236/32 200.x.x.x On the Cisco side: % ip route 192.168.5.0 255.255.255.0 187.x.x.x.x If that works, on the FBSD side of things, add the following to /etc/rc.conf to make them persistent across reboots: static_routes="host1 host2 host3" route_host1="192.168.10.24/32 200.x.x.x" route_host2="192.168.201.196/32 200.x.x.x" route_host3="10.115.90.236/32 200.x.x.x" Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VPN IPsec Help
On 2010.07.07 18:28, Matheus Weber da Conceição wrote: > Hello guys; > > I'm using a FreeBSD 7.0 in my firewall/gateway, and I have to connect > via VPN to a Cisco box. > > The scene here is: > > * Peer A (Cisco): 200.xxx.xxx.xxx >IPs that Peer B need to access: > - 192.168.10.24 > - 192.168.201.196 > - 10.115.90.236 > > * Peer B (FreeBSD 7.0): 187.yyy.yyy.yyy (me) > > > How can I configure this scene without using gif0 interface? It has been a long time since I've done IPSec on FBSD, but I'm willing to bet that this has to do with routing, possibly amongst other things. On peer 'B' (FBSD box), what internal IP range are you trying to access the A network from...the same ones (ie. are you trying to bridge the networks)? Do you have access to the Cisco gear? If so, on FreeBSD, post the output of: % netstat -rn ...and the output to the following on the Cisco: % sh ip route stat Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: dealing with a possible security breach and am just trying to be careful...
On 2010.07.05 20:19, Henry Olyer wrote: > Hi all, > > So how do I delete a running load module? What type of module... a kernel module?: load: pearl# kldload smbfs unload: pearl# kldunload smbfs Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: best open source site for Bourne .sh development project?
On 2010.07.05 19:37, Fbsd8 wrote: > I developing a jailed environment application in Bourne script. Looking > for recommends for a open source web site to join and add my code to so > others may participate. The site needs to be able to host the code to be > used as the download location for a freebsd port, and not be terminated > when the project becomes dormant. If you know that the project may become dormant, ensure that the README says so. You may be best going over to github: http://github.org Please don't introduce anything into the ports system for which you have obsolete as a pre-conceived notion, and/or you have no intention in supporting long-term. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VLANs is this right?
On 2010.07.05 12:57, David Kelly wrote: > On Mon, Jul 05, 2010 at 10:16:19AM -0600, Modulok wrote: >> >> Criteria: >> - HostA must never directly talk to HostB. >> - Both hostA and hostB have an Internet connection. >> >> What I have to work with: >> proCurve switch which supports VLANs. >> 2x Intel NICs in FreeBSD which support VLANs. > > Am thinking you are approaching it the wrong way. I wasn't going to, but I'd like to respond to your post. In no way am I attempting to knock the fact that you tried to help, I'd just like to clarify a few things... My personal belief is that the OP is approaching this in the best possible way. > Not familiar with the specifics of a ProCurve switch but that's a high > end unit, not a Netgear. I would expect you could configure the switch > to disallow the MAC addresses from talking to each other of hostA and > hostB. I would expect a residential-grade NetGear be configured in such a way, not a higher-end switch. > Furthermore, it would be even easier to disallow hostB from within > hostA's firewall. And do the same at hostB. Easier if you have 2-10 machines, that are not laptops, and never get replaced. Your expectations are not scalable, nor do they provide a network-wide solution. If the OPs network grows to 200 vlans with 15k hosts, maintaining such a setup is no where near feasible. This is why the 'higher-end' gear allows such functions. By putting users (ie. client systems, or even business functional units) into vlans, security policies can be enacted in one fell swoop (one ACL, aka firewall rule) within the device they access the other portions of the network. Generally, MAC filtering is used to place a specific nic into its proper vlan, or to deny it access to the network in general (based on an allowed-only list). Personally, I've never seen it used to filter host-host traffic before. Also, using vlans also limits the size of broadcast domains. Not too long ago, I consulted for a company that had ~4k machines within one IP subnet. They questioned why they should replace their unmanaged switches with managed ones in the course of my work, so I generated an example. It is *trivial* in FBSD to trunk vlans, and firewall them off from one another (notes: I use Quagga to assign v4 addresses to my sub-ints, so the syntax may be off. However, FBSD 7.2 accepts this as valid. Also, I do it a bit differently in production (one line), but I don't have access to the boxes I do it on, and I forget the exact syntax): # ipfw add 100 deny all from any to any recv em5.10 xmit em5.11 # ipfw add 110 deny all from any to any recv em5.11 xmit em5.10 fwiw, depending on the switch, it may even be able to do some of this L3 functionality inherently. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: VLANs is this right?
On 2010.07.05 14:36, Nathan Vidican wrote: > On Mon, Jul 5, 2010 at 1:30 PM, Modulok wrote: > >> It was a simplified diagram of what I thought I needed. ( Which may or >> may not be what I actually need! ) >> >> Basically, I want a port on the switch that I can plug un-trusted >> devices into. Systems wich are known to be just crawling with >> malicious software. I need to provide them with an Internet >> connection, but otherwise want them separated from everybody else. >> Think DMZ isolation, but they're not providing any 'external' >> services. I was wondering if this could be done with tagging and >> address aliases, instead of buying a third network card for the BSD >> machine. >> >> If that makes any sense. > They key is that the switch must connect to the FreeBSD machine using TRUNK > not access mode. I am not that familiar with the HP procurve series but I'd > imagine it's not that dissimilar from others I've worked with: Unlike Cisco where you apply the tagging within interface config, HP requires you to apply tagging to an interface within the vlan config instead: vlan 10 untagged 29-44 tagged 47 ip address 208.70.104.2 255.255.255.248 exit vlan 11 untagged 1-6 tagged 47 ip address 208.70.107.2 255.255.255.248 exit 'tagged 47' is equivalent to Cisco's `trunk'. It `trunks' vlan 10 and 11 out via gi 47. The FBSD related config snips previously posted are what is needed on that end of things. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Problem installing Backula-bat
On 2010.06.17 07:38, Cato Myhrhagen wrote: > when i go into the Xorg window and > types bat (is this the correct way to start BAT by the way), I get the > message that the command is not found. I am now thinking that the > installation did not succeed and that I have to do somthing else to fix the > problem. > > Eny suggestions? Would be very greatful if I could get this fixed somehow.. Run the 'rehash' program and then try your command again. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: .sh & getopts
On 2010.06.04 00:35, Aiza wrote:
> Have this code
>
> shift; while getopts :ugr: arg; do case ${arg} in
>u) action="freebsd-update";;
>g) action="freebsd-upgrade";;
>r) action="freebsd-rollback";;
>?) exerr ${cmd_usage};;
> esac; done; shift $(( ${OPTION} -1 ))
>
>
> Command being executed looks like this, cmd action -flags
>
> Only a single -flag in allowed on the command.
Here's my obligatory "use Perl;"
# it's a dirty hack out of a util script I use that calls
# methods out of a module. 99% of the code has been stripped,
# so forgive me, especially for the dirty arg count check ;)
# save file to test.pl
# chmod 755 test.pl
# Examples:
# Help:
# ./test.pl --help
# ./test.pl -h
# Man page:
# ./test.pl --man
# ./test.pl -M
copy/paste below this line, until _END_
#!/usr/bin/perl
use strict;
use warnings;
use Getopt::Long;
Getopt::Long::Configure qw( bundling );
use Pod::Usage;
if ( $#ARGV > 0 ) {
my $arg_num = $#ARGV +1 ;
print "\nYou supplied $arg_num args, when only one is allowed\n\n";
die "See $0 -h\n\n";
}
my ( $help, $man ) = 0;
my $result = GetOptions(
'update|u' => \&update,
'upgrade|g' => \&upgrade,
'rollback|r'=> \&rollback,
'help|h'=> \$help,
'man|M' => \$man,
);
# begin pod2usage
pod2usage({ -verbose => 1 }) if $help;
pod2usage({ -verbose => 2 }) if $man;
sub update {
print "We're updating!\n";
# do something fancy here..
exit;
}
sub upgrade
{
print "We're upgrading!\n";
# more fancy stuff...
exit;
}
sub rollback {
print "Ensure you have a backup, we're rolling back!\n";
# uber fancy!!!
exit;
}
=head1 NAME
perform_maintenance - Do maintenance on FreeBSD
=head1 SYNOPSIS
# Do update
./test.pl --update
./test.pl -u
# Do upgrade
./test.pl --upgrade
./test.pl -g
# Do a rollback
./test.pl --rollback
./test.pl -r
# display help
./test.pl --help
./test.pl -h
# display the manual page
./test.pl --man
./test.pl -M
=head1 OPTIONS
=over 1
=item --update | -u
Do an update... this example simply outputs 'Update' to STDOUT.
=item --upgrade | -g
Do an upgrade... this example simply outputs 'Upgrade' to STDOUT.
=item --rollback | -r
Perform a rollback... again, of course, we only print out jibberish
=back
=head1 DESCRIPTION
This is a copy/paste of a real-life Perl application that has been
cleared out of all useful code, so it could be used as an example.
It is however an extremely handy framework for accepting both the long
and short forms of parameters, and the perldoc inclusion allows one to
dump 'error' (or more favourably put) help pages onto STDOUT for the user.
=cut
__END__
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: text editor
On 2010.06.03 18:35, Fbsd1 wrote: > Walt Pawley wrote: >> On Sun, 30 May 2010, Fbsd1 wrote: >> >>> Been using ee and been happy. >>> >>> Now I have need for an editor with block commands. >> >> I'd suggest looking into aee. > > > That has what I am looking and so simple. Simple is in the eye of the beholder. Also, simple isn't always the best solution. afair, you (FBSD1) (it'd be nice if you'd use your real name), are wanting to move from `ee' to a new editor. I'm almost certain that this was a question that I've asked here before. Moving from ee to a real editor. Search my name in the archives. Personally, I chose vim. I found that the 'vimtutor' was phenomenal, and I only had to spend one work day making notes for myself on paper to mentally remember the important commands. The mailing list is *very* good and *very* active, but again, the tutorial is excellent. Not only that, the :help system in vim contains ALL of the documentation for itself. All in all, I tried emacs, and I'm a bit used to it, but vim stuck. I am so used to the key commands now that I oftentimes use them in editors that I shouldn't ;) I won't go on about how flexible the config is, because I'm certain all of the other editors can do all sorts of special tricks (particularly when coding) too. iTry vim. ii:wq Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: text editor and your postscript
On 2010.06.03 20:40, Chad Perrin wrote: > On Thu, Jun 03, 2010 at 08:25:54PM -0400, Steve Bertrand wrote: >> ...here's an example... use vi(m). It solves ALL of the world's problems. > > I'm beginning to think nvi, in particular, might do so. For one thing, > it has a friendlier license (since we're getting "political") than Vim, > and for another it has better undo support than I realized. Can I use my .vimrc? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: text editor and your postscript
On 2010.06.03 19:46, Chad Perrin wrote: > On Thu, Jun 03, 2010 at 10:49:04PM +0200, Richard T C Farnes wrote: >> To Matthias Apitz [ ...snip ...] >> Yours sincerely >> Richard Farnes > > I don't recall any "netiquette" rules about making your signature block > on-topic. Aren't you getting a bit uptight? > > If anything, it's *you* who took things into the realm of politics by > pulling it out of the signature block where it belonged. Nicely put Chad. sigs can be easily ignored, or filtered. Politics and religion are not allowed on this list, unless they relate to ``technical'' politics/religion. ...here's an example... use vi(m). It solves ALL of the world's problems. Steve ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Cloning question
I've written a few "howto"'s on backup/restore/cloning in the past, but now I have a question that I hope to have quickly answered. I'm not looking for criticism on my approach, only on whether it will work. With that said, I'll lay out my scenario and my questions. Scenario: - live web server (300 domains), shut the box down and booted up a copy of the system on new hardware - changed the normal system items (nic, fstab etc) - new box is running fine under old system, but I need to transfer the old system data (all of it...*all* data) to the new disk sub-structure - new box has RAID card, but not compatible w/FBSD - new box has had RAID card disabled, so new disks show up as standard adX drives Questions: - while running the 'new' box under the 'old' system, can I: --- atacontrol create RAID1 ad4 ad6 --- fdisk --- label: to items under /mnt, as to prepare for copy - stop all services (or go into single-user), and dump each slice from orig to new ...if so, please advise of the dump command that I'd be using. Normally I'd use rsync, but this situation can sustain some downtime to ensure a complete and utter mirror. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Searching for functions in Perl code
On 2010.05.19 22:05, Randal L. Schwartz wrote: >>>>>> "Steve" == Steve Bertrand writes: > > Steve> This is how I produce the list of all sub-routines within all module > Steve> files, which includes the module name and sub. > > See "perldoc B::Xref". ...that *might* just work, for what I want, and for far more detail later... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Searching for functions in Perl code
This is more of a handy how-to than it is a question. A permanent
'howto' as it were.
A Perl project I'm working on contains 457 functions (ie. subroutines
(ie methods)), and even though I have documentation for all of them,
sometimes it is handy to have a list in front of me.
This is how I produce the list of all sub-routines within all module
files, which includes the module name and sub.
% grep -E -r "sub \w+ {" * | grep -v svn | awk '{FS=":"} \
{print $1, " ", $2}' | awk '{FS=" "} {print $1, " ", $3}'
...adapted to pull subs from a single file:
% cat lib/ISP/User.pm | grep -E "sub \w+ {" | awk '{print $2}'
For efficiency, and so I can remember more readily, my request is for
golf, particularly adaption to a Perl one-liner ;)
Cheers,
Steve
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Find a file with an unknown name
On 2010.05.17 22:17, Randal L. Schwartz wrote: >>>>>> "Steve" == Steve Bertrand writes: > > Steve> What command string do I use to search a directory structure for a > file, > Steve> when my search pattern only matches content and not filename? > > grep -r 'pattern here' top-level-dir-here Something I do all the time, but couldn't think of it when I needed it most. Much respect for your first response on a FBSD list. Cheers ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Find a file with an unknown name
I want to find a file that was recently created. The content within the file is known, so I can grep for that. The directory structure that contains the file is also known. The filename is not known. What command string do I use to search a directory structure for a file, when my search pattern only matches content and not filename? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: 100Mb LAN hardware
On 2010.05.17 20:40, Steve Bertrand wrote: > I'm cleaning up my office, and I've come across a piece of hardware that > has been successfully hacked with FBSD as a FW/GW in the past. I also have (found) two Cisco Catalyst 2924 switches that I will get rid of too. ...and I'm not done yet. Preferably, everything will go together. I'm certain I have routers as well... does FreeBSD have need for hardware?... I can find more! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: 100Mb LAN hardware
On 2010.05.17 20:40, Steve Bertrand wrote: > The unit is a Multi-Tech RF600VPN device, and it contains three 100Mbps > interfaces. > > I'd like to give this away. fwiw... I am an hour east of Toronto, Ontario. ...Canada. -sb ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
100Mb LAN hardware
I'm cleaning up my office, and I've come across a piece of hardware that has been successfully hacked with FBSD as a FW/GW in the past. The last time the hardware ran, it was from a 2GB CF card, but it also has a fully capable IDE channel that does work (that's how I installed FBSD onto the CF card). The unit is a Multi-Tech RF600VPN device, and it contains three 100Mbps interfaces. I'd like to give this away. Note, I know lists, so I'm not looking to sell. I'm literally looking to give it away. Depending on destination, shipping may be included. ...unit is fantastic for a fan-less SMB fw. ...let me know. Take it, or it goes into hazardous waste. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Addition to BSDstats
Marc, et-al, I wasn't originally going to post this to the list, but I thought that it would be useful to do so in order to try to solicit feedback. There's a suggestion that I have for the server-side of bsdstats. I would find it very useful if the server could track the % of the reporting connections that come in over IPv6, and include that on the website front page. Of course, this would require that rpt.bsdstats.org reside on a reliable IPv6 network, and code changes to the server-side software. (if the code is Perl, I'll gladly take a look at it ;) I'm not interested in the actual addresses of the sending hosts, just whether the address contains a '.' or ':'. Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Disabling IPv4 in Sendmail
On 2010.04.27 13:05, Steve Bertrand wrote: > Hi all, > > I'm trying to configure an MTA/MSA using Sendmail on FreeBSD 8. ...sorry for the noise all... I got it by adding the following to the main .mc file: FEATURE(`no_default_msa')dnl ...thereafter: Apr 27 13:08:00 onlyv6 sendmail[43728]: starting daemon (8.14.4): smtp+queue...@00:30:00 ...and: onlyv6# netstat -na tcp6 0 0 2607:f118:8c0:80.587 *.*LISTEN tcp6 0 0 2607:f118:8c0:80.25*.*LISTEN Cheers! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Disabling IPv4 in Sendmail
Hi all, I'm trying to configure an MTA/MSA using Sendmail on FreeBSD 8. The catch is, is that I don't have any IPv4 addresses on the box (not even loopback). I'm almost there, but I'm still missing something. Here is what I've changed in my configs: In submit.mc, per the documentation, I've changed: dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] FEATURE(`msp', `[IPv6:::1]')dnl ...and in the main .mc, I've added: dnl set SASL options TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl define(`confAUTH_MECHANISMS', `GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN')dnl ...and modified a couple others: DAEMON_OPTIONS(`Name=MTA, Port=smtp, Family=inet6, Modifiers=O') DAEMON_OPTIONS(`Name=MSA, Port=587, Family=inet6') It appears as though I've got the MTA portion working without error, but: Apr 27 13:01:45 onlyv6 sendmail[43658]: daemon MSA: problem creating SMTP socket Apr 27 13:01:45 onlyv6 sendmail[43658]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MSA: server SMTP socket wedged: exiting ...can someone spot what I may be missing? Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: hacked?
On 2010.04.14 18:56, Steve Franks wrote: > I don't have bsdstats or similar that I'm aware of installed, so this > smells bad: You have an incredibly poor sense of smell. > Firewall is showing repeated attempts from your FreeBSD machine to > connect to port 25 (standard SMTP mail port) on a server in Belgium. This > implies something on your system is trying to send mail out. Your method of troubleshooting network issues lead you to use the word 'implied'. You should never imply anything, unless you have conclusive proof to explicitly show that you aren't making a mistake. > [14/Apr/2010 15:11:09] DROP "SMTP Deny" packet from Local Area > Connection - LAN, proto:TCP, len:48, ip/port:192.168.1.38:17343 -> > 81.247.120.78:25, flags: SYN , seq:43473770 ack:0, win:65535, tcplen:0 If you are that concerned, go to your ISP. Do not ask an open mailing list about problems that don't concern it's subscribers. I still can't fathom how you assume that this is a FreeBSD problem. The IP you quoted is from a dynamic range that an ISP in Belgium has been allocated from it's RIR. I suspect that your intrusion attempts also have the 1918 space in it, because you are behind a NAT device of some sort, and have a mail system within that space. You are port-forwarding TCP 25 back through a NAT device to your internal email system, and reading 'firewall logs' from that, yes? > Where would I start sniffing around as far as what got put on my box? ...don't sniff. Close port 25 if you are using it internally and forward that traffic outbound to your ISP, or if this 'warning' is being sent by your perimeter firewall that doesn't allow anything through, then ignore it. If you want to sniff, and this is serious, read tcpdump(1). Steve [ full disclaimer: I could potentially be classified as an activist when it comes to eradicating falsified src/dst IP(v6) addresses on the Internet ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: IPFW and separate data files.
On 2010.04.12 14:15, Jerry wrote: > On Mon, 12 Apr 2010 10:04:48 -0400, Steve Bertrand > articulated: > >> On 2010.04.11 11:57, Jerry wrote: >>> I am using IPFW on a FreeBSD-7.3 machine. Presently, I am loading >>> several tables for IPFW. So far, I have just keep the data for the >>> tables in the actual "ipfw-rules" referenced in the 'rc.conf' file >>> itself. What I would like to do is keep the data for these tables in >>> separate files and just have them imported when the firewall is >>> loaded. I have constructed a simple script that is called from the >>> 'ipfw-rules' file. >>> >>> My question is if there is a better way of accomplishing this? Is >>> there a downside to doing this way? The data for these tables tends >>> to be dynamic and I would rather work with the separate files than >>> edit the master one and risk messing it up. >> >> I have a setup that is very similar to this. I 'include' the other >> files from the one referenced in /etc/rc.conf by adding lines like >> this: >> >> . /etc/ipfw.include > > OK, I think I know where you are going with this; however, I want to > make sure I have it correct. I am assuming that you are adding the > ". /etc/ipfw.include" file in the file referenced in the rc.conf file. > Is that correct? It is correct: # grep ipfw.rules /etc/rc.conf firewall_script="/etc/ipfw.rules" # grep ipfw.include /etc/ipfw.rules . /etc/ipfw.include > I know that it is a little over the top, which is why I was looking for > an easier way. The reason I was doing it this way was because I only had > to add the IPs that I wanted to block without having to add the directives > also. That is all I do too. All of my table definitions are in the initial fw script, ipfw.rules (poorly named, I know ): #!/bin/sh flush="/sbin/ipfw -q flush" cmd="/sbin/ipfw add" table="/sbin/ipfw table" $flush # Tables # Client/infrastructure IPs for allowing access $table 1 add 208.70.104.0/21 . # SMTP ALLOWED OUTBOUND TABLE $table 2 add 208.70.104.92/32 $table 2 add 208.70.104.93/32 . /etc/ipfw.include etc. The included file contains the rule definitions themselves, as well as any sweeping rules that aren't for any specific protocol or IP address. To add a new IP to a rule that is using tables: # ipfw table 2 add x.x.x.x Because this doesn't save anything, a reboot will erase those new entries. To take care of that, I use this (note that this may not catch edge cases): ipfw list | \ perl -nle 's/table\((\d+)\)/\"table($1)"/g; print "\$cmd $_";' \ > /etc/ipfw.include \ && chown root:wheel /etc/ipfw.include && chmod 400 /etc/ipfw.include Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: IPFW and separate data files.
On 2010.04.11 11:57, Jerry wrote: > I am using IPFW on a FreeBSD-7.3 machine. Presently, I am loading > several tables for IPFW. So far, I have just keep the data for the > tables in the actual "ipfw-rules" referenced in the 'rc.conf' file > itself. What I would like to do is keep the data for these tables in > separate files and just have them imported when the firewall is loaded. > I have constructed a simple script that is called from the 'ipfw-rules' > file. > > My question is if there is a better way of accomplishing this? Is there > a downside to doing this way? The data for these tables tends to be > dynamic and I would rather work with the separate files than edit the > master one and risk messing it up. I have a setup that is very similar to this. I 'include' the other files from the one referenced in /etc/rc.conf by adding lines like this: . /etc/ipfw.include Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: perl qstn...
On 2010.04.06 17:10, Randal L. Schwartz wrote: > Now, on the other hand, emacs rules, vi sucks. :-) :-) ok, ok. I was on the side of Perl, and was content following this thread, but now I don't like you anymore :P heh ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD Version recommend for OLD machine
On 2010.03.16 15:25, alexus wrote: > On Tue, Mar 16, 2010 at 3:21 PM, andrew clarke wrote: >> On Fri 2010-03-12 00:16:35 UTC-0500, Steve Bertrand (st...@ibctech.ca) wrote: >> >>>> The machine has a Motherboard that supports 2 double pentium III >>>> processors with 1GB of ram and a hard disk with 40GB. >> >> I run FreeBSD 7.2 on a headless 1 GHz Pentium III with 256 MB RAM. >> > i'd go w/ 8.0 worse case scenario 7.2 > and put more memory in that machine it's embarassing :) Hogwash. Embarrassment is an opinion that you either believe people hold against you, or you hold against others, in which you think they will think about you: 62 processes: 1 running, 61 sleeping CPU states: 5.5% user, 0.0% nice, 11.9% system, 0.6% interrupt, 82.0% idle Mem: 53M Active, 11M Inact, 20M Wired, 6556K Cache, 19M Buf, 448K Free I am not embarrassed. This server has +30 websites running, and it is dead reliable. You do what you know works. You do not do because you might be 'shamed'. Those who shame people in this industry don't last long ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD Version recommend for OLD machine
On 2010.03.11 23:29, Jorge Biquez wrote: > Hello all. > > I have an old machine that has been running 4.11-Stable for some years. > This week something weird happened when I tried to update to latest > version on 4.x. Anyway, I thought that was a good idea to update to 5.x > and after doing all the process finally I can not have it running > corrcetly. Not a big problem since a secondary DNS an an email server > for one domain. I am still trying to recover it downloading and > installing the sae version it has but in case I can not fix I would like > to install a mor erecent version. > > The machine has a Motherboard that supports 2 double pentium III > processors with 1GB of ram and a hard disk with 40GB. > > It won't do anything else but a dns slave for maybe 100 domains, mail > and squirrel for 10 domain, not more than 100 users with very low > volume. That's all. > > Can you give me your opinions on what would you? Honestly, so long as there is no GUI running, the only real difference I currently observe on machines that have the requirement to stay at this: %uname -a FreeBSD x.x.x 4.3-RELEASE FreeBSD 4.3-RELEASE #0: Sat Apr 21 10:54:49 GMT 2001 j...@narf.osd.bsdi.com:/usr/src/sys/compile/GENERIC i386 ...and something more current is that the more recent versions require much more thought put into the original size of the root (/) partition, particularly when you are used to performing source upgrades. Earlier versions required *much* less space. The performance difference is negligible, so long as though you plan on running the same processes, and still perform proper diligence in trimming your kernel config file appropriately. With upgrading to a more recent version, you garner the benefits of security patches, code efficiencies, ability to follow current standards/practices etc. Again... so long as the system won't change its overall process objectives, go to the recent production release, but instead of assigning 256M for /, throw 2G at it to be safe. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Mailing lists link in handbook redirects to......
On 2010.02.26 08:22, Leslie Jensen wrote: > > > On 2010-02-26 12:41, Glen Barber wrote: >> Hi, >> >> Leslie Jensen wrote: >>> This address >>> >>> http://searchportal.information.com/?o_id=94081&domainname=lists.freebsd.org >>> >>> >>> I'm trying to subscribe to freebsd-emulation but I end up at the above. >>> >>> I've tried via the handbook and direct url. Same result. Is this a new >>> behaviour? >>> >> >> Nope, the link works correctly for me. It's possible it's a DNS issue >> and >> your ISP does redirection to a search result page when it cannot find the >> domain. >> >> What IP returns from 'dig lists.freebsd.org'? >> >> Regards, >> > If I do > > host lists.freebsd.org > lists.freebsd.org is an alias for wwwdyn.freebsd.org. > wwwdyn.freebsd.org has address 69.147.83.38 > wwwdyn.freebsd.org has IPv6 address 2001:4f8:fff6::26 > wwwdyn.freebsd.org mail is handled by 0 > > And then use the url > > http://69.147.83.38/mailman/listinfo/freebsd-emulation > > I get > > -- > FreeBSD.org - Document not found I get the same thing as you over v4, but it works fine over v6. Let me know if you want me to push a sub request for you ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: vi question
On 2010.02.19 16:11, gahn wrote: > Hi, all: > > How could I use vi to repeat a word, say, 100 times in the same line, of > course with a space in between? Yes. Using the word 'this' as an example: 100ithis Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Jailcfg - A new tool for creating small(!) jails
Aiza wrote: > Christer Solskogen wrote: >> On Fri, Feb 12, 2010 at 2:39 AM, Aiza wrote: >> >>> Your URL dont work >>> >> >> Yes, it does :) But you need mercurial to get the source. >> But the project also have a "homepage" - >> http://code.google.com/p/jailcfg/ >> >> > Hay wake up. Nobody is going to install special software > just to review some simple script. Get a life. You don't know that. You came back at the OP who has made an attempt at contributing with a one-line message: "Your URL dont work". Nice description. It worked for me, and I assure you that there are people who will install software in order to review a contribution if they had to. What is wrong with your PC if I could view it, and you couldn't? How do you know that it's a simple script if the "...URL dont work"? Ignore the flames Christer... I've been on this list for ~10 years, and flamers as such generally go elsewhere very quickly. Keep up the good work! Steve ps. I'm a Perl person, so although I did have a look at the code, I'd be more apt to use/modify it if it wasn't a shell script, as I'm always looking for new ways of managing jails ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: documentation about enabling IPFW
Robert Huff wrote: > Can someone affirmatively verify that this part (30.6.1) of the > Handbook is correct? Particularly the last sentence. > Quote: > > IPFW is included in the basic FreeBSD install as a > separate run time loadable module. The system will > dynamically load the kernel module when the rc.conf > statement firewall_enable="YES" is used. There is no need > to compile IPFW into the FreeBSD kernel unless NAT > functionality is desired. Yes, it is correct. You can also load during runtime: # kldload ipfw.ko Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How can I copy the data of buf in kernel space to the uio structhre in user space.
Jun Furukawa wrote: > Hi, > For my research, I am now hooking the function vn_write(). [ big snip ] > How can I solve this problem? Subscribe to freebsd-hackers@, and post your message there. Hopefully they can help. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How far to go with jailing?
Jeff Mitchell wrote: > > Strikes me that setting up jails for bloody-well-every-other service > might be 'fun' .. ... > Jail the webserver; seems a logical break, and keep you honest for > your partitioning. No more ~/public_html to access it I suppose, but > much mroe secure for when people attack your wordpress etc. To us, ~/public_html is important, and needs to be considered for our primary domain. This is legacy, going back to 1995. > Jail the 'email services'; use fetchmail to pull down to the jail, > and IMAP and POP3 to serve the mail even to local clients; nice clean > email mini-server right there in the jail? On a home system, sounds great! > Jail SMB-serving, so if attacked it still can only serve the content > in the very well defined area. ...should be separated physically, IMHO, unless it's a home server. > Jail the mailing list (mailman etc) .. keep things nice and clean. > > But is setting up a whole stack of jails a pain? a performance > problem? or just un-necessary overkill? Or a good idea? Its a management pain. In a production ISP/hosting environment, you still have to treat each jail as if its a server. The more servers you have, the more maintenance and management you have. I don't think that there is an easy answer to what you're asking. Personally, I use jails to segregate top-level functions that I want to put into development and possibly further into production. - DNS - SMTP, IMAP, POP3 - authentication (RADIUS etc) - HTTP etc - software devel, web - software devel, non-web - devel software implementation, testing - "" "" inline with production - build processes (testing new features of FBSD) - stage area of test builds, prior to implementation - protocol testing (ie. IPv6) ...after that, I've always chosen to put each core critical function onto a separate physical server, and then replicate it to another physical server. However, I have been toying/researching the idea of replicating 'jails' across the network to separate physical hardware, as it would save physical space, hydro, network drops etc for each box that we have. Other than knowing what hardware we have in our PoPs, I use SSH to communicate with every device that I have, so if someone else set it up for me, I wouldn't know that it's a jail. Use jails to define boundaries. Don't get overzealous. I don't see the need to put each web hosting client within their own jail, unless you determine the risk warrants such. Same for email. If risk is that high, then that particular client should pay for collocation anyway ;) It comes down to what you can consider as your risk assessment. If you are just playing along at home, set up as many as you can, and test for yourself. Performance hit is dependent on the hardware that you are running. I don't notice any difference on a standard box with a couple of jails over one that doesn't have any... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SNMP of FreeBSD
Steven Friedrich wrote: > I want to find out what I can monitor with it. I don't know enough about it > to know if it will be useful to me. I'm an old hardware guy and I've been > Admin'ing my own systems for many years. I am having a hard time finding > pertinent documentation. > > I know one of the ports allows you to monitor the cpu, memory, etc. > > I already have a Superkaramba theme that has a StarTrek gauge for cpu, > memory, > swap, network in, network out, etc. > > I just want to know if SNMP has anything to offer me... ...out of curiosity, are you simply trying to gain info on your local machine that you are working from? I use SNMP for network management, so I assumed that from the beginning. If what you are looking for is gathering stats from only the hardware that you are working on, that is a bit of a different story. With that said, I may be able to provide configs for that, too. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SNMP of FreeBSD
Steven Friedrich wrote: > On Tuesday 26 January 2010 08:23:16 pm Steve Bertrand wrote: >> Steven Friedrich wrote: >>> I have three ports installed: >>> bsnmptools-0.0.20060818_2 Snmp client tools >>> mbrowse-0.3.1_8 An SNMP MIB Browser for X >>> net-snmp-5.4.2.1_6 An extendable SNMP implementation >>> >>> I got a few errors after initial install. >>> >>> I don't know what pieces of snmp I want. >>> I used the sample snmp.config from the /usr/src tree. >>> I changed the name of the public community name. >>> I uncommented the netgraph and pf lines and maybe even others 8o) >>> >>> I got rid of the errors on the console, except for this Warning: >>> WARNING: attempt to domain_add(netgraph) after domainfinalize() >>> >>> Perhaps this is a bug in the example snmp.config I'm using? >>> What client(s) tools should I look at? >> What is it exactly that you need/want SNMP for? >> >> If for client only, what do you need to poll? >> >> Steve >> > I want to find out what I can monitor with it. I don't know enough about it > to know if it will be useful to me. I'm an old hardware guy and I've been > Admin'ing my own systems for many years. I am having a hard time finding > pertinent documentation. > > I know one of the ports allows you to monitor the cpu, memory, etc. > > I already have a Superkaramba theme that has a StarTrek gauge for cpu, > memory, > swap, network in, network out, etc. > > I just want to know if SNMP has anything to offer me... Personally, I use SNMP for read-only network gathering information. Depending on the device you are trying to poll, you can generally retrieve almost all information from a device. What you have described that you have already seems like SNMP. Can you give an example of a device that you want to 'test' against? Assuming that you have an SNMP v2 device available for polling, try this on your FreeBSD box: # pkg_add -r net-snmp # rehash # snmpwalk -v2c -c your_ro_community ip_or_name_of_device If you want specifics to test against, let me know off-list, and I'll give you a Cisco router to poll. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SNMP of FreeBSD
Steven Friedrich wrote: > I'm running 8-Stable, and ports are current. > > I'm installing snmp support, mostly just to investigate it. > > I have three ports installed: > bsnmptools-0.0.20060818_2 Snmp client tools > mbrowse-0.3.1_8 An SNMP MIB Browser for X > net-snmp-5.4.2.1_6 An extendable SNMP implementation > > I got a few errors after initial install. > > I don't know what pieces of snmp I want. > I used the sample snmp.config from the /usr/src tree. > I changed the name of the public community name. > I uncommented the netgraph and pf lines and maybe even others 8o) > > I got rid of the errors on the console, except for this Warning: > WARNING: attempt to domain_add(netgraph) after domainfinalize() > > Perhaps this is a bug in the example snmp.config I'm using? > What client(s) tools should I look at? What is it exactly that you need/want SNMP for? If for client only, what do you need to poll? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Help booting FreeBSD with a ZFS root filesystem
krad wrote: > 2010/1/26 Ross Penner > >> That seems to have been the problem. >> >> Thanks for the help. >> >> On Mon, Jan 25, 2010 at 5:29 PM, George Liaskos >> wrote: >>> I had the same issue because i forgot to copy the zpool.cache under >>> /zroot/boot/zfs. > once you have generated the zpool.cache never never never export the boot > pool again. Exporting isnt the same as unmounting (a common misconception). > If you do export it the pool will become unbootable. Out of curiosity (because I had this problem a few weeks back), how does one move a bootable pool into another physical server in order to be able to see the pool as a 'data' set without exporting/importing, and then moving the pool back to the hardware that it normally boots from? Perhaps I was lucky when copying the cache back onto itself worked... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ssh to root
Aryeh M. Friedman wrote: > I need to set up a machine so that I can type "ssh [host]" as root from > some other host and I get a prompt with super user privs... I already > have set this up for u...@host for root and ssh host for normal users... > but root still asks for a password after I set the authorized_keys file > in ~root/.ssh.. I have looked at ssh_config(5) but can't tell what > option (if any) does this... if anyone is coruious the final goal here > is to set up a sysutils/fusefs-ssh for this host (already installed and > working for normal users but want to make it so it is done as root) Don't do it. *never* permit root-level access directly to *any* of your equipment. You want to provide as many levels of escalation to root level as you can, no matter what protocol you are using. Auth in as a normal user (as you stated is already working), and then use sudo(8) to escalate yourself. If you can already "ssh [host]" as a normal user, then you already have the concept of keys. You can automate the escalation after you've authenticated, and then do what you want to do. Seriously... ...don't do it. Steve ps. # pkg_add -r sudo # rehash # man sudo Then, when/if you have problems with specific functions that need root privileges, ask those questions here instead. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
High availability SQL server setup
Hi all, For some time, I've been considering consolidating all/most of our SQL databases (all MySQL) onto a single dedicated cluster setup. I'm looking for feedback on the best way to do this. All of the options I've considered so far have both their drawbacks and benefits. From what I can tell, there's no one single way to be able to have everything that I want. Off the bat, I haven't found a way to create a cluster that can have more than one host in the cluster writable. My objective would be to start with two very high end boxes. One would sit in my primary location, the other a few blocks away over a gi fibre link. I would want the remote box to pick up immediately if the master server fails. I figure I could achieve this using network trickery for IP failover, CARP or the like and span a couple of vlans across the fibre. I would want each SQL server connected to separate edge routers to ensure both server and network resilience. Each box has two GigE NICs, so off the bat, I'd have each box doing VRRP to two separate edge gear at each location. My concern is, is that I can't envision how both boxes could possibly stay in a continuous state that would allow such fail-over, and fail-back. (fail-back is less of a concern...if it comes to it, I'd rebuild by hand if necessary). I've considered ZFS replication, but there could be several minutes worth of snapshot missing if the primary fails. I already have MySQL replication in many spots, but that's only one write master and read-only slaves. Can you provide any details or new ideas that I'm missing in order to have the holy grail of SQL redundancy? Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Automatic Network Settings at New Location
Diego Montalvo wrote: > weird, I had restarted FreeBSD, and did not work, needed to completely > close down, reopen virtualbox and relaunch FreeBSD... DHCP kicked > in! Danke! Niets te danken ;) I didn't know that you were using Virtualbox. Since I've never used it before, I don't know how that would affect the config loadup. After re-re-reading your original post, I figured you must of had the rc.conf setting in place, or else it wouldn't have worked in the first place. Out of curiosity, does re-running `dhclient` rectify the situation when moving between different networks, without a cold start? fwiw, other than a couple of lab boxes, I don't have any FBSD boxes that are on DHCP... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Automatic Network Settings at New Location
Steve Bertrand wrote: > Diego Montalvo wrote: >> I am temporarily at a different location for the next day or so, and >> need to connect to the internet via FreeBSD. My initial Network >> settings where detected during setup using DCHP. How do can I have >> FreeBSD automatically detect the new network settings via DCHP? > > # dhclient Whoops! I think I misread that. How about setting: ifconfig_em0="DHCP" ...in rc.conf, where em0 is your NIC? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Automatic Network Settings at New Location
Diego Montalvo wrote: > I am temporarily at a different location for the next day or so, and > need to connect to the internet via FreeBSD. My initial Network > settings where detected during setup using DCHP. How do can I have > FreeBSD automatically detect the new network settings via DCHP? # dhclient Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Can't mountroot from ZFS pool
krad wrote: > > > 2010/1/11 Steve Bertrand mailto:st...@ibctech.ca>> > > All, > > I've successfully upgraded the disks in my ZFS backup server, and can > import/mount the pool properly. > > However, I designed this box originally so that it mounts / from > zfs:storage after booting from a USB stick. > > After the upgrade of the disks, I'm stuck at a mountroot prompt when I > attempt to boot the system with the original USB /boot key. > > Can someone inform me how to find the / filesystem at the mountroot > prompt? If not, is there *any* way to boot the system normally from > another medium, and then 'reload' the system with the ZFS / after its > been mounted so that the system functions as designed (ie. cron > works etc)? > did you export the pool at all before rebooting it? Yes, I did. I just finally got it resolved :) It appears as though by importing the zpool onto another system obsoleted the cache file on the original USB /boot disk. I exported, then imported the pool on the secondary system, then copied the cache file into the /boot/zfs directory on my original boot medium. Things are now working again, and I have all of my new storage and original data in place! Thanks for all the help! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Can't mountroot from ZFS pool
All, I've successfully upgraded the disks in my ZFS backup server, and can import/mount the pool properly. However, I designed this box originally so that it mounts / from zfs:storage after booting from a USB stick. After the upgrade of the disks, I'm stuck at a mountroot prompt when I attempt to boot the system with the original USB /boot key. Can someone inform me how to find the / filesystem at the mountroot prompt? If not, is there *any* way to boot the system normally from another medium, and then 'reload' the system with the ZFS / after its been mounted so that the system functions as designed (ie. cron works etc)? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sshfs, nfs, etc. on FreeBSD
Steve Bertrand wrote: > Nerius Landys wrote: >> I'm looking for a lightweight, secure, and non-intrusive file sharing >> system for 2 servers in a data center. For example I'd like to [as an >> ordinary user] temporarily mount the home directory (/usr/home/) of >> one server to a temporary mount point on the other server, and then, >> assuming my user has sufficient read permissions, I'd like to run some >> files in the home directories through a log file parser that I wrote. >> >> Now I'm not a really big fan of NFS. I've just heard about sshfs. > > Perhaps it would make it easier to understand if you stated *why* you > are not a fan of NFS... > >> I don't really want to scp >> copy files between the 2 servers. > > What is/would be your preferred method of transferring files? dragging > and dropping like in Windows, or will this be CLI-only access/usage? > > iow, what 'style' of access are you looking for? ps. fwiw, if your parser is the only reason for this over-the-network access (ie. its a one-off thing), you could use that to your advantage and write that into your application. This is *trivially* easy if you are using Perl ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sshfs, nfs, etc. on FreeBSD
Nerius Landys wrote: > I'm looking for a lightweight, secure, and non-intrusive file sharing > system for 2 servers in a data center. For example I'd like to [as an > ordinary user] temporarily mount the home directory (/usr/home/) of > one server to a temporary mount point on the other server, and then, > assuming my user has sufficient read permissions, I'd like to run some > files in the home directories through a log file parser that I wrote. > > Now I'm not a really big fan of NFS. I've just heard about sshfs. Perhaps it would make it easier to understand if you stated *why* you are not a fan of NFS... > I don't really want to scp > copy files between the 2 servers. What is/would be your preferred method of transferring files? dragging and dropping like in Windows, or will this be CLI-only access/usage? iow, what 'style' of access are you looking for? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Replacing disks in a ZFS pool
Steve Bertrand wrote: > krad wrote: > >>>> the idea of using this type of label instead of the disk names >>> themselves. >>> >>> I personally haven't run into any bad problems using the full device, but >>> I suppose it could be a problem. (Side note - geom should learn how to >>> parse zfs labels so it could create something like /dev/zfs/ for >>> device nodes instead of using other trickery) >>> >>>> How should I proceed? I'm assuming something like this: >>>> >>>> - add the new 1.5TB drives into the existing, running system >>>> - GPT label them >>>> - use 'zpool replace' to replace one drive at a time, allowing the pool >>>> to rebuild after each drive is replaced >>>> - once all four drives are complete, shut down the system, remove the >>>> four original drives, and connect the four new ones where the old ones >>> were >>> >>> If you have enough ports to bring all eight drives online at once, I would >>> recommend using 'zfs send' rather than the replacement. That way you'll >>> get something like a "burn-in" on your new drives, and I believe it will >>> probably be faster than the replacement process. Even on an active system, >>> you can use a couple of incremental snapshots and reduce the downtime to a >>> bare minimum. >>> >>> >> Surely it would be better to attach the drives either individually or as a >> matching vdev (assuming they can all run at once), then break the mirror >> after its resilvered. Far less work and far less liekly to miss something. >> >> What I have done with my system is label the drives up with a coloured >> sticker then create a glabel for the device. I then add the glabels to the >> zpool. Makes it very easy to identify the drives. > > Ok. Unfortunately, the box only has four SATA ports. > > Can I: > > - shut down > - replace a single existing drive with a new one (breaking the RAID) > - boot back up > - gpt label the new disk > - import the new gpt labelled disk > - rebuild array > - rinse, repeat three more times > This seems to work ok: # zpool offline storage ad6 # halt & replace disk, and start machine # zpool online storage ad6 # zpool replace storage ad6 I don't know enough about gpt/gpart to be able to work that into the mix. I would much prefer to have gpt labels as opposed to disk names, but alas. fwiw, can I label an entire disk (such as ad6) with gpt, without having to install boot blocks etc? I was hoping it would be as easy as: # gpt create -f ad6 # gpt label -l disk1 ad6 ...but it doesn't work. Neither does: # gpart create -s gpt ad6 # gpart add -t freebsd-zfs -l disk1 ad6 I'd like to do this so I don't have to manually specify a size to use. I just want the system to Do The Right Thing, which in this case, would be to just use the entire disk. Steve > If so, is there anything I should do prior to the initial drive > replacement, or will simulating the drive failure be ok? > > Steve > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Replacing disks in a ZFS pool
krad wrote: >>> the idea of using this type of label instead of the disk names >> themselves. >> >> I personally haven't run into any bad problems using the full device, but >> I suppose it could be a problem. (Side note - geom should learn how to >> parse zfs labels so it could create something like /dev/zfs/ for >> device nodes instead of using other trickery) >> >>> How should I proceed? I'm assuming something like this: >>> >>> - add the new 1.5TB drives into the existing, running system >>> - GPT label them >>> - use 'zpool replace' to replace one drive at a time, allowing the pool >>> to rebuild after each drive is replaced >>> - once all four drives are complete, shut down the system, remove the >>> four original drives, and connect the four new ones where the old ones >> were >> >> If you have enough ports to bring all eight drives online at once, I would >> recommend using 'zfs send' rather than the replacement. That way you'll >> get something like a "burn-in" on your new drives, and I believe it will >> probably be faster than the replacement process. Even on an active system, >> you can use a couple of incremental snapshots and reduce the downtime to a >> bare minimum. >> >> > Surely it would be better to attach the drives either individually or as a > matching vdev (assuming they can all run at once), then break the mirror > after its resilvered. Far less work and far less liekly to miss something. > > What I have done with my system is label the drives up with a coloured > sticker then create a glabel for the device. I then add the glabels to the > zpool. Makes it very easy to identify the drives. Ok. Unfortunately, the box only has four SATA ports. Can I: - shut down - replace a single existing drive with a new one (breaking the RAID) - boot back up - gpt label the new disk - import the new gpt labelled disk - rebuild array - rinse, repeat three more times If so, is there anything I should do prior to the initial drive replacement, or will simulating the drive failure be ok? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD ipv6 rc.conf settings issue
Matthew Seaman wrote: > Steve Bertrand wrote: > >> Hmmm. This config does not work: >> >> ifconfig_re0="inet 208.70.104.210 netmask 255.255.255.192" >> ifconfig_re0_alias0="inet 208.70.104.211 netmask 255.255.255.255" >> ifconfig_re0_alias1="inet6 2607:f118::b6 prefixlen 64" >> ifconfig_re0_alias2="inet6 2607:f118::b7 prefixlen 64" > > Yep. Try it like this: > > ifconfig_re0="inet 208.70.104.210 netmask 255.255.255.192" > ifconfig_re0_alias0="inet 208.70.104.211 netmask 255.255.255.255" > ipv6_ifconfig_re0="2607:f118::b6 prefixlen 64" > ipv6_ifconfig_re0_alias0="2607:f118::b7 prefixlen 64" The above works. > or, even better, like this: > > ipv4_addrs_re0="208.70.104.210/26 208.70.104.211/26" > ipv6_addrs_re0="2607:f118::b6/64 2607:f118::b7/64" Unfortunately, that one does not. I do not get any IPv6 addresses configured. I didn't re-try my original configuration, but I will at another time. Both of your recommendations failed until I entered ipv6_enable="YES" in /etc/rc.conf. I did not have this line prior, yet the addresses were successfully applied, just no default gateway. Either way, thanks much :) I will try out your second recommendation again in the future. For now, problem resolved. Cheers! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD ipv6 rc.conf settings issue
Matthew Seaman wrote: > Steve Bertrand wrote: > >> Hmmm. This config does not work: >> >> ifconfig_re0="inet 208.70.104.210 netmask 255.255.255.192" >> ifconfig_re0_alias0="inet 208.70.104.211 netmask 255.255.255.255" >> ifconfig_re0_alias1="inet6 2607:f118::b6 prefixlen 64" >> ifconfig_re0_alias2="inet6 2607:f118::b7 prefixlen 64" > > Yep. Try it like this: > > ifconfig_re0="inet 208.70.104.210 netmask 255.255.255.192" > ifconfig_re0_alias0="inet 208.70.104.211 netmask 255.255.255.255" > ipv6_ifconfig_re0="2607:f118::b6 prefixlen 64" > ipv6_ifconfig_re0_alias0="2607:f118::b7 prefixlen 64" > > or, even better, like this: > > ipv4_addrs_re0="208.70.104.210/26 208.70.104.211/26" > ipv6_addrs_re0="2607:f118::b6/64 2607:f118::b7/64" > > You can make the 2nd address in each case a /32 or /128 if you want, > but the requirement for having 2nd and subsequent addresses from a > netblock have a different netmask than the initial address on that NIC > has gone away. I thought I read that some time ago... This particular box is my MTA that I use for all of my personal email, so I'll get on the console, input the new settings reboot and let you know how it wor... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD ipv6 rc.conf settings issue
Matthew Seaman wrote: > Steve Bertrand wrote: > Funny. My IPv6 config works like a charm, on both 7.2-STABLE and > 8.0-STABLE. Related config settings look like this: > > gif_interfaces="gif0" > gifconfig_gif0="81.187.76.162 81.187.81.6" > > ipv6_ifconfig_gif0="2001:08b0:0151:0001::1/64" > ipv6_prefix_de0="2001:08b0:0151:0001" > > ipv6_enable="YES" > ipv6_defaultrouter="-interface gif0" > ipv6_default_interface="gif0" > ipv6_gateway_enable="YES" > > rtadvd_enable="YES" > rtadvd_interfaces="de0" > > This causes my machine to autoconfigure an IPv6 address on the ethernet > i/f, plus provide rtadvd service to anything else wanting IPv6 connectivity > on my home LAN. IPv6 traffic from the home LAN is routed via the tunnel to > the IPv6 tunnel handler provided by my ISP, but the only reason I need > to do > that is because IPv6 aware consumer broadband routers are kind of hard to > obtain. Hmmm. This config does not work: ifconfig_re0="inet 208.70.104.210 netmask 255.255.255.192" ifconfig_re0_alias0="inet 208.70.104.211 netmask 255.255.255.255" ifconfig_re0_alias1="inet6 2607:f118::b6 prefixlen 64" ifconfig_re0_alias2="inet6 2607:f118::b7 prefixlen 64" defaultrouter="208.70.104.193" ipv6_defaultrouter="2607:f118::1" I've got native v6. The above particular box is one of only a couple that have more than a single IP per protocol. The rest are generic, one v4 and one v6 address. Admittedly, I haven't spent much time at all on the issue, as my solution is simply to not let the boxes go down :) % uptime 10:52AM up 727 days, 3:11, 6 users, load averages: 0.19, 0.19, 0.24 %uptime 10:54AM up 549 days, 8:38, 1 user, load averages: 0.12, 0.16, 0.26 ...seriously, all of my other FreeBSD boxes receive proper updates etc, and the only time they are rebooted is when someone is at the console (or right nearby) and can manually enter in the default route. My FreeBSD routers running Quagga don't have this issue, presumably because they're in the DFZ, and acquire all routing info dynamically. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD ipv6 rc.conf settings issue
Bogdan Webb wrote: > I'm having problems with the /etc/rc.conf setup of a ipv6 tunnel on my > FreeBSD 7.2-RELEASE-p6 > It`s a particular issue on the ipv6_defaultrouter config, it jost does not > work... > Upon network and routing restart ipv6 is enabled the gif interface are given > ip's and everything but the defaultrouter does not. > Researching a bit i found some say that gif1 sould work and tried both > ipv6_defaultrouter="-interface gif1" > and > ipv6_defaultrouter="2001:0470:1f0a:d40::1" This issue is not limited to gif interfaces... I've had this exact same problem on ALL of my FreeBSD hosts for, well, since ever. No matter what I've tried, if a box reboots, I must manually enter in the default IPv6 router. Even on IPv6-only hosts, the default gateway does not take upon reboot. I'm up for figuring this issue out today, if nobody else has a solution for you. Let me know. If you're interested, I'll fire up a couple of hosts that we can use and just continuously reboot if necessary :) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Replacing disks in a ZFS pool
Hi everyone, I've got a 7.2 system with four 500GB drives, originally built thusly: # zpool history History for 'storage': 2008-07-11.23:15:40 zpool create storage raidz ad4 ad5 ad6 ad7 I just bought four 1.5TB drives, in which I want to use to replace the 500GBs. Also, I've been loosely following some of the GPT threads, and I like the idea of using this type of label instead of the disk names themselves. How should I proceed? I'm assuming something like this: - add the new 1.5TB drives into the existing, running system - GPT label them - use 'zpool replace' to replace one drive at a time, allowing the pool to rebuild after each drive is replaced - once all four drives are complete, shut down the system, remove the four original drives, and connect the four new ones where the old ones were My understanding is, is that once the new labels are in place, I don't have to worry about the fact that the device name has been changed (eg ad8 to ad4), the system doesn't care anymore about that. Is this correct? Any other advice/tips that those experienced can share with me? Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Adding an alias to .cshrc
Glen Barber wrote: > Hi Steve > > On Tue, Dec 29, 2009 at 7:50 PM, Steve Bertrand wrote: >> Hi all, happy holidays! >> >> I want to add an alias to my .cshrc file: >> >> alias srm find . -name "*~" | xargs rm >> > > Try enclosing it in quotes, such as: > >alias srm "find . -name \"*~\" | xargs rm" This works. Instead of escaping, I just encapsulated within single-quotes: acct-dev: ISP-RADIUS % grep srm /home/steve/.cshrc alias srm '/usr/bin/find . -name "*~" | /usr/bin/xargs rm' Olivier: I didn't test your theory, but thanks for the tip. I've just become accustomed over the years to use xargs when making bulk rm's ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Adding an alias to .cshrc
Hi all, happy holidays! I want to add an alias to my .cshrc file: alias srm find . -name "*~" | xargs rm ...so that I have an easy way to remove the temp files left by svn. After adding the alias, logging out and then back in, I get an error stating: acct-dev: ISP-RADIUS % srm srm: Command not found. I thought that perhaps the file wasn't being read upon login, so I appended a new alias underneath: alias srm find . -name "*~" | xargs rm alias sll ls -lA ...which works fine when called after re-login. I even went as far as to prefix the find/xargs command with full paths, to no avail. Is this a problem with the pipe in the alias directive? The command works on the CLI, as I literally copy/pasted it into the .cshrc file. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Starting sshd, ssh connections
Jonathan Chen wrote: > On Tue, Dec 29, 2009 at 07:04:24PM +0100, n dhert wrote: >> On a newly installed FreeBSD7.2, when booting it takes a long time to get >> past "Starting sshd.". >> I'm using the PC only in a private network. The IP of the PC is 192.168.75.8 >> # ssh r...@192.168.75.8 >> or # ssh r...@127.0.0.1 >> take both 15 seconds to display >> Password: ... >> At setup, I did specify a hostname, a domainname, a default_router >> (192.168.75.14) and >> DNS server 192.168.254.100 (in the future to be replace by non-private IPs), >> >> but since I am testing only in a private network and only with IP adresses >> (no hostnames) >> these are not used. >> So what is causing that delay at Start of sshd and use of ssh? > > Reverse DNS lookup. Make sure you have PTR entries for all IPs in use. Or, in the case of an internal-only IP scheme, where configuring rDNS entries is not possible/not feasible, you can disable DNS lookups in the /etc/ssh/sshd_config file by uncommenting and setting: UseDNS no Restart the sshd daemon for the change to take effect. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: is this getting out?
Gary Kline wrote: > ariatotle is offline; i'm exclusively on my new server. will somebody please > do a digg thought.org and see if they see what i see? > > hope i get this. % whois thought.org Name Server:NS1.THOUGHT.ORG Name Server:ETHIC.THOUGHT.ORG % dig ns1.thought.org ;; ANSWER SECTION: ns1.thought.org.38283 IN A 209.180.213.210 % dig ethic.thought.org ;; ANSWER SECTION: ethic.thought.org. 38235 IN A 209.180.213.210 % ping ns1.thought.org PING ns1.thought.org (209.180.213.210): 56 data bytes 64 bytes from 209.180.213.210: icmp_seq=0 ttl=56 time=123.861 ms ^C % ping ethic.thought.org PING ethic.thought.org (209.180.213.210): 56 data bytes 64 bytes from 209.180.213.210: icmp_seq=0 ttl=56 time=124.585 ms ^C % dig mx @ns1.thought.org thought.org ...ok % dig mx @ethic.thought.org thought.org ...ok The only problems I see are that a) you don't have an a record for the domain name itself b) both of your name servers are located on a single IP Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Root exploit for FreeBSD
Jerry wrote: > Out of pure morbid curiosity, would you please answer this question for > me. > > You work for a corporation that specifically requires the use of > a specific OS, the OS itself is not material to this question. It also > forbids the use of any unauthorized OS or equipment on the companies > network. You decide to ignore their directives and eventually: > > 1) Get caught > 2) Cause a problem with the company's network, etc. > > Now, when you get fired and possible charged with a crime, do you: > > 1) Cry and bitch that they are being unfair? > 2) Accept the fact that you deserved to be dismissed? Accept, humbly. The majority of companies that I have worked for that have a 'policy', have a 'policy' that is extremely spread thin. Personally, I've never _breached_ policy... I've always expressed to the proper level of management as to *why* something needs to be done differently. With that said, again, in your case, I'll resign, gleefully, as my next contract picks me up for being diligent. > Where I use to work, two or three employees were fired each year > because they thought they knew more than everyone else. They failed to > realize that they were being compensated to do what they were told and > not what they thought they should be doing. Then the managers have the wrong attitude...completely. I will only allow myself to be hired as an employee or contractor if the person hiring me is doing so because they expect to gain something from my knowledge and experience. Only a monkey is paid to do what they are told. I don't do that. I couldn't do that. If that is what you do, I feel sorry for you. > The bottom line is if they > are not smart enough to follow company directives, they are certainly > not capable of instigating their own protocol. ...companies that enforce their staff to do what they are told will collapse. People who take their pay cheque just because they sit there and do what they are told hate their job. I love my job, I love my work. I am underpaid, but I do what I *LOVE*. I direct our company through innovation, ingenuity, integrity and risk. If I had to sit at a desk and do the same thing every day because my company told me to, I'd rather. never mind... it'll be archived. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Root exploit for FreeBSD
Bill Moran wrote: > In response to Anton Shterenlikht : > >> >From my information security manager: >> >> FreeBSD isn't much used within the University (I understand) and has a >> (comparatively) poor security record. Most recently, for example: >> >> >> http://www.h-online.com/security/news/item/Root-exploit-for-FreeBSD-873352.html > > Are you trying to make your infosec guy look like an idiot? He doesn't really have to _try_, does he? I have always thought that an infosec person should *know* what they have running within their own network, and furthermore, gather his comparative analysis from somewhere other than the dept-of-some-guys-blog. Perhaps these are not the job requirements of a security person. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Apache22 + Subversion 1.6.6 = No go.
Glen Johnson wrote: I just happened to notice something in the log as I was about to go off and check my own setup: > [Thu Nov 19 09:36:10 2009] [error] [client 192.168.2.12] > (20014)Internal > error: Can't open file '/usr/home/svn/repos/default/format': No such > file or directory ...and then: >> - - Please post the output of "ls -laR /usr/home/svn/repos" > total 24 > drwxrwxrwx 10 www www 512 Nov 20 08:48 ./ > drwxrwxrwx 5 root www 512 Nov 20 08:46 ../ > drwxrwxrwx 6 www www 512 Nov 20 08:48 .svn/ > -rwxrwxrwx 1 www www 229 Nov 20 08:46 README.txt* > drwxrwxrwx 3 www www 512 Nov 20 08:48 branches/ > drwxrwxrwx 2 www www 512 Nov 20 08:46 conf/ > drwxrwxrwx 6 www www 512 Nov 20 09:01 db/ > -rwxrwxrwx 1 www www2 Nov 20 08:46 format* > drwxrwxrwx 2 www www 512 Nov 20 08:46 hooks/ > drwxrwxrwx 2 www www 512 Nov 20 08:46 locks/ > drwxrwxrwx 3 www www 512 Nov 20 08:48 tags/ > drwxrwxrwx 3 www www 512 Nov 20 08:48 trunk/ You do not have a 'default' directory. 'format' is in the root of the repository. Whether this is causing you your grief is unknown to me, but perhaps it might provide clue. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Measuring disk I/O
Nerius Landys wrote: > A friend and I are working on a small video-game related project as a > hobby. We're running several scripts 24/7 that make lots of calls to > a MySQL database. The mysql server process shows an average CPU use > of 1% (reported by top) and it never goes above about 2% The tables > it's hitting are myisam tables. I'm a little bit worried that the > mysql process is using a lot of disk access. I don't know too much > about hard disks but my feeling is that too much disk use could slow > the machine down or cause a premature hard disk failure. WD Raptor > model. > > I don't know if my concerns are well-founded, but I would like to > measure impact on the hard disk somehow. I don't know how to see disk > I/O. I do know how to use top. How do I measure disk I/O? Any other > thoughts? Perhaps gstat(8) will help you get started: # gstat -a dT: 1.001s w: 1.000s L(q) ops/sr/s kBps ms/rw/s kBps ms/w %busy Name 4176114 10261 14.9 62607 25.4 96.8| ar0 4177115 10389 17.8 62607 26.5 100.0| ar0.eli 1 34 34527 30.8 0 00.0 99.1| ar0.elie 2 66 4 16 20.5 62607 26.6 98.0| ar0.elif 1 77 77 9845 12.1 0 00.0 93.0| ar0.elig ...or on ZFS: # zpool iostat 1 capacity operationsbandwidth pool used avail read write read write -- - - - - - - storage 1.39T 440G 0771 0 96.4M storage 1.39T 440G 0 1.05K 4.42K 126M Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: howto use https in favour of http
Alexander Best wrote: > Olivier Nicole schrieb am 2009-10-27: >> Hi, > >>> i've added the following line to my /etc/hosts: > >>> permail.uni-muenster.de:25 permail.uni-muenster.de:443 > >>> so what i want is for freebsd to never use http, but https for that >>> address. >>> unfortunately hosts doesn't seem to support this syntax. > >> De3finitely not. man hosts to see the syntax and meaning of the >> /etc/hosts file. > >>> any advice on how to do this? > >> I am not sure what you want to do. You want to install a web server >> that only serves https? then you configure your web server to only >> serve https, in Apache configuration you would only have a >> >> and none with port 80. > >> Best regards, > >> Olivier > > sorry if i didn't specify my problem in detail. > > i'm not using a webserver or anything. i'm just a regular user. the point is: > i often forget to specify https://... for that specific address in apps like > lynx or firefox. that's why the non-ssl version of that site is being loaded. > i'd like freebsd to take care of this so even if the app is trying to access > the non-ssl version it should in fact be redirected to the ssl version by > freebsd. I thought that this is what you were originally after. FreeBSD, in itself, can't do this... much like Mac OS or Windows can't do this. Most applications such as Firefox can't even do this (inherently). If you are trying to enforce this as a personal/company policy, you will need to write a 'wrapper' around your application (lynx/firefox) to do this. Note that your example was :25->:443, which implied SMTP over SSL... Nonetheless, FreeBSD can't make these decisions inherently (thankfully). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: howto use https in favour of http
Alexander Best wrote: > hi there, > > i've added the following line to my /etc/hosts: > > permail.uni-muenster.de:25 permail.uni-muenster.de:443 > > so what i want is for freebsd to never use http, but https for that address. > unfortunately hosts doesn't seem to support this syntax. It doesn't work that way. The 'hosts' file resolves a name to an IP address. I can see what you want to do here, but to get there, you must provide in your own words what it is you want exactly... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: bind configuration issues
Ray Still wrote: > Ok, > tell me just how nuts this idea is. In addition to my other post: I like your mentality of trying to do whatever you can to create redundancy. I've often tried to think of ways to use DNS to make things redundant and resilient. Keep up trying new ways to stretch things in ways people may not have expected. You never know what you may stumble across one day. Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: bind configuration issues
Ray Still wrote: > Ok, > tell me just how nuts this idea is. imho, your thought-process is not nuts. I can see what you are trying to do, so kudos given for trying to work it out with what you have. > To recap, two pipes, one destination. > I set up second DNS server. > ns1.example.com at 70.65. (provider 1) > ns2.example.com at 206.75(provider 2) > A records for example.org on ns1 will give 70.65. > on ns2 206.75 > if provider one goes down, ns1 is gone, ns2 is still available, and so > is the route to the sites. Note: I haven't followed the entire thread... Remember that no matter where your name servers are located, they both will hold the same information (if they don't, then shame on you, as you just broke scalability). This means that other caching servers all over the 'net may have either entry. Some ISP's name servers will cache records even longer than what your TTL is set to without trying to re-check (shame on them). Hence, you can never count on using DNS naming as a tactic for redundancy. > It's not the best solution, but it's better than what I have. If I understand your conundrum properly (one server with an internal IP, with NAT in front of it, port-forwarded back aliased from two separate ISP public IPs), then, at minimum, here's how you can essentially 'halve' the damage: - set up your DNS servers in a proper master/slave configuration - configure your 'A' records in a round-robin setup. I'll assume your zone is ibctech.ca, and that your $TTL is 360: www IN A 208.70.104.210 www IN A 208.70.104.211 (yes, I know 360 puts pressure on everyone else, but this is for example purposes). If I know I will need to make DNS changes in advance for a domain, I'll set the TTL to 360 (secs) long before the changes need to be made. Then, I can make the changes, and if caching resolvers are Doing The Right Thing, they will pick up these changes after five minutes. If you have a domain that is high-traffic, don't do this. I'd like to emphasize that a low ttl puts pressure on every DNS caching server on the Internet that must look up information on your domain. With that said, with a 5 min ttl, in the event of an outage, you can hop onto your authoritative DNS server, switch BOTH A records to point to the working IP, and the rest of the 'net 'should' be able to see those changes within five minutes (again, if they obey your ttl). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Why is sendmail is part of the system and not a package?
Yuri wrote: > It's in /usr/sbin/sendmail. > > How many people actually use it? Very few. Are you sure about that? AFAIK, all system reports are sent with the sendmail binary. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
Neal Hogan wrote: Aha! Gotcha! Whoever wrote that has made an unintentionnal booboo. It is a subtle difference and is indicative that whoever wrote it is not a native english user... the meaning is clearly "should be executed, done, carried out, performed" - should work means it can be carried out - I think the author meant to say "should not be done" >>> I'm a native English speaker, and the manual makes perfect sense to me. >>> It's very clear to me that since the statement is in the BUGS section, >>> it means that the utility should, but doesn't. Since it follows a >>> statement that the utility doesn't, the meaning is unambiguous. >> fwiw, upon first reading, I got the exact same impression about the >> writing under its context as Bob did. >> > > Am I the only one annoyed by the monthly PJ soap-operas. It seems that > we get a ridiculous installment from this guy who bites off more than > he can chew and then complains that it's too big every full (or is it > fool) moon (28 day cycle . . . sorry obvious,stupid joke). Hadn't really paid attention. > The patience he gets from folks on this list should be commended, but > questioned. In what sense is the community benefited from the dramatic > "life-story" of an ungrateful novice? This guy puts forth his > problem(s) only to update the list at every small/backward step and > then ultimately offer something offensive such that the devs can't > speak English. The benefit(s)? If there are other long-term members who agree with what you are getting at, then I'd say that the benefits are that it shows to newcomers that no matter what, you'll always receive a respectable and educated response. It also shows that it doesn't matter what the poster's name is, or what language they speak in, that those who love FreeBSD for what it is will always bleed their souls to help them out, at any cost. What is learned from hard work is better passed on to someone else. Mia casa e tua casa, as my best friend's father always says. (my house is your house). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
PJ wrote: > Steve Bertrand wrote: >> PJ wrote: >> >>> Polytropon wrote: >>> >>>> On Fri, 16 Oct 2009 17:54:23 -0400, PJ wrote: >>>> >> >>>>> but from man tunefs: >>>>> BUGS >>>>> This utility should work on active file systems. >>>>> What in hades does this mean--just above it says cannot be run on active >>>>> file systems. ??? >>>>> >>>>> >>>> It "should". This means: Don't try that. :-) >>>> >>>> My printer isn't printing! >>>> But it should. >>>> No, it is not printing! >>>> Yes, but it should. >>>> :-) >>>> >>>> >>>> >>> Aha! Gotcha! Whoever wrote that has made an unintentionnal booboo. It is >>> a subtle difference and is indicative that whoever wrote it is not a >>> native english user... the meaning is clearly "should be executed, done, >>> carried out, performed" - should work means it can be carried out - I >>> think the author meant to say "should not be done" >>> >> If you feel that you've found a 'bug' within the manual/documentation of >> a piece of software or function, I highly recommend that you pass it by >> other users/developers ( as you've kind-of done here ), and then contact >> the person who is normally listed in the AUTHOR section of the man page >> after you get a consensus on whether the manual, the code or you have >> the bug :) >> >> If you believe the problem is an engish-linguistic one (and the man page >> is written in english), let the author know this. Provide the correct >> verbiage, and an explanation of what your words mean compared to theirs >> (remember, english may not be their first language). >> >> Also, take a look at RFC 2119 for the keyword 'SHOULD' and 'SHOULD NOT'. >> RFC 2119 is highly regarded as the authority for many keywords, and a >> quick reference of it may help when trying to explain to an author where >> you feel their documentation is incorrect (or lacking). >> >> Cheers, >> >> Steve >> >> > It is simple to understand Emglish but not so simple what was meant by > whoever wrote it...I cannot correct something that I do not uderstand... > come on, man, that should be easy to understand. I understand that I'm confused :) > I am afraid that with all the globalization people still do not > understand that translations should be left to experts... an by that I > mean the final version should always, and I mean always, be by a native > speaking person. That's an unfair thing to say. Are you saying that if someone with a French native tongue wrote software that would benefit everyone, and they wrote the manual in English to reach a broader audience, that the manual shouldn't be released unless proof-read and re-written by an English native? Vous faire ce travail, mon ami? Je n'aime pas d'accord avec votre utilisation du mot doit. ...the manual is available. I didn't mean to dis-respect you, I just meant that if one 'could' help, then the developer is the one to hit up. > I speak english, french, italian, some spanish and german as well as > latvian... but I would never attempt to translate into any language > other than English... and then not without the help of the original > language's originator. ;-) Nice... How 'bout Dutch ;) You will understand then: Ne dis pas que la documentation ne peuvent etre ecrites par un auteur si leur lange nest pas une espece indigen. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
Bob Hall wrote: > On Fri, Oct 16, 2009 at 07:27:42PM -0400, PJ wrote: >> Polytropon wrote: >>> On Fri, 16 Oct 2009 17:54:23 -0400, PJ wrote: but from man tunefs: BUGS This utility should work on active file systems. What in hades does this mean--just above it says cannot be run on active file systems. ??? >>> It "should". This means: Don't try that. :-) >>> >>> My printer isn't printing! >>> But it should. >>> No, it is not printing! >>> Yes, but it should. >>> :-) >>> >>> >> Aha! Gotcha! Whoever wrote that has made an unintentionnal booboo. It is >> a subtle difference and is indicative that whoever wrote it is not a >> native english user... the meaning is clearly "should be executed, done, >> carried out, performed" - should work means it can be carried out - I >> think the author meant to say "should not be done" > > I'm a native English speaker, and the manual makes perfect sense to me. > It's very clear to me that since the statement is in the BUGS section, > it means that the utility should, but doesn't. Since it follows a > statement that the utility doesn't, the meaning is unambiguous. fwiw, upon first reading, I got the exact same impression about the writing under its context as Bob did. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
PJ wrote: > Polytropon wrote: >> On Fri, 16 Oct 2009 17:54:23 -0400, PJ wrote: >>> but from man tunefs: >>> BUGS >>> This utility should work on active file systems. >>> What in hades does this mean--just above it says cannot be run on active >>> file systems. ??? >>> >> It "should". This means: Don't try that. :-) >> >> My printer isn't printing! >> But it should. >> No, it is not printing! >> Yes, but it should. >> :-) >> >> > Aha! Gotcha! Whoever wrote that has made an unintentionnal booboo. It is > a subtle difference and is indicative that whoever wrote it is not a > native english user... the meaning is clearly "should be executed, done, > carried out, performed" - should work means it can be carried out - I > think the author meant to say "should not be done" If you feel that you've found a 'bug' within the manual/documentation of a piece of software or function, I highly recommend that you pass it by other users/developers ( as you've kind-of done here ), and then contact the person who is normally listed in the AUTHOR section of the man page after you get a consensus on whether the manual, the code or you have the bug :) If you believe the problem is an engish-linguistic one (and the man page is written in english), let the author know this. Provide the correct verbiage, and an explanation of what your words mean compared to theirs (remember, english may not be their first language). Also, take a look at RFC 2119 for the keyword 'SHOULD' and 'SHOULD NOT'. RFC 2119 is highly regarded as the authority for many keywords, and a quick reference of it may help when trying to explain to an author where you feel their documentation is incorrect (or lacking). Cheers, Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Best procedure for full backup of live system
Nerius Landys wrote: > My server is increasingly having important work stored on it, and I > need to start taking backups of a lot of directories, especially > /home, /opt, /etc, /usr/local/etc, and maybe others. The ideal backup > (and what I've done in the past) is to take a full low-level dd image > of the disk while the system is down (this is easy to do in a > situation where you have dual boot). ...but you've found recently that it isn't scalable. > Or, since the output of dd would > take up tons of space and would only be usable on an identical hard > drive, use "dump" to take the backup while the machine is turned off > (again easy to do on a dual boot). But now, I cannot bring down the > machine. My plan is to do a tar gzip of / on the fly, and pipe that > to ssh (remote machine). However, the system is live, and files will > be in the progress of changing. ...quick hack, tested example ( recommended for a quick fix only. do a proper archive ) %pwd /home/steve %mkdir arch && ls | grep arch arch %echo "blah, blah" >> arch/file.txt %cat !$ cat arch/file.txt blah, blah # now, even though this is a ~ example, I use / all the time... tarball /home/steve/arch directory ( and contents ) to a different server: %tar -cvzf - arch | ssh st...@amanda.eagle.ca ' cat > arch_test.tar.gz' a arch a arch/file.txt ... after key-auth ( or password auth ) to remote SSH server, on the remote server: %pwd /usr/home/steve %ll | grep arch -rw-r--r-- 1 steve steve 10240 Oct 15 02:16 arch_test.tar.gz %pwd /usr/home/steve %mkdir restore-test %mv arch_test.tar.gz restore-test/ %cd !$ cd restore-test/ %tar -xzvf arch_test.tar.gz x arch/ x arch/file.txt %cd arch %ll total 1 -rw-r--r-- 1 steve steve 11 Oct 15 02:17 file.txt ... booya, restored, on a remote server...look: %cat file.txt blah, blah ...Just like that! If I've missed something, forgive me. I swear that doing a 'backup' to a remote location with a FreeBSD box is honestly *nearly* as easy to this Canadian as packing snow into an iceball to hit the bus with ;) Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Best procedure for full backup of live system
Nerius Landys wrote: > My server is increasingly having important work stored on it, and I > need to start taking backups of a lot of directories, especially > /home, /opt, /etc, /usr/local/etc, and maybe others. The ideal backup > (and what I've done in the past) is to take a full low-level dd image > of the disk while the system is down (this is easy to do in a > situation where you have dual boot). Or, since the output of dd would > take up tons of space and would only be usable on an identical hard > drive, use "dump" to take the backup while the machine is turned off > (again easy to do on a dual boot). But now, I cannot bring down the > machine. My plan is to do a tar gzip of / on the fly, and pipe that > to ssh (remote machine). However, the system is live, and files will > be in the progress of changing. > > My question is, what is the recommended procedure of taking a full > backup on a live system? Ideally, if my hard drive were to crash, I > would like to have such a backup so as to make it possible to copy > over the entire backup to a new identical harddrive without doing any > reinstall or configuration. Should I use tar/gzip? dump? What exact > command should I use? I guess I'll back up all of / including system > files, because there is not too much data. I will be piping the > output to ssh. Always consider, document and thoroughly test-utilize anything that 'Warren Block' has to say about backup and archiving ( search the archives for his name ). *always* remember that _archive_ is not a _backup_. *always* remember that if you have neither an archive or a backup, you are a complete failure as an 'admin' in general. *never* be responsible for losing data...EVER. I like to use space on remote servers ( or oftentimes local disks ) as clone-able space. To manufacture a live clone, I love rsync(1). Without getting into the nitty-gritty ( ( proper db mgmt pausing etc ), Here is a q&d example to get the blood flowing.. comment the first line...legal..blah etc ): # rsync -arcvv \ # be very verbose --exclude=/backup \ # ignore our backup location --exclude=/tmp \ # ignore sessions, etc --delete-after \ # delete changes since last rsync / \ # sync this /backup # ...to this... Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Multiple qt4 issues
Warren Liddell wrote: > >> Do a: >> >> %pkg_version -v > ~/pv.out >> >> ...and then review the ~/pv.out file *manually* to see if you can >> identify any oddities. (yes, grep is good and grep is great, but I've >> missed obvious things by grep'ing the pkg db in the past). >> >> I'm personally not one to help with GUI things, but hopefully my >> suggestion may provide a lead. >> >> Steve > > I solved that issue, after reading info in UPDATING .. however the issue > now is qt4-designer ... after a quick literal Google search, it appears that qt4-designer is a 'Linux' thing with a GUI resemblance. I don't know what to do other than offer: http://qt.nokia.com/doc/4.0/qt4-designer.html ( "TrollTech"? ) With a q&d search, it appears as though others have had issues with qt4-designer as well, trying to run it within a GUI atop of FreeBSD recently: http://osdir.com/ml/kde-freebsd/2009-10/msg00014.html ...again, I don't do GUI w/FBSD, so this is far out of my scope. This is a ^bump if anything. Good luck! Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Multiple qt4 issues
Warren Liddell wrote: > im running AMD64 FreeBSD7.2-STABLE latest src//kernel and ports so far > as what depends on various QT4 pkgs ... > > Everything comes down to this 1 port but yet i removed all of them an it > still cracks .. what am i missing or havent read... What exactly are you doing that reproduces your breakage? Forcing the registration of the package may help, but in this case I'd be leery of doing that due to the explicit 'conflict' warning. > ===>Verifying install for qt4-phonon>=4.5.2 in > /usr/ports/multimedia/qt4-phonon > ===> qt4-phonon-4.5.2 conflicts with KDE4 phonon. Please, deinstall > multimedia/phonon. > *** Error code 1 > > Stop in /usr/ports/multimedia/qt4-phonon. > *** Error code 1 > > Stop in /usr/ports/www/qt4-webkit. > > enterprise# ls /var/db/pkg | grep phon Do a: %pkg_version -v > ~/pv.out ...and then review the ~/pv.out file *manually* to see if you can identify any oddities. (yes, grep is good and grep is great, but I've missed obvious things by grep'ing the pkg db in the past). I'm personally not one to help with GUI things, but hopefully my suggestion may provide a lead. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Broadcom bce interface problems
Brian McCann wrote: > I'm having problems with the bce interface on a FreeBSD 7.2 install, using > an IBM BladeCenter HS21 machine. The machine uses the NetXtreme II card. > The really strange thing here is, the switch shows a link, but the card > shows no carrier in the setup. It started working for a few seconds at one > point when I reset the switch (at least, I think that's what I did), and it > detected 1000BaseSX as the media and showed a status of active, but promptly > went away. If I try setting the media type manually, that doesn't appear to > work. > Has anyone seen this or have any ideas? Try forcing the interface to 'up': # ifconfig bce0 up If that works, add it to the /etc/rc.conf: # echo 'ifconfig_bce0="up"' >> /etc/rc.conf Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: for perl wizards.
Lars Eighner wrote: > On Fri, 9 Oct 2009, Warren Block wrote: > >> On Fri, 9 Oct 2009, Oliver Fromme wrote: >> >>> Gary Kline wrote: >>> > >>> > Whenever I save a wordpeocessoe file [OOo, say] into a >>> > text file, I get a slew of hex codes to indicate the char >>> to be >>> > used. I'm looking for a perl one-liner or script to translate >>> > hex back into ', ", -- [that's a dash), and so forth. Why >>> does >>> > this fail to trans the hex code to an apostrophe? >>> > >>> > perl -pi.bak -e 's/\xe2\x80\x99/'/g' >>> >>> You need to escape the inner quote character, of course. >>> I think sed is better suited for this task than perl. >> >> That's twice now people have suggested sed instead of perl. Why? For >> many uses, perl is a better sed than sed. The regex engine is far >> more powerful and escapes are much simpler. > > Because sed is stable and perl is getting all OO and flaky. Sed will work > like sed for so long as there are unix-like systems. It is not clear that > perl is going to continue to work. Given that it seems as though you do know what you are doing (which makes me believe that you actually have the ability to provide valuable input), why would you be so negative? You have the answers. Why not use your energy in sharing it with a positive spin? Steve ps. 'twas tough resisting feeding the troll regarding the Perl comments. However, those who use it know the truth, and those who haven't will eventually learn the truth. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: for perl wizards.
Lars Eighner wrote: > > On Fri, 9 Oct 2009, Gary Kline wrote: > >> >> Whenever I save a wordpeocessoe file [OOo, say] into a >> text file, I get a slew of hex codes to indicate the char to be >> used. I'm looking for a perl one-liner or script to translate >> hex back into ', ", -- [that's a dash), and so forth. Why does >> this fail to trans the hex code to an apostrophe? >> >> perl -pi.bak -e 's/\xe2\x80\x99/'/g' > > You're kidding, aren't you? Have you not ever overlooked something like a misplaced apostrophe? The OP came with nearly workable code, in which I can tell that he spent some time researching and toying with before asking for help. > And finally, there are tons of perl forums, > mailing lists, and newsgroups. Pick one to ask perl questions. Why? The OP is not looking for help identifying why a complex subroutine is doing something unexpected. He is asking how to modify portions of his file system on FreeBSD using the command line. Would you have been so harsh if he was asking how to do it with sed? awk? I for one welcome these Perl questions. I've asked them here before, and for simple tasks, will ask them here again. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Multihome on FreeBSD 7.2
Aflatoon Aflatooni wrote: > Hi, > I have a DELL server with dual port nic card on it. The NICs are connected to > the same VLAN. > I would like to configure the server so that both NIC cards are redundant > that if one goes down the second one would pick up and continue. So I would > need both ports to be configured with the same IP addresses of the server. Is > there something that I need to configure or add to /etc/rc.conf? You may want to look at lagg(4) in LACP mode: %grep lagg /etc/rc.conf cloned_interfaces="lagg0" ifconfig_lagg0="laggproto lacp laggport re0 laggport age0" ipv4_addrs_lagg0="208.70.104.110/25" Your switch will need to be capable of LACP as well, and be configured in a similar manner. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
