from:"Rainer Duffner"

Re: FreeBSD 13.0 terrible performance in KVM

2021-04-25 Thread Rainer Duffner



> Am 24.04.2021 um 15:03 schrieb Jeff Love :
> 
> I'm running 12.2 and 13.0 on KVM using virtio and zfs. I am not having disk 
> I/O issues.


UFS or ZFS does not make a difference for me.

ZFS is faster on read due to compression - that’s why back in the XenServer 
days I didn’t even realize it until somebody complained.

It’s just a tad laggy in idle or normal conditions, but any kind of IO brings 
the system down to a crawl - and that is noticeable.




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD 13.0 terrible performance in KVM

2021-04-24 Thread Rainer Duffner



> Am 24.04.2021 um 11:25 schrieb dashdruid via freebsd-stable 
> :
> 
> Hello List,
> 
> I hope some other folks out there running FreeBSD on KVM as well. I set up a 
> base VM while doing so I noticed that the disk operations are very slow. Many 
> times I edit a file in vim or try to run a command there is a huge lag.



It’s a huge and common problem that has been going on for years.
I also had the same problem with XenServer.

You can search bugzilla for „KVM“ bugs, as well as the forums.


Apparently, it was mostly fixed for VMWare, but fixing for KVM is apparently 
very difficult. Even more so as there are many different versions of KVM around 
that all behave differently, depending on how you configure the virtual 
hardware (of which there are endless variations and permutations on how you 
attach with virtual devices to which virtual PCI-bus etc.pp.).
It’s also likely fixed on AWS (but I do not use that, so I hardly care).

E.g. when I created a KVM VM on my local workstation at work, it performed 
identically (more or less) to e.g. a CentOS VM.

However, if I create a VM on our on-premise Openstack cloud, it achieves maybe 
10% or 20% of the disk-IO-speed of a CentOS VM with the same volume type.

There’s some work going on in some differentials, but I haven’t had the time to 
try.

The problem is IMHO that most of the paid developers (for FreeBSD) these days 
either use it on bare metal (hello Netflix, EMC, Netapp, Netgate et.al.) or use 
it inside VMWare, where the main pain-points seem to have been fixed. Or they 
even use FreeBSD’s own hypervisor (bhyve).

It’s a tragedy IMO and it totally rules out FreeBSD here around for almost all 
future use-cases (that are almost certainly moving to Openstack in the future).



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: freebsd-update and speed

2021-04-19 Thread Rainer Duffner



> Am 17.04.2021 um 23:09 schrieb Cejka Rudolf :
> 
> Did you try aws.update.freebsd.org  also?


The problem with that is that it probably doesn’t have a fixed IP and not all 
our firewalls can whitelist a domain (and freebsd-update doesn’t work through 
our sophos-proxie)….


But thanks for taking update4 out of the rotation, Philip.




Best Regards
Rainer
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: freebsd-update and speed

2021-04-17 Thread Rainer Duffner



> Am 16.04.2021 um 10:17 schrieb Ferdinand Goldmann :
> 
> On Thu, 15 Apr 2021, Rainer Duffner wrote:
> 
>> 
>> 
>> It’s OK-ish most of the time here (CH).
>> 
>> It does *NOT* work through a proxy, due to the use of pipelined 
>> http-requests.
>> 
>> What’s your internet-connection?
> 
> The 10Gbit uplink of my university, directly connected to the internet, not
> behind a proxy. I don't think that's the problem. When update3 was still 
> online
> I'd always use that and updates were really fast back then.
> 
> Now that update3 is gone all update servers seem to be in the US or Australia.
> 
> After waiting for nearly one hour:
> 
> ..853085408550856085708580859086008610862086308640865086608670868086908700
>   done.
> Applying patches... done.
> Fetching 9628 files... gunzip: (stdin): unexpected end of file
> 0a4626107f3700cf5f87bd9c123bf427bd5a8561aadc2eca1d1605465c090935 has 
> incorrect hash.
> 
> This is getting kind of tiresome. :(
> 
> Regards
> Ferdinand




There seems to be a problem with update4.

I now have this, too.


I’m cc-ing clusteradm and dnsadmin, in hope that there’s somebody there who can 
either fix it or take update4 out of the srv record…


:-(

I would rather just mirror the update server but I think this is not supposed 
to be done?





___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: freebsd-update and speed

2021-04-15 Thread Rainer Duffner



> Am 15.04.2021 um 14:20 schrieb Ferdinand Goldmann :
> 
> Hello,
> 
> I've noticed that ever since update3.freebsd.org is gone (which was in Czech
> republic I think), FreeBSD updates are often quite slow for me (= 
> Austria/Europe)
> Especially so for major release upgrades. In fact so slow that I have time
> to type this mail while waiting for '8778 patches'.
> 
> The other day, freebsd-update even suffered a timeout.
> 
> What are other European users experiences and is there anything to do about 
> it?
> 
> Regards
> Ferdinand


It’s OK-ish most of the time here (CH).

It does *NOT* work through a proxy, due to the use of pipelined http-requests.

What’s your internet-connection?


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Update to the 13.0-RELEASE schedule

2021-03-31 Thread Rainer Duffner



> Am 31.03.2021 um 17:58 schrieb Glen Barber :
> 
> A small set of updates that we consider blocking the 13.0 release have
> been brought to our attention.  As such, the 13.0-RELEASE schedule has
> been updated to include a fifth release candidate (RC5).
> 
> The updated schedule is available on the FreeBSD Project website:
> 
> https://www.freebsd.org/releases/13.0R/schedule/
> 
> As usual, we will continue to consider critical bug fixes only for the
> duration of this release cycle.
> 
> Thank you for your cooperation, and for your patience.
> 
> Glen
> On behalf of: re@
> 



The truth is that a lot people don’t really start testing until the later 
release candidates.

So, having more of these release candidates with just refinements is a good 
thing, IMHO.



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Help with applying a differential

2021-03-22 Thread Rainer Duffner



> Am 22.03.2021 um 17:59 schrieb Warner Losh :
> 
> 
> 
> On Mon, Mar 22, 2021, 10:19 AM Rainer Duffner  <mailto:rai...@ultra-secure.de>> wrote:
> 
> 
> > Am 22.03.2021 um 16:34 schrieb Juraj Lutter  > <mailto:ju...@lutter.sk>>:
> > 
> > 
> > To which branch do you want to apply those patches?
> > 
> > Judging from the original patch date, I’d say that they have been developed 
> > against 13.0 at some point.
> > That being said, you may want to try to apply them manually against 13.0 
> > sources and see if/how they fail.
> > 
> > otis
> 
> 
> Well, I tried this:
> 
> git clone -o freebsd https://github.com/freebsd/freebsd-src.git 
> <https://github.com/freebsd/freebsd-src.git> -b releng/13.0 src
> cd src/sys/dev/smartpqi/
> git apply --check  ~/Downloads/D24428.diff 
> 
> but it doesn’t really make a difference.
> 
> rduffner@suse5:~/f2/src/sys/dev/smartpqi> git apply --check  
> ~/Downloads/D24428.diff 
> error: patch failed: sys/dev/smartpqi/smartpqi_cam.c:231
> error: sys/dev/smartpqi/smartpqi_cam.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_cmd.c:43
> error: sys/dev/smartpqi/smartpqi_cmd.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_defines.h:77
> error: sys/dev/smartpqi/smartpqi_defines.h: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_discovery.c:62
> error: sys/dev/smartpqi/smartpqi_discovery.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_event.c:35
> error: sys/dev/smartpqi/smartpqi_event.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_helper.c:43
> error: sys/dev/smartpqi/smartpqi_helper.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_init.c:31
> error: sys/dev/smartpqi/smartpqi_init.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_intr.c:32
> error: sys/dev/smartpqi/smartpqi_intr.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.h:67
> error: sys/dev/smartpqi/smartpqi_ioctl.h: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.c:53
> error: sys/dev/smartpqi/smartpqi_ioctl.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_main.c:134
> error: sys/dev/smartpqi/smartpqi_main.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_misc.c:39
> error: sys/dev/smartpqi/smartpqi_misc.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_prototypes.h:120
> error: sys/dev/smartpqi/smartpqi_prototypes.h: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_queue.c:32
> error: sys/dev/smartpqi/smartpqi_queue.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_request.c:47
> error: sys/dev/smartpqi/smartpqi_request.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_response.c:85
> error: sys/dev/smartpqi/smartpqi_response.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_sis.c:77
> error: sys/dev/smartpqi/smartpqi_sis.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_structures.h:29
> error: sys/dev/smartpqi/smartpqi_structures.h: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_tag.c:73
> error: sys/dev/smartpqi/smartpqi_tag.c: patch does not apply
> 
> where-as for the 12.2-src I get less problems actually:
> 
> rduffner@suse5:~/f2/src-12/sys/dev/smartpqi> git apply --check  
> ~/Downloads/D24428.diff 
> error: patch failed: sys/dev/smartpqi/smartpqi_cam.c:473
> error: sys/dev/smartpqi/smartpqi_cam.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_defines.h:856
> error: sys/dev/smartpqi/smartpqi_defines.h: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_main.c:312
> error: sys/dev/smartpqi/smartpqi_main.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_mem.c:28
> error: sys/dev/smartpqi/smartpqi_mem.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_misc.c:69
> error: sys/dev/smartpqi/smartpqi_misc.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_queue.c:280
> error: sys/dev/smartpqi/smartpqi_queue.c: patch does not apply
> error: patch failed: sys/dev/smartpqi/smartpqi_request.c:540
> error: sys/dev/smartpqi/smartpqi_request.c: patch does not apply
> 
> 
> I really wonder against what source I need to apply that patch…
> 
> For me, It almost applied cleanly to stable/12 branch, but not to the main 
> branch:
> 
> % find . -name \*.rej
> ./sys/dev/smartpqi/smartpqi_mem.c.rej
> ./sys/dev/smartpqi/smartpqi_queue.c.rej
> ./sys

Re: Help with applying a differential

2021-03-22 Thread Rainer Duffner



> Am 22.03.2021 um 16:34 schrieb Juraj Lutter :
> 
> 
> To which branch do you want to apply those patches?
> 
> Judging from the original patch date, I’d say that they have been developed 
> against 13.0 at some point.
> That being said, you may want to try to apply them manually against 13.0 
> sources and see if/how they fail.
> 
> otis


Well, I tried this:

git clone -o freebsd https://github.com/freebsd/freebsd-src.git -b releng/13.0 
src
cd src/sys/dev/smartpqi/
git apply --check  ~/Downloads/D24428.diff 

but it doesn’t really make a difference.

rduffner@suse5:~/f2/src/sys/dev/smartpqi> git apply --check  
~/Downloads/D24428.diff 
error: patch failed: sys/dev/smartpqi/smartpqi_cam.c:231
error: sys/dev/smartpqi/smartpqi_cam.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_cmd.c:43
error: sys/dev/smartpqi/smartpqi_cmd.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_defines.h:77
error: sys/dev/smartpqi/smartpqi_defines.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_discovery.c:62
error: sys/dev/smartpqi/smartpqi_discovery.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_event.c:35
error: sys/dev/smartpqi/smartpqi_event.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_helper.c:43
error: sys/dev/smartpqi/smartpqi_helper.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_init.c:31
error: sys/dev/smartpqi/smartpqi_init.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_intr.c:32
error: sys/dev/smartpqi/smartpqi_intr.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.h:67
error: sys/dev/smartpqi/smartpqi_ioctl.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.c:53
error: sys/dev/smartpqi/smartpqi_ioctl.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_main.c:134
error: sys/dev/smartpqi/smartpqi_main.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_misc.c:39
error: sys/dev/smartpqi/smartpqi_misc.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_prototypes.h:120
error: sys/dev/smartpqi/smartpqi_prototypes.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_queue.c:32
error: sys/dev/smartpqi/smartpqi_queue.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_request.c:47
error: sys/dev/smartpqi/smartpqi_request.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_response.c:85
error: sys/dev/smartpqi/smartpqi_response.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_sis.c:77
error: sys/dev/smartpqi/smartpqi_sis.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_structures.h:29
error: sys/dev/smartpqi/smartpqi_structures.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_tag.c:73
error: sys/dev/smartpqi/smartpqi_tag.c: patch does not apply

where-as for the 12.2-src I get less problems actually:

rduffner@suse5:~/f2/src-12/sys/dev/smartpqi> git apply --check  
~/Downloads/D24428.diff 
error: patch failed: sys/dev/smartpqi/smartpqi_cam.c:473
error: sys/dev/smartpqi/smartpqi_cam.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_defines.h:856
error: sys/dev/smartpqi/smartpqi_defines.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_main.c:312
error: sys/dev/smartpqi/smartpqi_main.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_mem.c:28
error: sys/dev/smartpqi/smartpqi_mem.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_misc.c:69
error: sys/dev/smartpqi/smartpqi_misc.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_queue.c:280
error: sys/dev/smartpqi/smartpqi_queue.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_request.c:540
error: sys/dev/smartpqi/smartpqi_request.c: patch does not apply


I really wonder against what source I need to apply that patch…



Rainer



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Help with applying a differential

2021-03-22 Thread Rainer Duffner

Hi,

I need help applying this differential


https://reviews.freebsd.org/D24428


Me and a co-worker (who is one order of magnitude better at all things git than 
me) are unable to get this to apply.



rduffner@suse5:~/freebsd-src/sys/dev/smartpqi> git apply --check  
~/Downloads/D24428.diff 
error: patch failed: sys/dev/smartpqi/smartpqi_cam.c:231
error: sys/dev/smartpqi/smartpqi_cam.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_cmd.c:43
error: sys/dev/smartpqi/smartpqi_cmd.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_defines.h:77
error: sys/dev/smartpqi/smartpqi_defines.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_discovery.c:62
error: sys/dev/smartpqi/smartpqi_discovery.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_event.c:35
error: sys/dev/smartpqi/smartpqi_event.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_helper.c:43
error: sys/dev/smartpqi/smartpqi_helper.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_init.c:31
error: sys/dev/smartpqi/smartpqi_init.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_intr.c:32
error: sys/dev/smartpqi/smartpqi_intr.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.h:67
error: sys/dev/smartpqi/smartpqi_ioctl.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_ioctl.c:53
error: sys/dev/smartpqi/smartpqi_ioctl.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_main.c:134
error: sys/dev/smartpqi/smartpqi_main.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_misc.c:39
error: sys/dev/smartpqi/smartpqi_misc.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_prototypes.h:120
error: sys/dev/smartpqi/smartpqi_prototypes.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_queue.c:32
error: sys/dev/smartpqi/smartpqi_queue.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_request.c:47
error: sys/dev/smartpqi/smartpqi_request.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_response.c:85
error: sys/dev/smartpqi/smartpqi_response.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_sis.c:77
error: sys/dev/smartpqi/smartpqi_sis.c: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_structures.h:29
error: sys/dev/smartpqi/smartpqi_structures.h: patch does not apply
error: patch failed: sys/dev/smartpqi/smartpqi_tag.c:73
error: sys/dev/smartpqi/smartpqi_tag.c: patch does not apply


I’m sure I’m missing something here.

I tried this on FreeBSD with git from pkg (2.30.1) and the git from OpenSuSE 
15.2 (2.26.2)




Rainer
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: vmware/vmx causing problems

2020-08-10 Thread Rainer Duffner




> Am 10.08.2020 um 07:27 schrieb Daniel Braniss :
> 
> hi,
> suspend/resume/migrate works fine up to  11.3,
> in 12.1 it usually becomes very unresponsive, ping can take several minutes 
> after a suspend/migrate.
> switching to em works fine.
> 
> any ideas on how to save this?
> 


You need to disable snapshotting the memory.


Migrating still works, I think.




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Observations from a ZFS reorganization on 12-STABLE

2019-03-17 Thread Rainer Duffner



> Am 17.03.2019 um 15:58 schrieb Karl Denninger :
> 
> I've long argued that the VM system's interaction with ZFS' arc cache
> and UMA has serious, even severe issues.  12.x appeared to have
> addressed some of them, and as such I've yet to roll forward any part of
> the patch series that is found here [
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=187594 
>  ] or the
> Phabricator version referenced in the bug thread (which is more-complex
> and attempts to dig at the root of the issue more effectively,
> particularly when UMA is involved as it usually is.)
> 
> Yesterday I decided to perform a fairly significant reorganization of
> the ZFS pools on one of my personal machines, including the root pool
> which was on mirrored SSDs, changing to a Raidz2 (also on SSDs.)  This
> of course required booting single-user from a 12-Stable memstick.



Interesting.

The patches published before Christmas 2018 solved all of the problems I had 
(shared by many others, probably also visible on the FreeBSD project’s own 
infrastructure) with 11.2 and 12.0

I run a decently sized syslog-server and the 25MB/s stream of syslog-data was 
killing 11.2 almost instantly.

I have a few 11.2 systems that I haven’t patched yet - but they have north of 
128GB of RAM and ARC had been configured down to 70% long before that - so I 
never saw the issue there.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: php56

2019-01-13 Thread Rainer Duffner




> Am 13.01.2019 um 18:10 schrieb Daniel Duerr :
> 
> +1 on this request.  I have a mission critical app server running an old PHP 
> 5.6 application which will not work on PHP 7+.  The system is effectively 
> unmaintainable right now in terms of pkg/ports updates.



The quarterly cut (2019Q1) still contains php 5.6

It was deleted form the ports-tree hours later.





___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: php

2019-01-05 Thread Rainer Duffner

Did you open PRs for the ports that don’t compile for you?


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: How do you boot the debug kernel installed from kernel-dbg.txz?

2018-11-06 Thread Rainer Duffner



> Am 07.11.2018 um 01:40 schrieb Pete Wright :
> 
> I may be mistaken, but I don't think you actually need to boot the 
> debug-kernel and modules (in fact I don't think you can), rather those files 
> are intended for being read by kgdb while debugging a core that is generated 
> by savecore(8) so that you have access to full symbol table etc.  this page 
> section in the dev handbook debugging kernel core dumps:
> 
> https://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug.html
>  
> 
> 
> hope this helps,
> 
> -pete



Yes, you are right.

However obvious it may seem, it isn’t for somebody who’s never really done that…


I asked the same question in my PR and got an answer immediately - didn’t 
expect that to go that fast…



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

How do you boot the debug kernel installed from kernel-dbg.txz?

2018-11-06 Thread Rainer Duffner

Hi,

I need to install a debug-kernel.

I didn’t install the debug-kernel when I installed the system (11.2), but I 
downloaded the archive.

I can unpack it - but how do I then select the kernel at boot?


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD 11.1-RELEASE-p13 fatal trap 12: page fault while in kernel mode

2018-09-09 Thread Rainer Duffner

After upgrading to 11.2-RELEASE-p2, the server constantly reboots instead of 
hanging at the crash-dump.


Still, I don’t get a crash dump in /var/crash


kern.corefile: %N.core
kern.coredump_devctl: 0
kern.nodump_coredump: 0
kern.coredump: 1
kern.capmode_coredump: 0
kern.sugid_coredump: 0
kern.coredump_pack_vmmapinfo: 1
kern.coredump_pack_fileinfo: 1
debug.ncores: 5
debug.elf32_legacy_coredump: 0
debug.elf64_legacy_coredump: 0
hw.ixl.core_debug_mask: 0


(server ) 0 # grep dump /etc/rc.conf
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev=„AUTO"

(server ) 0 # cat /etc/fstab 
# DeviceMountpoint  FStype  Options DumpPass#
/dev/mirror/swapnoneswapsw  0   0


The server is zfs-only, all the drives hang on said SemiMicro smartpqi 
controller.


I actually have two of these and both randomly reboot every couple of hours. Or 
more like every hour.





___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: FreeBSD 11.1-RELEASE-p13 fatal trap 12: page fault while in kernel mode

2018-09-09 Thread Rainer Duffner



> Am 09.09.2018 um 11:08 schrieb Eugene Grosbein :
> 
> This list strips attachments, so you should upload it somewhere and post a 
> link.



Well actually, the text you get when you post one says it’s awaiting moderator 
approval.

But I found a way to upload it without signing up for some site:

https://ibb.co/nHK9LU








___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

FreeBSD 11.1-RELEASE-p13 fatal trap 12: page fault while in kernel mode

2018-09-08 Thread Rainer Duffner

Hi,

I got a kernel panic

This a a HP Gen10 system.
It has this new Microsemi SAS HBA that only got the driver with 11.2.

It’s running a syslog-server (syslog-ng)

I have attached a screenshot of the panic, hopefully it comes through.


dumpdev is set to „AUTO“, but I don’t find any crashdumps in /var/crash.

dmesg also says it can’t find any crashdumps.




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: freebsd-update: cannot open patchlist

2018-05-27 Thread Rainer Duffner



> Am 27.05.2018 um 16:28 schrieb Randy Bush :
> 
> indeed, that fixes it.  thank you.


;-)
BTDTGTT

This is (or was) especially a problem with ezjail’s use of freebsd-update.

Most of the time, freebsd-update works - but when it gets confused, the 
quickest solution is often to start from scratch.

Which is a real pain if you need to download through a proxy that doesn’t do 
http-pipelining (like the Sophos UTM née Astaro devices).

IIRC, there’s still no way to disable that behavior.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: freebsd-update: cannot open patchlist

2018-05-27 Thread Rainer Duffner



> Am 27.05.2018 um 04:05 schrieb Randy Bush :
> 
> # freebsd-update upgrade -r 11.1-RELEASE



Does it still happen when you run

rm -rf /var/db/freebsd-update/*

freebsd-update -r 11.1-RELEASE upgrade

?


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Now that the meltdown-patches are in STABLE...

2018-02-26 Thread Rainer Duffner

Am I right to assume they aren’t being backported to 11.1 and we have to wait 
for 11.2?


Don’t get me wrong - I’d rather have a stable system when random reboots during 
the daily or weekly runs.

But for my own planing, I’d really like to know what the way forward is going 
to look like.


https://wiki.freebsd.org/SpeculativeExecutionVulnerabilities

Isn’t too helpful in this matter.




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: package building performance (was: Re: FreeBSD on AMD Epyc boards)

2018-02-17 Thread Rainer Duffner



> Am 17.02.2018 um 10:09 schrieb Don Lewis :
> 
> It is unfortunate that there don't seem to be any server-grade Ryzen
> motherboards.  They all seem to be gamer boards with a lot of
> unnecessary bling.



That’s because few people use servers to build packages.

Increasingly, all the other things related to a server are becoming important 
(fast memory, fast networking, fast I/O) and because everything else is 
expensive, it’s simply not economical to skimp on the CPU when everything else 
(SSD, 40GB switch ports, rack space etc.pp.) costs the same.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: error instaling any ports

2017-10-17 Thread Rainer Duffner


> Am 17.10.2017 um 19:29 schrieb Denis Granato :
> 
> Hello everyone
> 
> I have a 9.1 freebsd server, and every ports I try to install I get
> the follow error
> 
> 
> 
> 
> 
> 
> 
> *server# cd /usr/ports/devel/subversionserver# make install
> clean"/usr/ports/Mk/bsd.port.mk ", line 1045: Unknown
> directiveUnknown modifier 't'Variable .CURDIR is recursive.server# *
> ___
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"



Is this a recent ports-tree?

FreeBSD 9.1 has been out of support for probably the better part of three years.
No chance a current ports-tree is usable on it.

If for whatever reason you insist on staying with 9.1, you should use a 
ports-tree from 9.2-RELEASE or maybe 9.3-RELEASE.



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Mirror the freebsd-update server?

2017-09-12 Thread Rainer Duffner


> Am 13.09.2017 um 00:09 schrieb Jason Tubnor :
> 
> I found this useful.  I made some adjustments for what I needed but those
> updates are sweet now :-)
> https://wiki.freebsd.org/VladimirKrstulja/Guides/FreeBSDUpdateReverseProxy 
> 

"This is a simple cache. That means it doesn't consider the files as a whole 
repository, which in turn means updates to your cache are not atomic. It'd be 
advised to nuke your cache before your update run, as its point is only to 
retain the files in a local cache for some short period of time required for 
all your machines to be updated.“


The problem is, my updates don’t work that way.

These servers all belong to different customers (well, some have a couple) and 
I can’t patch them in „some short period of time“.
It’s continuous process.
I have other stuff to do. And I have to negotiate downtimes etc.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Mirror the freebsd-update server?

2017-09-12 Thread Rainer Duffner


> Am 12.09.2017 um 23:45 schrieb Chris Gordon :
> 
> Take a look at https://www.freebsd.org/doc/en/articles/hubs/index.html 
> .  This doc 
> discusses setting up a mirror (found via quick Google search).



Yes, but it doesn’t talk about freebsd-update - which is quite a different 
beast than FTP/WWW mirrors?



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: HP Smart array P440 support

2017-09-07 Thread Rainer Duffner


> Am 07.09.2017 um 23:13 schrieb Priyadarshana Chandrasena :
> 
> I have not installed FreeBSD using iLo and virtual CD method. I will read
> about this method and try it out. 



You will need an iLO license for that.


Also, enjoy Gen10 servers, where even more features are going to be 
„pay-for-play“.



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: HP Smart array P440 support

2017-09-03 Thread Rainer Duffner


> Am 03.09.2017 um 15:04 schrieb Priyadarshana Chandrasena :
> 
> In UEFI mode the boot process does not read the installation media usb.
> Never booted from the usb in UEFI mode!


Hm. Interesting.
Can you try 11.1 then?

I think I had that problem around the 9.x days, with G7 hardware.
Or I think it was with booting from the emulated CD via iLO.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: HP Smart array P440 support

2017-09-03 Thread Rainer Duffner


> Am 03.09.2017 um 14:53 schrieb Priyadarshana Chandrasena :
> 
> I have tried to install FreeBSD 10.3 in a HP DL20 Gen 9 server with P440
> smart array. My installation media is in a USB drive.
> 
> In BIOS I set the Boot mode to Legacy boot mode. 



Why?

It should work in UEFI.



That said, we only have DL360 and DL380 here.

Never saw a DL20 besides on slides from HP ;-)



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: HP Smart array P440 support

2017-09-02 Thread Rainer Duffner


> Am 02.09.2017 um 15:48 schrieb Priyadarshana Chandrasena :
> 
> I have HP DL20 Gen 9 server. But I can not install FreeBSD 10.2 in it. I
> have a HP smart array P440 in my server. I can not find out anywhere if ciss
> driver support include HP Gen 9 storage controllers.  Could you please
> update the ciss driver in 10.3?
> 



Try 10.3

I know the release-notes say nothing about it, but I believe it is supported.

If not that, 11.0 surely does (even though the release-notes don’t mention it, 
either)



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Problem with FreeBSD as a XenServer Guest - how to debug?

2017-02-04 Thread Rainer Duffner


> Am 04.02.2017 um 10:48 schrieb Florian Ermisch 
> :
> 
> Hi Rainer,
> 
> isn't Amazon AWS xen-based?
> I know Colin Percival (cperciva@) is running 
> tarsnap.com on AWS, maybe he knows how 
> to tune it properly?


It’s not a question of tuning.
It’s a factor of 5 that FreeBSD is slower. On SSDs, it’s 10 to 15x.


> Looks like he's the one providing FreeBSD 
> images for AWS, too: https://aws.amazon.com/marketplace/pp/B01LWSWRED/
> Amazon is probably running a heavily patched
> version of Xen but looking at the images' 
> sysctls & stuff and running one on your Xen-
> Server might provide some insights - or at
> least datapoints.
> 
> And then there's DTrace to dive into the 
> kernel's inner workings*…
> 


Yes, but I don’t even know there to start.
My knowledge of Dtrace is very, very limited.




> Oh, does Xen still provide emulation for other
> storage controllers like SATA or SAS? If so
> you may get an at least bearable performance
> using those.


FreeBSD 10 and 11 contain the „optimal“ support for Xen DomU support out-of-the 
box, AFAIK (the documentation / wiki for Xen is in a horrible state IMO).


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Problem with FreeBSD as a XenServer Guest - how to debug?

2017-02-03 Thread Rainer Duffner

Hi,

I’ve opened a PR on this:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212681

and asked on freebsd-virtualization. But nothing came out of it.

Basically, I/O is very slow inside the FreeBSD guest. Linux guests are OK.
FreeBSD 10 or 11 doesn’t make a difference.
Haven’t been able to try 12.


How can one debug this?




Rainer
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: zfs receive leads to a stuck server

2016-11-03 Thread Rainer Duffner


> Am 01.10.2016 um 18:02 schrieb Rainer Duffner <rai...@ultra-secure.de>:
> 
> Hi,
> 
> I posted this before, but I didn’t really get an answer and I’m still looking 
> for ways to debug this.
> 
> I have to servers (HP DL 380 Gen8, 192 GB RAM, 6C CPU).
> I’ve outfitted them with HP’s H22x cards (really OEMed 9207-8x, three 
> altogether) that I recently cross-flashed to LSI’s latest firmware.



And it turns out, using anything branded by HP is just asking for ulcers and 
headaches.

We replaced said HBAs with LSI^WAvago^WBroadcom HBAs - and everything started 
working as it should.
There are still hangs at 03:00 and 04:00 (when the snapshots that got deleted 
on the master get deleted on the slave) - but that's not really a problem 
because they are much shorter than before and nobody is using the system at 
that time.

So, while the H22x-cards are „close enough to a LSI2308-based card so that the 
driver actually thinks it’s a 2308 - they are in fact not.

Also, with the original LSI cards, you can use LSI’s FreeBSD flash utility and 
have a far better life overall.


___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

zfs receive leads to a stuck server

2016-10-01 Thread Rainer Duffner

Hi,

I posted this before, but I didn’t really get an answer and I’m still looking 
for ways to debug this.

I have to servers (HP DL 380 Gen8, 192 GB RAM, 6C CPU).
I’ve outfitted them with HP’s H22x cards (really OEMed 9207-8x, three 
altogether) that I recently cross-flashed to LSI’s latest firmware.
They have:
 - 14 600GB SAS disks in their internal cages (2x ZFs mirror to boot from and 
2x RAIDZ2)
 - another 12 1200 GB SAS disks in an external HP 2700 enclosure (2x RAID-Z2)
 - all the RAID Z2s together form a single zpool

These are NFS-servers (master + warm standby) and MySQL slaves.
The client uses the NFS-server and previously used both MySQL-Slaves for SELECT 
queries only (via a middleware that seems to be able to sort this out).

When this system was built, we had twelve single RAID0 logical volumes on HP 
P4x0 RAID-controllers (with 2 GB cache), merged into two RAID-Z2 vdevs for 
storage (and a RAID1 boot-drive).
However, the customer outgrew that solution and because there are no native HP 
utilities for managing the RAID-cards on FreeBSD, each time a drive dies on 
such a setup, you have to reboot the server to make sure ZFS „sees“ the new 
drive (go into adapter BIOS, destroy RAID, create RAID…).

So, I switched to LSI-type JBOD HBAs.
I had to re-install both servers from scratch, obviously, and also upgraded to 
10.3 (from 10.1).


I have zfsnap (sysutils/zfsnap) create hourly, daily and weekly snapshots that 
I transfer via zxfer from server1 to server2.

Previously, this only took a couple of seconds. But since I switched to LSI 
HBAs, it’s taking longer - even though the deltas are really small in most 
cases.
After 03:00 AM, when zfsnap deletes some snapshots on the source system, it 
even takes several minutes to zxfer the snapshots.
At that point, it’s really noticeable that the 2nd system complete freezes. The 
first system (that zfs sends) is absolutely unaffected and continues like 
normal.

I’ve setup a cron-job that outputs iostat and vmstat into second-timestamped 
files and a few seconds after the zxfer starts, it doesn’t generate any new 
files until shortly before it finishes.
With these hangs, the customer can’t use the 2nd MySQL-server and is thus 
unhappy.

I’ve upgraded to 11.0-RELEAE on the 2nd system - but it hasn’t helped (it might 
even be slower actually).

How can I debug this? What’s the best way forward?
I don’t have any ZFS errors (checksum etc.). So, I doubt it’s a cable.


Here’s various system information



ZFS Subsystem ReportSat Oct  1 17:50:48 2016


System Information:

Kernel Version: 1100122 (osreldate)
Hardware Platform:  amd64
Processor Architecture: amd64

ZFS Storage pool Version:   5000
ZFS Filesystem Version: 5

FreeBSD 11.0-RELEASE #0 r306211: Thu Sep 22 21:43:30 UTC 2016 root
 5:50PM  up 2 days, 19:50, 1 users, load averages: 0.11, 0.09, 0.08



System Memory:

0.26%   506.77  MiB Active, 11.52%  21.54   GiB Inact
62.29%  116.49  GiB Wired,  0.00%   0 Cache
25.93%  48.49   GiB Free,   0.00%   0 Gap

Real Installed: 192.00  GiB
Real Available: 99.96%  191.93  GiB
Real Managed:   97.44%  187.01  GiB

Logical Total:  192.00  GiB
Logical Used:   63.53%  121.97  GiB
Logical Free:   36.47%  70.03   GiB

Kernel Memory:  2.15GiB
Data:   98.41%  2.12GiB
Text:   1.59%   35.02   MiB

Kernel Memory Map:  187.01  GiB
Size:   40.16%  75.10   GiB
Free:   59.84%  111.92  GiB



ARC Summary: (HEALTHY)
Memory Throttle Count:  0

ARC Misc:
Deleted:2.16m
Recycle Misses: 0
Mutex Misses:   1.92k
Evict Skips:54.73k

ARC Size:   64.39%  41.21   GiB
Target Size: (Adaptive) 100.00% 64.00   GiB
Min Size (Hard Limit):  36.33%  23.25   GiB
Max Size (High Water):  2:1 64.00   GiB

ARC Size Breakdown:
Recently Used Cache Size:   89.29%  57.14   GiB
Frequently Used Cache Size: 10.71%  6.86GiB

ARC Hash Breakdown:
Elements Max:   5.37m
Elements

Re: FreeBSD 10.1 can't upgrade to FreeBSD 11-RC1 via freebsd-update

2016-08-21 Thread Rainer Duffner


> Am 20.08.2016 um 22:34 schrieb Doug Hardie <d...@mail.sermon-archive.info>:
> 
> 
>> On 20 August 2016, at 11:50, Rainer Duffner <rai...@ultra-secure.de> wrote:
>> 
>> FreeBSD 10.3 works.
>> 
>> FreeBSD 10.1 complains about a failed integrity check etc (which the EN was 
>> supposed to fix, I assume)
>> 
>> 
>> I did run freebsd-update to update to the latest patch-level and 
>> freebsd-version said, I was on p37.
> 
> I encountered the same issue with 9.x.  The following patch was sent to me:
> 
> --- Comment #5 from Xin LI <delp...@freebsd.org> ---
> (In reply to bc979 from comment #4)
> 
> Can you try applying this? (r279901)
> 
> Index: head/usr.sbin/freebsd-update/freebsd-update.sh
> ===
> --- head/usr.sbin/freebsd-update/freebsd-update.sh  (revision 279900)
> +++ head/usr.sbin/freebsd-update/freebsd-update.sh  (revision 279901)
> @@ -1231,7 +1231,7 @@ fetch_metadata_sanity () {
>   # Some aliases to save space later: ${P} is a character which can
>   # appear in a path; ${M} is the four numeric metadata fields; and
>   # ${H} is a sha256 hash.
> -   P="[-+./:=%@_[~[:alnum:]]"
> +   P="[-+./:=,%@_[~[:alnum:]]"
>   M="[0-9]+\|[0-9]+\|[0-9]+\|[0-9]+"
>   H="[0-9a-f]{64}"
> 
> -- 
> 
> However, it doesn't actually go in 9.x.  The line numbers are very close.  
> Use the comment to find the proper line.  For me it was less than 10 lines 
> before 1231.  I don't keep the source so I just updated 
> /usr/sbin/freebsd-update directly.  The patch worked.
> 



It seems to work, yes.

I think this should be fixed before 11.0-RELEASE becomes available.



Rainer
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

FreeBSD 10.1 can't upgrade to FreeBSD 11-RC1 via freebsd-update

2016-08-20 Thread Rainer Duffner

FreeBSD 10.3 works.

FreeBSD 10.1 complains about a failed integrity check etc (which the EN was 
supposed to fix, I assume)


I did run freebsd-update to update to the latest patch-level and 
freebsd-version said, I was on p37.



___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

I/O is very slow for FreeBSD 10.3 amd64 guest running on Citrix XenServer 6.5

2016-08-17 Thread Rainer Duffner

Hi,

I had to realize this week that my VMs on Citrix XenServer are very slow, 
compared to Linux.

I’m getting maybe 8 or 10 MB/s, wheres an Ubuntu 14 guest gets 110+ MB/s 
(Megabyte).
Independent of the filesystem, just wiping the disks with dc3dd.

This went unnoticed, because not much I/O is done in these VMs. But recently, a 
customer complained and I had to look into it.

The VM is running stock 10.3-RELEASE-p6.

The OS-type is set to FreeBSD 10 64 bit.
Same thing happens with FreeBSD 11-RC1.

This is what I get in 11-RC1 from sysctl:

(freebsd11 ) 0 # sysctl -a |grep xen
kern.vm_guest: xen
device  xenpci
vfs.pfs.vncache.maxentries: 0
dev.xenbusb_back.0.%parent: xenstore0
dev.xenbusb_back.0.%pnpinfo:
dev.xenbusb_back.0.%location:
dev.xenbusb_back.0.%driver: xenbusb_back
dev.xenbusb_back.0.%desc: Xen Backend Devices
dev.xenbusb_back.%parent:
dev.xn.0.xenstore_peer_path: /local/domain/0/backend/vif/245/0
dev.xn.0.xenbus_peer_domid: 0
dev.xn.0.xenbus_connection_state: Connected
dev.xn.0.xenbus_dev_type: vif
dev.xn.0.xenstore_path: device/vif/0
dev.xn.0.%parent: xenbusb_front0
dev.xbd.1.xenstore_peer_path: /local/domain/0/backend/vbd3/245/768
dev.xbd.1.xenbus_peer_domid: 0
dev.xbd.1.xenbus_connection_state: Connected
dev.xbd.1.xenbus_dev_type: vbd
dev.xbd.1.xenstore_path: device/vbd/768
dev.xbd.1.%parent: xenbusb_front0
dev.xbd.0.xenstore_peer_path: /local/domain/0/backend/vbd3/245/832
dev.xbd.0.xenbus_peer_domid: 0
dev.xbd.0.xenbus_connection_state: Connected
dev.xbd.0.xenbus_dev_type: vbd
dev.xbd.0.xenstore_path: device/vbd/832
dev.xbd.0.%parent: xenbusb_front0
dev.xenbusb_front.0.%parent: xenstore0
dev.xenbusb_front.0.%pnpinfo:
dev.xenbusb_front.0.%location:
dev.xenbusb_front.0.%driver: xenbusb_front
dev.xenbusb_front.0.%desc: Xen Frontend Devices
dev.xenbusb_front.%parent:
dev.xs_dev.0.%parent: xenstore0
dev.xctrl.0.%parent: xenstore0
dev.xenballoon.0.%parent: xenstore0
dev.xenballoon.0.%pnpinfo:
dev.xenballoon.0.%location:
dev.xenballoon.0.%driver: xenballoon
dev.xenballoon.0.%desc: Xen Balloon Device
dev.xenballoon.%parent:
dev.debug.0.%parent: xenpv0
dev.privcmd.0.%parent: xenpv0
dev.evtchn.0.%parent: xenpv0
dev.xenstore.0.%parent: xenpv0
dev.xenstore.0.%pnpinfo:
dev.xenstore.0.%location:
dev.xenstore.0.%driver: xenstore
dev.xenstore.0.%desc: XenStore
dev.xenstore.%parent:
dev.xen_et.0.%parent: xenpv0
dev.xen_et.0.%pnpinfo:
dev.xen_et.0.%location:
dev.xen_et.0.%driver: xen_et
dev.xen_et.0.%desc: Xen PV Clock
dev.xen_et.%parent:
dev.granttable.0.%parent: xenpv0
dev.xenpv.0.%parent: nexus0
dev.xenpv.0.%pnpinfo:
dev.xenpv.0.%location:
dev.xenpv.0.%driver: xenpv
dev.xenpv.0.%desc: Xen PV bus
dev.xenpv.%parent:
dev.xenpci.0.%parent: pci0
dev.xenpci.0.%pnpinfo: vendor=0x5853 device=0x0001 subvendor=0x5853 
subdevice=0x0001 class=0x01
dev.xenpci.0.%location: slot=3 function=0 dbsf=pci0:0:3:0 handle=\_SB_.PCI0.S18_
dev.xenpci.0.%driver: xenpci
dev.xenpci.0.%desc: Xen Platform Device
dev.xenpci.%parent:
dev.xen.xsd_kva: 18446735281894703104
dev.xen.xsd_port: 3
dev.xen.balloon.high_mem: 0
dev.xen.balloon.low_mem: 0
dev.xen.balloon.hard_limit: 18446744073709551615
dev.xen.balloon.driver_pages: 0
dev.xen.balloon.target: 2097152
dev.xen.balloon.current: 2096128

I’ve tried switching the „OS Type“ to something like „other PV“ and get a bit 
more throughput. But nowhere near enough to make this useful.

Over at freebsd-xen, Roger thinks it looks right from the FreeBSD-side.

I’m not the administrator of the Xen-Server itself (it’s part of an Apache 
CloudStack private cloud cluster setup), but I can have pretty much any setting 
checked/tried I need.







___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: HP DL 585 / ACPI ID / ECC Memory / Panic

2016-05-12 Thread Rainer Duffner


> Am 12.05.2016 um 21:03 schrieb Steven Hartland :
> 
> I wouldn't rule out a bad cpu as we had a very similar issue and that's
> what it was.
>> 




IIRC, the AMD-servers of HP had numerous problems for the first few generations.
Some worked well (I think we have a handful of 385 G1/G2/G5 still running), but 
other would just hang or crash from time to time.
May boss was never too keen on them anyway, so we never had that many to begin 
with.

Plus, HP servers had and have a way of popping when you remove the power from a 
long-running one (that’s probably servers in general).
Most times, it’s only the PSU or a disk, but we’ve also fried NICs by simply 
powering the damn thing off…

___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: Poll: FreeBSD userbase in 2016

2016-02-26 Thread Rainer Duffner

> Am 27.02.2016 um 00:24 schrieb Andy Farkas :
> 
> On 27/02/2016 13:09, Lucius Rizzo wrote:
>> I am wondering who else (these days) uses FreeBSD commercially and/or any 
>> major names to understand current userbase. Is there any data on this?
>> 
> 
> The FreeBSD web site (https://www.freebsd.org/) has a link on
> the home page:
> 
> "... the platform of choice for many of the busiest web sites ..."
> 
> Try clicking on it.
> 

You can get a sneak-peek from looking at pages like a VendorSummit wiki-page:

https://wiki.freebsd.org/201511VendorDevSummit 

We just use it for servers.
Nothing really earth-shattering.

Almost everything it does could be done by Ubuntu. Or CentOS.
But then we’d have to worry about even more servers with another f*’ing glibc 
bug.

Let’s see how this OpenSSL thing plays out this time….

People seem to be starting to use it in appliances more, in various shapes.

___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: After BIOS-Upgrade, I can't (UEFI-) boot anymore

2015-11-18 Thread Rainer Duffner


> Am 18.11.2015 um 14:33 schrieb O'Connor, Kevin 
> :
> 
> 
> 
> From the wiki
> 
> The boot process proceeds as follows:
> 
>UEFI firmware runs at power up and searches for an OS loader in the EFI 
> system partition. The path to the loader may be set by an EFI environment 
> variable, with a default of /EFI/BOOT/BOOTX64.EFI.
> 
>For FreeBSD, boot1.efi is installed as /EFI/BOOT/BOOTX64.EFI.
>boot1.efifat is an image of such a FAT filesystem for use by 
> bsdinstall 
>boot1.efi locates the first partition with a type of freebsd-ufs, and from 
> it loads loader.efi. (This may be a different disk than the one holding the 
> EFI system partition.)
>loader.efi loads and boots the kernel, as described in loader(8).
> 
> So my best guess is that something has been changed by the upgrades and 
> boot1.efi  no longer knows the correct location of  /boot/loader.efi
> 
> You'll have to go digging in the EFI system partition to work out what has 
> changed. (I assume you have done an automated install of the HP support DVD 
> and upgraded the array controller and the HDD microcode etc.)
> 
> Kevin
> 




I’ve figured it out already (after sleeping a few hours and looking at it all 
morning.

The system contains an additional controller (H240, in JBOD mode) that hosts 
another 8 disks.
The first of these disks previously (and briefly) housed another FreeBSD 
installation, with the GPT etc. that comes with it.
Even though it was now part of a zpool, the labels etc. persisted. I had 
forgotten about this...
Upon the BIOS upgrade, the system suddenly started looking at this disk, too 
and tried to boot from it.

I had to offline the disk, remove the partitions and the GPT and online the 
disk again - and then it would boot again.




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

After BIOS-Upgrade, I can't (UEFI-) boot anymore

2015-11-17 Thread Rainer Duffner

Hi,

I have a HP DL380 G9, that I boot from an internal SmartArray Controller 
provided RAID1 into FreeBSD 10.1 amd64.

I have upgraded the BIOS to the 2015-10 release and on reboot, I now get a 
message that

/boot/loader.efi 

can’t be found.

I can legacy boot it into mfsbsd and the file is there.

How can I fix this?
Or how can I debug this and why is this failing in the first place?



Rainer

___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

ZFS UEFI boot?

2015-09-20 Thread Rainer Duffner

Hi,

according to the wiki:

https://wiki.freebsd.org/UEFI#Tasks 

it’s still unsolved and hasn’t even been started.


According to the status report:

https://www.freebsd.org/news/status/report-2015-04-2015-06.html#ZFS-Support-for-UEFI-Boot/Loader
 


some work has been done.

https://lists.freebsd.org/pipermail/freebsd-hackers/2015-March/047486.html 



The reason I’m asking is that all of our servers are HP DL 3[6|8]0 Gen9.
These servers only support UEFI boot (you can set them to legacy-boot only for 
the next reboot).
I would assume this to be true for more and more servers.

I was playing with the idea of replacing the P440 controllers that we normally 
buy for these servers with the H240 controllers (these can be put into a so 
called „HBA mode“  and then present each disk directly, making them better 
suited for ZFS).

However, the server still only boots with UEFI.

And ZFS I want primarily to leverage beadm across all our servers...







___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: pkg does bad things after upgrade from 8.4 to 9.3

2015-09-09 Thread Rainer Duffner

> Am 09.09.2015 um 17:45 schrieb Michael R. Wayne <freebs...@wayne47.com>:
> 
> On Tue, Sep 08, 2015 at 11:06:02PM +0200, Rainer Duffner wrote:
>> 
>>> Am 08.09.2015 um 22:55 schrieb Michael B. Eichorn <i...@michaeleichorn.com>:
>>> 
>>> But you must reinstall everything. You upgraded your ABI going 8->9 so
>>> everything needs rebuilt/reinstalled. See next.
>> 
>> Exactly.
>> Or unpack the compat8x package by hand.
> 
> Explain this please?

If you don’t delete the old libraries, you don’t need that.
You can untar any package (it’s just a tar.xz).

> 
>> Or don???t delete the old libraries upon upgrading???
> 
> We never delete the old libraries. So the old binaries function.
> But, the goal is to migrate to 9.X executables over time. The
> motivation for this is that upgrading something almost always breaks
> things and it is MUCH easier to deal with these breakages incrementally
> over several days, rather than having everything broken at once.
> 

How about a test-system?

> Note that NONE of this explains why pkg would delete ANYTHING. I
> can (sorta) see that upgrading bash says I have to upgrade mutt
> (but, really, it should just install a new library for bash and let mutt
> run on the old one) but can not think of a reason it would remove
> it!

It deletes the old packages, usually.
Unless it can’t find a replacement. Then (IIRC), it just leaves the package as 
is.

This is really just a case of „you’re holding it wrong“ IMO.

pkg has a few problems, still - but most of them are inherent to the way and 
the speed that the ports-tree evolves (IMO) and you can’t catch every corner 
case.

That’s why you build your own packages, run your own repository and install all 
the same packages on every host so that your upgrades always work the same and 
you test it on a few test-servers, then the "guinea-pig“ servers and then the 
rest.

I’ve got a hundred (more or less) FreeBSD servers and jails with pkg - and 
there’s been maybe a handful of structural problems since I started using it.
At some point (maybe during a rename) mysql-server was deleted but not 
upgraded. Big deal, you install it again, start it, run mysql-upgrade and all 
is peachy again.

Compared to the nightmare of upgrading more than a handful of servers with the 
old pkg_ tools, this is like a walk on the beach.

___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: pkg does bad things after upgrade from 8.4 to 9.3

2015-09-08 Thread Rainer Duffner


> Am 08.09.2015 um 22:55 schrieb Michael B. Eichorn :
> 
> 
> 
> But you must reinstall everything. You upgraded your ABI going 8->9 so
> everything needs rebuilt/reinstalled. See next.
>> 


Exactly.
Or unpack the compat8x package by hand.
Or don’t delete the old libraries upon upgrading…


>> 
> 
> There is pkg-lock(8) but dont do it. You really need to upgrade it all
> for a major version change.
> 



The valid use-case for pkg-lock is (IMO) if you want to downgrade.
I follow the quarterly cuts of the ports-tree and build my own repo.
If I need to downgrade from Q3 to Q2, I usually lock pkg only and do a pkg 
upgrade -f
The lock „survives“ even the -f.
The previous pkg may have problems reading the new pkg database created by the 
new pkg….
Locking anything else besides pkg is just a way to get unhappy.

If you have more than a handful machines or are not content with the packages 
provided by FreeBSD, running your own repo is a must IMO.

For our Ubuntu and CentOS-servers at work, we don’t do the builds ourselves  - 
but we still run our own mirror that is updated at our own schedule (so that 
servers are on a defined patch-level).




___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"

Re: SSH Chroot FreeBSD 10.1 and 10.2

2015-08-22 Thread Rainer Duffner


 Am 22.08.2015 um 15:45 schrieb Brandon Allbery allber...@gmail.com:
 
 On Sat, Aug 22, 2015 at 9:32 AM, Johan Hendriks joh.hendr...@gmail.com
 wrote:
 
 chroot is what it says on the tin: once set, the specified directory is
 /. Every file accessed from that point on MUST be available from a tree
 in which the specified chroot directory is /. This includes symlinks ---
 symlink resolution doesn't get to see outside the specified / any more
 than anything else running in the chroot does, so you cannot simply symlink
 to a file outside the chroot. (Hard links are fine, since they are actually
 by inode number; they just have to be on the same partition.)


I found it’s much easier to have actual chroot’ed ssh users once the users 
themselves are in an LDAP-directory.
Also, for doing anything useful on that shell, it turned out you need a some 
more devices in /dev than the usual chroot (like a chroot’ed PHP-FPM, that just 
needs the dev-set of jail(4)).
And a couple of symlinks.

I’ve done this once for a customer (chroot’ed ssh accounts) and unless this 
gets more easier in the future, I’ve made a note to myself to not do that again 
any time soon.

I hadn’t thought of just using /rescue (I would nullfs-mount it into your 
target-directory, else you’ve got to copy it again every time you run 
freebsd-update).
But in my php-fpm chroots, I also need stuff from packages (ImageMagick, most 
notably).
I end up nullfs-mounting most of the system (except /sbin directories) into the 
various chroots, but I was always looking for a better approach.

It’s all a bit of an hack, with lots of stuff borrowed from ezjail ;-)

The big advantage of using nullfs mounts is that I don’t have to think about 
updating the chroots if I update the packages (except /var/run/ld-elf*).


Thinking about this: now that we have pkg - would pkg -c (chroot) also create 
the SQLite DB inside the chroot?



Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: freebsd-update upgrading 9.2 - 9.3

2015-06-14 Thread Rainer Duffner


 Am 14.06.2015 um 15:46 schrieb Dave Duchscher da...@nostrum.com:
 
 Trying to upgrade a system from 9.2 - 9.3 with freebsd-update and I get the 
 output below.  Search has seen reports but not solutions.  I also tried 
 upgrading to 10.1 and seeing similar issue those the No such file or 
 directory error only shows up once but is asking for me to manually merge 
 lots of unmodified files in /etc.
 
 Anybody have a clue on what is going wrong?



Are you on the latest patch-level for 9.2?




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: freebsd-update upgrading 9.2 - 9.3

2015-06-14 Thread Rainer Duffner


 Am 14.06.2015 um 20:51 schrieb Dave Duchscher da...@nostrum.com:
 
 On Jun 14, 2015, at 8:59 AM, Rainer Duffner rai...@ultra-secure.de wrote:
 
 
 Am 14.06.2015 um 15:46 schrieb Dave Duchscher da...@nostrum.com:
 
 Trying to upgrade a system from 9.2 - 9.3 with freebsd-update and I get 
 the output below.  Search has seen reports but not solutions.  I also tried 
 upgrading to 10.1 and seeing similar issue those the No such file or 
 directory error only shows up once but is asking for me to manually merge 
 lots of unmodified files in /etc.
 
 Anybody have a clue on what is going wrong?
 
 
 
 Are you on the latest patch-level for 9.2?
 
 Looking, I am not at the latest version. Trying to upgrade to the latest 
 version breaks things (ssh is the main thing, missing libssh.so.5 errors). 
 Ignoring the breakage, I get the same errors. Using the freebsd-update script 
 from the latest 9.2 doesn't help.
 
 I am guessing a rebuild of the system is necessary. That may have to wait for 
 another day.  Thankfully, I can rollback.
 
 --
 Dave
 


Sometimes, there are updates for freebsd-update itself that are required for a 
-r upgrade.

So, it’s IMO good practice to update to the latest patch level and then do the 
upgrade.
Or at least get the latest version of freebsd-update from somewhere else and 
use that.



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: CARp comatibility between 9 and 10

2015-06-07 Thread Rainer Duffner


 Am 07.06.2015 um 12:33 schrieb Pete French petefre...@ingresso.co.uk:
 
 I have a pair of firewalls running FreeBSD 9 to upgrade
 to 10 next week. I know CARp was rewritten, but I was wndering a few
 things before I started. Mainly is it possible to have one
 machine running 9 and one running 10 with the failover working
 between themproperly. The reason I am wondering s that on 10 it appears
 you set a VHID per IP address, whereas on 9 it is per interface. I have
 multiple IP addresses on the carp interfces on 9, so on 10 can I simply
 set them up all with the same VHID, or is that not supported ?
 
 Thanks for any avice which might make Monday morning back in the office
 go a bit easier :)
 



I did this a while ago - and it actually worked.
(CARP between 9 and 10).

I think I have each IP assigned its own VHID, though.




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: OVH KS-2G Random Reboots [FreeBSD 9.1-RELEASE-p6]

2013-08-29 Thread Rainer Duffner


Am 29.08.2013 um 23:09 schrieb Paul Chakravarti paul.chakrava...@gmail.com:

 
 Hello,
 
 I was wondering if anyone else is having reboot issues running FreeBSD 9.1 on 
 the OVH KS-2G low-cost dedicated servers (amazingly cheap at £2.49/month - 
 see http://www.ovh.co.uk/dedicated_servers/kimsufi.xml). 
 
 I am running FreeBSD 9.1-RELEASE-p6 and am getting multiple random reboots 
 daily (sometimes hours apart, sometimes minutes).
 
 Unfortunately there is no evidence anywhere on the system of the cause of 
 these, in particular nothing at all in logs other then the kernel coming back 
 up and nothing in /var/crash (I do have dumpdev=AUTO in rc.conf). 
 
 I am running the standard kernel updated by 'freebsd-update' and have removed 
 the OVH RTM stuff. There is no particular load on the system at the time.
 
 I suspect that it might be a hardware issue however have tried extended runs 
 (upto 8 hours) of 'cpuburn' and 'stress' from ports which run fine. Strangely 
 there seem to be less reboots under heavy load but that may just be 
 perception.



Could it be that under heavy load, the fans spin up and then the whole rig is 
actually cooler?

Sounds weird, I know. But that was the very first thought that crossed my mind.

Can't you just rent another one, transfer your data and then cancel the 
contract on the first?

That way, you really get a different rig ;-)


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Please remove Perl from ports

2013-08-01 Thread Rainer Duffner

Am Thu, 1 Aug 2013 11:32:47 -0700 (PDT)
schrieb Chris H bsd-li...@1command.com:

 Greetings Stephen, and thank you for your thoughtful reply.
  On 08/01/2013 10:31 AM, Chris H wrote:
 
  So, in the end; why did Perl have to be relocated? Is my only
  recourse at this point to
  # cd /
  # rm -rf .
 
  When I get into this kind of bad situation, I usually do something
  slightly less drastic:
  # pkg_delete -a
  # find -d /usr/local -type d -exec rmdir {} \;
  This last command removes empty directories in /usr/local (it also
  produces lots of error messages when it tries to remove non-empty
  directories).  Then I look through the contents of /usr/local,
  especially if there is anything in /usr/local/etc
  or /usr/local/libexec where some of my manually changed
  configuration files reside.  And then I delete any crud left over
  that I know I don't need.
 
  After that, I rebuild all the ports from scratch.
 
  Finally, I do understand why you feel the need to vent, and I don't
  want to belittle your feelings of frustration.  But I do think
  everyone is trying their best.
 I believe this for the most part, as well. Being, and having been
 involved in a vast multitude of large projects, over the years. Has
 given me a keen understanding of all the burdens, one can come to
 expect. The many, many hours w/o sleep. The seemingly never ending
 stress that comes from frequently running right up to, or beyond
 deadlines. Having to greet rabid users with a calm tone, and a smile.
 As such, and with the nearly 30yrs. using *BSD, I have come to expect
 quite a bit more, than I have experienced, in recent months. Make no
 mistake; I have no intention of throwing the baby out w/ the bath
 water here. But *recent* changes have given me cause for alarm. That
 the BSD I have come to know, love, and greatly depend on. Is becoming
 something *quite* different. And if I don't say something, how will
 those the make the changes know what their user base thinks? How will
 they know what affects those changes has on them? Frankly, I *still*
 have no idea why it was _so_ important to change the install
 structure for Perl on FreeBSD. 


I don't know either (I've yet switch-over allmost all my systems), but I
do believe that with the availability of pkgng, users who don't use it
are in for a _very_ rough ride. It's not written out anywhere
(TTBOMK), but the writing is on the wall.

That said, I honestly think that without pkgng, we ($work) would have to
ditch FreeBSD almost completely - simply because /usr/sbin/pkg_* are
useless once the number of systems you have outnumbers the number of
fingers on one hand.
While a case can be made that a lot of the problems can be scripted
around, a similar case can be made that all of it *just works* in
Ubuntu-land - and that even relieves you of the burden to build the
packages via poudriere (which is quite a bit of work, if you try to
bring some sense of API-stability to your systems by not just svn
up'ing ports every day and building that).


Transisition to pkgng has been very smooth for us, BTW.





___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: ZFS Panic after freebsd-update

2013-07-01 Thread Rainer Duffner


Am 01.07.2013 um 20:56 schrieb Steven Hartland kill...@multiplay.co.uk:

 - Original Message - From: Scott Sipe csco...@gmail.com
 So I realize that neither 8.2-RELEASE or 8.4-RELEASE are stable, but I
 ultimately wasn't sure where the right place to go for discuss 8.4 is?
 Beyond the FS mailing list, was there a better place for my question? I'll
 provide the other requested information (zfs outputs, etc) to wherever
 would be best.
 This is a production machine (has been since late 2010) and after tweaking
 some ZFS settings initially has been totally stable. I wasn't incredibly
 closely involved in the initial configuration, but I've done at least one
 binary freebsd-update previously.
 Before this computer I had always done source upgrades. ZFS (and the
 thought of a panic like the one I saw this weekend!) made me leery of doing
 that. We're a small business--we have this server, an offsite backup
 server, and a firewall box. I understand that issues like this are are
 going to happen when I don't have a dedicated testing box, I just like to
 try to minimize them and keep them to weekends!
 It sounds like my best bet might be to add a new UFS disk, do a clean
 install of 9.1 onto that disk, and then import my existing ZFS pool?
 
 There should be no reason why 8.4-RELEASE shouldn't work fine.
 
 Yes ZFS is continuously improving and these fixes / enhancements first hit
 head / current and are then MFC'ed back to stable/9  stable/8, but that
 doesn't mean the release branches should be avoided.
 
 If you can I would try booting from a 8.4-RELEASE cdrom / iso to see
 if it can successfully read the pool as this could eliminate out of sync
 kernel / world issues.



Personally, I find mfsbsd much more practical for booting up a 
rescue-environment.
Also, if 8.4 does not work for some reason - maybe try 8.3?

I have quite a lot of systems running 8.3 (and even more with 9.1) but none of 
them do zfsroot and none of them stresses ZFS very much.
I've so far resisted the urge to update to 8.4.

The reason why I would be interested to run zfs-root is that sometimes, you 
only have two hard drives and still want to do ZFS on it.

Ideally, though, FreeBSD would be able to do something like SmartOS (one of the 
few features I kind of like about it…), where you boot from an USB-image (or 
ideally, via (i)PXE) but use all the available space for data and (3rd-party) 
software. That way, you always have something to boot from, but can maximize 
the usage of spindles and space.
A basic FreeBSD install is, I think, less than 0.5G these days - I really hate 
wasting two 300 (or even 600) GB SAS hard disks just for that.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Problem with ftp-proxy

2013-06-18 Thread Rainer Duffner

Hi,


I use ftp-proxy, together with the patch that starts multiple instances:

http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/158171

I use it in a combination with pure-ftpd on the backend-server.

on the proxy:

 1434 ??  Ss   0:17.06 /usr/sbin/ftp-proxy -vv -b 127.0.0.2 -R 192.168.91.42
92144 ??  Ss   0:00.06 /usr/sbin/ftp-proxy -vv -b 127.0.0.1 -R 192.168.91.41


Originally, the proxy was on FreeBSD 8.3.
A while ago, I updated it to FreeBSD 9.1.

Now, the customer, who hadn't logged in for a while complained that
while they could still login, it was not possible to view contents of
directories or transfer files.

I have the following pf.conf:



ext_if=em0
int_if=em1
backend_ip=10.10.113.70
ftp_host_prod=192.168.91.41
ftp_host_test=192.168.91.42
proxyip_prod=127.0.0.1
proxyip_test=127.0.0.2

nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
nat on $ext_if from !($ext_if) - ($ext_if:0)
# didn't have the above line previously, but it does not make a
difference
rdr pass log proto tcp from any to EXT_IP_PROD port ftp -
$proxyip_prod port 8021
rdr pass log proto tcp from any to EXT_IP_TEST port ftp -
$proxyip_test port 8021

anchor ftp-proxy/*
pass out log proto tcp from $backend_ip to $ftp_host_prod port 21
pass out log proto tcp from $backend_ip to $ftp_host_test port 21


I tried switching pure-ftpd on the backend-server to FreeBSD's ftpd,
but that didn't change anything.

There is both an additional firewall in front of the proxy and in front
of the backend-server - but they don't log any denied traffic.
Neither does pf.

When I connect to the EXT_IP_PROD on the proxy itself and try to list
files, it takes a while before a timeout occurs, and then, on the 2nd
try, it actually works.




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Problem with ftp-proxy

2013-06-18 Thread Rainer Duffner


Am 18.06.2013 um 13:32 schrieb Mark Felder f...@feld.me:

 On Tue, 18 Jun 2013 06:11:43 -0500, Rainer Duffner rai...@ultra-secure.de 
 wrote:
 
 Hi,
 
 
 I use ftp-proxy, together with the patch that starts multiple instances:
 
 
 I recommend avoiding ftp-proxy and setting up static rules that you know will 
 work. On our systems in pure-ftpd.conf we set
 
 PassivePortRange  3000 3200
 
 and then on the system's firewall and every firewall in front we pass through 
 ports 3000-3200. It's a simple solution that's guaranteed to work, and you 
 don't have to debug what the proxy is doing.
 
 Also, most ftp-proxy software tends to do a very bad job once you start 
 throwing in FTPES. We see this with customer firewalls all the time. These 
 firewall services under the guise of proxys, fixups, or Application 
 Layer Gateways are just inconsistent and unreliable no matter which vendor 
 supplies it.
 
 Note, you may have to make the range larger if you expect more than 200 
 concurrent sessions.



Hi,

thanks for the hint.

I didn't get that to work right away, either….

But while I worked through various documentations and tutorials, I checked if
net.inet.ip.forwarding
was actually set to 1.
It wasn't, even though sysctl.conf had it set.


After re-applying it, things started to work again…



Best Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

How to get pkgng work through a proxy?

2013-05-14 Thread Rainer Duffner

Hi,

I have this host (a cloned VM, FreeBSD 9.1 AMD64) behind an Astaro
Web-Proxy:


(blahost /root) 70 # pkg
update
[12:00] Updating repository catalogue
repo.txz3%
10KB   0.5KB/s   0.0KB/s - stalled -pkg:
http://pkgng.our.repo/91amd64-91patch/repo.txz: Operation timed out


It's a proxy with authentication.

I'm not sure if it's a fetch(3) problem in general.
Because a single fetch from the same server of a small and large file
does work, though a bit slow.

pkg is 1.0.2







___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Why does poudriere always rebuild nginx and GraphicsMagick13?

2013-02-14 Thread Rainer Duffner


Am 12.02.2013 um 23:11 schrieb Baptiste Daroussin b...@freebsd.org:

 On Tue, Feb 12, 2013 at 10:59:28PM +0100, Rainer Duffner wrote:
 Hi,
 
 poudriere 2.2 here, running on 9.1-amd64
 
 Of the 730-ish ports, whenever I run a build, it always rebuilds the above 
 two ports.
 Even if nothing changed.
 
 Is there are specific reason for this?
 
 I don't really mind nginx, because it builds so quickly - but GraphicsMagick 
 takes a bit too long.
 
 2.2 is so old :)
 please upgrade to at least 2.3.1, lots of things as been fixed since, and soon
 2.3.2 with lots of other bug fixes.
 
 I'm sure 2.3.1 fixes your problems, or at least will explain you why something
 is rebuilt (it is now explained during the sanity check)
 
 regards,
 Bapt



Hi Baptiste,

so I upgraded to 2.3.1 but it still rebuilds those two ports every single time 
I run a bulk build.

…
 Options changed, deleting: GraphicsMagick-nox11-1.3.16_1.txz
 Options changed, deleting: nginx-1.2.6,1.txz
...


drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 GraphicsMagick/
drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 GraphicsMagick13/
drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 nginx/


Somehow, it thinks the options have changed.
Maybe, the options-file has an error?



Regards,
Rainer

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Why does poudriere always rebuild nginx and GraphicsMagick13?

2013-02-14 Thread Rainer Duffner

 
 
 Hi Baptiste,
 
 so I upgraded to 2.3.1 but it still rebuilds those two ports every single 
 time I run a bulk build.
 
 …
  Options changed, deleting: GraphicsMagick-nox11-1.3.16_1.txz
  Options changed, deleting: nginx-1.2.6,1.txz
 ...
 
 
 drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 GraphicsMagick/
 drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 GraphicsMagick13/
 drwxr-xr-x  2 root  wheel  512 Dec 21 09:20 nginx/
 
 
 Somehow, it thinks the options have changed.
 Maybe, the options-file has an error?
 


OK, another issue crept up.

I started to build www/rt40 and it worked - until I updated it to the latest 
commit.
Now I get:

 [02] Finished build of www/rt40: Ignored: please select one of 
AP_MODPERL, AP_MODFASTCGI, LIGHTTPD, SPAWN_FCGI or BUILTIN


But I have:

cat /usr/local/etc/poudriere.d/91amd64-options/rt40/options
# This file is auto-generated by 'make config'.
# Options for rt-4.0.10_1
_OPTIONS_READ=rt-4.0.10_1
_FILE_COMPLETE_OPTIONS_LIST=DEV GD GPG GRAPHVIZ SSL_MAILGATE MYSQL ORACLE PGSQL 
SQLITE AP_MODFASTCGI AP_MODPERL LIGHTTPD SPAWN_FCGI
OPTIONS_FILE_UNSET+=DEV
OPTIONS_FILE_SET+=GD
OPTIONS_FILE_SET+=GPG
OPTIONS_FILE_SET+=GRAPHVIZ
OPTIONS_FILE_SET+=SSL_MAILGATE
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_UNSET+=ORACLE
OPTIONS_FILE_SET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE
OPTIONS_FILE_UNSET+=AP_MODFASTCGI
OPTIONS_FILE_UNSET+=AP_MODPERL
OPTIONS_FILE_UNSET+=LIGHTTPD
OPTIONS_FILE_SET+=SPAWN_FCGI

If I run make patch in my local ports tree, with the above options file, it 
runs through.


Is this a poudriere problem or more of a problem with the port itself?




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Why does poudriere always rebuild nginx and GraphicsMagick13?

2013-02-12 Thread Rainer Duffner

Hi,

poudriere 2.2 here, running on 9.1-amd64

Of the 730-ish ports, whenever I run a build, it always rebuilds the above two 
ports.
Even if nothing changed.

Is there are specific reason for this?

I don't really mind nginx, because it builds so quickly - but GraphicsMagick 
takes a bit too long.




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

pkgng and updated packages

2013-01-28 Thread Rainer Duffner

Hi,

I run my own pkgng repo (via poudriere) and it seems to work great.
However, I've got more questions...

 - when PHP got updated to 5.3.21 (from 5.3.20), all the other stuff
   that depends on it (PECL-*, pear-*) got rebuilt, too.
   (In my ports-tree, I just imported the update of PHP and nothing
   else)
 - but on the client, when I ran pkg upgrade, only the php-packages got
   upgraded. Is that correct? Shouldn't it also update the PECL and pear
   packages?
 - how do I re-install all packages? I will soon upgrade some systems
   from 8.3 to 9.1 and I want to reduce the number of systems I build
   packages for. Before pkgng, I would just pkg_delete everything then
   re-install and do a diff on the output of pkg_info |cut -f 1 -d  .
   I though there might be an easier way...
 - is there a make.conf switch to completely disable pkg_* or do I have
   to remove the binaries myself? Will they re-appear after a
   freebsd-update -r or even after a simple freebsd-update? If I install
   postfix, there is a switch in rc.conf do disable it completely and I
   think there should be something similar.





Best Regards,
Rainer



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: pkgng and updated packages

2013-01-28 Thread Rainer Duffner

Am Mon, 28 Jan 2013 14:52:20 +0100
schrieb Baptiste Daroussin b...@freebsd.org:

 On Mon, Jan 28, 2013 at 11:51:20AM +0100, Rainer Duffner wrote:
  Hi,
  
  I run my own pkgng repo (via poudriere) and it seems to work great.
  However, I've got more questions...
 
 Glad to hear it works well :)


Just needed some patience ;-)


 pkg itself does not care about that and trust the revision number to
 only what as changed is really updated. So force updating everything
 that depends on php a simple pkg install -fR php should do it
 correctly for you.

Ah, OK.

 pkg upgrade -f will upgrade everything. to avoid you to shoot
 yourself when upgrading from 8.3 to 9.1 we also provide a pkg-static
 binary so that even if pkg itself is linked against libraries that
 has disappeared in 9.1 you can still reisntall everything.


I currently don't have systems with pkgng. They are being rolled out as
new installs come.
But I've got about 50 systems I have to migrate. Most are 9.0 or 8.3.

 WITHOUT_PKGTOOLS will remove all the pkg_* tools if you are building
 world, but nothing like this in binary upgrade like freebsd-update
 what you can do is manually rm /usr/sbin/pkg_*
 


OK, I'll note this.



Best Regards
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: pkgng and updated packages

2013-01-28 Thread Rainer Duffner

Am Mon, 28 Jan 2013 14:52:20 +0100
schrieb Baptiste Daroussin b...@freebsd.org:

 pkg upgrade -f will upgrade everything. to avoid you to shoot
 yourself when upgrading from 8.3 to 9.1 we also provide a pkg-static
 binary so that even if pkg itself is linked against libraries that
 has disappeared in 9.1 you can still reisntall everything.



Unfortunately, it did not work.
Well, not at first.
It seems, it does not uninstall the old packages (which I thought it
would)
I go from PERL 5.10 to PERL 5.16, for example and it complains that
perl5.16 conflicts with perl5.10...


This I needed, too:

pkg set -o long/perl5.10:lang/perl5.16
pkg remove perl 
pkg set -o devel/pkg-config:devel/pkgconf
pkg remove -f pkg-config


But I don't really blame that on pkgng. 





___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: pkgng and updated packages

2013-01-28 Thread Rainer Duffner


Am 28.01.2013 um 18:31 schrieb Glen Barber g...@freebsd.org:

 On Mon, Jan 28, 2013 at 06:28:02PM +0100, Rainer Duffner wrote:
 I go from PERL 5.10 to PERL 5.16, for example and it complains that
 perl5.16 conflicts with perl5.10...
 
 This I needed, too:
 
 pkg set -o long/perl5.10:lang/perl5.16
 pkg remove perl 
 pkg set -o devel/pkg-config:devel/pkgconf
 pkg remove -f pkg-config
 
 
 Hmm, you should not have needed to remove perl or pkg-config.  They
 should have been upgraded as any other package.
 


I tried it without and it said it conflicted. It wanted to install perl5.16, 
without doing anything to 5.10.
Maybe it is because I already had PERL_VERSION=5.16.2 in /etc/make.conf?

I still have a couple of those to upgrade.
I can send pkg_info etc. and the commands I ran from the next server on 
Wednesday night.





___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: svn - but smaller?

2013-01-24 Thread Rainer Duffner

Am Thu, 24 Jan 2013 00:57:17 -0800
schrieb 'Jeremy Chadwick' j...@koitsu.org:


 Though your OPTIONS recommendations work for you, they do not work for
 everyone.  Some people sit behind firewalls where HTTP or HTTPS are
 the only viable means (native SVN or SVN+SSH will not work for
 them).  


But then, cvsup/csup didn't work either, right?
So, what did those people do in the days of cvsup?

As for the whole dependency/license nightmare - there is some truth[1]
in that and I'm sure, the people in charge are aware of it.

I was always under the assumption that the switch to svn was more of a
temporary stopgap solution where the benefits (progress of the FreeBSD
project) out-weighted the deficiencies.
The migration to a better system is supposed to be easier from svn
than cvs...


[1] I have the need to have mod_dav_svn in my subversion-package
(because a customer needs it and I only want to maintain one
pkgng-repo). Thus, every time svn is installed, apache gets pulled in,
too. Awesome.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Anothe pkgng question: signing a repository

2012-12-28 Thread Rainer Duffner

Am Thu, 27 Dec 2012 16:01:43 -0500 (EST)
schrieb Garrett Wollman woll...@hergotha.csail.mit.edu:

 In article 20121227162311$6...@grapevine.csail.mit.edu,
 rai...@ultra-secure.de writes:
 
 I'm creating my own repository and have created a key for it.
 [...]
 What does pkg expect to be in this file?
 
 A public key.  It does not use X.509 (nor is there any reason why it
 should, although I suppose it could be made to at the cost of
 significant added complexity and a bootstrapping problem).


Ah, OK.
When I hear key, I sort of assume there must be a certificate and a
CA involved.
It works now ;-)



Best Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Question: /usr/sbin/pkg vs /usr/local/sbin/pkg in 9.1

2012-12-27 Thread Rainer Duffner

Hi,

as I see it, pkgng is actually included in 9.1 as /usr/sbin/pkg, right?
But when I define
WITH_PKGNG=yes

in /etc/make.conf

the ports-system wants to install the pkgng-package (because it looks
for pkgng in /usr/local/sbin).

Is there a way to say I have the pkg tool in base already?

Or is the pkg in base supposed to just install the pkgng from ports?




Best Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Anothe pkgng question: signing a repository

2012-12-27 Thread Rainer Duffner

Hi,

I'm creating my own repository and have created a key for it.

I've created a CSR for it and used that to generate a certificate via
our internal CA. Because there was no other information available, I
used the profile that we use to generate SSL-certificates for web
servers.

I copied the certificate to the server and adjusted pkg.conf, but when I
want to query the repository, I get:

root@server:/etc/ssl/cert # pkg install net-snmpd
Updating repository catalogue
repo.txz
100%  219KB 219.5KB/s 219.5KB/s   00:00 pkg: error reading public
key(/etc/ssl/pkg.conf): error:0906D06C:PEM routines:PEM_read_bio:no
start line pkg: Invalid signature, removing repository.


What does pkg expect to be in this file?


openssl x509 displays the data for the certificate correctly, so I
really don't know what's missing.

I ktraced pkg and it is indeed reading the file.




Best Regards
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Will we get a RELEASE-9.1 for Christmas?

2012-12-11 Thread Rainer Duffner

Am Tue, 11 Dec 2012 11:18:44 -0500
schrieb Mark Saad nones...@longcount.org:

 So what is the short summary ? From what I can see, the wiki is out
 of date again. the ISO are on the master server, and working out to
 the mirrors. FreeBSD update is still not updated.  Does someone just
 need to just update the wiki with the relevant info ?


From my experience, it usually takes a couple of days from uploading
the ISOs to the official announcement.

I don't think it makes sense anymore to update the wiki now.

For the future, I also suggest not to make a timeline or a public
schedule at all.
It will stop people from making assumptions and plans for their
rollouts that more often than not just turn out to be unrealistic.
I myself actually anticipated a October/November-ish release-date when I
saw the first schedule...and even that turned out to be too optimistic.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: simple patch for portsnap to use wget

2012-11-29 Thread Rainer Duffner

Am Thu, 29 Nov 2012 14:13:43 +
schrieb Vincent Hoffman vi...@unsane.co.uk:

 On 29/11/2012 14:08, Devin Teske wrote:
  What…
 
  env http_proxy=user:pass@server:port fetch ...
 
  doesn't work for you?
 I think he means that setting
 env http_proxy=user:pass@server:port portsnap fetch
 
 doent work and that
 
 setting
 HTTP_PROXY=server:port
 HTTP_PROXY_AUTH=basic:user:pass
 then running
 portsnap fetch
 also doesnt work?


Last time I tried, this did not work.

A serious omission, IMO.


We have a lot of environments where the only way to connect to the
internet is via a proxy-server...

I looked and there is a patch 

http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/129431

from 2010 that is supposedly working on 9.1 still...

Never tried it myself, though.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: simple patch for portsnap to use wget

2012-11-27 Thread Rainer Duffner

Am Tue, 27 Nov 2012 10:22:09 +0200
schrieb Alexander Yerenkow yeren...@gmail.com:

 Do you aware that if wget tries download from https, and there is
 self-signed certificate, then it fails, and ask for
 --no-check-certificate option?
 How do your patch deal in that case?

So portsnap and freebsd-update don't care?

In any case, it's a wgetrc option, you can specify it in the global
configfile...


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FreeBSD 9.1 stability/robustness?

2012-11-04 Thread Rainer Duffner

Am Sat, 3 Nov 2012 21:56:45 -0400
schrieb Rick Miller vmil...@hostileadmin.com:

 On Fri, Nov 2, 2012 at 4:10 AM, Rainer Duffner
 rai...@ultra-secure.de wrote:
  Am Thu, 1 Nov 2012 20:14:51 -0600 (MDT)
  schrieb Brett Glass br...@lariat.net:
 
  I need to build up a few servers and routers, and am wondering how
  FreeBSD 9.1 is shaping up. Will it be likely to be more stable and
  robust than 9.0-RELEASE? Are there issues that will have to wait
  until 9.2-RELEASE to be fixed? Opinions welcome.
 
 
  If I'm not mistaken, the bge-stuff that makes the default NICs ins
  HP G8 servers (360+380) actually run will not make it back into 9.1.
  Intel cards work much better anyway...
 
 I have a blog post at
 http://blog.hostileadmin.com/2012/06/14/freebsd-on-hp-proliant-dl360p-g8-servers/
 which touches on this. 

It comes up invariably once you google for FreeBSD DL 380 G8...

 I heard as recently as today that the fixes
 for the BCM5719 and 5720 were recently committed to -CURRENT.  It's
 too late for them to be rolled into 9.1.  Not sure if they'll be
 committed to to stable/8 or not, but if so they could make it into
 8.4-R.

Oh - will were be an 8.4 release? That would be interesting.

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FreeBSD 9.1 stability/robustness?

2012-11-03 Thread Rainer Duffner

Am Sat, 3 Nov 2012 11:06:26 -0400
schrieb Mark Saad nones...@longcount.org:


 Hp did a presentation at work 2 weeks ago about the g8 . Hp said you
 can swap out a daughter card in the 360/380/580 for nic options like
 broadcom 4 port gigabit nic , melenox infinbabd, intel pro1000 4 port
 nic , qlogic 8Gb fc-al  and others . 


I've heard that, too (was on holiday when the sales-guy was here)

 They said its an FRU but I have
 not seen the parts yet . 


The quickspecs make no mention of it:

http://h18000.www1.hp.com/products/quickspecs/14212_na/14212_na.html


Only that 331FLR adapter, with contains that beloved BCM-chip.

http://h18000.www1.hp.com/products/quickspecs/14214_div/14214_div.HTML

Or one of the 10G adapters.
But 10G is probably worse - and we don't have any 10G switch-ports
anyway

With the infiniband-stuff, they are probably waiting for the first
customer to order a couple of thousand so they can do a profitable
one-off production run...
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FreeBSD 9.1 stability/robustness?

2012-11-02 Thread Rainer Duffner

Am Thu, 1 Nov 2012 20:14:51 -0600 (MDT)
schrieb Brett Glass br...@lariat.net:

 I need to build up a few servers and routers, and am wondering how
 FreeBSD 9.1 is shaping up. Will it be likely to be more stable and
 robust than 9.0-RELEASE? Are there issues that will have to wait
 until 9.2-RELEASE to be fixed? Opinions welcome.


If I'm not mistaken, the bge-stuff that makes the default NICs ins HP
G8 servers (360+380) actually run will not make it back into 9.1.
Intel cards work much better anyway...

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FreeBSD 9.1 stability/robustness?

2012-11-02 Thread Rainer Duffner

Am Fri, 2 Nov 2012 13:34:20 -0400
schrieb Mark Saad nones...@longcount.org:

 
 
 
 On Nov 2, 2012, at 4:10 AM, Rainer Duffner rai...@ultra-secure.de
 wrote:
 
  Am Thu, 1 Nov 2012 20:14:51 -0600 (MDT)
  schrieb Brett Glass br...@lariat.net:
  
  I need to build up a few servers and routers, and am wondering how
  FreeBSD 9.1 is shaping up. Will it be likely to be more stable and
  robust than 9.0-RELEASE? Are there issues that will have to wait
  until 9.2-RELEASE to be fixed? Opinions welcome.
  
  
  If I'm not mistaken, the bge-stuff that makes the default NICs ins
  HP G8 servers (360+380) actually run will not make it back into 9.1.
  Intel cards work much better anyway...
  
 Did you swap out the bge nic daughter card in the g8 servers for an
 intel one or , do you mean in general the intel nic support is
 better ? 

Both, actually.
At least, Intel has drivers for FreeBSD on their website and IIRC, it's
a Tier 1 OS for them.
I don't want to dis the efforts of the people working on the bXe stuff,
but from what I have read, they have much less support from the vendor.
We have used HP servers even back when they were still Compaq-servers
(and came with Intel NICs...) and this is really the first time we had
to install Intel NICs with them (with FreeBSD - there was an earlier
issue with Solaris, but that does not count...).

Are there Intel daughter cards for this server?
I thought, all the daugher-cards came with some sort of Broadcom
chipset.
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: 9.1-RC2 - could it be that the installer does not write the MBR?

2012-10-20 Thread Rainer Duffner

Am Fri, 19 Oct 2012 20:14:01 -0400
schrieb Glen Barber g...@freebsd.org:


 The grub prompt for (Open)Solaris?  Or do you use grub on FreeBSD?

I thought it was a linux grub (the Firmware-Update DVD is linux-based
and I thought it had gone postal.
But I came to realize that it was the Solaris grub.
We only use FreeBSD on servers and it's always the only OS on the disks.
 
 I _think_ at this point, you've hit the same problem I hit, the only
 difference is that in my case, 9.1-PRERELEASE was installed twice,
 because the paritions were not ideal.
 
 So, my guess is if you were to boot the install cd and select 'Live
 CD' or 'Shell' from the first menu option, and wrote the GPT bootcode
 to da0p1 (assuming da0 is the drive) and reboot, it would have booted
 fine.


I don't think this is what a user is expecting from an OS installation
routine
It's a bug.


Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: 9.1-RC2 - could it be that the installer does not write the MBR?

2012-10-19 Thread Rainer Duffner

Am Fri, 19 Oct 2012 11:32:49 -0700
schrieb Adrian Chadd adr...@freebsd.org:

 Guys/girls/etc,
 
 I do suggest that someone actually spends some time coming up with a
 table of what the current state is, what we could do, what would
 happen if we did that.
 
 Right now there's a lot of possibilities (new drive, drive with
 windows, drive with linux, drive with linux/windows, drive with legacy
 freebsd MBR, etc) and as an outsider trying to figure out what is
 actually the right sounding behaviour, it's difficult for me to sit
 down and digest all these emails that chip away at a bit of the
 problem at a time.
 
 So if you'd like to see this fixed, I really do suggest that one of
 you dumps some time into coming up with a basic table like I said
 above, work with others who can correct/flesh out the various options
 to take into account, and then we can come up with a real solution.
 Then 9.1 can go out the door.
 


If I select the entire disk for FreeBSD, I think it's a reasonable
assumption that the MBR should replaced, too.
Please don't make people install FreeBSD 9.0 first on disks with
non-FreeBSD MRRs and then upgrade to 9.1.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: 9.1-RC2 - could it be that the installer does not write the MBR?

2012-10-19 Thread Rainer Duffner

Am Fri, 19 Oct 2012 17:11:30 -0400
schrieb Glen Barber g...@freebsd.org:

 On Fri, Oct 19, 2012 at 10:38:41PM +0200, Rainer Duffner wrote:
  If I select the entire disk for FreeBSD, I think it's a reasonable
  assumption that the MBR should replaced, too.
  Please don't make people install FreeBSD 9.0 first on disks with
  non-FreeBSD MRRs and then upgrade to 9.1.
  
 
 Can you outline for me in detail what you did when you partitioned
 your drive during the installation?

I chose entire disk, then deleted all partitions-suggestions except
the first one and created my own partitioning scheme.
(/, swap, var, usr, maybe /var/log and /home, too)
 
 I have seen your specific issue exactly once, and reliably reproducing
 the problem has not been successful so far.
 
 BTW, what was on the drive before you did the install, if anything?

It had a version of Solaris. Maybe Opensolaris. I don't know exactly.
And I don't know if it had zfsroot or not. I created a HW-RAID1 with
the HP P400 controller on it.
The drives were previously used in another server.

I tried to install 9.1RC2 twice on these disks and it always went back
to the grub-prompt after reboot.
Then I installed 9.0 and it's running now.




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: 9.1-RC2 - could it be that the installer does not write the MBR?

2012-10-18 Thread Rainer Duffner

Am Thu, 18 Oct 2012 11:31:56 -0500
schrieb Chuck Burns brea...@gmail.com:

 On 10/18/2012 11:05 AM, Brandon Allbery wrote:
  On Thu, Oct 18, 2012 at 5:31 AM, Kimmo Paasiala
  kpaas...@gmail.com wrote:
 
  Such question does not make sense if the disk is GPT partitioned
  which is the default now. The boot loader is installed on a
  separate freebsd-boot partition and the MBR of the disk contains a
  special protective MBR.
 
 
  And what is supposed to happen if the disk has an existing MBR and
  existing partitions?
 
 
 Besides which.. Do you want FreeBSD to overwrite the MBR?

Yes.
I've long since given up on FreeBSD for workstations - I simply don't
have the time to get everything right.

 Thus
 erasing grub when someone is attempting to install FreeBSD alongside
 Linux?


How many people actually do that, now that there are so many
virtualization-options?

 
 If you do not want GRUB, you must remove GRUB and revert to a proper
 MBR.

And how do you remove GRUB?
The original OS did no longer boot in my case

Do I need to file a PR for this?


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

9.1-RC2 - could it be that the installer does not write the MBR?

2012-10-17 Thread Rainer Duffner

Hi,

I tried to install 9.1-RC2 amd64 on two disks that previously had some version 
of Solaris installed (with grub as boot-manager).
The installation would always be successful, but it would just boot to grub and 
then sit there.

It's a rather old G1 BL460C blade, but 9.0 installs flawlessly.

I didn't have time to really test it through because the server needed to get 
installed and it had taken me some time to realize what had happened.

Maybe someone might want to look into this.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FreeBSD 9.1-RC1 Available...

2012-08-23 Thread Rainer Duffner

Am Thu, 23 Aug 2012 09:43:01 -0600
schrieb Ian Lepore free...@damnhippie.dyndns.org:

 On Thu, 2012-08-23 at 11:17 -0400, Ken Menzel wrote:
  
  I found two good primers:
  http://mebsd.com/configure-freebsd-servers/update-freebsd-source-tree-using-subversion-svn.html
  http://www.freebsd.org/doc/en/articles/committers-guide/article.html#SUBVERSION-PRIMER
  
  The second primer in the committer handbook seems to indicate that
  it is difficult to run an SVN mirror. This appears to me to be the
  biggest drawback.  I have been using CVS and perforce for years,
  but subversion is new to me. 
 
 It may be difficult to run an svn mirror that allows you to commit
 locally and get those changes back to the project, but running a
 read-only mirror is trivial.  The script I run nightly from cron to
 sync my local mirror is:
 
 #!/bin/sh
 #
 # svnsync to pull in changes from FreeBSD to my local mirror.
 #
 svnsync sync file:///local/vc/svn/base
 


I may have misunderstood all this, but I run a local read-only mirror of
the source-repository for my tinderbox (via the cvsup-mirror port).
Do I have to change that from csup to svn, too, then?

Given the fuzz made here about deprecating (or not) pkg_* recently, I
can hardly believe that this was broken just so.

Is there a new port that does the same for svn?




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

t_delta too long / too short messages?

2012-08-21 Thread Rainer Duffner

Hi,

I run 8.3 AMD64 in a VM (on esx 5u1).
Install went flawless, but on reboot, it takes a very long time to get
to the login-prompt and the console displays all these

t_delta 15.fe49d775fc69de00 too short
t_delta 16.03698e84842065e0 too long
t_delta 15.fe47fbbbc968bdc0 too short
t_delta 15.fe49aaef471687c0 too short
t_delta 16.0367d4c554c3ec80 too long
t_delta 15.fe49788cbd45b3a0 too short
t_delta 15.fe4c3ea023e27ee0 too short
t_delta 16.0366602823fd0d40 too long
t_delta 15.fe474bf8e2b3fd80 too short
t_delta 15.fe496f2d02e350a0 too short
t_delta 16.0369f9256c3f8c00 too long
t_delta 15.fe484a3d8260bae0 too short
t_delta 15.fe4902342c2b91c0 too short
t_delta 16.036760c4b2426360 too long


errors all the time.

What's the reason for these?

What does this mean for my server?




___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Recommendation for Hyervisor to host FreeBSD

2012-07-05 Thread Rainer Duffner

Am Thu, 05 Jul 2012 12:43:06 +0100
schrieb Pete French petefre...@ingresso.co.uk:

 So, my work surprise for a Thursday morning is an urgent requirement
 to see if we can run a set of FreeBSD machines under virtualised
 servers. I have not done this before personally, but I notice from
 post here that it doesnt seem uncommon, and I see Xen related commits
 flowing past, so I am guessing it is doable.
 
 So, for running 8 or 9 STABLE can anyone recommend which hypervisor
 works best, and is 8 or 9 better as the OS to run ? Am doing a bit
 of research myself, but nothing beats persoanl experience in these
 matters!



AFAIK, there are no VMware-tools for FreeBSD9 (yet).
So, if you need to use ESXi/vSphere, then stay with 8.3 for the time
being.

There are KVM-drivers for FreeBSD 8.3 and 9.0 in the ports.

Also, full, native support for MSFT-HyperV is coming to FreeBSD9.

I wouldn'd bother with the free VMware-server.

AFAIK, the latest vcenter has a web-console, so you don't need a
Windows VM just to manage your virtualized FreeBSD instances.
Hopefully, someone else will have to do all the heavy-lifting of
maintaining all the virtualization-infrastructure.



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Recommendation for Hyervisor to host FreeBSD

2012-07-05 Thread Rainer Duffner

Am Thu, 5 Jul 2012 08:53:19 -0400
schrieb Mark Saad nones...@longcount.org:

 
 
 On Jul 5, 2012, at 8:43 AM, Rainer Duffner rai...@ultra-secure.de
 wrote:

  AFAIK, there are no VMware-tools for FreeBSD9 (yet).
  So, if you need to use ESXi/vSphere, then stay with 8.3 for the time
  being.
 
 You can use the open-vmtools package which is in ports .

They come (or came, last time I looked) with a lot of
run-time dependencies and even more at build-time.
And AFAIK, they don't offer the full functionality either.


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Why Are You NOT Using FreeBSD ?

2012-06-07 Thread Rainer Duffner


Am 06.06.2012 um 20:59 schrieb Dave Hayes:
 
 
 I believe this is the first time I've seen more documentation labeled as
 extraneous. :) I had thought to suggest an implementation by having a
 simple pkg-option-desr file which describes the options and implications
 in each port. Are you suggesting that such a file would be unwelcome? 
 


No, but take a look at the nginx port, which (I'm too lazy to count) has gained 
a couple of dozens of options over the years.
It's a bit of an extreme example, I know - but nevertheless.
I've enabled some that I know what they do and some where I think I know what 
they do. Some are default on, so I left them on.
The rest I disabled if I knew I wouldn't ever need them.
Documenting all of them would probably be a huge endeavor - and I'm glad that 
Sergey keeps the ports updated super-fast and chases down all the updates of 
3rd-party patches (which often have little more than the source itself as 
documentation) etc.
Asking him to do even more work - I wouldn't dare to do that ;-)

It's really the person who is running make config who has to read up on all the 
options and decide if (s)he needs them.
Sometimes, options only make sense in context of the selection of options of 
other ports and it thus may no be easily explainable in one line.
I don't maintain any ports, I just build about 600 of them in our private 
tinderbox.
IMO, you can't really maintain more than a couple of FreeBSD-servers 
professionally without some sort of central package-building.
The earlier people realize this, the less pain they will have to suffer. In 
practice, you realize it 50 or 100 servers too late...

The work that goes into the ports-tree is tremendous and once you start running 
your own tinderbox, maintain some 3rd-party patches yourself and just generally 
dig deeper into this stuff you begin to realize just how difficult this is. 

What I do (or try to do) on my tinderbox is to take a frozen ports-tree 
towards a release and build packages from it (trying to minimize the number of 
unique builds per portstree)
After the tree is open again, I try to get the stuff that interests me, the 
security-patches (e.g. the recent php bug) or other stuff that is useful for us 
as an update directly from CVS for the 600 or so ports that we actually use.
Of course, this only works until something in the ports-framework changes 
significantly (like that options-ng thing recently) and I either have to update 
the whole ports-tree or just wait till the next pre-release freeze.
I found that currently the fastest way to update my packages on a server is to 
pkg_delete -fa and then pkg_add the stuff back that I need (more or less the 
same packages everywhere, anyway). 
Portupgrade is far too slow to be of any practical use (and more than a handful 
of package-management-tools in the ports-mgnt category isn't really helpful, 
either - who has the time to test them all?)
I hope that pkgng will solve most of these problems and enable me to update my 
ports-tree more often.
Unfortunately, by then some of the FreeBSD-servers will have moved into our 
private cloud (using Joyent's private cloud, which, incidentally uses NetBSD's 
pkgsrc - we will have to see how that works out longtime)

Personally, I don't need more frequent FreeBSD-releases but two or maybe three 
ports-tree freezes per year would be good.

So, FreeBSD 9.0-RELEASE, FreeBSD 9.0-U1, FreeBSD 9.0U2 would be cool ;-)


Would that be a lot of additional work?



___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: environment declared, yet problem to compile HipHop in FreeBSD9-RELEASE

2012-04-17 Thread Rainer Duffner


Am 17.04.2012 um 20:41 schrieb Zenny:

 Hi:
 
 I tried to follow the instructions here
 (https://github.com/facebook/hiphop-php/wiki/Building-and-Installing-on-FreeBSD-8.2),
 everything went well except when I tried to 'cmake .', got
 configuration error:
 
 CMake Error at CMakeLists.txt:5 (message):
  You should set the HPHP_HOME environmental
 -- Configuring incomplete, errors occurred!
 
 Is there any different way to set environment? Thanks in advance!


Which shell are you using?

tcsh = setenv VAR bla-value


Rainer___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: What ZFS version will be in 8.3?

2012-03-11 Thread Rainer Duffner


Am 11.03.2012 um 20:43 schrieb Steven Hartland:

 Hi guys which version of ZFS support will be included in 8.3?


V28, AFAIK.
Has been available as a back-port for 8.2 for some time.

Hopefully, it's stable. ;-)


Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: about thumper aka sun fire x4500

2012-01-17 Thread Rainer Duffner


Am 17.01.2012 um 23:09 schrieb Jeremy Chadwick:

 On Tue, Jan 17, 2012 at 06:59:08PM +0100, peter h wrote:
 I have been beating on of these a few days, i have udes freebsd 9.0 and 8.2
 Both fails when i engage  10 disks, the system craches and messages :
 Hyper transport sync flood will get into the BIOS errorlog ( but nothing 
 will
 come to syslog since reboot is immediate)
 
 Using a zfs radz of 25 disks and typing zpool scrub will bring the system 
 down in seconds.
 
 Anyone using a x4500 that can comfirm that it works ? Or is this box broken ?
 
 I do not have one of these boxes / am not familiar with them, but
 HyperTransport is an AMD thing.  The concept is that it's a bus that
 interconnects different pieces of a system to the CPU (and thus the
 memory bus).  ASCII diagram coming up:



Not exactly:

http://www.c0t0d0s0.org/archives/1792-Do-it-yourself-X4500.html


At the time, there was no similar board on the market, AFAIK.
I haven't looked, but I think it should be easier to get one today...


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FTPS Server?

2012-01-08 Thread Rainer Duffner


Am 05.01.2012 um 20:26 schrieb Jeremy Chadwick:

 On Thu, Jan 05, 2012 at 05:16:43PM +0100, Rainer Duffner wrote:
 
 Am 05.01.2012 um 16:37 schrieb Wolfgang Zenker:
 
 Hi everyone,
 
 * Matthew Seaman m.sea...@infracaninophile.co.uk [120105 14:38]:
 On 05/01/2012 12:47, Karl Denninger wrote:
 Not SFTP (which is supported by the sshd) but FTPS is it supported
 by FreeBSD?
 
 No, not supported in the base system.
 
 [..]
 However, personally, I'd avoid FTPS.  It suffers from most of the design
 flaws of standard FTP[*], particularly as regards passing through
 firewalls.  Worse, because the traffic is encrypted, you can't even use
 tools like ftp-proxy (in ports as ftp/ftp-proxy) to extract transient
 port numbers by deep packet inspection.  As far as your users are
 concerned, just use SFTP.  It behaves exactly like an ordinary FTP
 client, but the underlying SSH protocol over the network is way, way
 better designed.
 
 Well, the problem I have here is at the server side: ftp users can be
 locked in a particular subtree of the file system by simply assigning
 them a chrooted login class. No need to setup any infrastructure in
 that subtree itself. Did not find out how to do this with sftp (we only
 allow publickey authentication with ssh at our servers)
 
 Wolfgang
 
 
 It is possible.
 
 See the chroot configuration in the man-page for sshd_config
 
 If you have a sufficiently complete chroot-environment, you can even do 
 chroot'ed ssh login sessions.
 
 It is possible, but some of the limitations of it are infuriating and
 unrealistic for certain environments.  I just went through working with
 a friend of mine (on a Linux system) setting this up so that one of his
 clients had SFTP access chroot'd but *without* all the copy /dev and
 random libraries and other crap nonsense that is often required.


We use NULLFS mounts for that.
In most cases, we need that for php-fpm chroot anyway...


  It
 worked, but the one limitation that we kept having to find workarounds
 for was this:
 
   All components of the pathname must be root-owned directories that
   are not writable by any other user or group.
 


Yep.
If you need sub-dir access a la I have this 3rd-party user who supplies data 
to us in this subdirectory, you either have to setup a specific upload-area 
where you copy stuff in or out or just let SFTP out of the equation right away.


 Oh, and if your system doesn't have remote serial console or way to get
 in if sshd doesn't like some of your sshd_config adjustments, I
 recommend running a separate instance on a separate port (if firewalls
 are involved deal with that too) so you have a way to get in, in the
 case standard port 22 stops working.  (This did happen during the
 aforementioned story, and my friend was quite happy that I had told him
 to set that up prior.  ;-) )



Running FreeBSD in a vmware did help to setup this, admittedly ;-)





Rainer


___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: FTPS Server?

2012-01-05 Thread Rainer Duffner


Am 05.01.2012 um 16:37 schrieb Wolfgang Zenker:

 Hi everyone,
 
 * Matthew Seaman m.sea...@infracaninophile.co.uk [120105 14:38]:
 On 05/01/2012 12:47, Karl Denninger wrote:
 Not SFTP (which is supported by the sshd) but FTPS is it supported
 by FreeBSD?
 
 No, not supported in the base system.
 
 [..]
 However, personally, I'd avoid FTPS.  It suffers from most of the design
 flaws of standard FTP[*], particularly as regards passing through
 firewalls.  Worse, because the traffic is encrypted, you can't even use
 tools like ftp-proxy (in ports as ftp/ftp-proxy) to extract transient
 port numbers by deep packet inspection.  As far as your users are
 concerned, just use SFTP.  It behaves exactly like an ordinary FTP
 client, but the underlying SSH protocol over the network is way, way
 better designed.
 
 Well, the problem I have here is at the server side: ftp users can be
 locked in a particular subtree of the file system by simply assigning
 them a chrooted login class. No need to setup any infrastructure in
 that subtree itself. Did not find out how to do this with sftp (we only
 allow publickey authentication with ssh at our servers)
 
 Wolfgang


It is possible.

See the chroot configuration in the man-page for sshd_config

If you have a sufficiently complete chroot-environment, you can even do 
chroot'ed ssh login sessions.



Rainer

___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Upgrading from 7.3 to 8.1: uname -a still shows 7.3p3

2010-11-15 Thread Rainer Duffner


Hi,

I have the 8.1 sources, did a buildworld, buildkernel, installkernel,  
installworld.

Now I have 8.1 binaries:

server# file /bin/tcsh
/bin/tcsh: ELF 32-bit LSB executable, Intel 80386, version 1  
(FreeBSD), dynamically linked (uses shared libs), for FreeBSD 8.1,  
stripped


but not the kernel:

server# uname -a
FreeBSD server 7.3-RELEASE-p3 FreeBSD 7.3-RELEASE-p3 #3: Tue Nov 16  
01:12:23 CET 2010 r...@server:/usr/obj/usr/src/sys/GENERIC  i386



How is that possible?

Or is it just a mis-representation?

kern.osreldate: 801000

I did a csup twice and rebuilt the kernel multiple times.
Also did a complete buildworld buildkernel cycle.




Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

apache hanging on 8.0 AMD64

2010-01-08 Thread Rainer Duffner

Hi,

we have an interesting problem with FreeBSD 8.0 AMD64:

The server is a HP DL380G5 with two Harpertown-class CPUs and 8 GB RAM.
It is running MySQL, Apache (worker MPM) and PHP as CGI with Fast-CGI
and SUEXEC.
It has over 500 ZFS filesystems that  comprise various customers
websites, each running PHP as their own user.

Soon after we put this system into production, we saw httpd-processes
being stalled in the ucond state, leading to a total stand-still of
the apache-server (apache blocked itself somehow).
I disabled ZFS prefetching and the problem went away for a couple of
days - until yesterday, when it happened again.
Swap was unused when it happened the last time.
I switched top into thread-mode (M) and saw that the processes
actually seemed to be in different state (zio-i, arc_mr, tx_tx, RUN).
I cannot get any info from kstat, because when the problem happens and I
attach to one of the processes, I don't get anything back - it just sits
there.

If there anything I can take a look at to further debug this problem?
At the time of the hang, no swap was used:

last pid:  6450;  load averages: 36.32, 30.17,
17.75   
 
up 4+11:15:44  20:11:01
482 processes: 28 running, 452 sleeping, 1 zombie, 1 lock
CPU: % user, % nice, % system, % interrupt, % idle
Mem: 1619M Active, 3829M Inact, 2066M Wired, 211M Cache, 827M Buf, 188M Free
Swap: 8192M Total, 8192M Free

  PID USERNAME  PRI NICE   SIZERES STATE   C   TIME   WCPU COMMAND
 6011 user1  440 24960K  3432K RUN 1   2:50  7.08% pure-ftpd
 6038 user2  660   161M 18856K RUN 3   1:26  3.47% php-cgi
  716 root   460 32452K 13776K select  5 104:53  3.08% snmpd
 6021 user3  630   163M 20232K RUN 7   1:28  2.49% php-cgi
 6009 www440   103M 26952K tx-tx  3   0:55  1.76% {httpd}
 6030 www440   101M 26168K CPU47   0:57  1.66% {httpd}
 6028 www440   101M 26476K tx-tx  2   0:55  1.66% {httpd}
 6030 www440   101M 26168K zio-i  5   0:55  1.66% {httpd}
 6008 www440   102M 26640K RUN 2   1:23  1.56% {httpd}
 6009 www460   103M 26952K tx-tx  3   1:22  1.56% {httpd}
 6016 www440   102M 26636K tx-tx  2   1:17  1.56% {httpd}
 6024 www440   106M 26568K RUN 1   1:07  1.56% {httpd}
 5978 www440   102M 26960K RUN 0   1:00  1.56% {httpd}
 6008 www440   102M 26640K zio-i  7   0:55  1.56% {httpd}
 5970 www440   108M 27700K arc_mr  4   0:59  1.46% {httpd}
 6024 www440   106M 26568K tx-tx  5   0:50  1.46% {httpd}
 5979 www450   102M 26904K zio-i  1   1:14  1.37% {httpd}
 6009 www470   103M 26952K zio-i  7   1:11  1.37% {httpd}


I disabled all the apache-modules we don't need.

This is the only system of its kind we have, currently, but we would
really like to get this fixed so we can move more of our
hosting-customers to similar setup servers.

Another detail: due to the fact that every user has a access- and
error-logfile, we had to bump FD_SETSIZE to 16384U.
We tried bumping kern.maxvnodes to larger and larger values (now at
40, 200k are used), but it didn't really help that much. Disabling
prefetching helped a lot (only one crash in 5 days) - but we would like
to know why it actually happens and then fix it forever ;-)




Best Regards,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: problems with wifi

2005-12-30 Thread Rainer Duffner


Ondra Holecek wrote:


hello,

i have bought new notebook - Fujitsu-Siemens Amilo A1650G

it has problems with acpi (eg. acpiconf -s3 does not work, etc.), and 
it has also integrated 802.11b/g card - recognized as ath0.


I can set it up, but it has no signal - i gues it is because it should 
be somehow turned on - there is the button on keyboard for this 
purpose, but of course it does not work in fbsd.





You did turn it on in the BIOS, too, didn't you?


Also, there's acpi_fujitsu.ko - though I don't know if it actually works 
on the low-end models.




cheers,
Rainer
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: AMD64 + Nvidia Display Card

2005-07-14 Thread Rainer Duffner


Brett Wildermoth wrote:


On Thu, 14 Jul 2005 04:18 am, [EMAIL PROTECTED] wrote:
 


On Wednesday 13 July 2005 10:26 am, Kenneth Culver wrote:
   


Quoting Brett Wildermoth [EMAIL PROTECTED]:
 


To all my fellow FreeBSD users,

I assume I am not the only one who is in this predicament. I have just
bought seven AMD 64s with NVIDIA PCI-X graphics. With 5.4 I can get
everything bar the network and X to work, with 6.0 I can get the
network to work also. However no matter what I do I can't get X to
work.

Why doesn't NVIDIA make a graphics driver for FreeBSD AMD64. They
make one for
Linux x86-64 and one for FreeBSD-x86.

Perhaps would could all post a message on nvforum. I see some people
already have.

Perhaps NVIDIA think FreeBSD is just a hobby OS..
   


Last I heard, nvidia had no plans to make a FreeBSD amd64 driver. Just
post that
you're pissed about it like the rest of us are... maybe they'll
reconsider.
 


Not true.  FreeBSD's kernel doesn't provide some things needed for an amd64
driver to be feasible.
   



Like what what are these features? and if they are really important why 
aren't they on the cards to be included into FreeBSD..


 





I think this has come up before (multiple times...almost a FAQ-candidate 
IMO).
AFAICR, the changes are not in CURRENT, yet, but there are plans to 
integrate them in the future.


Can't you just run those AMD-boxes in i386-mode, for the time being?

BTW: wouldn't it be good to note things like these in the 
errata-section in the handbook?
The port itself is marked as ONLY_FOR_ARCHS= i386. But usually, by the 
time one reaches that stage, the hardware has already been bought ;-)


Do all other Xorg-drivers work on AMD64?




cheers,
Rainer





___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

Problem booting 5.4

2005-05-12 Thread Rainer Duffner

  
|..|
  0x017c 9090 9090 9090 9090 9090 9090 9090 9090 9090 9090 9090 
9090 9090 9090 9090 9090 9090 9090 9090  
|..|
  0x01a2 9090 9090 9090 9090 9090 9090 9090 9090 9090 9090 9090 
9090 9090 9080 8001 0100 a5fe  3f00  
|?.|
  0x01c8  8237 f90d         
         
|...7..|
  0x01ee         
55aa|U.|

  484 boot0cfg RET   read 512/0x200
  484 boot0cfg CALL  break(0x804e000)
  484 boot0cfg RET   break 0
  484 boot0cfg CALL  open(0x8049522,0,0x200)
  484 boot0cfg NAMI  /boot/boot0
  484 boot0cfg RET   open 4
  484 boot0cfg CALL  read(0x4,0xbfbfe9f0,0x200)
  484 boot0cfg GIO   fd 4 read 512 bytes
  0x fc31 c08e c08e d88e d0bc 007c 89e6 bf00 06b9 0001 f3a5 
89fd b108 f3ab fe45 f2e9 008a f646 bb20  
|.1.|.E.F. |
  0x0026 7508 84d2 7807 804e bb40 8a56 ba88 5600 e8fa 0052 bbc2 
0731 d288 6ffc 0fa3 56bb 7319 8a07 bf85  
|[EMAIL PROTECTED]|
  0x004c 07b1 03f2 ae74 0eb1 0cf2 ae83 c70a 8a0d 01cf e8c3 0042 
80c3 1073 d858 2c7f 3a06 7504 7205 4874  
|.t...B...s.X,.:.u.r.Ht|
  0x0072 0d30 c004 b088 46b8 bfb2 07e8 a400 be79 07e8 b000 8a56 
b94e e88c 00b0 07e8 b000 30e4 cd1a 89d7  
|.0Fy.V.N0.|
  0x0098 037e bcb4 01cd 1675 0d30 e4cd 1a39 fa72 f28a 46b9 eb16 
30e4 cd16 88e0 3c1c 74f1 2c3b 3c04 7606  
|.~.u.0...9.r..F...0..t.,;.v.|
  0x00be 2cc7 3c04 77c9 980f a346 0c73 c288 46b9 be00 088a 1489 
f33c 049c 740a c0e0 0405 be07 93c6 0780  
|,..wF.s..F..t...|
  0x00e4 53f6 46bb 4075 08bb 0006 b403 e859 005e 9d75 068a 56b8 
80ea 30bb 007c b402 e847 0072 8681 bffe  
|[EMAIL PROTECTED]|...G.r|
  0x010a 0155 aa0f 857c ffbe 8307 e819 00ff e3b0 46e8 2400 b031 
00d0 eb17 0fab 560c be76 07e8 ebff 89fe  
|.U...|..F.$..1..V..v..|
  0x0130 e803 00be 8307 aca8 8075 05e8 0400 ebf6 247f 53bb 0700 
b40e cd10 5bc3 8a74 018b 4c02 b001 5689  
|.u..$.S...[..t..L...V.|
  0x0156 e7f6 46bb 8074 1366 6a00 66ff 7408 0653 6a01 6a10 89e6 
4880 cc40 cd13 89fc 5ec3 2020 a00a 4465  
|[EMAIL PROTECTED]  ..De|
  0x017c 6661 756c 743a a00d 8a00 050f 0104 060b 0c0e 839f a5a6 
a90e 0d0c 0b0a 090b 130e 1110 013f bf44  
|fault:.?.D|
  0x01a2 4fd3 4c69 6e75 f846 7265 6542 53c4 66bb 4472 6976 6520 
 800f b600       |O.Linu.FreeBS.f.Drive 
|
  0x01c8            
         
|..|
  0x01ee         
55aa|U.|

  484 boot0cfg RET   read 512/0x200
  484 boot0cfg CALL  open(0x804c030,0x1,0x1b6)
  484 boot0cfg NAMI  /dev/twed0
  484 boot0cfg RET   open -1 errno 1 Operation not permitted
  484 boot0cfg CALL  break(0x804f000)
  484 boot0cfg RET   break 0
  484 boot0cfg CALL  open(0x804e000,0x2,0x804c030)
  484 boot0cfg NAMI  /dev/twed0s1
  484 boot0cfg RET   open -1 errno 1 Operation not permitted
  484 boot0cfg CALL  open(0x804e000,0x2,0x804c030)
  484 boot0cfg NAMI  /dev/twed0s2
  484 boot0cfg RET   open -1 errno 2 No such file or directory
  484 boot0cfg CALL  open(0x804e000,0x2,0x804c030)
  484 boot0cfg NAMI  /dev/twed0s3
  484 boot0cfg RET   open -1 errno 2 No such file or directory
  484 boot0cfg CALL  open(0x804e000,0x2,0x804c030)
  484 boot0cfg NAMI  /dev/twed0s4
  484 boot0cfg RET   open -1 errno 2 No such file or directory
  484 boot0cfg CALL  write(0x2,0xbfbfe450,0xa)
  484 boot0cfg GIO   fd 2 wrote 10 bytes
  boot0cfg: 
  484 boot0cfg RET   write 10/0xa
  484 boot0cfg CALL  write(0x2,0xbfbfe470,0x15)
  484 boot0cfg GIO   fd 2 wrote 21 bytes
  write_mbr: /dev/twed0
  484 boot0cfg RET   write 21/0x15
  484 boot0cfg CALL  write(0x2,0x28130f3c,0x2)
  484 boot0cfg GIO   fd 2 wrote 2 bytes
  : 
  484 boot0cfg RET   write 2
  484 boot0cfg CALL  write(0x2,0xbfbfe450,0x1a)
  484 boot0cfg GIO   fd 2 wrote 26 bytes
  No such file or directory
  
  484 boot0cfg RET   write 26/0x1a
  484 boot0cfg CALL  exit(0x1)
Does anybody have an idea about what's going on here?
I've used various 3ware-controllers in various environments and never 
faced this problem.


Rainer
--
IP Tech AG
Rainer Duffner
Glärnischstrasse 46
CH-9500 Wil SG
Telefon +41 71 929 90 70
Telefax +41 71 929 90 71
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to [EMAIL PROTECTED]

91 matches

Mail list logo