Re: FreeBSD Security in Multiuser Environments
In freebsd-questions Digest, Vol 408, Issue 10, Message: 5
On Sat, 31 Mar 2012 21:05:00 +0700 Erich Dollansky
erichfreebsdl...@ovitrap.com wrote:
On Saturday 31 March 2012 20:26:14 Julian H. Stacey wrote:
[..]
Da Rock wrote:
On 03/31/12 17:46, Julian H. Stacey wrote:
[..]
schu...@ime.usp.br wrote:
Hello,
I would like to raise a discussion about the security features
of FreeBSD as a whole and how they might be employed to actually
derive some meaningful guarantees.
We have a list specialy for freebsd-security@. Please use it.
I thought this to be sensible advice. Before seeing that I'd thought of
copying it to rwatson@ who I figured might take an interest due to his
involvement with Capsicum, acl(3) and such, but he certainly reads that
list anyway (and more than likely, not this one :)
Hang on, hold the phone: The security list (specifically) is for
security announcements. At least that what it said when I subscribed to
it...
Wrong.
Correct :)
For list of mail lists see:
http://lists.freebsd.org/mailman/listinfo
Specifically:
freebsd-secur...@freebsd.org
http://lists.freebsd.org/mailman/listinfo/freebsd-security
freebsd-security-notificati...@freebsd.org
http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
this sounds very confusing for people who have simple question:
'General system administrator questions of an FAQ nature are
off-topic for this list, but the creation and maintenance of a FAQ is
on-topic. Thus, the submission of questions (with answers) for
inclusion into the FAQ is welcome. Such question/answer sets should
be clearly marked as (at least FAQ submission) such in the subject.
'
schultz' post was nothing in the way of an FAQ issue, but a request for
discussion of a wide range of system security issues, far indeed from a
'simple question'. Had you posted the two paragraphs before the one you
quote above, this may have been a little clearer. To wit:
This is a technical discussion list covering FreeBSD security issues.
The intention is for the list to contain a high-signal, low-noise
discussion of issues affecting the security of FreeBSD.
Welcome topics include Cryptography (as it relates to FreeBSD), OS bugs
that affect security, and security design issues. Denial-of-service
(DoS) issues are less important than problems that allow an attacker to
achieve elevated privelige, but are still on-topic.
This sounds that 'schultz' would be wrong there.
Not at all Erich, quite the opposite in my view; as someone who's been
subscribed to freebsd-security@ for 12 or so years, I look forward to
seeing informed responses to some of schultz' issues. In any event,
{s,}he promptly took Julian's advice to post it there, where one aspect
has already attracted responses from des@ and pjd@
The best way to get a good sense of what issues are acceptible and/or
useful topics for which lists, without having to subscribe, is to browse
a list's archives for several months. Works for me. In this case try:
http://lists.freebsd.org/pipermail/freebsd-security/
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
Polytropon free...@edvax.de wrote: On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote: I personally don't trust wireless, because it's well nigh impossible to truly secure it. In that case, one should also pay attention to secure the printer. Wait - secure the printer? What am I talking about? Firmware attacks! Yes - malware has already reached printers ... All the more reason to avoid wireless. (I had been thinking more along the lines of someone intercepting sensitive print files, e.g. tax returns, as they were being sent to the printer.) A printer connected to a hard-wired network, behind a firewall with no tunnelling to it allowed, is not going to get anything sent to it from outside. Granted this does not protect against malware jobs sent from a local machine, but it at least avoids having malware sent wirelessly to the printer by someone parked out front, thus there's one less pathway needing to be secured. It may also be a reason to _avoid_ printers that accept PDF directly. Since PDFs are often downloaded and printed, an attacker could post a bogus firmware download under an innocent-sounding name like manual.pdf leading someone to do $ fetch http://.../manual.pdf lpr manual.pdf Oops. However if said PDF has to first be locally converted to PS (e.g. by xpdf) before being sent to the printer, an attacker would have to (somehow) formulate a PDF that would cause xpdf to emit a PostScript file that looked to the printer like a firmware download. I don't know enough about either PDF or xpdf to say whether that's possible, but I imagine it would at least be a whole lot more difficult than in the direct PDF case. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD Security in Multiuser Environments
On 04/02/12 17:48, Ian Smith wrote: In freebsd-questions Digest, Vol 408, Issue 10, Message: 5 On Sat, 31 Mar 2012 21:05:00 +0700 Erich Dollanskyerichfreebsdl...@ovitrap.com wrote: On Saturday 31 March 2012 20:26:14 Julian H. Stacey wrote: [..] Da Rock wrote: On 03/31/12 17:46, Julian H. Stacey wrote: [..] schu...@ime.usp.br wrote: Hello, I would like to raise a discussion about the security features of FreeBSD as a whole and how they might be employed to actually derive some meaningful guarantees. We have a list specialy for freebsd-security@. Please use it. I thought this to be sensible advice. Before seeing that I'd thought of copying it to rwatson@ who I figured might take an interest due to his involvement with Capsicum, acl(3) and such, but he certainly reads that list anyway (and more than likely, not this one :) Hang on, hold the phone: The security list (specifically) is for security announcements. At least that what it said when I subscribed to it... Wrong. Correct :) So thats turn left, right? Clear as mud now... :) For list of mail lists see: http://lists.freebsd.org/mailman/listinfo Specifically: freebsd-secur...@freebsd.org http://lists.freebsd.org/mailman/listinfo/freebsd-security freebsd-security-notificati...@freebsd.org http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications this sounds very confusing for people who have simple question: 'General system administrator questions of an FAQ nature are off-topic for this list, but the creation and maintenance of a FAQ is on-topic. Thus, the submission of questions (with answers) for inclusion into the FAQ is welcome. Such question/answer sets should be clearly marked as (at least FAQ submission) such in the subject. ' schultz' post was nothing in the way of an FAQ issue, but a request for discussion of a wide range of system security issues, far indeed from a 'simple question'. Had you posted the two paragraphs before the one you quote above, this may have been a little clearer. To wit: This is a technical discussion list covering FreeBSD security issues. The intention is for the list to contain a high-signal, low-noise discussion of issues affecting the security of FreeBSD. I think that has clarified things sufficiently now. Looks like I should subscribe to that list too. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
On 04/03/12 01:09, per...@pluto.rain.com wrote: Polytroponfree...@edvax.de wrote: On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote: I personally don't trust wireless, because it's well nigh impossible to truly secure it. In that case, one should also pay attention to secure the printer. Wait - secure the printer? What am I talking about? Firmware attacks! Yes - malware has already reached printers ... All the more reason to avoid wireless. (I had been thinking more along the lines of someone intercepting sensitive print files, e.g. tax returns, as they were being sent to the printer.) A printer connected to a hard-wired network, behind a firewall with no tunnelling to it allowed, is not going to get anything sent to it from outside. Granted this does not protect against malware jobs sent from a local machine, but it at least avoids having malware sent wirelessly to the printer by someone parked out front, thus there's one less pathway needing to be secured. It may also be a reason to _avoid_ printers that accept PDF directly. Since PDFs are often downloaded and printed, an attacker could post a bogus firmware download under an innocent-sounding name like manual.pdf leading someone to do $ fetch http://.../manual.pdf; lpr manual.pdf Oops. However if said PDF has to first be locally converted to PS (e.g. by xpdf) before being sent to the printer, an attacker would have to (somehow) formulate a PDF that would cause xpdf to emit a PostScript file that looked to the printer like a firmware download. I don't know enough about either PDF or xpdf to say whether that's possible, but I imagine it would at least be a whole lot more difficult than in the direct PDF case. Sounds pretty good to me. I'd implement it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
On Mon, 02 Apr 2012 08:09:07 -0700 per...@pluto.rain.com articulated: Polytropon free...@edvax.de wrote: On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote: I personally don't trust wireless, because it's well nigh impossible to truly secure it. In that case, one should also pay attention to secure the printer. Wait - secure the printer? What am I talking about? Firmware attacks! Yes - malware has already reached printers ... All the more reason to avoid wireless. (I had been thinking more along the lines of someone intercepting sensitive print files, e.g. tax returns, as they were being sent to the printer.) A printer connected to a hard-wired network, behind a firewall with no tunnelling to it allowed, is not going to get anything sent to it from outside. Granted this does not protect against malware jobs sent from a local machine, but it at least avoids having malware sent wirelessly to the printer by someone parked out front, thus there's one less pathway needing to be secured. It may also be a reason to _avoid_ printers that accept PDF directly. Since PDFs are often downloaded and printed, an attacker could post a bogus firmware download under an innocent-sounding name like manual.pdf leading someone to do $ fetch http://.../manual.pdf lpr manual.pdf Oops. However if said PDF has to first be locally converted to PS (e.g. by xpdf) before being sent to the printer, an attacker would have to (somehow) formulate a PDF that would cause xpdf to emit a PostScript file that looked to the printer like a firmware download. I don't know enough about either PDF or xpdf to say whether that's possible, but I imagine it would at least be a whole lot more difficult than in the direct PDF case. Obviously you are not aware of the latest trend towards the movement to standardize PDF as the standard print format. I would recommend you start by reading the documentation located at: http://www.linuxfoundation.org/collaborate/workgroups/openprinting and continue on from there. While there might be some rational for your security concerns on a business network in regards to wireless networks, they are not really relevant on a home networks. The simple ease of use that a wireless network gives a user on a home network far outweigh any pseudo claims of espionage. Furthermore, there are means of encrypting print data. I leave the mastery of that matter up to the student. By the way, since you seem so concerned over your printers security, I assume that you all ready have it at least password protected. Personally, I prefer using certificates. Now that is real security. Again, I assume you are using printers capable of that security. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ Faith goes out through the window when beauty comes in at the door. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
On Mon, 2 Apr 2012 07:33:03 -0400, Jerry wrote: Obviously you are not aware of the latest trend towards the movement to standardize PDF as the standard print format. I would recommend you start by reading the documentation located at: http://www.linuxfoundation.org/collaborate/workgroups/openprinting and continue on from there. Seconded, good introductional read. Addition: PDF as Standard Print Job Format http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat While there might be some rational for your security concerns on a business network in regards to wireless networks, they are not really relevant on a home networks. The simple ease of use that a wireless network gives a user on a home network far outweigh any pseudo claims of espionage. I think you're underestimating the threat coming from hijacked home consumer networks. Of course, business networks are more interesting, as they might contain data one could sell (personnel data, inventions, business figures, pricing, internal products calculations and so on), but home networks seem to be more easily to crack. The typical point of attack is a Windows PC in such a network, and the result is a machine controlled by a criminal, acting as a spam server, as part of a botnet, as a participant in illegal file sharing or as a storage point for child pornography. The user itself often doesn't recognize any of those activities. In today's Internet, more than 90% of the traffic generated in email is spam. What do you think they come from? Now let's assume printers are easily exploitable because manufacturers are careless when implementing the PDF printing standard, or they leave extensions active that can be abused. While average Windows users are more and more aware of caring about viruses, trojans, malware and other attacks for their _own_ security, such considerations about a printer aren't wide spread. But it's only a printer, it can't do anything! What I want to say: Printers _are_ and _will be_ attack vectors that need attention. If the manufacturers provide a good basis, that would be great. For example, if a PDF file contained malicious code, the printer accepts it, prints it, but doesn't do anything more, it would be a safe procedure. But as PDF is _known_ to be unsafe in regards that it _can_ contain stuff to attack a computer, the conclusion is that (depending on what manufacturers actually implement) it might do so to a printer too. The danger of PDF is comparable to the danger of Office files (typically macros as hooks for malicious code). Now add some auto-opening functionality to a MUA, and you're done. Summary: PDF as a printing standard is very welcome, as long as it takes the chance to be a secure thing. Furthermore, there are means of encrypting print data. I leave the mastery of that matter up to the student. That's interesting, I'll investigate on that further. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Access to Time Warner cable network
On 1 Apr 2012 at 10:21, Erich Dollansky wrote: Hi, On Sunday 01 April 2012 08:57:00 Da Rock wrote: Did they come to your location and run a test to their equipment? My neighbor had a recent cable outage of an existing cable on our block that was too low and a moving van hit it. Apparently the Windows system works, so I'd assume all that side is ok- just FBSD box is the issue. so, there is some difference. The questions are there to find out what the difference might be. Erich fbsd8 How do you connect to your TW ISP? Just a Cable modem of some sort, or is there a Router involved somewhere? It makes a whole world of difference I.e. How Physically do you hook together, in each instance, for the XP box, and F'BSD box. Regards. Dave B. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Access to Time Warner cable network
On 1 Apr 2012 at 19:05, Jerry wrote: On Mon, 02 Apr 2012 08:50:42 +1000 Da Rock articulated: Given that the other tech in question asked me to help him, and he is a Winblows nut like yourself, I think this premise can be dismissed out of hand. I won't even bother to qualify the rest, I wouldn't want to ruin your delusion. No delusion here. You have confirmed what I suspected. A classic case of The blind leading the blind. If one idiot can screw something up, just think what two idiots can accomplish? -- Jerry Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ In the world of the blind, the one eyed bloke is promoted to near god like status! Dave B. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Access to Time Warner cable network
On Mon, 02 Apr 2012 15:18:19 +0100 Dave wrote: fbsd8 How do you connect to your TW ISP? Just a Cable modem of some sort, or is there a Router involved somewhere? It makes a whole world of difference If you read the rest of the thread you'll see that that the problem was solved yesterday. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Access to Time Warner cable network
On Apr 2, 2012, at 7:32 AM, Dave d...@g8kbv.demon.co.uk wrote: On 1 Apr 2012 at 19:05, Jerry wrote: On Mon, 02 Apr 2012 08:50:42 +1000 Da Rock articulated: Given that the other tech in question asked me to help him, and he is a Winblows nut like yourself, I think this premise can be dismissed out of hand. I won't even bother to qualify the rest, I wouldn't want to ruin your delusion. No delusion here. You have confirmed what I suspected. A classic case of The blind leading the blind. If one idiot can screw something up, just think what two idiots can accomplish? -- Jerry Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ In the world of the blind, the one eyed bloke is promoted to near god like status! Dave Does all this smugness actually seem useful to all of you, or is one factor behind the precipitous drop in FreeBSD community size how much y'all love the sound of your own voices?!___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: shutdown -p doesn't power-off USB
For me it's even worse. http://forums.freebsd.org/showthread.php?t=29700 It occurs after the first world rebuilding and I can't solve it since months. And only occurs since 9.0 is out. 9 RC3 worked fine. However the fresh install from the 9.0 stable disk also works fine until building and installing kernel and world from src. The kernel is GENERIC and I run mergemaster properly every time it's needed. All my computers having this issue are on ZFS root and all work properly except the shutdown and reboot. Mage On 03/31/2012 17:38, Jens Schweikhardt wrote: hello world\n I'm running 9-STABLE/amd64 and for a few months now, whenever I shut down with shutdown -p now, the USB devices still have power. This is most visible on the USB keyboard, where *all* LEDs are turned on and stay on. The MB is an ASUS P5Q3 Deluxe. The USB related sysctls are: # sysctl -aw|grep -i usb descrUSB1008A Flash Disk/descr device usb hw.pci.usb_early_takeover: 1 hw.usb.no_shutdown_wait: 0 hw.usb.no_boot_wait: 0 hw.usb.debug: 0 hw.usb.usb_lang_mask: 255 hw.usb.usb_lang_id: 9 hw.usb.template: 0 hw.usb.power_timeout: 30 hw.usb.no_pf: 0 hw.usb.no_cs_fail: 0 dev.uhci.0.%desc: Intel 82801JI (ICH10) USB controller USB-D dev.uhci.0.%location: slot=26 function=0 handle=\_SB_.PCI0.USB4 dev.uhci.1.%desc: Intel 82801JI (ICH10) USB controller USB-E dev.uhci.1.%location: slot=26 function=1 handle=\_SB_.PCI0.USB5 dev.uhci.2.%desc: Intel 82801JI (ICH10) USB controller USB-F dev.uhci.2.%location: slot=26 function=2 handle=\_SB_.PCI0.USB6 dev.uhci.3.%desc: Intel 82801JI (ICH10) USB controller USB-A dev.uhci.3.%location: slot=29 function=0 handle=\_SB_.PCI0.USB0 dev.uhci.4.%desc: Intel 82801JI (ICH10) USB controller USB-B dev.uhci.4.%location: slot=29 function=1 handle=\_SB_.PCI0.USB1 dev.uhci.5.%desc: Intel 82801JI (ICH10) USB controller USB-C dev.uhci.5.%location: slot=29 function=2 handle=\_SB_.PCI0.USB2 dev.usbus.0.%desc: Intel 82801JI (ICH10) USB controller USB-D dev.usbus.0.%driver: usbus dev.usbus.0.%parent: uhci0 dev.usbus.1.%desc: Intel 82801JI (ICH10) USB controller USB-E dev.usbus.1.%driver: usbus dev.usbus.1.%parent: uhci1 dev.usbus.2.%desc: Intel 82801JI (ICH10) USB controller USB-F dev.usbus.2.%driver: usbus dev.usbus.2.%parent: uhci2 dev.usbus.3.%desc: Intel 82801JI (ICH10) USB 2.0 controller USB-B dev.usbus.3.%driver: usbus dev.usbus.3.%parent: ehci0 dev.usbus.4.%driver: usbus dev.usbus.4.%parent: xhci0 dev.usbus.5.%desc: Intel 82801JI (ICH10) USB controller USB-A dev.usbus.5.%driver: usbus dev.usbus.5.%parent: uhci3 dev.usbus.6.%desc: Intel 82801JI (ICH10) USB controller USB-B dev.usbus.6.%driver: usbus dev.usbus.6.%parent: uhci4 dev.usbus.7.%desc: Intel 82801JI (ICH10) USB controller USB-C dev.usbus.7.%driver: usbus dev.usbus.7.%parent: uhci5 dev.usbus.8.%desc: Intel 82801JI (ICH10) USB 2.0 controller USB-A dev.usbus.8.%driver: usbus dev.usbus.8.%parent: ehci1 dev.ehci.0.%desc: Intel 82801JI (ICH10) USB 2.0 controller USB-B dev.ehci.0.%location: slot=26 function=7 handle=\_SB_.PCI0.USBE dev.ehci.1.%desc: Intel 82801JI (ICH10) USB 2.0 controller USB-A dev.ehci.1.%location: slot=29 function=7 handle=\_SB_.PCI0.EUSB dev.xhci.0.%desc: XHCI (generic) USB 3.0 controller dev.uhub.0.%parent: usbus0 dev.uhub.1.%parent: usbus1 dev.uhub.2.%parent: usbus2 dev.uhub.3.%parent: usbus3 dev.uhub.4.%parent: usbus4 dev.uhub.5.%parent: usbus5 dev.uhub.6.%parent: usbus6 dev.uhub.7.%parent: usbus7 dev.uhub.8.%parent: usbus8 dev.ums.0.%desc: Logitech USB Receiver, class 0/0, rev 2.00/22.00, addr 2 dev.uhid.0.%desc: Logitech USB Receiver, class 0/0, rev 2.00/22.00, addr 2 Any help appreciated in telling me how to turn off USB power with shutdown. Regards, Jens ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
On 2012, Mar 30, at 11:17, Warren Block wrote: It should work with FreeBSD, certainly for text. For graphics output, Gutenprint doesn't have a setting specifically for the 6500, but one of the similar printers probably will work. Don't expect photo quality, color lasers have to do halftones. It doesn't surprise me that Gutenprint doesn't have a setting specifically for the 6500 because Xerox provides one: http://www.support.xerox.com/support/phaser-6500/downloads/enus.html?operatingSystem=linuxfileLanguage=en I have a Phaser 6300 (older model), and it has worked well for every OS that I have thrown at it, including Mac, Windows, Linux, FreeBSD, iOS, etc. Echoing others, get a real postscript printer, get a real network printer (not USB), and get a laser printer (although Thermal Wax would also be acceptable). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Please help me diagnose this crazy VMWare/FreeBSD 8.x crash
On 03/30/2012 07:41, Joe Greco wrote: On 3/29/2012 7:01 AM, Joe Greco wrote: On 3/28/2012 1:59 PM, Mark Felder wrote: FreeBSD 8-STABLE, 8.3, and 9.0 are untested As much as I'm sensitive to your production requirements, realistically it's not likely that you'll get a helpful result without testing a newer version. 8.2 came out over a year ago, many many things have changed since then. Doug So you're saying that he should have been using 8.3-RELEASE, then. That isn't what I said at all, sorry if I wasn't clear. The OP mentioned 9.0-RELEASE, and in the context of his message (which I snipped) he mentioned 8-stable. That's what I was referring to. And since both the poster and I made it clear that this doesn't seem to be a case of it fails reliably on a machine of your choosing, just installing random other versions and hoping that it's going to cause a fail ... well, let's just say that doesn't make a whole lot of sense. Or at least it's a recipe for a hell of a lot of busywork, busywork not guaranteed to return any sort of useful result. And since you can't reliably reproduce the problem, how do you expect us to? I understand that these sorts of bugs are difficult/annoying, etc. Been there, done that. In the meantime, it's unrealistic to tell people to use supported releases, to wait fifteen months between releases, and then to criticize people complaining about problems with a supported release for using old code. Just to be clear, I didn't criticize anyone. And I share your frustration with the length of the 8.3 release cycle. I really wish I had a better answer, but as much as you and I may wish that things were different, Try a newer version is the best answer we have atm. Doug -- This .signature sanitized for your protection ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Please help me diagnose this crazy VMWare/FreeBSD 8.x crash
On 03/30/2012 07:41, Joe Greco wrote: On 3/29/2012 7:01 AM, Joe Greco wrote: On 3/28/2012 1:59 PM, Mark Felder wrote: FreeBSD 8-STABLE, 8.3, and 9.0 are untested As much as I'm sensitive to your production requirements, realistically it's not likely that you'll get a helpful result without testing a newer version. 8.2 came out over a year ago, many many things have changed since then. Doug So you're saying that he should have been using 8.3-RELEASE, then. That isn't what I said at all, sorry if I wasn't clear. The OP mentioned 9.0-RELEASE, and in the context of his message (which I snipped) he mentioned 8-stable. That's what I was referring to. And since both the poster and I made it clear that this doesn't seem to be a case of it fails reliably on a machine of your choosing, just installing random other versions and hoping that it's going to cause a fail ... well, let's just say that doesn't make a whole lot of sense. Or at least it's a recipe for a hell of a lot of busywork, busywork not guaranteed to return any sort of useful result. And since you can't reliably reproduce the problem, how do you expect us to? I understand that these sorts of bugs are difficult/annoying, etc. Been there, done that. Nobody expected you to. We're trying to figure out any commonalities that might exist; these may serve to help shed light on where the problem lies. The interesting thing is that I took it and looked at it and came to a conclusion that might have been wrong, though I think the trail of reasoning I used was itself reasonable, given my exceedingly small (one example of problem) sample size. Mark's able to actually *reproduce* the problem on separate installs and with circumstances that are at least somewhat different than what my theory involved, though it is not quite possible to rule out some sort of corruption. Since I have to *assume* that many sites run some sort of FreeBSD on their VMware gear, given that VMware actually lists it as a supported version and VMware generally does things for profit, I am still kind of of the opinion that this is some sort of corruption bug, one that I triggered inadvertently, but one that Mark's environment reproduces rather more frequently. That just seems so unlikely, but more unlikely things have come to pass, so I'm holding onto it as my working theory ;-) I still plan to try to recover my broken VM from backups at some point if time permits. But in short, to answer your question: I don't *care* if you can reproduce the problem. As a user, you can't win. If you don't report a problem, you get criticized. If you report a problem but can't figure out how to reproduce it, you get criticized. If you can reproduce it but you don't submit a workaround, you get criticized. If you submit a workaround but you don't submit a patch, you get criticized. If you submit a patch but it's not in the preferred format, you get criticized. Hm. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Printer recommendation please
On Sun, Apr 1, 2012 at 12:09 PM, Da Rock freebsd-questi...@herveybayaustralia.com.au wrote: On 04/01/12 19:29, Polytropon wrote: Firmware attacks! ROFL! Sorry my mind went to an interesting place with this one images of printers on spring break flashing their cartridges, opening flaps to show off their drums... :D Reminds me of the VAXorcist... ;-) http://www.gnu.org/fun/jokes/vaxorcist.html -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fxp0 Link Going Up And Down
On 4/1/2012 4:21 PM, Tim Daneliuk wrote: I am seeing this intermittently: Apr 1 14:48:36 host kernel: fxp0: link state changed to DOWN Apr 1 14:52:27 host kernel: fxp0: link state changed to UP There were some fixes to the fxp driver on ~ March 26th that fixed the NIC bouncing up and down when it went into promisc mode. But those bounces were very short lived (a few seconds to transition). Your up/down events are minutes. Perhaps the cable modem is going into some sort of sleep mode ? Or perhaps just a hardware issue. If you can, try and put a simple hub or switch between the cable modem and your NIC and see if you still get bounces. Also, there are many variants of fxp hardware. Post the output of egrep -i fxp|phy /var/run/dmesg.boot and sysctl -a dev.fxp ---Mike This is observed both on some 8.2-STABLE and 8.3-PRERELEASE versions on the same server. I have replaced the ethernet cable as well as the device on the other end (a cable internet box), but the problem intermittently persists. It appears not to be a mechanical issue insofar as I can wiggle the cable at each end and not introduce this problem. fxp0 in this case is the on-board NIC of an Intel mobo. Ideas anyone? Tim Daneliuk tun...@tundraware.com PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fxp0 Link Going Up And Down
On 04/02/2012 03:52 PM, Mike Tancsa wrote: On 4/1/2012 4:21 PM, Tim Daneliuk wrote: I am seeing this intermittently: Apr 1 14:48:36 host kernel: fxp0: link state changed to DOWN Apr 1 14:52:27 host kernel: fxp0: link state changed to UP There were some fixes to the fxp driver on ~ March 26th that fixed the NIC bouncing up and down when it went into promisc mode. But those bounces were very short lived (a few seconds to transition). Your up/down events are minutes. Perhaps the cable modem is going into some sort of sleep mode ? Or perhaps just a hardware issue. If you can, I don't think so. The modem has a built in hub and I am not observing this problem on other devices plug in there. try and put a simple hub or switch between the cable modem and your NIC and see if you still get bounces. Also, there are many variants of fxp hardware. Post the output of egrep -i fxp|phy /var/run/dmesg.boot fxp0: Intel Pro/100 946GZ (ICH7) Network Connection port 0x1100-0x113f mem 0x9004-0x90040fff irq 20 at device 8.0 on pci4 miibus0: MII bus on fxp0 ukphy0: Generic IEEE 802.3u media interface PHY 1 on miibus0 ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow fxp0: Ethernet address: ... fxp0: [ITHREAD] and sysctl -a dev.fxp dev.fxp.0.%desc: Intel Pro/100 946GZ (ICH7) Network Connection dev.fxp.0.%driver: fxp dev.fxp.0.%location: slot=8 function=0 dev.fxp.0.%pnpinfo: vendor=0x8086 device=0x1094 subvendor=0x8086 subdevice=0x0001 class=0x02 dev.fxp.0.%parent: pci4 dev.fxp.0.int_delay: 1000 dev.fxp.0.bundle_max: 6 dev.fxp.0.rnr: 0 dev.fxp.0.stats.rx.good_frames: 2004295 dev.fxp.0.stats.rx.crc_errors: 0 dev.fxp.0.stats.rx.alignment_errors: 0 dev.fxp.0.stats.rx.rnr_errors: 0 dev.fxp.0.stats.rx.overrun_errors: 0 dev.fxp.0.stats.rx.cdt_errors: 0 dev.fxp.0.stats.rx.shortframes: 0 dev.fxp.0.stats.rx.pause: 0 dev.fxp.0.stats.rx.controls: 0 dev.fxp.0.stats.rx.tco: 0 dev.fxp.0.stats.tx.good_frames: 1701132 dev.fxp.0.stats.tx.maxcols: 0 dev.fxp.0.stats.tx.latecols: 0 dev.fxp.0.stats.tx.underruns: 0 dev.fxp.0.stats.tx.lostcrs: 0 dev.fxp.0.stats.tx.deffered: 0 dev.fxp.0.stats.tx.single_collisions: 0 dev.fxp.0.stats.tx.multiple_collisions: 0 dev.fxp.0.stats.tx.total_collisions: 0 dev.fxp.0.stats.tx.pause: 0 dev.fxp.0.stats.tx.tco: 0 Thanks for taking time to look into this... ---Mike This is observed both on some 8.2-STABLE and 8.3-PRERELEASE versions on the same server. I have replaced the ethernet cable as well as the device on the other end (a cable internet box), but the problem intermittently persists. It appears not to be a mechanical issue insofar as I can wiggle the cable at each end and not introduce this problem. fxp0 in this case is the on-board NIC of an Intel mobo. Ideas anyone? Tim Daneliuk tun...@tundraware.com PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Tim Daneliuk tun...@tundraware.com PGP Key: http://www.tundraware.com/PGP/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Please help me diagnose this crazy VMWare/FreeBSD 8.x crash
On 4/2/2012 11:43 AM, Joe Greco wrote: As a user, you can't win. If you don't report a problem, you get criticized. If you report a problem but can't figure out how to reproduce it, you get criticized. If you can reproduce it but you don't submit a workaround, you get criticized. If you submit a workaround but you don't submit a patch, you get criticized. If you submit a patch but it's not in the preferred format, you get criticized. I'm still not sure what you're taking as criticism. Nothing I've said was intended that way, nor should it be read that way. If you feel that you've been criticized by others in the manner you describe, you should probably take it up with them on an individual basis. My experience of FreeBSD as a community is that we tend to be both less critical of users, and less tolerant of it. Especially when compared to other communities that I've interacted with. Doug -- This .signature sanitized for your protection ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Please help me diagnose this crazy VMWare/FreeBSD 8.x crash
On 4/2/2012 11:43 AM, Joe Greco wrote: As a user, you can't win. If you don't report a problem, you get criticized. If you report a problem but can't figure out how to reproduce it, you get criticized. If you can reproduce it but you don't submit a workaround, you get criticized. If you submit a workaround but you don't submit a patch, you get criticized. If you submit a patch but it's not in the preferred format, you get criticized. I'm still not sure what you're taking as criticism. Nothing I've said was intended that way, nor should it be read that way. If you feel that you've been criticized by others in the manner you describe, you should probably take it up with them on an individual basis. It certainly seemed to me that As much as I'm sensitive to your production requirements, realistically it's not likely that you'll get a helpful result without testing a newer version. 8.2 came out over a year ago, many many things have changed since then. was an unwarranted criticism for reasons that I've already explained. Or perhaps this: And since you can't reliably reproduce the problem, how do you expect us to? I understand that these sorts of bugs are difficult/annoying, etc. Been there, done that. Which would appear to be suggesting that either (or possibly both): 1) The reporter has a duty to be able to reliably reproduce the problem prior to reporting, and/or 2) That there was some unreasonable expectation on the reporter's part that you were expected to reproduce it. I consider 1) to be ridiculous, as long as the reporter is reasonably willing to work to resolve the issue, that should certainly be good enough, and he's certainly been interactive enough to _my_ comments, and 2) seems to be nowhere in sight in the reporter's comments, but is nonetheless present in your response. Please respect Reply-to. Thanks. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
modem
My us robotics serial modem worked without issue on previous freebsd versions. With 9, user ppp term, I get /dev/cuau0/ device failed to open Suggestions? Tim ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: modem
Hi, On Tuesday 03 April 2012 06:49:55 tim smith wrote: My us robotics serial modem worked without issue on previous freebsd versions. With 9, user ppp term, I get /dev/cuau0/ device failed to open Suggestions? what does ls /dev say? Is the modem at least seen by FreeBSD? Erich ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
