Re: How to repair a system?
On Fri, Apr 23, 2004 at 09:27:04AM +0200, Daan Hoogland wrote: I have a system on which make buildworld won't work. I am thinking of doing a binary install on the system, but my only access to the system is ssh. So I am thinking of copying an image over and running sysinstall to install a new set of binaries and libraries. I would strongly advise you not to attempt doing something like this remotely over ssh(1). Chances are what will happen is the machine will crash and end up in an unbootable state. In order to upgrade a system you really have to have access to the system console. That means either you have to be right in front of the machine, or you have to use a serial console either with a console server or by connecting it via a null-modem cable to a nearby machine. Can this be done? Probably not. Is it the way to go? Not if your job or your company depends on it. Not unless you enjoy pain. What image should I use? Well, the choice at the moment would seem to be 4.9-RELEASE, 4.10-RC1 or 5.2.1-RELEASE. If you can wait for a few weeks, 4.10-RELEASE will be available. That is what I'd go for first on a machine being used as a serious server. However, 5.2.1-RELEASE while still a developer preview is getting well on the way towards stability. You might need it if you have hardware unsupported under 4.x. (Where to find sysinstall on it?) Under 4.x it's in /stand/sysinstall Under 5.x it's in /usr/sbin/sysinstall Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: majordomo question
On Fri, Apr 23, 2004 at 09:34:28AM +0200, Christoph Kukulies wrote: I was trying to find out why I din't receive any mail from the freebsd-java list and sent a which command to majordomo at freebsd.org but didn't get me listed with my email address. That's strange since I'm definitely subscribed to a couple of lists and I'm receiving messages. FreeBSD mailing lists are no longer managed with majordomo. Everything runs through MailMan now, and has done for over a year -- see http://lists.freebsd.org/mailman/listinfo Use the web interface to verify your subscription status -- the text field by the 'Unsubscribe or edit options' button is usually where you want to go. You should get a monthly reminder message telling you that information by default, although you can turn that off using MailMan's control panel. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Sendmail and masquerading
On Fri, Apr 23, 2004 at 09:43:22AM +0200, Harald Schmalzbauer wrote: I have another question(s) please: How can I have sendmail using a specified EHLO domain.tld instead of the machines name (changing the machines name is not a solution for me) Use: define(`confDOMAIN_NAME', `domain.tld')dnl in your `hostname`.mc file. And a last question: What do I have to use for sendmail when I want to do masquerading on a MTA which has a smart host defined? If I use the same two lines like on my local machine (which works) nothing happens on the MTA. No mail gets masqueraded. It's basically the same basic setup as for your local machine. You might find adding the following useful: FEATURE(limited_masquerade)dnl Applies masquerading only to those machines listed as MASQUERADE_DOMAIN below. The default is to do that plus all of the names listed in 'local-host-names'. FEATURE(masquerade_entire_domain)dnl Applies masquerading to all of the hosts under 'domain.tld' (from the MASQUERADE_DOMAIN setting below). MASQUERADE_AS(`domain.tld')dnl MASQUERADE_DOMAIN(`domain.tld')dnl See /usr/share/sendmail/cf/README for more details on these and other settings. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: PPP
On Fri, Apr 23, 2004 at 10:18:19AM +0200, xavier collot wrote: Hi! I'm french and don't understand the chapter 18.2.1.2 (Creating PPP device Nodes) in the freeBSD handbook. Yes. It's a pity that http://www.fr.freebsd.org/doc/fr_FR.ISO8859-1/books/handbook/userppp.html hasn't finished being translated yet. Precicely I don't understand what is N in the first paragraph. Is it necessary to change the tun0? 'N' is just being used as a variable there -- it just means you can have any number of tun devices. If you're just using the system to dial into an ISP then you probably only need one. I have an other question.(I'm sorry if it seems stupid). Is it essential to have an Internet access to use PPP? I want use it between two networks but I haven't Internet in these two networks. Sure -- you just need a couple of modems, a telephone line and a little know-how: connectivity to the rest of the internet is not necessary. You should set up one of the machines as the server (ie. takes the incoming phone call) and the other as client (ie. makes the call) initially. There are plenty of examples for setting up the machine as a PPP server in /usr/share/examples/ppp. To finish how can I know my FreeBSD version? % uname -r Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: What chooses the cvsup server ?
On Fri, Apr 23, 2004 at 10:22:34AM +0100, Aleksandar Simic wrote: the reason I ask is because when I issue 'make update' command in /usr/src I get the following message: *note the server name*: cvsup2.uk.FreeBSD.org *default host=cvsup18.us.FreeBSD.org -- note the server name So where is this cvsup2.uk.FreeBSD.org comming from ? /etc/make.conf -- specifically the SUPHOST setting. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: microuptime() went backwards
On Fri, Apr 23, 2004 at 01:13:11PM +0100, Jez Hancock wrote: On Fri, Apr 23, 2004 at 09:04:56AM +0300, hugle wrote: SOmetimes I see such messages in dmesg. perl# dmesg uptime() went backwards (1574174.333073 - 1573478.944788) what they mean? and what causes them to appear ? is it good or bad?? :) I'd always presumed these messages occured on my machine because the ntpd (network time protocol daemon) had adjusted the system clock. I can't actually tell you for sure since the messages aren't logged by syslog here so there's no easy way of comparing the times to see if they correspond to the ntpd adjustments. Check to see if you have ntpd running - if so that's probably the reason for the messages. Actually, that shouldn't happen because of ntpd(8). If ntpd detects that your system clock is fast, it will make it run slightly slower until it gradually comes back into synch. It shouldn't ever jump the system clock to the right time during normal operation, neither should it ever cause the system clock to run backwards. Of course, there is an exception: right after boot, it's usual to run ntpdate(8), and fairly common to run that with the '-b' flag so that the time gets stepped straight to the correct value. The ntpd developers have marked ntpdate for eventual retirement and have rolled its functionality into the main ntpd(8) -- so 'ntpq -q' is meant to be functionally equivalent to ntpdate. Even so, it's not clear to me that the 'step the clock' mode of operation is available from 'ntpd -q'. The OP's original query about 'microuptime went backwards' is something that has come up fairly frequently on various mailing lists. Googling for that message returns a few hundred hits. There has been quite a lot of effort to eradicate it, but apparently not with complete success yet. Most of the time it was apparently due to problems with apm on certain hardware, but it could be caused by other factors. With the switch to APCI in 5.x there have been far fewer reports of these errors appearing. Usually this is pretty innocuous. If you're only getting these messages occasionally, then you can probably just ignore them. On the other hand, if you've suddenly started to get floods of these messages for no apparent reason, it may possibly indicate that you have hardware which is starting to get a bit marginal. Keep the system under observation, backup religiously and check the log messages for clues regularly. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: make package from port
On Wed, Apr 21, 2004 at 09:59:19PM +, Killermink ! wrote: Is there a way I can create a package of xfce and its dependencies, so i can back them up, reinstall then pkg_add them/it easily? I tried a make package but it failed as it said it was already installed? To create a package from an already installed port: # pkg_create -b pkg-name (where pkg-name is the appropriate entry in /var/db/pkg) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: stupid sendmail question (did not issue MAIL/EXPN/VRFY/ETRN)
On Fri, Apr 23, 2004 at 04:40:42PM -0400, Duane Winner wrote: I am getting this in my /var/log/maillog: Apr 23 15:23:39 library sm-mta[169]: i3NJNd8g000169: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Which means that the Java side did not issue any SMTP commands after connecting and issuing an EHLO or HELO. Which perhaps indicates that the sendmail side didn't respond with the expected '250-smtp.example.com Hello ...' and following list of capabilities in response. What do you see if you telnet to localhost port 25 and then type in an EHLO command? It should look something like this, although you probably won't have the AUTH or STARTTLS parts unless you've modified your sendmail: % telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 smtp.infracaninophile.co.uk ESMTP Sendmail 8.12.11/8.12.11; Sat, 24 Apr 2004 08:59:29 +0100 (BST) EHLO localhost 250-smtp.infracaninophile.co.uk Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN 250-STARTTLS 250-DELIVERBY 250 HELP quit 221 2.0.0 smtp.infracaninophile.co.uk closing connection Connection closed by foreign host. Nb. That sequence generates precisely the sort of log message you saw: Apr 24 08:59:41 happy-idiot-talk sm-mta[8543]: i3O7xTra008543: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to IPv4 when my Tomcat serlvets attempt to send an email from my web app. I only want sendmail listing on 127.0.0.1:25, and the web app is configured to use 127.0.0.1 as it's mail server. It works fine on my Red Hat implementation, but I'm guessing FreeBSD sendmail is tightened up even more. I know that sendmail is working, because I can use the 'mail' MUA and send myself a quick email. I'm guessing this is a little different that just going #mail blahblah, because I'm doing mail relaying? But why would sendmail be denying mail relaying from itself (localhost). Is this fairly simple to address? I know its probably stupid, but I haven't played with sendmail in about 3 years, and never completely understood then either. Hmmm... in server.xml I have: Resource name=mail/Session auth=Container type=javax.mail.Session/ ResourceParams name=mail/Session parameter namemail.smtp.host/name valuesmtp.infracaninophile.co.uk/value /parameter parameter namemail.smtp.port/name value587/value /parameter /ResourceParams and in the per-application web.xml there is: resource-ref res-ref-namemail/Session/res-ref-name res-typejavax.mail.Session/res-type res-authContainer/res-auth /resource-ref and that seems to work very well. This is from within a jail, and speaking to sendmail in the host environment, which is why it can't use a connection via localhost. Port 587 is 'submission' -- the port designated for local submission on new messages by the MUA, distinguishing it from port 25 intended now for MTA to MTA transfer of messages. However, that's a new standard that has not yet reached universal acceptance, so speaking on port 25 should work as well. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Open Office - installation problem
On Sat, Apr 24, 2004 at 10:49:50AM -0700, Joshua Lokken wrote: * Terry L. Tyson Jr. [EMAIL PROTECTED] [2004-04-24 08:32]: It's not a package, it's a tgz file. Use tar xzvf file.tgz. Go to the OO site and read the install instructions, there are other things you No. It's a package, and it's *not* a tgz file. Errr... folks -- packages *are* .tgz files. Except under 5.x where they are .tbz files. They could just as well be .zip files, or some sort of compressed cpio format like .rpms or Solaris packages. It's just a mechanism for gathering a bunch of files and directories together into a single container for easy download. And the compression is just so that the maximum number of packages can be fitted into the space available. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Which version of freebsd..
On Sun, Apr 25, 2004 at 12:54:56AM +0200, lists wrote: Currently were going to reinstall all servers we have from redhat 9 to freebsd because redhat 9 is EOL... But after reading a few mails here that 4.9 is most likely not supported for a long time.. what version should we take then? 4.9-RELEASE will be supported[1] for at least a year from it's release, as is normal with all the the 4.x series. However, support for 4.8-RELEASE has been specifically extended until 31 March 2005, and it's listed EOL is actually later than the one for 4.9 at the moment. http://www.freebsd.org/security/ The upcoming 4.10-RELEASE will presumably be supported for the usual 12 months from release, which takes it to an EOL at around the same time as currently stated for 4.8-RELEASE and 4-STABLE. We will be using it for multiple servers (mail, database, app, web etc..) You have two choices: either the conservative one of installing one of the 4.x releases, or the risky one of installing a 5.x release. If your profit margin or job security depends on the performance of those servers, go with 4.x. You'll have getting on for another year of support, at which time you will have a choice of well-tested 5.x releases to jump to. Or you can just go to 5.x immediately -- avoiding the effort of a 4.x to 5.x transition. However be aware that 5.x releases are still Early Adopter, which among other things means that they don't get a very long support period[2]. In which case, expect to have to do an upgrade from 5.2.1 to 5.3 in the fairly near future. That Early Adopter status will change with the creation of the 5-STABLE branch and 5.3-RELEASE, which should happen later this summer. After that point the 5.x releases will be recognised as full-blown FreeBSD releases and receive the normal length of support. Cheers, Matthew [1] Support in this case means that security bugs in the base system will be fixed. It doesn't mean that such things as ports are guarranteed to work correctly. The whole ports mechanism is only thoroughly tested by the routine package building process, which takes place on the latest 4.x and 5.x release branches. Although it is generally possible to made the ports system work on older systems, this cannot be absolutely guarranteed. [2] There was some consternation after the release of FreeBSD-SA-04:04.tcp.asc when many people first realised that 5.1-RELEASE was no longer supported. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Open Office - installation problem
On Sun, Apr 25, 2004 at 08:32:37PM +0800, Stephen Liu wrote: Can I use 'zxvf' to untar the packages and do 'setup' to install OOo, the normal way not FreeBSD way? No -- in this case the files being referred to are in fact FreeBSD pkg's. You can certainly extract the contents using 'tar -zxvf', but it won't do you a great deal of good. This isn't like the OO packages for other OSes, where you unpack a tar-ball and run an included shell script to copy everything into the appropriate locations. The FreeBSD pkg_add(1) program handles all that uncompressing, untarring and copying things completely automatically, as well as doing some additional stuff like registering the package in /var/db/pkgs Is it necessary to remove OOo-1.1 first which I re-setup temperarily to work. You might be able to get away with having both OpenOffice-1.1 and OpenOffice-1.1.1 installed simultaneously, as they both install to separate subdirs of /usr/local. However, apart from using up huge amounts of disk space, I don't see that's going to do a great deal for you. OpenOffice-1.1.1 release is available via ports -- but apparently not yet as a precompiled package from http://projects.imp.ch/openoffice/ or the usual FreeBSD FTP sites. You can compile it yourself, but be warned: it's huge, has quite a long dependency list and takes geological ages to compile. Not for the faint hearted or those without a powerful machine. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: From aliases using mail and sendmail
On Mon, Apr 26, 2004 at 12:13:05AM +0930, Malcolm Kay wrote: I really need something like sendmail aliases but operating on outgoing 'from' addresses rather than incoming 'to' addresses. That's precisely what genericstable is for. You'll need aliases or virtusertable entries as well, to translate the name back to the UID when people send replies to that address. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: DHCP to Static
On Tue, May 11, 2004 at 06:11:20PM -0500, Bryan Cassidy wrote: Just went and got an extra NIC card, and ordered static ip address and upgraded my service. I have a quick question. If I am changing from dhcp to static is there anything that I need to do in order to take advantage of static or to setup static? Always had dhcp up until now. Not sure if I have to do anything to setup static. Thanks Well, you have to provide all of the configuration info usually supplied by DHCP yourself. That's not just the IP number and netmask, but includes such things as the default gateway, the IP numbers of the DNS servers you should be using, and static routes and probably a few other things as well. All of this stuff can be set by editing a few files in /etc -- /etc/resolv.conf for the DNS stuff (see resolv.conf(5) for instructions), and /etc/rc.conf for just about everything else (See rc.conf(5) and look at /etc/defaults/rc.conf for some examples). Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Syerm temperature monitoring?
On Tue, May 11, 2004 at 09:26:01PM -0400, stan wrote: Can I monitor the system temerature and voltages etc. under 4 STABLE? If so, what do I need to do this? It depends on what sort of system motherboard you have. On my system xmbmon(1) works very well for this purpose. There are several other alternatives in ports -- healthd, gkrellm with the appropriate plugins, consolehm which may work if xmbmon doesn't. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Secure NFS (sNFS) on 4-Stable: has somebody succeeded?
On Wed, May 12, 2004 at 05:05:26PM +0900, Rob wrote: Perl comes with the FreeBSD-4-Stable base system as: 10 -r-xr-xr-x 3 root wheel 10168 May 11 20:39 /usr/bin/perl 10 -r-xr-xr-x 3 root wheel 10168 May 11 20:39 /usr/bin/perl5 10 -r-xr-xr-x 3 root wheel 10168 May 11 20:39 /usr/bin/perl5.00503 our $VERSION = '1.54'; Yup. 'our' is a new keyword introduced in perl 5.6.x -- your version of perl is too old to run this software. Your best bet is to install a more recent version of perl from the ports (perl-5.8.2 recommended). Make sure you run: # use.perl port and then that you reinstall all perl modules so that the new perl can find them. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: newsyslog command in an script
On Tue, May 11, 2004 at 11:04:21PM -0400, JJB wrote: In an csh script I want to issue newsyslog /var/log/security. I need feedback from the newsyslog command in the form of an script testable return code / exit code so I can determine if the specified log met the rotate trigger for that file as defined in the newsyslog.conf file and the file was rotated or not. I have tested and know that newsyslog /var/log/security does check the newsyslog.config for an entry of /var/log/security and checks the size/time/date trigger to determine if file needs rotating. Is there any particular reason you've decided to write your script in *csh*? That is, I'm afraid, in very poor taste. For a full exposition of csh programming is considered harmful, see: http://www.faqs.org/faqs/unix-faq/shell/csh-whynot/ Keep csh(1) for what it does best -- being an interactive shell -- and do all your shell programming using Bourne shell. This may seem like arbitrary and irrelevant advice right now, but trust me: keep programming in csh and you're going to regret it. Maybe not today, maybe not tomorrow, but some and for the rest fo your life. So my question boils down to does the newsyslog command issue an return code I can check in an script to see if the log was rotated or not? If so what would the csh script command look like to perform the test? Now, your question: unfortunately newsyslog(1) does not indicate any sort of success or failure via it's return code. Infact, unless you give it a nonsensical command line triggering the usage() message, it will always return a successful status. Your next alternative is to test and see if the logfile is large enough to trigger newsyslog. In order to get the size of the file in bytes use: filesize=`stat -f %z filename` Then to test that the filesize is greater than 100k (which is the typical size used to trigger logfile rotation in newsyslog.conf): if $(( $filesize 100 * 1024 )) ; then # Stuff to do if the file is bigger ... fi Alternative approaches would be to look at the modification times on the *rotated* log files -- obviously the modification time on an active log file is constantly changing. Again the stat(1) command can get you that information: stat -f %m filename which gets you the time expressed as the number of seconds since the epoch (00:00h, 1st January 1970 UTC). Hint: to get the current time+date in the same format use: date +%s Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: moving /var symlink to /usr/var isn't working, now broke mysql
On Wed, May 12, 2004 at 08:54:08AM -0700, carvin5string wrote: rm -rf /var I am using FreeBSD-5.2. Everything works except the rm -rf /var, I get a message that it is not empty. I look in /var and see a subdirectory called empty, which is empty. But I cannot delete it. See chflags(1) -- /var/empty has had the 'schg' flag applied to it to make it immutable. You can see that by: % ls -ldo /var/empty dr-xr-xr-x 2 root wheel schg 512 Jun 25 2002 /var/empty/ Now, to get rid of the schg (or any other) flag you need to run: # chflags -R 0 /var/empty however that will only work at a low securelevel. If you have raised the securelevel -- ie if: # sysctl kern.securelevel tells you securelevel is anything other than '-1' or '0' then you will need to reboot the system into single user mode in order to do that. http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/security.html#SECURELEVEL Also see init(8) where the details of securelevel settings are described. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Cron Mailing
On Thu, May 13, 2004 at 12:51:34PM +0200, Ian Barnes wrote: Hi, I am trying to find out if something is possible. On our servers we would like all mail from cron not to come from [EMAIL PROTECTED] but rather from say [EMAIL PROTECTED] I assume you still want the jobs to be run by root though, otherwise you could just use the 'ian' account's crontab file. Is this possible? Am i making sense :P ?? Sure. 'root' always used to be special cased so that emails from there don't go through address rewriting. But since sendmail-8.10 that's no longer the case. Just use the normal genericstable mechanisms to rewrite the sender address. Read through the bits of /usr/share/sendmail/cf/README that deal with genericstable first, but essentially what you need is: i) Make sure your /etc/mail/`hostname`.mc file contains: FEATURE(genericstable, `hash -o /etc/mail/genericstable')dnl if not, add it to the .mc file and rebuild sendmail.cf and restart sendmail in the usual way: # cd /etc/mail # vi `hostname`.mc # make all install restart-mta ii) Edit the /etc/mail/genericstable file to set up the e-mail address mappings you need. That will be, minimally: rootian and then process that into the .db hash format sendmail will read: # make iii) That's all you need to do. Send some e-mails as root to test. Nb. this rewrites all e-mail from [EMAIL PROTECTED], not just the stuff emitted by cron. If you want to do that, it's going to be much harder to achieve. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: password expiry
On Thu, May 13, 2004 at 12:59:58PM +0200, Piotr Gnyp wrote: I`m trying to set password expiry for users, I`ve changed login.conf to: :minpasswordlen=6:\ :passwordtime=30d:\ :warnpassword=1w:\ But it doesn`t seem to work. What I`m missing, or where I will find the answer. Plase advice. # cap_mkdb /etc/login.conf perhaps? Remember too that login.conf is only consulted at login time, so you have to log out and back in again in order to see any effects. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Question Regarding the Applicability of the GNU General Public License / GNU Library General Public License
On Mon, May 10, 2004 at 01:04:06PM -0500, Hatteberg, David J non Unisys wrote: I just went to the FreeBSD website (www.freebsd.org), and went to the The FreeBSD Copyright and Legal Information section. I see that two of the possible links are to the GNU General Public License and the GNU Library Public License (GPLs). Yet, there is no reference to the GPLs in any of the other links (e.g., The FreeBSD Copyright pages, the FreeBSD Ports redistribution restrictions pages, etc.). In sum, there is nothing that says why the GPL's are included as links or how they are applicable to the FreeBSD software at all. Please advise why these are provided at the FreeBSD website and when, if ever, they would apply to any use of the FreeBSD software. Some of the software supplied as part of the FreeBSD base system is licensed under the GPL -- examples are gcc(1), groff(1), tar(1), and many other utilities and shlibs. Sources for the GPL'd stuff can be found within /usr/src/gnu/ -- see: http://www.freebsd.org/cgi/cvsweb.cgi/src/gnu/ If you wish to create a GPL-free system using FreeBSD as a base, that is just about possible but you will have to take care to delete those GPL'd applications and provide BSD licensed alternatives. Unfortunately you really do need gcc(1) in some form to compile the system. Work is ongoing to make the system compilable with Intel's C compiler, but as far as I am aware it doesn't actually work yet. Simply compiling software under gcc does not force you to license it under the GPL, despite the inclusion of some GNU startup code (crt.o, etc) in any binaries. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: sound set up
On Tue, May 11, 2004 at 01:47:26PM +0100, arden wrote: ive been using linux for some time and thought was time to try something new the install of 5.2 went without a prob but did not set up my sound card in linux would be able to probe the pci bus to get an id of the card with cat /proc/ pci but could not under bsd can you please point me in the right direction # pciconf -lv or look at the dmesg output from when the system last booted up: % less /var/run/dmesg.boot or if the sound card is supported by the pcm(4) driver: # cat /dev/sndstat [although these last two are less useful if you don't have an appropriate driver available in the kernel or the loadable kernel modules for that particular sound card]. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: password expiry
On Thu, May 13, 2004 at 01:22:45PM +0200, Piotr Gnyp wrote: On Thu, 13 May 2004, Matthew Seaman [EMAIL PROTECTED] wrote: On Thu, May 13, 2004 at 12:59:58PM +0200, Piotr Gnyp wrote: I`m trying to set password expiry for users, I`ve changed login.conf to: :minpasswordlen=6:\ :passwordtime=30d:\ :warnpassword=1w:\ But it doesn`t seem to work. What I`m missing, or where I will find the answer. Plase advice. # cap_mkdb /etc/login.conf perhaps? Remember too that login.conf is only consulted at login time, so you have to log out and back in again in order to see any effects. done that, and also I`ve added to sshd_conf: UseLogin yes And no effect. Tried on 5.2.1-R-p6 and 4.10-PRER. Ah... so you're using sshd(8). You didn't happen to mention that rather relevant information before. Can you try logging in on the console to test your changes? If login.conf settings work on the console then sshd is the problem. Otherwise, it's the login.conf stuff itself which is at fault. sshd(8) defaults to trying it's own key based authentication and then backing off to the standard PAM system to do user authentication -- see the ChallengResponseAuthentication entry in sshd_config(5). At the moment the default value of the relevant bit in /etc/pam.conf (4.x -- not sure what 5.x uses) is: sshdaccount requiredpam_unix.so and if you check the source code for the pam_sm_acct_mgmt() function of pam_unix.so in /usr/src/lib/libpam/modules/pam_unix/pam_unix.c you can see that the login.conf settings are checked when the session is authenticated using Unix passwords. OTOH if you're using ssh keys it doesn't seem to check that way. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: options in /etc/resolv.conf
On Mon, May 10, 2004 at 01:53:01PM +0200, Mipam wrote: I wish to use the following option in /etc/resolv.conf options timeout:40 However in man resolv.conf(5) i notice that this option isnt available. But i read here: http://ops.ietf.org/lists/namedroppers/namedroppers.199x/msg03798.html that this option is available from bind 8.2 named -v yields: named 8.3.7-REL Does freebsd use a modified version with not all options which comes in bind 8.3? FreeBSD uses a pretty standard version of BIND-8.3.7, and it uses the BIND resolver code in libc -- See: http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libbind/Makefile?rev=1.7content-type=text/x-cvsweb-markup The part you're interested in is handled by the code in res_init.c: look for the res_setoptions() function in: http://www.freebsd.org/cgi/cvsweb.cgi/src/contrib/bind/lib/resolv/res_init.c?rev=1.1.1.8content-type=text/x-cvsweb-markup Which suggests that the functionality you require is available, and that the man page is somewhat lacking. Note that the man page isn't supplied with the BIND sources, so it may well have got out of synch. Have you tried using those options in your /etc/resolv.conf? Do they work? Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Problem transporting signed emails
On Sun, May 09, 2004 at 11:57:05AM +1000, Edwin Groothuis wrote: I've been playing with signed emails (S/MIME, OpenSSL etc) but am running into an annoying problem: openssl smime -sign signs the text, but it adds ^M's at the end of the lines of the original text. When piping it through to the MTA, somewhere the ^M's are lost and the signature of the file including becomes invalid. % openssl smime -sign -binary ... perhaps? Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: UPDATING - perl
On Fri, May 07, 2004 at 10:13:14AM -0400, Tuc wrote: Who do I contact to see if they can add a step to the UPDATING document in ports to make sure/remind/etc people to use.perl port before upgrading all the modules? Try contacting the maintainer of the perl ports: % cd /usr/ports/lang/perl5.8 % make -V MAINTAINER It might be more worthwhile to put in a pkg-message, which should be displayed any time anyone installs the port or the pkg built from it. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: ipfw and MAC-keyword: unknown arg; but it is in man page!
On Mon, May 03, 2004 at 05:51:26PM +0900, Rob wrote: With my ipfw firewall, I try to use the MAC keyword, as explained in the ipfw man page: But to no avail: # ipfw add 900 allow udp from any to any MAC 00:a0:b0:0e:3a:95 any ipfw: unknown argument ``MAC'' # Is this a bug, or what? That's definitely a 'what'. MAC header filtering is an IPFW2 feature and that has to be enabled specially on 4-STABLE. Read the sections in ipfw(8) called IPFW2 ENHANCEMENTS and then follow the instructions in the section USING IPFW2 IN FreeBSD-STABLE Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: ports upgrade question
On Mon, May 03, 2004 at 02:25:18PM +0300, alexander botov wrote: I'm sure that this is a trivial question to ask . I'm considering source and ports tree upgarde from 5.2_REL to 5.2.1_REL . I've never did cvs before (usually i back up , format + binary install and restore ) . I've read the article from the handbook and everything is pretty much explained there . My question is when i install the new distro how should i upgrade the ports tree after syncing it from cvs ? Are there any guidelines , tips or tricks ? I've heard about portupgrade port . Is this the right tool for bringing my ports up to date ? Your help will be greatly appreciated and I hope will save me hours of hesitation and headache :-) You've pretty much got the right idea. portupgrade(1) is the tool to use. However, you should read /usr/ports/UPDATING carefully -- apart from anything else, if you're upgrading from the ports tree as it was at the time of 5.2-RELEASE you'll have a tricky ruby(1) version bump to deal with (ruby is the language portupgrade is written in) as well as major updates for some large software collections like Gnome and KDE. Note that the ports collection is developed pretty much independently from the base system, and reflects the completely independent development of software by any number of completely different projects. There's no particular requirement to only upgrade your ports concurrently with upgrading your system. In fact, it's probably better to upgrade ports slightly more frequently (or perhaps even a lot more frequently) than the base system. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Using MTREE
On Mon, May 03, 2004 at 04:25:41PM +0400, Oxid wrote: Hi, Could anyone explain me how to use mtree utility? Will this work? - mtree -deU -p / It looks like it doesn't work..nothing happens:( You need an mtree specification file in there: # mtree -deU -p / -f /etc/mtree/BSD.root.dist Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Openldap20
On Mon, May 03, 2004 at 03:44:06PM -0500, Darryl Hoar wrote: Greetings, what graphical tools (web based ?) existing for creating and maintaining a Openldap directory ? I am running Freebsd 5.1-release. There's phpldapadmin -- http://phpldapadmin.sourceforge.net/ It's not in the ports yet though -- just waiting for a committer to have some time to deal with PR ports/66154. You can install it fairly easily outside of ports by just unpacking the tarball in an appropriate place and editing the config.php. You will need to install PHP with openldap support (D'Oh!). Other than that, there's gq in ports as net/gq -- that's a Gnome based application rather than web based. Unfortunately that application has a distressing tendency to dump core at inopportune moments: see PRs ports/64532 ports/65740. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Installing port - skip required port
On Mon, May 03, 2004 at 04:42:07PM -0600, Brent Macnaughton wrote: Is there any way to install a port and tell it NOT to install one or more of it's required ports? For example: I installed the mysqlcc port, and it wanted to install mysql-client. I already have mysql-client installed, but I did not do it from the ports tree. Another port wanted to install Apache as a requirement. I already have Apache installed, but I did so from source. Is there some command line option to tell the system not to install certain ports? Or better yet, a config file I where can list ports not to install. This should happen automatically. When you go to install a port it doesn't look in the database of installed ports to see if its dependencies have been met. Rather it checks directly that particular files or shlibs are installed on the system. For instance, in the mysqlcc port, the line: BUILD_DEPENDS= qmake:${PORTSDIR}/devel/qmake says that the devel/gmake port should be installed if the qmake program is not available at build time. Dealing with MySQL itself is rather harder since there are 4 different versions available in the ports and most of the mysql dependent software will work just fine with any of them. That's what the 'USE_MYSQL' line in the Makefile is for. If you look at /usr/ports/Mk/bsd.port.mk you will find the following words of wisdom: # USE_MYSQL - Add MySQL client dependency. # If no version is given (by the maintainer via the port or # by the user via defined variable), try to find the # currently installed version. Fall back to default if # necessary (MySQL4.0 = 40). # and later on in the file you'll see that it eventually resolves down to a dependency statement like: LIB_DEPENDS+= mysqlclient.${MYSQL${MYSQL_VER}_LIBVER}:${PORTSDIR}/databases/mysql${MYSQL_VER}-client with all the version numbers filled in. This tests for the existance of libmysqlclient.so.X (where X is either 10, 12 or 14) and that it is known to ld.so -- so long as you get output from % ldconfig -r | grep mysqlclient then you should be OK. If not, you should add whatever directory you've installed the MySQL client lib to the shared library search path: # ldconfig -m /usr/local/lib/mysql and use the 'ldconfig_paths' variable in /etc/rc.conf to make that persistent across reboots. Similarly for the programs you have that depend on apache. Is there also a way to tell portupgrade to skip certain ports? Next time I do a portupgrade -aRr i do not want it to install mysql-client or Apache. You need to run 'pkgdb -F' -- this will find that the dependent ports (like mysqlcc) claim to depend on whichever mysql-client port, but there's no record of that port being installed. In this case, just hit Ctrl-D to delete that listed dependency -- if you're curious as to what actually happens, take a before and after look at the +CONTENTS file in /var/db/pkg/{portname}. On the whole though, it's much easier just to install everything via ports. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Freebsd
On Tue, May 04, 2004 at 09:53:53AM +0900, Luke Kearney wrote: On Mon, 03 May 2004 20:52:30 -0400 XylonMaster [EMAIL PROTECTED] granted us these pearls of wisdom: I am a begginer in unix and would like to know which freebsd version is considered the most stable and reliable. So far i have the freebsd 4.2 powerpack, but am wondering if the downloaded version of freebsd 5.1, 5.2 will allow me to install freebsd 4.2 third-party software form the 4.2 powerpack edition i have puchased 3 years ago. If out and out stability is what you are after then 4.9 is probably the one you want. 4.2 is a little dated now and is missing some of the new drivers that you might like to have available to you. There is nothing wrong with 5.X it is very slick and has some nice new features but IMHO you might get better mileage from 4.9 to begin with. Dual booting with 4.9 is a piece of cake too. 4.2-RELEASE is more than a little dated. It's also not the best choice if you're after maximum stability -- 4.2 was the eqivalent in the 4.x series of the upcoming 5.3 release in the 5.x series: that is the first release in the series considered properly stable. In fact, the whole scheme of 'New Technology' releases seen in 5.x is the result of the experience gained at that time. In theory you should be able to install your 4.2 packages on any later machine -- you'll need to install the 4.x-COMPAT stuff on a 5.x machine to have a hope of that working. However, there's no guarrantee that will work properly -- ports are tested with the current versions of the OS at the time they are created, and there's no scheme to test old ports on newer versions of the system (let alone the time and equipment required to do something like that). Also you will very likely be installing software for which various security and other bugs have since been discovered and fixed. You should be able to install up to date equivalents of anything you can find on your PowerPack CDs either from ports or from the pre-compiled packages on the FreeBSD FTP sites. Once you've got network connectivity working this port/package installation over the net is really very easy indeed to do. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: MIPv6
On Tue, May 04, 2004 at 10:33:10AM +0200, BOUVARD Bruno wrote: I work at Celar in France and I would like to know how to set up mobility functions on free BSD 4.9 It's very hard to give you any coherent advice without a lot more detail about exactly what you're trying to do, what you've tried and what happened. However MIP6 is very much a current research topic and a subject for advanced users. I'm not sure what support there is in the released base system -- from what I can gather by Googling, you would need to import a recent Kame snapshot into your kernel sources and get that to compile. Please try asking on the [EMAIL PROTECTED] mailing list. [or if you're really keen, the [EMAIL PROTECTED] list: http://www1.ietf.org/mailman/listinfo/mip6 but that's not for the faint of heart.] Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Openldap20
On Tue, May 04, 2004 at 01:54:48PM -0500, Darryl Hoar wrote: On Mon, May 03, 2004 at 03:44:06PM -0500, Darryl Hoar wrote: Greetings, what graphical tools (web based ?) existing for creating and maintaining a Openldap directory ? I am running Freebsd 5.1-release. There's phpldapadmin -- http://phpldapadmin.sourceforge.net/ It's not in the ports yet though -- just waiting for a committer to have some time to deal with PR ports/66154. You can install it fairly easily outside of ports by just unpacking the tarball in an appropriate place and editing the config.php. You will need to install PHP with openldap support (D'Oh!). Other than that, there's gq in ports as net/gq -- that's a Gnome based application rather than web based. Unfortunately that application has a distressing tendency to dump core at inopportune moments: see PRs ports/64532 ports/65740. I have already installed PHP with mysql support. I am using it for dynamic web content. Is there a method to add openldap support without de-installing the existing php/mysql combo first ? Unfortunately not. You need to completely rebuild PHP with the modified configuration so that it links against the OpenLDAP shlibs, and then re-install. Even so, that's pretty trivial to do with portupgrade. BTW. new release of phpldapadmin came out today: phpldapadmin-0.9.4 Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Question for the list about install BSD4.9 from FTP over CD
On Tue, May 04, 2004 at 01:46:02PM -0400, Jerry McAllister wrote: If I were to install FreeBSD by doing FTP rather than from a disc, will I get updated sources EG: install 4.9 release, which doesn't support my nic right off, but there is an update driver that does For the base system and source you would get whatever it was at the time it was made in to 4.9-release. You would have to cvsup to get any additional updates beyond that. Was the driver applied to 4.9 after the release? or just to current? Just because a driver came in to being does not mean that it was applied to 4.9. You may need to go to 5.xx to get it. So, check that to make sure it got added to 4.9 before depending on it. A new driver wouldn't be added to 4.9-RELEASE -- only security bugfixes go into the RELEASE branches. However it would go into 4-STABLE, and consequently will be in the up and coming 4.10-RELEASE. If the OP cvsup's the latest sources from the RELENG_4 branch and does a normal {build,install} world cycle he should get what he wants. Of there are some release candidate snapshots of 4.10 available as .iso's if you're allergic to compilers. But, I think, and I could easily be wrong, that the ports tree that you pull in during the install (via ftp) would be whatever is the latest at the time you do the install and the ports you install via the ports system would be the latest for any given named version in the ports tree. Yes -- you get a snapshot of the ports tree created at the same time (just about) as the release .isos were cut. However that is just a point in time in the continuous development of the ports. Use cvsup(1) to get the very latest stuff. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: shrinkfs?? is this possible?
On Tue, May 04, 2004 at 03:26:58PM -0500, Chris Collins wrote: Hello I was wondering if somebody could tell me how to shrink /usr. I need 64K available at the end of my disk to write some RAID info. When I setup the disk I used all available disk space. Maybe shrinking /usr is not the best solution Unfortunately this isn't possible, other than by dumping the filesystem to backup, blowing away the current partitioning using disklabel(8) or bsdlabel(8), recreating the filesystem in the shrunken partition via newfs(8) and then restoring the files from backup. Seeing as it's your user partition you want to shrink, and that contians most of your useful programs from the base system, you'll need to do that in single user mode, and preferably while booted from a recovery disk (disk 2 from the 4CD set). Which is an awful lot of work just to free up 64K. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Patching ports
On Wed, May 05, 2004 at 12:11:22PM +, Mikkel Christensen wrote: How do I add a patch to a certain port? Usually I would use the patch program to add the patch to the source code. But when using ports the system begins compiling right after rewtrieving the source. Thus not giving me a change to apply the patch. I've seen a folder named files in which patches part of the port seem to be located. But just adding the patchfile here apperently wont do much good. I've tried using the PATCHFILES variable in the Makefile but then the system complains the my patchfile does not have a matching MD5 hash. Does anyone know how to handle this issue? When building a port you can type: # make extract which will download any sources, check the size and checksums, unpack the sources into the work directory and apply any patches that come with the port. And then stop. At this point you can make whatever modifications you wish to yourself, and then finish off the build by # make So long as your patch doesn't add or delete files from the expected packing list then just doing a: # make install will work. It is also possible to put your patch file into the port's files directory and have it automatically applied, but you need to take care to account for the order that patch files get applied. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Ports Index Update Error - mail/lmtpd Failure
On Wed, May 05, 2004 at 10:40:39PM -0400, E. Eusey wrote: 2. Realizing that DB3 was a 'leaf package' (nothing depended on it), I simply You check dependancies by running 'pkg_info -a | grep -A 15 db3' at the command line. Look for a Required By: line. That's rather more neatly expressed as: % pkg_info -R db3-\* Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: Installing portaudit from ports
On Wed, May 05, 2004 at 11:25:35PM -0400, R. M. Los wrote: Dependency error: this port wants the OpenSSL library from the FreeBSD base system. You can't build against it, while a newer version is installed by a port. Please deinstall the port or undefine WITH_OPENSSL_BASE. Since I obviously don't want to do the first option, how would I go about doing the 2nd option? Where do you undefine WITH_OPENSSL_BASE?? It's undefined by default, but if you'ld defined it you have put the definition into /etc/make.conf or /usr/local/etc/pkgtools.conf WITH_OPENSSL_BASE is a flag for the security/openssl port which causes that port to overwrite the SSL shlibs and applications in the base system. That's not something to do without due care and attention as it can cause various problems. If you need the openssl port (which you probably don't as openssl is in the base system) think first of installing it under /usr/local. In this case, probably all you need to do is: # pkg_delete security/openssl then install portaudit, and then (if you're sure you need it) re-install security/openssl. Be warned: you might have to repeat that whole rigmarole every time an upgrade to portaudit comes out. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0.pgp Description: PGP signature
Re: any way to recover root password on 5.2
On Thu, May 06, 2004 at 12:28:18PM +0300, Gregory Edigarov wrote: I forgot root pasword on my just installed server. I've tryed to recover it by going to single user, then doing mount -a; passwd root, but no success. It says entropy device blocking. Dance fandago on keyboard to unlock. what can I do? Like it says, type a lot of gibberish into the keyboard. One of the places the system can derive randomness from is the time interval between key presses. If you're worried about accidentally typing a command and hosing your system, then you can start by doing: # cat /dev/null type arbitrary stuff for a few minutes, and then hit Ctrl-D. Then try re-running passwd(1). Alternatively you can edit /etc/master.passwd using vipw(1) and simply delete the crypttext of the password for the root account. Then boot back into multi user, and immediately log in as root and set a new password. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpgWWIBWTqve.pgp Description: PGP signature
Re: Built-in lpr vs CUPS
On Sat, May 08, 2004 at 06:55:54PM +0200, Kai Grossjohann wrote: The default setup is to include /usr/bin before /usr/local/bin in $PATH. This means that entering lpr -Pfoo doesn't work for printing on my machine, I have to say /usr/local/bin/lpr -Pfoo. It is obvious that I could change $PATH to mention /usr/local/bin before /usr/bin, but is that the right solution? Surely there is a reason for /etc/login.conf to mention /usr/bin first. Most of the system assumes it's using the utilities that come with it: ie. the contents of /usr/bin. Equivalently named programs could well be installed into /usr/local/bin, and those need not behave exactly the same, so for consistencies' sake, having /usr/bin first is generally better. However, that's not always what's required, and putting /usr/local/bin before /usr/bin in your path might be the right solution for certain user accounts. (Real users, not system ones) Any thoughts are very much appreciated. An alternative is to set up some shell aliases for those commands: % alias lpr /usr/local/bin/lpr Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp7KBrMTroeG.pgp Description: PGP signature
Re: identd getbuf error
On Sat, May 15, 2004 at 04:07:46AM +0800, John Lee wrote: I'm running freebsd4.10-pre on my AMD box and i have cvs to the latest source lately. I installed /usr/ports/security/pidentd and it doesn't work, i looked in /var/log/messages this is the error: identd[16356]: getbuf: bad address (0009 not in c012b510-0xFFC0) - ofile Hmmm... There aren't any problems listed for that port at: http://portsmon.firepipe.net/portsconcordance.py?category=security which suggests that it's something about your system that has lead to the problem. Unfortunately you don't give very many details so making it impossible to tell precisely what the problem is. Apart from the usual questions like are you using excessive optimization for C compilation? or are you absolutely certain that there are no hardware problems on your equipment? looking at the port there are a couple of other questions: Have you disabled IPv6 on your machine? pidentd defaults to providing IPv6 support, and all of the centralised testing is done on systems with IPv6 enabled. Have you defined WITH_DES when compiling the port? Have you done anything like installing the OpenSSL port with OPENSSL_PORT_OVERWRITES_BASE or whatever the flag is for that option. One thing you might try is pulling down the pre-compiled package from one of the FTP sites and see if that shows the same symptoms. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpaJREiObHEn.pgp Description: PGP signature
Re: FreeBSD 4.7 Syslogs
On Sat, May 15, 2004 at 01:51:40AM -0400, Matt Cyber Dog LaPlante wrote: I've inherited a FreeBSD 4.7 server as part of a system administration job. Recently I noticed that the syslog files had stopped collecting data. This includes /var/log/messages and /var/log/console among others. Up until some time last week, they'd been full of data, but after some unknown event, all data collection stopped. I did not build/configure the system, nor am I very fluent in the ways of BSD, so I do not know where else to begin looking for answers. I ran the newsyslog program to regenerate all the log files. It created them, with the single line stating a new log file was created, but aside from that one line they remain empty. I tried manually restarting syslogd, as well as rebooting the whole machine, neither of which have had any effect. I have not manually altered any syslog configuration info, and I basically have no idea what to try next. I'm a relative noob when it comes to FreeBSD, so I'd appreciate answers in a simple format. Thanks in advance... Hmmm... that doesn't sound good. Can you use logger(1) to write a test message into the log files? % logger -p daemon.info -t TEST Some test message which should appear in /var/log/messages. If it doesn't, look at /etc/syslog.conf and verify that it is sensible. Then try killing syslogd and starting it up in debug mode: # syslogd -d {other syslog flags} this will not daemonize itself or go into the background and will print out various debugging information as log messages come in. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpTVdIfyPqak.pgp Description: PGP signature
Re: Command to display the complete picture of hard drive
On Sat, May 15, 2004 at 03:26:28PM +0800, Stephen Liu wrote: FreeBSD 5.2 What command will be used to display the complete history of the hard drvice (other than fdisk) listing all partitions, their allocated space, used space, available space, date of creation, etc. I don't think that there is a single command that will get you all that. There are quite a few commands that will get you bits of that: fdisk(8), bsdlabel(8), fsinfo(8), df(1) although I don't think that all of the dates you want to see are stored anywhere. The Unix way of dealing with this sort of thing is to write a script wrapping together all of those tools and massaging the output into whatever form you want. Which does presuppose some reasonable facility with shell programming. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp3a5co40nMK.pgp Description: PGP signature
Re: Question re: eventual upgrade to 5-Stable
On Sat, May 15, 2004 at 02:13:35PM -0700, Robert Carr wrote: Is there any update as to when 5-stable might be released? Is 5.3 expected to be forked as 5-Stable? That is still the plan according to http://www.freebsd.org/doc/en_US.ISO8859-1/articles/5-roadmap/index.html However, dates have slipped, and may yet slip again. At the moment 4.10-RELEASE is imminent, and 5.3-RELEASE + the branching of 5-STABLE should happen a few months after that. If I build a FreeBSD 5 server for home use (Postfix, Apache) and use FreeBSD 5.2.x, is the upgrade path to 5-stable expected to be as easy as cvs-up and make-world, or would I have to re-format my HD and re-install with 5-Stable? That is very likely to be the case, but cannot be guarranteed. For instance the upgrade from 5.1 to 5.2 was significantly harder than that due to the introduction of code making the newer system rather incompatible with the older one. That sort of thing is entirely permissible with the New Technology releases, but wouldn't be permitted for the post 5-STABLE releases. Whatever happens you should be able to upgrade from RELENG_5_2 to RELENG_5_3 or RELENG_5 without doing a complete wipe and re-install, but there is a chance it may be a rather more involved procedure than a simple cvsup(1) and buildworld. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpQao5RJTahh.pgp Description: PGP signature
Re: Upgrading OpenLDAP 2.1.30 to 2.2.x
On Sun, May 16, 2004 at 10:25:33AM -0400, Robert Fitzpatrick wrote: Can portupgrade be used to upgrade OpenLDAP 2.1.x to 2.2.x by changing WITH_OPENLDAP_VER in my /etc/make.conf file to 22? Or do I have to deinstall the 21 package, and reinstall 22 and everything that depends on it? You can use portupgrade do that, but it's slightly more complicated than what you propose. The way to upgrade to not just a different version of the same port, but a completely different port is to use the '-o' option to portupgrade. Thus in principal to upgrade from openldap21-client to openldap22-client you would run: # portupgrade -o net/openldap22-client -f net/openldap21-client which will replace the openldap21 client side with the openldap22 stuff, fixing up all the dependcy linkages in pkgdb as it does. (Nb. there aren't any sanity checks while doing this, so you can in theory persuade the ports system that 'quake2server' is an adequate substitue for 'gcc34' and other insanities. Be sure you understand what you are doing.) Now, the astute reader will have noticed the weasel words 'in principal' in that first paragraph. That's because things are somewhat more complicated than you might hope. The problem is that the openldapXX-client ports provide several shlibs, and the ABI version number has changed from one openldap version to the other: % grep .so. openldap21-server/pkg-plist.client lib/liblber.so.2 lib/libldap.so.2 lib/libldap_r.so.2 % grep .so. openldap22-server/pkg-plist.client lib/liblber.so.202 @comment lib/liblber-2.2.so.7 lib/libldap.so.202 @comment lib/libldap-2.2.so.7 lib/libldap_r.so.202 @comment lib/libldap_r-2.2.so.7 That means that all of the applications linked against the LDAP shlibs have suddenly stopped working. To fix them, all you need do is reinstall -- the situation is analogous to the problem with 'libintl.so.N no found' thing that keeps coming up over and over on this list. Before we get too happy about doing that, first we need to take care of the openldap server. But that's only if you've got one running on this particular system. It just takes the same sort of command line as for the client upgrade: # portupgrade -o net/openldap22-server -f net/openldap21-server You may have to install some new versions of the Berkely DB library to get that to work correctly. Now you can re-install all of the other programs that link against the openldap shlibs -- which is basically all dependencies of the openldap-client port. Note that openldap-server is also a dependency of openldap-client, but there's no point in re-installing that again, or anything else updated after the OpenLDAP client software: # portupgrade -rf net/openldap22-client -x '=openldap*client' And that is really all there is to it. Oh -- although don't forget to put 'WANT_OPENLDAP_VER=22' into your /etc/make.conf or /usr/local/etc/pkgtools.conf once you're done. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpKRPLpuEOBb.pgp Description: PGP signature
Re: Upgrading OpenLDAP 2.1.30 to 2.2.x
On Sun, May 16, 2004 at 12:35:04PM -0400, Robert Fitzpatrick wrote: On Sun, 2004-05-16 at 11:24, Matthew Seaman wrote: That means that all of the applications linked against the LDAP shlibs have suddenly stopped working. To fix them, all you need do is reinstall -- the situation is analogous to the problem with 'libintl.so.N no found' thing that keeps coming up over and over on this list. Thanks for the detailed response. I have decided to upgrade a number of packages that are related, like Berkeley DB to version 4.2. Also, I have the openldap-sasl-* packages installed working with SASL 2.1.18 and Heimdal Kerberos 0.6, but I don't think I need upgrade these two packages, they seem to be at their latest versions, so I guess from what you're saying, I just need to reinstall these packages. Also, Postfix 2.0.16 that has LDAP support and I want to upgrade to 2.1.x. Is there any recommended order for this scenario, perhaps upgrade Berkeley first, then openldap-sasl-server-2.1.30 and client, then Postfix and reinstall all other dependencies? Right -- the sasl versions of the OpenLDAP client+server can be updated exactly as I showed. Just make sure you edit pkgtools.conf's MAKE_ARGS array so that 'WITH_SASL=yes' gets supplied to the openldap22 ports as well as the openldap21 ports. The ordering requirements are basically like I said: openldap client first, then openldap server then everything else that depends on openldap client. If you just let portupgrade sort out the order of all the other dependencies it will (probably) work just fine. Since you can install several different versions of the BDB libraries simultaneously, just install the one you want right at the beginning. Hmmm.. of course, this shouldn't need to be said, but make sure you dump out the contents of your LDAP server in ldif format or otherwise make a backup of it in a format *which doesn't depend on the precise version of the BDB libs you have installed*. I think BDB's on-disk data formats are pretty much compatible across versions, but I'm not entirely certain. Obviously make sure slapd and slurpd aren't running when you start doing any of this. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpLMRRxa0oGu.pgp Description: PGP signature
Re: properties of a file
On Sun, May 16, 2004 at 10:51:13PM +0100, arden wrote: just a quick question i know df will tell me the properties of the partition im in, but how do i find out how big a signal file is ? ITYM 'single file': % ls -l filename Where the 5th field in the output is the file size in bytes. But there are very many other ways to get that information: % wc -c filename % stat -f %z filename etc. etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgphGGaZ2xnqL.pgp Description: PGP signature
Re: How to allow 'User-A' to burn CD
On Mon, May 17, 2004 at 01:10:23PM +0800, Stephen Liu wrote: Which file shall I re-configure to authorize 'User-A' using 'burncd' to burn CD and how to edit it. /usr/local/etc/sudoers would be a good file to use to set up that sort of thing. You will have to install the security/sudo port and read up on the sudoers(5) manual page and the visudo(8) application used to edit that file. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpfKHwkMGkR4.pgp Description: PGP signature
Re: How to allow 'User-A' to burn CD
On Mon, May 17, 2004 at 08:16:30PM +0800, Stephen Liu wrote: What do these numbers (5) and (8) referring to. Page number? Section of the user manual, where (1) is user commands, (2) is system calls, (3) is C api, (4) is kernel devices, (5) is configuration file formats, (6) and (7) are not commonly used, and I can't remember exactly what they mean and finally (8) is system management commands. Usually I just use this to indicate a man page: so if I talk about sshd_config(5), you can pretty much just type: % man sshd_config and see what I'm on about. Sometimes the number is significant: to see the chown(2) man page you have to type: % man 2 chown because plain 'man chown' gets you the chown(8) man page. Cheers, Matthew PS. Actually (6) is games, and (7) is miscellaneous, as you can find out by looking at intro(6) and intro(7). -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpUKFzi05Ls9.pgp Description: PGP signature
Re: New work on installer?
On Mon, May 17, 2004 at 01:00:37AM -0500, [EMAIL PROTECTED] wrote: Has there been any new work on the installer or planned? If not, I would like to help... What about graphical? There's been plenty of planning and various projects to produce something better, but to the best of my knowledge all such efforts have basically ground to a halt. Probably the one that got closest to actually getting into production was the libh project -- http://www.freebsd.org/projects/libh.html but that seems to have imploded under a too ambitious development plan, and apparently nothing new has been produced by it since 2002. Note that the system installer tends to be quite a sore point around the various FreeBSD lists, with all sorts of claims about the current sysinstall(8) ranging from loud praises to downright hostility, often by people who haven't got the foggiest idea of how to improve things. It's also a topic that regularly gets bikeshedded to death. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpyn8UO9Yluk.pgp Description: PGP signature
Re: bit torrent
On Mon, May 17, 2004 at 03:30:04PM +0100, arden wrote: has bit torrent been ported to bsd i use btdownloadcurses.py under linux at the mo fx voice=obi wan Use the ports, Luke! /fx % cd /usr/ports % make search key=bittorrent | grep Port: Port: bnbt-7.5b2 Port: ctorrent-1.3.2 Port: gnome-btdownload-0.0.11_1 Port: libbt-1.01 Port: py23-BitTornado-0.2.0,1 Port: py23-BitTornado-core-0.2.0,1 Port: py23-BitTorrent-3.4.2,1 Port: py23-BitTorrent-core-3.4.2,1 Port: qtorrent-0.9.6.1 If you look at the full output of that 'make search' command you'll get a nice summary of what you need to know in order to decide what to install or not. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpqGiIPV4AZJ.pgp Description: PGP signature
Re: New work on installer?
On Mon, May 17, 2004 at 12:38:55PM +, slave-mike wrote: If one were to *not* use the installer to setup a FreeBSD system, (aka, like *old* dos, each step done manually), what are the manual steps involved? It's not something that I have at my finger-tips, as there's generally no need to install without the installer... However, an outline of the process would be something like this: - Boot up system from removable media (CD-Rom, floppy disk), or other external media (eg. Netboot (PXE)). - Slice and partition disk space appropriately - Install boot blocks or MBR if required - Create file systems on the partitions that require them. Temporarily mount the new file systems so that they can be written to. - Copy into place the kernel, kernel modules, the contents of the system directories like /lib, /bin, /sbin. /usr/bin, /usr/sbin This can be from a disk image or .tar file or similar on your installation media, or from any other system accessible over the network. - Edit the crucial configuration files (/etc/fstab, /etc/hosts, /etc/resolv.conf, /etc/rc.conf, ...) with appropriate data for the system. - Set a root password and possibly add other user accounts as required. - Reboot I think that covers everything necessary. Of course, actually carrying out all of these steps manually is another matter. You will have to make copious notes as you go along, as very often a later stage will require data (partition sizes, device names etc.) generated in an earlier one. This should give you a basic system installation, up and running in multiuser mode. If you want to create a vinum root partition or use various non-standard hardware or install via a serial console, you'll have to modify things somewhat, but the whole process should be quite similar overall. Beyond this, there is still a huge amount of stuff to do: configuring extra servers, creating user accounts, installing 3rd party software (perl, X Windows, cvsup, portupgrade etc.), getting hold of the latest ports and system sources for whatever branches you choose to use, building and installing an up-to-date system or using FreeBSD Update to achieve the same thing, building a customized kernel, security lockdown, testing, etc., etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpkRGfPrmkd5.pgp Description: PGP signature
Re: sendmail problems
On Tue, May 18, 2004 at 05:01:09AM +1000, Andri Kok wrote: I don't know wether this problem have come up beore, so here it goes... After a fresh installing and rebooting, the sendmail takes around 1 min and 10 sec to load. Then everytime it starts up, it takes the same amount of time to load. Is that normal? The hardware is a PIII 500 with 256MB of ram. I'm asking this because I'm not encountering this with my FreeBSD laptop. TIA guys =) FAQ. Sendmail is trying to get the FQDN for all of your network interfaces, but the appropriate data is not available in the DNS, which forces sendmail to wait for the entire DNS timeout (30s per server usually) in order to confirm that. If you look at /var/log/maillog you will see that sendmail says as much in its log output. Reading the system log should be just about your *first* response to a daemon process misbehaving. Either get the correct data entered into the DNS or put domain names -- that is with at least one dot in the name -- into /etc/hosts. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpLWLMNwXCPr.pgp Description: PGP signature
Re: ls(1) crashes
On Tue, May 18, 2004 at 12:25:09AM +0200, platanthera wrote: On Tuesday 18 May 2004 00:05, Dan Nelson wrote: In the last episode (May 18), platanthera said: ls(1) crashed (exited on signal 10) for the second time within a few days today. Could you please have a look at the core file and tell me what's going on? Or even better yet - point me to a beginners guide on how to interpret core files Signal 10 is a Bus Error and is usually due to bad memory or improper overclocking. I've checked the memory using memtest86, and _not_ overclocked the cpu. That's the right thing to do in the first instance, but getting an all clear from memtest86 doesn't guarantee you are 100% clear of problems. (In technical terms, memtest86 doesn't produce false positives (saying there's an error when there isn't one) but it does have a low rate of false negatives (saying there's no error when there is one)) However, I'd start to look at other aspects of the system now -- the first thing to eliminate would be hard drive problems. Can you reboot the system into single user mode, and run fsck(8) on all the partitions? That's # fsck -f (Nb. only the root fs should be mounted, and that should be mounted read-only while you're doing that. Not coincidentally, that's the state booting into single user mode provides). If there are any errors reported by fsck(8), and especially if repeated fsck'ing doesn't clear them then your hard drive is probably about to give up the ghost. Other causes of the problem could be overheating -- not necessarily of the main CPU (as that just results in the screen going black, and whole system rebooting itself after a while) but of some of the bridge chipsets on the motherboard. Sometimes those chips will have a fan assisted heatsink but that's not very common. If they do, verify that the fan is working properly, and in any case, verify that the main case and power supply fans are working correctly, vents are not obstructed (either by stuff around your machine, or by dust on the inside) and that internal ribbon cables and so forth aren't preventing the free movement of air around the inside of the case. Even if you can't nail down exactly what the problem is, you might want to consider doing a cvsup + {build,install}{world,kernel} cycle. It will either make any deficiencies in your hardware glaringly obvious, or could very well make your trouble go away. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpUqC08V8UcX.pgp Description: PGP signature
Re: remote monitoring system variables?
On Mon, May 17, 2004 at 06:32:42PM -0500, Stephen P. Cravey wrote: I'm tryign to locate a pre-existing method of monitoring FreeBSD systems. Specifically, I'd like a way to monitor sysctl variables, IPFW/PF counters, cpu and ram utilization(in that order). I can write my own interface, however I'd hate to have to reinvent the wheel if there's already something out there. Not to mention the difficulty in figuring out how to build an interface into the ipfw counters. Thanks. Most of that can by obtained via snmp -- the net-mgmt/net-snmp port would be a good place to start. You can get the system load and memory usage and the number of bytes transmitted via each interface straight out of SNMP, but for things like sysctl(8) output or IPFW counters, youl'd have to get the SNMP daemon to run an external script and return the results. You can probably figure out how to do that by reading the documentation supplied with net-snmp and by playing with the configuration file generator snmpconf(1). Once you've got SNMP capability available on your server, virtually all network monitoring software, including a bunch of large-scale commercial monitoring programs, will be able to process and display the results. If your budget doesn't run that far, then there's plenty of applications in ports that will do a similar job. Particularly recommended is net-mgmt/mrtg in combination with net/rrdtool -- very good for graphing the state of such things over time. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpMb2KQoKafv.pgp Description: PGP signature
Re: cvsup ports questions
On Tue, May 18, 2004 at 01:54:28PM +0100, Robin Becker wrote: Recently I found that package openldap-client-2.0.27_1 was causing problems. The port 'net/openldap20-client' was removed on 2004-05-03 because: removed EOL version of OpenLDAP Attempted removal was blocked by gnome2-2.4.0 gnomemeeting-0.98.5 Eventually I removed first gnome2-2.4.0, then gnomemeeting-0.98.5 after which openldap could be removed (even though /usr/ports/net/openldap20 was long gone). Now, however, I have to put these back by hand. This isn't too hard here, but what happens if the chain is longer. Is there an easier root with portupgrade? Funnily enough I wrote a message to this very list on that subject not 3 days ago: http://lists.freebsd.org/pipermail/freebsd-questions/2004-May/046744.html Just substitute 'net/openldap20' for 'net/openldap21' in what I wrote. Another thing is, should I worry about duplicate index warnings? No -- there's about 4 that always come up when I do a 'make index'. It happens because there are several 'slave' ports which are being confused with the master port by your setting variables in /etc/make.conf or even by autodetecting certain shared libraries you have installed. It's mostly harmless. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpTrzFEHffxM.pgp Description: PGP signature
Re: remote monitoring system variables?
On Tue, May 18, 2004 at 04:20:39PM -0500, Stephen P. Cravey wrote: I was afraid of that. I'll look more closely into the SNMP MIBS to see how much of what I need is available. The Issue I have with scripting SNMP is that the OID numbers for custom scrips seem to be dependant on how many scripts you are running. I'll verify that, but it looks like I may be writing some code to handle encrypted (or at least obfuscated) transmission of sysctl and ipfw data over an authenticated network connection. Never could decide myself if the concept of read/write access to the sysctl MIB tree via SNMP was way cool or run away, screaming! Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpEtjTX01YTi.pgp Description: PGP signature
Re: Howto set sysinstall to use CURRENT packages
On Tue, May 18, 2004 at 01:55:54PM -0700, Dinesh Nadarajah wrote: How do I set sysinstall to use current packages? In the config menu I changed 5.2.1-RELEASE to 5.2.1-CURRENT and several other values but would not recognize. Complains no such distribution is available on ftp.freebsd.org. There's no such package collection I'm afraid. Mostly because there's no such thing as '5.2.1-CURRENT'. There is 5-CURRENT, but that is the bleeding edge absolute latest development version of the OS, and as it's of no conceivable use except to system developers it doesn't have a package collection compiled for it. (OTOH, as you can probably use the packages for a similar OS version, the FTP sites do have a 'packages-5-current' sym-link to the packages-5.2-release directory). However, the packages for 5.2.1-RELEASE (or 4.10-RELEASE due any time now...) are updated at reasonably frequent intervals. Check the 'Latest' directory on the FTP sites -- eg: ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.2-release/Latest also, where is the config file for sysinstall? Where can I set its package repository, etc? Sysinstall(8) doesn't really have a config file in the way you mean. Sysinstall is designed for /installing the system/ (the clue is in the name) not as a general systems administration interface (although you can do some stuff with it along those lines). So the config file that sysinstall does have is more aimed at doing automated installion. There isn't a file that sysinstall will automatically check -- if you want to load a config file you have to either do it via the sysinstall Menu system, by setting 'LOAD_CONFIG_FILE' in the environment before you start sysinstall or by telling sysinstall the filename on the command line. Instead of sysinstall, try using the pkg_add(1) command -- the man page will tell you everything you need to know about how to use it. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpUvmbqrVKGT.pgp Description: PGP signature
Re: root no found
On Wed, May 19, 2004 at 07:02:41AM +0100, mehrdad nosrati wrote: but every 5 minute I receive a mail from cron daemon in which it says: Cron [EMAIL PROTECTED] root /usr/libexec/atrun root:not found FAQ: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/admin.html#ROOT-NOT-FOUND-CRON-ERRORS Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp2ZFhpr8DEK.pgp Description: PGP signature
Re: Cannot Login After Using Kuser to setup Accounts
On Wed, May 19, 2004 at 09:23:24AM -0500, Mark Teel wrote: On a fresh install of FreeBSD 5.2, after I add a user via kuser, when I logout I cannot log back in! I get a message stating that the accound has expired, even for the root user. Please help as this has rendered my system unusable. Hmmm... This sounds like a bug in KDE that was fixed some months ago. It would scramble the contents of the /etc/master.passwd file. To get the system back into a working state, reboot into single user mode (ie. wait until the 10 second countdown before booting the kernel, hit a key to interrupt and then type 'boot -s' and then just hit return when prompted to choose a shell. Now you should be able to restore the master.passwd file from the backup copy automatically kept in /var/backups. Try the following series of commands: # fsck -p # swapon -a # mount -a # cd /etc # mv master.passwd master.passwd-`date +%Y%m%d` # cp /var/backups/master.passwd.bak master.passwd # pwd_mkdb # reboot That should restore the password file to the state it was before you tried the changes that caused all of the trouble, and you should now be able to log in. If you haven't got a good copy of a password file in /var/backups, you can use the default installation password file from /usr/src/etc/master.passwd instead, but remember to set a root password immediately after you copy it into /etc. Once you're back up and running properly, update your ports tree using cvsup(1) and install the latest versions of the KDE software -- using portupgrade(1) [from the sysutils/portupgrade port] is probably the most pleasant way to do that, but be sure and check in /usr/ports/UPDATING to see if there are any special measures you need to take. Or you can grab precompiled packages from the FreeBSD FTP servers. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp3HyTzHX2P5.pgp Description: PGP signature
Re: sendmail only sends mail for root, not non-root users
On Wed, May 19, 2004 at 11:44:13AM -0700, carvin5string wrote: What do I have to do to make sendmail send mail for non-root users? Thanks Looks like your permissions are fubar'd. I assume you're running the standard sendmail daemon that comes with the system. If you're running the ports version, then you'll have to adapt these instructions. i) Make sure the permissions are correct on the spool directories etc. that sendmail uses: # mtree -p /var -e -U -f /etc/mtree/BSD.var.dist # mtree -p /var -e -U -f /etc/mtree/BSD.sendmail.dist ii) Make sure that the permissions on the sendmail binary are correct and that mailer.conf is correct. # /usr/src/usr.sbin/sendmail # make obj make depend make all install after which you should end up with sendmail installed as /usr/libexec/sendmail/sendmail with ownership/permissions: % ls -la /usr/libexec/sendmail/sendmail -r-xr-sr-x 1 root smmsp 607444 May 19 17:29 /usr/libexec/sendmail/sendmail (or do a complete buildworld cycle if it's time you had an upgrade anyway) The contents of /etc/mail/mailer.conf should look like this: # $FreeBSD: src/etc/mail/mailer.conf,v 1.2.2.1 2002/04/09 02:00:56 gshapiro Exp $ # # Execute the real sendmail program, named /usr/libexec/sendmail/sendmail # sendmail/usr/libexec/sendmail/sendmail send-mail /usr/libexec/sendmail/sendmail mailq /usr/libexec/sendmail/sendmail newaliases /usr/libexec/sendmail/sendmail hoststat/usr/libexec/sendmail/sendmail purgestat /usr/libexec/sendmail/sendmail iii) Check your sendmail config. Judging by the log snippet you show, you've got some sort of nasty mess, with non-working parts of your system calling itself 'sendmail' (perhaps a remnant of a much older version before the split into sendmail-mta and sendmail-clientmqueue?) If necessary move aside any `hostname`.mc files from /etc/mail, and start again by: # cd /etc/mail # mv `hostname`.mc /var/tmp # rm `hostname`.cf # make (this recreates the default `hostname`.mc) # vi `hostname`.mc # make # make install # make restart It's unlikely you'll need to do anything similar with the clientmqueue configuration -- the standard freebsd.subit.mc is exactly what's required for the vast majority of sites. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpu22fMSbHQ9.pgp Description: PGP signature
Re: netstat output - diff between 'link' and 'inet' counters
On Thu, May 20, 2004 at 11:23:01AM -0600, Nathan Kinkade wrote: I delved into trying to determine the cause of an unreasonably high number of Ierrs on a few FreeBSD routers we have setup on campus. While probing through the netstat output on the machines I realized that I don't understand the exact difference between the 'inet' and 'link' protocol families. Now, I understand the difference between IP and ethernet, but the byte and packet counts for 'inet' and 'link' don't seem to match what I would expect for those protocols, respectively. This tells me that the numbers being logged must differ from my expectations. Generally I notice that the 'inet' counts for an interface are a relatively small fraction of that for the 'link' counts for the same interface. However, on our main FreeBSD router that provides NAT and access to the internet the numbers are somewhat reversed, with 'inet' counts being much higher than the 'link' counts. Is there someone who can explain to me exactly what packet and byte counts actually represent for the 'inet' and 'link' families? I surmise that you're talking about the per-interface statistics as reported by 'netstat -i' or 'netstat -I ifN' rather than any other set of flags to netstat. Let's look at what I get on my system: % netstat -I de0 NameMtu Network Address Ipkts IerrsOpkts Oerrs Coll de01500 Link#100:40:05:a5:8d:b7 149504 0 111734 4 0 de01500 81.2.69.216/2 smtp 70771 - 120940 - - de01500 fe80:1::240 fe80:1::240:5ff:f0 -3 - - de01500 81.2.69.219/3 arbitrary 371042 - 301860 - - Now, link#1 corresponds to my local network (from 'netstat -r'): 81.2.69.216/29 link#1 UC 20de0 So the Ipkts count is for all the packets passing that interface with a destination address matching the 81.2.69.216/29 network but not including packets to one of the specific addresses on that interface. That includes many packets for some unused addesses out of my netblock[*] and also packets to the broadcast address 81.2.69.219 The other three entries are for the specific addresses assigned to that interface -- I have the principal IP number on the interface as 81.2.69.218, and a jail using 81.2.69.219, plus the automatically assigned IPv6 link-local address. (IPv6 traffic mostly goes via a gif(4) tunnel which acts like a different interface. Cheers, Matthew [*] It's a feature of the way my network is set up that all such packets will hit the de0 interface of that machine. Normally a network switch will prevent irrelevant traffic from hitting that network interface. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpzGFjDF9qzI.pgp Description: PGP signature
Re: WEB BASED EMAIL TRACKING
On Thu, May 20, 2004 at 12:54:59PM -0600, Shawn Guillemette wrote: Hello, I am in search for a application that I can use on my freebsd machine to read a mail spool and track email's that are sent in from customers. I would like to be able to track what employee has replied to how many email's. It would also be of great help if the application had the ability to lock any email messages that are currently being worked on until unlocked by the person reading it or a system admin. At one place I had worked in the past they had pearl programmers in house and spent some time on a system that would allow users (Employees) to log into a web based application. Each user would be able to see the same messages. ( Simular to a webmail client however each users has their own login) This system would allow each user to reply to the customers with a department signature and their name at the bottom. This way the customer hits reply and it goes to the department not the employees mailbox. Also allowing the next employee to review what was asked and the response that the previous co worker gave. I believe that the www/rt3 port can do what you want. Although RT is designed to be used primarily via it's web interface, you can generate tickets by sending e-mail to it: http://www.bestpractical.com/rt/features.html It's quite possible this is the very perl-based system you describe. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpsUPd2vI095.pgp Description: PGP signature
Re: upsd for Belkin F6C120-UNV?
On Thu, May 20, 2004 at 07:54:59PM -0400, Miles Lubin wrote: All the ups ports seem to be only for APC UPSs, but I have a Belkin F6C120-UNV connected over usb (it is recognized as uhid0 when connected). Serial would be ok, but I don't see any ports that would work for that either. On Belkin.com there is ups daemon there for FreeBSD 2.2.8. which doesnt work. Has anyone with the same model gotten it working? Try the sysutils/nut port: they claim to support exactly your model of UPS: http://eu1.networkupstools.org/compat/stable.html Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp8KNMWGrphs.pgp Description: PGP signature
Re: named in sandbox
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Muhammad Reza I running named in sandbox as a secondary name server with FreeBSD-5.1.p17, Named log always complain: named-xfer exited with signal 6 and slave zone expired for every zone transfer. On Thu, May 20, 2004 at 11:02:46PM -0700, Mitch (bitblock) wrote: You need to compile named-xfer as statically linked, or move it's dependant libraries into the chroot. Or switch to the BIND9 port which doesn't have a separate named-xfer executable -- the functionality is all rolled into the named binary, and that you don't have to copy into the chroot area in order to run chrooted. Look at this article for some pointers: http://othyro.freeshell.org/bind.html However, remember that's written netbsd-centrically, and you'll have to adapt the instructions for use under FreeBSD -- use ports instead of pkgsrc, and you'll need to investigate what to do to make devfs(8) create the requited device nodes under the chroot, rather than using mknod. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpv0x0vcfRWj.pgp Description: PGP signature
Re: your mail
On Fri, May 21, 2004 at 06:49:38AM +, [EMAIL PROTECTED] wrote: Synopsis:I am pursuing this direction and these goals but have no knowledge of the path befor me I have been working with BSD at home know for about two months and still do not have a working cd rom , but my knowledge is growing I really feel this need to grasp more but I do not know what it is that I am not understanding. Any help would be appreciated. Well, while trying to do it all yourself is a good way to learn, so is asking the avice of those more knowledgeable -- and it usually gets you a quicker solution to your problems. You say you've still not got a working CD Rom. Presumably you want us to help you get it to work, as a step towards learning more about FreeBSD and computers in general? In which case, you need to help us to help you. A vague question like how can I fix my CD Rom cannot really have a useful answer -- you need to tell us exactly what it is about your CD Rom that isn't behaving in the way you expect -- what commands you typed, and what the system response was. Tell us also what you've tried to do to fix the problem, and why it didn't work. In fact, preparing a question in this way will often clarify things in your own mind, so that you suddenly see the answer or think of a few more things to try. Leaping out of your chair, striking your forehead and yelling D'Oh! It so obvious! would not be an unusual reaction. A more detailed article about how to ask questions intelligently can be found at: http://www.catb.org/~esr/faqs/smart-questions.html Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpCV617rDBg2.pgp Description: PGP signature
Re: Help to start BIND on boot
On Fri, May 21, 2004 at 12:07:25PM +0100, Nuno César Pires wrote: I'm setting up a BIND/DNS server (recursive) and I'm facing a problem when I try to start the named automatically on boot (named_enable=YES in rc.conf): First I noticed that the boot process takes a very long time in the Starting Standard Daemons phase. After boot I have looked to the named messages and apparently it was everything ok i.e.: First message: starting (etc/namedb/named.conf). named 8.3.6-REL . Second message: limit files set to fdlimit (1024) Third message: Ready to answer queries. But the problem is the output of ndc status: (server is initializing itself) and then nothing happen. Starting or restarting the named manually works just fine, the ndc status output is server is up and running and the queries answers are as expected. The result after comment the kern_securelevel=2 and kern_securelevel_enable=YES lines in the rc.conf and reboot was the same as described above. The ROOT SERVERS file was updated and there is a permanent network connection Releases: FreeBSD 4.9 BIND 8.3.6 I usually see this effect with things like sshd(8), but it could affect BIND as well. I wonder if named(8) is blocking trying to read /dev/random to obtain a quantity of random data. If the system does not have sufficient suitable random data available, it will wait until it has acquired enough before replying. Sources of randomness are things like timing the gaps between key presses or between the arrival of network packets -- either of which may not be very effective around reboot time. Check your setting for 'rand_irqs' in /etc/rc.conf -- you need to set it to a list of IRQs that fire quite frequently and that have timings that can be used to harvest randomness from. To get a list of suitable IRQs use: % vmstat -i So for instance on my system that returns: interrupt total rate acpi0 irq9 1 0 pcm0 irq10 39644 0 mux irq1112139824 77 mux irq15 854820 5 atkbd0 irq1 49505 0 psm0 irq12 389549 2 sio1 irq3 81928 0 clk irq0157097139 1000 rtc irq8 20105805128 Total 190758215 1214 Choose the IRQs that fire most often, but not the clk (clock) or rtc (real time clock) IRQs -- as those fire at regular intervals. In this case good choices are irq1 (atkbd -- the keyboard), irq11 and irq15 (mux -- the TCP multiplexor (ie network traffic)), irq12 (psm -- the mouse). Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpCbEJrmSvah.pgp Description: PGP signature
Re: FreeBSD mailing lists
On Fri, May 21, 2004 at 07:41:08AM -0400, Mike Jeays wrote: I have received no messages at all from freebsd-questions, or one or two of the other FreeBSD mailing lists, for about 2 days. Do you know if there is a problem at their end, or has perhaps my ISP decided they are all spam? Well, there's no obvious problem with the FreeBSD servers -- plenty of e-mail traffic flowing. There might be a problem sending to your system specifically, in which case you can check and see if your address has been suspended via MailMan: Go here: http://lists.freebsd.org/mailman/listinfo/freebsd-questions and then type in your e-mail address in the very last field on that page, and click 'Unsubscribe or edit options'. On the next page, enter your password (you should get a monthly reminder of what your it is) and click 'login'. You'll be able to verify and modify your subscription status from the page you get to. Sending messages to your e-mail address will be disabled if your bounce score goes above 5.0 or if there are configuration errors with the mail servers you are trying to use. If it's your ISP bouncing the e-mail then get a better ISP. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpLfCBJgDHLp.pgp Description: PGP signature
Re: Postfix being stubborn
On Fri, May 21, 2004 at 01:26:26PM +0100, Edd wrote: Hi there, I have installed and used postfix many a time with minimal fuss, but this time for some reasona all of my mail just gets stuck: hitbox# mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- E76C639821* 331 Fri May 21 13:20:15 [EMAIL PROTECTED] [EMAIL PROTECTED] 5C0D339824* 334 Fri May 21 13:20:32 [EMAIL PROTECTED] [EMAIL PROTECTED] It will quite happily do this all day. The daemon is running. I have tried deinstalling and removing all configuration files and the postfix user and recompiling. Still no luck. Also postix is enabled in /etc/mail/mailer.conf. Im going insane! why oh why?! Postfix should log the reason why it can't deliver thos e-mails -- what is there in /var/log/maillog ? You should also be able to use 'mailq -v' (as root) to get a bit more detail about the state of the queue files. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpMDajLEbRqH.pgp Description: PGP signature
Re: Broken Disk
On Fri, May 21, 2004 at 07:36:11AM -0500, Jason Dusek wrote: I am trying to put a new disk on my system. I read the description of the process in FreeBSD Unleashed and apparently I misunderstood it, because I ended up installing a boot manager on the new disk. Now I can not mount it - I get error messages like: Presence of absence of a boot manager on the drive should make any difference at all once the system is up and running. # mount /dev/ad1e /mnt/backup operation not permitted /dev/ad1e is a very odd device name to be using. As far as I remember that's a backwards compatability thing from changes that were made somewhere around the FreeBSD-3.x timeframe. You probably want /dev/ad1s1e How do I 'start over'? I have tried to add this disk many times with /stand/sysinstall. Eventually I gave up and went to the command line utilities as outlined in the handbook. The error I got was interesting, but I have no idea what it means: # fdisk -BI ad1 *** Working on device /dev/ad1 *** fdisk: invalid fdisk partition table found You're going about this the right way, but you've run into a disk with a label so scrambled it's confusing fdisk(8). Old hacky trick is to zero out the first few blocks of the drive, so that fdisk(8) thinks the disk is completely virgin: # dd if=/dev/zero of=/dev/ad1 bs=512 count=10 Note that this will completely trash anything already on the drive. Then use fdisk(8), disklabel(8)/bsdlabel(8), newfs(8) to create filesystems. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgppHSkUH9F9Z.pgp Description: PGP signature
Re: Chipset compatibility issues and FreeBSD
On Fri, May 21, 2004 at 02:12:25PM +0100, Justin Finkelstein wrote: Hi there I'm about to make a decision on which motherboard to buy to run FreeBSD 4.9 in a production environment, and I'm getting a little confused over compatibility issues with the available chipsets and this version of FreeBSD. The chipsets in question are: Intel 865G, 865PG, 865PE. Hmmm... Well, looking at /usr/src/sys/pci/agp_i810.c (also agpreg.h) the 865G 82865G Integrated Graphics Device appears to be supported in 4-STABLE: case 0x25728086: return (Intel 82865G (865G GMCH) SVGA controller); as does the 82865G/PE/P, 82848P DRAM Controller / Host-Hub Interface in /usr/src/sys/pci/agp_intel.c: case 0x25708086: return (Intel 82865 host to AGP bridge); Which basically means Yes, it's supported. (Err -- there;s no mention of '865PG' anywhere though. Was that a typo?) There's no mention in the kernel sources of PCI ID 0x25718086 82865G/PE/P, 82848P PCI-to-AGP Bridge, 0x25738086 82865G/PE/P, 82848P PCI-to-CSA Bridge or 0x25768086 82865G/PE/P, 82848P Overflow Configuration. (See /usr/share/misc/pci_vendors for details of PCI ID numbers) so those devices may cause you problems. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpVNymg3XeFn.pgp Description: PGP signature
Re: named Configuration issue
On Fri, May 21, 2004 at 11:18:49AM -0700, [EMAIL PROTECTED] wrote: I am running bind 9.x on my primary and secondary servers. Since both are on the same C class subnet I have used a free DNS hosting to be a secondary for my site.. I am trying to added NS and A name records to the 2 name servers but I recieve errors when I restart/reload bind. Here is my mydomain.com zone file. ; ; The full zone file ; $TTL 1H @ IN SOA ns1.mydomain.com. postmaster.mydomain.com. ( 2004052003 ; serial, todays date + todays serial # 1H ; refresh, seconds 2H ; retry, seconds 4W ; expire, seconds 1H ); minimum, seconds ; NS ns1.mydomain.com. NS ns2.mydomain.com. NS ns0.xname.org. NS ns1.xname.org. MX 10 mail.mydomain.com. localhost A 127.0.0.1 @ A 10.0.0.0 MX 10 mail.mydomain.com. ns1 A 10.0.0.1 MX 10 mail.mydomain.com. www CNAME ns1.mydomain.com. ns2 A 10.0.0.2 MX 10 mail.mydomain.com. mailA 10.0.0.3 MX 10 mail.mydomain.com. ns0.xname.org. A 195.20.105.149 ns1.xname.org. A 213.133.115.5 here is the error is /var/log/messages: May 20 18:07:14 ns1 named[718]: dns_master_load: mydomain.com:33: ignoring out-of-zone data (ns0.xname.org) May 20 18:07:14 ns1 named[718]: dns_master_load: mydomain.com:34: ignoring out-of-zone data (ns1.xname.org) if I comment out the ns0.xname.org and ns1.xname.org then I don't get the error. BUT then if you query my NS there is no A record for the xname NS. So I was told that they were Not Glued but if you query ns0.xname.org there are A records for ns0.xname.org and ns1.xname.org. How can I create A records for the 2 DNS servers that are my secondaries from another domain? If I just leave it, then any DNS test I run shows that my DNS servers do not contain the same zone information. Because the NS0 secondary has A records for NS0 but NS1 does not.. :-( ns0.xname.org and ns1.xname.org shouldn't have entries in the zone file for mydomain.com, because (clearly) they belong to a completely different domain. Because it's a different domain then it's not your problem(TM). Presumably there is a nameserver for xname.org somewhere containing the correct data for that zone, and your name server will very quickly retrieve and cache those RRs once you start it up -- it has to, in order to send NOTIFY messages to all of the servers for the domain. If the xname.org zone doesn't have good A records for those domains, then you need to ask yourself if those xname.org people are really competent to provide a 2ary DNS service for you. The 'Glue' thing is different -- that's to do with the delegation of the 'mydomain.com' zone to your servers by the servers for the .com domain. When you registered the domain, you had to give a list of authoritative nameservers for the domain: those are entered into the .com zone file, along with what are called 'glue' records -- the server for .com has to contain a record of the IP numbers all authoritative DNS servers whose name ends in .com -- so called 'Glue' records. Note that the list of server IP numbers registered with the gTLD server doesn't have to match up precisely with your list of servers -- you can have extras listed in your zone, or even not register the primary, only the two or three secondaries. The advantage of which is that it's only the registered servers that get asked for RR data by third party resolvers. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpTO6gE4XucO.pgp Description: PGP signature
Re: netscape memory leak
On Fri, May 21, 2004 at 12:38:49PM -0700, whitevamp wrote: sorry if this quistion has allread been asked and awnsered.. i got noticeing that my system was runnung out of mem so i did top and this is what i found PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND 9936 dave -22 0 219M 98M RUN 16:03 46.04% 46.04% netscape-bin 15211 dave 31 0 2056K 964K RUN 0:08 3.37% 3.37% top 3 root -18 0 0K 0K psleep 4:08 2.93% 2.93% pagedaemon 99894 dave 2 0 21268K 2212K poll 79:20 1.90% 1.90% kdeinit 9941 dave 10 0 219M 98M nanslp 0:21 0.20% 0.20% netscape-bin 99870 dave 2 0 59268K 18568K select 63:32 0.00% 0.00% XFree86 netscape was takeing up 98 mem of ram si closed netscape and then did top agine and i found this PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND 9936 dave -22 0 247M 102M swread 17:55 6.64% 6.64% netscape-bin 9941 dave 18 0 247M 102M pause 0:23 0.00% 0.00% netscape-bin now it was takeing up 102 meg of ram so my quistion is this what would be causeing netscape to be useing up so much ram? and how do i fix it? Netscape 7.1 Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 uname -a FreeBSD vampextream.com 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Mon Oct 27 17:51:09 GMT 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 thx in advance for any help any one can give me on this .. Netscape and Mozilla and presumable some other related browsers have a failure mode where either the on-screen windows freeze or disappear, but the actual binary is left running in a catatonic state where it just spins and takes up system resources but doesn't do anything useful. Generally I've seen this triggered by websites using Flash animation and a few other data types which Netscape has to load a plugin to deal with. It can also sometimes leave some 'helper' applications running in the same sort of disconnected state. The only thing to do in those cases is kill all of the catatonic processes, and learn to avoid the sites that cause the problems. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpmJfDSPcl0R.pgp Description: PGP signature
Re: Multiple CPUs
On Fri, May 21, 2004 at 03:55:23PM -0700, Nicholas Bernstein wrote: How can one detect if a system is using multiple CPUs? I'm running freebsd 4.9 and I was hoping that either uname or top would give some information as to whether or not the second cpu is being used. dmegs outputs the following: CPU: Intel(R) Xeon(TM) CPU 2.40GHz (2399.33-MHz 686-class CPU) but I want to make sure that this is not just showing it's been detected, as opposed to being used. % sysctl hw.ncpu Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpMfgdHc11OX.pgp Description: PGP signature
Re: Help: Uncommenting FTP line in Inetd.conf: What's Next???
On Fri, May 21, 2004 at 09:52:35PM -0700, Mark Jayson Alvarez wrote: What's the difference between an ftp and a tftp? And what's next? tftp is the trivial file transfer program -- which is a very different beast to your standard FTP server. TFTP is used for moving files between machines usually local to one site. As it doesn't include any effective authentication mechanism it's not useful for transferring files outside your trust bounduaries -- use ordinary FTP for that. One of the principal uses for TFTP is to support diskless booting. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp86dqnJh01i.pgp Description: PGP signature
Re: upgrading ports, skipping or deferring from automatic upgrades
On Sat, May 22, 2004 at 04:59:57AM +, Andy Smith wrote: On the other hand, is there maybe a simple way to tell portupgrade *never* to upgrade specific ports unless they are forced or specified singly? There is. That's what the HOLD_PKGS array in /usr/local/etc/pkgtools.conf is for. That will stop portupgrade attempting to upgrade that package (or pkgdb or portversion doing their things). Use the -f/--force flag to override the held status. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpwGvH90hGNF.pgp Description: PGP signature
Re: compiler err trying to make buildworld.
[Sinal 11 problems] On Sat, May 22, 2004 at 02:21:17AM -0700, Gary Kline wrote: Can you give me a URL or should I google around? Y'know, the more I think about it, most of the time this system went down was during heavy builds or very heavy loads. It's a kind-of home brew, i815 box that Ihaven't touched for year. Prob'ly enough dust in there to make a (large) pillow;) This is the FAQ that has been mentioned: http://www.bitwizard.nl/sig11/ It's a bit Linux centric in places, but still good. The FreeBSD take on all this is at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/troubleshoot.html#SIGNAL11 You should clean out your machine as soon as possible -- all this overheating and crashing really isn't good for it. If it carries on, something quite expensive is likely to break. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpQyT0tWGhnp.pgp Description: PGP signature
Re: Router take advantage of device polling
On Sat, May 22, 2004 at 06:51:32AM -0400, Jeffrey Lyon wrote: I am currently running a router pushing about 15 megabit of traffic, with CPU usage like so: root 25 5.9 0.0 0 12 ?? WL 10:16AM 47:49.70 (irq7: bge0 amr0) root 14 5.9 0.0 0 12 ?? WL 10:16AM 55:15.63 (swi1: net) root 26 3.0 0.0 0 12 ?? LL 10:16AM 28:42.81 (irq5: bge1) I am told that activating the device_polling kernel option will cause a substantial reduction in this usage. Is there any truth to that statement? Probably not. I see you are using bge(4) devices -- there's nothing in the polling(4) or bge(4) man pages to suggest that the bge interface does support polling, and the code in /usr/src/sys/dev/bge makes no reference to the DEVICE_POLLING cpp macro, so it's unlikely to help with that hardware. Assuming you've got suitable hardware, whether device polling gains you much, or anything at all depends on the nature of the traffic you're dealing with. There are about dozen kernel tunables that you can use to optimize traffic flows. See the polling(4) man page for more information. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpUU7kuDeBRI.pgp Description: PGP signature
Re: Install Identd for FreeBSD 4.5
On Sat, May 22, 2004 at 07:27:17PM +0700, Hadi Surya Wijaya wrote: Questions : How to Install Identd on FreeBSD 4.5 step by step ..? identd is built in. Just edit your /etc/inetd.conf and uncomment the line that says: #auth stream tcp nowait rootinternalauth -r -f -n -o UNKNOWN -t 30 (Uncomment the following line as well if you use IPv6) Then restart inetd(8) by: # kill -HUP `cat /var/run/inetd.pid` Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpMMJvjfVXxZ.pgp Description: PGP signature
Re: Learning perl
On Sat, May 22, 2004 at 11:48:42AM -0400, JJB wrote: Looking for recommendations of best web sites for tutorials on learning perl, asking questions of peer group, lookup syntax, paper books, ETC. Three things: The Camel: http://www.oreilly.com/catalog/pperl3/ The Llama: http://www.oreilly.com/catalog/lperl3/ and the Monks: http://www.perlmonks.org/ Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpEUyMWOu1sC.pgp Description: PGP signature
Re: keyboard country mapping
On Sat, May 22, 2004 at 03:12:09PM -0600, Warren Block wrote: On Sat, 22 May 2004, arden wrote: I'm in the UK but my install has set up my keyboard as American how can i alter it ? You can choose a keymap interactively with kbdmap. Based on 'man rc.conf', adding keymap=uk.cp850 to your rc.conf may do what you want. (I'm not sure if that's the right one, though.) keymap=uk.iso is what I use in /etc/rc.conf Nb. All of the suggestions so far in this thread only deal with the keyboard map on the console. If you're using X, that has a completely separate keyboard configuration. From /etc/X11/XF86Config: Section InputDevice Identifier Keyboard0 Driver keyboard Option XkbModel pc105 Option XkbLayout gb EndSection And there are a whole series of applications to do things with X keyboards, whose names all start with 'xkb' -- probably the most amusing is 'xkbprint' which will give you a neat postscript file showing all of the symbols attached to each key according to what modifier (shift, alt, ctrl, ...) keys you use. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpEE7ealMJ8w.pgp Description: PGP signature
Re: Freebsd 4.x support IBM X235 Series and ServeRAID 6i/6M
On Mon, May 24, 2004 at 03:54:16PM +0700, Chinawat Wongvivitkul wrote: I have one question ask you about Freebsd 4.x. Does Freebsd 4.x support ServeRAID 6i on IBM X235 Series ? No, apparently not. It is however supported under FreeBSD 5.x: http://www.freebsd.org/cgi/man.cgi?query=ipssektion=4manpath=FreeBSD+5.2.1-RELEASE Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp6PHOcL8MDT.pgp Description: PGP signature
Re: Help to start BIND on boot
On Mon, May 24, 2004 at 12:29:55PM +0100, Nuno César Pires wrote: My question is: what solve the problem, the new FreeBSD 5.2.1 or the BIND 8.3.7? Good question. It's unlikely to be the simple replacement of one OS version or one BIND version for another -- we would know about it if there was a general problem with people running BIND on FreeBSD. How can I solve this strange behaviour in the FreeBSD 4.9/BIND 8.3.6 system? Unfortunately, having made my best guess, I'm afraid I'm all out of suggestions. Other than this: take a close look at the way both of those boxes are set up, and try and isolate the differences in configuration between the two. The answer should lie somewhere in there -- something you did differently on one of the boxes. Isolate that, and you're home and dry. Which is easy to say, but not necessarily easy to do. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpFD9N3WcROG.pgp Description: PGP signature
Re: Repeated connections to port 25 with firewall
On Mon, May 24, 2004 at 01:29:57PM +0100, Jonathon McKitrick wrote: This is probably a simple question with a simple answer, but I wasn't sure where to look. I recently installed a deny-all firewall and everything is working fine. However, I keep getting /kernel log messages about attempts to connect to port 25. Are these just various processes trying to mail their results to root, but can't because of the firewall? Or maybe cron doing the same thing? May 24 08:00:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:1101 flags:0x02 May 24 08:00:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:2270 flags:0x02 May 24 08:05:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:4230 flags:0x02 May 24 08:10:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:2687 flags:0x02 May 24 08:15:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:3274 flags:0x02 May 24 08:20:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:1542 flags:0x02 May 24 08:25:00 neptune /kernel: Connection attempt to TCP 127.0.0.1:25 from 127.0.0.1:3652 flags:0x02 If you're using sendmail, that the client mail submission instance trying to hand off a message to the MTA instance. If you type # mailq -Ac you should be able to see what been queued up. You will have to alter your firewalling to allow TCP connections localhost:any - localhost:smtp in order to get e-mail working on that machine. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpmbtB1O9Fod.pgp Description: PGP signature
Re: Broken Disk
On Mon, May 24, 2004 at 03:24:33PM -0400, Jerry McAllister wrote: man disklabel is pretty comprehensive. Yes. But, you have to read it together with man fdisk to make any sense of it and even then the writing is rather convoluted and confusing. They could both use a complete systematic rewrite. I don't think I know enough of the extra stuff (the stuff I don't usually use) to do it or I would try it. Actually, the disklabel application and man page got a complete rewrite and a change of name for 5.x. Compare and contrast: http://www.freebsd.org/cgi/man.cgi?query=disklabelapropos=0sektion=0manpath=FreeBSD+4.9-stableformat=html http://www.freebsd.org/cgi/man.cgi?query=bsdlabelapropos=0sektion=0manpath=FreeBSD+5.2-RELEASE+and+Portsformat=html Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp1wOXOLnOH7.pgp Description: PGP signature
Re: Getting source by anoncvs
On Mon, May 24, 2004 at 08:48:35PM -0700, Raymond Lillard wrote: I just failed at an attempt to pull down the latest sources via anoncvs using the instructions found at the URL below. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/anoncvs.html Looks like the docs have got a little out of synch with reality. There does not seem to be a server named anoncvs.FreeBSD.org. As I am located in the US, I don't want to use a server in another continent. The search results from here do not include anoncvs sites. http://mirrorlist.freebsd.org/FBSDsites.php This shouldn't be this difficult to track down. Most FreeBSD users will use cvsup(1) to grab the latest sources -- it actually makes a lot more efficient use of network bandwidth than anonymous cvs. There are at least 17 cvsup servers in the USA alone. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpT3y5lkdpkH.pgp Description: PGP signature
Re: `call' function in `make'
On Tue, May 25, 2004 at 07:25:59PM +0530, N. Raghavendra wrote: Is there an analogue in BSD `make' of the `call' function in `gmake': $(call VARIABLE,PARAM,PARAM,...)? Not as such. You can however use the '!=' operator to assign a value to a variable based on the output of some external command: RATIO != sh -c 'echo $$(( $a / $b ))' Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpWM4LudQJSc.pgp Description: PGP signature
Re: Running FreeBSD 4.9 Jails on a FreeBSD 5.2.1 system
On Tue, May 25, 2004 at 03:38:50PM -0500, Kung Foo Ham[p]?ster wrote: When I install FreeBSD 5 on my system can I run those FreeBSD 4 Jails on it and then upgrade them individually without much pressure. Afraid not. The jails have to run the same version of the OS as the host system. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpf5APtSkGqV.pgp Description: PGP signature
Re: `call' function in `make'
On Wed, May 26, 2004 at 12:15:57PM +0530, N. Raghavendra wrote: At 2004-05-25T15:44:51+01:00, Matthew Seaman wrote: Is there an analogue in BSD `make' of the `call' function in `gmake': $(call VARIABLE,PARAM,PARAM,...)? Not as such. You can however use the '!=' operator to assign a value to a variable based on the output of some external command: RATIO != sh -c 'echo $$(( $a / $b ))' Hi Matthew, Thanks for your reply. After writing to the list yesterday, I read make(1) carefully, and found what I wanted, namely the shell command for creating `dir1' in this example `Makefile': ### Makefile ## Create directory FOO if it does not exist. create_dir = if test ! -d foo ; then rm -f foo ; mkdir foo ; fi dir1: src1 $(create_dir:S/foo/$@/g) dir2: src2 $(create_dir:foo=$@) ### Makefile ends here However, I don't understand something. The command for `dir1' works perfectly well: % make dir1 if test ! -d dir1 ; then rm -f dir1 ; mkdir dir1 ; fi (`dir1' created) OTOH, the command for `dir2' does not work --- `make' is not expanding the local variable `@': % make dir2 if test ! -d $@ ; then rm -f $@ ; mkdir $@ ; fi (`dir2' not created) Can someone tell me why this is happening? Err... because in the second form the result of the substitution is not run through another round of variable expansion, and in the first for it is? You'ld have to ask the original authors of make(1) why they did it that way. Is there something wrong with the first form of the rule that means you can't use it? You have got a line: .PHONY: dir1 dir2 to force those rules to be applied even if dir1 or dir2 are newer than their sources? Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpm30kbde89O.pgp Description: PGP signature
Re: config is out of sinc
I am a little confused on the difference of RELENG_4_9 and RELENG_4_9_0_RELEASE. Is the first one for stable systems, and the later one for current systems? Think of it like this: RELENG_4_9_0_RELEASE marks the *beginning* of the RELENG_4_9 branch. RELENG_4_9 marks the *end* of the RELENG_4_9 branch. Thus the set of files labelled as RELENG_4_9_0_RELEASE won't change over time, whereas the set of files labelled as RELENG_4_9 will, to account for the security patches added to 4.9-RELEASE. The terms 'stable' and 'current' don't apply to the RELENG_4_9 or any of the other release branches. Think of the whole source repository of FreeBSD as like a tree. The tree has a trunk, which corresponds to 'CURRENT' ('.' in cvsup, also called 'HEAD' in cvs), and the tip of that trunk to the latest development versions of all of the files, etc. that go to make up the sources. Every so often a major branch grows out of that trunk: those are the -STABLE branches. That branching happens on average about once every two years. The first level branches have labels like 'RELENG_4' in cvs. Every few months you then get a 2nd level '-RELEASE' branch from the -STABLE branches: those have labels like 'RELENG_4_9'. Usually there's just the one main -STABLE branch actively being developed at a time and spawning release branches. As a special case at the moment, some -RELEASE branches have been produced directly off the main trunk (CURRENT) -- those are precursors to the imminent creation of the newest main branch to be called 5-STABLE. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0lnGun4uDI.pgp Description: PGP signature
Re: your mail
On Thu, May 27, 2004 at 10:36:48AM +1200, Richard Stevenson wrote: I've got a quick question about the most recent security advisory, FreeBSD-SA-04:11.msync. I'm trying to figure out how big an issue it is (whether or not I need to stop everyone's access to the file server until it's patched), given that we've got no untrusted users on our systems. Does anyone know if it's possible for a user to trigger this problem unintentionally or accidentally? You user would have to run some code programmed specially to produce the effect. Look at this thread on freebsd-hackers to see the problem report that ultimately resulted in the security advisory: http://lists.freebsd.org/pipermail/freebsd-hackers/2004-March/006396.html As you can see, the first discovery was due to inadvertently triggering the behaviour. However, if the problem isn't happening to you already, and you trust your users to the extent that they will not deliberately set out to trigger such a thing, then you can probably get away allowing your users to carry on accesssing your file server for a while longer. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp16zxqpoKHa.pgp Description: PGP signature
Re: symbolic link cycling
On Thu, May 27, 2004 at 07:12:02AM -0400, Boucher, Eric wrote: Is it possible to know which folders are pointing to each other in a cycle manner by doing a find or some other command? I have a backup utility (in windows thru samba) which seems to backup redundant files, probably due to some symbolic links pointing to each other in cycle. Maybe a shell script can do the job? I searched on the internet without good results. I hope that my question is clear. Thanks, The usual solution to this sort of problem is to make your backup script not chase symlinks at all. You can't create directory loops using hard links[1], and usually you would want your backup system to reproduce the symlinks rather than replacing the link with whatever it points at. Most commands you might use to make backups will default to not following symlinks -- tar(1), find(1)+cpio(1), dump(1), rsync(1) all work that way be default. cp(1) defaults to that behaviour if given the '-R' flag (copy filesystems recursively). Probably the best way to detect a symlink loop would be to record the inode number of any directory visited, and then test if the current directory had been visited before. Note: you can't do this with ordinary files, as it's perfectly legitimate for the same file to have many hard links and so appear in the filesystem in multiple places. Cheers, Matthew [1] Unless you have root access to the filesystem, and know quite a lot about its internals. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpOnNR5fcs33.pgp Description: PGP signature
Re: LDAP
On Thu, May 27, 2004 at 07:11:57PM +0100, Vince Hoffman wrote: I was getting ready to give up with LDAP (for samba and pam_ldap) untill i tried phpldapadmin, worked like a dream, not sure its in ports yet though. ( oh and i'll recomend ldap account manager which is in ports but only useful if you want to store posix and samba accounts under ldap.) phpldapadmin certainly is in ports now, and has been for all of, oh, 12 days now. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp0jk9hulquK.pgp Description: PGP signature
Re: Zyxel Prestige 630
On Sat, May 29, 2004 at 01:41:08AM +0100, Jon Mercer wrote: Without double checking, the 630 is just an ADSL router running a connection to FreeBSD over ethernet. In short, so long as the ADSL parameters are configured on the 630 it should all work just fine. Hope this helps. I'm running a 600 series myself. Not quite. The Prestige 630 connects to the PC by USB. The 640 and higher models have a built in 10/100 Ethernet port, if not built in ethernet switches or WiFi. http://www.zyxel.com/product/model.php?indexcate=1022046269indexcate1=1021877946indexFlagvalue=1021873638 Unfortunately I have no idea if the 630 will work with FreeBSD. The 643 and 645 models work fine as ADSL routers connecting via Ethernet. The firewalling capability on the 645 is not brilliant -- I think that has been much improved in the 650 and above models. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp9j2U5juGfX.pgp Description: PGP signature
Re: Problem after installing 'lprng'
On Sun, May 30, 2004 at 09:12:53AM -0400, Gerard Seibert wrote: Obligatory OS system info: uname -a FreeBSD rcn.com 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Feb 23 20:45:55 GMT 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 I was having problems printing from KDE, so I used the ports to download and install 'lprng' as well as the 'lprngtool'. The printing problem was solved. However, a new problem has arisen. Upon boot up I receive the following error message: Local package initialization: Starting Dr. Web daemon... dnetc printer Fatal error - Cannot bind to lpd port '515' . You have probably managed to configure your machine to try and run both the lpd(8) from the base system and the lpd from the lprNG port. Which means the lprNG version can't start up because the base system version has already bound the the lpd port. Make sure that your /etc/rc.conf has only the lprng entries. I have no idea why this is happening. In addition, when I attempt to run the 'lprngtool' script from within KDE, I receive the following error message: Error executing command 'lpq -a -s' lpq: illegal option -- s usage: lpq [-a] [-l] [-Pprinter] [user ...] [job ...] I am not sure if that has anything to do with this or not. I would certainly appreciate any assistance that someone can afford me. lpq(8) from the base system is being run, and that doesn't understand the '-s' option used by lpq(8) from lprNG. Either you need to specify the full path to the correct version of lpq (which will be /usr/local/bin/lpq if you've installed lprNG from packages), or you have to futz with the $PATH and put /usr/local/bin before /usr/bin. Note that fiddling with the order of directories on the $PATH can cause all sorts of weird effects in completely unrelated software so test early and test often if you do that. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp7ZissWL8mB.pgp Description: PGP signature
Re: NFS server fail-over - how do you do it?
On Sun, May 30, 2004 at 02:43:37AM -0500, adp wrote: I am running a FreeBSD 4.9-REL NFS server. Once every several hours our main NFS server replicates everything to a backup FreeBSD NFS server. We are okay with the gap in time between replication. What we aren't sure about is how to automate the fail-over between the primary to the secondary NFS server. This is for a web cluster. Each client mounts several directories from the NFS server. Let's say that our primary NFS server dies and just goes away. What then? Are you periodically doing a mount or a file look-up of a mounted filesystem to check if your NFS server died? If so are you just unmounting and remounting everything using the backup NFS server? Just curious how this problem is being solved. If you're mounting those NFS partitions read/write, then there really isn't a good solution for this problem[1] -- you need your NFS server up and running 24x7. If you are NFS mounting those partitions read-only, then you can in principle construct a fail-over system between those servers. Some Unix OSes let you specify a list of servers in fstab(5) (eg. Solaris) and clients will mount from one or other of them. Unfortunately you can't do that with standard NFS mounts under FreeBSD. You could try using VRRP -- see the net/freevrrpd port for example -- but I'm not sure how well that would work if the system failed-over in the middle of an IO transaction. In any case -- certainly if your NFS partitions are read/write, but also for read-only, perhaps the best compromise is to use the automounter amd(8) This certainly does help with the 'nightmare filesystem' scenario, where loss of a server prevents the clients doing anything, even rebooting cleanly. You can create a limited and rudimentary form of failover by using role-base hostnames in your internal DNS -- eg nfsserv.example.com as a CNAME pointing at your main server, and then modify the DNS when you need the failover to occur. It's a bit clunky and needs manual intervention, but it beats having nothing at all. Cheers, Matthew [1] Well, I assume you haven't got the resources to set up a storage array with multiple servers accessing the same disk sets. -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgp3LgQX3cSP5.pgp Description: PGP signature
Re: Can I specify the resolver timeout?
On Mon, May 31, 2004 at 06:38:58AM +0300, Giorgos Keramidas wrote: On 2004-05-30 22:26, adp [EMAIL PROTECTED] wrote: Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2004-05-30 12:04, adp [EMAIL PROTECTED] wrote: Is there a way to override this timeout value? I know it is possible on other UNIX systems, such as AIX. Basically, we want to get a response within 3 seconds or the resolver should try the second DNS server. Look at resolv.conf(5). More specifically at the options timeout option. I did in fact look at the manpage and did not find that option. I just looked again and I still can't find it. # man resolv.conf | grep -i timeout # uname -r 4.10-BETA Are you running FreeBSD 5.x perhaps? If the option is available and my manpage is wrong then that's fine. Just let me know. :) Hmmm, I *am* running 5.X. Looking at the manpage source I see that this option's missing from the 4.X sources :( This came up on the list quite recently. The source for the FreeBSD resolver.5 man page (/usr/src/share/man/man5/resolver.5) is maintained separately from the equivalent BIND source contributed from the ISC (/usr/src/contrib/bind/doc/man/resolver.5) The 'timeout:' and 'attempts:' entries in the FreeBSD man page are there in HEAD and have been for 5 months, but (despite the CVS comment on version 1.10 of the page) haven't been MFC'd to RELENG_4 or RELENG_5_2 yet. Whether this means that support is available in the underlying resolver libraries is another question. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpF2u7lAhMVW.pgp Description: PGP signature
Re: Freebsd - Mail configuration and syntax
On Mon, May 31, 2004 at 09:32:21AM +0100, Carla Neves wrote: I would like someone to give me some good tips to configure my email on Freebsd v4.9, to send/receive messages. I would like to use what I have already installed: sendmail, mailx. I went through the Freebsd manual but I coulnd't find any tips for the syntax of sending/receiving emails, just the sendmail configuration. So I would apreciate your help to give me the good steps for: Hmmm... the mailx command always used to be a SysV thing -- in fact, a port of the BSD mail(1) command, which they had to rename because they already had a mail(1) command which did something completely different. Looking at the pkg-descr for the mail/mailx command it actually looks almost identical to the mail(1) command in the base system. 1- Configuring sendmail (although is already in the manual) Could you be more specific about what you want to do with your e-mail system? In general, all things are possible (e-mail wise) using sendmail, but not necessarily easy or obvious. 2- Syntax used to send email (with examples would be great). Well, to use mail(1) to send an e-mail from the command line it's pretty much: % mail -s Message Subject here [EMAIL PROTECTED] Then type in your message ending with a ^D or a '.' on a line by itself. There are a number of ~-escapes you can use to do things like invoke an editor or edit the message headers. For use in scripting, mail(1) is quite handy -- you can do something like this: mail -s Automatic Message [EMAIL PROTECTED] E_O_M The contents of the message goes here. As much as you like, really. E_O_M but it's more efficient to pipe stuff directly into sendmail: /usr/sbin/sendmail -t -oi -oem E_O_M To: [EMAIL PROTECTED] Subject: Automatic Message The contents of the message goes here. As much as you like, really. E_O_M 3- Syntax to see the received emails. Just type mail to get a listing of your inbox, then type the message number to read that message, or 'n' for the next message. I went through the man pages of mailx and sendmail, but they seem not to be very userfriendly for someone who is quite knew configuring email on Freebsd. So could you please help me? sendmail is quite hard to deal with. A very good resource is the file /usr/share/sendmail/cf/README which summarises all of the options you can put into a .mc file. The Sendmail Operations manual in /usr/share/doc/smm/08.sendmailop/paper.ascii.gz also contains a great deal of useful stuff. However, if you really want to get to grips with it, you should look at the bat book -- Sendmail, 3rd Ed. Costales and Allman, O'Reilly (http://www.oreilly.com/catalog/sendmail3/) Personally, I'm not a big fan on the mail(1) command for interactive use -- mutt(1) is much better. Lots of people like pine(1) and it's certainly a lot more friendly towards beginning users. Then there are e-mail clients available for emacs, plus a whole range of GUI mail clients such as Mozilla mail, Thunderbird, Evolution etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpxa2zVyLpHb.pgp Description: PGP signature
Re: Groups
On Mon, May 31, 2004 at 08:37:39AM -0600, Scott Gerhardt wrote: To simplify administration for some temporary groups I would like to make a group a member of an existing group. The question is: Can a group be made a member of a group, i.e. nested groups? There is nothing in the documentation that says that a group can or cannot be made a member of a group. Unfortunately that doesn't work with the regular Unix /etc/groups file -- it's only users that can belong to groups. Same goes for things like NIS if you're using that. You might be able to achieve that effect if you're using LDAP, but you'ld have to put a bit of effort into finding out exactly how. The one place where this sort of trick does work is with mail aliases. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpIUlrJwTJFQ.pgp Description: PGP signature
Re: HELP: I ran /stand/sysinstall...upgrade(100 % completed) But nothing happened..
On Mon, May 31, 2004 at 11:11:28AM -0700, Mark Jayson Alvarez wrote: I'm currently using freebsd 4.9 and I've wanted to upgrade to freebsd 4.10. What I did was I've followed the instructions on the site which says that the most convinient way is to use the /stand/sysinstall utility and choose the Upgrade from the list... when I'm on it... I've chosen to download from the ftp.freebsd.org then I selected minimal upgrade since I've already an upgraded version of XFree86 And I also unchecked the crypto option... to make sure that i'm installing the least possible packages size.. Hmmm... You need to read those instructions carefully. The /stand/sysinstall upgrade route sounds very appealing to the uninitiated, but actually you tend to get better results by using cvsup(1) to pull down the appropriate set of source code, and doing the whole 'make world' cycle yourself. There's several more stages to that procedure, but it's mostly along the lines of type this command, and then go away and have a hot beverage of your choice while the machine does a load of stuff. Full instructions are at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html The really, really good thing about the 'make world' procedure is that if it goes wrong in most of the stages then there's no lasting harm done: even if you've got as far as the stage of installing a new kernel which you find doesn't work, you can still back it out without too much trouble and try again. Question: Have I done the right thing when upgrading from 4.9 to 4.10. or I've just downloaded 40 mb worth of unworthy files?? Nope. The /stand/sysinstall procedure certainly should work. The files you've downloaded are the same as went onto the 4.10-RELEASE CDs. Cause I cannot see my system booting in Freebsd version 4.10... still says freebsd 4.9... It also add something like.. cant load kernel.. booting old... It looks to me as if you have a (mostly) 4.10 userland installed, but the 4.10 kernel you're trying to boot from has been trashed. (So the system boots up using /kernel.old, which is the 4.9 kernel you were using before). There's plenty of ways you could have ended up with a corrupted kernel image -- did you perhaps run out of space in your root partition? Whatever, you've got a 80% updated system. and your next course of action has to be to try and get an uncorrupted copy of the 4.10 kernel installed as /kernel. You can copy the kernel image from any of the installation CD images, or you can build your own from the system sources: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html although you will need to be familiar with the chflags(1) command and you should boot into single user mode first if you usually run using a raised securelevel. More info here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-trouble.html#KERNELCONFIG-NOBOOT Having a mis-match between the kernel and the userland versions is not a good thing, but it usually isn't disastrous if the versions aren't too far apart. Various programs that access kernel data -- like ps(1) and top(1) -- probably won't work but you should be able to live without them long enough to get everything back in synch again. If I'm on the right track,, Is there any command that I can type to be able to test it? Hmmm... it's a bit more involved than a single command to sort this type of problem out. But it is eminently fixable and it shouldn't require you to have to do anything regrettable, like a complete re-install from scratch. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpEu9CwKxNzk.pgp Description: PGP signature