Re: root | su
On Friday 24 October 2008 23:59, Jos Chrispijn wrote: [Jeremy Chadwick said] You're trying to solve a social (possibly personal?) problem with technology. Simply put, this is a bad idea. Yep, I think that is .true. I would highly recommend you either talk to the idiot and explain to him why what he's doing is improper or foolish, or simply pull his root access entirely. If this is a work-related incident, talk to your boss about it if at all possible (but see below). If you call the shots, simply yank their access. The idiot is the boss himself and acts like an unguided missile. Just investigating before I give him a wake-up call. And that is exactly what I will do... Food for thought. Cheers! Love it, thanks for sharing (everyone)! I'm coming to this discussion a bit late, and in general it's true that you can't limit root's ability to read files, execute programs, fiddle with settings etc. What you can do, which has limited usefulness but might fit your specific case, is temporarily prevent root from using su to log in as another user without knowing their password. If you comment out (or remove entirely, which may slow down the other user even more, if they're unfamiliar with pam) the line authsufficient pam_rootok.so no_warn in /etc/pam.d/su, root has to meet the same requirements as any other user before using su. Of course there's nothing to stop someone with root access from editing this file, but now the problem user has to actively subvert a measure that's been taken by another sysadmin - which may provide a better starting-point for a conversation about what they're up to. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OT: Shell Script using Awk
On Sunday 02 November 2008 03:21:55 David Allen wrote: My apologies for asking on this list, but I'm stuck without Perl and need to use awk to generate a report. I'm working with a large data set spread across multiple files, but to keep things simple, say I have A Very Long String that containing records, each delimited by a single space. I need to print those records in columnar format, but with only 7 columns per line: record1 record2 record3 record4 record5 record6 record7 record08 record09 record10 record11 record12 record13 record14 Are you dead set on using awk(1)? Because my first thought would be rs(1). cat inputfile | rs 0 7 To turn your space-separated entries into 7 columns. You may need some fiddling about (to avoid running out of memory, space on the line, etc). This is one of my top three sadly-neglected BSD commands everyone should know more about, along with lam(1) and jot(1). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Broken quoting (was Re: XFCE4)
On Monday 03 November 2008 08:38:07 joeb wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 FBSD1 wrote: What port names need to be installed to create a XFCE4 desktop environment? I was looking for a mega port like kde3 has but could not identify one. Thanks in advance. I'm going to rake a random guess: x11-wm/xfce4 ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Eitan Adler Sent: Monday, November 03, 2008 12:14 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] ORG Subject: Re: XFCE4 Thank you for your random guess, but research of the ports system seem to indicate a whole suite of ports are needed to build a complete working environment. Waiting for a real user to fill in the details of what combination of ports they used to build their XFCE4 desktop. I don't know whether it's you or your email client, but your quoting is hideously broken. Please fix it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Broken quoting (was Re: XFCE4)
On Monday 03 November 2008 16:17:20 Bob McConnell wrote: [Jonathan to joeb via freebsd-questions] I don't know whether it's you or your email client, but your quoting is hideously broken. Please fix it. It's his email client. Microsoft Lookout will no longer do standard quoting and forces top posting of replies. I am also required to use it by our IT department policies and have to manually reformat each message I reply to. There used to be an option that could be set to get angle bracket quoting, but that disappeared in the update from MS-Office 2000 to 2003. The top line, -Original Message-, is the clue that he is using the Microsoft client. That is its standard separator for all replies. Yes, it is a major pain. I really do prefer Thunderbird. I'm used to seeing the original message starting with its headers in the Outlook style - that's not what's confusing me here. joeb, I don't mean to be rude but I find your posts hard to read (and I've seen others comment so as well), because instead you somehow end up with the original headers AFTER the original message, which is unexpected, and your response after that again - looking as though it belongs to the original header block. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: eps to jpg conversion - which program?
On Friday 07 November 2008 21:19, Polytropon wrote: On Fri, 07 Nov 2008 13:36:51 +0100, Laszlo Nagy [EMAIL PROTECTED] wrote: A batch solution is simple: #!/bin/sh for f in *eps; do convert ${f} `basename ${f} .eps`.jpg done You can also save yourself repeated calls to basename by using for f in *eps; do convert ${f%.eps}.jpg done Look under parameter expansion in the manpage for sh(1) (or bash(1) if you have bash installed). As far as I can tell csh/tcsh doesn't support this useful feature. Essentially, a Bourne-type shell with parameter expansion expands ${variable#prefix} or ${variable%suffix} to $variable with the prefix or suffix, respectively, removed. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: recommendation word processer for xfce
On Saturday 08 November 2008 13:55, Jerry wrote: On Fri, 7 Nov 2008 16:28:00 -0700 Chad Perrin [EMAIL PROTECTED] wrote: . . . or, as someone else pointed out, one could just learn to scroll to the end before typing. It's not that difficult -- even in Outlook. CTRLEND works like a charm also. It is amazing what people will bitch at. The same people who will spend days attempting to get a video card fully functional will find placing the cursor at the end of an email message too daunting of a task. The best response to the issue of Outlook and top-posting I've seen recently was on the London Perlmongers mailing list - although I should warn that some may find this offensive. space to protect the sensitive ... ... ... ... ... ... ... ... ... ... potentially offensive response The last I checked, cursor keys worked in Outlook just fine without any third-party hacks, so there is no reason for top-posting just because the cursor happens to be there. It's a bit like crapping in your pants because that's where your arse happens to be. -- Peter Corlett, london.pm Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: scripting text replacement
On Sunday 09 November 2008 00:02:11 Giorgos Keramidas wrote: On Sat, 8 Nov 2008 19:43:52 +0100, bsd [EMAIL PROTECTED] wrote: I have a file containing a list of items like that: line1item1 line1item2 line1item3 line2item1 line2item2 line2item3 …400 times I need to insert this into another text file using printf() items should be converted into variable looping… like that: printf Bla bla bla $1 bla bla $2 bla bla $3 bla bla $2 A little more detail about the Bla bla part may be important in our effort to help you effectively. What you seem to describe above may be trivial to do with awk(1): More detail definitely needed. When you say insert into another text file, do you mean you want to create an output file in which each line is identical bar the four parameters from the first file (in other words your bla bla bla is the same for every input line) (in which case a simple awk '{printf}' will meet the need), or are you actually doing a merge of two files where bla bla bla represents the text from the next line of the other input file and changes from line to line? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Release schedules
I've been biting my tongue about this because I'm not sure that I can offer any help or useful suggestions, but here goes... What on earth is going on with release scheduling? FreeBSD 7.1-RELEASE, according to the scheduling page at www.freebsd.org, should have had a Release Candidate published two months ago, on 13 September. Instead we're still on a Beta - BETA-2, which isn't mentioned in the original schedule. The todo list which has appeared on the website in previous releases isn't available this time, so I can't even get a feel for the likely cause of the holdup. As I said, I hate to stand on the sidelines and heckle when I'm not doing anything to contribute to the release, but the timetable has slipped badly and I don't feel I can find information about the reasons or the revised timings. What exactly is going on, and is there anything a busy sysadmin, poor in time, bandwidth and C skills, can do to help with either the release itself or the apparent scheduling/communication issues? (I've sent this to -questions rather than -stable because it seems to be an ongoing problem with the timetabling of releases.) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Release schedules
On Wednesday 12 November 2008 14:01:47 Roland Smith wrote: On Wed, Nov 12, 2008 at 12:59:24PM +0200, Jonathan McKeown wrote: I've been biting my tongue about this because I'm not sure that I can offer any help or useful suggestions, but here goes... What on earth is going on with release scheduling? Two words: volunteer project Oh, I fully understand that, which is why I also asked whether there's anything I can do to help, with my meagre abilities and resources. This wasn't intended to demean the efforts of the release team at all; it was more a plea for better communication when delays start to accumulate. I would propose to do away with the release schedule altogether, or make it very succinct; next release: when it's done. Yes - but is it not possible to estimate (and as a long-suffering sysadmin, I know I'm on shaky ground here after some of the estimated schedules I've given my management and my users!) roughly how far off we are? Even the old todo list on the website offered some guide. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: host based authetication with OpenLDAP and FreeBSD
On Friday 14 November 2008 14:32, O. Hartmann wrote: Hello, I have a OT question and maybe some of the FreeBSD server admins here can help me out. [snip] Having nss_ldap and pam_ldap installed on every single FreeBSD server/box which is capable of being accessed I found in etc/ldap.conf the tags 'pam_filter' and 'pam_check_host_attr'. Setting latter to 'yes' implies having the 'host' attribute in each user's object located in OpenLDAP's DIT for the specific domain. But objectClass=account seems to conflict with objectClass=organizationalPeople which is a must in our configuration, so the host attribute is not of any further investigation. Did you not like the answer I gave you in April when you asked essentially the same question? http://lists.freebsd.org/pipermail/freebsd-questions/2008-April/174152.html For posterity (again) the extensibleObject auxiliary objectClass was introduced for precisely this reason - so that you could add any attribute the server knows about to an existing object which otherwise couldn't hold it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php5 Only IE Users can View Pages.
On Friday 14 November 2008 19:36, Martin McCormick wrote: I inherited a mrtg application thatnow is running on a FreeBSD6.3 system. Clients report that one can see the php pages when using Internet Explorer but not other browsers that should display the pages. Those customers see raw code. Any suggestion as to what I should be looking for? Hi Martin Bear in mind I'm answering off the top of my head, so you may need to do some digging. I have a feeling that Internet Explorer ignores the Content-Type header from the server and displays what it thinks you should see. If the server is not configured with a MIME type for .php, the default with Apache is to send the pages with a MIME type of text/plain. Internet Explorer will ignore this, interpret the page as HTML and display it, whereas almost every other browser will obey the server's instruction and therefore display the raw HTML as plain text without any interpretation. Check whether Apache has an AddType application/x-httpd-php .php line or similar in the config file. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ascii text format
On Friday 21 November 2008 12:49:16 pwn wrote: algouth this is not a freebsd specific text, i need to format some texts under freebsd for they appear in the center of the page when opened in a browser, but i dont want to use HTML for format them, i just want to add tabulation to my *.txt. what software/tool can i use for format my *.txt? there is command on VIM like set textwidth but this is not suitable for me. any help i appreciate. i add an example on a temporary host for make sure all understand. (i need to format the text for he appear like the example good.txt) http://one.xthost.info/temphost/good.txt http://one.xthost.info/temphost/bad.txt You seem to be fighting against your tools rather than working with them - the browser will strip out your whitespace and reflow your text anyway unless you prevent it somehow (pre tags?) so you might be better off just using HTML/CSS to control the format. However, you could look at various tools for processing text, depending exactly what you're trying to do: the manpages for fmt, groff, and pr might all offer some ideas. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: process always running
On Thursday 27 November 2008 15:46:58 Dominik Meister wrote: Hi Gian Paolo Buono [Thu, Nov 27, 2008 at 02:05:44PM +0100]: there is a method in freebsd for restart process whenever it terminates ? I use in linux respawn in inittab... One possibility that comes to mind is using daemontools [0]. Should be in ports but there are probably easier ways to achieve this. I've never tried it, but according to the manpage for init(8) you can get the same effect as a respawn entry in a sysV inittab by putting the command in /etc/ttys. Perhaps someone who's done it could comment? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Release schedules
On Friday 12 December 2008 19:26, Sean Cavanaugh wrote: -- From: Joe S js.li...@gmail.com Sent: Friday, December 12, 2008 12:20 PM To: Roland Smith rsm...@xs4all.nl Cc: freebsd-questions@freebsd.org; Jonathan McKeown jonathan+freebsd-questi...@hst.org.za Subject: Re: Release schedules On Wed, Nov 12, 2008 at 4:01 AM, Roland Smith rsm...@xs4all.nl wrote: On Wed, Nov 12, 2008 at 12:59:24PM +0200, Jonathan McKeown wrote: I've been biting my tongue about this because I'm not sure that I can offer any help or useful suggestions, but here goes... What on earth is going on with release scheduling? Two words: volunteer project I would propose to do away with the release schedule altogether, or make it very succinct; next release: when it's done. What? Isn't that the Linux kernel schedule? Give me a break. The OpenBSD team of volunteers makes a new release every six months, with target release dates in May and November. I can't recall a slip of even one day. I know, this isn't OpenBSD, but it proves that a regular release schedule is indeed possible. also remember that 6.4 was being worked on at the same time. there's only a finite number of people to spread across both projects. finalization of 7.1 should come faster as 6.4 has been released According to http://www.freebsd.org/releases/7.1R/schedule.html , the ports tree was frozen on 8 September, tagged on 22 September and unfrozen. (I see elsewhere in this thread someone saying it's still frozen - I'm not sure which statement is correct). 7.1-RELEASE should have been done a couple of weeks later - early in October for announcement on 13 October. We are now looking at a release in January. That's not a few days or even a few weeks late - it's almost four months late; and 7.1-RELEASE will ship with a ports tree that's almost 5 months out of date. Not only that - it's shipping mere weeks before the end-of-life for 7.0-RELEASE (currently 28 Feb 2009). I have been watching the web page and freebsd-stable. There has been no obvious indication of the reason for the delays or the expected duration. (For earlier releases, there was a todo page linked from the release webpage which listed areas needing more work and areas needing testing). The -RC1 release announcement finally acknowledged that there had been a number of major problems, not all of which have been fully addressed yet. As a community, we should be ashamed of this: ``volunteer effort'' just isn't a good enough excuse - and those of us who haven't volunteered need to find out how we can help get things back on track for the next release. When I first raised this, I asked if there was anything I could do to help the release engineering team with communication. Zbigniew Szalbot made a similar offer. I really think that once 7.1 is out, we (collectively) need to have a long hard look at the release process and make sure this doesn't happen again (and again and again and again - it's not the first time that I've scheduled work around release dates and ended up being embarrassed or having to do jobs twice, with a pre-release and then again when the release arrives.) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sed question
On Monday 22 December 2008 00:27:44 Gary Kline wrote: anyway, this is one for giiorgos, or another perl wiz. i've been using the perl subsitution cmd one-liner for years with unfailing success. is there a way of deleting lines with perl using the same idea as: perl -pi.bak -e 's/OLDSTRING/NEWSTRING/g' file1 file2 fileN For a single file it's very easy: perl -ne 'print unless 8..10' filename will print every line except lines 8, 9 and 10. The .. or range operator (in scalar context) is a sort of flip-flop. It keeps its own state, which is either true or false. When it's false it only evaluates its left-hand argument; when it's true it only evaluates its right-hand argument; and whenever the argument it's currently looking at returns true, the expression changes state. If the argument is an integer, it's treated as a comparison against the current line number, $. ; so the first expression, 8..10, means ($. == 8) .. ($. == 10) It's false to start with, until ($. == 8) returns true (on line 8); it becomes true and remains true until ($. == 10) returns true (on line 10), when it becomes false again and remains false until it next sees line number 8. You can also use more complicated tests in the range operator: perl -ne 'print unless /START/ .. /END/' will find each line containing the word START anywhere, and delete from that line to the next line containing END (inclusive of both endpoints) - this will work for multiple occurrences of START and END in your file. There are two problems if you string multiple files together on the command line: first, if you're using line numbers, the line number doesn't reset between files unless you do an explicit close on each file. The bigger problem is if you have a file in which the second condition doesn't occur (a file with only 9 lines in the first example, or a file with a START and no corresponding END in the second case): the range operator will stay true until it sees the ending condition in the next file, meaning you'll lose the first ten lines in the numeric case, or every line from the top of file to the first END in the second case. To get round these two problems, you need to test for eof in the range operator, and close each file when it hits eof to reset the line count. perl -ne 'print unless 8 .. $. == 10 || eof; close ARGV if eof' file[1-n] perl -ne 'print unless /START/../END/ || eof; close ARGV if eof' file[1-n] There's some hairy precedence in the first range expression: a useful tip for checking that you've got it right (and indeed in general for checking that a bit of Perl does what you think it does) is the B::Deparse core module, which you call like this: perl -MO=Deparse,-p -e 'print unless 8 .. $. == 10 || eof' which outputs ((8 .. (($. == 10) || eof)) or print($_)); -e syntax OK The ,-p argument to -MO=Deparse tells it to put in parentheses everywhere. If you're like me and like to leave them all out, feed your expression to Deparse with all the parens in and leave off the ,-p argument: Deparse will get rid of all the unnecessary ones: $ perl -MO=Deparse -e 'print unless (8 .. (($. == 10) or eof))' print $_ unless 8 .. $. == 10 || eof; -e syntax OK Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to copy only skeleton files while creating a existing user's homes directory?
On Friday 16 January 2009 12:48:38 O. Hartmann wrote: Hello, I have the following situation: Users are stored in OpenLDAP. I need to create homes directories on new machine memebers in the pool of workstations and do not want the usage of an automated creation of loggin in user via pam_mkhomedir. Creation should be done manually. My question: is it possible to use a FreeBSD tool/command like 'pw(8)' only for copying and initiating an existant user's home? I tried simply pw useradd USER -m -b /homes/ for that purpose, but pw errors me saying the user USER already exists (is a OpenLDAP user). Try usermod instead of useradd. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: KDE: What a monster!
On Monday 26 January 2009 17:02:05 n j wrote: Linus Torvalds on KDE4... [quote] A: I used to be a KDE user. I thought KDE 4.0 was such a disaster I switched to GNOME. I hate the fact that my right button doesn't do what I want it to do. But the whole break everything model is painful for users and they can choose to use something else. I realise the reason for the 4.0 release, but I think they did it badly. They did so many changes it was a half-baked release. It may turn out to be the right decision in the end and I will re-try KDE, but I suspect I'm not the only person they lost. I've seen it suggested that KDE4 is faster than KDE3. I'm running FreeBSD 7.0 - granted, my machine is not brand-new: it's a P4 1.8GHz with 512MB of RAM and an NVidia GeForce MX4000 (I mention the graphics card because the latest NVidia binary driver doesn't support it). KDE3.5 does what I want my window manager to do - keeps out of my way and works snappily enough that I don't notice it. I recently installed PCBSD7.02, which uses KDE4.1. It's unusable. For example, with only two applications running - the KBreakout game and the Psi Jabber/XMPP client - the game was unplayable because each time Psi received an incoming chat or event, the game froze for a second or two while KDE struggled to open the chat window. The claim that KDE4 is faster than KDE3 is frankly incredible to me. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: can i split a pdf file?
On Monday 26 January 2009 09:17:05 Andrew Robinson wrote: Message: 2 Date: Sun, 25 Jan 2009 20:20:51 -0500 From: Chuck Robey chu...@telenix.org Subject: Re: can i split a pdf file? To: FreeBSD Mailing List freebsd-questions@FreeBSD.ORG Message-ID: 497d0ff3.6090...@telenix.org Content-Type: text/plain; charset=ISO-8859-1 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Charlie Kester wrote: On Sun 25 Jan 2009 at 16:18:26 PST Gary Kline wrote: Is there a way to split a large pdf file into smaller [ say 1MB ] chunks? Or are there open source tools out there that i can build? [various suggestions including pdfmerge and psnup from ports] Alternatively, if you have a reasonably complete TeX installation (I'm still using teTeX), check whether you have texexec installed - which can extract pages from PDFs. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: shell commands - exclusion
On Friday 06 February 2009 02:55, Chris Whitehouse wrote: I think you should be able to do it with a combination of -prune and -delete (or -exec rm -rf {} \; ) on a find command. Substitute your other commands for rm -rf in the -exec above. I would give you a working example except I can't figure out the syntax for -prune. Examples from google don't seem to work in (my) FreeBSD. [skip to the end for a simple answer without the lengthy exposition] find(1) can be confusing, especially if you think of the ``actions'' ( -print, -exec and -delete plus their variants like -ls and -ok ) as something different from the ``tests'' ( -name and so on), or if you don't take account of the evaluation order. A find expression comprises a number of what the manpage calls primaries, each of which evaluates as true or false. (It may also have a side-effect, like -print whose side-effect is to print the name). Primaries can be combined with -and (which is usually implied) or -or. Where -and and -or both occur, find will group the -anded primaries together before evaluation. Taking one of your examples below, find . -print -or -prune -name dir1 this is grouped as find . -print -or \( -prune -and -name dir1 \) find will then evaluate the whole expression from left to right for each pathname in the tree it's looking at, stopping within each set of (implied) parentheses and within the overall expression as soon as it can determine truth or falsehood. (This is what's referred to in programming as short-circuiting in boolean expressions). If primaries are linked by -and, find can stop at the first one that's false, knowing the expression is false; if they're linked by -or it can stop at the first one that's true, knowing the expression is true. Otherwise it has to evaluate the whole expression. Before it does this, though, find checks for side-effects. If there isn't a side-effect anywhere in your expression, find will put brackets round the whole expression and a -print after it. Looking at your examples: chr...@pcbsd% find . (No expression). Find adds a -print, so this is the same as the next one: chr...@pcbsd% find . -print . ./test.mov ./test.mpg ./dir1 ./dir1/file1 ./dir1/file2 ./file3 -print is always true so the expression is true for each name - they get printed as a side-effect. chr...@pcbsd% find . -print -o -prune dir1 find: dir1: unknown option -prune doesn't take an argument, so dir1 is a syntax error. chr...@pcbsd% find . -print -o -prune -name dir1 find evaluates the print, which prints each name as its side-effect. -print evaluates as true. Since it's in an -or, find can stop there, so it never sees the second expression ( -prune -and -name dir1: the -and is implicit). . ./test.mov ./test.mpg ./dir1 ./dir1/file1 ./dir1/file2 ./file3 chr...@pcbsd% find . -print -o -name dir1 -prune Same again: find stops after the -print which is always true, and ignores the -name dir1 -and -prune. chr...@pcbsd% find . -name * -o -name dir1 -prune None of these primaries has a side-effect, so find rewrites this internally as find . \( -name * -or -name dir1 -prune \) -print -name * is always true, so find can ignore everything after the -or up to the parenthesis. Because the first expression is true, and the parens are followed by (an implied) -and, find has to evaluate the -print, which is always true, so the whole expression is always true and it always prints the name as a side-effect. . ./test.mov ./test.mpg ./dir1 ./dir1/file1 ./dir1/file2 ./file3 What you need is an expression with two outcomes: a -prune for some names and a -print for others. That tells you you need an -or, and the -print must come after it because it's always true. Before the -or, -prune is always true so you need some sort of testing primary before the -prune. That gives you find . -name dir1 -prune -or -print Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sh parameter substitution problem
On Wednesday 11 February 2009 12:47:17 Ian Smith wrote: I'm getting nowhere trying to parse out IP addresses from strings of this form in /bin/sh, which have been awk'd out of 'tail named.run': addr='195.68.176.4#1440:' addr='195.68.176.4#16811:' addr='195.68.176.4#276:' sh(1) in hand, I've tried: ip=${addr:%#*} ip=${addr:%%#*} ip=${addr:%[#]*} ip=${addr:%%[#]*} but all of these report './testbit: 7: Syntax error: Bad substitution' Take out the : in the parameter expansion. $ addr='195.68.176.4#1440:'; ip=${addr%#*}; echo $ip 195.68.176.4 : is for supplying default values or an error for unset variables. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thursday 12 February 2009 03:07:42 Paul Schmehl wrote: Sorry if I wasn't clear. I wasn't suggesting that the *users* chgrp the files. Keith would do that as root. Then he sets the setgid bit to www (or whatever the web user is), and from that point going forward any files created by the user would be user:www instead of user:user. Set the umask to 027, and world has no readability. This is exactly how I used to handle some files on a webserver that I maintain that other people needed to be able to edit, add and delete files from. Once the sgid bit is set, the group membership of the files remains www no matter what user creates/touches a file. Erm, isn't this only true for Linux and other SysV-type systems? Unless I'm remembering wrong, in FreeBSD files are always created with group ownership the same as the directory they're created in - so all you need to do is change the group ownership of the directory (which has to be done by root). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting users to their own home directories / not letting users view other users files...?
On Thursday 12 February 2009 19:15:21 Paul Schmehl wrote: If you set the world readable bit, you break the entire schema. To make it work, world must have no access - not even directory search access. So you set u=rwx,g=srx,o-rwx (or 2750), for homedirs and u=rw,g=sr,o-rwx (or 2640) for files. To maintain the schema you would also need to change the users' umask to 027 or (script a perm change periodically to remove the world bits from new files.) If you want to get more granular, you can set the homedirs and all subdirs to owner:owner and only set the public_html dir and its subdirs to owner:www. The key is to remove the world access from the homedirs and everything under them, set the group to www, setgid and change the umask. setgid on the directory is a SysV-ism to switch on BSD behaviour. FreeBSD always sets group ownership of files to the group of the directory they're created in, so all you need to do is change the ownership of the directory and the umask. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: new package system proposal
On Tuesday 07 April 2009 23:35:03 Bob Johnson wrote: On 4/4/09, Chris Whitehouse cwhi...@onetel.com wrote: Hi all [...] My suggestion is to start with a ports tree that is fixed in time. Make that ports tree available as part of this package system and compile a typical desktop set of ports, particularly choosing ones which are large or have many dependencies. When it is all complete release it and start again. Surely quite a wide selection of desktops, wm's and apps could be compiled in a couple of weeks? How is it an improvement over the existing tools? I must be missing something, because it sounds to me like you are merely asking that there be more ports made available as packages than are now offered. I think what you're missing is the suggestion to bundle a set of pre-built packages with a snapshot of the ports tree used to build them. Currently it's difficult to mix and match packages and ports because the versions of dependencies are likely to differ between the package and the local version of the ports tree. If you know you have the same ports tree your packages were built from, you can much more easily combine pre-built packages and local builds from source. This has clear advantages. At the moment, unless you're very lucky with your timing, you tend to find that as soon as you want to build one port from source (perhaps to fiddle with the configuration) you have to stop using prebuilt packages altogether. The drawback I can see is the disk space required to keep several generations of packages online - if the package-port bundle is rebuilt every three weeks, let's say, and you want to keep 6 months' worth of packages online, you need to keep 9 complete versions available. Chris's suggestion is certainly more than just a request for more packages, though. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: new package system proposal
On Wednesday 08 April 2009 21:24:00 Bob Johnson wrote: PC-BSD seems to already keep up-to-date binary packages of their applications. Do they accomplish that by only offering a small subset of the full ports collection? Yes - have a look at http://www.pbidir.com/. I installed PC-BSD on a spare machine to investigate it. The first three ports/metaports I tried to install after completing the base setup were emacs, TeTeX and the Psi Jabber/XMPP client. None of those was available, and after seeing how few prebuilt packages there were in all categories, I gave up. My personal view is that PC-BSD gives the end user an impressive and reasonably slick computer-as-appliance with some ability to customise and still stay ``on the path''. For people who need that, PC-BSD is what they need. My feeling, though, is that anyone who finds themselves wanting to install a bunch of stuff from outside the PBI system (in other words, from ports, which are still there under the hood of PC-BSD) will soon want to switch to mainstream FreeBSD. As such PC-BSD has the potential to be an effective ``gateway drug''(!) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: make run-depends-list-recursive?
On Tuesday 14 April 2009 21:02:08 Mel Flynn wrote: On Monday 13 April 2009 03:56:15 Tim Judd wrote: make all-depends-list Two things: 1) It surpresses config target and if a port has OPTIONS set, then you may get surprised once you've configured the port and ticked/unticked an option I'm not sure what you're saying here, but if you want to avoid a surprise you can run make config to choose options, then re-run make all-depends-list: the dependency list changes according to the config options. This is occasionally useful - for example it's how I found out that security/krb5 can be prevented from bringing in the whole of teTeX and its dependencies: just unselect the documentation (which is selected by default). (On a separate note, does it strike anyone else as a bit excessive to install teTeX - which is well over 100MB of download not counting its own dependencies - behind the scenes as part of installing documentation?) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Can't log-in anymore
On Wednesday 15 April 2009 03:58:08 Ruel Luchavez wrote: Hi.. I know someoene here can help fix my biggest problem so far. I can't log-in any more in my FreebSD box the serverver always complain /libexec/ld-elf.so.1:shared object lib.so.7 not found, required by sh Enter full pathname of shell or RETURN fro /bin/sh: I press enter but nothing happens it always came back with that prompt. I'm not sure if there is something wrong with the library but few hours before that happens I can still log-in on my box. Any idea guys? I can't log-in anymore.. /bin/sh is dynamically linked - if you've blown away the library you have a problem. You should be able to get in using /rescue/sh, which is statically linked, but to get the system back I think you're going to need more hands-on help than you can get here; either that or you're going to have to provide more detail about exactly what you were doing. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: make run-depends-list-recursive?
On Thursday 16 April 2009 12:27:04 Mel Flynn wrote: But yes, all-depends-list is exactly that, with the provision that it does not take changed OPTIONS into account. That's what I suspected you were saying yesterday, and it seems to be wrong. Try this (assuming you haven't already configured/installed net/freeradius2 and security/krb5) cd /usr/ports/net/freeradius2 make all-depends-list make config# select Kerberos make all-depends-list make -C /usr/ports/security/krb5 config# unselect documentation for krb5 make all-depends-list make -C /usr/ports/security/krb5 rmconfig make rmconfig You will get three different lists of dependencies: in the first case, the main port (net/freeradius2) has the default OPTIONS and doesn't depend on security/krb5 or its dependencies. In the second case you will find teTeX and its dependencies in the list as they are dependencies of krb5 in its default setting. In the third case, you have changed an OPTION of security/krb5 to remove its dependency on teTeX, and net/freeradius2 correctly removes the teTeX dependency from its all-depends-list. This certainly looks like all-depends-list correctly taking account of the changed OPTIONS in the target port and all its dependencies. What *is* a problem is make config-recursive, which doesn't take account of any dependencies added as a result of OPTIONS changes made during the config-recursive process. This is relatively easily fixed, as make config-recursive actually runs make config-conditional for everything in all-depends-list, so if you keep running make config-recursive until nothing happens you can be reasonably sure you've dealt with all the unexpected dialogues that might otherwise pop up. This is worth knowing if you like doing overnight unattended installs and don't want to accept default settings (so can't use BATCH=yes). Until I discovered it I had immense frustration setting an installation/upgrade running only to come back the next day and find a dialogue sitting on the screen. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dislike the way port conflicts are handled now
On Sunday 17 January 2010 10:24:43 Matthew Seaman wrote: Ion-Mihai Tetcu wrote: I'd be very happy if I could: - fetch the distfiles, even if I have a conflicting port installed - be able to use portmaster -o to switch from one port to an other one that conflicts with it. - be able to at least compile a port (eg. for testing) without having to de-install the current one. I'm all in favor of restoring the old behavior with a switch available to turn on the new one. +1 Although a big fat warning message at fetch or build phase when operating on a port with conflicts wouldn't go amiss. I'd agree with this too. The idea of the change seems to be to protect people from wasting time downloading and building something which they can't install without resolving a conflict. How exactly was that wasted time? Surely you don't download and build a port you're not going to install? What the change actually does is penalise people who want to download and build regardless of conflicts, to reduce the time between uninstalling the conflicting port and being able to install the replacement. This seems to me to be a very badly thought-out change which should be reverted. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dislike the way port conflicts are handled now
On Monday 18 January 2010 17:48:37 b. f. wrote: Argh! Stop! I wish that people who felt the need to add to this thread would read the prior posts beforehand, and consider their comments before posting. I don't know why you assume people didn't. I read the whole thread. I saw people who had individual special requirements, but I didn't see anything that suggested I was wrong in assuming the most common use case, by far, to be downloading and building a port in order to install it. Assuming that *is* indeed the commonest use case, this change makes life a little more difficult for almost everyone in order to save possibly as much as tens of minutes of wasted time for a few people. Worse than that, the new behaviour either increases downtime (by requiring that the conflicting port be removed before even starting to download the replacement) or requires, as you pointed out, setting a risky option which if accidentally misused, could break the whole system. I still think it's an ill-considered change for the worse to make the new behaviour the default. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Perl 5.8 - 5.10 On Current Production System
On Thursday 04 March 2010 19:13:36 Matthew Seaman wrote: You got bitten by an ill-considered change introduced after the UPDATING instructions were written. To work around it, you need to set DISABLE_CONFLICTS when rebuilding the port, eg like this: # portupgrade -m DISABLE_CONFLICTS=yes -o lang/perl5.10 -f perl-5.8\.* Please feel free to complain volubly about this: it's hand-holding for newbies which annoys and incoveniences the vastly larger number of non-newbies (ie. anyone who has been using the ports for more than a few weeks.) Has this absolutely ludicrous change not been reverted with extreme prejudice yet? And is there a PR where we can add interesting suggestions as to what miseries should be inflicted on the person responsible for it? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to get hints of software installed by Ports ?
On Friday 05 March 2010 16:20:36 Aaron Lewis wrote: Hi, I installed some software from ports today , and it outputs some useful information when finished. e.g where its config file is Due to some mistakes , i lost these important information , how do i see it again ? Is there any tricks to show out it directly ? I don't want to install it again .. Any ideas will appreciate ;-) pkg_info -D ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Booting MFS from Secondary Partition
On Saturday 06 March 2010 15:02:20 Martin McCormick wrote: Fbsd1 writes: just dd the image to what ever drive you want That is the goal. The challenge is to launch a script that detects when the boot device has been unmounted as dd will not work on an active file system. Martin it may or may not work, but there's a sysctl for the geom subsystem which might do what you want. sysctl kern.geom.debugflags=16 This used to be used (for all i know still can be) to allow writing metadata for (eg) building a gmirror on a mounted disk - it's often referred to as the ``allow-footshooting'' flag. That might allow you to dd your image onto the mounted disk - i'd either try it with a handy spare system or wait for someone more expert than i to comment, though. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Freebsd, postfix and push email
On Tuesday 30 March 2010 09:31:00 Matthew Seaman wrote: On 30/03/2010 03:01:27, Tim Judd wrote: I've never heard of either, but when I configure my IMAP server and put any mail client to it, as soon as a mail is delivered, the mail client is notified. That's the IDLE extension to IMAPv4 -- it's not a push protocol as such: the client still has to log into the server rather than vice versa, but once the client has read all the available e-mail, it can put itself into an idle state, and the server will wake it up as soon as any new e-mail comes in. Yes. In fact, one of the nice things about IMAPrev4 as a protocol is that the server is allowed (in fact, required by rfc3501) to notify the client if the mailbox size increases while executing any command, by sending an EXISTS response which the client is required to handle. IDLE is just a command that takes a long time to execute (specifically, until the client ends it or the server's time limit is reached) so that the server has to send EXISTS responses whenever mail comes in. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: usage of /usr/bin
On Wednesday 07 April 2010 11:13:13 Fbsd1 wrote: Polytropon wrote: On Wed, 07 Apr 2010 15:24:51 +0800, Fbsd1 fb...@a1poweruser.com wrote: Why are there RELEASE base files in /usr/bin. I thought /usr was to only contain binaries installed from ports or packages. No. The /usr/local subtree (LOCAL) is for local additions (ports and packages), while things outside this structure usually belong to the system itself; I'm excluding mounted filesystem and other things here for a moment. [snip] But that is not true. The postfix port populates /usr/bin. I haven't installed postfix, but is this possibly related to the recently (2010-03-22) added option to install postfix into the base? In which case the commit six days later claims to correct a problem with the default (non-base) install. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix in base system
On Wednesday 07 April 2010 13:34:07 Jerry wrote: I noticed that someone in another thread mentioned: quote (2010-03-22) added option to install Postfix into the base /quote I have not been able to locate that item. Could someone list the URL for that notice or tell me where to look for it? :-? Thanks %-\ I found it in the cvsweb interface to the ports tree: http://www.freebsd.org/cgi/cvsweb.cgi/ports/mail/postfix/Makefile Which lists rev1.155 with the commit message: Add an option to install into the base, and related support HTH Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Established method to enable suid scripts?
On Wednesday 11 May 2011 04:19:29 Devin Teske wrote: The reason that the suid bit doesn't work on scripts (shell, perl, or otherwise) is because these are essentially text files that are interpreted by their associated interpreter. It is the interpreter itself that must be suid. I'm pretty sure that's not the case, although I'm open to correction. The reason the system ignores the suid bit on a script is because of what would happen when it's executed: 1) the script is read from a file called filename and the system notices that it needs to be interpreted by another program. 2) that program is launched and told to re-open the file named filename and execute its contents with suid privilege. The problem is a race condition: there's no guarantee that the filename opened by the interpreter in step 2 is the same file the user executed in step 1. There are two common ways round this: ignore the suid bit; or arrange within the OS to pass a handle to the original file rather than a filename so that the script can't be changed out from under the interpreter. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Established method to enable suid scripts?
On Thursday 12 May 2011 16:13:50 Chris Telting wrote: On 05/11/2011 07:14, Jerry McAllister wrote: On Tue, May 10, 2011 at 05:54:04PM -0700, Chris Telting wrote: I've googled for over an hour. I'm not looking to get into a discussion on security or previous bugs that are currently fixed. Suid in and of itself is a security issue. But if you are using suid it it should work; I don't want to use a kludge and I don't want to use sudo. I'm hoping it's a setting that is just disabled by default. My understanding is that in general the system does not allow SUID on scripts. The way I have gotten around that (a long time ago) was to create a small binary that exec's the script and making the binary SUID. Well it's all hacks and in my not so humble option like chasing your tail. The assumption is that if someone creates an executable (assumption is programming is C) they are more credible not to make mistakes. That's a fallacy and just plain nuts. And I'm an interpreted language snob saying that. Suid is either allowable or not and should be a sysctl and apply equally to binaries and scripts. Yet another thing to add to my project list. Anyone know of an established patch for fix this freebsd issue or am I yet again going to have to create my own? Have you appreciated the issue with suid on scripts? It's nothing at all to do with whether someone writing a compiled language is a better programmer than someone writing an interpreted language. When the OS launches a binary, the file containing the program is opened once. When the OS launches an interpreted program, the file is opened once to find out which interpreter to run, and then the interpreter is told to re-open the same filename - whose contents might meanwhile have changed. I'll say that again. It is inherently insecure to run an interpreted program set-uid, because the filename is opened twice and there's no guarantee that someone hasn't changed the contents of the file addressed by that name between the first and second open. It's one thing to tell people they need to be careful with suid because it has security implications. Deliberately introducing a well-known security hole into the system would in my view be dangerous and wrong. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Established method to enable suid scripts?
On Thursday 12 May 2011 17:26:49 Chris Telting wrote: On 05/12/2011 07:57, Jonathan McKeown wrote: I'll say that again. It is inherently insecure to run an interpreted program set-uid, because the filename is opened twice and there's no guarantee that someone hasn't changed the contents of the file addressed by that name between the first and second open. It's one thing to tell people they need to be careful with suid because it has security implications. Deliberately introducing a well-known security hole into the system would in my view be dangerous and wrong. That race condition bug was fixed in ancient times. Before Freebsd or Linux ever existed I believe. It's a meme that just won't die. People accepted mediocrity in old commercial versions of Unix. I personally am unsatisfied by kludges. That seems somewhat unlikely given, as someone else pointed out upthread, that Perl still comes with a compile-time option SETUID_SCRIPTS_ARE_SECURE_NOW, suggesting that they often aren't. Yes, there are ways to avoid this race condition - the usual one is to pass a handle on the open file to the interpreter, rather than closing it and reopening it. This fix is not present in every Unix or Unix-like OS. In particular (although I'm happy to be corrected if I'm wrong) it's not present in FreeBSD, to the best of my knowledge. Whether there's a reason for that other than lack of developer time I don't know. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Using the Packages System' international
On Tuesday 16 August 2011 12:13:24 Amanda Lynn wrote: Hi! [snip] Regards, Amanda Lynn +(360) 488-0303 Google the phone number. This has cropped up here before iirc - I'm not sure exactly what the scam is, but scam it is. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: When a System Dies; Getting back in operation again.
On Friday 01 May 2009 22:43:51 Jerry McAllister wrote: On Fri, May 01, 2009 at 12:07:22PM -0500, Martin McCormick wrote: Let's say we have a system that is backed up regularly and it vanishes in a puff of smoke one day. One can get FreeBSD installed on a new drive in maybe half an hour or so but we also need to get back to the right patch level and then we can say we are back where we started. What you want to do is use the fixit image to set up the disk. That means fdisk and bsdlabel and newfs it. You can actually use sysinstall to do this as well. Just let the installer come up and do the disk stuff, choose minimal install and then after it finishes making the disks, kill the rest of the install (or just let it finish and then overwrite it. But, I find it actually easier to do the fdisk, bsdlabel and newfs-s myself. But, then I am used to it. Right after you get done making sure where your fixit is living, then use fdisk and bsdlabel to check for the way you have the disk set up currently. Write it down or print it out and keep it near that installation/fixit disk. [Lots of good stuff about creating the partitions] Now all you have to do is newfs each partition. Just take the defaults. Remember that newfs wants the full device spec, not just the drive identifier. If you have kept the right information beforehand, you can actually restore your dumps onto ``bare metal'' without doing a partial install first, and with the same newfs settings for each partition as you originally had. You need to use bsdlabel and dumpfs -m and keep the output for rebuilding. The rest of this message is the details. On your running system, create and keep two files. My system has one slice, ad6s1, and the usual partitions - a for root, d for /tmp, e for /var, f for /usr, and I've shown the commands you need, and the resulting file contents on my current system, below: bsdlabel ad6s1 ad6s1.label ad6s1.label contains: # /dev/ad6s1: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 104857604.2BSD 2048 16384 8 b: 8388608 1048576 swap c: 1562963220unused0 0 # raw part, don't edit d: 20971520 94371844.2BSD 2048 16384 28552 e: 1048576 304087044.2BSD 2048 16384 8 f: 124839042 314572804.2BSD 2048 16384 28552 I usually put all the spare space on a disk into /usr, so changing the first field on the f: line (the size) from 124839042 to * tells bsdlabel to do exactly that in case the replacement disk is a different size from the original. We now need the newfs settings for all the 4.2BSD filesystems except c, so (in sh syntax) for i in a d e f; do dumpfs -m ad6s1$i; done newfscmds.ad6s1 newfscmds.ad6s1 now contains: # newfs command for ad6s1a (/dev/ad6s1a) newfs -O 2 -a 8 -b 16384 -d 16384 -e 2048 -f 2048 -g 16384 -h 64 -m 8 -o time -s 262144 /dev/ad6s1a # newfs command for ad6s1d (/dev/ad6s1d) newfs -O 2 -U -a 8 -b 16384 -d 16384 -e 2048 -f 2048 -g 16384 -h 64 -m 8 -o time -s 5242880 /dev/ad6s1d # newfs command for ad6s1e (/dev/ad6s1e) newfs -O 2 -U -a 8 -b 16384 -d 16384 -e 2048 -f 2048 -g 16384 -h 64 -m 8 -o time -s 262144 /dev/ad6s1e # newfs command for ad6s1f (/dev/ad6s1f) newfs -O 2 -U -a 8 -b 16384 -d 16384 -e 2048 -f 2048 -g 16384 -h 64 -m 8 -o time -s 31209760 /dev/ad6s1f take out the -s 31209760 in the command for ad6s1f (this is the size of the new filesystem and it defaults to the size of the partition - which we made to take up the rest of the disk). Now you can save these two files somewhere. When it comes to a catastrophic failure and restore, boot a liveCD. Use fdisk to create your single large slice on the new disk with fdisk -BI ad6 Use bsdlabel -R ad6s1 ad6s1.label to restore the disklabel. If your device name is different from before, you need to edit newfscmds.ad6s1 to change the ad6 to the new device name wherever it occurs, but you then run the newfs commands in the file to create your filesystems with the same parameters (softupdates on/off, etc) as before. You now have the basic structure of your previous disk, ready to have the root, /var/ and /usr dumps restored to make a running system identical to the destroyed one, with one last step: bsdlabel -B ad6s1 to put the boot code on the slice. (I haven't tried this bit, so if you're going to use the boot code from your root partition, which is stored at /boot/boot, you'll need to check whether you can run bsdlabel -B on a mounted disk. If you can, the command would be bsdlabel -B -b /mnt/boot/boot /dev/ad6s1 assuming you mounted /dev/ad6s1a on /mnt). If you have a different device name, of course, you also need to edit your fstab before rebooting. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to
Re: When a System Dies; Getting back in operation again.
On Monday 04 May 2009 15:59:14 Jerry McAllister wrote: On Mon, May 04, 2009 at 10:31:16AM +0200, Jonathan McKeown wrote: If you have kept the right information beforehand, you can actually restore your dumps onto ``bare metal'' without doing a partial install first, and with the same newfs settings for each partition as you originally had. You need to use bsdlabel and dumpfs -m and keep the output for rebuilding. The rest of this message is the details. If you have a specific reason to want your new filesystems' to have identical superblock info, you can use dumpfs -m, but you don't need to worry about all that. Just fdisk, bsdlabel and then let newfs take its defaults. Which of your filesystems currently has softupdates disabled? You may not care - but the point is that using dumpfs in the way I described will preserve that information (along with all the other tuning options) for people who do care. If you're restoring a complete machine from backup, the less you have to think about, the better. Knowing that my filesystems are going to be restored with whatever tuning options I was previously running with, without my having to try and remember, gives me peace of mind ahead of time. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: single SATA disk and yet identified as 'ad4'
On Monday 11 May 2009 21:38:50 Saifi Khan wrote: Hi all: The system has just one SATA disk and yet bootloader process identified it as 'ad4'. Ideally, it should be ad1. [snip] How does the labelling logic work ? FreeBSD reserves numbers for devices that aren't currently connected, so that if you connect them later your existing devices don't need to be renumbered. Your BIOS is reporting two IDE interfaces, each of which could have a master and slave disk drive, so ad0-3 are reserved for those four drives, meaning SATA starts at ad4. Some BIOSes let you change this. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Canon printer and TurboPrint
On Thursday 28 May 2009 22:52:47 Jerry wrote: Did you ever bother to consider that if the printer manufacturers actually formed a consensus on a printer language, some third world county or the EU would probably sue them. Nothing I have seen in 20 years equals the audacity of the EU. As long as no 'standard' no matter how arbitrary, stupid or counter-productive exists, they are in theory safe from the EU. Besides, nothing stifles development as tightly as being bound to an arbitrary 'standard'. What a breathtakingly stupid remark. The EU has acted against two companies (Microsoft and Intel) who have used illegal business methods to protect and extend their monopolies and suppress competition. Or are you suggesting that a format or protocol which is implemented by several different companies, allowing vendors to compete fairly on other grounds (price, features, quality, ... ) while protecting consumers by making it possible for them to move from one vendor to another, is somehow a worse idea than a proprietary format or protocol which is forced into a market-dominating position by illegal tactics such as paying manufacturers extra to incorporate it, or penalising them financially for providing competing products? If that's the case, why is no-one trying to use the courts to prevent the use of ODF, a published standard which is now used by several companies and Free Software projects to provide a common format for documents? Once a company dominates a particular market it's held to a different standard than other companies in that market - because the power of the monopoly can be used not only to prevent competition in the original market, but to extend the market domination into new markets, by techniques like product tying, distributing at below cost (effectively drawing subsidy from the original monopoly product) until competitors are driven out of business, and so on. Microsoft has been convicted of doing all these things, in US courts, in courts in Asia, and in courts in Europe. These are matters of fact, not opinion. Intel has been convicted of many of these things in courts in Asia and in Europe. The fact that the US system is too supine to take action against these companies doesn't make the EU ``arrogant''. Let's not forget why Unix took off and expanded the way it did: once upon a time the US courts did take antitrust seriously, and prevented ATT using its telco monopoly to expand into market domination of the computer business. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Canon printer and TurboPrint
[Sorry for the excessive quoting - I couldn't decide which bits to take out] On Friday 29 May 2009 12:48:00 Jerry wrote: On Fri, 29 May 2009 09:34:36 +0200 Jonathan McKeown j.mcke...@ru.ac.za wrote: On Thursday 28 May 2009 22:52:47 Jerry wrote: Did you ever bother to consider that if the printer manufacturers actually formed a consensus on a printer language, some third world county or the EU would probably sue them. Nothing I have seen in 20 years equals the audacity of the EU. As long as no 'standard' no matter how arbitrary, stupid or counter-productive exists, they are in theory safe from the EU. Besides, nothing stifles development as tightly as being bound to an arbitrary 'standard'. What a breathtakingly stupid remark. The EU has acted against two companies (Microsoft and Intel) who have used illegal business methods to protect and extend their monopolies and suppress competition. Or are you suggesting that a format or protocol which is implemented by several different companies, allowing vendors to compete fairly on other grounds (price, features, quality, ... ) while protecting consumers by making it possible for them to move from one vendor to another, is somehow a worse idea than a proprietary format or protocol which is forced into a market-dominating position by illegal tactics such as paying manufacturers extra to incorporate it, or penalising them financially for providing competing products? The concept behind the EU is socialism, pure and simple. It attempts to create an artificial playing field that allows the incompetent to compete with the motivated. It forces those who create new technology to share it, usually sans monetary compensation, with common bottom feeders. A free, open market is the way to encourage development and new ideas and technology. Not some pathetic, socialistic concept. If that's the case, why is no-one trying to use the courts to prevent the use of ODF, a published standard which is now used by several companies and Free Software projects to provide a common format for documents? Once a company dominates a particular market it's held to a different standard than other companies in that market - because the power of the monopoly can be used not only to prevent competition in the original market, but to extend the market domination into new markets, by techniques like product tying, distributing at below cost (effectively drawing subsidy from the original monopoly product) until competitors are driven out of business, and so on. A company has the right to disperse their product as they see fit. I know a socialist like you finds that abhorrent; however, it is never the less true. Tell me, if I wanted to sell you a $300 thousand dollar Ferrari for $10, would you: A: complain to the police or what ever legal authority you feel so fit to complain to; B: slam $10 in my hand in a heart beat? I think we know the answer. You are a hypocrite. Has it ever occurred to you how a company grows and becomes successful? I know, in your world it is by using the Government to squash competition; however, in a truly free society, it is by hard word and giving the consumer what they want at a price they are willing to pay. Basic business 101. Microsoft has been convicted of doing all these things, in US courts, in courts in Asia, and in courts in Europe. These are matters of fact, not opinion. Intel has been convicted of many of these things in courts in Asia and in Europe. The fact that the US system is too supine to take action against these companies doesn't make the EU ``arrogant''. Let's not forget why Unix took off and expanded the way it did: once upon a time the US courts did take antitrust seriously, and prevented ATT using its telco monopoly to expand into market domination of the computer business. The spinelessness of the American court system is that they do not take legal action against European countries that practice reverse discrimination, or the outright breach of copyright laws, etc. I know, you socialists also abhor copyright laws. The concept of an individual actually benefiting from his/her hard work and not having to share it with every scum sucker who comes begging at his door disturbs you. Whoa. I don't think that level of personal attack is appropriate or acceptable behaviour in a public forum. (I call it attack because you clearly regard socialist as a swear word. I'm not a socialist but I don't regard it as an insult. I do regard hypocrite as an insult which I choose to ignore.) Your first paragraph, the one beginning ``the concept behind the EU is socialism, pure and simple'', is essentially the Microsoft party line: the socialist EU wants to steal our hard work and give it away to people who can't stand the heat of competition. The reality is almost the exact opposite: the EU is using competition law to try and restore a level playing field, despite
Re: n00b question regarding installation via serial console
On Thursday 04 June 2009 15:46:11 John . wrote: Hello list, Is it possible to boot into the serial console from the installation CD, or must boot.flp be used as per http://www.freebsd.org/doc/en/books/handbook/install-advanced.html ? (the machine has no floppy drive (yet) It's possible - but only by making your own install CD. Check back through the list archives: Martin McCormick and I had a lengthy discussion about this a while back. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SetUID/SetGID Kernel Option
Hi Martin On Thursday 04 June 2009 16:23:29 Martin McCormick wrote: I have been asked to enable the following kernel option: SetUID/SetGID - Allow directories to inherit their owner from the parent directory. The generic kernel under FreeBSD6.3 is what we presently use on the system in question and I see no commented-out option for compilation. You need to add option SUIDDIR To the kernel config. You can find a sample line in /sys/conf/NOTES We see in the fstab the following: # Device Mountpoint FStype Options DumpPass# #Default is for no SUIDDIR. #/dev/mfid0s1a/ ufs rw 1 1 #Living a bit more dangerously, we turned it back on. /dev/mfid0s1a / ufs rw,SUIDDIR 11 This looks like it may address the issue, but a test shows that it does not appear to happen. Once you've recompiled the kernel you also need to use suiddir in the mount options for any filesystem where you want file ownership to be inherited from the directory. It's described in the kernel notes and in the mount manpage as a dangerous option which opens security holes. I notice that you mention setGID as well, which under sysV-derived systems allows file to inherit group ownership from the directory. If that's what's wanted, you don't need to do anything, as the behaviour that's optional on sysV systems like Linux is the default behaviour on FreeBSD. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: n00b question regarding installation via serial console
On Thursday 04 June 2009 17:28:56 Tim Judd wrote: On 6/4/09, Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: Hello list, Is it possible to boot into the serial console from the installation CD, or must boot.flp be used as per make your own CD add file boot.config containing just one line: -P to existing, make sure you it's bootable (mkisofs -b boot/cdboot -no-emul-boot) and record refer to man boot.config Unless things have changed since I last did this, this isn't going to work. First of all, the CD boot process doesn't pick up the boot.config. Secondly, many motherboards use a BIOS which causes the -P test to fail. What you can do is create boot/loader.conf on the CD image containing console=comconsole Sure that's enough? ttys is still going to mark the ttyd0 line as off and won't present a tty/login then. Yes, it is. You don't need a login for an installation. You do need to make sure you enable the correct serial port (usually ttyd0, as you point out) in /etc/ttys before you reboot at the end of the installation. I think it's more complicated than that. And what if the boot process hangs for some reason? no console output either by your solution. It's not an ideal process (particularly since the serial console only cuts in at a very late stage). One day I will make time to sit down and work out how to do it properly on a CD. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What's wrong with this picture?
On Saturday 06 June 2009 05:43:15 Charlie Kester wrote: On Fri 05 Jun 2009 at 15:06:40 PDT Paul Chvostek wrote: If you elect to filter this person's traffic, and are concerned that you'll continue to be inundated with replies, I'd like to suggest a small procmail script I wrote years ago. http://www.it.ca/~paul/s/procmail-filter-msgid It caches the message-id of the troll's posts and filters the message (redirect or bitbucket). It then caches the message-id of any message that includes a cached message-id in its headers (i.e. In-Reply-To, Refererences) and filters that too. The effect is to hide not just the troll's mail, but all the conversations he starts. I haven't actively used this thing since 2003, but procmail hasn't changed much in that time either. Hope it helps. Thanks, I'll give it a try. One thought however. If I'd already filtered this thread, I would have missed helpful tips like yours. I guess that's the price that has to be paid. Unless you're absolutely certain someone is never going to talk sense, I reckon the backscatter is quite useful, to keep an eye on what the killfiled person is talking about and how people are reacting. Killfiling whole threads automatically because a particular person has joined in is a drastic step. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob
On Monday 08 June 2009 17:37:14 Jerry McAllister wrote: On Mon, Jun 08, 2009 at 06:31:57PM +0400, Peter Andreev wrote: may be this solution will help you: [snip] * * 31 1/2 * * * 30 4/2 * * * 28 2 * This isn't right, surely? It goes wrong in August and stays wrong for the rest of the year. The 31-day months are 1,3,5,7,8,10,12. Don't forget leapyear. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Need a filesystem with unlimited inodes
On Wednesday 10 June 2009 21:06:06 Karl Vogel wrote: Create 256 folders named 00-ff: #!/bin/sh hex='0 1 2 3 4 5 6 7 8 9 a b c d e f' for x in $hex ; do for y in $hex ; do mkdir ${x}${y} done done exit 0 Or use jot(1) instead of two for loops: for i in `jot -w %02x 256 0`; do mkdir $i; done To see the output of the jot in a readable format: jot -w %02x 256 0 | rs 0 16 Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Compiling in sound driver in kernel
On Friday 12 June 2009 12:54:19 Polytropon wrote: On Fri, 12 Jun 2009 04:45:59 +0200, Bernt Hansson be...@bah.homeip.net wrote: Mel Flynn said the following on 2009-06-12 01:23: FreeBSD 7.2-STABLE #0: Thu Jun 11 21:56:24 CEST 2009 r...@fqdn:/usr/obj/usr/src/sys/GENERIC ^^^ Did you edit GENERIC Yes. Added sound and snd_hda Polite note: This is NOT the way to create a custom kernel. The handbook mentions that it's advised to create a copy of GENERIC and work with that. Just to emphasise this point: look at the other kernel configs supplied with source. They tend to include GENERIC, and then have a small list of changed options. Messing about with GENERIC is not a good idea. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: No sound, no mouse and now X applications won't start
On Tuesday 23 June 2009 15:41:48 Manish Jain wrote: I hope the next release will address these problems, as well as a pretty reasonable request from me much earlier to move vi from /usr/bin to /bin. Even in single-user mode, you almost always need an editor. Which is why you have ed(1) - both in /bin and in /rescue - and /rescue/vi (although that needs a bit of tweaking due to the /etc/termcap problem). Bear in mind that /usr/bin/vi is over 300K, compared to the whole of /bin which is ~950K (if you avoid double-counting entries like /bin/csh and /bin/tcsh which are hardlinks to the same file), so you need to convince people who think /bin should stay small to let it grow by a third to save people learning ed(1). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: The question of moving vi to /bin
On Wednesday 24 June 2009 12:59:13 Manish Jain wrote: About ed first. I might annoy a few people (which would gladden me in this particular case), but ed was just one of Ken Thompson's nightmares which he managed to reproduce in Unix with great precision. By no stretch of imagination would it qualify as an editor, because an editor can meaningfully edit only what it can first show. And ed has never had anything to show. A modern operating system like FreeBSD should really be kicking ed out of the distribution completely : bad ideas don't have to be necessarily perpetuated just for the sake of compliance with the original concept of Unix. Hold on. I didn't claim it was a *good* editor - I was reacting to your suggestion that /bin didn't contain an editor at all. ed(1)'s interface is certainly minimal, but it's easy enough to list lines in the file you're editing, contrary to what you seem to be saying - to list every line of the file, try the two characters , l. However, if you want a more visual editor, perhaps /usr/bin/ee (which is just over 10K bigger than /bin/ed) would do? You also suggested doing away with ed and /rescue/vi altogether. You may not need statically-linked tools very often, but when you do need them, you *REALLY* need them. Don't suggest throwing them away without thinking through the implications. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Editor in minimal system (was Re: The question of moving vi to /bin)
This whole thread only really got started because I questioned Manish Jain's assertion that there was no editor available in /bin. To summarise: There are several editors available ranging from ed (49604 bytes) and ee (60920 bytes) (both with two library dependencies) to emacs (in ports; 5992604 bytes and 50 library dependencies in my installation) and probably beyond. One of them, ed, is available in /bin and therefore in single-user mode. Two of them, ed and vi, are available in /rescue and therefore in single-user mode even when something horrible happens and libraries are broken (although /rescue/vi is currently slightly broken itself due to the termcap issue which is being fixed in -CURRENT and I hope will be MFC'd). Anyone who wants /usr/bin/vi available in single-user mode can install FreeBSD with one large partition; or mount /usr once in single-user mode. The original poster suggested that the fix for not having vi in /bin was not to have any editor at all in /rescue, which comprehensively misses the point of /rescue. The only argument that's been advanced for moving vi seems to be ``vi should be in /bin because that's how I want it''. I find that argument unconvincing, but it's not up to me. I'm open to a sensible argument, if anyone has one. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: POLL: Linux preferences from FreeBSD users
On Thursday 02 July 2009 07:21:25 Polytropon wrote: On Wed, 1 Jul 2009 18:58:15 -0400, Daniel Underwood djuatde...@gmail.com wrote: QUESTION: Of the various modern Linux distributions, which do you prefer? and why? Actually, I'm not a Linux user. But Linux was my first step into using UNIX on a x86 PC. More than 10 years ago, I started with Slackware Linux, and with the rise of FreeBSD 4.0, I did abandon it. I was wondering if there were any other Slackers out there! I've still got my first Linux distribution, and possibly my first FreeBSD release too: I bought the Walnut Creek 4-CD box of Slackware 3.6 in a little shop in the West End of London, and a couple of years later, the boxed set of FreeBSD 4.5 from either the Linux Emporium or CheapBytes (can't remember which). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FTP Server for individual client spaces
On Friday 10 July 2009 16:10:24 RS Wood wrote: I run a small engineering company* that exchanges large files (CAD, etc.) with clients, and I want to keep the docs off my email server by setting up a stand alone FTP server where each client can upload and download its relevant files. As such, my own users/employees should be able to reach every client’s FTP space but each client should only be able to reach his own. As my users finish a doc, they place it in that client’s FTP directory and the client can log in and get it. As such, I don’t want any form of unauthenticated FTP. [snip] Is the solution ftpchroot? If so, it’s not clear how I can chroot each potential client into his own directory, as my understanding is that all chrooted users wind up at the same place (like /var/ftp/pub). Or is the solution that each client gets access to his own home directory; if so, how do I ensure my staff has access to each client’s home directory? I haven't tried this, but man ftpd.conf suggests something along the lines of: chroot chroot /some/path/%u where the second chroot is the ftp class, and %u will be expanded to the username. Make sure all your external users are in ftp class chroot (by putting their usernames in /etc/ftpchroot), and make /some/path group-owned and group-readable by a group all your staff are in (the group ownership of a directory automatically propagates to new directories created below it). Let us know how it goes! Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Automatic screen lock when leaving desk
On Wednesday 15 July 2009 12:45:02 Matthew Seaman wrote: I used to be a NeXTie, and the Screensaver.app there had a really nifty little feature. I'm surprised it's not been copied into other screensaver applications since, as it's pretty simple. They just had a facility where moving the mouse cursor to one corner of the screen and leaving it still for a few seconds would cause the screen saver / screen lock to come on straight away. Conversely you could designate another corner of the screen as don't turn on screensaver even after an extended period of idleness. Being a NeXT app this was all configurable by dragging little '+' or '-' icons around a scaled down image of the screen, or off it entirely if you didn't want that facility. KDE 3.5 provides this feature - it's under Advanced Options on the screensaver configuration. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how to boot or access problem file system
On Thursday 30 July 2009 23:14:39 PJ wrote: But isn't it strange that it used to be pretty simple to upgrade and update. But recently, I notice that communication between the developers and users (or is it the manual page writers) are getting far away from the realities of user/operational needs. Oh, what's the sense of beating a dead horse, mechanics will never be writers... let's not kid ourselves. I may be misunderstanding what you've been saying over the last couple of days (I can understand your frustration, but your questions would be much clearer if you didn't let it spill over into chippy remarks about FreeBSD like the above). Let me summarise what I think you've said, and what I think it means, and please, correct me if I'm wrong. You run a custom kernel, and you decided for your latest system upgrade that you would use freebsd-update, which as far as I know doesn't work with custom kernels. You discovered this and tried to move your custom kernel aside and put a GENERIC kernel in place for the upgrade, rebooted in the middle of the process, and now when you try and boot up, your system can't find a kernel - which is why the bootloader is asking you to tell it where to look. If that's the case, your data should all still be there in the original slices/partitions (others have told you how to check that). You are likely to struggle to get the system booted unless you can work out where to direct the bootloader to find a kernel, but you may well be able to inspect the data on the disk if you boot a LiveCD (which is a version of FreeBSD that runs from the CD - there's one in the release set). Given the problems you've encountered so far, and the level of effort and learning that's acceptable to you in your situation to try and resolve it, I would suggest you go and buy a new hard drive (they're not expensive these days compared with the cost of your time), and fit it alongside your messed-up drive in your computer. You can then do a fresh install on the new drive, get everything set up the way you want, and then retrieve the data from the old hard drive (various ways to do this: mounting the drive and simply copying files, dump and restore of complete filesystems, etc). You've also thrown in a new problem, which is that X doesn't recognise your mouse. Unfortunately, that doesn't have much to do with FreeBSD. It's a result of a decision by the X developers to require a hardware abstraction layer - you probably need to enable hal and dbus. Googling will put you on the right track. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: kernel designations terminology confusion -- amd64 used for into quad core
On Wednesday 05 August 2009 15:14:49 David Southwell wrote: Hi every one My understanding is that one uses the amd64 for building a kernel for systems with Intel Quad Core processors. It is helpful when naming conventions follow a logical strand. I mean why does freebsd use a single manufacturer's name to represent a genre? Because it's technically correct, as I understand it. Unless I've got this wrong (in which case I'm sure someone will shout), there were initially two 64-bit instruction sets, amd64 from AMD and ia64 from Intel. ia64 saw so little uptake that Intel started using the AMD instruction set, but amd64 is still the appropriate description for most 64-bit processors these daya regardless of manufacturer. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: upgrade 7.2 overwrites partitions
On Wednesday 05 August 2009 15:49:38 PJ wrote: Polytropon wrote: On Mon, 03 Aug 2009 10:58:58 -0400, PJ af.gour...@videotron.ca wrote: Could somone explain to me why an upgrade from sysinstall would overwrite partitions; especially when the instructions indicate that files will not be overwritten? I'm not sure how to explain. It's possible that sysinstall recreated the slices and paritions, or at least the partitions were marked as to be formatted (Y after the file system type in the partition editor). Because I've never used the Upgrade functionality of sysinstall, I'm not even sure what it is supposed to do. Well, whatever it was it sure screwed up my system You screwed up your system. Possibly that started when you tried to use freebsd-update with a non-GENERIC kernel, but you then thrashed around, apparently ignoring most of the help you were offered on this list and getting into more and more trouble, while never explaining exactly what you were doing. This is the textbook example of how not to report a problem: the whole machine became un bootable when some xcb or something like that could not be loaded because of some problem with a python port. Even so, several people put time and effort into helping you, and suggesting ways you could reach a quicker solution when you made it clear what your personal effort limit was. Due to diligence and a great deal of my time, I managed to save all the files that were on the system and recovered the XP disks so everything can now be re-installed and used. Actually, it was also a great deal of time donated by other busy people around the world. The only victim in the end is FreeBSD as I will never touch it again. It has been going downhill since way back; but I think I just preferred to stay with my illusions and tolerated the waste of time and effort reconfiguring, searching for answers and reinstalling, rebooting and the whole shebang under the aura of learning. So learn I did. Don't touch it; it sucks. There are other systems better than FBSD, so g'bye all. :o :-P ``I can't use it, therefore it's rubbish''. That's fine, no-one forced you to use FreeBSD in the first place and I doubt anyone minds that you don't want to use it any more. Personally, I do think it's a pity, because FreeBSD (in my experience, since FreeBSD 4.5) is stable, easy to use (once you have the basic Unix concepts on board), and astonishingly well-documented. It's also supported by one of the friendliest and most knowledgeable communities I know. I don't recognise FreeBSD or its user community in your description and I hope your tirade, on an extremely publically archived mailing list, doesn't put other people off trying it. Having said all that, I wish you well and I hope you find a system which suits you better than the one you have trashed. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD for the common man(or woman) (was: upgrade 7.2 overwrites partitions)
On Thursday 06 August 2009 09:43:47 Mark Stapper wrote: In light of this, I would really enjoy seeing a Ubuntu like movement in the FreeBSD corner. What I mean is that it would be nice for my mother to install and use FreeBSD. [snip] To achieve this, there are two things that should be made easier: 1. Installing a basic desktop system(next to any currently installed OS) 2. Keeping the base system and ports up to date. And when I mean easier I mean it should be done without bothering the user unless you about to rm -rf / as root, so to say. This is what a couple of projects are already doing. PC-BSD springs to mind - I can't remember what the other one is called. PC-BSD is FreeBSD, pre-packaged with a usable desktop and its own simplified package manager. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cat sort(1) sort floating point numbers?
On Monday 03 October 2011 14:05:42 Anton Shterenlikht wrote: I tried sorting a file with a column of floating point numbers (below) with sort(1) -n. However, the numbers seem to have been sorted by the first digit only. sort -g Due to the GNU project's obsession with info (http://xkcd.com/912/), you can't readily find this out from the manpage - but the info documentation available on the web for coreutils describes the difference between -g and -n: [when using -n] Neither a leading ‘+’ nor exponential notation is recognized. To compare such strings numerically, use the --general-numeric-sort (-g) option. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Flaming mailing lists (was Re: Why Clang)
On Wednesday 20 June 2012 12:59:51 Stephen Cook wrote: On 6/19/2012 4:06 PM, Anonymous Remailer (austria) wrote: [snip childish invective] I'm a relative newcomer. Are the FreeBSD mailing lists always this flame-y? I realize that this particular post might be trolling / satire No, they aren't. And I notice that whoever is primarily responsible for it isn't even prepared to sign his own name to his tirades - he (or she) is using anonymous remailers. (Irritatingly this makes him difficult to killfile - it turns out there's at least one recent legitimate post that's been sent through a similar remailer so I can't just toss them all away). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Flaming mailing lists (was Re: Why Clang)
On Friday 22 June 2012 07:04:35 Bernt Hansson wrote: I want to whish all a very mery Midsummer's Eve and Midsummer's Day http://en.wikipedia.org/wiki/Midsummer#Sweden I appreciate the sentiment but it's midwinter here ;) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Warning - FreeBSD (*BSD) entanglement in Linux ecosystem
On Wednesday 22 August 2012 15:41:05 David Jackson wrote: So this is clearly not about portability, FreeBSD is free to implement these software interfaces to assure that software is portable to FreeBSD. Really? You make software portable by writing it to one environment and then changing every other environment to suit the software? I'm not sure software portability means what you think it means. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Using pre-built packages with portmanager
On Saturday 05 August 2006 19:16, cpghost wrote: How do I get portmanager to upgrade ports, using 1. pre-built packages from /usr/ports/packages (ONLY), and only if there's no binary package there, 2. build from source as usual? Additional limit (preventing use of portupgrade -P) is that only local (/usr/ports/packages), and no remote packages should be used. Edit /usr/local/etc/pkgtools.conf and add ENV['PKG_FETCH'] = '/usr/bin/false' portupgrade will look for a local package, then try and fetch a package remotely using false(1) - which will fail because that's what false(1) does - and portupgrade will then build the port. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Building ports with sorces on a local mirror?
On Saturday 26 August 2006 22:15, stan wrote: I'm in the process of seting up to build a fair number of machines behind a very restrictive firewall (and besides that the outbound link is very slow). What I have in mind is setting up a machine using mirror software to create a local mirror of the FreeBSD site, including the distfiles for the ports tree. Is thee a way to get the ports build system to look for distfiles on this local mirror? I'm doing something similar, but I'm keeping the ports tree on one machine and NFS-mounting /usr/ports from there on all my other hosts. Each host other than the master has WRKDIRPREFIX=/usr/local/ports in /etc/make.conf. Each time I build a port on any of the machines, it downloads the distfile if it doesn't already exist - but because /usr/ports is on the master server, that's where all the distfiles end up (in /usr/ports/distfiles), so I download each source tarball once, the first time it needs to be installed. This saves bandwidth as I'm not trying to mirror all the distfiles whether I need them or not. You can also make packages which will be stored on the master server so you don't even have to compile more than once unless you need to. Word of warning: take steps to avoid downloading prebuilt packages if you don't have a locally-built package. For example, with portupgrade, edit /usr/local/etc/pkgtools.conf and add ENV['PKG_FETCH']='false' which prevents ever fetching a package from the Internet: if there isn't a local package it will build from source in the ports tree. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: include format for /etc/rc.conf
On Wednesday 30 August 2006 09:40, Dan Mahoney, System Admin wrote: Hey all, Are there any supported formats for INCLUDES in /etc/rc.conf such that I can drop default configs into /etc/rc.conf and then have files in a certain directory (ala includerc) override them? Basically, I'd like to do mass-updates of several dozen machines' configs normally found in /etc/rc.conf, but then have per-machine configs (like hostnames) elsewhere. Look at rc_conf_files (man rc.conf). By default there are three ``levels'' of config: /etc/defaults/rc.conf /etc/rc.conf /etc/rc.conf.local each one overriding the previous one. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Mirroring: gvinum or gmirror?
I'm setting up a remote server with two identical hard drives, running FreeBSD-6.1. I want to set the drives up as a mirror for data redundancy. I also want to be able to break the mirror when I need to update the OS or installed software, so that if anything goes wrong with the update on one drive I can boot back to the other one, or if all is well, re-establish the mirror and synchronise to the updated system. I have serial console access including BIOS console redirection. Based on web and Usenet/mailing list searches, gmirror looks more straightforward for this simple case, gvinum more flexible but poorly documented, and the most recent comments I can find (still all 6+ months ago) seem to suggest that gvinum hasn't completely stabilised for production yet. Is this a fair assessment? Are there any factors I've missed? Which solution is likely to suit the situation better? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: building and installing world on two separate machines
On Monday 04 September 2006 08:25, Dave wrote: Hello, I have a machine that i want to upgrade from 5.x to 6.1. I've got a 6.1 world built on a much faster system and would like to just install it on this machine. I thought about nfs, but i have to drop to single user mode to do the make installworld and won't have nfs available. Is there a way i can install this already compiled world on the slower box without having to remake it? I do this across all my servers, by nfs-mounting /usr/src and /usr/obj from the build server on the target server before dropping it to single-user mode: the filesystems stay mounted and I just cd /usr/src make installworld Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD installer (was Re: Newbie Experience #2)
On Monday 11 September 2006 15:56, Jud wrote: everyone who uses FreeBSD knows that a better (meaning, at least to many folks, more simplified and graphical) installer would be nice Perhaps as an option. The problem is that you need to install a graphical environment to run a graphical installer. Simplicity means different things to different people, too. I set up new and replacement servers, using commodity hardware for cost reasons, for our various offices around South Africa. I used to have a KVM switch with a spare monitor and keyboard in my office for doing the installations, or if I was going elsewhere to install delivered hardware or update an existing box, we needed to arrange a spare screen and keyboard at the location. I now have a slightly-adjusted installation CD (I downloaded the disc 1 and 2 ISO images from Freebsd.org, unpacked disc 1 onto a hard drive and edited boot/loader.conf, adding the line console=comconsole then made a new ISO and burned to a fresh CD labelled ``disc 1- serial''). Now the only time my servers get a screen/keyboard connected is to configure the BIOS when they are first unpacked. Otherwise the basic install is done from the serial boot CD with my laptop as a serial terminal, up to the point where I can ssh to the box and start customising, adding packages etc. From my point of view it doesn't get simpler than that. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Experience
On Tuesday 12 September 2006 15:05, Jeff Rollin wrote: That was my point, that BSD was rewritten from the ground up to avoid ATT patents. So whilst some might consider BSD real unix, it's really only emulating V7 with Berkeley extensions. My understanding was that it was copyright rather than patents - and that the main reason for the settlement of the case between ATT and BSD/University of California was that when they started comparing code, there was actually more Berkeley code in ATT Unix than the other way round. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Using PC as serial terminal on running system
I'm using my laptop and tip(1) as a serial terminal. This is working well when a machine is booted with the laptop connected to its serial port. However, I need to be able to connect the laptop to a machine which was booted without a serial console. I've set the ttyd0 line in /etc/ttys and sigHUPed init. The machine is still not recognising the presence of the ``serial terminal'' - the getty(1) process on the server is not bound to a controlling terminal and nothing is appearing in the tip(1) screen on the laptop. I've also tried fiddling about with conscontrol, adding ttyd0 on the server - still no difference. Have I missed a trick somewhere, or do I really need to reboot the server to get it to recognise a PC connected as a serial terminal? (Connection is laptop - USB - BAFO 810 USB/serial adapter - null-modem cable - server) Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Experience
On Thursday 14 September 2006 01:21, Kevin Brunelle wrote: As for the GNU tools, yes most sysadmins use some of them (although not always). I know that BSD tar handles gzip and bzip2 just fine ( -z and -j respectively). So I know I wouldn't download gtar just for that feature. In fact, as I discovered a few days ago (after all, how often does one read tar(1)'s manpage?), you only need to use -z and -j when creating a tar archive. bsdtar(1) recognises bzip2 and gzip compression on reading an archive and handles them automatically. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Experience
On Thursday 14 September 2006 08:40, Chad Leigh -- Shire.Net LLC wrote: On Sep 14, 2006, at 12:29 AM, Jonathan McKeown wrote: In fact, as I discovered a few days ago (after all, how often does one read tar(1)'s manpage?), you only need to use -z and -j when creating a tar archive. bsdtar(1) recognises bzip2 and gzip compression on reading an archive and handles them automatically. old habits die hard :-0 Exactly. I wondered, when I saw the entry in tar(1)'s manpage, how many other little tricks I don't know because I just do it the old way. If I ever get a supply of tuits (round ones are best, apparently), I might start re-reading the documentation for things I already know how to do, just to find out what I'm missing. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using PC as serial terminal on running system
On Wednesday 13 September 2006 14:59, Jonathan McKeown wrote: I'm using my laptop and tip(1) as a serial terminal. This is working well when a machine is booted with the laptop connected to its serial port. However, I need to be able to connect the laptop to a machine which was booted without a serial console. I've set the ttyd0 line in /etc/ttys and sigHUPed init. The machine is still not recognising the presence of the ``serial terminal'' - the getty(1) process on the server is not bound to a controlling terminal and nothing is appearing in the tip(1) screen on the laptop. OK, creating a line in /etc/ttys for cuad0 seems to have worked. Will that cause problems later? I assume the problem is that the tip(1) process (or possibly the USB-serial adapter) is not DTRT with respect to carrier. Is there any other way round this? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB IrDA Adapter
On Saturday 30 September 2006 13:58, Luchezar Petkov wrote: I really need your help. I've just brought my first USB IrDA adapter to conncect my phone (Sony Ericsson K300i) to my computer. It is recognized by FreeBSD (6.2 beta 1) :: ugen0: Prolific Technology Inc. USB-Serial Controller, rev 1.10/3.00, addr 2 -- addr 1: OHCI root hub, SiS uhub1 addr 2: USB-Serial Controller, Prolific Technology Inc. ugen0 And... What to do now? How to take the pictures from my photo camera? How to put files on my phone? I don't know what to do.. Any ideas? It sounds like the adapter is trying to present itself as a serial port. The Prolific Technology USB-Serial controller needs the uplcom(4) driver either compiled into the kernel or loaded as a module. Try (as root) kldload uplcom and then plugging your adapter in. You should see a message about ucom rather than ugen, and the devices should be something like /dev/ttyU0 /dev/cuaU0 as the tty and callout devices for the adapter. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: no specifc dhcpd port found
On Wednesday 04 October 2006 23:46, Noah wrote: Hi there, I am unable to find the dhcpd port in /usr/ports where should I be looking? # find /usr/ports -name dhcp\* I find the easiest way to search for ports is # cd /usr/ports # make search name=dhcp | grep -A2 '^Port:' This finds every port whose name includes the string dhcp, and then gives the Port: line and the two following it in each response. This drops the Maintainer:, B-deps:, R-deps:, and Web: lines, giving you something like: Port: dhcp-agent-0.41 Path: /usr/ports/net/dhcp-agent Info: A portable UNIX Dynamic Host Configuration suite -- Port: dhcp6-20040903a Path: /usr/ports/net/dhcp6 Info: KAME DHCP6 client and server -- Port: dhcpdump-1.7 Path: /usr/ports/net/dhcpdump Info: Decode and diagnose sniffed DHCP packets -- Port: dhcping-1.2 Path: /usr/ports/net/dhcping Info: Send DHCP request to DHCP server for monitoring purposes -- Port: isc-dhcp3-client-3.0.1.r14_6 Path: /usr/ports/net/isc-dhcp3-client Info: The ISC Dynamic Host Configuration Protocol client -- Port: isc-dhcp3-devel-3.0.1.r14_6 Path: /usr/ports/net/isc-dhcp3-devel Info: The ISC Dynamic Host Configuration Protocol API -- Port: isc-dhcp3-relay-3.0.1.r14_6 Path: /usr/ports/net/isc-dhcp3-relay Info: The ISC Dynamic Host Configuration Protocol relay -- Port: isc-dhcp3-server-3.0.1.r14_6 Path: /usr/ports/net/isc-dhcp3-server Info: The ISC Dynamic Host Configuration Protocol server -- Port: wide-dhcp-1.4.0.6_2 Path: /usr/ports/net-mgmt/wide-dhcp Info: Dynamic Host Configuration Protocol, WIDE Implementation Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Removing removable ATA hard drives
I recently bought a drive caddy for an ATA hard drive. The unit is in two parts: a cassette, into which can be fitted a standard ATA hard drive, and a carrier permanently fitted into a standard drive bay. The carrier includes a power keyswitch for the drive bay. I installed it, brought the box (running 4.9) back up, and then switched on the power to the drive. FreeBSD didn't recognise the drive even after an atacontrol reinit of the channel. I then dropped the box and brought it back up with the keyswitch for the drive in the ON position. It now recognises the drive (could this be BIOS-related?). Is it safe to simply switch the power to the drive off using the keyswitch and then remove the cassette with the server running but the drive bay powered down? Do I need to do anything other than ensure that the drive is unmounted at the time? And having done that, if I replace the drive and then reapply power using the keyswitch, would I need to do anything to get FreeBSD to notice the return of the device? I'm reluctant to experiment any more than I have done: the server the drive bay has been fitted to is our live fileserver, with 120GB of user data on two drives on the other ATA channel. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Removing removable ATA hard drives
On Thursday 05 October 2006 10:38, Olivier Nicole wrote: Hi, I'm reluctant to experiment any more than I have done: the server the drive bay has been fitted to is our live fileserver, with 120GB of user data on two drives on the other ATA channel. I know I would take time to install the drive bay in a test machine, with an old disk and play with it until I am 100% confident on the way to mount and dismount your disk... Whatever others can say. Yes, so would I normally but I'm under pressure for a quick fix to this and a number of other issues, as you might guess from the OS version on the server: I'm trying to impose order on a bunch of inherited and undocumented servers running (at least) 4.7-release, 4.9-release, 4.9-stable, 5.2-release, 5.4-release-p6, plus Red Hat 6.0 and WinNT 4.0 SP6a. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Removing removable ATA hard drives
On Thursday 05 October 2006 11:00, Olivier Nicole wrote: [Power down a drive bay using its built-in keyswitch and pull the disk without dropping the whole box] Unless you need to move that disk from one machine to another, fix it in your server, keep the tray for future testing when you will have more time... (if we ever have more time in the present life :) I should probably have said: we don't currently have offsite backups (we've exceeded the capacity of our tape device and our budget), and the quick-fix solution is dumping to this hard drive and then pulling it out and taking it home. As such the removability is key to its intended function. I can't keep dropping the main fileserver to fiddle with it, and the alternative in terms of testing is to set up another box with the particular 4.9-STABLE snapshot running on this server (to eliminate OS version-related variable effects). I'm hoping some kind person here will save me the trouble by saying, from experience, either ``yes, you're on the right track but you need to do x, y and z before pulling/replacing the drive cassette'', or ``no, run away screaming before your server room goes down in flames''. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Removing removable ATA hard drives
On Thursday 05 October 2006 10:34, Jonathan McKeown wrote: I recently bought a drive caddy for an ATA hard drive. The unit is in two parts: a cassette, into which can be fitted a standard ATA hard drive, and a carrier permanently fitted into a standard drive bay. The carrier includes a power keyswitch for the drive bay. I installed it, brought the box (running 4.9) back up, and then switched on the power to the drive. FreeBSD didn't recognise the drive even after an atacontrol reinit of the channel. I then dropped the box and brought it back up with the keyswitch for the drive in the ON position. It now recognises the drive (could this be BIOS-related?). OK, having got to this point and with some trepidation, I started fiddling. The removable drive is on ATA channel 1 along with a CD writer. Is it safe to simply switch the power to the drive off using the keyswitch and then remove the cassette with the server running but the drive bay powered down? Do I need to do anything other than ensure that the drive is unmounted at the time? And having done that, if I replace the drive and then reapply power using the keyswitch, would I need to do anything to get FreeBSD to notice the return of the device? So far doing an atacontrol detach 1, powering down the drive with the keyswitch, removing it and doing an atacontrol attach 1 to get my CD back, seems to work without problems. Adding the drive back in, powering it up and then doing an atacontrol reinit 1 also seems to work without problems. Potentially slightly less safe, I guess, simply powering the drive off and doing an atacontrol reinit 1 seems to work. Does anyone have any horror stories or awful warnings before I make this part of my backup procedure? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cheapskate webmail interface
The Subject: header has gradually grown to: Subject: Re: RE : Re: RE : Re: RE : Re: RE : Re: cheapskate webmail interface Please, please, edit it or use an email client that does. It's in danger of getting silly now. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ports adding users
This is, I guess, a philosophical question. Twice in the last couple of weeks I have been bitten by ports adding users or groups. In setting up my laptop, I created my user account in sysinstall without creating my group. My ~ was created with the GID corresponding to my UID, but in building KDE, comms/gnokii used pw groupadd and was allocated `my' GID, resulting in my ~ being group-owned by gnokii. More seriously, we are moving our user accounts into LDAP and I now have a problem on a server where I installed net/isc-dhcp3-server before configuring pam_ldap and nss_ldap. As a result the dhcpd user (in /etc/passwd) and one of my user accounts (in LDAP) have the same UID and GID. Disentangling these is going to be... interesting. After some digging about, I see I can effectively reserve a block of UIDs/GIDs by starting my UID numbering at (1001 + x), and creating /etc/pw.conf with reuseuids yes reusegids yes to use the UIDs/GIDs between 1000 and (1000 + x) (otherwise pw just allocates a UID/GID higher than any in use, which puts it right back in my reserved range). Perhaps I should also set the maxuid/maxgid options too, just in case? That's one option. Another is to expect dozens of busy port maintainers to cover for me by reserving UIDs/GIDs instead of creating random users. Another is to arrange somehow that the ports infrastructure provide a pw.conf which can be used when pw is called by ports, that limits the range of UIDs/GIDs that a port can be allocated so that it doesn't overlap with the range generally used for user accounts. Thoughts? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ports adding users
On Friday 13 October 2006 21:54, Lowell Gilbert wrote: The convention is, indeed, that users get UIDs from 1000 up. This doesn't seem to be explicitly described anywhere I can find at the moment, but it is implemented in adduser(8) -- and the porter's handbook requires hard-coded UIDs and GIDs to be under 1000 (but strongly recommends using pw(8) unless there is an important reason not to do so). Yes. The reality of using pw(8) at port installation time, though, is that the port-created user will get a uid above 1000 - in fact a uid higher than the highest one currently in use, so I can't even just leave a gap in uid numbering for port-created users. This caught me out. A lot of your problem, though, is that you're trying to combine the UID (and GID) space of different machines, that have collisions. The fact that some of those were created by ports isn't really important; the problem is that the UID maps were created independently and now need to be combined. No, this isn't the main problem, which is that without some serious forethought (and an awareness of the issue), installing a port can screw up my user management by (quite correctly, as you point out above) using one of ``my'' uids rather than a block set aside for ports which want a uid but don't need to reserve a specific one. More to the point, it can do this at some point in the future, when I decide to install a new port on one server and then have to remember to mark that uid as used throughout my network. I'm not sure there's a perfect solution, other than planning ahead. Agreed. I think my planning ahead is going to take the form I proposed originally, of adding an /etc/pw.conf (so that ports using pw(8) will use that configuration) forcing allocation within a given uid/gid range, and ensure that I only use numbers outside that range for real users. I mentioned this on the list because I was Astonished (in the POLA sense) to find that my human users and ports-created (effectively system) users were not separated in any way by default, indeed were jumbled together in the sequence of uids/gids. I always like to create a permanent record of things that trip me up! Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mimedefang with LDAP-enabled sendmail
I'm hoping someone can point me in the right direction. I'm running 6.1 (the security branch) with a recently-updated ports tree (1 September). I have modified /etc/make.conf to change the options for the system sendmail, by adding these lines: SENDMAIL_CFLAGS = -I/usr/local/include -DSASL=2 -DLDAPMAP SENDMAIL_LDFLAGS = -L/usr/local/lib SENDMAIL_LDADD = -lsasl2 -lldap -llber I have added the necessary ports and rebuilt world: when I run ldd /usr/libexec/sendmail/sendmail, I get libutil.so.5 = /lib/libutil.so.5 (0x28107000) libwrap.so.4 = /usr/lib/libwrap.so.4 (0x28113000) libssl.so.4 = /usr/lib/libssl.so.4 (0x2811a000) libcrypto.so.4 = /lib/libcrypto.so.4 (0x28148000) libsasl2.so.2 = /usr/local/lib/libsasl2.so.2 (0x2823a000) libldap-2.3.so.2 = /usr/local/lib/libldap-2.3.so.2 (0x2824f000) liblber-2.3.so.2 = /usr/local/lib/liblber-2.3.so.2 (0x2827f000) libc.so.6 = /lib/libc.so.6 (0x2828a000) and sendmail -d0.1 -bt /dev/null gives me Version 8.13.6 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT XDEBUG When I try to build and install mail/mimedefang from ports (version is 2.57), I get (modulo wrapping) cc -O2 -fno-strict-aliasing -pipe -pthread -o mimedefang mimedefang.o drop_privs_threaded.o utils.o rm_r.o syslog-fac.o /usr/lib/libmilter.a -lpthread /usr/lib/libmilter.a(errstring.o)(.text+0xd6): In function `sm_errstring': : undefined reference to `ldap_err2string' *** Error code 1 Has anyone come across this? (I found a couple of inconclusive entries through Google, one on the Mimedefang list from earlier this year, which doesn't seem to have attracted an answer, and one from three years ago regarding installing MD on Red Hat Linux). Any suggestions what to try next to get a successful build of mail/mimedefang? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mimedefang with LDAP-enabled sendmail
On Sunday 15 October 2006 22:19, Jonathan McKeown wrote: sendmail -d0.1 -bt /dev/null gives me Version 8.13.6 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB USE_LDAP_INIT XDEBUG When I try to build and install mail/mimedefang from ports (version is 2.57), I get (modulo wrapping) cc -O2 -fno-strict-aliasing -pipe -pthread -o mimedefang mimedefang.o drop_privs_threaded.o utils.o rm_r.o syslog-fac.o /usr/lib/libmilter.a -lpthread /usr/lib/libmilter.a(errstring.o)(.text+0xd6): In function `sm_errstring': : undefined reference to `ldap_err2string' The undefined reference is apparently in libmilter.a and it seems (Google again) that the ldap_err2string symbol comes from the openldap library. Is it possible that the build of libmilter is not picking up libldap from /usr/local/lib? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Which OS for notebook
On Tuesday 05 October 2010 13:31:08 Carmel wrote: I have been tooling around with FreeBSD for a year or so now and I find it incredible that there is virtually no support for modern hardware; i.e., drivers for 'N' protocol devices. That one factor alone, and there are others, precludes me from seriously thinking about installing FreeBSD on a new laptop. The one PC that I have FreeBSD installed on is connected via Ethernet cable to my LAN. Once that PC is replaced by year's end with a more powerful, and wireless enabled unit, I am afraid my experiment with FreeBSD will come to a close. At present it certainly will not support the wireless card installed, and I am not even sure if it will support all of the other hardware either. I realize that at this point someone will inevitably chime in and play the blame the manufacturers whine. If that were factually correct, then no one else would be able to supply drivers and support for hardware that FreeBSD has left orphaned. The bottom line is that FreeBSD, if it is to continue to be considered a viable alternative operating system, must stay current in today's market. Many posts that I have viewed on other forums seem to feel that FreeBSD is sadly, whether do to bad choices such as those related to GPL licenses, or failure to properly gage today's market trends, is slipping into an abyss. So. What's the connection between freebsd.u...@seibercom.net, carmel...@hotmail.com and ges...@yahoo.com, who all post through scorpio.seibercom.net, and who all have remarkably similar views on why FreeBSD is a pile of rubbish? And in terms of keeping my killfile reasonably effective, is there any easy way to filter out /all/ the sockpuppets at once? Or do I just need to keep adding them one at a time? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Which OS for notebook
On Tuesday 05 October 2010 15:47:36 Pierre-Luc Drouin wrote: On Tue, Oct 5, 2010 at 9:31 AM, Jonathan McKeown j.mcke...@ru.ac.za wrote: On Tuesday 05 October 2010 13:31:08 Carmel wrote: I have been tooling around with FreeBSD for a year or so now and I find it incredible that there is virtually no support for modern hardware; i.e., drivers for 'N' protocol devices. [snip] I realize that at this point someone will inevitably chime in and play the blame the manufacturers whine. If that were factually correct, then no one else would be able to supply drivers and support for hardware that FreeBSD has left orphaned. So. What's the connection between freebsd.u...@seibercom.net, carmel...@hotmail.com and ges...@yahoo.com, who all post through scorpio.seibercom.net, and who all have remarkably similar views on why FreeBSD is a pile of rubbish? And in terms of keeping my killfile reasonably effective, is there any easy way to filter out /all/ the sockpuppets at once? Or do I just need to keep adding them one at a time? Well, according to me FreeBSD works very well on desktops (except for CUDA), but I agree that its usage is extremely limited for laptops and netbooks. If I can't use ACPI or wireless on my laptop/netbook, I don't really see the point... Over the past 6 years I have tried many times to use FreeBSD on my laptops/netbooks but these problems always made me fall back to Linux... I still use FreeBSD as the only OS on my desktop computers though... I'm not disputing that there are things not supported on/by FreeBSD that it would be nice to see working. I'm just getting bored with hearing very similar whinges, posted from multiple email addresses but apparently all from the same person: look at http://lists.freebsd.org/pipermail/freebsd-questions/2009-December/209946.html and then http://lists.freebsd.org/pipermail/freebsd-questions/2009-December/209966.html Both messages are sent from carmel_ny at hotmail.com. They have the identical ascii-art flag in the sigblock. One is signed Carmel (carmel at hotmail.com), the other Jerry (gesbbb at yahoo.com). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Glue records (was Re: ATTN GARY KLINE)
On Friday 05 November 2010 09:28:27 Ian Smith wrote: But you don't always have any control of what parent nameservers do; eg we do DNS for a .com but both NS are in .au so DNS reports always whinge about lack of glue They should be whingeing about lack of clue (their own) unless I'm horribly wrong about how DNS works. When a nameserver delegates a zone, it's not responsible for any of that zone's records any more, with two exceptions. It provides NS records to indicate which nameservers /are/ responsible, and it retains responsibility for the A records of nameservers inside the zone - and only those nameservers. (That's glue.) There's no way a .com nameserver should be providing A records for hosts in the .au zone. nonetheless it works, though only after a hunt down through the .au servers, until cached. Yes, this is exactly what /should/ happen. Only the .au servers (or servers they delegate to) are authoritative for hosts in the .au zone. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Glue records (was Re: ATTN GARY KLINE)
On Friday 05 November 2010 22:51:01 Robert Bonomi wrote: From owner-freebsd-questi...@freebsd.org Fri Nov 5 02:26:31 2010 From: Jonathan McKeown j.mcke...@ru.ac.za To: freebsd-questions@freebsd.org Date: Fri, 5 Nov 2010 10:27:38 +0200 Subject: Glue records (was Re: ATTN GARY KLINE) When a nameserver delegates a zone, it's not responsible for any of that zone's records any more, with two exceptions. It provides NS records to indicate which nameservers /are/ responsible, and it retains responsibility for the A records of nameservers inside the zone - and only those nameservers. (That's glue.) There's no way a .com nameserver should be providing A records for hosts in the .au zone. sure there is. Domain: foo.com (an aussie company) nameservers ns1.alicesprings.au, ns2.umelbourneatperth.au I think we're agreeing violently ;) The nameservers for the .com zone, when asked about foo.com, should reply with the hostnames of the two nameservers. It shouldn't reply with their IP addresses; the only nameservers that can do that are the ones serving the .au zone or the alicesprings.au and umelbourneatperth.au zones. They're still wrong to bw whinging about a lack o glue records. glue is needed _only_ when the nameserver is _in_ the domain it is the authoritative servr for. So, in the above frivolous example, foo.com does *NOT* need any glue records, but if ns1.alicesprings.au is an authoritative server for alicesprings.au, then *it* needs a glue record for that domain. Well, the glue record will be ``above the cut'': if .au delegates alicesprings.au, it's the .au nameserver that provides the A record for ns1.alicesprings.au; but, yes. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Shopping cart other than OSCommerce?
On Thursday 09 December 2010 01:07:38 Kevin Kinsey wrote: Chuck Swiger wrote: You don't magically get immunity from SQL injection by using JDBC or EOF or whatever, but using bound variables in queries rather than feeding user input into raw SQL, or invoking stored procedures or user-defined functions instead will mitigate one of the more common security problems. And these practices are Good Practice in any language, including PHP. I think a big part of PHP's problem was [... documentation] I don't think it was just documentation. Perl, for example, comes with a standard way to access databases, DBI, which has good practices like binding variables in queries, escaping of input and output and so on, baked in. PHP comes with builtin functions for accessing MySQL databases, which do nothing at all to help the programmer make sensible decisions and follow best practice. There are database abstraction modules for PHP as far as I know, but if someone decides not to use them, is it still as hard as it was to do things safely using the builtin mysql_* functions? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a perl question
On Tuesday 04 January 2011 12:32:00 S Mathias wrote: cat asdf.txt bla-bla bla-bla bla[XYZ] importantthing another important thing [/XYZ] bla-bla bla-bla [XYZ] yet another thing hello! [/XYZ] bla-bla etc. $ SOMEPERLMAGIC asdf.txt output.txt $ cat output.txt importantthing another important thing yet another thing hello! This could mean almost anything (witness another response which excludes lines containing blah or XYZ, which gives the desired output on your test input). Are you actually trying to extract all the lines inside [XYZ]...[/XYZ] tags? are the tags guaranteed not to occur on the lines you need to extract, as they appear here? Because (all on one line) perl -ne 'print if ($check = m{\[XYZ\]} .. m{\[/XYZ\]}) 1 and $check !~ /E0$/' asdf.txt output.txt produces the same output as you have above for the test input. (The .. range operator in scalar context is true as soon as the left-hand expression is true, and false as soon as the right-hand expression is true. It returns 1 each time it becomes true, incrementing integers as it stays true, and appends E0 to the last number as it becomes false, which lets you exclude both endpoints). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Just wanted to install vim - had to spend entire day building X11
On Monday 10 January 2011 15:02:35 Ed Smith wrote: This seems bizarre. Logically, it would seem better to do a split like vim (bare vim - what you would expect) and xvim (vim with X11) similar to how emacs does emacs/xemacs. Er, no. xemacs is a fork of emacs. emacs has X-related dependencies unless you make it WITHOUT_X11. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: problem with shell script
On Wednesday 12 January 2011 17:58:33 David Scheidt wrote: ps ax | grep [s]lapd | wc -l The [] creates a one-character class that doesn't match the regex. Easier to type and grep should be a bit faster. And you can save another process by using ps ax | grep -c '[s]lapd' Although as others have pointed out, you can also use pgrep. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Problems with perl script on 6.1/5.8.8
On Tuesday 06 February 2007 22:24, Don O'Neil wrote: I've got a perl script that just refuses to run on my new 6.1 box with Perl 5.8.8... Whenever I run it from the command line I get this: Can't modify single ref constructor in lock at ./caldisp.pl line 84, near *LOCKF) Execution of ./caldisp.pl aborted due to compilation errors. The lines in question are: if (open (LOCKF, $LOCKF)) { lock (\*LOCKF); } No real comment on the error, but shouldn't you be using flock() rather than lock()? flock is for locking files, lock is for locking shared variables in threads (unless of course you have a lock() subroutine defined somewhere, in which case it overrides the CORE::lock). See perldoc perlopentut for details (it's hard to say more without more context). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Portupgrade moved: use --origin to upgrade it?
I remember seeing some weeks ago that people had run into difficulties when portupgrade moved from sysutils into ports-mgmt, and one recommendation was to deinstall portupgrade and then cd /usr/ports/ports-mgmt/portupgrade make install Possibly silly question: will I be able to avoid problems while still using portupgrade by simply setting the origin, ie portupgrade -NR --origin ports-mgmt/portupgrade portupgrade ? Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Portupgrade moved: use --origin to upgrade it?
On Tuesday 06 March 2007 15:32, Kevin Kinsey wrote: Jonathan McKeown wrote: [can I upgrade portupgrade by] portupgrade -NR --origin ports-mgmt/portupgrade portupgrade ? I'm fairly certain that /usr/ports/UPGRADING said what to do. I checked UPDATING before I posted: it doesn't, just notes the change (20070205). I've (now) got a spare box I can try it on without turning a drama into a crisis if things go wrong. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: reprocess mails in sendmail
On Wednesday 07 March 2007 07:28, kk kumar wrote: Hi all, Do you need to include specific commands to periodically process the queue with sendmail? With sendmail I would explicitly (via cron) rerun queue processing every 30 minutes or so. Is there any better method to do this in sendmail itself. The reason for this question is that some of the mails which needs to be delivered to another mail server was not reachable and this mail was not processed for 4 days. but when i manually flush the queue i am able to send the mail to the RCPT mail server. Any fields i need to change in Sendmail for solving this problem. This should be happening automatically unless you've changed the startup flags from the defaults in /etc/defaults/rc.conf. Read the manpage for rc.sendmail(8). It lists the various options available for starting sendmail. The default values for these settings are in /etc/defaults/rc.conf. Unless you've changed them in /etc/rc.conf, every set of flags contains -q30m which runs the queue every 30 minutes. Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nss_ldap and openldap on the same server.
On Tuesday 13 March 2007 09:16, Gerhard Schmidt wrote: On Tue, Mar 13, 2007 at 12:07:15AM +0100, Pietro Cerutti wrote: On 3/12/07, Gerhard Schmidt [EMAIL PROTECTED] wrote: Hi, Hello, As I see it, nss asks all sources even if the frist one allready knows the answer. Is there a way to change this. man nsswitch.conf(5) Look for Status codes and Actions Doesn't work. Tried the follwing nsswitch.conf group: files [success=return] ldap hosts: files dns networks: files passwd: files [success=return] ldap shells: files This doesn't change the delay. And the nss_ldap timeout is still reported. This is not supprising because the manpage states [success=return] is default. Seams there is a bug somewhere. It's a well-known problem rather than a bug, and it arises when looking up group information for a user. The system needs a list of all the groups the user is a member of. Since it's a list, not a single answer, you can't short-circuit the process with ``success'' after finding a single result: initgroups(3) must work through all possible sources of group information to build the list. The only ``workaround'' I've seen suggested is the parameter introduced recently in nss_ldap: nss_initgroups_ignoreusers It takes a comma-separated list of users for whom the nss_ldap initgroups routine should immediately return NSS_STATUS_NOTFOUND. If you keep group information for all the system users in /etc/group only, and add them all to this line in nss_ldap.conf, it should remove the problem. (Warning: I haven't tested this). Jonathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]