Send freebsd-stable mailing list submissions to
freebsd-stable@freebsd.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-stable digest..."
Today's Topics:
1. Re: Problems with auditd -- resolved (Cristiano Deana)
2. Re: Attention Julian Stacey (Wilko Bulte)
3. [Q] multisync irmc/irmc_bluetooth plugins (Dennis Melentyev)
4. Re: Polling and em0 (Eugene Kazarinov)
5. Re: Attention Julian Stacey (Julian H. Stacey)
6. Re: Polling and em0 (Robert Watson)
7. Re: arrrrgh! Guys, who's breaking -STABLE's gmirror code?!
(Jo Rhett)
8. Re: Attention Julian Stacey (Jase Thew)
9. Re: [Q] multisync irmc/irmc_bluetooth plugins (Pav Lucistnik)
10. Re: [Q] multisync irmc/irmc_bluetooth plugins
(Henrik Brix Andersen)
11. Re: RELENG_6 power button ignored after halt if ACPI enabled
(Mark Kirkwood)
12. Re: bge watchdog timeouts still happening (Ronald Klop)
13. Re: Problems with auditd -- resolved (Ganbold)
14. ath0 weak connectivity (Dmitry Karasik)
15. Re: Problems with auditd -- resolved (Robert Watson)
16. Re: Problems with auditd -- resolved (Ganbold)
17. Re: Problems with auditd -- resolved (Robert Watson)
18. Re: ARRRRGH! Guys, who's breaking -STABLE's GMIRROR code?!
(Oliver Fromme)
19. Re: Problems with auditd -- resolved (Ganbold)
20. Re: ARRRRGH! Guys, who's breaking -STABLE's GMIRROR code?!
(Dave Horsfall)
21. Re: Problems with auditd -- resolved (Robert Watson)
22. Re: [Q] multisync irmc/irmc_bluetooth plugins (Dennis Melentyev)
23. Too dumb to mount as non privileged user ([EMAIL PROTECTED])
24. Re: Too dumb to mount as non privileged user (George Potapov)
25. Re: Too dumb to mount as non privileged user (Jona Joachim)
----------------------------------------------------------------------
Message: 1
Date: Sun, 17 Sep 2006 17:08:25 +0200
From: "Cristiano Deana" <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: "Robert Watson" <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, Ganbold
<[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
2006/9/17, Robert Watson <[EMAIL PROTECTED]>:
> I've just comitted a fix to syscalls.master and regenerated the remaining
> system call files, which should correct the auditctl: Invalid Argument error
> being returned by auditd. In short order, this fix should be on the cvsup
> mirrors -- please let me know if it resolves the problem you were
> experiencing.
auditd up and running, tnx Robert.
I will submit more information.
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
------------------------------
Message: 2
Date: Sun, 17 Sep 2006 17:48:36 +0200
From: Wilko Bulte <[EMAIL PROTECTED]>
Subject: Re: Attention Julian Stacey
To: Maxim Konovalov <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], "Julian H. Stacey" <[EMAIL PROTECTED]>,
[EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
On Sun, Sep 17, 2006 at 12:49:43PM +0400, Maxim Konovalov wrote..
> On Sun, 17 Sep 2006, 02:31-0600, Scott Long wrote:
>
> > Julian H. Stacey wrote:
> >
> > > [EMAIL PROTECTED]
> > >
> > >
> > > >Message-id: <[EMAIL PROTECTED]>
> > > >From: Kris Kennaway <[EMAIL PROTECTED]>
> > >
> > >
> > > >lol, that's the stupidest thing I've heard all week.
> > >
> > >
> > > Inflamatory. Refered to postmaster.
> > >
> >
> > Julian, meet Kris. Kris has been the head of the FreeBSD ports team for
> > a large number of years. He's also written and presented several papers
> > on FreeBSD performance, among many other hobbies and interests. He's a
> > pretty laid back and fun guy, with a sharp sense of humor.
> >
> > Kris, meet Julian. Julian has been a FreeBSD user, contributor, and
> > advocate since before there was such a such a thing as 'FreeBSD', or
> > even 'http' for that matter. I've never met him in person, but based on
> > the many years worth of emails I've seen from him, he seems like a
> > pretty decent and smart fellow.
> >
> > Julian, meet Paul Saab. Paul was a key FreeBSD developer for many years
> > at Yahoo. He's worked on many areas of the FreeBSD codebase, and has
> > been instrumental in gaining and coordinating support for FreeBSD from
> > many corporate vendors. He also runs mu.org as a hobby and as an
> > informal hosting service for many FreeBSD developers, including Kris.
> > He might also one day be able to keep up with me on a snowboard, but
> > we'll just have to wait and see.
> >
> > So, like, now you all know each other, and stuff, so, like, try to get
> > along, m-kay?
> >
> > Scott
>
> But.. how is Scott??
Scott is fine, no worries :-)
--
Wilko Bulte [EMAIL PROTECTED]
------------------------------
Message: 3
Date: Sun, 17 Sep 2006 16:14:04 +0000
From: "Dennis Melentyev" <[EMAIL PROTECTED]>
Subject: [Q] multisync irmc/irmc_bluetooth plugins
To: [EMAIL PROTECTED]
Cc: freebsd-stable@freebsd.org
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=UTF-8; format=flowed
Hi all,
Is it possible to build irmc/irmc-bluetooth plugins?
I tried to play with them a bit, and stuck at the very beginning with
configure unable to find proper entries in obex structures for just
irmc plugin.
Looks like we have "customdata" member in obex_ctrans_t while irmc
code trying to find "userdata".
Bluetooth refers to some bluez/bluez-kernel >=2.3 which means nothing to me.
Is it Linux-only app, or it is possible to make it finally run on FreeBSD?
--
Dennis Melentyev
------------------------------
Message: 4
Date: Sun, 17 Sep 2006 20:20:55 +0400
From: "Eugene Kazarinov" <[EMAIL PROTECTED]>
Subject: Re: Polling and em0
To: freebsd-stable@freebsd.org
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Since 6.1 I have stopped using polling as a regular kernel seems to give
> good performance as compared to polling mode.
> In fact I used to get anything between 55-75megs/sec on 6.1 with regular
> cables but since upgraded to cat6 quality Ethernet cable I get
> practically full gigabit speed with no polling.
> Close to 97megs/sec is the performance I get out of my Dells with the em
> driver, and apparently the new em driver in 6-stable 6.2 is even faster.
>
> em(4) Dell to em(4) Dell
> dell1# cat /dev/zero | dd bs=1m | nc dell2 3000
> ^C0+18456 records in
> 0+18455 records out
> 1209466880 bytes transferred in 12.459299 secs (97,073,429 bytes/sec)
Do you meen that from 6.2 I dont need polling for fastest performance?
------------------------------
Message: 5
Date: Sun, 17 Sep 2006 20:18:59 +0200
From: "Julian H. Stacey" <[EMAIL PROTECTED]>
Subject: Re: Attention Julian Stacey
To: [EMAIL PROTECTED], Scott Long <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Scott Long wrote:
> Julian, meet Paul Saab. Paul was a key FreeBSD developer for many years
Thanks Scott,
Nicely put. Much appreciated. BTW I removed mu.org as a reject
domain record from my .../access first thing this morning, just
before I received your mail. Good you confirmed OK, thanks. No disrepect
to Paul Saab, just hadn't heard of him (just skim many subject).
> Julian, meet Kris. Kris has been the head of the FreeBSD ports team for
Long enough without peer review. Leaders don't post flame bait.
----- Below _Not_ personal criticism of any individual. -----
Ideas of Automatic peer review, rotations etc are used by clubs,
companies, & governments. I'm not aware if FreeBSD has adopted them yet.
- Reviews detects burn out, raised frequency of agression & attitudes etc.
Sabaticals, holidays etc are good for volunteers too, not just employees.
- Core are now elected by commiters, but when I suggested elections
way back, it was flamed on high, so peer review could happen too.
- 7 day suspensions for flamers could also help, unless they apologise
within eg 48 hours to list (not necessarily recipient) for abuse of list.
The problem's not even really list abuse, but that tolerating
spurious alienating agression (by list or private mail) over years
from a tiny minority will have reduced code etc received in consequence
from numerous others deterred. We have no employing boss to knocks
heads, just the opposite, a few whose periodic implicit challenge
is: "Tolerate my periodic agression or I'll take my toys & leave."
Perhaps most wouldn't leave. If they did, we'd still survive,
FreeBSD even survived when John (swap) Dyson very unfortunately got
deterred & left, probably no threatened skill loss would be harder
to replace.
--
Julian Stacey. BSD Unix C Net Consultancy, Munich/Muenchen http://berklix.com
Mail Ascii, not HTML. Ihr Rauch = mein allergischer Kopfschmerz.
Don't buy it ! Get it free ! http://berklix.org/free-software
------------------------------
Message: 6
Date: Sun, 17 Sep 2006 19:33:06 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
Subject: Re: Polling and em0
To: Eugene Kazarinov <[EMAIL PROTECTED]>
Cc: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Sun, 17 Sep 2006, Eugene Kazarinov wrote:
>> Since 6.1 I have stopped using polling as a regular kernel seems to give
>> good performance as compared to polling mode. In fact I used to get
>> anything between 55-75megs/sec on 6.1 with regular cables but since
>> upgraded to cat6 quality Ethernet cable I get practically full gigabit
>> speed with no polling. Close to 97megs/sec is the performance I get out of
>> my Dells with the em driver, and apparently the new em driver in 6-stable
>> 6.2 is even faster.
>>
>> em(4) Dell to em(4) Dell
>> dell1# cat /dev/zero | dd bs=1m | nc dell2 3000
>> ^C0+18456 records in
>> 0+18455 records out
>> 1209466880 bytes transferred in 12.459299 secs (97,073,429 bytes/sec)
>
> Do you meen that from 6.2 I dont need polling for fastest performance?
There are two benefits to polling:
- Moderating interrupt rates
- Scheduling control over the amount of CPU dedicated to network tasks
Modern gigabit cards have interrupt moderation, so in practice you get a
polling-like effect with regard to interrupt rates. With significant
performance improvements in the if_em driver over the last year, it could well
be that the benefits of the scheduling control no longer provide much help.
Gigabit network cards also require a very high polling rate in order to be
effective, since the on-card buffers quickly fill -- as a result, unless the
poll rate (driven by HZ) is set extremely high, polling may actually
significant reduce performance by dramatically increasing packet loss under
load.
Robert N M Watson
Computer Laboratory
University of Cambridge
------------------------------
Message: 7
Date: Sun, 17 Sep 2006 11:55:59 -0700
From: Jo Rhett <[EMAIL PROTECTED]>
Subject: Re: arrrrgh! Guys, who's breaking -STABLE's gmirror code?!
To: Daniel Gerzo <[EMAIL PROTECTED]>
Cc: freebsd-stable@freebsd.org, "hackmiester \(Hunter Fuller\)"
<[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
On Sun, Sep 17, 2006 at 11:39:55AM +0200, Daniel Gerzo wrote:
> Your Windows must be really badly broken, because my Windows XP
> spontaneously rebooted only once in those many years I have been using
> it. In my opinion, XP is pretty decent system.
Your standards are pretty low. I've got freebsd/solaris systems with
uptimes nearing 6 years. I've *NEVER* had a spontaneous reboot from either
operation system. If I did, I'd spent hours in the back hammering down
exactly why.
I don't run either Linux or Windows for exactly the reasons you mention,
except as gaming computers that I wipe/rebuild on a regular basis.
--
Jo Rhett
senior geek
SVcolo : Silicon Valley Colocation
------------------------------
Message: 8
Date: Sun, 17 Sep 2006 20:19:55 +0100
From: Jase Thew <[EMAIL PROTECTED]>
Subject: Re: Attention Julian Stacey
Cc: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Julian H. Stacey wrote:
>> Julian, meet Kris. Kris has been the head of the FreeBSD ports team for
>
> Long enough without peer review. Leaders don't post flame bait.
>
> ----- Below _Not_ personal criticism of any individual. -----
> Ideas of Automatic peer review, rotations etc are used by clubs,
> companies, & governments. I'm not aware if FreeBSD has adopted them yet.
> - Reviews detects burn out, raised frequency of agression & attitudes etc.
> Sabaticals, holidays etc are good for volunteers too, not just employees.
> - Core are now elected by commiters, but when I suggested elections
> way back, it was flamed on high, so peer review could happen too.
> - 7 day suspensions for flamers could also help, unless they apologise
> within eg 48 hours to list (not necessarily recipient) for abuse of list.
>
> The problem's not even really list abuse, but that tolerating
> spurious alienating agression (by list or private mail) over years
> from a tiny minority will have reduced code etc received in consequence
> from numerous others deterred. We have no employing boss to knocks
> heads, just the opposite, a few whose periodic implicit challenge
> is: "Tolerate my periodic agression or I'll take my toys & leave."
> Perhaps most wouldn't leave. If they did, we'd still survive,
> FreeBSD even survived when John (swap) Dyson very unfortunately got
> deterred & left, probably no threatened skill loss would be harder
> to replace.
>
No disrespect intended, but I think you need to obtain a sense of humour.
J.
------------------------------
Message: 9
Date: Sun, 17 Sep 2006 22:55:24 +0200
From: Pav Lucistnik <[EMAIL PROTECTED]>
Subject: Re: [Q] multisync irmc/irmc_bluetooth plugins
To: Dennis Melentyev <[EMAIL PROTECTED]>
Cc: freebsd-stable@FreeBSD.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-2"
Dennis Melentyev p�e v ne 17. 09. 2006 v 16:14 +0000:
> Is it possible to build irmc/irmc-bluetooth plugins?
>
> I tried to play with them a bit, and stuck at the very beginning with
> configure unable to find proper entries in obex structures for just
> irmc plugin.
> Looks like we have "customdata" member in obex_ctrans_t while irmc
> code trying to find "userdata".
>
> Bluetooth refers to some bluez/bluez-kernel >=2.3 which means nothing to me.
>
> Is it Linux-only app, or it is possible to make it finally run on FreeBSD?
bluez is a Linux Bluetooth stack implementation. I don't think any of
currently unported multisync plugins will be easy to get going on
FreeBSD, otherwise I would already ported them.
Plus, Multisync is dead in water, project abandoned...
--
Pav Lucistnik <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Maybe I should go ask that elvish wizard standing over there
(YES A REAL ELF IS STANDING IN MY ROOM!),
he should be able to tell me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: Toto je =?UTF-8?Q?digit=C3=A1ln=C4=9B?=
=?ISO-8859-1?Q?_podepsan=E1?= =?UTF-8?Q?_=C4=8D=C3=A1st?=
=?ISO-8859-1?Q?_zpr=E1vy?=
Url :
http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060917/9068bdf8/attachment-0001.pgp
------------------------------
Message: 10
Date: Sun, 17 Sep 2006 23:23:07 +0200
From: Henrik Brix Andersen <[EMAIL PROTECTED]>
Subject: Re: [Q] multisync irmc/irmc_bluetooth plugins
To: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
On Sun, Sep 17, 2006 at 10:55:24PM +0200, Pav Lucistnik wrote:
> Plus, Multisync is dead in water, project abandoned...
Not completely true. Multisync in its current form is abandoned, but
a new version based on the OpenSync framework
(http://www.opensync.org/) is in the works.
Regards,
Brix
--
Henrik Brix Andersen <[EMAIL PROTECTED]>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 209 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060917/c920dcce/attachment-0001.pgp
------------------------------
Message: 11
Date: Mon, 18 Sep 2006 11:10:24 +1200
From: Mark Kirkwood <[EMAIL PROTECTED]>
Subject: Re: RELENG_6 power button ignored after halt if ACPI enabled
To: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; format=flowed; charset=ISO-8859-1
Oops - didn't know about the -acpi mailing list, will post there, sorry.
Mark
------------------------------
Message: 12
Date: Mon, 18 Sep 2006 01:22:43 +0200
From: "Ronald Klop" <[EMAIL PROTECTED]>
Subject: Re: bge watchdog timeouts still happening
To: "Kent Stewart" <[EMAIL PROTECTED]>, freebsd-stable@freebsd.org
Cc: Gleb Smirnoff <[EMAIL PROTECTED]>, Herve Boulouis
<[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; format=flowed; delsp=yes; charset=utf-8
On Fri, 15 Sep 2006 21:33:00 +0200, Kent Stewart <[EMAIL PROTECTED]> wrote:
> On Friday 15 September 2006 09:28, Herve Boulouis wrote:
>> Le 15/09/2006 18:05, Gleb Smirnoff a écrit:
>> > H> bge0: <Broadcom BCM5700 B2, ASIC rev. 0x7102> mem
>> > 0xfeb00000-0xfeb0ffff irq 17 at device 8.0 on pci1 H> miibus0: <MII
>> > bus> on bge0
>> > H> brgphy0: <BCM5401 10/100/1000baseTX PHY> on miibus0
>> > H> brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX,
>> > 1000baseTX, 1000baseTX-FDX, auto H> bge0: Ethernet address:
>> > 00:06:5b:1a:7f:4a
>> >
>> > Is it integrated or not? I've got exactly the same NIC and I can
>> > try to reproduce the problem if you describe the workload.
>>
>> Yes, it's the onboard bge. Workload is 10-25 Mbit/s of web hosting.
>
> It seems to be at the top of the tree somewhere because people are also
> seeing the watchdog timeouts on em and I get them on the gigabit re's.
>
> I got them downloading the kde-3.5.4 distfiles on a 768kb DSL line. I
> had setiathome running, which keeps the cpu useage close to 100%.
Is it possible this has something to do with the merge of taskqueue in
6-STABLE?
--
Ronald Klop
Amsterdam, The Netherlands
------------------------------
Message: 13
Date: Mon, 18 Sep 2006 15:16:20 +0900
From: Ganbold <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Robert Watson <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Robert Watson wrote:
>
> Dear all,
>
> I've just comitted a fix to syscalls.master and regenerated the
> remaining system call files, which should correct the auditctl:
> Invalid Argument error being returned by auditd. In short order, this
> fix should be on the cvsup mirrors -- please let me know if it
> resolves the problem you were experiencing.
Hi,
After installing and running auditd I don't see any log files for auditd:
daemon# ls -l /var/audit/
total 0
-r--r----- 1 root audit 0 Sep 18 14:23 20060918052316.20060918060339
-r--r----- 1 root audit 0 Sep 18 15:03 20060918060339.not_terminated
I have custom /etc/security/audit_control and audit_user files.
daemon# more /etc/security/audit_control
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_control#3 $
# $FreeBSD: src/contrib/openbsm/etc/audit_control,v 1.2.2.1 2006/09/02
10:46:00 rwatson Exp $
#
dir:/var/audit
flags:all
minfree:20
naflags:lo
#
# $P4: //depot/projects/trustedbsd/openbsm/etc/audit_user#3 $
# $FreeBSD: src/contrib/openbsm/etc/audit_user,v 1.2.2.1 2006/09/02
10:46:00 rwatson Exp $
#
#root:lo:no
root:all:no
I'm bit confused here I thought auditd should log all activities, but I
don't see any log files.
Am I doing something wrong here or my understanding regarding auditd is
wrong?
thanks in advance,
Ganbold
>
> Thanks,
>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
>
>
------------------------------
Message: 14
Date: Mon, 18 Sep 2006 10:31:39 +0200
From: Dmitry Karasik <[EMAIL PROTECTED]>
Subject: ath0 weak connectivity
To: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=koi8-r
Hi,
Has anyone experienced problems with ath0 giving bad connectivity on
6.1-STABLE? My wireless card reported as Atheros 5212 rapidly loses
connectivity if I move it more than 2-3 meters away from the access
point, but the same notebook connects well from under windows.
I tried both kernel with both old device ath_rate_sample and ath_rate_onoe,
tried to play with AP's settings, changed transmit rate and beacon
interval, nothing helps. One interesting thing though is that "ifconfig ath0
scan" reports my station as configured to 119ms beacon interval, while
it is set to 100ms actually.
Anything else I can try?
--
Sincerely,
Dmitry Karasik
------------------------------
Message: 15
Date: Mon, 18 Sep 2006 10:23:08 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Ganbold <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Mon, 18 Sep 2006, Ganbold wrote:
> #
> # $P4: //depot/projects/trustedbsd/openbsm/etc/audit_user#3 $
> # $FreeBSD: src/contrib/openbsm/etc/audit_user,v 1.2.2.1 2006/09/02 10:46:00
> rwatson Exp $
> #
> #root:lo:no
> root:all:no
>
> I'm bit confused here I thought auditd should log all activities, but I
> don't see any log files. Am I doing something wrong here or my understanding
> regarding auditd is wrong?
Your configuration looks right to me, and should be generating a ridiculous
number of audit records. Could you try rebooting and logging in again?
audit_user entries take effect only as of login, similar to /etc/group
settings, etc. How are you logging into the system?
On my local RELENG_6 system, with the recent auditctl(2) fix, I'm using the
following global settings to audit programs run by authenticated users:
dir:/var/audit
flags:lo,+ex
minfree:20
naflags:lo
It seems to be working properly. User space login/logout auditing won't work
in RELENG_6 until the MFC of Christian's recent tweaks to pipe preselection,
which will occurr in a few days (and hence should appear in BETA2).
Robert N M Watson
Computer Laboratory
University of Cambridge
------------------------------
Message: 16
Date: Mon, 18 Sep 2006 18:39:47 +0900
From: Ganbold <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Robert Watson <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Robert Watson wrote:
> On Mon, 18 Sep 2006, Ganbold wrote:
>
>> #
>> # $P4: //depot/projects/trustedbsd/openbsm/etc/audit_user#3 $
>> # $FreeBSD: src/contrib/openbsm/etc/audit_user,v 1.2.2.1 2006/09/02
>> 10:46:00 rwatson Exp $
>> #
>> #root:lo:no
>> root:all:no
>>
>> I'm bit confused here I thought auditd should log all activities, but
>> I don't see any log files. Am I doing something wrong here or my
>> understanding regarding auditd is wrong?
>
> Your configuration looks right to me, and should be generating a
> ridiculous number of audit records. Could you try rebooting and
> logging in again? audit_user entries take effect only as of login,
> similar to /etc/group settings, etc. How are you logging into the
> system?
This is my desktop system and I updated today to latest RELENG_6.
daemon# uname -an
FreeBSD daemon.micom.mng.net 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #6:
Mon Sep 18 12:56:04 ULAST 2006
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GDAEMON i386
I tried to restart several times auditd using /etc/rc.d/auditd script.
daemon# /etc/rc.d/auditd restart
Trigger sent.
Starting auditd.
daemon# /etc/rc.d/auditd restart
Trigger sent.
auditd already running? (pid=2065).
daemon# /etc/rc.d/auditd restart
Error sending trigger: Operation not supported by device
Starting auditd.
daemon# /etc/rc.d/auditd restart
Trigger sent.
auditd already running? (pid=2095).
daemon# /etc/rc.d/auditd restart
Error sending trigger: Operation not supported by device
Starting auditd.
daemon# /etc/rc.d/auditd restart
Trigger sent.
Starting auditd.
daemon# ps ax | grep audit
10 ?? DL 0:00.00 [audit_worker]
2141 ?? Ss 0:00.01 /usr/sbin/auditd
2143 p3 RV 0:00.00 grep audit (csh)
daemon# ps ax | grep audit
10 ?? DL 0:00.00 [audit_worker]
2141 ?? Ss 0:00.01 /usr/sbin/auditd
Strange, there are still no logs in /var/audit dir :( Even tried to use
your config, no success.
However when I logged on to my desktop from console to itself (ssh -l
tsgan localhost) it starts logging.
But why it is not logging when I'm on console?
>
> On my local RELENG_6 system, with the recent auditctl(2) fix, I'm
> using the following global settings to audit programs run by
> authenticated users:
>
> dir:/var/audit
> flags:lo,+ex
> minfree:20
> naflags:lo
>
> It seems to be working properly. User space login/logout auditing
> won't work in RELENG_6 until the MFC of Christian's recent tweaks to
> pipe preselection, which will occurr in a few days (and hence should
> appear in BETA2).
I see.
thanks,
Ganbold
>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
>
>
------------------------------
Message: 17
Date: Mon, 18 Sep 2006 10:46:17 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Ganbold <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Mon, 18 Sep 2006, Ganbold wrote:
> Strange, there are still no logs in /var/audit dir :( Even tried to use your
> config, no success. However when I logged on to my desktop from console to
> itself (ssh -l tsgan localhost) it starts logging. But why it is not logging
> when I'm on console?
Are you using xdm/kdm/gdm/etc or /usr/bin/login? I'm not sure that the
various GUI login managers associated with X11 ship with BSM support compiled
in by default, although given that they also run on Solaris, it is likely they
support it.
Robert N M Watson
Computer Laboratory
University of Cambridge
------------------------------
Message: 18
Date: Mon, 18 Sep 2006 11:50:31 +0200 (CEST)
From: Oliver Fromme <[EMAIL PROTECTED]>
Subject: Re: ARRRRGH! Guys, who's breaking -STABLE's GMIRROR code?!
To: freebsd-stable@FreeBSD.ORG
Message-ID: <[EMAIL PROTECTED]>
Michael Abbott wrote:
> Roland Smith wrote:
> > Martin Nilsson wrote:
> > > Hans Lambermont wrote:
> > > .. or just stop calling it STABLE and call it RELENG_6 instead
> >
> > That's a good idea, IMHO. When I started with FreeBSD I found the
> > difference between the branch names and cvs tags confusing.
>
> Let me second that. I hadn't realised that STABLE==RELENG_n (where n is
> the current version number) until very recently, and I've seen the "STABLE
> isn't stable" thing crop up over and over again over the last few years,
> both on mailing lists and IRC.
Actually, FreeBSD has three types of branches:
- current a.k.a. HEAD
- X-stable a.k.a. RELENG_X
- X.Y security branch a.k.a. RELENG_X_Y
I think it would be better to rename the 2nd one "RELENG"
(instead of "STABLE"), because that's exactly what it is:
the release-engineering branch from which the releases are
derived.
The term "STABLE" would be much better suitable for the
3rd type of branches which are currently called "security
branches". Thus we would have:
- current
- releng
- stable
Then the names match exactly what the branches are:
"current" is the current head of experimental development,
"releng" is the release engineering branch, and "stable"
is the stable branch for people who want to track only
security fixes and the most critical stuff.
Such appropriate naming would certainly prevent a lot of
confusion.
Best regards
Oliver
--
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.
"The last good thing written in C was
Franz Schubert's Symphony number 9."
-- Erwin Dieterich
------------------------------
Message: 19
Date: Mon, 18 Sep 2006 18:52:46 +0900
From: Ganbold <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Robert Watson <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Robert Watson wrote:
>
> On Mon, 18 Sep 2006, Ganbold wrote:
>
>> Strange, there are still no logs in /var/audit dir :( Even tried to
>> use your config, no success. However when I logged on to my desktop
>> from console to itself (ssh -l tsgan localhost) it starts logging.
>> But why it is not logging when I'm on console?
>
> Are you using xdm/kdm/gdm/etc or /usr/bin/login? I'm not sure that
> the various GUI login managers associated with X11 ship with BSM
> support compiled in by default, although given that they also run on
> Solaris, it is likely they support it.
Ok, I'm using gnome and gnome-terminal, and it is not logging. Probably
gnome-terminal is not compiled with BSM support.
Auditd logs when I go to console using ctrl+alt+f2 combination from X.
Thanks for clarifying this.
Ganbold
>
> Robert N M Watson
> Computer Laboratory
> University of Cambridge
>
>
>
------------------------------
Message: 20
Date: Mon, 18 Sep 2006 20:19:28 +1000 (EST)
From: Dave Horsfall <[EMAIL PROTECTED]>
Subject: Re: ARRRRGH! Guys, who's breaking -STABLE's GMIRROR code?!
To: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Mon, 18 Sep 2006, Oliver Fromme wrote:
[...]
> Then the names match exactly what the branches are: "current" is the
> current head of experimental development, "releng" is the release
> engineering branch, and "stable" is the stable branch for people who
> want to track only security fixes and the most critical stuff.
Which is pretty well what OpenLDAP does; over there, HEAD is bleeding
edge, RELEASE is the latest version, and STABLE is, well, stable as
understood by most humans...
See http://www.openldap.org/software/download/
-- Dave
------------------------------
Message: 21
Date: Mon, 18 Sep 2006 11:29:02 +0100 (BST)
From: Robert Watson <[EMAIL PROTECTED]>
Subject: Re: Problems with auditd -- resolved
To: Ganbold <[EMAIL PROTECTED]>
Cc: Joerg Pernfuss <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
Cristiano Deana <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Mon, 18 Sep 2006, Ganbold wrote:
> Robert Watson wrote:
>>
>> On Mon, 18 Sep 2006, Ganbold wrote:
>>
>>> Strange, there are still no logs in /var/audit dir :( Even tried to use
>>> your config, no success. However when I logged on to my desktop from
>>> console to itself (ssh -l tsgan localhost) it starts logging. But why it
>>> is not logging when I'm on console?
>>
>> Are you using xdm/kdm/gdm/etc or /usr/bin/login? I'm not sure that the
>> various GUI login managers associated with X11 ship with BSM support
>> compiled in by default, although given that they also run on Solaris, it is
>> likely they support it.
> Ok, I'm using gnome and gnome-terminal, and it is not logging. Probably
> gnome-terminal is not compiled with BSM support. Auditd logs when I go to
> console using ctrl+alt+f2 combination from X. Thanks for clarifying this.
Basically, at login, the audit subsystem determins what new audit properties
are required for the login session and assigns them to the process, which
consists of both the audit identifier associated with the user, and the
preselection mask. Events associated with non-authenticated sessions (which
is what gdm logins will count as) should still get audited using the
properties for the global naflags setting, so if you want to audit events
associated with gdm you can set naflags to include more events. This will
also be what audits things like web server activity, so it may result in
significant numbers of events being audited as part of that also.
We will need to add audit extensions to new login mechanisms, such as
xdm/kdm/gdm, or enable them if already present but not enabled on FreeBSD by
default. OpenSSH, for example, already included BSM support due to Solaris
and Mac OS X BSM, so we just enabled it by switching a flag in the compile
(and also fixed a bug in it!). We should probably talk to the maintainers of
these ports about investigating creating or enabling BSM support.
Robert N M Watson
Computer Laboratory
University of Cambridge
------------------------------
Message: 22
Date: Mon, 18 Sep 2006 13:42:47 +0300
From: "Dennis Melentyev" <[EMAIL PROTECTED]>
Subject: Re: [Q] multisync irmc/irmc_bluetooth plugins
To: freebsd-stable@freebsd.org
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=UTF-8; format=flowed
2006/9/18, Henrik Brix Andersen <[EMAIL PROTECTED]>:
> On Sun, Sep 17, 2006 at 10:55:24PM +0200, Pav Lucistnik wrote:
> > Plus, Multisync is dead in water, project abandoned...
>
> Not completely true. Multisync in its current form is abandoned, but
> a new version based on the OpenSync framework
> (http://www.opensync.org/) is in the works.
Thanks, will check it.
--
Dennis Melentyev
------------------------------
Message: 23
Date: Mon, 18 Sep 2006 13:12:29 +0200
From: [EMAIL PROTECTED]
Subject: Too dumb to mount as non privileged user
To: <freebsd-stable@freebsd.org>
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=UTF-8
Hello,
using a 6.2-PRERELEASE I am not able to let a normal user mount a cdrom.
I have tried the following:
o vfs.usermount=1 to sysctl.conf
o added group usermounters
o added user to usermounters
o own acd0 root:usermounters to devfs.conf
o perm acd0 0660 to devfs.conf
o created directory with ownership of non privileged user
o reboot
Trying to mount as user to the users own directory yields 'operation not
permitted' error.
So I changed the ownerships to 0666 but this didn't help either.
I doublechecked sysctl, groups and ownerships. Can please anybody give me a
hint?
TIA
Norbert
------------------------------
Message: 24
Date: Mon, 18 Sep 2006 15:36:05 +0400
From: George Potapov <[EMAIL PROTECTED]>
Subject: Re: Too dumb to mount as non privileged user
To: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="utf-8"
On Monday 18 September 2006 15:12, [EMAIL PROTECTED] wrote:
> So I changed the ownerships to 0666 but this didn't help either.
> I doublechecked sysctl, groups and ownerships. Can please anybody give me a
> hint?
IIRC the mount point directory must be owned by the user attempting the mount.
------------------------------
Message: 25
Date: Mon, 18 Sep 2006 13:36:08 +0200
From: Jona Joachim <[EMAIL PROTECTED]>
Subject: Re: Too dumb to mount as non privileged user
To: [EMAIL PROTECTED]
Cc: freebsd-stable@freebsd.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=UTF-8
[EMAIL PROTECTED] wrote:
> Hello,
>
> using a 6.2-PRERELEASE I am not able to let a normal user mount a cdrom.
> I have tried the following:
>
> o vfs.usermount=1 to sysctl.conf
> o added group usermounters
> o added user to usermounters
> o own acd0 root:usermounters to devfs.conf
> o perm acd0 0660 to devfs.conf
> o created directory with ownership of non privileged user
> o reboot
>
> Trying to mount as user to the users own directory yields 'operation not
permitted' error.
>
> So I changed the ownerships to 0666 but this didn't help either.
> I doublechecked sysctl, groups and ownerships. Can please anybody give me a
hint?
Make sure the cd9660 kernel module is loaded before you mount a CD as
user. The first time you mount a CD the module is loaded but a user is
not allowed to load a kernel module. You may want to load the module
during boot time by putting a corresponding entry in /boot/loader.conf
--jona
------------------------------
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
End of freebsd-stable Digest, Vol 175, Issue 1
**********************************************
