Re: FreeBSD's Visual Identity: Outdated?
Ramiro Aceves wrote: > jsha wrote: >> 1. Not only is the logo misleading (associating evil) but it also looks >>like something 10-year-olds could produce in Paint Shop Pro ten years >>ago. OpenBSD has an artistic touch to theirs, however I was very >>disappointed when I heard that the new NetBSD logo was in effect. > > I really like the devil, it is nice and pleasant for me. A bit OT, but to make things clear I'd like to point out it's not the devil. It's a daemon. BSD Daemon. "Many people equate the word ``daemon'' with the word ``demon,'' implying some kind of Satanic connection between UNIX and the underworld. This is an egregious misunderstanding. ``Daemon'' is actually a much older form of ``demon''; daemons have no particular bias towards good or evil, but rather serve to help define a person's character or personality. The ancient Greeks' concept of a ``personal daemon'' was similar to the modern concept of a ``guardian angel'' --- ``eudaemonia'' is the state of being helped or protected by a kindly spirit. As a rule, UNIX systems seem to be infested with both daemons and demons." quote from: http://www.freebsd.org/copyright/daemon.html Regards, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-arch To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
issue with pf.conf (was: Re: Clients receive only first 4k (issue with pf.conf) -- ignore others)
Scott Stevenson wrote:
>
> On May 30, 2005, at 9:23 AM, Scott Stevenson wrote:
>
>> The problem is that if I use the version without "keep state," the
>> machine can't send outbound mail, and I see messages like this in
>> maillog:
>>
>> May 30 09:14:33 vertigo qmail: 1117469673.126013 delivery 639634:
>> deferral
>> Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/
>>
>> In fact, I tried to send this message to the list twice yesterday,
>> but realized that mail packets were being filtered out. I looked at
>> pflog0 while mail was being sent, but I wasn't able to find the
>> bounced packets. Here's the relevant smtp line:
>>
>> pass in quick on $ext_if proto { tcp, udp } from any to any
>> port 25
>>
>>
>> I'm much more familiar with the firewalls bundled with various linux
>> distributions, so I'm really stumped. I've read through various
>> sections of the PF faq, but I haven't found an answer to this.
>>
>
>
> Sorry to post *yet again* on this, but I think I finally figured out
> what was wrong. I want to post a follow-up for the archives. The
> solution to "partial page" Apache problem was to balance the "keep
> state" directives.
>
>
> Originally, the httpd line looked like this:
>
> pass in quick on $ext_if proto { tcp, udp } from any to any port 80
>
> And the "out" line looked like this:
>
> pass out on $ext_if proto { tcp, udp } all keep state
>
>
> The solution was to change the httpd line to this:
>
> pass in quick on $ext_if proto { tcp, udp } from any to any port
> 80 keep state
That 'keep state' turns on stateful inspection. Here's quick info from
PF FAQ:
<>[1]
(emphasis mine)
That means, you'll need to set up rules for originating packets only
(the rest is handled automagically).
> Does it make sense that I'd need "keep state" for both in and out, or
> is this a PF bug?
It depends on what you need. Does this machine run Apache only? Do you
want your Apache to make _outgoing_ connections? If not, you'll most
probably want to open incoming traffic only (keeping states):
pass in quick on $ext_if proto { tcp, udp } from any to any port 80
keep state
and do _not_ let outgoing connections with "pass out ...".
But if you want to browse websites from that machine, you'll need the
"pass out ... port 80 keep state", too.
While we're here, do you really need UDP traffic to Apache server? You
may also want to look at TCP Flags in FAQ[2]. Here's simple config I
use for serving http:
==
set block-policy return
scrub in all
block in log all
block out log all
pass in quick on lo0
pass out quick on lo0
pass in log quick on $ext_if inet proto tcp from any to $ext_if port
80 flags S/SA keep state
==
> Should I add it to these as well?
>
> pass in quick on $ext_if proto { tcp, udp } from any to any port 25
> pass in quick on $ext_if proto { tcp, udp } from any to any port 53
Yes, if you want them visible from Internet.
Looking at the "pass out" rule it's not clear to me what is the
purpose of this machine. To receive more help please specify the setup
(is this machine directly connected to Internet? what services are
running? what do you want to pass inside/outside? pf.conf, etc.) And,
of course, looking at PF's FAQ (http://www.openbsd.org/faq/pf/) might
be a good idea. Hope that helps.
Regards,
Karol
[1] http://www.openbsd.org/faq/pf/filter.html#state
[2] http://www.openbsd.org/faq/pf/filter.html#tcpflags
--
Karol Kwiatkowski
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: problem building sendmail+sasl
Robert Huff wrote: > I'm trying to add SASL to sendmail (more accurately, to make it > so it's done as part of the default sendmail build under -CURRENT). > I have: > > 1) installed cyrus-sasl-2.1.20_1 > 2) added > > SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL=2 > SENDMAIL_LDFLAGS=-L/usr/local/lib > SENDMAIL_LDADD=-lsasl2 > > to /etc/make,conf For what it's worth (since nobody replied yet) I've got these in make.conf (5.4-RELEASE, 5.2.1-5.3-R previously): SENDMAIL_CFLAGS+= -I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+=-lsasl2 Sorry for the luck of details, I wrote that many months ago, but it should give you a point to start. Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Inetd and a service listening only on localhost
cpghost wrote: > Karol Kwiatkowski wrote: > >> I've never used inetd and I'm not sure what will happen if a >> connection is made from outside to a service which is configured to >> listen only on localhost. >> >> > When you use inetd, the spawned process gets its data from stdin, > not from a socket. It is irrelevant that the spawned program listens > on localhost (in addition to stdin). Its the stdin path of that program > that you should watch when using inetd. Ah, that's what I was missing. I guess I was mixing apples and oranges. Now that I know that, I looked at the source and (surprise!) in inetd mode popa3d daemon doesn't even try to open the port, just opens a pipe. Thanks! It's clear to me now it's inetd which must be controlled. The -a option looks best even if this means running two inetd instances as Giorgos explained in other email. The main reason I asked was 'what if someone sets popa3d port to compile in inetd mode with localhost-only option enabled?' and I was worried about TCP connection not being able to reach a service (which is not supposed to do that in the first place). As for the port I think patching the source in such case doesn't make any sense (patch would be applied but that part of the code is never used) so I guess appropriate message will be best. > Of course, you could use TCP Wrappers in inetd. Or check out inetd's -a > flag to bind inetd only to localhost (but check with sockstat -l that inetd > REALLY honors this flag!). Setting -a for inetd is a global change though > that affects everything that you start through inetd! > > But why won't you use a firewall like pf or ipfw to protect the service in > the first place? Just do this in addition to TCP Wrapper's > hosts_access(5) and > inetd's "-a 127.0.0.1" setting. It's better to be safe than sorry :-) > >> Is possible to run a service listening only on localhost with inetd? >> How to configure inetd in such case (an entry in /etc/hosts.allow?) >> or should I disable such configuration? >> >> > If you want to set the -a flag to bind inetd to localhost only, override > inetd_flag in > /etc/rc.conf (from the value it has in /etc/defaults/rc.conf), then > restart inetd. Yes, all that sounds reasonable now. Thanks cpghost and all who replied! Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Inetd and a service listening only on localhost
Hello everyone, I'm in the process of learning ports system. I've made some changes to an existing port (in the Makefile and a patch) for my use but thought about mailing them to the port maintainer. So now I need to be more serious ;) The port (popa3d) is a pop3 daemon which can be run from inetd or as standalone. I've made a patch and added a knob to Makefile to make popa3d listen only on localhost (I run it as standalone with stunnel). I've never used inetd and I'm not sure what will happen if a connection is made from outside to a service which is configured to listen only on localhost. Is possible to run a service listening only on localhost with inetd? How to configure inetd in such case (an entry in /etc/hosts.allow?) or should I disable such configuration? Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: illegal user root user failed login attempts
Daniel Bye wrote: > On Tue, Apr 26, 2005 at 09:22:34AM +0100, Peter Kropholler wrote: >>Is there any way to actually record what passwords >>the hackers' scripts are trying? I am just really intrigued >>to know what they are thinking might work. > > > No - ssh transport is encrypted even by the time passwords are involved. But in this scenario it is me (sshd) who does encryption/decryption :) As I understand it, there's no way to log password except hacking ssh daemon source code. This link might help: http://seclists.org/lists/incidents/2005/Feb/0004.html (I haven't tried it and patch is against OpenSSH 3.5p1 - be careful) Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to create a file (Was: Re: i need a file manager!)
Karol Kwiatkowski wrote: > Gert Cuykens wrote: > >>how do you create a new file in cm without using touch in the cmd line :) > > > You could use something like: > > echo "" > my_new_file > Uh... After reading the other response I guess I misread 'cm' as 'command line' instead of 'midnight commander'. Sorry for the noise. Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
How to create a file (Was: Re: i need a file manager!)
Gert Cuykens wrote: > how do you create a new file in cm without using touch in the cmd line :) You could use something like: echo "" > my_new_file But is it worth it? ;) Cheers, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Router/Firewall?
[please cc freebsd-questions, someone may be interested, too] Aperez wrote: > Karol Kwiatkowski wrote: > >> Aperez wrote: >> >> >>> Hi: >>> >>> I am trying to set up a router/firewall with Freebsd 5.3 this is my >>> information: >>> >>> Winxp and Freebsd machine connected to Firewall machine using a hub >>> >>> Firewall has two ethernet cards: card1: dc0 connected to cable internet >>> using DHCP >>>card 2: rl0 setup to use >>> 192.168.1.1 >>> >>> I can connect to the internet from the firewall: ping -c 3 www.yahoo.con >>> successfull >>> I can ping from Firewall to the other two machines (WinXP and FreeBSD) >>> I can ping from XP to FreeBsd and Firewall >>> I can pin from FreeBSD to XP and Firewall >>> >> >> >> OK, it appears your internal network is working. >> >> Did you set 'defaultrouter' on FreeBSD and XP (whatever it may be >> called on Windows) to 192.168.1.1 (IP of the gateway)? >> >> >> >> >>> Here is the problem: I cant connect to internet from neither XP nor >>> FreeBSD machine >>> >>> Here is my rc.conf from the firewall machine: >>> >>> gateway_enable="YES" >>> ifconfig_lo0="inet 127.0.0.1" >>> ifconfig_dc0="DHCP" >>> ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0" >>> ipfilter_enable="YES" >>> ipmon_enable="YES" >>> ipmon_flags="-Dsvn" >>> ipnat_enable="YES" >>> >> >> >> What rules do you have in ipfilter and ipnat? Have you enabled NAT? >> >> >> >> >>> ipfs_enable="YES" >>> >>> Can anyabody tell me what I am missing? >>> >> >> >> Regards, >> >> Karol >> >> >> > Hi > > I did set up Winxp to use 192.168.1.1 as gateway and I put > defaultrouter=192.168.1.1 in the Freebsd machine. > > I dont have rules for ipfilter because I was trying to see if there was > connectivity box---firewall---internet. > Do I have to have ipnat rules in oder for the machines to connect to the > internet? Yes. NAT is not working yet. With ipnat_enable="YES" you've just enabled ipnat but you didn't tell it what to do yet. Something like this would do: > map dc0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto# NAT for LAN +port > mapping > map dc0 192.168.1.0/24 -> 0/32 # NAT for LAN (icmp) But keep in mind I no longer use ipfilter/ipnat. Please check manpage for ipnat(1). Also handbook section: 24.5.14 NAT http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html > Dind't I enable natd by putting "ipnat_enable="YES"" or do I have to put this > instead natd_enable="YES"? 'natd' is another way to do NAT. You'll need only one of them. And ipnat just doesn't do NAT yet. Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Router/Firewall?
Aperez wrote: > Hi: > > I am trying to set up a router/firewall with Freebsd 5.3 this is my > information: > > Winxp and Freebsd machine connected to Firewall machine using a hub > > Firewall has two ethernet cards: card1: dc0 connected to cable internet > using DHCP > card 2: rl0 setup to use > 192.168.1.1 > > I can connect to the internet from the firewall: ping -c 3 www.yahoo.con > successfull > I can ping from Firewall to the other two machines (WinXP and FreeBSD) > I can ping from XP to FreeBsd and Firewall > I can pin from FreeBSD to XP and Firewall OK, it appears your internal network is working. Did you set 'defaultrouter' on FreeBSD and XP (whatever it may be called on Windows) to 192.168.1.1 (IP of the gateway)? > Here is the problem: I cant connect to internet from neither XP nor > FreeBSD machine > > Here is my rc.conf from the firewall machine: > > gateway_enable="YES" > ifconfig_lo0="inet 127.0.0.1" > ifconfig_dc0="DHCP" > ifconfig_rl0="inet 192.168.1.1 netmask 255.255.255.0" > ipfilter_enable="YES" > ipmon_enable="YES" > ipmon_flags="-Dsvn" > ipnat_enable="YES" What rules do you have in ipfilter and ipnat? Have you enabled NAT? > ipfs_enable="YES" > > Can anyabody tell me what I am missing? Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: su: Sorry
Gert Cuykens wrote: > Why can i not su accessing the server true ssh ? > > $ su > su: Sorry > $ http://lists.freebsd.org/mailman/htdig/freebsd-questions/2004-November/063643.html Cheers, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: keeping freebsd uptodate - doubt
saravanan ganapathy wrote: > What is the recommended period to update the ports? Someone else should comment on that, but I think updating (cvsup) ports tree once a week should be often enough to track changes and rare enough to not overload mirrors. That applies to single desktop machine, if you're using more machines / servers it's probably better to setup local mirror for that. As for installed ports, I think you should update installed port when: 1. there are security patches available (a must) 2. there is a new version available with new features / better performance / etc (but only if you need/want the new functionality) ad1: You have already installed portaudit which takes care of security warnings. Have a look at daily "security run output" emails. For example, today I got: > [snip] > Checking for a current audit database: > > Database created: Tue Feb 1 02:40:19 CET 2005 > > Checking for packages with security vulnerabilities: > > Affected package: perl-5.8.5 > Type of problem: perl -- File::Path insecure file/directory permissions. > Reference: > <http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html> > [snip] Then I went to http://www.freebsd.org/ports/index.html, saw it has been already updated in ports, fired up cvsup... ad2: When such event occurs (say, new version of KDE) just update ports tree and do a portupgrade. > Is there any announcements for any port update? So > that I can manually update the ports. I think http://www.freshports.org/ or http://www.freebsd.org/ports/index.html could be what you want. > Is portupgrade contains the security patches also? I'm not sure what that means. Portupgrade simply updates a port, it takes all patches provided by port manager, applies them, compile, etc. (in case of building from source). So, if there are any security patches for a port, yes, portupgrade will take care of them. Hope that helps, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: using portversion (Was: keeping freebsd uptodate - doubt)
Karol Kwiatkowski wrote: > so it would be like: > > # portversion -vL"<" doh! should be: # portversion -vL"=" Sorry! -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: using portversion (Was: keeping freebsd uptodate - doubt)
Chris Hodgins wrote: >>> 4) portversion -v >> >> 'portversion -v | grep -v "=" ' is what I use. >> > > You shouldn't require the grep...you can do this instead: > > # portversion -vl"<" Cheers for that, I didn't thought about that. But, that's not exactly what I wanted: '-l' switch includes only "<" while 'grep -v "="' excludes "=". The difference is I wanted ">" included, too (just in case). Quick scan of portversion manpage gave me '-L' option: > -L CHARS > --inv-limit CHARSExclude the packages with the specified status > flags. so it would be like: # portversion -vL"<" Thanks for info! Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: keeping freebsd uptodate - doubt
saravanan ganapathy wrote: > I have done the above steps to update my system and > when I run 'portversion -v | grep -v "=" ', I am > gettin g the perl package only. > > freebsd# portversion -v | grep -v "=" > perl-5.8.5 < needs updating (port has 5.8.6_1) > > freebsd# portupgrade perl > ---> Upgrading 'perl-5.8.5' to 'perl-5.8.6_1' > (lang/perl5.8) > ---> Building '/usr/ports/lang/perl5.8' > ===> Cleaning for perl-5.8.6_1 > ===> perl-5.8.6_1 has known vulnerabilities: > => perl -- File::Path insecure file/directory > permissions. >Reference: > <http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html> > => Please update your ports tree and try again. > *** Error code 1 > > Stop in /usr/ports/lang/perl5.8. > ** Command failed [exit code 1]: /usr/bin/script -qa > /tmp/portupgrade5864.0 make > ** Fix the problem and try again. > ** Listing the failed packages (*:skipped / !:failed) > ! lang/perl5.8 (perl-5.8.5) (unknown build > error) > ---> Packages processed: 0 done, 0 ignored, 0 skipped > and 1 failed > > How to solve this problem? Portaudit thinks perl-5.8.6_1 is not safe. It even tells you where to find more information: > http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html If you look there it says: > Affects: > > * perl >=0 <5.6.2 > * perl >=5.8.0 <5.8.6 Clearly, perl-5.8.6_1 is *not* affected. This leads us to conclusion that your portadit's database is outdated. To fetch new databse simply run: # portaudit -F oh, btw. I forgot to include in previous post: before upgrading ports always read /usr/ports/UPDATING. It can save you some headaches ;) Cheers, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: keeping freebsd uptodate - doubt
saravanan ganapathy wrote: > Hai , > > I have installed 5.3 release and want to keep my > system uptodate with the security patches. > > Based on many guides, I have arranged as a doc. Pls > confirm me whether my steps are ok > > 1) Install portupgrade > 2) Sync ports > > Ports-supfile contains as > > *default host=cvsup10.us.freebsd.org > *default base=/var/db > *default prefix=/usr > *default release=cvs tag=. > *default delete use-rel-suffix > ports-all OK > ( or should I change tag=RELENG_5_3 ) No, "tag=." is exactly what is needed for updating ports. > cvsup -g -L 2 /root/ports-supfile OK > 3) portsdb -Uu >From 'man portsdb': > -U > --updateindex Update or create the ports index file called INDEX. from 'man ports': > fetchindex Fetch the INDEX file from the FreeBSD cluster. Generating INDEX with 'portsdb -U' can take a while. Alternatively, you could run 'cd /usr/ports && make fetchindex' which will download that file for you. so point 3) could be like: 3-a) cd /usr/ports 3-b) make fetchindex 3-c) portsdb -u This is *much* faster but, of course, there's nothing wrong with 'portsdb -Uu'. > 4) portversion -v 'portversion -v | grep -v "=" ' is what I use. > Any other steps to do? Above procedure updates (only) your ports tree and installed ports. Subscribe to freebsd-announce and keep your system up-to-date. > What 'make fetchindex' will do? See above (point 3). Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Fwd: reboot DURING a portupgrade
[format fixed] Ben Haysom wrote: >> Hi >> >> I am running FBSD 5.3-CURRENT on a Duron 700Mhz 384Mb RAM. >> >> When I do (as root) >> >> #portupgrade -a >> >> it comes back with: >> >> Stale dependency: acroread-5.10_1 --> linux_base-8-8.0_6 -- manually >> run 'pkgdb -F' to fix, or specify -O to force. >> >> So I do >> >> #portupgrade -a -O >> >> and *everytime* it reboots itself before the portupgrade is complete. >> Not a clean reboot though - it doesn't dismount filesystems before it goes. >> >> I can't work out what it's doing. >> There is nothing relevant in /var/log/messages. > Just fixed the stale dependencies, then did portupgrade -a > > same thing. > unclean reboot. Sounds like faulty hardware to me (or _really_ misconfigured kernel and/or compilation options - yeah, I did that once :) ) First I would check memory with tools like memtest /usr/ports/sysutils/memtest86 Second I would check if CPU is not overheating. You could use /usr/ports/sysutils/cpuburn for that. That's for a start. If it's not hardware problem post more details: do you have custom kernel? If so, what options were changed? Was the system stable before changes? What about /etc/make.conf? etc. Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Strange question about the logo?...
Rembrandt Leliveld wrote: > Hello FreeBSD community! Hello, > I have a strange question, I think. [snip] > Can you tell me why FreeBSD choosed a devil as logo? This question is quite popular, unfortunately. It's based on misinterpreting the BSD Daemon as a demon. Have a look at http://www.freebsd.org/copyright/daemon.html quote from "Unix System Administration Handbook" (also in the link above): "Many people equate the word ``daemon'' with the word ``demon,'' implying some kind of Satanic connection between UNIX and the underworld. This is an egregious misunderstanding. ``Daemon'' is actually a much older form of ``demon''; daemons have no particular bias towards good or evil, but rather serve to help define a person's character or personality. The ancient Greeks' concept of a ``personal daemon'' was similar to the modern concept of a ``guardian angel'' --- ``eudaemonia'' is the state of being helped or protected by a kindly spirit. As a rule, UNIX systems seem to be infested with both daemons and demons." Hope it clarifies a bit. > Greetings from an upcoming FreeBSD fan Have fun! Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: using ports (WAS: Witch apache, mysql and php do i need ?)
Gert Cuykens wrote: > thx is there also a command that just tells you what it is going to > download without downloading it ? man ports and have a look at 'fetch-list' and other TARGETS. Cheers, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: set_rcvar load_rc_config run_rc_command: all not found
Christian Hiris wrote: > On Wednesday 26 January 2005 05:45:05, Duane Winner wrote: > >>Hello, >> >>I've just noticed (after spending the past two weeks testing >>5.3-release), that I'm getting this on every boot and shutdown: >> >>Local package initialization:set_rcvar: not found >>load_rc_config: not found >>run_rc_command: not found >> >>Everything seems to be working fine, but I sure would like to know where >>those "set_rcvar", "load_rc_config" and "run_rc_command" not found >>messages are coming from and why. > > > This messages were sent by a script, which resides in one of your local > startup directories. If you use the default local startup directories, then > search the scripts under /usr/local/etc/rc.d and /usr/X11R6/etc/rc.d for the > variables that couldn't be found. The script that wants to run the functions > set_rcvar, load_rc_config and run_rc_command requires the line > ". /etc/rc.subr". This line sucks in the file /etc/rc.subr and makes the > missing functions available to your script. Noticed this today. In my case /usr/X11R6/etc/rc.d/xfs.sh was found guilty (xorg-fontserver). There's only "." instead of ". /etc/rc.subr" If I'm reading changes[1] right it has been fixed about 3 hours ago. Regards, Karol [1]http://www.freebsd.org/cgi/cvsweb.cgi/ports/x11-servers/xorg-fontserver/Makefile -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kernel info question
Andrew L. Gould wrote: > On Tuesday 25 January 2005 05:06 pm, Karol Kwiatkowski wrote: > >>Andrew L. Gould wrote: >> >>>On Tuesday 25 January 2005 04:37 pm, Karol Kwiatkowski wrote: >>> >>>>Andrew L. Gould wrote: >>>> >>>>>I'm about to recompile a kernel on a computer with an AMD K6-2 450 >>>>>processor. Is the K6-2 an i586 or i686 CPU? >>>> >>>>I *think* it's i586 but have a look at dmesg output. >>>> >>>>There should be something like: >>>> >>>># dmesg | grep CPU >>>>CPU: AMD Athlon(tm) XP 2000+ (1674.44-MHz 686-class CPU) >>> >>>Thanks. (Yep, it's i586.) >> >>I'm not sure: is it a question about CPUTYPE flag in /etc/make.conf? >>Because right after my first reply I saw this in >> >>/usr/share/examples/etc/make.conf (about CPUTYPE): >> >>># Currently the following CPU types are recognized: >>># Intel x86 architecture: >>># (AMD CPUs) athlon-mp athlon-xp athlon-4 athlon-tbird >>>athlon k6-3 # k6-2 k6 k5 >>># (Intel CPUs)p4 p3 p2 i686 i586/mmx i586 i486 i386 >>># Alpha/AXP architecture: ev67 ev6 pca56 ev56 ev5 ev45 ev4 >>># Intel ia64 architecture: itanium >> >>Probably setting CPUTYPE=k6-2 would be best. >> >> >>Regards, >> >>Karol > > > I'm selecting CPU types in the kernel configuration file, which lists > only i386, i486, i586 and i686. > > Andrew Gould Ah, of course. I586_CPU then. Sorry for the noise, it's late here :) Good luck! Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kernel info question
Andrew L. Gould wrote: > On Tuesday 25 January 2005 04:37 pm, Karol Kwiatkowski wrote: > >>Andrew L. Gould wrote: >> >>>I'm about to recompile a kernel on a computer with an AMD K6-2 450 >>>processor. Is the K6-2 an i586 or i686 CPU? >> >>I *think* it's i586 but have a look at dmesg output. >> >>There should be something like: >> >># dmesg | grep CPU >>CPU: AMD Athlon(tm) XP 2000+ (1674.44-MHz 686-class CPU) >> >> > > Thanks. (Yep, it's i586.) I'm not sure: is it a question about CPUTYPE flag in /etc/make.conf? Because right after my first reply I saw this in /usr/share/examples/etc/make.conf (about CPUTYPE): > # Currently the following CPU types are recognized: > # Intel x86 architecture: > # (AMD CPUs) athlon-mp athlon-xp athlon-4 athlon-tbird athlon k6-3 > # k6-2 k6 k5 > # (Intel CPUs)p4 p3 p2 i686 i586/mmx i586 i486 i386 > # Alpha/AXP architecture: ev67 ev6 pca56 ev56 ev5 ev45 ev4 > # Intel ia64 architecture: itanium Probably setting CPUTYPE=k6-2 would be best. Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kernel info question
Andrew L. Gould wrote: > I'm about to recompile a kernel on a computer with an AMD K6-2 450 > processor. Is the K6-2 an i586 or i686 CPU? I *think* it's i586 but have a look at dmesg output. There should be something like: # dmesg | grep CPU CPU: AMD Athlon(tm) XP 2000+ (1674.44-MHz 686-class CPU) Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Open Sound System
Gerard Seibert wrote: > I have seen OSS from opensound.org mentioned here a few times. I have > not been able to locate it in the 'ports tree'. Would I be correct in > assuming that it is not available there, but rather only by downloading > it directly from opensound.org directly? Yes, that's correct. AFAIK, the reason is this: "Open Sound System is not freeware but commercial product. The software itself is freely downloadable from our web site. However it needs a run time license to work. The software package itself contains a time limited evaluation license which installs automatically. To remove the time limit you will need to purchase a permanent license from our web site or any of our official distributors."[1] and: "Open Sound System is now free for personal and non-commercial use and comes with a license key that will allow you to run OSS. The license key is valid for 3 months at a time after which you will need to download and install OSS again. There are no time limitations or restricted functionality during the licensing period. A permanant license key that will entitle you to free support and upgrades can be ordered here"[2] Regards, Karol [1] http://www.opensound.com/install_gzipped.html [2] http://www.opensound.com/download.cgi -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PF and NAT on FreeBSD 5.3
Kosta Kilim wrote:
> Hello,
>
> I'm trying to setup a PF with NAT for my home network.
>
> PF is compiled into the kernel(FreeBSD 5.3, fresh cvsup) and working,
> I can do pfctl -e|-d|-s just fine. And pflog0 is seen in the
> ifconfig's output.
>
> My IP range is: class C /29
>
> I have a ADSL router which works in bridged mode. So I connect to the
> ISP, get an static address for the router, then I assign one to the
> machine I'd like to act as a firewall from the /29 range.
>
> So router takes one and the machine take one address from class
> C/29. The other address can be ignored. I don't want to use them.
>
> For the rest of the machines on the network I'd like them to go
> through this machine, which I'd like it to do NAT using PF.
>
> The machine has the IP from the class C /29 range, and 192.168.0.0/27
> on the other NIC.
>
> So what I'd like to know, is how do I write the rules to perfom
> this. I thought that just taking the rules from the first example of
> the PF tutorial would do, I changed them slightly to suit my
> scenario. But still I can only go to the net with the one machine on
> the class C /29 subnet.
pf rules looks OK.
Wild guess: have you enabled packet forwarding? You can check it with
sysctl(8):
# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding: 1
To enable this at boot time put gateway_enable="YES" in your /etc/rc.conf
Also check the handbook (25.2.4 Building a Router chapter):
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-routing.html
> Any hints would be gladly received. Thank you for your time.
You're welcome (I'm not sure if that helps, though).
Regards,
Karol
> # macros, these are renamed to my NIC names
> int_if = "fxp0"
> ext_if = "ep0"
>
> tcp_services = "{ 22 }"
> icmp_types = "echoreq"
>
> priv_nets = "{ 127.0.0.0/8, 192.168.0.0/27 }"
>
> # options
> set block-policy return
> set loginterface $ext_if
>
> # scrub
> scrub in all
>
> # nat
> nat on $ext_if from $int_if:network to any -> ($ext_if)
>
>
> # filter rules
> block all
>
> pass quick on lo0 all
>
> block drop in quick on $ext_if from $priv_nets to any
> block drop out quick on $ext_if from any to $priv_nets
>
> pass in on $ext_if inet proto tcp from any to ($ext_if) \
>port $tcp_services flags S/SA keep state
>
> pass in inet proto icmp all icmp-type $icmp_types keep state
>
> pass in on $int_if from $int_if:network to any keep state
> pass out on $int_if from any to $int_if:network keep state
>
> pass out on $ext_if proto tcp all modulate state flags S/SA
> pass out on $ext_if proto { udp, icmp } all keep state
>
>
--
Karol Kwiatkowski
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: chmod: Operation not permitted
Gardner Bell wrote: > After rebuilding world last night I can no longer chmod some system > binaries that I don't need. When attemtping to do so I get a permission > denied. > [EMAIL PROTECTED] chmod 000 /bin/rcp > chmod: /bin/rcp: Operation not permitted. > > [EMAIL PROTECTED] chmod 000 /bin/rlogin > chmod: /bin/rlogin: Operation not permitted > > The only binaries this seems to be happening with are the ones used > for remote operations. Ie: rcp, rlogin, rsh, opieinfo, etc. I > followed the complete instructions in the handbook when rebuilding > world so I don't think that could be the problem. But I did run the > following after the system booted correctly. # ls -lo /bin/rcp -r-sr-xr-x 1 root wheel schg 18388 Jan 10 22:49 /bin/rcp notice "schg" up here Check chlags(1) manpage for more information. Oh, btw. "which rlogin" gives me "/usr/bin/rlogin" on 5.3-RELEASE. Is that a typo in your message? Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Software mirgration from Windows for my friend
Sergei Gnezdov wrote: > Hi, > > I need to consider if my friend can migrate from windows. Do you know > of a good user friendly alternatives (may be not as powerful)? I might > be able to answer most of the items, but I'd like to make sure that I > know about the options: Hello Sergei, Here's short list what I use / would use: > Alternatives for: > > - MS Office XP. I don't think he has very complex documents. OpenOffice > - ACDSE 5.0, Photoshop. I am not convinced that he edits or creates > images. GIMP (to create/modify images) > - WinRAR and WinZIP There are several command line tools in /usr/ports/archivers. As for GUI: If you're using KDE there's ARK in kdeutils. Gnome should have something similar. > - WinAMP XMMS > - Virtual CD don't know this software > - Some kind of CD Burner burncd with mkisofs works great if you don't mind command line. K3b (/usr/ports/sysutils/k3b) is great if you like GUI . > - Some DVD Player > - AC3filter mplayer (all you need is in there already) > - Decoding DVD to AVI (I have no idea why anybody would need this) I cannot comment on this but mplayer is supposed to do that. Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Sound not working - none of the other posts helped
SRINIVASAN, KESHAV wrote:
>
> I'm using the latest 5.3-stable build along with the Xfce4 window
> manager. I have a Sound Blaster Audigy card.
> I don't have the line 'device sound' in my kernel, but I have the
> following two lines in my loader.conf file:
>
> sound_load="YES"
>
> snd_emu10k1_load="YES"
>
> Sound doesn't work in X (tried playing an MP3 using a graphical MP3
> player). It doesn't work in command line either (tried using a console
> MP3 player as well). Any idea how to fix this?
I don't use emu10k1 driver (emu10kx[1] instead), but since no one has
replied yet (probably due to missing details):
First I would check if modules are loaded and if card is recognized.
Try following commands (you should see similar output with emu10k1):
> blackacidevil: # kldstat
> Id Refs AddressSize Name
> [...snip...]
> 31 0xc0827000 11c90snd_emu10kx.ko
> [...snip...]
Here I've got only 'snd_emu10kx' listed because 'sound' is compiled in
the kernel. There should be module sound loaded on your system.
> blackacidevil: # dmesg | grep pcm
> pcm0: on emu10kx0
> pcm0:
> blackacidevil: # cat /dev/sndstat
> FreeBSD Audio Driver (newpcm)
> Installed devices:
> pcm0: on emu10kx0 (16p/1r/0v channels duplex default)
If all is OK try adjusting volume with /usr/sbin/mixer.
If not try 'pciconf -lv' and search for sound card information.
Also check emu10kx website (below) - scroll down to 'Basic
troubleshooting tips'.
Hope that helps a bit.
Karol
[1] emu10kx can be found:
http://chibis.persons.gfk.ru/audigy/
works great with 5.3-RELEASE-p4 and Audigy (class=0x040100
card=0x00511102 chip=0x00041102 rev=0x03 hdr=0x00)
--
Karol Kwiatkowski
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD's Visual Identity: Outdated?
Ramiro Aceves wrote: > jsha wrote: >> 1. Not only is the logo misleading (associating evil) but it also looks >>like something 10-year-olds could produce in Paint Shop Pro ten years >>ago. OpenBSD has an artistic touch to theirs, however I was very >>disappointed when I heard that the new NetBSD logo was in effect. > > I really like the devil, it is nice and pleasant for me. A bit OT, but to make things clear I'd like to point out it's not the devil. It's a daemon. BSD Daemon. "Many people equate the word ``daemon'' with the word ``demon,'' implying some kind of Satanic connection between UNIX and the underworld. This is an egregious misunderstanding. ``Daemon'' is actually a much older form of ``demon''; daemons have no particular bias towards good or evil, but rather serve to help define a person's character or personality. The ancient Greeks' concept of a ``personal daemon'' was similar to the modern concept of a ``guardian angel'' --- ``eudaemonia'' is the state of being helped or protected by a kindly spirit. As a rule, UNIX systems seem to be infested with both daemons and demons." quote from: http://www.freebsd.org/copyright/daemon.html Regards, Karol -- Karol Kwiatkowski ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: user disappears from w and who
Kevin D. Kinsey, DaleCo, S.P. wrote: > Karol Kwiatkowski wrote: > >>Brandon Lodriguss wrote: >> >> >>>It seems like utmp/wtmp is getting updated when the user logs out of the >>>second shell, then it ignores the fact that the user is still logged in to >>>the original shell. >>> >>> >> >>I've got curious and investigated a bit. It looks like when user logs >>in the second time (and it doesn't matter that he logs in as himself) >>system information gets updated just like the previous session was >>ended (like user logged off before logging in). >> >>I hope that will help someone with further investigation (I'm not >>familiar with the source). >> >> > > IANAE, and I'm not sure if I understand the problem. Isn't > it acting as expected? From login(5): > >-p By default, login discards any previous environment. The -p > option disables this behavior. > Yes, login(5) discards previous environment but the problem (as I see it, and IANAE, too) is not with user's environment but with data consistency in system files (/var/run/utmp, /var/log/wtmp and /var/log/lastlog). >From man utmp(5): > The file declares the structures used to record information > about current users in the file utmp, logins and logouts in the file > wtmp, and last logins in the file lastlog. The time stamps of date > changes, shutdowns and reboots are also logged in the wtmp file. As I understand it, information in those files should reflect current system state. But it seems that any unprivileged user using login(5) can break it. Mechanism is simple: user logs in "twice" (on the same terminal), then logs out "once". He is still logged in (first session) but according to utmp/wtmp he is not. It may not be a security hole but it clearly leads to confusion. And makes utilities like w(1), who(1), last(1) pretty useless. As an attempt to learn new things I'm trying to hunt it down. Keep in mind I'm new to this and any help would be appreciated (am I on the right path?). Here's what I'm doing (5.3-RELEASE-p2): Starting conditions: Login with ssh as unprivileged user (first session), use login(1) to login as the same user (second session), then use login(1) again (third session). (The point of logging three times is to omit any confusion ssh session could lead to [like ssh related errors in logs]. This probably could be done using console but I don't have the access atm) Now, end (exit) third session and end the second. This results in this error in auth.log: > login: pam_sm_close_session(): no utmp record for ttyp2 According to (default) /etc/pam.d/system 'pam_lastlog.so' is used to log session data. This leads us to first candidate: /src/lib/libpam/modules/pam_lastlog/pam_lastlog.c Am I on the right track? What more experienced users think about it? -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: user disappears from w and who
Brandon Lodriguss wrote: > It seems like utmp/wtmp is getting updated when the user logs out of the > second shell, then it ignores the fact that the user is still logged in to > the original shell. I've got curious and investigated a bit. It looks like when user logs in the second time (and it doesn't matter that he logs in as himself) system information gets updated just like the previous session was ended (like user logged off before logging in). I hope that will help someone with further investigation (I'm not familiar with the source). Here's a "proof": (ssh session, notice the time) > login as: joe > Password: > Last login: Thu Dec 16 18:46:02 2004 from name.of.a.box > [...motd...] > joe$ date > Thu Dec 16 20:18:12 CET 2004 > > [...I'm waiting here at least one minute...] > > joe$ login > login: joe > Last login: Thu Dec 16 20:18:00 from name.of.a.box > [...motd...] > joe$ date > Thu Dec 16 20:19:17 CET 2004 > > [...I'm waiting here at least one minute...] > > joe$ exit > joe$ date > Thu Dec 16 20:21:29 CET 2004 as root: > # last joe > joe ttyp0 Thu Dec 16 20:19 - 20:21 (00:02) > joe ttyp0192.168.1.66 Thu Dec 16 20:18 - 20:19 (00:01) > [...] ^ last(1) reports user 'joe' logged off the same moment he logged in by typing 'login'. Finishing ssh connection (exit) results with this error in auth.log: > sshd[98620]: syslogin_perform_logout: logout() returned an error Also I tried logging 'joe' as different user second time - it doesn't matter. That's all from me, I hope someone will tell more. Regards, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: user disappears from w and who
Brandon Lodriguss wrote: > Hello, > > I'm wondering if anyone else has witnessed this phenomenon in FreeBSD > 5.3-Release who could perhaps tell me if it's an oddity/configuration > error with my system, or a problem with this version. I had a 4.10 > box that this does not happen on, similarly configured. > > The steps to reproduce the problem: > Log in via ssh. > Type login, log in again to a second shell within your existing shell. > Type w or who. At this point, no IP or hostname should be listed for > you, and you only show up once. This is normal behavior, and has > happened in all versions of fbsd since i can remember. > Type exit to return to your original shell. > Do a w or who now... > > At this point on my system, you are no longer listed in w or who, and > the user count in w is incorrect. The only indication that you are > still logged in is an active sshd process/connection. If you type > last , it does not say "still logged in...". You can, > however, snoop on the original tty as root using the watch command, > even if the user is invisible (provided you noticed what tty the user > was assigned before he went invisible.) [snip] > Has anyone seen this behavior before? Did I misconfigure something? Hello, although I don't have an answer to this, I can confirm this happening here, too (5.3-RELEASE-p2, ssh session): > login as: joe > Password: > Last login: Thu Dec 16 18:31:36 2004 > [...snip...] > > joe$ who > joettyp1Dec 16 18:46 (192.168.1.66) > > joe$ w > 6:41PM up 12 days, 3:18, 1 user, load averages: 0.26, 0.15, 0.10 > USER TTY FROM LOGIN@ IDLE WHAT > joe p1 name.of.a.box 6:41PM - w > joe$ login > login: joe > Last login: Thu Dec 16 18:41:26 from name.of.a.box > [...snip...] > joe$ w > 6:43PM up 12 days, 3:20, 1 user, load averages: 0.05, 0.10, 0.08 > USER TTY FROM LOGIN@ IDLE WHAT > joe p1 - 6:42PM - w > joe$ who > joettyp1Dec 16 18:42 and now: > joe$ exit > joe$ w > 6:44PM up 12 days, 3:21, 0 users, load averages: 0.07, 0.10, 0.08 > USER TTY FROM LOGIN@ IDLE WHAT > joe$ who > joe$ and as root (right after): > joe$ su > Password: > Yes, Master? w > 7:06PM up 12 days, 3:43, 0 users, load averages: 0.08, 0.09, 0.08 > USER TTY FROM LOGIN@ IDLE WHAT > Yes, Master? who > Yes, Master? sockstat -4 | grep joe > joe sshd 91554 6 tcp4 192.168.1.1:22 192.168.1.66:1458 > Yes, Master? ps aux | grep sshd | grep joe > root91551 0.0 2.0 6400 1812 ?? Is 11:52AM 0:00.10 sshd: joe > [priv] (sshd) > joe 91554 0.0 2.1 6408 1916 ?? S11:53AM 0:03.68 sshd: [EMAIL > PROTECTED] (sshd) last(1): > Yes, Master? last joe > joe ttyp1192.168.1.66 Thu Dec 16 18:46 - 18:51 (00:05) > Yes, Master? date > Thu Dec 16 19:15:25 CET 2004 > Yes, Master? uname -r > 5.3-RELEASE-p2 I can then make another ssh session to the box and that user is not listed either. Regards, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: bsdtar '--exclude pattern' problems
Lowell Gilbert wrote: > According to the tar(1) manual, the file parameters are supposed to > come after all of the option parameters. Ah, of course! I don't know why I wrote it wrong (some months ago probably). Thank you. > Be well. Cheers, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
bsdtar '--exclude pattern' problems
Hello all, I upgraded 5.2.1 to 5.3 recently and I'm trying to run my cron scripts which use tar utility (which defaults to bsdtar(1) on 5.3) and I can't figure out how to use '--exclude pattern' with it. It seems I'm missing something obvious here or bsdtar(1) is happily ignoring --exclude option. my system: FreeBSD 5.3-RELEASE-p1 #4: Sat Nov 27 19:37:42 CET 2004 here's what I try to run: orchid# /usr/bin/tar -czvf /home/root.backup/test.tar.gz -C /home . \ --exclude "root.backup/*" --exclude "pub/*" --exclude "ncvs/*" I tried '-W exclude=pattern', too: orchid# /usr/bin/tar -czvf /home/root.backup/test.tar.gz -C /home . \ -W exclude="root.backup/*" -W exclude="pub/*" -W exclude="ncvs/*" Both commands include all directories under /home. However using /usr/bin/gtar works as expected. Any help appreciated. Thanks. Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: need to download freeBSD
On 09/28/04 06:51, Noorazmi Omar wrote: > Dear users support > > I'm new to FreeBSD, > can any body give me the URL to download FreeBSD > > Best Regards > > Noorazmi Omar > > Kuala Lumpur > Malaysia Hello, welcome to FreeBSD! Please check the main site: http://www.freebsd.org/ Direct link to "Obtaining FreeBSD" in FreeBSD Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html Regards, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: how to install portindex?
On 09/14/04 13:31, Radek Kozlowski wrote: > On Tue, Sep 14, 2004 at 12:27:32PM +0200, Karol Kwiatkowski wrote: > >>Hello all, >> >>I've been reading about portindex and finally decided to install it. >>The problem is I can't find it. >>It should be in sysutils/portindex but there's no such directory. >> >># whereis portindex >>portindex: >> >>I can't find it on www.freebsd.org/ports either. >>What am I missing? > > > See this: > http://lists.freebsd.org/pipermail/freebsd-ports/2004-September/016065.html > > -Radek Ah, instead of digging freebsd-questions I should go straight to freebsd-ports. Thanks Miguel and Radek! -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
how to install portindex?
Hello all, I've been reading about portindex and finally decided to install it. The problem is I can't find it. It should be in sysutils/portindex but there's no such directory. # whereis portindex portindex: I can't find it on www.freebsd.org/ports either. What am I missing? Cheers, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: how to tell source code versions?
On 2004-09-11 07:33, Josh Hansen wrote: > rob gabaree wrote: > > >>hi guys: >> >>im pretty new and just recompiled my kernel with cvsup (using src-all) >>and uname -a prints: >> >>FreeBSD xxx 4.10-RELEASE-p2 FreeBSD 4.10-RELEASE-p2 #1: Fri Sep 10 >>18:01:49 EST 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/XCAGE2 i386 >> >>i used the RELENG_4_10 tag to do this, but im wondering if someone >>could tell me where to go to find out the latest source code, ex the >>above was -RELEASE-p2.. is p2 the latest? where can i find the latest >>info so i know i ahve the most up to date one? >> >>thanks >> >> > > It's all about the tags. RELENG_4_10 will give you FreeBSD > 4.10-RELEASE, the -p2 means there have been 2 patches for it since it > was released and you have them. Tthe RELEASE branch only gets bugfixes > and security updates. If you want, say, 4.10-STABLE, which will > eventually become 4.11, use the tag RELENG_4. There is a section on > these tags in the FreeBSD Handbook that fully explains them. > > -Josh If I understand Rob correctly all he needs is /usr/src/UPDATING file (after updating the source tree). here's mine on *FreeBSD 5*: # head -30 /usr/src/UPDATING Updating Information for FreeBSD 5.2.1 users [...snip...] The security advisories related to various patches contain information on how to build/install a minimal set of binaries and start/stop a minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. 20040630: p9 FreeBSD-SA-04.13.linux Correct an input validation error in the linux binary compatibility code. 20040526: p8 FreeBSD-SA-04:11.msync --END-- cheers, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Kernel Options
bsd hack wrote: > Hi, > I am working with the Kernel config file to optimize it and also to > improve the overall security of the system! Hi, that's good. I'll try to give you some ideas to start inline below: > I have the following quetions: > (1) There are a few options that are not available in the default > kernel... like the IPFIREWALL options(and the like)... I basically need to > know all possible options I can add to the kernel config file! Have a look at /usr/src/sys/i386/conf/NOTES file (assuming your machine architecture is i386, if not look in specific directory): # cat /usr/src/sys/i386/conf/NOTES | head # # NOTES -- Lines that can be cut/pasted into kernel and hints configs. # # This file contains machine dependent kernel configuration notes. For # machine independent notes, look in /sys/conf/NOTES. It points you to another file: usr/src/sys/conf/NOTES. There are options with explanations in both files. Also check FreeBSD Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html > (2) I guess these options can be used to set the kernel variables > accessible through the sysctl command. So can I create my own options so > that I can set a few kernel variables as and when I build the custom > kernel? Any sysctl variable can be set in /etc/sysctl.conf file which is used before system goes to multi-user state. Many of them can be even changed "live". Check man sysctl(8), it will also bring loader.conf(5) to your attention. > Thank you. > > -HKR Good luck, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Random Freeze
Mark Ovens wrote: > I'm seeing the same problem on my dual Athlon box. The freezes are > totally random AFAICT, sometimes when the machine is just idling. > > I've not used any CPU-specific make options but may try setting some to > see if it makes a difference. One thing though, I only have > > cpu I686_CPU > > set, not I486_CPU and I586_CPU as well, maybe that could be a problem? AFAIK, that's a proper setting for Athlons. What I recommend is you shouldn't play with make options before setting up a stable system (sorry if that's too obvious). > I'm running -CURRENT and the build I did on 8 April didn't have this > problem but it started with the next build I did a couple of weeks ago. > I've cvsup'd and rebuilt a couple of times since, the last on 25 July, > but the problem persists. I don't have much experience with CURRENT (and with SMP) but if you didn't change the config files it looks like something in the code (this is possible in CURRENT, right?). Only thing I can think of is reading freebsd-current and searching the archives. Not much from me, sorry. Regards, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: BerkeleyDB 4.2
Gerard Seibert wrote: > I have tried to locate the latest version of the BerkeleyDB. It is version > 4.2 I believe. I cannot find it in the ports collection. A quick search gives me: orchid# cd /usr/ports orchid# make search name="db42" Port: db42-4.2.52_2 Path: /usr/ports/databases/db42 Info: The Berkeley DB package, revision 4.2 Maint: [EMAIL PROTECTED] B-deps: libtool-1.5.2_1 R-deps: Port: db42-nocrypto-4.2.52_2 Path: /usr/ports/databases/db42-nocrypto Info: The Berkeley DB package, revision 4.2 Maint: [EMAIL PROTECTED] B-deps: libtool-1.5.2_1 R-deps: If I'm not sure about a port name I find ports site very useful: http://www.freebsd.org/ports/index.html Cheers, Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Random Freeze
Joseph Peterson wrote: > Unfortunately that is not the solution to my problem, I've run > memtest86 on my laptop several times and found no problems... any > other thoughts? =) > > -joe > Just a thought: Have you build your world and / or kernel from source? If that's the case double check processor-specific make options like CPUTYPE, CFLAGS, COPTFLAGS, etc. (they can be used from command line and from /etc/make.conf) Good luck! Karol -- Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Error Msg
Gerard Seibert wrote: I am using FreeBSD 5.2.1-RELEASE (GENERIC) #0: MON FEB 23 29:45:55 GMT 2004 I just recently posted about a problem I was having logging into my computer. I eventually was able to log in. I deleted the existing user and subsequently recreated the user. I also had to delete the group as well to complete the operation. However, although I can access my system, the following error message appears when I do an su command. This is the error message: Mar 4 15:52:42 BudMan su: _secure_path: /usr/home/ges/.login_conf is not owed by root The following error message likes to pop up at various times also: Mar 4 15:55:01 BudMan cron[541]: _secure_path: /usr/home/ges/.login_conf is not owned by root The time and date obviously change upon each new occurrence of the message, as well as the number following 'cron'. I have read the man on "_secure_path" but I have no idea what I am supposed to do to correct this problem. Even more mysterious is that this problem and several others only surfaced after installing KDE 3.2. I welcome any assistance someone can afford me, Thanks! Gerard Seibert [EMAIL PROTECTED] ICQ: 95653152 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Recently I had similar problem, not with root though. I reinstalled FreeBSD (without removing /home) and then added users. Obviously uids changed and I was getting those messages: /home/user/.login_conf is not owned by uid 1002 (for example) All I needed to do was 'chmod -R user:user /home/user/*' (recursive) Note: check man chmod, I'm not sure if that's good syntax Check the owner of that file. I'm not sure why do you get 'is not owned by *root*' but maybe it's similar problem. Hope that helps Karol Kwiatkowski ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
