Dovecot LDA help

[Peter Pluta]

I'm redoing my mail setup and am having some issues. I'm having dspam send
mail directly to dovecot for delivery. I've read the dovecot wiki
extrensivly and manged to get a config file from a friend that has it setup
this way, but I am still unable to get it working. 

Here is my config for dovecot.conf:
 socket listen {
master {
  path = /var/run/dovecot/auth-master
  mode = 0660
  user = vmail
  #group = vmail
}
mail_location = maildir:/usr/local/virtual/%d/%n <-- all mail in
/usr/local/virtual is owned by vmail:vmail

The rest is all mostly stock and the usual config. 

Here is my dovecot-sql.conf file:
password_query = SELECT password, 1011 AS uid, 1011 AS gid FROM users WHERE
userid = '%u'
user_query = SELECT 1011 AS uid, 1011 AS gid FROM users WHERE userid = '%u'

1011:1011 is the uid/gid of the user vmail. 


Now the question is, what is the problem here. I turned dovecots debug
feature on, and I see this:

Sep 19 02:29:30 pelorus postfix/smtpd[27881]: connect from
py-out-1112.google.com[64.233.166.178]
Sep 19 02:29:30 pelorus postfix/smtpd[27881]: NOQUEUE: filter: RCPT from
py-out-1112.google.com[64.233.166.178]: <[EMAIL PROTECTED]>: Recipient
address triggers FILTER dspam:unix:/var/run/dspam/dspam.sock;
from=<[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP
helo=
Sep 19 02:29:30 pelorus postfix/smtpd[27881]: 956B36CF82:
client=py-out-1112.google.com[64.233.166.178]
Sep 19 02:29:30 pelorus postfix/cleanup[27923]: 956B36CF82:
message-id=<[EMAIL PROTECTED]>
Sep 19 02:29:30 pelorus postfix/qmgr[27452]: 956B36CF82: from=<[EMAIL 
PROTECTED]>,
size=2198, nrcpt=1 (queue active)
Sep 19 02:29:30 pelorus dspam[27471]: Delivery agent returned exit code 67:
/usr/local/libexec/dovecot/deliver -d [EMAIL PROTECTED]
Sep 19 02:29:30 pelorus postfix/lmtp[27886]: 956B36CF82:
to=<[EMAIL PROTECTED]>,
relay=mail2.exotixboard.com[/var/run/dspam/dspam.sock], delay=0.21,
delays=0.19/0/0/0.02, dsn=4.3.0, status=deferred (host
mail2.exotixboard.com[/var/run/dspam/dspam.sock] said: 421 4.3.0
<[EMAIL PROTECTED]> Auto-Whitelisted (in reply to end of DATA
command))

Why is it not delivering? Also, my dspam.conf file is below for reference. 

TrustedDeliveryAgent "/usr/local/libexec/dovecot/deliver -d %u"
UntrustedDeliveryAgent "/usr/local/libexec/dovecot/deliver -d %u"
QuarantineAgent "/usr/local/libexec/dovecot/deliver -d %u -m Junk"




-- 
View this message in context: 
http://www.nabble.com/Dovecot-LDA-help-tf4479276.html#a12772223
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Nginx + FastCGI + PHP5 on FreeBSD 6.2

[Peter Pluta]

Volodymyr Kostyrko-2 wrote:
> 
> Peter Pluta wrote:
> 
> nginx.conf snippet:
> 
> server {
>listen *:80;
>server_name ...;
>root ...;
>access_log /var/log/nginx/access.log;
>index index.php;
> 
>location ~ .*\.php$ {
>  include /usr/local/etc/nginx/fastcgi_params;
>  fastcgi_pass unix:/tmp/.fastcgi.www/socket;
>  fastcgi_index index.php;
>  fastcgi_param SCRIPT_FILENAME ...$fastcgi_script_name;
>}
> }
> 
> /usr/local/etc/rc.d/phpFcgid script:
> 
> #!/bin/sh
> 
> # PROVIDE: phpFcgid
> # REQUIRE: LOGIN
> # KEYWORD: shutdown
> 
> . /etc/rc.subr
> 
> name="phpFcgid"
> rcvar=`set_rcvar`
> 
> load_rc_config $name
> : ${phpFcgid_enable="NO"}
> : ${phpFcgid_users="www"}
> : ${phpFcgid_children="2"}
> 
> start_cmd=phpFcgid_start
> stop_cmd=phpFcgid_stop
> 
> phpFcgid_start() {
>echo "Starting $name."
>export PHP_FCGI_CHILDREN=${phpFcgid_chidlren}
>for user in ${phpFcgid_users}; do
>  socketdir="/tmp/.fastcgi.${user}"
>  mkdir -p ${socketdir}
>  chown ${user}:www ${socketdir}
>  chmod 0750 ${socketdir}
>  su -m ${user} -c "/usr/local/bin/php-cgi -b ${socketdir}/socket&"
>done
> }
> 
> phpFcgid_stop() {
>echo "Stopping $name."
>pids=`pgrep php-cgi`
>pkill php-cgi
>wait_for_pids $pids
> }
> 
> run_rc_command "$1"
> 
> Also put this to your /etc/rc.conf file:
> 
> phpFcgid_enable='yes'
> 
> -- 
> Sphinx of black quartz judge my vow.
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

Thanks Volodymyr, I appreciate it. Where would all of the FastCGI parameters
go, such as # of children, timeout values, etc. 
-- 
View this message in context: 
http://www.nabble.com/Nginx-%2B-FastCGI-%2B-PHP5-on-FreeBSD-6.2-tf4389129.html#a12533660
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Nginx + FastCGI + PHP5 on FreeBSD 6.2

[Peter Pluta]

Has anyone sucessfully got this running? I haven't been able to get this to
work. I've looked at the numerous guides i've found on Google both in
Russian and in English. I'm trying to use php's default fastcgi spawner and
it's just not working. I've tried editing the bash script, but it won't
start (I changed few things around and changed it to sh). I'm pretty much
stumped now and want to just run it on Apache with mod_fcgid, but before I
do that I want to be sure I can't get it to work. :working:

Script:
#!/bin/sh

## ABSOLUTE path to the PHP binary
PHPFCGI="/usr/local/bin/php-cgi"

## tcp-port to bind on
FCGIPORT="9000"

## IP to bind on
FCGIADDR="127.0.0.1"

## number of PHP children to spawn
PHP_FCGI_CHILDREN=2

## number of request before php-process will be restarted
PHP_FCGI_MAX_REQUESTS=500

# allowed environment variables sperated by spaces
ALLOWED_ENV="PATH USER"

## if this script is run as root switch to the following user
USERID=nginx

## no config below this line

if test x$PHP_FCGI_CHILDREN = x; then
  PHP_FCGI_CHILDREN=5
fi

ALLOWED_ENV="$ALLOWED_ENV PHP_FCGI_CHILDREN"
ALLOWED_ENV="$ALLOWED_ENV PHP_FCGI_MAX_REQUESTS"
ALLOWED_ENV="$ALLOWED_ENV FCGI_WEB_SERVER_ADDRS"

if test x$UID = x0; then
  EX="usr/bin/su -c $USERID \"$PHPFCGI -q -b $FCGIADDR:$FCGIPORT\""
else
  EX="$PHPFCGI -b $FCGIADDR:$FCGIPORT"
fi

echo $EX

# copy the allowed environment variables
E=

for i in $ALLOWED_ENV; do
  E="$E $i=${!i}"
done

# clean environment and set up a new one
nohup env - $E sh -c "$EX" &> /dev/null &

If anyone has a better method of getting it to work please do share it. I'd
like to get it to work and possibly write a small guide aim'd at FreeBSD
users. 

Thanks, 
Sasha 
-- 
View this message in context: 
http://www.nabble.com/Nginx-%2B-FastCGI-%2B-PHP5-on-FreeBSD-6.2-tf4389129.html#a12513880
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Hostname Question - Whats The Proper Way

[Peter Pluta]

Jonathan Horne wrote:
> 
> On Wednesday 29 August 2007 19:19:58 Peter Pluta wrote:
>> How does one pick a domain?
>> Just any old domain? 
> 
> thats often how it goes!  mine was originally "dfwlanparty"... but dfwlp
> just 
> became the shortend version of what the community referred to it as.  i 
> bought the domain just out of convenience many moons ago :)
> 
>> I keep visualizing a domain as in 3-4 servers each of 
>> which has a hostname mail, web, etc..
> 
> fairly close, some times you will actually find servers that actually are 
> named "web" "mail", or have names after services.  myself, i have names
> that 
> ive chosen, and then use DNS to "link" the common services to them. 
> example, 
> if you do a:
> 
> host castor.dfwlp.com
> 
> youll find that castor is my server that handles www.dfwlp.com.  so, if
> you 
> have a specific name in mind, dont be afraid to use it!  you can always go 
> back later and use DNS to give your box as many "jobs" as you need (ie,
> you 
> can DNS both www and mail to the same server, if you need to).
> 
> cheers,
> -- 
> Jonathan Horne
> http://dfwlpiki.dfwlp.org
> [EMAIL PROTECTED]
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

Ah ok. I host a few domains on my box, 3 web, and 1 mail. I will just call
my box box(anything).placidpublishing.net and just have dns entries for
mail, www, etc.. to the appropriate domains. That makes more sense. Thanks 

-- 
View this message in context: 
http://www.nabble.com/FreeBSD-Hostname-Question---Whats-The-Proper-Way-tf4351213.html#a12418257
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Hostname Question - Whats The Proper Way

[Peter Pluta]

Jonathan Horne wrote:
> 
> On Wednesday 29 August 2007 19:05:06 Peter Pluta wrote:
>> I have a box with 5 ip's pointing to it. Most of the things I run (http,
>> smtp) are virtual or allow me to specify the hostname (postfix) - so I'm
>> wondering what the machines hostname should be? By default it's
>> localhost.localdomain. This has always confused me from the begining when
>> I
>> first started using FreeBSD, can anyone chime in? It would greatly
>> appreciated.
>>
>> Thanks!
> 
> its fairly simple actually.  example:
> 
> my system's name is athena.  my domain, is dfwlp.com... thus my computer
> is 
> athena.dfwlp.com.  the hostname command can show you waht your current 
> hostname is:
> 
> [EMAIL PROTECTED] ~] $ hostname
> athena.dfwlp.com
> 
> also, there is a line in /etc/rc.conf that specifys the system's hostname
> when 
> you start up:
> 
> [EMAIL PROTECTED] ~] $ cat /etc/rc.conf|grep hostname
> hostname="athena.dfwlp.com"
> 
> finally, when you are installing freebsd, during the "network
> configuration" 
> page, the "Host:" box would be where i would put "athena", and the
> "Domain:" 
> box would be where i put "dfwlp.com" (when you set your domain, you dont
> put 
> the . in front of the domain name, ie, dont put .dfwlp.com in the domain 
> box).
> 
> cheers,
> -- 
> Jonathan Horne
> http://dfwlpiki.dfwlp.org
> [EMAIL PROTECTED]
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

Right, my current box is mail.placidpublishing.com, I only have 1 box, and
it does web and mail. I just picked placidpublishing and used that since it
was a domain I had laying arond. Is that "ok"? How does one pick a domain?
Just any old domain? I keep visualizing a domain as in 3-4 servers each of
which has a hostname mail, web, etc.. 
-- 
View this message in context: 
http://www.nabble.com/FreeBSD-Hostname-Question---Whats-The-Proper-Way-tf4351213.html#a12398404
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

FreeBSD Hostname Question - Whats The Proper Way

[Peter Pluta]

I have a box with 5 ip's pointing to it. Most of the things I run (http,
smtp) are virtual or allow me to specify the hostname (postfix) - so I'm
wondering what the machines hostname should be? By default it's
localhost.localdomain. This has always confused me from the begining when I
first started using FreeBSD, can anyone chime in? It would greatly
appreciated. 

Thanks! 
-- 
View this message in context: 
http://www.nabble.com/FreeBSD-Hostname-Question---Whats-The-Proper-Way-tf4351213.html#a12398274
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Memcached Daemon Startup Issues

[Peter Pluta]

Peter Pluta wrote:
> 
> I installed memcached and since it doesn't have a config file I entered
> the flags into rc.conf, but when I start it with the rc.d scripts, it
> always runs as nobody, instead of the user I specified with -u . The
> man page says "only when run as root". This confuses me somewhat because
> i'm executing the rc.d script as root, yet it still starts as nobody. I
> can manually start memcached with "memcached -u memcached -l 127.0.0.1 -p
> 11211 -m 32 -P /var/run/memcached/memcached.pid". 
> 
> /etc/rc.conf bit:
> memcached_enable="YES"
> memcached_flags='-u memcached -d -l 127.0.0.1 -m 32 -P
> /var/run/memcached.pid -p 1121'
> 
> Any ideas?
> 

Nvm, I had to take a look at the rc script to see that there was another
directive (memcached_user="")
-- 
View this message in context: 
http://www.nabble.com/Memcached-Daemon-Startup-Issues-tf4321717.html#a12307237
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Memcached Daemon Startup Issues

[Peter Pluta]

I installed memcached and since it doesn't have a config file I entered the
flags into rc.conf, but when I start it with the rc.d scripts, it always
runs as nobody, instead of the user I specified with -u . The man page
says "only when run as root". This confuses me somewhat because i'm
executing the rc.d script as root, yet it still starts as nobody. I can
manually start memcached with "memcached -u memcached -l 127.0.0.1 -p 11211
-m 32 -P /var/run/memcached/memcached.pid". 

/etc/rc.conf bit:
memcached_enable="YES"
memcached_flags='-u memcached -d -l 127.0.0.1 -m 32 -P
/var/run/memcached.pid -p 1121'

Any ideas?
-- 
View this message in context: 
http://www.nabble.com/Memcached-Daemon-Startup-Issues-tf4321717.html#a12306830
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Spamassassin RBL's

[Peter Pluta]

Christopher Hilton wrote:
> 
> Peter Pluta wrote:
>> 
>> Mikhail Goriachev-2 wrote:
>>> Peter Pluta wrote:
>>>> How can I enable spamassasssin RBL's. I'm running FreeBSD 6.1, postfix,
>>>> amavisd-new, and spamassassin with razor. I'm getting many spams that
>>>> shouldn't be getting thru with RBL's. I havent been able to find
>>>> anything
>>>> useful on Google that can explain how to get RBL working with
>>>> spamassassin.
>>>> Any feedback would be greatly appreciated. 
>>>
>>> 
> 
> [snip]
> 
>>> /usr/local/share/spamassassin/20_dnsbl_tests.cf
>>>
>>>
> 
> You will also want to look at:
> 
>   /usr/local/share/spamassassin/5-_scores.cf
> 
> There are two ways to use the rbls. You can either raise the score for 
> being in the RBL above SA's threshold. Or you can out and out block 
> servers in the RBL from your MTA. You probably want to be carefull with 
> the latter technique since is transfers onus of the work of delivering 
> the mail into the wrong hands.
> 
> I just spent 3 hours diagnosing a problem for a client on Friday. It 
> turns out that people weren't able to deliver email to him and for the 
> past 6 months he's believed that there was some intermittent problem 
> with his ISP's mailserver. The actual problem is that his ISP is using 
> an overzealous RBL. I found out about this because my delivery server 
> was listed in his RBL due to some mistake that happened in 1999 before 
> my ISP got the IP address. The practical upshot for my client was that 
> until he could find someone who could both see and diagnose the problem 
> he just wasn't receiving mail and thus he was loosing business. Nota 
> Bene for all users of RBLs.
> 
> -- 
>__o  "All I was doing was trying to get home from work."
>  _`\<,_   -Rosa Parks
> ___(*)/_(*)___
> Christopher Sean Hilton
>  pgp key: D0957A2D/f5 30 0a e1 55 76 9b 1f 47 0b 07 e9 75 0e 14
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

I see, I disabled bayes and awl in spamassassin, and updated amavisd-new
from ports. I have a different problem. Mail I am sending out is being
thrown away because it's being flagged as spam. I'm stumped, it never did
this before. 

Log entry:
Jun 10 14:23:59 mail amavis[541]: (00541-04) cached
f6255bb01c648fe967714d52a89e8e9c from <[EMAIL PROTECTED]> (1,0)
Jun 10 14:24:00 mail amavis[541]: (00541-04) Blocked SPAM, [67.175.92.171]
[67.175.92.171] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>,
Message-ID: <[EMAIL PROTECTED]   ublishing.net>, mail_id:
kj76mFHOu5uA, Hits: 5.651, size: 775, 638 ms
Jun 10 14:24:00 mail postfix/smtp[785]: 7A5215083F:
to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.84,
delays=0.18/0.01/0/0.64, dsn=2.7.0, status=sent (250 2.7.0Ok,
discarded, id=00541-04 - SPAM)

-- 
View this message in context: 
http://www.nabble.com/Spamassassin-RBL%27s-tf3896464.html#a11051531
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Spamassassin RBL's

[Peter Pluta]

Mikhail Goriachev-2 wrote:
> 
> Peter Pluta wrote:
>> How can I enable spamassasssin RBL's. I'm running FreeBSD 6.1, postfix,
>> amavisd-new, and spamassassin with razor. I'm getting many spams that
>> shouldn't be getting thru with RBL's. I havent been able to find anything
>> useful on Google that can explain how to get RBL working with
>> spamassassin.
>> Any feedback would be greatly appreciated. 
> 
> 
> RBL is already enabled in SA. Probably you should increase the values SA 
> assigns to RBL checks. See:
> 
> http://www.spamhaus.org/effective_filtering.html
> 
> Skim through:
> 
> /usr/local/share/spamassassin/20_dnsbl_tests.cf
> 
> 
> Just a thought. You may consider implementing RBL at MTA level (postfix 
> in your case). It is a lot faster then processing through SA, which is a 
> resource hog.
> 
> 
> 
> Regards,
> Mikhail.
> 
> -- 
> Mikhail Goriachev
> Webanoide
> 
> Telephone: +61 (0)3 62252501
> Mobile Phone: +61 (0)4 38255158
> E-Mail: [EMAIL PROTECTED]
> Web: www.webanoide.org
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

Thanks, I think postfix already does the basic RBl's. PTR records and stuff
like that, but i'm still getting some ugly spam. When I feed the spam ip's
into dnsstuff.com's spam database many of the databases show it as
blacklisted, so i'm guessing the RBL's are not functioning correctly. 
-- 
View this message in context: 
http://www.nabble.com/Spamassassin-RBL%27s-tf3896464.html#a11050907
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Spamassassin RBL's

[Peter Pluta]

How can I enable spamassasssin RBL's. I'm running FreeBSD 6.1, postfix,
amavisd-new, and spamassassin with razor. I'm getting many spams that
shouldn't be getting thru with RBL's. I havent been able to find anything
useful on Google that can explain how to get RBL working with spamassassin.
Any feedback would be greatly appreciated. 
-- 
View this message in context: 
http://www.nabble.com/Spamassassin-RBL%27s-tf3896464.html#a11046174
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Spamassassin Bayes/mySQL + Amavisd-new

[Peter Pluta]

I've been getting some nasty spam and need to setup bayes. I'm running
amavisd-new with spamassassin. I haven't been able to find any guides... so
it's kind of hard. The only one I have been able to find is this one.
http://www.maiamailguard.com/maia/wiki/SpamAssassin3SQLBayes but it pertains
to maia-mailguard more then amavisd-new. 

This is my local.cf config:

# Enable the Bayes system
use_bayes 1
bayes_store_moduleMail::SpamAssassin::BayesStore::SQL
bayes_sql_dsnDBI:mysql:bayes:localhost
bayes_sql_usernamebayes
bayes_sql_passwordbayes

and I added the SQL that I found on that link; however, it doesn't seem to
be connecting. It tried to connect as root, not sure why. Also, is bayasian
per user or sitewide? I'm kind of confused as to where I should even start
with this because of the lack of guides. I found this:
http://wiki.apache.org/spamassassin/BetterDocumentation/SqlReadmeBayes but
it's pretty broad too so i'm not sure. Has anyone done it with amavisd-new?
-- 
View this message in context: 
http://www.nabble.com/Spamassassin-Bayes-mySQL-%2B-Amavisd-new-tf3893449.html#a11037822
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Security Run Output Setuid Differences

[Peter Pluta]

Roland Smith wrote:
> 
> On Mon, May 21, 2007 at 11:59:33AM -0700, PeterPluta wrote:
> 
>> > Looks like you were portupgrading around with postfix, screen and
>> xterm.
>> > 
>> > The output is diff(1).  See the man page for details, but it's
>> basically
>> > showing you the difference between last night's directory listing, and
>> > that
>> > of the previous day.
>> > 
>> > For more gory details, see the scripts in /etc/periodic/security, which
>> > are
>> > run every night from cron.  Some of the ports you changed resulted in
>> > changes to setuid/setgid programs installed on the system.  As a
>> security-
>> > concious administrator, you should be interested in the programs on
>> your
>> > system that have elevated privilidges, so this script is provided to
>> give
>> > you a daily report on that.
>> 
>> I see, so basically after reinstalling the default uid/gid of some
>> programs
>> changed? Is that a problem or anything? 
> 
> It's not a problem. It's just something that you should be aware of from
> a security standpoint.
> 
> In this case you caused it because you upgraded some ports, which is OK.
> 
> But if the size, date, ownership or permissions of a binary change
> without any apparent cause, it _could_ be the work of an intruder or
> rootkit trying to backdoor your system. That's why the system checks it.
> 
> In /etc/defaults/periodic.conf you see which settings there are
> concerning security, and what the defaults are. If you want to disable
> some of them, put the settings in /etc/periodic.conf with a "NO" value
> instead of "YES". But I would recommend to leave them as they are.
> 
> Roland
> -- 
> R.F.Smith   http://www.xs4all.nl/~rsmith/
> [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
> pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
> 
>  
> 

mail.***.net setuid diffs:
--- /var/log/setuid.today   Mon May 21 03:02:30 2007
+++ /tmp/security.wq6BsVcr  Sun Jun  3 03:01:48 2007
@@ -20,7 +20,7 @@
 377398 -r-sr-xr-x  2 root  wheel  5828 Jul 30 16:19:57 2006
/usr/bin/yppasswd
 71112 -rwsr-xr-x  1 root  wheel 285580 May 20 18:23:48 2007
/usr/local/bin/screen
 70971 -rwxr-sr-x  1 root  kmem  112708 May 20 18:23:03 2007
/usr/local/sbin/lsof
-73170 -rwxr-sr-x  1 root  maildrop  142559 May 17 14:41:47 2007
/usr/local/sbin/postdrop
-73204 -rwxr-sr-x  1 root  maildrop  152477 May 17 14:41:47 2007
/usr/local/sbin/postqueue
+71432 -rwxr-sr-x  1 root  maildrop  142559 Jun  2 15:47:54 2007
/usr/local/sbin/postdrop
+71433 -rwxr-sr-x  1 root  maildrop  152477 Jun  2 15:47:54 2007
/usr/local/sbin/postqueue
 923168 -rwxr-sr-x  1 root  smmsp   5236 Jul 30 16:20:07 2006
/usr/sbin/mailwrapper
 923264 -r-sr-x---  1 root  network11636 Jul 30 16:20:07 2006
/usr/sbin/sliplogin

I have some more, I'm starting to understand it a bit better. Basically the
user:group id number has changed and the security run is letting me know.
Good deal, but im still confused as to what the @@ -20,7 + 20,7 @@ and + -
mean. Can anyone explain those? I'm curious, also why would yppasswd change
to userid 2? I changed roots name yesterday, could that be the cause of it?
-- 
View this message in context: 
http://www.nabble.com/Security-Run-Output-Setuid-Differences-tf3792025.html#a10979516
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Security Run Output Questions

[Peter Pluta]

Dan Nelson wrote:
> 
> In the last episode (May 23), PeterPluta said:
>> I see this quite regularly. What exactly is the http process doing?
>> I'm guessing this is the master process stopping and restarting when
>> I rotate logs or something. Can anyone confirm? There is usally more
>> processes, 10-15 or more.
>> 
>> kernel log messages:
>> +++ /tmp/security.ioLB2PiJ   Wed May 23 03:01:42 2007
>> +pid 30865 (httpd), uid 80: exited on signal 4
> 
> It's crashing :)
> 
>  4 SIGILL   create core imageillegal instruction
> 
> -- 
>   Dan Nelson
>   [EMAIL PROTECTED]
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> 

Ahh I see, so this isn't a good thing. I'm running Apahe with mod_php. I
don't see why it would be crashing, unless one of the web apps is buggy. 

-- 
View this message in context: 
http://www.nabble.com/Security-Run-Output-Questions-tf3806074.html#a10772295
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Ports Confusion - some errors

[Peter Pluta]

I recently got an email from portsnap that I have 30 or so ports to update. I
did my usual logged in, looked at the ports that needed updating, and went
ahead and updated them with portsupgrade -arR. This caused many problems
because I had the xorg-libraries installed that needed updating. I screwed a
lot of other ports and deps in the process, but this was a good thing. I got
some help from a friend and cleaned out maybe 20-30 useless ports that I
didn't need, including the xorg libraries - which I no longer had a use for.
I had them from an old maia-mailguard install. I also read the
/usr/ports/UPDATING file and realized there were specific instructions for
the xorg stuff, which I didn't follow. So anyway, my question is. 

What is the best thing to do in a situation like that when you have many dep
erors and such? For example I have a dep that wasn't found by pkgdb -F
"stale dependency dovecot 1.0.0 <-- postfix x.x.x.x" was one of them. I
tried to rebuild the package db a few times, but it didn't work. I
eventually had to reinstall dovecot and postfix. Is this normal?

All in all, this message is more of a story then a question, but I thought
i'd still ask about the stale deps even though I made many mistakes that
most likely were the cause of them in the first place. 
-- 
View this message in context: 
http://www.nabble.com/Ports-Confusion---some-errors-tf3806248.html#a10771764
Sent from the freebsd-questions mailing list archive at Nabble.com.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [freebsd-questions] Can't build php5? - Builds now, but doesn't work due to gd.so

[Peter Pluta]

I had somethign wierd with php recently too. I uninstalled it, and
re-compiled php itself and all of it's extensions. Make sure the module
isn't listed twice in httpd.conf (it does that). All seems good now. 


Patrick Baldwin wrote:
> 
> Beech Rintoul wrote:
> 
> 
>  >> On Monday 21 May 2007, Patrick Baldwin said:
>  >>
>  >
>  First, my apologies to Beech for replying off-list, I'm on a few
>  others that work a bit differently, and I was a little quick with
>  the send button.
>  
>  On to the issue at hand:
>  
>  Beech Rintoul wrote:
>  >>
>  > > On Monday 21 May 2007, Patrick Baldwin said:
>  >>>
>  >> >> Hi, I'm in the process of trying to build a Horde/IMP server.
>  >> >> I started by freshly installing & updating 6.2-RELEASE-p4
>  >> >> FreeBSD.  I then installed IMP package with pkg_add -r imp.
>  >> >> All seemed to go well.  I then started working my way through
>  >> >> configuring the various newly installed things.
>  >> >>
>  >> >> From:
>  >> >> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/netwo
>  >> >>rk-a pache.html
>  >> >>
>  >> >> I added:
>  >> >>
>  >> >> LoadModule php5_modulelibexec/apache/libphp5.so
>  >> >>
>  >> >> AddModule mod_php5.c
>  >> >> 
>  >> >> DirectoryIndex index.php index.html
>  >> >> 
>  >> >> 
>  >> >> AddType application/x-httpd-php .php
>  >> >> AddType application/x-httpd-php-source .phps
>  >> >> 
>  >> >>
>  >> >> To my /usr/local/etc/apache/httpd.conf file.
>  >> >>
>  >> >> When I tried to restart Apache, I get:
>  >> >>  apachectl start
>  >> >> Syntax error on line 238 of /usr/local/etc/apache/httpd.conf:
>  >> >> Cannot load /usr/local/libexec/apache/libphp5.so into server:
>  >> >> Cannot open "/usr/local/libexec/apache/libphp5.so"
>  >> >> /usr/local/sbin/apachectl start: httpd could not be started
>  >> >>
>  >> >>
>  >> >> And sure enough, it's not there.  I go to /usr/ports/lang/php5,
>  >> >> Run make config install, telling it to build Apache module, and
>  >> >> I get:
>  >> >>
>  >> >> ===>  Vulnerability check disabled, database not found
>  >> >> ===>  Found saved configuration for php5-5.2.2
>  >> >> => suhosin-patch-5.2.2-0.9.6.2.patch.gz doesn't seem to exist
>  >> >> in /usr/ports/distfiles/.
>  >> >> => Attempting to fetch from
>  >> >> http://www.hardened-php.net/suhosin/_media/. fetch:
>  >> >> http://www.hardened-php.net/suhosin/_media/suhosin-patch-5.2.2-
>  >> >>0.9. 6.2.patch.gz: Connection refused
>  >> >> => Attempting to fetch from
>  >> >> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
>  >> >> fetch:
>  >> >> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/suhosin-patch
>  >> >>-5.2 .2-0.9.6.2.patch.gz: File unavailable (e.g., file not
>  >> >> found, no access)
>  >> >> => Couldn't fetch it - please try to retrieve this
>  >> >> => port manually into /usr/ports/distfiles/ and try again.
>  >> >> *** Error code 1
>  >> >>
>  >> >> Stop in /usr/ports/lang/php5.
>  >> >> *** Error code 1
>  >> >>
>  >> >> Stop in /usr/ports/lang/php5.
>  >> >>
>  >> >>
>  >> >> My goal here is to get a working FreeBSD 6.2 Horde/IMP server.
>  >> >> I'm new to all these things, so if I'm going about this the
>  >> >> hard or the stupid way, please don't hesitate to tell me.  It
>  >> >> seemed like the easiest and fastest way to get a working
>  >> >> install would be to install the package, but maybe I'm wrong.
>  >> >>
>  >> >> Regards,
>  >>>
>  > >
>  > > The problem is there have been upgrades to php and their server
>  > > is
>  >>
>  
>  currently down. This has been reported by several people and all I
>  can suggest is to try again later. FWIW, I just tried to fetch and
>  it's still down.
>  
>  >>
>  > > Beech
>  >>
>  
>  And apparently continues to be so.  I guess I'll try again
>  tomorrow.
>  
>  In the meantime, this leaves me wondering if I should try and
>  uninstall imp, and re-install once this server is back.  I am under
>  the impression that installing via a package should cause any
>  dependencies of the package to be built with the options the
>  package needs to run (if I'm wrong on this please let me know),  so
>  it seems like I may end up chasing dependencies for awhile if I
>  just proceed from where I am right now, since it obviously couldn't
>  build PHP with the options needed for Horde/IMP to work.
>  
>  Also, it;s mentioned above that several people have reported this
>  problem.  My Google searches didn't turn anything up; is there
>  someplace I should be checking for issues like this before posting
>  here?
>  
>  Thanks,
>  >
> 

Dependency Confusion

[Peter Pluta]

I'm a bit confused with dependency's. When you have a stale dependency's 
what does this usually mean? Does that mean that the dependency was 
already updated and not noted in the pkgdb? Or does it mean the version 
in the pkgdb is wrong and that I have a newer or older version 
installed? Also, how do I correct it when running pkgdb -F I tried to 
enter the newer version of the dependency and it told me I need to pick 
from a list it gave me. :(


Any feedback would be greatly appreciated.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Dependencys and confusion

[Peter Pluta]

I'm a bit confused with dependency's. When you have a stale dependency's 
what does this usually mean? Does that mean that the dependency was 
already updated and not noted in the pkgdb? Or does it mean the version 
in the pkgdb is wrong and that I have a newer or older version 
installed? Also, how do I correct it when running pkgdb -F I tried to 
enter the newer version of the dependency and it told me I need to pick 
from a list it gave me. :(


Any feedback would be greatly appreciated.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Apache Rotate Logs and Log Rotate.

[Peter Pluta]

I made a cron entry to compress the logs. We keep them for 10 days. Each 
log on this server is 940mb for the access and 430mb for the error. This 
site is very busy and I like having logs for various reasons (dump users 
uploading illegal content is one reason). The memory buffer clears out 
in around 10 minutes because the new log started 10 minutes after the 
old ended. I added 306   *   *   bzip2 -1q /var/log/http-*.log.* to 
cron. I think this is a pretty good setup. Our log error level is set to 
info as well. The web application (php driven) is not spitting up that 
many errors. Most of them are missing images that were deleted and just 
broken old links. Thanks for all you're replies David. I really learned 
a lot and i know understand much more. I started carbon copying the 
emails to the mailing list in case anyone is interested in this as well.


David Robillard wrote:

On 3/5/07, Peter Pluta <[EMAIL PROTECTED]> wrote:

Gotcha, do you use a script to compress the logs after the SIGUSR1 and
after waiting for a bit for apache to clear it's logging buffer (to not
have missing logs)?


No I don't. I don't even see why one would want to do this?

Newsyslog deletes extra logs. So if our disk space is enough to hold
the amount of logs we require (see math below), then there's no need
to compress any Apache logs at all. Right!?!!

If we come back to my example of 100 VirtualHost with log files of 2Mb
each and we keep only 10 of them. Using USR1 as the kill signal, For
an httpd children to miss any log entry would mean that this children
writes more than 10 times 2Mb of logs in a very short period of time.
Check your VirtualHost load and determine the average response time
for each httpd children. If it's 2min (which is HUGE for an httpd
children) That would mean that you'd need to have more than 20Mb of
logs generated in less than 2min. In ASCII, that's a whole lot of
logs. I'd say your best bet would be to switch your LogLevel from
"debug" to "info" in your httpd.conf and restart Apache... ;)

Or you run a really busy website.
Or your web application code/architecture may need a revision.

Have fun!

David


> Well, if you do use newsyslog to rotate Apache log files, then it's
> just a matter of setting the number of files you whish to keep. From
> newsyslog.conf(5)
>
>  count   Specify the maximum number of archive files which may exist.
>  This does not consider the current log file.
>
> Let's say you rotate your files once they reach 2Mb for example and
> that you've configured 10 in your newsyslog,conf  field. Then
> that means a maximum of 10 x 2Mb = 20Mb will be kept for one
> VirtualHost. Now if you have 100 virtual hosts all configured this
> way, then you will need 100 x 20Mb = 2000Mb or 2Gb for all your Apache
> logs.
>
> Considering today's disk drive sizes are well beyond the 300Gb, I
> don't think this is a problem at all.
>
> Of course, YMMV so check your own needs and do the math.
>
> Cheers,
>
> David




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Apache Rotate Logs and Log Rotate.

[Peter Pluta]

Gotcha, do you use a script to compress the logs after the SIGUSR1 and 
after waiting for a bit for apache to clear it's logging buffer (to not 
have missing logs)?


David Robillard wrote:

On 3/5/07, Peter Pluta <[EMAIL PROTECTED]> wrote:

Thanks, David. I had already configured it like that the first time
around after reading up on it a bit. Most articles/tips I have read say
to wait 10 minutes or so and then compress the logs with a shell script
in order to be sure Apache finished logging to the files. Another thing,
just to be sure. If I had 30 vhosts on my server and each had logs in
their home directory, I would still use newsyslog to rotate and delete
them, correct? I assume one needs tons of disk space to do that if the
sites are rather large.


Well, if you do use newsyslog to rotate Apache log files, then it's
just a matter of setting the number of files you whish to keep. From
newsyslog.conf(5)

 count   Specify the maximum number of archive files which may exist.
 This does not consider the current log file.

Let's say you rotate your files once they reach 2Mb for example and
that you've configured 10 in your newsyslog,conf  field. Then
that means a maximum of 10 x 2Mb = 20Mb will be kept for one
VirtualHost. Now if you have 100 virtual hosts all configured this
way, then you will need 100 x 20Mb = 2000Mb or 2Gb for all your Apache
logs.

Considering today's disk drive sizes are well beyond the 300Gb, I
don't think this is a problem at all.

Of course, YMMV so check your own needs and do the math.

Cheers,

David


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Apache Rotate Logs and Log Rotate.

[Peter Pluta]

Thanks, David. I had already configured it like that the first time 
around after reading up on it a bit. Most articles/tips I have read say 
to wait 10 minutes or so and then compress the logs with a shell script 
in order to be sure Apache finished logging to the files. Another thing, 
just to be sure. If I had 30 vhosts on my server and each had logs in 
their home directory, I would still use newsyslog to rotate and delete 
them, correct? I assume one needs tons of disk space to do that if the 
sites are rather large.


David Robillard wrote:

On 3/3/07, Peter Pluta <[EMAIL PROTECTED]> wrote:

I see, thanks. Does the shell script you use automatically delete the
original logs after verbalizer or awstats makes it's own? I imagine the
ones those programs use are smaller in size?


No, the shell script does not delete any logs. Log rotation and
compression is the job of newsyslog.


Alright, after some more RTFM on Apache logs, here's what your
newsyslog.conf(5) configuration should look like.

/var/log/httpd/access.log640 5 1048576 * B
/var/run/httpd.pid 30
/var/log/httpd/error.log640 5 1048576
* B /var/run/httpd.pid 30

Of course, you should taylor this to suit your own needs (like the
size, ownership and number logs kept on disk, etc.)

But keep the "B" flag for Binary which will prevent newsyslog from
adding a line in your logs which says it was rotated. It _may_ confuse
some log analyser (depends on your log analyser software). Also make
sure to add the "30" at the end of each line. This is the kill(1)
number for signal -USR1 which gracefully restarts Apache.

Now the reason I removed the "Z" flags, which eliminates compression,
is to make sure all of your children httpd processes have enough time
to write their logs into the log file. If a request on your site is
rather long, them this is the best way to go. Of couse, that means you
will need a little bit more disk space. But not that much depending on
how much logs you keep (i.e. 5 in the example above).

HTH,

David


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Apache Rotate Logs and Log Rotate

[Peter Pluta]

I have Apache making separate log files for each of my virtual hosts and 
putting them in /home/vhostname/log. Rotate logs makes a new log every 
24 hours, but the logs quickly add up and since the sites are fairly 
busy the logs are at times over 5gigs. Is there any way to make rotate 
logs delete the log files after two days? Someone recommended me Log 
Rotate (from the ports tree), but this program does basically what 
Rotate logs does; except it makes things more complicated because it 
needs to restart apache and such. Is there a easy way to just have 
Apache's rotatelogs rotate the logs and then delete them after two days?


Any feedback, suggestions, or comments would be greatly appreciated.

Thanks,
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Very Annoying PHP Errors

[Peter Pluta]

I couldn't get error logging to work correctly - I had error_reporting 
commented out, and display_errors = On I also added 
error_reporting(E_ALL); to my header file and the page was just blank... 
What I did was downgraded the php port to 5.2.0 and just re-compiled php 
and all of it's extensions to 5.2.0. The end result was magical my site 
began to work and all the annoying errors disappeared. I believe 5.2.1 
is buggy - reading the Sushion forums many people are complaining about 
certain db connection issues and the ALERT - canary mismatch on efree() 
- heap overflow detected error. I will stick to 5.2.0 for now and 
upgrade when they fix the darn bugs. I'm  using FreeBSD 6.1 with Apache 
2.2.4 and PHP 5.2.0  with Sushion, ipv6 support, and Apache support.


Kevin Kinsey wrote:

Peter Pluta wrote:
I recently upgraded to 5.2.1_1. After upgrading (or before not 
exactly sure) I began getting errors ALERT - canary mismatch on 
efree() - heap overflow detected in my Apache logs. 


That sounds a tad troubling, and is rather over my head.  It does 
appear that some people believe that recent changes in the Zend Memory 
Manager have been a tad, err, hasty|ill-advised|to be sneered at.


Like I say, way over my head.  Considering 5.2.1 was released six days 
ago, you may have found a new bug!  Congratulations!??


Also, certain parts of one of my database (mysql) driven sites 
stopped working. Certain pages just stopped working, they return a 
blank white page. 


This is indicative of a PHP "stop" error, with PHP's error_reporting 
directive set to "off".  You might try adjusting the value of the 
display_errors directive in php.ini to "ON" (and restarting apache), 
or, on a page-by-page basis (or in a header file if the PHP site using 
such things), adding the line:


 error_reporting(E_ALL);

 to the top of each affected file.  PHP will most likely tell you 
what the error is from its POV, which might well help you decide what 
course of action to take.  For more info, see:


  www.php.net/error_reporting

Of course, it's possible that you'll simply get the same error - only 
now it's displayed on the page instead of the Apache log.  Perhaps it 
will give a line number or tell what PHP call produced the error ... 
might help a little bit.


I'm absolutely stumped on what it could be. I have tried recompiling 
php 4-5x with different options and re-installing apache etc... 
Nothing is working. I looked for php bug reports, and found this one 
http://bugs.php.net/bug.php?id=40119 but it does not really pertain 
to me. Can anyone give some pointers or tips on what to do?




Take a deep breath and a cup of {beverage}; chances are pretty good 
that you will find out what's wrong.  Sounds like, according to your 
description above, some problem with the MySQL extension to PHP, or 
PHP's loading of said extension, or the order in which things were 
compiled, or the options in "extensions.ini", etc.


Oh, and see above ;-)

Of course, if it's a real live PHP bug, it won't be quite as easy as 
changing an .ini file.


Right now I am thinking of just downgrading to PHP 5.2.0 because 
that's what worked last. Is there an easy way to downgrade ports?




I'd not go there just yet; but, it's possible to use cvsup to get an 
older version of the ports tree, yes.  What kind of a mess you might 
get into as a result, I'm not sure.  It might be possible to uninstall 
all the affected ports and grab packages that were built by the FBSD 
team for 6.2-RELEASE;  they would likely work, although you'll be 
using an older PHP as a result; that's what's maddening about 
attempting to stay ahead of the "bad guyz" these days.  PHP 5.2.1, for 
example, is supposed to *fix* some potential security problems . . . 
not cause DOS.




Any feedback, tips, or help would be greatly appreciated.

Thanks,
Peter


Hopefully it's worth something.

Kevin D. Kinsey


My php installations have also several and repeating errors, but its
difficult to analyze, because they keep changing.

While updating ports using portmanager or portmaster sometimes
installation of databases/php5-mysql or databases/php5-mysqli fails or
sometimes both but also sometimes both install without errors.

When errors occur, it has to do with missing mysql-client libraries, a
mysql-client port-installation is attempted and fails because
mysql-client is in fact already installed.

By manually deinstalling and reinstalling mysql-client port just before
the php-mysql port and php-mysqli port installation works, but maybe the
next days already same errors occur.

Sometimes all ports installe correctly but afterwards php fails to load
an installed extension (error message refers to missing functions). This
happened once with mysqli-extension, but not mysql and once with
sqlite-extension. Some others too, but I

Very Annoying PHP Errors

[Peter Pluta]

I recently upgraded to 5.2.1_1. After upgrading (or before not exactly 
sure) I began getting errors ALERT - canary mismatch on efree() - heap 
overflow detected in my Apache logs. Also, certain parts of one of my 
database (mysql) driven sites stopped working. Certain pages just 
stopped working, they return a blank white page. I'm absolutely stumped 
on what it could be. I have tried recompiling php 4-5x with different 
options and re-installing apache etc... Nothing is working. I looked for 
php bug reports, and found this one http://bugs.php.net/bug.php?id=40119 
but it does not really pertain to me. Can anyone give some pointers or 
tips on what to do?


Right now I am thinking of just downgrading to PHP 5.2.0 because that's 
what worked last. Is there an easy way to downgrade ports?


Any feedback, tips, or help would be greatly appreciated.

Thanks,
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: rsync issues

[Peter Pluta]

I've gotten a few replies and i've tried almost all of the suggestions 
but the problem still resides. I re-installed rsync on both box's and it 
still does this.



Peter Pluta wrote:

Anyone?

Peter Pluta wrote:
I have a win2k3 server running as my rsync server. I also have a 
freebsd web server being the rsync client. A shell script runs every 
night at 5am (it's below).


Shell script:

#!/bin/sh
. `dirname $0`/settings.inc
destination=**.***.***.***::backup
if [ "$TERM" ]; then verbose=-v; fi
rsync $verbose -azR --delete-after /usr/local/etc/   $destination
rsync $verbose -azR --delete-after /usr/local/lib/sasl2/ $destination
rsync $verbose -azR --delete-after /var/cron/$destination
rsync $verbose -azR --delete-after /root/$destination
rsync $verbose -azR --delete-after /etc/ $destination
rsync $verbose -azR --delete-after --exclude httpd-*.log $wwwDir/ 
$destination


After it runs for 5 minutes it throws this:
rsync: writefd_unbuffered failed to write 16385 bytes [sender]: 
Broken pipe (32)

rsync: read error: Connection reset by peer (54)
rsync error: error in rsync protocol data stream (code 12) at 
io.c(613) [sender=2.6.9]


Dmesg on the box only shows this:
em0: promiscuous mode enabled
em0: promiscuous mode disabled

But that is probably pretty old.

What can the problem be? backups are really important to me and they 
don't currently work as the transfer times out after the first few 
files.


Anyone got an idea? Any feedback or suggestions would be greatly 
appreciated.


Thanks,
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: rsync issues

[Peter Pluta]

Anyone?

Peter Pluta wrote:
I have a win2k3 server running as my rsync server. I also have a 
freebsd web server being the rsync client. A shell script runs every 
night at 5am (it's below).


Shell script:

#!/bin/sh
. `dirname $0`/settings.inc
destination=**.***.***.***::backup
if [ "$TERM" ]; then verbose=-v; fi
rsync $verbose -azR --delete-after /usr/local/etc/   $destination
rsync $verbose -azR --delete-after /usr/local/lib/sasl2/ $destination
rsync $verbose -azR --delete-after /var/cron/$destination
rsync $verbose -azR --delete-after /root/$destination
rsync $verbose -azR --delete-after /etc/ $destination
rsync $verbose -azR --delete-after --exclude httpd-*.log $wwwDir/ 
$destination


After it runs for 5 minutes it throws this:
rsync: writefd_unbuffered failed to write 16385 bytes [sender]: Broken 
pipe (32)

rsync: read error: Connection reset by peer (54)
rsync error: error in rsync protocol data stream (code 12) at 
io.c(613) [sender=2.6.9]


Dmesg on the box only shows this:
em0: promiscuous mode enabled
em0: promiscuous mode disabled

But that is probably pretty old.

What can the problem be? backups are really important to me and they 
don't currently work as the transfer times out after the first few files.


Anyone got an idea? Any feedback or suggestions would be greatly 
appreciated.


Thanks,
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

rsync issues

[Peter Pluta]

I have a win2k3 server running as my rsync server. I also have a freebsd 
web server being the rsync client. A shell script runs every night at 
5am (it's below).


Shell script:

#!/bin/sh
. `dirname $0`/settings.inc
destination=**.***.***.***::backup
if [ "$TERM" ]; then verbose=-v; fi
rsync $verbose -azR --delete-after /usr/local/etc/   $destination
rsync $verbose -azR --delete-after /usr/local/lib/sasl2/ $destination
rsync $verbose -azR --delete-after /var/cron/$destination
rsync $verbose -azR --delete-after /root/$destination
rsync $verbose -azR --delete-after /etc/ $destination
rsync $verbose -azR --delete-after --exclude httpd-*.log $wwwDir/ 
$destination


After it runs for 5 minutes it throws this:
rsync: writefd_unbuffered failed to write 16385 bytes [sender]: Broken 
pipe (32)

rsync: read error: Connection reset by peer (54)
rsync error: error in rsync protocol data stream (code 12) at io.c(613) 
[sender=2.6.9]


Dmesg on the box only shows this:
em0: promiscuous mode enabled
em0: promiscuous mode disabled

But that is probably pretty old.

What can the problem be? backups are really important to me and they 
don't currently work as the transfer times out after the first few files.


Anyone got an idea? Any feedback or suggestions would be greatly 
appreciated.


Thanks,
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"