Re: How to Select Compiler Version when Installing Port
Daniel J Cain Jr. wrote: I am trying to get vmailmgr-0.96.9 to build from the ports collection of FreeBSD 5.1-RELEASE. I 'think' it will work if I can have the port use a different compiler version during the build. I have been unable to figure/find out how (if?) this is possible. By default it seems to use gcc 3.2.2, and I have the port install of gcc 2.9.5 available I just don't know how to make 'make' use the older version. I usually use make CC=your C compiler here CXX=your C++ compiler here build Simon signature.asc Description: Digital signature
Re: choice of boot manager
On Wed, 14 Jan 2004 17:09:04 +, Peter Risdon [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: not know. Any information about positive or negative experiences with any of these programs in a multiple operating system configuration would be appreciated. This isn't on your list, but I tried using the romantically named gag graphical bootloader http://gag.sourceforge.net/ after a few probs with an OpenBSD/W98 installation, and found it extremely good. It's what I use for customers' dual boot machines now because it's quick to install, easy to configure, reliable and pretty. GAG is more automagic than the others you've named, and I think it is a good choice. Ranish shouldn't be used unless you know a *lot* about partitioning. Otherwise it's darned easy to mess things up. GRUB is worthwhile - a good learning experience precisely because it is not automagic. FreeBSD's BootEasy and the NT bootloader both work, though you have to learn how to configure the NT loader, and BootEasy is bare-bones. I currently use GAG with no problems at all to boot -STABLE, -CURRENT, Slackware Linux, Windows 2000 and Windows 98 on a system with a RAID-0 array and a third hard drive. It finds all the OSs itself; all you have to do is assign a number to each. (To boot Linux, you must install Lilo or Grub to the kernel partition.) Hit a number on the keyboard when GAG's screen comes up, and the corresponding OS boots. Easy as that. Jud ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sshd, how is this possible, security bug?
On Jan 14, 2004, at 6:43 PM, Jonathan T. Sage wrote: you did. from ssh's point of view. however, pam is enabled, and it allows password authentication. to do what you're asking, edit sshd_config again, and toggle this line # Change to no to disable PAM authentication ChallengeResponseAuthentication no this is my fix, it allows only pubkey logins. i'm sure this is also possible with PAM, and actually, would love to know how that works too :) Does anyone have any idea on how to require a pubkey AND a password? I don't want either one to be enough, but want both... Thanks Chad ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
make -jX build(world|kernel): test results
Howdy, Occasionally the question pops up on the questions@ list about what the fastest -jX number is for a single CPU system. I had some spare time so I tried out a small matrix of possibilities. My conclusion is that using -jX at all is mostly a waste of time on single CPU systems running -STABLE (even with multiple spindles being involved), especially when one considers that -jX may introduce build problems. NOTES: * I used the simple shell time command * /usr/obj was cleaned out before each run and I waited at least 30 seconds afterwards for write caching to settle down * This is my regular build host for my network * I built 4 kernels: 3 customized and GENERIC (see above for why) * Celeron 900, 256Mb of RAM, /usr/src and /usr/obj are both on their own set of spindles * /usr/obj consumes part of a vinum mirror on dual 40Gb 7200RPM Maxtor 6L040J2's (the remaining vinum filesystems weren't active during this test) * /usr/src is on a 2,1Gb Compaq ST32550N SCSI-2 drive * The operating system is on separate spindles RESULTS: buildworld -j2 buildworld -j3 buildworld -j4 buildworld == == == == real 57m10.367s 54m10.992s 55m7.494s55m1.459s user 38m5.436s38m20.852s 38m22.453s 38m23.056s sys9m2.801s 10m12.876s 10m17.140s 10m14.792s buildkernel -j2 buildkernel -j3 buildkernel -j4 buildkernel === === === === real 36m59.994s 36m58.988s 37m42.956s 37m31.627s user 29m35.597s 29m43.405s 29m43.846s 29m48.652s sys4m50.478s5m26.372s5m26.883s5m22.763s Thought this might be of some interest, -T -- Re: alt.sysadmin.recovery A fitting punishment for kindly naivete, to end up belonging here. - A.S.R. quote (Chris Johnson) pgp0.pgp Description: PGP signature
Secure MSN and ICQ chat
Hello all. I want to secure the network traffic of the users on my LAN, I want to secure the MSN and ICQ data so people on the building can't use a sniffer and watch the conversations. I have something like this: InternetInternet ^ ^ | | router ( sniffer in here )| | | | | | | FBSD server -- VPN/IPSEC -- FBSD server on a secure network | | Swith/hub | | - | LAN | - Right now i have an tunnel with IPSEC to another FreeBSD Server the one is on a secure network and on a different building, what i was thinking to do, was to install a proxy on the Secure FreeBSD server and configure the MSN/ICQ clients to use that proxy so only that traffic could go out using the secure network. I would like to know if there is a better option for securing this communications, or if this idea is fine and what proxy software do you recommend to install for doing this. regards ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: choice of boot manager
My preference goes to Smart Boot Manager http://btmgr.sourceforge.net/ Free and lots of options. Let's say you have 2 windows installations on two different hard drives (I know that's too much). You may run into troubles (like starting booting from the second one and getting your desktop from the fisrt one) if you start booting from the second disk directly. With SBM you can swap the drive IDs so the second one becomes the first one Windows is looking for. No need for any partition, just install the full app into MBR. If something goes wrong, boot from floppy and re-install. Dany Quoting Rob [EMAIL PROTECTED]: Lee Shackelford wrote on Thursday January 15, 2004: I am planning a multiple operating system installation on a Compaq Proliant 5000. The purpose of the installation is hobbyist and instructional. The computer does not provide network management services. The proposed operating systems are Windows 95, FreeBSD, and Windows 2000 Server. A fourth operating system may be added at a later date. Have you had any experience with any of the following boot manager programs that may suggest their relative applicability to this project? The boot manager programs I am considering include the following: LILO, GRUB, MATT, NTLDR/BOOT.INI, RANISH, and the boot loader that comes with FreeBSD, the name of which I do not know. Any information about positive or negative experiences with any of these programs in a multiple operating system configuration would be appreciated. Your truly, Lee Shackelford The standard FreeBSD boot loader can boot Windows systems. Its main problem is cosmetic - Linux and FreeBSD slices are recognised, but Windows is displayed as '???' and these labels cannot be customised. I use grub-0.92 (/usr/ports/sysutils/grub/ or a package on the 3rd CD). It's thoroughly customisable and supports a wide range of operating systems - some Linux distributions use it instead of LILO. After installing the package, you have to copy a few files and run the grub(8) program to install it on the MBR. In an attempt to be OS-neutral, grub uses its own naming scheme for disks: (hd0,0,a) is the first BSD filesystem on the first slice of the first disk. Here's my boot menu: # defaults color light-gray/black white/blue default saved timeout 10 # Desktop title FreeBSD 4.9-RELEASE root(hd0,a) kernel /boot/loader savedefault # Win2k title Windows 2000 Professional root(hd0,1) chainloader +1 savedefault # shutdown title (power off) halt The 'savedefault' feature is handy - whichever OS you select will be the default next time. Without this, rebooting the non-default OS is a real pain. I've had a couple of tries at using the NT boot.ini method. The procedure has been well documented by many people, but it never went smoothly for me - I always had the feeling that Windows didn't really want to boot another OS. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How do YOU stay up to date?
Hello all again, I'm finally getting my arms around FreeBSD and the updating processes and tools. But I'm still trying to come up with good habits/methods/instructions for updating routines for both myself and my colleagues who also want to switch to FreeBSD. I now understand how to use cvsup to keep my src and ports tree current. I know how to use pkg_add -r to install new sotware, or go into /usr/ports/whatever to make install. I know how to do portupgrade to upgrade my installed ports, how to pkg_version -v to see what's out of date with my tree, and how to cronjob cvsup to keep my trees current. (I still need to play more with make world and whatnot) But what do you all out there in BSD land do to stay current as a practice? I'm looking at this on two fronts: FreeBSD on our laptops (There will be at least 3 of us with T23's, and I also plan on migrating most, if not all of my servers from Linux to FreeBSD). One thing that concerns me, at least on the laptops, is the amount of time spent compiling new software as it is release, seeing as how we will be running x, gnome and Yahweh knows what elseI've already spent a great deal of time recompiling all this stuff to get current. (granted, I'm still experimenting, blowing my machine away, starting over, to both learn and write up instructions for the other guys, so I'm repeating the pains). How is this going to affect us longterm with staying current if we are constantly getting new source and having to recompile? One of my colleagues has proposed just using packages as much as possible. But although it seems simple enough to to go pkg_add -r gnome2, what about updating? I mean, after installing the package, pkg_version -v many packages are listed as out of date with my current ports tree. So how to update short of doing a portupgrade -Pa and waiting a few or several hours? As far as the servers go, I'm almost certain that I'll be standardizing on 4.9-RELEASE, with minimal software, so I'm not so concerned here since the security/bug fixes seem far and few between for this release. I'm just looking for advice. If the long way is the only way, fine. I need to start writing up some standards and procedures so we can move on. But if there are more efficient methods, or methods to make things easier on everybody else, or some technique I'm just plain missing, I'm all ears. Thanks for any info, guidance or virtual asskicking you can provide me. And sorry my post is so long. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Secure MSN and ICQ chat
On Wednesday 14 January 2004 09:49 pm, Nicolás de Bari Embríz G. R. wrote: Hello all. I want to secure the network traffic of the users on my LAN, I want to secure the MSN and ICQ data so people on the building can't use a sniffer and watch the conversations. I have something like this: InternetInternet ^ ^ router ( sniffer in here )| FBSD server -- VPN/IPSEC -- FBSD server on a secure network Swith/hub - | LAN | - Right now i have an tunnel with IPSEC to another FreeBSD Server the one is on a secure network and on a different building, what i was thinking to do, was to install a proxy on the Secure FreeBSD server and configure the MSN/ICQ clients to use that proxy so only that traffic could go out using the secure network. I would like to know if there is a better option for securing this communications, or if this idea is fine and what proxy software do you recommend to install for doing this. regards What if you used a client on the FBSD server in the secure network via ssh and X forwarding? Andrew Gould ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do YOU stay up to date?
On Wednesday 14 January 2004 10:11 pm, Duane Winner wrote: Hello all again, I'm finally getting my arms around FreeBSD and the updating processes and tools. But I'm still trying to come up with good habits/methods/instructions for updating routines for both myself and my colleagues who also want to switch to FreeBSD. I now understand how to use cvsup to keep my src and ports tree current. I know how to use pkg_add -r to install new sotware, or go into /usr/ports/whatever to make install. I know how to do portupgrade to upgrade my installed ports, how to pkg_version -v to see what's out of date with my tree, and how to cronjob cvsup to keep my trees current. (I still need to play more with make world and whatnot) But what do you all out there in BSD land do to stay current as a practice? I'm looking at this on two fronts: FreeBSD on our laptops (There will be at least 3 of us with T23's, and I also plan on migrating most, if not all of my servers from Linux to FreeBSD). One thing that concerns me, at least on the laptops, is the amount of time spent compiling new software as it is release, seeing as how we will be running x, gnome and Yahweh knows what elseI've already spent a great deal of time recompiling all this stuff to get current. (granted, I'm still experimenting, blowing my machine away, starting over, to both learn and write up instructions for the other guys, so I'm repeating the pains). How is this going to affect us longterm with staying current if we are constantly getting new source and having to recompile? One of my colleagues has proposed just using packages as much as possible. But although it seems simple enough to to go pkg_add -r gnome2, what about updating? I mean, after installing the package, pkg_version -v many packages are listed as out of date with my current ports tree. So how to update short of doing a portupgrade -Pa and waiting a few or several hours? The existence of newer source code is not, in and of itself, justification for an upgrade. Each day brings new source code. It is up to the administrator to monitor new features, bug fixes and security issues to determine when an upgrade is warranted. Also, keep in mind: 1. portupgrade -rR port name will upgrade the specified port, its dependencies and any ports that depend upon the specified port. You don't have to update all ports at once to keep port dependencies in sync. 2. Packages installed with pkg_add, that have associated ports, can be upgraded using portupgrade. 3. Unless your use of computers demands cutting or bleeding edge code, tracking SECURITY may meet your needs as well or better than STABLE or CURRENT. Best regards, Andrew Gould ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do YOU stay up to date?
On Wed, Jan 14, 2004 at 11:11:22PM -0500, Duane Winner wrote: I now understand how to use cvsup to keep my src and ports tree current. I know how to use pkg_add -r to install new sotware, or go into /usr/ports/whatever to make install. I know how to do portupgrade to upgrade my installed ports, how to pkg_version -v to see what's out of date with my tree, and how to cronjob cvsup to keep my trees current. (I still need to play more with make world and whatnot) I think you've got the right tools, you jsut need to use them in different ways. One thing that concerns me, at least on the laptops, is the amount of time spent compiling new software as it is release, seeing as how we will be running x, gnome and Yahweh knows what else You have enough machines to justify using a build host: a single machine that simply builds ports into packages (or compiles buildworld and buildkernel into the /usr/obj directory). You can then do binary installs off of the build host via NFS. It's a very handy architecture because it allows you to do offload the work of building to a separate server and roll out to other machines when it's convenient. It also helps ensure that other machines stay uniform and allows new machines to rolled out with little effort. -T -- The most exhausting thing in life is being insincere. - Anne Morrow Lindbergh {American Author} ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do YOU stay up to date?
Thanks for the reply, which was very helpful. Could you just clarify one thing for me? On your last point regarding 'SECURITY - STABLE - CURRENT', my understanding up to now has been that this applies to the FreeBSD 'src' tree only, but not to the ports collection. Am I correct? If we are running 4.9-RELEASE, and cvsuping using 'RELENG_4_9', my assumption is that we'll rarely have to do a 'buildworld' or recompile the kernel, correct? But ports don't fall under the same tracking mechanism, correct? (I have a line 'ports-all tag=.' in my supfile because I read that there are no release tags for ports). I just want to make sure I understand all of this correctly. Thanks again, Duane On Wed, 2004-01-14 at 23:27, Andrew L. Gould wrote: On Wednesday 14 January 2004 10:11 pm, Duane Winner wrote: Hello all again, I'm finally getting my arms around FreeBSD and the updating processes and tools. But I'm still trying to come up with good habits/methods/instructions for updating routines for both myself and my colleagues who also want to switch to FreeBSD. I now understand how to use cvsup to keep my src and ports tree current. I know how to use pkg_add -r to install new sotware, or go into /usr/ports/whatever to make install. I know how to do portupgrade to upgrade my installed ports, how to pkg_version -v to see what's out of date with my tree, and how to cronjob cvsup to keep my trees current. (I still need to play more with make world and whatnot) But what do you all out there in BSD land do to stay current as a practice? I'm looking at this on two fronts: FreeBSD on our laptops (There will be at least 3 of us with T23's, and I also plan on migrating most, if not all of my servers from Linux to FreeBSD). One thing that concerns me, at least on the laptops, is the amount of time spent compiling new software as it is release, seeing as how we will be running x, gnome and Yahweh knows what elseI've already spent a great deal of time recompiling all this stuff to get current. (granted, I'm still experimenting, blowing my machine away, starting over, to both learn and write up instructions for the other guys, so I'm repeating the pains). How is this going to affect us longterm with staying current if we are constantly getting new source and having to recompile? One of my colleagues has proposed just using packages as much as possible. But although it seems simple enough to to go pkg_add -r gnome2, what about updating? I mean, after installing the package, pkg_version -v many packages are listed as out of date with my current ports tree. So how to update short of doing a portupgrade -Pa and waiting a few or several hours? The existence of newer source code is not, in and of itself, justification for an upgrade. Each day brings new source code. It is up to the administrator to monitor new features, bug fixes and security issues to determine when an upgrade is warranted. Also, keep in mind: 1. portupgrade -rR port name will upgrade the specified port, its dependencies and any ports that depend upon the specified port. You don't have to update all ports at once to keep port dependencies in sync. 2. Packages installed with pkg_add, that have associated ports, can be upgraded using portupgrade. 3. Unless your use of computers demands cutting or bleeding edge code, tracking SECURITY may meet your needs as well or better than STABLE or CURRENT. Best regards, Andrew Gould ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to Select Compiler Version when Installing Port
On Wed, 2004-01-14 at 20:43, Simon Barner wrote: Daniel J Cain Jr. wrote: I am trying to get vmailmgr-0.96.9 to build from the ports collection of FreeBSD 5.1-RELEASE. I 'think' it will work if I can have the port use a different compiler version during the build. I have been unable to figure/find out how (if?) this is possible. By default it seems to use gcc 3.2.2, and I have the port install of gcc 2.9.5 available I just don't know how to make 'make' use the older version. I usually use make CC=your C compiler here CXX=your C++ compiler here build Thanks! That seems to have done the trick! Simon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems with FreeBSD 4.8 on Compaq Armada M700 laptop
On Tue, Jan 13, 2004 at 04:25:25PM +0800, Dinesh Nair wrote: On Mon, 12 Jan 2004, John wrote: I have an update, additional information... Instead of getting the device ID line, i.e. Jan 11 17:56:56 pearl /kernel: acd0: CDROM Compaq CRN-8241B at ata0-slave PIO I get Jan 11 18:09:55 pearl /kernel: ata0-slave: ATA identify retries exceeded I've looked at the sys/dev/ata/ata-all.c code - I wonder if I should just arbitarily raise the retry count a bit - what's everyone else getting for a CDROM ID string? Is it just this one? Something about booting from it initializes it in a way that the ata-all code doesn't? BTW - after some pain and agony, I've verified that I'm running the latest BIOS. The apm problem is solved - I missed the fact that in the 4.8R GENERIC kernel is was marked disabled. Oops. The display problem is also solved. I missed the non-fatal error from the startx output stating that the -bpp parameter was deprecated. I switched to -depth 24 and that worked, so I now have DefaultDepth 24 in the X config file - and am now happily running xdm, OpenOffice, KDE, and all that fun stuff! That just leaves the the CD and the /dev/dsp issue when KDE starts... -- John Lind [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Solution to Routing Networks
Hi all thanks for all your answers. The solution that i found was to add to my ipnat.rules this lines: map dc1 192.168.10.0/24 - 0/32 portmap tcp/udp auto map dc1 192.168.10.0/24 - 0/32 and to my rc.conf this : static_routes=linux route_linux=192.168.0.0/16 192.168.1.3 regards. Hi all, I need some help routing or making Nat on a LAN. I have something like this: I N T E R N E T - ^ ^ | | fxp0 public IP public IP | | FreeBSD server LINUX server | | dc0 192.168.10.1| dc1 192.168.1.1 ^ 192.168.1.3 ^ | ^ | | | | | | | Switch/Hub | | | -- - | LAN A | | LAN B | | 192.168.10.2-254 | | 192.168.1.4-100 | -- - I have running a FreeBSD server as a gateway and DHCP, the server share the Internet to all the computers on LAN A (192.168.10.0/24). The server have 3 network cards: fxp0 is public IP. dc0 is the gateway for the LAN A 192.168.10.1. dc1 has IP 192.168.1.1 ( need help with this ). Right now i am just using fxp0 and dc0 so any computer on the LAN A 192.168.10.2-254 can have Internet, my ipnat.rules file looks like this: -- map fxp0 192.168.10.1/24 - 0/32 portmap tcp/udp auto map fxp0 192.168.10.1/24 - 0/32 -- until that point everything just work OK. There is another network, I will call it LAN B, this LAN make the same thing that i am doing with the FreeBSD Server, but instead it uses LINUX, the m achine have 2 network cars. eth0 has a public IP. eth1 is the gateway for the LAN B 192.168.1.3 Both networks are connected to the same switch/hub, but now i need that the computers of LAN A can see ping computers on LAN B. If I configure the third nick dc1 on the FreeBSD server to have an IP on the range of LAN B for example with ip 192.168.1.1, then I can see all the computers from both LAN's, I can ping, telnet, ssh etc. to both 192.168.10.X and 192.168.1.X. networks standing on the FreeBSD server. What i want to do is that a computer on LAN A with an IP on the range of 192.168.10.2-254 can ping, telnet, ssh, etc. to a computer on LAN B 192.168.1.X. How can i solve this problem, is this is a route or Nat problem ? There is one more issue, I can't touch the LINUX SERVER I can just be a client or join the LAN by configure a nic with a IP on the range of 192.168.1.0/24. I have been trying to fix this with static routes but i am not having luck. Any help will be apreciated. regards. -- [EMAIL PROTECTED] key ID 1EF56FDC -- [EMAIL PROTECTED] key ID 1EF56FDC -- [EMAIL PROTECTED] key ID 1EF56FDC ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]