RE: Example BSD Makefiles *outside* the src tree??
OpenSSL does not require gnu make. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jonathon McKitrick Sent: Saturday, February 05, 2005 6:22 AM To: freebsd-questions@freebsd.org Subject: Example BSD Makefiles *outside* the src tree?? Hi all, does anyone know of any project out there I could get my hands on that use BSD make? Obviously the src tree is not a good place to learn the basics, but most makefiles I run across are for GNU make and/or are too complex to learn the basics from. jm -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Openoffice 1.1 - compile errors even without Java
Hi,
I'm having a hard time getting OO 1.1.4 installed from ports: Using
the normal make-way (i.e. with Java support) makes the build die
after some hours with the famous errors during Java compilation.
So I tried
make -DWITHOUT_JAVA
Again, make runs for several hours finally bailing out with the
following error message:
-- Cut here --
zip -j -5 ../unxfbsd.pro/01/normal/f_0386
/usr/ports/editors/openoffice-1.1/work/solver/645/unxfbsd.pro/bin/dtint
adding: dtint (deflated 69%)
zip -j -5 ../unxfbsd.pro/01/normal/f_0387
/usr/ports/editors/openoffice-1.1/work/solver/645/unxfbsd.pro/bin/dtappintegrate
adding: dtappintegrate (deflated 80%)
optimize summary: 0 kb
Replacing ${EVAL} with
Replacing ${FILEFORMATNAME} with OpenOffice.org
Replacing ${FILEFORMATVERSION} with 1.0
Replacing ${LONG_PRODUCTEXTENSION} with
Replacing ${PRODUCTEXTENSION} with
Replacing ${PRODUCTNAME} with OpenOffice.org
Replacing ${PRODUCTVERSION} with 1.1.4
time needed: 0:0:27
WARNING! Project(s):
gtk
not found and couldn't be built. Correct build.lsts.
-- Cut here --
Has anybody sucessfully built OO 1.1.4 from ports - either with our
without Java?
What's the trick to get this going?
Here's my environment:
FreeBSD 5.3; system/kernel and ports cvsup-ed and fully portupgraded
including any dependencies to the latest (yesterday) state.
Thanks much in advance for your help,
-ewald
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Openoffice 1.1 - compile errors even without Java
Has anybody sucessfully built OO 1.1.4 from ports - either with our without Java? I am not sure about java (all default), but building OO from the ports was almost painless. I think I had installed Java beforehand anyway. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD I LOVE YOU
On Wed, Jan 19, 2005 at 09:10:09PM +0100, Anthony Atkielski wrote: faisal gillani writes: fg hmmm exactly right .. u know i have a 750MHz At halon fg with 256MB ram .. still my processor is 80% idle fg most of the time .. fg i also have some windows server on my network but fg thats a compulsory rather then choice . I'm gradually migrating legacy aps off my older NT server and I think it might be extremely interesting to install FreeBSD on that machine once it is free--if only I could persuade it to boot from diskette (for some reason, the diskette drive no longer seems to be recognized by the OS). It's an old HP Vectra, but like all vintage HP high-end machines, it still works perfectly, after nearly a decade of continuous use. Can anyone tell me how to install FreeBSD on a machine that is running Windows NT and refuses to boot from CD or from diskette? I don't suppose there's any magic program I could run from NT that would start a FreeBSD installation, is there? I've used loadlin before to boot up a linux installer when I had neither a floppy driver nor a cdrom drive to boot from, it works quite well. For freebsd, I'm not sure if there is a similar program or not, but one possibility would be to use loadlin to start a basic linux environment, then use linux to install the freebsd bootloader to the hard drive and start the freebsd installer. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Changing mysql root password
Hello gang, Okay so I've read the mysql docs and also googled my little heart out; have also tried various solutions none of which worked. I've done a fresh install of mysql3*-server from ports. The db dir is /usr/local/mysql and I've been starting the deamon utilizing the following line: safe_mysqld --user=mysql --skip-grant-tables --err-log=/usr/local/mysql/erro.log Okay, with that said, here's the output when trying to change root's password (even mysql password); gmpnoc# mysqladmin -h localhost -u root password password mysqladmin: unable to change password; error: 'You must have privileges to update tables in the mysql database to be able to change passwords for others' gmpnoc# I've also tried it without -h, tried it with -h pointing to the actual name of the machine. Nuffin! Please someone enlighten me! Cheers! -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing mysql root password
On Tue, 8 Feb 2005 00:37:40 -0800 gabriel [EMAIL PROTECTED] wrote: Please someone enlighten me! Hi, http://dev.mysql.com/doc/mysql/en/resetting-permissions.html Hope it helps -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Dumb question about ports/packages
This is somewhat of a dumb question, but I'm a bit confused about the differences between ports, packages and what is currently on the system. Let's [hypothetically] say I have a FreeBSD 5.3 system. I use the ports system on things I want to compile and packages when I'm lazy :-). I keep track of my ports 'n' packages with portupgrade(1). Now here's the scenario (fake, mind you). Let's say SSHD which is part of the core distribution from my limited understanding develops a root hole, or some other nasty exploit. How would I upgrade just one package part of the core like that? Or multiple ones for that matter. Can you use the ports/packages system? Or do you have to do an entire system upgrade (i.e. 4.10 to 4.11). Any help is greatly appreciated! Matt Rechkemmer [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dumb question about ports/packages
a patch would be issued for the source. On Tue, 8 Feb 2005 01:57:48 -0700, Matt Rechkemmer [EMAIL PROTECTED] wrote: This is somewhat of a dumb question, but I'm a bit confused about the differences between ports, packages and what is currently on the system. Let's [hypothetically] say I have a FreeBSD 5.3 system. I use the ports system on things I want to compile and packages when I'm lazy :-). I keep track of my ports 'n' packages with portupgrade(1). Now here's the scenario (fake, mind you). Let's say SSHD which is part of the core distribution from my limited understanding develops a root hole, or some other nasty exploit. How would I upgrade just one package part of the core like that? Or multiple ones for that matter. Can you use the ports/packages system? Or do you have to do an entire system upgrade (i.e. 4.10 to 4.11). Any help is greatly appreciated! Matt Rechkemmer [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dumb question about ports/packages
How would I upgrade just one package part of the core like that? Or multiple ones for that matter. Can you use the ports/packages system? Or do you have to do an entire system upgrade (i.e. 4.10 to 4.11). I'd say, given that ssh is part of the ports (/usr/ports/security/ssh), you could ust upgrade that port and install that port. I'd cvsup ports/security then make make install for ssh Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: startup - sticky to FAQ
***excellent Chris, many thanks. a proper answer instead of one of those smart-arse rtfm types ! :) ***im sure a lot of us new-to-linuxers ask this very same question, so maybe stick this in the faq somehow. bfn. --- On Mon, 2005-02-07 at 17:47 -0600, Chris wrote: Marshall Kiam-Laine wrote: ***hi all, rookie fiddler calling :) just loaded fbsd5.3amd64 but it stopped at the login prompt. (1) $startkde didnt work, is that the right command please ? type this: echo exec startkde .xinitrc (2) what command to start gnome ? type this: echo exec gnome-session .xinitrc (3) how to tell it to start one of the GUI automatically ? The contense of .xinitrc should now look like this: exec startkde exec gnome-session Comment out one of the line with # in front of it. So, if you want to start KDE: exec startkde #exec gnome-session Then, when you type:startx KDE starts. Do the opposite if you want gnome many thanks, [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Unable to get phpMyAdmin working
On Mon, Feb 07, 2005 at 09:39:36AM -0700, Pat Maddox wrote: I managed to get it working by chowning the entire phpMyAdmin dir to www:www. Not sure if that's the best thing, but it works. Well, if it works for you. By default the port installs config.inc.php owned by root:www mode 640, so if your webserver is running (as it usually does) as www:www then it should be able to read the file. If you install WITH_SUPHP as the www user and the www group. However, if you use a different UID/GID for your webserver, you can override those settings by: # make install MYADMUSR=foo MYADMGRP=bar Note that the config.inc.php file potentially contains database passwords so you should be a bit careful about not letting the whole world read it. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 8 Dane Court Manor School Rd PGP: http://www.infracaninophile.co.uk/pgpkey Tilmanstone Tel: +44 1304 617253 Kent, CT14 0JL UK pgpNUmVSG9XKR.pgp Description: PGP signature
Re: Changing mysql root password
Nope, negative. Any other suggestions? On Tue, 8 Feb 2005 10:59:21 +0200, Adi Pircalabu [EMAIL PROTECTED] wrote: On Tue, 8 Feb 2005 00:37:40 -0800 gabriel [EMAIL PROTECTED] wrote: Please someone enlighten me! Hi, http://dev.mysql.com/doc/mysql/en/resetting-permissions.html Hope it helps -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
On Mon, 7 Feb 2005, markzero wrote: These switches should technically not be able to work without a power supply but evidently they work just fine. I don't question the arrangement, I just observe it from across the room. We get along fine. Many KVMs draw power from the mouse/keyboard ports. -- Dave ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing mysql root password
On Tue, 8 Feb 2005 01:21:45 -0800 gabriel [EMAIL PROTECTED] wrote: Nope, negative. Any other suggestions? From what I know, if you installed mysql from ports system, without any particular knobs, the database directory should be /var/db/mysql. So, if you want to use another path, you should append --datadir=/your/path/to/dir/database when invoking safe_mysqld. Anyway, you should provide more info, I can't guess your setup ;) -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing mysql root password
Okay, I'm not asking you to guess it, I didn't include it because I didn't think it was relevant. Regardless, here it goes: This the make line: make DB_DIR=/usr/local/mysql WITH_LINUXTHREADS=yes BUILD_STATIC=yes BUILD_OPTIMIZED=yes install I'm not sure what else you need. Cheers! On Tue, 8 Feb 2005 11:35:37 +0200, Adi Pircalabu [EMAIL PROTECTED] wrote: On Tue, 8 Feb 2005 01:21:45 -0800 gabriel [EMAIL PROTECTED] wrote: Nope, negative. Any other suggestions? From what I know, if you installed mysql from ports system, without any particular knobs, the database directory should be /var/db/mysql. So, if you want to use another path, you should append --datadir=/your/path/to/dir/database when invoking safe_mysqld. Anyway, you should provide more info, I can't guess your setup ;) -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FreeBSD 3.2
-Original Message- From: Chuck Swiger [mailto:[EMAIL PROTECTED] Sent: Saturday, February 05, 2005 11:34 AM To: Ted Mittelstaedt Cc: [EMAIL PROTECTED]; freebsd-questions@freebsd.org Subject: Re: FreeBSD 3.2 Oh I always love these kinds of statements. Even if I am a lawyer (which I'll say I'm not, to save you from arguing that I am not) guess what - unless I'm retained by you or the OP for the purposes of giving legal advice, even as a lawyer, my advice has no legal significance whatsover. Yes, that's true - a lawyer's advice has no significance - unless paid for. You're simply wrong. Attorney-client privilege applies even when a lawyer has not been paid-- I said unless I'm retained by you or the OP for the purposes of giving legal advice Technically your correct on the paid for issue, it was a smartass comment of mine - every lawyer I've ever met doesen't give anyone dick unless he or she gets money for it, so from a practical standpoint the two statements are the same thing. But, I'm sure you could probably find a few exceptions to that if you looked hard enough. There must be somewhere at least 1 lawyer that gave someone something of value, by accident, without extracting his pound of flesh. I am qualified here on this topis as an expert witness however, and as a matter of fact, lawyers pay people like me to explain how laws like this apply to the real world. Oh, I've served as an expert witness, too. I was paid to evaluate software to determine whether copyright infringement had occured because the technical skills required to evaluate software require skills which people who are not experts with computers don't have. Whis is a simple way of saying you were paid to render an opinion, ie: advice on whether copyright law applied to an example in the real world. Jsut what I said. And of course I'll also gloss over the whole issue that your implying that laws are uninterpretable by the average person unless they are a lawyer. Riiggghhttt. So I guess you get a lawyer every time you get a parking ticket, eh? ;-) The law applies regardless of whether the average person is able to understand a specific matter or not. However, for the sake of example, if you are not an accountant, then you probably [1] cannot be held guilty of *willfully* violating accounting laws which are only comprehensible to an accountant (or to a lawyer specializing in that area of law). Accounting law is much more complex than what we are talking about here. Likewise, someone who has served as a legal expert on computer matters is expected to have a greater understanding of the ethics and professional responsibilities involved with computer usage. For example, because I am a network manager responsible for a network infrastructure including electronic mail systems, I know that I have a legal obligation to report child pornography in spam (ie, an email containing pictures as a MIME attachment, or a link to a porn web site) if and when I become aware of such filth. Yes, it is very unfortunate how many network managers out there somehow don't become aware of such illegal activities even when their own networks are stuffed with them. Makes you wonder how exactly they are managing their networks. -- [1]: But this becomes more complicated when you are expected to discuss matters with your accountants as part of your responsibilities: there are several high-profile cases going on right now involving CEOs who claimed to know nothing about accounting or financial irregularities who are still being prosecuted The rest of the industry knew Ebbers was running a Ponzi scheme years before it collapsed. What the courts in that mess are trying to do now is figure out how to make the obvious legally stick. It is a shame, though, that besides him the US government regulators aren't right up there with him, as their irresponsibility in failing to apply the anti-trust acts are what allowed the mess to get as big as it is. See 18 USC 1030: http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_ 1030000-.html Interesting cite, let's look a bit more closely though: (a)(1) having knowingly accessed a computer without authorization He has authorization to -access- the computer. Note that access is not spelled out as a definition in section (e) (a)(1) or exceeding authorized access OK, so here we have something - as you could argue that updating the system is exceeding the authorized access on the machine, right? Except that, continuing on in this section: and by means of such conduct...unauthorized disclosure for reasons of national defense Ok, so section (a)(1) isn't applicable. So continuing on: (a)(2) exceeds authorized access, and thereby obtains-... information from any department or agency of the United States I'll skip (a)(2)(a) and (a)(2)(c) as they obviously
Re: Changing mysql root password
On Tue, 8 Feb 2005 01:40:36 -0800 gabriel [EMAIL PROTECTED] wrote: I'm not sure what else you need. I'm not sure what I need either :), anyway: - did you notice any errors after install? - do you have a proper user/group setup on DB_DIR ? - does the error occur if you start safe_mysqld as root and not as another user? -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Changing mysql root password
hmm you know what worked? Just doing this: /usr/local/bin/safe_mysqld Before I was adding some flags that the manual said I should add. I've sinced placed them in the config. Thanks for your help though!! :) On Tue, 8 Feb 2005 11:55:14 +0200, Adi Pircalabu [EMAIL PROTECTED] wrote: On Tue, 8 Feb 2005 01:40:36 -0800 gabriel [EMAIL PROTECTED] wrote: I'm not sure what else you need. I'm not sure what I need either :), anyway: - did you notice any errors after install? - do you have a proper user/group setup on DB_DIR ? - does the error occur if you start safe_mysqld as root and not as another user? -- Adrian Pircalabu Public KeyID = 0x04329F5E -- This message was scanned for spam and viruses by BitDefender. For more information please visit http://www.bitdefender.com/ -- gabriel, Member of: FreeBSD-Announce FreeBSD-Hardware FreeBSD-Multimedia FreeBSD-questions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
* Louis LeBlanc [2005-02-07 14:57 -0500] I'm coming into this thread a bit late, but if you go to : You'll see a neat little gadget that will tell you exactly what your computers electrical usage is. I'm not saying that leaving your computer on 24/7 consumes little power. I'm just saying that in Norway (where I live) and in Sweden (where the person I replied to seems to live) how much power used by your computers is irrelevant. This is true because: 1) Our house need to be heated a lot (more than the computer can provide) 2) Other heatsources are also based on electricity 3) Other heatsources are thermostatically controlled. In this setup, you need to warm up your house somehow. Since *all* energy in the end turns to thermic energy (elementary physics), the route this energy takes from moving electrons to heats is of little interest (when you're just looking to heat up your house). I could open my refrigerator door and it would not show up on my electricity bill (of course all my food would be wasted, so it would show up on my food budget). Or I could pass electrons through an electric resistance which generates heat (which is what most people do[1]), or I could turn on alot of light bulbs[2], or listen to music[2] and turn it up real loud. -- OR -- I could leave my computer on and get some extra use out of those moving electrons on their way from electric energy to thermic energy. Personally, I use a combination of all these. And the extra heating I need after turning on all my appliances, my thermostatically controlled electric wall heating takes care of. Of course, all of this is not true if your house does not needs to be heated that much most of the year. Svein Halvor [1] Note that in Norway all elecrticity is made from hydroelectric power plants, and not by burning fossil fuel, which is why alot of people don't use electric heating and not wood burning stoves and such. [2] Of course your house needs to be sound and light insulated as well, to ensure that no sounds or light escapes your house, in order for these two scenarios to work. Otherwise some of the energy would be transformed to heat outside your house, and in which case it would show up on your bill. It therefore makes sense to use those energy conserving light bulbs also in Norway and other cold countries. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
On Tue, Feb 08, 2005 at 11:12:19AM +0100, Svein Halvor Halvorsen wrote: * Louis LeBlanc [2005-02-07 14:57 -0500] I'm coming into this thread a bit late, but if you go to : You'll see a neat little gadget that will tell you exactly what your computers electrical usage is. I'm not saying that leaving your computer on 24/7 consumes little power. I'm just saying that in Norway (where I live) and in Sweden (where the person I replied to seems to live) how much power used by your computers is irrelevant. This is true because: 1) Our house need to be heated a lot (more than the computer can provide) True. 2) Other heatsources are also based on electricity Not necessarily true. It was my message you originally replied to, and the apartment where I live has central heating, such that the heating is included in teh rent, and does not show up on the electricity bill (and I don't think the heating uses electricity anyway.) Power used by the computer is relevant for me, and shows up directly on the electricity bill (while heating does not.) -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill - OT
Chad Leigh -- Shire.Net LLC ([EMAIL PROTECTED]) [050208 15:29]: A lot of new-built houses in the US are installing continuous circulation systems for hot water, which greatly reduces the time the HW heater is running, since when you turn on the hot water, you get instantaneous hot water and don't have to run a ton of water before it gets hot, which reduces the amount of HW wasted. Also, the new tankless HW heaters look interesting... I run my computers all the time, but shut down the ones I rarely use. So my G4 and G5 are on all the time (unless I leave the house for an Obviously you need to run your hot water system through the servers. Isn't the new G5 watercooled? - d. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: favor
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anthony Atkielski Sent: Sunday, February 06, 2005 3:20 AM To: freebsd-questions@freebsd.org Subject: Re: favor Ted Mittelstaedt writes: TM This is a bit of twisting of the definition of site that is public TM in my opinion. The key distinction is between a venue to which access must be explicitly requested and one that a person can visit without any formalities. How exactly do you visit it without any formalities? What if a site is coded with HTML that is undigestible with Netscape and digestible with Explorer. That now requires installation of IE to visit it, which is a way of filtering those who want to visit out. And if there is a guarentee that any request for access will be automatically granted, then it really is no longer a request. A request assumes that the requestee has to grant permission - which assumes that the requestee has the authority and ability to say no, to deny access. If the site has an automatic program that immediately grants access, then the requestee has no power to deny access - which means it's no longer a request. If you go to a HTTPS site that has a self-signed certificate in it, you must explicitly request the public key in order to install it into your browser's root certificate store, if you do not want to have to be prompted every single time you visit the site. If you answer No to the prompt asking you to request the key to put it into your browser, then your access is denied. Yet https sites with self-signed certificates are considered public sites. If I write a program that intercepts all your outbound mail, and whenever you send an e-mail message to a subscription-only mailing list that you are not subscribed to, this program intercepts your outbound mail, sends in a subscription signup, answers the response to activate the subscription, then proceeds to post your outbound message, then from your point of view the mailing list is identical to a totally open, non-request mailing list. If you run this program on your PC and set it to not notify you when this happens, then the autoresponder mailing lists now become transparent, you will not even know if one you send a post to is a subscription list or not. And, do you really believe that spammers AREN'T doing this already? Asking people to register or subscribe in order to post to a forum is requiring an explicit request for access from participants. No it is not - not unless there's a real person reviewing those requests who is filtering them, and not honoring ones they don't like. This creates a private venue with access limited only to those who have gone through the formalities. Those formalities must be a bit more serious than a mailing list autoresponder, to be considered a real authentication and access request. This has to do with the moral rights of copyright holders to control the manner in which their work is presented. More practically, it has to do with the wish of some copyright owners to provide their content for viewing only under certain conditions beneficial to themselves (such as on a specific page with advertising). I think that linking should be permitted by default, unless the owner of a site specifically prohibits it. This allows maximum flexibility while still affording protection to people who don't want deep links into their content. My feeling is that if a site is extremely difficult to navigate within - such as many news sites (ie cnn.com, etc.) that this encourages deep linking. If the site owners don't want deep linking then they can make their sites easier to navigate within. I do at times deep link because of this but I would prefer not to do it - because quite often this makes it harder to find ancillary material that the user would want to see. My experience is that deep linking is normally counterproductive and if people did a decent jobs with their websites, it wouldn't be an issue because nobody would deep link to them. Putting a 5 minute Flash presentation as the index page of a site is guarenteed to provoke deep linking, for example. Also, if you do have a decent site, and still have problems with referring sites deep linking to you and not changing those links when you politely request them to do so, it's pretty easy to replace the deep link with a html page that redirects to your site index. As for the idea of giving any protection to a site holder that wants to prohibit linking at all, that is as you say, a can of worms. Probably best to allow politeness to handle this, and if the referring site isn't polite about it, there's ways to retaliate. I think that search engines should respect exclusion policies as a matter of courtesy. Do any not? If they didn't, then their search database results would not carry as much value. On my site, I prohibit deep links, except for search engines under certain conditions. I don't
Re: favor
Ted Mittelstaedt writes: My feeling is that if a site is extremely difficult to navigate within - such as many news sites (ie cnn.com, etc.) that this encourages deep linking. If the site owners don't want deep linking then they can make their sites easier to navigate within. I tend to agree. It would be much better if these sites provided some easy way to reference specific articles, but often the only way to do so is with a 3000-character URL (and very often the URL still contains things like the session ID or user name of the person who originally pulled up the article). Putting a 5 minute Flash presentation as the index page of a site is guarenteed to provoke deep linking, for example. A Flash page at the entrance to a site is the number-one sign that the designer of the sign was a totally clueless newbie. I usually just leave a site that has this glaring defect. If I really need something from the site, I Google specifically on that site to find a deeper link that gets past the Flash content, or I look at the source of the Flash index page and try to find a URL that points past the entrance (although sometimes there's nothing at all--I guess blind people aren't welcome at such sites). I'm happy to say that my own site can be navigated even with lynx. Only one or two pages require any kind of scripting to work correctly. The rest will work with plain text. Also, if you do have a decent site, and still have problems with referring sites deep linking to you and not changing those links when you politely request them to do so, it's pretty easy to replace the deep link with a html page that redirects to your site index. I've done that occasionally for deep links directly to images; I've never bothered with links to other pages. Every page contains Javascript that will reload the frames if they aren't there, just to help put any deep-linked page in its proper context (they can turn scripting off, of course, but few people do that). Do any not? I don't know. The ones I've looked at apparently do. If they are using it as a component of their site, then I think it does. Probably. But I just configure the server to send them an image that they really don't want to see, and they remove the link soon enough. I don't see it very often, but from time to time I'll see the logs filled with direct links from someone else's site, and then I have to do something. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Sendmail masquerading configuration
-Original Message-
From: Ruben de Groot [mailto:[EMAIL PROTECTED]
Sent: Monday, February 07, 2005 6:55 AM
To: Ted Mittelstaedt
Cc: Ian Moore; freebsd-questions@freebsd.org
Subject: Re: Sendmail masquerading configuration
On Sun, Feb 06, 2005 at 02:28:17AM -0800, Ted Mittelstaedt typed:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ian Moore
Sent: Sunday, February 06, 2005 2:07 AM
To: freebsd-questions@freebsd.org
Subject: Sendmail masquerading configuration
Hi,
I'm hoping someone can help me with this.
I want to make sendmail (on a 5.3-Release server) leave the
host name out of
the sender address when sending mail from that machine.
I.E. mail from root currently has a sender address of
[EMAIL PROTECTED], I
want it to be [EMAIL PROTECTED] instead.
Not possible, I think, as I recall masquerading only works on
users not in the T macro. (ie: Trusted Users) root is
most definitely in this macro.
Actually, I believe it's the EXPOSED_USERS macro, and it can be
adjusted; e.g. in sendmail.cf:
C{E}root
just remove the root user from this line. In conjunction with a
MASQUERADE_AS macro, this will allow root to send email coming from
your domain without your hostname.
If you do this then lots of messages generated by the system will
suddenly start generating (at best):
X-Authentication-Warning: myhost.foo.bar: root set sender to
someuser using -f
It also makes it harder to troubleshoot when someone external to
your system is sending bogus junk to you.
And while it's not applicable now, with older versions of sendmail
this would definitely break all your scripts that used e-mail.
Use of the -f flag is what he needs to do.
Ted
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Another grep question
On Tue, Feb 08, 2005 at 03:44:47AM +0100, Anthony Atkielski wrote: Giorgos Keramidas writes: GK It may not be related to what you are seeing, but grep(1) GK is locale-aware. What it considers a text character GK depends on the current locale settings. I tried setting LC_ALL to en_US.UTF-8, en_US.ISO8859-15, and en_US.ISO8859-1, with no effect. The character in question is an opening double quotation mark in the Windows character set. I want to find it in my Web pages and replace it by an appropriate HTML escape sequence. I know it's out there, but grep isn't finding it, or I'm not telling it how to find the character correctly. Ah -- well, the beauty of Unix is that if the first tool you think of doesn't do the job, then the next one probably will. You can use perl to match and replace arbitrary characters: % perl -pi.bak -e 's/\x93/ldquo;/g' foo.html Or you could go for the bulk method and run HTML tidy(1) over the file, which is usually pretty good at converting any-old HTML into something that will pass validation: (ports: www/tidy) http://www.w3c.org/People/Raggett/tidy/ (ports: www/tidy-devel) http://tidy.sourceforge.net/ Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 8 Dane Court Manor School Rd PGP: http://www.infracaninophile.co.uk/pgpkey Tilmanstone Tel: +44 1304 617253 Kent, CT14 0JL UK pgpr3uxbeO8IL.pgp Description: PGP signature
RE: Change Apache version string
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pat Maddox Sent: Monday, February 07, 2005 1:59 PM To: freebsd-questions@freebsd.org Subject: Change Apache version string I've got mod_php installed as well as mod_jk, so whenever there's a 404 Apache displays Apache/2.0.52 (FreeBSD) PHP/4.3.10 mod_jk/1.2.6 I'm not sure if I'm being overly paranoid, but I don't really like the fact that all that info gets displayed. Is there any way I can change Apache's version string, like I can with any ftp or smtp daemon? Real crackers don't pay attention to the version strings, if they are going to probe your server, they are going to throw all known cracks at it. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Electricity bill - OT
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chad Leigh -- Shire.Net LLC Sent: Monday, February 07, 2005 8:29 PM To: freebsd-questions@freebsd.org Subject: Re: Electricity bill - OT A lot of new-built houses in the US are installing continuous circulation systems for hot water, which greatly reduces the time the HW heater is running, since when you turn on the hot water, you get instantaneous hot water and don't have to run a ton of water before it gets hot, which reduces the amount of HW wasted. This is a gimmick built to sell houses, a cool one, but only in hot climates does it make much difference. In cooler climates the heat from the standing water in the pipes just makes the furnace run less, thus the savings are a wash. Also, the new tankless HW heaters look interesting... those have been around for at least 20 years. As most of them are electric, not natural gas, your going to pay more money for heating water with a bunch of those than with a central gas water heater. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: favor
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anthony Atkielski Sent: Tuesday, February 08, 2005 2:58 AM To: freebsd-questions@freebsd.org Subject: Re: favor If they are using it as a component of their site, then I think it does. Probably. But I just configure the server to send them an image that they really don't want to see takeittux.png :-) Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ktrace as a replacement for strace
I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Change Apache version string
Pat Maddox writes: I've got mod_php installed as well as mod_jk, so whenever there's a 404 Apache displays Apache/2.0.52 (FreeBSD) PHP/4.3.10 mod_jk/1.2.6 I'm not sure if I'm being overly paranoid, but I don't really like the fact that all that info gets displayed. Is there any way I can change Apache's version string, like I can with any ftp or smtp daemon? Within limits, you can change it with the ServerTokens directive in the configuration. To get the bare minimum (just Apache), use ServerTokens Prod You might also set ServerSignature Off Which prevents Apache from putting its version at the end of any pages it generates itself (missing page errors, directory listings, etc.). -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Gettext wont install
I'm getting this error while trying to reinstall gettext port version 0.14.1 This is the error I'm getting Making install in lib Making install in libasprintf mkdir -p -- . /usr/local/lib /bin/sh /usr/local/bin/libtool15 --mode=install /usr/bin/install -c -o root -g wheel libasprintf.la /usr/local/lib/libasprintf.la /usr/bin/install -c -o root -g wheel .libs/libasprintf.so.0 /usr/local/lib/libasprintf.so.0 install: .libs/libasprintf.so.0: No such file or directory *** Error code 71 Stop in /usr/ports/devel/gettext/work/gettext-0.14.1/gettext-runtime/libasprintf. *** Error code 1 Stop in /usr/ports/devel/gettext/work/gettext-0.14.1/gettext-runtime/libasprintf. *** Error code 1 Stop in /usr/ports/devel/gettext/work/gettext-0.14.1/gettext-runtime. *** Error code 1 Stop in /usr/ports/devel/gettext/work/gettext-0.14.1. *** Error code 1 Stop in /usr/ports/devel/gettext. Im running FreeBSD 5.3-STABLE FreeBSD 5.3-STABLE #0: Sun Jan 30 16:28:03 GMT 2005 any hints would be appreciated elfar PS: please cc me, I'm not on the list ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sendmail masquerading configuration
On Tue, Feb 08, 2005 at 03:05:21AM -0800, Ted Mittelstaedt typed:
-Original Message-
From: Ruben de Groot [mailto:[EMAIL PROTECTED]
Sent: Monday, February 07, 2005 6:55 AM
To: Ted Mittelstaedt
Cc: Ian Moore; freebsd-questions@freebsd.org
Subject: Re: Sendmail masquerading configuration
On Sun, Feb 06, 2005 at 02:28:17AM -0800, Ted Mittelstaedt typed:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ian Moore
Sent: Sunday, February 06, 2005 2:07 AM
To: freebsd-questions@freebsd.org
Subject: Sendmail masquerading configuration
Hi,
I'm hoping someone can help me with this.
I want to make sendmail (on a 5.3-Release server) leave the
host name out of
the sender address when sending mail from that machine.
I.E. mail from root currently has a sender address of
[EMAIL PROTECTED], I
want it to be [EMAIL PROTECTED] instead.
Not possible, I think, as I recall masquerading only works on
users not in the T macro. (ie: Trusted Users) root is
most definitely in this macro.
Actually, I believe it's the EXPOSED_USERS macro, and it can be
adjusted; e.g. in sendmail.cf:
C{E}root
just remove the root user from this line. In conjunction with a
MASQUERADE_AS macro, this will allow root to send email coming from
your domain without your hostname.
If you do this then lots of messages generated by the system will
suddenly start generating (at best):
X-Authentication-Warning: myhost.foo.bar: root set sender to
someuser using -f
Sorry, but this simply isn't true. I have just tested this. Warnings
like this might get generated when you remove root from the
TRUSTED_USERS macro; *NOT* when you remove it from EXPOSED_USERS.
It also makes it harder to troubleshoot when someone external to
your system is sending bogus junk to you.
I agree. As I said in the part of my message you snipped:
BTW, I agree that masquerading is NOT the proper way to do these things.
And while it's not applicable now, with older versions of sendmail
this would definitely break all your scripts that used e-mail.
Use of the -f flag is what he needs to do.
Fine. But the OP's problem concerned mail send by cron. How would you
instruct cron to use the -f flag? (There's a MAILTO environment
variable in cron, but no MAILFROM)
Ruben
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Sysinstall problem with network settings
I installed 4.11 Release recently. If i configure my network with sysinstall during the install procedure, everythin works fine. But if i skip network config, and want to do it after finishing setup, sysintall doesnt save my settings. I setup hostname, ip address, gateway, dns etc. then it asks for bringing up the interface. I choose yes, and i see a packet sent out from my machine to the switch. But after quitting sysintall, and typing ifconfig tx0 it seems nothing has changed (no ip, interface is not UP). Could it be a bug? As i can remember, the same happened with 4.10. Thx! ricsip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Using FreeBSD to migrate Windows XP?
OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? Thanks. BTW, just out of curiosity, does anyone know off the top of their heads where dump(8) puts the snapshot name when used with the L option? I assumed it would be in the .snap directory, but when I did an ls -la of /home/.snap while it was running, there was nothing there. I suppose it could remove the snap after it builds the map of what diskblocks to back up, but that could still lead to fuzzy backups. -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
John wrote: OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? Not doomed, but don't expect to read data on other than FBSD systems. This is described in the handbook under using removable media (CD/DVD) for backups. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
httpd in /tmp - Sound advice sought
Last night, I ran chkrootkit and it gave me a warning about being infected with Slapper. Slapper exploits vulnerabilities in OpenSSL up to version 0.96d or older on Linux systems. I have only run 0.97d. The file that set chkrootkit off was httpd which was located in /tmp. /tmp is always mounted rw, noexec. I update my packages (which are installed via ports) any time there is a security update. I'm running Apache 1.3.33/PHP 4.3.10/mod_ssl 2.8.22/OpenSSL 0.97d on 4.10. Register_globals was on in PHP for a couple of weeks, but the only code that required it to be on was in a .htaccess/SSL password protected directory. Tripwire didn't show anything that I noted as odd. I reexamined the tripwire logs, which are e-mailed to an account off of the machine immediately after completion, and I don't see anything odd for the 3/4 days before or after the date on the file. (I don't scan /tmp) I stupidly deleted the httpd file from /tmp, which was smaller than the actual apache httpd. And I don't back up /tmp. The only info I can find regarding this file being in /tmp pertains to Slapper. Could something have copied a file there? Could I have done it by mistake at some point - the server's been up ~60 days, plenty of time for me to forget something? This is production box that I very much want to keep up, so I'm seeking some sound advice. Does this box need to be rebuilt? How could a file get written to /tmp, and is it an issue since it couldn't be executed? I run tripwire nightly, and haven't seen anything odd to the best of my recollection. I also check ipfstat -t frequently to see if any odd connections are happening. I appreciate any sound advice on this matter. Thanks, Bret smime.p7s Description: S/MIME cryptographic signature
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
On 8 Feb 2005, at 10:12, Svein Halvor Halvorsen wrote: In this setup, you need to warm up your house somehow. Since *all* energy in the end turns to thermic energy (elementary physics), the route this energy takes from moving electrons to heats is of little interest (when you're just looking to heat up your house). It's not really the case that all the energy becomes heat, since the computer also has moving parts and generates sound (a *lot* of sound if it's anything like mine). Most of the energy going into a computer probably does become heat in the end, but certainly not all of it. Because of this it might be better to get a more efficient heater, but in the end it probably doesn't make a noticeable difference either way. -- - Adam McMaster [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
* Adam McMaster [2005-02-08 14:00 -] It's not really the case that all the energy becomes heat, since the computer also has moving parts and generates sound (a *lot* of sound if it's anything like mine). Most of the energy going into a computer probably does become heat in the end, but certainly not all of it. Because of this it might be better to get a more efficient heater, but in the end it probably doesn't make a noticeable difference either way. The sound will also end up as heat in the end. The same goes for light. Hence my disclaimer in the end, stating that you need a sound and light insulated house. However, I think there are very little energy in the sound and light of a computer, relatively speaking. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill [was: Re: Leaving a Computer Running ?]
* Erik Trulsson [2005-02-08 11:17 +0100] Not necessarily true. It was my message you originally replied to, and the apartment where I live has central heating, such that the heating is included in teh rent, and does not show up on the electricity bill (and I don't think the heating uses electricity anyway.) I understand that these presumption is not allways correct. Alot of people have central heating in Norway as well. Especially in houses that were built before 1950-ish when the power-revolution took place in Norway with alot of new-built hydroelectric plants. However, I believe this to be generally correct. I should confess that I don't have alot of detailed knowledge on Sweden though, even though we're neighbours so to speak. This was the reason I stated the presumptions anyway. Svein Halvor Who right now could use another computer to heat up my room. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem with mknod for /dev/random = jailed bind configuration
Hello, I've tried to configure a bind server in a chroot jail and am facing a problem with /dev/random Thaugh I've read the man mknod I have to say that this didn't help me in solving the problem. When I start named with the -g switch here are the error. 08-Feb-2005 15:18:22.551 errno2result.c:109: unexpected error: 08-Feb-2005 15:18:22.551 unable to convert errno to isc_result: 6: Device not configured 08-Feb-2005 15:18:22.551 could not open entropy source /dev/random: unexpected error 08-Feb-2005 15:18:22.551 using pre-chroot entropy source /dev/random I've used the following mknod command : mknod /var/named/dev/null c 2 2 mknod /var/named/dev/random c 2 3 and also tried : mknod random c 245 0 mknod null c 2 2 I've chmod 666 the two files and make shure they are owned by bind:bind // ?? Any help will be welcome. __ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯ Grégory Bernard 11, rue de la Tour Directeur 75116 Paris France www.ToDoo.biz tel : +(33) 1 40 26 43 14 __ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯ PGP ID -- 0x1BA3C2FD All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use hammer. -- IBM maintenance manual, 1975 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Openoffice 1.1 - compile errors even without Java
Ewald Jenisch [EMAIL PROTECTED] writes:
Hi,
I'm having a hard time getting OO 1.1.4 installed from ports: Using
the normal make-way (i.e. with Java support) makes the build die
after some hours with the famous errors during Java compilation.
So I tried
make -DWITHOUT_JAVA
Again, make runs for several hours finally bailing out with the
following error message:
-- Cut here --
zip -j -5 ../unxfbsd.pro/01/normal/f_0386
/usr/ports/editors/openoffice-1.1/work/solver/645/unxfbsd.pro/bin/dtint
adding: dtint (deflated 69%)
zip -j -5 ../unxfbsd.pro/01/normal/f_0387
/usr/ports/editors/openoffice-1.1/work/solver/645/unxfbsd.pro/bin/dtappintegrate
adding: dtappintegrate (deflated 80%)
optimize summary: 0 kb
Replacing ${EVAL} with
Replacing ${FILEFORMATNAME} with OpenOffice.org
Replacing ${FILEFORMATVERSION} with 1.0
Replacing ${LONG_PRODUCTEXTENSION} with
Replacing ${PRODUCTEXTENSION} with
Replacing ${PRODUCTNAME} with OpenOffice.org
Replacing ${PRODUCTVERSION} with 1.1.4
time needed: 0:0:27
WARNING! Project(s):
gtk
not found and couldn't be built. Correct build.lsts.
-- Cut here --
Has anybody sucessfully built OO 1.1.4 from ports - either with our
without Java?
With, sure.
Did you try installing gtk?
--
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dumb question about ports/packages
-- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dumb question about ports/packages
Olivier Nicole [EMAIL PROTECTED] writes: How would I upgrade just one package part of the core like that? Or multiple ones for that matter. Can you use the ports/packages system? Or do you have to do an entire system upgrade (i.e. 4.10 to 4.11). I'd say, given that ssh is part of the ports (/usr/ports/security/ssh), you could ust upgrade that port and install that port. I'd cvsup ports/security then make make install for ssh Um, no, as the original poster pointed out, ssh is part of the base system, and normally you don't need the port. Upgrading the base system *is* the best approach. It *doesn't* normally require updating to the latest release; 4.10, for example, is still a supported branch, and will be for (at least) another year or so. Updating to the latest of the 4.10 branch will do fine for this kind of problem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: favor
On Mon, Feb 07, 2005 at 05:16:22PM +0100, Anthony Atkielski typed: DG So it helps the copyright situation, but breaks the usefulness of DG any archive. The copyright situation is an unavoidable legal mandate, not an option. You cannot defend against an infringement action by saying that respecting copyright would have been inconvenient for you. Can we please stop the legal mumbo-jumbo? This is supposed to be a technical mailing list. And a global one at that. Copyright laws in the US or any other country are irrelevant at best, a nuisance at the worse. But certainly not worth waisting this much bandwidth on. Ruben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
On Tue, Feb 08, 2005 at 02:17:56PM +0100, Erik Norgaard wrote: John wrote: OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? Not doomed, but don't expect to read data on other than FBSD systems. This is described in the handbook under using removable media (CD/DVD) for backups. Oh, yeah, actually, that's no problem. The media are files on an NFS share... I'll use FreeBSD booted from the CD to put it back. -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
connections fail
Hi everyone, My desktop box runs FreeBSD 5.3 and I have a problem with opera (7.54) and sylpheed-claws (1.0.0). When these applications run for quite a while(some days) they can't establish any connections. If I restart the application it works again. Has anyone seen these or similar problems, or any idea what to do? I hope the information given is enough, though it isn't very much. Thanks in advance Hagen Kühl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re[2]: Sendmail host lookup problem (nslookup)
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Hexren Sent: Sunday, February 06, 2005 2:49 PM To: Ted Mittelstaedt Cc: freebsd-questions@freebsd.org Subject: Re[2]: Sendmail host lookup problem -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Hexren Sent: Sunday, February 06, 2005 1:46 PM To: freebsd-questions@freebsd.org Subject: Sendmail host lookup problem I have a LAN in the 192.168.0 range. I am trying to send mail from 192.168.0.78 (gc-infra.steenbuck.net) to 192.168.0.29 (bettchen.steenbuck.net). This leeds to 550 errors. Host unknown (Name server: bettchen.steenbuck.net: host not found) 192.168.0.29 is also acting as my DNS Server. Both machines have correct (or so I hope) entries in the nameserver. TM Either you don't have correct entries in the nameserver, or your TM /etc/resolv.conf on gc-infra is not using 192.168.0.29 as it's TM nameserver. TM What is the output of nslookup on gc-infra when you key in TM the bettchen.steenbuck.net name? What is it when you issue TM a set type=mx at the nslookup prompt followed by the TM bettchen.steenbuck.net name? What is it when you key in the TM IP number 192.168.0.29? TM Ted TM ___ TM freebsd-questions@freebsd.org mailing list TM http://lists.freebsd.org/mailman/listinfo/freebsd-questions TM To unsubscribe, send any mail to [EMAIL PROTECTED] - [gc-infra:~]#nslookup bettchen.steenbuck.net Server: 192.168.0.29 Address:192.168.0.29#53 TM This is a problem, the output should read: TM Server: bettchen.steenbuck.net TM Address:192.168.0.29 TM Name: bettchen.steenbuck.net TM Address: 192.168.0.29 Name: bettchen.steenbuck.net Address: 192.168.0.29 - [gc-infra:~]#nslookup set type=mx bettchen.steenbuck.net Server: 192.168.0.29 Address:192.168.0.29#53 bettchen.steenbuck.net mail exchanger = 10 bettchen.steenbuck.net. TM Here's another possible problem, the output should read: TM bettchen.steenbuck.net preference=10, mail exchanger = 10 TM bettchen.steenbuck.net TM (followed by some glue data) - [gc-infra:~]#nslookup 192.168.0.29 Server: 192.168.0.29 Address:192.168.0.29#53 29.0.168.192.in-addr.arpa name = bettchen.steenbuck.net.0.168.192.in-addr.arpa. TM name should be bettchen.steenbuck.net, not TM bettchen.steenbuck.net.0.168.192.in-addr.arpa. TM Post your zone files in bettchen as well as named.conf TM Ted - sorry for taking so long to provide some files. Anyway I pooked around a bit, looked at some configs a friend provided me with and read a bit more about BIND, did some config cleaning up. And its working now unfortunatly I cannot point to where exactly my error was (note to self do more sleeping). Sendmail is functioning properly :) My machines, except one now produce the output that you said they should (and descriped above). I believe the error with that one machine is rooted in nslookup and not DNS. Interestingly there are 2 nslookup programms in the MAN pages. One in section 1 and one in section 8. http://www.freebsd.org/cgi/man.cgi?query=nslookupsektion=1apropos=0manpath=FreeBSD+5.3-RELEASE+and+Ports http://www.freebsd.org/cgi/man.cgi?query=nslookupsektion=8apropos=0manpath=FreeBSD+5.3-RELEASE+and+Ports All my machines are using the one under section 8. (I think you can tell them apart by looking if they have help implemented) Only the one machine that is not producing the right output uses the one from section 1. Anybody nows why this is the way it is, meaning why there are 2 nslookups and by which way you can tell a machine to use one or the other ? (seems pretty strange to me) Thank you Hexren named.conf Description: Binary data steenbuck.net Description: Binary data 192.168.0.rev Description: Binary data ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dell poweredge servers
hey Mark, Im using CURRENT on 2650 w/o any problems, aac works fine. There was some problem with ACPI (which lead to hang) on some PE series box'es but now I suppose its okay. Date: Mon, 07 Feb 2005 16:14:42 -0800 From: Mark A. Garcia [EMAIL PROTECTED] Subject: Re: dell poweredge servers To: [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii; format=flowed David Bear wrote: I was looking at the support hardware list for Fbsd 5.x and could find no mention of the PERC3-DI scsi controller.. so I was wondering if anyone has used a dell poweredge 2650, and what your experience was running Freebsd 4.X and 5.x on it. I've been running FBSD 4.7 since Apr 2003 on a PE2650 with the PERC3-DI controller. I haven't had any problem setting it up. Just make sure you leave the device aac option in your kernel config. Cheers, -.mag ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
On Tue, Feb 08, 2005 at 03:59:28AM -0800, Loren M. Lang typed: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. I think truss(8) will suit your needs better. Ruben ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Generating Backtrace on FBSD 5.3
Slightly off-topic. Im trying to figure out how to generate a backtrace from a core dump of subversion, to send to subversion developers. What tools are available to read a core dump file, to generate this backtrace on FreeBSD 5.3? I'm trying to understand gdb, but Im not sure if this is what I'm looking for. $ gdb -c svn.core Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jail /dev
Hi, I've set up a jail and am getting confused about setting up the devices. The name of the jail is jail and it's directory is /usr/jail. I am using 5.3-Release. I have tried three methods, one that works, two that don't. At the moment what I'm doing is mount_devfs devfs /usr/jail/dev then going into the jail and deleting the devices that I (think) I don't need/shouldn't have available. This works, but brings up the problem that I don't know what devices I should leave in and which I shouldn't. I tried adding the line jail_jail_devfs_ruleset=4 along with other suggested lines relating to jails to /etc/rc.conf, but this resulted in an error message at bootup; WARNING: devfs_set_ruleset: you must specify a ruleset number. I am getting the number (4) from the /etc/defaults/devfs.rules file. I have also read man 8 dev and tried the line devfs -m /usr/jail/dev rule -s 4 applyset, which results in the error devfs rule: ioctl DEVFSIO_SAPPLY: Inappropriate ioctl for device. I'm pretty sure in this case I'm just mistaken about how to use the command properly. So my questions are; 1) If I use my current method, the first, which devices should I leave in the jails /dev directory, and which should I delete? 2) Is the entry I tried in /etc/rc.conf in the second method correct, and if not, what should it be? 3) Is the command i tried in method three correct, and if not, what should it be? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Generating Backtrace on FBSD 5.3
On Tue, 08 Feb 2005 10:13:32 -0500 Gerard Samuel [EMAIL PROTECTED] wrote: Im trying to figure out how to generate a backtrace from a core dump of subversion, to send to subversion developers. What tools are available to read a core dump file, to generate this backtrace on FreeBSD 5.3? I'm trying to understand gdb, but Im not sure if this is what I'm looking for. $ gdb -c svn.core gdb /path/to/svn svn.core is what you want. But for that to be useful you need a svn executable built with debugging info. This can be done by building the port with CFLAGS having the '-g' option and STRIP set to null, so you don't lose that info while installing. (deinstall svn first) e.g.: cd /usr/ports/devel/subversion env CFLAGS=-g STRIP= make install Then try to reproduce the error and run gdb. Once in gdb use the command 'bt' to get a backtrace. Cheers, -- Miguel Mendez [EMAIL PROTECTED] http://www.energyhq.es.eu.org PGP Key: 0xDC8514F1 pgpTX2a53Y95h.pgp Description: PGP signature
Re: Using FreeBSD to migrate Windows XP?
OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? I presume that /dev/ad0s1 is your MS-DOS slice? I have never done this, but you might try using dump(8) and restore(8) to move it as well as the others. I would trying dumping it somewhere and then restoring it somewhere harmless just to check first. If you keep the old disk and do nothing to harm it, then you could try this to the new disk and if it works (eg Messy Dos works), fine. If it doesn't work then you still have the original on the old disk to go back to and try something else. As you mention, make the slices and partitions on the new disk and put in the MBR.Then do the restores. You might need to do something to put in a MSDOS boot partition on the new S1 as well. jerry Thanks. BTW, just out of curiosity, does anyone know off the top of their heads where dump(8) puts the snapshot name when used with the L option? I assumed it would be in the .snap directory, but when I did an ls -la of /home/.snap while it was running, there was nothing there. I suppose it could remove the snap after it builds the map of what diskblocks to back up, but that could still lead to fuzzy backups. -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: httpd in /tmp - Sound advice sought
Bret Walker wrote: Last night, I ran chkrootkit and it gave me a warning about being infected with Slapper. Slapper exploits vulnerabilities in OpenSSL up to version 0.96d or older on Linux systems. I have only run 0.97d. The file that set chkrootkit off was httpd which was located in /tmp. /tmp is always mounted rw, noexec. I update my packages (which are installed via ports) any time there is a security update. I'm running Apache 1.3.33/PHP 4.3.10/mod_ssl 2.8.22/OpenSSL 0.97d on 4.10. Register_globals was on in PHP for a couple of weeks, but the only code that required it to be on was in a .htaccess/SSL password protected directory. Tripwire didn't show anything that I noted as odd. I reexamined the tripwire logs, which are e-mailed to an account off of the machine immediately after completion, and I don't see anything odd for the 3/4 days before or after the date on the file. (I don't scan /tmp) I stupidly deleted the httpd file from /tmp, which was smaller than the actual apache httpd. And I don't back up /tmp. The only info I can find regarding this file being in /tmp pertains to Slapper. Could something have copied a file there? Could I have done it by mistake at some point - the server's been up ~60 days, plenty of time for me to forget something? This is production box that I very much want to keep up, so I'm seeking some sound advice. Does this box need to be rebuilt? How could a file get written to /tmp, and is it an issue since it couldn't be executed? I run tripwire nightly, and haven't seen anything odd to the best of my recollection. I also check ipfstat -t frequently to see if any odd connections are happening. I appreciate any sound advice on this matter. Thanks, Bret Slapper is a linux only virus. You shouldn't have to worry about it doing harm on your freebsd machine. Seeing as the binary was in your tmp directory on your system, and that you might have not placed it there, this could be a good reason for a host of other things to look into. The httpd binary with 96d= ssl is not a virus itself, just a means to carry out the exploit. The slapper virus is a bunch of c-code that is put in your tmp directory and the exploit allows one to compile, chmod, and execute the code, leaving open a backdoor. chrootkit does scan for the comparable scalper virus which is a freebsd cousin to the slapper (in that they attempt to exploit the machine via the apache conduit.) I would think real hard, if you did put the httpd binary in there. If you are sure you didn't, and you are the only one with access to the system, then I would be very very worried. Running tripwire and chrootkit on a periodic basis should help. Re-installing the os isn't your only solution, but it does give comfort knowing that after a reinstall, and locking down the box, no one has a in on your system. This could be overboard though. You also might want to consider enabling the clean_tmp scripts. Next time tar up those suspicious files, a quick forensics on them can do wonders (md5sum, timestamps, ownership, permissions.) Cheers, -.mag ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
John wrote: I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? Thanks. . will the hard drive change? I do remember trying this on XP with a second hard drive ie ghost the whole lot across to the second drive and then swap the new larger drive into boot place. It seems XP knows the hardware and was looking for the original HD when we attempted to boot off the new one. Ther was a complicated fix involving remote registry editing etc etc, but I've forgotten the details. -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Newbie Security Concerns
Hello, I am a new user of UNIX and FreeBSD and have never had to do any administration or security configuration myself before. I am running IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my logs and discovered that sshd reported many illegal users. Does that mean my system i compromised? As configured, there are only three accounts on my system, root, toor, and one user account for me. I suppose you need more information from me, but am not sure what to provide. Any help would be greatly appreciated. Thanks Mark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
On Tuesday 08 February 2005 09:51 am, Jerry McAllister wrote: OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? I presume that /dev/ad0s1 is your MS-DOS slice? I have never done this, but you might try using dump(8) and restore(8) to move it as well as the others. I would trying dumping it somewhere and then restoring it somewhere harmless just to check first. If you keep the old disk and do nothing to harm it, then you could try this to the new disk and if it works (eg Messy Dos works), fine. If it doesn't work then you still have the original on the old disk to go back to and try something else. As you mention, make the slices and partitions on the new disk and put in the MBR.Then do the restores. You might need to do something to put in a MSDOS boot partition on the new S1 as well. jerry Thanks. BTW, just out of curiosity, does anyone know off the top of their heads where dump(8) puts the snapshot name when used with the L option? I assumed it would be in the .snap directory, but when I did an ls -la of /home/.snap while it was running, there was nothing there. I suppose it could remove the snap after it builds the map of what diskblocks to back up, but that could still lead to fuzzy backups. -- John Lind [EMAIL PROTECTED] You might also look at g4u (ghost for unix): http://www.feyrer.de/g4u/ Best of luck, Andrew Gould ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Security Concerns
--On Tuesday, February 08, 2005 11:01:11 AM -0500 [EMAIL PROTECTED] wrote: I am a new user of UNIX and FreeBSD and have never had to do any administration or security configuration myself before. I am running IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my logs and discovered that sshd reported many illegal users. Does that mean my system i compromised? As configured, there are only three accounts on my system, root, toor, and one user account for me. I suppose you need more information from me, but am not sure what to provide. Any help would be greatly appreciated. In addition to the firewall, you should edit /etc/hosts.allow and only allow remote access from trusted hosts. That will completely stop the random ssh login attempts. man (5) hosts_access Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Security Concerns
[EMAIL PROTECTED] wrote: Hello, I am a new user of UNIX and FreeBSD and have never had to do any administration or security configuration myself before. I am running IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my logs and discovered that sshd reported many illegal users. Does This seems to be a common thing that occurs all to often on internet facing systems who have a publicly available ssh port. But it being common is definately a reason not to ignore it. Here are some things that I do: - Don't allow root logins via the sshd_config in /etc/ssh - Bind ssh to a specific IP or IP's - Running IP Firewall, block any access to your system with generic block rules, then open up specific ports with specific from IPs that you know you will be coming from. - You can even go really gonzo and install ports/security/doorman which is a port knocking mechanism that allows you to play knock-knock-who-is-it. Send a udp sequence to your server. If it matches a certain type of signature, then issue a firewall rule change to open the port, i.e. ssh. Very automated and convient. Otherwise, the port will be closed to all users. If if the port is open, then one would still have to password crack your accounts. I'm hoping that one would see a port is open via email, and know it's not them and immediately do some justice. - Also, it would be good to block those ips where the password attempts occur. Last but not least, you're system probably isn't compromised unless you actually see a successful login on those accounts. Cheers, -.mag that mean my system i compromised? As configured, there are only three accounts on my system, root, toor, and one user account for me. I suppose you need more information from me, but am not sure what to provide. Any help would be greatly appreciated. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
On Tue, Feb 08, 2005 at 10:51:20AM -0500, Jerry McAllister wrote: OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? I presume that /dev/ad0s1 is your MS-DOS slice? I have never done this, but you might try using dump(8) and restore(8) to move it as well as the others. I would trying dumping it somewhere and then restoring it somewhere harmless just to check first. If you keep the old disk and do nothing to harm it, then you could try this to the new disk and if it works (eg Messy Dos works), fine. If it doesn't work then you still have the original on the old disk to go back to and try something else. As you mention, make the slices and partitions on the new disk and put in the MBR.Then do the restores. You might need to do something to put in a MSDOS boot partition on the new S1 as well. Well, it's NOT really an MS-DOS slice. Winxp uses the NT filesystem, NOT MS-DOS. Dump cannot work on anthing other than UFS filesystems. Dump actually separately interprets the filesystem structure. Consider, for example, that dump works perfectly well on unmounted filesystems. Dump is DRAMATICALLY different in its operation than tar, cpio, etc. Since tar and others use the filesystem code, they don't care what the underlying structure might be, BUT, they are also incapable of collecting foreign information like SIDs and ACLs. -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Newbie Security Concerns
On 02/08/05 17:01, [EMAIL PROTECTED] wrote: [...] Last night I was checking my logs and discovered that sshd reported many illegal users. Does that mean my system i compromised? As configured, there are only three accounts on my system, root, toor, and one user account for me. if the message looks like the one below, there's no need to worry: Feb 8 17:12:04 mars sshd[19022]: Illegal user foo from ::1 that just means somebody tried to get into your system using username foo. Since the user foo doesn't exist the login failed and no harm was done. [...] I suppose you need more information from me, but am not sure what to provide. Any help would be greatly appreciated. you might want to post the actual message you see in your auth.log. but before you post, feed it to your favourite web search engine and dig through the results for any hints -- maybe you can solve your problem alone and learn something new along the way. regards, phil. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
John [EMAIL PROTECTED] writes: Dump cannot work on anthing other than UFS filesystems. Dump actually separately interprets the filesystem structure. Consider, for example, that dump works perfectly well on unmounted filesystems. Dump is DRAMATICALLY different in its operation than tar, cpio, etc. Since tar and others use the filesystem code, they don't care what the underlying structure might be, BUT, they are also incapable of collecting foreign information like SIDs and ACLs. This is one of the advantages of the new BSD tar (which is the standard tar on FreeBSD 5.3); it can pick up some of the extended attributes. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
In the last episode (Feb 08), Loren M. Lang said: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. The string in the NAMI line immediately after an open() call is the filename in kdump output. strace actually does work, but I think it's losing a race when it forks the child process. Try suspending and resuming strace: ([EMAIL PROTECTED]) /home/dan strace date hangs here, hit ^Z ^Z zsh: 62219 suspended strace date [1] + suspended strace date ([EMAIL PROTECTED]) /home/dan fg [1] + continued strace date execve(0xbfbfdef4, [0xbfbfe3b8], [/* 0 vars */]) = 0 mmap(0, 3920, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x28071000 munmap(0x28071000, 3920)= 0 ... strace hasn't been updated in a while, though, and has problems parsing newer syscalls. Take a look at the truss command in the base system, which does about the same thing as strace. Ktrace has the advantage that it's less intrusive; both strace and truss have to stop the process to print out data, which really slow it down. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Generating Backtrace on FBSD 5.3
Miguel Mendez wrote: On Tue, 08 Feb 2005 10:13:32 -0500 Gerard Samuel [EMAIL PROTECTED] wrote: Im trying to figure out how to generate a backtrace from a core dump of subversion, to send to subversion developers. What tools are available to read a core dump file, to generate this backtrace on FreeBSD 5.3? I'm trying to understand gdb, but Im not sure if this is what I'm looking for. $ gdb -c svn.core gdb /path/to/svn svn.core is what you want. But for that to be useful you need a svn executable built with debugging info. This can be done by building the port with CFLAGS having the '-g' option and STRIP set to null, so you don't lose that info while installing. (deinstall svn first) e.g.: cd /usr/ports/devel/subversion env CFLAGS=-g STRIP= make install Then try to reproduce the error and run gdb. Once in gdb use the command 'bt' to get a backtrace. I'll give that a shot. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
On Tue, Feb 08, 2005 at 10:51:20AM -0500, Jerry McAllister wrote: OK - I've finally come to the realization (a little slow, I know) that a 5.8Gb disk drive is just not enough to support a desktop environment (including JAVA) for both Windows XP and FreeBSD on my laptop. :( I have used dump(8) to dump out my filesystems. I am wondering if I can just use dd to dump out all of /dev/ad0s1 also, and then use dd to put it back again when I'm done. Then I'd boot the installation CD into fixit mode, build a new MBR, make sure that the new s1 was the same or very slightly larger than the old s1, and use dd to put it back again. Can anyone speak to either the doomed to failure or I've done this and it works scenarios? I presume that /dev/ad0s1 is your MS-DOS slice? I have never done this, but you might try using dump(8) and restore(8) to move it as well as the others. I would trying dumping it somewhere and then restoring it somewhere harmless just to check first. If you keep the old disk and do nothing to harm it, then you could try this to the new disk and if it works (eg Messy Dos works), fine. If it doesn't work then you still have the original on the old disk to go back to and try something else. As you mention, make the slices and partitions on the new disk and put in the MBR.Then do the restores. You might need to do something to put in a MSDOS boot partition on the new S1 as well. Well, it's NOT really an MS-DOS slice. Winxp uses the NT filesystem, NOT MS-DOS. Dump cannot work on anthing other than UFS filesystems. Dump actually separately interprets the filesystem structure. Consider, for example, that dump works perfectly well on unmounted filesystems. Dump is DRAMATICALLY different in its operation than tar, cpio, etc. Since tar and others use the filesystem code, they don't care what the underlying structure might be, BUT, they are also incapable of collecting foreign information like SIDs and ACLs. -- Sounds probable. Just wanted to know if it would be possible. jerry John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sysinstall problem with network settings
Psztor Richrd wrote: I installed 4.11 Release recently. If i configure my network with sysinstall during the install procedure, everythin works fine. But if i skip network config, and want to do it after finishing setup, sysintall doesnt save my settings. I setup hostname, ip address, gateway, dns etc. then it asks for bringing up the interface. I choose yes, and i see a packet sent out from my machine to the switch. But after quitting sysintall, and typing ifconfig tx0 it seems nothing has changed (no ip, interface is not UP). Could it be a bug? As i can remember, the same happened with 4.10. Thx! ricsip I have no idea if this is a bug or not. It's possible, but I don't know how likely, as it's definitely not a common complaint on this list. Have you checked the PR database to see if you can find any mention of this? Keep in mind that sysinstall is meant to *install* the system, not administrate it on a daily basis (/me dons asbestos underclothing), generally speaking. What do you get from %cat /etc/rc.conf ?? Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem with mknod for /dev/random = jailed bind configuration
On Tue, Feb 08, 2005 at 03:38:27PM +0100, bsd @ todoo. biz wrote: Hello, I've tried to configure a bind server in a chroot jail and am facing a problem with /dev/random Thaugh I've read the man mknod I have to say that this didn't help me in solving the problem. When I start named with the -g switch here are the error. 08-Feb-2005 15:18:22.551 errno2result.c:109: unexpected error: 08-Feb-2005 15:18:22.551 unable to convert errno to isc_result: 6: Device not configured 08-Feb-2005 15:18:22.551 could not open entropy source /dev/random: unexpected error 08-Feb-2005 15:18:22.551 using pre-chroot entropy source /dev/random I've used the following mknod command : mknod /var/named/dev/null c 2 2 mknod /var/named/dev/random c 2 3 and also tried : mknod random c 245 0 mknod null c 2 2 I've chmod 666 the two files and make shure they are owned by bind:bind // ?? You forgot to mention what version of FreeBSD you're running. If it's 5.x, you need to mount an appropriately configured devfs inside the jail. See the jail and devfs manpages. Kris pgp2q8VT8eAzl.pgp Description: PGP signature
Re: Problem while installing FreeBSD 5.3 - ata0-master : FAILURE ATA IDENTIFY
This known problem cropped up on a brand new 1U system I installed and nothing in the referred to errata appeared to help. http://www.freebsd.org/releases/5.2.1R/errata.html However, I finally got the group at freebsdmall to respond, and their ideas did resolve this issue. Why does the info in the errata NOT work? Two reasons: (1) I was using the loader.conf line with a set as the first word, like this set hint.acpi.0.disabled=1 # This does NOT work and (2), the variable I was told to use is NOT hint.acpi.0.disabled but is in fact hint.apic.0.disabled. I did read the section with the `apic' variable, but it did not seem to apply, whereas the section about the `acpi' variable did seem to apply. So, the following two lines, exactly like this, worked for me in my loader.conf, and I can now boot without safe mode: hint.apic.0.disabled=1 unset acpi_load No leading blanks, no use of the word set, use of the variable with `apic' in it (and not acpi). The unset does turn off `acpi'. All is well now. Regards from Tucson, -cc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
16MB memory requirement for 5.3 install (Re: cracked out floppy install)
On Tue, Feb 08, 2005 at 05:55:31PM +0100, Ramiro Aceves wrote: Kris Kennaway wrote: On Mon, Feb 07, 2005 at 10:52:53PM -0500, daniel wrote: On February 7, 2005 10:40 pm, Chris Hill wrote: On Mon, 7 Feb 2005, daniel wrote: i've been trying to install freebsd-5.3RELEASE on this old computer on and off for days now. i downloaded the floppies, watched the thing boot and each and every time, it'll get to the little beastie prompt where it counts down and is *supposed* to run sysinst but instead, it just reboots! That's just peculiar. Maybe you need more RAM? Couldn't hurt, anyway. The 16M you cite below seems a bit meager. well the handbook says freebsd5 has a minimum requirement of 8mb, so 16 should be fine. but even if it weren't, you'd think there'd be some form of useful error message instead of just rebooting. it just makes no sense. In practise no-one tests running on minuscule-memory configurations, so it's possible that 8mb or even 16mb is not in fact enough thesedays. Anyway, it's possible something else is wrong. Did you try the other boot modes, e.g. disabling acpi, running in 'safe mode', etc? In particular, many older systems have buggy BIOS implementations that do not allow them to run with acpi, even though the BIOS thinks they can. Kris In my experience, I was not able to install FreeBSD 5.3 in an old pentium 16 MB RAM. I experienced the same reboot problem. 32 MB fixed the issue and it installed fine. I could not test with 24 MB, but perhaps it will work. Sounds like memory is indeed the issue then - is the original poster able to confirm this? If so, one of you should submit a PR requesting that the docs be updated. Kris pgp9iJAz2oJFy.pgp Description: PGP signature
Orion Application Server port
What happened to the Orion application server port? I am reading articles that say there is a port for it. I am using the latest port on 4.10 and the only Orion I can find is in x11-wm. Is there a seperate mailing list to track changes in the ports tree? -CM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using FreeBSD to migrate Windows XP?
On Tue, Feb 08, 2005 at 11:23:12AM -0500, Lowell Gilbert wrote: John [EMAIL PROTECTED] writes: Dump cannot work on anthing other than UFS filesystems. Dump actually separately interprets the filesystem structure. Consider, for example, that dump works perfectly well on unmounted filesystems. Dump is DRAMATICALLY different in its operation than tar, cpio, etc. Since tar and others use the filesystem code, they don't care what the underlying structure might be, BUT, they are also incapable of collecting foreign information like SIDs and ACLs. This is one of the advantages of the new BSD tar (which is the standard tar on FreeBSD 5.3); it can pick up some of the extended attributes. True, but I think it is still a LONG WAYS from being able to back up and restore an NT Filesystem. We don't really write to NT filesystems at all, in the general case. -- John Lind [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Best JDK for performance?
Which JDK gives the best performance on FreeBSD? I have the following installed from ports: /usr/local/jdk1.4.2 /usr/local/linux-sun-jdk1.4.2 -CM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
Dan Nelson wrote: In the last episode (Feb 08), Loren M. Lang said: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. The string in the NAMI line immediately after an open() call is the filename in kdump output. strace actually does work, but I think it's losing a race when it forks the child process. Try suspending and resuming strace: ([EMAIL PROTECTED]) /home/dan strace date hangs here, hit ^Z ^Z zsh: 62219 suspended strace date [1] + suspended strace date ([EMAIL PROTECTED]) /home/dan fg [1] + continued strace date execve(0xbfbfdef4, [0xbfbfe3b8], [/* 0 vars */]) = 0 mmap(0, 3920, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x28071000 munmap(0x28071000, 3920)= 0 ... strace hasn't been updated in a while, though, and has problems parsing newer syscalls. Take a look at the truss command in the base system, which does about the same thing as strace. Ktrace has the advantage that it's less intrusive; both strace and truss have to stop the process to print out data, which really slow it down. Is truss still being fixed to work without procfs or is ktrace a better replacement? Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill - OT
On Feb 8, 2005, at 4:19 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chad Leigh -- Shire.Net LLC Sent: Monday, February 07, 2005 8:29 PM To: freebsd-questions@freebsd.org Subject: Re: Electricity bill - OT A lot of new-built houses in the US are installing continuous circulation systems for hot water, which greatly reduces the time the HW heater is running, since when you turn on the hot water, you get instantaneous hot water and don't have to run a ton of water before it gets hot, which reduces the amount of HW wasted. This is a gimmick built to sell houses, a cool one, but only in hot climates does it make much difference. In cooler climates the heat from the standing water in the pipes just makes the furnace run less, thus the savings are a wash. That does not make sense. The savings is in running the hot water heater less. Houses that care about energy efficiency have the hot water pipes insulated anyway so it would not help in cooler climes. The goal is to run the hot water heater less, which you achieve when you constantly circulate the hot water through the hot water pipes, instead of letting it get cold and have to run a ton when you need a lot of water. Also, the new tankless HW heaters look interesting... those have been around for at least 20 years. As most of them are electric, not natural gas, your going to pay more money for heating water with a bunch of those than with a central gas water heater. The ones I have seen, the newer models, are GAS and are very efficient. Maybe you need to get out more? Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Best JDK for performance?
On Tue, Feb 08, 2005 at 12:16:11PM -0500, Chad Morland wrote: Which JDK gives the best performance on FreeBSD? I have the following installed from ports: /usr/local/jdk1.4.2 /usr/local/linux-sun-jdk1.4.2 I don't know about best performance, but for stability, the native one is the one to go with. -- Jonathan Chen [EMAIL PROTECTED] -- If you're right 90% of the time, why quibble about the remaining 3%? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
In the last episode (Feb 08), Chris Hodgins said: Is truss still being fixed to work without procfs or is ktrace a better replacement? There hasn't been any work on ptrace-ing truss in almost two years. It works fine with procfs though. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: jail /dev
On Feb 8, 2005, at 8:32 AM, r p wrote: Hi, I've set up a jail and am getting confused about setting up the devices. The name of the jail is jail and it's directory is /usr/jail. I am using 5.3-Release. I have tried three methods, one that works, two that don't. At the moment what I'm doing is mount_devfs devfs /usr/jail/dev then going into the jail and deleting the devices that I (think) I don't need/shouldn't have available. This works, but brings up the problem that I don't know what devices I should leave in and which I shouldn't. I tried adding the line jail_jail_devfs_ruleset=4 along with other suggested lines relating to jails to /etc/rc.conf, but this resulted in an error message at bootup; WARNING: devfs_set_ruleset: you must specify a ruleset number. I am getting the number (4) from the /etc/defaults/devfs.rules file. I have the following in my jail startup script devfs_domount /local/2/hobbiton/dev devfsrules_jail devfs_set_ruleset devfsrules_jail /local/2/hobbiton/dev /sbin/devfs -m /local/2/hobbiton/dev rule -s 4 applyset I am not sure which one is working but one of them is :-) I will have to debug it some more and simplify this Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 16MB memory requirement for 5.3 install (Re: cracked outfloppy install)
Sounds like memory is indeed the issue then - is the original poster able to confirm this? If so, one of you should submit a PR requesting that the docs be updated. Kris Hello Kris. I posted my experiences in the thread Confirmed: 5.3 installation do not work with 16 MB RAM on 11th-january-2005 post to this list. There was another person that confirmed it there. If you think so, we can fill a bug report. Thank you. Ramiro. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
On Tue, Feb 08, 2005 at 10:24:29AM -0600, Dan Nelson wrote: In the last episode (Feb 08), Loren M. Lang said: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. The string in the NAMI line immediately after an open() call is the filename in kdump output. Oh, I never noticed this since I was using grep to filter out the open suyscalls. In strace everything is in one line. Is there anything then that will work like the -e option in strace so I can list just the syscalls I want to see? strace actually does work, but I think it's losing a race when it forks the child process. Try suspending and resuming strace: ([EMAIL PROTECTED]) /home/dan strace date hangs here, hit ^Z ^Z zsh: 62219 suspended strace date [1] + suspended strace date ([EMAIL PROTECTED]) /home/dan fg [1] + continued strace date execve(0xbfbfdef4, [0xbfbfe3b8], [/* 0 vars */]) = 0 mmap(0, 3920, PROT_READ|PROT_WRITE, MAP_ANON, -1, 0) = 0x28071000 munmap(0x28071000, 3920)= 0 ... This does work. strace hasn't been updated in a while, though, and has problems parsing newer syscalls. Take a look at the truss command in the base system, which does about the same thing as strace. Ktrace has the advantage that it's less intrusive; both strace and truss have to stop the process to print out data, which really slow it down. -- Dan Nelson [EMAIL PROTECTED] -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
5.3 release crash
I just had a 5.3-release-p2 box crash on me. This box is in production so I don't have any debugging information whatsoever. However, I'm hoping someone could tell me if what I think caused it is possible/probable. Not long before it crashed I was running some stress tests against a new threaded server I was building in python by running 5-10 clients simultaneously for about an hour.Since this box has been stable for almost a year without any issues at all, I really doubt that it's a coincidence. Can anyone think of what issues with threads could cause a panic? Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 release crash
On Tue, 8 Feb 2005 09:57:19 -0800, Payment Online [EMAIL PROTECTED] wrote: I just had a 5.3-release-p2 box crash on me. This box is in production so I don't have any debugging information whatsoever. However, I'm hoping someone could tell me if what I think caused it is possible/probable. Not long before it crashed I was running some stress tests against a new threaded server I was building in python by running 5-10 clients simultaneously for about an hour.Since this box has been stable for almost a year without any issues at all, I really doubt that it's a coincidence. Can anyone think of what issues with threads could cause a panic? Chris One more thing, the threaded application was running in a jail. Not sure if that could make any difference. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
In the last episode (Feb 08), Loren M. Lang said: On Tue, Feb 08, 2005 at 10:24:29AM -0600, Dan Nelson wrote: In the last episode (Feb 08), Loren M. Lang said: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. The string in the NAMI line immediately after an open() call is the filename in kdump output. Oh, I never noticed this since I was using grep to filter out the open suyscalls. In strace everything is in one line. Is there anything then that will work like the -e option in strace so I can list just the syscalls I want to see? grep -A1 CALL open is about the best you can do -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Electricity bill - OT
On Feb 8, 2005, at 10:54 AM, Henry Miller wrote: On 2/8/2005 at 10:30 Chad Leigh -- Shire.Net LLC wrote: On Feb 8, 2005, at 4:19 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chad Leigh -- Shire.Net LLC Sent: Monday, February 07, 2005 8:29 PM To: freebsd-questions@freebsd.org Subject: Re: Electricity bill - OT A lot of new-built houses in the US are installing continuous circulation systems for hot water, which greatly reduces the time the HW heater is running, since when you turn on the hot water, you get instantaneous hot water and don't have to run a ton of water before it gets hot, which reduces the amount of HW wasted. This is a gimmick built to sell houses, a cool one, but only in hot climates does it make much difference. In cooler climates the heat from the standing water in the pipes just makes the furnace run less, thus the savings are a wash. That does not make sense. The savings is in running the hot water heater less. Houses that care about energy efficiency have the hot water pipes insulated anyway so it would not help in cooler climes. The goal is to run the hot water heater less, which you achieve when you constantly circulate the hot water through the hot water pipes, instead of letting it get cold and have to run a ton when you need a lot of water. That does not make sense. IF the pipes were perfectly insulated there would be no need for this loop because the water in the pipes would be hot. However there is no perfect insulation, so you keep the water in the pipes warm by re-circulating it. Each time water goes through the pipes it loses a little heat, which the water heater then has to make up for. So these loops waste energy, but it is considered worth it because you get hot water without having to wait. The data I saw a year or two ago showed that these were more energy efficient than the standard model of waiting for a minute or two for the hot water to purge the colder water from the pipes. It has added benefits, and the benefits may be related to this (ie, constantly circulating water means you run it less which may be where the savings come in). I do not have the data in front of me now, but it was an interesting proposition. And more energy efficient. Not a gimmick. Also, the new tankless HW heaters look interesting... those have been around for at least 20 years. As most of them are electric, not natural gas, your going to pay more money for heating water with a bunch of those than with a central gas water heater. The ones I have seen, the newer models, are GAS and are very efficient. Maybe you need to get out more? I've seen both types. Both have been around for 20 years. Computers have been around about 50 years, but to compare todays computers to those of 50 years go is ridiculous. Do you not think that mayb e hot water technology has advanced some in 20 years? Electric ones seem more common, but to replace a tank type water heater you need 80 amp service to it, which is difficult to work with so few people have or use them. I was specifically refering to new technology, I believe gas based, tankless water heaters that are more energy efficient and can lower your energy needs. To compare this to 20 year old technology is foolish. Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ktrace as a replacement for strace
On Tue, Feb 08, 2005 at 12:11:11PM -0600, Dan Nelson wrote: In the last episode (Feb 08), Loren M. Lang said: On Tue, Feb 08, 2005 at 10:24:29AM -0600, Dan Nelson wrote: In the last episode (Feb 08), Loren M. Lang said: I'm looking for a replacement for the strace program I used to use on linux; freebsd has a port of strace, but it just hangs everytime I use it. It looks like the bsd version of strace would be ktrace/kdump. I was able to get these to print a trace of the program I ran, but it doesn't do all the nice substatuting that strace was able to do. Mainly, I just want the first argument of open to look like a string instead of a 32 bit pointer that I can't read. I'm trying to figure out what files this program is trying to read so I can edit it's configuration file. The string in the NAMI line immediately after an open() call is the filename in kdump output. Oh, I never noticed this since I was using grep to filter out the open suyscalls. In strace everything is in one line. Is there anything then that will work like the -e option in strace so I can list just the syscalls I want to see? grep -A1 CALL open is about the best you can do Wow, I used to use the -A argument all the time years ago to grep. Then at some point I stopped finding a need for it and completely forgot about that. One problem with cui vs. gui, if you don't use a feature often enough, you'll forget it even exists unless you check the manpage constantly. At least with guis, the limited features they offer are always visible. -- Dan Nelson [EMAIL PROTECTED] -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cracked out floppy install
On Mon, Feb 07, 2005 at 10:52:53PM -0500, daniel wrote: On February 7, 2005 10:40 pm, Chris Hill wrote: On Mon, 7 Feb 2005, daniel wrote: i've been trying to install freebsd-5.3RELEASE on this old computer on and off for days now. i downloaded the floppies, watched the thing boot and each and every time, it'll get to the little beastie prompt where it counts down and is *supposed* to run sysinst but instead, it just reboots! That's just peculiar. Maybe you need more RAM? Couldn't hurt, anyway. The 16M you cite below seems a bit meager. well the handbook says freebsd5 has a minimum requirement of 8mb, so 16 should be fine. but even if it weren't, you'd think there'd be some form of useful error message instead of just rebooting. it just makes no sense. I've found that *many* - maybe even most - floppies are bad out of the box. I buy the 25- or 50-pack, and churn through until I find two good ones. Sometimes it takes a while. how can i tell what makes a good one then? i just can't go through 50 disks hoping to get one right. i haven't received any errors, so i'm working under the assumption that they work. Do a diff: diff /dev/fd0 myfloppy.img If it doesn't complain then it's probably good. Also, if you use something like: dd if=myfloppy.img of=/dev/fd0 bs=1440k to make the floppy image then you should get 1+0 records in 1+0 records out with no errors if the floppies good. I also have a not of trouble finding good floppies to boot from. Just keep trying over and over. If both dd and diff succeed then it's probably something else that's the matter. I think sometimes floppy drives can be slightly out of adjustment of each other so one drive may have trouble reading the contents of a floppy made on a different drive so I try to use the same computer when I can to man the floppy and boot from it. Other than the RAM, this should be fine as long as you don't plan on storing much data. I'd use this machine as a home gateway/firewall/NAT box. the plan at the moment is experimentation and maybe dns for one domain or something. i just need it to install first and guessing with 50 floppies seems a bit nuts. -- what the scientists have in their briefcases is terrifying. - nikita khrushchev ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cracked out floppy install
On February 8, 2005 01:34 pm, Loren M. Lang wrote: with no errors if the floppies good. I also have a not of trouble finding good floppies to boot from. Just keep trying over and over. If both dd and diff succeed then it's probably something else that's the matter. I think sometimes floppy drives can be slightly out of adjustment of each other so one drive may have trouble reading the contents of a floppy made on a different drive so I try to use the same computer when I can to man the floppy and boot from it. wow. alright, you've just convinced me to transplant the hard drive to another machine and boot from there. it'll install faster and i won't have to worry so much about the reliability of floppies. -- the trouble with the world is that the stupid are cocksure and the intelligent are full of doubt. - bertrand russell ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 release crash
On Tue, Feb 08, 2005 at 10:05:13AM -0800, Payment Online wrote: On Tue, 8 Feb 2005 09:57:19 -0800, Payment Online [EMAIL PROTECTED] wrote: I just had a 5.3-release-p2 box crash on me. This box is in production so I don't have any debugging information whatsoever. However, I'm hoping someone could tell me if what I think caused it is possible/probable. Not long before it crashed I was running some stress tests against a new threaded server I was building in python by running 5-10 clients simultaneously for about an hour.Since this box has been stable for almost a year without any issues at all, I really doubt that it's a coincidence. Can anyone think of what issues with threads could cause a panic? Chris One more thing, the threaded application was running in a jail. Not sure if that could make any difference. Unfortunately you probably need to obtain the debugging information in order to diagnose this. Setting up crashdumps isn't hard and doesn't interfere with production machines. Kris pgpVSRUc39WKM.pgp Description: PGP signature
diff: memory exhausted
How can I compare two big text files? -- Sem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CUPS server + Windows client
The good news is that I can print from a Windows machine to my Brother 1240 connected via USB by using CUPS. The bad news is that whenever you look at the printer on the Windows machine, it says Access denied, unable to connect in the Status Therefore it does not show jobs waiting to be printed, nor does it allow for their control (delete / pause jobs especially). I've looked through the CUPS config stuff and don't see anything missing, but I'm far from an expert. Here's the relevant config info (NOTE: the Windows machine is on 192.168.1.x) $ fgrep -v '#' /usr/local/etc/cups/cupsd.conf|grep . LogLevel info Port 631 Browsing On BrowseProtocols cups BrowseAllow address Location / Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow from 192.168. /Location AuthType None Location /admin AuthType None Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow from 192.168.1 /Location ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
make buildworld broke
I had a box crash and I got it up again. I lost some information in / and /etc. After some reconstructing, it seems to be running fine and all the services are working. I wanted to do a buildworld just to update anything I might have missed. When I try, I always get a stop error. How can I get my buildworld back, I dont want to take the box offline for long. I also need to add another proc to it, which means I need to add smp support, which I can't currently do. What is the best course of action for me from here? Am I overlooking something simple? FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: TIA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: diff: memory exhausted
In the last episode (Feb 08), Sergey Matveychuk said: How can I compare two big text files? diff -H might help, or you can try installing the textproc/2bsd-diff port which apparently doesn't try to load the files into RAM, so it can work on large files more easily. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
help with foxpro and FreeBSD 4.5
I am currently trying to install FoxPro 2.6 for unix onto FreeBSD 4.5. However, any time I try to run FoxPro, I get the message Too many files open. After doing some research, it does not appear a file handling problem. Does anyone have any insight into this? Please reply to [EMAIL PROTECTED] Thanks, Eddie Fry [EMAIL PROTECTED] EAZNet Internet Services -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.6 - Release Date: 2/7/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Best JDK for performance?
Hi Chad, I wrestled with this for a while, I didn't find much useful information. I've got a website on FreeBSD and JBoss4, with the native JDK, and it runs really well. No crashes and no memory issues that I can see so far. Pat On Tue, 8 Feb 2005 12:16:11 -0500, Chad Morland [EMAIL PROTECTED] wrote: Which JDK gives the best performance on FreeBSD? I have the following installed from ports: /usr/local/jdk1.4.2 /usr/local/linux-sun-jdk1.4.2 -CM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: diff: memory exhausted
Sergey Matveychuk wrote: How can I compare two big text files? Does the -H option help any? (How big is big?) -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Failed Install Gigabyte motherboard w/RAID
Hello, I have been trying to install FreeBSD on my machine with a new motherboard with built in hardware RAID and the installation freezes at system probing. Is there a known way around this problem? The motherboard is a Gigabyte GA-7N400 Pro2 (Rev 2.0). I have configured two Seagate 160GB IDE drives for RAID 1, have a PCI video card and PCI modem installed. I also tried to install the operating system with the RAID turned off and one hard drive on IDE 0 but the installation also failed. Any suggestions? Sincerely, Richard Blanchard -- Richard Blanchard Badlands Fab and Machine 475 North Frontage Road Helper, Utah 84526 Phone: 435.472.3222 Fax: 435.472.1322 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re:Sysinstall problem with network settings
Ok, i was very lame :) cat /etc/rc.conf shows that sysinst put there the required config lines, but didnt pass them to ifconfig. After a reboot, it worked well, i just thought that sysinstall will configure ifconfig at once. I can remember, that problem was about Freesbie, which cant save the modified rc.conf, so i wasnt able to config the network by using sysintall. Anyway, thanx for mentioning that! ricsip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem with realplayer
On Mon, Feb 07, 2005 at 10:37:58PM -0600, Brian John wrote: Loren M. Lang wrote: On Sun, Feb 06, 2005 at 01:41:35AM -0600, Brian John wrote: Hello, whenever I try to run realplayer I get the following: $ realplay (realplay.bin:94093): GdkPixbuf-WARNING **: Can not open pixbuf loader module file '/etc/gtk-2.0/gdk-pixbuf.loaders': No such file or directory Failed to load pixbuf file: /usr/local/lib/RealPlayer/share/realplay/icon.png: Couldn't recognize the image file format for file '/usr/local/lib/RealPlayer/share/realplay/icon.png' Install graphics/linux-gdk-pixbuf from ports. (realplay.bin:94093): GdkPixbuf-WARNING **: Can not open pixbuf loader module file '/etc/gtk-2.0/gdk-pixbuf.loaders': No such file or directory It looks as if maybe some autogenerated file didn't get generated. Try reinstalling realplayer and gdk-pixbuf. portupgrade -f will do that. Also, did you say whether your using realplayer from ports or the original package it comes in. I had this problem before, I think it might of been a problem with linux_base being too old. It was only rh 7 and upgrading to rh 8 or 9 fixed it. Personally, I recommend just using linux_base-rh-9 for the best compatibility for linux binaries. (realplay.bin:94093): GdkPixbuf-WARNING **: Can not open pixbuf loader module file '/etc/gtk-2.0/gdk-pixbuf.loaders': No such file or directory (realplay.bin:94093): GdkPixbuf-WARNING **: Can not open pixbuf loader module file '/etc/gtk-2.0/gdk-pixbuf.loaders': No such file or directory snip Thanks /Brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It looks like it is already installed. This is what it says when I try to install it: = Attempting to fetch from http://fedora.quicknet.nl/fedora/fedora/2/i386/RPMS.updates/. gdk-pixbuf-0.22.0-11.3.5.i386.rpm 100% of 222 kB 52 kBps === Extracting for linux-gdk-pixbuf-0.22.0.11.3.5_1 = Checksum OK for rpm/gdk-pixbuf-0.22.0-11.3.5.i386.rpm. === Patching for linux-gdk-pixbuf-0.22.0.11.3.5_1 === linux-gdk-pixbuf-0.22.0.11.3.5_1 depends on executable: rpm - found === Configuring for linux-gdk-pixbuf-0.22.0.11.3.5_1 === Installing for linux-gdk-pixbuf-0.22.0.11.3.5_1 === linux-gdk-pixbuf-0.22.0.11.3.5_1 depends on file: /compat/linux/etc/redhat-release - found === Generating temporary packing list === Checking if graphics/linux-gdk-pixbuf already installed gdk-pixbuf-0.22.0-11.3.5.i386.rpm Any other clue what might have caused this? Thanks for the help /Brian -- I sense much NT in you. NT leads to Bluescreen. Bluescreen leads to downtime. Downtime leads to suffering. NT is the path to the darkside. Powerful Unix is. Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc Fingerprint: B3B9 D669 69C9 09EC 1BCD 835A FAF3 7A46 E4A3 280C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Acer Aspire 1356 LCi + WLAN
In august last year I bought an Acer Aspire 1356 LCi laptop. WLAN was built in but I knew it wouldn't work in FreeBSD yet, so I used a SMC2662W USB WLAN adapter. Now half a year later I was wondering Maybe I can setup the internal WLAN connector than I can use the USB adapter on a different computer. By google'ing on the laptop name + WLAN didn't bring up much of a help. So my question was does anyone have a Acers Aspire 1350 series ( or similar ) with internal WLAN working with FreeBSD ? Currently I am running FreeBSD 5.3-stable, for the SMC I use the atuwi drivers: www.vitsch.net/bsd/atuwi/ Thanks in advance Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make buildworld broke
On Tue, Feb 08, 2005 at 02:18:58PM -0500, lists wrote: I had a box crash and I got it up again. I lost some information in / and /etc. After some reconstructing, it seems to be running fine and all the services are working. I wanted to do a buildworld just to update anything I might have missed. When I try, I always get a stop error. How can I get my buildworld back, I dont want to take the box offline for long. I also need to add another proc to it, which means I need to add smp support, which I can't currently do. What is the best course of action for me from here? Am I overlooking something simple? FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: What is the exact error you receive? Kris pgpz6QViPlCvT.pgp Description: PGP signature
Re: Newbie Security Concerns
[EMAIL PROTECTED] writes: I am a new user of UNIX and FreeBSD and have never had to do any administration or security configuration myself before. I am running IP Firewall on FreeBSD-5.3-RELEASE. Last night I was checking my logs and discovered that sshd reported many illegal users. Does that mean my system i compromised? As configured, there are only three accounts on my system, root, toor, and one user account for me. I suppose you need more information from me, but am not sure what to provide. Any help would be greatly appreciated. FreeBSD is no more or less vulnerable than most other operating systems. It can be very secure if you are careful about what you run on the system, and it can be very insecure if you run everything under the sun without taking any precautions. Fortunately, there aren't as many kiddies trying to break into UNIX as there are trying to break into Windows these days, but at the same time, a majority of reported security bugs these days seem to be on Linux. A more important question is the use you intend to make of the system. A desktop system can be secured more easily than a server, because a desktop doesn't have to answer unsolicited incoming traffic from the Net, whereas a server _must_ do this, by definition. So servers always have a few doors open, whereas you can close all the doors on a desktop. The only virus infection I've ever had, ironically, was on FreeBSD, when a worm found its way into the Web server. It was a software bug, and since the HTTP port _must_ be open in order for the server to handle my Web site, I couldn't just lock things out. The worm didn't get far, though, because, when it tried to call its master, the reply from its master was blocked by my firewall. Still, that's the only virus infection I've had in decades of working on computers, as far as I can remember. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
