RE: Proliant 5000 sever Fbsd 5.4 (re)boot problem
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Vizion Sent: Tuesday, August 30, 2005 4:21 PM To: freebsd-questions@freebsd.org Cc: Robert Slade Subject: Re: Proliant 5000 sever Fbsd 5.4 (re)boot problem Did you follow my suggestion and search the HP resources with freebsd and your model. I have had the same problem myself I am pretty certain it was fixed by changes using the Proliant Essrntial Foundation Pack.. but my memory may not be accurate. Yeah, what a awful design! You have to load an entire full-blown Windows install just to update the microcode in the SCSI raid controller. I saw they had done this the last time I setup a Compaq server and nearly barfed. You can still firmware update the machines' BIOS with a bootable floppy but that's it. To get anything else, helo Windows! At least you get the satisfaction of scratching it off once you've done the update. Ted -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 8/30/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Disaster recovery ?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Madhusudan Singh Sent: Tuesday, August 30, 2005 8:09 AM To: freebsd-questions@freebsd.org Subject: Disaster recovery ? Hi I had a working FreeBSd 5.3 RELEASE server running postfix and zope until last night. When I checked it in the morning, it had a bunch of ad4 ... UNRECOVERABLE ERROR messages on it. Upon a reboot, it complains it cannot find /boot/loader (error 16). Last week, it had shut down without any apparent reason but came up upon reboot. Sounds like the hard disk is fried. Its a new server (just 5 months old or so). How do I recover what was on the partitions ? You don't With the price of UDMA disks and the price of hardware IDE raid controllers as cheap as they are, anyone setting up a production server on a single IDE disk is taking a totally unnecessary and stupid gamble. Consider it a learning experience. We have all had it happen to us at least once. You probably needed to update your install anyhow. Ted -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 8/30/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/etc/profile and PATH
Hello list I have set some environment vars in /etc/profile such as PATH QTDIR (for Qt) LD_LIBRARY_PATH etc. All variables are setup successfully except PATH that remains unchanged... I tried to setup PATH in ~/.profile and now is updated but how can I setup this variable system wide? specifically want to add the Qt and MySQL binary directories to the PATH... Thanx ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /etc/profile and PATH
Hello list I have set some environment vars in /etc/profile such as PATH QTDIR (for Qt) LD_LIBRARY_PATH etc. All variables are setup successfully except PATH that remains unchanged... I tried to setup PATH in ~/.profile and now is updated but how can I setup this variable system wide? specifically want to add the Qt and MySQL binary directories to the PATH... Thanx man 5 login.conf cheers, -- Joel Hatton -- Security Analyst| Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland| WWW: www.auscert.org.au Qld 4072 Australia | Email: [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How to create *exactly* the same partitions in different disks
Hi, pretty simply, how do I create slices (fdisk) that are exactly the same throughtout different drives so they can be used in a RAID5 config? I tried using sysinstall and typing the SAME values but they result is always slightly off. I tried passing the values by hand, but it changes it anyway. # echo p 2 165 20964825 467427240 | fdisk -v -f- /dev/ad6 *** Working on device /dev/ad6 *** fdisk: WARNING: adjusting size of partition 2 from 467427240 to 467426295 to end on a cylinder boundary parameters extracted from in-core disklabel are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Information from DOS bootblock is: 1: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 20964321 (10236 Meg), flag 0 beg: cyl 0/ head 1/ sector 1; end: cyl 317/ head 15/ sector 63 2: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 20964825, size 467426295 (228235 Meg), flag 0 beg: cyl 318/ head 7/ sector 1; end: cyl 162/ head 15/ sector 63 3: UNUSED 4: UNUSED fdisk: Geom not found [EMAIL PROTECTED] [Wed Aug 31 17:02:10 2005] ~ # fdisk -s /dev/ad4 /dev/ad4: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964762 0xa5 0x80 2:20964825 467427240 0xa5 0x00 [EMAIL PROTECTED] [Wed Aug 31 17:01:35 2005] ~ # fdisk -s /dev/ad6 /dev/ad6: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964321 0xa5 0x00 2:20964825 467426295 0xa5 0x00 Help!!! thanks in advance, beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rsync and moving files [Re: backup w/ snapshots]
* Charles Swiger [2005-08-30 10:49 -0400] On Aug 30, 2005, at 3:32 AM, Svein Halvor Halvorsen wrote: Yes, that's correct! But let's say I keep more than one snapshot around. I maybe didn't mention this, but this the sole purpose of using snapshots; for me to have more full backups laying around. A snapshot on the same disk does not qualify as a reliable backup of your data. Using rsync to copy a tree of stuff to another machine would. Please read the entire thread. I use rsync to mirror my disks remotely, then make snapshots on that remote computer. The snapshots are mounted read-only and nfs-exported back to the original computer. This satisfies both the need for offsite sorage of backups, the need for invremental backups and the need for all previous backups to be randomly accessible from the original computer. Thanks for your consern, though. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rsync and moving files [Re: backup w/ snapshots]
* Garance A Drosihn [2005-08-30 12:50 -0400] Fwiw, I understand the problem you're trying to describe. And the basic issue is that rsync keeps no information between separate runs of it. It has no way of knowing that a given file on the source volume used to be at a different location. It does not even know that the destination volume was sync'ed by a previous run of rsync, so it does not even know that the file at the old location on the destination is the same as the file at the old location on the source. It knows nothing more than the information it has at the moment of any given run of rsync. You could kinda fudge that information for rsync by creating a lot of hard links, but that is probably going to create more of a mess than it will solve. So, you're left with doing something else outside of rsync. The script you are suggesting would probably be fairly easy to write in something like ruby, perl, or python. Use a key made up of the inode number + lastchange date, or maybe inode number + file size. Then save away the key-to-filename(s) mapping for every file. On the next run of rsync, see which files have moved on the source directory. If the destination volume has a file at the old location which matches the file-size or lastchange date (depending on which key you used...), then move it to the new location on the destination volume. Thanks! I think I will try to implement this, then! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to create *exactly* the same SLICES in different disks
sorry, i meant slices. i need 2 slices, exactly the same size on each of 4 disks. Norberto Meijome wrote: Hi, pretty simply, how do I create slices (fdisk) that are exactly the same throughtout different drives so they can be used in a RAID5 config? I tried using sysinstall and typing the SAME values but they result is always slightly off. I tried passing the values by hand, but it changes it anyway. # echo p 2 165 20964825 467427240 | fdisk -v -f- /dev/ad6 *** Working on device /dev/ad6 *** fdisk: WARNING: adjusting size of partition 2 from 467427240 to 467426295 to end on a cylinder boundary parameters extracted from in-core disklabel are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Information from DOS bootblock is: 1: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 20964321 (10236 Meg), flag 0 beg: cyl 0/ head 1/ sector 1; end: cyl 317/ head 15/ sector 63 2: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 20964825, size 467426295 (228235 Meg), flag 0 beg: cyl 318/ head 7/ sector 1; end: cyl 162/ head 15/ sector 63 3: UNUSED 4: UNUSED fdisk: Geom not found [EMAIL PROTECTED] [Wed Aug 31 17:02:10 2005] ~ # fdisk -s /dev/ad4 /dev/ad4: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964762 0xa5 0x80 2:20964825 467427240 0xa5 0x00 [EMAIL PROTECTED] [Wed Aug 31 17:01:35 2005] ~ # fdisk -s /dev/ad6 /dev/ad6: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964321 0xa5 0x00 2:20964825 467426295 0xa5 0x00 Help!!! thanks in advance, beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is there a way to connect to a Microsoft VPN?
On Wed, 2005-08-31 at 01:23 -0400, WOB wrote: I normally use my home Windows XP Pro box to connect to my works VPN, and then use RemoteDesktop to connect to my Work PC - so I know the connections work under Windows. I want to get rid of my home Windows box. Any suggestions? I'm kinda new, but I am trying to learn. Take a look on /var/log/ppp.log. Probably, it will give you a bit more insights. On another note, I tried pptp few days ago and did not succeed, then I moved to mpd and it has working. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
suidperl unable to find
Hello Gurus, I'm not sure this issue is for this list, but anyhow I would like to have this small help. Im on FreeBSD 4.8, fresh installed, and ports up to date. both perl-5.6.2_2 and perl-5.8.7 are installed, use.perl port and rehash has been done. I cannot locate the file suidperl ? althou perl is installed, when I do search for suidperl the result shows only in /usr/src/gnu/usr.bin/perl/suidperl and in /usr/bin I could find suidperl.freebsd shall i do rename suidperl.freebsd to suidperl ? or I did some mistake that is taking out suidperl ? How do i enable/install suidperl to be located in /usr/bin/ Thanks for the help. Marwan. _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
suidperl (update)
Hello, Sorry for disturb, but the issue has been solved, what a silly thing, I had to recomile perl with enable suid to yes. Thank you Marwan _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Proliant 5000 sever Fbsd 5.4 (re)boot problem
On Wed, 2005-08-31 at 07:01, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Vizion Sent: Tuesday, August 30, 2005 4:21 PM To: freebsd-questions@freebsd.org Cc: Robert Slade Subject: Re: Proliant 5000 sever Fbsd 5.4 (re)boot problem Did you follow my suggestion and search the HP resources with freebsd and your model. I have had the same problem myself I am pretty certain it was fixed by changes using the Proliant Essrntial Foundation Pack.. but my memory may not be accurate. Yeah, what a awful design! You have to load an entire full-blown Windows install just to update the microcode in the SCSI raid controller. I saw they had done this the last time I setup a Compaq server and nearly barfed. You can still firmware update the machines' BIOS with a bootable floppy but that's it. To get anything else, helo Windows! At least you get the satisfaction of scratching it off once you've done the update. Ted -- Thanks Ted David, The HP site does not turn up anything about FreeBSD and the Proliant. However I have found out that the Smart-2 family controllers do have an update. There is a Linux version of the flash utility so I'll try that first. Rob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: GbE NICs besides em (recommendation wanted)
On 8/31/05, Emanuel Strobl [EMAIL PROTECTED] wrote: Hello, I'm quiet disappointed with the em nics and wanted to try some other GigaBit NICs (1000baseTX only). AFAIK there are re, sk, bge driven cards. Which doesn't saturate a [EMAIL PROTECTED] at 200mbit/s with interrupt load (like em does)? I heard that the re is way better than the not so well rl and although much cheaper than em more efficient. What about bge? Or sk? Any comments welcome, also if I missed a supported family (TX only) I have a gigabit card managed by re and sk drivers at home IIRC ([EMAIL PROTECTED], [EMAIL PROTECTED]). I can run some tests for you this weekend if you wish. -- Dmitry Mityugov, St. Petersburg, Russia I ignore all messages with confidentiality statements We live less by imagination than despite it - Rockwell Kent, N by E ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Perl 5.8.7 port requires libm.so.4
On Tue, Aug 30, 2005 at 01:27:07PM -0500, Will Maier wrote: On Tue, Aug 30, 2005 at 02:16:18PM -0400, Lowell Gilbert wrote: Will Maier [EMAIL PROTECTED] writes: Hmm. I base my statement off the output from `uname -a`: FreeBSD `hostname` 5.4-SECURITY FreeBSD 5.4-SECURITY #0: Wed Jul 20 08:57:11 \ UTC 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Sorry; I was confused. You were trying to run 6.x packages on a 5.x system, not the other way around. Indulge a newb, then: how did that come about? I'm still figuring out port and packages and how they relate to the different releases. Do you mean that my portsnap'd ports tree is ~= 6.X and my system is ~=5.X? Is that inevitable? Is that a Bad Thing? Thanks so much for your help! There was a temporary snafu that caused the 5.x packages to be replaced by 6.x packages, which is now fixed. Delete the package and retry. Kris pgpOXigDgaTm5.pgp Description: PGP signature
Re: Logo Contest Update?
On Tue, Aug 30, 2005 at 10:06:27AM -0400, Josh Ockert wrote: Please refrain from misinformation. But that's so hard for Ted! Kris pgpwWfIEUNikl.pgp Description: PGP signature
rc.conf - setting interface UP without IP-address?
Hi, I'm looking for a way to set an interface UP using /etc/rc.conf without giving the interface an IP-address (i.e. neither static nor DHCP) Background: The machine in question has three Ethernet-IFs - one connects to the LAN (and has an IP-address) the other two are used for monitoring traffic via ethereal only. For security reasons I don't want to assign IP-addresses to the two ethereal-only interfaces - but I need them UP. Sure enough I can up these interfaces manually but I want them up at boot-time. I've tried with entries like e.g. ifconfig_fxp1= ifconfig_fxp1=UP in my /etc/rc.conf - none of these work. So what should I configure in /etc/rc.conf in order to get the interfaces UP? BTW - ethereal only recognizes interfaces that are in the UP state. Thanks much in advance for any clue, -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
entropy
Hello, what is entropy for? What are the consequences if one sets rc.conf/entropy_file and rc.conf/entropy_dir to NO? -Hanspeter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
questions
q -- [EMAIL PROTECTED] The state law of Pennsylvania prohibits singing in the bathtub. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: moving everything except a directory
--- Brian John [EMAIL PROTECTED] wrote: Say I am at ~ and I have 10 directories inside named 1, 2, 3, 4 ,5, 6, 7, 8, 9 and 10. What command can I use to move everything but directory 2? You can use combination of different commands to solve this problem. Base on your problem, you can move all directories excetp 2. mv `ls -l | grep -v 2 | awk -F '{print $9}'` destination directory Take note that the above commands do not only move the directories and its contents but also all the files in the current directory. If this is what you want, then the above commands will do it. What if I wanted to move everything but directories 2 and 7? Just pipe another command,e.g. grep -v 7, after the first grep command. Another option is to write a script if you want I'm not sure how to use the mv command to do this in 1 comand. Thanks /Brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
3ware raid disks requiring fsck ing,
I have started getting failures on a freebsd 4.x machine running 3ware card, the machine had been crashing from time to time, and it crashed and would not reboot saying noufs. Replacing the 3ware card ( a 7002 I think, the older 2 port ones) with a 7006 fixed this issue, but since then I have been getting crashes every few weeks/months, where the machine needs to do fsck's on the file partiitions, to come back to life. this is odd for a raid system, and didn't seem to happen before. I am thinking perhaps there is a hardware issue on this machine, and perhaps it fails under load ? does anyone have any experience of this? might the change of card be significant ? kind regards, Gerald de la Pascua ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem when making index in /usr/ports
Hello, Since this morning I have problem generating my index whith the traditional make index executed in/usr/ports I have already make fetchindex but this didn't solve the issue. Any help will be apreciated. root:newmail 12:16 /usr/ports # make index Generating INDEX-5 - please wait..p5-Unicode-MapUTF8-1.09: /usr/ ports/japanese/p5-Jcode non-existent -- dependency list incomplete === converters/p5-Unicode-MapUTF8 failed *** Error code 1 1 error Before reporting this error, verify that you are running a supported version of FreeBSD (see http://www.FreeBSD.org/ports/) and that you have a complete and up-to-date ports collection. (INDEX builds are not supported with partial or out-of-date ports collections -- in particular, if you are using cvsup, you must cvsup the ports-all collection, and have no refuse files.) If that is the case, then report the failure to [EMAIL PROTECTED] together with relevant details of your ports configuration (including FreeBSD version, your architecture, your environment, and your /etc/make.conf settings, especially compiler flags and WITH/WITHOUT settings). Note: the latest pre-generated version of INDEX may be fetched automatically with make fetchindex. *** Error code 1 Stop in /usr/ports. *** Error code 1 Stop in /usr/ports. root:newmail 12:17 /usr/ports # uname -a FreeBSD newmail.rmm.fr 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004 [EMAIL PROTECTED]:/usr/obj/usr/ src/sys/GENERIC i386 «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ Gregober --- PGP ID -- 0x1BA3C2FD bsd @at@ todoo.biz «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to create *exactly* the same partitions in different disks
At 12:07 AM 8/31/2005, Norberto Meijome wrote: Hi, pretty simply, how do I create slices (fdisk) that are exactly the same throughtout different drives so they can be used in a RAID5 config? I tried using sysinstall and typing the SAME values but they result is always slightly off. I tried passing the values by hand, but it changes it anyway. # echo p 2 165 20964825 467427240 | fdisk -v -f- /dev/ad6 *** Working on device /dev/ad6 *** fdisk: WARNING: adjusting size of partition 2 from 467427240 to 467426295 to end on a cylinder boundary parameters extracted from in-core disklabel are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=484521 heads=16 sectors/track=63 (1008 blks/cyl) Information from DOS bootblock is: 1: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 20964321 (10236 Meg), flag 0 beg: cyl 0/ head 1/ sector 1; end: cyl 317/ head 15/ sector 63 2: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 20964825, size 467426295 (228235 Meg), flag 0 beg: cyl 318/ head 7/ sector 1; end: cyl 162/ head 15/ sector 63 3: UNUSED 4: UNUSED fdisk: Geom not found [EMAIL PROTECTED] [Wed Aug 31 17:02:10 2005] ~ # fdisk -s /dev/ad4 /dev/ad4: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964762 0xa5 0x80 2:20964825 467427240 0xa5 0x00 [EMAIL PROTECTED] [Wed Aug 31 17:01:35 2005] ~ # fdisk -s /dev/ad6 /dev/ad6: 484521 cyl 16 hd 63 sec PartStartSize Type Flags 1: 6320964321 0xa5 0x00 2:20964825 467426295 0xa5 0x00 fdisk wants slices to start on a head boundary, and end on a cylinder boundary. if you make start evenly divisible by the number of sectors per track, and make size+start evenly divisible by sectors*heads, fdisk won't change any of the numbers on you. So, for your disk: start / sectors = 332775 you have size specified as 467427240, so: (467427240 + 20964825) / (16 * 63) = 484515.9375 fdisk will treat that as 484515 and do: (16 * 63 * 484515) - 20964825 = 467426295 and use that number as the new size. This matches ad6. It would appear that ad4 had the start and end values explicitly set causing it to come out with different numbers. -Glenn Help!!! thanks in advance, beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
On 2005-08-31 11:02, Ewald Jenisch [EMAIL PROTECTED] wrote: I'm looking for a way to set an interface UP using /etc/rc.conf without giving the interface an IP-address (i.e. neither static nor DHCP) Background: The machine in question has three Ethernet-IFs - one connects to the LAN (and has an IP-address) the other two are used for monitoring traffic via ethereal only. For security reasons I don't want to assign IP-addresses to the two ethereal-only interfaces - but I need them UP. Sure enough I can up these interfaces manually but I want them up at boot-time. I've tried with entries like e.g. ifconfig_fxp1= ifconfig_fxp1=UP in my /etc/rc.conf - none of these work. Try up (lowercase) instead. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: GbE NICs besides em (recommendation wanted)
Am Mittwoch, 31. August 2005 10:51 CEST schrieb Dmitry Mityugov: On 8/31/05, Emanuel Strobl [EMAIL PROTECTED] wrote: Hello, I'm quiet disappointed with the em nics and wanted to try some other GigaBit NICs (1000baseTX only). AFAIK there are re, sk, bge driven cards. Which doesn't saturate a [EMAIL PROTECTED] at 200mbit/s with interrupt load (like em does)? I heard that the re is way better than the not so well rl and although much cheaper than em more efficient. What about bge? Or sk? Any comments welcome, also if I missed a supported family (TX only) I have a gigabit card managed by re and sk drivers at home IIRC ([EMAIL PROTECTED], [EMAIL PROTECTED]). I can run some tests for you this weekend if you wish. Thank you for the offer, but I thought people had some simple test results in mind. If you next time use rdump or large NFS transfers to another GbE connected (and fast enough) box just watch the system load (I use systat -vm 1) and see what card causes what interrupt load. em cards can't transfer (real files over FTP/NFS) more than 200mbit/s on a [EMAIL PROTECTED], at this level the system load is 100% of which ~80% is interrupt systemload :( Thanks, -Harry pgpGnrJvsz3fA.pgp Description: PGP signature
portsnap and updates using cron
Hello, I am using portsnap to update my ports tree like following: 1. Calling portsnap cron from root's cron 2. Updating ports tree using portsnap -I update from root's cron But it does not update anything by portsnap cron. In /usr/local/etc/portsnap.conf I have: WORKDIR=/usr/local/portsnap PORTSDIR=/usr/ports Files in WORKDIR are dated to Aug 25. So I assume calling portsnap cron results in failure (both with -f /usr/local/etc/portsnap.conf or without it). Can anyone advise me on this one please? -- martin hudec * 421 907 303 393 * [EMAIL PROTECTED] * http://www.aeternal.net Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws. Douglas Adams, The Hitchhiker's Guide to the Galaxy pgpQH9kTlr4Vm.pgp Description: PGP signature
heimdal kerberos ssh
Hi, I'm trying to setup a Kerberos realm, on a 5.4-STABLE box using the base heimdal version. I have succesfully created the database and I can get a ticket using kinit. Now I'm trying to setup the ssh service so that it authenticates to the kerberos server, and so that it saves the ticket to the credentials cache. However that last point is not working: %%% [EMAIL PROTECTED] ~ grep stijnkrb /etc/passwd stijnkrb:*:1004:1004:stijn kerb test:/home/stijnkrb:/usr/local/bin/zsh [EMAIL PROTECTED] ~ ssh [EMAIL PROTECTED] Password: Last login: Wed Aug 31 13:11:15 2005 from localhost.lzee. firsa% klist klist: No ticket file: /tmp/krb5cc_1004 %%% So it seems that the authentication is working, however the TGT is not being saved. I have modified /etc/pam.d/sshd as follows: %%% # auth authrequiredpam_krb5.so no_warn try_first_pass # account account requiredpam_krb5.so # session session requiredpam_permit.so # password passwordrequiredpam_krb5.so no_warn try_first_pass %%% Which to my mind should allow only kerberos accounts to login. However, sshd happily passes authentication for local-only accounts as well! I do have UsePAM yes in /etc/ssh/sshd_config, although the text suggested this as the default. Not knowing much about pam, is this not the right thing to do? I have tried variations on this but it seems that it's not helping any... Adding a 'ccache' option to the auth line for pam_krb5 didn't help either. Is there an introductory document on PAM available online somewhere? Or better a working setup with pam_krb5 on FreeBSD 5.x/6.x? Thanks, --Stijn -- Nostalgia ain't what it used to be. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
Excuse me for a silly question, but what the hell is UP? I know, what is IP, I know how ifconfig works, but wtf is UP? Rein Giorgos Keramidas wrote: On 2005-08-31 11:02, Ewald Jenisch [EMAIL PROTECTED] wrote: I'm looking for a way to set an interface UP using /etc/rc.conf without giving the interface an IP-address (i.e. neither static nor DHCP) Background: The machine in question has three Ethernet-IFs - one connects to the LAN (and has an IP-address) the other two are used for monitoring traffic via ethereal only. For security reasons I don't want to assign IP-addresses to the two ethereal-only interfaces - but I need them UP. Sure enough I can up these interfaces manually but I want them up at boot-time. I've tried with entries like e.g. ifconfig_fxp1= ifconfig_fxp1=UP in my /etc/rc.conf - none of these work. Try up (lowercase) instead. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ NOD32 1.1205 (20050830) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
On Wed, Aug 31, 2005 at 02:41:45PM +0300, Rein Kadastik wrote: Excuse me for a silly question, but what the hell is UP? I know, what is IP, I know how ifconfig works, but wtf is UP? UP is the state of the interface. You can set an IF up/down to enable/disable the IF. Current state of an interface can be seen with ifconfig, e.g. fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 ^^ Normally an interface is automatically taken up when you give it an IP-address. -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
Thanks, the answer was just too simple for me to figure it out by myself :) Rein Ewald Jenisch wrote: On Wed, Aug 31, 2005 at 02:41:45PM +0300, Rein Kadastik wrote: Excuse me for a silly question, but what the hell is UP? I know, what is IP, I know how ifconfig works, but wtf is UP? UP is the state of the interface. You can set an IF up/down to enable/disable the IF. Current state of an interface can be seen with ifconfig, e.g. fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 ^^ Normally an interface is automatically taken up when you give it an IP-address. -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ NOD32 1.1205 (20050830) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
On Wed, Aug 31, 2005 at 01:36:32PM +0300, Giorgos Keramidas wrote: Try up (lowercase) instead. Thanks much for the hint! This absolutely does the trick - now I've got all my interfaces up ;-) Regards, -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Interrupt Storm Dell PowerEdge 1850
Nicklas B. Westerlund wrote: Alex Zbyslaw wrote: But if you do that, then I believe you will not be able to use the DRAC as a remote console because your virtual keyboard won't work. (not without changing to the ukbd0 from your real keyboard, which pretty much defeats the point of the virtual keyboard i.e. using it automatically from miles away). Which I'd have to prove wrong, as it works great on my end here. Or atleast it did when I tried the DRAC console, after everything was in order.. Ofcourse, I might be wrong. although I doubt it. What version of FreeBSD? AFAIU, FreeBSD only supports one console keyboard, so if you plug in ukbd1 and make it the console, the DRAC on ukbd0 shouldn't work. I'm sure I tried this and that it didn't work, but I'd be happy to be wrong. Are you sure that both your DRAC and USB work at the same time? --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Logo Contest Update?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kris Kennaway Sent: Wednesday, August 31, 2005 1:54 AM To: Josh Ockert Cc: Pratt, Benjamin E.; FreeBSD-Questions; Ted Mittelstaedt Subject: Re: Logo Contest Update? On Tue, Aug 30, 2005 at 10:06:27AM -0400, Josh Ockert wrote: Please refrain from misinformation. But that's so hard for Ted! Hey, I don't even have to try on this one - the lack of updates to the contest website says it all. When a contest can't meet it's own promises it does a far, far better job of discrediting itself than anything I could do. Ted -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 8/30/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rc.conf - setting interface UP without IP-address?
On 31 Srpen 2005, 11:02, Ewald Jenisch napsal(a): Hi, I'm looking for a way to set an interface UP using /etc/rc.conf without giving the interface an IP-address (i.e. neither static nor DHCP) Background: The machine in question has three Ethernet-IFs - one connects to the LAN (and has an IP-address) the other two are used for monitoring traffic via ethereal only. For security reasons I don't want to assign IP-addresses to the two ethereal-only interfaces - but I need them UP. Sure enough I can up these interfaces manually but I want them up at boot-time. I've tried with entries like e.g. ifconfig_fxp1= ifconfig_fxp1=UP in my /etc/rc.conf - none of these work. So what should I configure in /etc/rc.conf in order to get the interfaces UP? BTW - ethereal only recognizes interfaces that are in the UP state. Thanks much in advance for any clue, -ewald Hi, Ewald, I'd try this: ifconfig_fxp1=inet 0.0.0.0 netmask 255.255.255.255 It's not exactly, what you ask for, but could help. I'm not able to test it now, it's only an idea... Pavel Jordak ANF DATA, Prague ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Interrupt Storm Dell PowerEdge 1850
Alex Zbyslaw wrote: What version of FreeBSD? AFAIU, FreeBSD only supports one console keyboard, so if you plug in ukbd1 and make it the console, the DRAC on ukbd0 shouldn't work. I'm sure I tried this and that it didn't work, but I'd be happy to be wrong. Are you sure that both your DRAC and USB work at the same time? Alex, On those machines we're running releng_5_4. But, as I said, I might be wrong. After all, it is quite some time since I tried this. I never tried using both at the same time, but I do know that I set ukbd to 1, to be able to use the console. Then, when I was done and put the machine into pre-production I used the DRAC. (Again, this is what I remember - so I'm not going to argue points before I get a chance to try it again). The question we should ask ourselves though is why anyone would have to use a 'normal' console keyboard, when there's the DRAC console. Nick. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to create *exactly* the same partitions in different disks
Glenn Dawson wrote: At 12:07 AM 8/31/2005, Norberto Meijome wrote: fdisk wants slices to start on a head boundary, and end on a cylinder boundary. if you make start evenly divisible by the number of sectors per track, and make size+start evenly divisible by sectors*heads, fdisk won't change any of the numbers on you. So, for your disk: start / sectors = 332775 you have size specified as 467427240, so: (467427240 + 20964825) / (16 * 63) = 484515.9375 fdisk will treat that as 484515 and do: (16 * 63 * 484515) - 20964825 = 467426295 and use that number as the new size. Thanks for the explanation :) This matches ad6. It would appear that ad4 had the start and end values explicitly set causing it to come out with different numbers. Gotcha. ad6 , ad8 and ad10 (*) , the ones I sliced by hand, follow this rule. ad4 doesn't, which is the one that got created by sysinstall on the initial setup. I told it to create a slice of 10GB. So sysinstall doenst follow the rule? Am I missing something here? I guess i can move all of ad4s1 around to ad6s1, boot off ad6, rebuild ad4s1 and move back in... right? (*) FWIW, all four drives are exactly the same, so the only difference is how the slices were done. ad4: 238475MB WDC WD2500JS-00MHB0 02.01C03 at ata2-master SATA150 ad6: 238475MB WDC WD2500JS-00MHB0 02.01C03 at ata3-master SATA150 ad8: 238475MB WDC WD2500JS-00MHB0 02.01C03 at ata4-master SATA150 ad10: 238475MB WDC WD2500JS-00MHB0 02.01C03 at ata5-master SATA150 Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FTP Permissions
Hi, I'm running FreeBSD 5.4 STABLE and the latest Proftpd. I have a little problem I need help with. I want about 10 users to have access to the same directory/subdirectories on the FTP server and all must be able to upload, delete and retrive (full access) to the files in these directories. I want all users to have different usernames/passwords so I can log them, but all should have full access to the ftp directories. How would I set this up? I've tried making all members of the same group, but I can't overwrite/delete files other uploaded. Any help very much appreciated. Thanks! Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Detailed DNS setup ?
Hello, I'm about to set up named under FreeBSD 5.4. I have read all the documentation, O'Reily book and various sites telling me how to go about things. But I fear that just reading about it and doing it are completely different things. What I would like to do is write a list of things that I need to do in order to have my setup up and running. I would appreciate if you give it a look and point out any mistakes that I might have made. Thank you. Here it goes: 1. In the /etc/rc.conf put the name of my domain as hostname, right ? hostname=kilimdomain.com 2. Then add named_enable=yes also to the /etc/rc.conf ? 3. I'd like to run named in the chrooted directory and handbook's 24.6.8 section has a write up about it. Yet in /etc/defaults/ there is a knob: named_chroot_autoupdate=YES. Does this imply that even if I don't follow the steps in 24.6.8 but just the steps preceding it, in the 24.6.6 up to 24.6.8, will make the named chrooted ? I'd like to get the answer to these questions (well question no. 3. really) before I proceed to write further as the rest of the write up depends on them. Thank you again ! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Interrupt Storm Dell PowerEdge 1850
This may be getting a bit Off Topic, but I always find it annoying when archive thread peter out without any conclusion... Nicklas B. Westerlund wrote: Alex Zbyslaw wrote: What version of FreeBSD? AFAIU, FreeBSD only supports one console keyboard, so if you plug in ukbd1 and make it the console, the DRAC on ukbd0 shouldn't work. I'm sure I tried this and that it didn't work, but I'd be happy to be wrong. Are you sure that both your DRAC and USB work at the same time? Alex, On those machines we're running releng_5_4. But, as I said, I might be wrong. After all, it is quite some time since I tried this. I never tried using both at the same time, but I do know that I set ukbd to 1, to be able to use the console. Then, when I was done and put the machine into pre-production I used the DRAC. (Again, this is what I remember - so I'm not going to argue points before I get a chance to try it again). The question we should ask ourselves though is why anyone would have to use a 'normal' console keyboard, when there's the DRAC console. I may have a chance to test this again, sometime, but the machine is installed remotely now and I don't know if they have a USB keyboard or not :-( If you made ukdb1 the console from the command line, then this would have gone away when the machine was rebooted. Why would you want to do this? 2 reasons I can think of: 1) There actually are sometimes staff at the remote location, and having a keyboard next to the machine makes it easier to use the console at the same time as doing hardware things like inserting CDs. (Note that you can use a local keyboard if you are fiddling with the BIOS, since it's just FreeBSD which forces one keyboard). The same issue affects PS/2 keyboards as well as USB ones, btw. 2) The DRAC keyboard through the Java app is a bit funny. Below is a quick message I wrote (not to this list) summarising my difficulties. The lack of a \ is a pain as there is rarely one on-screen to cut-and-paste. # less difficult since it's usually in some file which has other comments in it already. Neither of those *require* you to use a local keyboard, though. --Alex Here is my experienced behaviour using the Java console applet. Sometimes, when the applet starts you get these key mappings: \ - # | - ~ ALT` - | # - f ~ - F nothing produces \ If you change the mouse acceleration mode you get these instead: \ - \ | - | @ - - @ # - f ~ - F nothing produces # However, BEWARE of changing the mode when in the BIOS, as it seems to make the keyboard stop working. When in FreeBSD with a mouse, you can copy some text with the white cursor, and that seems to make the keyboard work again. That option not available in the BIOS. --Alex PS No way to paste text as yet. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Application layer firewall on FreeBSD, is it possible ?
hey, Daniel Dvořák wrote: We are small wireless community and have shared access to internet for all members. Core members decided to control p2p traffic by default and to allow each person in individual way, after showing their knowledge of authorial low. :) I think you mean copyright law. But since many dc hubs, edonkey servers, bittorents web trackers and so on use dynamic not standard ports, how to control it ? I havent seen any way to control traffic for P2P apps reliably @ the protocol layer, u need to inspect it. Something like snort attached to your firewall, i guess ... though it'd be a reverse IDS (or a reverse IPS, intrusion prevention system, I've seen it called...) a quick search in ports for ids shows: /net/libnids /security/libprelude and other prelude related ports /security/snortms and other snort related ports Linux use l7-filter http://sourceforge.net/projects/l7-filter sourceforge.net/projects/l7-filter sourceforge freeware and , it is based on iptables, defination application protocols like ethereal project do. right - so something like applying ethereal rules to the output of tcpdump and updating the rules in realtime...mind you, many of these apps/protocols are extremely flexible, they'll change how they connect very fast, which will put the load on your firewall So, is there any way to do same application layer osi model firewall with FreeBSD gateway ? i dont see why not...though it's obvious I'm not sure how :) please share the answer when you find it :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP Permissions
Andreas Wideroe Andersen wrote: Hi, hi there, I'm running FreeBSD 5.4 STABLE and the latest Proftpd. I have a little problem I need help with. I want about 10 users to have access to the same directory/subdirectories on the FTP server and all must be able to upload, delete and retrive (full access) to the files in these directories. I want all users to have different usernames/passwords so I can log them, but all should have full access to the ftp directories. How would I set this up? not sure about proftp,sorry. But i'd guess point their home directories to the one place (or add symlinks to this one place...or however you do with proftpd). Make a group, make yourself a member of the group. then set the sticky bit on the folder + other subfolders (man chmod). you may have to modify the umask (as seen by ProFTPd of course...maybe a proftpd setting, guessing here) to make sure the files are mode 660 I've tried making all members of the same group, but I can't overwrite/delete files other uploaded. are you a member of the group? what are the rights of the files? what are the rights of the directory where the files are? cheers, Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: entropy
Hanspeter Roth wrote: Hello, hello, grab a beverage and start reading ;) what is entropy for? http://en.wikipedia.org/wiki/Entropy What are the consequences if one sets rc.conf/entropy_file and rc.conf/entropy_dir to NO? $ grep entropy /etc/defaults/rc.conf entropy_file=/entropy # Set to NO to disable caching entropy through reboots. # /var/db/entropy-file is preferred if / is not avail. entropy_dir=/var/db/entropy # Set to NO to disable caching entropy via cron. entropy_save_sz=2048 # Size of the entropy cache files. entropy_save_num=8# Number of entropy cache files to save. $ apropos entropy random(4)- the entropy device random_harvest(9)- gather entropy from the kernel for the entropy device RAND_add(3), RAND_seed(3), RAND_status(3), RAND_event(3), RAND_screen(3) - add entropy to the PRNG RAND_egd(3) - query entropy gathering daemon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Application layer firewall on FreeBSD, is it possible ?
Norberto Meijome wrote: after reading my own post i realised it wasn't too clear I havent seen any way to control traffic for P2P apps reliably @ the protocol layer, 'I havent seen any way to reliably control traffic for P2P apps by simply looking @ ports + IP protocol' u need to inspect it. you need to analyse the packets. Something like snort attached to your firewall, i guess ... though it'd be a reverse IDS (or a reverse IPS, intrusion prevention system, I've seen it called...) ... which would update/feed rules to the firewall / packet filter. aka proxy...maybe SOCKS would achieve this? (mind you, most p2p apps have settings for socks B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: entropy
Norberto Meijome wrote: Hanspeter Roth wrote: Hello, hello, grab a beverage and start reading ;) what is entropy for? http://en.wikipedia.org/wiki/Entropy http://en.wikipedia.org/wiki/Information_entropy being far more accurate to this thread. Beto, with half a brain correcting the other half... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: heimdal kerberos ssh
OK, I think I figured this out, at least partially: On Wed, Aug 31, 2005 at 01:23:00PM +0200, Stijn Hoop wrote: So it seems that the authentication is working, however the TGT is not being saved. It turns out that you really need to specify the 'ccache' parameter to pam_krb5 but in the correct format: authrequiredpam_krb5.so no_warn try_first_pass ccache=FILE:/tmp/krb5_%u Furthermore, do not test logging in with a user that has both a local account and a kerberos principal -- it may confuse you :-/ For the record here is the /etc/pam.d/sshd that I think works: %%% # auth authrequiredpam_nologin.so no_warn authsufficient pam_opie.so no_warn no_fake_prompts authrequisite pam_opieaccess.so no_warn allow_local authrequiredpam_krb5.so no_warn try_first_pass ccache=FILE:/tmp/krb5_%u # account account requiredpam_krb5.so account requiredpam_login_access.so # session session requiredpam_permit.so # password passwordrequiredpam_krb5.so no_warn try_first_pass %%% However: - I still don't get a valid cache file with a user that also has a local password (manually doing kinit works just fine). This is really strange.. - there's a strange 2-3 second delay when logging in, that I can't explain. It feels like some sort of timeout but I can't figure out what... Anyone recognize this? And again, if there's someone out there with a working setup, I'd love to see the config files. --Stijn -- This sentence contradicts itself -- no actually it doesn't. -- Hofstadter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: GbE NICs besides em (recommendation wanted)
Emanuel Strobl wrote: Thank you for the offer, but I thought people had some simple test results in mind. If you next time use rdump or large NFS transfers to another GbE connected (and fast enough) box just watch the system load (I use systat -vm 1) and see what card causes what interrupt load. em cards can't transfer (real files over FTP/NFS) more than 200mbit/s on a [EMAIL PROTECTED], at this level the system load is 100% of which ~80% is interrupt systemload :( Would device polling help in this case? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: upgrading perl -ports
Please don't top-post. Zan [EMAIL PROTECTED] writes: On Tuesday, August 30, 2005, at 01:30 P:M, Lowell Gilbert wrote: Zan [EMAIL PROTECTED] writes: in my /usr/local/bin I can clearly see that there is a newer version of perl (5.8.0) already there, but when I type 'perl -v' I see that I'm running off of 5.0. Is there anything else I can do besides trying the use.perl port command? Because that doesn't seem to work, and my jail did not come with a ports collection. I would appreciate any help you can give me. Thank you! Please show: uname -m which -a perl uname -m = i386 Oops. I meant uname -a. You're running some 4.x, I guess? which -a perl = /usr/local/bin/perl /usr/bin/perl Okay, explicitly run each of those perl executables to find the version. Something doesn't make sense here, and you may be looking in the wrong direction... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Setting HTTP_PROXY for all users
On Tue, Aug 30, 2005 at 04:32:42PM +0100, Ceri Davies wrote: I want to set HTTP_PROXY for all users on my machine, and I'd like to do it in /etc/login.conf as then it's only in one place. However, I need to put a colon in for the port number and can't see how to escape it so that the entry doesn't get chopped off halfway through. None of these work: :setenv=HTTP_PROXY=www-cache.private.submonkey.net:3128:\ :setenv=HTTP_PROXY=www-cache.private.submonkey.net\:3128:\ :setenv=HTTP_PROXY=www-cache.private.submonkey.net:3128:\ Is there a way to do this, or should I just throw this in /etc/profile and /etc/csh.cshrc instead? \c generates a colon. Documented in getcap(3) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 8 Dane Court Manor School Rd PGP: http://www.infracaninophile.co.uk/pgpkey Tilmanstone Tel: +44 1304 617253 Kent, CT14 0JL UK pgpEnqnEPR5t8.pgp Description: PGP signature
Re: Detailed DNS setup ?
kilim wrote: Hello, I'm about to set up named under FreeBSD 5.4. I have read all the documentation, O'Reily book and various sites telling me how to go about things. But I fear that just reading about it and doing it are completely different things. What I would like to do is write a list of things that I need to do in order to have my setup up and running. I would appreciate if you give it a look and point out any mistakes that I might have made. Thank you. Here it goes: 1. In the /etc/rc.conf put the name of my domain as hostname, right ? hostname=kilimdomain.com 2. Then add named_enable=yes also to the /etc/rc.conf ? 3. I'd like to run named in the chrooted directory and handbook's 24.6.8 section has a write up about it. Yet in /etc/defaults/ there is a knob: named_chroot_autoupdate=YES. Does this imply that even if I don't follow the steps in 24.6.8 but just the steps preceding it, in the 24.6.6 up to 24.6.8, will make the named chrooted ? I'd like to get the answer to these questions (well question no. 3. really) before I proceed to write further as the rest of the write up depends on them. Thank you again ! BIND in FreeBSD 5.X is version 9, and is already set up in a sandbox (e.g., chrooted to /var/named). Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Detailed DNS setup ?
On Wed, Aug 31, 2005 at 08:44:35AM -0500, Kevin Kinsey wrote: kilim wrote: I'm about to set up named under FreeBSD 5.4. snip BIND in FreeBSD 5.X is version 9, and is already set up in a sandbox (e.g., chrooted to /var/named). Hi, so I guess I just need to follow the section 24.7[1] of the handbook to the letter, substituting the example.com with my own domain name ? And I should be fine ? [1]the url is: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bind9.html Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
martin hudec wrote: Hello, I am using portsnap to update my ports tree like following: 1. Calling portsnap cron from root's cron 2. Updating ports tree using portsnap -I update from root's cron But it does not update anything by portsnap cron. In /usr/local/etc/portsnap.conf I have: WORKDIR=/usr/local/portsnap PORTSDIR=/usr/ports Files in WORKDIR are dated to Aug 25. So I assume calling portsnap cron results in failure (both with -f /usr/local/etc/portsnap.conf or without it). Can anyone advise me on this one please? Not sure. Check the logs, etc. If you're familiar with ktrace, kdump, etc., you could follow the program's progress if you find no log information. How are you calling the program from cron(8)? I'm sure that you are aware of cron's limited environment; one result of this is that you generally need to supply full pathnames to any command you want cron(8) to run for you. Is cron sending you any mail about this job? Grasping at straws, Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: broken getopt
Robert Fitzpatrick [EMAIL PROTECTED] writes: On Tue, 2005-08-30 at 14:25 -0400, Lowell Gilbert wrote: Robert Fitzpatrick [EMAIL PROTECTED] writes: Aug 29 11:11:10 esmtp postfix/master[67333]: warning: /usr/local/libexec/postfix/pipe: bad command startup -- throttling Aug 29 11:11:51 esmtp postfix/master[67333]: warning: /usr/local/libexec/postfix/local: bad command startup -- throttling Why do you think this is a getopt problem? It looks a problem in a configuration file. Check postconf -n. Thanks, what makes you think that? Well, bad command startup implies something of the sort. getopt problems *could* cause problems interpreting startup configuration, but there are many other possibilities. I'm not really an expert on Postfix, but at least I do have access to a copy of The Book of Postfix. Which tells me very little for this case except that maybe running the post-install script might be advised. However, that script can edit some config files, including main.cf, so be very careful if you use it. Here it is with only my networks altered, maybe something needs to be adjusted since the last upgrade? I went through the release notes and did the portupgrade from 2.1 to 2.2, perhaps the TLS support changes are effecting something? Possible, but I wouldn't expect failures until after startup. esmtp# postconf -n body_checks = regexp:/etc/postfix/body_checks command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix This means that main.cf is in the /usr/local/etc/postfix directory, while the body_checks map file is in /etc/postfix. Is that right? For testing, you might want to simplify your configuration to see if the errors go away. Good luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
Hello, On Wed, Aug 31, 2005 at 08:54:31AM -0500 or thereabouts, Kevin Kinsey wrote: Not sure. Check the logs, etc. If you're familiar with ktrace, kdump, etc., you could follow the program's progress if you find no log information. /var/log/cron reports me that cronjob was done. No I am not familiar with ktrace, kdump etc. How are you calling the program from cron(8)? I'm sure that you are aware of cron's limited environment; one result of this is that you generally need to supply full pathnames to any command you want cron(8) to run for you. I am aware of cron's limited environment, but full paths are provided. Is cron sending you any mail about this job? None at all, although every cron is sending me reports. First, I tell my custom script (with environment set by PATH=) to call portsnap fetch portsnap update, but he is unable to fetch anything at all, therefore I started to use portsnap cron and I hoped to be able to fetch it. -- martin hudec * 421 907 303 393 * [EMAIL PROTECTED] * http://www.aeternal.net Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws. Douglas Adams, The Hitchhiker's Guide to the Galaxy pgpK6IoSBFXi9.pgp Description: PGP signature
Timezone isn't setting to EST corectly, ntp doesn't help
I'm connected to a remote machine located in NJ and ran /usr/sbin/sysinstall and set the timezone to Eastern Time, but the clock is displaying 2:30PM or so when it is only 10:44AM here. I tried ntp but that didn't work as well. Does anyone have any idea what's wrong? Thanks. -- Robert G. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Setting HTTP_PROXY for all users
On Wed, Aug 31, 2005 at 02:41:39PM +0100, Matthew Seaman wrote: On Tue, Aug 30, 2005 at 04:32:42PM +0100, Ceri Davies wrote: I want to set HTTP_PROXY for all users on my machine, and I'd like to do it in /etc/login.conf as then it's only in one place. However, I need to put a colon in for the port number and can't see how to escape it so that the entry doesn't get chopped off halfway through. None of these work: :setenv=HTTP_PROXY=www-cache.private.submonkey.net:3128:\ :setenv=HTTP_PROXY=www-cache.private.submonkey.net\:3128:\ :setenv=HTTP_PROXY=www-cache.private.submonkey.net:3128:\ Is there a way to do this, or should I just throw this in /etc/profile and /etc/csh.cshrc instead? \c generates a colon. Documented in getcap(3) Thanks; I could have sworn I read that manpage too! Cheers, Ceri -- Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.-- Einstein (attrib.) pgprjkwa5U1pz.pgp Description: PGP signature
Re: /etc/profile and PATH
Miguel Cárdenas [EMAIL PROTECTED] writes: I tried to setup PATH in ~/.profile and now is updated but how can I setup this variable system wide? specifically want to add the Qt and MySQL binary directories to the PATH... Yeah, man login.conf, but it's heavy reading which I suspect many people avoid by over-riding whatever it sets in the startup scripts of the shells they use. So man sh, man csh, etc. You're probably looking for /etc/profile, at least. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Mounting a RHLinux 7.1 partition
Good morning everyone, Due to a hardware failure on my RHLinux 7.1 gateway, I have chosen to install FreeBSD 5.4 as my new gateway's operating system. The hard drive didn't die fortunately, as I did test it on another system to make sure it booted, and aside from kudzu complaining about some new and missing hardware, everything was there. Once I had FreeBSD 5.4 set up, I put the RHLinux drive in the FreeBSD machine as primary slave. Manually mounting the drive didn't seem to work since I could find which /dev/ entry the RHLinux drive ended up on, and of course fdisk wouldn't help for the same reason. So I pulled the RHLinux drive from the FreeBSD machine, set it up as primary master on another machine, and was going to do the necessary file copies over the network. However, now it boots up with the FreeBSD menu, giving me one option (F1) to boot FreeBSD, and pressing F1 yields a beep from the PC speaker, and no boot. What happened to my RHLinux MBR and how can I either: 1) restore the MBR or 2) retrieve my data? Thanks in advance, -- Isaac Grover, Owner Quality Computer Services of River Falls, Wisconsin Computer Consulting, Networking, Maintenance, and more. Commercial and Residential Inquiries Welcomed. Web: http://www.qcs-rf.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mail malady - dns/postfix
Greetings all, On my network, we used to have some NT box acting as the mail exchanger and a faulty dns for our domain. That box has nearly crumbled. It's still active, but no longer accepting mail. I set up a computer (called galley) with 5.4 and it is (supposedly) running authoritative dns for our domain, and is handling mail via postfix. Since I changed the dns, I alerted our registrar, which was originally doing lookups for us. The problem is, now local citizens are trying to send mail to us, but they are getting bounce messages reporting that it couldn't talk to otto, the old NT box. Here is my /etc/namedb/named.conf : // $FreeBSD: src/etc/namedb/named.conf,v 1.15.2.3 2005/03/23 17:35:58 dougb Exp $ // options { directory /etc/namedb; allow-query { any; }; recursive-clients 15000; pid-file /var/run/named/pid; forwarders { 209.42.72.2; }; }; zone . { type hint; file named.root; }; zone 0.0.127.IN-ADDR.ARPA { type master; file localhost.rev; }; /* zone domain.com { type slave; file s/domain.com/bak; masters { 192.169.1.1; }; }; zone 0.168.192.in-addr.arpa { type slave; file s/0.168.192.in-addr.arpa.bak; masters { 192.168.1.1; }; }; */ zone usd217.org { type master; file db.usd217.org; }; zone 72.42.209.in-addr.arpa { type master; file usd217-reverse; }; key rndc-key { algorithm hmac-md5; secret VR7Bsxrqrrtf38pGNzog1A==; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; }; }; And here is my /etc/namedb/localzone: ; Definition of zone usd217.org $TTL 1d usd217.org. IN SOA galley.usd217.org techcoord.usd217.org. ( 2005082601 ; Serial (date, 2 digit version of day) 1d ; refresh 1h ; retry 100d; expire 1h ); negative cache entry ; name servers IN NS ns ; MX records IN MX 50 galley.usd217.org. ns IN A209.42.72.2 ; Host localhost IN A127.0.0.1 galley IN A209.42.72.2 bess-proxy IN A209.42.72.247 ottoIN A209.42.72.250 ; nickname www IN CNAMEgalley ftp IN CNAMEgalley There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. Any other conf's I should show? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mouse wheel problem
On Tue, 30 Aug 2005 11:57:18 -0500 Efren Bravo [EMAIL PROTECTED] wrote: Hi, I've written on /etc/rc.conf : moused_port=/dev/psm0 moused_flags=-r high -z 4 moused_type=auto moused_enable=YES and on /etc/X11/xorg.conf Section InputDevice Identifier Mouse0 Driver mouse Option Protocol auto Option Device /dev/sysmouse Option Buttons 5 Option ZAxisMapping 4 5 EndSection But the scrollwheel doesn't work. I've tried with Kde's Applications. Have I a bad configuration? Thanks... Hello, It works for me without the ZAxisMapping option (and the same options in rc.conf): Identifier Mouse1 Driver mouse Option Protocol Auto Option Device/dev/sysmouse Option Buttons 5 Best Regards, Ale ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Timezone isn't setting to EST corectly, ntp doesn't help
Robert G. wrote: I'm connected to a remote machine located in NJ and ran /usr/sbin/sysinstall and set the timezone to Eastern Time, but the clock is displaying 2:30PM or so when it is only 10:44AM here. I tried ntp but that didn't work as well. Does anyone have any idea what's wrong? Your BIOS clock is probably set to keeping time in the local timezone rather than in GMT. ntpd won't correct a multi-hour offset without being nudged. You can run ntpdate -b to step the clock by the four hours, or use date to set it to something close by hand, and then run ntpd from there. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Perl 5.8.7 port requires libm.so.4
On Wed, Aug 31, 2005 at 04:52:22AM -0400, Kris Kennaway wrote: On Tue, Aug 30, 2005 at 01:27:07PM -0500, Will Maier wrote: Indulge a newb, then: how did that come about? I'm still figuring out port and packages and how they relate to the different releases. Do you mean that my portsnap'd ports tree is ~= 6.X and my system is ~=5.X? Is that inevitable? Is that a Bad Thing? There was a temporary snafu that caused the 5.x packages to be replaced by 6.x packages, which is now fixed. Delete the package and retry. Thanks for the update; I was able to get everything working by rebuilding the entire ports tree using portupgrade: # portupgrade -fvarR I'm not sure if rebuilding itself did the trick or I got updated/fixed ports, but I'm quite fine now. Thanks for resolving the issue. -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] | | [EMAIL PROTECTED] | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Jerod Prothe wrote: The problem is, now local citizens are trying to send mail to us, Jerod, pls define 'local citizens'. My view of local is surely different to yours. but they are getting bounce messages reporting that it couldn't talk to otto, the old NT box. yup, # telnet otto.usd217.org 25 Trying 209.42.72.250... telnet: Unable to connect to remote host: Connection refused BTW: whois usd217.org [...] Name Server:GALLEY.USD217.ORG Name Server:OTTO.USD217.ORG From Sydney, AU, the DNS records seem to have propagated: $ nslookup.exe Default Server: x Address: 10.168.100.10 set type=ns usd217.org Non-authoritative answer: Server: x Address: 10.168.100.10 usd217.org nameserver = otto.usd217.org usd217.org nameserver = galley.usd217.org otto.usd217.org internet address = 209.42.72.250 galley.usd217.org internet address = 209.42.72.2 and MX: usd217.org mail exchanger = 50 galley.usd217.org. but from TX,USA: # nslookup set type=ns usd217.org Server: 207.218.192.38 Address:207.218.192.38#53 usd217.org nameserver = rolla.usd217.org. usd217.org nameserver = ns1.pld.com. usd217.org nameserver = ns2.pld.com. usd217.org nameserver = pta6000.pld.com. and MX: usd217.org MX preference = 10, mail exchanger = otto.usd217.org otto.usd217.org internet address = 209.42.72.251 so it seems that, to begin with, you have some inconsistency in what we can see of your network, the answers i'm seeing from this USA-based NS being the old ones. Notice that from USA, I'm getting MX pointing to otto., which it seems not to be taking connections on tcp/25. galley OTOH smtp listening on tcp/25. There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. this doesnt seem at all a problem of 'MS is better than OS' or otherwise (wont enter in that argument anyway) - just DNS not propagated yet, and not much you can do about that but to wait it out, other than giving otto's IP to galley for the time being so all smtp traffic goes to the box that is working. Next time, you may want to reduce your refresh settings in your zone before you perform a drastic change. Any other conf's I should show? I'm not too sure the exact configuration you have / intend to have. do you want galley to forward emails to otto? regards, beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP Permissions
Hi, I'm running FreeBSD 5.4 STABLE and the latest Proftpd. I have a little problem I need help with. I want about 10 users to have access to the same directory/subdirectories on the FTP server and all must be able to upload, delete and retrive (full access) to the files in these directories. I want all users to have different usernames/passwords so I can log them, but all should have full access to the ftp directories. How would I set this up? I've tried making all members of the same group, but I can't overwrite/delete files other uploaded. Not sure exactly how you configure it in proftpd, but make those 10 users part of the same *primary* group (ie, the one in /etc/passwd) then set their umask so that newly created files are group read/write. I think (but am not sure) that you might be able to do this through proftpd. I know that in samba, I can force new files/directory permissions regardless of the user's umask. good luck. -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Interrupt Storm Dell PowerEdge 1850
You sir, are a genius. Fixed John On Aug 27, 2005, at 6:42 AM, Nicklas B. Westerlund wrote: John Straiton wrote: Hello, I am attempting to install 5.4R on a brand new Dell PowerEdge 1850 machine. The installation goes perfectly however after the reboot, I am unable to log into the machine (or in this case, create the entropy salt) John, Let me take a quick guess.. You've got the DRAC4 card installed? If you do, that's why the keyboard doesn't work, as it defaults to the DRAC4 one (Although it's only a virtual keyboard). If that's the case, just go to singleuser, and change devd.conf and change ukbd0 to ukbd1. Nick. John Straiton [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Detailed DNS setup ?
kilim wrote: On Wed, Aug 31, 2005 at 08:44:35AM -0500, Kevin Kinsey wrote: kilim wrote: I'm about to set up named under FreeBSD 5.4. snip BIND in FreeBSD 5.X is version 9, and is already set up in a sandbox (e.g., chrooted to /var/named). Hi, so I guess I just need to follow the section 24.7[1] of the handbook to the letter, substituting the example.com with my own domain name ? And I should be fine ? [1]the url is: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bind9.html Thanks I'd say that's a great place to start. How you use BIND kinda depends on your goals, from my experience. Do note that the page you cite does not describe setting up a master server for serving authoritative DNS info to the Internet at large; it does state that you should read the previous page for more information (where, at the very least, the subject is given a more complete overview, and some fairly good detail). One real important detail, from my experience: when setting those TTL numbers in zone files, make Real Sure(tm) you don't put in any extra digits. :-) KDK ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Norberto Meijome wrote: Jerod, pls define 'local citizens'. My view of local is surely different to yours. Good question: local as in residents down the street in the same small town yup, # telnet otto.usd217.org 25 Trying 209.42.72.250... telnet: Unable to connect to remote host: Connection refused BTW: whois usd217.org [...] Name Server:GALLEY.USD217.ORG Name Server:OTTO.USD217.ORG From Sydney, AU, the DNS records seem to have propagated: $ nslookup.exe Default Server: x Address: 10.168.100.10 set type=ns usd217.org Non-authoritative answer: Server: x Address: 10.168.100.10 usd217.org nameserver = otto.usd217.org usd217.org nameserver = galley.usd217.org otto.usd217.org internet address = 209.42.72.250 galley.usd217.org internet address = 209.42.72.2 and MX: usd217.org mail exchanger = 50 galley.usd217.org. but from TX,USA: # nslookup set type=ns usd217.org Server: 207.218.192.38 Address:207.218.192.38#53 usd217.org nameserver = rolla.usd217.org. usd217.org nameserver = ns1.pld.com. usd217.org nameserver = ns2.pld.com. usd217.org nameserver = pta6000.pld.com. and MX: usd217.org MX preference = 10, mail exchanger = otto.usd217.org otto.usd217.org internet address = 209.42.72.251 Otto is not supposed to handle mail for our domain AT ALL. It shouldn't be. Our ISP does want to have our MX records since they do not host our dns, at least that was what their representative said when I told her of my network changes. so it seems that, to begin with, you have some inconsistency in what we can see of your network, the answers i'm seeing from this USA-based NS being the old ones. Notice that from USA, I'm getting MX pointing to otto., which it seems not to be taking connections on tcp/25. galley OTOH smtp listening on tcp/25. There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. this doesnt seem at all a problem of 'MS is better than OS' or otherwise (wont enter in that argument anyway) - just DNS not propagated yet, and not much you can do about that but to wait it out, other than giving otto's IP to galley for the time being so all smtp traffic goes to the box that is working. I'm not making it out to be an os holy war, but the powers that be say but we've always used Windows, why use something else? Next time, you may want to reduce your refresh settings in your zone before you perform a drastic change. Any other conf's I should show? I'm not too sure the exact configuration you have / intend to have. do you want galley to forward emails to otto? galley should be the sole handler of mail, coming and going. Otto should have nothing to do with our services anymore. Notice that I'm able to send and receive to this list without any trouble. My computer (this is my first month at this job) was statically set to use otto for lookups. So is every other computer at my employment. I know I'll need to change everyone's settings (probably a Labor Day weekend project.) regards, beto I really do appreciate your response. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Jerod Prothe wrote: Greetings all, On my network, we used to have some NT box acting as the mail exchanger and a faulty dns for our domain. That box has nearly crumbled. It's still active, but no longer accepting mail. I set up a computer (called galley) with 5.4 and it is (supposedly) running authoritative dns for our domain, and is handling mail via postfix. Since I changed the dns, I alerted our registrar, which was originally doing lookups for us. The problem is, now local citizens are trying to send mail to us, but they are getting bounce messages reporting that it couldn't talk to otto, the old NT box. [config snipped] There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. Any other conf's I should show? At a glance (not thorough inspection) your config looked OK. Expire time of 100 days seems a bit long. When I nslookup MX for your domain, I get the addr of your new server galley, so no apparent problem there (although I see from a follow-up post that some folks are getting MX = otto, and *that* is your problem in a nutshell). If otto is no longer providing any services to the outside world, how about just indicating via DNS that otto is CNAME to galley? -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Greg Barniskis wrote: Jerod Prothe wrote: Greetings all, On my network, we used to have some NT box acting as the mail exchanger and a faulty dns for our domain. That box has nearly crumbled. It's still active, but no longer accepting mail. I set up a computer (called galley) with 5.4 and it is (supposedly) running authoritative dns for our domain, and is handling mail via postfix. Since I changed the dns, I alerted our registrar, which was originally doing lookups for us. The problem is, now local citizens are trying to send mail to us, but they are getting bounce messages reporting that it couldn't talk to otto, the old NT box. [config snipped] There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. Any other conf's I should show? At a glance (not thorough inspection) your config looked OK. Expire time of 100 days seems a bit long. When I nslookup MX for your domain, I get the addr of your new server galley, so no apparent problem there (although I see from a follow-up post that some folks are getting MX = otto, and *that* is your problem in a nutshell). If otto is no longer providing any services to the outside world, how about just indicating via DNS that otto is CNAME to galley? CNAME to galley? That's a good idea. I changed it and reduced the expire time to 10d (I got it out of the Lehey Complete FreeBSD book). I wonder why it is that Australia has updated but a US State has not? Thanks for your help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Jerod Prothe wrote: Norberto Meijome wrote: Jerod, pls define 'local citizens'. My view of local is surely different to yours. Good question: local as in residents down the street in the same small town :) it's not so much an issue of physical proximity but network , which isps,etc. [] and MX: usd217.org MX preference = 10, mail exchanger = otto.usd217.org otto.usd217.org internet address = 209.42.72.251 Otto is not supposed to handle mail for our domain AT ALL. It shouldn't be. Well, it isn't (as the telnet otto 25 test shows, there's nothing listening, unless there's a firewall blocking that port). The real problem is that some computers/servers haven't noticed the change in the DNS records yet. i.e., when they try to find out the MX for usd217.org they'll get : usd217.org MX preference = 10, mail exchanger = otto.usd217.org which is obviously wrong. these are DNS servers serving requests for other people. These servers have learnt your zone with the old data and obviously they haven't udpated yet as the data hasn't expired yet,as defined in your SOA. Our ISP does want to have our MX records since they do not host our dns, at least that was what their representative said when I told her of my network changes. I assume is 'does *not* want'...yeah, they can be like that. ::shrug:: their business, they must have their (right/wrong) reasons. so it seems that, to begin with, you have some inconsistency in what we can see of your network, the answers i'm seeing from this USA-based NS being the old ones. Notice that from USA, I'm getting MX pointing to otto., which it seems not to be taking connections on tcp/25. galley OTOH smtp listening on tcp/25. There may be more at stake here: If this doesn't work well, then any credibility that I have with my employer concerning using open-source may be exhausted. this doesnt seem at all a problem of 'MS is better than OS' or otherwise (wont enter in that argument anyway) - just DNS not propagated yet, and not much you can do about that but to wait it out, other than giving otto's IP to galley for the time being so all smtp traffic goes to the box that is working. I'm not making it out to be an os holy war, but the powers that be say but we've always used Windows, why use something else? :) dont go there. just ignore that comment about MS/others and make sure you understand the DNS issue at hand. I'll say this again: not much you can do about that but to wait it out, other than giving otto's IP to galley for the time being so all smtp traffic goes to the box that is working. over time (depending on your SOA) this will get fixed. galley should be the sole handler of mail, coming and going. Otto should have nothing to do with our services anymore. otto is still listed as your NS in the 'updated' zone, and in your whois info. Notice that I'm able to send and receive to this list without any trouble. My computer (this is my first month at this job) was statically set to use otto for lookups. So is every other computer at my employment. I know I'll need to change everyone's settings (probably a Labor Day weekend project.) why not use DHCP? one change only in all the clients (change from static to dhcp and you're set, centrally manage your tcpip settings). Just make sure you a) test your settings before releasing ; b) start with a short dhcp lease (10 minutes? 30 ? depending on number of hosts , load,etc), so problematic settings can 'go away' quicker. Same applies for dns, as you have noticed ;) I really do appreciate your response. np :) Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Jerod Prothe wrote: CNAME to galley? That's a good idea. this will only affect those who have an updated record of your zone and can see that new record. For those that still think that MX is otto on it's real(old) IP, the CNAME wont help them a bit. Assigning otto's public IP to galley will fix this problem. Also, you may want to make triple sure the serial of your zone gets updated with every change...else downstream DNS servers wont necessarily pickup the changes. I changed it and reduced the expire time to 10d (I got it out of the Lehey Complete FreeBSD book). I wonder why it is that Australia has updated but a US State has not? because i never looked up your zone before, so when I just did it, it had to go to the authoritative server to look it up. that info is correct, hence what I can see is correct. and for your own sake, if your servers can take it, i'd reduce those 10d to whatever delay you are willing to put up with for updates in your zone. I just beef up the DNS server and set it to 20 minutes - which equates to almost full propagation in about an hour or so (with most of the traffic updated within 30 minutes). **YMMV**. Best, beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
martin hudec wrote: Hello, On Wed, Aug 31, 2005 at 08:54:31AM -0500 or thereabouts, Kevin Kinsey wrote: Not sure. Check the logs, etc. If you're familiar with ktrace, kdump, etc., you could follow the program's progress if you find no log information. /var/log/cron reports me that cronjob was done. No I am not familiar with ktrace, kdump etc. man ktrace man kdump in a nutshell: ktrace shows the kernel calls that a process is executing. It creates a dump file which you can view with kdump. similar (better actually) than strace and whatever other ?trace found in linux. First, I tell my custom script (with environment set by PATH=) to call portsnap fetch portsnap update, but he is unable to fetch anything at all, therefore I started to use portsnap cron and I hoped to be able to fetch it. then it seems it's a portsnap problem and not cron...get it working in your normal shell first and then focus on automating it. (btw, what's wrong with (cd /usr/ports/ ; make update) , or a cvsup cmd line?) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to get /etc/ssh back
Thanks! I installed openssh-portable and that worked. I did have to create symlinks from /etc/ssh to /usr/local/etc/ssh and /usr/sbin/sshd to /usr/local/sbin/sshd. In my case, the sshd_program line in /etc/rc.conf didn't force the system to use the portable sshd as opposed to the base. Thus, I commented out the line and just used a symlink. Thanks, again! Sean [EMAIL PROTECTED] wrote: On Tue, 30 Aug 2005 16:04:32 -0500 Sean P. Malone [EMAIL PROTECTED] wrote: I mistakenly deleted /etc/ssh along with all of the keyfiles and, most importantly, ssd_config. I was attempting to completely remove/reinstall openssh. I've tried both the port and package. The install program doesn't complain that there is no /etc/ssh. I had assumed that it would create it but it evidently does not. The system does ask for entropy upon the next reboot but the generation of the keys and startup of sshd fail since there is no /etc/ssh. If the install program doesn't create /etc/ssh, what does and how do I get it back? first of all, /etc/ssh is the config-home of the base ssh that comes with FreeBSD by default (so you can use make world to get it back) however the openssh-portable port is storing these config-files in /usr/local/etc/ssh, if you want to switch to the port instead of the base-system ssh, then do the following : sshd_enable=YES sshd_program=/usr/local/sbin/sshd (see also : /usr/share/examples/etc/defaults/rc.conf) after this is working well, imo it's a good idea to remove /usr/sbin/sshd and /usr/bin/ssh* and /etc/ssh (or replace them with symlinks to the port-binaries etc.) HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 3ware raid disks requiring fsck ing,
I have started getting failures on a freebsd 4.x machine running 3ware card, the machine had been crashing from time to time, and it crashed and would not reboot saying noufs. Replacing the 3ware card ( a 7002 I think, the older 2 port ones) with a 7006 fixed this issue, but since then I have been getting crashes every few weeks/months, where the machine needs to do fsck's on the file partiitions, to come back to life. this is odd for a raid system, and didn't seem to happen before. I am thinking perhaps there is a hardware issue on this machine, and perhaps it fails under load ? does anyone have any experience of this? might the change of card be significant ? kind regards, Gerald de la Pascua ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Norberto Meijome wrote: Jerod Prothe wrote: CNAME to galley? That's a good idea. this will only affect those who have an updated record of your zone and can see that new record. For those that still think that MX is otto on it's real(old) IP, the CNAME wont help them a bit. Assigning otto's public IP to galley will fix this problem. Doh! /me thwacks self with clue stick... so obvious, especially when we did exactly that on our last mail server replacement, in order to avoid this very problem. Also, you may want to make triple sure the serial of your zone gets updated with every change...else downstream DNS servers wont necessarily pickup the changes. I changed it and reduced the expire time to 10d (I got it out of the Lehey Complete FreeBSD book). I wonder why it is that Australia has updated but a US State has not? Hard to say, but as far as a management discussion goes, it is clear that this problem has really nothing to do with your selection of FreeBSD as DNS/mail host, and (barring better failsafe procedures like IP number migration) would have occurred regardless of the OS chosen. The problem as such is 3rd party systems you can't control. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Proliant 5000 sever Fbsd 5.4 (re)boot problem
On Wed, 2005-08-31 at 00:21, Vizion wrote: On Tuesday 30 August 2005 13:31, the author Robert Slade contributed to the dialogue on- Re: Proliant 5000 sever Fbsd 5.4 (re)boot problem: On Tue, 2005-08-30 at 21:20, Vizion wrote: On Tuesday 30 August 2005 13:22, the author Robert Slade contributed to the dialogue on- Re: Proliant 5000 sever Fbsd 5.4 (re)boot problem: On Tue, 2005-08-30 at 20:10, Vizion wrote: On Tuesday 30 August 2005 12:05, the author Robert Slade contributed to the dialogue on- Proliant 5000 sever Fbsd 5.4 (re)boot problem: Hiya, I've been working on this beasty on and off for some time. It's a Quad processor 1 Gbyte of memory and 5 scsi drives using the 2p raid controller setup as 2 raid arrays + 1 spare. The machine works fine with 5.4 release #0 with the supplied generic kernel. The problem(s) I have been having are: 1. When I recompiled the Kernel with SMP support, I get random reboots. It also fails to boot sometimes failing at the point after waiting for the scsi drives to settle. I get some error codes and Fbsd fails to find the boot device. 2. I CVSuped to 5.4 release #2 and recompiled the Kernel with SMP support. This does to boot at all. It gets as far as the waiting 15s for scsi devices to settle, then (appears to) reset the scsi controller and immediately tries to access the drives (does not wait). I have tried recompiling with scsi_delay set to 3 (30s) with no change. I have checked dmesg and message logs but there is nothing related to the problem(s) there. I have gone back to the 5.4 release #0 single processor kernel for now which is a shame as the machine is slow without the multi processor support. The only thing out of the ordinary I have noted is a tx underunn -- increasing threshold to 512 bytes message which appears related to running kde remotely via vncserver and tinync. Any ideas, I can send conf files etc if needed. Thanks Rob What are your bios setting? My guess is that you have not made the right setting using the siftware and configuration utilities david David, Thanks. The BIOS setting appear ok - OS type is set as UNIX (Small disk geometry) and the machine passes all the diagnostics. Rob I cannot remember - but I have sneaking notion that you need to set it as linux Tried that too :-). I think that the problem is that with 5.4 release #2 it is trying to access that scsi drives immediately then inducing the kernel panic for 15s. Rather than inducing the panic 1st. Rob Did you follow my suggestion and search the HP resources with freebsd and your model. I have had the same problem myself I am pretty certain it was fixed by changes using the Proliant Essrntial Foundation Pack.. but my memory may not be accurate. david David, I did update the system and controller ROMs whne the machine was running windows. I have been on the HP site and as far as I can tell I have the latest. Rob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
On Wed, Aug 31, 2005 at 04:08:46PM +0200, martin hudec wrote: First, I tell my custom script (with environment set by PATH=) to call portsnap fetch portsnap update, but he is unable to fetch anything at all, therefore I started to use portsnap cron and I hoped to be able to fetch it. So what happens when you run: # /usr/local/sbin/portsnap fetch # /usr/local/sbin/portsnap update on the command line? Your portsnap.conf seems like it might be missing the GPG keyprint for the update distributor. I wonder what errors you get. Have you ever run `portsnap extract`? -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] | | [EMAIL PROTECTED] | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is there a way to connect to a Microsoft VPN?
WOB wrote: I use /usr/ports/net/pptpclient to connect to a MS VPN endpoint and /usr/ports/net/rdesktop to Remote Desktop to my XP machine at the office. Works great. This sounded like what I needed to do. When I run the pptp client, it doesn't appear to do anything. I did the following: cd /usr/ports/net/pptpclient make install clean cd /usr/ports/net/rdesktop make install clean rehash I found these instructions at FreeBSD Diary and tried to follow them: http://www.freebsddiary.org/pptp.php My connection information is as follows: My workplace's outside VPN Name: vpn.wobs-work.com My workplace's outside VPN external IP: 100.200.300.16 My workplace Username: wob My workplace Password: wobpassword My Workplace's Windows XP Pro PC: 5.10.15.79 My Workplaces Internal Subnet: 5.10.15.x My home FreeBSD's IP: 192.168.1.25 My FreeBSD's machine NIC: fxp0 My home router's IP: 192.168.1.1 So I made a /etc/ppp/ppp.conf file: WORKVPN: set authname wob If you are authenticating against a domain change the above to set authname domain\\wob set authkey wobpassword My auth key is in double quotes. Possibly due to enclosed punctuation I forget. So try: set authkey wobpassword set timeout 0 set ifaddr 0 0 add 100.200.300.16/24 HISADDR change the above add to: add 5.10.15.0/24 HISADDR Should be the subnet you will be given an IP address on. Use appropriate mask. alias enable yes Then I ran it as root: cd /etc/ppp /usr/local/sbin/pptp vpn.wobs-work.com WORKVPN The above is what I do although I use the IP address. Name 'should' work assuming name resolution is good. The program seems to run for about 5 seconds, then returns to shell prompt. I then tried: /usr/local/sbin/pptp vpn.wobs-work.com WORKVPN --loglevel 2 and: /usr/local/sbin/pptp 100.200.300.16 WORKVPN --loglevel 2 But it still did not print out anything. ifconfig tun0 displays: tun0: flags=8010POINTOPOINT,MULTICAST mtu 1500 I think I might have to add a route command once the tunnel is up. My route should be taken care of for you. understanding is, is that the pptp client is not supposed to return to the shell prompt until I cancel it with a CTRL-C. true enough. Or you can background it and kill it later. Though I had mixed results (cores on occasion) killing it manually. But it always ran fine while up and running. I normally use my home Windows XP Pro box to connect to my works VPN, and then use RemoteDesktop to connect to my Work PC - so I know the connections work under Windows. I want to get rid of my home Windows box. Any suggestions? I'm kinda new, but I am trying to learn. once its up and running, your rdesktop command will look like: rdesktop -f -a 16 ip_address - or if like me you run it on alt port - rdesktop -f -a 16 ip_address:port machine names of course work with functional name resolution. -- Regards, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Jerod Prothe wrote: Norberto Meijome wrote: Jerod Prothe wrote: Norberto Meijome wrote: Jerod, pls define 'local citizens'. My view of local is surely different to yours. [...] Actually the ones complaining are the ones in the same domain as our ISP. Meaning, pld.com (the one and only ISP in the area) subscribers are having trouble emailing staff here. well, you could ask your ISP to make sure they have expired your zone if they haven't. you can easily test by doing nslookup - [your_isp's_NS] which will force nslookup to query that server. I've known ISPs that ignore the settings in SOAs and set their ownwhich is a real pain. Still that doesn't help with those others that haven't updated yet, so they are going to otto's IP for SMTP service. make that IP the one that galley uses (as well as galley's real...). or just wait it out...though for 100 days that wait will be long. I would definitely check whether your ISP's NS is playing along nicely. over time (depending on your SOA) this will get fixed. What are good values to have for refresh/expire/retry times in zone files? I would very much like to have other's records concerning my network to be up-to-date. well, it really all depends to what delay you're happy to live with. from memory: Refresh is the one that tells non-authoritative (downstream) DNS servers when to refresh the data. expire when to consider it too old to serve it at all (in case your authoritative is down) retry is how often to try to get the real info from your authoritative server. so refresh is the one you really want to focus on for when things work ok, and the others for when your server is in trouble ;). I'd say it roughly takes 2 times refresh time for propagation to most the network (from experience, could be completelly wrong). It also depends on how much your zone is cached of course (how many users request this zone determines how many non-auth servers you need to worry about). As I said, I've set some high traffic zones to 20 minutes refresh and it works really well for us - YMMV B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
Hello, On Thu, Sep 01, 2005 at 02:07:57AM +1000 or thereabouts, Norberto Meijome wrote: man ktrace man kdump in a nutshell: ktrace shows the kernel calls that a process is executing. It creates a dump file which you can view with kdump. similar (better actually) than strace and whatever other ?trace found in linux. Hmmm, thanks for info, this kstuff is really much much better than strace :). Never heard of that, but now I am pretty impressed. Thanks. then it seems it's a portsnap problem and not cron...get it working in your normal shell first and then focus on automating it. (btw, what's wrong with (cd /usr/ports/ ; make update) , or a cvsup cmd line?) Portsnap is working pretty well in normal shell. I was using cvsup before portsnap, but now, as portsnap is being part of base system I am considering to switch to it on all our production servers. I am also going to give a try to make update in /usr/ports. Thank you! -- martin hudec * 421 907 303 393 * [EMAIL PROTECTED] * http://www.aeternal.net Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws. Douglas Adams, The Hitchhiker's Guide to the Galaxy pgp3qkWTwLCVH.pgp Description: PGP signature
Re: portsnap and updates using cron
Hello, On Wed, Aug 31, 2005 at 11:28:03AM -0500 or thereabouts, Will Maier wrote: So what happens when you run: # /usr/local/sbin/portsnap fetch # /usr/local/sbin/portsnap update They are both running pretty well from command line. on the command line? Your portsnap.conf seems like it might be missing the GPG keyprint for the update distributor. I wonder what errors you get. Have you ever run `portsnap extract`? Here is full content of portsnap.conf located in /usr/local/etc/: # Defaults: WORKDIR=/usr/local/portsnap PORTSDIR=/usr/ports KEYPRINT=9b5feee6d69f170e3dd0a2c8e469ddbd64f13f978f2f3aede40c98633216c330 URL=http://portsnap.daemonology.net -- martin hudec * 421 907 303 393 * [EMAIL PROTECTED] * http://www.aeternal.net Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws. Douglas Adams, The Hitchhiker's Guide to the Galaxy pgpIIQuPz5tjG.pgp Description: PGP signature
Pentium and GUI
Howdy I am up against a wall trying to discern which LATEST version will run with a dual Pentium board, and allow a GUI interface. I am over my head studying for CCNP Certification exams. I have spent all the time I can budget for looking for this simple info. I have release 4.3 - but could download a later release, since the 5.4 I have on hand will NOT install on a Pentium platform. I want to run a FreeBSD hardware firewall along with my Cisco 2514 router and my DSL line. What is the latest release I can install, and have a GUI interface / desktop, and use a Tyan Tomcat 3, dual Pentium mainboard? TIA Rick-Ashley Read (soon to become CCNP) Portland, OR. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problem with email...
Hello, Thank you in advance for your help. My name is Karen Donathan and I am the Computer Science teacher at George Washington High School in Charleston, WV. (http://gwhs.kana.k12.wv.us). We have been running FreeBSD on our webserver for abuot 5 years. Over the summer, I recently began getting fake email messages from [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],[EMAIL PROTECTED], etc. etc. etc. The subject line is always something like YOUR ACCOUNT IS SUSPENDED, You have successfully updated your password, etc. Each of these contain an attachment, so I know that a virus is trying to get into our server. I need some suggestions on what to do to make this stop. Thank you, Karen Donathan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: mail malady - dns/postfix
Greg Barniskis wrote: Hard to say, but as far as a management discussion goes, it is clear that this problem has really nothing to do with your selection of FreeBSD as DNS/mail host, and (barring better failsafe procedures like IP number migration) would have occurred regardless of the OS chosen. The problem as such is 3rd party systems you can't control. indeed. my first rule of 'planned' DNS changes: lower refresh to minimum acceptable. then when I'm sure everything works, up it to my defaults. And , btw, if you hear of those DNS hosters that tell you they have instant propagation , make sure you read the very very small footprint that says within our network. i.e., DNS is a game where all DNS servers play along...or not ;) b ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: portsnap and updates using cron
Hi there, To run portsnap and/or freebsd update as a cron job use : #portsnap cron *NOT fetch Regards, Ruben -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of martin hudec Sent: August 31, 2005 6:30 PM To: freebsd-questions@freebsd.org Subject: Re: portsnap and updates using cron Hello, On Thu, Sep 01, 2005 at 02:07:57AM +1000 or thereabouts, Norberto Meijome wrote: man ktrace man kdump in a nutshell: ktrace shows the kernel calls that a process is executing. It creates a dump file which you can view with kdump. similar (better actually) than strace and whatever other ?trace found in linux. Hmmm, thanks for info, this kstuff is really much much better than strace :). Never heard of that, but now I am pretty impressed. Thanks. then it seems it's a portsnap problem and not cron...get it working in your normal shell first and then focus on automating it. (btw, what's wrong with (cd /usr/ports/ ; make update) , or a cvsup cmd line?) Portsnap is working pretty well in normal shell. I was using cvsup before portsnap, but now, as portsnap is being part of base system I am considering to switch to it on all our production servers. I am also going to give a try to make update in /usr/ports. Thank you! -- martin hudec * 421 907 303 393 * [EMAIL PROTECTED] * http://www.aeternal.net Nothing travels faster than the speed of light with the possible exception of bad news, which obeys its own special laws. Douglas Adams, The Hitchhiker's Guide to the Galaxy -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 08/30/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.10.17/85 - Release Date: 08/30/2005 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mounting a RHLinux 7.1 partition
Isaac Grover wrote: Good morning everyone, Due to a hardware failure on my RHLinux 7.1 gateway, I have chosen to install FreeBSD 5.4 as my new gateway's operating system. The hard drive didn't die fortunately, as I did test it on another system to make sure it booted, and aside from kudzu complaining about some new and missing hardware, everything was there. Once I had FreeBSD 5.4 set up, I put the RHLinux drive in the FreeBSD machine as primary slave. Manually mounting the drive didn't seem to work since I could find which /dev/ entry the RHLinux drive ended up on, and of course fdisk wouldn't help for the same reason. So I pulled the RHLinux drive from the FreeBSD machine, set it up as primary master on another machine, and was going to do the necessary file copies over the network. However, now it boots up with the FreeBSD menu, giving me one option (F1) to boot FreeBSD, and pressing F1 yields a beep from the PC speaker, and no boot. What happened to my RHLinux MBR and how can I either: 1) restore the MBR or 2) retrieve my data? Thanks in advance, Your drive, if set as primary slave, should have been /dev/ad(da)1 (ad = IDE da=SCSI). AFAIK these are hard-coded unless something has changed. Check the handbook. When you say manually mounting the drive didn't seem to work I wonder if you tried hard enough? FreeBSD can mount some Linux filesystems. What filesystem is on this HDD? Perhaps one of: mount_cd9660(8), mount_devfs(8), mount_ext2fs(8), mount_fdescfs(8), mount_hpfs(8), mount_linprocfs(8), mount_msdosfs(8), mount_nfs(8), mount_ntfs(8), mount_nullfs(8), mount_nwfs(8), mount_portalfs(8), mount_procfs(8), mount_smbfs(8), mount_std(8), mount_udf(8), mount_umapfs(8), mount_unionfs(8). Of those, of course, the only ones I know might help with Linux are ext2 and msdos. The number of possible permutations is not so large that you couldn't try them all, since you really want your data. Note that the list is a c/p from the manpage and not edited to reality. AFAIK FreeBSD doesn't do the reiser fs, which, if that's what you have, would explain why you couldn't mount the drive. As for what happened to your MBR, I can't say, as you ran sysinstall and I dunno which togs you pushed Someone else may well know how you might repair your RedHat MBR. I suppose it's possible that there are 3rd party programs to help. It might also be possible to use dd to get the data, but that's a tad over my head. And, of course, the obvious question. Where are your backups? ;-) KDK ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portsnap and updates using cron
On Wed, Aug 31, 2005 at 06:32:17PM +0200, martin hudec wrote: On Wed, Aug 31, 2005 at 11:28:03AM -0500 or thereabouts, Will Maier wrote: So what happens when you run: # /usr/local/sbin/portsnap fetch # /usr/local/sbin/portsnap update They are both running pretty well from command line. No errors? They update your ports tree as expected? Here is full content of portsnap.conf located in /usr/local/etc/: # Defaults: WORKDIR=/usr/local/portsnap PORTSDIR=/usr/ports KEYPRINT=9b5feee6d69f170e3dd0a2c8e469ddbd64f13f978f2f3aede40c98633216c330 URL=http://portsnap.daemonology.net This is fine. Looking back over the thread, you mention that, in cron, you're running the following: portsnap cron portsnap -I update ^^ You also say that you think your process isn't functioning because the ctimes in /usr/ports are too old. You do realize that '-I' causes portsnap to update INDEX files, but not the rest of the ports tree (man 8 portsnap). -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] | | [EMAIL PROTECTED] | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem when making index in /usr/ports
bsd wrote: Hello, root:newmail 12:16 /usr/ports # make index Generating INDEX-5 - please wait..p5-Unicode-MapUTF8-1.09: /usr/ ports/japanese/p5-Jcode non-existent -- dependency list incomplete === converters/p5-Unicode-MapUTF8 failed *** Error code 1 1 error Before reporting this error, verify that you are running a supported version of FreeBSD (see http://www.FreeBSD.org/ports/) and that you have a complete and up-to-date ports collection. (INDEX builds are not supported with partial or out-of-date ports collections -- in particular, if you are using cvsup, you must cvsup the ports-all collection, and have no refuse files.) If that is the case, then report the failure to [EMAIL PROTECTED] together with relevant details of your ports configuration (including FreeBSD version, your architecture, your environment, and your /etc/make.conf settings, especially compiler flags and WITH/WITHOUT settings). make sure you dont' have the japanese tree excluded via /usr/local/sup/refuse. these dependencies are the main reason I gave up on refuse files and started using pkgtools.conf and the port* tools. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mount_msdosfs gives read-only error
Hello, I'm running 6.0-BETA3 and this is happening on all my floppies. # fdformat /dev/fd0 fdformat: open(/dev/fd0): Read-only file system # ls -l /dev/fd0 crw-rw-rw- 1 root operator 14, 103 Aug 31 13:14 /dev/fd0 (It was chmod 660 first and I changed it to 666 without benefit.) I'm running as root. The floppies are not made read-only. With 5.4 (same machine, a couple of weeks ago) it still worked. I can't use dd to write something to any place on the floppy. And I tried it with 5 floppies already. Any ideas? Ronald. -- Ronald Klop Amsterdam, The Netherlands ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 3ware raid disks requiring fsck ing,
Try memtestx86. Bad RAM could also cause the issues. Also look at the IDE cables. 2 bad cards would not be normal. On Aug 31, 2005, at 9:19 AM, Gerald de la Pascua wrote: I have started getting failures on a freebsd 4.x machine running 3ware card, the machine had been crashing from time to time, and it crashed and would not reboot saying noufs. Replacing the 3ware card ( a 7002 I think, the older 2 port ones) with a 7006 fixed this issue, but since then I have been getting crashes every few weeks/months, where the machine needs to do fsck's on the file partiitions, to come back to life. this is odd for a raid system, and didn't seem to happen before. I am thinking perhaps there is a hardware issue on this machine, and perhaps it fails under load ? does anyone have any experience of this? might the change of card be significant ? kind regards, Gerald de la Pascua ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Pentium and GUI
Not sure you are going to SMP on this board under FreeBSD. I would try NetBSD or Linux. On Aug 31, 2005, at 9:35 AM, Rick-Ashley Read wrote: Howdy I am up against a wall trying to discern which LATEST version will run with a dual Pentium board, and allow a GUI interface. I am over my head studying for CCNP Certification exams. I have spent all the time I can budget for looking for this simple info. I have release 4.3 - but could download a later release, since the 5.4 I have on hand will NOT install on a Pentium platform. I want to run a FreeBSD hardware firewall along with my Cisco 2514 router and my DSL line. What is the latest release I can install, and have a GUI interface / desktop, and use a Tyan Tomcat 3, dual Pentium mainboard? TIA Rick-Ashley Read (soon to become CCNP) Portland, OR. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Logo Contest Update?
On Wed, Aug 31, 2005 at 04:57:31AM -0700, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kris Kennaway Sent: Wednesday, August 31, 2005 1:54 AM To: Josh Ockert Cc: Pratt, Benjamin E.; FreeBSD-Questions; Ted Mittelstaedt Subject: Re: Logo Contest Update? On Tue, Aug 30, 2005 at 10:06:27AM -0400, Josh Ockert wrote: Please refrain from misinformation. But that's so hard for Ted! Hey, I don't even have to try on this one - the lack of updates to the contest website says it all. When a contest can't meet it's own promises it does a far, far better job of discrediting itself than anything I could do. Couldn't possibly be anything else, like, say, the person in charge being away, huh? Gotta keep those black helicopters circling! Kris pgpTcKuEitXxW.pgp Description: PGP signature
Re: problem with email...
On 8/31/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello, Thank you in advance for your help. My name is Karen Donathan and I am the Computer Science teacher at George Washington High School in Charleston, WV. (http://gwhs.kana.k12.wv.us). We have been running FreeBSD on our webserver for abuot 5 years. Over the summer, I recently began getting fake email messages from [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],[EMAIL PROTECTED], etc. etc. etc. The subject line is always something like YOUR ACCOUNT IS SUSPENDED, You have successfully updated your password, etc. Each of these contain an attachment, so I know that a virus is trying to get into our server. I need some suggestions on what to do to make this stop. The general answers are: - add a virus scanner to your mail server (clamav works well) - reject mail with invalid local sender addresses - add some spam controls to your mail server Specific answers depend on what mail software (sendmail? postfix? exim? qmail? something else?) you are using and how strict rules you can apply. -- Noel Jones ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Pentium and GUI
On Aug 31, 2005, at 12:35 PM, Rick-Ashley Read wrote: I am up against a wall trying to discern which LATEST version will run with a dual Pentium board, and allow a GUI interface. Running a GUI interface desires 64MB of RAM or more, but is independent of the type of CPUs you have. I am over my head studying for CCNP Certification exams. I have spent all the time I can budget for looking for this simple info. OK. I have release 4.3 - but could download a later release, since the 5.4 I have on hand will NOT install on a Pentium platform. That's a problem which ought to be fixed. You haven't provided enough information to diagnose what's going wrong, however. Consider trying 4.11 or wait a little bit for 6.0-RELEASE instead. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem with email...
On Wed, Aug 31, 2005 at 12:40:18PM -0400, [EMAIL PROTECTED] wrote: Over the summer, I recently began getting fake email messages from [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],[EMAIL PROTECTED], etc. etc. etc. The subject line is always something like YOUR ACCOUNT IS SUSPENDED, You have successfully updated your password, etc. Each of these contain an attachment, so I know that a virus is trying to get into our server. I need some suggestions on what to do to make this stop. A virus isn't necessarily 'trying to get into your server'. If you look at the headers of those emails, it's quite likely that they originate somewhere else. If they come from someone else's server but purport to be from your own, it's likely that you are the victim of a 'spear phishing' attack. As far as stopping those mails, treat them like any other spam. If they have viral payloads, you should be using virus detection somewhere in the chain (preferably near the mail server) to weed them out anyway. -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | email:[EMAIL PROTECTED] | | [EMAIL PROTECTED] | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problem with email...
On Aug 31, 2005, at 12:40 PM, [EMAIL PROTECTED] wrote: Over the summer, I recently began getting fake email messages from [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED],[EMAIL PROTECTED], etc. etc. etc. The subject line is always something like YOUR ACCOUNT IS SUSPENDED, You have successfully updated your password, etc. Each of these contain an attachment, so I know that a virus is trying to get into our server. I need some suggestions on what to do to make this stop. You're being spammed, some of which contains viruses. You should install amavisd-new, clamav, and SpamAssassin (or bogofilter, etc). -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions Digest, Vol 110, Issue 10
All I can say is download PureFTPd (www.pureftpd.org) and compile with the following switch --with-puredb (from the main documentation). Install and then follow the directions for setting up virtual users (http://www.pureftpd.org/README.Virtual-Users) . Create your users and start the server with /usr/local/sbin/pure-ftpd -j -lpuredb:/etc/pureftpd.pdb I was doing this EXACT task today. After arguing for hours with the vsftp server I went for this one. After about 15 minutes its now working like a dream. Good luck Simon Message: 2 Date: Wed, 31 Aug 2005 14:18:28 +0200 From: Andreas Wideroe Andersen [EMAIL PROTECTED] Subject: FTP Permissions To: freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii; format=flowed Hi, I'm running FreeBSD 5.4 STABLE and the latest Proftpd. I have a little problem I need help with. I want about 10 users to have access to the same directory/subdirectories on the FTP server and all must be able to upload, delete and retrive (full access) to the files in these directories. I want all users to have different usernames/passwords so I can log them, but all should have full access to the ftp directories. How would I set this up? I've tried making all members of the same group, but I can't overwrite/delete files other uploaded. Any help very much appreciated. Thanks! Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Logo Contest Update?
On 08/31/05 12:59 PM, Kris Kennaway sat at the `puter and typed: On Wed, Aug 31, 2005 at 04:57:31AM -0700, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kris Kennaway Sent: Wednesday, August 31, 2005 1:54 AM To: Josh Ockert Cc: Pratt, Benjamin E.; FreeBSD-Questions; Ted Mittelstaedt Subject: Re: Logo Contest Update? On Tue, Aug 30, 2005 at 10:06:27AM -0400, Josh Ockert wrote: Please refrain from misinformation. But that's so hard for Ted! Hey, I don't even have to try on this one - the lack of updates to the contest website says it all. When a contest can't meet it's own promises it does a far, far better job of discrediting itself than anything I could do. Couldn't possibly be anything else, like, say, the person in charge being away, huh? Gotta keep those black helicopters circling! LOL. You guys are brutal. I'm glad I decided to stay out of this thread. Sorta. :) Cheers Lou -- Louis LeBlanc FreeBSD-at-keyslapper-DOT-net Fully Funded Hobbyist, KeySlapper Extrordinaire :) Please send off-list email to: leblanc at keyslapper d.t net Key fingerprint = C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2 Hoare's Law of Large Problems: Inside every large problem is a small problem struggling to get out. pgpzTGtDqfcih.pgp Description: PGP signature
Re: Logo Contest Update?
On 8/31/05, Louis LeBlanc [EMAIL PROTECTED] wrote: ... LOL. You guys are brutal. I'm glad I decided to stay out of this thread. Sorta. :) Me too. Especially after I found out who's actually inside the OpenBSD fish/logo: http://www.openbsd.org/27.html :-))) -- Dmitry Mityugov, St. Petersburg, Russia I ignore all messages with confidentiality statements We live less by imagination than despite it - Rockwell Kent, N by E ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Command to trace a route?
On Tue, Aug 30, 2005 at 08:28:26PM -0500, Kelly D. Grills wrote: On Fri, Aug 26, 2005 at 04:50:43PM -0500, Efren Bravo wrote: Hi, What's the name of the command to trace a route to a host, on windows is tracert. Thanks As others have pointed out it's traceroute. apropos may help the next time you're looking for a command: Slightly OT, but tcptraceroute is also very useful: Info: A traceroute implementation using TCP packets -John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Command to trace a route?
On Aug 31, 2005, at 1:43 PM, John Oxley wrote: As others have pointed out it's traceroute. apropos may help the next time you're looking for a command: Slightly OT, but tcptraceroute is also very useful: Info: A traceroute implementation using TCP packets traceroute -P tcp...? :-) The modern BSD traceroute supports all of: -P Send packets of specified IP protocol. The currently supported protocols are: UDP, TCP, GRE and ICMP. Other protocols may also be specified (either by name or by number), though traceroute does not implement any special knowledge of their packet for- mats. This option is useful for determining which router along a path may be blocking packets based on IP protocol number. But see BUGS below. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Logo Contest Update?
On 08/31/05 09:41 PM, Dmitry Mityugov sat at the `puter and typed: On 8/31/05, Louis LeBlanc [EMAIL PROTECTED] wrote: ... LOL. You guys are brutal. I'm glad I decided to stay out of this thread. Sorta. :) Me too. Especially after I found out who's actually inside the OpenBSD fish/logo: http://www.openbsd.org/27.html :-))) Love it. Nice and obscure, but he's there. :) -- Louis LeBlanc FreeBSD-at-keyslapper-DOT-net Fully Funded Hobbyist, KeySlapper Extrordinaire :) Please send off-list email to: leblanc at keyslapper d.t net Key fingerprint = C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2 Jones' Second Law: The man who smiles when things go wrong has thought of someone to blame it on. pgphXYx60CxPc.pgp Description: PGP signature