Strange behaviour of nss_ldap in 7.2
Hi, I am using nss_ldap without problem on a machine with FreeBSD 6.4 amd64. Now I wanted to make a similar configuration with a machine running FreeBSD 7.2 i386, but I have a problem: - as root, getent passwd gives me the list of users in /etc/passwd and in LDAP; - as user. getent passwd only gives me list of users in /etc/passwd. Example: samba1001: ls -l toto -rw-r--r-- 1 1001 30 0 Oct 31 13:21 toto samba1001: sudo ls -l toto Password: -rw-r--r-- 1 on staff 0 Oct 31 13:21 toto The group ID and user ID are not resolved. On the machine that is working: banyanon47: ls -l toto -rw-r--r-- 1 on csimstaff 0 Oct 31 13:46 toto banyanon48: sudo ls -l toto Password: -rw-r--r-- 1 on csimstaff 0 Oct 31 13:46 toto The user and grup ID are resolved. Note that I can authenticate against LDAP without problem (sudo with pam_ldap works and ssh work). I have copied nss_ldap.conf and nsswitch.conf from the 6.4 to the 7.2 machine (with needed name changing). Both LDAP servers are running almost the same thing, ACL are the same. I have tried to remove the ACL on LDAP server without success. I am stuck with a different behaviour between 6.4 and 7.2, any help will be greatly appreciated as I need to solve that problm urgently. TIA, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Strange behaviour of nss_ldap in 7.2
Bad bad bad me. I am using nss_ldap without problem on a machine with FreeBSD 6.4 amd64. Now I wanted to make a similar configuration with a machine running FreeBSD 7.2 i386, but I have a problem: - as root, getent passwd gives me the list of users in /etc/passwd and in LDAP; - as user. getent passwd only gives me list of users in /etc/passwd. Sorry for the disturbance, it was a CA file that was not user readable. Shame on me. Example: samba1001: ls -l toto -rw-r--r-- 1 1001 30 0 Oct 31 13:21 toto samba1001: sudo ls -l toto Password: -rw-r--r-- 1 on staff 0 Oct 31 13:21 toto The group ID and user ID are not resolved. On the machine that is working: banyanon47: ls -l toto -rw-r--r-- 1 on csimstaff 0 Oct 31 13:46 toto banyanon48: sudo ls -l toto Password: -rw-r--r-- 1 on csimstaff 0 Oct 31 13:46 toto The user and grup ID are resolved. Note that I can authenticate against LDAP without problem (sudo with pam_ldap works and ssh work). I have copied nss_ldap.conf and nsswitch.conf from the 6.4 to the 7.2 machine (with needed name changing). Both LDAP servers are running almost the same thing, ACL are the same. I have tried to remove the ACL on LDAP server without success. I am stuck with a different behaviour between 6.4 and 7.2, any help will be greatly appreciated as I need to solve that problm urgently. TIA, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
best way to install/update software and firewall choice
Hi, I am an old debian user and I am looking at freebsd for security reasons * I am very interested in the jail concept * I have to relearn iptables syntax each time I want to add a rule I am testing the system in vmware virtual machine. There is a point I don't fully understand. There are several ways of updating the system, from precompiled binaries or by recompiling the system and the ports (and using csup, portsnap, portupgrade ...). I would prefer to use the first way because it is really faster, but it seems to me that when I want to update my jails, there is no other easy way than recompiling the whole world into my jails. The other point a bit confusing is that I dont know which firewall to use. My first guess would be to use pf, because it exists also on openbsd, but it seems that the default would go to ipfw. Thanks to support a newby -- Guy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: best way to install/update software and firewall choice
Guy Marcenac wrote: Hi, I am an old debian user and I am looking at freebsd for security reasons * I am very interested in the jail concept * I have to relearn iptables syntax each time I want to add a rule Don't we all :) I am testing the system in vmware virtual machine. There is a point I don't fully understand. There are several ways of updating the system, from precompiled binaries or by recompiling the system and the ports (and using csup, portsnap, portupgrade ...). To update your base system, you can use freebsd-update. This uses precompiled binaries and also updates the relevant sources (assuming you have them installed beforehand and you are using the default freebsd-update configuration - which is recommended). However if you are going to run jails, this advantage is more less defeated: you will have to run 'make buildworld' anyway to install the result in the jails. I would prefer to use the first way because it is really faster, but it seems to me that when I want to update my jails, there is no other easy way than recompiling the whole world into my jails. Yes, unless you can somehow run freebsd-update from inside a jail :) Don't know if this will work though. It will probably fail trying to patch the kernel. If you use freebsd-update you will only 'make installworld' for the jails, as the 'host' will be taken care of by freebsd-update binary patching. You still need the make buildworld step, so you don't really gain much. The other point a bit confusing is that I dont know which firewall to use. My first guess would be to use pf, because it exists also on openbsd, but it seems that the default would go to ipfw. I am using pf too. It is a matter of preference and features needed. I suggest you read the Handbook chapter and decide for yourself. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: best way to install/update software and firewall choice
Guy Marcenac wrote: Hi, I am an old debian user and I am looking at freebsd for security reasons * I am very interested in the jail concept * I have to relearn iptables syntax each time I want to add a rule I am testing the system in vmware virtual machine. There is a point I don't fully understand. There are several ways of updating the system, from precompiled binaries or by recompiling the system and the ports (and using csup, portsnap, portupgrade ...). I would prefer to use the first way because it is really faster, but it seems to me that when I want to update my jails, there is no other easy way than recompiling the whole world into my jails. If you're building world for the base system, then you can install the same updates into your jails without recompiling everything: # cd /usr/src # make buildworld # make installworld## the base system # mergemaster -Ui # make DESTDIR=/jails/jail0.example.com/ ## each different jail # mergemaster -D /jails/jail0.example.com -Ui Alternatively you can nullfs mount /usr/src and /usr/obj into your jails, and then just log in to the jail and install the built world and run mergemaster that way. This is assuming that all your jails are intended to run the same OS version as your base system -- if not, then you are correct: you'll have to update each one separately. Similarly, you can nullfs mount the ports tree into you jails. A good approach is to create a /usr/ports/packages directory and then when installing in the base, make a package of anything you build. You can then install that package in the jail without lots of recompilation. If you're using portupgrade(1), use the -p flag in the base system to cause packages to be built, and the -P flag in your jails to install any available packages. This is functionality that is currently missing from portmaster but portmaster's author is soliciting donations to support himself while he spends some quality time implementing it. The other point a bit confusing is that I dont know which firewall to use. My first guess would be to use pf, because it exists also on openbsd, but it seems that the default would go to ipfw. ipfw(8) is the original FreeBSD firewall, whereas pf is an import from OpenBSD a few major versions back. Featurewise, they have much the same basic capabilities although for some more advanced stuff like HA you'll need pf. Personally I very much prefer pf because the config file is much more readable, and for the very simple reason that ipfw has a nasty tendency to lock you out of the system while you're trying to update the rules. While it is still possible to lock yourself out with pf, you have to try really quite hard to do so. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: best way to install/update software and firewall choice
freebsd-update works fine in a jail so long as you symlink the kernel file to /dev/null Manolis Kiagias wrote: Guy Marcenac wrote: Hi, I am an old debian user and I am looking at freebsd for security reasons * I am very interested in the jail concept * I have to relearn iptables syntax each time I want to add a rule Don't we all :) I am testing the system in vmware virtual machine. There is a point I don't fully understand. There are several ways of updating the system, from precompiled binaries or by recompiling the system and the ports (and using csup, portsnap, portupgrade ...). To update your base system, you can use freebsd-update. This uses precompiled binaries and also updates the relevant sources (assuming you have them installed beforehand and you are using the default freebsd-update configuration - which is recommended). However if you are going to run jails, this advantage is more less defeated: you will have to run 'make buildworld' anyway to install the result in the jails. I would prefer to use the first way because it is really faster, but it seems to me that when I want to update my jails, there is no other easy way than recompiling the whole world into my jails. Yes, unless you can somehow run freebsd-update from inside a jail :) Don't know if this will work though. It will probably fail trying to patch the kernel. If you use freebsd-update you will only 'make installworld' for the jails, as the 'host' will be taken care of by freebsd-update binary patching. You still need the make buildworld step, so you don't really gain much. The other point a bit confusing is that I dont know which firewall to use. My first guess would be to use pf, because it exists also on openbsd, but it seems that the default would go to ipfw. I am using pf too. It is a matter of preference and features needed. I suggest you read the Handbook chapter and decide for yourself. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPv6-only host and portupgrade
$witch a.spine...@rfc1925.net writes: have done a best effort to avoid useless question, am posting after various faq-research and tests. having an IPv6-ONLY (FreeBSD 7.0) host that needs to perform a portsnap fetch there is NO LIST of portsnap-IPv6-capable servers. maybe they don't exists or i am too blind to find them; is there anybody that can post hostnames or links to souch kind of servers? obviously i can workaround using an IPv4--IPv6 intermediate-host, but the goal is a pure IPv6 FreeBSD farm. You could ask Colin Percival... -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: issues with email migration
only one issue with that. The server in question is an emc clereon(sorry not at work to look at the specifics) and at this point the only access I have to it is a web interface and am unable to access a command line. Also a stupid question my plan is to set up another server to access the nfs share to provide better email service. would this impact it in any way? thank you again On 10/30/09, usleepl...@gmail.com usleepl...@gmail.com wrote: Hi David, On Fri, Oct 30, 2009 at 1:59 PM, David Patton da...@farmington.k12.mo.uswrote: This morning I moved the contents from the server over to an NFS share. This is a freebsd 6.2 server running postfix, courier-imap and squirrelmail. I used rsync to move the data for /www and /mail over to the nfs share. After I made the changed to fstab and rebooted, every thing came up and email seemed to be faster but in fact it wasn't. Once I realized that there was an issue, I changed the link back for the /www directory to the original location and left the link for /mail pointing to the nfs share. I found from a search to try newaliaies and the restart postfix but that didn't work. Maillog: Oct 30 06:11:38 bonnie postfix/smtpd[1337]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:11:39 bonnie postfix/master[889]: warning: process /usr/local/libexec/postfix/smtpd pid 1337 exit status 1 Oct 30 06:11:39 bonnie postfix/master[889]: warning: /usr/local/libexec/postfix/smtpd: bad command startup - throttling Message: Oct 30 06:00:27 bonnie postfix/smtpd[1177]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:01:28 bonnie postfix/smtpd[1184]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:02:29 bonnie postfix/smtpd[1192]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:03:30 bonnie postfix/smtpd[1218]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:04:31 bonnie postfix/smtpd[1235]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:05:32 bonnie postfix/smtpd[1256]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:06:33 bonnie postfix/smtpd[1270]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:07:34 bonnie postfix/smtpd[1296]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported Oct 30 06:08:35 bonnie postfix/smtpd[1307]: fatal: shared-lock database /www/mailman/data/aliases.db for open: Operation not supported although i am certainly not an expert regarding email issues nor NFS, but could it be that the NFS server needs to support lockd and statd ? i have this in my /etc/rc.conf: rpc_lockd_enable=YES rpc_statd_enable=YES On both the server and client. File locking is not supported without these two daemons running. I run diskless clients and I need to support file locking, for when you edit the passwd file with vipw and the like. Please enable the above on both the server and client, start them, then try again. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
What VM does FreeBSD run well under
I am planing on rebuilding my laptop shortly. I am going to put Ubuntu 9.10 on as the base OS, and I want to be able to run various versions of FreebSD as guest OS'es under one of the free (EG not VMWare) virtual machine choices. Which of these does FreebSD run well under? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
system() call causes core dump
I have an application running a number of threads. I've had recent instances where the code below is causing a core dump to occur: char fstatCmd[200]; char *fstatOut = /tmp/fstat.out; sprintf(fstatCmd, fstat | grep -v USER | wc -l %s, fstatOut); rc = system(fstatCmd); The call is simply intended to get a count of the current open handles. The system call though causes a core: #0 0x000801058307 in _spinunlock () from /lib/libthr.so.3 #1 0x0008011d0afb in _malloc_postfork () from /lib/libc.so.7 #2 0x00080105c5fb in fork () from /lib/libthr.so.3 #3 0x000801191aae in system () from /lib/libc.so.7 #4 0x0008010553aa in system () from /lib/libthr.so.3 #5 0x0040b6f9 in mythread at myapp.c:461 #6 0x000801056a88 in pthread_getprio () from /lib/libthr.so.3 There appears to be some kind of thread-safe issue going on. I have a number of threads that are monitoring various items, waking up a differing intervals to do their respective tasks. Do I need to put in a global mutex so that the threads never attempt to make simultaneous system() calls? Curiously, only this particular system() call appears to be causing a core. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Which VM ?
I am planing n rebuilding my laptop now that 9.10 is out. I want to be able to run Ubuntu, FreeBSD, OpenBSD, and perhaps XP as guest OS'es on this machine. I tried this a month or so ago with VirtualBox, and some of these OS'es did not work under it. I understand that the one Linus is favoring is Xen. What's the collective wisdom of the list on this? Which VM should I use? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD vs Russian's laws
Good day! I wanted to share with you the situation in Russia and hear advice. In Russia introduced a law On personal data and the corresponding standarts. In accordance with these standarts process personal data (ie 80% of all data in the enterprise) can only by certified operating systems and software. Certified happening in the Federal Security Service in Russia (FSB in USA). But FreeBSD doesn't certify anyone. That is, in Russia are trying to ban the use os Freebsd and similar. For the use of face criminal liability. What do i do not kwow, but refuse to use FreeBSD, i don't intend to. How do you fight against corruption bureaucraty in the government itself? Thks -- Respectfully, Stanislav Putrya System administrator RMK Kovsh Ltd. IM: 328585847 mob. phone: +79525600664 email: root.vag...@gmail.com email: vagner_ri...@bk.ru ( ) ASCII ribbon campaign X - against HTML, vCards and / \ - proprietary attachments in e-mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What VM does FreeBSD run well under
Hi, Which of these does FreebSD run well under? It runs okay under virtualbox. Cheers, Robert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: issues with email migration
On 10/31/09, da...@farmington.k12.mo.us da...@farmington.k12.mo.us wrote: only one issue with that. The server in question is an emc clereon(sorry not at work to look at the specifics) and at this point the only access I have to it is a web interface and am unable to access a command line. Also a stupid question my plan is to set up another server to access the nfs share to provide better email service. would this impact it in any way? snip replies Not if file locking and the daemons take care of everything like they should. Remember, file locking is mandatory for some things, especially mbox files, password files, or anything else that requires exclusive access to a file. If two systems try to access the same locked file, the 2nd will be told it won't be able to get an exclusive lock, because the 1st already has it locked. You're on the right track. Keep it going. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: system() call causes core dump
Peter Steele wrote: I have an application running a number of threads. I've had recent instances where the code below is causing a core dump to occur: char fstatCmd[200]; char *fstatOut = /tmp/fstat.out; sprintf(fstatCmd, fstat | grep -v USER | wc -l %s, fstatOut); rc = system(fstatCmd); The call is simply intended to get a count of the current open handles. The system call though causes a core: #0 0x000801058307 in _spinunlock () from /lib/libthr.so.3 #1 0x0008011d0afb in _malloc_postfork () from /lib/libc.so.7 #2 0x00080105c5fb in fork () from /lib/libthr.so.3 #3 0x000801191aae in system () from /lib/libc.so.7 #4 0x0008010553aa in system () from /lib/libthr.so.3 #5 0x0040b6f9 in mythread at myapp.c:461 #6 0x000801056a88 in pthread_getprio () from /lib/libthr.so.3 There appears to be some kind of thread-safe issue going on. I have a number of threads that are monitoring various items, waking up a differing intervals to do their respective tasks. Do I need to put in a global mutex so that the threads never attempt to make simultaneous system() calls? Curiously, only this particular system() call appears to be causing a core. In UNIX it is not safe to perform arbitrary actions after forking a multi-threaded process. You're basically expected to call exec soon after the fork, although you can do certain other work if you are very careful. The reason for this is that after the fork, only one thread will be running in the child, and if that thread tries to acquire a lock or other formerly-shared resource it may deadlock or crash, because the child process is no longer accessing the same memory location as the threads in the parent process (it gets a separate copy of the address space at the time of fork, which may not be in a consistent state from the point of view of the thread library). Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: best way to install/update software and firewall choice
On 10/31/09, phantomcircuit phantomcirc...@covertinferno.org wrote: freebsd-update works fine in a jail so long as you symlink the kernel file to /dev/null I've never needed to do that. I run lots of jails and i just run freebsd-update like normal. I don't install the kern sets in the jails though, just base. cat base.?? | tar -xzf - -C /jails/jail0.sample ## setup /etc/resolv.conf in the jail ## run freebsd-update from within the jail ## it patches and runs fine. ## this is not the documented way to do it, but I haven't yet had problems with it. ## world for the jails will take about 128MB of disk space, any services you add are on top of that. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
dhcpd related issue
Hello,
I just configured my dhcpd but it gives no IP-s.
What had I done until now:
1. Installed isc-dhcp via ports
2. edited the /usr/local/etc/dhcpd.conf
option domain-name bsd;
option domain-name-servers my dns server ip;
option subnet-mask 255.255.255.0;
authoritative;
default-lease-time 3600;
max-lease-time 86400;
ddns-update-style none;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.129 192.168.1.250;
option routers 192.168.1.1;
}
3. Added the following ones to /etc/rc.conf
ifconfig_rl1=inet 192.168.1.1 netmask 255.255.255.0
dhcpd_enable=YES
dhcpd_conf=/usr/local/etc/dhcpd.conf
dhcpd_ifaces=rl1
4. Opened the adequate port in pf
pass in log on rl1 inet proto tcp from 192.168.1.0/24 to 192.168.1.1 port =
bootps flags S/SA keep state
pass in log on rl1 inet proto udp from 192.168.1.0/24 to 192.168.1.1 port =
bootps keep state
5.. When I start de daemon:
# /usr/local/etc/rc.d/isc-dhcpd start
Starting dhcpd.
Internet Systems Consortium DHCP Server V3.0.7
Copyright 2004-2008 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
Wrote 0 leases to leases file.
Listening on Socket/rl1/192.168.1/24
Sending on Socket/rl1/192.168.1/24
Everythings looks to be ok there but on the client (I tried OS-X and Nokia
symbian) I can not obtain the IP address, do you have any idea what should I
check?
Thanks!
Laci
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dhcpd related issue
What shows tcpdump? -- Respectfully, Stanislav Putrya System administrator RMK Kovsh Ltd. IM: 328585847 mob. phone: +79525600664 email: root.vag...@gmail.com email: vagner_ri...@bk.ru ( ) ASCII ribbon campaign X - against HTML, vCards and / \ - proprietary attachments in e-mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Get the cwd of a process?
Thanks for the info! It works in my test case, but this spammer popped
again, and unfortunately, I still couldn't reveal the source:
The ps listing shows:
www29488 5.7 0.2 14144 5360 ?? Ss7:47AM 37:24.83
./jug.pl (perl5.8.8)
And the lsof -p 29488 -a -d cwd only shows:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 29488 www cwd VDIR 0,83 5122 /
I don't understand how the cwd could be /, as there was no jug.pl
there, and the www user cannot write to the root.
Could there be another trick being employed? I'm actually a little
puzzled by the ps listing. It shows the interpreter at the end in
parentheses, but if I invoke a similarly-named script from the shell,
it lists it as /usr/bin/perl ./jug.pl.
I also cannot find any traces of these perl scripts anywhere on the
machine, though my tests show that you can safely delete the script
after it is loaded by the interpreter.
*trying something...*
Okay, so I've written a little script to reproduce what I'm seeing:
#!/usr/bin/perl
$pid = fork();
if ($pid)
{
unlink(test.pl);
exit(0);
}
else
{
chdir /;
print Hello world\n;
sleep 300;
}
This must be what is happening. When I do an lsof, I get:
COMMAND PIDUSER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 95492 patrick cwd VDIR 0,83 5122 /
And there's no trace left of my script because I unlink()ed it.
This seems like it's going to be awfully hard to track down. I've gone
through every access_log to see if I can see anything suspicious. So
far, nothing yet, but I guess I'll keep plugging away at it.
*sigh*
Patrick
On Thu, Oct 29, 2009 at 8:48 PM, Dan Nelson dnel...@allantgroup.com wrote:
In the last episode (Oct 29), patrick said:
Is there any way to get the cwd of a process? We had the situation
recently where a perl script was called from an infiltrated Wordpress
installation, but we weren't able to determine which of the hundreds of
Wordpress blogs was the source. The ps listing showed:
www 63968 2.4 0.2 26092 5008 ?? Rs 5:36PM 93:10.67
./mrf.pl (perl5.8.8)
The procfs entry was no help because it does not seem to provide a cwd.
The cmdline entry just showed /usr/local/bin/perl ./mrf.pl.
We had to kill the process, and who ever was responsible did a good job of
hiding their tracks. But should this happen again (and we expect it
will), we'd like to be able to find the source.
/usr/bin/fstat will tell you the inode of the cwd, and you can use find
-inum to locate it. You can also install lsof from ports, which will dig
into the kernel and try and fetch the name itself:
(d...@dan.21) /home/dan fstat -p $$ | grep wd
dan zsh 77611 wd / 474264 drwxr-xr-x 533 r
(d...@dan.21) /home/dan lsof -p $$ -a -d cwd
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
zsh 77611 dan cwd VDIR 60,504234031 533 474264 /usr/home/dan
--
Dan Nelson
dnel...@allantgroup.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What VM does FreeBSD run well under
On Sat, Oct 31, 2009 at 04:19:21PM +0100, Robert Joosten wrote: Hi, Which of these does FreebSD run well under? It runs okay under virtualbox. OK, thanks. I tried this a couple of months ago, and had troube witj either OpenBSD, or FrebSD under VirtualBox. Given your commnet, my problems must have been with OpenBSD. -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dhcpd related issue
I tried this one: # tcpdump -n -e -ttt -r /var/log/pflog port 67 reading from file /var/log/pflog, link-type PFLOG (OpenBSD pflog file) And it shows nothing. Do you have any other idea what should I try? From: Vagner root.vag...@gmail.com To: FreeBSD questions Mail List freebsd-questions@freebsd.org Sent: Sat, October 31, 2009 5:09:52 PM Subject: Re: dhcpd related issue What shows tcpdump? -- Respectfully, Stanislav Putrya System administrator RMK Kovsh Ltd. IM: 328585847 mob. phone: +79525600664 email: root.vag...@gmail.com email: vagner_ri...@bk.ru ( ) ASCII ribbon campaign X - against HTML, vCards and / \ - proprietary attachments in e-mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Installation freezes
When installing freebsd, after menu option selection, the boot process freezes at: md0: Preloaded image 4194304 bytes at 0x80c4be40 ATA PseudoRAID loaded flowtable cleaner started warning: no time-of-day clock registered, system time will not be set accurately Trying to mount root from ufs:/dev/md0 Start_init: trying /sbin/init Start_init: trying /sbin/oinit Start_init: trying /sbin/init.bak Start_init: trying /rescue/init Start_init: trying /stand/sysinstall It is a laptop clevo M540SR with chipset VIA VN896. Bios options are very limited, so I can't disabled USB ( as I've seen here http://blog.elitecoderz.net/freebsd-freezes-on-trying-to-mount-root-from-ufsdevmd0-and-is-stucked/2009/01/ )http://blog.elitecoderz.net/freebsd-freezes-on-trying-to-mount-root-from-ufsdevmd0-and-is-stucked/2009/01/. It freezes on every version after 6.4, which is the only I can install (that way, upgrading to 7.0 went flawlessly, but after that, updating to 7.2 gives boot freeze again ) I already tried some boot hints with any success such as: set hw.ata.atapi_dma=0 set hint.kbdmux.0.disabled=1 set hint.apic.0.disabled=1 set hint.sio.0.disabled=1 set hint.sio.1.disabled=1 set hint.fdc.0.disabled=1 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
UVC Webcam under Qemu/Windows
Hi, Have anyone succeeded using the USB UVC webcam under qemu (in Windows under Qemu because there are drivers for the webcam in Windows)? I tried and it almost worked. The webcam's led lighted up but I never got the image from the webcam and Windows told that the device (webcam) is not working. -- EforeZZ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What VM does FreeBSD run well under
On Sat, Oct 31, 2009 at 10:14 AM, stan st...@panix.com wrote: I am planing on rebuilding my laptop shortly. I am going to put Ubuntu 9.10 on as the base OS, and I want to be able to run various versions of FreebSD as guest OS'es under one of the free (EG not VMWare) virtual machine choices. Which of these does FreebSD run well under? -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I have tried FreeBSD 7.2 on both VmWare and Virtualbox. Just make sure you have NTP running, I have experienced time issues. , -- - Amiga, The Computer for the creative Mind! - UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity. - People who hate Microsoft Windows use Linux but people who love UNIX use BSD. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dhcpd related issue
You can analyze all the traffic going from the client to DHCP server. If this is of course really... -- Respectfully, Stanislav Putrya System administrator RMK Kovsh Ltd. IM: 328585847 mob. phone: +79525600664 email: root.vag...@gmail.com email: vagner_ri...@bk.ru ( ) ASCII ribbon campaign X - against HTML, vCards and / \ - proprietary attachments in e-mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Why is sendmail is part of the system and not a package?
2009/10/29 Lars Eighner luvbeas...@larseighner.com: On Thu, 29 Oct 2009, Ruben de Groot wrote: sendmail is NOT a legacy application. It's actively being developed ON FreeBSD. Actually, the maintainer(s) are doing a great job Bullshit. Why does sendmail call up the internet during boot? If it needs to know who it is, why can't it look in hosts? Since it cannot be trusted to send mail, what does it need to know from the internet? It has been horribly broken for the 15 years or so that I have run FBSD, and this m4 stuff is a pile of crap. There is no documentation whatsoever. Unless you buy a book from O'Reilly and line the pockets of the maintainer(s). Why can't it be a option to configure the system without it? Not any money in that, is there? What's wrong with 'this m4 stuff'? The documentation can be found in one of many of these links: http://www.google.com/search?q=sendmail.mc Chris -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in a mailing list? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dhcpd related issue
Ok, I found this one on my Mac MacBook configd[13]: DHCP en1: INIT transmit failed I googled but yet I haven't found any good idea. From: Vagner root.vag...@gmail.com To: FreeBSD questions Mail List freebsd-questions@freebsd.org Sent: Sat, October 31, 2009 7:03:54 PM Subject: Re: dhcpd related issue You can analyze all the traffic going from the client to DHCP server. If this is of course really... -- Respectfully, Stanislav Putrya System administrator RMK Kovsh Ltd. IM: 328585847 mob. phone: +79525600664 email: root.vag...@gmail.com email: vagner_ri...@bk.ru ( ) ASCII ribbon campaign X - against HTML, vCards and / \ - proprietary attachments in e-mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
vim Keybindings
I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on FBSD 7. Whenever I start vim, if I press the down arrow as the first key, it deletes the first line of my file and enters insert mode. All the other keys work fine and even the down arrow works fine after the first press. I've searched for help but haven't turned up anything relevant. Any ideas on what I can check? Thanks, Drew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: system() call causes core dump
In UNIX it is not safe to perform arbitrary actions after forking a multi-threaded process. You're basically expected to call exec soon after the fork, although you can do certain other work if you are very careful. The reason for this is that after the fork, only one thread will be running in the child, and if that thread tries to acquire a lock or other formerly-shared resource it may deadlock or crash, because the child process is no longer accessing the same memory location as the threads in the parent process (it gets a separate copy of the address space at the time of fork, which may not be in a consistent state from the point of view of the thread library). I am not calling fork explicitly. The thread I'm running in was created with pthread_create(). The fork() in the stack trace in my original email is being called by the system() function as it spawns off the process it is supposed want to run. Is there a safe way to call system() within a pthread? The app has several such threads doing various monitoring actions, some calling functions using system(), others invoking various C library routines. The parent process where these threads were spawned from is basically sleeping, waking up only periodically to check for shutdown events. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: vim Keybindings
On Sat, 31 Oct 2009, Drew Tomlinson wrote: I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on FBSD 7. Whenever I start vim, if I press the down arrow as the first key, it deletes the first line of my file and enters insert mode. All the other keys work fine and even the down arrow works fine after the first press. I've searched for help but haven't turned up anything relevant. Any ideas on what I can check? Thanks, Drew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Must be a bug. Try to remove it and to install again. Can't remember anything else if your .vimrc is OK. -- Best, Jozsef Kurucity | Web Graphic Designer +971 50 6783113 | jz...@aol.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What VM does FreeBSD run well under
On Sat, 31 Oct 2009, stan wrote: I am planing on rebuilding my laptop shortly. I am going to put Ubuntu 9.10 on as the base OS, and I want to be able to run various versions of FreebSD as guest OS'es under one of the free (EG not VMWare) virtual machine choices. Which of these does FreebSD run well under? Although I can't say I've tested it much, FreeBSD 7 seems to run fine on qemu. -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Gnokii with USB2
I'm trying to read the SMS of my telephone using comms/gnokii. But I
can't figure out which 'port' (thing in /dev) I must pass to gnokii.
/dev/usb/0.2.{0,1,2}, /dev/ugen0.2, /dev/da0, /dev/pass0 all didn't work
(Yes, I know trying da0 was not a really smart/safe idea). But those are
the only new devices which showed up after connecting the USB-cable.
My ~/.gnokiirc:
[global]
port = /dev/usb/0.2.1
model = AT
connection = serial
[logging]
debug = on
OS:
FreeBSD 8.0-CURRENT r193930 of June 10
Telephone:
LG K800
-- Jille
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Problem installing dvdauthor...
Hi all, Can anyone advise what I'm doing wrong trying to install multimedia/dvdauthor. Here's the end of the error: if cc -DHAVE_CONFIG_H -I. -I. -I. -DSYSCONFDIR=\/usr/local/etc\ -I/usr/local/include/libxml2 -I/usr/local/include -I/usr/local/include/ImageMagick -I/usr/local/include/freetype2 -I/usr/local/include -I/usr/local/include/fribidi -I/usr/local/include -I/usr/local/include -Wall -DICONV_CONV=yes -MT subreader.o -MD -MP -MF .deps/subreader.Tpo -c -o subreader.o subreader.c; \ then mv -f .deps/subreader.Tpo .deps/subreader.Po; else rm -f .deps/subreader.Tpo; exit 1; fi subreader.c: In function 'sub_read_line_aqt': subreader.c:661: warning: comparison with string literal results in unspecified behaviour subreader.c:661: warning: comparison with string literal results in unspecified behaviour subreader.c: In function 'sub_read_line_subrip09': subreader.c:717: warning: comparison with string literal results in unspecified behaviour subreader.c: In function 'sub_fribidi': subreader.c:1082: error: 'FRIBIDI_TRUE' undeclared (first use in this function) subreader.c:1082: error: (Each undeclared identifier is reported only once subreader.c:1082: error: for each function it appears in.) subreader.c:1083: error: 'FRIBIDI_FALSE' undeclared (first use in this function) subreader.c:1102: warning: passing argument 3 of 'fribidi_log2vis' from incompatible pointer type gmake[2]: *** [subreader.o] Error 1 gmake[2]: Leaving directory `/usr/ports/multimedia/dvdauthor/work/dvdauthor-0.6.14/src' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/usr/ports/multimedia/dvdauthor/work/dvdauthor-0.6.14/src' gmake: *** [all-recursive] Error 1 *** Error code 1 This is on: FreeBSD laptop.piggybox 7.2-STABLE FreeBSD 7.2-STABLE #0: Sat Oct 10 13:54:52 BST 2009 r...@laptop.piggybox:/usr/obj/usr/src/sys/LAPTOP i386 With a ports tree updated last night. What am I missing? Thanks for the help. Peter Harrison. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Failure to do netinstall
On Fri, Oct 30, 2009 at 8:34 AM, John Nielsen li...@jnielsen.net wrote: On Friday 30 October 2009 03:12:29 Vadim Maksimenko wrote: I have faced an unpleasant fact that your netinstall ability of 7.2 RELEASE and 8.0-RC2 are dead. My network card is being identified and initialized properly (an old 3com980), it gets DHCP setup (IP, gateway, DNS info is ok), but... That's all that is done properly. When I try to select any flavor of network install, it crashes with a message like Cannot connect bla bla bla: the connect is in wrong state. I just did a network installation of 8.0-RC2 yesterday (albeit from an 8.0-RC1 bootonly CD) so I'm fairly certain it's not totally broken. Since you apparently got a valid DHCP lease on your NIC it's probably not the card or the driver that's broken either What should I do now if I want to install FreeBSD via network and have no option of changing the hardware? We need to figure out what _is_ wrong. Can you provide more details of the exact steps you took during the setup? Do you have the exact error message? Guessing wildly, it's entirely possible that sysinstall got confused at some point. Did you have to repeat the network configuration or FTP server selection? Did you try repeating the installation after a reboot? JN You might also try enabling debugging messages and seeing what's on the next tty over when it fails. -- randi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What VM does FreeBSD run well under
Virtual Box runs it great, both as a host and a guest (its also in the port collection) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd 6.4 can't load kernel after upgrade
On Fri, Oct 30, 2009 at 8:20 PM, oscar Seo oscar...@gmail.com wrote: I'm a beginner in freebsd. my machine consists of freebsd-6.4 + i386 bootstrap loader,+ windowmaker after upgrade freebsd-6.4 using sysinstall then reboot the system, I got an error message as follows +++ Loading /boot/defaults/loader.conf Unable to load a kernel! / can't load 'kernel' Type '?' for a list of commands, 'help' for more detailed help. OK _ +++ so I decided to reinstall freebsd-6.4 but I can't boot and re-install freebsd using CD-rom. what shall I do boot my system using installed freebsd or live-CD ? Thanks... For future reference, while upgrading via sysinstall is possible, it's best to use something like freebsd-update, which is included in base. I can't recall off the top of my head if upgrading via sysinstall moves the kernel to kernel.old or not. Good luck with that. You may be best off using livefs and trying to repair with that. -- randi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD vs Russian's laws
On Sat,31-10-2009 [17:56:22], Vagner wrote: Good day! I wanted to share with you the situation in Russia and hear advice. In Russia introduced a law On personal data and the corresponding standarts. In accordance with these standarts process personal data (ie 80% of all data in the enterprise) can only by certified operating systems and software. Certified happening in the Federal Security Service in Russia (FSB in USA). But FreeBSD doesn't certify anyone. That is, in Russia are trying to ban the use os Freebsd and similar. For the use of face criminal liability. What do i do not kwow, but refuse to use FreeBSD, i don't intend to. How do you fight against corruption bureaucraty in the government itself? Thks It would be really interesting to hear the opinion of some Russian ISPs and major web services providers on this point. I.e. yandex.ru or rambler.ru which are known to run their services on freebsd in a rather large scale. -- Best regards, Jeff | Nobody wants to say how this works. | | Maybe nobody knows ... | | Xorg.conf(5)| ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: vim Keybindings
The original vi is doing this as well? If not you should write to the port maintainer and the developers. Cheers herb langhans On Sat, Oct 31, 2009 at 12:22:31PM -0700, Drew Tomlinson wrote: I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on FBSD 7. Whenever I start vim, if I press the down arrow as the first key, it deletes the first line of my file and enters insert mode. All the other keys work fine and even the down arrow works fine after the first press. I've searched for help but haven't turned up anything relevant. Any ideas on what I can check? Thanks, Drew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- sprachtraining langhans herbert langhans, warschau http://www.langhans.com.pl herbert dot raimund at gmx dot net +0048 603 341 441 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: vim Keybindings
Drew Tomlinson wrote: I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on FBSD 7. Whenever I start vim, if I press the down arrow as the first key, it deletes the first line of my file and enters insert mode. All the other keys work fine and even the down arrow works fine after the first press. I've searched for help but haven't turned up anything relevant. Any ideas on what I can check? Hmm. Don't know if your machine is exactly set up as mine, so 1st, does hitting the escape key as the first key fix things? And, on a shell, hit control-V (the common shell escape key for control keys), then the down arrow, what does it print? Not sure I would be able to help, but there is often a timing issue on special function key decoding (like all of the arrow keys, or the function keys, etc) and this may tell what your down key is set for in Vim. Beyond that, Vim's environment is extremely programmable, so one would really have to look carefully through all of your environment files, beginning with vim's ~/.vimrc. If you are using any of vim's huge store of extensions, your .vimrc probably has statements to include subdirectories (perhaps of your homedir). Those files are also candidates for trouble sources. Are you having this problem on ttys, or under X11? Tried both? It's most likely *something* dealing with Vim, because it's unreported on FreeBSD (I know, I love vim and been using it on FreeBSD-current for years). Vim's IRC channel (vim) is extremely good about helping on problems, like bad keymapping, they are just as good as we here on this mailing list are, but they obviously concentrate on vim. Anyways, if you answer these questions on the list or channel, folks are far more likely to be able to help you here (or on the vim channel). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Get the cwd of a process?
I've made some headway... perl supports sitecustomize.pl which can
be used to execute code when any perl script is run. It doesn't seem
to be enabled by default, so I had to add the following line to
/usr/ports/lang/perl5.8/Makefile's CONFIGURE_ARGS:
-Dusesitecustomize \
As a temporary measure, my sitecustomize.pl has:
system echo $$ $ENV{'PWD'} $0 . (localtime) . /tmp/scripts_used.lst;
(found this in another thread somewhere)
So, hopefully the next time this spammer comes back, I will see the
original working directory, etc. before the process forks itself.
Fingers crossed!
Patrick
On Sat, Oct 31, 2009 at 9:13 AM, patrick gibblert...@gmail.com wrote:
Thanks for the info! It works in my test case, but this spammer popped
again, and unfortunately, I still couldn't reveal the source:
The ps listing shows:
www 29488 5.7 0.2 14144 5360 ?? Ss 7:47AM 37:24.83
./jug.pl (perl5.8.8)
And the lsof -p 29488 -a -d cwd only shows:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 29488 www cwd VDIR 0,83 512 2 /
I don't understand how the cwd could be /, as there was no jug.pl
there, and the www user cannot write to the root.
Could there be another trick being employed? I'm actually a little
puzzled by the ps listing. It shows the interpreter at the end in
parentheses, but if I invoke a similarly-named script from the shell,
it lists it as /usr/bin/perl ./jug.pl.
I also cannot find any traces of these perl scripts anywhere on the
machine, though my tests show that you can safely delete the script
after it is loaded by the interpreter.
*trying something...*
Okay, so I've written a little script to reproduce what I'm seeing:
#!/usr/bin/perl
$pid = fork();
if ($pid)
{
unlink(test.pl);
exit(0);
}
else
{
chdir /;
print Hello world\n;
sleep 300;
}
This must be what is happening. When I do an lsof, I get:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
perl5.8.8 95492 patrick cwd VDIR 0,83 512 2 /
And there's no trace left of my script because I unlink()ed it.
This seems like it's going to be awfully hard to track down. I've gone
through every access_log to see if I can see anything suspicious. So
far, nothing yet, but I guess I'll keep plugging away at it.
*sigh*
Patrick
On Thu, Oct 29, 2009 at 8:48 PM, Dan Nelson dnel...@allantgroup.com wrote:
In the last episode (Oct 29), patrick said:
Is there any way to get the cwd of a process? We had the situation
recently where a perl script was called from an infiltrated Wordpress
installation, but we weren't able to determine which of the hundreds of
Wordpress blogs was the source. The ps listing showed:
www 63968 2.4 0.2 26092 5008 ?? Rs 5:36PM 93:10.67
./mrf.pl (perl5.8.8)
The procfs entry was no help because it does not seem to provide a cwd.
The cmdline entry just showed /usr/local/bin/perl ./mrf.pl.
We had to kill the process, and who ever was responsible did a good job of
hiding their tracks. But should this happen again (and we expect it
will), we'd like to be able to find the source.
/usr/bin/fstat will tell you the inode of the cwd, and you can use find
-inum to locate it. You can also install lsof from ports, which will dig
into the kernel and try and fetch the name itself:
(d...@dan.21) /home/dan fstat -p $$ | grep wd
dan zsh 77611 wd / 474264 drwxr-xr-x 533 r
(d...@dan.21) /home/dan lsof -p $$ -a -d cwd
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
zsh 77611 dan cwd VDIR 60,504234031 533 474264 /usr/home/dan
--
Dan Nelson
dnel...@allantgroup.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: vim Keybindings
Try creating /usr/local/share/vim/vimrc with the following: set nomodeline set nocompatible Patrick On Sat, Oct 31, 2009 at 12:22 PM, Drew Tomlinson d...@mykitchentable.net wrote: I'm experiencing an annoying problem with vim on FBSD 8 that I don't have on FBSD 7. Whenever I start vim, if I press the down arrow as the first key, it deletes the first line of my file and enters insert mode. All the other keys work fine and even the down arrow works fine after the first press. I've searched for help but haven't turned up anything relevant. Any ideas on what I can check? Thanks, Drew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
