Re: ezjail
I found the man ezjail-admin has this format ezjail-admin install -h file:// Where -h file:// means get the binaries from the host system the jails are running on. Am I correct? Yes, according to the man page. I haven't tried it yet myself, since I set up my basejail before this option was available. Well I tried it. The man page does not explain it clearly. What the -h really means is the -h file:// is the location for the release-8.0/base/ files. These files are not part of the base release directory tree that are part of the running system. They are only on the .iso install image such as the disc1.iso. I mounted the Release 8.0 disc1 install cd and changed into directory cd /cdrom/8.0-RELEASE and issued ezjail-admin install -h file:// it ran creating 3 jails, /usr/jails/basejail, /usr/jails/newjail, /usr/jails/flavours. This is not the same as copying the binaries from the host system. Next step is to ID directory names in the basejail and recreate basejail using the cpdup command to copy the host binaries. I see 2 questionable directories in the basejail, boot and rescue. Can I remove them from the basejail? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
some qs
=?ISO-8859-1?Q?M=E1rton_Sztriha?= : > I have some questions regarding free BSD. > > Can I run open office cross platform on BSD? /usr/ports/editors/openoffice.org-3 > Does BSD run the .exe files? Only unde emulation. > Does BSD recognise SATA drives? man 4 ata Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: some qs
Hi, > Can I run open office cross platform on BSD? Yes. > Does BSD run the .exe files? Some, via some emulators. If you install VMWare you can run a full Windows machine in FreeBSD. > Does BSD recognise SATA drives? Of course. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
some qs
Dear Developer, I have some questions regarding free BSD. Can I run open office cross platform on BSD? Does BSD run the .exe files? Does BSD recognise SATA drives? Thanks, m ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
> I am deciding for a good text editor (suggestions? Your opening the pandora box of flame war :) Emacs with no doubt, because I have been using it for over 20 years, over 3 major operating systems (Multics, DOS/Windows, all possible Unix and the like). So yes, I feel very at ease with Emacs and sheel uses the same CTRL/ESC sequences as Emacs :) Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
HEADSUP: Call for FreeBSD Status Reports - 1Q/2010
Dear all, I would like to remind you that the next round of status reports covering the first quarter of 2010 is due on April 15th, 2010. This initiative is very welcome in our community. Therefore, I would like to ask you to submit your status reports as soon as possible, so that we can compile the report on time. There is a lot of projects which are currently being worked on, so do not hesitate and write us a few lines - a short description about what you are working on, what are your plans and goals, so we can inform our community about your great work! Check out the reports from past to get some inspiration of what your submission should look like. If you know about a project that should be included in the status report, please let us know as well, so we can poke the responsible people to provide us with something useful. Updates to submissions from the last report are welcome too. Note that the submissions are accepted from anyone involved with the FreeBSD community, you do not have to be a FreeBSD committer. Submissions about anything related to FreeBSD are very welcome! Please email us the filled-in XML template to be found at http://www.freebsd.org/news/status/report-sample.xml to mont...@freebsd.org, or alternatively use our web based form located at http://www.freebsd.org/cgi/monthly.cgi. For more information, please visit http://www.freebsd.org/news/status/. We are looking forward to see your submissions! -- S pozdravom / Best regards Daniel Gerzo, FreeBSD committer ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ezjail
On 3/21/2010 8:21 PM, Aiza wrote: > Does the ip address notation for the jail include the port number? > Like 10.0.20.2:80 Nat port forwarding is the long way around just to get > the correct port number to the jail ip address. Nope, jails are assigned one (or more) specific IP addresses, but not specific port numbers. So if you don't have a separate public IP for your jail, you'll be relying on some sort of packet filter to redirect traffic to its private IP address. This isn't as big a deal as it may sound, especially if you're already using PF, which has built-in packet redirection capabilities that do not require you to run a separate NAT daemon. > I found the man ezjail-admin has this format > ezjail-admin install -h file:// Where -h file:// means get the > binaries from the host system the jails are running on. Am I correct? Yes, according to the man page. I haven't tried it yet myself, since I set up my basejail before this option was available. > My understanding of handbook section 15.6 Application of Jails > (service jails)is a copy of the host binaries is populated into the > basejail and all the other jails have read only access to it. Each guest > jail also has a read/write space for installing ports/packages unique to > that jail including /var /usr /etc. Am I correct? Is this how ezjail is > configured now? Yes, that's correct. -- Mark Shroyer http://markshroyer.com/contact/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
No sounds (beeps) no cpu fan no lights? At 06:00 p.m. 21/03/2010, you wrote: > Anybody got any ideas what the problem may be? I'm thinking possibly > the power on switch but that seems a long shot and there seems no easy > way to replace it. In the process of dis-assembling the machine and re-assembling is, you may want to use a rubber to clean the contacts on the RAM and various boards. I use one of those white rubbers for pencil, remeber to remove the dust before you put the card in the machine. While assembling the CPU do not forget the thermo paste between the CPU and the heat skin, do not over use it, a thin layer is enough. You can check the CPU by shorting the light green and light blue wires from the main connector (that would be 2nd and 4th from one end; but colour are always light green 2nd and light blue 4th so far I have seen), see if the fan on the power unit turn on. Be carefull, while this is only 2 or 3 volts, your are delaing with a unit connected to the main power. paper clip is a good way to do the test. Good luck, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
Hello. CPANEL is an interface , graphical, pro administering services (jailed usually) in servers. That way users can do almost anything with is virtual server. It is kind of popular and for what I have used is good. You open another question I was going to ask in the list. If all of you guys can comment the use of Freebsd in Graphical or text mode. In my case I have to confess that I do not know any GUI under Freebsd I have never installed one since version 2 since all the services I have used I guess do not need the GUI. With my latest installatio I was thinking on playing with X Windows but I decided for later. For general use what do you do? I know some of you use only or mainly FreeBSD. Always in text. I have done it for a while, I am not an expert like you at all but a few days could do my job only on text console. Now I am planing to return to my basics, developing and I am constructing a small machine for that . I will be doing simple thing, PHP, Python, Mysql and that's all. Still thinking what's more convenient if under text or GUI. (remember the good old days under HP300, fortran cobol, clipper, etc etc?) I am deciding for a good text editor (suggestions?) and maybe for testing will use and old PC with any flavor of Windows with any browser will be enoiough) Can some of you give me your comments and advice? Thanks Olivier and all for your time. Jorge Biquez At 07:07 p.m. 21/03/2010, you wrote: > Just curios I have a client that has a dedicated server using CPanel. > I am just curios that they are using Exim as the MTA . I imagine that > has an an advantage for using under CPanel. I never laid my hand on any Exim server, I don't even know what CPanel is. If it's a kind of GUI for Exim, I never use GUI on my servers, I strictly stick to an all text files politics: - I have a consistent GUI for all files, my usual text editor; - even from the other side of the world, throught a very slow connection (talking like 12kbps) I can do some administration; - I feel I have much more control on what is doing what, and where is everything. Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
> Just curios I have a client that has a dedicated server using CPanel. > I am just curios that they are using Exim as the MTA . I imagine that > has an an advantage for using under CPanel. I never laid my hand on any Exim server, I don't even know what CPanel is. If it's a kind of GUI for Exim, I never use GUI on my servers, I strictly stick to an all text files politics: - I have a consistent GUI for all files, my usual text editor; - even from the other side of the world, throught a very slow connection (talking like 12kbps) I can do some administration; - I feel I have much more control on what is doing what, and where is everything. Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
I installed that spammilter, run without problems. Thanks Just curios I have a client that has a dedicated server using CPanel. I am just curios that they are using Exim as the MTA . I imagine that has an an advantage for using under CPanel. Thanks for you time At 06:05 p.m. 21/03/2010, you wrote: > I said that I am not sure but that even > spamassin could be configured to run under send mail or if that does > not work that to move from sendmail to another could be the solution C > and not so difficult, like postfix. Of course it In the ports you have a thing called spammilter? that is just what you want. I beleive there are little things that you can do with POstfix that you coul dnot do with sendmail, only writting a filter for Postfix is way easier than writting a milter for sendmail, so that is why there are mor eready made Postfix filters than sendmail milters. Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ezjail
Mark Shroyer wrote: On 3/21/2010 1:10 AM, Aiza wrote: I don't have sources installed on my system. Just use the binary Freebsd-update function. At new releases I do a clean install. I only have a single public IP address. Now I would like to play with jails. One for postfix, apache, and ftp. My reading of EZJAIL and the jails section of the handbook lead me to believe I need a unique IP address for each jail. Is that correct? Yes. But if you have only one public IP address, you can give the jail a loopback interface with an address in 127.0.0/24 or one of the RFC 1918 private blocks (there's some debate as to which is the more "correct" type of address to use, but either will work), then use NAT if you need your jail to be able to access the Internet. If it helps you to reason about this, keep in mind that your jail does *not* have its own virtualized network stack, like with Solaris Zones for instance. The best way to think about your jails is as a group of processes running on the same operating system as the host, just with the restriction that (among other things) they can only communicate with the outside world using a limited subset of the IP addresses available to non-jailed processes. Does the ip address notation for the jail include the port number? Like 10.0.20.2:80 Nat port forwarding is the long way around just to get the correct port number to the jail ip address. I have no need to build world or install world because it does this from /usr/src which i don't install. Is there some EZJAIL option to just copy over the running system binaries instead of the sources? Until recently, the method for creating ezjail's "basejail" was to issue the "ezjail-admin update" command, which compiles the basejail from /usr/src. Just recently an "ezjail-admin install" command was added, which downloads binaries from a FreeBSD FTP server instead. So you shouldn't need sources to get started, however I'm not sure what the update mechanism is if you use the install command. I found the man ezjail-admin has this format ezjail-admin install -h file:// Where -h file:// means get the binaries from the host system the jails are running on. Am I correct? The handbook "15.4 Creating and Controlling Jails" talks about “complete” jails, which resemble a real FreeBSD system, and “service” jails, dedicated to one application or service. Section 15.4 is the procedure for building a "complete jail" using the jail command. The 15.6 Application of Jails (service jails) talks about creating a root skeleton containing the host running files which are shared with all the guest jails in read only mode. This eliminates the massive duplication of running system files in each jail as in the complete jail system talked about in handbook section "15.4 Creating and Controlling Jails". Now reading the ezjail man pages I see that ezjail also creates a base template that is shared between all jails. Is this the same method talked about in the handbook section 15.6 Application of Jails (service jail)? It's essentially the same approach. (With ezjail you'll still be duplicating binaries between the host system and the basejail, but I wouldn't loose sleep over it.) My understanding of handbook section 15.6 Application of Jails (service jails)is a copy of the host binaries is populated into the basejail and all the other jails have read only access to it. Each guest jail also has a read/write space for installing ports/packages unique to that jail including /var /usr /etc. Am I correct? Is this how ezjail is configured now? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
> I said that I am not sure but that even > spamassin could be configured to run under send mail or if that does > not work that to move from sendmail to another could be the solution > and not so difficult, like postfix. Of course it can. In the ports you have a thing called spammilter? that is just what you want. I beleive there are little things that you can do with POstfix that you coul dnot do with sendmail, only writting a filter for Postfix is way easier than writting a milter for sendmail, so that is why there are mor eready made Postfix filters than sendmail milters. Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
> Anybody got any ideas what the problem may be? I'm thinking possibly > the power on switch but that seems a long shot and there seems no easy > way to replace it. In the process of dis-assembling the machine and re-assembling is, you may want to use a rubber to clean the contacts on the RAM and various boards. I use one of those white rubbers for pencil, remeber to remove the dust before you put the card in the machine. While assembling the CPU do not forget the thermo paste between the CPU and the heat skin, do not over use it, a thin layer is enough. You can check the CPU by shorting the light green and light blue wires from the main connector (that would be 2nd and 4th from one end; but colour are always light green 2nd and light blue 4th so far I have seen), see if the fan on the power unit turn on. Be carefull, while this is only 2 or 3 volts, your are delaing with a unit connected to the main power. paper clip is a good way to do the test. Good luck, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
> Anybody got any ideas what the problem may be? I'm thinking possibly > the power on switch but that seems a long shot and there seems no easy > way to replace it. Check if teh power on button is not stucked in the pushed position, it happens on old cases that the plastic get old and dusty and the putton will not pop out as it should. And I came to some mother board that would not start is if the power button is pushed while the power cable is pluged in. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Spamassasin, sendmail, Postfix
> "Jorge" == Jorge Biquez writes: Jorge> I said that I am not sure but that even spamassin could be configured Jorge> to run under send mail or if that does not work that to move from Jorge> sendmail to another could be the solution and not so difficult, like Jorge> postfix. Am I wrong? could be that movement easy to do? I mean to move Jorge> from sendmail to postfix to be able to have spamassasin run. Or it is Jorge> better to have that solution (have mail server with spam filters) could Jorge> be get with some other mix of software and tools? (of course my linux Jorge> friend says that they have rpm's ready to solve that even when do not Jorge> know how it works, not interested in that) Once I discovered postfix, my opinion with sendmail is "never again!". Postfix has a readable config file (with comments!) that doesn't require "compiling" into the proper syntax. Postfix understands and plays well with things like content-filters, RBLs, dovecot (and others) for SSL. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ezjail
On 21/03/2010 21:53, Mark Shroyer wrote: > Until recently, the method for creating ezjail's "basejail" was to issue > the "ezjail-admin update" command, which compiles the basejail from > /usr/src. Just recently an "ezjail-admin install" command was added, > which downloads binaries from a FreeBSD FTP server instead. So you > shouldn't need sources to get started, however I'm not sure what the > update mechanism is if you use the install command. > > you can use ezjail-admin update -u which uses freebsd-update, for some reason this isnt in the manpage. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
Alejandro Imass wrote: On Sun, Mar 21, 2010 at 6:11 AM, Frank Shute wrote: Sorry if this is a bit off-topic. I came in the other day to find my workstation powered off. Hitting the power on button had no effect as did using another known working outlet. I checked all the cables and they seem attached. I thought my power supply must have died so I got another, screwed it in and again no joy - no sign of life. Anybody got any ideas what the problem may be? I'm thinking possibly the power on switch but that seems a long shot and there seems no easy way to replace it. I had this happen recently (BTW it was FBSD server ;-) )! I took _everything_ appart, and then assembled it little by little checking at each step. Incredibly it just workd after reseating the CPU, RAM, and re-connecting every single component. Also, I swapped components with a similar machine for testing which will help you test the components on a known-working machine. Good luck, Alejandro Imass My hardware: Antec Sonata case. Gigabyte board. Core 2 duo TIA, Regards, -- Aloha, Like Alejandro did two weeks ago I replaced a mobo that acted the same way. I took the old board apart one device at a time and it remained dead until I removed the CPU and and reseated it and up she came. This desktop is in an un-airconditioned house here in Hawaii and we get cool nights in the Winter months and warm days. Components walk out of the sockets I think from the temperature changes and corrosion from the tropic air. You may want to see if this is the problem. ~Al Plant - Honolulu, Hawaii - Phone: 808-284-2740 + http://hawaiidakine.com + http://freebsdinfo.org + + http://aloha50.net - Supporting - FreeBSD 7.2 - 8.0 - 9* + < email: n...@hdk5.net > "All that's really worth doing is what we do for others."- Lewis Carrol ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ezjail
Mark Shroyer wrote: > On 3/21/2010 1:10 AM, Aiza wrote: >> I don't have sources installed on my system. Just use the binary >> Freebsd-update function. At new releases I do a clean install. >> I only have a single public IP address. >> >> Now I would like to play with jails. One for postfix, apache, and ftp. >> My reading of EZJAIL and the jails section of the handbook lead me to >> believe I need a unique IP address for each jail. Is that correct? > > Yes. But if you have only one public IP address, you can give the jail > a loopback interface with an address in 127.0.0/24 or one of the RFC > 1918 private blocks (there's some debate as to which is the more > "correct" type of address to use, but either will work), then use NAT if > you need your jail to be able to access the Internet. > > If it helps you to reason about this, keep in mind that your jail does > *not* have its own virtualized network stack, like with Solaris Zones > for instance. The best way to think about your jails is as a group of > processes running on the same operating system as the host, just with > the restriction that (among other things) they can only communicate with > the outside world using a limited subset of the IP addresses available > to non-jailed processes. > You might find the below interesting. Only just begun reading/studying it myself. http://www.freebsd.org/releases/8.0R/relnotes-detailed.html#KERNEL [snip] -Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ezjail
On 3/21/2010 1:10 AM, Aiza wrote: > I don't have sources installed on my system. Just use the binary > Freebsd-update function. At new releases I do a clean install. > I only have a single public IP address. > > Now I would like to play with jails. One for postfix, apache, and ftp. > My reading of EZJAIL and the jails section of the handbook lead me to > believe I need a unique IP address for each jail. Is that correct? Yes. But if you have only one public IP address, you can give the jail a loopback interface with an address in 127.0.0/24 or one of the RFC 1918 private blocks (there's some debate as to which is the more "correct" type of address to use, but either will work), then use NAT if you need your jail to be able to access the Internet. If it helps you to reason about this, keep in mind that your jail does *not* have its own virtualized network stack, like with Solaris Zones for instance. The best way to think about your jails is as a group of processes running on the same operating system as the host, just with the restriction that (among other things) they can only communicate with the outside world using a limited subset of the IP addresses available to non-jailed processes. > I have no need to build world or install world because it does this from > /usr/src which i don't install. Is there some EZJAIL option to just copy > over the running system binaries instead of the sources? Until recently, the method for creating ezjail's "basejail" was to issue the "ezjail-admin update" command, which compiles the basejail from /usr/src. Just recently an "ezjail-admin install" command was added, which downloads binaries from a FreeBSD FTP server instead. So you shouldn't need sources to get started, however I'm not sure what the update mechanism is if you use the install command. > The handbook "15.4 Creating and Controlling Jails" talks about > “complete” jails, which resemble a real FreeBSD system, and “service” > jails, dedicated to one application or service. Section 15.4 is the > procedure for building a "complete jail" using the jail command. > > The 15.6 Application of Jails (service jails) talks about creating a > root skeleton containing the host running files which are shared with > all the guest jails in read only mode. This eliminates the massive > duplication of running system files in each jail as in the complete jail > system talked about in handbook section "15.4 Creating and Controlling > Jails". > > Now reading the ezjail man pages I see that ezjail also creates a base > template that is shared between all jails. Is this the same method > talked about in the handbook section 15.6 Application of Jails (service > jail)? It's essentially the same approach. (With ezjail you'll still be duplicating binaries between the host system and the basejail, but I wouldn't loose sleep over it.) -- Mark Shroyer http://markshroyer.com/contact/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Wireless access point rc.conf syntax in FreeBSD 8?
I have a wireless network card. But I can't configure it. I read in UPDATING that this had to do with some split up of the wireless drivers into software/hardware interfaces? Something to do with me having to clone the interface before I can configure it? There was no mention of this in the handbook wireless section that I saw. Anyway, I want to run it as an access point, not a client. The ral driver supports this, but I'm not sure on the rc.conf synax for creating an access point out of it. Could anyone point to some access-point-like examples? Thanks! -Modulok- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
On Sun 21 Mar 2010 at 11:26:55 PDT Frank Shute wrote: On Sun, Mar 21, 2010 at 09:08:44AM -0400, Lowell Gilbert wrote: Murphy never said anything about *when* things go wrong... But the swine said they *would* go wrong...;) Hey, don't shoot the messenger! On second thought, perhaps that would be an object lesson for Mr. Murphy, to let him know that sometimes things will go unexpectedly and undeservedly wrong for him too. ;-) Here's hoping your machine is easily and cheaply recoverable. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: shell script to cap first letter?
On Sun, Mar 21, 2010 at 10:16:22AM -0400, b. f. wrote: > >i'm wondering if there is a script that i could run my plaintext > >files thru that would capitalize thef first letter of each > >sentence [[ assuming the character wasn't already a cap!]] > > > >more and more, in recent years, i have posted questions or > >written things that have been sloppily or casually hacked > >together in all lower case. this filter would have to determine > >what was and was not a sentence. or a sentence fragment. > >[ai]spell can catch "i've" and suggest "I've", etc. > > You're asking a lot from a simple filter if you want it to > discriminate between uses of "." to terminate a sentence, and other > uses of "." that do not require the following word to be capitalized, > such as the use of "." in abbreviations -- a lot of fairly > sophisticated spelling and grammar checkers can fail to do this > reliably. But if you want a naive filter you could use textproc/gsed, > with the /U GNU extension (our BSD sed(1) doesn't understand it), > e.g.: > > gsed -e 's|\(\.[.[:space:].]\)\([a-z]\)|\1\U\2|g' > > or you could use BSD sed(1), together with a more cumbersome > capitalization script, like the cflword[12345].sed scripts at: > > http://sed.sourceforge.net/grabbag/scripts/#txfo > > Or you could use Perl. Or awk(1). Or script a [non-]interactive call > to a more sophisticated spelling or grammar checker. Or roll your own. > For questions like this, try searching the web first. > > b. given the sheer i.q. power ofthis list, i almost always ask here first rather thsan hunting for something this obscure. thanks for the url, tho. i'm pretty sure than *someone* has hacked every imagineable function in at least this universe. too bad that there are no web sites that have a library of them. gary -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org The 7.79a release of Jottings: http://jottings.thought.org/index.php ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Spamassasin, sendmail, Postfix
Hello all. I have been talking with a Linux guy (you know the never ending kind of war, my Linuxreligion is better than your Freebsdreligion, easier to install , upgrade blah blah blah). Anyway, talking about the best option for filtering spam and having an email solution for personal simple use (small office, 3-4 people) that sendmail could be the simples and the best option to follow, with some rules like spamcop, rbl , etc, could be fine. I said that I am not sure but that even spamassin could be configured to run under send mail or if that does not work that to move from sendmail to another could be the solution and not so difficult, like postfix. Am I wrong? could be that movement easy to do? I mean to move from sendmail to postfix to be able to have spamassasin run. Or it is better to have that solution (have mail server with spam filters) could be get with some other mix of software and tools? (of course my linux friend says that they have rpm's ready to solve that even when do not know how it works, not interested in that) Can you comment on your experience to accomplish this? Thank in advance and I am sorry if this sound too basic. Jorge Biquez ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sftp server with speed throttling
On 21/03/2010 13:53, Dan Naumov wrote: > What are my options if I want to run an sftp server with speed > throttling? My understanding is that openssh (which includes sftp) in > base does not support this directly, so I would have to either use a > custom kernel with ALTQ (and I would really rather stick to GENERIC so > I can use freebsd-update) which sounds like a bit too much > configuration work or pass sftp traffic through PF and throttle it > (ugly, would also affect ssh traffic). > > Are there any sftp servers with directly built-in functionality for > this? I just would to be able to set limits for upload speed globally > for the entire server and preferably to also be able to do speed > settings on a per-user basis. > A quick google indicates there are at least 2 sftp servers with this functionality, http://www.proftpd.org/docs/contrib/mod_sftp.html http://mysecureshell.sourceforge.net/en/index.html Proftpd with mod_sftp needs the proftp-devel port so I'm guessing its still in testing but at least its in ports. No idea about the mysecureshell program, its not in ports. I havent actually tried with of these so no idea how well they work, good luck. Vince > Thanks. > > - Sincerely, > Dan Naumov > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
On Sun, Mar 21, 2010 at 09:08:44AM -0400, Lowell Gilbert wrote: > > Frank Shute writes: > > > When I hit the power button I get nothing. None of the fans spin up > > and there's no sign of life. > > Well, that's not a *good* sign... ;-) > > > I'm beginning to think that I might be in for a new motherboard anyway :( > > I think you can safely conclude it isn't an OS problem, at any rate. Yep. FreeBSD doesn't even have a chance to get going! > > Don't try a new motherboard yet, though. > > If the system is critical and you're really desperate to get it back up > ASAP, I'd go with a whole brand-new system. That's to protect against > the possibility that the motherboard isn't the source of the problem, > in which case you could waste time fixing the wrong thing, and possibly > even damage a new motherboard before you recognize the real problem. No, it's not critical. I run 2 machines nowadays, the other tentatively a server but I keep X and associated progs on it up to date for scenarios like the present. > > If you can afford a little more time to isolate the trouble, try > disconnecting the power to the motherboard to make sure the power supply > starts up (I think someone else suggested this earlier, albeit for a > slightly more likely set of symptoms). If not, and if you have a > multimeter, make sure that there's voltage across the switch, and that > there isn't when the switch closes. The power supply should be good but the switch is a possibility so I'll test that. > > > Why do these things strike when you least need them? Damn Murphy and > > his stinking law! > > Murphy never said anything about *when* things go wrong... But the swine said they *would* go wrong...;) > > Sorry if I've gone overboard in following your jocular tone. I realize > that you might be feeling desperate by now, particularly if the machine > really is critical. > As I say, it's not critical but I'd like to get it going. There is always a bit of data on it which is missing on the server and besides that it's the machine that's tweaked to my preferences. Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sftp server with speed throttling
On 21/03/2010 13:53:16, Dan Naumov wrote: > What are my options if I want to run an sftp server with speed > throttling? My understanding is that openssh (which includes sftp) in > base does not support this directly, so I would have to either use a > custom kernel with ALTQ (and I would really rather stick to GENERIC so > I can use freebsd-update) which sounds like a bit too much > configuration work or pass sftp traffic through PF and throttle it > (ugly, would also affect ssh traffic). That's not an either-or. ALTQ is PF's traffic shaping mechanism. Unfortunately, yes, ALTQ needs to be compiled into the kernel rather than being loaded as a .ko. Also, PF cannot distinguish sftp traffic from other ssh traffic: all you can do is rate limit port 22 stuff. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: shell script to cap first letter?
>i'm wondering if there is a script that i could run my plaintext >files thru that would capitalize thef first letter of each >sentence [[ assuming the character wasn't already a cap!]] > >more and more, in recent years, i have posted questions or >written things that have been sloppily or casually hacked >together in all lower case. this filter would have to determine >what was and was not a sentence. or a sentence fragment. >[ai]spell can catch "i've" and suggest "I've", etc. You're asking a lot from a simple filter if you want it to discriminate between uses of "." to terminate a sentence, and other uses of "." that do not require the following word to be capitalized, such as the use of "." in abbreviations -- a lot of fairly sophisticated spelling and grammar checkers can fail to do this reliably. But if you want a naive filter you could use textproc/gsed, with the /U GNU extension (our BSD sed(1) doesn't understand it), e.g.: gsed -e 's|\(\.[.[:space:].]\)\([a-z]\)|\1\U\2|g' or you could use BSD sed(1), together with a more cumbersome capitalization script, like the cflword[12345].sed scripts at: http://sed.sourceforge.net/grabbag/scripts/#txfo Or you could use Perl. Or awk(1). Or script a [non-]interactive call to a more sophisticated spelling or grammar checker. Or roll your own. For questions like this, try searching the web first. b. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
sftp server with speed throttling
What are my options if I want to run an sftp server with speed throttling? My understanding is that openssh (which includes sftp) in base does not support this directly, so I would have to either use a custom kernel with ALTQ (and I would really rather stick to GENERIC so I can use freebsd-update) which sounds like a bit too much configuration work or pass sftp traffic through PF and throttle it (ugly, would also affect ssh traffic). Are there any sftp servers with directly built-in functionality for this? I just would to be able to set limits for upload speed globally for the entire server and preferably to also be able to do speed settings on a per-user basis. Thanks. - Sincerely, Dan Naumov ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
On March 21, 2010 08:24:15 am Frank Shute wrote: > On Sun, Mar 21, 2010 at 11:23:34AM +, Chris Whitehouse wrote: > > Frank Shute wrote: > > >Sorry if this is a bit off-topic. > > > > > >I came in the other day to find my workstation powered off. Hitting > > >the power on button had no effect as did using another known working > > >outlet. I checked all the cables and they seem attached. > > > > > >I thought my power supply must have died so I got another, screwed it > > >in and again no joy - no sign of life. > > > > > >Anybody got any ideas what the problem may be? I'm thinking possibly > > >the power on switch but that seems a long shot and there seems no easy > > >way to replace it. > > > > > >My hardware: > > > > > >Antec Sonata case. > > >Gigabyte board. > > >Core 2 duo > > > > > >TIA, > > > > > >Regards, > > > > When you press the power button does the cpu fan or the power supply fan > > spin for a moment then stop? That's a sign that something on or plugged > > in to the motherboard has blown. Unplug things and test again. > > When I hit the power button I get nothing. None of the fans spin up > and there's no sign of life. > > I'm beginning to think that I might be in for a new motherboard anyway :( > > Why do these things strike when you least need them? Damn Murphy and > his stinking law! > > > Regards, It sounds more like a dead power supply to me, if there is no sign of any activity at all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: AMD 64 X2 - Dual Core?
On Sat, Mar 20, 2010 at 4:35 PM, krad wrote: > I totally disagree with using the 32bit unless you have a specific > need or potentially if you are running it as a desktop. 64 everytime > for servers for loads of reasons. If you are running less than 4 gig > their is a fair chance you will in the next few years > I second Krad, though 64bit may use considerably more RAM in general, but the overall computing throughput is very much worth it. We use AMD 64 in all our HW for several years now and are _very happy_, both FBSD and Linux. Best, Alejandro Imass > On 3/20/10, Gene wrote: >> Hi - >> I just got a board with an AMD Athlon 64 X2 cpu. I was wondering - >> >> 1) Is the amd64 8.0 release the fbsd of choice here? >> >> and >> >> 2) Does it take advantage of the athlon's dual cores? >> >> Thanks, >> >> IHN, >> Gene >> >> -- >> To everything there is a season, >> And a time to every purpose under heaven. >> >> ___ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" >> > > -- > Sent from my mobile device > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
Frank Shute writes: > When I hit the power button I get nothing. None of the fans spin up > and there's no sign of life. Well, that's not a *good* sign... ;-) > I'm beginning to think that I might be in for a new motherboard anyway :( I think you can safely conclude it isn't an OS problem, at any rate. Don't try a new motherboard yet, though. If the system is critical and you're really desperate to get it back up ASAP, I'd go with a whole brand-new system. That's to protect against the possibility that the motherboard isn't the source of the problem, in which case you could waste time fixing the wrong thing, and possibly even damage a new motherboard before you recognize the real problem. If you can afford a little more time to isolate the trouble, try disconnecting the power to the motherboard to make sure the power supply starts up (I think someone else suggested this earlier, albeit for a slightly more likely set of symptoms). If not, and if you have a multimeter, make sure that there's voltage across the switch, and that there isn't when the switch closes. > Why do these things strike when you least need them? Damn Murphy and > his stinking law! Murphy never said anything about *when* things go wrong... Sorry if I've gone overboard in following your jocular tone. I realize that you might be feeling desperate by now, particularly if the machine really is critical. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
On Sun, Mar 21, 2010 at 6:11 AM, Frank Shute wrote: > Sorry if this is a bit off-topic. > > I came in the other day to find my workstation powered off. Hitting > the power on button had no effect as did using another known working > outlet. I checked all the cables and they seem attached. > > I thought my power supply must have died so I got another, screwed it > in and again no joy - no sign of life. > > Anybody got any ideas what the problem may be? I'm thinking possibly > the power on switch but that seems a long shot and there seems no easy > way to replace it. > I had this happen recently (BTW it was FBSD server ;-) )! I took _everything_ appart, and then assembled it little by little checking at each step. Incredibly it just workd after reseating the CPU, RAM, and re-connecting every single component. Also, I swapped components with a similar machine for testing which will help you test the components on a known-working machine. Good luck, Alejandro Imass > My hardware: > > Antec Sonata case. > Gigabyte board. > Core 2 duo > > TIA, > > Regards, > > -- > > Frank > > > Contact info: http://www.shute.org.uk/misc/contact.html > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
On Sun, Mar 21, 2010 at 11:23:34AM +, Chris Whitehouse wrote: > > Frank Shute wrote: > >Sorry if this is a bit off-topic. > > > >I came in the other day to find my workstation powered off. Hitting > >the power on button had no effect as did using another known working > >outlet. I checked all the cables and they seem attached. > > > >I thought my power supply must have died so I got another, screwed it > >in and again no joy - no sign of life. > > > >Anybody got any ideas what the problem may be? I'm thinking possibly > >the power on switch but that seems a long shot and there seems no easy > >way to replace it. > > > >My hardware: > > > >Antec Sonata case. > >Gigabyte board. > >Core 2 duo > > > >TIA, > > > >Regards, > > > > When you press the power button does the cpu fan or the power supply fan > spin for a moment then stop? That's a sign that something on or plugged > in to the motherboard has blown. Unplug things and test again. > When I hit the power button I get nothing. None of the fans spin up and there's no sign of life. I'm beginning to think that I might be in for a new motherboard anyway :( Why do these things strike when you least need them? Damn Murphy and his stinking law! Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
Frank Shute wrote: Sorry if this is a bit off-topic. I came in the other day to find my workstation powered off. Hitting the power on button had no effect as did using another known working outlet. I checked all the cables and they seem attached. I thought my power supply must have died so I got another, screwed it in and again no joy - no sign of life. Anybody got any ideas what the problem may be? I'm thinking possibly the power on switch but that seems a long shot and there seems no easy way to replace it. My hardware: Antec Sonata case. Gigabyte board. Core 2 duo TIA, Regards, When you press the power button does the cpu fan or the power supply fan spin for a moment then stop? That's a sign that something on or plugged in to the motherboard has blown. Unplug things and test again. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: KDE firefox integration
On Wednesday 10 March 2010 23:45:37 you wrote: > On 03/07/2010 12:29, Josh Paetzel wrote: > > On Sunday 07 March 2010 10:53:29 Anselm Strauss wrote: > >> On Sunday 07 March 2010 15:52:30 Josh Paetzel wrote: > >>> On Sunday 07 March 2010 08:13:53 Elias Chrysoheris wrote: > On Sunday 07 of March 2010 15:56:15 Anselm Strauss wrote: > > Hi, > > > > I noticed that in PC-BSD 8 firefox is nicely integrated into KDE. > > Anybody knows how to achieve this on FreeBSD 8? > > > > Anselm > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > > > "freebsd-questions-unsubscr...@freebsd.org" > > I believe you mean that you need KDE to open Firefox whenever you > click on a link. That's easy. From your KDE menu, open "System > Settings" (in the first tab, "favorites") > Then select "Default Applications". Then, in the left list of the > applications, choose "Web browser", and at the right part of the > screen choose the radio button "in the following browser" and in the > edit box enter the "/usr/local/bin/firefox3". Then apply the new > settings. > > Elias > >>> > >>> Another trick that PC-BSD useswhich might be more of what you are > >>> > >>> asking about is the installation of a port called > >>> x11-themes/gtk-qt4-engine This port allows gtk applications to be > >>> displayed using qt, which helps integrate the look of things like FF, > >>> Thunderbird, OOo with KDE. > >> > >> I already installed the gtk-qt4-engine, but it has some serious bugs. > >> Scroll bars are not painted, tab borders are painted at the wrong > >> position, etc. Could this be because I modified some of KDEs appearance > >> options? > > The gtk-qt4-engine works great here, not run into those problems you > describe. Check the gtk-qt4-engine configuration gui in KDE4's system > settings though, there is a fix you can enable to fix scrollbar issues. > > >> Are there any other integration tweaks, like icons, keyboard shortcuts, > >> file chooser dialog, ... ? > > We've not modified anything else like that, just standard stuff. > > >> Thanks, > >> Anselm > > Kris Moore > PC-BSD Software > http://www.pcbsd.com > I think I found a rather complete guide of firefox integration in KDE on: http://digitizor.com/2009/09/20/a-complete-guide-to-firefox-integration-in-kubuntu/ Unfortunately a lot of it is not working for me in FreeBSD 8. The gtk-qt4-engine stuff constantly produces high CPU usage after I close firefox. At least it does not crash or freeze. Also, I don't see any changes in fonts at all, and in the GUI when I already have enabled a KDE theme in firefox. When I enable the FlashGot plugin there is also a constant very high CPU usage after startup. And for the printing I can't find kprinter in KDE 4.3.5. For now, I will just use a KDE theme in firefox and enable the KDE file chooser dialog ... ;-( Thanks for the help, Anselm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: OT: dead box
The easiest way to check if its the power switch is detach the "PWR" switch connector from the mobo and briefly short the two pins. If the machine turns on its ure switch, however that is probably unlikely - Ive never seen it before at least. Check ure mobo for popped caps,... remove ure ram and cpu and clean all relevant connectors with compressed air. Disconnect everything not needed for the mobo to power up while ure at it. I had a workstation the other day that had a dead HDD that was preventing it from powering up, as soon as I removed the HDD the mobo powered up. On Sun, Mar 21, 2010 at 12:11 PM, Frank Shute wrote: > Sorry if this is a bit off-topic. > > I came in the other day to find my workstation powered off. Hitting > the power on button had no effect as did using another known working > outlet. I checked all the cables and they seem attached. > > I thought my power supply must have died so I got another, screwed it > in and again no joy - no sign of life. > > Anybody got any ideas what the problem may be? I'm thinking possibly > the power on switch but that seems a long shot and there seems no easy > way to replace it. > > My hardware: > > Antec Sonata case. > Gigabyte board. > Core 2 duo > > TIA, > > Regards, > > -- > > Frank > > > Contact info: http://www.shute.org.uk/misc/contact.html > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > -- "Opportunity is most often missed by people because it is dressed in overalls and looks like work." Thomas Alva Edison Inventor of 1093 patents, including: The light bulb, phonogram and motion pictures. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
OT: dead box
Sorry if this is a bit off-topic. I came in the other day to find my workstation powered off. Hitting the power on button had no effect as did using another known working outlet. I checked all the cables and they seem attached. I thought my power supply must have died so I got another, screwed it in and again no joy - no sign of life. Anybody got any ideas what the problem may be? I'm thinking possibly the power on switch but that seems a long shot and there seems no easy way to replace it. My hardware: Antec Sonata case. Gigabyte board. Core 2 duo TIA, Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Copying mirrored partitions - will this work?
On Sunday 21 March 2010, Modulok wrote: > On 3/20/10, Mike Clarke wrote: [snip] > > I have two 500GB disks, /dev/ad4 and /dev/ad8, each partitioned > > into 4 slices of 88, 88, 42 and 259GB. My system is installed on > > the first slices (ad4s1 and ad8s1) which are mirrored as > > /dev/mirror/gm0. The second slices (ad4s2 and ad8s2) are currently > > unused. My thoughts are to temporarily add ad4s2 into gm0 with > > "gmirror insert gm0 ad4s2" and wait for the mirror to synchronise. > > I should then be able to remove the temporary addition with > > "gmirror remove gm0 /dev/ad4s2" at which point ad4s2 should be a > > duplicate of the original system and I can then go ahead and create > > a new mirror with "gmirror label -b load gm1 ad4s2" and "gmirror > > insert gm1 ad8s2". After editing /etc/fstab in the new mirror to > > use gm1 instead of gm0 I should then be able to boot into the > > system on slice 2 and upgrade it to STABLE while still keeping my > > original system to fall back to if required. > How valuable is your data? In financial terms not very, but still valuable enough to not want to lose it. > I recommend you make an offline backup. Yes, I take regular backups but regard them as the "emergency parachute" and prefer to not put myself in a position where I'm doing something risky and the backup files are the only protection, so I'll be making additional backups anyway. > There's a lot of steps in > your procedure which introduce room for error. Yes, it's a bit of unknown territory for me but with 6 partitions on the slice it does require fewer potentially dangerous manual steps (like newfs or restore to the wrong device) so looks like an interesting experiment. > You could perhaps > disconnect one of the hard drive's data cable (same thing). Also, > make a backup copy of your geom meta data somewhere. That's a possibility to consider but would result in additional changes to the mirror configuration, something I'd prefer to keep to a minimum. -- Mike Clarke ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: securing sshd
On 21/03/10 02:27, Peter wrote: On the same line, portknocking with pf: Port knocking suck: If you have to knock a single time on the secret port you might just have no added security at all, could be that the port scanner first knocked on the secret port then on the ssh port. If you have to knock multiple times on the secret port, same thing, usually when you scan for open ports, multiple packets are sent in case of packet loss. You can't use timing between packets because this may change on the path. Yet you do need to implement timeouts to avoid a halfway knocked sequence. If you have to knock various ports, you can't rely on packets arriving in a particular sequence. And even if you did, the port scanner might just get that order right. If your secret is to knock port 1234 and then port 2345 nmap might do just that when scanning ports 0-1. And if the secret is the reverse order, again, nmap might just do that because multiple packets are sent to each port. If you require more than a single knock you have to monitor also for wrong knocks or a simple nmap scan may be just sufficient to expose your server as in the example above. A port knock or port knock sequence is a shared password that cannot be encrypted. Since there is no previous user identification the knocking is the same for all users. It's not encrypted because the secret is in the port number you knock. This is possibly the worst kind of secret you can manage. If you find yourself thinking you need port knocking, then your passwords are not strong enough. It is far better to use longer and more complex passwords: They are individual for each user and encrypted. Then you have the problem of monitoring established connections to flush the tables once a session is terminated. Port knocking adds complexity to your server, meaning more things can go wrong, and adding yet another attack vector for the intruder. Having a script to automatically update a live rule set is a recipe for disaster. It's as unuserfriendly and impractical as it gets: The more ports you have to knock the higher the probability that some packets will be filtered when you're behind somebody else's firewall. You can be most certain that you can't convince the admin of some corporate network to open up for your port knocking. Because of the build in stealth you have no way of knowing if packets are dropped or filtered. And the user will have to accept a delay for your port knocking script to update the rules. You add complexity for the user, now they have your special port knocking client, know the secret, on top of carrying around their private ssh keys etc. Port knocking suck at security: It does not solve a single existing problem but introduces a host of other problems. Use it at home for playing around and learning about protocols and stuff, but please don't give people the illusion that their security problems will be solved with port knocking. BR, Erik -- Erik Nørgaard Ph: +34.666334818/+34.915211157 http://www.locolomo.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"