Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Dave 
Hi...

I was trying to disable the console screensaver, and found that in 
sysinstall, there is no way to select "none" as an option.

So I went and edited /etc/rc.conf to comment out the line:-
Saver="fire" (or whatever it is)

I put a ; at the beginning of the line, and now FreeBSD wont come up, 
showing an error (unexpected ;) and leaving me with a # prompt.

How do I get to re-edit rc.conf, to correct the problem, as all command 
line commands result in a "not found" error.

Also.  What's the "Correct" way to disable a console screensaver?

Sysinstall alows you to select and enable one, but not remove it!

Bit of an oversight that I suspect

Regards.

Dave B.  (Chief numpty!)



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Port based VLAN

2010-12-22 Thread Indexer 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

I plan to make a FreeBSD based router sometime soon. I would like to be able to 
do port based vlanning on the router, so that a client computer that plugs into 
that socket is "dumb" to the vlans' existance.

IE

em0 - untagged
em1 - vlan 1
em2 - vlan 2

Is what i want to achieve (as a simple example). This way i can use unmanaged 
switches on em2, and all clients behind that are to the router on vlan2 

How does one go about this on freebsd. 

Thanks

William Brown

pgp.mit.edu



-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)

iQIcBAEBAgAGBQJNEd3DAAoJEHF16AnLoz6JT4gP+wX5ZTY4vnd+QfTHFTQLLUNs
g+UZfCUXxK0lb/6k0OCyLyoC1yMYt6fuFWshGEZpxrpxEDX0wb11tlU8P+QFJt9q
ETDCZQMX8merJSO4d2iKWJ0rcnc91FE8P+GcX6qc0uwHHCALoAyYgo1wSkxXZWkw
p5XJVnR/xhXMyk4A+xKxB37DNbTmWVxbj5z+K8sSPQnBRoje/t7IeAQQjUxe3oMV
G3h3uMc0lww2vjhZLpqs2yB6DLERZDTsoX7n0qRZ7ODTxE3DwDZGC8A/ZN8HtJxy
XKaAcTnH6mbncrowDDeL9i8cAzLb8Tay6WjQcRG2rXDFNrCj0lQ6FdZ7ePXVasp5
Q67kohgYbUjm1G1usV5eW0d/7H5vmavMrE018gHCJ4UdUCZqmt77TENBAtUkG9tf
cWoGzy2hwlC/Am8Nobo1saBQv+ChjCsMwNuq47PE4sU7LTPNPMX4GrP3iTCvrYjM
JwMb63F2v81eJX0EA88paPrqj/7swIppzOR3iVIuqh6yrWsnPwXVZ2iMBt8cNHh5
98TYp3K2sBxi8N8ehdeiQhCnNiNTsL/q/UU/Yo0VkQg24tj5KPNRNNhHme16BD9k
A8mS1pK+K8zZFklrm1yI0veYF/NFAEUduZ4ccn7q9swweulziaRNsWe6cWBMvs7M
MWGD68Ev0OXMgm4GCXwd
=bvpq
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Chris Rees 
Your PATH isn't set.

# fsck /
# mount -uw /
# /bin/sed -i.bak -e 's/^;//' /etc/rc.conf

Or (can't remember where des is kept)

# fsck /usr
# mount /usr
# /usr/bin/sed -i.bak -e 's/^;//' /etc/rc.conf

Good luck!

Chris



Sorry for top-posting, Android won't let me quote, but K-9 can't yet do
threading.
On 22 Dec 2010 11:01, "Dave"  wrote:
> Hi...
>
> I was trying to disable the console screensaver, and found that in
> sysinstall, there is no way to select "none" as an option.
>
> So I went and edited /etc/rc.conf to comment out the line:-
> Saver="fire" (or whatever it is)
>
> I put a ; at the beginning of the line, and now FreeBSD wont come up,
> showing an error (unexpected ;) and leaving me with a # prompt.
>
> How do I get to re-edit rc.conf, to correct the problem, as all command
> line commands result in a "not found" error.
>
> Also. What's the "Correct" way to disable a console screensaver?
>
> Sysinstall alows you to select and enable one, but not remove it!
>
> Bit of an oversight that I suspect
>
> Regards.
>
> Dave B. (Chief numpty!)
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Odhiambo Washington 
On Wed, Dec 22, 2010 at 2:27 PM, Chris Rees  wrote:

> Your PATH isn't set.
>
> # fsck /
> # mount -uw /
> # /bin/sed -i.bak -e 's/^;//' /etc/rc.conf
>
> Or (can't remember where des is kept)
>
> # fsck /usr
> # mount /usr
> # /usr/bin/sed -i.bak -e 's/^;//' /etc/rc.conf
>
>
For someone who asked a question like the OP, this is a too advanced to
understand.
"mount -u /" is almost enough unless he cold-booted the computer at some
point. Yes, it's safe to do fsck I agree.
Just tell the poster that it id necessary to edit /etc/rc.conf by doing xyz.



-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Damn!!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread b. f. 
dave wrote:
...
>I was trying to disable the console screensaver, and found that in
>sysinstall, there is no way to select "none" as an option.
>
>So I went and edited /etc/rc.conf to comment out the line:-
>Saver="fire" (or whatever it is)
>
>I put a ; at the beginning of the line, and now FreeBSD wont come up,
>showing an error (unexpected ;) and leaving me with a # prompt.
>
>How do I get to re-edit rc.conf, to correct the problem, as all command
>line commands result in a "not found" error.

You didn't provide much information, but probably what happened is
that your defective rc.conf caused an error when booting, and your
normal boot aborted and dropped into "single-user". This typically
means that some partitions that are mounted by default during a normal
boot and that contain editors and other programs are not initially
mounted.  So probably if you did something like:

fsck -p /
mount -uw /
swapon -a
mount -a

you could then edit /etc/rc.conf with your favorite editor. Or you
could just use sed, ed, or vi from /rescue, or from the release media,
to make the necessary changes, rather than attempting to mount all
partitions.

>
>Also.  What's the "Correct" way to disable a console screensaver?
>
>Sysinstall alows you to select and enable one, but not remove it!

On the fly, you can use vidcontrol -t ...

To change the default setting, comment out or delete the  "saver=..."
line, or change it to

saver="NO"

which is what is originally in /etc/defaults/rc.conf.

Sysinstall is only one tool you can use to install or configure the
system.  It's not necessary, and for minor changes like this, it's not
the method of choice.

b.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Erik Trulsson 
On Wed, Dec 22, 2010 at 11:01:10AM -, Dave wrote:
> Hi...
> 
> I was trying to disable the console screensaver, and found that in 
> sysinstall, there is no way to select "none" as an option.
> 
> So I went and edited /etc/rc.conf to comment out the line:-
> Saver="fire" (or whatever it is)
> 
> I put a ; at the beginning of the line, and now FreeBSD wont come up, 
> showing an error (unexpected ;) and leaving me with a # prompt.

To comment out a line in a shell script (which is what rc.conf actually
is) you should put a '#' at the beginning of the line, not a ';'.

> 
> How do I get to re-edit rc.conf, to correct the problem, as all command 
> line commands result in a "not found" error.
> 
> Also.  What's the "Correct" way to disable a console screensaver?

Changing rc.conf is the "Correct" way. If you do it by hand or use some
other tool (like sysinstall) to do it does not really matter.
Putting  'saver="NO"'  in rc.conf or not having and 'saver=' line
there will both do the same thing - not starting any screen saver.

> 
> Sysinstall alows you to select and enable one, but not remove it!
> 
> Bit of an oversight that I suspect

Probably. The shortcomings of sysinstall are many and varied, so one
more is not surprise.


-- 

Erik Trulsson
ertr1...@student.uu.se
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

do i need a dedicated ip address for https?

2010-12-22 Thread S Mathias 
http://help.godaddy.com/article/1054

"# Set up SSL protection on your website."

is it an inescapable requirement to have a dedicated [not fix] ip address, when 
i want to use ssl on my domain?

thank you

happy Christmas! :)


  
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Dave 
On 22 Dec 2010 at 11:41, b. f. wrote:

> dave wrote:
> ...
> >I was trying to disable the console screensaver, and found that in
> >sysinstall, there is no way to select "none" as an option.
> >
> >So I went and edited /etc/rc.conf to comment out the line:-
> >Saver="fire" (or whatever it is)
> >
> >I put a ; at the beginning of the line, and now FreeBSD wont come up,
> >showing an error (unexpected ;) and leaving me with a # prompt.
> >
> >How do I get to re-edit rc.conf, to correct the problem, as all
> >command line commands result in a "not found" error.
> 
> You didn't provide much information, but probably what happened is
> that your defective rc.conf caused an error when booting, and your
> normal boot aborted and dropped into "single-user". This typically
> means that some partitions that are mounted by default during a normal
> boot and that contain editors and other programs are not initially
> mounted.  So probably if you did something like:
> 
> fsck -p /
> mount -uw /
> swapon -a
> mount -a
> 
> you could then edit /etc/rc.conf with your favorite editor. Or you
> could just use sed, ed, or vi from /rescue, or from the release media,
> to make the necessary changes, rather than attempting to mount all
> partitions.
> 
> >
> >Also.  What's the "Correct" way to disable a console screensaver?
> >
> >Sysinstall alows you to select and enable one, but not remove it!
> 
> On the fly, you can use vidcontrol -t ...
> 
> To change the default setting, comment out or delete the  "saver=..."
> line, or change it to
> 
> saver="NO"
> 
> which is what is originally in /etc/defaults/rc.conf.
> 
> Sysinstall is only one tool you can use to install or configure the
> system.  It's not necessary, and for minor changes like this, it's not
> the method of choice.
> 
> b.
> 

Thank you Sir, it's back working again, with no screen saver.

Thank's also to others who responded, much apprecaited.

I'll be back later, now I can see the error messages that were hidden 
behind the saver when something burped, only becoming visible as the 
otherwise stalled machine shutdown on one short press of the power key..   
I just need to wait now for the trouble to manifest itself again.

Cheers All

Dave B.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: do i need a dedicated ip address for https?

2010-12-22 Thread c0re 
2010/12/22 S Mathias :
> http://help.godaddy.com/article/1054
>
> "# Set up SSL protection on your website."
>
> is it an inescapable requirement to have a dedicated [not fix] ip address, 
> when i want to use ssl on my domain?
>
> thank you
>
> happy Christmas! :)
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>

mod_gnutls can do 'Server Name Indication' and mod_ssl with apache_2.2
should do it too
https://issues.apache.org/bugzilla/show_bug.cgi?id=34607
http://svn.apache.org/viewvc?view=revision&revision=776281

But hoster may not use mod_gnutls or not recent version of apache, so
it may not support multiple ssl with single IP.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: do i need a dedicated ip address for https?

2010-12-22 Thread Laszlo Nagy 

On 2010-12-22 07:53, S Mathias wrote:

http://help.godaddy.com/article/1054

"# Set up SSL protection on your website."

is it an inescapable requirement to have a dedicated [not fix] ip address, when 
i want to use ssl on my domain?

Obviously, you cannot have a website without an IP address.
Another strict rule is that you can only use one SSL certificate per IP 
address + PORT. This is determined by the SSL protocol, and you cannot 
do anything to change it.


But there are possibilities. You can use different SSL certificates for 
the same ip address and different port numbers:


https://your_domain_1:4430
https://your_domain_2:4431

etc. (where your_domain_1 and your_domain_2 have the same IP, and you 
have different certificates from them).


You can also use many host names with the same IP address and port 
number, but they will have to share the same SSL certificate. It is not 
a problem, if they are subdomains, and you own a wildcard certificate. 
Example:


https://sub1.yourdomain.com
https://sub2.yourdomain.com
https://sub3.yourdomain.com

etc. (where you have a wildcard certificate for *.yourdomain.com)

And finally, it is possible to use different domains and the same port, 
without wildcard certificate or subdomains, but then all connecting 
clients will complain about the problem (e.g. certificate belongs to a 
domain that differs from the one you are connecting to.) For any serious 
projects, this is not recommended. You cannot expect customers sending 
you private information on a website that cannot identify itself...


Best,

   Laszlo

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: do i need a dedicated ip address for https?

2010-12-22 Thread Pieter de Goeje 
On Wednesday 22 December 2010 07:53:11 S Mathias wrote:
> is it an inescapable requirement to have a dedicated [not fix] ip address,
> when i want to use ssl on my domain?

It's only necessary if you want to use name based virtual hosts with a 
different SSL certificate for each virtual host. This is most likely the case 
on a shared hosting provider like godaddy.

The problem is that the clients set up the SSL connection before they send the 
HTTP request (which contains the name of the virtual host), so the server has 
no way of knowing which certificate it should present to the client.

> happy Christmas! :)
Happy Christmas indeed!

- Pieter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Bruce Cran 
On Wed, 22 Dec 2010 11:01:10 -
"Dave"  wrote:

> Sysinstall alows you to select and enable one, but not remove it!
> 
> Bit of an oversight that I suspect

Fixed in r216651 :)

-- 
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

FreeBSD crashes

2010-12-22 Thread Richard Morse 
Hi! A while back I wrote about some problems I was having with FreeBSD crashing 
randomly. I then disappeared for a while, due to a variety of issues, but I'm 
still having problems.

The computer in question is a general-purpose server -- it runs listservs, 
websites, databases (both MySQL and PostgreSQL), and Amanda to back up a few 
other computers. None of this is high volume -- load averages are all less than 
1.

It has two Intel Xeon processors, with a total of 16 virtual cpus. It runs 
FreeBSD 8.1, using the amd64 branch in order to access 12G of RAM. It has an 
Adaptec 5805 RAID card, and is using the Adaptec aac driver 2.2.9-17911 (which 
is also the flashed BIOS version), and has one array, which is a RAID 10 array. 
Note that I'm not using the aacu driver, but most of the crashes happened when 
I was.

Based on the randomness of the crashes, I suspect that it's a hardware problem. 
I have tried to enable core dumps, but it has never succeeded in actually 
writing one out -- it looks like it has a second crash when it tries to save 
the core. This leads me to suspect that it might be a problem with the RAID 
card, but I'm not sure.

Is there some way that I can use the information provided during the kernel 
panics to determine where the problem is? I have photographs of almost all of 
them. There are a few crashes that didn't result in kernel panics; instead 
there were a few gibberish characters (from the >128 ASCII codes) on the 
screen. I have pictures of these as well.

Thanks for any suggestions,
Ricky


The information in this e-mail is intended only for the person to whom it is
addressed. If you believe this e-mail was sent to you in error and the e-mail
contains patient information, please contact the Partners Compliance HelpLine at
http://www.partners.org/complianceline . If the e-mail was sent to you in error
but does not contain patient information, please contact the sender and properly
dispose of the e-mail.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Port based VLAN

2010-12-22 Thread Matthew Seaman 
On 22/12/2010 11:15, Indexer wrote:
> Hi,
> 
> I plan to make a FreeBSD based router sometime soon. I would like to be able 
> to do port based vlanning on the router, so that a client computer that plugs 
> into that socket is "dumb" to the vlans' existance.
> 
> IE
> 
> em0 - untagged
> em1 - vlan 1
> em2 - vlan 2
> 
> Is what i want to achieve (as a simple example). This way i can use unmanaged 
> switches on em2, and all clients behind that are to the router on vlan2
> 
> How does one go about this on freebsd.
> 

In /etc/rc.conf:

ifconfig_em1="up -vlanhwtag" # You may or may not want hwtag -- try both
vlans_em1="vlan1"
ifconfig_em2='up -vlanhwtag"
vlans_em2="vlan2"

create_args_vlan1="vlan 1"
ipv4_addrs_vlan1="192.168.12.34/24"

create_args_vlan2="vlan 2"
ipv4_addrs_vlan2="192.168.56.78/24"

The em0 i/f should be configured as usual.  This will create virtual
interfaces vlan1 and vlan2 which you can apply firewall rules to etc.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk   Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

DES Cipher

2010-12-22 Thread Mohammad Hedayati 
Can anyone please show me a sample code for ciphering using DES in FreeBSD?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DES Cipher

2010-12-22 Thread Anton Shterenlikht 
On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote:
> Can anyone please show me a sample code for ciphering using DES in FreeBSD?

bdes(1)?

% ls -al > zzz
% bdes < zzz > zzz.des
Enter key: 
%

-- 
Anton Shterenlikht
Room 2.6, Queen's Building
Mech Eng Dept
Bristol University
University Walk, Bristol BS8 1TR, UK
Tel: +44 (0)117 331 5944
Fax: +44 (0)117 929 4423
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DES Cipher

2010-12-22 Thread Matthew Seaman 
On 22/12/2010 14:20, Mohammad Hedayati wrote:
> Can anyone please show me a sample code for ciphering using DES in FreeBSD?

To encrypt, something like:

   openssl enc -e -des -in plaintext.txt -a -out encrypted.asc

Decrypt like so:

   openssl enc -d -dex -in encrypted.asc -a -out plaintext.txt

Note: completely untested.  You may well need to supply various extra
arguments to make it all work.  See 'openssl enc help' for hints.

Note 2: DES is pretty trivial to crack nowadays.  Don't use this for
anything serious.  You can encrypt using AES or any of a host of other
ciphers by using a very similar openssl command line.

Note 3: If you're actually after DES "encrypted" passwords, then see
crypt(3).  From the commandline you can use the Perl crypt function:
'perldoc -f crypt' for details.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
JID: matt...@infracaninophile.co.uk   Kent, CT11 9PW



signature.asc
Description: OpenPGP digital signature

Re: DES Cipher

2010-12-22 Thread Mohammad Hedayati 
On Wed, Dec 22, 2010 at 6:01 PM, Anton Shterenlikht  wrote:
> On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote:
>> Can anyone please show me a sample code for ciphering using DES in FreeBSD?
>
> bdes(1)?
>
> % ls -al > zzz
> % bdes < zzz > zzz.des
> Enter key:
> %
>
> --
> Anton Shterenlikht
> Room 2.6, Queen's Building
> Mech Eng Dept
> Bristol University
> University Walk, Bristol BS8 1TR, UK
> Tel: +44 (0)117 331 5944
> Fax: +44 (0)117 929 4423
>

no, des(3)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DES Cipher

2010-12-22 Thread Mike Tancsa 
On 12/22/2010 9:35 AM, Mohammad Hedayati wrote:
> On Wed, Dec 22, 2010 at 6:01 PM, Anton Shterenlikht  
> wrote:
>> On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote:
>>> Can anyone please show me a sample code for ciphering using DES in FreeBSD?
>>
>> bdes(1)?
>>
>> % ls -al > zzz
>> % bdes < zzz > zzz.des
>> Enter key:
>> %
>>
> 
> no, des(3)

/usr/src/crypto/openssl/crypto/des

---Mike




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Chris Brennan 
On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran  wrote:

> On Wed, 22 Dec 2010 11:01:10 -
> "Dave"  wrote:
>
> > Sysinstall alows you to select and enable one, but not remove it!
> >
> > Bit of an oversight that I suspect
>
> Fixed in r216651 :)
>


IIRC ';' isn't a valid bash comment ... (which has been previously discussed
elsewhere). It's usually safer to use '#' for  comment in /etc/rc.conf and
other system config files as they typically use BASH style structs.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Jerry 
On Wed, 22 Dec 2010 09:49:46 -0500
Chris Brennan  articulated:

> On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran  wrote:
> 
> > On Wed, 22 Dec 2010 11:01:10 -
> > "Dave"  wrote:
> >
> > > Sysinstall alows you to select and enable one, but not remove it!
> > >
> > > Bit of an oversight that I suspect
> >
> > Fixed in r216651 :)
> 
> IIRC ';' isn't a valid bash comment ... (which has been previously
> discussed elsewhere). It's usually safer to use '#' for  comment
> in /etc/rc.conf and other system config files as they typically use
> BASH style structs.

If you want to insert a really long comment block:

: << IMPORTANT

 mumble bla bla bla ...

IMPORTANT

You can pretty much put anything you want between the:
: << IMPORTANT
and
IMPORTANT

tags. You don't have to use "IMPORTANT" either. It works with
Bash; however, I am unsure of how it works with other shells. Unless
you have a really long comment block, I think the "#" syntax is easier
to use. Plus, I don't know if it would even work in an "rc" file.

-- 
Jerry ✌
freebsd.u...@seibercom.net

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
When taxes are due, Americans tend to feel quite bled-white and blue.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Port based VLAN

2010-12-22 Thread Nathan Vidican 
On Wed, Dec 22, 2010 at 9:17 AM, Matthew Seaman <
m.sea...@infracaninophile.co.uk> wrote:

> On 22/12/2010 11:15, Indexer wrote:
> > Hi,
> >
> > I plan to make a FreeBSD based router sometime soon. I would like to be
> able to do port based vlanning on the router, so that a client computer that
> plugs into that socket is "dumb" to the vlans' existance.
> >
> > IE
> >
> > em0 - untagged
> > em1 - vlan 1
> > em2 - vlan 2
> >
> > Is what i want to achieve (as a simple example). This way i can use
> unmanaged switches on em2, and all clients behind that are to the router on
> vlan2
> >
> > How does one go about this on freebsd.
> >
>
> In /etc/rc.conf:
>
> ifconfig_em1="up -vlanhwtag" # You may or may not want hwtag -- try both
> vlans_em1="vlan1"
> ifconfig_em2='up -vlanhwtag"
> vlans_em2="vlan2"
>
> create_args_vlan1="vlan 1"
> ipv4_addrs_vlan1="192.168.12.34/24"
>
> create_args_vlan2="vlan 2"
> ipv4_addrs_vlan2="192.168.56.78/24"
>
> The em0 i/f should be configured as usual.  This will create virtual
> interfaces vlan1 and vlan2 which you can apply firewall rules to etc.
>
>Cheers,
>
>Matthew
>
> --
> Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
>  Flat 3
> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
> JID: matt...@infracaninophile.co.uk   Kent, CT11 9PW
>
>
I do this exact thing, where a single server port attaches to the switch as
a trunk and carries multiple VLANS which are in-turn firewalled and routed
amongst one another, my rc.conf (the pertinent parts anyways) looks like
this:

gateway_enable="YES"
cloned_interfaces="vlan1 vlan190 vlan100 vlan200 vlan300 vlan400"
ifconfig_em0="up"
ifconfig_vlan1="up"
ifconfig_vlan190="inet X.X.190.1/28 vlan 190 vlandev em0"
ifconfig_vlan100="inet 10.0.1.1/26 vlan 100 vlandev em0"
ifconfig_vlan200="inet 10.0.2.254/24 vlan 200 vlandev em0"
ifconfig_vlan300="inet 10.0.3.254/24 vlan 300 vlandev em0"
ifconfig_vlan400="inet 10.0.4.1/28 vlan 4 vlandev em0"
firewall_enable="YES"

Within my rc.firewall, the interfaces are vlan1, vlan190, vlan100, etc...
the system sees each as if it were physically a different network card and
I'm able to route/filter traffic as such. Note: I did have to add vlan
support in my kernel for this, I'm using Intel 1000MT 1000BaseSX (fiber)
card to a Cisco Catalyst 2948 which in turn connects on the other side as a
trunked port.

-- 
Nathan Vidican
nat...@vidican.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Robert Bonomi 
> From owner-freebsd-questi...@freebsd.org  Wed Dec 22 05:01:28 2010
> From: "Dave" 
> To: freebsd-questions@freebsd.org
> Date: Wed, 22 Dec 2010 11:01:10 -
> Subject: Well, I broke it!   FreeBSD V8.1 release
>
> Hi...
>
> I was trying to disable the console screensaver, and found that in 
> sysinstall, there is no way to select "none" as an option.
>
> So I went and edited /etc/rc.conf to comment out the line:-
> Saver="fire" (or whatever it is)
>
> I put a ; at the beginning of the line, and now FreeBSD wont come up, 
> showing an error (unexpected ;) and leaving me with a # prompt.

It's rogt. you did wrong;.  Should have been a '#', not a ';'
>
> How do I get to re-edit rc.conf, to correct the problem, as all command 
> line commands result in a "not found" error.

  # fsck -p || fsck
  # mount -a
  # vi /etc/rc.conf{ or editor of your choice }
  # reboot

> Also.  What's the "Correct" way to disable a console screensaver?

 # vidcontrol -t off

see 'man splash'


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DES Cipher

2010-12-22 Thread Robert Bonomi 

> From owner-freebsd-questi...@freebsd.org  Wed Dec 22 08:22:15 2010
> From: Mohammad Hedayati 
> Date: Wed, 22 Dec 2010 17:50:19 +0330
> To: freebsd-questions@freebsd.org
> Subject: DES Cipher
>
> Can anyone please show me a sample code for ciphering using DES in FreeBSD?

I hate to say it, but RTFM applies.
'apropos encryption' gives, among other things (and first), a cite to bdes(1).

'bdes' is a program that comes with the FreeBSD distribution.
You have access to the source code of all of the distribution.

'Use the Souce, Luke" applies, and will bring the mountain to Mohammad. :)


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: DES Cipher

2010-12-22 Thread Mohammad Hedayati 
On Wed, Dec 22, 2010 at 7:33 PM, Robert Bonomi  wrote:
>
>> From owner-freebsd-questi...@freebsd.org  Wed Dec 22 08:22:15 2010
>> From: Mohammad Hedayati 
>> Date: Wed, 22 Dec 2010 17:50:19 +0330
>> To: freebsd-questions@freebsd.org
>> Subject: DES Cipher
>>
>> Can anyone please show me a sample code for ciphering using DES in FreeBSD?
>
> I hate to say it, but RTFM applies.
> 'apropos encryption' gives, among other things (and first), a cite to bdes(1).
>
> 'bdes' is a program that comes with the FreeBSD distribution.
> You have access to the source code of all of the distribution.
>
> 'Use the Souce, Luke" applies, and will bring the mountain to Mohammad. :)
>
>
>
Thanks Robert, I haven't seen a cite to bdes in the FM of des(3), but
the problem is solved using the source of bdes(1) [thanks to Antone].
The code would be as easy as:

#include 

int
main(int argc, char *argv[])
{
DES_key_schedule schedule;
DES_cblock key;
strncpy(key, "somekey", 8);

DES_set_key(&key, &schedule);

DES_cblock buf;
strncpy(buf, "sometxt", 8);

// Encrypting
DES_ecb_encrypt(&buf, &buf, &schedule, 0);  

// Decrypting
DES_ecb_encrypt(&buf, &buf, &schedule, 1);  
printf("Text Is: %s\n", buf);

return(0);
}
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Polytropon 
On Wed, 22 Dec 2010 09:54:02 -0600 (CST), Robert Bonomi 
 wrote:
> > From: "Dave" 
> > Also.  What's the "Correct" way to disable a console screensaver?
> 
>  # vidcontrol -t off
> 
> see 'man splash'

Also see /etc/defaults/rc.conf which states:

blanktime="300" # blank time (in seconds) or "NO" to turn it off.
saver="NO"  # screen saver: Uses /boot/kernel/${saver}_saver.ko


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Polytropon 
On Wed, 22 Dec 2010 09:49:46 -0500, Chris Brennan  wrote:
> On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran  wrote:
> 
> > On Wed, 22 Dec 2010 11:01:10 -
> > "Dave"  wrote:
> >
> > > Sysinstall alows you to select and enable one, but not remove it!
> > >
> > > Bit of an oversight that I suspect
> >
> > Fixed in r216651 :)
> >
> 
> 
> IIRC ';' isn't a valid bash comment ... (which has been previously discussed
> elsewhere). It's usually safer to use '#' for  comment in /etc/rc.conf and
> other system config files as they typically use BASH style structs.

Putting emphasize on _BA_sh seems to be a typical Linuxism. :-)

FreeBSD's standard scripting shell is the Bourne Shell, /bin/sh.
The Bourne Again Shell, bash, isn't even part of the FreeBSD
(base) system. Only under exceptional circumstances there
will be a /bin/bash.

As it has been pointed out, /etc/rc.conf is a shell script
(or to be correct: part of a shell script) that basically
consists of variable assignments, name="value". In this
context, ; has the default meaning in sh syntax - this
refers to Bourne Shell syntax.

The ; means "command separator". It is a valid syntactical
element of the "sh language". A command like

; saver="NO"

causes the shell to stop processing the script (which causes
the system boot to stop as it interrupts reading /etc/rc.conf,
which interrupts the start of /etc/rc). Infont of ; there
has to be a command, and in this case, nothing is there.

As the Bourne Shell is the standard scripting shell on most
UNIX systems, relying on bash specific constructs may have
impact to script portability (which may develop into an
issue if you have to create scripts that should run on many
different kinds of UNIX).

The form

: << DELIMITER
... pile ...
...  of  ...
... text ...
DELIMITER

is indirectly refered to in "man sh":

The following redirection is often called a ``here-document''.

  [n]<< delimiter
here-doc-text
...
  delimiter

All the text on successive lines up to the delimiter is saved away and
made available to the command on standard input, or file descriptor n if
it is specified.  If the delimiter as specified on the initial line is
quoted, then the here-doc-text is treated literally, otherwise the text
is subjected to parameter expansion, command substitution, and arithmetic
expansion (as described in the section on Word Expansions).  If the oper-
ator is ``<<-'' instead of ``<<'', then leading tabs in the here-doc-text
are stripped.

//

The option of specifying : as a file descriptor works with
the standard /bin/sh of FreeBSD, but I'm not sure this should
be encouraged for use in configuration files like /etc/rc.conf.

Using the form

# blah

is also better for use with syntax highlighting as comments
can be determined more easily, whereas the form using the "here-doc"
is primarily a "here-doc" and NOT a comment (unless directed
toward :).

>From "man sh":

The character `#' introduces a comment if used at the beginning of a
word.  The word starting with `#' and the rest of the line are ignored.

//

The use of # also makes sure there is NO kind of variable
expansion or arithmetic operation done - which you could
achieve using

: << 'DELIMITER'
... pile ...
...  of  ...
... text ...
$((the)) $USER `/bin/laden` ${causes `NO' touble here!
'DELIMITER'

but # is the really safe form, as you can write ANYTHING
behind it. Again, the form illustrated above could cause
some interpretation problems for syntax highlighting
algorithms.

See "man rc.conf" for details. :-)



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Jason Helfman 

On Wed, Dec 22, 2010 at 09:49:46AM -0500, Chris Brennan thus spake:

On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran  wrote:


On Wed, 22 Dec 2010 11:01:10 -
"Dave"  wrote:

> Sysinstall alows you to select and enable one, but not remove it!
>
> Bit of an oversight that I suspect

Fixed in r216651 :)




IIRC ';' isn't a valid bash comment ... (which has been previously discussed
elsewhere). It's usually safer to use '#' for  comment in /etc/rc.conf and
other system config files as they typically use BASH style structs.


IMHO...
It seems that /etc/rc.conf is in need of a sytax check script. Something
similiar to visudo for editing /usr/local/etc/sudoers.

-jgh
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

9 TB single device and zfs

2010-12-22 Thread Omer Faruk SEN 
Hi,

Is it suggested to create a zfs on a single 9 TB volume?  There is
hardware raid and I am thinking to enable write-back cache on that hw
based raid card.

Regards.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Rob Farmer 
On Wed, Dec 22, 2010 at 12:45, Jason Helfman  wrote:
> IMHO...
> It seems that /etc/rc.conf is in need of a sytax check script. Something
> similiar to visudo for editing /usr/local/etc/sudoers.
>

Just run it with /bin/sh. If no errors appear the syntax is good. Or
you can use /bin/sh -x to see more detail.

-- 
Rob Farmer
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Lowell Gilbert 
Jason Helfman  writes:

> On Wed, Dec 22, 2010 at 09:49:46AM -0500, Chris Brennan thus spake:
>>On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran  wrote:
>>
>>> On Wed, 22 Dec 2010 11:01:10 -
>>> "Dave"  wrote:
>>>
>>> > Sysinstall alows you to select and enable one, but not remove it!
>>> >
>>> > Bit of an oversight that I suspect
>>>
>>> Fixed in r216651 :)
>>>
>>
>>
>>IIRC ';' isn't a valid bash comment ... (which has been previously discussed
>>elsewhere). It's usually safer to use '#' for  comment in /etc/rc.conf and
>>other system config files as they typically use BASH style structs.
>
> IMHO...
> It seems that /etc/rc.conf is in need of a sytax check script. Something
> similiar to visudo for editing /usr/local/etc/sudoers.

Well, rc.conf isn't supposed to have anything but variable settings, so
for syntax alone, "/bin/sh /etc/rc.conf" is a perfectly fine test.  If
you want to check semantics as well, things get complicated very quickly.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: 9 TB single device and zfs

2010-12-22 Thread Adam Vande More 
On Wed, Dec 22, 2010 at 2:38 PM, Omer Faruk SEN  wrote:

> Is it suggested to create a zfs on a single 9 TB volume?


Depends on your need.  You really haven't provided enough info to give
advice ie how many disks do you have, what storage capacity do you need,
performance etc.  ZFS capability are better utilized when ZFS, and not the
storage controller is providing the raid/mirroring functionality, but this
has some drawbacks as well.


> There is
> hardware raid and I am thinking to enable write-back cache on that hw
> based raid card.
>

Raid-z/mirror stripes have some advantages over hw raid so you may wish to
grow your understanding of the differences before proceeding.  You should
also ensure your hardware correctly handles cache flush requests as a few
disks and some SSD's don't.  If the hardware makes false reports to ZFS, you
can experience different forms of pool corruption in a loss of power
situation.  You'll almost certainly want a BBU if you're going to go this
route.

http://www.solarisinternals.com/wiki/index.php/ZFS_Evil_Tuning_Guide


-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Well, I broke it! FreeBSD V8.1 release

2010-12-22 Thread Adam Vande More 
On Wed, Dec 22, 2010 at 3:08 PM, Lowell Gilbert <
freebsd-questions-lo...@be-well.ilk.org> wrote:

> Well, rc.conf isn't supposed to have anything but variable settings, so
> for syntax alone, "/bin/sh /etc/rc.conf" is a perfectly fine test.  If
> you want to check semantics as well, things get complicated very quickly.
>

rcorder(8) is a good starting point for basic semantic checking.

-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: do i need a dedicated ip address for https?

2010-12-22 Thread Michael J. Kearney 
No, I've done that  before I could get what's called a pointer record or 
reverse DNS for my mail server ... Register a domain and setup the DNS server. 
If the ip is dynamic you have to regularly update your DNS server.  The forward 
zones will work.  If you use openssl to generate your own ssl certificates ... 
(./configure --enable-so --enable-ssl) They wont be recognized by the 
certificate authority.

eg: https://mail.nvita.org

try it.



#   General setup for the virtual host
DocumentRoot "/usr/local/apache2/htdocs"
ServerName mail.nvita.org:443
ServerAdmin mkear...@nvita.org
UseCanonicalName On
ProxyVia Off
ProxyPreserveHost On
ProxyPass /owa !
ProxyPass / http://192.168.0.3:99/owa/
ProxyPassReverse / http://mail.nvita.org:99/owa/
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"




___
From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] 
On Behalf Of c0re [nr1c...@gmail.com]
Sent: Wednesday, December 22, 2010 7:37 AM
To: freebsd-questions@freebsd.org
Subject: Re: do i need a dedicated ip address for https?

2010/12/22 S Mathias :
> http://help.godaddy.com/article/1054
>
> "# Set up SSL protection on your website."
>
> is it an inescapable requirement to have a dedicated [not fix] ip address, 
> when i want to use ssl on my domain?
>
> thank you
>
> happy Christmas! :)
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
>

mod_gnutls can do 'Server Name Indication' and mod_ssl with apache_2.2
should do it too
https://issues.apache.org/bugzilla/show_bug.cgi?id=34607
http://svn.apache.org/viewvc?view=revision&revision=776281

But hoster may not use mod_gnutls or not recent version of apache, so
it may not support multiple ssl with single IP.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Strange error

2010-12-22 Thread Steven Friedrich 
On Sunday 19 December 2010 12:57:39 pm Jack Raats wrote:
> I have a strange error.
> 
> Normally when you compile the complete system, the first line of /etc/motd
> is being adjusted telling you the time and version you just compiled. On
> one server this is not being done.
> What is the problem. Which programm adjust the motd file when compiling?
> 
> Thanks
> 
> Jack
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscr...@freebsd.org"

If anyone else responded, I may have deleted it while scanning mail too 
quickly. 8o)

motd isn't updated during compile. It's updated during boot.  If you don't 
reboot the machine, it doesn't get updated.

There is also a line you can include in rc.conf to disable the update. Search 
for motd in /etc/defaults/rc.conf for motd.
-- 
System Name: laptop2.StevenFriedrich.org
Hardware:2.80GHz Intel Pentium 4 (HTT) with 2 GB memory
OS version:  FreeBSD 8.1-RELEASE-p2 i386 (5.1 MB kernel)
Window Manager(s):   kde4-4.5.4 
X Window System: xorg-7.5X.Org X Server 1.7.5

FreeBSD Audio Driver (newpcm: 32bit 2009061500/i386)
Installed devices:
pcm0:  (play/rec) default
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Which network driver for RTL8211 or 8201 NIC's?

2010-12-22 Thread Mike Clarke 

I need to replace a failing motherboard. I'm aiming to keep the existing 
Athlon CPU so I'm tied down to to a socket AM2(+) board and the 
majority of those available seem to have nForce 630a chipsets and 
RTL8211CL or 8201EL NIC's which aren't explicitly mentioned in the 
release notes 
. I see 
that the strings RTL8211C(L) and RTL8201L (but not EL) appear 
in /usr/src/sys/dev/rgephy.c and rlphy.c but the man page for the rl 
driver only mentions RealTek 8129/8139 and I'm not sure which driver is 
built from rgephy.c.

Am I going to have problems if I get a motherboard with one of these 
NIC's?

-- 
Mike Clarke
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

what's wrong?

2010-12-22 Thread Neil Short 
Hopefully this will work. I attached a text file of my dmesg. After boot, I 
start getting ACPI errors. Here's an excerpt.


Root mount waiting for: usbus1
ugen1.3:  at usbus1
Trying to mount root from ufs:/dev/ad4s1a
wlan0: Ethernet address: c4:17:fe:24:04:eb
wlan0: link state changed to UP
ACPI Error: No object attached to node 0xff000168a840 
(20100331/exresnte-211)
ACPI Error (uteval-0318): Method execution failed [\\_SB_.BAT0._UID] (Node 
0xff000168a840), AE_AML_NO_OPERAND
ACPI Error: No object attached to node 0xff000168a840 
(20100331/exresnte-211)
ACPI Error (uteval-0318): Method execution failed [\\_SB_.BAT0._UID] (Node 
0xff000168a840), AE_AML_NO_OPERAND\

==

 "What did you do?" the man holding the flashlight asked.

 "I put down a spider," he said, wondering why the man didn't see; in the beam 
of yellow light the spider bloated up larger than life. "So it could get away."


  Copyright (c) 1992-2010 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.1-STABLE #2: Wed Oct 13 20:48:24 MST 2010
nesh...@carmen:/usr/obj/usr/src/sys/CARMEN amd64
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Core(TM) i3 CPU   M 330  @ 2.13GHz (2127.92-MHz K8-class CPU)
  Origin = "GenuineIntel"  Id = 0x20652  Family = 6  Model = 25  Stepping = 2
  
Features=0xbfebfbff
  
Features2=0x98e3bd
  AMD Features=0x28000800
  AMD Features2=0x1
  TSC: P-state invariant
real memory  = 4294967296 (4096 MB)
avail memory = 3892662272 (3712 MB)
ACPI APIC Table: 
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 SMT threads
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  4
 cpu3 (AP): APIC ID:  5
ioapic0: Changing APIC ID to 2
ioapic0  irqs 0-23 on motherboard
kbd1 at kbdmux0
acpi0:  on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
acpi_hpet0:  iomem 0xfed0-0xfed003ff on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 900
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
cpu0:  on acpi0
cpu1:  on acpi0
cpu2:  on acpi0
cpu3:  on acpi0
acpi_ec0:  port 0x62,0x66 on acpi0
acpi_button0:  on acpi0
acpi_lid0:  on acpi0
acpi_button1:  on acpi0
battery0:  on acpi0
acpi_acad0:  on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
vgapci0:  port 0x6050-0x6057 mem 
0xd000-0xd03f,0xc000-0xcfff irq 16 at device 2.0 on pci0
agp0:  on vgapci0
agp0: detected 32764k stolen memory
agp0: aperture size is 256M
pci0:  at device 22.0 (no driver attached)
ehci0:  mem 0xd8405c00-0xd8405fff irq 16 at 
device 26.0 on pci0
ehci0: [ITHREAD]
usbus0: EHCI version 1.0
usbus0:  on ehci0
hdac0:  mem 0xd840-0xd8403fff 
irq 22 at device 27.0 on pci0
hdac0: HDA Driver Revision: 20100226_0142
hdac0: [ITHREAD]
pcib1:  at device 28.0 on pci0
pci1:  on pcib1
pcib2:  at device 28.1 on pci0
pci2:  on pcib2
ath0:  mem 0xd640-0xd640 irq 17 at device 0.0 on pci2
ath0: [ITHREAD]
ath0: AR9285 mac 192.2 RF5133 phy 14.0
pcib3:  at device 28.2 on pci0
pci3:  on pcib3
re0:  port 0x3000-0x30ff 
mem 0xd2404000-0xd2404fff,0xd240-0xd2403fff irq 18 at device 0.0 on pci3
re0: Using 1 MSI messages
re0: Chip rev. 0x2400
re0: MAC rev. 0x
re0: Unknown H/W revision: 0x2400
device_attach: re0 attach returned 6
pci3:  at device 0.1 (no driver attached)
pci3:  at device 0.2 (no driver attached)
pcib4:  at device 28.3 on pci0
pci4:  on pcib4
ehci1:  mem 0xd8405800-0xd8405bff irq 20 at 
device 29.0 on pci0
ehci1: [ITHREAD]
usbus1: EHCI version 1.0
usbus1:  on ehci1
pcib5:  at device 30.0 on pci0
pci7:  on pcib5
isab0:  at device 31.0 on pci0
isa0:  on isab0
atapci0:  port 
0x6048-0x604f,0x605c-0x605f,0x6040-0x6047,0x6058-0x605b,0x6020-0x603f mem 
0xd8405000-0xd84057ff irq 21 at device 31.2 on pci0
atapci0: [ITHREAD]
atapci0: AHCI called from vendor specific driver
atapci0: AHCI v1.30 controller with 4 3Gbps ports, PM not supported
ata2:  on atapci0
ata2: [ITHREAD]
ata3:  on atapci0
ata3: [ITHREAD]
ata4:  on atapci0
ata4: [ITHREAD]
pci0:  at device 31.3 (no driver attached)
pci0:  at device 31.6 (no driver attached)
pcib6:  on acpi0
pci127:  on pcib6
acpi_tz0:  on acpi0
atrtc0:  port 0x70-0x77 irq 8 on acpi0
atrtc0: Warning: Couldn't map I/O.
atkbdc0:  port 0x60,0x64 irq 1 on acpi0
atkbd0:  irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
psm0:  irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: [ITHREAD]
psm0: model GlidePoint, device ID 0
sc0:  at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0:  at port 0x3c0-0x3df iomem 0xa-0xb on isa0
ppc0: cannot reserve I/O port range
est0:  on cpu0
p4tcc0:  on cpu0
est1:  on cpu1
p4tcc1:  on cpu1
est2:  on cpu2
p4tcc2:  on cpu2
est3:  on cpu3
p4tcc3:  on cp

Re: A jail with a dash in its name

2010-12-22 Thread Leon Meßner 
On Tue, Dec 21, 2010 at 11:31:42PM +0100, Christer Solskogen wrote:
> On Tue, Dec 21, 2010 at 9:26 PM, Matthew Seaman
>  wrote:
> 
> > Of course, there's no problem with using the form 'forest-friend' on the
> > RHS of any assignments, so long as it's properly quoted, of course.
> >
> 
> Thanks for all your help!
> I chose to remove all hyphens instead.

I use ezjail and have jails with hyphens. Everything works fine there.

salut,
Leon
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Nullfs Allows Jailbreaking

2010-12-22 Thread Jason C. Wells 
Here is my file system scheme for a newly created jail as viewed from 
the host:


/usr/jail/template on /usr/jail/f1 (nullfs, local, read-only)
/usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local)
/usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local)
/usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local)
/usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local)

As viewed from the jail:

/usr/jail/template on / (nullfs, local, read-only)

I like the idea of using a template for multiple jails that I plan to 
use later.  I like the ide of mounting the template read only.  I had to 
splice in the other nullfs filesystems so that things that need to be 
read-write can be.


But it seems kinda funky.  Inside the jail it looks like EVERYTHING is 
read-only and you have no way of knowing that /tmp is actually 
read-write.  There seems to be a violation of the segregation going on here.


What pitfalls can you see in a file system scheme like this for my 
jails?  Is the above behavior by design or did I find a flaw?


Thanks,
Jason
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Nullfs Allows Jailbreaking

2010-12-22 Thread Adam Vande More 
On Wed, Dec 22, 2010 at 8:56 PM, Jason C. Wells  wrote:

> I like the idea of using a template for multiple jails that I plan to use
> later.  I like the ide of mounting the template read only.  I had to splice
> in the other nullfs filesystems so that things that need to be read-write
> can be.
>
> But it seems kinda funky.  Inside the jail it looks like EVERYTHING is
> read-only and you have no way of knowing that /tmp is actually read-write.
>  There seems to be a violation of the segregation going on here.
>
> What pitfalls can you see in a file system scheme like this for my jails?
>  Is the above behavior by design or did I find a flaw?
>

I think you're reinventing the wheel.  The sysutils/ezjail already handles
this gracefully in addition to many other features.   For reference ezjail
creates a layout like this:

/usr/jails/www.example.com.device on /usr/jails/www.example.com (ufs, local,
soft-updates)
/usr/jails/basejail on /usr/jails/www.example.com/basejail (nullfs, local,
read-only)
devfs on /usr/jails/www.example.com/dev (devfs, local, multilabel)

>From inside the jail you see:

/usr/jails/www.example.com.device on / (ufs, local, soft-updates)

-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Nullfs Allows Jailbreaking

2010-12-22 Thread Chad Leigh -- Shire.Net LLC 

On Dec 22, 2010, at 7:56 PM, Jason C. Wells wrote:

> Here is my file system scheme for a newly created jail as viewed from the 
> host:
> 
> /usr/jail/template on /usr/jail/f1 (nullfs, local, read-only)
> /usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local)
> /usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local)
> /usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local)
> /usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local)
> 
> As viewed from the jail:
> 
> /usr/jail/template on / (nullfs, local, read-only)
> 
> I like the idea of using a template for multiple jails that I plan to use 
> later.  I like the ide of mounting the template read only.  I had to splice 
> in the other nullfs filesystems so that things that need to be read-write can 
> be.
> 
> But it seems kinda funky.  Inside the jail it looks like EVERYTHING is 
> read-only and you have no way of knowing that /tmp is actually read-write.  
> There seems to be a violation of the segregation going on here.
> 
> What pitfalls can you see in a file system scheme like this for my jails?  Is 
> the above behavior by design or did I find a flaw?



I have been doing this for years with great success.   I don't understand your 
question.   How does it look like everything is read only from inside the jail? 
 The fact that a "df" only shows the root filesystem and not all your others 
file systems? (assuming that is still the truth -- my jails do this on older 
FBSD systems)


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Nullfs Allows Jailbreaking

2010-12-22 Thread Jason C. Wells 

On 12/22/10 19:00, Chad Leigh -- Shire.Net LLC wrote:

I have been doing this for years with great success.   I don't understand your question.  
 How does it look like everything is read only from inside the jail?  The fact that a 
"df" only shows the root filesystem and not all your others file systems? 
(assuming that is still the truth -- my jails do this on older FBSD systems
Your report of great success is encouraging.  I've never done this and 
sometimes you don't see the full consequences when you haven't done 
something before.


I think you understand my question.  It's the fact that mount(8) report 
read only. If you looked at that, you would conclude that you had no 
write access at all.  Well, I set up the jail, so I can see behind the 
curtain.  A downstream user that never saw behind the curtain wouldn't 
know where they could write a file unless they simply guessed.


That is why I asked about jailbreaking.  There is information crossing 
the jail in a mysterious way.  The jail reports that everything under 
root is read only, but the jail can still see the read-writeness of the 
invisible (to mount) null filesystems.


From the sound of it, this is expected behavior.

Regards,
Jason C. Wells
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Laptop with external monitor, how to make it work

2010-12-22 Thread Leslie Jensen 


I'm looking for a description on how to make the switching between 
monitors work. In my case it's the key combination Fn + F8 on a Dell 
Latitude E6500.


Any help appreciated :-)

Thanks

/Leslie
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"