Well, I broke it! FreeBSD V8.1 release
Hi... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. Also. What's the Correct way to disable a console screensaver? Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Regards. Dave B. (Chief numpty!) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Port based VLAN
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I plan to make a FreeBSD based router sometime soon. I would like to be able to do port based vlanning on the router, so that a client computer that plugs into that socket is dumb to the vlans' existance. IE em0 - untagged em1 - vlan 1 em2 - vlan 2 Is what i want to achieve (as a simple example). This way i can use unmanaged switches on em2, and all clients behind that are to the router on vlan2 How does one go about this on freebsd. Thanks William Brown pgp.mit.edu -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQIcBAEBAgAGBQJNEd3DAAoJEHF16AnLoz6JT4gP+wX5ZTY4vnd+QfTHFTQLLUNs g+UZfCUXxK0lb/6k0OCyLyoC1yMYt6fuFWshGEZpxrpxEDX0wb11tlU8P+QFJt9q ETDCZQMX8merJSO4d2iKWJ0rcnc91FE8P+GcX6qc0uwHHCALoAyYgo1wSkxXZWkw p5XJVnR/xhXMyk4A+xKxB37DNbTmWVxbj5z+K8sSPQnBRoje/t7IeAQQjUxe3oMV G3h3uMc0lww2vjhZLpqs2yB6DLERZDTsoX7n0qRZ7ODTxE3DwDZGC8A/ZN8HtJxy XKaAcTnH6mbncrowDDeL9i8cAzLb8Tay6WjQcRG2rXDFNrCj0lQ6FdZ7ePXVasp5 Q67kohgYbUjm1G1usV5eW0d/7H5vmavMrE018gHCJ4UdUCZqmt77TENBAtUkG9tf cWoGzy2hwlC/Am8Nobo1saBQv+ChjCsMwNuq47PE4sU7LTPNPMX4GrP3iTCvrYjM JwMb63F2v81eJX0EA88paPrqj/7swIppzOR3iVIuqh6yrWsnPwXVZ2iMBt8cNHh5 98TYp3K2sBxi8N8ehdeiQhCnNiNTsL/q/UU/Yo0VkQg24tj5KPNRNNhHme16BD9k A8mS1pK+K8zZFklrm1yI0veYF/NFAEUduZ4ccn7q9swweulziaRNsWe6cWBMvs7M MWGD68Ev0OXMgm4GCXwd =bvpq -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
Your PATH isn't set. # fsck / # mount -uw / # /bin/sed -i.bak -e 's/^;//' /etc/rc.conf Or (can't remember where des is kept) # fsck /usr # mount /usr # /usr/bin/sed -i.bak -e 's/^;//' /etc/rc.conf Good luck! Chris Sorry for top-posting, Android won't let me quote, but K-9 can't yet do threading. On 22 Dec 2010 11:01, Dave d...@g8kbv.demon.co.uk wrote: Hi... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. Also. What's the Correct way to disable a console screensaver? Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Regards. Dave B. (Chief numpty!) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 2:27 PM, Chris Rees utis...@gmail.com wrote: Your PATH isn't set. # fsck / # mount -uw / # /bin/sed -i.bak -e 's/^;//' /etc/rc.conf Or (can't remember where des is kept) # fsck /usr # mount /usr # /usr/bin/sed -i.bak -e 's/^;//' /etc/rc.conf For someone who asked a question like the OP, this is a too advanced to understand. mount -u / is almost enough unless he cold-booted the computer at some point. Yes, it's safe to do fsck I agree. Just tell the poster that it id necessary to edit /etc/rc.conf by doing xyz. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
dave wrote: ... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. You didn't provide much information, but probably what happened is that your defective rc.conf caused an error when booting, and your normal boot aborted and dropped into single-user. This typically means that some partitions that are mounted by default during a normal boot and that contain editors and other programs are not initially mounted. So probably if you did something like: fsck -p / mount -uw / swapon -a mount -a you could then edit /etc/rc.conf with your favorite editor. Or you could just use sed, ed, or vi from /rescue, or from the release media, to make the necessary changes, rather than attempting to mount all partitions. Also. What's the Correct way to disable a console screensaver? Sysinstall alows you to select and enable one, but not remove it! On the fly, you can use vidcontrol -t ... To change the default setting, comment out or delete the saver=... line, or change it to saver=NO which is what is originally in /etc/defaults/rc.conf. Sysinstall is only one tool you can use to install or configure the system. It's not necessary, and for minor changes like this, it's not the method of choice. b. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 11:01:10AM -, Dave wrote: Hi... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. To comment out a line in a shell script (which is what rc.conf actually is) you should put a '#' at the beginning of the line, not a ';'. How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. Also. What's the Correct way to disable a console screensaver? Changing rc.conf is the Correct way. If you do it by hand or use some other tool (like sysinstall) to do it does not really matter. Putting 'saver=NO' in rc.conf or not having and 'saver=' line there will both do the same thing - not starting any screen saver. Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Probably. The shortcomings of sysinstall are many and varied, so one more is not surprise. -- Insert your favourite quote here. Erik Trulsson ertr1...@student.uu.se ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
do i need a dedicated ip address for https?
http://help.godaddy.com/article/1054 # Set up SSL protection on your website. is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? thank you happy Christmas! :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On 22 Dec 2010 at 11:41, b. f. wrote: dave wrote: ... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. You didn't provide much information, but probably what happened is that your defective rc.conf caused an error when booting, and your normal boot aborted and dropped into single-user. This typically means that some partitions that are mounted by default during a normal boot and that contain editors and other programs are not initially mounted. So probably if you did something like: fsck -p / mount -uw / swapon -a mount -a you could then edit /etc/rc.conf with your favorite editor. Or you could just use sed, ed, or vi from /rescue, or from the release media, to make the necessary changes, rather than attempting to mount all partitions. Also. What's the Correct way to disable a console screensaver? Sysinstall alows you to select and enable one, but not remove it! On the fly, you can use vidcontrol -t ... To change the default setting, comment out or delete the saver=... line, or change it to saver=NO which is what is originally in /etc/defaults/rc.conf. Sysinstall is only one tool you can use to install or configure the system. It's not necessary, and for minor changes like this, it's not the method of choice. b. Thank you Sir, it's back working again, with no screen saver. Thank's also to others who responded, much apprecaited. I'll be back later, now I can see the error messages that were hidden behind the saver when something burped, only becoming visible as the otherwise stalled machine shutdown on one short press of the power key.. I just need to wait now for the trouble to manifest itself again. Cheers All Dave B. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: do i need a dedicated ip address for https?
2010/12/22 S Mathias smathias1...@yahoo.com: http://help.godaddy.com/article/1054 # Set up SSL protection on your website. is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? thank you happy Christmas! :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org mod_gnutls can do 'Server Name Indication' and mod_ssl with apache_2.2 should do it too https://issues.apache.org/bugzilla/show_bug.cgi?id=34607 http://svn.apache.org/viewvc?view=revisionrevision=776281 But hoster may not use mod_gnutls or not recent version of apache, so it may not support multiple ssl with single IP. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: do i need a dedicated ip address for https?
On 2010-12-22 07:53, S Mathias wrote: http://help.godaddy.com/article/1054 # Set up SSL protection on your website. is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? Obviously, you cannot have a website without an IP address. Another strict rule is that you can only use one SSL certificate per IP address + PORT. This is determined by the SSL protocol, and you cannot do anything to change it. But there are possibilities. You can use different SSL certificates for the same ip address and different port numbers: https://your_domain_1:4430 https://your_domain_2:4431 etc. (where your_domain_1 and your_domain_2 have the same IP, and you have different certificates from them). You can also use many host names with the same IP address and port number, but they will have to share the same SSL certificate. It is not a problem, if they are subdomains, and you own a wildcard certificate. Example: https://sub1.yourdomain.com https://sub2.yourdomain.com https://sub3.yourdomain.com etc. (where you have a wildcard certificate for *.yourdomain.com) And finally, it is possible to use different domains and the same port, without wildcard certificate or subdomains, but then all connecting clients will complain about the problem (e.g. certificate belongs to a domain that differs from the one you are connecting to.) For any serious projects, this is not recommended. You cannot expect customers sending you private information on a website that cannot identify itself... Best, Laszlo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: do i need a dedicated ip address for https?
On Wednesday 22 December 2010 07:53:11 S Mathias wrote: is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? It's only necessary if you want to use name based virtual hosts with a different SSL certificate for each virtual host. This is most likely the case on a shared hosting provider like godaddy. The problem is that the clients set up the SSL connection before they send the HTTP request (which contains the name of the virtual host), so the server has no way of knowing which certificate it should present to the client. happy Christmas! :) Happy Christmas indeed! - Pieter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD crashes
Hi! A while back I wrote about some problems I was having with FreeBSD crashing randomly. I then disappeared for a while, due to a variety of issues, but I'm still having problems. The computer in question is a general-purpose server -- it runs listservs, websites, databases (both MySQL and PostgreSQL), and Amanda to back up a few other computers. None of this is high volume -- load averages are all less than 1. It has two Intel Xeon processors, with a total of 16 virtual cpus. It runs FreeBSD 8.1, using the amd64 branch in order to access 12G of RAM. It has an Adaptec 5805 RAID card, and is using the Adaptec aac driver 2.2.9-17911 (which is also the flashed BIOS version), and has one array, which is a RAID 10 array. Note that I'm not using the aacu driver, but most of the crashes happened when I was. Based on the randomness of the crashes, I suspect that it's a hardware problem. I have tried to enable core dumps, but it has never succeeded in actually writing one out -- it looks like it has a second crash when it tries to save the core. This leads me to suspect that it might be a problem with the RAID card, but I'm not sure. Is there some way that I can use the information provided during the kernel panics to determine where the problem is? I have photographs of almost all of them. There are a few crashes that didn't result in kernel panics; instead there were a few gibberish characters (from the 128 ASCII codes) on the screen. I have pictures of these as well. Thanks for any suggestions, Ricky The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Port based VLAN
On 22/12/2010 11:15, Indexer wrote: Hi, I plan to make a FreeBSD based router sometime soon. I would like to be able to do port based vlanning on the router, so that a client computer that plugs into that socket is dumb to the vlans' existance. IE em0 - untagged em1 - vlan 1 em2 - vlan 2 Is what i want to achieve (as a simple example). This way i can use unmanaged switches on em2, and all clients behind that are to the router on vlan2 How does one go about this on freebsd. In /etc/rc.conf: ifconfig_em1=up -vlanhwtag # You may or may not want hwtag -- try both vlans_em1=vlan1 ifconfig_em2='up -vlanhwtag vlans_em2=vlan2 create_args_vlan1=vlan 1 ipv4_addrs_vlan1=192.168.12.34/24 create_args_vlan2=vlan 2 ipv4_addrs_vlan2=192.168.56.78/24 The em0 i/f should be configured as usual. This will create virtual interfaces vlan1 and vlan2 which you can apply firewall rules to etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
DES Cipher
Can anyone please show me a sample code for ciphering using DES in FreeBSD? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DES Cipher
On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote: Can anyone please show me a sample code for ciphering using DES in FreeBSD? bdes(1)? % ls -al zzz % bdes zzz zzz.des Enter key: % -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DES Cipher
On 22/12/2010 14:20, Mohammad Hedayati wrote: Can anyone please show me a sample code for ciphering using DES in FreeBSD? To encrypt, something like: openssl enc -e -des -in plaintext.txt -a -out encrypted.asc Decrypt like so: openssl enc -d -dex -in encrypted.asc -a -out plaintext.txt Note: completely untested. You may well need to supply various extra arguments to make it all work. See 'openssl enc help' for hints. Note 2: DES is pretty trivial to crack nowadays. Don't use this for anything serious. You can encrypt using AES or any of a host of other ciphers by using a very similar openssl command line. Note 3: If you're actually after DES encrypted passwords, then see crypt(3). From the commandline you can use the Perl crypt function: 'perldoc -f crypt' for details. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: DES Cipher
On Wed, Dec 22, 2010 at 6:01 PM, Anton Shterenlikht me...@bristol.ac.uk wrote: On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote: Can anyone please show me a sample code for ciphering using DES in FreeBSD? bdes(1)? % ls -al zzz % bdes zzz zzz.des Enter key: % -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423 no, des(3) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DES Cipher
On 12/22/2010 9:35 AM, Mohammad Hedayati wrote: On Wed, Dec 22, 2010 at 6:01 PM, Anton Shterenlikht me...@bristol.ac.uk wrote: On Wed, Dec 22, 2010 at 05:50:19PM +0330, Mohammad Hedayati wrote: Can anyone please show me a sample code for ciphering using DES in FreeBSD? bdes(1)? % ls -al zzz % bdes zzz zzz.des Enter key: % no, des(3) /usr/src/crypto/openssl/crypto/des ---Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran br...@cran.org.uk wrote: On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) IIRC ';' isn't a valid bash comment ... (which has been previously discussed elsewhere). It's usually safer to use '#' for comment in /etc/rc.conf and other system config files as they typically use BASH style structs. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, 22 Dec 2010 09:49:46 -0500 Chris Brennan xa...@xaerolimit.net articulated: On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran br...@cran.org.uk wrote: On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) IIRC ';' isn't a valid bash comment ... (which has been previously discussed elsewhere). It's usually safer to use '#' for comment in /etc/rc.conf and other system config files as they typically use BASH style structs. If you want to insert a really long comment block: : IMPORTANT mumble bla bla bla ... IMPORTANT You can pretty much put anything you want between the: : IMPORTANT and IMPORTANT tags. You don't have to use IMPORTANT either. It works with Bash; however, I am unsure of how it works with other shells. Unless you have a really long comment block, I think the # syntax is easier to use. Plus, I don't know if it would even work in an rc file. -- Jerry ✌ freebsd.u...@seibercom.net Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ When taxes are due, Americans tend to feel quite bled-white and blue. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Port based VLAN
On Wed, Dec 22, 2010 at 9:17 AM, Matthew Seaman m.sea...@infracaninophile.co.uk wrote: On 22/12/2010 11:15, Indexer wrote: Hi, I plan to make a FreeBSD based router sometime soon. I would like to be able to do port based vlanning on the router, so that a client computer that plugs into that socket is dumb to the vlans' existance. IE em0 - untagged em1 - vlan 1 em2 - vlan 2 Is what i want to achieve (as a simple example). This way i can use unmanaged switches on em2, and all clients behind that are to the router on vlan2 How does one go about this on freebsd. In /etc/rc.conf: ifconfig_em1=up -vlanhwtag # You may or may not want hwtag -- try both vlans_em1=vlan1 ifconfig_em2='up -vlanhwtag vlans_em2=vlan2 create_args_vlan1=vlan 1 ipv4_addrs_vlan1=192.168.12.34/24 create_args_vlan2=vlan 2 ipv4_addrs_vlan2=192.168.56.78/24 The em0 i/f should be configured as usual. This will create virtual interfaces vlan1 and vlan2 which you can apply firewall rules to etc. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW I do this exact thing, where a single server port attaches to the switch as a trunk and carries multiple VLANS which are in-turn firewalled and routed amongst one another, my rc.conf (the pertinent parts anyways) looks like this: gateway_enable=YES cloned_interfaces=vlan1 vlan190 vlan100 vlan200 vlan300 vlan400 ifconfig_em0=up ifconfig_vlan1=up ifconfig_vlan190=inet X.X.190.1/28 vlan 190 vlandev em0 ifconfig_vlan100=inet 10.0.1.1/26 vlan 100 vlandev em0 ifconfig_vlan200=inet 10.0.2.254/24 vlan 200 vlandev em0 ifconfig_vlan300=inet 10.0.3.254/24 vlan 300 vlandev em0 ifconfig_vlan400=inet 10.0.4.1/28 vlan 4 vlandev em0 firewall_enable=YES Within my rc.firewall, the interfaces are vlan1, vlan190, vlan100, etc... the system sees each as if it were physically a different network card and I'm able to route/filter traffic as such. Note: I did have to add vlan support in my kernel for this, I'm using Intel 1000MT 1000BaseSX (fiber) card to a Cisco Catalyst 2948 which in turn connects on the other side as a trunked port. -- Nathan Vidican nat...@vidican.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
From owner-freebsd-questi...@freebsd.org Wed Dec 22 05:01:28 2010 From: Dave d...@g8kbv.demon.co.uk To: freebsd-questions@freebsd.org Date: Wed, 22 Dec 2010 11:01:10 - Subject: Well, I broke it! FreeBSD V8.1 release Hi... I was trying to disable the console screensaver, and found that in sysinstall, there is no way to select none as an option. So I went and edited /etc/rc.conf to comment out the line:- Saver=fire (or whatever it is) I put a ; at the beginning of the line, and now FreeBSD wont come up, showing an error (unexpected ;) and leaving me with a # prompt. It's rogt. you did wrong;. Should have been a '#', not a ';' How do I get to re-edit rc.conf, to correct the problem, as all command line commands result in a not found error. # fsck -p || fsck # mount -a # vi /etc/rc.conf{ or editor of your choice } # reboot Also. What's the Correct way to disable a console screensaver? # vidcontrol -t off see 'man splash' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DES Cipher
From owner-freebsd-questi...@freebsd.org Wed Dec 22 08:22:15 2010 From: Mohammad Hedayati hedayati...@gmail.com Date: Wed, 22 Dec 2010 17:50:19 +0330 To: freebsd-questions@freebsd.org Subject: DES Cipher Can anyone please show me a sample code for ciphering using DES in FreeBSD? I hate to say it, but RTFM applies. 'apropos encryption' gives, among other things (and first), a cite to bdes(1). 'bdes' is a program that comes with the FreeBSD distribution. You have access to the source code of all of the distribution. 'Use the Souce, Luke applies, and will bring the mountain to Mohammad. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DES Cipher
On Wed, Dec 22, 2010 at 7:33 PM, Robert Bonomi bon...@mail.r-bonomi.com wrote: From owner-freebsd-questi...@freebsd.org Wed Dec 22 08:22:15 2010 From: Mohammad Hedayati hedayati...@gmail.com Date: Wed, 22 Dec 2010 17:50:19 +0330 To: freebsd-questions@freebsd.org Subject: DES Cipher Can anyone please show me a sample code for ciphering using DES in FreeBSD? I hate to say it, but RTFM applies. 'apropos encryption' gives, among other things (and first), a cite to bdes(1). 'bdes' is a program that comes with the FreeBSD distribution. You have access to the source code of all of the distribution. 'Use the Souce, Luke applies, and will bring the mountain to Mohammad. :) Thanks Robert, I haven't seen a cite to bdes in the FM of des(3), but the problem is solved using the source of bdes(1) [thanks to Antone]. The code would be as easy as: #include openssl/des.h int main(int argc, char *argv[]) { DES_key_schedule schedule; DES_cblock key; strncpy(key, somekey, 8); DES_set_key(key, schedule); DES_cblock buf; strncpy(buf, sometxt, 8); // Encrypting DES_ecb_encrypt(buf, buf, schedule, 0); // Decrypting DES_ecb_encrypt(buf, buf, schedule, 1); printf(Text Is: %s\n, buf); return(0); } ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, 22 Dec 2010 09:54:02 -0600 (CST), Robert Bonomi bon...@mail.r-bonomi.com wrote: From: Dave d...@g8kbv.demon.co.uk Also. What's the Correct way to disable a console screensaver? # vidcontrol -t off see 'man splash' Also see /etc/defaults/rc.conf which states: blanktime=300 # blank time (in seconds) or NO to turn it off. saver=NO # screen saver: Uses /boot/kernel/${saver}_saver.ko -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, 22 Dec 2010 09:49:46 -0500, Chris Brennan xa...@xaerolimit.net wrote: On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran br...@cran.org.uk wrote: On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) IIRC ';' isn't a valid bash comment ... (which has been previously discussed elsewhere). It's usually safer to use '#' for comment in /etc/rc.conf and other system config files as they typically use BASH style structs. Putting emphasize on _BA_sh seems to be a typical Linuxism. :-) FreeBSD's standard scripting shell is the Bourne Shell, /bin/sh. The Bourne Again Shell, bash, isn't even part of the FreeBSD (base) system. Only under exceptional circumstances there will be a /bin/bash. As it has been pointed out, /etc/rc.conf is a shell script (or to be correct: part of a shell script) that basically consists of variable assignments, name=value. In this context, ; has the default meaning in sh syntax - this refers to Bourne Shell syntax. The ; means command separator. It is a valid syntactical element of the sh language. A command like ; saver=NO causes the shell to stop processing the script (which causes the system boot to stop as it interrupts reading /etc/rc.conf, which interrupts the start of /etc/rc). Infont of ; there has to be a command, and in this case, nothing is there. As the Bourne Shell is the standard scripting shell on most UNIX systems, relying on bash specific constructs may have impact to script portability (which may develop into an issue if you have to create scripts that should run on many different kinds of UNIX). The form : DELIMITER ... pile ... ... of ... ... text ... DELIMITER is indirectly refered to in man sh: The following redirection is often called a ``here-document''. [n] delimiter here-doc-text ... delimiter All the text on successive lines up to the delimiter is saved away and made available to the command on standard input, or file descriptor n if it is specified. If the delimiter as specified on the initial line is quoted, then the here-doc-text is treated literally, otherwise the text is subjected to parameter expansion, command substitution, and arithmetic expansion (as described in the section on Word Expansions). If the oper- ator is ``-'' instead of ``'', then leading tabs in the here-doc-text are stripped. // The option of specifying : as a file descriptor works with the standard /bin/sh of FreeBSD, but I'm not sure this should be encouraged for use in configuration files like /etc/rc.conf. Using the form # blah is also better for use with syntax highlighting as comments can be determined more easily, whereas the form using the here-doc is primarily a here-doc and NOT a comment (unless directed toward :). From man sh: The character `#' introduces a comment if used at the beginning of a word. The word starting with `#' and the rest of the line are ignored. // The use of # also makes sure there is NO kind of variable expansion or arithmetic operation done - which you could achieve using : 'DELIMITER' ... pile ... ... of ... ... text ... $((the)) $USER `/bin/laden` ${causes `NO' touble here! 'DELIMITER' but # is the really safe form, as you can write ANYTHING behind it. Again, the form illustrated above could cause some interpretation problems for syntax highlighting algorithms. See man rc.conf for details. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 09:49:46AM -0500, Chris Brennan thus spake: On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran br...@cran.org.uk wrote: On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) IIRC ';' isn't a valid bash comment ... (which has been previously discussed elsewhere). It's usually safer to use '#' for comment in /etc/rc.conf and other system config files as they typically use BASH style structs. IMHO... It seems that /etc/rc.conf is in need of a sytax check script. Something similiar to visudo for editing /usr/local/etc/sudoers. -jgh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
9 TB single device and zfs
Hi, Is it suggested to create a zfs on a single 9 TB volume? There is hardware raid and I am thinking to enable write-back cache on that hw based raid card. Regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 12:45, Jason Helfman jhelf...@e-e.com wrote: IMHO... It seems that /etc/rc.conf is in need of a sytax check script. Something similiar to visudo for editing /usr/local/etc/sudoers. Just run it with /bin/sh. If no errors appear the syntax is good. Or you can use /bin/sh -x to see more detail. -- Rob Farmer ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
Jason Helfman jhelf...@e-e.com writes: On Wed, Dec 22, 2010 at 09:49:46AM -0500, Chris Brennan thus spake: On Wed, Dec 22, 2010 at 8:07 AM, Bruce Cran br...@cran.org.uk wrote: On Wed, 22 Dec 2010 11:01:10 - Dave d...@g8kbv.demon.co.uk wrote: Sysinstall alows you to select and enable one, but not remove it! Bit of an oversight that I suspect Fixed in r216651 :) IIRC ';' isn't a valid bash comment ... (which has been previously discussed elsewhere). It's usually safer to use '#' for comment in /etc/rc.conf and other system config files as they typically use BASH style structs. IMHO... It seems that /etc/rc.conf is in need of a sytax check script. Something similiar to visudo for editing /usr/local/etc/sudoers. Well, rc.conf isn't supposed to have anything but variable settings, so for syntax alone, /bin/sh /etc/rc.conf is a perfectly fine test. If you want to check semantics as well, things get complicated very quickly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9 TB single device and zfs
On Wed, Dec 22, 2010 at 2:38 PM, Omer Faruk SEN omerf...@gmail.com wrote: Is it suggested to create a zfs on a single 9 TB volume? Depends on your need. You really haven't provided enough info to give advice ie how many disks do you have, what storage capacity do you need, performance etc. ZFS capability are better utilized when ZFS, and not the storage controller is providing the raid/mirroring functionality, but this has some drawbacks as well. There is hardware raid and I am thinking to enable write-back cache on that hw based raid card. Raid-z/mirror stripes have some advantages over hw raid so you may wish to grow your understanding of the differences before proceeding. You should also ensure your hardware correctly handles cache flush requests as a few disks and some SSD's don't. If the hardware makes false reports to ZFS, you can experience different forms of pool corruption in a loss of power situation. You'll almost certainly want a BBU if you're going to go this route. http://www.solarisinternals.com/wiki/index.php/ZFS_Evil_Tuning_Guide -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Well, I broke it! FreeBSD V8.1 release
On Wed, Dec 22, 2010 at 3:08 PM, Lowell Gilbert freebsd-questions-lo...@be-well.ilk.org wrote: Well, rc.conf isn't supposed to have anything but variable settings, so for syntax alone, /bin/sh /etc/rc.conf is a perfectly fine test. If you want to check semantics as well, things get complicated very quickly. rcorder(8) is a good starting point for basic semantic checking. -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: do i need a dedicated ip address for https?
No, I've done that before I could get what's called a pointer record or reverse DNS for my mail server ... Register a domain and setup the DNS server. If the ip is dynamic you have to regularly update your DNS server. The forward zones will work. If you use openssl to generate your own ssl certificates ... (./configure --enable-so --enable-ssl) They wont be recognized by the certificate authority. eg: https://mail.nvita.org try it. VirtualHost _default_:443 # General setup for the virtual host DocumentRoot /usr/local/apache2/htdocs ServerName mail.nvita.org:443 ServerAdmin mkear...@nvita.org UseCanonicalName On ProxyVia Off ProxyPreserveHost On ProxyPass /owa ! ProxyPass / http://192.168.0.3:99/owa/ ProxyPassReverse / http://mail.nvita.org:99/owa/ ErrorLog /usr/local/apache2/logs/error_log TransferLog /usr/local/apache2/logs/access_log ___ From: owner-freebsd-questi...@freebsd.org [owner-freebsd-questi...@freebsd.org] On Behalf Of c0re [nr1c...@gmail.com] Sent: Wednesday, December 22, 2010 7:37 AM To: freebsd-questions@freebsd.org Subject: Re: do i need a dedicated ip address for https? 2010/12/22 S Mathias smathias1...@yahoo.com: http://help.godaddy.com/article/1054 # Set up SSL protection on your website. is it an inescapable requirement to have a dedicated [not fix] ip address, when i want to use ssl on my domain? thank you happy Christmas! :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org mod_gnutls can do 'Server Name Indication' and mod_ssl with apache_2.2 should do it too https://issues.apache.org/bugzilla/show_bug.cgi?id=34607 http://svn.apache.org/viewvc?view=revisionrevision=776281 But hoster may not use mod_gnutls or not recent version of apache, so it may not support multiple ssl with single IP. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Strange error
On Sunday 19 December 2010 12:57:39 pm Jack Raats wrote: I have a strange error. Normally when you compile the complete system, the first line of /etc/motd is being adjusted telling you the time and version you just compiled. On one server this is not being done. What is the problem. Which programm adjust the motd file when compiling? Thanks Jack ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org If anyone else responded, I may have deleted it while scanning mail too quickly. 8o) motd isn't updated during compile. It's updated during boot. If you don't reboot the machine, it doesn't get updated. There is also a line you can include in rc.conf to disable the update. Search for motd in /etc/defaults/rc.conf for motd. -- System Name: laptop2.StevenFriedrich.org Hardware:2.80GHz Intel Pentium 4 (HTT) with 2 GB memory OS version: FreeBSD 8.1-RELEASE-p2 i386 (5.1 MB kernel) Window Manager(s): kde4-4.5.4 X Window System: xorg-7.5X.Org X Server 1.7.5 FreeBSD Audio Driver (newpcm: 32bit 2009061500/i386) Installed devices: pcm0: Intel ICH6 (82801FB) (play/rec) default ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Which network driver for RTL8211 or 8201 NIC's?
I need to replace a failing motherboard. I'm aiming to keep the existing Athlon CPU so I'm tied down to to a socket AM2(+) board and the majority of those available seem to have nForce 630a chipsets and RTL8211CL or 8201EL NIC's which aren't explicitly mentioned in the release notes http://www.freebsd.org/releases/8.1R/hardware.html#ETHERNET. I see that the strings RTL8211C(L) and RTL8201L (but not EL) appear in /usr/src/sys/dev/rgephy.c and rlphy.c but the man page for the rl driver only mentions RealTek 8129/8139 and I'm not sure which driver is built from rgephy.c. Am I going to have problems if I get a motherboard with one of these NIC's? -- Mike Clarke ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
what's wrong?
Hopefully this will work. I attached a text file of my dmesg. After boot, I start getting ACPI errors. Here's an excerpt. Root mount waiting for: usbus1 ugen1.3: vendor 0x090c at usbus1 Trying to mount root from ufs:/dev/ad4s1a wlan0: Ethernet address: c4:17:fe:24:04:eb wlan0: link state changed to UP ACPI Error: No object attached to node 0xff000168a840 (20100331/exresnte-211) ACPI Error (uteval-0318): Method execution failed [\\_SB_.BAT0._UID] (Node 0xff000168a840), AE_AML_NO_OPERAND ACPI Error: No object attached to node 0xff000168a840 (20100331/exresnte-211) ACPI Error (uteval-0318): Method execution failed [\\_SB_.BAT0._UID] (Node 0xff000168a840), AE_AML_NO_OPERAND\ == What did you do? the man holding the flashlight asked. I put down a spider, he said, wondering why the man didn't see; in the beam of yellow light the spider bloated up larger than life. So it could get away. Copyright (c) 1992-2010 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.1-STABLE #2: Wed Oct 13 20:48:24 MST 2010 nesh...@carmen:/usr/obj/usr/src/sys/CARMEN amd64 Timecounter i8254 frequency 1193182 Hz quality 0 CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz (2127.92-MHz K8-class CPU) Origin = GenuineIntel Id = 0x20652 Family = 6 Model = 25 Stepping = 2 Features=0xbfebfbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE Features2=0x98e3bdSSE3,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,POPCNT AMD Features=0x28000800SYSCALL,RDTSCP,LM AMD Features2=0x1LAHF TSC: P-state invariant real memory = 4294967296 (4096 MB) avail memory = 3892662272 (3712 MB) ACPI APIC Table: HPQOEM SLIC-MPC FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 SMT threads cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 4 cpu3 (AP): APIC ID: 5 ioapic0: Changing APIC ID to 2 ioapic0 Version 2.0 irqs 0-23 on motherboard kbd1 at kbdmux0 acpi0: HPQOEM SLIC-MPC on motherboard acpi0: [ITHREAD] acpi0: Power Button (fixed) acpi_hpet0: High Precision Event Timer iomem 0xfed0-0xfed003ff on acpi0 Timecounter HPET frequency 14318180 Hz quality 900 Timecounter ACPI-safe frequency 3579545 Hz quality 850 acpi_timer0: 24-bit timer at 3.579545MHz port 0x408-0x40b on acpi0 cpu0: ACPI CPU on acpi0 cpu1: ACPI CPU on acpi0 cpu2: ACPI CPU on acpi0 cpu3: ACPI CPU on acpi0 acpi_ec0: Embedded Controller: GPE 0x17 port 0x62,0x66 on acpi0 acpi_button0: Power Button on acpi0 acpi_lid0: Control Method Lid Switch on acpi0 acpi_button1: Sleep Button on acpi0 battery0: ACPI Control Method Battery on acpi0 acpi_acad0: AC Adapter on acpi0 pcib0: ACPI Host-PCI bridge port 0xcf8-0xcff on acpi0 pci0: ACPI PCI bus on pcib0 vgapci0: VGA-compatible display port 0x6050-0x6057 mem 0xd000-0xd03f,0xc000-0xcfff irq 16 at device 2.0 on pci0 agp0: Intel Ironlake (M) SVGA controller on vgapci0 agp0: detected 32764k stolen memory agp0: aperture size is 256M pci0: simple comms at device 22.0 (no driver attached) ehci0: Intel PCH USB 2.0 controller USB-B mem 0xd8405c00-0xd8405fff irq 16 at device 26.0 on pci0 ehci0: [ITHREAD] usbus0: EHCI version 1.0 usbus0: Intel PCH USB 2.0 controller USB-B on ehci0 hdac0: Intel PCH High Definition Audio Controller mem 0xd840-0xd8403fff irq 22 at device 27.0 on pci0 hdac0: HDA Driver Revision: 20100226_0142 hdac0: [ITHREAD] pcib1: ACPI PCI-PCI bridge at device 28.0 on pci0 pci1: ACPI PCI bus on pcib1 pcib2: ACPI PCI-PCI bridge at device 28.1 on pci0 pci2: ACPI PCI bus on pcib2 ath0: Atheros 9285 mem 0xd640-0xd640 irq 17 at device 0.0 on pci2 ath0: [ITHREAD] ath0: AR9285 mac 192.2 RF5133 phy 14.0 pcib3: ACPI PCI-PCI bridge at device 28.2 on pci0 pci3: ACPI PCI bus on pcib3 re0: RealTek 8101E/8102E/8102EL/8103E PCIe 10/100baseTX port 0x3000-0x30ff mem 0xd2404000-0xd2404fff,0xd240-0xd2403fff irq 18 at device 0.0 on pci3 re0: Using 1 MSI messages re0: Chip rev. 0x2400 re0: MAC rev. 0x re0: Unknown H/W revision: 0x2400 device_attach: re0 attach returned 6 pci3: unknown at device 0.1 (no driver attached) pci3: base peripheral, SD host controller at device 0.2 (no driver attached) pcib4: ACPI PCI-PCI bridge at device 28.3 on pci0 pci4: ACPI PCI bus on pcib4 ehci1: Intel PCH USB 2.0 controller USB-A mem 0xd8405800-0xd8405bff irq 20 at device 29.0 on pci0 ehci1: [ITHREAD] usbus1: EHCI version 1.0 usbus1: Intel PCH USB 2.0 controller USB-A on ehci1 pcib5: ACPI PCI-PCI bridge at device 30.0 on pci0 pci7: ACPI PCI bus on pcib5 isab0: PCI-ISA bridge at device 31.0 on pci0 isa0: ISA bus on isab0 atapci0: Intel 5 Series/3400 Series PCH SATA300 controller port
Re: A jail with a dash in its name
On Tue, Dec 21, 2010 at 11:31:42PM +0100, Christer Solskogen wrote: On Tue, Dec 21, 2010 at 9:26 PM, Matthew Seaman m.sea...@infracaninophile.co.uk wrote: Of course, there's no problem with using the form 'forest-friend' on the RHS of any assignments, so long as it's properly quoted, of course. Thanks for all your help! I chose to remove all hyphens instead. I use ezjail and have jails with hyphens. Everything works fine there. salut, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Nullfs Allows Jailbreaking
Here is my file system scheme for a newly created jail as viewed from the host: /usr/jail/template on /usr/jail/f1 (nullfs, local, read-only) /usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local) /usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local) /usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local) /usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local) As viewed from the jail: /usr/jail/template on / (nullfs, local, read-only) I like the idea of using a template for multiple jails that I plan to use later. I like the ide of mounting the template read only. I had to splice in the other nullfs filesystems so that things that need to be read-write can be. But it seems kinda funky. Inside the jail it looks like EVERYTHING is read-only and you have no way of knowing that /tmp is actually read-write. There seems to be a violation of the segregation going on here. What pitfalls can you see in a file system scheme like this for my jails? Is the above behavior by design or did I find a flaw? Thanks, Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Nullfs Allows Jailbreaking
On Wed, Dec 22, 2010 at 8:56 PM, Jason C. Wells j...@speakeasy.net wrote: I like the idea of using a template for multiple jails that I plan to use later. I like the ide of mounting the template read only. I had to splice in the other nullfs filesystems so that things that need to be read-write can be. But it seems kinda funky. Inside the jail it looks like EVERYTHING is read-only and you have no way of knowing that /tmp is actually read-write. There seems to be a violation of the segregation going on here. What pitfalls can you see in a file system scheme like this for my jails? Is the above behavior by design or did I find a flaw? I think you're reinventing the wheel. The sysutils/ezjail already handles this gracefully in addition to many other features. For reference ezjail creates a layout like this: /usr/jails/www.example.com.device on /usr/jails/www.example.com (ufs, local, soft-updates) /usr/jails/basejail on /usr/jails/www.example.com/basejail (nullfs, local, read-only) devfs on /usr/jails/www.example.com/dev (devfs, local, multilabel) From inside the jail you see: /usr/jails/www.example.com.device on / (ufs, local, soft-updates) -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Nullfs Allows Jailbreaking
On Dec 22, 2010, at 7:56 PM, Jason C. Wells wrote: Here is my file system scheme for a newly created jail as viewed from the host: /usr/jail/template on /usr/jail/f1 (nullfs, local, read-only) /usr/jail/f1-fs/etc on /usr/jail/f1/etc (nullfs, local) /usr/jail/f1-fs/tmp on /usr/jail/f1/tmp (nullfs, local) /usr/jail/f1-fs/var on /usr/jail/f1/var (nullfs, local) /usr/jail/f1-fs/usr-local on /usr/jail/f1/usr/local (nullfs, local) As viewed from the jail: /usr/jail/template on / (nullfs, local, read-only) I like the idea of using a template for multiple jails that I plan to use later. I like the ide of mounting the template read only. I had to splice in the other nullfs filesystems so that things that need to be read-write can be. But it seems kinda funky. Inside the jail it looks like EVERYTHING is read-only and you have no way of knowing that /tmp is actually read-write. There seems to be a violation of the segregation going on here. What pitfalls can you see in a file system scheme like this for my jails? Is the above behavior by design or did I find a flaw? I have been doing this for years with great success. I don't understand your question. How does it look like everything is read only from inside the jail? The fact that a df only shows the root filesystem and not all your others file systems? (assuming that is still the truth -- my jails do this on older FBSD systems) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Nullfs Allows Jailbreaking
On 12/22/10 19:00, Chad Leigh -- Shire.Net LLC wrote: I have been doing this for years with great success. I don't understand your question. How does it look like everything is read only from inside the jail? The fact that a df only shows the root filesystem and not all your others file systems? (assuming that is still the truth -- my jails do this on older FBSD systems Your report of great success is encouraging. I've never done this and sometimes you don't see the full consequences when you haven't done something before. I think you understand my question. It's the fact that mount(8) report read only. If you looked at that, you would conclude that you had no write access at all. Well, I set up the jail, so I can see behind the curtain. A downstream user that never saw behind the curtain wouldn't know where they could write a file unless they simply guessed. That is why I asked about jailbreaking. There is information crossing the jail in a mysterious way. The jail reports that everything under root is read only, but the jail can still see the read-writeness of the invisible (to mount) null filesystems. From the sound of it, this is expected behavior. Regards, Jason C. Wells ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Laptop with external monitor, how to make it work
I'm looking for a description on how to make the switching between monitors work. In my case it's the key combination Fn + F8 on a Dell Latitude E6500. Any help appreciated :-) Thanks /Leslie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org