SPAM-flag on FBSD list
Hello, while testing a new mail configuration on freebsd-test@, I noticed a very interesting part in the header, which I just paste Old-X-HE-Spam-Score: -2.3 Old-X-HE-Spam-Report: Content analysis details: (-2.3 points) pts rule name description -- -- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [8.8.178.116 listed in list.dnswl.org] 0.0 TVD_SPACE_RATIOTVD_SPACE_RATIO X-HE-SPF: PASSED Curious about who is the culprit in the chain, I did [cjr@dijkstra:~]$ dig -x 8.8.178.116 (01-13 16:42) ; DiG 9.8.3-P4 -x 8.8.178.116 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 33133 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;116.178.8.8.in-addr.arpa. IN PTR ;; ANSWER SECTION: 116.178.8.8.in-addr.arpa. 3600 IN PTR mx2.FreeBSD.org. ;; Query time: 96 msec ;; SERVER: 192.168.178.1#53(192.168.178.1) ;; WHEN: Sun Jan 13 16:42:11 2013 ;; MSG SIZE rcvd: 71 Are the FreeBSD-mail servers spammers? Anyhow, have a nice week, cheers, -- Christopher TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 FreeBSD 9.1-STABLE #4 r245101: Sun Jan 6 21:13:49 CET 2013 c...@dijkstra.cruwe.de:/usr/obj/usr/src/sys/DIJKSTRA Punctuation matters: Lets eat Grandma or Lets eat, Grandma - Punctuation saves lives. A panda eats shoots and leaves or A panda eats, shoots, and leaves - Punctuation teaches proper biology. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SPAM-flag on FBSD list
On Sun, 13 Jan 2013 11:06:50 -0500 Joe Altman free...@chthonixia.net wrote: On Sun, Jan 13, 2013 at 04:48:06PM +0100, Christopher J. Ruwe wrote: Hello, while testing a new mail configuration on freebsd-test@, I noticed a very interesting part in the header, which I just paste Old-X-HE-Spam-Score: -2.3 Old-X-HE-Spam-Report: Content analysis details: (-2.3 points) pts rule name description -- -- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/, medium trust [8.8.178.116 listed in list.dnswl.org] From the org's web page: dnswl.org: DNS Whitelist - Protect against false positives What is dnswl.org? Dnswl.org is the leading whitelist provider for email filtering. It has over 80'000 users and contains more than 150'000 entries of good mailservers. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Thanks for the explanation, the wl part of the domain and the negative number escaped me completly. Sorry for the noise, cheers, -- Christopher TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 FreeBSD 9.1-STABLE #4 r245101: Sun Jan 6 21:13:49 CET 2013 c...@dijkstra.cruwe.de:/usr/obj/usr/src/sys/DIJKSTRA Punctuation matters: Lets eat Grandma or Lets eat, Grandma - Punctuation saves lives. A panda eats shoots and leaves or A panda eats, shoots, and leaves - Punctuation teaches proper biology. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Curious question about using zfs send -R and receive on FreeBSD
On Mon, 17 Dec 2012 16:00:06 -0600 dweimer dwei...@dweimer.net wrote: I recently migrated a machine that was built on a VM to physical hardware using the zfs send -R option against a snapshot of its root zfs setup. I went from smaller drives to larger, both using a mirrored zpool. However the devices were different, the device IDs on the VM were da0 and da1, the device IDs on the physical hardware were ada0 and ada1. I had used labels when creating the gpt layout to plan for this. And all worked great, in fact it was the fastest I have ever converted a virtual machine to a physical machine. After I finished though, I got curious, was it actually necessary for me to mount the new boot zfs partition while running on the live cd and copy the zpool.cache file I had created when creating the zpool or would have the existing cache file that would have been included in the zfs send contained the right information? As the zpool was pointed at the gpt label devices, or was the fact that the size changed enough difference that copying the file was indeed necessary? I fear you might be mixing things up here. You did a zfs-migrate, not a zpool-migrate, you created a new zpool and received the datasets on that new zpool, even if the zpool names were the same. The function of zpool.cache is to tell the OS about available device-zpool combinations. Without, the OS does not know which zpools are available and accordingly cannot mount the root-ZFS passed in the vfs.root.mountfrom directive in loader.conf, which is why you needed to copy the zpool.cache and, if you changed the zpool-names, needed to adapt loader.conf. There are plans to change this behaviour, as it is deemed superfluous at least in the case of disks, but I do not know how much that has progressed so far. http://lists.freebsd.org/pipermail/freebsd-fs/2012-October/015328.html Hope I could shed some light on that issue, although I am by no means an expert on this. Cheers, -- Christopher TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 Punctuation matters: Let's eat Grandma or Let's eat, Grandma - Punctuation saves lives. A panda eats shoots and leaves or A panda eats, shoots, and leaves - Punctuation teaches proper biology. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: trying to build a port for vagrant and failing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 06 Nov 2012 17:58:42 -0500 Greg Larkin glar...@freebsd.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/6/12 4:00 PM, Christopher J. Ruwe wrote: Currently, I am trying to write up a port for vagrant, a VirtualBox managment thing (http://vagrantup.com/). I am failing with the dependencies and would be grateful for some help. I have BUILD_DEPENDS= minitar:${PORTSDIR}/archivers/rubygem-archive-tar-minitar \ RUN_DEPENDS=erubis:${PORTSDIR}/www/rubygem-erubis \ rubygem-childprocess=0.3.1:${PORTSDIR}/devel/rubygem-childprocess \ rubygem-i18n=0.6.0:${PORTSDIR}/devel/rubygem-i18n \ rubygem-json=1.5.1:${PORTSDIR}/devel/rubygem-json \ rubygem-log4r=1.1.9:${PORTSDIR}/sysutils/rubygem-log4r \ rubygem-net-ssh=2.2.2:${PORTSDIR}/security/rubygem-net-ssh \ rubygem-net-scp=1.0.4:${PORTSDIR}/security/rubygem-net-scp in the makefile. From the build log (I am using poudriere for testing) I get ===phase: run-depends== === rubygem-vagrant-1.0.5 depends on executable: erubis - not found ===Verifying install for erubis in /usr/ports/www/rubygem-erubis === Installing existing package /usr/ports/packages/All/rubygem-erubis-2.7.0.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-childprocess=0.3.1 - not found === Verifying install for rubygem-childprocess=0.3.1 in /usr/ports/devel/rubygem-childprocess === Installing existing package /usr/ports/packages/All/rubygem-childprocess-0.3.5.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-i18n=0.6.0 - not found ===Verifying install for rubygem-i18n=0.6.0 in /usr/ports/devel/rubygem-i18n === Installing existing package /usr/ports/packages/All/rubygem-i18n-0.6.0,2.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-json=1.5.1 - not found === Verifying install for rubygem-json=1.5.1 in /usr/ports/devel/rubygem-json === Installing existing package /usr/ports/packages/All/rubygem-json-1.7.5.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-log4r=1.1.9 - not found === Verifying install for rubygem-log4r=1.1.9 in /usr/ports/sysutils/rubygem-log4r === Installing existing package /usr/ports/packages/All/rubygem-log4r-1.1.10.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-net-ssh=2.2.2 - not found ===Verifying install for rubygem-net-ssh=2.2.2 in /usr/ports/security/rubygem-net-ssh === Installing existing package /usr/ports/packages/All/rubygem-net-ssh-2.1.4,2.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-net-scp=1.0.4 - not found ===Verifying install for rubygem-net-scp=1.0.4 in /usr/ports/security/rubygem-net-scp === Installing existing package /usr/ports/packages/All/rubygem-net-scp-1.0.4_1.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/gem18 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/ruby18 - found === So far so good. I noticed that rubygem-net-ssh-2.1.4.2 is supposed to satisfy =rubygem-net-ssh-2.2.2, which I ignore for the while. Now, building yields ===phase: install == === Installing for rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on executable: erubis - found === rubygem-vagrant-1.0.5 depends on package: rubygem-childprocess=0.3.1 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-i18n=0.6.0 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-json=1.5.1 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-log4r=1.1.9 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-net-ssh=2.2.2 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-net-scp=1.0.4 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/gem18 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/ruby18 - found === Generating temporary packing list === Checking if emulators/rubygem-vagrant already installed /usr/bin/env /usr/local/bin/gem18 install -l --no-update-sources --no-ri --install-dir /usr/local/lib/r\ uby/gems/1.8 /usr/ports/distfiles/rubygem/vagrant-1.0.5.gem -- --build-args ERROR: While executing gem ... (Gem::DependencyError) Unable to resolve dependencies: vagrant requires json (~ 1.5.1), net-ssh (~ 2.2.2) *** Error code 1 The installation is right about net-ssh (confer above), but definitely
trying to build a port for vagrant and failing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Currently, I am trying to write up a port for vagrant, a VirtualBox managment thing (http://vagrantup.com/). I am failing with the dependencies and would be grateful for some help. I have BUILD_DEPENDS= minitar:${PORTSDIR}/archivers/rubygem-archive-tar-minitar \ RUN_DEPENDS=erubis:${PORTSDIR}/www/rubygem-erubis \ rubygem-childprocess=0.3.1:${PORTSDIR}/devel/rubygem-childprocess \ rubygem-i18n=0.6.0:${PORTSDIR}/devel/rubygem-i18n \ rubygem-json=1.5.1:${PORTSDIR}/devel/rubygem-json \ rubygem-log4r=1.1.9:${PORTSDIR}/sysutils/rubygem-log4r \ rubygem-net-ssh=2.2.2:${PORTSDIR}/security/rubygem-net-ssh \ rubygem-net-scp=1.0.4:${PORTSDIR}/security/rubygem-net-scp in the makefile. - From the build log (I am using poudriere for testing) I get ===phase: run-depends== === rubygem-vagrant-1.0.5 depends on executable: erubis - not found ===Verifying install for erubis in /usr/ports/www/rubygem-erubis === Installing existing package /usr/ports/packages/All/rubygem-erubis-2.7.0.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-childprocess=0.3.1 - not found ===Verifying install for rubygem-childprocess=0.3.1 in /usr/ports/devel/rubygem-childprocess === Installing existing package /usr/ports/packages/All/rubygem-childprocess-0.3.5.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-i18n=0.6.0 - not found ===Verifying install for rubygem-i18n=0.6.0 in /usr/ports/devel/rubygem-i18n === Installing existing package /usr/ports/packages/All/rubygem-i18n-0.6.0,2.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-json=1.5.1 - not found ===Verifying install for rubygem-json=1.5.1 in /usr/ports/devel/rubygem-json === Installing existing package /usr/ports/packages/All/rubygem-json-1.7.5.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-log4r=1.1.9 - not found ===Verifying install for rubygem-log4r=1.1.9 in /usr/ports/sysutils/rubygem-log4r === Installing existing package /usr/ports/packages/All/rubygem-log4r-1.1.10.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-net-ssh=2.2.2 - not found ===Verifying install for rubygem-net-ssh=2.2.2 in /usr/ports/security/rubygem-net-ssh === Installing existing package /usr/ports/packages/All/rubygem-net-ssh-2.1.4,2.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on package: rubygem-net-scp=1.0.4 - not found ===Verifying install for rubygem-net-scp=1.0.4 in /usr/ports/security/rubygem-net-scp === Installing existing package /usr/ports/packages/All/rubygem-net-scp-1.0.4_1.tbz === Returning to build of rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/gem18 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/ruby18 - found === So far so good. I noticed that rubygem-net-ssh-2.1.4.2 is supposed to satisfy =rubygem-net-ssh-2.2.2, which I ignore for the while. Now, building yields ===phase: install == === Installing for rubygem-vagrant-1.0.5 === rubygem-vagrant-1.0.5 depends on executable: erubis - found === rubygem-vagrant-1.0.5 depends on package: rubygem-childprocess=0.3.1 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-i18n=0.6.0 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-json=1.5.1 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-log4r=1.1.9 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-net-ssh=2.2.2 - found === rubygem-vagrant-1.0.5 depends on package: rubygem-net-scp=1.0.4 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/gem18 - found === rubygem-vagrant-1.0.5 depends on file: /usr/local/bin/ruby18 - found === Generating temporary packing list === Checking if emulators/rubygem-vagrant already installed /usr/bin/env /usr/local/bin/gem18 install -l --no-update-sources --no-ri --install-dir /usr/local/lib/r\ uby/gems/1.8 /usr/ports/distfiles/rubygem/vagrant-1.0.5.gem -- --build-args ERROR: While executing gem ... (Gem::DependencyError) Unable to resolve dependencies: vagrant requires json (~ 1.5.1), net-ssh (~ 2.2.2) *** Error code 1 The installation is right about net-ssh (confer above), but definitely not on json (1.7.5 1.5.1). Can anybody hint me on a path to pursue to resolve that error? Many thanks, cheers, - -- Christopher TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 Punctuation matters: Let's eat Grandma or Let's eat, Grandma -
Re: poudriere amassing fetch errors
On Fri, 19 Oct 2012 22:29:51 +0200 Patrick Lamaiziere patf...@davenulle.org wrote: Le Sun, 14 Oct 2012 03:57:20 +0200, Christopher J. Ruwe c...@cruwe.de a écrit : Hello, for some time I have noticed that poudriere bulk build amass fetch errors, i.e., the corresponding distfile(s) cannot be fetched by the build jail and I have to fetch these manually. Does anybody know a fix to this unnerving condition? I don't see this problem. Missing resolv.conf ? /usr/local/etc/poudriere.conf # By default the jails have no /etc/resolv.conf, you will need to set # REVOLV_CONF to a file on your hosts system that will be copied has # /etc/resolv.conf for the jail, except if you don't need it (using an http # proxy for example) RESOLV_CONF=/etc/resolv.conf My apolgies for that absolutly crappy discription of the error I was witnessing. Upon reading my post anew, I just do not know what hit me posting that. Anyways, I did not have a /etc/resolv.conf entry in my poudriere.conf, as it has been working for some time without. The error was rather byzanthine ... sometimes, the sources were fetched correctly, sometimes not. Regrettably, I do not have any fetch error messages around any more, so I cannot supply the information I should have included in my first post. Anyways, setting the entry in poudriere.conf seems to have solved the issue. Interesting how any fetching could have occured without ... Thanks and cheers, -- Christopher J. Ruwe TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
poudriere amassing fetch errors
Hello, for some time I have noticed that poudriere bulk build amass fetch errors, i.e., the corresponding distfile(s) cannot be fetched by the build jail and I have to fetch these manually. Does anybody know a fix to this unnerving condition? Cheers, -- Christopher J. Ruwe TZ: GMT + 2h GnuPG/GPG: 0xE8DE2C14 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
[SOLVED] Re: cannot build any pkg depending on glibmm on poudriere
On Sat, 4 Aug 2012 12:36:16 +0200 Christopher J. Ruwe c...@cruwe.de wrote: Currently, I am failing to compile the packages for my machines with poudriere due to some error with glibmm, which I am unable to trace. The problem seems to be (at least from my point of view), that a dependancy to libsigc++ is not resolved corectly. As no PR has been filed yet and the problem persists with my builds for about two weeks, I expect the error is mine. Refraining from spamming the list, I include a snippet from the build-logs which is exemplary for all others which somehow depend on glibmm: === Returning to build of atkmm-2.22.5 === atkmm-2.22.5 depends on shared library: glibmm-2.4.1 - not found ===Verifying install for glibmm-2.4.1 in /usr/ports/devel/glibmm === Installing existing package /usr/ports/packages/All/glibmm-2.28.2,1.txz Installing glibmm-2.28.2,1...Installing gamin-0.1.10_4...Installing glib-2.28.8_4...Installing pcre-8.31\ ... done Installing perl-threaded-5.14.2_2...Removing stale symlinks from /usr/bin... Skipping /usr/bin/perl Skipping /usr/bin/perl5 Done. Creating various symlinks in /usr/bin... Symlinking /usr/local/bin/perl5.14.2 to /usr/bin/perl Symlinking /usr/local/bin/perl5.14.2 to /usr/bin/perl5 Done. Cleaning up /etc/make.conf... Done. Spamming /etc/make.conf... Done. done Installing python27-2.7.3_3... done No schema files found: doing nothing. done done Installing gio-fam-backend-2.28.8_1... done missing dependency libsigc++-2.2.10 Failed to install the following 1 package(s): /usr/ports/packages/All/glibmm-2.28.2,1.txz Does anybody have any idea on how to resolve that issue? Cheers, Applying ports/170087: [Patch] ports-mgmt/poudriere: fix quoting for poudriere solved the problem. Cheers, -- Christopher J. Ruwe TZ: GMT + 2h signature.asc Description: PGP signature
[OT:] tools/methods for automated cross-platform packaging?
Currently, I am looking into the problem of providing software packages for different platforms via native packages in a Continuous Integration Environment. The software in question is pure Java, so binary compatibility and/or cross-compilation issue resolves to having a conforming JRE installed on the target-platform. I know this question is prone for another OSI-10 flame-war on the Java is the OS statement - please don't. It is a customer requirement I must conform to. The (non-)intelligence of that requirement might be questioned, but ... Having looked into the issue of cross-platform packaging systems, I have found mostly separate package managers which require to be installed on the target-platform and manage a separate environment (viz OpenPkg, IPS). These do not help, as the customers require native packages. Apparantly, there are tools which take compiled binaries and wrap those into some package-format - EPM and ProjectBuilder do such a thing. The first has it's last commit by December 2010 and the second seems to be a one-man-show, so those (I did not find alternatives) are of questionable value in a long-term productive environment. Other projects manage to provide packages for a multitude of platforms. Are these built (semi-)manually by volunteers or distribution providers or is there any packaging infrastructure available to automate the task of taking sources to compile and package them? As I am talking of Java, a tool which packages binaries would be entirely sufficient. Thanks for any ideas or hints, cheers, -- Christopher J. Ruwe TZ: GMT + 2h signature.asc Description: PGP signature
cannot build any pkg depending on glibmm on poudriere
Currently, I am failing to compile the packages for my machines with poudriere due to some error with glibmm, which I am unable to trace. The problem seems to be (at least from my point of view), that a dependancy to libsigc++ is not resolved corectly. As no PR has been filed yet and the problem persists with my builds for about two weeks, I expect the error is mine. Refraining from spamming the list, I include a snippet from the build-logs which is exemplary for all others which somehow depend on glibmm: === Returning to build of atkmm-2.22.5 === atkmm-2.22.5 depends on shared library: glibmm-2.4.1 - not found ===Verifying install for glibmm-2.4.1 in /usr/ports/devel/glibmm === Installing existing package /usr/ports/packages/All/glibmm-2.28.2,1.txz Installing glibmm-2.28.2,1...Installing gamin-0.1.10_4...Installing glib-2.28.8_4...Installing pcre-8.31\ ... done Installing perl-threaded-5.14.2_2...Removing stale symlinks from /usr/bin... Skipping /usr/bin/perl Skipping /usr/bin/perl5 Done. Creating various symlinks in /usr/bin... Symlinking /usr/local/bin/perl5.14.2 to /usr/bin/perl Symlinking /usr/local/bin/perl5.14.2 to /usr/bin/perl5 Done. Cleaning up /etc/make.conf... Done. Spamming /etc/make.conf... Done. done Installing python27-2.7.3_3... done No schema files found: doing nothing. done done Installing gio-fam-backend-2.28.8_1... done missing dependency libsigc++-2.2.10 Failed to install the following 1 package(s): /usr/ports/packages/All/glibmm-2.28.2,1.txz Does anybody have any idea on how to resolve that issue? Cheers, -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
Re: anyone here use poudriere ?
On Fri, 13 Jul 2012 12:32:48 +0100 Vincent Hoffman vi...@unsane.co.uk wrote: I've been playing with poudriere and pkg as per http://fossil.etoilebsd.net/poudriere/doc/trunk/doc/pkgng_repos.wiki in the hope that it will be an easier way to maintain a custom internal package repository for work not I'va managed to get a few FreeBSD boxes into service there. I'm liking it lots more than the traditional package build but I am having some problems working out how to set custom build options for ports. Does anyone else use poudriere for this and if so how do they handle this. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I use a combination of PORTSDIR, DISTDIR and PORT_DBDIR in make.conf to set the actual ports tree to poudiriere. Have a look at man ports. You can then use the make config-recursive target to set the configuration in advance. Using portmaster should also work then. Cheers -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
Re: IPNAT seems to affect network performance? of jails on lo0 (10.0.0.0/24) - why?
On Mon, 25 Jun 2012 18:23:56 -0400 Robert Huff roberth...@rcn.com wrote: Christopher J. Ruwe writes: On a KVM virtualized host, I run FreeBSD 8.3-RELEASE-p3 and some qjails, 8.3-RELEASE. The jails are connected all via lo0 on 10.0.0.0. While by the large working as expected, I have noticed one pecularity I have failed to pinpoint: When launching processes with some network interaction, like sshing into one of the jails from the platform or launching emacs, the command spends ages ( ~(1-2) minutes) idling? (nothing happens) before becoming interactive. If the number is very close to 90 seconds, my first guess would be you have a DNS problem. Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Thanks for the hint. It was DNS ... I have copied a resolv.conf into the jails for future use, but did not enable NAT from the start. The issue disappeared when I commented out the nameserver entries and switched NAT off again, i.e., I could login using ssh in a matter of seconds, not minutes. Now to the followup: Why does ssh and emacs! require DNS for entirely local connections or just to be started? Anyway, thanks for that hint, cheers, -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
Re: changing md5 hashed for sha
On Sun, 24 Jun 2012 18:28:38 -0400 Lowell Gilbert freebsd-questions-lo...@be-well.ilk.org wrote: Christopher J. Ruwe c...@cruwe.de writes: For setting the dafault hash used to hash /etc/master.passwd, it has been recommended changing md5 for something more secure in the sense of being more expensive to crack. The handbook describes the procedure used in http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/crypt.html. Allegedly, hashes which were hashed with one of the sha-functions begin with the character $6$. Afer having changed my /etc/login.conf accordingly and having reset the passwords, the given there is not md5 anymore (I have tried with md5), but does not begin with the character $6$, but, as md5, with $1$, which is supposed to be md5-hashed. I'm not following. Are you saying that you are resetting the passwords after setting login.conf, but new passwords aren't being created with the new hash type? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Yes, you are following correctly that the hash mechanism did not appear to have changed. It was OSI-8 error on my part, as Mike Tancsa (one message later) helped me to understand. Cheers, -- Christopher J. Ruwe TZ: GMT + 2h signature.asc Description: PGP signature
Re: changing md5 hashed for sha
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 oops ... forwarding to the list also - -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 24 Jun 2012 19:06:07 -0400 Mike Tancsa m...@sentex.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/23/2012 9:37 AM, Christopher J. Ruwe wrote: For setting the dafault hash used to hash /etc/master.passwd, it has been recommended changing md5 for something more secure in the sense of being more expensive to crack. The handbook describes the procedure used in http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/crypt.html. Allegedly, hashes which were hashed with one of the sha-functions begin with the character $6$. Afer having changed my /etc/login.conf accordingly and having reset the passwords, the given there is not md5 anymore (I have tried with md5), but does not begin with the character $6$, but, as md5, with $1$, which is supposed to be md5-hashed. I fear I am a bit dense here, what am I getting wrong? Are you sure you ran cap_mkdb /etc/login.conf after adjusting the values in login.conf ? Also, this will only work on relatively recent versions of FreeBSD. ---Mike - -- - --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJP551fAAoJEJXHwM2kc8rXS34H/j+uxWq8Pa9j0iXpehObx2iY LeeCZx7YbSv9AwGVHy/gTRtYP1uStBNn79oKV0ANSyjOT3F7l1MuygfJAqfXIKDm WdN4KX2D3tpAjVMdce1zX2rSy4OtXLYXpBXTiGmP2d/erAEtE9B8gJ8GQWDh0gWz 14CkQyefcF2YvmepSj3+9P69EzjlEm6vDMPyY/nrMlJcT8+ujtZX325+kQzQiiFX FFasbqekazHCUnKGZZY9arY01AxPKg5e2PXFZPQf3qQy3jHqOupnM3ei3D39O9aV gqJ/k2XDPjZYqAIy0gyPi99q4fCueYQFQrm2tyeTkV6+OxM8kdD5czx/FvySiG8= =FVSP -END PGP SIGNATURE- Ahhh I am sure I did not run cap_mkdb. Didn't say so in the relevant section of the handbook and I was to lazy to thooughly read the manpage. Thanks, I have the correct hashes now. Cheers, - - -- Christopher TZ: GMT + 2h - -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBAgAGBQJP6KvdAAoJEJTIKW/o3iwUATEQAO0tDflkfluM4wTiUvhFvN31 PLEZKGcOjDfVnXaIqRuu5D1pPWc532xeST2H3mLJVFktjatrx/LbEy7O5w3diB1J zMM/SdiiSaIGyhSdWwTEgsGpd1jhG31RWGWtVLFzNMvfBpk/peiAbOwBcYqnKw85 zJOfDFLFcAkdP9jmiXF16iKCYcANK9R+2l0mCJ4qEdV6iIn8KAtrNxzS4i0ICzZB jBPO+bVbNkU3S7U/EXm449EvOFk+tVLxZcny3hyYWyY9ccH9Z7kyXrPRrb7cspHp iAKmWsJnntAlp7ogFYdjdOvbCeKfgtCGBnj8K9v7XYEs/KjUmschXYeIf4STsDL2 d7dLOMYz2fqYrH9toM0AvEPJuJR6cXm8XmLco7eBd2tjhdocSQ4t5nQXO/EhEGUs ESJ+ibcGtpmbad8vY0z88AIUeyrq1pQ9Ve+ceu0uQ63UTnZb3Zfu8f3PsdtCzV/2 jDYmmB1f9gjPp/NEZXPlQT7r1fTlw2IDEmU/JJEghBUIiTVuWtOvkCqG9ErYIdJK CWXV7slHlQ0d0ssCjL6wukTKpL0lS03YsvSYgoDee1h9fhLqaYpzhr+rduzxS79z q8vyaz/SRUlebTcHRZMSW9+FA/eJ3NHEv6y+d0w08OrhqmOvOxpo1dKEBdWo/JTN qP89RAUQLMfsp5NgU61o =QvC/ - -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (FreeBSD) iQIcBAEBAgAGBQJP6LOeAAoJEJTIKW/o3iwUXE4QANZl/NvWTqumJJdh2p3aDUKd F1jCYfXl7d1GI/2dxsMVfcSWqGnx6WL8wzQUKipHAfCDtILhEv+2XRQ2zLM+Snbn qJz3D3Qb1ctSQdXlW5Q5bpxWxiG8+oTmXkEVxfZAkWB/RVxnMGT9r7OA6zmy0gV8 XY4zBYuqnYv4jhXj3FYeW0s5zUEqx8Hj71ymEd5p0Ssaai4di6BqWHcEEOi0hbN5 jJvs9TUC0O9Wz2jcxkquECXX+H6aneLThdITOHJ+U4LO53UXq4Ol6sbLWF0WEGNC vHQGS235NvFo04rvqOeZtZUQt/OffOxovfO7IBwcT+KLIu8WTbOqRI2hosD0r2sl 2XogCK9VU+yjZVj3m4Te86dcHjt2Swqi/z1pgLui0XJBxJ4G2ZIqNR4e2LKWScXl WvdIGoZtpsFgHlG/CcwDYLqg4tIHtRcyDhf5/XE2/Gar0q+o10k4NeRRQY891rVp SkqSB1Bum1k0UOsCJ/WSbItY3MVHDcQ0YHav7J9I2XUk9DDW6W8AlIW6kpbo5tDR vZOMBMwnDR1D8NKhJDW3Ac+gkbm6iXGUroeLQv0EfP6j9lnFDPd6tUvNg+mZzTXZ pIhIQs93+Ksuhow3//h4AuuerE1xqGY6zzKxujrvEJ+4jUvu/8a/FA20nMqITYsh rR8kLAbebAy4Lat+72n4 =P3wE -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPNAT seems to affect network performance? of jails on lo0 (10.0.0.0/24) - why?
On a KVM virtualized host, I run FreeBSD 8.3-RELEASE-p3 and some qjails, 8.3-RELEASE. The jails are connected all via lo0 on 10.0.0.0. While by the large working as expected, I have noticed one pecularity I have failed to pinpoint: When launching processes with some network interaction, like sshing into one of the jails from the platform or launching emacs, the command spends ages ( ~(1-2) minutes) idling? (nothing happens) before becoming interactive. For reasons unreleated, I have enabled NAT with ipf for the jails on 10.0.0.0/24 (to the external re0 IF and some IP) and, out of the blue, logging into the jails or starting emacs became snappy again. Why? Why does ipnatting jails which should be connected via the same lo0 on 10.0.0.0 have any impact? Don't get me wrong, I am not complaining and it solved an issue which gave me kind of headaches, but I would like to understand. Thanks and cheers, -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
changing md5 hashed for sha
For setting the dafault hash used to hash /etc/master.passwd, it has been recommended changing md5 for something more secure in the sense of being more expensive to crack. The handbook describes the procedure used in http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/crypt.html. Allegedly, hashes which were hashed with one of the sha-functions begin with the character $6$. Afer having changed my /etc/login.conf accordingly and having reset the passwords, the given there is not md5 anymore (I have tried with md5), but does not begin with the character $6$, but, as md5, with $1$, which is supposed to be md5-hashed. I fear I am a bit dense here, what am I getting wrong? Thanks and cheers, -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
Re: changing md5 hashed for sha
On Sat, 23 Jun 2012 15:40:51 +0200 (CEST) Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: For setting the dafault hash used to hash /etc/master.passwd, it has been recommended changing md5 for something more secure in the sense of being more expensive to crack. is md5 that easy to crack? It has been discussed recently, cf http://lists.freebsd.org/pipermail/freebsd-security/2012-June/006271.html or virtually the first half of http://lists.freebsd.org/pipermail/freebsd-security/2012-June/thread.html Cheers, -- Christopher TZ: GMT + 2h signature.asc Description: PGP signature
xorg crashes after ports-wide update, fontconfig the culprit?
Having done a portmaster -a rendered my system virtually unusable, Xorg kept crashing when opening claws-mail, firefox and thunderbird, opera kept chrashing in a random fashion, too. Quod googelet x11 crash site:freebsd.org and narrowing down the results for to the last week, I found two references, i.e., 1) http://forums.freebsd.org/showthread.php?p=178234 and 2) http://forums.freebsd.org/showthread.php?p=178014. Having implemented 2) via portdowngrade to fontconfig-2.8.0_2,1 seems to have solved the crashing issues for opera and claws, firefox and thunderbird are waiting to be compiled. Has anyone observed similar issues, can anyone back my suspicion about fontconfig or show me how to prove it and wouldn't a note on UPDATING be in order? Thanks for your comments, cheers and have a nice weekend, -- Christopher TZ GMT +2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Ports-Related Commands Hanging After 9.0 Upgrade
On Fri, 25 May 2012 13:33:29 -0400 Sam Jones samjones1...@gmail.com wrote: Hi all, Forgive me if this is a repeat topic. I'd appreciate it if somebody could point me to the answer. I recently upgraded to 9.0 on my server, but since then a lot of ports-related commands (portupgrade, pkg_version, portsnap, etc.) just hang when I try to execute them. I'm not even really sure where to begin troubleshooting. Has anybody else seen this behavior? Upgrading world leads to many system libs being updated, too. When ports are dependant on these, a recompile of these ports might help. If you need/want to be sure, sysutils/bsdadminscripts is supposed to contain a script to check for broken shared libs system-wide and a ldd(1) on the binary you are trying to run will spit out some libraries you can the try to find(1). Hope to have been of some help, cheers, Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dlink dwl-122g e1 on 9-stable, working only partially? (or not at all?)
On Sun, 13 May 2012 23:09:34 -0600 PseudoCylon moonlightak...@yahoo.ca wrote: -- Message: 11 Date: Sun, 13 May 2012 01:21:30 +0200 From: Christopher J. Ruwe c...@cruwe.de Subject: Re: dlink dwl-122g e1 on 9-stable, working only partially? (or not at all?) To: freebsd-questions@freebsd.org Message-ID: 20120513012130.64d78...@dijkstra.cruwe.de Content-Type: text/plain; charset=US-ASCII On Sat, 12 May 2012 14:49:18 +0200 Christopher J. Ruwe c...@cruwe.de wrote: Currently I am fighting with (against?) a dlink dwl-g122 usb wlan dongle. The casing is claiming the thing to be of H/W-version E1, F/W-version 5.00, which I interpret as hardware and firmware. I am running 9-stable (FreeBSD ritchie.cruwe.de 9.0-STABLE FreeBSD 9.0-STABLE #8 r235064: Fri May 11 21:32:52 CEST 2012 c...@ritchie.cruwe.de:/usr/obj/usr/src/sys/RITCHIE amd64) and admittedly, dwl-g122 is not included in the hw-compatibility list for 9.0. I am also aware that others have been unsuccessful, though some time back, to get dlw-g122 e running (http://forums.freebsd.org/showthread.php?t=27123). However, I am somewhat successful in getting the dongle recognized by if_run.ko, though not to work as I would like to: dmesg gives then [...] ugen0.3: Ralink at usbus0 run0: Ralink 11g Adapter, class 0/0, rev 2.00/1.01, addr 3 on usbus0 run0: MAC/BBP RT3070 (rev 0x0201), RF RT2020 (MIMO 1T1R), address b8:a3:86:97:c1:ec ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec I have no explanation for the multiple occurrences, I have been trying for some time now, though. Was wlan_amrr compiled into kernel? Nope, using the module. BTW, loading the if_run module gives ieee80211_load_module: load the wlan_amrr module by hand for now. Did exactly that, i.e., loaded the wlam_amrr by hand. Do you think I might fare better by using in-kernel drivers instead of modules? sudo ifconfig wlan0 create wlandev run0 wlanmode hostap sudo ifconfig wlan0 inet 192.168.3.1 netmask 255.255.255.0 ssid bsdap channel - If you want to use WPA, you need to run # /etc/rc.d/hostapd onestart Amongst other things, I also did that. OK, update on the situation: I can get wlan to work in AP-mode, I must not enable WPA, though. Having enabled hostapd for one time kills my wlan and requires a complete reboot. Did it panic? Can you post back trace? No, it did not panic. After trying to enable wpa, the systems becomes very sluggish on the network side and recovers upon pulling the dongle. I interpret that as some kind of crashing the driver. I would be happy to provide a back trace, I do not know how, though. Where do I need to look to learn that? Thanks and cheers, Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
dlink dwl-122g e1 on 9-stable, working only partially? (or not at all?)
Currently I am fighting with (against?) a dlink dwl-g122 usb wlan dongle. The casing is claiming the thing to be of H/W-version E1, F/W-version 5.00, which I interpret as hardware and firmware. I am running 9-stable (FreeBSD ritchie.cruwe.de 9.0-STABLE FreeBSD 9.0-STABLE #8 r235064: Fri May 11 21:32:52 CEST 2012 c...@ritchie.cruwe.de:/usr/obj/usr/src/sys/RITCHIE amd64) and admittedly, dwl-g122 is not included in the hw-compatibility list for 9.0. I am also aware that others have been unsuccessful, though some time back, to get dlw-g122 e running (http://forums.freebsd.org/showthread.php?t=27123). However, I am somewhat successful in getting the dongle recognized by if_run.ko, though not to work as I would like to: dmesg gives then [...] ugen0.3: Ralink at usbus0 run0: Ralink 11g Adapter, class 0/0, rev 2.00/1.01, addr 3 on usbus0 run0: MAC/BBP RT3070 (rev 0x0201), RF RT2020 (MIMO 1T1R), address b8:a3:86:97:c1:ec ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded wlan0: ieee80211_new_state_locked: pending RUN - SCAN transition lost wlan: mac acl policy registered I have no explanation for the multiple occurrences, I have been trying for some time now, though. After sudo ifconfig wlan0 create wlandev run0 wlanmode hostap sudo ifconfig wlan0 inet 192.168.3.1 netmask 255.255.255.0 ssid bsdap channel - I get run0: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST metric 0 mtu 2290 ether b8:a3:86:97:c1:ec nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether b8:a3:86:97:c1:ec inet6 fe80::baa3:86ff:fe97:c1ec%wlan0 prefixlen 64 scopeid 0xb inet 192.168.3.1 netmask 0xff00 broadcast 192.168.3.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running ssid bsdap channel 1 (2412 MHz 11g) bssid b8:a3:86:97:c1:ec regdomain ETSI country DE authmode OPEN privacy OFF deftxkey 2 TKIP 2:128-bit TKIP 3:128-bit txpower 30 scanvalid 60 protmode CTS wme dtimperiod 1 -dfs This looks quite reasonable to me, however, I have been unsuccessful so far to get the ssid bsdap to appear on any scan done from the prospective clients (one 9-stable notebook, two Linux notebooks and one Nexus S android). Does anyone have an idea what is left to try or should I give up and look for another solution to build a wireless-capable router? Thanks in advance, cheers and have a nice weekend, -- Christopher TZ GMT + 2h ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dlink dwl-122g e1 on 9-stable, working only partially? (or not at all?)
On Sat, 12 May 2012 14:49:18 +0200 Christopher J. Ruwe c...@cruwe.de wrote: Currently I am fighting with (against?) a dlink dwl-g122 usb wlan dongle. The casing is claiming the thing to be of H/W-version E1, F/W-version 5.00, which I interpret as hardware and firmware. I am running 9-stable (FreeBSD ritchie.cruwe.de 9.0-STABLE FreeBSD 9.0-STABLE #8 r235064: Fri May 11 21:32:52 CEST 2012 c...@ritchie.cruwe.de:/usr/obj/usr/src/sys/RITCHIE amd64) and admittedly, dwl-g122 is not included in the hw-compatibility list for 9.0. I am also aware that others have been unsuccessful, though some time back, to get dlw-g122 e running (http://forums.freebsd.org/showthread.php?t=27123). However, I am somewhat successful in getting the dongle recognized by if_run.ko, though not to work as I would like to: dmesg gives then [...] ugen0.3: Ralink at usbus0 run0: Ralink 11g Adapter, class 0/0, rev 2.00/1.01, addr 3 on usbus0 run0: MAC/BBP RT3070 (rev 0x0201), RF RT2020 (MIMO 1T1R), address b8:a3:86:97:c1:ec ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded ieee80211_load_module: load the wlan_amrr module by hand for now. wlan0: Ethernet address: b8:a3:86:97:c1:ec run0: firmware RT2870 ver. 0.236 loaded wlan0: ieee80211_new_state_locked: pending RUN - SCAN transition lost wlan: mac acl policy registered I have no explanation for the multiple occurrences, I have been trying for some time now, though. After sudo ifconfig wlan0 create wlandev run0 wlanmode hostap sudo ifconfig wlan0 inet 192.168.3.1 netmask 255.255.255.0 ssid bsdap channel - I get run0: flags=8a43UP,BROADCAST,RUNNING,ALLMULTI,SIMPLEX,MULTICAST metric 0 mtu 2290 ether b8:a3:86:97:c1:ec nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether b8:a3:86:97:c1:ec inet6 fe80::baa3:86ff:fe97:c1ec%wlan0 prefixlen 64 scopeid 0xb inet 192.168.3.1 netmask 0xff00 broadcast 192.168.3.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: IEEE 802.11 Wireless Ethernet autoselect mode 11g hostap status: running ssid bsdap channel 1 (2412 MHz 11g) bssid b8:a3:86:97:c1:ec regdomain ETSI country DE authmode OPEN privacy OFF deftxkey 2 TKIP 2:128-bit TKIP 3:128-bit txpower 30 scanvalid 60 protmode CTS wme dtimperiod 1 -dfs This looks quite reasonable to me, however, I have been unsuccessful so far to get the ssid bsdap to appear on any scan done from the prospective clients (one 9-stable notebook, two Linux notebooks and one Nexus S android). Does anyone have an idea what is left to try or should I give up and look for another solution to build a wireless-capable router? Thanks in advance, cheers and have a nice weekend, -- Christopher TZ GMT + 2h ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org OK, update on the situation: I can get wlan to work in AP-mode, I must not enable WPA, though. Having enabled hostapd for one time kills my wlan and requires a complete reboot. This situation is somewhat better than what I thought before, i.e., if_run supports dlink dwl-122 e1. However, I really need to secure my wireless network. Can anybody point me in a direction where to look for that hostapd issue? Thanks, cheers, Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zpool creation on geli failed with FreeBSD-9.0
On Tue, 10 Apr 2012 08:13:36 +1000 Da Rock freebsd-questi...@herveybayaustralia.com.au wrote: On 04/10/12 02:07, Christopher J. Ruwe wrote: I was trying to install FreeBSD 9.0 using a geli encrypted disk and ZFS on my ThinkPad R500 this weekend. I failed. Having sucessfully initialized the geli part and having attached the provider, my attempt to create a zpool on the geli section thus $ zpool create ntank /dev/ada0p2.eli failed with the message Cannot create 'ntank': invalid argument for this pool operation. I could not convince the system to create the zpool on the geli part, so I gave up and created the zpool on the unencrypted partition instead to have a working machine for the week. I would, however, like to have my data on an encrypted partition though. Has anyone witnessed and resolved this issue or does anyone have other ideas? Someone using ZFS will be able to verify this, but from my understanding ZFS runs on the hardware and you can *possibly* put geli on top of ZFS. You can put geom on ZFS but not the other way around. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I had a zpool on a geli on FreeBSD-8.0 to 8.2 and 8-stable. I opted for a complete reinstall of 9.0 instead of upgrading due to issues with xmonad, which I did not understand then. I am furious at my decision now that I have seen that a update would possibly have been much easier than to reinstall, had I at that time understood what was causing problems with xmonad. Cheers, Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
zpool creation on geli failed with FreeBSD-9.0
I was trying to install FreeBSD 9.0 using a geli encrypted disk and ZFS on my ThinkPad R500 this weekend. I failed. Having sucessfully initialized the geli part and having attached the provider, my attempt to create a zpool on the geli section thus $ zpool create ntank /dev/ada0p2.eli failed with the message Cannot create 'ntank': invalid argument for this pool operation. I could not convince the system to create the zpool on the geli part, so I gave up and created the zpool on the unencrypted partition instead to have a working machine for the week. I would, however, like to have my data on an encrypted partition though. Has anyone witnessed and resolved this issue or does anyone have other ideas? Thanks for your help, cheers, -- Christopher J. Ruwe TZ GMT + 2h ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: CUPS 1.5.2 not working, like to test 1.4.x, how?
On Tue, 21 Feb 2012 00:23:19 +0100 Polytropon free...@edvax.de wrote: On Mon, 20 Feb 2012 23:46:52 +0100, Christopher J. Ruwe wrote: Is there any documentation available on how to retrieve old ports from the cvs-attic? I just don't know how, so that I could test my assumption that CUPS 1.4.x should be working for my setup. There's a port to do so: portdowngrade. You can use it to obtain older versions of a port. (I've been using it successfully to downgrade xzgv to a working version.) Thanks a lot. In my case, it meant finding out that you have to rebuild INDEX, downgrading the cups-base and cups-client port to 1.4.8 and then rebuidling the chain. Boiled down to 5m of actual work and some more waiting for the compile ... I have now cups 1.4.8 and am functional with a Kyocera 1030D connected via usb. So, thank you again, hava a nice week, cheers -- Christopher TZ GMT +1h ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
CUPS 1.5.2 not working, like to test 1.4.x, how?
I am trying to get CUPS 1.5.2 from ports working with my printer and I encounter a problem exactly like a bug described in http://www.cups.org/str.php?L4008, albeit with a Kyocera 1030-D instead of a kyocera 2000. In essence, CUPS 1.5.+ is sending corrupted data to some printers and the remedies suggested by the CUPS-people do not work ... not in his case and neither in mine. As I cannot get CUPS 1.5.2 to work, I would like to test my assumption of a buggy 1.5.+ with an older version, preferably 1.4.8 which I have in a working state with that printer on a Solaris machine. Is there any documentation available on how to retrieve old ports from the cvs-attic? I just don't know how, so that I could test my assumption that CUPS 1.4.x should be working for my setup. Thanks and cheers, -- Christopher TZ GMT + 1h signature.asc Description: PGP signature
Re: Virtualization manager suggestions
On Wed, 30 Nov 2011 08:57:12 -0600 Ryan Coleman edi...@d3photography.com wrote: Guys, My day job is looking for a good VM lead and I thought of you. Well, ok, I thought you could get me some good leads. We're looking into an alternative to VMWare vSphere 5, one that will run under whatever OS (we're not sold to Windows for our base configuration) and will support any OS on top of it (BSD, Linux, Windows, etc.). Links to whitepapers and pricing (if applicable) would also be appreciated. We're going to utilize most of this machine to run various video surveillance solutions but will also reserve some smaller slices for our network communications (DNS, DHCP, ipTables, Nagios, etc.). Thanks! -- Ryan___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org You might consider having a look at KVM on OpenIndiana, the Illumos based OpenSolaris distro. Another thought could be the Joyent cloud computing flavour of KVM on Illumos/OpenSolaris, SmartOS. Positive about such a setup is that you could enjoy the storage flexibility of ZFS. Cheers, -- Christopher J. Ruwe TZ GMT + 1 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [OT] but concerns all of us
On Thu, 17 Nov 2011 12:56:06 -0500 Jerry je...@seibercom.net wrote: On Thu, 17 Nov 2011 10:17:50 -0700 Chad Perrin articulated: Copyright infringement is copyright infringement -- and not theft -- no matter how hyperbolic your choice of phrasing. Castigate people for the unlawful act of copyright infringement if you want to, but please do not conflate two separate bodies of law by equating one illegal act with another. This abuse of terms is largely the fault of media conglomerates and their lobbying organizations (e.g. the RIAA and MPAA). The more you repeat these abuses of terminology, the more they are emboldened; I think it was the RIAA representative at the SOPA hearing yesterday who literally equated copyright infringement with *murder*. Don't be like that jackass. Yes, you must be one of those scumbags that pilfers the property or intellectual rights of others sans payment or having acquired the legal rights to the property and then tries to hide behind some pseudo Divine-Right bullshit. You can fool yourself into believing that running someone over with a car and killing them is Vehicular manslaughter and not 1st degree murder; however, that does not change one iota the simple fact that the victim is dead. You can try an justify your illegal actions all you want; criminal attorneys make a living out of doing it in court everyday of the week. It amazes me how scumbags constantly attempt to justify their illegal actions. The simple fact is that a thief is a thief no matter how you try and sugar coat it. Now go back and play your pirated music, etcetera. I am sure you have all ready justified that practice to yourself. For christ's sake stop your crusade, please. I do not know if and if, who hurt you, but that issue is certainly not adressed by accusing possibly, or better, almost certainly, innocent people of illegal and/or criminal actions. Civil liberties are a protection of citizens against their state. Should you entertain the notion that states are by their very nature trustworthy, have a look at some failed states in the recent eighty years. States are represented by human beings who do, more often than one would wish to, succumb to the temptation of crime themselves. Should you require something more illustrating, viz., not theoretical, I fullheartedly suggest reading a most outstanding author, Aleksandr Isayevich Solzhenitsyn, Archipelago Gulag. You might develop a more moderate approach to that libertinistic scumbags who demand protection from legislation which is increasingly becoming a loose cannon on the deck. BTW, using increasingly foul language against arguments people of different persuasion make is a telltale sign ... of Chekism. Feel free to stand for your point and oppose other's, but do that reasonably and respectfully. -- Christopher J. Ruwe TZ GMT + 1 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Not found slim
On Wed, 2 Nov 2011 17:15:56 -0300 Zantgo zan...@gmail.com wrote: I install slim and xfce4, and I put slim in the boot, when the system booting, everything works fine when login screen appears I can not type slim or move the mouse, which is the problem? My prime suspect would dbus not running. Had something similar and resolved it with dbus. Cheers, -- Christopher J. Ruwe TZ GMT + 1 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Fast personal printing _without_ CUPS
On Fri, 28 Oct 2011 17:54:01 -0400 Jerry je...@seibercom.net wrote: On Fri, 28 Oct 2011 16:35:20 -0500 (CDT) Robert Bonomi articulated: On Fri, 28 Oct 2011 16:04:19 -0400, Jerry je...@seibercom.net pontificated: I buy my cars from known corporations and not the local chop-shop. My drugs come form known pharmaceutical corporations and not the local pusher. I like my device specific codes to come from those best able to supply them, the OEM. I am just going to reply to this one point because it is where you(sic) entire argument breaks down. That attitude is entirely acceptable for _your_ decision making. Asserting that nobody else shoul(sic) have any other alternatives to what you think is 'acceptable' is downright fascist. Who, or is it whom you choose to be your supplier is entirely a decision you have to make based on your needs and desires. My point is that anyone offering such products should be to some degree held legally responsible to their worth. A Fly by Night operation is totally unacceptable to me. If you find it acceptable then so be it. Remember the adage: You get what you pay for. By the way, calling me a Fascist when a significant number of users of Open Source are socialist is rather funny. From a point of view a political sciences theorist might assume, fascism and socialism are not that far apart. Both need to abolish individual liberties quite soon. Which is what you seem to claim ... abolish the right of the individual to make contracts based on his/her terms. BTW, I do not believe that many open source users would accept a serious decline of their civil and legal liberty. So I do not believe many are really more than cherry-picking socialists, even if calling oneself socialist is somehow en vogue. We could debate anarchism, though, ... ;-) -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: trying to learn systems programming, fear I have not understood and thus messed up
On Fri, 21 Oct 2011 18:53:33 +0200 Christopher J. Ruwe c...@cruwe.de wrote: [...] I have tried to follow the suggestion from the comment by modifiying the else-statement thus: } else { struct passwd *trgpwd; if (!(trgpwd = GETPWNAM(arg-val))) errx(EX_DATAERR, User %s does not exist, arg-val); if (strcmp(a_name-val,root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if (strcmp(trgpwd-pw_name, root) == 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); pwd-pw_uid = (uid_t) (trgpwd-pw_uid); edited = 1; } What happens is not what I intended. I invoke as sudo ./pw usermod testuser1 -u testuser2. I can get testuser2's pwd-entry by GETPWNAM allright, but when I assign the pw_uid, so as to make testuser2's uid the same as testuser1's and imgaining to retain all other values, ./pw reports pw: user 'testuser2' disappeared during update and the testuser2's /etc/passwd entry is replaced by testuser1's. I fear I have not understood GETPWNAM correctly, as it seems to replace the struct pwd as some sort of sideeffect. I could manually set all pwd-members to the correct ones (those of testuser2), but I fear that I have messed something up beforehand. I am grateful for any suggestions and/or correction. It seems I have indeed not understood GETPWNAM correctly. I have worked out a method which works by calling GETPWNAM twice: else { /* * operation as follows: * a_name-val is passed as usermod uname * arg-val is passed as -u uname * * first check if we do someting stupid, i.e., want * to set root uid to some other users uid or * to set some user accout's uid to root uid. * then get pwd to that of uname passed as -u uname. * store uid from that pwdent. * get pwd to that of uname passed as usermod uname * change uid of that latter uid to the one stored */ if(strcmp(a_name-val,root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if(strcmp(arg-val, root) == 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); if(!(pwd = GETPWNAM(arg-val))) /* -u uname*/ errx(EX_DATAERR, User %s does not exist, arg-val); int alias_uid = pwd-pw_uid; if(!(pwd = GETPWNAM(a_name-val))) /*usermod uname*/ errx(EX_DATAERR, User %s does not exist, a_name-val); pwd-pw_uid = (uid_t) alias_uid; warnx(User %s's uid changed to %d, pwd-pw_name, pwd-pw_uid); edited = 1; } As I stil do not know why the latter variant of my code worked and the former does not, I would still appreciate any comment or explanation which would help me understanding GETPWNAM and getpwnam. Thanks and cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: trying to learn systems programming, fear I have not understood and thus messed up
On Sat, 22 Oct 2011 16:45:08 +0200 Fabian Keil freebsd-lis...@fabiankeil.de wrote: Christopher J. Ruwe c...@cruwe.de wrote: On Fri, 21 Oct 2011 18:53:33 +0200 Christopher J. Ruwe c...@cruwe.de wrote: [...] I have tried to follow the suggestion from the comment by modifiying the else-statement thus: } else { struct passwd *trgpwd; if (!(trgpwd = GETPWNAM(arg-val))) errx(EX_DATAERR, User %s does not exist, arg-val); if (strcmp(a_name-val,root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if (strcmp(trgpwd-pw_name, root) == 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); pwd-pw_uid = (uid_t) (trgpwd-pw_uid); edited = 1; } What happens is not what I intended. I invoke as sudo ./pw usermod testuser1 -u testuser2. I can get testuser2's pwd-entry by GETPWNAM allright, but when I assign the pw_uid, so as to make testuser2's uid the same as testuser1's and imgaining to retain all other values, ./pw reports pw: user 'testuser2' disappeared during update and the testuser2's /etc/passwd entry is replaced by testuser1's. I fear I have not understood GETPWNAM correctly, as it seems to replace the struct pwd as some sort of sideeffect. I could manually set all pwd-members to the correct ones (those of testuser2), but I fear that I have messed something up beforehand. I am grateful for any suggestions and/or correction. It seems I have indeed not understood GETPWNAM correctly. I have worked out a method which works by calling GETPWNAM twice: else { /* * operation as follows: * a_name-val is passed as usermod uname * arg-val is passed as -u uname * * first check if we do someting stupid, i.e., want * to set root uid to some other users uid or * to set some user accout's uid to root uid. * then get pwd to that of uname passed as -u uname. * store uid from that pwdent. * get pwd to that of uname passed as usermod uname * change uid of that latter uid to the one stored */ if(strcmp(a_name-val,root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if(strcmp(arg-val, root) == 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); if(!(pwd = GETPWNAM(arg-val))) /* -u uname*/ errx(EX_DATAERR, User %s does not exist, arg-val); int alias_uid = pwd-pw_uid; if(!(pwd = GETPWNAM(a_name-val))) /*usermod uname*/ errx(EX_DATAERR, User %s does not exist, a_name-val); pwd-pw_uid = (uid_t) alias_uid; warnx(User %s's uid changed to %d, pwd-pw_name, pwd-pw_uid); edited = 1; } As I stil do not know why the latter variant of my code worked and the former does not, I would still appreciate any comment or explanation which would help me understanding GETPWNAM and getpwnam. I'm not familiar with the code you're working with, but according to the man page getpwnam() isn't thread safe so you probably shouldn't mess with the returned pointer in the first place and only treat the one returned by the last call as valid. Did you try using getpwnam_r() instead? Fabian You are quite right, GETPWNAM() is a macro to getpwnam(), which is not thread safe. GETPWNAM() is called throughout the code of pw and pw itself is not threaded, so it should not matter whether the functions called are thread-safe or not. I am not completely sure on my last statement though. Do you have other experience regarding this topic? Anyways, thanks and cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
trying to learn systems programming, fear I have not understood and thus messed up
To improve on my C and to learn something about systems programming, I have begun to pick out bite-size bits from the bin-PRs. Currently, I am dispairing about bin/149972, which is about 1) adding error handling to pw being invoced pw -u username and 2) trying to get a uid from the (incorrectly) passed username. Currently, I cannot accomplish want I wanted to do, so I turn here for hints or help. Three developers which I have failed to reach by mail (gpf@, kibab@, bcr@) have added the necessary code if ((arg = getarg(args, 'u')) != NULL) { if(isdigit((unsigned char)*arg-val)) { pwd-pw_uid = (uid_t) atol(arg-val); edited = 1; if (pwd-pw_uid != 0 strcmp(pwd-pw_name, root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if (pwd-pw_uid == 0 strcmp(pwd-pw_name, root) != 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); } else { /* Found something, but not a number */ /* * XXX Shouldn't we try to map the passed string to the username? * man page however says that we're expecting numeric uid... */ errx(EX_DATAERR, Expected numeric user id as an argument to -u\n); } } I have tried to follow the suggestion from the comment by modifiying the else-statement thus: } else { struct passwd *trgpwd; if (!(trgpwd = GETPWNAM(arg-val))) errx(EX_DATAERR, User %s does not exist, arg-val); if (strcmp(a_name-val,root) == 0) errx(EX_DATAERR, can't change uid of `root' account); if (strcmp(trgpwd-pw_name, root) == 0) warnx(WARNING: account `%s' will have a uid of 0 (superuser access!), pwd-pw_name); pwd-pw_uid = (uid_t) (trgpwd-pw_uid); edited = 1; } What happens is not what I intended. I invoke as sudo ./pw usermod testuser1 -u testuser2. I can get testuser2's pwd-entry by GETPWNAM allright, but when I assign the pw_uid, so as to make testuser2's uid the same as testuser1's and imgaining to retain all other values, ./pw reports pw: user 'testuser2' disappeared during update and the testuser2's /etc/passwd entry is replaced by testuser1's. I fear I have not understood GETPWNAM correctly, as it seems to replace the struct pwd as some sort of sideeffect. I could manually set all pwd-members to the correct ones (those of testuser2), but I fear that I have messed something up beforehand. I am grateful for any suggestions and/or correction. -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: Turning system accounting data into money
On Tue, 11 Oct 2011 16:06:19 +0200 Polytropon free...@edvax.de wrote: This is _not_ a spam message trying to sell something stupid to the list. I'm just searching for a solution to turn consumed computing resources into a number and a currency symbol. :-) Reason: A growing amount of (my) customers seems to like this concept: They speed a low fee for access to systems and applications, and they want to pay according to what they did with that system. The access fee covers access and some basic services (backup quota), and for anything more advanced they want to be charged per units used, or per consumed resources. This can be dialog time (SSH), disk I/O, disk occupied, pages printed (can happen) or pages required to print on exceptional specific forms (can happen once or twice a year and is charged with an additional fee for fold, staple mutilate). Sounds stupid? I have _real_ customers intendedly requesting that payment model (instead of just pay amount n Euro a month and do whatever you like). Accidentally, I remembered history. So I thought: This funcitonality has been present on UNIX systems for many decades. But _how_ to use it? I know there's the command set for accounting, for example the ac command. But what does its output total 7264.15 mean? There also are acct (process accounting), sa (for system accounting) and pac (for printer accounting, just dooesn't seem to work with CUPS). I'd also like to use the /etc/csh.logout resp. ~/.logout mechanism. When a user logs in, he will be presented the program he uses (or a menu, in case he uses different ones). This can also be a regular remote desktop session. When he logs out, a message should be displayed that informs him how much will be charged for the session. At the end of the month, he should get an invoice with the proper accumulated amount. For example, if a user wishes to issue a make a backup _now_, because I intendedly want _this_ current state backed up _now_, this will be seen as additional I/O load and disk occupation (because it's handled aside of the regular backup runs that should be part of the basic package charged with the conneciton fee). Or as I said, he issues printing for stuff he cannot print at home, so he will be charged for 500 pages. And in case he transfers 10 GB data in, and 10 GB data out, he will be charged for that traffic, as well as for the I/O. The sessions in questions will be SSH sessions (text mode) as well as SSH/X sessions (remote desktops). Maybe someone already uses something similar he wants to share? Suggestions and inspirations are welcome. Cannot be of any direct help, but ... You remember that 'astronomer chases hacker on Berkely computer systes'- novel, Cliff Stoll: The Cookoo's Egg? If not, try wikipedia. As an aside, I was told that at some universities' CS-classes, it is required lecture. In that novel, user's departments where charged according to resources spent on the university's computers and the main figure was tasked to find out about a 0.75$ accounting error and found a hacker instead. The system in the novel was a Berkeley Unix. So, systems that do what you want (and customers who want to pay on a per use basis) must be around for quite some time. The novel is copyrighted 1989, I cannot track when the real event circling around a certain Markus Hess, cf. also wikipedia, took place. My guess about the system is 4.3BSD Tahoe or earlier 4.3BSD. Cheers, -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to get ip address automatically from different dhcp server
On Fri, 12 Aug 2011 11:46:34 +0800 dave jones s.dave.jo...@gmail.com wrote: I rearrange your mail and post bottom to enable others to have a look. On Thu, Jul 28, 2011 at 4:30 AM, Christopher J. Ruwe wrote: On Wed, 27 Jul 2011 10:49:42 +0800 dave jones s.dave.jo...@gmail.com wrote: Hi, I cat get an IP address from dhcp server by adding the line in /etc/rc.conf: ifconfig_em0=DHCP If I move my laptop to another place, I have to manually run dhclient em0 to get an IP. Otherwise, it won't get an IP automatically. My question is it's possible to get ip address automatically from different dhcp server? thanks. Regards, Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Have a look at /etc/devd.conf. Mine include a portion # # Try to start dhclient on Ethernet like interfaces when the link comes # up. Only devices that are configured to support DHCP will actually # run it. No link down rule exists because dhclient automaticly exits # when the link goes down. # notify 0 { match system IFNET; match type LINK_UP; media-type ethernet; action /etc/rc.d/dhclient quietstart $subsystem; }; # notify 0 { match system IFNET; match type LINK_DOWN; media-type ethernet; action /etc/rc.d/dhclient quietstop $subsystem ; ifconfig $subsystem inet 0.0.0.0; }; I am under the impression that this rule does what you want to do. Cheers, -- Christopher J. Ruwe TZ GMT + 2 Hi Christopher, Thanks for your solution. It does help a lot, but there's one problem. For example, DHCP server is not started for some reason and my computer's ethernet cable is plugged. Once dhcp server started, I can't get the IP unless I unplug and then plug the ethernet cable. Do you know how to solve this issue? Thank you. Regards, Dave. Ok. To check whether I understand what you are saying: Your computer is running, but an external DHCP-server is not. Your computer tries to get an IP from the external DHCP server, which is down, so dhclient is unsuccessful. You then kick the DHCP-server back to live and then you have to plug in and out to get an IP? Assuming I understand correctly, that is exactly what should happen. You see, normally DHCP-servers don't flood the network with Hello all dhclients, I am dhcp-server, please tell me if you need an IP, usually the opposite direction is in order as in hello dhcp-server, I am dhclient, I need an IP, please give me one. You now have two options: 1) You coerce a manual request be running dhclient. 2) You plug in and out, which runs dhclient as you have configured to do so in your devd.conf. Of course you can set the retry-time for dhclient (see `man dhclient`) to an absurldly low threshold, so you are saved doing the dhcp-discover-procedure manually. It is, however, dubious, whether you want to do so. It might be a smarter way to fix that DHCP-server of yours. Hope to have been of some help here, cheers -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to get ip address automatically from different dhcp server
On Wed, 27 Jul 2011 10:49:42 +0800 dave jones s.dave.jo...@gmail.com wrote: Hi, I cat get an IP address from dhcp server by adding the line in /etc/rc.conf: ifconfig_em0=DHCP If I move my laptop to another place, I have to manually run dhclient em0 to get an IP. Otherwise, it won't get an IP automatically. My question is it's possible to get ip address automatically from different dhcp server? thanks. Regards, Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Have a look at /etc/devd.conf. Mine include a portion # # Try to start dhclient on Ethernet like interfaces when the link comes # up. Only devices that are configured to support DHCP will actually # run it. No link down rule exists because dhclient automaticly exits # when the link goes down. # notify 0 { match system IFNET; match typeLINK_UP; media-type ethernet; action /etc/rc.d/dhclient quietstart $subsystem; }; # notify 0 { match system IFNET; match typeLINK_DOWN; media-type ethernet; action /etc/rc.d/dhclient quietstop $subsystem ; ifconfig $subsystem inet 0.0.0.0; }; I am under the impression that this rule does what you want to do. Cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Tue, 12 Jul 2011 00:25:38 +0400 Pan Tsu iny...@gmail.com wrote: Christopher J. Ruwe c...@cruwe.de writes: [...] In this setup, I should not have any problems. However, I do not realize (and very much doubt) that I changed anything in the order of the services (lacking the capability to deterministically do so, anyway). From rcorder I understand that all that is required to set rcorder right would be to change /etc/rc.d/zfs to include a REQUIRE: geli, so that my geli-encrypted volume would be unlocked before all zfs-datasets are mounted? Yep, or revert to default where rc.d/zfs depends on rc.d/mountcritlocal. $ svn co -qr223699 svn://svn.freebsd.org/base/stable/8/etc/rc.d $ rcorder rc.d/* | nl | sed /zfs/q 1 rc.d/hostid 2 rc.d/zvol 3 rc.d/dumpon 4 rc.d/ddb 5 rc.d/initrandom 6 rc.d/geli 7 rc.d/gbde 8 rc.d/encswap 9 rc.d/ccd 10 rc.d/swap1 11 rc.d/fsck 12 rc.d/root 13 rc.d/hostid_save 14 rc.d/mdconfig 15 rc.d/mountcritlocal 16 rc.d/zfs If so, what could be the reason that my rcorder-setup deviates from the standard and how could I coerce it back to standard? No idea. Try basic check with $ diff -ur /usr/src/etc/rc.d /etc/rc.d $ mergemaster $ mergemaster -s unless someone else can reproduce your issue. Please accept my apologies for replying so late, I was stuck up in work and could not find time to test this issue. Your proposed solution of reverting to the default setup worked as expected. My idea of adding a REQUIRE: geli to /etc/rc.d/zfs did not, although rcorder showed geli before zfs then. However, with my problem solved, I have no incentive to research why I deviated from default rc.d in the first place ... the only thing I am sure of is, that it was not intentionally. Anyhow, thank you for your help, it is really appreciated. -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 22:23:36 +0400 Pan Tsu iny...@gmail.com wrote: Christopher J. Ruwe c...@cruwe.de writes: [...] /etc/rc.d/zvol /etc/rc.d/zfs /etc/rc.d/dumpon /etc/rc.d/ddb /etc/rc.d/initrandom /etc/rc.d/geli /etc/rc.d/gbde /etc/rc.d/encswap /etc/rc.d/ccd /etc/rc.d/swap1 /etc/rc.d/fsck /etc/rc.d/root /etc/rc.d/hostid_save /etc/rc.d/mdconfig /etc/rc.d/mountcritlocal This makes sense to me and reflects the order I assumed in my description. The question remains, however, if my configuration is of any in {unusual, ..., stupid} as I require first zfs mount of /, then GELI-unlock and then zfs mount of {/usr,/usr/local, ...}. Do you mount the root pool over smth else? Otherwise, root should be mounted by kernel before init(8) is started. And /etc/rc.d doesn't exist before root is mounted. I mount root-pool via zfs_load=YES vfs.root.mountfrom=zfs:rpool/root in /boot/loader.conf. So far, all is right from what I understand. I think the correct order is 0 vfs_mountroot* .. 2 rc.d/zvol (pre v28) .. 6 rc.d/geli .. 15 rc.d/mountcritlocal 16 rc.d/zfs where extra datasets from the root pool can be mounted via fstab at rc.d/mountcritlocal time. Not sure if you import geli pool during boot or not and leak its configuration via zpool.cache. In this setup, I should not have any problems. However, I do not realize (and very much doubt) that I changed anything in the order of the services (lacking the capability to deterministically do so, anyway). From rcorder I understand that all that is required to set rcorder right would be to change /etc/rc.d/zfs to include a REQUIRE: geli, so that my geli-encrypted volume would be unlocked before all zfs-datasets are mounted? If so, what could be the reason that my rcorder-setup deviates from the standard and how could I coerce it back to standard? Thank you for your help so far, cheers -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Fw: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
Nearly a week ago I posted this question to freebsd-fs, but probalby my question is a) worded too complicatedly, b) not really a filesystem-issue or c) both. To rephrase: In setups requiring one or more ZFS-dataset to be mounted before another service is activated (GELI in my case) and the rest of the ZFS-datasets after that service is activated (because they require GELI), it seems to be necessary to add a `zfs mount -a` to mountcritlocal. Is this considered correct behaviour and wouldn't it make sense to add such a line to mountcritlocal in the standard setup? Thank you, cheers, -- Christopher J. Ruwe TZ GMT + 2 Begin forwarded message: Date: Tue, 5 Jul 2011 20:59:48 +0200 From: Christopher J. Ruwe c...@cruwe.de To: freebsd...@freebsd.org Subject: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included] I run my notebook under FreeBSD 8.2-stable, r223699. I have setup my disks with ZFS so that I boot from a very small rpool and mount datasets, among these /usr from another pool configured on top of an AES encrypted GELI. When installing a new world using this setup, it is necessary to manually adapt /etc/rc.d/mountcritlocal, mountcritlocal_start() to do a zfs mount -a. Failing to do so causes my rootpool to be mounted (which follows from rc.conf), then the GELI volume to be unlocked. After this, the boot routine hangs, as /usr (which resides) on the encrypted vol, which is not mounted, as the canonical zfs mounts are mounted before GELI. I cannot imagine that I am the only one to run ZFSes on an encrypted GELI volume. Am I booting this setup in an inadvisable way, so that I need to run into problems? If not, then it might be an idea to include a zfs mount -a in mountcritlocal in the canonical rc.d-setup. Am I getting this right or could you please comment? Thank you, cheers, -- Christopher J. Ruwe TZ GMT + 2 *** /usr/src/etc/rc.d/mountcritlocal 2011-06-30 21:37:46.097575355 +0200 --- /etc/rc.d/mountcritlocal 2011-07-01 18:03:43.518493334 +0200 *** *** 36,41 --- 36,42 done mount_excludes=${mount_excludes%,} mount -a -t ${mount_excludes} + zfs mount -a err=$? check_startmsgs echo '.' ___ freebsd...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-fs To unsubscribe, send any mail to freebsd-fs-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 16:38:43 +0400 Pan Tsu iny...@gmail.com wrote: Christopher J. Ruwe c...@cruwe.de writes: Nearly a week ago I posted this question to freebsd-fs, but probalby my question is a) worded too complicatedly, b) not really a filesystem-issue or c) both. To rephrase: In setups requiring one or more ZFS-dataset to be mounted before another service is activated (GELI in my case) and the rest of the ZFS-datasets after that service is activated (because they require GELI), it seems to be necessary to add a `zfs mount -a` to mountcritlocal. Is this considered correct behaviour and wouldn't it make sense to add such a line to mountcritlocal in the standard setup? [...] Have you tried to set zfs_enable=YES in rc.conf? Based on rcorder(8) output rc.d/zfs should come just after rc.d/mountcritlocal. zfs_enable=YES is set. rcorder gives curious output, so maybe my etcs are wrong? $ rcorder /etc/rc.d/zfs rcorder: file `/etc/rc.d/zfs' is before unknown provision `mountlate' /etc/rc.d/zfs $ rcorder /etc/rc.d/mountcritlocal rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has no providers. /etc/rc.d/mountcritlocal However, I fear I have not made my intent clear. My boot-sequence should be as follows (intermittent steps left out): 1) mount zfs root-fs, which is on plain standard zpool A 2) unlock another, GELI-encrypted zpool B 3) mount all other fs (/usr,...), which reside on zpool B What my system does is first to mount the fs on zpool A, then GELI-unlock and then halt because the contents of /usr are not accessible (yet) What I want my system to do is to first mount root, then unlock GELI and then mount all other remaining fs on zpool B. I could either mount all remaining zfs'es in mountcritlocal, which requires another line there, which I have added locally as put in my patch. I cannot shift the order so that GELI-unlock comes first, because my keys for GELI reside on /boot, which resides on zpool A. So, is my setup anything from unfortunate to plain stupid or is mountcritlocal missing a statement catering for such cases as I described? Thank you for your help, cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: zpool-zfs'es on a GELI-encrypted volume are not mounted at boot [patch included]
On Sun, 10 Jul 2011 07:50:44 -0700 Jeremy Chadwick free...@jdc.parodius.com wrote: On Sun, Jul 10, 2011 at 04:05:04PM +0200, Christopher J. Ruwe wrote: On Sun, 10 Jul 2011 16:38:43 +0400 Pan Tsu iny...@gmail.com wrote: Christopher J. Ruwe c...@cruwe.de writes: Nearly a week ago I posted this question to freebsd-fs, but probalby my question is a) worded too complicatedly, b) not really a filesystem-issue or c) both. To rephrase: In setups requiring one or more ZFS-dataset to be mounted before another service is activated (GELI in my case) and the rest of the ZFS-datasets after that service is activated (because they require GELI), it seems to be necessary to add a `zfs mount -a` to mountcritlocal. Is this considered correct behaviour and wouldn't it make sense to add such a line to mountcritlocal in the standard setup? [...] Have you tried to set zfs_enable=YES in rc.conf? Based on rcorder(8) output rc.d/zfs should come just after rc.d/mountcritlocal. zfs_enable=YES is set. rcorder gives curious output, so maybe my etcs are wrong? $ rcorder /etc/rc.d/zfs rcorder: file `/etc/rc.d/zfs' is before unknown provision `mountlate' /etc/rc.d/zfs $ rcorder /etc/rc.d/mountcritlocal rcorder: requirement `root' in file `/etc/rc.d/mountcritlocal' has no providers. /etc/rc.d/mountcritlocal You're using rcorder wrong here. rcorder /etc/rc.d/* will get you what you're looking for. Yes, literally an asterisk. I see. Thank you. That gives me (I skip the rest after mountcritlocal) /etc/rc.d/zvol /etc/rc.d/zfs /etc/rc.d/dumpon /etc/rc.d/ddb /etc/rc.d/initrandom /etc/rc.d/geli /etc/rc.d/gbde /etc/rc.d/encswap /etc/rc.d/ccd /etc/rc.d/swap1 /etc/rc.d/fsck /etc/rc.d/root /etc/rc.d/hostid_save /etc/rc.d/mdconfig /etc/rc.d/mountcritlocal This makes sense to me and reflects the order I assumed in my description. The question remains, however, if my configuration is of any in {unusual, ..., stupid} as I require first zfs mount of /, then GELI-unlock and then zfs mount of {/usr,/usr/local, ...}. Anyhow, thanks for setting me up on the proper usage of rcorder. Cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: unable to reach bsd-lists via mail [solved]
Thank you all for your kind help. The problem was apparently, that the HELO message of my postfix server did not match the rDNS. Thanks again, cheers, -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: unable to reach bsd-lists via mail
On Sun, 19 Jun 2011 13:13:22 +0100 Paul Macdonald p...@ifdnrg.com wrote: On 19/06/2011 13:03, Bernt Hansson wrote: 2011-06-19 08:22, Matthew Seaman skrev: On 18/06/2011 23:29, Christopher J. Ruwe wrote: The mailer answers 220 mail.cruwe.de ESMTP Postfix when telnet'ed, so I guess that is what the mailer returns as hostname. I did not know about that DNS/rDNS issue ... You need the name your mail server HELOs as to resolve both forwards and reverse --- No. Our mailserver does not resolve DNS/rDNS and I can send mail without problems to freebsd.org. reverse dns is definately a good thing to have in place if you want your mail to be accepted by remote MTA's. I didn't see the OP post an error message in this thread, that would be a good place to start. Thanks for all the effort ... somehow, posting an error message was the *one* thing I forgot: Jun 19 14:23:37 mail postfix/smtp[9416]: CE6A019C50: to=freebsd-t...@freebsd.org, relay=mx1.freebsd.org[69.147.83.52]:25, delay=944, delays=943/0.03/0.86/0.19, dsn=4.7.1, status=deferred (host mx1.freebsd.org[69.147.83.52] said: 450 4.7.1 Client host rejected: cannot find your hostname, [188.40.164.98] (in reply to RCPT TO command)) Thanks again, cheers -- Christopher J. Ruwe TZ GMT + 2 -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: unable to reach bsd-lists via mail
On Sun, 19 Jun 2011 14:12:46 +0100 Paul Macdonald p...@ifdnrg.com wrote: Thanks for all the effort ... somehow, posting an error message was the *one* thing I forgot: Jun 19 14:23:37 mail postfix/smtp[9416]: CE6A019C50: to=freebsd-t...@freebsd.org, relay=mx1.freebsd.org[69.147.83.52]:25, delay=944, delays=943/0.03/0.86/0.19, dsn=4.7.1, status=deferred (host mx1.freebsd.org[69.147.83.52] said: 450 4.7.1 Client host rejected: cannot find your hostname, [188.40.164.98] (in reply to RCPT TO command)) Thanks again, cheers I'm not that familiar with postfix, but the issue does look rdns related. Under sendmail, on hosts with multiple names you have to make sure the hostname it uses to make the connection is the one that all your reverse dns is setup for. (your rdns does resolve backwards and forwards , but the ptr cruwe.de is possibly not what your mail server advertises its hostname with ( not neccesarily the same when you telnet in the make an incoming conn). #dig -x 188.40.164.98 +short cruwe.de If you mail me direct i can tell you what hostname i see, thats the one i'd try adding the rdns for. Paul. I have asked my provider to set rDNS for 188.40.164.98 to cruwe.de, which he has, and changed the $myhostname to cruwe.de (was mail.cruwe.de before). Currently, I am waiting for DNS to permeate to the caches and will try with freebsd-test@ again tomorrow. Thanks again, -- Christopher J. Ruwe TZ GMT + 2 -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: problem report bin/157732
with a question to Robert Watson rwat...@freebsd.org or FreeBSD Security Team sect...@freebsd.org Thanks for that hint. Cheers, -- Christopher J. Ruwe TZ GMT + 2 -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
problem report bin/157732, patch included
Currently, I have issues mailing to *@freebsd.org, so please reply to c...@cruwe.de. I have started looking at FreeBSD bug reports recently to improve my skills in C, to learn more about operating systems which I am concentrating on at university and, at some point, contribute should my abilities permit (tired of being consumer of other's work only). I am not entirely sure I am addressing the right list, setting my issue on the right track will be much appreciated, ;-) I have analysed http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/157732 as an excercise and found a hard string limit to be encoded into traceroute.c, checking whether the hostname passed to traceroute is longer than 64 (traceroute line 1621, cf. http://fxr.aydogan.net/xref/src/contrib/traceroute/traceroute.c#1621). The same code can be found in NetBSD and probably some more programs, as traceroute appears to be rather old code (Tue Dec 20 03:50:13 PST 1988 according to comment). Reading futher, I noticed, that inet_addr() was used to get IP from the hostname. I have not found any resources hinting that inet_addr() was not able to deal with hostnames longer than 64. although there is a report of a tracesroute (similar?) that could produce buffer overflows with long hostnames. Experimentally, I have removed the offending lines, compiled a world and ran the new traceroute with the example Igor free...@str.komkon.org provided, i.e., ./playworld/usr/sbin/traceroute hlfxns0188w-099192079201.pppoe-dynamic.high-speed.ns.bellaliant.net traceroute to hlfxns0188w-099192079201.pppoe-dynamic.high-speed.ns.bellaliant.net (99.192.79.201), 64 hops max, 52 byte packets 1 speedport.ip (192.168.2.1) 0.419 ms 0.442 ms 0.442 ms 2 217.0.118.104 (217.0.118.104) 37.232 ms 37.396 ms 36.645 ms 3 87.186.244.186 (87.186.244.186) 38.319 ms 38.672 ms 37.741 ms 4 d-ec1-i.D.DE.NET.DTAG.DE (62.154.43.134) 38.376 ms 217.239.37.150 (217.239.37.150) 38.495 ms d-ec1-i.d.de.net.dtag.de (62.154.43.134) 38.839 ms 5 194.25.211.130 (194.25.211.130) 56.736 ms 38.338 ms 38.484 ms 6 xe-8-1-0.was10.ip4.tinet.net (89.149.183.154) 134.724 ms xe-7-1-0.was10.ip4.tinet.net (89.149.183.150) 132.715 ms 133.687 ms 7 bell-aliant-regional-communications-gw.ip4.tinet.net (77.67.71.210) 131.050 ms 130.681 ms 129.450 ms 8 xe-5-1-0.cr02.hlfx.ns.aliant.net (207.231.227.5) 149.687 ms 150.815 ms xe-5-0-1.cr02.hlfx.ns.aliant.net (207.231.227.9) 163.629 ms 9 lag-2-84.88w.ba16.hlfx.ns.aliant.net (142.176.53.57) 152.538 ms 150.338 ms te-4-0-0-83.88w.ba16.hlfx.ns.aliant.net (142.176.53.41) 151.741 ms 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * *^C after which, as you can see, I aborted. The hostname looks like some dialup line host, which may or may not be online (and according to a ping, isn't). It can be seen, that the function called after that ominous 64 check, inet_addr(), returns what appears to be a valid ip. I can imagine several reasons for forbidding any hostnames 64, among others, limited resources on machines at the time of traceroute being written (1988) or, more importantly, security considerations similar to the buffer overflow issue I found on the net. I can find no issues regarding hostname-lenght in inet_addr(), though. As I am new to this kind of work, I still (and will probably for some time) need help. Can somebody advise me on if and if, where, to conduct further research on the nature of the ! 64 issue and if and if, how, to analyse possible security considerations of that !64 issue? Futhermore, should nobody have any ideas on my fix being dangerous or not, how can I have my fix reviewed more thoroughly (and possibly integrated)? Thank you for our help, have a nice weekend, cheers -- Christopher J. Ruwe TZ GMT + 2 -- Christopher J. Ruwe TZ GMT + 2--- /usr/src/contrib/traceroute/traceroute.c 2009-09-13 13:34:33.0 +0200 +++ /usr/home/chris/playsrc/contrib/traceroute/traceroute.c 2011-06-17 16:11:01.095616587 +0200 @@ -1625,11 +1625,11 @@ register char **p; register u_int32_t addr, *ap; - if (strlen(hostname) 64) { + /*if (strlen(hostname) 64) { Fprintf(stderr, %s: hostname \%.32s...\ is too long\n, prog, hostname); exit(1); - } + }*/ hi = calloc(1, sizeof(*hi)); if (hi == NULL) { Fprintf(stderr, %s: calloc %s\n, prog, strerror(errno)); ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
unable to reach bsd-lists via mail
I have a problem with my mail-server configuration so that mail sent will not reach any freebsd adresses. The solutions offered in similar mails already accessible via various archives did not help :-( I usually send mail from the domain cruwe.de with the mail-server mail.cruwe.de. My configration is as such, that $ host cruwe.de cruwe.de has address 188.40.164.98 cruwe.de mail is handled by 10 mail.cruwe.de. and $ host mail.cruwe.de mail.cruwe.de has address 188.40.164.98 mail.cruwe.de mail is handled by 10 mail.cruwe.de. Now, $ dig cruwe.de ; DiG 9.6.3 cruwe.de ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 32046 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;cruwe.de. IN A ;; ANSWER SECTION: cruwe.de. 300 IN A 188.40.164.98 ;; Query time: 73 msec ;; SERVER: 192.168.2.1#53(192.168.2.1) ;; WHEN: Sat Jun 18 17:51:14 2011 ;; MSG SIZE rcvd: 42 is right and [chris@dijkstra:~]$ dig -x 188.40.164.98 ; DiG 9.6.3 -x 188.40.164.98 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 40136 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;98.164.40.188.in-addr.arpa.IN PTR ;; ANSWER SECTION: 98.164.40.188.in-addr.arpa. 267 IN PTR cruwe.de. ;; Query time: 10 msec ;; SERVER: 192.168.2.1#53(192.168.2.1) ;; WHEN: Sat Jun 18 17:51:48 2011 ;; MSG SIZE rcvd: 66 seems to be OK. Does anyone have an idea what could be the issue? Thank you, cheers -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
unable to reach bsd-lists via mail
I have a problem with my mail-server configuration so that mail sent will not reach any freebsd adresses. The solutions offered in similar mails already accessible via various archives did not help :-( I usually send mail from the domain cruwe.de with the mail-server mail.cruwe.de. My configration is as such, that $ host cruwe.de cruwe.de has address 188.40.164.98 cruwe.de mail is handled by 10 mail.cruwe.de. and $ host mail.cruwe.de mail.cruwe.de has address 188.40.164.98 mail.cruwe.de mail is handled by 10 mail.cruwe.de. Now, $ dig cruwe.de ; DiG 9.6.3 cruwe.de ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 32046 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;cruwe.de. IN A ;; ANSWER SECTION: cruwe.de. 300 IN A 188.40.164.98 ;; Query time: 73 msec ;; SERVER: 192.168.2.1#53(192.168.2.1) ;; WHEN: Sat Jun 18 17:51:14 2011 ;; MSG SIZE rcvd: 42 is right and [chris@dijkstra:~]$ dig -x 188.40.164.98 ; DiG 9.6.3 -x 188.40.164.98 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 40136 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;98.164.40.188.in-addr.arpa.IN PTR ;; ANSWER SECTION: 98.164.40.188.in-addr.arpa. 267 IN PTR cruwe.de. ;; Query time: 10 msec ;; SERVER: 192.168.2.1#53(192.168.2.1) ;; WHEN: Sat Jun 18 17:51:48 2011 ;; MSG SIZE rcvd: 66 seems to be OK. Does anyone have an idea what could be the issue? Thank you, cheers -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: unable to reach bsd-lists via mail
On Sat, 18 Jun 2011 15:57:08 -0400 Daniel Staal dst...@usa.net wrote: On Saturday, June 18, 2011 11:53:57 AM Christopher J. Ruwe wrote: I have a problem with my mail-server configuration so that mail sent will not reach any freebsd adresses. The solutions offered in similar mails already accessible via various archives did not help :-( I usually send mail from the domain cruwe.de with the mail-server mail.cruwe.de. My configration is as such, that $ host cruwe.de cruwe.de has address 188.40.164.98 cruwe.de mail is handled by 10 mail.cruwe.de. and $ host mail.cruwe.de mail.cruwe.de has address 188.40.164.98 mail.cruwe.de mail is handled by 10 mail.cruwe.de. [snip] seems to be OK. Does anyone have an idea what could be the issue? Thank you, cheers What does you mailer return as the hostname? (Not the box on which your mailer is runing, but the mail server itself. Often it can be set seperately.) The FreeBSD lists are picky about having that match the DNS entries for your domain. Daniel T. Staal --- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I am not entirely sure what you mean with what the mailer returns as hostname. The setup is as such, that cruwe.de is a FreeBSD box and mail.cruwe.de is a jail on cruwe.de, to which the mail ports are forwarded by packet filter. Both cruwe.de and mail.cruwe.de are addressed with A records. The mailer answers 220 mail.cruwe.de ESMTP Postfix when telnet'ed, so I guess that is what the mailer returns as hostname. I did not know about that DNS/rDNS issue ... $ dig mail.cruwe.de ; DiG 9.4.3-P4 mail.cruwe.de ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2343 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;mail.cruwe.de. IN A ;; ANSWER SECTION: mail.cruwe.de. 168 IN A 188.40.164.98 ;; Query time: 1 msec ;; SERVER: 83.133.84.53#53(83.133.84.53) ;; WHEN: Sun Jun 19 00:15:13 2011 ;; MSG SIZE rcvd: 47 $dig -x 188.40.164.98 ; DiG 9.4.3-P4 -x 188.40.164.98 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 23225 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;98.164.40.188.in-addr.arpa.IN PTR ;; ANSWER SECTION: 98.164.40.188.in-addr.arpa. 57111 INPTR vs532.sys-central.de. ;; Query time: 1 msec ;; SERVER: 83.133.84.53#53(83.133.84.53) ;; WHEN: Sun Jun 19 00:16:08 2011 ;; MSG SIZE rcvd: 78 (The server is a rented virtual machine.) Am I right that I need to set the rDNS of 188.40.164.98 to mail.cruwe.de to make the freebsd.org servers accept my mail or that, should I set the rDNS to cruwe.de, I should make the mailer on mail.cruwe.de identify itself as cruwe.de instead of mail.cruwe.de? Anyway, thank you very much for your help, -- Christopher J. Ruwe TZ GMT + 2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how to concatenate 2 pdf files to 1?
On Thu, 28 Apr 2011 23:57:28 -0700 (PDT) Dino Vliet dino_vl...@yahoo.com wrote: Dear freebsd userlist, here an application type of question. I have two pdf files and want to make 1 out of them by concatenating them. Does anyone have an idea how to do that on unix/linux as I don't have the pdf editor from Adobe. So fileA.pd en fileB.pdf should become fileC.pdf (where C is A+B) Brgds Dino ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org You could also use pdfjoin from print/pdfjam. Cheers, -- Christopher J. Ruwe TZ GMT + 2 signature.asc Description: PGP signature
Re: xdm-options - non-bsd user needs bsd rc.d advice
On Thu, 03 Mar 2011 17:01:10 -0500 John D. Hendrickson and Sara Darnell johnandsa...@cox.net wrote: [snip] If anyone would like to quickly comment I'd love to hear why bsd would be a better choice than ubantu (for what audience it is better). Thanks all, John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Hi John, same with me as with Chad Perrin. Sadly, I cannot put my issue right and brief at the same time, so please excuse me being verbose. I started with Linux when being in high-school out of frustration of Windows forcing me to do things their way. After switching my entire environment to Suse Linux and after that to a version of RedHat, I quickly found out that I just switched to a different flavour of being forced to do things a certain way. When at university, I tried Gentoo Linux, learned a lot and solved problems my way. Having bought a notebook later on, I decided trying the then very much in vogue Ubuntu with a Xubuntu installation. Although satisfied with the very usable defaults, I was quickly unnerved by not being able to control things. Later, I tried OpenSolaris and FreeBSD and am now using FreeBSD due to the same reasons as Chad Perrin stated: Being a power-user, wanting to control things and (now diverting from Chad's reasons) wanting to use technology (most importantly ZFS) without being impeded for ideological reasons of viral GPLishness. So, same reasons here as with Chad Perrin, safe for an additionally and lately aquired GPL-allergy. @ Chad: Perhaps you might be happier being coerced to use a Linux with a GNU/Linux flavour like Gentoo or ArchLinux. I have never tried the latter, however, with Gentoo you are very much in control. Gentoo effectively forces you to do your own compiling via portage, so be prepared for a very long install. ArchLinux is to my knowledge binary based and might be quicker to install. Both Gentoo and ArchLinux have a reputation to put the user in charge. What drove me away from Gentoo apart from that GPL-flu was deteriorating quality of system tools. You install what is world in FreeBSD from portage in Gentoo, so when updating your portage, necessary system tools sometimes break. I was driven over the edge when some network-etc syntax changed without telling me and I lost my network connection as a result. I had something different in mind for the weekend and was just furious - so treat Gentoo with care. Cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: Best Laptop to buy for Freebsd Without OS?
I am typing on a Lenovo Thinkpad R500 running 8-stable, after (a very high quality) instruction installation by Yamagi Burmeister (http://www.bsdforen.de/showthread.php?s=e2db5256b283497ca371738ad34b7572t=24823). I am very happy with both FreeBSD and my notebook since I switched (unnerved) from Gentoo Linux to FreeBSD last year. -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: system clock running 2h early although ntpd enabled
On Fri, 11 Feb 2011 22:01:06 + RW rwmailli...@googlemail.com wrote: On Fri, 11 Feb 2011 12:13:43 -0800 David Brodbeck g...@gull.us wrote: On Fri, Feb 11, 2011 at 1:16 PM, Christopher J. Ruwe c...@cruwe.de wrote: Since some weeks my local clock runs two hours early. My /etc/localtime is a copy of /usr/share/zoneinfo/Europe/Berlin and I have set both ntpd_enable=YES and ntpd_sync_on_start=YES. ntpd has a sanity check -- if the clock is out by more than 1000 seconds it will give up. So you may have to manually set the clock to something close to correct before ntpd will handle it. Or pass ntpd the -g flag to disable the initial sanity check, That's what ntpd_sync_on_start=YES does. Which implies that you are booting. In my case, I normally suspend and resume, so that the ntpd_sync_on_start=YES does not really help. Thanks for the clarification anyway, I would not have known that part otherwise. Cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: system clock running 2h early although ntpd enabled
On Sat, 12 Feb 2011 11:42:19 + Matthew Seaman m.sea...@infracaninophile.co.uk wrote: On 11/02/2011 21:16, Christopher J. Ruwe wrote: Since some weeks my local clock runs two hours early. My /etc/localtime is a copy of /usr/share/zoneinfo/Europe/Berlin and I have set both ntpd_enable=YES and ntpd_sync_on_start=YES. My ntp.conf consists of server ntp1.ptb.de prefer server ntp2.ptb.de restrict default ignore restrict 127.0.0.1 Surely, I must be missing something. Does anybody have an idea? Sounds like your CMOS clock is set to local wallclock time, but you haven't got the /etc/wall_cmos_clock file. Or vice-versa: your CMOS clock is set to UTC, but you've got the wall_cmos_clock file. See adjkerntz(8) for details. The CMOS clock is what drives the time/date display shown in the system BIOS, and it's separate from the clock used for the system time when the OS is running. OK, thank you, that was indeed the case, i.e., the CMOS clock was set to local time. I do not know why, usually I set it to GMT, so I never did bother to check. Turned out I should have had this time. [snip] Personally, if the machine is dedicated to running FreeBSD (or FreeBSD and other unixoid OSes) I'd set the CMOS clock to UTC[*] It is now. Thanks and cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
system clock running 2h early although ntpd enabled
Since some weeks my local clock runs two hours early. My /etc/localtime is a copy of /usr/share/zoneinfo/Europe/Berlin and I have set both ntpd_enable=YES and ntpd_sync_on_start=YES. My ntp.conf consists of server ntp1.ptb.de prefer server ntp2.ptb.de restrict default ignore restrict 127.0.0.1 Surely, I must be missing something. Does anybody have an idea? Thanks and cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: system clock running 2h early although ntpd enabled
On Fri, 11 Feb 2011 12:13:43 -0800 David Brodbeck g...@gull.us wrote: On Fri, Feb 11, 2011 at 1:16 PM, Christopher J. Ruwe c...@cruwe.de wrote: Since some weeks my local clock runs two hours early. My /etc/localtime is a copy of /usr/share/zoneinfo/Europe/Berlin and I have set both ntpd_enable=YES and ntpd_sync_on_start=YES. ntpd has a sanity check -- if the clock is out by more than 1000 seconds it will give up. So you may have to manually set the clock to something close to correct before ntpd will handle it. Or pass ntpd the -g flag to disable the initial sanity check, if you're sure you trust your clock servers not to do something silly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Thanks to you both. My issue turned out to be a connection of the points you made. Thanks again and cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: the GIMP and Samba
On Wed, 5 Jan 2011 23:36:12 +0100 Polytropon free...@edvax.de wrote: Welcome to the glory of rapid application development and modern programming! :-) Somebody could write a letter to the ACM: Dynamic Linking Considered Harmful ... or sth in that vicinity -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: setting a random password with PAM API
On Wed, 05 Jan 2011 11:45:08 +0100 Dag-Erling Smørgrav d...@des.no wrote: Christopher J. Ruwe c...@cruwe.de writes: I am trying to implement the feature to set a random password like in BSD pw usermod -W in the Solaris passwd. Regrettably, I have not found or perhaps not understood the PAM API documentation on how to _inject a given string_ into the change-auth-token function pam_chauthtok(...), which always jumps in an interactive pw-changing loop. There is no reliable way to do that. You don't even know that there is such a thing as a password. DES Thank you very much for your answer, although I suspected so, I still hoped for another content. Kind regards, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: Portmaster general questions and problems
On Thu, 30 Dec 2010 10:59:49 + Thomas Mueller mueller6...@bellsouth.net wrote: Threads about portmaster and portupgrade status raise the question, what flags for portmaster are comparable to -R and -r for portupgrade? I might want to portupgrade a package and all its dependencies (-R), or less frequently, all packages that depend on the package to be portupgraded (-r). How would I do that using portmaster? I read both man pages many times. Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Hi Tom, I never gave it much thought, however, I am under the impression that portmaster does not require an explicit flag to do that. When installing some port, then I use portmaster -D /usr/port/some port path, the -D determining that I do not want to be prompted whether to retain the old distfiles or not, but to retain them (-d being the converse and deleting old distfiles). Using portmaster in the way described checks for dependencies and automagically updates them in case there are newer available. Cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
Re: Portmaster general questions and problems
On Thu, 30 Dec 2010 12:47:59 +0100 Christopher J. Ruwe c...@cruwe.de wrote: On Thu, 30 Dec 2010 10:59:49 + Thomas Mueller mueller6...@bellsouth.net wrote: Threads about portmaster and portupgrade status raise the question, what flags for portmaster are comparable to -R and -r for portupgrade? I might want to portupgrade a package and all its dependencies (-R), or less frequently, all packages that depend on the package to be portupgraded (-r). How would I do that using portmaster? I read both man pages many times. Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Hi Tom, I never gave it much thought, however, I am under the impression that portmaster does not require an explicit flag to do that. When installing some port, then I use portmaster -D /usr/port/some port path, the -D determining that I do not want to be prompted whether to retain the old distfiles or not, but to retain them (-d being the converse and deleting old distfiles). Using portmaster in the way described checks for dependencies and automagically updates them in case there are newer available. Cheers, Sorry for missing one part (the -r) of your question ... how does [-R] -r name/glob of port directory in /var/db/pkg rebuild the specified port, and all ports that depend on it in the portmaster man page sound to you and does it do what you a requiring? cheers, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature
setting a random password with PAM API
Hi, First, I'd like to apologise for my choice of lists to post to ... the question is more PAM-specific than FreeBSD, but the idea comes from BSD, so I hope someone will have an idea or knows where to turn to (and I don't know where to turn else). I am trying to implement the feature to set a random password like in BSD pw usermod -W in the Solaris passwd. Regrettably, I have not found or perhaps not understood the PAM API documentation on how to _inject a given string_ into the change-auth-token function pam_chauthtok(...), which always jumps in an interactive pw-changing loop. After I have generated a random string char * randstring, I have tried setting that string using retval = pam_set_item( pamh, PAM_AUTHTOK, randstring); which returns PAM_SUCCESS. The password / authentication token remains unchanged, however. My second idea, i.e., using pam_sm_chauthtok(...), did not work, either, as I have not understood the arguments to be passed. Should anybody know how to inject a given/known string into PAM to set a user password, know where to look for documentation regarding that issue or have another idea, I would really appreciate it ... and again my apologies for being more than just slightly off topic. Kind regards, -- Christopher J. Ruwe TZ GMT + 1 signature.asc Description: PGP signature