Re: nforce2 audio?
On Thu, 31 Jul 2003 06:33 am, Daniel Nielsen wrote: So, what can I possibly do to make my onboard sound work? /Daniel Try snd_ich_load="YES" in /boot/loader.conf. -- Daniel Harris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: imapd for squirrelmail is not found
David Banning wrote: I am attempting to run squirrelmail and during login it is attempting to run; inetd[20151]: cannot execute /usr/local/libexec/imapd what exactly is missing here? FreeBSD does not come with an imap daemon. You are trying to run a nonexistent one from inetd, apparently. Install and configure an imap daemon from the ports (several are available). -- Daniel Harris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: suid bit files and securing FreeBSD
Matthew Graybosch wrote: But if you're concerned with security uber alles, I'm surprised you didn't look into OpenBSD first. According to their site (openbsd.org), they've had "only one remote hole in the default install, in more than 7 years!" Caveat: the default install has almost nothing in it. This is fine if you plan to do almost nothing, but if you install any software, you'll be about as well off as if you were installing that software anywhere else. FreeBSD certainly can be secured, but it appears that the developers put performance and reliability first, and then security. Theo de Raadt puts security first. The BSDs borrow freely from each other. OpenBSD perhaps is a little more aggressive about cryptography in the base system, but the results of OpenBSD audits are often used by Net and Free. Please look up from your "BSD Executive Summary" article :-) To claim that FreeBSD puts reliability ahead of security doesn't make sense; a compromised system is usually not reliable. Security (and more broadly, stability/reliability) are given a little more consideration than performance, if you want to order them. A competent administrator can secure any system. An incompetent administrator should become competent (on machines unreachable from the internet) before running anything important in publically-reachable space. To the original poster: I take it you are running DNS and SMTP on the FreeBSD machine? Try to avoid BIND 8; use BIND 9 or djbdns for your DNS. Qmail and Postfix have better security records than Sendmail for SMTP; I prefer Postfix for ease of configuration. If you're running a BIND version, run it as user bind in a chroot (at least). I'd worry more about your public services than about SUID bits: if there is no shell access, nobody will be able to take advantage of SUID without first finding a hole allowing shell access. Subscribe to freebsd-security-notifications for, well, security notifications. Keep your ears open for bugs in your MTA or DNS server. With a little vigilance you have little to fear. Good luck, -- Daniel Harris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: openoffice install
On Sun, Oct 27, 2002 at 07:40:24PM +0100, Roman Neuhauser wrote: > > I have a 10gb disk: ad0s1= ad0s1e (/usr/local - 3.7gb); ad0s2=4gb K(but > > this includes /,/tmp/,/usr (2.7gb),/var; and ad0s3 = ad0s3e (/usr/ports - > > 2gb). > > that looks like you don't have enough free space (anywhere). Note that http://projects.imp.ch/openoffice/ has binary packages which won't require those 4GB :-) -- Daniel Harris msg06761/pgp0.pgp Description: PGP signature
Re: Checking the Version?
On Wed, Jul 24, 2002 at 12:28:21PM -0400, MET wrote: > Is there a command to check which version of FreeBSD your running? I > know that I'm running 4.6 ~ however I wanted to append a script someone > shared with me that shows how long the machine has been up, with the > exact version info on all of its key software, such as FreeBSD > (naturally being the number one most important), Apache, MySQL, and PHP. man uname -- Daniel Harris To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: FreeBSD upgrade maintenance vs. debian (please help)
On Mon, Jul 22, 2002 at 09:48:44AM -0600, David Wilk wrote: > The recent security probs (libc, libdns, ssh) have given me quick lessons > on FreeBSD updates on a pre-production box. I'm not terribly thrilled > with the amount of downtime necessary to keep a FreeBSD box up to date. > I'm talking about the 'shutdown to single user mode, make installworld, > reboot to new GENERIC, test, reboot to CUSTOM and yer back in production'. Single-user mode is rarely actually needed for updates within a -STABLE or -RELEASE branch. I usually do make buildworld && make buildkernel KERNCONF=CUSTOM and make installworld && make installkernel && mergemaster After that, one reboot. It's a rare (I've never seen one) security update that will have problems with multiuser. -- Daniel Harris msg01172/pgp0.pgp Description: PGP signature
