NFS server not responding, new in 6.0

[David Kirchner]

We recently replaced FreeBSD 4.5 with 6.0-RELEASE on a pair of servers.
One of the servers runs rsync to copy its contents to the other server,
over a NFS mount. Everything worked just fine under 4.5, but with 6.0,
we're seeing dozens of these errors every rsync:

May  2 14:00:59 xxx1 kernel: nfs server xxx2:/usr: not responding

The rsync does eventually complete successfully. The NFS client system
uses the em0 driver on a gigabit port, and the NFS server system uses
the fxp0 driver on a 100Mbit/full duplex port. The client system
doesn't come close to 100Mbit during the rsync (or otherwise) -- more
like 5Mbit. Neither server is what I'd consider "busy" -- they're actually
basically idle unless this script or some crons are running.

We're using NFSv3 soft, interruptable mounts. We've tried using TCP and
UDP, and have tried different -r and -w sizes, up to 32768 each. We've tried
it with and without nfsiod.

We haven't tried changing the mount_nfs -D option, because that seems
like it would only serve to mask the real problem, whatever that is.

a) Is this a real problem, or simply a reporting problem? What exactly is it
reporting if it's not a real problem?
b) If you've had this trouble before, what settings have you used to fix it?

Another issue is we're not seeing the usual "is alive again" message
you'll usually see when the server becomes unavailable and then returns.

I searched the PRs before posting this, but if there's a PR you know about
I could add a followup message to it. If you need other info, I can provide
that as well.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

sendmail patches

[David Kirchner]

The patches listed in the recent advisory about sendmail don't
currently exist on the FTP server. Does this mean:

a) They're just not there yet.

b) They were there, but they were taken down because of some problem with them.

I'm concerned it may be b) because the advisory indicates they're not
sure the patch will fix the bug.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Developer's Handbook DDB instructions

[David Kirchner]

I'm trying to track down a background fsck deadlock bug. I've found a
thread on groups.google.com about another person having a similar
problem but with snapshots. The suggestion made there was to compile a
kernel with DDB, and the user was referred to the Developer's
Handbook.

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug-online-ddb.html

The Handbook appears to be out of date -- it states that you have to
add "options DDB" to the kernel config to enable DDB. When you try
that, part way through the make depend process it informs you that you
also need KDB. Are there any other steps necessary to get DDB to work
on a newer version of FreeBSD (say 6.0-RELEASE)?

Since this particular deadlock test will probably take 12+ hours of
runtime to trigger, I'd like to get this right, so I can get as much
information as possible into a PR.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

http://www.freebsd.org/projects/bigdisk/

[David Kirchner]

Could someone help me find the contact information for the person who
is responsible for the bigdisk page? I have a suggested update
(related to PR kern/84589) that may help other people using
multi-terabyte servers get better usability from FreeBSD.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to see process in /proc filesystem???

[David Kirchner]

On 11/24/05, Javier Matos <[EMAIL PROTECTED]> wrote:
> Hello, I know that /proc filesystem provide an interface to see process in 
> the computer but the problem is that mi /proc folder is empty and I don´t 
> know how to enable it.

You can mount /proc with:

mount -t procfs /proc /proc
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: php mail()

[David Kirchner]

On 11/23/05, Kim johansen <[EMAIL PROTECTED]> wrote:
> I cant get the mail function in php to work. If i try to run a script
> with the mail() function, the script is just sleeping, doing nothing.
> Have enabled debug in php, but dont got any errors. sendmail works
> fine if i use it from commandline.
>
> what could be wrong?

We had to set up our php.ini as follows:

sendmail_path = /usr/sbin/sendmail -t -i
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: background fsck

[David Kirchner]

On 11/20/05, Wojciech Puchar <[EMAIL PROTECTED]> wrote:
> what is the rule to decide if filesystem may be background checked or not?
>
> for example my / is checked foreground, while /home checked background.
>
> can't root partition be background checked too?

The root partition is probably checked in the foreground for safety
reasons, since the root partition is so critical to everything on the
server. Personally I don't use or trust background fscks -- when a
server comes back up after a crash, I'd rather it just finish the fsck
before coming up live, since the fsck does slow the server down
noticably (and if it was an already busy web server, this can be a
problem).

There's also the matter of serious problems with background fscks,
with open PRs:

http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/53137
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/86423

and the less serious (since it is about UFS1):

http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/84589
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: pausing boot process

[David Kirchner]

On 11/17/05, Eric F Crist <[EMAIL PROTECTED]> wrote:
> On Nov 17, 2005, at 10:27 AM, James Bailie wrote:
>
> > J. W. Ballantine wrote:
> >
> > > Is there someway to pause the scrolling/process so the error is
> > > read-able??
> >
> > No.  After the system boots, log in as, or su to, root, and
> > invoke "dmesg" to view kernel messages.
> >
>
> You're incorrect.  You can pause this screen, and even scroll up/
> down, by pressing the Scroll Lock key.  When you're done, press
> Scroll Lock again to continue.

Scroll lock only starts working after the kernel is done loading. You
can't interrupt the kernel load with scroll lock (at least, you
couldn't with 5.4-STABLE and before, I can't state for certain that
you can't with 6.0)

It may be possible to extract that information from the core dump it
makes. Not sure where it would be stored, but "strings" may help you
find it (could take a while to sift through the dump tho).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Need urgent help regarding security

[David Kirchner]

On 11/16/05, Mark Kane <[EMAIL PROTECTED]> wrote:
> I also see a psyBNC server listening on port 7978:
>
> server# sockstat -l4 | grep psybnc
> USER COMMANDPID   FD PROTO  LOCAL ADDRESS FOREIGN ADDRESS
> wicked6  psybnc 15819 3  tcp4   *:7978*:*
>
> Funny thing is there is no process by wicked6 (or by anyone currently)
> called "psybnc". I can connect to an IP on that server on port 7978 and
> get a psyBNC though. I've checked for other processes by wicked6, nothing.

It's very common for them to overwrite argv[0], or use setproctitle
stuff to hide the real name of the program. Some programs don't read
that -- sockstat and top are two that don't read the modified program
name.

> It's trying to make a connection on 6667 to that IP as I said:
>
> server1# netstat -n | grep 6667
> tcp4   0  0  xx.xx.xx.xx.64243195.197.175.21.6667SYN_SENT

netstat -aAn (specifically, the -A) instructs netstat to prepend each
line with the memory address of the network connection. If you run
that you'll see something like:

f0d710c0 tcp4   0  0  xxx.xxx.xxx.xxx.29 211.119.136.240.66 ESTABLISHED

(sometimes, the port numbers get truncated, so you may have to grep
for the destination IP instead of the port number.)

You can take that address and run fstat | grep address:

$ fstat | grep f0d710c0
www  iroffer191333* internet stream tcp f0d710c0

In this specific case, it's an iroffer program run from some PHP
backdoor someone installed on the server (see
http://malformed.org/2005/11/15/zend-encoder-bad-for-the-internet/ for
a description of the present/near-future of these PHP backdoors). In
your case it may be that you're running suexec or suPHP, or it may not
have been started from the web at all. If that's the case, you may be
able to find out what else is going on by ensuring /proc is mounted
and then run: ps -uxwwep pid:

ps -uxwwep 19133
USER   PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED  TIME COMMAND
www  19133  0.0  0.0  1244  424  ??  S22Oct05  12:52.03 ...
DOC_ROOT=/usr/home/user/websites/domain.com ...

You may also see SCRIPT_FILENAME or PWD or other environment variables
that may give you hints as to where this was started from.

There are some other programs that'll do all this for you, I think
'lsof' is one. I dunno. I prefer to use base system utilities. But to
each their own.

Of course, if the listening process isn't showing up at all, but you
can still connect to the port, then you may have some sort of hacked
kld loaded or hacked ps, in which case the attacker has root, which is
a far more serious situation.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Release engineering confusion

[David Kirchner]

On 11/16/05, Steve Bertrand <[EMAIL PROTECTED]> wrote:
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> > Behalf Of David Kirchner

D'oh. I had no idea my From header looked like that. Another gmail frustration.

> I do only have a handful of servers, however thousands of users, and
> indeed, I do have backups. The problem arises in a criticality that >20
> minutes of downtime would lead to a severe problemwhich brings up
> another good question...how do YOU revert back to a previous release? If
> you manage so many servers, I'd love to know what type of routine you'd
> use to revert back (and so would many others I'd think ;)

Depending on how serious the problem is we may restore the changed
files from backups or cvsup to the date just before when the
-RELEASE-pNN tag was set.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Release engineering confusion

[David Kirchner]

On 11/16/05, Steve Bertrand <[EMAIL PROTECTED]> wrote:
> Thank you. However, that entire page out of the handbook pretty much
> clarifies that a production environment should *not* track either STABLE
> or CURRENT.
>
> So I'm assuming I'm best off with RELENG_6_0 etc, etc? Does anyone here
> actually run STABLE or CURRENT in a production environment? I've
> personally had the most luck with RELENG_4 which is still my main box,
> but now my curiosity has got the best of me.
>
> Steve

Ultimately it depends on how much downtime and difficulty you're
willing to endure, just in case the -STABLE branch ends up not working
for your servers for some particular reason. We use -RELEASE almost
exclusively (we have one -STABLE machine, because we needed a newer
version of a kernel driver) as we manage hundreds of servers, and
there's no one -STABLE release (to properly describe the -STABLE
version you're using you have to have the date and time of the cvsup,
as opposed to -RELEASE versions being like 5.4-RELEASE-p9). It's
easier, and thus more reliable, for us to have stable(heh) version
strings.

If you're just working with a handful of servers, -STABLE would
probably be fine, as long as you have backups and know how to revert
to previous versions when it becomes necessary.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ntpdate

[David Kirchner]

On 11/15/05, dick hoogendijk <[EMAIL PROTECTED]> wrote:
> I have a "ntpdate -b server" rule in my rc.conf before the ntpd daemon
> starts up. I get error msgs that the time server cannot be found.
> Is named run before or after ntpdate?
> Should I change the rule in something like "ntpdate -b ip" ?
> What is the rule of thumb?

Can you ping the server from another host while it's coming up, before
and during the time it is attempting to run the ntpdate command?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Obtaining release 4.1

[David Kirchner]

On 11/11/05, Dinh C. Nguyen <[EMAIL PROTECTED]> wrote:
> Hi,
>  I am trying to download release 4.1 from the website and I am unable to
> connect to either of the ftp sites from FreeBSD.org. I was wondering if the
> server is down because I would like to get a copy of release 4.1. Thank you.
>   Dinh Nguyen

The older versions of FreeBSD are archived elsewhere. Here's the URL for 4.1:

ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/4.1-RELEASE/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: copying standard input to standard output

[David Kirchner]

On 11/12/05, Noah <[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I am wanting to copy standard output to a file.
>
> I know that 'tee' will do this fine.
>
> blah | tee it
>
> but I am find that on some occasions processes will not output when pipping to
> tee.
>
> other than screen what are some applications that could capture standard
> output and dump to a file?

"script" will do exactly that. It'll capture stderr, too.

It may be that the programs you're using are sending to stderr as
Malcolm suggests. It may also be because some programs handle stdout
to a terminal differently than stdout to a file or a pipe.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how do I tell FreeBSD to sync, for real ?

[David Kirchner]

On 11/8/05, user <[EMAIL PROTECTED]> wrote:
> No, I'm not asking "why do I need to sync" ... I understand why I need to
> wait, or issue a sync command.  No problems there.
>
> What I am asking is, why is one issuance of `sync` not enough ?  Why is
> two not enough ?  Why do I need to issue 6 or 8 of them ?

Softupdates is why. If you disable softupdates (tunefs -n disable
/dev/whatever) you shouldn't have to worry about the sync delay any
more.

I do wish there was a way to force it to sync to disk on demand, though.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: build ports without X -- make.conf

[David Kirchner]

On 11/7/05, Dinesh Nair <[EMAIL PROTECTED]> wrote:
>
>
> On 11/08/05 02:16 Dan Mahoney, System Admin said the following:
> > For some reason this is gone in 5.x -- what's the appropriate way to do
> > this now (since WITHOUT_X11 still worked on a couple ports I've tried.)
>
> am also not sure if this is related, but an install of 6.0-RELEASE followed
> by a cvsup of RELENG_6 yesterday didnt have an /etc/make.conf. is this an
> omission or is this by design ?

That's by design. The install stores a default make.conf file in
/etc/defaults/make.conf . Local changes should go in a new file named
/etc/make.conf . The idea being that if you upgrade later, the upgrade
will modify /etc/defaults/make.conf leaving your local changes intact.
(Of course there's no guarantee that the local changes will still work
after an upgrade, but at least they won't be overwritten.)

There are a number of files in /etc/defaults -- it's worth checking that out.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: linux: command not found

[David Kirchner]

On 10/27/05, Mark Bucciarelli <[EMAIL PROTECTED]> wrote:
> I'm trying to load the linux kernel module to install java.
>
> When I type linux, I get a command not found error.
>
> Do I need to install a port or is this an issue with my kernel
> configuration?

The "linux" script is no longer in FreeBSD -- you can load linux.ko by running:

kldload /boot/kernel/linux.ko
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: increasing mount size

[David Kirchner]

On 10/27/05, eoghan <[EMAIL PROTECTED]> wrote:
> oops! typo... sorry... output:
> nathaniel# du -s /var/*
> 2   /var/account
> 6   /var/at
> 8   /var/backups
> 4   /var/crash
> 4   /var/cron
> 71010   /var/db

This is probably because the port uses /var/db/mysql as the database
directory (not sure why since /var is pretty tiny). An easy "fix" is:

mysqladmin shutdown
mkdir /usr/local
mv /var/db/mysql /usr/local/
ln -s /usr/local/mysql /var/db/mysql

then start mysqld however it is you do that (mysql-server.sh start maybe?)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Which version of FreeBSD a binary was compiled for?

[David Kirchner]

On 10/27/05, Will Maier <[EMAIL PROTECTED]> wrote:
> Must be -- some flag produces unique bits in the executables. I'm a
> little surprised there isn't (AFAICT) anything descriptive in
> file(1)'s manpage or /u/s/mi/magic that would explain the
> discrepancy. Didn't see anything in quick looks through gcc(1) or
> make(1), either.
>
> Weird.

It doesn't look like it's done in the magic file. Rather, it's
something built in to file itself. Check out around line 400 of
'readelf.c'.

This doesn't explain how it gets in to the binaries built, though.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: i386/55603, i386/59959, kern/75850, fixed in 6.0?

[David Kirchner]

On 10/25/05, Kris Kennaway <[EMAIL PROTECTED]> wrote:
> On Tue, Oct 25, 2005 at 11:30:49AM -0700, David Kirchner wrote:
> > Can anyone using the Mylex A352 controller update/merge the following
> > PRs if the bug has been fixed in 6.0? Or confirm whether or not it is
> > still present in 6.0-RC?
> >
> > http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/55603
> > http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/59959
> > http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/75850
>
> You should follow up to the PR and note that it's still an issue with
> 5.4.  If they're all reporting the same bug, 2 of them should be
> closed to avoid duplicates.
>
> Kris

OK, I've followed up to all 3, requesting that the two newer ones be
closed and the originators Cc:'d on i386/55603 action.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

i386/55603, i386/59959, kern/75850, fixed in 6.0?

[David Kirchner]

Can anyone using the Mylex A352 controller update/merge the following
PRs if the bug has been fixed in 6.0? Or confirm whether or not it is
still present in 6.0-RC?

http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/55603
http://www.freebsd.org/cgi/query-pr.cgi?pr=i386/59959
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/75850

FWIW, the bug is still present in 5.4-RELEASE. I have checked cvsweb
and I don't see any commits regarding this bug in the sys/dev/mly
directory, but I don't know if that's still the same driver name for
the card.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: writing to syslog from a shell script?

[David Kirchner]

On 10/23/05, Eric F Crist <[EMAIL PROTECTED]> wrote:
> How could I write an entry to syslog from a shell script.  For
> example, I want to write an entry stating that a command worked or
> didn't work, along with an error message.

Check out logger(1)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Weird SSH problem... Any ideas?!?

[David Kirchner]

On 10/20/05, Olaf Greve <[EMAIL PROTECTED]> wrote:
> Hi,
>
> > Well, it all seems to be a question of granting users access to the
> > right file. Have you checked permissions on /etc/passwd and /etc/pwd.db ?
>
> These are both 644, owned by root:wheel.
>
> > These should be world readable while /etc/master.passwd and /etc/spwd.db
> > should not.
>
> These are both 600, owned by root:wheel.

How about /etc and / itself? They should be 755.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: fsck woes: no '-b' option?

[David Kirchner]

On 10/18/05, darren david <[EMAIL PROTECTED]> wrote:
> SEARCH FOR ALTERNATE SUPER-BLOCK FAILED. YOU MUST USE THE
> -b OPTION TO FSCK TO SPECIFY THE LOCATION OF AN ALTERNATE
> SUPER-BLOCK TO SUPPLY NEEDED INFORMATION; SEE fsck(8).
>
>
> 
>
> this is all well and good, but according to 'man 8 fsck', there is no
> '-b' option. any thoughts on way around this? I'm running on 5.4-STABLE.

It looks like the fsck man page needs to be clarified, and the fsck
output needs to be modified. What is actually telling you to use -b is
"fsck_ffs".
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: root can't write to NFS mounted directory

[David Kirchner]

On 10/18/05, Mohan Singh <[EMAIL PROTECTED]> wrote:
> I have some home directories that is mounted over NFS.
>
> The users who log in via NIS can write to their respective home
> directories, but root on the NFS client can't.
>
> The NFS directories are exported via a NAS. I know it is not a
> configuration issue on the NFS server, as it previously worked fine,
> and the only change I have made recently is to wipe and install the
> client.
>
> What setting on the client allows root to write to NFS mounted directories?

I don't think there is one, but I could be wrong. There is a setting
which enables/disables global write access to the partition. Use
"mount -o rw -u /mountpoint" to remount it as read-write, if it's
read-only now.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Is dump different?

[David Kirchner]

On 10/18/05, vittorio <[EMAIL PROTECTED]> wrote:
> I have a new desktop with netbsd 2.0.2 and a portable with freebsd 5.4 (my pet
> OS but it didn't boot on the compaq evo 510 box; therefore netbsd!).
> Now, I had dumped my previous old desktop with  freebsd 5.4  to a
> samba share and then tried to restore some files interactively with "restore
> -i -f mydumfile" ont the new box  but restore (under netbsd) complained that
> there was no root directory and i couldn't restore anything (e.g. ls didn't
> show anything).
> My question is:
> the dump programs in netbsd & in freebsd are different in some way, I mean
> structurally different therefore somewhat incompatible in the two OSs?

Quite likely. dump is different between FreeBSD 4 and FreeBSD 5, and
unfortunately there does not appear to be a "backwards compatibility
mode".
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Spash screen will not come up

[David Kirchner]

On 10/18/05, Daniel Rudy <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> I'm running FreeBSD 5.4-RELEASE.  The problem that I have is that the
> splash screen will not come up.  I have made sure that the bmp is 256
> colors.  I have tried uncompressed and RLE compressed bmps.  The RLE
> compressed versions worked in 4.x.  I have also added the approperiate
> lines to /boot/loader.conf.  It seems that ever since I upgraded to 5.x,
> I have not been able to get a splash screen.  Upon further examination,
> I see this in the dmsg when the system boots:
>
> module_register_init: MOD_LOAD (splash_bmp, 0xc06e4810, 0) error 2

I believe error 2 in this context means "No such file or directory".
Maybe it's expecting the bmp to be somewhere else?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: interesting past 4 hours...

[David Kirchner]

On 10/15/05, Gary Kline <[EMAIL PROTECTED]> wrote:
> You know, what I'd like my wm to be able to do is
> set  app (say xload)
>
> /usr/bin/nice -n -17 xload -g 50x90+0+0 &
>
> so that I'll be able to nice it down to some low  value,
> control the placing and size of the app, and so on.
> I assume that Gnome/KDE (and their light versions)
> have some ~user/.* XML files where things are tuned,
> but grep  -r .* hasn't found anything ...
> Is there/Where is the files that list the apps so that
> I can set up things and season-to-my-tastes?
>
> For me, functioality is more imortant than how "pretty"
> things look.

The bizarrely-named 'devilspie' will handle window location, sizing,
pinning, and the default workspace assignment (in case you don't want
it pinned). It doesn't handle nicing, however.

It works fine with devilspie. I expect it will work OK with KDE or twm too.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help Understanding While Loop

[David Kirchner]

On 10/14/05, Drew Tomlinson <[EMAIL PROTECTED]> wrote:
> OK, I've been working on an sh script and I'm almost there.  In the
> script, I created a 'while read' loop that is doing what I want.  Now I
> want to keep track of how many times the loop executes.  Thus I included
> this line between the 'while read' and 'done' statements:
>
> count = $(( count + 1 ))
>
> I've tested this by adding an 'echo $count' statement in the loop and it
> increments by one each time the loop runs.  However when I attempt to
> call $count in an 'echo' statement after the 'done', the variable is
> null.  Thus I assume that $count is only local to the loop and I have to
> export it to make it available outside the loop?  What must I do?

Oh yeah, that's another side effect of using the while read method.
Because it's "| while read" it's starting a subshell, so any variables
are only going to exist there. You'd need to have some sort of 'echo'
within the while read, and then | wc -l at the end of the while loop,
or something along those lines.

The IFS method someone else mentioned, in regards to 'for' loops,
would probably be better all around. So you'd want:

OLDIFS=$IFS
# Note this is a single quote, return, single quote, no spaces
IFS='
'

for i in `find etc`
do
done

IFS=$OLDIFS
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help With 'for' Loop

[David Kirchner]

On 10/14/05, Drew Tomlinson <[EMAIL PROTECTED]> wrote:
> Sorry to be such a pest today.  I'm working on a sh script that uses a
> for loop.  To test, I've written the following:
>
> for i in `/usr/bin/find /multimedia/Pictures -iname "*.jpg" -or -iname
> "*.gif" -print`
> do
> echo -e "\n$i"
> done
>
> The first line 'find' returns is "/multimedia/Pictures/1998
> Christmas/April01.JPG"
>
> Yet 'echo $i' only returns "/multimedia/Pictures/1998", stopping at the
> first space.  Is it possible to get 'i' to represent the whole string
> that 'find' returns?  If so, how?

'while read i' will do what you want, but may cause issues with
programs that expect to be able to read from stdin within the loop.

find $findstuff | while read i
do
echo $i
done

You can also try something like:

find $findstuff -exec echo {} \;

(where $findstuff is your -iname conditionals). {} is replaced by the
files or directories found by find, and \; is necessary to terminate
the -exec argument.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/13/05, Andrew P. <[EMAIL PROTECTED]> wrote:
> I don't see a single reason why I shouldn't ask
> the BSD daemon to flame the hell out of you :-)
>
> Try again to verify. And again. Again then. And
> if you think that 5 times are enough, you might
> be right. But they are not enough for you.

You're right. Damn, I must have done the wrong thing. I upgraded to
RELENG_5 I guess. (It's hard to know, since the server panics when you
run reboot or shutdown -r, and is not immediately in front of me). I
screwed up.

The reason I thought the way I did was that I saw something like
'bsnmpd' show up in mergemaster, but it looks like that only arrives
when you upgrade to RELENG_5. Sorry Cody, sorry list.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/12/05, David Kirchner <[EMAIL PROTECTED]> wrote:
> On 10/12/05, Andrew P. <[EMAIL PROTECTED]> wrote:
> > That's just not true. Cvsupping to something like
> > RELENG_5_4 will do exactly the same thing as
> > a patch, only it's the hassle-free way. You see
> > a sec-advisory, you type "cvsup -g -L 2 mysup"
> > recompile what's suggested in the advisory, or
> > the whole world - and you're done.
>
> cvsupping to RELENG_5_4 will include all of those patches, not just
> the one you just read about. So if you had to avoid installing a patch
> for some reason (you had a local solution, or something, it happens
> sometimes) then you need to avoid using the cvsup method.

I just tried this again to verify. cvsuping to RELENG_5_4 gives you
5.4-STABLE, which includes _many_ things not found in the
5.4-RELEASE-p?? branch. I'm not saying people shouldn't upgrade to
5.4-STABLE (although I do think efforts should be directed towards
including bugfixes in the 5.4-RELEASE-p?? branch) but that they should
be aware that cvsup'ing to RELENG_5_4 will give them a very different
result to patching the specific security advisory patches.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/12/05, Andrew P. <[EMAIL PROTECTED]> wrote:
> That's just not true. Cvsupping to something like
> RELENG_5_4 will do exactly the same thing as
> a patch, only it's the hassle-free way. You see
> a sec-advisory, you type "cvsup -g -L 2 mysup"
> recompile what's suggested in the advisory, or
> the whole world - and you're done.

cvsupping to RELENG_5_4 will include all of those patches, not just
the one you just read about. So if you had to avoid installing a patch
for some reason (you had a local solution, or something, it happens
sometimes) then you need to avoid using the cvsup method.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/12/05, Cody Holland <[EMAIL PROTECTED]> wrote:
> Thanks for the response.  I did  a terrible job of asking the correct
> question to get the response I wanted.  I do know to cvsup the source
> and build/make world.  I currently have 4 FreeBSD servers in production
> serving various tasks.  The question I should have been asking is:
> Is using the security patches provided by the FreeBSD maintainers as
> good as actually updating the whole server?  What are the pros and cons
> of using the security patches vs. full source upgrade via cvsup?

If you cvsup, you're going to get more than just security patches.
Basically, program functions could change in unexpected ways (unless
you read /usr/src/UPDATING and it contains everything changed). When
you do the specific security patch, you're reducing change, and thus
reducing the chance of something else going "wrong" for you.

It's probably safest to just do the security patch. However, if you
ask questions about it on the mailing lists, your "uname -a" output
won't be a complete picture of what has been patched. If you use the
cvsup method, I believe your uname will show something like
'5.4-RELEASE-p7'. Of course, most mailing list replies will be to
upgrade to 6.0 or 7.0 but that's a side issue. :)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/12/05, Andrew P. <[EMAIL PROTECTED]> wrote:
> If things are not too tight on yout hard drive,
> consider the cvsup way. It's very easy - and
> very clearly described in the handbook.

I've seen many people say this, but I suspect they haven't tried
looking for information on patching using cvsup in the handbook. It's
not easy to find. I think we're doing a disservice to the community
directing people there without pointing them to a specific page (it is
a 4MB document).

The notes on using cvsup to keep your system up to date are under the
section header "Cutting Edge". I dunno about you, but when it comes to
security patchse, I'd like to see them as easy as possible, not
something as elite as that. Maybe that's just a poor choice of a
title, though.

The only specifically correct information -- using 'standard-supfile'
-- appears under the header "Using FreeBSD-CURRENT", a section most
newbies certainly ought to avoid unless they want to run bleeding-edge
may-not-compile-at-all code.

In any case, a direct link to the information on how to keep your
system up to date is available here:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html#AEN27683

You only need to read paragraph 2a -- the rest has to do with -CURRENT
and other crufty methods of getting source. Then you can skip to:

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/synching.html

and read that and the next page. That should be enough to get you
going with the latest -RELEASE-pNN patch level.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patch vs. Upgrade

[David Kirchner]

On 10/12/05, Cody Holland <[EMAIL PROTECTED]> wrote:
> I'm still pretty new to the BSD world and wanted to throw out a question
> to see what kind of responses I get.  What is everyones take on what to
> do when security vulnerabities are discovered.  Do you upgrade your
> source (not always the easiest thing to do) or patch.  What are the pros
> and cons of patching?

We patch the source and rebuild the bare minimum of software.
Rebuilding world (ie: everything) is an extreme step which, logically,
should only be taken as a last resort. At least, in a production
environment. If this is just a toy computer, or a desktop, rebuilding
world is probably not so bad.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Is there a FreeBSD equivalent of this?

[David Kirchner]

On 10/12/05, Odhiambo Washington <[EMAIL PROTECTED]> wrote:
> Hello everyone,
>
> I am snooping on the squid-users mailing list and something interesting
> (maybe not!) is mentioned:
>
> http://www.faqs.org/docs/securing/chap6sec73.html
>
> Do we have an equivalent on this in any branch (4.x, 5.x, 6.x) bar for
> the 'mount' option?
>
> I have to think about everything in *BSD terms ;-)

Yeah, noatime is available in FreeBSD's mount. I have not seen it
actually make a big difference while using softupdates, however. (I
don't recall trying it before softupdates was around).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: port version

[David Kirchner]

On 10/9/05, eoghan <[EMAIL PROTECTED]> wrote:
> Hello
> I have done some searching but not really found my answer. I was
> wondering if there is a way to check port version? I cvsup'd my ports
> and id like to check version of some ports before I install them...
> I know many have the version in the dir like mysql. But for example /
> usr/ports/X11/kde3/
> I dont know if this is 3.4 or 3.5? I have checked the make file...
> But I dont see the version.
> Thanks
> Eoghan

pkg_info, which is a part of the base system, will parse the package
database (/var/db/pkg) and tell you what you want to know, I believe.
I don't know how well it works for "meta" packages such as kde or
gnome, but it may help you out.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Patching to FreeBSD 5.4-p7

[David Kirchner]

On 10/9/05, Deepak Naidu <[EMAIL PROTECTED]> wrote:
> Hi,
>  I want to know ow to upgarde or patch my FreeBSD 5.4 version to FreeBSD 
> 5.4-p7
>
> Cheers,
> Deepak Naidu.

The common response to this is that it's in the handbook. I'm trying
to find it there, though, and am having a lot of trouble. "upgrade"
and "patch" search terms don't find it. There is some mention of using
cvsup in "Cutting edge", but given the title I don't think that's what
is recommended for everyone.

I could just be missing the magic search keyword for this, though.
Maybe someone here has it?

In any case, I believe you can run cvsup, using the example file
/usr/share/examples/cvsup/standard-supfile , using the tag RELENG_5_4
. I'm not exactly sure what the official patch recommendation is
though.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: tunefs problem

[David Kirchner]

On 10/8/05, Sasa Stupar <[EMAIL PROTECTED]> wrote:
> I am trying to enable tunefs for my filesystem but I get the following:
> -
> # tunefs -n enable /
> tunefs: soft updates cannot be enabled until fsck is run
> tunefs: /dev/ad2s1a: failed to write superblock
> -
>
> But AFAIK fsck is not running.
>
> What am I missing here?
>
> Regards,
> Sasa

It means that you need to run fsck on the partition before you can
enable softupdates. Something like "fsck -y /" will do it.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: NFS no longer works?

[David Kirchner]

On 10/7/05, Garrett Cooper <[EMAIL PROTECTED]> wrote:
> No dice, but thanks for trying =).
> -Garrett

Some other questions then:

Is rpcbind running? Does it show mountd registered? Try "rpcinfo p" to
check. You should see something like:

151   udp   1022  mountd
153   udp   1022  mountd
151   tcp   1023  mountd
153   tcp   1023  mountd

along with others.

Is /store its own partition? mountd will only export filesystems. You
can NFS mount specific directories if you have the -alldirs flag in
/etc/exports, but you can't prevent them from NFS mounting other
directories. (You can, however, use permissions to prevent them from
viewing/writing to directories you don't want them to).

Try running mountd with the flags "-d -l". It will stay attached to
your terminal. Does it show the line being processed properly? Note
when you ^C this, it will still show up in rpcinfo -p .
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Re: Problem upon upgrade ...

[David Kirchner]

On 10/7/05, Aleksandar Kacanski <[EMAIL PROTECTED]> wrote:
> /dev/console problem :
> I found a bit more on this issue.
> /var/log/messages:
> Oct  7 10:42:14 nyfbsds01 kernel: Mounting root from
> ufs:/dev/ad0s1a
> Oct  7 10:42:16 nyfbsds01 init: can't get /dev/console for
> controlling terminal: Operation not permitted
> Oct  7 10:42:46 nyfbsds01 init: can't get /dev/console for
> controlling terminal: Operation not permitted
> Oct  7 10:44:46 nyfbsds01 last message repeated 4 times
> Oct  7 10:53:17 nyfbsds01 last message repeated 17 times
>
> still after couple of minutes, KDM pops up and I am in.
> ls -l /dev/console
> crw---  1 sasha  wheel0,   0 Oct  7 11:02
> /dev/console
>
>
> Why does it takes 21 times to get KDE to start?
> I am able to CTRL-ALT-F1 to virtual console and log in as
> root or ordinary user form KDE.
>
>
> thanks,
> /s

Where do you start KDM from? I'm guessing it's not running as root for
some reason?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Security risk associated with a NIC's promiscuous mode?

[David Kirchner]

On 10/7/05, Chuck Swiger <[EMAIL PROTECTED]> wrote:
> A mild one.  For example, I believe there was recently a security bug in
> tcpdump's string handling which could be exploited by tcpdump seeing a
> maliciously-crafted packet.  Running the NIC in promisc mode means that packet
> just has to go by, rather than being sent specificly to the machine running 
> the
> sniffer...
>
> In other words, it's not a great idea to run a sniffer on your most important
> fileserver or whatever, rather than an isolated laptop or other test system.

You can also change the ownership of the bpf0 entry in /dev to
something other than root, and run tcpdump as that user. Obviously you
would want to secure that account so it can only be accessed by you,
and you may even want to change ownership to that user only when you
want to sniff, changing it back to root when done.

In any case, this would mitigate the risk in case a tcpdump/libpcap
vulnerability is discovered.

I wouldn't do this if it was for a daemon or a cron, though, since
they would perform dumps at specific (IE predictable) times of day.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: xine / kaffeine core dumps with bus error

[David Kirchner]

On 10/4/05, Ian Moore <[EMAIL PROTECTED]> wrote:
> OK, I've done that for xine, here's the last bit:
>   1935 xine RET   read 4096/0x1000
>   1935 xine CALL  mmap(0,0x5e000,0x5,0x20002,0x6,0,0,0)
>   1935 xine RET   mmap 692838400/0x294be000
>   1935 xine CALL  mprotect(0x294ec000,0x1000,0x7)
>   1935 xine RET   mprotect 0
>   1935 xine CALL  mprotect(0x294ec000,0x1000,0x5)
>   1935 xine RET   mprotect 0
>   1935 xine CALL  mmap(0x294ed000,0x3000,0x3,0x12,0x6,0,0x2e000,0)
>   1935 xine RET   mmap 693030912/0x294ed000
>   1935 xine CALL  mmap(0x294f,0x2c000,0x3,0x1012,0x,0,0,0)
>   1935 xine RET   mmap 693043200/0x294f
>   1935 xine CALL  close(0x6)
>   1935 xine RET   close 0
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/usr/X11R6/lib/libstdc++.so.4"
>   1935 xine RET   access -1 errno 2 No such file or directory
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/usr/local/lib/libstdc++.so.4"
>   1935 xine RET   access -1 errno 2 No such file or directory
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/lib/libstdc++.so.4"
>   1935 xine RET   access -1 errno 2 No such file or directory
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/usr/lib/libstdc++.so.4"
>   1935 xine RET   access 0
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/usr/X11R6/lib/libm.so.3"
>   1935 xine RET   access -1 errno 2 No such file or directory
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/usr/local/lib/libm.so.3"
>   1935 xine RET   access -1 errno 2 No such file or directory
>   1935 xine CALL  access(0x2816a000,0)
>   1935 xine NAMI  "/lib/libm.so.3"
>   1935 xine RET   access 0
>   1935 xine CALL  mprotect(0x294ae000,0xf000,0x7)
>   1935 xine RET   mprotect 0
>   1935 xine CALL  mmap(0,0x348,0x3,0x1000,0x,0,0,0)
>   1935 xine RET   mmap 693223424/0x2951c000
>   1935 xine CALL  munmap(0x2951c000,0x348)
>   1935 xine RET   munmap 0
>   1935 xine CALL  mprotect(0x294ae000,0xf000,0x5)
>   1935 xine RET   mprotect 0
>   1935 xine CALL  mmap(0,0xb48,0x3,0x1000,0x,0,0,0)
>   1935 xine RET   mmap 693223424/0x2951c000
>   1935 xine CALL  munmap(0x2951c000,0xb48)
>   1935 xine RET   munmap 0
>   1935 xine PSIG  SIGBUS SIG_DFL
>   1935 xine CALL  kse_thr_interrupt(0,0x4,0xa)
>   1935 xine NAMI  "xine.core"
>
> Looks like it can't see lib files that really are there:
> %ll /lib/libm*
> -r--r--r--  1 root  wheel  108400 Feb 24  2004 /lib/libm.so.2
> -r--r--r--  1 root  wheel  120004 Jul 29 17:38 /lib/libm.so.3
> -r--r--r--  1 root  wheel   41096 Jul 29 17:38 /lib/libmd.so.2
> %ll /usr/lib/libstdc++.*
> -r--r--r--  1 root  wheel  1754130 Jul 29 17:39 /usr/lib/libstdc++.a
> lrwxr-xr-x  1 root  wheel   14 Jul 29 17:39 /usr/lib/libstdc++.so ->
> libstdc++.so.4
> -r--r--r--  1 root  wheel   881208 Jul 29 17:39 /usr/lib/libstdc++.so.4
>
> So I don't know what's going on there.

What it's doing there is checking the library path to try and find the
requested library -- it does eventually find it, so that's OK. What
this ktrace shows is that the dump occurs before anything else goes on
-- ie just after loading the initial set of libraries it does
something not related to a system call (like mishandling a pointer). I
hate to suggest this, especially since you've had world built for so
long without trouble, but maybe a freshly updated world would help?
libstdc++ hasn't been updated in quite a while, but libm has had some
radical changes made to it, it seems. It may not actually mean
anything specific, though.

I'm stuck at this point, I think. I don't know a lot about the X
server internals or the drivers (specifically to the Radeon question).
Might be best just to downgrade the port rather than mess around with
something as big as rebuilding the entire world.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: xine / kaffeine core dumps with bus error

[David Kirchner]

On 10/4/05, Brian John <[EMAIL PROTECTED]> wrote:
> It probably is.  However, I'm not sure how to go about figuring out
> which one of these dependencies it is, let alone how to fix it.  Could
> you help us troubleshoot this?  BTW, I used portmanager to upgrade my ports.

I don't know if I can be much help, as I haven't used xine or vlc, or
portmanager. What I would do in your case is run 'ktrace -i -d vlc'
(along with whatever other arguments) to trace the process and its
dependencies, and then run 'kdump' to view the trace (the output will
be enormous). You might see something interesting near the end, like a
file not found that it was expecting, or it opening a file just prior
to dumping core. It may be possible the other programs would have the
same last few lines.

This is generic advice, I'm afraid, and may not even be valid in this
case. But who knows.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

sysinstall MEDIA_TIMEOUT pretty high

[David Kirchner]

MEDIA_TIMEOUT is used to determine how long it will wait between
retrying a DNS lookup.

Would there be any objection to modifying the defaults sysinstall to
lower its default MEDIA_TIMEOUT from 300 seconds to something more
like 10, and then increasing the retry count from 2 to 30? The net
result should be that it would wait just as long (5 minutes) before
accepting a total failure, but it should retry often enough that two
transient failures (for whatever reason they may occur) won't cause
the installation to fail entirely, and it could help make sysinstall
just slightly more user-friendly.

(This is particularly an issue because if it cannot look up the
hostname, sysinstall will allow you to try to restart the process, but
it will then try to install the OS on the ramdisk, or do other broken
things: bin/42162 from 2002)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: xine / kaffeine core dumps with bus error

[David Kirchner]

On 10/4/05, Ian Moore <[EMAIL PROTECTED]> wrote:
> On Wednesday 05 October 2005 00:44, Brian John wrote:
> > I think I'm having a similar problem with totem (which uses xine) and vlc.
> >  Can you try installing /usr/ports/multimedia/vlc and see what that does?
> > If that gives a bus error as well then I think we might have the same
> > issue.  I haven't been able to find a solution to this yet...
> >
> > /Brian
>
> Yep, vlc gives a bus error too. Looks like we have the same problem!
>
> Cheers,
> Ian

I've found that installing from ports doesn't always (ever? I'm not
sure) upgrade the dependencies. Could it be a common shared library
used by the three programs?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Complete hangs while extracting source

[David Kirchner]

On 10/3/05, Jakob Breivik Grimstveit <[EMAIL PROTECTED]> wrote:
> The logfile can be found at
> . Are you able to parse
> anything usable from it?

I don't see anything wrong with the figures from that log.

The only other thing I can think of to check is to ensure that DMA is
enabled and supported on your drive. atacontrol cap is supposed to
tell you if DMA is supported, and sysctl hw.ata will tell you if DMA
is enabled in the kernel driver.

I don't know the details on how to enable DMA if it is disabled,
unfortunately. I would expect it would need to be something in the
loader, rather than a run-time tunable.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Complete hangs while extracting source

[David Kirchner]

On 10/2/05, Jakob Breivik Grimstveit <[EMAIL PROTECTED]> wrote:
> How can I tell? I doubt this to be the problem, since I experience same
> problem on two other machines as well. Only thing they share (except same
> lousy administrator :-) is that they all run on AMD CPUs (1700+, 1800+ and
> 3500+).

dmesg will show you irqs, but you can also find it using systat's
"vmstat" mode. It'll also allow you to monitor interrupt activity.
It's best used from the console of the machine. I would guess you'd
want to watch for two drivers, sharing an interrupt, and both
incrementing at the same rate. (I've seen that before, and it was
associated with severe performance problems, but unfortunately I do
not recall how it was fixed.)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Checksum failed

[David Kirchner]

On 10/1/05, Hamza Eraldi <[EMAIL PROTECTED]> wrote:
> Yes, it is same:
> cat distinfo
> MD5 (php-4.4.0.tar.bz2) = e85b606fe48198bfcd785e5a5b1c9613
> I have already updated the ports.
> The command was also make install clean distclean.
> After a reboot and a new make install, the file (zlib.so) has been
> fetched&compiled successfully but i got the same checksum error for the
> next file (mcrypt.so) too.
> An another reboot fixed it again.
> Interesting, huh?
> Thanks.

You may not like this.,,

It sounds like you have memory corruption problems. Either a problem
with the memory, motherboard, or CPU, or even the hard drive card (if
applicable). I've personally seen this sort of problem manifest itself
in the form of bogus tripwire/samhain reports.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Weird Real memory reported with 5.4 PAE support

[David Kirchner]

On 9/30/05, Tamouh H. <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> We have a Supermicro that has Winston 4GB of ECC Registered DDR333 RAM. Dual
> Xeon Processors.
>
> With PAE enabled, it seems the system reports 6GB of realmemory instead of
> 4GB, as below:

We've seen similar stuff with Supermicro servers. PCI/PCI-X/PCI-E (or
something like that) uses memory addresses in the upper end of the 4GB
barrier. The BIOS remaps any real memory above that. The more PCI
slots you have the more is reserved, and the higher the BIOS has to
remap it. (Someone can correct me if I'm wrong here, I may be
oversimplifying).

The panics you are seeing are a known bug in FreeBSD 5.4-RELEASE. The
bug is fixed in 5-STABLE:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/i386/i386/pmap.c.diff?r1=1.494.2.9&r2=1.494.2.10&f=h

For an unknown reason, the patch has not been commited to the
5.4-RELEASE-p* branches, or 5.4-STABLE. If you don't want to move all
the way to 5-STABLE you can just make the above changes manually (it's
just 2 lines) and rebuild, and it'll work fine.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: sftp connection problems

[David Kirchner]

On 9/30/05, Vittorio <[EMAIL PROTECTED]> wrote:
> I've just sent a PR suggesting a fix to
> http://www.freebsd.
> org/cgi/query-pr.cgi?pr=86759
> The problem is:
> Trying to connect with a
> client to an sshd server using sftpd the client  fails connection
> invariably complaining:
> 
> sftp-server: Command not found.
> Fatal:
> unable to initialise SFTP: could not connect

I'm not seeing that /usr/lib/misc/sftp-server line -- it's all
/usr/libexec/sftp-server in CVSWeb and 5.3/5.4-RELEASE . Could the
problem be related to the openssh port or something?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Intel 2U server 4GB RAM showing only 3GB

[David Kirchner]

On 9/28/05, Nelis Lamprecht <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I have a new dual Xeon Intel 2U server which I'm configuring with
> FreeBSD 5.4 and I can't get it to see more than 3GB RAM. If I try use
> the MAXMEM=(4096*1024) option it fails to boot up and just resets
> itself. Do I need to use the PAE option ? ..I wouldn't think so as
> this is meant for >4GB.

Yeah, you'll need to use PAE. Some BIOS apparently remap the top few
hundred megabytes (I've seen it use up to 768MB or so) for PCI (-X,
-Express?) devices.

FreeBSD 5.4-RELEASE, unpatched, has a bug that causes kernel panics
when you use PAE and memory above the 4GB barrier is accessed. The bug
is fixed in 5.4-STABLE, as of a while ago. I'm not sure if it made it
back in to any of the 5.4-RELEASE-p?? patches.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: tcp connections not showing up anymore on netstat?

[David Kirchner]

On 9/23/05, Alex <[EMAIL PROTECTED]> wrote:
> Hello list,
>
> I've got a rather strange problem. Yestoday, when I rebooted my box I
> was still able to ping the box, but no services started (apache,ssh
> etc), nor did they show up on netstat. So I rebooted it again, now I
> could connect to the box on port 80 (httpd) and port 22 (ssh) but
> netstat still wont show tcp.

Is your netstat and its related libraries in sync with your -STABLE
kernel? That'd be the first thing I'd check.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Shell scripting question

[David Kirchner]

On 9/12/05, Paul Schmehl <[EMAIL PROTECTED]> wrote:
> How can I strip the leading character from the string so that I can test to
> see if it's zero?

This'll strip the 0, while leaving other numbers intact:

$ X=09
$ echo ${X#0}
9
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: server name QDN

[David Kirchner]

On 8/31/05, Dark Star <[EMAIL PROTECTED]> wrote:
> Hello everyone,
> 
>Well, Im on FreeBSD 4.8-R Fresh installation, and i have a simple
> question
>Lets say I named my box Xname so in rc.conf the hostname ="xname"
> 
>When the machine start, the logs will start to complain /var/log/messages
> 
>xname sm-mta[157]: unable to qualify my own domain name (xname) -- using
> short name

On FreeBSD, the hostname should be set to the entire fully qualified
domain name -- hostname="xname.xwhatever.com" in /etc/rc.conf .
hostname -s will return the first portion of the fqdn.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get /etc/ssh back

[David Kirchner]

On 8/30/05, Sean P. Malone <[EMAIL PROTECTED]> wrote:
> The system does ask for entropy upon the next reboot but the generation
> of the keys and startup of sshd fail since there is no /etc/ssh.
> 
> If the install program doesn't create /etc/ssh, what does and how do I
> get it back?
> 
> Thanks!
> 
> Sean

Judging by the Makefile in /usr/src/etc/Makefile, I'd say that all you
may have to do is mkdir /etc/ssh, and copy
/usr/src/crypto/openssh/{ssh_config,sshd_config,moduli} to /etc/ssh .
Then reboot and that entropy thing should work properly. (Alternately,
I think you could just run /etc/rc.d/sshd start ).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: mouse wheel problem

[David Kirchner]

On 8/30/05, Efren Bravo <[EMAIL PROTECTED]> wrote:
> Section "InputDevice"
> Identifier  "Mouse0"
> Driver  "mouse"
> Option  "Protocol" "auto"
> Option  "Device" "/dev/sysmouse"
> Option  "Buttons" "5"
> Option  "ZAxisMapping" "4 5"
> EndSection
> 
> But the scrollwheel doesn't work. I've tried with Kde's Applications.

I've never used moused, and I have the mousewheel working in all apps
(although I don't run KDE). The primary difference between my setup
and yours is that I have Option "Buttons" "7" rather than 5, and am
using a USB mouse. I suspect the former is more relevant than the
latter.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Turning off file flags during restore

[David Kirchner]

On 8/30/05, Freminlins <[EMAIL PROTECTED]> wrote:
> -rw-r--r-- 1 www www schg 73 Jul 27 22:04 foo.txt
> 
> I understand that some of the attributes on the NetApp may be confusing
> restore. I don't really have a problem with that. Is there a way to not set
> the file flags during restore? I don't really want to chflag a few million
> files if I don't have to. Also, of course, changing the flags updates the
> file's ctime.

There doesn't appear to be a way to avoid this with restore,
unfortunately. It performs the chflags() call immediately after
setting the file times, without any conditional to avoid it.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: mysqld startup problems

[David Kirchner]

On 8/29/05, Norberto Meijome <[EMAIL PROTECTED]> wrote:
> Not directly, but when I find myself in this pickle, I try to see what
> exactly is the process doing:
> 
> $ ktrace /usr/local/etc/rc.d/mysql-server.sh start
> 
> ( wait for it to finish )
> 
> kdump -f ./ktrace.out | less
> 
> and look for any errors / etc, and take it from there. you'll be able to
> see any access errors / file not found,etc (i'd say it's a missing
> directory or wrong access in a directory for mysql user)

Excellent advice -- also, if you add the "-d" flag to ktrace, it will
also include all descendants in the resulting ktrace.out file.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: file permission question

[David Kirchner]

/etc/passwd (probably really /etc/pwd.db) are used for several user-land
programs including 'ls'. It's highly recommended that /etc/passwd stay
readable to the world.

Btw, the output of 'ps' can be easily reconstructed via access to the
/proc filesystem. You can unmount this partition, but ps will operate
differently.

With /proc unmounted, you can still get a process listing for everyone -
you can disable this by setting the sysctl kern.ps_showallprocs to 0.

On Mon, 1 Oct 2001, default wrote:

> Hi,
>
> I am allowing a couple of ppl to have a shell account on one of my machines,
> and I am making a few changes to disallow them from using certain things...
> like chmoding the 'ps' command to 550 etc...
>
> I wanted to ask, is there any reason why one wouldn't want to chmod to 640
> the passwd file and other similar files? ...
>
> Thanks,
>
> Jordan
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-security" in the body of the message

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"