NIS group mQuestion
Hello, I'm trying to setup a NIS Server under FreeBSD 6.2 to serve Linux Clients (CentOS4). The main problem i have is with the group map. When FreeBSD generates the maps it gets the info for this from /etc/group, which gets imported from the Linux clients. My question is: Is there anyway to avoid this? I would like to use a different group file, not the one in /etc in the same way it's done with master.passwd Best regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS group mQuestion
Hello, I'm trying to setup a NIS Server under FreeBSD 6.2 to serve Linux Clients (CentOS4). The main problem i have is with the group map. When FreeBSD generates the maps it gets the info for this from /etc/group, which gets imported from the Linux clients. My question is: Is there anyway to avoid this? I would like to use a different group file, not the one in /etc in the same way it's done with master.passwd Best regards Hi again, i'll answer to myself. To change the way NIS works in FreeBSD i have just to edit /var/yp/Makefile and change the place where NIS takes the source files. I just had to read the Makefile first to send the question to the list! Thanks again ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Installing FreeBSD on large disk 2TB
Hello I'm trying to install FreeBSD 6.2 on a HP DL320s. This server has a P400 RAID controller with 12 SATA disk drives attached to it. The RAID controller is supported in FreeBSD through the ciss driver. The problem happens when i try to use a RAID larger in size to 2 Terabyte, then the install program freezes and the machine reboots (it cannot find the disk). If the array is smaller than 2 Terabytes then there is no problem, the controller detects the disk and i can install FreeBSD on it. I have tried with i386 and AMD64 versions (the server has a Xeon processor supported by AMD64) Any clue on how to solve it? FreeBSD can't be installed on disks larger than 2 TB? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Installing FreeBSD on large disk 2TB
El Lunes, 11 de Junio de 2007 11:27, Andreas Rudisch escribió: On Mon, 11 Jun 2007 10:13:04 +0200 Enrique Ayesta Perojo [EMAIL PROTECTED] wrote: Hello I'm trying to install FreeBSD 6.2 on a HP DL320s. This server has a P400 RAID controller with 12 SATA disk drives attached to it. The RAID controller is supported in FreeBSD through the ciss driver. The problem happens when i try to use a RAID larger in size to 2 Terabyte, then the install program freezes and the machine reboots (it cannot find the disk). If the array is smaller than 2 Terabytes then there is no problem, the controller detects the disk and i can install FreeBSD on it. I have tried with i386 and AMD64 versions (the server has a Xeon processor supported by AMD64) Any clue on how to solve it? FreeBSD can't be installed on disks larger than 2 TB? Thanks A quick google search revealed this: http://www.freebsd.org/projects/bigdisk/index.html Andreas Yes, i knew that page, but as it seems that the project has been forgotten for quite a long time i thought there could be some other way to do it.. Thanks anyway ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HAL + KDE
Hi, has anybody get success in getting removable media work with KDE? I have tried what i think it's mandatory for HAL to work, but i continue getting this message in KDE whenever i try: A security policy in place prevents this sender from sending this message to this recipient, see message bus configuration file (rejected message had interface org.freedesktop.Hal.Device.Volume member Mount error name (unset) destination org.freedesktop.Hal) My config: The user i'm using is in the operator group # /etc/devfs.conf own /dev/cd0root:operator perm/dev/cd00666 #/etc/sysctl.conf vfs.usermount=1 #/etc/rc.conf dbus_enable=YES polkitd_enable=YES hald_enable=YES Any clue? pgpLmuT6spNYv.pgp Description: PGP signature
Re: sshd break-in attempt
El Martes, 2 de Enero de 2007 14:12, Nathan Vidican escribió: In our 'periodic daily' report/email, (only the list goes on for hundreds of attempts). Anyhow, long story short; is there not an easy way to make sshd block or deny hosts temporarily if X number of invalid login attempts are made within a minute's time? Must I use an external wrapper to accomplish this, or can it be done with options to sshd on it's own? I'm using security/bruteforceblocker with success, it's easy to install and run and works with pf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Adaptec 1200A atacontrol
Hello, recently i have had a problem with one of the disks attached to an Adaptec 1200A RAID controller doing a 0+1 RAID. After replacing the disk and rebuilding the array FreeBSD says the array is degraded, marking the new disk and the other in the same channel as FREE. Is there anything needed to do with atacontrol to make FreeBSD recognize the array? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
DVB Cards
Hello, ¿does anyone know any DVB-T card that works on FreeBSD? Thanx ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD NIS server authenticating Linux
Hello, i'm trying to bind a Linux client (Fedora Core 5) to a FreeBSD 6.1-RC NIS Server. The linux client seems to bind correctly to the NIS Domain. Anyway when i try to log into the linux machine i can't log in. As i have seen on google, there seems to be some kind of problem with a neccesary shadow map for the linux machine to authenticate, but these seems to be old problems. Any ideas on what is happening really and some way to solve it? Thanks a lot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
devfs problem at bootup 6.0R
Hello, i have the next problem with devfs. It's a FreeBSD 6.0 RELEASE (but the problem is there since the first available beta versions). I want to use an ATA dvd rewriter as SCSI. I have added the ATAPI/CAM and if i do a: camcontrol devlist i can see correctly the devices BENQ DVD DD DW1620 B7W9 at scbus1 target 0 lun 0 (pass0,cd0) TOSHIBA DVD-ROM SD-M1612 X004at scbus1 target 1 lun 0 (pass1,cd1) In /etc/devfs.conf I have the next lines: linkcd0 cdrom linkcd0 dvd permcd0 0666 permcd1 0666 permpass0 0666 permpass1 0666 permxpt00666 But it seems that at boot time /etc/rc.d/devfs is not correctly launched, so i have only access to those devices as root. If i want to have acces to them as a normal user i have to launch /etc/rc.d/devfs by hand as root, so i don't have any problem. I see a suspicious boot up messages with cd0 and cd1, the detection is accomplised at the end of the boot process, but in another machines is detected much before, at least that's what i see on another machines with a similar configuration Any clue on what happens? Thanks a lot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Secure File Copy
El Asteartea, 15 de Azaroa de 2005 14:47, Joshua Lewis escribió: I have a FreeBSD 5.4 system and I have no way to back up the data. I don't have a burner and I can't get one anytime soon. I do however have a burner on my wifes G4 laptop. I have enabled SSH on the FreeBSD system and I can SSH into the box from the Mac, However I do not know how to copy the files I need to back up from the FreeBSD system to the Mac. Thanks ahead of time for any help. Take a look at the scp man page, it works very similar to the cp command. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Secure File Copy
El Asteartea, 15 de Azaroa de 2005 15:17, Joshua Lewis escribió: I was trying that I did scp [EMAIL PROTECTED]:/usr/local/www localhost:/Users/joshua/Desktop/FreeBSD And it prompted me for a password on the server but the root password would not authenticate. I don't know very much about MacOs but usually the user root is disabled by default at the sshd configuration, so you should use a normal user account to copy the files. If not, take a look at the sshd config file and allow the root user to use ssh. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Xauth - bad hostname
El Osteguna 13 Urria 2005 05:23, James S Blankenship escribió: I've successfully installed FreeBSD 5.4, and have X running. But I get the error message Xauth bad hostname when logging out of gnome, and when starting gnome, so gnome doesn't run as well as it could. How can I fix this? Sysinstall? Best regards, James It happens because your machine doesn't have a FQDN, to solve it, you can edit /etc/hosts and change the line concerning to localhost to something like: 127.0.0.1 localhost localhost.my.domain machine_name.domain.name pgpEyuk2kFZTm.pgp Description: PGP signature
Re: Intel(R) PRO/wireless 2200BG unavailable on FreeBSD 6 ?
El Asteazkena 12 Urria 2005 04:03, YuHong escribió: hi Is Intel PRO wireless 2200BG available on FreeBSD 6? I install this card like this, but it's unavailable. 1. append ``device iwi'' to my kernel configure file and reinstall kernel, then Intel card delected by FreeBSD when reboot. iwi0: Intel(R) PRO/Wireless 2200BG mem 0xc0214000-0xc0214fff irq 11 at device 2.0 on pci2 iwi0: Ethernet address: 00:0e:35:20:58:1b 2. install ports '/usr/ports/net/iwi-firmware' 3. iwicontrol iwi0 -d /usr/local/share/iwi-firmware -m bss 4. ifconfig iwi0 up The indicator light always off, never on. is somthing i losted? thanks for your help. please excuse me for my poor english. Have you tried to connect it to the WiFi network? I have the same problem with the indicator led at the laptop, but the interface works perfectrly. pgpv30FJPAj7N.pgp Description: PGP signature
Re: Upgrading to freebsd 5.4 STABLE from 5.3 kernel panic, what do i do to get data back?
El Osteguna 13 Urria 2005 14:49, Alex escribió: Hello list! I have been successfully been running 5.3 for a couple of weeks when i decided i should upgrade to 5.4 stable. Now the make world went fine except mergemaster complaining it couldn't find usr/src/etc or something similar. I made make buildkernel wich also went fine. But when I booted into my upgraded system I got kernel panic, so I made another restart and this time it went ok. Yestoday I removed SCSI card and DAT tape and NIC so I can have them in my main server. Now i cant get past this: freebsd 5.4-stable kernel trap 12 with interupts disabled Fatal trap 12: page fault while in kernel mode fault virtual address = 0x9 fault code = supervisor write, page not present instruction pointer = 0x8 :0xc077c073 stack pointer = 0x10 :0xc0c20d00 frame pointer = 0x10 :0xc0c20d0c code segment = base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = resume, IOPL = 0 current process = 0 () trap number = 12 panic: page fault Uptime: 1s So my attack-plan is to reinstall system from scratch and never do make buildworld make buildkernel again, BUT, I have a whole lot of information remaining on both disks that are in right now. From what I could see in the installer, fbsd installer wont let me install in a different directory with filesystem still intact like windows doesor does it? Please help! :) You don't need to reinstall from scratch. Get into the boot loader prompt and type boot kernel.old, this way you'll boot the old 5.3 kernel. Once there, update your src tree and perform the upgrade following the instructions in the 20.4.1 chapter of the handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bruteforceblocker + PF
El Osteguna 06 Urria 2005 22:18, Daniel Gerzo escribió: Hi questions, Enrique Ayesta Perojo, snip because I have accidently lost the thread :-) It seems like bruteforceblocker is running, since you can see messages in your auth.log. this is good. could you please provide me info, which version of openssh are you using, so I can debug? I have som reports, that my bruteforceblocker does not work with older versions of openssh, since it uses little bit different format of warnings, so my regexps does not apply. Also, please send here the format of those messages. Thank you. This is the version: OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7e 25 Oct 2004 It's a FreeBSD 5.4-p7 box, and here there are some of the messages at /var/log/auth.log: Oct 6 18:29:26 fatboy sshd[28472]: Illegal user jack from 63.67.26.114 Oct 6 18:29:26 fatboy sshd[28472]: reverse mapping checking getaddrinfo for host114.nokia-boston.com failed - POSSIBLE BREAKIN ATTEMPT! Oct 5 18:53:33 fatboy sshd[20731]: Illegal user pepito from 10.200.62.201 Oct 5 18:53:33 fatboy sshd[20731]: Failed unknown for illegal user pepito from 10.200.62.201 port 44241 ssh2 Thanks again ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bruteforceblocker + PF
El Osteguna 06 Urria 2005 21:56, Noel Jones escribió: I manually installed bruteforceblocker 1.1 (later noticed it's in ports/security) and when it starts, it looks like: --- log started at Wed Oct 5 13:13:01 2005 --- So it appears that your software is different from mine. No, it's the same version, it's the one of the ports, the change in the symbols ! was made by us. Are you also seeing sshd logging information about failed and accepted login attempts? Yes, i can see all the login attempts One thing I did notice was that all the lines in the bruteforceblocker.pl script ended with ^M. So I used vi to remove them. I don't know if that is part of your problem or not, but it's something you might check. Yes, i made the same when i installed the port FWIW, after making the suggested change to my syslog.conf file and editing the file locations in the bruteforceblocker.pl script, it worked first try here. The only other suggestion I have is to check your /etc/syslog.conf changes. Find the line that looks like: auth.info;authpriv.info/var/log/auth.log and change it to: auth.info;authpriv.info | exec /usr/local/bin/bruteforceblocker.pl Also done :( Thanks for your help! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bruteforceblocker + PF
El Viernes, 7 de Octubre de 2005 13:08, Daniel Gerzo escribió: 1) Update your OpenSSH to 4.2, you can find the port in the security/openssh-portable (you can use -DOPENSSH_OVERWRITE_BASE option) Note, that this one I prefer more. Nice!!! It works perfectly, that was the problem, the ssh version and the logs it creates, after installing the one in the ports everything works fine. Thanks a lot by your help, and of course, for having made this little script, it is very helpful :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bruteforceblocker + PF
El Miércoles, 5 de Octubre de 2005 21:53, Noel Jones escribió: I'm going to assume this is just a small part of your pf.conf, because the part you show doesn't allow any internet access. Maybe you should show us your entire pf.conf. Yes, it was a small part of my pf.conf. Anyway i'm trying on another machine with a much smaller configuration with the same results. I think it should be enough for bruteforceblocker to work ***/etc/pf.conf*** table bruteforce persist file /var/log/bruteforce # options set block-policy return set loginterface bge0 # scrub scrub in all # filter rules pass all block in log quick inet proto tcp from bruteforce to any port ssh Do your rules display as expected? # pfctl -s rules Yes, they display as expected No ALTQ support in kernel ALTQ related functions disabled scrub in all fragment reassemble pass all block return in log quick inet proto tcp from bruteforce to any port = ssh Did you reload pf after you edited pf.conf? # pfctl -f /etc/pf.conf Yes, i did Are you testing this from outside the 10.200.x.x network? Yes In your auth.log do you see bruteforceblocker messages such as: 220.92.126.217 was logged with total count of 1. when an ssh login fails? And then after $max_attempts is exceeded you should see: IP 202.92.126.217 reached the maximum number of failed attempts!!! Adding IP to the firewall... No, i don't see any of these messages, the only message i see is the start of the log: !!! log started at Wed Oct 5 18:53:23 2005 !!! I cannot figure what's the problem, the bruteforce table remains clean after the tests, but the bruteforce blocker is running in the system apparently whithout any problems as i have checked with ps. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bruteforceblocker + PF
Hello, i'm trying to install the bruteforceblocker script to stop ssh attacks, but i'm having a problem with PF because it seems not to block the attacker ip. The machine is connected to internet and has some needed services for the LAN, so i want to log and block only outside attacks. The bruteforceblocker script seems to be working, because i can read the initial time of it at /var/log/auth.log, so i think the problem may be at my pf configuration. Any help? Thanks a lot /etc/pf.conf table bruteforce persist file /var/log/bruteforce # options set block-policy return set loginterface $ext_if # scrub scrub in all # filter rules block all pass quick on lo0 all pass in on bge0 from 10.200.62.0/24 to 10.200.62.17 pass out on bge0 from 10.200.62.17 to 10.200.62.0/24 block in log quick inet proto tcp from bruteforce to any port ssh This is my conf of bruteforceblocker my $logfile = '/var/log/auth.log'; # file where this script will log to my $pfctl = '/sbin/pfctl';# pfctl binary my $table = 'bruteforce'; # pf table my $tablefile = '/var/log/bruteforce';# file where table persist my $max_attempts= 3;# number of max allowed fails my $timeout = 3600; # number of seconds after resetting of ip my %count = (); # number of failed tries my %time= (); # last modified time ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't access DVD Video from K3b
Hello, when i try to access a DVD Video from K3b to rip some video i get Malformed URL error and can't access the DVD, anyway i can play it perfectly with Kaffeine, so i think it's not an device access problem (devfs). Has anybody of you the same problem? Thanks in advance pgpka9xbHgo3h.pgp Description: PGP signature
Re: NFS - FreeBSD5 UFS2 serving FreeBSD4 UFS clients
El Martes, 7 de Diciembre de 2004 12:15, Jamie Heckford escribió: Logic tells me that if my NFS server is running 5.x with a UFS2 filesystem that my 4.x UFS clients won't be able to mount a share from the 5.x box. Or does the NFS layer allow this? Will my 5.x box be backwards compatible for 4.x boxen and still work? There won't be any problem, we currently have an UFS2 machine serving NFS shares to different OSs, FreeBSD 4.10, Solaris 9. pgpf7cbVdcyLC.pgp Description: PGP signature
Re: Disk Space
El Jueves, 18 de Noviembre de 2004 05:54, [EMAIL PROTECTED] escribió: But if you use Konquerer to analyze the drives the following capacities are reported: ad0s1a1500 MB (/) ad0s1e 16.7 MB(/var) ad0s1f 12.8 MB(/tmp) ad0s1g 1300 MB(/usr) I would try to bring the machine to single user mode and run a fsck on all filesystems. pgpDDiFhGdGru.pgp Description: PGP signature
BIND 9 and BIND 8 Transfers?
Hello, i have recently installed a new FreeBSD 5.3 RC1 to replace our internal cache dns master server, so it has installed BIND 9, on another machine we have currently installed BIND 8. Does anybody of you know if the transfer of zones between the two versions are compatible? Thanks in advance ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BIND 9 and BIND 8 Transfers?
El Viernes, 29 de Octubre de 2004 12:35, Matthew Seaman escribió: In principle, essentially yes. However, be aware that Bind9 is a lot pickier than Bind8, and various things that you used to be able to get away with now result in errors. Keep an eye on the /var/log/messages or /var/log/all.log files whenever you restart bind, as it tends to write pretty explanatory error messages there. Thanks a lot, i was afraid that a transfer could leave my slave server KO, i'll take a look at the docs you mentioned Regards ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Interrupt storm detected on irq7
Hello, i'm running FreeBSD 5.3 BETA-7 from October 13, everytime i try to print something through my LPT printer i get the next message: Interrupt storm detected on irq 7: lpt0; throttling interrupt source and the printer gets extremely slow. I've googled a bit and have found it's not a strange problem, some people suggest to add SMP option to the kernel (it's a one processor machine) or increasing the number of simultaneous interruptions at sysctl. I don't think any of them are a good choice, but Anyone of you has had this problem? and if so, how did you solve? Thanks in advance pgptRbUoTlAkj.pgp Description: PGP signature