mpd5 vs lt2pd vs sl2tps
Hi, I'm trying to get a FreeBSD box set up as an L2TP server. I've been tinkering with mpd5 and had some success, but I was wondering if anyone has been using l2tpd or sl2tps and what their experiences might have been. Are either of these easier to set up? More reliable? Especially for a configuration where LDAP authentication is preferred, or at least RADIUS if not LDAP? -- Tim Gustafson t...@ucsc.edu 831-459-5354 Baskin Engineering, Room 313A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Restricting Periodic Scripts
I have a FreeBSD ZFS file server with tens of millions of files stored on it. But, the daily periodic scripts like /etc/periodic/security/110.neggrpperm and /etc/periodic/weekly/310.locate take hours iterating through those folders, and I just don't need them to be scanned. I see that I can edit /etc/locate.rc to fix the behavior for /etc/periodic/weekly/310.locate but I don't see a way to exclude folders from other scripts like /etc/periodic/security/110.neggrpperm from scanning them. Is there any way to prune out folders that I don't want scanned, or should I just disable those jobs? -- Tim Gustafson t...@ucsc.edu 831-459-5354 Baskin Engineering, Room 313A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Restricting Periodic Scripts
I have a FreeBSD ZFS file server with tens of millions of files stored on it. But, the daily periodic scripts like /etc/periodic/security/110.neggrpperm and /etc/periodic/weekly/310.locate take hours iterating through those folders, and I just don't need them to be scanned. I see that I can edit /etc/locate.rc to fix the behavior for /etc/periodic/weekly/310.locate but I don't see a way to exclude folders from other scripts like /etc/periodic/security/110.neggrpperm from scanning them. Is there any way to prune out folders that I don't want scanned, or should I just disable those jobs? Thanks to everyone who replied. I got some helpful suggestions from a few people, which all amounted to either disable the jobs or create your own custom version of those jobs. So for now, I'm just disabling them. I appreciate all the help. Thanks! -- Tim Gustafson t...@ucsc.edu 831-459-5354 Baskin Engineering, Room 313A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Cron Problems
I've recently installed a FreeBSD 9.0 jail server, and inside each of my jails I am getting the following errors in my log about every 5 minutes: cron[7635]: NSSWITCH(_nsdispatch): ldap, group, setgrent, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, group, getgrent_r, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, group, endgrent, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, passwd, endpwent, not found, and no fallback provided /usr/sbin/cron[7673]: (CRON) WARNING (madvise() failed) I'm using nss_ldap and pam_ldap on these systems, so I suspect and error in my /etc/pam.d configuration or my nsswitch.conf configuration. I've added some configuration to /etc/pam.d/sshd and /etc/pam.d/other but have left the other files unmolested. Now, this seems like an nsswitch problem, but my nsswitch.conf is fairly straightforward: group: files ldap hosts: files dns networks: files passwd: files ldap shells: files services: files protocols: files rpc: files I'm able to get user ID information without a problem using id or finger. Authentication is working. LDAP groups are working. Pretty much everything seems like it ought to work, except for those error messages. I don't think this is a PAM issue, but just in case, here's my /etc/pam.d/sshd: authsufficient /usr/local/lib/pam_ldap.so authrequiredpam_unix.so account requiredpam_nologin.so account requiredpam_login_access.so account requiredpam_unix.so session requiredpam_permit.so passwordrequiredpam_unix.so no_warn try_first_pass And here is /etc/pam.d/other: authsufficient /usr/local/lib/pam_ldap.so authrequiredpam_unix.so no_warn try_first_pass account requiredpam_nologin.so account requiredpam_login_access.so account requiredpam_unix.so session requiredpam_permit.so passwordrequiredpam_permit.so I note that there is an /etc/pam.d/cron but it's not clear to me what I might add to this file, as it is quite different than the others: account requiredpam_nologin.so account requiredpam_unix.so So, what am I missing? -- Tim Gustafson t...@tgustafson.com http://tgustafson.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD / Gnome / Audio
Hello, I've read through a zillion posts in the FreeBSD forums and various other Google sources about getting audio to work in Gnome on FreeBSD. Most of the posts say something like pulseaudio sucks, don't use it, and that's fine, but what do I replace it with? Since I've removed pulseaudio from all my installed ports, I now have no audio control panel under System, Preferences, and I have no volume control slider near the clock. Audio is working in that I can play a video in Firefox and hear the audio, but it's currently coming out the wrong sound card (for whatever reason, Dell's audio card shows up twice: once for the internal speaker and once for the external speaker/headphone jacks). So I can't tell Gnome to push the audio out /dev/dsp1 now, rather than /dev/dsp0. Basically, how do I control how applications put sound out to my system when pulseaudio is not installed? -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tim Gustafsont...@soe.ucsc.edu Baskin School of Engineering 831-459-5354 UC Santa Cruz Baskin Engineering 317B -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Upgrading Boot Loader
Hi, I want to update my boot loader based on upgrading to FreeBSD 8.1. I originally installed FreeBSD 8.0 using the zfsinstall utility available at http://mfsbsd.vx.sk/ and so my tank zpool is currently using version 13, whereas my other non-boot zpool is using version 14. After upgrading (via make buildworld buildkernel installkernel installworld) to FreeBSD 8.1, running zpool status tells me: The pool is formatted using an older on-disk format. The pool can still be used, but some features are unavailable. Upgrade the pool using 'zpool upgrade'. Once this is done, the pool will no longer be accessible on older software versions. I vaguely remember reading that the zfsboot and/or zfsloader need to be updated properly before you upgrade your root zfs pool or the loader won't be able to boot from that partition. So, my question is: how do I update the zfsboot and/or zfsloader to the new version? I've read that bsdlabel can install new boot code, but I'm not sure which one of those files (or both) need to be used. My best guess is that I need to run: bsdlabel -B -b /boot/zfsboot Is that correct? Is there anything else I should do? What's the proper way to roll back in the event that the system becomes unbootable? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading Boot Loader
Nope. Read http://www.mail-archive.com/freebsd-sta...@freebsd.org/msg103917.html You need the dd sequence. And you need to do that on exported pool. So, just to be clear, I need to boot off a USB key (which will then allow me to write to ad8 and ad10, my two boot zpool devices), and then: dd if=/boot/zfsboot of=/dev/ad8 bs=512 count=1 dd if=/boot/zfsboot of=/dev/ad10 bs=512 count=1 dd if=/boot/zfsboot of=/dev/ad8 bs=512 skip=1 seek=1024 dd if=/boot/zfsboot of=/dev/ad10 bs=512 skip=1 seek=1024 And that assumes that I copy the newly-compiled zfsboot to the USB key after creating it, correct? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading Boot Loader
PS: I've just recently changed my mind and moved from dedicated vdevs to gpart. This gives possibility of: 1. Having raw swap partition suitable for swapping/dumping. 2. Updating bootcode online without loosing uptime. Just in expense of some kilobytes of disk space. I too am using gpart to partition the drives: ad8 and ad10 are partitioned using gpart. I'm attaching the output of gpart list to this e-mail. Is there an easier/better way to upgrade the boot loader with gpart partitions? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354Geom name: ad8 fwheads: 16 fwsectors: 63 last: 1953525134 first: 34 entries: 128 scheme: GPT Providers: 1. Name: ad8p1 Mediasize: 65536 (64K) Sectorsize: 512 Mode: r0w0e0 rawtype: 83bd6b9d-7f41-11dc-be0b-001560b84f0f label: (null) length: 65536 offset: 17408 type: freebsd-boot index: 1 end: 161 start: 34 2. Name: ad8p2 Mediasize: 17179869184 (16G) Sectorsize: 512 Mode: r1w1e1 rawtype: 516e7cb5-6ecf-11d6-8ff8-00022d09712b label: (null) length: 17179869184 offset: 82944 type: freebsd-swap index: 2 end: 33554593 start: 162 3. Name: ad8p3 Mediasize: 983024916992 (916G) Sectorsize: 512 Mode: r1w1e1 rawtype: 516e7cba-6ecf-11d6-8ff8-00022d09712b label: (null) length: 983024916992 offset: 17179952128 type: freebsd-zfs index: 3 end: 1953525134 start: 33554594 Consumers: 1. Name: ad8 Mediasize: 1000204886016 (932G) Sectorsize: 512 Mode: r2w2e4 Geom name: ad10 fwheads: 16 fwsectors: 63 last: 1953525134 first: 34 entries: 128 scheme: GPT Providers: 1. Name: ad10p1 Mediasize: 65536 (64K) Sectorsize: 512 Mode: r0w0e0 rawtype: 83bd6b9d-7f41-11dc-be0b-001560b84f0f label: (null) length: 65536 offset: 17408 type: freebsd-boot index: 1 end: 161 start: 34 2. Name: ad10p2 Mediasize: 17179869184 (16G) Sectorsize: 512 Mode: r0w0e0 rawtype: 516e7cb5-6ecf-11d6-8ff8-00022d09712b label: (null) length: 17179869184 offset: 82944 type: freebsd-swap index: 2 end: 33554593 start: 162 3. Name: ad10p3 Mediasize: 983024916992 (916G) Sectorsize: 512 Mode: r1w1e1 rawtype: 516e7cba-6ecf-11d6-8ff8-00022d09712b label: (null) length: 983024916992 offset: 17179952128 type: freebsd-zfs index: 3 end: 1953525134 start: 33554594 Consumers: 1. Name: ad10 Mediasize: 1000204886016 (932G) Sectorsize: 512 Mode: r1w1e2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading Boot Loader
gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ad8 gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ad10 When I run this, I get: r...@foo: gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ad10 ad10 has bootcode Does that mean it was successful, or that no change was made? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Upgrading Boot Loader
Does that mean it was successful, or that no change was made? Successful. Awesome, thanks! Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
mount_autofs
Hi, I see that in /usr/src there are some things related to mount_autofs, but none of this is compiled or installed during the buildworld/buildkernel process. If I build mount_autofs by hand: cd /usr/src/sbin/mount_autofs make make install I get a binary that runs, but always complains: mount: Operation not supported by device Our network has a huge existing user base (thousands of computers and thousands of users) that are on Mac client, Linux clients, Linux servers and SunOS servers that all use autofs automount maps distributed via LDAP. I'm pushing hard for us to start using FreeBSD for some things, but the lack of an automounter that is compatible with the maps that we're already distributing for these other OSs is a show-stopper. Making a static copy of the mount maps for FreeBSD use is not going to work (for one thing, the maps change too frequently, and anyhow there are thousands of mount points and we don't want them all mounted on our BSD boxes all of the time) and I tried to get AMD to work using exec maps but found it to be incredibly unstable (and in fact AMD locked up my machine several times during the course of experimentation, requiring an actual power cycle to get the system responding again). I had a chat with Alfred Perlstein who worked on some autofs-compatible stuff back in about 2004 for FreeBSD that was dropped because of pressure by Apple. He thinks that the current Apple autofs might be licensed under the ASPL but doesn't have the bandwidth to do any work on porting that to FreeBSD. Unfortunately, my C skills are not up to snuff, so I'm in no place to port anything anywhere, so I was wondering if anyone else on the list had any interest in autofs for FreeBSD that might be a bit more fluent in C than I am? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
isp0 troubles
Hi, I've got a QLogic fibre channel card in my system right now: isp0: Qlogic ISP 2300 PCI FC-AL Adapter port 0x4000-0x40ff mem 0xd030-0xd0300fff irq 16 at device 1.0 on pci6 This device is working, and the drives attached to it are available and seem to be performing OK, but I'm getting hundreds of messages like this: isp0: 0.5.0 FCP RESPONSE, LENGTH 8: Invalid FCP Cmnd CDB0=0x00 isp0: 0.3.0 FCP RESPONSE, LENGTH 8: Invalid FCP Cmnd CDB0=0x00 I've uploaded a snippet of my most recent dmesg isp-related information here: http://users.soe.ucsc.edu/~tjg/isp.txt Is there something I've got misconfigured that's causing all these messages? As an aside, I'm also getting lots of these: GEOM: da0: corrupt or invalid GPT detected. GEOM: da0: GPT rejected -- may not be recoverable. GEOM: da1: corrupt or invalid GPT detected. GEOM: da1: GPT rejected -- may not be recoverable. I think these disks were originally gpart disks, but now they're all part of a zpool. Is there some way to quell those messages, as I'm sure they don't have gpart partitions on them anymore? There's nothing in the zpool at the moment, so I can destroy the zpool and then dd the disks if that will help. Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD Support for Fibre Channel Devices
Hi, Can anyone recommend a FreeBSD-compatible fibre channel board to connect a FreeBSD 8.0 server to a Sun 3500 disk array? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD Support for Fibre Channel Devices
isp(4) mpt(4) Hrmm, I guess I should phrase the question this way: I have installed a Fibre Channel card into a new FreeBSD 8.x box. I have both isp(4) and mpt(4) are loaded and the device still doesn't appear in /dev. pciconf shows: no...@pci0:8:1:0: class=0x0c0400 card=0x656c1242 chip=0x15601242 rev=0xb2 hdr=0x00 vendor = 'Jaycor Networks Inc' device = 'Dual Channel 2 Gb/s Fibre Channel-PCI-X (JNIC-1560)' class= serial bus subclass = Fibre Channel So I'm guessing that this device is unsupported. So, what I was trying to ascertain from my original question is: does anyone have any FreeBSD experience with a Fibre Channel card that they like under FreeBSD that I can replace this one with? Basically I'm asking for a recommendation along the lines of I have card X and it works beautifully. :) Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fusefs-cryptofs vs fusefs-cryptofs
I use file backed GELI fs in this manner. Of course you can script it yourself, but I find the ez-jail handles my requirements perfectly. Thanks, I'll look into using GELI. I think if I do that, I'll have to mount the file system in the host environment at boot time so that it can prompt for the pass phrase properly, as there really isn't much of a console for each jailed environment. Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
fusefs-cryptofs vs fusefs-cryptofs
Hi, all. I was wondering if anyone could offer any personal experience with using either fusefs-cryptofs or fusefs-cryptofs. I'm going to be bringing a FreeBSD OpenLDAP server online soon and I need to have the contents of the OpenLDAP database encrypted in the event of a physical security breach, and so I need a reliable and efficient disk encryption scheme to handle that. I was thinking of encrypting /var/db/openldap using either fusefs-cryptofs or fusefs-cryptofs, but I'm not sure which would be better to use for this sort of application. Thanks! Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
err, make that fusefs-cryptofs vs fusefs-encfs
Doh! I totall flubbed that last e-mail. I meant: fusefs-cryptofs vs fusefs-encfs Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: fusefs-cryptofs vs fusefs-cryptofs
On FreeBSD, this is spelled GELI (or GBDE, but I think geli is slightly better). Native filesystem level encryption -- rather more efficient than something like fuse, needs no extra software installed, very secure. Sorry, I should have been more specific: This is in the context of a jailed system. So, the encrypted file system must be creatable, configurable, mountable and unmountable entirely from within a jail. Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Mounting NFS From Within a Jail
Hi, Is it possible to mount an NFS file system from within a jail? On my jail host, I have: security.jail.mount_allowed: 1 From the jail host, I can mount just fine: r...@jailhost: mount /dev/da0s1a on / (ufs, local) devfs on /dev (devfs, local, multilabel) nfsserver:/usr/ports on /usr/ports (nfs) nfsserver:/usr/src on /usr/src (nfs) nfsserver:/usr/obj on /usr/obj (nfs) However, from within a jail, I get: r...@jailguest: mount nfsserver:/usr/ports /usr/ports mount_nfs: /usr/ports, : Operation not permitted Am I missing something else here? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
OpenSSL 0.9.8k - 0.9.8l
Hi, I run a few web servers with need to be PCI compliant. Apparently there's a problem with OpenSSL 0.9.8k that requires us to upgrade to 0.9.8l for us to maintain our compliance level. I've csup'd to RELENG_8_0 and did a build/install cycle and OpenSSL is still at 0.9.8k. Using RELENG_8 isn't really an option for me because the last I upgraded to that level, ipfw was broken and I'm not sure that the problem with ipfw has been fixed (Luigi tells me that it has, but I haven't had time to test it yet). Is there any movement to patch RELENG_8_0 with OpenSSL 0.9.8l? Or will I be stuck with 0.9.8k until I move to RELENG_8? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ipfw weirdness after csup/buildworld
I am running: FreeBSD 8.0-STABLE amd64 After recently csup'ing to the latest sources and then a build/install cycle, my ipfw started misbehaving badly. I'm seeing lots of: ipfw: install_state: entry already present, done and also lots of: ipfw: ouch!, skip past end of rules, denying packet When I did an ipfw list, I got something like this: 0 ip from any to any Note the rule number is all zeros, and there's no allow or deny. Adding rules or removing rules didn't fix anything, nor did an ipfw flush. Once it was in that state, attempting to kldunload ipfw caused the system to hang. The only fix for now was to disable the firewall. When I went into single user mode, and did: kldload ipfw ipfw /etc/firewall.rules (which is the same ruleset I had loaded on boot) everything worked fine, but when I went into multi-user mode and did the same thing, it failed with the symptoms listed above. Just to be sure, a day after this started happening I did a csup again and another build/install cycle but got exactly the same results. Any ideas? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 8 / amd64 / Xorg / nvidia GeForce 5200
Did you try xrandr? It should report multiple heads (run the command without arguments). You can then enable the second monitor using something like: xrandr --output DVI1 --auto xrandr only saw one head. *sigh* I just ordered a more modern nVidia card that is supported by the current driver. :) Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD 8 / amd64 / Xorg / nvidia GeForce 5200
Hi, My workstation runs FreeBSD 8.0-STABLE amd64. I have Xorg 1.6.5 and an nVidia GeForce 5200 dual head video card. Currently the first head of the card is operating well using the nv driver. I tried to compile the nvidia-driver port, but it tells me that I need nvidia-driver-173 because the 5200 chipset isn't supported by the current driver. When I go to compile nvidia-driver-173 it tells me that it is not supported under the amd64 architecture. I can't switch to an i386 kernel because I need the amd64 architecture to take advantage of all my RAM and also because I am using ZFS on this workstation, which more or less requires the amd64 architecture. So, I have two questions: 1. Is there any way to get the nvidia-driver-173 port to work with my amd64 OS? 2. Is there any way to get the second head of the 5200 video card to work using the nv driver? I tried adding a second device section to xorg.conf but the system errors out telling me that it tried to use conflicting hardware. I've attached both my xorg.conf and my Xorg.0.log file to this message. Or am I stuck buying a newer card? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 xorg.conf.2010-03-24 Description: Binary data ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD-Compatible Multifunction Device
Hi, I've Googled this a bit and found lots of noise about different experiences with devices that -didn't- work or commentary from people about how multifunction devices are a bad idea, but no actual recommendations. I was wondering if anyone could make a recommendation for me about which networked multifunction device is most compatible with FreeBSD? Specifically, I'd like a printer/scanner/fax/copier that: - is network-enable out of the box (wired is preferred but wireless is ok) - has FreeBSD CUPS printer drivers - can be configured to send scans to FreeBSD somehow (either by mounting a samba share, or sending an e-mail, or whatever) - had a scanner hopper that would let me scan multiple pages at once - bonus points for a scanner that scans both sides of the page It would be further awesome if inbound faxes could be routed to e-mail too, but that's not a requirement. Has anyone found such a beast? Tim Gustafson t...@tgustafson.com http://tgustafson.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD and automountMap
Hi, I was wondering if anyone could point me in the right direction in regard to getting automounts working via LDAP-distributed automountMap-style maps? We are already using automountMap-style maps distributed via LDAP for a few thousand Linux, Mac and SunOS clients and I'd like to be able to use the same maps for my FreeBSD machines too, but I can't seem to find any clear documentation on how to set this up. I've Googled lots of different things - the word FreeBSD with autofo, autmount, automountMap, etc. I've found lots of stuff about amd, but amd does not appear to support automountMap-style maps. I also found a mount_autofs in /usr/src/sbin/mount_autofs, but that appears to not be installed by default, and when manually compiled it's non-functional. I did find one reference to someone that ported autofs to FreeBSD, but then was asked by Apple to take his code down. Please note that we're -not- talking about older NIS-style maps. We -were- using them for our Linux, Mac and SunOS clients until recently, and have been switching over to the newer automountMap style for a while now. I'm having a hard time believing that FreeBSD is the only UNIX-like OS that seems to be lacking this sort of autofs support. Is that really the case? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Boot Support from Installer
No one has gone near that stuff in years. We don't even have gmirror(8) creation support in there. Best not to use sysinst. The livefs image has all of the tools that you need to bootstrap a system. That's a silly answer. The way to get more people to use FreeBSD is to make the installation process as easy and complete as possible. If bootstrapping a system using the livefs file system is possible, then there's no reason that the functionality couldn't or shouldn't be built into the installer. Yes, a higher-level sysadmin can do it...but the vast majority of people who administer servers for a living are not higher-level sysadmins. Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Boot Support from Installer
I'm responding to two people's comments here in one response. :) From: Brian A. Seklecki sekle...@noc.cfi.pgh.pa.us I make the suggestions because you're asking about an advanced topic, so I gave you an honest answer. Honest answers are appreciated. :) I'm not saying that the way you suggested was invalid, just that there ought to be an easier way. From: Tim Judd taj...@gmail.com And those who are unfamiliar with a system will likely use the default filesystem an OS provides. That's UFS2 for most people. For most people, yes. Most people don't need to be able to install FreeBSD over a serial cable or parallel cable, but those options are included in the installer. From: Tim Judd taj...@gmail.com Also, since ZFS is a hog when it comes to system resources, works best on amd64, and many other factors/tuning, you expect this all to be available if someone wants to install to an embedded firewall? Or to some little special purpose system? It already is available to everyone...it's just harder to install than it ought to be. A firewall probably doesn't need X11, but that's included in the installer. From: Tim Judd taj...@gmail.com I don't use ZFS, UFS2 works fine for me. I would find it ridiculous to see ZFS support in the installer, but all GEOM should be supported. Especially the raid3 and mirror. So, you like the idea of including RAID3 and mirror because that suits your needs, but my desire to see ZFS support is unreasonable because you don't have a need for ZFS? Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Boot Support from Installer
Valid point. I didn't make the clarification that I should have. graid3 and gmirror have reached the maturity and dedicated to the system, whereas ZFS is still experimental. When ZFS is no longer considered experimental, I would expect ZFS support in the installer in the same expectation I am expecting graid3 and gmirror to be. It's all about the status of ZFS itself, rather than the fact that it works. Your point is also valid. However, our experience with ZFS on the boxes that we have installed it has been nothing but positive since about 7.2, and Steve Bertrand has also posted that his experiences have been nothing but positive. I know that ZFS on FreeBSD hasn't gotten a stable rating yet, but it appears to be approaching that level and I don't think putting it in the installer (and perhaps marking it as beta) so that more people could test it and give feedback about bugs and their experiences would be a bad thing. To be clear, ZFS itself is indeed stable - our Solaris file servers are running it in multi-terabyte configurations on servers that get pounded to the order of nearly saturating a 1GB LAN link. ZFS is the only file system in our experience that has suffered no data losses in arrays with more than one terabyte (knock on wood). All other file systems have failed disastrously for us in multi-terabyte configurations. So what you're talking about is not the stability of ZFS itself, but the port of ZFS on FreeBSD. Does this paint a better picture to you of what I forgot to clarify in my original posting? Yes, clarity is key. Thanks! :) Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ZFS Boot Support from Installer
I wouldn't recommend using zfs at all right now, unless you want random crashes and lots of missing data.. ESPECIALLY in 8.0,1,2 versions. I'm using 7.2 at the moment with a standard UFS2 boot partition and a 500GB ZFS pool. My ZFS pool actually seems pretty stable. I did a make -j 16 buildworld buildkernel installkernel installworld using it as my /usr/src and /usr/obj and it performed beautifully. At the time I did that, it was configured as just a RAIDZ. I've since changed that to RAIDZ2, but I haven't beaten it up yet, so I don't know if there's a difference between the stability of RAIDZ and RAIDZ2. Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ZFS Boot Support from Installer
Hi, I was wondering if there was a plan or time line in place to support ZFS boot partitions in the installer. I Googled around a bit and found some how-to documents for setting it up in a hacky kind of way, but the impression I got is that support for ZFS partitions is coming to the installer in perhaps 7.3 or 8.0, and I wanted to confirm or dispel that myth before I go forward using the hacky method. Thanks! Tim Gustafson Baskin School of Engineering UC Santa Cruz t...@soe.ucsc.edu 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
NATD Reverse Proxy
Hi, I'm trying to build a server that will act as a gateway between my wireless network and the rest of the world. Here's an overview of the current setup: 1. FreeBSD 7.1 2. isc-dhcp3-server-3.0.5_2 3. natd configured to connect fxp0 (public network, dynamic IP) to fxp1 (private network, static IP) 4. ipfw 5. bind 6. apache 2.2 7. php 5.2.6 Right now, when someone connects to the private net, they get an IP address and can connect to the Internet no problemo. So, this is all working so far. What I'd like to do next is this: When someone obtains an IP address, I'm going to configure DHCP to block that IP using IPFW initially, and I'd like to redirect any requests that come from that IP to port 80 or 443 to be silently redirected to the local Apache installation, where the user can enter their login and password. Once they've been authenticated, the firewall will allow them to connect out to everywhere else. So, it seems to me that I need to use natd again to do a silent proxy of traffic from certain IPs on the private net to the server box. But, since I'm already using natd, I'm a little perplexed about how to set this up. Do I need to run a second instance of natd on a different port, and then update the firewall rules to divert to one or the other based on the user's authentication status? Or can this all be configured in one natd instance? Tim Gustafson SOE Webmaster UC Santa Cruz [EMAIL PROTECTED] 831-459-5354 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]