Re: OpenSSL-related problem
Patrick <[EMAIL PROTECTED]> writes: > Hi, > > I cvsup'd to the latest stable today, did all of the normal foo to get a > new kernel and world. I ended up with a system where any of my > ports/locally installed software that relies on OpenSSL craps out with > [...] I'm seeing similar stuff, but in ssh-add and scp in the base system. ~/ >/usr/bin/ssh-agent /usr/libexec/ld-elf.so.1: /usr/lib/libssh.so.2: Undefined symbol "EVP_aes_128_cbc" ~/ >ldd /usr/bin/ssh-agent /usr/bin/ssh-agent: libssh.so.2 => /usr/lib/libssh.so.2 (0x2806a000) libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x28099000) libc.so.4 => /usr/lib/libc.so.4 (0x2814e000) libz.so.2 => /usr/lib/libz.so.2 (0x281e7000) ~/ >ls -l /usr/lib/libcrypto* /usr/lib/libssl* /usr/lib/libssh* -r--r--r-- 1 root wheel 1607080 Feb 24 05:50 /usr/lib/libcrypto.a lrwxr-xr-x 1 root wheel 14 Feb 24 05:50 /usr/lib/libcrypto.so -> libcrypto.so.3 -r--r--r-- 1 root wheel 761916 Jan 18 19:34 /usr/lib/libcrypto.so.2 -r--r--r-- 1 root wheel 1021332 Feb 24 05:50 /usr/lib/libcrypto.so.3 -r--r--r-- 1 root wheel 1741816 Feb 24 05:50 /usr/lib/libcrypto_p.a -r--r--r-- 1 root wheel 274010 Feb 24 05:50 /usr/lib/libssh.a lrwxr-xr-x 1 root wheel 11 Feb 24 05:50 /usr/lib/libssh.so -> libssh.so.2 -r--r--r-- 1 root wheel 192276 Feb 24 05:50 /usr/lib/libssh.so.2 -r--r--r-- 1 root wheel 290138 Feb 24 05:50 /usr/lib/libssh_p.a -r--r--r-- 1 root wheel 249654 Feb 24 05:50 /usr/lib/libssl.a lrwxr-xr-x 1 root wheel 11 Feb 24 05:50 /usr/lib/libssl.so -> libssl.so.3 -r--r--r-- 1 root wheel 180744 Jan 18 19:34 /usr/lib/libssl.so.2 -r--r--r-- 1 root wheel 187400 Feb 24 05:50 /usr/lib/libssl.so.3 -r--r--r-- 1 root wheel 263878 Feb 24 05:50 /usr/lib/libssl_p.a FWIW, in my make.conf I have: MAKE_KERBEROS4= yes MAKE_KERBEROS5= yes And the kernel config has this as the only "cpu" line: cpu I686_CPU Can't think of anything else that's non-standard. -- Dan Pelleg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
fsck problem
I have a RAID-5 array on /home via vinum. This morning, the server (running 4.8-PRERELEASE, compiled last week) wouldn't allow anyone to login via ssh, imap, or console. So I had someone reboot the server via control-alt-delete. Then it said that not all processes would dia, use ps axl. Of course, since we couldn't login, this was pointless advise. :) We then used the reset button on the chassis. As I type, the server is in single user mode. The fsck commands result in: CAN NOT READ: BLK 16 I've looked at http://docs.freebsd.org/44doc/smm/03.fsck/paper.html and found its information less than encouraging. Since its said to "seek a guru", I was hoping that someone here could help my poor little school district. If this wasn't on vinum, I would assume that my next step would be to assume a dead drive and remove it and move on. However, this is a vinum array. I'm not sure how it could be a bad drive if the array is composed of 4 drives. Any help, pointers, etc. would be GREATLY appreciated. My entire school district is effectively dead in the water until this server is running again. TIA, Jaime To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
On Mon, Feb 24, 2003 at 06:33:58AM -0500, Dan Pelleg wrote: > I'm seeing similar stuff, but in ssh-add and scp in the base system. [...] > ~/ >ldd /usr/bin/ssh-agent > /usr/bin/ssh-agent: > libssh.so.2 => /usr/lib/libssh.so.2 (0x2806a000) > libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x28099000) You have the OpenSSL port installed. Remove it. Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
apache13-modssl depends on this port. I take it this no longer the case ? ---Mike At 08:31 AM 24/02/2003 -0600, Jacques A. Vidrine wrote: You have the OpenSSL port installed. Remove it. Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: fsck problem
On Mon, 24 Feb 2003, Jaime wrote: > As I type, the server is in single user mode. The fsck commands > result in: > CAN NOT READ: BLK 16 > vinum is not started. -- :{ [EMAIL PROTECTED] Andy Farkas System Administrator Speednet Communications http://www.speednet.com.au/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
On Mon, Feb 24, 2003 at 09:46:46AM -0500, Mike Tancsa wrote: > apache13-modssl depends on this port. I take it this no longer the case ? AFAIK, that was a bug. mod_ssl has never needed the port. [cc'ing Dirk, who may have full details] Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: fsck problem
New info for this problem: S array.p0.s0 crashed S array.p0.s1 up S array.p0.s2 up S array.p0.s3 stale Should I just "vinum start" at the shell? TIA, Jaime To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
"Jacques A. Vidrine" <[EMAIL PROTECTED]> writes: > On Mon, Feb 24, 2003 at 06:33:58AM -0500, Dan Pelleg wrote: > > I'm seeing similar stuff, but in ssh-add and scp in the base system. > [...] > > ~/ >ldd /usr/bin/ssh-agent > > /usr/bin/ssh-agent: > > libssh.so.2 => /usr/lib/libssh.so.2 (0x2806a000) > > libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x28099000) > > You have the OpenSSL port installed. Remove it. > Indeed, I did. I removed it and all seems fine now. Thanks! -- Dan Pelleg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: fsck problem
Jaime wrote: New info for this problem: S array.p0.s0 crashed S array.p0.s1 up S array.p0.s2 up S array.p0.s3 stale Should I just "vinum start" at the shell? Well, at this point you've got vinum started now. I would fix the raid problem before bothering with an fsck, if it were me. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
OpenSSL build failure identified...
/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to `EVP_aes_128_cbc' /usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to `EVP_aes_192_cbc' /usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to `EVP_aes_256_cbc' /usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to `HMAC_CTX_cleanup' *** Error code 1 Stop in /usr/src/secure/usr.bin/scp. *** Error code 1 Stop in /usr/src/secure/usr.bin. I discovered that the build would work fine under /bin/sh, but not under my normal shell, which is zsh. It turns out that having a /usr/local/bin/openssl (from a port-build of openssh-0.9.6g) in the path was causing the problem. Is a build failure resulting from an interaction with the user's $PATH regarded as a bug? -Chuck To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL build failure identified...
On Mon, Feb 24, 2003 at 11:17:21AM -0500, Chuck Swiger wrote: > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > >`EVP_aes_128_cbc' > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > >`EVP_aes_192_cbc' > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > >`EVP_aes_256_cbc' > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > >`HMAC_CTX_cleanup' > >*** Error code 1 > >Stop in /usr/src/secure/usr.bin/scp. > >*** Error code 1 > >Stop in /usr/src/secure/usr.bin. > > I discovered that the build would work fine under /bin/sh, but not under > my normal shell, which is zsh. > > It turns out that having a /usr/local/bin/openssl (from a port-build of > openssh-0.9.6g) in the path was causing the problem. Is a build failure > resulting from an interaction with the user's $PATH regarded as a bug? I dunno; I always clean my path before buildworld, but I don't see documentation to that effect. If anyone has an opinion about it, Ruslan probably does :-) [cc'd] Cheers, -- Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos [EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL build failure identified...
On Mon, Feb 24, 2003 at 10:32:28AM -0600, Jacques A. Vidrine wrote: > On Mon, Feb 24, 2003 at 11:17:21AM -0500, Chuck Swiger wrote: > > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > > >`EVP_aes_128_cbc' > > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > > >`EVP_aes_192_cbc' > > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > > >`EVP_aes_256_cbc' > > >/usr/obj/usr/src/i386/usr/lib/libssh.so: undefined reference to > > >`HMAC_CTX_cleanup' > > >*** Error code 1 > > >Stop in /usr/src/secure/usr.bin/scp. > > >*** Error code 1 > > >Stop in /usr/src/secure/usr.bin. > > > > I discovered that the build would work fine under /bin/sh, but not under > > my normal shell, which is zsh. > > > > It turns out that having a /usr/local/bin/openssl (from a port-build of > > openssh-0.9.6g) in the path was causing the problem. Is a build failure > > resulting from an interaction with the user's $PATH regarded as a bug? > > I dunno; I always clean my path before buildworld, but I don't see > documentation to that effect. If anyone has an opinion about it, > Ruslan probably does :-) [cc'd] > src/Makefile sets PATH=/sbin:/bin:/usr/sbin:/usr/bin before passing buildworld further to src/Makefile.inc1, so I don't see how that could be a problem. Similarly for zsh(1): make(1) uses sh(1) internally, and to make it use another shell, one needs to recompile make(1) with a different DEFSHELL. In any case, this feature isn't even in RELENG_4. Cheers, -- Ruslan Ermilov Sysadmin and DBA, [EMAIL PROTECTED] Sunbay Software AG, [EMAIL PROTECTED] FreeBSD committer, +380.652.512.251Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age pgp0.pgp Description: PGP signature
Re: OpenSSL build failure identified...
Ruslan Ermilov wrote: [ ... ] src/Makefile sets PATH=/sbin:/bin:/usr/sbin:/usr/bin before passing buildworld further to src/Makefile.inc1, so I don't see how that could be a problem. Hmm. OK. :-) Similarly for zsh(1): make(1) uses sh(1) internally, and to make it use another shell, one needs to recompile make(1) with a different DEFSHELL. In any case, this feature isn't even in RELENG_4. To be more specific as to what I did; I enabled and "su - toor" in order to pick up a clean /bin/sh environment. The build failure was completely reproducable after deleting /usr/src, /usr/obj, and /etc/make.conf...then re-cvsup'ing. More than once. After doing a "pkg_delete openssl-mumble", I was able to move my /etc/make.conf back in place and complete buildworld under zsh again. Assuming I'm able to reproduce this problem again-- I'm going to have to revert my /usr/ports, probably-- what information would be of value? -Chuck To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Maxtor Firewire Drives
On Sunday 23 February 2003 17:17, Daniel O'Connor wrote: > On Sun, 2003-02-23 at 14:22, Tenebrae wrote: > > I'm looking at using aforementioned hardware to back up my server. > > There aren't any more available IDE channels or even places inside the > > case to put another drive, so external is what I'm looking at. > > My favourite vendor also has an external PARALLEL drive enclosure. > > With the potential data corruption mentioned with Firewire, would I be > > better off with getting the parallel enclosure? > > I have too much data to back up to tape. Really? Even to those multi-drive parallel AIT network backup devices? Or must too much data to backup to tape on your budget? I've had good luck with VXA-1 tape drives in the past and Ecrix now has the VXA-2 drive with 80GB uncompressed capacity at roughly 20GB/hour throughput. The VXA-2 drive uses Ultra-2 SCSI interface, so finding a controller that is well supported on FreeBSD won't be a problem. (I've no stake in Ecrix or Exabyte who now owns them, other than as a satisfied customer twice.) > Parallel is hideously slow and inefficient. Uh, yeah, don't even consider it. > Personally I'd try Firewire, but I haven't had any problems with it > [yet]. > > Actually, I am wondering what sort of chipset the person who was having > corruption issues was using.. > > Older VIA chipsets have a bug which affects bus master transfers :( Please post information on your known good source. A known good provider of PCI firewire cards might be helpful for those whose motherboard features faulty or NO support for firewire, if anyone can recommend one or more of those... Ecrix makes the VXA-1 drive in external SCSI and FireWire enclosures. The VXA-2 is only available in Ultra-2 LVD SCSI, internal or external. Good luck with your backup solution, whatever it is. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC [EMAIL PROTECTED] http://softweyr.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message