Re: Compaq deskpro won't reboot
Following up on a *very* old post of mine (to current@) which I still get asked on: Dan Pelleg <[EMAIL PROTECTED]> writes: > Trying to make use of an old system - Compaq deskpro EN 350Mhz, I ran into > the following problem: If you issue a reboot(8) the machine shuts down, but > it never comes back. You have to hit the power button off and then back > on. Otherwise the machine just sits there, screen blank. The system does > shut down cleanly. This is fixed by doing two things: - enabling a jumper on the motherboard - updating the BIOS BIOS updates are available from HP. Find them by searching for the BIOS version. This shows up in the BIOS menu which you active by holding F10 during power-up. It will be something like "686T3" or "686T5". For example: http://h18007.www1.hp.com/support/files/Deskpro/us/locate/20_123.html http://h18007.www1.hp.com/support/files/deskpro/us/download/9249.html The download creates a floppy disk, which you then boot from. It will back up your current image (although you can do this yourself from the BIOS menu as well) and flash the ROM. Big thanks to Jason Lingohr <[EMAIL PROTECTED]> and Brian Booth for helping with this. -- Dan Pelleg ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
remounts (was: Re: adding "noschg" to ssh and friends)
"Karsten W. Rohrbach" <[EMAIL PROTECTED]> wrote: > there are some real high-impact tweaks to be a little bit safer from > rootkits. one of them is mounting /tmp noexec. drawback: you got to > remount it exec for make installworld. I always wondered... Why are remounts permitted in all securelevels? I mean, in a locked-down system where it's acceptable to force a reboot in order to upgrade (or run a rootkit), I should be able to enforce read-only mounts. Currently anyone (well, root) can just mount -u -w them. Is this an implementation problem in mount(2)? (I haven't looked at the code). Or is this going to break things for people (amd? in high securelevels?). What am I missing? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
nanobsd build problem
I'm trying to build nanobsd. I get the error below. Any ideas? - >>> stage 4.2: building libraries -- cd /usr/src; MAKEOBJDIRPREFIX=/usr/obj/nanobsd.soekris/ MACHINE_ARCH=i386 MACHINE=i386 CPUTYPE= GROFF_BIN_PATH=/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/bin GROFF_FONT_PATH=/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/share/tmac _SHLIBDIRPREFIX=/usr/obj/nanobsd.soekris//usr/src/tmp INSTALL="sh /usr/src/tools/install.sh" PATH=/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/sbin:/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/bin:/usr/obj/nanobsd.soekris//usr/src/tmp/legacy/usr/games:/usr/obj/nanobsd.soekris//usr/src/tmp/usr/sbin:/usr/obj/nanobsd.soekris//usr/src/tmp/usr/bin:/usr/obj/nanobsd.soekris//usr/src/tmp/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make -f Makefile.inc1 DESTDIR=/usr/obj/nanobsd.soekris//usr/src/tmp -DNO_FSCHG -DWITHOUT_HTML -DWITHOUT_INFO -DNO_LINT -DWITHOUT_MAN -DWITHOUT_NLS -DWITHOUT_PROFILE libraries cd /usr/src; make -f Makefile.inc1 _prereq_libs; make -f Makefile.inc1 _startup_libs; make -f Makefile.inc1 _prebuild_libs; make -f Makefile.inc1 _generic_libs; ===> gnu/lib/libgcc (obj,depend,all,install) make -f /usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile MFILE=/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile GCCDIR=/usr/src/gnu/lib/libgcc/../../../contrib/gcc tm.h make -f /usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile MFILE=/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile GCCDIR=/usr/src/gnu/lib/libgcc/../../../contrib/gcc tconfig.h make -f /usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile MFILE=/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile GCCDIR=/usr/src/gnu/lib/libgcc/../../../contrib/gcc options.h TARGET_CPU_DEFAULT="" HEADERS="options.h i386/i386.h i386/unix.h i386/att.h dbxelf.h elfos.h freebsd-native.h freebsd-spec.h freebsd.h i386/freebsd.h defaults.h" DEFINES="" /bin/sh /usr/src/gnu/lib/libgcc/../../../contrib/gcc/mkconfig.sh tm.h TARGET_CPU_DEFAULT="" HEADERS="auto-host.h ansidecl.h" DEFINES="USED_FOR_TARGET" /bin/sh /usr/src/gnu/lib/libgcc/../../../contrib/gcc/mkconfig.sh tconfig.h awk -f /usr/src/gnu/lib/libgcc/../../../contrib/gcc/opt-gather.awk /usr/src/gnu/lib/libgcc/../../../contrib/gcc/c.opt /usr/src/gnu/lib/libgcc/../../../contrib/gcc/common.opt /usr/src/gnu/lib/libgcc/../../../contrib/gcc/config/i386/i386.opt > optionlist echo '#define EXTRA_MODES_FILE "i386/i386-modes.def"' >> tm.h make -f /usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile MFILE=/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile GCCDIR=/usr/src/gnu/lib/libgcc/../../../contrib/gcc unwind.h make -f /usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile MFILE=/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools/Makefile GCCDIR=/usr/src/gnu/lib/libgcc/../../../contrib/gcc gthr-default.h ln -sf /usr/src/gnu/lib/libgcc/../../../contrib/gcc/unwind-generic.h unwind.h ln -sf /usr/src/gnu/lib/libgcc/../../../contrib/gcc/gthr-posix.h gthr-default.h awk -f /usr/src/gnu/lib/libgcc/../../../contrib/gcc/opt-functions.awk -f /usr/src/gnu/lib/libgcc/../../../contrib/gcc/opth-gen.awk < optionlist > options.h cc -c -O2 -fno-strict-aliasing -pipe -DIN_GCC -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED -DHAVE_GTHR_DEFAULT -I/usr/src/gnu/lib/libgcc/../../../contrib/gcclibs/include -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc/config -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc -I. -I/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools -fvisibility=hidden -DHIDE_EXPORTS -fPIC -DL_muldi3 -o _muldi3.o /usr/src/gnu/lib/libgcc/../../../contrib/gcc/libgcc2.c cc -c -O2 -fno-strict-aliasing -pipe -DIN_GCC -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED -DHAVE_GTHR_DEFAULT -I/usr/src/gnu/lib/libgcc/../../../contrib/gcclibs/include -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc/config -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc -I. -I/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools -fvisibility=hidden -DHIDE_EXPORTS -fPIC -DL_negdi2 -o _negdi2.o /usr/src/gnu/lib/libgcc/../../../contrib/gcc/libgcc2.c cc -c -O2 -fno-strict-aliasing -pipe -DIN_GCC -DIN_LIBGCC2 -D__GCC_FLOAT_NOT_NEEDED -DHAVE_GTHR_DEFAULT -I/usr/src/gnu/lib/libgcc/../../../contrib/gcclibs/include -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc/config -I/usr/src/gnu/lib/libgcc/../../../contrib/gcc -I. -I/usr/src/gnu/lib/libgcc/../../usr.bin/cc/cc_tools -fvisibility=hidden -DHIDE_EXPORTS -fPIC -DL_lshrdi3 -o _lshrdi3.o /usr/src/gnu/lib/libgcc/../../../contrib/gcc/libgcc2.c In file included from /usr/src/gnu/lib/libgcc/../../../contrib/gcc/libgcc2.c:33: /usr/src/gnu/lib/libgcc/../../../contrib/gcc/tsystem.h:47:20: error: stddef.h: No such file or directory /usr/src/gnu/lib/libgcc/../../../contrib/gcc/tsystem.h:48:19: error: float.h: No such file or dir
Re: nanobsd build problem
On Mon, Aug 18, 2008 at 08:43:22PM +, Ben Kelly wrote: > > On Mon, 18 Aug 2008 22:14:04 +0300, Dan Pelleg <[EMAIL PROTECTED]> > wrote: > > I'm trying to build nanobsd. I get the error below. Any ideas? > > > > /usr/src/gnu/lib/libgcc/../../../contrib/gcc/tsystem.h:111:18: error: > > time.h: No such file or directory > > *** Error code 1 > > Do you have WITHOUT_TOOLCHAIN set? That option currently only works for > the install target, not the build target. > > Hope that helps. > > - Ben Bingo. Unsetting it fixed the issue. Thanks! -- Dan ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
reboot on power button?
I'm setting up a PC-class machine to be used in an appliance-like setting. The people using it are far more likely to hit the power button then ctl-alt-del when they think it needs a restart (not often, but it may still happen). How do I tell ACPI to reboot when the power button is hit? Right now, I'm getting the expected sleep effect (S1 and S5 both work, suspending and shutting down respectively). I thought of installing a devd.conf entry, but it seems the event is intercepted beforehand. I need something like acpi_ibm's dev.acpi_ibm.0.events to pass the event over. Other approaches are also welcome. -- Dan Pelleg ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ath(4) for D-Link G520M on 5.5-R?
I just got the D-Link DWL-G520M PCI wireless card. I'm not interested in super-G or any other post-802.11b feature in particular; the reason I got it was because the marketing materials hinted that (at least some revision of it) had the Atheros chipset. It isn't recognized at all by ath(4) on 5.5. Here is the pciconf -lv section: [EMAIL PROTECTED]:14:0:class=0x02 card=0x3a681186 chip=0x0020168c rev=0x01 hdr=0x00 vendor = 'Atheros Communications Inc.' class= network subclass = ethernet The hardware version, as marked on the box, is A1, and firmware version 1.0.0.28. I also tried ndis(4). I downloaded the driver from: http://www.dlink.com/products/support.asp?pid=422&sec=0 and used the files net5513.inf and ar5513.sys. At first, ndiscvt complained about the following line (syntax error) "D:ARAI(A;;GA;;;BA)(A;;GA;;;SY)(A;CI;GA;;;IU)" which I commented out. It then completed. But after making, installing, and kldloading ndis, I see absolutely no output from ndis. Any hints? Is this more likely to work under 6.1? -- Dan Pelleg ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ath(4) for D-Link G520M on 5.5-R?
On Fri, Jun 02, 2006 at 11:54:33AM -0700, Freddie Cash wrote: > On Fri, June 2, 2006 11:46 am, Dan Pelleg wrote: > > I just got the D-Link DWL-G520M PCI wireless card. I'm not interested > > in super-G or any other post-802.11b feature in particular; the > > reason I got it was because the marketing materials hinted that (at > > least some revision of it) had the Atheros chipset. > > > > It isn't recognized at all by ath(4) on 5.5. Here is the pciconf -lv > > section: > > Check the output of dmesg when you kldload the ath modules. That will > tell you the version of the chips on the NIC. > No output whatsoever. Tried both with ath and ath_hal compiled in, and also as modules. wlan was always compiled in. > You should also consider upgrading to FreeBSD 6.x, as a lot of > improvements were made to the wireless stack, over an above the > improvements in 5.4/5.5. > > > [EMAIL PROTECTED]:14:0:class=0x02 card=0x3a681186 > > chip=0x0020168c rev=0x01 hdr=0x00 vendor = 'Atheros Communications > > Inc.' class= network subclass = ethernet > > > > Freddie Cash > [EMAIL PROTECTED] > > ___ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ipfw limit option
Eugene Grosbein <[EMAIL PROTECTED]> writes: > Hi! > > I'm trying to utilize ipfw limit option with 4.5-STABLE. > Till now I had stateless ipfw configuration that worked fine. > > Now I need to limit one of my TCP services with only 5 sessions > per IP. The service itself has global limit of 50 simultaneous > connections but cannot limit the number of connections per IP. > And it is abused. > > I have following rules for the service bound to TCP port : > > $fwcmd add 60130 pipe 3 tcp from $my_ip to any # for traffic shaping > $fwcmd add 60135 allow tcp from any to $my_ip > > Now I changed rule 60135 to > $fwcmd add 60135 allow tcp from any to $my_ip limit src-addr 5 > > This work basically, but: > > 1. Sometimes I see 8 connections per 1 ip, 6 are ESTABLESHED and >2 are CLOSE_WAIT. That does not bothers me too much but it shows: >that code is not very exact. > > 2. The kernel fills my logs and console with TONS of messages: > > Feb 7 15:11:32 www /kernel: OUCH! cannot remove rule, count 2 > Feb 7 15:11:32 www /kernel: drop session, too many entries > Feb 7 15:11:32 www last message repeated 3 times > Feb 7 15:11:33 www /kernel: OUCH! cannot remove rule, count 2 > Feb 7 15:11:33 www /kernel: drop session, too many entries > Feb 7 15:11:34 www last message repeated 80 times > > And so on. That's not what I expect to receive. How can 'drop session' > messages be silenced? And what do 'OUCH!' messages mean? > > Eugene Grosbein > See kern/32600. Unfortunately, the provided patch doesn't apply cleanly anymore (bitrot). I lost contact with the commiter ever since I posted the PR in early December. I'll try to post an updated patch in a few days. http://www.FreeBSD.org/cgi/query-pr.cgi?pr=32600 -- Dan Pelleg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
Patrick <[EMAIL PROTECTED]> writes: > Hi, > > I cvsup'd to the latest stable today, did all of the normal foo to get a > new kernel and world. I ended up with a system where any of my > ports/locally installed software that relies on OpenSSL craps out with > [...] I'm seeing similar stuff, but in ssh-add and scp in the base system. ~/ >/usr/bin/ssh-agent /usr/libexec/ld-elf.so.1: /usr/lib/libssh.so.2: Undefined symbol "EVP_aes_128_cbc" ~/ >ldd /usr/bin/ssh-agent /usr/bin/ssh-agent: libssh.so.2 => /usr/lib/libssh.so.2 (0x2806a000) libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x28099000) libc.so.4 => /usr/lib/libc.so.4 (0x2814e000) libz.so.2 => /usr/lib/libz.so.2 (0x281e7000) ~/ >ls -l /usr/lib/libcrypto* /usr/lib/libssl* /usr/lib/libssh* -r--r--r-- 1 root wheel 1607080 Feb 24 05:50 /usr/lib/libcrypto.a lrwxr-xr-x 1 root wheel 14 Feb 24 05:50 /usr/lib/libcrypto.so -> libcrypto.so.3 -r--r--r-- 1 root wheel 761916 Jan 18 19:34 /usr/lib/libcrypto.so.2 -r--r--r-- 1 root wheel 1021332 Feb 24 05:50 /usr/lib/libcrypto.so.3 -r--r--r-- 1 root wheel 1741816 Feb 24 05:50 /usr/lib/libcrypto_p.a -r--r--r-- 1 root wheel 274010 Feb 24 05:50 /usr/lib/libssh.a lrwxr-xr-x 1 root wheel 11 Feb 24 05:50 /usr/lib/libssh.so -> libssh.so.2 -r--r--r-- 1 root wheel 192276 Feb 24 05:50 /usr/lib/libssh.so.2 -r--r--r-- 1 root wheel 290138 Feb 24 05:50 /usr/lib/libssh_p.a -r--r--r-- 1 root wheel 249654 Feb 24 05:50 /usr/lib/libssl.a lrwxr-xr-x 1 root wheel 11 Feb 24 05:50 /usr/lib/libssl.so -> libssl.so.3 -r--r--r-- 1 root wheel 180744 Jan 18 19:34 /usr/lib/libssl.so.2 -r--r--r-- 1 root wheel 187400 Feb 24 05:50 /usr/lib/libssl.so.3 -r--r--r-- 1 root wheel 263878 Feb 24 05:50 /usr/lib/libssl_p.a FWIW, in my make.conf I have: MAKE_KERBEROS4= yes MAKE_KERBEROS5= yes And the kernel config has this as the only "cpu" line: cpu I686_CPU Can't think of anything else that's non-standard. -- Dan Pelleg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: OpenSSL-related problem
"Jacques A. Vidrine" <[EMAIL PROTECTED]> writes: > On Mon, Feb 24, 2003 at 06:33:58AM -0500, Dan Pelleg wrote: > > I'm seeing similar stuff, but in ssh-add and scp in the base system. > [...] > > ~/ >ldd /usr/bin/ssh-agent > > /usr/bin/ssh-agent: > > libssh.so.2 => /usr/lib/libssh.so.2 (0x2806a000) > > libcrypto.so.3 => /usr/local/lib/libcrypto.so.3 (0x28099000) > > You have the OpenSSL port installed. Remove it. > Indeed, I did. I removed it and all seems fine now. Thanks! -- Dan Pelleg To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Hardening production servers
Chuck Swiger <[EMAIL PROTECTED]> writes: > Paul Smith wrote: > [ ... ] > > Is there a way to take advantage of the portupgrade suite when it comes to > > building packages? I.e., is there a "make package" equivalent in portupgrade? > > I would imagine portupgrade would make packages of any dependicies as well, > > no? > > Exactly; use the "-p" option to portupgrade: > > -p > --package Build a package when each specified port is > installed or upgraded. If a package is upgraded > and its dependent packages are given from the com- > mand line (including the case where -r is speci- > fied), build packages for them as well. ...and on the installing side, use -PP. -- Dan Pelleg ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
