Re: add en_US.UTF8 support
Hi, Thank you very much for your reply. Le 2013-04-11 17:54, Stefan Sperling a écrit : Keep in mind that httpd runs in a chroot in /var/www. I run it using chroot with https support (-DSSL flags) I would recommend to run owncloud in the C locale. What do you mean by 'C locale' ? Warm regards, Wesley
Re: add en_US.UTF8 support
Le 2013-04-11 21:51, Stefan Sperling a écrit : On Thu, Apr 11, 2013 at 09:30:51PM +0400, Wesley M.A. wrote: What do you mean by 'C locale' ? The default locale is called the 'C' locale. It is used when you don't configure any locale via LC_CTYPE or LANG. It only supports the ASCII character set. However that doesn't mean that applications cannot use non-ASCII characters if they want to, they just won't get special support from the operating system for this task. Why are you trying to configure a UTF-8 locale? Do you have a special need for this in your use of owncloud? I get this in the admin console (warning log): Error core setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system And at the top : Locale not working This ownCloud server can't set system locale to en_US.UTF-8/en_US.UTF8. This means that there might be problems with certain characters in file names. We strongly suggest to install the required packages on your system to support en_US.UTF-8/en_US.UTF8. Owncloud used : the last 5.0.3 Any idea to fix this ? Again, thank you very much for your time! Cheers, Wesley
Re: add en_US.UTF8 support
Le 2013-04-11 22:29, Stefan Sperling a écrit : When I find time to upgrade to owncloud 5 I will look into this. It is possible that this will fix it: mkdir -p /var/www/usr/share/locale/en_US.UTF-8 cp /usr/share/locale/en_US.UTF-8/LC_CTYPE /var/www/usr/share/locale/en_US.UTF-8/LC_CTYPE But I haven't tested. It works. Again, thank you very much ! Cheers, Wesley
add en_US.UTF8 support
Hi, I run OpenBSD 5.3-current i386 (xbase.tgz included) I install php-5.3 /gd /zip added owncloud 5.0 from owncloud.org I read the faq : 10.20.1 - Configuring the active character set I tried this : export LC_CTYPE=en_US.ISO8859-1 and restart apache same error in Owncloud : setting locale to en_US.UTF-8/en_US.UTF8 failed. Support is probably not installed on your system Any idea ? Regards, Wesley M.A
Snort, DAQ, and established flow
Hi,
I use OpenBSD 5.3-beta
kern.version=OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST
2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
I have some questions:
1) If i run this : $(whereis snort) -v # give me :
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
ERROR: Can't find pcap DAQ!
Fatal Error, Quitting..
what is missing ? i already tried add p5-Net-Pcap, py-libpcap, same
error...
2) i have these rules in my local.rules file :
# detect RDP
alert tcp $HOME_NET any - any 3389 (msg : traffic rdp; sid:110091)
# detect social network : 8minutesDating
alert tcp $HOME_NET any - $EXTERNAL_NET $HTTP_PORTS (msg:SOCIAL NET -
8minuteD
ating; flow:to_server,established; content:Host\:;
pcre:/(Host\:)(\s[a-zA-Z0-9.-]+\.|\s)(8minutedating.c
om)\r\n/; sid: 1871000;)
RDP Alert works well.
But social network alert doesn't work if i let the rule option
flow:to_server,established activated.
Any idea ?
Thank you very much for your help!
Cheers,
Wesley
My snort.conf file :
-
ipvar HOME_NET 10.100.1.0/24
ipvar EXTERNAL_NET !$HOME_NET
ipvar DNS_SERVERS $HOME_NET
ipvar SMTP_SERVERS $HOME_NET
ipvar HTTP_SERVERS $HOME_NET
ipvar SQL_SERVERS $HOME_NET
ipvar TELNET_SERVERS $HOME_NET
ipvar SSH_SERVERS $HOME_NET
ipvar FTP_SERVERS $HOME_NET
ipvar SIP_SERVERS $HOME_NET
portvar HTTP_PORTS
[80,81,311,591,593,901,1220,1414,1830,2301,2381,2809,3128,3702,4343,5250,7001,7145,7510,,7779,8000,8008,8014,8028,8080,8088,8118,8123,8180,8181,8243,8280,8800,,8899,9080,9090,9091,9443,,11371,5]
portvar SHELLCODE_PORTS !80
portvar ORACLE_PORTS 1024:
portvar SSH_PORTS 22
portvar FTP_PORTS [21,2100,3535]
portvar SIP_PORTS [5060,5061,5600]
portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143]
portvar GTP_PORTS [2123,2152,3386]
ipvar AIM_SERVERS
[64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24]
var RULE_PATH /etc/snort/rules
var SO_RULE_PATH /etc/snort/so_rules
var PREPROC_RULE_PATH /etc/snort/preproc_rules
config disable_decode_alerts
config disable_tcpopt_experimental_alerts
config disable_tcpopt_obsolete_alerts
config disable_tcpopt_ttcp_alerts
config disable_tcpopt_alerts
config disable_ipopt_alerts
config checksum_mode: all
config daq_dir: /usr/local/lib/daq/
config pcre_match_limit: 3500
config pcre_match_limit_recursion: 1500
config detection: search-method ac-split search-optimize
max-pattern-len 20
config event_queue: max_queue 8 log 3 order_events content_length
config paf_max: 16000
dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so
dynamicdetection directory /usr/local/lib/snort_dynamicrules
preprocessor normalize_ip4
preprocessor normalize_tcp: ips ecn stream
preprocessor normalize_icmp4
preprocessor normalize_ip6
preprocessor normalize_icmp6
preprocessor frag3_global: max_frags 65536
preprocessor frag3_engine: policy windows detect_anomalies
overlap_limit 10 min_fragment_length 100 timeout 180
preprocessor stream5_global: track_tcp yes, \
track_udp yes, \
track_icmp no, \
max_tcp 262144, \
max_udp 131072, \
max_active_responses 2, \
min_response_seconds 5
preprocessor stream5_tcp: policy windows, detect_anomalies,
require_3whs 180, \
overlap_limit 10, small_segments 3 bytes 150, timeout 180, \
ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137
139 143 \
161 445 513 514 587 593 691 1433 1521 2100 3306 6070 6665
6667 6668 6669 \
7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778
32779, \
ports both 80 81 311 443 465 563 591 593 636 901 989 992 993 994
995 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 7907 7001 7145
7510 7802 7779 \
7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911
7912 7913 7914 7915 7916 \
7917 7918 7919 7920 8000 8008 8014 8028 8080 8088 8118 8123
8180 8243 8280 8800 8899 9080 9090 9091 9443 11371 5
preprocessor stream5_udp: timeout 180
preprocessor http_inspect: global iis_unicode_map unicode.map 1252
compress_depth 65535 decompress_depth 65535
preprocessor http_inspect_server: server default \
http_methods { GET POST PUT SEARCH MKCOL COPY MOVE LOCK UNLOCK
NOTIFY POLL BCOPY BDELETE BMOVE LINK UNLINK OPTIONS HEAD DELETE TRACE
TRACK CONNECT SOURCE SUBSCRIBE UNSUBSCRIBE PROPFIND PROPPATCH BPROPFIND
BPROPPATCH RPC_CONNECT PROXY_SUCCESS BITS_POST CCM_POST SMS_POST
RPC_IN_DATA RPC_OUT_DATA RPC_ECHO_DATA } \
chunk_length 50 \
server_flow_depth 0 \
client_flow_depth 0 \
post_depth 65495 \
oversize_dir_length 500 \
max_header_length 750 \
max_headers 100 \
max_spaces 0 \
small_chunk_length { 10 5 } \
ports { 80 81 311 591 593 901 1220 1414 1830 2301 2381 2809 3128
3702 4343 5250 7001 7145
openbsd5.3-beta, pf.conf, new keyword : once
Hi, I just see this in the pf.conf manpage: onceCreates a one shot rule that will remove itself from an active ruleset after the first match. In case this is the only rule in the anchor, the anchor will be destroyed automatically after the rule is matched. It is a excellent feature, is it possible to have a example of use ? Cheers, Wesley.
OpenBSD5.3-beta, kernel panic : pf.conf with once option
Hi,
I'm running :
kern.version=OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST
2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
2 network cards : bge0 and axe0
pfctl -vf /etc/pf.conf load the ruleset, but just after i do telnet
hostname.on.internet 110 this on a workstation, i have a kernel panic
on my OpenBSD gateway :
uvm_fault(0xd0a51660,0x0, 0, 1) - e
Kernel: page fault trap, code=0
Stopped at pf_purge_rule +0x11: mov 0x10(%ebx),%eax
my pf.conf :
ports_tcp={80 25 443 587 995 21}
set skip on lo
match out on egress inet from bge0:network to any nat-to egress
block log all
pass out
pass in on bge0 inet proto icmp icmp-type echoreq
pass in on bge0 inet proto tcp from bge0:network to any port $ports_tcp
pass in on bge0 inet proto tcp from bge0:network to any port 110 once
pass in on bge0 inet proto udp from bge0:network to any port domain
pass in on bge0 inet proto tcp from bge0:network to any port 22
my dmesg :
---
OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST 2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel
686-class) 1.73 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,PBE,NXE,EST,TM2,PERF
real mem = 2137059328 (2038MB)
avail mem = 2091167744 (1994MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 05/30/05, BIOS32 rev. 0 @
0xfd5f0, SMBIOS rev. 2.3 @ 0xe71e0 (61 entries)
bios0: vendor FUJITSU // Phoenix Technologies Ltd. version Version
1.05 date 05/30/2005
bios0: FUJITSU SIEMENS LIFEBOOK S7020
acpi0 at bios0: rev 0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC SSDT SSDT SSDT SSDT MCFG BOOT
acpi0: wakeup devices PCIB(S4) UAR1(S3) MODM(S3) AZAL(S3) EXP1(S4)
EXP2(S4) LID_(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 133MHz
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe000, bus 0-6
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 6 (PCIB)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpicpu0 at acpi0: C3, C2, PSS
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: PWRB
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: CMB1 model CP191240 / CP191241 serial 1 type LION
oem Fujitsu
acpibat1 at acpi0: CMB2 not present
acpidock0 at acpi0: REPL not docked (0)
acpivideo0 at acpi0: GFX0
bios0: ROM list: 0xc/0xf200! 0xcf800/0x1000 0xd0800/0x1600
0xdc000/0x4000!
cpu0: Enhanced SpeedStep 1730 MHz: speeds: 1733, 1333, 1067, 800 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 82915GM Host rev 0x03
vga1 at pci0 dev 2 function 0 Intel 82915GM Video rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp0 at vga1
agp0 at intagp0: aperture at 0xc000, size 0x1000
inteldrm0 at vga1: apic 1 int 16
drm0 at inteldrm0
Intel 82915GM Video rev 0x03 at pci0 dev 2 function 1 not configured
azalia0 at pci0 dev 27 function 0 Intel 82801FB HD Audio rev 0x04:
msi
azalia0: codecs: Realtek ALC260, ATT/Lucent/0x3026, using Realtek
ALC260
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x04: apic 1
int 17
pci1 at ppb0 bus 2
bge0 at pci1 dev 0 function 0 Broadcom BCM5751M rev 0x11, BCM5750 B1
(0x4101): apic 1 int 16, address 00:0b:5d:94:e3:23
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
ppb1 at pci0 dev 28 function 1 Intel 82801FB PCIE rev 0x04: apic 1
int 16
pci2 at ppb1 bus 3
uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x04: apic 1
int 23
uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x04: apic 1
int 19
uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x04: apic 1
int 18
uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x04: apic 1
int 16
ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x04: apic 1
int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd4
pci3 at ppb2 bus 6
cbb0 at pci3 dev 3 function 0 O2 Micro OZ711MP1 CardBus rev 0x20:
apic 1 int 16
iwi0 at pci3 dev 5 function 0 Intel PRO/Wireless 2200BG rev 0x05:
apic 1 int 18, address 00:13:ce:60:16:17
TI TSB43AB21 FireWire rev 0x00 at pci3 dev 6 function 0 not
configured
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 7 device 0 cacheline 0x0, lattimer 0x20
pcmcia0 at cardslot0
ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x04: PM
disabled
pciide0 at pci0 dev 31 function 1 Intel 82801FB IDE rev 0x04: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
pciide0: channel 0 disabled (no drives)
pciide0: channel 1 ignored
Re: openbsd5.3-beta, pf.conf, new keyword : once
Le 2013-02-22 16:52, Scott McEachern a écrit : On 02/22/13 07:43, Wesley M.A. wrote: Hi, I just see this in the pf.conf manpage: onceCreates a one shot rule that will remove itself from an active ruleset after the first match. In case this is the only rule in the anchor, the anchor will be destroyed automatically after the rule is matched. It is a excellent feature, is it possible to have a example of use ? Cheers, Wesley. Actually it was put in about a year and a half ago: http://www.openbsd.org/cgi-bin/cvsweb/src/share/man/man5/pf.conf.5.diff?r1=1.507;r2=1.508;f=h my fault! Nitpicking aside, thanks for mentioning it... I didn't know about it either until now! ;-) -- Wesley
Re: Snort, DAQ, and established flow
Thank you very much for your answer. I just read man pages... Cheers, Wesley Le 2013-02-22 18:35, Chris Eidem a écrit : Spend more time reading the docs: https://www.snort.org/start/requirements -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- DAQ DAQ is the Data-Acquisition API that is necessary to use Snort version 2.9.0 and above. For more information and to download please visit DAQ[1] -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Any more chatter about snort is not relevant to this list, take your questions to the snort listserve. [1] http://www.snort.org/downloads/2103 -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Wesley M.A. Sent: Friday, February 22, 2013 5:06 AM To: misc@openbsd.org Subject: Snort, DAQ, and established flow Hi, I use OpenBSD 5.3-beta kern.version=OpenBSD 5.3-beta (GENERIC) #33: Fri Feb 15 17:03:34 MST 2013 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC I have some questions: 1) If i run this : $(whereis snort) -v # give me : Running in packet dump mode --== Initializing Snort ==-- Initializing Output Plugins! ERROR: Can't find pcap DAQ! Fatal Error, Quitting.. what is missing ? i already tried add p5-Net-Pcap, py-libpcap, same error... 2) i have these rules in my local.rules file : # detect RDP alert tcp $HOME_NET any - any 3389 (msg : traffic rdp; sid:110091) # detect social network : 8minutesDating alert tcp $HOME_NET any - $EXTERNAL_NET $HTTP_PORTS (msg:SOCIAL NET - 8minuteD ating; flow:to_server,established; content:Host\:; pcre:/(Host\:)(\s[a-zA-Z0-9.-]+\.|\s)(8minutedating.c om)\r\n/; sid: 1871000;) RDP Alert works well. But social network alert doesn't work if i let the rule option flow:to_server,established activated. Any idea ? Thank you very much for your help! Cheers, Wesley My snort.conf file : - ipvar HOME_NET 10.100.1.0/24 ipvar EXTERNAL_NET !$HOME_NET ipvar DNS_SERVERS $HOME_NET ipvar SMTP_SERVERS $HOME_NET ipvar HTTP_SERVERS $HOME_NET ipvar SQL_SERVERS $HOME_NET ipvar TELNET_SERVERS $HOME_NET ipvar SSH_SERVERS $HOME_NET ipvar FTP_SERVERS $HOME_NET ipvar SIP_SERVERS $HOME_NET portvar HTTP_PORTS [80,81,311,591,593,901,1220,1414,1830,2301,2381,2809,3128,3702,4343,5250,7001,7145,7510,,7779,8000,8008,8014,8028,8080,8088,8118,8123,8180,8181,8243,8280,8800,,8899,9080,9090,9091,9443,,11371,5] portvar SHELLCODE_PORTS !80 portvar ORACLE_PORTS 1024: portvar SSH_PORTS 22 portvar FTP_PORTS [21,2100,3535] portvar SIP_PORTS [5060,5061,5600] portvar FILE_DATA_PORTS [$HTTP_PORTS,110,143] portvar GTP_PORTS [2123,2152,3386] ipvar AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/so_rules var PREPROC_RULE_PATH /etc/snort/preproc_rules config disable_decode_alerts config disable_tcpopt_experimental_alerts config disable_tcpopt_obsolete_alerts config disable_tcpopt_ttcp_alerts config disable_tcpopt_alerts config disable_ipopt_alerts config checksum_mode: all config daq_dir: /usr/local/lib/daq/ config pcre_match_limit: 3500 config pcre_match_limit_recursion: 1500 config detection: search-method ac-split search-optimize max-pattern-len 20 config event_queue: max_queue 8 log 3 order_events content_length config paf_max: 16000 dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/ dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so dynamicdetection directory /usr/local/lib/snort_dynamicrules preprocessor normalize_ip4 preprocessor normalize_tcp: ips ecn stream preprocessor normalize_icmp4 preprocessor normalize_ip6 preprocessor normalize_icmp6 preprocessor frag3_global: max_frags 65536 preprocessor frag3_engine: policy windows detect_anomalies overlap_limit 10 min_fragment_length 100 timeout 180 preprocessor stream5_global: track_tcp yes, \ track_udp yes, \ track_icmp no, \ max_tcp 262144, \ max_udp 131072, \ max_active_responses 2, \ min_response_seconds 5 preprocessor stream5_tcp: policy windows, detect_anomalies, require_3whs 180, \ overlap_limit 10, small_segments 3 bytes 150, timeout 180, \ ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137 139 143 \ 161 445 513 514 587 593 691 1433 1521 2100 3306 6070 6665 6667 6668 6669 \ 7000 8181 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779, \ ports both 80 81 311 443 465 563 591 593 636 901 989 992 993 994 995 1220 1414 1830 2301 2381 2809 3128 3702 4343 5250 7907 7001 7145 7510 7802 7779 \ 7801 7900 7901 7902 7903 7904 7905 7906 7908 7909 7910 7911 7912 7913 7914 7915 7916 \ 7917 7918 7919 7920 8000 8008 8014 8028 8080 8088 8118 8123 8180 8243 8280 8800 8899 9080 9090 9091 9443 11371 5 preprocessor stream5_udp: timeout 180 preprocessor
Re: Snort, DAQ, and established flow
Please read /usr/local/share/doc/pkg-readmes/snort-2.9.4.0 for OpenBSD-specific Snort documentation. Specifically, the recommended way to start Snort is to use the /etc/rc.d/snort script. The rc.d(8) man page has information about rc.d scripts. Hope this helps, Lawrence You are very funny, i already read /usr/local/share/doc/pkg-readmes/* And the same for : Configure /etc/snort/snort.conf (HOME_NET, EXTERNAL_NET, var...RULES) local.rules file And put pkg_scripts=snort in /etc/rc.conf.local and start it manually with /etc/rc.d/snort start Therefore thank you for your trie. Cheers, Wesley
Re: Snort, DAQ, and established flow
Le 2013-02-22 20:34, Lawrence Teo a écrit : So when you start Snort with the rc.d script, the rc.d script runs snort with -c /etc/snort/snort.conf, so it knows where to find the DAQ modules. If you want to use snort -v without using the config file: snort --daq-dir=/usr/local/lib/daq/ -v Lawrence Thank you very much. Wesley
Re: OpenBSD5.3-beta, kernel panic : pf.conf with once option
Le 2013-02-22 21:41, Mike Belopuhov a écrit : short answer: don't do that. you have to use an anchor. regarding the actual crash -- i'll look at it asap. Thank you very much for your reply, your advice. Wesley
Re: daily.output and ROOTBACKUP
Hi 'man 5 crontab' give : Command output is mailed to the crontab owner It is why you have root emails...(root backups are provided from security scripts (from daily)) Cheers, Wesley Le 2013-02-04 20:03, Peter Bisroev a écrit : Hi All, This is a very minor issue, and I could possibly have missed something in the documentation since I do not see people asking this question on the mailing lists. So if someone could point me in the right direction it would be really appreciated. I am using OpenBSD 5.2 on a number of hosts, and all works great. I have daily.local setup as follows: -- cat /etc/daily.local ROOTBACKUP=1 VERBOSESTATUS=0 -- Normal daily output is not emailed, however because I do have ROOTBACKUP=1 I get daily emails about root backups as shown below: -- OpenBSD 5.2 (GENERIC.MP) #368: Wed Aug 1 10:04:49 MDT 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP 1:31AM up 24 days, 1:40, 0 users, load averages: 0.78, 0.28, 0.15 Backing up root=/dev/rwd0a to /dev/rwd0d: 131527+0 records in 131527+0 records out 1077469184 bytes transferred in 57.954 secs (18591693 bytes/sec) ** /dev/rwd0d ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 1756 files, 26205 used, 490058 free (50 frags, 61251 blocks, 0.0% fragmentation) MARK FILE SYSTEM CLEAN? yes * FILE SYSTEM WAS MODIFIED * -- The reason that I am getting this output makes sense, since the daily manpage states: -- If set to 0, df(1), dump(8), netstat(1), and ruptime(1) are skipped. Consequently, if none of the other commands produce any output, no mail will be sent to root. -- So what would be the correct way to instruct the rootbackup process not to produce output unless something is wrong? Thank you! --peter
add a daemon user
Hi, To add a daemon user like for example _nginx : useradd -L daemon -d /var/empty -s /sbin/nologin -g =uid _nginx Is this enough ? Thank you very much. Cheers, Wesley
Re: add a daemon user
Le 2013-01-29 21:40, jca+o...@wxcvbn.org a écrit : Wesley M.A. open...@e-solutions.re writes: Hi, Hi To add a daemon user like for example _nginx : useradd -L daemon -d /var/empty -s /sbin/nologin -g =uid _nginx Is this enough ? [...] Depends. Your _nginx user will likely serve files, you don't want to put them in /var/empty, which is where other daemons chroot. Do you want to chroot? Why not use the www user? Why not use the devel nginx package, if you need a more recent version? I want to make work mailserv (ie mailserv.github.com) on OpenBSD-5.2 When i install it, _nginx was not created. It is why my question. Thank you. -- Wesley
Re: /var/backups strange behaviour
My mistake ! I undestand better. Thank you very much. Cheers, Wesley Le 2013-01-07 17:07, Otto Moerbeek a écrit : On Mon, Jan 07, 2013 at 04:49:12PM +0400, Wesley wrote: Hi Before do anything, i read this : man 8 daily I just installed a fresh OpenBSD-5.2 and /var/backups : empty I don't understand why backup is enabled in /var/backups. I explain, if i run the script : 'sh /etc/daily', backups is done. (i.e 'ls /var/backups') In the manpage of daily, it will backup only if : ROOTBACKUP Variable is enable (=1) or altroot partition in /etc/fstab Actually none of these 2 statements are present. Any idea ? Thank you very much. Regards, Wesley You are confusing things. ROOTBACKUP and config files backups are rtwo different things. Reading docs (and checking references helps): See security(8) (run by daily(8) as documented) and changelist(5) (referred to by security(8)). -Otto
