Manish Jain | 6 Mar 09:44 2015
Picon

How to set hostname for a machine intended to become company's mail server ?


Hi,

I am setting a FreeBSD 10.1 (amd64) machine for a company. This machine 
is to provide all important services including a mail server and 
printing services. The company's mail service is currently hosted by an 
external provider, who also looks after DNS.

At installation time, I set the machine name to 
roundabout.freebsd10dot1.amd64

When I starting work on setting up a mail server (yet to choose from 
Postfix/Qmail), I thought it would be better to change the hostname to 
freebsd10dot1.roundabout.com

When I did this and rebooted, I found that the X server fails to start. 
There are some lines in /var/log/Xorg.log complaining about invalid 
configuration in xorg.conf.d, but nothing much more except for a few 
control characters like Ctrl-O and Ctrl-B

What could be the problem here ?

--

-- 
Regards
Manish Jain

_______________________________________________
freebsd-questions <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe <at> freebsd.org"
(Continue reading)

Rick Thomas | 6 Mar 09:24 2015
Picon

Re: How to adjust clock frequency in FreeBSD 10.1 ?


> On 02/12/15 04:09, Rick Thomas wrote:
>> I’ve got a machine with a really bad clock.  When I run NTPD on it,
>> the freq goes straight to 500.0 (over a period of a few days) and
>> stays there, while the offset grows and grows.
>> 
>> I recently switched this machine from Debian Linux to FreeBSD
>> (wanting to learn more about FreeBSD).  Under Linux, I used
>> adjtimex to modify the TICK value and (once I had converged on the
>> right TICK value) NTP was able to stabilize the clock.
>> 
>> Is there an equivalent hack for FreeBSD?

On Feb 25, 2015, at 4:41 AM, lokadamus <at> gmx.de wrote:
> You can use a cronjob with ntpdate to synchronize your clock.
> But ntpd shouldn’t run, when ntpdate is used.
> 

As it turns out, current versions of ntpd will do as well as (actually better than) periodic ntpdate — even
under such adverse circumstances as this machine.  What it does is to attempt to slew the time using its
normal algorithms until the frequency adjustment gets pegged at 500ppm and the offset is over 1 second.
Then it steps the clock and starts the game all over.  This is better than previous versions of ntpd and
xntpd.  They would get to that point and abort — on the theory that something was acutely wrong and needed
human operator attention.  Current versions at least have the option of plugging on as best as possible.

So, with current ntpd, the system clock is never more than about 1 second off from network time.

And for a normal desktop machine (or ever a small-/home-office server) that’s really good enough and I
should stop complaining.  BUT…

(Continue reading)

javocado | 5 Mar 20:10 2015
Picon

veeam client pointing to FreeBSD - linux binary errors

Hello,

I am trying to point veeam, with its "linux target" to a FreeBSD system.

We've made a lot of progress - you have to set bash as the veeam users
shell as well
as give them sudo privs and make sure perl is on the system, etc.

At some point, Veeam uploads a linux binary executable and runs it, and
that is
succeeding as well, since we loaded linux.ko.

However, when this veeam server-side executable runs, we see this error:

[03.03.2015 21:03:56] < 49156> cli| Thread started. Thread id: 49156,
parent id:
16384, role: VRPC server thread
[03.03.2015 21:03:56] < 49156> net| Veeam RPC server started.
[03.03.2015 21:03:56] < 49156> net| Selected vRPC port: '2500'.
[03.03.2015 21:03:56] < 49156> net| Listening vRPC port '2500'.
[03.03.2015 21:03:56] < 16384> cli|   Client works in standalone
mode.[03.03.2015
21:03:57] < 49156> net| ERR |Veeam RPC server broken.
[03.03.2015 21:03:57] < 49156> net| >>  |WIN: Unable to update socket
keep-alive
settings. Error code: [92].
[03.03.2015 21:03:57] < 49156> net| >>  |An exception was thrown from
thread [49156].
[03.03.2015 21:03:57] < 49156> cli| Thread finished. Role: 'VRPC server
thread'.
(Continue reading)

Manish Jain | 5 Mar 16:38 2015
Picon

Is there any plan to adopt devtmpfs ?


Hi all,

I love FreeBSD, and a lot of people whom I have shown my box to have 
taken a fancy. It was with a lot of expectation that I downloaded and 
installed freebsd-10.1-i386. The system was likable enough, till I found 
a lot of hardware would not work - my canon printer gets detected in 
dmesg, but cups cannot locate any local printer; my APC UPS is able to 
perform a self test but is unable to shut down the system in case of a 
power outage on account of some communication failure re battery levels; 
and finally my keyboard stops responding. All these are USB devices, and 
I for some time believed that there might some problem with the USB stack.

Just for kicks, I decided to try Linux to see if my stuff works. On 
Debian 7.8, neither the printer works nor does the UPS. However, with 
Ubuntu 14.10 the printer detection and installation was a cinch. I did 
not test the UPS, but I am sure that would have worked too - but the 
Unity desktop is too painful for me to verify this fully.

The one thing I noticed about Ubuntu 14.10 is that it uses a lot of 
virtual filesystems, headed by devtmpfs. Is it possible that a lot of 
hardware that currently is not working smoothly on FreeBSD will liven up 
simply by migrating one step ahead of devfs ? If yes, is there a 
possibility that we might be getting devtmpfs in 10.2/11.x ?

Thanks &

--

-- 
Regards,

(Continue reading)

Doug Hardie | 4 Mar 08:21 2015

OpenSSL Ciphers

The default list of ciphers is quite extensive and includes some that are apparently causing some
potential security issues.  I have a number of applications that use OpenSSL and many don’t have the code
to restrict the list.  Fixing all that would take quite a bit of work.  However, looking into
/usr/include/openssl/ssl.h I find a definition for the SSL_DEFAULT_CIPHER_LIST.  The comments
indicate that that list is the one used when the application doesn’t specify anything.  I changed its
definition to:

#define SSL_DEFAULT_CIPHER_LIST "TLSv1+HIGH:!SSLv2:RC4+MEDIUM:!aNULL:!eNULL:!3DES: <at> STRENGTH:

However, s_connect will still create a connection with the export ciphers.  I tried adding !EXPORT to that
list and it had no effect.  Is the definition actually used by openssl or is it just there for documentation?
_______________________________________________
freebsd-questions <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe <at> freebsd.org"
rhannek | 4 Mar 04:20 2015
Picon
Picon

Can't attach geli after updating to FreeBSD 10.1

Hi,

I have an encrypted hard drive (not root) which I mount manually when I
actually need it. The storage has a single slice which is encrypted with
geli on top of which is a zfs file system.

After upgrading from 10.0-RELEASE to 10.1-RELEASE the device node
changed from /dev/ada1p1 to /dev/ada1s1 and I can't attach it anymore.
Trying to execute "geli attach ada1s1" I get "geli: Cannot read metadata
from ada1s1: Invalid argument."

When I roll back to 10.0 I have no problems.

Any ideas on how I can fix this?

Regards,
Gideon Lang

_______________________________________________
freebsd-questions <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe <at> freebsd.org"

Mason Loring Bliss | 4 Mar 02:57 2015

GELI key question...

Hi all.

Right now I've got root-on-ZFS-on-GELI from the 10.x installer, but I don't
understand all the moving parts, and I'd love some pointers. In particular,
the man pages geli(8) and loader.conf(5) don't tell me what I want.

I've got an ultimate goal and a short term goal. The short term goal is to
have a key on a USB stick (maybe in a UFS2 partition, maybe just data on the
disk itself - doesn't matter) and have loader.conf reference that as the key
to unlock my root disk(s), for unattended boot as long as the USB stick is
inserted in the system.

First thing that's unclear: Where is the GELI syntax for loader.conf
documented? The GELI man page gives examples of use, but it doesn't say how
the configs are composed.

For example, it shows this:

           geli_da0_keyfile0_load="YES"
           geli_da0_keyfile0_type="da0:geli_keyfile0"
           geli_da0_keyfile0_name="/boot/keys/da0.key0"

Is the name of the variable fixed there? What's interpreting it? Would this
be valid?

           geli_foo_keyfile0_load="YES"
           geli_foo_keyfile0_type="da0:geli_keyfile0"
           geli_foo_keyfile0_name="/boot/keys/da0.key0"

The _type variable seems to specify the device to which the variable applies.
(Continue reading)

Mike Tancsa | 3 Mar 22:54 2015
Picon

nfs mounted /tmp vs disk mounted /tmp


While trying to test in the lab a migration of disks from an old pci-x 
arcmrs array to a pcie card, I ran into an odd problem with the cli and 
raid management daemon.  I would start up the programs and they would 
immediately exit

Looking at the truss output, it seemed to bork soon after it tried to 
create a file in /tmp. Testing all the same hardware, but then booting 
from a disk, it worked.  Back to netboot, but this time with /tmp 
mounted via tmpfs, it also worked.  So it seems there is something about 
having tmp mounted via nfs that causes the program to die.  The issue 
seems to be the setting of locks. I am curious, is this something that 
can be worked around in nfs, or due to the nature of nfs, this is not 
possible ?  I think I saw this same issue with virtual box in a netboot 
environment 
(https://lists.freebsd.org/pipermail/freebsd-emulation/2014-July/011693.html)

....  nfs mounted /tmp
mknod("/dev/arcmsr0",020666,-6368)               = 0 (0x0)
open("/dev/arcmsr0",O_RDWR,00)                   = 3 (0x3)
ioctl(3,0xc4244e06 { IORW 0x4e('N'), 6, 1060 },0xffffe3e0) = 0 (0x0)
open("/tmp/arcmsr0",O_RDWR|O_CREAT,00)           = 4 (0x4)
getpid()                                         = 795 (0x31b)
fcntl(4,F_SETLKW,0x7ffffffcde10)                 ERR#45 'Operation not 
supported'

vs

tmpfs mounted /tmp

(Continue reading)

Janos Dohanics | 3 Mar 16:07 2015

Advice on net/asterisk

Hello List,

I'm considering to use net/asterisk for an office with 10-12 phones.
I'd welcome your suggestions, advice, tips, comments...

--

-- 
Janos Dohanics
_______________________________________________
freebsd-questions <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe <at> freebsd.org"

Ricardo Martín | 3 Mar 09:02 2015
Picon

Check root password changes done via single user mode


hi all,

wondering which would be the best approach to script check if the root
password has been changed via single user mode.

tia

_______________________________________________
freebsd-questions <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe <at> freebsd.org"

Robert Pascoe | 2 Mar 18:20 2015
Picon

Take your website responsibility with us!!!!!


*Hi  Team, *
Greetings and wishing you a wonderful day.

Hope you are doing well.

Here I want to inform you that if you want to beat your competitors and
boost your business in the web market, you should not delay in your website
promotion as there is a huge rush in the web market for accruing the top
page.

We will be optimizing your website and promote your website to the top
pages of the search engines like (Google, Yahoo, Bing). So you will get the
perfect ROI.

Our SEO services will help:

1. makes your website popular in the web market.
2. Increase your online sales.
3. Fix all technical errors of your website.
4. Increase your online visitors using suitable key phrases and quality
back links.
5. Google will consider as a best website.

Best Features:

1.No set up fees
2.No contract
3.24*7 Customer supports
4.Weekly and monthly report
(Continue reading)


Gmane