From owner-freebsd-isp Sun Mar 17 14:14:24 2002 Delivered-To: freebsd-isp@freebsd.org Received: from rubeus.alfred.cx (rubeus.alfred.cx [150.101.93.190]) by hub.freebsd.org (Postfix) with ESMTP id 8EA8B37B404 for ; Sun, 17 Mar 2002 14:14:20 -0800 (PST) Received: (from andrew@localhost) by rubeus.alfred.cx (8.11.6/8.11.6) id g2HNDwp00296; Mon, 18 Mar 2002 09:43:58 +1030 (CST) (envelope-from andrew) Date: Mon, 18 Mar 2002 09:43:58 +1030 From: Andrew Reid To: Fabrizio Ravazzini Cc: Odhiambo Washington , freebsd-isp@freebsd.org Subject: Re: Webmail App for virtual domains hosting Message-ID: <20020317231358.GC257@rubeus.alfred.cx> References: <20020315171958.GE97915@ns2.wananchi.com> <20020316072509.16130.qmail@web20102.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020316072509.16130.qmail@web20102.mail.yahoo.com> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Mar 16, 2002 at 08:25:09AM +0100, Fabrizio Ravazzini wrote: > Hello Odhi, you need Imp (part of Horde framework, > www.horde.org). > It's a very good php-mysql webmail, quite long but not > difficult installation. Eh? When I installed IMP-3.0 the other day, it was a simple matter of: # cd /usr/ports/mail/imp-devel # make install ... and then a quick fiddle with the configuration and SQL to make the preferences work. In an ISP environment, preferences probably aren't required, making it even easier. - andrew -- | Andrew Reid [mailto:andrew.reid@plug.cx] | Network Wrangler, Bit Herder | C: +61-401-946-813 F: +61-8-8379-1093 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Mar 17 23:41: 1 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web20107.mail.yahoo.com (web20107.mail.yahoo.com [216.136.226.44]) by hub.freebsd.org (Postfix) with SMTP id 9FD0837B404 for ; Sun, 17 Mar 2002 23:40:55 -0800 (PST) Message-ID: <20020318074055.3237.qmail@web20107.mail.yahoo.com> Received: from [193.227.212.161] by web20107.mail.yahoo.com via HTTP; Mon, 18 Mar 2002 08:40:55 CET Date: Mon, 18 Mar 2002 08:40:55 +0100 (CET) From: =?iso-8859-1?q?Fabrizio=20Ravazzini?= Subject: Re: Webmail App for virtual domains hosting To: Andrew Reid Cc: freebsd-isp@freebsd.org In-Reply-To: <20020317231358.GC257@rubeus.alfred.cx> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ups! I didn't know there was the port, I've installed Imp only on Linux Bye --- Andrew Reid ha scritto: > On Sat, Mar 16, 2002 at 08:25:09AM +0100, Fabrizio > Ravazzini wrote: > > > Hello Odhi, you need Imp (part of Horde framework, > > www.horde.org). > > It's a very good php-mysql webmail, quite long but > not > > difficult installation. > > Eh? When I installed IMP-3.0 the other day, it was a > simple matter of: > > # cd /usr/ports/mail/imp-devel > # make install > > ... and then a quick fiddle with the configuration > and SQL to make the > preferences work. In an ISP environment, preferences > probably aren't > required, making it even easier. > > - andrew > > -- > | Andrew Reid [mailto:andrew.reid@plug.cx] > | Network Wrangler, Bit Herder > | C: +61-401-946-813 F: +61-8-8379-1093 ______________________________________________________________________ La reginetta del pop è tornata! Ascolta'I'm Not A Girl, Not Yet A Woman' su Yahoo! http://it.yahoo.com/mail_it/foot/?http://it.music.yahoo.com/britney/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Mar 18 17:30: 3 2002 Delivered-To: freebsd-isp@freebsd.org Received: from nlaredo.globalpc.net (nld2.globalpc.net [207.193.206.189]) by hub.freebsd.org (Postfix) with ESMTP id 6D83B37B402 for ; Mon, 18 Mar 2002 17:29:51 -0800 (PST) Received: from ds9 (ds9.globalpc.net [207.193.204.57]) by nlaredo.globalpc.net (8.9.3/8.9.3) with SMTP id TAA84906 for ; Mon, 18 Mar 2002 19:31:55 -0600 (CST) (envelope-from adrianbsd@globalpc.net) Message-Id: <3.0.6.32.20020318193129.01027cd8@globalpc.net> X-Sender: adrianbsd@globalpc.net (Unverified) X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.6 (32) Date: Mon, 18 Mar 2002 19:31:29 -0600 To: freebsd-isp@freebsd.org From: Adrian Gonzalez Subject: 4.5-STABLE kernel panic - panic: malloc: lost data Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I'm having a few problems with a server. It's getting kernel panics 3-4 times a week, unfortunately, the server is at a remote POP and I can't get to it right when it happens. I cvsup'ed and recompiled the kernel and system, and made sio0 the console (flags 0x30). After waiting a couple of days for the crash, here's what I got: panic: malloc: lost data mp_lock = 01000001; cpuid = 1; lapic.id = 00000000 boot() called on cpu#1 syncing disks... 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 35 giving up on 31 buffers Uptime: 2d19h56m19s mly0: flushing cache...done Automatic reboot in 15 seconds - press a key on the console to abort Rebooting... This is the only one I've logged so far. Another problem seems to be that sometimes logged messages are chopped to the first one or two characters on the serial console, like: Mar 18 18:32:50 test /kernel: arp: x.x.x.x moved from 00:c0:05:04:28:72 to 00:c0:05:04:16:00 on fxp0 MaMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMaMMMMMaMMMMMMMMMMMMMMMMMMMMMMMMMMM MMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMMM MMMMMMMMMMMMMMMMMMMMMMMMar 18 18:52:00 radius[19913]: unix_pass: password for failed The serial console is configured at 115200, the serial port works fine for other purposes. No hardware changes have been made to the machine for several months now. The box is a dual PIII (Asus CUR-DLS, serverworks chipset). Basically I have two questions: What can cause this kind of kernel panic? Why are the log messages being chopped? Any help would be greatly appreciated Thanks -Adrian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Mar 19 5:41:39 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.mango-bay.com (mail.mango-bay.com [208.206.15.12]) by hub.freebsd.org (Postfix) with ESMTP id 4F0F437B405 for ; Tue, 19 Mar 2002 05:40:55 -0800 (PST) Received: from barbish ([63.70.155.61]) by mail.mango-bay.com (Post.Office MTA v3.5.3 release 223 ID# 0-52377U2500L250S0V35) with SMTP id com for ; Tue, 19 Mar 2002 08:40:53 -0500 From: "Joe & Fhe Barbish" To: Subject: Security knobs, when do they execute? Date: Tue, 19 Mar 2002 08:40:51 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org To all the FBSD security wizards. I have found this list of special security knobs that have impressive sounding names. The information that is missing is WHEN do these knobs get control to do their thing? The normal flow for inbound packet would be User ppp filter, kernel, Nat, and ipfw. Where does each one get control to do it's thing? When these knobs do there thing is there some way to record the event happened? I know log_in_vain issues a message, but I have not gotten anything from the others. Are there any knobs I missed? log_in_vain="YES" icmp_drop_redirect="YES" tcp_drop_synfin="YES tcp_restrict_rst="YES" syslogd_flags="-ss" portmap_enable="NO" sysctl net.inet.tcp.blackhole=2 sysctl net.inet.udp.blackhole=1 Background Info # Extra firewalling options log_in_vain="YES" # NO is default. YES enables logging of # connection attempts to ports that have no # listening socket on them. Put msg on consol icmp_drop_redirect="YES" # YES will cause the kernel to ignore # ICMP REDIRECT packets. tcp_drop_synfin="YES" # YES will cause the kernel to ignore TCP # frames that have both the SYN and FIN flags # set. Only available if the kernel was built # with the TCP_DROP_SYNFIN option. # change to NO if web server behind firewall. tcp_restrict_rst="YES" # YES will cause the kernel to refrain from # emitting TCP RST frames in response to # invalid TCP packets (e.g., frames destined # for closed ports). This option is only # available if the kernel was built with the # TCP_RESTRICT_RST option. syslogd_flags="-ss" # Don't use network sockets so portscan # will not find (security tip) portmap_enable="NO" # Don't allow nfs portmapper (security tip) Another very obscure option is blackhole, new in FBSD 4.4 The blackhole sysctl(8) is used to control system behavior when connection requests are received on TCP or UDP ports where there is no socket listening. Normal behavior, when a TCP SYN segment is received on a port where there is no socket accepting connections, is for the system to return a RST segment, and drop the connection. The connecting system will see this as a "Connection reset by peer". By setting the TCP blackhole MIB to a numeric value of 1, the incoming SYN segment is merely dropped, and no RST is sent, making the system appear as a blackhole. By setting the MIB value to 2, any segment arriving on a closed port is dropped without returning a RST. This provides some degree of protection against stealth port scans. In the UDP instance, enabling blackhole behavior turns off the sending of an ICMP port unreachable message in response to a UDP datagram which arrives on a port where there is no socket listening. It must be noted that this behavior will prevent remote systems from running traceroute(8) to a system. The blackhole behavior is useful to slow down anyone who is port scanning a system, attempting to detect vulnerable services on a system. It could potentially also slow down someone who is attempting a denial of service attack. The sysctl net.inet.tcp.blackhole=2 command can be entered from the command line and will be in effect until the next boot. The sysctl command can also be in the /etc/sysctl.conf file (which you must create) and if present will be activated during the boot process. Read man sysctl for command format to display settings of this option and some others that allow you to change to default dynamic rules time out values. /etc/sysctl.conf file contents sysctl net.inet.tcp.blackhole=2 sysctl net.inet.udp.blackhole=1 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Mar 19 19:16: 7 2002 Delivered-To: freebsd-isp@freebsd.org Received: from backup.dagupan.com (www.psysc.org.ph [206.101.69.5]) by hub.freebsd.org (Postfix) with ESMTP id C70FA37B41B for ; Tue, 19 Mar 2002 19:15:00 -0800 (PST) Received: by apmail.dagupan.com with Internet Mail Service (5.5.2653.19) id ; Wed, 20 Mar 2002 11:16:09 +0800 Message-ID: <10F29E27A956D511B0940050DA8D86A934101D@apmail.dagupan.com> From: francisv@dagupan.com To: freebsd-isp@FreeBSD.ORG Subject: [OT] Revision control system Date: Wed, 20 Mar 2002 11:16:09 +0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Can you share with me how you make use of RCS in your production systems for system configuration changes, etc.? We're using this script to edit configuration files: /usr/local/bin/rvi: #!/bin/sh co -l $1 $VISUAL $1 rcsdiff -u $1 ci -u $1 I also want to know how other ISPs implement this. --- francis a. vidal [bitstop network services] | http://www.dagupan.com streaming media + web hosting | http://www.keystone.ph v(02)330-2871,(02)330-2872; f(02)330-2873 | http://www.kuro.ph To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Mar 19 23:26:40 2002 Delivered-To: freebsd-isp@freebsd.org Received: from draco.over-yonder.net (draco.over-yonder.net [198.78.58.61]) by hub.freebsd.org (Postfix) with ESMTP id 8038E37B400 for ; Tue, 19 Mar 2002 23:26:36 -0800 (PST) Received: by draco.over-yonder.net (Postfix, from userid 100) id 11F60FC5; Wed, 20 Mar 2002 01:26:36 -0600 (CST) Date: Wed, 20 Mar 2002 01:26:36 -0600 From: "Matthew D. Fuller" To: francisv@dagupan.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: [OT] Revision control system Message-ID: <20020320012636.C29148@over-yonder.net> References: <10F29E27A956D511B0940050DA8D86A934101D@apmail.dagupan.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5-fullermd.1i In-Reply-To: <10F29E27A956D511B0940050DA8D86A934101D@apmail.dagupan.com>; from francisv@dagupan.com on Wed, Mar 20, 2002 at 11:16:09AM +0800 X-Editor: vi X-OS: FreeBSD Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Mar 20, 2002 at 11:16:09AM +0800 I heard the voice of francisv@dagupan.com, and lo! it spake thus: > Hi, > > Can you share with me how you make use of RCS in your production systems for > system configuration changes, etc.? We're using this script to edit > configuration files: > > /usr/local/bin/rvi: > #!/bin/sh > co -l $1 > $VISUAL $1 > rcsdiff -u $1 > ci -u $1 I messed with RCS for a while, but it quickly showed its inherent impracticality. I just use CVS for everything nowadays, with a single central repository accessed via ssh from elsewhere. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 0:54:23 2002 Delivered-To: freebsd-isp@freebsd.org Received: from draco.over-yonder.net (draco.over-yonder.net [198.78.58.61]) by hub.freebsd.org (Postfix) with ESMTP id 2171037B404 for ; Wed, 20 Mar 2002 00:54:21 -0800 (PST) Received: by draco.over-yonder.net (Postfix, from userid 100) id E5E8BFC2; Wed, 20 Mar 2002 02:29:51 -0600 (CST) Date: Wed, 20 Mar 2002 02:29:51 -0600 From: "Matthew D. Fuller" To: francisv@dagupan.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: [OT] Revision control system Message-ID: <20020320022951.D29148@over-yonder.net> References: <10F29E27A956D511B0940050DA8D86A9341023@apmail.dagupan.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5-fullermd.1i In-Reply-To: <10F29E27A956D511B0940050DA8D86A9341023@apmail.dagupan.com>; from francisv@dagupan.com on Wed, Mar 20, 2002 at 04:26:55PM +0800 X-Editor: vi X-OS: FreeBSD Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Mar 20, 2002 at 04:26:55PM +0800 I heard the voice of francisv@dagupan.com, and lo! it spake thus: > Do you know of a good tutorial site for CVS? I'd like to try it out and see > the difference for myself. http://www.csc.calpoly.edu/~dbutler/tutorials/winter96/cvs/ is a pretty simple once-over. Not the most comprehensive, but easy to read through. http://www.loria.fr/~molli/cvs/doc/cvs_toc.html is a MUCH more involved discussion, but it covers pretty much anything relating to using CVS, including a lot of stuff you'll probably never need. I think it's mirrored somewhere at cvshome.org. And, of course http://www.cvshome.org/ is the central point for all things CVS. Look through their docs there, they've got tons of stuff. Really, I just fiddled with it over time. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 1:11:13 2002 Delivered-To: freebsd-isp@freebsd.org Received: from backup.dagupan.com (www.psysc.org.ph [206.101.69.5]) by hub.freebsd.org (Postfix) with ESMTP id E54D637B404 for ; Wed, 20 Mar 2002 01:11:07 -0800 (PST) Received: by apmail.dagupan.com with Internet Mail Service (5.5.2653.19) id ; Wed, 20 Mar 2002 16:27:03 +0800 Message-ID: <10F29E27A956D511B0940050DA8D86A9341023@apmail.dagupan.com> From: francisv@dagupan.com To: fullermd@over-yonder.net Cc: freebsd-isp@FreeBSD.ORG Subject: RE: [OT] Revision control system Date: Wed, 20 Mar 2002 16:26:55 +0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Do you know of a good tutorial site for CVS? I'd like to try it out and see the difference for myself. -----Original Message----- From: Matthew D. Fuller [mailto:fullermd@over-yonder.net] Sent: Wednesday, March 20, 2002 3:27 PM To: francisv@dagupan.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: [OT] Revision control system On Wed, Mar 20, 2002 at 11:16:09AM +0800 I heard the voice of francisv@dagupan.com, and lo! it spake thus: > Hi, > > Can you share with me how you make use of RCS in your production systems for > system configuration changes, etc.? We're using this script to edit > configuration files: > > /usr/local/bin/rvi: > #!/bin/sh > co -l $1 > $VISUAL $1 > rcsdiff -u $1 > ci -u $1 I messed with RCS for a while, but it quickly showed its inherent impracticality. I just use CVS for everything nowadays, with a single central repository accessed via ssh from elsewhere. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 5:35:21 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id D324F37B416 for ; Wed, 20 Mar 2002 05:35:13 -0800 (PST) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16ngEt-000JbL-00; Wed, 20 Mar 2002 16:34:51 +0300 Date: Wed, 20 Mar 2002 16:34:50 +0300 From: Odhiambo Washington To: Edwin Culp Cc: FBSD-ISP Subject: Re: Webmail App for virtual domains hosting Message-ID: <20020320133450.GI14038@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Edwin Culp , FBSD-ISP References: <20020315171958.GE97915@ns2.wananchi.com> <1016218866.3c9244f2c0a7f@Mail.EnContacto.Net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1016218866.3c9244f2c0a7f@Mail.EnContacto.Net> User-Agent: Mutt/1.3.25i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: "But officer, I was only trying to gain enough speed so I could coast to the nearest gas station." X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Mailer: Mutt http://www.mutt.org/ X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 4:32PM up 11 days, 23 mins, 3 users, load averages: 2.17, 2.22, 2.18 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Edwin Culp [20020315 22:01]: wrote: > I use mail/courier net/openldap2 with horde/imp/kronolith/turba/nag also in > ports. IMO, excellent combo that works with little effort. Hello Ed, I know courier-imap somehow can do this. However LDAP is still the preserve of a few (maybe I am wrong). My ldap knowledge is seriously wanting. May I request to know how you intergate the virtual domains in the horde framework - by sample configs if possible? Thanks. > > ed > > Quoting Odhiambo Washington : > > | Hello people, > | > | I am stuck here trying to find an app that is relatively easy to setup ;-) > | > | I have a couple virtual domains whose owners are making me scratch my head > | bald. > | > | Users authenticate via MySQL db and the mail is stored in mbox format in > | /var/spool/virtual/$domain.name/$user > | > | I am currently using tpop3d which I am happy with so far. > | > | I am basically looking for a webmail app with a few basic qualities: > | > | 1. Can auth via MySQL by taking username@domain as login name > | 2. Can display sent mail separately from the inbox > | 3. Can handle attachments > | > | I've looked at a couple of opts but now I just seem lost! > | > | > | Thanks in advance for your advise. > | > | > | -Wash > | > | -- > | Odhiambo Washington "The box said 'Requires > | Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > | Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > | GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > | > | ++ > | Computers can figure out all kinds of problems, except the things in > | the world that just don't add up. > | > | To Unsubscribe: send mail to majordomo@FreeBSD.org > | with "unsubscribe freebsd-isp" in the body of the message > | > > > -- > Griffin Plaza Partners, LLC > > ------------------------------------------------- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -Wash -- Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) ++ After living in New York, you trust nobody, but you believe everything. Just in case. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 6:17:33 2002 Delivered-To: freebsd-isp@freebsd.org Received: from encontacto.net (adsl-64-173-182-158.dsl.mtry01.pacbell.net [64.173.182.158]) by hub.freebsd.org (Postfix) with ESMTP id BEA3937B41B for ; Wed, 20 Mar 2002 06:16:51 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) (uid 0) by encontacto.net with local; Wed, 20 Mar 2002 06:16:50 -0800 Received: from 64.173.182.155 ( [64.173.182.155]) as user eculp@encontacto.net@mail.encontacto.net by Mail.EnContacto.Net with HTTP; Wed, 20 Mar 2002 06:16:49 -0800 Message-ID: <1016633809.3c9899d1e77f7@Mail.EnContacto.Net> Date: Wed, 20 Mar 2002 06:16:49 -0800 From: Edwin Culp To: Odhiambo Washington Cc: FBSD-ISP Subject: Re: Webmail App for virtual domains hosting References: <20020315171958.GE97915@ns2.wananchi.com> <1016218866.3c9244f2c0a7f@Mail.EnContacto.Net> <20020320133450.GI14038@ns2.wananchi.com> In-Reply-To: <20020320133450.GI14038@ns2.wananchi.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 4.0-cvs X-Originating-IP: 64.173.182.155 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Be glad to but I'm on my way to a meeting. When I get back I'll send you a private mail and start sending you configurations and we'll initiate a dialog on the whys and wherefores:-) ed Quoting Odhiambo Washington : > * Edwin Culp [20020315 22:01]: wrote: > > I use mail/courier net/openldap2 with horde/imp/kronolith/turba/nag also > in > > ports. IMO, excellent combo that works with little effort. > > > Hello Ed, > > I know courier-imap somehow can do this. However LDAP is still the preserve > of > a few (maybe I am wrong). My ldap knowledge is seriously wanting. > > May I request to know how you intergate the virtual domains in the horde > framework > - by sample configs if possible? > > Thanks. > > > > > > ed > > > > Quoting Odhiambo Washington : > > > > | Hello people, > > | > > | I am stuck here trying to find an app that is relatively easy to setup > ;-) > > | > > | I have a couple virtual domains whose owners are making me scratch my > head > > | bald. > > | > > | Users authenticate via MySQL db and the mail is stored in mbox format > in > > | /var/spool/virtual/$domain.name/$user > > | > > | I am currently using tpop3d which I am happy with so far. > > | > > | I am basically looking for a webmail app with a few basic qualities: > > | > > | 1. Can auth via MySQL by taking username@domain as login name > > | 2. Can display sent mail separately from the inbox > > | 3. Can handle attachments > > | > > | I've looked at a couple of opts but now I just seem lost! > > | > > | > > | Thanks in advance for your advise. > > | > > | > > | -Wash > > | > > | -- > > | Odhiambo Washington "The box said 'Requires > > | Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > > | Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > > | GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > > | > > | ++ > > | Computers can figure out all kinds of problems, except the things in > > | the world that just don't add up. > > | > > | To Unsubscribe: send mail to majordomo@FreeBSD.org > > | with "unsubscribe freebsd-isp" in the body of the message > > | > > > > > > -- > > Griffin Plaza Partners, LLC > > > > ------------------------------------------------- > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > -Wash > > -- > Odhiambo Washington "The box said 'Requires > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > > ++ > After living in New York, you trust nobody, but you believe > everything. Just in case. > ------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 6:21:17 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id 3EB9C37B400 for ; Wed, 20 Mar 2002 06:21:03 -0800 (PST) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16ngxY-000Mmm-00 for ; Wed, 20 Mar 2002 17:21:00 +0300 Date: Wed, 20 Mar 2002 17:21:00 +0300 From: Odhiambo Washington To: FBSD-ISP Subject: User Maanagement (Bulk Processing) Message-ID: <20020320142100.GJ14038@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , FBSD-ISP Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="tKW2IUtsqtDRztdT" Content-Disposition: inline User-Agent: Mutt/1.3.25i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: "But officer, I was only trying to gain enough speed so I could coast to the nearest gas station." X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Mailer: Mutt http://www.mutt.org/ X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 4:53PM up 11 days, 44 mins, 3 users, load averages: 2.19, 2.29, 2.25 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --tKW2IUtsqtDRztdT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello people, Allow me to ask this because I work for an ISP ;-) Actually I am just seeking help from shell script gurus. I have a shell script that I use to suspend user accounts on my FreeBSD box. It works well for single user but there are time like now when I want to suspend over 400 users for non payment. I have another script that can do this but again the problem is my scripts are so crude they do not do any sensible checks . My bad. I am attaching the script - wol-suspend.sh Basically one of you gurus can be able to modify this script so that it takes a flat file (badusers.txt) which has one user per line and suspend all of them, yes?? I sincerely hate to do ./wol-suspend.sh userx ./wol-suspend.sh userb My insistence on this is because our Customer Service Executives will verify the user's status by doing finger userx and they'll see Plan: Suspended. Other than this, what tools do pepole use for such tasks? Someone willing to share what they have?? Thanking you. -Wash -- Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) ++ Kleptomaniac, n.: A rich thief. -- Ambrose Bierce, "The Devil's Dictionary" --tKW2IUtsqtDRztdT Content-Type: application/x-sh Content-Disposition: attachment; filename="wol-suspend.sh" Content-Transfer-Encoding: quoted-printable #!/usr/local/bin/bash=0A=0A# Suspend User and indicate so in .plan=0A=0Auna= me=3D$1=0A=0A=0A# Sanity Check=0Aif [ -n "$uname" ]; then=0A=0A# Real inSan= ity =0Aif [ "$uname" !=3D root ]; then=0A=0A# Other Sanity Check=0Aif [ "$u= name" !=3D admin ]; then=0Aif [ "$uname" !=3D admin1 ]; then=0Aif [ "$uname= " !=3D admin2 ]; then=0Aif [ "$uname" !=3D admin2b ]; then=0A=0A# # gtest= =0A gtest=3D`groups $uname`=0A if [ "$gtest" =3D users ]=0A then=0A=0A# # G= et the Dirt=0A export EDITOR=3D/bin/cat $1=0A=0A psswdstr=3D`/usr/bin/chsh = $uname 2> /dev/null | \=0A /usr/bin/awk '{if (sub(/Password: /,""))print}'= `=0A=0A# # Been There, Done That=0A if test -z `echo $psswdstr | /usr/bi= n/grep "*"`=0A then=0A=0A testexit=3D`/bin/echo $?`=0A=0A if [ "$testex= it" =3D 0 ]; then=0A# # Just Do It!=0A=0A /usr/bin/chsh -p *$psswdstr = $uname=0A=0A=0A if [ -f /home/$uname/.plan ]; then=0A /bin/echo -n "s= uspended" >> /home/$uname/.plan=0A else=0A if [ -d /home/$uname ]; t= hen=0A /usr/bin/touch /home/$uname/.plan=0A /usr/sbin/chown $uname = /home/$uname/.plan=0A /bin/echo "suspended" >> /home/$uname/.plan=0A = fi=0A fi=0A=0A# # Just Dood It!=0A fi=0A else=0A #echo "Coogan's= Bluff (1968)"=0A echo=0A echo "$uname is Already suspended"=0A fi=0A=0A= # # gtest=0A else=0A :=0A fi=0A=0Aelse=0Aecho=0A# "A Man For All Seasons (g= p)"=0Afi=0Aelse=0Aecho=0A# "A Man For All Seasons (p)"=0Afi=0Aelse=0Aecho= =0A# "A Man For All Seasons (f)"=0Afi=0Aelse=0Aecho "A Man For All Seasons = (1966)"=0Afi=0Aelse=0Aecho "A Man For All Seasons (1988)"=0Afi=0A=0Aelse=0A= echo "Il Buono, il brutto, il cattivo (1966)"=0Aecho=0A#echo "Usage: accoun= t-suspend [user]"=0Afi=0A --tKW2IUtsqtDRztdT-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 6:49:11 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lily.ezo.net (lily.ezo.net [206.102.130.13]) by hub.freebsd.org (Postfix) with ESMTP id D108537B400 for ; Wed, 20 Mar 2002 06:49:03 -0800 (PST) Received: from peony.ezo.net (peony.ezo.net [206.102.130.11]) by lily.ezo.net (8.11.6/8.11.6) with ESMTP id g2KEmqo23097; Wed, 20 Mar 2002 09:48:53 -0500 (EST) (envelope-from jflowers@ezo.net) From: "Jim Flowers" To: Odhiambo Washington , FBSD-ISP Subject: Re: User Maanagement (Bulk Processing) Date: Wed, 20 Mar 2002 09:50:05 -0500 Message-Id: <20020320095005.M82852@ezo.net> In-Reply-To: <20020320142100.GJ14038@ns2.wananchi.com> References: <20020320142100.GJ14038@ns2.wananchi.com> X-Mailer: Open WebMail 1.60 20020130 X-OriginatingIP: 24.93.230.119 (jflowers) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org users=`cat badusers.txt` for user in $users; do wol-suspend.sh $user done and, no doubt, something similar to restore them. > Hello people, > > Allow me to ask this because I work for an ISP ;-) Actually > I am just seeking help from shell script gurus. I have a shell > script that I use to suspend user accounts on my FreeBSD box. > It works well for single user but there are time like now when > I want to suspend over 400 users for non payment. I have another > script that can do this but again the problem is my scripts > are so crude they do not do any sensible checks . My bad. > > I am attaching the script - wol-suspend.sh Basically one of > you gurus can be able to modify this script so that it takes > a flat file (badusers.txt) which has one user per line and > suspend all of them, yes?? I sincerely hate to do > > ./wol-suspend.sh userx > ./wol-suspend.sh userb > > My insistence on this is because our Customer Service Executives > will verify the user's status by doing > > finger userx > > and they'll see Plan: Suspended. > > Other than this, what tools do pepole use for such tasks? Someone > willing to share what they have?? > > Thanking you. > > -Wash > > -- > Odhiambo Washington "The box said 'Requires > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, > or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so > I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 > 744 121 This sig is McQ! :-) > > ++ > Kleptomaniac, n.: > A rich thief. > -- Ambrose Bierce, "The Devil's Dictionary" -- Jim Flowers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 6:49:28 2002 Delivered-To: freebsd-isp@freebsd.org Received: from wildcatblue.com (flanders.wildcatblue.com [206.157.147.206]) by hub.freebsd.org (Postfix) with ESMTP id EB20437B416 for ; Wed, 20 Mar 2002 06:49:08 -0800 (PST) Received: from asgidavid (208-32-50-91.xdsl.qx.net [208.32.50.91]) by wildcatblue.com (Postfix) with SMTP id 170F7144175; Wed, 20 Mar 2002 09:47:31 -0500 (EST) Message-ID: <001d01c1d01d$b81d9520$1506810a@asgidavid> From: "David Rhodus" To: "Odhiambo Washington" , "FBSD-ISP" References: <20020320142100.GJ14038@ns2.wananchi.com> Subject: Re: User Maanagement (Bulk Processing) Date: Wed, 20 Mar 2002 09:44:19 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2526.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2526.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Something like #!/bin/sh for a in `cat ./users.txt` ;do pw lock $a ;done then when user pays pw unlock user -- David Rhodus ----- Original Message ----- From: "Odhiambo Washington" To: "FBSD-ISP" Sent: Wednesday, March 20, 2002 9:21 AM Subject: User Maanagement (Bulk Processing) > Hello people, > > Allow me to ask this because I work for an ISP ;-) Actually I am just seeking help > from shell script gurus. I have a shell script that I use to suspend user accounts > on my FreeBSD box. It works well for single user but there are time like now when > I want to suspend over 400 users for non payment. I have another script that can do > this but again the problem is my scripts are so crude they do not do any sensible > checks . My bad. > > I am attaching the script - wol-suspend.sh Basically one of you gurus can be able > to modify this script so that it takes a flat file (badusers.txt) which has one > user per line and suspend all of them, yes?? I sincerely hate to do > > ./wol-suspend.sh userx > ./wol-suspend.sh userb > > My insistence on this is because our Customer Service Executives will verify the user's > status by doing > > finger userx > > and they'll see Plan: Suspended. > > > Other than this, what tools do pepole use for such tasks? Someone willing to share > what they have?? > > > > Thanking you. > > > -Wash > > -- > Odhiambo Washington "The box said 'Requires > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > > ++ > Kleptomaniac, n.: > A rich thief. > -- Ambrose Bierce, "The Devil's Dictionary" > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 7:10:48 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id DC59D37B405 for ; Wed, 20 Mar 2002 07:10:36 -0800 (PST) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16nhjW-000Pup-00; Wed, 20 Mar 2002 18:10:34 +0300 Date: Wed, 20 Mar 2002 18:10:34 +0300 From: Odhiambo Washington To: Jim Flowers Cc: FBSD-ISP Subject: Re: User Maanagement (Bulk Processing) Message-ID: <20020320151034.GM14038@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Jim Flowers , FBSD-ISP References: <20020320142100.GJ14038@ns2.wananchi.com> <20020320095005.M82852@ezo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320095005.M82852@ezo.net> User-Agent: Mutt/1.3.25i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: "But officer, I was only trying to gain enough speed so I could coast to the nearest gas station." X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Mailer: Mutt http://www.mutt.org/ X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 6:09PM up 11 days, 2 hrs, 1 user, load averages: 2.32, 2.23, 2.18 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Jim Flowers [20020320 17:49]: wrote: > users=`cat badusers.txt` > for user in $users; do > wol-suspend.sh $user > done > > and, no doubt, something similar to restore them. I must say this is just very brilliant! Thank you. I need to whack myself thoroughly for not thinking this way, yes? No, people are gifted with diff levels of thinking. > > > Hello people, > > > > Allow me to ask this because I work for an ISP ;-) Actually > > I am just seeking help from shell script gurus. I have a shell > > script that I use to suspend user accounts on my FreeBSD box. > > It works well for single user but there are time like now when > > I want to suspend over 400 users for non payment. I have another > > script that can do this but again the problem is my scripts > > are so crude they do not do any sensible checks . My bad. > > > > I am attaching the script - wol-suspend.sh Basically one of > > you gurus can be able to modify this script so that it takes > > a flat file (badusers.txt) which has one user per line and > > suspend all of them, yes?? I sincerely hate to do > > > > ./wol-suspend.sh userx > > ./wol-suspend.sh userb > > > > My insistence on this is because our Customer Service Executives > > will verify the user's status by doing > > > > finger userx > > > > and they'll see Plan: Suspended. > > > > Other than this, what tools do pepole use for such tasks? Someone > > willing to share what they have?? > > > > Thanking you. > > > > -Wash > > > > -- > > Odhiambo Washington "The box said 'Requires > > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, > > or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so > > I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 > > 744 121 This sig is McQ! :-) > > > > ++ > > Kleptomaniac, n.: > > A rich thief. > > -- Ambrose Bierce, "The Devil's Dictionary" > > > -- > Jim Flowers -Wash S y s t e m s A d m i n i s t r a t o r -- Odhiambo Washington /"\ RED Ribbon Campaign Wananchi Online Ltd., \ / Against AIDS. X "Help fight the scourge - Tel: 254 2 313 985-9 / \ use a condom if you _must_" ++ Q: How many Martians does it take to screw in a lightbulb? A: One and a half. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 7:14:25 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id C1DCA37B405 for ; Wed, 20 Mar 2002 07:14:11 -0800 (PST) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16nhn1-0000Dz-00; Wed, 20 Mar 2002 18:14:11 +0300 Date: Wed, 20 Mar 2002 18:14:11 +0300 From: Odhiambo Washington To: David Rhodus Cc: FBSD-ISP Subject: Re: User Maanagement (Bulk Processing) Message-ID: <20020320151411.GN14038@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , David Rhodus , FBSD-ISP References: <20020320142100.GJ14038@ns2.wananchi.com> <001d01c1d01d$b81d9520$1506810a@asgidavid> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <001d01c1d01d$b81d9520$1506810a@asgidavid> User-Agent: Mutt/1.3.25i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: "But officer, I was only trying to gain enough speed so I could coast to the nearest gas station." X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Mailer: Mutt http://www.mutt.org/ X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 6:10PM up 11 days, 2:02, 1 user, load averages: 2.28, 2.24, 2.18 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * David Rhodus [20020320 17:49]: wrote: > Something like > #!/bin/sh > for a in `cat ./users.txt` ;do pw lock $a ;done > > then when user pays > pw unlock user Hmm, this does the trick. In fact I hadn't know about this even. However our CS Excecutives need to know when a user is locked out and the only way I can do this, because they finger the user, is to append "Suspended" to the user's .plan when I suspend and sub the word with a blank when I unsuspend. Thank you for this tip. I'll make use of it some day. > > -- > David Rhodus > ----- Original Message ----- > From: "Odhiambo Washington" > To: "FBSD-ISP" > Sent: Wednesday, March 20, 2002 9:21 AM > Subject: User Maanagement (Bulk Processing) > > > > Hello people, > > > > Allow me to ask this because I work for an ISP ;-) Actually I am just > seeking help > > from shell script gurus. I have a shell script that I use to suspend user > accounts > > on my FreeBSD box. It works well for single user but there are time like > now when > > I want to suspend over 400 users for non payment. I have another script > that can do > > this but again the problem is my scripts are so crude they do not do any > sensible > > checks . My bad. > > > > I am attaching the script - wol-suspend.sh Basically one of you gurus can > be able > > to modify this script so that it takes a flat file (badusers.txt) which > has one > > user per line and suspend all of them, yes?? I sincerely hate to do > > > > ./wol-suspend.sh userx > > ./wol-suspend.sh userb > > > > My insistence on this is because our Customer Service Executives will > verify the user's > > status by doing > > > > finger userx > > > > and they'll see Plan: Suspended. > > > > > > Other than this, what tools do pepole use for such tasks? Someone willing > to share > > what they have?? > > > > > > > > Thanking you. > > > > > > -Wash > > > > -- > > Odhiambo Washington "The box said 'Requires > > Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' > > Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." > > GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) > > > > ++ > > Kleptomaniac, n.: > > A rich thief. > > -- Ambrose Bierce, "The Devil's Dictionary" > > -Wash S y s t e m s A d m i n i s t r a t o r -- Odhiambo Washington /"\ RED Ribbon Campaign Wananchi Online Ltd., \ / Against AIDS. X "Help fight the scourge - Tel: 254 2 313 985-9 / \ use a condom if you _must_" ++ Anybody can win, unless there happens to be a second entry. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 8:45:53 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cutter.wantabe.com (cutter.wantabe.com [204.2.6.8]) by hub.freebsd.org (Postfix) with ESMTP id 1AB8637B404 for ; Wed, 20 Mar 2002 08:45:51 -0800 (PST) Received: from cutter.wantabe.com (cutter.wantabe.com [204.2.6.8]) by cutter.wantabe.com (8.10.1/8.10.1) with ESMTP id g2KGjju11175 for ; Wed, 20 Mar 2002 10:45:45 -0600 (CST) Date: Wed, 20 Mar 2002 10:45:45 -0600 (CST) From: "Jeffrey J. Libman" To: freebsd-isp@freebsd.org Subject: re: automatic user scripts Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org i am working on a hotmail-like mail server project where a potential user can register and have an account created automatically. i am looking for scripts to help with this, especially in the realm of unxi account creation...and possibly ideas how this is done in a fashion allowing password retention (database for resending to user?) and changing. i use freebsd 4.5 with apache/php4/mysql. any suggestions appreciated. cheers, jeff -- | |\ +------------------------------+ Jeffrey J. Libman, ops. mgr. | \ | Wantabe Internet Services | Wantabe, Inc. |__\ +------------------------------+ jeffrl@wantabe.com <-----|------> (281) 345-0215 __,.-=\'`^`'~=-../__,.-= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 14:33:10 2002 Delivered-To: freebsd-isp@freebsd.org Received: from floyd.getsetnet.net (floyd.gnulife.org [199.86.41.27]) by hub.freebsd.org (Postfix) with ESMTP id 97FB937B400 for ; Wed, 20 Mar 2002 14:33:05 -0800 (PST) Received: by floyd.getsetnet.net (Postfix, from userid 1000) id 0C560432B4; Wed, 20 Mar 2002 16:34:04 -0600 (CST) Received: from localhost (localhost [127.0.0.1]) by floyd.getsetnet.net (Postfix) with ESMTP id 07CED432B3 for ; Wed, 20 Mar 2002 16:34:04 -0600 (CST) Date: Wed, 20 Mar 2002 16:34:03 -0600 (CST) From: Jamie Ostrowski To: freebsd-isp@FreeBSD.ORG Subject: Problem with Starting httpd on FreeBSD Message-ID: <20020320162009.J4440-100000@floyd.getsetnet.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I am building a new web server for an ISP, and I am having trouble getting Apache to start up automatically when the machine comes up. I am running FreeBSD 4.5 RELEASE on a 1GHz PIII. I have installed apachectl in /usr/local/etc/rc.d, and set it to 755. I can start apache from the command manually in that directory like this: /usr/local/etc/rc.d/apachectl start and it comes up just fine. It does take about 15 seconds for it to start as there are a couple hundred virtual hosts it is starting up. Is init giving up after a certain length of time, before apachectl has time to finish firing up httpd? If so, is there a way this can be configured? I can't seem to locate any documentation that covers this specific problem. Thanks. - Jamie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 14:40:10 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id A9DF437B41D for ; Wed, 20 Mar 2002 14:39:50 -0800 (PST) Received: (qmail 68406 invoked by uid 106); 20 Mar 2002 22:43:14 -0000 Received: from 24-90-123-214.nyc.rr.com (HELO station1) (24.90.123.214) by cobra.acceleratedweb.net with SMTP; 20 Mar 2002 22:43:14 -0000 From: "Simon" To: "freebsd-isp@FreeBSD.ORG" , "Jamie Ostrowski" Date: Wed, 20 Mar 2002 17:45:48 -0500 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: <20020320162009.J4440-100000@floyd.getsetnet.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Problem with Starting httpd on FreeBSD Message-Id: <20020320223950.A9DF437B41D@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Starting apache with several hundred vhosts shouldn't take 15 seconds on 1Ghz machine. How does your vhost directives look like? most likely you made apache resolve all vhost domain name's each and everytime you restart. You should use IPs instead, how often do you change them? hope not as often... -Simon On Wed, 20 Mar 2002 16:34:03 -0600 (CST), Jamie Ostrowski wrote: > > > > I am building a new web server for an ISP, and I am having trouble >getting Apache to start up automatically when the machine comes up. >I am running FreeBSD 4.5 RELEASE on a 1GHz PIII. I have installed >apachectl in /usr/local/etc/rc.d, and set it to 755. I can start apache >from the command manually in that directory like this: > >/usr/local/etc/rc.d/apachectl start > > and it comes up just fine. > > It does take about 15 seconds for it to start as there are a couple >hundred virtual hosts it is starting up. Is init giving up after a certain >length of time, before apachectl has time to finish firing up httpd? If >so, is there a way this can be configured? I can't seem to locate any >documentation that covers this specific problem. Thanks. > > > - Jamie > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Mar 20 14:44:46 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mgnmail3.mgn.co.uk (mgnmail3.mgn.co.uk [195.92.144.196]) by hub.freebsd.org (Postfix) with ESMTP id 5C62F37B419 for ; Wed, 20 Mar 2002 14:44:32 -0800 (PST) Subject: Re: Problem with Starting httpd on FreeBSD To: Jamie Ostrowski Cc: freebsd-isp@FreeBSD.ORG X-Mailer: Lotus Notes Release 5.0.9 November 16, 2001 Message-ID: From: tony.mccrory@mgn.co.uk Date: Wed, 20 Mar 2002 22:44:26 +0000 X-MIMETrack: Serialize by Router on LNPRODUCTION1CW/MG_CW(Release 5.0.8 |June 18, 2001) at 20/03/2002 22:44:00 MIME-Version: 1.0 Content-type: multipart/mixed; Boundary="0__=80256B82007CEB508f9e8a93df938690918c80256B82007CEB50" Content-Disposition: inline Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --0__=80256B82007CEB508f9e8a93df938690918c80256B82007CEB50 Content-type: text/plain; charset=us-ascii /etc/rc will only look for startup scripts in /usr/local/etc/rc.d/ ending in .sh so you can do either 1) rename the apachectl script to apachectl.sh or 2) put apachectl in /usr/local/sbin/ and instead put apache.sh in /usr/local/etc/rc.d/ I'd suggest (2). Thats the way it came 'out of the box' for me. I've attached my apache.sh. Regards, Tony(See attached file: apache.sh) Jamie Ostrowski cc: Sent by: Subject: Problem with Starting httpd on FreeBSD owner-freebsd-isp@F reeBSD.ORG 20/03/2002 22:34 I am building a new web server for an ISP, and I am having trouble getting Apache to start up automatically when the machine comes up. I am running FreeBSD 4.5 RELEASE on a 1GHz PIII. I have installed apachectl in /usr/local/etc/rc.d, and set it to 755. I can start apache from the command manually in that directory like this: /usr/local/etc/rc.d/apachectl start and it comes up just fine. It does take about 15 seconds for it to start as there are a couple hundred virtual hosts it is starting up. Is init giving up after a certain length of time, before apachectl has time to finish firing up httpd? If so, is there a way this can be configured? I can't seem to locate any documentation that covers this specific problem. Thanks. - Jamie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message IMPORTANT NOTICE The information in this e-mail is confidential and should only be read by those persons to whom it is addressed and is not intended to be relied upon by any person without subsequent written confirmation of its contents. Furthermore, the content of this e-mail is the personal view of the sender and does not represent the advice, views or opinion of our company. Accordingly, our company disclaim all responsibility and accept no liability (including in negligence) for the consequences of any person acting, or refraining from acting, on such information prior to the receipt by those persons of subsequent written confirmation. In particular (but not by way of limitation) our company disclaims all responsibility and accepts no liability for any e-mails which are defamatory, offensive, racist or in any other way are in breach of any third party's rights, including breach of confidence, privacy or other rights. If you have received this e-mail message in error, please notify me immediately by telephone. Please also destroy and delete the message from your computer. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication of this e-mail message is strictly prohibited. Trinity Mirror plc is the holding company for the Trinity Mirror group of companies and is registered in England No. 82548, with its address at Kingsfield Court, Chester Business Park, Chester CH4 9RE. --0__=80256B82007CEB508f9e8a93df938690918c80256B82007CEB50 Content-type: application/octet-stream; name="apache.sh" Content-Disposition: attachment; filename="apache.sh" Content-transfer-encoding: base64 IyEvYmluL3NoDQoNCmlmICEgUFJFRklYPSQoZXhwciAkMCA6ICJcKC8uKlwpL2V0Yy9yY1wuZC8k KGJhc2VuYW1lICQwKVwkIik7IHRoZW4NCiAgICBlY2hvICIkMDogQ2Fubm90IGRldGVybWluZSB0 aGUgUFJFRklYIiA+JjINCiAgICBleGl0IDENCmZpDQoNCmNhc2UgIiQxIiBpbg0Kc3RhcnQpDQoJ WyAteCAke1BSRUZJWH0vc2Jpbi9hcGFjaGVjdGwgXSAmJiAke1BSRUZJWH0vc2Jpbi9hcGFjaGVj dGwgc3RhcnQgPiAvZGV2L251bGwgJiYgZWNobyAtbiAnIGFwYWNoZScNCgk7Ow0Kc3RvcCkNCglb IC1yIC92YXIvcnVuL2h0dHBkLnBpZCBdICYmICR7UFJFRklYfS9zYmluL2FwYWNoZWN0bCBzdG9w ID4gL2Rldi9udWxsICYmIGVjaG8gLW4gJyBhcGFjaGUnDQoJOzsNCiopDQoJZWNobyAiVXNhZ2U6 IGBiYXNlbmFtZSAkMGAge3N0YXJ0fHN0b3B9IiA+JjINCgk7Ow0KZXNhYw0KDQpleGl0IDANCg== --0__=80256B82007CEB508f9e8a93df938690918c80256B82007CEB50-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 5:24:58 2002 Delivered-To: freebsd-isp@freebsd.org Received: from enitel.no (mail.enitel.no [194.19.2.12]) by hub.freebsd.org (Postfix) with ESMTP id 716D137B400 for ; Thu, 21 Mar 2002 05:24:54 -0800 (PST) Received: from [194.19.18.157] (HELO pcjorinn) by enitel.no (CommuniGate Pro SMTP 3.5.7) with ESMTP id 43969452 for freebsd-isp@FreeBSD.ORG; Thu, 21 Mar 2002 14:24:52 +0100 From: =?iso-8859-1?Q?J=F8rn-Morten_Innselset?= To: Subject: RE: Problem with Starting httpd on FreeBSD Date: Thu, 21 Mar 2002 14:24:52 +0100 Organization: BaneTele Nett AS Message-ID: <377CD49B98E3D211809300902740748205EDA01E@mail1.enitel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <20020320162009.J4440-100000@floyd.getsetnet.net> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org First of all you should check your Apache error logs. I struggled with the exact same problem a time ago, and it turned out to be that the httpd process couldn't resolve its assiciated hostname on startup due to the server running named locally. Had to define it spesifically in /etc/hosts. -- J=F8rn-Morten Innselset Email & Web Services Manager BaneTele Nett AS > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG=20 > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Jamie Ostrowski > Sent: 20. mars 2002 23:34 > To: freebsd-isp@FreeBSD.ORG > Subject: Problem with Starting httpd on FreeBSD >=20 >=20 >=20 >=20 >=20 > I am building a new web server for an ISP, and I am=20 > having trouble getting Apache to start up automatically when=20 > the machine comes up. I am running FreeBSD 4.5 RELEASE on a=20 > 1GHz PIII. I have installed apachectl in /usr/local/etc/rc.d,=20 > and set it to 755. I can start apache from the command=20 > manually in that directory like this: >=20 > /usr/local/etc/rc.d/apachectl start >=20 > and it comes up just fine. >=20 > It does take about 15 seconds for it to start as there are=20 > a couple hundred virtual hosts it is starting up. Is init=20 > giving up after a certain length of time, before apachectl=20 > has time to finish firing up httpd? If so, is there a way=20 > this can be configured? I can't seem to locate any=20 > documentation that covers this specific problem. Thanks. >=20 >=20 > - Jamie >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 14:38:29 2002 Delivered-To: freebsd-isp@freebsd.org Received: from picard.dyn.newmillennium.net.au (max037.apex.net.au [203.30.99.166]) by hub.freebsd.org (Postfix) with ESMTP id 7E45E37B400 for ; Thu, 21 Mar 2002 14:38:22 -0800 (PST) Received: (from root@localhost) by picard.dyn.newmillennium.net.au (8.11.6/8.11.4) id g2LMcZH48523 for freebsd-isp@freebsd.org; Fri, 22 Mar 2002 09:38:35 +1100 (EST) (envelope-from deece@newmillennium.net.au) Received: from riker (riker.internal [192.168.0.50]) by picard.dyn.newmillennium.net.au (8.11.6/8.9.3) with ESMTP id g2LMcWv48432; Fri, 22 Mar 2002 09:38:32 +1100 (EST) From: "Alastair D'Silva" To: "'Jamie Ostrowski'" , Subject: RE: Problem with Starting httpd on FreeBSD Date: Fri, 22 Mar 2002 09:37:53 +1100 Organization: New Millennium Networking Message-ID: <00f801c1d129$0aab0910$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <20020320162009.J4440-100000@floyd.getsetnet.net> X-scanner: scanned by Inflex 0.1.5c - (http://www.inflex.co.za/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Install Apache from the ports collection - it'll set it up nicely for FreeBSD, including installing httpd.sh in the appropriate place. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Jamie Ostrowski > Sent: Thursday, 21 March 2002 9:34 AM > To: freebsd-isp@FreeBSD.ORG > Subject: Problem with Starting httpd on FreeBSD > > > > > > I am building a new web server for an ISP, and I am > having trouble getting Apache to start up automatically when > the machine comes up. I am running FreeBSD 4.5 RELEASE on a > 1GHz PIII. I have installed apachectl in /usr/local/etc/rc.d, > and set it to 755. I can start apache from the command > manually in that directory like this: > > /usr/local/etc/rc.d/apachectl start > > and it comes up just fine. > > It does take about 15 seconds for it to start as there are > a couple hundred virtual hosts it is starting up. Is init > giving up after a certain length of time, before apachectl > has time to finish firing up httpd? If so, is there a way > this can be configured? I can't seem to locate any > documentation that covers this specific problem. Thanks. > > > - Jamie > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 15:10:20 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cagelink.com (dsl94041.dyndsl.nettally.com [199.44.94.41]) by hub.freebsd.org (Postfix) with ESMTP id 513C037B41A for ; Thu, 21 Mar 2002 15:10:17 -0800 (PST) Received: by cagelink.com (Postfix, from userid 1001) id A9FEF16E; Thu, 21 Mar 2002 18:12:47 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by cagelink.com (Postfix) with ESMTP id A5E7580 for ; Thu, 21 Mar 2002 18:12:47 -0500 (EST) Date: Thu, 21 Mar 2002 18:12:47 -0500 (EST) From: Tyler To: Subject: Questions about Apache Message-ID: <20020321181122.Q64996-100000@cagelink.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Is there a way to make apachectl startssl or start the HTTPS server without entering a password so it will start on bootup and is there a way to change the way users access there websites, for instances: www.example.com/user/bob other than www.example.com/~bob Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 15:21: 4 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 3A70B37B417 for ; Thu, 21 Mar 2002 15:21:01 -0800 (PST) Received: (qmail 75399 invoked by uid 106); 21 Mar 2002 23:24:29 -0000 Received: from 24-90-123-214.nyc.rr.com (HELO station1) (24.90.123.214) by cobra.acceleratedweb.net with SMTP; 21 Mar 2002 23:24:29 -0000 From: "Simon" To: "freebsd-isp@freebsd.org" Date: Thu, 21 Mar 2002 18:26:59 -0500 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: <20020321181122.Q64996-100000@cagelink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Questions about Apache Message-Id: <20020321232101.3A70B37B417@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org There is a way to do what you want, do some homework. Start by looking at docs on apache.org and apache-ssl.org If you don't have time, hire someone who has :p This is definitely something you can figure out on your own by reading some docs. PS: your questions have nothing to do with FreeBSD. Hint: you need to remove a password from your private key to make httpsd start without prompting for a password. The answer is on the frontpage of apache-ssl.org -Simon On Thu, 21 Mar 2002 18:12:47 -0500 (EST), Tyler wrote: >Is there a way to make apachectl startssl or start the HTTPS server >without entering a password so it will start on bootup and is there a way >to change the way users access there websites, for instances: >www.example.com/user/bob other than www.example.com/~bob > >Thanks. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 19:35:10 2002 Delivered-To: freebsd-isp@freebsd.org Received: from picard.dyn.newmillennium.net.au (max055.apex.net.au [203.30.99.184]) by hub.freebsd.org (Postfix) with ESMTP id 6035237B400 for ; Thu, 21 Mar 2002 19:34:57 -0800 (PST) Received: (from root@localhost) by picard.dyn.newmillennium.net.au (8.11.6/8.11.4) id g2M3Z7p08844 for freebsd-isp@freebsd.org; Fri, 22 Mar 2002 14:35:07 +1100 (EST) (envelope-from deece@newmillennium.net.au) Received: from riker (riker.internal [192.168.0.50]) by picard.dyn.newmillennium.net.au (8.11.6/8.9.3) with ESMTP id g2M3Z5v08811; Fri, 22 Mar 2002 14:35:05 +1100 (EST) From: "Alastair D'Silva" To: "'Tyler'" , Subject: RE: Questions about Apache Date: Fri, 22 Mar 2002 14:34:25 +1100 Organization: New Millennium Networking Message-ID: <00fd01c1d152$773c79a0$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <20020321181122.Q64996-100000@cagelink.com> X-scanner: scanned by Inflex 0.1.5c - (http://www.inflex.co.za/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Look at the Apache docs for SSLPassPhraseDialog - it'll let you specify a program which will output to Apache the password for the certificate specified as the first parameter to it. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Tyler > Sent: Friday, 22 March 2002 10:13 AM > To: freebsd-isp@FreeBSD.ORG > Subject: Questions about Apache > > > Is there a way to make apachectl startssl or start the HTTPS > server without entering a password so it will start on bootup > and is there a way to change the way users access there > websites, for instances: www.example.com/user/bob other than > www.example.com/~bob > > Thanks. > > > To Unsubscribe: send mail to > majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Mar 21 23:11:40 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.alpha1.net (megatron.alpha1.net [66.119.232.5]) by hub.freebsd.org (Postfix) with ESMTP id 281C537B404 for ; Thu, 21 Mar 2002 23:11:35 -0800 (PST) Received: from marius.org (cdm-66-158-23-brcs.cox-internet.com [66.76.158.23]) by mail.alpha1.net (8.10.1/8.10.1) with ESMTP id g2M7BXI55185; Fri, 22 Mar 2002 01:11:33 -0600 (CST) Received: (from marius@localhost) by marius.org (8.11.6/8.11.6) id g2M7BXr65840; Fri, 22 Mar 2002 01:11:33 -0600 (CST) Date: Fri, 22 Mar 2002 01:11:31 -0600 From: Marius Strom To: "Alastair D'Silva" Cc: "'Jamie Ostrowski'" , freebsd-isp@FreeBSD.ORG Subject: Re: Problem with Starting httpd on FreeBSD Message-ID: <20020322071130.GL61228@marius.org> Mail-Followup-To: Alastair D'Silva , 'Jamie Ostrowski' , freebsd-isp@FreeBSD.ORG References: <20020320162009.J4440-100000@floyd.getsetnet.net> <00f801c1d129$0aab0910$3200a8c0@riker> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00f801c1d129$0aab0910$3200a8c0@riker> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Judging by /etc/rc, FreeBSD only runs scripts in rc.d directories that have a suffix of .sh, as seem from this part of /etc/rc: echo -n 'Local package initialization:' slist="" if [ -z "${script_name_sep}" ]; then script_name_sep=" " fi for dir in ${local_startup}; do if [ -d "${dir}" ]; then for script in ${dir}/*.sh; do slist="${slist}${script_name_sep}${script}" done fi done On Fri, Mar 22, 2002 at 09:37:53AM +1100, Alastair D'Silva wrote: > Install Apache from the ports collection - it'll set it up nicely for > FreeBSD, including installing httpd.sh in the appropriate place. > > -- > Alastair D'Silva B. Sc. mob: 0413 485 733 > Networking Consultant > New Millennium Networking http://www.newmillennium.net.au > > > -----Original Message----- > > From: owner-freebsd-isp@FreeBSD.ORG > > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Jamie Ostrowski > > Sent: Thursday, 21 March 2002 9:34 AM > > To: freebsd-isp@FreeBSD.ORG > > Subject: Problem with Starting httpd on FreeBSD > > > > > > > > > > > > I am building a new web server for an ISP, and I am > > having trouble getting Apache to start up automatically when > > the machine comes up. I am running FreeBSD 4.5 RELEASE on a > > 1GHz PIII. I have installed apachectl in /usr/local/etc/rc.d, > > and set it to 755. I can start apache from the command > > manually in that directory like this: > > > > /usr/local/etc/rc.d/apachectl start > > > > and it comes up just fine. > > > > It does take about 15 seconds for it to start as there are > > a couple hundred virtual hosts it is starting up. Is init > > giving up after a certain length of time, before apachectl > > has time to finish firing up httpd? If so, is there a way > > this can be configured? I can't seem to locate any > > documentation that covers this specific problem. Thanks. > > > > > > - Jamie > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- /-------------------------------------------------> Marius Strom | Always carry a short length of fibre-optic cable. Professional Geek | If you get lost, then you can drop it on the System/Network Admin | ground, wait 10 minutes, and ask the backhoe http://www.marius.org/ | operator how to get back to civilization. \-------------| Alan Frame |----------------------> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 6:23:22 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by hub.freebsd.org (Postfix) with SMTP id 0C26537B400 for ; Fri, 22 Mar 2002 06:23:19 -0800 (PST) Received: (qmail 74431 invoked from network); 22 Mar 2002 14:30:32 -0000 Received: from unknown (HELO cr159591a) (24.102.18.54) by web1.nexusinternetsolutions.net with SMTP; 22 Mar 2002 14:30:32 -0000 From: "Dave" To: "Alastair D'Silva" , "'Tyler'" , Subject: RE: Questions about Apache Date: Fri, 22 Mar 2002 09:27:11 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <00fd01c1d152$773c79a0$3200a8c0@riker> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Pay attention to the security warnings about this. You may be better off not password protecting your key and letting the file permissions(root read only) take care of the security of it rather than having a password sitting in a file somewhere waiting to be parsed. Either choice is really dependant on how you have your security model set up. Dave > >Look at the Apache docs for SSLPassPhraseDialog - it'll let you specify >a program which will output to Apache the password for the certificate >specified as the first parameter to it. > >> >> >> Is there a way to make apachectl startssl or start the HTTPS >> server without entering a password so it will start on bootup >> and is there a way to change the way users access there >> websites, for instances: www.example.com/user/bob other than >> www.example.com/~bob >> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 7: 3:39 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by hub.freebsd.org (Postfix) with SMTP id 20F5137B400 for ; Fri, 22 Mar 2002 07:03:34 -0800 (PST) Received: (qmail 77530 invoked from network); 22 Mar 2002 15:10:48 -0000 Received: from unknown (HELO cr159591a) (24.102.18.54) by web1.nexusinternetsolutions.net with SMTP; 22 Mar 2002 15:10:48 -0000 From: "Dave" To: Subject: map ip block to interface Date: Fri, 22 Mar 2002 10:07:28 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org answer escapes me for the moment... First part - have a server with primary address 10.0.0.5 - server also hosts ip addresses 10.0.0.50 - 10.0.0.75 Currently we are just listing all the addresses, how would we list a block of addresses in rc.conf or do we have to list each one. Second part - we are getting short on this particular class C... and will soon be assigning other class C blocks(say 10.0.1.25 - 10.0.1.50) to that interface - same proceedure as above? trying to avoid bringing a test box online to futz around with it. Appreciate comments or RTFM pointers. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 14:36:57 2002 Delivered-To: freebsd-isp@freebsd.org Received: from picard.dyn.newmillennium.net.au (max038.apex.net.au [203.30.99.167]) by hub.freebsd.org (Postfix) with ESMTP id 7FB7237B417 for ; Fri, 22 Mar 2002 14:36:24 -0800 (PST) Received: (from root@localhost) by picard.dyn.newmillennium.net.au (8.11.6/8.11.4) id g2MMadB23769 for freebsd-isp@freebsd.org; Sat, 23 Mar 2002 09:36:39 +1100 (EST) (envelope-from deece@newmillennium.net.au) Received: from riker (riker.internal [192.168.0.50]) by picard.dyn.newmillennium.net.au (8.11.6/8.9.3) with ESMTP id g2MMacv23702; Sat, 23 Mar 2002 09:36:38 +1100 (EST) From: "Alastair D'Silva" To: "'Dave'" , Subject: RE: Questions about Apache Date: Sat, 23 Mar 2002 09:35:54 +1100 Organization: New Millennium Networking Message-ID: <001c01c1d1f1$eda14fe0$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: X-scanner: scanned by Inflex 0.1.5c - (http://www.inflex.co.za/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I would argue the opposite, a script that is only executable by the webserver, and checks the UID of the user executing it (and possibly encrypting it with a reversible encryption based on something unique to the system such as the hostname, as well as parameters specified on the command line) is considerably more secure than simply leaving the key unencrypted. Consider the case when some random buffer overflow in your webserver allows an intruder to execute arbitrary code on the server. It is (obviously) trivial for them to retrieve the unencrypted key from the disk, as the web server user must be able to read it anyway. If it is encrypted, they must not only retrieve the key, but also determine which executable generates the pass phrase, determine what parameters are required to run it and finally run it, all without reading the executable itself to determine its structure. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au > -----Original Message----- > From: Dave [mailto:dave@hawk-systems.com] > Sent: Saturday, 23 March 2002 1:27 AM > To: Alastair D'Silva; 'Tyler'; freebsd-isp@freebsd.org > Subject: RE: Questions about Apache > > > Pay attention to the security warnings about this. You may > be better off not password protecting your key and letting > the file permissions(root read only) take care of the > security of it rather than having a password sitting in a > file somewhere waiting to be parsed. Either choice is really > dependant on how you have your security model set up. > > Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 14:58:51 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 184A237B419 for ; Fri, 22 Mar 2002 14:58:47 -0800 (PST) Received: (qmail 73228 invoked by uid 106); 22 Mar 2002 23:02:20 -0000 Received: from 24-90-123-214.nyc.rr.com (HELO station1) (24.90.123.214) by cobra.acceleratedweb.net with SMTP; 22 Mar 2002 23:02:20 -0000 From: "Simon" To: "Alastair D'Silva" , "Dave" , "freebsd-isp@freebsd.org" Date: Fri, 22 Mar 2002 18:04:44 -0500 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: <001c01c1d1f1$eda14fe0$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: RE: Questions about Apache Message-Id: <20020322225847.184A237B419@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Do not run your HTTPS daemon as root. On Sat, 23 Mar 2002 09:35:54 +1100, Alastair D'Silva wrote: >I would argue the opposite, a script that is only executable by the >webserver, and checks the UID of the user executing it (and possibly >encrypting it with a reversible encryption based on something unique to >the system such as the hostname, as well as parameters specified on the >command line) is considerably more secure than simply leaving the key >unencrypted. > >Consider the case when some random buffer overflow in your webserver >allows an intruder to execute arbitrary code on the server. It is >(obviously) trivial for them to retrieve the unencrypted key from the >disk, as the web server user must be able to read it anyway. If it is >encrypted, they must not only retrieve the key, but also determine which >executable generates the pass phrase, determine what parameters are >required to run it and finally run it, all without reading the >executable itself to determine its structure. > >-- >Alastair D'Silva B. Sc. mob: 0413 485 733 >Networking Consultant >New Millennium Networking http://www.newmillennium.net.au > >> -----Original Message----- >> From: Dave [mailto:dave@hawk-systems.com] >> Sent: Saturday, 23 March 2002 1:27 AM >> To: Alastair D'Silva; 'Tyler'; freebsd-isp@freebsd.org >> Subject: RE: Questions about Apache >> >> >> Pay attention to the security warnings about this. You may >> be better off not password protecting your key and letting >> the file permissions(root read only) take care of the >> security of it rather than having a password sitting in a >> file somewhere waiting to be parsed. Either choice is really >> dependant on how you have your security model set up. >> >> Dave > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 15:12: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cagelink.com (dsl94041.dyndsl.nettally.com [199.44.94.41]) by hub.freebsd.org (Postfix) with ESMTP id A3B4037B404 for ; Fri, 22 Mar 2002 15:11:55 -0800 (PST) Received: by cagelink.com (Postfix, from userid 1001) id 2153E16E; Fri, 22 Mar 2002 18:14:36 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by cagelink.com (Postfix) with ESMTP id 1C57A80; Fri, 22 Mar 2002 18:14:36 -0500 (EST) Date: Fri, 22 Mar 2002 18:14:35 -0500 (EST) From: Tyler To: Simon Cc: Alastair D'Silva , Dave , "freebsd-isp@freebsd.org" Subject: RE: Questions about Apache In-Reply-To: <20020322225847.184A237B419@hub.freebsd.org> Message-ID: <20020322181405.V71189-100000@cagelink.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ok thanks for all the replies, I got HTTPS to start without a password but im still having trouble with the /~ userdir thing. On Fri, 22 Mar 2002, Simon wrote: > > Do not run your HTTPS daemon as root. > > On Sat, 23 Mar 2002 09:35:54 +1100, Alastair D'Silva wrote: > > >I would argue the opposite, a script that is only executable by the > >webserver, and checks the UID of the user executing it (and possibly > >encrypting it with a reversible encryption based on something unique to > >the system such as the hostname, as well as parameters specified on the > >command line) is considerably more secure than simply leaving the key > >unencrypted. > > > >Consider the case when some random buffer overflow in your webserver > >allows an intruder to execute arbitrary code on the server. It is > >(obviously) trivial for them to retrieve the unencrypted key from the > >disk, as the web server user must be able to read it anyway. If it is > >encrypted, they must not only retrieve the key, but also determine which > >executable generates the pass phrase, determine what parameters are > >required to run it and finally run it, all without reading the > >executable itself to determine its structure. > > > >-- > >Alastair D'Silva B. Sc. mob: 0413 485 733 > >Networking Consultant > >New Millennium Networking http://www.newmillennium.net.au > > > >> -----Original Message----- > >> From: Dave [mailto:dave@hawk-systems.com] > >> Sent: Saturday, 23 March 2002 1:27 AM > >> To: Alastair D'Silva; 'Tyler'; freebsd-isp@freebsd.org > >> Subject: RE: Questions about Apache > >> > >> > >> Pay attention to the security warnings about this. You may > >> be better off not password protecting your key and letting > >> the file permissions(root read only) take care of the > >> security of it rather than having a password sitting in a > >> file somewhere waiting to be parsed. Either choice is really > >> dependant on how you have your security model set up. > >> > >> Dave > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-isp" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 15:22:20 2002 Delivered-To: freebsd-isp@freebsd.org Received: from bigglesworth.mail.be.easynet.net (bigglesworth.mail.be.easynet.net [212.100.160.67]) by hub.freebsd.org (Postfix) with ESMTP id EE7C937B400 for ; Fri, 22 Mar 2002 15:22:16 -0800 (PST) Received: from 213-193-182-66.adsl.easynet.be ([213.193.182.66] helo=krijt.livens.net) by bigglesworth.mail.be.easynet.net with esmtp (Exim 3.16 #1) id 16oYML-0005NV-00; Sat, 23 Mar 2002 00:22:09 +0100 Received: (from wim@localhost) by krijt.livens.net (8.11.3/8.11.3) id g2MNN7C37999; Sat, 23 Mar 2002 00:23:07 +0100 (CET) (envelope-from wim) Date: Sat, 23 Mar 2002 00:23:06 +0100 From: Wim Livens To: "Matthew D. Fuller" Cc: francisv@dagupan.com, freebsd-isp@FreeBSD.ORG Subject: Re: [OT] Revision control system Message-ID: <20020322232306.GA35947@krijt.livens.net> References: <10F29E27A956D511B0940050DA8D86A934101D@apmail.dagupan.com> <20020320012636.C29148@over-yonder.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020320012636.C29148@over-yonder.net> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Op wo 20 mrt, 2002 om 01:26:36am -0600, schreef Matthew D. Fuller: > I messed with RCS for a while, but it quickly showed its inherent > impracticality. I just use CVS for everything nowadays, with a single > central repository accessed via ssh from elsewhere. As a system administrator I often want to keep revision control on some configuration files. I just use "ci -l" for this. And ok, playing with permissions, I even get it working for multiple users but it's not optimal. My point is that all RCS/CVS documentation I've read assumes a typical code-development environment where each user checks out a local copy in his own directory. For configuration files, the situation is different, the checked out file must always reside in a certain directory and remain checked out at all times. Multiple users must be able to check it in to commit their changes. Am I missing something ? -- Wim Livens To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 15:29:31 2002 Delivered-To: freebsd-isp@freebsd.org Received: from draco.over-yonder.net (draco.over-yonder.net [198.78.58.61]) by hub.freebsd.org (Postfix) with ESMTP id 0B0FD37B400 for ; Fri, 22 Mar 2002 15:29:22 -0800 (PST) Received: by draco.over-yonder.net (Postfix, from userid 100) id A5C59FC2; Fri, 22 Mar 2002 17:29:21 -0600 (CST) Date: Fri, 22 Mar 2002 17:29:21 -0600 From: "Matthew D. Fuller" To: Wim Livens Cc: francisv@dagupan.com, freebsd-isp@FreeBSD.ORG Subject: Re: [OT] Revision control system Message-ID: <20020322172921.A15139@over-yonder.net> References: <10F29E27A956D511B0940050DA8D86A934101D@apmail.dagupan.com> <20020320012636.C29148@over-yonder.net> <20020322232306.GA35947@krijt.livens.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5-fullermd.1i In-Reply-To: <20020322232306.GA35947@krijt.livens.net>; from wim@livens.net on Sat, Mar 23, 2002 at 12:23:06AM +0100 X-Editor: vi X-OS: FreeBSD Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Mar 23, 2002 at 12:23:06AM +0100 I heard the voice of Wim Livens, and lo! it spake thus: > > My point is that all RCS/CVS documentation I've read assumes a typical > code-development environment where each user checks out a local copy > in his own directory. For configuration files, the situation is > different, the checked out file must always reside in a certain > directory and remain checked out at all times. Multiple users must be > able to check it in to commit their changes. Am I missing something ? Yup. The big structure of Makefiles throughout it to install. My layout looks something like configs/ webserver.domain1.com/ etc/ raddb/ localetc/ # /usr/local/etc amanda/ localrc/ # /usr/local/etc/rc.d apache/ # /usr/local/etc/apache mailserver.domain1.com/ etc/ mail/ postfix/ localetc/ etc. etc etc., as necessary. So, on each machine, I keep the tree checked out and CVS update'd (useful since I can do all config edits on my workstation, commit it, then check it out on the target machine), then "cd ~/cvs/configs/this.machine && sudo make install", and it installs the configs and in cases where I feel it's "safe", runs commands to bring the files into server (newaliases, etc). -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 17:35:33 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by hub.freebsd.org (Postfix) with SMTP id 61C2037B404 for ; Fri, 22 Mar 2002 17:35:29 -0800 (PST) Received: (qmail 25960 invoked from network); 23 Mar 2002 01:42:48 -0000 Received: from unknown (HELO cr159591a) (24.102.18.54) by web1.nexusinternetsolutions.net with SMTP; 23 Mar 2002 01:42:48 -0000 From: "Dave" To: "Simon" , "Alastair D'Silva" , Subject: RE: Questions about Apache Date: Fri, 22 Mar 2002 20:39:26 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org agreed start as root(see previous post on this thread) but have conf file direct apache to run as www, nobody, apache, whatever... anything but root :) Dave >Do not run your HTTPS daemon as root. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 17:35:36 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by hub.freebsd.org (Postfix) with SMTP id 6570F37B417 for ; Fri, 22 Mar 2002 17:35:29 -0800 (PST) Received: (qmail 25957 invoked from network); 23 Mar 2002 01:42:47 -0000 Received: from unknown (HELO cr159591a) (24.102.18.54) by web1.nexusinternetsolutions.net with SMTP; 23 Mar 2002 01:42:47 -0000 From: "Dave" To: Subject: RE: Questions about Apache Date: Fri, 22 Mar 2002 20:39:26 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <001c01c1d1f1$eda14fe0$3200a8c0@riker> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >I would argue the opposite, a script that is only executable by the >webserver, and checks the UID of the user executing it (and possibly >encrypting it with a reversible encryption based on something unique to >the system such as the hostname, as well as parameters specified on the >command line) is considerably more secure than simply leaving the key >unencrypted. > >Consider the case when some random buffer overflow in your webserver >allows an intruder to execute arbitrary code on the server. It is >(obviously) trivial for them to retrieve the unencrypted key from the >disk, as the web server user must be able to read it anyway. If it is >encrypted, they must not only retrieve the key, but also determine which >executable generates the pass phrase, determine what parameters are >required to run it and finally run it, all without reading the >executable itself to determine its structure. Um... no. If the webserver can execute the script to decrypt the passphrase, then your access as indicated above would givem them the ability to execute that same script(or read it) and reverse your encryption since the permission they would inherit from the overflow would likely be whatever your web server is running as (unless I am misunderstanding your description). The recommendation being to have the keys readable only by root(chmod 600), then you can start apache via root, then direct apache via the conf file to run as user www (or whatever)... starting as root allows it to read the key (which is readable only by root), and apache runs all requests as the user specified in the conf file. Given your buffer overflow, they would logically inherit the permission of the web server (www, apache, nobody...) and not be able to view the directory or key files at all, nor any other files on the server if you are set up correctly, far better setup than having a file readable by the web server user. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 17:40:59 2002 Delivered-To: freebsd-isp@freebsd.org Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by hub.freebsd.org (Postfix) with SMTP id 53AF737B404 for ; Fri, 22 Mar 2002 17:40:55 -0800 (PST) Received: (qmail 26415 invoked from network); 23 Mar 2002 01:48:14 -0000 Received: from unknown (HELO cr159591a) (24.102.18.54) by web1.nexusinternetsolutions.net with SMTP; 23 Mar 2002 01:48:14 -0000 From: "Dave" To: Subject: RE: map ip block to interface Date: Fri, 22 Mar 2002 20:44:53 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org takers on this? > >First part >- have a server with primary address 10.0.0.5 >- server also hosts ip addresses 10.0.0.50 - 10.0.0.75 > >Currently we are just listing all the addresses, how would we list a block of >addresses in rc.conf or do we have to list each one. > > >Second part >- we are getting short on this particular class C... and will soon be assigning >other class C blocks(say 10.0.1.25 - 10.0.1.50) to that interface >- same proceedure as above? > > >trying to avoid bringing a test box online to futz around with it. Appreciate >comments or RTFM pointers. > >Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 17:45: 0 2002 Delivered-To: freebsd-isp@freebsd.org Received: from picard.dyn.newmillennium.net.au (max038.apex.net.au [203.30.99.167]) by hub.freebsd.org (Postfix) with ESMTP id 150CD37B417 for ; Fri, 22 Mar 2002 17:44:53 -0800 (PST) Received: (from root@localhost) by picard.dyn.newmillennium.net.au (8.11.6/8.11.4) id g2N1j8L89210 for freebsd-isp@freebsd.org; Sat, 23 Mar 2002 12:45:08 +1100 (EST) (envelope-from deece@newmillennium.net.au) Received: from riker (riker.internal [192.168.0.50]) by picard.dyn.newmillennium.net.au (8.11.6/8.9.3) with ESMTP id g2N1j8v89157; Sat, 23 Mar 2002 12:45:08 +1100 (EST) From: "Alastair D'Silva" To: "'Simon'" , Subject: RE: Questions about Apache Date: Sat, 23 Mar 2002 12:44:24 +1100 Organization: New Millennium Networking Message-ID: <002801c1d20c$42b9d500$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <200203222310.g2MNAXT88663@ushosting.newmillennium.net.au> X-scanner: scanned by Inflex 0.1.5c - (http://www.inflex.co.za/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I don't, and I don't think I mentioned anywhere to do so :) The port by default runs as nobody/nogroup, but I prefer to make to make a www:www user/group for it, since it is bad practice to have files owned by nobody. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au > -----Original Message----- > From: Simon [mailto:simon@optinet.com] > Sent: Saturday, 23 March 2002 10:05 AM > To: Alastair D'Silva; Dave; freebsd-isp@freebsd.org > Subject: RE: Questions about Apache > > > > Do not run your HTTPS daemon as root. > > On Sat, 23 Mar 2002 09:35:54 +1100, Alastair D'Silva wrote: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 17:51:13 2002 Delivered-To: freebsd-isp@freebsd.org Received: from picard.dyn.newmillennium.net.au (max038.apex.net.au [203.30.99.167]) by hub.freebsd.org (Postfix) with ESMTP id B971F37B404 for ; Fri, 22 Mar 2002 17:51:04 -0800 (PST) Received: (from root@localhost) by picard.dyn.newmillennium.net.au (8.11.6/8.11.4) id g2N1pMU03225 for freebsd-isp@freebsd.org; Sat, 23 Mar 2002 12:51:22 +1100 (EST) (envelope-from deece@newmillennium.net.au) Received: from riker (riker.internal [192.168.0.50]) by picard.dyn.newmillennium.net.au (8.11.6/8.9.3) with ESMTP id g2N1pLv03137; Sat, 23 Mar 2002 12:51:21 +1100 (EST) From: "Alastair D'Silva" To: "'Dave'" , Subject: RE: Questions about Apache Date: Sat, 23 Mar 2002 12:50:37 +1100 Organization: New Millennium Networking Message-ID: <002901c1d20d$212cb370$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: X-scanner: scanned by Inflex 0.1.5c - (http://www.inflex.co.za/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > The recommendation being to have the keys readable only by > root(chmod 600), then you can start apache via root, then > direct apache via the conf file to run as user www (or > whatever)... starting as root allows it to read the key > (which is readable only by root), and apache runs all > requests as the user specified in the conf file. Given your > buffer overflow, they would logically inherit the permission > of the web server (www, apache, nobody...) and not be able to > view the directory or key files at all, nor any other files > on the server if you are set up correctly, far better setup > than having a file readable by the web server user. > By your same argument, if Apache is started as root (then changes to another user), and the script is only executable by root, then the said malicious user would not be able to execute the script. I'm not saying you *have* to do this, but it does introduce more complexity for the intruder to work around, which could give you the time you need to detect the intrusion. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 18: 9:33 2002 Delivered-To: freebsd-isp@freebsd.org Received: from aurora.siteplus.com (aurora.siteplus.com [66.129.2.160]) by hub.freebsd.org (Postfix) with ESMTP id 200CE37B41A for ; Fri, 22 Mar 2002 18:09:31 -0800 (PST) Received: from veager.jwweeks.com (pcp01076331pcs.midval01.tn.comcast.net [68.59.219.194]) by aurora.siteplus.com (8.9.3/8.9.3) with ESMTP id VAA91449; Fri, 22 Mar 2002 21:09:32 -0500 (EST) (envelope-from jim@jwweeks.com) Date: Fri, 22 Mar 2002 21:09:27 -0500 (EST) From: jim To: "Alastair D'Silva" Cc: "'Simon'" , freebsd-isp@FreeBSD.ORG Subject: RE: Questions about Apache In-Reply-To: <002801c1d20c$42b9d500$3200a8c0@riker> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 23 Mar 2002, Alastair D'Silva wrote: > The port by default runs as nobody/nogroup, but I prefer to make to make > a www:www user/group for it, since it is bad practice to have files > owned by nobody. I might be missing something here, but I can't see a lot of difference. Both users nobody, and www are un-privileged users. Other than uids being either bellow 100 of above. What difference could it possibly make? I still think removing the pass phrase and chmoding the file 600 is probably the safest thing to do, other than allays being around for a reboot. -- Jim Weeks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 18:15:53 2002 Delivered-To: freebsd-isp@freebsd.org Received: from workhorse.imach.com (barbwire.iMach.com [206.127.77.82]) by hub.freebsd.org (Postfix) with ESMTP id C965937B419 for ; Fri, 22 Mar 2002 18:15:47 -0800 (PST) Received: from localhost (forrestc@localhost) by workhorse.imach.com (8.11.6/8.11.6) with ESMTP id g2MKAde23236; Fri, 22 Mar 2002 20:10:39 GMT (envelope-from forrestc@imach.com) Date: Fri, 22 Mar 2002 20:10:39 +0000 (GMT) From: "Forrest W. Christian" To: Dave Cc: freebsd-isp@FreeBSD.ORG Subject: RE: map ip block to interface In-Reply-To: Message-ID: <20020322200715.T20330-100000@workhorse.imach.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 22 Mar 2002, Dave wrote: > >First part > >- have a server with primary address 10.0.0.5 > >- server also hosts ip addresses 10.0.0.50 - 10.0.0.75 > > > >Currently we are just listing all the addresses, how would we list a block of > >addresses in rc.conf or do we have to list each one. List each one as far as I know. Never been able to do anything else (You DON'T want to see our rc.conf on our web server). Make sure netmask is 0xffffffff on the additional ones. > >- we are getting short on this particular class C... and will soon be assigning > >other class C blocks(say 10.0.1.25 - 10.0.1.50) to that interface > >- same proceedure as above? If the other class C "lives" on the same ethernet just use the same procedure. If you are adding a class C (or another netblock), then I'd route it to 10.0.0.5 and list ALL the addresses in that class C (including 0 and 255) as aliases on the loopback interface. Make sure you get all of the addresses, or you'll have routing loops. - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 18:28:39 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id D79AB37B404 for ; Fri, 22 Mar 2002 18:28:35 -0800 (PST) Received: (qmail 10100 invoked by uid 106); 23 Mar 2002 02:32:04 -0000 Received: from 24-90-123-214.nyc.rr.com (HELO station1) (24.90.123.214) by cobra.acceleratedweb.net with SMTP; 23 Mar 2002 02:32:04 -0000 From: "Simon" To: "freebsd-isp@freebsd.org" Date: Fri, 22 Mar 2002 21:34:28 -0500 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: <002801c1d20c$42b9d500$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: RE: Questions about Apache Message-Id: <20020323022835.D79AB37B404@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Based on your reply about buffer overflow, one would infer that you're running it as root. On Sat, 23 Mar 2002 12:44:24 +1100, Alastair D'Silva wrote: >I don't, and I don't think I mentioned anywhere to do so :) > >The port by default runs as nobody/nogroup, but I prefer to make to make >a www:www user/group for it, since it is bad practice to have files >owned by nobody. > >-- >Alastair D'Silva B. Sc. mob: 0413 485 733 >Networking Consultant >New Millennium Networking http://www.newmillennium.net.au > >> -----Original Message----- >> From: Simon [mailto:simon@optinet.com] >> Sent: Saturday, 23 March 2002 10:05 AM >> To: Alastair D'Silva; Dave; freebsd-isp@freebsd.org >> Subject: RE: Questions about Apache >> >> >> >> Do not run your HTTPS daemon as root. >> >> On Sat, 23 Mar 2002 09:35:54 +1100, Alastair D'Silva wrote: > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 22:39:41 2002 Delivered-To: freebsd-isp@freebsd.org Received: from www.golsyd.net.au (golsyd.net.au [203.57.20.1]) by hub.freebsd.org (Postfix) with ESMTP id 6CE6637B417 for ; Fri, 22 Mar 2002 22:39:34 -0800 (PST) Received: from [144.137.125.11] by www.quake.com.au (NTMail 4.30.0012/AB6169.63.5324aadf) with ESMTP id cwxeaaaa for ; Sat, 23 Mar 2002 17:39:11 +1100 Message-ID: <3C9C2340.5050507@quake.com.au> Date: Sat, 23 Mar 2002 17:40:00 +1100 From: Kal Torak Organization: Quake Networking User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:0.9.7) Gecko/20011221 X-Accept-Language: en-us MIME-Version: 1.0 To: FreeBSD ISP Subject: user-ppp Multi-Link (two dial-in numbers) Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi everyone, I know this isnt exactly an ISP thing, but I am hoping the people on this list will of had more experiance with the topic ;) What I have is two fbsd systems in two locations with two phone lines each and two modems... Currently one is a server and the other dials it, both running user-ppp with just one modem.. The docs on multi-link are very vauge, and it seems for the server all that you need is the mtu set higher... And for the client you have to clone the first link, but it doesnt really give you the syntax for all this, and what more I want to dail a different number with each modem! Some pointers on what exactly to put in the config files to do this would be great :) Also I have heard from some people that user-ppp is not at all very good at this sort of thing? Is that true? Is there something better I should use? Maybe just on the client side or both? Thanks for any help! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Mar 22 23: 5:35 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.tgd.net (mail.tgd.net [209.81.25.10]) by hub.freebsd.org (Postfix) with ESMTP id CB16737B400 for ; Fri, 22 Mar 2002 23:05:31 -0800 (PST) Received: by mail.tgd.net (Postfix, from userid 1001) id D6D2221027; Fri, 22 Mar 2002 18:20:55 -0800 (PST) Date: Fri, 22 Mar 2002 18:20:55 -0800 From: Sean Chittenden To: Hug Me Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Problem with keyboard on FreeBSD Message-ID: <20020322182055.A20470@ninja1.internal> References: <20020314115743.N28153-100000@floyd.getsetnet.net> <20020315005729.4824437B400@hub.freebsd.org> <20020314202141.N97250@pitr.tuxinternet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020314202141.N97250@pitr.tuxinternet.com>; from "hugme@hugme.org" on Thu, Mar 14, 2002 at = 08:21:41PM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > I am running FreeBSD 4.5 RELEASE on an x86 hardware based > > server. If the keyboard happens to come unplugged, upon plugging > > it back in there is no response from the system. I have to reboot > > for the keyboard to start working again. The problem is that I > > have to shut the machine down hard in order to do this, since the > > keyboard is unresponsive. Obviously the disks complain when I > > bring the machine up again, and this is a production server. If a > > keyboard accidentaly comes unplugged, is there anything you can do > > to get the system to interact with it rather than powering down > > and restarting? You run the risk of blowing your keyboard and/or motherboard, but you can remove 'flags 0x1' from your keybaord configuration in your kernel config and recompile. You didn't hear it from me. -sc -- Sean Chittenden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Mar 23 0:46:48 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mailout03.sul.t-online.com (mailout03.sul.t-online.com [194.25.134.81]) by hub.freebsd.org (Postfix) with ESMTP id D8C8E37B41C for ; Sat, 23 Mar 2002 00:46:45 -0800 (PST) Received: from fwd03.sul.t-online.de by mailout03.sul.t-online.com with smtp id 16ohAi-000170-01; Sat, 23 Mar 2002 09:46:44 +0100 Received: from idefix.local (320080844193-0001@[62.225.210.191]) by fmrl03.sul.t-online.com with smtp id 16ohAU-0jiF5UC; Sat, 23 Mar 2002 09:46:30 +0100 Received: (nullmailer pid 234 invoked by uid 1000); Sat, 23 Mar 2002 07:46:28 -0000 Date: Sat, 23 Mar 2002 08:46:28 +0100 From: Clemens Hermann To: freebsd-isp@freebsd.org Subject: nis in jail Message-ID: <20020323084628.D128@idefix.local> Mail-Followup-To: Clemens Hermann , freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i X-Mailer: Mutt 1.2.5.1i (FreeBSD 4.5-RELEASE-p2 i386) Organization: Linuxlupe InternetSolutions X-Sender: 320080844193-0001@t-dialin.net Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, does anyone successfully use nis as client (ypbind) inside a jail? man jail says portmap is to disable. In pre 4.5-RELEASE Versions this has been reported to work because on the host portmap was run on any IP so it could be used from inside the jail even if portmap did not run inside the jail. Now portmap is started as a dependency when ypbind is started in rc.conf. Is there a way to disable that dependency? Does anyone have successfully set up NIS in a recent FreeBSD Version? Is there an alternative for nis in such a setup? tia for any hint /ch -- "Contrary to popular belief, Unix is user friendly. It just happens to be selective about who it makes friends with." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Mar 23 1: 3:32 2002 Delivered-To: freebsd-isp@freebsd.org Received: from nelly.internal.irrelevant.org (irrelevant.demon.co.uk [158.152.220.121]) by hub.freebsd.org (Postfix) with ESMTP id 1233A37B421 for ; Sat, 23 Mar 2002 01:03:24 -0800 (PST) Received: from simond by nelly.internal.irrelevant.org with local (Exim 3.35 #1) id 16ohQR-0000kj-00; Sat, 23 Mar 2002 09:02:59 +0000 Date: Sat, 23 Mar 2002 09:02:59 +0000 From: Simon Dick To: Sean Chittenden Cc: Hug Me , freebsd-isp@FreeBSD.ORG Subject: Re: Problem with keyboard on FreeBSD Message-ID: <20020323090259.GA1213@irrelevant.org> References: <20020314115743.N28153-100000@floyd.getsetnet.net> <20020315005729.4824437B400@hub.freebsd.org> <20020314202141.N97250@pitr.tuxinternet.com> <20020322182055.A20470@ninja1.internal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020322182055.A20470@ninja1.internal> User-Agent: Mutt/1.3.28i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Mar 22, 2002 at 06:20:55PM -0800, Sean Chittenden wrote: > > > I am running FreeBSD 4.5 RELEASE on an x86 hardware based > > > server. If the keyboard happens to come unplugged, upon plugging > > > it back in there is no response from the system. I have to reboot > > > for the keyboard to start working again. The problem is that I > > > have to shut the machine down hard in order to do this, since the > > > keyboard is unresponsive. Obviously the disks complain when I > > > bring the machine up again, and this is a production server. If a > > > keyboard accidentaly comes unplugged, is there anything you can do > > > to get the system to interact with it rather than powering down > > > and restarting? > > You run the risk of blowing your keyboard and/or motherboard, but you > can remove 'flags 0x1' from your keybaord configuration in your kernel > config and recompile. You didn't hear it from me. -sc There's no risk to your keyboard/motherboard by removing the 0x1 flag, FreeBSD itself defaulted to that until 4.2! :) -- Simon Dick simond@irrelevant.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Mar 23 15:44:14 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.tgd.net (mail.tgd.net [209.81.25.10]) by hub.freebsd.org (Postfix) with ESMTP id AC4AB37B417 for ; Sat, 23 Mar 2002 15:44:11 -0800 (PST) Received: by mail.tgd.net (Postfix, from userid 1001) id D8A7720F1C; Sat, 23 Mar 2002 15:44:10 -0800 (PST) Date: Sat, 23 Mar 2002 15:44:10 -0800 From: Sean Chittenden To: Simon Dick Cc: Hug Me , freebsd-isp@FreeBSD.ORG Subject: Re: Problem with keyboard on FreeBSD Message-ID: <20020323154410.D41034@ninja1.internal> References: <20020314115743.N28153-100000@floyd.getsetnet.net> <20020315005729.4824437B400@hub.freebsd.org> <20020314202141.N97250@pitr.tuxinternet.com> <20020322182055.A20470@ninja1.internal> <20020323090259.GA1213@irrelevant.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020323090259.GA1213@irrelevant.org>; from "simond@irrelevant.org" on Sat, Mar 23, 2002 at = 09:02:59AM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > You run the risk of blowing your keyboard and/or motherboard, but you > > can remove 'flags 0x1' from your keybaord configuration in your kernel > > config and recompile. You didn't hear it from me. -sc > > There's no risk to your keyboard/motherboard by removing the 0x1 flag, > FreeBSD itself defaulted to that until 4.2! :) I don't think so. From GENERIC: device atkbd0 at atkbdc? irq 1 flags 0x1 What it should be to allow you to plug in a keyboard later: device atkbd0 at atkbdc? irq 1 -sc -- Sean Chittenden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Mar 23 17:14:49 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.day-light.net (day-light.net [64.37.72.2]) by hub.freebsd.org (Postfix) with ESMTP id 666E337B419 for ; Sat, 23 Mar 2002 17:14:45 -0800 (PST) Received: from w1 (118-203.bestdsl.net [216.162.118.203]) by mail.day-light.net (Postfix) with SMTP id 8E67143E52 for ; Sat, 23 Mar 2002 19:14:44 -0600 (CST) Reply-To: From: "John Brooks" To: Subject: RE: Problem with keyboard on FreeBSD Date: Sat, 23 Mar 2002 19:09:24 -0600 Message-ID: <000a01c1d2d0$89fd6480$c905010a@daylight.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Importance: Normal In-Reply-To: <20020323154410.D41034@ninja1.internal> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Any downside to this kernel config? on a headless colo box? -- John Brooks Email: john@stlbsd.org -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Sean Chittenden Sent: Saturday, March 23, 2002 5:44 PM To: Simon Dick Cc: Hug Me; freebsd-isp@FreeBSD.ORG Subject: Re: Problem with keyboard on FreeBSD > > You run the risk of blowing your keyboard and/or motherboard, but you > > can remove 'flags 0x1' from your keybaord configuration in your kernel > > config and recompile. You didn't hear it from me. -sc > > There's no risk to your keyboard/motherboard by removing the 0x1 flag, > FreeBSD itself defaulted to that until 4.2! :) I don't think so. From GENERIC: device atkbd0 at atkbdc? irq 1 flags 0x1 What it should be to allow you to plug in a keyboard later: device atkbd0 at atkbdc? irq 1 -sc -- Sean Chittenden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message