From owner-freebsd-isp@FreeBSD.ORG Sun Jun 1 17:56:25 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7288337B401 for ; Sun, 1 Jun 2003 17:56:25 -0700 (PDT) Received: from rwcrmhc12.attbi.com (rwcrmhc12.attbi.com [216.148.227.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 12FA043F85 for ; Sun, 1 Jun 2003 17:56:25 -0700 (PDT) (envelope-from DougB@freebsd.org) Received: from 12-234-22-23.client.attbi.com ([12.234.22.23]) by attbi.com (rwcrmhc12) with SMTP id <20030602005624014003ad2le>; Mon, 2 Jun 2003 00:56:24 +0000 Date: Sun, 1 Jun 2003 17:56:24 -0700 (PDT) From: Doug Barton To: Blake Swensen In-Reply-To: <3ED4DC65.3020600@pyramus.com> Message-ID: <20030601175305.D99813@12-234-22-23.pyvrag.nggov.pbz> References: <3ED4DC65.3020600@pyramus.com> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: FreeBSD ISP List Subject: Re: OT: Due diligence X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 00:56:25 -0000 On Wed, 28 May 2003, Blake Swensen wrote: > I am working with an ISP who is considering purchasing another ISP. The > seller claims that they are hosting a certain number of domain names. I > was asked to verify this number for accuracy. You haven't defined "hosting." Are you talking about whether or not the ISP is serving dns for these domains, or www, or mail.... what exactly? The other problem is that what you want to do is more or less impossible without having the list of actual domains that they claim to host. http://dougbarton.net/bind-users/FAQ.html#DelegationList OTOH, if you have the list, you can recursively query for the information that satisfies the definition of "hosting" that you come up with. Hope this helps, Doug -- This .signature sanitized for your protection From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 04:04:11 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 89A3737B401; Mon, 2 Jun 2003 04:04:11 -0700 (PDT) Received: from alice.netmint.com (alice.netmint.com [207.106.37.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9909B43FBF; Mon, 2 Jun 2003 04:04:10 -0700 (PDT) (envelope-from support@alice.netmint.com) Received: from alice.netmint.com (localhost.netmint.com [127.0.0.1]) by alice.netmint.com (8.12.8p1/8.12.8) with ESMTP id h52B49xI076891; Mon, 2 Jun 2003 07:04:09 -0400 (EDT) (envelope-from support@alice.netmint.com) Received: from localhost (support@localhost)h52B49Qd076888; Mon, 2 Jun 2003 07:04:09 -0400 (EDT) (envelope-from support@alice.netmint.com) Date: Mon, 2 Jun 2003 07:04:09 -0400 (EDT) From: Support To: security@freebsd.org Message-ID: <20030602065847.G76644@alice.netmint.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: isp@freebsd.org Subject: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 11:04:11 -0000 Hello, I did a quick change to the patched port of poppassd and am wondering if you think my code would introduce any potential problems. The idea is right after we check if the username exists, also check if the UID of that username is over 1000. I wanted to make sure that no one monkeys around with priveleged users once poppassd is running. So, the middle chunk of code is mine, everything else has been there before me. What's the general feeling about the security of poppassd provided that users with valid passwords already have shell access to the system, and now nobody can try to change priveleged accounts' passwords? --- cut --- if ((pw = getpwnam (user)) == NULL) { syslog (LOG_ERR, "Unknown user, %s", user); sleep (5); WriteToClient ("500 Old password is incorrect."); exit(1); } /* begin added code */ if ((pw->pw_uid) < 1001) { syslog (LOG_ERR, "Priveleged user, %s", user); sleep (5); WriteToClient ("500 Old password is incorrect."); exit(1); } /* end added code */ if (chkPass (user, oldpass, pw) == FAILURE) { syslog (LOG_ERR, "Incorrect password from %s", user); sleep (5); WriteToClient ("500 Old password is incorrect."); exit(1); } --- cut --- Perhaps if this passes everyone's scrutiny, it could be added as yet another patch to poppassd with the min UID defined somewhere in the Makefile or poppassd.c. Thanks for your help, Andrew From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 05:04:06 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6ED0937B401 for ; Mon, 2 Jun 2003 05:04:06 -0700 (PDT) Received: from www.linux.org.uk (parcelfarce.linux.theplanet.co.uk [195.92.249.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id 22A5E43FBD for ; Mon, 2 Jun 2003 05:04:04 -0700 (PDT) (envelope-from linuxuser-admin@www.linux.org.uk) Received: from [127.0.0.1] (helo=parcelfarce.linux.theplanet.co.uk) by www.linux.org.uk with esmtp (Exim 4.14) id 19Mo2l-0006QE-CX for freebsd-isp@freebsd.org; Mon, 02 Jun 2003 13:04:03 +0100 Date: Mon, 02 Jun 2003 13:04:03 +0100 Message-ID: <20030602120403.24668.82794.Mailman@parcelfarce.linux.theplanet.co.uk> From: linuxuser-request@www.linux.org.uk To: freebsd-isp@freebsd.org X-Ack: no Sender: linuxuser-admin@www.linux.org.uk Errors-To: linuxuser-admin@www.linux.org.uk X-BeenThere: linuxuser@www.linux.org.uk X-Mailman-Version: 2.0.11 Precedence: bulk Subject: Mailman results for LinuxUser X-BeenThere: freebsd-isp@freebsd.org List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 12:04:06 -0000 This is an automated response. There were problems with the email commands you sent to Mailman via the administrative address . To obtain instructions on valid Mailman email commands, send email to with the word "help" in the subject line or in the body of the message. If you want to reach the human being that manages this mailing list, please send your message to . The following is a detailed description of the problems. >>>>> Subject line ignored: >>>>> Re: Screensaver Command? This is a multipart message in MIME format Command? --CSmtpMsgPart123X456_000_01333FB3 Command? Content-Type: text/plain; Command? charset="iso-8859-1" >>>>> >>>>> Too many errors encountered; the rest of the message is ignored: > Content-Transfer-Encoding: 7bit > > Please see the attached file. > --CSmtpMsgPart123X456_000_01333FB3-- > > > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 06:55:02 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7C3AC37B401 for ; Mon, 2 Jun 2003 06:55:02 -0700 (PDT) Received: from fep2.cogeco.net (smtp.cogeco.net [216.221.81.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 39AAE43F3F for ; Mon, 2 Jun 2003 06:55:00 -0700 (PDT) (envelope-from tom@dwyers.ca) Received: from tom (d235-131-219.home1.cgocable.net [24.235.131.219]) by fep2.cogeco.net (Postfix) with SMTP id 3C5B8497 for ; Mon, 2 Jun 2003 09:54:58 -0400 (EDT) Message-ID: <000a01c3290f$61ef0b10$020010ac@protechnologies> From: "Thomas Dwyer" To: Date: Mon, 2 Jun 2003 10:00:53 -0400 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 13:55:02 -0000 Hello; I would like to setup a backup server to replace the main server should = a disaster occur. I have experimented abit with rsync and it looks like = it would do the job. My question is; what files or binaries should not, or cannot be = replicated? Obviously the kernel should be separate. I want to be able to take the backup, plug it in where the primary was, = change the IP and everything would be as it was up until the point of = the last rsync. Thanks Tom From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 06:55:17 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD1E837B401 for ; Mon, 2 Jun 2003 06:55:17 -0700 (PDT) Received: from ms.securenet.net (ms.securenet.net [205.236.147.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id F357F43F93 for ; Mon, 2 Jun 2003 06:55:15 -0700 (PDT) (envelope-from vandj@securenet.net) Received: from 127.0.0.1 (localhost.securenet.net [127.0.0.1]) by dummy.domain.name (Postfix) with SMTP id D450626499F for ; Mon, 2 Jun 2003 09:55:12 -0400 (EDT) Received: from office.securenet.net (office.securenet.net [205.236.147.3]) by ms.securenet.net (Postfix) with ESMTP id A412926499C for ; Mon, 2 Jun 2003 09:55:12 -0400 (EDT) Message-Id: <5.2.1.1.0.20030602094849.0a518cb8@pop.securenet.net> X-Sender: vandj@pop.securenet.net X-Mailer: QUALCOMM Windows Eudora Version 5.2.1 Date: Mon, 02 Jun 2003 09:54:50 -0400 To: freebsd-isp@freebsd.org From: "Jean M. Vandette" Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Perl stops running X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 13:55:18 -0000 Greetings all... Our web server seems to have developed a hiccup and I was hoping that someone could tell me what the fix was, her is a snip of the log error message [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) found, you probably need to rebuild Apache with a larger FD_SETSIZE [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) found, you probably need to rebuild Apache with a larger FD_SETSIZE [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) found, you probably need to rebuild Apache with a larger FD_SETSIZE I don't know where in apache to increase FD_SETSIZE or if it is really the issue. Perl seems to be the only thing effected as it stops executing scripts. After a reboot things run fine for about 24 hours. Please advise Jean M. Vandette **John M. Vandette, Consultant vandj@securenet.net** **SecureNet Information Services Inc. Internet Providers** **100 Alexis Nihon Blvd #283 St. Laurent, Quebec, Canada** **"Who does BSD Unix....?" "We do Chucky... We do..."** From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 08:18:41 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BD6737B43A for ; Mon, 2 Jun 2003 08:18:41 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 94D1643FA3 for ; Mon, 2 Jun 2003 08:18:37 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 26094 invoked by uid 0); 2 Jun 2003 15:18:35 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 15:18:35 -0000 From: "Wolfpaw - Dale Corse" To: "Thomas Dwyer" , Date: Mon, 2 Jun 2003 09:33:06 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <000a01c3290f$61ef0b10$020010ac@protechnologies> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 15:18:41 -0000 Hi Tom, I use this to mirror one of our servers to another disk in the same machine. How we did it was we installed FreeBSD on that disk in another machine, and then put it in the main server.. now we just run this script periodically, and we have a backup solution :) Hope it helps :) D. #!/bin/sh # Rsync Backup Script export PATH=/usr/local/bin:/usr/bin:/bin LIST="bin dev etc lib mnt sbin usr boot dbu home root tmp var" echo "Copying files.." #Loop thru the list for d in $LIST; do echo -n "... COPYING: /$d/" /usr/local/bin/rsync --delete -ax /$d/ /disk2/mirror/$d/ echo " " done echo "Backup Complete .. Exiting." -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Thomas Dwyer > Sent: Monday, June 02, 2003 8:01 AM > To: freebsd-isp@freebsd.org > Subject: Mirror Server > > > Hello; > > I would like to setup a backup server to replace the main > server should a disaster occur. I have experimented abit > with rsync and it looks like it would do the job. > > My question is; what files or binaries should not, or > cannot be replicated? Obviously the kernel should be separate. > > I want to be able to take the backup, plug it in where the > primary was, change the IP and everything would be as it > was up until the point of the last rsync. > > Thanks > Tom > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to > "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 08:18:41 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1343537B43B for ; Mon, 2 Jun 2003 08:18:41 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 94BEC43F85 for ; Mon, 2 Jun 2003 08:18:37 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 26098 invoked by uid 0); 2 Jun 2003 15:18:36 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 15:18:36 -0000 From: "Wolfpaw - Dale Corse" To: "Support" , Date: Mon, 2 Jun 2003 09:33:07 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20030602065847.G76644@alice.netmint.com> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal cc: isp@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 15:18:41 -0000 looks good to me :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Support > Sent: Monday, June 02, 2003 5:04 AM > To: security@freebsd.org > Cc: isp@freebsd.org > Subject: quick poppassd question > > > Hello, > > I did a quick change to the patched port of poppassd and am > wondering if > you think my code would introduce any potential problems. > > The idea is right after we check if the username exists, > also check if the > UID of that username is over 1000. I wanted to make sure that no one > monkeys around with priveleged users once poppassd is running. > > So, the middle chunk of code is mine, everything else has been there > before me. > > What's the general feeling about the security of poppassd > provided that > users with valid passwords already have shell access to the > system, and > now nobody can try to change priveleged accounts' passwords? > > --- cut --- > > if ((pw = getpwnam (user)) == NULL) > { > syslog (LOG_ERR, "Unknown user, %s", user); > sleep (5); > WriteToClient ("500 Old password is incorrect."); > exit(1); > } > > /* begin added code */ > if ((pw->pw_uid) < 1001) > { > syslog (LOG_ERR, "Priveleged user, %s", user); > sleep (5); > WriteToClient ("500 Old password is incorrect."); > exit(1); > } > /* end added code */ > > if (chkPass (user, oldpass, pw) == FAILURE) > { > syslog (LOG_ERR, "Incorrect password from %s", user); > sleep (5); > WriteToClient ("500 Old password is incorrect."); > exit(1); > } > > --- cut --- > > Perhaps if this passes everyone's scrutiny, it could be added as yet > another patch to poppassd with the min UID defined somewhere in the > Makefile or poppassd.c. > > Thanks for your help, > > Andrew > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to > "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 08:32:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 430F737B401; Mon, 2 Jun 2003 08:32:21 -0700 (PDT) Received: from xyzzy.wireless.snsonline.net (cis-156.ains.net.au [202.147.101.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 48CBF43FBD; Mon, 2 Jun 2003 08:32:18 -0700 (PDT) (envelope-from msergeant@snsonline.net) Received: from xyzzy.wireless.snsonline.net (localhost [127.0.0.1]) h52FWBcq082324; Tue, 3 Jun 2003 01:32:11 +1000 (EST) (envelope-from msergeant@snsonline.net) Received: (from sarge@localhost)h52FW6qM082267; Tue, 3 Jun 2003 01:32:06 +1000 (EST) X-Authentication-Warning: xyzzy.wireless.snsonline.net: sarge set sender to msergeant@snsonline.net using -f From: Mark Sergeant To: Wolfpaw - Dale Corse In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit Organization: SNSOnline Technical Services Message-Id: <1054567925.17084.7.camel@xyzzy.wireless.snsonline.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.4 Date: 03 Jun 2003 01:32:06 +1000 cc: Support cc: isp@freebsd.org cc: security@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 15:32:21 -0000 Could we maybe drop it to 200ish as I know of many cases where uid's aren't > 1000 for standard users. On Tue, 2003-06-03 at 01:33, Wolfpaw - Dale Corse wrote: > looks good to me :) > > D. > -------------------------------- > Dale Corse > System Administrator > Wolfpaw Services Inc. > http://www.wolfpaw.net > (780) 474-4095 > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Support > > Sent: Monday, June 02, 2003 5:04 AM > > To: security@freebsd.org > > Cc: isp@freebsd.org > > Subject: quick poppassd question > > > > > > Hello, > > > > I did a quick change to the patched port of poppassd and am > > wondering if > > you think my code would introduce any potential problems. > > > > The idea is right after we check if the username exists, > > also check if the > > UID of that username is over 1000. I wanted to make sure that no one > > monkeys around with priveleged users once poppassd is running. -snip- -- Mark Sergeant SNSOnline Technical Services From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 08:49:10 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D783337B401 for ; Mon, 2 Jun 2003 08:49:10 -0700 (PDT) Received: from psknet.com (grant.psknet.com [63.171.251.10]) by mx1.FreeBSD.org (Postfix) with SMTP id 5E06943F3F for ; Mon, 2 Jun 2003 08:49:09 -0700 (PDT) (envelope-from troy@psknet.com) Received: (qmail 81397 invoked by uid 85); 2 Jun 2003 15:49:08 -0000 Received: from troy@psknet.com by grant.psknet.com by uid 25 with qmail-scanner-1.16 (no such scanner Clear:. Processed in 0.245998 secs); 02 Jun 2003 15:49:08 -0000 Received: from dilbert.psknet.com (HELO dilbert) (63.171.251.35) by tc.psknet.com with SMTP; 2 Jun 2003 15:49:08 -0000 From: "Troy Settle" To: "'Mark Sergeant'" , "'Wolfpaw - Dale Corse'" Date: Mon, 2 Jun 2003 11:49:08 -0400 Message-ID: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal In-Reply-To: <1054567925.17084.7.camel@xyzzy.wireless.snsonline.net> cc: 'Support' cc: isp@freebsd.org cc: security@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 15:49:11 -0000 Perhaps someone can shed more light on the subject, but it's my impression that most system process run with a UID/GID under 100. So a uid < 100 should deny the change request. Then again, in this day and age, isn't it advisable to do away with system accounts for users? On most of my boxes, there are exactly 2 passwords in the passwd file: one for my ssh access and another so I can su to root. On the one box that does have system accounts for users, they can use /usr/bin/passwd directly. All 4.2k users on my system authenticate from a MySQL database for mail and ftp access. -- Troy Settle Pulaski Networks http://www.psknet.com 540.994.4254 - 866.477.5638 =20 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org=20 > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Mark Sergeant > Sent: Monday, June 02, 2003 11:32 AM > To: Wolfpaw - Dale Corse > Cc: Support; isp@freebsd.org; security@freebsd.org > Subject: RE: quick poppassd question >=20 >=20 > Could we maybe drop it to 200ish as I know of many cases where uid's > aren't > 1000 for standard users. >=20 > On Tue, 2003-06-03 at 01:33, Wolfpaw - Dale Corse wrote: > > looks good to me :) > >=20 > > D. > > -------------------------------- > > Dale Corse > > System Administrator > > Wolfpaw Services Inc. > > http://www.wolfpaw.net > > (780) 474-4095 > >=20 > > > -----Original Message----- > > > From: owner-freebsd-isp@freebsd.org > > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Support > > > Sent: Monday, June 02, 2003 5:04 AM > > > To: security@freebsd.org > > > Cc: isp@freebsd.org > > > Subject: quick poppassd question > > > > > > > > > Hello, > > > > > > I did a quick change to the patched port of poppassd and am > > > wondering if > > > you think my code would introduce any potential problems. > > > > > > The idea is right after we check if the username exists, > > > also check if the > > > UID of that username is over 1000. I wanted to make sure=20 > that no one > > > monkeys around with priveleged users once poppassd is running. > -snip-=20 >=20 > --=20 > Mark Sergeant > SNSOnline Technical Services > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >=20 From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:01:57 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6C2F37B401 for ; Mon, 2 Jun 2003 09:01:57 -0700 (PDT) Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3B91743F75 for ; Mon, 2 Jun 2003 09:01:56 -0700 (PDT) (envelope-from tom@sdf.com) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 19Mq9M-00070X-00; Mon, 2 Jun 2003 07:19:00 -0700 Date: Mon, 2 Jun 2003 07:18:59 -0700 (PDT) From: Tom Samplonius To: "Jean M. Vandette" In-Reply-To: <5.2.1.1.0.20030602094849.0a518cb8@pop.securenet.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: Perl stops running X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:01:57 -0000 On Mon, 2 Jun 2003, Jean M. Vandette wrote: > Greetings all... > > Our web server seems to have developed a hiccup and I was hoping that > someone could tell me what the fix was, her is a snip of the log error message > > [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) > found, you probably need to rebuild Apache with a larger FD_SETSIZE > [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) > found, you probably need to rebuild Apache with a larger FD_SETSIZE > [warn] send body: filedescriptor (1042) larger than FD_SETSIZE (1024) > found, you probably need to rebuild Apache with a larger FD_SETSIZE > > I don't know where in apache to increase FD_SETSIZE or if it is really the > issue. Well, what is MaxClients set to on your system? MaxClients must be 1024 or less, or you must re-compile with FD_SETSIZE in order to handle more clients. ... Tom From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:20:51 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D9B8637B404 for ; Mon, 2 Jun 2003 09:20:51 -0700 (PDT) Received: from yama.openaccess.org (ns1.openaccess.org [216.57.214.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF7DE43F93 for ; Mon, 2 Jun 2003 09:20:50 -0700 (PDT) (envelope-from michael@staff.openaccess.org) Received: from [192.168.0.200] (mfdAP.bcs.openaccess.org [216.57.214.35]) by yama.openaccess.org (8.12.6p2/8.12.6) with ESMTP id h52GKcX7076583; Mon, 2 Jun 2003 09:20:38 -0700 (PDT) (envelope-from michael@staff.openaccess.org) User-Agent: Microsoft-Entourage/10.0.0.1309 Date: Mon, 02 Jun 2003 09:20:44 -0700 From: Michael DeMan To: Wolfpaw - Dale Corse , Thomas Dwyer , Message-ID: In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Re: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:20:52 -0000 What is your performance with this? I've seen awful performance with rsync and big file systems. We've thought of adding the flag to only check the file modification date to help reduce this. - mike On 6/2/03 8:33 AM, "Wolfpaw - Dale Corse" wrote: > Hi Tom, > > I use this to mirror one of our servers to another disk in > the same machine. How we did it was we installed FreeBSD on > that disk in another machine, and then put it in the main > server.. now we just run this script periodically, and > we have a backup solution :) > > Hope it helps :) > D. > > #!/bin/sh > # Rsync Backup Script > > export PATH=/usr/local/bin:/usr/bin:/bin > LIST="bin dev etc lib mnt sbin usr boot dbu home root tmp var" > > echo "Copying files.." > #Loop thru the list > for d in $LIST; do > echo -n "... COPYING: /$d/" > /usr/local/bin/rsync --delete -ax /$d/ /disk2/mirror/$d/ > echo " " > done > > echo "Backup Complete .. Exiting." > > -------------------------------- > Dale Corse > System Administrator > Wolfpaw Services Inc. > http://www.wolfpaw.net > (780) 474-4095 > >> -----Original Message----- >> From: owner-freebsd-isp@freebsd.org >> [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Thomas Dwyer >> Sent: Monday, June 02, 2003 8:01 AM >> To: freebsd-isp@freebsd.org >> Subject: Mirror Server >> >> >> Hello; >> >> I would like to setup a backup server to replace the main >> server should a disaster occur. I have experimented abit >> with rsync and it looks like it would do the job. >> >> My question is; what files or binaries should not, or >> cannot be replicated? Obviously the kernel should be separate. >> >> I want to be able to take the backup, plug it in where the >> primary was, change the IP and everything would be as it >> was up until the point of the last rsync. >> >> Thanks >> Tom >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to >> "freebsd-isp-unsubscribe@freebsd.org" >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > Michael F. DeMan Director of Technology OpenAccess Internet Services 1305 11th St., 3rd Floor Bellingham, WA 98225 Tel 360-647-0785 x204 Fax 360-738-9785 michael@staff.openaccess.org From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:30:34 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECAA937B410 for ; Mon, 2 Jun 2003 09:30:33 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 9D6C243FA3 for ; Mon, 2 Jun 2003 09:30:32 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 31394 invoked by uid 0); 2 Jun 2003 16:30:31 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 16:30:31 -0000 From: "Wolfpaw - Dale Corse" To: "Michael DeMan" , "Wolfpaw - Dale Corse" , "Thomas Dwyer" , Date: Mon, 2 Jun 2003 10:45:03 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:30:34 -0000 Hmm.. 10 gig in 1/2 hr or so.. its not wonderful, we use something entirely different for shell servers (we have 20 of them..). This is good for an "internal" machine, but if your looking for fast backups, use tar with the update flag.. it works nicely. The nice thing about rsync is it can reproduce the entire fs as it was, without some of the problems tar has.. such as having to have a huge chunk of space so you can tar one disk, and then untar onto another.. Anyway.. my 2 cents :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: Michael DeMan [mailto:michael@staff.openaccess.org] > Sent: Monday, June 02, 2003 10:21 AM > To: Wolfpaw - Dale Corse; Thomas Dwyer; freebsd-isp@freebsd.org > Subject: Re: Mirror Server > > > What is your performance with this? I've seen awful > performance with rsync > and big file systems. We've thought of adding the flag to > only check the > file modification date to help reduce this. > > - mike > > On 6/2/03 8:33 AM, "Wolfpaw - Dale Corse" > wrote: > > > Hi Tom, > > > > I use this to mirror one of our servers to another disk in > > the same machine. How we did it was we installed FreeBSD on > > that disk in another machine, and then put it in the main > > server.. now we just run this script periodically, and > > we have a backup solution :) > > > > Hope it helps :) > > D. > > > > #!/bin/sh > > # Rsync Backup Script > > > > export PATH=/usr/local/bin:/usr/bin:/bin > > LIST="bin dev etc lib mnt sbin usr boot dbu home root tmp var" > > > > echo "Copying files.." > > #Loop thru the list > > for d in $LIST; do > > echo -n "... COPYING: /$d/" > > /usr/local/bin/rsync --delete -ax /$d/ /disk2/mirror/$d/ > > echo " " > > done > > > > echo "Backup Complete .. Exiting." > > > > -------------------------------- > > Dale Corse > > System Administrator > > Wolfpaw Services Inc. > > http://www.wolfpaw.net > > (780) 474-4095 > > > >> -----Original Message----- > >> From: owner-freebsd-isp@freebsd.org > >> [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Thomas Dwyer > >> Sent: Monday, June 02, 2003 8:01 AM > >> To: freebsd-isp@freebsd.org > >> Subject: Mirror Server > >> > >> > >> Hello; > >> > >> I would like to setup a backup server to replace the main > >> server should a disaster occur. I have experimented abit > >> with rsync and it looks like it would do the job. > >> > >> My question is; what files or binaries should not, or > >> cannot be replicated? Obviously the kernel should be separate. > >> > >> I want to be able to take the backup, plug it in where the > >> primary was, change the IP and everything would be as it > >> was up until the point of the last rsync. > >> > >> Thanks > >> Tom > >> _______________________________________________ > >> freebsd-isp@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp > >> To unsubscribe, send any mail to > >> "freebsd-isp-unsubscribe@freebsd.org" > >> > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to > "freebsd-isp-unsubscribe@freebsd.org" > > > > Michael F. DeMan > Director of Technology > OpenAccess Internet Services > 1305 11th St., 3rd Floor > Bellingham, WA 98225 > Tel 360-647-0785 x204 > Fax 360-738-9785 > michael@staff.openaccess.org > > > > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:36:10 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A4F837B401 for ; Mon, 2 Jun 2003 09:36:10 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 8C4E343FAF for ; Mon, 2 Jun 2003 09:36:08 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 31806 invoked by uid 0); 2 Jun 2003 16:36:07 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 16:36:07 -0000 From: "Wolfpaw - Dale Corse" To: "Troy Settle" , "'Mark Sergeant'" , "'Wolfpaw - Dale Corse'" Date: Mon, 2 Jun 2003 10:50:38 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal cc: 'Support' cc: isp@freebsd.org cc: security@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:36:10 -0000 > Perhaps someone can shed more light on the subject, but it's my > impression that most system process run with a UID/GID > under 100. So a > uid < 100 should deny the change request. Perhaps, though the trend is running most things as non-priv users, because it minimizes the damage to the server if a process is compromised. Generally "non-system" accounts seem to start at 1000 (BSD, and most Linux), or 500 (notably Redhat) so.. you may want to use 500 as the magic number for portability reasons. > > Then again, in this day and age, isn't it advisable to do away with > system accounts for users? On most of my boxes, there are exactly 2 > passwords in the passwd file: one for my ssh access and > another so I can > su to root. On the one box that does have system accounts > for users, > they can use /usr/bin/passwd directly. > > All 4.2k users on my system authenticate from a MySQL > database for mail > and ftp access. I concur, we use vpopmail w/ mysql to authenticate all mail users (including staff that have shell accounts). As a point .. it is more secure, because unless you are using SSL with your pop3 client (which doesn't appear to be that popular), you are broadcasting a shell password all over the net, pop3 is cleartext :) Point: Use virtual mail :) Shells with SSH and SFTP only :) > > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Mark Sergeant > > Sent: Monday, June 02, 2003 11:32 AM > > To: Wolfpaw - Dale Corse > > Cc: Support; isp@freebsd.org; security@freebsd.org > > Subject: RE: quick poppassd question > > > > > > Could we maybe drop it to 200ish as I know of many cases > where uid's > > aren't > 1000 for standard users. > > > > On Tue, 2003-06-03 at 01:33, Wolfpaw - Dale Corse wrote: > > > looks good to me :) > > > > > > D. > > > -------------------------------- > > > Dale Corse > > > System Administrator > > > Wolfpaw Services Inc. > > > http://www.wolfpaw.net > > > (780) 474-4095 > > > > > > > -----Original Message----- > > > > From: owner-freebsd-isp@freebsd.org > > > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Support > > > > Sent: Monday, June 02, 2003 5:04 AM > > > > To: security@freebsd.org > > > > Cc: isp@freebsd.org > > > > Subject: quick poppassd question > > > > > > > > > > > > Hello, > > > > > > > > I did a quick change to the patched port of poppassd and am > > > > wondering if > > > > you think my code would introduce any potential problems. > > > > > > > > The idea is right after we check if the username exists, > > > > also check if the > > > > UID of that username is over 1000. I wanted to make sure > > that no one > > > > monkeys around with priveleged users once poppassd is running. > > -snip- > > > > -- > > Mark Sergeant > > SNSOnline Technical Services > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to > "freebsd-isp-unsubscribe@freebsd.org" > > > > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:38:33 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D38C37B401 for ; Mon, 2 Jun 2003 09:38:33 -0700 (PDT) Received: from analog.databits.net (analog.databits.net [198.78.65.155]) by mx1.FreeBSD.org (Postfix) with SMTP id ABB1F43F93 for ; Mon, 2 Jun 2003 09:38:32 -0700 (PDT) (envelope-from petef@analog.databits.net) Received: (qmail 22299 invoked by uid 1000); 2 Jun 2003 16:34:34 -0000 Date: Mon, 2 Jun 2003 11:34:34 -0500 From: Pete Fritchman To: Troy Settle Message-ID: <20030602163434.GB33375@absolutbsd.org> References: <1054567925.17084.7.camel@xyzzy.wireless.snsonline.net> <001b01c3291e$80b3ca90$23fbab3f@psknet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> User-Agent: Mutt/1.4i cc: 'Support' cc: isp@freebsd.org cc: security@freebsd.org Subject: Re: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:38:33 -0000 ++ 02/06/03 11:49 -0400 - Troy Settle: | Perhaps someone can shed more light on the subject, but it's my | impression that most system process run with a UID/GID under 100. So a | uid < 100 should deny the change request. UIDs up to and including 999 are reserved for system use. For example, see this section in the porters handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/dads-uid.html --pete From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:42:23 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E30CA37B401 for ; Mon, 2 Jun 2003 09:42:22 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id B046143FAF for ; Mon, 2 Jun 2003 09:42:19 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 32284 invoked by uid 0); 2 Jun 2003 16:42:18 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 16:42:18 -0000 From: "Wolfpaw - Dale Corse" To: "Pete Fritchman" , "Troy Settle" Date: Mon, 2 Jun 2003 10:56:48 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20030602163434.GB33375@absolutbsd.org> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal cc: 'Support' cc: isp@freebsd.org cc: security@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:42:23 -0000 In freebsd.. and most other things.. but some *cough* large corporate linux distro's *cough*redhat*cough* ignore such defaco standards.. we must consider portability especially if the patch will be submitted for integration into the package..no? :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: Pete Fritchman [mailto:petef@FreeBSD.org] > Sent: Monday, June 02, 2003 10:35 AM > To: Troy Settle > Cc: 'Mark Sergeant'; 'Wolfpaw - Dale Corse'; 'Support'; > isp@freebsd.org; > security@freebsd.org > Subject: Re: quick poppassd question > > > ++ 02/06/03 11:49 -0400 - Troy Settle: > | Perhaps someone can shed more light on the subject, but it's my > | impression that most system process run with a UID/GID > under 100. So a > | uid < 100 should deny the change request. > > UIDs up to and including 999 are reserved for system use. > For example, > see this section in the porters handbook: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-han > dbook/dads-uid.html > > --pete > > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:44:25 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BDBC337B401; Mon, 2 Jun 2003 09:44:25 -0700 (PDT) Received: from mail.lambertfam.org (www.lambertfam.org [216.223.208.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D5B543F93; Mon, 2 Jun 2003 09:44:25 -0700 (PDT) (envelope-from lambert@lambertfam.org) Received: from laptop.lambertfam.org (laptop.int.lambertfam.org [10.1.0.2]) by mail.lambertfam.org (Postfix) with ESMTP id 3F75034D28; Mon, 2 Jun 2003 12:44:23 -0400 (EDT) Received: by laptop.lambertfam.org (Postfix, from userid 1000) id 813BD89DD; Mon, 2 Jun 2003 12:43:52 -0400 (EDT) Date: Mon, 2 Jun 2003 12:43:52 -0400 From: Scott Lambert To: isp@freebsd.org, security@freebsd.org Message-ID: <20030602164352.GA80586@laptop.lambertfam.org> Mail-Followup-To: isp@freebsd.org, security@freebsd.org References: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Subject: Re: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:44:26 -0000 On Mon, Jun 02, 2003 at 10:50:38AM -0600, Wolfpaw - Dale Corse wrote: > > Perhaps someone can shed more light on the subject, but it's my > > impression that most system process run with a UID/GID > > under 100. So a > > uid < 100 should deny the change request. > > Perhaps, though the trend is running most things as non-priv > users, because it minimizes the damage to the server if a > process is compromised. Generally "non-system" accounts seem > to start at 1000 (BSD, and most Linux), or 500 (notably Redhat) > so.. you may want to use 500 as the magic number for portability > reasons. Make it configurable!!! Set a default but don't make hard coded assumptions about someone else's systems. On FreeBSD, the default should probably be 1000. make NON_SYSTEM_ACCT_START=4321 From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:46:08 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC8CB37B401 for ; Mon, 2 Jun 2003 09:46:08 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 11ACE43F93 for ; Mon, 2 Jun 2003 09:46:08 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 32626 invoked by uid 0); 2 Jun 2003 16:46:07 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 2 Jun 2003 16:46:07 -0000 From: "Wolfpaw - Dale Corse" To: "Scott Lambert" , Date: Mon, 2 Jun 2003 11:00:39 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20030602164352.GA80586@laptop.lambertfam.org> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:46:09 -0000 I figured that would be a given :P I think we were discussing default..? (I assumed so.. my bad) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Scott Lambert > Sent: Monday, June 02, 2003 10:44 AM > To: isp@freebsd.org; security@freebsd.org > Subject: Re: quick poppassd question > > > On Mon, Jun 02, 2003 at 10:50:38AM -0600, Wolfpaw - Dale > Corse wrote: > > > Perhaps someone can shed more light on the subject, but it's my > > > impression that most system process run with a UID/GID > > > under 100. So a > > > uid < 100 should deny the change request. > > > > Perhaps, though the trend is running most things as non-priv > > users, because it minimizes the damage to the server if a > > process is compromised. Generally "non-system" accounts seem > > to start at 1000 (BSD, and most Linux), or 500 (notably Redhat) > > so.. you may want to use 500 as the magic number for portability > > reasons. > > Make it configurable!!! Set a default but don't make hard coded > assumptions about someone else's systems. On FreeBSD, the default > should probably be 1000. > > make NON_SYSTEM_ACCT_START=4321 > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to > "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 09:55:50 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0371F37B401 for ; Mon, 2 Jun 2003 09:55:50 -0700 (PDT) Received: from analog.databits.net (analog.databits.net [198.78.65.155]) by mx1.FreeBSD.org (Postfix) with SMTP id 3ABE543F85 for ; Mon, 2 Jun 2003 09:55:49 -0700 (PDT) (envelope-from petef@analog.databits.net) Received: (qmail 54585 invoked by uid 1000); 2 Jun 2003 16:51:53 -0000 Date: Mon, 2 Jun 2003 11:51:53 -0500 From: Pete Fritchman To: Wolfpaw - Dale Corse Message-ID: <20030602165153.GD33375@absolutbsd.org> References: <20030602163434.GB33375@absolutbsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: isp@freebsd.org cc: security@freebsd.org Subject: Re: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 16:55:50 -0000 [ cc list trimmed some ] ++ 02/06/03 10:56 -0600 - Wolfpaw - Dale Corse: | In freebsd.. and most other things.. but some *cough* large corporate | linux distro's *cough*redhat*cough* ignore such defaco standards.. we | must consider portability especially if the patch will be submitted | for integration into the package..no? :) Right, so in config.h (or wherever), '#define MAX_SYSTEM_UID 999' and allow people to tweak it. --pete From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 10:02:59 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C9D637B401 for ; Mon, 2 Jun 2003 10:02:59 -0700 (PDT) Received: from bilver.wjv.com (user38.net339.fl.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id F0B0443F93 for ; Mon, 2 Jun 2003 10:02:57 -0700 (PDT) (envelope-from bv@wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by bilver.wjv.com (8.12.9/8.12.9) with ESMTP id h52H2ks3053318 for ; Mon, 2 Jun 2003 13:02:46 -0400 (EDT) (envelope-from bv@wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.9/8.12.9/Submit) id h52H2jIn053317 for freebsd-isp@freebsd.org; Mon, 2 Jun 2003 13:02:45 -0400 (EDT) Date: Mon, 2 Jun 2003 13:02:45 -0400 From: Bill Vermillion To: freebsd-isp@freebsd.org Message-ID: <20030602170244.GA53243@wjv.com> References: <001b01c3291e$80b3ca90$23fbab3f@psknet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-26.6 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,QUOTE_TWICE_1,REFERENCES, REPLY_WITH_QUOTES,USER_AGENT_MUTT version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) Subject: Re: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 17:02:59 -0000 While normally not able to pour water out of a boot with instructions on the heel, on Mon, Jun 02, 2003 at 10:50 our dear friend Wolfpaw - Dale Corse uttered this load of codswallop: > > Perhaps someone can shed more light on the subject, but it's my > > impression that most system process run with a UID/GID > > under 100. So a > > uid < 100 should deny the change request. > Perhaps, though the trend is running most things as non-priv > users, because it minimizes the damage to the server if a > process is compromised. Generally "non-system" accounts seem > to start at 1000 (BSD, and most Linux), or 500 (notably Redhat) > so.. you may want to use 500 as the magic number for portability > reasons. And for adding users manually you can change the 1000 to whatever value you want in the /etc/adduser.conf file. If you use the plain adduser command CLI with manual user options there is the -uid NNNNN piece. > freebsd-isp@freebsd.org mailing list Bill -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 10:53:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3719137B417 for ; Mon, 2 Jun 2003 10:53:21 -0700 (PDT) Received: from ip68-2-98-210.ph.ph.cox.net (ip68-2-89-14.ph.ph.cox.net [68.2.89.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5996B43FAF for ; Mon, 2 Jun 2003 10:53:20 -0700 (PDT) (envelope-from joeym@ip68-2-98-210.ph.ph.cox.net) Received: (from joeym@localhost) by ip68-2-98-210.ph.ph.cox.net (8.11.6/8.11.6) id h52HxAr01064; Mon, 2 Jun 2003 17:59:10 GMT (envelope-from joeym) Date: Mon, 2 Jun 2003 10:59:09 -0700 From: Joe Miller To: Wolfpaw - Dale Corse Message-ID: <20030602175909.GL51524@joeym.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.25i cc: freebsd-isp@freebsd.org Subject: Re: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: joeym@joeym.net List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 17:53:21 -0000 You can eliminate having to have a huge chunk of space available with tar by piping the tar output to another tar process that immediately writes the data to the new disk, ie: tar cvf - / | (cd /backup/disk ; tar xvf - ) -- Joe Miller On Mon, Jun 02, 2003 at 10:45:03AM -0600, Wolfpaw - Dale Corse wrote: // Hmm.. 10 gig in 1/2 hr or so.. its not wonderful, we use // something entirely different for shell servers (we have // 20 of them..). This is good for an "internal" machine, // but if your looking for fast backups, use tar with the // update flag.. it works nicely. The nice thing about // rsync is it can reproduce the entire fs as it was, // without some of the problems tar has.. such as having // to have a huge chunk of space so you can tar one // disk, and then untar onto another.. // // Anyway.. my 2 cents :) // D. // -------------------------------- // Dale Corse // System Administrator // Wolfpaw Services Inc. // http://www.wolfpaw.net // (780) 474-4095 // // > -----Original Message----- // > From: Michael DeMan [mailto:michael@staff.openaccess.org] // > Sent: Monday, June 02, 2003 10:21 AM // > To: Wolfpaw - Dale Corse; Thomas Dwyer; freebsd-isp@freebsd.org // > Subject: Re: Mirror Server // > // > // > What is your performance with this? I've seen awful // > performance with rsync // > and big file systems. We've thought of adding the flag to // > only check the // > file modification date to help reduce this. // > // > - mike // > // > On 6/2/03 8:33 AM, "Wolfpaw - Dale Corse" // > wrote: // > // > > Hi Tom, // > > // > > I use this to mirror one of our servers to another disk in // > > the same machine. How we did it was we installed FreeBSD on // > > that disk in another machine, and then put it in the main // > > server.. now we just run this script periodically, and // > > we have a backup solution :) // > > // > > Hope it helps :) // > > D. // > > // > > #!/bin/sh // > > # Rsync Backup Script // > > // > > export PATH=/usr/local/bin:/usr/bin:/bin // > > LIST="bin dev etc lib mnt sbin usr boot dbu home root tmp var" // > > // > > echo "Copying files.." // > > #Loop thru the list // > > for d in $LIST; do // > > echo -n "... COPYING: /$d/" // > > /usr/local/bin/rsync --delete -ax /$d/ /disk2/mirror/$d/ // > > echo " " // > > done // > > // > > echo "Backup Complete .. Exiting." // > > // > > -------------------------------- // > > Dale Corse // > > System Administrator // > > Wolfpaw Services Inc. // > > http://www.wolfpaw.net // > > (780) 474-4095 // > > // > >> -----Original Message----- // > >> From: owner-freebsd-isp@freebsd.org // > >> [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Thomas Dwyer // > >> Sent: Monday, June 02, 2003 8:01 AM // > >> To: freebsd-isp@freebsd.org // > >> Subject: Mirror Server // > >> // > >> // > >> Hello; // > >> // > >> I would like to setup a backup server to replace the main // > >> server should a disaster occur. I have experimented abit // > >> with rsync and it looks like it would do the job. // > >> // > >> My question is; what files or binaries should not, or // > >> cannot be replicated? Obviously the kernel should be separate. // > >> // > >> I want to be able to take the backup, plug it in where the // > >> primary was, change the IP and everything would be as it // > >> was up until the point of the last rsync. // > >> // > >> Thanks // > >> Tom // > >> _______________________________________________ // > >> freebsd-isp@freebsd.org mailing list // > >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp // > >> To unsubscribe, send any mail to // > >> "freebsd-isp-unsubscribe@freebsd.org" // > >> // > > // > > _______________________________________________ // > > freebsd-isp@freebsd.org mailing list // > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp // > > To unsubscribe, send any mail to // > "freebsd-isp-unsubscribe@freebsd.org" // > > // > // > Michael F. DeMan // > Director of Technology // > OpenAccess Internet Services // > 1305 11th St., 3rd Floor // > Bellingham, WA 98225 // > Tel 360-647-0785 x204 // > Fax 360-738-9785 // > michael@staff.openaccess.org // > // > // > // > // // _______________________________________________ // freebsd-isp@freebsd.org mailing list // http://lists.freebsd.org/mailman/listinfo/freebsd-isp // To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 18:32:54 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4276237B401 for ; Mon, 2 Jun 2003 18:32:54 -0700 (PDT) Received: from praetor.linc-it.com (hardtime.linuxman.net [66.147.26.65]) by mx1.FreeBSD.org (Postfix) with ESMTP id 40D4D43F75 for ; Mon, 2 Jun 2003 18:32:53 -0700 (PDT) (envelope-from fullermd@over-yonder.net) Received: from mortis.over-yonder.net (adsl-156-172-64.jan.bellsouth.net [66.156.172.64]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by praetor.linc-it.com (Postfix) with ESMTP id D1D891527A; Mon, 2 Jun 2003 20:32:51 -0500 (CDT) Received: by mortis.over-yonder.net (Postfix, from userid 100) id BF30720F03; Mon, 2 Jun 2003 20:32:49 -0500 (CDT) Date: Mon, 2 Jun 2003 20:32:49 -0500 From: "Matthew D. Fuller" To: Joe Miller Message-ID: <20030603013249.GY61246@over-yonder.net> References: <20030602175909.GL51524@joeym.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030602175909.GL51524@joeym.net> User-Agent: Mutt/1.4i-fullermd.1 X-Editor: vi X-OS: FreeBSD cc: freebsd-isp@freebsd.org Subject: Re: Mirror Server X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2003 01:32:54 -0000 On Mon, Jun 02, 2003 at 10:59:09AM -0700 I heard the voice of Joe Miller, and lo! it spake thus: > You can eliminate having to have a huge chunk of space available with tar > by piping the tar output to another tar process that immediately writes > the data to the new disk, ie: > > tar cvf - / | (cd /backup/disk ; tar xvf - ) tar -cf - -C / . | tar -xvpf - -C /backup/disk (-v on both gets irritating) -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" From owner-freebsd-isp@FreeBSD.ORG Tue Jun 3 12:26:13 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AA3D37B401 for ; Tue, 3 Jun 2003 12:26:13 -0700 (PDT) Received: from mail-02.med.umich.edu (med-gwia-02a.med.umich.edu [141.214.93.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A6E243FBF for ; Tue, 3 Jun 2003 12:26:12 -0700 (PDT) (envelope-from Mailer-Daemon@mail-02.med.umich.edu) Received: from gwia-02-MTA by mail-02.med.umich.edu with Novell_GroupWise; Tue, 03 Jun 2003 15:26:11 -0400 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.0.2 Date: Tue, 03 Jun 2003 15:26:03 -0400 From: "David Fox" Sender: Postmaster@med.umich.edu Errors-To: Postmaster@med.umich.edu To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Re: Screensaver X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: dfox@med.umich.edu List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2003 19:26:13 -0000 I will be out of the office from Friday, May 30, 2003 until Wednesday, June 11, 2003. Your message has been received and will be read when I return on June 11th. If you have an urgent matter please contact Cindy Harper at (734) 936-5566 or cjharper@umich.edu. From owner-freebsd-isp@FreeBSD.ORG Tue Jun 3 12:26:14 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74F1337B401 for ; Tue, 3 Jun 2003 12:26:14 -0700 (PDT) Received: from mail-02.med.umich.edu (med-gwia-02a.med.umich.edu [141.214.93.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id CAE9743F93 for ; Tue, 3 Jun 2003 12:26:13 -0700 (PDT) (envelope-from Mailer-Daemon@mail-02.med.umich.edu) Received: from gwia-02-MTA by mail-02.med.umich.edu with Novell_GroupWise; Tue, 03 Jun 2003 15:26:11 -0400 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.0.2 Date: Tue, 03 Jun 2003 15:26:03 -0400 From: "Michael Imperiale" Sender: Postmaster@med.umich.edu Errors-To: Postmaster@med.umich.edu To: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Re: Screensaver (automatic reply) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: imperial@med.umich.edu List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2003 19:26:14 -0000 Mike Imperiale will be out of the lab until Monday, June 9, 2003. You may not receive a response until then. If you need to talk to someone in the lab, please call 734-936-0876. If you need to talk to someone about departmental business, please call 734-764-1466. From owner-freebsd-isp@FreeBSD.ORG Tue Jun 3 12:26:58 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C09E37B401 for ; Tue, 3 Jun 2003 12:26:58 -0700 (PDT) Received: from mailrelay.esperion.com (mailrelay.esperion.com [12.165.160.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6EE7443F93 for ; Tue, 3 Jun 2003 12:26:57 -0700 (PDT) (envelope-from NAVMSE-INDEPENDENCE@esperion.com) Received: from independence.esperion.com (independence.esperion.com [10.0.2.12])h53JQMel018084 for ; Tue, 3 Jun 2003 15:26:22 -0400 Received: by independence.esperion.com with Internet Mail Service (5.5.2655.55) id ; Tue, 3 Jun 2003 15:26:51 -0400 Message-ID: <45B255AB58EB904C840B6D0AF4E3A1CC0CEC99@independence.esperion.com> From: NAV for Microsoft Exchange-INDEPENDENCE To: "'freebsd-isp@freebsd.org'" Date: Tue, 3 Jun 2003 15:26:49 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2655.55) Content-Type: text/plain Subject: Norton AntiVirus detected and quarantined a virus in a message yo u sent. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2003 19:26:58 -0000 Recipient of the infected attachment: Mike Pape\Inbox Subject of the message: Re: Screensaver One or more attachments were quarantined. Attachment movie.pi was Quarantined for the following reasons: Virus W32.Sobig.C@mm was found. From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 00:59:32 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B25737B405 for ; Wed, 4 Jun 2003 00:59:32 -0700 (PDT) Received: from opium.co.za (opium.co.za [196.34.165.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 53C7943FA3 for ; Wed, 4 Jun 2003 00:59:31 -0700 (PDT) (envelope-from mark@opium.co.za) Received: from mark (helo=localhost) by opium.co.za with local-esmtp (Exim 4.12) id 19NTB9-0001vu-00 for freebsd-isp@freebsd.org; Wed, 04 Jun 2003 09:59:27 +0200 Date: Wed, 4 Jun 2003 09:59:27 +0200 (SAST) From: Mark Bojara X-X-Sender: mark@opium.co.za To: freebsd-isp@freebsd.org Message-ID: <20030604095830.V1873-100000@opium.co.za> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: mark Subject: mysql-to-ldap connector X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 07:59:32 -0000 Hello, I have a mysql email authentication system. I need Outlook express to use it as a LDAP Directory service in their outlook express.. Is there a connector tool to run a ldap server but it gets all the data from a mysql db? Thanks Mark ---------------------------------------------------------------- I *said* cut my *hair* off of the ear!! -van Gogh ---------------------------------------------------------------- From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 07:34:30 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4244237B40A for ; Wed, 4 Jun 2003 07:34:30 -0700 (PDT) Received: from mail.munk.nu (213-152-51-194.dsl.eclipse.net.uk [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F6C843FA3 for ; Wed, 4 Jun 2003 07:34:26 -0700 (PDT) (envelope-from munk@mail.munk.nu) Received: from munk by mail.munk.nu with local (Exim 4.20) id 19NZLN-000NCm-9C for freebsd-isp@freebsd.org; Wed, 04 Jun 2003 15:34:25 +0100 Date: Wed, 4 Jun 2003 15:34:25 +0100 From: Jez Hancock To: FreeBSD ISP List Message-ID: <20030604143425.GB88470@users.munk.nu> Mail-Followup-To: FreeBSD ISP List Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: User Munk Subject: proftpd, mass virtual hosting and symlinks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 14:34:31 -0000 Hi all, Our webserver serves a large number of domains and the partitioning scheme is setup like this: /home - contains all shell related items for users (we allow shell logins) /www - contains all documentroots for the server A typical user's documentroot resides in: /home/user/web/example.com/www/ which is a symlink to /www/example.com/www The idea was to save time on httpd requests by serving files from a dedicated partition and similar issues also exist for suexec cgi-bin trees and logfile trees. The problem then is that when a user logs in via proftpd, if we use 'DefaultRoot ~' to chroot the users to their home directories, the user is unable to follow the symlink to their web docroot(s) because of the old chestnut with chrooting disallowing symlinks out of the chroot root directory. I've read through the manual for proftpd, particularly this: http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.html which suggests instead of symlinking, mount each (currently symlinked) directory in the target directory, something like: mount_null /www/example.com/www /home/user/web/example.com/www Questions: Is proftpd a viable option for mass vhosting given this type of partitioning scheme? If so, how would I configure proftpd to handle symlinks whilst still not allowing users to break out of their home directory? If proftpd is not the best option - what other ftpd are recommended? I understand PureFTPD implements a 'quasi' chrooting system via a module mod_vroot - is this a better option (proftpd also appears to have support for mod_vroot, but docs are sparse)? TIA, Jez From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 08:55:08 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA98E37B419 for ; Wed, 4 Jun 2003 08:55:08 -0700 (PDT) Received: from ns1.kolorbit.com (ns1.kolorbit.com [81.31.32.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id C497643F93 for ; Wed, 4 Jun 2003 08:55:07 -0700 (PDT) (envelope-from info@kolorbit.com) Received: from marco ([195.22.18.75]) by ns1.kolorbit.com (8.12.9/8.12.9) with SMTP id h54F10Pa017870; Wed, 4 Jun 2003 17:01:05 +0200 (CEST) (envelope-from info@kolorbit.com) Message-ID: <00b001c32ab1$c602dc00$6b026b83@marco> From: =?iso-8859-1?Q?Marco_Gon=E7alves?= To: "FreeBSD ISP List" , "Jez Hancock" References: <20030604143425.GB88470@users.munk.nu> Date: Wed, 4 Jun 2003 16:55:44 +0100 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: proftpd, mass virtual hosting and symlinks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 15:55:09 -0000 Use FTP, i do virual hosting on my server, and since i use PureFTPd all muy = trouble finished (at least with ftp sevice), i did it like this: 1 - intall pureftpd, with mysql support, so you can manage directly from = mysql the ftp users 2 - dont run the ftp from inetd, you better with standalone via rc.d , = here is the script that i made=20 #!/bin/sh case "$1" in start) /usr/local/sbin/pure-ftpd -A -l = mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n ' = pure-ftpd' ;; stop) /usr/bin/killall pure-ftpd > /dev/null && echo -n ' = pure-ftpd' ;; restart) /usr/bin/killall pure-ftpd && /usr/local/sbin/pure-ftpd = -A -l mysql:/usr/local/etc/pureftpd-mysql.conf & > /dev/null && echo -n = ' pure-ftpd' ;; *) echo "" echo "Usage: `basename $0` { start | stop | restart }" echo "" exit 64 ;; esac of course you have to have put the config file in = /usr/local/etc/pureftpd-mysql.conf chmod 600 root you can have links with no problem working with chroot=20 PureFTPd is good Best regards, Marco Gon=E7alves ----- Original Message -----=20 From: Jez Hancock=20 To: FreeBSD ISP List=20 Sent: Wednesday, June 04, 2003 3:34 PM Subject: proftpd, mass virtual hosting and symlinks Hi all, Our webserver serves a large number of domains and the partitioning scheme is setup like this: /home - contains all shell related items for users (we allow shell = logins) /www - contains all documentroots for the server A typical user's documentroot resides in: /home/user/web/example.com/www/ which is a symlink to /www/example.com/www The idea was to save time on httpd requests by serving files from a dedicated partition and similar issues also exist for suexec cgi-bin trees and logfile trees. The problem then is that when a user logs in via proftpd, if we use 'DefaultRoot ~' to chroot the users to their home directories, the = user is unable to follow the symlink to their web docroot(s) because of the old chestnut with chrooting disallowing symlinks out of the chroot = root directory. I've read through the manual for proftpd, particularly this: = http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.htm= l which suggests instead of symlinking, mount each (currently symlinked) directory in the target directory, something like: mount_null /www/example.com/www /home/user/web/example.com/www Questions: Is proftpd a viable option for mass vhosting given this type of partitioning scheme? If so, how would I configure proftpd to handle = symlinks whilst still not allowing users to break out of their home directory? If proftpd is not the best option - what other ftpd are recommended? = I understand PureFTPD implements a 'quasi' chrooting system via a module mod_vroot - is this a better option (proftpd also appears to have support for mod_vroot, but docs are sparse)? TIA, Jez _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 09:27:30 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13D0837B401 for ; Wed, 4 Jun 2003 09:27:30 -0700 (PDT) Received: from mail.munk.nu (213-152-51-194.dsl.eclipse.net.uk [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 608F043F93 for ; Wed, 4 Jun 2003 09:27:29 -0700 (PDT) (envelope-from munk@mail.munk.nu) Received: from munk by mail.munk.nu with local (Exim 4.20) id 19Nb6k-000Nry-1n for freebsd-isp@freebsd.org; Wed, 04 Jun 2003 17:27:26 +0100 Date: Wed, 4 Jun 2003 17:27:26 +0100 From: Jez Hancock To: FreeBSD ISP List Message-ID: <20030604162726.GD91431@users.munk.nu> Mail-Followup-To: FreeBSD ISP List References: <20030604143425.GB88470@users.munk.nu> <00b001c32ab1$c602dc00$6b026b83@marco> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00b001c32ab1$c602dc00$6b026b83@marco> User-Agent: Mutt/1.4.1i Sender: User Munk Subject: Re: proftpd, mass virtual hosting and symlinks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 16:27:30 -0000 Hi Marco, On Wed, Jun 04, 2003 at 04:55:44PM +0100, Marco Gon?alves wrote: > i do virual hosting on my server, and since i use PureFTPd all muy trouble finished (at least with ftp sevice), i did it like this: > 1 - intall pureftpd, with mysql support, so you can manage directly from mysql the ftp users Yes I've had a few replies suggesting that PureFTPD handles virtual chrooting quite nicely and I think I'll be looking into it. Tying in user's ftpd vhosts with mysql is also something I'm on the verge of looking at - along with exim/apache... > 2 - dont run the ftp from inetd, you better with standalone via rc.d , here is the script that i made TFT All the best, Jez From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 11:57:52 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25C1C37B401 for ; Wed, 4 Jun 2003 11:57:52 -0700 (PDT) Received: from opium.co.za (opium.co.za [196.34.165.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id AFE9D43F93 for ; Wed, 4 Jun 2003 11:57:50 -0700 (PDT) (envelope-from mark@opium.co.za) Received: from mark (helo=localhost) by opium.co.za with local-esmtp (Exim 4.12) id 19NdS4-0002J6-00; Wed, 04 Jun 2003 20:57:36 +0200 Date: Wed, 4 Jun 2003 20:57:36 +0200 (SAST) From: Mark Bojara X-X-Sender: mark@opium.co.za To: Jez Hancock In-Reply-To: <20030604143425.GB88470@users.munk.nu> Message-ID: <20030604205424.K1873-100000@opium.co.za> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: mark cc: FreeBSD ISP List Subject: Re: proftpd, mass virtual hosting and symlinks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 18:57:52 -0000 Hi Jez, You could always do something like: mount_null /www/example.com/www /home/user/web/example.com/www Not sure how effective this is large scale. Chow Mark ---------------------------------------------------------------- Why doesn't DOS ever say "Excellent command or filename!" ---------------------------------------------------------------- On Wed, 4 Jun 2003, Jez Hancock wrote: >Hi all, > >Our webserver serves a large number of domains and the partitioning >scheme is setup like this: > >/home - contains all shell related items for users (we allow shell logins) >/www - contains all documentroots for the server > >A typical user's documentroot resides in: > >/home/user/web/example.com/www/ > >which is a symlink to > >/www/example.com/www > >The idea was to save time on httpd requests by serving files from a >dedicated partition and similar issues also exist for >suexec cgi-bin trees and logfile trees. > >The problem then is that when a user logs in via proftpd, if we use >'DefaultRoot ~' to chroot the users to their home directories, the user >is unable to follow the symlink to their web docroot(s) because of the >old chestnut with chrooting disallowing symlinks out of the chroot root >directory. > >I've read through the manual for proftpd, particularly this: >http://proftpd.linux.co.uk/localsite/Userguide/linked/chroot-symlinks.html > >which suggests instead of symlinking, mount each (currently symlinked) >directory in the target directory, something like: > >mount_null /www/example.com/www /home/user/web/example.com/www > >Questions: >Is proftpd a viable option for mass vhosting given this type of >partitioning scheme? If so, how would I configure proftpd to handle symlinks >whilst still not allowing users to break out of their home directory? > >If proftpd is not the best option - what other ftpd are recommended? I >understand PureFTPD implements a 'quasi' chrooting system via a module >mod_vroot - is this a better option (proftpd also appears to have >support for mod_vroot, but docs are sparse)? > >TIA, >Jez >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 13:36:49 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB50C37B405 for ; Wed, 4 Jun 2003 13:36:49 -0700 (PDT) Received: from fep3.cogeco.net (smtp.cogeco.net [216.221.81.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 413C143F75 for ; Wed, 4 Jun 2003 13:36:48 -0700 (PDT) (envelope-from tom@dwyers.ca) Received: from tom (d235-131-219.home1.cgocable.net [24.235.131.219]) by fep3.cogeco.net (Postfix) with SMTP id 392EF6B2 for ; Wed, 4 Jun 2003 16:36:47 -0400 (EDT) Message-ID: <002201c32ad9$d7620160$020010ac@protechnologies> From: "Thomas Dwyer" To: Date: Wed, 4 Jun 2003 16:42:40 -0400 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Courier-IMAP - Postfix - MySQL 4 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 20:36:50 -0000 Has anyone had problems getting courier-imap with mysql authentication = working with mySQL 4. I noticed when courier-imap installed from the ports it installed = mysql-client-3.23; even though MyQL 4.1 was already installed and = working fine. I am also running postfix and it has problems connecting to the MySQL = database as well. The logfiles indicate somthing like "the client is using a protocol = unsupported by the server". Is this something related to the now obsolete mysql_connect being = replaced by mysql_real_connect? If anyone knows of a port patch for this, please advise? This server is = purely for an IMAP mail server for several thousand users, so using = MySQL 3.23 instead of 4.1 is not a problem if that is the only fix at = this time. Thanks Tom From owner-freebsd-isp@FreeBSD.ORG Wed Jun 4 14:21:46 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 36DAA37B401 for ; Wed, 4 Jun 2003 14:21:46 -0700 (PDT) Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACD0843F75 for ; Wed, 4 Jun 2003 14:21:45 -0700 (PDT) (envelope-from fearow@attbi.com) Received: from god.woofcat.com (12-251-110-17.client.attbi.com[12.251.110.17]) by attbi.com (rwcrmhc52) with SMTP id <2003060421214405200r1t8ie>; Wed, 4 Jun 2003 21:21:45 +0000 Date: Wed, 4 Jun 2003 16:21:20 -0500 From: Anti To: "Wolfpaw - Dale Corse" Message-Id: <20030604162120.14fa3e3a.fearow@attbi.com> In-Reply-To: References: Organization: Woofcat X-Mailer: Sylpheed version 0.8.11 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: directory quota (not user disk quota) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Jun 2003 21:21:46 -0000 no, this does nothing in freebsd... On Fri, 30 May 2003 21:05:56 -0600 "Wolfpaw - Dale Corse" wrote: > You would also need to chmod g+s the directory.. otherwise if > someone wrote to the directory that wasn't in the group, it would > not work. > > D. > -------------------------------- > Dale Corse > System Administrator > Wolfpaw Services Inc. > http://www.wolfpaw.net > (780) 474-4095 > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Mooneer Salem > > Sent: Friday, May 30, 2003 8:21 PM > > To: Benny Chee; freebsd-isp@freebsd.org > > Subject: RE: directory quota (not user disk quota) > > > > > > Hello, > > > > I would enable group quotas and set the directory's group > > ownership to a > > particular group. Then I would set the group's quota to > > 10MB. It's the > > closest > > you can get to a directory-only quota, assuming you use > > distinct groups per > > directory you want to do this for. > > > > Thanks, > > > > -- > > Mooneer Salem > > GPLTrans: http://www.translator.cx/ > > lifeafterking.org: http://www.lifeafterking.org/ > > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Benny Chee > > Sent: Friday, May 30, 2003 6:58 PM > > To: freebsd-isp@freebsd.org > > Subject: directory quota (not user disk quota) > > > > > > hi, > > > > is it possible to allow directory quota? ie, all > > files in a certain > > directory cannot exceed 10M. how is this done? > > > > benny > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to > > "freebsd-isp-unsubscribe@freebsd.org" > > > > > > > > > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to > > "freebsd-isp-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 08:11:00 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6541537B401 for ; Thu, 5 Jun 2003 08:11:00 -0700 (PDT) Received: from vineyard.net (k1.vineyard.net [204.17.195.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 34C1543FA3 for ; Thu, 5 Jun 2003 08:09:39 -0700 (PDT) (envelope-from ericx@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id 3A0FA91D8C for ; Thu, 5 Jun 2003 11:09:38 -0400 (EDT) Received: from vineyard.net ([127.0.0.1]) by localhost (king1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 48451-04 for ; Thu, 5 Jun 2003 11:09:38 -0400 (EDT) Received: from fortiva (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id E50E291D84 for ; Thu, 5 Jun 2003 11:09:37 -0400 (EDT) Message-ID: <024d01c32b74$530282a0$68c311cc@fortiva> From: "Eric W. Bates" To: Date: Thu, 5 Jun 2003 11:08:30 -0400 Organization: Vineyard.NET, Inc. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Virus-Scanned: by AMaViS at Vineyard.NET Subject: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 15:11:00 -0000 QW55b25lIGhhdmUgYSBsb2dpbiBjbGFzcyBmb3IgbWFpbCB1c2VycyB3aGljaCB0aGV5IGhhdmUg Zm91bmQgc2V0cyByZWFzb25hYmxlIGxpbWl0cz8NCg0KSSd2ZSBmb3VuZCBJIG5lZWQgdG8gY2Fw IFNwYW1Bc3Nhc3Npbi4NCg0KVGhhbmtzLg0KDQoNCkVyaWMgVy4gQmF0ZXMNCmVyaWN4QHZpbmV5 YXJkLm5ldA== From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 08:29:12 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FE0137B401 for ; Thu, 5 Jun 2003 08:29:10 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 3976D43F75 for ; Thu, 5 Jun 2003 08:29:10 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 11856 invoked by uid 0); 5 Jun 2003 15:29:09 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 5 Jun 2003 15:29:09 -0000 From: "Wolfpaw - Dale Corse" To: "Eric W. Bates" , Date: Thu, 5 Jun 2003 09:43:50 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <024d01c32b74$530282a0$68c311cc@fortiva> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 15:29:12 -0000 Actually.. just to mention something. I don't have the class you seek.. but I have noticed something about spamassassin. We were using qmail-scanner-queue to process mail with it.. and it works excellent.. except that its a massive waste of system resources. I would do the following before setting any limits (which should be there anyway).. it worked well for us: A) Make sure your mail servers use spamc, not spamassassin B) Use the following as a processing script replacement for qmail-queue: #!/bin/sh /usr/local/bin/spamc | /var/qmail/bin/qmail-queue Perl is a horrible resource hog at startup time.. one should avoid running large numbers of perl scripts over and over again at all costs I would say. It is excellent for some things.. but mail is not one of them, IMO :) Obviously, if your not using qmail (Gasp?!) this doesn't apply :) Just my 2 cents. :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Eric W. Bates > Sent: Thursday, June 05, 2003 9:09 AM > To: freebsd-isp@freebsd.org > Subject: login class for mail users > > > Anyone have a login class for mail users which they have > found sets reasonable limits? > > I've found I need to cap SpamAssassin. > > Thanks. > > > Eric W. Bates > ericx@vineyard.net From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 09:32:32 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 59A8F37B401 for ; Thu, 5 Jun 2003 09:32:32 -0700 (PDT) Received: from vineyard.net (k1.vineyard.net [204.17.195.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8682343F3F for ; Thu, 5 Jun 2003 09:32:31 -0700 (PDT) (envelope-from ericx@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id 7863591B27; Thu, 5 Jun 2003 12:32:30 -0400 (EDT) Received: from vineyard.net ([127.0.0.1]) by localhost (king1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 68887-07; Thu, 5 Jun 2003 12:32:30 -0400 (EDT) Received: from fortiva (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id 1418D91AEB; Thu, 5 Jun 2003 12:32:30 -0400 (EDT) Message-ID: <026c01c32b7f$e694fab0$68c311cc@fortiva> From: "Eric W. Bates" To: "Wolfpaw - Dale Corse" , References: Date: Thu, 5 Jun 2003 12:31:21 -0400 Organization: Vineyard.NET, Inc. MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Virus-Scanned: by AMaViS at Vineyard.NET Subject: Re: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 16:32:32 -0000 V2UncmUgdXNpbmcgcG9zdGZpeCAoR2FzcCEpIGFuZCBoYXZlIHNldHRsZWQgb24gcHJvY21haWwt LT5zcGFtYy0tPnNwYW1kIHRvIGFsbG93IGN1c3RvbWVyIGNvbnRyb2wuDQoNCldoYXQgaGFwcGVu cyBpbnRlcm1pdHRlbnRseSAoYWJvdXQgb25jZSBldmVyeSAyLTMgZGF5cykgaXMgc3BhbWQgd2ls bCBzdGFydCBzcGF3bmluZyBtdWx0aXBsZSBjb3BpZXMgb2YgaXRzZWxmIGFwcGFyYW50bHkgZm9y IHRoZSBzYW1lIG1lc3NhZ2UuICBFdmVudHVhbGx5IHRoZXJlIGFyZSAzIG9yIDQgdGhvdXNhbmQg cHJvY3MgYW5kIHRoZSBtYWNoaW5lIGlzIGhvc2VkLiBGb3JlbnNpY3MgaGF2ZSBiZWVuIGRpZmZp Y3VsdCBiZWNhdXNlIGl0IGhhcHBlbnMgc29tZXdoYXQgc3BvcmF0aWNhbGx5LCBhbmQgYnkgdGhl IHRpbWUgYWxhcm1zIHN0YXJ0IGdvaW5nIG9mZiB0aGUgbWFjaGluZSBpcyBsb2NrZWQuDQoNCnNw YW1kIHJ1bnMgYXMgcm9vdCwgb3V0IG9mIHJjLmQ7IGJ1dCBpdCBzcGF3bnMgY29waWVzIG9mIGl0 c2VsZiBhbmQgY2hhbmdlcyB1aWQgdG8gdGhlIHVzZXIuICBJZiBJIHNldCBzcGFtZCdzIC0tbWF4 LWNoaWxkcmVuIG9wdGlvbjsgdGhlbiBzcGFtIGZpbHRlcmluZyBmYWlscyBmb3IgZXZlcnlvbmUg d2hlbiB0aGlzIGVycm9yIG9jY3Vycy4gIElmIEkgY2FuIGZpZ3VyZSBvdXQgaG93IHRvIGdyYWNl ZnVsbHkgbGltaXQgcHJvY3MgZm9yIHRoZSBpbmRpdmlkdWFsIHVzZXI7IHRoZW4gYXQgbGVhc3Qg ZmlsdGVyaW5nIHNob3VsZCBjb250aW51ZSB0byB3b3JrIGZvciBldmVyeW9uZSBlbHNlIHdoZW4g dGhlIHNpbGx5IHRoaW5nIHdlZGdlcy4NCg0KSSBzdXNwZWN0IHRoYXQgYSAnbWFpbHVzZXInIG1p Z2h0IG5vdCBhZGRyZXNzIHRoZSBwcm9ibGVtOyBiZWNhdXNlIEkgdGhpbmsgdGhlIHByb2Nlc3Mg aXMgc3Bhd25lZCBiZWZvcmUgRVVJRCBpcyBkZW1vdGVkLg0KDQotLS0tLSBPcmlnaW5hbCBNZXNz YWdlIC0tLS0tIA0KRnJvbTogIldvbGZwYXcgLSBEYWxlIENvcnNlIiA8YWRtaW4tbGlzdHNAd29s ZnBhdy5uZXQ+DQpUbzogIkVyaWMgVy4gQmF0ZXMiIDxlcmljeEB2aW5leWFyZC5uZXQ+OyA8ZnJl ZWJzZC1pc3BAZnJlZWJzZC5vcmc+DQpTZW50OiBUaHVyc2RheSwgSnVuZSAwNSwgMjAwMyAxMTo0 MyBBTQ0KU3ViamVjdDogUkU6IGxvZ2luIGNsYXNzIGZvciBtYWlsIHVzZXJzDQoNCg0KPiBBY3R1 YWxseS4uIGp1c3QgdG8gbWVudGlvbiBzb21ldGhpbmcuIEkgZG9uJ3QgaGF2ZSB0aGUgY2xhc3Mg eW91DQo+IHNlZWsuLiBidXQgSSBoYXZlIG5vdGljZWQgc29tZXRoaW5nIGFib3V0IHNwYW1hc3Nh c3Npbi4gV2Ugd2VyZQ0KPiB1c2luZyBxbWFpbC1zY2FubmVyLXF1ZXVlIHRvIHByb2Nlc3MgbWFp bCB3aXRoIGl0Li4gYW5kIGl0IHdvcmtzDQo+IGV4Y2VsbGVudC4uIGV4Y2VwdCB0aGF0IGl0cyBh IG1hc3NpdmUgd2FzdGUgb2Ygc3lzdGVtIHJlc291cmNlcy4NCj4gDQo+IEkgd291bGQgZG8gdGhl IGZvbGxvd2luZyBiZWZvcmUgc2V0dGluZyBhbnkgbGltaXRzICh3aGljaCBzaG91bGQNCj4gYmUg dGhlcmUgYW55d2F5KS4uIGl0IHdvcmtlZCB3ZWxsIGZvciB1czoNCj4gDQo+IEEpIE1ha2Ugc3Vy ZSB5b3VyIG1haWwgc2VydmVycyB1c2Ugc3BhbWMsIG5vdCBzcGFtYXNzYXNzaW4NCj4gQikgVXNl IHRoZSBmb2xsb3dpbmcgYXMgYSBwcm9jZXNzaW5nIHNjcmlwdCByZXBsYWNlbWVudCBmb3INCj4g ICAgcW1haWwtcXVldWU6DQo+IA0KPiAjIS9iaW4vc2gNCj4gL3Vzci9sb2NhbC9iaW4vc3BhbWMg fCAvdmFyL3FtYWlsL2Jpbi9xbWFpbC1xdWV1ZQ0KPiANCj4gUGVybCBpcyBhIGhvcnJpYmxlIHJl c291cmNlIGhvZyBhdCBzdGFydHVwIHRpbWUuLiBvbmUgc2hvdWxkIGF2b2lkDQo+IHJ1bm5pbmcg bGFyZ2UgbnVtYmVycyBvZiBwZXJsIHNjcmlwdHMgb3ZlciBhbmQgb3ZlciBhZ2FpbiBhdCBhbGwN Cj4gY29zdHMgSSB3b3VsZCBzYXkuIEl0IGlzIGV4Y2VsbGVudCBmb3Igc29tZSB0aGluZ3MuLiBi dXQgbWFpbCBpcw0KPiBub3Qgb25lIG9mIHRoZW0sIElNTyA6KQ0KPiANCj4gT2J2aW91c2x5LCBp ZiB5b3VyIG5vdCB1c2luZyBxbWFpbCAoR2FzcD8hKSB0aGlzIGRvZXNuJ3QgYXBwbHkgOikNCj4g DQo+IEp1c3QgbXkgMiBjZW50cy4gOikNCj4gRC4NCj4gLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0NCj4gRGFsZSBDb3JzZQ0KPiBTeXN0ZW0gQWRtaW5pc3RyYXRvcg0KPiBXb2xmcGF3 IFNlcnZpY2VzIEluYy4NCj4gaHR0cDovL3d3dy53b2xmcGF3Lm5ldA0KPiAoNzgwKSA0NzQtNDA5 NQ0KPiANCj4gPiAtLS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KPiA+IEZyb206IG93bmVyLWZy ZWVic2QtaXNwQGZyZWVic2Qub3JnDQo+ID4gW21haWx0bzpvd25lci1mcmVlYnNkLWlzcEBmcmVl YnNkLm9yZ11PbiBCZWhhbGYgT2YgRXJpYyBXLiBCYXRlcw0KPiA+IFNlbnQ6IFRodXJzZGF5LCBK dW5lIDA1LCAyMDAzIDk6MDkgQU0NCj4gPiBUbzogZnJlZWJzZC1pc3BAZnJlZWJzZC5vcmcNCj4g PiBTdWJqZWN0OiBsb2dpbiBjbGFzcyBmb3IgbWFpbCB1c2Vycw0KPiA+IA0KPiA+IA0KPiA+IEFu eW9uZSBoYXZlIGEgbG9naW4gY2xhc3MgZm9yIG1haWwgdXNlcnMgd2hpY2ggdGhleSBoYXZlIA0K PiA+IGZvdW5kIHNldHMgcmVhc29uYWJsZSBsaW1pdHM/DQo+ID4gDQo+ID4gSSd2ZSBmb3VuZCBJ IG5lZWQgdG8gY2FwIFNwYW1Bc3Nhc3Npbi4NCj4gPiANCj4gPiBUaGFua3MuDQo+ID4gDQo+ID4g DQo+ID4gRXJpYyBXLiBCYXRlcw0KPiA+IGVyaWN4QHZpbmV5YXJkLm5ldA0KPiA= From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 10:00:11 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CDC037B40C for ; Thu, 5 Jun 2003 10:00:11 -0700 (PDT) Received: from alcatraz.wolfpaw.net (alcatraz.wolfpaw.net [204.209.44.3]) by mx1.FreeBSD.org (Postfix) with SMTP id D271743F75 for ; Thu, 5 Jun 2003 10:00:10 -0700 (PDT) (envelope-from admin-lists@wolfpaw.net) Received: (qmail 15042 invoked by uid 0); 5 Jun 2003 17:00:09 -0000 Received: from unknown (HELO wolf) (216.123.201.128) by 0 with SMTP; 5 Jun 2003 17:00:09 -0000 From: "Wolfpaw - Dale Corse" To: "Eric W. Bates" , "Wolfpaw - Dale Corse" , Date: Thu, 5 Jun 2003 11:14:51 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <026c01c32b7f$e694fab0$68c311cc@fortiva> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Importance: Normal Subject: RE: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 17:00:12 -0000 Could someone be attacking the port spamd is on? You should only need one spamd I think.. that's all we have going.. looks like: spamc 18863 0.0 0.8 25396 4180 ? S May24 1:18 perl /usr/local/bin/spamd -L -x -d -u spamc and anything it spawns would run as spamc.. you may want to consider maybe replacing spamd with a script that invokes a limited shell (lshell maybe?) and that way.. you could limit how many it can spawn.. perhaps you can write a script to check and see if there is a spam error and restart spamd.. not sure.. mine doesn't have this problem :( Hope something helps :) D. -------------------------------- Dale Corse System Administrator Wolfpaw Services Inc. http://www.wolfpaw.net (780) 474-4095 > -----Original Message----- > From: Eric W. Bates [mailto:ericx@vineyard.net] > Sent: Thursday, June 05, 2003 10:31 AM > To: Wolfpaw - Dale Corse; freebsd-isp@freebsd.org > Subject: Re: login class for mail users > > > We're using postfix (Gasp!) and have settled on > procmail-->spamc-->spamd to allow customer control. > > What happens intermittently (about once every 2-3 days) is > spamd will start spawning multiple copies of itself > apparantly for the same message. Eventually there are 3 or > 4 thousand procs and the machine is hosed. Forensics have > been difficult because it happens somewhat sporatically, > and by the time alarms start going off the machine is locked. > > spamd runs as root, out of rc.d; but it spawns copies of > itself and changes uid to the user. If I set spamd's > --max-children option; then spam filtering fails for > everyone when this error occurs. If I can figure out how > to gracefully limit procs for the individual user; then at > least filtering should continue to work for everyone else > when the silly thing wedges. > > I suspect that a 'mailuser' might not address the problem; > because I think the process is spawned before EUID is demoted. > > ----- Original Message ----- > From: "Wolfpaw - Dale Corse" > To: "Eric W. Bates" ; > Sent: Thursday, June 05, 2003 11:43 AM > Subject: RE: login class for mail users > > > > Actually.. just to mention something. I don't have the class you > > seek.. but I have noticed something about spamassassin. We were > > using qmail-scanner-queue to process mail with it.. and it works > > excellent.. except that its a massive waste of system resources. > > > > I would do the following before setting any limits (which should > > be there anyway).. it worked well for us: > > > > A) Make sure your mail servers use spamc, not spamassassin > > B) Use the following as a processing script replacement for > > qmail-queue: > > > > #!/bin/sh > > /usr/local/bin/spamc | /var/qmail/bin/qmail-queue > > > > Perl is a horrible resource hog at startup time.. one should avoid > > running large numbers of perl scripts over and over again at all > > costs I would say. It is excellent for some things.. but mail is > > not one of them, IMO :) > > > > Obviously, if your not using qmail (Gasp?!) this doesn't apply :) > > > > Just my 2 cents. :) > > D. > > -------------------------------- > > Dale Corse > > System Administrator > > Wolfpaw Services Inc. > > http://www.wolfpaw.net > > (780) 474-4095 > > > > > -----Original Message----- > > > From: owner-freebsd-isp@freebsd.org > > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Eric W. Bates > > > Sent: Thursday, June 05, 2003 9:09 AM > > > To: freebsd-isp@freebsd.org > > > Subject: login class for mail users > > > > > > > > > Anyone have a login class for mail users which they have > > > found sets reasonable limits? > > > > > > I've found I need to cap SpamAssassin. > > > > > > Thanks. > > > > > > > > > Eric W. Bates > > > ericx@vineyard.net > > From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 10:34:19 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C1D837B401 for ; Thu, 5 Jun 2003 10:34:19 -0700 (PDT) Received: from mail.lambertfam.org (www.lambertfam.org [216.223.208.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C85F43F93 for ; Thu, 5 Jun 2003 10:34:18 -0700 (PDT) (envelope-from lambert@lambertfam.org) Received: from laptop.lambertfam.org (laptop.int.lambertfam.org [10.1.0.2]) by mail.lambertfam.org (Postfix) with ESMTP id 2BF1E34D1F for ; Thu, 5 Jun 2003 13:34:15 -0400 (EDT) Received: by laptop.lambertfam.org (Postfix, from userid 1000) id 1DD0989DD; Thu, 5 Jun 2003 13:33:34 -0400 (EDT) Date: Thu, 5 Jun 2003 13:33:34 -0400 From: Scott Lambert To: freebsd-isp@freebsd.org Message-ID: <20030605173333.GB38860@laptop.lambertfam.org> Mail-Followup-To: freebsd-isp@freebsd.org References: <026c01c32b7f$e694fab0$68c311cc@fortiva> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <026c01c32b7f$e694fab0$68c311cc@fortiva> User-Agent: Mutt/1.4.1i Subject: Re: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 17:34:19 -0000 On Thu, Jun 05, 2003 at 12:31:21PM -0400, Eric W. Bates wrote: > We're using postfix (Gasp!) and have settled on > procmail-->spamc-->spamd to allow customer control. Good choice. :-) > What happens intermittently (about once every 2-3 days) is spamd will > start spawning multiple copies of itself apparantly for the same > message. Eventually there are 3 or 4 thousand procs and the machine > is hosed. Forensics have been difficult because it happens somewhat > sporatically, and by the time alarms start going off the machine is > locked. That happenes during massive spam runs. > spamd runs as root, out of rc.d; but it spawns copies of itself and > changes uid to the user. If I set spamd's --max-children option; then > spam filtering fails for everyone when this error occurs. If I can > figure out how to gracefully limit procs for the individual user; then > at least filtering should continue to work for everyone else when the > silly thing wedges. Use the --max-children. Spamd *will* occasionally die. Sometimes 20 times in one day here. Usually, during the massive spam runs. You need to run it under something that notices when it dies and spawns another copy of spamd immediately. We are using daemontools. Even in that second or less between restarts of spamd, a suprising amount of spam can slip through untagged. The spamd deaths seem to be related to signal handling issues with some of the perl modules that SpamAssassin uses in conjunction with the --max-children option. It has been coverred on the SATalk mailing list a few times. We only get an average of 60,000 messages per day here. More than 55% of that is spam. -- Scott Lambert KC5MLE Unix SysAdmin lambert@lambertfam.org From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 13:12:34 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 522AC37B401 for ; Thu, 5 Jun 2003 13:12:34 -0700 (PDT) Received: from manor.msen.com (manor.msen.com [148.59.4.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0874643F85 for ; Thu, 5 Jun 2003 13:12:33 -0700 (PDT) (envelope-from wayne@staff.msen.com) Received: from manor.msen.com (wayne@localhost [127.0.0.1]) by manor.msen.com (8.12.7M/8.12.7) with ESMTP id h55KCUbu037290 for ; Thu, 5 Jun 2003 16:12:30 -0400 (EDT) Received: (from wayne@localhost) by manor.msen.com (8.12.7M/8.12.7/Submit) id h55KCTuF037289 for freebsd-isp@freebsd.org; Thu, 5 Jun 2003 16:12:29 -0400 (EDT) Date: Thu, 5 Jun 2003 16:12:29 -0400 From: "Michael R. Wayne" To: FreeBSD ISP List Message-ID: <20030605161229.J90466@staff.msen.com> References: <20030604143425.GB88470@users.munk.nu> <00b001c32ab1$c602dc00$6b026b83@marco> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5.1i In-Reply-To: <00b001c32ab1$c602dc00$6b026b83@marco>; from info@kolorbit.com on Wed, Jun 04, 2003 at 04:55:44PM +0100 Subject: Re: proftpd, mass virtual hosting and symlinks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jun 2003 20:12:34 -0000 On Wed, Jun 04, 2003 at 04:55:44PM +0100, Marco Gonçalves wrote: > Use FTP, > > i do virual hosting on my server, and since i use PureFTPd all muy trouble finished We're looking at changing ftpd daemons and would like comments from other ISPs. We have a couple of core requirements that we have not been able to get by with either Pure or Pro to date. - All users have a login account so there's no sql issues. - We need anonymous FTP per domain. All uploaded files which get uploaded via anonymous ftp for a domain need to be owned by a user/group associated with this domain and set in the config file. Obviously, the incoming directory is set to write only. - We also need password protected FTP per domain. The ftp user is always in the same unix group as the main account holder and, once again, uploaded files need to be owned by the associated user/group. Restricted write access is set in config file and real account user has full access rights. Last time we checked, the only thing that did all this was WUFTP. Has this changed? /\/\ \/\/ From owner-freebsd-isp@FreeBSD.ORG Thu Jun 5 17:49:59 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0199537B401 for ; Thu, 5 Jun 2003 17:49:59 -0700 (PDT) Received: from hotmail.com (law12-f106.law12.hotmail.com [64.4.19.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id 944F943F3F for ; Thu, 5 Jun 2003 17:49:58 -0700 (PDT) (envelope-from adrian_nospm@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 5 Jun 2003 17:49:58 -0700 Received: from 203.12.22.37 by lw12fd.law12.hotmail.msn.com with HTTP; Fri, 06 Jun 2003 00:49:58 GMT X-Originating-IP: [203.12.22.37] X-Originating-Email: [adrian_nospm@hotmail.com] From: "Adrian NoSpm!" To: freebsd-isp@freebsd.org Date: Fri, 06 Jun 2003 00:49:58 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 06 Jun 2003 00:49:58.0559 (UTC) FILETIME=[8DE40AF0:01C32BC5] Subject: named using 50% CPU suddenly for unknown reason? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 00:49:59 -0000 Hi, My primary and secondary DNS servers jumped their load average up 3 times in one morning last week and I can't work out why. I'm using different versions, 8.3.3-REL being the latest. the named processes are running constantly at ~ 50% It's not a DOS issue (i've been watching the switch), sockstat shows a normal number of connections to named and the named log file and my syslog doesn't show anything unusual.. Stopping the secondary DNS doesn't effect the primary (and visaversa).. I reverted back to a config file from when everything was ok and that didn't help! Can anyone suggest what else I could look into? Thanks, Adrian. _________________________________________________________________ Get mobile Hotmail. Go to http://ninemsn.com.au/mobilecentral/signup.asp From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 04:11:16 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 715B437B401 for ; Fri, 6 Jun 2003 04:11:16 -0700 (PDT) Received: from psknet.com (grant.psknet.com [63.171.251.10]) by mx1.FreeBSD.org (Postfix) with SMTP id 0CD7443F75 for ; Fri, 6 Jun 2003 04:11:15 -0700 (PDT) (envelope-from troy@psknet.com) Received: (qmail 21875 invoked by uid 85); 6 Jun 2003 11:11:13 -0000 Received: from troy@psknet.com by grant.psknet.com by uid 25 with qmail-scanner-1.16 (no such scanner Clear:. Processed in 0.433615 secs); 06 Jun 2003 11:11:13 -0000 Received: from pool-141-152-71-205.roa.east.verizon.net (HELO tws) (141.152.71.205) by tc.psknet.com with SMTP; 6 Jun 2003 11:11:13 -0000 From: "Troy Settle" To: "'Thomas Dwyer'" , Date: Fri, 6 Jun 2003 07:11:20 -0400 Message-ID: <000801c32c1c$5c43a7b0$0100a8c0@tws> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <002201c32ad9$d7620160$020010ac@protechnologies> Importance: Normal Subject: RE: Courier-IMAP - Postfix - MySQL 4 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 11:11:16 -0000 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Thomas Dwyer > Sent: Wednesday, June 04, 2003 4:43 PM > To: freebsd-isp@freebsd.org > Subject: Courier-IMAP - Postfix - MySQL 4 > > > Has anyone had problems getting courier-imap with mysql > authentication working with mySQL 4. I've got it working now, but it can be a bit tricky to get going. For a copy of my authmysqlrc, check out http://kennedy.psknet.com/system/authmysqlrc.txt. WARNING: This is anything BUT a normal authmysqlrc file. It doesn't matter what the query looks like, all that's important, is the order of the fields returned by the query. > > I noticed when courier-imap installed from the ports it > installed mysql-client-3.23; even though MyQL 4.1 was already > installed and working fine. A LOT of ports do this. I ended up having to remove/rebuild just about every damned thing on my box (maybe it would have been faster to just format the disk and start over). I now edit the Makefiles for each port as I install so that it won't try to install MySQL 3.x as a dependancy. > > I am also running postfix and it has problems connecting to > the MySQL database as well. At this point, you might be having some issues of postfix being built against mysql4, but now having mysql3 libs in place. Don't quote me on this, though... > > The logfiles indicate somthing like "the client is using a > protocol unsupported by the server". I didn't have this myself... But then again, I'm not sure at which point the ports on my system started using mysql3 instead of mysql4, but a LOT of them did and had no problem connecting to a mysql4 database. > > Is this something related to the now obsolete mysql_connect > being replaced by mysql_real_connect? Could be, but I doubt it. Especially if you've been keeping your ports tree up to date. > > If anyone knows of a port patch for this, please advise? > This server is purely for an IMAP mail server for several > thousand users, so using MySQL 3.23 instead of 4.1 is not a > problem if that is the only fix at this time. At this point? If you're not live yet, remove anything and everything built against MySQL 3.xx, rm the mysql3 port, then rebuild everything (starting with MySQL 4 server/client). As go, be sure to edit your Makefiles to depend on mysqlclient.12 instead of mysqlclient.10 (I think this could be avoided by making a symlink under /usr/local/lib/mysql, but I'm not sure). FWIW, I get to have fun with my own "IMAP mail server for several thousand users" this weekend. I'm making the cut from an old box running qmail to a new one using Exim/Courier-IMAP. My first new mail server in some 3 years now, what fun it is. Oh, and you may want to send a nasty-gram to the ports mailing list screaming and yelling at them about this issue of building mysql3 when mysql4 was already installed. The MySQL3 port should have a check so that it won't build if a later version of MySQL is already installed. The other ports should check to see if *ANY* usable version of MySQL is installed, not just mysql3. > > Thanks > Tom NP, HTH, GL, and all that. -- Troy Settle Pulaski Networks http://www.psknet.com 540.994.4254 ~ 866.477.5638 Pulaski Chamber 2002 Small Business Of The Year From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 05:29:52 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B42537B404 for ; Fri, 6 Jun 2003 05:29:52 -0700 (PDT) Received: from mailout09.sul.t-online.com (mailout09.sul.t-online.com [194.25.134.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C7E143FAF for ; Fri, 6 Jun 2003 05:29:51 -0700 (PDT) (envelope-from Alexander@Leidinger.net) Received: from fwd10.aul.t-online.de by mailout09.sul.t-online.com with smtp id 19OGLh-0001Ls-04; Fri, 06 Jun 2003 14:29:37 +0200 Received: from Andro-Beta.Leidinger.net (V+rSP-ZEgeeTqqAch8HGEskbZORI6GaPTMDXtHEai10Z9m4g48tjce@[217.229.209.184]) by fmrl10.sul.t-online.com with esmtp id 19OGLP-26jNaq0; Fri, 6 Jun 2003 14:29:19 +0200 Received: from Magelan.Leidinger.net (Magelan [192.168.1.1]) h56CTHoM008647; Fri, 6 Jun 2003 14:29:17 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from Magelan.Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.12.9/8.12.9) with SMTP id h56CTHZB001430; Fri, 6 Jun 2003 14:29:17 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Date: Fri, 6 Jun 2003 14:29:17 +0200 From: Alexander Leidinger To: Scott Lambert Message-Id: <20030606142917.5020f8e2.Alexander@Leidinger.net> In-Reply-To: <20030605173333.GB38860@laptop.lambertfam.org> References: <026c01c32b7f$e694fab0$68c311cc@fortiva> <20030605173333.GB38860@laptop.lambertfam.org> X-Mailer: Sylpheed version 0.8.10claws (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Seen: false X-ID: V+rSP-ZEgeeTqqAch8HGEskbZORI6GaPTMDXtHEai10Z9m4g48tjce@t-dialin.net cc: freebsd-isp@freebsd.org Subject: Re: login class for mail users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 12:29:52 -0000 On Thu, 5 Jun 2003 13:33:34 -0400 Scott Lambert wrote: > The spamd deaths seem to be related to signal handling issues with some > of the perl modules that SpamAssassin uses in conjunction with the > --max-children option. It has been coverred on the SATalk mailing list > a few times. If you use perl 5.6 from the ports collection, could you please try compiling and installing it with "-DWITH_PERL_MALLOC" and look if it still dies? Bye, Alexander. -- Press every key to continue. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 06:43:20 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BD2837B401 for ; Fri, 6 Jun 2003 06:43:20 -0700 (PDT) Received: from webmail.emre.de (webmail.emre.de [194.8.203.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3155A43F85 for ; Fri, 6 Jun 2003 06:43:19 -0700 (PDT) (envelope-from info@emre.de) Received: by webmail.emre.de (Postfix, from userid 80) id 001F83A23C; Fri, 6 Jun 2003 15:45:11 +0200 (CEST) Received: from 194.8.193.125 ( [194.8.193.125]) as user emre@webmail.emre.de by webmail.emre.de with HTTP; Fri, 6 Jun 2003 15:45:11 +0200 Message-ID: <1054907111.3ee09ae7770c4@webmail.emre.de> Date: Fri, 6 Jun 2003 15:45:11 +0200 From: Emre Bastuz To: freebsd-isp@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.0 X-Originating-IP: 194.8.193.125 Subject: FreeBSD fails to detect Adaptec AHA39320/29320 / AIC-7902 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 13:43:20 -0000 Hi, I got a Fujitsu-Siemens Xeon server here on which I´d like to install 4.8. When booting from the installation CD (Mini-ISO) the setup fails to detect the particular on-board Adaptec controller with AIC-7902 chipset. Looking in the kernel config of another system I found out that the driver is supposed to be called "ahd". Any idea how I can convince the installer to recognize this controller? Thanks! Emre -- info@emre.de http://www.emre.de UIN: 561260 PGP Key ID: 0xAFAC77FD I don't see why some people even HAVE cars. -- Calvin From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 12:52:32 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5826C37B404 for ; Fri, 6 Jun 2003 12:52:32 -0700 (PDT) Received: from ctb-mesg2.saix.net (ctb-mesg2.saix.net [196.25.240.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F5DB43FB1 for ; Fri, 6 Jun 2003 12:52:30 -0700 (PDT) (envelope-from james@organicwire.net) Received: from [192.168.1.2] (rrba-bras-193-09.telkom-ipnet.co.za [165.165.193.9]) by ctb-mesg2.saix.net (Postfix) with ESMTP id 5CA261A8887 for ; Fri, 6 Jun 2003 21:52:25 +0200 (SAST) User-Agent: Microsoft-Entourage/10.1.1.2418 Date: Fri, 06 Jun 2003 21:52:19 +0200 From: James Godwin To: Message-ID: In-Reply-To: <1054907111.3ee09ae7770c4@webmail.emre.de> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Block exe files with Sendmail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 19:52:32 -0000 Hi, Can anyone point me in the direction of a solution, scripts or documentation detailing the removal of exe files using sendmail. Any suggestions would be greatly appreciated. Regards James From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:24:45 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 132A137B401 for ; Fri, 6 Jun 2003 16:24:45 -0700 (PDT) Received: from mordrede.visionsix.com (mordrede.visionsix.com [65.202.119.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A42843F75 for ; Fri, 6 Jun 2003 16:24:42 -0700 (PDT) (envelope-from lists@visionsix.com) Received: from vsis169 (unverified [65.202.119.169]) by mordrede.visionsix.com for ; Fri, 6 Jun 2003 18:24:40 -0500 Message-ID: <00f501c32c82$c53e9750$de0a0a0a@vsis169> From: "Lewis Watson" To: Date: Fri, 6 Jun 2003 18:24:20 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:24:45 -0000 I am a big fan of the ports collection and use the ports to build the programs I use on our production servers. Now I am wanting to update some ports and have a chicken and egg issue. If I go ahead and update a port (pure-ftpd for example)... After I run "CVSUP portfile" the old version that's running has no graceful way of being removed. If I try to remove it I am notified that the version that is running is not on the machine so then I guess force the uninstall? Either that or just do a make - make install and overwrite the old port binaries with the new binaries ( this does not seem good either). It appears the only way to cleanly upgrade a port is to deinstall the current port. Run CVSUP portfile... and get the new port files... do a make - make install and get the new version of the port installed. This opens the machine to several minutes of downtime while the program is being made... (not good either) Please tell me the way that it's being handled on your servers/ network... Thanks! Lewis From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:37:37 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4625F37B401 for ; Fri, 6 Jun 2003 16:37:37 -0700 (PDT) Received: from mail.lambertfam.org (www.lambertfam.org [216.223.208.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C21C43F85 for ; Fri, 6 Jun 2003 16:37:36 -0700 (PDT) (envelope-from lambert@lambertfam.org) Received: from laptop.lambertfam.org (laptop.int.lambertfam.org [10.1.0.2]) by mail.lambertfam.org (Postfix) with ESMTP id B10C334D24 for ; Fri, 6 Jun 2003 19:37:33 -0400 (EDT) Received: by laptop.lambertfam.org (Postfix, from userid 1000) id 40D4789DD; Fri, 6 Jun 2003 19:37:28 -0400 (EDT) Date: Fri, 6 Jun 2003 19:37:28 -0400 From: Scott Lambert To: freebsd-isp@FreeBSD.ORG Message-ID: <20030606233728.GA1005@laptop.lambertfam.org> Mail-Followup-To: freebsd-isp@FreeBSD.ORG References: <00f501c32c82$c53e9750$de0a0a0a@vsis169> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00f501c32c82$c53e9750$de0a0a0a@vsis169> User-Agent: Mutt/1.4.1i Subject: Re: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:37:37 -0000 On Fri, Jun 06, 2003 at 06:24:20PM -0500, Lewis Watson wrote: > I am a big fan of the ports collection and use the ports to build the > programs I use on our production servers. Now I am wanting to update some > ports and have a chicken and egg issue. If I go ahead and update a port > (pure-ftpd for example)... > > After I run "CVSUP portfile" the old version that's running has no > graceful way of being removed. If I try to remove it I am notified that > the version that is running is not on the machine so then I guess force > the uninstall? Either that or just do a make - make install and overwrite > the old port binaries with the new binaries ( this does not seem good > either). > > It appears the only way to cleanly upgrade a port is to deinstall the > current port. Run CVSUP portfile... and get the new port files... do a > make - make install and get the new version of the port installed. This > opens the machine to several minutes of downtime while the program is > being made... (not good either) > > Please tell me the way that it's being handled on your servers/ network... Are you referring to "make deinstall"? Don't use that to uninstall old packages. pkg_delete will remove a package for you. /usr/ports/sysutils/portupgrade will handle all of this for you including upgrading the required ports in the proper order. Portupgrade is also a faster typist. :-) -- Scott Lambert KC5MLE Unix SysAdmin lambert@lambertfam.org From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:39:31 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0123B37B401 for ; Fri, 6 Jun 2003 16:39:31 -0700 (PDT) Received: from ns1.kolorbit.com (ns1.kolorbit.com [81.31.32.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4DFA43F85 for ; Fri, 6 Jun 2003 16:39:29 -0700 (PDT) (envelope-from info@kolorbit.com) Received: from celeron1700 ([195.22.18.165]) by ns1.kolorbit.com (8.12.9/8.12.9) with SMTP id h56MjRPa034556; Sat, 7 Jun 2003 00:45:31 +0200 (CEST) (envelope-from info@kolorbit.com) Message-ID: <00b001c32c84$d4135d90$a51216c3@celeron1700> From: =?iso-8859-1?Q?Marco_Gon=E7alves?= To: , "Lewis Watson" References: <00f501c32c82$c53e9750$de0a0a0a@vsis169> Date: Sat, 7 Jun 2003 00:39:03 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:39:31 -0000 you really should check out portupgrade tool http://www.freshports.org/sysutils/portupgrade/ Bet regards Marco Gonçalves ----- Original Message ----- From: "Lewis Watson" To: Sent: Saturday, June 07, 2003 12:24 AM Subject: Updating Ports on Production Servers > I am a big fan of the ports collection and use the ports to build the > programs I use on our production servers. Now I am wanting to update some > ports and have a chicken and egg issue. If I go ahead and update a port > (pure-ftpd for example)... > > After I run "CVSUP portfile" the old version that's running has no > graceful way of being removed. If I try to remove it I am notified that > the version that is running is not on the machine so then I guess force > the uninstall? Either that or just do a make - make install and overwrite > the old port binaries with the new binaries ( this does not seem good > either). > > It appears the only way to cleanly upgrade a port is to deinstall the > current port. Run CVSUP portfile... and get the new port files... do a > make - make install and get the new version of the port installed. This > opens the machine to several minutes of downtime while the program is > being made... (not good either) > > Please tell me the way that it's being handled on your servers/ network... > Thanks! > Lewis > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:45:16 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A7BAC37B401 for ; Fri, 6 Jun 2003 16:45:16 -0700 (PDT) Received: from mail.westbend.net (ns1.westbend.net [216.47.253.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id A19A443F85 for ; Fri, 6 Jun 2003 16:45:15 -0700 (PDT) (envelope-from hetzels@westbend.net) Received: from Admin02 (admin02.westbend.net [216.47.253.19]) by mail.westbend.net (8.12.9/8.12.9) with SMTP id h56NjCTK079809; Fri, 6 Jun 2003 18:45:12 -0500 (CDT) (envelope-from hetzels@westbend.net) Message-ID: <007701c32c85$ad9547e0$13fd2fd8@Admin02> From: "Scot W. Hetzel" To: "Lewis Watson" , References: <00f501c32c82$c53e9750$de0a0a0a@vsis169> Date: Fri, 6 Jun 2003 18:45:14 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Virus-Scanned: by amavisd-milter (http://amavis.org/) X-Spam-Status: No, hits=-0.6 required=8.0 tests=QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_01_02, USER_AGENT_OE version=2.43 Subject: Re: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:45:16 -0000 From: "Lewis Watson" > I am a big fan of the ports collection and use the ports to build the > programs I use on our production servers. Now I am wanting to update some > ports and have a chicken and egg issue. If I go ahead and update a port > (pure-ftpd for example)... > > After I run "CVSUP portfile" the old version that's running has no > graceful way of being removed. If I try to remove it I am notified that > the version that is running is not on the machine so then I guess force > the uninstall? Either that or just do a make - make install and overwrite > the old port binaries with the new binaries ( this does not seem good > either). > > It appears the only way to cleanly upgrade a port is to deinstall the > current port. Run CVSUP portfile... and get the new port files... do a > make - make install and get the new version of the port installed. This > opens the machine to several minutes of downtime while the program is > being made... (not good either) > > Please tell me the way that it's being handled on your servers/ network... First you need to CVSUP your ports collection to update it, then you have two ways to upgrade the port: 1. Use the old upgrade method: a. cd /usr/ports// b. make build c. pkg_delete - d. make install Disadvantage: - Doesn't update the dependencies of the port. - Requires you to remove and reinstall all ports that depend on the port your installing. or 2. Use sysutils/portupgrade Advantage: - Upgrades dependencies for the port your installing. - Upgrades all ports that depend on the port your installing (and any port that had their dependencies updated) Scot From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:56:34 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1081637B404 for ; Fri, 6 Jun 2003 16:56:34 -0700 (PDT) Received: from ruminary.org (chiku.ruminary.org [216.218.185.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id B308A43FAF for ; Fri, 6 Jun 2003 16:56:33 -0700 (PDT) (envelope-from clark@ruminary.org) Received: by ruminary.org (Postfix, from userid 1000) id 91FA122E13; Fri, 6 Jun 2003 16:56:33 -0700 (PDT) Date: Fri, 6 Jun 2003 16:56:33 -0700 From: clark shishido To: Lewis Watson Message-ID: <20030606235633.GA13735@ruminary.org> References: <00f501c32c82$c53e9750$de0a0a0a@vsis169> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00f501c32c82$c53e9750$de0a0a0a@vsis169> User-Agent: Mutt/1.4.1i cc: freebsd-isp@FreeBSD.ORG Subject: Re: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:56:34 -0000 On Fri, Jun 06, 2003 at 06:24:20PM -0500, Lewis Watson wrote: > > It appears the only way to cleanly upgrade a port is to deinstall the > current port. Run CVSUP portfile... and get the new port files... do a > make - make install and get the new version of the port installed. This > opens the machine to several minutes of downtime while the program is > being made... (not good either) > If your production servers are similar enough and you aren't worried about hardware differences or CPU optimizations, just pick one server to cvsup to the latest ports tree and then do a "make package" then just do a pkg_delete old_pkg_name, and a pkg_add new_pkg_name.tgz --clark From owner-freebsd-isp@FreeBSD.ORG Fri Jun 6 16:57:17 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 551FF37B401 for ; Fri, 6 Jun 2003 16:57:17 -0700 (PDT) Received: from mordrede.visionsix.com (mordrede.visionsix.com [65.202.119.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id B082343F75 for ; Fri, 6 Jun 2003 16:57:16 -0700 (PDT) (envelope-from lists@visionsix.com) Received: from vsis169 (unverified [65.202.119.169]) by mordrede.visionsix.com for ; Fri, 6 Jun 2003 18:57:15 -0500 Message-ID: <005801c32c87$52734900$de0a0a0a@vsis169> From: "Lewis Watson" To: References: <00f501c32c82$c53e9750$de0a0a0a@vsis169> <00b001c32c84$d4135d90$a51216c3@celeron1700> Date: Fri, 6 Jun 2003 18:57:00 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: Updating Ports on Production Servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2003 23:57:17 -0000 Sent: Friday, June 06, 2003 6:39 PM Subject: Re: Updating Ports on Production Servers > you really should check out portupgrade tool > http://www.freshports.org/sysutils/portupgrade/ I didn't realize that portupgrade was that safe to use. Sounds like it is :-) Thanks everyone! Lewis From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 10:21:52 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D04F137B401 for ; Sat, 7 Jun 2003 10:21:52 -0700 (PDT) Received: from out003.verizon.net (out003pub.verizon.net [206.46.170.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 04C5343F85 for ; Sat, 7 Jun 2003 10:21:52 -0700 (PDT) (envelope-from cswiger@mac.com) Received: from mac.com ([141.149.47.46]) by out003.verizon.net (InterMail vM.5.01.05.33 201-253-122-126-133-20030313) with ESMTP id <20030607172151.KDID4805.out003.verizon.net@mac.com>; Sat, 7 Jun 2003 12:21:51 -0500 Message-ID: <3EE21F2A.6010807@mac.com> Date: Sat, 07 Jun 2003 13:21:46 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030529 X-Accept-Language: en-us, en MIME-Version: 1.0 To: James Godwin References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH at out003.verizon.net from [141.149.47.46] at Sat, 7 Jun 2003 12:21:50 -0500 cc: freebsd-isp@freebsd.org Subject: Re: Block exe files with Sendmail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jun 2003 17:21:53 -0000 James Godwin wrote: > Can anyone point me in the direction of a solution, scripts or documentation > detailing the removal of exe files using sendmail. Sure. Please take a look at /usr/ports/mail/mimedefang: 10-sec# cat pkg-descr MIMEDefang is a program for inspecting and modifying e-mail messages as they pass through your mail relay. MIMEDefang is written in Perl, and its filter actions are expressed in Perl, so it's highly flexible. Here are some things that you can do very easily with MIMEDefang: Delete or alter attachments based on file name, contents, results of a virus scan, attachment size, etc. Replace large attachments with links to a centrally-stored copy to ease the burden on POP3 users with slow modem links. Add boilerplate text to e-mail messages. Customize filter rules based on domain, user-name, relay machine, etc. Reject unacceptable messages, where you define what "unacceptable" means. Add or delete recipients for a message. WWW: http://www.mimedefang.org/ - Andrey V. Pevnev andrey@mgul.ac.ru From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 11:46:26 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 559C337B401 for ; Sat, 7 Jun 2003 11:46:26 -0700 (PDT) Received: from blue.gerhardt-it.com (gw.gerhardt-it.com [204.83.38.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8470543F93 for ; Sat, 7 Jun 2003 11:46:25 -0700 (PDT) (envelope-from scott@g-it.ca) Received: from [24.71.178.119] (h24-71-178-119.ss.shawcable.net [24.71.178.119]) by blue.gerhardt-it.com (Postfix) with ESMTP id 4310BFD96 for ; Sat, 7 Jun 2003 12:46:24 -0600 (CST) User-Agent: Microsoft-Entourage/10.1.1.2418 Date: Sat, 07 Jun 2003 12:46:21 -0600 From: Scott Gerhardt To: Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Mirroring Solution X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Jun 2003 18:46:26 -0000 Does anyone know of a good way to mirror two servers running Apache, PHP and MySQL on FreeBSD 4.8? The ideal solution would be real-time (synchronous) or near-real-time mirroring. The failover transfer is already taken care of. I think Rsync run from cron would do a good job of syncing the relatively static files (configs, php scripts etc.). I don't think Rsync would be a good way of mirroring the MySQL DB though. For that, I'm thinking of using MySQL's built in replication. I think dumping the MySQL data and importing into the slave would be a bit clumsy and slow especially when the DB grows quite large. Does anyone on the list have any recommendations or experience with mirroring of this type? Any other recommendations besides Rsync + MySQL replication? Thanks, -- Scott Gerhardt, P.Geo. Gerhardt Information Technologies [G-IT] From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 19:38:01 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C537F37B401 for ; Sat, 7 Jun 2003 19:37:59 -0700 (PDT) Received: from n34.grp.scd.yahoo.com (n34.grp.scd.yahoo.com [66.218.66.102]) by mx1.FreeBSD.org (Postfix) with SMTP id 1529F43FAF for ; Sat, 7 Jun 2003 19:37:57 -0700 (PDT) confirm-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com) X-eGroups-Return: confirm-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com Received: from [66.218.67.201] by n34.grp.scd.yahoo.com with NNFMP; 08 Jun 2003 02:37:53 -0000 Received: (qmail 51584 invoked by uid 7800); 8 Jun 2003 02:37:51 -0000 Date: 8 Jun 2003 02:37:51 -0000 Message-ID: <1055039871.51.51583.m9@yahoogroups.com> From: Yahoo!Groups To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Subject: Please confirm your request to join semanticweb X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: confirm-s2-DHKI_z9pq=z1az2dbj0J38Ozqsc-freebsd-isp=freebsd.org@yahoogroups.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2003 02:38:02 -0000 Hello freebsd-isp@freebsd.org, We have received your request to join the semanticweb group hosted by Yahoo! Groups, a free, easy-to-use community service. This request will expire in 21 days. TO BECOME A MEMBER OF THE GROUP: 1) Go to the Yahoo! Groups site by clicking on this link: http://groups.yahoo.com/i?i=DHKI_z9pq-z1az2dbj0J38Ozqsc&e=freebsd-isp%40freebsd%2Eorg (If clicking doesn't work, "Cut" and "Paste" the line above into your Web browser's address bar.) -OR- 2) REPLY to this email by clicking "Reply" and then "Send" in your email program If you did not request, or do not want, a membership in the semanticweb group, please accept our apologies and ignore this message. Regards, Yahoo! Groups Customer Care Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 19:39:23 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 744D737B405 for ; Sat, 7 Jun 2003 19:39:23 -0700 (PDT) Received: from n3.grp.scd.yahoo.com (n3.grp.scd.yahoo.com [66.218.66.86]) by mx1.FreeBSD.org (Postfix) with SMTP id EE46E43F75 for ; Sat, 7 Jun 2003 19:39:22 -0700 (PDT) notify-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com) X-eGroups-Return: notify-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com Received: from [66.218.67.158] by n3.grp.scd.yahoo.com with NNFMP; 08 Jun 2003 02:39:22 -0000 Date: 8 Jun 2003 02:39:21 -0000 Message-ID: <1055039961.150.37544.w37@yahoogroups.com> From: semanticweb Moderator To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Subject: Welcome to semanticweb X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2003 02:39:24 -0000 Hello, welcome to the Semantic Web Mailing List. The purpose of this mailing list is to relate the different existing ontology development efforts to each other and to split of new ones. To start sending messages to members of this group, simply send email to semanticweb@egroups.com If you do not wish to belong to semanticweb, you may unsubscribe by sending an email to semanticweb-unsubscribe@egroups.com Regards, Stefan Decker, SemanticWeb.org Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 21:09:30 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03B8637B401 for ; Sat, 7 Jun 2003 21:09:30 -0700 (PDT) Received: from n1.grp.scd.yahoo.com (n1.grp.scd.yahoo.com [66.218.66.64]) by mx1.FreeBSD.org (Postfix) with SMTP id 7FF7343F3F for ; Sat, 7 Jun 2003 21:09:29 -0700 (PDT) confirm-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com) X-eGroups-Return: confirm-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com Received: from [66.218.67.197] by n1.grp.scd.yahoo.com with NNFMP; 08 Jun 2003 04:09:29 -0000 Received: (qmail 92000 invoked by uid 7800); 8 Jun 2003 04:09:28 -0000 Date: 8 Jun 2003 04:09:28 -0000 Message-ID: <1055045368.51.91994.m4@yahoogroups.com> From: Yahoo!Groups Notification To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Subject: Please reply to unsubscribe from semanticweb X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: confirm-unsub-kUxozD1DwXQ1d9G22DmaAzK8NRw@yahoogroups.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2003 04:09:30 -0000 Hello, We have received a request from you to unsubscribe from the semanticweb group. Please confirm your request by replying to this message. If you do not wish to unsubscribe from semanticweb, please ignore this message. Regards, Yahoo! Groups Customer Care Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 21:11:01 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 877EE37B401 for ; Sat, 7 Jun 2003 21:11:01 -0700 (PDT) Received: from n25.grp.scd.yahoo.com (n25.grp.scd.yahoo.com [66.218.66.81]) by mx1.FreeBSD.org (Postfix) with SMTP id 1017143F93 for ; Sat, 7 Jun 2003 21:11:01 -0700 (PDT) notify-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com) X-eGroups-Return: notify-return-freebsd-isp=freebsd.org@returns.groups.yahoo.com Received: from [66.218.67.200] by n25.grp.scd.yahoo.com with NNFMP; 08 Jun 2003 04:11:00 -0000 Received: (qmail 73347 invoked by uid 7800); 8 Jun 2003 04:11:00 -0000 Date: 8 Jun 2003 04:11:00 -0000 Message-ID: <1055045460.86.73344.m8@yahoogroups.com> From: Yahoo!Groups Notification To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Subject: You have been unsubscribed from semanticweb X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2003 04:11:01 -0000 Hello, This is to inform you that your request to unsubscribe from semanticweb has been completed. Regards, Yahoo! Groups Customer Care Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ From owner-freebsd-isp@FreeBSD.ORG Sat Jun 7 23:32:53 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E655E37B401 for ; Sat, 7 Jun 2003 23:32:52 -0700 (PDT) Received: from web1.subnetmask.net (web1.subnetmask.net [207.44.145.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 243E943FCB for ; Sat, 7 Jun 2003 23:32:52 -0700 (PDT) (envelope-from freebsd@psyxakias.com) Received: (qmail 13999 invoked from network); 8 Jun 2003 06:32:49 -0000 Received: from athe535-c076.otenet.gr (HELO computer) (62.103.191.76) by bofh.reverse.net with SMTP; 8 Jun 2003 06:32:49 -0000 Message-ID: <001501c32d87$c7ecddd0$162ea8c0@computer> From: "PsYxAkIaS (FreeBSD)" To: Date: Sun, 8 Jun 2003 09:32:47 +0300 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Content-Type: text/plain; charset="iso-8859-7" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Apache crashing if user's www directory is deleted X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2003 06:32:53 -0000 Hello I use apache/2.045 and virtual hosts like that: ScriptAlias /cgi-bin/ /usr/homeb1/psyxakias/www/cgi-bin/ ServerName www.psyxakias.org ErrorLog /usr/homeb1/psyxakias/www-logs/error.log ServerAdmin psyxakias@psyxakias.org CustomLog /usr/homeb1/psyxakias/www-logs/custom.log common DocumentRoot /usr/homeb1/psyxakias/www If a user removes his www or cgi-bin directory, apache crashes on next = rehash/restart because it doesnt find the directory. Any solutions? I was thinking to change their permissions with = chown/chmod but as they have rwx on their homedir they will still be = able to delete the dirs.