From owner-freebsd-stable@FreeBSD.ORG Sun Jul 28 06:24:11 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3E6971A9 for ; Sun, 28 Jul 2013 06:24:11 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CFD862271 for ; Sun, 28 Jul 2013 06:24:10 +0000 (UTC) Received: from tom.home (kostik@localhost [127.0.0.1]) by kib.kiev.ua (8.14.7/8.14.7) with ESMTP id r6S6O3sY005687; Sun, 28 Jul 2013 09:24:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.8.3 kib.kiev.ua r6S6O3sY005687 Received: (from kostik@localhost) by tom.home (8.14.7/8.14.7/Submit) id r6S6O3eH005686; Sun, 28 Jul 2013 09:24:03 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Sun, 28 Jul 2013 09:24:03 +0300 From: Konstantin Belousov To: Dominic Fandrey Subject: Re: stopping amd causes a freeze Message-ID: <20130728062403.GD4972@kib.kiev.ua> References: <51ED0060.2050502@bsdforen.de> <20130722100720.GI5991@kib.kiev.ua> <51F0DA4B.3000809@bsdforen.de> <20130725100037.GM5991@kib.kiev.ua> <51F2AD8C.1000003@bsdforen.de> <51F385CE.1030606@bsdforen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4zI0WCX1RcnW9Hbu" Content-Disposition: inline In-Reply-To: <51F385CE.1030606@bsdforen.de> User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on tom.home Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jul 2013 06:24:11 -0000 --4zI0WCX1RcnW9Hbu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 27, 2013 at 10:33:18AM +0200, Dominic Fandrey wrote: > On 26/07/2013 19:10, Dominic Fandrey wrote: > > On 25/07/2013 12:00, Konstantin Belousov wrote: > >> On Thu, Jul 25, 2013 at 09:56:59AM +0200, Dominic Fandrey wrote: > >>> On 22/07/2013 12:07, Konstantin Belousov wrote: > >>>> On Mon, Jul 22, 2013 at 11:50:24AM +0200, Dominic Fandrey wrote: > >>>>> ... > >>>>> > >>>>> I run amd through sysutils/automounter, which is a scripting soluti= on > >>>>> that generates an amd.map file based on encountered devices and devd > >>>>> events. The SIGHUP it sends to amd to tell it the map file was upda= ted > >>>>> does not cause problems, only a -SIGKILL- SIGTERM may cause the fre= eze. > >>>>> > >>>>> Nothing was mounted (by amd) during the last freeze. > >>>>> > >>>>> ... > >>>> > >>>> Are you sure that the machine did not paniced ? Do you have serial = console ? > >>>> > >>>> The amd(8) locks itself into memory, most likely due to the fear of > >>>> deadlock. There are some known issues with user wirings in stable/9. > >>>> If the problem you see is indeed due to wiring, you might try to app= ly > >>>> r253187-r253191. > >>> > >>> I tried that. Applying the diff was straightforward enough. But the > >>> resulting kernel paniced as soon as it tried to mount the root fs. > >> You did provided a useful info to diagnose the issue. > >> > >> Patch should keep KBI compatible, but, just in case, if you have any > >> third-party module, rebuild it. > >> > >>> > >>> So I'll wait for the MFC from someone who knows what he/she is doing. > >> > >> Patch below booted for me, and I run some sanity check tests for the > >> mlockall(2), which also did not resulted in misbehaviour. > >> > >=20 > > Your patch applied cleanly and the system booted with the resulting > > kernel. > >=20 > > Amd exhibits several very strange behaviours. ... >=20 > I can verify the whole thing with a clean world and kernel. >=20 > This time I'll concentrate on the first instance of amd: >=20 > # tail -n3 /var/log/messages > Jul 27 10:08:56 mobileKamikaze kernel: newnfs server pid5868@mobileKamika= ze:/var/run/automounter.amd.mnt: not responding > Jul 27 10:09:41 mobileKamikaze kernel: newnfs server pid5868@mobileKamika= ze:/var/run/automounter.amd.mnt: not responding > Jul 27 10:11:41 mobileKamikaze last message repeated 3 times >=20 > The process, it turns out, simply doesn't exist. There is another > process, though: > # ps auxww | grep -F sbin/amd > root 5869 0.0 0.1 12036 8020 ?? S 10:08am 0:00.01 /usr/= sbin/amd -r -p -a /var/run/automounter.amd -c 4 -w 2 /var/run/automounter.a= md.mnt /var/run/automounter.amd.map >=20 > # cat /var/run/automounter.amd.pid > 5868 >=20 > Here is what I think happens, amd forks a subprocess and the main > process, silently dies after it wrote its pidfile. Nothing dies silently. Either process was killed by signal, or it exited with the explicit call to exit(2). In the first case, default kernel settings of kern.logsigexit should make a record in the syslog. The machdep.uprintf_signal might be also useful, but not for daemons. If the process called exit(2), ktrace would show it. >=20 > For completeness: > # mount > /dev/ufs/5root on / (ufs, local, noatime, soft-updates) > devfs on /dev (devfs, local, multilabel) > /dev/ufs/5stor on /pool/5stor (ufs, local, noatime, soft-updates) > /pool/5stor/usr on /usr (nullfs, local, noatime) > /pool/5stor/var on /var (nullfs, local, noatime) > /usr/home/root on /root (nullfs, local, noatime) > tmpfs on /var/log (tmpfs, local) > tmpfs on /var/run (tmpfs, local) > tmpfs on /tmp (tmpfs, local) >=20 > Everything else seems to work. I'll revert your patch for now and > wait for the MFC. I was unable to get useful information from any of your posts. My current plan is to merge the revisions after the 9.2 freeze is over. --4zI0WCX1RcnW9Hbu Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQIcBAEBAgAGBQJR9LkCAAoJEJDCuSvBvK1B/QYP/iyDVevCV8tkCBIkDbAZJ0Lb Lp2kHTAeu2hqwfzfzwiiEgO5toEHe7VeyJQ/3CxtkTQk4Y8d6hM5tpvrtOHM5SXJ faDE7v/kRwKuCblkZoUKVzuZA+4iR4SgvsCQDdGcYtAPwxLkBeEIslbp1eyC2cAy EzCbaw6wsDpzutLZyBxpZaPjnaayyL3rDLk46vZ67AgVL14z2+VcAH1sf/WuKdG6 e3B+HrUUC+f2cR/4l+R6ISe6BBynOVj2ZJ74FP2uj4sXUDW+fAue+imcnewm6PGA UOF7QL9+GuzuzmOuymIdBZtOik4JSJQxcpCubihPDCX18ho7wm2x1drxqrFjCGDe rrPf/aA19ilDiYbiZ2eEoAUhxuYx663wGJH5CrFhS5ELx0Mro6XaLhw+ES1iAyYN ki0zB7Kci3etcv3Bxnb789TpNCL35LO7neN2xOPnATLdJr20o+0RDtHLIKhV0s8x c0JGba/C02A9vL6JTmaSboIkc38CHKvggmYnpLHfge9WHfZI/1aCIKPSY9sIuTJq Sfns3PBMsbCfEYfOLVKWjhnfADo6335G73VVFBP5nhsc/5fPa4ohkw+mexCF/HCt 4ndlkcURK6uF6DHOxRyAUnWIV/CM9d1V6UxxnyH064q0X0UDzPnRJKD+zdFbNxEw z47noDqd2A+jE2sIwL2h =AK8D -----END PGP SIGNATURE----- --4zI0WCX1RcnW9Hbu-- From owner-freebsd-stable@FreeBSD.ORG Sun Jul 28 06:25:57 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6433B2BB for ; Sun, 28 Jul 2013 06:25:57 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C2BF92287 for ; Sun, 28 Jul 2013 06:25:56 +0000 (UTC) Received: from tom.home (kostik@localhost [127.0.0.1]) by kib.kiev.ua (8.14.7/8.14.7) with ESMTP id r6S6Pj6k006535; Sun, 28 Jul 2013 09:25:45 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.8.3 kib.kiev.ua r6S6Pj6k006535 Received: (from kostik@localhost) by tom.home (8.14.7/8.14.7/Submit) id r6S6PjIP006534; Sun, 28 Jul 2013 09:25:45 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Sun, 28 Jul 2013 09:25:45 +0300 From: Konstantin Belousov To: Michael Tratz Subject: Re: NFS deadlock on 9.2-Beta1 Message-ID: <20130728062545.GE4972@kib.kiev.ua> References: <780BC2DB-3BBA-4396-852B-0EBDF30BF985@esosoft.com> <806421474.2797338.1374956449542.JavaMail.root@uoguelph.ca> <20130727205815.GC4972@kib.kiev.ua> <602747E8-0EBE-4BB1-8019-C02C25B75FA1@esosoft.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HeFlAV5LIbMFYYuh" Content-Disposition: inline In-Reply-To: <602747E8-0EBE-4BB1-8019-C02C25B75FA1@esosoft.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on tom.home Cc: Steven Hartland , Rick Macklem , freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jul 2013 06:25:57 -0000 --HeFlAV5LIbMFYYuh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 27, 2013 at 03:13:05PM -0700, Michael Tratz wrote: > Let's assume the pid which started the deadlock is 14001 (it will be a di= fferent pid when we get the results, because the machine has been restarted) >=20 > I type: >=20 > show proc 14001 >=20 > I get the thread numbers from that output and type: >=20 > show thread xxxxx >=20 > for each one. >=20 > And a trace for each thread with the command? >=20 > tr xxxx >=20 > Anything else I should try to get or do? Or is that not the data at all y= ou are looking for? >=20 Yes, everything else which is listed in the 'debugging deadlocks' page must be provided, otherwise the deadlock cannot be tracked. The investigator should be able to see the whole deadlock chain (loop) to make any useful advance. --HeFlAV5LIbMFYYuh Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQIcBAEBAgAGBQJR9LloAAoJEJDCuSvBvK1BZKEQAKJPVA6C86tsBJ9zeLnHFsaf 2CV/2o3i3cduDJCCslQ0Af8oWjebfEAmESUdd6aW8QVN2b6UMJxXj1DZTF/NOStR c0oL53FMSu9fUEQs0SJ/vcqLNt7iVgaY7ytgzwtDp1jESQlMcP0H+XLPqXf9p0i8 YOwcso1LPabMulxayWr44xwlVjDluIuLXAc1FGe9Y6tRE8i4RZtsB24zAIk/Svv1 d0wrGWkLZL2Eh6G1niOPu71lRw9TqJRlu/J8r01onVoXL7apEQTjLhTro/COXmgg 5QMG6o/unsO+aCLrPwmi3TYNqBZe5asub8HIPfXYSgbi7VAOlY/ZsHAHvVRi5fTC DMuE7cCgqGXI+Yz3FauoYlsq5pDcAhcaxFyp3TSrlcWBJfu36woGWIvlfSBE61Ce LQO5nE2hbBmqUH4JbLCdHo5LfPISpdCyQ47MlGjWO9tJlcRZDYSZO2bNiw1c6WI5 H+23A98blf4XDBmEoJi2Dfcf1+fuHHXVRkKEGYttqssGS9ltukE+1tHOech7B52t uzTxoK3mkQLaH/KGN6Gks1m+AyOZXUvOMwWmkNEflDdUXNoucllRzvlxXhI95sX0 N1TK3xFgyAvnHOXhS5E6FetaFH4r+i60CLsaNLquAN/gO+/aY0K7DC5Ea2UixiEp /UVj+ETgcQROrhJceokw =K53t -----END PGP SIGNATURE----- --HeFlAV5LIbMFYYuh-- From owner-freebsd-stable@FreeBSD.ORG Sun Jul 28 08:25:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9C8254D2 for ; Sun, 28 Jul 2013 08:25:44 +0000 (UTC) (envelope-from kamikaze@bsdforen.de) Received: from mail.server1.bsdforen.de (bsdforen.de [82.193.243.81]) by mx1.freebsd.org (Postfix) with ESMTP id 22F1724B8 for ; Sun, 28 Jul 2013 08:25:43 +0000 (UTC) Received: from mobileKamikaze.norad (HSI-KBW-134-3-231-194.hsi14.kabel-badenwuerttemberg.de [134.3.231.194]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.server1.bsdforen.de (Postfix) with ESMTPSA id BE73B86209; Sun, 28 Jul 2013 10:25:35 +0200 (CEST) Message-ID: <51F4D57E.4040002@bsdforen.de> Date: Sun, 28 Jul 2013 10:25:34 +0200 From: Dominic Fandrey MIME-Version: 1.0 To: Konstantin Belousov Subject: Re: stopping amd causes a freeze References: <51ED0060.2050502@bsdforen.de> <20130722100720.GI5991@kib.kiev.ua> <51F0DA4B.3000809@bsdforen.de> <20130725100037.GM5991@kib.kiev.ua> <51F2AD8C.1000003@bsdforen.de> <51F385CE.1030606@bsdforen.de> <20130728062403.GD4972@kib.kiev.ua> In-Reply-To: <20130728062403.GD4972@kib.kiev.ua> Content-Type: text/plain; charset=ascii Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jul 2013 08:25:44 -0000 On 28/07/2013 08:24, Konstantin Belousov wrote: > On Sat, Jul 27, 2013 at 10:33:18AM +0200, Dominic Fandrey wrote: >> On 26/07/2013 19:10, Dominic Fandrey wrote: >>> On 25/07/2013 12:00, Konstantin Belousov wrote: >>>> On Thu, Jul 25, 2013 at 09:56:59AM +0200, Dominic Fandrey wrote: >>>>> On 22/07/2013 12:07, Konstantin Belousov wrote: >>>>>> On Mon, Jul 22, 2013 at 11:50:24AM +0200, Dominic Fandrey wrote: >>>>>>> ... >>>>>>> >>>>>>> I run amd through sysutils/automounter, which is a scripting solution >>>>>>> that generates an amd.map file based on encountered devices and devd >>>>>>> events. The SIGHUP it sends to amd to tell it the map file was updated >>>>>>> does not cause problems, only a -SIGKILL- SIGTERM may cause the freeze. >>>>>>> >>>>>>> Nothing was mounted (by amd) during the last freeze. >>>>>>> >>>>>>> ... >>>>>> >>>>>> Are you sure that the machine did not paniced ? Do you have serial console ? >>>>>> >>>>>> The amd(8) locks itself into memory, most likely due to the fear of >>>>>> deadlock. There are some known issues with user wirings in stable/9. >>>>>> If the problem you see is indeed due to wiring, you might try to apply >>>>>> r253187-r253191. >>>>> >>>>> I tried that. Applying the diff was straightforward enough. But the >>>>> resulting kernel paniced as soon as it tried to mount the root fs. >>>> You did provided a useful info to diagnose the issue. >>>> >>>> Patch should keep KBI compatible, but, just in case, if you have any >>>> third-party module, rebuild it. >>>> >>>>> >>>>> So I'll wait for the MFC from someone who knows what he/she is doing. >>>> >>>> Patch below booted for me, and I run some sanity check tests for the >>>> mlockall(2), which also did not resulted in misbehaviour. >>>> >>> >>> Your patch applied cleanly and the system booted with the resulting >>> kernel. >>> >>> Amd exhibits several very strange behaviours. ... >> >> I can verify the whole thing with a clean world and kernel. >> >> This time I'll concentrate on the first instance of amd: >> >> # tail -n3 /var/log/messages >> Jul 27 10:08:56 mobileKamikaze kernel: newnfs server pid5868@mobileKamikaze:/var/run/automounter.amd.mnt: not responding >> Jul 27 10:09:41 mobileKamikaze kernel: newnfs server pid5868@mobileKamikaze:/var/run/automounter.amd.mnt: not responding >> Jul 27 10:11:41 mobileKamikaze last message repeated 3 times >> >> The process, it turns out, simply doesn't exist. There is another >> process, though: >> # ps auxww | grep -F sbin/amd >> root 5869 0.0 0.1 12036 8020 ?? S 10:08am 0:00.01 /usr/sbin/amd -r -p -a /var/run/automounter.amd -c 4 -w 2 /var/run/automounter.amd.mnt /var/run/automounter.amd.map >> >> # cat /var/run/automounter.amd.pid >> 5868 >> >> Here is what I think happens, amd forks a subprocess and the main >> process, silently dies after it wrote its pidfile. > Nothing dies silently. Either process was killed by signal, or it > exited with the explicit call to exit(2). In the first case, default > kernel settings of kern.logsigexit should make a record in the syslog. > The machdep.uprintf_signal might be also useful, but not for daemons. Well, after I reverted your patch I got some things in the syslog. Sometimes amd works as expected, sometimes it dies right after starting: Jul 28 10:19:42 mobileKamikaze kernel: pid 24217 (amd), uid 0: exited on signal 11 (core dumped) This is just all over confusing. -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? From owner-freebsd-stable@FreeBSD.ORG Sun Jul 28 09:00:42 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 2A26AB2A for ; Sun, 28 Jul 2013 09:00:42 +0000 (UTC) (envelope-from danny@cs.huji.ac.il) Received: from kabab.cs.huji.ac.il (kabab.cs.huji.ac.il [132.65.16.84]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CF18E25BC for ; Sun, 28 Jul 2013 09:00:41 +0000 (UTC) Received: from pampa.cs.huji.ac.il ([132.65.80.32]) by kabab.cs.huji.ac.il with esmtp id 1V3Mq8-000FLb-27; Sun, 28 Jul 2013 12:00:32 +0300 X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.3 To: Dominic Fandrey Subject: Re: stopping amd causes a freeze In-reply-to: <51F4D57E.4040002@bsdforen.de> References: <51ED0060.2050502@bsdforen.de> <20130722100720.GI5991@kib.kiev.ua> <51F0DA4B.3000809@bsdforen.de> <20130725100037.GM5991@kib.kiev.ua> <51F2AD8C.1000003@bsdforen.de> <51F385CE.1030606@bsdforen.de> <20130728062403.GD4972@kib.kiev.ua> <51F4D57E.4040002@bsdforen.de> Comments: In-reply-to Dominic Fandrey message dated "Sun, 28 Jul 2013 10:25:34 +0200." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 28 Jul 2013 12:00:32 +0300 From: Daniel Braniss Message-ID: Cc: Konstantin Belousov , freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jul 2013 09:00:42 -0000 > On 28/07/2013 08:24, Konstantin Belousov wrote: > > On Sat, Jul 27, 2013 at 10:33:18AM +0200, Dominic Fandrey wrote: > >> On 26/07/2013 19:10, Dominic Fandrey wrote: > >>> On 25/07/2013 12:00, Konstantin Belousov wrote: > >>>> On Thu, Jul 25, 2013 at 09:56:59AM +0200, Dominic Fandrey wrote: > >>>>> On 22/07/2013 12:07, Konstantin Belousov wrote: > >>>>>> On Mon, Jul 22, 2013 at 11:50:24AM +0200, Dominic Fandrey wrote: > >>>>>>> ... > >>>>>>> > >>>>>>> I run amd through sysutils/automounter, which is a scripting solution > >>>>>>> that generates an amd.map file based on encountered devices and devd > >>>>>>> events. The SIGHUP it sends to amd to tell it the map file was updated > >>>>>>> does not cause problems, only a -SIGKILL- SIGTERM may cause the freeze. > >>>>>>> > >>>>>>> Nothing was mounted (by amd) during the last freeze. > >>>>>>> > >>>>>>> ... > >>>>>> > >>>>>> Are you sure that the machine did not paniced ? Do you have serial console ? > >>>>>> > >>>>>> The amd(8) locks itself into memory, most likely due to the fear of > >>>>>> deadlock. There are some known issues with user wirings in stable/9. > >>>>>> If the problem you see is indeed due to wiring, you might try to apply > >>>>>> r253187-r253191. > >>>>> > >>>>> I tried that. Applying the diff was straightforward enough. But the > >>>>> resulting kernel paniced as soon as it tried to mount the root fs. > >>>> You did provided a useful info to diagnose the issue. > >>>> > >>>> Patch should keep KBI compatible, but, just in case, if you have any > >>>> third-party module, rebuild it. > >>>> > >>>>> > >>>>> So I'll wait for the MFC from someone who knows what he/she is doing. > >>>> > >>>> Patch below booted for me, and I run some sanity check tests for the > >>>> mlockall(2), which also did not resulted in misbehaviour. > >>>> > >>> > >>> Your patch applied cleanly and the system booted with the resulting > >>> kernel. > >>> > >>> Amd exhibits several very strange behaviours. ... > >> > >> I can verify the whole thing with a clean world and kernel. > >> > >> This time I'll concentrate on the first instance of amd: > >> > >> # tail -n3 /var/log/messages > >> Jul 27 10:08:56 mobileKamikaze kernel: newnfs server pid5868@mobileKamikaze:/var/run/automounter.amd.mnt: not responding > >> Jul 27 10:09:41 mobileKamikaze kernel: newnfs server pid5868@mobileKamikaze:/var/run/automounter.amd.mnt: not responding > >> Jul 27 10:11:41 mobileKamikaze last message repeated 3 times > >> > >> The process, it turns out, simply doesn't exist. There is another > >> process, though: > >> # ps auxww | grep -F sbin/amd > >> root 5869 0.0 0.1 12036 8020 ?? S 10:08am 0:00.01 /usr/sbin/amd -r -p -a /var/run/automounter.amd -c 4 -w 2 /var/run/automounter.amd.mnt /var/run/automounter.amd.map > >> > >> # cat /var/run/automounter.amd.pid > >> 5868 > >> > >> Here is what I think happens, amd forks a subprocess and the main > >> process, silently dies after it wrote its pidfile. > > Nothing dies silently. Either process was killed by signal, or it > > exited with the explicit call to exit(2). In the first case, default > > kernel settings of kern.logsigexit should make a record in the syslog. > > The machdep.uprintf_signal might be also useful, but not for daemons. > > Well, after I reverted your patch I got some things in the syslog. > Sometimes amd works as expected, sometimes it dies right after starting: > Jul 28 10:19:42 mobileKamikaze kernel: pid 24217 (amd), uid 0: exited on signal 11 (core dumped) > > This is just all over confusing. just to confuse you a bit more :-) I gave up with mlockall(2) so I compiled amd statically linked. my 5 cents. danny From owner-freebsd-stable@FreeBSD.ORG Sun Jul 28 10:25:01 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D2A4BAFD for ; Sun, 28 Jul 2013 10:25:01 +0000 (UTC) (envelope-from ohartman@zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 91655284D for ; Sun, 28 Jul 2013 10:25:01 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.80.1) for freebsd-stable@freebsd.org with esmtp (envelope-from ) id <1V3O9r-0046Ce-RT>; Sun, 28 Jul 2013 12:24:59 +0200 Received: from g231191190.adsl.alicedsl.de ([92.231.191.190] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.80.1) for freebsd-stable@freebsd.org with esmtpsa (envelope-from ) id <1V3O9r-003TE0-OU>; Sun, 28 Jul 2013 12:24:59 +0200 Date: Sun, 28 Jul 2013 12:24:54 +0200 From: "O. Hartmann" To: freebsd-stable Subject: CLANG 3.3 and -stad=c++11 and -stdlib=libc++: isnan()/isninf() oddity Message-ID: <20130728122454.631e0fd5@thor.walstatt.dyndns.org> Organization: FU Berlin X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd10.0) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/NaLVL8.++4oT8UlByTs1px8"; protocol="application/pgp-signature" X-Originating-IP: 92.231.191.190 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jul 2013 10:25:01 -0000 --Sig_/NaLVL8.++4oT8UlByTs1px8 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable The issue reported here: http://unix.derkeiler.com/Mailing-Lists/FreeBSD/current/2013-07/msg00179.ht= ml is still present in FreeBSD 9.2-PRE, although it seemingly has been resolved in CURRENT. I run into this problem again on 9.2-PRE with a port that relies on strictness in C++11 conformity in libc++. Is this going to be patched in 9.2 anyway? regards, Oliver --Sig_/NaLVL8.++4oT8UlByTs1px8 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQEcBAEBAgAGBQJR9PF7AAoJEOgBcD7A/5N8ljIIAMzWBd6POqt8MFsIVPZpoPYe GUqJIyLaxlkqPAy4G2RwMEyOtkraFx6sYUPhlEPLyZC7RDmtrAfPuVrzwu2iQDRg WgdLJu9jzhYN6ogmg2yRJx5rc82p597HMcB8gU0HCRTqCF5w5R59TpDAEBX45+7r muHgLBuRCLECi2xHFbLghLlSDxHI5L6fcNir07rB+2VzE6bIRFlgathOb2ReVCK1 K3ciFOsAD2+qnbCp7HvVDQQhLH+oCJiKGKOU+TTSRZOvsUIZS3gdB+CRqSK3VgQR cLHKSBdAH1oCuqG/moMM24J5L8It5LnHr2QbNKJjhom7ezbkM6XKgnld0PPJKkc= =dnm5 -----END PGP SIGNATURE----- --Sig_/NaLVL8.++4oT8UlByTs1px8-- From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 09:18:40 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DBD6A494 for ; Mon, 29 Jul 2013 09:18:40 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [IPv6:2001:41d0:8:bdbe:0:1::]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 985EC28DF for ; Mon, 29 Jul 2013 09:18:40 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=2001:41d0:8:bdbe:1:ffff::; helo=restart.be; envelope-from=hlh@restart.be; receiver=freebsd-stable@freebsd.org DKIM-Filter: OpenDKIM Filter v2.8.3 tignes.restart.be 3c3b1264XfzSYB DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=restart.be; s=tignes; t=1375089511; bh=xaO1s+i4bvIkLZ9Alc7yh1uBLncHVnfgxguoqM9vd70=; h=Date:From:To:Subject; z=Date:=20Mon,=2029=20Jul=202013=2011:18:29=20+0200|From:=20Henri=2 0Hennebert=20|To:=20freebsd-stable@freebsd.org|Sub ject:=209.2-BETA2=20-=20Problem=20with=20newsyslog; b=zCH1+DoNKJvcQHHBVpgbBBXC8ngdSa2VW/Eb4QeKl8teFO8IZGZUqT8Lho6B1U6ji YZm4StOxx6CUP5xxGpf5KWTa4Lt74E50+hOFB0HV5aQwuC2oTqgvCBF/o9I84FLybC 9ebs9TQGXvW6jDtQQgdDhA2zMO/Do2ZKliIujiiNxHfMmHSQyCZir7VIsIGX8ATqeu T0pPm6GnAr7sa8pIleX68s37oz5Y0A8ByNvO2C6OyJCUSy7Vbohd5+xHd4ofeFCJp4 pIZsHcaSai/rp/wnMCIzR4/QXjj7ZY/x1Qp8bQ5l4auzQ3kGhG356VvFVDIsMMnVa3 EkTvkXwixSyxA== Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:8:bdbe:1:ffff::]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id 3c3b1264XfzSYB for ; Mon, 29 Jul 2013 11:18:30 +0200 (CEST) Received: from morzine.restart.bel (morzine.restart.be [IPv6:2001:41d0:8:bdbe:1:2::]) (authenticated bits=0) by restart.be (8.14.7/8.14.7) with ESMTP id r6T9ITc8055787 for ; Mon, 29 Jul 2013 11:18:29 +0200 (CEST) (envelope-from hlh@restart.be) Message-ID: <51F63365.8020108@restart.be> Date: Mon, 29 Jul 2013 11:18:29 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:17.0) Gecko/20130709 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: 9.2-BETA2 - Problem with newsyslog Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 09:18:40 -0000 Hello, My entry for newsyslog in /etc/crontab is: 0 * * * * root newsyslog -t \%Y-\%m-\%d_\%H:\%M And I get: newsyslog: Could not convert time string to time value: No such file or directory I try to use the newsyslog from head to to avail. This solution was working a month ago (see Revision 248776) My file system is zfs version 28. Henri From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 11:06:52 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 928EE1FB for ; Mon, 29 Jul 2013 11:06:52 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 65A482DE3 for ; Mon, 29 Jul 2013 11:06:52 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r6TB6qtm061917 for ; Mon, 29 Jul 2013 11:06:52 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r6TB6pQa061915 for freebsd-stable@FreeBSD.org; Mon, 29 Jul 2013 11:06:51 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 29 Jul 2013 11:06:51 GMT Message-Id: <201307291106.r6TB6pQa061915@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-stable@FreeBSD.org Subject: Current problem reports assigned to freebsd-stable@FreeBSD.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 11:06:52 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o i386/179112 stable 9.1 installer panics with a kmem_malloc() failure on i 1 problem total. From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 14:17:53 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F064B636 for ; Mon, 29 Jul 2013 14:17:53 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [IPv6:2001:41d0:8:bdbe:0:1::]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id AB9532928 for ; Mon, 29 Jul 2013 14:17:53 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=2001:41d0:8:bdbe:1:ffff::; helo=restart.be; envelope-from=hlh@restart.be; receiver=freebsd-stable@freebsd.org DKIM-Filter: OpenDKIM Filter v2.8.3 tignes.restart.be 3c3jfS2n40zSTr DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=restart.be; s=tignes; t=1375107472; bh=3hRlFsrI3s9UaF0+fMoEZhR38AGPV6wdHoyNbo6DRBA=; h=Date:From:To:Subject; z=Date:=20Mon,=2029=20Jul=202013=2016:17:50=20+0200|From:=20Henri=2 0Hennebert=20|To:=20freebsd-stable@freebsd.org|Sub ject:=209.2-BETA2=20bind=20=20+=20WITH_BIND_XML=3Dyes=20+=20libxml 2-2.8.0; b=cnDlurdttfq3j5pz4sjfVDR0Huo+qoul9DsDu5bnyNyLpFPuCBgUhybo+VuypWpIw Kwn+OOiSUzTP1TjN+gumo2z88UzwSRRf4aUArmexNXEyFPm/9/TVR+3dMrzHjTvadv ILzYxaBRG+1TprrWpHVU/manldeURbSGPXYKJNqlPZ0pM3wXVVajSjTYlMqo2DLhUB SdUchhoFYn1cisAYjLllxJ53oyi18LcNjdkiyMRaDekyFXJn0G5AT5uhIk2B0w1Ktg jfoBegrShdIJv/vbyte3EjeJYu8/1ZOrnLCxPmS3p9VovQc7WSaVmEpXREl0VEwEha siQuoT6A/6scQ== Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:8:bdbe:1:ffff::]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id 3c3jfS2n40zSTr for ; Mon, 29 Jul 2013 16:17:51 +0200 (CEST) Received: from morzine.restart.bel (morzine.restart.be [IPv6:2001:41d0:8:bdbe:1:2::]) (authenticated bits=0) by restart.be (8.14.7/8.14.7) with ESMTP id r6TEHoXP062472 for ; Mon, 29 Jul 2013 16:17:50 +0200 (CEST) (envelope-from hlh@restart.be) Message-ID: <51F6798E.80602@restart.be> Date: Mon, 29 Jul 2013 16:17:50 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:17.0) Gecko/20130709 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: 9.2-BETA2 bind + WITH_BIND_XML=yes + libxml2-2.8.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 14:17:54 -0000 Hello, When compiling world of 9.2-BETA2 and adding in /etc/src.conf WITH_BIND_XML=yes and with libxml2-2.8.0_2 (textproc/libxml2) installed in /usr/local I get this link error: ===> usr.bin/dig (all) /usr/local/lib/libxml2.a(xzlib.o): In function `__libxml2_xzclose': xzlib.c:(.text+0x69): undefined reference to `lzma_end' /usr/local/lib/libxml2.a(xzlib.o): In function `xz_decomp': xzlib.c:(.text+0x4a6): undefined reference to `lzma_code' /usr/local/lib/libxml2.a(xzlib.o): In function `xz_make': xzlib.c:(.text+0x8cd): undefined reference to `lzma_auto_decoder' xzlib.c:(.text+0xa04): undefined reference to `lzma_properties_decode' clang: error: linker command failed with exit code 1 (use -v to see invocation) *** [dig] Error code 1 Stop in /usr/src/usr.bin/dig. *** [all] Error code 1 Henri From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 20:44:49 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E78511CC for ; Mon, 29 Jul 2013 20:44:49 +0000 (UTC) (envelope-from prvs=0922382a3d=michael@esosoft.com) Received: from eagle.esosoft.net (eagle.esosoft.net [66.241.144.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CEFE42FA3 for ; Mon, 29 Jul 2013 20:44:49 +0000 (UTC) Received: from [74.100.23.197] (port=30160 helo=michaelimac.castillodelsol.com) by eagle.esosoft.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1V3uJ5-000LUM-MF; Mon, 29 Jul 2013 13:44:39 -0700 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: NFS deadlock on 9.2-Beta1 From: Michael Tratz In-Reply-To: <20130728062545.GE4972@kib.kiev.ua> Date: Mon, 29 Jul 2013 13:44:39 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <780BC2DB-3BBA-4396-852B-0EBDF30BF985@esosoft.com> <806421474.2797338.1374956449542.JavaMail.root@uoguelph.ca> <20130727205815.GC4972@kib.kiev.ua> <602747E8-0EBE-4BB1-8019-C02C25B75FA1@esosoft.com> <20130728062545.GE4972@kib.kiev.ua> To: Konstantin Belousov X-Mailer: Apple Mail (2.1508) Cc: freebsd-stable@freebsd.org, Rick Macklem , Steven Hartland X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 20:44:50 -0000 On Jul 27, 2013, at 11:25 PM, Konstantin Belousov = wrote: > On Sat, Jul 27, 2013 at 03:13:05PM -0700, Michael Tratz wrote: >> Let's assume the pid which started the deadlock is 14001 (it will be = a different pid when we get the results, because the machine has been = restarted) >>=20 >> I type: >>=20 >> show proc 14001 >>=20 >> I get the thread numbers from that output and type: >>=20 >> show thread xxxxx >>=20 >> for each one. >>=20 >> And a trace for each thread with the command? >>=20 >> tr xxxx >>=20 >> Anything else I should try to get or do? Or is that not the data at = all you are looking for? >>=20 > Yes, everything else which is listed in the 'debugging deadlocks' page > must be provided, otherwise the deadlock cannot be tracked. >=20 > The investigator should be able to see the whole deadlock chain (loop) > to make any useful advance. Ok, I have made some excellent progress in debugging the NFS deadlock. Rick! You are genius. :-) You found the right commit r250907 (dated May = 22) is the definitely the problem. Here is how I did the testing: One machine received a kernel before = r250907, the second machine received a kernel after r250907. Sure enough = within a few hours the machine with r250907 went into the usual deadlock = state. The machine without that commit kept on working fine. Then I went = back to the latest revision (r253726), but leaving r250907 out. The = machines have been running happy and rock solid without any deadlocks. I = have expanded the testing to 3 machines now and no reports of any = issues. I guess now Konstantin has to figure out why that commit is causing the = deadlock. Lovely! :-) I will get that information as soon as possible. = I'm a little behind with normal work load, but I expect to have the data = by Tuesday evening or Wednesday. Thanks again!! Michael From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 21:31:58 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3D5CB8CF; Mon, 29 Jul 2013 21:31:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mail0.glenbarber.us (mail0.glenbarber.us [IPv6:2607:fc50:1:2300:1001:1001:1001:face]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0FE7F21FD; Mon, 29 Jul 2013 21:31:58 +0000 (UTC) Received: from glenbarber.us (unknown [IPv6:2001:470:8:120e:1:1:c57c:729]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: gjb) by mail0.glenbarber.us (Postfix) with ESMTPSA id 63662B0D6; Mon, 29 Jul 2013 21:31:56 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.8.3 mail0.glenbarber.us 63662B0D6 Authentication-Results: mail0.glenbarber.us; dkim=none reason="no signature"; dkim-adsp=none Date: Mon, 29 Jul 2013 17:31:54 -0400 From: Glen Barber To: freebsd-stable@FreeBSD.org Subject: 9.2-BETA2 now available Message-ID: <20130729213154.GA74967@glenbarber.us> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="YiEDa0DAkWCtVeE4" Content-Disposition: inline X-Operating-System: FreeBSD 10.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: FreeBSD Release Engineering Team X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 21:31:58 -0000 --YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The second BETA build of the 9.2-RELEASE release cycle is now available on the FTP servers for the amd64, i386, powerpc64 and sparc64 architectures. The image checksums follow at the end of this email. ISO images and, for architectures that support it, the memory stick images are available here: ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.2/ (or any of the FreeBSD mirror sites). If you notice problems you can report them through the normal GNATS PR system or here on the -stable mailing list. If you would like to use SVN to do a source based update of an existing system use "stable/9". Please be aware that cvsup and CVS are both deprecated, and are not supported methods of updating the src/ tree. Changes between -BETA1 and -BETA2 include: - Fix an interoperability problem between FreeBSD NFS Server (version 4) and Linux NFS (version 4) clients. - Fix nvme(4) and nvd(4) to support non 512-byte sector sizes. - Fix freebsd-update(8) for -BETA2 by removing a file with non-POSIX characters in its name. This file is not needed for FreeBSD builds, and caused freebsd-update(8) to error on -BETA1. - Fix an XHCI regression. - Fix a bug in ipv6_prefix_IF. - Fix address range specification with various ifconfig(8) options. - Fix Denial of Service vulnerability in named(8). (SA FreeBSD-SA-13:07.bind) The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases. Systems running earlier FreeBSD releases can upgrade as follows: # freebsd-update upgrade -r 9.2-BETA2 During this process, FreeBSD Update may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly. # freebsd-update install The system must be rebooted with the newly installed kernel before continuing. # shutdown -r now After rebooting, freebsd-update needs to be run again to install the new userland components: # freebsd-update install It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x. Alternatively, the user can install misc/compat8x and other compatibility libraries, afterwards the system must be rebooted into the new userland: # shutdown -r now Finally, after rebooting, freebsd-update needs to be run again to remove stale files: # freebsd-update install Checksums: amd64: SHA256 (FreeBSD-9.2-BETA2-amd64-bootonly.iso) = df563426617320aecd3f9b689c988535bc10b15f8d24abc158639f73b41744b2 SHA256 (FreeBSD-9.2-BETA2-amd64-disc1.iso) = f5856159f540309010f43dc3b84989616a958fa601f7af3bf10787befbb17317 SHA256 (FreeBSD-9.2-BETA2-amd64-memstick.img) = 23383e0aa85f00b3333b8b847fcf6df2a61324566f308c7120b2e3c3c2f07dab MD5 (FreeBSD-9.2-BETA2-amd64-bootonly.iso) = 66fe4ea056def2a3401a3c0f46078801 MD5 (FreeBSD-9.2-BETA2-amd64-disc1.iso) = 3eebdc638edc3df03c75333dbbcc7a0d MD5 (FreeBSD-9.2-BETA2-amd64-memstick.img) = 0f649d209fb18ef5311bb3e9550377e0 i386: SHA256 (FreeBSD-9.2-BETA2-i386-bootonly.iso) = 1ed94740165c73200cbbc9e50b75ca76c477e32b44e1890e4d724a1251a780bd SHA256 (FreeBSD-9.2-BETA2-i386-disc1.iso) = b6d8b747a5e332de6214b4f62ccea27a8808b3c6c6510b452e20902bea0e9da6 SHA256 (FreeBSD-9.2-BETA2-i386-memstick.img) = 0380a0a45cafdfef2dcf7e69c59c29546b40d076408dd61a610e20b809c570f0 MD5 (FreeBSD-9.2-BETA2-i386-bootonly.iso) = dfbeb267a7b16dc0c75483b173c70aec MD5 (FreeBSD-9.2-BETA2-i386-disc1.iso) = 3dad925934740483701adc133163a790 MD5 (FreeBSD-9.2-BETA2-i386-memstick.img) = 04bc04a3bb874cd8857e7c1df6d0b321 powerpc64: SHA256 (FreeBSD-9.2-BETA2-powerpc-powerpc64-bootonly.iso) = d446f7caede1218d5b9731ba7e1acfe8b57040473b4e12c840e76e0da12a16be SHA256 (FreeBSD-9.2-BETA2-powerpc-powerpc64-disc1.iso) = 778bead64e9d425717f28ce4b4c7dfe8cc78fb0f7ad97c0b74332cc6cf77096d SHA256 (FreeBSD-9.2-BETA2-powerpc-powerpc64-memstick.img) = ea2274dbe75b278e0320630abad41153c6a0779cfbd43e3a183ed60cef264755 MD5 (FreeBSD-9.2-BETA2-powerpc-powerpc64-bootonly.iso) = a0691db803d075839b3ff34e4d2c345d MD5 (FreeBSD-9.2-BETA2-powerpc-powerpc64-disc1.iso) = 4315f836cceeb79b8176facda8bb3d02 MD5 (FreeBSD-9.2-BETA2-powerpc-powerpc64-memstick.img) = 9f33cde3fd56c66ace6862976e5ba32c sparc64: SHA256 (FreeBSD-9.2-BETA2-sparc64-bootonly.iso) = 99895a7aea48e063cbc4e9663c2bee9254647d2359561153571720819204b69c SHA256 (FreeBSD-9.2-BETA2-sparc64-disc1.iso) = cb9cda8ab557047da9c37c0caa51c2ffeafd37b8818f4803e2d1b68a18b65386 MD5 (FreeBSD-9.2-BETA2-sparc64-bootonly.iso) = de7e0f4427434ffd74e5675aa6c8999f MD5 (FreeBSD-9.2-BETA2-sparc64-disc1.iso) = 19dfc35017c39c6ed2ff3b6da829a316 Glen --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQEcBAEBCAAGBQJR9t9KAAoJEFJPDDeguUaj+vkH/RBPEXuU/v0Y0m7WEzI1TMGb eeeRJ3NYmGC2HGDpESls/cX00tgHmhwRtpGdWHBoezMuu3a5xLxX9NJMnRvB3n8f oNNZ0/g9hTF0qndv0aCruozAP1ZjzLxpS6WnoaAwwn7+pcrl2mDFen92tPB3uehE pw4U91IUFwOCDO6Qbav61r+iZGoqBsQOT0w+i9OcN+qUA4d1ilDuDhj2Whl+E2/1 bBzcA/p0hmhG0X8SZc8cq9+WCEY3hi+6Sxuv/4bRzEUPntqf9PhtMGuX25Udmh8F AyNohKLZ9q5GMIYaIx/PRam/ByWCP9vuF/U+7LZjIcGArwXHWTIdlSf5BxHs0Ts= =M73y -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4-- From owner-freebsd-stable@FreeBSD.ORG Mon Jul 29 23:37:15 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6E6C478C; Mon, 29 Jul 2013 23:37:15 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-jnhn.mail.uoguelph.ca (esa-jnhn.mail.uoguelph.ca [131.104.91.44]) by mx1.freebsd.org (Postfix) with ESMTP id 207F726E1; Mon, 29 Jul 2013 23:37:14 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AqEEAH379lGDaFve/2dsb2JhbABbhAuDELpfgTJ0giQBAQQBI1YFFhgCAg0ZAiM2BhMah2QDCQanFohzDYhegSiLbYI0NAeCZYEiA5V2jg+FJoMwIIFu X-IronPort-AV: E=Sophos;i="4.89,773,1367985600"; d="scan'208";a="42607342" Received: from muskoka.cs.uoguelph.ca (HELO zcs3.mail.uoguelph.ca) ([131.104.91.222]) by esa-jnhn.mail.uoguelph.ca with ESMTP; 29 Jul 2013 19:37:14 -0400 Received: from zcs3.mail.uoguelph.ca (localhost.localdomain [127.0.0.1]) by zcs3.mail.uoguelph.ca (Postfix) with ESMTP id 268F4B3F1D; Mon, 29 Jul 2013 19:37:12 -0400 (EDT) Date: Mon, 29 Jul 2013 19:37:12 -0400 (EDT) From: Rick Macklem To: Michael Tratz Message-ID: <1710471570.3603170.1375141032147.JavaMail.root@uoguelph.ca> In-Reply-To: Subject: Re: NFS deadlock on 9.2-Beta1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [172.17.91.202] X-Mailer: Zimbra 7.2.1_GA_2790 (ZimbraWebClient - FF3.0 (Win)/7.2.1_GA_2790) Cc: Konstantin Belousov , freebsd-stable@freebsd.org, Steven Hartland , re X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2013 23:37:15 -0000 Michael Tratz wrote: > > On Jul 27, 2013, at 11:25 PM, Konstantin Belousov > wrote: > > > On Sat, Jul 27, 2013 at 03:13:05PM -0700, Michael Tratz wrote: > >> Let's assume the pid which started the deadlock is 14001 (it will > >> be a different pid when we get the results, because the machine > >> has been restarted) > >> > >> I type: > >> > >> show proc 14001 > >> > >> I get the thread numbers from that output and type: > >> > >> show thread xxxxx > >> > >> for each one. > >> > >> And a trace for each thread with the command? > >> > >> tr xxxx > >> > >> Anything else I should try to get or do? Or is that not the data > >> at all you are looking for? > >> > > Yes, everything else which is listed in the 'debugging deadlocks' > > page > > must be provided, otherwise the deadlock cannot be tracked. > > > > The investigator should be able to see the whole deadlock chain > > (loop) > > to make any useful advance. > > Ok, I have made some excellent progress in debugging the NFS > deadlock. > > Rick! You are genius. :-) You found the right commit r250907 (dated > May 22) is the definitely the problem. > Nowhere close, take my word for it;-) (At least you put a smiley after it.) (I've never actually even been employed as a software developer, but that's off topic.) I just got lucky (basically there wasn't any other commit that seemed it might cause this). But, the good news is that it is partially isolated. Hopefully the debugging stuff you get for Kostik will allow him (I suspect he is a genius) to solve the problem. (If I was going to take another "shot in the dark", I'd guess its r250027 moving the vn_lock() call. Maybe calling vm_page_grab() with the shared vnode lock held?) I've added re@ to the cc list, since I think this might be a show stopper for 9.2? Thanks for reporting this and all your help with tracking it down, rick > Here is how I did the testing: One machine received a kernel before > r250907, the second machine received a kernel after r250907. Sure > enough within a few hours the machine with r250907 went into the > usual deadlock state. The machine without that commit kept on > working fine. Then I went back to the latest revision (r253726), but > leaving r250907 out. The machines have been running happy and rock > solid without any deadlocks. I have expanded the testing to 3 > machines now and no reports of any issues. > > I guess now Konstantin has to figure out why that commit is causing > the deadlock. Lovely! :-) I will get that information as soon as > possible. I'm a little behind with normal work load, but I expect to > have the data by Tuesday evening or Wednesday. > > Thanks again!! > > Michael > > From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 02:48:39 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6AC90D2C; Tue, 30 Jul 2013 02:48:39 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-ob0-x22c.google.com (mail-ob0-x22c.google.com [IPv6:2607:f8b0:4003:c01::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 26DF52E07; Tue, 30 Jul 2013 02:48:39 +0000 (UTC) Received: by mail-ob0-f172.google.com with SMTP id uz6so7401382obc.31 for ; Mon, 29 Jul 2013 19:48:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=W6NhDhNVjLNOd+KkPTQjoeA/dSYi6vg+ffqmSBznNIs=; b=STS9sL4bu4mMrVFLM6OCQ93OYkDo1E5y0UBrdN/tKwb2uOKJ2ggxNLK2AbH0qmIdsa okyvCKhaa4J4vdFvzL33GE2jukshh4fAXkF5Ovv2INT3+fHhZH3F9xPqB4UoJwDi12zw b6M6VP7xHDe6Wtgfzt7FUULRVEkvFvinKCwXO1D3Y6KK1H9D6TLAgMvlf+9MddLiPhbG Ruz7dT2KLDBt7icw62Jw7L65bB3L62SJpqRrOLCLvmXdKTz4fkC9XevGRRmzisASdP1M qlV6LVE9krzprmMjZvvTEHBr2lUe+XdSriYgifDwN+JkUGju2gKJxRCcX6FWDUoOrNqQ xoIQ== MIME-Version: 1.0 X-Received: by 10.42.215.11 with SMTP id hc11mr9160icb.9.1375152517946; Mon, 29 Jul 2013 19:48:37 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Mon, 29 Jul 2013 19:48:37 -0700 (PDT) In-Reply-To: <1710471570.3603170.1375141032147.JavaMail.root@uoguelph.ca> References: <1710471570.3603170.1375141032147.JavaMail.root@uoguelph.ca> Date: Mon, 29 Jul 2013 22:48:37 -0400 X-Google-Sender-Auth: WE67Cdk9uHIcpd-k59zue2OmcJ0 Message-ID: Subject: Re: NFS deadlock on 9.2-Beta1 From: J David To: Rick Macklem Content-Type: text/plain; charset=ISO-8859-1 Cc: Konstantin Belousov , Steven Hartland , freebsd-stable@freebsd.org, re , Michael Tratz X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 02:48:39 -0000 If it is helpful, we have 25 nodes testing the 9.2-BETA1 build and without especially trying to exercise this bug, we found sendfile()-using processes deadlocked in WCHAN newnfs on 5 of the 25 nodes. The ones with highest uptime (about 3 days) seem most affected, so it does seem like a "sooner or later" type of thing. Hopefully the fix is easy and it won't be an issue, but it definitely does seem like a problem 9.2-RELEASE would be better off without. Unfortunately we are not in a position to capture the requested debugging information at this time; none of those nodes are running a debug version of the kernel. If Michael is unable to get the information as he hopes, we can try to do that, possibly over the weekend. For the time being, we will convert half the machines to rollback r250907 to try to confirm that resolves the issue. Thanks all! If one has to encounter a problem like this, it is nice to come to the list and find the research already so well underway! From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 07:55:26 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 2E554967 for ; Tue, 30 Jul 2013 07:55:26 +0000 (UTC) (envelope-from demelier.david@gmail.com) Received: from mail-wg0-x22a.google.com (mail-wg0-x22a.google.com [IPv6:2a00:1450:400c:c00::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BD4302A90 for ; Tue, 30 Jul 2013 07:55:25 +0000 (UTC) Received: by mail-wg0-f42.google.com with SMTP id j13so3540717wgh.1 for ; Tue, 30 Jul 2013 00:55:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=AXPbDPUb/fsGaPyshMsva31qJN5Vjo+7TX0z6KLyujg=; b=aI3K/IIpODVdX1Av3Hcxyo39GxAKQNF6+eanu1dm5FocOYlZSUydRxYlXaVDeIhR15 RVqPebWErYNiJatEzDyyjkMz3txXZMYWIpr76OdAibEy3OqSuT6wa26s8KI6deyr78m4 q7Q6KgTHi/In9Tz64MYkaRUcVAgC56DT12cFunwV09hws5hfKshjggbGyV4Z5AHxbe2R KVidZ6msaLC7pA+LIeQMYfdjVXnQHfvgE08/PPcI/d+XLPBtpP0gRtLGdE18acRP2/T3 EUdLrrBOEaQe/VqpRmQTzDUJwzwEsBH7tFMx01VckN7JUfVLWg9qNHeQk+PZMcP6LLDH bjDg== MIME-Version: 1.0 X-Received: by 10.181.13.7 with SMTP id eu7mr118066wid.54.1375170923949; Tue, 30 Jul 2013 00:55:23 -0700 (PDT) Received: by 10.194.239.164 with HTTP; Tue, 30 Jul 2013 00:55:23 -0700 (PDT) Date: Tue, 30 Jul 2013 09:55:23 +0200 Message-ID: Subject: Bind in FreeBSD, security advisories From: David Demelier To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 07:55:26 -0000 Hi, For years, a lot of security advisories have been present for bind. I'm just guessing if it's not a good idea to remove bind from base? This will probably free by half the number of FreeBSD SA's in the future. Regards, -- Demelier David From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:21:43 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 2A0F0185 for ; Tue, 30 Jul 2013 12:21:43 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id F3BA52D48 for ; Tue, 30 Jul 2013 12:21:42 +0000 (UTC) Received: from compute5.internal (compute5.nyi.mail.srv.osa [10.202.2.45]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 868832199E for ; Tue, 30 Jul 2013 08:21:40 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute5.internal (MEProxy); Tue, 30 Jul 2013 08:21:41 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=Fa0245tmpU3Aci1Y5kVsdzjnWGM=; b=AYv q14o64JlEIjJF1aPN6DgcWOlVvUnNZjUa9o3YF7OQmVKqGvdEjMvyTHjsV8tDFjk rlPOFVKVps8sODci3gik3GG6OdGFsNMouZhLEsojT1XBC+sqXfhmBlIahh4av4qA W2PeHX1GaQyHN0snU4f873+Mm1Ye9oGHvhgNe/CQ= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id D806FB01EFF; Tue, 30 Jul 2013 08:21:40 -0400 (EDT) Message-Id: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> X-Sasl-Enc: TquLPt/xAwDX2YM5oMPPbZ750Ke2VvrJ/9A0LqaJmNWV 1375186900 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 In-Reply-To: References: Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 07:21:40 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:21:43 -0000 People don't seem upset about not having a webserver, IMAP/POP daemon, or LDAP server in base, so I don't understand what the big deal is about removing BIND. If the concern is over the rare case when you absolutely need a DNS recursor and there are none you can reach I suppose we should just import Unbound. However, if you can't reach any DNS servers I assume you can't reach the roots either, so I don't understand what a local recursor will gain you. I support removing BIND from base, but there's a larger conversation to be had (again). From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:39:42 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 12EFD105 for ; Tue, 30 Jul 2013 12:39:42 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com [IPv6:2a00:1450:4010:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8F2E42ED4 for ; Tue, 30 Jul 2013 12:39:41 +0000 (UTC) Received: by mail-la0-f47.google.com with SMTP id eo20so3355093lab.34 for ; Tue, 30 Jul 2013 05:39:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=yobKPVEn37E5l3gnyl3HOSH2bWcJ1DUVtxW0B6uj0Mw=; b=0bOWqXqSddIAbAEuaNdwKsPtWoQAZovtlRSiT9aFPDY3JUw07aSbU5Ucr7J6NF7h4G mayCJ4p2kkKVTY1YCPR1U325z35pN6uGtlUlPABGfRBvLBr134U1V+OIBMBoLdupRfU4 uK/3xz0WBMzEpSRx8pGaXcZVctrUNMC5PZBogqCrN2ePQKapLT05ssOQzK9D2m7t87ir S+jA/IRguqUMAXepB3UZD+4C6BLEUFhSx0b2kWCPTyhSUSxEPIW4mOwCLVCP3u459w9z FjO3PxeYebQra8A85SP6qeA6X1tjI4e+bwDYRCNsdp8Zmem8IBdt5fbfQZljgkVIiKkw I3iA== MIME-Version: 1.0 X-Received: by 10.152.21.131 with SMTP id v3mr29157558lae.50.1375187979402; Tue, 30 Jul 2013 05:39:39 -0700 (PDT) Received: by 10.112.201.41 with HTTP; Tue, 30 Jul 2013 05:39:39 -0700 (PDT) In-Reply-To: References: Date: Tue, 30 Jul 2013 13:39:39 +0100 Message-ID: Subject: Re: Bind in FreeBSD, security advisories From: Tom Evans To: David Demelier Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:39:42 -0000 On Tue, Jul 30, 2013 at 8:55 AM, David Demelier wrote: > Hi, > > For years, a lot of security advisories have been present for bind. > I'm just guessing if it's not a good idea to remove bind from base? > > This will probably free by half the number of FreeBSD SA's in the future. > Sure, but no bind in base also implies no dig, nslookup or host. Cheers Tom From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:43:05 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7CB4E2C2 for ; Tue, 30 Jul 2013 12:43:05 +0000 (UTC) (envelope-from gwiley@verisign.com) Received: from exprod6og103.obsmtp.com (exprod6og103.obsmtp.com [64.18.1.185]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CA4BD2F3B for ; Tue, 30 Jul 2013 12:43:02 +0000 (UTC) Received: from peregrine.verisign.com ([216.168.239.74]) (using TLSv1) by exprod6ob103.postini.com ([64.18.5.12]) with SMTP ID DSNKUfe00MDWQEgVdVje2HnZsl9+EV3FKecQ@postini.com; Tue, 30 Jul 2013 05:43:05 PDT Received: from BRN1WNEXCHM01.vcorp.ad.vrsn.com (brn1wnexchm01.vcorp.ad.vrsn.com [10.173.152.255]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id r6UCgpwA024672 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 30 Jul 2013 08:42:51 -0400 Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by BRN1WNEXCHM01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 08:42:51 -0400 From: "Wiley, Glen" To: Tom Evans , David Demelier Subject: Re: Bind in FreeBSD, security advisories Thread-Topic: Bind in FreeBSD, security advisories Thread-Index: AQHOjSHbu7+wS+edJUSJ+Xp1rPBZCZl9KlWA Date: Tue, 30 Jul 2013 12:42:51 +0000 Message-ID: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.6.130613 x-originating-ip: [10.173.152.4] Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Cc: "freebsd-stable@freebsd.org" X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:43:05 -0000 I think you could conceptually differentiate between DNS clients and servers and remove bind without removing the DNS clients. On 7/30/13 8:39 AM, "Tom Evans" wrote: >On Tue, Jul 30, 2013 at 8:55 AM, David Demelier > wrote: >> Hi, >> >> For years, a lot of security advisories have been present for bind. >> I'm just guessing if it's not a good idea to remove bind from base? >> >> This will probably free by half the number of FreeBSD SA's in the >>future. >> > >Sure, but no bind in base also implies no dig, nslookup or host. > >Cheers > >Tom >_______________________________________________ >freebsd-stable@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-stable >To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:45:58 2013 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C79086D6; Tue, 30 Jul 2013 12:45:58 +0000 (UTC) (envelope-from wollman@hergotha.csail.mit.edu) Received: from hergotha.csail.mit.edu (wollman-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:ccb::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 864F42FA7; Tue, 30 Jul 2013 12:45:58 +0000 (UTC) Received: from hergotha.csail.mit.edu (localhost [127.0.0.1]) by hergotha.csail.mit.edu (8.14.5/8.14.5) with ESMTP id r6UCju77028256; Tue, 30 Jul 2013 08:45:56 -0400 (EDT) (envelope-from wollman@hergotha.csail.mit.edu) Received: (from wollman@localhost) by hergotha.csail.mit.edu (8.14.5/8.14.4/Submit) id r6UCjuYs028255; Tue, 30 Jul 2013 08:45:56 -0400 (EDT) (envelope-from wollman) Date: Tue, 30 Jul 2013 08:45:56 -0400 (EDT) From: Garrett Wollman Message-Id: <201307301245.r6UCjuYs028255@hergotha.csail.mit.edu> To: feld@freebsd.org Subject: Re: Bind in FreeBSD, security advisories X-Newsgroups: mit.lcs.mail.freebsd-stable In-Reply-To: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> Organization: none X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (hergotha.csail.mit.edu [127.0.0.1]); Tue, 30 Jul 2013 08:45:56 -0400 (EDT) X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=disabled version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on hergotha.csail.mit.edu Cc: stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:45:58 -0000 In article <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com>, feld@freebsd.org writes: >just import Unbound. However, if you can't reach any DNS servers I >assume you can't reach the roots either, so I don't understand what a >local recursor will gain you. There are plenty of situations in which a remote recursive resolver is untrustworthy. (Some would say any situation.) It doesn't have to be BIND, but people do legitimately want the normal DNS diagnostic utilities, which sadly have been tied together with BIND for some years now. (I don't know why anyone would ever use nslookup(1), but host(1) and dig(1) are pretty much essential.) It is a little bit disconcerting to see that big chunks of our BSD heritage have turned into someone else's commercial product, but that seems to be the way of the world these days. -GAWollman From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:48:45 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 45B74948 for ; Tue, 30 Jul 2013 12:48:45 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C12DA3000 for ; Tue, 30 Jul 2013 12:48:44 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UCl3SL074760 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Tue, 30 Jul 2013 15:47:03 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F7B5C7.6050008@digsys.bg> Date: Tue, 30 Jul 2013 15:47:03 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> In-Reply-To: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:48:45 -0000 On 30.07.13 15:21, Mark Felder wrote: > People don't seem upset about not having a webserver, IMAP/POP daemon, > or LDAP server in base, so I don't understand what the big deal is about > removing BIND. I believe the primary reason these things are not in the base system is that they have plenty of dependencies, with possibly conflicting licenses etc. > If the concern is over the rare case when you absolutely > need a DNS recursor and there are none you can reach I suppose we should > just import Unbound. There are many and good reasons to include an fully featured name server, or at least full recursive resolver. For example, for properly supporting DNSSEC. We could in theory remove the BIND's authoritative name server executable... if that is attracting the SAs. The justification "reduce the number of SA's", that is, "the bad PR" is probably not enough. Going that direction, we should consider Comrade Stalin's maxim "FreeBSD exists, there are problems, here is the solution -- no FreeBSD, no problems!" :-) Daniel From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:57:43 2013 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 69EEAD86 for ; Tue, 30 Jul 2013 12:57:43 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3DBCC212B for ; Tue, 30 Jul 2013 12:57:43 +0000 (UTC) Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 1D7C8219FD; Tue, 30 Jul 2013 08:57:39 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Tue, 30 Jul 2013 08:57:40 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:cc:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=SlOLMXvqGqHBWZPrpriMkImFb9k=; b=c4V I1CQck8VGZ1G+BviH6XwpecJpEuMU/LOgIf85zYb83CqarfFT4GhEP6WvWGfotUA LvqpwovmebFj0zOsfn/tYlwrOHnOGqVNdeVEYJ8DT3k+tNbgH9mE7N7iWciwOvu1 ZZpmV/rkU2/4yQtMNATKP2pCe5/tOtZdQBLPWUpo= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 334D5B01EF5; Tue, 30 Jul 2013 08:57:38 -0400 (EDT) Message-Id: <1375189058.1905.3236731.5689550E@webmail.messagingengine.com> X-Sasl-Enc: 32f1lhE+J2eoH7njRJjTY6Hi8wAZCteg6xf/T9SpvEMt 1375189058 From: Mark Felder To: Garrett Wollman MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 In-Reply-To: <201307301245.r6UCjuYs028255@hergotha.csail.mit.edu> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <201307301245.r6UCjuYs028255@hergotha.csail.mit.edu> Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 07:57:38 -0500 Cc: stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:57:43 -0000 On Tue, Jul 30, 2013, at 7:45, Garrett Wollman wrote: > > There are plenty of situations in which a remote recursive resolver is > untrustworthy. (Some would say any situation.) It doesn't have to be > BIND, but people do legitimately want the normal DNS diagnostic > utilities, which sadly have been tied together with BIND for some > years now. (I don't know why anyone would ever use nslookup(1), but > host(1) and dig(1) are pretty much essential.) > If you're that paranoid about a remote resolver you'd have to be paranoid about someone doing a MITM on your DNS lookups altogether, since even having your own local recursor can't protect you from that as 99% of the web doesn't use DNSSEC. This will quickly turn into a security yak-shaving contest, but I completely understand your viewpoint. I'd vote for keeping the bind utilities in base; I use them every day. The ones provided with unbound work well, but finger memory... From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 12:59:15 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EB6F4EE4 for ; Tue, 30 Jul 2013 12:59:15 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C06092159 for ; Tue, 30 Jul 2013 12:59:15 +0000 (UTC) Received: from compute1.internal (compute1.nyi.mail.srv.osa [10.202.2.41]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id E0AD4210DA for ; Tue, 30 Jul 2013 08:59:13 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute1.internal (MEProxy); Tue, 30 Jul 2013 08:59:13 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=VG+cLaKL3yKO8DSUR+fzBHaR3Ho=; b=M+dY3 TWyxOCHpNy7McPVYCPaNeDlhR5aN/SMxpveMhLDJhkevsJahTjuBrULAwvQ7+Njr MLpqtANwi0Q1hvi/0iGXgzpaDA7OwWAid3aM2B5KLF5iKdomOjohAw3DhhEoDu32 z8quhtaGU1RLQemjAocW/+rYcFSw9pPq2kXxWc= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id C5760B01EF5; Tue, 30 Jul 2013 08:59:13 -0400 (EDT) Message-Id: <1375189153.2267.3238635.3FA46177@webmail.messagingengine.com> X-Sasl-Enc: MkkuR5M7UZCjudR33sfKmfcQRd9Y2YeBLvUieu2TQ8my 1375189153 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 07:59:13 -0500 In-Reply-To: <51F7B5C7.6050008@digsys.bg> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 12:59:16 -0000 On Tue, Jul 30, 2013, at 7:47, Daniel Kalchev wrote: > > We could in theory remove the BIND's authoritative name server > executable... if that is attracting the SAs. > It's the same executable, that's the problem :-) From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:13:05 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6C6FB5EF for ; Tue, 30 Jul 2013 13:13:05 +0000 (UTC) (envelope-from m.e.sanliturk@gmail.com) Received: from mail-ve0-x229.google.com (mail-ve0-x229.google.com [IPv6:2607:f8b0:400c:c01::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2BEA9221F for ; Tue, 30 Jul 2013 13:13:05 +0000 (UTC) Received: by mail-ve0-f169.google.com with SMTP id db10so4025574veb.0 for ; Tue, 30 Jul 2013 06:13:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=sJk7STTLd50FnAHWc3/3F0jwQAPo9m0+3SxqysMrDEA=; b=ICAIhJWfRGXGKfwpBnni5QK46wO6OwUmzPpYSvBiPTlNGmx2Q8Hc/BjBTJnU98bH92 KUSHSy2g0Rgk1CCvd+doLtzOfl964Jun2n94M9uTzjQYHQgKB9kmmsJpS7wRkrz2QeD/ Sp221wrKW5xBjrpYfc/1Z74T1/9W2g0sApcGTMG88JJd5EaaYu4gecHDIu2yWAWylWac 20AVyrknR3raqZXbAULFbKExhzYYmbJkAne4OUF02EgHZrIs5YNCe3e3R5AR2SuuUCln rkM7OUVIqdpy/8AEytHGaF4Gb3Yr9jcUAKhBowJrWFncCLbQAjvBYXUnkeA8YEWhxAu8 eSBQ== MIME-Version: 1.0 X-Received: by 10.221.4.4 with SMTP id oa4mr10012429vcb.70.1375189984303; Tue, 30 Jul 2013 06:13:04 -0700 (PDT) Received: by 10.59.11.225 with HTTP; Tue, 30 Jul 2013 06:13:04 -0700 (PDT) In-Reply-To: <51F7B5C7.6050008@digsys.bg> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> Date: Tue, 30 Jul 2013 09:13:04 -0400 Message-ID: Subject: Re: Bind in FreeBSD, security advisories From: Mehmet Erol Sanliturk To: Daniel Kalchev Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:13:05 -0000 On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev wrote: > > On 30.07.13 15:21, Mark Felder wrote: > >> People don't seem upset about not having a webserver, IMAP/POP daemon, >> or LDAP server in base, so I don't understand what the big deal is about >> removing BIND. >> > > I believe the primary reason these things are not in the base system is > that they have plenty of dependencies, with possibly conflicting licenses > etc. > > If the concern is over the rare case when you absolutely >> need a DNS recursor and there are none you can reach I suppose we should >> just import Unbound. >> > > There are many and good reasons to include an fully featured name server, > or at least full recursive resolver. For example, for properly supporting > DNSSEC. > We could in theory remove the BIND's authoritative name server > executable... if that is attracting the SAs. > > The justification "reduce the number of SA's", that is, "the bad PR" is > probably not enough. Going that direction, we should consider Comrade > Stalin's maxim "FreeBSD exists, there are problems, here is the solution -- > no FreeBSD, no problems!" :-) > > Daniel > Then , there exists a new problem : "There is no FreeBSD ..." Thank you very much . Mehmet Erol Sanliturk From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:32:47 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CF10DC66 for ; Tue, 30 Jul 2013 13:32:47 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4A08423F7 for ; Tue, 30 Jul 2013 13:32:46 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UDWi09084351 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Tue, 30 Jul 2013 16:32:44 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F7C07C.9060606@digsys.bg> Date: Tue, 30 Jul 2013 16:32:44 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: Mehmet Erol Sanliturk Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:32:47 -0000 On 30.07.13 16:13, Mehmet Erol Sanliturk wrote: > > > > On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev > wrote: > > > Going that direction, we should consider Comrade Stalin's maxim > "FreeBSD exists, there are problems, here is the solution -- no > FreeBSD, no problems!" :-) > > Daniel > > > > > Then , there exists a new problem : > > > "There is no FreeBSD ..." We already know Comrade Stalin's solution had... bugs. Not before millions parted with their lives... When/if we remove BIND from FreeBSD, we might find out whether that solution has bugs, or not. Not until then, though. Back to the topic :) My take on this is that removing BIND from the base today is.. irresponsible. First, most who use FreeBSD expect an DNS server to be readily available. Some people would just avoid to use any ports etc. BIND in base is well tested and known evil. If we are ever to replace it with something else, that something else has to prove itself - demonstrate that it is at least as good as BIND -- in the base system. In practice, not in theory. This is very much an situation like replacing gcc with clang/llvm. However, in the case of BIND we have no licensing problems, stability problems, performance problems etc --- just concerns that BIND generates many SAs -- which might be actually good indicator, as it demonstrates that BIND is worked on. I personally see no reason to remove BIND from base. If someone does not want BIND in their system, they could always use the WITHOUT_BIND build switch. Daniel From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:44:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id AE2EFFE9 for ; Tue, 30 Jul 2013 13:44:16 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6DBC22492 for ; Tue, 30 Jul 2013 13:44:16 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4ADe-0004eR-2t; Tue, 30 Jul 2013 15:44:06 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4ADe-00040Z-FL; Tue, 30 Jul 2013 15:44:06 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: "Mehmet Erol Sanliturk" , "Daniel Kalchev" Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> Date: Tue, 30 Jul 2013 15:44:04 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: <51F7C07C.9060606@digsys.bg> User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: 0.8 X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.1 X-Scan-Signature: 3b058867a8808b2a73617ccb478d635a Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:44:16 -0000 On Tue, 30 Jul 2013 15:32:44 +0200, Daniel Kalchev wrote: > > On 30.07.13 16:13, Mehmet Erol Sanliturk wrote: >> >> >> >> On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev > > wrote: >> >> >> Going that direction, we should consider Comrade Stalin's maxim >> "FreeBSD exists, there are problems, here is the solution -- no >> FreeBSD, no problems!" :-) >> >> Daniel >> >> >> >> >> Then , there exists a new problem : >> >> >> "There is no FreeBSD ..." > > We already know Comrade Stalin's solution had... bugs. Not before > millions parted with their lives... > > When/if we remove BIND from FreeBSD, we might find out whether that > solution has bugs, or not. Not until then, though. > > Back to the topic :) > > My take on this is that removing BIND from the base today is.. > irresponsible. First, most who use FreeBSD expect an DNS server to be > readily available. Interesting. What are your statistics of 'most' based on? Ronald. > Some people would just avoid to use any ports etc. > BIND in base is well tested and known evil. If we are ever to replace it > with something else, that something else has to prove itself - > demonstrate that it is at least as good as BIND -- in the base system. > In practice, not in theory. > > This is very much an situation like replacing gcc with clang/llvm. > However, in the case of BIND we have no licensing problems, stability > problems, performance problems etc --- just concerns that BIND generates > many SAs -- which might be actually good indicator, as it demonstrates > that BIND is worked on. > > I personally see no reason to remove BIND from base. If someone does not > want BIND in their system, they could always use the WITHOUT_BIND build > switch. > > Daniel > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:48:51 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 97EA528C for ; Tue, 30 Jul 2013 13:48:51 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by mx1.freebsd.org (Postfix) with SMTP id DC83E24C4 for ; Tue, 30 Jul 2013 13:48:50 +0000 (UTC) Received: (qmail 52477 invoked from network); 30 Jul 2013 13:42:08 -0000 Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33) by bizet.nethelp.no with SMTP; 30 Jul 2013 13:42:08 -0000 Date: Tue, 30 Jul 2013 15:42:08 +0200 (CEST) Message-Id: <20130730.154208.41672901.sthaug@nethelp.no> To: tevans.uk@googlemail.com Subject: Re: Bind in FreeBSD, security advisories From: sthaug@nethelp.no In-Reply-To: References: X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: demelier.david@gmail.com, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:48:51 -0000 > > For years, a lot of security advisories have been present for bind. > > I'm just guessing if it's not a good idea to remove bind from base? > > > > This will probably free by half the number of FreeBSD SA's in the future. > > > > Sure, but no bind in base also implies no dig, nslookup or host. Exactly. It's a slippery slope - if we continue removing useful functionality from FreeBSD there are fewer and fewer arguments for why one should use FreeBSD and not Linux. Yes, I know everything can be installed from packages/ports. Two of *my* main reasons for using FreeBSD is that: 1. It's an integrated *system*, not just a kernel. 2. The base system contains a lot of the useful functionality I need. and every contrib part which is removed, detracts from this. YMMV. Steinar Haug, Nethelp consulting, sthaug@nethelp.no From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:49:26 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E7E3A3A8 for ; Tue, 30 Jul 2013 13:49:26 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5963724DC for ; Tue, 30 Jul 2013 13:49:26 +0000 (UTC) Received: from compute2.internal (compute2.nyi.mail.srv.osa [10.202.2.42]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 7D1D3210D1 for ; Tue, 30 Jul 2013 09:49:18 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute2.internal (MEProxy); Tue, 30 Jul 2013 09:49:18 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=FKiRskWz3V7AcA2Hi3WjuYQXNMQ=; b=TuBQy tg+YuHZLCNOv8nZPYAURgI0FGn/fvfatMOO5JqhdqVApEKBNAHj9CD/6E1U8exTn iVMwi3VEOgazwDnoaZCCI11Nl6VKMnQT9csp627qPvNNmdH48mcTDnN36cLFtxRn i/iMfvtzDv7p/7DEBwlbjTC2ywHAIXJeAri+6U= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 5924BB01EFA; Tue, 30 Jul 2013 09:49:18 -0400 (EDT) Message-Id: <1375192158.20254.3259479.2B3D8903@webmail.messagingengine.com> X-Sasl-Enc: BXjScuzDUC3HPtdq8JsewsXFifd6Xn4qmK+PkLUyjFtM 1375192158 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 08:49:18 -0500 In-Reply-To: References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:49:27 -0000 On Tue, Jul 30, 2013, at 8:44, Ronald Klop wrote: > > Interesting. What are your statistics of 'most' based on? > Yes, this shouldn't be left to conjecture. A large community poll should be the first step IMHO. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:55:56 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EC2DB73F for ; Tue, 30 Jul 2013 13:55:56 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-vb0-x22a.google.com (mail-vb0-x22a.google.com [IPv6:2607:f8b0:400c:c02::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B0EB12530 for ; Tue, 30 Jul 2013 13:55:56 +0000 (UTC) Received: by mail-vb0-f42.google.com with SMTP id e12so1754307vbg.15 for ; Tue, 30 Jul 2013 06:55:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=w2sIPCDFOC4ZzusXt61fNi0KKLvmrdgqKHwyTRdUGY4=; b=sCFiF+ZC2JT/CdoMM/OkrBMtlTnbFiySovn1fUL/38YXygVPwIMYKZ5SbBBBJbh2EC UQ+u1wFYJjPSYOHTBuzJ+xtTn8Z/OPlhad6bqcT+8SDcrFFmP9gswl9w5nzU+DtwFdc1 QsrAEh7hIU2Zni7EYQkbo6UlPpV/8wQRwgQAthFoGy51+/HLqvKqkQDIReJxIM9EiVtT mEyWF8aNUKbbPwSUw50SK0T84Tb0u53WcdZQg50fHto/I47jetWnani2ymkhuPQR54yx RdShLPu5QWmY/5CIR2U2UY7U0FZ1JJlTkACBVioDmQeEQVPX66D4rgjZ+gVHBGOeByJK moNQ== MIME-Version: 1.0 X-Received: by 10.52.179.232 with SMTP id dj8mr135591vdc.51.1375192555533; Tue, 30 Jul 2013 06:55:55 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Tue, 30 Jul 2013 06:55:55 -0700 (PDT) Date: Tue, 30 Jul 2013 17:55:55 +0400 Message-ID: Subject: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:55:57 -0000 Hello everyone! I've just upgraded (binary) my server from FreeBSD 9.1-RELEASE amd64 to 9.2-BETA2. And my sendmail can't resolv any hostname. It says: Jul 30 17:28:54 reticulum sm-mta[3191]: r6UCqeun016122: to=, ctladdr= (1001/1001), delay=00:36:14, xdelay=00:00:00, mailer=esmtp, pri=300348, relay=kalmar.xxx.ru., dsn=4.0.0, stat=Deferred: Name server: kalmar.xxx.ru.: host name lookup failure Meanwhile, I didn't change anything in resolv.conf and I can't find anything wrong when I use nslookup manually. It works. Furthermore, when I set to mailertable something like xxx.ru smtp:[192.168.62.209] where ip address is address of another server (not kalmar's which is mx server) sendmail works but with strange log message Jul 30 17:44:17 octans sm-mta[11666]: r6UDiGhD011656: to=, ctladdr= (1001/1001), delay=00:00:01, xdelay=00:00:01, mailer=smtp, pri=30340, relay=[192.168.62.209] [192.168.62.209], dsn=2.0.0, stat=Sent (r6UDiG8v018961 Message accepted for delivery) Why it says relay's ip address two time in log? Is someone experiencing such problems? I mean can someone confirm similar behaviour? Could you please check on 9.2-BETA2 stuff like "echo bla | mail myemail@mydomain.com"? I can provide more info that you want. Thanks! From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 13:58:31 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F351F885; Tue, 30 Jul 2013 13:58:30 +0000 (UTC) (envelope-from gwiley@verisign.com) Received: from exprod6og120.obsmtp.com (exprod6og120.obsmtp.com [64.18.1.236]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 81B6E255D; Tue, 30 Jul 2013 13:58:30 +0000 (UTC) Received: from osprey.verisign.com ([216.168.239.75]) (using TLSv1) by exprod6ob120.postini.com ([64.18.5.12]) with SMTP ID DSNKUffGfzrLoDfx+YyE/zfG+Elg7uXUzkpE@postini.com; Tue, 30 Jul 2013 06:58:30 PDT Received: from brn1wnexcas02.vcorp.ad.vrsn.com (brn1wnexcas02.vcorp.ad.vrsn.com [10.173.152.206]) by osprey.verisign.com (8.13.6/8.13.4) with ESMTP id r6UD3eaN021986 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 30 Jul 2013 09:03:40 -0400 Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 09:03:40 -0400 From: "Wiley, Glen" To: Mark Felder , "freebsd-stable@freebsd.org" Subject: Re: Bind in FreeBSD, security advisories Thread-Topic: Bind in FreeBSD, security advisories Thread-Index: AQHOjR9nu7+wS+edJUSJ+Xp1rPBZCZl9bpaAgAADZ4D//74sgA== Date: Tue, 30 Jul 2013 13:03:40 +0000 Message-ID: In-Reply-To: <1375189153.2267.3238635.3FA46177@webmail.messagingengine.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.6.130613 x-originating-ip: [10.173.152.4] Content-Type: text/plain; charset="us-ascii" Content-ID: <48900900AC1310488E223B9CF181EC27@verisign.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 13:58:31 -0000 The package would have to be reworked to remove the name server - not an impossible task and you could make a case for it from an ideological perspective, but is it worth the work? On 7/30/13 8:59 AM, "Mark Felder" wrote: >On Tue, Jul 30, 2013, at 7:47, Daniel Kalchev wrote: >>=20 >> We could in theory remove the BIND's authoritative name server >> executable... if that is attracting the SAs. >>=20 > >It's the same executable, that's the problem :-) >_______________________________________________ >freebsd-stable@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-stable >To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:04:48 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 97ADBA9E for ; Tue, 30 Jul 2013 14:04:48 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6B2FB25B6 for ; Tue, 30 Jul 2013 14:04:48 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 5A3F320DEA for ; Tue, 30 Jul 2013 10:04:46 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Tue, 30 Jul 2013 10:04:46 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=guxMAzbxboOlJTc/oIq1jbY29HY=; b=R7w 5yd/cdXvqp+vLS6rTDwp5/+BnZRfGIPBYNWc+8tb8X5V0NUJ73g/k61FB63YTfdd bPsPr9IWWXJisSeP0veD6NPJoizsQat1DLYWx2+BY8mPf/ioBIumMcTvqjxc5MmJ dkwZH1YRI9KZtrBHljKVKM4gc2h4DTfjOuYQPASw= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 3B941B01EFA; Tue, 30 Jul 2013 10:04:46 -0400 (EDT) Message-Id: <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> X-Sasl-Enc: FTO/0yW8WVSor77nNUNLJeQZxcKI+VgvG3o0qoNFev6X 1375193086 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 In-Reply-To: <51F7C07C.9060606@digsys.bg> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 09:04:46 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:04:48 -0000 On Tue, Jul 30, 2013, at 8:32, Daniel Kalchev wrote: > > > This is very much an situation like replacing gcc with clang/llvm. > However, in the case of BIND we have no licensing problems, stability > problems, performance problems etc --- just concerns that BIND generates > many SAs -- which might be actually good indicator, as it demonstrates > that BIND is worked on. > There's a man with a name whose initials match DJB that would strongly disagree. Now he's not always the best person to reference, but he's made a succinct point with his own software, whether or not you like using it. Unbound/NSD are suitable replacements if we really need something in base, and they have been picked up by OpenBSD for a good reason -- clean, secure, readable, maintainable codebases and their use across the internet and on the ROOT servers is growing. > I personally see no reason to remove BIND from base. If someone does not > want BIND in their system, they could always use the WITHOUT_BIND build > switch. I'd be inclined to agree if it wasn't such a wholly insecure chunk of code. You don't see people whining about Sendmail in base when they prefer Postfix or Exim, but Sendmail doesn't have a new exploit every week. You do tend to need an MTA for getting messages off the system more than you need a local recursor/cache, but at least it's not causing you maintenance headaches. If you consider the possibility that a large enough percentage of users really desire a local recursor/cache it should be our duty to give them the best option available. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:05:08 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3258EB96 for ; Tue, 30 Jul 2013 14:05:08 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from ozzie.tundraware.com (ozzie.tundraware.com [75.145.138.73]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D2F3F25C1 for ; Tue, 30 Jul 2013 14:05:07 +0000 (UTC) Received: from [10.219.131.188] ([66.175.245.1]) (authenticated bits=0) by ozzie.tundraware.com (8.14.7/8.14.7) with ESMTP id r6UDr2IV042253 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Tue, 30 Jul 2013 08:53:03 -0500 (CDT) (envelope-from tundra@tundraware.com) Message-ID: <51F7C544.4050607@tundraware.com> Date: Tue, 30 Jul 2013 08:53:08 -0500 From: Tim Daneliuk Organization: TundraWare Inc. User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 MIME-Version: 1.0 To: freebsd-stable Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (ozzie.tundraware.com [75.145.138.73]); Tue, 30 Jul 2013 08:53:03 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: r6UDr2IV042253 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: tundra@tundraware.com List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:05:08 -0000 On 07/30/2013 08:13 AM, Mehmet Erol Sanliturk wrote: > On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev wrote: > >> >> On 30.07.13 15:21, Mark Felder wrote: >> >>> People don't seem upset about not having a webserver, IMAP/POP daemon, >>> or LDAP server in base, so I don't understand what the big deal is about >>> removing BIND. >>> >> >> I believe the primary reason these things are not in the base system is >> that they have plenty of dependencies, with possibly conflicting licenses >> etc. >> >> If the concern is over the rare case when you absolutely >>> need a DNS recursor and there are none you can reach I suppose we should >>> just import Unbound. >>> >> >> There are many and good reasons to include an fully featured name server, >> or at least full recursive resolver. For example, for properly supporting >> DNSSEC. >> We could in theory remove the BIND's authoritative name server >> executable... if that is attracting the SAs. >> >> The justification "reduce the number of SA's", that is, "the bad PR" is >> probably not enough. Going that direction, we should consider Comrade >> Stalin's maxim "FreeBSD exists, there are problems, here is the solution -- >> no FreeBSD, no problems!" :-) >> >> Daniel >> > > > > Then , there exists a new problem : > > > "There is no FreeBSD ..." > > > Thank you very much . > > Exactly. Either strip everything out of the base including things like perl or admit that there is more to a modern OS than just kernel and admin tools. -- ----------------------------------------------------------------------- Tim Daneliuk From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:07:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 20B36CE6 for ; Tue, 30 Jul 2013 14:07:32 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E96F425F7 for ; Tue, 30 Jul 2013 14:07:31 +0000 (UTC) Received: from compute5.internal (compute5.nyi.mail.srv.osa [10.202.2.45]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id CEF5D20C20 for ; Tue, 30 Jul 2013 10:07:30 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute5.internal (MEProxy); Tue, 30 Jul 2013 10:07:30 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=NDur4TpWtMSXb3iV+RIDeAwUoJc=; b=qB0 +YSQPbZH5J2xjzX/ltZ5xApBWPev08PJnAtuNwK1GbVbibR0O/Espqd5oEBDbeV4 T7qUZnP37swJLpvCbhhvPmKtonI1qmJV/cucaJMZnKOj/uiTFmEC/IbirxlzZ24G fuEUxcz2W+7t2NHsblXdD7jPZF2KEEMYJNsMiNHY= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id B5FA9B01EFC; Tue, 30 Jul 2013 10:07:30 -0400 (EDT) Message-Id: <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> X-Sasl-Enc: kmkT+rDofrT5+SuWSQ47dqLCImvAA3ku/pELs3fH+Mmh 1375193250 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 In-Reply-To: <20130730.154208.41672901.sthaug@nethelp.no> References: <20130730.154208.41672901.sthaug@nethelp.no> Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 09:07:30 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:07:32 -0000 On Tue, Jul 30, 2013, at 8:42, sthaug@nethelp.no wrote: > > and every contrib part which is removed, detracts from this. > And every contrib part that is added to base is another piece of software that rots for the life of a major release and ends up getting replaced by frustrated endusers with the latest in ports... The tight integration of the base system that everyone appreciates and respects is far below high-level software like BIND. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:10:13 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F3431102 for ; Tue, 30 Jul 2013 14:10:12 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B29342637 for ; Tue, 30 Jul 2013 14:10:12 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4Acr-00017z-ID for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 16:10:10 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4Acr-0005ah-Tq for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 16:10:09 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> Date: Tue, 30 Jul 2013 16:10:07 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: 0.8 X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.1 X-Scan-Signature: e462de357cb394d64966911c06262bc8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:10:13 -0000 On Tue, 30 Jul 2013 16:04:46 +0200, Mark Felder wrote: > On Tue, Jul 30, 2013, at 8:32, Daniel Kalchev wrote: >> >> >> This is very much an situation like replacing gcc with clang/llvm. >> However, in the case of BIND we have no licensing problems, stability >> problems, performance problems etc --- just concerns that BIND generates >> many SAs -- which might be actually good indicator, as it demonstrates >> that BIND is worked on. >> > > There's a man with a name whose initials match DJB that would strongly > disagree. Now he's not always the best person to reference, but he's > made a succinct point with his own software, whether or not you like > using it. > > Unbound/NSD are suitable replacements if we really need something in > base, and they have been picked up by OpenBSD for a good reason -- > clean, secure, readable, maintainable codebases and their use across the > internet and on the ROOT servers is growing. > >> I personally see no reason to remove BIND from base. If someone does not >> want BIND in their system, they could always use the WITHOUT_BIND build >> switch. > > I'd be inclined to agree if it wasn't such a wholly insecure chunk of > code. You don't see people whining about Sendmail in base when they > prefer Postfix or Exim, but Sendmail doesn't have a new exploit every > week. You do tend to need an MTA for getting messages off the system > more than you need a local recursor/cache, but at least it's not causing > you maintenance headaches. If you consider the possibility that a large > enough percentage of users really desire a local recursor/cache it > should be our duty to give them the best option available. DragonflyBSD also removed BIND from base some time ago. http://www.shiningsilence.com/dbsdlog/2010/05/06/5853.html Ronald. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:12:56 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 21A65227 for ; Tue, 30 Jul 2013 14:12:56 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D4990265A for ; Tue, 30 Jul 2013 14:12:55 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4AfU-0001d4-Sk; Tue, 30 Jul 2013 16:12:54 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4AfU-0005er-Pn; Tue, 30 Jul 2013 16:12:52 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: freebsd-stable , "Tim Daneliuk" Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C544.4050607@tundraware.com> Date: Tue, 30 Jul 2013 16:12:50 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: <51F7C544.4050607@tundraware.com> User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: 0.8 X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled version=3.3.1 X-Scan-Signature: 7006e789400ccdeb5065f5d065827fb5 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:12:56 -0000 On Tue, 30 Jul 2013 15:53:08 +0200, Tim Daneliuk wrote: > On 07/30/2013 08:13 AM, Mehmet Erol Sanliturk wrote: >> On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev >> wrote: >> >>> >>> On 30.07.13 15:21, Mark Felder wrote: >>> >>>> People don't seem upset about not having a webserver, IMAP/POP daemon, >>>> or LDAP server in base, so I don't understand what the big deal is >>>> about >>>> removing BIND. >>>> >>> >>> I believe the primary reason these things are not in the base system is >>> that they have plenty of dependencies, with possibly conflicting >>> licenses >>> etc. >>> >>> If the concern is over the rare case when you absolutely >>>> need a DNS recursor and there are none you can reach I suppose we >>>> should >>>> just import Unbound. >>>> >>> >>> There are many and good reasons to include an fully featured name >>> server, >>> or at least full recursive resolver. For example, for properly >>> supporting >>> DNSSEC. >>> We could in theory remove the BIND's authoritative name server >>> executable... if that is attracting the SAs. >>> >>> The justification "reduce the number of SA's", that is, "the bad PR" is >>> probably not enough. Going that direction, we should consider Comrade >>> Stalin's maxim "FreeBSD exists, there are problems, here is the >>> solution -- >>> no FreeBSD, no problems!" :-) >>> >>> Daniel >>> >> >> >> >> Then , there exists a new problem : >> >> >> "There is no FreeBSD ..." >> >> >> Thank you very much . >> >> > > Exactly. Either strip everything out of the base > including things like perl or admit that there is more > to a modern OS than just kernel and admin tools. > > > You have perl in base? http://bsd.slashdot.org/story/02/05/14/0015234/freebsd-perl-to-be-removed ;-) Ronald. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:13:06 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6AFF6315; Tue, 30 Jul 2013 14:13:06 +0000 (UTC) (envelope-from cross+freebsd@distal.com) Received: from mail.distal.com (mail.distal.com [IPv6:2001:470:e24c:200::ae25]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3DE7D265B; Tue, 30 Jul 2013 14:13:06 +0000 (UTC) Received: from zalamar.mm-corp.net ([65.207.51.171]) (authenticated bits=0) by mail.distal.com (8.14.3/8.14.3) with ESMTP id r6UED4IC029272 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 30 Jul 2013 10:13:04 -0400 (EDT) Subject: Re: Bind in FreeBSD, security advisories Mime-Version: 1.0 (Apple Message framework v1283) Content-Type: text/plain; charset=windows-1252 From: Chris Ross In-Reply-To: <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> Date: Tue, 30 Jul 2013 10:12:28 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: <0702C520-F540-4A8C-B3D9-8B3A1701CF33@distal.com> References: <20130730.154208.41672901.sthaug@nethelp.no> <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> To: Mark Felder X-Mailer: Apple Mail (2.1283) Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:13:06 -0000 On Jul 30, 2013, at 10:07 , Mark Felder wrote: > On Tue, Jul 30, 2013, at 8:42, sthaug@nethelp.no wrote: >>=20 >> and every contrib part which is removed, detracts from this. >=20 > And every contrib part that is added to base is another piece of > software that rots for the life of a major release and ends up getting > replaced by frustrated endusers with the latest in ports=85 I do generally agree with this point, but it's not "every contrib = part". Many contrib additions can be useful to a majority, and not rotting software. Some will use more recent replacements from ports, others won't, but it's not always bad. > The tight integration of the base system that everyone appreciates and > respects is far below high-level software like BIND. I agree with this point too, however I, like others have voiced, feel strongly that diagnostic [client] tools like host and/or dig are not at all "high-level software" and _need_ to be present in a base system. Whosever they are. - Chris From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:13:52 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 4DC98425 for ; Tue, 30 Jul 2013 14:13:52 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0C11D2676 for ; Tue, 30 Jul 2013 14:13:51 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4AgQ-0001oh-8F for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 16:13:50 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4AgQ-0005gI-3s for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 16:13:50 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <20130730.154208.41672901.sthaug@nethelp.no> <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> Date: Tue, 30 Jul 2013 16:13:47 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: -0.0 X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.1 X-Scan-Signature: 38b42a75504d14ed68437fa295b89bc6 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:13:52 -0000 On Tue, 30 Jul 2013 16:07:30 +0200, Mark Felder wrote: > On Tue, Jul 30, 2013, at 8:42, sthaug@nethelp.no wrote: >> >> and every contrib part which is removed, detracts from this. >> > > And every contrib part that is added to base is another piece of > software that rots for the life of a major release and ends up getting > replaced by frustrated endusers with the latest in ports... > > The tight integration of the base system that everyone appreciates and > respects is far below high-level software like BIND. +1 From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:15:03 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 64F2D54E for ; Tue, 30 Jul 2013 14:15:03 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from mail-qe0-x22f.google.com (mail-qe0-x22f.google.com [IPv6:2607:f8b0:400d:c02::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 277AD2694 for ; Tue, 30 Jul 2013 14:15:03 +0000 (UTC) Received: by mail-qe0-f47.google.com with SMTP id b10so1657676qen.20 for ; Tue, 30 Jul 2013 07:15:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LjB82AaT2rWg2wQC8Z9mp88PNiB/R1FdpQbZzYM3bhk=; b=mYrRhaNJKbBie6lEYUDxTEWoaZbzWuBSc64LR+ZTIYMJMdAXkYH+TuJqR1oxt9Rm9F 5VF27Ag8cqe/ImZVuTimam8qwBe82uyWY49ZvtiQAuNUDj0UWvf1zWuyb98aMKv2QlI9 tzzpQ/gqo2vq6v31VQbkS+TT7rh3t02hjUAX0knxMyMAcRD6rC/DpnPsUh4LrpzKiqgd k0h7/rqEzfulcdBF9bxgTN+oSsJp0nUpidJ1KBUjx+KhBLq+mhdhqEEjURVpxbHM1Qoj 9d/YWTFkKV1qjN28392K/63R5c9yU+AnpwRZqdFMIx1Mbez2Ot7GnmnBP0R8g2wwEx+H FfpA== MIME-Version: 1.0 X-Received: by 10.49.83.73 with SMTP id o9mr75758453qey.71.1375193697744; Tue, 30 Jul 2013 07:14:57 -0700 (PDT) Received: by 10.49.49.135 with HTTP; Tue, 30 Jul 2013 07:14:57 -0700 (PDT) Received: by 10.49.49.135 with HTTP; Tue, 30 Jul 2013 07:14:57 -0700 (PDT) In-Reply-To: References: Date: Tue, 30 Jul 2013 07:14:57 -0700 Message-ID: Subject: Re: Bind in FreeBSD, security advisories From: Freddie Cash To: David Demelier Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:15:03 -0000 On 2013-07-30 12:55 AM, "David Demelier" wrote: > > Hi, > > For years, a lot of security advisories have been present for bind. > I'm just guessing if it's not a good idea to remove bind from base? > > This will probably free by half the number of FreeBSD SA's in the future. Hasn't this discussion occurred several times already on the -current mailing list over the past year? And hadn't unbound and/or ldns been imported into - current already? This just seems very familiar somehow... From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:15:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7834364D for ; Tue, 30 Jul 2013 14:15:16 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x231.google.com (mail-ve0-x231.google.com [IPv6:2607:f8b0:400c:c01::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 395DF269E for ; Tue, 30 Jul 2013 14:15:16 +0000 (UTC) Received: by mail-ve0-f177.google.com with SMTP id cz11so1875255veb.8 for ; Tue, 30 Jul 2013 07:15:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=jC36Q1ZDjqJcJ0FW+G0KwAWG/8FliUn94W01p9kCdBo=; b=B2inoKzeeCyrX0dlxPiagL71VES2WuImJbhSQd2FhgUwKHpjqLiJSuL5UjXcYbVWTO mG4jqHFnsWFg/swqu1OAxrGK/Eml0nDRjBJ2HKEBSmUt7RJ/CcftEJQskdwoK1JkiNs2 27NY0B//Ghj3p7Kle9Nvcvwr5EDzzBVg8ArpjtnnqYD8XkphZVEFgpNvCQdD5dXu8MYn U3MiQjh8U2PtL/+vRwwEdFPtmb3ILRNsuJ4Hk2d6nILLNynf6t9JX/G/Y2op+RLg+SgN XccCuth2UN5qy5vB8wTxUlrATiSOKpgLFlPQTMMQY+TtMX41Ii/1E3X4E5LPLUWW6e5W agVQ== MIME-Version: 1.0 X-Received: by 10.58.85.161 with SMTP id i1mr26866738vez.97.1375193715271; Tue, 30 Jul 2013 07:15:15 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Tue, 30 Jul 2013 07:15:15 -0700 (PDT) In-Reply-To: References: Date: Tue, 30 Jul 2013 18:15:15 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:15:16 -0000 Sorry, I've already realised that double relay's ip address in log in normal. Anyway, problem is still here. 2013/7/30 Pavel Timofeev : > Hello everyone! > I've just upgraded (binary) my server from FreeBSD 9.1-RELEASE amd64 > to 9.2-BETA2. > And my sendmail can't resolv any hostname. It says: > Jul 30 17:28:54 reticulum sm-mta[3191]: r6UCqeun016122: > to=, ctladdr= (1001/1001), > delay=00:36:14, xdelay=00:00:00, mailer=esmtp, pri=300348, > relay=kalmar.xxx.ru., dsn=4.0.0, stat=Deferred: Name server: > kalmar.xxx.ru.: host name lookup failure > > Meanwhile, I didn't change anything in resolv.conf and I can't find > anything wrong when I use nslookup manually. It works. Furthermore, > when I set to mailertable something like > xxx.ru smtp:[192.168.62.209] > where ip address is address of another server (not kalmar's which is > mx server) sendmail works but with strange log message > Jul 30 17:44:17 octans sm-mta[11666]: r6UDiGhD011656: > to=, ctladdr= (1001/1001), > delay=00:00:01, xdelay=00:00:01, mailer=smtp, pri=30340, > relay=[192.168.62.209] [192.168.62.209], dsn=2.0.0, stat=Sent > (r6UDiG8v018961 Message accepted for delivery) > Why it says relay's ip address two time in log? > Is someone experiencing such problems? I mean can someone confirm > similar behaviour? > Could you please check on 9.2-BETA2 stuff like "echo bla | mail > myemail@mydomain.com"? > I can provide more info that you want. Thanks! From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:18:43 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 606508F3 for ; Tue, 30 Jul 2013 14:18:43 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3368A26E4 for ; Tue, 30 Jul 2013 14:18:42 +0000 (UTC) Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 178EA20E7C for ; Tue, 30 Jul 2013 10:18:42 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Tue, 30 Jul 2013 10:18:42 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=i1i4hhANzvvMPsWWsmLEc7YpDSo=; b=Cqg0Z TAx4wUeFKjcFrbTEFYBwXf6Aj+4ELf0GNXPVldoxOZAGGc6cxtM+KAk2bh5U7QH0 ne5QGmkyMBrVkUQR1OnZq085qjxGF07slckYwIMOCJz6nDq4TosPFYPEiuVzWYAC z3KO7Af4UPMee9KlQ4Oeg2K3kuhGv5V7IN4KwY= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id F2134B01EFC; Tue, 30 Jul 2013 10:18:41 -0400 (EDT) Message-Id: <1375193921.29380.3269347.48BF24A6@webmail.messagingengine.com> X-Sasl-Enc: 3LlYPxJeLreGgx69+zNtCf6PvYfXfF3dm5P7m7IJbYkE 1375193921 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 Subject: Re: Bind in FreeBSD, security advisories Date: Tue, 30 Jul 2013 09:18:41 -0500 In-Reply-To: References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:18:43 -0000 On Tue, Jul 30, 2013, at 9:10, Ronald Klop wrote: > > DragonflyBSD also removed BIND from base some time ago. > http://www.shiningsilence.com/dbsdlog/2010/05/06/5853.html > I was not aware of this; that's worth referencing. I'm not sure where NetBSD stands but a quick search implies that they still have BIND in base. To all: please note that my emails on this subject are personal opinions of mine and mine only; I have no idea what other @FreeBSD.org people think. It's merely my own conclusion of where I think FreeBSD should be headed after several years of FreeBSD administration. There are people much wiser and informed than I who will be making the decision if this ever comes to pass before 10.0-RELEASE... From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:29:29 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E810BC19 for ; Tue, 30 Jul 2013 14:29:29 +0000 (UTC) (envelope-from trashcan@odo.in-berlin.de) Received: from mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [91.121.60.26]) (using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A8CA22779 for ; Tue, 30 Jul 2013 14:29:29 +0000 (UTC) Received: from mx1.enfer-du-nord.net (mail.kaan-bock.invalid [10.10.10.1]) by mx1.enfer-du-nord.net (Postfix) with ESMTP id 3c4KsG2SN7zDkR for ; Tue, 30 Jul 2013 16:29:22 +0200 (CEST) X-Virus-Scanned: amavisd-new at enfer-du-nord.net Received: from mx1.enfer-du-nord.net ([10.10.10.1]) by mx1.enfer-du-nord.net (mx1.enfer-du-nord.net [10.10.10.1]) (amavisd-new, port 10024) with LMTP id p39dv_2sSdAR for ; Tue, 30 Jul 2013 16:29:22 +0200 (CEST) Received: from mx1.enfer-du-nord.net (www.kaan-bock.invalid [10.10.10.2]) by mx1.enfer-du-nord.net (Postfix) with ESMTP id 3c4KsF6xFtzDkH for ; Tue, 30 Jul 2013 16:29:21 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 30 Jul 2013 16:29:21 +0200 From: Michael Grimm To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories In-Reply-To: <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> Message-ID: <7cc4b6841ce070bef40ed28780ae00d6@mx1.enfer-du-nord.net> X-Sender: trashcan@odo.in-berlin.de User-Agent: Roundcube Webmail/0.9.2 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:29:30 -0000 On 2013-07-30 16:04, Mark Felder wrote: > Unbound/NSD are suitable replacements if we really need something in > base, and they have been picked up by OpenBSD for a good reason -- > clean, secure, readable, maintainable codebases and their use across > the > internet and on the ROOT servers is growing. +1 I switched two years ago and disabled bind in /etc/src.conf. Thus, I could skip some followup-work regarding SAs in the past multiplied by the number of servers involved. Regards, Michael From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:49:03 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E32F01B8 for ; Tue, 30 Jul 2013 14:49:03 +0000 (UTC) (envelope-from ohartman@zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9EB932866 for ; Tue, 30 Jul 2013 14:49:03 +0000 (UTC) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.80.1) for freebsd-stable@freebsd.org with esmtp (envelope-from ) id <1V4BET-003TdD-Vp>; Tue, 30 Jul 2013 16:49:02 +0200 Received: from g231188223.adsl.alicedsl.de ([92.231.188.223] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.80.1) for freebsd-stable@freebsd.org with esmtpsa (envelope-from ) id <1V4BET-002RHd-Sc>; Tue, 30 Jul 2013 16:49:01 +0200 Date: Tue, 30 Jul 2013 16:49:01 +0200 From: "O. Hartmann" To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories Message-ID: <20130730164901.01a060d6@thor.walstatt.dyndns.org> In-Reply-To: <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> References: <20130730.154208.41672901.sthaug@nethelp.no> <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> Organization: FU Berlin X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd10.0) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/UvJrN658ImzREx6d7P5J=37"; protocol="application/pgp-signature" X-Originating-IP: 92.231.188.223 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:49:03 -0000 --Sig_/UvJrN658ImzREx6d7P5J=37 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 30 Jul 2013 09:07:30 -0500 Mark Felder wrote: > On Tue, Jul 30, 2013, at 8:42, sthaug@nethelp.no wrote: > >=20 > > and every contrib part which is removed, detracts from this. > >=20 >=20 > And every contrib part that is added to base is another piece of > software that rots for the life of a major release and ends up getting > replaced by frustrated endusers with the latest in ports... >=20 > The tight integration of the base system that everyone appreciates and > respects is far below high-level software like BIND. So Linux did already nullify the contributions in the base system by eleminating ALL contributions but the kernel - the purest way one can go. --Sig_/UvJrN658ImzREx6d7P5J=37 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQEcBAEBAgAGBQJR99JdAAoJEOgBcD7A/5N8xDoH/3NFsa7Ahi4nxTakvQffZbZ7 Oidq7onaymkDWx+664pdxhyuVZQSYWN9TZraVeTom5W9h4P3dXPEgtrvIUdfAXSf gpxT1q8+X9/KYYHLlOXFr/N0xmaCm19tJH4O4TnUWxIme6eriyZFjp08HpG8o0hz CitCUD9rSgvB9tCw18sPnAOeGHAiTAaCWRRQoMhqYN3jReT5k76wPDEpFt1bd3mK hDt7nFEwm4FW2xTF+OAmvE/gvbZeoB9DM1gW/tndHXTc//wCwd1KLGf4aR3q+V9P 184UKrxgvNI5gXBctolvfTdsg9cq8Y4iKTAoD3dYTncNNf/Y3Ny3alSxk7Ru03s= =6Ny1 -----END PGP SIGNATURE----- --Sig_/UvJrN658ImzREx6d7P5J=37-- From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:49:56 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B9E6F2BD for ; Tue, 30 Jul 2013 14:49:56 +0000 (UTC) (envelope-from royce.williams@gmail.com) Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3DA74287A for ; Tue, 30 Jul 2013 14:49:56 +0000 (UTC) Received: by mail-lb0-f180.google.com with SMTP id a16so2408749lbj.39 for ; Tue, 30 Jul 2013 07:49:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=VoUhcRtaXjc23bbLEUODaQRfUotTTwLeIipT26i66Q0=; b=AOK0/gQDYuRzj3OgIdRv05sQ/GFtJcLi/WP1FkOSvvZLDnnI4Pxc96YPRoUxPCGJwT d6ED+Qv5C9E/daCUwSUYQqxwmJLc07YCHqCdGIl2enUYHC3t2N2Z0UfspnaXVlZHkiBA StRKWQWWoayqnToWPb86NQYqcal+nGhtUiZOyFy4fXzyHfQyR2ruCvqZRLhyIQQxnJoY 3BymMNTe7POOp6sibt6ceaRFZg/tZFFeRJOG5WngFXZm7qbqO5JpWVw7eR8aVmuyIPUp IK2w0aggA68GJhnkP8/aJgwaL9ExGdtQepepW0BgjliVAa56IfzeS3GcdOBAx160xPuh ZgdA== X-Received: by 10.112.92.73 with SMTP id ck9mr27571753lbb.69.1375195794141; Tue, 30 Jul 2013 07:49:54 -0700 (PDT) MIME-Version: 1.0 Sender: royce.williams@gmail.com Received: by 10.112.211.137 with HTTP; Tue, 30 Jul 2013 07:49:34 -0700 (PDT) In-Reply-To: <7cc4b6841ce070bef40ed28780ae00d6@mx1.enfer-du-nord.net> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> <7cc4b6841ce070bef40ed28780ae00d6@mx1.enfer-du-nord.net> From: Royce Williams Date: Tue, 30 Jul 2013 06:49:34 -0800 X-Google-Sender-Auth: uaMgyg0flii7_n2UXK7kiWeSxcg Message-ID: Subject: Re: Bind in FreeBSD, security advisories To: freebsd-stable Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:49:56 -0000 On Tue, Jul 30, 2013 at 6:29 AM, Michael Grimm wrote: > > On 2013-07-30 16:04, Mark Felder wrote: > >> Unbound/NSD are suitable replacements if we really need something in >> base, and they have been picked up by OpenBSD for a good reason -- >> clean, secure, readable, maintainable codebases and their use across the >> internet and on the ROOT servers is growing. I don't know enough about BIND replacements to identify them all by sight, but according to bsdstats.org's ports/dns category: http://bsdstats.org/ports.php?category=27 ... across all OSes (I'm not sure how to filter on just FreeBSD), of the 23996 systems reporting , 4966 (~20.71%) are running something from ports that I roughly recognize as a potential replacement for BIND in base: bind84-base 15 bind9 152 bind9-base 187 bind9-dlz+mysql+db41 5 bind9-sdb-ldap 36 bind9-sdb-ldap-base 20 bind94 40 bind94-base 157 bind95 29 bind95-base 54 bind96 146 bind96-base 181 bind97 120 bind97-base 429 bind97-sdb 8 bind97-sdb-base 12 bind98 202 bind98-base 423 bind98-devel 13 bind99 259 bind99-base 405 bind99-devel 12 djbdns 629 djbdns-ipv6 392 nsd 140 powerdns 189 powerdns-devel 17 powerdns-recursor 120 udns 215 unbound 359 4966/23977 = 0.20712 Given how many PC-BSD boxes there are, and how many folks that are running FreeBSD and bsdstats may not know why (or how) to replace BIND, ~20% seems like a significant number. I'm not advocating either way; I'm just providing some data points. Royce From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:52:08 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D6E45558 for ; Tue, 30 Jul 2013 14:52:08 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x22c.google.com (mail-oa0-x22c.google.com [IPv6:2607:f8b0:4003:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A09C828B0 for ; Tue, 30 Jul 2013 14:52:08 +0000 (UTC) Received: by mail-oa0-f44.google.com with SMTP id l20so12814753oag.31 for ; Tue, 30 Jul 2013 07:52:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:cc:content-type; bh=5kFF7+yu2GXZyLYj70DB+rmb9intyxbNVojvb3xP/LE=; b=TRAryxyBv52SYBzqVl1L4KE30bjlLbLeAiAic3a2PMcjI2HQtVb1KoeqkXuMBLyuWv EA57wgFLShu6M2ozPu0CaR2rf/cJzHFmCcePv89LLsOS/7OYSlfpenbZnP4RkZfFX6nx YJzJpHnYVksFrUmdryaAfjeAWbcAWLNOUwmgyiCczVgtouabaOg3hmYArDxkbO+V/hnG cLfklsWWsHtdEJieL4tOPY1sc7pHipbd3JenqCJqVDEDxk3CtlwEqIZxr5ELcUftCU5D WyUjmPHcSSlxlO/5s8fz3gL1rBCa1D+AzjfHk7t8f2k2KCwyshIfcOIygAI7TzGvdIL4 EM7w== MIME-Version: 1.0 X-Received: by 10.42.215.11 with SMTP id hc11mr227917icb.9.1375195927956; Tue, 30 Jul 2013 07:52:07 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Tue, 30 Jul 2013 07:52:07 -0700 (PDT) In-Reply-To: <1375193921.29380.3269347.48BF24A6@webmail.messagingengine.com> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> <1375193921.29380.3269347.48BF24A6@webmail.messagingengine.com> Date: Tue, 30 Jul 2013 10:52:07 -0400 X-Google-Sender-Auth: lyKl5nEkS77pQ44l-GmNJ4AeYGY Message-ID: Subject: Re: Bind in FreeBSD, security advisories From: J David Cc: freebsd-stable@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:52:08 -0000 Half the people will say: "There should be more stuff in base!" The other half will say: "There should be less stuff in base!" People don't generally change each other's minds about this because they start from competing definitions of what is good that are 100% opinion in nature. (Spoken as a hardcore advocate of "There should be less stuff in base!") DNS client and DNS server functionality are quite different, and it would be swell if there were a set of BIND-independent client tools that were part of the base so that BIND could, at a minimum, be left out via WITH_BIND=no in src.conf or similar without producing a crippled system. And/or people could install the DNS server of their choice (whether unbound or BIND or whatever) using pkg. If there isn't one already readily available, I might even volunteer to help develop that set of client tools at such time as FreeBSD coding standards allow C++11 in the tree. :) From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:53:26 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id BE99766D for ; Tue, 30 Jul 2013 14:53:26 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by mx1.freebsd.org (Postfix) with SMTP id 0E02828C8 for ; Tue, 30 Jul 2013 14:53:25 +0000 (UTC) Received: (qmail 56196 invoked from network); 30 Jul 2013 14:53:24 -0000 Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33) by bizet.nethelp.no with SMTP; 30 Jul 2013 14:53:24 -0000 Date: Tue, 30 Jul 2013 16:53:24 +0200 (CEST) Message-Id: <20130730.165324.74695371.sthaug@nethelp.no> To: feld@FreeBSD.org Subject: Re: Bind in FreeBSD, security advisories From: sthaug@nethelp.no In-Reply-To: <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> References: <20130730.154208.41672901.sthaug@nethelp.no> <1375193250.26582.3266927.032EF30B@webmail.messagingengine.com> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:53:26 -0000 > > and every contrib part which is removed, detracts from this. > > > > And every contrib part that is added to base is another piece of > software that rots for the life of a major release and ends up getting > replaced by frustrated endusers with the latest in ports... > > The tight integration of the base system that everyone appreciates and > respects is far below high-level software like BIND. Speaking only for myself, I disagree rather strongly with this. Looking at /usr/src/contrib on an 8.4-STABLE system, I use the following frequently (often several times per day): bind9 diff less libreadline (used by lots of other stuff) ntp nvi tcp_wrappers tcpdump tcsh telnet top traceroute If you remove these contrib parts from FreeBSD, that means at least 12 packages I'd need to install on every new FreeBSD system to get the system in a (for me) functional state. Certainly not a *major* hassle - but having these parts integrated is part of the FreeBSD attraction. I don't think we should work to make FreeBSD less attractive... Steinar Haug, Nethelp consulting, sthaug@nethelp.no From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 14:55:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DA77C796 for ; Tue, 30 Jul 2013 14:55:16 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9662028E8 for ; Tue, 30 Jul 2013 14:55:16 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4BKS-0001Ul-86; Tue, 30 Jul 2013 16:55:13 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4BKS-0000Ge-KW; Tue, 30 Jul 2013 16:55:12 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: "David Demelier" , "Freddie Cash" Subject: Re: Bind in FreeBSD, security advisories References: Date: Tue, 30 Jul 2013 16:55:09 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: -0.0 X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.1 X-Scan-Signature: b011d5308189b8f364b008c39e0eea9f Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 14:55:16 -0000 On Tue, 30 Jul 2013 16:14:57 +0200, Freddie Cash wrote: > On 2013-07-30 12:55 AM, "David Demelier" > wrote: >> >> Hi, >> >> For years, a lot of security advisories have been present for bind. >> I'm just guessing if it's not a good idea to remove bind from base? >> >> This will probably free by half the number of FreeBSD SA's in the >> future. > > Hasn't this discussion occurred several times already on the -current > mailing list over the past year? http://lists.freebsd.org/pipermail/freebsd-hackers/2012-July/039830.html > And hadn't unbound and/or ldns been > imported into - current already? http://lists.freebsd.org/pipermail/svn-src-all/2012-July/056004.html And next messages. Regards, Ronald. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 15:07:25 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 4AC05AA5 for ; Tue, 30 Jul 2013 15:07:25 +0000 (UTC) (envelope-from ronald-freebsd8@klop.yi.org) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.81]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0BA0E2976 for ; Tue, 30 Jul 2013 15:07:24 +0000 (UTC) Received: from smtp.greenhost.nl ([213.108.104.138]) by smarthost1.greenhost.nl with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1V4BWD-0003oq-KN for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 17:07:22 +0200 Received: from [81.21.138.17] (helo=ronaldradial.versatec.local) by smtp.greenhost.nl with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from ) id 1V4BWE-0001aE-08 for freebsd-stable@freebsd.org; Tue, 30 Jul 2013 17:07:22 +0200 Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: Date: Tue, 30 Jul 2013 17:07:19 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Ronald Klop" Message-ID: In-Reply-To: User-Agent: Opera Mail/12.16 (Win32) X-Authenticated-As-Hash: 5a5bc696c05b24d66fef48d694aeed0652e57d03 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: -0.0 X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.1 X-Scan-Signature: 5a1627636b35b65657045ef62631cd80 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 15:07:25 -0000 On Tue, 30 Jul 2013 16:55:09 +0200, Ronald Klop wrote: > On Tue, 30 Jul 2013 16:14:57 +0200, Freddie Cash > wrote: > >> On 2013-07-30 12:55 AM, "David Demelier" >> wrote: >>> >>> Hi, >>> >>> For years, a lot of security advisories have been present for bind. >>> I'm just guessing if it's not a good idea to remove bind from base? >>> >>> This will probably free by half the number of FreeBSD SA's in the >>> future. >> >> Hasn't this discussion occurred several times already on the -current >> mailing list over the past year? > > http://lists.freebsd.org/pipermail/freebsd-hackers/2012-July/039830.html > >> And hadn't unbound and/or ldns been >> imported into - current already? > > http://lists.freebsd.org/pipermail/svn-src-all/2012-July/056004.html > And next messages. Even more: http://svnweb.freebsd.org/base/head/contrib/ldns/ http://svnweb.freebsd.org/base/head/contrib/unbound/ Regards, Ronald. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 15:26:52 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 1A621CE for ; Tue, 30 Jul 2013 15:26:52 +0000 (UTC) (envelope-from allicient3141@gmail.com) Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D844D2ADE for ; Tue, 30 Jul 2013 15:26:51 +0000 (UTC) Received: by mail-ob0-f173.google.com with SMTP id ta17so2666451obb.18 for ; Tue, 30 Jul 2013 08:26:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=OuxtwGAo0X03XsM9iDZ2EMmUQTijbXdrah0yIy0PWb8=; b=krySvsHrzfn/FFPYClRoZrWg9aGf0VqTKKukzLAOVURt8UCixk2klBGkNQF+oBlHLL QWiLPZZG0w0nP0dqP8WgoCwWzU6mRMvj6OfmYXSqRI4S1DDpVv3RSwY6PMh6D2WIs9rq wcLAZsW2THYNVLfqM7Vq1t954dynIGUI9VNgcCsdTDkuh9yh6WvOLZtF+bhS2G4gpsgj E+F47VvAkd3nKGfJ/Q2ZwPAABR1lJXItgBMY8S3VafCrJFr1Dk4dObDlWQrNDTP7E7VM kN8/5IyHTBqOyChCVINjJo5siU3huujBMW0jskfqHpJHb9m7XcxGjRVp0v1QI04j6Q8v y9fA== X-Received: by 10.182.66.77 with SMTP id d13mr57937380obt.32.1375198011178; Tue, 30 Jul 2013 08:26:51 -0700 (PDT) MIME-Version: 1.0 Sender: allicient3141@gmail.com Received: by 10.182.144.200 with HTTP; Tue, 30 Jul 2013 08:26:21 -0700 (PDT) In-Reply-To: <20130730.154208.41672901.sthaug@nethelp.no> References: <20130730.154208.41672901.sthaug@nethelp.no> From: Peter Maxwell Date: Tue, 30 Jul 2013 16:26:21 +0100 X-Google-Sender-Auth: 01kQe81cyrk10uXWSNMlZvUx9l0 Message-ID: Subject: Re: Bind in FreeBSD, security advisories To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 15:26:52 -0000 On 30 July 2013 14:42, wrote: > > > For years, a lot of security advisories have been present for bind. > > > I'm just guessing if it's not a good idea to remove bind from base? > > > > > > This will probably free by half the number of FreeBSD SA's in the > future. > > > > > > > Sure, but no bind in base also implies no dig, nslookup or host. > > Exactly. It's a slippery slope - if we continue removing useful > functionality from FreeBSD there are fewer and fewer arguments for > why one should use FreeBSD and not Linux. > Having lots of third-party software in base is not one of those reasons however. > > Yes, I know everything can be installed from packages/ports. Two of > *my* main reasons for using FreeBSD is that: > > 1. It's an integrated *system*, not just a kernel. > That's not an argument for retaining something that is non-essential for most people and can easily be installed from ports. There is very little that is actually essential in base... having to turn sendmail off on every new installation already does my nut in but having mail facilities is essential, so it has to be there. Having bind in base does have one advantage in that it is more carefully scrutinised that it would likely be in ports. > 2. The base system contains a lot of the useful functionality I need. > So does ports. > > and every contrib part which is removed, detracts from this. > No, it doesn't. The base system should be just that - a base minimal installation. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 15:58:14 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6D53C970 for ; Tue, 30 Jul 2013 15:58:14 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C90632C5E for ; Tue, 30 Jul 2013 15:58:13 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UFwA1J099474 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Tue, 30 Jul 2013 18:58:11 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F7E292.90608@digsys.bg> Date: Tue, 30 Jul 2013 18:58:10 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <20130730.154208.41672901.sthaug@nethelp.no> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 15:58:14 -0000 On 30.07.13 18:26, Peter Maxwell wrote: > On 30 July 2013 14:42, wrote: > > >> Yes, I know everything can be installed from packages/ports. Two of >> *my* main reasons for using FreeBSD is that: >> >> 1. It's an integrated *system*, not just a kernel. >> > That's not an argument for retaining something that is non-essential for > most people and can easily be installed from ports. There is very little > that is actually essential in base... having to turn sendmail off on every > new installation already does my nut in but having mail facilities is > essential, so it has to be there. I am surprised why so many people insist having an MTA is necessary, but having well testes recursive DNS resolver is not. Even on a typical "client" installation, it is more likely the resolver will be useful, than the MTA. By the way, both sendmail and BIND are off by default... > Having bind in base does have one advantage in that it is more carefully > scrutinised that it would likely be in ports. This too.. I have always viewed FreeBSD not as an product, but instead as an toolkit. A toolkit, from which to build the OS you need. So far, FreeBSD has worked better for that purpose than any other toolkit around (plus, I am biased). There are a number of knobs, that let you customize FreeBSD to your heart's content. In theory, everything but the absolute minimum of the base system might be removed.. and have everything depend on ports. However, the base system is just that -- one collection of code that gets built and tested together. This brings quality. Having said this, it is perfectly ok to replace BIND with any other resolver + name server.... as long as there is suitable candidate that has passed enough testing. Is there one? Do we know enough of their quirks? Daniel From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 16:01:25 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 20BD4AB9 for ; Tue, 30 Jul 2013 16:01:25 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 97BCF2C90 for ; Tue, 30 Jul 2013 16:01:24 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UG1M3N000488 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Tue, 30 Jul 2013 19:01:22 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F7E352.30300@digsys.bg> Date: Tue, 30 Jul 2013 19:01:22 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 16:01:25 -0000 On 30.07.13 16:44, Ronald Klop wrote: > On Tue, 30 Jul 2013 15:32:44 +0200, Daniel Kalchev > wrote: > >> >> Back to the topic :) >> >> My take on this is that removing BIND from the base today is.. >> irresponsible. First, most who use FreeBSD expect an DNS server to be >> readily available. > > Interesting. What are your statistics of 'most' based on? Unfortunately, not much objective statistics. The bsdstats sample is rather small and obviously biased (towards people who would share their config, mostly). I was hoping for some usable data from the Open Resolver Project (http://openresolverproject.org/)but there is not much useful information for this purpose there either. It is also very unlikely a pool would result in any meaningful data... But here is an idea: Remove BIND from HEAD overnight and see how many will complain ;-) If nobody complains, don't put it back in. Daniel From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 16:07:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B732EC37 for ; Tue, 30 Jul 2013 16:07:32 +0000 (UTC) (envelope-from fjwcash@gmail.com) Received: from mail-qc0-x234.google.com (mail-qc0-x234.google.com [IPv6:2607:f8b0:400d:c01::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 778202CD5 for ; Tue, 30 Jul 2013 16:07:32 +0000 (UTC) Received: by mail-qc0-f180.google.com with SMTP id j10so1294756qcx.39 for ; Tue, 30 Jul 2013 09:07:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=wE/xy7hFWSaj74CB5AWHKR7ZdH+ZFUSQe3BuSFym5ag=; b=RV9C2rHo7plfCpwBgEpYTCEwcFQFzozoJ99MBrIltxefst7GW6/Hrv7/uu488JSNMW b8IQ33If7jEoJBU8NE+RBgiBP0CvJx990xmn3FElC+4mqCvwI+YW9q/vhnm7xdNTaqqB Ia34i/s7DV98rIdaqvAPHc8T+qzPBRYMWCxXLW9m8D304GP1qmYINP3aC2eE22ZUHYz8 2T8l3EsxKhfSmzVg0cLB27bjDmKKWZgVSPvY8J/O513q1oGs6Zn9Zz5ZSrMS9GnnvahC KU5kR3SHij86HtPREFUGoQdeU5Fsquz5a+a/iJ+3gpX0ihcloO5ErAIX5n91ENeRcCHf XguA== MIME-Version: 1.0 X-Received: by 10.224.14.13 with SMTP id e13mr36771397qaa.107.1375200451601; Tue, 30 Jul 2013 09:07:31 -0700 (PDT) Received: by 10.49.49.135 with HTTP; Tue, 30 Jul 2013 09:07:31 -0700 (PDT) Received: by 10.49.49.135 with HTTP; Tue, 30 Jul 2013 09:07:31 -0700 (PDT) In-Reply-To: References: Date: Tue, 30 Jul 2013 09:07:31 -0700 Message-ID: Subject: Re: Bind in FreeBSD, security advisories From: Freddie Cash To: Ronald Klop Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: David Demelier , FreeBSD Stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 16:07:32 -0000 On 2013-07-30 7:55 AM, "Ronald Klop" wrote: > > On Tue, 30 Jul 2013 16:14:57 +0200, Freddie Cash wrote: > >> On 2013-07-30 12:55 AM, "David Demelier" wrote: >>> >>> >>> Hi, >>> >>> For years, a lot of security advisories have been present for bind. >>> I'm just guessing if it's not a good idea to remove bind from base? >>> >>> This will probably free by half the number of FreeBSD SA's in the future. >> >> >> Hasn't this discussion occurred several times already on the -current >> mailing list over the past year? > > > http://lists.freebsd.org/pipermail/freebsd-hackers/2012-July/039830.html > > >> And hadn't unbound and/or ldns been >> imported into - current already? > > > http://lists.freebsd.org/pipermail/svn-src-all/2012-July/056004.html > And next messages. Thanks for the references. I'm mostly mailing my phone these days and searching for references and copy/paste aren't the easiest things to do. :) From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 16:49:35 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 1B391C74 for ; Tue, 30 Jul 2013 16:49:35 +0000 (UTC) (envelope-from allicient3141@gmail.com) Received: from mail-oa0-x22f.google.com (mail-oa0-x22f.google.com [IPv6:2607:f8b0:4003:c02::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D6B882F12 for ; Tue, 30 Jul 2013 16:49:34 +0000 (UTC) Received: by mail-oa0-f47.google.com with SMTP id m6so9700880oag.20 for ; Tue, 30 Jul 2013 09:49:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=TwIjFR47i4JPSXo6cnPNHOLwT04bUFsj5oXM1g7yGwk=; b=WWEsXZflSGWZfcslrMhSs4S+d+s6GsDelmnXSxcu8B7YJwNi72jYUDD8lYtPtaJQk9 Wz5zEhHm8yJpaTTHsFj3L9vB0zWb7qjQOt1t3FfCiTNJTlm2T6FJxOOcH1nQY9kDWjxm mdBnmwGxwUM3+nnBuPFdN4gYiUsGYxMrzqVXm3HBOv3bN+2rqbTK0RcxmWGZHqTw+W4T 8icB0q7NVq3Td4eTe88PCmAr6DdA0t/Zr8HJcLN3pVyznbQP5mVPbBO0trp7XuAIhwkx bowH0REszXQQB7Fmp3fYZahmhP0euZXX/Mo1LsDqo8aaXtO+lLYOdWDDbuuxhqewSvNa bZ3Q== X-Received: by 10.182.39.168 with SMTP id q8mr57565607obk.72.1375202974178; Tue, 30 Jul 2013 09:49:34 -0700 (PDT) MIME-Version: 1.0 Sender: allicient3141@gmail.com Received: by 10.182.144.200 with HTTP; Tue, 30 Jul 2013 09:49:04 -0700 (PDT) In-Reply-To: <51F7E292.90608@digsys.bg> References: <20130730.154208.41672901.sthaug@nethelp.no> <51F7E292.90608@digsys.bg> From: Peter Maxwell Date: Tue, 30 Jul 2013 17:49:04 +0100 X-Google-Sender-Auth: 6mmswdDYYx2Iu-5WmMI9A1T4Ks8 Message-ID: Subject: Re: Bind in FreeBSD, security advisories To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 16:49:35 -0000 On 30 July 2013 16:58, Daniel Kalchev wrote: > > On 30.07.13 18:26, Peter Maxwell wrote: > >> On 30 July 2013 14:42, wrote: >> >> >> Yes, I know everything can be installed from packages/ports. Two of >>> *my* main reasons for using FreeBSD is that: >>> >>> 1. It's an integrated *system*, not just a kernel. >>> >>> That's not an argument for retaining something that is non-essential for >> most people and can easily be installed from ports. There is very little >> that is actually essential in base... having to turn sendmail off on every >> new installation already does my nut in but having mail facilities is >> essential, so it has to be there. >> > > I am surprised why so many people insist having an MTA is necessary, but > having well testes recursive DNS resolver is not. > Even on a typical "client" installation, it is more likely the resolver > will be useful, than the MTA. > Sendmail - or something equivalent - is required to handle system mail from things like system utility scripts, e.g. periodic. A caching or recursive DNS resolver, strictly, is not essential. Given the number of SAs in bind, it would arguably be better positioned in ports from an upgrade point of view. > > By the way, both sendmail and BIND are off by default... No, sendmail is on by default, cf. http://www.freebsd.org/doc/en/books/handbook/mail-changingmta.html It's only inbound SMTP handling that is default off. To turn sendmail off completely, you need to do something like set sendmail_enable="NONE" in your rc.conf and have a replacement already setup. > > > Having bind in base does have one advantage in that it is more carefully >> scrutinised that it would likely be in ports. >> > > This too.. > > I have always viewed FreeBSD not as an product, but instead as an toolkit. > A toolkit, from which to build the OS you need. > So far, FreeBSD has worked better for that purpose than any other toolkit > around (plus, I am biased). > It's less useful as a toolkit when you need to upgrade, say, sshd or openssl but for whatever reason cannot upgrade the base system... it can be quite a bit of hassle managing the ports version while you've still got the base version there. It's not difficult but it's still a pain; when you're dealing with hundreds of servers, every corner-case makes ongoing maintenance harder. My position would be that if it is third-party and not absolutely essential, it should be in ports. > > There are a number of knobs, that let you customize FreeBSD to your > heart's content. > Eh, hmmm, sort of. As above, some things require upgrading the base system which can be a bit of an issue in production environments when you cannot arrange a suitable maintenance window - a scenario that is very common indeed. You are then forced to start using ports to replace the functionality in base and it all gets rather non-standard and messy. > > In theory, everything but the absolute minimum of the base system might be > removed.. and have everything depend on ports. However, the base system is > just that -- one collection of code that gets built and tested together. > This brings quality. > Yet, as the OP pointed out: bind is not what I would term "quality", there's more SAs posted than I've had hot dinners. Given it is non-essential, it could quite easily be stripped out. > > Having said this, it is perfectly ok to replace BIND with any other > resolver + name server.... as long as there is suitable candidate that has > passed enough testing. Is there one? Do we know enough of their quirks? > That's not a good idea: any environment larger than a home network or SME that relies on bind will not find it easy to migrate. It's one thing asking people to tolerate a 2min inconvenience to make a choice to install bind from ports (when they've can also choose bind or, say, djbdns, etc), it's quite another to suggest to them they should be using different software, essentially on a whim. I personally prefer qmail over sendmail but I wouldn't suggest qmail should be in base for the reason that sendmail is the de facto standard on *nix shaped systems. From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 19:09:13 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E69638D6 for ; Tue, 30 Jul 2013 19:09:13 +0000 (UTC) (envelope-from gwiley@verisign.com) Received: from exprod6og108.obsmtp.com (exprod6og108.obsmtp.com [64.18.1.21]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BD87125CA for ; Tue, 30 Jul 2013 19:09:00 +0000 (UTC) Received: from peregrine.verisign.com ([216.168.239.74]) (using TLSv1) by exprod6ob108.postini.com ([64.18.5.12]) with SMTP ID DSNKUfgPRiDrQ4MwwhlbFHGp3ayihaNRvgrX@postini.com; Tue, 30 Jul 2013 12:09:13 PDT Received: from BRN1WNEXCHM01.vcorp.ad.vrsn.com (brn1wnexchm01.vcorp.ad.vrsn.com [10.173.152.255]) by peregrine.verisign.com (8.13.6/8.13.4) with ESMTP id r6UJ8lrb005531 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 30 Jul 2013 15:08:50 -0400 Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by BRN1WNEXCHM01.vcorp.ad.vrsn.com ([::1]) with mapi id 14.02.0342.003; Tue, 30 Jul 2013 15:08:47 -0400 From: "Wiley, Glen" To: Daniel Kalchev , "freebsd-stable@freebsd.org" Subject: Re: Bind in FreeBSD, security advisories Thread-Topic: Bind in FreeBSD, security advisories Thread-Index: AQHOjSHbu7+wS+edJUSJ+Xp1rPBZCZl9ffUAgAAdHoCAAAjkAP//8jKA Date: Tue, 30 Jul 2013 19:08:47 +0000 Message-ID: In-Reply-To: <51F7E292.90608@digsys.bg> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: Microsoft-MacOutlook/14.3.6.130613 x-originating-ip: [10.173.152.4] Content-Type: text/plain; charset="us-ascii" Content-ID: <0116B105051BDD4E816D383ACCAFB96A@verisign.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 19:09:14 -0000 Verisign is currently actively developing the getdns API description that Paul Hoffman put together and documented at http://www.vpnc.org/getdns-api/ This includes a stub resolver, a recursive resolver and could provide functionality independent of the BIND distribution. We have adopted the BSD coding standards for the project and will be making the github repository public later this year. On 7/30/13 11:58 AM, "Daniel Kalchev" wrote: > >Having said this, it is perfectly ok to replace BIND with any other >resolver + name server.... as long as there is suitable candidate that >has passed enough testing. Is there one? Do we know enough of their >quirks? > >Daniel > >_______________________________________________ >freebsd-stable@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-stable >To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 20:03:51 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3C26040E for ; Tue, 30 Jul 2013 20:03:51 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B46AD2851 for ; Tue, 30 Jul 2013 20:03:49 +0000 (UTC) Received: from digsys200-136.pip.digsys.bg (digsys200-136.pip.digsys.bg [193.68.136.200]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6UK3gAM056747 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 30 Jul 2013 23:03:43 +0300 (EEST) (envelope-from daniel@digsys.bg) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: Re: Bind in FreeBSD, security advisories From: Daniel Kalchev In-Reply-To: Date: Tue, 30 Jul 2013 23:03:42 +0300 Content-Transfer-Encoding: 7bit Message-Id: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> References: <20130730.154208.41672901.sthaug@nethelp.no> <51F7E292.90608@digsys.bg> To: Peter Maxwell X-Mailer: Apple Mail (2.1508) Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 20:03:51 -0000 On 30.07.2013, at 19:49, Peter Maxwell wrote: > I personally prefer qmail over sendmail > but I wouldn't suggest qmail should be in base for the reason that sendmail > is the de facto standard on *nix shaped systems. > One can argue that BIND is the de facto standard on *nix shaped systems too. Daniel From owner-freebsd-stable@FreeBSD.ORG Tue Jul 30 23:42:00 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7ABB4AB1 for ; Tue, 30 Jul 2013 23:42:00 +0000 (UTC) (envelope-from allicient3141@gmail.com) Received: from mail-ob0-x231.google.com (mail-ob0-x231.google.com [IPv6:2607:f8b0:4003:c01::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 402242035 for ; Tue, 30 Jul 2013 23:42:00 +0000 (UTC) Received: by mail-ob0-f177.google.com with SMTP id f8so77454obp.22 for ; Tue, 30 Jul 2013 16:41:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type; bh=zvHiP/W4NNERa9ywOpu4H2LM9/XCbhaFHYTVKBVOMfU=; b=zNi1L9MEaf5RVvDBFTppzNkTpvQPWoPwqpfBGsPjiBOKnwvNOJYtaL/gDZzWO9q/Bp DKUisqS/XL7gOC2e+q3bu95+qbnOSC85+iFntQavDpKjT/og0ucV5ckzDTyrIMr9SXSJ 9I123RXNm8EpyUGJio3XGgaAMtJwfD90IEIFchWhhwLocftW1OGZDCUTysuffKJrYtu5 7TO1HnAmt/+jGNJ1VIEQwT8mO5lI1gSF9c0lAfkfGtXdqWekUz/mx1sPT8sALmtH+fJh 2MgGvsuQxWGeGVbTbf1eABhXW1cSHyyxBwqyYguIY4mTKG3pnwXcg5SbqkCFXketIKoF 8u5A== X-Received: by 10.182.80.33 with SMTP id o1mr58184441obx.21.1375227719628; Tue, 30 Jul 2013 16:41:59 -0700 (PDT) MIME-Version: 1.0 Sender: allicient3141@gmail.com Received: by 10.182.144.200 with HTTP; Tue, 30 Jul 2013 16:41:29 -0700 (PDT) In-Reply-To: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> References: <20130730.154208.41672901.sthaug@nethelp.no> <51F7E292.90608@digsys.bg> <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> From: Peter Maxwell Date: Wed, 31 Jul 2013 00:41:29 +0100 X-Google-Sender-Auth: ftY4TBAz6xyy52Hj4VBQypCj1ec Message-ID: Subject: Re: Bind in FreeBSD, security advisories To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 23:42:00 -0000 On 30 July 2013 21:03, Daniel Kalchev wrote: > > On 30.07.2013, at 19:49, Peter Maxwell wrote: > > > I personally prefer qmail over sendmail > > but I wouldn't suggest qmail should be in base for the reason that > sendmail > > is the de facto standard on *nix shaped systems. > > > > One can argue that BIND is the de facto standard on *nix shaped systems too Yes, that is precisely my point, the preceding sentences to what you quoted... "That's not a good idea: any environment larger than a home network or SME that relies on bind will not find it easy to migrate. It's one thing asking people to tolerate a 2min inconvenience to make a choice to install bind from ports (when they've can also choose bind or, say, djbdns, etc), it's quite another to suggest to them they should be using different software, essentially on a whim." From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 01:04:48 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5B3C3471 for ; Wed, 31 Jul 2013 01:04:48 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0AEC32268 for ; Wed, 31 Jul 2013 01:04:47 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r6V0kE06095743 for ; Tue, 30 Jul 2013 17:46:20 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r6V0k91v095740; Tue, 30 Jul 2013 17:46:09 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Tue, 30 Jul 2013 17:46:09 -0700 (PDT) Message-ID: <5cbefcc0e4be0fb6d0f654d8378108b6.authenticated@ultimatedns.net> In-Reply-To: <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <1375193086.25610.3260371.08421FD0@webmail.messagingengine.com> Date: Tue, 30 Jul 2013 17:46:09 -0700 (PDT) Subject: Re: Bind in FreeBSD, security advisories From: "Chris H" To: freebsd-stable@freebsd.org User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 01:04:48 -0000 > On Tue, Jul 30, 2013, at 8:32, Daniel Kalchev wrote: >> >> >> This is very much an situation like replacing gcc with clang/llvm. >> However, in the case of BIND we have no licensing problems, stability >> problems, performance problems etc --- just concerns that BIND generates >> many SAs -- which might be actually good indicator, as it demonstrates >> that BIND is worked on. >> > > There's a man with a name whose initials match DJB that would strongly > disagree. Now he's not always the best person to reference, but he's > made a succinct point with his own software, whether or not you like > using it. > > Unbound/NSD are suitable replacements if we really need something in > base, and they have been picked up by OpenBSD for a good reason -- > clean, secure, readable, maintainable codebases and their use across the > internet and on the ROOT servers is growing. > >> I personally see no reason to remove BIND from base. If someone does not >> want BIND in their system, they could always use the WITHOUT_BIND build >> switch. > > I'd be inclined to agree if it wasn't such a wholly insecure chunk of > code. You don't see people whining about Sendmail in base when they > prefer Postfix or Exim, but Sendmail doesn't have a new exploit every > week. You do tend to need an MTA for getting messages off the system > more than you need a local recursor/cache, but at least it's not causing > you maintenance headaches. If you consider the possibility that a large > enough percentage of users really desire a local recursor/cache it > should be our duty to give them the best option available. +1 Sorry to do that. But I simply couldn't have expressed it better, myself. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 01:05:35 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 47179575 for ; Wed, 31 Jul 2013 01:05:35 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1335B227A for ; Wed, 31 Jul 2013 01:05:35 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r6V15llR096733 for ; Tue, 30 Jul 2013 18:05:53 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r6V15fk4096730; Tue, 30 Jul 2013 18:05:41 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Tue, 30 Jul 2013 18:05:42 -0700 (PDT) Message-ID: <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net> In-Reply-To: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> References: <20130730.154208.41672901.sthaug@nethelp.no> <51F7E292.90608@digsys.bg> <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> Date: Tue, 30 Jul 2013 18:05:42 -0700 (PDT) Subject: Re: Bind in FreeBSD, security advisories From: "Chris H" To: freebsd-stable@freebsd.org User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 01:05:35 -0000 > > On 30.07.2013, at 19:49, Peter Maxwell wrote: > >> I personally prefer qmail over sendmail >> but I wouldn't suggest qmail should be in base for the reason that sendmail >> is the de facto standard on *nix shaped systems. >> > > One can argue that BIND is the de facto standard on *nix shaped systems too. Considering the topic, and how many times it's come up. I'm not sure that's anything to be proud of. ;) > > Daniel > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 02:06:42 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 279C98F for ; Wed, 31 Jul 2013 02:06:42 +0000 (UTC) (envelope-from marka@isc.org) Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DDF21242F for ; Wed, 31 Jul 2013 02:06:41 +0000 (UTC) Received: from mx.pao1.isc.org (localhost [127.0.0.1]) by mx.pao1.isc.org (Postfix) with ESMTP id B6D09C9432; Wed, 31 Jul 2013 02:06:26 +0000 (UTC) (envelope-from marka@isc.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=dkim2012; t=1375236400; bh=T5HZ8zJosPdBDFj/E3FkSpPQol2YeI1b1JN5DfQhJaw=; h=To:Cc:From:References:Subject:In-reply-to:Date; b=R14SB9PmgQ6Wdbh7rpokzH2Xr7vSXKHeJX/iYTo7vdlfBoKV/HJKz5RNkm2NGcbWI y8iy/zF2bZadKKbEMT16DX1DCTdrBIAmXe6gxTjjm0YmN7GW2Dtwuykb1lc18uF098 e5LYW3kzkoj8Nk/w7hV1yKi0lKN48YkAqw8ckXqw= Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.pao1.isc.org (Postfix) with ESMTP; Wed, 31 Jul 2013 02:06:26 +0000 (UTC) (envelope-from marka@isc.org) Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id EA0721602CE; Wed, 31 Jul 2013 02:10:09 +0000 (UTC) Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id TU14f6MiC_Nk; Wed, 31 Jul 2013 02:10:09 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 4211C1602D5; Wed, 31 Jul 2013 02:10:09 +0000 (UTC) X-Virus-Scanned: amavisd-new at zmx1.isc.org Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 91980jjcMwVk; Wed, 31 Jul 2013 02:10:09 +0000 (UTC) Received: from drugs.dv.isc.org (c211-30-183-50.carlnfd1.nsw.optusnet.com.au [211.30.183.50]) by zmx1.isc.org (Postfix) with ESMTPSA id EFAFC1602D3; Wed, 31 Jul 2013 02:10:08 +0000 (UTC) Received: from drugs.dv.isc.org (localhost [IPv6:::1]) by drugs.dv.isc.org (Postfix) with ESMTP id 7243C37DF218; Wed, 31 Jul 2013 12:06:23 +1000 (EST) To: "Chris H" From: Mark Andrews References: <20130730.154208.41672901.sthaug@nethelp.no> <51F7E292.90608@digsys.bg> <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net> Subject: Re: Bind in FreeBSD, security advisories In-reply-to: Your message of "Tue, 30 Jul 2013 18:05:42 -0700." <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net> Date: Wed, 31 Jul 2013 12:06:23 +1000 Message-Id: <20130731020623.7243C37DF218@drugs.dv.isc.org> X-DCC--Metrics: post.isc.org; whitelist X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,SPF_PASS, T_RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mx.pao1.isc.org Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 02:06:42 -0000 In message <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net>, "C hris H" writes: > > > > On 30.07.2013, at 19:49, Peter Maxwell wrote: > > > >> I personally prefer qmail over sendmail > >> but I wouldn't suggest qmail should be in base for the reason that sendmai > l > >> is the de facto standard on *nix shaped systems. > >> > > > > One can argue that BIND is the de facto standard on *nix shaped systems too > . > > Considering the topic, and how many times it's come up. I'm not sure that's a > nything to > be proud of. ;) Given not all CVE's are created equal and given the amount of internal self consistancy checks (all of which kill the server if they don't pass (and push the CVSS score to 7.x)) there are in BIND the number of advisaries is actually very small. Yes, this was a internal self consistancy check failing. We are human and despite code reviews, unit and system tests, static analysis checkers etc. some errors do make it through. Mark > > Daniel > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 06:14:05 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C5EABCF for ; Wed, 31 Jul 2013 06:14:05 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 947782BAF for ; Wed, 31 Jul 2013 06:14:05 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r6V6EHZm008778 for ; Tue, 30 Jul 2013 23:14:23 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r6V6EC8R008777; Tue, 30 Jul 2013 23:14:12 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Tue, 30 Jul 2013 23:14:12 -0700 (PDT) Message-ID: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> Date: Tue, 30 Jul 2013 23:14:12 -0700 (PDT) Subject: Does the image on isc.portsnap.freebsd.org have a virus? From: "Chris H" To: "freebsd-stable" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 06:14:05 -0000 Greetings, I know this sounds crazy, and apologies if I am. But I have 2 RELENG_8 servers; 1 amd64, and 1 i386. about 3 wks ago, I migrated from cv(sup) updating, to svn on the amd64 box. After removing cv(sup) related folders, and the ports folder, I used: portsnap fetch After the fetch completed I ran: portsnap extract which verified/patched && extracted the image to /usr/ports. Tonight, I initiated the same procedure on the i386 server. _BUT_ upon completion of the fetch, it proceeded to verify/patch && extract; _not_ to /usr/ports, but to /var/db/portsnap/ports. re-examining /etc/portsnap.conf, and re-reading the portsnap(8) man page, reveals that _both_ .conf files are identical, as were the version(s) used on both boxes. An additional attempt to portsnap fetch, resulted in the same (unorthodox) behavior. What gives?! Thank you for all your time, and consideration. --chris From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 06:38:39 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5803BA94 for ; Wed, 31 Jul 2013 06:38:39 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [IPv6:2001:44b8:8060:ff02:300:1:6:4]) by mx1.freebsd.org (Postfix) with ESMTP id E20AB2CAA for ; Wed, 31 Jul 2013 06:38:36 +0000 (UTC) Received: from ppp247-71.static.internode.on.net (HELO leader.local) ([203.122.247.71]) by ipmail04.adl6.internode.on.net with ESMTP; 31 Jul 2013 16:08:35 +0930 Message-ID: <51F8B0E8.8090608@ShaneWare.Biz> Date: Wed, 31 Jul 2013 16:08:32 +0930 From: Shane Ambler User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130516 Thunderbird/17.0.6 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> In-Reply-To: <51F7E352.30300@digsys.bg> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 06:38:39 -0000 On 31/07/2013 01:31, Daniel Kalchev wrote: > But here is an idea: Remove BIND from HEAD overnight and see how many > will complain ;-) If nobody complains, don't put it back in. Or change the default to off. If you want bind add WITH_BIND=yes to src.conf It's hard to say FreeBSD is a safe and secure OS when part of the base install is always being shown to have security flaws. New features need to prove they are reliable before they are accepted into a release yet we allow something that has a long proven history of being a source of security concerns. For something that needs to be constantly updated in between system updates then ports is the place to install it from. I think it is less about whether bind is useful and needs to be in base and more about should every user of FreeBSD be open to security issues or should a user have the option to say "yes I want potentially insecure software on my machine". The ports system allows messages that make it obvious to the user about security concerns. Yes many users know the bind utilities and rely on them but a lot of users have no idea how to use them. I expect that the bind tools are used by a number of users that know what they are doing and need them for testing and debugging issues, they also know how to install them when they need them. I believe most users would not need or use these tools. How many people setup and use a FreeBSD machine without adding something from ports or packages? And yes I setup my own dns server to resolve internal host names instead of filling /etc/hosts with entries. As for the tools like dig and host, I rarely use them. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 06:55:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 01034196 for ; Wed, 31 Jul 2013 06:55:43 +0000 (UTC) (envelope-from sthaug@nethelp.no) Received: from bizet.nethelp.no (bizet.nethelp.no [195.1.209.33]) by mx1.freebsd.org (Postfix) with SMTP id 45BD82D6E for ; Wed, 31 Jul 2013 06:55:42 +0000 (UTC) Received: (qmail 4163 invoked from network); 31 Jul 2013 06:55:41 -0000 Received: from bizet.nethelp.no (HELO localhost) (195.1.209.33) by bizet.nethelp.no with SMTP; 31 Jul 2013 06:55:41 -0000 Date: Wed, 31 Jul 2013 08:55:41 +0200 (CEST) Message-Id: <20130731.085541.74748290.sthaug@nethelp.no> To: marka@isc.org Subject: Re: Bind in FreeBSD, security advisories From: sthaug@nethelp.no In-Reply-To: <20130731020623.7243C37DF218@drugs.dv.isc.org> References: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net> <20130731020623.7243C37DF218@drugs.dv.isc.org> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: bsd-lists@1command.com, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 06:55:44 -0000 > > Considering the topic, and how many times it's come up. I'm not sure that's a > > nything to > > be proud of. ;) > > Given not all CVE's are created equal and given the amount of > internal self consistancy checks (all of which kill the server if > they don't pass (and push the CVSS score to 7.x)) there are in BIND > the number of advisaries is actually very small. > > Yes, this was a internal self consistancy check failing. > > We are human and despite code reviews, unit and system tests, static > analysis checkers etc. some errors do make it through. I'm also more than a little surprised about people dragging out sendmail as a shining example of *good* (bug-free?) software. Does nobody remember any history here? It wasn't *that* many years ago that we seemed to have "sendmail-bug-of-the-day"... Steinar Haug, Nethelp consulting, sthaug@nethelp.no From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 07:46:20 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E4573492 for ; Wed, 31 Jul 2013 07:46:20 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-vb0-x231.google.com (mail-vb0-x231.google.com [IPv6:2607:f8b0:400c:c02::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A66F02F38 for ; Wed, 31 Jul 2013 07:46:20 +0000 (UTC) Received: by mail-vb0-f49.google.com with SMTP id w16so361546vbb.22 for ; Wed, 31 Jul 2013 00:46:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Zzf4fFfxE46OXCjPqn9Z8iy+cavAEXa6BpvVx0/cNBk=; b=J4g2wO8C1unvr9oisJMVb4N8CQqU8467rXvCXENUvNUBvIL9bY1Lt9+AlCCtNLCNt+ cZlP3bo6DQfLeHEr+g1g8Xh+/CfBikrs9Uv4nxlfe7BdeO+GN5g5gvVu+ZZl/9pO9SqF 82bDiV+F22EFpfVwzilWvbhIPeOJMSKxbu8rBq6R3JQY6jzhvZ866EiXj9HTWxzAH6tK gLh/bogVaWwFsEnqs+4nVf6cb6VJOhyjneozZYBamzDjWfKt41hmvJJBt7SIqaGKBkla /huygkFgDqXs6B9jys1CnHoWVOI3ckt3HRaY7cRId6tAcOkKmQZiXV/WKuYBKzFV8Q3w 1jSQ== MIME-Version: 1.0 X-Received: by 10.220.76.69 with SMTP id b5mr389184vck.85.1375256779807; Wed, 31 Jul 2013 00:46:19 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Wed, 31 Jul 2013 00:46:19 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 11:46:19 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 07:46:21 -0000 As I can see official intruction for upgrading says to do three times of freebsd-update install (between reboots). But I did two because at third time my system says No updates are available to install. Run '/usr/sbin/freebsd-update fetch' first. 2013/7/30 Pavel Timofeev : > Sorry, I've already realised that double relay's ip address in log in normal. > Anyway, problem is still here. > > 2013/7/30 Pavel Timofeev : >> Hello everyone! >> I've just upgraded (binary) my server from FreeBSD 9.1-RELEASE amd64 >> to 9.2-BETA2. >> And my sendmail can't resolv any hostname. It says: >> Jul 30 17:28:54 reticulum sm-mta[3191]: r6UCqeun016122: >> to=, ctladdr= (1001/1001), >> delay=00:36:14, xdelay=00:00:00, mailer=esmtp, pri=300348, >> relay=kalmar.xxx.ru., dsn=4.0.0, stat=Deferred: Name server: >> kalmar.xxx.ru.: host name lookup failure >> >> Meanwhile, I didn't change anything in resolv.conf and I can't find >> anything wrong when I use nslookup manually. It works. Furthermore, >> when I set to mailertable something like >> xxx.ru smtp:[192.168.62.209] >> where ip address is address of another server (not kalmar's which is >> mx server) sendmail works but with strange log message >> Jul 30 17:44:17 octans sm-mta[11666]: r6UDiGhD011656: >> to=, ctladdr= (1001/1001), >> delay=00:00:01, xdelay=00:00:01, mailer=smtp, pri=30340, >> relay=[192.168.62.209] [192.168.62.209], dsn=2.0.0, stat=Sent >> (r6UDiG8v018961 Message accepted for delivery) >> Why it says relay's ip address two time in log? >> Is someone experiencing such problems? I mean can someone confirm >> similar behaviour? >> Could you please check on 9.2-BETA2 stuff like "echo bla | mail >> myemail@mydomain.com"? >> I can provide more info that you want. Thanks! From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 07:49:31 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 373065DA for ; Wed, 31 Jul 2013 07:49:31 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-ob0-x231.google.com (mail-ob0-x231.google.com [IPv6:2607:f8b0:4003:c01::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 05D162F68 for ; Wed, 31 Jul 2013 07:49:30 +0000 (UTC) Received: by mail-ob0-f177.google.com with SMTP id f8so727895obp.8 for ; Wed, 31 Jul 2013 00:49:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=oDcZDDny4BA3SNglIHMQkjTdvJfeXdCEKBRusaU1OpQ=; b=0/B0gDptqRyX7v+PH0Ubx0O1Z987nFOBhCqwsgEp8ZQSVpLy/6tQoiZT56eycatfES +jhWHERVlCVTRu11KR2PdPIH300law7GYyKreO+LdIYc/oQwiiWQ88zAFBaZywDUFT4K 1nZ2g2HC43U8dHDN1ixaOmVjU7MIq52gIrNl+8rt1R+tInQKhanpU0Z4MymoNJCTxvd8 y2oT0Z2vk+HfKfnfRpx4UMy2EsUpv8Z4sWKH+8WDWCCoF7LTI4KW2KfysSgEhhmrmMof a0sbOzOG8JLmh50eL8ohkZgYb515eqH7fb00ZcB4frwL9mi26TwUvL6yzIVqLH026N5R s+5A== MIME-Version: 1.0 X-Received: by 10.50.20.195 with SMTP id p3mr56108ige.26.1375256970342; Wed, 31 Jul 2013 00:49:30 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Wed, 31 Jul 2013 00:49:30 -0700 (PDT) Date: Wed, 31 Jul 2013 03:49:30 -0400 X-Google-Sender-Auth: a35XbnY1EEWoehocoQKQBe0mXsk Message-ID: Subject: Problem with zfsloader on 9.2-BETA2 From: J David To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 07:49:31 -0000 In order to test ZFS on the upcoming 9.2 release, we upgraded a non-production 8.4 root-on-ZFS fileserver to 9.2-BETA2. The result was a non-bootable system. The first problem was gptzfsboot, but that was our fault=85 it never got upgraded when we switched to feature flags. So some time with the 8.4 live CD (the 9.x CD's do not boot on this system -- kern/162160 ) solved that. But the system still wouldn't boot, moving on to: ZFS: can't find pool by guid ZFS: can't find pool by guid We got around this by interrupting the stage1 loader and invoking data/root:/boot/zfsloader.old instead. Then we moved the 9.2 zfsloader out of the way and restored the 8.4 loader. So this system only boots with the 9.2 gptzfsboot and the 8.4 zfsloader. To the best of my knowledge, there is nothing broken or out of date with this zpool: $ zpool status pool: data state: ONLINE scan: resilvered 451G in 70h36m with 0 errors on Fri Feb 17 00:26:19 2012 config: NAME STATE READ WRITE CKSUM data ONLINE 0 0 0 raidz2-0 ONLINE 0 0 0 da2p1 ONLINE 0 0 0 da3p1 ONLINE 0 0 0 da4p1 ONLINE 0 0 0 da5p1 ONLINE 0 0 0 da6p1 ONLINE 0 0 0 da7p1 ONLINE 0 0 0 logs gpt/slog0 ONLINE 0 0 0 cache gpt/cache1 ONLINE 0 0 0 errors: No known data errors $ zpool upgrade This system supports ZFS pool feature flags. All pools are formatted using feature flags. Every feature flags pool has all supported features enabled. Does anyone know why the 9.2 zfsloader won't load it? Thanks! From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 08:48:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7645E68A for ; Wed, 31 Jul 2013 08:48:44 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 38B102281 for ; Wed, 31 Jul 2013 08:48:44 +0000 (UTC) Received: from nine.des.no (smtp.des.no [194.63.250.102]) by smtp-int.des.no (Postfix) with ESMTP id DD61A448F; Wed, 31 Jul 2013 08:48:36 +0000 (UTC) Received: by nine.des.no (Postfix, from userid 1001) id 11B6838DCD; Wed, 31 Jul 2013 10:48:41 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: David Demelier Subject: Re: Bind in FreeBSD, security advisories References: Date: Wed, 31 Jul 2013 10:48:40 +0200 In-Reply-To: (David Demelier's message of "Tue, 30 Jul 2013 09:55:23 +0200") Message-ID: <867gg7glnb.fsf@nine.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 08:48:44 -0000 David Demelier writes: > For years, a lot of security advisories have been present for bind. > I'm just guessing if it's not a good idea to remove bind from base? There are plans to do so. It's not as trivial as people seem to think. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 08:52:12 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7B8E68EB for ; Wed, 31 Jul 2013 08:52:12 +0000 (UTC) (envelope-from tarkhil@webmail.sub.ru) Received: from mail.sub.ru (mail.sub.ru [88.212.205.2]) by mx1.freebsd.org (Postfix) with SMTP id BBB5A22DB for ; Wed, 31 Jul 2013 08:52:11 +0000 (UTC) Received: (qmail 576 invoked from network); 31 Jul 2013 12:45:27 +0400 Received: from 195.170.223.197 ([195.170.223.197]) by mail.sub.ru ([88.212.205.2]) with ESMTP via TCP; 31 Dec 1969 23:59:59 -0000 Message-ID: <51F8CEB1.2090801@webmail.sub.ru> Date: Wed, 31 Jul 2013 12:45:37 +0400 From: Alex Povolotsky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130219 Thunderbird/17.0.2 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: /usr/bin/ld: warning: creating a DT_TEXTREL in a shared object after freebsd-update Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 08:52:12 -0000 Hello I've updated (with freebsd-update) an old 7.3 to 9.1-RELEASE and now I cannot build at least one port. ports-mgmt/pkg ===> Building for pkg-1.1.4_1 sed -e 's,%%PKGVERSION%%,1.1.4,' Doxyfile.in > Doxyfile ===> external (all) ===> external/sqlite (all) Warning: Object directory not changed from original /usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/external/sqlite cc -O2 -pipe -fno-strict-aliasing -fPIC -DHAVE_READLINE=1 -I/usr/include/edit -DHAVE_POSIX_FALLOCATE=1 -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DHAVE_USLEEP=1 -DHAVE_LOCALTIME_R=1 -DHAVE_GMTIME_R=1 -DHAVE_DECL_STRERROR_R=1 -DHAVE_STRERROR_R=1 -DSQLITE_OMIT_AUTOVACUUM -DSQLITE_OMIT_BLOB_LITERAL -DSQLITE_OMIT_DECLTYPE -DSQLITE_OMIT_EXPLAIN -DSQLITE_OMIT_DEPRECATED -DSQLITE_OMIT_LOAD_EXTENSION -DSQLITE_OMIT_PROGRESS_CALLBACK -DSQLITE_OMIT_TCL_VARIABLE -DSQLITE_OMIT_UTF16 -DSQLITE_OMIT_CAT -DSQLITE_OMIT_CHECK -DSQLITE_OMIT_AUTOINIT -DSQLITE_OMIT_COMPILEOPTION_DIAGS -DSQLITE_OMIT_INTEGRITY_CHECK -DSQLITE_OMIT_BUILTIN_TEST -DSQLITE_OMIT_SHARED_CACHE -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 -DUSE_PREAD -DSQLITE_THREADSAFE=1 -DSQLITE_TEMP_STORE=3 -Dmain=sqlite3_shell -DNDEBUG -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wno-pointer-sign -Wformat=2 -Wno-format-extra-args -Werror -c sqlite3.c -o sqlite3.o ... cc -fpic -DPIC -O2 -pipe -fno-strict-aliasing -DDEFAULT_MIRROR_TYPE=1 -std=c99 -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/sqlite -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/uthash -DBUNDLED_YAML -I /usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/libyaml/include -DPREFIX=\"/usr/local\" -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wno-pointer-sign -c plugins.c -o plugins.So cc -fpic -DPIC -O2 -pipe -fno-strict-aliasing -DDEFAULT_MIRROR_TYPE=1 -std=c99 -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/sqlite -I/usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/uthash -DBUNDLED_YAML -I /usr/ports/ports-mgmt/pkg/work/pkg-1.1.4/libpkg/../external/libyaml/include -DPREFIX=\"/usr/local\" -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wold-style-definition -Wno-pointer-sign -c pkg_old.c -o pkg_old.So building static pkg library ranlib libpkg.a building shared library libpkg.so.1 /usr/bin/ld: warning: creating a DT_TEXTREL in a shared object. *** [libpkg.so.1] Error code 1 1 error *** [all] Error code 2 1 error ===> Compilation failed unexpectedly. Googling did not yield anything useful. What should I check and fix? Alex From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 09:14:45 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9DF521BD for ; Wed, 31 Jul 2013 09:14:45 +0000 (UTC) (envelope-from hlh@restart.be) Received: from tignes.restart.be (tignes.restart.be [IPv6:2001:41d0:8:bdbe:0:1::]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 582732461 for ; Wed, 31 Jul 2013 09:14:45 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=2001:41d0:8:bdbe:1:ffff::; helo=restart.be; envelope-from=hlh@restart.be; receiver=freebsd-stable@freebsd.org DKIM-Filter: OpenDKIM Filter v2.8.3 tignes.restart.be 3c4pql2HpCzRrx DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=restart.be; s=tignes; t=1375262083; bh=cZpfonVF8GmXp9LIYlvLKH6Tm8Og7zK12J+d8xY9EqY=; h=Date:From:To:Subject:References:In-Reply-To; z=Date:=20Wed,=2031=20Jul=202013=2011:14:41=20+0200|From:=20Henri=2 0Hennebert=20|To:=20freebsd-stable@freebsd.org|Sub ject:=20Re:=209.2-BETA2=20-=20Problem=20with=20newsyslog|Reference s:=20<51F63365.8020108@restart.be>|In-Reply-To:=20<51F63365.802010 8@restart.be>; b=Zkp9oyd+g2bu8I8UQ1Gm0JPPozQLFfJvtUWvt3q6HfOBs1tndMfZV8mUl2MakxlMT 9EoBmvR8cZ08zIYIzZAgIMNSOWWufNCiw83DKKtVUTxUtzY74jduK5s2R14e5AANr3 oDgYAgLkHSyrBym14H82O5RIeTZRe9zdBtKp43RBknxa5aSSCbYzep2nnlv4wDBw2h kvymrqRPbBsbtTDTnNWNq22G60tmHOTMqIHcMC9fTwQaKT/oWOAhG2HmN6IHl81HrK uXOndwDLqIXo6jCuvd0Byx35gjXUm+E0kJRhoO3GSvt/P88eFzpE7W2hLVw1bEALyW /Rll4HBboOO3g== Received: from restart.be (avoriaz.tunnel.bel [IPv6:2001:41d0:8:bdbe:1:ffff::]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smtp.restart.be", Issuer "CA master" (verified OK)) by tignes.restart.be (Postfix) with ESMTPS id 3c4pql2HpCzRrx for ; Wed, 31 Jul 2013 11:14:42 +0200 (CEST) Received: from morzine.restart.bel (morzine.restart.be [IPv6:2001:41d0:8:bdbe:1:2::]) (authenticated bits=0) by restart.be (8.14.7/8.14.7) with ESMTP id r6V9EfXc022041 for ; Wed, 31 Jul 2013 11:14:41 +0200 (CEST) (envelope-from hlh@restart.be) Message-ID: <51F8D581.3060708@restart.be> Date: Wed, 31 Jul 2013 11:14:41 +0200 From: Henri Hennebert Organization: RestartSoft User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:17.0) Gecko/20130709 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: 9.2-BETA2 - Problem with newsyslog References: <51F63365.8020108@restart.be> In-Reply-To: <51F63365.8020108@restart.be> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 09:14:45 -0000 On 07/29/2013 11:18, Henri Hennebert wrote: > Hello, > > My entry for newsyslog in /etc/crontab is: > > 0 * * * * root newsyslog -t \%Y-\%m-\%d_\%H:\%M > > And I get: > > newsyslog: Could not convert time string to time value: No such file or > directory > > I try to use the newsyslog from head to to avail. This solution was > working a month ago (see Revision 248776) Here I must have make some mistake... I retry with newsyslog.c from head and all is OK Henri > > My file system is zfs version 28. > > Henri > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 09:20:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6032A61D for ; Wed, 31 Jul 2013 09:20:32 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C2FDA24BA for ; Wed, 31 Jul 2013 09:20:31 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r6V9KQup093442 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 31 Jul 2013 11:20:26 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r6V9KQB0093439; Wed, 31 Jul 2013 11:20:26 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Wed, 31 Jul 2013 11:20:26 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: J David Subject: Re: Problem with zfsloader on 9.2-BETA2 In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-939378192-1375262426=:1327" X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 09:20:32 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-939378192-1375262426=:1327 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT On Wed, 31 Jul 2013 03:49-0400, J David wrote: > In order to test ZFS on the upcoming 9.2 release, we upgraded a > non-production 8.4 root-on-ZFS fileserver to 9.2-BETA2. > > The result was a non-bootable system. The first problem was > gptzfsboot, but that was our fault? it never got upgraded when we > switched to feature flags. So some time with the 8.4 live CD (the 9.x > CD's do not boot on this system -- kern/162160 ) solved that. > > But the system still wouldn't boot, moving on to: > > ZFS: can't find pool by guid > ZFS: can't find pool by guid > > We got around this by interrupting the stage1 loader and invoking > data/root:/boot/zfsloader.old instead. Then we moved the 9.2 > zfsloader out of the way and restored the 8.4 loader. > > So this system only boots with the 9.2 gptzfsboot and the 8.4 zfsloader. > > To the best of my knowledge, there is nothing broken or out of date > with this zpool: > > $ zpool status > pool: data > state: ONLINE > scan: resilvered 451G in 70h36m with 0 errors on Fri Feb 17 00:26:19 2012 > config: > > NAME STATE READ WRITE CKSUM > data ONLINE 0 0 0 > raidz2-0 ONLINE 0 0 0 > da2p1 ONLINE 0 0 0 > da3p1 ONLINE 0 0 0 > da4p1 ONLINE 0 0 0 > da5p1 ONLINE 0 0 0 > da6p1 ONLINE 0 0 0 > da7p1 ONLINE 0 0 0 > logs > gpt/slog0 ONLINE 0 0 0 > cache > gpt/cache1 ONLINE 0 0 0 > > errors: No known data errors > $ zpool upgrade > This system supports ZFS pool feature flags. > > All pools are formatted using feature flags. > > Every feature flags pool has all supported features enabled. > > > Does anyone know why the 9.2 zfsloader won't load it? > > Thanks! I'm curious as to why you use da?p1 as the freebsd-zfs partitions. Where does the freebsd-boot partition reside? da?p2? What does the "gpart show" command tell you? I normally use *p1 for freebsd-boot, *p2 for freebsd-swap and *p3 for freebsd-swap. I know some people who put freebsd-zfs on *p2 and freebsd-swap on *p3. Maybe the partitions are interchangeable after all. As a general rule, I think it's wise to always update the boot blocks whenever you plan to upgrade the pool format or the filesystems. If I have the time later this afternoon, or maybe tomorrow, I will attempt the following on a couple of VMs: 1. Install 8.4-RELEASE with ZFS SPA v28. 2. Upgrade ZFS SPA to v5000. Updating the boot blocks shouldn't be necessary this time. 3. Upgrade by source to 8.4-STABLE and see what happens then. 4. Upgrade by source to 9.2-BETA2, and possibly update the boot blocks using the installed files prior to rebooting, and see what happens then. A second attempt would involve going straight from 8.4-RELEASE to 9.2-BETA2. I'll let you know how well I fared. -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestl, | Trond Endrestl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-939378192-1375262426=:1327-- From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 11:02:52 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id BFEA62D9 for ; Wed, 31 Jul 2013 11:02:52 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x233.google.com (mail-ve0-x233.google.com [IPv6:2607:f8b0:400c:c01::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 810B62B31 for ; Wed, 31 Jul 2013 11:02:52 +0000 (UTC) Received: by mail-ve0-f179.google.com with SMTP id c13so562031vea.38 for ; Wed, 31 Jul 2013 04:02:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=AoUCXp7bgBL3ZvOkjBnx8zXu/+EM8M+5/tP0LwHbGxY=; b=PsUrQMWuqhrD52tGEAo/z9Imrxveq9xYSLk/kii5nOj4KFesLW5hOdU5syqzn9XEgD ThWs8jdJY6fNMuJxeTuj9m79tfJsKfWS31a0PADP54UMTHJikIBET0FpdbQwYQVOhMj3 jUc1c52TCcZKIDrsQggAbaw4IpNU0G47WfFGF1DxjF43+I/n7/Sokxgxb+YJ/OZ4/+i+ 9AsmN/d0WUOwuP94cQrJlnaz9xXgWiCvxM58xW1WbVUbAvpglU/p7wXchv+vhahB88PO MoBkW+v+Y9yd89VeeVW/3pLKDKUzxhntKgFFHrikfUAK5FxcxNUbTGCCvBX3VCrcqhXc MueQ== MIME-Version: 1.0 X-Received: by 10.58.85.161 with SMTP id i1mr28094101vez.97.1375268571625; Wed, 31 Jul 2013 04:02:51 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Wed, 31 Jul 2013 04:02:51 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 15:02:51 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 11:02:52 -0000 Looks like my sendmail uses only IPv6 to resolve mx server dns name to ip address. 14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain: 53417+ AAAA? xxx.ru. (24) [13/98] 14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032: 53417* 0/1/0 (75) 14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain: 53418+ A? xxx.ru. (24) 14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299: 53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A 192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19 (136) 14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain: 53419+ MX? xxx.ru. (24) 14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244: 53419* 1/0/1 MX kalmar.xxx.ru. 10 (63) 14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain: 53420+ AAAA? kalmar.xxx.ru. (31) 14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461: 53420* 0/1/0 (82) 14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain: 53421+ AAAA? kalmar.xxx.ru. (31) 14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332: 53421* 0/1/0 (82) 14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain: 53422+ AAAA? kalmar. (24) 14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453: 53422 ServFail 0/0/0 (24) 14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain: 53422+ AAAA? kalmar. (24) 14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038: 53422 ServFail 0/0/0 (24) 14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain: 53423+ AAAA? kalmar.xxx.ru. (31) 14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393: 53423* 0/1/0 (82) 14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain: 53424+ AAAA? kalmar. (24) 14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558: 53424 ServFail 0/0/0 (24) 14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain: 53424+ AAAA? kalmar. (24) 14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297: 53424 ServFail 0/0/0 (24) How to force it to use IPv4? From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 11:15:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B73FC5BD for ; Wed, 31 Jul 2013 11:15:32 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 239C42BBE for ; Wed, 31 Jul 2013 11:15:31 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6VBFNS0091819 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Wed, 31 Jul 2013 14:15:26 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F8F1CB.20707@digsys.bg> Date: Wed, 31 Jul 2013 14:15:23 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> In-Reply-To: <51F8B0E8.8090608@ShaneWare.Biz> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 11:15:32 -0000 On 31.07.13 09:38, Shane Ambler wrote: > On 31/07/2013 01:31, Daniel Kalchev wrote: > >> But here is an idea: Remove BIND from HEAD overnight and see how many >> will complain ;-) If nobody complains, don't put it back in. > > Or change the default to off. If you want bind add WITH_BIND=yes to > src.conf That is just as good solution as removing BIND from base. It is also easier and faster to ass it as package/point, instead of recompiling the whole base system. > > It's hard to say FreeBSD is a safe and secure OS when part of the base > install is always being shown to have security flaws. New features need > to prove they are reliable before they are accepted into a release yet > we allow something that has a long proven history of being a source of > security concerns. Stop right here! There is plenty of other software that is in base and is just as "buggy" or even more than BIND. BIND, by the way benefits from the fact that it runs on many other platforms and that those bugs are typically found there, not on FreeBSD. In contrast to that the "perfect FreeBSD only code" has bugs discovered only when someone stumbles on them in FreeBSD. > > For something that needs to be constantly updated in between system > updates then ports is the place to install it from. You don't have to update BIND constantly, especially if you are not using it. If you are using it, you will want it updated, no matter what. > > I think it is less about whether bind is useful and needs to be in base > and more about should every user of FreeBSD be open to security issues > or should a user have the option to say "yes I want potentially insecure > software on my machine". The ports system allows messages that make it > obvious to the user about security concerns. You are reading too much into that messages. FreeBSD is not bug free, nor is any other piece of code. > > How many people setup and use a FreeBSD machine without adding something > from ports or packages? Anyone who can, does prefer to not install any ports. I have over a dozens servers (and a gazillion jailed instances) that don't have one single port installed. I find this feature of FreeBSD especially appealing and something we should keep. By the way, for those inclined to ask me for statistics: this is my personal experience. It works for me. If you don't do that, it tells me nothing I care about. We might have different reasons to make different choices. Daniel From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:22:23 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7C2C2FF9 for ; Wed, 31 Jul 2013 12:22:23 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4DDB22EF3 for ; Wed, 31 Jul 2013 12:22:22 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id C1151213A9 for ; Wed, 31 Jul 2013 08:22:20 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Wed, 31 Jul 2013 08:22:20 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=ZlEOChvjDhmaOAZUnhQ9Z7swl48=; b=UDB wWOMoGGMknJaflblRSqVIP9QGa6bkUV0KvhilZa309IaRUStk7YR5OdOjafw+lNs apbKZaNFWb9Hbswy8Txo56K377oRF6+58WP4sXwMmKtMYc3o28jZDBGXz27m9PUH u/TDkQqScKA0dZfsj6n6sy6qbUYizr0f38vcRNw8= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id A48A7B01F71; Wed, 31 Jul 2013 08:22:20 -0400 (EDT) Message-Id: <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> X-Sasl-Enc: wQ7Gr/6Mh4G/6nGFmM21fKf6Bu6BHxcxM1JciiCTjeSu 1375273340 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 In-Reply-To: <51F8F1CB.20707@digsys.bg> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> <51F8F1CB.20707@digsys.bg> Subject: Re: Bind in FreeBSD, security advisories Date: Wed, 31 Jul 2013 07:22:20 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:22:23 -0000 On Wed, Jul 31, 2013, at 6:15, Daniel Kalchev wrote: > > On 31.07.13 09:38, Shane Ambler wrote: > > > > For something that needs to be constantly updated in between system > > updates then ports is the place to install it from. > > You don't have to update BIND constantly, especially if you are not > using it. If you are using it, you will want it updated, no matter what. > Let's take a moment and consider the state of the internet and DNS attacks. The RRL and RPZ2 patchsets[1] are newer developments that successfully add additional security and features to BIND. It was also recently announced that due to the success of this work the RRL[2] patch will be accepted by ISC into BIND mainline. How many users of BIND on FreeBSD are going to realize they need to run a copy of BIND from ports to get this extremely important protection? It certainly isn't going to get backported to 8-STABLE or 9-STABLE; I don't even know if it will show up in 10.0-RELEASE as a quick grep shows it's not there. To put some perspective on it, FreeBSD 8.x users are literally 6 years behind CURRENT... Now Redhat has a bugzilla[3] report backporting it to RHEL6, but FreeBSD's policy is generally "bugfixes and security fixes only, don't introduce new features or behavior", and I don't expect that to change especially for a piece of software in contrib. If a user was running BIND from ports and they would more readily have that feature at their disposal. The port maintainer could even put a sane default in the example config. Unfortunately the number of FreeBSD BIND users who realize they are afforded this protection are going to be slim, and the number actually using it nearly as small. It's quite disappointing. [1] http://ss.vix.su/~vjs/rrlrpz.html [2] http://www.isc.org/blogs/isc-adds-ddos-defense-module-to-bind-software/ [3] https://bugzilla.redhat.com/show_bug.cgi?id=873624 From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:24:27 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B812E2B4 for ; Wed, 31 Jul 2013 12:24:27 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-vb0-x22a.google.com (mail-vb0-x22a.google.com [IPv6:2607:f8b0:400c:c02::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 752D72F31 for ; Wed, 31 Jul 2013 12:24:27 +0000 (UTC) Received: by mail-vb0-f42.google.com with SMTP id e12so603275vbg.29 for ; Wed, 31 Jul 2013 05:24:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=R7Nfsvn82vQv0OJJ9oFOzMVBWArxYdcSeVfCPdy9Qug=; b=BZ43Cog8EzHRkIj2kcsOJjn4vAmRV1SFSX7Z3szZ/aC3viP/pI2y6JoQZOY8WlLJzx 7aUVSF/EgcZhxn33lqxX+19bRxv+7PY4l9DwKB3e0TxCndGGetcLHbBfe+fAfo6sRjra aFLYlobBQUlzJiCplpyL7NZTvvgX2RDgDy7iOF6S2dYaYS+kynJaa84JjdH0prKn0AXh JVbESI4tKOIgodZaPys+VASKaC2PN/2mVQakR4zeG4DMkvu6u3KIctxcXFFQTpxmebdm MJeIjw2k8pTRjFdlOGBsO46Oq+zV0L9lJIEG3ufRKtCtfOr1jVDcYeg/35+bzu2weM+I r7TA== MIME-Version: 1.0 X-Received: by 10.58.118.8 with SMTP id ki8mr28290421veb.84.1375273466563; Wed, 31 Jul 2013 05:24:26 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Wed, 31 Jul 2013 05:24:26 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 16:24:26 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:24:27 -0000 I wanted to say that sendmail asks only AAAA (IPv6) record of mx server, but not A (IPv4). Any ideas? 2013/7/31 Pavel Timofeev : > Looks like my sendmail uses only IPv6 to resolve mx server dns name to > ip address. > > 14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain: > 53417+ AAAA? xxx.ru. (24) > [13/98] > 14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032: > 53417* 0/1/0 (75) > 14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain: > 53418+ A? xxx.ru. (24) > 14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299: > 53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A > 192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19 > (136) > 14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain: > 53419+ MX? xxx.ru. (24) > 14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244: > 53419* 1/0/1 MX kalmar.xxx.ru. 10 (63) > 14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain: > 53420+ AAAA? kalmar.xxx.ru. (31) > 14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461: > 53420* 0/1/0 (82) > 14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain: > 53421+ AAAA? kalmar.xxx.ru. (31) > 14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332: > 53421* 0/1/0 (82) > 14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain: > 53422+ AAAA? kalmar. (24) > 14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453: > 53422 ServFail 0/0/0 (24) > 14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain: > 53422+ AAAA? kalmar. (24) > 14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038: > 53422 ServFail 0/0/0 (24) > 14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain: > 53423+ AAAA? kalmar.xxx.ru. (31) > 14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393: > 53423* 0/1/0 (82) > 14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain: > 53424+ AAAA? kalmar. (24) > 14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558: > 53424 ServFail 0/0/0 (24) > 14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain: > 53424+ AAAA? kalmar. (24) > 14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297: > 53424 ServFail 0/0/0 (24) > > How to force it to use IPv4? From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:36:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 191E087B for ; Wed, 31 Jul 2013 12:36:32 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [IPv6:2001:44b8:8060:ff02:300:1:6:4]) by mx1.freebsd.org (Postfix) with ESMTP id A3C6F2FC0 for ; Wed, 31 Jul 2013 12:36:28 +0000 (UTC) Received: from ppp247-71.static.internode.on.net (HELO leader.local) ([203.122.247.71]) by ipmail04.adl6.internode.on.net with ESMTP; 31 Jul 2013 22:06:27 +0930 Message-ID: <51F904C7.4070205@ShaneWare.Biz> Date: Wed, 31 Jul 2013 22:06:23 +0930 From: Shane Ambler User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130516 Thunderbird/17.0.6 MIME-Version: 1.0 To: Chris H Subject: Re: Does the image on isc.portsnap.freebsd.org have a virus? References: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> In-Reply-To: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:36:32 -0000 On 31/07/2013 15:44, Chris H wrote: > Greetings, > I know this sounds crazy, and apologies if I am. But I have 2 RELENG_8 servers; > 1 amd64, and 1 i386. about 3 wks ago, I migrated from cv(sup) updating, to svn on > the amd64 box. > After removing cv(sup) related folders, and the ports folder, I used: > portsnap fetch > After the fetch completed I ran: > portsnap extract > which verified/patched && extracted the image to /usr/ports. > Tonight, I initiated the same procedure on the i386 server. _BUT_ upon completion of > the fetch, it proceeded to verify/patch && extract; _not_ to /usr/ports, but to > /var/db/portsnap/ports. re-examining /etc/portsnap.conf, and re-reading the portsnap(8) man > page, reveals that _both_ .conf files are identical, as were the version(s) used on both > boxes. An additional attempt to portsnap fetch, resulted in the same (unorthodox) behavior. > What gives?! Are you watching as it started or when it finished? /var/db/portsnap is used by portsnap to download updates that it uses to generate the /usr/ports files. Just guessing but it may also extract and patch files there before moving them to /usr/ports From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:37:50 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B2B409A0 for ; Wed, 31 Jul 2013 12:37:50 +0000 (UTC) (envelope-from erwin@mail.droso.net) Received: from mail.droso.net (koala.droso.dk [213.239.220.246]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7195A2FDA for ; Wed, 31 Jul 2013 12:37:50 +0000 (UTC) Received: by mail.droso.net (Postfix, from userid 1001) id 266CE11F27; Wed, 31 Jul 2013 14:37:42 +0200 (CEST) Date: Wed, 31 Jul 2013 14:37:42 +0200 From: Erwin Lansing To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories Message-ID: <20130731123741.GO84587@droso.dk> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> <51F8F1CB.20707@digsys.bg> <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline In-Reply-To: <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> X-Operating-System: FreeBSD/amd64 9.1-RELEASE User-Agent: Mutt/1.5.21 (2010-09-15) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:37:50 -0000 On Wed, Jul 31, 2013 at 07:22:20AM -0500, Mark Felder wrote: > > Let's take a moment and consider the state of the internet and DNS > attacks. The RRL and RPZ2 patchsets[1] are newer developments that > successfully add additional security and features to BIND. It was also > recently announced that due to the success of this work the RRL[2] patch > will be accepted by ISC into BIND mainline. > > How many users of BIND on FreeBSD are going to realize they need to run > a copy of BIND from ports to get this extremely important protection? It > certainly isn't going to get backported to 8-STABLE or 9-STABLE; I don't > even know if it will show up in 10.0-RELEASE as a quick grep shows it's > not there. To put some perspective on it, FreeBSD 8.x users are > literally 6 years behind CURRENT... > 3rd party, and especially those that are still being distributed as experimental, will not be part of the base BIND code. It will only contain a direct import from the vendor sources. After a -STABLE branche is branched into a -RELEASE branch, the latter will only get security updates, sometimes backported depending on the upstream life cycle. For feature update, users have always been dependent on ports as the BIND versions included in -RELEASE are quickly falling behind. On a side note, BIND 10 introduces a large number of 3rd party dependencies, none of which are very attractive to include in the FreeBSD base system by default. This means that we can use BIND9 so far, but for the long term, we'll have to look into a more viable alternative anyway. Erwin -- Erwin Lansing http://droso.dk erwin@FreeBSD.org http:// www.FreeBSD.org From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:44:47 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B47C7C18 for ; Wed, 31 Jul 2013 12:44:47 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8537D2018 for ; Wed, 31 Jul 2013 12:44:47 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 5A38F2164D for ; Wed, 31 Jul 2013 08:44:46 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Wed, 31 Jul 2013 08:44:46 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:subject:date:in-reply-to :references; s=smtpout; bh=YfsbZ+wpKBUSvRsRjurKMizd0Yo=; b=XAEn3 X+JecrM7r8d8lZbFaGAqIpaKwMuEUcsoaUtWYsPy5dd8G5FvECNPojXAtBIpbCF8 C86veWCJLWOku2cb/0C+xuxn73hl3lnELV0GZyx/Eznod0fMfDoCAH+WGOd0tGsA GZPZ2ul0n7B67fEaNVbQ3XVSYhLX74yxMkVQMo= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 08487B01F75; Wed, 31 Jul 2013 08:44:46 -0400 (EDT) Message-Id: <1375274685.29675.3670495.2BC93862@webmail.messagingengine.com> X-Sasl-Enc: OQIAubt2Rj+I6XJb/aSr3Rl/fEE/Y1QYygn/sU0YNw7N 1375274685 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-9e4be734 Subject: Re: Bind in FreeBSD, security advisories Date: Wed, 31 Jul 2013 07:44:45 -0500 In-Reply-To: <20130731123741.GO84587@droso.dk> References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> <51F8F1CB.20707@digsys.bg> <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> <20130731123741.GO84587@droso.dk> X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:44:47 -0000 On Wed, Jul 31, 2013, at 7:37, Erwin Lansing wrote: > > 3rd party, and especially those that are still being distributed as > experimental, will not be part of the base BIND code. It will only > contain a direct import from the vendor sources. > I agree, experimental patches have no place in base. If this hits BIND 9.9 though I'd never even consider running BIND from base as an authoritative server as it's missing this patch which can at least partially mitigate a DoS. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:51:28 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id A0836F2B for ; Wed, 31 Jul 2013 12:51:28 +0000 (UTC) (envelope-from matthew@freebsd.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 37566206C for ; Wed, 31 Jul 2013 12:51:28 +0000 (UTC) Received: from rufus.webfusion.com (mail.heartinternet.co.uk [79.170.40.31]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id r6VCpGPl034470 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Wed, 31 Jul 2013 13:51:23 +0100 (BST) (envelope-from matthew@freebsd.org) DKIM-Filter: OpenDKIM Filter v2.8.3 smtp.infracaninophile.co.uk r6VCpGPl034470 Authentication-Results: smtp.infracaninophile.co.uk/r6VCpGPl034470; dkim=none reason="no signature"; dkim-adsp=none (unprotected policy) X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host mail.heartinternet.co.uk [79.170.40.31] claimed to be rufus.webfusion.com Message-ID: <51F90842.4060606@freebsd.org> Date: Wed, 31 Jul 2013 13:51:14 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130715 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.8 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00, RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:51:28 -0000 On 31/07/2013 13:24, Pavel Timofeev wrote: > I wanted to say that sendmail asks only AAAA (IPv6) record of mx > server, but not A (IPv4). > Any ideas? ip6addrctl(8) perhaps? Also check /etc/rc.d/ip6addrctl and the variables used by that script in /etc/defaults/rc.conf which you can use to set preferences for ipv6 vs. ipv4 at boot time. Cheers, Matthew From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 12:54:10 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id AC4D1FA for ; Wed, 31 Jul 2013 12:54:10 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com [IPv6:2607:f8b0:400c:c01::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 67E742091 for ; Wed, 31 Jul 2013 12:54:10 +0000 (UTC) Received: by mail-ve0-f175.google.com with SMTP id oy10so672105veb.6 for ; Wed, 31 Jul 2013 05:54:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=x2H2aa1Yg/Xn/WShwRM2Ac5yTrR0fCgZDHDiRzORff0=; b=wiRH0aK64PUC+RbFLSXJGckArwFySOHH4wSjELhmbEN1ERnkN10uzZ1+Omif7m98uT /0DUn8IjPulizhUwEzFhvFyT4gJqe4pL34yuTjkwXM0cAABCr7LgFxvKc89fVjuBlGGq ZSRmk+kUMEpXAcpBMYrM6sYZmBRyUg8SwwfEe56v4mFz46q3H6bX33qBEWmsgsKQXgpm BXtey0L0wsAMT5YC33OOyiJNrXsP8uWcgj2WRtkAQPDEn4aZ8F6DKxDbNYKP7cIz8rsL +eshlVcx3irP+Q6amiUIOZ6VCxgofxdHGBsq5fUbP/ra0wD39R7tT8e2j3Yh2iLEP8tb dx4w== MIME-Version: 1.0 X-Received: by 10.220.76.69 with SMTP id b5mr687127vck.85.1375275248947; Wed, 31 Jul 2013 05:54:08 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Wed, 31 Jul 2013 05:54:08 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 16:54:08 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 12:54:10 -0000 I've just installed new fresh 9.2-BETA2 amd64 on another machine. Same behaviour - Sendmail asks DNS only for AAAA record of mx server. We don't use IPv6 in our company. 2013/7/31 Pavel Timofeev : > I wanted to say that sendmail asks only AAAA (IPv6) record of mx > server, but not A (IPv4). > Any ideas? > > 2013/7/31 Pavel Timofeev : >> Looks like my sendmail uses only IPv6 to resolve mx server dns name to >> ip address. >> >> 14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain: >> 53417+ AAAA? xxx.ru. (24) >> [13/98] >> 14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032: >> 53417* 0/1/0 (75) >> 14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain: >> 53418+ A? xxx.ru. (24) >> 14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299: >> 53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A >> 192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19 >> (136) >> 14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain: >> 53419+ MX? xxx.ru. (24) >> 14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244: >> 53419* 1/0/1 MX kalmar.xxx.ru. 10 (63) >> 14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain: >> 53420+ AAAA? kalmar.xxx.ru. (31) >> 14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461: >> 53420* 0/1/0 (82) >> 14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain: >> 53421+ AAAA? kalmar.xxx.ru. (31) >> 14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332: >> 53421* 0/1/0 (82) >> 14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain: >> 53422+ AAAA? kalmar. (24) >> 14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453: >> 53422 ServFail 0/0/0 (24) >> 14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain: >> 53422+ AAAA? kalmar. (24) >> 14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038: >> 53422 ServFail 0/0/0 (24) >> 14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain: >> 53423+ AAAA? kalmar.xxx.ru. (31) >> 14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393: >> 53423* 0/1/0 (82) >> 14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain: >> 53424+ AAAA? kalmar. (24) >> 14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558: >> 53424 ServFail 0/0/0 (24) >> 14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain: >> 53424+ AAAA? kalmar. (24) >> 14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297: >> 53424 ServFail 0/0/0 (24) >> >> How to force it to use IPv4? From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 13:58:40 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6F775725 for ; Wed, 31 Jul 2013 13:58:40 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0442523A6 for ; Wed, 31 Jul 2013 13:58:39 +0000 (UTC) Received: from dcave.digsys.bg (dcave.digsys.bg [193.68.6.1]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.6/8.14.6) with ESMTP id r6VDwS62025771 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Wed, 31 Jul 2013 16:58:29 +0300 (EEST) (envelope-from daniel@digsys.bg) Message-ID: <51F91804.2020503@digsys.bg> Date: Wed, 31 Jul 2013 16:58:28 +0300 From: Daniel Kalchev User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130627 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories References: <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <51F7C07C.9060606@digsys.bg> <51F7E352.30300@digsys.bg> <51F8B0E8.8090608@ShaneWare.Biz> <51F8F1CB.20707@digsys.bg> <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> In-Reply-To: <1375273340.22504.3655263.0DFF1E05@webmail.messagingengine.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 13:58:40 -0000 On 31.07.13 15:22, Mark Felder wrote: > On Wed, Jul 31, 2013, at 6:15, Daniel Kalchev wrote: >> On 31.07.13 09:38, Shane Ambler wrote: >>> For something that needs to be constantly updated in between system >>> updates then ports is the place to install it from. >> You don't have to update BIND constantly, especially if you are not >> using it. If you are using it, you will want it updated, no matter what. >> > Let's take a moment and consider the state of the internet and DNS > attacks. The RRL and RPZ2 patchsets[1] are newer developments that > successfully add additional security and features to BIND. It was also > recently announced that due to the success of this work the RRL[2] patch > will be accepted by ISC into BIND mainline. > > How many users of BIND on FreeBSD are going to realize they need to run > a copy of BIND from ports to get this extremely important protection? It > certainly isn't going to get backported to 8-STABLE or 9-STABLE; There is one solution to this, which I proposed earlier. Just don't ship/build the BIND binary by default. You will end up with only the resolver available and not be concerned with things like DDoS amplification. If you want an authoritative name server, just install it from ports. Another solution is to include the appropriate warning in named.conf for anyone setting up name server on FreeBSD to read. In fact, text like this is already present in say, 6-stable's version (I know, that version is very outdated already): /* ************************************************************************* * _ _____ _____ _____ _ _ _____ ___ ___ _ _ * * / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | * * / _ \ | | | | | _| | \| | | | | | | | | \| | * * / ___ \| | | | | |___| |\ | | | | | |_| | |\ | * * /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| * * * ************************************************************************* The version of BIND in the RELENG_6 branch (FreeBSD 6.x) is NOT suitable for use with DNSSEC, either as a validating resolver or an authoritative name server. If you plan to use DNSSEC for any purpose you should use a newer version of BIND, preferably version 9.6.x or higher. Additionally, this version of BIND (9.3.x) is beyond its End Of Life (EOL) date and is no longer supported by ISC. Newer versions are available in the ports tree (e.g., /usr/ports/dns/bind96) or by upgrading your FreeBSD installation to version 8.0 or higher. */ A better solution would be to apply the RRL patch to BIND in 8-stable and 9-stable. FreeBSD does ship a very controlled version of BIND in base and keeping it patched is trivial, in comparison with someone applying the patches themselves on "original" BIND sources that were just released (in a port). FreeBSD does apply patches to other software in base: for example ssh and the HPN patches. Even if you personally prefer some other DNS resolver/server that won't replace BIND In 8-stable or 9-stable (which will live in the coming years and result in the same problems). Every FreeBSD installation does benefit from an mature and full feature recursive resolver being available in the base system. What else than BIND you propose? Why is it better and ... most importantly, considering the topic of this thread: why you think it will not be subject to many new SAs over time? For.. if we don't have anything better at hand, BIND will apparently stay. Daniel From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 14:07:52 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D7AEABEB for ; Wed, 31 Jul 2013 14:07:52 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5CBBE2437 for ; Wed, 31 Jul 2013 14:07:51 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r6VDc4as083636 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 31 Jul 2013 23:08:10 +0930 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" Content-Type: multipart/signed; boundary="Apple-Mail=_ADC20482-21D1-4A63-967E-5BDAA72F13E7"; protocol="application/pgp-signature"; micalg=pgp-sha1 Date: Wed, 31 Jul 2013 23:08:03 +0930 Subject: Booting FreeBSD with Syslinux To: freebsd-stable stable Message-Id: Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 14:07:52 -0000 --Apple-Mail=_ADC20482-21D1-4A63-967E-5BDAA72F13E7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi, I am trying to make a FreeBSD 9.2 hybrid image (ie ISO & USB from the = same file) and as part of that I need to use syslinux. Unfortunately I = can't get Syslinux's mboot.c32 to run the kernel or loader as suggested = at http://www.syslinux.org/wiki/index.php/Mboot.c32 - it reports = "Invalid Multiboot image: neither ELF header nor a.out kludge found". I suspect I would be able to use memdisk as I have used that in the past = with syslinux (for 7.x) however this was seems a lot cleaner and easier = to generate. Has anyone had any success with this? Thanks. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_ADC20482-21D1-4A63-967E-5BDAA72F13E7 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+RM75ZPcIHs/zowRAm1rAJ9Dc5nher26ICegiziCJf846akBiQCeMnyM BaSAE61KxUWXVzTXMuHKLRo= =xHYA -----END PGP SIGNATURE----- --Apple-Mail=_ADC20482-21D1-4A63-967E-5BDAA72F13E7-- From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 14:21:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 32C04F81 for ; Wed, 31 Jul 2013 14:21:44 +0000 (UTC) (envelope-from yerenkow@gmail.com) Received: from mail-vb0-x234.google.com (mail-vb0-x234.google.com [IPv6:2607:f8b0:400c:c02::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E328124DA for ; Wed, 31 Jul 2013 14:21:43 +0000 (UTC) Received: by mail-vb0-f52.google.com with SMTP id f12so748635vbg.39 for ; Wed, 31 Jul 2013 07:21:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=tfKILw/pRI2zki15eJqGJSn/3UW/J6QcpZeVOQfw4c8=; b=b0b/z1RW+3EashIA7e7FQkL3qBpyipko0GDw34l0G+GVzv+Ia6SFmDIbRNatoPsYCq O1/BGjqJKjF/u44vYGl6HKiuzw1UEmS42pLlBLLxl7MxZ6ME2hAdVA+0QK9cSidfhvIP gacDKqbj0DV7pVP1Rpp55UalmbY2ZdvzlZf2ucFRru8OlBKzaIxbi2ehZxI68JDGMD7M TqqPOULm4Ep4FtRQEqcAmJNP1P7mvU/1sB2+m3VYuDoglXYJiKHOzaMG+/JucA6+VQR+ vySBR8IWkDSsyCmSk/FINZdczkzfrFbSCTCUS/gKZfdNSYG9JEpAsKFtftsJX4BhlVly m3QQ== MIME-Version: 1.0 X-Received: by 10.52.163.71 with SMTP id yg7mr17753383vdb.110.1375280502905; Wed, 31 Jul 2013 07:21:42 -0700 (PDT) Received: by 10.52.23.7 with HTTP; Wed, 31 Jul 2013 07:21:42 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 17:21:42 +0300 Message-ID: Subject: Re: Booting FreeBSD with Syslinux From: Alexander Yerenkow To: "Daniel O'Connor" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 14:21:44 -0000 You could see at mine experience long long time ago: http://trac.pcbsd.org/wiki/UsbFatBoot Maybe it's still relevant :) 2013/7/31 Daniel O'Connor > Hi, > I am trying to make a FreeBSD 9.2 hybrid image (ie ISO & USB from the same > file) and as part of that I need to use syslinux. Unfortunately I can't get > Syslinux's mboot.c32 to run the kernel or loader as suggested at > http://www.syslinux.org/wiki/index.php/Mboot.c32 - it reports "Invalid > Multiboot image: neither ELF header nor a.out kludge found". > > I suspect I would be able to use memdisk as I have used that in the past > with syslinux (for 7.x) however this was seems a lot cleaner and easier to > generate. > > Has anyone had any success with this? > > Thanks. > > -- > Daniel O'Connor software and network engineer > for Genesis Software - http://www.gsoft.com.au > "The nice thing about standards is that there > are so many of them to choose from." > -- Andrew Tanenbaum > GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C > > > > > > > -- Regards, Alexander Yerenkow From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 14:24:57 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C8CDF14F for ; Wed, 31 Jul 2013 14:24:57 +0000 (UTC) (envelope-from vrwmiller@gmail.com) Received: from mail-oa0-x22c.google.com (mail-oa0-x22c.google.com [IPv6:2607:f8b0:4003:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9482E2509 for ; Wed, 31 Jul 2013 14:24:57 +0000 (UTC) Received: by mail-oa0-f44.google.com with SMTP id l20so1629721oag.31 for ; Wed, 31 Jul 2013 07:24:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=6Qj/1+ElIUKDJxRk9YZymKdExm9Knf6r8Z+sxusBvcU=; b=N6HAtlifpmf3D+ZtwOh5b2cgAdEyFhdBnBZqZiGvPxXFKssNkz250h2IcqId4Vrqx9 s9/2dOObKM+NKd3abWOVViFCMo8CcmOSKTrZBqV1AgDBOajVL3nE2x70Q1n43lCjIbx2 d09ImoyVa4RJH++uI6LDjf19rALAXahYj5JDRT/YbgrV5v9D1dvBniP7CBc/IF2G2F1T xbdPq/+tc2NpPpcFyddLLRXkjD1ymVO+EPoWFsJZYAUsSFYtVqTQ2Rp9Zq58EsxJWfA4 CbZqGp3neFrHXP2Mf4FHUhOPjEMpW2K/ij3cePoT5qwhkxm33pL527fAAtRQ+WCaTQg1 CyWA== MIME-Version: 1.0 X-Received: by 10.43.145.69 with SMTP id jt5mr22178254icc.65.1375280696759; Wed, 31 Jul 2013 07:24:56 -0700 (PDT) Sender: vrwmiller@gmail.com Received: by 10.64.71.104 with HTTP; Wed, 31 Jul 2013 07:24:56 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 10:24:56 -0400 X-Google-Sender-Auth: Z20b4Ma4PSBfvyxxcWmzRE3LMEI Message-ID: Subject: Re: Booting FreeBSD with Syslinux From: Rick Miller To: "Daniel O'Connor" Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 14:24:57 -0000 On Wed, Jul 31, 2013 at 9:38 AM, Daniel O'Connor wrote: > Hi, > I am trying to make a FreeBSD 9.2 hybrid image (ie ISO & USB from the same file) and as part of that I need to > use syslinux. Unfortunately I can't get Syslinux's mboot.c32 to run the kernel or loader as suggested at > http://www.syslinux.org/wiki/index.php/Mboot.c32 - it reports "Invalid Multiboot image: neither ELF header nor > a.out kludge found". > > I suspect I would be able to use memdisk as I have used that in the past with syslinux (for 7.x) however this was > seems a lot cleaner and easier to generate. > > Has anyone had any success with this? I have not worked with Syslinux, but I do load a customized FreeBSD 8.x bootonly ISO via memdisk. I have not done similar with 9.x yet, but anticipate doing so with 9.2-RELEASE. I touch on it briefly in a blog post at http://blog.hostileadmin.com/2013/04/11/installing-freebsd-via-cobbler/ if you're interested. -- Take care Rick Miller From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 14:58:23 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9F198DAE for ; Wed, 31 Jul 2013 14:58:23 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4B7C9269B for ; Wed, 31 Jul 2013 14:58:22 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r6VEwbul036924 for ; Wed, 31 Jul 2013 07:58:43 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r6VEwVh4036921; Wed, 31 Jul 2013 07:58:31 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Wed, 31 Jul 2013 07:58:31 -0700 (PDT) Message-ID: <839cf247f267918cca2eb14eb0297dcf.authenticated@ultimatedns.net> In-Reply-To: <51F904C7.4070205@ShaneWare.Biz> References: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> <51F904C7.4070205@ShaneWare.Biz> Date: Wed, 31 Jul 2013 07:58:31 -0700 (PDT) Subject: Re: Does the image on isc.portsnap.freebsd.org have a virus? From: "Chris H" To: "freebsd-stable" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 14:58:23 -0000 Greetings, and thank you for your response. > On 31/07/2013 15:44, Chris H wrote: >> Greetings, >> I know this sounds crazy, and apologies if I am. But I have 2 RELENG_8 servers; >> 1 amd64, and 1 i386. about 3 wks ago, I migrated from cv(sup) updating, to svn on >> the amd64 box. >> After removing cv(sup) related folders, and the ports folder, I used: >> portsnap fetch >> After the fetch completed I ran: >> portsnap extract >> which verified/patched && extracted the image to /usr/ports. >> Tonight, I initiated the same procedure on the i386 server. _BUT_ upon completion of >> the fetch, it proceeded to verify/patch && extract; _not_ to /usr/ports, but to >> /var/db/portsnap/ports. re-examining /etc/portsnap.conf, and re-reading the portsnap(8) >> man >> page, reveals that _both_ .conf files are identical, as were the version(s) used on both >> boxes. An additional attempt to portsnap fetch, resulted in the same (unorthodox) >> behavior. >> What gives?! > > Are you watching as it started or when it finished? > > /var/db/portsnap is used by portsnap to download updates that it uses to > generate the /usr/ports files. > > Just guessing but it may also extract and patch files there before > moving them to /usr/ports Yep. I'm watching it. In the first instance, /usr/ports was removed (before initiating portsnap). But before the second attempt, I performed a mkdir /usr/ports. But in the end, the results were the same; portsnap fetch fetched the image, verified the image, extracted to /var/db/portsnap/ports, then patched, and exited. I did _not_ issue portsnap fetch && portsnap extract. So I guess portsnap extract is a noop. Guess it's time to update the portsnap(8) man pages to indicate portsnap fetch is no longer an option. Thanks again, for the reply. --chris > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 15:01:13 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 40745F2C for ; Wed, 31 Jul 2013 15:01:13 +0000 (UTC) (envelope-from dmagda@ee.ryerson.ca) Received: from eccles.ee.ryerson.ca (eccles.ee.ryerson.ca [141.117.1.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EB7FC26CC for ; Wed, 31 Jul 2013 15:01:12 +0000 (UTC) Received: from webmail.ee.ryerson.ca (eccles [172.16.1.2]) by eccles.ee.ryerson.ca (8.14.4/8.14.4) with ESMTP id r6VEwjMM046962; Wed, 31 Jul 2013 10:58:46 -0400 (EDT) (envelope-from dmagda@ee.ryerson.ca) Received: from 206.108.127.2 (SquirrelMail authenticated user dmagda) by webmail.ee.ryerson.ca with HTTP; Wed, 31 Jul 2013 10:58:47 -0400 Message-ID: <89db71bfd414c1de47cd125f47d322d6.squirrel@webmail.ee.ryerson.ca> In-Reply-To: <20130731.085541.74748290.sthaug@nethelp.no> References: <2F6932C3-EF37-49FC-83EE-05512DD5A05C@digsys.bg> <9b0056db5b760c755dd4acc45bfbd1ad.authenticated@ultimatedns.net> <20130731020623.7243C37DF218@drugs.dv.isc.org> <20130731.085541.74748290.sthaug@nethelp.no> Date: Wed, 31 Jul 2013 10:58:47 -0400 Subject: Re: Bind in FreeBSD, security advisories From: "David Magda" To: sthaug@nethelp.no User-Agent: SquirrelMail/1.4.22 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 15:01:13 -0000 On Wed, July 31, 2013 02:55, sthaug@nethelp.no wrote: > I'm also more than a little surprised about people dragging out > sendmail as a shining example of *good* (bug-free?) software. Does > nobody remember any history here? It wasn't *that* many years ago > that we seemed to have "sendmail-bug-of-the-day"... Seven years ago and ten years ago: http://www.freebsd.org/security/advisories/FreeBSD-SA-06:17.sendmail.asc http://www.freebsd.org/security/advisories/FreeBSD-SA-06:13.sendmail.asc http://www.freebsd.org/security/advisories/FreeBSD-SA-03:13.sendmail.asc http://www.freebsd.org/security/advisories/FreeBSD-SA-03:11.sendmail.asc http://www.freebsd.org/security/advisories/FreeBSD-SA-03:07.sendmail.asc http://www.freebsd.org/security/advisories/FreeBSD-SA-03:04.sendmail.asc In the same time period, BIND has had eighteen advisories. OpenSSL has had fourteen. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 15:45:01 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C81318AB for ; Wed, 31 Jul 2013 15:45:01 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [IPv6:2001:44b8:8060:ff02:300:1:6:4]) by mx1.freebsd.org (Postfix) with ESMTP id 5E6DD28A9 for ; Wed, 31 Jul 2013 15:45:01 +0000 (UTC) Received: from ppp247-71.static.internode.on.net (HELO leader.local) ([203.122.247.71]) by ipmail04.adl6.internode.on.net with ESMTP; 01 Aug 2013 01:15:00 +0930 Message-ID: <51F930F9.6010405@ShaneWare.Biz> Date: Thu, 01 Aug 2013 01:14:57 +0930 From: Shane Ambler User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130516 Thunderbird/17.0.6 MIME-Version: 1.0 To: Chris H Subject: Re: Does the image on isc.portsnap.freebsd.org have a virus? References: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> <51F904C7.4070205@ShaneWare.Biz> <839cf247f267918cca2eb14eb0297dcf.authenticated@ultimatedns.net> In-Reply-To: <839cf247f267918cca2eb14eb0297dcf.authenticated@ultimatedns.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 15:45:01 -0000 On 01/08/2013 00:28, Chris H wrote: > In the first instance, /usr/ports was removed (before initiating portsnap). But before > the second attempt, I performed a mkdir /usr/ports. But in the end, the results were > the same; > portsnap fetch fetched the image, verified the image, > extracted to /var/db/portsnap/ports, then patched, and exited. > I did _not_ issue portsnap fetch && portsnap extract. > So I guess portsnap extract is a noop. Guess it's time to update the portsnap(8) > man pages to indicate portsnap fetch is no longer an option. 'portsnap fetch' downloads the relevant data to /var/db/portsnap 'portsnap extract' extracts the files to /usr/ports 'portsnap update' updates existing files in /usr/ports So on a clean system you use portsnap fetch extract Then to update later you use portsnap fetch update (you can give multiple commands to portsnap in one go) If fetch extract works on amd64 and not i386 then you should submit a problem report so that it can be fixed. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 16:12:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EA2B92C5 for ; Wed, 31 Jul 2013 16:12:16 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x22c.google.com (mail-oa0-x22c.google.com [IPv6:2607:f8b0:4003:c02::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B438829E6 for ; Wed, 31 Jul 2013 16:12:16 +0000 (UTC) Received: by mail-oa0-f44.google.com with SMTP id l20so1928137oag.31 for ; Wed, 31 Jul 2013 09:12:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=8m487Fn8mOHOIJu0lI6i4V7KS9/f9kHqhv6aCa3GdRU=; b=kfYApHCZmbnXiyPRSlQKjn133rplHKNUGBHlOLLgtiOFUF696f2uSNPaCkDz2vH/8p eBdHYz2hSptsW4OGLclHUSQjmgP+ftCbmMW1HsK0T8yjQQb+BsIRfq+kvUoqGZzXnBdl q1Z4g9CaEO+tHbW0MJ52XxXHSuothLKxBZdniEMsWnWsB97eRYTsHcZP4hGFmpMPXccB E6fSXSAaCohCN8Y2DN6Zl9dJoc7roe/bH4QbaerVofND6j9KmSdV5MUVOlZmgGqRsgMS 7xx0sli2zML/kcMDBk3xoD73ky8pDoaJo7HCjvPnJuIcj+yenwnjCA1sPEaxcgG+W6H7 U1Fg== MIME-Version: 1.0 X-Received: by 10.42.215.11 with SMTP id hc11mr709405icb.9.1375287136089; Wed, 31 Jul 2013 09:12:16 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Wed, 31 Jul 2013 09:12:16 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 12:12:16 -0400 X-Google-Sender-Auth: b-JqC5gDDMvTW1QSDtCHTRgk8B4 Message-ID: Subject: Re: Problem with zfsloader on 9.2-BETA2 From: J David To: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 16:12:17 -0000 On Wed, Jul 31, 2013 at 5:20 AM, Trond Endrest=F8l wrote: > I'm curious as to why you use da?p1 as the freebsd-zfs partitions. Those are whole-disk partitions. > Where does the freebsd-boot partition reside? da?p2? Only the log and cache disks have boot and swap partitions. > What does the "gpart show" command tell you? $ gpart show =3D> 34 63078333 da0 GPT (30G) 34 128 1 freebsd-boot (64k) 162 4194304 2 freebsd-swap (2.0G) 4194466 58883901 3 freebsd-zfs (28G) =3D> 34 62499933 da1 GPT (29G) 34 128 1 freebsd-boot (64k) 162 4194304 2 freebsd-swap (2.0G) 4194466 58305501 3 freebsd-zfs (27G) =3D> 34 1953525101 da2 GPT (931G) 34 222 - free - (111k) 256 1953508495 1 freebsd-zfs (931G) 1953508751 16384 9 !6a945a3b-1dd2-11b2-99a6-080020736631 (8.0M= ) da3 - da7 are identical to da2. So maybe it's a little weird that our boot blocks are on our ZLOG/L2ARC devices, rather than our data devices? But since gptloader (and the old zfsloader) handle this just fine. > I'll let you know how well I fared. Thanks! From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 16:15:21 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 26578402; Wed, 31 Jul 2013 16:15:21 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E0FCA2A11; Wed, 31 Jul 2013 16:15:20 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa07.fnfis.com (8.14.5/8.14.5) with ESMTP id r6VGFGVP005231 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 31 Jul 2013 11:15:16 -0500 Received: from LTCFISWMSGMB21.FNFIS.com ([10.132.99.23]) by LTCFISWMSGHT04.FNFIS.com ([10.132.206.15]) with mapi id 14.02.0309.002; Wed, 31 Jul 2013 11:15:15 -0500 From: "Teske, Devin" To: "Daniel O'Connor" Subject: Re: Booting FreeBSD with Syslinux Thread-Topic: Booting FreeBSD with Syslinux Thread-Index: AQHOjfdhEsIPFyDHo0KRCYhTn21ScJl/SiqA Date: Wed, 31 Jul 2013 16:15:14 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.126] Content-Type: text/plain; charset="us-ascii" Content-ID: <7F118CC2A4E16B4E8BEDFB53E595352B@fisglobal.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-31_05:2013-07-31,2013-07-31,1970-01-01 signatures=0 Cc: Devin Teske , freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Devin Teske List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 16:15:21 -0000 On Jul 31, 2013, at 6:38 AM, Daniel O'Connor wrote: > Hi, > I am trying to make a FreeBSD 9.2 hybrid image (ie ISO & USB from the sam= e file) and as part of that I need to use syslinux. Unfortunately I can't g= et Syslinux's mboot.c32 to run the kernel or loader as suggested at http://= www.syslinux.org/wiki/index.php/Mboot.c32 - it reports "Invalid Multiboot i= mage: neither ELF header nor a.out kludge found". >=20 > I suspect I would be able to use memdisk as I have used that in the past = with syslinux (for 7.x) however this was seems a lot cleaner and easier to = generate. >=20 > Has anyone had any success with this? >=20 Absolutely. You can download and dissect the following to show you how it's done... http://druidbsd.sourceforge.net/download.shtml#FreeBSD_Druid It uses syslinux, as you can see here: http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/src/boot= /freebsd/isolinux.cfg?revision=3D1.1&view=3Dmarkup As you can see, I use the memdisk.c32 module. Notice that I append "iso raw" as options to memdisk.c32. You may then be asking yourself... if the thing to do is to use memdisk wit= h an ISO... what's in said ISO? http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/mdroot/ Basically... 1. Kernel 2. Boot Forth 3. mfsroot All that goes into an ISO. When memdisk initiates the ISO, "/boot/cdboot" t= hen gets invoked. >From there, /boot/loader gets invoked. >From there, the /boot/loader.rc is loaded. >From there, loader.4th is loaded. >From there, loader.conf is loaded. In a normal FreeBSD boot process, then the kernel gets loaded (I've modifie= d that to not load the kernel until later -- because my Forth boot menu pre= sents a kernel selection option) >From there, beastie.4th is loaded. >From there, beastie-start is called and then the beastie menu is drawn. NOTE: I've skipped a whole bunch of other Forth modules that were loaded "a= t-once" indirectly >From there, the user makes any boot option choices, and presses ENTER to bo= ot. >From there, mfsroot.gz is loaded. >From there, /stand/sysinstall gets invoked. >From there, /install.cfg gets invoked. >From there, /stand/fis gets invoked. >From there, /dev/iso9660/druid gets mounted onto /cdrom (this ISO9660 volum= e is actually _not_ the ISO that memdisk booted, but rather this is the act= ual CDROM (or DVD) that you booted from (which contains both the syslinux b= oot loader *and* the ISO it booted *and* anything else you want to access). At this point, /cdrom is your ticket to freedom, busting out of the double-= encapsulation (first encapsulation is wrapping the kernel+forth+mfsroot int= o an ISO, second level of encapsulation is from within the mfsroot; from wi= thin the mfsroot, the GEOM provided /dev/iso9660/ is an escape hatch= to the level *above* the ISO the mfsroot was embedded within). --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 16:18:38 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 40B6852E for ; Wed, 31 Jul 2013 16:18:38 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x22e.google.com (mail-oa0-x22e.google.com [IPv6:2607:f8b0:4003:c02::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 09EF52A2C for ; Wed, 31 Jul 2013 16:18:37 +0000 (UTC) Received: by mail-oa0-f46.google.com with SMTP id l10so1913398oag.5 for ; Wed, 31 Jul 2013 09:18:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=8mwtk2sDTV3TA+miOmyZ7qF8N+2h/MZNtV7ErIR4BEw=; b=n/VcQcYVl9yEajsVQPFh3nCd2xnX0t3nzaKoAS3sWgBOSVaonB90AS6VfEGI7q0IiG w5ecinjStwuziS5EqNIfF/ZNA4fTTRNvMuL2iJKV2seiOvVeJW92kq8go3rvWV15NbrP yPC946CQCKIt1SRaJ9ujhrUonb6rvMoaoysFG7CLtn7XjMTe+CTlObWSlsNBESdD8PBg B1tFzvQG0L50PTacRhgRP4nkXBvFhwhg1z5eLsiHZ8I4jOdHy1+bajxnvQQXwqIWB76E 7VBJ99Fkc77xdyuqq5UtgEW56pPu4jPmrxgyR352vjO1/YAC/7C2e+AKU7aR32Il42xZ qVAQ== MIME-Version: 1.0 X-Received: by 10.43.152.210 with SMTP id kx18mr22289549icc.39.1375287517372; Wed, 31 Jul 2013 09:18:37 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Wed, 31 Jul 2013 09:18:37 -0700 (PDT) In-Reply-To: References: Date: Wed, 31 Jul 2013 12:18:37 -0400 X-Google-Sender-Auth: QNdoDk_CVZAtDaKFtjpnKe1vXwg Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: J David To: Pavel Timofeev Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 16:18:38 -0000 On Wed, Jul 31, 2013 at 8:54 AM, Pavel Timofeev wrote: > I've just installed new fresh 9.2-BETA2 amd64 on another machine. > Same behavior - Sendmail asks DNS only for AAAA record of mx server. We also noticed one of our machines suddenly started using IPv6 to send outbound email (from Postfix rather than Sendmail) after it was upgraded from 8.4 to 9-STABLE a bit ago. I think there's been a change in the default IPv6 behavior between 8 and 9. Probably one of the many important things in UPDATING that always seems to slip past me. We use IPv6 extensively, so we were pleased after the initial surprise, but if you don't then ip6addrctl is probably the right temporary answer until you do. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 16:33:19 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 48454C85 for ; Wed, 31 Jul 2013 16:33:19 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 130112AC3 for ; Wed, 31 Jul 2013 16:33:18 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r6VGXXR3042840 for ; Wed, 31 Jul 2013 09:33:39 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r6VGXS5t042834; Wed, 31 Jul 2013 09:33:28 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Wed, 31 Jul 2013 09:33:28 -0700 (PDT) Message-ID: <80db7adb40c728a24c9a6fae24d5b562.authenticated@ultimatedns.net> In-Reply-To: <51F930F9.6010405@ShaneWare.Biz> References: <43dfdd386703ea6bd13d43b6a44be342.authenticated@ultimatedns.net> <51F904C7.4070205@ShaneWare.Biz> <839cf247f267918cca2eb14eb0297dcf.authenticated@ultimatedns.net> <51F930F9.6010405@ShaneWare.Biz> Date: Wed, 31 Jul 2013 09:33:28 -0700 (PDT) Subject: Re: Does the image on isc.portsnap.freebsd.org have a virus? From: "Chris H" To: "freebsd-stable" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 16:33:19 -0000 > On 01/08/2013 00:28, Chris H wrote: > >> In the first instance, /usr/ports was removed (before initiating portsnap). But before >> the second attempt, I performed a mkdir /usr/ports. But in the end, the results were >> the same; >> portsnap fetch fetched the image, verified the image, >> extracted to /var/db/portsnap/ports, then patched, and exited. >> I did _not_ issue portsnap fetch && portsnap extract. >> So I guess portsnap extract is a noop. Guess it's time to update the portsnap(8) >> man pages to indicate portsnap fetch is no longer an option. > > 'portsnap fetch' downloads the relevant data to /var/db/portsnap > 'portsnap extract' extracts the files to /usr/ports > 'portsnap update' updates existing files in /usr/ports > > So on a clean system you use portsnap fetch extract > Then to update later you use portsnap fetch update > > (you can give multiple commands to portsnap in one go) > > If fetch extract works on amd64 and not i386 then you should submit a > problem report so that it can be fixed. Greetings, Yes, I know. That's how it's _supposed_ to work. :) I guess a send(2) pr is in order. Thanks for the reply. --chris > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 23:32:32 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3204C416; Wed, 31 Jul 2013 23:32:32 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8EA4B2C95; Wed, 31 Jul 2013 23:32:29 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r6VNWBL5024376 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 09:02:19 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: Booting FreeBSD with Syslinux Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_88885AB2-2146-4164-9B60-3DE954F2E84D"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> Date: Thu, 1 Aug 2013 09:02:08 +0930 Message-Id: <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> To: Devin Teske X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 23:32:32 -0000 --Apple-Mail=_88885AB2-2146-4164-9B60-3DE954F2E84D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 01/08/2013, at 1:45, "Teske, Devin" = wrote: >> Has anyone had any success with this? >>=20 >=20 > Absolutely. >=20 > You can download and dissect the following to show you how it's = done... >=20 > http://druidbsd.sourceforge.net/download.shtml#FreeBSD_Druid >=20 > It uses syslinux, as you can see here: >=20 > = http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/src/boo= t/freebsd/isolinux.cfg?revision=3D1.1&view=3Dmarkup >=20 > As you can see, I use the memdisk.c32 module. >=20 > Notice that I append "iso raw" as options to memdisk.c32. Yes, I have used memdisk in the past but I want to avoid it if possible. = It makes building the image quite a bit more complicated (and tedious to = edit). Have you tried mboot? -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_88885AB2-2146-4164-9B60-3DE954F2E84D Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+Z565ZPcIHs/zowRAudoAJ4gkZM3ZzlEJUExRbSwR7tnyydJfwCeMfqc IDKTlfAaTLjTgLmabd6v9OM= =fXgk -----END PGP SIGNATURE----- --Apple-Mail=_88885AB2-2146-4164-9B60-3DE954F2E84D-- From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 23:38:10 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6F1DF554; Wed, 31 Jul 2013 23:38:10 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3526B2CC0; Wed, 31 Jul 2013 23:38:09 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa06.fnfis.com (8.14.5/8.14.5) with ESMTP id r6VNc1Dn032519 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 31 Jul 2013 18:38:03 -0500 Received: from dtwin (10.242.182.25) by smtp.fisglobal.com (10.132.206.15) with Microsoft SMTP Server (TLS) id 14.2.309.2; Wed, 31 Jul 2013 18:35:18 -0500 From: Sender: Devin Teske To: "'Daniel O'Connor'" , "'Devin Teske'" References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> In-Reply-To: <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> Subject: RE: Booting FreeBSD with Syslinux Date: Wed, 31 Jul 2013 16:34:56 -0700 Message-ID: <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQHD8SYouVoWtw9QCd50rEeQrVNxcAKR1MXbASNDJY+ZdwH2sA== Content-Language: en-us X-Originating-IP: [10.242.182.25] X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8794, 1.0.431, 0.0.0000 definitions=2013-07-31_09:2013-07-31,2013-07-31,1970-01-01 signatures=0 Cc: 'freebsd-stable stable' X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 23:38:10 -0000 > -----Original Message----- > From: owner-freebsd-stable@freebsd.org [mailto:owner-freebsd- > stable@freebsd.org] On Behalf Of Daniel O'Connor > Sent: Wednesday, July 31, 2013 4:32 PM > To: Devin Teske > Cc: freebsd-stable stable > Subject: Re: Booting FreeBSD with Syslinux > > > On 01/08/2013, at 1:45, "Teske, Devin" wrote: > >> Has anyone had any success with this? > >> > > > > Absolutely. > > > > You can download and dissect the following to show you how it's done... > > > > http://druidbsd.sourceforge.net/download.shtml#FreeBSD_Druid > > > > It uses syslinux, as you can see here: > > > > > http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/druidbsd/druid/src/boot/ > freebsd/isolinux.cfg?revision=1.1&view=markup > > > > As you can see, I use the memdisk.c32 module. > > > > Notice that I append "iso raw" as options to memdisk.c32. > > Yes, I have used memdisk in the past but I want to avoid it if possible. It makes > building the image quite a bit more complicated (and tedious to edit). > > Have you tried mboot? > No I have not. Do you know anyone that has got it to work? -- Devin _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. From owner-freebsd-stable@FreeBSD.ORG Wed Jul 31 23:43:15 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id A06676A5; Wed, 31 Jul 2013 23:43:15 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 227822CED; Wed, 31 Jul 2013 23:43:14 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r6VNgGAK024723 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 09:13:12 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: Booting FreeBSD with Syslinux Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_C3B3550A-4D20-4E67-8E3F-14E639EF59AC"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> Date: Thu, 1 Aug 2013 09:13:12 +0930 Message-Id: <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> To: X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: 'freebsd-stable stable' X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jul 2013 23:43:15 -0000 --Apple-Mail=_C3B3550A-4D20-4E67-8E3F-14E639EF59AC Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 01/08/2013, at 9:04, wrote: >> Have you tried mboot? >=20 > No I have not. >=20 > Do you know anyone that has got it to work? Supposedly someone got it to work because there is an entry in the = syslinux wiki http://www.syslinux.org/wiki/index.php/Mboot.c32#FreeBSD_example That was for 7.x though, maybe the kernel has changed a bit. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_C3B3550A-4D20-4E67-8E3F-14E639EF59AC Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+aEQ5ZPcIHs/zowRAv3NAJ45kMcpaZ8LazJlQd7X/g/eTmXwNACeIPDD 0D0vtKaFifc9y5rPS31obZ0= =eGmG -----END PGP SIGNATURE----- --Apple-Mail=_C3B3550A-4D20-4E67-8E3F-14E639EF59AC-- From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 00:11:02 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 613EEB0D; Thu, 1 Aug 2013 00:11:02 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-pb0-x232.google.com (mail-pb0-x232.google.com [IPv6:2607:f8b0:400e:c01::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 347D32DD6; Thu, 1 Aug 2013 00:11:02 +0000 (UTC) Received: by mail-pb0-f50.google.com with SMTP id uo5so1397104pbc.37 for ; Wed, 31 Jul 2013 17:11:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=5cEGDgJiX/0fUL5WCGhjccTpeDaroB5kEXkfKDRM8FQ=; b=AR9da8qTWZ2uViwMAv3sKXAs3ORzoZhA07jKXFhMET0057xPK4ajyk+PaaN2hI0vzw fo0HTVK2+cnOfPZBUpY9/iszqLJP1gP36pwLRon3jvf7AsZe7rmf9nRmpHsz5+oC7U+U qSwufX1KB6apUMOVR5H5CO6cihCam9FGCEPAUk+5uTNWR9WNIFIYIT9n65jjwVhBQgZq BfGAtRwG9HlXVFxCnCNdCWMuQXGqYfwDdVtsB+MDTQZHFGGDNA6ea/u4/bLrkk7U1tso vmBPI5ZOXBGimpPbAEstuU+prUBiTT56zSIBUM1lc2RjilaOIX704fAwwNcK0gT8K0qU uQWQ== MIME-Version: 1.0 X-Received: by 10.68.231.200 with SMTP id ti8mr82377329pbc.46.1375315861920; Wed, 31 Jul 2013 17:11:01 -0700 (PDT) Received: by 10.70.88.74 with HTTP; Wed, 31 Jul 2013 17:11:01 -0700 (PDT) In-Reply-To: <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> Date: Wed, 31 Jul 2013 19:11:01 -0500 Message-ID: Subject: Re: Booting FreeBSD with Syslinux From: Adam Vande More To: "Daniel O'Connor" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Devin Teske , freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 00:11:02 -0000 On Wed, Jul 31, 2013 at 6:43 PM, Daniel O'Connor wrote: > That was for 7.x though, maybe the kernel has changed a bit. It doesn't say that at all. Nor does it say the exact release(even major branch isn't mentioned) which was confirmed to work, when or if it was tried, the precise syntax used, or any other type of useful information. -- Adam Vande More From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 01:05:54 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 1C59716F; Thu, 1 Aug 2013 01:05:54 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77C442F6D; Thu, 1 Aug 2013 01:05:52 +0000 (UTC) Received: from [203.31.81.31] ([203.31.81.31]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r7115JSU028813 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 10:35:39 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: Booting FreeBSD with Syslinux Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_834C67C7-DB45-46DA-AE56-81619A1E35A7"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: Date: Thu, 1 Aug 2013 10:35:39 +0930 Message-Id: <5FF7F3BB-9E63-493B-B2CB-D15A6A72CE5A@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> To: Adam Vande More X-Mailer: Apple Mail (2.1508) X-Spam-Score: -2.5 () ALL_TRUSTED,BAYES_00 X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: Devin Teske , freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 01:05:54 -0000 --Apple-Mail=_834C67C7-DB45-46DA-AE56-81619A1E35A7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 On 01/08/2013, at 9:41, Adam Vande More wrote: > On Wed, Jul 31, 2013 at 6:43 PM, Daniel O'Connor = wrote:=20 > =20 > That was for 7.x though, maybe the kernel has changed a bit. >=20 > It doesn't say that at all. Nor does it say the exact release(even = major branch isn't mentioned) which was confirmed to work, when or if it = was tried, the precise syntax used, or any other type of useful = information. =20 Good point, I've asked the original poster for more details. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_834C67C7-DB45-46DA-AE56-81619A1E35A7 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+bRj5ZPcIHs/zowRAlshAJ9VbGG3Yb5h8dfLoj8giJQ5VfD9LgCfTQlB fQrW0/voq9ed4LTCaGLRNxU= =59qp -----END PGP SIGNATURE----- --Apple-Mail=_834C67C7-DB45-46DA-AE56-81619A1E35A7-- From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 02:45:31 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 1A0E1E80; Thu, 1 Aug 2013 02:45:31 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C1318223C; Thu, 1 Aug 2013 02:45:30 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.7/8.14.7) with ESMTP id r712jTh5073653; Wed, 31 Jul 2013 20:45:29 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.7/8.14.7/Submit) with ESMTP id r712jSMS073650; Wed, 31 Jul 2013 20:45:29 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Wed, 31 Jul 2013 20:45:28 -0600 (MDT) From: Warren Block To: "Daniel O'Connor" Subject: Re: Booting FreeBSD with Syslinux In-Reply-To: <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> Message-ID: References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Wed, 31 Jul 2013 20:45:29 -0600 (MDT) Cc: dteske@freebsd.org, 'freebsd-stable stable' X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 02:45:31 -0000 On Thu, 1 Aug 2013, Daniel O'Connor wrote: > > On 01/08/2013, at 9:04, wrote: >>> Have you tried mboot? >> >> No I have not. >> >> Do you know anyone that has got it to work? > > > Supposedly someone got it to work because there is an entry in the syslinux wiki > http://www.syslinux.org/wiki/index.php/Mboot.c32#FreeBSD_example I'm following the threads on both lists, and that example looks more like a generic template than an actual, working command. "kernel_option", for example. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 02:47:22 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 1D175FB7; Thu, 1 Aug 2013 02:47:22 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 793A12256; Thu, 1 Aug 2013 02:47:21 +0000 (UTC) Received: from [203.31.81.31] ([203.31.81.31]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r712l6SC036752 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 12:17:11 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: Booting FreeBSD with Syslinux Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_6546B8DC-7174-42BB-9815-214C2AC180A9"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: Date: Thu, 1 Aug 2013 12:17:05 +0930 Message-Id: <8A0B3556-BC6D-40AB-9315-530369852B09@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> To: Warren Block X-Mailer: Apple Mail (2.1508) X-Spam-Score: -2.5 () ALL_TRUSTED,BAYES_00 X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: dteske@freebsd.org, 'freebsd-stable stable' X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 02:47:22 -0000 --Apple-Mail=_6546B8DC-7174-42BB-9815-214C2AC180A9 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 01/08/2013, at 12:15, Warren Block wrote: >> Supposedly someone got it to work because there is an entry in the = syslinux wiki >> http://www.syslinux.org/wiki/index.php/Mboot.c32#FreeBSD_example >=20 > I'm following the threads on both lists, and that example looks more = like a generic template than an actual, working command. = "kernel_option", for example. Yeah, I also wonder if it's for booting a XENified FreeBSD or something = similar (no idea really). Maybe I'll just have to stuff the loader in an MFS and boot that :( -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_6546B8DC-7174-42BB-9815-214C2AC180A9 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+cwq5ZPcIHs/zowRAiBJAJ0aTN/Pf37psTvrZZ241gwfwXVkXQCgn4E0 YK6RYhZtRJR50e8oqjUkEG4= =EA+h -----END PGP SIGNATURE----- --Apple-Mail=_6546B8DC-7174-42BB-9815-214C2AC180A9-- From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 03:36:45 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 71653DFB for ; Thu, 1 Aug 2013 03:36:45 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [IPv6:2001:44b8:8060:ff02:300:1:6:4]) by mx1.freebsd.org (Postfix) with ESMTP id 073F52514 for ; Thu, 1 Aug 2013 03:36:44 +0000 (UTC) Received: from ppp247-71.static.internode.on.net (HELO leader.local) ([203.122.247.71]) by ipmail04.adl6.internode.on.net with ESMTP; 01 Aug 2013 13:06:43 +0930 Message-ID: <51F9D7C3.7020806@ShaneWare.Biz> Date: Thu, 01 Aug 2013 13:06:35 +0930 From: Shane Ambler User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130516 Thunderbird/17.0.6 MIME-Version: 1.0 To: J David Subject: Re: Problem with zfsloader on 9.2-BETA2 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 03:36:45 -0000 On 01/08/2013 01:42, J David wrote: > => 34 1953525101 da2 GPT (931G) > 34 222 - free - (111k) > 256 1953508495 1 freebsd-zfs (931G) > 1953508751 16384 9 !6a945a3b-1dd2-11b2-99a6-080020736631 (8.0M) > > da3 - da7 are identical to da2. > > So maybe it's a little weird that our boot blocks are on our > ZLOG/L2ARC devices, rather than our data devices? > I think that 8M partition looks weird. It looks like a leftover from a previous config? Two things I would think to consider - the odd alignment of the partition. Most recent drives benefit from 4K alignment. For the last couple of years drives have started using 4K blocks instead of the traditional 512byte blocks. They still accept 512byte blocks and internally remap to the 4K blocks with a penalty. google 4k partition alignment for a variety of discussions. Secondly do you need that trailing 8M? I would give zfs the entire drive and not use partitions. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 04:22:39 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D442699C for ; Thu, 1 Aug 2013 04:22:39 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x230.google.com (mail-oa0-x230.google.com [IPv6:2607:f8b0:4003:c02::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9EB602666 for ; Thu, 1 Aug 2013 04:22:39 +0000 (UTC) Received: by mail-oa0-f48.google.com with SMTP id f4so3351090oah.35 for ; Wed, 31 Jul 2013 21:22:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=cHuCwvqhYAxN+ZTh3dMN58RvDVSf8nKMV6HnuiC/sGw=; b=PsXYXrwBy3GGRthSOhx1DzWaGo+2iIWzRqcdkc50ItKrhWosKpYsYEVO8jNMTVp9a3 vJvd1EKHlVC2uK+WF9JfYiRTHhpGbFHNvhTzEeY/n6O37TJ+CEod/YdR8HQkBsSyHsTC Ft8XoBsC8NzCM7OS5R9rz6BoeZVhLXU+Gr3BljHONw5cW+dbL685i6qmvp9fjk40VboJ 9gSXfBSigQBFWI56mxxqH6EB0gO1oX0oorTMx7Z3rhBVBG3Ap9DZb2TTd41T0h5PS8e1 Xn+ikjpyAYrXtkwTlgF3iz/nNwVMc7lpXTcdUfV7o1JMva69IvMuPcTTQPat1OfrDH+A uKJg== MIME-Version: 1.0 X-Received: by 10.42.199.5 with SMTP id eq5mr22907946icb.1.1375330958812; Wed, 31 Jul 2013 21:22:38 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Wed, 31 Jul 2013 21:22:38 -0700 (PDT) In-Reply-To: <51F9D7C3.7020806@ShaneWare.Biz> References: <51F9D7C3.7020806@ShaneWare.Biz> Date: Thu, 1 Aug 2013 00:22:38 -0400 X-Google-Sender-Auth: YDDxPEg5HFgISFT4UfuFAiP_5So Message-ID: Subject: Re: Problem with zfsloader on 9.2-BETA2 From: J David To: Shane Ambler Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 04:22:39 -0000 On Wed, Jul 31, 2013 at 11:36 PM, Shane Ambler wrote: > I think that 8M partition looks weird. It looks like a leftover from a > previous config? We leave some space at the end of drives in case we need to change drive vendors. Sometimes vendor A's drives are a few sectors smaller than vendor B's for the same advertised capacity. Accordingly, 6a945a3b-1dd2-11b2-99a6-080020736631 is a "reserved" GPT partition type GUID. It is a GPT way of saying, "This space intentionally left blank." It also hypothetically leaves some space at the end of the disk for GEOM functionality not foreseen at setup time, though in practice with ZFS that doesn't come up. > Two things I would think to consider - the odd alignment of the > partition. Most recent drives benefit from 4K alignment. These disks are not 4k disks. Even if they were, or if we swap out to 4k drives in the future, the ZFS data partitions absolutely are 4K aligned; they start at sector 256, which is 128k (32 4k sectors) into the disk. But even if they weren't that wouldn't prevent the system from booting. Nor would empty space at the end of the drive. Or at least shouldn't. And in fact didn't, until the upgrade from 8.4 to 9.2. Which is the issue at hand. Thanks! From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 07:41:38 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7AC153FB for ; Thu, 1 Aug 2013 07:41:38 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-vb0-x236.google.com (mail-vb0-x236.google.com [IPv6:2607:f8b0:400c:c02::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 347412F5B for ; Thu, 1 Aug 2013 07:41:38 +0000 (UTC) Received: by mail-vb0-f54.google.com with SMTP id q14so1721056vbe.41 for ; Thu, 01 Aug 2013 00:41:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=pX1cFR6E4/F8eT5yYjQjAkFVlXeqCGwgVBMdcT9y0mY=; b=JoOpwPaeKAAhWHEU08S5AWL+bvwPTDVOI/hd/rr4YVcy66fMuP+RwUVG0NJZ8maw6s P+yuRs/R5bqztoApdfO9cL0wcWsZIgNyw3xxPx3SB5BkPf7f/wR0Db/c1rMkhP3pe81G asS4gES+wYNWSvJ4f9g3eEltGk59wn0FIPjqq3z44EKOGYPYw11Kg4zl3IgoGoQed6Jg iPl5rS6lIHuiNnXu2PnkrB8mKSfJ3m5sXc6OLkK5u+yZu+R6dJSHEFAPCjentIHEuA+D Wc7SpbzArHtBo1MjHAkUerjTbkT8I9ENJ9ZxF1qUZSPO/84Hxtbnfa/DoCxSseQo7WsW qftA== MIME-Version: 1.0 X-Received: by 10.220.20.3 with SMTP id d3mr73697vcb.55.1375342897136; Thu, 01 Aug 2013 00:41:37 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Thu, 1 Aug 2013 00:41:37 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 11:41:37 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: J David Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 07:41:38 -0000 I tried, but it didn't work. # grep ip /etc/rc.conf ipv6_activate_all_interfaces="NO" ipv6_network_interfaces="none" ip6addrctl_enable="NO" ip6addrctl_policy="ipv4_prefer" # ip6addrctl show no source-address-selection policy is installed Or I did it wrong? 2013/7/31 J David : > On Wed, Jul 31, 2013 at 8:54 AM, Pavel Timofeev wrote: >> I've just installed new fresh 9.2-BETA2 amd64 on another machine. >> Same behavior - Sendmail asks DNS only for AAAA record of mx server. > > We also noticed one of our machines suddenly started using IPv6 to > send outbound email (from Postfix rather than Sendmail) after it was > upgraded from 8.4 to 9-STABLE a bit ago. > > I think there's been a change in the default IPv6 behavior between 8 > and 9. Probably one of the many important things in UPDATING that > always seems to slip past me. > > We use IPv6 extensively, so we were pleased after the initial > surprise, but if you don't then ip6addrctl is probably the right > temporary answer until you do. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 08:14:37 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 59CDFFEA for ; Thu, 1 Aug 2013 08:14:37 +0000 (UTC) (envelope-from matthew@freebsd.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E15C12107 for ; Thu, 1 Aug 2013 08:14:36 +0000 (UTC) Received: from rufus.webfusion.com (mail.heartinternet.co.uk [79.170.40.31]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id r718EGxx061583 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Thu, 1 Aug 2013 09:14:31 +0100 (BST) (envelope-from matthew@freebsd.org) DKIM-Filter: OpenDKIM Filter v2.8.3 smtp.infracaninophile.co.uk r718EGxx061583 Authentication-Results: smtp.infracaninophile.co.uk/r718EGxx061583; dkim=none reason="no signature"; dkim-adsp=none (unprotected policy) X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host mail.heartinternet.co.uk [79.170.40.31] claimed to be rufus.webfusion.com Message-ID: <51FA18D8.30800@freebsd.org> Date: Thu, 01 Aug 2013 09:14:16 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130715 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.8 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00, RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 08:14:37 -0000 On 01/08/2013 08:41, Pavel Timofeev wrote: > Or I did it wrong? Yes. This: > ip6addrctl_enable="NO" You need to turn the ip6addrctl function *on* before you can set the policy to prefer ipv4. Cheers, Matthew From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 08:41:55 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3EC88C00 for ; Thu, 1 Aug 2013 08:41:55 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x22a.google.com (mail-ve0-x22a.google.com [IPv6:2607:f8b0:400c:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id ECC032251 for ; Thu, 1 Aug 2013 08:41:54 +0000 (UTC) Received: by mail-ve0-f170.google.com with SMTP id 15so1966009vea.15 for ; Thu, 01 Aug 2013 01:41:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=NCBJhxXXsKsnc/iHwtzOD8PjNWgkIrKT1fRfvGsMnag=; b=gcImndVZ3ZaMkYcoPgk2uYSvlDPl29EClehojzSf308a8xpnltbVdQ4/syyPPNH8ay HpSWhbikNirMcrsJWzT4F7E8K7pubj4cM1WDzGTO6VAKMWVpP35/pvPf4mFSkg4l26Z5 Il/HXULn5awpzw4mCtyBdVXkaRr35CRO00VEQJi7FUDvbsvI62jGmwr7CL/9BKNq+Tsb UX7omaAhi9A24hKezzJKqcTuvLr6drmeMlgQQCwfVQLQ3qE8DNCWI0VmVJ2vSDqJRBud uu4oE+IodvI1yLMFiP39qGL++vOGx5z3koQmC605gzWYksAXzqvEkq2HvsyJ8HDInNHR 2Tdg== MIME-Version: 1.0 X-Received: by 10.220.205.67 with SMTP id fp3mr144717vcb.43.1375346513754; Thu, 01 Aug 2013 01:41:53 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Thu, 1 Aug 2013 01:41:53 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 12:41:53 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: J David Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 08:41:55 -0000 to Matthew Seaman No luck root@test:/etc/mail # grep ip /etc/rc.conf #ipv6_activate_all_interfaces="NO" #ipv6_network_interfaces="none" ip6addrctl_enable="YES" ip6addrctl_policy="ipv4_prefer" root@test:/etc/mail # ip6addrctl Prefix Prec Label Use ::1/128 50 0 0 ::/0 40 1 0 ::ffff:0.0.0.0/96 100 4 0 2002::/16 30 2 0 2001::/32 5 5 0 fc00::/7 3 13 0 ::/96 1 3 0 fec0::/10 1 11 0 3ffe::/16 1 12 0 I stress, this is fresh system which was installed from official BETA2 img and I didn't configure anything else. It's default system. 2013/8/1 Pavel Timofeev : > I tried, but it didn't work. > # grep ip /etc/rc.conf > ipv6_activate_all_interfaces="NO" > ipv6_network_interfaces="none" > ip6addrctl_enable="NO" > ip6addrctl_policy="ipv4_prefer" > # ip6addrctl show > no source-address-selection policy is installed > > Or I did it wrong? > > 2013/7/31 J David : >> On Wed, Jul 31, 2013 at 8:54 AM, Pavel Timofeev wrote: >>> I've just installed new fresh 9.2-BETA2 amd64 on another machine. >>> Same behavior - Sendmail asks DNS only for AAAA record of mx server. >> >> We also noticed one of our machines suddenly started using IPv6 to >> send outbound email (from Postfix rather than Sendmail) after it was >> upgraded from 8.4 to 9-STABLE a bit ago. >> >> I think there's been a change in the default IPv6 behavior between 8 >> and 9. Probably one of the many important things in UPDATING that >> always seems to slip past me. >> >> We use IPv6 extensively, so we were pleased after the initial >> surprise, but if you don't then ip6addrctl is probably the right >> temporary answer until you do. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 09:39:18 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CD78B3F1; Thu, 1 Aug 2013 09:39:18 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3443D253F; Thu, 1 Aug 2013 09:39:18 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r719d5c9069874 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 19:09:11 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Subject: GEOM RAID devd events From: "Daniel O'Connor" Date: Thu, 1 Aug 2013 19:06:28 +0930 Content-Transfer-Encoding: quoted-printable Message-Id: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> To: freebsd-stable stable X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: Alexander Motin X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 09:39:18 -0000 Hi, Does anyone know if graid generates devd events for 'interesting' RAID = events? (eg array becoming degraded, rebuild progress & completion, = etc). I had a look and I couldn't find any devctl_notify* calls but = perhaps they are hidden behind some GEOM calls. If there aren't, are there any plans to add some? I am happy to test, or = even write if I can find some time. Thanks. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 09:44:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DE78CA24 for ; Thu, 1 Aug 2013 09:44:16 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7046325D0 for ; Thu, 1 Aug 2013 09:44:16 +0000 (UTC) Received: from rufus.webfusion.com (mail.heartinternet.co.uk [79.170.40.31]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id r719iB9B062991 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Thu, 1 Aug 2013 10:44:12 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) DKIM-Filter: OpenDKIM Filter v2.8.3 smtp.infracaninophile.co.uk r719iB9B062991 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1375350252; bh=MiBN1A4UFHuGFMgD8DEyamn0yhX5SmmFHzLxMg8ab5I=; h=Date:From:To:Subject:References:In-Reply-To; z=Date:=20Thu,=2001=20Aug=202013=2010:44:11=20+0100|From:=20Matthew =20Seaman=20|To:=20freebsd-stable @freebsd.org|Subject:=20Re:=20Strange=20sendmail=20behaviour=20aft er=20upgrade=20to=209.1-BETA2|References:=20=20=20=20= 20=20=20=20=20|In-Reply-To:=20; b=FRfsX3t4zwBAHd1JDUi7QJ/MgYSmce3RgPsofgv/3lUFhK/ci1A92TGVe+/W1N+2G w8WQErXp5T4QAlytRh6R9itzvwmK0kWhaUUzh71V0PbMsU92mVZKykj3deJTkYDJkO KWdBbmE7i7iCSW/rDE7AonUfNjeSeld5fNlUetKE= X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host mail.heartinternet.co.uk [79.170.40.31] claimed to be rufus.webfusion.com Message-ID: <51FA2DEB.40106@infracaninophile.co.uk> Date: Thu, 01 Aug 2013 10:44:11 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130715 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.8 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 09:44:16 -0000 On 01/08/2013 09:41, Pavel Timofeev wrote: > to Matthew Seaman > No luck > > root@test:/etc/mail # grep ip /etc/rc.conf > #ipv6_activate_all_interfaces="NO" > #ipv6_network_interfaces="none" > ip6addrctl_enable="YES" > ip6addrctl_policy="ipv4_prefer" > > root@test:/etc/mail # ip6addrctl > Prefix Prec Label Use > ::1/128 50 0 0 > ::/0 40 1 0 > ::ffff:0.0.0.0/96 100 4 0 <<<----**** > 2002::/16 30 2 0 > 2001::/32 5 5 0 > fc00::/7 3 13 0 > ::/96 1 3 0 > fec0::/10 1 11 0 > 3ffe::/16 1 12 0 > Why do you think this hasn't worked? The line I indicate there is for IPv4 mapped addresses in IPv6 (RFC r6052). ie. it says that IPv4 mapped addresses have the highest precedence out of all of the IPv6 routable blocks. For your original problem, where sendmail is asking for an AAAA record for an MX -- you're seeing a sequence of queries where sendmail asks first for the MX and then an AAAA record but no explicit query for an A record? This is not necessarily ignoring the A record: if you look up an MX, usually an A record will be returned in the Additional section. eg: rufus:~:% dig infracaninophile.co.uk IN MX ; <<>> DiG 9.8.4-P2 <<>> infracaninophile.co.uk IN MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9434 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;infracaninophile.co.uk. IN MX ;; ANSWER SECTION: infracaninophile.co.uk. 86400 IN MX 10 smtp.infracaninophile.co.uk. infracaninophile.co.uk. 86400 IN MX 10 smtp6.infracaninophile.co.uk. ;; ADDITIONAL SECTION: smtp.infracaninophile.co.uk. 86400 IN A 81.2.117.97 <<<---** ;; Query time: 29 msec ;; SERVER: 192.168.0.252#53(192.168.0.252) ;; WHEN: Thu Aug 1 10:34:28 2013 ;; MSG SIZE rcvd: 99 so no separate query for the A record required. (This behaviour appears to be OS/resolver dependent: on another host that happens to be runnign Linux, I see the A and AAAA records for the domain name servers in the Additional section, rather than the A (or AAAA) records for the MX. Perhaps it's more to do with the version of bind (or unbound or whatever) you're using as your recursive resolver rather than anything else.) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matthew@infracaninophile.co.uk From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 09:46:42 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id A75E4BED for ; Thu, 1 Aug 2013 09:46:42 +0000 (UTC) (envelope-from mavbsd@gmail.com) Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 27F2A25F7 for ; Thu, 1 Aug 2013 09:46:41 +0000 (UTC) Received: by mail-la0-f48.google.com with SMTP id hi8so1258714lab.35 for ; Thu, 01 Aug 2013 02:46:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=co4Wv5ryzTRSaSlK9KMWS1r/GoO9qyNmLd6raMUkK7U=; b=rne4fYIQGbYGam8uNK2WAmYm34wuN7JLcLbP189OuzvJ8Tze3CdqjqDBkDgoJcWEH7 qmRuU/m2TLVC9PU5abyFfA9cmXhpN8ewZB0iM+pvOekHCchxvyM8IAmQU1xno5VBj6nf 40VpYuedGsES8edbSucaPjaC3IIY+4mEoSs5iRQsbR6DWG2wnPoyJ+liMhqMapyE+JjM zzvKAONN+IL29MzhvJcEb5HWLonMicjdWvyh+kakU3nJMN5iVc4EsTIz+wp/kE6/l0Bs WBysonCmEFY1qAuQEPErKH65DNkesh9/TVxmeUBZCunCVApjG7Xzx+Ri1dO1UT7FG7up eydA== X-Received: by 10.152.8.12 with SMTP id n12mr366233laa.10.1375350399894; Thu, 01 Aug 2013 02:46:39 -0700 (PDT) Received: from mavbook.mavhome.dp.ua (mavhome.mavhome.dp.ua. [213.227.240.37]) by mx.google.com with ESMTPSA id m14sm902993lbl.1.2013.08.01.02.46.37 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 01 Aug 2013 02:46:38 -0700 (PDT) Sender: Alexander Motin Message-ID: <51FA2E79.8070705@FreeBSD.org> Date: Thu, 01 Aug 2013 12:46:33 +0300 From: Alexander Motin User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130616 Thunderbird/17.0.6 MIME-Version: 1.0 To: Daniel O'Connor Subject: Re: GEOM RAID devd events References: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> In-Reply-To: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 09:46:42 -0000 On 01.08.2013 12:36, Daniel O'Connor wrote: > Hi, > Does anyone know if graid generates devd events for 'interesting' RAID events? (eg array becoming degraded, rebuild progress & completion, etc). I had a look and I couldn't find any devctl_notify* calls but perhaps they are hidden behind some GEOM calls. > > If there aren't, are there any plans to add some? I am happy to test, or even write if I can find some time. GEOM RAID does not do anything special about devd now. I had no such plans, but probably that is a not a bad idea if do it well. -- Alexander Motin From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:26:18 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B1641B3; Thu, 1 Aug 2013 10:26:18 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0F7682823; Thu, 1 Aug 2013 10:26:17 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r71AQ5TK071509 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 19:56:11 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: GEOM RAID devd events Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_CF040028-5B20-42F4-A47D-721193669259"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: <51FA2E79.8070705@FreeBSD.org> Date: Thu, 1 Aug 2013 19:56:05 +0930 Message-Id: <9B76700D-0388-4452-BB8A-A4A252CB00A1@gsoft.com.au> References: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> <51FA2E79.8070705@FreeBSD.org> To: Alexander Motin X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:26:18 -0000 --Apple-Mail=_CF040028-5B20-42F4-A47D-721193669259 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 On 01/08/2013, at 19:16, Alexander Motin wrote: > On 01.08.2013 12:36, Daniel O'Connor wrote: >>=20 >> Does anyone know if graid generates devd events for 'interesting' = RAID events? (eg array becoming degraded, rebuild progress & completion, = etc). I had a look and I couldn't find any devctl_notify* calls but = perhaps they are hidden behind some GEOM calls. >>=20 >> If there aren't, are there any plans to add some? I am happy to test, = or even write if I can find some time. >=20 > GEOM RAID does not do anything special about devd now. I had no such = plans, but probably that is a not a bad idea if do it well. Do you have a recommendation for where I should start looking? (ie a = hint about where such a thing would go) Thanks. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_CF040028-5B20-42F4-A47D-721193669259 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+je95ZPcIHs/zowRAitjAJ4psvXAIHycWf65Z5ycVLC5GbeNPgCeKJGi PMtgHW/V7+u8oC1xwXpt9uI= =gohu -----END PGP SIGNATURE----- --Apple-Mail=_CF040028-5B20-42F4-A47D-721193669259-- From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:27:53 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 212D4225; Thu, 1 Aug 2013 10:27:53 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8D5C72845; Thu, 1 Aug 2013 10:27:52 +0000 (UTC) Received: from ur.dons.net.au (ppp118-210-72-17.lns20.adl2.internode.on.net [118.210.72.17]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id r71ARiqP071564 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 1 Aug 2013 19:57:50 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: GEOM RAID devd events Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\)) Content-Type: multipart/signed; boundary="Apple-Mail=_B54D226A-56BB-4EAB-A828-C4D94D244C4B"; protocol="application/pgp-signature"; micalg=pgp-sha1 From: "Daniel O'Connor" In-Reply-To: <9B76700D-0388-4452-BB8A-A4A252CB00A1@gsoft.com.au> Date: Thu, 1 Aug 2013 19:57:44 +0930 Message-Id: <7128E2A7-19E6-4BD2-8F87-37F75CC39087@gsoft.com.au> References: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> <51FA2E79.8070705@FreeBSD.org> <9B76700D-0388-4452-BB8A-A4A252CB00A1@gsoft.com.au> To: Alexander Motin X-Mailer: Apple Mail (2.1508) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:27:53 -0000 --Apple-Mail=_B54D226A-56BB-4EAB-A828-C4D94D244C4B Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 On 01/08/2013, at 19:56, Daniel O'Connor wrote: >> GEOM RAID does not do anything special about devd now. I had no such = plans, but probably that is a not a bad idea if do it well. >=20 > Do you have a recommendation for where I should start looking? (ie a = hint about where such a thing would go) After doing the reading I should have done before I sent my last message = I see that g_raid_update_* look good candidates. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --Apple-Mail=_B54D226A-56BB-4EAB-A828-C4D94D244C4B Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iD8DBQFR+jgg5ZPcIHs/zowRApgVAKCO0XbqLzcyAZvTs5x7tQc42urxVwCeMJXy HaZfEdGtqCQVDP6HOlJ11nQ= =J1S4 -----END PGP SIGNATURE----- --Apple-Mail=_B54D226A-56BB-4EAB-A828-C4D94D244C4B-- From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:38:28 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id EE7E251E for ; Thu, 1 Aug 2013 10:38:28 +0000 (UTC) (envelope-from mavbsd@gmail.com) Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6CE6228BF for ; Thu, 1 Aug 2013 10:38:28 +0000 (UTC) Received: by mail-la0-f48.google.com with SMTP id hi8so1270255lab.7 for ; Thu, 01 Aug 2013 03:38:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=uFYn60o+ieBlhVpUm3sTGvDazU78vNKU4rido2YKc6Q=; b=v2dwknxb2jK4kCFvMcSxbvZLjyhAqXDCdrUz/zkMdLpHJ3HOVAAJlh0uTC3MJ/nMyN EnN5qQl9PUlAuaagEulOvtqXsRHJdpOag++2KDgJbMHE0TFmNBCeniKeda+VgYKbXWcU pKD//gRcW+ddtxhtQmMADq/ExN8SBBdVHL78aeBilIn9b0ZVHKKqbmKcX5sA1KRWF9Jb I9o29buX5HJ0LyFBKX6OB6qOefW0larBlrhwZrVDfMR/MwPfrjtsFzAsHZtV8VHuvPQN ork7g0xzdU9BepaN8PfwQoY4097PIrfVgJSIcdQUEyO4dGRoC+EroyJT4xRYCguzaUT/ sXLA== X-Received: by 10.112.200.135 with SMTP id js7mr924303lbc.12.1375353506344; Thu, 01 Aug 2013 03:38:26 -0700 (PDT) Received: from mavbook.mavhome.dp.ua (mavhome.mavhome.dp.ua. [213.227.240.37]) by mx.google.com with ESMTPSA id p10sm900908lap.8.2013.08.01.03.38.24 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 01 Aug 2013 03:38:25 -0700 (PDT) Sender: Alexander Motin Message-ID: <51FA3A9E.4030307@FreeBSD.org> Date: Thu, 01 Aug 2013 13:38:22 +0300 From: Alexander Motin User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130616 Thunderbird/17.0.6 MIME-Version: 1.0 To: Daniel O'Connor Subject: Re: GEOM RAID devd events References: <7E9F5FA5-16FE-4E5D-986A-598941A0D3AC@gsoft.com.au> <51FA2E79.8070705@FreeBSD.org> <9B76700D-0388-4452-BB8A-A4A252CB00A1@gsoft.com.au> <7128E2A7-19E6-4BD2-8F87-37F75CC39087@gsoft.com.au> In-Reply-To: <7128E2A7-19E6-4BD2-8F87-37F75CC39087@gsoft.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:38:29 -0000 On 01.08.2013 13:27, Daniel O'Connor wrote: > > On 01/08/2013, at 19:56, Daniel O'Connor wrote: >>> GEOM RAID does not do anything special about devd now. I had no such plans, but probably that is a not a bad idea if do it well. >> >> Do you have a recommendation for where I should start looking? (ie a hint about where such a thing would go) > > After doing the reading I should have done before I sent my last message I see that g_raid_update_* look good candidates. That would be nice to do it is possibly more generic way to be usable for other GEOM classes, such as MIRROR, MULTIPATH, etc. At least make messages formatting unified. -- Alexander Motin From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:40:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 87347674 for ; Thu, 1 Aug 2013 10:40:44 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com [IPv6:2607:f8b0:400c:c01::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 40BE728E0 for ; Thu, 1 Aug 2013 10:40:44 +0000 (UTC) Received: by mail-ve0-f175.google.com with SMTP id oy10so2038117veb.20 for ; Thu, 01 Aug 2013 03:40:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=8P/Pr09zQStcQOAd762HNyP6iHpsznYhZwE2Q5549eI=; b=VM04WGlLIOpgbZA2WQc6l8ti62zPplIB2BjgfB+e+nDAjmos+HGeOi60ytZK9KpzjI KXkLQGgfqntvejflrOk89Ed6OrxZd8QDcQFsrLidXxFKB56BZRFKLFUEt+Eu/h+99oPT QfV+1hU98XxbXQbYxJVuWtkW+YvDh15GSDKYGDlL5pGVO5qWyN9AXYmTxSHXwYhNQG+n QyaApHdml19ysek+auRGnQhSR+bjus+ZjN52aLdGcIIQunlx71gwrAXjCdfSZ9srz2Ch /4lBe1SVrW12utY4l6DH9d1GGXxo1a60jVUUPj6ik5Kd9o56IMpukXWKXKiS49wjHbrR dVGQ== MIME-Version: 1.0 X-Received: by 10.58.202.1 with SMTP id ke1mr233025vec.85.1375353643256; Thu, 01 Aug 2013 03:40:43 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Thu, 1 Aug 2013 03:40:43 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 14:40:43 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev Cc: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:40:44 -0000 Ok, I understand. Thanks a lot for excelent explanation. Maybe sendmail ignores additional section? I use _default_ fresh system, so resolver is _default_ bind. For investigation I've just installed fresh 9.1-RELEASE amd64, email delivery works and picture looks different than on 9.2: 14:30:45.061950 IP 10.0.2.15.30979 > hercules.xxx.ru.domain: 62684+ MX? xxx.ru. (24) 14:30:45.063064 IP hercules.xxx.ru.domain > 10.0.2.15.30979: 62684* 1/0/1 MX kalmar.xxx.ru. 10 (63) 14:30:45.063624 IP 10.0.2.15.39212 > hercules.xxx.ru.domain: 62685+ AAAA? kalmar.xxx.ru. (31) 14:30:45.064460 IP hercules.xxx.ru.domain > 10.0.2.15.39212: 62685* 0/1/0 (82) 14:30:45.064766 IP 10.0.2.15.44381 > hercules.xxx.ru.domain: 62686+ A? kalmar.xxx.ru. (31) 14:30:45.065530 IP hercules.xxx.ru.domain > 10.0.2.15.44381: 62686* 1/0/0 A 192.168.31.190 (47) 14:30:45.066014 IP 10.0.2.15.42197 > hercules.xxx.ru.domain: 62687+ A? kalmar.xxx.ru. (31) 14:30:45.066810 IP hercules.xxx.ru.domain > 10.0.2.15.42197: 62687* 1/0/0 A 192.168.31.190 (47) 14:30:45.071833 IP 10.0.2.15.23534 > hercules.xxx.ru.domain: 62688+ PTR? 15.2.0.10.in-addr.arpa. (40) Now it asks AAAA _and_ A record of mx server and email works. I'm confused =( 2013/8/1 Pavel Timofeev : > to Matthew Seaman > No luck > > root@test:/etc/mail # grep ip /etc/rc.conf > #ipv6_activate_all_interfaces="NO" > #ipv6_network_interfaces="none" > ip6addrctl_enable="YES" > ip6addrctl_policy="ipv4_prefer" > > root@test:/etc/mail # ip6addrctl > Prefix Prec Label Use > ::1/128 50 0 0 > ::/0 40 1 0 > ::ffff:0.0.0.0/96 100 4 0 > 2002::/16 30 2 0 > 2001::/32 5 5 0 > fc00::/7 3 13 0 > ::/96 1 3 0 > fec0::/10 1 11 0 > 3ffe::/16 1 12 0 > > I stress, this is fresh system which was installed from official BETA2 > img and I didn't configure anything else. It's default system. > > 2013/8/1 Pavel Timofeev : >> I tried, but it didn't work. >> # grep ip /etc/rc.conf >> ipv6_activate_all_interfaces="NO" >> ipv6_network_interfaces="none" >> ip6addrctl_enable="NO" >> ip6addrctl_policy="ipv4_prefer" >> # ip6addrctl show >> no source-address-selection policy is installed >> >> Or I did it wrong? >> >> 2013/7/31 J David : >>> On Wed, Jul 31, 2013 at 8:54 AM, Pavel Timofeev wrote: >>>> I've just installed new fresh 9.2-BETA2 amd64 on another machine. >>>> Same behavior - Sendmail asks DNS only for AAAA record of mx server. >>> >>> We also noticed one of our machines suddenly started using IPv6 to >>> send outbound email (from Postfix rather than Sendmail) after it was >>> upgraded from 8.4 to 9-STABLE a bit ago. >>> >>> I think there's been a change in the default IPv6 behavior between 8 >>> and 9. Probably one of the many important things in UPDATING that >>> always seems to slip past me. >>> >>> We use IPv6 extensively, so we were pleased after the initial >>> surprise, but if you don't then ip6addrctl is probably the right >>> temporary answer until you do. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:47:54 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D15358B2 for ; Thu, 1 Aug 2013 10:47:54 +0000 (UTC) (envelope-from kpaasial@gmail.com) Received: from mail-qe0-x22b.google.com (mail-qe0-x22b.google.com [IPv6:2607:f8b0:400d:c02::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8C164293A for ; Thu, 1 Aug 2013 10:47:54 +0000 (UTC) Received: by mail-qe0-f43.google.com with SMTP id k5so1024653qej.30 for ; Thu, 01 Aug 2013 03:47:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=4/c5hkG9+g9sL0XHaJwQxDfM2f5yPYqUf7H9X4gMZ+A=; b=RWE2SmlL+qil2bJcz5vNFk/mgRfOsZKM1MDzmo94DscP9eTjR14D605/M9vDY0xOme Um4QU+bjuv0zYNHTuvddk+xrzBcSQpizxYnw83Px/tE23pfhQEBrbrad/EG5Htkf0FxF 2Xvs24Lm+cMzRJfvnwE2/et9FOc/4maZzqGt1l/T1GZzK7rKhJVMNcXWTP8QVVgwAnLs UZAucMdOPPKhpgts794bHS/5Enz0yVq4G/fFD2oI59tXeQKOHrRHzcBV6d3GsH38+e5e vxEut59wD2HC9Y3q9rYY6KyP+/fHeUsyc2bikKp9zQGH6T34XOVbH6pQfEDswvIPyr3l xtfA== MIME-Version: 1.0 X-Received: by 10.49.26.202 with SMTP id n10mr1076921qeg.60.1375354073590; Thu, 01 Aug 2013 03:47:53 -0700 (PDT) Received: by 10.224.78.194 with HTTP; Thu, 1 Aug 2013 03:47:53 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 13:47:53 +0300 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Kimmo Paasiala To: Pavel Timofeev Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:47:54 -0000 Forgot to send to list as well.... On Thu, Aug 1, 2013 at 1:40 PM, Pavel Timofeev wrote: > Ok, I understand. Thanks a lot for excelent explanation. Maybe > sendmail ignores additional section? > > I use _default_ fresh system, so resolver is _default_ bind. > For investigation I've just installed fresh 9.1-RELEASE amd64, email > delivery works and picture looks different than on 9.2: > The default resolver is not BIND because it's not enabled by default. The nameservers listed in /etc/resolv.conf are used for resolving addresses in default setup (assuming they are filled properly by DHCP client or manually by user). From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 10:53:09 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C7B2EC13 for ; Thu, 1 Aug 2013 10:53:09 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x22c.google.com (mail-ve0-x22c.google.com [IPv6:2607:f8b0:400c:c01::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7F80729A2 for ; Thu, 1 Aug 2013 10:53:09 +0000 (UTC) Received: by mail-ve0-f172.google.com with SMTP id oz10so2072231veb.31 for ; Thu, 01 Aug 2013 03:53:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=KPd9uBHksUWh5Nc+a3ToStl6YP5ZdIh07KY6VvoVqsc=; b=0WVz/KxTW/aJB6/13LU8wqnhacpVY/kV+gvwPmWcsTvqAaZ5nNZJZ6+TsrXX64QdZw wkfL7vZHwFW1F6QRVhuFGhRdH4nMPAtoytucHEnNPLk53a65C5pQ6V5A+ox1g+xqxTgs dCoyOpuyNaxCeZr9YpBhkGjtmvHm2kCD/eYHCGD29GZJC+Bsq2yJGizLJhI1SP/eEJYC uQM9inDyhbzu9gUqwBrLQz+kYIxXt9oGcPvYncXwruMYFpmDzAIyYu/QVAlQpvt9Wy/0 hcefirvvxzCWuGrDbahyEEzctgGcoWuKb4EskrnN4ry6PsejT4ZtVe966RURSn0OGY7U 2EXA== MIME-Version: 1.0 X-Received: by 10.58.202.1 with SMTP id ke1mr245000vec.85.1375354388561; Thu, 01 Aug 2013 03:53:08 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Thu, 1 Aug 2013 03:53:08 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 14:53:08 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: Kimmo Paasiala , freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 10:53:09 -0000 I'm sorry( So resolver is MS server. But does it matter when it works good with 9.1 and doesn't work with 9.2? What I have to do for investigation? 2013/8/1 Kimmo Paasiala : > On Thu, Aug 1, 2013 at 1:40 PM, Pavel Timofeev wrote: >> Ok, I understand. Thanks a lot for excelent explanation. Maybe >> sendmail ignores additional section? >> >> I use _default_ fresh system, so resolver is _default_ bind. >> For investigation I've just installed fresh 9.1-RELEASE amd64, email >> delivery works and picture looks different than on 9.2: >> > > The default resolver is not BIND because it's not enabled by default. > The nameservers listed in /etc/resolv.conf are used for resolving > addresses in default setup (assuming they are filled properly by DHCP > client or manually by user). > > -Kimmo From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 11:01:55 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 19953AE for ; Thu, 1 Aug 2013 11:01:55 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-ve0-x22a.google.com (mail-ve0-x22a.google.com [IPv6:2607:f8b0:400c:c01::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C60E92A4E for ; Thu, 1 Aug 2013 11:01:54 +0000 (UTC) Received: by mail-ve0-f170.google.com with SMTP id 15so2097069vea.29 for ; Thu, 01 Aug 2013 04:01:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=OnwGB5xxxm+6UTyzHyiv+LE/Wv5tfdI7nc7PCrHw3Fw=; b=mxDEhLEajEp9lOrMg3bNpoGeuO1X/UWz4c0iee4/JVkkSYKkrrTiEnBoSss6EeMw+v WMvoibiYm6x8avzZBwvmSAxF/+44HhyoflsICaa7dT0Nk59IO0yyBEwTXzzgtXDMWs87 YylD1cdCG281Qi0FAo5+wjVs9JCBfgEeWMKewQ3hXwqbMvHifLiwD/v0Rjupgaa6P5U7 QDYr4nbswp0HImNax6b6hJIIPnaUVGwxcFIaX8F3XS/EEvev9IdLhVY7Xxl5Ru2REpIy JNLTUVh6eHpFTOD3nd2fYXX2tFjornqE25NlJmfydn9UurFGHwSYxTAjIW6v5QzvQ0jt sIbg== MIME-Version: 1.0 X-Received: by 10.58.118.8 with SMTP id ki8mr256055veb.84.1375354913906; Thu, 01 Aug 2013 04:01:53 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Thu, 1 Aug 2013 04:01:53 -0700 (PDT) In-Reply-To: References: Date: Thu, 1 Aug 2013 15:01:53 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 11:01:55 -0000 Here is dig output of our domain root@test:/etc/mail # dig xxx.ru IN MX ; <<>> DiG 9.8.4-P2 <<>> xxx.ru IN MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39091 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;xxx.ru. IN MX ;; ANSWER SECTION: xxx.ru. 3600 IN MX 10 kalmar.xxx.ru. ;; ADDITIONAL SECTION: kalmar.xxx.ru. 3600 IN A 192.168.31.190 ;; Query time: 1 msec ;; SERVER: 192.168.2.12#53(192.168.2.12) ;; WHEN: Thu Aug 1 15:00:23 2013 ;; MSG SIZE rcvd: 63 2013/8/1 Pavel Timofeev : > I'm sorry( > So resolver is MS server. > > But does it matter when it works good with 9.1 and doesn't work with 9.2? > > What I have to do for investigation? > > > 2013/8/1 Kimmo Paasiala : >> On Thu, Aug 1, 2013 at 1:40 PM, Pavel Timofeev wrote: >>> Ok, I understand. Thanks a lot for excelent explanation. Maybe >>> sendmail ignores additional section? >>> >>> I use _default_ fresh system, so resolver is _default_ bind. >>> For investigation I've just installed fresh 9.1-RELEASE amd64, email >>> delivery works and picture looks different than on 9.2: >>> >> >> The default resolver is not BIND because it's not enabled by default. >> The nameservers listed in /etc/resolv.conf are used for resolving >> addresses in default setup (assuming they are filled properly by DHCP >> client or manually by user). >> >> -Kimmo From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 12:20:44 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B2D92C65; Thu, 1 Aug 2013 12:20:44 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-pb0-x22f.google.com (mail-pb0-x22f.google.com [IPv6:2607:f8b0:400e:c01::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 84F772E7B; Thu, 1 Aug 2013 12:20:44 +0000 (UTC) Received: by mail-pb0-f47.google.com with SMTP id rr4so785431pbb.34 for ; Thu, 01 Aug 2013 05:20:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=mzpfgmQpX5iq57aDOrTZfMNNh5ervGn4PLHii96+tuQ=; b=svdmIVDGoPZiGOj68/wbb1l43YibyfnrsCIry6TYE84UILUBmGkIh7fzc8ISj/P8lc yFE0+j9Y5C5+FTZOcxh4ZERt1DFz7vlqfPe3c4nUYGIEHGcxsuvym0lSjgI3ozy28LrI XTUeP4wMGXRbELplvfj2eZqIEg8/hn6Bu5LyhB5vZzwcK7VaauASZMA8GeKgnDZoZTNu 1Q/R4iaNQ51q3C67RmXkAwBlBX9qBJmaZqqY5Aq/WCZbs4NK8Diqzts3RJOwmpUajgc/ bUG+lI6xU8ooTPgv56pAFqboISjlsWXAD0e2S1tbmFbbK+2z42owcw8aEN7foxliN0BS QAaw== MIME-Version: 1.0 X-Received: by 10.68.101.225 with SMTP id fj1mr1717335pbb.8.1375359643953; Thu, 01 Aug 2013 05:20:43 -0700 (PDT) Received: by 10.70.88.74 with HTTP; Thu, 1 Aug 2013 05:20:43 -0700 (PDT) In-Reply-To: <8A0B3556-BC6D-40AB-9315-530369852B09@gsoft.com.au> References: <13CA24D6AB415D428143D44749F57D7201FFC385@ltcfiswmsgmb21> <72D1BC68-3E5A-4DCA-8585-3CA7D3A2D51D@gsoft.com.au> <0ffc01ce8e46$9116ab80$b3440280$@freebsd.org> <64BAEFA1-2981-4F9F-8580-04FA2B852F6C@gsoft.com.au> <8A0B3556-BC6D-40AB-9315-530369852B09@gsoft.com.au> Date: Thu, 1 Aug 2013 07:20:43 -0500 Message-ID: Subject: Re: Booting FreeBSD with Syslinux From: Adam Vande More To: "Daniel O'Connor" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: Warren Block , Devin Teske , freebsd-stable stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 12:20:44 -0000 On Wed, Jul 31, 2013 at 9:47 PM, Daniel O'Connor wrote: > > On 01/08/2013, at 12:15, Warren Block wrote: > >> Supposedly someone got it to work because there is an entry in the > syslinux wiki > >> http://www.syslinux.org/wiki/index.php/Mboot.c32#FreeBSD_example > > > > I'm following the threads on both lists, and that example looks more > like a generic template than an actual, working command. "kernel_option", > for example. > > Yeah, I also wonder if it's for booting a XENified FreeBSD or something > similar (no idea really). > > Maybe I'll just have to stuff the loader in an MFS and boot that :( > galacticdominator% ./mbchk /boot/kernel/kernel /boot/kernel/kernel: No Multiboot header. Maybe i386 would work, but apparently not amd64. -- Adam Vande More From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 13:20:01 2013 Return-Path: Delivered-To: freebsd-stable@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B699C3E7 for ; Thu, 1 Aug 2013 13:20:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id A09A021FD for ; Thu, 1 Aug 2013 13:20:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r71DK1qM088250 for ; Thu, 1 Aug 2013 13:20:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r71DK1X7088249; Thu, 1 Aug 2013 13:20:01 GMT (envelope-from gnats) Date: Thu, 1 Aug 2013 13:20:01 GMT Message-Id: <201308011320.r71DK1X7088249@freefall.freebsd.org> To: freebsd-stable@FreeBSD.org Cc: From: dfilter@FreeBSD.ORG (dfilter service) Subject: Re: i386/179112: commit references a PR X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: dfilter service List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 13:20:01 -0000 The following reply was made to PR i386/179112; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: i386/179112: commit references a PR Date: Thu, 1 Aug 2013 13:19:08 +0000 (UTC) Author: marius Date: Thu Aug 1 13:18:47 2013 New Revision: 253860 URL: http://svnweb.freebsd.org/changeset/base/253860 Log: MFC: r249410 (partial) Remove ctl(4) from GENERIC. With ctl(4) being built as a module and automatically loaded by ctladm(8), this makes CTL work out of the box. Note that unlike the original r249410, this commit does not remove the kern.cam.ctl.disable tunable for POLA reasons. PR: 174671, 175694, 179112 Reviewed by: ken (original version) Sponsored by: FreeBSD Foundation (original version) Approved by: re (hrs) Modified: stable/9/sys/amd64/conf/GENERIC stable/9/sys/i386/conf/GENERIC stable/9/sys/i386/conf/PAE stable/9/sys/ia64/conf/GENERIC stable/9/sys/sparc64/conf/GENERIC Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/amd64/conf/GENERIC ============================================================================== --- stable/9/sys/amd64/conf/GENERIC Thu Aug 1 12:55:41 2013 (r253859) +++ stable/9/sys/amd64/conf/GENERIC Thu Aug 1 13:18:47 2013 (r253860) @@ -124,7 +124,7 @@ device sa # Sequential Access (tape et device cd # CD device pass # Passthrough device (direct ATA/SCSI access) device ses # Enclosure Services (SES and SAF-TE) -device ctl # CAM Target Layer +#device ctl # CAM Target Layer # RAID controllers interfaced to the SCSI subsystem device amr # AMI MegaRAID Modified: stable/9/sys/i386/conf/GENERIC ============================================================================== --- stable/9/sys/i386/conf/GENERIC Thu Aug 1 12:55:41 2013 (r253859) +++ stable/9/sys/i386/conf/GENERIC Thu Aug 1 13:18:47 2013 (r253860) @@ -131,7 +131,7 @@ device sa # Sequential Access (tape et device cd # CD device pass # Passthrough device (direct ATA/SCSI access) device ses # Enclosure Services (SES and SAF-TE) -device ctl # CAM Target Layer +#device ctl # CAM Target Layer # RAID controllers interfaced to the SCSI subsystem device amr # AMI MegaRAID Modified: stable/9/sys/i386/conf/PAE ============================================================================== --- stable/9/sys/i386/conf/PAE Thu Aug 1 12:55:41 2013 (r253859) +++ stable/9/sys/i386/conf/PAE Thu Aug 1 13:18:47 2013 (r253860) @@ -39,8 +39,6 @@ nodevice ncv nodevice nsp nodevice stg -nodevice ctl - nodevice asr nodevice dpt nodevice mly Modified: stable/9/sys/ia64/conf/GENERIC ============================================================================== --- stable/9/sys/ia64/conf/GENERIC Thu Aug 1 12:55:41 2013 (r253859) +++ stable/9/sys/ia64/conf/GENERIC Thu Aug 1 13:18:47 2013 (r253860) @@ -100,7 +100,7 @@ device da # Direct Access (ie disk) device pass # Passthrough (direct ATA/SCSI access) device sa # Sequential Access (ie tape) device ses # Enclosure Services (SES and SAF-TE) -device ctl # CAM Target Layer +#device ctl # CAM Target Layer # RAID controllers device aac # Adaptec FSA RAID Modified: stable/9/sys/sparc64/conf/GENERIC ============================================================================== --- stable/9/sys/sparc64/conf/GENERIC Thu Aug 1 12:55:41 2013 (r253859) +++ stable/9/sys/sparc64/conf/GENERIC Thu Aug 1 13:18:47 2013 (r253860) @@ -107,7 +107,7 @@ device sa # Sequential Access (tape et device cd # CD device pass # Passthrough device (direct ATA/SCSI access) device ses # SCSI Environmental Services (and SAF-TE) -device ctl # CAM Target Layer +#device ctl # CAM Target Layer # RAID controllers #device amr # AMI MegaRAID _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 13:22:48 2013 Return-Path: Delivered-To: freebsd-stable@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B6BE9752; Thu, 1 Aug 2013 13:22:48 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8E2662279; Thu, 1 Aug 2013 13:22:48 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r71DMmhe089920; Thu, 1 Aug 2013 13:22:48 GMT (envelope-from marius@freefall.freebsd.org) Received: (from marius@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r71DMlPO089919; Thu, 1 Aug 2013 13:22:47 GMT (envelope-from marius) Date: Thu, 1 Aug 2013 13:22:47 GMT Message-Id: <201308011322.r71DMlPO089919@freefall.freebsd.org> To: msa@latt.net, marius@FreeBSD.org, freebsd-stable@FreeBSD.org From: marius@FreeBSD.org Subject: Re: i386/179112: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 13:22:48 -0000 Synopsis: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems State-Changed-From-To: open->closed State-Changed-By: marius State-Changed-When: Thu Aug 1 13:22:29 UTC 2013 State-Changed-Why: Close http://www.freebsd.org/cgi/query-pr.cgi?pr=179112 From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 14:47:58 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D064A2AA; Thu, 1 Aug 2013 14:47:58 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1-6.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9CAA7279B; Thu, 1 Aug 2013 14:47:58 +0000 (UTC) Received: from [192.168.43.26] (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.5/8.14.5) with ESMTP id r71Elv46018260; Thu, 1 Aug 2013 10:47:58 -0400 (EDT) (envelope-from mike@sentex.net) Message-ID: <51FA750C.50502@sentex.net> Date: Thu, 01 Aug 2013 10:47:40 -0400 From: Mike Tancsa Organization: Sentex Communications User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: FreeBSD-STABLE Mailing List Subject: Listen queue overflow X-Enigmail-Version: 1.4.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.72 on 64.7.153.18 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 14:47:58 -0000 After upgrading from a RELENG9 kernel from June 18th to July 27th, I am seeing this odd new message. Is this a new bug, or just a new diagnostic message ? I am guessing it happened after r253035 ? sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 14:48:24 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0496B3B2; Thu, 1 Aug 2013 14:48:24 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-wi0-x22d.google.com (mail-wi0-x22d.google.com [IPv6:2a00:1450:400c:c05::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 60F7D27AF; Thu, 1 Aug 2013 14:48:23 +0000 (UTC) Received: by mail-wi0-f173.google.com with SMTP id en1so6795539wid.12 for ; Thu, 01 Aug 2013 07:48:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=8hHdkUO2IYSXwp3ZUcr0UiIVwYZEC+7w/97X+HopQO0=; b=BcVRxmZFwq84OPEX49gDBFCp4UsTxN7gJEgm36I7b7CbolxAf0stU9Dp6CjIwUulTH W4/qHsj+MohwJC5I/CQslA7Cvs7iKEoQtHMdYlNaobGczX0qg1QxXOSmTzVSW7r2dzmI i0bufI728NY2p5nn6x8ZeVA2rdiQQOOxwQlhsRv+StD6NzOpBXNl3aKMSbBpnHCoSXES 4MX9tGxIOEkFZI5EWCfLLZf6tkYm8WP6TDnKzgpuG96TG4L4/+QIh1T+Xe8kdlQwno38 cF6tYLGa+DjFT5YhXuypjtlJmJwkJlxOM7b9ZK6CKiLBniOv4/psTmF9VZ35iOgEl/6g zbrg== MIME-Version: 1.0 X-Received: by 10.194.203.73 with SMTP id ko9mr1493439wjc.79.1375368501577; Thu, 01 Aug 2013 07:48:21 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.217.94.132 with HTTP; Thu, 1 Aug 2013 07:48:21 -0700 (PDT) In-Reply-To: <201308011322.r71DMlPO089919@freefall.freebsd.org> References: <201308011322.r71DMlPO089919@freefall.freebsd.org> Date: Thu, 1 Aug 2013 07:48:21 -0700 X-Google-Sender-Auth: AHeLGKmEX6WS3h2O5Fkf6JohlZw Message-ID: Subject: Re: i386/179112: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems From: Adrian Chadd To: marius@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-stable@freebsd.org, msa@latt.net X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 14:48:24 -0000 Did the kmem_size_scale parameter get changed too? Did you test this on 128mb or 256mb of RAM (in a VM will do) to see if you still panic shortly after boot? Doing any kind of file/net IO quickly leads to death. -adrian On 1 August 2013 06:22, wrote: > Synopsis: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems > > State-Changed-From-To: open->closed > State-Changed-By: marius > State-Changed-When: Thu Aug 1 13:22:29 UTC 2013 > State-Changed-Why: > Close > > http://www.freebsd.org/cgi/query-pr.cgi?pr=179112 > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 15:18:20 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B8B72D37 for ; Thu, 1 Aug 2013 15:18:20 +0000 (UTC) (envelope-from fred.letter@lacave.net) Received: from talisker.lacave.net (talisker.lacave.net [217.112.180.250]) by mx1.freebsd.org (Postfix) with SMTP id 0451C2990 for ; Thu, 1 Aug 2013 15:18:19 +0000 (UTC) Received: (qmail 87968 invoked from network); 1 Aug 2013 17:11:36 +0200 Received: from localhost (HELO talisker.lacave.net) (127.0.0.1) by localhost with SMTP; 1 Aug 2013 17:11:36 +0200 X-Virus-Scanned: amavisd-new at lacave.net Received: from talisker.lacave.net ([127.0.0.1]) by talisker.lacave.net (talisker.lacave.net [127.0.0.1]) (amavisd-new, port 10025) with LMTP id H33oaUisthef for ; Thu, 1 Aug 2013 17:11:35 +0200 (CEST) Received: from MIDORI.local (unknown [192.168.2.245]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: fred.meduse.lacave) by talisker.lacave.net (Postfix) with ESMTPSA id 3C532398038 for ; Thu, 1 Aug 2013 17:11:35 +0200 (CEST) Date: Thu, 1 Aug 2013 17:11:34 +0200 From: "F. Senault" Organization: Secte de l'Elephant Fuschia X-Priority: 3 (Normal) Message-ID: <467979520.20130801171134@lacave.net> To: FreeBSD-STABLE Mailing List Subject: FreeBSD 9.1 won't boot with a graid error MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: "F. Senault" List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 15:18:20 -0000 Hi everybody. I've just upgraded a box from FreeBSD 9 to 9.1 via freebsd-update. At the first reboot, the machine stopped with messages about GRAID : GEOM_RAID: Promise: Subdisk kjihgfedcba`_^]\[ZYXWVUTSRQPONM:0-ada0 state changed from NONE to ACTIVE The trick is that I've never setup any kind of RAID on that old box... Is there a way to completely disable GEOM_RAID loading on boot ? Here are the obligatory blurry-cellphone-pictures of the boot messages : https://www.dropbox.com/s/wqgjsf1adhoaksb/boot1.jpg https://www.dropbox.com/s/99z1cojz22w7jn4/boot2.jpg https://www.dropbox.com/s/7hk1inrhd1k59zi/boot3.jpg The motherboard is an old GA-8IG100MK, fitted with two supplementary 3com NICs. The specs can be found here : http://www.gigabyte.com/products/product-page.aspx?pid=1655#sp Chipset : - North Bridge : Intel 865G GMCH - Intel 82801EB - Intel 82562EZ Ethernet Controller - Super I/O: ITE I/O IT8712F chip - Realtek ALC655 CODEC - 3M bit flash ROM TIA, Fred From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 15:31:38 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 5E61715E; Thu, 1 Aug 2013 15:31:38 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1ADBA2A75; Thu, 1 Aug 2013 15:31:37 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r71FVoCk013556; Thu, 1 Aug 2013 08:31:56 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r71FVjP1013555; Thu, 1 Aug 2013 08:31:45 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Thu, 1 Aug 2013 08:31:45 -0700 (PDT) Message-ID: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> Date: Thu, 1 Aug 2013 08:31:45 -0700 (PDT) Subject: Please remove Perl from ports From: "Chris H" To: "freebsd-perl" , "freebsd-stable" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 15:31:38 -0000 Greetings, I currently manage several RELENG_8 servers. Recent changes in the manner in which base && ports must be managed have resulted in more than a fair amount of grief. the migration from cv(sup) --> subversion required re-working long standing, carefully crafted management procedures to be pitched to the trash, and re-invented. A recent change to the Perl installation structure presents an entire new set of headaches, rendering up(grading|dating) near, if not completely impossible. Case in point; an i386 8.3-STABLE box with it's last update just prior to the Perl structure change, began a new update this morning via portmaster(8). As it reached 163/300 upgrade targets, the process died with a missing dependency error -- p5-XML-Simple. Exploring /var/db/pkg revealed that it had already been installed/upgraded (p5-XML-Simple-2.20). Any attempt to re-install/forceably upgrade the module failed with "p5-XML-Simple-2.20 not installed". According to /usr/ports/UPDATING; 20130612: AFFECTS: users of lang/perl* and any port that depends on it AUTHOR: az@FreeBSD.org lang/perl5.12 has been upgraded from version 5.12.4 to 5.12.5 lang/perl5.14 has been upgraded from version 5.14.2 to 5.14.4 lang/perl5.16 has been upgraded from version 5.16.2 to 5.16.3 The directory structure where Perl is installed has also been modified: "major.minor" is now used instead of "major.minor.patchlevel". The "perl-after-upgrade" script has been removed. Please rebuild all Perl ports and all ports that depend on it: # portmaster -r perl or # portupgrade -rf perl or # pkg install -fR perl # portmaster -r perl ===>>> perl is not installed ===>>> Aborting update Hmm... # ls /usr/local/lib/perl5 5.14 5.14.2 site_perl Yep. Perl is installed. Any attempt to upgrade/update *any* Perl, or Perl related ports fail. I think it's probably fair to say, that the restructuring of the Perl installation is the cause -- no? How does reading, and following the instruction(s) provided in /usr/ports/UPDATING help, or resolve such matters? WHY was this change *required*? How does this help FreeBSD's base users? Couldn't th(is|ese) changes been given enough forethought to have provided tools/procedures that guarantee/ ensure that those affected, can make the transition smoothly? That those who's income is directly affected by FreeBSD, be relatively unencumbered by the changes? While I recognize that many might argue that updating more frequently would eliminate most -- if not all of these issues. I can only say, that that _shouldn't_ be the case. For many, schedules don't always permit this, and if given the right tools, this wouldn't be an issue at all. While I also recognize that those whom haven't experienced these issues, all of this might just sound like a "rant". I don't believe that all of the problems generated by the changes needed to have occurred. So, in the end; why did Perl have to be relocated? Is my only recourse at this point to # cd / # rm -rf . slib the DVD into the slot, and push the reset button? Thank you for all your time, and consideration in this matter. --chris From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 15:47:51 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 93B498C6 for ; Thu, 1 Aug 2013 15:47:51 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 68DFD2B64 for ; Thu, 1 Aug 2013 15:47:51 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id A74EE21216 for ; Thu, 1 Aug 2013 11:47:46 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute3.internal (MEProxy); Thu, 01 Aug 2013 11:47:47 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=u619oHQQc080IZDCwy+FHvXq8HA=; b=L54 repcHH926FQh/cfH5xxlMr3JNxoT3NPo/pf+KUDZHoCAl5nh6mx/5VYGryh4BEcE NFInyYRgH+yKvA4/NDGOpWp1s6JbW9SS6y+0+UZ4QXnilQXnAgl77saf+sv3xgHM QORnsdN0Sc2GNhHr/0IPWZqK5fNifzdu5HSI9cs4= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 847C8B01FFD; Thu, 1 Aug 2013 11:47:46 -0400 (EDT) Message-Id: <1375372066.32718.4618055.71C55506@webmail.messagingengine.com> X-Sasl-Enc: J/1HwK+StSdWUllRY9tC9fBLRXIBVghkOTJH4uThonRv 1375372066 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-2d520484 In-Reply-To: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> Subject: Re: Please remove Perl from ports Date: Thu, 01 Aug 2013 10:47:46 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 15:47:51 -0000 I can't comment on the perl changes directly, but I can assure you that if you use port-mgmt/pkg (pkgng) and build your ports into packages via ports-mgmt/poudriere you will have zero upgrade problems -- a simple "pkg upgrade" will handle the scenario properly. I really haven't tried following UPDATING with portmaster/portupgrade to see what happens. I'd suspect that portmaster is doing something wrong, but further investigation is really necessary to have a solid conclusion of what happened on your server(s). For the first time in ages the ports environment on FreeBSD is rapidly evolving. There are many, many new features that benefit the whole of the userbase and will ease support and deployment across the board. We're trying to limit turbulence, but sometimes things are unforeseeable. This is the nature of the incredible flexibility of FreeBSD's ports; there's more than one way to do something. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 15:49:10 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 322799DF for ; Thu, 1 Aug 2013 15:49:10 +0000 (UTC) (envelope-from patfbsd@davenulle.org) Received: from smtp.lamaiziere.net (net.lamaiziere.net [94.23.254.147]) by mx1.freebsd.org (Postfix) with ESMTP id EF0032B81 for ; Thu, 1 Aug 2013 15:49:09 +0000 (UTC) Received: from mr129166.localdomain (mr129166.cri.univ-rennes1.fr [129.20.129.166]) by smtp.lamaiziere.net (Postfix) with ESMTPA id DCB055479; Thu, 1 Aug 2013 17:49:01 +0200 (CEST) Received: from mr129166 (localhost [127.0.0.1]) by mr129166.localdomain (Postfix) with ESMTP id 3750E13A7; Thu, 1 Aug 2013 17:49:01 +0200 (CEST) Date: Thu, 1 Aug 2013 17:49:00 +0200 From: Patrick Lamaiziere To: freebsd-stable@freebsd.org, "Chris H" Subject: Re: Please remove Perl from ports Message-ID: <20130801174900.68fa46eb@mr129166> In-Reply-To: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd9.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 15:49:10 -0000 Le Thu, 1 Aug 2013 08:31:45 -0700 (PDT), "Chris H" a crit : > Greetings, > I currently manage several RELENG_8 servers. Recent changes in the > manner in which base && ports must be managed have resulted in more > than a fair amount of grief. the migration from cv(sup) --> subversion > required re-working long standing, carefully crafted management > procedures to be pitched to the trash, and re-invented. A recent > change to the Perl installation structure presents an entire new set > of headaches, rendering up(grading|dating) near, if not completely > impossible. that's not new. A perl upgrade was always painful. I suggest to use poudriere to build yours packages and pkgng to manage them. As poudriere produces a consistent set of packages, an upgrade is painless (pkg upgrade -f) and you can deploy them on several machines. In fact poudriere and pkg saved me :) Regards. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 16:01:36 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C489FEDC; Thu, 1 Aug 2013 16:01:36 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8D9702C43; Thu, 1 Aug 2013 16:01:36 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r71G1tCW015043; Thu, 1 Aug 2013 09:02:01 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r71G1ogf015037; Thu, 1 Aug 2013 09:01:50 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Thu, 1 Aug 2013 09:01:50 -0700 (PDT) Message-ID: In-Reply-To: <1375372066.32718.4618055.71C55506@webmail.messagingengine.com> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <1375372066.32718.4618055.71C55506@webmail.messagingengine.com> Date: Thu, 1 Aug 2013 09:01:50 -0700 (PDT) Subject: Re: Please remove Perl from ports From: "Chris H" To: "Mark Felder" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 16:01:36 -0000 Greetings Mark, and thank you for your thoughtful reply. > I can't comment on the perl changes directly, but I can assure you that > if you use port-mgmt/pkg (pkgng) and build your ports into packages via > ports-mgmt/poudriere you will have zero upgrade problems -- a simple > "pkg upgrade" will handle the scenario properly. I really haven't tried > following UPDATING with portmaster/portupgrade to see what happens. I'd > suspect that portmaster is doing something wrong, but further > investigation is really necessary to have a solid conclusion of what > happened on your server(s). While that sounds real nice. The *current* upgrade will need to *successfully* complete, before attempting to "jump tracks", and re-create an up(grade|date) policy. :) > > For the first time in ages the ports environment on FreeBSD is rapidly > evolving. There are many, many new features that benefit the whole of > the userbase and will ease support and deployment across the board. > We're trying to limit turbulence, but sometimes things are > unforeseeable. This is the nature of the incredible flexibility of > FreeBSD's ports; "there's more than one way to do something." Sounds a bit "Perlish". :) Thanks again. --chris > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 16:04:37 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CF61F91 for ; Thu, 1 Aug 2013 16:04:37 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6434C2C6F for ; Thu, 1 Aug 2013 16:04:37 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.7/8.14.7) with ESMTP id r71G4WHg085918; Thu, 1 Aug 2013 10:04:32 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.7/8.14.7/Submit) with ESMTP id r71G4Ve3085915; Thu, 1 Aug 2013 10:04:32 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Thu, 1 Aug 2013 10:04:31 -0600 (MDT) From: Warren Block To: "F. Senault" Subject: Re: FreeBSD 9.1 won't boot with a graid error In-Reply-To: <467979520.20130801171134@lacave.net> Message-ID: References: <467979520.20130801171134@lacave.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Thu, 01 Aug 2013 10:04:32 -0600 (MDT) Cc: FreeBSD-STABLE Mailing List X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 16:04:37 -0000 On Thu, 1 Aug 2013, F. Senault wrote: > Hi everybody. > > I've just upgraded a box from FreeBSD 9 to 9.1 via freebsd-update. > > At the first reboot, the machine stopped with messages about GRAID : > > GEOM_RAID: Promise: Subdisk kjihgfedcba`_^]\[ZYXWVUTSRQPONM:0-ada0 state > changed from NONE to ACTIVE > > The trick is that I've never setup any kind of RAID on that old box... > > Is there a way to completely disable GEOM_RAID loading on boot ? Boot into the loader (option 2 at boot menu). Enter: set kern.geom.raid.enable=0 boot That should allow it to boot, and can be added to /boot/loader.conf. I'm not sure of an easy way to clear the metadata for a permanent fix. Apparently some manufacturers use motherboard RAID to test drives, so the metadata may have been on the drive from the factory. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 16:06:57 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7654C314 for ; Thu, 1 Aug 2013 16:06:57 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 42E9C2C9E for ; Thu, 1 Aug 2013 16:06:56 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r71G7GhL015353 for ; Thu, 1 Aug 2013 09:07:22 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r71G7AXI015347; Thu, 1 Aug 2013 09:07:10 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Thu, 1 Aug 2013 09:07:11 -0700 (PDT) Message-ID: <8705515f2e1b295438d448910a7d19bd.authenticated@ultimatedns.net> In-Reply-To: <20130801174900.68fa46eb@mr129166> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <20130801174900.68fa46eb@mr129166> Date: Thu, 1 Aug 2013 09:07:11 -0700 (PDT) Subject: Re: Please remove Perl from ports From: "Chris H" To: freebsd-stable@freebsd.org User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 16:06:57 -0000 Greetings Patrick, and thank you for the reply. > Le Thu, 1 Aug 2013 08:31:45 -0700 (PDT), > "Chris H" a écrit : > >> Greetings, >> I currently manage several RELENG_8 servers. Recent changes in the >> manner in which base && ports must be managed have resulted in more >> than a fair amount of grief. the migration from cv(sup) --> subversion >> required re-working long standing, carefully crafted management >> procedures to be pitched to the trash, and re-invented. A recent >> change to the Perl installation structure presents an entire new set >> of headaches, rendering up(grading|dating) near, if not completely >> impossible. > > that's not new. A perl upgrade was always painful. > I suggest to use poudriere to build yours packages and pkgng to > manage them. As poudriere produces a consistent set of packages, > an upgrade is painless (pkg upgrade -f) and you can deploy them on > several machines. > > In fact poudriere and pkg saved me :) While that all sounds "dreamy". I don't think setting something like that up on a *half* up(graded|dated) server, should even be considered. Much less even possible. :( Thanks again, for taking the time to respond. --chris > > Regards. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > > From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 16:16:23 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9F0D85B1 for ; Thu, 1 Aug 2013 16:16:23 +0000 (UTC) (envelope-from feld@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 72F742D0F for ; Thu, 1 Aug 2013 16:16:23 +0000 (UTC) Received: from compute6.internal (compute6.nyi.mail.srv.osa [10.202.2.46]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 45DC220FEE for ; Thu, 1 Aug 2013 12:16:17 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Thu, 01 Aug 2013 12:16:17 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=VY2HV2gAa7efcOUZJ/tL7Vz0Pn0=; b=S8j uS9/R048b7QxN0A3g2yW0daEI0tItsn4U5nq8swFuW4pWrykNE2BpdszFTSn5Q4p 1ozn6HirguMz3H0CddpuDco4MI9vauNH6CXT2Y80JGswUbDGHoDZ3MSjJbAhEj3y g5sZp+5IveMaVSLjsbJ+yUkIvkJH5l6gsPoo5KE4= Received: by web3.nyi.mail.srv.osa (Postfix, from userid 99) id 019C1B01FFF; Thu, 1 Aug 2013 12:16:16 -0400 (EDT) Message-Id: <1375373776.10313.4638431.6FE6056D@webmail.messagingengine.com> X-Sasl-Enc: GlxIHG3vTnxsCZbDBJTXtz2nS88J06D5ADHDDVavHOQj 1375373776 From: Mark Felder To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-2d520484 In-Reply-To: <8705515f2e1b295438d448910a7d19bd.authenticated@ultimatedns.net> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <20130801174900.68fa46eb@mr129166> <8705515f2e1b295438d448910a7d19bd.authenticated@ultimatedns.net> Subject: Re: Please remove Perl from ports Date: Thu, 01 Aug 2013 11:16:16 -0500 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 16:16:23 -0000 On Thu, Aug 1, 2013, at 11:07, Chris H wrote: > While that all sounds "dreamy". I don't think setting something > like that up on a *half* up(graded|dated) server, should even be > considered. Much less even possible. :( > Oh, it's more than possible. 1) Install poudriere, minimal configuration if you have ZFS, bit more if you use UFS 2) # poudriere ports -c # creates ports tree for build env 3) # poudirere jail -c -j your_buildjail_name -a arch -v X.X-RELEASE # creates your build jail for your release+architecture 4) put your /etc/make.conf in /usr/local/etc/poudriere.d/your_buildjail_name-make.conf 5) copy your /var/db/ports (port options) to /usr/local/etc/poudirere.d/your_buildjail_name-options/ 6) poudriere bulk -j your_buildjail_name -f list_of_ports.txt wait a bit as it builds all your packages in a cleanroom environment 7) configure /usr/local/etc/pkg.conf to point to these packages (file://usr/local/poudriere/data/packages/your_buildjail_name-default/) 8) pkg update 9) pkg upgrade that will probably fix you up, but there might be a small dragon or two From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 16:25:24 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 573AF9B0; Thu, 1 Aug 2013 16:25:24 +0000 (UTC) (envelope-from s.montgomerysmith@gmail.com) Received: from mail-ve0-x22b.google.com (mail-ve0-x22b.google.com [IPv6:2607:f8b0:400c:c01::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EF7FE2D94; Thu, 1 Aug 2013 16:25:23 +0000 (UTC) Received: by mail-ve0-f171.google.com with SMTP id pa12so2525241veb.30 for ; Thu, 01 Aug 2013 09:25:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; bh=lWgrz5bJKBOEN2qYxmVJS6qZ6r76+w+cu+I1KUgvotA=; b=f9wyt3GPpDuLI5CnDt0nGLIISs4vZCDGk5Vbqul06N0PfO1RffoHFzL7jQ/mBYljuC kxhwSnXxeGmATnb6l8jW0cQUE5HyckdFj8xH9SiDoqEoX5p2MWU5KSsZEKjgjcPs3+0X 8fiOHY8dVOIkezRP70HmeTd8oTLGR9tD7+ZWTYZhsTpyH52K/ySldB/Y84enrH6o09u8 /ol7M+r7lUwenRJOK5aUkCItrjbV0X7BcHXi16bgs1oXE77WHPbnNmMs1px9EaR8N23P 3skLKOiQb2peJ6/Cs/qMTU/qpVFrfSg6xtZb5L9+zN2LM6x7p1h1caYjMvpSlL/b0LU6 9+GQ== X-Received: by 10.52.0.52 with SMTP id 20mr607152vdb.22.1375374322868; Thu, 01 Aug 2013 09:25:22 -0700 (PDT) Received: from [192.168.0.11] (50-82-246-58.client.mchsi.com. [50.82.246.58]) by mx.google.com with ESMTPSA id eu9sm1065292vdb.1.2013.08.01.09.25.20 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 01 Aug 2013 09:25:21 -0700 (PDT) Sender: Stephen Montgomery-Smith Message-ID: <51FA8BED.3060103@missouri.edu> Date: Thu, 01 Aug 2013 11:25:17 -0500 From: Stephen Montgomery-Smith User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130623 Thunderbird/17.0.7 MIME-Version: 1.0 To: Chris H Subject: Re: Please remove Perl from ports References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> In-Reply-To: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-stable , freebsd-perl X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 16:25:24 -0000 On 08/01/2013 10:31 AM, Chris H wrote: > So, in the end; why did Perl have to be relocated? Is my only > recourse at this point to > # cd / > # rm -rf . When I get into this kind of bad situation, I usually do something slightly less drastic: # pkg_delete -a # find -d /usr/local -type d -exec rmdir {} \; This last command removes empty directories in /usr/local (it also produces lots of error messages when it tries to remove non-empty directories). Then I look through the contents of /usr/local, especially if there is anything in /usr/local/etc or /usr/local/libexec where some of my manually changed configuration files reside. And then I delete any crud left over that I know I don't need. After that, I rebuild all the ports from scratch. Finally, I do understand why you feel the need to vent, and I don't want to belittle your feelings of frustration. But I do think everyone is trying their best. I like to tell people that running FreeBSD or Linux is like owning a souped up sports car - usually it runs really well, but it often needs a lot of attention. (Windows is like driving a cheap car that breaks down all the time, but engine is designed in such a way as to be totally inaccessible with regards to repairs. And Apple is like driving a BMW - it mostly works well but you pay a lot for it.) From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 18:00:26 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DD368D4B; Thu, 1 Aug 2013 18:00:26 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8D39221B9; Thu, 1 Aug 2013 18:00:26 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r71I0jGo019555; Thu, 1 Aug 2013 11:00:51 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r71I0e1m019549; Thu, 1 Aug 2013 11:00:40 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Thu, 1 Aug 2013 11:00:40 -0700 (PDT) Message-ID: <1805227358806565b68588a12a00c750.authenticated@ultimatedns.net> In-Reply-To: <1375373776.10313.4638431.6FE6056D@webmail.messagingengine.com> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <20130801174900.68fa46eb@mr129166> <8705515f2e1b295438d448910a7d19bd.authenticated@ultimatedns.net> <1375373776.10313.4638431.6FE6056D@webmail.messagingengine.com> Date: Thu, 1 Aug 2013 11:00:40 -0700 (PDT) Subject: Re: Please remove Perl from ports From: "Chris H" To: "Mark Felder" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 18:00:26 -0000 Greetings Mark, and thank you kindly for your extremely thoughtful, and informative reply. > On Thu, Aug 1, 2013, at 11:07, Chris H wrote: >> While that all sounds "dreamy". I don't think setting something >> like that up on a *half* up(graded|dated) server, should even be >> considered. Much less even possible. :( >> > > Oh, it's more than possible. > > 1) Install poudriere, minimal configuration if you have ZFS, bit more if > you use UFS > 2) # poudriere ports -c # creates ports tree for build env > 3) # poudirere jail -c -j your_buildjail_name -a arch -v X.X-RELEASE # > creates your build jail for your release+architecture > 4) put your /etc/make.conf in > /usr/local/etc/poudriere.d/your_buildjail_name-make.conf > 5) copy your /var/db/ports (port options) to > /usr/local/etc/poudirere.d/your_buildjail_name-options/ > 6) poudriere bulk -j your_buildjail_name -f list_of_ports.txt > > wait a bit as it builds all your packages in a cleanroom environment > > 7) configure /usr/local/etc/pkg.conf to point to these packages > (file://usr/local/poudriere/data/packages/your_buildjail_name-default/) > 8) pkg update > 9) pkg upgrade > > that will probably fix you up, but there might be a small dragon or two Greatly appreciated. While it looks, at first, a bit daunting. I can't imagine a better introduction. Thanks again. --chris > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 18:21:36 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3567B5E0; Thu, 1 Aug 2013 18:21:36 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x230.google.com (mail-oa0-x230.google.com [IPv6:2607:f8b0:4003:c02::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E7D4B22C5; Thu, 1 Aug 2013 18:21:35 +0000 (UTC) Received: by mail-oa0-f48.google.com with SMTP id o17so1442495oag.7 for ; Thu, 01 Aug 2013 11:21:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=/u8n1K35ZtUFXkmI7j3BnU1wo6WV4hhpdBzj/+MF1LA=; b=Po/bVmDHsvletaYtouIsdigRnUAqn3MSQ/j805sq5uJyBp7iWu5GJkhU8YpDp9EJiw ndpu4m34cef8F9/Q8F3uQW+K9kKvNZLlbWOIGf7RRYDhaSOFM6C2On38PAUQTbkhIe2+ btYhvxjYT0POTbUmZ8zPgOdBNFVwHQLr71DHKT+HOyQKqgK5Wrnf5xLIQNoGPooob3Hb gm0iYyS5sdA8vh/pluahOnKCFa7r25twjW9tFFsXNyA2rDccsj+/CePZyHj6VFtu56k0 r/12fsQYlD4ps1yZupY0XodpaaZew/gplH1KxjN1pxfJNbtRoAZ8zYZUftGpmc6q1pfE 1ZfA== MIME-Version: 1.0 X-Received: by 10.43.152.210 with SMTP id kx18mr266204icc.39.1375381295102; Thu, 01 Aug 2013 11:21:35 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.114.73 with HTTP; Thu, 1 Aug 2013 11:21:34 -0700 (PDT) In-Reply-To: <51FA8BED.3060103@missouri.edu> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <51FA8BED.3060103@missouri.edu> Date: Thu, 1 Aug 2013 14:21:34 -0400 X-Google-Sender-Auth: REpOYdPx8YQI6JgtkVOFnJiTaDs Message-ID: Subject: Re: Please remove Perl from ports From: J David To: Stephen Montgomery-Smith Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-perl , Chris H , freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 18:21:36 -0000 On Thu, Aug 1, 2013 at 12:25 PM, Stephen Montgomery-Smith wrote: > When I get into this kind of bad situation, I usually do something > slightly less drastic: > # pkg_delete -a This is similar to what we do. However, we add the following step: pkg info -qoa | sort >/tmp/before-ports Then afterword we can feed that into pkg install to make sure we got everything back. (Making adjustments as needed for stuff like py-setuptools vs. py-distribute, which I've been doing a lot lately.) It is not possible to say enough good things about poudriere. It makes these problems go away. pkgng is also fantastic, though I will admit the inability to preserve shared libraries causes a lot of chaos every now and then if you have any binaries on your system *not* built from ports. Like the ones that do whatever your system actually *does* besides sit there and accrue uptime. The change from 5.14.x to 5.14 for the directory structure threw me for a loop (though overall I think it is a good change). That said, I can certainly see why somebody not using poudriere could be made miserable by it. If I understand it correctly, part of the rationale for the change was to make life better for those people in the future, because perl can't find Simple::XML because perl is 5.14.4 and Simple::XML is installed in the 5.14.3 directory is pretty maddening too. Many of us have probably been there; I certainly have. Long story short, poudriere is the only tool I've found with dependency tracking smart and patient enough to simply pave over those issues by rebuilding everything affected, then pkg is smart enough to reinstall everything affected just because a dependency changed. So while I too can sympathize with the frustration, and I know change sucks, and piling more change on top of that by switching from postmaster to poudriere when things used to mostly work sounds very unappealing. It is worth it! Add an additional exclamation point for each environment or system past one you manage with the same architecture, OS version, and package settings. Good luck! From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 18:32:33 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C3FF8902; Thu, 1 Aug 2013 18:32:33 +0000 (UTC) (envelope-from bsd-lists@1command.com) Received: from udns.ultimateDNS.NET (ultimatedns.net [209.180.214.225]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 94A192343; Thu, 1 Aug 2013 18:32:33 +0000 (UTC) Received: from udns.ultimateDNS.NET (localhost [127.0.0.1]) by udns.ultimateDNS.NET (8.14.5/8.14.5) with ESMTP id r71IWqYJ021044; Thu, 1 Aug 2013 11:32:58 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: (from www@localhost) by udns.ultimateDNS.NET (8.14.5/8.14.5/Submit) id r71IWk0W021040; Thu, 1 Aug 2013 11:32:46 -0700 (PDT) (envelope-from bsd-lists@1command.com) Received: from udns.ultimatedns.net ([209.180.214.225]) (UDNSMS authenticated user chrish) by ultimatedns.net with HTTP; Thu, 1 Aug 2013 11:32:47 -0700 (PDT) Message-ID: In-Reply-To: <51FA8BED.3060103@missouri.edu> References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <51FA8BED.3060103@missouri.edu> Date: Thu, 1 Aug 2013 11:32:47 -0700 (PDT) Subject: Re: Please remove Perl from ports From: "Chris H" To: "Stephen Montgomery-Smith" User-Agent: UDNSMS/2.0.3 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-stable , freebsd-perl X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 18:32:33 -0000 Greetings Stephen, and thank you for your thoughtful reply. > On 08/01/2013 10:31 AM, Chris H wrote: > >> So, in the end; why did Perl have to be relocated? Is my only >> recourse at this point to >> # cd / >> # rm -rf . > > When I get into this kind of bad situation, I usually do something > slightly less drastic: > # pkg_delete -a > # find -d /usr/local -type d -exec rmdir {} \; > This last command removes empty directories in /usr/local (it also > produces lots of error messages when it tries to remove non-empty > directories). Then I look through the contents of /usr/local, > especially if there is anything in /usr/local/etc or /usr/local/libexec > where some of my manually changed configuration files reside. And then > I delete any crud left over that I know I don't need. > > After that, I rebuild all the ports from scratch. > > Finally, I do understand why you feel the need to vent, and I don't want > to belittle your feelings of frustration. But I do think everyone is > trying their best. I believe this for the most part, as well. Being, and having been involved in a vast multitude of large projects, over the years. Has given me a keen understanding of all the burdens, one can come to expect. The many, many hours w/o sleep. The seemingly never ending stress that comes from frequently running right up to, or beyond deadlines. Having to greet rabid users with a calm tone, and a smile. As such, and with the nearly 30yrs. using *BSD, I have come to expect quite a bit more, than I have experienced, in recent months. Make no mistake; I have no intention of throwing the baby out w/ the bath water here. But *recent* changes have given me cause for alarm. That the BSD I have come to know, love, and greatly depend on. Is becoming something *quite* different. And if I don't say something, how will those the make the changes know what their user base thinks? How will they know what affects those changes has on them? Frankly, I *still* have no idea why it was _so_ important to change the install structure for Perl on FreeBSD. That the (possible) outcome of such a change, should have little, no concern. I can assure you, I am not an edge case. My first (recent) up(grade|date) experience caused me great pain. I spent much time in the forums helping others. Sharing solutions I have found. In fact, I try to spend as much time, as I can, helping others in forums, with their (FreeBSD related) problems. > I like to tell people that running FreeBSD or Linux > is like owning a souped up sports car - usually it runs really well, but > it often needs a lot of attention. (Windows is like driving a cheap car > that breaks down all the time, but engine is designed in such a way as > to be totally inaccessible with regards to repairs. And Apple is like > driving a BMW - it mostly works well but you pay a lot for it.) Easy does it. You're treading on shaky ground here. ;) I'm rather fond of my 735i, and I couldn't imagine life w/o it. In fact, I'm looking to replace the OBC with a FreeBSD powered version -- assuming the dust from recent events, settles down. :) Best wishes, and thanks again for your reply. --chris > > From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 19:22:25 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 2E5326B7; Thu, 1 Aug 2013 19:22:25 +0000 (UTC) (envelope-from marius@alchemy.franken.de) Received: from alchemy.franken.de (alchemy.franken.de [194.94.249.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id BA40C2611; Thu, 1 Aug 2013 19:22:24 +0000 (UTC) Received: from alchemy.franken.de (localhost [127.0.0.1]) by alchemy.franken.de (8.14.7/8.14.7/ALCHEMY.FRANKEN.DE) with ESMTP id r71JMMbh000541; Thu, 1 Aug 2013 21:22:22 +0200 (CEST) (envelope-from marius@alchemy.franken.de) Received: (from marius@localhost) by alchemy.franken.de (8.14.7/8.14.7/Submit) id r71JMMk4000540; Thu, 1 Aug 2013 21:22:22 +0200 (CEST) (envelope-from marius) Date: Thu, 1 Aug 2013 21:22:22 +0200 From: Marius Strobl To: Adrian Chadd Subject: Re: i386/179112: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems Message-ID: <20130801192222.GV56034@alchemy.franken.de> References: <201308011322.r71DMlPO089919@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-stable@freebsd.org, msa@latt.net X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 19:22:25 -0000 On Thu, Aug 01, 2013 at 07:48:21AM -0700, Adrian Chadd wrote: > Did the kmem_size_scale parameter get changed too? Not AFAICT. > > Did you test this on 128mb or 256mb of RAM (in a VM will do) to see if > you still panic shortly after boot? Yup; I've built a snapshot from r253860 which can be downloaded here: http://people.freebsd.org/~marius/re/FreeBSD-9.2-BETA2-i386/ and installs fine here in a VM having 128 MB of RAM. > Doing any kind of file/net IO > quickly leads to death. That's a very vague description of a test case. At least extracting the six release tarballs is no longer a problem, though. Marius From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 19:40:03 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 850A7CB7 for ; Thu, 1 Aug 2013 19:40:03 +0000 (UTC) (envelope-from rainer@ultra-secure.de) Received: from mail.ultra-secure.de (mail.ultra-secure.de [78.47.114.122]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C649026E9 for ; Thu, 1 Aug 2013 19:40:02 +0000 (UTC) Received: (qmail 57786 invoked by uid 89); 1 Aug 2013 19:36:10 -0000 Received: from unknown (HELO linux-wb36.example.org) (rainer@ultra-secure.de@217.71.83.52) by mail.ultra-secure.de with ESMTPA; 1 Aug 2013 19:36:10 -0000 Date: Thu, 1 Aug 2013 21:36:05 +0200 From: Rainer Duffner To: "Chris H" Subject: Re: Please remove Perl from ports Message-ID: <20130801213605.5043fc25@linux-wb36.example.org> In-Reply-To: References: <622977670ec4e80b844c5c6c978ae6f6.authenticated@ultimatedns.net> <51FA8BED.3060103@missouri.edu> X-Mailer: Claws Mail 3.7.10 (GTK+ 2.24.7; i586-suse-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 19:40:03 -0000 Am Thu, 1 Aug 2013 11:32:47 -0700 (PDT) schrieb "Chris H" : > Greetings Stephen, and thank you for your thoughtful reply. > > On 08/01/2013 10:31 AM, Chris H wrote: > > > >> So, in the end; why did Perl have to be relocated? Is my only > >> recourse at this point to > >> # cd / > >> # rm -rf . > > > > When I get into this kind of bad situation, I usually do something > > slightly less drastic: > > # pkg_delete -a > > # find -d /usr/local -type d -exec rmdir {} \; > > This last command removes empty directories in /usr/local (it also > > produces lots of error messages when it tries to remove non-empty > > directories). Then I look through the contents of /usr/local, > > especially if there is anything in /usr/local/etc > > or /usr/local/libexec where some of my manually changed > > configuration files reside. And then I delete any crud left over > > that I know I don't need. > > > > After that, I rebuild all the ports from scratch. > > > > Finally, I do understand why you feel the need to vent, and I don't > > want to belittle your feelings of frustration. But I do think > > everyone is trying their best. > I believe this for the most part, as well. Being, and having been > involved in a vast multitude of large projects, over the years. Has > given me a keen understanding of all the burdens, one can come to > expect. The many, many hours w/o sleep. The seemingly never ending > stress that comes from frequently running right up to, or beyond > deadlines. Having to greet rabid users with a calm tone, and a smile. > As such, and with the nearly 30yrs. using *BSD, I have come to expect > quite a bit more, than I have experienced, in recent months. Make no > mistake; I have no intention of throwing the baby out w/ the bath > water here. But *recent* changes have given me cause for alarm. That > the BSD I have come to know, love, and greatly depend on. Is becoming > something *quite* different. And if I don't say something, how will > those the make the changes know what their user base thinks? How will > they know what affects those changes has on them? Frankly, I *still* > have no idea why it was _so_ important to change the install > structure for Perl on FreeBSD. I don't know either (I've yet switch-over allmost all my systems), but I do believe that with the availability of pkgng, users who don't use it are in for a _very_ rough ride. It's not written out anywhere (TTBOMK), but the writing is on the wall. That said, I honestly think that without pkgng, we ($work) would have to ditch FreeBSD almost completely - simply because "/usr/sbin/pkg_*" are useless once the number of systems you have outnumbers the number of fingers on one hand. While a case can be made that a lot of the problems can be scripted around, a similar case can be made that all of it *just works* in Ubuntu-land - and that even relieves you of the "burden" to build the packages via poudriere (which is quite a bit of work, if you try to bring some sense of API-stability to your systems by not just svn up'ing ports every day and building that). Transisition to pkgng has been very smooth for us, BTW. From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 20:20:31 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 96DB65CE; Thu, 1 Aug 2013 20:20:31 +0000 (UTC) (envelope-from msa@latt.net) Received: from puck.nether.net (puck.nether.net [IPv6:2001:418:3f4::5]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 49A9328E1; Thu, 1 Aug 2013 20:20:31 +0000 (UTC) Received: from puck.nether.net (localhost [127.0.0.1]) by puck.nether.net (8.14.7/8.14.5) with ESMTP id r71KGhMr002422 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 1 Aug 2013 16:16:44 -0400 Received: (from majdi@localhost) by puck.nether.net (8.14.7/8.14.7/Submit) id r71KGgu4002419; Thu, 1 Aug 2013 16:16:42 -0400 X-Authentication-Warning: puck.nether.net: majdi set sender to msa@latt.net using -f Date: Thu, 1 Aug 2013 16:16:42 -0400 From: "Majdi S. Abbas" To: Marius Strobl Subject: Re: i386/179112: 9.1 installer panics with a kmem_malloc() failure on i386 embedded systems Message-ID: <20130801201640.GA25247@puck.nether.net> References: <201308011322.r71DMlPO089919@freefall.freebsd.org> <20130801192222.GV56034@alchemy.franken.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20130801192222.GV56034@alchemy.franken.de> X-Message-Flag: Follow up User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.1 (puck.nether.net [127.0.0.1]); Thu, 01 Aug 2013 16:16:44 -0400 (EDT) Cc: Adrian Chadd , freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 20:20:31 -0000 On Thu, Aug 01, 2013 at 09:22:22PM +0200, Marius Strobl wrote: > That's a very vague description of a test case. At least extracting > the six release tarballs is no longer a problem, though. If it helps any, it'd usually panic when expanding base.tgz during the install. Failing that, src. You can't predict which large file would do it, but without both parameters set, it would fail 100% of the time. However, it's possible that removing CTL from GENERIC frees up enough RAM for it to squeak by with no other changes. 64M would be an interesting test case. Here's what one of the panics looked like: FreeBSD Installer Archive Extraction base.txz [ 57% ] kernel.txz [ Pending ]panic: kmem_malloc( 4096): kmem_map too small: 38060032 total allocated cpuid = 0 Extracting distribution files... KDB: stack backtrace: #0 0xc0af3aff at kdb_backtrace+0x4fss #1 0xc0ac052f at panic+0x16f 53% #2 0xc0d2caea at kmem_malloc+0x28a #3 0xc0d202b7 at page_alloc+0x27 #4 0xc0d22bca at keg_alloc_slab+0x10a #5 0xc0d23164 at keg_fetch_slab+0xd4 #6 0xc0d234ec at zone_fetch_slab+0x4c #7 0xc0d24ade at uma_zalloc_arg+0x4ae #8 0xc0aab29a at malloc+0x5a #9 0xc0ce922a at newjsegdep+0x2a #10 0xc0cf5a89 at newjaddref+0x69 #11 0xc0cf5b16 at softdep_setup_inomapdep+0x56 #12 0xc0cd9398 at ffs_nodealloccg+0x728 #13 0xc0cd3d91 at ffs_hashalloc+0x41 #14 0xc0cd8913 at ffs_valloc+0x4a3 #15 0xc0d15c14 at ufs_makeinode+0xa4 #16 0xc0d164a0 at ufs_create+0x30 #17 0xc0e48412 at VOP_CREATE_APV+0x42 Uptime: 8m5s Automatic reboot in 15 seconds - press a key on the console to abort --> Press a key on the console to reboot, --> or switch off the system now. --msa From owner-freebsd-stable@FreeBSD.ORG Thu Aug 1 21:09:33 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3752F1E8 for ; Thu, 1 Aug 2013 21:09:33 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9BEBA2A9A for ; Thu, 1 Aug 2013 21:09:32 +0000 (UTC) Received: (qmail 15513 invoked from network); 1 Aug 2013 21:56:06 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 1 Aug 2013 21:56:06 -0000 Message-ID: <51FACE73.90707@freebsd.org> Date: Thu, 01 Aug 2013 23:09:07 +0200 From: Andre Oppermann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Mike Tancsa Subject: Re: Listen queue overflow References: <51FA750C.50502@sentex.net> In-Reply-To: <51FA750C.50502@sentex.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-STABLE Mailing List X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Aug 2013 21:09:33 -0000 On 01.08.2013 16:47, Mike Tancsa wrote: > After upgrading from a RELENG9 kernel from June 18th to July 27th, I am > seeing this odd new message. Is this a new bug, or just a new > diagnostic message ? I am guessing it happened after r253035 ? > > > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance This message tells you that your daemon listening on that protocol control block isn't keeping up with accepting new messages and each time one of these lines appears the kernel had to reject a connection attempt (RST) because of too many connections already waiting in the listen queue. The only unusual thing here is the low listen queue size of only 8 connection attempts. The default kernel value is about 20 times as many. Have you or your application changed it manually? -- Andre > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > > ---Mike > From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 06:36:16 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 080CAC73 for ; Fri, 2 Aug 2013 06:36:16 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4243A26C2 for ; Fri, 2 Aug 2013 06:36:14 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r726aAMW087326 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Aug 2013 08:36:10 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r726aAkA087323; Fri, 2 Aug 2013 08:36:10 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Fri, 2 Aug 2013 08:36:10 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: J David Subject: Re: Problem with zfsloader on 9.2-BETA2 In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-1620627380-1375425370=:90799" X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 06:36:16 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-1620627380-1375425370=:90799 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT On Wed, 31 Jul 2013 12:12-0400, J David wrote: > On Wed, Jul 31, 2013 at 5:20 AM, Trond Endrestl > wrote: > > I'm curious as to why you use da?p1 as the freebsd-zfs partitions. > > Those are whole-disk partitions. > > > Where does the freebsd-boot partition reside? da?p2? > > Only the log and cache disks have boot and swap partitions. > > > What does the "gpart show" command tell you? > > $ gpart show > => 34 63078333 da0 GPT (30G) > 34 128 1 freebsd-boot (64k) > 162 4194304 2 freebsd-swap (2.0G) > 4194466 58883901 3 freebsd-zfs (28G) > > => 34 62499933 da1 GPT (29G) > 34 128 1 freebsd-boot (64k) > 162 4194304 2 freebsd-swap (2.0G) > 4194466 58305501 3 freebsd-zfs (27G) > > => 34 1953525101 da2 GPT (931G) > 34 222 - free - (111k) > 256 1953508495 1 freebsd-zfs (931G) > 1953508751 16384 9 !6a945a3b-1dd2-11b2-99a6-080020736631 (8.0M) > > da3 - da7 are identical to da2. > > So maybe it's a little weird that our boot blocks are on our > ZLOG/L2ARC devices, rather than our data devices? > > But since gptloader (and the old zfsloader) handle this just fine. > > > I'll let you know how well I fared. > > Thanks! Due to the limitations of VirtualBox, I had to modify my experiment slightly. Instead of using 8 virtual drives as I had originally planned, I had to cut things down to 4 disks and mirrored configuration rather than raidz2. VirtualBox' BIOS makes only the four first drives visible to the boot loaders, even on VBox 4.2.16. I erected GPT on all four drives, all of size 20G. I made da0p1 and da1p1 into freebsd-boot partitions, both of size 128K, the largest size currently permitted by the boot loaders. da0p2 and da1p2 was made into freebsd-swap partitions, each of size 4G. da0p3 and da1p3 became freebsd-zfs partitions using the remaining free space, 16G. da{2,3}p1 became whole-disk freebsd-zfs partitions. The pool data was created using this configuration: zpool create -O checksum=fletcher4 -O mountpoint=legacy -o cachefile=/tmp/zpool.cache data mirror da2p1 da3p1 log da0p3 cache da1p3 The cache file is probably superfluous by now, but out of old habit I sticked to it. The pool was then filled with the ZFS layout I use nowadays: data/ROOT (legacy) data/ROOT/20130602-r251259 (inherited) data/home (/home) data/tmp (/tmp) data/usr (inherited) data/usr/compat (inherited) data/usr/compat/linux (/usr/compat/linux) data/usr/local (/usr/local) data/usr/local/certs (inherited) data/usr/local/etc (inherited) data/usr/local/pgsql (inherited) data/usr/local/www (inherited) data/usr/obj (/usr/obj) data/usr/ports (/usr/ports) data/usr/ports/distfiles (inherited) data/usr/ports/packages (inherited) data/usr/ports/workdirs (inherited) data/usr/src (/usr/src) data/var (/var) data/var/backups (inherited) data/var/crash (inherited) data/var/db (inherited) data/var/db/mysql (inherited) data/var/db/pkg (inherited) data/var/db/ports (inherited) data/var/empty (inherited) data/var/log (inherited) data/var/mail (inherited) data/var/named (inherited) data/var/run (inherited) data/var/tmp (inherited) The final mountpoints are shown in brackets, I used temporary mountpoints rooted at /tmp/zroot during installation from the DVD image. Next, I installed 8.4-RELEASE onto data/ROOT/20130602-r251259 and used the boot blocks from /dist/boot on the DVD, updated the bootfs property, and rebooted. I got hold of stable/8, compiled world and kernel, installed this onto a separate boot environment, data/ROOT/20130801-r253856, a clone of the previous BE. I updated the boot blocks with pmbr and gptzfsboot from the new BE, updated the bootfs property, and rebooted. So far, so good. Next, I got hold of stable/9, nuked /usr/obj/*, compiled world and kernel, installed this onto a new BE, data/ROOT/20130801-r253863, a clone of the preceeding BE, updated the boot blocks from the new BE, updated the bootfs property, and rebooted. Still worked like a charm. This experiment could be invalid as I used mirror instead of raidz2, and because I updated the boot blocks at every step. I'll try the 8.4-R -> 9.2-BETA2 route later this afternoon, and avoid updating the boot blocks with the ones from 9.2-BETA2. That leaves the raidz2 configuration unexplored. -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestl, | Trond Endrestl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-1620627380-1375425370=:90799-- From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 10:21:11 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8EB75C40 for ; Fri, 2 Aug 2013 10:21:11 +0000 (UTC) (envelope-from mail25@bzerk.org) Received: from eris.bzerk.org (unknown [IPv6:2001:980:18dd:1:192:168:179:45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 041222FBC for ; Fri, 2 Aug 2013 10:21:10 +0000 (UTC) Received: from eris.bzerk.org (BOFH@localhost [127.0.0.1]) by eris.bzerk.org (8.14.6/8.14.5) with ESMTP id r72AL01M011202 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Aug 2013 10:21:01 GMT (envelope-from mail25@bzerk.org) Received: (from bulk@localhost) by eris.bzerk.org (8.14.6/8.14.6/Submit) id r72AL0tQ011201; Fri, 2 Aug 2013 10:21:00 GMT (envelope-from mail25@bzerk.org) X-Authentication-Warning: eris.bzerk.org: bulk set sender to mail25@bzerk.org using -f Date: Fri, 2 Aug 2013 10:21:00 +0000 From: Ruben de Groot To: Pavel Timofeev Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 Message-ID: <20130802102100.GA11138@eris.bzerk.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-11.0 required=5.0 tests=ALL_TRUSTED,AUTHD_RELAY autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eris.bzerk.org Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 10:21:11 -0000 On Wed, Jul 31, 2013 at 04:54:08PM +0400, Pavel Timofeev typed: > I've just installed new fresh 9.2-BETA2 amd64 on another machine. > Same behaviour - Sendmail asks DNS only for AAAA record of mx server. > We don't use IPv6 in our company. > > 2013/7/31 Pavel Timofeev : > > I wanted to say that sendmail asks only AAAA (IPv6) record of mx > > server, but not A (IPv4). > > Any ideas? > > > > 2013/7/31 Pavel Timofeev : > >> Looks like my sendmail uses only IPv6 to resolve mx server dns name to > >> ip address. > >> > >> 14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain: > >> 53417+ AAAA? xxx.ru. (24) > >> [13/98] > >> 14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032: > >> 53417* 0/1/0 (75) > >> 14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain: > >> 53418+ A? xxx.ru. (24) Here it is definately asking an A record. > >> 14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299: > >> 53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A > >> 192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19 > >> (136) And here is the reply. The quetion is more why is it repeating the same query (below) over and over. Ruben > >> 14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain: > >> 53419+ MX? xxx.ru. (24) > >> 14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244: > >> 53419* 1/0/1 MX kalmar.xxx.ru. 10 (63) > >> 14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain: > >> 53420+ AAAA? kalmar.xxx.ru. (31) > >> 14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461: > >> 53420* 0/1/0 (82) > >> 14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain: > >> 53421+ AAAA? kalmar.xxx.ru. (31) > >> 14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332: > >> 53421* 0/1/0 (82) > >> 14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain: > >> 53422+ AAAA? kalmar. (24) > >> 14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453: > >> 53422 ServFail 0/0/0 (24) > >> 14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain: > >> 53422+ AAAA? kalmar. (24) > >> 14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038: > >> 53422 ServFail 0/0/0 (24) > >> 14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain: > >> 53423+ AAAA? kalmar.xxx.ru. (31) > >> 14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393: > >> 53423* 0/1/0 (82) > >> 14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain: > >> 53424+ AAAA? kalmar. (24) > >> 14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558: > >> 53424 ServFail 0/0/0 (24) > >> 14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain: > >> 53424+ AAAA? kalmar. (24) > >> 14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297: > >> 53424 ServFail 0/0/0 (24) > >> > >> How to force it to use IPv4? > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 12:15:28 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B8F1A7B1; Fri, 2 Aug 2013 12:15:28 +0000 (UTC) (envelope-from patfbsd@davenulle.org) Received: from smtp.lamaiziere.net (net.lamaiziere.net [94.23.254.147]) by mx1.freebsd.org (Postfix) with ESMTP id 046B22437; Fri, 2 Aug 2013 12:15:28 +0000 (UTC) Received: from mr129166.localdomain (mr129166.cri.univ-rennes1.fr [129.20.129.166]) by smtp.lamaiziere.net (Postfix) with ESMTPA id 835325611; Fri, 2 Aug 2013 14:15:26 +0200 (CEST) Received: from mr129166 (localhost [127.0.0.1]) by mr129166.localdomain (Postfix) with ESMTP id 2143A1449; Fri, 2 Aug 2013 14:15:26 +0200 (CEST) Date: Fri, 2 Aug 2013 14:15:25 +0200 From: Patrick Lamaiziere To: freebsd-stable@freebsd.org, Baptiste Daroussin Subject: Re: java (openjdk6) segfaults when built with 9-stable clang Message-ID: <20130802141525.0c328d1c@mr129166> In-Reply-To: <20130725220550.GR61207@ithaqua.etoilebsd.net> References: <51EF9574.6090007@tzim.net> <20130725220550.GR61207@ithaqua.etoilebsd.net> X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd9.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 12:15:28 -0000 Le Fri, 26 Jul 2013 00:05:50 +0200, Baptiste Daroussin a crit : Hi all, Baptiste, > > Hi > > > > I recently upgraded my home NAS from 9.1-RELEASE to 9-stable > > (r253470 (9.2-BETA1)) > > > > I also upgraded my poudriere building jail. Since then, > > multimedia/xbmc port fails to build in configure stage : java > > segfaults (sig11). I use WITH_CLANG_IS_CC=YES, for world and > > build-jails. > > > > I found following workarounds: > > - use previously (with 9.1-RELEASE world and clang) build > > openjdk6 pkg (same version). > > - use USE_GCC=YES for java port. > > > > It's the only one place I use java (openjdk6-b27_4). So I cannot > > say if java works otherwise. > > > > Is this a java or clang bug ? > > > > Here is the bug > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6636110 > > Fixed in b27_6 Hmm, Isn't Openjdk7 affected too ? http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=2219304 Someone complains on the FreeBSD forums for openjdk7, I think it needs to be patched too. http://forums.freebsd.org/showthread.php?t=41181 Thanks, regards, From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 12:35:27 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8AAA09A4; Fri, 2 Aug 2013 12:35:27 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1-6.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3D09B24CC; Fri, 2 Aug 2013 12:35:27 +0000 (UTC) Received: from [192.168.43.26] (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.5/8.14.5) with ESMTP id r72CZQQ8039835; Fri, 2 Aug 2013 08:35:26 -0400 (EDT) (envelope-from mike@sentex.net) Message-ID: <51FBA77B.7010307@sentex.net> Date: Fri, 02 Aug 2013 08:35:07 -0400 From: Mike Tancsa Organization: Sentex Communications User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: Andre Oppermann Subject: Re: Listen queue overflow References: <51FA750C.50502@sentex.net> <51FACE73.90707@freebsd.org> In-Reply-To: <51FACE73.90707@freebsd.org> X-Enigmail-Version: 1.4.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.72 on 64.7.153.18 Cc: FreeBSD-STABLE Mailing List X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 12:35:27 -0000 On 8/1/2013 5:09 PM, Andre Oppermann wrote: > On 01.08.2013 16:47, Mike Tancsa wrote: >> After upgrading from a RELENG9 kernel from June 18th to July 27th, I am >> seeing this odd new message. Is this a new bug, or just a new >> diagnostic message ? I am guessing it happened after r253035 ? >> >> >> sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in >> queue awaiting acceptance > > This message tells you that your daemon listening on that protocol control > block isn't keeping up with accepting new messages and each time one of > these > lines appears the kernel had to reject a connection attempt (RST) > because of > too many connections already waiting in the listen queue. > > The only unusual thing here is the low listen queue size of only 8 > connection > attempts. The default kernel value is about 20 times as many. Have you or > your application changed it manually? > Not knowingly. The odd thing is that happened at exactly 9am 2 days in a row. I dont schedule anything on the box for that time Jul 29 09:00:00 backup3 kernel: sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance Jul 29 09:00:00 backup3 last message repeated 3 times Jul 30 09:00:00 backup3 kernel: sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in queue awaiting acceptance Jul 30 09:00:00 backup3 last message repeated 5 times Seems a bit coincidental. Box is AMD64 9.2-BETA2 FreeBSD 9.2-BETA2 #0 r253707: Its a backup server. It does outbound rsync, but that wasnt running at the times of the errors. No unusual inbound traffic at those times. Its also running radium, to connect to a number of argus sensors, but those are outbound connections. /etc/sysctl.conf net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.recvspace=131072 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.sendspace=32768 net.inet.udp.recvspace=65536 kern.ipc.somaxconn=1024 net.inet.ip.redirect=0 net.inet.ip.intr_queue_maxlen=4096 net.route.netisr_maxqlen=1024 kern.ipc.nmbclusters=262144 vfs.ufs.dirhash_maxmem=8097152 vfs.read_min=2 As well as nfs, it also runs samba for windows backups. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 12:55:05 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7C6A2DA9 for ; Fri, 2 Aug 2013 12:55:05 +0000 (UTC) (envelope-from gpalmer@freebsd.org) Received: from mail.in-addr.com (unknown [IPv6:2001:470:8:162::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4F5992584 for ; Fri, 2 Aug 2013 12:55:05 +0000 (UTC) Received: from gjp by mail.in-addr.com with local (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1V5Esm-000FO4-GM; Fri, 02 Aug 2013 08:55:00 -0400 Date: Fri, 2 Aug 2013 08:54:59 -0400 From: Gary Palmer To: Mike Tancsa Subject: Re: Listen queue overflow Message-ID: <20130802125459.GA52064@in-addr.com> References: <51FA750C.50502@sentex.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <51FA750C.50502@sentex.net> X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: gpalmer@freebsd.org X-SA-Exim-Scanned: No (on mail.in-addr.com); SAEximRunCond expanded to false Cc: FreeBSD-STABLE Mailing List X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 12:55:05 -0000 On Thu, Aug 01, 2013 at 10:47:40AM -0400, Mike Tancsa wrote: > After upgrading from a RELENG9 kernel from June 18th to July 27th, I am > seeing this odd new message. Is this a new bug, or just a new > diagnostic message ? I am guessing it happened after r253035 ? > > > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance > sonewconn: pcb 0xfffffe001ac76930: Listen queue overflow: 8 already in > queue awaiting acceptance If you run netstat -naA | grep fffffe001ac76930 you should be able to identify which socket is producing the warning messages. That should give you a better understanding of what is triggering the messages Regards, Gary From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 14:29:35 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CAD52782; Fri, 2 Aug 2013 14:29:35 +0000 (UTC) (envelope-from c.kworr@gmail.com) Received: from mail-la0-x22a.google.com (mail-la0-x22a.google.com [IPv6:2a00:1450:4010:c03::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1FA19294E; Fri, 2 Aug 2013 14:29:34 +0000 (UTC) Received: by mail-la0-f42.google.com with SMTP id mf11so482676lab.29 for ; Fri, 02 Aug 2013 07:29:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=GPjFkPFuqcyyofH7B/DVcb4qspV8bAD+S/kNzJ+ebsU=; b=H4B4Yhq4MzYNSQJo8oHxJ6kl6qTGcGpu5m1HwjJqMMjE6qFPPUe94OHsa34U0AwY9D /pTvxjE8BaG9FwOscOBsjEsTwSLV0/gfR0F0UdvmXYUSsiJeIevIwVQbTcRMZtTG6RnG +tzmGyuAzdXH/88DFTWMZNBNiSRYGLkqV12MzImc7caVJ+cLpchL/U+eHiDk69bR8mwD b6ZuoveVt0z074WZyFWKcBqCUd8bPrk7YYUSVgxsFYVBMLcMBf8m1qHOX9ylDoNOO7zU H2+pRLJlHfbEi6cIJNEdOCd4J4MAtqgfnJCGiUvQPYA+UPgXIv3cR6azNO7MwNsoAfcG jhbQ== X-Received: by 10.112.219.102 with SMTP id pn6mr3685320lbc.18.1375453772938; Fri, 02 Aug 2013 07:29:32 -0700 (PDT) Received: from [192.168.1.125] (mau.donbass.com. [92.242.127.250]) by mx.google.com with ESMTPSA id m1sm3443967lag.3.2013.08.02.07.29.31 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 02 Aug 2013 07:29:32 -0700 (PDT) Message-ID: <51FBC24B.5030609@gmail.com> Date: Fri, 02 Aug 2013 17:29:31 +0300 From: Volodymyr Kostyrko User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130802 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> In-Reply-To: <51ED5B69.8050200@wasikowski.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 14:29:35 -0000 22.07.2013 19:18, Łukasz Wąsikowski wrote: > I've got a problem with booting zfs-on-root FreeBSD 9.2-PRERELEASE. I'm > getting: > > ZFS: i/o error - all block copies unavailable > ZFS: can't read MOS of pool klawisz > gptzfsboot: failed to mount default pool klawisz > > Machine is VM running under KVM on Proxmox 2.3-13. VM has 8 GB of RAM, > 400 GB of local storage with SCSI Controller type: Default (lsi). > > I'm not sure what I did to make this VM unbootable. I've installed > 9.2-PRERELEASE, did source based upgrade to r253470, mergemaster, > reinstalled bootcode and rebooted. To this point VM was bootable. > > Then I did installworld from /usr/src to ezjail's basejail (ezjail-admin > update -i), did mergemaster for jails, install some ports - none of this > should mess with booting. I rebooted VM and got unbootable system. > > When I boot from liveCD I can import this pool (scrub shows no errors), > mount it, chroot to it, and work with it. I just can't get it to boot. > > Some information about the system: > http://pastie.org/private/mtfhkx0wx0vve29xn0plw > > I've tried to downgrade to r252316 - no luck, system is still unbootable. > > Any hints how to go from here? First, how did you update bootcode? `ls -la /boot` also wood help. Second, what is your /etc/make.conf and /etc/src.conf? -- Sphinx of black quartz, judge my vow. From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 14:40:36 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id AB40FD03; Fri, 2 Aug 2013 14:40:36 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 674B12A1B; Fri, 2 Aug 2013 14:40:36 +0000 (UTC) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (Postfix) with ESMTP id 63CE12834; Fri, 2 Aug 2013 16:40:33 +0200 (CEST) X-Virus-Scanned: amavisd-new at wasikowski.net Received: from mail.wasikowski.net ([IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (scan.wasikowski.net [IPv6:2001:6a0:1cb::b]) (amavisd-new, port 10026) with ESMTP id uCk0dhE-sdeN; Fri, 2 Aug 2013 16:40:33 +0200 (CEST) Received: from [192.168.138.150] (83-144-115-210.static.chello.pl [83.144.115.210]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.wasikowski.net (Postfix) with ESMTPSA id 34AF42830; Fri, 2 Aug 2013 16:40:32 +0200 (CEST) Message-ID: <51FBC4DC.4090506@wasikowski.net> Date: Fri, 02 Aug 2013 16:40:28 +0200 From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Volodymyr Kostyrko Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> In-Reply-To: <51FBC24B.5030609@gmail.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 14:40:36 -0000 W dniu 2013-08-02 16:29, Volodymyr Kostyrko pisze: > 22.07.2013 19:18, Łukasz Wąsikowski wrote: >> I've got a problem with booting zfs-on-root FreeBSD 9.2-PRERELEASE. I'm >> getting: >> >> ZFS: i/o error - all block copies unavailable >> ZFS: can't read MOS of pool klawisz >> gptzfsboot: failed to mount default pool klawisz >> >> Machine is VM running under KVM on Proxmox 2.3-13. VM has 8 GB of RAM, >> 400 GB of local storage with SCSI Controller type: Default (lsi). >> >> I'm not sure what I did to make this VM unbootable. I've installed >> 9.2-PRERELEASE, did source based upgrade to r253470, mergemaster, >> reinstalled bootcode and rebooted. To this point VM was bootable. >> >> Then I did installworld from /usr/src to ezjail's basejail (ezjail-admin >> update -i), did mergemaster for jails, install some ports - none of this >> should mess with booting. I rebooted VM and got unbootable system. >> >> When I boot from liveCD I can import this pool (scrub shows no errors), >> mount it, chroot to it, and work with it. I just can't get it to boot. >> >> Some information about the system: >> http://pastie.org/private/mtfhkx0wx0vve29xn0plw >> >> I've tried to downgrade to r252316 - no luck, system is still unbootable. >> >> Any hints how to go from here? > > First, how did you update bootcode? `ls -la /boot` also wood help. > > Second, what is your /etc/make.conf and /etc/src.conf? I'm updating bootcode with: gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0 /etc/src.conf doesn't exist (I'm using GENERIC kernel on this VM) /etc/make.conf - http://pastebin.com/QapEWzfJ -- best regards, Lukasz Wasikowski From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 14:49:26 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 0DB5B18B; Fri, 2 Aug 2013 14:49:26 +0000 (UTC) (envelope-from c.kworr@gmail.com) Received: from mail-la0-x229.google.com (mail-la0-x229.google.com [IPv6:2a00:1450:4010:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 579CA2A88; Fri, 2 Aug 2013 14:49:25 +0000 (UTC) Received: by mail-la0-f41.google.com with SMTP id ec20so511192lab.28 for ; Fri, 02 Aug 2013 07:49:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=nvTLD1eQb2Xc2MWScbYWZtcKq17Q8s9UYWN0WKDD/Do=; b=TrS70D0qOj+gxc4OFFCwNhLwFnoa8j4HiSRHkHbakr+Qp6furHq5rHlTzZo0onm8JV YOrWKftjhzqdggZZtuhbjqkllViXOBQknshZGZLgcE/ZHZ38JxNEWaEIARwl4jr4UMZI zsplU2qbUie+wbGE7VTV0PyMfhcZjXTi3fpIPbEDZ66q+7b/J1H6Vt7MH7Y9Q3LwHu3l jSrAAjKeBDw1PMWsJ9baBpJ50JRZ2jV4JymYifESUMsSumYPwdZgjv/BOBCjshBgOWvh XNWfuv+tJXBPLJgIL2UnWG3OKSQher3RnFATnXiupG+ZtGOhoN2nlJgy1N0ouZ86w+AR VqbQ== X-Received: by 10.152.29.161 with SMTP id l1mr3222059lah.17.1375454963185; Fri, 02 Aug 2013 07:49:23 -0700 (PDT) Received: from [192.168.1.125] (mau.donbass.com. [92.242.127.250]) by mx.google.com with ESMTPSA id j1sm3466250lag.4.2013.08.02.07.49.22 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 02 Aug 2013 07:49:22 -0700 (PDT) Message-ID: <51FBC6F1.9030408@gmail.com> Date: Fri, 02 Aug 2013 17:49:21 +0300 From: Volodymyr Kostyrko User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130802 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> <51FBC4DC.4090506@wasikowski.net> In-Reply-To: <51FBC4DC.4090506@wasikowski.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 14:49:26 -0000 02.08.2013 17:40, Łukasz Wąsikowski wrote: >>> Any hints how to go from here? >> >> First, how did you update bootcode? `ls -la /boot` also wood help. >> >> Second, what is your /etc/make.conf and /etc/src.conf? > > I'm updating bootcode with: > > gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0 > > /etc/src.conf doesn't exist (I'm using GENERIC kernel on this VM) > /etc/make.conf - http://pastebin.com/QapEWzfJ > Looks good. Can you also try what Trond suggests about boot order? You can also list your boot fs in /boot/loader.conf like vfs.root.mountfrom=zfs:klawisz/ROOTFS. Or you can just add this at loader prompt. There's also a ${SRC}/tools/tools/zfsboottest script that can tell you something about booting from your pool. -- Sphinx of black quartz, judge my vow. From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 14:56:57 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id AC961438; Fri, 2 Aug 2013 14:56:57 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5037B2AED; Fri, 2 Aug 2013 14:56:57 +0000 (UTC) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (Postfix) with ESMTP id C857628B4; Fri, 2 Aug 2013 16:56:55 +0200 (CEST) X-Virus-Scanned: amavisd-new at wasikowski.net Received: from mail.wasikowski.net ([91.204.91.44]) by mail.wasikowski.net (scan.wasikowski.net [91.204.91.44]) (amavisd-new, port 10026) with ESMTP id SFfjPrAVN6Mz; Fri, 2 Aug 2013 16:56:55 +0200 (CEST) Received: from [192.168.138.150] (83-144-115-210.static.chello.pl [83.144.115.210]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.wasikowski.net (Postfix) with ESMTPSA id 629D828B1; Fri, 2 Aug 2013 16:56:55 +0200 (CEST) Message-ID: <51FBC8B3.4010304@wasikowski.net> Date: Fri, 02 Aug 2013 16:56:51 +0200 From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Volodymyr Kostyrko Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> <51FBC4DC.4090506@wasikowski.net> <51FBC6F1.9030408@gmail.com> In-Reply-To: <51FBC6F1.9030408@gmail.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 14:56:57 -0000 W dniu 2013-08-02 16:49, Volodymyr Kostyrko pisze: > 02.08.2013 17:40, Łukasz Wąsikowski wrote: >>>> Any hints how to go from here? >>> >>> First, how did you update bootcode? `ls -la /boot` also wood help. >>> >>> Second, what is your /etc/make.conf and /etc/src.conf? >> >> I'm updating bootcode with: >> >> gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0 >> >> /etc/src.conf doesn't exist (I'm using GENERIC kernel on this VM) >> /etc/make.conf - http://pastebin.com/QapEWzfJ >> > > Looks good. > > Can you also try what Trond suggests about boot order? You can also list > your boot fs in /boot/loader.conf like I listed ROOTFS in /boot/loader.conf, didn't helped. I'm using this boot order on 20+ boxes and never had any issues with it, but I'll check it as I don't have better idea what to do next. > vfs.root.mountfrom=zfs:klawisz/ROOTFS. Or you can just add this at > loader prompt. > > There's also a ${SRC}/tools/tools/zfsboottest script that can tell you > something about booting from your pool. This tools doesn't compile on 9.2-BETA2 r253884 # cd /usr/src/tools/tools/zfsboottest/ && make Warning: Object directory not changed from original /usr/src/tools/tools/zfsboottest ln -sf /usr/src/tools/tools/zfsboottest/../../../sys/i386/include machine cc -O1 -I/usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs -I/usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs -I. -fdiagnostics-show-option -W -Wextra -Wno-sign-compare -Wno-unused-parameter -Werror -std=gnu99 -fstack-protector -c zfsboottest.c cc1: warnings being treated as errors In file included from /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/zfssubr.c:122, from /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:38, from zfsboottest.c:55: /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/lz4.c: In function 'lz4_decompress': /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/lz4.c:45: warning: implicit declaration of function 'htonl' In file included from zfsboottest.c:55: /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c: In function 'spa_status': /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: error: 'ZFS_MAXNAMELEN' undeclared (first use in this function) /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: error: (Each undeclared identifier is reported only once /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: error: for each function it appears in.) *** [zfsboottest.o] Error code 1 Stop in /usr/src/tools/tools/zfsboottest. -- best regards, Lukasz Wasikowski From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 15:01:06 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C576B5EE; Fri, 2 Aug 2013 15:01:06 +0000 (UTC) (envelope-from baptiste.daroussin@gmail.com) Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 30CF72B37; Fri, 2 Aug 2013 15:01:06 +0000 (UTC) Received: by mail-we0-f173.google.com with SMTP id x55so610596wes.4 for ; Fri, 02 Aug 2013 08:01:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=cYkies0/kxmp10pEyDtmByjybKPCtCpE2EhWu/pRq4E=; b=m22AWz3rn5WJPZIjTrywJ1q4R5J4C0yNB2iCTqDZQwwXfSl0g8vJnLM9uGmUfRD7v3 m8wk6u0DxUCLVj6S0SIjcL8rMgXDpzIDTe8X5A0oXj15xEess+pL31MKyFAhN9W4uA4U wnEEa4inNT8bmuNYisV+WfF0L0jTpu+a35O+Q8CUshFiSjJ2KgFJm2U0bKxnzl2q7Y52 V05yfKYd8J1ofiQgYrCkQBft+qr6fUI39wITBi/E+HjeEGP5jwHblYwVF8Ka1aIaDK0e ANSrwuyiVYkGEytZxTYaDDIXLyvcapXGVpU9sBr802/l9VBjmpA4rjefelpYXWlqIkjw Ua8Q== X-Received: by 10.194.121.132 with SMTP id lk4mr5296757wjb.25.1375455664612; Fri, 02 Aug 2013 08:01:04 -0700 (PDT) Received: from ithaqua.etoilebsd.net (ithaqua.etoilebsd.net. [37.59.37.188]) by mx.google.com with ESMTPSA id o10sm3872676wiz.5.2013.08.02.08.01.03 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 02 Aug 2013 08:01:03 -0700 (PDT) Sender: Baptiste Daroussin Date: Fri, 2 Aug 2013 17:01:01 +0200 From: Baptiste Daroussin To: Patrick Lamaiziere Subject: Re: java (openjdk6) segfaults when built with 9-stable clang Message-ID: <20130802150101.GA40254@ithaqua.etoilebsd.net> References: <51EF9574.6090007@tzim.net> <20130725220550.GR61207@ithaqua.etoilebsd.net> <20130802141525.0c328d1c@mr129166> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ew6BAiZeqk4r7MaW" Content-Disposition: inline In-Reply-To: <20130802141525.0c328d1c@mr129166> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: java@FreeBSD.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 15:01:06 -0000 --ew6BAiZeqk4r7MaW Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 02, 2013 at 02:15:25PM +0200, Patrick Lamaiziere wrote: > Le Fri, 26 Jul 2013 00:05:50 +0200, > Baptiste Daroussin a =E9crit : >=20 > Hi all, Baptiste, >=20 > > > Hi > > >=20 > > > I recently upgraded my home NAS from 9.1-RELEASE to 9-stable > > > (r253470 (9.2-BETA1)) > > >=20 > > > I also upgraded my poudriere building jail. Since then, > > > multimedia/xbmc port fails to build in configure stage : java > > > segfaults (sig11). I use WITH_CLANG_IS_CC=3DYES, for world and > > > build-jails. > > >=20 > > > I found following workarounds: > > > - use previously (with 9.1-RELEASE world and clang) build > > > openjdk6 pkg (same version). > > > - use USE_GCC=3DYES for java port. > > >=20 > > > It's the only one place I use java (openjdk6-b27_4). So I cannot > > > say if java works otherwise. > > >=20 > > > Is this a java or clang bug ? > > >=20 > >=20 > > Here is the bug > >=20 > > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=3D6636110 > >=20 > > Fixed in b27_6 >=20 > Hmm, Isn't Openjdk7 affected too ? >=20 > http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=3D2219304 >=20 > Someone complains on the FreeBSD forums for openjdk7, I think it needs > to be patched too. http://forums.freebsd.org/showthread.php?t=3D41181 >=20 To be honnest I do not have time to investigate neither fix before a while,= I have CC to the java list, in the hope someone will have a look at it. regards, Bapt --ew6BAiZeqk4r7MaW Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlH7ya0ACgkQ8kTtMUmk6Ey+ywCfbSbGOiPxM3supzMrmYNu66g8 OHAAn3sZL5Ed6baWF6kz2bX5XnZw+plI =Wa87 -----END PGP SIGNATURE----- --ew6BAiZeqk4r7MaW-- From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 15:04:29 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 83415735 for ; Fri, 2 Aug 2013 15:04:29 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 3E9152B5E for ; Fri, 2 Aug 2013 15:04:29 +0000 (UTC) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (Postfix) with ESMTP id 3F71428DE; Fri, 2 Aug 2013 17:04:20 +0200 (CEST) X-Virus-Scanned: amavisd-new at wasikowski.net Received: from mail.wasikowski.net ([IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (scan.wasikowski.net [IPv6:2001:6a0:1cb::b]) (amavisd-new, port 10026) with ESMTP id XQfYyGclO3Av; Fri, 2 Aug 2013 17:04:19 +0200 (CEST) Received: from [192.168.138.150] (83-144-115-210.static.chello.pl [83.144.115.210]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.wasikowski.net (Postfix) with ESMTPSA id 8320D28DB; Fri, 2 Aug 2013 17:04:19 +0200 (CEST) Message-ID: <51FBCA6E.1080007@wasikowski.net> Date: Fri, 02 Aug 2013 17:04:14 +0200 From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?VHJvbmQgRW5kcmVzdMO4bA==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51F17233.4080903@wasikowski.net> In-Reply-To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: FreeBSD stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 15:04:29 -0000 W dniu 2013-07-25 22:23, Trond Endrestøl pisze: > Perhaps you should reset the mountpoint property for klawisz, using: > > zfs set mountpoint=legacy klawisz > > At the same time you may let klawisz/ROOTFS inherit the mountpoint > property from klawisz by running: > > zfs inherit mountpoint klawisz/ROOTFS Thank you for you reply. I did what you've suggested, now I'm getting: ZFS: i/o error - all block copies unavailable ZFS: can't read object set for dataset u ZFS: can't open root filesystem gptzfsboot: failed to mount default pool klawisz Those KVM VMs are very stubborn with this "I won't boot" attitude ;) -- best regards, Lukasz Wasikowski From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 15:14:23 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 4E38D8DA; Fri, 2 Aug 2013 15:14:23 +0000 (UTC) (envelope-from c.kworr@gmail.com) Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9764F2BC1; Fri, 2 Aug 2013 15:14:22 +0000 (UTC) Received: by mail-lb0-f175.google.com with SMTP id 13so528483lba.6 for ; Fri, 02 Aug 2013 08:14:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=f87Ssaw4vUZNQ1c/QNhfKW/3i+XAftoH0pURdRdDKSs=; b=APtol2X2GjRMEbwoap0eKSypiAuSWw47XXOf9KEIxIcXD29BdaqH9dNXCmqw3c5heF QoqGJZBcI6z5ERfO8wi8t3iRASCTnUFDHZnclOGh8HHhnymvrYGOztFdjvo1eOI5pL82 17yuZZg9ldY4OC8LOSTCn5GUQMLigMZlDhy9wgYYsrnWfe2iaA5+nh+NXEziTOp6L5Ub 2lOk9Qlv0hUd+GFOBY3Oy9UCooCjOB6WS3tPpGbGegxfVa47lap568qwwNp7iGBhXquw 7VSWpq/MkzmGFAdEyk2WZYJr0F2EpUIBMXeNm+N+KuaC1YswJCPgXAHpWa5h8E7sdUcN Y6Mg== X-Received: by 10.152.26.104 with SMTP id k8mr3072431lag.85.1375456458562; Fri, 02 Aug 2013 08:14:18 -0700 (PDT) Received: from [192.168.1.125] (mau.donbass.com. [92.242.127.250]) by mx.google.com with ESMTPSA id 8sm3485149lbq.4.2013.08.02.08.14.17 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 02 Aug 2013 08:14:18 -0700 (PDT) Message-ID: <51FBCCC8.6040805@gmail.com> Date: Fri, 02 Aug 2013 18:14:16 +0300 From: Volodymyr Kostyrko User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130802 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> <51FBC4DC.4090506@wasikowski.net> <51FBC6F1.9030408@gmail.com> <51FBC8B3.4010304@wasikowski.net> In-Reply-To: <51FBC8B3.4010304@wasikowski.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 15:14:23 -0000 02.08.2013 17:56, Łukasz Wąsikowski wrote: >> Can you also try what Trond suggests about boot order? You can also list >> your boot fs in /boot/loader.conf like > > I listed ROOTFS in /boot/loader.conf, didn't helped. I'm using this boot > order on 20+ boxes and never had any issues with it, but I'll check it > as I don't have better idea what to do next. I'm almost out of suggestions... 1. Can you try to removing 'canmount' property from klawisz fs and 'bootfs' property from pool? 2. Can you try fetching late nexenta or illumos and give your pool a full scrub? 3. Can you try disablng/enabling features? I assume you haven't used compression and have no snapshots. >> vfs.root.mountfrom=zfs:klawisz/ROOTFS. Or you can just add this at >> loader prompt. >> >> There's also a ${SRC}/tools/tools/zfsboottest script that can tell you >> something about booting from your pool. > > This tools doesn't compile on 9.2-BETA2 r253884 > > # cd /usr/src/tools/tools/zfsboottest/ && make > > Warning: Object directory not changed from original > /usr/src/tools/tools/zfsboottest > ln -sf /usr/src/tools/tools/zfsboottest/../../../sys/i386/include machine > cc -O1 -I/usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs > -I/usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs -I. > -fdiagnostics-show-option -W -Wextra -Wno-sign-compare > -Wno-unused-parameter -Werror -std=gnu99 -fstack-protector -c > zfsboottest.c > cc1: warnings being treated as errors > In file included from > /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/zfssubr.c:122, > from > /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:38, > from zfsboottest.c:55: > /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/lz4.c: In > function 'lz4_decompress': > /usr/src/tools/tools/zfsboottest/../../../sys/cddl/boot/zfs/lz4.c:45: > warning: implicit declaration of function 'htonl' > In file included from zfsboottest.c:55: > /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c: In > function 'spa_status': > /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: > error: 'ZFS_MAXNAMELEN' undeclared (first use in this function) > /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: > error: (Each undeclared identifier is reported only once > /usr/src/tools/tools/zfsboottest/../../../sys/boot/zfs/zfsimpl.c:817: > error: for each function it appears in.) > *** [zfsboottest.o] Error code 1 > > Stop in /usr/src/tools/tools/zfsboottest. Ahem, sorry. Never used that. -- Sphinx of black quartz, judge my vow. From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 15:28:59 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 09991D28 for ; Fri, 2 Aug 2013 15:28:59 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 844B02C6B for ; Fri, 2 Aug 2013 15:28:58 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r72FSrWu091554 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Aug 2013 17:28:53 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r72FSrl1091551; Fri, 2 Aug 2013 17:28:53 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Fri, 2 Aug 2013 17:28:53 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: =?UTF-8?Q?=C5=81ukasz_W=C4=85sikowski?= Subject: Re: ZFS: can't read MOS of pool In-Reply-To: <51FBCA6E.1080007@wasikowski.net> Message-ID: References: <51ED5B69.8050200@wasikowski.net> <51F17233.4080903@wasikowski.net> <51FBCA6E.1080007@wasikowski.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-1609152734-1375457333=:90799" X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: FreeBSD stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 15:28:59 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-1609152734-1375457333=:90799 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT On Fri, 2 Aug 2013 17:04+0200, ?ukasz W?sikowski wrote: > W dniu 2013-07-25 22:23, Trond Endrestl pisze: > > > Perhaps you should reset the mountpoint property for klawisz, using: > > > > zfs set mountpoint=legacy klawisz > > > > At the same time you may let klawisz/ROOTFS inherit the mountpoint > > property from klawisz by running: > > > > zfs inherit mountpoint klawisz/ROOTFS > > Thank you for you reply. I did what you've suggested, now I'm getting: > > ZFS: i/o error - all block copies unavailable > ZFS: can't read object set for dataset u > ZFS: can't open root filesystem > gptzfsboot: failed to mount default pool klawisz > > Those KVM VMs are very stubborn with this "I won't boot" attitude ;) Could there be a bug in the underlying storage system? What filesystem does the VM's virtual harddrives reside on? Could the physical storage media be corrupt? For some reason ZFS expects additional (leaf) vdevs to be present. I've seen similar error messages when an insufficient number of drives were not made visible by the boot firmware, i.e. BIOS. If this VM is important, you should make a snapshot, or make a copy, if you have enough free space. And it might be best to seek advice from someone more versed with the internals of ZFS than I am. :-/ -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestl, | Trond Endrestl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-1609152734-1375457333=:90799-- From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 15:31:40 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8B104E44 for ; Fri, 2 Aug 2013 15:31:40 +0000 (UTC) (envelope-from jdavidlists@gmail.com) Received: from mail-oa0-x22d.google.com (mail-oa0-x22d.google.com [IPv6:2607:f8b0:4003:c02::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 53A0E2C8A for ; Fri, 2 Aug 2013 15:31:40 +0000 (UTC) Received: by mail-oa0-f45.google.com with SMTP id m1so1608258oag.4 for ; Fri, 02 Aug 2013 08:31:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=fTCNTAUwb0VBaz5XdGWHyPrRa4QCnwcdXf72UxevFlI=; b=WW8DfaY92oCP7OErXoqNw42+FFmCQoxPE+e2ZytflyV0wreZaoxHEzu+Hrn2LnMks9 ifcGdCArTer8/OvVCRVHKcirWuivtTDthw+mYsPesTrGQvBTKKCrx0Jyxzch2ALc2S5S yftSCru/onvN05IexYA5+uOvyE6RvhKoSNKHKg4UZmE+f5fIMdQqhWhT8XYgdK2qSdA5 gSZYBRV1VPqA0yK1XEtWvzSbbuSX++tin/J+wR0ToBvVgZLh/qAn7dNcYOeO4XvL/qca Tcnkv9AX4YxIgOBkYpwDzFF+7xmyiqb6Hab0w0hddU8HIoSY1xQGr42vcmc/B6xNf7Ae HBdA== MIME-Version: 1.0 X-Received: by 10.50.109.134 with SMTP id hs6mr349143igb.35.1375457499555; Fri, 02 Aug 2013 08:31:39 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.150.196 with HTTP; Fri, 2 Aug 2013 08:31:39 -0700 (PDT) In-Reply-To: References: Date: Fri, 2 Aug 2013 11:31:39 -0400 X-Google-Sender-Auth: nC4r8TWsmf0I9g7vYveq4oMHYXI Message-ID: Subject: Re: Problem with zfsloader on 9.2-BETA2 From: J David To: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 15:31:40 -0000 On Fri, Aug 2, 2013 at 2:36 AM, Trond Endrest=F8l wrote: > I'll try the 8.4-R -> 9.2-BETA2 route later this afternoon, and avoid > updating the boot blocks with the ones from 9.2-BETA2. That leaves the > raidz2 configuration unexplored. Thanks for looking into this. Is there anything you can think of that I can do to help establish what is happening on this system? If there is a way to e.g. debug zfsloader to see what exactly it is doing and where it goes awry, I sadly do not know what it is. :( Thanks! From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 17:34:19 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 7ADEDCDE for ; Fri, 2 Aug 2013 17:34:19 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1B1402263 for ; Fri, 2 Aug 2013 17:34:18 +0000 (UTC) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.14.7/8.14.7) with ESMTP id r72HYEc7092495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 Aug 2013 19:34:14 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.14.7/8.14.7/Submit) with ESMTP id r72HYEqd092492; Fri, 2 Aug 2013 19:34:14 +0200 (CEST) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Fri, 2 Aug 2013 19:34:14 +0200 (CEST) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: J David Subject: Re: Problem with zfsloader on 9.2-BETA2 In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="2055831798-2028791881-1375462410=:90799" Content-ID: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on mail.fig.ol.no Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 17:34:19 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. --2055831798-2028791881-1375462410=:90799 Content-Type: TEXT/PLAIN; CHARSET=ISO-8859-1 Content-Transfer-Encoding: 8BIT Content-ID: On Fri, 2 Aug 2013 11:31-0400, J David wrote: > On Fri, Aug 2, 2013 at 2:36 AM, Trond Endrestl wrote: > > > I'll try the 8.4-R -> 9.2-BETA2 route later this afternoon, and avoid > > updating the boot blocks with the ones from 9.2-BETA2. That leaves the > > raidz2 configuration unexplored. I figured the easiest way would be to copy the boot blocks from the 8.4-R BE to da0p1 and da1p1, and let the bootfs property remain pointing to the 9.2-BETA2 BE. The 8.4-R stuff showed no problems booting the 9.2-BETA stuff. > Thanks for looking into this. Is there anything you can think of that > I can do to help establish what is happening on this system? > > If there is a way to e.g. debug zfsloader to see what exactly it is > doing and where it goes awry, I sadly do not know what it is. :( You could put the line verbose_loading="YES" in /boot/loader.conf or in /boot/loader.conf.local if zfsloader is lucky enough to read those files. You can get the pool's guid by running: zpool get guid data If you manage to get to zfsloader's OK prompt, you can use the show command and see what zfsloader has gathered so far. If you are lucky, vfs.zfs.boot.primary_pool should be the same value as shown by the zpool get command above. You could also try verbose booting of the kernel. Maybe that can give some clues. Try these suggestions with the currently working/booting system. It would be a good thing to run smartctl on your drives if you haven't already done so. Maybe the S.M.A.R.T. statistics will be helpful. Install sysutils/smartmontools to get smartctl (and smartd). In another thread it was suggested to try zpool scrub from the lastest illumos or nexenta releases. Maybe it's possible to scrub a read-only pool, if only to find out what's wrong. -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestl, | Trond Endrestl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ --2055831798-2028791881-1375462410=:90799-- From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 18:44:19 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DBA39E09 for ; Fri, 2 Aug 2013 18:44:19 +0000 (UTC) (envelope-from David.Boyd49@twc.com) Received: from hrndva-omtalb.mail.rr.com (hrndva-omtalb.mail.rr.com [71.74.56.122]) by mx1.freebsd.org (Postfix) with ESMTP id A091D2514 for ; Fri, 2 Aug 2013 18:44:19 +0000 (UTC) X-Authority-Analysis: v=2.0 cv=e9yEuNV/ c=1 sm=0 a=RaFooZTw3JxRMNIdBZw8aA==:17 a=XYRfRlFT9poA:10 a=lPUk2UEfVGMA:10 a=UNWf5WQ7AAAA:8 a=KGjhK52YXX0A:10 a=TV7Nra2w3ywA:10 a=pRDSfare_pWYjZ-c2NwA:9 a=CjuIK1q_8ugA:10 a=Ckf1QKyoeosUstzwX3MA:9 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=_W_S_7VecoQA:10 a=eyG0yYN26_h9Y5_g:21 a=RaFooZTw3JxRMNIdBZw8aA==:117 X-Cloudmark-Score: 0 X-Authenticated-User: X-Originating-IP: 74.138.24.137 Received: from [74.138.24.137] ([74.138.24.137:49743] helo=sneezy) by hrndva-oedge01.mail.rr.com (envelope-from ) (ecelerity 2.2.3.46 r()) with ESMTP id 72/AC-18705-CFDFBF15; Fri, 02 Aug 2013 18:44:13 +0000 From: "David Boyd" To: Subject: AAC regression in 9.2-BETA Date: Fri, 2 Aug 2013 14:44:04 -0400 Message-ID: MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6863 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 Thread-Index: Ac6PsEMNz0PoFj6zQdedcH2kY4gTTw== Importance: Normal Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 18:44:19 -0000 I have an Adaptec 2820SA (SATA) controller that hangs the system during booting on 9.2-BETA[12]. The only message I see on the console refers to controller aac0 and indicates "TIMEOUT 138 SECONDS". This same controller/motherboard works flawlessly with 9.1-RELEASE-p5. I have moved this hardware to "testing" mode and can rebuild often. I am asking for direction and suggestions as to which commits might be at fault. I am sorry that I didn't detect this problem earlier in the release cycle. Hope we can resolve this before 9.2-RELEASE. Thanks. From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 19:10:36 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 2F2936D9 for ; Fri, 2 Aug 2013 19:10:36 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DE4BB2657 for ; Fri, 2 Aug 2013 19:10:35 +0000 (UTC) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (Postfix) with ESMTP id 7A7392A1B; Fri, 2 Aug 2013 21:10:32 +0200 (CEST) X-Virus-Scanned: amavisd-new at wasikowski.net Received: from mail.wasikowski.net ([IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (scan.wasikowski.net [IPv6:2001:6a0:1cb::b]) (amavisd-new, port 10026) with ESMTP id waAO3gv3iqKQ; Fri, 2 Aug 2013 21:10:32 +0200 (CEST) Received: from [192.168.168.1] (89-71-136-148.dynamic.chello.pl [89.71.136.148]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.wasikowski.net (Postfix) with ESMTPSA id F3BC22A18; Fri, 2 Aug 2013 21:10:31 +0200 (CEST) Message-ID: <51FC0428.2090301@wasikowski.net> Date: Fri, 02 Aug 2013 21:10:32 +0200 From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?VHJvbmQgRW5kcmVzdMO4bA==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51F17233.4080903@wasikowski.net> <51FBCA6E.1080007@wasikowski.net> In-Reply-To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: FreeBSD stable X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 19:10:36 -0000 W dniu 2013-08-02 17:28, Trond Endrestøl pisze: > On Fri, 2 Aug 2013 17:04+0200, ?ukasz W?sikowski wrote: >> Thank you for you reply. I did what you've suggested, now I'm getting: >> >> ZFS: i/o error - all block copies unavailable >> ZFS: can't read object set for dataset u >> ZFS: can't open root filesystem >> gptzfsboot: failed to mount default pool klawisz >> >> Those KVM VMs are very stubborn with this "I won't boot" attitude ;) > > Could there be a bug in the underlying storage system? It might be a bug in Proxmox or KVM. > What filesystem does the VM's virtual harddrives reside on? VM uses qcow container which is placed on ext4 on top of software raid-10. > Could the physical storage media be corrupt? No. I created identical VM on another physical Proxmox node and got the same boot error. > For some reason ZFS expects additional (leaf) vdevs to be present. > I've seen similar error messages when an insufficient number of drives > were not made visible by the boot firmware, i.e. BIOS. The most odd thing is that this setup is working for a while and then stops. > If this VM is important, you should make a snapshot, or make a copy, > if you have enough free space. I can prepare another VM with that booting problem for tests so I'm not afraid of data loss. > And it might be best to seek advice from someone more versed with the > internals of ZFS than I am. :-/ Thank you for trying :) -- best regards, Lukasz Wasikowski From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 19:21:45 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C627DE72; Fri, 2 Aug 2013 19:21:45 +0000 (UTC) (envelope-from lukasz@wasikowski.net) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7FC5926DD; Fri, 2 Aug 2013 19:21:45 +0000 (UTC) Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (Postfix) with ESMTP id 100AC2A29; Fri, 2 Aug 2013 21:21:44 +0200 (CEST) X-Virus-Scanned: amavisd-new at wasikowski.net Received: from mail.wasikowski.net ([IPv6:2001:6a0:1cb::b]) by mail.wasikowski.net (scan.wasikowski.net [IPv6:2001:6a0:1cb::b]) (amavisd-new, port 10026) with ESMTP id 3eIiiJp7hlcq; Fri, 2 Aug 2013 21:21:43 +0200 (CEST) Received: from [192.168.168.1] (89-71-136-148.dynamic.chello.pl [89.71.136.148]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.wasikowski.net (Postfix) with ESMTPSA id 976322A24; Fri, 2 Aug 2013 21:21:43 +0200 (CEST) Message-ID: <51FC06C8.50906@wasikowski.net> Date: Fri, 02 Aug 2013 21:21:44 +0200 From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Volodymyr Kostyrko Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> <51FBC4DC.4090506@wasikowski.net> <51FBC6F1.9030408@gmail.com> <51FBC8B3.4010304@wasikowski.net> <51FBCCC8.6040805@gmail.com> In-Reply-To: <51FBCCC8.6040805@gmail.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-fs@freebsd.org, freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 19:21:45 -0000 W dniu 2013-08-02 17:14, Volodymyr Kostyrko pisze: > 02.08.2013 17:56, Łukasz Wąsikowski wrote: >>> Can you also try what Trond suggests about boot order? You can also list >>> your boot fs in /boot/loader.conf like >> >> I listed ROOTFS in /boot/loader.conf, didn't helped. I'm using this boot >> order on 20+ boxes and never had any issues with it, but I'll check it >> as I don't have better idea what to do next. > > I'm almost out of suggestions... > > 1. Can you try to removing 'canmount' property from klawisz fs and > 'bootfs' property from pool? Property canmount is off for klawisz already. It's enabled for klawisz/ROOTFS though. I removed bootfs from the pool, didn't worked - can't read MOS. > 2. Can you try fetching late nexenta or illumos and give your pool a > full scrub? OpenIndiana's 151a7 scrub shows no error. > 3. Can you try disablng/enabling features? I assume you haven't used > compression and have no snapshots. I'm using lzjb compression on some not important for booting datasets (not on klawisz/ROOTFS) and I created some snapshots. -- best regards, Lukasz Wasikowski From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 20:05:52 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 9B5EA812 for ; Fri, 2 Aug 2013 20:05:52 +0000 (UTC) (envelope-from marius@alchemy.franken.de) Received: from alchemy.franken.de (alchemy.franken.de [194.94.249.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 34D9528E0 for ; Fri, 2 Aug 2013 20:05:51 +0000 (UTC) Received: from alchemy.franken.de (localhost [127.0.0.1]) by alchemy.franken.de (8.14.7/8.14.7/ALCHEMY.FRANKEN.DE) with ESMTP id r72K5hOx006815; Fri, 2 Aug 2013 22:05:44 +0200 (CEST) (envelope-from marius@alchemy.franken.de) Received: (from marius@localhost) by alchemy.franken.de (8.14.7/8.14.7/Submit) id r72K5h2o006814; Fri, 2 Aug 2013 22:05:43 +0200 (CEST) (envelope-from marius) Date: Fri, 2 Aug 2013 22:05:43 +0200 From: Marius Strobl To: David Boyd Subject: Re: AAC regression in 9.2-BETA Message-ID: <20130802200543.GA6755@alchemy.franken.de> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 20:05:52 -0000 On Fri, Aug 02, 2013 at 02:44:04PM -0400, David Boyd wrote: > I have an Adaptec 2820SA (SATA) controller that hangs the system during > booting on 9.2-BETA[12]. > The only message I see on the console refers to controller aac0 and > indicates "TIMEOUT 138 SECONDS". > This same controller/motherboard works flawlessly with 9.1-RELEASE-p5. > I have moved this hardware to "testing" mode and can rebuild often. > I am asking for direction and suggestions as to which commits might be at > fault. > I am sorry that I didn't detect this problem earlier in the release cycle. > Hope we can resolve this before 9.2-RELEASE. That could be due to MSIs being broken with your particular controller or mainboard. Please try whether setting the tunable hw.aac.enable_msi to 0 on the loader prompt before booting makes things work. If it does, please provide a verbose dmesg and the output of `pciconf -lcv`. Marius From owner-freebsd-stable@FreeBSD.ORG Fri Aug 2 23:27:49 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 21BB4176 for ; Fri, 2 Aug 2013 23:27:49 +0000 (UTC) (envelope-from S.Kuzminsky@F5.com) Received: from mail.f5.com (mail.f5.com [208.85.209.139]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id ECF522EE7 for ; Fri, 2 Aug 2013 23:27:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=f5.com; i=S.Kuzminsky@f5.com; q=dns/txt; s=seattle; t=1375486069; x=1407022069; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=+kSpCPuN7VpTGgIiWSp/zuWVj/7+co6oNFx4QwjG7cQ=; b=rChnV3ILmo6Zmn3X9mTNAAUk2HShzjYXUPOeDl9Ymcixe5SxITV3UU7z DaFFoNSKkMTHl6EOXIxNbU/dYBAdtesYWuRFjmJgBAfa8nZMgG7bR2Edn AOgfktCSRyIwTDVvxOvD6mFGSby7BHWsEaowEEsr9IWJ4AdwvNXZgUxQt 8=; X-IronPort-AV: E=Sophos;i="4.89,804,1367971200"; d="scan'208";a="78502699" Received: from unknown (HELO exchmail.f5net.com) ([192.168.10.240]) by mail.f5.com with ESMTP/TLS/AES128-SHA; 02 Aug 2013 23:26:27 +0000 Received: from SEAEMBX01.olympus.F5Net.com ([fe80::3440:4256:38f6:d3a0]) by seaecas02.olympus.F5Net.com ([::1]) with mapi id 14.03.0123.003; Fri, 2 Aug 2013 16:26:26 -0700 From: Sebastian Kuzminsky To: "freebsd-stable@freebsd.org" Subject: add 'show mbuf' to ddb in stable/9 Thread-Topic: add 'show mbuf' to ddb in stable/9 Thread-Index: AQHOj9e0FLQlBpTlPUeghbsLttRvpQ== Date: Fri, 2 Aug 2013 23:26:25 +0000 Message-ID: <254A7ED7-6F4D-42B8-BE9C-438DC5143612@f5.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [192.168.16.200] Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Aug 2013 23:27:49 -0000 Hi folks, I have a very minor patch i'd like to contribute, but i'm not sur= e what the preferred way to contribute patches is. The patch adds a command to ddb called "show mbuf", that decodes some of th= e mbuf info. We've found it useful for debugging some of the networking co= de we work on. The patch is against stable/9. It is available here: https://github.com/Seb-LineRate/freebsd/commit/f70f2e0024ecebff6769d7440b83= 79f3d907457d I can prepare the patch in other ways if that is preferred, just let me kno= w! --=20 Sebastian Kuzminsky From owner-freebsd-stable@FreeBSD.ORG Sat Aug 3 13:41:59 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 891F6E63 for ; Sat, 3 Aug 2013 13:41:59 +0000 (UTC) (envelope-from timp87@gmail.com) Received: from mail-vb0-x22a.google.com (mail-vb0-x22a.google.com [IPv6:2607:f8b0:400c:c02::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 46E262320 for ; Sat, 3 Aug 2013 13:41:59 +0000 (UTC) Received: by mail-vb0-f42.google.com with SMTP id e12so1578053vbg.15 for ; Sat, 03 Aug 2013 06:41:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=7GVJ0Ujcv6YlfrKeEN25E/3K67MsmzaehaW3EHZoWc8=; b=t0989JVqvVZjR8XuuxhEa+nBEjczKs0qHV2mC4lZipIax3kfPZ6v+E8+9f64Q1pBc5 JZH4At2q/F5W+jT3dbTgUAIbvzprdcgblEqvC544BdzUlQ6JzYiIXDYDxugA41jIlL5v SjBD6XXk5sSAESL9gtjkwSYKguKnzwZB0D06nwDoOTyocKwmmG+e7tZ4yILUQvteTSmK K1ulHYFjYNtc6qZ3xU7HEzLXCiuT0SHO0NDiWLn+28XySiHlJeOrSjFm3NfKkGqMjZbU eOXg9eFN6pmuLm/jQPBD6E0t4lsQyf3f1Xu67bkXcp0hUJoDcG74LjID/7qeiA9SJpRk gVUw== MIME-Version: 1.0 X-Received: by 10.58.135.227 with SMTP id pv3mr3526057veb.21.1375537318166; Sat, 03 Aug 2013 06:41:58 -0700 (PDT) Received: by 10.52.38.134 with HTTP; Sat, 3 Aug 2013 06:41:58 -0700 (PDT) In-Reply-To: <20130802102100.GA11138@eris.bzerk.org> References: <20130802102100.GA11138@eris.bzerk.org> Date: Sat, 3 Aug 2013 17:41:58 +0400 Message-ID: Subject: Re: Strange sendmail behaviour after upgrade to 9.1-BETA2 From: Pavel Timofeev To: Ruben de Groot Content-Type: text/plain; charset=UTF-8 Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Aug 2013 13:41:59 -0000 2013/8/2 Ruben de Groot : > On Wed, Jul 31, 2013 at 04:54:08PM +0400, Pavel Timofeev typed: >> I've just installed new fresh 9.2-BETA2 amd64 on another machine. >> Same behaviour - Sendmail asks DNS only for AAAA record of mx server. >> We don't use IPv6 in our company. >> >> 2013/7/31 Pavel Timofeev : >> > I wanted to say that sendmail asks only AAAA (IPv6) record of mx >> > server, but not A (IPv4). >> > Any ideas? >> > >> > 2013/7/31 Pavel Timofeev : >> >> Looks like my sendmail uses only IPv6 to resolve mx server dns name to >> >> ip address. >> >> >> >> 14:59:50.793338 IP reticulum.xxx.ru.19032 > hercules.xxx.ru.domain: >> >> 53417+ AAAA? xxx.ru. (24) >> >> [13/98] >> >> 14:59:50.793662 IP hercules.xxx.ru.domain > reticulum.xxx.ru.19032: >> >> 53417* 0/1/0 (75) >> >> 14:59:50.793696 IP reticulum.xxx.ru.55299 > hercules.xxx.ru.domain: >> >> 53418+ A? xxx.ru. (24) > > Here it is definately asking an A record. And? It's not A record of mx server. >> >> 14:59:50.794087 IP hercules.xxx.ru.domain > reticulum.xxx.ru.55299: >> >> 53418* 7/0/0 A 192.168.2.11, A 192.168.2.12, A 192.168.41.4, A >> >> 192.168.14.12, A 192.168.34.100, A 192.168.34.110, A 192.168.44.19 >> >> (136) > > And here is the reply. The quetion is more why is it repeating the same > query (below) over and over. Yes, reply about xxx.ru, not about mx server's IP which is kalmar.xxx.ru > > Ruben > >> >> 14:59:50.973445 IP reticulum.xxx.ru.29244 > hercules.xxx.ru.domain: >> >> 53419+ MX? xxx.ru. (24) >> >> 14:59:50.973754 IP hercules.xxx.ru.domain > reticulum.xxx.ru.29244: >> >> 53419* 1/0/1 MX kalmar.xxx.ru. 10 (63) >> >> 14:59:50.974061 IP reticulum.xxx.ru.56461 > hercules.xxx.ru.domain: >> >> 53420+ AAAA? kalmar.xxx.ru. (31) >> >> 14:59:50.974340 IP hercules.xxx.ru.domain > reticulum.xxx.ru.56461: >> >> 53420* 0/1/0 (82) >> >> 14:59:50.974570 IP reticulum.xxx.ru.28332 > hercules.xxx.ru.domain: >> >> 53421+ AAAA? kalmar.xxx.ru. (31) >> >> 14:59:50.974887 IP hercules.xxx.ru.domain > reticulum.xxx.ru.28332: >> >> 53421* 0/1/0 (82) >> >> 14:59:50.974919 IP reticulum.xxx.ru.21453 > hercules.xxx.ru.domain: >> >> 53422+ AAAA? kalmar. (24) >> >> 14:59:50.975290 IP hercules.xxx.ru.domain > reticulum.xxx.ru.21453: >> >> 53422 ServFail 0/0/0 (24) >> >> 14:59:50.975314 IP reticulum.xxx.ru.63038 > hercules.xxx.ru.domain: >> >> 53422+ AAAA? kalmar. (24) >> >> 14:59:50.975674 IP hercules.xxx.ru.domain > reticulum.xxx.ru.63038: >> >> 53422 ServFail 0/0/0 (24) >> >> 14:59:50.975749 IP reticulum.xxx.ru.38393 > hercules.xxx.ru.domain: >> >> 53423+ AAAA? kalmar.xxx.ru. (31) >> >> 14:59:50.976105 IP hercules.xxx.ru.domain > reticulum.xxx.ru.38393: >> >> 53423* 0/1/0 (82) >> >> 14:59:50.976176 IP reticulum.xxx.ru.45558 > hercules.xxx.ru.domain: >> >> 53424+ AAAA? kalmar. (24) >> >> 14:59:50.976483 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45558: >> >> 53424 ServFail 0/0/0 (24) >> >> 14:59:50.976512 IP reticulum.xxx.ru.45297 > hercules.xxx.ru.domain: >> >> 53424+ AAAA? kalmar. (24) >> >> 14:59:50.976864 IP hercules.xxx.ru.domain > reticulum.xxx.ru.45297: >> >> 53424 ServFail 0/0/0 (24) >> >> >> >> How to force it to use IPv4? >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@FreeBSD.ORG Sat Aug 3 19:00:46 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 732A7ED6; Sat, 3 Aug 2013 19:00:46 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 8C9FF2A8E; Sat, 3 Aug 2013 19:00:45 +0000 (UTC) Received: from porto.starpoint.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id WAA02519; Sat, 03 Aug 2013 22:00:37 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost ([127.0.0.1]) by porto.starpoint.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1V5h48-0006AL-PU; Sat, 03 Aug 2013 22:00:36 +0300 Message-ID: <51FD5303.30507@FreeBSD.org> Date: Sat, 03 Aug 2013 21:59:15 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130708 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= Subject: Re: ZFS: can't read MOS of pool References: <51ED5B69.8050200@wasikowski.net> <51FBC24B.5030609@gmail.com> <51FBC4DC.4090506@wasikowski.net> <51FBC6F1.9030408@gmail.com> <51FBC8B3.4010304@wasikowski.net> In-Reply-To: <51FBC8B3.4010304@wasikowski.net> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-fs@FreeBSD.org, freebsd-stable@FreeBSD.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Aug 2013 19:00:46 -0000 on 02/08/2013 17:56 Łukasz Wąsikowski said the following: > This tools doesn't compile on 9.2-BETA2 r253884 There are fixes for this in head that haven't been MFC-ed yet: http://svnweb.freebsd.org/base/head/tools/tools/zfsboottest/zfsboottest.c?view=patch&r1=253067&r2=253066&pathrev=253067 http://svnweb.freebsd.org/base/head/tools/tools/zfsboottest/zfsboottest.sh?view=patch&r1=253068&r2=253067&pathrev=253068 http://svnweb.freebsd.org/base/head/tools/tools/zfsboottest/Makefile?view=patch&r1=253605&r2=253604&pathrev=253605 It would be very interesting to see what zfsboottest says about the pool. Especially interesting it would be to see the error in a debugger. -- Andriy Gapon From owner-freebsd-stable@FreeBSD.ORG Sat Aug 3 19:12:07 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F01C0492 for ; Sat, 3 Aug 2013 19:12:07 +0000 (UTC) (envelope-from fabian@wenks.ch) Received: from batman.home4u.ch (batman.home4u.ch [IPv6:2001:8a8:1005:1::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7DEAA2B01 for ; Sat, 3 Aug 2013 19:12:07 +0000 (UTC) X-Virus-Scanned: amavisd-new at home4u.ch Received: from flashback.wenks.ch (fabian@flashback.wenks.ch [IPv6:2001:8a8:1005:1:223:dfff:fedf:13c9]) (authenticated bits=0) by batman.home4u.ch (8.14.5/8.14.5) with ESMTP id r73JC3c2061613 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Sat, 3 Aug 2013 21:12:03 +0200 (CEST) (envelope-from fabian@wenks.ch) Message-ID: <51FD5603.7040408@wenks.ch> Date: Sat, 03 Aug 2013 21:12:03 +0200 From: Fabian Wenk User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-stable@freebsd.org Subject: Re: /usr/bin/ld: warning: creating a DT_TEXTREL in a shared object after freebsd-update References: <51F8CEB1.2090801@webmail.sub.ru> In-Reply-To: <51F8CEB1.2090801@webmail.sub.ru> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Aug 2013 19:12:08 -0000 Hello Alex On 31.07.2013 10:45, Alex Povolotsky wrote: > Hello > > I've updated (with freebsd-update) an old 7.3 to 9.1-RELEASE and now I > cannot build at least one port. > ===> Compilation failed unexpectedly. > > Googling did not yield anything useful. What should I check and fix? Did you install the compat7x package for 9.1? If not, then download it from [1] (for an amd64 system) and use the following command to install: pkg_add compat7x-amd64-7.3.703000.201008_1.tbz [1] ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/misc/compat7x-amd64-7.3.703000.201008_1.tbz Then you should also rebuild all installed Ports, as it is noted in the documentation. bye Fabian From owner-freebsd-stable@FreeBSD.ORG Sat Aug 3 19:17:24 2013 Return-Path: Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D2361707 for ; Sat, 3 Aug 2013 19:17:24 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from citadel.icyb.net.ua (citadel.icyb.net.ua [212.40.38.140]) by mx1.freebsd.org (Postfix) with ESMTP id 2DF252B2E for ; Sat, 3 Aug 2013 19:17:23 +0000 (UTC) Received: from porto.starpoint.kiev.ua (porto-e.starpoint.kiev.ua [212.40.38.100]) by citadel.icyb.net.ua (8.8.8p3/ICyb-2.3exp) with ESMTP id WAA02615; Sat, 03 Aug 2013 22:17:21 +0300 (EEST) (envelope-from avg@FreeBSD.org) Received: from localhost ([127.0.0.1]) by porto.starpoint.kiev.ua with esmtp (Exim 4.34 (FreeBSD)) id 1V5hKL-0006Bw-9s; Sat, 03 Aug 2013 22:17:21 +0300 Message-ID: <51FD5709.7050306@FreeBSD.org> Date: Sat, 03 Aug 2013 22:16:25 +0300 From: Andriy Gapon User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130708 Thunderbird/17.0.7 MIME-Version: 1.0 To: J David Subject: Re: Problem with zfsloader on 9.2-BETA2 References: In-Reply-To: X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Cc: freebsd-stable@FreeBSD.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Aug 2013 19:17:24 -0000 on 31/07/2013 10:49 J David said the following: > But the system still wouldn't boot, moving on to: > > ZFS: can't find pool by guid > ZFS: can't find pool by guid > > We got around this by interrupting the stage1 loader and invoking > data/root:/boot/zfsloader.old instead. Then we moved the 9.2 > zfsloader out of the way and restored the 8.4 loader. > > So this system only boots with the 9.2 gptzfsboot and the 8.4 zfsloader. Very unusual. Would you be able to try 9.2 zfsloader again? I would like to see values of loaddev, currdev and vfs.zfs.boot.primary_pool loader variables (if any are set). These can be obtained using 'show' command at loader prompt. Also, output of lsdev -v. Also, if you are able to build custom 9.2 zfsloader, then it would be useful to modify the printf statement (in zfs_fmtdev(), sys/boot/zfs/zfs.c) to print dev->pool_guid. -- Andriy Gapon