From owner-freebsd-questions@freebsd.org Sun Mar 5 12:27:03 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E574FCFAE1C for ; Sun, 5 Mar 2017 12:27:03 +0000 (UTC) (envelope-from michael.wilcox2016@gmail.com) Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B48941D45 for ; Sun, 5 Mar 2017 12:27:03 +0000 (UTC) (envelope-from michael.wilcox2016@gmail.com) Received: by mail-oi0-x236.google.com with SMTP id 62so74161305oih.2 for ; Sun, 05 Mar 2017 04:27:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=dJ7cCSHvpUiTzsF0O/nh4X+Y5M3lz42mAHsOdcw494c=; b=F1jxgo9gBG682Lgc+/BASoLizUz5Qkc1yfgDiKPxmwsdtSDWekQ6SscyW8dwhFAvTZ X5K5/FljDL1LcIQLgsjb9Y4BT0pJBkB4ZrD1CDBLgHUQTCWlLp3xj1/CknOe5FE7Z2D0 Qpq9Hu1S571/DkZFzzKzef8HxZLb0s/68x94KPeKGeknmJxO+Bc1G0lUbY8vWKKkFHsx TpY92ySVjfbnxhh3C+stcmi0hNLfk0J2Qw+TFtP68+xGLK5BVQJooDiR/PXTEdYbkGZ7 BA1Yw8rHJcshYMH9fT2MqOJFONAwwVNDTQxuf3CZyp8EBAVIwMr/rjLSh/R1jlAWVDpa NoqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=dJ7cCSHvpUiTzsF0O/nh4X+Y5M3lz42mAHsOdcw494c=; b=tPn15cR5FWaVeHCTk0Z4cjacImqDIluENka/2F3t9mlo3RvblPj2E4UNmeDMRjye6C TLKm9L/tfy/yUKcZFbPegLI6kB3izjwcWUG1mxZmKmZUPMA0awAdsQRox6tYhEVdWfD7 8P4WOmtXORsBdHutGEn4J0p5mctO8IsQ+/cN6N7Fwxm8bTR++hi8eRsGP/35whrQo60u xFiayxInINfELNHiC+HrZWjhx369RQsbuf8nYVXpZ931Dz+6SR8sEica8W6gH/iFveb0 8OuefVi27bcislOopGd9pr8ZQS7G+iku8piC0ZoyRSiiMf8RH2w2tJVjg+nrEaawZ+pq QXTw== X-Gm-Message-State: AMke39lRL79+Miu/6femQzrACRk08VecLMIVv69ZyJhI5zHAP+QDnpODOFt5d0Rw6G8K/wV4qVEuWv92Z40urA== X-Received: by 10.202.104.219 with SMTP id o88mr6067236oik.74.1488716822785; Sun, 05 Mar 2017 04:27:02 -0800 (PST) MIME-Version: 1.0 Received: by 10.202.186.139 with HTTP; Sun, 5 Mar 2017 04:27:02 -0800 (PST) Received: by 10.202.186.139 with HTTP; Sun, 5 Mar 2017 04:27:02 -0800 (PST) In-Reply-To: References: From: Michael Wilcox Date: Sun, 5 Mar 2017 17:57:02 +0530 Message-ID: Subject: UFW-Like frontend for IPFW To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Mar 2017 12:27:04 -0000 I was wondering if there is any frontend for IPFW. Does anyone have one or must I use it directly? From owner-freebsd-questions@freebsd.org Sun Mar 5 14:47:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56C52CFAB65 for ; Sun, 5 Mar 2017 14:47:10 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay11.qsc.de (mailrelay11.qsc.de [212.99.187.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C00391832 for ; Sun, 5 Mar 2017 14:47:09 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay11.qsc.de; Sun, 05 Mar 2017 15:49:54 +0100 Received: from r56.edvax.de (port-92-195-29-65.dynamic.qsc.de [92.195.29.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 19B143CBF9; Sun, 5 Mar 2017 15:47:03 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v25El32B002682; Sun, 5 Mar 2017 15:47:03 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Sun, 5 Mar 2017 15:47:02 +0100 From: Polytropon To: Michael Wilcox Cc: freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW Message-Id: <20170305154702.cf5ceb9d.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay11.qsc.de with D88636A35A6 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.2081 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Mar 2017 14:47:10 -0000 On Sun, 5 Mar 2017 17:57:02 +0530, Michael Wilcox wrote: > I was wondering if there is any frontend for IPFW. > > Does anyone have one or must I use it directly? If I see the analogy correctly, a "UFW-like frontend" already is "included" with ipfw, i. e., ipfw works at a comparable level. If you compare the ufw commands with the ipfw commands, they are quite similar, so you'd use ipfw directly in the same manner as you use ufw to interact with iptables. As an equation: ufw ipfw ---------- = ------ iptables ipfw More or less... ;-) There are GUI tools like qtfw (qt-based) and freepfw (web-based) to manage ipfw as well, if you need that feature. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Sun Mar 5 15:37:13 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C0917CF9DD2 for ; Sun, 5 Mar 2017 15:37:13 +0000 (UTC) (envelope-from christofer.c.bell@gmail.com) Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7E59E12C5 for ; Sun, 5 Mar 2017 15:37:13 +0000 (UTC) (envelope-from christofer.c.bell@gmail.com) Received: by mail-qk0-x232.google.com with SMTP id p64so2191384qke.1 for ; Sun, 05 Mar 2017 07:37:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=6d1hO80kf9LjKTkmsEnTELCNLfVSe6PLSUxS5EJkFIs=; b=PyO4/hULWoyJGWbSUHWrAswlysyGGwqJ6+TJrNy3qmraz616l0lfh0zIzv28rD69UU F/shCXr5pNrXnWUtnIPSF6AC6qp/yaLHb5Nc6cAQ4S3s06e+SfoAA+lD1ab7k0r9ARIy fmIvJeX4jDIs1TJGgody/2NWdhrU6gnHnEXX8+L5IkUO1R9yN5cI0yUODFLKONwlGmFW kdoY3k8Dm7m6L3mYklq93qW7Oc6d2/1XoUK7Y67gdQA3YBkMnAedj5tX1K9os7AqCAMv sX0exCcopRLQiUt1yrtq1toxseOdz1jQlMfMf710OtNw52LJbNBbXgyrdCrO1oVYX0FY t1Yw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=6d1hO80kf9LjKTkmsEnTELCNLfVSe6PLSUxS5EJkFIs=; b=ogjugQYjR5eAokCSqIjynnKlo9fikcJLuEv26UcZ621OPTvoUUtfa1VoeuYRVhg8jv DamohljdOM9IIvBCX3ce4MpMppUDfm/Fcf4WXXCz5DNKeZ8GlbBWXYIavb3z60e/07Wa u1fhBfFXdkRbn33EXvs2oWW0ChqKNSyYqw81anzcFLB/C0S3rEq5epf7773Nru4dvmc/ HCPwqXXEl8ivH1ueSp6EVF0IpXVudOGfo/NaNyQDseVjHI0CoyY8pQAgdB9DAeE2yUr4 7aSOHKHd9dxav/KfLn5MsNfyF1rn5JEJ4E/fwUzg/P/mY3Rt4ptSMdzyYl2m8Vx5QEyS Rvow== X-Gm-Message-State: AMke39mHczxx5Nl6VhG2GjgHJgD3pZq1WGBYMjgzI9ppg3Jx5xAX945ZZZOjjfe5DzGxB1xH+kY3x+mdDm0onA== X-Received: by 10.200.56.86 with SMTP id r22mr11689317qtb.190.1488728232432; Sun, 05 Mar 2017 07:37:12 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.130.98 with HTTP; Sun, 5 Mar 2017 07:36:52 -0800 (PST) From: "Christofer C. Bell" Date: Sun, 5 Mar 2017 09:36:52 -0600 Message-ID: Subject: Deprecated Package Dependency... what now? To: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Mar 2017 15:37:13 -0000 Team, I'm not sure how to proceed here. I use git on my system. It depends on package p5-Net-SMTP-SSL-1.04. This package is set to expire and be removed. For information on my system, I'm using FreeBSD 11.0-RELEASE-p8, amd64, and all binary packages (not ports). >From the daily security report: Checking for packages with security vulnerabilities: p5-Net-SMTP-SSL-1.04: Tag: expiration_date Value: 2017-03-31 p5-Net-SMTP-SSL-1.04: Tag: deprecated Value: Deprecated by upstream, use Net::SMTP instead Here's where I can see that git depends on this: $ pkg info -D p5-Net-SMTP-SSL-1.04 p5-Net-SMTP-SSL-1.04: Always: ===> NOTICE: This port is deprecated; you may wish to reconsider installing it: Deprecated by upstream, use Net::SMTP instead. It is scheduled to be removed on or after 2017-03-31. $ pkg info -r p5-Net-SMTP-SSL-1.04 p5-Net-SMTP-SSL-1.04: git-2.11.0_3 $ pkg info -d git git-2.11.0_3: expat-2.2.0_1 python27-2.7.13_1 p5-Error-0.17024 cvsps-2.1_2 perl5-5.24.1.r4_1 pcre-8.39_1 p5-Authen-SASL-2.16_1 curl-7.53.0 p5-Net-SMTP-SSL-1.04 gettext-runtime-0.19.8.1_1 $ All my packages are up to date with the binary package repository: $ sudo pkg upgrade Password: Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Checking for upgrades (2 candidates): 100% Processing candidates (2 candidates): 100% Checking integrity... done (0 conflicting) Your packages are up to date. $ I need to continue using git on this system. What actions do I need to take (if any) to respond to this issue with p5-Net-SMTP-SSL-1.04? Thank you! -- Chris "If you wish to make an apple pie from scratch, you must first invent the Universe." -- Carl Sagan From owner-freebsd-questions@freebsd.org Mon Mar 6 06:07:28 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A179ACFB23F for ; Mon, 6 Mar 2017 06:07:28 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-wm0-x22b.google.com (mail-wm0-x22b.google.com [IPv6:2a00:1450:400c:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 396931BEC for ; Mon, 6 Mar 2017 06:07:28 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: by mail-wm0-x22b.google.com with SMTP id n11so55173815wma.1 for ; Sun, 05 Mar 2017 22:07:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=RKEDTt6r7paVhSM3cTVteohr4DpSLl10DjJeSHDUxB0=; b=jQoR0hQcWiU1vS8PAurletehWjlWp0dPzXofVT/9j7yXfZQk62qcicpixKLZ+nT5ri eCYC93m0gO2uzVmdsCYgY9iugWiKbz724ZCQIg/uWPWt5V7ZYPUJ+cxmdvyXuUQ0uM/T ZWnxN5vxCwK71t2mBWYTDrkOjXx1Mj5UDYEjb3/kmDND6wKwkyQtGBryyTt49c3nDmV1 vfbcrWJwX2wnW3dH/6xYAOv5Ie4058XUbJ/tLM1QJTsZGn4o7OOZik1nlpolBfCyEKlb 7nY0I1NoL3x7UE8ueENXKLoMutRVHH4e5bbBAUVg3oCWz/JWJLGLQtro9Xtc+46fGEGy zksw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=RKEDTt6r7paVhSM3cTVteohr4DpSLl10DjJeSHDUxB0=; b=ZX7ZXUHMwC2Oz94IHF/CGdwSOXeAvdLxkhZ1SgNZTpI3PPj5YiArTtkIDg9149Y9qI HHATZp78Fzg6gu4ih6m+DYUhbg/1EuBWzN6ORnOygty9PhfI9Ax4NDra8mq7eSnJ+gAV WaU2oVGyfDS9ZHA2iuTMe8oDc4qG1BPNM2rlr4xYkbEbNdkwhRvuAvhEJ2WgCqHsvwJX wF5HbV7IFsN+7YMuQ/sxG7fG/R4rZpAI8ai045RHYL34yyWA6YwgDN/vC5Ou/yGK3IZ/ 0SvZAXJx1NSyvk/VxIycXr8Tm5vVdFWk1mrad/mP8O3aEpMNftamDlyYVN+aygE2IVQt A/Xw== X-Gm-Message-State: AMke39kc6ss+RkKT5TDTbxvy50hQnAaAyJlpxKokQsIq2Cgh1SOxz+YZyZ/OxklJh1epDvTgh66Fvmp3qKd0bA== X-Received: by 10.28.107.13 with SMTP id g13mr11596087wmc.105.1488780446102; Sun, 05 Mar 2017 22:07:26 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.128.133 with HTTP; Sun, 5 Mar 2017 22:07:25 -0800 (PST) In-Reply-To: <958e36ab-1693-13b5-0820-eaa8c110a243@columbus.rr.com> References: <958e36ab-1693-13b5-0820-eaa8c110a243@columbus.rr.com> From: Adrian Chadd Date: Sun, 5 Mar 2017 22:07:25 -0800 Message-ID: Subject: Re: BroadComm BCM4311 To: Baho Utot Cc: FreeBSD Questions Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 06:07:28 -0000 hi, sorry, i don't think i have a 4311 so i can't make it work :( -a On 1 March 2017 at 09:34, Baho Utot wrote: > I am trying to find the firmware for this wireless card. > > I have found some but b43-fwcutter does work for the ones I have found. > > Anyone know where I can find a firmware that works? > > This wireless card works for WinXP and I have used it on linux as well. Just > can not get this to work with FreeBSD. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Mon Mar 6 08:51:37 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 02042CFB234 for ; Mon, 6 Mar 2017 08:51:37 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 85A591DE9 for ; Mon, 6 Mar 2017 08:51:36 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local (unknown [IPv6:2001:8b0:151:1:1c1d:86a1:a200:b700]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 822D0EC9E for ; Mon, 6 Mar 2017 08:51:31 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/822D0EC9E; dkim=none; dkim-atps=neutral Subject: Re: Deprecated Package Dependency... what now? To: freebsd-questions@freebsd.org References: From: Matthew Seaman Message-ID: <092916dc-cb42-a0f0-cb2f-0deb7d95012c@FreeBSD.org> Date: Mon, 6 Mar 2017 08:51:24 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="oIXUOf70Gv7kIX9qjo3ViH37g0kPHns7E" X-Spam-Status: No, score=-0.4 required=5.0 tests=BAYES_00,RDNS_NONE, SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 08:51:37 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --oIXUOf70Gv7kIX9qjo3ViH37g0kPHns7E Content-Type: multipart/mixed; boundary="W6OpnODmFIs6V1017LmpMfoBIbOhgVGsO"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: <092916dc-cb42-a0f0-cb2f-0deb7d95012c@FreeBSD.org> Subject: Re: Deprecated Package Dependency... what now? References: In-Reply-To: --W6OpnODmFIs6V1017LmpMfoBIbOhgVGsO Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 05/03/2017 15:36, Christofer C. Bell wrote: > I'm not sure how to proceed here. I use git on my system. It depends = on > package p5-Net-SMTP-SSL-1.04. This package is set to expire and be > removed. For information on my system, I'm using FreeBSD 11.0-RELEASE-= p8, > amd64, and all binary packages (not ports). >=20 > From the daily security report: >=20 > Checking for packages with security vulnerabilities: > p5-Net-SMTP-SSL-1.04: Tag: expiration_date Value: 2017-03-31 > p5-Net-SMTP-SSL-1.04: Tag: deprecated Value: Deprecated by upstream, us= e > Net::SMTP instead >=20 > Here's where I can see that git depends on this: >=20 > $ pkg info -D p5-Net-SMTP-SSL-1.04 > p5-Net-SMTP-SSL-1.04: > Always: > =3D=3D=3D> NOTICE: >=20 > This port is deprecated; you may wish to reconsider installing it: >=20 > Deprecated by upstream, use Net::SMTP instead. >=20 > It is scheduled to be removed on or after 2017-03-31. Yes, the functionality of the Net::SMTP::SSL perl module has been rolled into Net::SMTP. However, git upstream are apparently reluctant to patch the one included perl script that is affected because they don't want to break compatibility with some Linux distribution that has not updated their perl modules for several years. There are patches floating about to fix that one script in git -- not sure whats happening with regard to getting those committed to the ports tree. Even if those patches don't get committed, the lifetime of p5-Net-SMTP-SSL would be extended instead: the git port is too simply important to be allowed to be broken. So, for the time being, sit tight and wait for developments. Cheers, Matthew --W6OpnODmFIs6V1017LmpMfoBIbOhgVGsO-- --oIXUOf70Gv7kIX9qjo3ViH37g0kPHns7E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJYvSMTXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATQU4P/0RqcQb6JKMmnZGy5ogczpp6 dRApoSgdrwzckJSTNUx/Zs6wBz2SAC9xTddUFGcBE5Zhup23NgCgtz003p/BmzWh ZIwNTXWW89tRmJavzUWPWnYq7M0XNOZgZVO0xBTCYljgVBUu1huC1bQThYo2M+jI Mp1Hs6stgVgUab/JpfCfys7X71KRHViHqYo+TaPwZwvARUNUeyKI7839wROuQhqi nnQ4fa68kCok1ryCFzhLw83uQ45TJ6IdGZU7RrnO6hbqwOn7kW8s969JITgoumQu laLcNOpRLpHKQ+6cef/SgTN649+iEmI82a79fi/hthDIWvk8ENniuVnId2MkAEgV cVhhO4Bjxf9F/JT5Sh8T2J4eu+Wao3i8srYIw4zvBhrZoxNnA/t4TBXICe0dkuRM q/+xjjFd/Da4HbYgARZGXg5OzGzgbnMx07Hu1utVKQ8D7MNiNzTE3yYkfhW/AtSd +EbqtCR2fMG4GX2ouolNispla5kSof67mUlXRkxcU9VSjr35BT0pj4vh48wA9FOG QCup+lvBq2HX4/Bp5bl76MRjytJllmnobgQCRO/vJouJsQ2vKpQLEBcD3h1AOWLR JFP5sQPfaHNBbMqnw4cS/qr0ujXwGayjW/8vWB2CtfkKxLsDWVEdwR0556zNzIo4 wJa2UKYW3lB3BTnRvdHB =PpUG -----END PGP SIGNATURE----- --oIXUOf70Gv7kIX9qjo3ViH37g0kPHns7E-- From owner-freebsd-questions@freebsd.org Mon Mar 6 13:44:21 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F3193CFB0CC for ; Mon, 6 Mar 2017 13:44:21 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 69E031471 for ; Mon, 6 Mar 2017 13:44:20 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39630442; Mon, 06 Mar 2017 19:39:48 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.14.9/8.14.9) with ESMTP id v26Di0kd031775; Mon, 6 Mar 2017 20:44:00 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.14.9/8.14.9/Submit) id v26Dhutq031774; Mon, 6 Mar 2017 20:43:56 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Mon, 6 Mar 2017 20:43:56 +0700 From: Victor Sudakov To: Polytropon Cc: Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW Message-ID: <20170306134355.GA31641@admin.sibptus.transneft.ru> References: <20170305154702.cf5ceb9d.freebsd@edvax.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170305154702.cf5ceb9d.freebsd@edvax.de> Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.7.1 (2016-10-04) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 13:44:22 -0000 Polytropon wrote: > On Sun, 5 Mar 2017 17:57:02 +0530, Michael Wilcox wrote: > > I was wondering if there is any frontend for IPFW. > > > > Does anyone have one or must I use it directly? > > If I see the analogy correctly, a "UFW-like frontend" already > is "included" with ipfw, i. e., ipfw works at a comparable > level. If you compare the ufw commands with the ipfw commands, > they are quite similar, so you'd use ipfw directly in the same > manner as you use ufw to interact with iptables. > > As an equation: > > ufw ipfw > ---------- = ------ > iptables ipfw > > More or less... ;-) There is one thing that a higher level macro language on top of ipfw would be nice to have for. Several times I have tried to emulate Cisco PIX/ASA logic with ipfw. I just want to have e.g. 3 interfaces: inside, outside, dmz with security levels of 100, 0, 50 respectively. Traffic can flow from the interface with a higher security level to the interface with a lower security level, and return traffic is permitted too. Every time I have tried to express this with ipfw rules, I failed miserably, though superficially it looks simple (with keep-state). Has anyone done this? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-questions@freebsd.org Mon Mar 6 15:13:12 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 12A8BCFB2C0 for ; Mon, 6 Mar 2017 15:13:12 +0000 (UTC) (envelope-from jkeen@verizon.net) Received: from vms173013pub.verizon.net (vms173013pub.verizon.net [206.46.173.13]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EEEE91E2F for ; Mon, 6 Mar 2017 15:13:11 +0000 (UTC) (envelope-from jkeen@verizon.net) Received: from vz-proxy-m003.mx.aol.com ([64.236.83.11]) by vms173013.mailsrvcs.net (Oracle Communications Messaging Server 7.0.5.32.0 64bit (built Jul 16 2014)) with ESMTPA id <0OME00GSTCSFMW50@vms173013.mailsrvcs.net> for freebsd-questions@freebsd.org; Mon, 06 Mar 2017 08:12:15 -0600 (CST) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=ZMenoTzb c=1 sm=1 tr=0 a=QygMq2WHlv4bY/JTZumiuw==:117 a=IkcTkHD0fZMA:10 a=xc8lJNUndLsA:10 a=6Iz7jQTuP9IA:10 a=bQhUs3m2tVPh7ukjBmwA:9 a=QEXdDO2ut3YA:10 Received: by 71.246.118.249 with SMTP id 619473d5; Mon, 06 Mar 2017 14:12:15 GMT To: freebsd-questions@freebsd.org From: James E Keenan Subject: Is there a namei utility in FreeBSD? Message-id: <984464e3-8f4e-d15f-00a8-e341a81d7ab5@verizon.net> Date: Mon, 06 Mar 2017 09:12:14 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-version: 1.0 Content-type: text/plain; charset=utf-8; format=flowed Content-transfer-encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 15:13:12 -0000 In Linux, there is a userland utility 'namei' which enables a user to "follow a pathname until a terminal point is found". Invoking it on, say, a symlink produces output like this: ##### $ namei /usr/bin/bundledoc f: /usr/bin/bundledoc d / d usr d bin l bundledoc -> ../share/texlive/texmf-dist/scripts/bundledoc/bundledoc d .. d share d texlive d texmf-dist d scripts d bundledoc - bundledoc ##### Is there an equivalent utility in FreeBSD? In 10.3 and 11.0, I could only find namei in man 9, which is C-level facility, not an executable utility. Thank you very much. Jim Keenan From owner-freebsd-questions@freebsd.org Mon Mar 6 15:34:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B58F6CFBB2A for ; Mon, 6 Mar 2017 15:34:10 +0000 (UTC) (envelope-from asv@inhio.net) Received: from cz-prg-mx-01.inhio.eu (mail.inhio.eu [178.238.36.226]) by mx1.freebsd.org (Postfix) with ESMTP id 81B7C1BEE for ; Mon, 6 Mar 2017 15:34:09 +0000 (UTC) (envelope-from asv@inhio.net) Received: from [192.168.0.9] (unknown [179.210.142.234]) by cz-prg-mx-01.inhio.eu (Postfix) with ESMTPSA id B6BA427AD8 for ; Mon, 6 Mar 2017 15:25:25 +0000 (UTC) Message-ID: <1488813922.11457.12.camel@inhio.net> Subject: /etc/skel doesn't work?! From: ASV To: freebsd-questions@freebsd.org Date: Mon, 06 Mar 2017 12:25:22 -0300 Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 15:34:10 -0000 Hello there, I haven't use this standard functionality for ages but yesterday I suddenly needed and then I've tried ... and failed. Further reading led me to add files that I want to be added on any new user home dir in /usr/share/skel/dot(filename). For example: to make my customised .zshrc copied on any new user home dir I'd just copy the .zshrc file in question to /usr/share/skel/dot.zshrc and it will be copied with the proper rights without the prepending "dot". And that works! Nonetheless, according to my understanding, any file placed into /etc/skel should end up into the newly created user home directory but it does NOT. Doesn't matter how the file is named. Looks like a bug to me. My machine: FreeBSD 11.0-RELEASE-p2 (amd64) Command used: pw useradd -m P.S. would be interesting to know why "dot" is required to be prepended in files added in /usr/share/skel From owner-freebsd-questions@freebsd.org Mon Mar 6 16:02:21 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3306BCFB8F9 for ; Mon, 6 Mar 2017 16:02:21 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F18101D30 for ; Mon, 6 Mar 2017 16:02:20 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:f146:79c4:3f83:6000]) by hz.citrin.ru (Postfix) with ESMTPSA id 1C55029A4C0 for ; Mon, 6 Mar 2017 16:02:16 +0000 (UTC) Subject: Re: Is there a namei utility in FreeBSD? To: freebsd-questions@freebsd.org References: <984464e3-8f4e-d15f-00a8-e341a81d7ab5@verizon.net> From: Anton Yuzhaninov Message-ID: <275628a8-8f31-e5b1-9669-62e3ca3f15d6@citrin.ru> Date: Mon, 6 Mar 2017 11:02:15 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <984464e3-8f4e-d15f-00a8-e341a81d7ab5@verizon.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1488816137; bh=xM6JjGveB+wvJgpY4g6ekf532y9VWlnTo683X/GpDko=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=F4tiQPtQcDBysOE4xTiaN4UUdIbwB32XYUNNdWvhK5SzHrTIDIJvUR5sH/6kfasQC1qSs+zmZBW6NuGLPe4JCOIFYnQS9adDuAoFS8EAXDEA4J/Ma2osjsn5Lx3NzVpYc1Etukt5qPIazF13vZ8D9jlWmVKKyxcDTQMp4KOGACs= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 16:02:21 -0000 On 03/06/17 09:12, James E Keenan wrote: > In Linux, there is a userland utility 'namei' which enables a user to > "follow a pathname until a terminal point is found". Invoking it on, > say, a symlink produces output like this: If you need to find a target of symlink (or symlink chain) you can use realpath(1). From owner-freebsd-questions@freebsd.org Mon Mar 6 16:27:22 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C7FD3CFB07D for ; Mon, 6 Mar 2017 16:27:22 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost2.sentex.ca (smarthost2.sentex.ca [IPv6:2607:f3e0:80:80::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "smarthost.sentex.ca", Issuer "smarthost.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 9B54D1C44; Mon, 6 Mar 2017 16:27:19 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (lava.sentex.ca [IPv6:2607:f3e0:0:5::11]) by smarthost2.sentex.ca (8.15.2/8.15.2) with ESMTPS id v26GRHEq056413 (version=TLSv1 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Mon, 6 Mar 2017 11:27:17 -0500 (EST) (envelope-from mike@sentex.net) Received: from [IPv6:2607:f3e0:0:4:5c30:ed1b:e203:c55c] ([IPv6:2607:f3e0:0:4:5c30:ed1b:e203:c55c]) by lava.sentex.ca (8.15.2/8.15.2) with ESMTP id v26GRGGC013529; Mon, 6 Mar 2017 11:27:16 -0500 (EST) (envelope-from mike@sentex.net) To: freebsd-questions From: Mike Tancsa Subject: cxgbetool Organization: Sentex Communications Message-ID: <0005bb4e-b23e-a425-2e79-f7e34a2598f9@sentex.net> Date: Mon, 6 Mar 2017 11:27:16 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.78 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 16:27:22 -0000 I am evaluating a couple of T5 Chelsio cards and was looking at the cxgbetool. Beyond the man page, is there any further documentation for it somewhere ? I see for example a 'clearstats' command, but dont see a showstats? Also wondering about the built in firewall features of the card. How does it compare to using ipfw performance wise ? For high packet rates, am I better off using the card's features or ipfw ? rate limiting ? Some examples would be great! Thanks, ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ From owner-freebsd-questions@freebsd.org Mon Mar 6 16:40:58 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03C7FCFB456 for ; Mon, 6 Mar 2017 16:40:58 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from mx2.mailbox.org (mx2.mailbox.org [80.241.60.215]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.mailbox.org", Issuer "SwissSign Server Silver CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BB5211354; Mon, 6 Mar 2017 16:40:57 +0000 (UTC) (envelope-from herbert@mailbox.org) Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx2.mailbox.org (Postfix) with ESMTPS id 3A17143FDB; Mon, 6 Mar 2017 17:31:42 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailbox.org; h= content-type:content-type:mime-version:references:in-reply-to :subject:subject:from:from:message-id:date:date:received; s= mail20150812; t=1488817901; bh=RuUsDQZVnfGwYzADk1laemELk2iLqNlOV Ld5XskeNPI=; b=Lp4c/dRz/PXNVK99aVe8cpynbyb+aWV+p6KoYr39Fgwescm2A 3PkFL1StrKmTROpwxlAH4GNnX1O+qYl/UQO4vC+zuaHgd6ZDFjNzhMQ4LHTEeqNW z/mJwqNIqL5XvGQHAjacH6bs57PLwzWP/BNyk5VWQSEMfHTFGtluxjZxYJvIC8L4 B6tOMWUHpmzZGqXgdMEXsz+XLyudfkusR6YBO+sRarQGp+XHArUwMip1zzEg/rVF B8440qcrRaE3KG5ARZivNOezUYEgYoWtcRVAJ68nd+gBXWRcgSoOeW/dqzKTdwuD TRshkoLiOinQpy21nxNuYIk0zyzkDp+l3eEXg== X-Virus-Scanned: amavisd-new at heinlein-support.de Received: from smtp1.mailbox.org ([80.241.60.240]) by spamfilter03.heinlein-hosting.de (spamfilter03.heinlein-hosting.de [80.241.56.117]) (amavisd-new, port 10030) with ESMTP id rpe5kMwoAYV2; Mon, 6 Mar 2017 17:31:41 +0100 (CET) Date: Mon, 06 Mar 2017 17:31:38 +0100 Message-ID: <86varmz7rp.wl-herbert@mailbox.org> From: "Herbert J. Skuhra" To: freebsd-questions@freebsd.org Cc: Matthew Seaman Subject: Re: Deprecated Package Dependency... what now? In-Reply-To: <092916dc-cb42-a0f0-cb2f-0deb7d95012c@FreeBSD.org> References: <092916dc-cb42-a0f0-cb2f-0deb7d95012c@FreeBSD.org> MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 16:40:58 -0000 Matthew Seaman skrev: > > On 05/03/2017 15:36, Christofer C. Bell wrote: >> I'm not sure how to proceed here. I use git on my system. It depends on >> package p5-Net-SMTP-SSL-1.04. This package is set to expire and be >> removed. For information on my system, I'm using FreeBSD 11.0-RELEASE-p8, >> amd64, and all binary packages (not ports). >> >> From the daily security report: >> >> Checking for packages with security vulnerabilities: >> p5-Net-SMTP-SSL-1.04: Tag: expiration_date Value: 2017-03-31 >> p5-Net-SMTP-SSL-1.04: Tag: deprecated Value: Deprecated by upstream, use >> Net::SMTP instead >> >> Here's where I can see that git depends on this: >> >> $ pkg info -D p5-Net-SMTP-SSL-1.04 >> p5-Net-SMTP-SSL-1.04: >> Always: >> ===> NOTICE: >> >> This port is deprecated; you may wish to reconsider installing it: >> >> Deprecated by upstream, use Net::SMTP instead. >> >> It is scheduled to be removed on or after 2017-03-31. > > Yes, the functionality of the Net::SMTP::SSL perl module has been rolled > into Net::SMTP. However, git upstream are apparently reluctant to patch > the one included perl script that is affected because they don't want to > break compatibility with some Linux distribution that has not updated > their perl modules for several years. > > There are patches floating about to fix that one script in git -- not > sure whats happening with regard to getting those committed to the ports > tree. Even if those patches don't get committed, the lifetime of > p5-Net-SMTP-SSL would be extended instead: the git port is too simply > important to be allowed to be broken. The port is already patched: r431794 | garga | 2017-01-18 13:40:53 +0100 (ons., 18 jan. 2017) | 6 lines Remove dependency of DEPRECATED mail/p5-Net-SMTP-SSL from devel/git PR: 214335 Obtained from: git development mailing list Sponsored by: Rubicon Communications (Netgate) But MFH is missing in the quartely branch. -- Herbert From owner-freebsd-questions@freebsd.org Mon Mar 6 16:56:38 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0069FCFBB21 for ; Mon, 6 Mar 2017 16:56:38 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (unknown [IPv6:2607:f440::d144:5b3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DACD61D07 for ; Mon, 6 Mar 2017 16:56:37 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from sneakertech.com (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id 2059F3F4DA for ; Mon, 6 Mar 2017 11:56:30 -0500 (EST) Message-ID: <58BD94BD.9020405@sneakertech.com> Date: Mon, 06 Mar 2017 11:56:29 -0500 From: Quartz MIME-Version: 1.0 To: FreeBSD questions Subject: Off topic: smtp HELO question Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 16:56:38 -0000 This isn't directly related to FreeBSD, but I figure many people here probably run it as a mail server so someone might know the answer to this question. By default, if you're behind a NAT, Thunderbird sends your local IP address as part of the 'hello' when connecting to a mail server, which then gets stamped into the header info for all to see as the email is sent down the chain. I'm trying to debug some email issues, and I suspect that this initial header might be part of my problems. I can configure Thunderbird to send an arbitrary string instead of a NAT IP via the mail.smtpserver.smtp*.hello_argument variable, but I'm not 100% sure what I can legitimately put here without getting my emails marked as spam. Does this field have to match the reverse-lookup up of the world-routable external IP that you send the email through, or can it be any arbitrary string that matches a domain name pattern? Can anyone point me to a resource that explains this in depth? From owner-freebsd-questions@freebsd.org Mon Mar 6 17:01:04 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 085D7CFBCBA for ; Mon, 6 Mar 2017 17:01:04 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from nightmare.dreamchaser.org (ns.dreamchaser.org [66.109.141.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D4F5E1051 for ; Mon, 6 Mar 2017 17:01:03 +0000 (UTC) (envelope-from freebsd@dreamchaser.org) Received: from breakaway.dreamchaser.org (breakaway [192.168.151.122]) by nightmare.dreamchaser.org (8.15.2/8.15.2) with ESMTP id v26H0uRi028640 for ; Mon, 6 Mar 2017 10:00:56 -0700 (MST) (envelope-from freebsd@dreamchaser.org) Reply-To: freebsd@dreamchaser.org To: FreeBSD Mailing List From: Gary Aitken Subject: sendmail check_rcpt reports in daily run output Message-ID: <456dd3eb-840e-8be4-7c29-8996ad449c36@dreamchaser.org> Date: Mon, 6 Mar 2017 10:00:56 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (nightmare.dreamchaser.org [192.168.151.101]); Mon, 06 Mar 2017 10:00:56 -0700 (MST) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 17:01:04 -0000 Recently upgraded an old server to 10.3, sendmail 8.15.2 The daily run output now shows numerous rejected mail hosts for check_rcpt addresses at the domain on which it is running, e.g.: Checking for rejected mail hosts: 2 550 check_rcpt some-valid-user@dreamchaser.org zen.spamhaus.org 2 550 check_rcpt some-valid-alias@dreamchaser.org zen.spamhaus.org 1 553 check_rcpt 6090603@dreamchaser.org exist The domain in the message, (the destination) is clean at spamhaus.org. Mail is being delivered in general. Some mail was rejected via spamhaus.org due to the originating domain, but that's not the issue here -- the domain indicated is the destination. Why would I get messages indicating a rejection from spamhaus for a domain it does not consider a problem? It appears as if the daily run output may be listing the destination domain instead of the source? I have the following FEATUREs set: FEATURE(access_db, `hash -o -T /etc/mail/access') FEATURE(blacklist_recipients) FEATURE(local_lmtp) FEATURE(mailertable, `hash -o /etc/mail/mailertable') FEATURE(virtusertable, `hash -o /etc/mail/virtusertable') FEATURE(dnsbl, `zen.spamhaus.org') FEATURE('delay_checks') FEATURE(`ratecontrol', `nodelay', `terminate') FEATURE(`conncontrol', `nodelay', `terminate') I tried reconfiguring without the delay_checks, ratecontrol and conncontrol features, but it didn't seem to make any difference. Can anyone give me some hints about what is going on? Thanks, Gary From owner-freebsd-questions@freebsd.org Mon Mar 6 17:15:35 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C4EC3CFB80D for ; Mon, 6 Mar 2017 17:15:35 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:c4ea:bd49:619b:6cb3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5555D1E80 for ; Mon, 6 Mar 2017 17:15:35 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [192.168.100.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 74BBCEF38 for ; Mon, 6 Mar 2017 17:15:29 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/74BBCEF38; dkim=none; dkim-atps=neutral Subject: Re: Off topic: smtp HELO question To: freebsd-questions@freebsd.org References: <58BD94BD.9020405@sneakertech.com> From: Matthew Seaman Message-ID: <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> Date: Mon, 6 Mar 2017 17:15:22 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <58BD94BD.9020405@sneakertech.com> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NPCiBVPdQnD7AsinKwjVcr9WAqX8r3sBl" X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 17:15:35 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NPCiBVPdQnD7AsinKwjVcr9WAqX8r3sBl Content-Type: multipart/mixed; boundary="pUfq80rc9GhU4svVxRvQIm4WBtmtRRAse"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> Subject: Re: Off topic: smtp HELO question References: <58BD94BD.9020405@sneakertech.com> In-Reply-To: <58BD94BD.9020405@sneakertech.com> --pUfq80rc9GhU4svVxRvQIm4WBtmtRRAse Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2017/03/06 16:56, Quartz wrote: > By default, if you're behind a NAT, Thunderbird sends your local IP > address as part of the 'hello' when connecting to a mail server, which > then gets stamped into the header info for all to see as the email is > sent down the chain. >=20 > I'm trying to debug some email issues, and I suspect that this initial > header might be part of my problems. I can configure Thunderbird to sen= d > an arbitrary string instead of a NAT IP via the > mail.smtpserver.smtp*.hello_argument variable, but I'm not 100% sure > what I can legitimately put here without getting my emails marked as > spam. Does this field have to match the reverse-lookup up of the > world-routable external IP that you send the email through, or can it b= e > any arbitrary string that matches a domain name pattern? Can anyone > point me to a resource that explains this in depth? The HELO or EHLO name supplied by the sending side should match what is returned by a reverse lookup on the IP the receiving side sees the traffic coming from. So if your NAT transforms internal addresses to W.X.Y.Z and a reverse lookup 'host W.X.Y.Z' returns 'foo.example.com' then you should configure your mail client to EHLO as 'foo.example.com' Note however that this is not an absolute requirement -- whether a receiving MTA checks this sort of thing is down to the individual administrator. Most do, as it is a very cheap way to dump various types of spam. In particular, for the specific case of a client program like Thunderbird talking SMTP to a server via the Submission port (587) it is rare to find this sort of check. For mail submission you generally identify yourself by logging into the server after switching your connection to TLS, which provides better proof of identity than forward and reverse DNS checks. The HELO/EHLO name thing is much more important for MTA to MTA transmission via port 25. Cheers, Matthew --pUfq80rc9GhU4svVxRvQIm4WBtmtRRAse-- --NPCiBVPdQnD7AsinKwjVcr9WAqX8r3sBl Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJYvZkxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnXmcP/jvWmNFfTnOrCa2YZLNkLTHh AP3IKKDprxXjrduz6Qt58BuiUiiZJztgtkVt5Zh41pA1ZgvkwQZEzLhOnJzpCUg5 t4h0o9/ejAdvBqCvDSK7LijMfS1wM3irhCT4dieEmFqecQgXSlvgjvUHsTX6P9nE HLLJSRupM1bVZsRk33QuSL+3FjoyuiDbQHeJ5D5wEf1MCxdshfJEkHEgyir3sdlE a7quYPzzYM7dmLlQ90EVcmgPIISUIRGL8ooFPFRI3hz49S4ScxW/2KZ7ImPB4+II oIFKGjKrimBFGtxE4KYQ2YrjaOtr40pbo2Ru16rrEdBmvlVAOfFkCdtPDW9zZOOM dEmWuatUD622FFtjhmFPt8srNA6qLIw1ZHrSi7RfWsLb3LH0uJpxZ8FsN/btOnL1 QC7aJdouAZDLo0CvkxguLRZ3v/IqJilrV7ptrUxK9NFKm4ev2c6oCTbEsPVnpNJx lRQn9WYvki4MzDOgIt1GPBWwaqrFGjMDyC5Z80FvdimuflbPvbAsVvIqMUdn1sMh MomRFOKwQTUpd8xao+7aTQN0HUS0qF4RTfDINUtKn0Dh/HXtMXXAP2bOL/P0WyA8 VN8iJNknECr6V4uHXQThNE2xf/wwDG0M2J3e7GjwRmLQi9NWAiHEGVWqiiFlneaG 9hxISBNM8qwqdoHxZ5Ru =Acjx -----END PGP SIGNATURE----- --NPCiBVPdQnD7AsinKwjVcr9WAqX8r3sBl-- From owner-freebsd-questions@freebsd.org Mon Mar 6 17:20:28 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E9DE5CFBB85 for ; Mon, 6 Mar 2017 17:20:28 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 79AEB122D for ; Mon, 6 Mar 2017 17:20:28 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [192.168.100.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id CEEA9EF4B for ; Mon, 6 Mar 2017 17:20:23 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/CEEA9EF4B; dkim=none; dkim-atps=neutral Subject: Re: sendmail check_rcpt reports in daily run output To: freebsd-questions@freebsd.org References: <456dd3eb-840e-8be4-7c29-8996ad449c36@dreamchaser.org> From: Matthew Seaman Message-ID: Date: Mon, 6 Mar 2017 17:20:23 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <456dd3eb-840e-8be4-7c29-8996ad449c36@dreamchaser.org> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6vknLj9fhaIMhG36uiGNgwbMKSteF4JBD" X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 17:20:29 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --6vknLj9fhaIMhG36uiGNgwbMKSteF4JBD Content-Type: multipart/mixed; boundary="RnMuoCtA6V8U1RskPPT0vCw1XaK8x5ibN"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: Subject: Re: sendmail check_rcpt reports in daily run output References: <456dd3eb-840e-8be4-7c29-8996ad449c36@dreamchaser.org> In-Reply-To: <456dd3eb-840e-8be4-7c29-8996ad449c36@dreamchaser.org> --RnMuoCtA6V8U1RskPPT0vCw1XaK8x5ibN Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2017/03/06 17:00, Gary Aitken wrote: > The daily run output now shows numerous rejected mail hosts for check_r= cpt=20 > addresses at the domain on which it is running, e.g.: > Checking for rejected mail hosts: > 2 550 check_rcpt some-valid-user@dreamchaser.org zen.spamhaus.org > 2 550 check_rcpt some-valid-alias@dreamchaser.org zen.spamhaus.org > 1 553 check_rcpt 6090603@dreamchaser.org exist >=20 > The domain in the message, (the destination) is clean at spamhaus.org. > Mail is being delivered in general. > Some mail was rejected via spamhaus.org due to the originating domain, > but that's not the issue here -- the domain indicated is the destinatio= n. > Why would I get messages indicating a rejection from spamhaus for a > domain it does not consider a problem? The output in the daily e-mail comes from scanning /var/log/maillog for log lines matching a particular pattern. The original log lines contain a lot more detail about why a particular message was rejected, and should be what you look at first when you get suspicious lines like this in your daily mails. Cheers, Matthew --RnMuoCtA6V8U1RskPPT0vCw1XaK8x5ibN-- --6vknLj9fhaIMhG36uiGNgwbMKSteF4JBD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJYvZpXXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnOfkP/1cai5zH7kDFT8cfoYIBDFTE iPuHY1ejfSaoJ2IO8sfSlBV9TDM6b9dzWl3NwsPfUXVlfUJ+iaw0X4sVEPAMTUmQ /gB9wzrEUuPjpuucp+DdT+OVlx1wATZ/5DXdE5l9G0l7WbFVvgIjE9TK7H4JO54n UFQoQRLSS9avnTCh6o686qg+WF2WHsw8BuYa5lghV8BogJE6berTfcuvOyrxReI+ OjuirLCR/Xb3IRidytxQPFEBFheuj9AkXaP04R2GQc/smjXNTNVKAgIKWlHkQbMf 4WRCbyJ23MoBPNE2XV5IELgxT669BPGxTeEHvDolNqf+NAFR+UKxBA1QBG/I1T3H L6/lOpU92D504qCTmGcH9cgVOxoTn3GwPI1LQx+3CfwbbBEJs6wcfMn7iZOd+RSd Kj1HdXIlxVqCWTBzg0tSTaRd46Z9cuhJpeHH2fWp1SvKVFQ5lf0D40ITezj1wO8S rWBS0RiBRmeiAqUqzOy6ZDQcVYmqE0t31yu6jpI9E9ikFpEY4GEBCafLv4mLsVRh ksYsgEuO5bxt4PYeaylsJT0lB4H/0Mu30sxxoza7DeQkZPBj1bxH23aVuvPTn4YO scs0kSVMsHbcvI08HNzNRyP7X6hVjZWBsEQSuDt/fCez9OYTludA05RLF7VY2dSH 5NM6y3kghsXdt8ROGQBJ =Gdvf -----END PGP SIGNATURE----- --6vknLj9fhaIMhG36uiGNgwbMKSteF4JBD-- From owner-freebsd-questions@freebsd.org Mon Mar 6 17:35:04 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8ADCCCFA2C8 for ; Mon, 6 Mar 2017 17:35:04 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (douhisi.pair.com [209.68.5.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6DD531D81 for ; Mon, 6 Mar 2017 17:35:04 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from sneakertech.com (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id E832E3F51A for ; Mon, 6 Mar 2017 12:35:02 -0500 (EST) Message-ID: <58BD9DC2.9020802@sneakertech.com> Date: Mon, 06 Mar 2017 12:34:58 -0500 From: Quartz MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> In-Reply-To: <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 17:35:04 -0000 > So if your NAT transforms internal addresses to W.X.Y.Z and a reverse > lookup 'host W.X.Y.Z' returns 'foo.example.com' then you should > configure your mail client to EHLO as 'foo.example.com' OK thanks, that's kinda what I was expecting. Unfortunately for me, my external address floats around depending on what my ISP gives me, so I can't configure a static name in my client to match that. For now I'm trying to see what happens if I set it to the name of my domain I own, but the servers that host that aren't the ones I send mail through. >For mail submission you generally > identify yourself by logging into the server after switching your > connection to TLS, I do use TLS, but what I'm trying to debug is not so much that the email service *I* use checks, but that the final receiving server scans through the headers and flags anything with a NAT address. I'm having intermittent problems with some of my mail being flagged as spam when I mail anyone at a local university and I'm not sure what's going on yet. From owner-freebsd-questions@freebsd.org Mon Mar 6 17:44:03 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C6E77CFA748 for ; Mon, 6 Mar 2017 17:44:03 +0000 (UTC) (envelope-from jkeen@verizon.net) Received: from vms173017pub.verizon.net (vms173017pub.verizon.net [206.46.173.17]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A680E14B7 for ; Mon, 6 Mar 2017 17:44:03 +0000 (UTC) (envelope-from jkeen@verizon.net) Received: from vz-proxy-m004.mx.aol.com ([64.236.83.6]) by vms173017.mailsrvcs.net (Oracle Communications Messaging Server 7.0.5.32.0 64bit (built Jul 16 2014)) with ESMTPA id <0OME00I1VJSDU730@vms173017.mailsrvcs.net> for freebsd-questions@freebsd.org; Mon, 06 Mar 2017 10:43:26 -0600 (CST) X-CMAE-Score: 0 X-CMAE-Analysis: v=2.2 cv=dNPWoKRb c=1 sm=1 tr=0 a=qxlt2c29UiMP0p6CwArSWg==:117 a=N659UExz7-8A:10 a=xc8lJNUndLsA:10 a=6Iz7jQTuP9IA:10 a=vvSuw2eaMjXKoWdXnpQA:9 a=pILNOxqGKmIA:10 Received: by 71.246.118.249 with SMTP id 6d2879d6; Mon, 06 Mar 2017 16:43:26 GMT Subject: Re: Is there a namei utility in FreeBSD? To: freebsd-questions@freebsd.org References: <984464e3-8f4e-d15f-00a8-e341a81d7ab5@verizon.net> <275628a8-8f31-e5b1-9669-62e3ca3f15d6@citrin.ru> From: James E Keenan Message-id: <851e783f-f1b9-368b-8dd1-9f99d33dcc38@verizon.net> Date: Mon, 06 Mar 2017 11:43:25 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-version: 1.0 In-reply-to: <275628a8-8f31-e5b1-9669-62e3ca3f15d6@citrin.ru> Content-type: text/plain; charset=windows-1252; format=flowed Content-transfer-encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 17:44:03 -0000 On 03/06/2017 11:02 AM, Anton Yuzhaninov wrote: > On 03/06/17 09:12, James E Keenan wrote: >> In Linux, there is a userland utility 'namei' which enables a user to >> "follow a pathname until a terminal point is found". Invoking it on, >> say, a symlink produces output like this: > > If you need to find a target of symlink (or symlink chain) you can use > realpath(1). Thanks for mentioning that. However, while the example I gave was that of a symlink, and while both namei and realpath are good for displaying information about symlinks, my central question was whether there was an equivalent to namei in FreeBSD. namei identifies the nature of each component in the resolved path; realpath does not. Thank you very much. Jim Keenan From owner-freebsd-questions@freebsd.org Mon Mar 6 18:05:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A7864CFB164; Mon, 6 Mar 2017 18:05:57 +0000 (UTC) (envelope-from tomek.cedro@gmail.com) Received: from mail-ot0-x229.google.com (mail-ot0-x229.google.com [IPv6:2607:f8b0:4003:c0f::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7087F1519; Mon, 6 Mar 2017 18:05:57 +0000 (UTC) (envelope-from tomek.cedro@gmail.com) Received: by mail-ot0-x229.google.com with SMTP id i1so118562661ota.3; Mon, 06 Mar 2017 10:05:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:from:date:message-id:subject:to; bh=ersgqQ5YCWC0FgQq4V12GgNTdUEfr/8kmKYKUfOksw0=; b=mLzBgkhBhLCoMpeCH06BAzAgUU42N3ne7FaxLmyx6ALOrcwM4cmojYZkHIrLkFP0u3 Yv7nVIG3OiRaHlAbf5jTMJTzlt1TJeT+mAsrQr+Bc8l12ZmPkXNngIg5R4tILH7oHxN4 ZwZHnOWP97vrBCv3W0XoQ18JbYGcvKDco8v6Gn5IglTzXb3DHUnRpOydKee6h6WQ1rY9 0CWxGpUcLZmN1HuFwG62Aox5IXrQ2Mj66YHoHSDIImwk3iLFdAE6x0BFr3ovXIk4356e 7d0bzDpFQjg0R3c+9PiyjSSFVwcoSmchbVSZ4vvo0l62jfRc+55n8u4nRirKmWML9C6G FGIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=ersgqQ5YCWC0FgQq4V12GgNTdUEfr/8kmKYKUfOksw0=; b=ZK2Jy5CQlWXi5ueUdZZjge1VffxPGjTku1/Ol/RLB13bDFmR32ovtlbwILhjIX7min Mc+c1RDeInrfZquPz/SxQOwY+nAh6cl/ObRDzqamNaQEqyh7KVpF3e9wh8wPblZ1teSs w9b5dPG6nEgCeiHiMEUmrhyVyU4UE5t5abOLsKu3dGArgsvrqUk8Tt+P8E+5Isi4cZTJ DReWs4ZTY/PdB8PddsEn2Ws16X2MESGgdQ44Pk8Wo47YZ55C4StXzf9sagjioy5qI0Vi CqHieS+r/1rLuzyUKR1IrPWnbjXidqAcz3RVBRUyMFO4ynGjAnBhVGFEJOsGaD1/z+LH igmw== X-Gm-Message-State: AMke39l//VLIn1qvHKxOP/A0f50fWU63a/4+p2CmYUNMoq7xJ47WLnouDfp1Uyq8mo9Dl0TCVheRcrZbbW7hrw== X-Received: by 10.157.44.243 with SMTP id e48mr8405497otd.70.1488823556596; Mon, 06 Mar 2017 10:05:56 -0800 (PST) MIME-Version: 1.0 Sender: tomek.cedro@gmail.com Received: by 10.157.18.211 with HTTP; Mon, 6 Mar 2017 10:05:36 -0800 (PST) From: Tomasz CEDRO Date: Mon, 6 Mar 2017 19:05:36 +0100 X-Google-Sender-Auth: JLeALaeQo0xbr8f1M9Edvb1WIPA Message-ID: Subject: IWN 6200 FW To: FreeBSD Questions Mailing List , freebsd-wireless@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 18:05:57 -0000 Hello world! :-) I just got the Panasonic CF-F9 laptop with Intel Centrino 6200 WiFi card. Card is invisible by default on the raw system. I guess I need to put somewhere a dedicated firmware for this particular card..? I just wonder why there are other firmware modules available but not for this particular card? Would that be possible to add this firmware so interface is visible on a bare base system? Best regards, Tomek -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info From owner-freebsd-questions@freebsd.org Mon Mar 6 18:09:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7CBA6CFB2EA for ; Mon, 6 Mar 2017 18:09:57 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id 3BFCF17AD for ; Mon, 6 Mar 2017 18:09:56 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 842CECB8CB5; Mon, 6 Mar 2017 12:09:50 -0600 (CST) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Mon, 6 Mar 2017 12:09:50 -0600 (CST) Message-ID: <62604.128.135.52.6.1488823790.squirrel@cosmo.uchicago.edu> In-Reply-To: <58BD9DC2.9020802@sneakertech.com> References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> Date: Mon, 6 Mar 2017 12:09:50 -0600 (CST) Subject: Re: Off topic: smtp HELO question From: "Valeri Galtsev" To: "Quartz" Cc: freebsd-questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 18:09:57 -0000 On Mon, March 6, 2017 11:34 am, Quartz wrote: >> So if your NAT transforms internal addresses to W.X.Y.Z and a reverse >> lookup 'host W.X.Y.Z' returns 'foo.example.com' then you should >> configure your mail client to EHLO as 'foo.example.com' > > OK thanks, that's kinda what I was expecting. Unfortunately for me, my > external address floats around depending on what my ISP gives me, so I > can't configure a static name in my client to match that. For now I'm > trying to see what happens if I set it to the name of my domain I own, > but the servers that host that aren't the ones I send mail through. As Matthew said, HELO strict requirement (i.e. matching that what your client said indeed resolves into IP this session comes from) can only be requested by your server, and apparently your server (the way you connect to it) does not require it. Whatever is said in that HELO will appear in the very first (bottommost) "Received:" record of message header. I seriously doubt that there is a spam filter that diligent to analyze the match here. However, your client, as your machine will not be able to resolve its IP into hostname, will just pit the IP into HELO/EHLO, thus IP on private namespace will be in the header, and some spam filters may add score for message passing private IP space. What to do if your NAT box has DHCP connection and you indeed want to go to that level of hassle. (I personally don't care, so my mail when I am at home has private IP in the header). You can make cron job, and keep tracking what your real IP laptop appears from (when you are behind NAT). I had to do that for a couple of signage boxes that were getting DHCP addresses (and I needed to connect to them). What I used was a simple PHP script that I put on my server. I must have lifted if from somewhere (can't remember off hand where from to add appropriate credit). Here is the script: cat checkip.php Then on laptop you can make cron job to go to the http://your.server/checkip.php and parse the reply to extract IP (which will be real network IP your NAT box has. I hope this helps. Valeri > > >>For mail submission you generally >> identify yourself by logging into the server after switching your >> connection to TLS, > > I do use TLS, but what I'm trying to debug is not so much that the email > service *I* use checks, but that the final receiving server scans > through the headers and flags anything with a NAT address. I'm having > intermittent problems with some of my mail being flagged as spam when I > mail anyone at a local university and I'm not sure what's going on yet. > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-questions@freebsd.org Mon Mar 6 18:12:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 33BB1CFB97F for ; Mon, 6 Mar 2017 18:12:17 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wm0-x242.google.com (mail-wm0-x242.google.com [IPv6:2a00:1450:400c:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B95811E57 for ; Mon, 6 Mar 2017 18:12:16 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wm0-x242.google.com with SMTP id n11so15093513wma.0 for ; Mon, 06 Mar 2017 10:12:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=k5qEIz29g7h88uiW9v4F8Jd2D56ZM/cgBXevpHobiZA=; b=s0eb1UwuIn3lw0DVppJsFyf8uIdxstazi267IxxiIEOoqq+h8ti40GPYmX9otQ9KeV 5D0yTXdTDAifmNTw17B95dDYZbsvI9aBiO1I4g7GaDWDL7gcNWj90L1ded/PeFDEnCg6 CtnzOq/z2rw5n0UHa8WbUmoKi7T7bAXKuvXE+jrr6ThLJtcMLwqu4wn0aTXFcz7yjwow reFa8jveRiLxcl/MidWdA94gr34RZLhxFvgP07C/hznalJgW8U3ZWlrf4xet8ZEBIEYD jK/wFbPCvFrWhhoxx/L+Z01bFt9YFbVCl/j9NaopbHgKltWNw3nn8KDJrvHR/cAZCSQz Du2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=k5qEIz29g7h88uiW9v4F8Jd2D56ZM/cgBXevpHobiZA=; b=WA27kH0H9nQXC9fxTC6KVNV+kKQ8rnkdN7ck54zyyUzmw73DpLi2UscrKIuf8VpUtc 4bzHO1g/HKzWpu/veOerbgJEo0804qPJP4Buu8rUPA17Ly76mDHKpYcph7tQ05OdqCYV ktYiFvtUXo/8b8EaDgRBqLz4M8aEiCxwE8c5aRA/LfUINyND2SAU6g5MjEJGBBP6Evdr u08YvT202hFiyAwI8ioU1+vSItKNso6EH7vTcUZ0aOYFmQGeCnKzURyH3nrDHgMl5Ybo FW8haJ7/vE/jyh6amYLFVLbwPXPE/zE6imP7oX9PNvPIRXO6yCL/kU07F1IzPbF09OPP LNfg== X-Gm-Message-State: AMke39mxeCxUq5y+GgpAFS7lw7Fk8Uw6OoTzlQIWmMojRCjWm/Sc+QVjJt3H9ATQl9+WSQ== X-Received: by 10.28.149.208 with SMTP id x199mr14442521wmd.91.1488823934611; Mon, 06 Mar 2017 10:12:14 -0800 (PST) Received: from gumby.homeunix.com ([81.17.24.158]) by smtp.gmail.com with ESMTPSA id m186sm9417939wmd.21.2017.03.06.10.12.12 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 06 Mar 2017 10:12:14 -0800 (PST) Date: Mon, 6 Mar 2017 18:12:10 +0000 From: RW To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question Message-ID: <20170306181210.3bade5d9@gumby.homeunix.com> In-Reply-To: <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 18:12:17 -0000 On Mon, 6 Mar 2017 17:15:22 +0000 Matthew Seaman wrote: > On 2017/03/06 16:56, Quartz wrote: > > By default, if you're behind a NAT, Thunderbird sends your local IP > > address as part of the 'hello' when connecting to a mail server, > > which then gets stamped into the header info for all to see as the > > email is sent down the chain. This doesn't matter. > > I'm trying to debug some email issues, and I suspect that this > > initial header might be part of my problems. I can configure > > Thunderbird to send an arbitrary string instead of a NAT IP via the > > mail.smtpserver.smtp*.hello_argument variable, but I'm not 100% sure > > what I can legitimately put here without getting my emails marked as > > spam. Does this field have to match the reverse-lookup up of the > > world-routable external IP that you send the email through, or can > > it be any arbitrary string that matches a domain name pattern? Can > > anyone point me to a resource that explains this in depth? > In particular, for the specific case of a client program like > Thunderbird talking SMTP to a server via the Submission port (587) it > is rare to find this sort of check. For mail submission you generally > identify yourself by logging into the server after switching your > connection to TLS, which provides better proof of identity than > forward and reverse DNS checks. The HELO/EHLO name thing is much > more important for MTA to MTA transmission via port 25. There is an exception to that. The RFC allows a fully qualified domain name or an IP address in square brackets. A "bare" IP address, without the backets, would be an RFC violation. SpamAssassin has rules that will punish this heavily, even on a deep received header. I don't know if its even possible, but it wouldn't be a good idea to make Thunderbird use an alternate IP address as a helo if it doesn't end-up inside brackets. From owner-freebsd-questions@freebsd.org Mon Mar 6 18:44:06 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83FF0CFC440 for ; Mon, 6 Mar 2017 18:44:06 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wr0-x241.google.com (mail-wr0-x241.google.com [IPv6:2a00:1450:400c:c0c::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2248B1287 for ; Mon, 6 Mar 2017 18:44:05 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wr0-x241.google.com with SMTP id u108so18895902wrb.2 for ; Mon, 06 Mar 2017 10:44:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=dPTcw0uFUTBPsJyCaIRqUCv/Cc8klm0ziKspCZD5ews=; b=lMT895fnUTZrWR/WUyrwEt6w0CKMD/zQSDimSi8/AiOnGGQdYInaAZNK3xIDrgDc/8 OL5tszmN1JwZVAF2zsdkIIXxiRqu2bItd/a27WtdAvOxE++Xe5Pq50NI0oYONHcyhyxH ZZttiyENhw4f7muvOf2+UqYpg1pKhRhLHcizaFKbq1vbDbx/Qdq/Hv9jC/V6eHFjq0iS LE6HKtjy0d5ULMh+59DJLlQwL8NkijQRsXpxyuA8QEbYe8/qNpGeH/Lrmwaf2biWBGj7 c0Gm6GJ8P+vf4+XSMnFFXIVGaQZj4QBRjO5GUxb5lW2rAz0JblAQWG1Ke3cPtBRlcC4Y SwhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dPTcw0uFUTBPsJyCaIRqUCv/Cc8klm0ziKspCZD5ews=; b=hwpID5f/m3DcYldFAuWtby0XEV1XIP9rtI6w5hKh/u7+YNkSfEwNkIC7I1TPKFoUZ2 n1YL8CfVygUwNYUQFHx5d7EJ/F1HKL8NmWlLVQUxVJW+AVoLRvuyTIT+pnVoVINlv6CC mOXDvC5qRLK/KrvJyHN8Qw6rzhfju34v2V27MqXxnfqiaGSt+eDJjy/1GPvLR25C10zw FBMYifrZs3jaA8Vo8jigLQwZtiVk9HzSlp+RKN3JhfIuxSQPVGSyv27eoryk5XEVSvsu VJmXdg7aDqPyDUjZ8fhisl5BSjutgbnt9dgD2naByRZKQ3HToki6Daf+1qZoegL9wN7L slYg== X-Gm-Message-State: AMke39n9QczG7eLobmS1xBh0GW7dYzBkl0CMq5sbl8CQBsWLKmvRXEGFNt/8RmoYCsqaAA== X-Received: by 10.223.150.15 with SMTP id b15mr15313302wra.191.1488825844062; Mon, 06 Mar 2017 10:44:04 -0800 (PST) Received: from gumby.homeunix.com ([81.17.24.158]) by smtp.gmail.com with ESMTPSA id 186sm15832387wmw.24.2017.03.06.10.44.01 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 06 Mar 2017 10:44:02 -0800 (PST) Date: Mon, 6 Mar 2017 18:43:57 +0000 From: RW To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question Message-ID: <20170306184357.60de652b@gumby.homeunix.com> In-Reply-To: <58BD9DC2.9020802@sneakertech.com> References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 18:44:06 -0000 On Mon, 06 Mar 2017 12:34:58 -0500 Quartz wrote: > > So if your NAT transforms internal addresses to W.X.Y.Z and a > > reverse lookup 'host W.X.Y.Z' returns 'foo.example.com' then you > > should configure your mail client to EHLO as 'foo.example.com' > > OK thanks, that's kinda what I was expecting. Unfortunately for me, > my external address floats around depending on what my ISP gives me, > so I can't configure a static name in my client to match that. For > now I'm trying to see what happens if I set it to the name of my > domain I own, but the servers that host that aren't the ones I send > mail through. Don't bother with this. > > >For mail submission you generally > > identify yourself by logging into the server after switching your > > connection to TLS, > > I do use TLS, but what I'm trying to debug is not so much that the > email service *I* use checks, but that the final receiving server > scans through the headers and flags anything with a NAT address. It's probably not that. I suggest you try: https://www.mail-tester.com/ it may reveal what the problem is, unless it's just a BOFH on the receiving end doing something very odd. From owner-freebsd-questions@freebsd.org Mon Mar 6 18:58:30 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3D5EDCFC7CA for ; Mon, 6 Mar 2017 18:58:30 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay15.qsc.de (mailrelay15.qsc.de [212.99.187.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B82CE19BE for ; Mon, 6 Mar 2017 18:58:29 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay15.qsc.de; Mon, 06 Mar 2017 19:59:37 +0100 Received: from r56.edvax.de (port-92-195-29-65.dynamic.qsc.de [92.195.29.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 7CDF03CC3F; Mon, 6 Mar 2017 19:57:59 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v26IvwoT002096; Mon, 6 Mar 2017 19:57:58 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Mon, 6 Mar 2017 19:57:58 +0100 From: Polytropon To: ASV Cc: freebsd-questions@freebsd.org Subject: Re: /etc/skel doesn't work?! Message-Id: <20170306195758.17d83f1d.freebsd@edvax.de> In-Reply-To: <1488813922.11457.12.camel@inhio.net> References: <1488813922.11457.12.camel@inhio.net> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay15.qsc.de with EEF1469F437 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.2449 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 18:58:30 -0000 On Mon, 06 Mar 2017 12:25:22 -0300, ASV wrote: > Hello there, > I haven't use this standard functionality for ages but yesterday I > suddenly needed and then I've tried ... and failed. > Further reading led me to add files that I want to be added on any new > user home dir in /usr/share/skel/dot(filename). >=20 > For example: to make my customised .zshrc copied on any new user home > dir I'd just copy the .zshrc file in question to > /usr/share/skel/dot.zshrc and it will be copied with the proper rights > without the prepending "dot". > And that works! At the "top level", a real dot needs to be escaped with "dot.", both for files and directories. Within directories, files can be named "as is". A little sidenote: If you want to make users participate in the use of a customized C shell configuration, you can use the global /etc/csh.cshrc and leave the user's .cshrc (dot.cshrc in the skel/ directory) empty for individual overrides. Advantage: When you improve /etc/csh.cshrc, all users will immediately have that improvement, too. > Nonetheless, according to my understanding, any file placed into > /etc/skel should end up into the newly created user home directory but > it does NOT. > Doesn't matter how the file is named. As I said, there is a specific naming convention that applies both to /usr/share/skel and /etc/skel content. You can make the adduser program use /etc/skel instead of /usr/share/skel in case you don't want to "pollute" that directory. :-) You can find details in "man adduser" and "man pw", which I'd like to quote from the -m option: This option instructs pw to attempt to create the user's home directory. While primarily useful when adding a new account with useradd, this may also be of use when moving an existing user's home directory elsewhere on the file system. The new home directory is populated with the con- tents of the skeleton directory, which typically contains a set of shell configuration files that the user may person- alize to taste. Files in this directory are usually named dot. where the dot prefix will be stripped. When -m is used on an account with usermod, existing configura- tion files in the user's home directory are not overwritten from the skeleton files. This section clearly states the convention of the "dot" prefix. > Looks like a bug to me. No, it doesn't. :-) > My machine:=A0FreeBSD 11.0-RELEASE-p2 (amd64) > Command used:=A0pw useradd -m Correct. > P.S. would be interesting to know why "dot" is required to be prepended > in files added in /usr/share/skel Convention, because the copying routine uses this replacement for "real" files (source/dot.* -> target/.*) whereas it ignores hidden file (source/.*); I don't know why, but you can have hidden files in the skel/ directories which are ignored at its top level. --=20 Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Mon Mar 6 19:39:40 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6FE57CFB777 for ; Mon, 6 Mar 2017 19:39:40 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 57FBC1006 for ; Mon, 6 Mar 2017 19:39:40 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: by mailman.ysv.freebsd.org (Postfix) id 52E4DCFB775; Mon, 6 Mar 2017 19:39:40 +0000 (UTC) Delivered-To: questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 528B3CFB774 for ; Mon, 6 Mar 2017 19:39:40 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mx0.gentlemail.de (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DA8FA1FF6 for ; Mon, 6 Mar 2017 19:39:39 +0000 (UTC) (envelope-from freebsd@omnilan.de) Received: from mh0.gentlemail.de (mh0.gentlemail.de [IPv6:2a00:e10:2800::a135]) by mx0.gentlemail.de (8.14.5/8.14.5) with ESMTP id v26JdaoL027952 for ; Mon, 6 Mar 2017 20:39:36 +0100 (CET) (envelope-from freebsd@omnilan.de) Received: from titan.inop.mo1.omnilan.net (titan.inop.mo1.omnilan.net [IPv6:2001:a60:f0bb:1::3:1]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mh0.gentlemail.de (Postfix) with ESMTPSA id 2D4BEF06; Mon, 6 Mar 2017 20:39:36 +0100 (CET) Message-ID: <58BDBAF7.5000907@omnilan.de> Date: Mon, 06 Mar 2017 20:39:35 +0100 From: Harry Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: FreeBSD questions Subject: procstat(1) [-f], proto=stream without addresses Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (mx0.gentlemail.de [IPv6:2a00:e10:2800::a130]); Mon, 06 Mar 2017 20:39:36 +0100 (CET) X-Milter: Spamilter (Reciever: mx0.gentlemail.de; Sender-ip: ; Sender-helo: mh0.gentlemail.de; ) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 19:39:40 -0000 Hello, I'm in foreign waters and try gather debugging info. One thing I noticed is that procstst(1) doesn't show any addresses for my evil process. Excerpt: USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS squid negotiate_ 597 1 stream -> ?? squid negotiate_ 596 0 stream -> ?? squid negotiate_ 596 1 stream -> ?? squid negotiate_ 595 0 stream -> ?? … (lots more snipped) squid squid 586 10 stream -> ?? squid squid 586 12 stream -> ?? squid squid 586 14 stream -> ?? squid squid 586 16 stream -> ?? squid squid 586 18 stream -> ?? … (lots more snipped) Simple question: Is this a "legal" state? Any hints for further readings on this topic highly appreciated! Thanks, -harry From owner-freebsd-questions@freebsd.org Mon Mar 6 19:45:28 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ACF87CFBB6A for ; Mon, 6 Mar 2017 19:45:28 +0000 (UTC) (envelope-from Ephaeton@gmx.net) Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0BEA916AB for ; Mon, 6 Mar 2017 19:45:27 +0000 (UTC) (envelope-from Ephaeton@gmx.net) Received: from hephaistos.local ([85.214.91.234]) by mail.gmx.com (mrgmx001 [212.227.17.190]) with ESMTPSA (Nemesis) id 0Meh8S-1cw1Ar0FXU-00OJ8b; Mon, 06 Mar 2017 20:45:17 +0100 Received: by hephaistos.local (Postfix, from userid 1000) id DA4D3297CDF7; Mon, 6 Mar 2017 20:45:15 +0100 (CET) Date: Mon, 6 Mar 2017 20:45:15 +0100 From: "Martin S. Weber" To: ASV Cc: freebsd-questions@freebsd.org Subject: Re: /etc/skel doesn't work?! Message-ID: <20170306194515.GA1541@hephaistos.local> Mail-Followup-To: ASV , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170306195758.17d83f1d.freebsd@edvax.de> User-Agent: Mutt/1.7.2 (2016-11-26) X-Provags-ID: V03:K0:ZfIlNQS2IiKdPFP4qQ8KjNCntKPCrmKFcM5sT8lD7NhN8KoQL8z VK4rCjGYgfswBBeuo5Nsed4WQyF1GI/Z5d4D0OHxoAzji0ILmHtyZrIgbpdduTtIOHQBDw4 r+QoQeiQaczx1HqUB07bfvgwVSRRhZFpCveg6+I58L+RrtFt+ijKwO2euQkd+OOzdavDFSJ cGom4HesRBWA8lVzJIJsg== X-UI-Out-Filterresults: notjunk:1;V01:K0:tDgkDuYwqws=:KL+zZJiM89fYAc6fr933AD J0+VvspkAqYuiQGEGNYc2ou6isKaYtbSQWe8u0WqaEri6lC33btcytHxqJtR+Sr4YZSPy6+xR gzY4q2npnMu0vzhOuf6p+Ygp7AIhYiAxL+4tenL7hQhuGnOXLWECQqBEW7X3rmfHUUubFq5Ej iNgPrr4bIMPuWJhmBwrEsnXRQszf0Ujo/YW+xh/ZUNF6kEij2Dwy/FB60JE1SjkAl0KDmrjq+ lYCQr0E8jasbuRzmg6xSiH/Exwc/pL832mpsRv5qsx65eazV1/L9nKcbF+EDRmoYg7EXDj/6R PBURCxfadDlAkE0++gjyaQrPFrH/61GdAef6IXZk4t0oisCkP8bMBjgwxd8bwUc9Aw5oBlCYH 19RnOtp4kYFcL4GO04HqXg+atc8Yw/XEm03BDf0dy5Kl82b/DXaoJpWbM+zD3GnNsWiMNLSSI DFsz64YtMcX12a+6WL33s0WkSwEXMdNZTnaltj0DzWTdAWDPJMAmOrz64rHcSODCF7DzQTIoU fWhCf+a54zfwmQUTf/6kHwDNOBtBcjziolk+0rRukYBZhapNI/jAmvB9Jhsz1hJywb8TFiVj9 HRZkCHxAdMmW+b9RDgCFejux+i3lDOijEJ0L5jF29/UbMVc6Dq4pKLcrSYduD0luAjLmgyy/c rdgyCDgMlGXlZUtIIyJrWnnWeEQYE8+aNDuXQNA/uKqNLeBT1Px2u5WB4yF+toJW5ir5l5X1E cLMc5vAoffVoNV5ZhElV2z9DPwgegRw7ROeLpf5pb0dajtuGnXXkQbhxpbA= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 19:45:28 -0000 On 2017-03-06 19:57:58, Polytropon wrote: > On Mon, 06 Mar 2017 12:25:22 -0300, ASV wrote: > > (...) > > Looks like a bug to me. Files in /etc/skel are not copied. Default skeleton directory is, confusingly, /usr/share/skel and not /etc/skel. The value of the default skeleton directory is neither mentioned in pw's manfile's -k options, or pw's manpage's FILES section. It IS, however, mentioned in pw.conf's manpage. So, ASV: touch /etc/skel/etc-skel touch /usr/share/skel/usr-share-skel pw useradd asv -m ls -l /home/asv # with empty /etc/pw.conf, we expect to see /home/asv/usr-share-skel, but # not /home/asv/etc-skel. FWIW, ASV, I understand your confusion. Fact just is, the default skeleton directory under FreeBSD is not what one expects when coming from other worlds. So, yes, any file will get copied, but you need to put it in the right directory :) And yes, re $SUBJECT, "/etc/skel does not work", without further configuration, period. -> man pw.conf Regards, -Martin From owner-freebsd-questions@freebsd.org Mon Mar 6 19:51:27 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7A06ACFBF50 for ; Mon, 6 Mar 2017 19:51:27 +0000 (UTC) (envelope-from cknipe@savage.za.org) Received: from mail-qk0-x236.google.com (mail-qk0-x236.google.com [IPv6:2607:f8b0:400d:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 38EC51D5A for ; Mon, 6 Mar 2017 19:51:27 +0000 (UTC) (envelope-from cknipe@savage.za.org) Received: by mail-qk0-x236.google.com with SMTP id y76so40819669qkb.0 for ; Mon, 06 Mar 2017 11:51:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=savage-za-org.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=RJqhrRh4qgLCYGYQ4fjnpAMlYuy+iW41ok0rdxu2Wog=; b=yoksiQgY5Ob0q1/sXY14lOGuQTQHYS1YVEF29k4weS+/mpxPHzcQZYFVUCegZyOwzW Os0+sVKHJgkp5JhiFba0Oa0lcg92lmquuQkHX1qosCNzqi0WFqw6ErUMatqyrEAats/6 8bXxUGKammSkYCq7RAO06/AlnwJPFpxMYigzKG8BVpj0LdHqhuce42EHXCrs9AGHUStB wG3Muyhur10SbOk36yhE5lBL8Be/Wh1Dmhr6I4aotDZztz2en8fDHBhL/xUepZ71b965 PkxaivgIlfcJejBgNfKRVObcd0VLeVfnfypb4Xl2+TuGcZGFT24Ypq6nga5IxsgSim+v KTCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=RJqhrRh4qgLCYGYQ4fjnpAMlYuy+iW41ok0rdxu2Wog=; b=AIbfoS1bcrOoHGGSxOXIw9a8SGoFJu5NKmsThebdUzdTjBSb6y+Wj6+YMg6/NxWLNT NhYaDvhv7pOxWdxgXpYUm27BSV1YJiXVls5pi9pg8oNEE9suaGcjvaIpKrsGkE88egsP wu/8rO6e86szSM6tT4RnidGit7RKbDMVZw/S8JrhJTphnwKDUuvM+p97ImvVON/xR+i4 8HesrGrG8aGqmgZlqG5Fs3RxjVPefmMJF4WFp3SaLC0ayYFXQAdQY3z/IGZ1HlsD8X2w /q3PjA5k1uKngUhQBoe1p0bylcfptwGAJJ4ZzmyaJ7sHfK2OGojJ42wA2Y/BLOWjr625 eCBQ== X-Gm-Message-State: AMke39k4tTAugBrFX0/amrsgojno4x+gexqBzScPvtPhCugys4FF8c+rRd1bicgAGejs94tr7sdZQsUfg6EqCw== X-Received: by 10.237.43.69 with SMTP id p63mr16829688qtd.68.1488829886185; Mon, 06 Mar 2017 11:51:26 -0800 (PST) MIME-Version: 1.0 Sender: cknipe@savage.za.org Received: by 10.55.89.69 with HTTP; Mon, 6 Mar 2017 11:51:25 -0800 (PST) X-Originating-IP: [2a07:b2c7:ffff:ff82:3888:e5c1:8baf:696] In-Reply-To: <20170306194515.GA1541@hephaistos.local> References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> From: Chris Knipe Date: Mon, 6 Mar 2017 21:51:25 +0200 X-Google-Sender-Auth: ybacH4dNW4J1fO7k90ckpmPN8Lc Message-ID: Subject: Re: /etc/skel doesn't work?! To: FreeBSD - Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 19:51:27 -0000 Just out of interest... Is there any reason why /etc/skel IS there then? Other than to create confusion of course. On Mon, Mar 6, 2017 at 9:45 PM, Martin S. Weber wrote: > On 2017-03-06 19:57:58, Polytropon wrote: > > On Mon, 06 Mar 2017 12:25:22 -0300, ASV wrote: > > > (...) > > > Looks like a bug to me. > > Files in /etc/skel are not copied. Default skeleton directory is, > confusingly, /usr/share/skel and not /etc/skel. The value of the > default skeleton directory is neither mentioned in pw's manfile's > -k options, or pw's manpage's FILES section. It IS, however, > mentioned in pw.conf's manpage. > > So, ASV: > touch /etc/skel/etc-skel > touch /usr/share/skel/usr-share-skel > pw useradd asv -m > ls -l /home/asv > # with empty /etc/pw.conf, we expect to see /home/asv/usr-share-skel, but > # not /home/asv/etc-skel. > > FWIW, ASV, I understand your confusion. Fact just is, the default > skeleton directory under FreeBSD is not what one expects when coming > from other worlds. So, yes, any file will get copied, but you need to > put it in the right directory :) And yes, re $SUBJECT, > "/etc/skel does not work", without further configuration, period. > > -> man pw.conf > > Regards, > -Martin > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" > -- Regards, Chris Knipe From owner-freebsd-questions@freebsd.org Mon Mar 6 19:53:21 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4EAFDCFC028 for ; Mon, 6 Mar 2017 19:53:21 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (douhisi.pair.com [209.68.5.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 305611F20 for ; Mon, 6 Mar 2017 19:53:20 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from [192.168.0.1] (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id 5C1E53F531 for ; Mon, 6 Mar 2017 14:53:19 -0500 (EST) Message-ID: <58BDBE2F.90207@sneakertech.com> Date: Mon, 06 Mar 2017 14:53:19 -0500 From: Quartz MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> <20170306184357.60de652b@gumby.homeunix.com> In-Reply-To: <20170306184357.60de652b@gumby.homeunix.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 19:53:21 -0000 >> I do use TLS, but what I'm trying to debug is not so much that the >> email service *I* use checks, but that the final receiving server >> scans through the headers and flags anything with a NAT address. > > > It's probably not that. I suggest you try: > > https://www.mail-tester.com/ > > it may reveal what the problem is, unless it's just a BOFH on the > receiving end doing something very odd. I get a 7/10 (apparently because I never set a SPF to hook my mail service to my domain?). From owner-freebsd-questions@freebsd.org Mon Mar 6 21:06:09 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EAB54CFC43A for ; Mon, 6 Mar 2017 21:06:09 +0000 (UTC) (envelope-from delivery@mx19.dynamicmail.net) Received: from mx19.dynamicmail.net (mx19.dynamicmail.net [167.114.59.34]) by mx1.freebsd.org (Postfix) with ESMTP id A9F781C98 for ; Mon, 6 Mar 2017 21:06:09 +0000 (UTC) (envelope-from delivery@mx19.dynamicmail.net) Received: from mv.mailsonics.com (mv.mailsonics.com [192.99.242.20]) by mx19.dynamicmail.net with SMTP; Mon, 6 Mar 2017 12:50:55 -0800 Message-ID: <91a5db3392e1ac586e9b04cb58643faa@mx19.dynamicmail.net> Date: Mon, 06 Mar 2017 20:38:48 +0000 Subject: REG:Switch to new company From: Chakri Reply-To: Chakri To: "freebsd-questions@freebsd.org" MIME-Version: 1.0 X-Mw-Customer-Uid: ce8756ksw3927 X-Receiver: freebsd-questions@freebsd.org X-Mw-Tracking-Did: 0 X-Mw-Campaign-Uid: oj789zsnopb63 X-Mw-Customer-Gid: 0 X-Mw-Subscriber-Uid: pz5968rm39370 X-Report-Abuse: Please report abuse for this campaign here: http://mv.mailsonics.com/index.php/campaigns/oj789zsnopb63/report-abuse/kg278a9zdydff/pz5968rm39370 X-Sender: Delivery@mx19.dynamicmail.net Feedback-ID: oj789zsnopb63:pz5968rm39370:kg278a9zdydff:ce8756ksw3927 X-Mw-Mailer: SwiftMailer X-Mw-Delivery-Sid: 6 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 21:06:10 -0000 =20 Dear Vendor,=20 I am writing this letter to offici= ally inform you that as of March 06th 2017, I will be resigning from= SVK Systems Inc and starting work at Smart Works LLC(Division of I-= tech US Inc).=20 It was immense pleasure working with you for the = past 3 years in SVK and would like to assist you for future endeavour= s through Smart works so I request you to take time and add me my ne= w email id in your distribution list and send me your requirements s= o that I can continue to deliver the best services possible. em= ail: avi@smtworks.com phone:732-853-0769=20 Yours faithfu= lly, Chakri Yadav(Avinash)=20 SVK Systems, Inc. | IT Experts= .=20 Direct: 205 510 7425 | Alt: 205 510 7424 x 6611 | Fax: 404 60= 1 9507=20 3057 Peachtree Industrial Blvd,Suite # 110, Duluth GA= 30097=20 Please notice our address has changed.=20 E-Mai= l ID: chakri@svksystems.com | gtalk:chakri.svk2|Web:www.svksystems.c= om http://www.svksystems.com/| http://in.linkedin.com/in/avinashrcha= kri=20 If you do not want to receive email please opt out / unsub= scribe by replying with Remove as subject. http://mv.mailsonics= .com/index.php/lists/kg278a9zdydff/unsubscribe/pz5968rm39370/oj789zsnopb= 63 From owner-freebsd-questions@freebsd.org Mon Mar 6 21:41:26 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 60960CFCED4 for ; Mon, 6 Mar 2017 21:41:26 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay12.qsc.de (mailrelay12.qsc.de [212.99.163.153]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C5EF1154E for ; Mon, 6 Mar 2017 21:41:25 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay12.qsc.de; Mon, 06 Mar 2017 22:44:23 +0100 Received: from r56.edvax.de (port-92-195-29-65.dynamic.qsc.de [92.195.29.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id D78643CBF9; Mon, 6 Mar 2017 22:40:42 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v26LefME003566; Mon, 6 Mar 2017 22:40:41 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Mon, 6 Mar 2017 22:40:41 +0100 From: Polytropon To: Chris Knipe Cc: FreeBSD - Subject: Re: /etc/skel doesn't work?! Message-Id: <20170306224041.21c7b709.freebsd@edvax.de> In-Reply-To: References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay12.qsc.de with 2BC576A472F X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1760 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 21:41:26 -0000 On Mon, 6 Mar 2017 21:51:25 +0200, Chris Knipe wrote: > Just out of interest... > > Is there any reason why /etc/skel IS there then? Other than to create > confusion of course. I think /etc/skel is intended for user-supplied files in the first place when overriding system-supplied files in /usr/share/skel is intended (by changing the default location for tools like pw and adduser). It's also a Linuxism. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Mon Mar 6 21:45:05 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D75AAD0010B for ; Mon, 6 Mar 2017 21:45:05 +0000 (UTC) (envelope-from shamim.shahriar@gmail.com) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6D5B11A26 for ; Mon, 6 Mar 2017 21:45:05 +0000 (UTC) (envelope-from shamim.shahriar@gmail.com) Received: by mail-wr0-x236.google.com with SMTP id l37so126458022wrc.1 for ; Mon, 06 Mar 2017 13:45:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=snJy2HSiMcnnEoRxPtCyhINxZJbZBfpKG+kI0pXg/3s=; b=saTT4ucYJ6t6jQdpvByRhgZTrCRVAgzzvEX4OWRoKoa5i0hwaQE0xp//ecbvwM3Bj6 b/8Ro9Jri8gIFA69ZTd9wRfE+fE2rplWMXfDrUeoycBxj/SuXac4DLiP5KEkNmnGV6KF X3hB9Au1sEcudrEHftgaXeyBrO9nd/p5sOSIPFk7Xx5ASGi9rRk56wkrhN1KgSWeKNfW c0Q7mNKjeQ9zSq//ZJxxKhbhvA2c1cu5YAOrgrMIipmJRgw4Dj7T1DJa1/1HMnL1TROS gw6zxhtj0ksldyXgmPy0xOIpNHj0MXIvWjSpjJQuLwu0XN4h4988egV71SVkWQz6jtuF N/7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=snJy2HSiMcnnEoRxPtCyhINxZJbZBfpKG+kI0pXg/3s=; b=WwnnA2bX8vqqJSPERksqsulhusOyMNtJ5RFgmmKCapLj7umMXaHrAKdi8kjJEjBx1G buUyXnnEe5EzJfWM3ofwzl+qUUXzmd99qCkQEEzweygUg8m1i+VznCZDmza47cVqkrK0 o3GdiWCvaWHLhFUTCJMfpoLXwYmMCIBMvanUMW98FZ9n247/RTfsQGVnKb4QhYrINc/e PKULpE/kCRWt5Liou5nMDr+OIJlL1fdeLrCdyGUbr+KKTIVF4Hai9XdyXWP8QFJUxZEn msasGMUy9OCoGrVKzqTb3OwILq29XKeZke/DLgyr3+A/9HGp6RXvmhNfwTE/8RceE4xJ cbdg== X-Gm-Message-State: AMke39mYKjmhIS+ZF/3V2Nlg/GI3N0GyekBVaDGQx3FLOKfwtCnKc5W0RupIagduT+TVRzYzpsGGAuu2BOwpdw== X-Received: by 10.223.170.3 with SMTP id p3mr18107462wrd.100.1488836703495; Mon, 06 Mar 2017 13:45:03 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.134.176 with HTTP; Mon, 6 Mar 2017 13:45:02 -0800 (PST) Received: by 10.80.134.176 with HTTP; Mon, 6 Mar 2017 13:45:02 -0800 (PST) In-Reply-To: <58BD9DC2.9020802@sneakertech.com> References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> From: Shamim Shahriar Date: Mon, 6 Mar 2017 21:45:02 +0000 Message-ID: Subject: Re: Off topic: smtp HELO question To: Quartz Cc: "freebsd-questions@FreeBSD.org" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 21:45:05 -0000 One possible workaround, specially for TB is to set hello_argument from the config editor -- and it does not have to be a fqdn unless you're server demands it. You can find further details by googling for it. Hope this helps On 6 Mar 2017 5:35 p.m., "Quartz" wrote: > So if your NAT transforms internal addresses to W.X.Y.Z and a reverse >> lookup 'host W.X.Y.Z' returns 'foo.example.com' then you should >> configure your mail client to EHLO as 'foo.example.com' >> > > OK thanks, that's kinda what I was expecting. Unfortunately for me, my > external address floats around depending on what my ISP gives me, so I > can't configure a static name in my client to match that. For now I'm > trying to see what happens if I set it to the name of my domain I own, but > the servers that host that aren't the ones I send mail through. > > > For mail submission you generally >> identify yourself by logging into the server after switching your >> connection to TLS, >> > > I do use TLS, but what I'm trying to debug is not so much that the email > service *I* use checks, but that the final receiving server scans through > the headers and flags anything with a NAT address. I'm having intermittent > problems with some of my mail being flagged as spam when I mail anyone at a > local university and I'm not sure what's going on yet. > > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe > @freebsd.org" > From owner-freebsd-questions@freebsd.org Mon Mar 6 22:11:18 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9931CD006D4 for ; Mon, 6 Mar 2017 22:11:18 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (douhisi.pair.com [209.68.5.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A4BC179E for ; Mon, 6 Mar 2017 22:11:17 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from [192.168.0.1] (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id 835CF3F56C for ; Mon, 6 Mar 2017 17:11:16 -0500 (EST) Message-ID: <58BDDE84.2060508@sneakertech.com> Date: Mon, 06 Mar 2017 17:11:16 -0500 From: Quartz MIME-Version: 1.0 To: "freebsd-questions@FreeBSD.org" Subject: Re: Off topic: smtp HELO question References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 22:11:18 -0000 > One possible workaround, specially for TB is to set hello_argument from > the config editor That's what I was looking at before. > -- and it does not have to be a fqdn unless you're > server demands it. Hmm, ok. From owner-freebsd-questions@freebsd.org Mon Mar 6 22:20:27 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 28B0FD008C2 for ; Mon, 6 Mar 2017 22:20:27 +0000 (UTC) (envelope-from johnl@iecc.com) Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "miucha.iecc.com", Issuer "StartCom Class 1 DV Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B93781CC2 for ; Mon, 6 Mar 2017 22:20:26 +0000 (UTC) (envelope-from johnl@iecc.com) Received: (qmail 55894 invoked from network); 6 Mar 2017 22:20:25 -0000 Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 6 Mar 2017 22:20:25 -0000 Date: 6 Mar 2017 22:20:03 -0000 Message-ID: <20170306222003.26539.qmail@ary.lan> From: "John Levine" To: freebsd-questions@freebsd.org Subject: Re: Off topic: smtp HELO question In-Reply-To: <58BD9DC2.9020802@sneakertech.com> Organization: X-Headerized: yes Mime-Version: 1.0 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 22:20:27 -0000 This really should go to the mailop mailing list. See https://chilli.nosignal.org/mailman/listinfo/mailop and don't be surprised if its TLS certificate is expired. When you send mail, Thunderbird is doing submission, not SMTP. They are similar, but they are not the same. Approximately 100% of submission clients behind NATs put some random name or IP as the EHLO name, and it doesn't matter. That's not your problem. >I do use TLS, but what I'm trying to debug is not so much that the email >service *I* use checks, but that the final receiving server scans >through the headers and flags anything with a NAT address. That would be, to put it mildly, stupendously broken. If they do that, their false positive rate will be something like 50%, including everything sent from Gmail. It would be a good idea to check again and see if perhaps they're doing something else and your problem is something else. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly From owner-freebsd-questions@freebsd.org Mon Mar 6 22:21:58 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0DFE8D009BB for ; Mon, 6 Mar 2017 22:21:58 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cdptpa-oedge", Issuer "cdptpa-oedge" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id CA42F1FFF for ; Mon, 6 Mar 2017 22:21:57 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from [76.181.114.47] ([76.181.114.47:57008] helo=raspberrypi.bildanet.com) by cdptpa-omsmta03 (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 1D/8B-21189-EF0EDB85; Mon, 06 Mar 2017 22:21:50 +0000 Received: from [192.168.1.156] by raspberrypi.bildanet.com with esmtp (Exim 4.84) (envelope-from ) id 1cl10o-0003zQ-AS for freebsd-questions@freebsd.org; Mon, 06 Mar 2017 17:21:50 -0500 Subject: Re: /etc/skel doesn't work?! To: freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> From: Baho Utot Message-ID: <0e5a295f-f78c-dad2-794a-fec839c1e4fc@columbus.rr.com> Date: Mon, 6 Mar 2017 22:21:45 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-RR-Connecting-IP: 107.14.168.88:25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 22:21:58 -0000 On 3/6/2017 2:51 PM, Chris Knipe wrote: > Just out of interest... > > Is there any reason why /etc/skel IS there then? Other than to create > confusion of course. > > On Mon, Mar 6, 2017 at 9:45 PM, Martin S. Weber wrote: > >> On 2017-03-06 19:57:58, Polytropon wrote: >>> On Mon, 06 Mar 2017 12:25:22 -0300, ASV wrote: >>>> (...) >>>> Looks like a bug to me. >> Files in /etc/skel are not copied. Default skeleton directory is, >> confusingly, /usr/share/skel and not /etc/skel. The value of the >> default skeleton directory is neither mentioned in pw's manfile's >> -k options, or pw's manpage's FILES section. It IS, however, >> mentioned in pw.conf's manpage. >> >> So, ASV: >> touch /etc/skel/etc-skel >> touch /usr/share/skel/usr-share-skel >> pw useradd asv -m >> ls -l /home/asv >> # with empty /etc/pw.conf, we expect to see /home/asv/usr-share-skel, but >> # not /home/asv/etc-skel. >> >> FWIW, ASV, I understand your confusion. Fact just is, the default >> skeleton directory under FreeBSD is not what one expects when coming >> from other worlds. So, yes, any file will get copied, but you need to >> put it in the right directory :) And yes, re $SUBJECT, >> "/etc/skel does not work", without further configuration, period. >> >> -> man pw.conf >> >> Regards, >> -Martin >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions- >> unsubscribe@freebsd.org" >> > > Should /etc/usr/skel be a symlink to /usr/share/skel ? From owner-freebsd-questions@freebsd.org Mon Mar 6 23:24:36 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8FA23CFBFFC for ; Mon, 6 Mar 2017 23:24:36 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay15.qsc.de (mailrelay15.qsc.de [212.99.187.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0BFAD18AF for ; Mon, 6 Mar 2017 23:24:35 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay15.qsc.de; Tue, 07 Mar 2017 00:26:08 +0100 Received: from r56.edvax.de (port-92-195-29-65.dynamic.qsc.de [92.195.29.65]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 91F203CBF9; Tue, 7 Mar 2017 00:24:30 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v26NOTPV005002; Tue, 7 Mar 2017 00:24:29 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Tue, 7 Mar 2017 00:24:29 +0100 From: Polytropon To: Baho Utot Cc: freebsd-questions@freebsd.org Subject: Re: /etc/skel doesn't work?! Message-Id: <20170307002429.5caa887e.freebsd@edvax.de> In-Reply-To: <0e5a295f-f78c-dad2-794a-fec839c1e4fc@columbus.rr.com> References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <0e5a295f-f78c-dad2-794a-fec839c1e4fc@columbus.rr.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay15.qsc.de with 7F79369F453 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.2281 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 23:24:36 -0000 On Mon, 6 Mar 2017 22:21:45 -0500, Baho Utot wrote: > > On 3/6/2017 2:51 PM, Chris Knipe wrote: > > Just out of interest... > > > > Is there any reason why /etc/skel IS there then? Other than to create > > confusion of course. > > > > On Mon, Mar 6, 2017 at 9:45 PM, Martin S. Weber wrote: > > > >> On 2017-03-06 19:57:58, Polytropon wrote: > >>> On Mon, 06 Mar 2017 12:25:22 -0300, ASV wrote: > >>>> (...) > >>>> Looks like a bug to me. > >> Files in /etc/skel are not copied. Default skeleton directory is, > >> confusingly, /usr/share/skel and not /etc/skel. The value of the > >> default skeleton directory is neither mentioned in pw's manfile's > >> -k options, or pw's manpage's FILES section. It IS, however, > >> mentioned in pw.conf's manpage. > >> > >> So, ASV: > >> touch /etc/skel/etc-skel > >> touch /usr/share/skel/usr-share-skel > >> pw useradd asv -m > >> ls -l /home/asv > >> # with empty /etc/pw.conf, we expect to see /home/asv/usr-share-skel, but > >> # not /home/asv/etc-skel. > >> > >> FWIW, ASV, I understand your confusion. Fact just is, the default > >> skeleton directory under FreeBSD is not what one expects when coming > >> from other worlds. So, yes, any file will get copied, but you need to > >> put it in the right directory :) And yes, re $SUBJECT, > >> "/etc/skel does not work", without further configuration, period. > >> > >> -> man pw.conf > >> > >> Regards, > >> -Martin > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to "freebsd-questions- > >> unsubscribe@freebsd.org" > >> > > > > > > Should /etc/usr/skel be a symlink to /usr/share/skel ? Sometimes, admins tend to create a symlink from /etc/skel pointing to /usr/share/skel. The reasoning here probably is that /usr/share/skel can be subject to system updates (it's a "system-owned" directory), but /etc/skel is not considered by updating mechanisms. I have also seen a symlink to /opt/etc/skel (a derived Solaris-ism) to keep /usr/share/skel maintained by possible updating, but manually deal with what /etc/skel@ -> /opt/etc/skel contains; by changing /etc/skel's target, it's possible to switch over to system defaults easily, without needing to touch configuration files for adduser and pw. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Tue Mar 7 03:00:54 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E8A63D00C40 for ; Tue, 7 Mar 2017 03:00:54 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B32B517B4 for ; Tue, 7 Mar 2017 03:00:54 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9d7a:ec01:34de:8d3a]) by hz.citrin.ru (Postfix) with ESMTPSA id EA7CA29A4B8 for ; Tue, 7 Mar 2017 03:00:51 +0000 (UTC) Subject: Re: procstat(1) [-f], proto=stream without addresses To: freebsd-questions@freebsd.org References: <58BDBAF7.5000907@omnilan.de> From: Anton Yuzhaninov Message-ID: <611e5fe5-0a25-2058-96b2-51b1fe3ad7f9@citrin.ru> Date: Mon, 6 Mar 2017 22:00:50 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <58BDBAF7.5000907@omnilan.de> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1488855652; bh=peCEHO5LNU/dSWDBdCHR6McTXNHNWF8hjorxn/4PC3Y=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=14VuB8NVcS6GvYTizXBWQM3Q8nYT2Ofd8oY3pT3LM+ehOuUtLqGBap6qErBe8bCYC/mEQ7TmxyDoE2Fu/Qw5JKtd6jD9o5dvWvRJx3pqWvvkVBGp8TdVokI5v1TB0WS5bgLCSCrwTsh5wxWdpbLz49RzNV4nzfGAznRPuc4kLO0= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 03:00:55 -0000 On 03/06/17 14:39, Harry Schmalzbauer wrote: > One thing I noticed is that procstst(1) doesn't show any addresses for > my evil process. > Excerpt: > > USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS > squid negotiate_ 597 1 stream -> ?? > squid negotiate_ 596 0 stream -> ?? > squid negotiate_ 596 1 stream -> ?? 1. It looks like output from sockstat(1), not procstat(1) 2. stream is Unix domain stream socket String "??" probably mean, that this file descriptor is not connected (was closed by remote side, but not by this process). May be it is a descriptor leak. From owner-freebsd-questions@freebsd.org Tue Mar 7 12:12:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 60CF1D009DA for ; Tue, 7 Mar 2017 12:12:10 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cdptpa-oedge", Issuer "cdptpa-oedge" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 28C651C5E for ; Tue, 7 Mar 2017 12:12:09 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from [76.181.114.47] ([76.181.114.47:57402] helo=raspberrypi.bildanet.com) by cdptpa-omsmta03 (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 9F/13-21189-293AEB85; Tue, 07 Mar 2017 12:12:02 +0000 Received: from [192.168.1.40] (helo=desktop.example.org) by raspberrypi.bildanet.com with esmtp (Exim 4.84) (envelope-from ) id 1clDyE-0004FK-Af for freebsd-questions@freebsd.org; Tue, 07 Mar 2017 07:12:02 -0500 Subject: Re: /etc/skel doesn't work?! To: freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> From: Baho Utot Message-ID: <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> Date: Tue, 7 Mar 2017 07:12:02 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <20170306224041.21c7b709.freebsd@edvax.de> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-RR-Connecting-IP: 107.14.168.88:25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 12:12:10 -0000 On 03/06/17 16:40, Polytropon wrote: > On Mon, 6 Mar 2017 21:51:25 +0200, Chris Knipe wrote: >> Just out of interest... >> >> Is there any reason why /etc/skel IS there then? Other than to create >> confusion of course. > > I think /etc/skel is intended for user-supplied files in the > first place when overriding system-supplied files in /usr/share/skel > is intended (by changing the default location for tools like pw > and adduser). It's also a Linuxism. :-) > > > That would be all well and good, but /etc/skel just doesn't work From owner-freebsd-questions@freebsd.org Tue Mar 7 12:25:07 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88152CFB2F3 for ; Tue, 7 Mar 2017 12:25:07 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.home.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "fileserver.home.qeng-ho.org", Issuer "fileserver.home.qeng-ho.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 292B21A19 for ; Tue, 7 Mar 2017 12:25:06 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id v27CNslp009319; Tue, 7 Mar 2017 12:23:54 GMT (envelope-from freebsd@qeng-ho.org) Subject: Re: /etc/skel doesn't work?! To: Baho Utot , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> From: Arthur Chance Message-ID: Date: Tue, 7 Mar 2017 12:23:54 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 12:25:07 -0000 On 07/03/2017 12:12, Baho Utot wrote: > > > On 03/06/17 16:40, Polytropon wrote: >> On Mon, 6 Mar 2017 21:51:25 +0200, Chris Knipe wrote: >>> Just out of interest... >>> >>> Is there any reason why /etc/skel IS there then? Other than to create >>> confusion of course. >> >> I think /etc/skel is intended for user-supplied files in the >> first place when overriding system-supplied files in /usr/share/skel >> is intended (by changing the default location for tools like pw >> and adduser). It's also a Linuxism. :-) >> >> >> > > That would be all well and good, but /etc/skel just doesn't work Nowhere is it documented to work. man adding_user, man pw.conf and man adduser all document /usr/share/skel as the relevant directory. FreeBSD is not Linux, and RTFM is always sound advice. -- By June 1949, people had begun to realize that it was not so easy to get a program right as had at one time appeared. It was on one of my journeys between the EDSAC room and the punching equipment that the realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs. -- Maurice Wilkes From owner-freebsd-questions@freebsd.org Tue Mar 7 12:33:22 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 51AEDCFB7B4 for ; Tue, 7 Mar 2017 12:33:22 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.231]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cdptpa-oedge", Issuer "cdptpa-oedge" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 185ED1129 for ; Tue, 7 Mar 2017 12:33:21 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from [76.181.114.47] ([76.181.114.47:57416] helo=raspberrypi.bildanet.com) by cdptpa-omsmta02 (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 3D/C6-16480-A88AEB85; Tue, 07 Mar 2017 12:33:14 +0000 Received: from [192.168.1.40] (helo=desktop.example.org) by raspberrypi.bildanet.com with esmtp (Exim 4.84) (envelope-from ) id 1clEIk-0004G8-A7; Tue, 07 Mar 2017 07:33:14 -0500 Subject: Re: /etc/skel doesn't work?! To: Arthur Chance , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> From: Baho Utot Message-ID: <6ef72837-3399-86ec-e2eb-8260b256acef@columbus.rr.com> Date: Tue, 7 Mar 2017 07:33:14 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-RR-Connecting-IP: 107.14.168.7:25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 12:33:22 -0000 On 03/07/17 07:23, Arthur Chance wrote: > On 07/03/2017 12:12, Baho Utot wrote: >> >> >> On 03/06/17 16:40, Polytropon wrote: >>> On Mon, 6 Mar 2017 21:51:25 +0200, Chris Knipe wrote: >>>> Just out of interest... >>>> >>>> Is there any reason why /etc/skel IS there then? Other than to create >>>> confusion of course. >>> >>> I think /etc/skel is intended for user-supplied files in the >>> first place when overriding system-supplied files in /usr/share/skel >>> is intended (by changing the default location for tools like pw >>> and adduser). It's also a Linuxism. :-) >>> >>> >>> >> >> That would be all well and good, but /etc/skel just doesn't work > > Nowhere is it documented to work. man adding_user, man pw.conf and man > adduser all document /usr/share/skel as the relevant directory. > > FreeBSD is not Linux, and RTFM is always sound advice. > Then why is /etc/skel there and FTFM From owner-freebsd-questions@freebsd.org Tue Mar 7 14:14:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 881BAD01C56 for ; Tue, 7 Mar 2017 14:14:15 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.home.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "fileserver.home.qeng-ho.org", Issuer "fileserver.home.qeng-ho.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1F8D31185 for ; Tue, 7 Mar 2017 14:14:13 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id v27EE882010012; Tue, 7 Mar 2017 14:14:08 GMT (envelope-from freebsd@qeng-ho.org) Subject: Re: /etc/skel doesn't work?! To: Baho Utot , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> <6ef72837-3399-86ec-e2eb-8260b256acef@columbus.rr.com> From: Arthur Chance Message-ID: <81c0f90c-eb5b-4796-a0c7-cf906a0e549c@qeng-ho.org> Date: Tue, 7 Mar 2017 14:14:08 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <6ef72837-3399-86ec-e2eb-8260b256acef@columbus.rr.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 14:14:15 -0000 On 07/03/2017 12:33, Baho Utot wrote: > > > On 03/07/17 07:23, Arthur Chance wrote: >> On 07/03/2017 12:12, Baho Utot wrote: >>> >>> [snip] >>> That would be all well and good, but /etc/skel just doesn't work >> >> Nowhere is it documented to work. man adding_user, man pw.conf and man >> adduser all document /usr/share/skel as the relevant directory. >> >> FreeBSD is not Linux, and RTFM is always sound advice. >> > > Then why is /etc/skel there Good question. The proximate cause is the entry in /etc/mtree/BSD.root.dist but that doesn't explain the rationale. A quick scan of the svn repository shows that pw was added for 2.1.7-R (slightly over 20 years ago), but it used /usr/share/skel from day one. Looking at the svn entries for /etc/mtree/BSD.root.dist I find that /etc/skel was introduced at 2.2.7-R by Jordan Hubbard on Feb 27th 1998 with the comment: "MFC: /etc/skel doesn't seem to be used in the -current branch either, but it doesn't hurt." This probably comes under the heading of "it seemed like a good idea at the time". > and FTFM The manual isn't wrong. However, I agree it could be a little more helpful in correcting the illusions of those coming from Linux. -- By June 1949, people had begun to realize that it was not so easy to get a program right as had at one time appeared. It was on one of my journeys between the EDSAC room and the punching equipment that the realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs. -- Maurice Wilkes From owner-freebsd-questions@freebsd.org Tue Mar 7 16:05:16 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4D982D0183C for ; Tue, 7 Mar 2017 16:05:16 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 17AE21D1D for ; Tue, 7 Mar 2017 16:05:16 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9d7a:ec01:34de:8d3a]) by hz.citrin.ru (Postfix) with ESMTPSA id 6BFEE29A4FF for ; Tue, 7 Mar 2017 16:05:13 +0000 (UTC) Subject: Re: IWN 6200 FW To: freebsd-questions@freebsd.org References: From: Anton Yuzhaninov Message-ID: <8d0a5530-e646-e15d-6027-435bbf470a4b@citrin.ru> Date: Tue, 7 Mar 2017 11:05:10 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1488902713; bh=ARz6Uu3lTOeBT/13VezEEKETA/s1+M6rabci8B97Kck=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=j+R+0e3mcsPTPz2vZXQ7YqEenieBOVL4hwbsKdKboF+PgSeYB2UNz9s7+F2HCZ2I74kw5buq/DzTkSPZfLRsZzKWPy7jz//eCzCUjtfqFnzHq1KBGPu2EOK0dvYPbsbGqd8sSx/QM0/sFFjT/S7rY7InDhHnS2/OZkJ/DR4tOYo= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 16:05:16 -0000 On 03/06/17 13:05, Tomasz CEDRO wrote: > I just got the Panasonic CF-F9 laptop with Intel Centrino 6200 WiFi > card. Card is invisible by default on the raw system. I guess I need > to put somewhere a dedicated firmware for this particular card..? 1. This card should be supported by iwn driver, which is in GENERIC kernel config. If you use custom kernel config without iwn, load it as module. 2. check messages from iwn in dmesg (and /var/run/dmesg.boot file) 3. If there are no messages from iwn, post output from pciconf -vl for you card. From owner-freebsd-questions@freebsd.org Tue Mar 7 16:49:28 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8023AD02641 for ; Tue, 7 Mar 2017 16:49:28 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cdptpa-oedge", Issuer "cdptpa-oedge" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 462B31968 for ; Tue, 7 Mar 2017 16:49:27 +0000 (UTC) (envelope-from baho-utot@columbus.rr.com) Received: from [76.181.114.47] ([76.181.114.47:57541] helo=raspberrypi.bildanet.com) by cdptpa-omsmta03 (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 27/DD-21189-F84EEB85; Tue, 07 Mar 2017 16:49:19 +0000 Received: from [192.168.1.40] (helo=desktop.example.org) by raspberrypi.bildanet.com with esmtp (Exim 4.84) (envelope-from ) id 1clIIZ-0004Lf-EC; Tue, 07 Mar 2017 11:49:19 -0500 Subject: Re: /etc/skel doesn't work?! To: Arthur Chance , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> <6ef72837-3399-86ec-e2eb-8260b256acef@columbus.rr.com> <81c0f90c-eb5b-4796-a0c7-cf906a0e549c@qeng-ho.org> From: Baho Utot Message-ID: Date: Tue, 7 Mar 2017 11:49:19 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <81c0f90c-eb5b-4796-a0c7-cf906a0e549c@qeng-ho.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-RR-Connecting-IP: 107.14.168.88:25 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 16:49:28 -0000 On 03/07/17 09:14, Arthur Chance wrote: > On 07/03/2017 12:33, Baho Utot wrote: >> >> >> On 03/07/17 07:23, Arthur Chance wrote: >>> On 07/03/2017 12:12, Baho Utot wrote: >>>> >>>> > > [snip] > >>>> That would be all well and good, but /etc/skel just doesn't work >>> >>> Nowhere is it documented to work. man adding_user, man pw.conf and man >>> adduser all document /usr/share/skel as the relevant directory. >>> >>> FreeBSD is not Linux, and RTFM is always sound advice. >>> >> >> Then why is /etc/skel there > > Good question. The proximate cause is the entry in > /etc/mtree/BSD.root.dist but that doesn't explain the rationale. > > A quick scan of the svn repository shows that pw was added for 2.1.7-R > (slightly over 20 years ago), but it used /usr/share/skel from day one. > > Looking at the svn entries for /etc/mtree/BSD.root.dist I find that > /etc/skel was introduced at 2.2.7-R by Jordan Hubbard on Feb 27th 1998 > with the comment: > > "MFC: /etc/skel doesn't seem to be used in the -current branch either, > but it doesn't hurt." > > This probably comes under the heading of "it seemed like a good idea at > the time". > >> and FTFM > > The manual isn't wrong. However, I agree it could be a little more > helpful in correcting the illusions of those coming from Linux. > So are you saying that you are going to fix this? From owner-freebsd-questions@freebsd.org Tue Mar 7 18:09:26 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9FF8D024A3 for ; Tue, 7 Mar 2017 18:09:26 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.home.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "fileserver.home.qeng-ho.org", Issuer "fileserver.home.qeng-ho.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FE5A1C55 for ; Tue, 7 Mar 2017 18:09:25 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id v27I9Jvj011512; Tue, 7 Mar 2017 18:09:19 GMT (envelope-from freebsd@qeng-ho.org) Subject: Re: /etc/skel doesn't work?! To: Baho Utot , freebsd-questions@freebsd.org References: <1488813922.11457.12.camel@inhio.net> <20170306195758.17d83f1d.freebsd@edvax.de> <20170306194515.GA1541@hephaistos.local> <20170306224041.21c7b709.freebsd@edvax.de> <679e1574-178f-5395-45f5-44a1ef377822@columbus.rr.com> <6ef72837-3399-86ec-e2eb-8260b256acef@columbus.rr.com> <81c0f90c-eb5b-4796-a0c7-cf906a0e549c@qeng-ho.org> From: Arthur Chance Message-ID: <57746e70-b7cd-e893-fb83-df79929ed4bc@qeng-ho.org> Date: Tue, 7 Mar 2017 18:09:19 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 18:09:26 -0000 On 07/03/2017 16:49, Baho Utot wrote: > > > On 03/07/17 09:14, Arthur Chance wrote: >> On 07/03/2017 12:33, Baho Utot wrote: >>> >>> >>> On 03/07/17 07:23, Arthur Chance wrote: >>>> On 07/03/2017 12:12, Baho Utot wrote: >>>>> >>>>> >> >> [snip] >> >>>>> That would be all well and good, but /etc/skel just doesn't work >>>> >>>> Nowhere is it documented to work. man adding_user, man pw.conf and man >>>> adduser all document /usr/share/skel as the relevant directory. >>>> >>>> FreeBSD is not Linux, and RTFM is always sound advice. >>>> >>> >>> Then why is /etc/skel there >> >> Good question. The proximate cause is the entry in >> /etc/mtree/BSD.root.dist but that doesn't explain the rationale. >> >> A quick scan of the svn repository shows that pw was added for 2.1.7-R >> (slightly over 20 years ago), but it used /usr/share/skel from day one. >> >> Looking at the svn entries for /etc/mtree/BSD.root.dist I find that >> /etc/skel was introduced at 2.2.7-R by Jordan Hubbard on Feb 27th 1998 >> with the comment: >> >> "MFC: /etc/skel doesn't seem to be used in the -current branch either, >> but it doesn't hurt." >> >> This probably comes under the heading of "it seemed like a good idea at >> the time". >> >>> and FTFM >> >> The manual isn't wrong. However, I agree it could be a little more >> helpful in correcting the illusions of those coming from Linux. >> > > So are you saying that you are going to fix this? I'm not a FreeBSD developer or documenter, just a long term user. I don't think there's anything wrong other than some people failing to read the manual, and maybe a specious directory that is misleading to those converting from Linux. If you think there's a problem that needs fixing, here's the page on submitting bug reports. https://www.freebsd.org/support.html If you include a suggested fix with your bug report it may get fixed faster. -- By June 1949, people had begun to realize that it was not so easy to get a program right as had at one time appeared. It was on one of my journeys between the EDSAC room and the punching equipment that the realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs. -- Maurice Wilkes From owner-freebsd-questions@freebsd.org Tue Mar 7 18:31:40 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32565D00126 for ; Tue, 7 Mar 2017 18:31:40 +0000 (UTC) (envelope-from jjohnstone@tridentusa.com) Received: from mail.tridentusa.com (mail.tridentusa.com [96.225.19.3]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail.tridentusa.com", Issuer "mail.tridentusa.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id ED8D71816 for ; Tue, 7 Mar 2017 18:31:39 +0000 (UTC) (envelope-from jjohnstone@tridentusa.com) Received: (qmail 63942 invoked from network); 7 Mar 2017 13:24:56 -0500 Received: from pool-108-53-138-183.nwrknj.fios.verizon.net (HELO ?192.168.1.156?) (jjohnstone@tridentusa.com@108.53.138.183) by mail.tridentusa.com with SMTP; 7 Mar 2017 13:24:56 -0500 Subject: Re: Off topic: smtp HELO question To: freebsd-questions@freebsd.org References: <58BD94BD.9020405@sneakertech.com> <1350d47b-5723-5171-3cd9-27e9b02aeb8b@FreeBSD.org> <58BD9DC2.9020802@sneakertech.com> <20170306184357.60de652b@gumby.homeunix.com> <58BDBE2F.90207@sneakertech.com> From: John Johnstone Message-ID: <537cf87f-f60d-5e71-c6a2-1cb94cfcc649@tridentusa.com> Date: Tue, 7 Mar 2017 13:24:56 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <58BDBE2F.90207@sneakertech.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 18:31:40 -0000 On 3/6/17 2:53 PM, Quartz wrote: > I get a 7/10 (apparently because I never set a SPF to hook my mail > service to my domain?). If the fundamentals of your outgoing mail server aren't good enough, any hair-splitting differences with submission are irrelevant. I'd not spend any time worrying about your Thunderbird configuration unless you have evidence that it's a problem somewhere. You need to be especially careful that you have correctly implemented SPF or DKIM. Some mail servers will regard incorrect configurations worse than none. If your "external address floats around depending on what my ISP gives me" means that your mail server has an address in an ISP's DHCP address space, you're at a major disadvantage right there. Many mail servers will reject or score badly mail that comes from a dynamic IP. If you can't get a domain name of your choice (e.g. mail.your-domain-name.tld) assigned to your external IP, even if it is static, that's a major problem. You can lookup your IP at Spamhaus and if it's listed in the PBL you're almost guaranteed to have delivery problems. If you're operating your own mail server your volume may be too low to have an meaningful reputation but you can check your IP at someplace like SenderBase. You can do a web search on "email delivery". Sad to say but it's not a trivial topic in today's world. - John J. From owner-freebsd-questions@freebsd.org Tue Mar 7 20:22:09 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AFF6BD02D9D for ; Tue, 7 Mar 2017 20:22:09 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "inet08.hamilton.harte-lyne.ca", Issuer "CA_HLL_ISSUER_2016" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 886021688 for ; Tue, 7 Mar 2017 20:22:09 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id AE52362165 for ; Tue, 7 Mar 2017 15:16:44 -0500 (EST) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from inet08.hamilton.harte-lyne.ca ([127.0.0.1]) by localhost (inet08.hamilton.harte-lyne.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4U1XtcsUqU_j for ; Tue, 7 Mar 2017 15:16:43 -0500 (EST) Received: from webmail.harte-lyne.ca (inet04.hamilton.harte-lyne.ca [216.185.71.24]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTPSA id 3ECE06212B for ; Tue, 7 Mar 2017 15:16:43 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=harte-lyne.ca; s=dkim_hll; t=1488917803; bh=8rZqBD6b2xEa3n5mWublO2nbi8eRxvS2xo9I2oCi91U=; h=Date:Subject:From:To:Reply-To; b=NyqZ9iHHK4c3oxugRSibNAO23nkTe04WQEVVuoyeP4YQuLVVjCoebWATt/QaHkxUI Eie69/VjN/IT3zthhJe5CcrGieKx1awUeUNoYJhI92jQaNE+2C/jqBpRGHG5e2WE6X akQSD9RB1wc0iQkQmTwtJnxeJlPKZfrbDbtWK8FXZUVSu/y6N4e1AAK69wZS6jP9nY XXIeqw/MsOiJN23uY5/iiw/+p80PWFX4bZePvRTOI8X5l7dx09FUnXjhG6n9BP31eV OeRNZqVBOOKNnhfL+ov+Tbz6yKV10XBLQmNSYVDn49ZXhpHMoQeCb+UeU0FQqhLOpw 1lmsE/e5zsf2A== Received: from 216.185.71.44 (SquirrelMail authenticated user byrnejb_hll) by webmail.harte-lyne.ca with HTTP; Tue, 7 Mar 2017 15:16:43 -0500 Message-ID: <521f6b698d6fca53217c8f54a92c2937.squirrel@webmail.harte-lyne.ca> Date: Tue, 7 Mar 2017 15:16:43 -0500 Subject: Idempere on FreeBSD From: "James B. Byrne" To: freebsd-questions@freebsd.org Reply-To: byrnejb@harte-lyne.ca User-Agent: SquirrelMail/1.4.22-4.el6 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 20:22:09 -0000 Is anyone on this list running iDempere on FreeBSD-11? If so can you share with me any prerequisites or 'gotchas' with respect to installing it? -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 From owner-freebsd-questions@freebsd.org Tue Mar 7 20:29:48 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E157AD02089; Tue, 7 Mar 2017 20:29:48 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ua0-x244.google.com (mail-ua0-x244.google.com [IPv6:2607:f8b0:400c:c08::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A72B81A98; Tue, 7 Mar 2017 20:29:48 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ua0-x244.google.com with SMTP id 72so2676754uaf.1; Tue, 07 Mar 2017 12:29:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=c7V23IEUlgIt6PhlZHJt9kZ8ynZqdukuFygrFP5v0yk=; b=MlMUlTMMySclqV7c/eUrxqXstSi2Tsa93vDMR8fitNcxDCBy7nm2xa7yQEf8IOCrkT 5YQltvsRDWVYmta18ihFUslIu8k8Y/vK/ZJXf7uXzRiALlYkfX7ipbS7g8uVjJbI0jal koWIS2uz4Guw2i+lsPCzDFyxsNVFRpA6zXcwtZOklf0w82EEeExhWnQcbRWgH1gh57L7 a0NV9ceCWedSxjqQAioXAEXejh2doo/n8XSWLM7VvpBAmt0Tg/6VRnS674HwLOfE/5/O Tm2mgSfijCYtG68xtdGm5WaumRdVjsC7PCJU14e4tlmz2mcKajNT0iwl/M5Dper60q1/ 2JAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=c7V23IEUlgIt6PhlZHJt9kZ8ynZqdukuFygrFP5v0yk=; b=so0FuFe4XjEBJVGx4mSuTZzBYEUzgbM4z8iXXm6fhio/ebVn3kWZ+EMcMKxCa7lI8s m5pmdWi5/iqlrr+HtHc0cxW4zszgipBjXp61H082GtJaFUipvgvjQBWij3/rEG2ZyAc4 CwEa+DEujPA9EBtniFFaO7T97U4TWM3ns8WBiFJF3DsqeUvv36FmQ1R0Q5njV9xLBR/j nE+04XNAVSfUhspRPfqQ1abayVfmtub6VX9wRaUeIfUHK//cO6+jD2xrrPoCwbVYaKm1 vuD1S554SDRCbRoK61ygTyN/HXI4ipmRi9l/EVvYm9Zc7Ci4fRnOAFwrHeV/JRQYS/jz OfkA== X-Gm-Message-State: AMke39kJOA4DnlK8IQfp+flYzhRs0/X6/DlIj4crCM49ymtd2AkO+hL/amUDKkHqZpCCK/raRPqiuyKsMf7aoQ== X-Received: by 10.176.83.142 with SMTP id k14mr1259753uaa.64.1488918587627; Tue, 07 Mar 2017 12:29:47 -0800 (PST) MIME-Version: 1.0 Received: by 10.159.48.143 with HTTP; Tue, 7 Mar 2017 12:29:07 -0800 (PST) From: grarpamp Date: Tue, 7 Mar 2017 15:29:07 -0500 Message-ID: Subject: WikiLeaks CIA Exploits: FreeBSD References Within To: freebsd-security@freebsd.org Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 20:29:49 -0000 https://search.wikileaks.org/?q=freebsd Currently returns many pages similarly named... "Shell Code Database This page includes local links to a shellcode database discovered at shell-storm.org." (And a pentest report mention from much older HBGary. Plus some other unlikely miscellaneous hits.) As this is only part 1 of a supposedly multipart release of potentially new exploits, it makes sense to establish ongoing search and review of this dataset for any as yet unfixed exploits. Included as fyi on cc: questions@ and hackers@ . Discussion is likely better moved in reply to just security@ , with reporting of any actual unfixed exploits found to the FreeBSD Bugzilla tracker. From owner-freebsd-questions@freebsd.org Tue Mar 7 22:44:11 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B4EFAD02BF4 for ; Tue, 7 Mar 2017 22:44:11 +0000 (UTC) (envelope-from rossp@f-m.fm) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8CE071C62 for ; Tue, 7 Mar 2017 22:44:10 +0000 (UTC) (envelope-from rossp@f-m.fm) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id E9D5E20A23 for ; Tue, 7 Mar 2017 17:44:09 -0500 (EST) Received: from web4 ([10.202.2.214]) by compute2.internal (MEProxy); Tue, 07 Mar 2017 17:44:09 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=f-m.fm; h= content-transfer-encoding:content-type:date:from:message-id :mime-version:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= mesmtp; bh=sDuZd6wnETqF/68YdTTlH6PW9BU=; b=Zj8O/bTKIre4yN2KDLbQV HFeRhgt8l2rgryLTj5UKM8E1gZz/nrNCzt7sz3qnB5lRtVGKTG5a2WI0JpOb3VWY mghT9XPoerxO7tMHWXk8d+01h3TGVE7Dp5do4sApWuHCMhs/GAL2rlg5mtXwCswu 1KzDXjPdOCusC+UN6rX5+s= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=smtpout; bh=sDuZd6wnETqF/68YdTTlH6PW9 BU=; b=JAbLlLLEOwAgXvFBz16rmNKjdV/HmZFQy3LOwrthu47LRI8SrwLzvNJlr nCqdvlsTNCyoQKETa5lS7+mXs1v0gVQLZApIpVXl1VSohO+mQqOe03GMhsmG7yvV wnfisKiLuyNTgq+809A9U6QBegD7aNIaJZeAoifsFYsHf9iha4= X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id CB747BAB57; Tue, 7 Mar 2017 17:44:09 -0500 (EST) Message-Id: <1488926649.2786033.903855688.6E53A794@webmail.messagingengine.com> From: Ross Penner To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-9f47d516 Subject: Pkg errors while trying to rebuild packages while updating to 11.0 Date: Tue, 07 Mar 2017 14:44:09 -0800 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2017 22:44:11 -0000 I'm in the process of updating 10.3 to 11.0 and I'm at the step where I need to rebuild all my pkgs. As suggested, I run "pkg-static install -f pkg" unfortunetly, that fails: ... FreeBSD repository update completed. 25860 packages processed. pkg-static: warning: database version 34 is newer than libpkg(3) version 33, but still compatible pkg-static: sqlite error while executing INSERT OR ROLLBACK INTO pkg_search(id, name, origin) VALUES (?1, ?2 || '-' || ?3, ?4); in file pkgdb.c:1544: no such table: pkg_search # I'm hoping for some quick advice to try and remedy this. Thank you. From owner-freebsd-questions@freebsd.org Wed Mar 8 04:13:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74450D00551 for ; Wed, 8 Mar 2017 04:13:17 +0000 (UTC) (envelope-from xyin@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C196B19DE for ; Wed, 8 Mar 2017 04:13:16 +0000 (UTC) (envelope-from xyin@gmx.com) Received: from [192.168.78.87] ([45.62.236.228]) by mail.gmx.com (mrgmx101 [212.227.17.174]) with ESMTPSA (Nemesis) id 0Lpfas-1c660T37pu-00fP5h for ; Wed, 08 Mar 2017 05:13:08 +0100 Date: Tue, 7 Mar 2017 23:13:05 -0500 (EST) From: Xihong Yin X-X-Sender: rock@router1.myhome.westell.com To: freebsd-questions@freebsd.org Subject: Xorg failed to start as normal user Message-ID: User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-Provags-ID: V03:K0:qpxmMkW/qwf0BtQ3MEx97ildO3P0Y3x+KwtZG1s5NjRbs+rYSV4 OQDJ/3Zl0ddVEoAeYgCIpmTdeMNeSREr2gv7rAvCV5yE0nDYtkxnnSFeK2IWhIchCrGmPgZ bYn/6mRQi1noagH456aKylZnwLkzQpokkBlXytcxeCZw/KG9gjuLgXr3RnEpxs4+3ASIf6A HrNlkhJMGnOBcAumVVAtQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:q8Wwpqq1ZVo=:RxKQSdu96bCFd7rBkUMtSY p0IOvCJPHHh78yVBfZNHfKdUqunerG1IaCiSK7eYYmxL02M0d5EUJU4BNXInB9rLyGX0ODM5O RNauucoD3BSCNJAY3zJFKD/dF5ejZZZQTfjN+MwKJmopUJYRk9oWeytU5s9NrpJ4IAtXhdNR6 ShQY9sxPeVf/9Wxo+NLR1SoiDTQxEa6zYj5EfRqq4ztTJ5RDya7wbc3chLyjC+sAk1G1shSK1 D+pzFSYGnEz1RMkHa8f26ZRyj7M4WowkvyxqaUUacp4wdIIVeQydwKp1vLWMYiRm6kVfYeR2Z usz0E7HvjL1wqW8xF6k6Mt4KrgDcLbU0YEk2gmeFGorNQu1wbz/qrRyxLarnHjRgVCvsGZg1Z Wz7VtSoDdFZyvImQM8QScROZHFYzXDWBZOsIuhPAckahuK+YqfOFo6Q6CRGcno7n/+La1cOJ5 8MyOmKe3y/mlKXW66WOjzy4TU/k3go8FyX90LYtpfqug2lBm/uD/0lu8vCIr1ghpKzMihzbU+ hSqUPUw+MIHUjBEu/chMJIIfiH6ddHHtQ4co00IJHZfQgJppRzM0o2PbRBMEhJViTTc09KqUB w8aY8FsUjUeg/i4CkAM/SkxpLJdXZTECs+YsAezanQEBPBNgClBYJmlspAaLw+IEaiyUe7N4m 6h56oyR/h9KNB4Gg4DtrlU4Fc87HuuaXvxGprK/3gh5cbQsZ5dfu1BV/YUbZSsiqLmiX5UYUA ZDAtD5rVfFhMbazS9qaKP8hNnieeBHDc0J/TmQPc87dKGI3lVBxtPmABxs47inDs799kvePLg jwfkGyZ X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 04:13:17 -0000 Hi, I recently upgraded from 10.3 to 11. All ports are upgraded as well. I have a strange problem, Xorg failed to start when I login as a normal user. If I login as root, Xorg can starts without a problem. I already added the normal user to the wheel group. Below is the error message of the failed case. Please help. [ 9822.110] (EE) [ 9822.110] (EE) Backtrace: [ 9822.117] (EE) 0: /usr/local/bin/X (OsInit+0x3fb) [0x82024d6] [ 9822.124] (EE) 1: /lib/libthr.so.3 (_pthread_sigmask+0x6a4) [0x286fceb4] [ 9822.132] (EE) 2: /lib/libthr.so.3 (_pthread_getspecific+0x110b) [0x286fcc5b] [ 9822.139] (EE) 3: ? (?+0x110b) [0xbfc0010f] [ 9822.147] (EE) 4: /usr/local/llvm39/lib/libLLVM-3.9.so (LLVMParseCommandLineO ptions+0xa6c) [0x2a0388b8] [ 9822.155] (EE) 5: /usr/local/llvm39/lib/libLLVM-3.9.so (LLVMParseCommandLineO ptions+0xbec) [0x2a038bb8] [ 9822.162] (EE) 6: /usr/local/llvm39/lib/libLLVM-3.9.so (_ZN4llvm2cl6Option11a ddArgumentEv+0x8c) [0x2a02b388] [ 9822.170] (EE) 7: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 (_ZNSt3__127__i nsertion_sort_incompleteIRNS_6__lessINS_4pairIN4llvm10TimeRecordENS_12basic_stri ngIcNS_11char_traitsIcEENS_9allocatorIcEEEEEESB_EEPSB_EEbT0_SF_T_+0x7de) [0x2e38 d15c] [ 9822.177] (EE) 8: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 (_ZN4llvm3sys8W atchdogD2Ev+0x1b2) [0x2e3cb154] [ 9822.185] (EE) 9: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 (_init+0xd) [0x 2e31817a] [ 9822.192] (EE) 10: ? (_rtld_is_dlopened+0x1392) [0x28241274] [ 9822.200] (EE) 11: ? (dlopen+0x1b5) [0x2823ce5a] [ 9822.207] (EE) 12: ? (dlopen+0x24) [0x2823cb38] [ 9822.214] (EE) 13: /usr/local/lib/libGL.so.1 (_init+0x230d0) [0x28876fe4] [ 9822.222] (EE) 14: /usr/local/lib/xorg/modules/extensions/libglx.so (GlxSetVi sualConfigs+0x6ef8) [0x28861f80] [ 9822.229] (EE) 15: /usr/local/lib/libGL.so.1 (_init+0x219b1) [0x288741a6] [ 9822.237] (EE) 16: /usr/local/bin/X (InitExtensions+0x6c) [0x80f2e88] [ 9822.244] (EE) 17: /usr/local/bin/X (remove_fs_handlers+0x34f) [0x807d83e] [ 9822.251] (EE) 18: /usr/local/bin/X (_start+0x23c) [0x8066308] [ 9822.258] (EE) 19: /usr/local/bin/X (_start+0x15a) [0x8066144] [ 9822.266] (EE) 20: /usr/local/bin/X (_start+0x18) [0x8065ea8] [ 9822.266] (EE) [ 9822.266] (EE) Segmentation fault at address 0x2f1c6000 [ 9822.266] (EE) Fatal server error: [ 9822.266] (EE) Caught signal 11 (Segmentation fault). Server aborting [ 9822.266] (EE) [ 9822.266] (EE) From owner-freebsd-questions@freebsd.org Wed Mar 8 07:16:24 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 39006D02A90 for ; Wed, 8 Mar 2017 07:16:24 +0000 (UTC) (envelope-from gandalf@shopzeus.com) Received: from shopzeus.com (shopzeus.com [87.229.70.149]) by mx1.freebsd.org (Postfix) with ESMTP id EE91F17C5 for ; Wed, 8 Mar 2017 07:16:23 +0000 (UTC) (envelope-from gandalf@shopzeus.com) Received: from [127.127.127.127] (localhost [127.127.127.127]) (Authenticated sender: gandalf) by shopzeus.com (Postfix) with ESMTPSA id EF325889CDE1; Wed, 8 Mar 2017 01:16:20 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shopzeus.com; s=shopzeus_com; t=1488953781; bh=aQcnGmkF1e5cuUrohZCYY0izQJHs8ot8pDYpEIzwahg=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=jKe3s0VzQkyB2lbEemSvhkTFkbpvA1AB/4ptcSViPSrZyuVbbC4/n7ekSyEn38vle q8pDeZPp8hHGtJbvhcljMNtAMkzvDY8KkMp4J5yJz1xnOZLsALmdsDz/1pLui0Zz/H cI+qTkD7Ds0CdKwX57vRk5/g5ghIeERKUYRjJCqJBGUB5fZaBQEgvIaJl+MJLEIhB3 8YP7pb/ERlU+iNfqfD87nx0V+Dw7zTJZ8tX4Likw0tF5tEgqpZMPNoGZkg+0dOzgG9 SvIuNq6kJZHelt4bgDzX0mgcv9Vu7BsBh48swRNJP8XT1dINSIYnTkZR7TdYJmNkLV Fw33pru2NzDEA== Subject: [SOLVED] Re: TCP connection stalled To: Ian Smith References: <20170304230752.E9983@sola.nimnet.asn.au> Cc: freebsd-questions@freebsd.org From: =?UTF-8?Q?Nagy_L=c3=a1szl=c3=b3_Zsolt?= Message-ID: <2feaaa50-21c1-9fc2-9c1a-bb682966f087@shopzeus.com> Date: Wed, 8 Mar 2017 08:16:15 +0100 MIME-Version: 1.0 In-Reply-To: <20170304230752.E9983@sola.nimnet.asn.au> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 07:16:24 -0000 > > The internet connection has download speed 500Mbps and upload speed = 30Mbps. > > Lucky you :) Is that via PPPoE or what protocol? (may matter re mtu) It is a cable modem, not using PPPoE. But I'm not sure about the correct MTU. > > > Internet is connected via a public IPv4 address as shown below (real= ip > > hidden with 'x' chars) > >=20 > > nfe0: flags=3D8843 metric 0 = mtu 1500 > > options=3Dc219b > > ether 40:61:86:ed:e6:41 > > inet 37.xxx.xxx.xxx netmask 0xfffffe00 broadcast 255.255.255= =2E255 > > That seems a strange broadcast address with that IP and netmask? Never= =20 > mind, perhaps that's different on FreeBSD 11? I guess it was given by the DHCP server of the ISP, they hopefully have a good reason for using a 9 bit wide subnet. :-) > > Likely due to ipfw(8) /BUGS, near the end (applies to natd too) > > Due to the architecture of libalias(3), ipfw nat is not compatible= with > the TCP segmentation offloading (TSO). Thus, to reliably nat your= net- > work traffic, please disable TSO on your NICs using ifconfig(8). > > See ifconfig(8). You need ifconfig nfe0 -tso4 and possibly? -vlanhwtso= ,=20 > with the same applying on your LAN-facing interface. I don't say I fully understand this, but after executing this: ifconfig nfe0 -tso4 -vlanhwtso the upload speed went up to 1.8MB/sec instantly. :-) Problem solved! Thank you! From owner-freebsd-questions@freebsd.org Wed Mar 8 07:50:43 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4B9F5D02AC4 for ; Wed, 8 Mar 2017 07:50:43 +0000 (UTC) (envelope-from holindho@saunalahti.fi) Received: from vs24.mail.saunalahti.fi (vs24.mail.saunalahti.fi [62.142.117.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vs24.mail.saunalahti.fi", Issuer "vs24.mail.saunalahti.fi" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 01C5D1DA8 for ; Wed, 8 Mar 2017 07:50:42 +0000 (UTC) (envelope-from holindho@saunalahti.fi) Received: from vs24.mail.saunalahti.fi (localhost [127.0.0.1]) by vs24.mail.saunalahti.fi (Postfix) with ESMTP id 0663E200BF for ; Wed, 8 Mar 2017 09:43:23 +0200 (EET) Received: from gw02.mail.saunalahti.fi (gw02.mail.saunalahti.fi [195.197.172.116]) by vs24.mail.saunalahti.fi (Postfix) with ESMTP id EF8A520084 for ; Wed, 8 Mar 2017 09:43:22 +0200 (EET) Received: from [10.0.0.7] (62-78-248-13.bb.dnainternet.fi [62.78.248.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by gw02.mail.saunalahti.fi (Postfix) with ESMTPSA id E327940051 for ; Wed, 8 Mar 2017 09:43:21 +0200 (EET) Subject: Re: Xorg failed to start as normal user To: freebsd-questions@freebsd.org References: From: Heikki Lindholm Message-ID: <8e3f33b1-ff4f-8453-0019-2095c49bea33@saunalahti.fi> Date: Wed, 8 Mar 2017 09:43:16 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 07:50:43 -0000 On 08.03.2017 06:13, Xihong Yin wrote: > Hi, > > I recently upgraded from 10.3 to 11. All ports are upgraded as well. I > have a strange problem, Xorg failed to start when I login as a normal > user. If I login as root, Xorg can starts without a problem. > > I already added the normal user to the wheel group. It should be the video group under 11. From owner-freebsd-questions@freebsd.org Wed Mar 8 08:15:36 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A7C2D00986 for ; Wed, 8 Mar 2017 08:15:36 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from bede.home.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "fileserver.home.qeng-ho.org", Issuer "fileserver.home.qeng-ho.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 013661363 for ; Wed, 8 Mar 2017 08:15:35 +0000 (UTC) (envelope-from freebsd@qeng-ho.org) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.home.qeng-ho.org (8.15.2/8.15.2) with ESMTP id v288FX69016875; Wed, 8 Mar 2017 08:15:33 GMT (envelope-from freebsd@qeng-ho.org) Subject: Re: Xorg failed to start as normal user To: Xihong Yin , freebsd-questions@freebsd.org References: From: Arthur Chance Message-ID: Date: Wed, 8 Mar 2017 08:15:33 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 08:15:36 -0000 On 08/03/2017 04:13, Xihong Yin wrote: > Hi, > > I recently upgraded from 10.3 to 11. All ports are upgraded as well. I > have a strange problem, Xorg failed to start when I login as a normal > user. If I login as root, Xorg can starts without a problem. > > I already added the normal user to the wheel group. > > Below is the error message of the failed case. Please help. > > > [ 9822.110] (EE) > [ 9822.110] (EE) Backtrace: > [ 9822.117] (EE) 0: /usr/local/bin/X (OsInit+0x3fb) [0x82024d6] > [ 9822.124] (EE) 1: /lib/libthr.so.3 (_pthread_sigmask+0x6a4) [0x286fceb4] > [ 9822.132] (EE) 2: /lib/libthr.so.3 (_pthread_getspecific+0x110b) > [0x286fcc5b] > [ 9822.139] (EE) 3: ? (?+0x110b) [0xbfc0010f] > [ 9822.147] (EE) 4: /usr/local/llvm39/lib/libLLVM-3.9.so > (LLVMParseCommandLineO > ptions+0xa6c) [0x2a0388b8] > [ 9822.155] (EE) 5: /usr/local/llvm39/lib/libLLVM-3.9.so > (LLVMParseCommandLineO > ptions+0xbec) [0x2a038bb8] > [ 9822.162] (EE) 6: /usr/local/llvm39/lib/libLLVM-3.9.so > (_ZN4llvm2cl6Option11a > ddArgumentEv+0x8c) [0x2a02b388] > [ 9822.170] (EE) 7: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 > (_ZNSt3__127__i > nsertion_sort_incompleteIRNS_6__lessINS_4pairIN4llvm10TimeRecordENS_12basic_stri > > ngIcNS_11char_traitsIcEENS_9allocatorIcEEEEEESB_EEPSB_EEbT0_SF_T_+0x7de) > [0x2e38 > d15c] > [ 9822.177] (EE) 8: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 > (_ZN4llvm3sys8W > atchdogD2Ev+0x1b2) [0x2e3cb154] > [ 9822.185] (EE) 9: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 > (_init+0xd) [0x > 2e31817a] > [ 9822.192] (EE) 10: ? (_rtld_is_dlopened+0x1392) [0x28241274] > [ 9822.200] (EE) 11: ? (dlopen+0x1b5) [0x2823ce5a] > [ 9822.207] (EE) 12: ? (dlopen+0x24) [0x2823cb38] > [ 9822.214] (EE) 13: /usr/local/lib/libGL.so.1 (_init+0x230d0) > [0x28876fe4] > [ 9822.222] (EE) 14: /usr/local/lib/xorg/modules/extensions/libglx.so > (GlxSetVi > sualConfigs+0x6ef8) [0x28861f80] > [ 9822.229] (EE) 15: /usr/local/lib/libGL.so.1 (_init+0x219b1) > [0x288741a6] > [ 9822.237] (EE) 16: /usr/local/bin/X (InitExtensions+0x6c) [0x80f2e88] > [ 9822.244] (EE) 17: /usr/local/bin/X (remove_fs_handlers+0x34f) > [0x807d83e] > [ 9822.251] (EE) 18: /usr/local/bin/X (_start+0x23c) [0x8066308] > [ 9822.258] (EE) 19: /usr/local/bin/X (_start+0x15a) [0x8066144] > [ 9822.266] (EE) 20: /usr/local/bin/X (_start+0x18) [0x8065ea8] > [ 9822.266] (EE) > [ 9822.266] (EE) Segmentation fault at address 0x2f1c6000 > [ 9822.266] (EE) > Fatal server error: > [ 9822.266] (EE) Caught signal 11 (Segmentation fault). Server aborting > [ 9822.266] (EE) > [ 9822.266] (EE) > I had a similar problem a few weeks ago. In my case it was because I had two versions of llvm installed as it had been upgraded but the old version wasn't deleted, and the X server was linking to both of them for some reason. Try pkg info -x llvm and see if that's the case for you. For me, simply using pkg delete on the older version fixed the problem. -- By June 1949, people had begun to realize that it was not so easy to get a program right as had at one time appeared. It was on one of my journeys between the EDSAC room and the punching equipment that the realization came over me with full force that a good part of the remainder of my life was going to be spent in finding errors in my own programs. -- Maurice Wilkes From owner-freebsd-questions@freebsd.org Wed Mar 8 08:24:08 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8F976D00CBB for ; Wed, 8 Mar 2017 08:24:08 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no [IPv6:2001:700:1100:1:200:ff:fe00:b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.fagskolen.gjovik.no", Issuer "Fagskolen i Gj??vik" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 383A01914 for ; Wed, 8 Mar 2017 08:24:08 +0000 (UTC) (envelope-from trond@fagskolen.gjovik.no) Received: from mail.fig.ol.no (localhost [127.0.0.1]) by mail.fig.ol.no (8.15.2/8.15.2) with ESMTPS id v288NkYs078147 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 8 Mar 2017 09:23:47 +0100 (CET) (envelope-from trond@fagskolen.gjovik.no) Received: from localhost (trond@localhost) by mail.fig.ol.no (8.15.2/8.15.2/Submit) with ESMTP id v288NkBo078144; Wed, 8 Mar 2017 09:23:46 +0100 (CET) (envelope-from trond@fagskolen.gjovik.no) X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs Date: Wed, 8 Mar 2017 09:23:46 +0100 (CET) From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= Sender: Trond.Endrestol@fagskolen.gjovik.no To: James E Keenan cc: freebsd-questions@freebsd.org Subject: Re: Is there a namei utility in FreeBSD? In-Reply-To: <851e783f-f1b9-368b-8dd1-9f99d33dcc38@verizon.net> Message-ID: References: <984464e3-8f4e-d15f-00a8-e341a81d7ab5@verizon.net> <275628a8-8f31-e5b1-9669-62e3ca3f15d6@citrin.ru> <851e783f-f1b9-368b-8dd1-9f99d33dcc38@verizon.net> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) Organization: Fagskolen Innlandet OpenPGP: url=http://fig.ol.no/~trond/trond.key MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail.fig.ol.no Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8BIT X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 08:24:08 -0000 On Mon, 6 Mar 2017 11:43-0500, James E Keenan wrote: > On 03/06/2017 11:02 AM, Anton Yuzhaninov wrote: > > On 03/06/17 09:12, James E Keenan wrote: > > > In Linux, there is a userland utility 'namei' which enables a user to > > > "follow a pathname until a terminal point is found". Invoking it on, > > > say, a symlink produces output like this: > > > > If you need to find a target of symlink (or symlink chain) you can use > > realpath(1). > > Thanks for mentioning that. However, while the example I gave was that of a > symlink, and while both namei and realpath are good for displaying information > about symlinks, my central question was whether there was an equivalent to > namei in FreeBSD. namei identifies the nature of each component in the > resolved path; realpath does not. I couldn't resist creating my own version of namei(1). This one is BSD two-clause licensed, and I swear I only looked at the two URLs mentioned in the comments and the many man pages of FreeBSD. http://ximalas.info/~trond/namei/c/namei.c The code is a mess and I don't know if the output matches the original beyond what was presented in this thread. Bugs are probably in abundance, and the -v flag isn't implemented yet. The code does work to some extent: $ namei /etc/rc.d/local_unbound f: = /etc/rc.d/local_unbound d / d etc d rc.d - local_unbound $ namei /sys/amd64/conf/GENERIC f: = /sys/amd64/conf/GENERIC d / l sys -> usr/src/sys d usr d src d sys d amd64 d conf - GENERIC $ namei -l /sys/i386/conf/GENERIC f: = /sys/i386/conf/GENERIC drwxr-xr-x root wheel / lrwxr-xr-x root wheel sys -> usr/src/sys drwxr-xr-x root wheel usr drwxr-xr-x root wheel src drwxr-xr-x root wheel sys drwxr-xr-x root wheel i386 drwxr-xr-x root wheel conf -rw-r--r-- root wheel GENERIC Happy hacking. -- +-------------------------------+------------------------------------+ | Vennlig hilsen, | Best regards, | | Trond Endrestøl, | Trond Endrestøl, | | IT-ansvarlig, | System administrator, | | Fagskolen Innlandet, | Gjøvik Technical College, Norway, | | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, | | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. | +-------------------------------+------------------------------------+ From owner-freebsd-questions@freebsd.org Wed Mar 8 08:59:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 81497D01B6B for ; Wed, 8 Mar 2017 08:59:15 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ECB851042 for ; Wed, 8 Mar 2017 08:59:14 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id v288wsXo068471; Wed, 8 Mar 2017 19:58:55 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Wed, 8 Mar 2017 19:58:54 +1100 (EST) From: Ian Smith To: Victor Sudakov cc: Polytropon , Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW In-Reply-To: Message-ID: <20170307233222.E87835@sola.nimnet.asn.au> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 08:59:15 -0000 In freebsd-questions Digest, Vol 666, Issue 2, Message: 1 On Mon, 6 Mar 2017 20:43:56 +0700 Victor Sudakov wrote: > Polytropon wrote: > > On Sun, 5 Mar 2017 17:57:02 +0530, Michael Wilcox wrote: > > > I was wondering if there is any frontend for IPFW. > > > > > > Does anyone have one or must I use it directly? > > > > If I see the analogy correctly, a "UFW-like frontend" already > > is "included" with ipfw, i. e., ipfw works at a comparable > > level. If you compare the ufw commands with the ipfw commands, > > they are quite similar, so you'd use ipfw directly in the same > > manner as you use ufw to interact with iptables. > > > > As an equation: > > > > ufw ipfw > > ---------- = ------ > > iptables ipfw > > > > More or less... ;-) Polytropon: I wish I'd had ufw - or better, ipfw+dummynet for linux - back when I admin'd a couple of debian boxes. iptables is REALLY gnarly without some sort of higher level administration tool, as is tc compared to dummynet. From skimming one ubuntu description, your analogy's good. > There is one thing that a higher level macro language on top of ipfw > would be nice to have for. ipfw rules are very much like an assembly language, and 'assemble' to precisely executable opcodes in a well-defined virtual machine. pf feels (to me) more like 'higher level' coding, which seems to suit many people better .. but I'm an old assembler kind of guy, from S/370 onwards :) > Several times I have tried to emulate Cisco PIX/ASA logic with ipfw. > I just want to have e.g. 3 interfaces: inside, outside, dmz with > security levels of 100, 0, 50 respectively. Traffic can flow from the > interface with a higher security level to the interface with a lower > security level, and return traffic is permitted too. > > Every time I have tried to express this with ipfw rules, I failed > miserably, though superficially it looks simple (with keep-state). That's quite doable, but I wouldn't use numeric levels like that, and I'd use static rules first to limit access between inside, outside and dmz, adding dynamic (stateful) rules after those constraints are met. Just roughly, as a partial sketch, and assuming all at layer 3 (ip): check-state // pass established dynamic flows # can only check both interfaces on 'out' packets, leaving ipfw deny tcp from any to any out recv $dmz_if xmit $inside_if setup deny udp from any to any out recv $dmz_if xmit $inside_if # if dmz provides service/s to outside, skip over these for them # those can be allowed/denied on 'in' pass, using dest address/es. deny tcp from any to any out recv $outside_iface setup deny udp from any to any out recv $outside_iface # skip this for any static (setup then established) services below deny all from any to any established # best use static rules for icmp, see rc.firewall 'workstation' # then (or earlier, if you prefer) separate flows for inside|dmz # then allow services on inside and dmz, perhaps using static rules # then allow access from inside|dmz to dmz|outside statefully. > Has anyone done this? More or less :) My firewalls are mostly static rules, but stateful rules in this instance are likely simpler. Don't be too entranced by statefulness; there are cases (icmp, sometimes DNS, ssh perhaps) where static rules make more sense, and don't suffer from timeouts etc. cheers, Ian From owner-freebsd-questions@freebsd.org Wed Mar 8 09:39:01 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF178D02955 for ; Wed, 8 Mar 2017 09:39:01 +0000 (UTC) (envelope-from amutu@amutu.com) Received: from mail-ot0-x22d.google.com (mail-ot0-x22d.google.com [IPv6:2607:f8b0:4003:c0f::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 79D6514E4 for ; Wed, 8 Mar 2017 09:39:01 +0000 (UTC) (envelope-from amutu@amutu.com) Received: by mail-ot0-x22d.google.com with SMTP id 19so27350584oti.0 for ; Wed, 08 Mar 2017 01:39:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amutu-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=tUmhvuK6K7hC25JlI9Eit2dd4trwpD2mhYy/3R0LzAo=; b=xLL+ZTPAm1PBA6gbHjD+HDeyKZq/mWjG5QKVOE4bSmQr07zNfP9mE55EwzvlcTd462 MB+QD/f9MYB3aUT/s2aABqHfRa8X8g242LfktpgSFVccbVzkYhsGE/XAGt/bzmGPR3Dy v6obULHHTwUbxfA1xzbdfIyfVqBF838k5SrmKW7Ihwhzj6DzsJxmYKkj2lxJ4H7DQH4q vr68p0ft2O0nfXKE4D9JuVNpqAK2SVQoYk3lapyhwF74nFSDEn29pme5JdfVjPge3XyQ cpF2ZoUca5/vdySYMoosl6o7XLNu91A9usedXe5MvGTLULUd7eebLlusZOoXYgIACO2s S3mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=tUmhvuK6K7hC25JlI9Eit2dd4trwpD2mhYy/3R0LzAo=; b=rbcsBcJMVvYVfIkFzvMDuETs+xp+l4XigmEHVN+8WoJlCi+SoLtWJKI8glwjS9Cvyz ZETknr8kzXJKNQgI1SyrOP9e62fBIcPPw1ne0gR2cm91eTabyZGySO5sv1hpHsLaQWtP u6xE4YSrCIMdgOfSe3i0V/qgze3lZZ4CneYL0ftceN1PzpD7xldo/WOGpgUJMEyGnbRy qLAlDkPNh+kXaqmL47jElqI1ENNQnmi3ic4+kCqmiz8pTcpPxZGNsYCt6ger/TH5REEF 61S78aGqkbfZzmTSU8D7cgLTEvegjKpnR3DEUDOD9R/JkjuF86Ed2zkos3aTnn24BSu4 0wpw== X-Gm-Message-State: AFeK/H3ZlO7Pt58iKUKRl2nfeLkGbXZ2sMX68TO5zPzaXHCmRydJTyeQ6N34cz0OlXJbqg== X-Received: by 10.157.41.65 with SMTP id d59mr2726420otb.154.1488965940784; Wed, 08 Mar 2017 01:39:00 -0800 (PST) Received: from mail-oi0-f53.google.com (mail-oi0-f53.google.com. [209.85.218.53]) by smtp.gmail.com with ESMTPSA id v204sm1296392oif.40.2017.03.08.01.39.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Mar 2017 01:39:00 -0800 (PST) Received: by mail-oi0-f53.google.com with SMTP id 62so16011142oih.2; Wed, 08 Mar 2017 01:39:00 -0800 (PST) X-Received: by 10.202.218.134 with SMTP id r128mr2574548oig.2.1488965940262; Wed, 08 Mar 2017 01:39:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.74.155.201 with HTTP; Wed, 8 Mar 2017 01:38:39 -0800 (PST) From: Jov Date: Wed, 8 Mar 2017 17:38:39 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: What's the status of docker-freebsd To: freebsd-questions@freebsd.org, kmoore@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 09:39:01 -0000 >From the Github: https://github.com/kvasdopil/docker,last commit happened at 2 years ago. Is there any tech reason for this project stop continue=EF=BC=9F From owner-freebsd-questions@freebsd.org Wed Mar 8 10:44:19 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C15DD02F5F for ; Wed, 8 Mar 2017 10:44:19 +0000 (UTC) (envelope-from Asha.R2@netapp.com) Received: from mx141.netapp.com (mx141.netapp.com [216.240.21.12]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (Client CN "mx141.netapp.com", Issuer "Entrust Certification Authority - L1K" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1AC1518B8 for ; Wed, 8 Mar 2017 10:44:18 +0000 (UTC) (envelope-from Asha.R2@netapp.com) X-IronPort-AV: E=Sophos;i="5.36,262,1486454400"; d="scan'208,217";a="188057262" Received: from hioexcmbx01-prd.hq.netapp.com ([10.122.105.34]) by mx141-out.netapp.com with ESMTP; 08 Mar 2017 02:34:10 -0800 Received: from VMWEXCCAS12-PRD.hq.netapp.com (10.122.105.30) by hioexcmbx01-prd.hq.netapp.com (10.122.105.34) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 8 Mar 2017 02:43:12 -0800 Received: from NAM03-DM3-obe.outbound.protection.outlook.com (10.120.60.153) by VMWEXCCAS12-PRD.hq.netapp.com (10.122.105.30) with Microsoft SMTP Server (TLS) id 15.0.1210.3 via Frontend Transport; Wed, 8 Mar 2017 02:43:12 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netapp.onmicrosoft.com; s=selector1-netapp-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=c/8Pr+2A8+kBlDAx7rQnnA0QbpKi/AbqYJNKwfcAPYg=; b=o3p4/2h7S79z260Vz5iUS1P5McXZSQwj+dp9FZ+59brj2JveVn0n+GigRWEOyildRktRToF/IbnwVvtwvE1Sjx5YdZfRxknzXKjZvjulN06lJdOpJJHwQgBCOMHM7SvD/wvppkjt9krF+ibu9tRFA6W3rspaHtmlMafjLUZ/1AM= Received: from SN1PR06MB1887.namprd06.prod.outlook.com (10.162.133.27) by SN1PR06MB1886.namprd06.prod.outlook.com (10.162.133.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Wed, 8 Mar 2017 10:43:10 +0000 Received: from SN1PR06MB1887.namprd06.prod.outlook.com ([10.162.133.27]) by SN1PR06MB1887.namprd06.prod.outlook.com ([10.162.133.27]) with mapi id 15.01.0947.018; Wed, 8 Mar 2017 10:43:10 +0000 From: "R, Asha" To: "freebsd-questions@freebsd.org" Subject: VerneMQ Thread-Topic: VerneMQ Thread-Index: AdKX+J5YUfORGVMoQli8YpZAWBhBEg== Date: Wed, 8 Mar 2017 10:43:10 +0000 Message-ID: Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: freebsd.org; dkim=none (message not signed) header.d=none;freebsd.org; dmarc=none action=none header.from=netapp.com; x-originating-ip: [202.3.121.4] x-ms-office365-filtering-correlation-id: 85672012-9fe9-4f3b-a502-08d4660fea17 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:SN1PR06MB1886; x-microsoft-exchange-diagnostics: 1; SN1PR06MB1886; 7:a7ZS+6vkoDShSA3StdUEXg8/vbQGJ68eT+z3gn9n5CitUx2E6JY5hQaThDAGazC9ebvnysQHJdU/6uhBqeo9p+vER5uI1qr+UOHiYvs8IrtdvDiLR3TM5f4KlVTnic3QDAa1CTZiBrqmS49o1LEw9+2C7BYjC+cML5U/2cgc/YklMpaMlegBWh+4lEdqt3r8QNXjYD9ul95TEvq1EupdbimnP9bg0TeDOfDSjpD+2WP7Jze6ig14+HFxzSCOFf+80076DEvIHXR6wlGGrs6edj7x3goRZESlFzkJfN4fYOP52YzfB8FauNW/lZBgPzJS4KtxX9wgdpkXV30CkSvsAQ== x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123555025)(20161123564025)(20161123558025)(20161123560025)(20161123562025)(6072148); SRVR:SN1PR06MB1886; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1886; x-forefront-prvs: 02408926C4 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39450400003)(8936002)(9686003)(8676002)(9326002)(6116002)(50986999)(5630700001)(221733001)(189998001)(81166006)(53936002)(2900100001)(6506006)(790700001)(54896002)(3480700004)(54356999)(33656002)(38730400002)(110136004)(122556002)(2351001)(55016002)(77096006)(99286003)(6306002)(7116003)(7696004)(6916009)(5640700003)(7736002)(74316002)(5660300001)(25786008)(3846002)(102836003)(3660700001)(66066001)(86362001)(558084003)(2501003)(3280700002)(2906002)(6436002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1886; H:SN1PR06MB1887.namprd06.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Mar 2017 10:43:10.2011 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 4b0911a0-929b-4715-944b-c03745165b3a X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1886 X-OriginatorOrg: netapp.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 10:44:19 -0000 Hi I am trying to compile VerneMQ on FreeBSD but not able to. Can anyone help = me with this. Thanks Asha From owner-freebsd-questions@freebsd.org Wed Mar 8 11:02:52 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57005D02761 for ; Wed, 8 Mar 2017 11:02:52 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1DC7D1456 for ; Wed, 8 Mar 2017 11:02:52 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: by mail-it0-x236.google.com with SMTP id h10so93491516ith.1 for ; Wed, 08 Mar 2017 03:02:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Q54GTPTy5auGvSyjLB3XZR8bap4mOYGo2OJJmiwed6E=; b=Ij023yl6/YhJncH8NnE0GJG1M6Dkwlq/YTWUxBYcGBPlyS0wJFPSja2YU/kG1jjKAG xgI0ZVdkuOcpHsIkIZDNJ5hg2NLltknpBuDoYn7GjoKBrpNEJkTxL88j9+ynW9ZRevHv 5ux4nOv+G360Y4F/yAYmUAPqzlhreUVH+sVM+x2TnlEJcThYcsbfkXU5LeBwbvTP77OI 2W9eHHpyNI94ZYYPalZEm1LUz3Teh4jsdB4maJBz8geHORuH/nREDrnTi+7bLOEu8RSP dVgQKePl/sxLPyzPZv/ItpZt9Wjkmf7IKHfiphN7cdnnIQCfBaUgp9MJSpJ+uhK83McW TgVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Q54GTPTy5auGvSyjLB3XZR8bap4mOYGo2OJJmiwed6E=; b=a1WmkmDENI9JacmHTXeCDRycvtVdxKlOBHNoNgp8E3dRU/7RUyYoM0mWzOH63sPwuq gWLKv26u542fxYRIg4uwsT/2duf5S9fiWxtK7b5Mvur8eGlJEhRiaKQIfetPPJ1/stmJ ifou8BMfeWngmI7HcFgvnoD5qCJNy/OZr8Zu+bx+5SJQaCLqXh9wnbZQWQc1oGjz5YC0 pRT+WzlKmdBteYdbte/fD/g5/gD5jhvg/bMwPNn3GMwyJ81oTZQXfbkXKfHQ8Q8FtFcZ aCknASKxoieoWggzP1OfmZ6EkvwkI3+AR3uLEskP1eByY56slKARwYVi77Ba1NlL6iTH Bfbw== X-Gm-Message-State: AMke39k/htFwwIi9W6pUYu+SZiMJU6uL+IWAsUI6mp3u+f8G6Uaj3i7891gM1Qmae+qoxVbgjyOWhfvmxpSZ9w== X-Received: by 10.36.68.18 with SMTP id o18mr5877291ita.43.1488970971332; Wed, 08 Mar 2017 03:02:51 -0800 (PST) MIME-Version: 1.0 Received: by 10.36.217.134 with HTTP; Wed, 8 Mar 2017 03:02:51 -0800 (PST) From: Ravichandra Date: Wed, 8 Mar 2017 16:32:51 +0530 Message-ID: Subject: Support of TLS processing in kernel To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 11:02:52 -0000 Hi, Recently some work is done by people at facebook about TLS processing in kernel. It is called as kernel TLS by them. A kernel patch for the same is submitted on linux kernel. I am trying to see something similar can be done for FreeBSD too. I see that stream parsing(strparsing module) support which is leveraged by this kernel TLS module is present in linux kernel and not in FreeBSD. This stream parsing module helps the kernel to custom parse the TCP data according to a application layer protocol requirement. Is there a way that helps to achieve the same in FreeBSD? Thanks Ravichandra From owner-freebsd-questions@freebsd.org Wed Mar 8 12:12:49 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D1DF8D00B20 for ; Wed, 8 Mar 2017 12:12:49 +0000 (UTC) (envelope-from xyin@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C26716E2 for ; Wed, 8 Mar 2017 12:12:49 +0000 (UTC) (envelope-from xyin@gmx.com) Received: from [192.168.57.65] ([140.90.73.186]) by mail.gmx.com (mrgmx103 [212.227.17.174]) with ESMTPSA (Nemesis) id 0MCcE2-1ccCmu0Eew-009Rye; Wed, 08 Mar 2017 13:12:42 +0100 Date: Wed, 8 Mar 2017 07:11:24 -0500 (EST) From: Xihong Yin X-X-Sender: knight@officefb To: Arthur Chance cc: freebsd-questions@freebsd.org Subject: Re: Xorg failed to start as normal user In-Reply-To: Message-ID: References: User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Provags-ID: V03:K0:CHMakJumJB50Pv7c0KfJDP2yXErRhFjaFvC91A3N0ZKmatXae9q tQhdD1Bp3QPxsQFbA61jiws8YXpvodLrU58P+BfjEHz+mnrgbTooxVDsB0J+4y6n2aJZGAq EJN09Wbwt3krbpvwzJ7jOM/+0g9BG3AoFZFRcOwpNikLzVJIdI5M5b/TvKjRGaqlySYkDOB xnSX40xvQm8oQtoyvK/Yg== X-UI-Out-Filterresults: notjunk:1;V01:K0:xLR3ug8Wxxo=:v9HLplp/PGpMoJBBuVvT2A 2Z7J4hrAa05e5ST7bXvM1XdBWmrVGnSCXet7qttTuG56MknH9NXCGGbgwPRNXx6uSLh0wLIhU QqdEj5ndpQ/vlzSIb6XRitqWwc4MtG7K2cbAFykh2P6GvpNWbBxAJSPO2VMNVav9xesRt7a6d Tss0V8Rm2L65jgUGT9XbtxqDfBnzPwmqleAaao6UlbE8duS9T3a2vUlBiQKK8vg78FBG06OC7 ss7e9FCkT2JtaOjlokXhUcYvb1ewEckcDqTih7GcFvXZUAVZyD0CBptbYDxles1yM4b+aP8FP 4mww7s0UQXBKJ+oOtVwf/gAVl9toEPW6X9Zw+A5h1G1G9mUDS/Us/i5WhzV66dFNR5j20qKXZ /Ba3/cnr25TNgu+HS1QpwFqrmmmwhkvRsuGrW3KczDbU0i+vK9RM/HT++yyOo3RmyQ48rpFHA VS2n1h3alNr6dvIFGJB821sQqhhOTatQmqD4SxUa+u5fm3PedPrckQ6a+yLZVA5HLGkimDS58 Mnh8JM9cyL2IWXjCyIGi3JwAvrcrBHHgzvv3tWR4GvJTPKUuc7L7gNh+yY9qvhrdFbLUD04Rx oikj7v3KhwEemR67pqRdjIPrBIKgCIuStdG0255slQPWIwYful4TcCU6+7QY6oiddbNg4hbFb /s8sA8mEZZP7k2fviRZAWt3C1X2v+DCq/2yeaas4LJZ9+KBRdLQnleGTaoj2b6iA1zVEplsDJ OvVUV411eqz5UueE8QWA1i840q1r3w8qHhauWkPIchTn8eg1k8Q/sZCEUHJato4eijVBJpqvK KlLzV6JBGIS/IBZRFHEhiH4PtEF7qns3CAiKrcNJxEgwHR5VbiYG7SHKrmq20UlwnZeOPex6k 40BWgezG0peKBpMmg+onglrOAUoxJhf4czRoTAeWbMC2OgyCmTbV+pqjTvx7luxdMDA9vLsKG ys9V27LymnZKHuZ59VmMq3GXDXkVIiQj2byPIwXxrq/CcWZX57PegcwyCCsNynefBOZNOHSHP ecBGOaLyqGNrO5d97mVsl3Zq7OIhLVJTYQfOG9eRxlxwc/J4bqCw5X8r3NbsCH/I+A== X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 12:12:49 -0000 Arthur, That did the trick. I had two versions of the llvm port, llvm37 and llvm39. Removing the llvm37 port resolved the problem. It is interesting that the root can find the correct version of llvm. Thank you very much! Xihong On Wed, 8 Mar 2017, Arthur Chance wrote: > Date: Wed, 8 Mar 2017 08:15:33 +0000 > From: Arthur Chance > To: Xihong Yin , freebsd-questions@freebsd.org > Subject: Re: Xorg failed to start as normal user > > On 08/03/2017 04:13, Xihong Yin wrote: >> Hi, >> >> I recently upgraded from 10.3 to 11. All ports are upgraded as well. I >> have a strange problem, Xorg failed to start when I login as a normal >> user. If I login as root, Xorg can starts without a problem. >> >> I already added the normal user to the wheel group. >> >> Below is the error message of the failed case. Please help. >> >> >> [ 9822.110] (EE) >> [ 9822.110] (EE) Backtrace: >> [ 9822.117] (EE) 0: /usr/local/bin/X (OsInit+0x3fb) [0x82024d6] >> [ 9822.124] (EE) 1: /lib/libthr.so.3 (_pthread_sigmask+0x6a4) [0x286fceb4] >> [ 9822.132] (EE) 2: /lib/libthr.so.3 (_pthread_getspecific+0x110b) >> [0x286fcc5b] >> [ 9822.139] (EE) 3: ? (?+0x110b) [0xbfc0010f] >> [ 9822.147] (EE) 4: /usr/local/llvm39/lib/libLLVM-3.9.so >> (LLVMParseCommandLineO >> ptions+0xa6c) [0x2a0388b8] >> [ 9822.155] (EE) 5: /usr/local/llvm39/lib/libLLVM-3.9.so >> (LLVMParseCommandLineO >> ptions+0xbec) [0x2a038bb8] >> [ 9822.162] (EE) 6: /usr/local/llvm39/lib/libLLVM-3.9.so >> (_ZN4llvm2cl6Option11a >> ddArgumentEv+0x8c) [0x2a02b388] >> [ 9822.170] (EE) 7: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 >> (_ZNSt3__127__i >> nsertion_sort_incompleteIRNS_6__lessINS_4pairIN4llvm10TimeRecordENS_12basic_stri >> >> ngIcNS_11char_traitsIcEENS_9allocatorIcEEEEEESB_EEPSB_EEbT0_SF_T_+0x7de) >> [0x2e38 >> d15c] >> [ 9822.177] (EE) 8: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 >> (_ZN4llvm3sys8W >> atchdogD2Ev+0x1b2) [0x2e3cb154] >> [ 9822.185] (EE) 9: /usr/local/llvm37/lib/libLLVMSupport.so.3.7 >> (_init+0xd) [0x >> 2e31817a] >> [ 9822.192] (EE) 10: ? (_rtld_is_dlopened+0x1392) [0x28241274] >> [ 9822.200] (EE) 11: ? (dlopen+0x1b5) [0x2823ce5a] >> [ 9822.207] (EE) 12: ? (dlopen+0x24) [0x2823cb38] >> [ 9822.214] (EE) 13: /usr/local/lib/libGL.so.1 (_init+0x230d0) >> [0x28876fe4] >> [ 9822.222] (EE) 14: /usr/local/lib/xorg/modules/extensions/libglx.so >> (GlxSetVi >> sualConfigs+0x6ef8) [0x28861f80] >> [ 9822.229] (EE) 15: /usr/local/lib/libGL.so.1 (_init+0x219b1) >> [0x288741a6] >> [ 9822.237] (EE) 16: /usr/local/bin/X (InitExtensions+0x6c) [0x80f2e88] >> [ 9822.244] (EE) 17: /usr/local/bin/X (remove_fs_handlers+0x34f) >> [0x807d83e] >> [ 9822.251] (EE) 18: /usr/local/bin/X (_start+0x23c) [0x8066308] >> [ 9822.258] (EE) 19: /usr/local/bin/X (_start+0x15a) [0x8066144] >> [ 9822.266] (EE) 20: /usr/local/bin/X (_start+0x18) [0x8065ea8] >> [ 9822.266] (EE) >> [ 9822.266] (EE) Segmentation fault at address 0x2f1c6000 >> [ 9822.266] (EE) >> Fatal server error: >> [ 9822.266] (EE) Caught signal 11 (Segmentation fault). Server aborting >> [ 9822.266] (EE) >> [ 9822.266] (EE) >> > > I had a similar problem a few weeks ago. In my case it was because I had > two versions of llvm installed as it had been upgraded but the old > version wasn't deleted, and the X server was linking to both of them for > some reason. Try > > pkg info -x llvm > > and see if that's the case for you. For me, simply using pkg delete on > the older version fixed the problem. > > -- > By June 1949, people had begun to realize that it was not so easy to > get a program right as had at one time appeared. It was on one of my > journeys between the EDSAC room and the punching equipment that the > realization came over me with full force that a good part of the > remainder of my life was going to be spent in finding errors in my own > programs. > > -- Maurice Wilkes > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > From owner-freebsd-questions@freebsd.org Wed Mar 8 12:29:31 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EEE8D0242A for ; Wed, 8 Mar 2017 12:29:31 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id A28511281 for ; Wed, 8 Mar 2017 12:29:29 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39632576; Wed, 08 Mar 2017 18:24:59 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.14.9/8.14.9) with ESMTP id v28CTSrF067764; Wed, 8 Mar 2017 19:29:28 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.14.9/8.14.9/Submit) id v28CTPXU067763; Wed, 8 Mar 2017 19:29:25 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Wed, 8 Mar 2017 19:29:25 +0700 From: Victor Sudakov To: Ian Smith Cc: Polytropon , Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW Message-ID: <20170308122925.GA67654@admin.sibptus.transneft.ru> References: <20170307233222.E87835@sola.nimnet.asn.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170307233222.E87835@sola.nimnet.asn.au> Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.7.1 (2016-10-04) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 12:29:31 -0000 Ian Smith wrote: [dd] > > There is one thing that a higher level macro language on top of ipfw > > would be nice to have for. > > ipfw rules are very much like an assembly language, and 'assemble' to > precisely executable opcodes in a well-defined virtual machine. pf feels > (to me) more like 'higher level' coding, which seems to suit many people > better .. but I'm an old assembler kind of guy, from S/370 onwards :) > > > Several times I have tried to emulate Cisco PIX/ASA logic with ipfw. > > I just want to have e.g. 3 interfaces: inside, outside, dmz with > > security levels of 100, 0, 50 respectively. Traffic can flow from the > > interface with a higher security level to the interface with a lower > > security level, and return traffic is permitted too. > > > > Every time I have tried to express this with ipfw rules, I failed > > miserably, though superficially it looks simple (with keep-state). > > That's quite doable, but I wouldn't use numeric levels like that, When there are more than 2 interfaces, numeric levels are very useful. > and > I'd use static rules first to limit access between inside, outside and > dmz, adding dynamic (stateful) rules after those constraints are met. > > Just roughly, as a partial sketch, and assuming all at layer 3 (ip): > > check-state // pass established dynamic flows > > # can only check both interfaces on 'out' packets, leaving ipfw > deny tcp from any to any out recv $dmz_if xmit $inside_if setup > deny udp from any to any out recv $dmz_if xmit $inside_if > > # if dmz provides service/s to outside, skip over these for them > # those can be allowed/denied on 'in' pass, using dest address/es. > > deny tcp from any to any out recv $outside_iface setup > deny udp from any to any out recv $outside_iface > > # skip this for any static (setup then established) services below > deny all from any to any established > > # best use static rules for icmp, see rc.firewall 'workstation' > > # then (or earlier, if you prefer) separate flows for inside|dmz > # then allow services on inside and dmz, perhaps using static rules > # then allow access from inside|dmz to dmz|outside statefully. Yes, that's basically what I usually come to. But it would be much nicer to write a macro like that: nameif fxp0 outside security0 nameif fxp1 inside security100 nameif fxp2 dmz security50 permit tcp from any to any eq 80 in interface dmz permit tcp from any to 10.10.5.1 eq 3389 in interface inside and to have all the gory details configured for you automagically. > > > Has anyone done this? > > More or less :) My firewalls are mostly static rules, but stateful > rules in this instance are likely simpler. Don't be too entranced by > statefulness; there are cases (icmp, sometimes DNS, ssh perhaps) where > static rules make more sense, and don't suffer from timeouts etc. > -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-questions@freebsd.org Wed Mar 8 15:36:23 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 41555D0307C for ; Wed, 8 Mar 2017 15:36:23 +0000 (UTC) (envelope-from tomek.cedro@gmail.com) Received: from mail-ot0-x232.google.com (mail-ot0-x232.google.com [IPv6:2607:f8b0:4003:c0f::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 070461ECA for ; Wed, 8 Mar 2017 15:36:23 +0000 (UTC) (envelope-from tomek.cedro@gmail.com) Received: by mail-ot0-x232.google.com with SMTP id x37so33409663ota.2 for ; Wed, 08 Mar 2017 07:36:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=XWe0IRBrmty9Xa/uYRpHmbBoHSeiKpXokYGaX3QvuHw=; b=Kau0NhvwHbZKPQNq+q9Fg7OidG1HLDhnK/qSjfi8LztXJ6h6WV2bYPusZbbS3nIkqG kmoaLX6+9bsHgS+8IlBN4JmNorqBnPUIBB2C9BtX3OB7xNK/yDBDUG/aG5hNMUnkH5RP Xa7NIuBzLJArs75y7YX1xpwSIBX9jMQqgDW7Ekyf/SNPdRD52Rhdoc1BtNb4b++jCySv BBF+jpHGdJH9f2zQLevcZNGyLxs6kbbzKch9baPWiowUxme8N2EMIFATYJSqSd1gx2nd +lvc8kYwY2VjdrSVHoywyo8uZdt5y7US6MLEK4SFaGhzWy9b+5gAHeTtoOejSFD9B/1m H0iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=XWe0IRBrmty9Xa/uYRpHmbBoHSeiKpXokYGaX3QvuHw=; b=sLym+V5Za4XhMroK88pE6zIaalTjTRinvwl1o6Fa58hWKrfHbF+V8gNC8HwojwLioI FycJoeJ/BpwAYbz4mNK/VbcXU4leouR7lX7gG2YicV8k7lnzdvlAs4OyLT4xXtrpxlrZ dU2itXB8ptbLcSKL8/z5oOKivGXmOOF7m22sOIwZ1xBfxOP8toqnD0nnnc/WShV/oEVS wq6C1naD8uLUII9MMChvy1YOAAicIt6h1rQ23jbe0wxur7fq18vLOr2mZdGwT5WCOcaK JKOylR/PNV/GWjgCknks3abaJnxWZdPELw3d0uuPMGBnZg+sJ0St03rxLE4kY1Xq691w vRzA== X-Gm-Message-State: AMke39lgA9G5jtCBVpoibeHAdV0iyqP3AXGGLBYY4qZNxo0eGmUM5Te4HQgL79juIwPzpGA0oHozR0B/j5Ilag== X-Received: by 10.157.29.143 with SMTP id y15mr4351520otd.214.1488987382364; Wed, 08 Mar 2017 07:36:22 -0800 (PST) MIME-Version: 1.0 Sender: tomek.cedro@gmail.com Received: by 10.157.18.211 with HTTP; Wed, 8 Mar 2017 07:36:02 -0800 (PST) In-Reply-To: <8d0a5530-e646-e15d-6027-435bbf470a4b@citrin.ru> References: <8d0a5530-e646-e15d-6027-435bbf470a4b@citrin.ru> From: CeDeROM Date: Wed, 8 Mar 2017 16:36:02 +0100 X-Google-Sender-Auth: yV5D1DWTSFgnlMzVyatz-xbf384 Message-ID: Subject: Re: IWN 6200 FW To: Anton Yuzhaninov Cc: FreeBSD Questions Mailing List Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 15:36:23 -0000 Thank you Anton! Your confirmation that IWN6200 should work out of the box helped me a lot! And it works! :-) I got nice but BIOS SETUP protected laptop. Erasing CMOS removed some hardware setting that enabled sound wifi etc so that was unrelated to kernel driver but your hint helped me to move and search in a different places, once again thank you! :-) Best regards! :-) Tomek -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info From owner-freebsd-questions@freebsd.org Wed Mar 8 15:52:09 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00315D037CA; Wed, 8 Mar 2017 15:52:09 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id B493D1D86; Wed, 8 Mar 2017 15:52:08 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 59DE010BA6; Wed, 8 Mar 2017 15:52:07 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id 714AA7026; Wed, 8 Mar 2017 16:52:08 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: grarpamp Cc: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: WikiLeaks CIA Exploits: FreeBSD References Within References: Date: Wed, 08 Mar 2017 16:52:08 +0100 In-Reply-To: (grarpamp@gmail.com's message of "Tue, 7 Mar 2017 15:29:07 -0500") Message-ID: <86innjojfb.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 15:52:09 -0000 grarpamp writes: > https://search.wikileaks.org/?q=3Dfreebsd > > Currently returns many pages similarly named... > > "Shell Code Database > This page includes local links to a shellcode > database discovered at shell-storm.org." That doesn't indicate a vulnerability. Shell code is what you use to exploit a remote code execution vulnerability once you've found it. It usually needs to be tailored to the target operating system, sometimes to the exact environment and to the application used to inject it, so it makes sense that a shell code database would reference FreeBSD. > [...] it makes sense to establish ongoing search and review of this > dataset for any as yet unfixed exploits. Note to anyone thinking of getting involved in this: depending on your jurisdiction and employment situation, downloading material from the CIA dump may be illegal and / or a firing offense. Simply browsing it online may or may not be safe; get legal advice before you do. IANAL. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-questions@freebsd.org Wed Mar 8 16:12:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8AA1ED030AB for ; Wed, 8 Mar 2017 16:12:10 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 054C91156 for ; Wed, 8 Mar 2017 16:12:09 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id v28GBjrq083285; Thu, 9 Mar 2017 03:11:46 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Thu, 9 Mar 2017 03:11:45 +1100 (EST) From: Ian Smith To: Victor Sudakov cc: Polytropon , Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW In-Reply-To: <20170308122925.GA67654@admin.sibptus.transneft.ru> Message-ID: <20170309023112.M80813@sola.nimnet.asn.au> References: <20170307233222.E87835@sola.nimnet.asn.au> <20170308122925.GA67654@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 16:12:10 -0000 On Wed, 8 Mar 2017 19:29:25 +0700, Victor Sudakov wrote: > Ian Smith wrote: > > [dd] > > > > There is one thing that a higher level macro language on top of ipfw > > > would be nice to have for. > > > > ipfw rules are very much like an assembly language, and 'assemble' to > > precisely executable opcodes in a well-defined virtual machine. pf feels > > (to me) more like 'higher level' coding, which seems to suit many people > > better .. but I'm an old assembler kind of guy, from S/370 onwards :) > > > > > Several times I have tried to emulate Cisco PIX/ASA logic with ipfw. > > > I just want to have e.g. 3 interfaces: inside, outside, dmz with > > > security levels of 100, 0, 50 respectively. Traffic can flow from the > > > interface with a higher security level to the interface with a lower > > > security level, and return traffic is permitted too. > > > > > > Every time I have tried to express this with ipfw rules, I failed > > > miserably, though superficially it looks simple (with keep-state). > > > > That's quite doable, but I wouldn't use numeric levels like that, > > When there are more than 2 interfaces, numeric levels are very useful. Sure, if you have some way to map these to interfaces and to define the allowable flows, but meanwhile I used those as method descriptors, which you'd already clearly enough defined for this particular application. > > and > > I'd use static rules first to limit access between inside, outside and > > dmz, adding dynamic (stateful) rules after those constraints are met. > > > > Just roughly, as a partial sketch, and assuming all at layer 3 (ip): > > > > check-state // pass established dynamic flows > > > > # can only check both interfaces on 'out' packets, leaving ipfw > > deny tcp from any to any out recv $dmz_if xmit $inside_if setup > > deny udp from any to any out recv $dmz_if xmit $inside_if > > > > # if dmz provides service/s to outside, skip over these for them > > # those can be allowed/denied on 'in' pass, using dest address/es. > > > > deny tcp from any to any out recv $outside_iface setup > > deny udp from any to any out recv $outside_iface > > > > # skip this for any static (setup then established) services below > > deny all from any to any established > > > > # best use static rules for icmp, see rc.firewall 'workstation' > > > > # then (or earlier, if you prefer) separate flows for inside|dmz > > # then allow services on inside and dmz, perhaps using static rules > > # then allow access from inside|dmz to dmz|outside statefully. > > Yes, that's basically what I usually come to. > But it would be much nicer to write a macro like that: > > nameif fxp0 outside security0 > nameif fxp1 inside security100 > nameif fxp2 dmz security50 > permit tcp from any to any eq 80 in interface dmz > permit tcp from any to 10.10.5.1 eq 3389 in interface inside > > and to have all the gory details configured for you automagically. Well yes, but I think you'll find that non-trivial to do. If you come up with something, or enthuse somebody else to do so, I'll test it at least as far as scrutinising output rulesets. Perhaps start by declaring actual ipfw rules you expect such a syntax to produce from your example above; then figure out how to generate those? I can't recall when or where, but have seen an example using ipfw's preprocessor feature, using m4(1) to pre-process provided parameters to generate customised rulesets, to some degree at least. ipfw [-cfnNqS] [-p preproc [preproc-flags]] pathname See ipfw(8) /LIST OF RULES AND PREPROCESSING HTH, without expectations :) cheers, Ian From owner-freebsd-questions@freebsd.org Wed Mar 8 19:05:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83E49D03940 for ; Wed, 8 Mar 2017 19:05:25 +0000 (UTC) (envelope-from igor.polovykh@gmail.com) Received: from mail-qk0-x22f.google.com (mail-qk0-x22f.google.com [IPv6:2607:f8b0:400d:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4077D11A6 for ; Wed, 8 Mar 2017 19:05:25 +0000 (UTC) (envelope-from igor.polovykh@gmail.com) Received: by mail-qk0-x22f.google.com with SMTP id 1so81567198qkl.3 for ; Wed, 08 Mar 2017 11:05:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:from:date:message-id:subject:to; bh=k3tOtfERBUT2TabLrkjhMlskegsbBeqDwC82TiyBgtM=; b=OICEjr6EgBaNFzXnPtUy0ktC6cBGafmdxO6K0hX/T/CApLwVwGHGTdXx5Yn4cgzh3D U9Nl+GmbEQVorhpyiK3SeF0cV1ekWwhugk8HujoXha5ipUSbFYyv5ApqcbhAMI+KKDyj U2Aaxr9Ftzn3N+9Paqkr2KQGZHfqrrypv/qKA+6hGISBy/nU7xDvYPa4WElqbFT1nC1e qFCB2TDkiuNPVT8yjf+8oMkEN/7rTED5aAqPZnS+iEdeGwgP8oUK0TbLdhPq0Mq/8gPc P/6Mq5YIlli1pcCa8j9qiLQgX/PMWxT6iQQHQK9iR+0gXDMQbyhleGJM1cpkolov3AzK TNOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:from:date:message-id :subject:to; bh=k3tOtfERBUT2TabLrkjhMlskegsbBeqDwC82TiyBgtM=; b=rHEqG6uNxA24iKHXQnWudAUYmPy8HNClnE3vugxBVi6vUy5/CDP9IDzX8SMAKvxWvt FZq4GhwJGuahh1eMK5nGS953o3uxgFekoL5GUraOcl63+0XRkc/TMsZAN/K+VIUKdv8N APClNtmRDgDfSOa8pJTrJQG8n2gG5EJ7AQNWjE7M1XdvFw0Gk5tSSM7AgJTlezmE4Kw/ lZFimKqfXm+1D7aXMCIsksjKk3l8v7AYl0Fb/YjSaj9ozS4iw1wwfED6+XUp+xOefo9y YkZ+Nn+6KObwkAkq0oo2+NBYgkybukBEd84hJlUt3U0MxEUyYmeJUSts9hyDUnnc7fHC Pr8Q== X-Gm-Message-State: AMke39kFNrW7/vUOLcobtdUFZW1eaLg+jJvi7LCEMffJFNh38FaOOzdtPqi8oXn3uoF2cVh/DpES73+Bs/x1sw== X-Received: by 10.200.33.141 with SMTP id 13mr10010431qty.83.1488999923644; Wed, 08 Mar 2017 11:05:23 -0800 (PST) MIME-Version: 1.0 Received: by 10.200.41.151 with HTTP; Wed, 8 Mar 2017 11:04:43 -0800 (PST) Reply-To: igor.polovykh@gmail.com From: Igor Polovykh Date: Wed, 8 Mar 2017 22:04:43 +0300 Message-ID: Subject: upgrade FreeBSD 9.3-STABLE to FreeBSD 10 stable error buildworld To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 19:05:25 -0000 Hello I am going to upgrade FreeBSD 9.3-STABLE to FreeBSD 10 stable. [ root /usr/src ] # uname -a FreeBSD video.bvgm.org 9.3-STABLE FreeBSD 9.3-STABLE #0 r314908: Wed Mar 8 18:20:35 MSK 2017 root@video.bvgm.org:/usr/obj/usr/src/sys/BVGVIDEO amd64 I have a trouble with building world. [ root /usr/src ] # svn info Path: . Working Copy Root Path: /usr/src URL: https://svn.freebsd.org/base/stable/10 Relative URL: ^/stable/10 Repository Root: https://svn.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 314914 Node Kind: directory Schedule: normal Last Changed Author: dim Last Changed Rev: 314898 Last Changed Date: 2017-03-08 10:58:29 +0300 (=D1=81=D1=80, 08 =D0=BC=D0=B0= =D1=80 2017) on *make buildworld *I get error =3D=3D=3D> usr.sbin/nmtree (obj,depend,all,install) /usr/obj/usr/src/tmp/usr/src/usr.sbin/nmtree created for /usr/src/usr.sbin/nmtree rm -f .depend mkdep -f .depend -a -I/usr/src/usr.sbin/nmtree/../../contrib/mknod -I/usr/src/usr.sbin/nmtree/../../lib/libnetbsd -I/usr/obj/usr/src/tmp/legacy/usr/include -std=3Dgnu99 /usr/src/usr.sbin/nmtree/../../contrib/mtree/$ In file included from /usr/src/usr.sbin/nmtree/../../contrib/mtree/compare.c:67: /usr/src/usr.sbin/nmtree/../../lib/libnetbsd/sha2.h:37:20: error: sha384.h: No such file or directory In file included from /usr/src/usr.sbin/nmtree/../../contrib/mtree/create.c:74: /usr/src/usr.sbin/nmtree/../../lib/libnetbsd/sha2.h:37:20: error: sha384.h: No such file or directory mkdep: compile failed *** Error code 1 [ root /usr/src ] # find . -name sha384.h ./sys/crypto/sha2/sha384.h I've already tried to delete all source tree and get it again. Before building world I cleared /usr/obj/* but I got the same error. I've found nothing in google about such error. What am I doing wrong? Please help. ____________________________________________________ Yours sincerely, Igor From owner-freebsd-questions@freebsd.org Wed Mar 8 22:20:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 424DDD03130 for ; Wed, 8 Mar 2017 22:20:39 +0000 (UTC) (envelope-from wmcaus@wmcaus.org) Received: from 7667.mail.zonercloud.net (7667.mail.zonercloud.net [217.198.123.250]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DBB1D1D0D for ; Wed, 8 Mar 2017 22:20:38 +0000 (UTC) (envelope-from wmcaus@wmcaus.org) Received: from 89.29.39.93 (unknown [89.29.39.93]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: admin@7667.mail.zonercloud.net) by smtpzone.net (Postfix) with ESMTPSA id 0BADC30069ABA for ; Wed, 8 Mar 2017 23:11:08 +0100 (CET) From: "WMCAUS" Subject: WMCAUS 2017 - ABSTRACT SUBMISSIN DEADLINE IS EXTENDED TO 17 March, 2017 To: "freebsd-questions" MIME-Version: 1.0 Organization: WMCAUS Date: Wed, 8 Mar 2017 23:11:07 +0100 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 22:20:39 -0000 Dear Colleague Thank you for the huge interest until now. 500 submissions from ~ 50 d= ifferent countries.=20 =20 Due to requests from number of colleagues worldwide THE ABSTRACT SUBMISSION DEADLINE IS EXTENDED TO 17 March, 2017 ! Register now and upload your abstract(s) via given link below =20 http://www.wmcaus.org/module.html =20 All published articles will be indexed in Web of Science, Scopus, etc.= =20 Looking forward to meeting you in Prague, Czech Republic during 12-16 = June 2017. =20 If you have any further questions, please feel free to contact us. We encourage you advertise this meeting in your group and researchers.= Sincerely yours, =20 =20 www.wmcaus.org wmcaus@wmcaus.org P.S.: If you have already registered, just ignore the reminder. Apolog= ize for multiple postings. If you would like to unsubscribe, please se= nd a blank e-mail to unsubscribe@wmcaus.org from the mail account that= you have received this e-mail. If you send an unsubscribe request fro= m any other e-mail account, we cannot remove your e-mail from the data= base. =20 From owner-freebsd-questions@freebsd.org Wed Mar 8 22:23:02 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 175F8D03364 for ; Wed, 8 Mar 2017 22:23:02 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-qk0-x242.google.com (mail-qk0-x242.google.com [IPv6:2607:f8b0:400d:c09::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C7D2E106E for ; Wed, 8 Mar 2017 22:23:01 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-qk0-x242.google.com with SMTP id v125so15364438qkh.1 for ; Wed, 08 Mar 2017 14:23:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:subject :content-transfer-encoding; bh=xy60h+UwW3hGQaZlSfPo4/ESn5rta6vjiWe9gBw06UM=; b=ABwypzKYHPD7L/p7VYdj6GslWoWlYanvdcCZkBwouDX14hY8OfC4vBhgHOQDg4AcFQ TWErPwqwPFbjHVqV3bU6Sv+Opo+XKEGzw6eQChezYAR06CRJRNW1GFDAO7lWJIe5vNr0 TCMXyjfdkgxjYCMyS7WmLFtZDzM7fU9Q7CXDlTTyNFLXQ1034LpM0gNnY6DJRIGwim7I XfOSgvJBwhF+Yskln1cYPUUSKFpPAMIBvfF4bEVYZzAV6OYq2I70NJmqjbBnamV0Gk5i 1OVw6e+3qPsdOi79NxYUWT/cmAofPgwoW5yE4hwsp1kQq+3kRr0TnA84AdFfQHDf13DY 6b/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:content-transfer-encoding; bh=xy60h+UwW3hGQaZlSfPo4/ESn5rta6vjiWe9gBw06UM=; b=ZXC/diF8DuhFYDrOk2WV03/8mxyBjPMU+TxjdaVBM8XVckObWX6twaWPZzYY5ojZsb omB5UI732fiFVFJD3Q6WrY7JpurYc3HpuiZ6QR8/qQUxHehmzupebSgAtP816zEEDSED jn0fSPwkznO2fIjyzeQJAq3jIJThP7oATeu8h+aD+Y0LcoUyvb9jVmlQLydHxodBGGmn WMp1XJeqr9158woNAxMkhod1AgTMb0DgQBKV9LpiP4ow7YpMT522/Fso7I7lcxV+I7iw nAIjW1Bxf3sMDTXFH8garLTPijITR2fm3hh9F92efMWbi+7+MHQ/Cwk/1OJeyQqY6Dpt IyXw== X-Gm-Message-State: AMke39lDBQIzIm6MkqtNFbadOo3UIe+kNafIe+nr0ewCOqU0/w6/DdCT4g1erSg39b9Mhg== X-Received: by 10.200.43.149 with SMTP id m21mr11457713qtm.102.1489011780379; Wed, 08 Mar 2017 14:23:00 -0800 (PST) Received: from [10.0.10.3] (cpe-65-25-53-157.neo.res.rr.com. [65.25.53.157]) by smtp.googlemail.com with ESMTPSA id a19sm3019965qta.48.2017.03.08.14.22.59 for (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Mar 2017 14:22:59 -0800 (PST) Message-ID: <58C08444.8060600@gmail.com> Date: Wed, 08 Mar 2017 17:23:00 -0500 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: freebsd-questions@FreeBSD.org Subject: WIFI as access point Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2017 22:23:02 -0000 Hello List; I have this wifi card http://www.dlink.com/al/sq/products/dwa-556-xtreme-n-pci-express-desktop-adapter I recovered it from a decommissioned win7 box. On win7 this wifi card could only be used to connect to a router access point. If I add this wifi card to my FreeBSD 11.0 system can it be configured to function as an access point? From owner-freebsd-questions@freebsd.org Thu Mar 9 03:07:34 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C125CD01A3E for ; Thu, 9 Mar 2017 03:07:34 +0000 (UTC) (envelope-from jamie@onlinebannerbillboards.com) Received: from a2nlsmtp01-03.prod.iad2.secureserver.net (a2nlsmtp01-03.prod.iad2.secureserver.net [198.71.225.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 80F9D19B for ; Thu, 9 Mar 2017 03:07:34 +0000 (UTC) (envelope-from jamie@onlinebannerbillboards.com) Received: from a2plcpnl0761.prod.iad2.secureserver.net ([198.71.241.37]) by : HOSTING RELAY : with SMTP id loPPcZYKIujTCloPPcX40H; Wed, 08 Mar 2017 20:06:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=onlinebannerbillboards.com; s=default; h=Content-Transfer-Encoding: Content-Type:MIME-Version:Message-ID:Subject:Reply-To:From:To:Date:Sender:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=4r/6q9T9tSIIEhvjqJxop3+IUFYb+qggbjr6YUTuIug=; b=ccmBpJgX1AVp//CC49+v9G6vC 2LyhSrGwwSSXwhpz7BXvjY799bE1ifX/lzvbHnoS0quTRNHqb9CufZT53hMjMChG/LBFVcul0DEY5 rdEc013LV+dgBSxCBmscTOTmP5Mz4zG/TeY5+cn1uy3GhH8m6qka17cT7LzeAvKiaulmq1dMSGKbU yiPhXatdL5B7Bjd/2ww10VPGI/kQZMgbwBKQ+w4WbMdJNo6jIf0gTBvdVObYTcxYiBc0RqYinQrWp 5tdqkqZlwEfDXCSgL6iWwek29p2f0csKqDa6iAbNRbC9gHnlHwudVh0HHbJENTgXYM35oIPF9IBct PIzhyOIzQ==; Received: from [127.0.0.1] (port=45140 helo=onlinebannerbillboards.com) by a2plcpnl0761.prod.iad2.secureserver.net with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from ) id 1cloPO-002Tdg-RK for freebsd-questions@freebsd.org; Wed, 08 Mar 2017 20:06:30 -0700 Date: Thu, 9 Mar 2017 03:06:25 +0000 To: "freebsd-questions@freebsd.org" From: "jamie@onlinebannerbillboards.com" Reply-To: "jamie@onlinebannerbillboards.com" Subject: Freebsd-questions, Quick traffic drive to your site Message-ID: <2fa0f283026e5f6cb82a4763006eaead@onlinebannerbillboards.com> X-Mailer: PHPMailer 5.2.13 (https://github.com/PHPMailer/PHPMailer) MIME-Version: 1.0 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - a2plcpnl0761.prod.iad2.secureserver.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - onlinebannerbillboards.com X-Get-Message-Sender-Via: a2plcpnl0761.prod.iad2.secureserver.net: authenticated_id: jamie@onlinebannerbillboards.com X-Authenticated-Sender: a2plcpnl0761.prod.iad2.secureserver.net: jamie@onlinebannerbillboards.com X-Source: X-Source-Args: X-Source-Dir: X-CMAE-Envelope: MS4wfJ614jHKht2wjDbc/TiRpkwhK+i6jJC286KjGLaSsVv/YpA/cU0zjd90pzl7DhdxA/3sq9Tf93C69dIG8kHu2oAQAcKgDW247ZoVLGBBFyQBjZLzRh5S casbhB9RqsQ90Ce1jsOmABzwqvUAFrOxv6wFwBbY+teix3OTe3zwX8jI76y8d0Crh7/qzR9d1tLQm1g4Arp6gSyA+W/1amdaEWUyp2LrBdgXZkZ3M0lqEUcN Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 03:07:34 -0000 Hi Freebsd-questions! Before you get excited and start throwing money at one PPC campaign after the other, consider our best particular technique that might work for you for better way. We can place your website on top portion of search engine results during whole year with your keywords without paying for each click and you will have exclusive rights on your keywords after you select them and lock them for whole year! You can do online demo in 3 easy steps: - Go to our website and click on DEMO link; - Put in your website freebsd org address and your keyword; - Click VIEW ONLINE DEMO and see result. My sincerest gratitude, Jamie From owner-freebsd-questions@freebsd.org Thu Mar 9 09:42:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 08C3CD02957 for ; Thu, 9 Mar 2017 09:42:57 +0000 (UTC) (envelope-from woodsb02@gmail.com) Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D78DA171D for ; Thu, 9 Mar 2017 09:42:56 +0000 (UTC) (envelope-from woodsb02@gmail.com) Received: by mail-io0-x232.google.com with SMTP id z13so24967354iof.2 for ; Thu, 09 Mar 2017 01:42:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=BVdJD6XwyGkn9D08k00h5VAk570UD+ymjHMddrcaSuA=; b=fGtTJWLFKzDJSPZ7D0aNlw/jdqLE+1MotltIOu37ppepLchVl8OFMbd5vQGo2JsrI5 Jgj2vQj+mL2+QAowqgE3GC7RX2eXzxLBIIgvX/QafsbplVIt8FdSD26MVn8wA09lGYJJ n0/TUMUE7I0zVv/PJ5hpywQ7LRa5WLeUg7+ZuBUOHlGNQtitpXogptn8RBXMvdxRgZSV lIH+uEoaxMm9Ds0/rZ6SX1kpHaJR8A38J55zPNhKtuW3YzQBuK2sB5hgm1axniLPtnLO pevuCMQw5PURHt4GCX1FSvshagDmAcIxskCZNPavCFKABCLa1klml0iPgakAjSdvCsiW 6Y3w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=BVdJD6XwyGkn9D08k00h5VAk570UD+ymjHMddrcaSuA=; b=sID4oB3ez9Ti9gASJZGwY/pO/AUmOL/j4kJ49PTp9+04I0g1uApxbnOx5/kbsKfZEi VP/Ud+e9pssr2n3jnHmuPmZ/9TxBbRBkuYm6YuO04692AxVnSN+j25DUolu3IZL1sdYM QFPxPjpx2Y1aEKQXnhHJoPNC5mpJ1PLLTdQa/ZaSW/MB1E0487D87wGATSjG3LEpt3H0 vR9oFMwUxzk9+gOSQaxp90fFTQQYbIvBvjtUdXnsElxZ4a+EIZmBHC2o7uYS2Hl7t9LJ rnwQEOIS0CZR3KKVohX7w+6bl+54kRs7QPUIcCoIa1EknTos2s4Ldrg5WYotEHTo0AOi l82w== X-Gm-Message-State: AMke39lYgYqfC9LQ3FsZOmE8w4UYWrtD6r5VtpAuW0Cbsav8YvsJJ/Mvh/rpVWzC5KamJPjJOL/YCfkoxcOMwA== X-Received: by 10.107.195.66 with SMTP id t63mr11910103iof.155.1489052576297; Thu, 09 Mar 2017 01:42:56 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Ben Woods Date: Thu, 09 Mar 2017 09:42:45 +0000 Message-ID: Subject: Re: Support of TLS processing in kernel To: Ravichandra , freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 09:42:57 -0000 On Wed, 8 Mar 2017 at 7:03 pm, Ravichandra wrote: > Hi, > Recently some work is done by people at facebook about TLS processing in > kernel. > It is called as kernel TLS by them. A kernel patch for the same is > submitted on > linux kernel. I am trying to see something similar can be done for FreeBSD > too. I see > that stream parsing(strparsing module) support which is leveraged by this > kernel TLS > module is present in linux kernel and not in FreeBSD. This stream parsing > module > helps the kernel to custom parse the TCP data according to a application > layer protocol > requirement. Is there a way that helps to achieve the same in FreeBSD? > > Thanks > Ravichandra Netflix have previously done TLS in the FreeBSD kernel. You can see their paper on it here: https://people.freebsd.org/~rrs/asiabsd_tls_improved.pdf Regards, Ben > -- -- From: Benjamin Woods woodsb02@gmail.com From owner-freebsd-questions@freebsd.org Thu Mar 9 09:47:19 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E25AFD02B96 for ; Thu, 9 Mar 2017 09:47:19 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: from mail-it0-x22e.google.com (mail-it0-x22e.google.com [IPv6:2607:f8b0:4001:c0b::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AB2EA1A8F for ; Thu, 9 Mar 2017 09:47:19 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: by mail-it0-x22e.google.com with SMTP id g138so63309859itb.0 for ; Thu, 09 Mar 2017 01:47:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4/Rtvrm1GWSD04e0L2+D15Lr+z56gv+gD1v0H2NniyQ=; b=R0zE/EnX+xLvsbc2wwwmi0LW/frMGFIeYCiVHwNtElKKF3BH7ov+gEBIE50/YAkgPH p3vsJQew6XM1Zqhsnf4Q7sGk5lqyF/hcGqDuEy0vMDNq0zJWQVJziXUUovu4uAYGeQbW kZ1AUOetJCdIwa00NpkdpONiunt8gqE4V4Py/IhHbHCbVfy24BJQDiuKrdGEArQik3eA 9ZFycdpUI5pYoswAHel08CmIfSX4X/90J1Sevc+n9bV121Dia9VcwYC/L42X6dFtFY3/ aAsBAsF9vt1rJrDRyruPzE8jFG9syDNZwLUFZUIQ18LwRTyTAb+GeGdXz+hlIEggmegG MLmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4/Rtvrm1GWSD04e0L2+D15Lr+z56gv+gD1v0H2NniyQ=; b=GOZidxeKcgqmSwkgSnotN1rQ418ntrA2ph1ef9Lkh6kgDYoINsQPgdaLaK5UjuftL7 ppm4TeEQYgqJSqmY2iU1ZnQJePGa6mU8VrhJ37/I8xtoXR8MzQ0lnv7VnnT1G3L2laBV dPSKefrn1neVChnuoIBwv99sHCEZrHeUOsdXmRgqoy1Kb8f3v6H9BF4MKp+8cnlxDa2m LM8OWMP5cqk8qWp2vzlF90xpQHC+/uRy76Cm/6nIlMb3nmueQnGhiurkWiPAPzBxIyT+ dy7wNNwPgkXDDSzlasT38jzmXHWlZJSKNMSl1Jfj4tVzZVW19MkAd2cV7sRkCS2qDeRi kRrQ== X-Gm-Message-State: AMke39m5YwYv4ebO9ciPLvaGShCLROGFcELZcqolxqVgPCeTIJuHFQNwaLpxiTWOnPgegQzzYkaVfEAzvkTs9Q== X-Received: by 10.36.68.18 with SMTP id o18mr10970927ita.43.1489052839195; Thu, 09 Mar 2017 01:47:19 -0800 (PST) MIME-Version: 1.0 Received: by 10.36.217.134 with HTTP; Thu, 9 Mar 2017 01:47:18 -0800 (PST) In-Reply-To: References: From: Ravichandra Date: Thu, 9 Mar 2017 15:17:18 +0530 Message-ID: Subject: Re: Support of TLS processing in kernel To: Ben Woods Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 09:47:20 -0000 Hi Ben, I have looked at this paper. I couldn't find any patch or support being added to FreeBSD kernel. Do you know if this implementation is done? Thanks Ravichandra On Thu, Mar 9, 2017 at 3:12 PM, Ben Woods wrote: > On Wed, 8 Mar 2017 at 7:03 pm, Ravichandra > wrote: > >> Hi, >> Recently some work is done by people at facebook about TLS processing in >> kernel. >> It is called as kernel TLS by them. A kernel patch for the same is >> submitted on >> linux kernel. I am trying to see something similar can be done for FreeBSD >> too. I see >> that stream parsing(strparsing module) support which is leveraged by this >> kernel TLS >> module is present in linux kernel and not in FreeBSD. This stream parsing >> module >> helps the kernel to custom parse the TCP data according to a application >> layer protocol >> requirement. Is there a way that helps to achieve the same in FreeBSD? >> >> Thanks >> Ravichandra > > > Netflix have previously done TLS in the FreeBSD kernel. > > You can see their paper on it here: > > https://people.freebsd.org/~rrs/asiabsd_tls_improved.pdf > > Regards, > Ben > >> -- > > -- > From: Benjamin Woods > woodsb02@gmail.com > From owner-freebsd-questions@freebsd.org Thu Mar 9 09:59:48 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B39B3D03271 for ; Thu, 9 Mar 2017 09:59:48 +0000 (UTC) (envelope-from luvbeastie@larseighner.com) Received: from emailserver2.asdf456.com (emailserver2.asdf456.com [72.18.207.139]) by mx1.freebsd.org (Postfix) with SMTP id 839EE633 for ; Thu, 9 Mar 2017 09:59:48 +0000 (UTC) (envelope-from luvbeastie@larseighner.com) Received: (qmail 8333 invoked by uid 0); 9 Mar 2017 09:53:06 -0000 Received: by simscan 1.4.0 ppid: 8044, pid: 8332, t: 0.1599s scanners:none Received: from unknown (HELO Lars-PC) (70.115.135.184) by emailserver2.asdf456.com with SMTP; Thu, 09 Mar 2017 09:53:06 +0000 Date: Thu, 9 Mar 2017 03:52:49 -0600 From: Lars Eighner X-X-Sender: Lars@Lars-PC Reply-To: Lars Eighner To: freebsd-questions@FreeBSD.org Subject: Cannot find Windows drive Message-ID: User-Agent: Alpine 2.20 (CYG 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 09:59:48 -0000 A lightning-related surge zapped the motherboard of my old SYX, but my whole life was in its hard drives (which were mirrors of each other except for fstab, so that either could be booted). So, I got something called an HP 8000 dual core tower refurbished by Joy Systems. It was supposed to come with Windows 7 biz on a 1 Tb drive -- and the drive is in there. So I installed my 2 1-Tb drives in its internal stack, having plenty of power and SATA plugs. I left the supposed Windows drive alone. I was concerned about how I would get to the FreeBSD drives if it booted in Windows, which is what I expected. But low and behold, it booted into FreeBSD. The old drives had 10.x AMD kernels and worlds, and they took off. I could boot to one or the other. But I cannot find the Windows drive. It does not seem to show up in /dev. And when I go to the BIOS set up, the BIOS does not seem to know of the existence of the Windows drives either. I checked that all of the SATAs are not hidden. bsdinstall only gives me a choice of the two known BSD drives -- I thought I could adjust the MBR to include Windows, but bsdinstall denies all knowledge of the third (original to the machine) drive. I tried to get into the Intel BIOS Management, but it wants a password -- I have no idea what. I suppose I should be happy to have my data back. But the missing drive is preying on my mind. What happened? -- Lars Eighner luvbeastie@larseighner.com From owner-freebsd-questions@freebsd.org Thu Mar 9 10:38:46 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8D655D042BA; Thu, 9 Mar 2017 10:38:46 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ua0-x230.google.com (mail-ua0-x230.google.com [IPv6:2607:f8b0:400c:c08::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4888D1CB5; Thu, 9 Mar 2017 10:38:46 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ua0-x230.google.com with SMTP id u30so75868316uau.0; Thu, 09 Mar 2017 02:38:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=H3ycku3Xlb4JAuzrinsJ6FKhezaV5a30fGV6cFUNo2A=; b=IBX9cYm0EtUmEOj4Iel5sJBcqcpogFC+AYafe9bLkqtGYsaWohRXSmXbB2TFwAG11h aJVZcqmDPR3wx4aeNWg56hpGwg88khdyqy7OerJVjhS2/N1RmMetaAUOw+g+tWEtzWSj HRyu4R7kU7lU2zbxMChE+a76H7xezTexuEbH0tLoY2+iKdmM35RFj3emoNRe51BhnTVj i5ALXtsxqo7WlRcX/32bXrWoUYMY/EulUJXeM/2vpjJu37FvqBznSTkrT/9mnn5VaDD2 MNzxQ9N1CGX6vE7/Z8NrCQkT5+WFv7qD2UGWKw4/bWrPl2lHMTavBzCb5VKhlLXy3dJZ yvUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=H3ycku3Xlb4JAuzrinsJ6FKhezaV5a30fGV6cFUNo2A=; b=nwD8Q/+UpPsDhfoMwzkPuJSRK2kHkbzVB22vaaEzAcdUW0LvgHAdgntgF1zaVrbeqg 6qyzQ79trYoGqabr8bIlqi6BVA7pSkdZFynO24yhTBeUYx8fG53N8DhZagm/Z2fmXHId hqb2M8epSSQKcoGqaPwQaY1JvB0IbWdA8OALfQci8lvSNYh+tO+ZOpBXTH+CbUSZmmPi nkyUdyY9qyWDwZ0adSJM4X6rXZzwmQgmCJyTZq1J6QI5uaQd3OUTy9IrSZtONObyUE4m g4s4jf8wVI510cTmoHiSW9Ct9Apu1ynoGYHNkt3f754mWVyyHa2tEorxkZeivJI5dgpX DXxA== X-Gm-Message-State: AMke39nPVT4Nwiz9/nqS5EmYgo6TwbMYdZuUWY0E/WoOVBtIjgaIMCWP3p6XW8GByjMcI3pHc8W9XOGbzDXpyA== X-Received: by 10.31.137.75 with SMTP id l72mr6722253vkd.138.1489055925238; Thu, 09 Mar 2017 02:38:45 -0800 (PST) MIME-Version: 1.0 Received: by 10.159.48.143 with HTTP; Thu, 9 Mar 2017 02:38:04 -0800 (PST) In-Reply-To: <86innjojfb.fsf@desk.des.no> References: <86innjojfb.fsf@desk.des.no> From: grarpamp Date: Thu, 9 Mar 2017 05:38:04 -0500 Message-ID: Subject: Re: WikiLeaks CIA Exploits: FreeBSD References Within To: freebsd-security@freebsd.org Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 10:38:46 -0000 On Wed, Mar 8, 2017 at 10:52 AM, Dag-Erling Sm=C3=B8rgrav wrot= e: > grarpamp writes: >> https://search.wikileaks.org/?q=3Dfreebsd > That doesn't indicate a vulnerability. Shell code is what you use to Yep, sec folks are aware of the difference between sample and exploit code, and vulnerabilities. https://www.freebsd.org/security/advisories.html http://shell-storm.org/shellcode/ The post wasn't meant to "indicate a vulnerability". But as a heads up that maybe some might end up being published there. On the other hand, there are countless eyes on it, so OS vendors will find out in time, even if they aren't eyeballing it themselves. > legal advice Let us all get legal advice before living, as it might entail risks ;) Lots of sites offer a variety of advice for those facing risks. Here are some related to employers, browsing, and law... https://intelexit.org/ https://www.youtube.com/watch?v=3DfklxuoBXXqw https://www.torproject.org/ https://geti2p.net/ https://www.eff.org/ IANAGPA, but they do exist. (Btw, the pentest turned out to be old Nessus and Metasploit stuff.) From owner-freebsd-questions@freebsd.org Thu Mar 9 11:53:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 21BE1D04C15 for ; Thu, 9 Mar 2017 11:53:17 +0000 (UTC) (envelope-from lists@rakupottery.org.uk) Received: from smtp-out-2.tiscali.co.uk (smtp-out-2.tiscali.co.uk [62.24.135.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B6FB6811 for ; Thu, 9 Mar 2017 11:53:16 +0000 (UTC) (envelope-from lists@rakupottery.org.uk) Received: from Martins-iMac.local ([92.27.146.104]) by smtp.talktalk.net with SMTP id lwd7c0eAOTrRilwd7cST6e; Thu, 09 Mar 2017 11:53:14 +0000 X-Originating-IP: [92.27.146.104] Subject: Re: Cannot find Windows drive To: freebsd-questions@freebsd.org References: From: Martin Smith Message-ID: Date: Thu, 9 Mar 2017 11:53:13 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfChZDKXPS4MFvL+U0U9y2PM5tsZbinog/XqdDQORMhE+snVcTWiCcdJvahBuSH3vxgwjdf/IocanOAh4dhp2nT96UQPnz5du6sGCbfupygQZNxoJ+ezA u/lY44Bot+xAQ1yWc0BPdlTfq8GM6+9mk+UzaDTg/czENTPoel4u9/9dLxuBU3pDTDzX4DBSKdi3cikTkOneY9gVlTiJkjT0uhY= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 11:53:17 -0000 On 09/03/2017 09:52, Lars Eighner wrote: > A lightning-related surge zapped the motherboard of my old SYX, but my > whole life was in its hard drives (which were mirrors of each other > except for fstab, so that either could be booted). So, I got something > called an HP 8000 dual core tower refurbished by Joy Systems. It was > supposed to come with Windows 7 biz on a 1 Tb drive -- and the drive > is in there. So I installed my 2 1-Tb drives in its internal stack, > having plenty of power and SATA plugs. I left the supposed Windows > drive alone. > > I was concerned about how I would get to the FreeBSD drives if it > booted in Windows, which is what I expected. But low and behold, it > booted into FreeBSD. The old drives had 10.x AMD kernels and worlds, > and they took off. I could boot to one or the other. But I cannot find > the Windows drive. It does not seem to show up in /dev. And when I go > to the BIOS set up, the BIOS does not seem to know of the existence of > the Windows drives either. I checked that all of the SATAs are not > hidden. > > bsdinstall only gives me a choice of the two known BSD drives -- I > thought I could adjust the MBR to include Windows, but bsdinstall > denies all knowledge of the third (original to the machine) drive. I > tried to get into the Intel BIOS Management, but it wants a password > -- I have no idea what. I suppose I should be happy to have my data > back. But the missing drive is preying on my mind. > > What happened? > will it boot into windows if you disconnect the BSD drives? if not the drive may be DOA, its not altogether unknown for that to happen -- Martin From owner-freebsd-questions@freebsd.org Thu Mar 9 13:00:29 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 86548D027AC for ; Thu, 9 Mar 2017 13:00:29 +0000 (UTC) (envelope-from sakhmatd@inventati.org) Received: from perdizione.investici.org (perdizione.investici.org [IPv6:2001:41d0:2:33d0::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.autistici.org", Issuer "Autistici/Inventati Certification Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F6171781 for ; Thu, 9 Mar 2017 13:00:29 +0000 (UTC) (envelope-from sakhmatd@inventati.org) Received: from [94.23.50.208] (perdizione [94.23.50.208]) (Authenticated sender: sakhmatd@inventati.org) by localhost (Postfix) with ESMTPSA id 2D8A51211BD; Thu, 9 Mar 2017 13:00:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inventati.org; s=stigmate; t=1489064424; bh=wBK5Lc4Je+mHG9EQy7fv5ps8RX//T5j7PzelzCyqgkw=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=A6QojScaF4/27W78/m5GCdl5fakI/zABTEQ+kpOIgBotSVO0DsN2N/y5X/ZtaJAXY MZtIyj/N8Maszy50AYiRb7/WNHEDt+GF0l8d5YmebGB/+ontnpXejyUDKyDjTy7Ton iuda0r0X8tVKUYun6JotaxwvsGXRwLqWAQdXVScU= Date: Thu, 9 Mar 2017 08:00:21 -0500 From: Sergei Akhmatdinov To: Lars Eighner Cc: freebsd-questions@FreeBSD.org Subject: Re: Cannot find Windows drive Message-ID: <20170309130021.s7s5v36ouew5m7d4@silverbeast> Mail-Followup-To: Sergei Akhmatdinov , Lars Eighner , freebsd-questions@FreeBSD.org References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="6s2j4r6d2qpp5kmv" Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.0-STABLE X-Mailer: NeoMutt 1.7.2 User-Agent: NeoMutt/20170225 (1.8.0) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 13:00:29 -0000 --6s2j4r6d2qpp5kmv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Mar 09, 2017 at 03:52:49AM -0600, Lars Eighner wrote: > [SNIP] Well, since BIOS can't see the drive, it certainly isn't a FreeBSD problem. Either the Windows drive is DOA, or it's a BIOS/Mobo issue. Try the drive in another machine if possible or try seeing if it boots alone. Cheers, --=20 Sergei Akhmatdinov My GPG public key: gpg --keyserver pgp.mit.edu --recv-keys AD800D99 --6s2j4r6d2qpp5kmv Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsummKCcus6yGvH0NK5XevCV5XpIFAljBUdkACgkQK5XevCV5 XpJ1VRAAiFH32IGtistXc44VPq6ZC0Q3wKACNQSTFEBzWmZeQ81BcKzsK3zzZxfK zt0xXbnvwJajbQV7KlTP7V0EMqyLKzdK3BweI4dO1VuAMDEm+/cWGdhcUTOEcOez BJjEVHoss7D61/07e81KwIu6p8ThiMkefATEW5HvdslX6yrhJXTGOufGmkRAIEiX xH+KdTJ5Y9D2jde5oo3ih9PqvF0eoL+DZx8Ot/VyBkdLpYZPe/qUFOZe6vI868Ib dKLIgfxSCgO/KCgWS4OQ/4nX9zCb+HgZBmwQxoAqNu5ufBQNpuJZvZScta7Aq5NT GRNDbpuJCnSbcDzGfdxcAvNaoXuS4/eF2vPzrdVSvxr7ajyiItR/TzcArS5aEN5y VBsicKDTmFw6+g5kV7b/WaVmUJv7zCP4YpMRARo9aFT0UWWfX/R+imO86V09uHD1 fTFPGfQ2tN9Csd8xE4FtaKvOzQAsRtzeH7GVv0+unoWAvkUWKMEx9Yh8LOeMtod9 n3vqYcBxeL9lo15o0UJtzocErone4yqyQ2zVdhTFNs8Z79XIcSMHl/JiDSg1qQkT PG9MaIb6W+53G+RfeB3QeMuRAIyr2oJuQ2w0QsBscxIH82gEAoZ5H71tMp6CW+5Q hv9cSIoM/2APu7ZT1JbgXZPV1CJ0Ec7/0EG7Ckf/+MUqDrNZsUE= =1rfj -----END PGP SIGNATURE----- --6s2j4r6d2qpp5kmv-- From owner-freebsd-questions@freebsd.org Thu Mar 9 13:03:30 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3FA2BD02A65 for ; Thu, 9 Mar 2017 13:03:30 +0000 (UTC) (envelope-from hans@stare.cz) Received: from mx.stare.cz (ns.stare.cz [79.98.77.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0EC91B7A for ; Thu, 9 Mar 2017 13:03:28 +0000 (UTC) (envelope-from hans@stare.cz) Received: from www.stare.cz (localhost [127.0.0.1]) by www.stare.cz (OpenSMTPD) with ESMTP id 0a03723b for ; Thu, 9 Mar 2017 14:03:18 +0100 (CET) Date: Thu, 9 Mar 2017 14:03:18 +0100 From: Jan Stary To: freebsd-questions@freebsd.org Subject: Re: Cannot find Windows drive Message-ID: <20170309130318.GA72057@www.stare.cz> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.7.1 (2016-10-04) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 13:03:30 -0000 On Mar 09 03:52:49, luvbeastie@larseighner.com wrote: > A lightning-related surge zapped the motherboard of my old SYX, but my whole > life was in its hard drives (which were mirrors of each other except for > fstab, so that either could be booted). So, I got something called an HP > 8000 dual core tower refurbished by Joy Systems. It was supposed to come > with Windows 7 biz on a 1 Tb drive -- and the drive is in there. So I > installed my 2 1-Tb drives in its internal stack, having plenty of power and > SATA plugs. I left the supposed Windows drive alone. > > I was concerned about how I would get to the FreeBSD drives if it booted in > Windows, which is what I expected. But low and behold, it booted into > FreeBSD. The old drives had 10.x AMD kernels and worlds, and they took off. > I could boot to one or the other. Good, so you have your data back. Make an external backup, now. > But I cannot find the Windows drive. It > does not seem to show up in /dev. And when I go to the BIOS set up, the BIOS > does not seem to know of the existence of the Windows drives either. I > checked that all of the SATAs are not hidden. > > bsdinstall only gives me a choice of the two known BSD drives -- I thought I > could adjust the MBR to include Windows, but bsdinstall denies all knowledge > of the third (original to the machine) drive. I tried to get into the Intel > BIOS Management, but it wants a password -- I have no idea what. I suppose I > should be happy to have my data back. But the missing drive is preying on my > mind. After you make a safe external backup of your BSD drive(s), disconnect them and boot into the FreeBSD installer (say, off a CD). Does it see the 1TB drive. Jan From owner-freebsd-questions@freebsd.org Thu Mar 9 15:27:21 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E431FD04B90 for ; Thu, 9 Mar 2017 15:27:21 +0000 (UTC) (envelope-from ml@netfence.it) Received: from smtp205.alice.it (smtp205.alice.it [82.57.200.101]) by mx1.freebsd.org (Postfix) with ESMTP id BC73018C8 for ; Thu, 9 Mar 2017 15:27:20 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.ventu (82.52.25.226) by smtp205.alice.it (8.6.060.28) (authenticated as acanedi@alice.it) id 588F425B0A650F04 for freebsd-questions@freebsd.org; Thu, 9 Mar 2017 16:27:14 +0100 Received: from alamar.ventu (alamar.local.netfence.it [10.1.2.18]) by soth.ventu (8.15.2/8.15.2) with ESMTP id v29FQcul020541 for ; Thu, 9 Mar 2017 16:26:38 +0100 (CET) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.ventu: Host alamar.local.netfence.it [10.1.2.18] claimed to be alamar.ventu From: Andrea Venturoli Subject: security.bsd.stack_guard_page To: freebsd-questions@freebsd.org Message-ID: Date: Thu, 9 Mar 2017 16:26:38 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 15:27:22 -0000 Hello. I know I'm coming up with a lot of questions these days... :) Any doc on this sysctl? I think I get the overall picture on what it does, but I'd like to understand whether there are donwsides on enabling this. Like... system running slower or consuming more RAM... incompatible ports or drivers... etc. Any reason not to enable it? I searched the web, but didn't find anything official. bye & Thanks av. From owner-freebsd-questions@freebsd.org Thu Mar 9 15:45:54 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 09983D05685 for ; Thu, 9 Mar 2017 15:45:54 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [88.198.212.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C5993F07 for ; Thu, 9 Mar 2017 15:45:53 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9a6:c76b:7d:95c0]) by hz.citrin.ru (Postfix) with ESMTPSA id 2E48E29A630 for ; Thu, 9 Mar 2017 15:45:51 +0000 (UTC) Subject: Re: security.bsd.stack_guard_page To: freebsd-questions@freebsd.org References: From: Anton Yuzhaninov Message-ID: Date: Thu, 9 Mar 2017 10:45:49 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1489074351; bh=LqsjJP4AaGRnN9oSBwDnZqPAclsdt8gNYZ7o2Ev0t/M=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=CYGETj52NTjFUCUNjwD1tyD07rjdWjsH73ZLje7EErIF/m7zs5e/bM3aigNrJLt3s//ZXaVe6nNM3DKnvHxFY2Ez3nrgfPUeD3jwv24f1iskfQF3AdcXjbmpo51gLbixvfj40wb1+AUAFnPTWX1VgHYOJHlsQo13cSKURwPnhiQ= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 15:45:54 -0000 On 03/09/17 10:26, Andrea Venturoli wrote: > Any doc on this sysctl? It seems to be only docs available are sysctl description and commit message: https://svnweb.freebsd.org/changeset/base/215307 > I think I get the overall picture on what it does, but I'd like to > understand whether there are donwsides on enabling this. > Like... system running slower or consuming more RAM... incompatible > ports or drivers... etc. > > Any reason not to enable it? Id don't know for sure, but probably this feature adds a little value given that SSP (stack smashing protection) is already enabled for base system and most of ports. If you need definitive answer, try to ask author of this feature (kib@). From owner-freebsd-questions@freebsd.org Thu Mar 9 15:48:05 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EFEEAD057A3 for ; Thu, 9 Mar 2017 15:48:05 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [88.198.212.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B88FD1041 for ; Thu, 9 Mar 2017 15:48:05 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9a6:c76b:7d:95c0]) by hz.citrin.ru (Postfix) with ESMTPSA id C947729A4C0 for ; Thu, 9 Mar 2017 15:48:03 +0000 (UTC) Subject: Re: upgrade FreeBSD 9.3-STABLE to FreeBSD 10 stable error buildworld To: freebsd-questions@freebsd.org References: From: Anton Yuzhaninov Message-ID: <3cabd7bc-f8c5-a28a-55c2-0d04cccf814a@citrin.ru> Date: Thu, 9 Mar 2017 10:48:02 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1489074484; bh=uxqKfvMcwoZwCEHL6f4g1s9zRBpOCoyzp+qVkx5afrQ=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=ckdhBr0LgaVIJkaQfrXdAYurw2M/kq0KVPsH6tpqpoBN7viDn7mcFx7NIDpnnA70C9/4jj6VQoREgLmruyzN4QZaBBNJX0C44U6yFeDgdxpE6P4B2pByYcd6is8imXBd8DDNkRLkazDD5iw/VrsB8vLqhT0YQqk6zy9uaZ/nb9s= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 15:48:06 -0000 On 03/08/17 14:04, Igor Polovykh wrote: > In file included from > /usr/src/usr.sbin/nmtree/../../contrib/mtree/create.c:74: > /usr/src/usr.sbin/nmtree/../../lib/libnetbsd/sha2.h:37:20: error: sha384.h: > No such file or directory > mkdep: compile failed > *** Error code 1 > > > [ root /usr/src ] # find . -name sha384.h > ./sys/crypto/sha2/sha384.h > > I've already tried to delete all source tree and get it again. Before > building world I cleared /usr/obj/* but I got the same error. Do you have custom settings in /etc/make.conf or /etc/src.conf ? From owner-freebsd-questions@freebsd.org Thu Mar 9 15:57:40 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8FD9BD05CF6 for ; Thu, 9 Mar 2017 15:57:40 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A97216D1 for ; Thu, 9 Mar 2017 15:57:40 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (unknown [IPv6:2601:18a:c301:8eee:9a6:c76b:7d:95c0]) by hz.citrin.ru (Postfix) with ESMTPSA id 67E8D29A34E for ; Thu, 9 Mar 2017 15:57:38 +0000 (UTC) Subject: Re: WIFI as access point To: freebsd-questions@freebsd.org References: <58C08444.8060600@gmail.com> From: Anton Yuzhaninov Message-ID: <620022b1-69ae-b024-e76e-fc2e7e59738b@citrin.ru> Date: Thu, 9 Mar 2017 10:57:36 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <58C08444.8060600@gmail.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1489075058; bh=oJtomJ7LsSXvSdILaGRH3KvOpMo8Wyg4qFvvXRL9uZM=; h=Subject:To:References:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=sBjRr8d1+Q6AGqHmmu1weADZ/NT5K+BTsWp6zjNwvLNU9UNGoJbflWzgoJNTpV/ECpzDUmuzLHmdaI3a/juMonKsw3qt6a0LD2w5vg+bkdc9jhN/9FCdR98wQjiNJ+hyfBel4AtvbKvNTZkzdoDsYlaDt7JIKTcdug9AaVZ6xj0= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 15:57:40 -0000 On 03/08/17 17:23, Ernie Luzar wrote: > > I have this wifi card > http://www.dlink.com/al/sq/products/dwa-556-xtreme-n-pci-express-desktop-adapter > I recovered it from a decommissioned win7 box. On win7 this wifi card > could only be used to connect to a router access point. > If I add this wifi card to my FreeBSD 11.0 system can it be configured > to function as an access point? If this card is based on Atheros chipset and supported by ath driver, then probably yes. But to bu sure you have to boot FreeBSD on box with this card and check # ifconfig wlan0 create wlandev ath0 # ifconfig wlan0 list caps | fgrep HOSTAP From owner-freebsd-questions@freebsd.org Thu Mar 9 17:17:47 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 81B69D04957 for ; Thu, 9 Mar 2017 17:17:47 +0000 (UTC) (envelope-from bounce+c6e953.b1b642-freebsd-questions=freebsd.org@home.dimapanov.com) Received: from mail2.static.mailgun.info (mail2.static.mailgun.info [104.130.122.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4894828 for ; Thu, 9 Mar 2017 17:17:46 +0000 (UTC) (envelope-from bounce+c6e953.b1b642-freebsd-questions=freebsd.org@home.dimapanov.com) DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=home.dimapanov.com; q=dns/txt; s=smtp; t=1489079864; h=Content-Transfer-Encoding: Content-Type: In-Reply-To: References: Subject: CC: To: MIME-Version: Reply-To: From: Date: Message-ID: Sender; bh=8OclYm8jzTQb5hLQo7yBUCjgj5MsLliaiCchqYyK1dI=; b=TEQrZFleKf0LAY0KxVJiP/Zv5H+Dl7xEsighpCzk2vqxJNc68H24tnZj/kVHePEz6J0bNr+3 VrFvUNiEKhTVG9KbatZWRfMmb80G4iZwkoKsxast2usWR9g3ARDR984K6pH56Z3H3AMlbNgD n5/76Au0Gc1ptU1S43D2vXaKNgc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=home.dimapanov.com; s=smtp; q=dns; h=Sender: Message-ID: Date: From: Reply-To: MIME-Version: To: CC: Subject: References: In-Reply-To: Content-Type: Content-Transfer-Encoding; b=bZ9hhU+oy5k1YFZUEheU3UM0N+rycUa4K9/dRB7i+YuaRxW6dpH/MdSzmJ0tOJmYi4sMRh drYPqaJDVdnDbxKe8zr8aUUBZAHM8YY5eG/h8EyOQgLcFSR6utK0Kb/q1OeCf4KbZcqQ44EP eLN5G+6JhjlmuZmVcjBK9KMmpFX+I= Sender: fluffy=freebsd.org@home.dimapanov.com X-Mailgun-Sending-Ip: 104.130.122.2 X-Mailgun-Sid: WyJhM2Y4ZiIsICJmcmVlYnNkLXF1ZXN0aW9uc0BmcmVlYnNkLm9yZyIsICJiMWI2NDIiXQ== Received: from MBPR-Fluffy.local (host.198.ipoe3.subnets.khb.ttkdv.ru [5.8.203.198]) by mxa.mailgun.org with ESMTP id 58c17ff3.7f0d1423da78-smtp-out-n01; Thu, 09 Mar 2017 16:16:51 -0000 (UTC) Message-ID: <58C17FEB.1020905@FreeBSD.org> Date: Fri, 10 Mar 2017 02:16:43 +1000 From: Dima Panov Reply-To: fluffy@FreeBSD.org User-Agent: Postbox 5.0.11 (Macintosh/20170302) MIME-Version: 1.0 To: Ernie Luzar CC: freebsd-questions@FreeBSD.org Subject: Re: WIFI as access point References: <58C08444.8060600@gmail.com> In-Reply-To: <58C08444.8060600@gmail.com> X-Enigmail-Version: 1.2.3 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 17:17:47 -0000 Ernie Luzar wrote: > Hello List; > > I have this wifi card > http://www.dlink.com/al/sq/products/dwa-556-xtreme-n-pci-express-desktop-adapter > > > I recovered it from a decommissioned win7 box. On win7 this wifi card > could only be used to connect to a router access point. > > If I add this wifi card to my FreeBSD 11.0 system can it be configured > to function as an access point? This card is fully support by ath driver as "AR5418 Wireless Network Adapter". Copmlete examples with various AP setup described in manual page for driver. -- Dima Panov (fluffy@FreeBSD.org) (X11, KDE, Office)@FreeBSD team Facebook: http://www.facebook.com/fluffy.khv twitter: fluffy_khv | skype: dima.panov | telegram: @dima_panov IRC: fluffy@EFNet, fluffykhv@FreeNode From owner-freebsd-questions@freebsd.org Fri Mar 10 01:46:41 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BC592D055D0 for ; Fri, 10 Mar 2017 01:46:41 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (douhisi.pair.com [209.68.5.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F5A219F0 for ; Fri, 10 Mar 2017 01:46:40 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from [192.168.0.1] (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id 2EA003F515 for ; Thu, 9 Mar 2017 20:46:34 -0500 (EST) Message-ID: <58C20579.2060503@sneakertech.com> Date: Thu, 09 Mar 2017 20:46:33 -0500 From: Quartz MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Cannot find Windows drive References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 01:46:41 -0000 >the BIOS does not seem to know of the existence of the Windows > drives either. If the BIOS can't even see the drives, then they're not there as far as the motherboard is concerned. No amount of messing with *nix will address that. This is a hardware/firmware problem, not an OS problem. Things to check: - Go over all your cables again. - Make sure that there isn't some weird conflict with that BIOS not supporting those drive types. - If you fully disconnect the BSD drives, will it boot into windows at all? - Do the drives have any jumpers that control things like SSC, PUIS, or alternate PHY modes? Some boards don't support all options. - Do the drives have dual sata+molex power plugs? Some drives (especially WD drives) with dual power will do special delayed/staggered spinup stuff and wait for an init signal over the sata data cable before starting, so if the BIOS doesn't send what the drive is expecting, nothing will happen. >I tried to > get into the Intel BIOS Management, but it wants a password Sounds like whoever 'refurbished' this machine either is screwing with you or doesn't know what they're doing. There should be a physical jumper or switch somewhere on the board that can forcibly reset the BIOS to factory defaults if you set it the right way at the right time; hunt down the board's manual for a step-by-step. Sometimes just pulling the battery for an hour will do it, depending on the BIOS and board. From owner-freebsd-questions@freebsd.org Fri Mar 10 03:59:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D1D98D05854 for ; Fri, 10 Mar 2017 03:59:39 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BD9B41D44 for ; Fri, 10 Mar 2017 03:59:39 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Thu, 9 Mar 2017 19:57:58 -0800 From: David Christensen Subject: Re: Cannot find Windows drive To: freebsd-questions@freebsd.org References: Message-ID: <11b031c6-b768-7dcd-d9de-86a4aeaf3547@holgerdanske.com> Date: Thu, 9 Mar 2017 19:58:36 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 03:59:39 -0000 On 03/09/2017 01:52 AM, Lars Eighner wrote: > A lightning-related surge zapped the motherboard of my old SYX, but > my whole life was in its hard drives (which were mirrors of each > other except for fstab, so that either could be booted). So, I got > something called an HP 8000 dual core tower refurbished by Joy > Systems. It was supposed to come with Windows 7 biz on a 1 Tb drive > -- and the drive is in there. So I installed my 2 1-Tb drives in its > internal stack, having plenty of power and SATA plugs. I left the > supposed Windows drive alone. > > I was concerned about how I would get to the FreeBSD drives if it > booted in Windows, which is what I expected. But low and behold, it > booted into FreeBSD. The old drives had 10.x AMD kernels and worlds, > and they took off. I could boot to one or the other. But I cannot > find the Windows drive. It does not seem to show up in /dev. And when > I go to the BIOS set up, the BIOS does not seem to know of the > existence of the Windows drives either. I checked that all of the > SATAs are not hidden. > > bsdinstall only gives me a choice of the two known BSD drives -- I > thought I could adjust the MBR to include Windows, but bsdinstall > denies all knowledge of the third (original to the machine) drive. I > tried to get into the Intel BIOS Management, but it wants a password > -- I have no idea what. I suppose I should be happy to have my data > back. But the missing drive is preying on my mind. > > What happened? On 03/09/2017 05:46 PM, Quartz wrote: > There should be a physical jumper or switch somewhere on the board > that can forcibly reset the BIOS to factory defaults if you set it > the right way at the right time; hunt down the board's manual for a > step-by-step. Sometimes just pulling the battery for an hour will do > it, depending on the BIOS and board. +1 Then disconnect the BSD drives, connect the Windows drive to the first SATA port, and enter CMOS setup. If BIOS sees the drive, try booting it. If not, try other SATA ports, SATA cables, and/or power supply pigtails. If none of that works, try moving the drive to another machine and check CMOS setup (but don't boot the drive). David From owner-freebsd-questions@freebsd.org Fri Mar 10 08:32:42 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CEBA1D0467E for ; Fri, 10 Mar 2017 08:32:42 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 0D63B1706 for ; Fri, 10 Mar 2017 08:32:41 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39634519; Fri, 10 Mar 2017 14:28:10 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.14.9/8.14.9) with ESMTP id v2A8WcR7015718; Fri, 10 Mar 2017 15:32:38 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.14.9/8.14.9/Submit) id v2A8WXSH015714; Fri, 10 Mar 2017 15:32:33 +0700 (KRAT) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Fri, 10 Mar 2017 15:32:33 +0700 From: Victor Sudakov To: Ian Smith Cc: Polytropon , Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW Message-ID: <20170310083233.GA15405@admin.sibptus.transneft.ru> References: <20170307233222.E87835@sola.nimnet.asn.au> <20170308122925.GA67654@admin.sibptus.transneft.ru> <20170309023112.M80813@sola.nimnet.asn.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170309023112.M80813@sola.nimnet.asn.au> Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.7.1 (2016-10-04) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 08:32:42 -0000 Ian Smith wrote: > > > > > > There is one thing that a higher level macro language on top of ipfw > > > > would be nice to have for. > > > > > > ipfw rules are very much like an assembly language, and 'assemble' to > > > precisely executable opcodes in a well-defined virtual machine. pf feels > > > (to me) more like 'higher level' coding, which seems to suit many people > > > better .. but I'm an old assembler kind of guy, from S/370 onwards :) > > > > > > > Several times I have tried to emulate Cisco PIX/ASA logic with ipfw. > > > > I just want to have e.g. 3 interfaces: inside, outside, dmz with > > > > security levels of 100, 0, 50 respectively. Traffic can flow from the > > > > interface with a higher security level to the interface with a lower > > > > security level, and return traffic is permitted too. > > > > > > > > Every time I have tried to express this with ipfw rules, I failed > > > > miserably, though superficially it looks simple (with keep-state). > > > > > > That's quite doable, but I wouldn't use numeric levels like that, > > > > When there are more than 2 interfaces, numeric levels are very useful. > > Sure, if you have some way to map these to interfaces and to define the > allowable flows, but meanwhile I used those as method descriptors, which > you'd already clearly enough defined for this particular application. > > > > and > > > I'd use static rules first to limit access between inside, outside and > > > dmz, adding dynamic (stateful) rules after those constraints are met. > > > > > > Just roughly, as a partial sketch, and assuming all at layer 3 (ip): > > > > > > check-state // pass established dynamic flows > > > > > > # can only check both interfaces on 'out' packets, leaving ipfw > > > deny tcp from any to any out recv $dmz_if xmit $inside_if setup > > > deny udp from any to any out recv $dmz_if xmit $inside_if > > > > > > # if dmz provides service/s to outside, skip over these for them > > > # those can be allowed/denied on 'in' pass, using dest address/es. > > > > > > deny tcp from any to any out recv $outside_iface setup > > > deny udp from any to any out recv $outside_iface > > > > > > # skip this for any static (setup then established) services below > > > deny all from any to any established > > > > > > # best use static rules for icmp, see rc.firewall 'workstation' > > > > > > # then (or earlier, if you prefer) separate flows for inside|dmz > > > # then allow services on inside and dmz, perhaps using static rules > > > # then allow access from inside|dmz to dmz|outside statefully. > > > > Yes, that's basically what I usually come to. > > But it would be much nicer to write a macro like that: > > > > nameif fxp0 outside security0 > > nameif fxp1 inside security100 > > nameif fxp2 dmz security50 > > permit tcp from any to any eq 80 in interface dmz > > permit tcp from any to 10.10.5.1 eq 3389 in interface inside > > > > and to have all the gory details configured for you automagically. > > Well yes, but I think you'll find that non-trivial to do. I have. > If you come > up with something, or enthuse somebody else to do so, I'll test it at > least as far as scrutinising output rulesets. > > Perhaps start by declaring actual ipfw rules you expect such a syntax to > produce from your example above; then figure out how to generate those? Oh, if I could imagine the actual ipfw rules, I would have done this long ago. Superficially, they should boil down to a bunch of rules like check-state permit ip from any to any in via XXX out via YYY keep-state permit ip from any to any in via QQQ out via ZZZ keep-state deny ip from any to any but in practice, there is always some show-stopper. > I can't recall when or where, but have seen an example using ipfw's > preprocessor feature, using m4(1) to pre-process provided parameters to > generate customised rulesets, to some degree at least. > > ipfw [-cfnNqS] [-p preproc [preproc-flags]] pathname > > See ipfw(8) /LIST OF RULES AND PREPROCESSING Been there, done that. Using a shell script with loops and variables for networks and interfaces turned out to be so much simpler than using a preprocessor. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-questions@freebsd.org Fri Mar 10 14:16:08 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 83739D04AF8 for ; Fri, 10 Mar 2017 14:16:08 +0000 (UTC) (envelope-from bounce+be7db3.da7392-freebsd-questions=freebsd.org@linx.com) Received: from so254-13.mailgun.net (so254-13.mailgun.net [198.61.254.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 56BA8196C for ; Fri, 10 Mar 2017 14:16:08 +0000 (UTC) (envelope-from bounce+be7db3.da7392-freebsd-questions=freebsd.org@linx.com) DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=linx.com; q=dns/txt; s=smtp; t=1489155368; h=Date: Message-Id: From: Content-type: MIME-Version: Subject: To: Sender; bh=ZMmcWlvsu70DN56ZynqY90NPBAMs5W/cm8eOUqwTXQc=; b=FX6i4wkxhnUGnY4v4X+e69sryvgdKoXEz+TLkJJHgEWB074Sb0K/cQTI3foAtZ/ZhXSJEwbq 9hKyEa4faZ8TAwT7cZ7OLs311fQpuupRxt1SWR8RYvV6RNEAxa1bDCJ78HEjq4GwLbk8iPA1 fKYd1EgtjW6EAjGQZkE+KtlNbFQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=linx.com; s=smtp; q=dns; h=Sender: To: Subject: MIME-Version: Content-type: From: Message-Id: Date; b=DzXD5jdRkQKAkLrFoh9gIE5wEEFBn00pI3eEJGYLrwRa8LHXGkhTezZC3fSTNJuYM6lcrE 9/xm1rE2fhGxFlMF+Q5hD5whNNdSb8veHv6rxUN+X198FlzQGdAbcQKUPyjBa7YKduP1N27z m5epbhbYNhBsilL8uzF+5NZnV9oy4= Sender: root=localhost.linx.com@linx.com X-Mailgun-Sending-Ip: 198.61.254.13 X-Mailgun-Sid: WyJiZmY4ZiIsICJmcmVlYnNkLXF1ZXN0aW9uc0BmcmVlYnNkLm9yZyIsICJkYTczOTIiXQ== Received: from 578509-app3.linx.com (578509-app3.linx.com [23.253.17.101]) by mxa.mailgun.org with ESMTP id 58c2b2c7.7fa3d2ecb730-smtp-out-n01; Fri, 10 Mar 2017 14:05:59 -0000 (UTC) Received: by 578509-app3.linx.com (Postfix, from userid 10006) id 3A0A0A619BA; Fri, 10 Mar 2017 08:05:33 -0600 (CST) To: freebsd-questions@freebsd.org Subject: [iTunes-Connect]Someone has been logged into your account from another country X-PHP-Originating-Script: 10006:mailer.php From: AppleID Message-Id: <20170310140533.3A0A0A619BA@578509-app3.linx.com> Date: Fri, 10 Mar 2017 08:05:33 -0600 (CST) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 14:16:08 -0000 From owner-freebsd-questions@freebsd.org Fri Mar 10 16:42:50 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AABB0D06B11 for ; Fri, 10 Mar 2017 16:42:50 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "inet08.hamilton.harte-lyne.ca", Issuer "CA_HLL_ISSUER_2016" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 7F935644 for ; Fri, 10 Mar 2017 16:42:50 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id 8DDA962378 for ; Fri, 10 Mar 2017 11:42:43 -0500 (EST) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from inet08.hamilton.harte-lyne.ca ([127.0.0.1]) by localhost (inet08.hamilton.harte-lyne.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qjOIYNzvA9aU for ; Fri, 10 Mar 2017 11:42:42 -0500 (EST) Received: from webmail.harte-lyne.ca (inet04.hamilton.harte-lyne.ca [216.185.71.24]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTPSA id 2DCE5621B6 for ; Fri, 10 Mar 2017 11:42:42 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=harte-lyne.ca; s=dkim_hll; t=1489164162; bh=FmJbfyyX2M1OV2jgwmyvndebiskobXbxjP1klhemfBg=; h=Date:Subject:From:To:Reply-To; b=vMg1uaGLqUMCl62J+LFjYk9cO9y4G83oHx+H6/ry+4d5noK2//rxCznb5JdjtACGD G8Y/Qe3cvNKbFPg8q0jCXyOllzkyTm1naLq9fHs841VLlt/r9hEXm4eFaoX9KQNmmC cl27ekyYdNfZ0UgeB33p8YW7KR4PaAXd8z0WJhruJlw4HGgOI+zJBEvmDVhJAvmwaC E+uVCNGrhSWcodX+btA3HJWh7ZlE27h9JEvFgRmq7/P1io1lrxmp70OWjgM0z4BMZf 2TljPAYz4K/rYelQiHbExdzg2Xu6b9QPY1ZEhKqx10DbPbrv67YzSd3sydzQ6ilOx8 0E5rDSvsTxRDA== Received: from 216.185.71.44 (SquirrelMail authenticated user byrnejb_hll) by webmail.harte-lyne.ca with HTTP; Fri, 10 Mar 2017 11:42:42 -0500 Message-ID: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> Date: Fri, 10 Mar 2017 11:42:42 -0500 Subject: daily security run output (setuid) From: "James B. Byrne" To: freebsd-questions@freebsd.org Reply-To: byrnejb@harte-lyne.ca User-Agent: SquirrelMail/1.4.22-4.el6 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 16:42:50 -0000 Following a recent update we began to see this report: Checking setuid files and devices: setuid diffs: --- /var/log/setuid.today 2017-01-18 03:01:01.000000000 -0500 +++ /tmp/security.saU3IUZT 2017-03-08 03:01:01.006331628 -0500 @@ -36,9 +36,9 @@ . . . - 70217 -rwsr-xr-x 1 root wheel 22416 Jan 12 00:09:17 2017 /usr/local/bin/pkexec . . . + 30527 -rwsr-xr-x 1 root wheel 22416 Feb 25 00:04:40 2017 /usr/local/bin/pkexec pkg which /usr/local/bin/pkexec /usr/local/bin/pkexec was installed by package polkit-0.113_3 pkg info polkit-0.113_3 polkit-0.113_3 Name : polkit Version : 0.113_3 Installed on : Tue Mar 7 15:31:14 2017 EST This was a legitimate update as far as I can see. I can see that the mtime value has changed but why does the update not account for this with the security system? -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 From owner-freebsd-questions@freebsd.org Fri Mar 10 17:04:46 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 38E61D06082 for ; Fri, 10 Mar 2017 17:04:46 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BA4131111 for ; Fri, 10 Mar 2017 17:04:45 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [85.199.232.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 9B25DEA8E for ; Fri, 10 Mar 2017 17:04:40 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/9B25DEA8E; dkim=none; dkim-atps=neutral Subject: Re: daily security run output (setuid) To: freebsd-questions@freebsd.org References: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> From: Matthew Seaman Message-ID: Date: Fri, 10 Mar 2017 17:04:34 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="fS7ffJkEFS5pAtncQnUShaadtnGI9nQr1" X-Spam-Status: No, score=0.9 required=5.0 tests=BAYES_00,RCVD_IN_RP_RNBL, RDNS_NONE,SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on smtp.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 17:04:46 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --fS7ffJkEFS5pAtncQnUShaadtnGI9nQr1 Content-Type: multipart/mixed; boundary="26IFhB7q8GWtp6G0paWsHBU1E47URuQ1L"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: Subject: Re: daily security run output (setuid) References: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> In-Reply-To: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> --26IFhB7q8GWtp6G0paWsHBU1E47URuQ1L Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2017/03/10 16:42, James B. Byrne via freebsd-questions wrote: > Following a recent update we began to see this report: >=20 > Checking setuid files and devices: >=20 > setuid diffs: > --- /var/log/setuid.today 2017-01-18 03:01:01.000000000 -0500 > +++ /tmp/security.saU3IUZT 2017-03-08 03:01:01.006331628 -0500 > @@ -36,9 +36,9 @@ > . . . >=20 > - 70217 -rwsr-xr-x 1 root wheel 22416 Jan 12 00:09:17 2017 > /usr/local/bin/pkexec > . . . > + 30527 -rwsr-xr-x 1 root wheel 22416 Feb 25 00:04:40 2017 > /usr/local/bin/pkexec >=20 > pkg which /usr/local/bin/pkexec > /usr/local/bin/pkexec was installed by package polkit-0.113_3 >=20 > pkg info polkit-0.113_3 > polkit-0.113_3 > Name : polkit > Version : 0.113_3 > Installed on : Tue Mar 7 15:31:14 2017 EST >=20 >=20 > This was a legitimate update as far as I can see. I can see that the > mtime value has changed but why does the update not account for this > with the security system? The security system? That makes it sound *way* more sophisticated than it really is. All that the setuid daily script does is run find(1) to locate all of the setuid files on the system, creates a sorted list, and then diffs that against the previous day's list. It tells you when there have been any changes to setuid files. It doesn't say anything about whether those changes are legitimate or not -- that's down to the (supposedly) intelligent administrators who read the email reports. The beauty of it is that it is so simple it is very hard to bamboozle. In this case, since it is a file from a pkg that you can verify was re-installed during the right timeframe then you can be pretty sure that nothing untoward is going on. Also running 'pkg check -s polkit' to verify that none of the checksums on the package's files have changed might provide additional peace of mind. Cheers, Matthew --26IFhB7q8GWtp6G0paWsHBU1E47URuQ1L-- --fS7ffJkEFS5pAtncQnUShaadtnGI9nQr1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJYwtyoXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnsFEQAIh2nILP2YF3sgH/3Ks8gxpc E4cxr7rKbbuq6aHOkvGJqJEqmq4xHMNv3s0ojFkRQ1qQ9LPhMPbpGxEVCuWxfRAm dr58Ru/wy81/6dLkfZcsESMnXh+z63bkvzp3qksa7SOIz5I9xmhlgTCFyPqsod/t h/PzdhU+lCj8wX5yIcPFYBWlUGzFQtwtRhGw3DZ1KtwfOydrbHGlgbHfiIPswq3n rTF+8ApYB+99JK5Daqp4q3fnbaYA/dGCGX8tJ/rF+rOpuUY3dqV2AZCBYDe+wh3O tSHS/K7SN5ODSWUk4PWMCyySZGeiXUwQ7Q2ztf/MnzP5+SpGY5lXiyl6n42vcj/e YD0pnissh+nIdu8UPFr0sxG3tkFC3JM/wGJN/mHLoQLvR11WUXDuoXJmiJA+hWK/ 5JbUsLhbfbgBG05NUT00pYZo5+qgJ1YWaSOjEeggI+vwu4XhyJkm28tP+X3uEwCe 0JzBrTsufB7QNh09zfBFV+NS+vxWfFGRcxMCujHvmqqqO8GYBp9zT4Rz1x6uaZmv NDijNPlBFFe7XyqBqIGiBQU10NorRxxkE0vj54T0ZA7R5H9BhCDAX+td29jhMlLY W7qJRkYOeuyguqPFXkxiYUL9NIrP1LB+9FjiChwVrw70TnYMOFzTgT/buEL15u9u hVrJwYLWClYw4n0Lg6XQ =mQ7F -----END PGP SIGNATURE----- --fS7ffJkEFS5pAtncQnUShaadtnGI9nQr1-- From owner-freebsd-questions@freebsd.org Fri Mar 10 17:12:13 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C49F5D063A5 for ; Fri, 10 Mar 2017 17:12:13 +0000 (UTC) (envelope-from Lowell@Be-Well.Ilk.Org) Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173]) by mx1.freebsd.org (Postfix) with ESMTP id 9BFFC1679 for ; Fri, 10 Mar 2017 17:12:13 +0000 (UTC) (envelope-from Lowell@Be-Well.Ilk.Org) Received: from lowell-desk.lan (router.lan [172.30.250.2]) by be-well.ilk.org (Postfix) with ESMTP id 02EE833C1E; Fri, 10 Mar 2017 12:12:00 -0500 (EST) Received: by lowell-desk.lan (Postfix, from userid 1147) id 8268A3981A; Fri, 10 Mar 2017 12:11:57 -0500 (EST) From: Lowell Gilbert To: "James B. Byrne via freebsd-questions" Cc: byrnejb@harte-lyne.ca Subject: Re: daily security run output (setuid) References: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> Date: Fri, 10 Mar 2017 12:11:57 -0500 In-Reply-To: <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> (James B. Byrne via freebsd-questions's message of "Fri, 10 Mar 2017 11:42:42 -0500") Message-ID: <44bmt9jbtu.fsf@lowell-desk.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 17:12:13 -0000 "James B. Byrne via freebsd-questions" writes: > Following a recent update we began to see this report: > > Checking setuid files and devices: [...] > This was a legitimate update as far as I can see. I can see that the > mtime value has changed but why does the update not account for this > with the security system? Because having "the security system" trust that the the port update was initiated by an appropriately authorized user would make it too easy to hide a security breach. From owner-freebsd-questions@freebsd.org Fri Mar 10 19:03:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DAA86D0650E for ; Fri, 10 Mar 2017 19:03:17 +0000 (UTC) (envelope-from bob@immure.com) Received: from maul.immure.com (108-84-10-9.lightspeed.austtx.sbcglobal.net [108.84.10.9]) by mx1.freebsd.org (Postfix) with ESMTP id BC19013B8 for ; Fri, 10 Mar 2017 19:03:16 +0000 (UTC) (envelope-from bob@immure.com) Received: from rancor.immure.com ([10.1.132.9]) by maul.immure.com with esmtp (Exim 4.88 (FreeBSD)) (envelope-from ) id 1cmPoj-000ArT-T6 for freebsd-questions@freebsd.org; Fri, 10 Mar 2017 13:03:10 -0600 Received: from rancor.immure.com (localhost [127.0.0.1]) by rancor.immure.com (8.15.2/8.15.2) with ESMTP id v2AJ39Hq029904 for ; Fri, 10 Mar 2017 13:03:09 -0600 (CST) (envelope-from bob@rancor.immure.com) Received: (from bob@localhost) by rancor.immure.com (8.15.2/8.14.9/Submit) id v2AJ39sC029903 for freebsd-questions@freebsd.org; Fri, 10 Mar 2017 13:03:09 -0600 (CST) (envelope-from bob) Date: Fri, 10 Mar 2017 13:03:09 -0600 From: Bob Willcox To: questions list Subject: Reboot hangs on a FreeBSD system I'm building Message-ID: <20170310190308.GA29798@rancor.immure.com> Reply-To: Bob Willcox MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.7.2 (2016-11-26) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Mar 2017 19:03:18 -0000 I'm building a system to act as a fileserver for my network and things are going reasonably well so far except that when I reboot it via the reboot command it gets to the point after it has successfully sync'd the filesystem caches and the just hangs there. Note that it will respond to pings from other systems on the network but keyboard activity is ignored. Here's the uname output: FreeBSD yoda.immure.com 11.0-STABLE FreeBSD 11.0-STABLE #1 r315001: Fri Mar 10 08:38:20 CST 2017 bob@yoda.immure.com:/usr/obj/usr/src/sys/YODA amd64 This is running on an Asus H170I-Pro motherboard and has a Samsung 960 EVO M.2 PCIe NVMe boot drive. The UEFI BIOS settings are all at their defaults. I planning to check the BIOS settings to see if changing any of them will make a difference. Note that the root/boot drive is ZFS in case that matters. -- Bob Willcox | If a program is useful, it will be changed. bob@immure.com | Austin, TX | From owner-freebsd-questions@freebsd.org Sat Mar 11 00:51:41 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 968AFD04C29 for ; Sat, 11 Mar 2017 00:51:41 +0000 (UTC) (envelope-from bsalai@gmail.com) Received: from mail-qt0-x234.google.com (mail-qt0-x234.google.com [IPv6:2607:f8b0:400d:c0d::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3E2372A9 for ; Sat, 11 Mar 2017 00:51:41 +0000 (UTC) (envelope-from bsalai@gmail.com) Received: by mail-qt0-x234.google.com with SMTP id i34so1578420qtc.0 for ; Fri, 10 Mar 2017 16:51:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:date:subject:message-id :to; bh=vI84abJrH5LmskM3RGigmCRylQWfjNtvkFvT7XJ5kD4=; b=OEDH2ZcpPkVtgkW9kOgMpg4vgZ9UmvdbA1JqMPi1ZgNkQbqCbvctkfus4g+xmA++4I 6xPR56ntnXxfWPRSN0UbN654wvrbupdyVoJXgnAAw/g4WI8n9xUOWUJEJ/43JahqVfsE jLVV9AxUTKss9tiQDPYHrPMKnpbruNOC1IzgTcaqBy7+o9yzNFv4Wm3i3pw42n6WUWMT qfxecoFfD0IbUgAdpXCiSLG4yG7LBjroQwcjvdec/uPGDMiXqVXAnhd5bIGSPJb2iTiw ZBAxoUr/nrZxKnWoXnCn9O+ctYNYeu4TrUW8Np3ucUgUh/SZtF7I4v0LNyPfv2+wAsBX ONpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version:date :subject:message-id:to; bh=vI84abJrH5LmskM3RGigmCRylQWfjNtvkFvT7XJ5kD4=; b=OOv/nrmUqx+tz+7tbJ+Cq7JJHnUClqKCBz+UBPYUrxCTvSjTv+NdOaop3hv4uIXrdh cm5Pi7btapFSNHiSYuNbXlf+KvRvlT/eQ74l3RblGK06itEuir+fJFV/4gXzq++mLgP5 k5QxqnKgTnRinFZb5RIi/4xALOkKdA8gO2izB9Rbkzh1SaMgbLt3y5JZ/4NAwM2GAUd/ iiVmQDe5gaSkoLPzSfI+o/xgOmCIfqZtV2OQYXnnYh2qZF26my7m/xSuyHaSzql+8vgy tbcxLTLcadzCsj9SCB/ZQcaMLQ+6AeMkiFm57rJ27Ff/st8JMgm3Zyv13HzVb/8ryGod oXLg== X-Gm-Message-State: AMke39lG5Mq15tLHXqjNq3i5qq9NxSYvI9QrjKaeKlJ6nUi6vehUwx/QJpZUdc2DCX4kmw== X-Received: by 10.237.53.9 with SMTP id a9mr21974861qte.188.1489193497193; Fri, 10 Mar 2017 16:51:37 -0800 (PST) Received: from [10.0.1.6] (cpe-98-5-143-38.buffalo.res.rr.com. [98.5.143.38]) by smtp.gmail.com with ESMTPSA id f56sm7483926qta.14.2017.03.10.16.51.36 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Mar 2017 16:51:36 -0800 (PST) From: Brad Salai Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Date: Fri, 10 Mar 2017 19:51:35 -0500 Subject: Noob question Message-Id: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> To: freebsd-questions@freebsd.org X-Mailer: iPhone Mail (14D27) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 00:51:41 -0000 I've just finished a clean install of FreeBSD 11 on an HP desktop that I got= for free (I know that's not relevant but I'm telling everyone.) I got Gnome running and installed Libre Office without issues. Then I tried T= eXlive as a package and Arduino as a port. Both completed successfully, but n= either showed up in Gnome and I can't figure out the path to add to start th= em manually. Can anyone help? Brad Brad Salai (585) 708-9235 Bsalai@gmail.com From owner-freebsd-questions@freebsd.org Sat Mar 11 01:12:29 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5C5C8D04572 for ; Sat, 11 Mar 2017 01:12:29 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: from mail-wm0-x229.google.com (mail-wm0-x229.google.com [IPv6:2a00:1450:400c:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E7E5D10BD for ; Sat, 11 Mar 2017 01:12:28 +0000 (UTC) (envelope-from xxjack12xx@gmail.com) Received: by mail-wm0-x229.google.com with SMTP id t189so6637707wmt.1 for ; Fri, 10 Mar 2017 17:12:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=3dVfeq8PsRD7p5EGu0Oqdv5DDea08ZpUMet3iaOLA4E=; b=p+JWhZ94MWn/b+bWqsZkWX0MUuthMrwLPPHxhAzS3A7tQJDSgma1EC4SBtD4/L3sm1 lMFLOmfnP+1MLdCM2+E/NlUYK5fM7Al5GcTTjxF99Z6zUZlQkFhZBV0zAowDpeFX6tiw 89y/vHXjY1zS6tgvjHMQfnq/eXoMgT/+sP4vL8mAYPkMhRadOy+8aDu2/NYy2mLssaxU uCjL5hGgkJ8Y6rzNghlNuwKPrWvl6mcsWmWVmYekMBOHSNeefVCanKRJQcvUvmkKKsh+ L+5InPOfqCCvQgjFk9fp/z8XkjpEhJLPHKIFjZt/sxaF29B0SVo5ZhIiG4m8yfXBDGiU EPGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=3dVfeq8PsRD7p5EGu0Oqdv5DDea08ZpUMet3iaOLA4E=; b=C2upsFG9LwZ2rH9h1FRmdGan12Q6clSAx8gunjKlTbNhAVS/+ISBH6egHQOpsAfc5+ 8GtMLRh3FXn3pg1oRrs1RnyMYZOdmCTB9JxVMhPGmIs2BJxzHn4705H5HdimZq/6KKd3 8HJS2csa8AET7aaWVmv0LVfBGaCDsz7z8jkOjCVPJBpl0PZVmkrFcbSw6A1vzKSJD/Xc M14cFWPvTZaGwnw6N8u9Ufq5+XwbTBCU/9O31xu0lJXJCNhuNpgg9Wy/pCOGbRL8kNeG OKs+6zF5NEb97Ew4GtU62PsXxD2N6NnbIcayjboaEK8rDmlo4DQeFRMp3S3ee9n7fSre q5Zw== X-Gm-Message-State: AFeK/H1YH/OShT52JmoE02JrAegLsh8PXgyE0AdBWJ5YuTSD6Zh+DsXKY8t+RKmATiftBeLpiA1oh40if6QtrA== X-Received: by 10.28.84.18 with SMTP id i18mr1367829wmb.12.1489194746596; Fri, 10 Mar 2017 17:12:26 -0800 (PST) MIME-Version: 1.0 Received: by 10.223.153.228 with HTTP; Fri, 10 Mar 2017 17:11:45 -0800 (PST) In-Reply-To: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> References: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> From: "Jack L." Date: Fri, 10 Mar 2017 17:11:45 -0800 Message-ID: Subject: Re: Noob question To: Brad Salai Cc: "freebsd-questions@freebsd.org" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 01:12:29 -0000 You can run pkg info --list-files packagename and that will give you a list of where all the installed files are On Fri, Mar 10, 2017 at 4:51 PM, Brad Salai wrote: > I've just finished a clean install of FreeBSD 11 on an HP desktop that I = got for free (I know that's not relevant but I'm telling everyone.) > I got Gnome running and installed Libre Office without issues. Then I tri= ed TeXlive as a package and Arduino as a port. Both completed successfully,= but neither showed up in Gnome and I can't figure out the path to add to s= tart them manually. Can anyone help? > Brad > > Brad Salai > (585) 708-9235 > Bsalai@gmail.com > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" From owner-freebsd-questions@freebsd.org Sat Mar 11 01:40:09 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 91724D06E17 for ; Sat, 11 Mar 2017 01:40:09 +0000 (UTC) (envelope-from sakhmatd@inventati.org) Received: from perdizione.investici.org (perdizione.investici.org [IPv6:2001:41d0:2:33d0::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.autistici.org", Issuer "Autistici/Inventati Certification Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5A3CC2F0 for ; Sat, 11 Mar 2017 01:40:09 +0000 (UTC) (envelope-from sakhmatd@inventati.org) Received: from [94.23.50.208] (perdizione [94.23.50.208]) (Authenticated sender: sakhmatd@inventati.org) by localhost (Postfix) with ESMTPSA id 62A551210DA; Sat, 11 Mar 2017 01:40:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=inventati.org; s=stigmate; t=1489196407; bh=Vb/szC3bVSu0LFKiWAIOcJI+MBBkUvIjNte9hWRGeGw=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=PDOtzhS1isUVjhREn8n2/nJvuhmmw5vqTcQKAzZsTBx3yta1j9bSCiSDynPsRvIzE suFm7vdFvnhf/jO/4Iagm5U2Xt5OLNAmvIAYCntkSQ68okiuJoMnbYvJVA8HoA6Pfu u1b4iZW3Dt8EoIrWf8zpNVSUce3csA6pHND2s6xQ= Date: Fri, 10 Mar 2017 20:39:33 -0500 From: Sergei Akhmatdinov To: Brad Salai Cc: freebsd-questions@freebsd.org Subject: Re: Libreoffice and Arduino do not show up in gnome-menu Message-ID: <20170311013933.4qn72svt4nodgiut@silverbeast> Mail-Followup-To: Sergei Akhmatdinov , Brad Salai , freebsd-questions@freebsd.org References: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="e5odov7oipx6pmc7" Content-Disposition: inline In-Reply-To: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> X-Operating-System: FreeBSD 11.0-STABLE X-Mailer: NeoMutt 1.7.2 User-Agent: NeoMutt/20170225 (1.8.0) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 01:40:09 -0000 --e5odov7oipx6pmc7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 10, 2017 at 07:51:35PM -0500, Brad Salai wrote: > I've just finished a clean install of FreeBSD 11 on an HP desktop that I = got for free (I know that's not relevant but I'm telling everyone.) > I got Gnome running and installed Libre Office without issues. Then I tri= ed TeXlive as a package and Arduino as a port. Both completed successfully,= but neither showed up in Gnome and I can't figure out the path to add to s= tart them manually. Can anyone help? > Brad $ which binary-name That should get you the path to the installed binary. For Libreoffice, that would be=20 $ which libreoffice I don't use Gnome, but it probably reads your=20 /usr/local/share/applications directory. Try adding .desktop files to it manually. Although it's suspicious that they aren't there already or that Gnome wouldn't pick them up if they are. Also, just a piece of friendly advice:=20 Try to give more discriptive subject lines when posting to the mailing list next time. It helps other people to help you. :) Cheers, -- Sergei Akhmatdinov My GPG public key: gpg --keyserver pgp.mit.edu --recv-keys AD800D99 --e5odov7oipx6pmc7 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsummKCcus6yGvH0NK5XevCV5XpIFAljDVUkACgkQK5XevCV5 XpI0oQ//Y8fD4kgrIIVZlbEYNjdW0bEQO06ZQD35Xyje7MVoDuOjV546C0oebNQ3 e+pOOXdeHQtfS7AoYVGUFkPeATeSOH6gMWXfyQxUekJjLYpL200d0b9TtBbmn8kx 6T1wjPZeS5ASlTRHQDGx1VuoE07ft/TosMDroK+7r/Z0TbtxJVN6Fs0Y+cTiaARK ATqe1BgIOQxClVAS2+2jgkO/4cicwM8EKqw77DIDmb7HPmyRc8EBzvYHUFV3u6Ek gY1kH9pfJa+/gG094JIlfmzBSFzMp1hqcJKCxoN4r6PTmR8602YPVT8ZR+gBoHtS 4eUGakMFSMGdoD4ddpy6FrD8A7xQ1W1oQRF7BBNQ9GGKUpi+oHTz4nLprCLeR94e 0IQSSWVo77jW6ZQnwkC9mr1ih9N3ffrwxIcHj8npkk3zDauWh4ze2OV2T+1yetoa Nlha+L/N/Kw3sQCgR5U91knLcEu5Wq1CU6MVAdwygyC3Xp3zdi7Ewmhv9+NC6O7u dum+Pa08fXGXvq3wevw4ej+DOZpVV7XVwVXDqz2LEhHTgHHXNqFmw7GHkysbjiw7 WNcThBkel5056xaSXyBo7SUPR8ZlDQmWddOi7CU00FrkEPWJWquAD+qwL24DAAIt tb2Uf+8QR2s1E9gHv7xqy+CgQ/cpZrW6IPWDHiBeitnyOzcezSg= =XN/i -----END PGP SIGNATURE----- --e5odov7oipx6pmc7-- From owner-freebsd-questions@freebsd.org Sat Mar 11 01:42:14 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6697AD0718A for ; Sat, 11 Mar 2017 01:42:14 +0000 (UTC) (envelope-from zarniwhoop@ntlworld.com) Received: from know-smtprelay-omc-6.server.virginmedia.net (know-smtprelay-omc-6.server.virginmedia.net [80.0.253.70]) by mx1.freebsd.org (Postfix) with ESMTP id D7EB8967 for ; Sat, 11 Mar 2017 01:42:13 +0000 (UTC) (envelope-from zarniwhoop@ntlworld.com) Received: from localhost.localdomain ([81.97.232.230]) by know-smtprelay-6-imp with bizsmtp id uRh11u0064yv82R01Rh1oM; Sat, 11 Mar 2017 01:41:01 +0000 X-Originating-IP: [81.97.232.230] X-Spam: 0 X-Authority: v=2.1 cv=H94muLsi c=1 sm=1 tr=0 a=obylDaYnIsVqxbenyIBF4Q==:117 a=obylDaYnIsVqxbenyIBF4Q==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=Eq9Hzjjlrt8A:10 a=6Iz7jQTuP9IA:10 a=-Z53KwaH7bQ1aHMzd98A:9 a=QEXdDO2ut3YA:10 Received: by localhost.localdomain (Postfix, from userid 500) id 7B01748466; Sat, 11 Mar 2017 01:41:01 +0000 (GMT) Date: Sat, 11 Mar 2017 01:41:01 +0000 From: Ken Moffat To: freebsd-questions@freebsd.org Subject: Re: Noob question Message-ID: <20170311014101.GA18045@milliways.localdomain> References: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline X-Clacks-Overhead: GNU Terry Pratchett Content-Transfer-Encoding: 8bit In-Reply-To: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> User-Agent: Mutt/1.8.0 (2017-02-23) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 01:42:14 -0000 On Fri, Mar 10, 2017 at 07:51:35PM -0500, Brad Salai wrote: > I've just finished a clean install of FreeBSD 11 on an HP desktop that I got for free (I know that's not relevant but I'm telling everyone.) > I got Gnome running and installed Libre Office without issues. Then I tried TeXlive as a package and Arduino as a port. Both completed successfully, but neither showed up in Gnome and I can't figure out the path to add to start them manually. Can anyone help? > Brad > No idea about arduino, but texlive - at least in a full install - contains a lot of different things. At a minimum, you probably want to run one of the engines, e.g. using pdflatex on a .tex file to create a text PDF. For more complex PDFs (adding things for images, or using other programs for indexing or bibliographies) you will probably want to create a Makefile. For a basic PDF that, you open your term of choice (gnome-terminal, I suppose), run 'which' to see if pdflatex (or one of the other engines, e.g. lualatex, xelatex, or even context) is on your PATH. If it isn't, you use find or locate to see where it is, and then add that directory to your PATH. But I guess that installing the package will have fixed that up. Finally, you create your tex file in your preferred editor, and then from your term you invoke the engine on the tex file, fix any errors and repeat until you get a PDF, open that in your viewer (evince, for gnome) and review, then fix any spelling or formatting errors and repeat. So, providing it is all on your PATH, you just go in and do it. If you want a gui front-end, perhaps get TeXworks which appears to be a package. In windows versions of texlive, TeXworks is included - but not in 'nix versions : it has additional dependencies such as Qt. Happy TeXing. ĸen -- `I shall take my mountains', said Lu-Tze. `The climate will be good for them.' -- Small Gods From owner-freebsd-questions@freebsd.org Sat Mar 11 12:07:58 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 130EFD08D20 for ; Sat, 11 Mar 2017 12:07:58 +0000 (UTC) (envelope-from d@l.ynx.fr) Received: from mailer.daserv.fr (daserv.fr [91.121.223.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D55CB195F for ; Sat, 11 Mar 2017 12:07:56 +0000 (UTC) (envelope-from d@l.ynx.fr) Received: from mailpile.local (mailpile.ynx.fr [192.168.1.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mailer.daserv.fr (Postfix) with ESMTPS id A39A9441; Sat, 11 Mar 2017 11:49:48 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ynx.fr; s=YNX_KEY; t=1489229388; bh=QS377kbZQApB3acs82aHrpJSOUBiFyZ8a91i30tYkBM=; h=Subject:From:To:Date; b=W/rW+tHH5nVaj7RunlB3B9qZjeSaFNVjpsWKPBzsYQx/g6SDbAMU18/DuFkOo95wc CznPEmiOcX8ny/eMh3Coy43cse/gbG/I9zIeC5YOOkve90QtHXyplfVXH89gAXpseg s+OJmwg3R+Wm1zNOJJ6DfIDjrEuRMeFJZj1Hr4L0= MIME-Version: 1.0 Subject: Jail limited user cannot access host mountpoint although jail root can From: DaLynX To: freebsd-questions User-Agent: Mailpile Message-Id: Date: Sat, 11 Mar 2017 02:59:47 -0000 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 12:07:58 -0000 Hello, I am trying to make my setup work with jails and got stuck in the following situation: - Host is mounting a fuse filesystem (because I couldn't make it work directly inside the jail - although the /dev/fuse device was accessible) in the jail's chroot. - From root@host, everything looks fine. - root@jail, too, can access the mounted filesystem, read files, no problem. - limited@jail can see the mountpoints but cannot access them in any way (no cd, no ls...) although the file permissions look okay (it's all 755, and for some reason limited is the owner of all mountpoints). What could have gone wrong? I tried playing around with vfs.usermount on the host or enforce_statfs on the jail but it makes no difference. Any pointers would be greatly appreciated. Kind regards, DaLynX From owner-freebsd-questions@freebsd.org Sat Mar 11 13:23:22 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27CAFD07971 for ; Sat, 11 Mar 2017 13:23:22 +0000 (UTC) (envelope-from lists@bertram-scharpf.de) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.kundenserver.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 805E222A for ; Sat, 11 Mar 2017 13:23:20 +0000 (UTC) (envelope-from lists@bertram-scharpf.de) Received: from becker.bs.l ([85.180.8.195]) by mrelayeu.kundenserver.de (mreue005 [212.227.15.129]) with ESMTPSA (Nemesis) id 0LkUcJ-1cEisw48hX-00cO8W for ; Sat, 11 Mar 2017 14:23:18 +0100 Received: from bsch by becker.bs.l with local (Exim 4.88 (FreeBSD)) (envelope-from ) id 1cmgzN-0004Xz-Ho for freebsd-questions@freebsd.org; Sat, 11 Mar 2017 14:23:17 +0100 Date: Sat, 11 Mar 2017 14:23:17 +0100 From: Bertram Scharpf To: freebsd-questions@freebsd.org Subject: The challenging Ports design Message-ID: <20170311132317.GA17391@becker.bs.l> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.7.2 (2016-11-26) Sender: Bertram Scharpf X-Provags-ID: V03:K0:UNaYmIVNTcYOVzbex//PiBZZdPBWGpgkT+7MzrNQnG/YaDtSH2C +ihV0o15VGXfIpPJkFE03TIm1qsNFUfRzjTk8QuuQHu7cqFwV3+zTuq9ZTqhIc40UpSwLAN pziJgGJWsSA9E0JY/tSv2LZzHQVIXkb56U9/eaJ4pP+hdDB4OsI/i7cbTffwDmhcLhaDP3h 8pi3Qtc4RNAWdLT8TmSPA== X-UI-Out-Filterresults: notjunk:1;V01:K0:prrqA1B29Fc=:3Reh3dXNsRnYyhXRNo8v8n 0KwuGKIuoH/P4tGwGsa6uXfWhS2/cG8DNNKzwDMzKM/D7lNZBV8A1nIAVVmPSir4OA2dsZnh1 gKGnVR4h2bsbs/XZkVopFwmFI2x1aXGLyTrU29wu6LIctgDvwZhjE9EdNT0cu100SmUwhgIge DKPQkJy5FFTZxOsGBpwISkzFTt5wMKZVRUregbcPdfiR2mvOnuICiFDLrZLnU+d1eSqePH+cl QwlNZNnoMlxK1X1ZTQetdYBM6GMZ+CXH2vFWzpJ0SaVWkM1AXd7i1Ic2k8H1fxQ/7ZoTy95D7 Q+qp7vgIXZCpr11653QRcpmo0qIErPPyZ5cxpOsd3jXHGML8tAx8m03BNlz1UB3+nfw0+mh4U W9GQ4xjW6ZMjMz3dsmIdSK+lKcRIbUfjuKm2enxES6dFzYFt8aNLmVZ3zM209XQryqylmwuug FDKGFmMbTmTGE5XJ5XzyPfWWtXTZm0w/4GlDPTDaWxoUWvDzqE3V/wVuH9hvDK70crQOztmOP alKvMO7CfSL1E4Cv5nAL8D04tSW8VBGItt1Fy5XxxBs++BZH7mDsJJiM1jezR/oZtRlJpVrB3 sfSy7/+7uTAci7Oq78QTm7saJnJ6jsUzlwwY5/L+dOxHmUJK04j7UU0h7LUvbnHhn/43s6XEz tMlFH3s2evugc3LrxBJZzmcUF3ymYMHllgQNcXMRPcqiH8Dk3aabvjzrcE3gQldemu1o= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 13:23:22 -0000 Hi, # cd /usr/ports/devel/fossil # make install [...] Error: Unknown option --without-tcl Try: 'configure --help' for options ===> Script "configure" failed unexpectedly. Please report the problem to [...] The problem is that Fossil uses "autosetup", an "automake" replacement that has no "--without-XXX" options. You cannot switch that off in /usr/ports/Mk/bsd.options.mk, line 566. In this context the word "unexpectedly" is quite venturesome. Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de From owner-freebsd-questions@freebsd.org Sat Mar 11 13:35:11 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EBA9DD07E32 for ; Sat, 11 Mar 2017 13:35:11 +0000 (UTC) (envelope-from alnis.moritz@gmail.com) Received: from mail-lf0-x22e.google.com (mail-lf0-x22e.google.com [IPv6:2a00:1450:4010:c07::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 70292A75 for ; Sat, 11 Mar 2017 13:35:11 +0000 (UTC) (envelope-from alnis.moritz@gmail.com) Received: by mail-lf0-x22e.google.com with SMTP id z15so27910193lfd.1 for ; Sat, 11 Mar 2017 05:35:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=6fkzmj/+ONSWS1ae86NHHe+XGBkXmnGHVZpOGEllSJE=; b=t2dzLG5fiPv6oM2mx4yvECOQPo1DyQGq6M6pn3x/Sc7XTkVxxfhrHKl6kt0C+/dchJ N7L0IafPtEL+aMRDj2/lMh+EMmOzxzjiGgDt1sBMRJAfBmE6rlZKDygnneM9PwANzgDW nZziImm4CSRSqXkXjwGVm46Iye5irNm0TensrvNR+WtiKW5U2rcQbAXvA80eGe9Oj1+s TARI6yuG1nyKdMkZtKJhxCb7L7xovWXxPTOxB8jEPAwyPAoZmgfEY/4L4q7We8qFWWGz dV7xYIsbDIDmqwp5e/vwLdx+XSTEGxzWP2cernuy7OAGhhhEEBKbMY2I0KZbTS3m8m0Z snew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=6fkzmj/+ONSWS1ae86NHHe+XGBkXmnGHVZpOGEllSJE=; b=VUJv7LAzQ+ubdTx5JZGSFjd8D08WVrcAQ42NGIj41hJBq3ceIQ+oCg79pin2HVtRo4 sQbwohJybPD7URpYgFRviCrS66j26heoSuCkpKLjFqLuNK8zr4qa/gwmjF+awu4sSrzB gvaKpAyq8hC8UAwDCPB6vlgLoRWK8gy6Ufi5D9HdPikij1HmM9yjGtJBCL5FQmmwnwka c5iFJop8sXQ0FhhsqSkwS7ybO/i4q1BwMd4+TbWVNu5/1ImzHnctkvIiuZRwhRHvuv8K lCrsyna8Kca6L52Cpl/ECRK+NsRi1uw0GsS0U54CAhsTvMmy30CHliGKx4JulReu5aLw NAaQ== X-Gm-Message-State: AMke39l1E3qPrJpNNFe0VWzww+fQIWFSjIlrVaX4O9Lz/xP0tsYIbXnBAyWGBxCkbds+tw== X-Received: by 10.46.84.84 with SMTP id y20mr6946440ljd.126.1489239308250; Sat, 11 Mar 2017 05:35:08 -0800 (PST) Received: from blazon-pfbsd.rw.lan ([78.84.248.245]) by smtp.gmail.com with ESMTPSA id 16sm1189793ljv.67.2017.03.11.05.35.07 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 11 Mar 2017 05:35:07 -0800 (PST) Subject: Re: Jail limited user cannot access host mountpoint although jail root can To: freebsd-questions@freebsd.org References: From: Alnis Morics Message-ID: Date: Sat, 11 Mar 2017 15:35:06 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 13:35:12 -0000 On 03/11/2017 04:59, DaLynX via freebsd-questions wrote: > Hello, > > I am trying to make my setup work with jails and got stuck in the > following situation: > > - Host is mounting a fuse filesystem (because I couldn't make it work directly inside the jail - although the /dev/fuse device was accessible) in the jail's chroot. > - From root@host, everything looks fine. > - root@jail, too, can access the mounted filesystem, read files, no problem. > - limited@jail can see the mountpoints but cannot access them in any way (no cd, no ls...) although the file permissions look okay (it's all 755, and for some reason limited is the owner of all mountpoints). > > What could have gone wrong? I tried playing around with > vfs.usermount on the host or enforce_statfs on the jail but it > makes no difference. > > Any pointers would be greatly appreciated. > > Kind regards, > DaLynX Why not use mount_nullfs(8)? Like: mount_nullfs /usr/jails// -Alnis From owner-freebsd-questions@freebsd.org Sat Mar 11 13:49:23 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4D76ED061AA for ; Sat, 11 Mar 2017 13:49:23 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from hz.citrin.ru (hz.citrin.ru [IPv6:2a01:4f8:d16:10c3::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 15789EC1; Sat, 11 Mar 2017 13:49:23 +0000 (UTC) (envelope-from citrin+bsd@citrin.ru) Received: from x220.lan (c-24-60-168-172.hsd1.ct.comcast.net [24.60.168.172]) by hz.citrin.ru (Postfix) with ESMTPSA id 9C0A029A35F; Sat, 11 Mar 2017 13:49:18 +0000 (UTC) Subject: Re: The challenging Ports design To: freebsd-questions@freebsd.org References: <20170311132317.GA17391@becker.bs.l> Cc: gahr@FreeBSD.org From: Anton Yuzhaninov Message-ID: <1cacc067-33c8-d5ff-d8bd-4a640afb811c@citrin.ru> Date: Sat, 11 Mar 2017 08:49:14 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170311132317.GA17391@becker.bs.l> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrin.ru; s=s0; t=1489240159; bh=Nkotq64dSKJwdfJA9NPaVMp+qtKMWM7Rdow9EhNJDUQ=; h=Subject:To:References:Cc:From:Message-ID:Date:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=SE85AbJUJ8c4rdLaCVynfSjTthPYVWTnpX+RHssvEA7SMxKiD8uSjJuAS3Tv6+Fdx+rKE2WMQuBY5f5600dD2hvdHoGkO5lw4AnHmrGXwKBx7MtE6kBm1viY9YhUX5ppNt6HxxLmiGULbIk0szqXFGjHvC88n08W/Zm9UvJ4ao4= X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 13:49:23 -0000 On 03/11/17 08:23, Bertram Scharpf wrote: > # cd /usr/ports/devel/fossil > # make install > [...] > Error: Unknown option --without-tcl > Try: 'configure --help' for options > ===> Script "configure" failed unexpectedly. > Please report the problem to [...] > > The problem is that Fossil uses "autosetup", an "automake" > replacement that has no "--without-XXX" options. Port seems to be was broken by this commit: https://svnweb.freebsd.org/ports?view=revision&revision=435831 I've added port maintainer to CC. From owner-freebsd-questions@freebsd.org Sat Mar 11 14:16:02 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 22F43D069D4 for ; Sat, 11 Mar 2017 14:16:02 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7B2301BAA for ; Sat, 11 Mar 2017 14:16:00 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id v2BEFaXL025644; Sun, 12 Mar 2017 01:15:39 +1100 (EST) (envelope-from smithi@nimnet.asn.au) Date: Sun, 12 Mar 2017 01:15:36 +1100 (EST) From: Ian Smith To: Victor Sudakov cc: Polytropon , Michael Wilcox , freebsd-questions@freebsd.org Subject: Re: UFW-Like frontend for IPFW In-Reply-To: <20170310083233.GA15405@admin.sibptus.transneft.ru> Message-ID: <20170312003415.A31244@sola.nimnet.asn.au> References: <20170307233222.E87835@sola.nimnet.asn.au> <20170308122925.GA67654@admin.sibptus.transneft.ru> <20170309023112.M80813@sola.nimnet.asn.au> <20170310083233.GA15405@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 14:16:02 -0000 On Fri, 10 Mar 2017 15:32:33 +0700, Victor Sudakov wrote: > Ian Smith wrote: [..] > > > > Just roughly, as a partial sketch, and assuming all at layer 3 (ip): > > > > > > > > check-state // pass established dynamic flows > > > > > > > > # can only check both interfaces on 'out' packets, leaving ipfw > > > > deny tcp from any to any out recv $dmz_if xmit $inside_if setup > > > > deny udp from any to any out recv $dmz_if xmit $inside_if [..] > > > > # then (or earlier, if you prefer) separate flows for inside|dmz > > > > # then allow services on inside and dmz, perhaps using static rules > > > > # then allow access from inside|dmz to dmz|outside statefully. > > > > > > Yes, that's basically what I usually come to. > > > But it would be much nicer to write a macro like that: > > > > > > nameif fxp0 outside security0 > > > nameif fxp1 inside security100 > > > nameif fxp2 dmz security50 > > > permit tcp from any to any eq 80 in interface dmz > > > permit tcp from any to 10.10.5.1 eq 3389 in interface inside > > > > > > and to have all the gory details configured for you automagically. > > > > Well yes, but I think you'll find that non-trivial to do. > > I have. As would I, which is why I'm not even considering attempting it :) > > Perhaps start by declaring actual ipfw rules you expect such a syntax to > > produce from your example above; then figure out how to generate those? > > Oh, if I could imagine the actual ipfw rules, I would have done this > long ago. Superficially, they should boil down to a bunch of rules like > > check-state > permit ip from any to any in via XXX out via YYY keep-state > permit ip from any to any in via QQQ out via ZZZ keep-state > deny ip from any to any > > but in practice, there is always some show-stopper. Well, this would involve crafting some distict 'blocks' of rules for specific functions - subroutines with parameters, if you like - that will each be far more complex than your hoped-for simplicity above. And you'll need thorough knowledge of how works ipfw(8). e.g. 'in' and 'out' are mutually exclusive, "(in fact, out is implemented as not in)", and as noted above, both interfaces can only be tested on the way 'out'. So you really do need to know what you want to do a) on packets into ipfw (from each interface) and, for those packets that were accepted in, b) on packets on the outbound pass - which may include packets generated on this box, having no recv interface - again for each interface, while incorporating your desired security boundaries by zones. > > See ipfw(8) /LIST OF RULES AND PREPROCESSING > > Been there, done that. Using a shell script with loops and variables > for networks and interfaces turned out to be so much simpler than using a > preprocessor. Fair enough. However, you've set yourself a genuinely difficult task, not so much for a specific set of circumstances such as you described, but especially for any more generalised 'macro' sense. Good luck! When in doubt, log every rule - at least while testing! cheers, Ian From owner-freebsd-questions@freebsd.org Sat Mar 11 15:50:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE0E3D074F2 for ; Sat, 11 Mar 2017 15:50:39 +0000 (UTC) (envelope-from bsalai@gmail.com) Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8CD70119B for ; Sat, 11 Mar 2017 15:50:39 +0000 (UTC) (envelope-from bsalai@gmail.com) Received: by mail-qk0-x22d.google.com with SMTP id p64so198262462qke.1 for ; Sat, 11 Mar 2017 07:50:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:date:subject:message-id :references:in-reply-to:to; bh=wzZVC9Mo0qti+OqXdnzyGoMqSRSnUFPlNrtIvQ9hF4U=; b=u/25jEtDVGaUkzhHXpaasjC1zpFTevXQEos7eYucs1Nfddy5hm99Oo+8wzz8G6gv5x GlKsmFY4aIVcskrnTEqMmHIXao3VqYfkKqvDPNX2R8swQcxAlkccc3sNJGtfdUspfSty D2C5/JYQp8xn2VBii3VH/QnoeV7naohq9NNx3/8xW+tnnilrh7VF4ioG0ArJxQAqiP3p Ot39RJiiJujiAbCNnQdbT7MRGsHtel3f6Xx75HGcGqpPcE8OyFEZ48WRNu1ufg5SVfgc B0W/qvPWp3sZaM6u6vOtyU5jqBbaEy4bo58Y0jnSM66X8HT7nbxjrRcewSkgYgh1YXUg Vefw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version:date :subject:message-id:references:in-reply-to:to; bh=wzZVC9Mo0qti+OqXdnzyGoMqSRSnUFPlNrtIvQ9hF4U=; b=KaspNEpexcvecBghsJ8yJGgMNyhOPM0T3GsVnpu2b3dek0m7G8RLHbcT8/Yk7fhAHy FmYNLGNrHJtzCnhZlFJNUJYbYToJ3yOxhqUGi8zQze/fi/AKmqgiW5zP4ARDUwvSA+je KTi+Ih8+HwLUg2TY71CSxj4dfTSz+3/EHVyzDjGd7/ltMYagtsMwfnlPd7em9jUpaZ39 BpFA0J0+GNI2PUKRzgSMxGc3c8adpBH2/FChCpZ5ibTp5H52gbaL1s0Mji0Ci5ahwDe+ egl+87DaY5rUzSGBZXc7W2UZ33faAtRKw3fIQfdwbA5PBBtlwGfhBxGxNjBmn27noEnQ 6QIQ== X-Gm-Message-State: AFeK/H2JKbHB19zGZV6ws+IzXIX08Kkn+l1vuxaiETnZ/KSdnCImHg1Qa450tyVFRqgAEw== X-Received: by 10.55.82.85 with SMTP id g82mr22253679qkb.29.1489247438301; Sat, 11 Mar 2017 07:50:38 -0800 (PST) Received: from [10.0.1.6] (cpe-98-5-143-38.buffalo.res.rr.com. [98.5.143.38]) by smtp.gmail.com with ESMTPSA id o130sm8586722qke.15.2017.03.11.07.50.37 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 11 Mar 2017 07:50:37 -0800 (PST) From: Brad Salai Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (1.0) Date: Sat, 11 Mar 2017 10:50:36 -0500 Subject: Re: texlive and Arduino do not show up in gnome-menu Message-Id: <9A36C317-5CFC-467C-9C20-93850159EEEB@gmail.com> References: In-Reply-To: To: freebsd-questions@freebsd.org X-Mailer: iPhone Mail (14D27) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 15:50:40 -0000 Turns out that the problem with texlive was me. It installed all the working= parts but not any X11 parts. I installed TeXworks and all is well. All that= is left is to figure out where the ports system put Arduino. Thanks to ever= yone for the help.=20 Brad Salai (585) 708-9235 Bsalai@gmail.com > On Mar 11, 2017, at 7:00 AM, freebsd-questions-request@freebsd.org wrote: >=20 > Send freebsd-questions mailing list submissions to > freebsd-questions@freebsd.org >=20 > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > or, via email, send a message with subject or body 'help' to > freebsd-questions-request@freebsd.org >=20 > You can reach the person managing the list at > freebsd-questions-owner@freebsd.org >=20 > When replying, please edit your Subject line so it is more specific > than "Re: Contents of freebsd-questions digest..." >=20 >=20 > Today's Topics: >=20 > 1. [iTunes-Connect]Someone has been logged into your account > from another country (AppleID) > 2. daily security run output (setuid) (James B. Byrne) > 3. Re: daily security run output (setuid) (Matthew Seaman) > 4. Re: daily security run output (setuid) (Lowell Gilbert) > 5. Reboot hangs on a FreeBSD system I'm building (Bob Willcox) > 6. Noob question (Brad Salai) > 7. Re: Noob question (Jack L.) > 8. Re: Libreoffice and Arduino do not show up in gnome-menu > (Sergei Akhmatdinov) > 9. Re: Noob question (Ken Moffat) >=20 >=20 > ---------------------------------------------------------------------- >=20 > Message: 1 > Date: Fri, 10 Mar 2017 08:05:33 -0600 (CST) > From: AppleID > To: freebsd-questions@freebsd.org > Subject: [iTunes-Connect]Someone has been logged into your account > from another country > Message-ID: <20170310140533.3A0A0A619BA@578509-app3.linx.com> > Content-Type: text/plain; charset=3D"iso-8859-1" >=20 >=20 >=20 > ------------------------------ >=20 > Message: 2 > Date: Fri, 10 Mar 2017 11:42:42 -0500 > From: "James B. Byrne" > To: freebsd-questions@freebsd.org > Subject: daily security run output (setuid) > Message-ID: > <0a9bbc9664cdeacc27dacadbd575ea1d.squirrel@webmail.harte-lyne.ca> > Content-Type: text/plain;charset=3Diso-8859-1 >=20 > Following a recent update we began to see this report: >=20 > Checking setuid files and devices: >=20 > setuid diffs: > --- /var/log/setuid.today 2017-01-18 03:01:01.000000000 -0500 > +++ /tmp/security.saU3IUZT 2017-03-08 03:01:01.006331628 -0500 > @@ -36,9 +36,9 @@ > . . . >=20 > - 70217 -rwsr-xr-x 1 root wheel 22416 Jan 12 00:09:17 2017 > /usr/local/bin/pkexec > . . . > + 30527 -rwsr-xr-x 1 root wheel 22416 Feb 25 00:04:40 2017 > /usr/local/bin/pkexec >=20 > pkg which /usr/local/bin/pkexec > /usr/local/bin/pkexec was installed by package polkit-0.113_3 >=20 > pkg info polkit-0.113_3 > polkit-0.113_3 > Name : polkit > Version : 0.113_3 > Installed on : Tue Mar 7 15:31:14 2017 EST >=20 >=20 > This was a legitimate update as far as I can see. I can see that the > mtime value has changed but why does the update not account for this > with the security system? >=20 >=20 > --=20 > *** e-Mail is NOT a SECURE channel *** > Do NOT transmit sensitive data via e-Mail > Do NOT open attachments nor follow links sent by e-Mail >=20 > James B. Byrne mailto:ByrneJB@Harte-Lyne.ca > Harte & Lyne Limited http://www.harte-lyne.ca > 9 Brockley Drive vox: +1 905 561 1241 > Hamilton, Ontario fax: +1 905 561 0757 > Canada L8E 3C3 >=20 >=20 >=20 > --=20 > *** e-Mail is NOT a SECURE channel *** > Do NOT transmit sensitive data via e-Mail > Do NOT open attachments nor follow links sent by e-Mail >=20 > James B. Byrne mailto:ByrneJB@Harte-Lyne.ca > Harte & Lyne Limited http://www.harte-lyne.ca > 9 Brockley Drive vox: +1 905 561 1241 > Hamilton, Ontario fax: +1 905 561 0757 > Canada L8E 3C3 >=20 >=20 >=20 > ------------------------------ >=20 > Message: 3 > Date: Fri, 10 Mar 2017 17:04:34 +0000 > From: Matthew Seaman > To: freebsd-questions@freebsd.org > Subject: Re: daily security run output (setuid) > Message-ID: > Content-Type: text/plain; charset=3D"windows-1252" >=20 >> On 2017/03/10 16:42, James B. Byrne via freebsd-questions wrote: >> Following a recent update we began to see this report: >>=20 >> Checking setuid files and devices: >>=20 >> setuid diffs: >> --- /var/log/setuid.today 2017-01-18 03:01:01.000000000 -0500 >> +++ /tmp/security.saU3IUZT 2017-03-08 03:01:01.006331628 -0500 >> @@ -36,9 +36,9 @@ >> . . . >>=20 >> - 70217 -rwsr-xr-x 1 root wheel 22416 Jan 12 00:09:17 2017 >> /usr/local/bin/pkexec >> . . . >> + 30527 -rwsr-xr-x 1 root wheel 22416 Feb 25 00:04:40 2017 >> /usr/local/bin/pkexec >>=20 >> pkg which /usr/local/bin/pkexec >> /usr/local/bin/pkexec was installed by package polkit-0.113_3 >>=20 >> pkg info polkit-0.113_3 >> polkit-0.113_3 >> Name : polkit >> Version : 0.113_3 >> Installed on : Tue Mar 7 15:31:14 2017 EST >>=20 >>=20 >> This was a legitimate update as far as I can see. I can see that the >> mtime value has changed but why does the update not account for this >> with the security system? >=20 > The security system? That makes it sound *way* more sophisticated than > it really is. >=20 > All that the setuid daily script does is run find(1) to locate all of > the setuid files on the system, creates a sorted list, and then diffs > that against the previous day's list. It tells you when there have been > any changes to setuid files. It doesn't say anything about whether > those changes are legitimate or not -- that's down to the (supposedly) > intelligent administrators who read the email reports. >=20 > The beauty of it is that it is so simple it is very hard to bamboozle. >=20 > In this case, since it is a file from a pkg that you can verify was > re-installed during the right timeframe then you can be pretty sure that > nothing untoward is going on. Also running 'pkg check -s polkit' to > verify that none of the checksums on the package's files have changed > might provide additional peace of mind. >=20 > Cheers, >=20 > Matthew >=20 >=20 >=20 > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 972 bytes > Desc: OpenPGP digital signature > URL: >=20 > ------------------------------ >=20 > Message: 4 > Date: Fri, 10 Mar 2017 12:11:57 -0500 > From: Lowell Gilbert > To: "James B. Byrne via freebsd-questions" > > Cc: byrnejb@harte-lyne.ca > Subject: Re: daily security run output (setuid) > Message-ID: <44bmt9jbtu.fsf@lowell-desk.lan> > Content-Type: text/plain >=20 > "James B. Byrne via freebsd-questions" > writes: >=20 >> Following a recent update we began to see this report: >>=20 >> Checking setuid files and devices: > [...] >> This was a legitimate update as far as I can see. I can see that the >> mtime value has changed but why does the update not account for this >> with the security system? >=20 > Because having "the security system" trust that the the port update was > initiated by an appropriately authorized user would make it too easy to > hide a security breach. >=20 >=20 > ------------------------------ >=20 > Message: 5 > Date: Fri, 10 Mar 2017 13:03:09 -0600 > From: Bob Willcox > To: questions list > Subject: Reboot hangs on a FreeBSD system I'm building > Message-ID: <20170310190308.GA29798@rancor.immure.com> > Content-Type: text/plain; charset=3Dus-ascii >=20 > I'm building a system to act as a fileserver for my network and things are= > going reasonably well so far except that when I reboot it via the reboot > command it gets to the point after it has successfully sync'd the filesyst= em > caches and the just hangs there. Note that it will respond to pings from > other systems on the network but keyboard activity is ignored. >=20 > Here's the uname output: >=20 > FreeBSD yoda.immure.com 11.0-STABLE FreeBSD 11.0-STABLE #1 r315001: Fri Ma= r 10 08:38:20 CST 2017 bob@yoda.immure.com:/usr/obj/usr/src/sys/YODA am= d64 >=20 > This is running on an Asus H170I-Pro motherboard and has a Samsung 960 EVO= M.2 > PCIe NVMe boot drive. The UEFI BIOS settings are all at their defaults. I > planning to check the BIOS settings to see if changing any of them will ma= ke a > difference. >=20 > Note that the root/boot drive is ZFS in case that matters. >=20 > --=20 > Bob Willcox | If a program is useful, it will be changed. > bob@immure.com | > Austin, TX | >=20 >=20 > ------------------------------ >=20 > Message: 6 > Date: Fri, 10 Mar 2017 19:51:35 -0500 > From: Brad Salai > To: freebsd-questions@freebsd.org > Subject: Noob question > Message-ID: <83FA4D74-AB47-45D8-A5D6-EB8892A47E4D@gmail.com> > Content-Type: text/plain; charset=3Dus-ascii >=20 > I've just finished a clean install of FreeBSD 11 on an HP desktop that I g= ot for free (I know that's not relevant but I'm telling everyone.) > I got Gnome running and installed Libre Office without issues. Then I trie= d TeXlive as a package and Arduino as a port. Both completed successfully, b= ut neither showed up in Gnome and I can't figure out the path to add to star= t them manually. Can anyone help? > Brad >=20 > Brad Salai > (585) 708-9235 > Bsalai@gmail.com >=20 >=20 >=20 > ------------------------------ >=20 > Message: 7 > Date: Fri, 10 Mar 2017 17:11:45 -0800 > From: "Jack L." > To: Brad Salai > Cc: "freebsd-questions@freebsd.org" > Subject: Re: Noob question > Message-ID: > > Content-Type: text/plain; charset=3DUTF-8 >=20 > You can run >=20 > pkg info --list-files packagename >=20 > and that will give you a list of where all the installed files are >=20 >> On Fri, Mar 10, 2017 at 4:51 PM, Brad Salai wrote: >> I've just finished a clean install of FreeBSD 11 on an HP desktop that I g= ot for free (I know that's not relevant but I'm telling everyone.) >> I got Gnome running and installed Libre Office without issues. Then I tri= ed TeXlive as a package and Arduino as a port. Both completed successfully, b= ut neither showed up in Gnome and I can't figure out the path to add to star= t them manually. Can anyone help? >> Brad >>=20 >> Brad Salai >> (585) 708-9235 >> Bsalai@gmail.com >>=20 >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >=20 >=20 > ------------------------------ >=20 > Message: 8 > Date: Fri, 10 Mar 2017 20:39:33 -0500 > From: Sergei Akhmatdinov > To: Brad Salai > Cc: freebsd-questions@freebsd.org > Subject: Re: Libreoffice and Arduino do not show up in gnome-menu > Message-ID: <20170311013933.4qn72svt4nodgiut@silverbeast> > Content-Type: text/plain; charset=3D"us-ascii" >=20 >> On Fri, Mar 10, 2017 at 07:51:35PM -0500, Brad Salai wrote: >> I've just finished a clean install of FreeBSD 11 on an HP desktop that I g= ot for free (I know that's not relevant but I'm telling everyone.) >> I got Gnome running and installed Libre Office without issues. Then I tri= ed TeXlive as a package and Arduino as a port. Both completed successfully, b= ut neither showed up in Gnome and I can't figure out the path to add to star= t them manually. Can anyone help? >> Brad >=20 > $ which binary-name >=20 > That should get you the path to the installed binary. > For Libreoffice, that would be=20 >=20 > $ which libreoffice >=20 > I don't use Gnome, but it probably reads your=20 > /usr/local/share/applications directory. >=20 > Try adding .desktop files to it manually. Although it's suspicious > that they aren't there already or that Gnome wouldn't pick them up > if they are. >=20 > Also, just a piece of friendly advice:=20 > Try to give more discriptive subject lines when posting to > the mailing list next time. It helps other people to help you. :) >=20 > Cheers, > -- > Sergei Akhmatdinov >=20 > My GPG public key: > gpg --keyserver pgp.mit.edu --recv-keys AD800D99 > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 833 bytes > Desc: not available > URL: >=20 > ------------------------------ >=20 > Message: 9 > Date: Sat, 11 Mar 2017 01:41:01 +0000 > From: Ken Moffat > To: freebsd-questions@freebsd.org > Subject: Re: Noob question > Message-ID: <20170311014101.GA18045@milliways.localdomain> > Content-Type: text/plain; charset=3Dutf-8 >=20 >> On Fri, Mar 10, 2017 at 07:51:35PM -0500, Brad Salai wrote: >> I've just finished a clean install of FreeBSD 11 on an HP desktop that I g= ot for free (I know that's not relevant but I'm telling everyone.) >> I got Gnome running and installed Libre Office without issues. Then I tri= ed TeXlive as a package and Arduino as a port. Both completed successfully, b= ut neither showed up in Gnome and I can't figure out the path to add to star= t them manually. Can anyone help? >> Brad >>=20 > No idea about arduino, but texlive - at least in a full install - > contains a lot of different things. At a minimum, you probably want > to run one of the engines, e.g. using pdflatex on a .tex file to > create a text PDF. For more complex PDFs (adding things for images, > or using other programs for indexing or bibliographies) you will > probably want to create a Makefile. >=20 > For a basic PDF that, you open your term of choice (gnome-terminal, > I suppose), run 'which' to see if pdflatex (or one of the other > engines, e.g. lualatex, xelatex, or even context) is on your PATH. > If it isn't, you use find or locate to see where it is, and then > add that directory to your PATH. But I guess that installing the > package will have fixed that up. >=20 > Finally, you create your tex file in your preferred editor, and then > from your term you invoke the engine on the tex file, fix any errors > and repeat until you get a PDF, open that in your viewer (evince, > for gnome) and review, then fix any spelling or formatting errors and > repeat. >=20 > So, providing it is all on your PATH, you just go in and do it. If > you want a gui front-end, perhaps get TeXworks which appears to be a > package. In windows versions of texlive, TeXworks is included - but > not in 'nix versions : it has additional dependencies such as Qt. >=20 > Happy TeXing. >=20 > ?en > --=20 > `I shall take my mountains', said Lu-Tze. `The climate will be good > for them.' -- Small Gods >=20 >=20 > ------------------------------ >=20 > Subject: Digest Footer >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g" >=20 > ------------------------------ >=20 > End of freebsd-questions Digest, Vol 666, Issue 6 > ************************************************* From owner-freebsd-questions@freebsd.org Sat Mar 11 17:52:41 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A6C07D08252 for ; Sat, 11 Mar 2017 17:52:41 +0000 (UTC) (envelope-from d@l.ynx.fr) Received: from mailer.daserv.fr (daserv.fr [91.121.223.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 72C61D85 for ; Sat, 11 Mar 2017 17:52:40 +0000 (UTC) (envelope-from d@l.ynx.fr) Received: from mailpile.local (mailpile.ynx.fr [192.168.1.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mailer.daserv.fr (Postfix) with ESMTPS id 37C1E469; Sat, 11 Mar 2017 17:42:28 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ynx.fr; s=YNX_KEY; t=1489250548; bh=FRe7C2l0Z9+RvxoldMzf9RTX6NekgVxL92e0nDEmlq0=; h=Subject:From:To:Cc:In-Reply-To:References:Date; b=jIYKayUwlPCJ4QVLtdP/A0JOCxbVf32HCTCqmv2QPpwVpW6BdDIzfqeLx1f4/N1SE 3afheb2Ljihbq2v8lkF1cw/lFHjznUP0lCwR8rVlKEMfP9OSirK/WAF3lrkY5z4YuU 51Q6Ug3YUqCyScPTYKErRTRWeYZxJPDAuWil1Sxg= MIME-Version: 1.0 Subject: Re: Jail limited user cannot access host mountpoint although jail root can From: DaLynX To: "Alnis Morics" Cc: freebsd-questions In-Reply-To: References: User-Agent: Mailpile Message-Id: Date: Sat, 11 Mar 2017 08:51:09 -0000 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 17:52:41 -0000 Alnis Morics wrote: > On 03/11/2017 04:59, DaLynX via freebsd-questions wrote: > > Hello, > > > > I am trying to make my setup work with jails and got stuck in the > > following situation: > > > > - Host is mounting a fuse filesystem (because I couldn't make it work directly inside the jail - although the /dev/fuse device was accessible) in the jail's chroot. > > - From root@host, everything looks fine. > > - root@jail, too, can access the mounted filesystem, read files, no problem. > > - limited@jail can see the mountpoints but cannot access them in any way (no cd, no ls...) although the file permissions look okay (it's all 755, and for some reason limited is the owner of all mountpoints). > > > > What could have gone wrong? I tried playing around with > > vfs.usermount on the host or enforce_statfs on the jail but it > > makes no difference. > > > > Any pointers would be greatly appreciated. > > > > Kind regards, > > DaLynX > > Why not use mount_nullfs(8)? Like: > > mount_nullfs > /usr/jails// > > -Alnis > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions To > unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > Dear Alnis, Thank you for your answer but I fail to see how nullfs could help. Do you mean I should first mount my fusefs'es somewhere on my host - say /mnt/ - and then use nullfs to map them to the jail dirs? (/iocage/jails//root/mnt/, in my case) Would there be a difference in fusefs / nullfs functionality or implementation that would explain different behaviour in the jails in the end, and the problem I am facing? If you meant using nullfs instead of fuse I am afraid you are missing the point. I want to use tools such as sshfs or archivemount, that are based on fuse. DaLynX From owner-freebsd-questions@freebsd.org Sat Mar 11 18:34:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E3E0D065CC for ; Sat, 11 Mar 2017 18:34:25 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: from mail-io0-x242.google.com (mail-io0-x242.google.com [IPv6:2607:f8b0:4001:c06::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 14D65D09 for ; Sat, 11 Mar 2017 18:34:25 +0000 (UTC) (envelope-from luzar722@gmail.com) Received: by mail-io0-x242.google.com with SMTP id f84so9904718ioj.0 for ; Sat, 11 Mar 2017 10:34:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-transfer-encoding; bh=mml3IEi+nkExWAtgFwztfns/qU6ClxLfDy+HDrqdYlc=; b=ltLaQ/jbnswdnHyFrcSSLQih/rOUd3OdlbdD7Anv1OEo5j8RFvKUUrcUQB6TGSaA3k UFaOEZ7CsoCa8xL47kQRWwbJFA4pDfyVPPkxPzkMySXdo1YFlLI27umIftDyalKv3d4B f3trmSsbolR2Jwdtx58TBABqgDg5kl1Huz9FGhgNiCxjB1PWc3GkRxUadAQmdH8qI1jz AF9Mcm8vIvPulscOgkpgAC9BoNkLYDZPCoWqhKUNCzYnyJMtBUWcNQM6Zz19Oaa9e1HP zk7ljpbWmm7wVn3Zj2iflNZNH1yVLagr/+Yebx/DJpEKyodx9PrquwYV55tv6BXx8zT7 G5uQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-transfer-encoding; bh=mml3IEi+nkExWAtgFwztfns/qU6ClxLfDy+HDrqdYlc=; b=IPzpBu3r4kgOtmqDMfBMbVFaYkj1bdy6QvAdadIq9TdATzvbD6qCj1vrkmyXO0TZEX z1BjyZ+LKyzT5MbobR8Iz97NVoS8nv3ozRWSdPbPl2lpYv7sRwbFW0RRl1kbCkgHlkQJ bCTAiKdaTSs5C1HUarPloUKE7/UJfXLt4TDA0Kt1vPuXjkeCTlmN/rckhSaytJ5MAzK9 voTc/YhfH6/b115pv3YoHowA4X0FaFXO82U7jwBUcC0jY8jt2zUys69u/HTC+D2gSh0J O+2U/Nd4vbqAFCkNw7Za/dxnb+uXpCFAfkzAFoTYR24P8oWgr5i0U789k9Ktajabbnnt 3J0A== X-Gm-Message-State: AMke39l+FeyfSrseQAw1aXe+yCfN+yli5jxo6xVbmXQ3rFwJKq/xNz+UcRwX5WAyL1SBJA== X-Received: by 10.107.146.198 with SMTP id u189mr23616017iod.173.1489257264440; Sat, 11 Mar 2017 10:34:24 -0800 (PST) Received: from [10.0.10.3] (cpe-65-25-53-157.neo.res.rr.com. [65.25.53.157]) by smtp.googlemail.com with ESMTPSA id t90sm6004162ioi.31.2017.03.11.10.34.23 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sat, 11 Mar 2017 10:34:23 -0800 (PST) Message-ID: <58C44333.4080003@gmail.com> Date: Sat, 11 Mar 2017 13:34:27 -0500 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: DaLynX CC: Alnis Morics , freebsd-questions Subject: Re: Jail limited user cannot access host mountpoint although jail root can References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 18:34:25 -0000 DaLynX via freebsd-questions wrote: > Alnis Morics wrote: >> On 03/11/2017 04:59, DaLynX via freebsd-questions wrote: >>> Hello, >>> >>> I am trying to make my setup work with jails and got stuck in the >>> following situation: >>> >>> - Host is mounting a fuse filesystem (because I couldn't make it work directly inside the jail - although the /dev/fuse device was accessible) in the jail's chroot. >>> - From root@host, everything looks fine. >>> - root@jail, too, can access the mounted filesystem, read files, no problem. >>> - limited@jail can see the mountpoints but cannot access them in any way (no cd, no ls...) although the file permissions look okay (it's all 755, and for some reason limited is the owner of all mountpoints). >>> >>> What could have gone wrong? I tried playing around with >>> vfs.usermount on the host or enforce_statfs on the jail but it >>> makes no difference. >>> >>> Any pointers would be greatly appreciated. >>> >>> Kind regards, >>> DaLynX >> Why not use mount_nullfs(8)? Like: >> >> mount_nullfs >> /usr/jails// >> >> -Alnis > > Dear Alnis, > > Thank you for your answer but I fail to see how nullfs could > help. Do you mean I should first mount my fusefs'es somewhere on > my host - say /mnt/ - and then use nullfs to map them to the jail > dirs? (/iocage/jails//root/mnt/, in my case) > > Would there be a difference in fusefs / nullfs functionality or > implementation that would explain different behaviour in the > jails in the end, and the problem I am facing? > > If you meant using nullfs instead of fuse I am afraid you are > missing the point. I want to use tools such as sshfs or > archivemount, that are based on fuse. > It's my understanding that fuse just does not play well with jails. This has been known for a long time but just not general public knowledge. There have been many reports from people trying to use fuse to mount the shared binary running system at jail start time without any success. The resulting solution is to use nullfs mounts. I think what the previous post is saying; is to use nullfs to mount the shared binary running system. Then try to activate fuse for the other tasks using the poststart.exec variable. That way the jail is up and running before any fuse things are started. If that don't work them you have to accept that those fuse based tools are NOT going to be able to run in a jail. They were never designed with jails in mind. From owner-freebsd-questions@freebsd.org Sat Mar 11 22:56:53 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7F5DDD08282 for ; Sat, 11 Mar 2017 22:56:53 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-wm0-x22b.google.com (mail-wm0-x22b.google.com [IPv6:2a00:1450:400c:c09::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0E1CD98 for ; Sat, 11 Mar 2017 22:56:53 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: by mail-wm0-x22b.google.com with SMTP id t189so17398644wmt.1 for ; Sat, 11 Mar 2017 14:56:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=C7wgRxTsBG77ES+4RP15mLAoBcIkBpnvRNTrH2e25Wg=; b=sdPosW1gzQq9kgS2MkBPW/EyN1ZD4sjVTO5+qEmypYU2BlLD+eCgzDyaBvPefe/7xx lY9SFbWt7T5JswsbTfXL0VcIZdT5IIUMAVo4s3xL4079zxEmT66Eg4fpsjez0BaAyCXu IXPZOuA5t9/FinoZDKclXA9AS5tqsLdIhFJA2WX8MLpXWt7sZ0tBEt1c6oGKxiWwvUdf Ar7myE2Bo5c5LgIezl7LeHR6oPZaj9lvOJ+PtHgxMJLmZkI7Im0HQ+qXQvdgRl3QsOQ0 EOLvqtm42pqhi2dciUxx7+oMGodC+2MzvZcB7y7Sk16cV5J8O7WEygiVzx5QdYaqBXDa kRKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=C7wgRxTsBG77ES+4RP15mLAoBcIkBpnvRNTrH2e25Wg=; b=l4qbzqrrSOI3jiXXJ1oBOjcDbxle645LGdnEFIMkEn2cXwyhRv+ZPm9RPSJmHHlAHV wGSTzf8azueNciVJx8/9gUvMm56kSjncb3KUMfn6i/3QQy3dsjscqNU/ZZxDehgXWbo5 dRuGnkbCzhVaYOFxlbokZs/3W+/OpYKhYWODK39SPOUoeYAC8I6STqgaCvzQQUTEUrw/ ZCiG+Mxu1rgrMaHs7iWTxwnO37M2DukBDuZSVz4W7xrjsahFcIC6k0IhZB3jGjhAm83I WoLFX6CXIXMVBF1NrSn8RWDJBa+AunJUMh1rd3R1u2ICqHMqJQnSoih7WbjH7qV5WEp8 Y+HA== X-Gm-Message-State: AFeK/H1743kzhSYj3oZIHszoK6pYfDlI/okJj9z4OUF/Pmahtn4igUUkAJxChZDCuJjm7NDY0ImbMV9VlvjxEA== X-Received: by 10.28.5.8 with SMTP id 8mr4348621wmf.70.1489273010022; Sat, 11 Mar 2017 14:56:50 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.164.65 with HTTP; Sat, 11 Mar 2017 14:56:49 -0800 (PST) In-Reply-To: References: From: Adam Vande More Date: Sat, 11 Mar 2017 16:56:49 -0600 Message-ID: Subject: Re: Jail limited user cannot access host mountpoint although jail root can To: DaLynX Cc: freebsd-questions Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Mar 2017 22:56:53 -0000 On Fri, Mar 10, 2017 at 8:59 PM, DaLynX via freebsd-questions < freebsd-questions@freebsd.org> wrote: > Hello, > > > > What could have gone wrong? I tried playing around with > vfs.usermount on the host or enforce_statfs on the jail but it > makes no difference. > > Any pointers would be greatly appreciated. > See jail(8) -- Adam