BSDForums

bsdforums.org - FreeBSD, OpenBSD, NetBSD, MacOS X, Darwin, Linux, Unix forums, message boards, discussions and news.


Cool looking discussion site for all forms of BSDen.

syslog info

Yes, I'm reading the FreeBSD Questions mailing list again. It is amazing how much good info you can get from there, even if the traffic is heavy:

lists.freebsd.org Mailing Lists

This time, it lead me to a cool command:

FreeBSD Hypertext Man Pages: newsyslog

This command has a config file that lists all the log files that syslogd creates. You can control how often the log files are rotated. One neat thing is just seeing all the various log files listed. You can also find more syslog info in the man entry for syslog.conf.

Drive testing utility

Hitachi Downloads - Some free utilities from Hitachi. Most important is their Drive Fitness Test. You download an installer (either Windows or Linux) that creates a bootable floppy. You boot this floppy and run the test. Looks quite useful.

What is the 'toor' account

A short answer in the BSD FAQ to the question about that weird user in your passwd file called 'toor':

Security

Updates - or lack thereof

Sorry about the lack of updates. I've been busy in the real world, and my FreeBSD server has been running all too smoothly, so I haven't really had to pay all that much attention to it:-) I went away for a week and got 5000+ messages from the FreeBSD Questions mailing list, so I did the only prudent thing - I deleted them all!

Live CD site

A simple site that does one thing really well - provide a copy of the "Live" (ie., bootable and runnable FreeBSD) CD:

FreeSBIE - Free System Burned In Economy

BSDForums.org

A nice looking *BSD (including FreeBSD) news and community site:

bsdforums.org - FreeBSD OpenBSD NetBSD Darwin Mac OSX Linux Unix forums, message boards, discussions and news.

fortune's FreeBSD tips

The program 'fortune', which is often called in the .login file by default, has a nice collection of FreeBSD tips. You can access this a couple of ways:

$ /usr/games/fortune freebsd-tips

will print a single tip to your screen, while

$ /usr/games/fortune -m col freebsd-tips | less

will dump all the tips that contain the sequence 'col' to your screen. This will show you the nice short way using the col command to strip DOS End Of Line characters from your files (those are the ones that look like ^M in many places):

$ col -bx < DOSFIle > BSDFile

although I guess it also replaces tabs with spaces. An easier way is to just use the dos2unix command (and it's opposite, unix2dos).

Testing for mail relay

Site that will check to make sure you don't have an "open relay"; ie., a way for an anonymous user to use your sendmail to send mail from. It used to be pretty common, but then spammers started using everyone else's sendmail to hide their identity, and now it is a Very Bad Thing if you have an open relay.

Mail relay testing

<i>fetchmail</i> tutorial

How to set up and run fetchmail from a server:

Fetchmail Configuration

FreeBSD Splash Screens

Great page on doing splash screens for FreeBSD. It includes a nice catalog of splash screens.

FreeBSD Splash Screens

This page has lots more splash and desktop screens, including some vaguely erotic and futuristic BSD Daemons:

deaddreamer.com

Disabling SSH

Easy way to disable ssh: Add the following line to the /etc/rc.conf file:

sshd_enable="NO"

"The Complete FreeBSD"

I just received the book The Complete FreeBSD in the mail the other day, and I gotta say it looks great! Of course, in the interest of full disclosure, I must say that I got my copy free because I helped to proof the book. But even if I didn't it would have immediately rose to the top of my "to get" books, as I really liked the 3rd edition, which is one reason why I helped out on this one. The author, Greg "groggy" Lehey is quite active on the FreeBSD mailing lists, and he does a great job in explaining all kinds of mysterious parts. In particular, I remember when I first read the 3rd edition how much I appreciated his line by line analysis of the boot screen.

The Complete FreeBSD by Greg Lehey. Published by O'Reilly Community Press.

Hush up, login

A quick way to have a "silent" login is to create an empty file in your home directory called .hushlogin. Now when you login, nothing should be echoed to the tty. Works nice!

Stack Protection for FreeBSD

From what I understand, this is a patch to GCC that adds "stack protection". The stack is part of a computer program where data is stored, and a common hack is to "overflow" the stack and using the effects of that to insert your own remote program. This patch prevents GCC, the compiler normally used on FreeBSD from allowing that to happen. You patch GCC, and rebuild the world to add the protection into the kernel. I haven't tried this yet, but I'm intrigued nonetheless.

How to build FreeBSD with stack protection

An interesting little side note in the above web page - it has about as concise a set of instructions for rebuilding and installing the kernel that I've ever seen!

Rebuild and install everything:



cd /usr/src

mergemaster -p

make buildworld

make buildkernel

make installkernel


shutdown -r now, bringing the system back up in single-user mode

make installworld

mergemaster

reboot

Setting the time

Two excellent articles on synchronizing your systems clock with the rest of the world using NTP:

• FreeBSD NTP, the "official" FreeBSD NTP page


• Getting Started with NTP, a more generic Unixen guide to ntp

FreeBSD CVS Tags

Here is a complete list of the current CVS tags for FreeBSD. Use these in conjunction with cvsup and your cvsups file to grab the latest version of the source for your system:

CVS Tags

BSD DevCenter

Nice site from O'Reilly, the book folks. It covers all the BSDs:

O'Reilly Network: BSD DevCenter

Security package

Caught a mention of this interesting looking security package on a Linux list I'm on. Thought I'd snapshot the link so when I make my big push to harden my machine, I can look into it. First step is ifpw, though.

Port description for security/samhain

Another helpful pkgdb -F page from FreeBSDDiary

Here's another helpful page from FreeBSDDiary.com on using pkgdb -F.

The FreeBSD Diary -- pkgdb - packages database tool

pkgdb cleanup time

I'm on a quest to clean up my packages database using the pkgdb -F command. When I use it now, I get dozens of errors, and it isn't very clear where to go with these. Here's a page that I found that might help:

The FreeBSD Diary -- Got ports? Here is THE way to upgrade them!

How to make a http/imap certificate

Short tutorial on how to make certificates for http/imap servers. Scroll down to the "1. Create a local Certificate Authority".

Dave's Den

Rebuilding ports database

A couple of ways to update the database used by the ports package (portupgrade, etc):

• pkgdb -Uu


• In /usr/ports, do make index

Of course, on my computer both generate a boatload of errors, and now I'm trying to figure out if they are important, and how to fix them if so. I know about pkgdb -F, but it asks me all kinds of questions I don't know the answer to.

vmstat

Cool status program:

FreeBSD Hypertext Man Pages: vmstat

It's like ps, but gives you kernel statistics. Use:

$ vmstat -w 2

To get it to display a single line every two seconds. See the man page for a description of the various fields

Adding a new disk

Okay, I finally got the new drive in there. It was complicated a little because I couldn't find the big foldout instructions for the drive (a Western Digital WD4000). Not that I haven't installed dozens of hard drives, but I was a little confused about the jumper on the CS jumpers. But I just moved it to the Slave jumpers, and later found the folder in my mess on the desk. CS means Cable Select, where I guess the Master/Slave stuff can be done automagically. I never use it.

Then I tried following the directions in the FAQ as mentioned earlier, but it is so out of date as to be almost useless. Here's how I ended up doing it, after a few false starts:

• Use the /stand/sysinstall command


• Selct the Custom option and select 3 Partion command. I selected the 2nd hard drive (ad0 and ad1 were the two listed). When I did this, it complained about a "bad" disk geometry. It said the numbers "77504/16/63" looked bad and it would use more normal numbers. After checking things out a little (like finally noticing the size was listed on the first line of the Parition screen, and a size of 39Gb sounded about right), I decided to let it use its numbers. I don't know where it got the "bad" ones.


• Select the All option, to use the entire hard drive as a FreeBSD partition. Then Q to quit. Don't do the Write option - that will come after the Disk Labeler.


• Then, as I mentioned, select 4 Label, to create the slices in the FreeBSD partition. I first wanted to created a 512Mb swap partition, so I did Create, typed in "512m" for the size, and then selected Swap for the type. Then I Created another partition, using all the rest as a regular FS filesystem, telling it to use /usr/data for a mount point.


• Now I do a Write. It gives you a warning about not doing a Write if you are doing an install, as you'll commit all the changes later. But if you tried to do a write in the "Partition" phase, it would have also warned you to not do the write if you are also adding a new drive, but it doesn't do it here so I guess this is where you do the write.


• Now cancel and exit out of sysinstall, bringing you back to the command line.


• Now I would've thought this would've added some lines to my /etc/fstab file, but it didn't. I even went back into sysinstall, back to the Partition option, and noticed it didn't have a mount point again. So I changed it back to /usr/data, wrote out the changes and went back. However, it still wasn't in the fstab, so I added two lines:
  
  

  
  /dev/ad1s1b		none		swap	sw		0	0
  /dev/ad1s1e		/usr/data	ufs	rw		2	2
  

  
  

  The first line is for my new swap space and the second line is for the 39gb data partition. I couldn't find anything that easily displayed the /dev devices, so I had to go back into sysinstall and see what it displayed.



• Then I rebooted to make sure all was okay and boom - I'm in business.

Adding a new disk

I'm going to add a new hard disk to my server machine (Bubbles, the Amazingdev.com machine). I picked up a 40gb hard drive for $80, but it came with $50 in rebates. So even though it is rather small these days, 40gb is plenty for what I need. I already have a 40gb hard drive on there, but long ago my little 10gb hard drive bit the dust, taking my /swap partition with it. And I hardly have 25% of the current one filled, so I figure I'll just add a 500mb swap partition and use the rest for data storage.

Looking at the FreeBSD FAQ led me to the Formatting Media For Use With FreeBSD tutorial page. So that's what I'm going to be doing today.

shutdown option

Shutdown has an option that I didn't know about. Not that I use it at all for my server machine, but still it's a handy thing to know about.

$ shutdown -p now

The '-p' option will make your computer power down after the shutdown, so you don't have to hold in the power switch. Mind you, there seems to be some controversy on the -questions list as to whether it works in 4.x or 5.x. I'll have to try it later today when I shut down my server to install a new hard drive.

Upgrading MySQL to 4.1

I'm going to be moving the MySQL server on my machine from 3.x to 4.0 pretty soon, so I'm always on the lookout for notes on this process. It seems a little scary, because a few things depend on this, like PHP and Apache, so I'm not entirely clear on all the ramifications. Luckily, it seems that backing up the database is pretty easy:

$ mysql
mysql> flush tables with read lock
mysql> ^Z
$ cd /var/db
$ cp mysql mysql.today'sdate
$ fg
mysql> unlock tables
mysql> ^D
$

That will create a nice copy of the database files. Here's a nice message on how to upgrade to 4.1 (which isn't production yet, so I'm just going to 4.0):

su
cvsup -g -L2 /usr/share/examples/cvsup/ports-supfile
cd /usr/ports/databases/mysql4.1-server
make install distclean
rehash
mysqld_safe &
mysqladmin -u root password 'this_is_the_password'
mysql -u root --password='this_is_the_password''
mysql>

Network monitoring programs

Some tools for monitoring your network traffic:

• 'ntop':
  
  ntop - network top
  
  You can find it in the ports collection at /usr/ports/net/ntop.
  
• mrtg : Multi Router Traffic Grapher:
  
  MRTG home page
  
  It is in /usr/ports/net/mrtg (obviously:-)
  

Pointers to lots more links for other network tools can be found here:

http://nakula.rvs.uni-bielefeld.de/made/my_project/3rd-party/

CUPS help

A couple of notes on CUPS (which I don't use yet, but probably will some day):

• Note from Glenn Johnson:
  

  
  There should be a file in /usr/local/etc/rc.d called 'cups.sh.sample'.
  If you want cups to start with every boot (most likely) copy that file
  to 'cups.sh'. Make sure you are not running the base system lpd. Check
  your '/etc/rc.conf' file and make sure there is no "lpd_enable=yes" line
  present. To start cups without rebooting, enter:
  

  
  /usr/local/etc/rc.d/cups.sh start
  



• Web page:
  
  The FreeBSD Diary -- CUPS (Common UNIX Printing System) - installation and configuration