BSD DevCenter

Nice site from O'Reilly, the book folks. It covers all the BSDs:

O'Reilly Network: BSD DevCenter

Security package

Caught a mention of this interesting looking security package on a Linux list I'm on. Thought I'd snapshot the link so when I make my big push to harden my machine, I can look into it. First step is ifpw, though.

Port description for security/samhain

Another helpful pkgdb -F page from FreeBSDDiary

Here's another helpful page from FreeBSDDiary.com on using pkgdb -F.

The FreeBSD Diary -- pkgdb - packages database tool

pkgdb cleanup time

I'm on a quest to clean up my packages database using the pkgdb -F command. When I use it now, I get dozens of errors, and it isn't very clear where to go with these. Here's a page that I found that might help:

The FreeBSD Diary -- Got ports? Here is THE way to upgrade them!

How to make a http/imap certificate

Short tutorial on how to make certificates for http/imap servers. Scroll down to the "1. Create a local Certificate Authority".

Dave's Den

Rebuilding ports database

A couple of ways to update the database used by the ports package (portupgrade, etc):

• pkgdb -Uu


• In /usr/ports, do make index

Of course, on my computer both generate a boatload of errors, and now I'm trying to figure out if they are important, and how to fix them if so. I know about pkgdb -F, but it asks me all kinds of questions I don't know the answer to.

vmstat

Cool status program:

FreeBSD Hypertext Man Pages: vmstat

It's like ps, but gives you kernel statistics. Use:

$ vmstat -w 2

To get it to display a single line every two seconds. See the man page for a description of the various fields

Adding a new disk

Okay, I finally got the new drive in there. It was complicated a little because I couldn't find the big foldout instructions for the drive (a Western Digital WD4000). Not that I haven't installed dozens of hard drives, but I was a little confused about the jumper on the CS jumpers. But I just moved it to the Slave jumpers, and later found the folder in my mess on the desk. CS means Cable Select, where I guess the Master/Slave stuff can be done automagically. I never use it.

Then I tried following the directions in the FAQ as mentioned earlier, but it is so out of date as to be almost useless. Here's how I ended up doing it, after a few false starts:

• Use the /stand/sysinstall command


• Selct the Custom option and select 3 Partion command. I selected the 2nd hard drive (ad0 and ad1 were the two listed). When I did this, it complained about a "bad" disk geometry. It said the numbers "77504/16/63" looked bad and it would use more normal numbers. After checking things out a little (like finally noticing the size was listed on the first line of the Parition screen, and a size of 39Gb sounded about right), I decided to let it use its numbers. I don't know where it got the "bad" ones.


• Select the All option, to use the entire hard drive as a FreeBSD partition. Then Q to quit. Don't do the Write option - that will come after the Disk Labeler.


• Then, as I mentioned, select 4 Label, to create the slices in the FreeBSD partition. I first wanted to created a 512Mb swap partition, so I did Create, typed in "512m" for the size, and then selected Swap for the type. Then I Created another partition, using all the rest as a regular FS filesystem, telling it to use /usr/data for a mount point.


• Now I do a Write. It gives you a warning about not doing a Write if you are doing an install, as you'll commit all the changes later. But if you tried to do a write in the "Partition" phase, it would have also warned you to not do the write if you are also adding a new drive, but it doesn't do it here so I guess this is where you do the write.


• Now cancel and exit out of sysinstall, bringing you back to the command line.


• Now I would've thought this would've added some lines to my /etc/fstab file, but it didn't. I even went back into sysinstall, back to the Partition option, and noticed it didn't have a mount point again. So I changed it back to /usr/data, wrote out the changes and went back. However, it still wasn't in the fstab, so I added two lines:
  
  

  
  /dev/ad1s1b		none		swap	sw		0	0
  /dev/ad1s1e		/usr/data	ufs	rw		2	2
  

  
  

  The first line is for my new swap space and the second line is for the 39gb data partition. I couldn't find anything that easily displayed the /dev devices, so I had to go back into sysinstall and see what it displayed.



• Then I rebooted to make sure all was okay and boom - I'm in business.

Adding a new disk

I'm going to add a new hard disk to my server machine (Bubbles, the Amazingdev.com machine). I picked up a 40gb hard drive for $80, but it came with $50 in rebates. So even though it is rather small these days, 40gb is plenty for what I need. I already have a 40gb hard drive on there, but long ago my little 10gb hard drive bit the dust, taking my /swap partition with it. And I hardly have 25% of the current one filled, so I figure I'll just add a 500mb swap partition and use the rest for data storage.

Looking at the FreeBSD FAQ led me to the Formatting Media For Use With FreeBSD tutorial page. So that's what I'm going to be doing today.

shutdown option

Shutdown has an option that I didn't know about. Not that I use it at all for my server machine, but still it's a handy thing to know about.

$ shutdown -p now

The '-p' option will make your computer power down after the shutdown, so you don't have to hold in the power switch. Mind you, there seems to be some controversy on the -questions list as to whether it works in 4.x or 5.x. I'll have to try it later today when I shut down my server to install a new hard drive.

Upgrading MySQL to 4.1

I'm going to be moving the MySQL server on my machine from 3.x to 4.0 pretty soon, so I'm always on the lookout for notes on this process. It seems a little scary, because a few things depend on this, like PHP and Apache, so I'm not entirely clear on all the ramifications. Luckily, it seems that backing up the database is pretty easy:

$ mysql
mysql> flush tables with read lock
mysql> ^Z
$ cd /var/db
$ cp mysql mysql.today'sdate
$ fg
mysql> unlock tables
mysql> ^D
$

That will create a nice copy of the database files. Here's a nice message on how to upgrade to 4.1 (which isn't production yet, so I'm just going to 4.0):

su
cvsup -g -L2 /usr/share/examples/cvsup/ports-supfile
cd /usr/ports/databases/mysql4.1-server
make install distclean
rehash
mysqld_safe &
mysqladmin -u root password 'this_is_the_password'
mysql -u root --password='this_is_the_password''
mysql>

Network monitoring programs

Some tools for monitoring your network traffic:

• 'ntop':
  
  ntop - network top
  
  You can find it in the ports collection at /usr/ports/net/ntop.
  
• mrtg : Multi Router Traffic Grapher:
  
  MRTG home page
  
  It is in /usr/ports/net/mrtg (obviously:-)
  

Pointers to lots more links for other network tools can be found here:

http://nakula.rvs.uni-bielefeld.de/made/my_project/3rd-party/

CUPS help

A couple of notes on CUPS (which I don't use yet, but probably will some day):

• Note from Glenn Johnson:
  

  
  There should be a file in /usr/local/etc/rc.d called 'cups.sh.sample'.
  If you want cups to start with every boot (most likely) copy that file
  to 'cups.sh'. Make sure you are not running the base system lpd. Check
  your '/etc/rc.conf' file and make sure there is no "lpd_enable=yes" line
  present. To start cups without rebooting, enter:
  

  
  /usr/local/etc/rc.d/cups.sh start
  



• Web page:
  
  The FreeBSD Diary -- CUPS (Common UNIX Printing System) - installation and configuration