From owner-freebsd-questions@freebsd.org Sun Jun 18 00:00:45 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D0842C7785A for ; Sun, 18 Jun 2017 00:00:45 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [IPv6:2607:f740:c::4ae]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BCD8C7C385 for ; Sun, 18 Jun 2017 00:00:45 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (unknown [IPv6:2601:1c2:1401:9956:21c:c0ff:fe7f:96ee]) by echo.brtsvcs.net (Postfix) with ESMTPS id 60EEF50005 for ; Sun, 18 Jun 2017 00:00:39 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id 62EDB3AF for ; Sat, 17 Jun 2017 17:00:38 -0700 (PDT) To: freebsd-questions@freebsd.org From: Mel Pilgrim Subject: zpool import -N mounts filesystems anyway Message-ID: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> Date: Sat, 17 Jun 2017 17:00:44 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 00:00:46 -0000 I need to import a pool without mounting its filesystems, but when I use the -N argument to zpool import to, per the man page, "Import the pool without mounting any file systems", it mounts the filesystems anyway. I've tried search for an answer to this, but the question is too ambiguous to get a decent search result. How do I tell ZFS to not mount anything on import? From owner-freebsd-questions@freebsd.org Sun Jun 18 04:00:02 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6DBFDD880AD for ; Sun, 18 Jun 2017 04:00:02 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A16BC82413 for ; Sun, 18 Jun 2017 04:00:01 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sat, 17 Jun 2017 20:59:54 -0700 Subject: Re: zpool import -N mounts filesystems anyway To: freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: David Christensen Message-ID: Date: Sat, 17 Jun 2017 20:59:53 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 04:00:07 -0000 On 06/17/17 17:00, Mel Pilgrim wrote: > I need to import a pool without mounting its filesystems, but when I use > the -N argument to zpool import to, per the man page, "Import the pool > without mounting any file systems", it mounts the filesystems anyway. > > I've tried search for an answer to this, but the question is too > ambiguous to get a decent search result. > > How do I tell ZFS to not mount anything on import? Which version of FreeBSD? 2017-06-17 20:55:17 dpchrist@freebsd ~ $ freebsd-version 11.0-RELEASE-p10 2017-06-17 20:55:19 dpchrist@freebsd ~ $ uname -a FreeBSD freebsd 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9 #0: Tue Apr 11 08:42:58 UTC 2017 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 My man 8 zpool shows three forms for import: zpool import [-d dir | -c cachefile] [-D] zpool import [-o mntopts] [-o property=value] ... [-d dir | -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n]] -a zpool import [-o mntopts] [-o property=value] ... [-d dir | -c cachefile] [-D] [-f] [-m] [-N] [-R root] [-F [-n]] pool | id [newpool] Only the latter two offer -N. It might help if you showed your console session -- exact command, exact output. David From owner-freebsd-questions@freebsd.org Sun Jun 18 08:24:11 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 000BED8BD5D for ; Sun, 18 Jun 2017 08:24:10 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [208.111.40.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E153A6410A for ; Sun, 18 Jun 2017 08:24:10 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (unknown [IPv6:2601:1c2:1401:9956:21c:c0ff:fe7f:96ee]) by echo.brtsvcs.net (Postfix) with ESMTPS id BDD5650005; Sun, 18 Jun 2017 08:24:09 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id B21F7436; Sun, 18 Jun 2017 01:24:08 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: Mel Pilgrim Message-ID: Date: Sun, 18 Jun 2017 01:24:15 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 08:24:11 -0000 On 06/17/2017 20:59, David Christensen wrote: > On 06/17/17 17:00, Mel Pilgrim wrote: >> I need to import a pool without mounting its filesystems, but when I use >> the -N argument to zpool import to, per the man page, "Import the pool >> without mounting any file systems", it mounts the filesystems anyway. >> >> I've tried search for an answer to this, but the question is too >> ambiguous to get a decent search result. >> >> How do I tell ZFS to not mount anything on import? > > Which version of FreeBSD? 11.0-RELEASE-p7 The pools and filesystems are all at current feature sets and versions. > My man 8 zpool shows three forms for import: > > zpool import [-d dir | -c cachefile] [-D] > zpool import [-o mntopts] [-o property=value] ... [-d dir | -c > cachefile] > [-D] [-f] [-m] [-N] [-R root] [-F [-n]] -a > zpool import [-o mntopts] [-o property=value] ... [-d dir | -c > cachefile] > [-D] [-f] [-m] [-N] [-R root] [-F [-n]] pool | id [newpool] > > > Only the latter two offer -N. Both forms that accept -N use it to import without mounting any filesystems. > It might help if you showed your console session -- exact command, exact > output. # zpool list backupA cannot open 'backupA': no such pool # zpool import -N backupA # zpool list backupA NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT backupA 696G 189G 507G - 1% 27% 1.00x ONLINE - # zfs list backupA NAME USED AVAIL REFER MOUNTPOINT backupA 189G 486G 22K /backup-ext/backupA # zfs get canmount,mountpoint backupA NAME PROPERTY VALUE SOURCE backupA canmount on local backupA mountpoint /backup-ext/backupA local It appears -N is ignored and the presence of canmount=on and mountpoint being set results in automatic mounting regardless of whether or not -N is given to the zpool import command. The expected behaviour is that -N overrides canmount and mountpoint, leaving all filesystems in the pool unmounted. Currently, I work around this by setting mountpoint=none at the root prior to exporting (all datasets inherit mountpoint). I would prefer to leave mountpoint set so that the automated task that uses the pools just has to import and export them without twiddling properties. From owner-freebsd-questions@freebsd.org Sun Jun 18 08:42:20 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F0048D8C0DD for ; Sun, 18 Jun 2017 08:42:20 +0000 (UTC) (envelope-from cameron@firstadwords.com) Received: from a2nlsmtp01-04.prod.iad2.secureserver.net (a2nlsmtp01-04.prod.iad2.secureserver.net [198.71.225.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AE0C8646FE for ; Sun, 18 Jun 2017 08:42:20 +0000 (UTC) (envelope-from cameron@firstadwords.com) Received: from a2plcpnl0648.prod.iad2.secureserver.net ([198.71.234.7]) by : HOSTING RELAY : with SMTP id MVlfdEA6wj2qzMVlfdBMBx; Sun, 18 Jun 2017 01:41:11 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=firstadwords.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:Message-ID:Subject:Reply-To:From:To:Date:Sender:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=mzYasSXhK96q4yTDzdxff/Wkr0dwHIUchl9nZlfzQzo=; b=T0hZy/E07OKa+Bm6s3osirr4jV Bxrx5mI6HLGsn1nYKl6/sd7ARsA5Ilwl1/uK//XSxcKZlRJzXd7FOza4xPPXsV9CdPA7i5yAsEz8V GNx+huCcfAVh3qaNWoeYhkB15I/el0wJzuWv0tzCSMJISiiXv2AM6SypcKQ4MWL3aYgrkPwKiNTEE hzDOz1gfkoSDAeRgzunaZwSrefzZntz4CuQN2uQBmENXthTFsg/EiVs5FFj/V397rh6R2LQCXpetM H9UjbkdpFGz8BH6w3+LmpBLUIaPg9qJEB1/JxmeSu+5lFrwcgY3bBUfcuAJXP4Vneibu7Y2ELy7Y/ efYDzVjg==; Received: from [127.0.0.1] (port=48369 helo=firstadwords.com) by a2plcpnl0648.prod.iad2.secureserver.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.88) (envelope-from ) id 1dMVle-0008jC-Ud for freebsd-questions@freebsd.org; Sun, 18 Jun 2017 01:41:10 -0700 Date: Sun, 18 Jun 2017 08:41:05 +0000 To: "freebsd-questions@freebsd.org" From: "cameron@firstadwords.com" Reply-To: "cameron@firstadwords.com" Subject: Freebsd-questions, More durable traffic for keywords Message-ID: <5b5de6adae9e3df662a9c464ebf1d152@firstadwords.com> X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer) MIME-Version: 1.0 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - a2plcpnl0648.prod.iad2.secureserver.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - firstadwords.com X-Get-Message-Sender-Via: a2plcpnl0648.prod.iad2.secureserver.net: authenticated_id: cameron@firstadwords.com X-Authenticated-Sender: a2plcpnl0648.prod.iad2.secureserver.net: cameron@firstadwords.com X-Source: X-Source-Args: X-Source-Dir: X-CMAE-Envelope: MS4wfFNveSog7jE6Pq3eoO29KTx8OLEaNFFpz0nIOhngRnWdxNvCZciqIB41a2ZDV0HyfiKm1shmdruiUPhQrlL0a60HoEJeqKOUTqVQKUjWgMj4FXQmmViB Ri26OFqcK2DKL1mE1ReoAPWTlr81c1DE55amsODk8sY2nq9dN1jhWty+f7urdt5BH1nmE8OXtdNSP13R7B6bpmWty1MX5nShKka0lUHVXK+QirJGTSPzKNk7 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 08:42:21 -0000 Hello Freebsd-questions! When a customer is looking for a product, service, promotion, or anything from anywhere in the world, he or she is likely going to search for it on search engines. We can help that customer to find you and your Adwords will be found. We can place your website on top of Google, Yahoo, Bing and other search engines without paying for each click on your banner or link during full year with your keywords. You can see how it looks like in 3 easy steps: - Go to our website and click on DEMO page; - Type in your web address freebsd org and keyword; - Click VIEW ONLINE DEMO and see results; Best Wishes, Cameron Brown From owner-freebsd-questions@freebsd.org Sun Jun 18 18:59:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 47C4FD8BC62 for ; Sun, 18 Jun 2017 18:59:10 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 393EC788B9 for ; Sun, 18 Jun 2017 18:59:10 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sun, 18 Jun 2017 11:59:08 -0700 To: freebsd-questions@freebsd.org From: David Christensen Subject: tar: Failed to open '/dev/sa0' Message-ID: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> Date: Sun, 18 Jun 2017 11:59:07 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 18:59:10 -0000 FreeBSD questions: I use GNU tar to backup files. Here is an example on Linux: 2017-06-18 11:46:01 dpchrist@jesse ~ $ cat /etc/debian_version 8.8 2017-06-18 11:46:31 dpchrist@jesse ~ $ uname -a Linux jesse 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2 (2017-04-30) x86_64 GNU/Linux 2017-06-18 11:46:33 dpchrist@jesse ~ $ echo $SHELL /bin/bash 2017-06-18 11:47:33 dpchrist@jesse ~ $ bash --version GNU bash, version 4.3.30(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. 2017-06-18 11:49:02 dpchrist@jesse ~ $ tar --version tar (GNU tar) 1.27.1 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later . This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by John Gilmore and Jay Fenlason. 2017-06-18 11:53:31 dpchrist@jesse ~ $ tar c .icedove > dpchrist-icedove-20170618.tar 2017-06-18 11:53:54 dpchrist@jesse ~ $ ls -l dpchrist-icedove-20170618.tar -rw-r--r-- 1 dpchrist dpchrist 363581440 Jun 18 11:53 dpchrist-icedove-20170618.tar GNU tar fails on FreeBSD: 2017-06-18 11:48:23 dpchrist@freebsd ~ $ freebsd-version 11.0-RELEASE-p10 2017-06-18 11:48:28 dpchrist@freebsd ~ $ uname -a FreeBSD freebsd 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9 #0: Tue Apr 11 08:42:58 UTC 2017 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 2017-06-18 11:48:29 dpchrist@freebsd ~ $ echo $SHELL /usr/local/bin/bash 2017-06-18 11:48:53 dpchrist@freebsd ~ $ bash --version GNU bash, version 4.4.5(0)-release (i386-portbld-freebsd11.0) Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. 2017-06-18 11:52:11 dpchrist@freebsd ~ $ gtar --version tar (GNU tar) 1.29 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later . This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Written by John Gilmore and Jay Fenlason. 2017-06-18 11:52:44 dpchrist@freebsd ~ $ gtar c .thunderbird > dpchrist-thunderbird-20170618.tar gtar: /dev/sa0: Cannot open: Operation not supported gtar: Error is not recoverable: exiting now BSD tar also fails: 2017-06-18 11:52:56 dpchrist@freebsd ~ $ tar --version bsdtar 3.2.1 - libarchive 3.2.1 zlib/1.2.8 liblzma/5.2.2 bz2lib/1.0.6 2017-06-18 11:53:14 dpchrist@freebsd ~ $ tar c .thunderbird > dpchrist-thunderbird-20170618.tar tar: Failed to open '/dev/sa0' What's the problem? David From owner-freebsd-questions@freebsd.org Sun Jun 18 20:19:42 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 19AD7D8D016 for ; Sun, 18 Jun 2017 20:19:42 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 085267A905 for ; Sun, 18 Jun 2017 20:19:41 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sun, 18 Jun 2017 13:19:39 -0700 Subject: Re: zpool import -N mounts filesystems anyway To: freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: David Christensen Message-ID: Date: Sun, 18 Jun 2017 13:19:38 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:19:42 -0000 On 06/18/17 01:24, Mel Pilgrim wrote: > 11.0-RELEASE-p7 > The pools and filesystems are all at current feature sets and versions. Your BSD appears to be out of date: 2017-06-18 12:47:54 dpchrist@freebsd ~ $ freebsd-version 11.0-RELEASE-p10 2017-06-18 13:06:16 dpchrist@freebsd ~ $ uname -a FreeBSD freebsd 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9 #0: Tue Apr 11 08:42:58 UTC 2017 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 > # zpool list backupA > cannot open 'backupA': no such pool > # zpool import -N backupA > # zpool list backupA > NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH > ALTROOT > backupA 696G 189G 507G - 1% 27% 1.00x ONLINE - > # zfs list backupA > NAME USED AVAIL REFER MOUNTPOINT > backupA 189G 486G 22K /backup-ext/backupA > # zfs get canmount,mountpoint backupA > NAME PROPERTY VALUE SOURCE > backupA canmount on local > backupA mountpoint /backup-ext/backupA local > > > It appears -N is ignored and the presence of canmount=on and mountpoint > being set results in automatic mounting regardless of whether or not -N > is given to the zpool import command. The expected behaviour is that -N > overrides canmount and mountpoint, leaving all filesystems in the pool > unmounted. > > Currently, I work around this by setting mountpoint=none at the root > prior to exporting (all datasets inherit mountpoint). I would prefer to > leave mountpoint set so that the automated task that uses the pools just > has to import and export them without twiddling properties. I will assume 'mount' and 'ls /backup-ext' show the file system as mounted. Checking the zfs properties documentation: https://docs.oracle.com/cd/E23824_01/html/821-1448/gazss.html#gdrcf Setting the canmount property to noauto means that the file system can only be mounted explicitly, not automatically. Have you tried setting canmount to noauto? David From owner-freebsd-questions@freebsd.org Sun Jun 18 20:27:53 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5AB8D8D314 for ; Sun, 18 Jun 2017 20:27:53 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: from mail-lf0-x22f.google.com (mail-lf0-x22f.google.com [IPv6:2a00:1450:4010:c07::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3BCAC7AD1B for ; Sun, 18 Jun 2017 20:27:53 +0000 (UTC) (envelope-from fernando.apesteguia@gmail.com) Received: by mail-lf0-x22f.google.com with SMTP id m77so45596542lfe.0 for ; Sun, 18 Jun 2017 13:27:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ZKAnTF2djAjhA0s9iwMmEzDFhZ5g+hGyoJ/Dz3v4Rxs=; b=rt1tfPDnlIV8KQjFM9gYD+ovSxSi4+36eLG2zCY1KKED4AE1iZcGWaF1hkQkfqG3w9 IU2bpf9KB56AQcJZS2KUQc85uK9+AkCcz+7ztCT5PYAauOgBBONoZNCampsf6Wq4MB0r 0J33vxUN7h4UdD4fgjUeWMZLE3HoI1PNoPQmr5RZzx7HBd0Wxfp45ByeZir3128H7+Hw u+4KQBe6HbY6FOmUN2ewIp70nJaCtsbHpO2kOi+caUPTfVjSq56RD2lGUbgJtsD6gBmR 1NyvCo8KwDbXav8dsCjSOykARVFSh/W08qTIPgKoWhuteU41IIYGKFVmvJ6qVbBlcAU8 pksg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ZKAnTF2djAjhA0s9iwMmEzDFhZ5g+hGyoJ/Dz3v4Rxs=; b=Ye5cdfPKQ416sc2OPlqusJhmk5TB9FaHa90tgWg+ZEk4eMY4Wo1H706rrAY6NXD5Sp TKlY86tr8TafhrBTE83rfrVXi8NHWJ3c4WzyR5Z9d86pmF9Tk1HnovUpjae6SO+csWp4 RwglB2SVgcNZuuGUAIPiCYl9/LDf4MczhBs0H1zEeFgAC4k9rErtxU+Skgp2oWUAX3yf n8QOpZqtaeoVI0LgdUPXcqPdwfzSqBjupqDX1RM1b1neqGThhu78PUH7ASPRpCtXd35P FxaXPr1Rp3FOm0CaWTNz+uDp4ZaAznDJyZM27H31f/Lcn0two0quzQtk2EeDnltuAghQ zJnQ== X-Gm-Message-State: AKS2vOzi/Oz/ddtuaUHpY+cO3N3A2xHymLuozQCJA2AE5ElXxDbI59kK OobJqZ8Kg7Y496fcoATyApBSq+YYFg== X-Received: by 10.25.201.12 with SMTP id z12mr6509775lff.153.1497817670289; Sun, 18 Jun 2017 13:27:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.25.196.88 with HTTP; Sun, 18 Jun 2017 13:27:49 -0700 (PDT) In-Reply-To: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> From: =?UTF-8?Q?Fernando_Apestegu=C3=ADa?= Date: Sun, 18 Jun 2017 22:27:49 +0200 Message-ID: Subject: Re: tar: Failed to open '/dev/sa0' To: David Christensen Cc: User Questions Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:27:53 -0000 On Sun, Jun 18, 2017 at 8:59 PM, David Christensen wrote: > FreeBSD questions: > > I use GNU tar to backup files. Here is an example on Linux: > > 2017-06-18 11:46:01 dpchrist@jesse ~ > $ cat /etc/debian_version > 8.8 > > 2017-06-18 11:46:31 dpchrist@jesse ~ > $ uname -a > Linux jesse 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2 (2017-04-30) x86_64 > GNU/Linux > > 2017-06-18 11:46:33 dpchrist@jesse ~ > $ echo $SHELL > /bin/bash > > 2017-06-18 11:47:33 dpchrist@jesse ~ > $ bash --version > GNU bash, version 4.3.30(1)-release (x86_64-pc-linux-gnu) > Copyright (C) 2013 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > > > This is free software; you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > 2017-06-18 11:49:02 dpchrist@jesse ~ > $ tar --version > tar (GNU tar) 1.27.1 > Copyright (C) 2013 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > . > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > Written by John Gilmore and Jay Fenlason. > > 2017-06-18 11:53:31 dpchrist@jesse ~ > $ tar c .icedove > dpchrist-icedove-20170618.tar > > 2017-06-18 11:53:54 dpchrist@jesse ~ > $ ls -l dpchrist-icedove-20170618.tar > -rw-r--r-- 1 dpchrist dpchrist 363581440 Jun 18 11:53 > dpchrist-icedove-20170618.tar > > > GNU tar fails on FreeBSD: > > 2017-06-18 11:48:23 dpchrist@freebsd ~ > $ freebsd-version > 11.0-RELEASE-p10 > > 2017-06-18 11:48:28 dpchrist@freebsd ~ > $ uname -a > FreeBSD freebsd 11.0-RELEASE-p9 FreeBSD 11.0-RELEASE-p9 #0: Tue Apr 11 > 08:42:58 UTC 2017 > root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 > > 2017-06-18 11:48:29 dpchrist@freebsd ~ > $ echo $SHELL > /usr/local/bin/bash > > 2017-06-18 11:48:53 dpchrist@freebsd ~ > $ bash --version > GNU bash, version 4.4.5(0)-release (i386-portbld-freebsd11.0) > Copyright (C) 2016 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > > > This is free software; you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > 2017-06-18 11:52:11 dpchrist@freebsd ~ > $ gtar --version > tar (GNU tar) 1.29 > Copyright (C) 2015 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later > . > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. > > Written by John Gilmore and Jay Fenlason. > > 2017-06-18 11:52:44 dpchrist@freebsd ~ > $ gtar c .thunderbird > dpchrist-thunderbird-20170618.tar > gtar: /dev/sa0: Cannot open: Operation not supported > gtar: Error is not recoverable: exiting now > > > BSD tar also fails: > > 2017-06-18 11:52:56 dpchrist@freebsd ~ > $ tar --version > bsdtar 3.2.1 - libarchive 3.2.1 zlib/1.2.8 liblzma/5.2.2 bz2lib/1.0.6 > > 2017-06-18 11:53:14 dpchrist@freebsd ~ > $ tar c .thunderbird > dpchrist-thunderbird-20170618.tar > tar: Failed to open '/dev/sa0' I never used redirection that way with bsdtar. Can't you use -f? Cheers. > > > What's the problem? > > > David > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Sun Jun 18 20:27:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 07723D8D31F; Sun, 18 Jun 2017 20:27:57 +0000 (UTC) (envelope-from solene@perso.pw) Received: from perso.pw (perso.pw [163.172.223.238]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "perso.pw", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 53D9F7AD1D; Sun, 18 Jun 2017 20:27:56 +0000 (UTC) (envelope-from solene@perso.pw) Received: from perso.pw (localhost [127.0.0.1]) by perso.pw (OpenSMTPD) with ESMTP id a91d2721; Sun, 18 Jun 2017 22:21:12 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=perso.pw; h=mime-version :content-type:content-transfer-encoding:date:from:to:cc:subject :in-reply-to:references:message-id; s=1337; bh=7iw63JIDZalVvzuY8 Ak3VCBDd9Y=; b=NriawFUlN20xS7kCbq3jtsUjHLEp48zwsP4BX3xUCebZVt6Rb kpenlnQypylqYGKxubpvALFL/9lJJH89zqZ+psfUnG0F8vog7ePuf7w7TMriQyRS nZLduzLG8kWY62+kl+EUCmrDjlCcr2QdjnPGv+BHz3IKIeK/grOk/LSpao= DomainKey-Signature: a=rsa-sha1; c=nofws; d=perso.pw; h=mime-version :content-type:content-transfer-encoding:date:from:to:cc:subject :in-reply-to:references:message-id; q=dns; s=1337; b=Q5hSHSK2TB7 Y/fnVGMXqgWfuQC4U8ZinUzLuB7IexgkIkQjK4Npehnh9Xc4WTUh8gIubVPXBOr/ EhWwy2srQ9sYb+W0bIPNghCdKxSR62/WGffTiExNTK+xcwS1WlE2h+z99Cnve/Df rJK5d/tnTgUPnDya2d4byYlAtIwPDr1I= Received: from tesseract.perso.pw (localhost [127.0.0.1]) by perso.pw (OpenSMTPD) with ESMTP id 02dd6516; Sun, 18 Jun 2017 22:21:12 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Sun, 18 Jun 2017 22:21:12 +0200 From: =?UTF-8?Q?Sol=C3=A8ne_Rapenne?= To: David Christensen Cc: freebsd-questions@freebsd.org, owner-freebsd-questions@freebsd.org Subject: Re: tar: Failed to open '/dev/sa0' In-Reply-To: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> Message-ID: <9fa11efc8dc815b02b53565e468c7eb6@perso.pw> X-Sender: solene@perso.pw User-Agent: Roundcube Webmail/1.2.4 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:27:57 -0000 Je 2017-06-18 20:59, David Christensen skribis: > FreeBSD questions: > > > BSD tar also fails: > > 2017-06-18 11:52:56 dpchrist@freebsd ~ > $ tar --version > bsdtar 3.2.1 - libarchive 3.2.1 zlib/1.2.8 liblzma/5.2.2 bz2lib/1.0.6 > > 2017-06-18 11:53:14 dpchrist@freebsd ~ > $ tar c .thunderbird > dpchrist-thunderbird-20170618.tar > tar: Failed to open '/dev/sa0' > > > What's the problem? > > hello, I think the syntax should be tar cf - .thunderbird > output.tar or tar cf output.tar .thunderbird /dev/sd0 is a tape device IIRC, tar assume you want to save to a tape by default, that's why you have to use the f flag (to a file or to standard output) From owner-freebsd-questions@freebsd.org Sun Jun 18 20:37:24 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CDE4AD8D806 for ; Sun, 18 Jun 2017 20:37:24 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id BDDF47B219 for ; Sun, 18 Jun 2017 20:37:24 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sun, 18 Jun 2017 13:37:23 -0700 From: David Christensen Subject: Re: tar: Failed to open '/dev/sa0' To: freebsd-questions@freebsd.org References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> <9fa11efc8dc815b02b53565e468c7eb6@perso.pw> Message-ID: Date: Sun, 18 Jun 2017 13:37:22 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <9fa11efc8dc815b02b53565e468c7eb6@perso.pw> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:37:24 -0000 On 06/18/17 13:21, Solène Rapenne wrote: > Je 2017-06-18 20:59, David Christensen skribis: >> 2017-06-18 11:53:14 dpchrist@freebsd ~ >> $ tar c .thunderbird > dpchrist-thunderbird-20170618.tar >> tar: Failed to open '/dev/sa0' > I think the syntax should be > > tar cf - .thunderbird > output.tar > > or > > tar cf output.tar .thunderbird > > /dev/sd0 is a tape device IIRC, tar assume you want to save to a tape > by default, that's why you have to use the f flag (to a file or to > standard output) Yes -- thank you: 2017-06-18 13:31:20 dpchrist@freebsd ~ $ tar cf - .thunderbird > output.tar 2017-06-18 13:31:37 dpchrist@freebsd ~ $ gtar cf - .thunderbird > output.gtar 2017-06-18 13:31:52 dpchrist@freebsd ~ $ ls -l output.* -rw-r--r-- 1 dpchrist dpchrist 223703040 Jun 18 13:31 output.gtar -rw-r--r-- 1 dpchrist dpchrist 223119360 Jun 18 13:31 output.tar I STFW yesterday, found that solution, and thought I had tried it. But, the tar command is issued over SSH by a Perl script running on another machine with the output piped to that other machine, so I must have confused myself with too many levels of indirection.... David From owner-freebsd-questions@freebsd.org Sun Jun 18 20:39:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 859F5D8D8FC for ; Sun, 18 Jun 2017 20:39:17 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5B5627B31C for ; Sun, 18 Jun 2017 20:39:17 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sun, 18 Jun 2017 13:39:14 -0700 Subject: Re: tar: Failed to open '/dev/sa0' To: freebsd-questions@freebsd.org References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> From: David Christensen Message-ID: <0b533dd2-7c96-cccb-43bb-3540407e881c@holgerdanske.com> Date: Sun, 18 Jun 2017 13:39:14 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:39:17 -0000 On 06/18/17 13:27, Fernando Apesteguía wrote: > I never used redirection that way with bsdtar. Can't you use -f? The tar command is issued over SSH by a Perl script running on another machine (backup/archive server) with the output piped to that other machine. David From owner-freebsd-questions@freebsd.org Sun Jun 18 20:48:31 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AB2A8D8DB9F for ; Sun, 18 Jun 2017 20:48:31 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay11.qsc.de (mailrelay11.qsc.de [212.99.187.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EFC3D7B717 for ; Sun, 18 Jun 2017 20:48:29 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay11.qsc.de; Sun, 18 Jun 2017 22:48:15 +0200 Received: from r56.edvax.de (port-92-195-68-124.dynamic.qsc.de [92.195.68.124]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id ED8763CBF9; Sun, 18 Jun 2017 22:48:14 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v5IKmDjL002729; Sun, 18 Jun 2017 22:48:13 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sun, 18 Jun 2017 22:48:13 +0200 From: Polytropon To: David Christensen Cc: freebsd-questions@freebsd.org Subject: Re: tar: Failed to open '/dev/sa0' Message-Id: <20170618224813.4b11a480.freebsd@edvax.de> In-Reply-To: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay11.qsc.de with 3C7566A3562 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1291 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 20:48:31 -0000 On Sun, 18 Jun 2017 11:59:07 -0700, David Christensen wrote: > 2017-06-18 11:52:44 dpchrist@freebsd ~ > $ gtar c .thunderbird > dpchrist-thunderbird-20170618.tar > gtar: /dev/sa0: Cannot open: Operation not supported > gtar: Error is not recoverable: exiting now > > > BSD tar also fails: > > 2017-06-18 11:52:56 dpchrist@freebsd ~ > $ tar --version > bsdtar 3.2.1 - libarchive 3.2.1 zlib/1.2.8 liblzma/5.2.2 bz2lib/1.0.6 > > 2017-06-18 11:53:14 dpchrist@freebsd ~ > $ tar c .thunderbird > dpchrist-thunderbird-20170618.tar > tar: Failed to open '/dev/sa0' > > > What's the problem? The problem is that you didn't provide a file name. In this case, tar will default to $TAPE (if set), or the system's default tape drive, which is /dev/sa0 (sequential access #0). A file is provided along with the "f" parameter: $ tar cf dpchrist-thunderbird-20170618.tar .thunderbird If you want redirection, you can use "tar cf -" (output to stdout): $ tar cf - .thunderbird > dpchrist-thunderbird-20170618.tar The order doesn't matter ("tar cf" equals "tar fc"), but the file name required by "f" has to be provided prior to the source file(s) or directory. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Sun Jun 18 21:01:14 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6EDC2D8E204 for ; Sun, 18 Jun 2017 21:01:14 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [IPv6:2607:f740:c::4ae]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 533407C32D for ; Sun, 18 Jun 2017 21:01:14 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (c-73-240-250-185.hsd1.or.comcast.net [73.240.250.185]) by echo.brtsvcs.net (Postfix) with ESMTPS id 3D87750006; Sun, 18 Jun 2017 21:01:13 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id 238CC50B; Sun, 18 Jun 2017 14:01:12 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: Mel Pilgrim Message-ID: <0859f87b-f4f2-84ee-4e47-ad5c526bce06@bluerosetech.com> Date: Sun, 18 Jun 2017 14:01:19 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 21:01:14 -0000 On 06/18/2017 13:19, David Christensen wrote: > On 06/18/17 01:24, Mel Pilgrim wrote: >> 11.0-RELEASE-p7 >> The pools and filesystems are all at current feature sets and versions. > > Your BSD appears to be out of date: All of the errata notices and security advisories between p7 and p10 do not affect me and don't involve ZFS, so I haven't rolled an update yet. > 2017-06-18 12:47:54 dpchrist@freebsd ~ > I will assume 'mount' and 'ls /backup-ext' show the file system as mounted. They do, yes. > Setting the canmount property to noauto means that the file system can > only be mounted explicitly, not automatically. I saw that, but that's not a solution. If I don't set canmount=on, I have to mount the datasets manually--a greater problem than not being able to import without mounting. In normal operation, importing the pool mounts things where they should go automatically. It makes the automated tool that uses these pools simpler and lets me use features of ZFS to manage the datasets and when/where they're used. I'm seeking a way to temporarily override canmount=on without twiddling ZFS properties, and the documented meaning of -N appears to be that, but isn't doing what I interpret the document says it should do. Is -N not meant to temporarily override canmount? From owner-freebsd-questions@freebsd.org Sun Jun 18 21:45:08 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E0DD7D8EFAA for ; Sun, 18 Jun 2017 21:45:08 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from mail.inka.de (quechua.inka.de [IPv6:2a04:c9c7:0:1073:217:a4ff:fe3b:e77c]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A637B7D96A for ; Sun, 18 Jun 2017 21:45:08 +0000 (UTC) (envelope-from news@mips.inka.de) Received: from mips.inka.de (news@[127.0.0.1]) by mail.inka.de with uucp (rmailwrap 0.5) id 1dMi0H-0003yk-GY; Sun, 18 Jun 2017 23:45:05 +0200 Received: from lorvorc.mips.inka.de (localhost [127.0.0.1]) by lorvorc.mips.inka.de (8.15.2/8.15.2) with ESMTP id v5ILetIY001422 for ; Sun, 18 Jun 2017 23:40:55 +0200 (CEST) (envelope-from news@lorvorc.mips.inka.de) Received: (from news@localhost) by lorvorc.mips.inka.de (8.15.2/8.15.2/Submit) id v5ILetFP001421 for freebsd-questions@freebsd.org; Sun, 18 Jun 2017 23:40:55 +0200 (CEST) (envelope-from news) To: freebsd-questions@freebsd.org From: Christian Weisgerber Newsgroups: list.freebsd.questions Subject: Re: tar: Failed to open '/dev/sa0' Date: Sun, 18 Jun 2017 21:40:55 -0000 (UTC) Message-ID: References: <9369978e-7041-3ef9-2cb4-66555054425b@holgerdanske.com> User-Agent: slrn/1.0.3 (FreeBSD) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 21:45:09 -0000 On 2017-06-18, David Christensen wrote: > Subject: tar: Failed to open '/dev/sa0' You need to specify an archive file with the f flag, e.g. $ tar cf dpchrist-thunderbird-20170618.tar .thunderbird Traditionally, if no archive file is specified, tar(1) accesses a tape device by default. FreeBSD's tar maintains this behavior and the FreeBSD port of gtar matches this for consistency. Use "-" as archive name if you want to read from stdin / write to stdout. -- Christian "naddy" Weisgerber naddy@mips.inka.de From owner-freebsd-questions@freebsd.org Sun Jun 18 22:32:44 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A4F80D8FAEC for ; Sun, 18 Jun 2017 22:32:44 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-it0-x236.google.com (mail-it0-x236.google.com [IPv6:2607:f8b0:4001:c0b::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 653867EEA2 for ; Sun, 18 Jun 2017 22:32:44 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by mail-it0-x236.google.com with SMTP id m47so48358553iti.0 for ; Sun, 18 Jun 2017 15:32:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=i0KeEuKTJ7XSNqbLPTUlJouxMdiJX9tO/4gy1JVWXaU=; b=pbJpALI6LAgZmQ/aWbi/2NGJfl6XVfI2kMHtDW3JRGYGmIz7KNaxGqDzfNILnEa21p PgQjJjEQlfAifEBMdKvbFTgGegZbZ/gywgjL8aUE00hjaNUITTitLMrSDGHb6oM+AfVg gJL5UwsZlXG4Dy/KTq+YK2rtK0AU7eX6YmCqTPbtNFsZmDkVKtnPgtW4zATZsIw+LYNy BrfQvRuJsJmVCBNkPpRNKCvc6FPBuuqe1IAwhal10pqETlTs06KTe0D/hsteVixIFxmv 6KXjnO+laUl+i0xIyLVYbP/1w5EKiKU7WWxJV+Su0pHgPghcJWJaTi85C8urxeA+yQai qMSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=i0KeEuKTJ7XSNqbLPTUlJouxMdiJX9tO/4gy1JVWXaU=; b=FPyY5LErvcTKCcJ3qNNsgj+CdWrxNKhR4e8Ws039TH+tHtS0n9R9AA+qUZa13fi5cX 6Iowcl6JPm/6EWI+qp75eRwniyBjqJd9agH9hWwFjBmrwYJm6shmi1wLwk1Xf32/e98A ZOHA1e9CBYdEblGOdiIItxyKxo3FhQ2WpmHgJfKwY4MX/hSTH4ENmmHMMOAXoXaeIU9F YOh+VS3DHMB022BJMdTg05KG7Jj6dJo7FbQhmnUqBZ9q6CDk2ttJD5fPWjauAxC4kNI2 XNctEa7PJvKY4Ih8+fCqXgxAOsZ1FL0tqSb6pNmoj+DTOuXU72ZHjEiL36n8grlFnAHc us8w== X-Gm-Message-State: AKS2vOxtsVmHp5ucs6On/Cw/DtKwXR3vNHMhL1dOiIiAEoDm09e0O/GU VilfrXFmljbH8NF3ZAA5qdktXTVyiA== X-Received: by 10.36.161.67 with SMTP id n3mr19770970iti.7.1497825163820; Sun, 18 Jun 2017 15:32:43 -0700 (PDT) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.10.86 with HTTP; Sun, 18 Jun 2017 15:32:23 -0700 (PDT) In-Reply-To: <20170611081000.0916e602.freebsd@edvax.de> References: <44y3t19e5i.fsf@lowell-desk.lan> <872fe20f-fece-9980-2c8f-10e9492ab786@columbus.rr.com> <20170610052351.000ca108.freebsd@edvax.de> <20170611001151.d3d76bf8.freebsd@edvax.de> <9c41c5df-9874-3e37-8f8c-f58c63419887@columbus.rr.com> <20170611081000.0916e602.freebsd@edvax.de> From: Ed Maste Date: Sun, 18 Jun 2017 18:32:23 -0400 X-Google-Sender-Auth: 5tC8Np5XnDdVM-zGbOe6PTf1wOo Message-ID: Subject: Re: Building base source To: Polytropon Cc: Baho Utot , FreeBSD Questions Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jun 2017 22:32:44 -0000 On 11 June 2017 at 02:10, Polytropon wrote: > > That is a precise answer, thank you. It illustrates very well > the difference between the security concepts implemented in > FreeBSD vs. in Linux. The install* targets require root access > (because that's what they do: they install stuff to the location > given in DESTDIR, and doing "root only stuff" belongs to that > task). It seems to be impossible to run the install* targets > as a non-root user (except you modify the parts that require > root permissions manually). In fact you can run the install targets without root, with something like: make -DNO_ROOT DESTDIR=/some/path \ installworld installkernel distribution but the installed files won't be directly usable, because none of the "root only" tasks will have been performed. The -DNO_ROOT installation will create a METALOG file in the destdir which can be used with makefs to create a filesystem image. From owner-freebsd-questions@freebsd.org Mon Jun 19 03:17:45 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 014D3D93E65 for ; Mon, 19 Jun 2017 03:17:45 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [208.111.40.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D0F5E60 for ; Mon, 19 Jun 2017 03:17:43 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (unknown [IPv6:2601:1c2:1401:9956:21c:c0ff:fe7f:96ee]) by echo.brtsvcs.net (Postfix) with ESMTPS id 85A9C50005; Mon, 19 Jun 2017 03:17:37 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id 97A9A54E; Sun, 18 Jun 2017 20:17:36 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: Mel Pilgrim Message-ID: <1f776896-9b34-1a60-3bbe-9850ca940315@bluerosetech.com> Date: Sun, 18 Jun 2017 20:17:44 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 03:17:45 -0000 On 06/18/2017 13:19, David Christensen wrote: > > Have you tried setting canmount to noauto? It also doesn't work as expected. # zfs get -r canmount,mountpoint backupA NAME PROPERTY VALUE SOURCE backupA canmount noauto local backupA mountpoint /backup-ext/backupA local backupA/z0 canmount noauto local backupA/z0 mountpoint /backup-ext/backupA/z0 inherited from backupA # zpool export backupA # zpool import backupA # zfs list -ro name,mounted,mountpoint backupA NAME MOUNTED MOUNTPOINT backupA yes /backup-ext/backupA backupA/z0 no /backup-ext/backupA/z0 Despite canmount=noauto, ZFS mounted the root dataset automatically anyway. The only way I know of to guarantee a dataset won't be mounted on import, despite documentation to the contrary, is to make sure it has or inherits mountpoint=none. From owner-freebsd-questions@freebsd.org Mon Jun 19 04:40:03 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5E5CD9500C for ; Mon, 19 Jun 2017 04:40:03 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D3E813215 for ; Mon, 19 Jun 2017 04:40:03 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sun, 18 Jun 2017 21:40:02 -0700 Subject: Re: zpool import -N mounts filesystems anyway To: freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> <1f776896-9b34-1a60-3bbe-9850ca940315@bluerosetech.com> From: David Christensen Message-ID: <5c8398c1-9bbd-8b2e-a0b1-319e9476b052@holgerdanske.com> Date: Sun, 18 Jun 2017 21:40:01 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <1f776896-9b34-1a60-3bbe-9850ca940315@bluerosetech.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 04:40:04 -0000 On 06/18/17 20:17, Mel Pilgrim wrote: > Despite canmount=noauto, ZFS mounted the root dataset automatically > anyway. The only way I know of to guarantee a dataset won't be mounted > on import, despite documentation to the contrary, is to make sure it has > or inherits mountpoint=none. So, you've discovered either a bug or a feature. Perhaps you should file a bug report and see if you can get clarification. David From owner-freebsd-questions@freebsd.org Mon Jun 19 05:28:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E7CB0D95E7C for ; Mon, 19 Jun 2017 05:28:25 +0000 (UTC) (envelope-from lists@nerdbynature.de) Received: from trent.utfs.org (trent.utfs.org [IPv6:2a03:3680:0:3::67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B140A648BE for ; Mon, 19 Jun 2017 05:28:25 +0000 (UTC) (envelope-from lists@nerdbynature.de) Received: from localhost (localhost [IPv6:::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by trent.utfs.org (Postfix) with ESMTPS id C838C5FF50; Mon, 19 Jun 2017 07:28:22 +0200 (CEST) Date: Sun, 18 Jun 2017 22:28:22 -0700 (PDT) From: Christian Kujau To: Mel Pilgrim cc: David Christensen , freebsd-questions@freebsd.org Subject: Re: zpool import -N mounts filesystems anyway In-Reply-To: Message-ID: References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> User-Agent: Alpine 2.21.1 (DEB 211 2017-05-04) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 05:28:26 -0000 On Sun, 18 Jun 2017, Mel Pilgrim wrote: > # zpool list backupA > cannot open 'backupA': no such pool > # zpool import -N backupA > # zpool list backupA > NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT > backupA 696G 189G 507G - 1% 27% 1.00x ONLINE - > # zfs list backupA > NAME USED AVAIL REFER MOUNTPOINT > backupA 189G 486G 22K /backup-ext/backupA Are you sure that the pool is actually mounted at this point? On that Solaris 11.3 machine: solaris0# zpool import -N foo solaris0# zfs list foo NAME USED AVAIL REFER MOUNTPOINT foo 94K 9.78G 31K /mnt/foo solaris0# df -h /mnt/foo/ Filesystem Size Used Available Capacity Mounted on rpool/ROOT/solaris 9.8G 3.3G 872M 80% / So, "zfs list" only lists the mountpoint-to-be: solaris0# zfs list -o mountpoint,mounted foo MOUNTPOINT MOUNTED /mnt/foo no HTH, Christian. -- BOFH excuse #17: fat electrons in the lines From owner-freebsd-questions@freebsd.org Mon Jun 19 13:14:20 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9BCD3D9CB1B for ; Mon, 19 Jun 2017 13:14:20 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 6E80E7423D for ; Mon, 19 Jun 2017 13:14:20 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.15.2/8.15.2) with ESMTPS id v5JDE92Z035734 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 19 Jun 2017 07:14:09 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.15.2/8.15.2/Submit) with ESMTP id v5JDE7RH035636; Mon, 19 Jun 2017 07:14:09 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Mon, 19 Jun 2017 07:14:07 -0600 (MDT) From: Warren Block To: Frank Leonhardt cc: freebsd-questions@freebsd.org Subject: Re: Drive labelling with ZFS - is this even a good idea? In-Reply-To: <59414689.8080605@fjl.co.uk> Message-ID: References: <03643051-38e8-87ef-64ee-5284e2567cb8@fjl.co.uk> <7fa67076-3ec8-4c25-67b9-a1b8a0aa5afc@holgerdanske.com> <59414689.8080605@fjl.co.uk> User-Agent: Alpine 2.21 (BSF 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (wonkity.com [127.0.0.1]); Mon, 19 Jun 2017 07:14:10 -0600 (MDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 13:14:20 -0000 On Wed, 14 Jun 2017, Frank Leonhardt wrote: > On 14/06/2017 03:02, David Christensen wrote: >> On 06/13/2017 04:32 PM, David Christensen wrote: >>> Both [1] and [3] discuss the fact that a given drive, partition, file >>> system, etc., can be identified in various ways, manual or automatic, >>> but the kernel will pick one and "wither" the rest. Once a GPT label is >>> set manually, other methods should be disabled via settings in >>> /boot/loader.conf and the system rebooted ([1] p. 35): >>> >>> kern.geom.label.disk_ident.enable="0" >>> kern.geom.label.gptid.enable="0" >> >> Beware that all your disks need to have GPT labels, and those labels need >> to be carried forward into /etc/fstab, etc., before you reboot, as the >> kernel won't be able to find the disks using Disk ID or GPT GUID labels >> once those methods are disabled. >> >> > > Hi David, > > It turns out that these options were set anyway. The problem turned out be be > that I was assuming that geom label played nice with GPT. It doesn't! Well it > does display labels set on GPT partitions, but it doesn't change them. It > took a look at the GPT blocks to confirm this. It does, however, mask the GPT > version with its own, sometimes, leading to much monkeyhouse. > > So ignore glabel completely and set the labels using gpart instead. Yes. glabel uses the last block for metadata. With GPT, the label is inside the partition data and does not take extra space. Nor is it vulnerable to being overwritten when someone uses the partition device name (/dev/ada0p2) rather than the label name (/dev/label/whatever). > Now FreeBSD 11.0 can flash the ident light on any drive you choose, by device > name (as used by ZFS), I'm seriously wondering if labels are worth the bother > if they can't be relied on. Consider what happen if a tech pulls two drives > and puts them back in the wrong order. ZFS will carry on regardless, but the > label will now identify the wrong slot. Dangerous! Right. This is why I question the reasoning behind static labels for location. It's really a dynamic thing. From owner-freebsd-questions@freebsd.org Mon Jun 19 16:06:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2A2DBD9FF83 for ; Mon, 19 Jun 2017 16:06:17 +0000 (UTC) (envelope-from steve@sliderule.demon.co.uk) Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0046.outbound.protection.outlook.com [104.47.1.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 693877A70D for ; Mon, 19 Jun 2017 16:06:14 +0000 (UTC) (envelope-from steve@sliderule.demon.co.uk) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=slideruledemononcasc.onmicrosoft.com; s=selector1-sliderule-demon-co-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=t3yav7gS63JWbFAhHLwChlenlcBxByguUJ7zW0dN2Vg=; b=BaSf0zXE2C0tsKChxev5zz4W+yTwCo9CKFqG9S4YrZ9xn4RoATs+4P883UNF4c+zDcOX6A6d2+zFWF1yxi8kMkdh8QU02H6RjASX8Q8DZzjJFS9DSfYCinKjQ8ezLBedhCyjUw+cLnrqQKk7FEn4D5oAEk5xk+EKx63DRe/Hngw= Authentication-Results: freebsd.org; dkim=none (message not signed) header.d=none;freebsd.org; dmarc=none action=none header.from=sliderule.demon.co.uk; Received: from [192.168.254.7] (80.177.21.188) by LOXP123MB1317.GBRP123.PROD.OUTLOOK.COM (10.166.254.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1178.14; Mon, 19 Jun 2017 16:06:11 +0000 To: FreeBSD Questions From: Steve Burton Subject: gptid, diskid and ufsid appears after power-cut and fsck Message-ID: <327b0f4d-b0b1-a6fb-cf14-da2ace020d90@sliderule.demon.co.uk> Date: Mon, 19 Jun 2017 17:06:10 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 Content-Language: en-GB X-Originating-IP: [80.177.21.188] X-ClientProxiedBy: DB6PR06CA0031.eurprd06.prod.outlook.com (10.170.208.172) To LOXP123MB1317.GBRP123.PROD.OUTLOOK.COM (10.166.254.138) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7724287d-f50a-4d01-e6d8-08d4b72d1b0f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(201703131423075); SRVR:LOXP123MB1317; X-Microsoft-Exchange-Diagnostics: 1; LOXP123MB1317; 3:vF1fOF6r0IGcI3Ojs0hNwIAJQwzzM0app2KEhtelpwUTEzWObceVdgpxzcMGqPqq8w2APUOT2MS28o44R92StB/PrLhfp1QFYoKCQdouGvZV7FQvcIxo8gEPBWiIfRCfiJW9FA+OD0/mYhu6ot0TQfulFvryNjX1Efvdt+GjOvkfnkwjlRedO+w5CTU5yh5nUzLTr18/rMyourUkwgn1iyX4NmGe1cEJrzaXGFB4YYDk8yTRy5v1e+yeXNDFXO85VUOJ/w3KW4h5b4qfsqqEZiNYy+JtFJ09Rp/3GxxHBCcX1JwNR8+DMYYqgvogj5L2; 25:cPuCD6BEtySojRt338b4wPb7G5Z0So0VmcwT3EgntXW/uBX06lWaBSwqQVeyU34Xki565YxmLDHAChpsmP5EOH69Iv2cMzmhwwsb50/fvvmtJNF4XMgR1Ge4ChA28xcJGQE3qh0zCtLSBO5onK6mYRCVmwsPMemcuYJOd2S1mao+VgaBnq8La7jWxJ1JD5f+LtTHWhh9vvT6pS2eBi9rktW0NUxHCj6J9Y3kOGg76LFGBl/lwUk7z005l2Ot5g8zp0t5OmHoZjQlVr7wiqbDxEv2KULsQiDr16MjZYupwmD5grxaJ8QfKSus5JjMEe5E/CNOyAK8Ik43nZeuCZsnZx4lGCZAG3SY4XrcowQAA3zCW6BGGU2VuqUkyZs0p0AR+MbIfGdhtFM4SqqSlrkBUJoi7iMSTO2vq66rxTvEVfmz3Lb/QMCHmRMTozheJFmBPvaclxtu5dv7i4i9VhLiT+jAkSRGk1btUF4ophYvuKI= X-MS-TrafficTypeDiagnostic: LOXP123MB1317: X-Microsoft-Exchange-Diagnostics: 1; LOXP123MB1317; 31:Jea1zj16nBnLi9neXz9Tg4uCRwyYE5DzBnCnDIAR64qJrkoOqGMut5JI9dLS3KmOiadP4EyBQVdJEpeW9UxVOSebksWcT4+GCrGbR1frIYf5ypjnk3t4fpjXifmjyR6TpG+GZMhZ7zqvWbPosTDbSk2C2LWtg1AN92z6XkdRFpedQ0Bumd6VnVFbBjcxJumjAfL4PaSHk6ZwNytHDG3ShXE6Mjcs1LmruxZ4huzBeE2lDxjNpcbUrqx4PjjP0UK4 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(158342451672863); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123560025)(2016111802025)(20161123564025)(20161123555025)(20161123558100)(6072148)(6043046)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:LOXP123MB1317; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:LOXP123MB1317; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; LOXP123MB1317; 4:WMtOKan1KN1wDrZ8YZbqPBAhqTisT5v+d4IAI3RJHO?= =?us-ascii?Q?w0vkpYP+1r/swGjoxEXLRHb28e9ahAYxaYaqpuAMNzK+DyWXv8bGjr/H605L?= =?us-ascii?Q?nZ86eA5wIBeZGE/+3vpgDzwx9utKNkNJmJYAg1FKv59iFYt8uEuy5n0WgE61?= =?us-ascii?Q?Hiq4/ZokvRTN9zTQW9cS6+Zcw8PH2hWebcPvzUj/XcA6UWyo6YElfevu3Mx0?= =?us-ascii?Q?gr7qTE6XeDOGDavXZpa4V7TtOUKop3pU8EGFd1OO301CO/dE90u/kJf2I9j1?= =?us-ascii?Q?xRmgqj4DDqAq0MZ9lJPgDOc65A/jYvLByLTAVpv9wpqoGhn3BHuZcmmwfPBI?= =?us-ascii?Q?6YoGJ0Qk9IlnHIoAdV14n7gxUWDU6Ox9NbAO4UMoTE/byNYKiqfMz1fucvl4?= =?us-ascii?Q?bM9hnpsZCBgl08jn3MiOqzT2ZKFimeNI2jWNgwML22rpA8v2fF8supr1+BlZ?= =?us-ascii?Q?AkAyLkoN+enV0keuaeQ1dNBKU/X2bTYEDhLB2fnxVost5SQGSTaOHXz7zrhv?= =?us-ascii?Q?hqTNWi0WLeNRc6Xz7n1BwFx1Bno6EbVyTZpxVQkpBp3v+a/veXa4YOosvN71?= =?us-ascii?Q?ttTkZD74HziIEsqlTi6vwmPxD2SXL0YGIgzCYsaPDUCoGwjpGkXxCOzeDFTJ?= =?us-ascii?Q?goeQtX98/8NnvBXnmyS03rryCw8L3jB95QjNQXDdtJUmNCYGmLmsWlFa/2Q3?= =?us-ascii?Q?KkJ9Tmlb5IGJBW3zajecS7LFYYV4Xt/UDcbb71+naGPMG8IOkx8PCkNOQLcC?= =?us-ascii?Q?1EI6dEDdum/ygVNuNoc+FIoAKmBgSFFsSpYihiiAW+kYom17+zKxpx2yHvDk?= =?us-ascii?Q?ErRc+fhEHQ66S+lKJwvLJ25ELWaQ1N2/weyXbBpFO2CPhFlRPoigkJbRHrB/?= =?us-ascii?Q?Eo62dYcuAVtegjt4qimfhMy5HD93h3rL4nh+G9KH+0dMgQWFGr47qv5O/1E3?= =?us-ascii?Q?JLAdcQ/AS9OTdN8FHE1EpS9hDFdr0rNR1GQAwKUedDcgZVB0JE0VeVVcwe0W?= =?us-ascii?Q?agOiSdMpFXFNuSbnYDJLDmjt7yU5Zd8/x6HmregtVBdbzYHK5o4Adt6tq4Qm?= =?us-ascii?Q?O6/GX1VahNHPTzj9jUFmOKjEw57S2Kcvp4cI7+EI+GLnH1riYScnfQJLPl1V?= =?us-ascii?Q?I0UjrPq9UiFzopUqkdMCW8k46bQCK6TESa5+vM4dGa1GF3QNyBS5OKqciD4i?= =?us-ascii?Q?0nB3vjia+YWteEMr9A+lX5mJVygEL1KA3hYyUAqtCRhBb4rsDy0KQ3aQ=3D?= =?us-ascii?Q?=3D?= X-Forefront-PRVS: 0343AC1D30 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6049001)(6009001)(39410400002)(39400400002)(39450400003)(39830400002)(40224003)(270700001)(53936002)(65806001)(6116002)(7736002)(83506001)(38730400002)(66066001)(65956001)(110136004)(84326002)(5660300001)(86362001)(117156002)(575784001)(31696002)(3846002)(65826007)(4001350100001)(478600001)(31686004)(6916009)(50986999)(8676002)(189998001)(25786009)(42186005)(77096006)(54896002)(6486002)(512874002)(42882006)(64126003)(33646002)(54356999)(2906002)(81166006)(74482002); DIR:OUT; SFP:1101; SCL:1; SRVR:LOXP123MB1317; H:[192.168.254.7]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; LOXP123MB1317; 23:QCgUcJ/TOdJ7xNeeCfNO9R+Ug6QfaVXm7LNH1rhSZ?= =?us-ascii?Q?il86rsP0/w4wwGw/xDOk1P9Nayz0wTWHKn3WDth0LKxoYNpLjG6kfnqyY/r6?= =?us-ascii?Q?SPwHNLHOma8b3uNdPii1vHjwPGRG2UHtEG81Ez/5iLvsIM3BK+AnVDVS+caM?= =?us-ascii?Q?f67X7/nzm58184wKzEQkdY+5Xo8k2uJCtmyVTPUetYfmDMWvpC2/HNnrugIj?= =?us-ascii?Q?tfgCwT4YDPcuGzH4S1TyslJ+e8OF7d5XUlARs7C1YicL2D5FKU6iHCSdvn+5?= =?us-ascii?Q?nB6gBB4DRqMNBy6hGpmFcYNJZF/xrlOE1Ryp2VHfSWHgkmAiXVFmwfm/oymf?= =?us-ascii?Q?QE7+RsgfLpYWPWzw1bM0T+0bcSbOdyr9KyMBpRKdp+X2hPXybF7rjpklvLag?= =?us-ascii?Q?0N2AO2DITRYJzucN9mRxQXED40qrdr46ZYsL0MfQ7w/FvzVSXLxKudRhYTZ6?= =?us-ascii?Q?BZGP+FLnDdRAUHeg4RJ/0vec76RunrwrNGekCGf+sOc/P4MWzHBsDf21xnUX?= =?us-ascii?Q?fbu8+N9cnncC6HUU5mMU0mUpaV5Qs6hnSoRwcb+RLLzN9J7SiettiB6cdt7n?= =?us-ascii?Q?Q6GU7lNrooBJAdPIGY/LZ+1kmlj4lmHo98q83m+lvY+9+p9Vpp1TjiXuyRft?= =?us-ascii?Q?8z9FNNhXCU+iy8y2U73yFffyPqXGvRUXKenyyIsVqiYtzjfRkA6ahY40wl1Q?= =?us-ascii?Q?HT5z3bFuMEbpQbStC/D7bhLTPMwY73NP29L5zzRU0bHFjhT7qBtPPyImIL7a?= =?us-ascii?Q?Yg2Jh3aplZemi0KV7+nBMZLeNG/sd1t2KMpnTp0Wwf3NZj9K5LH4cdaDKUFz?= =?us-ascii?Q?rLjQgqQfqQE0cOafhr0XbGpkv3pNkqf3BDToRpLPSbegKtgC8RUohhtazeAh?= =?us-ascii?Q?dC7uHBTAGAlmEmUvto1sNvcU8GHy/gG06/sU9X9FHutg67P4ZBrXQr4NobQB?= =?us-ascii?Q?wjNx1sU4/t6fxAQ052jUvqlZO8egXzROoPGEPlI/1rKMFM5jexaBuJxsMNp4?= =?us-ascii?Q?4M+SS+MYm9PS/VxMgw8I9BZGG9oFP3ZokfN8hjC84Q6kR4d8EBg3zrshrMGN?= =?us-ascii?Q?zO9mPBUxZCxuWHeDyHRxtT5VDJrKn6BZUL/kSUh75ivwKQtbhg/DUobPhEgs?= =?us-ascii?Q?b2n/c7odvO+9XzeTI5j2STWk62h2vYr6iCeXi5gilkwo6gIFVqZCQ=3D=3D?= X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; LOXP123MB1317; 6:LJLXhAS046rodQQMzOU7oXmQjM+cy6KBAS6aZOh49D?= =?us-ascii?Q?t2lTtZXNiAc2KokAXlxjOF5tbVlY434uaiUblACmKH8XkLAntlmMD6QMpKx+?= =?us-ascii?Q?aIoqFfSfs0uJsq3u0kbnnyjVbrfvQu7wJGoJaNN7Mt4RXGuG6lJzVYXNpaon?= =?us-ascii?Q?qwj2LiEZPzZsGtHk4Kbatc0gNNDm5bg+I/SyTjbMSTIeHzu7IJ5l8zFUPS+H?= =?us-ascii?Q?mAuN4N7HNd1oGb08EgyQ61UDEQVVGWvWXZoU3A2pNgaHaFHqdyqwCdpNGgim?= =?us-ascii?Q?0aVDBsHaozja8xH8BbJND6i5G45ewMgnwvgY6hkDLDzfp83e4a2nBEq40n4r?= =?us-ascii?Q?14x3L/e38Wlwtbqu8ifE9VfIVwtuuKtQjOxr535nXPUQue21SJTxYtafXiuE?= =?us-ascii?Q?mUsjxWTXxO/3vzclG/7tV7Hq5DzuL1xI6lBZ7HkYVriUOFuG3vPPOPcEr5FO?= =?us-ascii?Q?+YiOHnlg+D0R3MekPXzt0mN8ifzlBZVdUebPJpLaqmbKyZMsR19n5sNsm0RE?= =?us-ascii?Q?zR2Y3sgi3Bedk0Fn4RZ374uwaSyvNdNe+up9OzRunIfV9mLYwl6b0o6KnPJF?= =?us-ascii?Q?7kzkwkdskDUEKt+Pv3krBltr18HX+TCp5N5l2BCJJk5DAsKnKEJjAwcACrYs?= =?us-ascii?Q?+TGt43OWnCpBSAS1hUHgSLKrcairV/Vd9WjNtdvIxSbb+4jdducx36xgQXB3?= =?us-ascii?Q?U8V7VMV/gQJJ1+e6CS1wpDZQLU0wurs3VMbVONdN55x2ANORulARaKHKDmvQ?= =?us-ascii?Q?s773okGCOg+9n63EIf6sX1x+1OHOw9A1E1axQpHv+5NtZfRE6v4a8J2bde73?= =?us-ascii?Q?QgnvtUnNXJ7i4MQl/WEmxY+4AkbpZUrc0HaMU1Tf1B3eVLJujA+d1ql3UkJI?= =?us-ascii?Q?sDIA7cYr/TvoqeRNF7Yvhr+czhNZpmq7r5uK5mtIZZpg/JNQ7RZDc/DVbOeU?= =?us-ascii?Q?ZvA6OsRMuQG4xaayPU8tJYKSYdgs7ZiEJQrLLXDKaMItgrf9owl3Bqt3T9bI?= =?us-ascii?Q?8=3D?= X-Microsoft-Exchange-Diagnostics: 1; LOXP123MB1317; 5:Mu7h7+ZKOkYcHGdxtCbpThmpm+8UU0SXiDP7JX4j54tH6s+w/KqYZDSv0jhypLTwkwyIL1mdx0hQcAQP6NHtlxn3nHRRWIL9NFVylhZYSeJ8NP89I8Cp241OVSb959utLthEqDAqYpMv4/NiiiEOQNAmercXznahLsptKtumXFcqFYanioNeXzI2LjNVUqNZNOmApjArLBu2wVQ2T5A7U0zJ3klMq7YR9porNC8/f53bM6VjIMsRLu8KY5KR8lxiQh5JwEriBDY6vLcTtzJRkRiQwak6Kwpb6Eeg1dOin5J3PE88nnmWNcJ70l+mrgPN000J9U3eP7MpRTUUEIYohM3jy22wPQm6/lUT7auvlL0q/cuWv6B+Jp5YNeIWidsFZNnVIZrDtsS6Q4akVGivBP6MULXutCdfWrmUEu238CFe+pLfAI60TsWeIIUCH8VNo3DrkxyIKU5qVDqINKV2UtLjLNzLjC9hFzoFtWyAYBhwrlAlXeJycyZqNwFgRA/2; 24:NXeNLVkIv5N1usnJ6Op4SFV+797PEzXLmqWGAwqUwkmtL+SxhdEsaF/iARSKDeFRZwcvjW0QarRYkerFWJnjWXvbj2Ww8rcxdKueIN/qMDM= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; LOXP123MB1317; 7:KvXSOzTs2LMtvuEXP47ik6XhnyXQ12JHWuIdUQPrknV5iGjKA6X6V2YCdbkyuOOdvaw+H/YY3/jVcWQIOUGENaYVwKcdADq5DA+fiPbm2GC8AX5BE9Z1oiTLT8V6iTaIl1AI/6ffSVFQkHxshKa0Sq7xtv4eq0nLPmdIRxOMFj1VlrOPplwUl+f/KAwzqrZfVdIbKeV3rW68CAcA21eHNBZN8k2eKjJs8P9VzKcfde4iXqSVntCemNB1i0rw1TIF2Bx8BBbpth2+t5e3LDLT2D7KpvwcRhUomQe6QpnAJS4AnbxMXCmC6QpSmzlBVBTO3DgBrncOtXX8ahKrg3nYzwPHxt/sKsd8q++9loKPdMmDIGmtwaJ7WVGHzSFPLksDamdFY6PpmzNfKO9QyWX8mgeLo4OjgR5w20D188DB7YsK55D9A/QVQWOhnLPe52b7Nf8RhmA2DF3s12bCFfgxJKWLoLc1hnUMWbhJA+FQUo2sBC8rJWL3ueThZJYDidnbnwG5hJHj720wAS44ILDSFgj5fRrH54sgd49Xfhvet3ytxe3iA1jRIjC6XTGA5JbjDoj3dOsM7jb+vzXOTO83kgIrdRL45fsTQMvptdK7hhDN989RYlCh62fcvP+uNCcON9k7ME3dIXcnZUgQf+6gTCGk+ehksS7BSmS9hsAExTxCC5fFY8lFcILRWyvIB54Lkz8yB2tYMaI1rgVRwb8YXjrXoHx7VsL9lXJfVzBB6ewBNNPmudwkWnuxAqgoHru/ao90sf99UmQ8AfhGtwVjDz0BZVcuJa5pOHo9T72W3sM= X-OriginatorOrg: sliderule.demon.co.uk X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jun 2017 16:06:11.9299 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: LOXP123MB1317 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 16:06:17 -0000 Hi, I've just had a brief power-cut which froze both of my FreeBSD 10.3 REL servers. Both machines correctly found that / hadn't been correctly dismounted. After restarting them in single user mode and running 'fsck /' (twice) until the file system was clean, I rebooted them in multi-user mode. One of them needed a while while the /root mirror was rebuilt. Mirrors are managed by gmirror. As they both show similar symptoms I'll concentrate on one server from here. When I run gstat I get: dT: 1.044s w: 1.000s L(q) ops/s r/s kBps ms/r w/s kBps ms/w %busy Name 0 0 0 0 0.0 0 0 0.0 0.0| ada0 0 0 0 0 0.0 0 0 0.0 0.0| ada1 0 0 0 0 0.0 0 0 0.0 0.0| ada2 0 0 0 0 0.0 0 0 0.0 0.0| ada0p1 0 0 0 0 0.0 0 0 0.0 0.0| ada0p2 0 0 0 0 0.0 0 0 0.0 0.0| ada0p3 0 0 0 0 0.0 0 0 0.0 0.0| ada1p1 0 0 0 0 0.0 0 0 0.0 0.0| ada1p2 0 0 0 0 0.0 0 0 0.0 0.0| ada1p3 0 0 0 0 0.0 0 0 0.0 0.0| ada2p1 0 0 0 0 0.0 0 0 0.0 0.0| ada2p2 0 0 0 0 0.0 0 0 0.0 0.0| ada2p3 0 0 0 0 0.0 0 0 0.0 0.0| ufsid/56d1ad46957 f05f1 0 0 0 0 0.0 0 0 0.0 0.0| diskid/DISK-Z3T7P 0J4 0 0 0 0 0.0 0 0 0.0 0.0| mirror/boot 0 0 0 0 0.0 0 0 0.0 0.0| mirror/swap 0 0 0 0 0.0 0 0 0.0 0.0| mirror/root 0 0 0 0 0.0 0 0 0.0 0.0| gptid/41ddec89-70 fc-11e5-89b5-9cb65407dd34 0 0 0 0 0.0 0 0 0.0 0.0| ufsid/561bdc9be2 Previously, the ufsid's, diskid's and gptid's didn't appear in this list and my questions are: Should I be concerned and how do correct this? root@dc1:~ # dmesg | grep ada ada0 at ahcich1 bus 0 scbus1 target 0 lun 0 ada0: ATA8-ACS SATA 3.x device ada0: Serial Number WD-WCATRC668492 ada0: 300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes) ada0: Command Queueing enabled ada0: 953869MB (1953525168 512 byte sectors) ada0: quirks=0x1<4K> ada0: Previously was known as ad6 ada1 at ahcich2 bus 0 scbus2 target 0 lun 0 ada1: ATA8-ACS SATA 3.x device ada1: Serial Number WD-WCATRC668411 ada1: 300.000MB/s transfers (SATA 2.x, UDMA6, PIO 8192bytes) ada1: Command Queueing enabled ada1: 953869MB (1953525168 512 byte sectors) ada1: quirks=0x1<4K> ada1: Previously was known as ad8 ada2 at ahcich3 bus 0 scbus3 target 0 lun 0 ada2: ATA8-ACS SATA 2.x device ada2: Serial Number Z3T7P0J4 ada2: 300.000MB/s transfers (SATA 2.x, UDMA5, PIO 8192bytes) ada2: Command Queueing enabled ada2: 238475MB (488397168 512 byte sectors) ada2: Previously was known as ad10 Any and all help appreciated, most of my disk knowledge predates ufs2, gptid etc Steve. From owner-freebsd-questions@freebsd.org Mon Jun 19 16:40:31 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 23E6EDA0787 for ; Mon, 19 Jun 2017 16:40:31 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [208.111.40.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0F1D97B7F7 for ; Mon, 19 Jun 2017 16:40:29 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (unknown [IPv6:2601:1c2:1401:9956:21c:c0ff:fe7f:96ee]) by echo.brtsvcs.net (Postfix) with ESMTPS id C404950005; Mon, 19 Jun 2017 16:40:28 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id 17FFC820; Mon, 19 Jun 2017 09:40:28 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> <1f776896-9b34-1a60-3bbe-9850ca940315@bluerosetech.com> <5c8398c1-9bbd-8b2e-a0b1-319e9476b052@holgerdanske.com> From: Mel Pilgrim Message-ID: <8c69f89f-b1b3-c0e2-8e8d-e7290a39551b@bluerosetech.com> Date: Mon, 19 Jun 2017 09:40:36 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <5c8398c1-9bbd-8b2e-a0b1-319e9476b052@holgerdanske.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 16:40:31 -0000 On 06/18/2017 21:40, David Christensen wrote: > On 06/18/17 20:17, Mel Pilgrim wrote: >> Despite canmount=noauto, ZFS mounted the root dataset automatically >> anyway. The only way I know of to guarantee a dataset won't be mounted >> on import, despite documentation to the contrary, is to make sure it has >> or inherits mountpoint=none. > > So, you've discovered either a bug or a feature. Perhaps you should > file a bug report and see if you can get clarification. I'm starting to think so, yes. I wanted to suss this out a bit before filing a PR. From owner-freebsd-questions@freebsd.org Mon Jun 19 16:51:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DE5BDA09DA for ; Mon, 19 Jun 2017 16:51:39 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [IPv6:2607:f740:c::4ae]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89E217BD24 for ; Mon, 19 Jun 2017 16:51:39 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (c-73-240-250-185.hsd1.or.comcast.net [73.240.250.185]) by echo.brtsvcs.net (Postfix) with ESMTPS id DFA2150005; Mon, 19 Jun 2017 16:51:38 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id 62385828; Mon, 19 Jun 2017 09:51:38 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: Christian Kujau Cc: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> From: Mel Pilgrim Message-ID: <8294aeef-6399-cc5d-1d3d-ac1925430b05@bluerosetech.com> Date: Mon, 19 Jun 2017 09:51:47 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 16:51:39 -0000 On 06/18/2017 22:28, Christian Kujau wrote: > On Sun, 18 Jun 2017, Mel Pilgrim wrote: >> # zpool list backupA >> cannot open 'backupA': no such pool >> # zpool import -N backupA >> # zpool list backupA >> NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT >> backupA 696G 189G 507G - 1% 27% 1.00x ONLINE - >> # zfs list backupA >> NAME USED AVAIL REFER MOUNTPOINT >> backupA 189G 486G 22K /backup-ext/backupA > > Are you sure that the pool is actually mounted at this point? Yes, the root dataset (and only the root dataset) gets mounted: # zfs get -r canmount,mountpoint backupB NAME PROPERTY VALUE SOURCE backupB canmount noauto local backupB mountpoint /backup-ext/backupB local backupB/z0 canmount noauto local backupB/z0 mountpoint /backup-ext/backupB/z0 inherited from backupB # zpool export backupB # ls -l /backup-ext/backupB total 0 # zpool import backupB # ls /backup-ext/backupB z0 # zfs list -ro name,mounted,mountpoint backupB NAME MOUNTED MOUNTPOINT backupB yes /backup-ext/backupB backupB/z0 no /backup-ext/backupB/z0 From owner-freebsd-questions@freebsd.org Mon Jun 19 19:02:45 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1ECD4DA2A74 for ; Mon, 19 Jun 2017 19:02:45 +0000 (UTC) (envelope-from lists@nerdbynature.de) Received: from trent.utfs.org (trent.utfs.org [IPv6:2a03:3680:0:3::67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D235B80675 for ; Mon, 19 Jun 2017 19:02:44 +0000 (UTC) (envelope-from lists@nerdbynature.de) Received: from localhost (localhost [IPv6:::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by trent.utfs.org (Postfix) with ESMTPS id 9CAB65F9CC; Mon, 19 Jun 2017 21:02:41 +0200 (CEST) Date: Mon, 19 Jun 2017 12:02:41 -0700 (PDT) From: Christian Kujau To: Mel Pilgrim cc: David Christensen , freebsd-questions@freebsd.org Subject: Re: zpool import -N mounts filesystems anyway In-Reply-To: <8294aeef-6399-cc5d-1d3d-ac1925430b05@bluerosetech.com> Message-ID: References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> <8294aeef-6399-cc5d-1d3d-ac1925430b05@bluerosetech.com> User-Agent: Alpine 2.21.1 (DEB 211 2017-05-04) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 19:02:45 -0000 On Mon, 19 Jun 2017, Mel Pilgrim wrote: > # zpool export backupB > # ls -l /backup-ext/backupB > total 0 > # zpool import backupB > # ls /backup-ext/backupB > z0 Just to double-check: what does "ls" say when you use -N during import? C. -- BOFH excuse #72: Satan did it From owner-freebsd-questions@freebsd.org Mon Jun 19 21:31:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2013DA51F5 for ; Mon, 19 Jun 2017 21:31:25 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 69BA81EE for ; Mon, 19 Jun 2017 21:31:25 +0000 (UTC) (envelope-from dave.mehler@gmail.com) Received: by mail-oi0-x236.google.com with SMTP id b6so62083763oia.1 for ; Mon, 19 Jun 2017 14:31:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=PfOs4bXShaZsF3CRSfghoaxiU2x13seAYOGwQw0tCvY=; b=QIKHs2JVpFTUTSApOH/234IGxpVwGTaIvSguI+eOPcNrEuwXC/+T2IK+2by4JlWkHE 28kvZ615g/SkKEGhKVav0pOTUyx4qj4eUyTiRgoFnKG/qCYUNGohAYvlEs2rhNxbqKZA Fio9Zy4bZ84FD289pW1WGjwFaJboOylxT4WdHZWHOgjWjvMDzqlRlpqJvLBOUVoIWNaj 2t/DCiIAkukLxJoxxMzlXDdouC0PTmjOPL38z5Zkc2WcNcIJfXny8oFQViZYFXxCdrHV XGPiIi6t7LxzE0c1Bkiyaw1BWtE3RwaDcerntfrIrm6wTEJicGfxIbSgO3v7LBZNmY2C NhoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=PfOs4bXShaZsF3CRSfghoaxiU2x13seAYOGwQw0tCvY=; b=ffWG41AWzFm2cRioNFu6tdbxi84Zx8zIDubuuVwK3MapisNhqe/aE92qXBLxCHpMPP k8KKqjfyFQr1EeFfa4XEafXjB/36PHNO3/zG8E38PdSwnLc3eGxr9EEM2S5NwUUmmsCf JuYNwjRAoYKE7ICE8IbNCXgQ2qc/0o8xs5NHEeonfScAnURpmyAIhxzg/9SwugKtS4pS n1cTsho+yZf3FziZTrsgeCTul499QFENbWUzA9pSa1am15g0lxHjiXrMCso5F0iH8Lfd Xl5IhKo4B/Nnp1pmI6zMpyBYJj5I3AwVhapY6bQFIX6VuL39VViRAUjqY0rlZ6JDpUW3 SbTA== X-Gm-Message-State: AKS2vOzY7IzMzJEkH/5fvGrezNxSp6kDb9/6hfF15KLSO1RY3LDLhD1r Hr2MVfgbBt8qEMjRRaoZlojFReqQJg== X-Received: by 10.202.170.195 with SMTP id t186mr14604506oie.30.1497907884507; Mon, 19 Jun 2017 14:31:24 -0700 (PDT) MIME-Version: 1.0 Received: by 10.157.17.210 with HTTP; Mon, 19 Jun 2017 14:31:24 -0700 (PDT) From: David Mehler Date: Mon, 19 Jun 2017 17:31:24 -0400 Message-ID: Subject: Shared object libcrypto.so.9 not found To: freebsd-questions Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 21:31:25 -0000 Hello, I'm running a FreeBSD 10.3 system. This morning I logged in to my non-root account intending to do updates. I did a sudo like I normally do and got this message: Shared object "libcrypto.so.9" not found, required by "libkrb5.so.26" I then tried a su - and got nothing just a prompt back. Is there another way to get to root and troubleshoot this? Any ideas appreciated? Thanks. Dave. From owner-freebsd-questions@freebsd.org Mon Jun 19 22:15:20 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DE3B8DA5E0B for ; Mon, 19 Jun 2017 22:15:20 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173]) by mx1.freebsd.org (Postfix) with ESMTP id BCB291CA3 for ; Mon, 19 Jun 2017 22:15:20 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: by be-well.ilk.org (Postfix, from userid 1147) id 98D5A33C26; Mon, 19 Jun 2017 18:05:25 -0400 (EDT) From: Lowell Gilbert To: David Mehler Cc: freebsd-questions Subject: Re: Shared object libcrypto.so.9 not found References: Reply-To: freebsd-questions Date: Mon, 19 Jun 2017 18:05:25 -0400 In-Reply-To: (David Mehler's message of "Mon, 19 Jun 2017 17:31:24 -0400") Message-ID: <44tw3br5ui.fsf@be-well.ilk.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 22:15:21 -0000 David Mehler writes: > Hello, > > I'm running a FreeBSD 10.3 system. This morning I logged in to my > non-root account intending to do updates. I did a sudo like I normally > do and got this message: > > Shared object "libcrypto.so.9" not found, required by "libkrb5.so.26" > > I then tried a su - and got nothing just a prompt back. > > Is there another way to get to root and troubleshoot this? Single-user mode... From owner-freebsd-questions@freebsd.org Tue Jun 20 10:07:45 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3A23D9464F for ; Tue, 20 Jun 2017 10:07:45 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from ms-10.1blu.de (ms-10.1blu.de [178.254.4.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 977BC7B7E3 for ; Tue, 20 Jun 2017 10:07:45 +0000 (UTC) (envelope-from guru@unixarea.de) Received: from [89.204.130.74] (helo=localhost.unixarea.de) by ms-10.1blu.de with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.86_2) (envelope-from ) id 1dNFNR-0000j5-NA for freebsd-questions@freebsd.org; Tue, 20 Jun 2017 11:23:13 +0200 Received: from localhost.my.domain (localhost [127.0.0.1]) by localhost.unixarea.de (8.15.2/8.14.9) with ESMTPS id v5K9NBiC003728 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Tue, 20 Jun 2017 11:23:11 +0200 (CEST) (envelope-from guru@unixarea.de) Received: (from guru@localhost) by localhost.my.domain (8.15.2/8.14.9/Submit) id v5K9NA4u003727 for freebsd-questions@freebsd.org; Tue, 20 Jun 2017 11:23:10 +0200 (CEST) (envelope-from guru@unixarea.de) X-Authentication-Warning: localhost.my.domain: guru set sender to guru@unixarea.de using -f Date: Tue, 20 Jun 2017 11:23:09 +0200 From: Matthias Apitz To: freebsd-questions@freebsd.org Subject: Fwd: [cros-discuss] Hacking possibility? Real or not? Message-ID: <20170620092309.GA3634@c720-r314251> Reply-To: Matthias Apitz Mail-Followup-To: Matthias Apitz , freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="sm4nu43k4a2Rpi4c" Content-Disposition: inline X-Operating-System: FreeBSD 12.0-CURRENT r314251 (amd64) X-message-flag: Mails containing HTML will not be read! Please send only plain text. User-Agent: Mutt/1.8.0 (2017-02-23) X-Con-Id: 51246 X-Con-U: 0-guru X-Originating-IP: 89.204.130.74 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 10:07:45 -0000 --sm4nu43k4a2Rpi4c Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, In the mailing-list about Chromium OS is some interesting discussion about some attack vector using an USB plug-in with some Raspery system behind to offer to the OS an USB keyboard and ethernet and at the end take over the system. More of the discussion here=20 https://groups.google.com/a/chromium.org/forum/?hl=3Den#!topic/chromium-os-= discuss/UqbGh2kHaVw and the full technical description here: https://samy.pl/poisontap/ As far as I can see, the same attack would be possible as well on FreeBSD, maybe not so easy because the devd(8) must be configured and the module for ethernet on USB cdce(4) must be loaded in advance. matthias ----- Forwarded message from Jim Dantin ----- Date: Sun, 18 Jun 2017 15:56:40 -0700 (PDT) =46rom: Jim Dantin To: Chromium OS discuss Subject: [cros-discuss] Hacking possibility? Real or not? Mike Frysinger and other Chromium OS experts - This rather one-sided Microsoft video brings up some interesting claims.=20 I'll ignore the claim that Windows is more secure, but I wonder about what= =20 really is possible with ChromeOS devices. https://www.youtube.com/watch?v=3DDJg-mI3tuaU I'd like us to get ahead of any more fear mongering by having someone=20 knowledgeable examine the actual threat. This appears to be the exploit: https://samy.pl/poisontap/ For a protected mode ChromeOS device, what are the actual vulnerabilities= =20 and dangers?=20 I expect that a logged in device could be exposed to data theft if the user= =20 (or someone else) plugged in a malicious device, but what about a=20 locked-screen or logged out device? For logged in, unlocked devices, what mischief could be done? Anyone care to be a truth-teller here? Thanks. --=20 --=20 Chromium OS discuss mailing list: chromium-os-discuss@chromium.org View archives, change email options, or unsubscribe:=20 http://groups.google.com/a/chromium.org/group/chromium-os-discuss?hl=3Den ---=20 You received this message because you are subscribed to the Google Groups "= Chromium OS discuss" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to chromium-os-discuss+unsubscribe@chromium.org. ----- End forwarded message ----- --=20 Matthias Apitz, =E2=9C=89 guru@unixarea.de, =E2=8C=82 http://www.unixarea.d= e/ =E2=98=8E +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub 8. Mai 1945: Wer nicht feiert hat den Krieg verloren. 8 de mayo de 1945: Quien no festeja perdi=C3=B3 la Guerra. May 8, 1945: Who does not celebrate lost the War. --sm4nu43k4a2Rpi4c Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEXmn7rBYYViyzy/vBR8z35Hb+nREFAllI6XoACgkQR8z35Hb+ nRGSXw//ZfiYqrbB0q80GrlWkpkuLbi/nzMfNT3V2gRiyHCXrSbc8Lc9rms/eJTx QukzZXhmpLUptLwAipJy8zbT7/K2gcXDKoMZLlTfZxoX8IT+T36LDNUspo/JE6kw 0PUIkRhS+hg8+qJ/FRZ3TeDqpVIbQ9qftSEy8rg8Rp25lm9Vnfs8r/vNTQg1k5EH UvvNtqJ/d1unby4W7MxmD5LLzG32oXu0+oMSD765bdaVclt2ItyeV7wNZQOGnXFR bZWHbB29TyHhiPF1Hz752wxGcVcEnU6Bkp0TIpWeXN3pazJ6kuHHdjrCyhrhSuNG RB2fCRCperItGHRinFXdXFUzlY8Yj5owlXf4RJqFmw3xFKA9iVyeD15Fnph8OQXe Fw6hmQcGEivY9AloPW66J/m6XFxN4eV7SvlLTmFyh2/QTJ7qeCSWMYRj1rBLJW2a 1qU4ztYEXtGrZatSEz1qrN8GSy+QLUrqSeY/xaNXrY1oFVRF2aul0DH3V1Og6PMA RBPbKNJCiZkWp4Np7XdpxWIgkjHTTIvkJzqx6jZfer4h/nGRvDhdHkHs+WThFCGC fE4eC/DGCq573IPvtjhuWpR+WR7uheykT4X7ooughTKwfDiGT9IBavcSTB4yoowX J2/kRg9+jEsSysMtG209XbKVavkcvQPLaGUKVgLY9B9xaPgLZ2k= =US27 -----END PGP SIGNATURE----- --sm4nu43k4a2Rpi4c-- From owner-freebsd-questions@freebsd.org Tue Jun 20 10:38:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA7FCD95019 for ; Tue, 20 Jun 2017 10:38:39 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 78C307C4B3 for ; Tue, 20 Jun 2017 10:38:39 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [85.199.232.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 17FA8C192 for ; Tue, 20 Jun 2017 10:38:37 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/17FA8C192; dkim=none; dkim-atps=neutral Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? To: freebsd-questions@freebsd.org References: <20170620092309.GA3634@c720-r314251> From: Matthew Seaman Message-ID: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> Date: Tue, 20 Jun 2017 11:38:30 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170620092309.GA3634@c720-r314251> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 10:38:40 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p Content-Type: multipart/mixed; boundary="AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? References: <20170620092309.GA3634@c720-r314251> In-Reply-To: <20170620092309.GA3634@c720-r314251> --AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2017/06/20 10:23, Matthias Apitz wrote: > In the mailing-list about Chromium OS is some interesting discussion > about some attack vector using an USB plug-in with some Raspery system > behind to offer to the OS an USB keyboard and ethernet and at the end > take over the system. More of the discussion here=20 >=20 > https://groups.google.com/a/chromium.org/forum/?hl=3Den#!topic/chromium= -os-discuss/UqbGh2kHaVw >=20 > and the full technical description here: >=20 > https://samy.pl/poisontap/ >=20 > As far as I can see, the same attack would be possible as well on > FreeBSD, maybe not so easy because the devd(8) must be configured and > the module for ethernet on USB cdce(4) must be loaded in advance. >=20 Isn't this yet another manifestation of physical access to the hardware being almost impossible to secure against? Don't plug in any strange USB devices kids, and don't let your portable kit out of your control so that other people could take liberties with your USB ports either. Cheers, Matthew --AAC6Sxt1lkKAHqvHmLKBiu2hA8RAQCOiN-- --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJZSPssXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnpaMQAJTyxARfWxvNc2eputI91hEy S7vyqeizc5qpK7vd4kv2oOD5mT2b3CVSocgPwgc6bpO29qpE03HBQT/ozxAt67ZS 4lpvNk/IsNv+t0XBX8kl6g2jS7sSZ7Ojw5dvD+NqIo8j0bUeRAKYWKi/8euMm8wd d4UaOZMjDFxYOlqULdsXK7LyRBh6ZCQP4Gr1Q+8BCltrqc6OCloU0Cqsvft2BfzE P74LtcrunTCzoVy31TtY9dl2FGDabnyJs0OKhWAn9qAuS6HjXKLM4yYkIVlzcuUG dzqpehC7k5SbYXWNTwMc3UcN0F4SsbuafEZ+2gAtLruFTEuRQJ/8RB5wFre7PZUm WkC/i82cLfVcKcivadM08vEdApvEnHOvAfeiJp0dsiPgFksYD9FBO6O4lkKrwvrC FFgWnWLZaHQpaeAq3ppmonCtBIKN+rljL8Xe8ml0qzayw1KgVP2xq3hwzXQJOw9D KbrYmuKEzd2+jT6+kHgoghbT+dyPFhoKsQij6+rocAQYV5KkjHZLNsmIhSP55ZYo R971APLRdIjjdVcLS8OTXWShjHz+jH/s+Ifr4/7YGsYwZU2fR6MTBxGxiBZYTjg3 YD4WHsxBsKc9pwKipctImGUXrAbDg5kXh/pUV+DUwZFbXZ/daPbdFdSi7vl5a184 Jo6eIjn48fAv19aw+3oh =kzVJ -----END PGP SIGNATURE----- --lgAq7nd8wOVTEHehNkJ9a16qsB8lpav1p-- From owner-freebsd-questions@freebsd.org Tue Jun 20 14:34:09 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F6A7D99FFE for ; Tue, 20 Jun 2017 14:34:09 +0000 (UTC) (envelope-from peter@ludikovsky.name) Received: from ludikovsky.name (ludikovsky.name [IPv6:2a03:f80:ed15:158:255:212:178:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D7DBB308 for ; Tue, 20 Jun 2017 14:34:08 +0000 (UTC) (envelope-from peter@ludikovsky.name) Received: from [0.0.0.0] (unknown [185.170.41.8]) by ludikovsky.name (Postfix) with ESMTPSA id 480E3404F for ; Tue, 20 Jun 2017 14:33:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ludikovsky.name; s=mail; t=1497969237; bh=9gAVKFjVycdhABP+RV8lvTbjQs/xUNfKMJWKoYgLQb0=; h=From:Subject:To:Date:From; b=X4Z89qZsDlPQzr7D1QUWBDJZH4WKkBq98icTV08vQU5tysZ2J8cJMvTx3VReNEuV8 dnNEVbwpG3SL/iFCfzg0SE5PTpoTi6hnYCuaZPyA4LpQGk3UaDRKtfyujvET+Og7ku yiZPnxWIVGb/Zgkc+DRncDARe06XVDxRnV8M+fg8= From: Peter Ludikovsky Subject: New User, new server To: freebsd-questions@freebsd.org Message-ID: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Date: Tue, 20 Jun 2017 16:33:48 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="PuTTUT6tWC6DHR1X9St3OJKs9bdue8hQH" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 14:34:09 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --PuTTUT6tWC6DHR1X9St3OJKs9bdue8hQH Content-Type: multipart/mixed; boundary="Rrwx8IfvUQFcL9Hcf773hqMJWNdnlxOWM"; protected-headers="v1" From: Peter Ludikovsky To: freebsd-questions@freebsd.org Message-ID: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Subject: New User, new server --Rrwx8IfvUQFcL9Hcf773hqMJWNdnlxOWM Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello, I recently acquired a former office tower to replace my old home server (Debian 8), itself an even older office tower. As it's my primary storage location for images and documents I want something stable, and I want to try something besides Linux, so I'm going for FreeBSD 11-RELEASE. Which brings a few questions: 1) The new machine comes with a 128G SSD, in addition to the 2 4T HDDs from the older server. I'd like to set up ZFS root, with a slice of the SSD as ZIL and L2ARC, and the root mirrored across the SSD and the 2 HDDs. Does this make sense, and if so what would be the ideal slice layout? Or should I just use the whole SSD as ZIL/L2ARC? 1.1) Can I start this setup with just the SSD an one HDD, as to keep the old server alive until everything is migrated? 2) Moving data from the old machine. Can I run zfs send/receive to get the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an ISP provided router, but I'm paranoid enough to want an additional firewall on that machine, and one that plays nice with fail2ban at that. 4) As far as I understand it the host plays gateway for jails. Does that mean that any firewalling is done there too? If so, is any special configuration required besides enabling IP forwarding? (NAT, =E2=80=A6) 5) Currently all services on the machine run together. With FreeBSD I'd like to jail them. Is there an easy way to convert, or will I be creating jails for the services & shovel the data over as if it's a fresh install? Any pointers are appreciated. I'm in no hurry (old machine ain't dying yet), and I'd rather do it slow & clean than fast & dirty. Regards, /peter --Rrwx8IfvUQFcL9Hcf773hqMJWNdnlxOWM-- --PuTTUT6tWC6DHR1X9St3OJKs9bdue8hQH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdBQJZSTJRFhxwZXRlckBsdWRpa292c2t5Lm5hbWUACgkQz7o2Dmlu 3JkwfRAAo26NVCH6dk1+ZSGJ0cdcmvE+4V2WdXKGDzls9qsZSF9POt0XKB8eD9/T 1Sk6+6DspEjkx0D2DV4pt/XlhOhqEy62cV2pSfAu/jv10VNc92v1/nmwfCoJqo4Z a0nw9h8nec2Zduoj+GYYDnshbEwcS57vj/OPCtrB6XFapB2bxNvXA8VVWPRFaIcN LUTsHE2jPeK56ZfD8iw/b5ScrsNI/XppjyGqsap+F66QImXiQsaPp+lvrNlFIMni FAJq69ufBdeGjqqtOfepdPif9BDCEsb6R0hLAmq977uYZAi/MdMvQXAwrn5Q8SQa 1wrg5aRwW0NlR7t1uLPt6RVE7rbARH0uUGsyHLfKcjywsJ5oOGk2IhuhIIC38vQP EQgFvhSFIaMCsb7SamOqWtGvwcKglQL/FBA8iafZorb52ThYK2UOUHcl8ADooivd wqg+mPHlPtB1crI1AIRO1T/k4lyadejW1b2f/+wTNBcwOFR9itQbVHOTp7gFJsOS R/9wus3rakSYef69w+oBmOysfoRrKKxMBSiimJsnT20czM2farw5tVTus0dkgFuF CA/MMJ/y425b9O55FNNLp4h9zL8ocG088jjGW11nub6DOlKOAkXBWuMursR2c9Bm ON8uQM0x+wVCnhxXKtC5+7o7MHijdkh0EXa9yeoB1B3HgqU9BY4= =FS5j -----END PGP SIGNATURE----- --PuTTUT6tWC6DHR1X9St3OJKs9bdue8hQH-- From owner-freebsd-questions@freebsd.org Tue Jun 20 14:52:42 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C02D2D9A77C for ; Tue, 20 Jun 2017 14:52:42 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id 9C9B014AF; Tue, 20 Jun 2017 14:52:42 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 89592CB8CDF; Tue, 20 Jun 2017 09:33:38 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Tue, 20 Jun 2017 09:33:38 -0500 (CDT) Message-ID: <59477.128.135.52.6.1497969218.squirrel@cosmo.uchicago.edu> In-Reply-To: <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> References: <20170620092309.GA3634@c720-r314251> <9aba32b6-f960-beb4-94bf-b8b3b780ef69@FreeBSD.org> Date: Tue, 20 Jun 2017 09:33:38 -0500 (CDT) Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? From: "Valeri Galtsev" To: "Matthew Seaman" Cc: freebsd-questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 14:52:42 -0000 On Tue, June 20, 2017 5:38 am, Matthew Seaman wrote: > On 2017/06/20 10:23, Matthias Apitz wrote: >> In the mailing-list about Chromium OS is some interesting discussion >> about some attack vector using an USB plug-in with some Raspery system >> behind to offer to the OS an USB keyboard and ethernet and at the end >> take over the system. More of the discussion here >> >> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw >> >> and the full technical description here: >> >> https://samy.pl/poisontap/ >> >> As far as I can see, the same attack would be possible as well on >> FreeBSD, maybe not so easy because the devd(8) must be configured and >> the module for ethernet on USB cdce(4) must be loaded in advance. >> > > Isn't this yet another manifestation of physical access to the hardware > being almost impossible to secure against? Don't plug in any strange > USB devices kids, and don't let your portable kit out of your control so > that other people could take liberties with your USB ports either. As they said in system security manual some 30 years ago: the first step in securing machine is physical security of your box ;-) Valeri > > Cheers, > > Matthew > > > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-questions@freebsd.org Tue Jun 20 15:22:08 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A534BD9AF32 for ; Tue, 20 Jun 2017 15:22:08 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from inet08.hamilton.harte-lyne.ca (inet08.hamilton.harte-lyne.ca [216.185.71.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "inet08.hamilton.harte-lyne.ca", Issuer "CA_HLL_ISSUER_2016" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 62C1D2760 for ; Tue, 20 Jun 2017 15:22:07 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from localhost (localhost [127.0.0.1]) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTP id B06A76206C for ; Tue, 20 Jun 2017 11:16:00 -0400 (EDT) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from inet08.hamilton.harte-lyne.ca ([127.0.0.1]) by localhost (inet08.hamilton.harte-lyne.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gzW6bD1i2oDA for ; Tue, 20 Jun 2017 11:15:59 -0400 (EDT) Received: from webmail.harte-lyne.ca (inet04.hamilton.harte-lyne.ca [216.185.71.24]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by inet08.hamilton.harte-lyne.ca (Postfix) with ESMTPSA id 6E91B62051 for ; Tue, 20 Jun 2017 11:15:58 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=harte-lyne.ca; s=dkim_hll; t=1497971758; bh=IrE9yV4ZIIYwAywfpEDhUQVGISEykeaMw5ZHZRWjNNU=; h=In-Reply-To:References:Date:Subject:From:To:Reply-To; b=wWHrhkzjZ4QhuOkCYLdlSjpnO47LwH6wpRHO6h0LolWIt30BF7BV3R6JoJ9Ykpwo4 XIzdoyr5Chi3JDyj2Urkdw8Tgp/aBPwmm/4Naal41nExyDbDuh8F9LWlHEKBKqh74m +CsMuDmBMTYXjDsLjpnWlbAc3id4P3XMGYz/SkCljLb7fJn5lOjVnDIpMmMAzqzsQm 1zWfoXDq33WfxdFHXhaU5F7NTRRwa53GIfuJo6aXM9SLMeWc7QKSjS3YBkEG3hsxH3 B2ru5IZxZGNaLC/oasTGX+/XyDh3+52I3nxGdeTzFSXYm169hpK7FS55Yg6HE65RBs 2sr27NJWJFoBA== Received: from 216.185.71.44 (SquirrelMail authenticated user byrnejb_hll) by webmail.harte-lyne.ca with HTTP; Tue, 20 Jun 2017 11:15:58 -0400 Message-ID: In-Reply-To: References: Date: Tue, 20 Jun 2017 11:15:58 -0400 Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? From: "James B. Byrne" To: freebsd-questions@freebsd.org Reply-To: byrnejb@harte-lyne.ca User-Agent: SquirrelMail/1.4.22-5.el6 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:22:08 -0000 On Tue, June 20, 2017 06:38, Matthew Seaman wrote: > On 2017/06/20 10:23, Matthias Apitz wrote: >> In the mailing-list about Chromium OS is some interesting discussion >> about some attack vector using an USB plug-in with some Raspery >> system behind to offer to the OS an USB keyboard and ethernet and >> at the end take over the system. More of the discussion here >> >> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw >> >> and the full technical description here: >> >> https://samy.pl/poisontap/ >> >> As far as I can see, the same attack would be possible as well on >> FreeBSD, maybe not so easy because the devd(8) must be configured >> and the module for ethernet on USB cdce(4) must be loaded in advance. >> > > Isn't this yet another manifestation of physical access to the > hardware being almost impossible to secure against? Don't plug > in any strange USB devices kids, and don't let your portable kit > out of your control so that other people could take liberties > with your USB ports either. Every USB device contains a controller which itself operates on the basis of flash-able microcode. Few such controllers have any safeguards against being reprogrammed. Consequently, any physical access to any USB port on a host allows an attacker to permanently corrupt and infect the USB device controller(s) on a target system. As such malware likely contains code to prohibit further reprogramming the infection is permanent and removal of the affected hardware is the only remedy. On most modern computers this requires discarding the motherboard. This issue was demonstrated at BlackHat-2014. To the best of my knowledge, few if any USB device manufacturers provide hardened controllers. IronKey is the only external flash memory device that I know of which claims to. But I have seen nothing respecting host based controllers. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 From owner-freebsd-questions@freebsd.org Tue Jun 20 15:22:47 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EC764D9AFB6 for ; Tue, 20 Jun 2017 15:22:47 +0000 (UTC) (envelope-from jim@mailman-hosting.com) Received: from maurice.jlkmail.com (maurice.jlkmail.com [IPv6:2606:c700:1:30::23:2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CDBD6287A for ; Tue, 20 Jun 2017 15:22:47 +0000 (UTC) (envelope-from jim@mailman-hosting.com) Received: from maurice.jlkmail.com (localhost [127.0.0.1]) by maurice.jlkmail.com (Postfix) with ESMTP id E9AE824C0C6C for ; Tue, 20 Jun 2017 11:22:46 -0400 (EDT) Authentication-Results: maurice.jlkmail.com (amavisd-new); dkim=pass (1024-bit key) reason="pass (just generated, assumed good)" header.d=mailman-hosting.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d= mailman-hosting.com; h=content-transfer-encoding :content-language:content-type:content-type:in-reply-to :mime-version:user-agent:date:date:message-id:from:from :references:to:subject:subject; s=dkim; t=1497972165; x= 1498836166; bh=l87JPAZOFIhY36s8gAEWaKjktti8lvNtVe4CxacXblU=; b=o M8uZReXezuXXetp6wjNrrAXQxkJSkvRhpIRyZ+a8FZyQLPOYKU1P0Sdei8meluyD YJH09m1fkbEAoFUbpLTzU3j77hGYPQvDyT70xcYsrLZN151QXz7mRDWMz9ybT8Mm XNCxnDbem1SE5ITEGAY5Y+4OaKeGVTI6c1WSXYteBw= X-Virus-Scanned: Debian amavisd-new at maurice.jlkmail.com X-Spam-Flag: NO X-Spam-Score: 4.296 X-Spam-Level: **** X-Spam-Status: No, score=4.296 tagged_above=-999 required=6.31 tests=[ALL_TRUSTED=-1, RAZOR2_CF_RANGE_51_100=0.365, RAZOR2_CF_RANGE_E8_51_100=2.43, RAZOR2_CHECK=2.5, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from maurice.jlkmail.com ([127.0.0.1]) by maurice.jlkmail.com (maurice.jlkmail.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id aCoaMrnaFaIi for ; Tue, 20 Jun 2017 11:22:45 -0400 (EDT) Received: from [192.168.1.164] (static-70-104-198-156.nrflva.fios.verizon.net [70.104.198.156]) by maurice.jlkmail.com (Postfix) with ESMTPSA id B787A24C00EA; Tue, 20 Jun 2017 11:22:44 -0400 (EDT) Subject: Re: New User, new server To: Peter Ludikovsky References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Cc: freebsd-questions@freebsd.org From: Jim Ohlstein Message-ID: Date: Tue, 20 Jun 2017 11:22:44 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:22:48 -0000 Hello, On 06/20/2017 10:33 AM, Peter Ludikovsky wrote: > Hello, > > I recently acquired a former office tower to replace my old home > server (Debian 8), itself an even older office tower. As it's my > primary storage location for images and documents I want something > stable, and I want to try something besides Linux, so I'm going for > FreeBSD 11-RELEASE. Which brings a few questions: Good choice! > > 1) The new machine comes with a 128G SSD, in addition to the 2 4T > HDDs from the older server. I'd like to set up ZFS root, with a slice > of the SSD as ZIL and L2ARC, and the root mirrored across the SSD and > the 2 HDDs. Does this make sense, and if so what would be the ideal > slice layout? Or should I just use the whole SSD as ZIL/L2ARC? I wouldn't mirror anything across an SSD and a magnetic drive (or two). Pick either the SSD or the drives. ZIL/L2ARC may be overkill on a home system unless it's frequently accessed by multiple users, but if you insist on having both on one SSD, make them the only things on the drive, and keep everything else on the 4TB drives. It's best to have ZIL and L2ARC on different, dedicated devices, but your hardware eliminates that possibility. > > 1.1) Can I start this setup with just the SSD an one HDD, as to keep > the old server alive until everything is migrated? It's very easy to add to ZFS if you plan to mirror. You can add a striped drive, but the results won't be as good as if you create the zpool as striped. > > 2) Moving data from the old machine. Can I run zfs send/receive to > get the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? It _should_ work, but rsync will work. > > 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an > ISP provided router, but I'm paranoid enough to want an additional > firewall on that machine, and one that plays nice with fail2ban at > that. Unless you're running services that expect outside connections (say if this is a file server), it won't matter. In fact, it really doesn't matter anyway. Pick one, learn it, use it. I use PF. I've used the other two also. PF includes functionality for port redirection and NAT. I have no idea about fail2ban. I use PF tables and the expiretable utility. > > 4) As far as I understand it the host plays gateway for jails. Does > that mean that any firewalling is done there too? If so, is any > special configuration required besides enabling IP forwarding? (NAT, > …) Yes. PF (at least) applies all rules to all packets. I'd assume the others do as well. > > 5) Currently all services on the machine run together. With FreeBSD > I'd like to jail them. Is there an easy way to convert, or will I be > creating jails for the services & shovel the data over as if it's a > fresh install? You'll have to create the jails manually and move your data. The ezjail utility, among others, makes this easy. Creating a cloned loopback for your jails allows them to communicate with each other while being isolated from the outside. > > Any pointers are appreciated. I'm in no hurry (old machine ain't > dying yet), and I'd rather do it slow & clean than fast & dirty. > -- Jim Ohlstein Profesional Mailman Hosting https://mailman-hosting.com From owner-freebsd-questions@freebsd.org Tue Jun 20 15:34:30 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 810B7D9B2F3 for ; Tue, 20 Jun 2017 15:34:30 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 052032DF9 for ; Tue, 20 Jun 2017 15:34:29 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from zero-gravitas.local (unknown [85.199.232.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 839E1C275 for ; Tue, 20 Jun 2017 15:34:21 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/839E1C275; dkim=none; dkim-atps=neutral Subject: Re: New User, new server To: freebsd-questions@freebsd.org References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> From: Matthew Seaman Message-ID: Date: Tue, 20 Jun 2017 16:34:12 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="aeJXQpvmA31K04hfmd2nRSO0VTX2X6V0h" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:34:30 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --aeJXQpvmA31K04hfmd2nRSO0VTX2X6V0h Content-Type: multipart/mixed; boundary="dSTSfKnSXTjlAW6IvBOw0Xdp3STWQw9QO"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: Subject: Re: New User, new server References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> In-Reply-To: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> --dSTSfKnSXTjlAW6IvBOw0Xdp3STWQw9QO Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2017/06/20 15:33, Peter Ludikovsky wrote: > Hello, >=20 > I recently acquired a former office tower to replace my old home server= > (Debian 8), itself an even older office tower. As it's my primary > storage location for images and documents I want something stable, and = I > want to try something besides Linux, so I'm going for FreeBSD > 11-RELEASE. Which brings a few questions: >=20 > 1) The new machine comes with a 128G SSD, in addition to the 2 4T HDDs > from the older server. I'd like to set up ZFS root, with a slice of the= > SSD as ZIL and L2ARC, and the root mirrored across the SSD and the 2 > HDDs. Does this make sense, and if so what would be the ideal slice > layout? Or should I just use the whole SSD as ZIL/L2ARC? Use the 2 4T HDDs for your main zdev, and keep the SSD for ZIL/ARC separately. zpools work better if all of the storage devices are about the same size and performance level. Given you're going to mirror the two 4T HDDs, be aware that having just one physical device for your separate logs will reintroduce a single point of failure. Even though a separate log device is not /required/, and you can add and remove log devices on the fly, your system will still crash'n'burn if the log device dies unexpectedly on you. Better to have mirrored logs if you can swing another SSD. Oh, and with a SLOG device you generally don't need to allocate a huge amount of space for all the different types of log. Given the throughput on the SSD, it's a good idea to run it 'undercommitted' (with plenty of unallocated space) as this will give you extended life on the device. Because of the wear-leveling, all of the memory cells on the device will eventually be used, so by restricting the size of the allocated areas, you effectively give yourself access to a lot more "spare" memory cells than the device would give you as standard. > 1.1) Can I start this setup with just the SSD an one HDD, as to keep th= e > old server alive until everything is migrated? Yes. > 2) Moving data from the old machine. Can I run zfs send/receive to get > the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? That depends on the relative capabilities of the ZFS setup on each end of the zfs send/receive chain. Generally you can send from an older ZFS to a newer one, but not vice versa. It's easy to test though -- just create a very small ZFS and try sending that to the other server. > 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an IS= P > provided router, but I'm paranoid enough to want an additional firewall= > on that machine, and one that plays nice with fail2ban at that. PF has a much nicer (IMHO) configuration interface, but IPFW is higher performance (although I doubt you're going to notice any difference unless you'll be generating traffic at 1Gb/s or above for extended periods.) ipfilter is there for compatibility with other machines that are running legacy ipfilter setups. Not recommended for a new install. > 4) As far as I understand it the host plays gateway for jails. Does tha= t > mean that any firewalling is done there too? If so, is any special > configuration required besides enabling IP forwarding? (NAT, =E2=80=A6)= This depends on the type of jail. The traditional way, host and jails share a single IP stack, and the host provides firewall services for all of the jails. There is a newer way of running jails -- keyword here is 'VIMAGE' (see: https://wiki.freebsd.org/VIMAGE) -- where each jail gets a separate network stack and can run its own firewall. This entails use of something like an epair(4) interface, where one end gets passed to the jail, and the other gets bridged together with the spare epairs from other jails etc. to make a virtual switch inside the host machine. VIMAGE is cool, and it has had a lot of work into making it run much more smoothly nowadays, but if you've never used jails at all before now, I'd advise you to start with just the regular style of jail. I'd also suggest looking into a jail management system like iocage. > 5) Currently all services on the machine run together. With FreeBSD I'd= > like to jail them. Is there an easy way to convert, or will I be > creating jails for the services & shovel the data over as if it's a > fresh install? You can probably copy over config files, data etc. as the basis of the config in your new jails, but they will need manual editing to set the correct IP numbers and so forth. As far as I know, there isn't a generic and automated way to do that. On the other hand, a host with a bunch of jails can be managed very sweetly using something like ansible(1) -- everyone wants onto the devops bandwagon, eh? > Any pointers are appreciated. I'm in no hurry (old machine ain't dying > yet), and I'd rather do it slow & clean than fast & dirty. In that case, experiment. Try out a number of different scenarios on some throwaway test environments, then blow all that away and implement a 'for real' setup with the benefit of what you've learned in testing. Cheers, Matthew --dSTSfKnSXTjlAW6IvBOw0Xdp3STWQw9QO-- --aeJXQpvmA31K04hfmd2nRSO0VTX2X6V0h Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQJ8BAEBCgBmBQJZSUB8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnMoEQAJJDmsGke0POzWjkT02SVTOF AVvMZCWgfDFUNjROMvBW8L513DBBdAzGbKZKUKox+imLKfdDcoBQRpbABiofRPBu 34Q4KfHZlxPqsNYMazunKXcefKhmYpiIR1BFB1tNWTMP8yg5DdYJ5fXiOGIIcgQv Cg4dmerS3BfNbnuUpeF2tlRPkFxOLx5sDakQvAzXZk+SO/Ah48UF/S10CWdJNYyW 1geKoatxdCuCbFYQbLtyQOd6l1rUfPvPD4gtEje4nMQOsHXyFXXwHLJnaPT1LGOP RivZNawdalcUMVEoHWooJoQMhnz6oE7dt7MNGroRzjY1CG5dhSVPbHoTgA84L2ug GMOeukCKB9ZOQugv8eehzfl9FNJgSFK96VFi0e+uAQlmzO7ROStDBPG0aX1bCr0s +W+Ox2wCChfMuqWxuXrklmqHBOffUovogpqwMkDjibV869UgTcUrdkOrO4lJVBAf o0OeDDUQQynJZjEkzLpMaZ8Fe4nQ7n2nTICoZKxeeK3SOS2LioRKhbV8eEAhUz4/ DCOeKRfLRh7wMYgvSfdoDUgd+owvo4WvQxvgb1hKs+JBbm7X5Sxj4TrT6IrFrG4M +QFgq5XE6oC6ApAO+0JrxXmD3IZORKZ9NnyjoV0MMdnru4/suZbI9AO2VZDBoG+n pYWZywnSQ2dPiFqe+uU6 =KUWh -----END PGP SIGNATURE----- --aeJXQpvmA31K04hfmd2nRSO0VTX2X6V0h-- From owner-freebsd-questions@freebsd.org Tue Jun 20 15:37:59 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AAD6DD9B427 for ; Tue, 20 Jun 2017 15:37:59 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from baobab.bilink.net (baobab.bilink.net [212.45.144.44]) by mx1.freebsd.org (Postfix) with ESMTP id 6CCE33041 for ; Tue, 20 Jun 2017 15:37:58 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from localhost (localhost [127.0.0.1]) by baobab.bilink.it (Postfix) with ESMTP id 3wsWvt1JHTz1cXL2 for ; Tue, 20 Jun 2017 17:28:42 +0200 (CEST) X-Virus-Scanned: amavisd-new at mcs.it Received: from baobab.bilink.net ([127.0.0.1]) by localhost (baobab.mcs.it [127.0.0.1]) (amavisd-new, port 11027) with ESMTP id 4oX5PExHr4cv for ; Tue, 20 Jun 2017 17:28:42 +0200 (CEST) Received: from hermes.mcs.it (hermes.mcs.it [192.168.132.21]) by baobab.bilink.it (Postfix) with ESMTP id 3wsWvt0V3Vz1cXL1 for ; Tue, 20 Jun 2017 17:28:42 +0200 (CEST) Received: from mordeus (unknown [192.168.45.6]) by hermes.mcs.it (Postfix) with ESMTP id E50861B769C for ; Tue, 20 Jun 2017 17:28:41 +0200 (CEST) Date: Tue, 20 Jun 2017 17:28:41 +0200 From: Luciano Mannucci To: freebsd-questions@freebsd.org Subject: Filesystem antivirus for FreeBSD X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) X-Face: 4qPv4GNcD; h<7Q/sK>+GqF4=CR@KmnPkSmwd+#%\F`4yjKO3"C]p'z=(oWRnsYBQGM\5g:4skqQY0NnV'dM:Mm:^/_+I@a"; [-s=ogufdF"9ggQ'=y MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:37:59 -0000 Hello, I need an antivirus for FreeBSD that catches php malware. Does such a beastie exist? :) Cheers, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From owner-freebsd-questions@freebsd.org Tue Jun 20 15:40:26 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C7EAD9B5AE for ; Tue, 20 Jun 2017 15:40:26 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2343C31E7 for ; Tue, 20 Jun 2017 15:40:25 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [10.186.223.48] (mobile-166-175-187-49.mycingular.net [166.175.187.49]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5KFeBSm063058 (version=TLSv1.2 cipher=DHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Tue, 20 Jun 2017 10:40:12 -0500 (CDT) (envelope-from tundra@tundraware.com) From: Tim Daneliuk To: Luciano Mannucci , Date: Tue, 20 Jun 2017 10:40:03 -0500 Message-ID: <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> In-Reply-To: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> References: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> User-Agent: AquaMail/1.10.0-403 (build: 101000001) Subject: Re: Filesystem antivirus for FreeBSD MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="us-ascii" Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Tue, 20 Jun 2017 10:40:13 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5KFeBSm063058 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:40:26 -0000 Clamav might, but you'll have to check. From owner-freebsd-questions@freebsd.org Tue Jun 20 15:44:38 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00410D9B85F for ; Tue, 20 Jun 2017 15:44:38 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id BAC453686 for ; Tue, 20 Jun 2017 15:44:37 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 6B7DDCB8CDF; Tue, 20 Jun 2017 10:44:36 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Tue, 20 Jun 2017 10:44:36 -0500 (CDT) Message-ID: <31261.128.135.52.6.1497973476.squirrel@cosmo.uchicago.edu> In-Reply-To: References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Date: Tue, 20 Jun 2017 10:44:36 -0500 (CDT) Subject: Re: New User, new server From: "Valeri Galtsev" To: "Jim Ohlstein" Cc: "Peter Ludikovsky" , freebsd-questions@freebsd.org Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 15:44:38 -0000 On Tue, June 20, 2017 10:22 am, Jim Ohlstein wrote: > Hello, > > On 06/20/2017 10:33 AM, Peter Ludikovsky wrote: >> Hello, >> >> I recently acquired a former office tower to replace my old home >> server (Debian 8), itself an even older office tower. As it's my >> primary storage location for images and documents I want something >> stable, and I want to try something besides Linux, so I'm going for >> FreeBSD 11-RELEASE. Which brings a few questions: > > Good choice! > >> >> 1) The new machine comes with a 128G SSD, in addition to the 2 4T >> HDDs from the older server. I'd like to set up ZFS root, with a slice >> of the SSD as ZIL and L2ARC, and the root mirrored across the SSD and >> the 2 HDDs. Does this make sense, and if so what would be the ideal >> slice layout? Or should I just use the whole SSD as ZIL/L2ARC? > > I wouldn't mirror anything across an SSD and a magnetic drive (or two). > Pick either the SSD or the drives. > > ZIL/L2ARC may be overkill on a home system unless it's frequently > accessed by multiple users, but if you insist on having both on one SSD, > make them the only things on the drive, and keep everything else on the > 4TB drives. It's best to have ZIL and L2ARC on different, dedicated > devices, but your hardware eliminates that possibility. > >> >> 1.1) Can I start this setup with just the SSD an one HDD, as to keep >> the old server alive until everything is migrated? > > It's very easy to add to ZFS if you plan to mirror. You can add a > striped drive, but the results won't be as good as if you create the > zpool as striped. > >> >> 2) Moving data from the old machine. Can I run zfs send/receive to >> get the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? > > It _should_ work, but rsync will work. > >> >> 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an >> ISP provided router, but I'm paranoid enough to want an additional >> firewall on that machine, and one that plays nice with fail2ban at >> that. > > Unless you're running services that expect outside connections (say if > this is a file server), it won't matter. In fact, it really doesn't > matter anyway. I originally used IPFilter, but at some point I switched over to IPFW. The problem with IPFilter I had was: IPFilter has very small buffer, so on busy server you end up with locked up connections once buffer gets filled. To fix that you had to go and edit a couple of lines in IPFilter kernel module, and recompile it... and keep doing it with every kernel update. It is possible that that is changed, but if I were to start now, I either would go with PF or IPFW (the last somehow virtually didn't have any learning curve for Linux refugee - me). Valeri > Pick one, learn it, use it. I use PF. I've used the other > two also. PF includes functionality for port redirection and NAT. I have > no idea about fail2ban. I use PF tables and the expiretable utility. > >> >> 4) As far as I understand it the host plays gateway for jails. Does >> that mean that any firewalling is done there too? If so, is any >> special configuration required besides enabling IP forwarding? (NAT, >> …) > > Yes. PF (at least) applies all rules to all packets. I'd assume the > others do as well. > >> >> 5) Currently all services on the machine run together. With FreeBSD >> I'd like to jail them. Is there an easy way to convert, or will I be >> creating jails for the services & shovel the data over as if it's a >> fresh install? > > You'll have to create the jails manually and move your data. The ezjail > utility, among others, makes this easy. Creating a cloned loopback for > your jails allows them to communicate with each other while being > isolated from the outside. > >> >> Any pointers are appreciated. I'm in no hurry (old machine ain't >> dying yet), and I'd rather do it slow & clean than fast & dirty. >> > > > -- > Jim Ohlstein > Profesional Mailman Hosting > https://mailman-hosting.com > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-questions@freebsd.org Tue Jun 20 16:18:54 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B5DAFD9C563 for ; Tue, 20 Jun 2017 16:18:54 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from baobab.bilink.net (baobab.bilink.net [212.45.144.44]) by mx1.freebsd.org (Postfix) with ESMTP id 79210652A5 for ; Tue, 20 Jun 2017 16:18:54 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from localhost (localhost [127.0.0.1]) by baobab.bilink.it (Postfix) with ESMTP id 3wsY1n2MXSzRRqR for ; Tue, 20 Jun 2017 18:18:53 +0200 (CEST) X-Virus-Scanned: amavisd-new at mcs.it Received: from baobab.bilink.net ([127.0.0.1]) by localhost (baobab.mcs.it [127.0.0.1]) (amavisd-new, port 11027) with ESMTP id kCYVMixIl3+U for ; Tue, 20 Jun 2017 18:18:53 +0200 (CEST) Received: from hermes.mcs.it (hermes.mcs.it [192.168.132.21]) by baobab.bilink.it (Postfix) with ESMTP id 3wsY1n1bGTzRRqQ for ; Tue, 20 Jun 2017 18:18:53 +0200 (CEST) Received: from mordeus (unknown [192.168.45.6]) by hermes.mcs.it (Postfix) with ESMTP id 21B551B7699 for ; Tue, 20 Jun 2017 18:18:53 +0200 (CEST) Date: Tue, 20 Jun 2017 18:18:52 +0200 From: Luciano Mannucci To: freebsd-questions@freebsd.org Subject: Re: Filesystem antivirus for FreeBSD In-Reply-To: <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> References: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) X-Face: 4qPv4GNcD; h<7Q/sK>+GqF4=CR@KmnPkSmwd+#%\F`4yjKO3"C]p'z=(oWRnsYBQGM\5g:4skqQY0NnV'dM:Mm:^/_+I@a"; [-s=ogufdF"9ggQ'=y MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <3wsY1n1bGTzRRqQ@baobab.bilink.it> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 16:18:54 -0000 On Tue, 20 Jun 2017 10:40:03 -0500 Tim Daneliuk wrote: > Clamav might, but you'll have to check. It failed to catch a virus that Sophos on Linux found. BTW, yes.Clamav does run. Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From owner-freebsd-questions@freebsd.org Tue Jun 20 16:35:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8FE6D9CA02 for ; Tue, 20 Jun 2017 16:35:57 +0000 (UTC) (envelope-from zhao6014@gmail.com) Received: from mail-oi0-x22b.google.com (mail-oi0-x22b.google.com [IPv6:2607:f8b0:4003:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 90D6A65B18 for ; Tue, 20 Jun 2017 16:35:57 +0000 (UTC) (envelope-from zhao6014@gmail.com) Received: by mail-oi0-x22b.google.com with SMTP id b6so75679190oia.1 for ; Tue, 20 Jun 2017 09:35:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Or5msDYkSVlmENIcFNQwXH99s39EvWeXO6x5rXbeoow=; b=tyceCABT6l35ZuW9U9XPcS3XKJwfWb2i6q2jfElamYclKpGvFZtxYqnXUORoHR0KmN 2ZR0c8+EiSeXFDDM54d93h7vzUh0SK/zrRC/IR8qaGhUTZ/FTwOraXl7zZP18hbtVByg iWL2G9q8LJRdEu+xdZjeraTiFAHBVX5tbaSSRxc+NiW/2p822r78zm0jJSz/5HHtg/Gd ntiricJvwptdwuHZoRlIlHetMdmgGQAn3CCyfbiMpj66GsBw4nozEnI0Zpygz2aokQEL v3WOjTtTaBzDnJVPGwJYnX6l4lC72cOz63VxFLmL9xcubRjVzY1VymbxcnT7BeOfV2vK /Y3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Or5msDYkSVlmENIcFNQwXH99s39EvWeXO6x5rXbeoow=; b=NGe+LJQfDnVF7b4JsitoQ1zkFnJSRO0BEtcKuPITlFdEy3RQZczGm/qHVP7ckuzf4+ CyA55yJYNd7v6nPErHKZm7vbc8o++OxUSdLnCTY2OvYqSC8jh68JNWJkd7nXSXXYVk1F PbalqgZ6PtZ6+UOrCxWUh8MliSDF/RagJU0deIHMtmD+6YfSiMUQJ+Yk8R7S5ZjV64Ny sLgoN8Oj/Fp6+WUdPpzdctwmlIpdLnEUgGhvBzTmwwRO6TMl8om2RlvHkELpIXrP9x7a e7ChClU2JD/q8pFI2AWqU2EO94+ozQuGS2vtqA5Z1Wb6hpZV2846ADSY/WY1HXI9Xxvx U7rQ== X-Gm-Message-State: AKS2vOwZSbDSG/9zNwVvcRym1ER0UfKCHzmesChk4GjIEb4Gq3dAs2DS u0qtnY2A4nrFuEgyv9cCidiatZZVIQ== X-Received: by 10.202.83.133 with SMTP id h127mr14226586oib.135.1497976556728; Tue, 20 Jun 2017 09:35:56 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.133.136 with HTTP; Tue, 20 Jun 2017 09:35:56 -0700 (PDT) Received: by 10.74.133.136 with HTTP; Tue, 20 Jun 2017 09:35:56 -0700 (PDT) In-Reply-To: <3wsY1n1bGTzRRqQ@baobab.bilink.it> References: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> <3wsY1n1bGTzRRqQ@baobab.bilink.it> From: Jov Date: Wed, 21 Jun 2017 00:35:56 +0800 Message-ID: Subject: Re: Filesystem antivirus for FreeBSD To: Luciano Mannucci Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 16:35:57 -0000 You can export the fs as nfs and mount it to linux if calmav not good enough compare with sophos. Or you can try to run sophos on freebsd with linux emulation, see the hand book for detail. Jov 2017=E5=B9=B46=E6=9C=8821=E6=97=A5 12:19 AM=EF=BC=8C"Luciano Mannucci" =E5=86=99=E9=81=93=EF=BC=9A On Tue, 20 Jun 2017 10:40:03 -0500 Tim Daneliuk wrote: > Clamav might, but you'll have to check. It failed to catch a virus that Sophos on Linux found. BTW, yes.Clamav does run. Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ _______________________________________________ freebsd-questions@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org= " From owner-freebsd-questions@freebsd.org Tue Jun 20 17:19:05 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 618BFD9D695 for ; Tue, 20 Jun 2017 17:19:05 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from baobab.bilink.net (baobab.bilink.net [212.45.144.44]) by mx1.freebsd.org (Postfix) with ESMTP id 2410D67220 for ; Tue, 20 Jun 2017 17:19:04 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from localhost (localhost [127.0.0.1]) by baobab.bilink.it (Postfix) with ESMTP id 3wsZMC3kcWz1cXL0 for ; Tue, 20 Jun 2017 19:19:03 +0200 (CEST) X-Virus-Scanned: amavisd-new at mcs.it Received: from baobab.bilink.net ([127.0.0.1]) by localhost (baobab.mcs.it [127.0.0.1]) (amavisd-new, port 11027) with ESMTP id LUVlIHoXv+-X for ; Tue, 20 Jun 2017 19:19:03 +0200 (CEST) Received: from hermes.mcs.it (hermes.mcs.it [192.168.132.21]) by baobab.bilink.it (Postfix) with ESMTP id 3wsZMC2yG8z1cXKx for ; Tue, 20 Jun 2017 19:19:03 +0200 (CEST) Received: from mordeus (unknown [192.168.45.6]) by hermes.mcs.it (Postfix) with ESMTP id 3CB241B7699 for ; Tue, 20 Jun 2017 19:19:03 +0200 (CEST) Date: Tue, 20 Jun 2017 19:19:03 +0200 From: Luciano Mannucci To: freebsd-questions@freebsd.org Subject: Re: Filesystem antivirus for FreeBSD In-Reply-To: References: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> <3wsY1n1bGTzRRqQ@baobab.bilink.it> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) X-Face: 4qPv4GNcD; h<7Q/sK>+GqF4=CR@KmnPkSmwd+#%\F`4yjKO3"C]p'z=(oWRnsYBQGM\5g:4skqQY0NnV'dM:Mm:^/_+I@a"; [-s=ogufdF"9ggQ'=y MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <3wsZMC2yG8z1cXKx@baobab.bilink.it> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 17:19:05 -0000 On Wed, 21 Jun 2017 00:35:56 +0800 Jov wrote: > You can export the fs as nfs and mount it to linux if calmav not good > enough compare with sophos. Well. I'm trying to replace linux... :) > Or you can try to run sophos on freebsd with linux emulation, see the hand > book for detail. Yes, good Idea. I'll have to intall it via chroot, so it is not so easy (I need a lot of linux commands under /compat/linux for that, and I have to discover which one by test & try...) Cheers, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250 X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From owner-freebsd-questions@freebsd.org Tue Jun 20 20:04:18 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D629DDA110E for ; Tue, 20 Jun 2017 20:04:18 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay14.qsc.de (mailrelay14.qsc.de [212.99.163.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5BDFC71965 for ; Tue, 20 Jun 2017 20:04:17 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay14.qsc.de; Tue, 20 Jun 2017 22:03:50 +0200 Received: from r56.edvax.de (port-92-195-76-106.dynamic.qsc.de [92.195.76.106]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 6AA483CBF9; Tue, 20 Jun 2017 22:03:49 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v5KK3nRY002071; Tue, 20 Jun 2017 22:03:49 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Tue, 20 Jun 2017 22:03:49 +0200 From: Polytropon To: byrnejb@harte-lyne.ca Cc: freebsd-questions@freebsd.org Subject: Re: Fwd: [cros-discuss] Hacking possibility? Real or not? Message-Id: <20170620220349.d17430b8.freebsd@edvax.de> In-Reply-To: References: Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay14.qsc.de with E278D683E54 X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1276 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 20:04:18 -0000 On Tue, 20 Jun 2017 11:15:58 -0400, James B. Byrne via freebsd-questions wrote: > > On Tue, June 20, 2017 06:38, Matthew Seaman wrote: > > On 2017/06/20 10:23, Matthias Apitz wrote: > >> In the mailing-list about Chromium OS is some interesting discussion > >> about some attack vector using an USB plug-in with some Raspery > >> system behind to offer to the OS an USB keyboard and ethernet and > >> at the end take over the system. More of the discussion here > >> > >> https://groups.google.com/a/chromium.org/forum/?hl=en#!topic/chromium-os-discuss/UqbGh2kHaVw > >> > >> and the full technical description here: > >> > >> https://samy.pl/poisontap/ > >> > >> As far as I can see, the same attack would be possible as well on > >> FreeBSD, maybe not so easy because the devd(8) must be configured > >> and the module for ethernet on USB cdce(4) must be loaded in advance. > >> > > > > Isn't this yet another manifestation of physical access to the > > hardware being almost impossible to secure against? Don't plug > > in any strange USB devices kids, and don't let your portable kit > > out of your control so that other people could take liberties > > with your USB ports either. > > Every USB device contains a controller which itself operates on the > basis of flash-able microcode. Few such controllers have any > safeguards against being reprogrammed. Consequently, any physical > access to any USB port on a host allows an attacker to permanently > corrupt and infect the USB device controller(s) on a target system. > As such malware likely contains code to prohibit further reprogramming > the infection is permanent and removal of the affected hardware is the > only remedy. On most modern computers this requires discarding the > motherboard. > > This issue was demonstrated at BlackHat-2014. I think you're refering to "BadUSB". For reference and context: https://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/ https://www.blackhat.com/us-14/briefings.html#badusb-on-accessories-that-turn-evil With physical access to a machine, no matter if via USB or orhter means, it's more or less game over, and no OS mechanism can prevent that. As Valeri mentioned, physical security always is part of the game. ;-) Regarding the initial submission, I think FreeBSD configuration determines what happens when a new network device is being found (even if it's just an emulated one). In "worst" case, the system recognizes the interface and then does nothing - no DHCP request. Thas "stops" the attack at this poing. Everything else explained depends on the network functionality being established. PoisonTap's primary operation is to act within a network. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Tue Jun 20 20:30:58 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 34DDFDA1B6D for ; Tue, 20 Jun 2017 20:30:58 +0000 (UTC) (envelope-from liquiddb7@yandex.com) Received: from forward9j.cmail.yandex.net (forward9j.cmail.yandex.net [IPv6:2a02:6b8:0:1630::184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "forwards.mail.yandex.net", Issuer "Yandex CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E836772C06 for ; Tue, 20 Jun 2017 20:30:57 +0000 (UTC) (envelope-from liquiddb7@yandex.com) Received: from mxback18j.mail.yandex.net (mxback18j.mail.yandex.net [IPv6:2a02:6b8:0:1619::94]) by forward9j.cmail.yandex.net (Yandex) with ESMTP id D39A722048; Tue, 20 Jun 2017 23:30:45 +0300 (MSK) Received: from web23j.yandex.ru (web23j.yandex.ru [5.45.198.64]) by mxback18j.mail.yandex.net (nwsmtp/Yandex) with ESMTP id axFsxeCPt4-Uj9qdKgw; Tue, 20 Jun 2017 23:30:45 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1497990645; bh=mWbJ8EY92LptQ/KQbbDmJMcJv4uaRusV65T4cxlBGug=; h=From:To:Subject:Message-Id:Date; b=R1mi4jPwRxCEVmSnQXF3fOz5Yiv2AdpWROjjKDsDV9MITjjD/iNUHIRPw8Q3ivX0a fx9Pv8aZooBnoBV6xgOO+FRcI213n2A0l3UrpBNog19mRw1KtGXV03Ak3dsv4F6UVN H3mkAKNE0htCaphYV8cj85yrsDGyx52m4hKhy6aU= Authentication-Results: mxback18j.mail.yandex.net; dkim=pass header.i=@yandex.com Received: by web23j.yandex.ru with HTTP; Tue, 20 Jun 2017 23:30:45 +0300 From: Elizabeth Andrew II To: freebsd-questions , "ARC-ameshrweb@mail.nasa.gov" Subject: The problem is spaceage and historic succession.. Message-Id: <243111497990645@web23j.yandex.ru> X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Tue, 20 Jun 2017 10:30:45 -1000 MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jun 2017 20:30:58 -0000 From owner-freebsd-questions@freebsd.org Wed Jun 21 02:41:29 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D8618DA72D6 for ; Wed, 21 Jun 2017 02:41:29 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [150.101.137.141]) by mx1.freebsd.org (Postfix) with ESMTP id 6A8B07C73E for ; Wed, 21 Jun 2017 02:41:28 +0000 (UTC) (envelope-from FreeBSD@shaneware.biz) Received: from ppp121-45-80-251.bras1.adl6.internode.on.net (HELO leader.local) ([121.45.80.251]) by ipmail04.adl6.internode.on.net with ESMTP; 21 Jun 2017 12:11:20 +0930 Subject: Re: Filesystem antivirus for FreeBSD To: Luciano Mannucci , freebsd-questions@freebsd.org References: <3wsWvt0V3Vz1cXL1@baobab.bilink.it> <15cc6291c50.279b.0b331fcf0b21179f1640bd439e3f4a1e@tundraware.com> <3wsY1n1bGTzRRqQ@baobab.bilink.it> From: Shane Ambler Message-ID: <14613073-fb23-d7a3-a6fd-f0b39753c789@ShaneWare.Biz> Date: Wed, 21 Jun 2017 12:11:16 +0930 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <3wsY1n1bGTzRRqQ@baobab.bilink.it> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 02:41:29 -0000 On 21/06/2017 01:48, Luciano Mannucci wrote: > On Tue, 20 Jun 2017 10:40:03 -0500 > Tim Daneliuk wrote: > >> Clamav might, but you'll have to check. > It failed to catch a virus that Sophos on Linux found. Have you submitted a sample that clamav may get a solution added? http://www.clamav.net/reports/malware -- FreeBSD - the place to B...Software Developing Shane Ambler From owner-freebsd-questions@freebsd.org Wed Jun 21 02:51:24 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A2726DA7511 for ; Wed, 21 Jun 2017 02:51:24 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.he.net", Issuer "Starfield Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8A4677CCE5 for ; Wed, 21 Jun 2017 02:51:24 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Tue, 20 Jun 2017 19:51:17 -0700 Subject: Re: New User, new server To: freebsd-questions@freebsd.org References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> From: David Christensen Message-ID: Date: Tue, 20 Jun 2017 19:51:16 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 02:51:24 -0000 On 06/20/17 07:33, Peter Ludikovsky wrote: > I recently acquired a former office tower to replace my old home server > (Debian 8), itself an even older office tower. As it's my primary > storage location for images and documents I want something stable, and I > want to try something besides Linux, so I'm going for FreeBSD > 11-RELEASE. Which brings a few questions: > > 1) The new machine comes with a 128G SSD, in addition to the 2 4T HDDs > from the older server. I'd like to set up ZFS root, with a slice of the > SSD as ZIL and L2ARC, and the root mirrored across the SSD and the 2 > HDDs. Does this make sense, and if so what would be the ideal slice > layout? Or should I just use the whole SSD as ZIL/L2ARC? > > 1.1) Can I start this setup with just the SSD an one HDD, as to keep the > old server alive until everything is migrated? I have several computers in my SOHO network, Pentium 4 and newer, running various versions of Windows, Debian, and FreeBSD. I use mobile racks and put one OS on each system disk (using MBR partitioning) to facilitate migration and imaging. My preferred system disk size is 16 GB; SSD's when available, but Debian will run off USB flash drives. Once a system is installed, updated, configured, and operating, I sometimes move the image to another device (SSD, HDD, USB flash drive; 16 GB or larger). I would put FreeBSD on the 128 GB SSD using the FreeBSD 11.0 RELEASE installer, select "Auto (ZFS)" for partitioning, and navigate the options to end up with a ZFS boot partition, an encrypted swap partition, and an encrypted ZFS root partition. (The installer will use 100% of the drive. If you are savvy enough, you can shell out during installation and label, slice, partition, create GEOM devices, create ZFS pools, etc., of whatever size and configuration you desire.) I would leave the existing HDD's in your old server and get new drives for the new server. Two large SATA NAS drives in a ZFS mirror should be ideal for a SOHO file server. Make sure you have "enough" RAM, and a CPU with AES-NI if you use encryption. (At one point, my Intel Core i7-2600S machine had 8 GB RAM, ZFS on Linux, and two mirrored encrypted 3 TB 7200 RPM desktop SATA drives. It was very fast locally, and could easily saturate it's Gigabit network connection.) > 2) Moving data from the old machine. Can I run zfs send/receive to get > the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? As others have said: likely so, but test. > 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an ISP > provided router, but I'm paranoid enough to want an additional firewall > on that machine, and one that plays nice with fail2ban at that. I use an old P4 machine with IPCop between my AT&T residential gateway an my LAN: http://www.ipcop.org/ For host firewalling, I use Firewall Builder: http://fwbuilder.sourceforge.net/ David From owner-freebsd-questions@freebsd.org Wed Jun 21 02:54:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E2DA7DA7700 for ; Wed, 21 Jun 2017 02:54:15 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B88757CEAB for ; Wed, 21 Jun 2017 02:54:15 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Tue, 20 Jun 2017 19:54:11 -0700 Subject: Re: New User, new server To: freebsd-questions@freebsd.org References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> From: David Christensen Message-ID: <3b5d7e8a-037f-bca6-efde-8b1c96a9aa8a@holgerdanske.com> Date: Tue, 20 Jun 2017 19:54:10 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 02:54:16 -0000 On 06/20/17 19:51, David Christensen wrote: > ... My preferred system disk size is 16 GB; For Debian and FreeBSD -- Windows needs 100+ GB. David From owner-freebsd-questions@freebsd.org Wed Jun 21 05:20:41 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 257E5D867F2 for ; Wed, 21 Jun 2017 05:20:41 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from echo.brtsvcs.net (echo.brtsvcs.net [IPv6:2607:f740:c::4ae]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1067B80868 for ; Wed, 21 Jun 2017 05:20:40 +0000 (UTC) (envelope-from list_freebsd@bluerosetech.com) Received: from chombo.houseloki.net (unknown [IPv6:2601:1c2:1401:9956:21c:c0ff:fe7f:96ee]) by echo.brtsvcs.net (Postfix) with ESMTPS id E4E2A50005; Wed, 21 Jun 2017 05:20:39 +0000 (UTC) Received: from [IPv6:fe80::7102:4df8:1f13:5c55] (unknown [IPv6:fe80::7102:4df8:1f13:5c55]) by chombo.houseloki.net (Postfix) with ESMTPSA id EBED3BA8; Tue, 20 Jun 2017 22:20:38 -0700 (PDT) Subject: Re: zpool import -N mounts filesystems anyway To: Christian Kujau Cc: David Christensen , freebsd-questions@freebsd.org References: <7f41df25-df2e-298e-d33e-cc95874e831c@bluerosetech.com> <8294aeef-6399-cc5d-1d3d-ac1925430b05@bluerosetech.com> From: Mel Pilgrim Message-ID: <1ee3845a-6b46-cde6-3681-92586d17a0ea@bluerosetech.com> Date: Tue, 20 Jun 2017 22:20:50 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 05:20:41 -0000 On 06/19/2017 12:02, Christian Kujau wrote: > On Mon, 19 Jun 2017, Mel Pilgrim wrote: >> # zpool export backupB >> # ls -l /backup-ext/backupB >> total 0 >> # zpool import backupB >> # ls /backup-ext/backupB >> z0 > > Just to double-check: what does "ls" say when you use -N during import? > > C. # zfs get -r canmount,mountpoint backupA NAME PROPERTY VALUE SOURCE backupA canmount on local backupA mountpoint /backup-ext/backupA local backupA/z0 canmount on local backupA/z0 mountpoint /backup-ext/backupA/z0 inherited from backupA # zpool export backupA # zpool import -N backupA # ls /backup-ext/backupA z0 From owner-freebsd-questions@freebsd.org Wed Jun 21 05:57:46 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2F2DDD8717B for ; Wed, 21 Jun 2017 05:57:46 +0000 (UTC) (envelope-from nancy.smith@weboptimizes.com) Received: from mail-ua0-x232.google.com (mail-ua0-x232.google.com [IPv6:2607:f8b0:400c:c08::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E4C5A81573 for ; Wed, 21 Jun 2017 05:57:45 +0000 (UTC) (envelope-from nancy.smith@weboptimizes.com) Received: by mail-ua0-x232.google.com with SMTP id z22so7029283uah.1 for ; Tue, 20 Jun 2017 22:57:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=weboptimizes.com; s=google; h=mime-version:sender:from:date:message-id:subject:to; bh=feuJ7rHVKyRNiwygD558gvKRRkG9nbKymCcs+InHlQk=; b=aGAFoGGlOXLXRlUGjH7dqxVuzSpe9R7OBDh+rmIU2Az6oOnGAoiewHoAF6Bx2qb22L 16Y2jK/gkc3vDR1+VZk1AAl53REIm8FqtaLZBTtSk/Rjxga4xbnzcbGlJiROdbgLV+Tw kqEdmFy6EYcRZqkAZWcYHHkGEDfTB8t5eabpM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=feuJ7rHVKyRNiwygD558gvKRRkG9nbKymCcs+InHlQk=; b=ZXf3IuT8cetqd2McSOquAXCZ5escE/BEvaIDnZnl7xolii9nW5BKmPQRzYV8iAYJTA C1vQrwx2AYkoACHYaFFRNGV+gFHL8lUULJaL1A8L+TjQnfyHjoY4f4ArrTAFat8pOdIo CWDPZo/sEwu1uS4avqETDPOSP05ow1H/HcJESiY0RFsC0HOsGvwyNmbZXgzbIqTcRECK cC9d6CZkPdjE2AVQM8Hx4/fMLlCCiu7Y//wB6dLJXaEKXGeS+8cQCQu7JeP5NkcaOgHk HlidPcMHqetzLyc1uYIbO5M1/NiyL8HBN7FjOaQTT1iCiHZh28JVFWm0vz27g2kNkDo0 wocQ== X-Gm-Message-State: AKS2vOz+krnKDJfrZ8HAObzwVVt9BfivRYEs/NX44RvcMejB1EvH7OIU oqiiSUbyecrFhRnhexIFdaYRnqz6bOF+ X-Received: by 10.176.4.97 with SMTP id 88mr11189554uav.47.1498024664748; Tue, 20 Jun 2017 22:57:44 -0700 (PDT) Received: from 52669349336 named unknown by gmailapi.google.com with HTTPREST; Wed, 21 Jun 2017 07:57:44 +0200 MIME-Version: 1.0 Sender: Nancy Smith From: Nancy Smith Date: Wed, 21 Jun 2017 07:57:44 +0200 X-Google-Sender-Auth: gU_ZrvbBFJKFj1wSGh5qIRrrLxU Message-ID: Subject: Steps that improve your website ranking To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 05:57:46 -0000 Hello *freebsd.org *Team, *Get your website on Google=E2=80=99s front Page search: *We would like to = have a discussion with you regarding the web promotion strategy for your website. We wish to work out a proposal to strengthen the online presence of your website, via, a strategically planned web promotion campaign. In today=E2= =80=99s online era, you should be focusing on the new revolutionary ways of generating traffic. We are curious to know if you were are that are a few issues bugging your website. Sorting out these will help you get the best returns out of your website. Your website seems to be attracting traffic, but this traffic is almost stagnant and limited, which affects potential sales as you move forward. Your website doesn't feature in Google's first search page for some of the major keywords in your niche, which affects visibility. Your website has been diagnosed with coding issues, which affects ranking. Your back links profile is not efficient enough to help your search engine visibility. Your website is currently not being properly promoted online, which is affecting your marketing strategy and goals Your presence on social media platforms, such as (*Facebook, Twitter, etc.*= ) is minimal. which is depriving you of a huge market of prospective referral clients. We excel in running promotional online marketing campaign for websites. We have a host of ethical services and techniques, which you can utilize to improve your website's performance. We could send you more details regarding your present website status; we would be glad to share your =E2= =80=9C*PRE SEO REPORT=E2=80=9D* or =E2=80=9C*WEBSITE ANALYSIS REPORT* for *FREE=E2=80= =9D*. *Kindly reply back if you are interested, so we can send you more details about the package which could improve your sales & website ranking too. *Ho= pe to back from you soon. Best Regards, *Nancy Smith | Senior Sales Advisor * _________________________________________________________________________ *PS1:* Please respond to our email with *=E2=80=9CInterested*=E2=80=9D or *= =E2=80=9CNot Interested*=E2=80=9D so that we will know the status of your inquiry and act accordingly. If you are interested then I will send more details on our *=E2=80=9Ccorporate ide= ntity=E2=80=9D, =E2=80=9Ccompany profile=E2=80=9D, =E2=80=9Cwhy you should choose us?=E2=80= =9D, =E2=80=9CPrice list=E2=80=9D, =E2=80=9Cmoney back guarantee=E2=80=9D*. *PS2:* I found your site using Google search and, after having a look over your website I recommend that you implement future technologies such as HTML5 and responsive design to make your site more accessible on mobile devices and desktop etc. [image: beacon] From owner-freebsd-questions@freebsd.org Wed Jun 21 07:23:36 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C4A58D88838 for ; Wed, 21 Jun 2017 07:23:36 +0000 (UTC) (envelope-from peter@ludikovsky.name) Received: from ludikovsky.name (ludikovsky.name [IPv6:2a03:f80:ed15:158:255:212:178:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 752728372A for ; Wed, 21 Jun 2017 07:23:35 +0000 (UTC) (envelope-from peter@ludikovsky.name) Received: from [0.0.0.0] (tor-exit.csail.mit.edu [128.52.128.105]) by ludikovsky.name (Postfix) with ESMTPSA id 23AA24055; Wed, 21 Jun 2017 07:23:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ludikovsky.name; s=mail; t=1498029812; bh=oh5lqMienROnO39NGu00NTAU2J7OYZwCzJxKRIeg+Sw=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=dgPM/opRzZC/ew9jOxmvuPb/BrEs1ynXo9cGXAHJkuXiI4tMMNROOXGSjVToD+a7Y YKbVn4bzjRmTWpb/GKXMSFbqkdZfXiRFqwaGLI/cPkaggo71+iBK5RWQ8Mbabmdu09 af9R2GUjdOUXw1cG83ifKRnZC0CB8b0+/lNv9elE= Subject: Re: New User, new server To: Jim Ohlstein Cc: freebsd-questions@freebsd.org References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> From: Peter Ludikovsky Message-ID: Date: Wed, 21 Jun 2017 09:23:11 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GVBMAgf6IIMvrG0DrwcrpVaWqus8iRQwA" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 07:23:36 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --GVBMAgf6IIMvrG0DrwcrpVaWqus8iRQwA Content-Type: multipart/mixed; boundary="9Hc5in9wj9SqvA8AbLxjHBpA0ebr7DrlJ"; protected-headers="v1" From: Peter Ludikovsky To: Jim Ohlstein Cc: freebsd-questions@freebsd.org Message-ID: Subject: Re: New User, new server References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> In-Reply-To: --9Hc5in9wj9SqvA8AbLxjHBpA0ebr7DrlJ Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello, Thanks for the pointers so far! On 06/20/2017 05:22 PM, Jim Ohlstein wrote: >> 1) The new machine comes with a 128G SSD, in addition to the 2 4T >> HDDs from the older server. I'd like to set up ZFS root, with a slice >> of the SSD as ZIL and L2ARC, and the root mirrored across the SSD and >> the 2 HDDs. Does this make sense, and if so what would be the ideal >> slice layout? Or should I just use the whole SSD as ZIL/L2ARC? >=20 > I wouldn't mirror anything across an SSD and a magnetic drive (or two).= > Pick either the SSD or the drives. >=20 > ZIL/L2ARC may be overkill on a home system unless it's frequently > accessed by multiple users, but if you insist on having both on one SSD= , > make them the only things on the drive, and keep everything else on the= > 4TB drives. It's best to have ZIL and L2ARC on different, dedicated > devices, but your hardware eliminates that possibility. >=20 The idea here was that since the machine came with an SSD pre-installed, I might as well try and use it. But the installation probably won't use the whole disk, even if I want the system to be on redundant disks too, not just the data. But oh well, I'm sure I can find other use for it. >> 2) Moving data from the old machine. Can I run zfs send/receive to >> get the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? >=20 > It _should_ work, but rsync will work. I'll spin up 2 VMs and just try it. Since it's only 3 datasets that would have been moved that way (/home, Webserver data, Fileserver data) there's not much of a problem either way. >> 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an >> ISP provided router, but I'm paranoid enough to want an additional >> firewall on that machine, and one that plays nice with fail2ban at >> that. >=20 > Unless you're running services that expect outside connections (say if > this is a file server), it won't matter. In fact, it really doesn't > matter anyway. Pick one, learn it, use it. I use PF. I've used the othe= r > two also. PF includes functionality for port redirection and NAT. I hav= e > no idea about fail2ban. I use PF tables and the expiretable utility. Fileserver for internal use only, an Nextcloud instance for the family photos/videos/calendars/contacts, a Bitcoin node, and a Torrent client for various OSS images. Regards, /peter --9Hc5in9wj9SqvA8AbLxjHBpA0ebr7DrlJ-- --GVBMAgf6IIMvrG0DrwcrpVaWqus8iRQwA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdBQJZSh7fFhxwZXRlckBsdWRpa292c2t5Lm5hbWUACgkQz7o2Dmlu 3JmQdQ/5AaRezIHf580uKCXNA7vfFUvuZDgk8MpQEfdiJXLNqpT2zwJYQihg8OlE nJwuhPNuawfMCPpM3NtmYl2FAT+/Sy7vpLm0dticO55YCcv/72m9H1zAJR1szqOL NC8HIyr+xzl6NwloDtpJ/dFlJK3uOglfVhwg/MaJ1QPHlkx1AygPnd0tsYij2hUm VKvKx8xEqK8VsffPJ2z+XDZW4hzDkg3Mro5YpWR4DxR5wiFXqzPQMocI9nWnrNqN 2y1+rmhtMxAwEahD8H8rRw81iq1DDnA4Xb/sqkW5cu5no4jEF1uI3LnhERriFMmk iN6LaBxNHSj/3Pc1J7mQhQ68KNHZavPdizZdcg5/mI3dJPNPA0bq4o7UcQhJAp0V j7JQgOsQi8vXB51+5UCA7W19tLOA3rm6Ipw50QSqmHkNtCrikBL5hncS6jv/nXbi g/lsWUq8ERPQKPwU0aMgwQySKmIw6abUhUWl1MSpStjk6bsfsLC+n5IDjkVOELAZ fukafGKbNdr1skhH7s9QptGiT4sLlnF6BS/EX2b1nkQeI7atNJ6G0GSaNMEI9RCN 70eOQvCw17+gYfeqvaK5jlBhvbQeIdTYULSF+lsFk7KTd6QvINOYLbeDbh+8gH1t UHk8yQB5pPKX1pdJQLgTkoJKTPzl65xyxURTvJeQimj5CnwgjjY= =/C5e -----END PGP SIGNATURE----- --GVBMAgf6IIMvrG0DrwcrpVaWqus8iRQwA-- From owner-freebsd-questions@freebsd.org Wed Jun 21 13:45:10 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B8362D90079 for ; Wed, 21 Jun 2017 13:45:10 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 816606A8E1 for ; Wed, 21 Jun 2017 13:45:10 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.15.2/8.15.2) with ESMTPS id v5LDj28B070195 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 21 Jun 2017 07:45:02 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.15.2/8.15.2/Submit) with ESMTP id v5LDj22V070192; Wed, 21 Jun 2017 07:45:02 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Wed, 21 Jun 2017 07:45:02 -0600 (MDT) From: Warren Block To: Peter Ludikovsky cc: freebsd-questions@freebsd.org Subject: Re: New User, new server In-Reply-To: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> Message-ID: References: <800e15b2-d7f5-d339-bd77-862e9d0cab5b@ludikovsky.name> User-Agent: Alpine 2.21 (BSF 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (wonkity.com [127.0.0.1]); Wed, 21 Jun 2017 07:45:02 -0600 (MDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 13:45:10 -0000 On Tue, 20 Jun 2017, Peter Ludikovsky wrote: > 1) The new machine comes with a 128G SSD, in addition to the 2 4T HDDs > from the older server. I'd like to set up ZFS root, with a slice of the > SSD as ZIL and L2ARC, and the root mirrored across the SSD and the 2 > HDDs. Does this make sense, and if so what would be the ideal slice > layout? Or should I just use the whole SSD as ZIL/L2ARC? Don't mirror an SSD with hard drives. It will work, but cancels the benefit of the SSD. You don't say how much RAM the system has. Adding L2ARC without a decent amount of RAM is actually worse than nothing. ZIL is built in. An SSD to cache ZIL is called a SLOG. ZIL (and a SLOG) are for improving the speed of synchronous writes. Generally, that is rare unless you are using NFS and virtual machines. Also, a SLOG that is worthwhile usually needs a low-latency SSD that is used exclusively for that purpose. TLDR: unless you have at least 32GB or 64GB of RAM, adding L2ARC is questionable. A SLOG is usually only helpful if you have lots of synchronous writes, which is rare. Even then, it should be a fast, dedicated SSD just for that. http://doc.freenas.org/11/zfsprimer.html > 2) Moving data from the old machine. Can I run zfs send/receive to get > the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync? zfs send | zfs recv usually works. It depends on the feature flags on the originating system. From owner-freebsd-questions@freebsd.org Wed Jun 21 16:04:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E5CC3D92D95 for ; Wed, 21 Jun 2017 16:04:39 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id AC2DE72122 for ; Wed, 21 Jun 2017 16:04:39 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.153] ([172.58.120.227]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5LG4NNd034471 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 21 Jun 2017 11:04:25 -0500 (CDT) (envelope-from tundra@tundraware.com) To: FreeBSD Mailing List From: Tim Daneliuk Subject: FreeBSD and Linux SSD Write Speeds Message-ID: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> Date: Wed, 21 Jun 2017 11:04:18 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Wed, 21 Jun 2017 11:04:25 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5LG4NNd034471 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:04:40 -0000 Disclaimer: Tests below run on lightly loaded systems, but results are ... surprising: Test Case: dd if=/dev/zero of=foo bs=8M count=512 Linux 4.4.0-21-generic on a 2.66GHz Core2 Duo w/8GB memory, older OCZ SSD/ext4: 310MB/sec writes FreeBSD 10-STABLE on an 3.2 GHz Quad Core i5 w/8GB memory, newer Kingston SSD/ufs: 210MB/sec writes Results are repeatable. So, what is the likely culprit making FreeBSD 1/3 slower? The FreeBSD system does does / nfs exported (which I don't quite yet understand since all the nfs mount points are below it) at the moment, but there is little or no nfs traffic. From owner-freebsd-questions@freebsd.org Wed Jun 21 16:15:57 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EC237D9306E for ; Wed, 21 Jun 2017 16:15:57 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id C04277256A for ; Wed, 21 Jun 2017 16:15:57 +0000 (UTC) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.15.2/8.15.2) with ESMTPS id v5LGFtH6008796 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 21 Jun 2017 10:15:55 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.15.2/8.15.2/Submit) with ESMTP id v5LGFtWS008793; Wed, 21 Jun 2017 10:15:55 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Wed, 21 Jun 2017 10:15:55 -0600 (MDT) From: Warren Block To: Tim Daneliuk cc: FreeBSD Mailing List Subject: Re: FreeBSD and Linux SSD Write Speeds In-Reply-To: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> Message-ID: References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> User-Agent: Alpine 2.21 (BSF 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (wonkity.com [127.0.0.1]); Wed, 21 Jun 2017 10:15:55 -0600 (MDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:15:58 -0000 On Wed, 21 Jun 2017, Tim Daneliuk wrote: > Disclaimer: Tests below run on lightly loaded systems, but results are ... surprising: > > Test Case: dd if=/dev/zero of=foo bs=8M count=512 > > Linux 4.4.0-21-generic on a 2.66GHz Core2 Duo w/8GB memory, older OCZ SSD/ext4: 310MB/sec writes > > FreeBSD 10-STABLE on an 3.2 GHz Quad Core i5 w/8GB memory, newer Kingston SSD/ufs: 210MB/sec writes > > Results are repeatable. > > So, what is the likely culprit making FreeBSD 1/3 slower? The FreeBSD > system does does / nfs exported (which I don't quite yet understand > since all the nfs mount points are below it) at the moment, but there > is little or no nfs traffic. Is Linux doing write caching? They used to do that. From owner-freebsd-questions@freebsd.org Wed Jun 21 16:23:30 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DB01D932E8 for ; Wed, 21 Jun 2017 16:23:30 +0000 (UTC) (envelope-from amutu@amutu.com) Received: from mail-ot0-x235.google.com (mail-ot0-x235.google.com [IPv6:2607:f8b0:4003:c0f::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4250672A44 for ; Wed, 21 Jun 2017 16:23:30 +0000 (UTC) (envelope-from amutu@amutu.com) Received: by mail-ot0-x235.google.com with SMTP id y47so93474369oty.0 for ; Wed, 21 Jun 2017 09:23:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amutu-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ZCO6e9Tuoi9yh+QF31QD/z/HE/W1+jJByDvDRPrSY68=; b=ajprMmgWm2koHI83BbeuWZvmOrQH5xcUUXR1kUMpb4veUcR6HyIYUOPUbnOJ0PLkhs yW/a0cSilK8d2paHE4FGCnmnOoEDIQWdAIUOKbWl3i4PJP7iIfDQHBHZuR9OLOaCTOuX hPV9JV+EAj70etFvQKbNR/wxhzzSejBIW70CHxbYpzJC7pgnQaoYp3GLI+f49SpAPAoG 0gm4YMH2yBg5TV4B+sDCQ79zE4EYYmLICBQws9dwsldOkycduD0V38hkWYASZh1D5Vrc Dmu/Nihd0nAzPSz75S1L6ztu48/gqoDVixbwG2G2ZX44CalS6hEL+SzqiEIox6MHK4dd 0VeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ZCO6e9Tuoi9yh+QF31QD/z/HE/W1+jJByDvDRPrSY68=; b=ObWt5t0oAq8ly4wKIZibSYf3i6WkVApiCitEez/iahZusTZSBMC/spar87SEVcefbN bhvR7ZVuzxCdlK6QOf17ToGb1MvTG1TAvihxPMJURl+dQ4MYwzQ7X8rxXgjPWY4YBCzp 7VLdVW9rRHArvRRPdPVX1Zm6zTpOHUQ8XvIlhc1ICPCtG9xMMVRfnd8t+NHKi/7G/+Fl 1S0IpVnzFGp2HypU2qAE1eNEOg5LahsUP8KHHDlnaUKzHQ2kLa7ESNOMHGvfsjePetTj 2dLnsftS1uZsCD4vSnVGYVhO3Rp9ovlx23NoNlLHmkXV0ZbnF6l9E/w042fgo6+Ws9gN uZ+g== X-Gm-Message-State: AKS2vOwEhH1cDOhmhzLzOB+id4ZtHKcBoXNwdWKxeYzvHu5YtrpMbvXj wpYzwzNY7GdqZ877kt76/Q== X-Received: by 10.157.31.76 with SMTP id x12mr18287403otx.103.1498062209019; Wed, 21 Jun 2017 09:23:29 -0700 (PDT) Received: from mail-ot0-f176.google.com (mail-ot0-f176.google.com. [74.125.82.176]) by smtp.gmail.com with ESMTPSA id c130sm8086349oia.10.2017.06.21.09.23.28 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Jun 2017 09:23:28 -0700 (PDT) Received: by mail-ot0-f176.google.com with SMTP id u13so101375078otd.2 for ; Wed, 21 Jun 2017 09:23:28 -0700 (PDT) X-Received: by 10.157.46.9 with SMTP id q9mr19040117otb.30.1498062208205; Wed, 21 Jun 2017 09:23:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.133.136 with HTTP; Wed, 21 Jun 2017 09:23:27 -0700 (PDT) Received: by 10.74.133.136 with HTTP; Wed, 21 Jun 2017 09:23:27 -0700 (PDT) In-Reply-To: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> From: Jov Date: Thu, 22 Jun 2017 00:23:27 +0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: FreeBSD and Linux SSD Write Speeds To: Tim Daneliuk Cc: FreeBSD Mailing List Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:23:30 -0000 Try add sync option to dd and write twice of memory size data(16gb for your hw). Jov 2017=E5=B9=B46=E6=9C=8822=E6=97=A5 12:04 AM=EF=BC=8C"Tim Daneliuk" =E5=86=99=E9=81=93=EF=BC=9A Disclaimer: Tests below run on lightly loaded systems, but results are ... surprising: Test Case: dd if=3D/dev/zero of=3Dfoo bs=3D8M count=3D512 Linux 4.4.0-21-generic on a 2.66GHz Core2 Duo w/8GB memory, older OCZ SSD/ext4: 310MB/sec writes FreeBSD 10-STABLE on an 3.2 GHz Quad Core i5 w/8GB memory, newer Kingston SSD/ufs: 210MB/sec writes Results are repeatable. So, what is the likely culprit making FreeBSD 1/3 slower? The FreeBSD system does does / nfs exported (which I don't quite yet understand since all the nfs mount points are below it) at the moment, but there is little or no nfs traffic. _______________________________________________ freebsd-questions@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org= " From owner-freebsd-questions@freebsd.org Wed Jun 21 16:28:01 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 02810D93654 for ; Wed, 21 Jun 2017 16:28:01 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id D5F9272F05 for ; Wed, 21 Jun 2017 16:28:00 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id A7A51CB8CE1; Wed, 21 Jun 2017 11:27:53 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Wed, 21 Jun 2017 11:27:53 -0500 (CDT) Message-ID: <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> In-Reply-To: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> Date: Wed, 21 Jun 2017 11:27:53 -0500 (CDT) Subject: Re: FreeBSD and Linux SSD Write Speeds From: "Valeri Galtsev" To: "Tim Daneliuk" Cc: "FreeBSD Mailing List" Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:28:01 -0000 On Wed, June 21, 2017 11:04 am, Tim Daneliuk wrote: > Disclaimer: Tests below run on lightly loaded systems, but results are ... > surprising: > > Test Case: dd if=/dev/zero of=foo bs=8M count=512 First, I would modify the test and include sync command inside timing, something along these lines: sync; date; dd if=/dev/zero of=foo bs=8M count=512; sync; date ( and your measure is the difference of output of two "date" commands, not what dd reports ) Second, I would make the size dd sends really big, say 10 GB. ( your bs probably _is_ multiple of fs block size, but that is something to watch for too). Next, I would exclude filesystem at all, cut small ( larger than 10 GB) partition off the SSD, and make dd destination that partition, and see what difference does that make. Incidentally, what filesystem is it on FreeBSD side, and how many open files (owned by other processes) do you have on the fiesystems your dd destination file is on? Valeri > > Linux 4.4.0-21-generic on a 2.66GHz Core2 Duo w/8GB memory, older OCZ > SSD/ext4: 310MB/sec writes > > FreeBSD 10-STABLE on an 3.2 GHz Quad Core i5 w/8GB memory, newer Kingston > SSD/ufs: 210MB/sec writes > > Results are repeatable. > > So, what is the likely culprit making FreeBSD 1/3 slower? The FreeBSD > system does does / nfs exported (which I don't quite yet understand since > all the nfs mount points are below it) at the moment, but there is little > or no nfs traffic. > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-questions@freebsd.org Wed Jun 21 16:31:08 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9EF29D9381A for ; Wed, 21 Jun 2017 16:31:08 +0000 (UTC) (envelope-from ggroth@gregs-garage.com) Received: from mail.gregs-garage.com (99-158-164-253.uvs.cicril.sbcglobal.net [99.158.164.253]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 778697329C for ; Wed, 21 Jun 2017 16:31:06 +0000 (UTC) (envelope-from ggroth@gregs-garage.com) Received: from localhost (localhost [127.0.0.1]) by mail.gregs-garage.com (Postfix) with ESMTP id BD04F66E01A for ; Wed, 21 Jun 2017 09:23:44 -0500 (CDT) Received: from mail.gregs-garage.com ([127.0.0.1]) by localhost (mail.gregs-garage.com [127.0.0.1]) (maiad, port 10024) with ESMTP id 40809-06 for ; Wed, 21 Jun 2017 09:23:44 -0500 (CDT) Received: from [10.10.2.61] (107-1-251-97-ip-static.hfc.comcastbusiness.net [107.1.251.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: ggroth@gregs-garage.com) by mail.gregs-garage.com (Postfix) with ESMTPSA id 8844F66DFFA for ; Wed, 21 Jun 2017 09:23:44 -0500 (CDT) To: freebsd-questions@freebsd.org From: Greg Groth Subject: PostfixAdmin and System Messages Message-ID: <4e7f6eaf-3db0-8906-3dd3-9d3b98e7b374@gregs-garage.com> Date: Wed, 21 Jun 2017 11:21:18 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:31:08 -0000 After 20 years of Sendmail, I've built a new mail server using the guidelines outlined at purplehat.org. So far, everything is working great except that my system messages that used to be delivered to my account are MIA. I do have an alias in /etc/aliases from root to my email address hosted on the same server, but I don't know if Postfix / PostfixAdmin uses the /etc/aliases when configured to use virtual aliases. I also added a virtual alias from root@domainname.com to user@domainname.com A little more history: In the purplehat.org documentation was the following note. If you are receiving errors in your logs about $mydestination, be sure that _ANY_ ‘virtual’ domain you are hosting is _NOT_ listed in your /etc/hosts file. Apparently this causes a problem being as Postfix cannot determine if the domain is virtual or not. (Thanks Valentin) I am only running a single doman on the server, but because of the above message, I specifically avoided entering the mail server's internal IP address and FQDN in /etc/hosts. However, when I looked at my maillog I noted that Postfix was trying to send the system emails to my mail server's outside IP address, which obviously didn't reply. While I run my own DNS server on the same box as my mail server, it's serving the external IP addresses to the outside world. It's currently 1 of 2 machines on my DMZ, which has a non-routable IP range of 192.168.100.X. Because of there only being two machines, I use /etc/hosts for any needed name resolution on the network, and my /etc/resolv.conf is pointed at 8.8.8.8 & 8.8.4.4. Because of this issue, I then decided to try adding an entry to my /etc/hosts file : 192.168.100.10 domainname.com mail.domainname.com Now when I check the maillog, although it is now finding the mail server, I see that my system emails are now being routed to root@mail.domainname.com instead of root@domainname.com. Based on what I'm seeing, I'm assuming that this is more of a DNS issue than Postfix, I'm just not sure if I can use the hosts file to fix it or if I should try to install a local DNS server just for my DMZ for the system emails? Other than the system emails, everything else has been working great. Any thoughts? Regards, Greg Groth From owner-freebsd-questions@freebsd.org Wed Jun 21 16:45:52 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 21DA5D93CEB for ; Wed, 21 Jun 2017 16:45:52 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: from mail-wr0-x236.google.com (mail-wr0-x236.google.com [IPv6:2a00:1450:400c:c0c::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AAF1773BED for ; Wed, 21 Jun 2017 16:45:51 +0000 (UTC) (envelope-from amvandemore@gmail.com) Received: by mail-wr0-x236.google.com with SMTP id y25so103282516wrd.2 for ; Wed, 21 Jun 2017 09:45:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=BahrE1h1VzrEH1ITRZx6Lt4HplXcLEQNiBDZet5z7sw=; b=DlnShRyHf1HwqOgO7Y7vvC4l+8XKyrHwQ2Bjam2l7oz83HVfwCfc4qzwbNL1civ+Ox 8s70Zyf5zFDuWJQQjZf66zf+xJu2dzJwijFqjlNo3mPQuDxuenwfUfizpY1Hyd7at8QW ilvbvNwx/bMGhRmRVYH9B6gNEAyL7GbjrTMN89NB7NRXp63NxZZcFn3Zkx3C2Wkx4KWs IcQQL/ZNFAgoxmDl7rzYDUxENF4nAZh3t2iD49MXXGDHlC9ba/ihQh1s+LkOa4d5PRPW qNi+VhZBzZNrENK+zIqmWaRUNEkDPRSCKg9XFhy3NZ8oRb1bbzW0unyJzM6q6FSsmovA QEWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=BahrE1h1VzrEH1ITRZx6Lt4HplXcLEQNiBDZet5z7sw=; b=Wfs3eNieVjtqdbnkJ9mWq3b2dLENHYSnHRwsftrenj63hmJLuGD5aYbKnuS6mPyUKq mT100mhkt3vYTZYfJMHt7D1ZZYf7VNOCzRQxiRvcGFDaXyA1Lg6RSZjpa967R7AW8CII MeX3ahJIDBI1TyaGXuFL9SNwJU3Y5UyF5eB2IjstCnOerGjw0hd7HwXP3QtHmVsvWmcR P6VhamWyqcxz4F/fDDZr7pWaaGr1Wd2lgwrqJadBb7LFTEzmKDCi0ll1YQ/Vx9NgaILg 3ZrWpT99J91IYC+G+m0Vce4oG0/8H6TYX9jtfMn0ntmU+xnYprBGBesbRz8slrlvTtVY 9BDQ== X-Gm-Message-State: AKS2vOw54PY8nOMEnLB3xHpnSbnqGZITgsAib5y5HZ+8aqElpZKLrgZ4 IihPZB8Dz+hoU1FwLNFTWYlVFeI3ug== X-Received: by 10.80.172.98 with SMTP id w31mr25571986edc.120.1498063550010; Wed, 21 Jun 2017 09:45:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.172.100 with HTTP; Wed, 21 Jun 2017 09:45:49 -0700 (PDT) In-Reply-To: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> From: Adam Vande More Date: Wed, 21 Jun 2017 11:45:49 -0500 Message-ID: Subject: Re: FreeBSD and Linux SSD Write Speeds To: Tim Daneliuk Cc: FreeBSD Mailing List Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 16:45:52 -0000 On Wed, Jun 21, 2017 at 11:04 AM, Tim Daneliuk wrote: > Disclaimer: Tests below run on lightly loaded systems, but results are ... > surprising: > > Test Case: dd if=/dev/zero of=foo bs=8M count=512 > > Linux 4.4.0-21-generic on a 2.66GHz Core2 Duo w/8GB memory, older OCZ > SSD/ext4: 310MB/sec writes > > FreeBSD 10-STABLE on an 3.2 GHz Quad Core i5 w/8GB memory, newer Kingston > SSD/ufs: 210MB/sec writes > > Results are repeatable. > > So, what is the likely culprit making FreeBSD 1/3 slower? The FreeBSD > system does does / nfs exported (which I don't quite yet understand since > all the nfs mount points are below it) at the moment, but there is little > or no nfs traffic. > SSD speeds can vary greatly based upon models. What steps did you take to ensure the rates you are seeing aren't completely normal? -- Adam From owner-freebsd-questions@freebsd.org Wed Jun 21 18:27:42 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4BEEED95CCB for ; Wed, 21 Jun 2017 18:27:42 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0F92977D1E for ; Wed, 21 Jun 2017 18:27:41 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.153] ([172.58.120.227]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5LIRbpO036802 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 21 Jun 2017 13:27:39 -0500 (CDT) (envelope-from tundra@tundraware.com) Subject: Re: FreeBSD and Linux SSD Write Speeds To: FreeBSD Mailing List References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> From: Tim Daneliuk Message-ID: <5e983ac1-ffb0-4e2e-307d-6be0985389d0@tundraware.com> Date: Wed, 21 Jun 2017 13:27:32 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Wed, 21 Jun 2017 13:27:39 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5LIRbpO036802 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:27:42 -0000 On 06/21/2017 11:23 AM, Jov wrote: > Try add sync option to dd and write twice of memory size data(16gb for your hw). > > > Jov OK, reran with: dd if=/dev/zero of=foo bs=8M count=1024 conv=sync Results (fastest of several runs): Linux: 265MB/sec FreeBSD: 180MB/sec The fact that there is some variability us unremarkable. What is remarkable is that the FreeBSD is more powerful and has a much newer SSD drive. ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Wed Jun 21 18:33:50 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 18C62D96005 for ; Wed, 21 Jun 2017 18:33:50 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D0281783BD for ; Wed, 21 Jun 2017 18:33:49 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.153] ([172.58.120.227]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5LIXgrP036956 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 21 Jun 2017 13:33:43 -0500 (CDT) (envelope-from tundra@tundraware.com) Subject: Re: FreeBSD and Linux SSD Write Speeds To: FreeBSD Mailing List References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> From: Tim Daneliuk Message-ID: <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> Date: Wed, 21 Jun 2017 13:33:36 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Wed, 21 Jun 2017 13:33:44 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5LIXgrP036956 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:33:50 -0000 On 06/21/2017 11:27 AM, Valeri Galtsev wrote: > sync; date; dd if=/dev/zero of=foo bs=8M count=512; sync; date So I just did this: sync; date; dd if=/dev/zero of=foo bs=8M count=1024; sync; date And got this: Linux: Wed Jun 21 13:30:22 CDT 2017 1024+0 records in 1024+0 records out 8589934592 bytes (8.6 GB, 8.0 GiB) copied, 33.523 s, 256 MB/s Wed Jun 21 13:30:57 CDT 2017 FreeBSD: Wed Jun 21 13:28:23 CDT 2017 1024+0 records in 1024+0 records out 8589934592 bytes transferred in 46.508336 secs (184696666 bytes/sec) Wed Jun 21 13:29:10 CDT 2017 So ... still a pretty big disparity I don't want to test against a raw device or partition because that's not how these systems get used. My FreeBSD FS is UFS and maybe that simply is not as efficient on an SSD as ext4. This isn't a big deal, just an eyebrow raiser for me. I've used FreeBSD as a production OS since 2.x and have always found it to be consistently quicker and have a smaller footprint than Linux. This was just a surprise. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Wed Jun 21 18:35:33 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8B01DD9610C for ; Wed, 21 Jun 2017 18:35:33 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 499CE784EB for ; Wed, 21 Jun 2017 18:35:33 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.153] ([172.58.120.227]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5LIZPTq036997 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 21 Jun 2017 13:35:26 -0500 (CDT) (envelope-from tundra@tundraware.com) Subject: Re: FreeBSD and Linux SSD Write Speeds To: FreeBSD Mailing List References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> From: Tim Daneliuk Message-ID: <34bdd365-f72b-0f9d-3a42-9d5e09056030@tundraware.com> Date: Wed, 21 Jun 2017 13:35:20 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Wed, 21 Jun 2017 13:35:27 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5LIZPTq036997 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:35:33 -0000 On 06/21/2017 11:45 AM, Adam Vande More wrote: > SSD speeds can vary greatly based upon models. What steps did you take to ensure the rates you are seeing aren't completely normal? They may well be normal. I need to go back and look at the specs, but as I recall, the OCZ drive was rated in the 400-ish Mbit/sec range and the much newer Kingston was in the 500-ish MBit/sec range. But I am not certain of this. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Wed Jun 21 18:45:06 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 87E1BD964B4 for ; Wed, 21 Jun 2017 18:45:06 +0000 (UTC) (envelope-from markmoellering@psyberation.com) Received: from mail-qk0-x234.google.com (mail-qk0-x234.google.com [IPv6:2607:f8b0:400d:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 474D87893A for ; Wed, 21 Jun 2017 18:45:06 +0000 (UTC) (envelope-from markmoellering@psyberation.com) Received: by mail-qk0-x234.google.com with SMTP id p21so17949487qke.3 for ; Wed, 21 Jun 2017 11:45:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=psyberation-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=87t1+b5J3W9hPHSPOAwy7aXd8hztGBhS8yexUb20Z1I=; b=E0Yin3Kf7A0/L33ZkzJQpGraFzyV0u2iB2J99QHCKgaS6kzsWNqQg6LznXTbrvNfiH CHWuA6ByVYSN4jL2oSGJF7w1arkayHX7eliE/CAAXzKKhNZOoMCyLJppH0biQjVFHC9I 12k7DxgG2dX7HkXoY977bCkxjUeknFZNBZhEi9UM+fVnIwnMvT5lOAkWHus/Sr9jqPlw VW1FWssP6opagCAlSmw98duvr1FEharzQJQWTEws61dewreUbLEDhK6vxZeet/V5PkJ/ BSuAQrwUBjBenrl2R8qj+HSGTvOqYO1Gi5ciUhgadMRPwotH+L29TnHwUotvn2lS9iKk C1CQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=87t1+b5J3W9hPHSPOAwy7aXd8hztGBhS8yexUb20Z1I=; b=uUL4taOdNWbXen+yYOjzviateP/a9jQsEgu8cXBaYeiu/BfW0Wb++lDsXu0k2d/fOC X5uipqj2GOMZIAPNcBwEt3r6eKSfRYZi9JHLRdqTHuuVHKU0O+T1VoYb2+XHTnP3ue7h I99wrzdWBoB14n+/9n73mLBs9nuUS5BrWWI6FSE92Tk3IfoEj984gyomL1lxTOnPJbW1 +qqTbeuf/eTxMIEqdzLCN+65sIPcn/OtBFPOex1EHmS8plHzv7FQ/WL8tl7KA56fh4mc LAfGZ95Sz7lzqUMOwHbPz6tslvnKJn7IVuszu3TxIw0VK88fGFaVzUglD4qSYr3zrBKJ ZcTA== X-Gm-Message-State: AKS2vOwnv6zLAAivG0Q6wmwwgfpoWqtnG4Y+PVRhScqsxcuz/PXRfZ0p FRDS+uU0oF+STFjz8US6fdHbWdiPWb//zew= X-Received: by 10.55.23.106 with SMTP id i103mr41132045qkh.197.1498070705031; Wed, 21 Jun 2017 11:45:05 -0700 (PDT) MIME-Version: 1.0 Received: by 10.200.45.98 with HTTP; Wed, 21 Jun 2017 11:45:04 -0700 (PDT) In-Reply-To: <34bdd365-f72b-0f9d-3a42-9d5e09056030@tundraware.com> References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <34bdd365-f72b-0f9d-3a42-9d5e09056030@tundraware.com> From: Mark Moellering Date: Wed, 21 Jun 2017 14:45:04 -0400 Message-ID: Subject: Re: FreeBSD and Linux SSD Write Speeds Cc: FreeBSD Mailing List Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:45:06 -0000 I guess, for me, to be a true experiment, you need to swap the drives between the two machines and then see what happens. The other thought, is wondering how big the sector sizes are. If you indicate the wrong sector size, i believe performance will take a hit. It is an interesting experiment... -- Mark On Wed, Jun 21, 2017 at 2:35 PM, Tim Daneliuk wrote: > On 06/21/2017 11:45 AM, Adam Vande More wrote: >> SSD speeds can vary greatly based upon models. What steps did you take to ensure the rates you are seeing aren't completely normal? > > They may well be normal. I need to go back and look at the specs, but > as I recall, the OCZ drive was rated in the 400-ish Mbit/sec range > and the much newer Kingston was in the 500-ish MBit/sec range. But > I am not certain of this. > > > -- > ---------------------------------------------------------------------------- > Tim Daneliuk tundra@tundraware.com > PGP Key: http://www.tundraware.com/PGP/ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Wed Jun 21 18:47:18 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0E5D2D96843 for ; Wed, 21 Jun 2017 18:47:18 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BAF1278C17 for ; Wed, 21 Jun 2017 18:47:17 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: by mail-io0-x233.google.com with SMTP id h134so1167935iof.2 for ; Wed, 21 Jun 2017 11:47:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=aSlO9uhF/9A8j3iUI0+yKZVzLPhJf/CfwKuDLJIaS6k=; b=bC9mcVHKlS4VO2jhCGvrf7w9lXefuubi3FeQr0o935rQHhWccTYig3XyzLhi25s94s V0p29pmpxUXBz2LNRDJ5TzbzfnTB19K8N2d1mgXs2/3NTE+Ur2jZTectB9YlDliggEy9 MhJJfx8TCberR7djz2mlpSFxETtfKeKPI79x7g+dwV5vhDfnJ5Id73nPtguJLBitYnwh Bz4EedUfRtD7bKsh82phy1EI+bSO222sxjZWGFGGMcpbpKC9OTJmCWGCAF4uJaTcJWEH AnI+9P25VwXPdWUolWv13+eywD7D87ZY94FNBMteCG8ScXTwJ64kxQViigPJMJNfcYRl pPOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=aSlO9uhF/9A8j3iUI0+yKZVzLPhJf/CfwKuDLJIaS6k=; b=JSvevKVmAvWVG0rPTxRY3pqQgzZ7+qDY6yd8SO5VwszIIhrXrnaIOttkH/5Jwy0Sbg fgn8wfr/0zlAkm2AMT4HTr7heK9yk0pWYLIivSuwbvq2X84/dr/I3KkfxeEUmKoRLnJk h15KLgM7cJnVMlOwHGtVkJcEWwnr0UqvyZDL88XOMgoXWrJPGhDnvtIG+927VDOBiO5k DuogOrK9D/cosVv25nD+LAmHeWJHLyydm1o9X3Kc0FhRZLCvtuz6ucKhOFr+WI8JjPit vXmI2oLTo4eaElcjYiAEeDEr643apvb9NXR3+Z73fsRqDibAbThHCNzAnU1iVed1QmHv rldA== X-Gm-Message-State: AKS2vOyFS4HINNJK2FjJ7+KnI5IPIadqrwatd2RXudGWRJqshygjyfxA 5gGOn0jhrQiCjunS X-Received: by 10.107.133.67 with SMTP id h64mr32262890iod.230.1498070837032; Wed, 21 Jun 2017 11:47:17 -0700 (PDT) Received: from localhost.localdomain (50-243-4-3-static.hfc.comcastbusiness.net. [50.243.4.3]) by smtp.googlemail.com with ESMTPSA id h63sm10989569itd.10.2017.06.21.11.47.16 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Jun 2017 11:47:16 -0700 (PDT) Subject: Re: FreeBSD and Linux SSD Write Speeds To: freebsd-questions@freebsd.org References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> From: JD Message-ID: <594ABF2B.9050509@gmail.com> Date: Wed, 21 Jun 2017 12:47:07 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 MIME-Version: 1.0 In-Reply-To: <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:47:18 -0000 On 06/21/2017 12:33 PM, Tim Daneliuk wrote: > On 06/21/2017 11:27 AM, Valeri Galtsev wrote: >> sync; date; dd if=/dev/zero of=foo bs=8M count=512; sync; date > So I just did this: > > sync; date; dd if=/dev/zero of=foo bs=8M count=1024; sync; date > > And got this: > > Linux: > > Wed Jun 21 13:30:22 CDT 2017 > 1024+0 records in > 1024+0 records out > 8589934592 bytes (8.6 GB, 8.0 GiB) copied, 33.523 s, 256 MB/s > Wed Jun 21 13:30:57 CDT 2017 > > > FreeBSD: > > Wed Jun 21 13:28:23 CDT 2017 > 1024+0 records in > 1024+0 records out > 8589934592 bytes transferred in 46.508336 secs (184696666 bytes/sec) > Wed Jun 21 13:29:10 CDT 2017 > > So ... still a pretty big disparity > > I don't want to test against a raw device or partition because that's > not how these systems get used. My FreeBSD FS is UFS and maybe that > simply is not as efficient on an SSD as ext4. > > This isn't a big deal, just an eyebrow raiser for me. I've used FreeBSD > as a production OS since 2.x and have always found it to be consistently > quicker and have a smaller footprint than Linux. This was just a surprise. By my prior use of BSD and after that FreeBSD, the UFS was never a shining star of disk I/O speeds. From owner-freebsd-questions@freebsd.org Wed Jun 21 18:51:28 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74432D96AFB for ; Wed, 21 Jun 2017 18:51:28 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay15.qsc.de (mailrelay15.qsc.de [212.99.187.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D560978F75 for ; Wed, 21 Jun 2017 18:51:26 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay15.qsc.de; Wed, 21 Jun 2017 20:51:18 +0200 Received: from r56.edvax.de (port-92-195-76-106.dynamic.qsc.de [92.195.76.106]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id C4F4E3CC3F; Wed, 21 Jun 2017 20:51:16 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v5LIpG4J002327; Wed, 21 Jun 2017 20:51:16 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Wed, 21 Jun 2017 20:51:16 +0200 From: Polytropon To: Mark Moellering Cc: FreeBSD Mailing List Subject: Re: FreeBSD and Linux SSD Write Speeds Message-Id: <20170621205116.525c4f47.freebsd@edvax.de> In-Reply-To: References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <34bdd365-f72b-0f9d-3a42-9d5e09056030@tundraware.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay15.qsc.de with 203676834FC X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1242 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 18:51:28 -0000 On Wed, 21 Jun 2017 14:45:04 -0400, Mark Moellering wrote: > I guess, for me, to be a true experiment, you need to swap the drives > between the two machines and then see what happens. > The other thought, is wondering how big the sector sizes are. If you > indicate the wrong sector size, i believe performance will take a hit. Another question to ask would be this: UFS and ext4 allow certain options for initializing a file system. It's possible that those options have been set in a certain way, for example, to have UFS run with suboptimal settings. I thin dd operates on file system level here (instead of "on bare device"), so those FS settings _might_ have an impact on the results. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... From owner-freebsd-questions@freebsd.org Wed Jun 21 20:11:00 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 56981D98586 for ; Wed, 21 Jun 2017 20:11:00 +0000 (UTC) (envelope-from carmel_ny@outlook.com) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-oln040092001043.outbound.protection.outlook.com [40.92.1.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1436D7CBD3 for ; Wed, 21 Jun 2017 20:10:59 +0000 (UTC) (envelope-from carmel_ny@outlook.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QTCoVbNN9K3UZFyAhKgWcnfxGte2wMMH4afhagDE6BM=; b=oqxRaaKAZhzSA+Sii9wqLT73lhHVjt+vrcgdeothN/rpIC52cKq7MTd80bhMyA4dh3y+Fp8Izl2uPjUfoZ9C7GQD2bJborIdCRQFyYIRZRHVtEehkZBw9oLw7V33jhP3K4PKi5X9B6gfWo/huVAe9NY6x9XdDhcZ6vx12nRuM+y3eVpccE+B/lHMHuBz5PgpBEWhMx9LQXpBRcOk1eXS4ASFaZiZCAAxUoaIveJmlAT5Xh6Kuqs+fD7CPiOia7h0AV3pxfrHfn5A8B8R9UlSRe3iQUelbmaONxBS/ztt/6nJkyD0/0Gpx+H9JKNBckeBQOOoDiE5hAEknElepHF09A== Received: from BY2NAM01FT012.eop-nam01.prod.protection.outlook.com (10.152.68.52) by BY2NAM01HT161.eop-nam01.prod.protection.outlook.com (10.152.68.239) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.1157.12; Wed, 21 Jun 2017 20:10:58 +0000 Received: from BN6PR2001MB1730.namprd20.prod.outlook.com (10.152.68.58) by BY2NAM01FT012.mail.protection.outlook.com (10.152.69.198) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1178.14 via Frontend Transport; Wed, 21 Jun 2017 20:10:58 +0000 Received: from BN6PR2001MB1730.namprd20.prod.outlook.com ([10.172.31.146]) by BN6PR2001MB1730.namprd20.prod.outlook.com ([10.172.31.146]) with mapi id 15.01.1199.015; Wed, 21 Jun 2017 20:10:58 +0000 From: Carmel NY To: User questions Subject: Re: PostfixAdmin and System Messages Thread-Topic: PostfixAdmin and System Messages Thread-Index: AQHS6sp+Krhd8Z/3skSUv7sGC1q2Ww== Date: Wed, 21 Jun 2017 20:10:58 +0000 Message-ID: References: <4e7f6eaf-3db0-8906-3dd3-9d3b98e7b374@gregs-garage.com> In-Reply-To: <4e7f6eaf-3db0-8906-3dd3-9d3b98e7b374@gregs-garage.com> Reply-To: User questions Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: freebsd.org; dkim=none (message not signed) header.d=none;freebsd.org; dmarc=none action=none header.from=outlook.com; x-incomingtopheadermarker: OriginalChecksum:DBB0B6E389B1B5F4977471BD87C59F6080523F42C7AA0900196E1AF6F1C50A2A; UpperCasedChecksum:70F6352C3FD7F1B55406FC67D36F32A58A1198D25F308FE8608E2F1816E800E6; SizeAsReceived:7245; Count:46 x-ms-exchange-messagesentrepresentingtype: 1 x-tmn: [fw9T+xgCOpyfEWl66rO9xvOXRfoX1Tfn] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; BY2NAM01HT161; 7:uYpVklnz4Pp6JsQ53tmHSiCBNHwSa/LEogbKrQkZ6hXPPa3UTl8IO5yCYUy0aRtfi+J28UHlQth3RLpQnVeOxbMPtVFTN7loQXRdRDGi8MkswQEGMMLa2tP0b8yoKv3y8xEXSclrv+4cGG9tbZE7FQU8p44XQYoKnXnipXhrLO/LV8iYpiIaFNkdcL5c56IqWKmMOSk0wxL2bH1It55nhD2bbcdlgO++T79U0fdg5sjPMStWSZYz7TR413z1Ir2inDguziazLlQXSeEaMaCipVAPIJdF6LChuNHiz+3MLrwbTl8lHpc0VoqZc3y0PsxVjlRiIbfQQsSCxK9x+Q3J+QL53eB23+vtkhPRUuJLGz+SW4bctYandOrwcrdvY3ojcmWOR3VHsXK4fY50IDInEI8dnayGLzTuMhiGxg9rk+Jr8UZHhBra2hfaUGOMWkN9zhUMxve/WmnK0d7h7R/qY5wa5QRxe0dI8pNOi+hDsvbJy9ShhMC1vpeHKPZweRpufIu0HhCFv/t7d57T3PuPNdeac3MImm8b01NjoLpyujhbDgFQwgLjTFjb5vvJSISV5UQ6XzJY/JVQT1f1f+OZlW1ZeWbT/cKrI2HRCL58N8oyV3CxtX8EyA/OXG0h0F+8+j034qDQuuMlq0OD6dQgYXIAPoKsFPiSUroW5iLmwI7hgFlsE76zwF63V5/oiTq6ZcIp0TbIzQeHwz1SFGStcHjEQdYB75/8PoOTEi7Nu6GdzIFdMUqmoos0hDGW8NAboQgQ+51DcqcMqsu6SHbxfA== x-incomingheadercount: 46 x-eopattributedmessage: 0 x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:BY2NAM01HT161; H:BN6PR2001MB1730.namprd20.prod.outlook.com; FPR:; SPF:None; LANG:en; x-ms-traffictypediagnostic: BY2NAM01HT161: x-ms-office365-filtering-correlation-id: 25b42baa-0988-47a3-ed3c-08d4b8e1a0fe x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500055)(300135000095)(300000501055)(300135300095)(22001)(300000502055)(300135100095)(300000503055)(300135400095)(201702061074)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322274)(1601125374)(1603101448)(1701031045)(300000504055)(300135200095)(300000505055)(300135600095)(300000506048)(300135500095); SRVR:BY2NAM01HT161; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(444000031); SRVR:BY2NAM01HT161; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:BY2NAM01HT161; x-forefront-prvs: 0345CFD558 spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jun 2017 20:10:58.0401 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2NAM01HT161 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 20:11:00 -0000 T24gV2VkLCAyMSBKdW4gMjAxNyAxMToyMToxOCAtMDUwMCwgR3JlZyBHcm90aCBzdGF0ZWQ6DQoN Cj4gQWZ0ZXIgMjAgeWVhcnMgb2YgU2VuZG1haWwsIEkndmUgYnVpbHQgYSBuZXcgbWFpbCBzZXJ2 ZXIgdXNpbmcgdGhlIA0KPiBndWlkZWxpbmVzIG91dGxpbmVkIGF0IHB1cnBsZWhhdC5vcmcuICBT byBmYXIsIGV2ZXJ5dGhpbmcgaXMgd29ya2luZyANCj4gZ3JlYXQgZXhjZXB0IHRoYXQgbXkgc3lz dGVtIG1lc3NhZ2VzIHRoYXQgdXNlZCB0byBiZSBkZWxpdmVyZWQgdG8gbXkgDQo+IGFjY291bnQg YXJlIE1JQS4gIEkgZG8gaGF2ZSBhbiBhbGlhcyBpbiAvZXRjL2FsaWFzZXMgZnJvbSByb290IHRv IG15IA0KPiBlbWFpbCBhZGRyZXNzIGhvc3RlZCBvbiB0aGUgc2FtZSBzZXJ2ZXIsIGJ1dCBJIGRv bid0IGtub3cgaWYNCj4gUG9zdGZpeCAvIFBvc3RmaXhBZG1pbiB1c2VzIHRoZSAvZXRjL2FsaWFz ZXMgd2hlbiBjb25maWd1cmVkIHRvIHVzZQ0KPiB2aXJ0dWFsIGFsaWFzZXMuICBJIGFsc28gYWRk ZWQgYSB2aXJ0dWFsIGFsaWFzIGZyb20NCj4gcm9vdEBkb21haW5uYW1lLmNvbSB0byB1c2VyQGRv bWFpbm5hbWUuY29tDQo+IA0KPiBBIGxpdHRsZSBtb3JlIGhpc3Rvcnk6IEluIHRoZSBwdXJwbGVo YXQub3JnIGRvY3VtZW50YXRpb24gd2FzIHRoZSANCj4gZm9sbG93aW5nIG5vdGUuDQo+IA0KPiA8 cXVvdGU+DQo+IA0KPiBJZiB5b3UgYXJlIHJlY2VpdmluZyBlcnJvcnMgaW4geW91ciBsb2dzIGFi b3V0ICRteWRlc3RpbmF0aW9uLCBiZQ0KPiBzdXJlIHRoYXQgX0FOWV8g4oCYdmlydHVhbOKAmSBk b21haW4geW91IGFyZSBob3N0aW5nIGlzIF9OT1RfIGxpc3RlZCBpbg0KPiB5b3VyIC9ldGMvaG9z dHMgZmlsZS4gQXBwYXJlbnRseSB0aGlzIGNhdXNlcyBhIHByb2JsZW0gYmVpbmcgYXMNCj4gUG9z dGZpeCBjYW5ub3QgZGV0ZXJtaW5lIGlmIHRoZSBkb21haW4gaXMgdmlydHVhbCBvciBub3QuIChU aGFua3MNCj4gVmFsZW50aW4pDQo+IA0KPiA8L3F1b3RlPg0KPiANCj4gSSBhbSBvbmx5IHJ1bm5p bmcgYSBzaW5nbGUgZG9tYW4gb24gdGhlIHNlcnZlciwgYnV0IGJlY2F1c2Ugb2YgdGhlDQo+IGFi b3ZlIG1lc3NhZ2UsIEkgc3BlY2lmaWNhbGx5IGF2b2lkZWQgZW50ZXJpbmcgdGhlIG1haWwgc2Vy dmVyJ3MNCj4gaW50ZXJuYWwgSVAgYWRkcmVzcyBhbmQgRlFETiBpbiAvZXRjL2hvc3RzLiAgSG93 ZXZlciwgd2hlbiBJIGxvb2tlZA0KPiBhdCBteSBtYWlsbG9nIEkgbm90ZWQgdGhhdCBQb3N0Zml4 IHdhcyB0cnlpbmcgdG8gc2VuZCB0aGUgc3lzdGVtDQo+IGVtYWlscyB0byBteSBtYWlsIHNlcnZl cidzIG91dHNpZGUgSVAgYWRkcmVzcywgd2hpY2ggb2J2aW91c2x5IGRpZG4ndA0KPiByZXBseS4N Cj4gDQo+IFdoaWxlIEkgcnVuIG15IG93biBETlMgc2VydmVyIG9uIHRoZSBzYW1lIGJveCBhcyBt eSBtYWlsIHNlcnZlciwgaXQncyANCj4gc2VydmluZyB0aGUgZXh0ZXJuYWwgSVAgYWRkcmVzc2Vz IHRvIHRoZSBvdXRzaWRlIHdvcmxkLiAgSXQncw0KPiBjdXJyZW50bHkgMSBvZiAyIG1hY2hpbmVz IG9uIG15IERNWiwgd2hpY2ggaGFzIGEgbm9uLXJvdXRhYmxlIElQDQo+IHJhbmdlIG9mIDE5Mi4x NjguMTAwLlguICBCZWNhdXNlIG9mIHRoZXJlIG9ubHkgYmVpbmcgdHdvIG1hY2hpbmVzLCBJDQo+ IHVzZSAvZXRjL2hvc3RzIGZvciBhbnkgbmVlZGVkIG5hbWUgcmVzb2x1dGlvbiBvbiB0aGUgbmV0 d29yaywgYW5kIG15IA0KPiAvZXRjL3Jlc29sdi5jb25mIGlzIHBvaW50ZWQgYXQgOC44LjguOCAm IDguOC40LjQuDQo+IA0KPiBCZWNhdXNlIG9mIHRoaXMgaXNzdWUsIEkgdGhlbiBkZWNpZGVkIHRv IHRyeSBhZGRpbmcgYW4gZW50cnkgdG8gbXkgDQo+IC9ldGMvaG9zdHMgZmlsZSA6DQo+IA0KPiAx OTIuMTY4LjEwMC4xMCAgICAgICAgZG9tYWlubmFtZS5jb20gICAgICAgIG1haWwuZG9tYWlubmFt ZS5jb20NCj4gDQo+IE5vdyB3aGVuIEkgY2hlY2sgdGhlIG1haWxsb2csIGFsdGhvdWdoIGl0IGlz IG5vdyBmaW5kaW5nIHRoZSBtYWlsIA0KPiBzZXJ2ZXIsIEkgc2VlIHRoYXQgbXkgc3lzdGVtIGVt YWlscyBhcmUgbm93IGJlaW5nIHJvdXRlZCB0byANCj4gcm9vdEBtYWlsLmRvbWFpbm5hbWUuY29t IGluc3RlYWQgb2Ygcm9vdEBkb21haW5uYW1lLmNvbS4NCj4gDQo+IEJhc2VkIG9uIHdoYXQgSSdt IHNlZWluZywgSSdtIGFzc3VtaW5nIHRoYXQgdGhpcyBpcyBtb3JlIG9mIGEgRE5TDQo+IGlzc3Vl IHRoYW4gUG9zdGZpeCwgSSdtIGp1c3Qgbm90IHN1cmUgaWYgSSBjYW4gdXNlIHRoZSBob3N0cyBm aWxlIHRvDQo+IGZpeCBpdCBvciBpZiBJIHNob3VsZCB0cnkgdG8gaW5zdGFsbCBhIGxvY2FsIERO UyBzZXJ2ZXIganVzdCBmb3IgbXkNCj4gRE1aIGZvciB0aGUgc3lzdGVtIGVtYWlscz8gICBPdGhl ciB0aGFuIHRoZSBzeXN0ZW0gZW1haWxzLCBldmVyeXRoaW5nDQo+IGVsc2UgaGFzIGJlZW4gd29y a2luZyBncmVhdC4gIEFueSB0aG91Z2h0cz8NCg0KSnVzdCBhIHRob3VnaHQsIGJ1dCB5b3UgbWln aHQgYmUgYmV0dGVyIG9mZiBhc2tpbmcgeW91ciAicG9zdGZpeCINCnF1ZXN0aW9ucyBvbiB0aGUg InBvc3RmaXggZm9ydW0iLiBEbyBpbmNsdWRlIHRoZSBpbmZvIGFzIHJlcXVlc3RlZCBmcm9tDQp0 aGlzIFVSTDogaHR0cDovL3d3dy5wb3N0Zml4Lm9yZy9ERUJVR19SRUFETUUuaHRtbCBhbmQgaW4g cGFydGljdWxhcg0KdGhpcyBvbmU6IGh0dHA6Ly93d3cucG9zdGZpeC5vcmcvREVCVUdfUkVBRE1F Lmh0bWwjbWFpbA0KDQpHb29kIGx1Y2shDQoNCi0tIA0KQ2FybWVsDQoNCg== From owner-freebsd-questions@freebsd.org Wed Jun 21 21:04:02 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AA8AED98FE8 for ; Wed, 21 Jun 2017 21:04:02 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.20.71]) by mx1.freebsd.org (Postfix) with ESMTP id 88C0B7E4C7 for ; Wed, 21 Jun 2017 21:04:02 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 0CB89CB8CE1; Wed, 21 Jun 2017 16:04:00 -0500 (CDT) Received: from 128.135.52.6 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Wed, 21 Jun 2017 16:04:00 -0500 (CDT) Message-ID: <18281.128.135.52.6.1498079040.squirrel@cosmo.uchicago.edu> In-Reply-To: <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> Date: Wed, 21 Jun 2017 16:04:00 -0500 (CDT) Subject: Re: FreeBSD and Linux SSD Write Speeds From: "Valeri Galtsev" To: "Tim Daneliuk" Cc: "FreeBSD Mailing List" Reply-To: galtsev@kicp.uchicago.edu User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 21:04:02 -0000 On Wed, June 21, 2017 1:33 pm, Tim Daneliuk wrote: > On 06/21/2017 11:27 AM, Valeri Galtsev wrote: >> sync; date; dd if=/dev/zero of=foo bs=8M count=512; sync; date > > So I just did this: > > sync; date; dd if=/dev/zero of=foo bs=8M count=1024; sync; date > > And got this: > > Linux: > > Wed Jun 21 13:30:22 CDT 2017 > 1024+0 records in > 1024+0 records out > 8589934592 bytes (8.6 GB, 8.0 GiB) copied, 33.523 s, 256 MB/s > Wed Jun 21 13:30:57 CDT 2017 > > > FreeBSD: > > Wed Jun 21 13:28:23 CDT 2017 > 1024+0 records in > 1024+0 records out > 8589934592 bytes transferred in 46.508336 secs (184696666 bytes/sec) > Wed Jun 21 13:29:10 CDT 2017 > > So ... still a pretty big disparity It is. > > I don't want to test against a raw device or partition because that's > not how these systems get used. My FreeBSD FS is UFS and maybe that > simply is not as efficient on an SSD as ext4. OK, at least it is not zfs on FreeBSD: zfs has its reasons to be slower. As others mentioned, it can be one or more of: particular two devices performance difference; less than optimal parameters of UFS; UFS itself being not that "shiny" compared ext4 ( I somehow discount the difference in scheduler, process switching, etc...) Oh, well... I feel like devoting some time to experimenting too: curiosity ;-) Valeri > > This isn't a big deal, just an eyebrow raiser for me. I've used FreeBSD > as a production OS since 2.x and have always found it to be consistently > quicker and have a smaller footprint than Linux. This was just a > surprise. > > -- > ---------------------------------------------------------------------------- > Tim Daneliuk tundra@tundraware.com > PGP Key: http://www.tundraware.com/PGP/ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ From owner-freebsd-questions@freebsd.org Wed Jun 21 21:49:26 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8F8AD99A51 for ; Wed, 21 Jun 2017 21:49:26 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 81BAA7F818 for ; Wed, 21 Jun 2017 21:49:26 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.15.2/8.15.2) with ESMTPSA id v5LLnLTA040271 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 21 Jun 2017 16:49:21 -0500 (CDT) (envelope-from tundra@tundraware.com) Subject: Re: FreeBSD and Linux SSD Write Speeds To: galtsev@kicp.uchicago.edu Cc: FreeBSD Mailing List References: <45657887-638e-bb6d-c318-7046fdea1ca6@tundraware.com> <41839.128.135.52.6.1498062473.squirrel@cosmo.uchicago.edu> <3a2eabbe-1bef-5c56-f7af-8f054baa87e5@tundraware.com> <18281.128.135.52.6.1498079040.squirrel@cosmo.uchicago.edu> From: Tim Daneliuk Message-ID: <0b067690-3157-09dc-b8b3-9a29e0bc4ecf@tundraware.com> Date: Wed, 21 Jun 2017 16:49:16 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <18281.128.135.52.6.1498079040.squirrel@cosmo.uchicago.edu> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (oceanview.tundraware.com [45.55.60.57]); Wed, 21 Jun 2017 16:49:22 -0500 (CDT) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: v5LLnLTA040271 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jun 2017 21:49:26 -0000 On 06/21/2017 04:04 PM, Valeri Galtsev wrote: > I feel like devoting some time to experimenting too: curiosity > ;-) Me too. Both machines in question have a hot swappable drive bay on them. I happen to have an unused 256G Kingston V300 SSD. When I get a moment, I want to test speeds against the bare drive on both machines, and then via the filesystem on each. That way the drive would no longer be the variable. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Thu Jun 22 04:33:33 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0419EDA5089 for ; Thu, 22 Jun 2017 04:33:33 +0000 (UTC) (envelope-from k_jinattaporn@orion-electric.co.jp) Received: from mfb50.aams5.jp (mfb50.aams5.jp [210.134.181.41]) by mx1.freebsd.org (Postfix) with ESMTP id BA27468344 for ; Thu, 22 Jun 2017 04:33:32 +0000 (UTC) (envelope-from k_jinattaporn@orion-electric.co.jp) Received: from mproxy53.aams5.jp (mproxy53.aams5.jp [210.134.181.58]) by mfb50.aams5.jp (8.14.7/8.14.4/AAMS5 SPECIAL) with ESMTP id v5M3tef0008687 for ; Thu, 22 Jun 2017 12:55:40 +0900 Received: from ns.orion-electric.co.jp (ns.orion-electric.co.jp [202.238.55.34]) by mproxy53.aams5.jp (Sentrion-MTA-4.0.2/Switch-3.3.4) with ESMTP id v5M3tVYP011202 for ; Thu, 22 Jun 2017 12:55:31 +0900 Received: from mail1.orion-electric.co.jp (mail1.orion-electric.co.jp [129.1.32.20]) by ns.orion-electric.co.jp (8.12.8/8.12.8) with ESMTP id v5M3tVc9003147 for ; Thu, 22 Jun 2017 12:55:31 +0900 Received: from OECPL04 (unknown [129.1.39.79]) by mail1.orion-electric.co.jp (Postfix) with ESMTP id 02E3BE9815B; Thu, 22 Jun 2017 12:55:31 +0900 (JST) From: "Jinattaporn K" To: Cc: "'Fujisawa, E'" , "'T_Urita'" Subject: Requirement for the subscription of FreeBSD License Date: Thu, 22 Jun 2017 12:55:27 +0900 Message-ID: <003a01d2eb0b$62788980$27699c80$@orion-electric.co.jp> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdLrCz7pYA3Ub46AQTWfspn+1FXzJQ== Content-Language: ja X-Virus-Header: clean Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 04:33:33 -0000 Dear The Authors, Organization or Whom it may concern, Regarding to the FreeBSD Project module, under BSD License that retained the copyright you are holding, we are a part of user who are planning to use a modified object or code for apply the module as open source to our product including notices the copyright in our distribution. We already try to understand the limitation or agreement of the license but seems some part quite not clear for understanding. So, we would like your support to provide the explanation following requirement below.; 1. What is the properly sentence of copyright we need to describe in our work.? As we have checked in open source webpage (http://www.freebsd.org), we saw many licenses information on "Legal notices" that concerned with the FreeBSD Project module, we also checked other users previously, they focus on The FreeBSD copyright and The BSD copyright only. Please help to confirm which information we should consider.? Moreover, Do we need to describe all information on License as full information or only the short sentence such as "Copyright 1992-2017 The FreeBSD Project. All rights reserved."? 2. We want to make sure, where we can subscript your copy right.? Specify as "in distribution document and/or other materials", for example if we produce a product, Do we need to subscript your copyright on our product's display or only in our instruction manual document is sufficient.? 3. If this license have any special requirement or recommendation, we pleased to accept your advice. Sorry if this requirements are troubles you, but we are really want to give encourage to the holders of copyright and following your limitation correctly. Thank you in advance for your support. Best Regards, ORION ELECTRIC CO.,LTD 41-1 Iehisa-cho, Echizen-city, Fukui, 915-8555, Japan Tel. +81-778-24-5050 Fax +81-778-24-5456 http://www.orion-electric.co.jp/ From owner-freebsd-questions@freebsd.org Thu Jun 22 07:42:35 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 99F89DA870F for ; Thu, 22 Jun 2017 07:42:35 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [IPv6:2001:8b0:151:1:c4ea:bd49:619b:6cb3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.infracaninophile.co.uk", Issuer "infracaninophile.co.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 40BF571762 for ; Thu, 22 Jun 2017 07:42:35 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from liminal.local (unknown [IPv6:2001:8b0:151:1:1c1d:86a1:a200:b700]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id 69FD5C4D2 for ; Thu, 22 Jun 2017 07:42:32 +0000 (UTC) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=none header.from=FreeBSD.org Authentication-Results: smtp.infracaninophile.co.uk/69FD5C4D2; dkim=none; dkim-atps=neutral Subject: Re: Requirement for the subscription of FreeBSD License To: freebsd-questions@freebsd.org References: <003a01d2eb0b$62788980$27699c80$@orion-electric.co.jp> From: Matthew Seaman Message-ID: Date: Thu, 22 Jun 2017 08:42:26 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <003a01d2eb0b$62788980$27699c80$@orion-electric.co.jp> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6JMW33OxA4Jv5poGCKUP7i45pPpbA8I3I" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 07:42:35 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --6JMW33OxA4Jv5poGCKUP7i45pPpbA8I3I Content-Type: multipart/mixed; boundary="EgFw5TvKLm54tQ5Wd0goMrJWxvb3oSBPf"; protected-headers="v1" From: Matthew Seaman To: freebsd-questions@freebsd.org Message-ID: Subject: Re: Requirement for the subscription of FreeBSD License References: <003a01d2eb0b$62788980$27699c80$@orion-electric.co.jp> In-Reply-To: <003a01d2eb0b$62788980$27699c80$@orion-electric.co.jp> --EgFw5TvKLm54tQ5Wd0goMrJWxvb3oSBPf Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: quoted-printable On 22/06/2017 04:55, Jinattaporn K wrote: > Dear The Authors, Organization or Whom it may concern, >=20 > =20 >=20 > Regarding to the FreeBSD Project module, under BSD License that retaine= d the > copyright you are holding, we are a part of user who are planning to us= e a > modified object or code for apply the module as open source to our prod= uct > including notices the copyright in our distribution.=20 The FreeBSD license applies to most of the source code that goes to build FreeBSD, but there are exceptions. It's the copyright statement in each of the individual source files which is most important. > We already try to understand the limitation or agreement of the license= but > seems some part quite not clear for understanding. So, we would like yo= ur > support to provide the explanation following requirement below.; I suggest that you contact the FreeBSD Foundation with your specific questions -- they are the people who can give you the official position, and will be able to suggest an acceptable form of words. They also have at least on native Japanese speaker on the board, which you might find useful. > 1. What is the properly sentence of copyright we need to describe in= our > work.?=20 >=20 > As we have checked in open source webpage (http://www.freebsd.org), we = saw > many licenses information on "Legal notices" that concerned with the Fr= eeBSD > Project module, we also checked other users previously, they focus on T= he > FreeBSD copyright and The BSD copyright only. Please help to confirm wh= ich > information we should consider.? >=20 > Moreover, Do we need to describe all information on License as full > information or only the short sentence such as "Copyright 1992-2017 The= > FreeBSD Project. All rights reserved."? It depends on which parts of the FreeBSD code you use in your product. If it's just extracting some driver code or similar, then you can extract the copyrights from just the files concerned. >=20 > 2. We want to make sure, where we can subscript your copy right.?=20 >=20 > Specify as "in distribution document and/or other materials", for examp= le if > we produce a product, Do we need to subscript your copyright on our > product's display or only in our instruction manual document is suffici= ent.? >=20 > 3. If this license have any special requirement or recommendation, w= e > pleased to accept your advice. >=20 > =20 >=20 > Sorry if this requirements are troubles you, but we are really want to = give > encourage to the holders of copyright and following your limitation > correctly. >=20 > Thank you in advance for your support. Legal advice from a mailing list is worth about as much as you paid for it: ie nothing. Definitely consult with your own properly qualified legal council to confirm that you are fulfilling your licensing obligations correctly. Cheers, Matthew --EgFw5TvKLm54tQ5Wd0goMrJWxvb3oSBPf-- --6JMW33OxA4Jv5poGCKUP7i45pPpbA8I3I Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJZS3ToXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATzoAQAKuX0Qqg/q39zGu+2l2uZ9wX uMRA9Cj055PnkSMX7LSwB3C48mvmxiwcrd1JfW7/SrGu4SxHP0R0DDskDj7TXpyw 6GBqmCdd7TYfskISOm8ztD/sxWiz7DO67KD9eUd7Zi2r+btFKTqsWzbvojJFa5Sc sv/SHfG4KH+bU1mhZIEgzDCU4pPj3FXV7NmO0wRS5Yw5IaagtibM2PmZKfpddAhs 5NG8TAyZwy8lsH1BPUx3oR6y3cFTmMSv59D0V6ehIfIXrI8PDzOwGoYi0hCoEo+f 531F1UhOoK7JNw9nggQFHANl+hkYxjXlINusbLsMxStDUG7FMXm0mNjXGxB5wA5c RYdBeGPqFd4fkkhqk9FZdrpdACj67hKZZ4CdG+QmvVAFStZlKWtUDOeObujdb6lc hRurQGbIWyEAgN0AhE/szgmqHl9S+cxdY+lwHbJjlmLURx1GdGUwix5BfS+8INPR uqCExZNykkdI2FqYYtkCfZZRmrv1xnCRH8WZWYPtYmau7V5wRgeW5B8AO3YEH8JO impSMSGTYveb86f3SdRQpd2Rpaan+dv+DQHMHPlhQSi+oeRmIQAt5u+bqgSpgHZ0 OdpmGXUWB1Hze/QjIenDbzNgpUsyVIlNemkqXqsuEJKG7n6WFyKXGhSxkf15zq86 nELTvy2OKcILYdEXrGme =Z7si -----END PGP SIGNATURE----- --6JMW33OxA4Jv5poGCKUP7i45pPpbA8I3I-- From owner-freebsd-questions@freebsd.org Thu Jun 22 15:44:00 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C9D49D8EC85 for ; Thu, 22 Jun 2017 15:44:00 +0000 (UTC) (envelope-from tetrosalame@gmail.com) Received: from mail-wr0-x232.google.com (mail-wr0-x232.google.com [IPv6:2a00:1450:400c:c0c::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5B4457F363 for ; Thu, 22 Jun 2017 15:44:00 +0000 (UTC) (envelope-from tetrosalame@gmail.com) Received: by mail-wr0-x232.google.com with SMTP id c11so28612618wrc.3 for ; Thu, 22 Jun 2017 08:44:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=A88LD8BPQhb+dNmSCTNoBqxxAMWf2r+VoqXETuESSJE=; b=JYAr8ZDTZaIso0PcnMjMropUw24bqa4U9GZoG2annpCnXEslsH+/LG0NNiv68K/A0U r09GhjsmrFkp1zK7mR+qu5ZQRW7pXs8rMG17LcVgE05hgbHIkVnRi8kX+2DAHmIdaOiI FYNKZ+vgcDO0nl5rGXbz5Fq1U7oqvnn1GXNMPPhZUtGDqWYMuOULvANnTsCvGcgg/qD4 IzM+gimTWOpn+2s6WobBf4WhyJXGSGIceQ83R51E9A7tL6UVAek9HnMsYDyywu8WtUdT 4JWYxpaL5Jvf7Kt4es9hH6Ys29UurjpBeQj2jHR2vOGwcQS/E4ke1/7yCGC15qE2Oz+/ 0U6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=A88LD8BPQhb+dNmSCTNoBqxxAMWf2r+VoqXETuESSJE=; b=BpXmYQPFxFHR0nyfqM6N7KMYZ9CKZ4p0Wydm6Ngm8afqL8QdUnp3V0z0+JMGkTqq70 ZeD6fJMk6DX+nnTMMbCyuCk3o/SWU6ToB4/ln1FUjtizuUHvrgsXB14XHcLexoVD3ghN aJ31zjpVoW50hxdhSA93ORVsP5Y8nCChaWPoURjl+cSIdlO80QXVg2qaFBWmucyRh79v leyL7KA/wlg3zeyW+cOngr6+M/+8IttVrqN91Giqb8Zj/REHjeCAkY6InkDPk85a8kTS GfxWYsLLY/hXEpnQTwLFPpm0aJpVGsv3/geXl1+Sli4lNgtOFxZaRT05omyUUl67Pqdr VAfg== X-Gm-Message-State: AKS2vOxvqugSonE1lrgMdsqhvOq7KdOguf3zzBDBYicj1bVjeGK5jvbz 03gS7ezgBiGYHae6ZH0= X-Received: by 10.223.134.198 with SMTP id 6mr2400658wry.63.1498146238031; Thu, 22 Jun 2017 08:43:58 -0700 (PDT) Received: from avalon.thwn (host177-89-dynamic.180-80-r.retail.telecomitalia.it. [80.180.89.177]) by smtp.gmail.com with ESMTPSA id e31sm1842282wre.54.2017.06.22.08.43.56 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 22 Jun 2017 08:43:57 -0700 (PDT) Received: from avalon.thwn (localhost [127.0.0.1]) by avalon.thwn (OpenSMTPD) with ESMTP id ff8c0e9e; Thu, 22 Jun 2017 17:43:54 +0200 (CEST) Date: Thu, 22 Jun 2017 17:43:54 +0200 From: fml To: Steve Burton Cc: FreeBSD Questions Subject: Re: gptid, diskid and ufsid appears after power-cut and fsck Message-ID: <20170622154354.GA2092@avalon.thwn> References: <327b0f4d-b0b1-a6fb-cf14-da2ace020d90@sliderule.demon.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <327b0f4d-b0b1-a6fb-cf14-da2ace020d90@sliderule.demon.co.uk> X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 15:44:00 -0000 On Mon, Jun 19, 2017 at 05:06:10PM +0100, Steve Burton wrote: > I've just had a brief power-cut which froze both of my FreeBSD 10.3 REL > servers. Both machines correctly found that / hadn't been correctly > dismounted. After restarting them in single user mode and running 'fsck > /' (twice) until the file system was clean, I rebooted them in > multi-user mode. > > One of them needed a while while the /root mirror was rebuilt. Mirrors > are managed by gmirror. [...] > Previously, the ufsid's, diskid's and gptid's didn't appear in this list > and my questions are: > > Should I be concerned and how do correct this? If your mirrors are fine (gmirror status says COMPLETE) and filesystems on them are fine too, I think you can just disable gptid, diskid and ufsid since you're not using them. Add to your /boot/loader.conf these lines: kern.geom.label.disk_ident.enable=0 kern.geom.label.gptid.enable=0 kern.geom.label.ufsid.enable=0 About labels and geom: man glabel . Bye, f. From owner-freebsd-questions@freebsd.org Thu Jun 22 16:05:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 39F62D8F7ED for ; Thu, 22 Jun 2017 16:05:15 +0000 (UTC) (envelope-from stdin@niklaas.eu) Received: from mx.box-hlm-01.niklaas.eu (mx.box-hlm-01.niklaas.eu [IPv6:2a02:2770:15:0:21a:4aff:fe1b:d1ad]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 071E18028C for ; Thu, 22 Jun 2017 16:05:15 +0000 (UTC) (envelope-from stdin@niklaas.eu) X-Virus-Scanned: amavisd-new at niklaas.eu DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=niklaas.eu; s=default; t=1498147502; bh=HYqIgb5lIDLAIiPyrC5590VF0S8i/9Magw76mFuV+9c=; h=Date:From:To:Subject; b=2Qa8YX22VTDHx/Wnqq6BR+GbvxUhcwo0krOCnh/GHTM5X+rApfokgxzLShp8iOWW0 cehmdPqNAwM+p1XCH0mEmjAsyBWnKGINqWVyqEyhVtsN8yD+6R/1U7WSIQFZBuhdDO pDO+xrDMub+EUP0lcJrq/StteORoBGyPw0loVLKk= Date: Thu, 22 Jun 2017 18:05:02 +0200 From: Niklaas Baudet von Gersdorff To: freebsd-questions@freebsd.org Subject: Building my own poudriere build system Message-ID: <20170622160501.piqo5hsfwzx7gpvk@box-hlm-03.niklaas.eu> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xjnem6k3ue3w7nhg" Content-Disposition: inline X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 16:05:15 -0000 --xjnem6k3ue3w7nhg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I have different FreeBSD machines running, either as servers in production use or for personal use on Raspberry Pis. Since I do not want to compile ports on each machine separately, I made myself familiar with poudriere. In principal, poudriere works great and I have no issues with it. The only thing is that compilation takes a lot of time. As you can imagine/know building ports on a Rasperry Pi takes ages. The servers I use are not very powerful, so same issue here. The best performing machine I have is a 7-year-old ThinkPad Notebook (T420). Anyway, when trying to crossbuild for ARM it takes ages on this machine too. So I started thinking about building packages in the cloud. The idea: Spin up a powerful Amazon EC2 instance, (cross)build the packages I need, upload them to S3, and distribute the packages =66rom there to my machines. If I automated that process, I could easily upgrade the packages whenever I needed. I would not have to buy an expensive machine for building at home, and would only pay for the powerful EC2 instance when I needed it. This was theory. Practice is a bit more difficult, but I managed to create a Terraform [1] skeleton that does that in principal: https://github.com/niklaas/port-builder But I keep on wondering: How do you manage to build greater amounts of packages or do crossbuilding? I cannot imagine everybody having a high-end machine standing in the living room -- but maybe my assumption about FreeBSD developers and port maintainers are wrong. :-) On the web, here and there I found someone having the same idea and having implemented it with some scripts, but I haven't found a proven/official solution yet. How do you approach this? Do you build in the cloud or locally? Niklaas 1: http://www.terraform.io --xjnem6k3ue3w7nhg Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAABCAAGBQJZS+qnAAoJECmqaRXQsC2fDEQP/AkaH+xbYN2xxh4ZFHaVLY00 4bQY4BDb9t5UUUv/yDzhG/qCH8f9z0RzL9Wr77E8g42aBQqNbB0YT++tY8E1USq+ FeRG3VUO6RaRDQSE//rZtXmv8lQGdqem0NF95seg8tbJvrJbuqZrThvXWbxHzBHK rq6NoU8F+fhpOUSoJ/aVEcJKjvCeAv5gdE6rE0dox+XPaWAcb2f6ChtsautVrbw+ K+nj4coWiN1V1IIIqvwGw+q/Pkp8/MWc9Ci29TYEu+G5n44GWiWSqM/zPli56lg0 FnRJfNzv0DLmNsCe0qLYDdt3Sbb5PCh03zv2FVoi/KfeI8HG+iKnTHmYDUrLUxqG e4GaCiUpvSm+D5POU6vZdZWIZqBpNoHSIYbArh+AUL8TSnn9YO7d9enAGKjMTIaV Y2MpytNDKkQ2P07vZf7bioe/uV/VCbSDaKGyPwo14oOx4nVX4Ef+D7pNp6ThAIuK g2grOyHaMsSdegZ8ur5G5GkkEAk+D/Gku4gNfQgpiPcSeG5ukpHjTM8wGxBN3jKO LOgqmWOfXOU/B+v1tvifpK696Tu1ZlTGzcv/Zr2bdSNR3exM0mhIBj4h6q/kQYoV iWbbu9AadVv5VxDfkZNhDqaY/5GTFIVfKG4gDYhN2KcEE9oqafPzz0wqOYqHBrIS 9LvpB0yTqoCfaRvcUW9s =nJG6 -----END PGP SIGNATURE----- --xjnem6k3ue3w7nhg-- From owner-freebsd-questions@freebsd.org Thu Jun 22 17:14:55 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32053D90ED5 for ; Thu, 22 Jun 2017 17:14:55 +0000 (UTC) (envelope-from web@3dresearch.com) Received: from smtpd.telissant.net (smtpd.telissant.net [104.225.1.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DCF2882DE4 for ; Thu, 22 Jun 2017 17:14:54 +0000 (UTC) (envelope-from web@3dresearch.com) Received: from cortina.3dresearch.com (localhost [127.0.0.1]) by smtpd.telissant.net (Postfix) with ESMTP id 70F8F1129B9 for ; Thu, 22 Jun 2017 13:00:48 -0400 (EDT) X-Virus-Scanned: amavisd-new at telissant.net Received: from smtpd.telissant.net ([127.0.0.1]) by cortina.3dresearch.com (cortina.3dresearch.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x020l2WOGwnL for ; Thu, 22 Jun 2017 13:00:16 -0400 (EDT) Received: from elettra.3dresearch.com (unknown [71.112.245.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: elettra) by smtpd.telissant.net (Postfix) with ESMTPSA id 23476112985 for ; Thu, 22 Jun 2017 13:00:16 -0400 (EDT) Received: from elettra.3dresearch.com (localhost [127.0.0.1]) by elettra.3dresearch.com (Postfix) with SMTP id 65276113187 for ; Thu, 22 Jun 2017 13:00:15 -0400 (EDT) Date: Thu, 22 Jun 2017 12:59:48 -0400 From: Janos Dohanics To: FreeBSD Questions Subject: Re: PostfixAdmin and System Messages Message-Id: <20170622125948.3f056124a74623c8c7400623@3dresearch.com> In-Reply-To: <4e7f6eaf-3db0-8906-3dd3-9d3b98e7b374@gregs-garage.com> References: <4e7f6eaf-3db0-8906-3dd3-9d3b98e7b374@gregs-garage.com> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; amd64-portbld-freebsd10.3) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 17:14:55 -0000 On Wed, 21 Jun 2017 11:21:18 -0500 Greg Groth wrote: > After 20 years of Sendmail, I've built a new mail server using the=20 > guidelines outlined at purplehat.org. So far, everything is working=20 > great except that my system messages that used to be delivered to my=20 > account are MIA. I do have an alias in /etc/aliases from root to my=20 > email address hosted on the same server, but I don't know if > Postfix / PostfixAdmin uses the /etc/aliases when configured to use > virtual aliases. I also added a virtual alias from > root@domainname.com to user@domainname.com >=20 > A little more history: In the purplehat.org documentation was the=20 > following note. >=20 > >=20 > If you are receiving errors in your logs about $mydestination, be > sure that _ANY_ ?virtual? domain you are hosting is _NOT_ listed in > your /etc/hosts file. Apparently this causes a problem being as > Postfix cannot determine if the domain is virtual or not. (Thanks > Valentin) >=20 > >=20 > I am only running a single doman on the server, but because of the > above message, I specifically avoided entering the mail server's > internal IP address and FQDN in /etc/hosts. However, when I looked > at my maillog I noted that Postfix was trying to send the system > emails to my mail server's outside IP address, which obviously didn't > reply. >=20 > While I run my own DNS server on the same box as my mail server, it's=20 > serving the external IP addresses to the outside world. It's > currently 1 of 2 machines on my DMZ, which has a non-routable IP > range of 192.168.100.X. Because of there only being two machines, I > use /etc/hosts for any needed name resolution on the network, and my=20 > /etc/resolv.conf is pointed at 8.8.8.8 & 8.8.4.4. >=20 > Because of this issue, I then decided to try adding an entry to my=20 > /etc/hosts file : >=20 > 192.168.100.10 domainname.com mail.domainname.com >=20 > Now when I check the maillog, although it is now finding the mail=20 > server, I see that my system emails are now being routed to=20 > root@mail.domainname.com instead of root@domainname.com. >=20 > Based on what I'm seeing, I'm assuming that this is more of a DNS > issue than Postfix, I'm just not sure if I can use the hosts file to > fix it or if I should try to install a local DNS server just for my > DMZ for the system emails? Other than the system emails, everything > else has been working great. Any thoughts? >=20 > Regards, >=20 > Greg Groth Greg, what's the output of: postconf myhostname and postconf mydestination ? --=20 Janos Dohanics From owner-freebsd-questions@freebsd.org Thu Jun 22 19:28:14 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E50CD9310A for ; Thu, 22 Jun 2017 19:28:14 +0000 (UTC) (envelope-from punosevac72@gmail.com) Received: from mail-it0-x22e.google.com (mail-it0-x22e.google.com [IPv6:2607:f8b0:4001:c0b::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E557A2A08 for ; Thu, 22 Jun 2017 19:28:13 +0000 (UTC) (envelope-from punosevac72@gmail.com) Received: by mail-it0-x22e.google.com with SMTP id m47so4105731iti.1 for ; Thu, 22 Jun 2017 12:28:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:user-agent; bh=rF2yyplaQzpY3wkC7Nf242M6E1tnLdQ/0u2XOXbjcF0=; b=G+xQ2O4ch4Bn+MEh/D/8y8qKuxRnxNUlNFXYtSGKziaPO794Wl2Jpk/o+hehj5Eb4p 8waJQ+mCs6o7UJRO34qK/BZnRgAOQ/FEGWAnaWuomDkDbaChkaLIP1hmS1skLKsUcNzu cYJW8UoeOLp8BEj0ulN4uV3mI8VZCG/pYyAmilk5582EoaX5MjT2Bfom+VPmQsGkRUhU Mm3hfiTH3jXZ9fGT7dWjXz1KoSGlKQ+pt0E2vjiJtURXKNWiWsceaMz5+CwaWd/76c9/ dJhZaNbH0Sq6BLHEqK03Zh9v2mRvdKp4DUomCO0cScxvQBl6XDwWOjqPQEFZzRAt0DeS 9WOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:user-agent; bh=rF2yyplaQzpY3wkC7Nf242M6E1tnLdQ/0u2XOXbjcF0=; b=rE4k4I2it5t1OPrw2x93BTeyq67tIv7/xpx9Nkd+7Qpq+uhaSCJnkcNwetHa+AqWQ7 wIjxhAS9YvmvCQT/h+IhtJEmlRpIXptizHqltVcntZXK5LyfcZrWEzaJOi5AFXsQB7Xh NDSJKPA4UFSX0BaGyCOBjqagLmMqFpU0kDsDYacm8CfT85iEqHhNF8c+KHAabHnZwKV4 l4jUuKK+u0B5UlLxQDft+ywhzlhx3pZQuUnpYhX1exHzftDmfOPrDM0KXOG6mrCXW3Iw bevEbYBtLthKIALTFH1cRya5zTb7doyBqQ4oISDKQOH/RxV5j9Fc4IAhwX4lbjcZZseN Ofyg== X-Gm-Message-State: AKS2vOxLGzyynxwVAHecpUY8vt0hD9J+2n6nxmTDTXwpWmJy4wTxnFNa r11XxxXL1pNOj85s X-Received: by 10.36.66.208 with SMTP id i199mr3369547itb.99.1498159692978; Thu, 22 Jun 2017 12:28:12 -0700 (PDT) Received: from oko.bagdala2.net (dynamic-acs-24-101-116-96.zoominternet.net. [24.101.116.96]) by smtp.gmail.com with ESMTPSA id v75sm1450401ita.20.2017.06.22.12.28.12 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 22 Jun 2017 12:28:12 -0700 (PDT) Date: Thu, 22 Jun 2017 15:28:09 -0400 From: Predrag Punosevac To: freebsd-questions@freebsd.org Subject: LDAP Authentication and Authorization Message-ID: <20170622192809._8HM3EcPe%punosevac72@gmail.com> User-Agent: s-nail v14.8.12 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 19:28:14 -0000 Hi Folks, This is my first post to this mailing list after ten years so please bear with me. I am trying to migrate dozen file servers and jail hosts currently running FreeNAS 9.2.1.9 or TrueOS (server edition of now dead PC-BSD) 10.3 to vanilla 11.0. I am having a real hard time with LDAP authentication part on file server. Before we go any further let me say that in our Lab use LDAP server from the base of OpenBSD 6.1. We use LDAP for both authorization and authentication. I have no intension to set Keberos server for authentication. I also realized this morning that I might not even need authentication part on FreeBSD file servers as regular users will not be loggin into the file server. They will be only accessing their home directories via NFS and I got authorization part working correctly. However it really bothers me that I can't log into the FreeBSD machine with LDAP account. Let me describe what I have done in the past and so far. FreeNAS 9.2.1.9 both authentication and authorization works like a charm more or less following "official documentation". https://www.freebsd.org/doc/en/articles/ldap-auth/ I tried to migrate FreeNAS server to PC-BSD 10.3 but I hit the wall. https://forums.freebsd.org/threads/52989/ The most disturbing part was post in which I learnt about nss-pam-ldapd "It's part of the net/nss-pam-ldapd / net/nss-pam-ldapd-sasl port. Don't use the old security/pam_ldap and net/nss_ldap modules. They've been abandoned years ago by their upstream and suffer from several severe design errors. nslcd breaks the LDAP PAM and NSS modules into two parts. One part is a daemon handling all the heavy work and the other are small shims querying the daemon over a unix domain socket to implement the NSS and PAM interface. which "official documentation" never mentions. By the way the "official documentation" worked flawlessly for DragonFly BSD. https://marc.info/?l=dragonfly-users&m=141630435129956&w=2 While contemplating to migration to 11.xxx I was happy to learn that FreeBSD got ypldap and was possibly contemplating moving away from PAM insanity https://www.freebsd.org/cgi/man.cgi?query=ypldap&apropos=0&sektion=0&manpath=FreeBSD+11.0-RELEASE+and+Ports&arch=default&format=html just to be totally discouraged by the following post https://marc.info/?l=freebsd-questions&m=149746603212079&w=2 by one of long time FreeBSD users. I don't get why import ypldap code in the base if FreeBSD is sticking to PAM craziness. https://marc.info/?l=freebsd-questions&m=149746504411822&w=2 Anyhow this is what works on this file server and what doesn't' OpenLDAP client works root@hera:/usr/local/etc/openldap # more ldap.conf BASE dc=autonlab,dc=org URI ldap://atlas.int.autonlab.org:389 SIZELIMIT 12 TIMELIMIT 15 DEREF never SSL START_TLS TLS_REQCERT allow TLS_CACERT /usr/local/etc/openldap/certs/ca.crt TLS_CACERTDIR /usr/local/etc/openldap/certs TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3 ldapsearch -ZZ -D "uid=predrag,ou=users,dc=autonlab,dc=org" -W # mravanba, group, autonlab.org dn: cn=mravanba,ou=group,dc=autonlab,dc=org cn: mravanba objectClass: top objectClass: posixGroup gidNumber: 1078 memberUid: mravanba description: User Private Group # search result search: 3 result: 4 Size limit exceeded # numResponses: 13 # numEntries: 12 Following the suggestion from FreeBSD forum threat and based on negative comments about ypldap daemon I installed net/nss-pam-ldapd I configured nslcd daemon root@hera:/usr/local/etc # more nslcd.conf uid nslcd gid nslcd uri ldap://192.168.6.7/ base dc=autonlab,dc=org rootpwmoddn cn=admin,dc=autonlab,dc=org base group ou=groups,dc=autonlab,dc=org base passwd ou=users,dc=autonlab,dc=org # CA certificates for server certificate verification tls_cacertdir /usr/local/etc/openldap/certs tls_cacertfile /usr/local/etc/openldap/certs/ca.crt and started it root@hera:/usr/local/etc # cat /etc/rc.conf | grep nslcd nslcd_enable="YES" root@hera:/usr/local/etc # service nslcd status nslcd is running with PID 1074. I modified nsswitch.conf file root@hera:~ # more /etc/nsswitch.conf # # nsswitch.conf(5) - name service switch configuration file # $FreeBSD: releng/11.0/etc/nsswitch.conf 301711 2016-06-09 01:28:44Z markj $ # # group: compat group: files ldap # group_compat: nis hosts: files dns netgroup: compat networks: files # passwd: compat passwd: files ldap # passwd_compat: nis shells: files # services: compat services: files ldap # services_compat: nis protocols: files rpc: files and restart nsswitch daemon I installed and linked users shells and mounted their home directories for testing purposes to make sure they can log. Finally this is my root@hera:~ # more /etc/pam.d/sshd # # $FreeBSD: releng/11.0/etc/pam.d/sshd 197769 2009-10-05 09:28:54Z des $ # # PAM configuration for the "sshd" service # # auth auth sufficient /usr/local/lib/pam_ldap.so no_warn no_fake_prompts auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account account sufficient /usr/local/lib/pam_ldap.so account required pam_nologin.so #account required pam_krb5.so account required pam_login_access.so account required pam_unix.so # session #session optional pam_ssh.so want_agent session required pam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass password sufficient /usr/local/lib/pam_ldap.so try_first_pass password required pam_unix.so no_warn try_first_pass At this point getent passwd works like a charm and I can even root@hera:~ # su - predrag auton@hera$ to my home directory auton@hera$ pwd /zfsauton/home/predrag So at this point I feel like I have authorization part working correctly and according to this documentation https://arthurdejong.org/nss-pam-ldapd/setup I should not be far away from authentication part as well (which I might not even need on the file server). However when trying to ssh into the server with LDAP credentials it fails Jun 22 15:19:28 hera nslcd[2675]: [6f59b2] uid=awd,ou=users,dc=autonlab,dc=org: Confidentiality required Jun 22 15:19:28 hera nslcd[2675]: [6f59b2] uid=awd,ou=users,dc=autonlab,dc=org: "${shadowLastChange:--1}": password changed in the future Jun 22 15:19:28 hera sshd[2678]: error: PAM: authentication error for awd from 10.8.0.6 and I also see bunch of other errors in /var/log/messages Jun 22 02:55:00 hera nslcd[1074]: [65e7c4] ldap_result() failed: No such object Jun 22 03:00:00 hera nslcd[1074]: [923f5c] ldap_result() failed: No such object Jun 22 03:00:00 hera nslcd[1074]: [7e2017] ldap_result() failed: No such object Jun 22 03:00:00 hera nslcd[1074]: [533840] ldap_result() failed: No such object Jun 22 03:01:00 hera nslcd[1074]: [f1fa0b] ldap_result() failed: No such object Jun 22 03:01:00 hera nslcd[1074]: [6d3dc2] ldap_result() failed: No such object Jun 22 03:05:00 hera nslcd[1074]: [574d2f] ldap_result() failed: No such object Jun 22 03:10:00 hera nslcd[1074]: [8cc0da] ldap_result() failed: No such object Jun 22 03:11:00 hera nslcd[1074]: [c96ec1] ldap_result() failed: No such object Jun 22 03:15:00 hera nslcd[1074]: [86bffd] ldap_result() failed: No such object Jun 22 03:20:00 hera nslcd[1074]: [a6e267] ldap_result() failed: Can't contact LDAP server Jun 22 03:20:00 hera nslcd[1074]: [a6e267] ldap_result() failed: No such object Jun 22 03:22:00 hera nslcd[1074]: [5a3141] ldap_result() failed: Can't contact LDAP server Jun 22 03:22:00 hera nslcd[1074]: [5a3141] ldap_result() failed: No such object Jun 22 03:25:00 hera nslcd[1074]: [57f83c] ldap_result() failed: Can't contact LDAP server Jun 22 03:25:00 hera nslcd[1074]: [57f83c] ldap_result() failed: No such object Jun 22 03:30:00 hera nslcd[1074]: [6a7632] ldap_result() failed: No such object Jun 22 03:31:00 hera nslcd[1074]: [7635f9] ldap_search_ext() failed: Can't contact LDAP server: Operation not permitted Jun 22 03:31:00 hera nslcd[1074]: [7635f9] no available LDAP server found, sleeping 1 seconds Jun 22 03:31:01 hera nslcd[1074]: [7635f9] ldap_result() failed: No such object Jun 22 03:33:00 hera nslcd[1074]: [d1b46c] ldap_result() failed: No such object Jun 22 03:35:00 hera nslcd[1074]: [9c649f] ldap_result() failed: No such object Jun 22 03:40:00 hera nslcd[1074]: [9285d2] ldap_result() failed: No such object Jun 22 03:44:00 hera nslcd[1074]: [901b6e] ldap_result() failed: No such object Jun 22 03:45:00 hera nslcd[1074]: [f93502] ldap_result() failed: No such object Jun 22 03:50:00 hera nslcd[1074]: [075f1e] ldap_search_ext() failed: Can't contact LDAP server: Operation not permitted I am stumpped at this point. I think I stumbled late last night on some thread which claims that pam_ldap is needed for authentication part. However trying to install pam_ldap using pkg install also is deinstalling nss-pam-ldapd package. That could be due to compiling options for nss-pam-ldapd. Maybe the porter assumes I will set Kerberos for Authentication part. I appologize for the very long e-mail but I wanted to leave electronic trace for people who will looking for this. I appreciate any input. Best, Predrag From owner-freebsd-questions@freebsd.org Thu Jun 22 20:49:25 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4F885D941A3 for ; Thu, 22 Jun 2017 20:49:25 +0000 (UTC) (envelope-from serpent7776@gmail.com) Received: from mail-lf0-x241.google.com (mail-lf0-x241.google.com [IPv6:2a00:1450:4010:c07::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C6FDB64AE3 for ; Thu, 22 Jun 2017 20:49:24 +0000 (UTC) (envelope-from serpent7776@gmail.com) Received: by mail-lf0-x241.google.com with SMTP id l200so4241997lfg.1 for ; Thu, 22 Jun 2017 13:49:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:mime-version :content-transfer-encoding; bh=5Wy7MwLdlah4ezdWHSRhamkjC3wLSLM3A9gLODRgGCs=; b=brZFrXcZeO4eFgKFvEcfpLL6+UaxRPKQf4FLthGLaX2/89fwDryaeEscrEwqmXczeB 70/gy9KdMIFaxzjLcMhVUZbR3nOizZVCyyKqbIYPDnQOElzNgo/7mTXnlnCxoiPJTP/x 396k0/j92jkxxSV+A8dq4L5In5+CATjCxyXhb5LmcL8O+2eQTuzS+Dw22UgwifrIBPHh DMTrA67AoM7TcjYw1Iubr3Jp+83jkCRgewcJzTELTgTVhlUFhOZQdoS+74W5U5GwNVez NXVADXuuHJYBRdtikm/kEwRcd1wJd40Mh10C+1/PWUG+ox2zDw7CgFRVLcDr4sZZ8r5Z Yzyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-transfer-encoding; bh=5Wy7MwLdlah4ezdWHSRhamkjC3wLSLM3A9gLODRgGCs=; b=ZQAAxSGAMaDx/13Z94yCbFZPaAByIf+L8zGZKjTT6zmHXiisIUKUSiOQHUj92cqCMS ieT5xQakFpQ2KEHK/UXINf4HHg67sD8nPFfBFrUDGCPsPWcqv6M2MEmUIcFOHEuuUN+0 LwV2sUYrjFcbe2+GIdrTAOrSYlk+ciL1yKG6bEPsjUyHtpzDPxe6dWrXk0qVIT+hb0cw fVEmEK9rGG0nUfhpS3xLdwg8PCsyf+TA4jN3RQiy+Z3rnK89yC7dTXLEVYlqqdktnJ46 8n6WVyJ0+wC9ltLj86KBQUpr93iWvVjL2t/dmrVoEwd1TgFV40NkmEzR5YQJbCSaIECE qgLQ== X-Gm-Message-State: AKS2vOyk/ZAZWiwFr9NiX6eeFeFKb3KEmJiISqHIwHsyTuO8FQafUOlV CAu+82gO2mVslhkF X-Received: by 10.25.166.15 with SMTP id p15mr1397990lfe.43.1498164560827; Thu, 22 Jun 2017 13:49:20 -0700 (PDT) Received: from DaemONX (90-156-31-193.internetia.net.pl. [90.156.31.193]) by smtp.gmail.com with ESMTPSA id b2sm705380lje.56.2017.06.22.13.49.19 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 22 Jun 2017 13:49:20 -0700 (PDT) Date: Thu, 22 Jun 2017 22:47:52 +0200 From: Serpent7776 To: freebsd-questions@freebsd.org Subject: CFLAGS is recursive in devel/yasm Message-ID: <20170622224752.4a53b22d@DaemONX> X-Mailer: Claws Mail 3.15.0 (GTK+ 2.24.31; amd64-portbld-freebsd10.3) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 20:49:25 -0000 Hello, I getting an error recently when trying to call poudriere options on devel.yasm: [00:00:00] ====>> Appending to make.conf: /usr/local/etc/poudriere.d/ports10amd64-workstation-make.conf Variable CFLAGS is recursive. make: stopped in /usr/local/poudriere/ports/local/devel/yasm ${MAKE_PRINT_VAR_ON_ERROR:@v@$v='${$v}' @}Variable CFLAGS is recursive. make: stopped in /usr/local/poudriere/ports/local/devel/yasm ${MAKE_PRINT_VAR_ON_ERROR:@v@$v='${$v}' This seems to be related to poudriere, because I can use `make config` on devel/yasm without errors. Anyone has any idea what might cause this issue? -- /* * Serpent7776 */ From owner-freebsd-questions@freebsd.org Fri Jun 23 06:01:17 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1374D9D1FB for ; Fri, 23 Jun 2017 06:01:17 +0000 (UTC) (envelope-from bhughes@freebsd.org) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 781E0792F6 for ; Fri, 23 Jun 2017 06:01:17 +0000 (UTC) (envelope-from bhughes@freebsd.org) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 25122209DE; Fri, 23 Jun 2017 02:01:16 -0400 (EDT) Received: from frontend2 ([10.202.2.161]) by compute1.internal (MEProxy); Fri, 23 Jun 2017 02:01:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= fm1; bh=a8pNhXsXxrzOnYl87gAE9b1PopJEVUgto3kvHe6dxYQ=; b=Wfw5A5mz 0IvLVDKFbFlOqOM/l7KOxf3j712/PkxwNR07CuhhT2wwWOX6pkwsgB6laK6Xgv2Y Jj2Aa1FyVz65+HEzThzsa+4gdryb1crkyIViCsZVhF/WRrEqizTz9itBOFyHrGHk FwfWlE4IP7DB47pSsF+fUNynVyoVwuz7SXDfoOJvCvPGch7QaLE2MK6kH+euJ4K2 sf5DKPt/wxmUBkkiJrzP23+TO6FEYSlgy35pYqUE3qWZrsm7fcX3jR2js0l8+DLR Q19q169BEAG6mt0GDUcaWliBQ8FE97LFz0uNvuA5h93myz1V3lWEkE/KbodkwGwA MEqiyC8BZueIpg== X-ME-Sender: X-Sasl-enc: FqgH9PrsHlInRAkd2IabxxCloA0+HJ1w7EhApkjreW0r 1498197675 Received: from [192.168.0.74] (ip84-247-189-242.breiband.no [84.247.189.242]) by mail.messagingengine.com (Postfix) with ESMTPA id 7F32524664; Fri, 23 Jun 2017 02:01:15 -0400 (EDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: Building my own poudriere build system From: "Bradley T. Hughes" In-Reply-To: <20170622160501.piqo5hsfwzx7gpvk@box-hlm-03.niklaas.eu> Date: Fri, 23 Jun 2017 08:01:11 +0200 Cc: freebsd-questions@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <20170622160501.piqo5hsfwzx7gpvk@box-hlm-03.niklaas.eu> To: Niklaas Baudet von Gersdorff X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jun 2017 06:01:17 -0000 > On 22 Jun 2017, at 18:05, Niklaas Baudet von Gersdorff via = freebsd-questions wrote: [snip] > This was theory. Practice is a bit more difficult, but I managed > to create a Terraform [1] skeleton that does that in principal: >=20 > https://github.com/niklaas/port-builder >=20 > But I keep on wondering: How do you manage to build greater > amounts of packages or do crossbuilding? I cannot imagine > everybody having a high-end machine standing in the living room > -- but maybe my assumption about FreeBSD developers and port > maintainers are wrong. :-) On the web, here and there I found > someone having the same idea and having implemented it with some > scripts, but I haven't found a proven/official solution yet. How > do you approach this? Do you build in the cloud or locally? I build in the cloud. Like you, I use an EC2 instance with poudriere and = multiple versions of jails to test changes/patches. I haven't gone as = far as to copy the packages to S3, though. My builder is running 24/7, = and I've been using spot instances to keep the cost down despite using = an m4.2xlarge. I like your Terraform skeleton. I have often wanted to do something = similar, but never gotten around to it. I am curious how far you will be = able to take it. Thanks for sharing! I'm glad I'm not the only one using EC2 for building = ports :) -- Bradley T. Hughes bhughes@freebsd.org From owner-freebsd-questions@freebsd.org Fri Jun 23 12:36:44 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ECAA5DA3E2A for ; Fri, 23 Jun 2017 12:36:44 +0000 (UTC) (envelope-from demelier.david@gmail.com) Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A707983E83 for ; Fri, 23 Jun 2017 12:36:44 +0000 (UTC) (envelope-from demelier.david@gmail.com) Received: by mail-vk0-x22f.google.com with SMTP id y70so12892241vky.3 for ; Fri, 23 Jun 2017 05:36:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=tTu5Ao/Yp3P/0mcTSoZBasR35kjMqYnvBEduZcupA/M=; b=GDyCol4VkZtcOaOY4aw6KmpwB67cEBMS2HiM0TGVlOnGYz/iU8DkZcYtJQB7B9Hb1d 8/tBE+Mw5bA+qGmj4plYeNFlD395sN8dIMbqzOYf9D+akBu6UN43vL/l5Y1UJskq7y2g INb5avAHkaJeorXK2QUe2zLZTU8Q/huFC27rw6/16rnnJr6u+ygn9YA07djHOe+FW8t+ lh8Hnf0QmMtu686nI6WMtcM1tKxPnCEmf6cLBifkm+HiEB3rYy5/sptiyKuVn0RMF4qQ u2LkPEzny1zuoOQNLWUvCisOvAXYFz803P2BhB7qz5ZH0JVBugubSRQQoio7pw+8Le9G Ackw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=tTu5Ao/Yp3P/0mcTSoZBasR35kjMqYnvBEduZcupA/M=; b=eVn91lYrmPkG11/mQmyi9m65N/uTZ+B+SEdbDZ+tBmtwWzIrCf2GZELPK2xoHo58Sc YOQndeEPkAnI4+l8QBr67MLK6y+qazQrkRDAiE3jtvrbPvc8S6gd8uyHyZ+fGRXoC5Fm ESDH2Av62AoPiV5eWEBvvwojcGNpyZ/JtoV0lsDUh/pIRRs4b36Ikdfnsc1ndklxHT2S rPRwVHy43fqgNPIznPpk0kq8CZL4bsbwzowpa+XlJo46V/7Fh1iGSOa9o7AZ+RsSrPIY xz0Aj1XU8NqhvetSBiwZZmNdbbuc7YToBzOLdHjtrRX+zZPqNsnTvtDSVhbYe6xnE2xx AHbg== X-Gm-Message-State: AKS2vOwmmUEncpcSPPyLDuc6B8bRLUB946BJBYAILXpQYy8b+lkopboB Y7ypOGFtremtxw/S8fSq+ClNtA5jncoy X-Received: by 10.31.14.69 with SMTP id 66mr2064705vko.99.1498221403430; Fri, 23 Jun 2017 05:36:43 -0700 (PDT) MIME-Version: 1.0 Received: by 10.103.178.70 with HTTP; Fri, 23 Jun 2017 05:36:42 -0700 (PDT) From: David Demelier Date: Fri, 23 Jun 2017 14:36:42 +0200 Message-ID: Subject: A jail does not start To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jun 2017 12:36:45 -0000 Hello, I have one of my jail that does not start and complains about being already running. Basically, my /etc/jail.conf looks like this: build { host.hostname="build"; ip4.addr="10.0.0.12"; } mpd { host.hostname="mpd"; ip4.addr="10.0.0.13"; } markand { path="/jails/markand.fr"; host.hostname="markand.fr"; ip4.addr="10.0.0.20"; } The commandservice jail start starts all of them except markand. my /etc/rc.conf contains these lines: jail_enable="YES" jail_list="build mpd markand" And if I try to start the jail markand by hand I get this error: $ sudo service jail start markand jail already running? (pid=3087). The weird thing is that process 3087 is own by mpd jail. $ sudo ps auxw | grep 3087 root 3087 0.0 0.0 16804 2380 v0 I+ 14:32 0:00.00 /usr/sbin/jail -i -f /etc/jail.conf -c mpd I could not manage where this class cames from. If you have any clues. Thanks! -- Demelier David From owner-freebsd-questions@freebsd.org Fri Jun 23 19:09:02 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00325D87E92 for ; Fri, 23 Jun 2017 19:09:01 +0000 (UTC) (envelope-from cinmckinnon93@gmail.com) Received: from mail-ot0-x22f.google.com (mail-ot0-x22f.google.com [IPv6:2607:f8b0:4003:c0f::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A5B8D71119 for ; Fri, 23 Jun 2017 19:09:01 +0000 (UTC) (envelope-from cinmckinnon93@gmail.com) Received: by mail-ot0-x22f.google.com with SMTP id u13so37597624otd.2 for ; Fri, 23 Jun 2017 12:09:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=3Z8hBGnoJmzmStFfy/26a00jx3NO7TzSrFGiDBYWcDg=; b=lhlLvOUH8V+ULu7oXkkM4Id9eGjOz2SLw54GLczg7ZlqlOb+CWtVOdgRu8nHe6iKVk D8+5Ipcis+UVCLm+/Dwi/MbiJvpy7AGQrpfG2EPWx8Tl0TlL21Bck2qstYOV9sMEwOSn 4L21TDoXDdFY+O3RE1b2wsk65I+6xTT3Sf/oKeBQfY1M2d4tVP/IVGk4lqxwsS2/2M9e +AsG8sEoomUiItSgZ7nYhzBMTtCpHOq36LD4/JotEqbmKyi7pLgFS5zLz+7NzNhTJIX7 yOYyOkTzTIL3T82z8gaQ3EI7FHVbiy4eyoPCDlqxZQpHtgDTY2D1hvbnYPWSolfzjUEG p3bQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=3Z8hBGnoJmzmStFfy/26a00jx3NO7TzSrFGiDBYWcDg=; b=oA6YNK/CAJC5ybz7sFRgCe8c4Bn29gOnMam1HRYSf3yqZc37kRLpVtWQ0N/PddIIXX JHjQTxewy4yj4lN5/AU+EYwV/7I5HGNiRyFliM/5KlPLAp4H1SfAvKmvMHZ+CexMymWa T+8LhRM6oU6WkrOU/NAvHddNpkjBXWB9h96ShlL3IxD6H+Z0CMvXYFL+Gzp1wNMNVxBm bEngVnWElEdlfKz0bZtIXUyssJNf/q97vGL75mN4lXetDmLbcq46Wp9Sn+i7Jya2zZ+f hKWsLwrJcT+L1EGTUbTw3g1Ktd7ktM5Uy9NT5cU4DS/1eJuagoJzvVe7b/iYgbTV7uox F3Sg== X-Gm-Message-State: AKS2vOynv0uT0fTZ8AH62BF8zNG+i3DYd1kiqhGPKKjsItMaBnPGV62u Bmzq9b30PCotO+VsWuaivkXQLKI7pgQ/ X-Received: by 10.157.11.87 with SMTP id p23mr4667106otd.72.1498244940633; Fri, 23 Jun 2017 12:09:00 -0700 (PDT) MIME-Version: 1.0 Received: by 10.182.162.41 with HTTP; Fri, 23 Jun 2017 12:08:59 -0700 (PDT) Received: by 10.182.162.41 with HTTP; Fri, 23 Jun 2017 12:08:59 -0700 (PDT) In-Reply-To: References: From: Cindy McKinnon Corder Date: Fri, 23 Jun 2017 14:08:59 -0500 Message-ID: Subject: Maga To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jun 2017 19:09:02 -0000 3 different gift cards 100. 25. 200. Card 1 week aov took 4.95 from my account asking same info assured me not taking twice had a pfoblem with system just finishing verification info am j being scamned callong bank a scam hot line now From owner-freebsd-questions@freebsd.org Sat Jun 24 12:22:12 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 131B0D9DD93 for ; Sat, 24 Jun 2017 12:22:12 +0000 (UTC) (envelope-from punosevac72@gmail.com) Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C61176761B for ; Sat, 24 Jun 2017 12:22:11 +0000 (UTC) (envelope-from punosevac72@gmail.com) Received: by mail-qk0-x232.google.com with SMTP id 16so52548066qkg.2 for ; Sat, 24 Jun 2017 05:22:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:user-agent; bh=AOvENUo91QpG3oCdSZaUBshSbR7l6R/UDSKQlgcCI5Q=; b=Bt+inIietT3HW9CaMZBHeOmtdvekU0vjsw7Vb3d99IrsRnU1yeYl5PqPqgWV9Kph6D R5kRXsFWWNvhZtKbVw5hJ8yj9e3mpf+e5LTnR1P57Glqsf/noc73evCZpqU3+DI0U8Q4 wbkblfjNq471WR92pbVe+0AjpWJT9qpTVRDe9aHoufrEgOvjofHreS0HOc//HbwF7exG a50XObavycz8IvU0vxosHBfBLAEZpMpTx73+w/OpUU2D2JfES5yDahvq9Y0zxdnOtBnD C4SzZzH/oy/B/QiNoXdVwtFL58s7nsgM0aCuLyho/lIjNTRL7CaYF7wmR2UcsOYejztD qm/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:user-agent; bh=AOvENUo91QpG3oCdSZaUBshSbR7l6R/UDSKQlgcCI5Q=; b=OAaWUNYL3hOxACZiHM2reG76C27tb5s/lOLK9CXq3D3Jai0khzB0xpTPGVmfTBtUXU JM+LlYEa+7O7zsPo2Wl0lEdDrNC0nRa8tNVhTcc42r4f3adOkrJ6Kp3fM/CnqUai18Q8 qU9RV26XNbRlDDO5RRS85xnNkPcVpqI0pRonNAHbVNRsoAKfNGCC34IZvBxjqmG0HpCL PcGflxzcWP8yhg1OHSDNHBrI5bdEWL2uyBPWMCa5GcOFOMCY4/ZgSoScr1yf08NugSKp sDqh3QFD16JXMcNMokWv44GrK1856rUFYOt6+7GYUnYSnISqratfrN3ZR0rLWevuF3cJ 8V5w== X-Gm-Message-State: AKS2vOx0RygO3XX4fRZIhNB3AJ+Rgh7gkFYtfuf/ysb4+Jxo6dni2t3D bLoX4NTcY0XvhtNT X-Received: by 10.55.56.133 with SMTP id f127mr15105432qka.122.1498306930683; Sat, 24 Jun 2017 05:22:10 -0700 (PDT) Received: from oko.bagdala2.net (dynamic-acs-24-101-116-96.zoominternet.net. [24.101.116.96]) by smtp.gmail.com with ESMTPSA id o93sm5342660qte.41.2017.06.24.05.22.09 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sat, 24 Jun 2017 05:22:10 -0700 (PDT) Date: Sat, 24 Jun 2017 08:22:07 -0400 From: Predrag Punosevac To: freebsd-questions@freebsd.org Subject: Re: LDAP Authentication and Authorization Message-ID: <20170624122207.I6hhRqP9F%punosevac72@gmail.com> User-Agent: s-nail v14.8.12 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Jun 2017 12:22:12 -0000 Hi Folks, Just to post the solution for the people who might stumble on my original post. I had a permission problem on the LDAP server certificate file which could not have been read by nslcd daemon. Original nslcd.conf file I posted is also not quite correct so his is the complete how-to. Note that you don't have to have openldap-client working at all to be able to authorize and authenticate to FreeBSD server using LDAP account only (ldap search will not work though). The most effective way to use PAM approach is to pkg install nss-pam-ldapd cd /usr/local/etc/ Edit nslcd.conf file to use OpenLDAP server side certificate to get user credentials. root@hera:/usr/local/etc # more nslcd.conf uid nslcd gid nslcd uri ldap://atlas.int.autonlab.org base dc=autonlab,dc=org # StartTLS ssl start_tls # CA certificates for server certificate verification tls_cacertdir /usr/local/etc/nslcd-certs tls_cacertfile /usr/local/etc/nslcd-certs/ca.crt Note that nslcd runs as nslcd user so the file /usr/local/etc/nslcd-certs/ca.crt must be readable by nslcd daemon root@hera:~ # ls -l /usr/local/etc/nslcd-certs/ca.crt -r-------- 1 nslcd nslcd 1448 Jun 23 22:21 /usr/local/etc/nslcd-certs/ca.crt enable nslcd daemon echo 'nslcd_enable="YES"' >> /etc/rc.conf start the daemon service nslcd start (note that for debugging purpose run as nslcd -d) Edit your /etc/nsswitch file and restart nsswitch root@hera:~ # more /etc/nsswitch.conf # # nsswitch.conf(5) - name service switch configuration file # $FreeBSD: releng/11.0/etc/nsswitch.conf 301711 2016-06-09 01:28:44Z markj $ # # group: compat group: files ldap group_compat: nis hosts: files dns netgroup: compat networks: files # passwd: compat passwd: files ldap passwd_compat: nis shells: files # services: compat services: files ldap services_compat: nis protocols: files rpc: files s/group: compat/group: files ldap/ s/passwd: compat/passwd: files ldap/ s/services: compat/services: files ldap/ To allow ssh login only edit /etc/pam.d/sshd by adding pam_ldap.so option root@hera:~ # more /etc/pam.d/sshd # # $FreeBSD: releng/11.0/etc/pam.d/sshd 197769 2009-10-05 09:28:54Z des $ # # PAM configuration for the "sshd" service # # auth auth sufficient pam_opie.so no_warn no_fake_prompts auth requisite pam_opieaccess.so no_warn allow_local auth sufficient /usr/local/lib/pam_ldap.so no_warn auth required pam_unix.so no_warn try_first_pass # account account required pam_nologin.so account required pam_login_access.so account sufficient /usr/local/lib/pam_ldap.so account required pam_unix.so # session session required pam_permit.so # password try_first_pass password sufficient /usr/local/lib/pam_ldap.so try_first_pass password required pam_unix.so no_warn try_first_pass Make sure the above uses correct format (tab separators). Note that uses will not be allowed if her/his shell (specified in LDAP data base) is not installed/linked and home directory (specified in LDAP data base) not mounted (see security/pam_mkhomedir for work around). Also LDAP server from the base of OpenBSD doesn't allow password change. Enjoy, Predrag From owner-freebsd-questions@freebsd.org Sat Jun 24 12:28:15 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 745F9D9DF71 for ; Sat, 24 Jun 2017 12:28:15 +0000 (UTC) (envelope-from stdin@niklaas.eu) Received: from mx.box-hlm-03.niklaas.eu (mx.box-hlm-03.niklaas.eu [IPv6:2a02:2770:15:0:21a:4aff:feaa:e902]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4030567939 for ; Sat, 24 Jun 2017 12:28:15 +0000 (UTC) (envelope-from stdin@niklaas.eu) X-Virus-Scanned: amavisd-new at niklaas.eu DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=niklaas.eu; s=default; t=1498307285; bh=AYUjnUOXyD60+FQzNTqeWSnvZl3vMNoDkJJFD73wpSI=; h=Date:From:To:Subject:References:In-Reply-To; b=f5LrHYMqDOuB8tzhKFVd5jwPYuUKz7Pz8fS9voRfsbAzXjVT1IM+GTeBQRNvv4gnl occxISB28aRkaIey492DAKX1L7UEJPnrBPvILQEHj2jWrk6VfRA8rRRiJYen5JomVc z+QFAmyt6NlwueypCr0xlKlptMqxb0Vc5790KBps= Date: Sat, 24 Jun 2017 14:28:05 +0200 From: Niklaas Baudet von Gersdorff To: freebsd-questions@freebsd.org Subject: Re: Building my own poudriere build system Message-ID: <20170624122804.d5cx7n446zqqs67z@box-hlm-03.niklaas.eu> Mail-Followup-To: freebsd-questions@freebsd.org References: <20170622160501.piqo5hsfwzx7gpvk@box-hlm-03.niklaas.eu> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="p674bpfnuw2tuwwo" Content-Disposition: inline In-Reply-To: X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Jun 2017 12:28:15 -0000 --p674bpfnuw2tuwwo Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Bradley T. Hughes [2017-06-23 08:01 +0200] : > I build in the cloud. Like you, I use an EC2 instance with > poudriere and multiple versions of jails to test > changes/patches. I haven't gone as far as to copy the packages > to S3, though. My builder is running 24/7, and I've been using > spot instances to keep the cost down despite using an > m4.2xlarge. I haven't thought about spot instances yet. They would be great to further reduce costs. Thanks for sharing the idea! > I like your Terraform skeleton. I have often wanted to do > something similar, but never gotten around to it. I am curious > how far you will be able to take it. I would really like to get to the point that the EC2 instance is only up and running (creating costs) when it builds ports. I don't have to create packages that regularly, maybe 2-5 times per month, thus paying for a powerful instance 24/7 really doesn't make sense. The main problem I face at this stage is that creating the ARMv6 jail for crossbuilding already takes 1-2 hours each time I spin up the instance. Each time I deploy the infrastructure the jails I use for building must be created again. I already tried storing the jails on S3 too, but that's not really a time saver... So, my new idea is to attach an additional *permanent* EBS drive that can be re-attached each time a new EC2 instance is deployed. On the EBS there is a ZFS filesystem that stores the jails. This will generate additional costs but should be a huge time saver. > Thanks for sharing! I'm glad I'm not the only one using EC2 for > building ports :) Yes, great to see that I am not alone with that approach too. :-) Feel free to contribute if you find time (in my next commit I'll add a proper license). Niklaas --p674bpfnuw2tuwwo Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAABCAAGBQJZTlrOAAoJECmqaRXQsC2fIioQAM+igkdZfiXjh/IW63hkZluc lW0cuPJr8VDQ02UCBrRmAEDFXbn4KdiRArRXJtBOZ5lJPy6IJ3K8+g+sH6v0aMJe Xnw2UmFf+UX0nkyd/zsrMT54RBBiRJ3eP667UP0DIXgCI70TtaHwiR+aV5/6/ZF/ Et6cjqVrdZOzb81Fz/rSqk/BibOu831+7onwPOIhytpL9ySIadiQCYInW0//TSLW w/5PeZ77TCuadzstjkGa8h8OD9TkyPbzuGAYih56dPBTSXB3Y3f3HBKlhm9xjM2+ jmNQJwDHG0Pq+AquWAExWNR9fcxcEQK8XxB9FS4iRF5YOLyUekicHe23pcZ8cg8/ xDtRPaaQbMy+Upnh8BwsJ/66/WKeP1bwxyQp1rO+JpN8+Dhfs0T4Z9flougG/VO6 zTZGdTg9Av4V5zIvVj7FurfA5iHoQEtcBn/PmVZBjBA/Er92E6pPDcSwLojAcUlR 3ABg9F30DI2uPEzf/aY4hax3DwK0o/t2SLDPJ6GOC6U5LQFnMSXHTTRcxbS8AfWS OUx5rFFnetAt11AVFAPBehQFTLLyTG8oMWgd1fBQ73y5pCt2P85XQt8HAEbIj0w4 rCQczbXc4bwYmGbDXm1ocIIsfZim7sJu56d8BZgX5Ef1pjtD/WHq1vcaEdF92m9+ FT4HiwGMGXH+SgCfn3yM =Mffz -----END PGP SIGNATURE----- --p674bpfnuw2tuwwo--