From owner-freebsd-stable@FreeBSD.ORG Fri Jun 22 08:39:28 2012 Return-Path: Delivered-To: Freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 41082106566B; Fri, 22 Jun 2012 08:39:28 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 0572E8FC0C; Fri, 22 Jun 2012 08:39:27 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa06.fnfis.com (8.14.4/8.14.4) with ESMTP id q5M8dQDp011217 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 22 Jun 2012 03:39:26 -0500 Received: from [10.0.0.105] (10.14.152.61) by smtp.fisglobal.com (10.132.206.15) with Microsoft SMTP Server (TLS) id 14.2.283.3; Fri, 22 Jun 2012 03:39:25 -0500 MIME-Version: 1.0 (Apple Message framework v1257) Content-Type: text/plain; charset="koi8-r" From: Devin Teske In-Reply-To: <4FE4245C.3040806@rdtc.ru> Date: Fri, 22 Jun 2012 01:39:23 -0700 Content-Transfer-Encoding: quoted-printable Message-ID: <90361FE2-2298-48E5-B8B6-2BA704781098@fisglobal.com> References: <2322BE6D-24A8-4F4A-84B2-4DFE33BCA65B@fisglobal.com> <4FE3EB9D.9070509@fuzzwad.org> <4FE419CD.60708@rdtc.ru> <4FE4245C.3040806@rdtc.ru> To: Eugene Grosbein X-Mailer: Apple Mail (2.1257) X-Originating-IP: [10.14.152.61] X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.7.7855, 1.0.260, 0.0.0000 definitions=2012-06-21_07:2012-06-22, 2012-06-21, 1970-01-01 signatures=0 Cc: McDowell , Devin Teske , Freebsd-stable@freebsd.org, Ron Subject: Re: [CFT] Need Testers for: sysutils/bsdconfig X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Devin Teske List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jun 2012 08:39:28 -0000 On Jun 22, 2012, at 12:53 AM, Eugene Grosbein wrote: > 22.06.2012 14:37, Devin Teske =D0=C9=DB=C5=D4: >=20 >>> 5. Same for vlan16. For vlan9 is shows right 'IEEE 802.1Q VLAN network = interface'. >>> It should work same way for vlan1-vlan4095 interfaces at least. >>>=20 >>=20 >> I'd like to know if the sysctl MIB's for describing network interfaces i= s reliable. Maybe I'll keep the static list as a fallback. But yes, you're = absolutely right -- I should have supported up to 5 digits even (ifconfig h= as internal limits of 16-bit unsigned integer for the interface instance-nu= mber). >>=20 >>=20 >>> 6. Same for ipfw0 pseudo-interface. >>>=20 >>=20 >> Curious what sysctl says about it. >=20 > I do not know what sysctl subtree do you refer to. >=20 If you're using em(4) device, try: sysctl dev.em.0.%desc Otherwise (for example), if using fxp(4), try: sysctl dev.fxp.0.%desc Or for your vlan: sysctl dev.vlan.16.%desc And try for your ipfw(4) interface: sysctl dev.ipfw.0.%desc Are each of those meaningful? NOTE: They aren't available unless you have the hardware -- so I can't (for= example) try "sysctl dev.fxp.0.%desc" unless I have an fxp0 device display= ed in ifconfig(8). >>> 7. Networking Devices configuration does not allow to configure any int= erface >>> while there are mounted NFS volumes. Should present a warning only, not= disallow the operation. >>=20 >> Did I completely disallow it? >=20 > Yes. >=20 >> I'll have to re-check -- I thought that I had made it so that you could = view/edit the configuration but that the warning says that changes will not= become effective until you either reboot or visit the menu again when no N= FS mounts are active. >>=20 >>=20 >>> For example, it should be possible to configure new vlan interface whil= e NFS mount >>> uses another clan. >>>=20 >>=20 >> Do you know of a handy way of determining which NFS mount is using which= network interface? And further, is there a handy way of traversing the rou= te path to determine that one interface isn't required as an intermediary t= ransit device? (meaning: can one truly ever know that making a new configur= ation active on any interface could not potentially drop your entire machin= e from the net with hung NFS mounts?) >>=20 >> Many months of testing in the lab produced no less than 6 edge-cases whe= re -- if a network link or route is modified when NFS mounts are active -- = the machine can enter an unstable/unusable state. >>=20 >> So we decided to err on the side of caution when it came to allowing set= tings to be made-active when NFS mounts are active. >>=20 >> I'm not against improving the code, but I'm wondering if it wouldn't be = safer to stick to disallowing any/all changes from being made-active (while= allowing viewing/editing without making-active) when NFS mounts are active. >>=20 >> NOTE: There are other safe-guards too. For example, if you're logged in = via SSH and using X11 forwarding while passing the "-X" flag (to use Xdialo= g(1)), you are disallowed from making a new hostname active (you can change= the hostname, but not make it active) because that would cause the very ne= xt iteration of Xdialog(1) to fail due to a surreptitious X authority revoc= ation based on the hostname-change in mid-session. >=20 > I'm sure that bsdconfig should emit warnings only but not disallow root t= o make any needed changes. I'm inclined to agree. FreeBSD should not prevent you from being stupid (as= someone once told me). I should change the errors to warnings and allow th= e user to [potentially] hose their connection given ample warning/chance-to= -back-out. > NFS may use completly unrelated routes/interfaces, X11 may be user over n= etwork without ssh -X etc. Got that one covered actually -- you can tell when a user is using X11 forw= arding versus X11 local. > It's pretty annoying for administrator to fight with tools thinking they = know better what root should do. >=20 >>> 8. In DNS Nameserver Configuration, it's not clear that one, in fact, >>> can remove unneeded DNS server through two-step procedure - first try t= o edit, >>> then clear the address. It should be more obvious at first. >>>=20 >>=20 >> Can you have a look at "bsdconfig startup_rcconf" and see if that's a be= tter way to go about the deletion-process? >>=20 >> Or perhaps you're just advocating a helpful message in the text above th= e menu list that explains how to delete the item? (least amount of work) >=20 > Again, just a message. >=20 Ok, cool. Thanks again, --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.