I wrote this post late one night while pondering how to solve this problem. I may have solved it with much less effort. I want to copy a zroot from old drives to new drives. The new drives are in a test box of mine. Once the new drives are configured, I will replace the existing mirror with them. Not shown here, I have already installed FreeBSD 12.1 on the new drives. I […]
replacing an existing zroot with a proper zroot Read More »
Today I was updating some servers. One of them was rebooted three times. On the third time, one of the drives went missing. This is how I tracked down which drive, and which slot in the server, and fixed it. I’m writing it mostly so I can remember how to flash the light on the drive. There is also an off-by-one issue to avoid. In this post: FreeBSD 12.1 sesutil ZFS Supermicro 846
ZFS: adding a drive back into the zpool Read More »
I’m in the final stages of the FreshPorts packages project. One of the last tasks is clearing the packages cache from disk when new package information is loaded into the database. See also: Clearing the packages cache ZFS when you’re not doing ZFS Several of the configuration items have been learned from putting my poudriere instance into a jail. In this post: FreeBSD 12.1 py37-iocage-1.2_5 If I was to do this cache clearing
using zfs rollback for cache clearing Read More »
Be warned, this failed. I’m stalled and I have not completed this. I’m going to do jails within a jail. I already do that with poudriere in a jail but here I want to test an older version of iocage before upgrading my current jail hosts to a newer version. In this post: FreeBSD 12.1 py36-iocage-1.2_3 py36-iocage-1.2_4 This post includes my errors and mistakes. Perhaps you should proceed carefully and read it all
Creating a ZFS dataset for testing iocage within a jail Read More »
You’ve seen it. A package gets installed. Some shell scripts are included. They get modified. It happens. But how do you know what has changed? I know there is a tool in pkg for this. I know there is a periodic script which uses it. Let’s go looking. In this post: FreeBSD 12.1 periodic $ cd /usr/local/etc/periodic/ $ find . | grep checksum ./security/460.pkg-checksum There it is! Looking inside, I found pkg check.
What files installed by this package have been modified post-install? Read More »
FreshPorts runs on a FreeBSD server which hosts multiple jails. Two of these jails run PostgreSQL server. When upgrading from one version of PostgreSQL to another, we run pg_dump in the new jail, and load the backup into that database server. I’m writing this blog post to keep track of this procedure so I do not have to remember it each time. take website offline sudo mv mv offline.conf.disabled offline.conf && \ sudo
Migrating FreshPorts from one db server to another Read More »
Today I found this annoying situation on FreeBSD 12.1 in a FreeBSD 12.0 jail (neither of which are directly relevant to the problem at hand). [dan@serpico:~] $ sudo pkg audit -F vulnxml file up-to-date pkg: vulnxml parsing error: no element found pkg: cannot process vulnxml After a bit if thinking, I figured the vulnxml file was corrupt. I guessed it might be in /var/db/pkg: [dan@serpico:/var/db/pkg] $ ls -l total 5226 -rw-r–r– 1 root
pkg: vulnxml parsing error: no element found Read More »
Today I found out about a vuln in net/py-urllib3. Nagios told me: Checking for security vulnerabilities in base (userland & kernel): Host system: Database fetched: Tue Nov 26 18:23:32 UTC 2019 py36-urllib3-1.22,1 I logged into that host and ran a pkg upgrade py36-urllib3. What other hosts have that installed? There. That’s the hosts I have to update. How about a list for csshX? Ideally, I’d like to take the query output, and construct
Which hosts have this vuln package installed? SamDrucker knows. Read More »
Today this Nagios alert showed up: I admit it. I have not patched my micro code before. I’m doing it only because it turned up in Nagios. Browsing to that URL, I found “Starting with version 1.26, the devcpu-data port/package includes updates and mitigations for the following technical and security advisories (depending on CPU model).”. Looking on FreshPorts, I found that port. I built it. I installed it on all hosts. I followed
patching your Intel CPU Microcode using FreeBSD ports Read More »
This post has been replaced by a newer post. For future reference, this is the knew server … oh wait, I think it’s this server which is was mounted in the 4U chassis mentioned in this post. It runs a few jails, including Bacula regression testing services. It is now mounted in a SuperChassis 846E16-R1200B This is the previous post for this system configuration. Photos of the assembly. File systems Paritions zpools Those