I have obtained a Dell R720 containing 10 x 400GB SSDs. The drives are connected to a RAID controller (H710P) which cannot do JBOD / IT mode. This means the drives are effectively hidden from ZFS, which is never good. In this post: FreeBSD 12.0 ZFS Dell R720 SAS 9207-8i This post describes past work and future plans for this server as I get it ready to be a general purpose server running […]
Preparing the Dell R720 for ZFS Read More »
I have scripts for monitoring vulns in FreeBSD jails. They use third-party scripts. All I wrote was the Nagios part of the solution. I was preparing slides for my Why I prefer thick jails over thin jails talk at EuroBSDCon 2019. There is still time to register and attend. I was explaining my scripts and was providing links to gist.github.com … I realized I should create a repo: https://github.com/dlangille/freebsd-nagios-jail These scripts do the
scripts for monitoring vulns in FreeBSD jails Read More »
zi0r suggested I use hooks to accomplish my patches-outside-distfiles question. In this post: FreeBSD 12.0 poudriere 3.3.2 I started reading the documentation and played with the supplied sample files in /usr/local/etc/poudriere.d/hooks. For background, see FreeBSD custom port patches when using poudriere. Eventually I came up with this solution: mkdir during the start phase mount during the mount phase I put stuff into a gist first, then created this post. The hook This is
I was asked why I was exasperated with iocage: This is the list of issues where I found my name. A given issue may be listed multiple times. Oct 2017 – iocage upgrade is looping: https://github.com/iocage/iocage/issues/399 Jun 2018 – cannot run ‘iocage start’ from my home dir: https://github.com/iocage/iocage/issues/567 Aug 2018 – entries in fstab disappear: https://github.com/iocage/iocage/issues/595 Dec 2018 – Cannot install 12.0 in a jail: https://github.com/iocage/iocage/issues/715 Jan 2019 – iocages puts exec files
Today is the day after BSDCan 2019. The power cables and extension cords from the hacking lounge have been laid to rest in an Ottawa basement until next year. Sitting in my parents garden, I noticed some Nagios cert warnings: I logged into my certificates server (the website from which all my hosts download their certs). The cert looked OK: [dan@webs01:/usr/local/www/certs.unixathome.org/www/certs/x8dtu.unixathome.org] $ ls -l total 14 -rw-r–r– 1 rsyncer rsyncer 1647 May 11
I’ve been making use of some FreeBSD-provided scripts within my Nagios monitoring. Recently, I started seeing a problem after some jail maintenance. This post is about that problem and the fix. Full disclosure: the issue was not what I thought it was and I did not solve it. I’m using: FreeBSD 11.2-RELEASE-p9 The scripts are: 405.pkg-base-audit 410.pkg-audit Where are they from? $ pkg which /usr/local/etc/periodic/security/405.pkg-base-audit /usr/local/etc/periodic/security/405.pkg-base-audit was installed by package base-audit-0.3 You don’t
pkg: http://vuxml.freebsd.org/freebsd/vuln.xml.bz2: No address record Read More »
I have been using ezjail since at least 2008 (see earlier blog post). A few years ago, I started deploying iocage on new servers. About three months ago, I starting converting systems from ezjail to iocage. When I converted my first system, I found that the existing documentation for conversion was incomplete. Specifically, symlinks were a problem. I raised an issue and wrote a better script which I have since used on a
Converting thin jails to thick jails Read More »
I noticed some double timestamps in my logs recently. They started just after I upgraded the host to FreeBSD 12, but I am not convinced they are related. This is from /var/log/messsages: Jan 22 21:41:40 knew 1 2019-01-22T21:41:40.760533+00:00 knew.int.unixathome.org pkg 89351 – – py36-iocage-devel upgraded: 1.0.0.20181219,1 -> 1.0.0.20190122,1 They started late yesterday, this is from /var/log/maillog: Jan 21 22:28:58 knew 1 2019-01-21T22:28:58.677083+00:00 knew.int.unixathome.org postfix/anvil 42521 – – statistics: max connection rate 1/60s for
Double timestamps in logs Read More »
Today I will upgrade knew from FreeBSD 11.2 to FreeBSD 12.0. It so happens that this is my last server at home which is still running 11.2, but I do have another server still on 11.2, but that one is at NYI. This post isn’t so much about beadm or about freebsd-update. I have written about moving to a beadm layout, but if your zfs list output looks something like this, you’re good
Upgrading to FreeBSD 12.0 from FreeBSD 11.2 using beadm and freebsd-update Read More »
I use bind (Berkeley Internet Name Domain) as my DNS server. I am currently running bind 9.11.5P1 on FreeBSD 11.2-RELEASE-p8 in a jail, with iocage as my jail manager. The OS, jail, and jail manager should play no part in how this works. I have been collecting statistics from bind for some time. I have configured LibreNMS to collect the details via snmpd and they are plotted in a lovely looking graph. The
Collecting statistics from bind / named Read More »