FreeBSD – Page 29 – Dan Langille's Other Diary

Nov 3 2013

Nvi saved the file sudoers.tmp

Leave a Comment / FreeBSD / By Dan Langille / November 3, 2013

Have you ever seen a message like this? From: Nvi recovery program Subject: Nvi saved the file sudoers.tmp Date: November 3, 2013 6:48:00 PM EST To: root@slocum.example.org Reply-To: root@slocum.example.org On Thu Jul 25 18:55:42 2013, the user root was editing a file named /usr/local/etc/sudoers.tmp on the machine slocum.unixathome.org, when it was saved for recovery. You can recover most, if not all, of the changes to this file using the -r option to vi: […]

Nvi saved the file sudoers.tmp Read More »

Nov 3 2013

mounting the FreshPorts chroot within a jail

Leave a Comment / ezjail, FreeBSD, FreshPorts, Jails, Open Source / By Dan Langille / November 3, 2013

In my work on FreshPorts, I’ve learned more than the average non-committer about the FreeBSD ports tree and its oddities. Just about everything learns about a port it gets from ‘make -V’. Even this method can be fraught with difficulty. In an attempt to get the fairest information possible, FreshPorts uses a chroot solution, first proposed by Ryan Steinmetz . Previous posts about this particular solution can be found in the FreshPorts blog.

mounting the FreshPorts chroot within a jail Read More »

Oct 22 2013

doveadm cannot work without a tty

Leave a Comment / FreeBSD, Jails, Open Source / By Dan Langille / October 22, 2013

I got this message today: $ doveadm pw -s SHA512-CRYPT Enter new password: doveadm(dan): Fatal: open(/dev/tty) failed: No such file or directory It seems if you have no tty, you can’t create a password. Surely there is a better way to do this? # w 7:21PM up 19 days, 4 mins, 0 users, load averages: 0.48, 0.77, 0.67 USER TTY FROM LOGIN@ IDLE WHAT # That’s on a FreeBSD 8.4-RELEASE-p3 jail. To access

doveadm cannot work without a tty Read More »

Oct 22 2013

Interesting jail/OpenVPN reading

Leave a Comment / FreeBSD, Jails, Open Source, OpenVPN / By Dan Langille / October 22, 2013

Here are a few posts for future reading: How to add a jailed server to OpenVPN? Running OpenVPN in a ezjail jail Restarting OpenVPN in jail erase tun0 configuration OpenVPN Client in a jail

Interesting jail/OpenVPN reading Read More »

Oct 21 2013

Accessing every jail from a VPN

Leave a Comment / Jails, Open Source, OpenVPN / By Dan Langille / October 21, 2013

I’ve been meeting a few challenges with running an instance of bacula-fd in each of my jails. Most of them are related to networking. Perhaps my deployment strategies are imposing too many restrictions. The challenges arise on the jail hosts which are not behind my firewall at home. Each of those servers is accessible through a VPN, but the individual jails on those servers are not. The backup of the jail host is

Accessing every jail from a VPN Read More »

Oct 21 2013

ezjail-jail: making a full backup of a FreeBSD jail with Bacula

Leave a Comment / Backups, Bacula, ezjail, FreeBSD, Jails / By Dan Langille / October 21, 2013

I’ve been using Bacula since early 2004. I’ve been using FreeBSD since 1998. Jails are a relatively newcomer. I starting using it later in 2004. But it’s only recently that I’ve started using them intensively. Backups are always a touchy subject. With ezjail, the files you need to backup are greatly reduced. You’re not backing up the base OS, just the local files. I’ve created a fileset which seems to do the right

ezjail-jail: making a full backup of a FreeBSD jail with Bacula Read More »

Oct 15 2013

Using ezjail-admin archive to create a new jail, almost like an existing jail

Leave a Comment / ezjail, FreeBSD, Jails, PostgreSQL / By Dan Langille / October 15, 2013

I use FreeBSD Jails. I use them a lot. I have jails for websites. I have jails for regression testing, mail servers, OpenVPN servers, etc. I like jails for many reasons. One of which is being able to create a new jail which is pretty much identical to another jail, except for a few things. In this case, I wanted to create a new jail to do regression testing for Bacula, the best

Using ezjail-admin archive to create a new jail, almost like an existing jail Read More »

Oct 9 2013

Postfix client certificate verification

Leave a Comment / FreeBSD, Mail, Open Source, Postfix / By Dan Langille / October 9, 2013

I decided to set up some of my mail servers to require certification authentication on the submission port (587). In my case, I want to forward mail from my server at home to my public servers out there on the Internet. I don’t want just anyone to be able to submit mail here, so the easiest way for me do to this was with certification. I could have done it with IP addresses,

Postfix client certificate verification Read More »

Oct 4 2013

different times despite running ntpd

Leave a Comment / FreeBSD, Nagios, nrpe / By Dan Langille / October 4, 2013

Last week, while at EuroBSDCon in Malta, I noticed that one of my servers had the wrong time. It was Bacula who told me, through this message in one of the backup jobs: 28-Sep 21:59 nyi-fd JobId 144899: DIR and FD clocks differ by -5 seconds, FD automatically compensating Fixing the time I connected to all my systems, and ran date(1). One system was by 2 seconds, and another was off by 5

different times despite running ntpd Read More »

Oct 4 2013

Things to do

Leave a Comment / FreeBSD, Mail, Open Source, Postfix / By Dan Langille / October 4, 2013

I have a number of things I want to get done in the short term: remove the mail server on my gateway box at home and start using a mail server on an internal box Configure my external mail servers (out there on the Internet) to use TLS when talking to each other Configure those same servers to accept mail from that new internal mail server Stop using Postfix on servers which only

Things to do Read More »