Which hosts have this vuln package installed? SamDrucker knows.

Leave a Comment / FreeBSD, Open Source, Security / By /

Today I found out about a vuln in net/py-urllib3. Nagios told me: Checking for security vulnerabilities in base (userland & kernel): Host system: Database fetched: Tue Nov 26 18:23:32 UTC 2019 py36-urllib3-1.22,1 I logged into that host and ran a pkg upgrade py36-urllib3. What other hosts have that installed? There. That’s the hosts I have to update. How about a list for csshX? Ideally, I’d like to take the query output, and construct […]

Which hosts have this vuln package installed? SamDrucker knows. Read More »

patching your Intel CPU Microcode using FreeBSD ports

Leave a Comment / FreeBSD / By /

Today this Nagios alert showed up: I admit it. I have not patched my micro code before. I’m doing it only because it turned up in Nagios. Browsing to that URL, I found “Starting with version 1.26, the devcpu-data port/package includes updates and mitigations for the following technical and security advisories (depending on CPU model).”. Looking on FreshPorts, I found that port. I built it. I installed it on all hosts. I followed

patching your Intel CPU Microcode using FreeBSD ports Read More »

Reviewing /var/log/pflog contents

Leave a Comment / DNS, named, pf / By /

I use pf as my packet filter. Everything blocked gets logged to /var/log/pflog.conf Late last week, I noticed my rules were allowing everything in on one interface. I changed that. Overnight I see that my Let’s Encrypt certificate renewals failed. Nagios also tells me that the DNS servers are not in sync. I suspect firewall rules. Reviewing pflog It is because I use: block log all in /etc/pf.conf pflog_enable=”YES” in /etc/rc.conf that I

Reviewing /var/log/pflog contents Read More »

knew

Leave a Comment / Disks, FreeBSD, hardware, Open Source, ZFS / By /

This post has been replaced by a newer post. For future reference, this is the knew server … oh wait, I think it’s this server which is was mounted in the 4U chassis mentioned in this post. It runs a few jails, including Bacula regression testing services. It is now mounted in a SuperChassis 846E16-R1200B This is the previous post for this system configuration. Photos of the assembly. File systems Paritions zpools Those

knew Read More »

zpool degraded – one drive missing from system

Leave a Comment / Disks, FreeBSD, Open Source, ZFS / By /

I rebooted knew yesterday for upgrades. When it came back, the main storage zpool was degraded: Is the drive alive? The drive is not listed at all in /var/run/dmesg.boot. I keep a list of the expected drives in /etc/periodic.conf, for use by a Nagios check: [dan@knew:~] $ /usr/sbin/sysrc -nf /etc/periodic.conf daily_status_smart_devices /dev/da22 /dev/da21 /dev/da20 /dev/da19 /dev/da18 /dev/da17 /dev/da16 /dev/da15 /dev/da14 /dev/da13 /dev/da12 /dev/da11 /dev/da10 /dev/da9 /dev/da8 /dev/da7 /dev/da6 /dev/da5 /dev/da4 /dev/da3 /dev/da2 /dev/da1

zpool degraded – one drive missing from system Read More »

Creating a drive-bay map

Leave a Comment / Disks, FreeBSD, Open Source, ZFS / By /

When the time comes to replace a drive, it is very nice to know which drives is missing. I created this drive map to help me figure out which drive disappeared. I created this drive-bay map using a combination of: zpool status sesutil map lsblk camcontrol /var/run/dmesg.boot I have not included /var/run/dmesg.boot here. If you click on this image, you’ll see a larger version which is easier to read. I went through sesutil

Creating a drive-bay map Read More »

slocum

1 Comment / hardware / By /

This post has been replaced by a new one. For reference, the previous post on this server is still available. FYI, this server is named after Joshua Slocum, who was the first person to sail single-handedly around the world. This server was upgraded on Feb 2 2019. Only the storage persisted. Everything else was upgraded. The hardware M/B – Supermicro X9DRE-TF+ RAM – 128GB composed of 8x 16GB DDR3 1600Mhz 21300 ECC/REG CPU

slocum Read More »

zfstools & sanoid – snapshots on the local host

Leave a Comment / General, sanoid, snapshots, zfstools / By /

I’m going to implement zfstools on all my ZFS-based hosts today. I first started using this tool in July 2019. In this post: FreeBSD 12.0 and 12.1 zfstools 0.3.6_1 sanoid-2.0.1_2 Local snapshots only I will be using zfstool only for creating local snapshots. If I wanted snapshots for sending to other hosts, I would probably use a tool such as sysutils/sanoid, which is policy-driven solution for snapshot management and replication. For now, there

zfstools & sanoid – snapshots on the local host Read More »

SATA: Avoid molded ATA adapters, instead, use crimped-on connectors

Leave a Comment / hardware / By /

When I set up the R720 with internal SSDs, I used a SATA power splitter, a Y-shaped cable. Today I replaced it because of a known fire-hazard. I received an email from a reader urging me to replace it and supplied a reference to a known good cable. I happened to have that very cable. It turned out, I needed, and had, two of them. In general, you want to avoid molded SATA

SATA: Avoid molded ATA adapters, instead, use crimped-on connectors Read More »

r720

Leave a Comment / DELL, hardware, R720 / By /

This host has been retired. The services were distributed amongst r730-01 and r730-03. This host was often referred to as r720 or r720-01 (after r720-02 appeared on the scene) This replaces a previous post. I’ve been given a Dell PowerEdge 720. It contains: 6 x 400GB SAS SSDs – data01 zpool 2 x 100GB SAS SSDs – unused – I think this is da0 and da1 2 x 80GB SATA SSDs – zroot

r720 Read More »

Scroll to Top