hacking on iocage

Leave a Comment / FreeBSD, iocage, Open Source / By /

Today is the day after BSDCan 2019. The power cables and extension cords from the hacking lounge have been laid to rest in an Ottawa basement until next year. Sitting in my parents garden, I noticed some Nagios cert warnings: I logged into my certificates server (the website from which all my hosts download their certs). The cert looked OK: [dan@webs01:/usr/local/www/certs.unixathome.org/www/certs/x8dtu.unixathome.org] $ ls -l total 14 -rw-r–r– 1 rsyncer rsyncer 1647 May 11 […]

hacking on iocage Read More »

pkg: http://vuxml.freebsd.org/freebsd/vuln.xml.bz2: No address record

Leave a Comment / FreeBSD, py-iocage / By /

I’ve been making use of some FreeBSD-provided scripts within my Nagios monitoring. Recently, I started seeing a problem after some jail maintenance. This post is about that problem and the fix. Full disclosure: the issue was not what I thought it was and I did not solve it. I’m using: FreeBSD 11.2-RELEASE-p9 The scripts are: 405.pkg-base-audit 410.pkg-audit Where are they from? $ pkg which /usr/local/etc/periodic/security/405.pkg-base-audit /usr/local/etc/periodic/security/405.pkg-base-audit was installed by package base-audit-0.3 You don’t

pkg: http://vuxml.freebsd.org/freebsd/vuln.xml.bz2: No address record Read More »

Mount your ZFS datasets anywhere you want

Leave a Comment / ZFS / By /

ZFS is very flexible about mountpoints, and there are many features available to provide great flexibility. When you create your second zpool this is what it might look like: $$ zfs list -r main_tank NAME USED AVAIL REFER MOUNTPOINT main_tank 893G 3.52T 96K /main_tank main_tank/data 786G 3.52T 88K /main_tank/data main_tank/data/dvl 755G 3.52T 755G /main_tank/data/dvl main_tank/data/freshports 31.4G 3.52T 88K /main_tank/data/freshports main_tank/data/freshports/backend 3.11G 3.52T 88K /main_tank/data/freshports/backend This is a pool I created long ago, but

Mount your ZFS datasets anywhere you want Read More »

Moving your IMAP server to a third party: FastMail

Leave a Comment / Mail / By /

I am moving my existing IMAP services to a third-party, specifically FastMail. I started this process back in March 2017 when I signed up with FastMail. I did a mail migration then, but never proceeded. At present I am hosting my own IMAP server, via Dovecot, RoundCube, and Postfix, running in a FreeBSD jail. I got out of running a public incoming mail server back in 2010. It has been nearly 9 years

Moving your IMAP server to a third party: FastMail Read More »

Adjusting the TTL on domain records

Leave a Comment / DNS, nsupdate / By /

I am about to make changes to my mail servers. I am changing third-party providers. In anticipation of this change, I will drop the TTL on my DNS MX records. This should minimize the time it takes for this change to take effect. I say should because not all servers honor the specified TTL. I started with one of my lesser used domains, to make sure I had the nsupdate commands correct. Here

Adjusting the TTL on domain records Read More »

Setting up a new Dovecot server on FreeBSD with an OSX mail.app client

Leave a Comment / dovecot, Mail, Postfix / By /

I have used Dovecot as my IMAP server since 2007. It has always been reliable and useful. Recently, I wanted to move my IMAP server to one host to another. I am the only user on this IMAP server. Wait, not I’m not, there are some test accounts on here, mostly used to verify that IMAP is running properly, but that’s no my point. The point is: we’re not moving thousands of accounts,

Setting up a new Dovecot server on FreeBSD with an OSX mail.app client Read More »

Converting thin jails to thick jails

Leave a Comment / ezjail, FreeBSD, iocage, Jails, Open Source, ZFS / By /

I have been using ezjail since at least 2008 (see earlier blog post). A few years ago, I started deploying iocage on new servers. About three months ago, I starting converting systems from ezjail to iocage. When I converted my first system, I found that the existing documentation for conversion was incomplete. Specifically, symlinks were a problem. I raised an issue and wrote a better script which I have since used on a

Converting thin jails to thick jails Read More »

using syncthing between my OSX laptop and my FreeBSD server

Leave a Comment / Open Source, syncthing / By /

We know the routine. You have a desktop, and a laptop, or perhaps two laptops. You want your files in both places. A shared, remotely mounted directory is not ideal. Instead, let’s have the systems synchronize themselves. That’s where syncthing comes in: Syncthing replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is

using syncthing between my OSX laptop and my FreeBSD server Read More »

Getting ‘FreeBSD-10.2 is vulnerable’ messages on a 12.0 host

2 Comments / Nagios, nrpe, Open Source / By /

I started playing with /usr/local/etc/periodic/security/405.pkg-base-audit as part of a monitoring system. It works fine from the command line, but when I use Nagios plugins, I am getting unexpected results. By unexpected, I mean messages about FreeBSD 10.2. The host in question runs FreeBSD 12.0. The problem cannot be reproduced on the host, only from the Nagios monitoring host. Oh wait, the Nagios monitoring host is a jail on the host in question. That

Getting ‘FreeBSD-10.2 is vulnerable’ messages on a 12.0 host Read More »

slocum – the new : assembly details

Leave a Comment / hardware / By /

This covers the facts regarding the list of things to do on Server Build Saturday. The slocum – the new hardware changes occurred on 2 February 2019, with the help of a guy I’ve known since my early days in PA. jb33z did the heavy lifting, both of the chassis and of the HDD. He moved all the HDD from the old server to the new server. I did the SSDs, which were

slocum – the new : assembly details Read More »

Scroll to Top