Background I was asked to comment on the following: Our software is built and maintained by about 20 engineers, and runs in production on dozens of servers in a remote data center. One problem we frequently face is identity and access management on these servers – our engineers occasionally need to directly access the servers (via SSH) to debug an issue or perform maintenance, but often find that their key is not installed […]
ssh key management Read More »
I tried this today, creating an 8.3-RELEASE jail for poudriere: $ sudo poudriere jail -c -v 8.3-RELEASE -j releng_8_3 ====>> Creating releng_8_3 fs… done ====>> Fetching sets for FreeBSD 8.3-RELEASE amd64 fetch: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256: File unavailable (e.g., file not found, no access) fetch: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256: File unavailable (e.g., file not found, no access) ====>> Error: Failed to fetch from ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/8.3-RELEASE/base/CHECKSUM.SHA256 ====>> Error while creating jail, cleaning up. ====>> Removing releng_8_3 jail… done It failed. But
Want 8.3 in a poudriere jail? Nope. Read More »
Earlier today, I was reminded of a old series of tweets regarding temperature. That led me to this to a FreeBSD Forums post which showed me this interesting bit of information. I draw your attention to the two hw.acpi.thermal values near the top. Those may well represent the ambient room temperature, more or less. A little shell script. Some graphing. Bob’s yer uncle. # kldload coretemp # sysctl -a | grep -i “temp”.
Monitoring temperature Read More »
I had a power failure at home tonight. The clients did not react well to the outage. They aren’t at home. They’re out there on the internets. Jul 9 01:02:49 tallboy openvpn[40792]: UDPv4 link local (bound): [AF_INET]10.233.228.194:1194 Jul 9 01:03:51 tallboy openvpn[40792]: UDPv4 link local (bound): [AF_INET]10.233.228.194:1194 Jul 9 01:04:53 tallboy openvpn[40792]: UDPv4 link local (bound): [AF_INET]10.233.228.194:1194 Jul 9 01:05:56 tallboy openvpn[40792]: UDPv4 link local (bound): [AF_INET]10.233.228.194:1194 Jul 9 01:06:58 tallboy openvpn[40792]: UDPv4
OpenVPN clients don’t react well when the server goes down Read More »
I’m running multiple concurrent poudriere builds on slocum. I see no problems doing this. [dan@slocum:~] $ uptime 9:51PM up 1 day, 6:37, 8 users, load averages: 30.38, 22.58, 11.87 [dan@slocum:~] $ ps auwx | grep sudo root 8877 0.0 0.0 48804 2616 1 I+ 9:45PM 0:00.01 sudo /usr/local/bin/poudriere bulk -j 92amd64 -f /usr/local/etc/poudriere.d/buildlists/knew -z knew root 61003 0.0 0.0 48804 2620 2 I+ 9:46PM 0:00.01 sudo /usr/local/bin/poudriere bulk -j 92amd64 -f /usr/local/etc/poudriere.d/buildlists/slocum -z
Running multiple concurrent poudriere builds Read More »
This may be one of the most important commands I have learned this month. It tells me where the packages will be fetched from.
Which repo will pkg install from on FreeBSD? Read More »
I have a custom patch for Nagios. I use poudriere for building my FreeBSD ports. EDIT: 2023-03-25 I have change the local for my patch files using a hook. See poudriere hooks – I am no longer using /usr/ports/distfiles/local-patches>; instead, I’m using /usr/local/etc/poudriere.d/local-patches. How can I combine the two? I asked that question on the FreeBSD Ports Mailing list. The answer came via IRC, from bsd-x. He introduced me to the concept of
FreeBSD custom port patches when using poudriere Read More »
Last night, and again this morning, I thought my inbox was rather light. When I checked Nagios, I found out why. I saw two mail servers: nyi-vpn check_postfix_queue CRITICAL 06-10-2014 12:12:38 0d 12h 51m 40s 4/4 96 mail(s) in queue supernews-vpn check_postfix_queue CRITICAL 06-10-2014 12:11:10 0d 10h 48m 8s 4/4 124 mail(s) in queue It seems we have a problem. Checking the mail logs for one of those servers, I see the reason:
poudriere: options, it’s all about options Read More »
Every day for weeks I’ve been seeing these entries in my logs: I could ignore them, but that’s not in my nature. I want to know why this is occurring and fix it. Attempting to find the source, I started a tcpdump on the host: That wasn’t much help. I think I should have logged it to a file. After seeing the log messages again today, and while a little bit of unexpected
named: error sending response: host unreachable Read More »
I’m using FreeBSD 9.2 and Nagios 3.5.1. A few weeks ago I wrote about freebsd-update reminding you to upgrade your affected systems. Since then, freebsd-update has continued to send me false positives about upgrading. Suggestions have been made that I track down Colin Percival at BSDCan 2014, which starts in few days. However, I know at least four people have already arrived, two days before any official event, the first of which is
Nagios plugin for pkg audit (replacing portaudit) on FreeBSD Read More »