Search Results for: bacula

Turning off SASLCLIENT for databases/mysql57-client

Leave a Comment / poudriere / By /

This started off as a Twitter thread earlier this morning. databases/mysql57-client has an optional dependency on security/cyrus-sasl2 which defaults to on. Let’s try turning that off and see if it also removes openldap-client from the dependency list. Why? I install net-mgmt/nagios-plugins in just above every jail and host. Even hosts which don’t use MySQL. I use poudriere to build all my own packages. I added this entry: # Trying to avoid pulling in […]

Turning off SASLCLIENT for databases/mysql57-client Read More »

How I took my name servers offline by adding a new hostname

Leave a Comment / DNS, named / By /

To be fair, the name servers weren’t offline, just the two zone files I amended. The effect: none of my services at home were available to anything at home. The other day, I was working on some procedures for adding a jail to a host and then a jail within that jail. I wanted to document the procedure to make it easier to implement when the time comes. The first step, create the

How I took my name servers offline by adding a new hostname Read More »

Fixing vulns in poudriere jails

Leave a Comment / poudriere / By /

This post was originally a few tweets. It’s not really about upgrading vulnerabilities in poudriere jails either. Read this as if each paragraph was a tweet. When a FreeBSD security alert comes out, or a package is marked as vulnerable, I try to get that fixed as soon as I can. Even if not using the feature. Sometimes a vuln can be leverages against something you are using. Patch it. When it comes

Fixing vulns in poudriere jails Read More »

OpenVPN: unsupported certificate purpose

Leave a Comment / OpenSSL, OpenVPN, ssl-admin / By /

See also SSL client vs server certificates and bacula-fd. I use OpenVPN since at least 2008 – now going on 13 years. I find it to be reliable and stable. A few days ago, I added another client to a VPN. I run this particular network with self-signed certificates which I create using ssl-admin – I find it particularly useful for this purpose. The problem Away I went, creating a new certicate, bundled

OpenVPN: unsupported certificate purpose Read More »

Moving zroot/usr/local to zroot/usr

Leave a Comment / bectl, FreeBSD, freebsd-update, ZFS / By /

Today I was updating a FreeBSD server from 12.2 to 13.0 – I was using a new approach for my upgrades. This was my second host to upgrade like this. The first went smoothly. This one, not so much. NOTE: this turned out to be insufficient because /usr was mounted: [dan@slocum:~] $ zfs get canmount zroot/usr NAME PROPERTY VALUE SOURCE zroot/usr canmount on received This system was manually converted, poorly, to a BE

Moving zroot/usr/local to zroot/usr Read More »

Creating a vnet jail

Leave a Comment / Networks, Open Source / By /

In this post I will be creating a ‘new’ jail which uses vnet. I say ‘new’ because I am actually Converting an iocage jail to a vanilla jail which happens to use vnet. NOTE: HEADS UP: I failed to get this to work. I’m still going to post it though. What I did wrong: I should not have used ix1 – that’s the wrong NIC to use. This needs to use an active

Creating a vnet jail Read More »

Moving some ZFS filesystems to the ‘trash’ and removing all their snapshots – sanoid

Leave a Comment / FreeBSD, Open Source, sanoid, snapshots, ZFS / By /

I recently discovered that you can delete all snapshot from a ZFS filesystem with a single command. It came to me via fortune: You can delete a range of ZFS snapshots (a-z) in multiple ways. The following will delete d and all earlier snapshots: zfs destroy mypool/data@%d To delete d and all later snapshots: zfs destroy mypool/data@d% To delete all dataset snapshots: zfs destroy mypool/data@% Make sure to let ZFS perform a dry

Moving some ZFS filesystems to the ‘trash’ and removing all their snapshots – sanoid Read More »

Converting an iocage jail to a vanilla jail

3 Comments / iocage, Jails, py-iocage / By /

Tonight I got blocked by iocage and handling a ZFS filesystem from within an iocage jail. These are the steps I followed to convert that jail from iocage to a vanilla jail. The variable To make this solution easier to use, at least for me, on future jail migrations, I have these variables: For example, my devgit-nginx01 jail is at: [dan@knew:~] $ zfs list system/iocage/jails/mysql56 NAME USED AVAIL REFER MOUNTPOINT system/iocage/jails/mysql56 11.5G 20.6T

Converting an iocage jail to a vanilla jail Read More »

nut – testing shutdown and startup

7 Comments / nut, UPS / By /

Today I tested the shutdown but was mostly concerned by the startup. I wanted the hosts to start in a specific order. I lived tweeted it and that thread is the basis for this post. The UPS has three groups of outlets: primary group, group 1, group 2. Each group has a On Delay setting. You could choose which gear to power on first. I have all mine set to zero, so all

nut – testing shutdown and startup Read More »

nut – testing the shutdown mechanism

Leave a Comment / FreeBSD, nut, Open Source / By /

Following on from my recent nut setup, this is the second in a series of three posts. The next post will deal with adjusting startup and shutdown times to be sure everything proceeds as required. I want to test the host shutdown mechanism without: unplugging the UPS from the mains powering off the UPS without powering off the servers I have just updated all the hosts and the jails on those hosts. This

nut – testing the shutdown mechanism Read More »

Scroll to Top