SpreadBSD is a grassroots BSD advocacy project funded and set up by iXsystems to promote the use and spread the knowledge of FreeBSD. The group currently consists of 5 members. To learn more about them or to join their effort.
There isn’t much else to say but that we will be re-skinning this piggy to be more BSD like. Ultimately if this works for our need then I will arrange to have the bsdnews.com domain pointed at this location.
Thanks for everyone’s help.
by Chris Silva <email@example.com>
Absolute FreeBSD, 2nd Edition
The Complete Guide to FreeBSD
by Michael W. Lucas
Price: $59.95 USD
No Starch Press
This book is your typical FreeBSD book when it comes to the quality and quantity (744 pages) you have come to expect with any *BSD book. While geared towards running FreeBSD as a server, the content should easily translate to a desktop user. As I read through this book I found myself comparing it to the Grand-Daddy of FreeBSD books, The Handbook itself. Chapter 3 (Start Me Up! The Boot Process) is very well done giving great examples of the boot process, the loader files, and taking you for a walk on how to setup and use serial consoles. Near the end of this chapter the author goes darn-near line for line of the contents of the /etc/rc.conf file. While this could be along chapter, it’s kept short (wisly) by letting the user know that /etc/defaults/rc.conf is the file you need to look at for examples of what could be modify and added to /etc/rc.conf. While continuing to read this book however, I found the flow of topics didn’t seem to transition well. Case in point: Chapters 7, 8, and 9 (Securing Your System, Disks And FileSystems, and Advanced Security Features, respectively). These three chapters while well written, seemed to be out of place in both logic and flow. Chapters 12, 13, and 18 (Advanced Software Management, Upgrading FreeBSD, And Disk Tricks with GEOM) are the highlight of reading for me. Chapter 12 touches on topics such as SMP settings, schedulers, and Linux Emulation. Buried within this chapter is a great refresher for all. This section is the start-up and shut-down scripts. The example of a typical rc script is well done and the author does a great job dissecting the example. I found this chapter 13 (Upgrading FreeBSD) to be the most rewarding of the reading. I have been rebuilding and compiling FreeBSD since version 2.2.8 and have developed a long love-affair using the many ways of maintaining ports/packages/userland. While there isn’t one correct way to do these tasks, the author does a really great job of distinguishing what these tasks are, what they do, and why they do it. This book, like the other FreeBSD books I own, has not let me down when it comes to showing me a new way of doing an old task or defined explanation of how or why something is. That being said, a well rounded Unix Admin should read as many variations on the same subject matter as possible to develop a better understanding of the subject. This book adds another layer of understanding to your FreeBSD experience. The author put a lot of effort gathering and articulating the information in this book. I enjoyed it and it makes a great addition to my growing FreeBSD library.
by Michael Hernandez <firstname.lastname@example.org>
When I first picked up Designing BSD Rootkits from No Starch Press I was surprised. I first thought to myself, “This seems like such a light book for such a heavy topic… it’s a 136 page introduction to BSD Kernel Hacking! Surely a book on kernel hacking should be a massive and intimidating volume that reads like a man page? Or should it?”
My second surprise came when I turned to the introduction and found that I “should ‘theoretically’ be able to rewrite the entire operating system, on the fly” by the time I finished the book. It was then that I thought “Oh this must be for people who are already hacking Linux drivers and want to learn about the BSD kernel…” I read on to find that kernel hacking experience is neither required nor expected. I stared at the book with mixed feelings of cynicism and overwhelming curiosity.
Designing BSD Rootkits is packed full of examples that aim to teach the reader about topics which include loadable kernel modules, direct kernel object manipulation, kernel object hooking and runtime kernel memory patching. At the end of the book you’ll find a short chapter (approximately 6 pages long) about rootkit detection. An extensive review of the book’s contents is difficult due to the ratio of examples to text. If you could arrange the 136 pages so that the text and code were listed sequentially, you’d see about 10 pages of text with the balance being code. I am only slightly exaggerating; This book is basically all code examples and explanation of those examples. What better way is there to teach a topic than by example? For instance, why merely discuss a key logger? Why not show how to write one and see how it works? Why write about methods that can be used to hide a process when you can teach someone how to write, compile and run his or her own module that hides processes (or open TCP ports!). Are you excited yet?
Although I’ve finished the book and cannot say with any degree of confidence that I can rewrite FreeBSD on the fly, I can say that my initial feelings of FUD that I associated with kernel hacking faded with each code example. The author’s familiar tone and style helped me to relax and learn about what I once looked at as the dark cellar of my system. The cover of the book cleverly depicts the creating of a daemon-shaped “voodoo doll” from a “you do voodoo” kit. That’s basically what Designing BSD Rootkits is – a DIY voodoo kit, demystifying the dark scary magic that is kernel code. Never before have I felt more in touch with what is going on “under the hood”. In writing this book Joseph Kong has given us more than code snippets and links to man pages, he’s given us a path to understanding more about the operating system we use every day. Some might view books such as this to be dangerous. Simple tutorials on writing rootkits might open a door for trouble. Actually, however, this book opens a door for everyday admins to enter a more secure future.
By Mikel King <email@example.com>
First of all you will need to install the host OS, and in this case we are using Windows Server 2003X64 Standard Edition R2 which must include IIS, however could have easily been an approve Linux variant, or even the VMWare ESX solution. In either case it is probably a good idea to ensure that all of the patches and updates have been applied, I mean it is still Windows after all. The nice thing about running FreeBSD in an instance under VMWare Server or any other hardware virtualization platform is that the instance can be easily relocated to new physical hardware without much concern for that new hardware.
Launch the VMWare Server Console and proceed through the configuration of creating a new instance. A quick detour for just a moment, the console application uses port 902 TCP & UDP to connect to the VMWare Server System. Therefore, if your system has any sort of local firewall you might want to ensure that communication is allowed on those ports.
Regarding the configuration it helps to have some idea of what you would like to do with the guest server before you actually start. Yet for this situation let’s just role with the tutorial. Keep in mind that a general rule of thumb you should have 1GB of RAM physical available to allocate to each virtual machine you intend to run. However in my own personal experience that rule of thumb does not really apply to FreeBSD as I tend to get away with less memory reserver for this OSes instances.
Figure 1 New Virtual Machine
Figure 2 New Virtual Machine screen 2
Figure 3 Naming Your Virtual Machine
Uncheck the “Make this virtual machine private” box and proceed to the Starup/Shutdown dialog. In addition select Local System account in figure 4 so that you new server will start automatically upon the host server boot up. Additionally if you do not select this option then your new VM instance will terminate, rather unhappily the moment you logout of the host OS session.
Figure 4 Virtual Machine Service Account Settings
This is followed by a CPU selector. It is worth noting that when I made these original screen shots I did indeed select dual CPU however; as I learned the hard way this option is considered ‘EXPERIMENTAL’. Thus I changed the setting after to single CPU. Until VMWare releases dual CPU for FreeBSD I recommend that you stick with the default option or bad thing will probably happen. My server locked up time and again whenever I tried to compile large items like Apache2 or the World.
Next is the memory configuration screen and I know I mentioned the general rule of 1GB per VM but I also stated that with FreeBSD I’ve been able to work with less in many cases I’ve experienced success with as little as 128MB. Fortunately like the CPU setting you can always modify you memory allocation as your needs change.
Figure 5 Virtual Machine Memory Allocation Settings
I almost always proceed with the default bridged network interface selection. Although I will not cover it in this article it is possible to actually bind a specific NIC to the virtual network on a particular bridged interface. In fact that is exactly what is occurring with this selection, as it is binding to the default NIC for the virtualized lnc0.
One note of caution regarding NIC assignments. I find it is easiest to allow the Guest OSes (a.k.a. instances) to bind to the default physical NIC, and then assign a secondary physical NIC to the host OS for it’s exclusive use and securely firewalled from the instance LAN. This is a good idea should one your instances become compromised they would not allow escalation of the breach onto the host.
Figure 6 Bridge Network Option for your Virtual Machine
The following screens demonstrate some of the disk options. I personally prefer to specify the maximum size of the disk, in lieu of selecting the dynamic allocation. In addition I ALWAYS opt for IDE emulated disks rather than SCSI, even if I am creating a Windows based instance. I do this for mostly administrative reasons. It is easier to boot from CD/ISOs and mount an IDE based disk opposed to a SCSI one, this is especially true of Windows where you would need a floppy to load third party SCSI drivers. Of course that may not seem too important, but if the server is 1500 miles away from your work location simply inserting a floppy becomes a rather monumental task. Of course there is the other issue with floppy disks, most manufacturers only offer them as an option if at all.
Figure 7 Definbing the Virtual Disk
Figure 8 Virtual Type
Figure 9 Virtual Disk Allocation
Set your disk capacity and select ‘Next’ create your virtual disk which is really nothing more than a large binary file sitting on the physical disk. This means that on the local file system there will be a single files the size 26GB in this case refer to Figure 9 above.
Figure 10 Preflight Virtual Machine Display
At this point you can either boot the instance from an install CD in the host cd drive or bind the instance CD-ROM to an ISO as shown in Figure 11. The net result is the same in either case, however I personally find the ISO route easier.
Figure 11 ISO Binding
Upon boot up follow your own normal install procedures, and setup FreeBSD as you like. Note VMWare recommends that you disable IPV6. Also please create yourself an account in the wheel group so that you can ssh with as you will NEED it later. Which of course means that you need to enable sshd during the install. Finally be certain to do yourself a favor and set the root password which really should be distinct form the HOST OS password. Remember just because this is a virtual server doesn’t mean you should treat it any differently than a physical server.
Now after you’ve complete installing FreeBSD let’s walk through the settings for the system. Select ‘Edit virtual machine settings’ and from there go to the Options tab as displayed in the next Figure 12. You can make and prestartup modifications here, and it is a good idea to become familiar with the options available in this screen. You can alway return the this screen via the Edit Virtual Machine Settings selection on the preflight screen. It is worth noting upon startup the prefilght will be replaced with your running instance, and you must halt the VM to make changes.
Figure 12 Virtual Machine Options and Settings
Now we need get down to business and install the VMWare Tools for FreeBSD. To do this we have to once again we are going to bind an iso to the cdrom device. The documentation about this process isn’t exactly clear about where the iso’s are located so I’ll help you out a bit C:\Program Files\VMware\VMware Server\freebsd.iso. Also note that as far as I can tell the only way to perform this binding is with the vm powered off. So having followed along this far your instance is running and you are able to ssh in and su to root so that we can proceed.
Figure 13 Virtual Machine Preflight Status
As root you will mount /cdrom followed by an extraction of the lone file from the virtual cd to your local hard disk. Upon completion cd into the extracted directory and execute the installation script (that’s ./install just in case you weren’t following along). The main advantage of the VMWare Tools installation into FreeBSD is that when you halt the host OS it is support to safely halt each guest OS as well.
A final issue worth noting before you run off to portsnap your ports and build your favorite applications. In Figure 14 below I have documented the entries from my /boot/loader.conf which I would strongly encourage you to add if you experience any anomalies with the operation of your vm server’s clock. The hint makes an adjustment to the clock tick counter, which if left unchecked will make your system think that time is reversing.
# Beginning of the block added by the VMware software vmxnet_load="YES" hint.apic.0.disabled=1 # End of the block added by the VMware software
Figure 14 VMWare Server /boot/loader.conf Settings For FreeBSD
I hope you’ve enjoyed our little tour of VMWare Server.
by Grzegorz Czaplinski < Grzegorz.Czaplinski@systemics.pl>
Editorial note: This is the followup to Greg’s previous piece, and continues where part one left off. It is recommended that you read and understand the content presented in part one before attempting any of the procedures documented here. Now without further ado…
II. Breaking the mirror.
# gmirror remove gm0 ad6 # gmirror list Geom name: gm0 State: COMPLETE Components: 1 Balance: round-robin Slice: 4096 Flags: NONE GenID: 0 SyncID: 1 ID: 3740434803 Providers: 1. Name: mirror/gm0 Mediasize: 250059349504 (233G) Sectorsize: 512 Mode: r6w6e7 Consumers: 1. Name: ad4 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: ACTIVE Priority: 0 Flags: DIRTY GenID: 0 SyncID: 1 ID: 76271603
The state is COMPLETE as there is only one component left – consumer ad4.
III. Disk replacement Assume drive ad4 is broken and it’s not visible to the system.
# atacontrol list ATA channel 0: Master: acd0 ATA/ATAPI revision 5 Slave: no device present ATA channel 1: Master: no device present Slave: no device present ATA channel 2: Master: no device present Slave: no device present ATA channel 3: Master: ad6 Serial ATA v1.0 Slave: no device present ATA channel 4: Master: no device present Slave: no device present ATA channel 5: Master: no device present Slave: no device present
If the drives are hotswap, remove the broken ad4 drive and try to reinitialize it.
# atacontrol reinit ata2 Master: no device present Slave: no device present
# atacontrol attach ata4 atacontrol: ioctl(IOCATAATTACH): File exists # atacontrol detach ata4 # atacontrol attach ata4 Master: no device present Slave: no device present # atacontrol reinit ata2 Master: no device present Slave: no device present
To make a new drive visible to the system I had to reboot the server.
# gmirror insert -p 1 gm0 ad4 Not all disks connected. Try 'forget' command first.
To forget about components which are not connected use command:
# gmirror forget gm0
Add a component to the mirror.
# gmirror insert -p 1 gm0 ad4
Check if the mirror is synchronizing.
# gmirror list Geom name: gm0 State: DEGRADED Components: 2 Balance: round-robin Slice: 4096 Flags: NONE GenID: 0 SyncID: 6 ID: 1189193877 Providers: 1. Name: mirror/gm0 Mediasize: 250059349504 (233G) Sectorsize: 512 Mode: r7w6e7 Consumers: 1. Name: ad6 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: ACTIVE Priority: 0 Flags: NONE GenID: 0 SyncID: 6 ID: 1830980100 2. Name: ad4 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: SYNCHRONIZING Priority: 1 Flags: DIRTY, SYNCHRONIZING GenID: 0 SyncID: 6 Synchronized: 0% ID: 1487713881
As you can see, the drive replacement went OK and the synchronization process started. When it’s finished, the state of gm0 should change from DEGRADED to COMPLETED.
After reading this article, I hope you will have a good insight on gmirror(8). I tried to write it in an easy to read and understand manner. Although I know Pawel Jakub Dawidek very well I must admit gmirror(8) is a very nice and easy tool for RAID-1. I really encourage you to use it for mirroring.
by Grzegorz Czaplinski <Grzegorz.Czaplinski@systemics.pl>
Mirror setup. Recently I was given a brand new X2100 server made by Sun Microsystems. I installed FreeBSD on it and run a mailserver. The server has two 250GB SATA drives and I decided to use gmirror(8) to create RAID-1 on those disks.
To start with the configuration, install FreeBSD, configure it to suit your needs. After server installation, I always make the world again, configure my new kernel and install it. Don’t forget to add to your kernel config file the following lines:
options GEOM_GPT options GEOM_MIRROR
To find out your system drives use atacontrol(8) command.
# atacontrol list ATA channel 0: Master: acd0 <DV-28E-N/P.6A> ATA/ATAPI revision 5 Slave: no device present ATA channel 1: Master: no device present Slave: no device present ATA channel 2: Master: ad4 Serial ATA v1.0 Slave: no device present ATA channel 3: Master: ad6 Serial ATA v1.0 Slave: no device present ATA channel 4: Master: no device present Slave: no device present ATA channel 5: Master: no device present Slave: no device present
My system is installed on ad4 disk and I want ad6 to be a second sub-mirror.
First of all, create a mirror gm0:
# gmirror label -vnb round-robin gm0 /dev/ad6 Metadata value stored on /dev/ad6. Done. -b round-robin is the algorithm used for reading. -n turns off autosynchronization of stale components. To turn in on use gmirror configure -a gm0.
In the command above you specify the second drive – ad6!
If GEOM_MIRROR was copiled into the kernel, then /dev/mirror/gm0 device is already present.
Otherwise, initialize GEOM_MIRROR,
# gmirror load
this command will load the /boot/kernel/geom_mirror.ko kernel module and will create the gm0 device – /dev/mirror/gm0.
Edit loader.conf file:
# echo 'geom_mirror_load="YES"' >> /boot/loader.conf
Disk partition. Now, use fdisk(8) command to create slice on gm0 device and reinitialize the boot code.
# fdisk -vBI /dev/mirror/gm0 ******* Working on device /dev/mirror/gm0 ******* parameters extracted from in-core disklabel are: cylinders=30401 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=30401 heads=255 sectors/track=63 (16065 blks/cyl) Information from DOS bootblock is: 1: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 488392002 (238472 Meg), flag 80 (active) beg: cyl 0/ head 1/ sector 1; end: cyl 704/ head 254/ sector 63 2: 3: 4: fdisk: Geom not found
bsdlabel(8) is used to create BSD partition table and to install bootstrap code.
Install the bootstrap:
# bsdlabel -wB /dev/mirror/gm0s1
Read the partition table from the current system drive /dev/ad4s1. Save the output.
# bsdlabel /dev/ad4s1 # /dev/ad4s1: 8 partitions: # size offset fstype [fsize bsize bps/cpg] a: 409600 0 4.2BSD 2048 16384 25608 b: 2097152 409600 swap c: 488392002 0 unused 0 0 # "raw" part, don't edit d: 4096000 2506752 4.2BSD 2048 16384 28552 e: 1024000 6602752 4.2BSD 2048 16384 64008 f: 81920000 7626752 4.2BSD 2048 16384 28552 g: 398845250 89546752 4.2BSD 2048 16384 28552
Edit a partition table of /dev/mirror/gm0s1:
# bsdlabel -e /dev/mirror/gm0s1
copy the output of bsdlabel /dev/ad4s1 command, paste and save the editor.
Make sure the size in sectors of /dev/ad4s1 and /dev/mirror/gm0s1 is the same. The chances are, /dev/mirror/gm0s1 will be shorter of 1 sector in size. In this case partition c will have to be shorter so the last partition (in my case partition g).
To verify the sizes type:
# diskinfo -v /dev/ad4s1 /dev/mirror/gm0s1 | egrep '(/dev/|in sectors)' /dev/ad4s1 488392002 # mediasize in sectors /dev/mirror/gm0s1 488392002 # mediasize in sectors
My slices were OK.
List the gm0 configuration:
# gmirror list Geom name: gm0 State: COMPLETE Components: 1 Balance: round-robin Slice: 4096 Flags: NOAUTOSYNC GenID: 0 SyncID: 1 ID: 3740434803 Providers: 1. Name: mirror/gm0 Mediasize: 250059349504 (233G) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: ad6 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: ACTIVE Priority: 0 Flags: NONE GenID: 0 SyncID: 1 ID: 339682922
The gm0 provider has one component – consumer ad6. Provider gm0 is the name of the mirror, ad6 consumer is the first sub-mirror. State of gm0 is COMPLETE. This is OK.
Organize data. My current drive setup looks like:
# df -h Filesystem Size Used Avail Capacity Mounted on /dev/ad4s1a 193M 120M 58M 67% / devfs 1.0K 1.0K 0B 100% /dev /dev/ad4s1g 184G 28K 169G 0% /export/home /dev/ad4s1e 484M 12K 445M 0% /tmp /dev/ad4s1f 38G 1.7G 33G 5% /usr /dev/ad4s1d 1.9G 15M 1.7G 1% /var
For every partition created on gm0s1 create a filesystem. In my case, I did it for /, /tmp, /var, /usr and /export/home.
# newfs /dev/mirror/gm0s1a # newfs -U /dev/mirror/gm0s1d # newfs -U /dev/mirror/gm0s1e # newfs -U /dev/mirror/gm0s1f # newfs -U /dev/mirror/gm0s1g
For every partition created on gm0s1, mount it under /mnt and copy original data from /dev/ad4.
# mount /dev/mirror/gm0s1a /mnt # dump -L -0 -f- / | ( cd /mnt && restore -r -v -f- ) # umount /mnt/ # mount /dev/mirror/gm0s1d /mnt # dump -L -0 -f- /var | ( cd /mnt && restore -r -v -f- ) # umount /mnt/ # mount /dev/mirror/gm0s1e /mnt # dump -L -0 -f- /tmp | ( cd /mnt && restore -r -v -f- ) # umount /mnt/ # mount /dev/mirror/gm0s1f /mnt # dump -L -0 -f- /usr | ( cd /mnt && restore -r -v -f- ) # umount /mnt/ # mount /dev/mirror/gm0s1g /mnt # dump -L -0 -f- /export/home | ( cd /mnt && restore -r -v -f- )
My /etc/fstab looks like:
# Device Mountpoint FStype Options Dump Pass# /dev/ad4s1b none swap sw 0 0 /dev/ad4s1a / ufs rw 1 1 /dev/ad4s1g /export/home ufs rw 2 2 /dev/ad4s1e /tmp ufs rw 2 2 /dev/ad4s1f /usr ufs rw 2 2 /dev/ad4s1d /var ufs rw 2 2
Mount the /dev/mirror/gm0s1a again:
# mount /dev/mirror/gm0s1a /mnt/
and change /mnt/etc/fstab to:
# Device Mountpoint FStype Options Dump Pass# /dev/mirror/gm0s1b none swap sw 0 0 /dev/mirror/gm0s1a / ufs rw 1 1 /dev/mirror/gm0s1g /export/home ufs rw 2 2 /dev/mirror/gm0s1e /tmp ufs rw 2 2 /dev/mirror/gm0s1f /usr ufs rw 2 2 /dev/mirror/gm0s1d /var ufs rw 2 2
Make the same change to /etc/fstab file – the one on ad4 drive.
In case the systems does not boot from gm0 you can create those two files:
# echo "1:ad(4,a)/boot/loader" > /boot.config # echo "1:ad(4,a)/boot/loader" > /mnt/boot.config
You can remove them later on.
Shutdown the system and keep fingers crossed.
# shutdown -r
After reboot, log into the system and check the mounting:
# df -h Filesystem Size Used Avail Capacity Mounted on /dev/mirror/gm0s1a 193M 120M 58M 67% / devfs 1.0K 1.0K 0B 100% /dev /dev/mirror/gm0s1g 184G 19M 169G 0% /export/home /dev/mirror/gm0s1e 484M 64K 445M 0% /tmp /dev/mirror/gm0s1f 38G 1.6G 33G 5% /usr /dev/mirror/gm0s1d 1.9G 16M 1.7G 1% /var
Mirror and synchronize. Everything went OK, so it’s time to add a second drive – the sub-mirror:
# gmirror insert -p 1 gm0 ad4 -p priority, specifies priority of the given component. In this case ad4 has the priority 1 whereas ad6 0. # gmirror list Geom name: gm0 State: DEGRADED Components: 2 Balance: round-robin Slice: 4096 Flags: NOAUTOSYNC GenID: 0 SyncID: 1 ID: 3740434803 Providers: 1. Name: mirror/gm0 Mediasize: 250059349504 (233G) Sectorsize: 512 Mode: r6w6e7 Consumers: 1. Name: ad6 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: ACTIVE Priority: 0 Flags: DIRTY GenID: 0 SyncID: 1 ID: 339682922 2. Name: ad4 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: STALE Priority: 1 Flags: SYNCHRONIZING GenID: 0 SyncID: 1 ID: 76271603 # gmirror rebuild gm0 ad4 # gmirror list Geom name: gm0 State: DEGRADED Components: 2 Balance: round-robin Slice: 4096 Flags: NOAUTOSYNC GenID: 0 SyncID: 1 ID: 3740434803 Providers: 1. Name: mirror/gm0 Mediasize: 250059349504 (233G) Sectorsize: 512 Mode: r7w6e7 Consumers: 1. Name: ad6 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: ACTIVE Priority: 0 Flags: DIRTY GenID: 0 SyncID: 1 ID: 339682922 2. Name: ad4 Mediasize: 250059350016 (233G) Sectorsize: 512 Mode: r1w1e1 State: SYNCHRONIZING Priority: 1 Flags: DIRTY, SYNCHRONIZING, FORCE_SYNC GenID: 0 SyncID: 1 Synchronized: 0% ID: 76271603
Dont forget to turn on autosynchronization:
# gmirror configure -a gm0
or easier method:
# gmirror configure -a gm0 # gmirror insert -p 1 gm0 /dev/da0
To check the status of resynchronization:
# gmirror status Name Status Components mirror/gm0 DEGRADED ad6 ad4 (26%) # gmirror status Name Status Components mirror/gm0 DEGRADED ad6 ad4 (99%) # gmirror status Name Status Components mirror/gm0 COMPLETE ad6 ad4 # gmirror list Geom name: gm0 State: COMPLETE Components: 2 Balance: round-robin Slice: 4096 Flags: NONE GenID: 0 SyncID: 1 ID: 3740434803 [.....]
The state is COMPLETE so the resychronization went without any problems and components are ACTIVE now.
If you expect kernel dumps, configure the dumpdev device. Edit /etc/rc.conf and add:
To make savecore(8) life easier also edit /etc/rc.early and /etc/rc.local:
# echo "gmirror configure -b prefer gm0" >> /etc/rc.early # echo "gmirror configure -b round-robin gm0" >> /etc/rc.local
Now the system is safe with RAID-1 over two system disks.
Editorial note: In part two of this series Gregory will show us how to safely break the mirror as well as how to handle a disk failure. Complete thorugh replacing and remirroring a disk.
By Mikel King <firstname.lastname@example.org>
I thought it might be nice to start off with a simple little article about a simple app in the ports tree that I find particularly useful. It is called fetchyahoo. Basically, what it does is fetch your email out of your mail.yahoo.com account via the http interface and download it into a mailbox. Of course, that may not seem all that special or important, but what is really cool about this app is where it can put the messages, and some of the advanced features, like dumping the bulk messages and automatic expunging of the deleted messages.
Now, one of the first things I usually do before I build anything from the ports tree is run a quick cvsup off my in house mirror to refresh the tree on the machine I am using. I find that this is generally a good thing to do. For instance, the version in the ports tree is 2.8.6 and mine is 2.8.0 which, of course, is not that great, but if you are going to take the time to build something, then why not do it right?
OK, so building the port is easy once you complete the cvsup. I did have some trouble with the fetching of various dependencies but I suspect that was more or less bandwidth related. But, eventually, the make install clean will complete and you will be able to step into the .fetchyahoorc configuration file. A sample can be found in the build directory, and excerpts are included for explanation, as follows.
This first section is rather self explanatory, just substitute your yahoo credentials here and then proceed to the next section.
###### SHOULD configure these ###### username = *yahoo-user-name* # this can be a password or an md5_hex hashed password password = *yahoo-password* # set this to 0 to turn off HTTPS and login insecurely via plaintext instead use-https = 1 ###### mail spool, mbox file and procmail configs ###### # set use-spool to 0 to disable outputting to a file/filter use-spool = 1 # if spoolName ends with a / we output in maildir format to that directory spool = /var/spool/mail/*local-user-name* # spool-mode must be either append, pipe or overwrite # use pipe for procmail or other filter and append for a normal spool # ignored if spoolName is a maildir directory spool-mode = append
OK, at this point we could fire off a sync and download the email into a standard Unix type mailbox. Which is OK because you could then use pine or mutt, or even mail, to read through the messages and you’re done, right? Wrong, sorry, that just wasn’t good enough for me. For one, the server I installed this onto also happens to be running an IMAP server (cyrus, to be exact). So, once the messages were downloaded onto the server and appended into my mailbox, then served up by my IMAP server automagically — this is cool — you’d think that I’m done, right? Again, however, I had other plans.
Well, for one, I’m now getting all of that bulk mail that tends to collect into my yahoo account, and well, I really don’t want it. Therefore, the first thing to do is set the
empty-bulk = 1
which means that the bulk messages are dumped prior to downloading into my inbox. Another setting I enable is
empty-trash-before = 1
, which dumps the deleted messages — just like it says — before downloading your inbox. I feel that these are good settings and save on the bandwidth as well.
OK, so a quick recap of what we have accomplished thus far is to configure fetchyahoo to download the messages from the specified account and to ensure that both the bulk and trash are emptied before the actual download begins. Then, once it has completed the operation, you can connect to the mailbox on your server via any of several methods; in this case I use IMAP. But one thing that is lacking is automation. I could schedule this with cron, and indeed this does work and was the case back when I first stumbled across this application, but now there is a new
setting repeat-interval = n
, where n = the number of minutes between mailbox checks.
I have tested the repeat interval and, while it does work, it’s just not as daemonized as I’d like. Therefore, you’ll need to either run the app in a detached screen (also available in the ports tree) session or set up a personal cron job. The reason is that after a couple of iterations the fetchyahoo process terminates even if it is running in the background. My personal feeling is to go with the latter as cron is more reliable and it is fairly easy to set up a crontab. That sounds like a good lead in for a sequel, doesn’t it?
Finally, there are a couple of other features that are quite handy. For instance, you can setup fetchyahoo to forward all of the downloaded messages to a particular SMTP address, which is good if you don’t have your own IMAP server. But another possibility is to use the IMAP forward feature which is good if, for instance, your main office uses Lotus Domino to which you connect via any IMAP-enabled mail client. In order to use the IMAP forward feature you need to have the CPAN Mail::IMAPClient installed, and since it is not listed as a dependency yet, you will need to jump into the port and manually install p5-Mail-IMAPClient or, if you are good with perl, then via the CPAN console.
Once you have completed the p5-Mail-IMAPClient from the ports tree, update your .fetchyahoorc with the appropriate credentials and server settings and you are good to go.
###### IMAP configuration ###### # set use-imap to 1 to enable output to an IMAP mailbox use-imap = 0 imap-host = imap.example.com imap-port = 143 imap-username = imap-user-name imap-password = imap-password imap-mailbox = INBOX
There is one issue that you should consider: the security of this application is rather light. Meaning that, although it does use SSL for the network traffic, the credentials are stored in plain text which for some can be a huge issue. At a minimum, you should set the permissions on your .fetchyahoorc file accordingly (mode 0700). I would suspect that future updates will most likely include some sort of security enhancements, but only time will tell.
So, in summary, what I end up with is fetchyahoo will download my messages from the yahoo server account and then upload them into my main account for work which I then use Thunderbird to check the messages. Or, as silly as this sounds, our webmail system (based on horde/imp, which coincidentally enough is also available via the ports tree).