If you’ve ever tried to edit a Windows-created file in Unix or OSX, you’ve probably encountered a messy translation in line breaks: A file full of “^M” characters. There is an easy search/replace you can use in vi/vim to format the file Unix-style:
:%s/\r/\r/g
I needed to upgrade my OpenSSL installation on FreeBSD without having to recompile everything (make installworld), and found out that you can do so by installing the openssh-portable port. You must force it to replace the base OpenSSL install, so you pass in the proper options:
cd /usr/ports/security/openssh-portable
make -DOPENSSH_OVERWRITE_BASE install
This went great, however, I could no longer log in remotely. It would prompt me for username and password then just hang until it timed out.
This happens because newer versions of sshd have “UsePrivilegeSeparation” (privsep) set to YES by default, so sshd will always try to verify the remote host name and check that the resolved host name for the remote IP address maps back to the very same IP address.
Because sshd is chrooted to /usr/local/empty, it is unable to read /etc/resolv.conf and fails any DNS lookups. This is why we are hanging! To fix it, I found some people suggesting to copy /etc/resolv.conf to /var/empty/etc/resolv.conf. I decided to try a symbolic link instead, but got the following error.
mkdir /var/empty/etc
mkdir: /var/empty/etc: Operation not permitted
This is probably caused by some flags or the schg bit on the dir, and I didn’t want to deal with it. Instead I decided to take the easy (even though probably unsafe) way out: disable privsep. Open up your /etc/ssh/ssd_config file and add the following:
UsePrivilegeSeparation no
Restart your sshd with /etc/rc.d/sshd restart and you should be good to go! I know it’s probably not a good idea to run with privsep off, but with it on, NOBODY could log into the server via ssh, including myself, and that’s no good. Hopefully OpenSSH and the FreeBSD ports people will find a way to make things work with privsep enabled in the near future.
I ran into a few problems trying to install Xdebug into PHP on both FreeBSD 5.2 and FreeBSD 5.4. My research led me to this PHP bug thread and the proper solution. Here’s a quick summary to get you going with Xdebug:
Xdebug is installed via phpize, and phpize has some requirements:
I was able to get mine up and running with the following versions:
However, the ports packages for autoconf, automake, and libtool that come with FreeBSD are installed into non-standard locations, so phpize is unable to find them. This is easily fixed with symlinks (NOTE: symlinks will vary depending on which versions you have installed):
ln -s /usr/local/bin/aclocal19 /usr/local/bin/aclocal
ln -s /usr/local/bin/automake19 /usr/local/bin/automake
ln -s /usr/local/bin/autoconf259 /usr/local/bin/autoconf
ln -s /usr/local/bin/autoheader259 /usr/local/bin/autoheader
ln -s /usr/local/bin/libtool15 /usr/local/bin/libtool
ln -s /usr/local/bin/libtoolize15 /usr/local/bin/libtoolize
ln -s /usr/local/share/aclocal19/ /usr/local/share/aclocal
ln -s /usr/local/share/aclocal19/libtool15.m4 /usr/local/share/aclocal19/libtool.m4
Now, assuming you have all the correct versions installed and paths present, phpize should be able to find everything and Xdebug should install as expected:
# phpize
# ./configure --enable-xdebug
# make
# cp modules/xdebug.so /usr/local/lib/php/extensions
zend_extension="/usr/local/lib/php/extensions/xdebug.so"I’m normally a manually-compile-from-source type of guy, but I thought I’d give FreeBSD’s ports system a try. Right away I ran into an annoyance, and something that underscores a constant battle: trading customizability for ease-of-use. Yes, ports makes installing things easier, but you lose a certain level of control and customizability.
Installing vim from ports seems easy enough, right? Sure, if you want tons of bloat included! A simple make; make install in /usr/ports/editors/vim started a flurry of downloads for things like X11toolkits, X11R6.8.2, etc, etc.. in other words, installing vim from ports was trying to also install X-Windows on my machine!! This is a server, I do NOT need the bloat of X-Windows simply to run a frickin’ text editor like vim.
So, after some research, I discovered that you can in fact control port installs with various arguments. Here’s how I installed vim:
cd /usr/ports/editors/vim
make WITHOUT_X11=yes
make WITHOUT_X11=yes install
PRESTO, a nice, clean, bloat-free, non-X-Windows install of vim. As a general tip, you can look inside the port’s Makefile to see various arguments that you can pass in.
A caveat though, if you ever upgrade all your ports with portupgrade, all of your ports will upgrade with the default arguments. So if I ran portupgrade and a new version of vim was available, it would install vim and all the X-Windows crap along with it.
Luckily, FreeBSD provides a way to automatically provide arguments to auto-upgrades via portupgrade: Simply open up /usr/local/etc/pkgtools.conf and fill in the MAKE_ARGS tag like so:
MAKE_ARGS = {
'editors/vim' => 'WITHOUT_X11=YES',
}
Now the next time you upgrade vim using portupgrade, the WITHOUT_X11 argument will be automatically included, so you won’t have to worry about all that extra X11 crap being included in your install.
I just installed FreeBSD 5.4 on my Abit AA8-DuraMax, but I’ve run into some troubles with my networking. It seems that the on-board NIC doesn’t properly detect when a cable is plugged in. ifconfig shows it as “status: no carrier”
I know it’s not the router or the cable, because they both work fine on other machines. The 8100S chipset is listed as supported on the FreeBSD 5.4 Hardware compatibility list, as well as the man pages for the re driver.
Some other weirdness: If I plug the ethernet cable from the BSD machine to another machine’s NIC, it is properly detected. It only doesn’t detect when connected to my router. Also, if I manually set the card to 10baseT/UTP using ifconfig’s media parameter, it also works. It doesn’t work on autoselect, or any other media setting besides 10baseT/UTP.
Anyone have any ideas? Some info:
ifconfig:
--------------------------------------
re0: flags=8843<up ,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=18<vlan_mtu ,VLAN_HWTAAGGING>
inet 192.168.1.31 netmask 0xffffff00 broadcast 192.168.1.255
inet6 ...
ether 00:50:8d:eb:e5:be
media: Ethernet autoselect (none)
status: no carrier
lo0: flags=8049<up ,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4Relevant dmesg:
--------------------------------------
re0: <realtek 8169S Single-chip Gigabit Ethernet> port 0xee00-0xeeff mem 0xfbfff000-0xfbfff0ff irc 16 at device 1.0 on pci1
miibus0: <mii bus> on re0
rgephy0: <rtl8169s /8110S media interface> on miibus0
rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto
re0: Ethernet address: 00:50:8d:eb:e5:bepciconf -lv:
--------------------------------------
re0@pci1:1:0: class=0x020000 card=0x1039147b chip=0x816910ec rev=0x10 hdr=0x00
vendor = 'Realtek Semiconductor'
device = 'RTL8169 Gigabit Ethernet Adapter'
class = network
subclass = ethernet
pciconf -r pci1:1:0 0:0xff
--------------------------------------
816910ec 02b00007 02000010 00002008
0000ee01 fbfff000 00000000 00000000
00000000 00000000 00000000 1039147b
00000000 000000dc 00000000 40200110
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
00000000 00000000 00000000 f7c20001
00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000
If you enable the $message_envelope variable in the config.php file of phplist for processing bounces, sendmail will probably complain with the following header in your email:
X-Authentication-Warning: your.domain.com: httpd set sender to account@domain.com using -f
This is because only “trusted users” are allowed to change the message envelope. By default, sendmail only considers root, daemon, and uucp as trusted users, so if you try changing the message envelope as the user Apache is running under (in my case httpd) sendmail will attach that nasty warning header to all your outgoing mails. Spam blockers don’t like this!
There are a couple of ways to fix this:
pw groupmod daemon -M httpd
FEATURE(`use_ct_file') dnl # Trusted userstouch /etc/mail/trusted-usershttpdmake install
make restart
That’s it, you should be good to go. Mail sent via PHP/Apache will no longer contain the X-Authentication-Warning header.
Note that there is a downside to this. Any user on your system can now use PHP to send email with “forged” headers. You basically just gave everyone on your system “Trusted User” status to Sendmail, so be sure that you trust your users before actually doing this!
UPDATE: How to do the same in Linux
Ran into a little problem installing libpng 1.2.8 on FreeBSD 5.4. Running make gives the following:
ld -b +s +h libpng12.sl.0 -o libpng12.sl.0.1.2.8 png.pic.o pngset.pic.o pngget.pic.o pngrutil.pic.o pngtrans.pic.o pngwutil.pic.o pngread.pic.o pngrio.pic.o pngwio.pic.o pngwrite.pic.o pngrtran.pic.o pngwtran.pic.o pngmem.pic.o pngerror.pic.o pngpread.pic.o
ld: invalid BFD target `+s'
*** Error code 1Stop in /usr/src/libpng-1.2.8-config.
I found out that there is a typo in the INSTALL file that tells you to use the wrong makefile. It tells you to cp scripts/makefile.hpgcc makefile when in fact you should cp scripts/makefile.freebsd makefile. Using the correct makefile, of course, make works as expected!