Search results

I have that sysctl set, after setting that to 1 all is fine. I did look at that setting in my /etc/sysctl file, and it still had the # before it as in the default sysctl file, but at the end of my sysctl file i did set it to 0. So next time i will use the command sysctl to check the value :sssh...

Hello all, I try to get the number of varnish processes from my varnish machine. But i need to set AllowRoot=1 in my zabbix-agentd config to be able to see the processes. Without AllowRoot=1 i get the following. root@monitoring01:~ # zabbix_get -s varnish-server.mydomain.com -k...

Hello all, Currently we are trying to use apache traffic server on FreeBSD, i thought it would be a matter of installing the software through ports or pkg but it is not the case, so I thought, maybe use the latest version instead of the one provided by ports (6.2.0). So I created a new port in...

Hello all. Sorry if this is not the place to ask but I have a question regarding the use of synth. I need two different versions of packages, a php70 version and a php56 version. I created a profile through synth configure named php70 and one named php56 I created a file...

I think I found it. I also edited /etc/pam.d/system, and edited /etc/pam.d/sshd and changed sufficient under account to required and now if I try to ssh in with a user that has not set the right host in LDAP, the connection is disconnected right away. I do not think /etc/pam.d/system is needed...

Thank you for your reply. I should have mentioned my /usr/local/etc/openldap/ldap.conf file. base dc=mydomain,dc=com uri ldap://ldap.mydomain.com ldap_version 3 binddn uid=nss_pam,ou=account,dc=mydomain,dc=com bindpw mypass #rootbinddn pam_check_host_attr yes pam_check_service_attr yes...

Hello all We have a lot of Linux Ubuntu machines running. We use LDAP to authenticate and restrict users to certain hosts. This works fine on Ubuntu, Now we want to make FreeBSD also use the LDAP for authentication. This works fine, except that every user can login, even if the user is not...

Ok I just gave it the command, and now the error is gone and the other dirs are created. One more question, do I need the cloned_interfaces="brigde0 tap0" lines in /etc/rc.conf? Or is the vm switch create public command taking care of that? Thanks for your time.

Hello. I tried sysutils/vm-bhyve, but I get stuck quite quickly. I did the following. installed sysutils/vm-bhyve. created a zfs dataset # zfs create storage/vm Then I edit /etc/rc.conf Put the following two lines in there. vm_enable="YES" vm_dir="zfs:storage/vm" Then I give the init command...

Thanks gkontos I will try this and post back if it works. It works Adding the pfctl -k <ip address> command works. So my actions.d/pf.local looks like this (relevant part) actionban = /sbin/pfctl -t fail2ban -T add <ip>/32 && /sbin/pfctl -k <ip>

Hello all. I use fail2ban to block some ssh scripts from polluting my log files, and this works like advertised. Now I want to block IP addresses that try to log in on my owncloud server. Everything works, the IP address is in the fail2ban table after the x login attempts. The only thing is...

No if you use a chrooted setup, the owner must be root. If I change it to testuser then sshd errors out with the following error. Apr 15 17:03:57 backup01 sshd[47602]: fatal: bad ownership or modes for chroot directory "/usr/home/restricted/testuser" And I will not get a shell. regards

Hello all. I have little luck in setting up a restricted ssh server for ssh tunnels on FreeBSD 10 On my FreeBSD 8 server it all works well and on my FreeBSD 10 server I did use the same steps. I use the following setup. I create a group allowtunnel, then I add users to this group. In my...

I would like these scripts and templates for ZFS and Zabbix. I am sure more people want them!

You could try iredmail. http://www.iredmail.org Regards

It just got merged to 10 stable and is going to be part of FreeBSD 10.1 http://freshbsd.org/commit/freebsd/r271238 I see a lot of changes to the whole cam, geom and zfs layers in 10.1. If these all work out like they should 10.1 could well be a really good file server release. Samba used to be...

I would not label them using glabel, for me it was nothing but trouble. I always use gpart to label and create the disks. The -b 2048 sets the start point on disk also right for 4096 sector size. A good read is http://www.freebsddiary.org/zfs-with-gpart.php. I do not leave disk space at the...

Thanks, I thought so. Regards, Johan

Hello all. I was wondering if I could limit the creation of SSH tunnels. I have some users who I would like to connect to their RDP session, but I do not want them to connect to the server IP adresses. Is this possible? Can I tell the SSH daemon that tunnels may be used to 192.168.1.10 but not...

It should work without a hassle. But before you do, make a backup, just in case. So if things go wrong, you have a backup of your data. I have done it on most of my servers, four to be precise and I have had no issues at all. But that does not guarantee that it will go ok on your configuration...