Archive for the 'FreeBSD' Category

Use wget in cron with no output

When you use wget in a cron to run a php script at a specific interval the home directory of the user this cron is running as is filled with files containing the output.
You can make cron output everything to stdout to make this stop:

/usr/bin/wget -O - -q http://www.whatever.com/cron.php

No Comments »

ClamAV 0.94 not working anymore in MailScanner

I had this issue, clamav worked perfectly on command line, but within MailScanner it seemed to stop working. I could not find out why. I checked every configuration file, everything seemed normal.

Today i was upgrading ClamAV from 0.94 to 0.94.1, and suddenly i saw these lines in my maillog:


Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --unzip
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --jar
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --tar
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --tgz
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --deb
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --unrar
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --arj
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --lha
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --unzoo
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --max-ratio
Nov 12 09:01:39 mx02 MailScanner[26358]: WARNING: Ignoring deprecated option --unrar

Hmmmm.. weird. I started googling and found this bug:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1213

They did this: Instead of hardfailing, clamd will print warnings.

Glad it is resolved now..

2 Comments »

Postfix and Cyrus data format error. Command output: root: Mailbox does not exist

I saw tons of these messages in my mailog:

Jun 30 12:53:42 mx02 postfix/pipe[14167]: 09275108B2B: to=, relay=cyrus, delay=20, delays=19/0/0/0.01, dsn=5.6.0, status=bounced (data format error. Command output: spam: Mailbox does not exist )

This mailserver handles about 150k e-mails a day. We use postfix/cyrus/MailScanner/MySQL.
Users can set their own spamsettings. For example a user can forward his/her spam to a different e-mail address. I set the spam.actions for MailScanner to:

forward bla@foo.bar header “X-Spam-Status: yes”

This is what did not work and gave the errors. Postfix complains about the fact that cyrus does not know this e-mail address, and this is correct.

After some research i found out that this was very odd 🙂
E-mail sent to an e-mail address which is not classified as spam works fine, but when e-mail is classified as spam, postfix requeues it and this is not working as expected. Somehow postfix does not rewrite the e-mail address to a local (cyrus) address before it passes it on to cyrus deliver.

Well, my fix was not that hard after all. Just use the cyrus mailbox for forwarding spam to from MailScanner.
For example if your cyrus mailbox name is “joe” just forward the spam to joe@your.fully_qualified_server.name

When someone has a clue about how to fix this without a workaround, please let met know.

No Comments »

Problem using ntpdate on FreeBSD

I had this problem. ntpdate seemed to work fine except no time adjustments were actualy applied.
Running ntpdate 0.nl.pool.ntp.org just gave me some output:

ntpdate[207]: adjust time server 145.24.129.6 offset -9934.006008 sec

This seemed OK, but after checking with date, the time was still not set correctly.
Hmmm… what could be happening…

Running ntpdate with the -d or -v flags did not reveal anything useful.
Eureka! dmesg had some additional info:

Time adjustment clamped to -1 second

After googling around it seemed this box was running kern.securelevel: 2.
I changed this in my rc.conf:

kern_securelevel_enable=”NO”

Then rebooted andit was working fine!

No Comments »

SVN copy repository

This script makes it possible to copy your SVN repository while generating a new UUID. It also sets up SVN DAV.
You may need to tweak it to work on your setup.
I use it to copy a template repository with all hooks to a new repository.


#!/usr/local/bin/bash

SVNBASE=/export/svn
SVNADMIN=/usr/local/bin/svnadmin
SVNUSER=www
SVNGROUP=www
TEMPFILE=/var/tmp/svn.dump
RM=/bin/rm
CHOWN=/usr/sbin/chown
APACHESVNCONF=/usr/local/etc/apache22/svn.conf
APACHERESTART="/usr/local/etc/rc.d/apache22 restart"
COPY=/bin/cp

#Dump source repository to file
echo "Dump source repository"
$SVNADMIN dump $SVNBASE/$1 > $TEMPFILE

#Create new repository
echo "Create new repository"
$SVNADMIN create $SVNBASE/$2

#Load dumped repository into newly created repository forcin new uuid
echo "Read dump into new repository"
$SVNADMIN load --force-uuid $SVNBASE/$2 < $TEMPFILE #Delete source repository dump file echo "Delete tempfile" $RM $TEMPFILE #Copy hooks from source to new repository echo "Copy hooks from source to destination repostitory" $COPY -R $SVNBASE/$1/hooks/* $SVNBASE/$2/hooks/ #Change ownerships echo "Set ownerships" $CHOWN -R $SVNUSER:$SVNGROUP $SVNBASE/$2 #Display result echo "Copy completed.." #Addin repository to apache conf echo "Set up apache config for $2" echo "" >> $APACHESVNCONF
echo " DAV svn" >> $APACHESVNCONF
echo " SVNPath /export/svn/$2" >> $APACHESVNCONF
echo "
" >> $APACHESVNCONF
echo "" >> $APACHESVNCONF

#Restart apache
echo "Restart apache"
$APACHERESTART

#Done
echo "Done..."

No Comments »

Error after upgrading portupgrade on FreeBSD

After upgrading portupgrade i got a stange error.
Rebuilding the package database gave this error:

[root@foo /usr/ports]# pkgdb -F
--->  Checking the package registry database
[Updating the pkgdb  in /var/db/pkg ... /var/db/pkg/pkgdb.db: unexpected file type or format -- Invalid argument; rebuild needed] [Rebuilding the pkgdb  in /var/db/pkg ... /var/db/pkg/pkgdb.db: unexpected file type or format -- Invalid argument: Cannot update the pkgdb!]: Cannot update the pkgdb!]

This is what fixed it for met:

# cd /usr/ports
# rm INDEX-6.db
# rm /var/db/pkg/pkgdb.fixme (if it exists)
# rm /var/db/pkg/pkgdb.db
# pkgdb -F

I also got some errors regarding some missing dependencies. I answerd Yes to install the missing ones.

No Comments »

Apache gives http accept filter error on FreeBSD 6

After a fresh install (re)starting apache gives the following error:

[warn] (2)No such file or directory: Failed to enable the ‘httpready’ Accept Filter

Somehow the kernel module accf_http is not loaded by default. To load this module manually do:

$ kldload accf_http

To make sure it is loaded after a reboot edit /boot/loader.conf and add the following line:

accf_http_load=”YES”

No Comments »

DCC in MailScanner op FreeBSD werkend krijgen

Arghhhh… schone installatie van FreeBSD, nu mailscanner, postfix, spamassassin etc erop en gaan met die banaan…

Wat?!? foutmeldingen in de logfile! Daar kan ik absoluut niet tegen, dus googlen maar….

Het runnen van spamassassin –lint -D geeft een error op DCC. Na wat uitzoekwerk ben ik erachter gekomen dat er een aantal zaken geconfigureerd moeten worden voordat het werkt.
Dit document is eigenlijk een geheugensteun voor mezelf, maar misschien help ik er ook anderen mee 🙂

Continue Reading »

No Comments »

Passive and Active FTP and IPFW

I needed a public server with FTP functionality, so i wanted to firewall everything except FTP. I encoutered lots of problems, especially with passive FTP. Finally i figgured it out. This is how i did it.
Continue Reading »

1 Comment »

Cloning FreeBSD from single SCSI disk to 3ware SATA mirror

It’s not that difficult, but you have to keep a few things in mind…

In my case i wanted to replace the single 36GB SCSI disk, that has been in production for three years, with a 400GB serial ATA mirror using a 2-port 3Ware SATA RAID controller.
Continue Reading »

No Comments »

Next »