CONTENTS


Lastmodified 2015-07-25 (土) 12:06:05


FreeBSD10 からBINDの同梱がなくなった

とのことなので

Installing bind99-9.9.7P1_4...
**********************************************************************
*            _  _____ _____ _____ _   _ _____ ___ ___  _   _         *
*           / \|_   _|_   _| ____| \ | |_   _|_ _/ _ \| \ | |        *
*          / _ \ | |   | | |  _| |  \| | | |  | | | | |  \| |        *
*         / ___ \| |   | | | |___| |\  | | |  | | |_| | |\  |        *
*        /_/   \_\_|   |_| |_____|_| \_| |_| |___\___/|_| \_|        *
*                                                                    *
*   BIND requires configuration of rndc, including a "secret" key.   *
*    The easiest, and most secure way to configure rndc is to run    *
*   'rndc-confgen -a' to generate the proper conf file, with a new   *
*            random key, and appropriate file permissions.           *
*                                                                    *
*     The /usr/local/etc/rc.d/named script will do that for you.     *
*                                                                    *
**********************************************************************

===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/sbin/named-journalprint
/usr/local/sbin/named
/usr/local/sbin/rndc-confgen
/usr/local/sbin/dnssec-verify
/usr/local/sbin/ddns-confgen
/usr/local/sbin/dnssec-dsfromkey
/usr/local/bin/host
/usr/local/sbin/nsec3hash
/usr/local/sbin/dnssec-signzone
/usr/local/bin/nsupdate
/usr/local/sbin/rndc
/usr/local/sbin/lwresd
/usr/local/bin/dig
/usr/local/sbin/dnssec-revoke
/usr/local/sbin/dnssec-keygen
/usr/local/sbin/named-checkzone
/usr/local/sbin/dnssec-keyfromlabel
/usr/local/sbin/dnssec-importkey
/usr/local/sbin/named-checkconf
/usr/local/bin/nslookup
/usr/local/sbin/dnssec-settime

      This port has installed the following startup scripts which may cause
      these network services to be started at boot time.
/usr/local/etc/rc.d/named

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
https://www.isc.org/software/bind
===>  Cleaning for bind99-9.9.7P1_4
root@g7:/var/log #

http://freebsd.fkimura.com/bind9-c1.html

MySQLをUPグレード

************************************************************************

Remember to run mysql_upgrade the first time you start the MySQL server
after an upgrade from an earlier version.

************************************************************************

10.0 to 10.1

10.0のサポートもおわったったので、10.1へUPする・・・まえに、pkg audit してワラワラとportupgrade

で、Apache関連も取り敢えずUPするも、Default Versionが22から24に変わってて、SVN関連で、Apacheの mod_dav_svn.so が、独立したportsになってます。

これをこのまま、インストールしようとすると

root@g7:/usr/ports/www/mod_dav_svn # make install
===>  mod_dav_svn-1.8.13_2 is marked as broken: : Error from bsd.apache.mk. apache22 is installed (or APACHE_PORT is defined) and port requires apache.
*** Error code 1

などとなって、怒られます。

で、こそこそと /etc/make.conf をこしらえて

DEFAULT_VERSIONS+=apache=22

と書いてmake しますと、無事 mod_dav_svn-1.8.13_2とかが出来ます。

これで、無事、Apacheを再起動しても怒られなくなります。

root@g7:/usr/ports/www/apache24 # apachectl restart
Performing sanity check on apache22 configuration:
Syntax error on line 2 of /usr/local/etc/apache22/Includes/subversion.conf:
Unknown DAV provider: svn

さてと、次は10.1へUP。

http://w.vmeta.jp/tdiary/20141119.html

http://www.lifewithunix.jp/notes/2014/09/25/freebsd-apache-php5-module-trouble-again/

root@g7:~ # freebsd-update -r 10.1-RELEASE upgrade
Looking up update.FreeBSD.org mirrors... none found.
Fetching metadata signature for 10.0-RELEASE from update.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata files... done.
Inspecting system... done.

The following components of FreeBSD seem to be installed:
kernel/generic world/base world/games world/lib32

The following components of FreeBSD do not seem to be installed:
src/src world/doc

Does this look reasonable (y/n)?  y

Fetching metadata signature for 10.1-RELEASE from update.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system...

# zpool upgrade -a

root@g7:~ # zpool status
  pool: tank
 state: ONLINE
  scan: none requested
config:

        NAME        STATE     READ WRITE CKSUM
        tank        ONLINE       0     0     0
          raidz1-0  ONLINE       0     0     0
            ada1    ONLINE       0     0     0
            ada2    ONLINE       0     0     0
            ada3    ONLINE       0     0     0

errors: No known data errors
root@g7:~ # gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0
bootcode written to ada0
root@g7:~ #
root@g7:~ #
root@g7:~ # gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada1
gpart: No such geom: ada1.
root@g7:~ #

http://blog.livedoor.jp/dankogai/archives/51907188.html

FreeBSD 10.0

FreeBSD 10.0 DVD1

インストール終了後

freebsd-update fetch
freebsd-update install
reboot

locate データベースを作る

/etc/periodic/weekly/310.locate
    7  6:46    locate portupgrade
    8  6:46    cd /usr/ports/ports-mgmt/portupgrade-devel
    9  6:46    make install clean
   10  6:58    portinstall portaudit
   11  6:58    portaudit -Fda
   12  6:58    portinstall portaudit
   13  6:58    locate portaudit
   14  6:59    portinstall ports-mgmt/portaudit
   15  7:00    cd
   16  7:00    portinstall ports-mgmt/portaudit
   17  7:00    pkg audit
   18  7:01    pkg audit
   19  7:01    pkg audit -F
   20  7:15    history

portaudit を入れようとすると・・・

root@blackcube2:/usr/ports/ports-mgmt/portupgrade-devel # portinstall ports-mgmt/portaudit
[Reading data from pkg(8) ... - 17 packages found - done]
[Gathering depends for ports-mgmt/portaudit  done]
** Port marked as IGNORE: ports-mgmt/portaudit:
        use 'pkg audit' instead
** Listing the failed packages (-:ignored / *:skipped / !:failed)
       - ports-mgmt/portaudit
root@blackcube2:~ # pkg audit
pkg: unable to open vulnxml file, try running 'pkg audit -F' first
root@blackcube2:~ # pkg audit -F
vuln.xml.bz2                                                                                                        100%  430KB 430.1KB/s 420.1KB/s   00:01
0 problem(s) in the installed packages found.

screen をいれようとすると

root@g7:~ # portinstall sysutils/screen
portinstall: Command not found.

といわれる

root@g7:~ # pkg install screen
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/freebsd:10:x86:64/latest, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
Installing pkg-1.2.7_2... done
If you are upgrading from the old package format, first run:

  # pkg2ng
Updating repository catalogue
digests.txz                                                                                                         100% 1072KB 214.4KB/s 511.9KB/s   00:05
packagesite.txz                                                                                                     100% 4931KB 448.3KB/s   1.6MB/s   00:11
Incremental update completed, 22923 packages processed:
0 packages updated, 0 removed and 22923 added.
The following 1 packages will be installed:

        Installing screen: 4.0.3_14

The installation will require 865 KB more space

428 KB to be downloaded

Proceed with installing packages [y/N]: y
screen-4.0.3_14.txz                                                                                                 100%  428KB 142.7KB/s 238.0KB/s   00:03
Checking integrity... done
[1/1] Installing screen-4.0.3_14... done

Postfix

Postfix on FreeBSD

root@blackcube2:~ # portinstall mail/postfix

/etc/rc.conf

postfix_enable="YES"
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

/etc/periodic.conf

# touch /etc/periodic.conf
daily_clean_hoststat_enable="NO"
daily_status_mail_rejects_enable="NO"
daily_status_include_submit_mailq="NO"
daily_submit_queuerun="NO"

/etc/make.conf

NO_SENDMAIL= true

/etc/newsyslog.conf

#/var/log/sendmail.st			640  10	   *	168   BN

Apache

# portinstall www/apache22

/etc/rc.conf

apache22_enable="YES"

/usr/local/etc/rc.d/apache22: WARNING: failed to start apache22

[Mon Feb 17 16:11:45 2014] [alert] (EAI 8)hostname nor servname provided, or not known: mod_unique_id:
 unable to find IPv4 address of "blackcube2"
Configuration Failed

http://d.hatena.ne.jp/takeR/20120715/1342354382

/etc/hosts へ、以下を追加

219.117.246.200	blackcube2

sysinstall から bsdinstall へ変更された模様

http://www.freebsd.org/doc/ja/books/handbook/bsdinstall.html

mysql

portinstall databases/mysql55-client

/etc/rc.conf

mysql_enable="YES"

mysqlの設定ファイルの雛形をコピーしておきます。(より大規模なシステムなら large や huge に)

# cp /usr/local/share/mysql/my-medium.cnf /usr/local/etc/my.cnf
# chmod 644 /usr/local/etc/my.cnf

以下の起動スクリプトで制御できます。

# /usr/local/etc/rc.d/mysql-server start ←デーモンを起動します
# /usr/local/etc/rc.d/mysql-server restart ←デーモンを再起動します
# /usr/local/etc/rc.d/mysql-server stop ←デーモンを停止します

起動できたら、rootユーザのパスワードを設定します。初期状態ではパスワードなしになっています。ここでは root@localhost の設定を変更しておきます。

# mysqladmin -u root -h localhost password 'XXXXXX' ←XXXXXXに半角でパスワードを書きます。

portinstall lang/php5

Apacheのモジュールにチェック

/usr/local/etc/apache22/http.conf

***************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

***************************************************************

これしとかないと、index.php へアクセスすると、ダウンロードになる (^^ゞ

php5-extensions

portinstall databases/phpmyadmin

chown -R www:www phpMyAdmin/
  1. script/create_tables.sql で必要なテーブルを作成します。
    k222# cd /usr/local/www/phpMyAdmin/examples
    k222# mysql -u root -p < create_tables.sql
    Enter password: ← パスワード(mysql管理者)の入力作ったテーブルにアクセスできる pma ユーザを作成します。 
  2. 設定ファイル (config.inc.php) で高度な機能を有効にします。config.sample.inc.php にある設定例をコピーするといいでしょう。

munin on FreeBSD 10 p2 2014/05/03

munin を、pkg install してみる。

一応、念のため、phpの extension.iniを待避しておくよ。

/usr/local/etc/php # cp extensions.ini extensions.ini_20140502_OK
pkg install sysutils/munin-node
pkg install sysutils/munin-master

/usr/local/www/muninにインストールされるので、Apacheに以下を設定。

/usr/local/etc/apache22/Includes/munin.conf

# Alias /webpath /full/filesystem/path
Alias /munin /usr/local/www/munin
  314  6:12    apachectl restart
  315  6:20    munin-node-configure -suggest

munin-node-configure --shell

とすると、

root@g7:~ # munin-node-configure --shell
ln -s '/usr/local/share/munin/plugins/cpu' '/usr/local/etc/munin/plugins/cpu'
ln -s '/usr/local/share/munin/plugins/df' '/usr/local/etc/munin/plugins/df'
ln -s '/usr/local/share/munin/plugins/df_inode' '/usr/local/etc/munin/plugins/df_inode'
ln -s '/usr/local/share/munin/plugins/if_' '/usr/local/etc/munin/plugins/if_em0'
ln -s '/usr/local/share/munin/plugins/if_' '/usr/local/etc/munin/plugins/if_em1'

等と表示されるが、 /usr/local/etc/munin/pluginsには、リンクは自動生成されない・・・???

表示されたものをコピーしてプロンプトに貼って実行した。

ServerFQDN/munin/ にアクセスすると、ID・PWを訊かれ、適当に答えた後から、Internal Server Errorとなる。 http://sugutsukaeru.jp/support/3/ どうやら、.htaccess の問題のようなので、/usr/local/www/munin/.htaccess を、.htaccess_orig へmv。

マシン名が、10amd64-default-job-02 となっていたので、/usr/local/etc/munin/munin.conf

# a simple host tree
#[10amd64-default-job-02]
[g7.kuji-clinic.net]
    address 127.0.0.1
    use_node_name yes

munin

********************************************************************
Unless this file already existed, a sample configuration file
has been placed in /usr/local/etc/munin/munin.conf.

Please edit it according to your needs.

The Munin server will be run from cron under the user 'munin'.
********************************************************************

設定

/usr/local/etc/munin/munin.conf

# htmldir /usr/local/www/munin
htmldir /usr/local/www/apache22/data/munin  ←コレを追加
# mkdir /usr/local/www/apache22/data/munin
# chown -R munin:munin /usr/local/www/apache22/data/munin
# cd /usr/local/www
# cp cgi-bin/munin-cgi-graph apache22/cgi-bin
# cp -rp munin apache22/data
# echo munin_node_enable="YES" >> /etc/rc.conf

使えるプラグインを確認

http://techno-st.net/2009/12/10/munin-munin-node-configure.html

# munin-node-configure -suggest

--shell を使ってプラグイン追加

# munin-node-configure --shell

Munin on NEC-Express5800/GT110b FreeBSD 8.1


Total access 2444:本日 2:昨日 3

Counter: 2444, today: 2, yesterday: 3

トップ   編集 凍結 差分 バックアップ 添付 複製 名前変更 リロード   新規 一覧 単語検索 最終更新   ヘルプ   最終更新のRSS
Last-modified: 2015-07-25 (土) 12:06:05 (757d)