David Lundgren

Web Developer & Systems Administrator

FreeBSD and sudo defaults

Several weeks ago I started transitioning some Ubuntu VM’s to FreeBSD VM’s . On previous VM’s I was able to use the following command line without any problems

sudo phing code-update

After switching to FreeBSD I found that sudo, or its “sudo -E” variant, was having problems when running in sub shells. Phing svn tasks were asking for passwords that were previously setup to use svn+ssh. Using “sudo svn list svn+ssh://svn.example.com/svn/project” worked but not when phing ran. It turns out there are two environment variables that Ubuntu’s sudo package was preserving: HOME & MAIL. NOTE: Ubuntu 14.04LTS’ sudo package appears to only preserve HOME.

I created /usr/local/etc/sudoers.d/svnusers

Defaults env_reset
Defaults env_keep+="HOME"

This made FreeBSD’s sudo work as it had on Ubuntu. A day’s worth of investigation to solve the riddle but it works as I would expect it to.

nullfs and sockets

This is a re-post from my MySpace blog.

UPDATE: This was fixed far better than I did it at the time in the stable/9 branch as of 2012-04-24

What happens on FreeBSD 6.x series machines using nullfs and sockets? At least in my current setup it fails.

The scenario is that I am running mysql on the host and apache in a chroot environment. (I don’t have the extra IP’s, and don’t want to deal with NAT to make jails work.) I have the apache chroot nullfs mounted (ro, except for the data apache needs to write and the user directories for php/perl scripts to work). In either rw/ro mode the nullfs does not translate the mysql socket correctly unless it is mounted on the nullfs mount and even then it is sporadic.

After a couple hours of googling, and rummaging through the freebsd-* archives, I ended up with the kern/51583 PR. This PR is from 2003 and fixed the socket/chr/blk devices in the sys/fs/nullfs/null_subr.c in such a manner that allowed sockets to work. Taking the approach that was taken I applied the following to the code in null_subr.c at line 235 (at least for the sources dated at 2006.09.14):

if (lowervp->v_type == VSOCK) vp->v_un = lowervp->v_un;

This allowed the sockets to work but I do not if this is a good idea to institute when using jails as opposed to my problem up above as it might work fine within a jail’d environment but not a chroot’d environment, I haven’t tested with it in either direction. I also have no other knowledge of the nullfs or vnode code. The main difference between the patch submitted in kern/51583 and mine is that mine only affects vnodes with a v_type of VSOCK, where it affected all or did an addalias to VCHR, and VBLK.

Flash 9 upgrade

This is a re-post from my MySpace blog.

If you want a better web surfing experience turn flash OFF. It sounds crazy but since I’ve converted my laptop from WindowsXP Pro to FreeBSD (6.1) and I’ve refused to install linux compatibility on my laptop, I have not had flash available at all. It does make browsing certain websites (SciFi, Fox, etc…) impossible to use (HINT to those sites, MAKE a HTML only website).

I don’t find myself to be in a bad position, most flash content is annoying as hell and I have had it blocked from loading for awhile anyhow. When it came to audio/video flash here on myspace, I have blocked several websites because I don’t care for hearing audio, or seeing videos in myspace profiles. Not only do I not care for hearing it, it INTERFERES with music I am playing, and since browsers haven’t learned how to control their own volume I ain’t dealing with it.

I’ll stick with FreeBSD and my lack of initiative to get flash working on it for as long as possible. Hell I still haven’t gotten my Java VM working on FreeBSD yet, although I do have a native java built and installed.