1) To get PATH (or directories name) type command:

# sysctl kern.module_path

OR

# kldconfig -r

2) The path can modified in /boot/loader.conf file, open this file and look for entry called module_path:

# grep “modile_path” /boot/loader.conf

module_path=”/boot/kernel;/boot/modules;/modules;/new/path”

Note you must open /boot/loader.conf file to change path settings using text editor:

# vi /boot/loader.conf

And make changes to file.

3) Reboot system to take effect.

4) Or on fly, you can add/append path using kldconfig utility, read man page for more info.

Vulnerability check disabled, database not found

You need install small port called portaudit. From the man page:

portaudit checks installed packages for known vulnerabilities and generates reports including references to security advisories. Its intended audience is system administrators and individual users. portaudit checks installed packages for known vulnerabilities and generates reports including references to security advisories. Its intended audience is system administrators and individual users.

Install portaudit

1) Install port auditing (login as root)
# cd /usr/ports/ports-mgmt/portaudit
Please note that old portaudit port was located at /usr/ports/security/portaudit/.
2) Install portaudit:
# make install clean
Output:

===>  WARNING: Vulnerability database out of date, checking anyway
===>  Extracting for portaudit-0.5.12
===>  Patching for portaudit-0.5.12
===>  Configuring for portaudit-0.5.12
===>  Building for portaudit-0.5.12
===>  Installing for portaudit-0.5.12
===>   Generating temporary packing list
===>  Checking if ports-mgmt/portaudit already installed
===>   Compressing manual pages for portaudit-0.5.12
===>   Registering installation for portaudit-0.5.12
===>  Cleaning for portaudit-0.5.12

3) Fetch the database so that port auditing get activated immediately. By default it install a shell script ‘portaudit’ in /usr/local/etc/periodic/security/:
# /usr/local/sbin/portaudit -Fda
Output:

auditfile.tbz                                 100% of   47 kB  405 kBps
New database installed.
Database created: Wed Feb 27 06:10:01 CST 2008
0 problem(s) in your installed packages found.

Where,

• -F: Fetch the current database from the FreeBSD servers.
• -d: Print the creation date of the database.
• -a: Print a vulnerability report for all installed packages

4) portaudit script automatically get called via FreeBSD’s periodic (cron job) facility. So your database get updated automatically everyday.

Let us assume you would like to install a port called sudo. If it has known vulnerabilities it will not install sudo:
# cd /usr/ports/security/sudo
# make install clean

===>  sudo-1.6.8.7 has known vulnerabilities:
=> sudo -- local race condition vulnerability.
   Reference: &tt;http://www.FreeBSD.org/ports/portaudit/3bf157fa-
e1c6-11d9-b875-0001020eed82.html>
=> Please update your ports tree and try again.
*** Error code 1
Stop in /usr/ports/security/sudo.

For more information refer portaudit man page:
$ man portaudit

Incoming search terms:

• centos plesk git user (1)
• git server on centos with cpanel (1)
• freebsd vulnerability check disabled database not found (1)
• freebsd vietnam (1)
• download linux git-1 7 4 src tarball (1)
• does kern securelevel limit kldload (1)
• directadmin spam filter uppercase lowercase (1)
• cpanel vulnerability (1)
• centos send display windows (1)
• php imagemagick install centos (1)

Incoming search terms:

• linux admin shell script (1)
• linux system load average limits (1)
• shell script email notification when root password (1)
• shell script if -a (1)
• shell script if admin then (1)
• shell script in unix to notify users (1)
• unix shell script if (1)

How do I use the script?

You need to download following two files for FreeBSD operating systems:

1. File # 1 Save this file as /usr/local/etc/bashmonscripts
2. File # 2 : Save this file as /usr/local/etc/defaults.conf

For Linux system, you need to update /usr/local/etc/defaults.conf to point out exact binary path location. /usr/local/etc/bashmonscripts is nothing but functions library used by this script. bashmonscripts works under both Linux and FreeBSD.

#!/bin/bash
# Shell script to General FreeBSD and Linux System information such as:
# Hostname, OS version, Kernel version, Processor/CPU, Total RAM,
# System load, network interface, total logged in users, Hard disks,
# Runlevel etc. I will write separate scripts for detailed system
# information 
# Copyright (c) 2005 nixCraft project
# This script is licensed under GNU GPL version 2.0 or above
# For more info, please visit:
#            http://cyberciti.biz/shell_scripting/bmsinstall.php
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------

SPATH="/usr/local/etc/bashmonscripts"
INITBMS="$SPATH/defaults.conf"
[ ! -f $INITBMS ] && exit 1 || . $INITBMS

echo "Hostname:" $(getHostName)
echo "OS Name:" $($UNAME)
echo "OS Version:" $($UNAME -mr)
echo "Processor:" $(getCpuInfo)
echo "Total Physical Memory (RAM):" $(getRealRamInfo)
echo "System Load:" $(getSystemLoad)
echo "Date & Time:" $($DATE)
echo "Network interface:" $(getNumberOfInterfaces)
echo "Total logged in users:" $(getNumberOfLoggedInUsers)
echo "Total running process:" $(getNumberOfRunningProcess)
echo "Total SCSI/IDE disks:" $(getDiskDrives)
echo "Mounted partitions:" $(getNumberOfParittions)
echo "Loaded dynamic kernel modules/drivers:" $(getNumberOfKernelModules)
echo "OS Rulevel:" $(getOsRunLevel)

Incoming search terms:

• apache uname -a: linux (1)
• system information shell script in linux (1)
• system information freebsd (1)
• system info centos users memory bash script (1)
• shell script system info mod (1)
• shell script read system ram freebsd (1)
• shell script information about network (1)
• shell script get system configuration linux (1)
• shell programing (1)
• migrate user accounts from freebsd to linux (1)

FreeBSD offers write protection, you need to to set special bit call immutable. Once this bit is setup no one can delete or modify file including root. And only root can clear the File immutable bit.

You must be a root user to setup or clear the immutable bit.

Setup file immutable bit

Use chflags command as follows:
# chflags schg /tmp/test.doc
Try to remove or moify file file with rm or vi:
# rm -f /tmp/test.doc
Output:

rm: /tmp/test.doc: Operation not permitted

Now root user is not allowed to remove or modify file. This is useful to protect important file such as /etc/passwd, /etc/master.passwd etc.

Display if file immutable bit is on or off

ls -lo /tmp/test.doc
Output:

-rw-r--r--  1 root  wheel  schg 19 Jun 29 22:22 /tmp/test.doc

Clear or remove file immutable bit

#chflags noschg /tmp/test.doc
Now you can remove or modify file. Please note that immutable flag can be set by root user only. chflags also supports few other interesting flags.

• arch: set the archived flag
• nodump: set the nodump flag
• sappnd: set the system append-only flag
• schg: set the system immutable flag
• sunlnk: set the system undeletable flag
• uappnd: set the user append-only flag
• uchg: set the user immutable flag
• uunlnk: set the user undeletable flag

Putting the letters no before an option causes the flag to be turned off.

Please note Linux also supports immutable flag to write protect files using chattr command.

See man page chflags and ls commands for more information.

Incoming search terms:

• remove system protected files freebsd (2)
• freebsd howto (1)
• include the -total-check flag to skip this test making sure the -notal-check flag follows -all or -autorecon1 in the command string (1)
• linux write protect file root user (1)

This tutorial explains how to assign one or more IP address to a single network interface under FreeBSD operating system.

It is possible to create network alias or assign 2 ip address to a single NIC under FreeBSD operating system.

Our Sample Setup

• Interface name: lnc0 – IP : 192.168.1.1/255.255.255.0
• Interface name: lnc0 alias - IP : 192.168.1.5/255.255.255.255

Netmask must be different otherwise you will get an error ifconfig: ioctl (SIOCAIFADDR): File exists.

Set ip alias using ifconfig command line utility

Login as the root user.

Now, use ifconfig command as follows to set alias:
# ifconfig lnc0 192.168.1.5 netmask 255.255.255.255 alias

Persistent IP Alias Configuration

Edit file /etc/rc.conf to setup persistent ip aliasing option by appending following configuration, so that next time FreeBSD comes up (after restart/shutdown) it will create alias for you:
ifconfig_lnc0_alias0="192.168.1.5 netmask 255.255.255.255"

Finally, Restart FreeBSD network service using network restart script:
# /etc/rc.d/netif restart && /etc/rc.d/routing restart
Display alias and real ip using ifconfig lnc0 command:
# ifconfig lnc0
Sample output:

lnc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::20c:29ff:fe01:ddbd%lnc0 prefixlen 64 scopeid 0x1
inet 192.168.1.2 netmask 0xffffff00 broadcast 192.168.1.255
inet 192.168.1.5 netmask 0xffff

Sample /etc/rc.conf file with IP aliasing

Here is my /etc/rc.conf file with em0 and em1 interface with 5 aliases:

hostname="sun.nixcraft.in"
# default vsnl router interface
defaultrouter="202.54.1.200"
# Force 10Mbps for both public and private LAN interace
ifconfig_em0="inet 10.20.110.2 netmask 255.255.255.192 media 10baseT/UTP mediaopt full-duplex"
ifconfig_em1="inet 202.52.1.2 netmask 255.255.255.248 media 10baseT/UTP mediaopt full-duplex"
ifconfig_em0_alias0="inet 10.20.1.226 netmask 255.255.255.0"
ifconfig_em0_alias1="inet 10.20.1.227 netmask 255.255.255.0"
ifconfig_em0_alias2="inet 10.20.1.228 netmask 255.255.255.0"
ifconfig_em0_alias3="inet 10.20.1.229 netmask 255.255.255.0"
ifconfig_em0_alias4="inet 10.20.1.230 netmask 255.255.255.0"
# static routing configuration
static_routes="lan0"
route_lan0="-net 10.0.0.0/8 10.20.110.1"

Further readings:

• Read ifconfig man page.

Incoming search terms:

• freebsd ip alias (4)
• alias0 freebsd (1)
• network script 2 ips 1 alias (1)
• ipaliases in directadmin (1)
• ip alias freebsd (1)
• freebsd network interface alias name (1)
• freebsd network alias pf (1)
• freebsd ip alias ifconfig (1)
• freebsd ifconfig alias howto (1)
• freebsd em0 재시작 (1)

Following list summaries, all the command you need to gather FreeBSD hardware information.

1) Determining the Hardware Type/platform:
# uname -m
2) Determining machine processor architecture:
# uname -p
3) Determining FreeBSD release level:
# uname -r
Generally, following command is use to get all info at a time:
# uname -mrs
Output:

FreeBSD 5.0-RELEASE i386

4) Determining CPU information such as speed, make etc
# dmesg | grep CPU
Output:

CPU: Pentium 4 (1716.41-MHz 686-class CPU)
acpi_cpu0:  on acpi0
acpi_cpu: CPU throttling enabled, 8 steps from 100% to 12.5%

5) Determining real and available memory to FreeBSD:
# dmesg | grep memory
Output:

real memory  = 201326592 (192 MB)
avail memory = 188555264 (179 MB)

Alternatively, try following command to grab memory information:
# sysctl -a | grep hw.*mem
# sysctl -a | grep mem
Output:

hw.physmem: 194985984
hw.usermem: 167641088
hw.cbb.start_memory: 2281701376

Note systcl has more info, just type the sysctl command to see rest of all information:
# sysctl -a | less
6) Determining how long a system has been up:
# uptime
7) Determining when a system was last rebooted or shutdown:
# last -1 reboot
# last -1 shutdown
Determining swap file system usage
# swapinfo -k
9) Determining who is logged in and what they are doing. Following all commands can be used. users command displays the list of all logged in users only.
# w
# who
# users

10) Find out when user was last logged in – You can use last command as follows:
# last user-name
(a) To find out user vivek was last logged, enter:
# last vivek

See FreeBSD getsysinfo.bash script. It is use to find general FreeBSD system information such as, hostname, OS version, Kernel version, Processor/CPU, Total RAM, System load, network interface, total logged in users, Hard disks, Runlevel etc. Make sure your read the detailed installation instruction.

Incoming search terms:

• command to show system information freebsd (1)
• linux hardware info (1)
• info network freebsd (1)
• how to command show hardware network on freebsd (1)
• freebsd show user info (1)
• freebsd memory info (1)
• freebsd memory hardware information (1)
• freebsd hw cbb start_memory windows (1)
• freebsd getsysinfo (1)
• finding the system hardware freebsd kernel (1)

You can get current security level (FreeBSD runlevel) using sysctl command:
# sysctl –a | grep kern.securelevel

You can setup new security level in /etc/rc.conf file:
1) Open file in text editor
# vi /etc/rc.conf

2) Add or modify following:
kern_securelevel_enable=”YES” # kernel security level
kern_securelevel=”2″ # range: -1..3 as above

3) Save the changes. Exit and restart FreeBSD.

If init used from command line i.e as a user process, init will emulate AT&T System V UNIX behavior as follows:

0: Halt and turn the power off
1: Go to single-user mode
6: Reboot the machine
c: Block further logins
q: Rescan the /etc/ttys file

1) To halt and turn the power off type:
# init 0

2) You can also use normal halt or shutdown command to shutdown system.

Incoming search terms:

• freebsd difference between reboot and shutdown -r (1)
• freebsd reboot (1)

smbclient -M <WINDOW-SYSTEM-NAME> <<EOF
Message
Message
…
..
…
When the message is complete, press Control-D.

Send message to Windows system from Linux/ FreeBSD

To send a message “Meeting canceled” to windows system called joyxp
$ smbclient -M joyxp <<EOF
Output:

Meeting canceled
See you at coffee house in 2 hrs.
--Vivek
EOF

With –U you can specify the username.
$ smbclient -M myxp -U VIVEK <<EOF
Meeting cancelled
See you at coffee house in 2 hrs.
EOF

This tip also works with Linux and other UNIX variant with Samba client utilities package. Read man page of smbclient for more information.
man smbclient

Incoming search terms:

• EOF in centos (1)
• freebsd / linux: sending a message to windows workstation with smbclient command (1)
• freebsd send message to workstation (1)
• linux command send network message (1)
• messages linux windows (1)
• samba server (1)
• smbclient send message to wondows (1)

1) At shell prompt type su and press enter key, when prompted for password supply root user password:
$ su
password:
#

2) To exit super user status type exit or press CTRL+D
# exit>
$

Please note that if you get an error su: Sorry for normal user account. Following workaround needed to get rid of this problem/error:

1) For security, reason FreeBSD only allows su to root user, if user is member of wheel group. Wheel group is a special group for administration purpose. Add your normal user to this group using pw command using following:
# pw user mod username -G wheel

2) So to add user vivek to group wheel run command as follows:
# pw user mod vivek -G wheel
# groups vivek
vivek wheel

3) Now su will work for vivek user.

You can disable this behavior complete for all users (not recommended until and unless you trust ALL of users):
1) Open pam configuration file for su using text editor:
# vi /etc/pam.d/su

2) Look for following line and comment it out:
Line:
auth requisite pam_wheel.so no_warn auth_as_self noroot_ok exempt_if_empty
Replace with:
#auth requisite pam_wheel.so no_warn auth_as_self noroot_ok exempt_if_empty

3) Now all users can use su command.

Incoming search terms:

• freebsd pwd user mod wheel (2)
• /etc/pam d/su in freebsd (1)
• become super user freebsd (1)
• freebsd become super user (1)
• freebsd su sorry (1)
• freebsd su sorry wheel (1)
• pam_wheel root_only (1)
• pw usermod wheel admin (1)