cvs, cvsup, portsnap and csup

Progress in *BSD world is very fast, everyday patch released, program update etc

to get that update via internet FreeBSD provide a few tools :

  • cvs, not so familiar for beginner
  • cvsup, very famous in FreeBSD, can update ports, source even for backup purpose
  • portsnap, only for port update, in FreeBSD tree since 6.0
  • csup, cvsup alternative, already integrated in 6.2 tree, no need to install, compatible with cvsup

example for cvs :

cvs -z3 -d :pserver:anonymous@cvs.freesbie.org:/cvs co -P freesbie2

will fetch freesbie2 and located in current directory where command issued

example for cvsup :

cvsup -g -L2 ports-supfile -h cvsup12.freebsd.org

will update ports information

example for portsnap :

portsnap update

will update ports data, faster than portsnap extract

csup example :

cvsup -g -L2 stable-supfile -h cvsup12.freebsd.org

will update stable source

P.S :

make sure port 5999/tcp open for cvsup and csup

portsnap will use port 80

find your program with “whereis”

Many linux distro build nowadays, each distro came with spesific purpose, server, workstation or desktop orientation but still not forget to give access to shell :-)

people who run “ifconfig” in mandriva will get confuse when run same command in fedora or maybe slackware

“command not found” is common message

just use “whereis” command for this purpose :

whereis ifconfig

whereis perl

whereis sh

answer will show up for full path of program

type full path in shell to get same result, not easy but always work :-)

Recreate FreeBSD ports build option

As big fan of FreeBSD ports, I like to play around with ports option, like when installing php4 I was prompted with a lot of build options :

kongja# whereis php4
php4: /usr/ports/lang/php4
kongja# cd /usr/ports/lang/php4

then this ncurse option will popup

phpbuild.PNG

===> Found saved configuration for php4-4.4.6
===> Extracting for php4-4.4.6

read more »

View crontab entries of entire user in FreeBSD

Cron is special utility that process command in periodic time such ;

  • doing regular backup every night
  • email special report every week
  • etc

cron access can be usefull but sometime not, depend on the command issued.

As super user we can list all of entire user crontab entries using log locate in /var/log

su-2.05b# tail -f /var/log/cron
Apr 30 20:30:00 erau /usr/sbin/cron[81893]: (root) CMD (/usr/libexec/atrun)
Apr 30 20:30:00 erau /usr/sbin/cron[81894]: (root) CMD (/usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null)
Apr 30 20:35:00 erau /usr/sbin/cron[84459]: (root) CMD (/usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null)
Apr 30 20:35:00 erau /usr/sbin/cron[84462]: (root) CMD (/usr/libexec/atrun)
Apr 30 20:40:00 erau /usr/sbin/cron[87061]: (root) CMD (/usr/libexec/atrun)
Apr 30 20:40:00 erau /usr/sbin/cron[87062]: (root) CMD (/usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null)
Apr 30 20:45:00 erau /usr/sbin/cron[90181]: (root) CMD (/usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null)
Apr 30 20:45:00 erau /usr/sbin/cron[90180]: (root) CMD (/usr/libexec/atrun)
Apr 30 20:50:00 erau /usr/sbin/cron[93304]: (root) CMD (/usr/libexec/atrun)
Apr 30 20:50:00 erau /usr/sbin/cron[93305]: (root) CMD (/usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null)

pay attention on (root) entries, that mean user who run that command in this case generate data for cacti.

You can run the command as root or sudo, otherwise you’ll get “permission denied” message

-bash-2.05b$ tail -f /var/log/cron
tail: /var/log/cron: Permission denied
-bash-2.05b$ su
Password:
kongja# tail -f /var/log/cron
Apr 30 20:36:00 kongja /usr/sbin/cron[81442]: (root) CMD (/usr/local/bin/pfstat -q >>/var/log/pfstat)
Apr 30 20:37:00 kongja /usr/sbin/cron[81504]: (root) CMD (/usr/local/bin/pfstat -q >>/var/log/pfstat)
Apr 30 20:38:00 kongja /usr/sbin/cron[81567]: (root) CMD (/usr/local/bin/pfstat -q >>/var/log/pfstat)
Apr 30 20:39:00 kongja /usr/sbin/cron[81631]: (root) CMD (/usr/local/bin/pfstat -q >>/var/log/pfstat)

happy viewing :-)

P.S :

other usefull place to check for cron entries

/var/cron/tabs
/var/cron/atjobs
/etc/crontab

Hide php extension for social engineering purpose

First thoughts when see these url :
http://www.mydomain.com/about.pl

this site use perl

http://www.mydomain.com/about.cfm

this site use cfm

http://www.mydomain.com/about.htm

or

http://www.mydomain.com/about.html

then you might think about ordinary htm/html file

is it true?

read more »