38 posts / 0 new
Last post
#1 Tue, 05/27/2008 - 08:32
MikiKlein

FreeBSD

FreeBSD.....

Hi Guys,

Tried to install FreeBSD 7.0-RELEASE i386 and x86_64 with PRO.

Nice progress but still "Half Ready" product.

If you want bug report I will be happy to send.

Miki

Wed, 06/21/2006 - 18:06
Joe
Joe's picture

Hey Miki,

Not yet. I'll be tackling FreeBSD in another week or two, I believe. I'm in the midst of some issues on Fedora Core (PHP4+PHP5+FastCGI) right now, but expect that to wrap up in another day or so. After that Debian gets my full attention until the installer ships for it, and then FreeBSD follows on that. Each OS takes about a week of steady/dedicated effort to develop and test.

--

Check out the forum guidelines!

Mon, 06/26/2006 - 04:48
KavehAhmadian

Joe,
No offense and I'm sure you guys are super busy, but I've been waiting for a FreeBSD release for a couple of months and that was back when it was said it would be a couple more weeks. I was surprised to find this recent post citing a couple of weeks again. I now know better than to get my hopes up, but maybe it be best not to quote time frames, especially considering Murphy's Laws. Again, my intention is not to offend and I'm patiently waiting a quality release. I just wanted users like Miki to realize that these things can take longer than expected. A lesson I've learned the hard way.

Kaveh

Mon, 06/26/2006 - 16:14 (Reply to #3)
Joe
Joe's picture

Hey Kaveh,

No offense taken. I'm afraid I've never gotten the time frames right for any of the OS support milestones. It always takes so much longer than anticipated that I'm shocked, myself, in every single case.

It's a bit embarassing to point out, but SUSE and Mandriva were both about two and four months overdue when they arrived, respectively. At this point FreeBSD is several months past due (because all of the others have been pushed back several times). It's not a slight to FreeBSD that it's late...it's just the reality of how darned long it takes to get the installer working right and the packages built for each new platform. And, each new OS seems to be taking longer, because we're getting new customers every day on the existing platforms and they demand attention...so my time for new platform work gets shorter every day. It's become a weekend job now, where I have to force myself to ignore customer emails/support issues for most of those two days just to work on the things that add some sales (we get a sales spike every time I add a new platform, so I have a very strong interest in adding new platforms, but I somehow have to balance that with keeping existing customers well-cared for).

In other words, you're right. I simply can't seem to stick to a schedule on new OS support. The builds take a long time, the testing takes a long time, and the bugs are sometimes very ornery to fix (I seem to always run up against odd limitations or issues with the package management facilities in the OS in question when I finally do get all of the packages and such in place). And I have a full-time support job on my hands these days, with the existing supported platforms.

All just excuses, I know. But I'm trying to keep things moving in the right direction, and hopefully won't piss off too many FreeBSD and Debian/Ubuntu users in the interim.

--

Check out the forum guidelines!

Wed, 11/22/2006 - 19:33
WayneJacobsen

Do you have an updated timeframe for Freebsd?

Wed, 11/22/2006 - 21:53 (Reply to #5)
Joe
Joe's picture

Hey Wayne,

There's pretty good news on the FreeBSD front: There are no other operating systems ahead of it in the support queue now. ;-)

Debian/Ubuntu are mostly wrapped up now, and I'm building the x86_64 versions as we speak. I've got a FreeBSD development system running, and I'm wrapping my head around the ports system--I haven't yet figured out if we can use ports for distributing our software, yet, but I'd like to if it's possible (so far, I've managed to use native packages and native update management tools on all platforms except Red Hat Enterprise, where I had to revert to yum for updates).

Anyway, I'd guess another week or two and we'll see the first release for FreeBSD. It'll probably be buggy for a couple of weeks after that, as I find and fix problems.

--

Check out the forum guidelines!

Thu, 11/23/2006 - 22:15
DanLong

Good thing I quit trying to by a hacker wannabe and left Slackware, eh Joe? ;-)

Fri, 11/24/2006 - 03:12 (Reply to #7)
Joe
Joe's picture

Heheheh...We might try to support Slackware at some point.

Slacks major failing for us (and for any server deployment) is the lack of package management. Jamie has written a Webmin-based package manager for just this kind of situation (Solaris will need it, as it also lacks reasonable package management), but it's wholly untested and doesn't really address the installation process...so I'd have to write a whole lot of new code to support Slack in the install.sh. As it is, I have huge amounts of work ahead of me to make install.sh more robust. It's amazing how many folks expect us to be able to drop right into a heavily customized system without breaking anything and, seemingly more importantly, not reporting any errors due to the odd configuration and packages from unsupported sources!

But I would definitely recommend FreeBSD over Slack for a server deployment. Nothing against Slack, but FreeBSD is solid and very well-designed. Slack lacks a lot of the cohesive and clean design, as well as incredibly good documentation, that makes FreeBSD great, while also lacking the ease of use features that make Fedora and some of the other Linux distros more fun to use and easier than FreeBSD--the worst of both worlds, so to speak, for most situations. ;-)

I know Slack has its fans and for a desktop system that isn't directly exposed to the internet, it's just fine. But the time for server systems without good package management of any sort is, thankfully, behind us. FreeBSD only squeaks by with ports, but it does handle everything that you really must have on a server, so I can't complain too much. It's better than Solaris, Windows Server, and Mac OS X. And Slack. I would say it's better than SUSE, but SUSE is finally getting it together with rug.

--

Check out the forum guidelines!

Thu, 12/21/2006 - 16:22
SteveAcup

Joe,
I've been lurking on the forum for most of the year, eagerly awaiting the FreeBSD release. If you need any BETA testers I'd be glad to help. I'll buy a license right now if you can tell me that FreeBSD is getting close.

thanks...

Steve

Tue, 01/23/2007 - 18:33
DavidDawson

Yes, I too am awaiting to see a FreeBSD release - I have just upgraded my server and it was using a free early version of virtualmin, which I have not installed as yet - I am happy to purchase a licence this time.
Trouble is I need to configure some servers and want virtualmin. What is the latest version to support FreeBSD? Should I try to get that one now and upgrade?
Please let me know.
Dave

Sun, 02/04/2007 - 03:19
IgorTsvetkov

Virtualmin for FreeBSD is badly needed.
Is there any Releas date? or betas?

Sat, 03/10/2007 - 12:02
SteveAcup

Bump.

So many nice new features. I'd love to try them out in FreeBSD. Is the conversion still in work or has it been shelved?

Sat, 03/10/2007 - 12:38 (Reply to #12)
Joe
Joe's picture

Hey Steve,

Definitely not shelved. Just a lot more work than anticipated...(As always with adding new operating systems.)

--

Check out the forum guidelines!

Thu, 04/12/2007 - 22:38 (Reply to #13)
SteveAcup

Joe,
I haven't followed closely enough to remember... is it a reasonable possibility for me to get the Pro version working in a FreeBSD on my own? I saw a recent message from Tony implying he had some success. My experience level is successfully running 5 to 10 Webmin/VirtualMin servers for the past few years, but I've never been able to get LDAP working well.

By reasonable, maybe less than 10 hours effort? Or even better, is there a rough procedure posted somewhere I missed that would guide me?

thanks..
Steve

Fri, 04/13/2007 - 19:01 (Reply to #14)
Joe
Joe's picture

Hey Steve,

If you've got Virtualmin GPL running on your boxes, then the effort is almost zero. Just grab the new version of the module in wbm format from our repository using the serial number and license key as the username/password to login, and then install it. There's actually a new "Upgrade to Virtualmin Professional" feature in Virtualmin GPL version 3.39 and above...which will work on any OS.

We're keeping this on the down low, since it leaves off lots of the configuration stuff that we do automatically on a Professional system--hopefully to avoid anyone thinking they can just drop Webmin onto a box, install Virtualmin GPL (without doing all of the crap needed to make it work), and then upgrade to Virtualmin Professional, and expect it all to work. It's a different beast going this route to a Virtualmin Professional system...primarily targeted at folks that know kinda what they're doing. Most FreeBSD users seem to fall into that category. ;-)

If you've run Virtualmin GPL for years, then you'll have no trouble running Professional. I would expect an hour or so from fresh OS install to working Virtualmin system, if you know exactly what you're doing. As for LDAP, bring up the specifics here in the forums or on the Webmin mailing list, and we'll see what we can do to help. I dunno that I recommend it, since it adds quite a bit of complexity without a lot of payoff in a virtual hosting environment (there are exceptions--like if you have a very few domains, but a whole heckuva lot of mailbox users...like thousands of them).

--

Check out the forum guidelines!

Wed, 05/02/2007 - 10:50 (Reply to #15)
JaronParsons

I am using FreeBSD and installed the GPL version first, then used the wbm.
My question is where do i put the serial/license information, and how do i let virtualmin know it is there.

Thanks.

Thu, 05/03/2007 - 19:34 (Reply to #16)
Joe
Joe's picture

Hey Jaron,

The license and serial number go into:

/etc/virtualmin-license

And the form of the file is:

SerialNumber=XXXX
LicenseKey=YYYY

Where XXXX is your actual serial number and YYYY is your actual license key.

There's a new upgrade mode for Virtualmin GPL, as well, that will ask for these details and set it up for you (it'll also download the Professional module--we're working hard these days on making the upgrade path painless).

--

Check out the forum guidelines!

Sat, 04/14/2007 - 14:04
SteveAcup

I hadn't upgraded to the most recent version yet. I'll try a new install, buy a copy of the PRO versionand try the upgrade.

thanks....

Steve

Sun, 04/15/2007 - 22:57
SteveAcup

Joe,
Do you have a list of packages, versions and configurations options so that I can match your Pro baseline as closely as possible. Make things work better in the future when you release the FreeBSD version.

For example: apache 2.2, proftp, Dovecot, Spamassassin, ClamAssassin, webalizer, plus others....

thanks...

Steve

Mon, 04/16/2007 - 18:18 (Reply to #19)
Joe
Joe's picture

Hey Steve,

Versions don't matter. We support all of 'em. ;-)

The tricky bits are primarily to do with mail, and default locations for things. So, I'll cover that:

MTA is Postfix

MDA is procmail (all filtering happens via procmail rules on a per-user or per-domain basis, so it's highly configurable)

Mail spools are Maildir in $HOME/Maildir

POP3/IMAP is Dovecot 1.0 (gotta be 1.0 because 0.99 doesn't support group membership, so you can't lock down the homes...in Virtualmin 3.39 and above, 750 is the default for home directories, and we recommend you configure your system to work around that, rather than changing it).

SMTP authentication is Cyrus saslauthd

Homes are /home/domainname (with sub-servers living in /home/domainname/domain/subservername)

User and group quotas enabled for /home

Hmmm...I think that's the biggies. Everything else is probably easily adjustable and can be set to taste.

We have a standalone version of the setup script here:

http://software.virtualmin.com/lib/virtualmin-base-standalone.pl

This will not run successfully on FreeBSD (yet)! But it'll give you a good idea of what we're doing with our configuration steps. There's a new version of virtualmin-base in QC now that's going to do quite a bit of additional stuff, and adds a number of useful dependencies to the mix. But, core system-wise the above is all that matters--adding other modules and other packages it non-disruptive.

--

Check out the forum guidelines!

Wed, 04/18/2007 - 21:24
TonyShadwick

Miki - if you're not opposed to paying for consulting, I can get either the GPL version or the Pro version up and running for you no problem. Just let me know if it's a single box install, or if I'd be working with existing configs (ie, DNS servers scattered about, non-local services, special services, etc).

Also helps to have the latest FreeBSD, and have your ports tree current.

Just let me know! We're running it here without issue.

Wed, 04/18/2007 - 21:26
TonyShadwick

Oh, btw - we use a slightly different config than Joe mentions, but using his config is no problem at all. On our systems we use Sendmail for SMTP and SASL2, saslauthd. IMAP we aren't using anything right now, but Dovecott is simple enough. We're intending to implement dbmail, but that's besides the point. :) Oh, and we're using Apache21.

Wed, 05/02/2007 - 10:52
JaronParsons

also, This is a new OS install, if there was a method to install it fresh on freebsd, I would rather have done that but it looks like it is still under development. If there is a method of running the install script under FreeBSD can you give me the steps.

Thu, 05/03/2007 - 19:36 (Reply to #23)
Joe
Joe's picture

<i>also, This is a new OS install, if there was a method to install it fresh on freebsd, I would rather have done that but it looks like it is still under development. If there is a method of running the install script under FreeBSD can you give me the steps.</i>

install.sh does not work with FreeBSD yet. (Making script work is the easy part. The hard part is packaging the software using native packages and testing it all.)

I'm hoping to offer FreeBSD support by the end of the month. But it's never safe to believe me when I put dates on OS support--adding new ones always take longer than anticipated.

--

Check out the forum guidelines!

Sat, 05/12/2007 - 17:36
ThomasM

Tony,

It would be nice for an installation guide if you have succesfully managed to install Virtualmin on FreeBSD. If you want money to have it published in public, im shure there are a few people willing to pay for this.

Best Regards.

Fri, 05/25/2007 - 20:00
SteveAcup

All,
Thanks for the info on FreeBSD setup. I've been sidetracked for awhile, ut I'll try to install on a clean machine tonight, see how it goes.

Has anyone had trouble with username length. In previous webmin/virtualmin setups I've adjusted the default freebsd username length from 15 to 47 chars. That way my user names can be user@fullyqualifieddomain.name With 15 chars I could only do user@fullyquali and that would create a duplicate name if I was also hosting fullyqualifieddomain.com.

I never did like small psuedo-random user names with aliases to the human readable email names.

Steve

Sat, 05/26/2007 - 01:19 (Reply to #26)
Joe
Joe's picture

Hey Steve,

<i>Has anyone had trouble with username length. In previous webmin/virtualmin setups I've adjusted the default freebsd username length from 15 to 47 chars. That way my user names can be user@fullyqualifieddomain.name With 15 chars I could only do user@fullyquali and that would create a duplicate name if I was also hosting fullyqualifieddomain.com.</i>

That limit was put in place specifically for FreeBSD users! ;-)

If FreeBSD now supports longer names than that, we'll all be happy to hear it. I always thought it was a stupid nuisance, and it's one of the things I didn't look forward to officially supporting. (I've just started work on the FreeBSD version of the installer, so I'm still learning.)

<i>I never did like small psuedo-random user names with aliases to the human readable email names.</i>

Yeah, we don't like it either. That's why we always liked Linux better for Virtualmin. But, if it's been corrected in FreeBSD, that's even better. ;-)

--

Check out the forum guidelines!

Sat, 05/26/2007 - 00:59
SteveAcup

OK, Virtulmin Pro is up and running on FreeBSD. Took 5 hours, but I've never set up postfix before, and the webmin had a failure getting the mapping file setup. The script Joe provided at http://software.virtualmin.com/lib/mail-setup.pl to resolve bug 830 did not run on freebsd and had to be re-written.

One error I cannot resolve:

.. install failed : Module security-updates does not support this operating system (FreeBSD 6.2)

I haven't actually tested mail yet, but all programs are installed, and VPro says it is ready and running OK.

Top left corner of the menu has the Virtualmin tab overlaying the login: username field.

Sat, 05/26/2007 - 01:25 (Reply to #28)
Joe
Joe's picture

Hey Steve,

<i>The script Joe provided at http://software.virtualmin.com/lib/mail-setup.pl to resolve bug 830 did not run on freebsd and had to be re-written.</i>

Yeah, all of our scripts are quite specific to the supported Operating Systems, and should never be expected to work on an unsupported system. They can be looked to for guidance on what we do when setting up a system, but they are by no means a substitute for knowing how things ought to be done on the system you're working with.

<i>One error I cannot resolve:

.. install failed : Module security-updates does not support this operating system (FreeBSD 6.2)</i>

Nothing to resolve there. We don't support FreeBSD packages or ports yet, so the security updates module isn't going to work on that platform. It'll have to be updated manually. This will change in the next few weeks, as I am now actively working on BSD support. But, for now, FreeBSD brings a few extra hassles.

<i>Top left corner of the menu has the Virtualmin tab overlaying the login: username field.</i>

Restart your browser, or force a reload of /unauthenticated/style.css. This is just an old stylesheet hanging around.

Webmin theme support pre-dated all of this new-fangled CSS and JavaScript stuff, so it doesn't very gracefully handle them. That's a quirk that will be corrected in the not distant future.

--

Check out the forum guidelines!

Sat, 05/26/2007 - 09:53
JaronParsons

This is from the manpage for the adduser script on a fresh FreeBSD 6.2..

RESTRICTIONS
username
Login name. The user name is restricted to whatever pw(8) will
accept. Generally this means it may contain only lowercase char-
acters or digits. Maximum length is 16 characters. The reasons
for this limit are historical. Given that people have tradition-
ally wanted to break this limit for aesthetic reasons, it has
never been of great importance to break such a basic fundamental
parameter in UNIX. You can change UT_NAMESIZE in utmp.h and
recompile the world; people have done this and it works, but you
will have problems with any precompiled programs, or source that
assumes the 8-character name limit and NIS. The NIS protocol
mandates an 8-character username. If you need a longer login
name for e-mail addresses, you can define an alias in
/etc/mail/aliases.

Sat, 05/26/2007 - 17:00
SteveAcup

OK, on the username length, I should have been more specific. FreeBSD still has the 15 char limit. I recompiled the BSD source and changed the length to 48. It requires 4 very simple and eqasy to find changes. Got to run to dinner now, but I'll post the source changes later tonight.

I'm still a little confused about which parts/modules of VirtualMin are operating system specific and which are not.

I thought from context of previous posts that the upgrade of a GPL system would mostly involve the parts that are cross platform compatible. All loaded except the security.

The main pronlem in the script to fix bug 830 was the paths. I adjusted those and it mostly worked. Problem is it still dies for a reason I cannot determin.

VMin Pro is running though and I can create domains. Now just trying to get the mail set up properly. Postfix is new to me.

Any thoughts on how to allow pop3 for local addresses and force pop3s for untrusted addresses?

Sun, 05/27/2007 - 11:21 (Reply to #31)
Joe
Joe's picture

<i>Any thoughts on how to allow pop3 for local addresses and force pop3s for untrusted addresses?</i>

You can configure Dovecot to listen only on the internal addresses for pop3, if that's the way you define &quot;local addresses&quot;. If it's less specific than that, you'd probably find it simplest to just firewall the pop3/imap port (pop3s and imaps have their own ports) to only allow access to the local addresses.

Dovecot also supports IP checking via PAM, but I'm not sure off-hand how that works or how it is configured.

--

Check out the forum guidelines!

Sat, 05/26/2007 - 19:46
SteveAcup

I asked the wrong question about pop3. Should have been how can I allow smpt authorization by IP address for trusted addresses inside my network, but require openssl and smtp auth for untrusted IP for customeres on the road.

To make Freebsd support longer usernames - For username up to 48 characters:

Change MAXLOGNAME in /usr/include/sys/param.h to 49
Change MAXLOGNAME in /usr/src/sys/sys/param.h to 49
Change UT_NAMESIZE in /usr/include/utmp.h to 48
Change UT_NAMESIZE in /usr/src/include/utmp.h to 48

This works in FreeBSD 5.3+. Somewhere before 5.3 you also had to modify adduser because it did not read the system defaults properly.

Modify adduser --- not needed in 5.3+
cd /usr/src/usr.sbin/adduser
change adduser.perl line from]16 to]48
make install to rebuild adduser if you're not rebuilding world.

Some systutils would not display properly in 5.3. For example, &quot;top&quot; had all the data, but the headers did not line up to show memory usage in the proper places. This is fixed in 6+.

Sun, 05/27/2007 - 10:01
SteveAcup

I just discovered something new about FreeBSD 6.2.

I had skipped all the steps to change the max usernamesize to 48 chars (oops) and Virtualmin still worked with large user names. Not quite sure how. The only thing that doesn't work is trying to log onto the server console with a large username. That fails with an invalid argument error. Earlier versions would not let virtualmin even add large usernames unless the code was recompiled. I gather that the behaivor in 6.2 has been changed to not allow large logins rather than not allow creation of large names.

I created a user named steve-12345678901.com (21 chars).

I can send mail and receive mail via outlook express through postfix and dovecot. I can log onto usermin and send and receive mail. Proftpd allows the user to logon and transfer data.

I prefer users not being able to log onto the server console. I'll test further to see if anything is broken, but looks good.

Sun, 05/27/2007 - 11:29 (Reply to #34)
Joe
Joe's picture

Hey Steve,

<i>I had skipped all the steps to change the max usernamesize to 48 chars (oops) and Virtualmin still worked with large user names. Not quite sure how.</i>

Magic. ;-)

Actually, Webmin and Usermin can fall back to handling user:pass checking on its own (regardless of PAM, shadow, MD5 vs. crypt, etc. configuration). It has no (reasonable) username length limitations. If you have the Perl PAM module installed, it'll use PAM and be limited by whatever PAM imposes.

All of the others surprise me, since they are almost certainly using PAM to authenticate. (I'm wholly unfamiliar with the innards of FreeBSD...I assume it uses PAM in some form.)

<i>I gather that the behaivor in 6.2 has been changed to not allow large logins rather than not allow creation of large names.</i>

That's nicer. But prone to pain for users that aren't aware of it. We'll keep the 15 char username limit in place, by default on FreeBSD, and document the variable changes needed (Thanks for digging those details up and sharing them, by the way!).

--

Check out the forum guidelines!

Mon, 05/28/2007 - 08:58
SteveAcup

That would explain it... Virtualmin uses its own routines and handles the increased username size, while BSD routines keep the limit and require the re-compile.

I suspect that I'll have to recompile the OS anyway to allow the system to fully support 48 char username, just to make sure something down the road doesn't bite me.

I've been running GPL Virtualmin on BSD 5.3 and 6.1 with the 48&amp;49 char changes above successfully for awhile now with no problems.

Steve

Tue, 05/27/2008 - 16:21
Joe
Joe's picture

Howdy Miki,

I agree, which is why FreeBSD is still not listed as a Grade A supported OS.

I don't know that I'd call it half ready, however...several folks are using it in production. And, of course, most of the problems are things we simply can't fix.

FreeBSD has some limitations that make it less than ideal for virtual hosting, unfortunately, and we can't fix them.

Secondary group limits means that homes have to have permissions of 751, instead of 750. This isn't a huge concern, as long as your users don't habitually set permissions to 777 &quot;for testing&quot; and then forget to set them to something sane (this is never a good idea, but it's ridiculously common and I still see people suggesting it on various PHP programming forums).

Username length is uncomfortably short, and a recompile of world is required to fix it (and we're not even going to think about recompiling world as part of our installation process!).

Some of the ports and pkgs are broken. ProFTPd is the most obvious of these, and I've noted it in the release announcement for FreeBSD support (and it'll be in the new per-OS installation notes that I'm writing as we speak). There's a bug report in the FreeBSD bug tracker about ProFTPd from January, but it hasn't been fixed, as far as I know. There's not much we can do when the OS is broken--we have enough on our plates without having to fix the underlying OS. ;-)

But, we definitely want to know about any other problems you had with the install. If it's not a &quot;known issue&quot; I'd like to at least know about it...and maybe I can even fix it.

--

Check out the forum guidelines!

Tue, 05/27/2008 - 16:23 (Reply to #37)
Joe
Joe's picture

BTW-The OS support page is here:

http://www.virtualmin.com/os-support.html

It is listed in the menu at the bottom of every page, as well.

--

Check out the forum guidelines!