FreeBSD uses md5 to encrypted passwords for user accounts. However, blowfish is available in all recent versions of FreeBSD and its easy to change the default crypt method to use blowfish instead
In /etc/login.conf change
:passwd_format=md5:
to
:passwd_format=blf:
and recreate the login capability database:
$ cap_mkdb /etc/login.conf
Now have each user change their password. Start with your current login.
$ passwd
Changing local password for {current user}.
new password:
retype new password:
passwd: updating the database. . .
passwd: done
To confirm your changes, type:
$ grep ${USER} /etc/master.passwd | cut -d: -f2
The second field in your password file, which is the cipher of the passwords, should begin with $2 now which indicates the use of blowfish.
Then in /etc/auth.conf change
#crypt_default = md5 des
to
crypt_default = blf md5 des
All new users you now create with adduser will now have their password encrypted in Blowfish.
FreeBSD allows you to perform an instantaneous change to your system clock while the host is booting up no matter how great the difference between a machine's current clock setting and the correct time.
To enable, add the following to /etc/rc.conf
ntpdate_enable="YES"
ntpdate_hosts="north-america.pool.ntp.org"
I keep a copy of the FreeBSD source and ports repository locally on disk so its possible for me to work offline and still be able to review the revision history of a file or views diffs. I have been running csup from the root crontab at night to keep my local copy fairly up to date.
However, I rewrote the script to be a job that is executed by periodic and then have the output of csup included with the daily run output emails I get each morning so I can quickly see the changes to the ports tree.
Place a copy of 600.csup into /usr/local/etc/periodic/daily (you may have to create this directory if it does not exist)
#!/bin/sh
#
# $FreeBSD$
#
# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/periodic.conf ]
then
. /etc/defaults/periodic.conf
source_periodic_confs
fi
case "$daily_csup_enable" in
[Yy][Ee][Ss])
if [ -z "$daily_csup_supfile" ]
then
echo '$daily_csup_enable is set but' \
'$daily_csup_supfile is not'
rc=2
else
if [ -z "$daily_csup_binary" ]
then
daily_csup_binary=/usr/bin/csup
fi
if [ ! -x "$daily_csup_binary" ]
then
echo '$daily_csup_binary is set but ' \
$daily_csup_binary 'is not executable'
rc=2
else
out=`$daily_csup_binary $daily_csup_supfile`
rc=$?
echo "$out"
fi
fi;;
*) rc=0;;
esac
exit $rc
To enable the script, add the following to /etc/periodic.conf.local (which may need to be created if it does not exist)
daily_csup_enable="YES"
daily_csup_supfile="/home/skreuzer/cvsup/freebsd-cvs-supfile"
One thing to keep in mind is that all scripts the get executed by periodic daily are run at 3:01am localtime so it will cause a huge spike in traffic if you have lots of machines connecting to the same csup server all at the same time.
Today marks my 1 year anniversary as a FreeBSD developer. I opened my first Problem Report in 2006 and after roughly three years of hacking on the ports system, wxs@ offered to mentor me and on March 11th, 2009 I received an email saying that the port-mgr@ team approved his request for a commit bit for me. I happened to be on vacation in Mexico when I got the email, and just like that a good day turned even better.
The first port I ever created was for mail/p5-WWW-Hotmail. I was working for an Internet Startup and I took the job simply because they were using FreeBSD and I never had an opportunity to use FreeBSD in a production environment. One of the tasks that landed in my lap was to automate the process of checking to make sure that our newsletter was not being delivered to the spam folder of the 3 big emails providers. I took a day or so to learn how to make ports and packages to make it easier for me to roll out all the perl modules I needed.
I wasn't too happy working at that company, and after a while hacking on ports became a form of therapy for me and I started to get more and more involved with the FreeBSD project and I eventually ended up here.
In the past year I managed to make 148 commits and introduced several new ports into the tree. As of today, there are 21,636 ports available, and it feels pretty good to be a small part of that. While I would have liked to have been able to dedicate more time, other things kept getting in the way. My 1 year resolution is to figure out a way to better manage my time and try and set aside a few hours per week to hack on ports.
I want to say thank you to wxs@, because without him, I wouldn't be a part of this. I was the first person he mentored, and I consider myself very fortunate to have gotten the chance to work with him. He is extremely bright and very patience and just an all around good guy. Even today when I paint myself into a corner, I can always ask him for help and every time he has managed to guide me in the direction I wanted to go. I owe a great deal to him and consider him to be a very valuable addition to the FreeBSD developer community as a whole.
Thanks to a generous donation by Nathan Whitehorn, a Sun SunFire v210 is sitting on the floor of my office waiting to have FreeBSD installed on it. Since this is the fastest sparc64 machine we have, Mark Linimon and I are planning on using it as a package building machine. However, if there is any other developer who would like to use it as a reference platform, please get in touch with me and I will set you up with access.
In the past, due to our limited access to the sparc64 platform, we were not able to support this architecture as well as we would have liked to. Packages available for sparc64 have fallen behind packages for other architectures such as i386 and amd64. However, once this machine is up and running, I have a strong feeling it will become a valuable resource to the FreeBSD developers working on making sparc64 a Tier-1 architecture
Lets say you have an IP address, 192.168.0.10, and want to store that in a table. The most common method people seem to use it to store it as a CHAR(15).
However, you probably want to search on this column and therefore want an index on it.
MySQL has two built-in functions, INET_ATON() which converts Internet addresses from the numbers-and-dots notation into a 32-bit unsigned integer, and INET_NTOA() which does the opposite.
Putting it to the test:
mysql> SELECT INET_ATON('192.168.0.10') AS ipn;
+------------+
| ipn |
+------------+
| 3232235530 |
+------------+
mysql> SELECT INET_NTOA(3232235530) AS ipa;
+--------------+
| ipa |
+--------------+
| 192.168.0.10 |
+--------------+
So you can store an IP address in an INT UNSIGNED (4 bytes) which is more efficient and faster than a CHAR(15). Naturally, you can call the function while you're inserting, so something like this is fine also:
INSERT INTO tbl VALUES (..., INET_ATON('192.168.0.10'), ...)
In MySQL 5.0, you can even do this transformation inside a LOAD DATA INFILE command, without using temporary columns:
LOAD DATA INFILE 'filename'
INTO TABLE tbl
...
(col1, ..., @ipa1, ..., coln)
SET ipn = INET_ATON(@ipa);
So in the list of columns you assign this column to a server-side variable, and then assign the transformed value to the proper column in the SET clause.