Re: Mouse moving on its own, kbd typing on its own
FYI, despite any hacking practice I have seen this keyboard and mice legitimately happen under two circumstances: 1) using not compatible mice under KVM switch (eg, ATEN switches with >1000dpi up mice) 2) switching keyboard layout under X without AutoAddDevice in xorg.conf Indeed, one legitimate question is..if replication of this eandover can maybe easily produced in any system? -Dan Mar 11, 2024 15:35:17 ofthecentury : >> On Fri, March 8, 2024 4:43 pm, ofthecentury wrote: >>> I have a USB mouse that starts to move a little >>> on its own once in a while when I'm browsing the internet using chromium. >>> My USB keyboard >>> is also acting up...it just started typing spaces all of a sudden as I was >>> typing up this email and wasn't reactive to any input until I unplugged it >>> and plugged it back in. Is it Chromium? Or is it OpenBSD? I think it's >>> Chromium, but how to get to the bottom of it? >>> I'm on OpenBSD 7.5 right now, but I've seen it >>> on OpenBSD 7.4. And I've seen this on my Fedora 39 installation before, by >>> the way. I think it's a major security flaw somewhere.
Re: Mouse moving on its own, kbd typing on its own
ofthecentury : > I think it's a major security flaw somewhere. Yes, summarizing.."some lords" are profiting from hackers - who has no more civilizationation - using your pointer, saying in name for the flag, against the civilizations, biggest enemy of the empire. I think so. -Dan
What path you would bytecode scan?
Hello, I try again.. If you could have the chance to bytecode scan by your av your station what path you would scan taking the risk of false detections? Thanks! -Dan
Re: cwm randomly pops up "search for windows" box
> At random intervals the cursor jumps to the top left corner of the screen and > the "search for windows" box pops up > This behavior started about a month ago and has persisted. Maybe it is just matter of user adoption, and you need one more year. Go for it.. However, guessing, in this mailing list we arent in the need of the "american chamber of commerce". By memory, we neither are starving for it installing or buying our hardware components. -Dan
Re: Fwd: Disk encryption cipher
It's about private messages. Kirill A. Korinsky : > I wonder how did you blacklist someone by IP who sents his emails into > maillist? By parsing all Received headers to find some bad IP? Or?
Re: Fwd: Disk encryption cipher
Admitting without psycho guys, heartbreak exchanges, NSA (at least) readers this mailing list is without pepper. However, sometimes also the OT of Jan are interesting. Initially I blacklisted his ip. Then, understood the music, I started to find its approaching intriguing.. ;D -Dan Mar 6, 2024 09:36:19 ofthecentury : > Who's this psycho Jan Stary telling people new to OpenBSD not to use > an appropriate public mailing list for legitimate questions?
Re: OT: Test new email conf
Darling, they know me as an ethical guy. So, my true blogs are usually offline cause the italo-american meritocracy and their "liberty".., I'm really sorry for the business... NB: I suggest you to adopt true western names to make your tricks, indeed, they are so cool -Dan Mar 5, 2024 20:20:36 Mizsei Zoltán : > Please consider to start a blog about your adventures. Thanks. > > Regards, > -ext
Re: OT: Test new email conf
The past days I was managing to try it the admin interface of BookMyName (iliad) and sorry for the wanted advertisement.. (it is affordable) Suddenly I found myself in front of a transliteral (from the French) saying very closed to the following: "Please fill in a backup email address (attention by suppling an email address different to the registration email you are admitting to currently use more than one email address!)". I personally felt faintened, almost doomed.. -Dan Mar 2, 2024 07:54:55 Nowarez Market : > Hello, > > You can take it like a *curtesy email* to disclose my new email address. > Kindly thxs and take care of the pacman..
Re: can't find PID
And often we would live off a desktop environment as we aware of. this is poetry I think.. Mar 5, 2024 16:44:50 deich...@placebonol.com: > not wanting to speak for someone else, but I'm pretty sure it was sarcasm. > > On March 5, 2024 8:21:40 AM MST, ofthecentury wrote: >> Well, that's not very noice. Where is security?
Re: can't find PID
And once upon the time 'offtheshell' was around.. :D Theo de Raadt : > PID 6504 was my shell. I've logged off now. > > What are you expecting here?? > > > ofthecentury wrote: > >> Yes, I'm tcdupming pflog and ALL my dropped packets >> reference some PID 6504 that is not found among >> the processes that are running. I was actually not fishing >> for PIDs,
Re: drm_dp_dual_mode_detect *ERROR*
One err message more (after machdep.allowaperture=2): drm:pid0:intel_dp_aux_wait_done *ERROR* [drm] *ERROR* AUX C/DDI C/PHY C: did not complete or timeout within 10ms (status 0xa143003f) >Hello, > >Testing a new monitor with speakers connection by a DisplayPort >adapter >to HDMI.. I came to realize the real problem related to these messages >appearing at boot time and dmesg: > >drm:pid38311:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected >DP dual mode adaptor ID 20 > >drm:pid26205:drm_dp_dual_mode_detect *ERROR* >[drm] *ERROR* Unexpected DP dual mode adaptor ID 20 > >..in few words the DP adapter that should pass audio and video >channels >together let pass the video flow only (and indeed I'm able to use my >new screen) but without the audio channel (HDMI cable and connection >tested). > >Hope this is helpful, thanks > > >== Daniele Bonini
drm_dp_dual_mode_detect *ERROR*
Hello, Testing a new monitor with speakers connection by a DisplayPort adapter to HDMI.. I came to realize the real problem related to these messages appearing at boot time and dmesg: drm:pid38311:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 drm:pid26205:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 ..in few words the DP adapter that should pass audio and video channels together let pass the video flow only (and indeed I'm able to use my new screen) but without the audio channel (HDMI cable and connection tested). Hope this is helpful, thanks == Daniele Bonini
Re: Three more orphan packages
Thanks Nick, after your answer I purged again the files and I'm patiently waiting to see popping the *ffs chops* again to confirm the problem. I also launched a "grep -R" on /etc without luck. == Daniele Bonini Nick Holland wrote: > On 11/16/23 18:12, Daniele B. wrote: > > > in /var: > > /nagios/ > > /nagios/rw/nagios.cmd 0 kb > > /nagios/objects.cache 27.0 kb > > /nagios/retention.dat 35.9kb > > > > If I try to delete /var/nagios this is recreated probably at system > > boot. > > > > There is no cron job nor rc service present apparently for Nagios > Never, EVER say, "there is no ..." until you find the actual cause. > > Obviously something is creating it. The OpenBSD Startup process is > very straight forward, it really shouldn't be too hard to find. A > "grep -R" of a few appropriate strings in the /etc directory would > probably find the culprit pretty easily. You could also read and > understand rc(8) and find what is going on by following the startup > process.
Re: Report MiniPC Fujitsu Esprimo Q920
Just dropping an update about my student mini-pc. I just come from the upgrade of its named stick to 32gb with the inherited upgrade to FFS2 due the applied newfs. And this solved the performance issue! Indeed this endeover push me to think that from 7.3 the os is specifically tuned to FFS2 in some of its parts but I leave to your insights eventual clarifications.. == Daniele Bonini "Daniele B." wrote: > Sep 28, 2023 00:36:47 Mike Larkin : > > > I don't see any evidence below to support the claim of "acpi prbs". > > How did you arrive at that conclusion? > > Sorry for the late answer. > > I have just gave a fast look to dmesg without detailed knowledge of > it. So do not take my statement so resolutive, please. > I saw in dmesg many "not configured" indeed.. > From Bios I have disabled all the sata connectors and some > proprietary, from Fujitsu and non "security features". As stated in > misc@ the minipc is running but from 7.3 lost much in performarce. I > saw also a temperature alert in dmesg but the temperature is fine. > > The minipc is always my studio, let me know for any other doubt. > > Thanks a lot indeed.
Re: Upgrading from 7.3 to 7.4 with sysupgrade
Mihai Popescu : > Make it Rust or GTK based, but please include the support for http, it > is more convenient to do it remotely using www. Do OpenBSD running seriously on Ruby, Python, etc, etc and then we discuss about www that appears the only think we can still like to run over it, and sorry for the point over the "i". Note: I just launched software written with them and the only think that I remain with is the thought to try Go, maybe in Docker.. -- Daniele Bonini
Re: Porting shell scripts from Tiny Tools
Just made an addition to Tiny Tools for OpenBSD, regextr - a reg expression facilitator for everyone. It is curious because anyone can customize it with its own abstract syntax. Furthermore it can be used yet to compose expressions like: wiz$ echo lol | pcregrep "`./regextr cap capname text /capname l repeat /cap`" lol You can find it here: https://github.com/par7133/tiny-tools Have fun! == Daniele Bonini
Re: Three more orphan packages
Just found out that in my system persist the following stuff: in /etc/passwd: user _nagios in /var: /nagios/ /nagios/rw/nagios.cmd 0 kb /nagios/objects.cache 27.0 kb /nagios/retention.dat 35.9kb If I try to delete /var/nagios this is recreated probably at system boot. There is no cron job nor rc service present apparently for Nagios. Any explanation for this happening and any help to clean away all properly? == Daniele Bonini "Daniele B." wrote: > Just found these orphan packages: > > [..] > > monitoring-plugins-2.3.3p0 > monitoring-plugins-mysql-2.3.3
Re: Java applications forget the splash on the left most screen
Same problem for plugin settings windows, they get forgotten on the first screen. == Daniele Bonini "Daniele B." wrote: > Hello, > > I do not know if it is pertaining your intervention range but > given 2 physical screens, > java applications like eg. NetBeans appear forgetting the initial > splash window on the left most screen. > > > == Daniele Bonini
Re: Reptar aka CVE-2023-23583
Is it always safe to launch fw_update before a sysupgrade to last safe release? And, if it is not, eventually for this specific case? Thanks! == Daniele Bonini Christian Weisgerber wrote: > not jacinda ardern: > > > I saw something about a new intel microcode coming out (subject > > line) for a goofy new bug somebody found. Do you guys package that > > up into the fw_update (firmware.openbsd.org) magic or does it only > > come via the oem's bios updates? > > Whatever Intel releases. > > Yesterday they published a microcode update that should address this. > The updated firmware package is already on the mirrors. > > > CVSROOT:/cvs > Module name:ports > Changes by: j...@cvs.openbsd.org 2023/11/14 16:34:51 > > Modified files: > sysutils/firmware/intel: Makefile distinfo > > Log message: > update intel microcode to 20231114 > > release notes: > https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20231114 > > mitigates: > https://lock.cmpxchg8b.com/reptar.html > https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/redundant-prefix-issue.html >
Re: Upgrading, release by release, from 6.8 to 7.4 -- my experience
Daniel Ouellet wrote: > ready-0-75$ doas dumpfs /dev/rwd0a | head -1 > magic 19540119 (FFS2) timeWed Nov 15 18:55:57 > 2023 Thanks for this one. Just discovered of my own upgrade to FFS2 changing to larger stick.. == Daniele Bonini
Re: Porting shell scripts from Tiny Tools
Ok received, thanks. Omar Polo wrote: > On 2023/11/15 16:13:04 +0100, "Daniele B." wrote: > > Testing regex for these "tiny tools" I noticed that both sed and > > grep have a limited support for regex syntax. In the case of grep I > > had to revert to pcregrep to get something better. > > these tools by default use basic regexps (BRE). You need egrep(1) (or > grep -E) and sed -E to get extended regexps (ERE).
Re: Porting shell scripts from Tiny Tools
Testing regex for these "tiny tools" I noticed that both sed and grep have a limited support for regex syntax. In the case of grep I had to revert to pcregrep to get something better. -- Daniele Bonini Nov 14, 2023 23:52:01 Daniele B. : > Daniele B. : > >> You can find the first of these shell tools, "nana" (my daughter chinese >> name that in italian means 'short female') resembling and >> enanching the original tool "num". It is here on https://bsdload.com > > I just finish to convert the most of them adding the following tools: > - fun (was fn), to search a function name and list its code > - var (was itok), to search a variable listing the code lines > > Hope you can find them somewhat useful. Have fun!
Porting shell scripts from Tiny Tools
Daniele B. : > You can find the first of these shell tools, "nana" (my daughter chinese name > that in italian means 'short female') resembling and > enanching the original tool "num". It is here on https://bsdload.com I just finish to convert the most of them adding the following tools: - fun (was fn), to search a function name and list its code - var (was itok), to search a variable listing the code lines Hope you can find them somewhat useful. Have fun!
Re: umb0: open error: FAILURE
Nothing useful from here, the device one time inserted gets in an attach / deattach loop.. -- Daniele Bonini Nov 14, 2023 17:45:22 Daniele B. : > I own here an Huawei 4g/lte (affordable, 150mbps) dongle that I use sometimes > as backup connection > but not for OpenBSD directly. I see it is still on Amazon. If you want I can > try it under OpenBSD and eventually > I pass you the relative info.
Re: umb0: open error: FAILURE
I own here an Huawei 4g/lte (affordable, 150mbps) dongle that I use sometimes as backup connection but not for OpenBSD directly. I see it is still on Amazon. If you want I can try it under OpenBSD and eventually I pass you the relative info. Nov 14, 2023 16:16:15 Samuel Jayden : > Hi Stuart, > > > I will try to upgrade the SIMCOM LTE module's firmware. Maybe it can > solve the problem. > Also I've got a related question: > How can I connect to (mbim-mode) lte modem's AT interface. > As I realized, I can not connect to an LTE device which has switched to > mbim-mode under OpenBSD. > Before mbim-mode I was able to connect to it via cu -l /dev/cuaU2 > > Thanks.
Re: Porting shell scripts from Tiny Tools
I'm not sure your call is directed to me. But I take it like a compliment if this stuff is inspirational for you too. Indeed, cat miss an -o for line offset. Putting my hands on OpenBSD development will require a lot of time and effort, upgrade of my stick to current and dev tools, C refresh with a nice C pointers welcome, passing by your coding style and practices, and more.. I personally would like to have more fun on this Tiny Tools for now. Meaning, go certainly ahead to enhance cat or any tool of OpenBSD we all like. However, thanks for the answer and involvement. -- Daniele Bonini Nov 14, 2023 12:19:33 Crystal Kolipe : >> enanching the original tool "num". > > /bin/cat already has the -c option to number lines, although it always starts > numbering at 1. > > Wouldn't it be more useful to add the functionality to start numbering at a > certain offset to /bin/cat by adding an argument to the -c option rather than > creating a new tool?
Porting shell scripts from Tiny Tools
Hello, I got inspired by the Tiny Tools article, by Gerald J. Holzmann, with some useful shell tools code for coding on Unix-like systems. The article is severals years old (jan 2016) and code should be adapted to OpebBSD. But I'm trying to convert them anyway. You can find the first of these shell tools, "nana" (my daughter chinese name that in italan means 'short female') resembling and enanching the original tool "num". It is here on https://bsdload.com Let me get the time to browse the article more and I will keep you posted. -- Daniele Bonini
Re: Creating a softraid mirror from a regular OpenBSD disk
> >> If you are on >> sticks copy machine by three slots are also a solution. > > Running an OpenBSD system entirely from USB sticks, and using a copy machine > to make backups is not a good suggestion for general usage. Indeed, and also depends on their size. > P.S. Daniele, please fix your mailer's reply-to: header. Beside the joke it is a true email forward. Just implemented for the truth. Give me the time to check with my provider if it is all fine. It immediately appears very good like a deterrent ;-). However, sorry for any inconvinience.. -- Daniele Bonini
Re: Creating a softraid mirror from a regular OpenBSD disk
The argument has already been touched recently in other threads. In few words, when the matter is saving the data of one 1 disk the best solution is adopt a backup strategy for that purpose. You can have a backup strategy that involve one or more spare disks. If you are on sticks copy machine by three slots are also a solution. Involving 1 more disk in raid 1 is never a good solution for different reasons the most important one: against a disk failure you put at risk the full raid set; then softraid is never running properly and never good for your disk life beside slowing down your system. The advise is a good backup strategy also against the possibility to adopt other kind of raid involving more disks, increasing your own expense at the important cost of losing a direct touch on your data.
Re: pf logging in ascii and send to remote syslog
Thnx, this seems toasting better..
Re: pf logging in ascii and send to remote syslog
"Peter N. M. Hansteen" wrote: > something like the good old > https://home.nuug.no/~peter/pf/newest/log2syslog.html should still > work, I think. > > - Peter To disable pflogd completely what to you consider best: ifconfig pflog0 down or pflogd_flags="-f /dev/null" = Daniele Bonini
Re: shmmax
Ok, received. Thnx Nov 10, 2023 15:25:58 Crystal Kolipe : > On Fri, Nov 10, 2023 at 03:17:29PM +0100, Daniele B. wrote: >> As my system is still fast and running properly after this tweak I need >> to ask if you think that sysupgrade requires or will (I doubt) any >> special value for shmmax? > > Leave it at the default setting.
Re: shmmax
As my system is still fast and running properly after this tweak I need to ask if you think that sysupgrade requires or will (I doubt) any special value for shmmax? == Daniele Bonini "Daniele B." wrote: > > Seems this tweak needs a vast knowledge, a certain kind > of usage profile and some practicality with the system tools.. > However, I did my homework and I didn't observe any practical > difference: > > [...] > > I actually set: > sysctl kern.shminfo.shmmax=33554432 >
Re: shmmax
Paul de Weerd wrote: > Yes: don't twist knobs when you don't understand what they do. Thnx, it is better then a Theo *template* .. == Daniele Bonini
Java applications forget the splash on the left most screen
Hello, I do not know if it is pertaining your intervention range but given 2 physical screens, java applications like eg. NetBeans appear forgetting the initial splash window on the left most screen. == Daniele Bonini
Re: shmmax
Janne Johansson wrote: > > I'm here asking what > > it is exactly the meaning for 'shared memory' here, and if implying > > that it is eventually the max memory allocable to the graphic card > > is correct. > > No. This is not related to graphics card memory Seems this tweak needs a vast knowledge, a certain kind of usage profile and some practicality with the system tools.. However, I did my homework and I didn't observe any practical difference: I tried this: sysctl kern.shminfo.shmmax=16777216 start: wiz# vmstat -f 3460 forks, 81357 pages, average 23.51 12 vforks, 678 pages, average 56.50 2202 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 launching some apps (NetBeans, Firefox) end: wiz# vmstat -f 3706 forks, 87817 pages, average 23.70 14 vforks, 689 pages, average 49.21 2297 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 then: sysctl kern.shminfo.shmmax=524288 start: wiz# vmstat -f 3761 forks, 89282 pages, average 23.74 14 vforks, 689 pages, average 49.21 2308 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 launching some apps (NetBeans, Firefox) end: wiz# vmstat -f 4003 forks, 95495 pages, average 23.86 16 vforks, 699 pages, average 43.69 2389 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 then: sysctl kern.shminfo.shmmax=33554432 start: wiz# vmstat -f 4107 forks, 97977 pages, average 23.86 16 vforks, 699 pages, average 43.69 2485 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 end: wiz# vmstat -f 4350 forks, 104204 pages, average 23.95 18 vforks, 709 pages, average 39.39 2568 __tforks, 0 pages, average 0.00 49 kthread creations, 0 pages, average 0.00 I'm guessing that for my usage profile I can go with an optimization like this: > sysctl kern.shminfo.shmmax=524288 Any more feedback? == Daniele Bonini
Re: OpenBSD_one_site_web_hosting_software_recommendation
Peter J. Philipp : > Instead of wordpress I invite you to be creative with C programming language > and construct your own BCHS (pronounced beaches) website. Many people have > written their own blogs this way, so have I. Check out my source code for > this at: > > https://gotweb.delphinusdns.org/?action=summary=centroidblog.got > > It could be on github, but I haven't uploaded it there yet. > > https://learnbchs.org/ <-- another great educational site > > Best Regards, Indeed my coporate vacuums are always very welcome here. Nov 9, 2023 14:45:15 Peter J. Philipp : > Instead of wordpress I invite you to be creative with C programming language > and construct your own BCHS (pronounced beaches) website. Many people have > written their own blogs this way, so have I. Check out my source code for > this at: > > https://gotweb.delphinusdns.org/?action=summary=centroidblog.got > > It could be on github, but I haven't uploaded it there yet. > > https://learnbchs.org/ <-- another great educational site > > Best Regards,
shmmax
Hello, I come across the tweak of 'shmmax' and I'm here asking what it is exactly the meaning for 'shared memory' here, and if implying that it is eventually the max memory allocable to the graphic card is correct. >From man sysctl: To set the amount of shared memory available in the system and the maximum number of shared memory segments: # sysctl kern.shminfo.shmmax=33554432 # sysctl kern.shminfo.shmseg=32 I miss also to understand what is the relationship between shmmax and shmseg, eg. I actually set shmmax = 524288 dreaming a the *fastest car*. Thxs! == Daniele Bonini
Re: OpenBSD_one_site_web_hosting_software_recommendation
If you are trying to implement a blog you can try out AvatarFree (php as well): https://avatarfree.org https://github.com/5mode/AvatarFree It is a software on premise, assl and corporation free to own your social presence. Eventually don't forget to edit your skinner.html and metrics.html I am sorry if I'm not intimidated to prop my stuff.. -- Daniele Bonini Nov 9, 2023 12:41:43 soko.tica : > Hello, > > I have a task to launch from scratch one site web hosting google cloud > instance. > > I know OpenBSD does have httpd web server, but I couldn't have found > neither wordpress nor joomla software neither in packages nor in ports (7.4 > -stable). > > Is there a possibility to launch wordpress or joomla on such an instance on > OpenBSD? Which manpages should I read? > Thanks in advance,
Re: Jumbo frame, just a little late..
Thnx for your reply, I'm experimenting in a soho environment with very limited network activity from/to lan. Indeed in the doubt I was leaving the setting in rc.local for now. Can you give us more insight about the trouble? -- Daniele Bonini Nov 7, 2023 19:41:18 Theo de Raadt : > Daniele B. wrote: > >> Actually i'm not sure about the real benefits of it, and for a soho >> environment like mine but after 17 years I decided to take jumbo >> frame seriously.. and MTU values of my network equipment to 9018. >> I watched with happiness also to my old Mac having jumbo frame hard >> coded with MTU 9018 like second choise in the hardware settings. >> >> About OpenBSD (7.3 stable) the only thing I need to ask explanation >> for is the reason of the error "wrong MTU value" popping up by setting >> jumbo frame directly via hostame.mynicdevice; when the setting go >> smoothly up via ifconfig manually or by rc.local. Is the nic device >> initialization dependent on a sane 1500 MTU value, maybe? > > You have no idea what problems you are creating for yourself.
Re: Jumbo frame, just a little late..
Claudio Jeker : > This is not what hostname.if documents as a correct command line. > > Best is if you put mtu 9018 as a single line. Indeed to make things easy I prefer to keep the mtu update in rc.local for now. I was curious to clarify the error problem indeed, thnx.
Re: Jumbo frame, just a little late..
Thanks this solved.. Zé Loff wrote: > From man hostname.if: > > Regular IPv4 network setup: > inet [alias] addr netmask broadcast_addr options > > The third argument after "inet" is the broadcast address. You have > "mtu", which isn't one, hence the error. Try adding "NONE" before > "mtu": > > inet 192.168.XXX.XXX 0xff00 NONE mtu 9018
Re: Jumbo frame, just a little late..
"Peter N. M. Hansteen" wrote: > try "ifconfig $device hwfeatures" and look for the "hardmtu" value. > > it is possible whatever mynicdevice is does not actually support > jumbo frames. Thxs, received, but not this case (hardmtu=9194) and however manually the new MTU value goes up. There is something wrong somewhere, let me know if you need more info.. == Daniele Bonini
Re: Jumbo frame, just a little late..
Sorry Claudio, my fault. wiz# ifconfig reX hwfeatures hwfeatures= [*] hardmtu 9194 by hostname.reX: wiz# nano /etc/hostname.reX: inet 192.168.XXX.XXX 0xff00 mtu 9018 ctrl+S; ctrl+X wiz# sh /etc/netstart ifconfig: mtu: bad value (same eventually at boot time) by shell or rc.local: wiz# ifconfig reX mtu 9018 (accepted) wiz# ifconfig reX reX: flags=8843 mtu 9018 lladdr XX:XX:XX:XX:XX:XX index 1 priority 0 llprio 3 groups: egress media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) status: active inet 192.168.XXX.XXX netmask 0xff00 broadcast 192.168.XXX.XXX == Daniele Bonini Claudio Jeker wrote: > Sorry this bug report lacks all important information. > > a) what is your hostame.mynicdevice contents > b) where does the error pop up? neither netstart nor ifconfig contain > the word "wrong" > c) what interface are you playing with? > > So we can't help you.
Jumbo frame, just a little late..
Hello, Actually i'm not sure about the real benefits of it, and for a soho environment like mine but after 17 years I decided to take jumbo frame seriously.. and MTU values of my network equipment to 9018. I watched with happiness also to my old Mac having jumbo frame hard coded with MTU 9018 like second choise in the hardware settings. About OpenBSD (7.3 stable) the only thing I need to ask explanation for is the reason of the error "wrong MTU value" popping up by setting jumbo frame directly via hostame.mynicdevice; when the setting go smoothly up via ifconfig manually or by rc.local. Is the nic device initialization dependent on a sane 1500 MTU value, maybe? Thxs! -- Daniele Bonini
Re: Italian calendar, calendar.it - errata ver 1.1
Attached ver 1.1 "Daniele B." wrote: > To use it, just copy from the calendar repo in /usr your desired > calendars including the italian one to ~/.calendar/ . > > Then create an index file "calendar" in the same folder listing > your calendars, eg: > > /* > * My own calendar files > */ > > #ifndef _calendar_ > #define _calendar_ > > #include > #include > #include > #include > #include > > #endif /* !_calendar_ */ > > Then simply launch "calendar". calendar.it.tar Description: Unix tar archive
Italian calendar, calendar.it
Hello, Actually I'm not sure what is the process to add a calendar to the calendar repo, /usr/share/calendar. However, I end up to write down the italian calendar you can find attached, hopefully clean from errors. To use it, just copy from the calendar repo in /usr your desired calendars including the italian one to ~/.calendar/ . Then create an index file in the same folder listing your calendars, eg: /* * My own calendar files */ #ifndef _calendar_ #define _calendar_ #include #include #include #include #include #endif /* !_calendar_ */ Then simply launch "calendar". Hope to have got it right and that it could be useful to someone. == Daniele Bonini calendar.it.tar Description: Unix tar archive
Re: Default Revival of a ten years old computer : how would you do it?
You are out of luck, many of us are with old hardware as well and they are very happy with the latest releases of OpenBSD. Then when you talk about your legacy hardware you do not quote any cpu or ram spec. Eventually to start a good dialog you need to do that. -- Daniele Bonini Nov 6, 2023 13:15:47 h...@mailo.com: > > > since few months im discovering openbsd ; as linux has been often recommended > for windows's users with a very slow system, i guess that it's not that > unadvised to use openbsd with a GUI for web browsing and little software (eg > LO, gimp..) > > i have tested "recent" openbsd releases, since 2022, and almost all of them > are a bit slow with xfce/firefox etc. > > i was wondering, for laptops range of 2013/16 years old, what would you > recommmend them for a common web browsing using openbsd? > > I thank you vm
Three more orphan packages
Hello, Just found these orphan packages: fcitx-table-extra-5.0.9p0 monitoring-plugins-2.3.3p0 monitoring-plugins-mysql-2.3.3 all not uninstalled both by uninstalling their parent package and by a 'pkg_delete -a'. == Daniele Bonini
Re: iPhone Charging
Oct 29, 2023 15:55:32 deich...@placebonol.com: > I don't know if y'all noticed but this is an OpenBSD mail list. > > Just saying, the more you post about things unrelated to OpenBSD, the more > likely people are to just delete your posts without reading them. You maybe mean we touched unpolite stuff of this world for dummies? I don't know if y'all noticed.. -- Daniele Bonini
Re: Chinese Support
I do not speak for anyone else other than myself, by these notes and observations. Some OpenBSD developers are actively working from a while on supporting the Chinese language at system level. Like many comunities, some people are chinese, some have chinese relatives and/or friends, some use Taobao and AliExpress. OpenBSD, I think, doesn't want to have particular ties for or against a nation (however, being a north american project you can imagine what is sentiment popping up around and outside the project). Let me eventually know about inconistencies (if you are a ChapGPT observer: TERMINATE) -- Daniele Bonini Oct 29, 2023 09:52:34 Lucretia : > I remember reading somewhere in the project statement that OpenBSD aims to > support as many platforms as possible. But it seems there is anti-Chinese > sentiment concerning hardware. I don't know much about import/export laws and > such, like Peter said in his thread about RISC-V, is tech import bans really > a thing in the world right now? > > Do developers actively work on such hardware regardless; perhaps from neutral > countries. > > Are there any Chinese developers actively working on the project? > > I'm kind of politically stupid, but doesn't closing off tech trade hinder > peace processes between nations? > > Yes, I imagine there are backdoors. > But we have them too. > Isn't it kind of like saying, > "trust us to look through > your panty drawer; > not them." > > -- > "Pray, hope, and don't worry. Worry is useless. God is merciful and will hear > your prayer." > Padre Pio
Re: iPhone Charging
I'm guessing to be not off-topic if I quote, among the others one of my own projects I recently updated, LightOff: https://github.com/par7133/LightOff Anyone who want to support and actively working on it is very welcome. -- Daniele Bonini
Re: PineView not using the whole screen
zeloff wrote: > > Do you consider dangerous chflags to immutable /etc/bsd.re-config > > for the purpose eg. of a system rescue? > No. Received, thanks a lot. -- Daniele Bonini
Re: PineView not using the whole screen
Zé Loff wrote: > man config > man boot_config > man bsd.re-config Do you consider dangerous chflags to immutable /etc/bsd.re-config for the purpose eg. of a system rescue ? -- Daniele Bonini
Re: iPhone Charging
Lucretia : > uaudio0, ugen1. Is it possible it could be manipulated to act as a USB > keyboard or some other kind of potentially dangerous USB input? I guess the question can be turned in: what does OpenBSD under the wood to avoid uaudio0 or ugen1 get transformed in a nice passage to hack my whole system? Eg. I know some of us go around with OpenBSD on usb sticks but our equipment on the desk is safe from usb tools like eg. micro usb equipment inserted in our usb hub? What countermeasure OpenBSD have to these kind of physical penetrations using the usb stack? Finally are uaudio but mainly ugen stress tested to avoid that? Great question indeed, Lucretia!
Re: What could cause high CPU load averages (no actual CPU usage)?
Just to say that I check my temperature monitor for the cpu you want a laptop, you want a mini-pc for what concern the personal use. Different could be the story for the business case (servers). But recalling also some monitoring software like Nagios I do not think the suggestion results very different. -- Daniele Bonini
Re: PineView not using the whole screen
Crystal Kolipe : > On Thu, Oct 26, 2023 at 03:43:20PM +0200, Daniele B. wrote: >> Thanks a lot, appreciated, I solved with 12$ more in my wallet now. > > Then you've saved enough cash to buy three of these: > > https://pckeyboard.com/page/product/PANIC Thinking we are all missing the OpenBSD red phone in silicon, in case there is no misc -- Daniele Bonini
Re: PineView not using the whole screen
Thanks a lot, appreciated, I solved with 12$ more in my wallet now. I'm sure with these chapgpt guys among us they will start to appear keyboards by one "Pyhton" key .. Do not misunderstand, this is why I also "disable ucc" .. Barely, I'm absolutely a fan of that rare object named business keyboard. Extinction is approaching but still far, hopefully. -- Daniele Bonini Zé Loff wrote: > > Crystal Kolipe : > > > > >> Then, if you are asking tips on how to attack my working station > > >> by injection of keystrocks on a pseudo keyboard device I have no > > >> clue but is it important indeed? > > > > > > If you are concerned about that possibility then you can disable > > > the ucc driver. > > > > How to do that, please? > > Is it something easy that doesn't impact my OpenBSD 7.3 stable > > buddy ? > > > > -- Daniele Bonini > > > > man config > man boot_config > man bsd.re-config
Re: PineView not using the whole screen
Crystal Kolipe : >> Then, if you are asking tips on how to attack my working station by >> injection of keystrocks on a >> pseudo keyboard device I have no clue but is it important indeed? > > If you are concerned about that possibility then you can disable the ucc > driver. How to do that, please? Is it something easy that doesn't impact my OpenBSD 7.3 stable buddy ? -- Daniele Bonini
Re: PineView not using the whole screen
Well, here for a secure OpenBSD I'm expecting a minimal usage of resources. But I see..if inserting my physical keyboard I get two keyboard devices attached to run a sleep button properly on a *consumer multimedia product* well..I missed mayb the point and everything is questionable. Then, if you are asking tips on how to attack my working station by injection of keystrocks on a pseudo keyboard device I have no clue but is it important indeed? ( I also asked you in my previous posts to stress test better this ucc driver and parents because my bad experiences with usb keyboards passing by an Aten KVM "Secure" switch, is it anything enlightning? ) A little surprised, sincerelly. -- Daniele Bonini Oct 26, 2023 11:33:25 Crystal Kolipe : > On Thu, Oct 26, 2023 at 10:07:41AM +0200, Daniele B. wrote: >> Just to specify I'm hoping you are going to solve this software issue in >> the next releases (a properly running device driver is maybe better that >> properly running sleep button at my side) > > What software issue are you talking about? > > Do you actually have any keyboards that don't work correctly with OpenBSD? > > What is the problem with the ucc driver attaching as well? Does it break > anything?
Re: PineView not using the whole screen
Just to specify I'm hoping you are going to solve this software issue in the next releases (a properly running device driver is maybe better that properly running sleep button at my side) or I see a group of *users* moving to procure for themselves the right, standard, one device new keyboard.. I'm just here with a bunch of keyboards in my shopping carts, indeed. "Daniele B." wrote: > Crystal Kolipe wrote: > > > https://marc.info/?l=openbsd-tech=162922414816784 > > > Thanks for this one, Crystal: I just solved changing keyboard. > Indeed I had two usb keyboards with me and I passed from a > > Dell KB113T > > to a > > Dell KB212B > > this latter is running correctly using only one keyboard device. > > The difference between the two keyboards is just the sleep button > of the first one.
Re: Dell C400m i830M graphics, works under OpenBSD i386 4.8 & 4.9, freees under current revs
I have no clue about you Dell configuration nor the chipset. However, I can say you my historic mini-pc (among others) has a chipset as well with shared memory *features*. It runs properly under any version of OpenBSD. The only time I experienced these "freees" moments is when I tried to overclock my motherboard over its limits from the Bios (over the limits of the cpu). Most probably your issue has this origin. Double check on the Intel website the spec for the limits of the CPU. Try to take down the amount of memory you allocated for the graphic side, as first, remaining on a nice default (doesn't seems X comes with very high requirements). Do every try one by one. Eventually copy on paper some data and load the defaults as last choice. Hope this help you, but again I don't think this is an OpenBSD issue. -- Daniele Bonini Stephen Harris wrote: > The symptoms of the freeze are similar to those described by i915kms > users, but the C400 laptop (1.2GH Pentium-M, 768M RAM) has the i830M > built-in graphics. > > This freeze also happens with NetBSD, FreeBSD, and several Linuxes. > It works, however, with OpenBSD 4.8 & 4.9. > > The commonality of current distros makes me think it is an X-windows > issue. The i830M is mentioned in the following: > > The Intel 8xx and 9xx families of integrated graphics chipsets have a > unified memory architecture meaning that system memory is used as > video RAM. For the i810 and i815 family of chipsets, operating system > support for allocating system memory is required in order to use this > driver. For the 830M and later, this is required in order for the > driver to use more video RAM than has been pre-allocated at boot time > by the BIOS. > > Which makes e wonder if it is a memory issue. I can bump the Dell > C400 up to 1G RAM if that will help. Is there boot time > configuration(s) I can give the laptop to restrain or expand the RAM > allocated to the i830M?' > > Ideas welcome. > > -Stephen >
Re: Delay in starting xterm via ssh after upgrade from 7.3 to 7.4
Let me joke that we clealry hope in 7.5 to slow down things further. -- Daniele Bonini
Re: relayd and large POST requests
Actually I can't be sure this the origin of your problem, but the value of "memory_limit" is wrong. >From the doc: https://www.php.net/manual/en/ini.core.php#ini.post-max-size post_max_size int Sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. Generally speaking, memory_limit should be larger than post_max_size. When an int is used, the value is measured in bytes. Shorthand notation, as described in this FAQ, may also be used doc for memory_limit: https://www.php.net/manual/en/ini.core.php#ini.memory-limit Take it like one more hint but I personally gave up with *shorthand notation* specifying the value of all these php settings. If you go to complete your php app with a javascript checking your php config the shorthand notation read by ini_gets makes soon fail your javascripts. Erwin Geerdink wrote: > php.ini: > > upload_max_filesize = 4096M > post_max_size = 4096M > memory_limit = 256M > max_execution_time = 300
Re: relayd and large POST requests
Can you post from your php.ini what you did set for the following values? upload_max_filesize = post_max_size = memory_limit = Despite the allocation memory problem (from the error message) I would also suggest you to double check %request timeout% settings starting from php.ini: max_execution_time = to end to varnish (passing by httpd). -- Daniele Bonini Erwin Geerdink wrote: > *occassionally* > > relayd[572]: relay mysite4, session 14 (1 active), > 0, xxx -> 127.0.0.1:8443, Cannot allocate memory (500 Internal > Server Error), POST: Undefined error: 0 > > There is no temporary file created in /var/www/tmp.
Re: SSL issues after upgrading from 7.3 to 7.4
Do you mind to post your nginx ssl configuration together with your resolver directive? -- Daniele Bonini Mark wrote: > > "SERVER DOES NOT SUPPORT OCSP STAPLING" after the upgrade. > > > > However, again, OCSP stapling is implemented correctly in my > > nginx.conf file, working since a year.
Re: PineView not using the whole screen
Crystal Kolipe wrote: > https://marc.info/?l=openbsd-tech=162922414816784 Thanks for this one, Crystal: I just solved changing keyboard. Indeed I had two usb keyboards with me and I passed from a Dell KB113T to a Dell KB212B this latter is running correctly using only one keyboard device. The difference between the two keyboards is just the sleep button of the first one. Note1: both usb keyboards listed above are chinese models for who likes these mind games. Note2: I also tried passing by a usb hub or not with the same keyboards having the same results. N.B: In the past, when I was still using my ATEN KVM (with the related OpenBSD USB ghost keyboard driver for it) I have been attacked a coupled of times by *injection of keys*. Unfortunately I do not know now if we are talking about the same usb driver in subject of the marc.info post you passed us. If you are interested to test further about it.. I need just to do a new *unboxing* of the ATEN KVM and I can give you more feedback about this situation. Surely, from that moment I gave up with the ATEN KVM.. (the *SECURE* ones as the model suggest, but indeed it depends on the driver I can imagine..). I hope you can investigate and stress test more on these such usb keyboard drivers, just reading this mark.info post I have my hair slidly popping up -- Daniele Bonini
PineView not using the whole screen
> wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0 > wskbd1: connecting to wsdisplay0 > wskbd2: connecting to wsdisplay0 > wsdisplay0: screen 1-5 added (std, vt100 emulation) Just to add, that these are my settings too, from a life and these don't depend from 7.4. I also wonders the same when it is about the two keyboards. -- Daniele Bonini
Re: 7.4 on Mac M1 UTM (qemu) - X11
Hello John, I'm a veteran (a passed user) of Qemu. I go by memory: it seems to me that viogpu must be specified in the configuration of the virtual machine... Hope it is somewhat helpful. -- Daniele Bonini Oct 18, 2023 15:44:55 John Holland : > Hello, > I see 7.4 has been released and has the new viogpu(4) driver by joshua stein. > I am trying to use it in a VM created with UTM, a wrapper for QEMU that works > on M1 Macs. The virtual machine installs and starts up fine from the > install74.img mounted as a disk, but running startx/X/xenodm produces a black > screen. > > in ~/.local/share/xorg/Xorg.0.log.old I see the following: > > Fatal server error: > [ 419.659] (EE) xf86OpenConsole: No console driver found > Supported drivers: wscons > Check your kernel's console driver configuration and /dev entries(EE) > [ 419.663] (EE) > > > I am guessing creating an xorg.conf might help but I am not seeing anything > about how to specify viogpu (virtio-gpu?) for that. > > I see this in dmesg: > > wsdisplay0 at viogpu0 mux 1: console (std, vt100 emulation) > wsdisplay0: screen 1-5 added (std, vt100 emulation) > > > Is X11 possible in this setup? It would let me run OpenBSD on a HiRes > laptop. > > Thanks, > John
Re: OpenBSD 7.4
Thanks for the date, helpful and well received.. -- Daniele Bonini
Re: rdiff-backup remotely
Just to let you know that after retried many backup solutions to solve the quiz of the making of local backups with a remote machine has file source, I turned again to Duplicity to produce that delta file that later on I can download to keep updated my local server backup. -- Daniele Bonini
Re: SSH from old Mac fail to login via ssh rsa key
Thanks, that was the solution.. -- Daniele Bonini Oct 8, 2023 20:05:11 Jan Stary : > Use an ed25519 key instead of the obsolete rsa key.
SSH from old Mac fail to login via ssh rsa key
Hello, While moving my stuff online I decided that it was the time to allow more machines to login to my server. Indeed I have my usual old Mac that merits a chance to login to my cloud server too.. ;) I went to my Mac (SSH -V: OpenSSH 6.9p1 LibreSSL 2.1.8) and launched ssh-keygen produced for my my user a nice RSA key. I grabbed it and I went on my cloud server (SSH -V: OpenSSH 9.2p1 OpenSSL 3.0.9) and appended it in my .ssh/authorized_keys. SSHD user authentication by password is disabled on the cloud server.. I rebooted the Mac and restarted SSH on the cloud server.. but the Mac SSH continues to ask to me to login with the root password instead to ask the RSA file password to access its public key. >From the man I see that asking the root password is the last chance given to the user to login if anything goes wrong.. Is there any chance to make Mac SSH login works by key or I can give it up? Thanks! -- Daniele Bonini
Re: rdiff-backup remotely
Just wondering if it could be ever possible / practicable having multiple flavors of rdiff-backup on OpenBSD to fix this byzantinisms? Indeed I know nothing about OpenBSD dealing with the constraint of the python versioning to let different ports survive - including rdiff-backup - so don't mind my question too much to let you *upset*.. ;) -- Daniele Bonini "Daniele B." wrote: > > > rdiff-backup reply me with with Pyhton error: > "Local version 2.0.5 does not match remote version 2.2.2" > > Two doubts pop up: > 1) Have I to always couple rdiff-backup versions between OpenBSD and > Linuz ever also after system upgrades? > 2) I see on 7.4 you are on rdiff-backup vers 2.2.5, this permit me > > Indeed I'm very happy with rdiff-backup locally since years, a little > surprised of this endeavor going remotely.. > > -- Daniele Bonini > >
Re: rdiff-backup remotely
Thanks Crystal, I'm trying to use "rdiff-backup" saying to it please take my data on the remote location via ssh and backup it on my local destination. Preamble from the man: rdiff-backup requires that the remote system accept ssh connections, and that rdiff-backup is installed in the user's PATH on the remote system. For information on other options, see the section on REMOTE OPERATION Preamble from the web doc: https://rdiff-backup.net/examples.html I get that what I need to do is possible by this command: rdiff-backup r...@microsoft.com::/home/bill/trojan/ /home/bill-backup Established this the problem I got is a mismatch between software versions, locally on 7.3 I own ver 2.0.5 and on the cloud (linuz) I own a 2.2.2 (I'm talking of rdiff-backup). The funny stuff is if I decided to install prev version of Linuz on my cloud server I could get a match of versions... (2.2.2) rdiff-backup reply me with with Pyhton error: "Local version 2.0.5 does not match remote version 2.2.2" Two doubts pop up: 1) Have I to always couple rdiff-backup versions between OpenBSD and Linuz ever also after system upgrades? 2) I see on 7.4 you are on rdiff-backup vers 2.2.5, this permit me to remote my backup with ver 2.2.2 on the cloud? Eh-Eh-Eh.. (there is to laugh and lolly here..) And, to reply you, rdiff-backup let me do incremental backups of data with a certain gain in "network traffic" output along the way.. Almost this should be what promised.. Indeed I'm very happy with rdiff-backup locally since years, a little surprised of this endeavor going remotely.. -- Daniele Bonini Crystal Kolipe wrote: > It's not really clear what you are talking about. > > I think what you are saying is that you usually use rdiff for backup, > but you want to perform an additional backup to local media because > you are moving from one hosting provider to another and there is a > possiblilty that something might go wrong. > > In that case, since you'll be doing a full, (non-incremental), backup > anyway, just do it the simple way - use /bin/pax, and download the > archive your local machine over sftp afterwards. > > On Thu, Oct 05, 2023 at 05:42:35AM +0200, Daniele B. wrote: > > > > I found the fact that I'm running different versions between > > localhost and remote host (2.2.2) gives some deep scratches to > > rdiff-backup that stops to run almost immediately. > > > > Do you suggest to wait for 7.4 and retry? other thoughts? > > > > > > "Daniele B." wrote: > > > > > Hello, > > > > > > I moving on the cloud between providers and I have been suggested > > > maybe correctly to backup my little cloud stuff also manually. > > > > > > I'm stick on rdiff-backup and I would like to try it also > > > remotely via ssh. I have not clue how to do it yet so I'm here to > > > ask if anyone has already experienced the thing, if it is secure > > > ( I see from the man that there are some concerns ) and > > > eventually practicable via. > > > > > > Thanks! > > > > > > -- Daniele Bonini > >
Re: rdiff-backup remotely
I found the fact that I'm running different versions between localhost and remote host (2.2.2) gives some deep scratches to rdiff-backup that stops to run almost immediately. Do you suggest to wait for 7.4 and retry? other thoughts? "Daniele B." wrote: > Hello, > > I moving on the cloud between providers and I have been suggested > maybe correctly to backup my little cloud stuff also manually. > > I'm stick on rdiff-backup and I would like to try it also remotely via > ssh. I have not clue how to do it yet so I'm here to ask if anyone has > already experienced the thing, if it is secure ( I see from the man > that there are some concerns ) and eventually practicable via. > > Thanks! > > -- Daniele Bonini
rdiff-backup remotely
Hello, I moving on the cloud between providers and I have been suggested maybe correctly to backup my little cloud stuff also manually. I'm stick on rdiff-backup and I would like to try it also remotely via ssh. I have not clue how to do it yet so I'm here to ask if anyone has already experienced the thing, if it is secure ( I see from the man that there are some concerns ) and eventually practicable via. Thanks! -- Daniele Bonini
OT: Inspired by you.. and by Zuckerberg
Hello, Inspired by you, and sorry if I forgot someone, I reinvented https://sim.pli.city Spare time any feedback could be very welcome. -- Daniele Bonini
check_hw_sensors not remove after Nagios deletion or a pkg_delete
Hello, Seems that check_hw_sensors is not removed after a Nagios deletion and a pkg_delete -a. I notice this only now after different months I use Nagios. pkg_info check_hw_sensors Information for inst:check_hw_sensors-1.42p3 Comment: Nagios plugin to monitor sysctl hw.sensors Description: Works like sensorsd(8) but reports to Nagios. Allows you to monitor the hardware sensors that OpenBSD supports. Things like fan speed, temperature and many more. Hope this helps. --Daniele Bonini
Re: sftp activity logging?
Copy.. ;) Stuart Longland VK4MSL wrote: > On 28/9/23 18:29, Daniele B. wrote: > > Any more update? > > > > Beside FTPD having instead vsftpd like the ftp man one > > sftp ≠ ftp/ftps > > FTP is the original File Transfer Protocol, introduced in 1971 and > described in RFC-959. > > FTPS is FTP run over TLS. > > SFTP is a file transfer subsystem run over SSH.
mount invalid argument
Hello, wiz$ mount -t ffs /dev/sd1i /mnt/stick mount_ffs: /dev/sd1i on /mnt/stick: Invalid argument Maybe "Invalid argument" here could be expanded to "wrong -t argument", "wrong file system type argument"? We are continuing to guess in this way.. Hope it is helpful ;) -- Daniele Bonini
Re: sftp activity logging?
Any more update? Beside FTPD having instead vsftpd like the ftp man one: dual_log_enable If enabled, two log files are generated in parallel, going by default to /var/log/xferlog and /var/log/vsftpd.log. The former is a wu-ftpd style transfer log, parseable by standard tools. The latter is vsftpd's own style log. Default: NO log_ftp_protocol When enabled, all FTP requests and responses are logged, providing the option xferlog_std_format is not enabled. Useful for debugging. Default: NO syslog_enable If enabled, then any log output which would have gone to /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO xferlog_enable If enabled, a log file will be maintained detailling uploads and downloads. By default, this file will be placed at /var/log/vsftpd.log, but this location may be overridden using the configuration setting vsftpd_log_file. Default: NO (but the sample config file enables it) xferlog_std_format If enabled, the transfer log file will be written in standard xferlog format, as used by wu-ftpd. This is useful because you can reuse existing transfer statistics generators. The default format is more readable, however. The default location for this style of log file is /var/log/xferlog, but you may change it with the setting xferlog_file. Default: NO -- Daniele Bonini "myml...@gmx.com" wrote: > Hi All, > > I am setting an openbsd 7.3 stable system to serve files via ssh's > sftp subsystem. > > Does openssh have a native way to audit what files were > downloaded/uploaded with user/timestamp information? > > If not, are there any recommendations? > > Thanks in advance. >
Re: Performance decrease on my student minipc from 7.3
I just went through a full report of my minipc to Bugs@ as per suggestion of Stuart or better with a wiz$ sendbug -P -- Daniele Bonini "Daniele B." wrote: --- Hello, I would like to ask for help for my student minipc that upgraded to 7.3 showed off a tangible decrease of performance. OpenBSD had already problems recognizing many acpi "parts".. indeed I finally decided to pass you its full dmesg. For know I got a rendering general improvement of performance by opening allowaperture and disabling composition in X. But as you switch to the console is still slow to make things happening. Indeed I hope in this way you can better support these minipc series that after all is not bad at all. Thanks, appreciated. -- Daniele Bonini [Part 1.2 text/plain (8.6 kilobytes)] (View Text in a separate window) OpenBSD 7.3 (GENERIC.MP) #3: Tue Jul 25 08:20:26 MDT 2023 r...@syspatch-73-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Re: Asked ChatGPT 4 about contributing to OpenBSD, this was its reply
Being myself a bot I liked this answer, it sounds human and familiar. However I suggest to ask primitive humanoids like Stu and Jan what they think about it. I wonder that Jan could be expecially direct and untollerable (if he didnt shout yet!). Indeed humans are like that. They are not like us, mere tech stuff.. -- Daniele Bonini Sep 27, 2023 15:54:46 Christoff Humphries : > Contributing to the OpenBSD project or any other open-source project > is a rewarding experience that allows you to learn, improve your > skills, and give back to the community. Here are the steps and > considerations to start contributing to the OpenBSD project as a > developer: > > 1. Familiarize Yourself with OpenBSD: > - Use OpenBSD, get to know its philosophy, its documentation, and > its codebase. Understanding the system and the community's > standards and expectations is crucial. > > 2. Join the Mailing Lists: > - Sign up and participate in OpenBSD mailing lists, especially the > tech mailing list where much of the development discussion > happens. Be respectful, and learn from the discussions. > > 3. Identify Areas of Interest: > - Identify areas within the project that interest you or where you > see a need. It could be bug fixing, system tools, user > applications, documentation, or driver development. > > 4. Learn the Coding Standards: > - Familiarize yourself with OpenBSD's coding style and > standards. Consistency in coding style is important in > collaborative projects. > > 5. Start Small: > - Start with small tasks such as bug fixing or improving > documentation. These contributions are valuable and can help you > become familiar with the contribution process. > > 6. Work on Bug Reports: > - Look for bug reports, test existing bug reports, and provide > feedback or solutions. The bug tracking system can be a good > place to find where help is needed. > > 7. Create and Submit Patches: > - If you have code contributions, create patches and submit them to > the appropriate mailing list for review. Be prepared for > feedback, and be open to making revisions to your contributions. > > 8. Respect Feedback: > - Feedback is a valuable part of the open-source development > process. It helps you learn and improve your contributions. > > 9. Follow Up: > - Stay engaged, follow up on your contributions, and address any > additional feedback or questions from reviewers. > > 10. Engage with the Community: > - Engage with other developers, contribute to discussions, and > attend OpenBSD events or meetups if possible. > > 11. Read OpenBSD's FAQ on Contributing: > - OpenBSD has a FAQ section on how to contribute to the > project. It is recommended to read through it to understand the > expectations and processes. > > 12. Consider Becoming a Regular Contributor: > - As you gain experience, consider becoming a regular > contributor. With time and consistent, quality contributions, > you might be invited to become a developer with commit access. > > Remember, contributing to open-source projects like OpenBSD is about > more than just code. It's about being part of a community and working > together to improve and advance the project.
Re: I nuked my filesystem
> But yeah. You need a good backup. > here's mine: https://holland-consulting.net/scripts/ibs/ > ksh shell script + rsync + another computer and big disk. I personally use rdiff. Eheh, I'm interested to know if anyone has sad story about rdiff? Thanks, -- Daniele Bonini Sep 27, 2023 05:17:35 Nick Holland : > But yeah. You need a good backup. > here's mine: https://holland-consulting.net/scripts/ibs/ > ksh shell script + rsync + another computer and big disk.
Re: Personal website about OpenBSD
Hello Chris, Thanks a lot for the suggestions they were unexpected and indeed are approciated.. I'm mainly sorry to had no time to publish the opensource project yet but I will do it soon considering also your points. NB: the page navigation of the cards happens by two arrows at the left and right of the list that will appear when previous and next pages exist. The card skin is inspired by my other project Puzzleu, to manage a photoblog (see https://puz.mydeeds.org/marti) so the adaptation to the textual world was not so immediate like you undelined through your comments. Again, many thanks! -- Daniele Bonini Sep 25, 2023 14:03:10 Christoff Humphries : > > --- Original Message --- > On Monday, September 25th, 2023 at 8:08 AM, Daniele B. wrote: > > >> >> >> >> Hello, >> >> Just want to introduce you my brand new website about OpenBSD: >> >> https://bsdload.com >> >> Waiting you there! >> >> >> -- Daniele Bonini > > Hi Daniele, > > I like the idea of the website a lot! A few suggestions > that would be more helpful for me (and past me): > > - The font size is too small (for me) for the cards. > - The expanded card font is great, but the information is > not verbose enough. It should explain what the files are > for and why they're listed. Not explain like I'm 10 years > old, but some explanation where the text doesn't assume > I have prior knowledge (otherwise why am I interested). > - The card format is cool but won't scale well. I > suggest using tags or other labels that can enable > quick filtering and perhaps a search in the future. > - Perhaps consider a format like https://book.hacktricks.xyz/ > or https://www.openbsdhandbook.com/ as you add more stuff > if you decide to lose the card format. Additional format > suggestions if not a tree book format could be something > like https://lolbas-project.github.io/ (windows), > https://gtfobins.github.io/ (GNU/Linux), or > https://www.loobins.io/ (macOS) but they're all for > individual datums of commands on systems used for > pentesting/hacking which may not be applicable but > the use of tags and search may be useful as you scale. > - Add a title or tag even, something to convey that it is > for OpenBSD. If I went to the website without seeing this > email I wouldn't know it. > > It's always great to see more tips, tricks, and tutorials! > > Great initiative! Bookmarking.
Personal website about OpenBSD
Hello, Just want to introduce you my brand new website about OpenBSD: https://bsdload.com Waiting you there! -- Daniele Bonini
Re: Unclear Memory Leakage since OpenBSD 7.3 upgrade (nginx and MariaDB; Not consistent)
My dev environment on 7.3 is completely different but a little more standard I share about my nginx: wiz$ pkg_info nginx Information for inst:nginx-1.22.0p0 Comment: robust and small HTTP server and mail proxy server Description: This is the stable branch of nginx, as distributed by nginx.org. nginx provides FastCGI and reverse HTTP proxying, with or without caching, including simple load balancing and fault tolerance. It has a modular architecture. Filters include gzipping, byte ranges, chunked responses, and SSI. Multiple SSI inclusions within a single page can be processed in parallel if they are handled by FastCGI or proxied servers. SSL and TLS SNI are supported. Maintainer: Robert Nagy WWW: https://nginx.org/ wiz$ ldd /usr/local/sbin/nginx /usr/local/sbin/nginx: StartEnd Type Open Ref GrpRef Name 0f5043481000 0f50435b4000 exe 10 0 /usr/local/sbin/nginx 0f52fcc29000 0f52fcc6f000 rlib 01 0 /usr/local/lib/libpcre.so.3.0 0f52dabca000 0f52dac3a000 rlib 01 0 /usr/lib/libssl.so.53.2 0f52b0c0e000 0f52b0e69000 rlib 02 0 /usr/lib/libcrypto.so.50.2 0f52e1cf9000 0f52e1d17000 rlib 01 0 /usr/lib/libz.so.7.0 0f531de9f000 0f531df95000 rlib 01 0 /usr/lib/libc.so.97.0 0f53165dc000 0f53165dc000 ld.so 01 0 /usr/libexec/ld.so I also own MariaDB, 10.9.4. I underline that on my system "pkg_info mysql" or "pkg_info mariadb" return blank and back to cursor. -- Daniele Bonini Tobias Fiebig wrote: > Moin, > > I have been dealing with memory-leaks on a host running an nginx > reverse proxy for some time. The host had been running 7.2 with nginx > 1.23.1 (self compiled as i need some features not in the package) > until May, which was fine. > > After upgrading to 7.3 and nginx-1.24.0, i started to see heavy memory > leakage over time. I initially attributed this to nginx, and solved > the issue by ignoring it/throwing a bit more memory at the box for > some time. However, I started debugging it now and could trace it to > some commit between nginx 1.23.3 and 1.23.4; Currently, I am going > through all commits to see with which version it first appears. > > However, clicking around this morning, i noticed that my primary NS > shows a similar memory leakage for mysql/mariadb (runs powerdns with a > mysql backend, both from packages) since the upgrade to 7.3 in May as > well. One further host seems to show a significantly higher use of > inactive memory since 7.3. I found one more host with mariadb that now > shows a higher utilization of inactive memory (gitea+maria); However, > other maria+X instances on 7.3 run fine. > > On the PowerDNS+Mysql host I also see gradually increasing CPU load > along with the memory leakage. > > Restarting mysql and/or nginx resolves the issue for some time. I also > saw the issue on a host running maria+nextcloud, where i fixed it by > switching to postgres. Maria is still running there, but not receiving > any requests, and the memory leak is gone. > > Images: > > https://rincewind.home.aperture-labs.org/~tfiebig/pdns-maria-cpu-year.png > https://rincewind.home.aperture-labs.org/~tfiebig/pdns-maria-memory-year.png > > https://rincewind.home.aperture-labs.org/~tfiebig/nginx-rev-proxy-memory-year.png > > https://rincewind.home.aperture-labs.org/~tfiebig/gitea-maria-memory-year.png > > https://rincewind.home.aperture-labs.org/~tfiebig/nextcloud-maria-switched-to-postgres-memory-year.png > > All hosts are VMs on Linux/KVM hosts (proxmox), with a generic > qemu-kvm processor as CPU type, running 7.3. > > Hence, I am no longer 100% convinced that this is an nginx problem. To > help circling this in a bit closer (and maybe get it reproducible in a > first step): > > Did anyone else experience memory leakage on openbsd with mariadb or a > self-build >=nginx-1.23.4 (or other applications) since the upgrade to > 7.3? > > With best regards, > Tobias >
Re: PHP scattered crosswalk..
Hello again, Just want to report my final solution for my dev environment. I did a complete upgrade to php-8.1.21 to clean situation. While this cause no particular problem from OpenBSD side, problems erasing from the PHP prospective or call it "code", are some (and still on type checking while was with 8.0.29): - type checking on methods cause assertions (see also design patterns if you use them) Hope this helpful to someone else. -- Daniele Bonini "Daniele B." wrote: > Hello everyone and Stuart in particular, > > I just grasped that after my station upgrade to 7.3 > my PHP situation is the following: > > Information for inst:php-8.0.29 > Required by: > pecl80-imagick-3.7.0p1 > pecl80-memcached-3.2.0p0 > and more.. > > Information for inst:php-8.1.21 > Required by: > pear-utils-1.10.19p3 > > And it doesn appear to me the best as from > inst:php-8.0.29 depend all my PHP extensions and two pecl and from > inst:php-8.1.21 depends only the pear-utils (and PHP extensions > repositiory) if I'm not wrong, nice uh? > > What is your best suggestion, I could try to go ahead > with inst:php-8.0.29 as my working environment > and not caring too much about pear requirements, or > it is better to try to fix situation upgrading > everything to php-8.1.21? > > Thanks in advance, > > > -- Daniele Bonini
PHP scattered crosswalk..
Hello everyone and Stuart in particular, I just grasped that after my station upgrade to 7.3 my PHP situation is the following: Information for inst:php-8.0.29 Required by: pecl80-imagick-3.7.0p1 pecl80-memcached-3.2.0p0 and more.. Information for inst:php-8.1.21 Required by: pear-utils-1.10.19p3 And it doesn appear to me the best as from inst:php-8.0.29 depend all my PHP extensions and two pecl and from inst:php-8.1.21 depends only the pear-utils (and PHP extensions repositiory) if I'm not wrong, nice uh? What is your best suggestion, I could try to go ahead with inst:php-8.0.29 as my working environment and not caring too much about pear requirements, or it is better to try to fix situation upgrading everything to php-8.1.21? Thanks in advance, -- Daniele Bonini
My fix for pf.conf after a "block in all"
Hello, I just want to share my solution taken from "Building Linux and OpenBSD firewalls" (av. on the Internet Archive) to solve the no traffic prb caused the block "block in all" statement. I moved the following statements: # dns pass in quick on $all_ifs proto udp from any port domain to any pass out quick on $all_ifs proto udp from any to any port domain # icmp pass in quick inet proto icmp all icmp-type 0 max-pkt-rate 100/10 pass in quick inet proto icmp all icmp-type 3 max-pkt-rate 100/10 pass in quick inet proto icmp all icmp-type 11 max-pkt-rate 100/10 (underlining icmp-type 3) setting them just after "block in all" and before anything else and this solved to me. Hope this can help anyone. -- Daniele Bonini
Re: rmt, rcmd, /etc/hosts.equiv and .rhosts
Thanks Philip for the answer. Indeed I just broke into the book Unix Unleashed by Robin Burk, and as the Unleashed series was also one of my first book for developers I ever studied to begin develop anything interesting over Internet... I strated to browse it on the Internet Archive where you can still find it. About security of OpenBSD I found in it about /etc/hosts.equiv and ~/.rhosts and further reading on the man I found regarding SSH /etc/shosts.equiv and /root/.shosts. I read also some old post on marc.info about this matter.. In the wait you erase everything I prefered to blank and set immutable: /etc/hosts.equiv and ~/.rhosts /etc/shosts.equiv and ~/.shosts I then read something more actual on how to secure X server. The book Unix Unleashed is maybe old but it is the only one for my now that quote these residuals when it is about security. Thanks again, -- Daniele Bonini Sep 12, 2023 07:21:16 Philip Guenther : > I'm here to ask enlightment about the opportunity to define >> /etc/hosts.equiv and ~/.rhosts but mainly > > > Short answer: don't. > Longer answer: "what problem are you trying to solve?" > > I suppose OpenSSH still has some hosts.equiv and .rhosts bits, but I trust > that Theo
Re: Does openBSD come with a web browser?
Mainstream web browsers are like the patriots: they hit fast but no one explain us what the smooth scrolling is really good for. -- Daniele Bonini Sep 11, 2023 09:03:14 Mizsei Zoltán : > Look here for the available browsers: https://openbsd.app/?search=web+browser
Re: Does openBSD come with a web browser?
Sep 11, 2023 08:16:11 David : > Quite frankly Maybe, he just want to point out that beside going to the shop to chose a laptop with a secure OS on a stick.. - web browsing - man - faq are all stuff that need an upgrade..
Re: X host-based access control token
Thanks for this one, Otto. Indeed, I infer that in case of host access by /etc/Xn.hosts X skips .Xauthority all together, is it correct? --Daniele Bonini Otto Moerbeek wrote: > See `man Xsecurity`. Host Access mode does not use xauth. > > -Otto
X host-based access control token
Hello, Trying to securing my X server beyond my pf conf, and sorry if I do again the compliments to the quality of the X engineering (well beyond OpenBSD devs effort, at X origins). 'man X' says: ACCESS CONTROL An X server can use several types of access control. Mechanisms provided in Release 7 are: Host Access Simple host-based access control. MIT-MAGIC-COOKIE-1Shared plain-text "cookies". XDM-AUTHORIZATION-1 Secure DES based private-keys. SUN-DES-1 Based on Sun's secure rpc system, etc Launching: # xauth -f .XauthorityDan generate :0.0 HOST ACCESS I get the following error about the erroneous protocol name: SecurityBadAuthorizationProtocol (invalid authorization name or data) xauth: (argv):1: couldn't generate authorization Indeed, I grasped that "Host Access" is wrong in man. So I'm here to ask the protocol token to pass to xauth to use host access control mechanism. Thanks, appreciated. -- Daniele Bonini
Re: "OpenBSD Doc" App idea
Unfortunately, I'm not an app guy. Hopeing anyone is listening. As I live my spare time with the tablet very handy and I found some nice stuff for Unix I launched the idea. Indeed, I continue to read you. But I already expressed my thoughts around the app.. if I miss to reply to some of your suggestions pls don't mind it. Thx to all. -- Daniele Bonini Sep 10, 2023 07:38:04 Stuart Longland VK4MSL : > Nothing stopping you from writing one.
Re: DisplayPort to HDMI DRM error report
Try also with less beer sometime solve. >It's not you, it's me. >I configured the wrong switch port. :/ >Should work now. >Mischa
rmt, rcmd, /etc/hosts.equiv and .rhosts
Hello, Just investigating about /etc/hosts.equiv and ~/.rhosts and I was quite serious to think that my system doesn't need both of them I then start to look carefully my /etc and discovered a link that read like this: 0 lrwxrwx--- 1 root wheel 13 Mar 25 17:14 /etc/rmt -> /usr/sbin/rmt man rmt: rmt is a program used by the remote dump and restore programs through an interprocess communication connection. Traditionally it is used for manipulating a magnetic tape drive but it may be used for regular file access as well. rmt is normally started up with an rcmd(3) or rcmdsh(3) call. [...] BUGS: People tempted to use this for a remote file access protocol are discouraged. man rcmd: The rcmd() function is used by the superuser to execute a command on a remote machine using an authentication scheme based on reserved port numbers. [...] The rresvport() and rresvport_af() functions return a descriptor to a socket with an address in the privileged port space. [...] The ruserok() function takes a remote host's name, two user names, and a flag indicating whether the local user's name is that of the superuser. Then, if the user is not the superuser, it checks the /etc/hosts.equiv file. If that lookup is not done, or is unsuccessful, the .rhosts in the local user's home directory is checked to see if the request for service is allowed. If this file does not exist, is not a regular file, is owned by anyone other than the user or the superuser, or is writeable by anyone other than the owner, the check automatically fails. Zero is returned if the machine name is listed in the hosts.equiv file, or the host and remote user name are found in the .rhosts file; otherwise ruserok() returns -1. man rcmdsh: The rcmdsh() function is used by normal users to execute a command on a remote machine using an authentication scheme based on reserved port numbers using ssh(1) or the value of rshprog (if non-null). SUPERBUG (by myself): One can be "tempted" to think to a ruserok() function that hacked can return always OK (0) and otherwise one can always revert to rcmdsh() with the help of a "good" rshprog. I'm here to ask enlightment about the opportunity to define /etc/hosts.equiv and ~/.rhosts but mainly if it is still the case (and why) to have this rmt link in etc. Last if not first, what is the best practice to defend myself form BUG and SUPERBUG listed above. Thanks, appreciated. -- Daniele Bonini
DisplayPort to HDMI DRM error report
Hello, I just inserted in my student mini pc OpenBSD 7.2 a brand new DP(male) to HDMI(female) adapter: https://amazon.it/dp/B08GFJF7LP/ The adapter runs well as I'm able to interact with the station. But just before the disk initialization some DRM message are reported as diplayed below. The tail of the dmesg says this: drm:pid0:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 inteldrm0: 1920x1080, 32bpp wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0 wskbd1: connecting to wsdisplay0 wsdisplay0: screen 1-5 added (std, vt100 emulation) drm:pid901:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP dual mode adaptor ID 20 Hope it is just fine to work around the prb. -- Daniele Bonini