On Wed, Jul 09, 2008 at 07:45:01PM -0700, my mail wrote:
--- On Wed, 7/9/08, Jacob Meuser [EMAIL PROTECTED] wrote:
From: Jacob Meuser [EMAIL PROTECTED]
Subject: Re: Can't install using pkg_add from FTP mirror and from Local
Mirror
To: misc@openbsd.org
Date: Wednesday, July 9, 2008,
If I'm not mistaken, openbsd zeroes the data when you delete a file.
I remember trying to recover a file and then receiving a 0Kb file =)
If you still want to try, you could try using the sleuth kit
(available in ports) to recover something.
Thank you, it's OK now !
2008/7/10 Daniel Melameth [EMAIL PROTECTED]:
On Wed, Jul 9, 2008 at 6:48 PM, Dongsheng Song [EMAIL PROTECTED] wrote:
I searched /etc/syslog.conf, but can't find how to disable it.
Jul 10 08:40:04 proxy /bsd: pf: loose state match: TCP in wire:
192.168.4.132:3833
looks like there is some work in progress to update the in-tree BIND
to 9.4.2-P1 + local tweaking, for example:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/bind/lib/dns/dispatch.c?r1=1.8
As Theo points out, patience is a virtue, and it's the + local
tweaking above that is the reason
Pete Vickers [EMAIL PROTECTED] writes:
looks like there is some work in progress to update the in-tree BIND
to 9.4.2-P1 + local tweaking, for example:
reading tea leaves^H^H^H^H^H^H^H^H^H^Hsource-changes has me thinking
the BIND bug has spurred some activity in other parts of the tree, too
(as
--- On Thu, 7/10/08, Jacob Meuser [EMAIL PROTECTED] wrote:
From: Jacob Meuser [EMAIL PROTECTED]
Subject: Re: Can't install using pkg_add from FTP mirror and from Local Mirror
To: misc@openbsd.org
Date: Thursday, July 10, 2008, 6:24 AM
On Wed, Jul 09, 2008 at 07:45:01PM -0700, my mail wrote:
* Leonardo Rodrigues [EMAIL PROTECTED] [2008-07-10 08:50]:
If I'm not mistaken, openbsd zeroes the data when you delete a file.
no, that would be pointless.
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS
Hi misc@,
When installing a package from the ports, there are build dependencies
and runtime dependencies.
In many cases, B-deps aren't used once the package is installed.
Is there any other way than looking at the ports makefile to spot the
B-deps installed on a system ?
Dear list,
running currently 4.3 generic with sendmail:
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING
SCANF
STARTTLS TCPWRAPPERS USERDB XDEBUG
--
did try to
Eric Dillenseger wrote:
Hi misc@,
When installing a package from the ports, there are build dependencies
and runtime dependencies.
In many cases, B-deps aren't used once the package is installed.
Is there any other way than looking at the ports makefile to spot the
B-deps installed on a system
On Thu, Jul 10, 2008 at 3:13 PM, giovanni [EMAIL PROTECTED] wrote:
pkg_add cyrus-sasl-.tgz
# vat /etc/mk.conf
WANT_SMTPAUTH=yes
rebuild sendmail
--
see ya,
giovanni
Thanks for your reply but I thought that this is necessary only if SMTP_AUTH
should be enabled! In my case I'll use
On Thu, 10 Jul 2008, Henning Brauer wrote:
* Leonardo Rodrigues [EMAIL PROTECTED] [2008-07-10 08:50]:
If I'm not mistaken, openbsd zeroes the data when you delete a file.
no, that would be pointless.
For the archives: unless it is specifically requested as
rm -P
Regards,
David
On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote:
[...]
did try to setup STARTTLS but I don't think that it works! here are the
modifications in my .mc file:
--
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
On Thu, Jul 10, 2008 at 3:33 PM, giovanni [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 03:19:11PM +0200, GVG GVG wrote:
On Thu, Jul 10, 2008 at 3:13 PM, giovanni [EMAIL PROTECTED] wrote:
pkg_add cyrus-sasl-.tgz
# vat /etc/mk.conf
WANT_SMTPAUTH=yes
Hello List,
I'm having some issues with IPSec VPN tunnels.
Here is what I'm trying to do:
I have a VPN 'server' with 2 internet connections (IP1, IP2)
I have several remote locations which connect to the VPN server.
When IP1 goes down on the VPN server I want the
if you use pppoe(4) for internet, and want to do a remote
update from 4.2 to 4.3, over said pppoe(4) link, then the
normal update procedure will not work, because the 4.3
kernel and the 4.2 ifconfig binary can not work together.
after rebooting the new 4.3 bsd kernel, the network will
not be
On Thu, Jul 10, 2008 at 3:33 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote:
[...]
did try to setup STARTTLS but I don't think that it works! here are the
modifications in my .mc file:
--
define(`CERT_DIR',
On Thu, Jul 10, 2008 at 03:56:48PM +0200, GVG GVG wrote:
On Thu, Jul 10, 2008 at 3:33 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote:
--
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl
define(`confCACERT_PATH',
On Thu, Jul 10, 2008 at 02:03:12PM +0200, David Vasek wrote:
For the archives: unless it is specifically requested as
rm -P
For some unknown reason this prompted me to look at the rm manpage for the
hell of it (yeah, bored and tired at the moment). There's an odd comment in
the STANDARDS
On 2008-07-09, mark reardon [EMAIL PROTECTED] wrote:
doxpara.com reports no issues with unbound FWIW.
right, unbound already randomises the source port (arc4random
from guess where) and also the source address if you list more
than one (assign aliases to the interfaces, and list all of
the IP
On Thu, Jul 10, 2008 at 4:12 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 03:56:48PM +0200, GVG GVG wrote:
On Thu, Jul 10, 2008 at 3:33 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote:
--
Yes, I can confirm that. I too got bitten by it before and I was considering
proposing a patch for upgradeXX.html, but I got sidetracked.
Mitja
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Marc Balmer
Sent: Thursday, July 10, 2008 3:55 PM
To:
On Thu, Jul 10, 2008 at 04:26:38PM +0200, GVG GVG wrote:
In a sendmail book I found following entry they suggested to put
in the .mc file. Could be the reason for my problems?
--
dnl define(`confCRL', `CERT_DIR/crl/crl.pem')dnl
-
No. So you updated your .mc file as
Dear List,
having a 4.3 and sendmail installation, the default locations where the
mails go is /var/mail/$USER. How can I change that and point to a Maildir
formatted location?
Thanks
George
On Thu, Jul 10, 2008, GVG GVG wrote:
-rw-r--r-- 1 root wheel 1679 Jun 23 17:04 key.pem
^ ^
and in the mail_log there is nothing recorded! No errors or warnings!
1. man starttls (and see the referenced website).
2. increase the LogLevel (even though those errors should be logged
at
On 2008-07-10, GVG GVG [EMAIL PROTECTED] wrote:
Dear List,
having a 4.3 and sendmail installation, the default locations where the
mails go is /var/mail/$USER. How can I change that and point to a Maildir
formatted location?
Thanks
George
You need a local delivery agent that can
On 2008-07-10, GVG GVG [EMAIL PROTECTED] wrote:
Sorry I did a mistake! The changes in the .mc file are:
You did rebuild the .cf file from the .mc file, right?
STARTTLS(8) OpenBSD System Manager's ManualSTARTTLS(8)
[...]
Now that you have the TLS-enabled
On Thu, Jul 10, 2008 at 04:56:07PM +0200, GVG GVG wrote:
Dear List,
having a 4.3 and sendmail installation, the default locations where the
mails go is /var/mail/$USER. How can I change that and point to a Maildir
formatted location?
Thanks
George
Hi George -
You need to use a mail
On Thu, Jul 10, 2008 at 5:07 PM, Stuart Henderson [EMAIL PROTECTED]
wrote:
On 2008-07-10, GVG GVG [EMAIL PROTECTED] wrote:
Dear List,
having a 4.3 and sendmail installation, the default locations where the
mails go is /var/mail/$USER. How can I change that and point to a Maildir
On Thu, Jul 10, 2008 at 4:55 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 04:26:38PM +0200, GVG GVG wrote:
In a sendmail book I found following entry they suggested to put
in the .mc file. Could be the reason for my problems?
--
dnl define(`confCRL',
On Thu, Jul 10, 2008 at 5:05 PM, Stuart Henderson [EMAIL PROTECTED]
wrote:
On 2008-07-10, GVG GVG [EMAIL PROTECTED] wrote:
Sorry I did a mistake! The changes in the .mc file are:
You did rebuild the .cf file from the .mc file, right?
STARTTLS(8) OpenBSD System Manager's
On 7/9/08, Josh [EMAIL PROTECTED] wrote:
On two machines now, recent snapshots are not powering off properly on
machines which used to, when I run shutdown -p -h now.
It stops at syncing disks, and stays there forever. After a hard reset, /
comes up as not being unmounted successfully.
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a fresh install anywhere -- but I want to say that it doesnt
default to PermitRootLogin yes after the install.
I remember that I filed PRs with
my mail wrote:
--- On Thu, 7/10/08, Jacob Meuser [EMAIL PROTECTED] wrote:
From: Jacob Meuser [EMAIL PROTECTED]
Subject: Re: Can't install using pkg_add from FTP mirror and from Local Mirror
To: misc@openbsd.org
Date: Thursday, July 10, 2008, 6:24 AM
On Wed, Jul 09, 2008 at 07:45:01PM -0700,
My 4.3 installs defaulted to PermitRootLogin yes after install.
-HKS
On Thu, Jul 10, 2008 at 10:35 AM, Brian A. Seklecki
[EMAIL PROTECTED] wrote:
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote:
Am I reading this right?
Yes.
[...]
I remember that I filed PRs with FreeBSD/NetBSD a few years ago to get
this changed, but Redhat Support is giving some some noise about:
Well the source vendor doesn't disable it by
Brian A. Seklecki wrote:
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a fresh install anywhere -- but I want to say that it doesnt
default to PermitRootLogin yes after the install.
I
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Brian A. Seklecki
Sent: Thursday, July 10, 2008 10:35 AM
To: misc@openbsd.org
Subject: sshd_config(5) PermitRootLogin yes
Am I reading this right?
http://www.openbsd.org/cgi-
On Thu, Jul 10, 2008 at 5:01 PM, Claus Assmann
[EMAIL PROTECTED] [EMAIL PROTECTED]
wrote:
On Thu, Jul 10, 2008, GVG GVG wrote:
-rw-r--r-- 1 root wheel 1679 Jun 23 17:04 key.pem
^ ^
and in the mail_log there is nothing recorded! No errors or warnings!
1. man starttls (and see
Off topic to this thread, but:
On Thu, Jul 10, 2008 at 8:24 AM, GVG GVG [EMAIL PROTECTED] wrote:
...
Sendmail gets started as:
sendmail_flags=-L sm-mta -C/etc/mail/sendmail.cf -bd -qp -B8BITMIME -X
/[$HOME]/mail_log
Remove -B8BITMIME from that: the -B option is only applicable when
sending
Of course it is enabled by default. Why do I want a box that is
freshly installed and unreachable?
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote:
Am I reading this right?
* Stuart Henderson [EMAIL PROTECTED] [080709 07:15]:
mcbride@ pointed out that you can give named some more protection
by natting outbound udp traffic destined for port 53 (even just on
the box running the resolver, it doesn't have to be on a firewall
in front). something like,
nat on
On July 10, 2008 10:24:08 am GVG GVG wrote:
On Thu, Jul 10, 2008 at 4:55 PM, Will Maier [EMAIL PROTECTED] wrote:
On Thu, Jul 10, 2008 at 04:26:38PM +0200, GVG GVG wrote:
In a sendmail book I found following entry they suggested to put
in the .mc file. Could be the reason for my problems?
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged
account, edit the sudoers file.. and disable root logins in sshd_config.
I believe the developers decision is
On Thu, Jul 10, 2008 at 9:59 AM, Vijay Sankar [EMAIL PROTECTED] wrote:
...
I don't think -B8BITMIME works with sendmail on OpenBSD -- at least it does
not on my 4.3 i386 from CD and on 4.4 -current.
sigh What do you think it does, how did you use it, and how did you
determine that it has no
On Thu, Jul 10, 2008 at 01:21:20PM -0400, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
edit the sudoers file.. and disable root
Good afternoon!
So, before the next make build I must rebuild the yacc alone.
I would like to know how can I rebuild yacc.
I searched in old errata patches, Makefiles, bsd.*.mk files.
In my previous logfile (2008.07.07/src_make_build) I see, that by
yacc the make cleandir is used:
rm -f yacc.cat1
On Thu, Jul 10, 2008 at 07:40:47PM +0200, Paul de Weerd wrote:
root logins are also quite useful when /home is on NFS and NFS is
broken somehow and you need to log in to fix stuff. Myself, I keep it
enabled, even if I don't have /home on NFS and already have my
less-privileged user for sudo
On Thu, 10 Jul 2008, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
On Soekris, does the first boot console access not function
afterboot(8) covers this
Works for me, I guess. =/
~BAS
http://www.openbsd.org/cgi-bin/man.cgi?query=afterbootapropos=0sektion=0ma
npath=OpenBSD+Currentarch=i386format=html
Paul de Weerd escreveu:
On Thu, Jul 10, 2008 at 01:21:20PM -0400, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
edit the
On Thu, 10 Jul 2008, Marco Peereboom wrote:
Of course it is enabled by default. Why do I want a box that is
freshly installed and unreachable?
No -- I just find that most of afterboot(8) can be done from the console;
even serial console, at first boot, configure the network, add a non-root
On Thu, Jul 10, 2008 at 01:38:22PM -0400, Brian A. Seklecki wrote:
I guess I'm just having trouble imagining the situation where you have
console access, but need to do basic post-install configuration via the
network, as root, remotely.
This is how I normally do it. I don't like to stand at
Sounds good, but as I've successfully avoided both PPP and PPPoE for
well over ten years now, I have no way to completely test, a diff
would be nice.
Nick.
Mitja Muenih / Kerberos.si / wrote:
Yes, I can confirm that. I too got bitten by it before and I was considering
proposing a patch for
And they got it all wrong. It is all for the perceived sense of
security. Not being able to login over ssh right after install sucks.
I am that guy that ends up enabling it on all other boxes that use a
different default.
The machine I install and then deploy to be hostile network connected
On Thu, Jul 10, 2008 at 2:26 PM, Nick Holland [EMAIL PROTECTED]
wrote:
Sounds good, but as I've successfully avoided both PPP and PPPoE for
well over ten years now, I have no way to completely test, a diff
would be nice.
We will also need one for UUCP over RFC1149.
:)
(through a bitnet
On July 10, 2008 12:21:59 pm Philip Guenther wrote:
On Thu, Jul 10, 2008 at 9:59 AM, Vijay Sankar [EMAIL PROTECTED] wrote:
...
I don't think -B8BITMIME works with sendmail on OpenBSD -- at least it
does not on my 4.3 i386 from CD and on 4.4 -current.
sigh What do you think it does, how
Hi, here's the Barix voice :)
The products are quite different in that the Barionet can be programmed in a
basic dialect for quite sophisticated functions (if required), connects via
IP, and can be polled by SNMP, CGI, UDP or TCP (ascii protocols).
You could also use much cheaper products from
Hi again,
It seems that I needed:
set skip on lo0
Funny thing is that the same ruleset works on 4.3 without the
need for this statement.
Was there some change in the route-to logic from 4.3 to 4.4?
This may be of interest for someone running spamd in a bridge
setup.
Kind regards,
Jose.
--
On Thu, 3 Jul 2008, Edd Barrett wrote:
Hi,
If you get the wep key (or network name) wrong when configuring iwi network
drivers the card becomes useless until you reboot. This is annoying when at a
friends house and I mistype the key for example. I have tried taking the
interface down and
On Thu, Jul 10, 2008, GVG GVG wrote:
I first have to excuse myself cause I claimed that there were no errors in
the log file!
Well, there was no debugging output enabled. Now I did that with '-d0-17.4'
flags!
You do NOT need to enable debugging to get logging...
Still I don't see
Top Shop
Ekskluzivna pretprodaja - samo na internetu!
80-95% ženske populacije u svetu ima problem sa celulitom.
ReÅ¡ite ga se uz Celluless...Samo do 12. jula po Äak 38% nižoj ceni!
HIT proizvod! HIT cena!
Celluless
Celluless
Bikiniji, mini suknje i kratki Å¡orcevi su ponovo u modi, a vi
Marco Peereboom wrote:
And they got it all wrong. It is all for the perceived sense of
security. Not being able to login over ssh right after install sucks.
I am that guy that ends up enabling it on all other boxes that use a
different default.
The machine I install and then deploy to be
On Thu, Jul 10, 2008 at 7:43 PM, Daniel B. [EMAIL PROTECTED] wrote:
After that, I can't even make nfe(4) run.
After iwi is boned, also my fxp is boned. Same situation different hardware.
I mailed damien pointing at this thread, but no reply.
--
Best Regards
Edd
Dude,
Why do you let them tell you because the source blah blah? Isn't
that why you pay them lots of $$?
On 7/10/08, Brian A. Seklecki [EMAIL PROTECTED] wrote:
Am I reading this right?
Hi OpenBSD PF experts,
I am managing a private network 192.168.1.0/24, 192.168.1.2 is my
Retrospect backup server running on OS X 10.5 to back up the rest of
computers.
To add another layer to protect my backup server, I add an OpenBSD4.3 PF
transparent firewall in front of 192.168.1.2,
There is also the Tini from Dallas.
This is a more low level approach, but it comes with a lightweight
unix-like shell, and supports a variety of interface busses and
protocols, http, ppp, ftp and others, and can be programmed in c, java
or assembly.
I've used it extensively, and while there's
Charles Smith wrote:
Good afternoon!
So, before the next make build I must rebuild the yacc alone.
I would like to know how can I rebuild yacc.
I searched in old errata patches, Makefiles, bsd.*.mk files.
In my previous logfile (2008.07.07/src_make_build) I see, that by
yacc the make
--- On Thu, 7/10/08, Louis V. Lambrecht [EMAIL PROTECTED] wrote:
Frankly, re-re-re-re-read the FAQ.
Since you just re-installed and still want -current
packages, the best
way would
be to grab a snapshot and do a fresh install.
Do this on a date at which your mirror has packages with
All the developers are great, but even so some stand out. Otto writes a
lot of very good code, fixed ancient bugs, is nice to random idiots like
me here on misc@openbsd.org, and a lot of other good things.
A little bird (not Otto) told me he's got a wishlist with a couple of
books. If someone
On Jun 14, 2008, at 1:47 PM, Damien Miller wrote:
Just to reinforce the experimental thing:
There are some big softraid changes coming that will alter the on-disk
metadata format (for all softraid disciplines, not just crypto).
Volumes
created with the current tools will be unreadable
I currently have a 3500 line diff in my tree that completely rewrites
softraid metadata handling. The idea is that when this goes in we can
start adding foreign raid formats as sub-drivers to softraid. This also
fixes issues of power failures and crashes where the checksums are no
longer
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better informed. i wish
this mailing list had
I didn't want to rehash it all again. Everyone knows the issues.
However, with respect to the right to disagree, if Marco's and Darrin's
belief
On Jul 10, 2008, at 9:19 PM, Brian A. Seklecki [EMAIL PROTECTED]
wrote:
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better
informed. i wish this mailing list
There is a security risk / attack vector here, however remote,
without
On Fri, Jul 11, 2008 at 12:19:27AM -0400, Brian A. Seklecki wrote:
On Thu, 10 Jul 2008, Jacob Yocom-Piatt wrote:
maybe if people actually READ THE ARCHIVES, they'd be better
informed. i wish this mailing list had
I didn't want to rehash it all again. Everyone knows the issues.
However,
On Fri, Jul 11, 2008 at 3:07 AM, Darrin Chandler
[EMAIL PROTECTED] wrote:
All the developers are great, but even so some stand out. Otto writes a
lot of very good code, fixed ancient bugs, is nice to random idiots like
me here on misc@openbsd.org, and a lot of other good things.
A little bird
76 matches
Mail list logo
