Re: openssh question
At 10:37 PM +0100 3/6/00, Christian Weisgerber wrote: William Woods [EMAIL PROTECTED] wrote: How do we update it, ie, when a updated version comes out. OpenSSH doesn't really have releases. The upstream version is straight out of the OpenBSD repository. I assume several of our developers monitor the OpenBSD commits and will carry over any changes. Out of the OpenBSD repository, or out of the OpenSSH project? Note that www.openssh.COM currently says: *NEW* OpenSSH 1.2.3 released March 6, 2000 which sounds a lot like a new release to me... I would rather not make world just to update that. How do you handle updates to any other part of the system? Why do you consider openssh a special case? I think openssh is a bit different than most things in the current base system, in that it is still in rapid development, and some of those developments WILL be of immediate interest to sites using openSSH (in particular, some of the improvements to compatibility with other implementations of ssh1). You can usually update individual parts of FreeBSD without doing a "make world". cd /usr/src/... make -jX install make clean. While I do think OpenSSH is something of a special case, this answer should be fine for my own purposes. I was also wondering how easy it would be to update just openssh without updating all of the world. Thanks. --- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
single user weirdness
A strange thing has happened while booting into single user mode. My / filesystem was mounted on wd0s4a even though I have updated /dev and /etc/fstab to use ad0s4a. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: which(1), rewritten in C?
On Friday, March 03, 2000, Matthew Hunt wrote: and the "type" builtin is too verbose, saying "which is hashed (/usr/bin/which)." In ksh, `whence' is a bit equivalent to `which' (`type' in ksh is an alias to `whence -v'). From the ATT ksh manual: whence [ -afpv ] name ... For each name, indicate how it would be interpreted if used as a command name. The -v option produces a more verbose report. The -f options skips the search for functions. The -p option does a path search for name even if name is an alias, a function, or a reserved word. The -a option is similar to the -v option but causes all interpretations of the given name to be reported. Which would yield the following behavior: $ whence pwd pwd $ whence -f pwd pwd $ whence -p pwd /bin/pwd $ whence -v pwd pwd is a shell builtin $ whence -a pwd pwd is a shell builtin pwd is a tracked alias for /bin/pwd -- |Chris Costello [EMAIL PROTECTED] |A paperless office has about as much chance as a paperless bathroom. ` To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
James E. Pace writes: | | I rebuilt -current on Friday, and OpenSSH does not work through a | SOCKS firewall. | | In my make.conf, I have "USE_SOCKS= YES", which is used in the | ports/security/ssh port. As mentioned we have ssh in the base system so your are picking that up. Another alternative is to remove the setuid bits /usr/bin/ssh and then do a "runsocks ssh". LP_PRELOAD in FreeBSD does not work on setuid binaries. This is a security feature. Solaris let's you do a LD_PRELOAD on setuid binaries if the library is from /usr/lib. So on Solaris if the libsocks_sh.so was in /usr/lib then LD_PRELOAD of it would work on setuid binaries like ssh and it would just work without recompiling/linking. However, now that Dante is available and has BSD licensing we could include it in the base OS. Yes it is bloat, but then people could sysinstall behind a Socks firewall and things like ssh etc could be linked to it. There are things I like and don't like with Dante but it is a pretty good package and has a better license. I could do the work if deemed usefull. I don't want to maintain my own branch and we use the Nec implementation here so I don't want to be bouncing between them for no good reason. Doug A. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Error: no such 386 instruction: `state' ???
Hi,
I'm running a snap from 2/28:
FreeBSD dbm.wireless.net 4.0-2228-CURRENT FreeBSD 4.0-2228-CURRENT #2:
Fri Mar 3 22:19:33 PST 2000
Often when compiling a port, the process will fail with messages like
the following:
[...]
Compiling smbd/noquotas.c
Compiling smbd/reply.c
{standard input}: Assembler messages:
{standard input}:4939: Error: no such 386 instruction: `state'
*** Error code 1
Stop in /usr/ports/net/samba/work/samba-2.0.6/source.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
[root@dbm /usr/ports/net/samba]#
The strange thing is, if I just say "make" again, it will continue to compile
where it left off without any problems.
Anyone else see these errors? Any Ideas?
--
Regards, Devin.
P.S. Never had this problem under 3.x.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Error: no such 386 instruction: `state' ???
Hi,
I am running a current snap from 2/28.
FreeBSD dbm.wireless.net 4.0-2228-CURRENT FreeBSD 4.0-2228-CURRENT
#2: Fri Mar 3 22:19:33 PST 2000
Often when compiling a port, the process fails with messages like the
following:
[...]
Compiling smbd/pipes.c
Compiling smbd/predict.c
Compiling smbd/noquotas.c
Compiling smbd/reply.c
{standard input}: Assembler messages:
{standard input}:4939: Error: no such 386 instruction: `state'
*** Error code 1
Stop in /usr/ports/net/samba/work/samba-2.0.6/source.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
[root@dbm /usr/ports/net/samba]#
The strange thing is, if I just say make again, it will continue to compile
where it left off without any problems.
Has anyone seen messages like this before? Any ideas?
--
Regards, Devin.
P.S. I never had this problem under 3.x.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
no openssh after build
I just built a new world today and openssh does not appear to be installed. I have the directories /etc/ssh and /etc/ssl but they are empty. There is no /usr/bin/ssh. I've been trying to follow the discussions on this issue and I understood that this is now part of the default base system. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Error: no such 386 instruction: `state' ???
Oops! Sorry for the double post. :( Kmail got stupid on me... -- Regards, Devin. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Error: no such 386 instruction: `state' ???
I was having this problem a few weeks ago while trying to make world. I
had just gotten a new motherboard, that was letting me overclock my
processor (it offered new bus speeds). I reset the processor to run at its
default speed, and I have not seen this error since.
So, if you are overclocked at all I would suggest trying to clock it down
a little.
-Will
On Mon, 6 Mar 2000, Devin Butterfield wrote:
Hi,
I'm running a snap from 2/28:
FreeBSD dbm.wireless.net 4.0-2228-CURRENT FreeBSD 4.0-2228-CURRENT #2:
Fri Mar 3 22:19:33 PST 2000
Often when compiling a port, the process will fail with messages like
the following:
[...]
Compiling smbd/noquotas.c
Compiling smbd/reply.c
{standard input}: Assembler messages:
{standard input}:4939: Error: no such 386 instruction: `state'
*** Error code 1
Stop in /usr/ports/net/samba/work/samba-2.0.6/source.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
*** Error code 1
Stop in /usr/ports/net/samba.
[root@dbm /usr/ports/net/samba]#
The strange thing is, if I just say "make" again, it will continue to compile
where it left off without any problems.
Anyone else see these errors? Any Ideas?
--
Regards, Devin.
P.S. Never had this problem under 3.x.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: vinum: CDEV_MAJOR undeclared
On Monday, 6 March 2000 at 23:13:17 +0100, Martin Dieringer wrote: when making buildworld, I get an error: === sbin/vinum cc -O2 -pipe -m486 -I/usr/src/sbin/vinum/../../sys -Wall -DVINUMDEBUG -I/usr/obj/usr/src/i386/usr/include -c /usr/src/sbin/vinum/v.c /usr/src/sbin/vinum/v.c: In function `make_devices': /usr/src/sbin/vinum/v.c:494: `CDEV_MAJOR' undeclared (first use in this function) /usr/src/sbin/vinum/v.c:494: (Each undeclared identifier is reported only once /usr/src/sbin/vinum/v.c:494: for each function it appears in.) *** Error code 1 1 error Am I missing some headerfile? I cvsup-ed current yesterday and did an install-world about a week ago. You appear to be missing the latest version (1.26) of v.c, committed on 29 February: revision 1.26 date: 2000/02/29 06:21:38; author: grog; state: Exp; lines: +9 -11 Don't print any error message if we can't open the history file. This replaces an older attempt to silence vinum(8) when started in single-user mode. Add entries for vinum_raid[45]. Replace the preprocessor variable name CDEV_MAJOR with VINUM_CDEV_MAJOR. Greg -- Finger [EMAIL PROTECTED] for PGP public key See complete headers for address and phone numbers To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured inrc.conf?
Hi, Hello, Now that I have several machines running FreeBSD 4.0, I started to play with IPv6. It's fun! I have plans to set up a v6-over-v4 tunnel and connect to the 6Bone. I read /usr/share/examples/IPv6/USAGE, /usr/share/doc/IPv6/IMPLEMENTATION and some documents at the KAME web site. However, I still have to figure out how to assign a not-link-local address (i.e., a site or global address) to the [unique] Ethernet interface of each host in an automatic manner (from /etc/rc.conf). After reading /etc/rc.network6 I concluded that no addresses apart from the link-local ones are assigned to the interfaces. I am using ifconfig manually to do this (BTW, I found that there is no need to specify "alias"). I am new to IPv6, so maybe I am asking for something with no sense... There seems to be already another answers and I might be missing a point, but you might mean you want to assigne an address with simple number in its lower 8byte? Such as, 3ffe:501:100e:2000::1 or 3ffe:501:100e:2000::2 not like 3ffe:501:100e:2000:200:eff:fe74:41d2 ? In that case, yes, you need to do ifconfig to assign former kind of address. They are relatively easy to memorize and useful as server addr. But you don't necessarily need to manually assign it. You can use existing ifconfig_ifname= and ifconfig_ifname_aliasnum= also for IPv6. (But there is no example for IPv6. I'll add examles.) E.g. if you want to assign 3ffe:501:100e:2000::1 and 3ffe:501:100e:2000::2 to ed0, I think following configuration works. ifconfig_ed0_alias0="inet6 3ffe:501:100e:2000::1 prefixlen 64" ifconfig_ed0_alias1="inet6 3ffe:501:100e:2000::2 prefixlen 64" (By the way, this is local addr here, and please not use exactly same prefix at another place. :-) Cheers, Yoshinobu Inoue To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ipv6 and rc.conf questions
Hi, Wmmm, should rtadvd always be invoked when 'ipv6_gateway_enable="YES" ? Hmmm...two things come to mind. 1) What happens if there are two routers running rtadvd on a single subnet? 2) Are there environments in which a netadmin might not want to use router advertisements? (1): It is OK. Host randomly choose one of routers as its default router, and other routers are also kept as backup default routers. Host always send its packet to the default router, and if it is not correct router for the destination, then the packet is just redirected to the correct router. (2): Yes there is. Usually it is desirable that only upstream router invoke rtadvd to suppress too many redirects. In following case, only R-backbone should invoke rtadvd. (But there will be no serious problem even if R-local also invoke rtadvd.) backbone | R-backbone | --- my subnet | R-local | -- just one or two subnets But if you have more than 2 upstream routers, it might be desirable that either upstream router invoke rtadvd as redundancy. - backbone | | R-backbone1 R-backbone2 | | -- my subnet Yoshinobu Inoue I have this fuzzy feeling that always invoking rtadvd on routers might not be a good idea, but that perhaps making it the default might be good (right now, rtadvd is turned off by default). Bruce. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
: I'd like to get this committed - I'll try and take a look at it tonight,
: time permitting. I would definitely like to allow SSH to work with dante,
: though, since that's a better (BSDL) alternative than the restricted NEC
: version.
I don't know well about dante, but if it is one of socks
implementation, then I think it will also need getaddrinfo
wrapper support.
In socks5 port case, the following patches are already added,
so it should be able to support apps which use getaddrinfo().
Cheers,
Yoshinobu Inoue
--- lib/rld.c.orig Wed Aug 4 04:59:28 1999
+++ lib/rld.c Mon Feb 21 03:55:45 2000
@@ -197,6 +197,26 @@
lsInRLDFunctions = 0;
S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "RLD: gethostbyname2
results: %s %s", name, hp?hp-h_name:"???");
return hp;
+}
+#endif
+
+#ifdef HAVE_GETADDRINFO
+int REAL(getaddrinfo)(const char *hostname, const char *servname,
+ const struct addrinfo *hints, struct addrinfo **aip) {
+int error;
+static void *func = NULL;
+
+S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "RLD: getaddrinfo: %s",
+hostname);
+GetOriginalFunc(func, "_getaddrinfo", TRY_LIBC | TRY_LIBNSL | TRY_LIBRESOLV);
+if (!func || func == (void *)-1) return NULL;
+
+lsInRLDFunctions = 1;
+error = ((int (*)P((const char *, const char *, const struct addrinfo *,
+ struct addrinfo **)))func)(hostname, servname,
+ hints, aip);
+lsInRLDFunctions = 0;
+S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "RLD: getaddrinfo results:
+%s %s", hostname, (*aip(*aip)-ai_canonname)?(*aip)-ai_canonname:"???");
+return error;
}
#endif
--- lib/hostname.c.orig Wed Aug 4 04:59:29 1999
+++ lib/hostname.c Tue Feb 22 09:51:48 2000
@@ -17,6 +17,10 @@
#define S5_HOSTLIST_SIZE256
#define S5_HOSTALIASES_SIZE 16
#define S5_FAKEHOSTFILE ".s5fakehost"
+
+#ifndef NI_WITHSCOPEID
+#defineNI_WITHSCOPEID 0
+#endif
struct hostEntry {
char name[S5_HOSTNAME_SIZE];
@@ -402,6 +406,129 @@
}
#endif
+#if defined(HAVE_GETADDRINFO) defined(HAVE_GETNAMEINFO)
+/* wrapper around the getaddrinfo call. */
+/* similar to getaddrinfo() except for: */
+/* *** if getaddrinfo() fails, then it returns a pointer to a addrinfo */
+/* structure filled with a special value, so that SOCKSxx() will */
+/* realize that this host was unresolved and fill in the protocol*/
+/* accordingly...*/
+/* */
+/* returns an error number on failure; 0 on success */
+int LIBPREFIX(getaddrinfo)(const char *hostname, const char *servname,
+ const struct addrinfo *hints,
+ struct addrinfo **aip) {
+static char numaddrbuf[MAXHOSTNAMELEN];
+static struct addrinfo *ai;
+char *local, *fake;
+int error = 0, i;
+int addrlen, namelen, family;
+
+#ifdef FOR_SHARED_LIBRARY
+if (lsInRLDFunctions || lsInWrapFunction || lsInWrapHostname) return
+REAL(getaddrinfo)(hostname, servname, hints, aip);
+#endif
+
+lsInWrapFunction = 1;
+lsInWrapHostname = 1;
+LIBPREFIX2(init)("libsocks5");
+S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "SOCKS getaddrinfo: looking
+up %s", hostname);
+
+fake = getenv("SOCKS5_FAKEALLHOSTS");
+local = getenv("SOCKS5_LOCALDNSONLY");
+
+if (!fake
+ (error = REAL(getaddrinfo)(hostname, servname, hints, aip)) == NULL) {
+getnameinfo((*aip)-ai_addr, (*aip)-ai_addrlen, numaddrbuf,
+ sizeof(numaddrbuf) - 1, NULL, 0,
+ NI_NUMERICHOST|NI_WITHSCOPEID);
+ S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "SOCKS getaddrinfo: REAL:
+%s", numaddrbuf);
+
+lsInWrapFunction = 0;
+lsInWrapHostname = 0;
+ return error;
+}
+
+/* If your DNS is the same as the socks server, don't fake a correct */
+/* lookup when you know it won't work... */
+if (local) {
+ S5LogUpdate(S5LogDefaultHandle, S5_LOG_DEBUG(10), 0, "SOCKS getaddrinfo: REAL:
+Fake not configured");
+lsInWrapFunction = 0;
+lsInWrapHostname = 0;
+ return (error != 0) ? error : EAI_FAIL;
+}
+
+/* Fill in some UNRESOLVED values and let the daemon resolve it */
+if ((i = GetFakeHost(hostname)) = 0) {
+S5LogUpdate(S5LogDefaultHandle, S5_LOG_ERROR, 0, "SOCKS getaddrinfo: Get fake
+host failed");
+lsInWrapFunction = 0;
+lsInWrapHostname = 0;
+ return (error != 0) ? error : EAI_FAIL;
+}
+
+/* create fake for AF_INET. Fake for AF_INET6 is not yet */
+if (hints-ai_family == AF_UNSPEC || hints-ai_family == AF_INET) {
+addrlen = sizeof(struct
Re: IPv6: can a link-site (or global) address be configured inrc.conf?
Hi, Very unfortunately, 6to4 is not yet supported in FreeBSD/KAME. So now available options will be, -Use freenet6 (for one hosts). -Get IPv6 address block and connect to 6bone using gif tunnel. Cheers, Yoshinobu Inoue Please read, then ask any questions you may have. 6to4 is currently supported, and there are relay routers up and running. My apologies if I sound like I need "IPv6 for Dummies". Just to clarify. You mean that 6to4 is currently supported in FreeBSD/KAME? Of course, I'm not quite sure what I mean by this. I guess, if I configure a FreeBSD/KAME host as an IPv6 router, will the router automatically do the IPv6-IPv4 encapsulation when it encounters a destination prefix of 2002::/16 and vice versa for incoming packets? Or, do I need to configure a pseudo interface somehow (gif doesn't look quite like the right thing?). Also, will FreeBSD/KAME hosts (both router and non-router hosts) somehow automatically do the proper address selection algorithm when they encounter multiple IPv6 addresses, or is that an application level requirement? Also, if I have (for example) IPv4 addresses of 204.95.187/24, I assume I can use any of the 2002:[V4ADDR]:/48 prefixes within my allocation, but for external 6to4 connectivity I should probably choose the V4ADDR of the external interface of the 6to4 router? And, finally, do some of the 6to4 relay routers that are "up and running" serve small isolated sites? I assume the best case is that one's ISP provides IPv6 connectivity in some shape or form. But, if thats not the case, I assume the main options are IPv6-IPv4 tunnel to a co-operative IPv6 site, or 6to4 with a default route to a relay router (who I assume must configure a static route back?). Or, run a more sophisticated routing protocol (BGP), but thats a little much for me, I think. Of course, if everyone configures 6to4 (or at least everyone you want to reach) then am I correct that you don't really need 6to4 "relay" routers? This is only for reaching native IPv6 sites without 6to4 addresses? Thanks. -- Richard Seaman, Jr. email: [EMAIL PROTECTED] 5182 N. Maple Lanephone: 262-367-5450 Chenequa WI 53058 fax: 262-367-5852 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: no openssh after build
On Mon, 6 Mar 2000, R Joseph Wright wrote: I just built a new world today and openssh does not appear to be installed. I have the directories /etc/ssh and /etc/ssl but they are empty. There is no /usr/bin/ssh. I've been trying to follow the discussions on this issue and I understood that this is now part of the default base system. Do you have the crypto sources installed? Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
On Mon, 6 Mar 2000, Garance A Drosihn wrote: Out of the OpenBSD repository, or out of the OpenSSH project? Both are the same thing. Note that www.openssh.COM currently says: *NEW* OpenSSH 1.2.3 released March 6, 2000 which sounds a lot like a new release to me... They (arbitrarily) bumped the version this morning. The version numbers don't really correspond to anything other than periodic checkpoints along the CVS branch. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: vinum: CDEV_MAJOR undeclared
thanks for your responses. I seem to have commented out src-all and just fetched -sys and -release, then forgot about that. so my v.c (and everything else) was outdated... sorry to have bothered you with this stupid behaviour. martin On Tue, 7 Mar 2000, Greg Lehey wrote: On Monday, 6 March 2000 at 23:13:17 +0100, Martin Dieringer wrote: when making buildworld, I get an error: === sbin/vinum cc -O2 -pipe -m486 -I/usr/src/sbin/vinum/../../sys -Wall -DVINUMDEBUG -I/usr/obj/usr/src/i386/usr/include -c /usr/src/sbin/vinum/v.c /usr/src/sbin/vinum/v.c: In function `make_devices': /usr/src/sbin/vinum/v.c:494: `CDEV_MAJOR' undeclared (first use in this function) /usr/src/sbin/vinum/v.c:494: (Each undeclared identifier is reported only once /usr/src/sbin/vinum/v.c:494: for each function it appears in.) *** Error code 1 1 error Am I missing some headerfile? I cvsup-ed current yesterday and did an install-world about a week ago. You appear to be missing the latest version (1.26) of v.c, committed on 29 February: revision 1.26 date: 2000/02/29 06:21:38; author: grog; state: Exp; lines: +9 -11 Don't print any error message if we can't open the history file. This replaces an older attempt to silence vinum(8) when started in single-user mode. Add entries for vinum_raid[45]. Replace the preprocessor variable name CDEV_MAJOR with VINUM_CDEV_MAJOR. Greg -- Finger [EMAIL PROTECTED] for PGP public key See complete headers for address and phone numbers _ Martin Dieringer mailto:[EMAIL PROTECTED] Moeckernstr. 76 http://userpage.fu-berlin.de/~dieringe/ 10965 Berlin Tel.: 030 / 78 99 21 99 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
Kris Kennaway [EMAIL PROTECTED] wrote in list.freebsd-current: On Mon, 6 Mar 2000, Oliver Fromme wrote: the ports (yeah, stupid me), to no avail. It complained about some RSA library missing. Did you read the error message? Yes, I did, it was not helpful. In fact, it was confusing. Perhaps you should. Perhaps reporting it here would help someone to actually fix your problem instead of having to guess. I do not have a problem, I fixed it myself after some struggling. Did you read my whole message? Maybe I was a bit unclear. Sorry for that. My question was just what I am expected to do, and whether removing /usr/bin/ssh is the suggested solution. Hmm. Can you try cvsupping your src-crypto and src-secure collections from another (non-US) cvsup server? I can't cvsup on that -current box, it's too small for a "make world" (and probably too slow, too). I just downloaded the 2228-current snapshot and installed it. Apart from my stupidness of not checking the location of the binary first -- what did I do wrong, and what's the recommended way of handling this? Am I supposed to rm /usr/bin/ssh each time I install a new release or snapshot? I can't believe that. Read /etc/defaults/make.conf Why? I didn't compile anything. By the way, _why_ is ssh in the base system now, and what is wrong with having it in the ports? I'm sorry if there was a "HEADS UP" on this list, then I must have missed it. Enough people wanted it in the base system For what reason? I'm sorry, I can't find anything in the archives which is answering my question. I'm quite surprised you've missed any discussion of OpenSSH here though, since it's probably been one of the most discussed topics here for the past few weeks. Hm. Strange. Regards, Oliver -- Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany (Info: finger userinfo:[EMAIL PROTECTED]) "In jedem Stück Kohle wartet ein Diamant auf seine Geburt" (Terry Pratchett) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ipv6 and rc.conf questions
Wmmm, should rtadvd always be invoked when 'ipv6_gateway_enable="YES" ? Oh, I need to conclude about this. (2): Yes there is. Usually it is desirable that only upstream router invoke rtadvd to suppress too many redirects. In following case, only R-backbone should invoke rtadvd. (But there will be no serious problem even if R-local also invoke rtadvd.) backbone | R-backbone | --- my subnet | R-local | -- just one or two subnets I have this fuzzy feeling that always invoking rtadvd on routers might not be a good idea, but that perhaps making it the default might be good (right now, rtadvd is turned off by default). Bruce. To think about the above case, always enabling rtadvd might not be good idea. And now I think the problem is that entry name, rtadvd_enable="NO" is not intuitive for users. So how about changing the name to something like, ipv6_to_be_defaultrouter="NO" and if it is set to YES, then rc.network6 invoke rtadvd (and possibly do other works)? Please give me comments if it seems reasonable or not, and also if the name is good or bad. Thanks, Yoshinobu Inoue To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: kern/16487: please apply newpcm fix
Seigo Tanimura [EMAIL PROTECTED] wrote in list.freebsd-current: On Mon, 6 Mar 2000 01:22:41 +0100 (CET), Oliver Fromme [EMAIL PROTECTED] said: Oliver Would someone please (pretty please) have a look at kern/16487 Oliver and commit the trivial fix in it? It's just one line, and it Oliver makes AvanceLogic-100 soundcards work again. The logical ID of ALS100 conflicts with the one of CMI8330(mss), so we also have to check the vendor ID. Could you please give it to me? It is likely to be 0x00019305. (ALS110 is 0x10019305 and ALS120 is 0x20019305, so...) pnpinfo says: Vendor ID ALS0001 (0x01009305), Serial Number 0x0100 Logical Device ID: @@@0001 0x0100 #0 But I think there is already a check for the vendor ID of the card, look at the beginning of sbc_probe() in sbc.c. So I think it's really sufficient to add that line to the array of logical IDs. Regards Oliver -- Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany (Info: finger userinfo:[EMAIL PROTECTED]) "In jedem Stück Kohle wartet ein Diamant auf seine Geburt" (Terry Pratchett) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
RE: FINAL: installation floppies and USB
On 07-Mar-00 John Daniels wrote: Hi: My installation problem has been solved. For those of you who have not been following "Installation floppies and USB," I have written a short synopsis after my description of the resolution and conclusion. Good, glad you got your system working. 4- Although I was disappointed that FreeBSD did not support USB out-of-the-box, I did not expect a lot of support (like I had as a paying customer of RedHats). NetBSDs installation floppy did work and that was my backup but I was encouraged to continue looking into my USB problem because I found that FreeBSD developers were willing to be helpful. This is especially true of John Barton, who first volunteered to help, but also of John Reynolds who elevated my problem to -current and Nick Hibma who responded quickly and cogently. This does need to be rectified. I still want to build a USB-enabled release and try to get it tested, or at least some custom boot floppies. If I get these built, I might ask to have you test them for me if you could. The thing is, while you may have been fortunate to find some PS/2 ports, a lot of new motherboads are USB only. I know because I have been looking at getting an Athlon, and most of the Athlon motherboards are USB only. Part of the problem is that apparently USB cannot be compiled directly into the kernel. Instead, doing so results in an unstable kernel. Instead, USB needs to be loaded via kld's, which complicates the boot disks somewhat. 5- Perhaps I am naïve, but stating that an OS supports a device is confusing when that support has to be compiled in. There should be a sharper distinction between support out-of-the-box (in GENERIC) and otherwise. Part of the confusion stems from the fact that USB seems so basic. For example, almost any PC will support a hard disk and a printer but most people would expect a hard disk to come with the machine. In fact, hardware.txt states: The FreeBSD kernel on the install floppy contains drivers for every piece of hardware that could conceivably be used to install the rest of the system with. As mentioned above, this is a definite concern that needs to be addressed. -- John Baldwin [EMAIL PROTECTED] -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: FINAL: Installation floppies and USB
Oops: That's kudos for John *Baldwin,* NOT "Barton." A thousand pardons... John __ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, Oliver Fromme wrote: Apart from my stupidness of not checking the location of the binary first -- what did I do wrong, and what's the recommended way of handling this? Am I supposed to rm /usr/bin/ssh each time I install a new release or snapshot? I can't believe that. I avoid the problem by structuring my paths along the lines of $HOME/bin:/usr/local/bin:/usr/bin:/bin (everythere, not just on FreeBSD). This way, if I (as sysadmin) install something in /usr/local, it over-rides whatever the vendor supplied. (Otherwise, I probably wouldn't have installed my own version). Likewise, anything I put in my private bin directory over-rides anything in the common areas. In this case, it would mean that the version of ssh installed (in /usr/local/bin) from the ports would over-ride the /usr/bin/ssh in the base system. Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
In message [EMAIL PROTECTED] Doug Ambrisko writes: : Another alternative is to remove the setuid bits /usr/bin/ssh and : then do a "runsocks ssh". That's not really an option for my work patterns... : I could do the work if deemed usefull. I don't want to maintain : my own branch and we use the Nec implementation here so I don't : want to be bouncing between them for no good reason. I'd be up for that as well. Anything that works. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
sysinstall and the status of des encryption?
Hi, A quick question before I try to come up with a fix and patches for a problem that I believe to be a moving target. I have run 'make release' to create 4.0-2306-SNAP with sources current as of 2am March 6th. When running sysinstall and selecting ALL the encryption components, sysinstall fails trying to locate crypto/des.inf. When looking through /usr/src/release/Makefile, it doesn't appear that des.inf and des.?? are created anymore, but instead located in crypto.inf and crypto.??. So, I believe sysinstall needs to be updated so des.?? is not installed anymore. A 2nd question, do we need the concept of a default crypto mechanism when installing ALL the encryption components? Currently, it appears that 'last untarred' wins for libcrypto. Comments Welcome! Thanks, John -- John W. De Boskey jwd@sasDOTcom Gates' Law: Every 18 months, the speed of software halves. Gates' Corollary: Every 18 months, the size of software doubles. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
BookPC Intel 810 chipset
is there support for sound using the i810 chipset? I hear it isn't such a hot chipset but it does alott.. I have a BookPC here which would make a great work station reguardless of how much the chipset may suck.. support for X seems to exist in the linux world and the Davicomm 10/100 ethernet card works well under 4.0 Thanks in advance Richard Puga [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
On Mon, Mar 06, 2000 at 08:27:18PM +0100, Dave Boers [EMAIL PROTECTED] wrote: I'm interested in the fix, of course :-) But where to start looking? I've had three lockups so far (none before january 2000) but I didn't find anything that reliably triggered it. I had a lockup yesterday while stress-testing new SMP machine. Tyan motherboard with Intel GX chipset, 256MB of memory, one 20GB IBM UDMA66 disk, but running at UDMA33. All power management disabled completely in the BIOS. I was doing massive parallel compiling of GENERIC kernels. Let the machine doing this overnight and on the morning the console had about 20 'microuptime() went backwards' messages, I was able to switch vty's but not login, machine responded to pings, no disk activity. I'm using ata driver and only one unusual kernel option HZ=1000. -- Vallo Kallaste [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: no openssh after build
On Mon, 6 Mar 2000, Kris Kennaway wrote: On Mon, 6 Mar 2000, R Joseph Wright wrote: I just built a new world today and openssh does not appear to be installed. I have the directories /etc/ssh and /etc/ssl but they are empty. There is no /usr/bin/ssh. I've been trying to follow the discussions on this issue and I understood that this is now part of the default base system. Do you have the crypto sources installed? Why, that's a very good question. Why, no, I don't have them installed. :) It wasn't really clear to me, actually. From my tracking of the discussions, which can be very muddy and hard to follow, I thought that openssh was automagically installed but was not really an *active* thing unless the rsaref port was also installed. Thanks for your reply. Joseph To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
At 11:23 PM -0500 3/5/00, John Baldwin wrote: On 06-Mar-00 Kris Kennaway wrote: On Mon, 6 Mar 2000, Oliver Fromme wrote: the ports (yeah, stupid me), to no avail. It complained about some RSA library missing. Did you read the error message? Perhaps you should. Perhaps reporting it here would help someone to actually fix your problem instead of having to guess. I think you've kind of missed the point though, Kris. How many other people are going to upgrade only to find that their previously working system is now broken. We should at least mention this in UPDATING so people have a ghost of a chance. My guess is that when he said "help someone to actually fix your problem", his desire was to fix it so people would NOT have a problem updating. From the activity on the current list, it's clear that he has been putting in a lot of hours trying to fix all the various odds and ends which broke when this went in. (and yes, there have been a lot of loose ends, but people have definitely been working on them). This must have been the most discussed topic on the current mailing list for the past two weeks, and I (for one) appreciate all the work people have been doing to get openssh as part of the base system. It's been a bit bumpy, but it is (IMO) a worthwhile addition for 4.0-release. I would have been happy to vote for openssh as part of the base system, even though that means a delay in 4.0-release. --- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: oddness in -current
At 12:17 AM -0700 3/6/00, Chris Wasser wrote: I was just watching a buildworld happen when I noticed (specifically in gcc, and a few other places) the following warning several times: warning: mktemp() possibly used unsafely; consider using mkstemp() I'm not sure if it's a big deal or not, but in the interests of satisfying my own interests, I thought I would mention it. If this has been covered already in this list, then please disregard. Next time I'll capture the entire build process to a file. This probably has not been discussed a lot on current, but the freebsd-audit group has been trying to track down and change all uses of mktemp which might lead to any kind of security problem. --- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
Second, how does one specify options on the command line? In ssh 1.2.x, I say ssh -o ForwardX11=yes, but that doesn't work in OpenSSH. Bug or feature? Browsing the source, it looks like "ssh -o 'ForwardX11 yes'" should work. Both ssh and openssh define -o as: -o 'option' Can be used to give options in the format used in the config file. This is useful for specifying options for which there is no separate command-line flag. The option has the same format as a line in the configuration file. However, ssh allows lines in the configuration file to be of the form "keyword = arguments" but openssh only allows "keyword arguments". So you're really running into a difference in configuration file parsing. Ugh =) Bill To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Alternative way to do -stable to -current upgrade
Hi guys, I had an abortive -stable to -current upgrade late last week, despite following the directions in UPGRADING, the two kernels I built (one custom, one GENERIC) both froze on me during the reboot process. I'm a little wary of doing it again like that, because it does take some time to fix. So I had an alternative idea. How about doing the following: 1. Download -current boot.flp, mfsroot.flp, fixit.flp, and write to floppies 2. cd /usr/src make buildworld 3. Reboot from boot/mfsroot.flp 4. When prompted, use the fixit floppy to get a shell 5. Mount all the fixed disk partitions, and then (assuming they're all mounted under /mnt/root) cd /mnt/root/usr/src make DESTDIR=/mnt/root 6. Mergemaster 7. Build and install a new kernel This has the added advantage that if there's something in your system that was OK in -stable, but doesn't work in -current, you're going to find out about it before you've done an installworld, and before you've overwritten a working -stable /kernel, because boot.flp will fail to work. The only problem is that mergemaster assumes it's merging in to /etc, when that wouldn't be the case here -- mergemaster would need another config option ($DEST_ETC ?) to specify where to install to. Can anyone see anything there that's likely not to work? N -- Internet connection, $19.95 a month. Computer, $799.95. Modem, $149.95. Telephone line, $24.95 a month. Software, free. USENET transmission, hundreds if not thousands of dollars. Thinking before posting, priceless. Somethings in life you can't buy. For everything else, there's MasterCard. -- Graham Reed, in the Scary Devil Monastery To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
In message v04210113b4e9132e890c@[128.113.24.47] Garance A Drosihn writes: : My guess is that when he said "help someone to actually fix your problem", : his desire was to fix it so people would NOT have a problem updating. I've added a blurb to UPDATING. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
Thanks Bill. I forgot that old versions of ssh were this picky... OpenSSH inherited this from the 1.2.12 version it started from. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Make world error.....
On Sun, 5 Mar 2000, Brian Dean wrote: The perl script h2ph does not exit immediately on des.h, it sets it's $Exit value to 1, but continues processing. If the original poster would check further back in his log file, he'll see: Ah, okay. There might be an ordering problem with the des.h symlink being created before the openssl/des.h file which it points to. Any ideas, Mark? Don't shortcut make world. The files are correctly added there, and not if you try to "get clever" :-). M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: NO_OPENSSL world fixes
Okay, these patches were sufficient to allow me to build world with NO_OPENSSL defined. I'd like to commit these ASAP. No objections. After the release, I want to look at condensing the mass of .if defined(...) options we have, at least with respect to crypto. At the moment we have to test everywhere for things like .if !defined(NOCRYPT) !defined(NOSECURE) !defined(NO_OPENSSL) defined(MAKE_KERBEROS4) when all we really want to know is whether or not OpenSSL is available to be linked with. In addition to normalizing all of the NO* options to NO_* (or other way round if I get shouted down :), they should obey the correct covering hierarchy automatically so we don't have to explicitly test for all the covering options in each instance. For example, NO_CRYPT should imply NO_OPENSSL, which in turn implies NO_OPENSSH, etc. NOSECURE should be removed since it's nonfunctional. NO_CRYPT or NO_OPENSSL should conflict with MAKE_KERBEROS?, etc. Right. Sounds good! M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: oddness in -current
-On [2306 09:25], Garance A Drosihn ([EMAIL PROTECTED]) wrote: At 12:17 AM -0700 3/6/00, Chris Wasser wrote: I was just watching a buildworld happen when I noticed (specifically in gcc, and a few other places) the following warning several times: warning: mktemp() possibly used unsafely; consider using mkstemp() I'm not sure if it's a big deal or not, but in the interests of satisfying my own interests, I thought I would mention it. If this has been covered already in this list, then please disregard. Next time I'll capture the entire build process to a file. This probably has not been discussed a lot on current, but the freebsd-audit group has been trying to track down and change all uses of mktemp which might lead to any kind of security problem. And in this case those are probably warnings issued by programs from the contrib directory. Possible suspects: cvs, groff, etc. -- Jeroen Ruigrok van der Werven Network- and systemadministrator [EMAIL PROTECTED] VIA NET.WORKS The Netherlands BSD: Technical excellence at its best http://www.bart.nl Tel: +31 - (0) 10 - 240 39 70 http://www.via-net-works.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
On Mon, Mar 06, 2000 at 02:20:35AM -0700, Warner Losh wrote: : OpenSSH inherited this from the 1.2.12 version it started from. On a side note: last week, Tatu Ylonen, principal author of SSH, posted a message on the SSH mailing-list (in the thread about the new SSH2 license) saying that: " OpenSSH is based on my version from back in 1995 or 1996. The OpenSSH " folks have fixed many of the (security) bugs in that version, but not " all of them when I last checked. Some of the problems in SSH1 are " very fundamental. " " I do not recommend use of OpenSSH (or SSH1 generally, for that matter). There hasn't been much followup on this. Anybody here who cares to comment on this? What issues are relevant here and how bad is it? Best regards, -- Edwin H. Kremer, senior systems- and network administrator. [EMAIL PROTECTED] Dept. of Computer Science, Utrecht University, The Netherlands [WHOIS: ehk3] http://www.cs.uu.nl/people/edwin/ --- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
I'll second this email... My computer had been stable all winter (with setiathome runnning full time) but suddenly come the Australian summer it started freezing. Not panicing, just totally freezing under load. I could reproduce it by trying to build the whole of KDE and each time it was a freeze, never a panic. Windows 98 was freezing too but I didn't think that was abormal ;/ It turned out to be heat related as the machine is now stable after I installed a case fan (before I only had the power supply fan and CPU fan). I see that the internal case temperature still gets up to about 50 or 51 degrees celcius whereas it was getting to 52 degrees before. Note that I AM overclocking a Celeron 300a to 450 MHz by running with a 100 MHz FSB instead of 66 MHz so I suppose I shouldn't be surprised at the need for better cooling. As I'd prefer better CPU cooling to the case fan on the grounds of noise, can people recommend good CPU fans (over the standard Intel retail version Celeron 300a fan) ? How about these Peltier (sp ?) cooling devices I have heard about ? On Sun, 5 Mar 2000, Dan Papasian wrote: 1. Is your computer overclocked? 2. Is the computer totally frozen? (i.e. scroll lock doesn't turn the light on) 3. Does similar load crash the box as well? (try make -j2 world) 4. Does it freeze in the same spot? 5. Is the computer not responding to pings? If you've answered yes to a good amount of these questions, there is a good chance that your processor(s) are overheating. Try improving the airflow to the case (But using a household fan isn't recommended due to EMI) -Dan Papasian [EMAIL PROTECTED] On Sat, Mar 04, 2000 at 11:50:10PM -0800, Arun Sharma wrote: Compiling Mozilla with make -j 2 got -current to lock up, twice in succession. I'm running a fairly recent snapshot (a week or two old) on a Dual celeron box (BP6) with UDMA66 enabled. The kernel had DDB enabled. I was running X, but I didn't see any signs of the kernel attempting to get into the debugger. Has this been fixed ? Is anyone interested in investigating ? I'll post more info if I find anything. -Arun To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
ipv6 and rc.conf questions
Hi, I have been playing with IPv6 on a few machines and I must say that it is very easy to get the basic IPv6 configuration on the "endpoints" ie. machines with just a ethernet connection. Just a line with 'ipv6_enable="YES"' /etc/rc.conf and it is done. But how do you configure an IPv6 in IPv4 tunnel in rc.conf? I can do it on the commandline, I'm just trying to figure out how to do it in rc.conf. I can get the IPv4 part configured with something like this: gif_interfaces="gif0" gifconfig_gif0="146.64.84.9 146.64.8.68" But how/where do you configure the IPv6 part of the tunnel? Do you have to put it in the network_interfaces= section where the normal IPv4 configuration is done? Another question, how do you add a default IPv6 route in rc.conf? There is an ipv6_default_interface= variable, but from the comments it looks like it is only meant for link local multicast addresses. John -- John Hay -- [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
At 5:06 PM -0800 2000/3/5, Kris Kennaway wrote: Enough people wanted it in the base system - in fact, when the question was asked about importing it, I don't recall any objections - certainly it was not a significant opposition. In fact, there are a lot of us that explicitly *did* want it in the base system, and were very glad to see it go in. I got the chance this weekend to personally thank Jordan for making the tough decision to delay the release of 4.0 in order to get it in, and I'd like to now take this chance to publicly thank Kris and the rest of the guys for all their hard work in this area. Well done! Now, about some of those bugs ;-) -- These are my opinions and should not be taken as official Skynet policy = Brad Knowles, [EMAIL PROTECTED] Sys. Arch., Mail/News/FTP/Proxy Admin Note: No Microsoft programs were used in the creation or distribution of this message. If you are using a Microsoft program to view this message, be forewarned that I am not responsible for any harm you may encounter as a result. See http://i-want-a-website.com/about-microsoft/twelve-step.html for details. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ipv6 and rc.conf questions
Hi, Hi, I have been playing with IPv6 on a few machines and I must say that it is very easy to get the basic IPv6 configuration on the "endpoints" ie. machines with just a ethernet connection. Just a line with 'ipv6_enable="YES"' /etc/rc.conf and it is done. I'm glad to know that is working. :-) But how do you configure an IPv6 in IPv4 tunnel in rc.conf? I can do it on the commandline, I'm just trying to figure out how to do it in rc.conf. I can get the IPv4 part configured with something like this: gif_interfaces="gif0" gifconfig_gif0="146.64.84.9 146.64.8.68" But how/where do you configure the IPv6 part of the tunnel? Do you have to put it in the network_interfaces= section where the normal IPv4 configuration is done? After gif tunnel is configured by the above setup, you can just use ifconfig to assigne any IPv4 and/or IPv6 addresses to the gif p2p link. Such as, ifconfig gif0 10.0.0.1 10.0.0.2 netmask 255.255.255.0 ifconfig gif0 inett6 fec0:0:0:1000::1 fec0:0:0:1000::2 prefixlen 64 alias However, an IPv6 machine already has each IPv6 link local address on all of its interfaces by default, so it is found that no more additional IPv6 addr is necessary on p2p links. When you ping6 on a gif tunnel, you will see replies from IPv6 link local addresses of local machin and remote machine like below. (if the tunnel is setup correctly on each side.) hoge% ping6 ff02::1%gif0 PING6(56=40+8+8 bytes) fe80::200:eff:fe2e:dfe1 -- ff02::1 16 bytes from fe80::200:eff:fe2e:dfe1%lo0, icmp_seq=0 hlim=64 time=5.2 ms 16 bytes from fe80::200:e2ff:fe0d:bd18%gif0, icmp_seq=0 hlim=64 time=22.185 ms(DUP!) 16 bytes from fe80::200:eff:fe2e:dfe1%lo0, icmp_seq=1 hlim=64 time=8.127 ms 16 bytes from fe80::200:e2ff:fe0d:bd18%gif0, icmp_seq=1 hlim=64 time=33.705 ms(DUP!) ^C --- ff02::1%gif0 ping6 statistics --- 2 packets transmitted, 2 packets received, +2 duplicates, 0% packet loss round-trip min/avg/max = 5.2/17.304/33.705 ms If you need to reach other addrs over the tunnel, then, -just assigne IPv6 route to the gif tunnel using "route add -inet6 " command. or -enable following lines on each end of machines, and reboot them. ipv6_gateway_enable="YES" ipv6_router_enable="YES" If you did update and make world recently, please check /usr/share/examples/IPv6/USAGE. There will be more detailed info. A handbook chapter version is now under preparation. Another question, how do you add a default IPv6 route in rc.conf? There is an ipv6_default_interface= variable, but from the comments it looks like it is only meant for link local multicast addresses. In IPv6, a host's default router is automatically registered by receiving Router Advertisement messages from routers. To let routers send Router Advertisement, you need to invoke rtadvd on your router. It will be available by enabling the following config line on the router. rtadvd_enable="YES" If you want to enable it after the reboot, then please invoke rtadvd as root, and give it list of interface names to which you want Router Advertisement messages to be sent over. Such as, rtadvd ed0 ed1 ep0 ep1 Wmmm, should rtadvd always be invoked when 'ipv6_gateway_enable="YES" ? Cheers, Yoshinobu Inoue To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On 06-Mar-00 Warner Losh wrote: In message v04210113b4e9132e890c@[128.113.24.47] Garance A Drosihn writes: : My guess is that when he said "help someone to actually fix your problem", : his desire was to fix it so people would NOT have a problem updating. I've added a blurb to UPDATING. Warner Thanks, Warner. -- John Baldwin [EMAIL PROTECTED] -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
Warner Losh wrote: First, how does one enable TIS/SKEY authorization for ssh? It appears that the frst step would be to add -DSKEY to the Makefile conditional on something. Are there other steps? Yes, there are other steps. openssh depends upon functions in the openbsd libskey that we do not have. These functions appear to have been added somewhere between our initial version of skey and openbsd's as they exist in openbsd's initial version, but not ours. The skey support in the openssh port has the exact same problems. That being said, if there is some demand for this, I could merge openbsd's libskey into ours and get the skey authentication working. Jim Bloom [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
John Baldwin wrote: On 06-Mar-00 Kris Kennaway wrote: On Mon, 6 Mar 2000, Oliver Fromme wrote: the ports (yeah, stupid me), to no avail. It complained about some RSA library missing. Did you read the error message? Perhaps you should. Perhaps reporting it here would help someone to actually fix your problem instead of having to guess. I think you've kind of missed the point though, Kris. How many other people are going to upgrade only to find that their previously working system is now broken. We should at least mention this in UPDATING so people have a ghost of a chance. One possible source of breakage is not bringing over the existing server key. The key will need to be moved from /usr/local/etc to /etc/ssh. Did Warner include this with his changes to UPDATING about openssh in the base system (which I haven't seen yet). Jim Bloom [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: things I noticed w/ 4.0
Joseph Jacobson wrote: VESA is compiled into the kernel. I don't have a /boot/loader.conf file. Is there any other way for the VESA module to be loaded at boot, before /etc/rc runs? Also, none of the vidcontrol VESA modes work for me. (All this isn't a big deal, but the error message is weird). Nope. Might be what Mike said. Nowadays, an increasing number of video cards aren't VESA, or only do VESA with software drivers. I didn't express myself very well in the above paragraph. :) Here is the behavior exhibited by my box with apm. When apm is enabled in the bios, and 'apm -e enable' is run, 'halt -p' causes the system to reboot. 'zzz' causes the system to hang (unresponsive to keyboard and mouse input). (I didn't try all permutations of my apm bios settings with 'zzz' to see if I can work around the hang, but I don't think that's the cause). Pushing my power button during the hang state caused the system to reboot. Also, when apm is enabled, after a regular 'halt' or 'shutdown', pushing the power button causes the machine to reset, not turn off. Might be a apm option thingy. I haven't tweaked this in quite a while, but... in the past, by default APM 2.0 was _not_ activated, because some older stuff would crash. The default in the kernel had some flags or missed some flags that enabled it. Look up GENERIC/LINT, and check for those flags. -- Daniel C. Sobral(8-DCS) [EMAIL PROTECTED] [EMAIL PROTECTED] One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone bind them. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
IPv6: can a link-site (or global) address be configured in rc.conf?
Hello, Now that I have several machines running FreeBSD 4.0, I started to play with IPv6. It's fun! I have plans to set up a v6-over-v4 tunnel and connect to the 6Bone. I read /usr/share/examples/IPv6/USAGE, /usr/share/doc/IPv6/IMPLEMENTATION and some documents at the KAME web site. However, I still have to figure out how to assign a not-link-local address (i.e., a site or global address) to the [unique] Ethernet interface of each host in an automatic manner (from /etc/rc.conf). After reading /etc/rc.network6 I concluded that no addresses apart from the link-local ones are assigned to the interfaces. I am using ifconfig manually to do this (BTW, I found that there is no need to specify "alias"). I am new to IPv6, so maybe I am asking for something with no sense... My congratulations to the IPv6 team. Great job! TIA, -- JMA --- José Mª Alcaide | mailto:[EMAIL PROTECTED] Universidad del País Vasco | mailto:[EMAIL PROTECTED] Dpto. de Electricidad y Electrónica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Tel.: +34-946012479 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-946013071 --- "Beware of Programmers who carry screwdrivers" -- Leonard Brandwein To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
about releng3.freebsd.org
just a thought, would it be possible to have ls-lR and ls-lR.gz over there? it'd make it easier/possible for me to make proper mirror site... mickey To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured in rc.conf?
If memory serves me right, "Jose M. Alcaide" wrote: Now that I have several machines running FreeBSD 4.0, I started to play with IPv6. It's fun! I have plans to set up a v6-over-v4 tunnel and connect to the 6Bone. I read /usr/share/examples/IPv6/USAGE, /usr/share/doc/IPv6/IMPLEMENTATION and some documents at the KAME web site. However, I still have to figure out how to assign a not-link-local address (i.e., a site or global address) to the [unique] Ethernet interface of each host in an automatic manner (from /etc/rc.conf). After reading /etc/rc.network6 I concluded that no addresses apart from the link-local ones are assigned to the interfaces. I am using ifconfig manually to do this (BTW, I found that there is no need to specify "alias"). /etc/rc.network6 assumes that you'll get your non-link-local address(es) from your router(s) using rtsol(8). The router, in turn, needs to be running something like rtadvd(8). I am new to IPv6, so maybe I am asking for something with no sense... IPv6 autoconfiguration is very roughly analogous to using DHCP in the IPv4 world. (It's not exactly the same though. In fact, there exists a DHCP for IPv6.) Hope this helps, Bruce. PGP signature
Re: IPv6: can a link-site (or global) address be configured in rc.conf?
Bruce is right that machines expect to learn their prefixes from their local router; however if you're just playing around you might want to set it yourself. The easiest way I've found to do this is to say that this machine is a router: # sysctl -w net.inet6.ip6.forwarding=1 net.inet6.ip6.forwarding: 0 - 1 and then run "prefix" to set a site-local prefix: # prefix dc0 fec0:0:0:1:: # ifconfig dc0 dc0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet6 fe80::2a0:ccff:fe36:7410%dc0 prefixlen 64 scopeid 0x1 inet6 fec0::1:2a0:ccff:fe36:7410 prefixlen 64 Of course, if you have global address space too you can assign that prefix too. Bill To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured inrc.conf?
(Cc'ed to the 6BONE mailing list in the hope that someone there could answer my question as well) Speaking of the address allocation, is there a way for an individual to get a non-local address space (so that all of my machines can get an unique IPv6 address)? I've read through the 6BONE website, and it seems to me that I somehow have to `qualify' in order to get one. (And the fact that I just need 10 addresses makes me feel guilty; AFAIK the minimum allocation unit is 2^64-address block :-p.) Thank you in advance, Eugene On Mon, 6 Mar 2000, Bill Fenner wrote: | Bruce is right that machines expect to learn their prefixes from their | local router; however if you're just playing around you might want to | set it yourself. The easiest way I've found to do this is to say that | this machine is a router: | | # sysctl -w net.inet6.ip6.forwarding=1 | net.inet6.ip6.forwarding: 0 - 1 | | and then run "prefix" to set a site-local prefix: | | # prefix dc0 fec0:0:0:1:: | # ifconfig dc0 | dc0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 | inet6 fe80::2a0:ccff:fe36:7410%dc0 prefixlen 64 scopeid 0x1 | inet6 fec0::1:2a0:ccff:fe36:7410 prefixlen 64 | | Of course, if you have global address space too you can assign that prefix | too. | | Bill -- Eugene M. Kim [EMAIL PROTECTED] "Is your music unpopular? Make it popular; make music which people like, or make people who like your music." To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: about releng3.freebsd.org
mika ruohotie wrote: just a thought, would it be possible to have ls-lR and ls-lR.gz over there? You could just ftp into the server, and at the root directory, do: ls -lR ls-lR It will ask you if you want to save to local file ls-lR. Press y. - Donn To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured in rc.conf?
Bill Fenner wrote: Bruce is right that machines expect to learn their prefixes from their local router; however if you're just playing around you might want to set it yourself. The easiest way I've found to do this is to say that this machine is a router: # sysctl -w net.inet6.ip6.forwarding=1 net.inet6.ip6.forwarding: 0 - 1 and then run "prefix" to set a site-local prefix: # prefix dc0 fec0:0:0:1:: # ifconfig dc0 dc0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet6 fe80::2a0:ccff:fe36:7410%dc0 prefixlen 64 scopeid 0x1 inet6 fec0::1:2a0:ccff:fe36:7410 prefixlen 64 Of course, if you have global address space too you can assign that prefix too. Thanks Bruce and Bill!. I suspected something like this. I read about IPv6 autoconfiguration, but since I am playing with site-local addresses and I have no IPv6 router [yet], I wondered about how to configure the IPv6 site-local address. Well, my problem is solved, and now I understand IPv6 better. Thanks again, -- JMA --- José Mª Alcaide | mailto:[EMAIL PROTECTED] Universidad del País Vasco | mailto:[EMAIL PROTECTED] Dpto. de Electricidad y Electrónica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Tel.: +34-946012479 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-946013071 --- "Beware of Programmers who carry screwdrivers" -- Leonard Brandwein To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
On Mon, Mar 06, 2000 at 11:29:39AM +0100, Edwin Kremer wrote: " I do not recommend use of OpenSSH (or SSH1 generally, for that matter). There hasn't been much followup on this. Anybody here who cares to comment on this? What issues are relevant here and how bad is it? I'm sure he'd much prefer you use the version that puts money in his pocket. -- Bill Fumerola - Network Architect Computer Horizons Corp - CVM e-mail: [EMAIL PROTECTED] / [EMAIL PROTECTED] Office: 800-252-2421 x128 / Cell: 248-761-7272 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured in rc.conf?
Eugene, At 09:00 AM 3/6/2000 -0800, Eugene M. Kim wrote: (Cc'ed to the 6BONE mailing list in the hope that someone there could answer my question as well) Speaking of the address allocation, is there a way for an individual to get a non-local address space (so that all of my machines can get an unique IPv6 address)? I've read through the 6BONE website, and it seems to me that I somehow have to `qualify' in order to get one. (And the fact that I just need 10 addresses makes me feel guilty; AFAIK the minimum allocation unit is 2^64-address block :-p.) IPv6 "sites" own the right-most 80 bits of the 128 bits for local use (you know that, just restating for the wide list you have emailed to). The external routing prefixes are the left-most 48 bits of the 128 and come from your IPv6 service provider... normally. These are currently either in the 3FFE::/16 or 2001::/16 TLA space. The exception is for "6to4" prefixes which are in the 2002::/16 TLA space. See the I-D: http://www.ietf.org/internet-drafts/draft-ietf-ngtrans-6to4-03.txt Please read, then ask any questions you may have. 6to4 is currently supported, and there are relay routers up and running. Thanks, Bob To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
Bill Fumerola wrote: On Mon, Mar 06, 2000 at 11:29:39AM +0100, Edwin Kremer wrote: " I do not recommend use of OpenSSH (or SSH1 generally, for that matter) . There hasn't been much followup on this. Anybody here who cares to comment on this? What issues are relevant here and how bad is it? I'm sure he'd much prefer you use the version that puts money in his pocket. To be fair, there *are* weaknesses in the ssh1 protocols. However, as you point out, it doesn't change the fact that Tatu Ylonen has a conflict of interest here. Cheers, -Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Discussions and facts [Was: Re: ssh strangeness in -current...]
On Sun, 5 Mar 2000, Kris Kennaway wrote: I'm quite surprised you've missed any discussion of OpenSSH here though, since it's probably been one of the most discussed topics here for the past few weeks. I find it quite a problem that one is supposed to read very long threads of discussions (which one may not be interested in, does not have the time for, or cannot understand) in order to find the information necessary to run and keep up with current without problems. Or to solve any occuring problems. I know current is not for those who do not want to read this list as well as cvs-all. Nevertheless it may be a good thing if plain facts and fixes related to problems were posted as separate messages with a clear subject line and not buried somewhere inside a long thread (war). Or a separate list? The above remarks do not necessarily apply to the OpenSSH discussion on this list. I did not follow it intensely, as I have had no problems with ssh. It is something I wanted to write earlier. The quote at the top was what made me do it now. -- Marc Schneiders *-*-* [EMAIL PROTECTED] *-*-* http://superputer.com *-*-* *-*-* [EMAIL PROTECTED]*-*-* http://secureasy.com*-*-* propro2:50pm up 2 days, 16:23, load average: 2.17 2.04 2.01 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Discussions and facts [Was: Re: ssh strangeness in -current...]
Marc Schneiders wrote: I find it quite a problem that one is supposed to read very long threads of discussions (which one may not be interested in, does not have the time for, or cannot understand) in order to find the information necessary to run and keep up with current without problems. Or to solve any occuring problems. In that case, I would just follow -current on muc.lists.freebsd.current, or one of the other usenet mirrors. If you want to reply to something, just reply to the person directly, and add [EMAIL PROTECTED] in your cc. That would be one solution. [using mozilla's mail reader, so sorry if this looks screwed up] - Donn To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
unpack(NaN) big baddaboom
This is a bug report for perl from [EMAIL PROTECTED],
generated with the help of perlbug 1.26 running under perl 5.00503.
-
[Please enter your report here]
Running following program causes "Floating point exception" on
FreeBSD 3.2-STABLE *and* 4.0-CURRENT #0: Tue Feb 29 02:11:52 AST 2000
(but not on Linux "2.3.44 #12 SMP") (all 5.00503)
===8==8==8==8
#!/usr/bin/perl
my $packed = "\0\0\xc0\x7f";
print STDERR "len: ", length($packed), " bytes: ", unpack("H*", $packed), "\n";
my $float = unpack("f", $packed);
print STDERR "float done\n";
print STDERR "float: $float\n";
exit 0;
===8==8==8==8
hayek$ ./moo.pl
len: 4 bytes: c07f
float done
Floating point exception
hayek$ echo $?
136
hayek$
===8==8==8==8
[Please do not change anything below this line]
-
---
This perlbug was built using Perl 5.00502 - Mon Oct 26 16:01:51 AST 1998
It is being executed now by Perl 5.00503 - $Date: 1999/05/05 19:42:40 $.
Site configuration information for perl 5.00503:
Configured by markm at $Date: 1999/05/05 19:42:40 $.
Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration:
Platform:
osname=freebsd, osvers=4.0-current, archname=i386-freebsd
uname='freebsd freefall.freebsd.org 4.0-current freebsd 4.0-current #0: $Date:
1999/05/05 19:42:40 $'
hint=recommended, useposix=true, d_sigaction=define
usethreads=undef useperlio=undef d_sfio=undef
Compiler:
cc='cc', optimize='undef', gccversion=egcs-2.91.66 19990314 (egcs-1.1.2 release)
cppflags=''
ccflags =''
stdchar='char', d_stdstdio=undef, usevfork=true
intsize=4, longsize=4, ptrsize=4, doublesize=8
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=12
alignbytes=4, usemymalloc=n, prototype=define
Linker and Libraries:
ld='cc', ldflags ='-Wl,-E'
libpth=/usr/lib
libs=-lm -lc -lcrypt
libc=/usr/lib/libc.so, so=so, useshrplib=true, libperl=libperl.so.3
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags=' '
cccdlflags='-DPIC -fpic', lddlflags='-shared'
Locally applied patches:
---
@INC for perl 5.00503:
/data/ricardo/perl
/home/iang/src/hayek/ricardo/blib/lib
/usr/libdata/perl/5.00503/mach
/usr/libdata/perl/5.00503
/usr/local/lib/perl5/site_perl/5.005/i386-freebsd
/usr/local/lib/perl5/site_perl/5.005
.
---
Environment for perl 5.00503:
HOME=/home/iang
LANG (unset)
LD_LIBRARY_PATH (unset)
LOGDIR (unset)
PATH=/home/iang/src/hayek/market/cmd:/home/iang/src/hayek/market/bin:/data/ricardo/perl/cmd:/home/iang/src/hayek/ricardo/cmd:/home/iang/bin:/home/iang/cmd:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/java/bin:/sbin:/usr/sbin:/usr/local/sbin
PERLLIB=/data/ricardo/perl:/home/iang/src/hayek/ricardo/blib/lib
PERL_BADLANG (unset)
SHELL=/usr/local/bin/bash
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
At 11:29 AM +0100 3/6/00, Edwin Kremer wrote:
On a side note: last week, Tatu Ylonen, principal author of SSH, posted a
message on the SSH mailing-list (in the thread about the new SSH2 license)
saying that:
" OpenSSH is based on my version from back in 1995 or 1996. The
" OpenSSH folks have fixed many of the (security) bugs in that
" version, but not all of them when I last checked. Some of the
" problems in SSH1 are very fundamental.
"
" I do not recommend use of OpenSSH (or SSH1 generally, for that matter).
There hasn't been much followup on this. Anybody here who cares to
comment on this? What issues are relevant here and how bad is it?
What he is saying is that the ssh2 protocol is better than the ssh1
protocol, and that is true. On the other hand, most of us here have
been sticking to ssh1 ("the product") because of licensing and pricing
issues with ssh2, and I'd say openssh either beats or will soon beat
the ssh1 product.
Not only that, but if you check the web page at OpenSSH.COM, you'll
see that they also claim to be working on ssh2 protocols for openssh.
Once that is done, openssh will also have addressed the fundamental
shortcomings of ssh1 that he is alluding to.
Also note that the security shortcomings are that ssh1 is not as
perfectly bullet-proof of a protocol as it could be. It is certainly
much much much much better, security-wise, than running telnet.
---
Garance Alistair Drosehn = [EMAIL PROTECTED]
Senior Systems Programmer or [EMAIL PROTECTED]
Rensselaer Polytechnic Institute
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
Now that openssh is in the base system, I assume it will no longer be in the ports. How do we update it, ie, when a updated version comes out. I would rather not make world just to update that. -- E-Mail: [EMAIL PROTECTED] Date: 06-Mar-00 Time: 11:22:26l -- NOTICE TO BULK E-MAILERS: Pursuant to US Code, Title 47, Chapter 5, Subchapter II, 227, and all unsolicited commercial e-mail sent to this address is subject to a download and archival fee in the amount of $500 US To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
It is rumoured that Arun Sharma had the courage to say: Compiling Mozilla with make -j 2 got -current to lock up, twice in succession. I'm running a fairly recent snapshot (a week or two old) on a Dual celeron box (BP6) with UDMA66 enabled. Finally. I've been complaining about this on several occasions. I'm also running UDMA66 and Dual Celeron BP6. No overclocking. The kernel had DDB enabled. I was running X, but I didn't see any signs of the kernel attempting to get into the debugger. Ditto here. Has this been fixed ? Is anyone interested in investigating ? I'll post more info if I find anything. I'm interested in the fix, of course :-) But where to start looking? I've had three lockups so far (none before january 2000) but I didn't find anything that reliably triggered it. Regards, Dave. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Small bug in chown and chgrp ?
Hi all, I've been bitten by the following: 44 relativity ~ % chown -v djb:wheel test chown: illegal option -- v usage: chown [-R [-H | -L | -P]] [-f] [-h] [-v] owner[:group] file ... chown [-R [-H | -L | -P]] [-f] [-h] [-v] :group file ... chgrp [-R [-H | -L | -P]] [-f] [-h] [-v] group file ... Where "test" is an ordinary directory. It seems that chown's behavior is inconsistent with both the usage message and the man page. The same goes for chgrp. Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
/usr/bin/ssh and SOCKS
I rebuilt -current on Friday, and OpenSSH does not work through a SOCKS firewall. In my make.conf, I have "USE_SOCKS= YES", which is used in the ports/security/ssh port. Any help? Thanks, James This letter brought to you by: * ** James E. Pace [EMAIL PROTECTED] ** ** http://www.pobox.com/~jepace ** To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
RE: IPv6: can a link-site (or global) address be configured in rc.conf?
The exception is for "6to4" prefixes which are in the 2002::/16 TLA space. See the I-D: http://www.ietf.org/internet-drafts/draft-ietf-ngtrans-6to4-03.txt Please read, then ask any questions you may have. 6to4 is currently supported, and there are relay routers up and running. To summarize, with 6to4 all you need is one global/static IPv4 address and you get a /48 IPv6 prefix for yourself. Rich To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Small bug in chown and chgrp ?
* Dave Boers [EMAIL PROTECTED] [000306 12:08] wrote: Hi all, I've been bitten by the following: 44 relativity ~ % chown -v djb:wheel test chown: illegal option -- v usage: chown [-R [-H | -L | -P]] [-f] [-h] [-v] owner[:group] file ... chown [-R [-H | -L | -P]] [-f] [-h] [-v] :group file ... chgrp [-R [-H | -L | -P]] [-f] [-h] [-v] group file ... Where "test" is an ordinary directory. It seems that chown's behavior is inconsistent with both the usage message and the man page. The same goes for chgrp. have you deleted your stale copies of chown/chgrp? hint look in /bin /sbin /usr/bin /usr/sbin and make sure the old ones aren't "in the way". -Alfred To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Small bug in chown and chgrp ?
* Dave Boers ([EMAIL PROTECTED]) [000306 13:36]:
chown: illegal option -- v
usage: chown [-R [-H | -L | -P]] [-f] [-h] [-v] owner[:group] file ...
chown [-R [-H | -L | -P]] [-f] [-h] [-v] :group file ...
chgrp [-R [-H | -L | -P]] [-f] [-h] [-v] group file ...
A simple patch:
--- chown.c.1.14Sat Nov 27 13:25:07 1999
+++ chown.c Mon Mar 6 13:42:41 2000
@@ -86,7 +86,7 @@
ischown = myname[2] == 'o';
Hflag = Lflag = Pflag = hflag = 0;
- while ((ch = getopt(argc, argv, "HLPRfh")) != -1)
+ while ((ch = getopt(argc, argv, "HLPRfhv")) != -1)
switch (ch) {
case 'H':
Hflag = 1;
@@ -108,6 +108,9 @@
break;
case 'h':
hflag = 1;
+ break;
+ case 'v':
+ vflag = 1;
break;
case '?':
default:
Regards,
--
Arindum
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
On Mon, Mar 06, 2000 at 08:27:18PM +0100, Dave Boers wrote: Has this been fixed ? Is anyone interested in investigating ? I'll post more info if I find anything. I'm interested in the fix, of course :-) But where to start looking? I've had three lockups so far (none before january 2000) but I didn't find anything that reliably triggered it. The cooling theory sounds the most plausible so far. I'm not over clocking my CPUs (Celeron 366s) and have appropriate cooling installed. But the machine is kept in a small room, with a bunch of other machines and gets a bit warm at times. There has been no reproducible case of locking up. Each one looks different. But most were trigerred by heavy compilation and I/O. One was a lockup overnight with no activity on the system. When it happens, it does not respond to pings or scroll lock. If you'd like to do something about it, working on getting a reproducible hang would be the most beneficial one. -Arun To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: Small bug in chown and chgrp ?
It is rumoured that Alfred Perlstein had the courage to say: have you deleted your stale copies of chown/chgrp? hint look in /bin /sbin /usr/bin /usr/sbin and make sure the old ones aren't "in the way". Yes I have. Because I got a new disk, I did a fresh install of -current a few weeks ago. Well after the change of chown/chgrp from /bin and /sbin to /usr/bin and /usr/sbin. I double checked to make sure and the only versions of chown/chgrp are the ones in /usr/sbin and /usr/bin respectively. Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
It is rumoured that Arun Sharma had the courage to say: The cooling theory sounds the most plausible so far. I'm not over clocking my CPUs (Celeron 366s) and have appropriate cooling installed. But the machine is kept in a small room, with a bunch of other machines and gets a bit warm at times. My system has been 50 degrees Celcius for the past half year or so. Yet, the lockups only started occurring around January 2000. Once again, my system is not overclocked and the temperature is well within Intel's and Abit's temperature specifications, so there shouldn't be hardware problems. There has been no reproducible case of locking up. Each one looks different. But most were trigerred by heavy compilation and I/O. One was a lockup overnight with no activity on the system. When it happens, it does not respond to pings or scroll lock. Most of my lockups occurred when the system was relatively idle. Mostly they happened only after 9 - 11 days of uptime. As you say, each one looks different and there doesn't seem to be a pattern to it. When it locks up, there is no response to the console, the network or the serial terminal. Only the reset button is obeyed. I have DDB in my kernel, but there's no getting into it. Also, no log messages of any kind from just before the lockups. If you'd like to do something about it, working on getting a reproducible hang would be the most beneficial one. That's what I have been trying to do for the past few weeks, but I can't seem to trigger it. Uptime is now 2 days and I intend to let it run to 12 or so before make installworld again, to see if I can reproduce it. However, I did recently change from UDMA66 to an U2W SCSI disk for my main partitions (/, /usr, /var, /tmp and swap). It may have impact on the situation and it is the reason for the short uptime. If the problem has gone away now, it might indicate something with the ATA driver. I'll keep you informed. So far, since the disk change I've been putting my system under some heavy load from time to time (like building three large ports and make -j 12 buildworld at the same time). So far, the system is quite stable. Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, Warner Losh wrote: + want to run the new servers. You may need to move your key + and other config files from /usr/local/etc to /etc. /etc/ssh + Openssh isn't 100% compatible with ssh, so some care needs to + be taken in its operation. This sounds bad. Are you referring to the -o syntax differences, or actual incompatabilities? There have been unsubstantiated reports of interoperability problems, but nothing well documented here. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
In message Pine.GSO.4.05.10003061134200.27621-10@shell1 "James E. Pace" writes:
: I rebuilt -current on Friday, and OpenSSH does not work through a
: SOCKS firewall.
:
: In my make.conf, I have "USE_SOCKS= YES", which is used in the
: ports/security/ssh port.
:
: Any help?
Sure. Here's what I have in my uncommitted tree. It assumes that you
have socks installed already. Known to work with the nec port, not
known one way or the other on dante.
Oh, there's lots of warnings from this, but it does work.
Warner
Index: scp/Makefile
===
RCS file: /home/imp/FreeBSD/CVS/src/secure/usr.bin/scp/Makefile,v
retrieving revision 1.2
diff -u -r1.2 Makefile
--- scp/Makefile2000/02/25 08:21:09 1.2
+++ scp/Makefile2000/03/04 06:00:12
@@ -16,3 +16,8 @@
LDADD+=-lcrypto -lutil -lz -L${.OBJDIR}/../../lib/libssh -lssh
DPADD+=${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
+
+.if defined(USE_SOCKS) ((${USE_SOCKS} == "yes") || (${USE_SOCKS} == "YES"))
+LDADD+= -L/usr/local/lib -lsocks5
+CFLAGS+= -DSOCKS --include /usr/local/include/socks.h
+.endif
Index: ssh/Makefile
===
RCS file: /home/imp/FreeBSD/CVS/src/secure/usr.bin/ssh/Makefile,v
retrieving revision 1.4
diff -u -r1.4 Makefile
--- ssh/Makefile2000/03/03 20:33:53 1.4
+++ ssh/Makefile2000/03/05 05:58:06
@@ -37,3 +37,8 @@
LDADD+=-L${.OBJDIR}/../../lib/libssh -lssh -lcrypto -lutil -lz
DPADD+=${LIBCRYPTO} ${LIBUTIL} ${LIBZ}
+
+.if defined(USE_SOCKS) ((${USE_SOCKS} == "yes") || (${USE_SOCKS} == "YES"))
+LDADD+= -L/usr/local/lib -lsocks5
+CFLAGS+= -DSOCKS --include /usr/local/include/socks.h
+.endif
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
In message [EMAIL PROTECTED] Kris Kennaway writes: : On Mon, 6 Mar 2000, Warner Losh wrote: : : + want to run the new servers. You may need to move your key : + and other config files from /usr/local/etc to /etc. : : /etc/ssh Thanks. : + Openssh isn't 100% compatible with ssh, so some care needs to : + be taken in its operation. : : This sounds bad. Are you referring to the -o syntax differences, or actual : incompatabilities? There have been unsubstantiated reports of : interoperability problems, but nothing well documented here. I'm talking about the -o syntax difference specifically. How does the following sound? Index: UPDATING === RCS file: /home/imp/FreeBSD/CVS/src/UPDATING,v retrieving revision 1.71 diff -u -r1.71 UPDATING --- UPDATING2000/02/23 05:51:02 1.71 +++ UPDATING2000/03/06 20:31:30 @@ -5,6 +5,27 @@ done items, please see the end of the file. Search for 'COMMON ITEMS:' +2303: + CMSG_XXX macros offset in sys/socket.h has changed to + conform RFC-2292. All affected applications have been + corrected. The i386 platform's offsets haven't changed, but + the alpha's did. When you build and install new kernel on + FreeBSD/alpha, you must also do a make world. + +2225: + OpenSSH has been added to FreeBSD. This may conflict with the + ssh port since it installs binaries into /usr/bin and the port + goes into /usr/local/bin. Most paths have /usr/bin in the path + before /usr/local/bin, so problems may arrise. If you don't + want OpenSSH, add NO_OPENSSH=yes to your make.conf. + + You will also need to enable openssh in /etc/rc.conf if you + want to run the new servers. You may need to move your key + and other config files from /usr/local/etc to /etc/ssh. + + Openssh's command line parsing isn't 100% compatible with ssh, + so some care needs to be taken in its operation. + 2205: The xinstall problem has kinda sorta been corrected. The following is known to work by the author of UPDATING. It Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
The cooling theory sounds the most plausible so far. I'm not over clocking my CPUs (Celeron 366s) and have appropriate cooling installed. But the machine is kept in a small room, with a bunch of other machines and gets a bit warm at times. I have seen a couple of suggestions that this may not be the CPUs - but that the 82443BX chip (the one with the large green cooling fin) doesn't always get sufficient cooling on a BP6 board. Some thermal compound between the 82443BX and the cooling fin may be a good idea. Steinar Haug, Nethelp consulting, [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
ports/net/tund not compiling.
Looks like some very recent breakage: cc -O -pipe -g -DDEBUG -DNO_IDEA -static -o tund main.o tund.o secur.o scb.o utils.o md5.o alarm.o cipher.o search.o -L/usr/lib -lmd -lcrypto /usr/lib/libcrypto.a(rsa_lib.o): In function `RSA_new_method': rsa_lib.o(.text+0x91): undefined reference to `RSA_PKCS1' *** Error code 1 Stop in /usr/ports/net/tund/work/tund-0.20. *** Error code 1 Dave. -- |David Gilbert, Velocet Communications. | Two things can only be | |Mail: [EMAIL PROTECTED] | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =GLO To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, Mar 06, 2000 at 01:32:00PM -0700, Warner Losh wrote: : + Openssh isn't 100% compatible with ssh, so some care needs to : + be taken in its operation. : : This sounds bad. Are you referring to the -o syntax differences, or actual : incompatabilities? There have been unsubstantiated reports of : interoperability problems, but nothing well documented here. I'm talking about the -o syntax difference specifically. How does the following sound? [SNIP] + Openssh's command line parsing isn't 100% compatible with ssh, + so some care needs to be taken in its operation. I'd leave it saying that it isn't 100% compatible - it may sound bad but it's true. There are several other things that aren't the same: default options are different, some options have been removed (AllowHosts is one that I know of), it produces warning messages where the old ssh wouldn't have. I'm sure there are other differences too. David. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
If memory serves me right, David Malone wrote: On Mon, Mar 06, 2000 at 01:32:00PM -0700, Warner Losh wrote: : + Openssh isn't 100% compatible with ssh, so some care needs to : + be taken in its operation. : : This sounds bad. Are you referring to the -o syntax differences, or actua l : incompatabilities? There have been unsubstantiated reports of : interoperability problems, but nothing well documented here. I'm talking about the -o syntax difference specifically. How does the following sound? [SNIP] + Openssh's command line parsing isn't 100% compatible with ssh, + so some care needs to be taken in its operation. I'd leave it saying that it isn't 100% compatible - it may sound bad but it's true. There are several other things that aren't the same: default options are different, some options have been removed (AllowHosts is one that I know of), it produces warning messages where the old ssh wouldn't have. I'm sure there are other differences too. Rather than let the users guess at various incompatabilities (imagined and real), why not give them a few examples, as in your (David's) last message? "Care needs to be taken when converting from ssh to OpenSSH. OpenSSH's command-line parsing isn't 100% compatible with ssh, some of the default options have been changed, some options (such as AllowHosts) have been removed, and it produces a few more warning messages than ssh." Bruce. PGP signature
Re: current lockups
On Mon, Mar 06, 2000 at 08:27:18PM +0100, Dave Boers wrote: on a Dual celeron box (BP6) with UDMA66 enabled. Finally. I've been complaining about this on several occasions. I'm also running UDMA66 and Dual Celeron BP6. No overclocking. Can you people reproduce this on a kernel without SMP enabled? Perhaps there is a locking issue? However, that'd lead to a panic I'd imagine.. So see if you can reproduce this with one CPU running so we can at least eliminate one of the variables. -Dan Papasian [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
I'm willing to bet a nickel (perhaps more) you people are running non-IBM UDMA66 drives on that BP6. Seems that most UDMA66 drives are not actually UDMA66 compliant, and they only drives that have been reported successful on the BP6 are IBM. Try taking your HD's off the UDMA66 controller and put them on the Standard UDMA33 controllers, and it should clear things up. -- Marius Strom [EMAIL PROTECTED] Professional Geek/Unix System Administrator Alpha1 Internet http://www.alpha1.net http://www.marius.org/marius.pgp 0x42C74CBA *UPDATED PGP KEY 2/24/2000* In theory, there is no difference between theory and practice... ...In practice, there is a big difference. On Mon, 6 Mar 2000, Dan Papasian wrote: On Mon, Mar 06, 2000 at 08:27:18PM +0100, Dave Boers wrote: on a Dual celeron box (BP6) with UDMA66 enabled. Finally. I've been complaining about this on several occasions. I'm also running UDMA66 and Dual Celeron BP6. No overclocking. Can you people reproduce this on a kernel without SMP enabled? Perhaps there is a locking issue? However, that'd lead to a panic I'd imagine.. So see if you can reproduce this with one CPU running so we can at least eliminate one of the variables. -Dan Papasian [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re(2): IPv6: can a link-site (or global) address be configured in rc.conf?
I am trying to get an ipv6 address. I tried a local source but have not heard any reply. Can anyone help me out with an address. I am a student at Cal State Monterey Bay working on a capstone project. I would appreciate any help in this matter. Thank You To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
It is rumoured that Marius Strom had the courage to say: I'm willing to bet a nickel (perhaps more) you people are running non-IBM UDMA66 drives on that BP6. Seems that most UDMA66 drives are not actually UDMA66 compliant, and they only drives that have been reported successful on the BP6 are IBM. Try taking your HD's off the UDMA66 controller and put them on the Standard UDMA33 controllers, and it should clear things up. I'm interested in the sources of your statement about IBM drivers vs. non IBM drives. In my case, I have a WD 18.2 Gb 7200 rpm disk which has been reported to be identical to the IBM 18.2 Gb 7200 rpm disk on more than one occasion. And by the way, my system has been running quite stable before January 2000 with the same disk on the same controller and the same mainboard. Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
Dave, Well, there was a discussion a few weeks back with Soren Schmidt and a few others. I believe the conclusion was made that this occurred with most WD drives (interesting about the WD == IBM part, I did notice he mentioned that in -current a few weeks ago as well). I had a WD20 gig that would just hang, and a number of other people had similar problems. (Theirs would log "Lost Disk Contact" in the dmesg as their root dev wasn't a UDMA66 drive) Unfortunately, the discussions occurred while the mailing list archive was kaput (WD Drive on UDMA66? =]) so it's not archived where I can find it. Seems to only happen with the ata driver, IIRC. -- Marius Strom [EMAIL PROTECTED] Professional Geek/Unix System Administrator Alpha1 Internet http://www.alpha1.net http://www.marius.org/marius.pgp 0x42C74CBA *UPDATED PGP KEY 2/24/2000* In theory, there is no difference between theory and practice... ...In practice, there is a big difference. On Mon, 6 Mar 2000, Dave Boers wrote: It is rumoured that Marius Strom had the courage to say: I'm willing to bet a nickel (perhaps more) you people are running non-IBM UDMA66 drives on that BP6. Seems that most UDMA66 drives are not actually UDMA66 compliant, and they only drives that have been reported successful on the BP6 are IBM. Try taking your HD's off the UDMA66 controller and put them on the Standard UDMA33 controllers, and it should clear things up. I'm interested in the sources of your statement about IBM drivers vs. non IBM drives. In my case, I have a WD 18.2 Gb 7200 rpm disk which has been reported to be identical to the IBM 18.2 Gb 7200 rpm disk on more than one occasion. And by the way, my system has been running quite stable before January 2000 with the same disk on the same controller and the same mainboard. Regards, Dave Boers. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, Warner Losh wrote: +2225: + OpenSSH has been added to FreeBSD. This may conflict with the + ssh port since it installs binaries into /usr/bin and the port You probably should refer to the ports by name: /usr/ports/security/ssh and /usr/ports/security/openssh (which is obsoleted by having it in the base) + goes into /usr/local/bin. Most paths have /usr/bin in the path + before /usr/local/bin, so problems may arrise. If you don't arise + want OpenSSH, add NO_OPENSSH=yes to your make.conf. + + You will also need to enable openssh in /etc/rc.conf if you + want to run the new servers. You may need to move your key + and other config files from /usr/local/etc to /etc/ssh. + + Openssh's command line parsing isn't 100% compatible with ssh, + so some care needs to be taken in its operation. This is better. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re(2): IPv6: can a link-site (or global) address be configured in rc.conf?
At 01:31 PM 3/6/2000 -0800, Nora Parker wrote: I am trying to get an ipv6 address. I tried a local source but have not heard any reply. Can anyone help me out with an address. I am a student at Cal State Monterey Bay working on a capstone project. I would appreciate any help in this matter. Try the http://www.freenet6.net/ site. Bob To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, David Malone wrote: I'd leave it saying that it isn't 100% compatible - it may sound bad but it's true. There are several other things that aren't the same: default options are different, some options have been removed (AllowHosts is one that I know of), it produces warning messages where the old ssh wouldn't have. I'm sure there are other differences too. None of these affect the operation of OpenSSH in your network. Sure, you have to check the config files when you migrate to it, but the point is it's not incompatible with other SSH implementations, and we don't want to scare people into thinking it has weird lurking bugs and they'd better not use it. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: openssh question
On 6 Mar 2000, Christian Weisgerber wrote: Now that openssh is in the base system, I assume it will no longer be in the ports. I expect the port to be maintained for the remaining lifetime of the 3.x branch. This is of no concern to 4.x users, of course. Correct. We should probably mark the port BROKEN for 4.x and ask people to install the system version, which will likely be better supported. e.g. we don't support Perl5 in ports any more, either. How do we update it, ie, when a updated version comes out. OpenSSH doesn't really have releases. The upstream version is straight out of the OpenBSD repository. I assume several of our developers monitor the OpenBSD commits and will carry over any changes. Right. Whenever something significant changes in the "upstream" version we'll update ours too. If you keep an eye on the commit messages you'll know when you might want to rebuild it, if you want to aggressively track OpenSSH but not track make world. I would rather not make world just to update that. How do you handle updates to any other part of the system? Why do you consider openssh a special case? You can usually update individual parts of FreeBSD without doing a "make world". cd /usr/src/... make -jX install make clean. Yep. In the case of SSH you might also need to rebuild secure/lib/libssh as well as secure/usr.bin/foo. Write a little script to do it if you like :-) Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
It is rumoured that Marius Strom had the courage to say: Well, there was a discussion a few weeks back with Soren Schmidt and a few others. I believe the conclusion was made that this occurred with most WD drives (interesting about the WD == IBM part, I did notice he mentioned that in -current a few weeks ago as well). I had a WD20 gig that would just hang, and a number of other people had similar problems. (Theirs would log "Lost Disk Contact" in the dmesg as their root dev wasn't a UDMA66 drive) Interesting. I'll check my own archives of -current to see if I can find the discussion. I always thought that the "Lost Disk Contact" messages were due to the disk recalibrating itself after six days of continued use. After Soren increased the timeout from 5 to 10 seconds, I never saw the problem again, IIRC. For the record, (see my mail elsewhere in the thread) I have recently added an U2W SCSI harddisk to the system (because I found that the UDMA effectively cuts off memory access for the two celeron's for long times and because the celeron's haven't got nearly enough cache they are effectively waiting for the IDE disk all the time) and I'm now running my root filesystem on that drive (as well as most of my other important filesystems). So I guess that if your assertion is right then my problem should have gone away now. I haven't seen any "Lost Disk Contact" messages recently, however, though the UDMA66 drive is still connected. BTW, are there any people out there that have similar hangs and are NOT using UDMA66 or the ATA driver ? Unfortunately, the discussions occurred while the mailing list archive was kaput (WD Drive on UDMA66? =]) so it's not archived where I can find it. :-) Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
Interesting. I'll check my own archives of -current to see if I can find the discussion. I always thought that the "Lost Disk Contact" messages were due to the disk recalibrating itself after six days of continued use. After Soren increased the timeout from 5 to 10 seconds, I never saw the problem again, IIRC. Six days? Nah.. I had the problem occur anywhere from 5 minutes to 12 hours after a system boot. Moved the 20G WD to UDMA33 channel, works flawlessly. Usually, I could reproduce the problem doing heavy disk I/O. However, I one time was able to make it through a "make buildworld", so that's not entirely true either. For the record, (see my mail elsewhere in the thread) I have recently added an U2W SCSI harddisk to the system (because I found that the UDMA effectively cuts off memory access for the two celeron's for long times and because the celeron's haven't got nearly enough cache they are effectively waiting for the IDE disk all the time) and I'm now running my root filesystem on that drive (as well as most of my other important filesystems). So I guess that if your assertion is right then my problem should have gone away now. I haven't seen any "Lost Disk Contact" messages recently, however, though the UDMA66 drive is still connected. For my record, I was unable to get dmesg output because the system was completely hung. Other people could get it because they had other drives to write logging information too when the UDMA drive was locked. --- Marius Strom [EMAIL PROTECTED] Professional Geek/Unix System Administrator Alpha1 Internet http://www.alpha1.net http://www.marius.org/marius.pgp 0x42C74CBA *UPDATED PGP KEY 2/24/2000* In theory, there is no difference between theory and practice... ...In practice, there is a big difference. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
vinum: CDEV_MAJOR undeclared
when making buildworld, I get an error: === sbin/vinum cc -O2 -pipe -m486 -I/usr/src/sbin/vinum/../../sys -Wall -DVINUMDEBUG -I/usr/obj/usr/src/i386/usr/include -c /usr/src/sbin/vinum/v.c /usr/src/sbin/vinum/v.c: In function `make_devices': /usr/src/sbin/vinum/v.c:494: `CDEV_MAJOR' undeclared (first use in this function) /usr/src/sbin/vinum/v.c:494: (Each undeclared identifier is reported only once /usr/src/sbin/vinum/v.c:494: for each function it appears in.) *** Error code 1 1 error Am I missing some headerfile? I cvsup-ed current yesterday and did an install-world about a week ago. martin To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: IPv6: can a link-site (or global) address be configured in rc.conf?
On Mon, Mar 06, 2000 at 09:22:45AM -0800, Bob Fink wrote: Please read, then ask any questions you may have. 6to4 is currently supported, and there are relay routers up and running. My apologies if I sound like I need "IPv6 for Dummies". Just to clarify. You mean that 6to4 is currently supported in FreeBSD/KAME? Of course, I'm not quite sure what I mean by this. I guess, if I configure a FreeBSD/KAME host as an IPv6 router, will the router automatically do the IPv6-IPv4 encapsulation when it encounters a destination prefix of 2002::/16 and vice versa for incoming packets? Or, do I need to configure a pseudo interface somehow (gif doesn't look quite like the right thing?). Also, will FreeBSD/KAME hosts (both router and non-router hosts) somehow automatically do the proper address selection algorithm when they encounter multiple IPv6 addresses, or is that an application level requirement? Also, if I have (for example) IPv4 addresses of 204.95.187/24, I assume I can use any of the 2002:[V4ADDR]:/48 prefixes within my allocation, but for external 6to4 connectivity I should probably choose the V4ADDR of the external interface of the 6to4 router? And, finally, do some of the 6to4 relay routers that are "up and running" serve small isolated sites? I assume the best case is that one's ISP provides IPv6 connectivity in some shape or form. But, if thats not the case, I assume the main options are IPv6-IPv4 tunnel to a co-operative IPv6 site, or 6to4 with a default route to a relay router (who I assume must configure a static route back?). Or, run a more sophisticated routing protocol (BGP), but thats a little much for me, I think. Of course, if everyone configures 6to4 (or at least everyone you want to reach) then am I correct that you don't really need 6to4 "relay" routers? This is only for reaching native IPv6 sites without 6to4 addresses? Thanks. -- Richard Seaman, Jr. email: [EMAIL PROTECTED] 5182 N. Maple Lanephone: 262-367-5450 Chenequa WI 53058 fax: 262-367-5852 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
On 2000-Mar-06 21:39:11 +1100, Matthew Sean Thyer [EMAIL PROTECTED] wrote: My computer had been stable all winter (with setiathome runnning full time) but suddenly come the Australian summer it started freezing. And it's been the coldest summer for something like 5 years... How about these Peltier (sp ?) cooling devices I have heard about ? A Peltier cell is just a semiconductor heat pump. It effectively just reduces the junction-to-heatsink thermal resistance, allowing you (in theory) to use a less efficient heatsink (or have the CPU run cooler with the same heatsink. The downside is they they're relatively inefficient - your power supply will need to supply an extra 3-4A at 12v and you need to dissipate that extra power. Unless you significantly improve the airflow through the case, you'll probably find that the internal temperature rises significantly - further stressing everything except the CPU. Note that the chip that most needs cooling may not be the CPU - the big support chips can also run very hot. Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
On 2000-Mar-07 06:29:17 +1100, Dave Boers [EMAIL PROTECTED] wrote: It is rumoured that Arun Sharma had the courage to say: Compiling Mozilla with make -j 2 got -current to lock up, twice in succession. I'm running a fairly recent snapshot (a week or two old) on a Dual celeron box (BP6) with UDMA66 enabled. Finally. I've been complaining about this on several occasions. I'm also running UDMA66 and Dual Celeron BP6. No overclocking. Later postings mention possible problems with UDMA66. The other possibility that has been discussed recently is potential priority inversions for processes using rtptio and idprio. Note that ntpd will use rtprio if the Posix P1003.1b extensions aren't enabled in the kernel. (These were enabled by default in GENERIC on i386 in mid-January). If you have the new ntpd (rather than xntpd) and are running a kernel without options P1003_1B, _KPOSIX_PRIORITY_SCHEDULING and _KPOSIX_VERSION=199309L, you could potentially get a lockup due to a priority inversion. (Though I think the probability is very small). Peter To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
In message [EMAIL PROTECTED], Peter Jeremy writes : How about these Peltier (sp ?) cooling devices I have heard about ? A Peltier cell is just a semiconductor heat pump. It effectively just reduces the junction-to-heatsink thermal resistance, allowing you (in theory) to use a less efficient heatsink (or have the CPU run cooler with the same heatsink. This is actually not true, quite the contrary in fact: You need a better heat-sink with a Peltier because of the significant electrical power you pump into it. As a general rule you can expect to *raise* your CPU temperature if you put a peltier under anything less than a *very good* heat-sink. Example: A Celeron 500 disipates about 25W An average heatsink is about .8 C/W delta-T becomes 25W * .8C/W = 20C At 30C ambient that becomes 50C CPU temperature. Now, add a peltier. To remove 25W and keep a 25C temperature difference we need to feed it about 50W Now the heatsink has to deal with 25 + 50 W and the delta-T becomes: (25W + 50W) * .8C/W = 60C Subtract the 25C difference from the peltier and add the ambient temperature and we find: 30C + 60C - 25C = 65C We just raised our CPU temperature about 15 C :-( -- Poul-Henning Kamp FreeBSD coreteam member [EMAIL PROTECTED] "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, Arindum Mukerji wrote: Also, going from an OpenSSH 1.2.2 box to an SSH-1.2.27 box is fine - it coughs up a hairball when going to the F-Secure 1.3.7 commercial variant though. Ahh, so you can use the OpenSSH client to connect to some servers, but not the F-Secure one? That would definitely be a bug you should report to the OpenSSH developers. Is anyone else in the position to test this? Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
Is this any better? I've removed the emotionally charged compatibility word. 2225: OpenSSH has been added to FreeBSD. This may conflict with the ports/security/ssh port since it installs binaries into /usr/bin and the port goes into /usr/local/bin. Most paths have /usr/bin in the path before /usr/local/bin, so problems may arrise. If you don't want OpenSSH, add NO_OPENSSH=yes to your make.conf. You will also need to enable openssh in /etc/rc.conf if you want to run the new servers. You may need to move your key and other config files from /usr/local/etc to /etc/ssh. Openssh's command line parsing, available options and default settings aren't the same as ssh, so some care needs to be taken in its operation. One should do a full audit of all configuration settings. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
On Mon, 6 Mar 2000, Warner Losh wrote: Sure. Here's what I have in my uncommitted tree. It assumes that you have socks installed already. Known to work with the nec port, not known one way or the other on dante. Oh, there's lots of warnings from this, but it does work. I'd like to get this committed - I'll try and take a look at it tonight, time permitting. I would definitely like to allow SSH to work with dante, though, since that's a better (BSDL) alternative than the restricted NEC version. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ssh strangeness in -current...
On Mon, 6 Mar 2000, Warner Losh wrote: Is this any better? I've removed the emotionally charged compatibility word. Some more picking :) 2225: OpenSSH has been added to FreeBSD. This may conflict with the ports/security/ssh port since it installs binaries into /usr/bin and the port goes into /usr/local/bin. Most paths have /usr/bin in the path before /usr/local/bin, so problems may arrise. If you don't want OpenSSH, add NO_OPENSSH=yes to arise :) your make.conf. You will also need to enable openssh in /etc/rc.conf if you OpenSSH want to run the new servers. You may need to move your key host key and other config files from /usr/local/etc to /etc/ssh. Openssh's command line parsing, available options and default OpenSSH settings aren't the same as ssh, so some care needs to be taken in its operation. One should do a full audit of all configuration settings. Apart from those small nits I think it's fine. Kris In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
It is rumoured that Peter Jeremy had the courage to say: Note that ntpd will use rtprio if the Posix P1003.1b extensions aren't enabled in the kernel. (These were enabled by default in GENERIC on i386 in mid-January). If you have the new ntpd (rather than xntpd) and are running a kernel without options P1003_1B, _KPOSIX_PRIORITY_SCHEDULING and _KPOSIX_VERSION=199309L, you could potentially get a lockup due to a priority inversion. (Though I think the probability is very small). I don't use ntpd (I use ntpdate) and I do have those options enabled in my kernel (all three of them). IIRC they are needed to get either cdrdao or cdrecord to work. Seems that everything points to UDMA66 so far... Regards, Dave Boers. -- Dave Boers djb @ relativity . student . utwente . nl Don't let your schooling interfere with your education. (Mark Twain) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: /usr/bin/ssh and SOCKS
In message [EMAIL PROTECTED] Kris Kennaway writes: : On Mon, 6 Mar 2000, Warner Losh wrote: : : Sure. Here's what I have in my uncommitted tree. It assumes that you : have socks installed already. Known to work with the nec port, not : known one way or the other on dante. : : Oh, there's lots of warnings from this, but it does work. : : I'd like to get this committed - I'll try and take a look at it tonight, : time permitting. I would definitely like to allow SSH to work with dante, : though, since that's a better (BSDL) alternative than the restricted NEC : version. Mark M has seen these patches and has asked that I hold off until after the freeze to commit them. At this point, I'm inclined to agree with him. They definitely do not work with Dante, because dante doesn't seem to install any header files, like the nec socks5 port does. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: current lockups
On Mon, Mar 06, 2000 at 11:59:21PM +0100, Dave Boers wrote: It is rumoured that Peter Jeremy had the courage to say: Note that ntpd will use rtprio if the Posix P1003.1b extensions aren't enabled in the kernel. (These were enabled by default in GENERIC on i386 in mid-January). If you have the new ntpd (rather than xntpd) and are running a kernel without options P1003_1B, _KPOSIX_PRIORITY_SCHEDULING and _KPOSIX_VERSION=199309L, you could potentially get a lockup due to a priority inversion. (Though I think the probability is very small). I don't use ntpd (I use ntpdate) and I do have those options enabled in my kernel (all three of them). IIRC they are needed to get either cdrdao or cdrecord to work. Seems that everything points to UDMA66 so far... ...maybe in certain combinations. I have a BP6 with dual celerons (466's @ 504) and have had no problems whatsoever. FreeBSD 4.0-CURRENT #4: Sun Mar 5 12:20:41 PST 2000 [EMAIL PROTECTED]:/usr/src/sys/compile/NORN Timecounter "i8254" frequency 1193182 Hz CPU: Pentium II/Pentium II Xeon/Celeron (503.92-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x665 Stepping = 5 Features=0x183fbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CM OV,PAT,PSE36,MMX,FXSR real memory = 268369920 (262080K bytes) avail memory = 256987136 (250964K bytes) Programming 24 pins in IOAPIC #0 IOAPIC #0 intpin 2 - irq 0 FreeBSD/SMP: Multiprocessor motherboard cpu0 (BSP): apic id: 0, version: 0x00040011, at 0xfee0 cpu1 (AP): apic id: 1, version: 0x00040011, at 0xfee0 io0 (APIC): apic id: 2, version: 0x00170011, at 0xfec0 ad0: 9765MB FUJITSU MPC3102AT E [19841/16/63] at ata0-master using UDMA33 ad4: 12949MB IBM-DJNA-371350 [28064/15/63] at ata2-master using UDMA66 acd0: CDROM DELTA OPC-K101/ST1 F/W by OIPD at ata1-slave using PIO4 ad0 is a DOS drive, ad4 is what I have FreeBSD on. -Chris -- [EMAIL PROTECTED] [EMAIL PROTECTED] Abbotsford, BC, Canada To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
