Re: Sendmail X License reverted back to same as Sendmail 8
On Mon, May 29, 2006 at 05:23:29PM +0530, Siju George wrote:
Theo's statement quoted at
http://undeadly.org/cgi?action=articlesid=20051116145737
---
Talking about privilege revocation and separation, he pointed out that
the new Sendmail maintainer has been following some good coding
practice
Something similar to postfix in base, sounds good.
http://en.wikipedia.org/w/index.php?title=Sendmaildiff=55340274oldid=45053291
###
Although it is purported to be a complete new design, its design is in
fact pretty much an exact copy of the design of [[Postfix
(software)|Postfix]] (''master'' becomes MCP, ''smtpd'' becomes SMTPS,
''local'' becomes LDA, ''smtp'' becomes SMTPC, ''trivial-rewrite''
becomes AR, and ''qmgr'' becomes QMGR).
###
--
Craig.
Craig Skinner | http://www.kepax.co.uk | [EMAIL PROTECTED]
CGI in C: getenv(CONTENT_LENGTH)
Sorry if this is too simple. It's still ongoing learning process for me.
I dare to ask about it on misc@ because the code will be running on OpenBSD and
because I want to learn how to use OpenBSD properly.
Its about getenv(CONTENT_LENGTH); usage from C. I have found two sources on t
hat, but I am not able to understand the differences and to determine which code
is better, safer.
http://www.cs.tut.fi/~jkorpela/forms/cgic.html
char *lenstr;
char input[MAXINPUT], data[MAXINPUT];
long len;
printf(%s%c%c\n,Content-Type:text/html;charset=iso-8859-1,13,10);
lenstr = getenv(CONTENT_LENGTH);
if(lenstr == NULL || sscanf(lenstr,%ld,len)!=1 || len MAXLEN)
printf(PError in invocation - blah blah);
else {
FILE *f;
fgets(input, len+1, stdin);
.
http://www.coding-zone.co.uk/cpp/cgi/170401cgicpp.shtml
main()
{
char *endptr;
int i;
double contentlength;
char buff[1];
const char *len1 = getenv(CONTENT_LENGTH);
contentlength=strtol(len1, endptr, 10);
fread(buff, contentlength, 1, stdin);
}
To be specific:
1. I do not get why the first example uses only
lenstr = getenv(CONTENT_LENGTH);
while the second example goes through all of that conversion of the
getenv(CONTENT_LENGTH) result from string to decimal number:
const char *len1 = getenv(CONTENT_LENGTH);
contentlength=strtol(len1, endptr, 10);
fread(buff, contentlength, 1, stdin);
2. In the CGI context, do fgets(input, len+1, stdin) and
fread(buff, contentlength, 1, stdin) make a difference?
3. Is the code
if(lenstr == NULL || sscanf(lenstr,%ld,len)!=1 || len MAXLEN)
printf(PError in invocation - blah blah);
else {
FILE *f;
fgets(input, len+1, stdin);
.
enough to prevent from the httpd buffer overflow attacks on the default
OpenBSD httpd? I do understand that this question in particular is a
broad one, but still - any comments or ideas would help as I am new to
this.
Reading httpd src or manuals did not explained the differences in the logic
of differences in those two code snippets (well at least so far).
Any help would be really appreciated.
Vladas
Re: bad SK NICs ??
Ive also had those watchdog problems with sk(4) on 3.9. They did appear on 3.8 but not as often. It doesnt seem to matter what i do to get those, they are not coming when i use much traffic but they seem to just appear at random. My card is; skc0 at pci0 dev 15 function 0 3Com 3c940 rev 0x10, Marvell Yukon (0x1): irq 10 sk0 at skc0 port A, address 00:0a:5e:5c:58:ec
can't get soekris 4801 to boot via pxe
hello misc, i bought a soekris 4801 from wim and wanted to install it via net. when i boot the box it gets it ip-address and when it comes to load bsd.rd it loads the kernel but hangs during load: comBIOS ver. 1.28 20050529 Copyright (C) 2000-2005 Soekris Engineering. net4801 0128 Mbyte MemoryCPU Geode 266 Mhz Pri Sla SILICONSYSTEMS INC 512MBLBA 1011-16-63 509 Mbyte Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1Base2 Int --- 0:00:0 1078 0001 0600 0107 0280 00 00 00 0:06:0 100B 0020 0200 0107 0290 00 3F 00 E101 A000 10 0:07:0 100B 0020 0200 0107 0290 00 3F 00 E201 A0001000 10 0:08:0 100B 0020 0200 0107 0290 00 3F 00 E301 A0002 0:18:2 100B 0502 01018001 0005 0280 00 00 00 0:19:0 0E11 A0F8 0C031008 0117 0280 08 38 00 A0003000 11 4 Seconds to automatic boot. Press Ctrl-P for entering Monitor. comBIOS Monitor. Press ? for help. boot F0 NSC DP83815/DP83816 Fast Ethernet UNDI, v1.03 Copyright (C) 2002, 2003 National Semiconductor Corporation All rights reserved. Pre-boot eXecution Environment PXE-2.0 (build 082) Copyright (C) 1997-2000 Intel Corporation CLIENT MAC ADDR: 00 00 24 C6 5C F8 CLIENT IP: 192.168.83.3 MASK: 255.255.255.0 DHCP IP: 192.168.83.208 GATEWAY IP: 192.168.83.1 probing: pc0 com0 com1 pci pxe![2.1] mem[639K 127M a20=on] disk: hd0+* net: mac 00:00:24:c6:5c:f8, ip 192.168.83.3, server 192.168.83.208 OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4435508+740284 [52+155376+141982]=0x538528 entry point at 0x100120 ~$f$~xxf$~$f$8~8~$f$f$ the tftpd resides on a 3.9 and the bsd.rd kernel is from 3.9-RELEASE. i installed the tftpd as explained in the faq and this is my /tftpboot/etc/boot.conf: ~ # cat /tftpboot/etc/boot.conf set tty com0 boot bsd.rd same thing with latest snapshot: probing: pc0 com0 com1 pci pxe![2.1] mem[639K 127M a20=on] disk: hd0+* net: mac 00:00:24:c6:5c:f8, ip 192.168.83.3, server 192.168.83.208 OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4539860+740228 [52+159968+145900]=0x553dcc entry point at 0x200120 ~$f$~~xxf$~$f$8~8~$f$f$ anyone has any ideas to point me in the correct direction? TIA, marc
Re: Static functions in C code
On Fri, May 26, 2006 at 08:29:58AM -0500, Marco Peereboom wrote: My answer is correct. It is not my fault that you don't have a clue about programming. Static has it's uses however for some reason the (open source) world at large seem not to understand what they are. Same is true with typedef, it has its uses too but mostly it is abused. What are some examples of abuse/misuse of typedef? (That's an honest question, not trolling.) I bet you have never wasted days finding a non-bug because of static. So how do you specify that a function should be visible only to the local compilation unit? Or, how do you keep others from using your locally-scoped (but not declared static) function in a global context? I've seen situations where someone saw a function that was not declared static, but clearly intended to have only local visibility, and someone went off and prototyped that function in some other module so they could use it. (Then again, even using 'static' probably wouldn't have solved the problem---that person would have just deleted the keyword!) Just curious! Thanks, Matt
Re: can't get soekris 4801 to boot via pxe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Marc, Marc Peters wrote: hello misc, i bought a soekris 4801 from wim and wanted to install it via net. when i boot the box it gets it ip-address and when it comes to load bsd.rd it loads the kernel but hangs during load: OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4435508+740284 [52+155376+141982]=0x538528 entry point at 0x100120 ~$f$~xxf$~$f$8~8~$f$f$ Just a wild guess, but to me this looks like the serial console tries to go out with 9600 baud, which is wrong. You get garbled output or no output. The soekris boards want to run 19200 baud IIRC. ~ # cat /tftpboot/etc/boot.conf set tty com0 boot bsd.rd you may want to define the speed of your console here :) stty com0 19200 :) good luck, Marian iD8DBQFEfDjJgAq87Uq5FMsRAl+hAKDPFF8hES45qSyCu2s4LpHph20+qACfR0JJ nKaTEuLno/rFRZuZwcaZjnk= =nm+y -END PGP SIGNATURE-
Re: head.c usage function
On Fri, May 26, 2006 at 08:47:15PM +0100, Nick Guenther wrote: least, it should be) in usage() because the proper form is fprintf(stderr, usage: %s [-ks]\n, __progname); where __progname gets filled in automatically with the name of the program. I don't know the details of how it works though, does anyone have a link to an explanation? I'm not sure about this, but isn't __progname a compiler-specific extension? I usually write a usage function to take a single argument, i.e. usage(const char *progname). When I call usage(), which is always from main(), I just pass in argv[0]. I'm under the impression that argv[0] being set to the name of the program is standard (could be wrong though). MG
trouble with carp + bridge
hi my setup are openBSD 3.9-stable (GENERIC) #1: Fri May 12 09:47:15 CEST 2006 2 boxes with 4 3com 100mbit cards ( xl ) 2 interface per box run as bridge /etc more bridgename.bridge0 add xl0 add xl1 blocknonip xl0 blocknonip xl1 stp xl0 stp xl1 timeout 60 priority 12288 maxaddr 1000 up ( the second box habe a diffrent priority ) 1 interface per box are for pfsync 1 interface for an private network ( just carp1 carpdev xl2 ip addr the interface have no ip ) the sysctl.conf looks like net.inet.ip.forwarding=1 net.inet.carp.allow=1 net.inet.carp.preempt=1 so i setup on the first interface ( wan ) my box ip address /etc more hostname.xl0 inet .xxx.xxx..xxx.200 255.255.254.0 NONE group wan_if the second interface are just an up group dmz until to this setup works every thing fine. now i setup the carp interface carp0 inet xxx.xxx.xxx.202 255.255.254.0 NONE carpdev xl0 vhid 202 pass bridge1ha inet alias xxx.xxx.xxx.74 255.255.254.0 NONE now my problem the carp ip is from outside ( internet ) connectable but if i do an ping from inside ( dmz ) to the carp ip i got no response. what i see is at my tcpdump that the client host dident receive the arp addr from the carp interface . /etc tcpdump -vvv -e -n -i xl0 host kikwit tcpdump: listening on xl0, link-type EN10MB 15:43:08.646358 0:50:4:33:b5:de ff:ff:ff:ff:ff:ff 0806 60: arp who-has xxx.xxx..xxx.74 tell xxx.xxx.xxx.187 15:43:09.601319 0:50:4:33:b5:de ff:ff:ff:ff:ff:ff 0806 60: arp who-has xxx.xxx.xxx.74 tell xxx.xxx.xxx.187 15:43:10.561210 0:50:4:33:b5:de ff:ff:ff:ff:ff:ff 0806 60: arp who-has xxx.xxx.xxx.74 tell xxx.xxx.xxx.187 a ping from the client to the box ip on xl0 works perfekt. so if i add by hand the mac address from the carp interface on the client box everything fine. any idea ? holger
Re: can't get soekris 4801 to boot via pxe
Hello Do you have any reason to not use pxeboot? Take a look in /usr/mdec. Else, take a look at flashdist-20060413.tar residing here http://www.nmedia.net/~chris/soekris/ Hope this is readable although I'm writing it in the virusmanager outlook express. /regards from Sweden - Original Message - From: Marc Peters [EMAIL PROTECTED] To: misc@openbsd.org Sent: Tuesday, May 30, 2006 2:08 PM Subject: can't get soekris 4801 to boot via pxe hello misc, i bought a soekris 4801 from wim and wanted to install it via net. when i boot the box it gets it ip-address and when it comes to load bsd.rd it loads the kernel but hangs during load: comBIOS ver. 1.28 20050529 Copyright (C) 2000-2005 Soekris Engineering. net4801 0128 Mbyte MemoryCPU Geode 266 Mhz Pri Sla SILICONSYSTEMS INC 512MBLBA 1011-16-63 509 Mbyte Slot Vend Dev ClassRev Cmd Stat CL LT HT Base1Base2 Int --- 0:00:0 1078 0001 0600 0107 0280 00 00 00 0:06:0 100B 0020 0200 0107 0290 00 3F 00 E101 A000 10 0:07:0 100B 0020 0200 0107 0290 00 3F 00 E201 A0001000 10 0:08:0 100B 0020 0200 0107 0290 00 3F 00 E301 A0002 0:18:2 100B 0502 01018001 0005 0280 00 00 00 0:19:0 0E11 A0F8 0C031008 0117 0280 08 38 00 A0003000 11 4 Seconds to automatic boot. Press Ctrl-P for entering Monitor. comBIOS Monitor. Press ? for help. boot F0 NSC DP83815/DP83816 Fast Ethernet UNDI, v1.03 Copyright (C) 2002, 2003 National Semiconductor Corporation All rights reserved. Pre-boot eXecution Environment PXE-2.0 (build 082) Copyright (C) 1997-2000 Intel Corporation CLIENT MAC ADDR: 00 00 24 C6 5C F8 CLIENT IP: 192.168.83.3 MASK: 255.255.255.0 DHCP IP: 192.168.83.208 GATEWAY IP: 192.168.83.1 probing: pc0 com0 com1 pci pxe![2.1] mem[639K 127M a20=on] disk: hd0+* net: mac 00:00:24:c6:5c:f8, ip 192.168.83.3, server 192.168.83.208 OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4435508+740284 [52+155376+141982]=0x538528 entry point at 0x100120 ~$f$~xxf$~$f$8~8~$f$f$ the tftpd resides on a 3.9 and the bsd.rd kernel is from 3.9-RELEASE. i installed the tftpd as explained in the faq and this is my /tftpboot/etc/boot.conf: ~ # cat /tftpboot/etc/boot.conf set tty com0 boot bsd.rd same thing with latest snapshot: probing: pc0 com0 com1 pci pxe![2.1] mem[639K 127M a20=on] disk: hd0+* net: mac 00:00:24:c6:5c:f8, ip 192.168.83.3, server 192.168.83.208 OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4539860+740228 [52+159968+145900]=0x553dcc entry point at 0x200120 ~$f$~~xxf$~$f$8~8~$f$f$ anyone has any ideas to point me in the correct direction? TIA, marc
Re: libfreetype/fonts in today's X snapshot
Selon Stuart Henderson [EMAIL PROTECTED]: fwiw, just reverting libfreetype.so.13.1 to an older one unbreaks it, so if anyone else has done the same thing and spent half the day trying to work out what happened to their fonts, there's your answer. Well, I'm seeing the same behaviour here. Most fonts are f***ed up. -- Antoine
Re: can't get soekris 4801 to boot via pxe
On 2006/05/30 14:41, mats wrote: Do you have any reason to not use pxeboot? Take a look in /usr/mdec. OpenBSD/i386 PXEBOOT 1.07 eh? looks like pxe to me. switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4435508+740284 [52+155376+141982]=0x538528 entry point at 0x100120 ~$f$~xxf$~$f$8~8~$f$f$ Forget all about the nonstandard 19200 console speed. Change combios to use 9600, you'll thank yourself later.
sendmail is no more in NetBSD src tree
http://www.feyrer.de/NetBSD/bx/blosxom.cgi/nb_20060530_1030.html quote: Christos Zoulas has removed sendmail from the NetBSD source tree. This was the result of a lot of bickering long discussion about the security track of sendmail. Sendmail will continue to be available from pkgsrc.
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
jared r r spiegel wrote: On Mon, May 29, 2006 at 10:01:21PM -0600, Breen Ouellette wrote: A few months ago, Didier Wiroth posted to this list that his net4801 with a vpn1411 was giving him 'Corrupted MAC on input' errors. He was looking for a solution to this problem. i think i chimed in on that one. since i put may.1st snapshots on my 4801, it has not happened at all. this was the same situation for me as before; i started to see the 'corrupted MAC on input' after one snapshot, and then a few snapshots later, it went away entirely. this last time, it showed up after a december-ish snapshot (iirc, whatever i had in my last post about it ...), and since may.1 snapshot, it is entirely non-present Just so you are aware, this problem is not necessarily limited to OpenBSD. A NetBSD user stated on the Soekris tech list that he had seen the error a couple of times, but he no longer has a net4801/vpn1411 combination to test the script against. As well, a FreeBSD user reported the same trouble in a different thread. The problem is that this error is sporadic enough that no one appears to have confirmed the cause so that the responsible party(ies) may be notified. Since many types of hardware error can be responsible for similar behaviour it has been too easy to blame it on a ghost in the system. However, I started out with just a net4801, which I used for more than a year before getting the vpn1411. During that year my box ran flawlessly, so when the errors cropped up after installing the vpn1411 I was in the relatively unique position of knowing that the net4801 was fine, while most people seem to buy the set, experience errors, get told it is a hardware problem (bad RAM, bad NIC, bad network device), and take it at face value. It still could be a hardware problem, but it is not the only possibility and I would like clear evidence before I blame the card. The fact that I have only seen this reported on BSD systems could be an indication that there is a problem with the Hifn driver _IF_ they all share a common code base. Having a quick look at the source code on the web indicates to me that several sources have been used to create the Hifn driver. Perhaps a developer can enlighten us about whether or not there is a shared code base (or cooperation) between projects. I have seen my script run for several minutes before glitching out, so if you have the time to run it for a solid 10 minutes using SSH2/AES it will go a long way to confirming that you haven't just been lucky to avoid the error since you began using the May 1st snapshot. I've personally used several SSH2/AES sessions for regular use for more than 30 minutes in the last week without experiencing an error (yet at other times it has failed within a minute of regular use). It seems rather unlikely (although not impossible) that the OpenBSD developers would regress the code to a breakable state and then fix it again, so my money would be on your being lucky the last few weeks and that most people sluff this off as a problem with hardware. In fact, the WebCVS shows that the last change to the Hifn driver was 4 months ago, which would indicate that for the May 1st snapshot to fix this problem the error would have to exist outside of the driver itself, lending more credibility to the hypothesis that you still have a problem but you just haven't experienced it. Thanks for your post. I hope you take it one step further and run that script (and then report your result to this list)! :) Breeno
Re: Static functions in C code
On 5/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Fri, May 26, 2006 at 08:29:58AM -0500, Marco Peereboom wrote: Static has it's uses however for some reason the (open source) world at large seem not to understand what they are. Same is true with typedef, it has its uses too but mostly it is abused. What are some examples of abuse/misuse of typedef? (That's an honest question, not trolling.) well everything was already said within this very thread. RTFA in case you've missed it. I bet you have never wasted days finding a non-bug because of static. So how do you specify that a function should be visible only to the local compilation unit? Or, how do you keep others from using your locally-scoped (but not declared static) function in a global context? why would you even want that (moreover in opensource)? hide for what reason? I've seen situations where someone saw a function that was not declared static, but clearly intended to have only local visibility, and someone went off and prototyped that function in some other module so they could use it. (Then again, even using 'static' probably wouldn't have solved the problem---that person would have just deleted the keyword!) well, as i asked before, i think it is not like OpenBSD developers consider hiding functions from other developers (and effectively from themselves). this increase of obscurity has little to go with use the source Luke... Just curious! Thanks, Matt
Re: CGI in C: getenv(CONTENT_LENGTH)
On Tue, May 30, 2006 at 07:05:06PM +0900, vladas wrote:
Sorry if this is too simple. It's still ongoing learning process for me.
I dare to ask about it on misc@ because the code will be running on OpenBSD
and
because I want to learn how to use OpenBSD properly.
Its about getenv(CONTENT_LENGTH); usage from C. I have found two sources
on t
hat, but I am not able to understand the differences and to determine which
code
is better, safer.
http://www.cs.tut.fi/~jkorpela/forms/cgic.html
char *lenstr;
char input[MAXINPUT], data[MAXINPUT];
long len;
printf(%s%c%c\n,Content-Type:text/html;charset=iso-8859-1,13,10);
lenstr = getenv(CONTENT_LENGTH);
if(lenstr == NULL || sscanf(lenstr,%ld,len)!=1 || len MAXLEN)
printf(PError in invocation - blah blah);
else {
FILE *f;
fgets(input, len+1, stdin);
.
http://www.coding-zone.co.uk/cpp/cgi/170401cgicpp.shtml
main()
{
char *endptr;
int i;
double contentlength;
char buff[1];
const char *len1 = getenv(CONTENT_LENGTH);
contentlength=strtol(len1, endptr, 10);
fread(buff, contentlength, 1, stdin);
}
To be specific:
1. I do not get why the first example uses only
lenstr = getenv(CONTENT_LENGTH);
while the second example goes through all of that conversion of the
getenv(CONTENT_LENGTH) result from string to decimal number:
const char *len1 = getenv(CONTENT_LENGTH);
contentlength=strtol(len1, endptr, 10);
fread(buff, contentlength, 1, stdin);
look closer (first example):
if(lenstr == NULL || sscanf(lenstr,%ld,len)!=1 || len MAXLEN)
both convert the string to a number.
both examples use datatypes that i don't really like. use something like
size_t for length.
use something like strtonum/sscanf to convert a string to a number.
make sure length makes sense. -1 does not, 4,294,967,296 probably
doesn't either.
also make sure that your buffers are large enough for all possible
circumstances.
2. In the CGI context, do fgets(input, len+1, stdin) and
fread(buff, contentlength, 1, stdin) make a difference?
fgets terminates buff with a '\0', wich is imho better than plain
fread. otoh, both are ok if buff is large enough(!) and you know
what you're doing.
3. Is the code
if(lenstr == NULL || sscanf(lenstr,%ld,len)!=1 || len MAXLEN)
printf(PError in invocation - blah blah);
else {
FILE *f;
fgets(input, len+1, stdin);
.
enough to prevent from the httpd buffer overflow attacks on the default
OpenBSD httpd?
yes ;) if there is a buffer overflow, it's in your cgi, not in httpd.
httpd's chroot can prevent an attacker from getting a shell and do more
harm. Depending on your application, he can still do a lot of damage to
your application or to other clients (XSS attacks for example).
I do understand that this question in particular is a
broad one, but still - any comments or ideas would help as I am new to
this.
Reading httpd src or manuals did not explained the differences in the logic
of differences in those two code snippets (well at least so far).
Any help would be really appreciated.
read the superb manpages of the functions you want to use. there are
often examples and pointers to things you should do/not do.
Vladas
I'm sure i forgot tons of stuff :)
Tobias
Re: head.c usage function
Be careful -- if you have an application say /usr/local/whatever/foo that is linked from /usr/local/bin/bar then when you call /usr/local/bin/bar it will populate bar as the argv[0] element. This may be what you want, but then again, perhaps you want to know that foo is the application being called. __progname *should* ensure that foo is is being used when doing things like opening app-name specific logs etc. On 5/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I usually write a usage function to take a single argument, i.e. usage(const char *progname). When I call usage(), which is always from main(), I just pass in argv[0]. I'm under the impression that argv[0] being set to the name of the program is standard (could be wrong though).
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
I have a net4801 with a vpn1411 and I occasionally got the error (but not for a good while now). I also have a vpn1411 in a generic i386 mb and I *never* seen the error on that machine.
Re: Xen/OpenBSD Summer of Code project
Anil Madhavapeddy wrote: We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. I see that this project got selected: http://code.google.com/soc/xensource/about.html Let's hope this work can be included in OpenBSD after the summer. Cheers, Dries
Re: Xen/OpenBSD Summer of Code project
That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Anil Madhavapeddy wrote: We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. I see that this project got selected: http://code.google.com/soc/xensource/about.html Let's hope this work can be included in OpenBSD after the summer. Cheers, Dries
Re: Xen/OpenBSD Summer of Code project
Peter Blair wrote: That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) A minor detail: OpenBSD will run on the Xen virtual machine monitor and not on Linux or Windows (like VMWare). So the Linux instance (or even multiple of them) will run in parallel to the OpenBSD domain. Cheers, Dries On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Anil Madhavapeddy wrote: We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. I see that this project got selected: http://code.google.com/soc/xensource/about.html Let's hope this work can be included in OpenBSD after the summer. Cheers, Dries
Re: head.c usage function
Gak! The should was hedged with quotes because I couldn't verify how it behaved. Apparently it's just a quick way to access argv[0]. Thanks! On 30 May 2006 16:29:31 +0200, Artur Grabowski [EMAIL PROTECTED] wrote: Peter Blair [EMAIL PROTECTED] writes: Be careful -- if you have an application say /usr/local/whatever/foo that is linked from /usr/local/bin/bar then when you call /usr/local/bin/bar it will populate bar as the argv[0] element. This may be what you want, but then again, perhaps you want to know that foo is the application being called. __progname *should* ensure that foo is is being used when doing things like opening app-name specific logs etc. should? Says who? How do you handle hard links then? Why should anyone even care what the file name was? The kernel isn't even aware that a symbolic link was followed when performing the exec system call (it could be made aware of the fact by horrible layering violations in the filesystem code and/or best effort measures that would break down in case of hard links). $ grep usage: /usr/src/bin/rm/rm.c (void)fprintf(stderr, usage: %s [-dfiPRr] file ...\n, __progname); $ rm -J rm: unknown option -- J usage: rm [-dfiPRr] file ... $ ln -s /bin/rm /tmp/foo $ /tmp/foo -J foo: unknown option -- J usage: foo [-dfiPRr] file ... $ See: /usr/src/lib/csu/*/crt0.c that fills in __progname. Considering that argv[0] can be set to anything by the caller, __progname can be set to anything too. If you trust it, you're wrong. //art On 5/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I usually write a usage function to take a single argument, i.e. usage(const char *progname). When I call usage(), which is always from main(), I just pass in argv[0]. I'm under the impression that argv[0] being set to the name of the program is standard (could be wrong though).
Re: Xen/OpenBSD Summer of Code project
Are you saying that OpenBSD is targetted as a Dom0 OS? I couldn't tell from the above mentioned links. On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Peter Blair wrote: That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) A minor detail: OpenBSD will run on the Xen virtual machine monitor and not on Linux or Windows (like VMWare). So the Linux instance (or even multiple of them) will run in parallel to the OpenBSD domain. Cheers, Dries On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Anil Madhavapeddy wrote: We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. I see that this project got selected: http://code.google.com/soc/xensource/about.html Let's hope this work can be included in OpenBSD after the summer. Cheers, Dries
Help with CUPS and Samsung ML-1710
Hello, I've been trying to get my Samsung ML-1710 running under OpenBSD with CUPS. Installation of everything seems to have gone o.k., but I can't print anything... From dmesg I receive: ulpt0 at uhub1 port 2 configuration 1 interface 0 ulpt0: Samsung Electronics Co., Ltd. Samsung ML-1710 Series, rev 1.10/1.00, addr 2, iclass 7/1 ulpt0: using bi-directional mode I have configured it via web, Samsung ML-1710 Foomatic/gdi (recommended) Description: Stampante Laser B/N Location: Printer State: idle, accepting jobs. Device URI: usb:/dev/ulpt0 but if I running /usr/local/libexec/cups/backend/usb manually, the prompt shows: # ./usb direct usb:/dev/ulpt0 Unknown USB Printer #1 direct usb:/dev/ulpt1 Unknown USB Printer #2 The cps's error_log file don't show errors, I [30/May/2006:15:18:34 +0200] Started /usr/local/libexec/cups/cgi-bin/printers.cgi (pid=28574) I [30/May/2006:15:18:35 +0200] Adding start banner page none to job 1. I [30/May/2006:15:18:35 +0200] Adding end banner page none to job 1. I [30/May/2006:15:18:35 +0200] Job 1 queued on 'ML1710' by 'root'. I [30/May/2006:15:18:35 +0200] Started filter /usr/local/libexec/cups/filter/pstops (PID 1194) for job 1. I [30/May/2006:15:18:35 +0200] Started filter /usr/local/libexec/cups/filter/foomatic-rip (PID 5490) for job 1. I [30/May/2006:15:18:35 +0200] Started backend /usr/local/libexec/cups/backend/usb (PID 26302) for job 1. I [30/May/2006:15:18:36 +0200] Started /usr/local/libexec/cups/cgi-bin/printers.cgi (pid=28339) and also when I search to bypass the spooler mechanism, # lptest /dev/ulpt0 it doesn't print :( I hope in your help :) Thanks, -- ip
dhclient exits while creating aliases
Hello,
I use:
$ uname -mrsv
OpenBSD 3.9 GENERIC#617 i386
I would like to set an alias on my external interface which has a DHCP
provided address.
As written in dhclient.conf(5), I set up an alias for my xl0 interface:
$ cat /etc/dhclient.conf
alias {
interface xl0;
fixed-address 192.5.5.213;
option subnet-mask 255.255.255.255;
}
Then, when I start dhclient, it exits after having acquired a lease.
$ sudo tail -n 3 /var/log/daemon
May 30 18:42:02 riri dhclient[32081]: bound to 10.10.10.244 -- renewal
in 300 seconds.
May 30 18:42:02 riri dhclient[13379]: buf_read (connection closed)
May 30 18:42:02 riri dhclient[13379]: exiting.
I have seen similar problems with previous versions of dhclient in 3.6, 3.7
For example, in the thread dhclient woes started on Mon, Oct 31 2005
4:02 am
Also, if I remove the alias line from /etc/dhclient.conf, then dhclient
starts and doesn't exit.
However, when I add the alias by hand, it exits as well:
$ pgrep dhclient
10400
26486
$ sudo ifconfig xl0 inet alias 192.5.5.213 netmask 255.255.255.255
$ pgrep dhclient
$ sudo tail -n 2 /var/log/daemon
May 30 19:01:31 riri dhclient[26486]: buf_read (connection closed)
May 30 19:01:31 riri dhclient[26486]: exiting.
Thanks in advance.
Matthias Bertschy
Here is the dmesg output:
$ dmesg
OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 1.90GHz (GenuineIntel 686-class) 1.92 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM
real mem = 536387584 (523816K)
avail mem = 482426880 (471120K)
using 4278 buffers containing 26923008 bytes (26292K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(e5) BIOS, date 02/13/03, BIOS32 rev. 0 @ 0xfa130
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xccc4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcc20/160 (8 entries)
pcibios0: PCI Exclusive IRQs: 5 9 11
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371SB ISA rev 0x00)
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xcc00
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82845G/GL rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82845G/GL/GV/GE/PE AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 NVIDIA GeForce2 MX rev 0xb2
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x02: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x02: irq 9
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x02: irq 5
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x02: irq 11
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 6 ports with 6 removable, self powered
ppb1 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x82
pci2 at ppb1 bus 2
xl0 at pci2 dev 1 function 0 3Com 3c905B 100Base-TX rev 0x30: irq 11,
address 00:10:5a:41:f4:ac
exphy0 at xl0 phy 24: 3Com internal media interface
ichpcib0 at pci0 dev 31 function 0 Intel 82801DB LPC rev 0x02
pciide0 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: Maxtor 6Y080L0
wd0: 16-sector PIO, LBA, 76293MB, 15625 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: MATSHITA, DVD-ROM SR-8588, 7Z14 SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x02: irq 9
iic0 at ichiic0
unknown at iic0 addr 0x4e not configured
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x02: irq 9,
ICH4 AC97
ac97: codec id 0x414c4720 (Avance Logic ALC650)
ac97: codec features 20 bit DAC, 18 bit ADC, Realtek 3D
audio0 at auich0
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
it0 at isa0 port 0x290/8: IT87
npx0 at isa0
HFSC queueing and m1, m2 and d SC values
Hi misc
As the fact is that the only way to reduce the worst case delay is to increase
the bandwidth reservation I have the following question.
(above statement from a technical overview of HFSC)
Let's say that I set an initial realtime bandwith for 1 second and then a
lower value (example: realtime 1Mb 1000 0.5Mb). Then I assume I will have a
lower delay for the first second as the bandwidth is higher...
Now... What happens with the initial delay if I have for example:
(only a paper constructed example that is not tested)
altq on $EXT hfsc bandwidth 10Mb qlimit 100 queue {clientnets, std }
queue clientnets bandwidth 1% qlimit 100 hfsc (realtime 1500Kb, linkshare
7500Kb, upperlimit 8500Kb) { XXX, YYY, ZZZ }
queue XXX bandwidth 1% qlimit 100 hfsc (realtime (1000Kb 1000 500Kb),
linkshare 2500Kb, upperlimit 6000Kb)
queue YYY bandwidth 1% qlimit 100 hfsc (realtime (1000Kb 1000 500Kb),
linkshare 2500Kb, upperlimit 6000Kb)
queue ZZZ bandwidth 1% qlimit 100 hfsc (realtime (1000Kb 1000 500Kb),
linkshare 2500Kb, upperlimit 6000Kb)
queue std bandwidth 1% qlimit 100 hfsc (realtime 500Kb, linkshare 500Kb,
upperlimit 100% default ecn)
and the average load on the XXX, YYY and ZZZ queues are aprox 2500Kbit?
Will I have any benefit at all of the higher initial realtime value during the
first second if the average load is always higher than the realtime value? Or
could I set realtime to 0 without any drawbacks?
Thanks in advance
Per-Olov Sjvholm
--
GPG keyID: 4DB283CE
GPG fingerprint: 45E8 3D0E DE05 B714 D549 45BC CFB4 BBE9 4DB2 83CE
Re: Xen/OpenBSD Summer of Code project
At 10:48 AM 5/30/2006 -0400, Peter Blair wrote: That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) Runs just fine with VMWare Planer/Server under Windoze, .. however I imagine a native Xen implementation would be much smoother. Lee
Re: Xen/OpenBSD Summer of Code project
Peter Blair wrote: Are you saying that OpenBSD is targetted as a Dom0 OS? I couldn't tell from the above mentioned links. No, I think the goal is to run OpenBSD as DomU. It seems NetBSD can run in Dom0, so OpenBSD could as well. Ideally, Dom0 should of course be running something small/minimal, and not a complete Linux/NetBSD/... like it is the case now, to keep the size of the TCB smaller. Cheers, Dries On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Peter Blair wrote: That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) A minor detail: OpenBSD will run on the Xen virtual machine monitor and not on Linux or Windows (like VMWare). So the Linux instance (or even multiple of them) will run in parallel to the OpenBSD domain. Cheers, Dries On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote: Anil Madhavapeddy wrote: We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. I see that this project got selected: http://code.google.com/soc/xensource/about.html Let's hope this work can be included in OpenBSD after the summer. Cheers, Dries
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Peter Strvmberg wrote: I have a net4801 with a vpn1411 and I occasionally got the error (but not for a good while now). I also have a vpn1411 in a generic i386 mb and I *never* seen the error on that machine. Peter, Could you provide a model number for your generic i386 mainboard? Is it a vpn1411 you are using on the non-Soekris board, or the vpn1401 (PCI or mini-PCI)? Have you used your net4801 without the vpn1411? If so, did you get any of these errors without the vpn1411? What version of OpenBSD are you using on these machines? Would you be so kind as to run the script (over ssh) which I posted in the original message? Preferably on both the machines you have with a vpn1411 for a minimum of ten minutes. It would be very helpful. Thanks for the info, I hope we hear more! Breeno
Re: can't get soekris 4801 to boot via pxe
Marc Peters wrote: hello misc, i bought a soekris 4801 from wim and wanted to install it via net. when i boot the box it gets it ip-address and when it comes to load bsd.rd it loads the kernel but hangs during load: OpenBSD/i386 PXEBOOT 1.07 switching console to com0 OpenBSD/i386 PXEBOOT 1.07 booting tftp:bsd.rd: 4435508+740284 [52+155376+141982]=0x538528 entry point at 0x100120 ~$f$~xxf$~$f$8~8~$f$f$ fetched the latest bsd.rd and pxeboot (1.09) again and it seems to work.
Re: Xen/OpenBSD Summer of Code project
On Tue, May 30, 2006 at 04:52:35PM +0200, Dries Schellekens wrote: Peter Blair wrote: That project (if/once completed) would be very useful. I just cringe at the thought of running a guestOS of openbsd under linux or Solaris ;) A minor detail: OpenBSD will run on the Xen virtual machine monitor and not on Linux or Windows (like VMWare). So the Linux instance (or even multiple of them) will run in parallel to the OpenBSD domain. Christoph has OpenBSD running as DOMU on Xen 2.0, but DOM0 is working, too. There are more things to consider. Contact me for details if you are interested. -m
nice and convenient way to check latest current src changes?
Hello, To follow the current source changes I usually check the following website: http://marc.theaimsgroup.com/?l=openbsd-cvsr=1b=200605w=2 This isn't very handy as you have to click every message to view the log message and the files that were changed. 1) Is there a nice way to see current source changes? (If possible, I would prefer NOT to subscribe to another new mailing list!) 2) Is there a nice and fast method to check the latest changes with the cvs command? Thank you very much Didier
Fwd: Status of tomcat on OpenBSD
Sorry Leonardo, obviously this was meant for the list :p Begin forwarded message: From: Jeremy Huiskamp [EMAIL PROTECTED] Date: May 29, 2006 11:46:07 PM EDT (CA) To: Leonardo Rodrigues [EMAIL PROTECTED] Subject: Re: Status of tomcat on OpenBSD And failing that, vanilla tomcat usually just requires an unpack and run, so long as you've got java installed properly. In case you wanted to go with something from the 5.5 series... I haven't tried it on openbsd but the packaging changes don't look that extensive so you could probably apply them yourself to any version. On 29-May-06, at 8:21 PM, Leonardo Rodrigues wrote: There are ports and packages for jakarta-tomcat. Latest version being v5.0. On 5/29/06, Jason Murray [EMAIL PROTECTED] wrote: Hello, just inquiring about the current state of tomcat on OpenBSD. I did a search on the list and the only resent mention of tomcat degenerated into a RoR sucks flamewar. -- An OpenBSD user... and that's all you need to know =)
Re: sendmail is no more in NetBSD src tree
On Tue, 30 May 2006 16:31:20 +0300 Alexey E. Suslikov [EMAIL PROTECTED] wrote: http://www.feyrer.de/NetBSD/bx/blosxom.cgi/nb_20060530_1030.html quote: Christos Zoulas has removed sendmail from the NetBSD source tree. This was the result of a lot of bickering long discussion about the security track of sendmail. Sendmail will continue to be available from pkgsrc. You seem to be lost. This is an OpenBSD mailing list. Adam
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Breen Ouellette wrote: Peter Strvmberg wrote: I have a net4801 with a vpn1411 and I occasionally got the error (but not for a good while now). [snip] I seem to no-longer be able to find what I once found in google search results, so take this with a grain of salt, but if my memory serves me correctly, there exists a series of net4801 boards with a problematic capacitor somewhere in the PCI bus circuitry which could be causing the problem. Or maybe this is just a myth. I use two net4801 boards with vpn1411 cards and I DO get these errors ocasionally with all patch- (post-release) kernels since OpenBSD 3.6 $0.02 Regards, Stoyan Genov
Re: bad SK NICs ??
I hate to add to the Me Too crowd about this issue, but I myself have been experiencing this also. I was running a snapshot of 3.7 where the machine would crash pretty hard from it after the watchdog timeout appeared a few times over the period of a few days. Now, though, with 3.9 snapshot I see the timeouts but it hasn't crashed yet from it: As you can see from the dmesg, my network card is the lesser expensive Linksys EG1032 marvel based card. OpenBSD 3.9-current (GENERIC) #702: Thu Apr 20 00:36:31 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz (GenuineIntel 686-class) 2.43 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM real mem = 1073217536 (1048064K) avail mem = 811261952 (792248K) using 4278 buffers containing 215060480 bytes (210020K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(ed) BIOS, date 11/10/03, BIOS32 rev. 0 @ 0xf1e30 apm0 at bios0: Power Management spec V1.2 (BIOS mgmt disabled) apm0: APM power management enable: unrecognized device ID (9) apm0: APM engage (device 1): power management disabled (1) apm0: AC on, battery charge unknown apm0: flags b0102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x24b2 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf23d0/224 (12 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xc800 0xd/0x7c00! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82845G/GL rev 0x02 ppb0 at pci0 dev 1 function 0 Intel 82845G/GL/GV/GE/PE AGP rev 0x02 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 NVIDIA GeForce2 MX rev 0xb2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x02: irq 12 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x02: irq 3 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x02: irq 14 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x02: irq 11 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb1 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x82 pci2 at ppb1 bus 2 VIA VT6306 FireWire rev 0x80 at pci2 dev 3 function 0 not configured pciide0 at pci2 dev 4 function 0 Promise PDC20376 rev 0x02: DMA wd0 at pciide0 channel 0 drive 0: ST380013AS wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using BIOS timings, Ultra-DMA mode 6 pciide0: using irq 11 for native-PCI interrupt bge0 at pci2 dev 5 function 0 Broadcom BCM5702X rev 0x02, BCM5703 A2 (0x1002): irq 10, address 00:e0:18:bf:77:eb brgphy0 at bge0 phy 1: BCM5703 10/100/1000baseT PHY, rev. 2 skc0 at pci2 dev 10 function 0 Linksys EG1032 rev 0x12, Marvell Yukon (0x1): irq 5 sk0 at skc0 port A, address 00:0c:41:eb:c4:35 eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 ichpcib0 at pci0 dev 31 function 0 Intel 82801DB LPC rev 0x02 pciide1 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide1: no compatibility interrupt for use by channel 0 atapiscsi0 at pciide1 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, DVD-ROM GDR8161B, 0100 SCSI0 5/cdrom removable cd0(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 2 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask fb4d netmask ff6d ttymask ffef pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302
head.c usage function
On 5/30/06, Peter Blair [EMAIL PROTECTED] wrote: Be careful -- if you have an application say /usr/local/whatever/foo that is linked from /usr/local/bin/bar then when you call /usr/local/bin/bar it will populate bar as the argv[0] element. Wrong, argv[0] will be whatever was passed to execvp as the first element of the second argument. (If that is not clear remember that the second argument is a NULL-terminated array of char pointers.) Although in most cases it will be set to the name of the application or a path to it. This may be what you want, but then again, perhaps you want to know that foo is the application being called. __progname *should* ensure that foo is is being used when doing things like opening app-name specific logs etc. Wrong again, __progname is derived from argv[0]. That's what enable things like crunchgen to work by altering the function of the program based on its name. On 5/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I usually write a usage function to take a single argument, i.e. usage(const char *progname). When I call usage(), which is always from main(), I just pass in argv[0]. I'm under the impression that argv[0] being set to the name of the program is standard (could be wrong though). __progname is filled in at program initialisation time (in ___start) with everything after the last / in argv[0]. It has nothing to do with the compiler. If you don't trust me, trust the sources: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/csu/i386/crt0.c?rev=1.13content-type=text/x-cvsweb-markup -- i think we should rewrite the kernel in java since it has good support for threads. - Ted Unangst
Re: CGI in C: getenv(CONTENT_LENGTH)
On 30/05/06, Tobias Ulmer [EMAIL PROTECTED] wrote:
Thank you very much for the reply!
also make sure that your buffers are large enough for all possible
circumstances.
I am concerned for the cases where URL given by the cliend side is like 2MB.
In my understanding, there is a gap between the server opening a socket
for the connection and starting reading in the data from the client until
the end of that readining-in when server stores the info about the request
in the env variables. So if URL is very big, it would be first transfered to
the httpd cache and httpd would determine the CONTENT_LENGTH and
would store that info in the env of the httpd, right?
So my cgi.c aren't so totally directly exposed to the net, are they?
As far as I have learned in the src/usr.sbin/httpd/src/include/httpd.h it says
that
#ifndef DEFAULT_LIMIT_REQUEST_LINE
#define DEFAULT_LIMIT_REQUEST_LINE 8190
#endif /* default limit on bytes in Request-Line (Method+URI+HTTP-version) */
#ifndef DEFAULT_LIMIT_REQUEST_FIELDSIZE
#define DEFAULT_LIMIT_REQUEST_FIELDSIZE 8190
#endif /* default limit on bytes in any one header field */
#ifndef DEFAULT_LIMIT_REQUEST_FIELDS
#define DEFAULT_LIMIT_REQUEST_FIELDS 100
#endif /* default limit on number of request header fields */
/* Limits on the size of various request items. These limits primarily
* exist to prevent simple denial-of-service attacks on a server based
* on misuse of the protocol. The recommended values will depend on the
* nature of the server resources -- CGI scripts and database backends
* might require large values, but most servers could get by with much
* smaller limits than we use below. The request message body size can
* be limited by the per-dir config directive LimitRequestBody.
However, I have not found this LimitRequestBody in the default httpd.conf.
Is it like extra option that will be understood in case of its presence in the
Directory on per-dir config?
* Internal buffer sizes are two bytes more than the DEFAULT_LIMIT_REQUEST_LINE
* and DEFAULT_LIMIT_REQUEST_FIELDSIZE below, which explains the 8190.
* These two limits can be lowered (but not raised) by the server config
* directives LimitRequestLine and LimitRequestFieldsize, respectively.
Does this really mean that URL more than 8190 bytes would be rejected?
Or I am mixing something here?
* DEFAULT_LIMIT_REQUEST_FIELDS can be modified or disabled (set = 0) by
* the server config directive LimitRequestFields.
If disabled, it would not check it at all, right? What would be the
limits in that case?
In src/usr.sbin/httpd/src/main/http_core.c lim is an int type, so
would the limit
be only the int type limit? :
static const char *set_limit_req_fieldsize(cmd_parms *cmd, void *dummy,
char *arg)
{
const char *err = ap_check_cmd_context(cmd,
NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT);
int lim;
if (err != NULL) {
return err;
}
lim = atoi(arg);
if (lim 0) {
return ap_pstrcat(cmd-temp_pool, LimitRequestFieldsize \, arg,
\ must be a non-negative integer (0 = no limit),
NULL);
}
if (lim DEFAULT_LIMIT_REQUEST_FIELDSIZE) {
return ap_psprintf(cmd-temp_pool, LimitRequestFieldsize \%s\
must not exceed the precompiled maximum of %d,
arg, DEFAULT_LIMIT_REQUEST_FIELDSIZE);
}
cmd-server-limit_req_fieldsize = lim;
return NULL;
}
From this, is there any way to handle what is being shown (not 500 I guess?) in
case of matching the if (lim DEFAULT_LIMIT_REQUEST_FIELDSIZE) { ? I would
also like to determine the IPs of those requests for blacklisting or so.
(Please feel free to ignore it if its a lazy question)
2. In the CGI context, do fgets(input, len+1, stdin) and
fread(buff, contentlength, 1, stdin) make a difference?
fgets terminates buff with a '\0', wich is imho better than plain
fread. otoh, both are ok if buff is large enough(!) and you know
what you're doing.
How is buffer allocating handled in the kernel? Does it really allocates the
memory at once of waits until the actual data flow-in. I mean if kernel really
frees and prepares those chunks at once, server load could really increase
only by getting the requests and giving space for each of the processes if
I choose to be on the safe side and use really big buffers.
I know this is a newbie question, but I have to now this; sorry.
yes ;) if there is a buffer overflow, it's in your cgi, not in httpd.
but it can be prevented by interpreting the env variables info correctly
I hope:)
httpd's chroot can prevent an attacker from getting a shell and do more
harm. Depending on your application, he can still do a lot of damage to
your application or to other clients (XSS attacks for example).
Thank you for the example.
read the superb manpages of the functions you want to use. there are
often examples and pointers to
Re: nice and convenient way to check latest current src changes?
2) Is there a nice and fast method to check the latest changes with the cvs command? cvs has a diff command that is clearly described in the manual page: http://www.openbsd.org/cgi-bin/man.cgi?query=cvsapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html
sound card woes
Hi, I have a few questions regarding sound cards and OpenBSD, in particular the Dell Sound Blaster Live! I seem to have been lumped with. Is it really completely unsupported as this[1] post seems to indicate? If it's unsupported why does the kernel seem to think that it is? Bug? The card was actually bought as a replacement for my motherboards built-in card (auvea) which hasn't worked as long as i can remember and doesn't look like it's going to be fixed anytime soon[2]. Is anybody aware of any (basic) sound card I can buy and be reasonably confident it will work? Please CC any replies as I'm not subscribed. Thanks. [1]: http://marc.theaimsgroup.com/?l=openbsd-miscm=112253665203552 [2]: http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yesnumbers=4504 OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Athlon(TM) XP 2000+ (AuthenticAMD 686-class, 256KB L2 cache) 1.66 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE cpu0: AMD Powernow: TS real mem = 1073307648 (1048152K) avail mem = 972660736 (949864K) using 4278 buffers containing 53768192 bytes (52508K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(bf) BIOS, date 04/21/04, BIOS32 rev. 0 @ 0xf1aa0 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x2162 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf2080/224 (12 entries) pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT82C586 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xd000 0xd/0x6000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA VT8377 PCI rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8235 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon 9200 PRO rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ATI Radeon 9200 PRO Sec rev 0x01 at pci1 dev 0 function 1 not configured bce0 at pci0 dev 9 function 0 Broadcom BCM4401 rev 0x01: irq 4, address 00:e0:18:a1:31:f0 bmtphy0 at bce0 phy 1: BCM4401 10/100baseTX PHY, rev. 0 emu0 at pci0 dev 11 function 0 Creative Labs SoundBlaster Live (Dell) rev 0x00: irq 3 ac97: codec id 0x83847608 (SigmaTel STAC9708/11) ac97: codec features 18 bit DAC, 18 bit ADC, SigmaTel 3D audio0 at emu0 Creative Labs PCI Gameport Joystick rev 0x00 at pci0 dev 11 function 1 not configured ral0 at pci0 dev 14 function 0 Ralink RT2560 rev 0x01: irq 10, address 00:0e:2e:5c:2d:0f ral0: MAC/BBP RT2560 (rev 0x04), RF RT2525 uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x80: irq 7 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x80: irq 7 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x80: irq 7 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 3 VIA VT6202 USB rev 0x82: irq 7 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered viapm0 at pci0 dev 17 function 0 VIA VT8235 ISA rev 0x00 iic0 at viapm0 unknown at iic0 addr 0x18 not configured asbtm0 at iic0 addr 0x2d lm1 at iic0 addr 0x2f: W83791D pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: IC35L060AVVA07-0 wd0: 16-sector PIO, LBA, 58644MB, 120103200 sectors wd1 at pciide0 channel 0 drive 1: WDC WD2000JB-00GVA0 wd1: 16-sector PIO, LBA48, 190782MB, 390721968 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: PIONEER, DVD-RW DVR-108, 1.20 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 biomask fbe5 netmask fff5 ttymask fff7 pctr: user-level cycle counter enabled mtrr: Pentium Pro MTRR support uhidev0 at uhub1 port 2 configuration 1 interface 0 uhidev0: Microsoft Microsoft 3-Button Mouse with IntelliEye(TM), rev 1.10/3.00, addr 2, iclass 3/1 ums0 at uhidev0: 3 buttons and Z dir. wsmouse0 at ums0 mux 0 dkcsum: wd0
Re: sendmail is no more in NetBSD src tree
Christos Zoulas has removed sendmail from the NetBSD source tree. This was the result of a lot of bickering long discussion about the security track of sendmail. Sendmail will continue to be available from pkgsrc. You seem to be lost. This is an OpenBSD mailing list. Adam He posted it here for the flame. Ok, let's flame. blah blah blah Ok, I've finished my portion of flame.
Re: nice and convenient way to check latest current src changes?
Here's a quick perl script to extract the html:
#!/usr/bin/perl
#
# cvs_dates.pl
while(STDIN)
{
my($line) = $_;
chomp($line);
if( $line =~ /(\d{4}-\d{2}-\d{2}).{28}(\d{10,20})/ )
{
my($d) = $1;
my($id) = $2;
print $d, , $id, \n;
}
}
And just do something like:
wget -q -O - 'http://marc.theaimsgroup.com/?l=openbsd-cvsr=1b=200605w=2'
| perl cvs_dates.pl
On 5/29/06, Didier Wiroth [EMAIL PROTECTED] wrote:
Hello,
To follow the current source changes I usually check the following website:
http://marc.theaimsgroup.com/?l=openbsd-cvsr=1b=200605w=2
This isn't very handy as you have to click every message to view the log
message and the files that were changed.
1) Is there a nice way to see current source changes?
(If possible, I would prefer NOT to subscribe to another new mailing list!)
2) Is there a nice and fast method to check the latest changes with the cvs
command?
Thank you very much
Didier
Re: nice and convenient way to check latest current src changes?
Or even simpler... from my crontab:
cd /usr/src cvs -q update -PAd -rOPENBSD_3_9 21 |mail -s CVS update `date
+%Y-%m-%d` your mail here
I run this at 6:04am each day so it is completed before I get into work.
You could add a check to see if there is any output from the cvs command
before sending the mail, but I like to see the output so I'm sure the
job was actually processed
On Tue, 30 May 2006 13:55:10 -0400
Peter Blair [EMAIL PROTECTED] wrote:
Here's a quick perl script to extract the html:
#!/usr/bin/perl
#
# cvs_dates.pl
while(STDIN)
{
my($line) = $_;
chomp($line);
if( $line =~ /(\d{4}-\d{2}-\d{2}).{28}(\d{10,20})/ )
{
my($d) = $1;
my($id) = $2;
print $d, , $id, \n;
}
}
And just do something like:
wget -q -O -
'http://marc.theaimsgroup.com/?l=openbsd-cvsr=1b=200605w=2' | perl
cvs_dates.pl
On 5/29/06, Didier Wiroth [EMAIL PROTECTED] wrote:
Hello,
To follow the current source changes I usually check the following
website:
http://marc.theaimsgroup.com/?l=openbsd-cvsr=1b=200605w=2 This
isn't very handy as you have to click every message to view the log
message and the files that were changed.
1) Is there a nice way to see current source changes?
(If possible, I would prefer NOT to subscribe to another new
mailing list!)
2) Is there a nice and fast method to check the latest changes
with the cvs command?
Thank you very much
Didier
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Breen Ouellette wrote: Could you provide a model number for your generic i386 mainboard? Is it a vpn1411 you are using on the non-Soekris board, or the vpn1401 (PCI or mini-PCI)? Have you used your net4801 without the vpn1411? If so, did you get any of these errors without the vpn1411? What version of OpenBSD are you using on these machines? Eh, sorry, it was a 1401 in my soekris :-) The soekris has a ral(4) minipci and a vpn1401 pci The i386 is a Intel L440GX+ with a vpn1401 and a sk(4) (Linksys EG1064) Both are running -currentish, updated about once or twice a month
CARP weirdness
Hi all, I've got two 3.9 boxes that are running CARP vhosts on two interfaces. Box A: net.inet.carp.preempt = 1 advskew = 0 Box B: net.inet.carp.preempt = 1 advskew = 100 Box B is preempting Box A every few days, and Box A will not become master again until I reboot it. Unplugging Box B does not make Box A become master. When Box A is marked as the backup, it seems to be working fine. I can ping hosts on the inside and outside interfaces, and I can ping Box B on the pfsync interface. I read in the 3.9 release notes that a bug was fixed that caused slaves to keep preempting the master server. Is this bug not totally fixed, or do I have buggy hardware or something? Thanks, Ken Ebling
Re: Kernel panic smashed stack in ufs_makeinode
I got another kernel panic: free: non-malloced addr 0x10 type temp Many programs seg fault with Program terminated with signal 11, Segmentation fault The memory has been tested with memtest86. Any idees? -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Jerome Loyet Envoye : mardi 30 mai 2006 04:03 A : misc@openbsd.org Objet : Kernel panic smashed stack in ufs_makeinode Hello, I've just installed OpenBSD 3.9 and I've stranged behaviours. I've sometimes some seg fault, sometimes the system crashed with or without a panic in dmesg. I got once: --- panic: smashed stack in ufs_makeinode Stopped at It's a dedicated server, I don't have access to the console. Do you have any idee ? Thx a lot, ++ Jerome Here is my dmesg: OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 2000MHz (CentaurHauls 686-class) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT, CFLUSH,ACPI,MM X,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1056481280 (1031720K) avail mem = 957259776 (934824K) using 4278 buffers containing 52928512 bytes (51688K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(a1) BIOS, date 04/28/06, BIOS32 rev. 0 @ 0xf9350 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xc4e4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc440/160 (8 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 8 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 0xd/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 vendor VIA, unknown product 0x0314 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor VIA, unknown product 0x1314 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor VIA, unknown product 0x2314 rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 vendor VIA, unknown product 0x4314 rev 0x00 pchb5 at pci0 dev 0 function 7 vendor VIA, unknown product 0x7314 rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 PCI-PCI rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor VIA, unknown product 0x3344 rev 0x01: aperture at 0xf400, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) vge0 at pci0 dev 14 function 0 VIA VT612x rev 0x11: irq 10, address 00:40:63:e5:c1:45 ciphy0 at vge0 phy 1: Cicada CS8201 10/100/1000TX PHY, rev. 2 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST3160812AS wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide1: channel 0 disabled (no drives) pciide1: channel 1 ignored (disabled) viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00 iic0 at viapm0 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lm0 at isa0 port 0x290/8: W83697HF npx0 at isa0 port 0xf0/16: using exception 16 biomask fbfd netmask fffd ttymask pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 WARNING: / was not properly unmounted [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
Re: nice and convenient way to check latest current src changes?
On 2006/05/30 10:28, Luke Bakken wrote: 2) Is there a nice and fast method to check the latest changes with the cvs command? cvs has a diff command that is clearly described in the manual page: and there's log too (both of which work recursively and can be limited by date), *but* if you want a list of everything as it changes, probably the simplest way is to read the source-changes list; the daily digest is usually quite manageable (though as you'd guess, the exception being at hackathon time).
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Hello, I had the same problem and symtoms as you. net4801 + 1411 vpn + corrupted mac on input. I've upgraded to a current build a few minutes ago, I did not get any errors anymore. (If you decide to upgrade too and you use pppoe, don't forget to read www.openbsd.org/faq/current.html because spppcontrol became obsolete.) regards didier [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of didier.wiroth.31190DEFANGED-vcf]
BitTorrent too many files open
I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. I set --max_files_open 50 even though it's supposedly the default. Sysctl is set at the default. I can't find it right now but I saw one article that mentioned that for the BSDs python needs to be compiled so it can manipulate certain system attributes. Help. Thanks, Greg
Re: Kernel panic smashed stack in ufs_makeinode
On 2006/05/30 20:39, Jerome Loyet wrote: I got another kernel panic: free: non-malloced addr 0x10 type temp Many programs seg fault with Program terminated with signal 11, Segmentation fault The memory has been tested with memtest86. Any idees? It's quite likely to be some problem with hardware (maybe cooling, maybe defective components, maybe clocked too high, maybe poor quality power). Last machine I had with lockups, odd kernel panics, etc, was fixed by swapping cpu.
Re: BitTorrent too many files open
Hi Greg, Sysctl is set at the default. What happens if you up the default of kern.maxfiles from 1772 to 70880 or something like that? Bye... Nico
Re: BitTorrent too many files open
Greg Thomas dixit (2006-05-30, 21:16:03): I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. I think you should first start with man 5 login.conf I have a hunch that what you are after is openfiles attribute. See what login class has the user that's launching bittorrent, chpass(1), and modify that class's openfiles attribute(s) or create a new login class with higher permissions and include that user in this new login class. -- Florin Iamandi (Slippery) Reason is the first victim of emotion. -- Scytale, Dune Messiah
Re: BitTorrent too many files open
Try using rtorrents. Take a look at the man pages and give it a go. There's also another bittorrent client on /ports/net, but I forgot its name. But it has been mentioned here on the list somewhere... a quick search on the archives for bittorrent and you may find it. On 5/30/06, Greg Thomas [EMAIL PROTECTED] wrote: I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. I set --max_files_open 50 even though it's supposedly the default. Sysctl is set at the default. I can't find it right now but I saw one article that mentioned that for the BSDs python needs to be compiled so it can manipulate certain system attributes. Help. Thanks, Greg -- An OpenBSD user... and that's all you need to know =)
PC Card monitor
Does anybody have suggestion for a program that monitors the insert of PC Cards (or USB devices), and runs user defined scripts based upon the device inserted? For example, I have a laptop that I insert a Sierra Wireless card, a Wifi PC Card or a USB Wifi device. I would like to auto-configure the default routes based upon which device is present, and un-configure when that device is removed. Currently, I use a cron job to parse the output of demsg, and take action based on whether the device is present or not. It looks as though OpenBSD had a daemon called pcmciad that did just that. ( http://www.rocketaware.com/man/man8/pcmciad.8.htm ) Also, FreeBSD has a similar daemon called pccardd. There was mention of a program in this post ( http://marc.theaimsgroup.com/?l=openbsd-miscm=102250494514944w=2 ), but the link to the code no longer works. Thanks, Tom http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Didier Wiroth wrote: Hello, I had the same problem and symtoms as you. net4801 + 1411 vpn + corrupted mac on input. I've upgraded to a current build a few minutes ago, I did not get any errors anymore. So, just to verify, as of -current you can no longer cause the error by running the script (for a minimum of ten minutes) in the top post? Thanks. Breeno
Re: BitTorrent too many files open
On Tue, 30 May 2006, Nico Meijer wrote: Hi Greg, Sysctl is set at the default. What happens if you up the default of kern.maxfiles from 1772 to 70880 or something like that? Bye... Nico My guess this is a per-process open file descriptor limit problem, see ulimit. -Otto
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Peter Strvmberg wrote: Eh, sorry, it was a 1401 in my soekris :-) The soekris has a ral(4) minipci and a vpn1401 pci The i386 is a Intel L440GX+ with a vpn1401 and a sk(4) (Linksys EG1064) Both are running -currentish, updated about once or twice a month That is actually interesting. If you have the problems using the PCI version of the card on a net4801, then that removes the mini-PCI slot as a source of the error (which nudges the problem a bit in the direction of the drivers as a source of the error). Would you be willing to run that script to verify that it causes the error on your equipment? Thanks for the update. Breeno
Re: PC Card monitor
On Tue, 30 May 2006 13:37:54 -0600 Tom Geman [EMAIL PROTECTED] wrote: Does anybody have suggestion for a program that monitors the insert of PC Cards (or USB devices), and runs user defined scripts based upon the device inserted? man hotplugd Adam
Re: sendmail is no more in NetBSD src tree
On Tue, 30 May 2006 16:31:20 +0300 Alexey E. Suslikov [EMAIL PROTECTED] wrote: http://www.feyrer.de/NetBSD/bx/blosxom.cgi/nb_20060530_1030.html quote: Christos Zoulas has removed sendmail from the NetBSD source tree. This was the result of a lot of bickering long discussion about the security track of sendmail. Sendmail will continue to be available from pkgsrc. Read the FAQ.
Re: PC Card monitor
On 2006/05/30 13:37, Tom Geman wrote: Does anybody have suggestion for a program that monitors the insert of PC Cards (or USB devices), and runs user defined scripts based upon the device inserted? $ man -k hotplug hotplug (4) - devices hot plugging hotplugd (8) - devices hot plugging monitor daemon
Re: [Fwd: 'Corrupted MAC on input' points to vpn1411 problem]
Stoyan Genov wrote: I seem to no-longer be able to find what I once found in google search results, so take this with a grain of salt, but if my memory serves me correctly, there exists a series of net4801 boards with a problematic capacitor somewhere in the PCI bus circuitry which could be causing the problem. Or maybe this is just a myth. I think you may be thinking of the capacitor problem with the net4501. Different beast. I use two net4801 boards with vpn1411 cards and I DO get these errors ocasionally with all patch- (post-release) kernels since OpenBSD 3.6 Would you be willing to run the script from the top post to confirm that you get the error? Please run the script for a minimum of ten minutes. Thanks. Breeno
Re: nice and convenient way to check latest current src changes?
Didier Wiroth [EMAIL PROTECTED] writes: 1) Is there a nice way to see current source changes? (If possible, I would prefer NOT to subscribe to another new mailing list!) Point a newsreader at : nntp://news.gmane.org:gmane.os.openbsd.cvs -- deanna at sdf
Re: BitTorrent too many files open
Greg Thomas escribis: I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. I set --max_files_open 50 even though it's supposedly the default. Sysctl is set at the default. I can't find it right now but I saw one article that mentioned that for the BSDs python needs to be compiled so it can manipulate certain system attributes. Help. Thanks, Greg Greg You need to increase the limit of file descriptors the user in question can open at once. Use ulimit, -n is the flag you want to use. Cheers, Salvador.
Re: Kernel panic smashed stack in ufs_makeinode
From: [EMAIL PROTECTED] I got another kernel panic: free: non-malloced addr 0x10 type temp Many programs seg fault with Program terminated with signal 11, Segmentation fault The memory has been tested with memtest86. Any idees? I've had memtest86 report good memory when I had a system throwing spurious signal 11s. The fix was swapping out memory in the end. I don't suppose memtest86 is supposed to be able to detect all memory problems, yeah? DS
Re: Recommended window manager for OpenBSD
hello has anyone tried evilwm (http://www.6809.org.uk/evilwm/)? is it any good? i am looking for a good simple keyboard controllable WM. i am doing mostly development. thanks konstantin
Re: BitTorrent too many files open
On 5/30/06, Otto Moerbeek [EMAIL PROTECTED] wrote: On Tue, 30 May 2006, Nico Meijer wrote: Hi Greg, Sysctl is set at the default. What happens if you up the default of kern.maxfiles from 1772 to 70880 or something like that? Bye... Nico My guess this is a per-process open file descriptor limit problem, see ulimit. I bumped it up to 512 from 64, and it's almost done now. I assume that was the problem. Thanks, Greg
Re: Kernel panic smashed stack in ufs_makeinode
In fact this is not just a problem with my machine. I bought a dedicated server (www.dedibox.fr). I installed OpenBSD 3.9 on it. Other people did exactly the same and the have the same problem. This is NOT a hardware which is disfunctioning. This must be a problem of compatibility. Any idees ? -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Spruell, Darren-Perot Envoyi : mardi 30 mai 2006 23:06 @ : misc@openbsd.org Objet : Re: Kernel panic smashed stack in ufs_makeinode From: [EMAIL PROTECTED] I got another kernel panic: free: non-malloced addr 0x10 type temp Many programs seg fault with Program terminated with signal 11, Segmentation fault The memory has been tested with memtest86. Any idees? I've had memtest86 report good memory when I had a system throwing spurious signal 11s. The fix was swapping out memory in the end. I don't suppose memtest86 is supposed to be able to detect all memory problems, yeah? DS [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
Re: Recommended window manager for OpenBSD
On 5/30/06, akonsu [EMAIL PROTECTED] wrote: hello has anyone tried evilwm (http://www.6809.org.uk/evilwm/)? is it any good? Try it yourself. Its one of the smallest wms I have ever used. It doesn't do much, but it does all it claims well. I've used it in the past when I just wanted a bunch of xterms and I have no complaints. -Sam
Re: PC Card monitor
Date: Tue, 30 May 2006 16:06:28 -0400 On Tue, 30 May 2006 13:37:54 -0600 Tom Geman [EMAIL PROTECTED] wrote: Does anybody have suggestion for a program that monitors the insert of PC Cards (or USB devices), and runs user defined scripts based upon the device inserted? man hotplugd Adam Perfect ... I thought there had to be something, coudln't find what it might be called. Thanks, Tom _ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
Re: Sendmail access question
On Thu, May 25, 2006, Mike Spenard wrote: So, I am looking to find out how to do it entirely within sendmail. Ive tried doing.. *.* REJECT spamd.mydomain.com OK Of course not, only what's documented will work (as I wrote before). Connect:1 REJECT Connect:2 REJECT ... Connect:255 REJECT Connect:1.2.3.4 OK The last entry is the IP address from which you want to accept connections.
Re: BitTorrent too many files open
Leonardo Rodrigues wrote: Try using rtorrents. Take a look at the man pages and give it a go. There's also another bittorrent client on /ports/net, but I forgot its name. But it has been mentioned here on the list somewhere... a quick search on the archives for bittorrent and you may find it. rtorrent. The author has a shell on my machine so every release gets tested on a real openbsd host before it's released. http://libtorrent.rakshasa.no/ And it works much better than standard bittorrent. And it's also in ports. # Han
cgi with chroot
i'm using php right now and things are fine. however, after reading various threads on the (recommended by several people here) MARC (http://marc.theaimsgroup.com/?l=openbsd-misc) list, i was curious about learning some new things like: cgi fastcgi lighttpd ruby which came up in the discussions. i tried to got a ksh script to work after i copied the ksh into /var/www/bin my understanding is that the chrooted environment doesn't give access to the /bin/ksh program. i tried the same thing with python, but kept getting Internal Server Error on the browser and the following in the error_log: No such file or directory: exec of /htdocs/z/jonpy1.cgi failed Premature end of script headers: /htdocs/z/jonpy1.cgi i tried the same thing with ruby (copied both ruby and erb into /var/www/bin) and got the same thing again. so is there something else i need to do to get cgi working in openbsd's chrooted environment? (also, lighttpd looks really neat and clean, but i don't think it runs chrooted by default, right? (it's .conf file is in /etc) so to get it to do that would require understanding just what the chrooted process involves, which i can find from the web.) -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's
Re: Kernel panic smashed stack in ufs_makeinode
On 2006/05/30 23:28, Jirtme Loyet wrote: In fact this is not just a problem with my machine. I bought a dedicated server (www.dedibox.fr). I installed OpenBSD 3.9 on it. Other people did exactly the same and the have the same problem. That means it's less likely to be a failure particular to your machine, but it doesn't mean the hardware is certainly good. This is NOT a hardware which is disfunctioning. This must be a problem of compatibility. From what I understand, these boxes have VIA C7 CPU, CN700 northbridge (DDR2 RAM, V4 system bus) - if it's not an EPIA-EN then it's something similar. By using such very new hardware, you might expect to spend some time chasing faults - maybe compatibility problems, maybe design faults. Perhaps you could try some 'officially-supported' OS, and stress it very hard (compile complex software, e.g. kernels, gcc, maybe while running software like 'stress' as found in /usr/ports/sysutils/stress' at the same time, etc). This can not prove that the hardware is _good_ (since the other OS is likely to use the CPU/RAM differently it may just avoid using those instructions which fail - or, who knows - may be there's some hardware fault which has been quietly worked-around in the other OS). But if it fails there too, there's clearly a wider problem.
Re: BitTorrent too many files open
Greg Thomas [EMAIL PROTECTED] wrote: I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. Quoting from README.OpenBSD: If a torrent contains many files or the client has connections to many peers, it may be necessary to increase the limit on the maximum number of open file descriptors per process (ulimit -n). -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: cgi with chroot
Original message Date: Tue, 30 May 2006 15:34:00 -0700 From: prad [EMAIL PROTECTED] Subject: cgi with chroot To: misc@openbsd.org i'm using php right now and things are fine. however, after reading various threads on the (recommended by several people here) MARC (http://marc.theaimsgroup.com/?l=openbsd-misc) list, i was curious about learning some new things like: cgi fastcgi lighttpd ruby which came up in the discussions. i tried to got a ksh script to work after i copied the ksh into /var/www/bin my understanding is that the chrooted environment doesn't give access to the /bin/ksh program. this seems like it could be a security worry, but i'm not qualified to say that with certainty. i tried the same thing with python, but kept getting Internal Server Error on the browser and the following in the error_log: No such file or directory: exec of /htdocs/z/jonpy1.cgi failed Premature end of script headers: /htdocs/z/jonpy1.cgi i tried the same thing with ruby (copied both ruby and erb into /var/www/bin) and got the same thing again. so is there something else i need to do to get cgi working in openbsd's chrooted environment? man ldd. it will tell you which, if any, dynamic libraries you need in your chroot. (also, lighttpd looks really neat and clean, but i don't think it runs chrooted by default, right? (it's .conf file is in /etc) so to get it to do that would require understanding just what the chrooted process involves, which i can find from the web.) -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's
Re: libfreetype/fonts in today's X snapshot
On Mon, May 29, 2006 at 11:36:27PM +0100, Stuart Henderson wrote: after installing the #836: May 28 13:56:11 snapshot and the X of a few hours previous, libfreetype broke in such a way that only certain fonts would be read, e.g. from the msttcorefonts only Courier New worked (so that running mkfontscale or ttmkfdir on a dir with those fonts creates a fonts.scale listing only the Courier New variants). I removed the msttcorefonts package and rebuilt it from ports, and then it started working again. (That might have just been dumb luck though; I don't remember exactly what else I might have fiddled with in the process.)
Re: Recommended window manager for OpenBSD
On Tue, 30 May 2006 14:22:51 -0700, akonsu [EMAIL PROTECTED] said: hello has anyone tried evilwm (http://www.6809.org.uk/evilwm/)? is it any good? i am looking for a good simple keyboard controllable WM. i am doing mostly development. I don't know about evilwm, but a bunch of people have already mentioned 'ion' that does this well. -- Eric Furman [EMAIL PROTECTED]
Re: BitTorrent too many files open
On 5/30/06, Christian Weisgerber [EMAIL PROTECTED] wrote: Greg Thomas [EMAIL PROTECTED] wrote: I'm using bittorrent.curses to try to get a large concert downloaded but I'm getting IO Error [Errno 24] Too many open files. Quoting from README.OpenBSD: If a torrent contains many files or the client has connections to many peers, it may be necessary to increase the limit on the maximum number of open file descriptors per process (ulimit -n). Damn, right there in front of me. I had obviously read the RDR part but neglected the last sentence since it had worked on the torrents up until today. And then today I only scanned the README.txt file. Thanks, Greg
Re: cgi with chroot
On Tuesday 30 May 2006 16:09, Jacob Yocom-Piatt wrote: Original message man ldd. it will tell you which, if any, dynamic libraries you need in your chroot. thank jacob. it certainly seems like a good idea! ldd /usr/local/bin/ruby gave StartEnd Type Open Ref GrpRef Name exe 10 0 /usr/local/bin/ruby 0e71b000 2e749000 rlib 01 0 /usr/local/lib/libruby.so.1.84 03e03000 23e0a000 rlib 02 0 /usr/lib/libm.so.2.1 08573000 285a4000 rlib 01 0 /usr/lib/libc.so.39.0 0e0c 0e0c rtld 01 0 /usr/libexec/ld.so so i copied them appropriately into a usr dir under /var/www i have mod_ruby and the appropriate changes in the httpd.conf file. but still no go :( actually, i'm puzzled suddenly by all this. php sits in /usr/local/bin - yet it runs find having just the php.ini file inside the chroot environment. may be that file may give some clues as to how this was done for php and may point the way for ruby. -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's
Re: cgi with chroot
On Tue, 30 May 2006 17:20:30 -0700 prad [EMAIL PROTECTED] wrote: i have mod_ruby and the appropriate changes in the httpd.conf file. You are going to need to copy the entire ruby module directory. I think that that is all you will need, since the other libs should be loaded when mod_ruby is loaded (when apache first starts, before chrooting). Mod_ruby, mod_perl, etc aren't designed with chrooted apache in mind. If you want to use cgi, then you need the ruby interpreter itself and all the libs, and all the modules. php sits in /usr/local/bin - yet it runs find having just the php.ini file inside the chroot environment. may be that file may give some clues as to how this was done for php and may point the way for ruby. The php binary isn't involved, its the PHP apache module that is used. And it does need its modules in the chroot too, see /var/www/lib/php. Adam
Re: cgi with chroot
On Tue, 30 May 2006 15:34:00 -0700 prad [EMAIL PROTECTED] wrote: (also, lighttpd looks really neat and clean, but i don't think it runs chrooted by default, right? (it's .conf file is in /etc) so to get it to do that would require understanding just what the chrooted process involves, which i can find from the web.) It can run chrooted if you want. I'm not sure I would trust it though, its had some really dumb security problems in the past, and they haven't been particularly upfront about it. Just sticking secure in the list of design goals doesn't mean anything. Adam
Re: Static functions in C code
On Tue, May 30, 2006 at 04:55:14PM +0300, Denis Doroshenko wrote: why would you even want that (moreover in opensource)? hide for what reason? It's called lexical scoping - it has nothing really to do with security more to do with preventing namespace pollution. Clearly you have never written a library. By scoping functions static you are indicating that the functions are private and are not part of the interface available for use. You do this actually to protect the users of your code - you don't need to care about namespace clashes e.g. you can call the internal function next_one() without fear, if the function is not statically scoped then you would have to prefix the function with __mylib_next_one() or suchlike otherwise a consumer of your library would get a duplicate symbol if they created their own function next_one(), or even worse the consumer's function will be called by the library internals... no doubt doing the wrong thing. Secondly it means that you, as the library creator, are able to change the internal interfaces at whim without needing to be concerned about the impact on the consumers of your library. Sure, people can modify the source and remove the static from the function but that this point they are lining a gun up on their foot with their finger on the trigger - if they happen to put a bullet through their foot they have noone to blame but themselves. Again, it's not a security issue - it's a usuability/api issue. -- Brett Lymn
Re: cgi with chroot
On Tue, May 30, 2006 at 03:34:00PM -0700, prad wrote: i'm using php right now and things are fine. however, after reading various threads on the (recommended by several people here) MARC (http://marc.theaimsgroup.com/?l=openbsd-misc) list, i was curious about learning some new things like: cgi fastcgi lighttpd ruby which came up in the discussions. i tried to got a ksh script to work after i copied the ksh into /var/www/bin my understanding is that the chrooted environment doesn't give access to the /bin/ksh program. i tried the same thing with python, but kept getting Internal Server Error on the browser and the following in the error_log: No such file or directory: exec of /htdocs/z/jonpy1.cgi failed Premature end of script headers: /htdocs/z/jonpy1.cgi i tried the same thing with ruby (copied both ruby and erb into /var/www/bin) and got the same thing again. so is there something else i need to do to get cgi working in openbsd's chrooted environment? (also, lighttpd looks really neat and clean, but i don't think it runs chrooted by default, right? (it's .conf file is in /etc) so to get it to do that would require understanding just what the chrooted process involves, which i can find from the web.) Hello prad, Of course if you run a webserver chrooted you have to care that all library and stuff a program (in that case a CGI) needs, are accessibly withing the chrooted environment. But you already got that tip. The error message you get Premature end of script headers means that the HTTP header generated by your CGI is not correct. You need at least to tell the webserver what content type your CGI generates before sending any further data. For example in a sh script: #!/bin/sh echo Content-Type: text/html echo echo I'm sorry Dave, I'm afraid I can't do that. The empty echo represents a second \n which signals the end of a HTTP header. Regards, Marcus -- Marcus Glocker, [EMAIL PROTECTED], http://www.nazgul.ch -
Re: cgi with chroot
On Wed, May 31, 2006 at 06:10:13AM +0200, Marcus Glocker wrote: Hello prad, Of course if you run a webserver chrooted you have to care that all library and stuff a program (in that case a CGI) needs, are accessibly withing the chrooted environment. But you already got that tip. The error message you get Premature end of script headers means that the HTTP header generated by your CGI is not correct. You need at least to tell the webserver what content type your CGI generates before sending any further data. For example in a sh script: #!/bin/sh echo Content-Type: text/html echo echo I'm sorry Dave, I'm afraid I can't do that. Oh, for that example Content-Type: text/plain would be correct :) -- Marcus Glocker, [EMAIL PROTECTED], http://www.nazgul.ch -
Re: no data channel with pf/ftp-proxy on 3.9
ok, I just modified my configuration to be the same as the example pf.conf
I have ftp-proxy going and I've even tried setting -r but that still doesn't
do it.
Here is my pf.conf
# macros
externalInterface=sis0
internalInterface=fxp0
tcp_services={ 22, 113 }
icmp_types=echoreq
webServer=10.1.1.191
# options
set block-policy return
set loginterface $externalInterface
set skip on lo
# scrub
scrub in
# nat/rdr
nat on $externalInterface from !($externalInterface) -
($externalInterface:0)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $internalInterface proto tcp to port ftp - 127.0.0.1 port 8021
rdr on $externalInterface proto tcp from any to any port 80 - $webServer
# filter rules
block in
pass out keep state
anchor ftp-proxy/*
antispoof quick for { lo $internalInterface }
pass in on $externalInterface inet proto tcp from any to
($externalInterface) port $tcp_services flags S/SA keep state
pass in on $externalInterface inet proto tcp from any to $webServer port 80
flags S/SA synproxy state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass quick on $internalInterface
no data channel with pf/ftp-proxy on 3.9
on a fresh install of OpenBSD 3.9 from reading http://www.openbsd.org/faq/pf/ftp.html edited my pf.conf and added these lines: nat-anchor ftp-proxy/* rdr-anchor ftp-proxy/* rdr on $internalInterface proto tcp from any to any port 21 - 127.0.0.1port 8021 anchor ftp-proxy/* I also uncommented ftp-proxy=NO in /etc/rc.conf ftpproxy_flags= debugged connection with ftp-proxy -d -D7 and saw that it gets to the data portion showing the entire login sequence and stopping at LIST and my ftp client shows this: Command:LIST Response:425 Can't open data connection. Error:Could not retrieve directory listing I use sftp whereever I can but some of my clients don't so I have to have ftp available to my developers, but they can't get to certain ftp servers. Is there something obvious that I am leaving out? Here is my paired down pf.conf. I'm just trying to get things working again. internalInterface=fxp0 externalInterface=sis0 nat-anchor ftp-proxy/* nat on $externalInterface from $internalInterface:network to any - ($externalInterface) rdr-anchor ftp-proxy/* rdr on $internalInterface proto tcp from any to any port 21 - 127.0.0.1port 8021 anchor ftp-proxy/* pass in log on $externalInterface inet proto tcp from any to $externalInterface user proxy keep state
Re: cgi with chroot
On Wed, 31 May 2006 06:13:12 +0200 Marcus Glocker [EMAIL PROTECTED] wrote: #!/bin/sh echo Content-Type: text/html echo echo I'm sorry Dave, I'm afraid I can't do that. HTTP headers are terminated by \r\n not \n. Adam
dd problem
hello, i wanted to create an ISO image of a CDROM, so i ran this command: dd if=/dev/cd0a of=my.iso and i waited and waited for about 30 minutes until i just gave up and pressed ^C. the resulting iso file was much larger than the source disc. i guess if i give dd the correct count parameter then it would stop, but why would not it stop by itself when it reaches the end of disc? what was wrong? (if it matters, i was running dd from the shell started from the 3.9installation CD, i did not have the system installed on my hard drive) thanks for any help konstantin
Re: Status of tomcat on OpenBSD
From: Jeremy Huiskamp [EMAIL PROTECTED] Date: May 29, 2006 11:46:07 PM EDT (CA) To: Leonardo Rodrigues [EMAIL PROTECTED] Subject: Re: Status of tomcat on OpenBSD And failing that, vanilla tomcat usually just requires an unpack and run, so long as you've got java installed properly. In case you wanted to go with something from the 5.5 series... I haven't tried it on openbsd but the packaging changes don't look that extensive so you could probably apply them yourself to any version. I've run 5.5 by just unpacking it without problems on a simple application. I couldn't get data sources to work properly on 5.0 (certainly user error and not a problem with the package -- I was just too pressed for time to figure it out). -Josh
Re: cgi with chroot
On Wed, May 31, 2006 at 12:38:10AM -0400, Adam wrote: #!/bin/sh echo Content-Type: text/html echo echo I'm sorry Dave, I'm afraid I can't do that. HTTP headers are terminated by \r\n not \n. Yes, correctly HTTP headers are terminated by \r\n. But most webservers also understand \n in case of a CGI header. And this example generates \n not \r\n: 000 C o n t e n t - T y p e : t e 010 x t / p l a i n \n \n I ' m s o 020 r r y D a v e , I ' m a f 030 r a i d I c a n ' t d o 040 t h a t . \n 046 Have a nice day. -- Marcus Glocker, [EMAIL PROTECTED], http://www.nazgul.ch -
Re: libfreetype/fonts in today's X snapshot
On Tue, 30 May 2006, Matthew R. Dempsky wrote: I removed the msttcorefonts package and rebuilt it from ports, and then it started working again. (That might have just been dumb luck though; I don't remember exactly what else I might have fiddled with in the process.) Well, this is what I did too. But my Bistream fonts are not coming back, only the mssttcore fonts... :( -- Antoine
UP
-- Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer
