Re: Contributing and Shame [Was: Lenovo notebooks?]

[Otto Moerbeek]

On Sat, 28 Oct 2006, Breen Ouellette wrote:

 Eliah Kagan wrote:
  That would still be most OpenBSD users, wouldn't it?
 
 I honestly do not know as I do not have access to the size of the user base
 nor the financial needs of the project. If 5000 users gave $100 per year to
 the project that would be half a million dollars. Are there 5000 users? Is
 half a million per year more or less than the project earns now? Half a
 million seems like a lot, but it only represents 10 developers on a yearly
 salary of $50,000, and I personally feel that there are  developers that are
 worth at least that much for a full time contribution. Do the paid developers
 currently take more or less salary to work full time on OpenBSD? How much of
 the yearly budget needs to go toward hardware purchases? Operating expenses?
 Does Revenue Canada get its dirty little fingers into this? There are too many
 unknown variables to answer this.

There is one known factor, though: almost all developers work as
volunteers, the project does not pay salaries (there have been
exceptions, but I'm talking about the current situation). Some
developers work for companies and do OpenBSD (related) stuff in their
work time, but in general, developers work in their spare time.  The
exception being Theo, of course. 

-Otto

minimum hardware requirements for NTP server?

[jjhartley]

I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time 
source instead of punching a hole periodically in a firewall to query the 
Internet time servers.  Does anyone have recommendations for the minimum 
hardware required to implement this?  I have old 200MHz, 400MHz, 600MHz,  
800MHz boxes which could be used.  Thanks for any candor provided.

Jim

Re: minimum hardware requirements for NTP server?

[Edgars]

Hi!
You can do it on any old machine, is ti 200mhz or 1ghz :)

[EMAIL PROTECTED] wrote:

I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time source 
instead of punching a hole periodically in a firewall to query the Internet time 
servers.  Does anyone have recommendations for the minimum hardware required to 
implement this?  I have old 200MHz, 400MHz, 600MHz,  800MHz boxes which could 
be used.  Thanks for any candor provided.

Jim

Re: minimum hardware requirements for NTP server?

[Marc Balmer]

[EMAIL PROTECTED] wrote:

I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time source 
instead of punching a hole periodically in a firewall to query the Internet time 
servers.  Does anyone have recommendations for the minimum hardware required to 
implement this?  I have old 200MHz, 400MHz, 600MHz,  800MHz boxes which could 
be used.  Thanks for any candor provided.


Any of these will do.  An NTP server barely uses any ressources.

- mb

Re: minimum hardware requirements for NTP server?

[ymc014]

 I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time
source instead of punching a hole periodically in a firewall to query the
Internet time servers.  Does anyone have recommendations for the minimum
hardware required to implement this?  I have old 200MHz, 400MHz, 600MHz, 
800MHz boxes which could be used.  Thanks for any candor provided.


A 200 MHz would do, me thinks.

Re: Is there a deluser equivalent in OpenBSD?

[Stuart Henderson]

On 2006/10/29 00:04, Leonardo Rodrigues wrote:
 Actually, it wouldn't be practical to manually edit /etc/group. An
 userdel-like command is needed in the smb.conf of the samba server
 in order to graphically and easily manage users on the server by using
 a Windows NT server tool.

Either write a script to do it (simple shell scripting is enough, or perl
or something else could be more elegant), or google and see if you can find
something suitable since the problem must exist for some other OS too.

weird /etc/fstab problem

[Tobias Weisserth]

Hi everybody,

I have setup an old Pentium with OpenBSD 3.9 to do some basic  
filtering and NAT at my parents place after a Smoothwall installation  
I did some two years ago got rooted recently.


Everything works just fine, except I have a problem with mounting  
partitions from /etc/fstab that I don't understand.


This is what my /etc/fstab looks like at the moment:

/dev/wd0a / ffs ro 1 1
/dev/wd0g /home ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0f /tmp ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0d /usr ffs rw,nodev 1 2
/dev/wd0e /var ffs rw,nodev,noexec,nosuid 1 2

After I boot the machine, mount -v outputs this:

/dev/wd0a on / type ffs (rw, local, ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0g on /home type ffs (rw, local, nodev, noexec, nosuid,  
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0f on /tmp type ffs (rw, local, nodev, noexec, nosuid,  
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0d on /usr type ffs (rw, local, nodev, ctime=Sun Oct 29  
11:04:57 2006)
/dev/wd0e on /var type ffs (rw, local, nodev, noexec, nosuid,  
ctime=Sun Oct 29 11:04:57 2006)


Why is / not mounted read-only? Is it because the system needs it to  
be writable during system startup? Do I have to remount it ro after  
booting?


Thanks for your help,
Tobias W.

Re: Lenovo notebooks

[Jonathan Thornburg]

In http://marc.theaimsgroup.com/?l=openbsd-miscm=116184662612115w=1,
martin g op3nbsdlist () gmail ! com asks
 Has anyone got experience with Lenovo notebooks running OpenBSD.
 If you are so kind to share your experience.

I'm using a Thinkpad T43p (2GB memory, 100GB disk) with 3.9-stable.
Speedstep and 'apmd -C' are ok.

Even with 2GB memory, mfs is limited to a bit under 1GB, and process
data size is limited to 1GB, but these are generic OpenBSD i386 limits,
not specific to this hardware.

The builtin bge0 (10/100Mbit ethernet) is 'interesting':
* it works fine when connected to an ethernet *switch* (eg Netgear DS105)
* it works fine when connected to some ethernet *hubs* (eg Netgear DS104)
* it doesn't work at all (no carrier) when connected to some other
  ethernet *hubs*, even ones of the same model (Netgear DS104) which
  work fine with other people's Thinkpads.
In the (normal) case when it works fine, I typically get around 8 MB/second
at 60-80% CPU usage for scp of large files to/from nearby fast machines
over a 100Mbit switched network.

The builtin ath0 (wavelan) works fine.

USB flash disks work fine with either 'mount -t msdos' or mtools.
I haven't tried any pcmcia cards.  I haven't tried audio.

X.org is beautiful at 1600x1200 pixels, but it doesn't recognize
the middle mouse button. :(

Suspend to ram (= Fn-F4) works fine, although the builtin bge0 network
port looses its state (needs 'sh /etc/netstart' to get it going again).

The main thing I've found which doesn't work at all well is sending video
to the external video connector to drive a projector for conference
presentations.  The usual tricks like changing the X resolution (with
'xrandr') and toggling Fn-F7 have no effect whatsoever -- so far as I
can tell there's no signal at all going to the external video connector.
The only way I have found to make this work is to reboot, enter the
IBM BIOS setup, and set the 'boot video device' to 'LCD + VGA' (instead
of the default 'Thinkpad LCD').  The machine then boots normally (with
the console display), but when I start X the builtin display is blank
and 1280x1024 video is sent to the external connector.  My usual
'xterm -fn 7x14 -fg white -bg black' is really ugly in this video mode,
but 'xpdf -fullscreen' looks fine.

ciao,

-- 
-- Jonathan Thornburg [EMAIL PROTECTED]  
   Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut),
   Golm, Germany, Old Europe http://www.aei.mpg.de/~jthorn/home.html  
   Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral.
  -- quote by Freire / poster by Oxfam

Re: weird /etc/fstab problem

[Edgars]

/ is rw -  read-write not ro

Tobias Weisserth wrote:

Hi everybody,

I have setup an old Pentium with OpenBSD 3.9 to do some basic 
filtering and NAT at my parents place after a Smoothwall installation 
I did some two years ago got rooted recently.


Everything works just fine, except I have a problem with mounting 
partitions from /etc/fstab that I don't understand.


This is what my /etc/fstab looks like at the moment:

/dev/wd0a / ffs ro 1 1
/dev/wd0g /home ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0f /tmp ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0d /usr ffs rw,nodev 1 2
/dev/wd0e /var ffs rw,nodev,noexec,nosuid 1 2

After I boot the machine, mount -v outputs this:

/dev/wd0a on / type ffs (rw, local, ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0g on /home type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0f on /tmp type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0d on /usr type ffs (rw, local, nodev, ctime=Sun Oct 29 
11:04:57 2006)
/dev/wd0e on /var type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)


Why is / not mounted read-only? Is it because the system needs it to 
be writable during system startup? Do I have to remount it ro after 
booting?


Thanks for your help,
Tobias W.


--This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: weird /etc/fstab problem

[Edgars]

Sorry, hangover, problems with reading and understanding :)

Tobias Weisserth wrote:

Hi everybody,

I have setup an old Pentium with OpenBSD 3.9 to do some basic 
filtering and NAT at my parents place after a Smoothwall installation 
I did some two years ago got rooted recently.


Everything works just fine, except I have a problem with mounting 
partitions from /etc/fstab that I don't understand.


This is what my /etc/fstab looks like at the moment:

/dev/wd0a / ffs ro 1 1
/dev/wd0g /home ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0f /tmp ffs rw,nodev,noexec,nosuid 1 2
/dev/wd0d /usr ffs rw,nodev 1 2
/dev/wd0e /var ffs rw,nodev,noexec,nosuid 1 2

After I boot the machine, mount -v outputs this:

/dev/wd0a on / type ffs (rw, local, ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0g on /home type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0f on /tmp type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)
/dev/wd0d on /usr type ffs (rw, local, nodev, ctime=Sun Oct 29 
11:04:57 2006)
/dev/wd0e on /var type ffs (rw, local, nodev, noexec, nosuid, 
ctime=Sun Oct 29 11:04:57 2006)


Why is / not mounted read-only? Is it because the system needs it to 
be writable during system startup? Do I have to remount it ro after 
booting?


Thanks for your help,
Tobias W.


--This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: weird /etc/fstab problem

[Nick Guenther]

On 10/29/06, Edgars [EMAIL PROTECTED] wrote:


Tobias Weisserth wrote:
 Hi everybody,

 I have setup an old Pentium with OpenBSD 3.9 to do some basic
 filtering and NAT at my parents place after a Smoothwall installation
 I did some two years ago got rooted recently.

 Everything works just fine, except I have a problem with mounting
 partitions from /etc/fstab that I don't understand.

 This is what my /etc/fstab looks like at the moment:

 /dev/wd0a / ffs ro 1 1
 /dev/wd0g /home ffs rw,nodev,noexec,nosuid 1 2
 /dev/wd0f /tmp ffs rw,nodev,noexec,nosuid 1 2
 /dev/wd0d /usr ffs rw,nodev 1 2
 /dev/wd0e /var ffs rw,nodev,noexec,nosuid 1 2

 After I boot the machine, mount -v outputs this:

 /dev/wd0a on / type ffs (rw, local, ctime=Sun Oct 29 11:04:57 2006)
 /dev/wd0g on /home type ffs (rw, local, nodev, noexec, nosuid,
 ctime=Sun Oct 29 11:04:57 2006)
 /dev/wd0f on /tmp type ffs (rw, local, nodev, noexec, nosuid,
 ctime=Sun Oct 29 11:04:57 2006)
 /dev/wd0d on /usr type ffs (rw, local, nodev, ctime=Sun Oct 29
 11:04:57 2006)
 /dev/wd0e on /var type ffs (rw, local, nodev, noexec, nosuid,
 ctime=Sun Oct 29 11:04:57 2006)

 Why is / not mounted read-only? Is it because the system needs it to
 be writable during system startup? Do I have to remount it ro after
 booting?

/ is rw -  read-write not ro


I other words: yes. The operation of mounting requires you to be able
to write to the filesystem you are mounting on to (at least, that's
how my intuition tells me it should work; otherwise an attacker with
mount might be able to overload the mounted filesystems on a
read-only filesystems, defeating the purpose of the read-only)

I believe just rerunning mount with different options on the
already-mounted fs will do it, right?

-Nick

Re: weird /etc/fstab problem

[Stuart Henderson]

On 2006/10/29 11:38, Tobias Weisserth wrote:
 Why is / not mounted read-only?

vi +/uw /etc/rc

if you change this, you'll probably want writable /dev: you can include
an mfs partition in /etc/fstab and use the -p option to copy the files if
you like.

Re: weird /etc/fstab problem

[Stuart Henderson]

On 2006/10/29 06:23, Nick Guenther wrote:
 I other words: yes. The operation of mounting requires you to be able
 to write to the filesystem you are mounting on to

I admin a number of boxes that disprove this theory (-:

 (at least, that's how my intuition tells me it should work; otherwise
 an attacker with mount might be able to overload the mounted filesystems
 on a read-only filesystems, defeating the purpose of the read-only)

 I believe just rerunning mount with different options on the
 already-mounted fs will do it, right?

think about what you're saying here: if it's possible to remount (which
it is), an attacker with mount(8) can defeat RO anyway (and of course they
could mount a new /usr/bin or whatever over the top of the existing one).

# mount -uw /
# mount -ur /

Re: bridge(4) RSTP

[Stuart Henderson]

On 2006/10/27 14:03, Pete Vickers wrote:
 A nice start could be to teach our tcpdump about RSTP. At present it  
 just pukes:

something like this? (coding style probably sucks, but I'm no coder :)

Index: print-stp.c
===
RCS file: /data/cvsroot/OpenBSD/src/usr.sbin/tcpdump/print-stp.c,v
retrieving revision 1.4
diff -u -r1.4 print-stp.c
--- print-stp.c 20 Dec 2004 08:30:40 -  1.4
+++ print-stp.c 29 Oct 2006 13:13:02 -
@@ -63,11 +63,22 @@
 #include llc.h
 
 #defineSTP_MSGTYPE_CBPDU   0x00
+#defineSTP_MSGTYPE_RBPDU   0x02/* 802.1W RSTP */
 #defineSTP_MSGTYPE_TBPDU   0x80
 
 #defineSTP_FLAGS_TC0x01/* Topology change */
 #defineSTP_FLAGS_TCA   0x80/* Topology change ack 
*/
 
+#defineRSTP_FLAGS_PROPOSAL 0x02
+#defineRSTP_FLAGS_LEARNING 0x10
+#defineRSTP_FLAGS_FORWARDING   0x20
+#defineRSTP_FLAGS_AGREEMENT0x40
+
+#defineRSTP_MASK_PORTROLE  0x0C
+#defineRSTP_ROLE_ALTERNATE 0x04
+#defineRSTP_ROLE_ROOT  0x08
+#defineRSTP_ROLE_DESIGNATED0x0C
+
 static void stp_print_cbpdu(const u_char *, u_int, int);
 static void stp_print_tbpdu(const u_char *, u_int);
 
@@ -102,9 +113,13 @@
printf( unknown protocol id(0x%x), id);
return;
}
-   if (p[2] != 0) {
-   printf( unknown protocol ver(0x%x), p[2]);
-   return;
+   if (p[2] == 2 ) {
+   printf( RSTP);
+   } else {
+   if (p[2] != 0) {
+   printf( unknown protocol ver(0x%x), p[2]);
+   return;
+   }
}
p += 3;
len -= 3;
@@ -113,6 +128,7 @@
goto truncated;
switch (*p) {
case STP_MSGTYPE_CBPDU:
+   case STP_MSGTYPE_RBPDU:
stp_print_cbpdu(p, len, cisco_sstp);
break;
case STP_MSGTYPE_TBPDU:
@@ -154,6 +170,28 @@
printf(%stc, (x++ != 0) ? , : );
if ((*p)  STP_FLAGS_TCA)
printf(%stcack, (x++ != 0) ? , : );
+   if ((*p)  RSTP_FLAGS_PROPOSAL)
+   printf(%sproposal, (x++ != 0) ? , : );
+   if ((*p)  RSTP_FLAGS_LEARNING)
+   printf(%slearn, (x++ != 0) ? , : );
+   if ((*p)  RSTP_FLAGS_FORWARDING)
+   printf(%sfwd, (x++ != 0) ? , : );
+   if ((*p)  RSTP_FLAGS_AGREEMENT)
+   printf(%sagree, (x++ != 0) ? , : );
+
+   t = ((*p)  RSTP_MASK_PORTROLE);
+
+   switch (t) {
+   case RSTP_ROLE_ALTERNATE:
+   printf(%srole=alt, (x++ != 0) ? , : );
+   break;
+   case RSTP_ROLE_ROOT:
+   printf(%srole=root, (x++ != 0) ? , : );
+   break;
+   case RSTP_ROLE_DESIGNATED:
+   printf(%srole=desig, (x++ != 0) ? , : );
+   break;
+   }
putchar('');
}
p += 1;

Re: minimum hardware requirements for NTP server?

[Henning Brauer]

* [EMAIL PROTECTED] [EMAIL PROTECTED] [2006-10-29 08:59]:
 I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time 
 source instead of punching a hole periodically in a firewall to query the 
 Internet time servers.  Does anyone have recommendations for the minimum 
 hardware required to implement this?  I have old 200MHz, 400MHz, 600MHz,  
 800MHz boxes which could be used.  Thanks for any candor provided.

I have a slower vax serving our entire network.
it doesn't have usb tho, thus no gps

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: minimum hardware requirements for NTP server?

[Marc Balmer]

Henning Brauer wrote:


I have a slower vax serving our entire network.
it doesn't have usb tho, thus no gps


nmea(4) works over serial lines, too.

Re: minimum hardware requirements for NTP server?

[Mike Pugh]

On Sun, 2006-10-29 at 01:58, [EMAIL PROTECTED] wrote:
 set up OpenBSD 4.0 as an NTP server using GPS 
 as the time source 
 minimum hardware required to implement this? 

Although I'm not using GPS I am using a 20 MHz Sparc with OpenBSD 3.9 as
my home NTP (and internal DNS) server. Works fine but took most of a day
to do the install. It crunched for hours making SSH keys. 
Mike 

Re: weird /etc/fstab problem

[Tobias Weisserth]

Hi,

On Oct 29, 2006, at 12:27 PM, Stuart Henderson wrote:


vi +/uw /etc/rc


This is exactly what I was looking for. Thanks for the hint. I'll  
give it a try.


regards,
Tobias W.

Secure Apache Webserver

[Aiko Barz]

Hello,

I already discussed this subject on the list. There were several
possible solutions for this subject and I have chosen one, I would like
to present now.

The problem: I have several vhosts, which are used by several people.
The Apache is running with $UID 67. Users can access the system by using
scponly, which is jailed into /var/www. No problem here so far.
This issue was, that all scripts must be readable or even writeable for
the Apache Webserver. So one hacked page could damage other vhosts by
writing some PHP code to access the other vhosts within /var/www.

My solution:
1. I made SuExec working within the chroot environment.
   (http://www.openbsdsupport.org/ApacheSuexecChroot.html)
2. I wrote a patch for suexec.c to handle *.php correctly.
   (http://files.haeckser.net/haeckser.net/suexec.patch)
3. I compiled PHP by my own with CGI-support and moved the binary into
   the chroot.
4. I removed mod_php and mod_perl and set the Apache directives User,
   Group, AddHandler cgi-script and Options +ExecCGI.

Now, every PHP-script has the permissions 700 and gets executed with its
own $UID. I feel much better now. :)

Bye,
Aiko

-- 
Aiko Barz [EMAIL PROTECTED]
Web: http://www.haeckser.de

Re: Is there a deluser equivalent in OpenBSD?

[Ingo Schwarze]

Nick Guenther wrote on Sat, Oct 28, 2006 at 11:21:40PM -0400:
 On 10/28/06, Leonardo Rodrigues [EMAIL PROTECTED] wrote:

 Actually, it wouldn't be practical to manually edit /etc/group.
[...]
 Also, er, call me dumb, but after rereading usermod(8), I really see
 no way to explicitly remove an user from a group... =(

[...]
 As a hack, could you write a short script to edit it and call that?

cd /etc \
 sed '/^foogroup/s/baruser,*//'  group  group.new \
 mv group.new group

This is a noop unless baruser is a member of foogroup,
but it changes the /etc/group ctime even then.  Hm.

cd /etc \
 sed '/^foogroup/s/baruser,*//'  group  group.new \
; diff group group.new \
 rm group.new \
 echo no change \
|| mv group.new group

Re: pf load balancing and failover

[Sylwester S. Biernacki]

On Friday, October 27, 2006, at 12:23:24, Pete Vickers wrote:

 Hi Berk,

 I'm really intereted in this. I have a load of legacy tcp session  
 based load balancing with I'd love to migrate to an OpenBSD/pf based  
 solution. Do you have a patch with applies cleanly to 4.0 ?

afair this patch is applied in -current tree and we are using it for a
few weeks now and works preety well.

We are rdring all traffic between 3 servers in farm: 10.0.0.13,14,15
so we are using -k 0.0.0.0/0 :-)


#!/bin/sh

$webserver1=10.0.0.13
$webserver2=10.0.0.14
$webserver3=10.0.0.15

removeweb() (
# removeweb table ip
  pfctl -t $1 -Td $2
  pfctl -k 0.0.0.0/0 -k $2
)

addweb() (
# addweb table ip
  pfctl -t $1 -Ta $2
)

while true ; do  {
  webstatus1=`curl --connect-timeout 10 $webserver1 2/dev/null`
  webstatus2=`curl --connect-timeout 10 $webserver2 2/dev/null`
  webstatus3=`curl --connect-timeout 10 $webserver3 2/dev/null`

  if [ X$webstatus1 != XOK ]; then
removeweb wwwfarm $webserver1
  else
addweb wwwfarm $webserver1
  fi

  if [ X$webstatus2 != XOK ]; then
removeweb wwwfarm $webserver2
  else
addweb wwwfarm $webserver2
  fi

  if [ X$webstatus3 != XOK ]; then
removeweb wwwfarm $webserver3
  else
addweb wwwfarm $webserver3
  fi

} ;

sleep 5;
done

exit 0





-- 
Sylwester S. Biernacki [EMAIL PROTECTED]
X-NET, http://www.xnet.com.pl/

Re: Lenovo notebooks

[Greg Thomas]

On 10/29/06, Jonathan Thornburg [EMAIL PROTECTED] wrote:

In http://marc.theaimsgroup.com/?l=openbsd-miscm=116184662612115w=1,
martin g op3nbsdlist () gmail ! com asks
 Has anyone got experience with Lenovo notebooks running OpenBSD.
 If you are so kind to share your experience.

I'm using a Thinkpad T43p (2GB memory, 100GB disk) with 3.9-stable.
Speedstep and 'apmd -C' are ok.

Even with 2GB memory, mfs is limited to a bit under 1GB, and process
data size is limited to 1GB, but these are generic OpenBSD i386 limits,
not specific to this hardware.

The builtin bge0 (10/100Mbit ethernet) is 'interesting':
* it works fine when connected to an ethernet *switch* (eg Netgear DS105)
* it works fine when connected to some ethernet *hubs* (eg Netgear DS104)
* it doesn't work at all (no carrier) when connected to some other
  ethernet *hubs*, even ones of the same model (Netgear DS104) which
  work fine with other people's Thinkpads.
In the (normal) case when it works fine, I typically get around 8 MB/second
at 60-80% CPU usage for scp of large files to/from nearby fast machines
over a 100Mbit switched network.

The builtin ath0 (wavelan) works fine.

USB flash disks work fine with either 'mount -t msdos' or mtools.
I haven't tried any pcmcia cards.  I haven't tried audio.

X.org is beautiful at 1600x1200 pixels, but it doesn't recognize
the middle mouse button. :(



If you turn off the touch pad in the BIOS and use only the trackpoint
then the middle mouse button works.  I never use the touch pad so this
works fine for me.

Greg

Re: Is there a deluser equivalent in OpenBSD?

[Leonardo Rodrigues]

Thanks everyone for the input. I guess I'll stick to a little script then =)
Though, it seems a bit strange that OpenBSD lacks something like that.
I thought it was a given.

--
An OpenBSD user... and that's all you need to know =)

Re: minimum hardware requirements for NTP server?

[Chris Kuethe]

On 10/29/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

I would like to set up OpenBSD 4.0 as an NTP server using GPS as the time source 
instead of punching a hole periodically in a firewall to query the Internet time 
servers.  Does anyone have recommendations for the minimum hardware required to 
implement this?  I have old 200MHz, 400MHz, 600MHz,  800MHz boxes which could 
be used.  Thanks for any candor provided.


I run some very happy time servers on Sparcstation LX (50MHz) or
Sparcstation1 (85MHz).

CK

--
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: Is there a deluser equivalent in OpenBSD?

[Ingo Schwarze]

Leonardo Rodrigues wrote on Sun, Oct 29, 2006 at 01:45:15PM -0300:
 Though, it seems a bit strange that OpenBSD lacks something like that.

Look at it from a different perspective:

There are other operating systems out there featuring thousands of
lines of complicated scripts just to ensure that users never need
to do simple tasks themselves.

In addition to the usual simplicity improves maintainability and
usability argument, my impression is that OpenBSD actively encourages
users to understand how the system works - and to understand which
tasks are simple and which ones aren't.

On first sight, an additional option remove from group to usermod(8)
might not hurt much.  As a second thought, how would you call it, -g
and -G are already occupied; yet it is important for learners to
have option names as few and as mnemonic as possible, and please lets
not get into --remove-from-group.  As a third thought, what might be
the next special case that somebody could come up with for plausible
reasons?  And finally, once you add an option, you have to live with
it for good, as somebody will certainly rely on it.

At least, i understand that features of this kind are not top priority.

Re: pf load balancing and failover

[Sylwester S. Biernacki]

On Sunday, October 29, 2006, at 15:43:09, Berk D. Demir wrote:

 We are rdring all traffic between 3 servers in farm: 10.0.0.13,14,15
 so we are using -k 0.0.0.0/0 :-)

 If you're not using sticky addresses, you don't need the patch.
 If you're using them, you should use the patch and kill the lingering 
 src-track entries with pfctl option '-K' (capital K)
huh - you're right... our application working in wwwfarm is clever one
and don't need sticky-address option in rdr rules:)

-- 
Sylwester S. Biernacki [EMAIL PROTECTED]
X-NET, http://www.xnet.com.pl/

new postgresql in ports

[LeVA]

Hi!

There was a commit today which updates postgresql to version 8.1.5. This 
fix made it to the stable branch too, so will there be a package for 
it, or I have to compile it from ports?
I don't really understand how this updating process work yet, so just 
forgive (but not ignore :) me, if I'm writing foolish things.

Thanks!

Daniel

-- 
LeVA

Re: Is there a deluser equivalent in OpenBSD?

[Otto Moerbeek]

On Sat, 28 Oct 2006, Philip Guenther wrote:

 On 10/28/06, Leonardo Rodrigues [EMAIL PROTECTED] wrote:
  Thanks, but usermod (with -G arg) seems to only let me add users to a
  group or multiple groups, but not remove them . The man page, from
  what I could understand, also says nothing about removing users =(
 
 I would call this a bug in usermod: when run with the -G option it
 should set the user's secondary group list to include exactly the
 indicated groups.  That's how usermod operates under Solaris and Linux
 and is the obvious way to provide the functionality, though it _is_
 kind of klunky.

No worries, usermod -G sets the secondary group list, like the man
pages says and like other systems do.

-Otto

Re: Is there a deluser equivalent in OpenBSD?

[Otto Moerbeek]

On Sun, 29 Oct 2006, Otto Moerbeek wrote:

 On Sat, 28 Oct 2006, Philip Guenther wrote:
 
  On 10/28/06, Leonardo Rodrigues [EMAIL PROTECTED] wrote:
   Thanks, but usermod (with -G arg) seems to only let me add users to a
   group or multiple groups, but not remove them . The man page, from
   what I could understand, also says nothing about removing users =(
  
  I would call this a bug in usermod: when run with the -G option it
  should set the user's secondary group list to include exactly the
  indicated groups.  That's how usermod operates under Solaris and Linux
  and is the obvious way to provide the functionality, though it _is_
  kind of klunky.
 
 No worries, usermod -G sets the secondary group list, like the man
 pages says and like other systems do.

Oops, my memory and test were both wrong. Indeed, -G does not delete
membership. 

-Otto

Re: weird /etc/fstab problem

[Nick Guenther]

On 10/29/06, Stuart Henderson [EMAIL PROTECTED] wrote:

think about what you're saying here: if it's possible to remount (which
it is), an attacker with mount(8) can defeat RO anyway (and of course they
could mount a new /usr/bin or whatever over the top of the existing one).

# mount -uw /
# mount -ur /



Right, blah, tired.

So is it simply not possible?

-Nick

Re: Is there a deluser equivalent in OpenBSD?

[Han Boetes]

Otto Moerbeek wrote:
  No worries, usermod -G sets the secondary group list, like the
  man pages says and like other systems do.

 Oops, my memory and test were both wrong. Indeed, -G does not
 delete membership.

This seems to produce a groups file with all old systemaccounts
removed.

~% cat cleangroups 
#!/bin/sh
cat /etc/group |while read line; do
unset newusers
users=${line##*:}
group=${line%:*}
for user in $(echo $users|tr ',' ' '); do
if userinfo -e $user; then
if [ -n $newusers ]; then
newusers=$newusers,$user
else
newusers=$user
fi
fi
done
echo $group:$newusers
done



# Han

docs for OpenLDAP and cyrus-imapd on OpenBSD?

[Paul Pruett]

Looking for docs for OpenLDAP and cyrus-imapd on OpenBSD

I am trying to implement cyrus-imap on OpenBSD sendmail for virtual 
hosting with support for  pop3, imap (localhost), and smtp-auth.


I've googled so much information with that just did not quite fit
that it is daunting for those of us who are unfamiliar with ldap.

I have made some progress like I had actually hacked cyrus-imap to
use the mysql for authentication, got cyradm to work by modifying
/etc/hosts and so on..., was making that progress till I found that 
saslauthd will not support SQL, so I could not 
go that way for smtp-auth with sendmail.


After that endeavor I decided that I will need bite the bullet and 
become proficient with open-ldap because both sendmail and cyrus-imap 
appear to have mature support for LDAP, unlike mysql.


(and yes I've read a thousand times that LDAP is more appropriate than SQL 
for non relational lookups...,  I have also been told that I should give 
up sendmail and use postfix, but I have a lot of investment in labor on 
our sendmail milter setups...)



THAT said, if someone has good documentation links, helpful suggestions, 
or would not mind filling in the gaps offline - I would appreciate it.

Re: Is there a deluser equivalent in OpenBSD?

[Eric Furman]

On Sun, 29 Oct 2006 19:15:56 +0100, Ingo Schwarze [EMAIL PROTECTED]
said:
 Leonardo Rodrigues wrote on Sun, Oct 29, 2006 at 01:45:15PM -0300:
  Though, it seems a bit strange that OpenBSD lacks something like that.

 On first sight, an additional option remove from group to usermod(8)
 might not hurt much.  As a second thought, how would you call it, -g
 and -G are already occupied; yet it is important for learners to
 have option names as few and as mnemonic as possible, and please lets
 not get into --remove-from-group.  As a third thought, what might be
 the next special case that somebody could come up with for plausible
 reasons?  And finally, once you add an option, you have to live with
 it for good, as somebody will certainly rely on it.

Instead of usermod -G group

Re: new postgresql in ports

[viq]

On 29/10/06, LeVA [EMAIL PROTECTED] wrote:

Hi!

There was a commit today which updates postgresql to version 8.1.5. This
fix made it to the stable branch too, so will there be a package for
it, or I have to compile it from ports?
I don't really understand how this updating process work yet, so just
forgive (but not ignore :) me, if I'm writing foolish things.



From what I've seen, for current the packages are usually built

something like once or twice a month, for most arches. For stable,
from the discussions here I understand packages are (re)built if they
are updated, but pretty much only for i386. So if you don't want to
wait, or are on a different architecture, you need to build it from
ports.


Thanks!

Daniel

--
LeVA





--
viq

Re: docs for OpenLDAP and cyrus-imapd on OpenBSD?

[Sam Fourman Jr.]

I have also been looking for this information

Sam Fourman Jr.

On 10/29/06, Paul Pruett [EMAIL PROTECTED] wrote:

Looking for docs for OpenLDAP and cyrus-imapd on OpenBSD

I am trying to implement cyrus-imap on OpenBSD sendmail for virtual
hosting with support for  pop3, imap (localhost), and smtp-auth.

I've googled so much information with that just did not quite fit
that it is daunting for those of us who are unfamiliar with ldap.

I have made some progress like I had actually hacked cyrus-imap to
use the mysql for authentication, got cyradm to work by modifying
/etc/hosts and so on..., was making that progress till I found that
saslauthd will not support SQL, so I could not
go that way for smtp-auth with sendmail.

After that endeavor I decided that I will need bite the bullet and
become proficient with open-ldap because both sendmail and cyrus-imap
appear to have mature support for LDAP, unlike mysql.

(and yes I've read a thousand times that LDAP is more appropriate than SQL
for non relational lookups...,  I have also been told that I should give
up sendmail and use postfix, but I have a lot of investment in labor on
our sendmail milter setups...)


THAT said, if someone has good documentation links, helpful suggestions,
or would not mind filling in the gaps offline - I would appreciate it.

Re: Is there a deluser equivalent in OpenBSD?

[Eric Furman]

On Sun, 29 Oct 2006 19:15:56 +0100, Ingo Schwarze [EMAIL PROTECTED]
said:
 On first sight, an additional option remove from group to usermod(8)
 might not hurt much.  As a second thought, how would you call it, -g
 and -G are already occupied; yet it is important for learners to
 have option names as few and as mnemonic as possible, and please lets
 not get into --remove-from-group.  As a third thought, what might be
 the next special case that somebody could come up with for plausible
 reasons?  And finally, once you add an option, you have to live with
 it for good, as somebody will certainly rely on it.

instead of usermod -G group; to add to group. you could
usermod -G - group; to remove from group
just a thought...

but as has been pointed out, it is trivial to write a script
that would automatically go out and modify /etc/group
on even a large number of boxes.

This is rough, needs polishing, use at own risk, blah blah...

BOXES=server1 server 2 server3. . .

for box in $BOXES
do
  { sleep 5;echo username;sleep 2;echo password;sleep 2;
echosudo do some command left as exercise for reader;
sleep 3;echo exit; } |telnet $box 2/tmp/rcmd.error 1/dev/null
done

Re: Is there a deluser equivalent in OpenBSD?

[Otto Moerbeek]

On Sun, 29 Oct 2006, Eric Furman wrote:

 On Sun, 29 Oct 2006 19:15:56 +0100, Ingo Schwarze [EMAIL PROTECTED]
 said:
  On first sight, an additional option remove from group to usermod(8)
  might not hurt much.  As a second thought, how would you call it, -g
  and -G are already occupied; yet it is important for learners to
  have option names as few and as mnemonic as possible, and please lets
  not get into --remove-from-group.  As a third thought, what might be
  the next special case that somebody could come up with for plausible
  reasons?  And finally, once you add an option, you have to live with
  it for good, as somebody will certainly rely on it.
 
 instead of usermod -G group; to add to group. you could
 usermod -G - group; to remove from group
 just a thought...
 
 but as has been pointed out, it is trivial to write a script
 that would automatically go out and modify /etc/group
 on even a large number of boxes.
 
 This is rough, needs polishing, use at own risk, blah blah...
 
 BOXES=server1 server 2 server3. . .
 
 for box in $BOXES
 do
   { sleep 5;echo username;sleep 2;echo password;sleep 2;
 echosudo do some command left as exercise for reader;
 sleep 3;echo exit; } |telnet $box 2/tmp/rcmd.error 1/dev/null
 done

You got to be kidding. This is the worst script I've seen in ages.

-Otto

Applying patch ?

[Maverick]

Hi i am quite new to openbsd. I have download the patchs from the openbsd
website and extract it.
I run the command to fix the first bug

patch 001_sendmail.patch

However it taking more then 15 mins and still staying there. Is there any
thing wrong with what i have been doing? What should i do to apply the patch
for openbsd 3.9

Thanks you very much.

Best regard
-- 
View this message in context: 
http://www.nabble.com/Applying-patch---tf2536341.html#a7066168
Sent from the openbsd user - misc mailing list archive at Nabble.com.

Re: docs for OpenLDAP and cyrus-imapd on OpenBSD?

[Berk D. Demir]

Paul Pruett wrote:
THAT said, if someone has good documentation links, helpful suggestions, 
or would not mind filling in the gaps offline - I would appreciate it.




If all you want about LDAP is to authenticate your users from LDAP,
then Cyrus IMAPd will just do it from sasl interface.

Be sure you have installed cyrus-sasl package with ldap flavor.

An example /etc/saslauthd.conf will look like this

ldap_servers: ldap://127.0.0.1
ldap_search_base: dc=your,dc=base,dc=dn
ldap_filter: ((uid=%u)(objectClass=inetOrgPerson))
ldap_auth_method: userPassword

As you can guess, %u gets replaced with username.
userPassword auth method means authentication will occur with binding.

And related lines for /etc/imapd.conf

sasl_mech_list: plain
sasl_pwcheck_method:saslauthd
sasl_saslauthd_path:/your/path/to/saslauthd/mux


Good luck...

Re: Applying patch ?

[Berk D. Demir]

Maverick wrote:

Hi i am quite new to openbsd. I have download the patchs from the openbsd
website and extract it.
I run the command to fix the first bug

patch 001_sendmail.patch

However it taking more then 15 mins and still staying there. Is there any
thing wrong with what i have been doing? What should i do to apply the patch
for openbsd 3.9


Patch is waiting for input from stdin.

You should use it like:
$ cd /usr/src
$ patch -p0  /path/to/001_sendmail.patch

This was documented in the FAQ.
http://www.openbsd.org/faq/faq10.html#Patches

OpenBSD FAQ is actively maintained to be a one-stop-resource for the 
beginners. Tremendous effort goes into it.

You should use it pragmatically...

Re: Applying patch ?

[thomas]

Am Sonntag, 29. Oktober 2006 23:13 schrieben Sie:
 Hi i am quite new to openbsd. I have download the patchs from the
 openbsd website and extract it.
 I run the command to fix the first bug

 patch 001_sendmail.patch

 However it taking more then 15 mins and still staying there. Is
 there any thing wrong with what i have been doing? What should i do
 to apply the patch for openbsd 3.9

 Thanks you very much.


 Best regard


$ head 001_sendmail.patch
Apply by doing:
cd /usr/src
patch -p0  001_sendmail.patch

And then rebuild and install sendmail:
cd gnu/usr.sbin/sendmail
make obj
make depend
make
make install


see
 http://openbsd.org/faq/faq10.html#Patches

it4s all in the faq...

greetings
thomas

Re: Applying patch ?

[Joel Goguen]

It's sitting there because it's reading from standard input.  Try this
instead:

cd /usr/src/
patch -p0  /path/to/001_sendmail.patch

-- 
Joel Goguen
Bachelor of Computer Science III
University of New Brunswick
http://iapetus.dyndns.org/



Maverick wrote:
 Hi i am quite new to openbsd. I have download the patchs from the openbsd
 website and extract it.
 I run the command to fix the first bug
 
 patch 001_sendmail.patch
 
 However it taking more then 15 mins and still staying there. Is there any
 thing wrong with what i have been doing? What should i do to apply the patch
 for openbsd 3.9
 
 Thanks you very much.
 
 Best regard

Re: Applying patch ?

[Myk Taylor]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

from the text in 001_sendmail.patch:

Apply by doing:
cd /usr/src
patch -p0  001_sendmail.patch

And then rebuild and install sendmail:
cd gnu/usr.sbin/sendmail
make obj
make depend
make
make install


note the '' in the patch -p0... line.

Maverick wrote:
 I run the command to fix the first bug
 
 patch 001_sendmail.patch
 
 However it taking more then 15 mins and still staying there. Is there any
 thing wrong with what i have been doing? What should i do to apply the patch
 for openbsd 3.9
iD8DBQFFRS1DBOPsJyAQkeARAn+KAJ4q2tasJ1uNHvC+M+g1Mgf21D3yNwCdG1gE
RiZjC49uIYNWclGqSNRHpVI=
=FGO8
-END PGP SIGNATURE-

Re: Applying patch ?

[Greg Thomas]

On 10/29/06, Maverick [EMAIL PROTECTED] wrote:

Hi i am quite new to openbsd. I have download the patchs from the openbsd
website and extract it.
I run the command to fix the first bug

patch 001_sendmail.patch

However it taking more then 15 mins and still staying there. Is there any
thing wrong with what i have been doing? What should i do to apply the patch
for openbsd 3.9



It appears that you didn't read the first two lines of the patch:

Apply by doing:
cd /usr/src
patch -p0  001_sendmail.patch

Greg

Re: new postgresql in ports

[LeVA]

2006. October 29. 22:30, viq:
 On 29/10/06, LeVA [EMAIL PROTECTED] wrote:
  Hi!
 
  There was a commit today which updates postgresql to version 8.1.5.
  This fix made it to the stable branch too, so will there be a
  package for it, or I have to compile it from ports?
  I don't really understand how this updating process work yet, so
  just forgive (but not ignore :) me, if I'm writing foolish things.

 From what I've seen, for current the packages are usually built
 something like once or twice a month, for most arches. For stable,
 from the discussions here I understand packages are (re)built if they
 are updated, but pretty much only for i386. So if you don't want to
 wait, or are on a different architecture, you need to build it from
 ports.
I'm using -stable and i386. I can wait, and I want to, if I only knew 
how long... (at least approximately; 1 week | 2 months?). I see that 
screen still hasn't got an updated package, altough there was a 
security update for it a few days (maybe 1 week?) ago.

Daniel

-- 
LeVA

Re: docs for OpenLDAP and cyrus-imapd on OpenBSD?

[Paul Pruett]

If all you want about LDAP is to authenticate your users from LDAP,
then Cyrus IMAPd will just do it from sasl interface.
Be sure you have installed cyrus-sasl package with ldap flavor


I think I need a little more than that, I am not even sure how best
to insert the username realm and password and into which index..
and to that I am on a crash learn of ldap, so that is part of the
picture I'll need to understand asap :(


I figured the flavor thing out when I went down the mysql flavor method,
Also we may need to use the -r option for pkg_add -r
to get the flavor package loaded... Here is how to make flavors and 
-server for those who may google this on the lists:


cd /usr/ports/mail/cyrus-imap
make package

cd /usr/ports/security/cyrus-sasl2
env FLAVOR=ldap make package

cd /usr/ports/databases/openldap/
env SUBPACKAGE=ldap FLAVOR=bdb make package




An example /etc/saslauthd.conf will look like this

ldap_servers: ldap://127.0.0.1
ldap_search_base: dc=your,dc=base,dc=dn
ldap_filter: ((uid=%u)(objectClass=inetOrgPerson))
ldap_auth_method: userPassword

As you can guess, %u gets replaced with username.
userPassword auth method means authentication will occur with binding.

And related lines for /etc/imapd.conf

sasl_mech_list: plain
sasl_pwcheck_method:saslauthd
sasl_saslauthd_path:/your/path/to/saslauthd/mux

Good luck...



I appreciate the above examples and will digest it asap.

I saw several options for imapd.conf that dealt with ldap
without the sasl_ prefix, and that may have mislead also.

A note to other readers, any option in /etc/imapd.conf that
is prefixed with sasl_ may overided the SASL configuration file,
see the man page for imapd.conf and sasl_option


BTW, I know I got off track when I tried settings from an example
slapd.conf from a Linux Gazzette page:
http://linuxgazette.net/124/pfeiffer.html
http://linuxgazette.net/124/misc/pfeiffer/slapd.conf

Re: minimum hardware requirements for NTP server?

[Liam J. Foy]

On 29 Oct 2006, at 07:58, [EMAIL PROTECTED] wrote:

I would like to set up OpenBSD 4.0 as an NTP server using GPS as  
the time source instead of punching a hole periodically in a  
firewall to query the Internet time servers.  Does anyone have  
recommendations for the minimum hardware required to implement  
this?  I have old 200MHz, 400MHz, 600MHz,  800MHz boxes which  
could be used.  Thanks for any candor provided.


Jim



Use whatever box uses the least amount of energy :-)

---
Liam J. Foy
[EMAIL PROTECTED]

Re: Applying patch ?

[Maverick]

Thanks a lot for the answer

I have tried it but i have something after that as well



# cd /usr/src
# patch -p0  001_sendmail.patch
Hmm... Looks like a unified diff to me...
The text leading up to this was:
--
|Apply by doing:
| cd /usr/src
| patch -p0  001_sendmail.patch
|
|And then rebuild and install sendmail:
| cd gnu/usr.sbin/sendmail
| make obj
| make depend
| make
| make install
|
|Index: gnu/usr.sbin/sendmail/libsm/fflush.c
|===
|RCS file: /cvs/src/gnu/usr.sbin/sendmail/libsm/fflush.c,v
|retrieving revision 1.2
|diff -u -p -r1.2 fflush.c
|--- gnu/usr.sbin/sendmail/libsm/fflush.c 1 Oct 2001 17:18:29 - 1.2
|+++ gnu/usr.sbin/sendmail/l



Can you please tell me what i can i do with this?



Greg Thomas-3 wrote:
 
 On 10/29/06, Maverick [EMAIL PROTECTED] wrote:
 Hi i am quite new to openbsd. I have download the patchs from the openbsd
 website and extract it.
 I run the command to fix the first bug

 patch 001_sendmail.patch

 However it taking more then 15 mins and still staying there. Is there any
 thing wrong with what i have been doing? What should i do to apply the
 patch
 for openbsd 3.9

 
 It appears that you didn't read the first two lines of the patch:
 
 Apply by doing:
   cd /usr/src
   patch -p0  001_sendmail.patch
 
 Greg
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Applying-patch---tf2536341.html#a7067350
Sent from the openbsd user - misc mailing list archive at Nabble.com.

Re: Applying patch ?

[Han Boetes]

Maverick wrote:
 Thanks a lot for the answer

 I have tried it but i have something after that as well



 # cd /usr/src
 # patch -p0  001_sendmail.patch
 Hmm... Looks like a unified diff to me...
 The text leading up to this was:
 --
 |Apply by doing:
 | cd /usr/src
 | patch -p0  001_sendmail.patch
 |
 |And then rebuild and install sendmail:
 | cd gnu/usr.sbin/sendmail
 | make obj
 | make depend
 | make
 | make install
 |
 |Index: gnu/usr.sbin/sendmail/libsm/fflush.c
 |===
 |RCS file: /cvs/src/gnu/usr.sbin/sendmail/libsm/fflush.c,v
 |retrieving revision 1.2
 |diff -u -p -r1.2 fflush.c
 |--- gnu/usr.sbin/sendmail/libsm/fflush.c 1 Oct 2001 17:18:29 - 1.2
 |+++ gnu/usr.sbin/sendmail/l



 Can you please tell me what i can i do with this?

You should read it.


# Han

Re: Applying patch ?

[Joe]

Maverick wrote:

Thanks a lot for the answer

I have tried it but i have something after that as well



# cd /usr/src
# patch -p0  001_sendmail.patch
Hmm... Looks like a unified diff to me...
The text leading up to this was:
--
|Apply by doing:
| cd /usr/src
| patch -p0  001_sendmail.patch
|
|And then rebuild and install sendmail:
| cd gnu/usr.sbin/sendmail
| make obj
| make depend
| make
| make install
|
|Index: gnu/usr.sbin/sendmail/libsm/fflush.c
|===
|RCS file: /cvs/src/gnu/usr.sbin/sendmail/libsm/fflush.c,v
|retrieving revision 1.2
|diff -u -p -r1.2 fflush.c
|--- gnu/usr.sbin/sendmail/libsm/fflush.c 1 Oct 2001 17:18:29 - 1.2
|+++ gnu/usr.sbin/sendmail/l



Can you please tell me what i can i do with this?



You have applied the patch to the sendmail source code.
Now you must rebuild and install sendmail.

The output from the patch command tells you what to do:

 |And then rebuild and install sendmail:
 | cd gnu/usr.sbin/sendmail
 | make obj
 | make depend
 | make
 | make install

Since you are new to OpenBSD, you should know that OpenBSD tells you how 
to do all of the important things. In other words, OpenBSD is very well 
documented. However, to be successful you must learn to find the 
documentation. In this case it was right under your nose. All/most 
patches will tell you how to apply them.


Also check the OpenBSD FAQ.

understanding the kernel

[George Mihai IACOB]

Hello!

I am a not-so-experienced programmer and I started a personal project 
which requires a deep understanding of the OpenBSD kernel - no, I am not 
going to fork another BSD style operating system. I wonder if there is 
documentation describing the kernel, other that the comments in the 
source. For a start, I am reading Andrew Tanenbaum's Modern Operating 
Systems, 2nd edition and trying to follow the code in the kernel 
source, starting with sys/kern/init_main.c
Is this a wrong approach? Do you have other suggestions? I know there's 
no easy way and I am not looking for one, all I want is a starting point.

Regards,
George

mounting problems

[Jay Jesus Amorin]

hi,

pls. help me mount my partition in my linux partitions

#fdisk -lu /dev/hda (in linux)
Disk /dev/hda: 80.0 GB, 80026361856 bytes
255 heads, 63 sectors/track, 9729 cylinders, total 156301488 sectors
Units = sectors of 1 * 512 = 512 bytes

   Device Boot  Start End  Blocks   Id  System
/dev/hda1   *  634882153424410736   a6  OpenBSD
/dev/hda248821535   156296384537374255  Extended
/dev/hda54882159852725329 1951866   a6  OpenBSD
/dev/hda652725393   10154686424410736   83  Linux
/dev/hda7   101546928   105450659 1951866   82  Linux swap / Solaris
/dev/hda8   105450723   15629638425422831   83  Linux

how will i mount /dev/hda8 and /dev/hda6 in openbsd?

my openbsd /etc/fstab entry:

/dev/wd0a / ffs rw 1 1


thanks,

--jay--

Re: minimum hardware requirements for NTP server?

[K Kadow]

On 10/29/06, Marc Balmer [EMAIL PROTECTED] wrote:

Henning Brauer wrote:
 I have a slower vax serving our entire network.
 it doesn't have usb tho, thus no gps

nmea(4) works over serial lines, too.


How accurate is NMEA, on USB or serial without using a PPS signal line?

Re: minimum hardware requirements for NTP server?

[Theo de Raadt]

 On 10/29/06, Marc Balmer [EMAIL PROTECTED] wrote:
  Henning Brauer wrote:
   I have a slower vax serving our entire network.
   it doesn't have usb tho, thus no gps
 
  nmea(4) works over serial lines, too.
 
 How accurate is NMEA, on USB or serial without using a PPS signal line?

A lot more accurate than nothing at all.

Because that is the real question, isn't it?

Re: understanding the kernel

[Jonathan Gray]

On Sun, Oct 29, 2006 at 08:24:16PM -0700, George Mihai IACOB wrote:
 Hello!
 
 I am a not-so-experienced programmer and I started a personal project 
 which requires a deep understanding of the OpenBSD kernel - no, I am not 
 going to fork another BSD style operating system. I wonder if there is 
 documentation describing the kernel, other that the comments in the 
 source. For a start, I am reading Andrew Tanenbaum's Modern Operating 
 Systems, 2nd edition and trying to follow the code in the kernel 
 source, starting with sys/kern/init_main.c
 Is this a wrong approach? Do you have other suggestions? I know there's 
 no easy way and I am not looking for one, all I want is a starting point.
 Regards,
 George

You don't mention what you had in mind so it is hard to point at anything.
The Design and Implementation of the 4.4 BSD Operating System by
McKusick and friends is likely to be more relevant for implementation
details, Tanebaum's book is more high level theory.

Re: understanding the kernel

[Otto Moerbeek]

On Sun, 29 Oct 2006, George Mihai IACOB wrote:

 Hello!
 
 I am a not-so-experienced programmer and I started a personal project which
 requires a deep understanding of the OpenBSD kernel - no, I am not going to
 fork another BSD style operating system. I wonder if there is documentation
 describing the kernel, other that the comments in the source. For a start, I
 am reading Andrew Tanenbaum's Modern Operating Systems, 2nd edition and
 trying to follow the code in the kernel source, starting with
 sys/kern/init_main.c
 Is this a wrong approach? Do you have other suggestions? I know there's no
 easy way and I am not looking for one, all I want is a starting point.
 Regards,
 George

A lot of internal kernel APIs are documented in section 9 of the man
pages.  And, while this may be superfluous, the public API, also known
as system calls are described in section 2. 

-Otto

Re: docs for OpenLDAP and cyrus-imapd on OpenBSD?

[Samuel Moñux]

2006/10/29, Paul Pruett [EMAIL PROTECTED]:

Looking for docs for OpenLDAP and cyrus-imapd on OpenBSD

I am trying to implement cyrus-imap on OpenBSD sendmail for virtual
hosting with support for  pop3, imap (localhost), and smtp-auth.



I have it working a similar setup. All you need once the openldap side
is runnning (and there are lots of docs about OpenLDAP for users
authentication out there):

In the sendmail side, you just need to map mail adresses to uids
(forget mailAlternateAddress, just needed if you migrated from
qmail-ldap):

FEATURE(`virtusertable',
`ldap -1 -TTMPF -v uid -k (|(mail=%0)(mailAlternateAddress=%0))')dnl

configure SASL options in sendmail.mc

define(`confAUTH_MECHANISMS', `CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5 LOGIN PLAIN')

/usr/local/lib/sasl2/Sendmail.conf

pwcheck_method: saslauthd
mech_list: plain cram-md5 digest-md5 login

saslauthd.conf:

ldap_servers: ldap://ldap.xxx/
ldap_bind_dn: cn=xxx,dc=xxx,dc=sa
ldap_bind_pw: 
ldap_search_base: ou=People,dc=carreras,dc=sa
ldap_filter: ((uid=%u)(accountStatus=active))
ldap_password_attr: userPassword

Cyrus LDAP authentication:

/etc/imapd.conf

sasl_pwcheck_method: saslauthd
sasl_mech_list: login cram-md5 digest-md5 plain

(*-md5 mechs won't work with hashed userPasswords, but don't harm)

You will need a sendmail compiled with SASL and ldap support, just add
this to /etc/mk.conf:

WANT_LDAP=yes
WANT_SMTPAUTH=yes

And thats all...

Greets

Re: Applying patch ?

[Maverick]

uppsss

I am sorry  I forgot to add the important bit.  
When i run patch -p0  001_sendmail.patch, it asked me for the file to
patch. Can you please give me an example how to go that in sendmail patch?

Thanks a lot for your help
I do appreciate that.



Joe S wrote:
 
 Maverick wrote:
 Thanks a lot for the answer
 
 I have tried it but i have something after that as well
 
 
 
 # cd /usr/src
 # patch -p0  001_sendmail.patch
 Hmm... Looks like a unified diff to me...
 The text leading up to this was:
 --
 |Apply by doing:
 | cd /usr/src
 | patch -p0  001_sendmail.patch
 |
 |And then rebuild and install sendmail:
 | cd gnu/usr.sbin/sendmail
 | make obj
 | make depend
 | make
 | make install
 |
 |Index: gnu/usr.sbin/sendmail/libsm/fflush.c
 |===
 |RCS file: /cvs/src/gnu/usr.sbin/sendmail/libsm/fflush.c,v
 |retrieving revision 1.2
 |diff -u -p -r1.2 fflush.c
 |--- gnu/usr.sbin/sendmail/libsm/fflush.c 1 Oct 2001 17:18:29 -
 1.2
 |+++ gnu/usr.sbin/sendmail/l
 
 
 
 Can you please tell me what i can i do with this?
 
 
 You have applied the patch to the sendmail source code.
 Now you must rebuild and install sendmail.
 
 The output from the patch command tells you what to do:
 
   |And then rebuild and install sendmail:
   | cd gnu/usr.sbin/sendmail
   | make obj
   | make depend
   | make
   | make install
 
 Since you are new to OpenBSD, you should know that OpenBSD tells you how 
 to do all of the important things. In other words, OpenBSD is very well 
 documented. However, to be successful you must learn to find the 
 documentation. In this case it was right under your nose. All/most 
 patches will tell you how to apply them.
 
 Also check the OpenBSD FAQ.
 
 
 

-- 
View this message in context: 
http://www.nabble.com/Applying-patch---tf2536341.html#a7070241
Sent from the openbsd user - misc mailing list archive at Nabble.com.