Re: [4.2 Upgrade] Apache: bad username nobody

[Chris]

On 11/6/07, Otto Moerbeek [EMAIL PROTECTED] wrote:
 You should also restore /etc/pwd.db and /etc/spwd.db, or recretae them
 using pwd_mkdb(8).

Thanks. Restoring these two files resolved the issue. Apache is now
starting fine.

However, typing newaliases still gives the mailwrapper.core
segmentation fault core dumped error. I have had postfix installed
which I removed (pkg_delete) after the upgrade. Could this be the
cause of this problem? I manually deleted the _postfix user/group
after I restored the password files.

Any help on this would be much appreciated. Thanks.

OpenBSD 4.2 -release CDs arrived in Shenzhen, China.

[Bibby]

Hi, all.

OpenBSD 4.2 -release CDs arrived in Shenzhen, China. I will send them out to

all customers soon.

I'd like to say Thank you to all of the developers/contributors around the
world,
and who made this release possible.

Thanks to Wim@ and [EMAIL PROTECTED] ^_~
-- 
Best Regards.

Michael Bibby(Huangbin Zhang)

- RedHat Enterprise Linux 5 Client
- OpenBSD 4.2 -release

Re: [4.2 Upgrade] Apache: bad username nobody

[Daniel Ouellet]

Chris wrote:

However, typing newaliases still gives the mailwrapper.core
segmentation fault core dumped error. I have had postfix installed
which I removed (pkg_delete) after the upgrade. Could this be the
cause of this problem? I manually deleted the _postfix user/group
after I restored the password files.


Depending how you install postfix, you had the choice the first time to 
have newaliases affecting the standard file in /etc/mail, or the postfix 
alias file.


Are you sure your newaliases point to the right place?

Is there is soft link or something may be on your newaliases command. 
Witch one are you using, the standard one, or the postfix one?


# locate newaliases
/usr/bin/newaliases
/usr/local/man/man1/newaliases.1
/usr/local/sbin/newaliases
/usr/local/share/doc/postfix/html/newaliases.1.html
/usr/share/man/cat8/newaliases.0

The default install have only one:

# locate newaliases
/usr/bin/newaliases
/usr/share/man/cat8/newaliases.0

Check to see what you are using.

Standard:
# ls -al /usr/bin/newaliases
lrwxr-xr-x  1 root  wheel  21 Aug 22 02:42 /usr/bin/newaliases - 
/usr/sbin/mailwrapper


Or may be something else.

Best,

Daniel

how to create cdrom42.fs?

[23号]

Hi,
  anything script?

-- 
Best Regards,
No.23

http://blog.chinaunix.net/u1/42287

acpi global lock and sci events

[giovanni]

I've also noted that the acpi global lock patch has fixed the acpi sci
interrupt problem under i386/MP. now all the events are delivered
correctly
(e.g power button works)

thanks

-- 
see ya,
giovanni

lib not found expat.8.0 - requires xbase42.tgz - insufficient disk on CF card

[scorch]

hi,

i need the gettext package, requiring expat.8.0 from xbase42.tgz as 
covered in the FAQ.


unfortunately I've struck this issue on a 256MB CF soekris build where I 
don't have enough space for a full install :-(


are there any pointers on if or how one can extract the minimum needed 
for expat.8.0 out of xbase42.tgz?


cheers,
scorch

Re: [4.2 Upgrade] Apache: bad username nobody

[Otto Moerbeek]

On Tue, Nov 06, 2007 at 08:41:08PM +1100, Chris wrote:

 On 11/6/07, Otto Moerbeek [EMAIL PROTECTED] wrote:
  I'd like a copy of your /etc/mailer.conf file. Probably it trips a bug
  in mailwrapper.
 
 Thanks. I had a look in my /etc/mailer.conf and it read -
 
 /usr/local/sbin/postfix-enable, which I changed to the following
 (exactly as my 4.1 box) -
 
 sendmail/usr/libexec/sendmail/sendmail
 send-mail   /usr/libexec/sendmail/sendmail
 mailq /usr/libexec/sendmail/sendmail
 newaliases /usr/libexec/sendmail/sendmail
 hoststat /usr/libexec/sendmail/sendmail
 purgestat /usr/libexec/sendmail/sendmail
 
 And I ran newaliases again and it says -
 
 No local mailer defined
 QueueDirectory (Q) option must be set. I then restored the 4.1
 sendmail.cf to /etc/mail and ran newaliases again and the output is
 looking good now -
 
 /etc/mail/newaliases: 43 aliases, longest 10 bytes, 618 bytes total.
 
 Thanks.

This diff fixes the core dump in case there's only one string on a line.

-Otto

Index: mailwrapper.c
===
RCS file: /cvs/src/usr.sbin/mailwrapper/mailwrapper.c,v
retrieving revision 1.17
diff -u -p -r1.17 mailwrapper.c
--- mailwrapper.c   2 Sep 2007 15:19:39 -   1.17
+++ mailwrapper.c   6 Nov 2007 09:51:09 -
@@ -125,7 +125,7 @@ main(int argc, char *argv[], char *envp[
continue;
}
 
-   if ((from = strsep(cp, WS)) == NULL)
+   if ((from = strsep(cp, WS)) == NULL || cp == NULL)
goto parse_error;
 
cp += strspn(cp, WS);

Re: [4.2 Upgrade] Apache: bad username nobody

[Chris]

On 11/6/07, Otto Moerbeek [EMAIL PROTECTED] wrote:
 I'd like a copy of your /etc/mailer.conf file. Probably it trips a bug
 in mailwrapper.

Thanks. I had a look in my /etc/mailer.conf and it read -

/usr/local/sbin/postfix-enable, which I changed to the following
(exactly as my 4.1 box) -

sendmail/usr/libexec/sendmail/sendmail
send-mail   /usr/libexec/sendmail/sendmail
mailq /usr/libexec/sendmail/sendmail
newaliases /usr/libexec/sendmail/sendmail
hoststat /usr/libexec/sendmail/sendmail
purgestat /usr/libexec/sendmail/sendmail

And I ran newaliases again and it says -

No local mailer defined
QueueDirectory (Q) option must be set. I then restored the 4.1
sendmail.cf to /etc/mail and ran newaliases again and the output is
looking good now -

/etc/mail/newaliases: 43 aliases, longest 10 bytes, 618 bytes total.

Thanks.

IBM T60 laptop upgrade - wd0 to sd0

[Chris]

I am trying to upgrade a T60 laptop that detects the HDD as wd0a.
After booting from the 4.2 base CD my HDD is detected as sd0 and the
installer does the fsck on sd0a. However, force checking non-root
filesystem during the installation fails as it fails to detect and do
fsck on wd0a from /etc/fstab -

fsck -fp /dev/wd0a...FAILED. You must fsck /dev/wd0a manually.

I was wondering if I would be able to boot the new system once I
upgrade as I will not be upgrading/extracting the new etc42.tgz to
overwrite the existing /etc/fstab. So when I boot the new system
/etc/fstab will still be the old fstab and it will not recognize wd0
and will refuse to boot?

This has been mentioned here: http://www.openbsd.org/faq/upgrade42.html#ahci

Any suggestion on this would be much appreciated. Thanks.

Re: [4.2 Upgrade] Apache: bad username nobody

[Chris]

On 11/6/07, Daniel Ouellet [EMAIL PROTECTED] wrote:
 Are you sure your newaliases point to the right place?

 Is there is soft link or something may be on your newaliases command.
 Witch one are you using, the standard one, or the postfix one?

Thanks.

I have already removed postfix (pkg_delete).

I only have these two newaliases -

# locate newaliases
/usr/bin/newaliases
/usr/share/man/cat8/newaliases.0

# ls -al /usr/bin/newaliases points to -

lrwxr-xr-x  1 root  wheel  21 Nov 6 11:45 /usr/bin/newaliases -
/usr/sbin/mailwrapper

Thanks for your help.

Re: 7800GS + 2 monitors under 4.2-release

[Paulo Rodriguez]

Hi Chris,

Those are exactly the same symptoms I'm experiencing as well.
I'll be trying -current later tonight to see how it goes. I'll keep you 
informed.


Thanks,

P

Chris Harper schreef:

Im currently attempting to get my 7900GTX to run dual screens under
4.2 release without success.

I can only seem to get green and orange squares on the second monitor
which are some how linked
to the first as they change colour as the mouse moves around.

Any progress you make would be appareciated.
On Nov 5, 2007 10:46 PM, Paulo Rodriguez [EMAIL PROTECTED] wrote:
  

Hi misc,

Just wondering about any success stories getting dual-screen/xinerama
running under OpenBSD 4.2-release with nVidia cards (G73) under X. If I
read correctly the necessary code for this was imported by matthieu@
after 4.2-release code was frozen, so it should be in -current.

Kind regards,

Paulo

Re: support for USB compact flash readers?

[Jonathan Thornburg]

In message http://marc.info/?l=openbsd-miscm=119426861107322w=1,
I asked about how best to read/write a Compact Flash (CF) card from
an OpenBSD system (Lenovo/IBM Thinkpad T41p).  In message
http://marc.info/?l=openbsd-miscm=119427381515100w=1,
Christian naddy Weisgerber suggested that a UCB CF reader/writer
would be
 cheaper than the time you already spent pondering the
 question and perfectly adequate if you just want to read/write a
 CF (MMC, SD, etc.) card from time to time.

Thanks for the info.  My main worry was/is that I don't see these
specifically listed on the OpenBSD supported hardware list on
 http://www.openbsd.org/i386.html  , only a generic mention of USB Mass
Storage devices, i.e., USB floppy drives and USB memory stick controllers
(umass).   Does this latter phrase include USB CF readers/writers?

thanks, ciao,

--
-- Jonathan Thornburg (remove -animal to reply) [EMAIL PROTECTED]
   School of Mathematics, U of Southampton, England
   Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral.
  -- quote by Freire / poster by Oxfam

Re: [4.2 Upgrade] Apache: bad username nobody

[Otto Moerbeek]

On Tue, Nov 06, 2007 at 06:58:59PM +1100, Chris wrote:

 On 11/6/07, Otto Moerbeek [EMAIL PROTECTED] wrote:
  You should also restore /etc/pwd.db and /etc/spwd.db, or recretae them
  using pwd_mkdb(8).
 
 Thanks. Restoring these two files resolved the issue. Apache is now
 starting fine.
 
 However, typing newaliases still gives the mailwrapper.core
 segmentation fault core dumped error. I have had postfix installed
 which I removed (pkg_delete) after the upgrade. Could this be the
 cause of this problem? I manually deleted the _postfix user/group
 after I restored the password files.
 
 Any help on this would be much appreciated. Thanks.

I'd like a copy of your /etc/mailer.conf file. Probably it trips a bug
in mailwrapper.

-Otto

Re: lib not found expat.8.0 - requires xbase42.tgz - insufficient disk on CF card

[Marc Espie]

On Tue, Nov 06, 2007 at 10:11:28PM +1300, [EMAIL PROTECTED] wrote:
 hi,

 i need the gettext package, requiring expat.8.0 from xbase42.tgz as 
 covered in the FAQ.

 unfortunately I've struck this issue on a 256MB CF soekris build where I 
 don't have enough space for a full install :-(

 are there any pointers on if or how one can extract the minimum needed 
 for expat.8.0 out of xbase42.tgz?

Just extract /usr/X11R6/lib/libexpat\*

Re: boot old Indy with OpenBSD?

[Sebastian Reitenbach]

Miod Vallat [EMAIL PROTECTED] wrote: 
  First, objcopy does not provide the target ecoff-littlemips. It took me 
a 
  while to get objcopy reconfigured on sparc64 and on i386. On sparc64 
objcopy 
  says it is unable to change endianness, therefore I tried on i386 too, 
but 
  there objcopy says unable to determine file format.
  
  Do I can create a OpenBSD bsd.rd image in ecoff format where the Indy at 
  least will try to load and boot from that file? Or do I need to do that 
on a 
  SGI machine?
 
 You need to either build a OpenBSD/sgi cross toolchain (at least cross
 binutils), or use an OpenBSD/sgi system, so that this target is
 available.
 
 And even with this, you'll need to tinker with binutils configuration,
 since ECOFF targets are not enabled on OpenBSD/sgi at the moment.
Fortunately, as I don't have an idea how to create a cross compiler 
toolchain, and neither have a OpenBSD/sgi machine, someone else contacted me 
and offered to create a ecoff based ramdisk. Then I'll see what happens.

 
  I doubt that the Indy will boot, but I am just curious.
 
 Assuming the PROM doesn't disklike the kernel load address, the system
 will run until it sets up its own trap vectors, since there are no tlb
 refill handlers for R4k processors.
well, in case, I get above mentioned ecoff image beginning to boot, do you 
have any pointer to the hardware documentation, that will explain the tlb 
refill handlers?

 
 Supporting the ``low-end'' 64 bit capable sgi models (i.e. Indigo R4k,
 Indy and Indigo2) in 64 bit mode (except for the few hopeless R4000
 flavours) is on my list, but low priority.
Exactly my box is a Indigo with an R4k processor, so there is hope it will 
run OpenBSD in the future.

Sebastian

Machine will not recover from 'deep sleep' state [ IBM Thinkpad T41 ]

[Mark Thomas]

If I close the lid on this laptop ( Thinkpad T41 ) the machine goes
into a deep sleep but will not recover with OpenBSD 4.2. With 4.1 this
worked flawlessly. xorg is not running during these tests.

Anyone else having the same problem?

thanks

sensor(?) output

hw.machine=i386
hw.model=Intel(R) Pentium(R) M processor 1700MHz (GenuineIntel 686-class)
hw.ncpu=1
hw.byteorder=1234
hw.physmem=1072656384
hw.usermem=1072652288
hw.pagesize=4096
hw.disknames=wd0,cd0
hw.diskcount=2
hw.sensors.aps0.temp0=44.00 degC
hw.sensors.aps0.temp1=44.00 degC
hw.sensors.aps0.indicator0=Off (Keyboard Active)
hw.sensors.aps0.indicator1=Off (Mouse Active)
hw.sensors.aps0.indicator2=On (Lid Open)
hw.sensors.aps0.raw0=438 (X_ACCEL)
hw.sensors.aps0.raw1=535 (Y_ACCEL)
hw.sensors.aps0.raw2=437 (X_VAR)
hw.sensors.aps0.raw3=536 (Y_VAR)
hw.cpuspeed=600
hw.setperf=0
hw.vendor=IBM
hw.product=2373DE4
hw.version=ThinkPad T41
hw.serialno=99X84V2
hw.uuid=9de6a601-46fd-11cb-a095-98f756497707

dmesg output

OpenBSD 4.2 (GENERIC) #375: Tue Aug 28 10:38:44 MDT 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1700MHz (GenuineIntel 686-class) 600 MHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
real mem  = 1072656384 (1022MB)
avail mem = 1029578752 (981MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 05/14/04, BIOS32 rev. 0 @
0xfd750, SMBIOS rev. 2.33 @ 0xe0010 (61 entries)
bios0: vendor IBM version 1RETC6WW (3.05a) date 05/14/2004
bios0: IBM 2373DE4
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 98%
apm0: AC off, battery charge high, estimated 2:59 hours
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #6 is the last bus
bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000
0xdc000/0x4000! 0xe/0x1
cpu0 at mainbus0
cpu0: Enhanced SpeedStep 600 MHz (956 mV): speeds: 1700, 1400, 1200,
1000, 800, 600 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M9 Lf rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0: Intel EHCI root hub, rev 2.00/1.00, addr 1
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81
pci2 at ppb1 bus 2
cbb0 at pci2 dev 0 function 0 TI PCI4520 CardBus rev 0x01: irq 11
cbb1 at pci2 dev 0 function 1 TI PCI4520 CardBus rev 0x01: irq 11
em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03:
irq 11, address 00:0d:60:c9:b2:de
Aironet MPI-350 Wireless rev 0x00 at pci2 dev 2 function 0 not configured
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 6 device 0 cacheline 0x8, lattimer 0xb0
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01:
24-bit timer at 3579545Hz
pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: HTS726060M9AT00
wd0: 16-sector PIO, LBA, 53759MB, 110099826 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: TOSHIBA, DVD-ROM SD-R9012, 1121 SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 11
iic0 at ichiic0
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq
11, ICH4 AC97
ac97: codec id 0x41445374 (Analog Devices AD1981B)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auich0
Intel 82801DB Modem rev 0x01 at pci0 dev 31 function 6 not configured
usb1 at uhci0: USB revision 1.0
uhub1 at usb1: Intel UHCI root hub, rev 1.00/1.00, addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2: Intel UHCI root hub, rev 1.00/1.00, addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3: Intel UHCI root hub, rev 1.00/1.00, addr 1
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0

Re: IBM T60 laptop upgrade - wd0 to sd0

[Henning Brauer]

* Chris [EMAIL PROTECTED] [2007-11-06 11:14]:
 I am trying to upgrade a T60 laptop that detects the HDD as wd0a.
 After booting from the 4.2 base CD my HDD is detected as sd0 and the
 installer does the fsck on sd0a. However, force checking non-root
 filesystem during the installation fails as it fails to detect and do
 fsck on wd0a from /etc/fstab -
 
 fsck -fp /dev/wd0a...FAILED. You must fsck /dev/wd0a manually.
 
 I was wondering if I would be able to boot the new system once I
 upgrade as I will not be upgrading/extracting the new etc42.tgz to
 overwrite the existing /etc/fstab. So when I boot the new system
 /etc/fstab will still be the old fstab and it will not recognize wd0
 and will refuse to boot?

etcXX.tgz does not contain an fstab file. disklabel generates it at 
install time.

your solution is to boot the installed 4.1, edit fstab (replace all wd0 
by sd0), save  boot the CD and proceed with upgrade as usual.

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: altroot is not mentioned in FAQ

[Jan Stary]

On Sep 25 10:11:04, Joel Knight wrote:
 --- Quoting Jan Stary on 2007/09/25 at 15:48 +0200:
 
  Hi all,
  
  afterboot(8) mentions /altroot, which is a nice feature.
  
  But you only learn about /altroot when you read afterboot(8).
  By that time, you already have a system installed, in particular
  your disk is already partitioned, and typically you don't have
  the spare partition (of size at least that of /) to use for
  /altroot.
  
  So my suggestion is: /altroot should be mentioned in the
  install faq, probably in the 'setting up disks' paragraph:
  http://openbsd.org/faq/faq4.html#Disks
 
 Can you write something up and submit the diff to faq@ ?

I am just about to do it now (just waited for 4.2 to come out).

In an attempt to stay close to the current partitioning example,
I intend to make a 10G win installation on a 80G disk and start from
there.

Does this make sense? The current example uses a 20G disk with 1.5G
occupied by a pre-existing win partition; I think the above numbers
are more realistic nowadays (also, I don't have a 20G disk around :-)

Jan

Re: bgpd patch, WAS: bgpd causing black-holes with bgp-only setup

[Tony Sarendal]

diff -u version.

/Tony


Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.228
diff -u -r1.228 rde.c
--- rde.c   16 Sep 2007 15:20:50 -  1.228
+++ rde.c   6 Nov 2007 10:38:23 -
@@ -919,12 +919,6 @@
/* shift to NLRI information */
p += 2 + attrpath_len;
 
-   /* aspath needs to be loop free nota bene this is not a hard error */
-   if (peer-conf.ebgp  !aspath_loopfree(asp-aspath, conf-as)) {
-   error = 0;
-   goto done;
-   }
-
/* parse nlri prefix */
while (nlri_len  0) {
if ((pos = rde_update_get_prefix(p, nlri_len, prefix,
@@ -954,9 +948,17 @@
 
peer-prefix_rcvd_update++;
/* add original path to the Adj-RIB-In */
-   if (peer-conf.softreconfig_in)
-   path_update(peer, asp, prefix, prefixlen, F_ORIGINAL);
-
+   if (peer-conf.softreconfig_in) {
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp  !aspath_loopfree(asp-aspath,
+   conf-as))
+   prefix_remove(peer, prefix, prefixlen,
+   F_ORIGINAL);
+   else
+   path_update(peer, asp, prefix, prefixlen,
+   F_ORIGINAL);
+   
+   }
/* input filter */
if (rde_filter(fasp, rules_l, peer, asp, prefix, prefixlen,
peer, DIR_IN) == ACTION_DENY) {
@@ -977,10 +979,18 @@
if (fasp == NULL)
fasp = asp;
 
-   rde_update_log(update, peer, fasp-nexthop-exit_nexthop,
-   prefix, prefixlen);
-   path_update(peer, fasp, prefix, prefixlen, F_LOCAL);
-
+   rde_update_log(update, peer,
+   fasp-nexthop-exit_nexthop,prefix,
+   prefixlen);
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp  !aspath_loopfree(asp-aspath,
+   conf-as))
+   prefix_remove(peer, prefix, prefixlen,
+   F_LOCAL);
+   else 
+   path_update(peer, fasp, prefix, prefixlen,
+   F_LOCAL);
+   
/* free modified aspath */
if (fasp != asp)
path_put(fasp);
@@ -1047,10 +1057,16 @@
 
peer-prefix_rcvd_update++;
/* add original path to the Adj-RIB-In */
-   if (peer-conf.softreconfig_in)
-   path_update(peer, asp, prefix,
-   prefixlen, F_ORIGINAL);
-
+   if (peer-conf.softreconfig_in) {
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp 
+   
!aspath_loopfree(asp-aspath,conf-as))
+   prefix_remove(peer, prefix,
+   prefixlen,F_ORIGINAL);
+   else
+   path_update(peer, asp, prefix,
+   prefixlen, F_ORIGINAL);
+   }
/* input filter */
if (rde_filter(fasp, rules_l, peer, asp,
prefix, prefixlen, peer, DIR_IN) ==
@@ -1075,9 +1091,15 @@
 
rde_update_log(update, peer,
asp-nexthop-exit_nexthop,
-   prefix, prefixlen);
-   path_update(peer, fasp, prefix, prefixlen,
-   F_LOCAL);
+   prefix, prefixlen);
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp 
+   !aspath_loopfree(asp-aspath,conf-as))
+   prefix_remove(peer, prefix,
+   prefixlen,F_LOCAL);
+   else 
+   path_update(peer, fasp, prefix,
+   prefixlen,F_LOCAL);
 
/* free modified aspath */
if (fasp != asp)

Re: IBM T60 laptop upgrade - wd0 to sd0

[Jonathan Gray]

On Tue, Nov 06, 2007 at 08:45:43PM +1100, Chris wrote:
 I am trying to upgrade a T60 laptop that detects the HDD as wd0a.
 After booting from the 4.2 base CD my HDD is detected as sd0 and the
 installer does the fsck on sd0a. However, force checking non-root
 filesystem during the installation fails as it fails to detect and do
 fsck on wd0a from /etc/fstab -
 
 fsck -fp /dev/wd0a...FAILED. You must fsck /dev/wd0a manually.
 
 I was wondering if I would be able to boot the new system once I
 upgrade as I will not be upgrading/extracting the new etc42.tgz to
 overwrite the existing /etc/fstab. So when I boot the new system
 /etc/fstab will still be the old fstab and it will not recognize wd0
 and will refuse to boot?
 
 This has been mentioned here: http://www.openbsd.org/faq/upgrade42.html#ahci
 
 Any suggestion on this would be much appreciated. Thanks.

Probably the easiest way to deal with this is to set your
bios to sata compatibility mode and then you can change fstab
from wd to sd later if you want to switch back to ahci.

Re: IBM T60 laptop upgrade - wd0 to sd0

[Paul de Weerd]

On Tue, Nov 06, 2007 at 08:45:43PM +1100, Chris wrote:
| I am trying to upgrade a T60 laptop that detects the HDD as wd0a.
| After booting from the 4.2 base CD my HDD is detected as sd0 and the
| installer does the fsck on sd0a. However, force checking non-root
| filesystem during the installation fails as it fails to detect and do
| fsck on wd0a from /etc/fstab -
| 
| fsck -fp /dev/wd0a...FAILED. You must fsck /dev/wd0a manually.
| 
| I was wondering if I would be able to boot the new system once I
| upgrade as I will not be upgrading/extracting the new etc42.tgz to
| overwrite the existing /etc/fstab. So when I boot the new system
| /etc/fstab will still be the old fstab and it will not recognize wd0
| and will refuse to boot?
| 
| This has been mentioned here: http://www.openbsd.org/faq/upgrade42.html#ahci
| 
| Any suggestion on this would be much appreciated. Thanks.

I found the easiest way of doing this is booting bsd.rd, choose
'(S)hell' and then :

mount /dev/sd0a /mnt
ed /mnt/etc/fstab
,s/wd/sd/g
w
q
umount /mnt
reboot
enjoy ahci ;)

This is of course after you've installed 4.2. If you're still in the
installer, you can escape to the shell and then fix this, return to
the installer and proceed from there. Good luck ;)

Cheers,

Paul 'WEiRD' de Weerd

-- 
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
 http://www.weirdnet.nl/ 

Regenerating damaged /etc

[Karel Kulhavy]

During upgrading between 4.1 and 4.2 I accidentally typed rm -rf /etc instead
of rm -rf etc in the /tmp directory.

After fixing couple of vital things I continued normally with the upgrade,
unpacking the etc42.tgz and xetc42.tgz and reinstalling couple of programs
so that their /etc/ files are regenerated. I also did the post-installation
stuff from the Installing 4.2 chapters.

I got an idea that I could run the install process and somehow skip the initial
part but it always told me it's going to destroy all data on the disk and then
I said no and it returned into the shell.

Is there some way how I can re-generate the missing /etc files? I guess the
permissions matter for security and some files are probably machine generated.

I don't see any problem at the moment but maybe it's just like a time bomb
there?

CL

Re: OBSD on MacBook

[Koh Choon Lin]

 On Sun, Nov 04, 2007 at 10:46:28PM +0800, Koh Choon Lin wrote:
  Hi everyone!
 
  Anyone has a success story on installing OBSD on MacBook or MB Pro?

Hi all

Thanks you so much for the help.. actually, I am planning to single
boot a MB or MBP with OBSD. Is it easier to install it this way than a
dual boot or using bootcamp?



Regards
Koh Choon Lin

misc rejects because of sender verify

[Karel Kulhavy]

Hello

If I configure my exim on my laptop according to what's written in the comments,
I cannot send e-mail to [EMAIL PROTECTED]

The comment says that primary_hostname should be your host's canonical name
[...] the fully qualified official name of your host. Well my laptop is
called kestrel and my domain is twibright.com. So I put
kestrel.twibright.com there.

But misc@openbsd.org says rejected since sender verify failed. The from
header is set to [EMAIL PROTECTED], the from: header to
[EMAIL PROTECTED]

No wonder it failed. My laptop doesn't have any externally valid IP address
so I didn't make any DNS record for it. misc apparently tries to lookup
kestrel.twibright.com and fails.

So I tried to put twibright.com there but now I cannot send post to my
brother [EMAIL PROTECTED] Now exim thinks [EMAIL PROTECTED] is for
him (even if local_comains are set just to @ : localhost) and says
unknown user. -t mx for twibright.com is twin.jikos.cz.

So what should I put there? Or should I put some random bullshit like
195.195.195.195 into the kestrel.twibright.com so that misc@ is satisfied?

Is there a RFC saying that the from header after stripping the @ and before
must succeed in DNS lookup?

Do I violate any RFC if I put random garbage into DNS to satisfy paranoid
hosts like [EMAIL PROTECTED]

All these anti-spam policies... They just make it almost impossible for
normal people to send e-mail reliably, while they have no visible effect
on the spam tsunami... I still get hundreds of spams daily. They turn the
MTA configuration task from a fifteen puzzle into a sixteen puzzle.

CL

Re: Regenerating damaged /etc

[Chris Smith]

On 11/6/07, Karel Kulhavy [EMAIL PROTECTED] wrote:
 During upgrading between 4.1 and 4.2 I accidentally typed rm -rf /etc instead
 of rm -rf etc in the /tmp directory.

 After fixing couple of vital things I continued normally with the upgrade,
 unpacking the etc42.tgz and xetc42.tgz and reinstalling couple of programs
 so that their /etc/ files are regenerated. I also did the post-installation
 stuff from the Installing 4.2 chapters.

 I got an idea that I could run the install process and somehow skip the 
 initial
 part but it always told me it's going to destroy all data on the disk and then
 I said no and it returned into the shell.

 Is there some way how I can re-generate the missing /etc files? I guess the
 permissions matter for security and some files are probably machine generated.

 I don't see any problem at the moment but maybe it's just like a time bomb
 there?

 CL


If you have another OpenBSD box, could you do something with this hint:
http://subversion.tigris.org/faq.html#in-place-import
making a repository of a known good /etc, and then checking it out to
repair the bad?
In general, is versioning the /etc directory seen as overkill?
Cheers,
Chris

Re: misc rejects because of sender verify

[Jason Dixon]

On Nov 6, 2007, at 7:09 AM, Karel Kulhavy wrote:

All these anti-spam policies... They just make it almost  
impossible for
normal people to send e-mail reliably, while they have no visible  
effect
on the spam tsunami... I still get hundreds of spams daily. They  
turn the

MTA configuration task from a fifteen puzzle into a sixteen puzzle.


I know exactly what you mean.  I get hundreds of spams from you daily.

---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

Re: avail mem is only 66% of real mem

[mickey]

On Mon, Nov 05, 2007 at 04:43:48PM -0800, Ted Unangst wrote:
 On 11/5/07, Wade, Daniel [EMAIL PROTECTED] wrote:
  Any guess as to why I'm losing about 33% of my RAM?
  When you are only working with 32MB to start with every little bit counts.
 
 the kernel and the buffer cache have to go somewhere.

not buffer cache nomore (:
cu
-- 
paranoic mickey   (my employers have changed but, the name has remained)

nfe0 issues

[Chris Harper]

I recently installed 4.2 release on my evga 680i based motherboard ,
which uses nfe(4) for the onboard gig NIC's.

There seems to be an issue in the handling of the autodetection of
media types and the speed it can run at when manual
selection is set. So say for instance I set it manually to 100baseTX
it will no longer function and does not send packets.
If I then set it to 10baseT it will work fine, I have checked the
network routers/cables and interfaces from a windows partition
which detects a 100mbps link.

I have notived that on the router it detects a 100mbps link before the
kernel initiatesthe device during boot i.e before any mention of nfe
on the screen.

Has anyone else had any similar issues using nfe interfaces ?

Re: altroot is not mentioned in FAQ

[Douglas A. Tutty]

On Tue, Nov 06, 2007 at 11:54:45AM +0100, Jan Stary wrote:
 On Sep 25 10:11:04, Joel Knight wrote:
  --- Quoting Jan Stary on 2007/09/25 at 15:48 +0200:
   afterboot(8) mentions /altroot, which is a nice feature.
   
   But you only learn about /altroot when you read afterboot(8).
   By that time, you already have a system installed, in particular
   your disk is already partitioned, and typically you don't have
   the spare partition (of size at least that of /) to use for
   /altroot.
   
   So my suggestion is: /altroot should be mentioned in the
   install faq, probably in the 'setting up disks' paragraph:
   http://openbsd.org/faq/faq4.html#Disks
  
  Can you write something up and submit the diff to faq@ ?
 
 I am just about to do it now (just waited for 4.2 to come out).
 
 In an attempt to stay close to the current partitioning example,
 I intend to make a 10G win installation on a 80G disk and start from
 there.
 
 Does this make sense? The current example uses a 20G disk with 1.5G
 occupied by a pre-existing win partition; I think the above numbers
 are more realistic nowadays (also, I don't have a 20G disk around :-)

While you're at it:  the install docs cover the absolute minimum to run
a basic system (I think they describe it as a basic home system
connected to the internet).  Could you include an example of the same
thing but the minimum to be able to compile patches?  

OpenBSD runs on old hardware.  Old hardware doesn't have 20 GB disks.
At best, I may have a PII with an 8 GB drive with perhaps a second 1 GB
drive.

Doug.

Re: Clamav

[Henning Brauer]

* Juan Miscaro [EMAIL PROTECTED] [2007-11-06 14:20]:
 You recommend a production server to be running -current?

sure.

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: Clamav

[Marc Balmer]

Juan Miscaro wrote:

--- Marc Balmer [EMAIL PROTECTED] wrote:


Juan Miscaro wrote:

--- Peter Fraser [EMAIL PROTECTED] wrote:

was obsolete for a while, long enough that it was hard to
get updates on the virus signatures. I was going to put
up 4.2 expecting to get an updated version of clamav, but
I discovered that 4.2 still uses 0.90.3. The virus signatures
providers are expecting 0.91.2.

Is there a newer version coming, or is there a better virus
scanner to use?


I've been bothered by this for a long time.  I'm going to try

having

all my future clamav installations built by source.


Use OpenBSD snapshots or run -current.  The port is updated there.



You recommend a production server to be running -current?

Poll: who here is doing that?



/me raises his hands.

Re: Clamav

[Juan Miscaro]

--- Marc Balmer [EMAIL PROTECTED] wrote:

 Juan Miscaro wrote:
  --- Peter Fraser [EMAIL PROTECTED] wrote:
  was obsolete for a while, long enough that it was hard to
  get updates on the virus signatures. I was going to put
  up 4.2 expecting to get an updated version of clamav, but
  I discovered that 4.2 still uses 0.90.3. The virus signatures
  providers are expecting 0.91.2.
 
  Is there a newer version coming, or is there a better virus
  scanner to use?
  
  
  I've been bothered by this for a long time.  I'm going to try
 having
  all my future clamav installations built by source.
  
 
 Use OpenBSD snapshots or run -current.  The port is updated there.


You recommend a production server to be running -current?

Poll: who here is doing that?

// juan


  Ask a question on any topic and get answers from real people. Go to 
Yahoo! Answers and share what you know at http://ca.answers.yahoo.com

Re: Clamav

[Karl Sjodahl - dunceor]

On Nov 6, 2007 2:12 PM, Juan Miscaro [EMAIL PROTECTED] wrote:
 --- Marc Balmer [EMAIL PROTECTED] wrote:

  Juan Miscaro wrote:
   --- Peter Fraser [EMAIL PROTECTED] wrote:
   was obsolete for a while, long enough that it was hard to
   get updates on the virus signatures. I was going to put
   up 4.2 expecting to get an updated version of clamav, but
   I discovered that 4.2 still uses 0.90.3. The virus signatures
   providers are expecting 0.91.2.
  
   Is there a newer version coming, or is there a better virus
   scanner to use?
  
  
   I've been bothered by this for a long time.  I'm going to try
  having
   all my future clamav installations built by source.
  
 
  Use OpenBSD snapshots or run -current.  The port is updated there.


 You recommend a production server to be running -current?

 Poll: who here is doing that?

 // juan


   Ask a question on any topic and get answers from real people. Go to 
 Yahoo! Answers and share what you know at http://ca.answers.yahoo.com



I don't have any 'production servers' but I have run -current (updated
about once a week) on my laptop that I use daily for the last two
years and I never had any problems with stability. I would consider it
stable enough to run on production servers.

br
dunceor

changing active slice at boot

[Frans Haarman]

Just wondering...

Has anyone ever thought of having 2 openbsd installations to boot from ?
This way I could upgrade the installation on one slice/disk and boot from it!

Then if the kernel would crash/reboot the other slice would be used for booting.

So at boot time the active slice is changed, after booting its changed back
if there are no troubles!


Perhaps this is an ugly work around to most, but it might save my life when a
system refuses to boot the active slice.. Most of this can be
prevented with
remote consoles or ILO stuff I guess!   What do you think ? FUD ? ;)

Re: Clamav

[STeve Andre']

On Tuesday 06 November 2007 08:22:46 Henning Brauer wrote:
 * Juan Miscaro [EMAIL PROTECTED] [2007-11-06 14:20]:
  You recommend a production server to be running -current?

 sure.

I have a couple of machines which have usually run  -current, and they
work wonderfully.  However, as with everything, TEST it first to make
sure whatever you need is working right, before putting users/data on
it.  Of course this is standard advice for any type of upgrade.

OpenBSD is the only OS I know where you can nearly always take 
advantage of the development release for real-world things, and have
things work.

Just always have the last system ready to re-deploy.

--STeve Andre'

Re: changing active slice at boot

[Joshua Smith]

man 8 daily
etc/daily
 This script is run daily.  It currently does the following:
...
Creates a backup root file system which is updated daily.  This only
 happens if the following conditions are met:

   1.   The environment variable ROOTBACKUP must be set.  For ex-
ample, the following can be added to root's crontab(5):

  ROOTBACKUP=1

   2.   The mount directory /altroot must exist, and there must be
an /etc/fstab entry specifying `xx' for the mount options,
e.g.

  /dev/wd0j /altroot ffs xx 0 0
...
Thanks,
Josh


On 11/6/07, Frans Haarman [EMAIL PROTECTED] wrote:
 Just wondering...

 Has anyone ever thought of having 2 openbsd installations to boot from ?
 This way I could upgrade the installation on one slice/disk and boot from it!

 Then if the kernel would crash/reboot the other slice would be used for 
 booting.

 So at boot time the active slice is changed, after booting its changed back
 if there are no troubles!


 Perhaps this is an ugly work around to most, but it might save my life when a
 system refuses to boot the active slice.. Most of this can be
 prevented with
 remote consoles or ILO stuff I guess!   What do you think ? FUD ? ;)

Re: OBSD on MacBook

[Karl Sjodahl - dunceor]

On Nov 6, 2007 12:28 PM, Koh Choon Lin [EMAIL PROTECTED] wrote:
  On Sun, Nov 04, 2007 at 10:46:28PM +0800, Koh Choon Lin wrote:
   Hi everyone!
  
   Anyone has a success story on installing OBSD on MacBook or MB Pro?

 Hi all

 Thanks you so much for the help.. actually, I am planning to single
 boot a MB or MBP with OBSD. Is it easier to install it this way than a
 dual boot or using bootcamp?



 Regards
 Koh Choon Lin



I single boot my macbook and then you just install it as you would on
a normal laptop. Just say yes that you will use whole hd for OpenBSD
and then you are set. No special magic.

I use OpenBSD on my macbook daily and it works great. No dmesg here
because I'm at work...

Br
dunceor

Re: Clamav

[Stuart Henderson]

On 2007/11/06 08:12, Juan Miscaro wrote:
 You recommend a production server to be running -current?
 Poll: who here is doing that?

Works well for me. I do read source-changes though.

TRAP from? [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]

[Paul Pruett]

I wanted to let you know that any emails from
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]
ARE likely exploited computers, for several weeks we have
been avalanced by returns to those addresses significantly more
than any others...

In my situation, I beleive I can not use spamd greytrapping because
legitimate email servers are sending DAEMON messages to us.

As I understand it, spamd greytrapping uses
the TO address, not the FROM

So unfortunately, others could not use these addresses for trapping 
either? If spamd could trap on the FROM address, I would

recommend to all to add the three above addresses to your traps...

?

-
Also I posted the addresses on webengr.com to prove legit admin to 
webengr.com:

http://www.webengr.com/spam/

Re: misc rejects because of sender verify

[Travers Buda]

* Karel Kulhavy [EMAIL PROTECTED] [2007-11-06 05:09:29]:

 Hello
 
 If I configure my exim on my laptop according to what's written in the 
 comments,
 I cannot send e-mail to [EMAIL PROTECTED]
 
 The comment says that primary_hostname should be your host's canonical name
 [...] the fully qualified official name of your host. Well my laptop is
 called kestrel and my domain is twibright.com. So I put
 kestrel.twibright.com there.
 
 But misc@openbsd.org says rejected since sender verify failed. The from
 header is set to [EMAIL PROTECTED], the from: header to
 [EMAIL PROTECTED]
 
 No wonder it failed. My laptop doesn't have any externally valid IP address
 so I didn't make any DNS record for it. misc apparently tries to lookup
 kestrel.twibright.com and fails.
 
 So I tried to put twibright.com there but now I cannot send post to my
 brother [EMAIL PROTECTED] Now exim thinks [EMAIL PROTECTED] is for
 him (even if local_comains are set just to @ : localhost) and says
 unknown user. -t mx for twibright.com is twin.jikos.cz.
 
 So what should I put there? Or should I put some random bullshit like
 195.195.195.195 into the kestrel.twibright.com so that misc@ is satisfied?
 
 Is there a RFC saying that the from header after stripping the @ and before
 must succeed in DNS lookup?
 
 Do I violate any RFC if I put random garbage into DNS to satisfy paranoid
 hosts like [EMAIL PROTECTED]
 
 All these anti-spam policies... They just make it almost impossible for
 normal people to send e-mail reliably, while they have no visible effect
 on the spam tsunami... I still get hundreds of spams daily. They turn the
 MTA configuration task from a fifteen puzzle into a sixteen puzzle.
 
 CL
 

To get to misc: Spoof your envelope header (I use sendmail -f via
mutt) and relay your mail through your ISP's mail servers.  This
avoids FQDN and dynamic IP issues for me.

-- 
Travers Buda

Re: Clamav

[Josh Grosse]

On Tue, 6 Nov 2007 09:31:28 -0500, STeve Andre' wrote
 On Tuesday 06 November 2007 08:22:46 Henning Brauer wrote:
  * Juan Miscaro [EMAIL PROTECTED] [2007-11-06 14:20]:
   You recommend a production server to be running -current?
 
  sure.
 
 I have a couple of machines which have usually run  -current, and 
 they work wonderfully.  However, as with everything, TEST it first 
 to make sure whatever you need is working right, before putting 
 users/data on it.  Of course this is standard advice for any type of 
 upgradeJust always have the last system ready to re-deploy.

I will second this, Juan.

Another alternative would be to retrofit ClamAV 0.91.2 port to -stable for
4.2.  It has already been done for 4.0 and 4.1, and if the project doesn't
have the resources, Juan, you might be able to do it yourself, and submit the
diffs.

see:
http://www.openbsd.org/cgi-bin/cvsweb/ports/security/clamav/Makefile

Re: support for USB compact flash readers?

[Nick Guenther]

On 11/6/07, Jonathan Thornburg [EMAIL PROTECTED] wrote:
 In message http://marc.info/?l=openbsd-miscm=119426861107322w=1,
 I asked about how best to read/write a Compact Flash (CF) card from
 an OpenBSD system (Lenovo/IBM Thinkpad T41p).  In message
 http://marc.info/?l=openbsd-miscm=119427381515100w=1,
 Christian naddy Weisgerber suggested that a UCB CF reader/writer
 would be
  cheaper than the time you already spent pondering the
  question and perfectly adequate if you just want to read/write a
  CF (MMC, SD, etc.) card from time to time.

 Thanks for the info.  My main worry was/is that I don't see these
 specifically listed on the OpenBSD supported hardware list on
  http://www.openbsd.org/i386.html  , only a generic mention of USB Mass
 Storage devices, i.e., USB floppy drives and USB memory stick controllers
 (umass).   Does this latter phrase include USB CF readers/writers?


Yes. There's an infinite array of USB devices that present a
USB-mass-storage interface. OpenBSD supports them if they support the
standard.

Re: ThinkPad T41p suspend is fine from console, hangs from X

[Jonathan Thornburg]

In message http://marc.info/?l=openbsd-miscm=118157353605570w=1
I described how I couldn't get suspend-to-RAM to work on an IBM/Lenovo
Thinkpad T41p running OpenBSD 4.1-stable.  (See that message for more
details, including my 4.1-stable dmesg.)

In message http://marc.info/?l=openbsd-miscm=118403957129081w=1
I reported a workaround: switching to the vesa driver in xorg.conf.
This got suspend-to-RAM working, but at the cost of loosing the XVideo
extension and other hardware-graphics-acceleration goodies.

I've just installed 4.2-release (yes, I bought a CD, in fact I
pre-ordered but delayed my install until packages came out), and I'm
pleased to report that the problem is now completely solved:  With no
xorg.conf (i.e. just using the default install-from-the-CD-saying-I-want-X
configuration), suspend-to-RAM works perfectly *and* Xenocara groks
the hardware-graphics-acceleration.  A very big thank-you to the
OpenBSD crew for Yet Another Great Release!

Excerpt from 'xdpyinfo' output:
[[...]]
 vendor string:The X.Org Foundation
 vendor release number:7020
 X.Org version: 7.2.0
[[...]]
 number of extensions:30
 BIG-REQUESTS
 DAMAGE
 DOUBLE-BUFFER
 DPMS
 Extended-Visual-Information
 GLX
 MIT-SCREEN-SAVER
 MIT-SHM
 MIT-SUNDRY-NONSTANDARD
 RANDR
 RECORD
 RENDER
 SECURITY
 SGI-GLX
 SHAPE
 SYNC
 TOG-CUP
 X-Resource
 XAccessControlExtension
 XC-APPGROUP
 XC-MISC
 XFIXES
 XFree86-Bigfont
 XFree86-DGA
 XFree86-Misc
 XFree86-VidModeExtension
 XInputExtension
 XKEYBOARD
 XTEST
 XVideo

dmesg:
OpenBSD 4.2 (GENERIC) #375: Tue Aug 28 10:38:44 MDT 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1700MHz (GenuineIntel 686-class) 1.70 
GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
real mem  = 535785472 (510MB)
avail mem = 510443520 (486MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 04/07/04, BIOS32 rev. 0 @ 0xfd750, SMBIOS 
rev. 2.33 @ 0xe0010 (61 entries)
bios0: vendor IBM version 1RETC2WW (3.03 ) date 04/07/2004
bios0: IBM 2373221
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 100%
apm0: AC on, battery charge high
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries)
pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00)
pcibios0: PCI bus #6 is the last bus
bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 
0xe/0x1
cpu0 at mainbus0
cpu0: Enhanced SpeedStep 1700 MHz (1484 mV): speeds: 1700, 1400, 1200, 1000, 
800, 600 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 Intel 82855PE Hub rev 0x03
ppb0 at pci0 dev 1 function 0 Intel 82855PE AGP rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 vendor ATI, unknown product 0x4e54 rev 0x80
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 11
uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 11
uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 11
ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0: Intel EHCI root hub, rev 2.00/1.00, addr 1
ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81
pci2 at ppb1 bus 2
cbb0 at pci2 dev 0 function 0 TI PCI4520 CardBus rev 0x01: irq 11
cbb1 at pci2 dev 0 function 1 TI PCI4520 CardBus rev 0x01: irq 11
em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 11, 
address 00:0d:60:8e:fe:9e
ipw0 at pci2 dev 2 function 0 Intel PRO/Wireless 2100 rev 0x04: irq 11, 
address 00:0c:f1:32:c4:4c
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 6 device 0 cacheline 0x8, lattimer 0xb0
pcmcia1 at cardslot1
ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01: 24-bit timer 
at 3579545Hz
pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 
configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: HTS726060M9AT00
wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: TOSHIBA, DVD-ROM SD-R9012, 1121 SCSI0 5/cdrom 
removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 11
iic0 at ichiic0
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x01: irq 11, ICH4 
AC97
ac97: codec id 0x41445374 (Analog Devices 

Re: TRAP from? [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]

[Peter N. M. Hansteen]

Paul Pruett [EMAIL PROTECTED] writes:

 I wanted to let you know that any emails from
   [EMAIL PROTECTED]
   [EMAIL PROTECTED]
   [EMAIL PROTECTED]
 ARE likely exploited computers, for several weeks we have
 been avalanced by returns to those addresses significantly more
 than any others...

Oh, so they found your domain, then.  It may be a bit overwhelming
right now, but not to worry, spamd is your friend.

 In my situation, I beleive I can not use spamd greytrapping because
 legitimate email servers are sending DAEMON messages to us.

I beg to differ.  If they're bouncing spam back to you, it's because
they were about to deliver spam to their own users.  Besides, it's
only a matter of time, in my experience a few days at most, before
those addresses are incorporated in spammers' send to-addresses and
you can productively use them as greytraps.  If you really want all
the bounces to go away, give it a week before you put any given
address into the greytrap.

See http://bsdly.blogspot.com/2007/07/hey-spammer-heres-list-for-you.html
and followups for a tale of similar silliness which actually has a happy
ending (or at least a positive effect).  

Once an address makes it into the greytrap here, I publish it on a web
page, which of course gets slurped by robots regularly.

The list of fake addresses I've accumulated from backscatter now
counts 7210 unique ones, posted for the robots to slurp here:
http://www.bsdly.net/~peter/traplist.shtml, and it's extremely
effective.

 So unfortunately, others could not use these addresses for trapping
 either? If spamd could trap on the FROM address, I would
 recommend to all to add the three above addresses to your traps...

The reason greytrapping is such a splendid idea is that *you* are the
one who controls what addresses are actually deliverable in your
domain.  It's very simple, but it works.  Once you start depending on
somebody else's decisions, well, things are not that simple anymore
and your risk of false positives and valid mail lost rises.

 Also I posted the addresses on webengr.com to prove legit admin to
 webengr.com:  http://www.webengr.com/spam/

That is a useful first step.  The next step is to add those to your
greytrap.  Wait a while if you have to, but do add them.  There's no
end to the spam those addresses will be getting in a few days' time.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: OBSD on MacBook

[Nick Guenther]

On 11/6/07, Jason Dixon [EMAIL PROTECTED] wrote:
 On Sun, Nov 04, 2007 at 10:46:28PM +0800, Koh Choon Lin wrote:
  Hi everyone!
 
  Anyone has a success story on installing OBSD on MacBook or MB Pro?

 I finally got around to futzing with this after upgrading to 10.5 on my 
 MacBook
 Pro.  The last time I reinstalled OS 10.4, I created a 2nd partition of type
 FAT32 just in case I decided to try OpenBSD on this laptop.  The gist of the
 process is quite simple, assuming you have the extra partition available.  If
 not, use BootCamp.

 * Install rEFIt within OS X

You don't strictly need this, or BootCamp. rEFIt is just a bootloader
and some shell scripts to run bless
(http://www.hmug.org/man/8/bless.php) at the right times in the right
ways to make dualbooting between the two convenient. BootCamp is some
firmware updates (that you should already have) which make the
bootloader capable of booting arbitrary partitions, a GUI wrapper
around `diskutil resizeVolume` and some Windows drivers.

-Nick

Re: nfe0 issues

[Srebrenko Sehic]

On Nov 6, 2007 2:08 PM, Chris Harper [EMAIL PROTECTED] wrote:

 I recently installed 4.2 release on my evga 680i based motherboard ,
 which uses nfe(4) for the onboard gig NIC's.

 There seems to be an issue in the handling of the autodetection of
 media types and the speed it can run at when manual
 selection is set. So say for instance I set it manually to 100baseTX
 it will no longer function and does not send packets.
 If I then set it to 10baseT it will work fine, I have checked the
 network routers/cables and interfaces from a windows partition
 which detects a 100mbps link.

 I have notived that on the router it detects a 100mbps link before the
 kernel initiatesthe device during boot i.e before any mention of nfe
 on the screen.

Try using a gigabit switch. I remember having similar issues with
which were solved by switching to 1000baseTX.

Re: altroot is not mentioned in FAQ

[Woodchuck]

On Tue, 6 Nov 2007, Douglas A. Tutty wrote:

 While you're at it:  the install docs cover the absolute minimum to run
 a basic system (I think they describe it as a basic home system
 connected to the internet).  Could you include an example of the same
 thing but the minimum to be able to compile patches?  

Include the compXX file set during installation.

Install src.tar.gz after installation.

That's it.  (Add xenocara and ports if you like.)

Then you have a basic system connected to the internet and set up
for development and maintenance by AnonCVS of the source tree,
or for applying autonomous patches.

I will not relate the misery getting to this point on a certain
unnamed Linux distro, whose release tag rhymes with large.

 OpenBSD runs on old hardware.  Old hardware doesn't have 20 GB disks.
 At best, I may have a PII with an 8 GB drive with perhaps a second 1 GB
 drive.

Indeed.  

Here is a df from a bare, fresh 4.2 system, all install sets including X,
ports.tgz, and a (very) few smaller packages:   (this is an i386 system,
other architectures will have different sizes, but should be close).

[EMAIL PROTECTED] root 0:1]# df
Filesystem  1K-blocks  Used Avail Capacity  Mounted on
/dev/sd0a  510168 5731242734812%/
mfs:31119  506407 3481084 0%/tmp
/dev/sd0d 6190742   2123778   375742836%/usr

of the 2123778K in /usr, 1127960K is under /usr/src (including
xenocara source).

Total about 2.25GB, not counting swap.  Another 2 GB might be needed
to compile a complete system in one go. (make release).  Clever
use of NFS could be made.  (Mount /usr/src from NFS, have /usr/obj
local, for example).  You only need one /usr/src tree per LAN, and
it need not be on an OpenBSD host, just one capable of serving NFS.

An 8 GB disk would be quite ample, as has been my experience in the past,
and as you can conclude from the df output. 

If you wish to compile only patches (say openssl is patched, and
you wish to recompile only openssl's subtree of /usr/src), then a
4GB disk would suffice, including a half G or whatever for swap.

OpenBSD doesn't really eat disk until you start building lots of
packages from source, i.e. through the /usr/ports infrastructure.

Dave

Re: changing active slice at boot

[Woodchuck]

On Tue, 6 Nov 2007, Frans Haarman wrote:

 Just wondering...
 
 Has anyone ever thought of having 2 openbsd installations to boot from ?
 This way I could upgrade the installation on one slice/disk and boot from it!

slice is FreeBSD talk.  I assume you mean disk partition, the thing
manipulated by fdisk.

 
 Then if the kernel would crash/reboot the other slice would be used for 
 booting.
 
 So at boot time the active slice is changed, after booting its changed back
 if there are no troubles!
 
 
 Perhaps this is an ugly work around to most, but it might save my life when a
 system refuses to boot the active slice.. Most of this can be
 prevented with
 remote consoles or ILO stuff I guess!   What do you think ? FUD ? ;)

OpenBSD's boot loader won't do this... but GRUB and LiLO will.  But
we do not need to turn to the penguin for this.

A rescue floppy or any recent OpenBSD installation cd will do it,
too.  You choose that third option from upgrade, install, shell.
You get a shell, you then run fdisk to change the active partition, then
reboot.  Presto, change-oed.

If the bad partition just has a bad kernel, then you will have been
wise to have the bsd.rd kernel happily awaiting you, you can boot it
from the boot prompt, run fdisk, etc etc.  If you are having version
trouble recall that bsd.rd need not be the latest and greatest to
be used for rescue.

Dave
-- 
  You don't have to like businessmen to like capitalism.

Re: multipath routing with OpenBGPD

[Kai Mosebach]

We use this filters like this

match to $provider1Main   set metric low
match to $provider1Backup set metric middle
match to $provider2Main   set metric high

cheers Kai


On Sat, Nov 03, 2007 at 01:20:26PM +0100, Florian Fuessl wrote:

Hi Gregory,

we have multiple redundant FE upstream peerings to the same AS. So I guess
the best solution would be in our case to let the upstream provider assign
different community flags for packets passing each FE line which we can use
for outgoing route preference decisions.

Other ideas are welcome ;-)



Use the MED to balance the prefixes over the various links.
You can use communities or other filter rules to tip them.
This would also allow you to split the sessions to multiple machines.
If you have a larger network you could use ospfd and distribute a default
route from each bgp router. Then you get multiple outgoing pathes from
within ospfd.

Re: nfe0 issues

[Chris Harper]

Sorry about not including a dmesg output previously.

I will try a snapshot and report back on any progress.

OpenBSD 4.2 (GENERIC.MP) #252: Tue Aug 28 10:53:04 MDT 2007
   [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 3.01 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
real mem  = 2145923072 (2046MB)
avail mem = 2067329024 (1971MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/28/07, BIOS32 rev. 0 @
0xfa870, SMBIOS rev. 2.4 @ 0xf (38 entries)
bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 09/28/2007
bios0: EVGA 122-CK-NF68
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 3.0 @ 0xf/0xd144
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcfe0/352 (20 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 20 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 10 11
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xe000 0xd/0x4000! 0xd4000/0x1800
mainbus0: Intel MP Specification (Version 1.4)
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 333 MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 3.01 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type ISA
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 11, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 NVIDIA C55 Host rev 0xa2
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 2 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 3 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 4 not configured
NVIDIA C55 Memory rev 0xa2 at pci0 dev 0 function 5 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 6 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 7 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 0 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 2 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 3 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 4 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 5 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 6 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 0 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 2 not configured
ppb0 at pci0 dev 3 function 0 NVIDIA C55 PCIE rev 0xa1
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 vendor NVIDIA, unknown product 0x0290 rev 0xa1
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
NVIDIA MCP55 Memory rev 0xa1 at pci0 dev 9 function 0 not configured
pcib0 at pci0 dev 10 function 0 NVIDIA MCP55 ISA rev 0xa2
nviic0 at pci0 dev 10 function 1 NVIDIA MCP55 SMBus rev 0xa2
iic0 at nviic0
iic1 at nviic0
iic1: addr 0x20 01=97 09=ff 0e=0f 0f=0c 10=ff 11=ff 12=ff 13=ff
iic1: addr 0x23 01=f9 09=ff 0e=0f 0f=0c 10=ff 11=ff 12=ff 13=ff
iic1: addr 0x28 00=84 02=04 04=00 05=00 06=30 07=30 08=01 09=80 0a=01
0b=c0 0c=3c 0d=3c 0e=0a 0f=0a 10=84 12=50 13=00 14=00 15=01 16=01
17=3c 18=43 19=37 1a=00 1b=00 1f=cf 20=a1 21=ec 22=cd 23=cd 24=ae
25=c0 26=e4 27=bf 29=3f 2b=da 2c=00 2d=d5 2e=8a 2f=dc 30=41 31=30
32=46 33=1c 34=12 35=a1 36=b7 37=c2 38=b0 39=00 3a=7f 3b=5e 3c=ae
3d=76 3e=a2 40=01 41=fa 42=1f 46=07 47=d4 48=28 49=00 4a=40 4b=44
4c=18 4d=15 4e=00 4f=a3 52=00 56=00 57=00 58=c1 59=33 5c=00 5d=07
5e=04 5f=05 60=84 62=03 63=25 64=80 65=c0 66=3c 68=0a 6a=0a 80=84
82=04 84=00 85=00 86=30 87=30 88=01 89=80 8a=01 8b=c0 8c=3c 8d=3c
8e=0a 8f=0a 90=84 92=50 93=00 94=00 95=01 96=01 97=3c 98=43 99=37
9a=00 9b=00 9f=d7 a0=a1 a1=ec a2=cd a3=cd a4=ae a5=c0 a6=e4 a7=bf
a9=3e ab=da ac=00 ad=d5 ae=8a af=dc b0=41 b1=30 b2=46 b3=1c b4=12
b5=a1 b6=b7 b7=c2 b8=b0 b9=00 ba=7f bb=5e bc=ae bd=76 be=a2 c0=01
c1=fa c2=1f c6=07 c7=d4 c8=28 c9=00 ca=40 cb=44 cc=18 cd=15 ce=00
cf=a3 d2=00 d6=00 d7=00 d8=c1 d9=33 dc=00 dd=07 de=04 df=05 e0=84
e2=03 e3=25 e4=80 e5=c0 e6=3c e8=0a ea=0a
ohci0 at pci0 dev 11 function 0 NVIDIA MCP55 USB rev 0xa1: apic 4
int 10 (irq 10), version 1.0, legacy support
ehci0 at pci0 dev 11 function 1 NVIDIA MCP55 USB rev 0xa2: apic 4
int 11 (irq 11)
usb0 

Re: bgpd patch, WAS: bgpd causing black-holes with bgp-only setup

[Tony Sarendal]

New version. Less duplication and a nice feature as bonus.
With softreconfig in enabled the looped prefixes are accepted
into the Adj-RIB-In.

This means that I can tell if my neighbor AS is using
a path via myself. Either I'm tired or that is cool.

router-02# bgpctl show rib 192.168.0.0 
flags: * = Valid,  = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete

flags destination gateway  lpref   med aspath origin
*192.168.0.0/16  192.168.100.5  100 0 65100 i
* 192.168.0.0/16  172.17.1.1 100 0 65200 65100 i
* 192.168.0.0/16  172.17.1.5 100 0 65200 65200 65200 65200 
65100 i
router-02# 

I now kill the peering that 65200 has to 65100, removing their
direct path to 192.168.0.0/16.

router-02# bgpctl show rib 192.168.0.0 
flags: * = Valid,  = Selected, I = via IBGP, A = Announced
origin: i = IGP, e = EGP, ? = Incomplete

flags destination gateway  lpref   med aspath origin
*192.168.0.0/16  192.168.100.5  100 0 65100 i
router-02# 

Sweet, the looping issue is gone.
Here is the bonus:

router-02# bgpctl show rib neigh 172.17.1.5 in  | grep 65300
* 172.17.0.2/32   172.17.1.5 100 0 65200 65300 i
* 192.168.0.0/16  172.17.1.5 100 0 65200 65300 65100 i
* 192.168.100.4/30172.17.1.5 100 0 65200 65300 i
router-02# 

I now see the paths that the peer uses my network to access.
Note that this depends a bit on remote implementation.
I think this works agains a cisco router.

/Tony


Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.228
diff -u -r1.228 rde.c
--- rde.c   16 Sep 2007 15:20:50 -  1.228
+++ rde.c   6 Nov 2007 17:08:50 -
@@ -919,12 +919,6 @@
/* shift to NLRI information */
p += 2 + attrpath_len;
 
-   /* aspath needs to be loop free nota bene this is not a hard error */
-   if (peer-conf.ebgp  !aspath_loopfree(asp-aspath, conf-as)) {
-   error = 0;
-   goto done;
-   }
-
/* parse nlri prefix */
while (nlri_len  0) {
if ((pos = rde_update_get_prefix(p, nlri_len, prefix,
@@ -977,10 +971,18 @@
if (fasp == NULL)
fasp = asp;
 
-   rde_update_log(update, peer, fasp-nexthop-exit_nexthop,
-   prefix, prefixlen);
-   path_update(peer, fasp, prefix, prefixlen, F_LOCAL);
-
+   rde_update_log(update, peer,
+   fasp-nexthop-exit_nexthop,prefix,
+   prefixlen);
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp  !aspath_loopfree(asp-aspath,
+   conf-as))
+   prefix_remove(peer, prefix, prefixlen,
+   F_LOCAL);
+   else 
+   path_update(peer, fasp, prefix, prefixlen,
+   F_LOCAL);
+   
/* free modified aspath */
if (fasp != asp)
path_put(fasp);
@@ -1075,9 +1077,15 @@
 
rde_update_log(update, peer,
asp-nexthop-exit_nexthop,
-   prefix, prefixlen);
-   path_update(peer, fasp, prefix, prefixlen,
-   F_LOCAL);
+   prefix, prefixlen);
+   /* handle an update with loop as a withdraw */
+   if (peer-conf.ebgp 
+   !aspath_loopfree(asp-aspath,conf-as))
+   prefix_remove(peer, prefix,
+   prefixlen,F_LOCAL);
+   else 
+   path_update(peer, fasp, prefix,
+   prefixlen,F_LOCAL);
 
/* free modified aspath */
if (fasp != asp)
-- 
---
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
I couldn't help it, it's my nature =-

Re: altroot is not mentioned in FAQ [diff]

[Jan Stary]

Hi all,

this is a diff to faq4.html (the install faq) so that it mentions
/altroot for the installing user before he partitions his drive. Now,
the altroot feature is described in daily(8), which you only read when
you already have a system installed, your disk is already partitioned,
and typically you don't have the spare partition (of size at least that
of /) to use for /altroot.

The current partitioning example uses a 20G disk with a pre-existing
1.5G windows partition. In the diff I use a 80G disk with a pre-existing
6G windows partition. I believe these are more realistic numbers
nowadays (also, I don't have a 20G disk around :-). The 6G figure is
used to stay below 8G, which INSTALL.i386 mentions as possible BIOS
limit. I suppose the current example uses a 1.5G win partition to stay
below 2G (which might be a BIOS limit on even older hardware) - is it so?

Is using a larger disk in the example a problem? Using a 20G disk makes
the point of showing how usable the system is even on a small disk, but
20G disks don't really exist anymore.

Also, some disklabel messages and the output of disklabel's 'p' command
have changed (either that, or the current faq which shows sizes in
sectors as an output of 'p m' is mistaken).

Jan


PS: As this is a small diff, I edited (my copy of) faq4.html manually;
but if I was to write up something bigger - is there some script(1)-like
log of the whole installation, or can I create one? Drop into shell at
the very beginning, and run 'install' inside script(1), or pipe it
through tee, neither of which exists in bsd.rd? Or do something just
before halt-and-reboot? Thanks.


Index: faq4.html
===
RCS file: /cvs/www/faq/faq4.html,v
retrieving revision 1.254
diff -r1.254 faq4.html
773c773
   Disk: wd0   geometry: 2586/240/63 [39100320 Sectors]
---
   Disk: wd0   geometry: 9729/255/63 [156301488 Sectors]
778c778
   *0: 0B0   1  1 -  202 239 63 [  63: 3069297 ] Win95 FAT-32
---
   *0: 0B0   1  1 -  764 254 63 [  63:12289662 ] Win95 FAT-32
829c829
 Our drive here has a 1.5G partition for Windows 2000 (using the FAT 
---
 Our drive here has a 6G partition for Windows 2000 (using the FAT 
831c831
 that the Windows partition occupies through cylinder 202 on the drive.
---
 that the Windows partition occupies through cylinder 764 on the drive.
833,835c833,835
 at cylinder 203.  You could also calculate OpenBSD's starting sector of
 3069360 by adding the existing partition's starting sector (63) and its
 size (3069297).
---
 at cylinder 765.  You could also calculate OpenBSD's starting sector of
 12289662 by adding the existing partition's starting sector (63) and its
 size (12289662).
854,855c854,855
   BIOS Starting cylinder [0 - 2585]: [0] b203/b
   BIOS Starting head [0 - 239]: [0] biEnter/i/b
---
   BIOS Starting cylinder [0 - 9728]: [0] b765/b
   BIOS Starting head [0 - 254]: [0] biEnter/i/b
857,858c857,858
   BIOS Ending cylinder [0 - 2585]: [0] b2585/b
   BIOS Ending head [0 - 239]: [0] b239/b
---
   BIOS Ending cylinder [0 - 9728]: [0] b9728/b
   BIOS Ending head [0 - 254]: [0] b254/b
861c861
   Disk: wd0   geometry: 2586/240/63 [39100320 Sectors]
---
   Disk: wd0   geometry: 9729/255/63 [156301488 Sectors]
864c864
#: idC   H  S -C   H  S [   start:  size   ]
---
#: idC   H  S -C   H  S [   start:size ]
866,867c866,867
   *0: 0B0   1  1 -  202 239 63 [  63: 3069297 ] Win95 FAT-32
1: A6  203   0  1 - 2585 239 63 [ 3069360:36030960 ] OpenBSD
---
   *0: 0B0   1  1 -  764 254 63 [  63:12289662 ] Win95 FAT-32
1: A6  765   0  1 - 9728 254 63 [12289725:   144006660 ] OpenBSD
871c871
   Disk: wd0   geometry: 2586/240/63 [19092 Megabytes]
---
   Disk: wd0   geometry: 9729/255/63 [76319 Megabytes]
874c874
#: idC   H  S -C   H  S [   start:  size   ]
---
#: idC   H  S -C   H  S [   start:   size ]
876,879c876,879
   *0: 0B0   1  1 -  202 239 63 [  63:1499M] Win95 FAT-32
1: A6  203   0  1 - 2585 239 63 [ 3069360:   17593M] OpenBSD
2: 000   0  0 -0   0  0 [   0:   0M] unused
3: 000   0  0 -0   0  0 [   0:   0M] unused
---
   *0: 0B0   1  1 -  764 254 63 [  63:   6001M] Win95 FAT-32
1: A6  765   0  1 - 9728 254 63 [12289725:  70316M] OpenBSD
2: 000   0  0 -0   0  0 [   0:  0M] unused
3: 000   0  0 -0   0  0 [   0:  0M] unused
912c912
   Disk: wd0   geometry: 2586/240/63 [39100320 Sectors]
---
   Disk: wd0   geometry: 9729/255/63 [156301488 Sectors]
915c915
#: idC   H  S -C   H  S [   start:  size   ]
---
#: idC   H  S -C   H  S [   start:size ]
917,918c917,918
0: 0B0   1  1 -  202 239 63 [  63: 

Re: misc rejects because of sender verify

[Jan Stary]

 * Karel Kulhavy [EMAIL PROTECTED] [2007-11-06 05:09:29]:
  
  If I configure my exim on my laptop according to what's written in
  the comments, I cannot send e-mail to [EMAIL PROTECTED]
  
  The comment says that primary_hostname should be your host's canonical name
  [...] the fully qualified official name of your host. Well my laptop is
  called kestrel and my domain is twibright.com. So I put
  kestrel.twibright.com there.
  
  But misc@openbsd.org says rejected since sender verify failed.

Please quote the entire error message exactly.

  The from header is set to [EMAIL PROTECTED],
  the from: header to   [EMAIL PROTECTED]

  No wonder it failed. My laptop doesn't have any externally valid IP address

Then don't send mail form it directly.

  so I didn't make any DNS record for it. misc apparently tries to lookup
  kestrel.twibright.com and fails.

My mailserver does this too. If either the SMTP client's hostname or the
HELO hostname cannot be resolved back and/or forth, the mail is rejected.
This catches about 90% of the hundreds of spam I get every day.

  So I tried to put twibright.com there

Where there?

  but now I cannot send post to my
  brother [EMAIL PROTECTED] Now exim thinks [EMAIL PROTECTED] is for
  him (even if local_comains are set just to @ : localhost) and says
  unknown user. -t mx for twibright.com is twin.jikos.cz.

That's your exim's problem. Configure it properly.

 Or should I put some random bullshit like 195.195.195.195 into the
 kestrel.twibright.com so that misc@ is satisfied?

It would be my guess that misc@ is clever enough to also check if the reverse
DNS record points back to kestrel.twibright.com

  Is there a RFC saying that the from header after stripping the
  @ and before must succeed in DNS lookup?

I don't know whether there is an RFC saying mailservers must/should do 
this check, but they definitely do that (mine does, too) to fight spam.

  Do I violate any RFC if I put random garbage into DNS
  to satisfy paranoid hosts like [EMAIL PROTECTED]

Do I violate any RFC if I suggest you are out of your tiny little mind?

  All these anti-spam policies... They just make it almost impossible for
  normal people to send e-mail reliably, while they have no visible effect
  on the spam tsunami... I still get hundreds of spams daily. They turn the
  MTA configuration task from a fifteen puzzle into a sixteen puzzle.

If you want to send mail to a public mailing list, do it from a machine
whose name the mailserver can resolve back and forth, or make such
machine relay for you. Your ISP definitely does provide this service.

Jan

Re: Regenerating damaged /etc

[Jan Stary]

On Nov 06 04:17:46, Karel Kulhavy wrote:
 During upgrading between 4.1 and 4.2 I accidentally typed rm -rf /etc instead
 of rm -rf etc in the /tmp directory.
 
 After fixing couple of vital things I continued normally with the upgrade,
 unpacking the etc42.tgz and xetc42.tgz and reinstalling couple of programs
 so that their /etc/ files are regenerated. I also did the post-installation
 stuff from the Installing 4.2 chapters.
 
 I got an idea that I could run the install process and somehow skip the 
 initial
 part but it always told me it's going to destroy all data on the disk and then
 I said no and it returned into the shell.
 
 Is there some way how I can re-generate the missing /etc files? I guess the
 permissions matter for security and some files are probably machine generated.

Just untar the etx42.tgz again:

# cd /
# tar xzpf etc42.tgz


Jan

Re: nfe0 issues

[Chris Harper]

OpenBSD 4.2 (GENERIC.MP) #252: Tue Aug 28 10:53:04 MDT 2007
   [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 3.01 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
real mem  = 2145923072 (2046MB)
avail mem = 2067329024 (1971MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/28/07, BIOS32 rev. 0 @
0xfa870, SMBIOS rev. 2.4 @ 0xf (38 entries)
bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 09/28/2007
bios0: EVGA 122-CK-NF68
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 3.0 @ 0xf/0xd144
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcfe0/352 (20 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 20 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 10 11
pcibios0: no compatible PCI ICU found
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #2 is the last bus
bios0: ROM list: 0xc/0xe000 0xd/0x4000! 0xd4000/0x1800
mainbus0: Intel MP Specification (Version 1.4)
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 333 MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz (GenuineIntel 686-class) 3.01 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16,xTPR
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type ISA
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 11, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 NVIDIA C55 Host rev 0xa2
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 2 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 3 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 4 not configured
NVIDIA C55 Memory rev 0xa2 at pci0 dev 0 function 5 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 6 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 0 function 7 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 0 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 2 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 3 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 4 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 5 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 1 function 6 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 0 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 1 not configured
NVIDIA C55 Memory rev 0xa1 at pci0 dev 2 function 2 not configured
ppb0 at pci0 dev 3 function 0 NVIDIA C55 PCIE rev 0xa1
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 vendor NVIDIA, unknown product 0x0290 rev 0xa1
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
NVIDIA MCP55 Memory rev 0xa1 at pci0 dev 9 function 0 not configured
pcib0 at pci0 dev 10 function 0 NVIDIA MCP55 ISA rev 0xa2
nviic0 at pci0 dev 10 function 1 NVIDIA MCP55 SMBus rev 0xa2
iic0 at nviic0
iic1 at nviic0
iic1: addr 0x20 01=97 09=ff 0e=0f 0f=0c 10=ff 11=ff 12=ff 13=ff
iic1: addr 0x23 01=f9 09=ff 0e=0f 0f=0c 10=ff 11=ff 12=ff 13=ff
iic1: addr 0x28 00=84 02=04 04=00 05=00 06=30 07=30 08=01 09=80 0a=01
0b=c0 0c=3c 0d=3c 0e=0a 0f=0a 10=84 12=50 13=00 14=00 15=01 16=01
17=3c 18=43 19=37 1a=00 1b=00 1f=cf 20=a1 21=ec 22=cd 23=cd 24=ae
25=c0 26=e4 27=bf 29=3f 2b=da 2c=00 2d=d5 2e=8a 2f=dc 30=41 31=30
32=46 33=1c 34=12 35=a1 36=b7 37=c2 38=b0 39=00 3a=7f 3b=5e 3c=ae
3d=76 3e=a2 40=01 41=fa 42=1f 46=07 47=d4 48=28 49=00 4a=40 4b=44
4c=18 4d=15 4e=00 4f=a3 52=00 56=00 57=00 58=c1 59=33 5c=00 5d=07
5e=04 5f=05 60=84 62=03 63=25 64=80 65=c0 66=3c 68=0a 6a=0a 80=84
82=04 84=00 85=00 86=30 87=30 88=01 89=80 8a=01 8b=c0 8c=3c 8d=3c
8e=0a 8f=0a 90=84 92=50 93=00 94=00 95=01 96=01 97=3c 98=43 99=37
9a=00 9b=00 9f=d7 a0=a1 a1=ec a2=cd a3=cd a4=ae a5=c0 a6=e4 a7=bf
a9=3e ab=da ac=00 ad=d5 ae=8a af=dc b0=41 b1=30 b2=46 b3=1c b4=12
b5=a1 b6=b7 b7=c2 b8=b0 b9=00 ba=7f bb=5e bc=ae bd=76 be=a2 c0=01
c1=fa c2=1f c6=07 c7=d4 c8=28 c9=00 ca=40 cb=44 cc=18 cd=15 ce=00
cf=a3 d2=00 d6=00 d7=00 d8=c1 d9=33 dc=00 dd=07 de=04 df=05 e0=84
e2=03 e3=25 e4=80 e5=c0 e6=3c e8=0a ea=0a
ohci0 at pci0 dev 11 function 0 NVIDIA MCP55 USB rev 0xa1: apic 4
int 10 (irq 10), version 1.0, legacy support
ehci0 at pci0 dev 11 function 1 NVIDIA MCP55 USB rev 0xa2: apic 4
int 11 (irq 11)
usb0 at ehci0: USB revision 2.0
uhub0 at usb0: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1
pciide0 at pci0 dev 13 

Re: OBSD on MacBook

[Karl Sjodahl - dunceor]

On Nov 6, 2007 4:25 PM, Nick Guenther [EMAIL PROTECTED] wrote:
 On 11/6/07, Karl Sjodahl - dunceor [EMAIL PROTECTED] wrote:
 
  I single boot my macbook and then you just install it as you would on
  a normal laptop. Just say yes that you will use whole hd for OpenBSD
  and then you are set. No special magic.
 
  I use OpenBSD on my macbook daily and it works great. No dmesg here
  because I'm at work...
 

 MacBook or MacBook Pro?

MacBook.

CARP + preempt=1 + advskew=0 results in packet loss?

[Olaf Barthel]

I have a problem with significant packet loss rates whenever more than
one machine using CARP is active. Here is some information on what I did
so far:


I migrated an older (OpenBSD 3.8) firewall installation to OpenBSD 4.1
the other week and in the process upgraded it to use CARP, with two
machines providing for failover security.

While upgrading the firewall configuration worked out nicely after a bit
of work, I was surprised to find that the moment I enabled CARP
preemption on both machines last weekend, I suddenly had to put up with
packet loss at a rate of between 5-25%. This I hadn't seen on the old
firewall before.

I checked that the packets were not simply getting dropped due to
filtering rules, that the packet filter was not running out of memory,
that there was no interrupt flooding, no significant IP packet
corruption and no CPU load issues. The setup was OK, as far as I could
tell. Except for the missing packets.

Then I hit upon the idea to add a third machine to the CARP pool, with
different Ethernet hardware, more memory, a different CPU, and OpenBSD
4.2, just to see if it made a difference. It did make a difference,
since the packet loss rate increased (at some point, I was getting a
packet loss rate of more than 80%).

Eventually, I switched off two of the OpenBSD machines, leaving just one
 tending to the traffic. Strangely, the packet loss rate dropped to
about 0% the moment it became master on both its CARP interfaces.

All three machines would use the same CARP interface option of advskew=0
which I had assumed was safe to use, since the three would end up
electing a master quickly enough. Apparently, I was wrong to make that
assumption.


My question is: is it generally unsafe to use CARP preemption without
choosing different advskew values for each machine? Any advice would be
appreciated. Thank you!

Re: OBSD on MacBook

[Nick Guenther]

On 11/6/07, Karl Sjodahl - dunceor [EMAIL PROTECTED] wrote:
 On Nov 6, 2007 4:25 PM, Nick Guenther [EMAIL PROTECTED] wrote:
 
  MacBook or MacBook Pro?
 
 MacBook.

How did you install it? My problem is that the internal keyboard
doesn't work, and no external keyboard I've yet tried seems to work at
installtime.

/altroot could be recognized as a special partition

[Jan Stary]

Hi all,

as everybody knows, some partitions are special: 'a' holds the root
partition, 'b' contains the swap, 'c' is the entire disk.

During an install, their speciality is honored:
the-part-of-install-which-writes-fstab doesn't
e.g. write the swap partition into the fstab,
and ignores the c 'partition'.

It would be nice if it also treated the /altroot partition
specially; namely, if it got written into fstab as

/dev/wd0X /altroot ffs xx 0 0

which is what daily(8) wants it to be for ROOTBACKUP to work.

Jan

Gnome 2.18 bytecode renderer enabled, but still ugly aliased fonts

[Soner Tari]

I am running Gnome 2.18 on 4.2-release. Thanks again to all those who
worked on this port. It's quite stable and functional.

I want to use Tahoma as my ui font, and have disabled anti-aliasing
using gnome-font-properties. Also, I have undef'd
TT_CONFIG_OPTION_NO_INTERPRETER (thus enabled bytecode renderer) by
removing the relevant patch from freetype-1.3.1 patches directory, which
disables it. Make installed freetype.

But Tahoma (and other similar fonts) still looks ugly. Do I need to do
anything else? Could somebody help?

Re: altroot is not mentioned in FAQ [diff]

[ropers]

On 06/11/2007, Jan Stary [EMAIL PROTECTED] wrote:

 Is using a larger disk in the example a problem? Using a 20G disk makes
 the point of showing how usable the system is even on a small disk, but
 20G disks don't really exist anymore.

shouting
O RLY?
/shouting

I always thought my 20 Gig HDD was the largest of my eight drives.
Are you saying it's Schroedinger's hard drive?

What about the others?
My 200 MB would like to have a little word with you, and it doesn't
look like it's particularly amused.

Also, let's remember that old computers NEVER end up in the so-called
developing world. People there would NEVER use old computers, right?
Let them buy new ones! Oh, and let them eat cake, too.

Re: Gnome 2.18 bytecode renderer enabled, but still ugly aliased fonts

[Jonathan Schleifer]

-BEGIN PGP SIGNED MESSAGE-

Hash: RIPEMD160



Soner Tari [EMAIL PROTECTED] wrote:



 But Tahoma (and other similar fonts) still looks ugly. Do I need to do

 anything else? Could somebody help?



Disable the autohinter.



- -- 

Jonathan

-BEGIN PGP SIGNATURE-



iQGVAwUBRzC8sUab4FbSWhEgAQOx7wv/YEkNMsvtge4GzfwDyR9inQIPUtpQKIp/

qcg6zyqvTLGF/kRgs8vodcjwhxrh5OpHz/o0c1cIB2wFdd2xlRAqfn95T0REISlZ

ckii9EeAR1aH+kTyLtao7lAj77MWk7RUzruPoZlYMrmyO1/ZTg9VcZmlBsOgEMaa

VQ0n5E2jzqEZrcZBnmHUAYfgZcqWXf9UsmRsHfXcoeBBblmp6h/QI6ehNyTJqlDk

LyZUhkL9Y8u1OfRlQXJj2OEiypGli2ISP+rQKHiqC6SlWhk9DK3iia4nOv+ob05n

i/ybUv1JcYoFKyrinddgoHPXZG+5ee88Y4XZyJXvzXRHTGRss7XwKRdIq7h83npW

jxytBthyOb3fQkkWNvB38+AR7FUYqdpPz4YMWvsYUaH9nNS2V/7VkkK30LeW7/I2

h86rctVMZfKrNNt0SzheoCQT8HiLxlp5ej2T31tM2g+S2ANB8aOQ8pXWWJCCQpsm

si0NEp9ys46HH/E7Hz6jtX7p5VXU5V2D

=8xU0

-END PGP SIGNATURE-

Re: altroot is not mentioned in FAQ [diff]

[ropers]

On 06/11/2007, Jan Stary [EMAIL PROTECTED] wrote:

 PS: As this is a small diff, I edited (my copy of) faq4.html manually;
 but if I was to write up something bigger - is there some script(1)-like
 log of the whole installation, or can I create one? Drop into shell at
 the very beginning, and run 'install' inside script(1), or pipe it
 through tee, neither of which exists in bsd.rd? Or do something just
 before halt-and-reboot? Thanks.

I would try to use a serial console, but that's just me.

Re: altroot is not mentioned in FAQ [diff]

[Marcus Andree]

snip

  20G disks don't really exist anymore.

 shouting
O RLY?
 /shouting

 I always thought my 20 Gig HDD was the largest of my eight drives.
 Are you saying it's Schroedinger's hard drive?

 What about the others?
 My 200 MB would like to have a little word with you, and it doesn't
 look like it's particularly amused.


H /me thinks time has arrived to get my old Apple ][c from the
locker and start an Apple2BSD Project... Let's see what
can be done with 128kb of RAM, 8-bit 6502 processor and no HDD.

 Also, let's remember that old computers NEVER end up in the so-called
 developing world. People there would NEVER use old computers, right?

/me lives in the so-called developing world. Never knew anyone
who have bought an old computer from the so called 1st world
and set up a desktop machine or even a production server...

People here who are crazy enough to install OpenBSD on a
very, very old computer are more perfectly able to do this talk...
Otherwise, they would have upgraded their Win9X to WinXP
by financing a new system.

 Let them buy new ones! Oh, and let them eat cake, too.


That's great!!! I love cakes!

Re: TRAP from? [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]

[Paul Pruett]

From: Peter N. M. Hansteen [EMAIL PROTECTED]
Oh, so they found your domain, then.  It may be a bit overwhelming
right now, but not to worry, spamd is your friend.
.the bounces to go away, give it a week before you put any given
address into the greytrap.



No this is not new and yes I have domains from all the way
back to NSF days, what was 
curious is that it is no longer dictionary
spamming, it is just backscatter from only 3 emails on the domain used 
over and over and its taking about 6-24KB on three each secondary MX 
servers to REJECT legit servers, after spamd w/ grey on.   Yea, I can live 
with it, but it is not a one week thing, its been several weeks and the

pattern was different.  Almost all the servers are legitimate
and yes they should not DAEMON reply to the fake FROM,
but they are... IN a real world I can not blacklist earthlink, att, aol,
yahoo rr.com and so on.  So as I understand spamd, I have to either 
for filtering by the FROM, I have to DISCARD or REJECT at the sendmail 
level, not firewall to spamd grey :(


I have other mail servers that are not an MX for webengr.com
and I can use sendmail rules and maybe relaydb or some after
the firewall method to capture the IP of the mail relay...,
but Id rather have spamd capture the IP trapping with ghe FROM,
spamd is more efficient.

So this thread could be more a discussion on features of spamd and grey.

Do others think it would be feasible and a good feature if spamd could 
trap by the From in addition to trapping by the To ???

?

Can't get OpenVPN working

[Timo Myyrä]

Hey, I would appreciate if somebody could help me setup OpenVPN connection.

Here's the setup:

Server:  192.168.1.1
Soekris: sis0: 192.168.1.35: PXE boots from server
 sis1: Internet: gets dynamic IP from ISP
 sis2: 10.1.1.1: DHCP-server and gateway to LAN
 ral0: 172.16.1.1: Wlan interface to be used with OpenVPN
Desktop  nfe0: 10.1.1.10
Laptop   wpi0: 172.16.1.10

Deskop works nicely with soekris.

My client is my OpenBSD laptop.
I followed the instructions at: http://www.linux.com/articles/49990
I changed the IP's on the server and client configs.
The config uses server-bridge 172.16.1.1 255.255.255.0 172.16.1.100
172.16.1.120

I authenticated the laptop via SSH and then run and openvpn and it gave
the following:

Tue Nov  6 20:18:54 2007 OpenVPN 2.0.9 x86_64-unknown-openbsd4.2 [SSL]
[LZO] built on Aug 20 2007
Tue Nov  6 20:18:54 2007 IMPORTANT: OpenVPN's default port number is now
1194, based on an official port number assignment by IANA.  OpenVPN
2.0-beta16 and earlier used 5000 as the default port.
Tue Nov  6 20:18:54 2007 Control Channel Authentication: using
'/etc/openvpn/keys/ta.key' as a OpenVPN static key file
Tue Nov  6 20:18:54 2007 Outgoing Control Channel Authentication: Using
160 bit message hash 'SHA1' for HMAC authentication
Tue Nov  6 20:18:54 2007 Incoming Control Channel Authentication: Using
160 bit message hash 'SHA1' for HMAC authentication
Tue Nov  6 20:18:54 2007 Control Channel MTU parms [ L:1541 D:166 EF:66
EB:0 ET:0 EL:0 ]
Tue Nov  6 20:18:54 2007 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4
ET:0 EL:0 ]
Tue Nov  6 20:18:54 2007 Local Options hash (VER=V4): '70f5b3af'
Tue Nov  6 20:18:54 2007 Expected Remote Options hash (VER=V4): 'a2e2498c'
Tue Nov  6 20:18:54 2007 NOTE: chroot will be delayed because of --client,
--pull, or --up-delay
Tue Nov  6 20:18:54 2007 NOTE: UID/GID downgrade will be delayed because
of --client, --pull, or --up-delay
Tue Nov  6 20:18:54 2007 UDPv4 link local: [undef]
Tue Nov  6 20:18:54 2007 UDPv4 link remote: 172.16.1.1:1194
Tue Nov  6 20:18:54 2007 TLS: Initial packet from 172.16.1.1:1194,
sid=c32cfb6f 891c696c
Tue Nov  6 20:18:54 2007 VERIFY OK: depth=1,
/C=FI/ST=Etela-Karjala/L=Lappeenranta/O=OpenVPN-TEST/CN=WickedBSD/emailAddres
[EMAIL PROTECTED]
Tue Nov  6 20:18:54 2007 VERIFY OK: nsCertType=SERVER
Tue Nov  6 20:18:54 2007 VERIFY OK: depth=0,
/C=FI/ST=Etela-Karjala/O=OpenVPN-TEST/CN=WickedBSD/[EMAIL PROTECTED]
kedbsd.no-ip.com
Tue Nov  6 20:18:55 2007 WARNING: 'dev-type' is used inconsistently,
local='dev-type tun', remote='dev-type tap'
Tue Nov  6 20:18:55 2007 WARNING: 'link-mtu' is used inconsistently,
local='link-mtu 1541', remote='link-mtu 1573'
Tue Nov  6 20:18:55 2007 WARNING: 'tun-mtu' is used inconsistently,
local='tun-mtu 1500', remote='tun-mtu 1532'
Tue Nov  6 20:18:55 2007 Data Channel Encrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Nov  6 20:18:55 2007 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Nov  6 20:18:55 2007 Data Channel Decrypt: Cipher 'BF-CBC' initialized
with 128 bit key
Tue Nov  6 20:18:55 2007 Data Channel Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
Tue Nov  6 20:18:55 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3
DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Nov  6 20:18:55 2007 [WickedBSD] Peer Connection Initiated with
172.16.1.1:1194
Tue Nov  6 20:18:56 2007 SENT CONTROL [WickedBSD]: 'PUSH_REQUEST'
(status=1)
Tue Nov  6 20:18:56 2007 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway local def1,route-gateway 172.16.1.1,ping
10,ping-restart 120,ifconfig 172.16.1.100 255.255.255.0'
Tue Nov  6 20:18:56 2007 OPTIONS IMPORT: timers and/or timeouts modified
Tue Nov  6 20:18:56 2007 OPTIONS IMPORT: --ifconfig/up options modified
Tue Nov  6 20:18:56 2007 OPTIONS IMPORT: route options modified
Tue Nov  6 20:18:56 2007 WARNING: Since you are using --dev tun, the
second argument to --ifconfig must be an IP address.  You are using
something (255.255.255.0) that looks more like a netmask. (silence this
warning with --ifconfig-nowarn)
Tue Nov  6 20:18:56 2007 WARNING: potential conflict between --remote
address [172.16.1.1] and --ifconfig address pair [172.16.1.100,
255.255.255.0] -- this is a warning only that is triggered when
local/remote addresses exist within the same /24 subnet as --ifconfig
endpoints. (silence this warning with --ifconfig-nowarn)
Tue Nov  6 20:18:56 2007 /sbin/ifconfig tun0 destroy
Tue Nov  6 20:18:56 2007 /sbin/ifconfig tun0 create
Tue Nov  6 20:18:56 2007 NOTE: Tried to delete pre-existing tun/tap
instance -- No Problem if failure
Tue Nov  6 20:18:56 2007 /sbin/ifconfig tun0 172.16.1.100 255.255.255.0
mtu 1500 netmask 255.255.255.255 up
Tue Nov  6 20:18:56 2007 TUN/TAP device /dev/tun0 opened
Tue Nov  6 20:18:56 2007 NOTE: unable to redirect default gateway --
Cannot read current default gateway from system
Tue Nov  6 20:18:56 2007 chroot to '/var/empty' and cd to '/' succeeded
Tue Nov  6 20:18:56 

Re: TRAP from? [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]

[Peter N. M. Hansteen]

Paul Pruett [EMAIL PROTECTED] writes:

 but they are... IN a real world I can not blacklist earthlink, att, aol,
 yahoo rr.com and so on.  So as I understand spamd, I have to either
 for filtering by the FROM, I have to DISCARD or REJECT at the sendmail
 level, not firewall to spamd grey :(

Well, if there are hosts or entire networks you can't risk subjecting
to what spamd does, you can whitelist them.  The combination of spamd
and your pf rule set offers several ways to do that.

 So this thread could be more a discussion on features of spamd and grey.

 Do others think it would be feasible and a good feature if spamd could
 trap by the From in addition to trapping by the To ???

From discussions here not all that long ago, I think the answer would
be that sure, you could build a tool to do just that, but spamd is
likely to stay rougly as simple as it is today. 

That is, unless you are able to convince the spamd developers
otherwise.  

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Gnome 2.18 bytecode renderer enabled, but still ugly aliased fonts

[Soner Tari]

On Tue, 2007-11-06 at 20:12 +0100, Jonathan Schleifer wrote:
  But Tahoma (and other similar fonts) still looks ugly. Do I need to
 do
  anything else? Could somebody help?
 
 Disable the autohinter.

Thanks Jonathan, that was it. (For the record, I've disabled autohinter
in its conf file under /etc/fonts/conf.d)

Re: how to create cdrom42.fs?

[ropers]

On 06/11/2007, 23号 [EMAIL PROTECTED] wrote:
 Hi,
   anything script?

 --
 Best Regards,
 No.23

http://marc.info/?t=11939458983r=1w=2

4.2 upgrade make build fails

[Vazquez, Ed]

Cookbooked the procedure from openbsd.org/faq/upgrade42.html.



'rm -Rf' for /usr/src/* /usr/obj/*



Downloaded all .tgz files from the 4.2/amd64 folder on ftp.openbsd.org



Ran the 'tar -C / -xzphf' command on everything except etc42.tgz as directed.



Installed the bsd.mp kernel.  Updated /etc by extracting to /tmp and merging 
the files manually as recommended.



Rebooted and CVS'd the 4.2 stable branch with 'cvs -q get -r OPENBSD_4_2 -P 
src'.



Made the objects links and started the 'make build'



I get the following build crash:



PATH=/bin:/usr/bin:/sbin:/usr/sbin  INSTALL_PROGRAM=install -c -s  CC=cc 
CXX=c++ CFLAGS=-O2 '-pipe'CXXFLAGS=-O2 '-pipe'/bin/sh 
/usr/src/gnu/lib/libstdc++/libstdc++/configure  --prefix=/usr  --disable-nls  
--enable-shared  --disable-multilib  --with-gnu-ld  
--with-gxx-include-dir=/usr/include/g++   touch config.status

creating cache ./config.cache

checking host system type... x86_64-unknown-openbsd4.2

checking target system type... x86_64-unknown-openbsd4.2

checking build system type... x86_64-unknown-openbsd4.2

checking for Cygwin environment... no

checking for mingw32 environment... no

checking for gawk... no

checking for mawk... no

checking for nawk... nawk

checking whether ln -s works... yes

checking for gcc... cc

checking whether we are using GNU C... yes

checking whether cc accepts -g... yes

checking for c++... c++

checking whether we are using GNU C++... yes

checking whether c++ accepts -g... yes

checking for GCC version number... 3.3.5

checking for strerror in -lcposix... no

checking for as... as

checking for ar... ar

checking for ranlib... ranlib

checking for a BSD compatible install... /usr/bin/install -c

checking whether to enable maintainer-specific portions of Makefiles... no

CPU config directory is cpu/i486

OS config directory is os/bsd/openbsd

checking whether build environment is sane... yes

checking whether make sets ${MAKE}... yes

checking for working aclocal... missing

checking for working autoconf... missing

checking for working automake... missing

checking for working autoheader... missing

checking for working makeinfo... found

checking for ld used by GCC... /usr/bin/ld

checking if the linker (/usr/bin/ld) is GNU ld... yes

checking for /usr/bin/ld option to reload object files... -r

checking for BSD-compatible nm... /usr/bin/nm -B

checking how to recognise dependant libraries... unknown

checking for object suffix... configure: error: installation or configuration 
problem; compiler does not work

*** Error code 1



Stop in /usr/src/gnu/lib/libstdc++ (line 59 of 
/usr/src/gnu/lib/libstdc++/Makefile.bsd-wrapper).

*** Error code 1



Stop in /usr/src/include (line 82 of Makefile).

*** Error code 1



Stop in /usr/src (line 73 of Makefile).



I know I had to have missed something, I'm just not sure what...



Thanks.

Re: Clamav

[Daniel Ouellet]

Juan Miscaro wrote:

You recommend a production server to be running -current?

Poll: who here is doing that?


I do. Actually started about a year and half ago or so. Not every 
servers, but most and I see no reason not to if you fell OK with OpenBSD 
at large. The real reason is I find it easier and faster to patch them 
using snapshot instead of getting the source and compile, etc, specially 
when the Kernel is involve.


But do as you fell comfortable with.

Current have achieve a quality of code in the last few years for sure 
that makes it suitable for production level no problem. It's more up to 
you to make sure you follow the changes that may need to be done at time 
to do this and where there is a flag day, I simply wipe out the box, and 
most of the time I do that anyway. It kind of force you to keep your 
documentations up to date and then doing an install with all that you 
need is getting pretty fast as you do it more often.


Best,

Daniel

Re: OBSD on MacBook

[Karl Sjodahl - dunceor]

On Nov 6, 2007 7:43 PM, Nick Guenther [EMAIL PROTECTED] wrote:
 On 11/6/07, Karl Sjodahl - dunceor [EMAIL PROTECTED] wrote:
  On Nov 6, 2007 4:25 PM, Nick Guenther [EMAIL PROTECTED] wrote:
  
   MacBook or MacBook Pro?
  
  MacBook.

 How did you install it? My problem is that the internal keyboard
 doesn't work, and no external keyboard I've yet tried seems to work at
 installtime.


I used an external USB keyboard.  The internal keyboard should work
though if you enable acpi and disable apm (not sure if disable of apm
is necassary). But if you have problems with that just use the
external USB keyboard. I have some cheap USB keyboard I picked up just
to install my Macbook. Just work with pretty much any USB keyboard.

BR
dunceor

Re: Regenerating damaged /etc

[Hugo Villeneuve]

On Tue, Nov 06, 2007 at 04:17:46AM -0700, Karel Kulhavy wrote:
 During upgrading between 4.1 and 4.2 I accidentally typed rm -rf /etc instead
 of rm -rf etc in the /tmp directory.
 
 After fixing couple of vital things I continued normally with the upgrade,
 unpacking the etc42.tgz and xetc42.tgz and reinstalling couple of programs
 so that their /etc/ files are regenerated. I also did the post-installation
 stuff from the Installing 4.2 chapters.
 
 I got an idea that I could run the install process and somehow skip the 
 initial
 part but it always told me it's going to destroy all data on the disk and then
 I said no and it returned into the shell.
 
 Is there some way how I can re-generate the missing /etc files? I guess the
 permissions matter for security and some files are probably machine generated.
 
 I don't see any problem at the moment but maybe it's just like a time bomb
 there?
 
 CL

Beside what other have said, I'll add:

The daily security script keeps backup of most files in /etc in
/var/backups. If it haven't been more than a day, you can recover
a lot.

The install scripts mostly creates
/etc/{myname,mygate,hostname.*,hosts,fstab}, modify /etc/sysctl.conf.
There might be more but I forgot right now.



-- 
Hugo Villeneuve [EMAIL PROTECTED]
http://EINTR.net/ 

Re: how to create cdrom42.fs?

[Soner Tari]

On Tue, 2007-11-06 at 23:06 +0100, ropers wrote:
 On 06/11/2007, 23e7 [EMAIL PROTECTED] wrote:
  Hi,
anything script?
 
  --
  Best Regards,
  No.23
 
 http://marc.info/?t=11939458983r=1w=2

I guess that's not what the OP was asking for. However, there is a
cdrom42.fs in cdemu42.iso for i386. But I also need the one for amd64,
so I am looking for ways to create it myself too.

Re: What's wrong with httpd-1.3.x and suexec?

[Chris Cappuccio]

suexec is supported out of the box
just chmod u+s /usr/sbin/suexec, set User and Group attributes under
your VirtualHost containers, and you're done.

Bibby [EMAIL PROTECTED] wrote:
 Hi, all.
 
 I want to recompile httpd-1.3.x(shipped in base system) to support suexec,
 i followed this unofficial doc:
 http://www.openbsdsupport.org/ApacheSuexecChroot.html#recompilesuexec
 
 It works fine in 4.1 -release, but in 4.2 -release, i can't find the log
 file(with option
 --suexec-logfile=/logs/suexec_log or
 -suexec-logfile=/var/www/logs/suexec_log).
 
 I got this error message:
 ---
 failed to open log file
 fopen: No such file or directory
 [Wed Nov  7 00:32:12 2007] [error] [client 172.16.252.1] Premature end of
 script headers: /cgi-bin/www.host.com/test.pl
 ---
 
 and this is 'test.pl', it works fine without suexec in chroot env:
 -
 
 #!/usr/bin/perl
 print Content-type: text/plain\n\n;
 opendir(DIRHANDLE, /);
 @filenames = readdir(DIRHANDLE);
 foreach $file (@filenames) { print $file\n; }
 closedir(DIRHANDLE);
 
 
 
 
 Best Regards.
 
 Michael Bibby(Huangbin Zhang)
 
 - RedHat Enterprise Linux 5 Client
 - OpenBSD 4.2 -release

-- 
Those who can, do.
Those who can't, sue.

Re: Regenerating damaged /etc

[Alvaro Mantilla Gimenez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Bryan Irvine wrote:
 On 11/6/07, Karel Kulhavy [EMAIL PROTECTED] wrote:
 During upgrading between 4.1 and 4.2 I accidentally typed rm -rf /etc instead
 of rm -rf etc in the /tmp directory.

 After fixing couple of vital things I continued normally with the upgrade,
 unpacking the etc42.tgz and xetc42.tgz and reinstalling couple of programs
 so that their /etc/ files are regenerated. I also did the post-installation
 stuff from the Installing 4.2 chapters.

 I got an idea that I could run the install process and somehow skip the 
 initial
 part but it always told me it's going to destroy all data on the disk and 
 then
 I said no and it returned into the shell.

 Is there some way how I can re-generate the missing /etc files? I guess the
 permissions matter for security and some files are probably machine 
 generated.
 
 Yeah it's easy to fix.
 
 tar xvfz TheBackupYouMadeBeforeTheUpgrade.tgz -C /

What kind of answer is that? This guy is looking for help and you answer
 a total stupid sentence. Go and fuck yourself. Idiot !! Stupid !!!
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHMPvVaLlBJyo5Ih8RArIdAJ4kgdh+CilcbB6Gku/+VxmIkHwdsACgp/VI
DDjym5Wf/LM/d9EeKAB8aFQ=
=pSAl
-END PGP SIGNATURE-

Re: Problem with xl interfaces

[Chris Cappuccio]

If you didn't submit a bug report, your keyboard issue probably didn't
get any attention.  Unfortunately, since its old and rare hardware (I
don't think very many UMC chipset 486 boards are still around), it's
not very likely that you will get much traction on this.

The xl card issues are probably due to PCI IRQ routing problems.  These
are not easy issues to fix without either documentation or even drivers
to look at and hardware to test with.  You might be able to figure out
how to support UMC irq routing by looking at some freebsd or netbsd
drivers.

Limaunion [EMAIL PROTECTED] wrote:
 hi all! I've been using OpenBSD during the last 2-3 years mainly running it 
 as a firewall.

 I've an old machine (486 + 48MB RAM) and yesterday decided to make
 some improvements: upgrade it from 4.0 to 4.2 (new installation) and
 replace the two NICs, switching from NE2000 clones (RTL8029) to 3C905B.
 The problem is that i'm getting ton of this messages which
 bring down the two interfaces:

 xl0: reset didn't complete
 xl1: reset didn't complete
 xl0: command never completed!
 xl1: command never completed!

 I found that man xl already has some information about 'command never
 completed' but in this case the driver does not continue to function
 normally. Is this problem a combination of old hardware with the xl
 interfaces ? or are this interfaces crap too ? switching to a newer
 machine (pentium 166) may help ? or should I buy different NICs ?

 Thanks in advance for any help!.
 Jorge

 PS: by the way, I'm still having with 4.2 a keyboard issue reported on
 2006-01-06:
 http://marc.info/?l=openbsd-miscm=113658848307726w=2


 OpenBSD 4.2 (GENERIC) #375: Tue Aug 28 10:38:44 MDT 2007
 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: Intel 486DX (486-class)
 real mem  = 49905664 (47MB)
 avail mem = 39297024 (37MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 07/25/94, BIOS32 rev. 0 @ 0xf7810
 apm0 at bios0: Power Management spec V1.0
 apm0: AC on, battery is unknown
 apm0: flags 30100 dobusy 0 doidle 1
 pcibios0 at bios0: rev 2.0 @ 0xf/0x1
 pcibios0: pcibios_get_intr_routing - function not supported
 pcibios0: PCI IRQ Routing information unavailable.
 pcibios0: PCI bus #0 is the last bus
 WARNING: can't reserve area for I/O APIC.
 WARNING: can't reserve area for Local APIC.
 bios0: ROM list: 0xc/0x8000
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (bios)
 xl0 at pci0 dev 13 function 0 3Com 3c905B 100Base-TX rev 0x30: irq 11,
 address 00:01:02:6e:c5:08
 exphy0 at xl0 phy 24: 3Com internal media interface
 xl1 at pci0 dev 14 function 0 3Com 3c905B 100Base-TX rev 0x30: irq 9,
 address 00:01:02:87:fc:88
 exphy1 at xl1 phy 24: 3Com internal media interface
 vga1 at pci0 dev 15 function 0 ATI Mach64 GP rev 0x5c
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 pchb0 at pci0 dev 16 function 0 UMC UM8881F Host rev 0x01
 pcib0 at pci0 dev 18 function 0 UMC UM8886 rev 0x01
 isa0 at pcib0
 isadma0 at isa0
 pckbc0 at isa0 port 0x60/5
 pckbd0 at pckbc0 (kbd slot)
 pckbc0: using irq 1 for kbd slot
 wskbd0 at pckbd0: console keyboard, using wsdisplay0
 wdc0 at isa0 port 0x1f0/8 irq 14
 wd0 at wdc0 channel 0 drive 0: WDC AC310200R
 wd0: 16-sector PIO, LBA, 9787MB, 20044080 sectors
 wd0(wdc0:0:0): using BIOS timings
 pcppi0 at isa0 port 0x61
 midi0 at pcppi0: PC speaker
 spkr0 at pcppi0
 npx0 at isa0 port 0xf0/16: using exception 16
 biomask f5fd netmask fffd ttymask 
 pctr: no performance counters in CPU
 dkcsum: wd0 matches BIOS drive 0x80
 root on wd0a swap on wd0b dump on wd0b

-- 
Those who can, do.
Those who can't, sue.

Re: Clamav

[Chris Cappuccio]

Juan Miscaro [EMAIL PROTECTED] wrote:
 
 You recommend a production server to be running -current?
 
 Poll: who here is doing that?
 

I do.  This is not to say that you can't be bitten by -current,
particularly after a hackathon, or some major commit.  But current as of
today is stable.  As of the last two weeks, current fixes a vfs deadlock
that might be hitting people in both 4.1 and 4.2 (fix by bob beck).  The fix
is not yet known to be worse than the cure, and isn't very likely to make it
into stable, but will certainly be in the 4.3 release.



-- 
Those who can, do.
Those who can't, sue.

Re: how to create cdrom42.fs?

[Steve Shockley]

Soner Tari wrote:

I guess that's not what the OP was asking for. However, there is a
cdrom42.fs in cdemu42.iso for i386. But I also need the one for amd64,
so I am looking for ways to create it myself too.


Take a look at
http://www.openbsd.org/cgi-bin/cvsweb/src/distrib/amd64/ramdisk_cd/Makefile?rev=1.3content-type=text/x-cvsweb-markup

It looks like if you comment out the NOFS line it'll generate the 
cdromXX.fs file.  I did not test this.


Why not just use cdbr and cdboot?  Unless you actually have a 2.88mb 
floppy drive.

Re: how to create cdrom42.fs?

[23号]

thx.

On 11/6/07, Guillermo Bernaldo de Quiros Maraver [EMAIL PROTECTED] wrote:

 If you have the source tree downloaded, you can make it from:

 /usr/src/distrib/`uname -m`/ramdisk_cd/

 2007/11/6, 23$B9f(B [EMAIL PROTECTED] :
 
  Hi,
anything script?
 
  --
  Best Regards,
  No.23
  
  http://blog.chinaunix.net/u1/42287
 
 



-- 
Best Regards,
No.23

http://blog.chinaunix.net/u1/42287

Re: altroot is not mentioned in FAQ [diff]

[Douglas A. Tutty]

On Tue, Nov 06, 2007 at 08:11:55PM +0100, ropers wrote:
 On 06/11/2007, Jan Stary [EMAIL PROTECTED] wrote:
  Is using a larger disk in the example a problem? Using a 20G disk makes
  the point of showing how usable the system is even on a small disk, but
  20G disks don't really exist anymore.
 
 shouting
 O RLY?
 /shouting
 
 I always thought my 20 Gig HDD was the largest of my eight drives.
 Are you saying it's Schroedinger's hard drive?
 
 What about the others?
 My 200 MB would like to have a little word with you, and it doesn't
 look like it's particularly amused.

I have a 171 MB drive.  My older computers don't have USB or CD to boot
from, so I keep this as sort of a plug-in LiveIDE.  The only OS I found
that could fit on it is Debian Woody.  I haven't tried tweaking NetBSD
to fit.

Jest
Perhaps there needs to be a new fork:  OldBSD: Unix for the Ages.  It
actually wouldn't have to be a total fork, just OpenBSD Release with
stuff removed.  No sound, no wireless, ISA and basic PCI, IDE (no SATA
if it takes more room), OK for USB.  Just the basics for boxes that are
getting hard to fit the regular OS on.  

/Jest

Doug.

dhclient.conf

[David Walker]

Hiya.

I have 2 interfaces (fxp0 and wi0) which get their ip's from dhcp. wi0,
being wireless, is prone to lose it's connection.
I want to change the timeout, etcetera for wi0 in dhclient.conf.
I can't see the information in dhclient.conf(5).

Can someone point me in the right direction?

Best wishes,
David

Re: altroot is not mentioned in FAQ [diff]

[RW]

On Tue, 6 Nov 2007 18:26:04 -0500, Douglas A. Tutty wrote:

Jest
Perhaps there needs to be a new fork:  OldBSD: Unix for the Ages.

s/Ages/Aged/   ??

Given that I joined IBM in 1962, I am allowed to make such jokes.
~|^
 =

From the land down under: Australia.
Do we look umop apisdn from up over?

Re: altroot is not mentioned in FAQ [diff]

[Nick Holland]

Jan Stary wrote:
 Hi all,
 
 this is a diff to faq4.html (the install faq) so that it mentions
 /altroot for the installing user before he partitions his drive. Now,
 the altroot feature is described in daily(8), which you only read when
 you already have a system installed, your disk is already partitioned,
 and typically you don't have the spare partition (of size at least that
 of /) to use for /altroot.

what benefit do you see in having /altroot on the same disk as / ?

 The current partitioning example uses a 20G disk with a pre-existing
 1.5G windows partition. In the diff I use a 80G disk with a pre-existing
 6G windows partition. I believe these are more realistic numbers
 nowadays (also, I don't have a 20G disk around :-). The 6G figure is
 used to stay below 8G, which INSTALL.i386 mentions as possible BIOS
 limit. I suppose the current example uses a 1.5G win partition to stay
 below 2G (which might be a BIOS limit on even older hardware) - is it so?

eh, kinda.  The bigger reason was I wanted most of the disk for OpenBSD,
and only wanted the 1.5G as a token Windows partition for the sake of
example.  You see, at the time I wrote this and committed this disk and
this computer to OpenBSD, it was a pretty cool system.  PII-450, 20G
disk, physically tiny machine, relatively low power consumption.  Highly
desirable.  Still, for all that space, the idea of wasting any of it on a
Windows partition that would never be used was completely uninteresting.
Yes, five years after the machine was devoted to OpenBSD (and in fact,
this article in the FAQ), it's pretty unexciting, I'll grant you.

 Is using a larger disk in the example a problem? Using a 20G disk makes
 the point of showing how usable the system is even on a small disk, but
 20G disks don't really exist anymore.

Bullshit.
No functional 10G drive that passes past me hits a trash can.
No functional 4G narrow SCSI drive that passes me hits a trash can
either.
(1G drives are starting to get a bit nervous around here, however)

There are a lot of people who do their first installs (which is what
the FAQ is pointed at) on very minimal hardware.  20G is actually much
bigger than many people still use, and loads bigger than many non-i386/
amd64 systems usually have on them.

So, no, the 80g change is just showing off.  No way.  At least, not
until someone floods me with 80G, 120G, 250G and bigger drives enough
that I think everyone must have big disks. :)

 Also, some disklabel messages and the output of disklabel's 'p' command
 have changed (either that, or the current faq which shows sizes in
 sectors as an output of 'p m' is mistaken).
 
   Jan
 
 
 PS: As this is a small diff, I edited (my copy of) faq4.html manually;
 but if I was to write up something bigger - is there some script(1)-like
 log of the whole installation, or can I create one? Drop into shell at
 the very beginning, and run 'install' inside script(1), or pipe it
 through tee, neither of which exists in bsd.rd? Or do something just
 before halt-and-reboot? Thanks.

I do the install for faq4.html every release with a serial cable attached,
and tip(1) running inside script(1).

argh.  I don't suppose you noticed that OpenBSD developers only use
diff -u, right?  Or actually looked at the output to see why?
(add to that that Thunderbird is a brain-dead piece of shit when it
comes to handling diffs in general and classic diffs even more so.
Apparently, either Thunderbird devs aren't programmers or they never
show their diffs to each other.)

Anyway...
* your diff makes gratuitous and pointless changes.
* Those changes will be a pain in the butt for me to maintain, as I
  don't have your machine.
* It doesn't say a word about the point of the diff (/altroot),
  just silently adds a partition to the install without explanation.
* It puts the /altroot partition in a nearly pointless place.
* 40G home?  Only if I had a deliberate plan for why I needed that
  much.  Of the dozens of machines I have around here, the only one
  that has a /home that big is my NFS server...

I may sound overly critical, but let me say in no uncertain terms:
you had an idea, you implemented it.  That puts you *above* 95% of
the rest of the people who help around here.  So for that I commend
you.  So, while my response may not be overly positive sounding, it
is worth my time, I think, to tell you in some detail why.  So, take
it as constructive criticism (or constructive no way :)

An /altroot discussion in the FAQ would be appropriate, but it would
not be handled anything like this.  It wouldn't be a change to the
install example, it would be in section 4.7, and possibly in a RAID
discussion somewhere in faq14.html.

/altroot is very cool, but like RAID, it does what it does, not what
people dream of it doing.  I don't think it is in any way an
automatic thing that all users should be doing.  I suspect you are
thinking it will help you if you blow out your 'a' partition.
However, the boot system won't 

Re: altroot is not mentioned in FAQ [diff]

[Douglas A. Tutty]

On Wed, Nov 07, 2007 at 01:23:55PM +1100, RW wrote:
 On Tue, 6 Nov 2007 18:26:04 -0500, Douglas A. Tutty wrote:
 
 Jest
 Perhaps there needs to be a new fork:  OldBSD: Unix for the Ages.
 
 s/Ages/Aged/   ??
 
 Given that I joined IBM in 1962, I am allowed to make such jokes.
 ~|^
  =
 
Ha! When I was -4.

--

I figure that assuming memory isn't too great a concern, the GENERIC
kernel is fine.  OldBSD would then just be a custom install set that
consisted of the minium base ones minus stuff.  The normal installer and
everything would work.  Being that there would be no coding involved,
there shouldn't be any security reprecusions.

Doug.

OK... I broke something - can't load library 'libpcre.so.1.0'

[Mikel Lindsaar]

Hello list :)

I was getting ImageMagick working with Rails on OpenBSD and was
running into problems.

In the process of installing it, somehow I nuked the libpcre library.

I went into /usr/ports/devel/pcre/ and did a make clean, make, make install.

However I am still getting the error.

I tried doing an ldconfig -R (not sure if this was needed or not) but no change.

I am getting the can't find the library libpcre errors when I try to
start postfix or bash.

libpcre.so.1.0 is in the /usr/local/lib/ directory.

What do I have to do to get everything to see the library again?

Thanks guys.

Mikel

problem with booting 4.2 after installation

[Michael]

The problem is back :( 
I am, however, back on openbsd 4.2. 
This is what I did and found: 
I booted into Debian to catch a flash presentation and then rebooted openbsd. 
It hung during the boot again. I rebooted and at the boot prompt, typed -c 
and and then typed verbose and quit. 
I found that it hung/froze while probing isapnp0. I rebooted, and entered cmos 
and changed settings for isa in case that would solve the problem. I rebooted 
into openbsd, and the system hung at the same spot, so I rebooted and disabled 
isapnp. The system booted. btw- when I disabled isapnp, I also typed verbose 
(thanks for help with that). 
Here is the dmesg:

-- 
I have and use:
PCLinuxOS, OpenBSD, Fedora, SUSE,
Puppy, OS2-Warp4, many others.
I obeyed and experienced Acts 2:38. Have you?
God bless you
 returned 0
 probing for sv*
 sv probe returned 0
 probing for bktr0
 bktr probe returned 0
 probing for xl*
 xl probe returned 0
 probing for fxp*
 fxp probe returned 0
 probing for em*
 em probe returned 0
 probing for ixgb*
 ixgb probe returned 0
 probing for xge*
 xge probe returned 0
 probing for thtc*
 thtc probe returned 0
 probing for dc*
 dc probe returned 0
 probing for epic*
 epic probe returned 0
 probing for ti*
 ti probe returned 0
 probing for ne*
 ne probe returned 0
 probing for gem*
 gem probe returned 0
 probing for lofn*
 lofn probe returned 0
 probing for hifn*
 hifn probe returned 0
 probing for nofn*
 nofn probe returned 0
 probing for ubsec*
 ubsec probe returned 0
 probing for safe*
 safe probe returned 0
 probing for wb*
 wb probe returned 0
 probing for sf*
 sf probe returned 0
 probing for sis*
 sis probe returned 0
 probing for ste*
 ste probe returned 0
 probing for wdt0
 wdt probe returned 0
 probing for pwdog0
 pwdog probe returned 0
 probing for mbg*
 mbg probe returned 0
 probing for uhci*
 uhci probe returned 0
 probing for ohci*
 ohci probe returned 0
 probing for ehci*
 ehci probe returned 0
 probing for cbb*
 cbb probe returned 0
 probing for skc*
 skc probe returned 0
 probing for mskc*
 mskc probe returned 0
 probing for puc*
 puc probe returned 0
 probing for wi*
 wi probe returned 0
 probing for an*
 an probe returned 0
 probing for ipw*
 ipw probe returned 0
 probing for iwi*
 iwi probe returned 0
 probing for wpi*
 wpi probe returned 0
 probing for cmpci*
 cmpci probe returned 0
 probing for iha*
 iha probe returned 0
 probing for trm*
 trm probe returned 0
 probing for pcscp*
 pcscp probe returned 0
 probing for nge*
 nge probe returned 0
 probing for lge*
 lge probe returned 0
 probing for bge*
 bge probe returned 0
 probing for bnx*
 bnx probe returned 0
 probing for vge*
 vge probe returned 0
 probing for stge*
 stge probe returned 0
 probing for nfe*
 nfe probe returned 0
 probing for amdpm*
 amdpm probe returned 0
 probing for viaenv*
 viaenv probe returned 0
 probing for bce*
 bce probe returned 0
 probing for ath*
 ath probe returned 0
 probing for atw*
 atw probe returned 0
 probing for rtw*
 rtw probe returned 0
 probing for ral*
 ral probe returned 0
 probing for acx*
 acx probe returned 0
 probing for pgt*
 pgt probe returned 0
 probing for malo*
 malo probe returned 0
 probing for san*
 san probe returned 0
 probing for piixpm*
 piixpm probe returned 0
 probing for musycc*
 musycc probe returned 0
 probing for vic*
 vic probe returned 0
 probing for ichiic*
 ichiic probe returned 0
 probing for alipm*
 alipm probe returned 1
 probing for viapm*
 viapm probe returned 0
 probing for amdiic*
 amdiic probe returned 0
 probing for nviic*
 nviic probe returned 0
 probing for sdhc*
 sdhc probe returned 0
 probing for pchb*
 pchb probe returned 0
 probing for elansc*
 elansc probe returned 0
 probing for geodesc*
 geodesc probe returned 0
 probing for glxsb*
 glxsb probe returned 0
 probing for pcib*
 pcib probe returned 0
 probing for ichpcib*
 ichpcib probe returned 0
 probing for piixpcib*
 piixpcib probe returned 0
 probing for gscpcib*
 gscpcib probe returned 0
 probing for hme*
 hme probe returned 0
 probing for pcic*
 pcic probe returned 0
 alipm probe won
alipm0 at pci0 dev 17 function 0 Acer Labs M7101 Power rev 0x00: 74KHz clock
 probing for iic*
 iic probe returned 1
 iic probe won
iic0 at alipm0
 probing for lmtemp*
 lmtemp probe returned 0
 probing for lmenv*
 lmenv probe returned 0
 probing for maxtmp*
 maxtmp probe returned 0
 probing for adc*
 adc probe returned 0
 probing for admtemp*
 admtemp probe returned 0
 probing for admlc*
 admlc probe returned 0
 probing for admtm*
 admtm probe returned 0
 probing for admtmp*
 admtmp probe returned 0
 probing for admtt*
 admtt probe returned 0
 probing for maxds*
 maxds probe returned 0
 probing for adt*
 adt probe returned 0
 probing for lm*
 lm probe returned 0
 probing for admcts*
 admcts probe returned 0
 probing for asbtm*
 asbtm probe returned 0
 probing for wbenv*
 wbenv probe returned 0
 probing for glenv*
 glenv probe returned 0
 no winning probe
iic0: addr 0x2d 00=20 01=80 03=40 04=be 0d=61 0e=a9 0f=50 13=9e 

Re: Failure starting Gnome - OpenBSD 4.2

[Marti Martinez]

OK, as usual, I don't have a solution to your (current) problem, but I
was experiencing the original Gnome/GDM problem you had, and it was
easily fixed. For some reason, after installing gnome-session and gdm
from packages, /etc/X11/gdm/Xsession was not executable, but gdm
appears to expect it to be and throws an error. chmod +x
/etc/X11/gdm/Xsession cleared up my problems. Presumably this is a
bug in the gdm package, but it's too easily fixed ad hoc for me to
actually look at where the problem originates.

HTH,
Marti

On Oct 24, 2007 11:25 PM, David H. Lynch Jr. [EMAIL PROTECTED] wrote:
 Matthieu Herrb wrote:
  David H. Lynch Jr. wrote:
 
  I have tried to install Gnome on two different machines running
  OpenBSD 4.2.
  The first machine ran Gnome fine under OpenBSD 4.1 (though there
  were other problems)
 
  One both machines - fresh installs gdm starts I can attempt to logon
  but I get a fatal error after logging on
  and a request to look in ~/.xsession for further information.
 
 
  This indicates that your session exited for some reason, probably an
  error in your sessions startup script (.xsession or some thing else in
  gnome case).
 
 
  after acknowledging X restarts, I can do a failsafe terminal login
  but nothing else.
  I have looked in ~/.xsession as well as the X/gdm logs in /var/log
  and the rest of the logs and can find no indications of a problem.
 
  A clue would be greatly appreciated.
 
 
 
  Please provide more precise informations, *exact* copies of the error
  messages you see for instance, and more details on what files were
  edited in your home directory.
 
  Also misc@ or ports@ mmailing lists are more appropriate for this kind
  of questions.
 

 I was able to trace things further. It failed trying to open
 gnome-session.
 Somehow despite the fact that I thought i had installed X and gnome,
 somethings were missed.
 Unfortunately that lead to a new problem.
 When trying to install/re-install gnome I am getting missing expat
 dependency issues all over the place.
 With a bit of force I have been able to get things loaded anyway -
 but can't get expat.
 Now it is bombing trying to load libexpat.so.9 - which is not
 anywhere on my system.
 I found some messages suggesting that there are libexpat issues with
 4.2 though theey sugest I can get it from
  xbase42.tgz but I can not find it there.

 Where can  find libxpat and how can I persuade pkg_add that it is
 installed ?





-- 
Systems Programmer, Principal
Electrical  Computer Engineering
The University of Arizona
[EMAIL PROTECTED]

Thinkpad t61 OpenBSD support?

[Girish Venkatachalam]

Hello friends,

Was wondering if IBM Thinkpad T61 can be a good buy if I wish to run
OpenBSD on it.

Any anecdotes?

Advice?


My friend is in US right now. So I could ask him to bring it for me.

Which is the best website to order from?

Thanks.

Have a nice day!

regards,
Girish

Re: Thinkpad t61 OpenBSD support?

[Predrag Punosevac]

Girish Venkatachalam wrote:

Hello friends,

Was wondering if IBM Thinkpad T61 can be a good buy if I wish to run
OpenBSD on it.

Any anecdotes?

Advice?


My friend is in US right now. So I could ask him to bring it for me.

Which is the best website to order from?

Thanks.

Have a nice day!

regards,
Girish
  
You should not pay more than $1000 including taxes and shipping for 
ThinkPAD T61. The prices vary a lot from web-site to web-site, from 
store to store and from one week to another. In my experience Lenovo 
web-site was worthy of persistent checking especially in the light of 
impending Christmas sales. Actually have you heard of Black Friday? This 
is the first day of Christmas sales (right after the Thanks Giving 
Holiday) when you can get killer deals if you know what are you doing. 
This year Black Friday is  23 of  November (I think).
The best web-site for computer parts in states is www.newegg.com but 
they also sell laptops and complete PCs.

Geeks.com often have killer deals on older stuff.

I am definitely not the right person to answer your second question for 
couple of  reasons. Most of my computers are bought for $5-10 when 
companies are trying to get a read of old equipment for one and they 
are desktops. I put together my only new computer and I could of course 
look at the hardware notes before building it. My only surviving laptop 
is E390 ThinkPAD (Pentium II) happily running FreeBSD.

Re: Thinkpad t61 OpenBSD support?

[Girish Venkatachalam]

On 23:10:35 Nov 06, Predrag Punosevac wrote:
 You should not pay more than $1000 including taxes and shipping for 
 ThinkPAD T61. The prices vary a lot from web-site to web-site, from 
 store to store and from one week to another. 

Hmmm...

 Actually have you heard of Black Friday?

No.

 This is the first day of Christmas sales (right after the Thanks Giving 
 Holiday) when you can get killer deals if you know what are you doing. 
 This year Black Friday is  23 of  November (I think).

Great. :)

23 Nov is just round the corner. Perfect timing.

 The best web-site for computer parts in states is www.newegg.com but 
 they also sell laptops and complete PCs.
 Geeks.com often have killer deals on older stuff.

I shall ask him to order from newegg then. I have used that site before.

Thanks for your reply.

Much appreciated.

Best,
Girish