Limiting CPU to a process or process group?

[Andreas Kahari]

Hi,

Is there a way of limiting the amount of CPU given to a particular
process or process group? For example, I would want the build of the
qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
75% idle if nothing else is happening on the machine.

I know about 'nice', but it doesn't fulfil the criteria that the
machine is left otherwise idle if nothing else runs on it.

I don't have a real reason for why I would want to do this, I'm mainly
curious as to if it's possible.

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
 Hi,

 Is there a way of limiting the amount of CPU given to a particular
 process or process group? For example, I would want the build of the
 qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
 75% idle if nothing else is happening on the machine.

 I know about 'nice', but it doesn't fulfil the criteria that the
 machine is left otherwise idle if nothing else runs on it.

 I don't have a real reason for why I would want to do this, I'm mainly
 curious as to if it's possible.

 Regards,
 Andreas

 --
 Andreas Kahari
 Somewhere in the general Cambridge area, UK



I have never done this myself, but I believe this is possible by
creating a login class in /etc/login.conf and set the cputime option.
See login.conf(5) for a better description.

Zend Optimizer with apache and php5 on 4.2

[Evgeniy Sudyr]

Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension=/var/www/lib/ZendOptimizer.so

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.


  

-- 
Best regards,
 Evgeniy  mailto:[EMAIL PROTECTED]

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Joe [EMAIL PROTECTED] writes:

 # Secure Distribution.
  The most secure operation system gets distributed on FTP servers
  as unsigned binaries.

 You should create your own binaries if you want secure binaries.

He's also conveniently forgetting about the MD5 sums, conveniently
provided in a file called MD5 along with the installables.  IMO
'signed binaries' is an overhyped buzzword.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Nikns Siankin [EMAIL PROTECTED] writes:

 When we will meet in Riga, I will like to hear from you explanation,
 how does putting md5 checksum file *along* with installables on the
 same vulnerable channel, helps to make sure, that they are not backdoored ;]

you don't have to wait that long. fetch the files from different mirrors.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 12:11:13PM +0100, Peter N. M. Hansteen wrote:
Joe [EMAIL PROTECTED] writes:

 # Secure Distribution.
  The most secure operation system gets distributed on FTP servers
  as unsigned binaries.

 You should create your own binaries if you want secure binaries.

He's also conveniently forgetting about the MD5 sums, conveniently
provided in a file called MD5 along with the installables.  IMO
'signed binaries' is an overhyped buzzword.

When we will meet in Riga, I will like to hear from you explanation,
how does putting md5 checksum file *along* with installables on the
same vulnerable channel, helps to make sure, that they are not backdoored ;]




-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
 On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
  Hi,
 
  Is there a way of limiting the amount of CPU given to a particular
  process or process group? For example, I would want the build of the
  qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
  75% idle if nothing else is happening on the machine.
 
  I know about 'nice', but it doesn't fulfil the criteria that the
  machine is left otherwise idle if nothing else runs on it.
 
  I don't have a real reason for why I would want to do this, I'm mainly
  curious as to if it's possible.
[cut]

 I have never done this myself, but I believe this is possible by
 creating a login class in /etc/login.conf and set the cputime option.
 See login.conf(5) for a better description.

Hi Alexander,

I believe that the cputime resource limit will limit the maximum
amount of CPU time that the user may use in a session, which is not
really what I asked for. I'd like the process or process group to run
for as long as it needs to run, but that it only ever uses a fraction
of the CPU power.

It's like limiting the network bandwidth for a particular type of
traffic, only this is about time on the CPU.

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote:
Nikns Siankin [EMAIL PROTECTED] writes:

 When we will meet in Riga, I will like to hear from you explanation,
 how does putting md5 checksum file *along* with installables on the
 same vulnerable channel, helps to make sure, that they are not backdoored ;]

you don't have to wait that long. fetch the files from different mirrors.
hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
see ya


-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[NetOne - Doichin Dokov]

Nikns Siankin P=P0P?P8Q
P0:

On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote:
  

Nikns Siankin [EMAIL PROTECTED] writes:



When we will meet in Riga, I will like to hear from you explanation,
how does putting md5 checksum file *along* with installables on the
same vulnerable channel, helps to make sure, that they are not backdoored ;]
  

you don't have to wait that long. fetch the files from different mirrors.


hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
see ya

  

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.


Go buy the CD set, Mr. Security - or you don't trust the postman either?

Now - seriuosly - let's stop all the shit. The misc@ has been 99% flame 
these days...


Regards,
Doichin

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
 On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
   Hi,
  
   Is there a way of limiting the amount of CPU given to a particular
   process or process group? For example, I would want the build of the
   qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
   75% idle if nothing else is happening on the machine.
  
   I know about 'nice', but it doesn't fulfil the criteria that the
   machine is left otherwise idle if nothing else runs on it.
  
   I don't have a real reason for why I would want to do this, I'm mainly
   curious as to if it's possible.
 [cut]
 
  I have never done this myself, but I believe this is possible by
  creating a login class in /etc/login.conf and set the cputime option.
  See login.conf(5) for a better description.

 Hi Alexander,

 I believe that the cputime resource limit will limit the maximum
 amount of CPU time that the user may use in a session, which is not
 really what I asked for. I'd like the process or process group to run
 for as long as it needs to run, but that it only ever uses a fraction
 of the CPU power.

 It's like limiting the network bandwidth for a particular type of
 traffic, only this is about time on the CPU.


 Regards,
 Andreas

 --
 Andreas Kahari
 Somewhere in the general Cambridge area, UK


Yes, you are right. It is also possible to set a priority for a
process in a login class.

From login.conf(5)
 priority  number  Initial priority (nice) level.

This is not exactly what you want, but it is pretty close. I am
curious why do you want to set an exact limit and not let the
scheduler do this for you?

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Nikns Siankin [EMAIL PROTECTED] writes:

 hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
 see ya

the other option of course is to just buy the CDs.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

pflogd -p problems

[Didier Wiroth]

Hello,

I'm running current (a few days old).

I would like to log some traffic to the pflog1 interface. Everything works 
fine except a problem with pflogd and the -p switch.

I use the following as default:
1) pflogd -s 116 -i pflog0 -f /var/log/pflog
The process is:
$ cat /var/run/pflogd.pid
9293

Everything is fine here!


Now, I would like to use the following for the pflog1 interface:
1) pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

But the -p switch doesn't work -p /var/log/pflogd1.pid, pflogd does not
write the PID to pflogd1.pid ...
sudo cat /var/run/pflogd1.pid returns nothing. 
It looks like -p is simply ignored.

The (old/previous) PID file is still the same which is actually normal ... but 
just in case ...:
$ sudo cat /var/run/pflogd.pid
9293

Here is the output of pstree:
$ pstree -s pflogd -w
-+= 1 root /sbin/init
 |-+= 09293 root pflogd: [priv] (pflogd)
 | \--- 18342 _pflogd pflogd: [running] -s 116 -i pflog0 -f /var/log/pflog 
(pflogd)
 \-+= 19480 root pflogd: [priv] (pflogd)
   \--- 19710 _pflogd pflogd: [running] -s 116 -i pflog1 -f /var/log/pflog1 
(pflogd)

I'm not a specialist and may be I overlooked something.

How can I make this to work:
pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

Thanks a lot!!!

Didier

XING ağıma davet

[MUSTAFA MESUT NEBİOĞLU]

Merhaba,

Sizi XING C'evreme davet etmek isterim! 
 
Kararlar sC6zkonusu olduDunda iliEkiler gittikC'e daha C'ok C6nem kazanD1yor. 
 
XING Czerinden iliEkileri gCncel tutmak, geliEtirmek ve onlardan 
yararlanmak C'ok kolay. D0liEkilerim arasD1nda sizi de gC6rebilirsem memnun 
olurum. 
 
Candan selamlar 
MUSTAFA MESUT NEBD0ODLU

---

MUSTAFA MESUT NEBD0ODLU sizi XING platformundaki aDD1na davet ediyor:
http://www.xing.com/go/inv/14755969.b7b977



ArtD1k XING davetiyesi almak istemiyorum:
http://www.xing.com/go/opt_out_invite/U2FsdGVkX189MreMiOactwZkxsirJ91rhN0iRZtqGybJ8zTEZPv2Yg

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
 On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
  On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
   On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
Hi,
   
Is there a way of limiting the amount of CPU given to a particular
process or process group? For example, I would want the build of the
qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
75% idle if nothing else is happening on the machine.
   
I know about 'nice', but it doesn't fulfil the criteria that the
machine is left otherwise idle if nothing else runs on it.
   
I don't have a real reason for why I would want to do this, I'm mainly
curious as to if it's possible.
  [cut]
  
   I have never done this myself, but I believe this is possible by
   creating a login class in /etc/login.conf and set the cputime option.
   See login.conf(5) for a better description.
 
  Hi Alexander,
 
  I believe that the cputime resource limit will limit the maximum
  amount of CPU time that the user may use in a session, which is not
  really what I asked for. I'd like the process or process group to run
  for as long as it needs to run, but that it only ever uses a fraction
  of the CPU power.
 
  It's like limiting the network bandwidth for a particular type of
  traffic, only this is about time on the CPU.
 
 
  Regards,
  Andreas
 
  --
  Andreas Kahari
  Somewhere in the general Cambridge area, UK
 

 Yes, you are right. It is also possible to set a priority for a
 process in a login class.

 From login.conf(5)
  priority  number  Initial priority (nice) level.

 This is not exactly what you want, but it is pretty close. I am
 curious why do you want to set an exact limit and not let the
 scheduler do this for you?


As I said, I don't have a good reason for wanting to do this. It just
seemed like something someone might want to do. But let me dream up
three examples: Sometimes firefox (or whatever program) goes a bit
haywire and brings the machine to a crawl. It would be nice to limit
firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
50% of the machine to work with.

Another example: Let's say I'm rebuilding the kernel, base system, and
all my packages after a major update from CVS after a long time away.
I'm not worried about how long this takes so I'm quite happy to run
the build at 5% of the CPU while I get on with my work.

Third example, similar to the last one: I'm running a distributed.net
or SETI-at-home client in the background, but I don't ever want it to
run at 100% of the CPU, maybe because that would make the machine too
noisy during the night (due to the fans).

Maybe no-one has these kind of requirements?

Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: cwm: root window unavailable

[Martin Toft]

On Sat, Jan 12, 2008 at 08:32:50PM +0100, Martin Toft wrote:
 Hi,
 
 when starting X (and thereby cwm due to my .xinitrc), I get the
 following error:
 
 cwm: root window unavailable - perhaps another wm is running?
 
 It happens right after boot up, where I'm sure no other wm is running.
 My computer boots up without starting e.g. xdm and I type startx to
 launch X.

For the archive: I've solved the problem.

cwm echoes the error message above and terminates if xbindkeys is
running. My solution at the moment is to not use xbindkeys...

Martin

Re: facts about OpenBSD

[Thordur I. Bjornsson]

Lots of whining.

Where are your diffs to fix these issues ?

Oh, no wait. you want *other* people todo the work for you,
its not enough that you got what they gave already you want
more, you ungrateful whining dick.

-- 
Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
(Who does not love wine, women, and song, Remains a fool his whole life long.)
-- Johann Heinrich Voss

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 2:34 PM, Andreas Kahari [EMAIL PROTECTED] wrote:

 On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
   On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
 Hi,

 Is there a way of limiting the amount of CPU given to a particular
 process or process group? For example, I would want the build of the
 qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
 75% idle if nothing else is happening on the machine.

 I know about 'nice', but it doesn't fulfil the criteria that the
 machine is left otherwise idle if nothing else runs on it.

 I don't have a real reason for why I would want to do this, I'm mainly
 curious as to if it's possible.
   [cut]
   
I have never done this myself, but I believe this is possible by
creating a login class in /etc/login.conf and set the cputime option.
See login.conf(5) for a better description.
  
   Hi Alexander,
  
   I believe that the cputime resource limit will limit the maximum
   amount of CPU time that the user may use in a session, which is not
   really what I asked for. I'd like the process or process group to run
   for as long as it needs to run, but that it only ever uses a fraction
   of the CPU power.
  
   It's like limiting the network bandwidth for a particular type of
   traffic, only this is about time on the CPU.
  
  
   Regards,
   Andreas
  
   --
   Andreas Kahari
   Somewhere in the general Cambridge area, UK
  
 
  Yes, you are right. It is also possible to set a priority for a
  process in a login class.
 
  From login.conf(5)
   priority  number  Initial priority (nice) 
  level.
 
  This is not exactly what you want, but it is pretty close. I am
  curious why do you want to set an exact limit and not let the
  scheduler do this for you?
 

 As I said, I don't have a good reason for wanting to do this. It just
 seemed like something someone might want to do. But let me dream up
 three examples: Sometimes firefox (or whatever program) goes a bit
 haywire and brings the machine to a crawl. It would be nice to limit
 firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
 50% of the machine to work with.

 Another example: Let's say I'm rebuilding the kernel, base system, and
 all my packages after a major update from CVS after a long time away.
 I'm not worried about how long this takes so I'm quite happy to run
 the build at 5% of the CPU while I get on with my work.


What you describe here is exactly what you can accomplish with either
nice or the priority option in login.conf. Also, I am not exactly sure
what you mean with percent of CPU. Do you mean the difference of cpu
time scheduled between a 'normal' process?

 Third example, similar to the last one: I'm running a distributed.net
 or SETI-at-home client in the background, but I don't ever want it to
 run at 100% of the CPU, maybe because that would make the machine too
 noisy during the night (due to the fans).

I think this is a different issue. I don't know how this can be
solved. An idea might be to underclock your cpu at night.


 Maybe no-one has these kind of requirements?


 Andreas

 --
 Andreas Kahari
 Somewhere in the general Cambridge area, UK

Software for traffic analyzer

[João Salvatti]

Hi Folks,

I would like to know what web traffic analyzer should I use on my
network. I mean, what do you recommend.

Thanks in advance.

-- 
Joao Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://www.openbsd-pa.org
e-mail: [EMAIL PROTECTED]

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
 On Jan 14, 2008 2:34 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
 
  On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
   On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
 On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
  Hi,
 
  Is there a way of limiting the amount of CPU given to a particular
  process or process group? For example, I would want the build of the
  qt4 port to use a maximum of 25% of the available CPU, leaving the 
  CPU
  75% idle if nothing else is happening on the machine.
 
  I know about 'nice', but it doesn't fulfil the criteria that the
  machine is left otherwise idle if nothing else runs on it.
 
  I don't have a real reason for why I would want to do this, I'm 
  mainly
  curious as to if it's possible.
[cut]

 I have never done this myself, but I believe this is possible by
 creating a login class in /etc/login.conf and set the cputime option.
 See login.conf(5) for a better description.
   
Hi Alexander,
   
I believe that the cputime resource limit will limit the maximum
amount of CPU time that the user may use in a session, which is not
really what I asked for. I'd like the process or process group to run
for as long as it needs to run, but that it only ever uses a fraction
of the CPU power.
   
It's like limiting the network bandwidth for a particular type of
traffic, only this is about time on the CPU.
[cut sigs]
  
   Yes, you are right. It is also possible to set a priority for a
   process in a login class.
  
   From login.conf(5)
priority  number  Initial priority (nice) 
   level.
  
   This is not exactly what you want, but it is pretty close. I am
   curious why do you want to set an exact limit and not let the
   scheduler do this for you?
  
 
  As I said, I don't have a good reason for wanting to do this. It just
  seemed like something someone might want to do. But let me dream up
  three examples: Sometimes firefox (or whatever program) goes a bit
  haywire and brings the machine to a crawl. It would be nice to limit
  firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
  50% of the machine to work with.
 
  Another example: Let's say I'm rebuilding the kernel, base system, and
  all my packages after a major update from CVS after a long time away.
  I'm not worried about how long this takes so I'm quite happy to run
  the build at 5% of the CPU while I get on with my work.
 

 What you describe here is exactly what you can accomplish with either
 nice or the priority option in login.conf. Also, I am not exactly sure
 what you mean with percent of CPU. Do you mean the difference of cpu
 time scheduled between a 'normal' process?

It is not quite the same because a process, even running at niceness
level 20, will grab as much CPU as it can (unless it has to wait for
data).

What I mean is what I wrote in my first email: For example, I would
want the build of the qt4 port to use a maximum of 25% of the
available CPU, leaving the CPU 75% idle if nothing else is happening
on the machine.

  Third example, similar to the last one: I'm running a distributed.net
  or SETI-at-home client in the background, but I don't ever want it to
  run at 100% of the CPU, maybe because that would make the machine too
  noisy during the night (due to the fans).

 I think this is a different issue. I don't know how this can be
 solved. An idea might be to underclock your cpu at night.

Yes, I could sysctl -w hw.setperf=0 or something like that on my
SpeedStep'able CPU, but with hw.setperf=0, a process still have the
possibility to get 100% of the CPU. It will be a slower CPU, but it's
still not limiting the process to use only a fraction of the CPU at
any instance in time.

Again, maybe no-one has these kind of requirements in real life?

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: cwm: root window unavailable

[Jan Stary]

On Jan 14 14:55:32, Martin Toft wrote:
 On Sat, Jan 12, 2008 at 08:32:50PM +0100, Martin Toft wrote:
  when starting X (and thereby cwm due to my .xinitrc), I get the
  following error:
  
  cwm: root window unavailable - perhaps another wm is running?

 cwm echoes the error message above and terminates if xbindkeys is
 running. My solution at the moment is to not use xbindkeys...

This is strange. I am running xbindkeys and it never bothered cwm
(or any other WM). This is my ~/.xinitrc:

--- cut -
#!/bin/sh

xset -b -c dpms 300 600 900 m 4 100 r rate 400 30 s off
xsetroot -solid black
xrdb $HOME/.Xresources
xbindkeys

setxkbmap -rules xorg -model pc105 -layout us,cz \
-option grp:shifts_toggle,grp_led:scroll

exec cwm
--- cut -

What exactly is yours? In particular, how are you launching xbindkeys?
I really doubt xbindkeys would be causing it.

Looking at the source,

if (Starting  
e-error_code == BadAccess
e-request_code == X_GrabKey)
errx(1, root window unavailable - perhaps another 
wm is running?);  

is the only place where the message appears.
What exactly is a BadAccess when trying to X_GrabKey?

Jan

Re: Limiting CPU to a process or process group?

[Martin Schröder]

2008/1/14, Andreas Kahari [EMAIL PROTECTED]:
 What I mean is what I wrote in my first email: For example, I would
 want the build of the qt4 port to use a maximum of 25% of the
 available CPU, leaving the CPU 75% idle if nothing else is happening
 on the machine.

This not possible in OpenBSD (and AFAIK no Unix scheduler does that).

Best
   Martin

Re: [Fwd: Open-Hardware]

[Uwe Stuehler]

On Sun, Jan 06, 2008 at 01:10:01PM -0500, Richard Stallman wrote:
 If users don't normally install microcode in the CPU, then ethically
 it may as well be a circuit.  It is not built as a circuit, but that's
 a different question.

That may as well be an ethically confusing sentence.

If users don't normally install ice cream in the banana, then ethically
it may as well be a fruit.

Oh My Gnu!...

We shall not endorse restaurants which serve pre-compiled banana split
for dessert to innocent guests when those guests ask for it, unless the
restaurant provides them with the complete recipe and all ingredients!

Re: Bluetooth on 4.2

[Uwe Stuehler]

On Sun, Jan 13, 2008 at 03:20:46AM +, Wim Lewis wrote:
 How much should I expect Bluetooth to be working on OBSD 4.2? I can get some
 things to work, but I can't successfully open an RFCOMM connecton.

The ubt(4) driver was fixed in -current, -r1.10 of sys/dev/usb/ubt.c.

Uwe

Re: Limiting CPU to a process or process group?

[Paul de Weerd]

On Mon, Jan 14, 2008 at 04:10:12PM +0100, Martin Schr?der wrote:
| 2008/1/14, Andreas Kahari [EMAIL PROTECTED]:
|  What I mean is what I wrote in my first email: For example, I would
|  want the build of the qt4 port to use a maximum of 25% of the
|  available CPU, leaving the CPU 75% idle if nothing else is happening
|  on the machine.
| 
| This not possible in OpenBSD (and AFAIK no Unix scheduler does that).

The best you can get is on an SMP system consuming 100% of 1 CPU, in
effect consuming only 50% (or 25% or whatever) of all available cpu
cycles, but this is cheating as it's not really doing what you want.

Cheers,

Paul 'WEiRD' de Weerd

-- 
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
 http://www.weirdnet.nl/ 

Re: pflogd -p problems

[Okan Demirmen]

On Mon 2008.01.14 at 14:17 +0100, Didier Wiroth wrote:
 How can I make this to work:
 pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

you want:
pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p pflogd1

which will write /var/run/pflogd1.pid .

Re: Limiting CPU to a process or process group?

[Ryan Flannery]

On Jan 14, 2008 9:27 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
 It is not quite the same because a process, even running at niceness
 level 20, will grab as much CPU as it can (unless it has to wait for
 data).

 What I mean is what I wrote in my first email: For example, I would
 want the build of the qt4 port to use a maximum of 25% of the
 available CPU, leaving the CPU 75% idle if nothing else is happening
 on the machine.


This is impossible in OpenBSD, and afaik it's also impossible in any other *nix.
Just curious: why would you want the cpu to stay 75% idle when nothing
else is running?

What you're specifically asking for is impossible, but I believe what
you want is possible (and quite common).

 Again, maybe no-one has these kind of requirements in real life?

Some of us have some very similar requirements, but we accomplish them
differently.
For example, to keep firefox from bringing my box to a crawl, I'll
usually run it with a priority (nice) much lower than normal.  When
I'm not doing anything else, firefox still uses nearly 100% of the
cpu, but that's only because *nothing* else is running.  When I
alt-tab over to an xterm and kick-off a large compile (or something of
the sort), the build job will then eat up most of the cpu and firefox
will be reduced to only a few percent.  Bottom line: firefox doesn't
slow anything else down (at least not too much), since it has a lower
scheduling priority.

Good use of nice(1) and renice(8) are what allows one to run processes
that do not interfere (too much) with other processes, which is what I
believe you are wanting.

Apologies if I misunderstood you.

-ryan

Re: Limiting CPU to a process or process group?

[Henri Salo]

On Mon, 14 Jan 2008 16:10:12 +0100
Martin SchrC6der [EMAIL PROTECTED] wrote:

 2008/1/14, Andreas Kahari [EMAIL PROTECTED]:
  What I mean is what I wrote in my first email: For example, I would
  want the build of the qt4 port to use a maximum of 25% of the
  available CPU, leaving the CPU 75% idle if nothing else is happening
  on the machine.

 This not possible in OpenBSD (and AFAIK no Unix scheduler does that).

 Best
Martin

What about Solaris or plan9? I remember those could do something tricky
with CPU. Do I remember wrong or was I asleep?

--
Henri Salo fgeek at hack.fi +358407705733
GPG ID: 2EA46E4F  fp: 14D0 7803 BFF6 EFA0 9998  8C4B 5DFE A106 2EA4 6E4F

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Re: Limiting CPU to a process or process group?

[Douglas A. Tutty]

On Mon, Jan 14, 2008 at 01:34:13PM +, Andreas Kahari wrote:
 On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
   On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:

 Is there a way of limiting the amount of CPU given to a particular
 process or process group? For example, I would want the build of the
 qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
 75% idle if nothing else is happening on the machine.

 I know about 'nice', but it doesn't fulfil the criteria that the
 machine is left otherwise idle if nothing else runs on it.

 I don't have a real reason for why I would want to do this, I'm mainly
 curious as to if it's possible.
   [cut]
   
I have never done this myself, but I believe this is possible by
creating a login class in /etc/login.conf and set the cputime option.
See login.conf(5) for a better description.

  
   I believe that the cputime resource limit will limit the maximum
   amount of CPU time that the user may use in a session, which is not
   really what I asked for. I'd like the process or process group to run
   for as long as it needs to run, but that it only ever uses a fraction
   of the CPU power.
  
   It's like limiting the network bandwidth for a particular type of
   traffic, only this is about time on the CPU.
  

 
 As I said, I don't have a good reason for wanting to do this. It just
 seemed like something someone might want to do. But let me dream up
 three examples: Sometimes firefox (or whatever program) goes a bit
 haywire and brings the machine to a crawl. It would be nice to limit
 firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
 50% of the machine to work with.

Well, if firefox is set to be quite nice, then your normal user session
should end up with a higher priority and you shouldn't notice that
firefox has gone haywire.  In this instance, you really don't have a
need to keep the CPU from being at 0% idle but rather want to maintain
responsiveness with other processes.  This is what nice is for.

 
 Another example: Let's say I'm rebuilding the kernel, base system, and
 all my packages after a major update from CVS after a long time away.
 I'm not worried about how long this takes so I'm quite happy to run
 the build at 5% of the CPU while I get on with my work.
 

As above.

 Third example, similar to the last one: I'm running a distributed.net
 or SETI-at-home client in the background, but I don't ever want it to
 run at 100% of the CPU, maybe because that would make the machine too
 noisy during the night (due to the fans).
 

What you want to do here is throttle the CPU down.

 Maybe no-one has these kind of requirements?

On my machines, if something is going haywire its more likely that its
I/O bound and regular nice doesn't help.  

If I want a process to plod along, I'll farm it out to a slower box, eg
a P-II instead of the Athlon64.

So perhaps this is your answer.  Get a slow quiet box for your
SETI-at-home or whatever for over night and use your main box during the
day.

Doug.

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
Lots of whining.

Where are your diffs to fix these issues ?

Well, before you ask for diffs,
I have to hear from devs, that these ARE
considered to be issues that MUST be fixed.
Until that, i can stick my diffs in your ass.



Oh, no wait. you want *other* people todo the work for you,
its not enough that you got what they gave already you want
more, you ungrateful whining dick.

-- 
Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
(Who does not love wine, women, and song, Remains a fool his whole life long.)
-- Johann Heinrich Voss

Re: cwm: root window unavailable

[Martin Toft]

On Mon, Jan 14, 2008 at 03:54:33PM +0100, Jan Stary wrote:
 On Jan 14 14:55:32, Martin Toft wrote:
  cwm echoes the error message above and terminates if xbindkeys is
  running. My solution at the moment is to not use xbindkeys...
 
 This is strange. I am running xbindkeys and it never bothered cwm (or
 any other WM). This is my ~/.xinitrc:
[snip]

After a bit of poking around, I've discovered that the error only occurs
if I define one or more short cuts using xbindkeys that use the same
keys as the short cuts in cwm do. I guess this behaviour should be
expected, even though I was confused about cwm's error message.

I had this short cut for starting firefox in .xbindkeysrc:

firefox
  control + alt + q

After replacing q with b (b for browser ;-)), xbindkeys and cwm are
friends again.

Jan: You ask how I start xbindkeys -- if you still want to know, my
.xinitrc is attached inline in my original mail.

Martin

Re: Zend Optimizer with apache and php5 on 4.2

[Matt]

Evgeniy Sudyr schreef:

Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension=/var/www/lib/ZendOptimizer.so

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.


Zend does not care about OpenBSD. I once had contact with the Zend 
Optimizer devs (around 3.9 I think) and there were no plans to keep up 
to date.
Using 3.4 is never going to work; I can tell you that much. Don't even 
bother trying.


Look for an alternative PHP op-cache. OpenBSD includes APC in ports 
which works good.
If you need encryption look at Ioncube they tend to be more flexible and 
will compile it for you on your box.


Matt

Re: Zend Optimizer with apache and php5 on 4.2

[Marcos Laufer]

Hello Evgeniy,

You can try this how-to, this might work for you:

Solution for ZendOptimizer to work under OpenBSD 4.1/i386
1. Download the file for OpenBSD 3.x as distributed by Zend
currently ZendOptimizer-3.2.8-openbsd3.4-i386.tar.gz

2. Untar (tar -xzf ZendOpt*), and fetch the files
- ZendOptimizer*/data/ZendExtensionManager.so
- ZendOptimizer*/data/5_1_x_comp/ZendOptimizer.so
where 5_1_x is the php you have installed

3. Put those file somewhere clean like
- /var/www/lib/php/ZendExtensionManager.so
- /var/www/lib/php/ZendOptimizer.so
you NEED to keep the names unchanged

4. Simulate old libs (here's the magic)
type in the console the following command
# ln -s libm.so.2.3 /usr/lib/libm.so.1.0

Alternatively, if you don't like symlinking you can edit the binaries and 
change the
string 'libm.so.1.0' into 'libm.so.2.3' in both of Zend*.so files
- change 0x[31 2E 30] - 0x[32 2E 33] in ZendExtensionManager.so at offset 
0x0720
- change 0x[31 2E 30] - 0x[32 2E 33] in ZendOptimizer.so at offset 0xCEAE

5. Edit your /var/www/conf/php.ini and add the section
[Zend]
zend_extension=/var/www/lib/php/ZendExtensionManager.so
zend_extension=/var/www/lib/php/ZendOptimizer.so

6. Test
Reboot your webserver
# apachectl stop
# apachectl start
Write down one php page containing ? phpinfo(); ? and browse it !



- Original Message - 
From: Evgeniy Sudyr [EMAIL PROTECTED]
To: misc@openbsd.org
Sent: Monday, January 14, 2008 9:25 AM
Subject: Zend Optimizer with apache and php5 on 4.2


Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from
/data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension=/var/www/lib/ZendOptimizer.so

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.




-- 
Best regards,
 Evgeniy  mailto:[EMAIL PROTECTED]

Re: cwm: root window unavailable

[Owain Ainsworth]

On Mon, Jan 14, 2008 at 05:35:25PM +0100, Martin Toft wrote:
 After a bit of poking around, I've discovered that the error only occurs
 if I define one or more short cuts using xbindkeys that use the same
 keys as the short cuts in cwm do. I guess this behaviour should be
 expected, even though I was confused about cwm's error message.

If you want to solve this (in current):

either use cwm's keybinding support (it abuses symlinks right now, which
is evil, but at least it works), or look into the unmap keyword. For
both man 1 cwm is your friend. I may look into if there's a nicer way of
dealing with this conflict.

Cheers,

-0-
-- 
Learned men are the cisterns of knowledge, not the fountainheads.

Re: 7800GS + 2 monitors under 4.2-release

[Chris Harper]

Just checking if anyone has made any progress thus far getting dual
screens to function ?

On 05/11/2007, Paulo Rodriguez [EMAIL PROTECTED] wrote:
 Hi misc,

 Just wondering about any success stories getting dual-screen/xinerama
 running under OpenBSD 4.2-release with nVidia cards (G73) under X. If I
 read correctly the necessary code for this was imported by matthieu@
 after 4.2-release code was frozen, so it should be in -current.

 Kind regards,

 Paulo

spamd not un-greylisting entries?

[Daniel Barowy]

Hello everyone,

  I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|[EMAIL PROTECTED]|[EMAIL 
PROTECTED]|1200331179|1200345579|1200345579|8|0

  Notice that the block column count is high.  In the past, I don't 
recall this number ever exceeding 2.  Our users are now complaining that 
they are not receiving many expected inbound emails.  My understanding is 
that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
retry.  No?


  I was troubleshooting a separate issue that required a restart of our 
firewall (spamd is running on the firewall and not the mail servers), and 
this problem popped up shortly thereafter.


  I have not changed anything with our pf.conf or spamd.conf that I know 
of, except that I've added a number of crucial mailhosts to our PF 
whitelist-- something I've done dozens of times before.


  This is on an OpenBSD 4.0 machine.

  Any suggestions?

Many thanks,
Dan

spamd not un-greylisting entries?

[Daniel Barowy]

Hello everyone,

  My apologies if you get this twice-- it just occurred to me that I sent 
my original message out using the wrong email address.


  I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|[EMAIL PROTECTED]|[EMAIL 
PROTECTED]|1200331179|1200345579|1200345579|8|0

  Notice that the block column count is high.  In the past, I don't 
recall this number ever exceeding 2.  Our users are now complaining that 
they are not receiving many expected inbound emails.  My understanding is 
that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
retry.  No?


  I was troubleshooting a separate issue that required a restart of our 
firewall (spamd is running on the firewall and not the mail servers), and 
this problem popped up shortly thereafter.


  I have not changed anything with our pf.conf or spamd.conf that I know 
of, except that I've added a number of crucial mailhosts to our PF 
whitelist-- something I've done dozens of times before.


  This is on an OpenBSD 4.0 machine.

  Any suggestions?

Many thanks,
Dan

Re: Zend Optimizer with apache and php5 on 4.2

[Evgeniy Sudyr]

Hello Marcos,

Monday, January 14, 2008, 7:18:27 PM, you wrote:

 Hello Evgeniy,

 You can try this how-to, this might work for you:

 Solution for ZendOptimizer to work under OpenBSD 4.1/i386
 1. Download the file for OpenBSD 3.x as distributed by Zend
 currently ZendOptimizer-3.2.8-openbsd3.4-i386.tar.gz

 2. Untar (tar -xzf ZendOpt*), and fetch the files
- ZendOptimizer*/data/ZendExtensionManager.so
- ZendOptimizer*/data/5_1_x_comp/ZendOptimizer.so
 where 5_1_x is the php you have installed

 3. Put those file somewhere clean like
- /var/www/lib/php/ZendExtensionManager.so
- /var/www/lib/php/ZendOptimizer.so
 you NEED to keep the names unchanged

 4. Simulate old libs (here's the magic)
 type in the console the following command
 # ln -s libm.so.2.3 /usr/lib/libm.so.1.0

 Alternatively, if you don't like symlinking you can edit the binaries and 
 change the
 string 'libm.so.1.0' into 'libm.so.2.3' in both of Zend*.so files
 - change 0x[31 2E 30] - 0x[32 2E 33] in ZendExtensionManager.so at offset 
 0x0720
 - change 0x[31 2E 30] - 0x[32 2E 33] in ZendOptimizer.so at offset 0xCEAE

 5. Edit your /var/www/conf/php.ini and add the section
 [Zend]
 zend_extension=/var/www/lib/php/ZendExtensionManager.so
 zend_extension=/var/www/lib/php/ZendOptimizer.so

 6. Test
 Reboot your webserver
 # apachectl stop
 # apachectl start
 Write down one php page containing ? phpinfo(); ? and browse it !



 - Original Message - 
 From: Evgeniy Sudyr [EMAIL PROTECTED]
 To: misc@openbsd.org
 Sent: Monday, January 14, 2008 9:25 AM
 Subject: Zend Optimizer with apache and php5 on 4.2


 Hi all,

 I want use Zend optimizer with apache and php5.

 I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
 website (latest version is only for 3.4) and unpacked archive and copied PHP 
 module from
 /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

 I put lines below to php.ini

 ;zend_optimizer.optimization_level=15
 zend_extension=/var/www/lib/ZendOptimizer.so

 Module not loading :(


 # php -v
 Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
 PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
 Copyright (c) 1997-2007 The PHP Group
 Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


 Is it possible run Zend optimizer with -current or 4.2 ? Please give a
 bit instructions how make it workable.





Thanks! I used this how-to but its not work for me :(

-- 
Best regards,
 Evgeniymailto:[EMAIL PROTECTED]

Re: [Fwd: Open-Hardware]

[Marco Peereboom]

I really tried resisting replying to this but this is simply too much.

On Mon, Jan 14, 2008 at 06:27:24AM -0500, Richard Stallman wrote:
 And who controls GPL? What will you do when all GPL software and 
 subsequent 
 developments are kept on servers out of reach of users (BSD 
 situation...)? 
 
 You are making an extreme projection, which I doubt will happen.
 I am going to urge people to avoid using servers to do their
 own computing.

I am not making an extreme projection.  The FSF for all intents and
purposes outlived its usefulness 10 years ago.  It was reinvented to
remain relevant.  It'll fade away just like any other organization that
has no real use anymore.  Then what?  To remain in power the FSF needs
to collect ownership of as much software as possible.  That's where
things like GPLv3 come in because your organization is losing control.
Retain control as long as possible!

 
 However, as regards the release of source code for those modified,
 we've already taken a step to deal with that.  We have already
 published the GNU Affero GPL which deals with the issue that someone
 might use an improved version on a public server and never release his
 changes.

This is such a dumb argument that I don't even know where to start.

The anti-tivo argument is shallow because there is no difference between
a TiVo that boots linux and a CPU that needs micro code.  The they will
close the code argument is 100% a farce; one can not close code, it is
still out there on the mirrors; licenses can not retroactively be
revoked.

You have regurgitated some lame arguments on ethics however you clearly
don't subscribe to them.  Then you go around and claim ignorance on
topics that you are supposed to be an expert on.  Your arguments have
therefore lost all credibility.

I can go on and point out all fallacies in your arguments but I am
pretty sure we have covered that ad nauseam.

 
 What will be in GPLv4?
 
 GPLv4 will be basically the same as all previous versions: it will
 grant the four freedoms to everyone, and protect them for everyone, as
 best as we can achieve.  We will change only details.

Those so called freedoms are covered by copyright law.  You really don't
need a 1 word license.

The only thing you are trying to protect is the relevance of the FSF.

 
 Why more rights to the user than to the creator?
 
 By the creator, do you mean the author of a program?  When the author
 releases a program under the GNU GPL, he gives users a subset of his
 legal rights.  So your question is based on a misunderstanding.

No it is not.  Copyright takes good care of author.  The GPL revokes
copyright holders rights and therefore is a bad license for people
authoring software.

It is however a fantastic license for large corporations to give away
code without giving it away.  This is an awesome marketing tool.

As usual your arguments are backwards.  You say you protect one group
but really you are protecting self interests.

 
 Why do you Balkanize the open source community without any sound reason?
 
 There is no such thing as the open source community.  Open source
 supporters are part of the free software community, which was built by
 the free software movement starting in 1983.

This sentence does not even make sense.  If I read this correctly you
are claiming 100% credit of all Open and Free software (man do I hate
these made up words) efforts because you started a foundation that has
something to do with FOSS.

The only credit you get to claim is the fact that there was no user
space available when Linus launched Linux and it filled a nice niche.
There was all kinds of open/free/gratis code available long before you
came up with the FSF.  You got to piggy back Linus' work and the fear of
the outcome of the BSD legal battle in California.  You didn't do that
much; you were simply lucky that at that time you had something that did
something.  All this grandeur that *you* did it is quite frankly
delusional.  You got lucky, that's it.

 
 If balkanize refers to incompatible licenses, that would not happen
 if everyone followed our licensing recommendations.  If all free
 software were released under GPL version N or later, as we
 recommend, then all free software would be license-compatible.

This is the most insulting thing you have said so far.  Now you are
challenging everyone's intelligence who does not agree with your
license.  Wow, I really thought that I had heard it all from you.

I know this will sound foreign to you but are you aware that the GPL is
not everyone's first choice?

Are you aware that large corporations are using the GPL to pretend to be
open source friendly?

The GPL has a virus clause and by that definition it is a balkanizing
license.  People will not agree with you and by throwing a tantrum
saying boohoo you should agree with my license is childish at best and 
power mongering for your irrelevant foundation at worst.

All your code are belong to FSF!

Re: Limiting CPU to a process or process group?

[Ted Unangst]

On 1/14/08, Andreas Kahari [EMAIL PROTECTED] wrote:
 As I said, I don't have a good reason for wanting to do this. It just
 seemed like something someone might want to do. But let me dream up
 three examples: Sometimes firefox (or whatever program) goes a bit
 haywire and brings the machine to a crawl. It would be nice to limit
 firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
 50% of the machine to work with.

nice.

 Another example: Let's say I'm rebuilding the kernel, base system, and
 all my packages after a major update from CVS after a long time away.
 I'm not worried about how long this takes so I'm quite happy to run
 the build at 5% of the CPU while I get on with my work.

nice.

 Third example, similar to the last one: I'm running a distributed.net
 or SETI-at-home client in the background, but I don't ever want it to
 run at 100% of the CPU, maybe because that would make the machine too
 noisy during the night (due to the fans).

while true do kill -STOP pid, sleep 1; kill -CONT pid; sleep 1; done

NVidia 8800GT (not GTS or GTX) and X @ 1680x1050 not fully working?

[Richard Daemon]

Hi,

Has anyone been able to get X (xenocara?) working properly with an nvidia
8800GT (not GTS or GTX).

It worked right out of the box with my 8600GTS but so far, not the 8800GT.

Would it help if I include any logs or anything specific or any
recommendations as to what I can try to get full support working?

TIA!

Re: spamd not un-greylisting entries?

[Daniel Barowy]

On Mon, 14 Jan 2008, Daniel Barowy wrote:
 I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|[EMAIL PROTECTED]|[EMAIL 
PROTECTED]|1200331179|1200345579|1200345579|8|0



I was pressed for time, and users were beginning to revolt, so I shut down 
spamd, moved the /var/db/spamd and /var/log/spamd files, and started the 
whole thing back up again.  spamd appears to be normal again, but if 
anyone would like to see these files, I will be happy to send them along. 
They're big-- we ran spamd nonstop for an entire year before we had this 
problem.


Dan

Re: facts about OpenBSD

[Jacob Yocom-Piatt]

Nikns Siankin wrote:

On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
  

Lots of whining.

Where are your diffs to fix these issues ?



Well, before you ask for diffs,
I have to hear from devs, that these ARE
considered to be issues that MUST be fixed.
Until that, i can stick my diffs in your ass.

  



you are correct that some of the issues you brought up are actual 
shortcomings in openbsd. however, **bitching** that these are problems 
that need to be fixed is about as rude as you can get. a number of the 
issues you complained about are in the process of getting fixed, but you 
obviously neglected to thoroughly investigate the options. i see no 
reason these issues MUST be fixed (you've provided no compelling 
argument) only that they can and likely are being fixed.


if openbsd had a steady budget of several 100K CAD per annum and more 
devs, your bitching might be perceived as reasonable since it would 
likely mean that those areas had been disproportionately or unreasonably 
neglected. as it stands there is only so much dev time for so many 
things and nobody is actively neglecting the areas you've complained about.


i was just thinking about emailing volkswagen corporate HQ and bitching 
about how my VW is not a porsche and that they should immediately double 
my car's horsepower and torque, fix the suspension, refit the brakes, 
etc. does that seem reasonable?



  

Oh, no wait. you want *other* people todo the work for you,
its not enough that you got what they gave already you want
more, you ungrateful whining dick.

--
Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
(Who does not love wine, women, and song, Remains a fool his whole life long.)
   -- Johann Heinrich Voss



  



--

Re: facts about OpenBSD

[STeve Andre']

On Monday 14 January 2008 11:30:11 Nikns Siankin wrote:
 On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
 Lots of whining.
 
 Where are your diffs to fix these issues ?

 Well, before you ask for diffs,
 I have to hear from devs, that these ARE
 considered to be issues that MUST be fixed.
 Until that, i can stick my diffs in your ass.

Actually, writing something and submitting it is a very reasonable
thing to do.  It could solve your problem, and might help someone
else.  It's also educational, in that diffs need to be of high quality
(ie, correct) to be accepted.

--STeve Andre'

Re: [Fwd: Open-Hardware]

[chefren]

On 1/14/08 7:58 PM, Marco Peereboom wrote:

On Mon, Jan 14, 2008 at 06:27:24AM -0500, Richard Stallman wrote:



What will be in GPLv4?

GPLv4 will be basically the same as all previous versions: it will
grant the four freedoms to everyone, and protect them for everyone, as
best as we can achieve.  We will change only details.


Those so called freedoms are covered by copyright law.  You really don't
need a 1 word license.


My idea. And every new word can hide a new bug or even more, so the 
version count will get much higher than 4. Less code is by design the 
only thing that gives more clarity and security...



The only thing you are trying to protect is the relevance of the FSF.


It's clear that one of Richard Stallman's main goals is further 
Balkanizing the open source community. Divide and conquer, a primitive 
and mean way to proceed with this idealistic matter. Really very sad 
that such an influential person uses this kind of methods.


But yes, you may Richard, you may. This is a BSD list, nobody here 
holds you with your primitive pursuit of happiness.



..

[

All your code are belong to FSF!


The funniest remark in this sad thread.
]

+++chefren

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote:
 you are correct that some of the issues you brought up are actual 
 shortcomings in openbsd. however, **bitching** that these are problems that 
 need to be fixed is about as rude as you can get. a number of the issues 
 you complained about are in the process of getting fixed, but you obviously 
 neglected to thoroughly investigate the options. i see no reason these 
 issues MUST be fixed (you've provided no compelling argument) only that 
 they can and likely are being fixed.

 if openbsd had a steady budget of several 100K CAD per annum and more devs, 
 your bitching might be perceived as reasonable since it would likely mean 
 that those areas had been disproportionately or unreasonably neglected. as 
 it stands there is only so much dev time for so many things and nobody is 
 actively neglecting the areas you've complained about.

 i was just thinking about emailing volkswagen corporate HQ and bitching 
 about how my VW is not a porsche and that they should immediately double my 
 car's horsepower and torque, fix the suspension, refit the brakes, etc. 
 does that seem reasonable?

If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.

If you claim to produce the most secure OS, you have to prove that by
provaiding secure wifi encryption for masses (WPAx) and usable disk
encryption design for laptops and so on...
...or let's just call it perfect wired firewall...



   
 Oh, no wait. you want *other* people todo the work for you,
 its not enough that you got what they gave already you want
 more, you ungrateful whining dick.

 -- 
 Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein 
 Lebelang.
 (Who does not love wine, women, and song, Remains a fool his whole life 
 long.)
-- Johann Heinrich Voss
 

   


 -- 

Re: Limiting CPU to a process or process group?

[Tito Mari Francis Escaño]

Maybe it would be feasible to run your ideal user space in a virtual
environment (i.e. qemu), where the guest user space thinks it can use
the CPU for itself when in fact it's just 50-75% of the actual
machine.

On Jan 14, 2008 10:27 PM, Andreas Kahari [EMAIL PROTECTED] wrote:

 On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 2:34 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
  
   On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
On Jan 14, 2008 1:30 PM, Andreas Kahari [EMAIL PROTECTED] wrote:
 On 14/01/2008, Alexander Schrijver [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 11:52 AM, Andreas Kahari [EMAIL PROTECTED] wrote:
   Hi,
  
   Is there a way of limiting the amount of CPU given to a particular
   process or process group? For example, I would want the build of 
   the
   qt4 port to use a maximum of 25% of the available CPU, leaving 
   the CPU
   75% idle if nothing else is happening on the machine.
  
   I know about 'nice', but it doesn't fulfil the criteria that the
   machine is left otherwise idle if nothing else runs on it.
  
   I don't have a real reason for why I would want to do this, I'm 
   mainly
   curious as to if it's possible.
 [cut]
 
  I have never done this myself, but I believe this is possible by
  creating a login class in /etc/login.conf and set the cputime 
  option.
  See login.conf(5) for a better description.

 Hi Alexander,

 I believe that the cputime resource limit will limit the maximum
 amount of CPU time that the user may use in a session, which is not
 really what I asked for. I'd like the process or process group to run
 for as long as it needs to run, but that it only ever uses a fraction
 of the CPU power.

 It's like limiting the network bandwidth for a particular type of
 traffic, only this is about time on the CPU.
 [cut sigs]
   
Yes, you are right. It is also possible to set a priority for a
process in a login class.
   
From login.conf(5)
 priority  number  Initial priority (nice) 
level.
   
This is not exactly what you want, but it is pretty close. I am
curious why do you want to set an exact limit and not let the
scheduler do this for you?
   
  
   As I said, I don't have a good reason for wanting to do this. It just
   seemed like something someone might want to do. But let me dream up
   three examples: Sometimes firefox (or whatever program) goes a bit
   haywire and brings the machine to a crawl. It would be nice to limit
   firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
   50% of the machine to work with.
  
   Another example: Let's say I'm rebuilding the kernel, base system, and
   all my packages after a major update from CVS after a long time away.
   I'm not worried about how long this takes so I'm quite happy to run
   the build at 5% of the CPU while I get on with my work.
  
 
  What you describe here is exactly what you can accomplish with either
  nice or the priority option in login.conf. Also, I am not exactly sure
  what you mean with percent of CPU. Do you mean the difference of cpu
  time scheduled between a 'normal' process?

 It is not quite the same because a process, even running at niceness
 level 20, will grab as much CPU as it can (unless it has to wait for
 data).

 What I mean is what I wrote in my first email: For example, I would
 want the build of the qt4 port to use a maximum of 25% of the
 available CPU, leaving the CPU 75% idle if nothing else is happening
 on the machine.

   Third example, similar to the last one: I'm running a distributed.net
   or SETI-at-home client in the background, but I don't ever want it to
   run at 100% of the CPU, maybe because that would make the machine too
   noisy during the night (due to the fans).
 
  I think this is a different issue. I don't know how this can be
  solved. An idea might be to underclock your cpu at night.

 Yes, I could sysctl -w hw.setperf=0 or something like that on my
 SpeedStep'able CPU, but with hw.setperf=0, a process still have the
 possibility to get 100% of the CPU. It will be a slower CPU, but it's
 still not limiting the process to use only a fraction of the CPU at
 any instance in time.

 Again, maybe no-one has these kind of requirements in real life?


 Regards,
 Andreas

 --
 Andreas Kahari
 Somewhere in the general Cambridge area, UK





-- 
Tito Mari Francis H. EscaC1o
Computer Engineer and Free Software Proponent

Re: facts about OpenBSD

[Ted Unangst]

On 1/14/08, Nikns Siankin [EMAIL PROTECTED] wrote:
 Well, before you ask for diffs,
 I have to hear from devs, that these ARE
 considered to be issues that MUST be fixed.

they are not issues that must be fixed.

Re: facts about OpenBSD

[Dusty]

On Jan 14, 2008 10:09 PM, Nikns Siankin [EMAIL PROTECTED] wrote:

 On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote:
  you are correct that some of the issues you brought up are actual
  shortcomings in openbsd. however, **bitching** that these are problems
 that
  need to be fixed is about as rude as you can get. a number of the issues
  you complained about are in the process of getting fixed, but you
 obviously
  neglected to thoroughly investigate the options. i see no reason these
  issues MUST be fixed (you've provided no compelling argument) only
 that
  they can and likely are being fixed.
 
  if openbsd had a steady budget of several 100K CAD per annum and more
 devs,
  your bitching might be perceived as reasonable since it would likely
 mean
  that those areas had been disproportionately or unreasonably neglected.
 as
  it stands there is only so much dev time for so many things and nobody
 is
  actively neglecting the areas you've complained about.
 
  i was just thinking about emailing volkswagen corporate HQ and bitching
  about how my VW is not a porsche and that they should immediately double
 my
  car's horsepower and torque, fix the suspension, refit the brakes, etc.
  does that seem reasonable?

 If you get money from selling CDs/soft, its just clearly unfair to not
 support it. Yes, I'm talking about stable ports.

 If you claim to produce the most secure OS, you have to prove that by


Cam you prove that another OS is more secure?


 provaiding secure wifi encryption for masses (WPAx) and usable disk
 encryption design for laptops and so on...
 ...or let's just call it perfect wired firewall...


Less talking. More coding. kthnkbye



 
 
 
  Oh, no wait. you want *other* people todo the work for you,
  its not enough that you got what they gave already you want
  more, you ungrateful whining dick.
 
  --
  Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein
  Lebelang.
  (Who does not love wine, women, and song, Remains a fool his whole
 life
  long.)
 -- Johann Heinrich Voss
 
 
 
 
 
  --

Re: Limiting CPU to a process or process group?

[RJ Nowling]

I think what you're referring to is called process accounting.  I 
don't know about OpenBSD's support for this, though.



RJ

Re: facts about OpenBSD

[johan beisser]

On Jan 14, 2008, at 12:09 PM, Nikns Siankin wrote:


If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.


Actually, the OpenBSD OS is supported. Your argument is pointless.  
Stable ports are NOT supported because, well, it's not really part of  
the OS.


If you want stable ports, build it all yourself, for the architectures  
you need. If you really think they're so important, donate hardware to  
OpenBSD, and create your own position in the ranks of various devs.


Bitching and whining get you nothing.


If you claim to produce the most secure OS, you have to prove that by
provaiding secure wifi encryption for masses (WPAx) and usable disk
encryption design for laptops and so on...


I fail to see where those features make you more secure. WPA is a  
clusterfuck. Wireless by its very nature is almost un-securable, even  
with cruft like WPA added in. If you want more secure you should  
look at alternate solutions (IPSec, OpenVPN, etc). And, even then, you  
may want to just review your code and implementation.


Full disk encryption also only provides so much benefit to code  
complexity increase. I like OpenBSD, but if I need full disk  
encryption I still use vnd(4), a passphrase that's different from my  
account password, and mount that locally. Manually. Every time you  
mount the image.


If you want FileVault style access, write your own login patch to  
handle mounting the image, and submit it.



...or let's just call it perfect wired firewall...


Does quite well for me.

Re: facts about OpenBSD (FOOOLS)

[Rico Secada]

On Mon, 14 Jan 2008 12:53:35 -0800
johan beisser [EMAIL PROTECTED] wrote:

 Bitching and whining get you nothing.

When will you people stop responding to whiners like this!? He's
bitching and your just bitching back.

Leave the ignorant fool alone, and he will stop barking up your three!
It's not that difficult!!

Re: spamd-setup hangup/timeout settings

[Frank Bax]

Jason George wrote:

My spamd-setup always takes 20-30 minutes on two servers (4.1 and 4.2).
  This is not normal?  When I run it manually; most of the time is
spent downloading traplist.gz


You are all connecting to beck@'s machine at the University of Alberta 
(www.openbsd.org) ?


I use the same major ISP that the U of A uses as one of its principal peers.  
I get timeouts, poor throughput and generally the same behaviour as mentioned 
above for all transfers to that site (spamd lists, snapshots, etc).



It appears somebody changed something on Saturday.  I had several 
downloads on that day timeout after 332 minutes.  Since then, they are 
most often in 15-35 second range; never over 2 minutes.  Thanks!

Re: spamd not un-greylisting entries?

[Calomel]

Dan,

The blocked while grey listed number of 8 is dependent on the amount of
retries the remote mail server attempted while grey listed. Comcast servers
for example will try once per minute to deliver their mail. For example, if
you grey listed comcast for 25 minutes the blocked number would be around
24-26.

What is your grey listed time out? By default I believe it is set at 25
minutes. (-G 25:4:864) Perhaps it is too low or too high?

This is probably not your issue, but may give you a place to start.


Spamd anti-spam how to (spamdb)
http://calomel.org/spamd_config.html

--
 Calomel @ http://calomel.org
 Open Source Research and Reference


On Mon, Jan 14, 2008 at 01:00:44PM -0500, Daniel Barowy wrote:
Hello everyone,

  My apologies if you get this twice-- it just occurred to me that I sent 
my original message out using the wrong email address.

  I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):

GREY|76.96.62.64|[EMAIL PROTECTED]|[EMAIL 
PROTECTED]|1200331179|1200345579|1200345579|8|0

  Notice that the block column count is high.  In the past, I don't 
recall this number ever exceeding 2.  Our users are now complaining that 
they are not receiving many expected inbound emails.  My understanding is 
that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
retry.  No?

  I was troubleshooting a separate issue that required a restart of our 
firewall (spamd is running on the firewall and not the mail servers), and 
this problem popped up shortly thereafter.

  I have not changed anything with our pf.conf or spamd.conf that I know 
of, except that I've added a number of crucial mailhosts to our PF 
whitelist-- something I've done dozens of times before.

  This is on an OpenBSD 4.0 machine.

  Any suggestions?

Many thanks,
Dan

Need a major favor from Theo!

[Billy B. Bilano]

Hey guys!!! (with special request for Theor pls!)

Theo, I need a favor big guy! (only an easy one this time, I swear to it 
sir! LOLSLS)!


See, we have the audit happening here at the bank this time and it's 
causing me a lot of headaches and pains. A whiles back I replaced Cisco 
stuff here with OBSD and pf and OpenBPG and all that jazz because you 
(you = Theo) and Danny J. Harmminereater (or what everyour name is guy 
who wrote OepnBGP) said that is the smarty thing to do! Well, it turns 
out we still got some Cisco contracts open and all, and these auditors 
need some docs filled out by you two.


It's no big deal, I swear! They just want me to sent these docs (only 
about twenty pages) titled Assumption of Vendor Liability off to you 
for you to fill out and send back. Easy as punch!!!


So if you could give a an mailing address that would be swell. I promise 
that if you do this, I will buy a CD set this time and not take the 
bootlegs ISOs that Maddog releases!



--
Mr. Billy B. Bilano, MSCE, CCNA, CISSP, and now QISP
http://www.bilano.biz/
Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS

Re: Need a major favor from Theo!

[Ken Ismert]

http://www.encyclopediadramatica.com/Bilano

Excerpt:
Last name of Billy B. Bilano troll genius. Mr. Bilano posts 
incredibly plausible-sounding pleas for help on various alpha geek 
mailing lists...


Is January some kind of official troll month? Why can't it be the 
shortest month of the year?


-Ken

Billy B. Bilano wrote:

Hey guys!!! (with special request for Theor pls!)

Theo, I need a favor big guy! (only an easy one this time, I swear to 
it sir! LOLSLS)!


See, we have the audit happening here at the bank this time and it's 
causing me a lot of headaches and pains. A whiles back I replaced 
Cisco stuff here with OBSD and pf and OpenBPG and all that jazz 
because you (you = Theo) and Danny J. Harmminereater (or what everyour 
name is guy who wrote OepnBGP) said that is the smarty thing to do! 
Well, it turns out we still got some Cisco contracts open and all, and 
these auditors need some docs filled out by you two.


It's no big deal, I swear! They just want me to sent these docs (only 
about twenty pages) titled Assumption of Vendor Liability off to you 
for you to fill out and send back. Easy as punch!!!


So if you could give a an mailing address that would be swell. I 
promise that if you do this, I will buy a CD set this time and not 
take the bootlegs ISOs that Maddog releases!

Re: Limiting CPU to a process or process group?

[scott]

***
Analogy:  You're on a highway with a posted speed of 100 km/h.  You want
to operate your car and your car only 25 km/h only on the 100 km/h
highway.
***

And for this happy privilege, you want to impose the attendant nuisance
(highway analogy), read overhead (o/s analogy), on all the other cars to
have to slow behind and pass around you.

Generally, a time slice is a time slice.  Regardless whether you get 1
sec of every 10 sec or 100 ms of every 1 s, you're going to execute your
instructions at a rate of 100% of the cpu within your time slice
allocation.

Now you can impose scheduler and threading overhead and discipline to
make your time slices very, very fine grained so that overall at a
system level it looks like 25% of a resource, but your rate of execution
within your context is going to be 100%.

That said and for the cited examples, the workable answer that I know of
is virtual machines.  Be it VMWare, XEN, solaris containers (zones),
freeBSD jails, qemu(*) or to a degree dragonflybsd (vkernel(*) --
system-in-a-box running as a userland process), each has a means to
say that VM(1) gets 25% of the CPU resources and the vm-engine by
whatever implement will effectively do so. And you will see that seti,
for example, takes 100% of its VM(1) resource but only 25% of machine as
a whole, less the overhead.  (*)Not used personally.

And, yes, we're aware of the opines herein and about re VM.

/S

-Original Message-
From: Andreas Kahari [EMAIL PROTECTED]
To: Alexander Schrijver [EMAIL PROTECTED]
Cc: misc@openbsd.org
Subject: Re: Limiting CPU to a process or process group?
Date: Mon, 14 Jan 2008 14:27:33 +

Re: [Fwd: Open-Hardware]

[chefren]

On 01/14/08 12:27, Richard Stallman wrote:
 And who controls GPL? What will you do when all GPL software and 
 subsequent 
 developments are kept on servers out of reach of users (BSD 
 situation...)? 
 
 You are making an extreme projection, which I doubt will happen.

I see more revenue from our services, where we keep up servers for
others, every moment. People who bought servers from us in the past
would love to hire them, and yes yes yes, with maintenance.

 I am going to urge people to avoid using servers to do their
 own computing.

You need programs for that, most new programs are offered as web
services, out of reach of your GPLv0/1/2/3.

..

 What will be in GPLv4?
 
 GPLv4 will be basically the same as all previous versions: it will
 grant the four freedoms to everyone, and protect them for everyone, as
 best as we can achieve.  We will change only details.

If I read and read between the lines you clearly admit you are not
satisfied with the current GPLvX more restrictions will follow.

If I see your first line above I understand, but maybe better to ask
it directly: How come you cannot fix a license for once and for all? I
admit the BSD license has changed somewhat in time, it became =less=
restrictive. You clearly want more restrictions.

Am I right that it could end with the FSF looking over the shoulder of
 anybody who uses GPL to see if something is changed or added while
being used for a third party?

I presume you would love it if also scripts that connect GPLvX
programs will automatically be GPLvX too?


 Why more rights to the user than to the creator?
 
 By the creator, do you mean the author of a program?

Yes, or the creator of a change or extra line to a program. Someone
who creates something in general. Preferable pushing the edge!

 When the author
 releases a program under the GNU GPL, he gives users a subset of his
 legal rights.  So your question is based on a misunderstanding.

Since you mention the word misunderstanding: Why don't you mention
that (s)he also gives the clear =restriction= to open up all further
changes?

 Why do you Balkanize the open source community without any sound reason?
 
 There is no such thing as the open source community.

There is .., to your opionion I may hope?? I cannot remember anyone
else denying that there is an open source community. People and
companies who deliver publicly available sourcecode with various less
or more restrictive licenses form the open source community.

 Open source
 supporters are part of the free software community, which was built by
 the free software movement starting in 1983.

I know a lot of open source supporters who want no connection at all
with the movement you started (don't ask around her at
[EMAIL PROTECTED]), if only for your denying above of any
=restrictions= in the GPLvX. Your publishings only uses pluses and no
minuses concerning freedoms. Every of your four freedoms have
accompanying restrictions equally big/bold if you like it or not.

If you keep denying that it's not difficult to envision: Every
subsequent GPLvX version will undoubtedly be more restrictive while
you will need to scream louder and louder that it brings more freedom.

Compare that with BSD, simple message, no screaming necessary, no
serious changes in the license to be foreseen, its decent.

 If balkanize refers to incompatible licenses, that would not happen
 if everyone followed our licensing recommendations.  If all free
 software were released under GPL version N or later, as we
 recommend, then all free software would be license-compatible.

Did you recommend that since version 0 of GPL? I doubt so, that would
have awakened more people at the right moment. Now with GPLv4 in the
works people start thinking hey where will it end up?

Who knows what will be in GPLv5? Is it possible that GPLv5 will be
100% compatible with the 2 clause BSD license?


It's clear you doubt most GPLv0/1/2/3 will be behind servers but let's
think and say it is so. In that situation for both users and
programmers there is no difference between BSD and GPLv0/2/3 !!!

My estimate is that the open source community will still take up and
produce clever ideas and produce open source code. If it's not
published (open) it doesn't exist and cannot be build upon by the
community (world!).


On the other hand, if most code is used for services on servers, there
is often almost no way to check if GPLvX is used. Enforcing GPLvX in a
services world seems a little bit clueless to me. You will need
investigating searches by the police et cetera.

You want too much and without a sound reason, only Balkanizes the
community. BSD is good enough for the users of open source and clearly
better for programmers and companies who use and produce code. Gives
them maximum privacy and a better chance of earning money with it.

+++chefren

Re: Need a major favor from Theo!

[bofh]

On Jan 14, 2008 6:00 PM, Billy B. Bilano 
[EMAIL PROTECTED] wrote:

 See, we have the audit happening here at the bank this time and it's
 causing me a lot of headaches and pains. A whiles back I replaced Cisco
 stuff here with OBSD and pf and OpenBPG and all that jazz because you
 (you = Theo) and Danny J. Harmminereater (or what everyour name is guy
 who wrote OepnBGP) said that is the smarty thing to do! Well, it turns
 out we still got some Cisco contracts open and all, and these auditors
 need some docs filled out by you two.

 It's no big deal, I swear! They just want me to sent these docs (only
 about twenty pages) titled Assumption of Vendor Liability off to you
 for you to fill out and send back. Easy as punch!!!


Hey no problems.  If Theo's too busy to do it, I'll be happy to step in, and
you'll have the full backing of my organization too - the Church of
Security!

So if you could give a an mailing address that would be swell. I promise
 that if you do this, I will buy a CD set this time and not take the
 bootlegs ISOs that Maddog releases!


Not a problem.  As part of the service (minor detail, just sign here on the
service agreement), we will even buy your CDs for you.  And send it to you
for free!

The Grand bofh
Church Of Security (.com)

-- 
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
This officer's men seem to follow him merely out of idle curiosity.  --
Sandhurst officer cadet evaluation.
Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks factory
where smoking on the job is permitted.  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=j1G-3laJJP0feature=related

Re: facts about OpenBSD

[Markus Lude]

On Wed, Jan 09, 2008 at 05:07:35PM -0600, Jacob Yocom-Piatt wrote:
 Marc Balmer wrote:
 Nikns Siankin wrote:
 
 Facts about OpenBSD:
 
 # Stable release cycle.   If you want to run latest bugfree ClamAV or 
 FireFox - upgrade to CURRENT!   But don't forget to buy release CD's!!!
 # Secure By Default.
   OpenBSD uses broken WEP for securing WiFi networks.
   Has no WPA/WPA2 support.
 # Do not let serious problems sit unsolved.   OpenBSD doesn't need 
 MAC because it has their own security flawed systrace.
 # Use of Cryptography.   OpenBSD uses file-backed encryption (svnd) 
 which is very suited
   for Full-disk-encryption. NOT.
 # Full Disclosure.   OpenBSD at first denies remote exploitable 
 flaws.   DoS flaws gets marked as reliability not security issues.
 # Easy maintainable.   OpenBSD distributes source patches to make 
 your farm of
   Pentium2 firewalls updated easly.
 # Secure Distribution.
   The most secure operation system gets distributed on FTP servers
   as unsigned binaries.
 
 
 Facts about Nikns Siankin:
 
 # Whiner.  He bitches incessantly about stuff and does nothing to fix 
 it.  AFAICT he's even saying that purchasing the CDs is pointless.
 # Jerk.  He ignores that most of the development time that goes into 
 OpenBSD is DONATED by highly-skilled individuals.  You can only add as 
 many bells and whistles as you have resources and time.
 # Misleading.  He claims the system is distributed on FTP servers and 
 elects not to note that code is available via cvs over ssh.
 # Ignorant.  OpenBSD has myriad additional security technologies in it 
 that help to moderate vulnerabilities in poorly coded applications like 
 firefox and clamav.
 # Idiot.  By whining in a totally counterproductive fashion he alienates 
 himself from those who would otherwise, provided his requests were 
 reasonable, help him out.

I'd add some points:
# Possibly frustrated because quite a few diffs never made it into
ports. I guess due to lack of time or interest of the devs
# Helpful with testing ports and get bugs fixed there

Thanks Nikns, for your help so far.

I don't feel great about the situation with -stable ports. But as I only
run 2 OpenBSD boxes at the moment, I usually stick to -current anyway.
And as I don't have time nor machines to contribute/test -stable ports I
think I don't should complain about the -stable situation. What is a bit
unclear to me: are some developers willing to commit security patches
for -stable ports if
# posts of security patches for -stable ports are welcome on @ports?
# someone put them together?
# they get enough testing?
Apart from this, I haven't seen any posts of security patches (not
updates) for -stable on @ports during last months. At least I can't
remember any.
 
Regards,
Markus

Re: Suggested PF Setup when using BitTorrent?

[Max Hayden Chiz]

Brian,

After your post (and several others), I tried BitTorrent out on my
network (sparc64 router + DOCSIS 2.0 cable connection; see
http://marc.info/?l=openbsd-miscm=120019379210857w=2)

After some experimentation, I was able to determine that running
BitTorrent with a large number of connections causes a huge increase
in latency regardless of bandwidth.  No one seems to know why this is,
but that might just be because my thread got buried by trolls and
other posts.

I'm not having watchdog timeouts but there is an off chance that the
latency increase that I experience and your timeout problem may be
related.  My work around is to use the max-src-states feature of pf to
limit the number of bit torrent connections to a reasonable number (50
seems to be a good trade-off on my machine, YMMV).

Could you modify your pf.conf to do this (or limit your connections at
the client and use pf to confirm) and let us know if that works on
your end as well?

--MHC

On Jan 5, 2008 1:22 PM, Brian [EMAIL PROTECTED] wrote:
 Is there any suggested PF setup when using BitTorrent?

 Right now, the biggest problem I have when using BitTorrent is watchdog
 timeouts.

 Thanks,

 Brian




   
 
 Never miss a thing.  Make Yahoo your home page.
 http://www.yahoo.com/r/hs

Re: Suggested PF Setup when using BitTorrent?

[Chris Kuethe]

On Jan 14, 2008 4:06 PM, Max Hayden Chiz [EMAIL PROTECTED] wrote:
 Brian,

 After your post (and several others), I tried BitTorrent out on my
 network (sparc64 router + DOCSIS 2.0 cable connection; see
 http://marc.info/?l=openbsd-miscm=120019379210857w=2)

 After some experimentation, I was able to determine that running
 BitTorrent with a large number of connections causes a huge increase
 in latency regardless of bandwidth.  No one seems to know why this is,
 but that might just be because my thread got buried by trolls and
 other posts.

My theory is that you're using a ... uh... well, not very good
connection that bogs down easily. Some time ago, I tossed together a
little undeadly article on how to use altq to keep bittorrent from
dragging your network down -
http://www.undeadly.org/cgi?action=articlesid=20061109202501

I think you can solve this by tuning your service classes a little
better. I'm currently stuck on a 1.5M/384k dsl - to minimize the pain,
I told altq that i have 1.3M/340k.

CK

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: spamd not un-greylisting entries?

[Daniel Barowy]

On Mon, 14 Jan 2008, Calomel wrote:


Dan,

The blocked while grey listed number of 8 is dependent on the amount of
retries the remote mail server attempted while grey listed. Comcast servers
for example will try once per minute to deliver their mail. For example, if
you grey listed comcast for 25 minutes the blocked number would be around
24-26.


Aha!  This explains the spamdb entry I posted, which also goes to show 
that no matter how many times I read something in the documentation, 
sometimes I just don't get it.  I was under the mistaken impression that 
spamd simply counted retries and changed the GREY entries to WHITE once 
the block count reached a certain magic number.  The fact that I could not 
find this magic number in the documentation should have tipped me off.


I am using the spamd default timeouts-- on startup I only specify to use 
greylisting, that the hostname match our real MX, and to use 451's instead 
of 450's.


So that particular problem was a red herring.  I will upgrade my system to 
4.2 before I complain about spamd any more.


Thanks!
Dan

Re: Need some guidance booting OpenBSD on an ALIX device,

[baldoni]

I've always had consistent success with a crossover cable and ssh.  Serial
connections with Wrap and Alix can be hit and miss and it's hard to see
why it worked yesterday but not today.  You may consider spending the
pesos on the cable instead of coffee, cigarettes or aspirin.

Are you in BA?  What a lovely country you have there.


Gian

Re: Suggested PF Setup when using BitTorrent?

[Max Hayden Chiz]

On Jan 14, 2008 6:30 PM, Chris Kuethe [EMAIL PROTECTED] wrote:
 My theory is that you're using a ... uh... well, not very good
 connection that bogs down easily.

My connection normally works fine; even when I max out my 7Mb/512Kb
line.  Running BitTorrent (even with a fraction of the bandwidth)
makes my latency go through the roof.

 Some time ago, I tossed together a
 little undeadly article on how to use altq to keep bittorrent from
 dragging your network down -
 http://www.undeadly.org/cgi?action=articlesid=20061109202501

See the thread I referenced in my previous email.  The issue I am
experiencing seems to have nothing to do with bandwidth usage.

 I think you can solve this by tuning your service classes a little
 better.

If you have a specific suggestion, I will try it and post the result
here, but as I discussed in the previous thread, altq shows that there
is no backlog of packets, and even with BitTorrent rate limited to a
small fraction of the bandwidth (via CBQ or HFSC) it is still able to
cause the latency issue.  By contrast if I limit the number of
connections, BitTorrent can consume almost all of the bandwidth and
the issue will not appear.

Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems).  But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.

--MHC

Re: Suggested PF Setup when using BitTorrent?

[Chris Kuethe]

On Jan 14, 2008 5:00 PM, Max Hayden Chiz [EMAIL PROTECTED] wrote:
 cause the latency issue.  By contrast if I limit the number of
 connections, BitTorrent can consume almost all of the bandwidth and
 the issue will not appear.

 Perhaps this problem is specific to my configuration (or specific to
 DOCSIS cable modems).  But if it makes Brian (or someone else's
 problem) go away, then it is likely that this problem is not unique.

i doubt it's your machine not being happy with number of connections -
i routinely have hundreds of states. depends on your modem, maybe? or
who made the board inside your modems? or what crack-addled rhesus
monkey pretended to write the firmware. If several different
manufacturers licensed the IP stack or NAT engine from the same
vendor, then it's perfectly possible that you both have ill-designed
hardware.

if you have a shell host somewhere, you could use netcat to determine
where your router falls over. use netcat to send /dev/zero over the
wire, with just a single stream, that should be pretty fast. then
start opening up more tcp connections (but don't send anything through
them) until it starts to bog down. That should give you enough
information to create several different rule classes to limit number
of connections by port. Web,ssh, dns and chat get to open connections
first, and can always open one more connection, all other ports get to
share ... 80% of max connections?

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: Suggested PF Setup when using BitTorrent?

[Brian]

--- Max Hayden Chiz [EMAIL PROTECTED] wrote:

 Perhaps this problem is specific to my configuration (or specific to
 DOCSIS cable modems).  But if it makes Brian (or someone else's
 problem) go away, then it is likely that this problem is not unique.
 
 --MHC
 

Let me read through the documentation to figure out how to set this up.  I am
running a cable modem as well.

Here are my bittorrent settings:

--minport 13000 --maxport 14000 --max_initiate 15 --max_allow_in 15
--max_upload_rate 25 --max_uploads 5

Give me some time to figure out the altq and pf.  I have only used pf for a
week, so I'm still learning it.

Thanks,

Brian



  

Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  
http://tools.search.yahoo.com/newsearch/category.php?category=shopping

Re: Suggested PF Setup when using BitTorrent?

[johan beisser]

On Jan 14, 2008, at 5:10 PM, Brian wrote:


--- Max Hayden Chiz [EMAIL PROTECTED] wrote:


Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems).  But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.


It's not unique, I saw the same issue recently. I basically exceeded  
the number of states my CPU/RAM combo could handle easily (roughly  
2400, normal average is 200 state rules) while pushing major amounts  
of data.


If I reduced the number of connections through bittorrent, performance  
improved.  During the download, at 350 peers, regardless of the  
download rate, I had 2400 some odd state rules. I suddenly saw round  
trip ICMP echo taking 900+ ms to the first hop. At 325, times were  
merely 90ms to the first hop, and normal is around 10ms.


The hardware is a slightly loaded Soekris net4501 with 64mb of RAM  
running OpenBSD 4.1 (GENERIC). It does not have a crypto accelerator,  
and handles ssh and openvpn on the main CPU (both are fairly low in  
usage at this time).


My guess, so far, is an issue with my ruleset, the hardware, and the  
use of synproxy for some of the TCP states (almost all of the BT  
clients I had were over TCP). OpenBSD itself seems to be fine, up  
until I get close to the limits of the hardware.


Let me read through the documentation to figure out how to set this  
up.  I am

running a cable modem as well.

Here are my bittorrent settings:

--minport 13000 --maxport 14000 --max_initiate 15 --max_allow_in 15
--max_upload_rate 25 --max_uploads 5

Give me some time to figure out the altq and pf.  I have only used  
pf for a

week, so I'm still learning it.


Ask around if you have questions. There are excellent articles and  
examples available.