Re: Mouse Pointer Disappeared
On Wed, 18 Jun 2008, Daniel B. wrote: Hi, sometimes my mouse pointer disappear. Restarting xorg do not solve the problem. Any hints? Add: Option SWcursor True in the Device section of your /etc/X11/xorg.conf and see if it helps. -- Antoine
Re: Any offshore OpenBSD hosting?
Nice idea,but if you want implement everything you write than you are terrorist in modern democracies ;-) Ball is on another place in game : http://www.democracynow.org/2007/8/7/freedom_next_time_filmmaker_journalist_j ohn -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of macintoshzoom Sent: Wednesday, June 18, 2008 6:36 PM To: [EMAIL PROTECTED] Cc: misc@openbsd.org Subject: Re: Any offshore OpenBSD hosting? Hey, Your postings on this subject are interesting, it seems you know about what your are talking about. What should be your summary global advice for creating an hosting offshore corporation/foundation to help human right watchers and activists, say as eg Greenpeace, hrw.org , tibetans, chinesse/asian free speech/democacy activists, and the like?. If we are able to provide these communities with strong privacy-security-enhanced turnkey hosting services, individials, corporations, foundations will become also interested to adhere (or to order, if we go on business)our hosting system(s) and services... There are other considerations to implement in the hosting servers and customers PC's to help against Big Brother(s), as it's the software (and OS): Here OpenBSD can help a lot as the OS of choice, but it requires yet a lot of implementations and tricky configurations. To be implemented: Fully encryption of the OS boxes (a-la drivecrypt / compusec), also encrypting (eventually on fake video-music file containers for stegaqnography?) the users space via OTF-like (truecrypt?) encryption, including one or more layers of denial plausibility with fake/honey-pots areas if server maintainers or hosted customers are eventually forced (or hacked) to reveal their pass keys. The hoster company should never be able to decrypt the hosted customers content, its their matter and their privacy. A new kind of secureprivate hosting standard should be created, e.g to force the use of only strong SSL for browsing and e-mail/webmail, and allowing only gpg protected communications on specific or aproved-verified secured pre-configured software clients. And networking ONLY on gateways as tor, i2p, mixminion, jap, freenet or similar systems. And etc etc... I can't understand why everyone still gives their websites on (weak/cleartext) http, instead of using strong https that should be the standard. Most if not all of the current PC boxes and bandwiths allow this, or not?. Why is https only used for banking, order former and the like, and not for everything? All this seems a lot of job (we all are working on that), but once done it can set up a new standard(s) for data and communications privacy ( a new standard that can/should have its own brand name) not only for individuals but also for corporations (industrial and commercial secrets theft causes billions loses), govs. We believe that this is an essential feature for a fair world and to reach a new degree of civilization, justice, equity and fraternity (if we can avoid to extinguish the humanity in the meantime): Information and association of the masses is a very powerful power. If and when you can freely communicate with everyone at the last desert village inhabitants in deep Africa, if and when a global worldwide individual can learn, know, opine and vote, then there will be a new kind of planet lobby from the masses against any ill-minded government, corporation, money or justice laws that can change the world in decades. And there are enough goods and resources in earth for all to leave in peace; someone is tricking us the wrong way. Here the OLPC (one laptop per children, wifi connected and solar/handcrank powered) is a good step (we are working also on an OpenBSD based version suite to fit on these as an alternate of the standard software (probably bigbro-dirty as not-privacy secured at all) . Of course, a super-secure information/communication/privacy system will help also criminals and ill-minded likes, but we must fight against them not at the price of losing our freespeech nor robbing the freespeech (nor the planet) of our childs, that are the real owners of the world. macintoshzoom --- On Wed, 18 Jun 2008 13:29:29 + [EMAIL PROTECTED] wrote: But if ISP's must have blackbox on their interfaces (hello FBI),than you can't trust your local hosting company even if they are very friendly ;-) Cisco prefers a blueish-black color. Juniper boxes tend to be white and blue. In most Western countries there are many ISPs; if many of them were forced to have, in secret, black boxes on their networks, it would soon be public that that is occuring. Providers are, in many cases, being forced to allow, unmonitored, snooping by their governments - read up on CALEA. Hardware based routing platforms will be able to handle only a very small amount of traffic, the CPUs that are used in them tend to be very slow and even the fastest CPUs can route only a tiny
Re: OT: Mail was Re: Changing From headers in mail on a whim?
On 19/06/2008, at 1:04 PM, Aaron W. Hsu wrote: Hey Predrag, Since I'm the one that brought up this issue, I figure that I could comment on your suggestion... I was wondering if you guys could clarify something for me. I looked heirloom mailx (nail) very carefully and it looks like mail on steroids. [cut] I do not think there is any reason to expect base to have all the features that you need when you first get started, unless the features that you need a sufficiently general that they are going to apply to a wide variety of users. I can't see the above recommendations as sufficiently general, even though I would in fact use something like fetchmail and metamail. I really think that you are only talking about adding metamail and fetchmail, which can be used together with sendmail, spamassassin and mail to accomplish the above goals. Just thoughts from someone who tends to stick with base. But - moving back to your original email, and being able to edit From: - it does look as though Heirloom does provide code that might be applied to base if so desired (I will have a look myself at doing so for learning.) e.g. collect.c now has ~H to allow From:, Reply To: etc. to be altered: case 'H': /* * Grab extra headers. */ do grabh(hp, GEXTRA, 0); while (check_from_and_sender(hp-h_from, hp-h_sender)); goto cont; And from the Heirloom docs: ~H Edit the message header fields 'From:', 'Reply-To:', 'Sender:', and 'Organization:' in the same manner as described for ~h. The default values for these fields originate from the from, replyto, and ORGANIZATION variables. If this tilde command has been used, changing the variables has no effect on the current message anymore. Thanks.
OpenSSL Certificate Authority Setup
Dear Group, I was trying to create a my own CA for signing certificates for sendmail and when I did apply the following command: --- openssl ca -policy policy_anything -out cert.pem -infiles csr.pem --- I got: Using configuration from /etc/ssl/openssl.cnf variable lookup failed for ca::default_ca 28423:error:0E06D06C:configuration file routines:NCONF_get_string:no value:/usr/src/lib/libssl/src/crypto/conf/conf_lib.c:329:group=ca name=default_ca I understand that openssl.cnf doesn't have any 'ca' reference and it fails but why is that? What's the reason not having this entry in the default openssl OpenBSD configuration? I am missing something? Also, in http://openbsd.org/faq/faq10.html#HTTPS; explains how to sign the certificate by yourself. Is that the same action? Thanks for your support George
NEC usb controller and huawei E620 support
Hi all, I have a small question, but it's not tech enough for tech@, so asking it here. How do I add support for NEC usb controller to OpenBSD? http://www.huawei.com/mobileweb/en/products/view.do?id=145 Currently it looks like the NEC usb controller is not recognized because OpenBSD doesn't know its id. Huawei card is 'hiding' behind the controller, and is not visible at the moment. I've taken a look at /usr/src/sys/dev/usb/usbdevs file and saw this: /* NEC products */ product NEC USB2EXTEND 0x0409 Repeater product NEC HUB 0x55aa hub product NEC HUB_B 0x55ab hub product NEC PICTY7600xbef4 Picty760 product NEC PICTY9000xefbe Picty900 product NEC PICTY9200xf0be Picty920 product NEC PICTY8000xf1be Picty800 According to my dmesg (below), device id is: ohci0 at cardbus0 dev 0 function 0 NEC USB rev 0x43: irq 5, version 0.0 ohci0: unsupported OHCI revision ohci1 at cardbus0 dev 0 function 1 NEC USB rev 0x43: irq 5, version 0.0 ohci1: unsupported OHCI revision But I cannot figure out what string should I add to usbdevs file: product NEC PCMCIAUSB 0x4300 or product NEC PCMCIAUSB 0x3433 (43 into hex??) or something completely different? I've tried searching the net, but not enough definite pointers there neither. http://alenitchev.wordpress.com/2006/10/02/hacking-usb-device-drivers-part-2/#more-43 Here's the dmesg from -current, yesterday's checkout and compile: $ dmesg OpenBSD 4.3-current (GENERIC) #1: Wed Jun 18 20:54:44 CEST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.80GHz (GenuineIntel 686-class) 1.80 GH z cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MM X,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 2146332672 (2046MB) avail mem = 2067288064 (1971MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/27/06, BIOS32 rev. 0 @ 0xfd750, SMBIOS rev. 2.33 @ 0xe0010 (61 entries) bios0: vendor IBM version 1RETDOWW (3.20 ) date 02/27/2006 bios0: IBM 2373M1G apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 83% apm0: AC on, battery charge high, charging acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdea0/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #6 is the last bus bios0: ROM list: 0xc/0x1 0xd/0x1000 0xd1000/0x1000 0xdc000/0x4000! 0 xe/0x1 cpu0 at mainbus0 cpu0: Enhanced SpeedStep 1800 MHz (1340 mV): speeds: 1800, 1600, 1400, 1200, 100 0, 800, 600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82855PM Host rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82855PM AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon Mobility M10 NP rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xd000, size 0x1000 uhci0 at pci0 dev 29 function 0 Intel 82801DB USB rev 0x01: irq 5 uhci1 at pci0 dev 29 function 1 Intel 82801DB USB rev 0x01: irq 6 uhci2 at pci0 dev 29 function 2 Intel 82801DB USB rev 0x01: irq 9 ehci0 at pci0 dev 29 function 7 Intel 82801DB USB rev 0x01: irq 11 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x81 pci2 at ppb1 bus 2 cbb0 at pci2 dev 0 function 0 TI PCI4520 CardBus rev 0x01: irq 5 cbb1 at pci2 dev 0 function 1 TI PCI4520 CardBus rev 0x01: irq 5 em0 at pci2 dev 1 function 0 Intel PRO/1000MT (82540EP) rev 0x03: irq 5, addre ss 00:11:25:b1:ab:3b ath0 at pci2 dev 2 function 0 Atheros AR5212 (IBM MiniPCI) rev 0x01: irq 9 ath0: AR5213 5.9 phy 4.3 rf5112a 3.6, WOR2W, address 00:0e:9b:c6:8b:16 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 cardbus1 at cardslot1: bus 6 device 0 cacheline 0x8, lattimer 0xb0 pcmcia1 at cardslot1 ichpcib0 at pci0 dev 31 function 0 Intel 82801DBM LPC rev 0x01: 24-bit timer a t 3579545Hz pciide0 at pci0 dev 31 function 1 Intel 82801DBM IDE rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: HTS541080G9AT00 wd0: 16-sector PIO, LBA, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets, initiator 7 cd0 at scsibus0 targ 0 lun 0: HL-DT-ST, RW/DVD GCC-4242N, 0201 ATAPI 5/cdrom r emovable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x01: irq 5 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 1GB DDR SDRAM non-parity PC2700CL2.5 spdmem1 at iic0 addr 0x51: 1GB DDR SDRAM non-parity
Re: OpenSSL Certificate Authority Setup
I know the man page for openssl is huge, but the man page for isakmpd has some nice description about how to setup a local CA. Maybe this helps as a starting point? Good luck Harri
Re: NEC usb controller and huawei E620 support
* Maxim Belooussov [EMAIL PROTECTED] [080619 14:11]: Hi all, I have a small question, but it's not tech enough for tech@, so asking it here. How do I add support for NEC usb controller to OpenBSD? http://www.huawei.com/mobileweb/en/products/view.do?id=145 Currently it looks like the NEC usb controller is not recognized because OpenBSD doesn't know its id. Huawei card is 'hiding' behind the controller, and is not visible at the moment. I've taken a look at /usr/src/sys/dev/usb/usbdevs file and saw this: /* NEC products */ product NEC USB2EXTEND 0x0409 Repeater product NEC HUB 0x55aa hub product NEC HUB_B 0x55ab hub product NEC PICTY7600xbef4 Picty760 product NEC PICTY9000xefbe Picty900 product NEC PICTY9200xf0be Picty920 product NEC PICTY8000xf1be Picty800 According to my dmesg (below), device id is: ohci0 at cardbus0 dev 0 function 0 NEC USB rev 0x43: irq 5, version 0.0 ohci0: unsupported OHCI revision ohci1 at cardbus0 dev 0 function 1 NEC USB rev 0x43: irq 5, version 0.0 ohci1: unsupported OHCI revision But I cannot figure out what string should I add to usbdevs file: product NEC PCMCIAUSB 0x4300 or product NEC PCMCIAUSB 0x3433 (43 into hex??) or something completely different? you can get the id from pcidump -v, something like this: 0:0:0: Intel 82Q965 Host 0x: Vendor ID: 8086 Product ID: 2990 -- Alexander Polakov | http://rootshell.be/~polachok/
Re: RAID/Intel Installation Problem
On Wed, Jun 18, 2008 at 12:39 PM, Kenneth R Westerback [EMAIL PROTECTED] wrote: If this is the device you expect to provide disks, the only obvious candidate I see, it is not currently supported in the RAMDISK_CD kernel if at all. From a quick glance at pciide(4), I suppose it should work. That is, it would work *without* the in-BIOS RAID. To the OP: for proper RAID support, best refer to mfi(4), ami(4) or arc(4) if you want bioctl(8) niceness. Maybe softraid(4) will suit your needs too (but see the caveats listed in the man page; trying it out is still on my to do list). Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: mdoc.samples fix
On Wed, Jun 18, 2008 at 06:32:58PM +0400, Vadim Zhukov wrote: Man page says: No macro yet exists to cause a line break without inserting a vertical space (such as troff's `.br' macro). But since nroff(1) is actually a wrapper to GNU groff(1), .br macro works there. Diff is at the end of letter. the point of that note is that the doc macros do not have an equivalent macro. you can of course use old-style macros. BTW: /usr/src/gnu/usr.bin/groff/tmac/groff_mdoc.samples.7_in doesn't contain such a statement too. we maintain our own local copy of mdoc.samples.7 and the macro package. jmc
pass pasword to ssh
I am writing script, that would ssh to switch and dump configuration in file. 1) Since it is switch, i have no way to make use of public key authentication, because I have no way to store pubkey on switch. 2) Since I'm using dedicated box for backups, I don't need to hide password from ps. What is the cleanest way to pass password to ssh?
Re: RAID Hot Spare
On 18 Jun 2008, at 16:51, Marco Peereboom wrote: As far as I know I fixed the hot-spare thing on ami. If that is not the case let me know. I booted into the card's BIOS and confirmed that the drive was marked as hot spare. It seems to have worked, and this is on 4.1 as well. Thanks! Gaby. -- Uganda Maximum - Enemy of the English Thrust http://www.playr.co.uk/
Carp problem on Realtek 8169SC rev 0x10: RTL8169/8110SCd
Hi All I am new to OpenBSD and have two boxes with the same hardware running 4.2 as the dmesg below. I have setup and tested carp on the re0, re1, and re2 network card but it does not work. I have watched the traffic with tcpdump and do not see any of the 224.0.0.18 traffic from the second boxes. This makes me think that the re driver or card has a problem with 224.0.0.18 traffic .e.g multicast traffic I was looking for some help on this and any info or patch would be good. I have tried looking on the web but only fine ref to NetBSD not OpenBSD. Sorry if this is the wrong place to sent this. Carp works on the vr0 interface. Thank you Ben # ifconfig lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33208 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 re0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:30:18:a3:e2:97 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.1.252 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::230:18ff:fea3:e297%re0 prefixlen 64 scopeid 0x1 re1: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 lladdr 00:30:18:a3:e2:98 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 172.22.11.252 netmask 0xff00 broadcast 172.22.11.255 inet6 fe80::230:18ff:fea3:e298%re1 prefixlen 64 scopeid 0x2 re2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:30:18:a3:e2:99 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 172.22.12.252 netmask 0xff00 broadcast 172.22.12.255 inet6 fe80::230:18ff:fea3:e299%re2 prefixlen 64 scopeid 0x3 vr0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 lladdr 00:30:18:a1:05:87 media: Ethernet autoselect (100baseTX full-duplex) status: active enc0: flags=0 mtu 1536 carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:00:5e:00:01:32 carp: MASTER carpdev re1 vhid 50 advbase 1 advskew 0 groups: carp inet 172.22.11.1 netmask 0x broadcast 255.255.255.0 inet6 fe80::200:5eff:fe00:132%carp1 prefixlen 64 scopeid 0x7 # OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA C7-D Processor 1500MHz (CentaurHauls 686-class) 1.51 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FX SR,SSE,SSE2,TM,SBF,SSE3,xTPR cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 468152320 (446MB) avail mem = 97920 (423MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 11/30/07, BIOS32 rev. 0 @ 0xfa130, SMBIOS rev. 2.3 @ 0xf (34 entries) bios0: vendor Phoenix Technologies, LTD version 6.00 PG date 11/30/2007 apm0 at bios0: Power Management spec V1.2 (slowidle) apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xf/0xc964 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc890/208 (11 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 11 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00 agp0 at pchb0: v3, aperture at 0xe800, size 0x1000 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA CN700 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA CN700 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 VIA S3 Unichrome PRO IGP rev 0x01 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) re0 at pci0 dev 9 function 0 Realtek 8169SC rev 0x10: RTL8169/8110SCd (0x1800), irq 11, address 00:30:18:a3:e2:97 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 VIA VT6306 FireWire rev 0x80 at pci0 dev 10 function 0 not configured re1 at pci0 dev 11 function 0 Realtek 8169SC rev 0x10: RTL8169/8110SCd (0x1800), irq 5, address 00:30:18:a3:e2:98 rgephy1 at re1 phy 7: RTL8169S/8110S PHY, rev. 2 re2 at pci0 dev 12 function 0 Realtek 8169SC rev 0x10: RTL8169/8110SCd (0x1800), irq 10, address 00:30:18:a3:e2:99 rgephy2 at re2 phy 7: RTL8169S/8110S PHY, rev. 2 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: Hitachi HTS541680J9SA00 wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA
Re: pass pasword to ssh
On 2008-06-19, Richard Storm [EMAIL PROTECTED] wrote: I am writing script, that would ssh to switch and dump configuration in file. 1) Since it is switch, i have no way to make use of public key authentication, because I have no way to store pubkey on switch. Which switch? On my HP switches I can just sftp the public keys in (and fetch the config back out the same way...) What is the cleanest way to pass password to ssh? Not sure about cleanest, but expect (in packages/ports) works ok. You can generate a script with autoexpect and manually edit it.
Re: Carp problem on Realtek 8169SC rev 0x10: RTL8169/8110SCd
http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yesnumbers=5787 _ http://clk.atdmt.com/UKM/go/msnnkmgl001002ukm/direct/01/
Re: developer laptop choices
Do you guys use your WWAN card under OpenBSD at all? :) Sure. I'm typing this on a Thinkpad T41p (bought used on ebay.de 1.5 years ago), using the local wavelan at a conference. ipw(4) works fine if you read 'man ipw' and pkg_add the firmware described in the man page. On the whole I'm happy with Thinkpads, and my next laptop will probably be another one (bought used -- computers depreciate so fast that a 1-year-old model costs 1/2 the new price, and is still a very nice computer). ciao, -- -- From: Jonathan Thornburg [remove -animal to reply][EMAIL PROTECTED] School of Mathematics, U of Southampton, England C++ is to programming as sex is to reproduction. Better ways might technically exist but they're not nearly as much fun. -- Nikolai Irgens
Re: OpenSSL Certificate Authority Setup
GVG GVG schrieb: Dear Group, I was trying to create a my own CA for signing certificates for sendmail and when I did apply the following command: --- openssl ca -policy policy_anything -out cert.pem -infiles csr.pem --- I got: Using configuration from /etc/ssl/openssl.cnf variable lookup failed for ca::default_ca 28423:error:0E06D06C:configuration file routines:NCONF_get_string:no value:/usr/src/lib/libssl/src/crypto/conf/conf_lib.c:329:group=ca name=default_ca I understand that openssl.cnf doesn't have any 'ca' reference and it fails but why is that? What's the reason not having this entry in the default openssl OpenBSD configuration? I am missing something? Also, in http://openbsd.org/faq/faq10.html#HTTPS; explains how to sign the certificate by yourself. Is that the same action? Thanks for your support George security/tinyca is a nice graphical tool for that, btw.
Re: OT: Mail was Re: Changing From headers in mail on a whim?
Hey Richard, I agree with you... From: Richard Toohey [EMAIL PROTECTED] Subject: Re: OT: Mail was Re: Changing From headers in mail on a whim? On 19/06/2008, at 1:04 PM, Aaron W. Hsu wrote: I was wondering if you guys could clarify something for me. I looked heirloom mailx (nail) very carefully and it looks like mail on steroids. [...] I do not think there is any reason to expect base to have all the features that you need when you first get started, unless the features that you need a sufficiently general that they are going to apply to a wide variety of users. I can't see the above recommendations as sufficiently general, even though I would in fact use something like fetchmail and metamail. I really think that you are only talking about adding metamail and fetchmail, which can be used together with sendmail, spamassassin and mail to accomplish the above goals. But - moving back to your original email, and being able to edit From: - it does look as though Heirloom does provide code that might be applied to base if so desired (I will have a look myself at doing so for learning.) [...] ~H Edit the message header fields 'From:', 'Reply-To:', 'Sender:', and 'Organization:' in the same manner as described for ~h. The default values for these fields originate from the from, replyto, and ORGANIZATION variables. If this tilde command has been used, changing the variables has no effect on the current message anymore. I think it would be interesting to see about adding some simple options in from something like Heirloom to accomplish these goals. The ~H option seems like a good one to add. In fact, maybe it isn't so hard to add this? Sincerely, Aaron Hsu -- +++ ((lambda (x) (x x)) (lambda (x) (x x))) +++ Email: [EMAIL PROTECTED] | WWW: http://www.sacrideo.us Scheme Programming is subtle; subtlety can be hard. +++
Re: pass pasword to ssh
On 16:14, Thu 19 Jun 08, Richard Storm wrote: I am writing script, that would ssh to switch and dump configuration in file. 1) Since it is switch, i have no way to make use of public key authentication, because I have no way to store pubkey on switch. 2) Since I'm using dedicated box for backups, I don't need to hide password from ps. What is the cleanest way to pass password to ssh? Try expect -- Michiel van Baak [EMAIL PROTECTED] http://michiel.vanbaak.eu GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x71C946BD Why is it drug addicts and computer aficionados are both called users?
Re: pass pasword to ssh
perhaps you could write your script in perl ? http://www.openbsd.org/4.3_packages/i386/p5-Net-SSH-Perl-1.30.tgz-long.html /Pete On 19 Jun 2008, at 16:31, Stuart Henderson wrote: On 2008-06-19, Richard Storm [EMAIL PROTECTED] wrote: I am writing script, that would ssh to switch and dump configuration in file. 1) Since it is switch, i have no way to make use of public key authentication, because I have no way to store pubkey on switch. Which switch? On my HP switches I can just sftp the public keys in (and fetch the config back out the same way...) What is the cleanest way to pass password to ssh? Not sure about cleanest, but expect (in packages/ports) works ok. You can generate a script with autoexpect and manually edit it.
Re: pass pasword to ssh
Quoting Richard Storm [EMAIL PROTECTED]: I am writing script, that would ssh to switch and dump configuration in file. FYI, there may be a more effective way than writing your own script. Check out RANCID. It will manage just about any device from just about any vendor and manage the configs and changes through CVS. This of coarse gives you a nice revision history when things go wrong. 1) Since it is switch, i have no way to make use of public key authentication, because I have no way to store pubkey on switch. You may want to check with your vendor, many switches/routers can be logged into with a public key now. 2) Since I'm using dedicated box for backups, I don't need to hide password from ps. What is the cleanest way to pass password to ssh? RANCID uses expect scripts to do the logins. -- Tim Donahue This message was sent using IMP, the Internet Messaging Program.
dhcpd sync
After updating my home firewall cluster (two ALIX boards) to the i386 snapshot two days ago, I proceeded to try the great new sync feature of dhcpd. Before, each of the cluster node was running its independent instance of dhcpd, each dishing out from non-overlapping IP address ranges, independent of a cluster node being in Master or in Backup state (currently the cluster is active-passive). Both nodes have in /etc/rc.conf.local : dhcpd_flags=-Y vlan20 -y vlan20 vr0 # sync using multicast to 224.0.1.240 and in /etc/pf.conf : # pfsync pass log quick on vlan20 proto pfsync keep state (no-sync) # spmd and dhcpd use multicasts to 224.0.1.240 for their sync pass log quick on vlan20 proto igmp keep state (no-sync) While testing dhcpd sync and devising a pf rule for it, looking at 'tcpdump -i vlan20' triggered the following remarks and questions: a) It might be helpful to document in the SYNCHRONISATION section of dhcpd(8) that 'proto icmp' is being used. This facilitates the life of those who must devise an additional pf rule. Symmetrically, the same would apply to spamd(8). pfsync(4) states for example: The protocol is IP protocol 240, PF- SYNC, and the multicast group used is 224.0.0.240. b) When dhcpd starts and no /var/db/dhcpd.leases exists, then dhcpd create an empty lease file. Well, not exactly empty, but there are just two comment lines in it, which is fine. However, when a /var/db/dhcpd.leases still holds leases from a previous session, the starting dhcpd does not clear thoses leases (e.g. leases are persistent also in my case where an rsny restores the state prior to reboot to ramdisk from CompactFlash). Nor does it apparently get a bulk update from the dhcpd instances running on other nodes (which are supposedly in sync, regardless if in active Master or in passive Backup state). pfsync has such a mechanism. Is something similar already in dhcpd's sync (and spamd's sync), and did I simply miss it? Or is it on the to do list? I guess it would be at least a nice to have to assert coherent dhcpd (and spamd) state among the nodes, although dhclient (unlike pf) can cope also while offered incoherent leases... c) My setup uses the same VLAN for both the multicasts of dhcpd and spamd (and pfsync as well). Besides potentially different shared keys in /var/db/dhcpd.key and in /etc/mail/spamd.key, if authentication is used at all, there is no obvious discriminator to tell the difference between a dhcpd sync and a spamd sync frame. Rapid inspection of /usr/src/usr.sbin/dhcpd.(h|c) and /usr/src/libexec/spamd.(h|c) reveals that apparently the only differences are #define DHCPD_SYNC_VERSION 1 in dhcpd.h #define SPAM_SYNC_VERSION 2 in spamd.h For situations like mine where both dhcpd and spamd sync over the same interface, would it be safer/necessary to either add an additional application protocol flag, or to use different multicast addresses? I would like to thank the developers for this nice new feature which simplifies the configuration of the dhcp.conf file on my nodes and makes them symmetric like most other configuration files in the cluster. Rolf
Re: OT: Mail was Re: Changing From headers in mail on a whim?
On 6/18/08, Predrag Punosevac [EMAIL PROTECTED] wrote: Obviously one can use nail, mutt, alpine or gazzilion of other light weight GUI mail clients to accomplish above but how to do that only with tools from the base? You don't do those things with only base.
OpenBSD syslogd
greetings kind folks, I would like do ask out if there's anyone here that uses OpenBSD's syslogd as a central log server for cisco equipment. I've been doing some googling and found the following thread http://www.monkey.org/openbsd/archive/misc/0110/msg01263.html I did put a -u on my /etc/rc.conf syslogd_flags= -u -a /logserver local7.debug/logserver/cisco.log and restart syslog (even restarted the entire box) but no good. any help will be greatly appreciated. thanks, b
xbase43 and friends, no MD5 checksums?
Hello The MD5's for the X packages seem to be missing from the distribution directories for 4.3 and snapshots. $ wget ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/MD5 --21:15:35-- ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/MD5 = `MD5' Resolving ftp.openbsd.org... 129.128.5.191 Connecting to ftp.openbsd.org|129.128.5.191|:21... connected. Logging in as anonymous ... Logged in! == SYST ... done.== PWD ... done. == TYPE I ... done. == CWD /pub/OpenBSD/snapshots/i386 ... done. == PASV ... done.== RETR MD5 ... done. Length: 1,022 (unauthoritative) 100%[=] 1,022 --.--K/s 21:15:37 (48.73 MB/s) - `MD5' saved [1022] $ cat MD5 MD5 (INSTALL.i386) = 26e66fc1aa0b68b274582001aff86765 MD5 (INSTALL.linux) = 34ab7e52e8b1ed96682349a2f0addcce MD5 (base43.tgz) = 475e7a71806e34692cc0e1de2023e8df MD5 (bsd) = 4535e9ca3ae9c2a28e66572647dae575 MD5 (bsd.mp) = 67d3cb13f153a453070979c63fd8f3f6 MD5 (bsd.rd) = db61e290b64f808e20ff5c8ea8ba8ae0 MD5 (cd43.iso) = 023bec19edba5ca92dd86fefabeda8a0 MD5 (cdboot) = 63ea5cdbd08f4a3a4b6dbcab0d940beb MD5 (cdbr) = 3bf8bb332496c08a9a2c777cb7321c76 MD5 (cdemu43.iso) = dfceeda7a3f91c1920c93e203315424a MD5 (comp43.tgz) = e269e6e552b26696bb677f14e0654d2d MD5 (etc43.tgz) = d00c787ce5d94335dc9ba878fad27219 MD5 (floppy43.fs) = 9df4b61cbdd39f7db74507292fbfe5b8 MD5 (floppyB43.fs) = 96115591166595248ac3ffdd893885be MD5 (floppyC43.fs) = 0fcfe979a533328c28d5f0a795ddd011 MD5 (game43.tgz) = ed6e22ea0fa41da78a776713344755a3 MD5 (install43.iso) = 08f7e2c21515e9b1519d0f1f65a82de5 MD5 (man43.tgz) = 05c38c7ac423278cbba61defb101cfc7 MD5 (misc43.tgz) = de883362db26d70dd183ff54bdb13cce MD5 (pxeboot) = aad938e673c5eacb1f28cbf14b480100
Re: OpenBSD syslogd
On Thu, Jun 19, 2008 at 1:24 PM, Beavis [EMAIL PROTECTED] wrote: ... I did put a -u on my /etc/rc.conf syslogd_flags= -u -a /logserver If you have pf enabled, does your pf.conf let through UDP port 514 from the cisco? Philip Guenther
memory leak with filtering bridges in i386 snapshot
The weekend before the hackaton started, I updated my 2-stage firewall clusters at home, where the outer stage is setup as a filtering bridge cluster, and the inner stage is setup as a filtering router cluster. Both clusters are currently operating in active-passive mode, using pfsync, carp, ifstated, etc. After the update to the current snapshop of Saturday June 7, I observed loosing memory at a rate of about 12 MByte per day, on both the inner and outer cluster nodes. (I use Cacti to SNMP get memory usage and graph free memory.) Two days ago, I updated all four node to the latest snapshot again. Since, the leak has apparently been plugged on the filtering router inner firewall nodes. But it persists on the two filtering bridges outer firewall node. The leak rate is the same for the active and the passive node, still about 12 MByte per day. I remember we had such a situation in fall last year. If I recall correctly, pfsync was the culprit then which required some plumbing which was done by reyk@ or [EMAIL PROTECTED] Rolf
no thttpd.conf for OpenBSD?
I just installed the thttpd package on a recent snapshot (060408) and noticed it only comes with two files: $ pkg_info -L thttpd Information for inst:thttpd-2.25bp1 Files: /usr/local/man/man8/thttpd.8 /usr/local/sbin/thttpd I then looked at the port's distfiles and there is something called contrib/redhat-rpm/thttpd.conf: # This section overrides defaults dir=/home/httpd/html chroot user=httpd# default = nobody logfile=/var/log/thttpd.log pidfile=/var/run/thttpd.pid # This section _documents_ defaults in effect # port=80 # nosymlink# default = !chroot # novhost # nocgipat # nothrottles # host=0.0.0.0 # charset=iso-8859-1 Am I supposed to bolt together my own config file or has there been an omission? [0] ftp://ftp.openbsd.org/pub/OpenBSD/distfiles/thttpd-2.25b.tar.gz /juan
Re: OpenBSD syslogd
thanks for the reply. i didn't enable pf at all. I'm using openbsd 4.2 rc.conf ospfd_flags=NO # for normal use: pf=NO # Packet filter / NAT pf_rules=/etc/pf.conf # Packet filter rules file pflogd_flags= # add more flags, ie. -s 256 On Thu, Jun 19, 2008 at 1:39 PM, Philip Guenther [EMAIL PROTECTED] wrote: On Thu, Jun 19, 2008 at 1:24 PM, Beavis [EMAIL PROTECTED] wrote: ... I did put a -u on my /etc/rc.conf syslogd_flags= -u -a /logserver If you have pf enabled, does your pf.conf let through UDP port 514 from the cisco? Philip Guenther
Re: OpenBSD syslogd
I want to thank the list. :) I was able to find out how to fix it. thanks, -B On Thu, Jun 19, 2008 at 1:53 PM, Beavis [EMAIL PROTECTED] wrote: thanks for the reply. i didn't enable pf at all. I'm using openbsd 4.2 rc.conf ospfd_flags=NO # for normal use: pf=NO # Packet filter / NAT pf_rules=/etc/pf.conf # Packet filter rules file pflogd_flags= # add more flags, ie. -s 256 On Thu, Jun 19, 2008 at 1:39 PM, Philip Guenther [EMAIL PROTECTED] wrote: On Thu, Jun 19, 2008 at 1:24 PM, Beavis [EMAIL PROTECTED] wrote: ... I did put a -u on my /etc/rc.conf syslogd_flags= -u -a /logserver If you have pf enabled, does your pf.conf let through UDP port 514 from the cisco? Philip Guenther
Re: Painful Puffy
If the nut sack was particularly hairy, maybe the puffer mistook it for Richard Stallman? (sorry, cheap shot -- couldn't resist!) -Ken On Wed, Jun 18, 2008 at 9:08 PM, Rod Whitworth [EMAIL PROTECTED] wrote: SMH (Sydney, Australia Newspaper) reports: Angry puffer fish goe nuts. http://www.smh.com.au/news/unusual-tales/puffers-revenge/2008/06/17/1213 468405545.htmlhttp://www.smh.com.au/news/unusual-tales/puffers-revenge/2008/06/17/1213468405545.html Those editors can't help themselves when it comes to puns. Ouch! Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device -- Ken Ismert Technical Director www.vervex3.com Main: 832-497-1957 Cell: 832-528-7788 Skype: kismert
Re: Carp problem on Realtek 8169SC rev 0x10: RTL8169/8110SCd
On 2008-06-19, Benjamin Jeeves [EMAIL PROTECTED] wrote: I am new to OpenBSD and have two boxes with the same hardware running 4.2 as the dmesg below. Multicast is broken on multiple OS with this revision of re(4). I have tried looking on the web but only fine ref to NetBSD not OpenBSD. Did you find a fix for it for NetBSD? afaik the best information we have at the moment is that it's fixed by one of hundreds of lines of undocumented changes to the most recent vendor FreeBSD driver (it's open source, but if you were looking for an example of why we ask for data sheets and errata listings rather than completed drivers, you couldn't do much better than this).
Re: no thttpd.conf for OpenBSD?
On 2008-06-19, Juan Miscaro [EMAIL PROTECTED] wrote: I just installed the thttpd package on a recent snapshot (060408) and noticed it only comes with two files: thttpd runs fine without a config file, just command-line options. If you want to write a file, just look at the manual, it's a lot more useful than the redhat sample config.
OT: Dissertation ideas for my degree
Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. -- Best Regards Edd http://students.dec.bmth.ac.uk/ebarrett
Re: no thttpd.conf for OpenBSD?
On 6/19/08, Juan Miscaro [EMAIL PROTECTED] wrote: I just installed the thttpd package on a recent snapshot (060408) and noticed it only comes with two files: $ pkg_info -L thttpd Information for inst:thttpd-2.25bp1 Files: /usr/local/man/man8/thttpd.8 /usr/local/sbin/thttpd I then looked at the port's distfiles and there is something called contrib/redhat-rpm/thttpd.conf: Seeing how we're not building an rpm for redhat, you can imagine how that file didn't make it into the package. There's really no need for it. I've never used a config file with thttpd.
Re: OT: Dissertation ideas for my degree
On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. Do the CLI SIP Phone! I wanted to code that for so long, but the SIP protocol and its friends tend to go so far as time just wasn't enough. But it would be pretty cool to have that. Or a cli music database collection, that scans your media with given regexp and scans for ID3 Tags and what not, with minimal user interaction. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: OT: Dissertation ideas for my degree
Paul Irofti wrote: Or a cli music database collection, that scans your media with given regexp and scans for ID3 Tags and what not, with minimal user interaction. mpd + ncmpc? In ports :) -- Best Regards Edd http://students.dec.bmth.ac.uk/ebarrett
Re: no thttpd.conf for OpenBSD?
Considering how small the program is, and the license (seems like a bsd style license to my inexperienced eye) are there any reasons why this couldn't be included in base? Anathae
OpenBSD 4.3 amd64 in Qemu: Can't Find Disks
I'm having some troubles getting OpenBSD 4.3 amd64 (running from install43.iso) to run in Qemu. Here's the command I'm using: qemu-system-x86_64 -hda disk -cdrom install43.iso -boot d -net nic,model=pcnet -net user I googled a lot and found that adding -no-kqemu can help but it didn't. The strange thing is that when it first boots up, OpenBSD sees my drive QEMU HARDDISK ATA-7 HARD-DISK (5000 MB). If I hit enter to boot I go through the options and say yes I'm sure I want to install and then it tells me No disks found and drops me to a shell. My host machine is Ubuntu Gutsy. Has anybody else heard of similar problems or found any solutions to this? Any help is appreciated, Comrade Ringo Kamens
Re: Dissertation ideas for my degree
Shell commands for accessing web based search engines. I would like to do it myself, but am expecting that what seems like a simple idea on the surface quickly becomes non trivial. Anathae Townsend -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edd Barrett Sent: Wednesday, June 18, 2008 3:16 PM To: misc@openbsd.org Cc: William French Subject: OT: Dissertation ideas for my degree Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. -- Best Regards Edd http://students.dec.bmth.ac.uk/ebarrett
Re: no thttpd.conf for OpenBSD?
Considering how small the program is, and the license (seems like a bsd style license to my inexperienced eye) are there any reasons why this couldn't be included in base? Sorry, but we are way too busy adding about 50 other small programs.
Re: OT: Dissertation ideas for my degree
Paul Irofti wrote: On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. Do the CLI SIP Phone! I wanted to code that for so long, but the SIP protocol and its friends tend to go so far as time just wasn't enough. But it would be pretty cool to have that. i would absolutely love to see this one go and it would be very useful. maybe script some ssh-ing into it to allow for easy proper call encryption? ;) i have some further feature suggestions that could push it into the 'conceptually new' category. not for public consumption cheers, jake
Re: OT: Dissertation ideas for my degree
On Wed, Jun 18, 2008 at 11:53:33PM +0100, Edd Barrett wrote: Paul Irofti wrote: Or a cli music database collection, that scans your media with given regexp and scans for ID3 Tags and what not, with minimal user interaction. mpd + ncmpc? In ports :) I know them, I use them. But what about external media like DVDs and CDs? Or even memory sticks. Once removed, they'll be foobared by the next C-S-U. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: OT: Dissertation ideas for my degree
On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: OT: Dissertation ideas for my degree
On Thu, Jun 19, 2008 at 7:34 PM, Darrin Chandler [EMAIL PROTECTED] wrote: How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). Something like the infamous googlefs? I'd be interested. Lots of difficult things still left to do. Dom0 xen would be interesting. zfs in openbsd would be interesting - zfs still have lots of things that are unsolved, so would be good fodder. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0feature=related
Re: OT: Dissertation ideas for my degree
Darrin Chandler wrote: On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). I would love a decent network filesystem, but its probably too much work for an undergrad project. Its more like a PHD. -- Best Regards Edd http://students.dec.bmth.ac.uk/ebarrett
Re: OT: Dissertation ideas for my degree
On Thu, Jun 19, 2008 at 12:54:12AM +0100, Edd Barrett wrote: Darrin Chandler wrote: On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). I would love a decent network filesystem, but its probably too much work for an undergrad project. Its more like a PHD. Yeah, it's too big of a project for that. It's been on my someday list for a while, but it gets hairy pretty quick if you're going to do it right. Ok, so how about figuring out a general method to bring the usefulness of commandline pipes | to GUI? Maybe another doctoral thesis idea. :( -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: OT: Dissertation ideas for my degree
On Thu, Jun 19, 2008 at 07:53:49PM -0400, bofh wrote: On Thu, Jun 19, 2008 at 7:34 PM, Darrin Chandler [EMAIL PROTECTED] wrote: How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). Something like the infamous googlefs? I'd be interested. Lots of difficult things still left to do. Dom0 xen would be interesting. zfs in openbsd would be interesting - zfs still have lots of things that are unsolved, so would be good fodder. Better yet, Dtrace. John Birrell has finished the kernel bits using a shim layer to overcome the licensing incompatibilities (according to him). ZFS, while very cool, is still under heavy development. Dtrace is extremely useful for profiling system behavior, and really has no equal. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: OT: Dissertation ideas for my degree
On 19/06/2008, Darrin Chandler [EMAIL PROTECTED] wrote: On Wed, Jun 18, 2008 at 10:15:54PM +0100, Edd Barrett wrote: Hi, As it seems my last two project ideas for my degree have fallen through, I wonder if anyone here has any ideas for software projects which are: a) Useful b) Conceptually new Ideas need not be OpenBSD based, but it's a bonus if it is. Usually a project consists of a software build and a write up. How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). Dillon is working on it for how many years now? ;-) C.
Re: OT: Dissertation ideas for my degree
On Thu, Jun 19, 2008 at 10:08:06PM -0400, Constantine A. Murenin wrote: How about a distributed network file system with RAID-like redundancy. Bonus for self tuning behavior (this machine gets shut down every night, don't rely on it being there). Dillon is working on it for how many years now? ;-) He's got a lot more than that on his plate. Dillon does some interesting stuff. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: no thttpd.conf for OpenBSD?
On 6/19/08, Anathae Townsend [EMAIL PROTECTED] wrote: Considering how small the program is, and the license (seems like a bsd style license to my inexperienced eye) are there any reasons why this couldn't be included in base? For better or worse, the base web server is Apache 1, and that's how things are going to be.
Apache theoretical questions (was Re: no thttpd.conf for OpenBSD?)
On Fri, Jun 20, 2008 at 10:42 AM, Ted Unangst [EMAIL PROTECTED] wrote: For better or worse, the base web server is Apache 1, and that's how things are going to be. Since the subject of apache came up, i was reminded of a thread some time back about improving (?) apache in base. anybody (aside from the obsd devs) doing that now? i think it was about code cleanups, etc. are there any objections with overhauling apache's current design? (making apache not pre-fork, etc). are there any roadmaps existing anywhere (even in the obsd's minds) of how apache in base will ideally look like? yes, i'm blowing a lot of dust on this one. i'm just curious. -- garnet:jasmin:beryllium:gluon 90-12264 90-B
Re: Apache theoretical questions (was Re: no thttpd.conf for OpenBSD?)
* Edwin Eyan Moragas wrote: On Fri, Jun 20, 2008 at 10:42 AM, Ted Unangst [EMAIL PROTECTED] wrote: For better or worse, the base web server is Apache 1, and that's how things are going to be. Since the subject of apache came up, i was reminded of a thread some time back about improving (?) apache in base. anybody (aside from the obsd devs) doing that now? i think it was about code cleanups, etc. are there any objections with overhauling apache's current design? (making apache not pre-fork, etc). are there any roadmaps existing anywhere (even in the obsd's minds) of how apache in base will ideally look like? yes, i'm blowing a lot of dust on this one. i'm just curious. If you have any diffs that make httpd better, fix bugs, or make the code more readable (KNF, see style(9)), please mail them. But small steps, please. - Marc Balmer
touch -h ?
Hello,
After accidentally deleting and recreating a symlink (call it, say,
'slink') to some file ('afile'), I tried to use touch(1) to set the
modification time of slink to be the same as the modification time of
the original symlink I had accidentally deleted (mostly to help me
remember when I created the symlink relative to the other files in
that directory, to help me remember why I created the symlink in the
first place). Of course touch(1) changed the modification time of
afile, not the modification time of slink.
After reading the manpage for symlink(7) I would have expected
touch(1) to have an '-h' option, but it does not. Is there any
special reason why it does not, is this an oversight, or was it just
decided that such feature is so seldom needed that it wasn't worth
implementing? Just curious...
While I was at it, I also looked at the manpage for lstat(2): Unlike
other file system objects, symbolic links do not have an owner, group,
access mode, times, etc. Instead, these attributes are taken from the
directory that contains the link. That's wrong, otherwise there
would be no need for, say, chown(8) to have a '-h' option. Symlinks
also have their own modification time which is obviously not taken
from the directory containing the symlink:
$ mkdir adir; cd adir; touch afile; ls -la
total 8
drwx-- 2 meunier users 512 Jun 20 11:03 ./
drwxr-xr-x 27 meunier users 1536 Jun 20 11:03 ../
-rw--- 1 meunier users 0 Jun 20 11:03 afile
$ sleep 60; ln -s afile slink; ls -la
total 8
drwx-- 2 meunier users 512 Jun 20 11:04 ./
drwxr-xr-x 27 meunier users 1536 Jun 20 11:03 ../
-rw--- 1 meunier users 0 Jun 20 11:03 afile
lrwx-- 1 meunier users 5 Jun 20 11:04 slink@ - afile
$ sleep 60; touch .; ls -la
total 8
drwx-- 2 meunier users 512 Jun 20 11:05 ./
drwxr-xr-x 27 meunier users 1536 Jun 20 11:03 ../
-rw--- 1 meunier users 0 Jun 20 11:03 afile
lrwx-- 1 meunier users 5 Jun 20 11:04 slink@ - afile
$
And they have their own access mode which is not taken from the
directory containing the symlink either:
$ chmod g+w .; ls -la
total 8
drwx-w 2 meunier users 512 Jun 20 11:05 ./
drwxr-xr-x 27 meunier users 1536 Jun 20 11:03 ../
-rw--- 1 meunier users 0 Jun 20 11:03 afile
lrwx-- 1 meunier users 5 Jun 20 11:04 slink@ - afile
$
In fact it looks more like a symlink's permissions are simply rwxrwxrwx
with the umask applied to it:
$ umask 753; ln -s afile slink2; ls -la
total 8
drwx-w 2 meunier users 512 Jun 20 11:07 ./
drwxr-xr-x 27 meunier users 1536 Jun 20 11:03 ../
-rw--- 1 meunier users 0 Jun 20 11:03 afile
lrwx-- 1 meunier users 5 Jun 20 11:04 slink@ - afile
lw-r-- 1 meunier users 5 Jun 20 11:07 slink2@ - afile
$
Both the man page for chmod(1) and the source code for it indicate
that symlinks do not have modes though, and chmod(1) does not have a
'-h' option, so between that and what the manpage for lstat(2) says, I
think it's not very clear for the reader where the modes for slink and
slink2 above are really supposed to come from. In fact, if I remember
my OS textbooks correctly, I'm quite sure symlinks are just plain
files with just a special bit in the mode indicating their symlink
status, and with the name of the file they point to as their content
(hence the 5 bytes of slink and slink2 above).
I guess that, since symlink modes are never used to check permissions,
chmod(1) simply doesn't provide any option to change them once the
symlink has been created. Same thing for the modification time and
touch(1), I assume (though I'd argue that in this case having a '-h'
option might be useful in some cases --- see above). But that's quite
different from pretending the modes and times simply don't exist.
There's probably a lot of history involved here, but IMHO it would be
nice if the man pages for lstat(2) and chmod(1) could be fixed /
clarified to tell the story straight rather than tell confusing
partial truths that do not really match reality. Just saying... :-)
Philippe
