Re: slapd hangs, was: Re: OpenLDAP and Berkeley DB 4.6
--- On Tue, 8/5/08, Marc Balmer [EMAIL PROTECTED] wrote: From: Marc Balmer [EMAIL PROTECTED] Subject: Re: slapd hangs, was: Re: OpenLDAP and Berkeley DB 4.6 To: Toni Mueller [EMAIL PROTECTED] Cc: misc@openbsd.org ports@, and CC the maintainer (in this case, me). TIA! openldap + dbd is broken isn't right? i have read in this article [1], he said the bdb flavor, providing support for the bdb and hdb backends, is marked as broken on OpenBSD 4.3 [1]http://www.kernel-panic.it/openbsd/pdc/pdc2.html#pdc-2.2
Own keyboard encoding cz (cs)
Hi all, I'm reading throw man pages kbd,wsconcs,wsconscfg,looking on Google and so on, but can't find some useful kick-of.Do you know about some paper about it? I found something from http://www.netbsd.org/docs/guide/en/chap-cons.html . I looked in wsksymdef.h ,there is a support for ISO-8859-2 (not for UTF-8), but how can I type our national characters if I can use only us or others? Can I use codes for these characters? Thanks a lot for your help PS: I don't want do this and this,read this and this is enough for me
Re: syslogd -a question
Stuart VanZee wrote: Hello OpenBSD Misc, I have been doing some work with chrooting user accounts for a project, and now I am looking to get syslogd working. I found out that I need a log socket in the chroot environ for this to work and the -a option does this fine and works great! BUT... now that I have one working, I need to be able to chroot a whole bunch of these and looking in the syslogd man page I see: -a path Specify a location where syslogd should place an additional log socket. Up to about 20 additional logging sockets can be speci- fied. The primary use for this is to place additional log sock- ets in /dev/log of various chroot filespaces. The part that worries me is the Up to about 20 part. Is this a hard limit? Is there a way to extend this? I am looking at setting up around 100 user accounts like this but most of them will only be used a few times a month so I'm not really worried about resources too awful much. Currently I am using OpenBSD 4.3 From looking at the source, I'd guess that tweaking /usr/src/usr.sbin/syslogd/syslogd.h and set MAXFUNIX to a larger number than 21 should be pretty straightforward. I'm not in the position to say whether large numbers would be appropriate though, for example by some limitation of poll(2). /Alexander
Re: acer aspire one dmesg?
Hi, OpenBSD 4.4-beta (GENERIC.MP) #835: Mon Aug 4 12:50:17 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP RTC BIOS diagnostic error 80clock_battery cpu0: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,xTPR real mem = 524206080 (499MB) avail mem = 498372608 (475MB) RTC BIOS diagnostic error 80clock_battery mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 05/09/08, SMBIOS rev. 2.4 @ 0xe8d90 (31 entries) bios0: vendor INSYDE version v0.3109 date 05/09/2008 bios0: Acer AOA110 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP SSDT HPET APIC MCFG ASF! SLIC BOOT acpi0: wakeup devices P32_(S4) UHC1(S3) UHC2(S3) UHC3(S3) UHC4(S3) ECHI(S3) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) AZAL(S0) MODM(S0) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 133MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,xTPR ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (P32_) acpiprt2 at acpi0: bus 1 (EXP1) acpiprt3 at acpi0: bus 2 (EXP2) acpiprt4 at acpi0: bus 3 (EXP3) acpiprt5 at acpi0: bus 4 (EXP4) acpiec0 at acpi0 acpicpu0 at acpi0 acpicpu1 at acpi0 acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: LID0 acpibtn2 at acpi0: SLPB acpibat0 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpivideo at acpi0 not configured bios0: ROM list: 0xc/0xec00! 0xcf000/0x1000 cpu0: unknown Enhanced SpeedStep CPU, msr 0x060f0c2406000c24 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1600 MHz (1276 mV): speeds: 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0x2000, size 0x1000 drm at vga1 unsupported Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 4 int 16 (irq 11) azalia0: codec[s]: Realtek/0x0268 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 4 int 16 (irq 255) pci1 at ppb0 bus 1 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 4 int 17 (irq 255) pci2 at ppb1 bus 2 re0 at pci2 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102EL (0x2480), apic 4 int 17 (irq 11), address 00:00:00:00:00:00 rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 4 int 18 (irq 255) pci3 at ppb2 bus 3 ath0 at pci3 dev 0 function 0 Atheros AR5424 rev 0x01: apic 4 int 18 (irq 11) ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR5_ETSIC, address 00:22:68:ab:5c:1a ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02: apic 4 int 19 (irq 255) pci4 at ppb3 bus 4 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 4 int 16 (irq 11) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 4 int 17 (irq 11) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 4 int 18 (irq 11) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 4 int 19 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 4 int 16 (irq 11) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb4 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci5 at ppb4 bus 5 ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 2 Intel 82801GBM SATA rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 1 drive 0: P-SSD1800 wd0: 1-sector PIO, LBA, 7695MB, 15761088 sectors wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 4 int 17 (irq 11) iic0 at ichiic0 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0:
ospf6d does not exist in 4.4-beta
Hi everyone, Any idea, why there is no information about ospf6d and no binary but a /etc/ospf6d.conf? I want to run ospfd (the OpenBSD ospfd, not the zebra one) for IPv6. Thanks for any feedback. Best regards Marco
tab gets lost on display
Hello, while using grep on tab separated data I spotted some strange thing today. Somehow the last tab isn't displayed: $ echo 1 1234567 123 1 1234567123 To see the tabs more easier: $ echo 1 1234567 123 | cat -evt 1^I^I^I^I^I^I^I^I^I1234567^I123$ I used an xterm with width 80. Any ideas where the problem may be? Or is this for some strange reason considered normal? I'm running the latest snapshot on sparc64 here. Regards, Markus
Re: Own keyboard encoding cz (cs)
I read wsfontload(8),but there is only ISO-8859-1,IBM and pcvt. In cs is only about 15 special characters (don't know exactly right now) like ' DE!D EEC=C!C-C)C:E/ '.I thought,that there is way like for de,sv and others. TB -Original Message- From: Miod Vallat [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 06, 2008 1:49 PM To: Tomas Bodzar Cc: misc@openbsd.org Subject: Re: Own keyboard encoding cz (cs) I'm reading throw man pages kbd,wsconcs,wsconscfg,looking on Google and so on, but can't find some useful kick-of.Do you know about some paper about it? I found something from http://www.netbsd.org/docs/guide/en/chap-cons.html . I looked in wsksymdef.h ,there is a support for ISO-8859-2 (not for UTF-8), but how can I type our national characters if I can use only us or others? Can I use codes for these characters? On vga-compatible displays, you could load a font with the proper ISO-8859-2 characters with wsfontload(8). On frame buffer displays there is currently no way to extend the built-in ISO-8859-1 font at the moment. All of this is being worked on (there is uncommited code to have wscons support UTF-8, but a few things need to be sorted out before it goes in). Miod
Re: Package (goffice) missing on ftp.eu.openbsd.org
On Tue, 5 Aug 2008, Stuart Henderson wrote: On 2008-08-05, Antti Harri [EMAIL PROTECTED] wrote: Hi, I was wondering why hasn't there been a package of goffice at ftp.eu.openbsd.org [1] for some time now? I can see it on ftp.openbsd.org which seems to be its source. ftp.html didn't have info about the server admins so I thought I'd ask here. Where available, it's in www/build/mirrors.dat. Ah thanks. I included Janne's address in this thread. [1] ftp://ftp.eu.openbsd.org/pub/OpenBSD/snapshots/packages/i386/ Looking at file dates, this is halfway through sync'ing, try again in a while. ... -r--r--r-- 1 742 0 113979 Jul 28 23:50 guilib-1.1.1p5.tgz -r--r--r-- 1 742 0 81445 Jul 28 23:50 gutenpy-0.3.0p2.tgz -r--r--r-- 1 742 0 231501 Jul 28 23:50 gv-3.5.8p4.tgz -r--r--r-- 1 742 0 935090 Jul 28 23:50 gwenview-1.4.2p4.tgz -r--r--r-- 1 742 01540911 Jul 28 23:50 gwenview-i18n-1.4.2.tgz -r--r--r-- 1 742 01843254 Aug 1 00:58 gxemul-0.4.6.5.tgz -r--r--r-- 1 742 0 15709 Aug 1 00:58 gxmessage-2.6.2p2.tgz -r--r--r-- 1 742 0 25589 Aug 1 00:58 ha-0.999b.tgz -r--r--r-- 1 742 0 60835 Aug 1 00:58 hackdata-3.4.3.tgz -r--r--r-- 1 742 01739530 Aug 1 00:58 haddock-0.8.tgz ... I haven't been keeping count but that was at least second if not the third time already. That's why I thought I'd report about it. Shouldn't the mirror have the old version of goffice there, just like it has the rest of the old snapshot? Also the interval seems to be rather long if it's still not synced with packages from 1st of August.. Thanks for the server though, it has been working otherwise okay. -- Antti Harri
PF and DHCP hakz
Howdy List? As some of you may have gathered from previous posts, I have been working on a pf configuration that will allow a gateway firewall machine to talk to two or more ISP services and allow for the differential routing of data connections from client's services both behind the firewall and on it (e.g. a TOR, HTTP server or other proxy). An additional complexity is introduced in that most prospective users of such a configuration are small to medium businessess that engage only DHCP services from ISPs. This means the IP address, default route and name servers associated with a particular service provider can (and do) change over the period the firewall gate is up for, moreover the lease times granted can change from time to time. Also, nameservers for most ISP are configured to only answer queries from the ISP's subnet(s) and the standard dhclient- script does not accomodate this. In order to make such a configuration work, I introduce some hacks into the dhclient-script such that when the dhclient processess associated with a particular interface are triggered to renew a lease, a piece of prolog code is called that touches the following configs: filedata mod /etc/pf.confgatewayIP /etc/resolv.confnameservers (for default route) /etc/dhclient.conf nameservers (for dhclient routes) [routetable]default route for firewall To do this, I create a directory, /etc/pf, containing the following files: filepurpose dhclient-script dhclient-script modified to call replall from add_new_routes() subroutine, and stub add_new_resolv_conf() as resolv.conf must only reference nameservers for the default route; slink'd to /sbin/dhclient-script. dhcpd.cnf.[interface] one for each internal interface to provision dhcpd services droute.IF define the firewall's default route interface pf.cnf template pf ruleset into which the specific interface gateways are inserted (replall looks for lines begining with ext_gw_{IFN} ). replall slink to compiled gprolog code hooked from dhclient-script that does the various manipulations. gplg/Makefile make for gprolog code gplg/dlib.plprolog support code -- dlib==duncan's lib;) gplg/replallgprolog executable gplg/replall.pl gprolog source A completed working instance of this scheme can be found at: http://neotext.ca/RefR/pf.dhcp/ It has been tested on a machine with 1 static and 1 DHCP gateway as well as on a machine with 2 DHCP gateways. And yes, I know that most of you will think I'm daft to use prolog for a task that could be done in sh/perl/python. It's really just a matter of what you are most comfortable with... if a good reason comes up I might recode it in C. Dhu
Re: acer aspire one dmesg?
On Wed, Aug 06, 2008 at 09:23:49AM +0200, Freddy DISSAUX wrote: Be careful whith re0, no mac address detected: re0 [ snip ] address 00:00:00:00:00:00 The mac address should display correctly with a newer snapshot, reading out via the EEPROM is now bypassed on these newer PCIE re variants.
Re: tab gets lost on display
Markus Lude wrote: Hello, while using grep on tab separated data I spotted some strange thing today. Somehow the last tab isn't displayed: $ echo 1 1234567 123 1 1234567123 To see the tabs more easier: $ echo 1 1234567 123 | cat -evt 1^I^I^I^I^I^I^I^I^I1234567^I123$ I used an xterm with width 80. Any ideas where the problem may be? Or is this for some strange reason considered normal? I'm running the latest snapshot on sparc64 here. I'd guess the proper way to see it is that last tab is performed, rather than displayed. Fiddling with the terminal width makes me think that the missing tab moves the cursor to the end of the window but no further (and in this case it is already there). This is probably expected and proper behaviour, considering how regular typewriters works (or used to work). :) /Alexander
Re: MPLS On OpenBGP
Will it be likely possible and feasible to add MPLS feature on OpenBGPd?
Re: ospf6d does not exist in 4.4-beta
On Wed, Aug 06, 2008 at 11:16:19AM +0200, Marco Fretz wrote: Hi everyone, Any idea, why there is no information about ospf6d and no binary but a /etc/ospf6d.conf? I want to run ospfd (the OpenBSD ospfd, not the zebra one) for IPv6. It is not yet in usable state so it is not enabled. -- :wq Claudio
Re: acer aspire one dmesg?
On 2008-08-06, Freddy DISSAUX [EMAIL PROTECTED] wrote: OpenBSD 4.4-beta (GENERIC.MP) #835: Mon Aug 4 12:50:17 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP Be careful whith re0, no mac address detected: re0 [ snip ] address 00:00:00:00:00:00 Your snapshot is too old. :-)
Re: Own keyboard encoding cz (cs)
I read wsfontload(8),but there is only ISO-8859-1,IBM and pcvt. Oops, you're right. This should be fixed as well eventually (-: Miod
Re: tab gets lost on display
On 2008-08-06, Markus Lude [EMAIL PROTECTED] wrote: while using grep on tab separated data I spotted some strange thing today. Somehow the last tab isn't displayed: $ echo 1 1234567 123 1 1234567123 To see the tabs more easier: $ echo 1 1234567 123 | cat -evt 1^I^I^I^I^I^I^I^I^I1234567^I123$ I used an xterm with width 80. Any ideas where the problem may be? Or is this for some strange reason considered normal? Looks like an xterm bug. This works ok in a normal console, and works ok in screen in a normal console, but fails in an xterm or screen in an xterm. Let's make it easier for people to test; $ printf 1\t\t\t\t\t\t\t\t\t1234567\t123
Re: acer aspire one dmesg?
Le Wed, Aug 06, 2008 at 11:29:36PM +1000, Jonathan Gray icrivait: On Wed, Aug 06, 2008 at 09:23:49AM +0200, Freddy DISSAUX wrote: Be careful whith re0, no mac address detected: re0 [ snip ] address 00:00:00:00:00:00 The mac address should display correctly with a newer snapshot, reading out via the EEPROM is now bypassed on these newer PCIE re variants. Ok, i'll try newer snapshots and post the dmesg.
Re: Own keyboard encoding cz (cs)
Heh,it's ok.No one is perfect :-) I found this table http://nl.ijs.si/gnusl/cee/charset.html Maybe if I put these codes in wsksymdef.h as it's for de encoding, make some other important changes and rebuild kernel.maybe cs is here :-) -Original Message- From: Miod Vallat [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 06, 2008 1:58 PM To: Tomas Bodzar Cc: misc@openbsd.org Subject: RE: Own keyboard encoding cz (cs) I read wsfontload(8),but there is only ISO-8859-1,IBM and pcvt. Oops, you're right. This should be fixed as well eventually (-: Miod
Re: ospf6d does not exist in 4.4-beta
On 8/6/08, Marco Fretz [EMAIL PROTECTED] wrote: Any idea, why there is no information about ospf6d and no binary but a /etc/ospf6d.conf? I want to run ospfd (the OpenBSD ospfd, not the zebra one) for IPv6. You have to build it yourself. Which probably is a good sign it's not ready for use yet.
Re: Own keyboard encoding cz (cs)
On Wed, 6 Aug 2008 08:23:59 +0100 Tomas Bodzar [EMAIL PROTECTED] wrote: Hi all, I'm reading throw man pages kbd,wsconcs,wsconscfg,looking on Google and so on, but can't find some useful kick-of.Do you know about some paper about it? I found something from http://www.netbsd.org/docs/guide/en/chap-cons.html . I looked in wsksymdef.h ,there is a support for ISO-8859-2 (not for UTF-8), but how can I type our national characters if I can use only us or others? Can I use codes for these characters? Thanks a lot for your help PS: I don't want do this and this,read this and this is enough for me See man luit and xorgconfig. Dhu
Re: Own keyboard encoding cz (cs)
I'm reading throw man pages kbd,wsconcs,wsconscfg,looking on Google and so on, but can't find some useful kick-of.Do you know about some paper about it? I found something from http://www.netbsd.org/docs/guide/en/chap-cons.html . I looked in wsksymdef.h ,there is a support for ISO-8859-2 (not for UTF-8), but how can I type our national characters if I can use only us or others? Can I use codes for these characters? On vga-compatible displays, you could load a font with the proper ISO-8859-2 characters with wsfontload(8). On frame buffer displays there is currently no way to extend the built-in ISO-8859-1 font at the moment. All of this is being worked on (there is uncommited code to have wscons support UTF-8, but a few things need to be sorted out before it goes in). Miod
PF and DHCP hakz
Oddly this does not appear to have made it thru... Howdy List? As some of you may have gathered from previous posts, I have been working on a pf configuration that will allow a gateway firewall machine to talk to two or more ISP services and allow for the differential routing of data connections from client's services both behind the firewall and on it (e.g. a TOR, HTTP server or other proxy). An additional complexity is introduced in that most prospective users of such a configuration are small to medium businessess that engage only DHCP services from ISPs. This means the IP address, default route and name servers associated with a particular service provider can (and do) change over the period the firewall gate is up for, moreover the lease times granted can change from time to time. Also, nameservers for most ISP are configured to only answer queries from the ISP's subnet(s) and the standard dhclient- script does not accomodate this. In order to make such a configuration work, I introduce some hacks into the dhclient-script such that when the dhclient processess associated with a particular interface are triggered to renew a lease, a piece of prolog code is called that touches the following configs: filedata mod /etc/pf.confgatewayIP /etc/resolv.confnameservers (for default route) /etc/dhclient.conf nameservers (for dhclient routes) [routetable]default route for firewall To do this, I create a directory, /etc/pf, containing the following files: filepurpose dhclient-script dhclient-script modified to call replall from add_new_routes() subroutine, and stub add_new_resolv_conf() as resolv.conf must only reference nameservers for the default route; slink'd to /sbin/dhclient-script. dhcpd.cnf.[interface] one for each internal interface to provision dhcpd services droute.IF define the firewall's default route interface pf.cnf template pf ruleset into which the specific interface gateways are inserted (replall looks for lines begining with ext_gw_{IFN} ). replall slink to compiled gprolog code hooked from dhclient-script that does the various manipulations. gplg/Makefile make for gprolog code gplg/dlib.plprolog support code -- dlib==duncan's lib;) gplg/replallgprolog executable gplg/replall.pl gprolog source A completed working instance of this scheme can be found at: http://neotext.ca/RefR/pf.dhcp/ It has been tested on a machine with 1 static and 1 DHCP gateway as well as on a machine with 2 DHCP gateways. And yes, I know that most of you will think I'm daft to use prolog for a task that could be done in sh/perl/python. It's really just a matter of what you are most comfortable with... if a good reason comes up I might recode it in C. Dhu
Re: acer aspire one dmesg?
If I understand it correctly after seeing dmesg (thanks!), the acer aspire one is more compatible with openbsd (-current) than the asus eeepc... I am looking forward to having one of these light-weight laptops with solid state hard drive (in contrast to the vaporous state disks) and this one seems to be quite fine; ethernet, wireless and sound are working fine. Speedstep is working only on max and min, but I can live with that Has anybody tried a recent snapshot on the asus eeepc? Anyway, thanks for everything Pau 2008/8/6 Jonathan Gray [EMAIL PROTECTED]: On Wed, Aug 06, 2008 at 09:23:49AM +0200, Freddy DISSAUX wrote: Be careful whith re0, no mac address detected: re0 [ snip ] address 00:00:00:00:00:00 The mac address should display correctly with a newer snapshot, reading out via the EEPROM is now bypassed on these newer PCIE re variants.
Re: MPLS On OpenBGP
On Wed, Aug 06, 2008 at 03:17:41PM +0100, [EMAIL PROTECTED] wrote: Will it be likely possible and feasible to add MPLS feature on OpenBGPd? Yes. It is neither impossible nor unfeasible. But don't ask when it will happen unless you like to do the work. -- :wq Claudio
Re: syslogd -a question
Stuart VanZee wrote: Hello OpenBSD Misc, I have been doing some work with chrooting user accounts for a project, and now I am looking to get syslogd working. I found out that I need a log socket in the chroot environ for this to work and the -a option does this fine and works great! BUT... now that I have one working, I need to be able to chroot a whole bunch of these and looking in the syslogd man page I see: -a path Specify a location where syslogd should place an additional log socket. Up to about 20 additional logging sockets can be speci- fied. The primary use for this is to place additional log sock- ets in /dev/log of various chroot filespaces. The part that worries me is the Up to about 20 part. Is this a hard limit? Is there a way to extend this? I am looking at setting up around 100 user accounts like this but most of them will only be used a few times a month so I'm not really worried about resources too awful much. Currently I am using OpenBSD 4.3 s Don't by any means take me as knowledgeable, I'm just a lurker, but I've seen a few places where it has been suggested that NFS can be used in a chroot environment to make things tidier and to provide a way for things in a chroot to get to non-chroot things. EG if you were to export an NFS share which contained the necessary socket (and perhaps anything else you fancied not having multiple copies of) and then mount it over localhost within the chroot, might that solve your problem? That way, syslog only has to pay attention to one extra socket, but many chroots can write to it. This might use more resources than other solutions, but at least it doesn't require a recompile like Alexander Hall's MAXFUNIX tweak. I'm assuming that sockets work over NFS of course. Anyone care to correct me? Dave W
Re: MPLS On OpenBGP
I'll be looking for that day wherein those Cisco guys can boost no more that they are the only ones in the planet that has the MPLS skills. Whew, maybe somebody knows where to start on how to add this MPLS feature so as to answer the question like where do I begin? On Wed, Aug 06, 2008 at 03:17:41PM +0100, [EMAIL PROTECTED] wrote: Will it be likely possible and feasible to add MPLS feature on OpenBGPd? Yes. It is neither impossible nor unfeasible. But don't ask when it will happen unless you like to do the work. -- :wq Claudio
Re: acer aspire one dmesg?
On Thursday 07 August 2008, Pau wrote: If I understand it correctly after seeing dmesg (thanks!), the acer aspire one is more compatible with openbsd (-current) than the asus eeepc... I am looking forward to having one of these light-weight laptops with solid state hard drive (in contrast to the vaporous state disks) and this one seems to be quite fine; ethernet, wireless and sound are working fine. Speedstep is working only on max and min, but I can live with that Has anybody tried a recent snapshot on the asus eeepc? There isn't much that doesn't work on the ASUS eeePC 701 with the current snaps - the inbuilt wireless still doesn't work (reyk@ is about to work on this!) and the inbuilt camera. Don't think there's anything else... There are some known issues with the eeePC 900 series machines, however I don't have access to one to confirm (apparently they can hang during boot, etc). Also, I highly doubt that the wireless will work on the Acer Aspire One - the Atheros AR5424 14.2 appears to be the same wireless that's in the eeePC 701, which is currently unsupported. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett, Hogfather
Re: syslogd -a question
Alexander Hall wrote: From looking at the source, I'd guess that tweaking /usr/src/usr.sbin/syslogd/syslogd.h and set MAXFUNIX to a larger number than 21 should be pretty straightforward. I'm not in the position to say whether large numbers would be appropriate though, for example by some limitation of poll(2). How about one /dev/log and multiple hard links going to it? Last time I worked with chroot environments was about 7 years ago but I had a script that built the environments using hard links for the users, and it seemed to work well. Of course I believe that the hard link must be on the same file system as the target. [EMAIL PROTECTED]:/tmp]# ln /dev/log . [EMAIL PROTECTED]:/tmp]# ls -il /dev/log /tmp/log 89638 srw-rw-rw- 2 root wheel 0 Aug 3 10:34 /dev/log 89638 srw-rw-rw- 2 root wheel 0 Aug 3 10:34 /tmp/log [EMAIL PROTECTED]:/tmp]# nate
tablec - show all addresses in pf table
tablec allows me to add or remove pf table entries with an unprivileged userland account. is there a method to produce a listing of all addresses in a pf table with an unprivileged userland account? -- John Brooks [EMAIL PROTECTED]
Re: syslogd -a question
On 8/6/08, Dave Wilson [EMAIL PROTECTED] wrote: I'm assuming that sockets work over NFS of course. Anyone care to correct me? They don't work like that.
Re: tab gets lost on display
Stuart Henderson [EMAIL PROTECTED] wrote: Looks like an xterm bug. This works ok in a normal console, and works ok in screen in a normal console, but fails in an xterm or screen in an xterm. Let's make it easier for people to test; $ printf 1\t\t\t\t\t\t\t\t\t1234567\t123 I have taken my DEC VT220 from the shelf and xterm matches its behavior. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: MPLS On OpenBGP
[EMAIL PROTECTED] wrote: I'll be looking for that day wherein those Cisco guys can boost no more that they are the only ones in the planet that has the MPLS skills. Whew, maybe somebody knows where to start on how to add this MPLS feature so as to answer the question like where do I begin? You're top-posting. For the MPLS, you have basically two parts - data plane, which is encapsulation of the frames or cells, and the control plane, which is exchanging VPNv4/VPNv6 information between multiprotocol speaking BGP routers (usually - PEs/LERs in MPLS nomenclature). Quick look at google shows a lot of places where existing MPLS code can be found[1]. But as usual - maybe it's not the best of breed, or even not complete. The MPLS as itself is not Cisco domain, but it was invented by Cisco as tag switching[2] back in the days where nobody believed it will be needed. It was back in 1997. So, as Claudio said - go for it, if You think you can do better. [1]. http://www.mplsrc.com/vendor.shtml being one of them, with old ayame project as well for NetBSD [2]. http://tools.ietf.org/html/rfc2105 -- Don't expect me to cry for all the | #ukasz Bromirski reasons you had to die -- Kurt Cobain |http://lukasz.bromirski.net
Re: tablec - show all addresses in pf table
On Wed, Aug 06, 2008 at 11:32:53AM -0500, John Brooks wrote: tablec allows me to add or remove pf table entries with an unprivileged userland account. is there a method to produce a listing of all addresses in a pf table with an unprivileged userland account? If this is for interactive use, why not just stick with sudo? Otherwise, a trivial suided wrapper could work. If you have some coding skills, extending tabled shouldn't be too hard, either - it appears to be a pretty simple program. Joachim
Re: PF and DHCP hakz
On Tue, 5 Aug 2008 20:34:09 -0600 Duncan Patton a Campbell [EMAIL PROTECTED] wrote: Howdy List? As some of you may have gathered from previous posts, I have been working on a pf configuration that will allow a gateway firewall machine to talk to two or more ISP services and allow for the differential routing of data connections from client's services both behind the firewall and on it (e.g. a TOR, HTTP server or other proxy). An additional complexity is introduced in that most prospective users of such a configuration are small to medium businessess that engage only DHCP services from ISPs. This means the IP address, default route and name servers associated with a particular service provider can (and do) change over the period the firewall gate is up for, moreover the lease times granted can change from time to time. Also, nameservers for most ISP are configured to only answer queries from the ISP's subnet(s) and the standard dhclient- script does not accomodate this. In order to make such a configuration work, I introduce some hacks into the dhclient-script such that when the dhclient processess associated with a particular interface are triggered to renew a lease, a piece of prolog code is called that touches the following configs: file data mod /etc/pf.conf gatewayIP /etc/resolv.conf nameservers (for default route) /etc/dhclient.confnameservers (for dhclient routes) This should NOT state dhclient.conf. It is, in fact dhcpd.conf that is modified with the nameservers for dhclients on the internal net. Dhu [routetable] default route for firewall To do this, I create a directory, /etc/pf, containing the following files: file purpose dhclient-script dhclient-script modified to call replall from add_new_routes() subroutine, and stub add_new_resolv_conf() as resolv.conf must only reference nameservers for the default route; slink'd to /sbin/dhclient-script. dhcpd.cnf.[interface] one for each internal interface to provision dhcpd services droute.IF define the firewall's default route interface pf.cnftemplate pf ruleset into which the specific interface gateways are inserted (replall looks for lines begining with ext_gw_{IFN} ). replall slink to compiled gprolog code hooked from dhclient-script that does the various manipulations. gplg/Makefile make for gprolog code gplg/dlib.pl prolog support code -- dlib==duncan's lib;) gplg/replall gprolog executable gplg/replall.pl gprolog source A completed working instance of this scheme can be found at: http://neotext.ca/RefR/pf.dhcp/ It has been tested on a machine with 1 static and 1 DHCP gateway as well as on a machine with 2 DHCP gateways. And yes, I know that most of you will think I'm daft to use prolog for a task that could be done in sh/perl/python. It's really just a matter of what you are most comfortable with... if a good reason comes up I might recode it in C. Dhu
Re: contact info for PC Weasel?
spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. James Hartley [EMAIL PROTECTED] wrote: Does anyone have any information on contacting/ordering a PC Weasel? Their Website: http://www.realweasel.com/ ...is still up, but an inquiry sent to info@ last week is still unanswered. According to a Calgary operator, the number listed on the Website is no longer in service, searching through Google hasn't yielded anything relevant. Any information would be appreciated. Jim -- If you don't turn on to politics, politics will turn on you - Ralph Nader
Re: contact info for PC Weasel?
On Wed, 2008-08-06 at 13:58 -0700, Chris Cappuccio wrote: spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. No offense but: No. No you wont. Unless you have IPMI or something like Dell's DRAC (4, not 5 -- 5 sux big time). The AMI/Award BIOS serial console features on the market are _really_ bad. No hot-key sequences, no watchdog timer, and they don't actually simulate a VGA-Serial conversion (so the OS _still_ needs to know about the serial console) -- redirection after boot almost never works for kernels that draw the framebuffer instead of using BIOS calls to write kernel messages. Its bad out there. PC Weasel needs to sell off/lease that technology to MB vendors. ~BAS
Re: contact info for PC Weasel?
Given the $350 price tag of the PCI version, it might even be cheaper to get a different motherboard. The PC Weasel site looks unmaintained; the order page only lets you set a credit card expiration date from 2002 to 2008. On Wednesday August 6 2008 15:58, Chris Cappuccio wrote: spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. James Hartley [EMAIL PROTECTED] wrote: Does anyone have any information on contacting/ordering a PC Weasel? Their Website: http://www.realweasel.com/ Dan RamaleyDial Center 118, Drake University Network Programmer/Analyst 2407 Carpenter Ave +1 515 271-4540Des Moines IA 50311 USA
Re: contact info for PC Weasel?
Brian A. Seklecki wrote: On Wed, 2008-08-06 at 13:58 -0700, Chris Cappuccio wrote: spend your money on a motherboard with serial console. like a supermicro board or something. you'll be happier. No offense but: No. No you wont. Unless you have IPMI or something like Dell's DRAC (4, not 5 -- 5 sux big time). Normal serial console works great for me. There are some quirks, I've encountered a few on Dell systems, HP seems quite a bit better. Most of my boxes are Linux, and the Dell bios with redirect after POST conflicts with the serial console settings in the boot loader, so as part of the automated system installation it detects what model# the installer is running on, and if it's an affected system the installer disables the serial console settings on the boot loader to work around the BIOS bug(but keeps the serial console enabled elsewhere like remote tty). Haven't had a chance to mess with DRAC v4 yet, but DRAC v5 works alright, though I have to reboot it more often than I had to reboot the HP iLO (or HP iLO 2). The supermicro premium management card is pretty nice too though last I checked you had to have a browser to get to the console, no SSH access. Earlier versions had an SSH daemon, but none of the commands worked once I got logged in. A few years ago when I had a lot more supermicro systems I got them to fix some of their bios bugs that were the same as the Dell - they conflicted with the boot loader. I'm told by my co workers that Dell support is pretty worthless so I just work around it on my end instead. I also make sure to disable all frame buffers, which is pretty easy. I do like how the newer HP systems auto detect what console port your on, even our latest Dell boxes we seem to have to go into the bios and enable serial redirection before we can get remote serial access via DRAC 5. I don't use the KVM stuff as it wants java, and a web browser etc unless I absolutely have to. 99.9% of the stuff I need the console for plain text serial is fine (and faster/easier to get to over SSH). My OpenBSD systems are installed by hand, fortunately the installer is good about asking about serial consoles during installation, makes it pretty easy too. For what looks like about $300, this mini terminal server can probably provide good remote access to a system with a serial port(assuming you only need 1, if you need lots of ports get a bigger model): http://www.avocent.com/CycladesTS100.aspx I haven't used that model myself, but have used tons of ACS-32 and ACS-48s. (before Cyclades was bought by Avocent, I hear since they have started to charge extra for a lot of the things that were free before). nate
Re: tab gets lost on display
Stuart Henderson wrote on Wed, Aug 06, 2008 at 03:00:43PM +: Let's make it easier for people to test; $ printf 1\t\t\t\t\t\t\t\t\t1234567\t123 Or even: $ printf \t\t\t\t\t\t\t\t\t\tX\n These are ten tabs. Each tab is supposed to be 8 characters wide. Thus, the X is supposed to appear in column 81. When the xterm is at least 81 characters wide, the X does appear in column 81. When the width is 80 characters or less, the X appears in the last column. In other words, a tab never makes xterm wrap to the next line. A blank character does, as you can see from $ printf \t\t\t\t\t\t\t\t\t\t X\n I quickly realized that reset(1) solves the issue and that even `tset -I` is sufficient. Actually, tset(1) uses tcsetattr(3) OXTABS. You can have the same effect manually with `stty oxtabs` and the problem is gone; then `stty -oxtabs` and the problem is back. That oxtabs gets switched on by default stems from the fact that /usr/src/share/termtypes/termtypes.master has no OTpt for xterm-r6. What i do not yet understand is why xterm has -oxtabs by default but the terminfo(5) database has no OTpt for it. Isn't that inconsistent? Christian Weisgerber wrote on Wed, 6 Aug 2008 17:43:04 + (UTC): I have taken my DEC VT220 from the shelf and xterm matches its behavior. In any case, the VT220 *has* hardware tabs. That's also stated by :pt: in terminfo(5). Now, *IF* xterm is supposed to emulate VT220 and thus xterm default behaviour is considered correct, then the logical consequence would be the following patch. I'm not sure this is correct, quite possibly i'm overlooking something, and even if it is correct, it's probably incomplete, but maybe somebody more knowledgeable regarding termios(4) can judge this (after the release is done). Index: share/termtypes/termtypes.master === RCS file: /cvs/src/share/termtypes/termtypes.master,v retrieving revision 1.36 diff -u -r1.36 termtypes.master --- share/termtypes/termtypes.master25 Jun 2007 15:57:28 - 1.36 +++ share/termtypes/termtypes.master6 Aug 2008 21:56:43 - @@ -2538,7 +2538,7 @@ # (khome/kend do not actually work in X11R5 or X11R6, but many people use this # for compatibility with other emulators). xterm-r6|xterm-old|xterm X11R6 version, - OTbs, am, km, mir, msgr, xenl, + OTbs, OTpt, am, km, mir, msgr, xenl, cols#80, it#8, lines#24, acsc=``aaffggiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~, bel=^G, bold=\E[1m, clear=\E[H\E[2J, cr=^M,
Re: tab gets lost on display
Sorry for not noticing at once, but here we go: Stuart Henderson wrote on Wed, Aug 06, 2008 at 03:00:43PM + concerning $ printf 1\t\t\t\t\t\t\t\t\t1234567\t123 Looks like an xterm bug. This works ok in a normal console, and works ok in screen in a normal console, but fails in an xterm or screen in an xterm. In my last posting, i have shown that xterm has -oxterm by default, emulating the strange original VT220 behaviour, but terminfo(5) has no :pt: for xterm-r6, such that tset(1) switches to +oxterm. For the i386 console, it's exactly the other way round: The consoles have +oxterm by default, but terminfo(5) does have :pt: for vt220, such that tset(1) switches to -oxterm. Uh oh. This is certainly not a big deal, but indeed surprising either way...
OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards,
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
On Wed, Aug 06, 2008 at 09:31:12PM -0400, Richard Daemon wrote: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards, Look at http://www.virtualbox.org/changeset/846 Do you really want to run something that patches kernel memory behind your back?
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
VirtualBox sucks to version 1.6.2 .There is a 1.6.4 now,but I don't test it. I use Qemu on BSD/Linux/Windows,it's better in my opinion. (work with VirtualBox,Vmware Server 1.0.x,2.x,MS Virtual Server,MS Virtual PC) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Daemon Sent: Thursday, August 07, 2008 3:31 AM To: misc Subject: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly? OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards,
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
I tried to run a recent i386 4.4 beta on a KVM/QEMU virtual machine under Ubuntu and there are some problems with the emulated network. The driver constantly reports timeouts. re0: watchdog timeout As a side effect the connection is very slow. I assume that doesn't happen on the actual hardware that QEMU is supposed to emulate, but other OSes don't have the same problem. 2008/8/7 Tomas Bodzar [EMAIL PROTECTED]: VirtualBox sucks to version 1.6.2 .There is a 1.6.4 now,but I don't test it. I use Qemu on BSD/Linux/Windows,it's better in my opinion. (work with VirtualBox,Vmware Server 1.0.x,2.x,MS Virtual Server,MS Virtual PC) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Daemon Sent: Thursday, August 07, 2008 3:31 AM To: misc Subject: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly? OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards,
DOJ Incompetence and corruption
For those that do not know, DOJ is department of justice. Incompetence and corruption cost an innocent man, Irvins, his life. The FBI have been harassing me for 15 years. I have posted many emails to this list with a variety of descriptions of what has happened to me. DOJ investigators purposely try to drive suspects to suicide in cases lacking substantial evidence. It not only occurs in the FBI but across all agencies of the DOJ. Congress urgently needs to look into the problems at the DOJ. A PhD Chemist employed at the FBI's criminal investigation lab claims out right criminal tampering of evidence. I will testify under oath the things done to me over that past 15 years and like Abu Graib it is far worse than most realize.
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
Yes OBSD 4.3 can, I running this in virtualbox on winXP and linux. but in winXP no run X11. At momen enter Xorg -configure I obtain this: #Xorg -configure Xorg -configure Fatal Server error: Caught signal 11. Server aborting abort trap But whitout X run fine. Regards Dimitri.- http://dimitri.homeunix.com/~dimitri/ OpenBSD - Free, Functional Secure --- El mii, 6/8/08, Jonathan Gray [EMAIL PROTECTED] escribis: De: Jonathan Gray [EMAIL PROTECTED] Asunto: Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly? Para: Richard Daemon [EMAIL PROTECTED] CC: misc misc@openbsd.org Fecha: miircoles, 6 agosto, 2008 11:06 On Wed, Aug 06, 2008 at 09:31:12PM -0400, Richard Daemon wrote: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards, Look at http://www.virtualbox.org/changeset/846 Do you really want to run something that patches kernel memory behind your back? __ Enviado desde Correo Yahoo! La bandeja de entrada mas inteligente.
How can I hire a PF developer or guru?
Who would I contact, or how would I go about hiring a PF developer or guru to help me debug/improve my pf.conf rules? Steve
postgresql
Hi all, I'm looking at a project that I'm trying to run on openbsd. All that box will have is postgresql. At this time, it's just 2 programmers and 1 sysadmin type person that's involved, no DBAs, so apologies if the questions are... too simplistic. And I realize if I want to maximize performance, I need to examine OSes as well. But at this point, I want to explore what is the biggest postgresql server I can run under openbsd. If at all possible, I want to run everything in memory. What I'm looking for is what is the biggest database I can run on a 4 socket (4 core per socket) AMD motherboard with 64GB or 128GB of Ram using a standard kernel? For example, what should shmmax be set to? http://developer.postgresql.org/pgdocs/postgres/kernel-resources.html recommends several hundred megabytes. I understand I may need to recompile the kernel. Any recommendations for something that can run on 64/128GB ram, 16 cpus, running only postgresql? Thanks in advance. I'm exploring what is possible at this point. I realize I haven't given out more information, but I don't have that in hand yet. But I'm interested in finding out what my top end is. Thanks! -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0feature=related
Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly?
4.3 runs fine on many PCs in Qemu as I tested (Kubuntu,Mandriva,OpenSUSE,Windows).4.4 is Beta,so there may be problems. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jordi Beltran Creix Sent: Thursday, August 07, 2008 5:56 AM To: misc@openbsd.org Subject: Re: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly? I tried to run a recent i386 4.4 beta on a KVM/QEMU virtual machine under Ubuntu and there are some problems with the emulated network. The driver constantly reports timeouts. re0: watchdog timeout As a side effect the connection is very slow. I assume that doesn't happen on the actual hardware that QEMU is supposed to emulate, but other OSes don't have the same problem. 2008/8/7 Tomas Bodzar [EMAIL PROTECTED]: VirtualBox sucks to version 1.6.2 .There is a 1.6.4 now,but I don't test it. I use Qemu on BSD/Linux/Windows,it's better in my opinion. (work with VirtualBox,Vmware Server 1.0.x,2.x,MS Virtual Server,MS Virtual PC) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Daemon Sent: Thursday, August 07, 2008 3:31 AM To: misc Subject: OpenBSD 4.3 running in VirtualBox? Anyone have it working properly? OpenBSD 4.3 running in VirtualBox? Anyone have it working properly and if so, how? Same problems as reported here: http://www.virtualbox.org/ticket/192 Regards,
Re: DOJ Incompetence and corruption
james dandey wrote: For those that do not know, DOJ is department of justice. Incompetence and corruption cost an innocent man, Irvins, his life. The FBI have been harassing me for 15 years. I have posted many emails to this list with a variety of descriptions of what has happened to me. DOJ investigators purposely try to drive suspects to suicide in cases lacking substantial evidence. It not only occurs in the FBI but across all agencies of the DOJ. Congress urgently needs to look into the problems at the DOJ. A PhD Chemist employed at the FBI's criminal investigation lab claims out right criminal tampering of evidence. I will testify under oath the things done to me over that past 15 years and like Abu Graib it is far worse than most realize. mr. dandey: the terms of your parole specifically forbade you from mislinewrapping in public. you have been issued an additional 50 demerits. if you do not amend your actions i can neither confirm nor deny that the DOJ will extraordinarily render your balls inoperable. from those that already knew