Pedido de remoção da lista Novos
recebemos um pedido de remogco do seu enderego misc@openbsd.org na lista Novos. Por favor, clique no seguinte enderego para confirmar que pretende anular a sua subscrigco: http://www.mktid.com/pub/rm.php?dodel=dodelu=2d50b65318l=1491
A Distancia
Por favor Por favor, no responda este mail. Si desea responder, hagalo a la direccion que figura al pie. Inscripciones 2009 a partir del lunes 16 de febrero Psicologia Social SupervisionGeneral Licenciada Diana Coblier Primera Escuela Virtual de Psicologia Social Totalmente a Distancia Para Hispano Parlantes de todo el pams y del mundo. Tel. 011 - 48657124 Escuela de Psicologia Social de Puerto Madryn Coordina Silvina Savid Presencial una vez por semana. Telef. 02965 - 15 - 503239 Escuela de Psicologia Social de Trelew Coordina Marcela Narez Presencial una vez por semana Urquiza 458. Telef. 02965 - 15 - 576449 Lunes a Viernes de 18 a 21 horas. Teorma y Ticnica Pichon Riviere Certificados de Estudios avalados por la propia Institucion Trabajo de Campo desde Primer Aqo Inscripcion abierta desde el 16 de febrero . Para consultas por Internet, remitir mail a fundaciontehuel...@hotmail.com Si no desea seguir recibiendo nuestra info, por favor, mandar mail a fundaciontehuel...@hotmail.com con la palabra remover en el Asunto.
Re: wpa2 and osx
| hi list, | i have a problem with wpa2 and osx. i could connect to the ap | if i force it to use wpa1 only. all other wpaprotos gives a : | WPA2(PSK,unknown/TKIP,AES/TKIP) | while scanning with airport and the association failed. the test | cases and dmesg could be found here: | http://sumi.thepixelz.com/obsd/wpa-openbsd.txt The unknown comes from the PSK-SHA-256 authentication protocol supported by OpenBSD (this is a protocol defined in Draft 802.11w that has a stronger key derivation function than the legacy PSK-SHA1). Unfortunately, some broken (non standard compliant) supplicants are confused by unknown authentication protocols and try to associate using 802.1X in this case. I've seen this with Intel PRO/Set on XP too. I'm not quite sure what to do since it's not OpenBSD fault at all. The current approach is that if a user specifies psk with the wpaakms ifconfig command, both PSK-SHA1 and PSK-SHA-256 are advertised by the AP. Maybe I should add psk-sha256 to the list of supported values for wpaakms so that people who have interoperability problems can disable PSK-SHA-256 with wpaakms psk. The default setting would be psk,psk-sha256. Because we are approaching release, I will probably stop advertising PSK-SHA-256 by default for 4.5 (AFAIK, only OpenBSD clients are currently capable of selecting this authentication protocol, although some very recent versions of wpa_supplicant may support it too.) Damien
Re: Openbsd 4.4 and openbgp current problems
On Tue, 10 Feb 2009 17:39:50 +0700, Esa Kuusisto esa.kuusi...@gmail.com wrote: Hi I have samekind of panic problems with two different openbgp routers. All I get panic: rtfree 2 before dump. I was searching if someone else have samekind of problem via google and you're only one. My only question is that did you get any solution for the problem? Best Regards -Esa Kuusisto Hi, I already send my PR, I haven't found any solution for this problem. On S3200 it panicked, on S3000AH it went freeze. Thanks, -- insandotpraja(at)gmaildotcom
Re: Problems with OpenBSD 4.4 amd64 install (solved)
Yes, I did create a separate partition for /etc. I did the install over without separate partition for /etc, now it works. Thanks! On Mon, 09 Feb 2009 14:30:33 +0100 Josh Grosse j...@jggimi.homeip.net wrote: On Mon, 09 Feb 2009 13:38:47 +0100, auto709563 wrote I have installed 4.4 on amd64. When I boot up I get a pretty dmesg, followed by: Feb 9 18:52:43 init: cannot stat /etc/login.conf: No such file or directory sh: /etc/rc: No such File or directory Feb 9 18:52:45 init: /etc/pwd.db: No such file or directory Enter pathname of shell or RETURN for sh: After this, I get a shell, but nothing but / seems mounted. I could not save the dmesg. Very strange. You have a kernel, and you have init(8), but it looks like looks like /etc is missing or damaged. Did you, by chance, create a separate partition for /etc? That could explain this, as /etc is needed in order to boot multi-user. -- Click for online loan, fast amp; no lender fee, approval today http://tagline.hushmail.com/fc/PnY6qxtVWH9X6ypOhKQjRJXKzvvtV2a1rChpmYbaW63xyCIAZq0Kf/
Re: Tentakel and exec sudo ...
Am 08.02.2009 um 16:18 schrieb Todd C. Miller: Do you know whether tentakel is running ssh with the -t flag or not? I think tentakel's running without this flag. In the file /etc/ tentakel.conf I can see: # first section: global parameters set ssh_path=/usr/bin/ssh Adding a -t at the end doesn't matter :-/ - todd Regards, Falk
Re: PF Executive Summary
Morris, Roy rmorris at internetsecure.com writes: I need to create an executive summary of pf rules and I remember once seeing a link for a tool that read the rules and gave you back a 'checkpoint(ish)' output .. Anyone know the tool I am talking about or can recommend one? Otherwise I am stuck making stick drawings :) I do not recall the tool, or one you could use, but perhaps something could be written based off the yacc grammar*? Have it output {svg,xmi,dot} or something. I know that there are tools in perl/CPAN to build a parser from a yacc grammar which might be helpful if you're more of a perl than C coder. * /usr/src/sbin/pfctl/parse.y
Re: Problems with OpenBSD 4.4 amd64 install (solved)
On Tue, Feb 10, 2009 at 02:39:21PM +0100, auto709...@hushmail.com wrote: Yes, I did create a separate partition for /etc. I did the install over without separate partition for /etc, now it works. Thanks! No suprise here: /etc contains important files to boot the system. Other top level dirs that really should be in the root partition: /bin, /sbin, /root and /dev. -Otto On Mon, 09 Feb 2009 14:30:33 +0100 Josh Grosse j...@jggimi.homeip.net wrote: On Mon, 09 Feb 2009 13:38:47 +0100, auto709563 wrote I have installed 4.4 on amd64. When I boot up I get a pretty dmesg, followed by: Feb 9 18:52:43 init: cannot stat /etc/login.conf: No such file or directory sh: /etc/rc: No such File or directory Feb 9 18:52:45 init: /etc/pwd.db: No such file or directory Enter pathname of shell or RETURN for sh: After this, I get a shell, but nothing but / seems mounted. I could not save the dmesg. Very strange. You have a kernel, and you have init(8), but it looks like looks like /etc is missing or damaged. Did you, by chance, create a separate partition for /etc? That could explain this, as /etc is needed in order to boot multi-user. -- Click for online loan, fast amp; no lender fee, approval today http://tagline.hushmail.com/fc/PnY6qxtVWH9X6ypOhKQjRJXKzvvtV2a1rChpmYbaW63xyCIAZq0Kf/
openBSD newbie: how to display INSTALL.arch during install
Hi, I am new to *BSD and I am trying to instal openBSD 4.4 on an amd64 platform. I tried to find out how to have INSTALL.amd64 displayed somewhere during installation (like opening a second console and using less) but it seems that only one console is available during install. Is there a way to have the installation notes handy apart from a dead tree printout? My thanks in advance. -- Best regards Neoklis Ham Radio call 5B4AZ Website: http://5b4az.chronos.org.uk/
Re: openBSD newbie: how to display INSTALL.arch during install
On Tue, 10 Feb 2009 16:52:08 +0200, Neoklis Kyriazis wrote Is there a way to have the installation notes handy apart from a dead tree printout? One can have the notes present in machine-readable form. Handy? No. The ramdisk kernel operates in single-user mode, so there is no alternate console available. But, one can escape to a subshell. From there, one could mount a foreign file system containing the document, and view it with less(1) or more(1). One could also acquire it via ftp(1) over the network, but there is likely insufficient freespace to save it in the RAM filesystem. One could obviously create a spare FFS filesystem to store the file, but then, if one could do that, one would be familiar enough with OpenBSD to not need the installation documentation anyway.
SOCKS proxy
Dear List, I have following case: - || -- | Firewall with Proxy:port [a2] | --- | client [a1] | - || --(internet)-| Public accessible server with static IP [a3] | -- 'a1' connects only via browser to the internet after defining the proxy:port of 'a2' Is it possible to create a SOCKS Proxy from 'a1' to 'a3'? If 'a1' wasn't blocked to the internet I would: ssh -p 443 -D 2000 userid@a3 but this command times out! is a way to 'tell' to make use of the proxy in 'a2' and redirect all the traffic? Thanks Tony
Re: openBSD newbie: how to display INSTALL.arch during install
Josh Grosse escribis: On Tue, 10 Feb 2009 16:52:08 +0200, Neoklis Kyriazis wrote Is there a way to have the installation notes handy apart from a dead tree printout? One can have the notes present in machine-readable form. Handy? No. The ramdisk kernel operates in single-user mode, so there is no alternate console available. But, one can escape to a subshell. From there, one could mount a foreign file system containing the document, and view it with less(1) or more(1). One could also acquire it via ftp(1) over the network, but there is likely insufficient freespace to save it in the RAM filesystem. One could obviously create a spare FFS filesystem to store the file, but then, if one could do that, one would be familiar enough with OpenBSD to not need the installation documentation anyway. O.o... another computer with screen near?? belive me, print out some pages would affect the subsistence of trees, the paper factories use controlated environments with fast grown trees species to don't cut forests (at least here in Spain).
Apache on 4.3 - problem with a Flash that no longer reads a 'text' file for data to display..
Well, up until our big upgrade in October November (last) to OpenBSD 4.3 we had no problems with the standard Apache (httpd). Now, there is an unexpected behavior for a couple of Web sites we host on these OpenBSD 4.3 servers that reveals itself when a Flash object runs (from html code) that reads a text file for some data to display as the flash runs, and when it finishes its little animation. The best example is our own Web site: http://www.rtmx.net but, there are others (customer sites) I don't need to list here. They are on the same servers - all behaving (now) this way. No text file data read in during the Flash run. Just look at the page source (for the site above) to see the standard Flash reference. The text file it opens can be seen by looking at: http://www.rtmx.net/flash.txt The Flash object runs its little animation, reads the text from the (above) file and the displays it...normally. Now, under a standard OpenBSD 4.3 it's a no go. So, I'm hoping that someone has seen this 'new' behavior and resolved it with their own site(s) running newer versions of OpenBSD + Apache (standard...not the Apache2). Randy --- httpd -V, followed by dmesg: --- srv2# httpd -V Server version: Apache/1.3.29 (Unix) Server's Module Magic Number: 19990320:15 Server compiled with -D EAPI -D HAVE_MMAP -D HAVE_SHMGET -D USE_MMAP_SCOREBOARD -D USE_MMAP_FILES -D HAVE_FLOCK_SERIALIZED_ACCEPT -D HAVE_SYSVSEM_SERIALIZED_ACCEPT -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D DYNAMIC_MODULE_LIMIT=64 -D HARD_SERVER_LIMIT=256 -D HTTPD_ROOT=/var/www -D SUEXEC_BIN=/usr/sbin/suexec -D DEFAULT_PIDLOG=logs/httpd.pid -D DEFAULT_SCOREBOARD=logs/httpd.scoreboard -D DEFAULT_LOCKFILE=logs/httpd.lock -D DEFAULT_ERRORLOG=logs/error_log -D TYPES_CONFIG_FILE=conf/mime.types -D SERVER_CONFIG_FILE=conf/httpd.conf -D ACCESS_CONFIG_FILE=conf/access.conf -D RESOURCE_CONFIG_FILE=conf/srm.conf srv2# --- srv2# dmesg OpenBSD 4.3 (GENERIC.MP) #587: Wed Mar 12 11:21:57 MDT 2008 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Pentium(R) III CPU family 1133MHz (GenuineIntel 686-class) 1.14 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 3220733952 (3071MB) avail mem = 3120955392 (2976MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/10/04, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xfb060 (55 entries) bios0: vendor Dell Computer Corporation version A09 date 12/10/2004 bios0: Dell Computer Corporation PowerEdge 1550/1133 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC acpi0: wakeup devices PCI0(S5) PCI2(S5) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 1 (boot processor) cpu0: apic clock running at 132MHz cpu1 at mainbus0: apid 0 (application processor) cpu1: Intel(R) Pentium(R) III CPU family 1133MHz (GenuineIntel 686-class) 1.14 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 16 pins ioapic0: misconfigured as apic 0, remapped to apid 2 ioapic1 at mainbus0: apid 3 pa 0xfec01000, version 11, 16 pins ioapic1: misconfigured as apic 0, remapped to apid 3 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PCI1) acpiprt2 at acpi0: bus 4 (PCI2) acpicpu0 at acpi0 acpicpu1 at acpi0 bios0: ROM list: 0xc/0x8000 0xc8000/0x1400 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 ServerWorks CNB20HE Host rev 0x23 pci1 at pchb0 bus 1 ppb0 at pci1 dev 4 function 0 DEC 21154 PCI-PCI rev 0x05 pci2 at ppb0 bus 2 ppb1 at pci2 dev 0 function 0 DEC 21154 PCI-PCI rev 0x05 pci3 at ppb1 bus 3 ami0 at pci3 dev 0 function 0 AMI MegaRAID rev 0x20: apic 3 int 9 (irq 3) ami0: Dell PERC3/DC, 64b/lhc, FW 199D, BIOS v3.35, 128MB RAM ami0: 2 channels, 0 FC loops, 1 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00, SCSI2 0/direct fixed sd0: 139760MB, 17816 cyl, 255 head, 63 sec, 512 bytes/sec, 286228480 sec total scsibus1 at ami0: 16 targets safte0 at scsibus1 targ 6 lun 0: DELL, 1x3 U2W SCSI BP, 1.21 SCSI2 3/processor fixed scsibus2 at ami0: 16 targets QLogic ISP12160 rev 0x06 at pci2 dev 1 function 0 not configured pchb1 at pci0 dev 0 function 1 ServerWorks CNB20HE Host rev 0x01 pchb2 at pci0 dev 0 function 2 ServerWorks CNB20HE Host rev 0x01 pchb3 at pci0 dev 0 function 3 ServerWorks CNB20HE Host rev 0x01 pci4 at pchb3 bus 4 ahc0 at pci4 dev 5 function 0 Adaptec AIC-7899 U160 rev 0x01: apic 3 int 11 (irq 11) scsibus3 at ahc0: 16 targets ahc1 at pci4 dev 5 function 1 Adaptec AIC-7899 U160 rev 0x01: apic 3 int 12 (irq 10) scsibus4 at ahc1: 16 targets ubsec0 at pci4 dev 6 function 0 Broadcom 5820 rev 0x10: 3DES MD5 SHA1 RNG PK, apic 3 int 13 (irq 7) fxp0 at pci0 dev 1 function 0 Intel 8255x rev 0x08, i82559: apic 3 int 0 (irq 11), address 00:06:5b:3c:3d:e6 inphy0 at fxp0 phy 1:
Silly serial console question
In my grandfather's attic (RIP) I unearthed one of these: http://www.omnidatasys.net/product/spec_dataterminal_ti703.htm which in a nutshell is a paper terminal which runs at 300 baud. I figured it could be fun to set it up as a serial console on one of my machines, and maybe useful if I left it tailing logfiles to a hard copy or perhaps using it for a machine I have which keeps PANICing So I edited the line in /etc/ttys for tty00 to be: tty00 /usr/libexec/getty std.300vt100 on and now (after some init HUPing) I get a login prompt, and it takes my username. When I try and give it a password however, it turns off echo, but it never seems to notice the carriage return. It just sits there. If I send a break, it wakes up and says login incorrect, so it's not completely died. It's not worth expending any time or effort over, but I thought maybe someone might be able to say Ha! You need hardware flow control! or somesuch. I just thought it might be cool to be able to come in in the morning an tear off a list of errors from last night :-) SD
sudo 1.6.9p20 patch in OPENBSD_4_3 and OPENBSD_4_4
All: Do we want to slip this into presently supported branches containing 1.6.9p17? It's a quick patch: http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2.22only_with_tag=SUDO_1_6_9 I tested it on -rOPENBSD_4_3. Just be sure to nuke the version string. $ more sudo_p20.patch === RCS file: /home/anoncvs/cvs/sudo/parse.c,v retrieving revision 1.160.2.21 retrieving revision 1.160.2.22 diff -u -p -r1.160.2.21 -r1.160.2.22 --- sudo/parse.c2008/11/02 14:35:53 1.160.2.21 +++ sudo/parse.c2009/01/28 00:50:01 1.160.2.22 @@ -651,9 +651,11 @@ usergr_matches(group, user, pw) /* * If the user has a supplementary group vector, check it first. */ -for (i = 0; i user_ngroups; i++) { - if (grp-gr_gid == user_groups[i]) - return(TRUE); +if (strcmp(user, user_name) == 0) { + for (i = 0; i user_ngroups; i++) { + if (grp-gr_gid == user_groups[i]) + return(TRUE); + } } if (grp-gr_mem != NULL) { for (cur = grp-gr_mem; *cur; cur++) { sekle...@seawing:/usr/src/usr.bin$ sudo patch -p0 sudo_p20.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -- |=== |RCS file: /home/anoncvs/cvs/sudo/parse.c,v |retrieving revision 1.160.2.21 |retrieving revision 1.160.2.22 |diff -u -p -r1.160.2.21 -r1.160.2.22 |--- sudo/parse.c 2008/11/02 14:35:53 1.160.2.21 |+++ sudo/parse.c 2009/01/28 00:50:01 1.160.2.22 -- Patching file sudo/parse.c using Plan A... Hunk #1 succeeded at 606 (offset -45 lines). done
ssh user keys
Given multiple client machines that I wish to allow password less login to a given target machine. Should I generate unique keys for the users on each client machine, or should I use the same _user_ keys for each client machine. -- One of the main causes of the fall of the roman empire was that, lacking zero, they had no way to indicate successful termination of their C programs.
Re: Silly serial console question
On Tue, Feb 10, 2009 at 11:38 AM, Dave Wilson richard.wil...@senokian.com wrote: In my grandfather's attic (RIP) I unearthed one of these: http://www.omnidatasys.net/product/spec_dataterminal_ti703.htm which in a nutshell is a paper terminal which runs at 300 baud. I figured it could be fun to set it up as a serial console on one of my machines, and maybe useful if I left it tailing logfiles to a hard copy or perhaps using it for a machine I have which keeps PANICing So I edited the line in /etc/ttys for tty00 to be: tty00 /usr/libexec/getty std.300vt100 on and now (after some init HUPing) I get a login prompt, and it takes my username. When I try and give it a password however, it turns off echo, but it never seems to notice the carriage return. It just sits there. If I send a break, it wakes up and says login incorrect, so it's not completely died. I would try dumbing it down - a vt100 is a pretty complex beast. Searching in /etc/termcap for paper yields tty33 and tty37 as options: Teletype (tty) # # These are the hardcopy Teletypes from before ATT bought the company, # clattering electromechanical dinosaurs in Bakelite cases that printed on # pulpy yellow roll paper. If you remember these you go back a ways. # Teletype-branded VDTs are listed in the ATT section. # I don't remeber these but I do have fond memories of decwriters clattering away in the CS lab. If those don't work you could man 5 termcap and make up your own entry... -N
Re: sudo 1.6.9p20 patch in OPENBSD_4_3 and OPENBSD_4_4
In message 1234278635.17569.9.ca...@soundwave.ws.pitbpa0.priv.collaborativefus ion.com so spake Brian A. Seklecki (lavalamp): Do we want to slip this into presently supported branches containing 1.6.9p17? It's a quick patch: http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2. 22only_with_tag=SUDO_1_6_9 I tested it on -rOPENBSD_4_3. Just be sure to nuke the version string. I think this is worth doing, though the bug won't affect most people's configuration. -current is unaffected as it contains sudo 1.7.0. - todd
Re: Silly serial console question
Nick Bender wrote: snip Teletype (tty) # # These are the hardcopy Teletypes from before ATT bought the company, # clattering electromechanical dinosaurs in Bakelite cases that printed on # pulpy yellow roll paper. If you remember these you go back a ways. # Teletype-branded VDTs are listed in the ATT section. # TTY 33 and 35 machines were _not_ in Bakelite cases (the cover was made from a thermoplastic) and there aren't any entries in _this_ termcap file for Model 28s and other earlier machines in metal cases. If no one corrects this description, perhaps a patch to /etc/termcap is in order? Michael
OT: Free, online backup service provider compatible with BSD
Can anyone recommend one of the free, online backup service providers? I would like to tar up all of my config files, custom scripts, etc any time they change and then upload them to some place offsite. I do not need a lot of space1GB would be more than sufficient. It would need to be a service that I can use SSH, FTP or some other protocol to transfer the data. Steve
Re: OT: Free, online backup service provider compatible with BSD
I use getdropbox.com; 2gb free. They have windows and Mac clients, and when I last checked they were planning to have a *nix client, but if you're planning to tar things, their web interface should be more than adequate. I can't vouch for their trustworthiness, but they seems to have a decent handle on putting together a reasonably secure setup. On Tue, Feb 10, 2009 at 1:57 PM, Steve B stev...@gmail.com wrote: Can anyone recommend one of the free, online backup service providers? I would like to tar up all of my config files, custom scripts, etc any time they change and then upload them to some place offsite. I do not need a lot of space1GB would be more than sufficient. It would need to be a service that I can use SSH, FTP or some other protocol to transfer the data. Steve -- Systems Programmer, Principal Electrical Computer Engineering The University of Arizona ma...@arizona.edu
Re: OT: Free, online backup service provider compatible with BSD
At 01:57 PM 2/10/2009 -0700, Steve B wrote: Can anyone recommend one of the free, online backup service providers? I would like to tar up all of my config files, custom scripts, etc any time they change and then upload them to some place offsite. I do not need a lot of space1GB would be more than sufficient. It would need to be a service that I can use SSH, FTP or some other protocol to transfer the data. Steve Why not rsync/rshapshot your own USB drive? Lee
Re: OT: Free, online backup service provider compatible with BSD
On Tue, Feb 10, 2009 at 3:57 PM, Steve B stev...@gmail.com wrote: Can anyone recommend one of the free, online backup service providers? I would like to tar up all of my config files, custom scripts, etc any time they change and then upload them to some place offsite. I do not need a lot of space1GB would be more than sufficient. It would need to be a service that I can use SSH, FTP or some other protocol to transfer the data. bitbucket, github, ...
Re: OT: Free, online backup service provider compatible with BSD
On Tue, Feb 10, 2009 at 01:57:31PM -0700, Steve B wrote: Can anyone recommend one of the free, online backup service providers? I would like to tar up all of my config files, custom scripts, etc any time they change and then upload them to some place offsite. I do not need a lot of space1GB would be more than sufficient. It would need to be a service that I can use SSH, FTP or some other protocol to transfer the data. If you have a *nix system at home and connectivity to your server, there's no reason not to just pull your backups down. Here is a basic script I use for my own server. = #!/bin/sh # DayOfWeek DOW=`date +%w` DATE=`date +%Y%m%d` ssh r...@foobar.com dump ${DOW}ufa - / | /usr/local/bin/bzip2 | \ dd of=/backups/dumps/colo2-root-${DOW}-${DATE}.bz2 ssh r...@foobar.com dump ${DOW}ufa - /home | /usr/local/bin/bzip2 | \ dd of=/backups/dumps/colo2-home-${DOW}-${DATE}.bz2 ssh r...@foobar.com dump ${DOW}ufa - /var | /usr/local/bin/bzip2 | \ dd of=/backups/dumps/colo2-var-${DOW}-${DATE}.bz2 = -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
Re: usr.sbin/wake removal
Hey, The removal of this utility is unfortunate, but not the end of the world.. the ports database at openports.se didn't list net/wol but I contacted them and they gratefully corrected it. Still, having such functionality in the base system.. without requiring devel/gettext.. would be nice. :-) Could something like the following be considered? not as-is probably, I'm not the best programmer on earth.. and maybe it should be part of ping(1) instead? Example: sudo ifconfig int wake 00:00:00:00:00:00 The code is respectfully copy pasted from the old wake(8), written by Marc Balmer/Eugene M. Kim. -Brynet [demime 1.01d removed an attachment of type application/octet-stream which had a name of ifconfig-wol.diff]
Re: spamd uatraps blacklist size
* Peter N. M. Hansteen pe...@bsdly.net [2009-02-02 10:22]: Jose Fragoso inet_use...@samerica.com writes: This list has gone quite small in size recently. The size changed from above 10 IP addresses to only 1 now. Could it be because University of Alberta is not being targeted so often anymore? Or is it because they have become more selective in trapping addresses? I actually think that you are seeing a decrease in the number of active spam senders. Other greytrappers (like my robot helpers) have seen a decrease in trapped hosts too. This could the effect of events like the McColo takedown last November, and possibly other less publicized events could have helped too. There is even a tiny possibility that some former spam senders have come under a more sensible sysadmin regime, and we can even hope that our greytrapping and 'name and shame' efforts are having some effect. We can dream, can't we? A little of both. In fact the list at 10K was probably an anomoly - I briefly partly broke it when I was shufflign machines around so you didn't get them all :) That's since been changed. Having said that my trapped volume is only around 35-40K hosts recently - but this corresponds to my total smtp connection volume has decreased abotu 50 to 60 percent since the MrColo and other spambot holder shutdowns in november. I used to peak over 2 million total in a day, and now peak just under a million. You can see this quite graphically here: http://bofh.ucs.ualberta.ca/cgi-bin/spam.cgi?days=125 (ignore the black line - it suffers from anomolies when my slaves do something wrong... :)
Re: spamd uatraps blacklist size
it because they have become more selective in trapping addresses? Oh and it's not because of this. We just managed to expire 66,000 accounts here which will only make the trapping get better ;)
Re: usr.sbin/wake removal
I totally forgot about demime, shame on me.. :-) Index: ifconfig.8 === RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v retrieving revision 1.173 diff -u -r1.173 ifconfig.8 --- ifconfig.8 12 Dec 2008 22:09:26 - 1.173 +++ ifconfig.8 10 Feb 2009 22:50:27 - @@ -412,6 +412,15 @@ It happens automatically when setting the first address on an interface. If the interface was reset when previously marked down, the hardware will be re-initialized. +.It Cm wake Ar etheraddr +Sends a Wake on LAN (WoL) frame over a local Ethernet network using a +link-layer (hardware) address. +.Ar etheraddr +is the link layer address of the remote machine +and can be specified as an actual hardware address +(six hexadecimal numbers separated by colons) +or as a hostname entry in +.Pa /etc/ethers . .El .Pp .Nm @@ -1237,6 +1246,7 @@ .Xr hostname.if 5 , .Xr hosts 5 , .Xr networks 5 , +.Xr ethers 5 , .Xr rc 8 , .Xr tcpdump 8 .Sh HISTORY Index: ifconfig.c === RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v retrieving revision 1.211 diff -u -r1.211 ifconfig.c --- ifconfig.c 6 Feb 2009 22:07:04 - 1.211 +++ ifconfig.c 10 Feb 2009 22:50:28 - @@ -64,6 +64,9 @@ #include sys/socket.h #include sys/ioctl.h +#ifndef SMALL +#include net/bpf.h +#endif /* SMALL */ #include net/if.h #include net/if_dl.h #include net/if_media.h @@ -98,6 +101,9 @@ #include ctype.h #include err.h #include errno.h +#ifndef SMALL +#include fcntl.h +#endif /* SMALL */ #include stdio.h #include stdlib.h #include string.h @@ -240,7 +246,22 @@ void unsetpflow_sender(const char *, int); void setpflow_receiver(const char *, int); void unsetpflow_receiver(const char *, int); + +#ifndef BPF_PATH_FORMAT +#define BPF_PATH_FORMAT /dev/bpf%u +#endif +#ifndef SYNC_LEN +#define SYNC_LEN 6 #endif +#ifndef DESTADDR_COUNT +#define DESTADDR_COUNT 16 +#endif +void wolhandler(const char *, int); +intget_bpf(void); +intbind_if_to_bpf(char const *, int); +intget_ether(char const *, struct ether_addr *); +intsend_wakeup(int, struct ether_addr const *); +#endif /* SMALL */ /* * Media stuff. Whenever a media command is first performed, the @@ -409,7 +430,8 @@ { -flowsrc, 1, 0, unsetpflow_sender }, { flowdst,NEXTARG,0, setpflow_receiver }, { -flowdst, 1,0, unsetpflow_receiver }, -#endif + { wake, NEXTARG,0, wolhandler }, +#endif /* SMALL */ { NULL, /*src*/ 0, 0, setifaddr }, { NULL, /*dst*/ 0, 0, setifdstaddr }, { NULL, /*illegal*/0, 0, NULL }, @@ -4572,3 +4594,104 @@ warn(SIOCSIFLLADDR); } +#ifndef SMALL +void +wolhandler(const char *addr, int param) +{ + int bpf; + struct ether_addr macaddr; + + bpf = get_bpf(); + if (bpf == -1 || + bind_if_to_bpf(name, bpf) == -1 || + get_ether(addr, macaddr) == -1 || + send_wakeup(bpf, macaddr) == -1) { + warn(error sending Wake on LAN frame over %s to %s, + name, addr); + } + (void)close(bpf); + return; +} + +int +get_bpf(void) +{ + int i, fd; + char path[MAXPATHLEN]; + + for (i = 0;; i++) { + if (snprintf(path, sizeof(path), BPF_PATH_FORMAT, i) == -1) + return -1; + + fd = open(path, O_RDWR); + if (fd != -1) + return fd; + if (errno == EBUSY) + continue; + break; + } + return -1; +} + +int +bind_if_to_bpf(char const *ifname, int bpf) +{ + struct ifreq ifr; + u_int dlt; + + if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) = + sizeof(ifr.ifr_name)) + return -1; + if (ioctl(bpf, BIOCSETIF, ifr) == -1) + return -1; + if (ioctl(bpf, BIOCGDLT, dlt) == -1) + return -1; + if (dlt != DLT_EN10MB) + return -1; + return 0; +} + +int +get_ether(char const *text, struct ether_addr *addr) +{ + struct ether_addr *paddr; + paddr = ether_aton(text); + if (paddr != NULL) { + *addr = *paddr; + return 0; + } + if (ether_hostton(text, addr)) + return -1; + return 0; +} + +int +send_wakeup(int bpf, struct ether_addr const *addr) +{ + struct { + struct ether_header hdr; + u_char data[SYNC_LEN + ETHER_ADDR_LEN * DESTADDR_COUNT]; + } pkt; + u_char *p; + int i; + ssize_t bw; + ssize_t len; + + (void)memset(pkt.hdr.ether_dhost, 0xff, sizeof(pkt.hdr.ether_dhost)); + pkt.hdr.ether_type = htons(0); +
Re: usr.sbin/wake removal
Am 10.02.2009 um 23:59 schrieb Brynet: Hey, The removal of this utility is unfortunate, but not the end of the world.. the ports database at openports.se didn't list net/wol but I contacted them and they gratefully corrected it. Still, having such functionality in the base system.. without requiring devel/gettext.. would be nice. :-) Could something like the following be considered? not as-is probably, I'm not the best programmer on earth.. and maybe it should be part of ping(1) instead? Example: sudo ifconfig int wake 00:00:00:00:00:00 The code is respectfully copy pasted from the old wake(8), written by Marc Balmer/Eugene M. Kim. wake was added to the tree for some reason. it was then removed for some reason. now we look at what is the best place for this functionality. I'd honestly prefer if we could close the wake discussion for now. we will eventually come up with a solution. -Brynet [demime 1.01d removed an attachment of type application/octet-stream which had a name of ifconfig-wol.diff]
Re: SSI support for thttpd?
On Feb 10, 2009, at 12:05 PM, Jakob Schlyter wrote: actually, the ssi thingy is build but not included in the binary package. I've updated the port to include it. jakob I just wanted to let you know that I did a make update on the latest source and it worked great (macppc -current). I copied ssi to a cgi-bin directory inside my document root and added - c '/cgi-bin/*' to thttpd command line. It parses SSI statements intended for Apache just fine, with the slight nit that it expects the path to be relative to the cgi-bin when I use virtual as the include type. I just created hardlinks to the included files and that solved the problem. Thanks for the super-fast response!!! As a silly aside, thttpd saved my tunnelbroker.net account. They wanted me to put up a website to prove the tunnel belonged to me, and after hours of tweaking httpd.conf yielded only frustration, I installed thttpd and had it up and running in less than 10 minutes. -- bk
Re: upgrading packages and ports, ugh
2009/2/9 Markus Lude markus.l...@gmx.de: On Tue, Feb 10, 2009 at 03:02:28AM +0100, Ingo Schwarze wrote: Hi Juan, Juan Miscaro wrote on Mon, Feb 09, 2009 at 08:38:01PM -0500: [...] p5-IO-INET6-2.01p0 freeze-2.5 Don't know those two, sorry. net/p5-IO-INET6 was replaced by net/p5-IO-Socket-INET6 around the beginning of the year because the upstream CPAN package was renamed. If you already got p5-IO-Socket-INET6 installed while upgrading you may just remove the old p5-IO-INET6 package if it isn't needed anymore. Regards, Markus Thanks everyone for these responses. I've since tried to reinstall (make reinstall) one of those ports and it now cries: === archivers/freeze === Cleaning for freeze-2.5 /usr/sbin/pkg_delete freeze-2.5 Can't remove freeze-2.5 without also removing: amavisd-new-2.6.2 *** Error code 1 (ignored) Really strange. Like I said, I installed amavisd-new via ports (which brought in freeze). Then 'pkg_add -u' upgraded amavisd-new using packages. Now those packages that need to be upgraded via ports (freeze) cannot do so without first removing amavisd-new! What does one do in such cases? -- jm
Segmentation fault (Core dumped) when Make Build
Hi Guys, When upgrading my OBSD 4.5-beta machine, I got === usr.sbin/bind PATH=/bin:/usr/bin:/sbin:/usr/sbin CC=cc CFLAGS=-O2 -pipe LDFLAGS= INSTALL_PROGRAM=install -c -s sh /usr/src/usr.sbin/bind/configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --disable-shared --disable-threads --disable-openssl-version-check Segmentation fault (core dumped) *** Error code 139 Stop in /usr/src/usr.sbin/bind (line 70 of /usr/src/usr.sbin/bind/Makefile.bsd-wrapper). *** Error code 1 Stop in /usr/src/usr.sbin (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src (line 48 of /usr/share/mk/bsd.subdir.mk). *** Error code 1 Stop in /usr/src (line 73 of Makefile). on line 70 /usr/src/usr.sbin/bind/Makefile.bsd-wrapper would be; 66: config.status: 67:PATH=/bin:/usr/bin:/sbin:/usr/sbin \ 68:${XCFLAGS} \ 69:INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ 70:sh ${.CURDIR}/configure ${CONFIGURE_OPTS} Any suggestions is much appreciated. Thanks, Insan -- insandotpraja(at)gmaildotcom
Segmentation fault (Core dumped) when Make Build
Hi Misc, Forgot to include the dmesg; OpenBSD 4.5-beta (GENERIC) #61: Wed Feb 11 13:33:23 WIT 2009 r...@greenbridgevpn.mygreenlinks.net:/usr/src/sys/arch/i386/compile/GENERIC RTC BIOS diagnostic error dfixed_disk,invalid_time cpu0: Intel(R) Xeon(R) CPU E3110 @ 3.00GHz (GenuineIntel 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S SE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR real mem = 2143842304 (2044MB) avail mem = 206478 (1969MB) RTC BIOS diagnostic error dfixed_disk,invalid_time mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/12/07, SMBIOS rev. 2.5 @ 0x7fdfd000 (63 entries) bios0: vendor Intel Corporation version S3200X38.86B.00.00.0045.082820081329 date 08/28/2008 bios0: Intel Corporation S3210SH acpi0 at bios0: rev 2 acpi0: tables DSDT SLIC FACP APIC WDDT MCFG HPET SPCR SSDT SSDT SSDT SSDT SSDT HEST BERT ERST EINJ DMAR acpi0: wakeup devices SLPB(S5) NPE1(S5) NPE6(S5) P32_(S5) PS2M(S1) PS2K(S1) ILAN(S5) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) PEX4(S5) PEX5(S5) UHC1(S1) UHC2(S1) UHC3(S1) UHC4(S1) EHCI(S1) EHC2(S1) UH42(S1) UHC5(S1) UHC6(S1) AZAL(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 332MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 5 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 5 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (NPE1) acpiprt2 at acpi0: bus -1 (NPE6) acpiprt3 at acpi0: bus 3 (P32_) acpiprt4 at acpi0: bus 1 (PEX0) acpiprt5 at acpi0: bus -1 (PEX1) acpiprt6 at acpi0: bus -1 (PEX2) acpiprt7 at acpi0: bus -1 (PEX3) acpiprt8 at acpi0: bus 2 (PEX4) acpiprt9 at acpi0: bus -1 (PEX5) acpicpu0 at acpi0: FVS, 3000, 2000 MHz acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000 ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 3200/3210 Host rev 0x00 em0 at pci0 dev 25 function 0 Intel ICH9 IGP AMT rev 0x02: apic 5 int 20 (irq 11), address 00:15:17:28:2a:d3 uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 5 int 18 (irq 9) uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 5 int 21 (irq 10) ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 5 int 17 (irq 10) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb0 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x02: apic 5 int 17 (irq 11) pci1 at ppb0 bus 1 em1 at pci1 dev 0 function 0 Intel PRO/1000 PT (82571EB) rev 0x06: apic 5 int 16 (irq 11), address 00:15:17:86:53:14 em2 at pci1 dev 0 function 1 Intel PRO/1000 PT (82571EB) rev 0x06: apic 5 int 17 (irq 10), address 00:15:17:86:53:15 ppb1 at pci0 dev 28 function 4 Intel 82801I PCIE rev 0x02: apic 5 int 17 (irq 11) pci2 at ppb1 bus 2 vga1 at pci2 dev 0 function 0 Matrox MGA G200e (ServerEngines) rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) uhci2 at pci0 dev 29 function 0 Intel 82801I USB rev 0x02: apic 5 int 23 (irq 11) uhci3 at pci0 dev 29 function 1 Intel 82801I USB rev 0x02: apic 5 int 19 (irq 11) uhci4 at pci0 dev 29 function 2 Intel 82801I USB rev 0x02: apic 5 int 18 (irq 9) ehci1 at pci0 dev 29 function 7 Intel 82801I USB rev 0x02: apic 5 int 23 (irq 11) usb1 at ehci1: USB revision 2.0 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0x92 pci3 at ppb2 bus 3 skc0 at pci3 dev 0 function 0 D-Link Systems DGE-530T B1 rev 0x11, Yukon Lite (0x9): apic 5 int 16 (irq 11) sk0 at skc0 port A: address 00:1c:f0:0f:4d:05 eephy0 at sk0 phy 0: 88E1011 Gigabit PHY, rev. 5 skc1 at pci3 dev 1 function 0 D-Link Systems DGE-530T B1 rev 0x11, Yukon Lite (0x9): apic 5 int 17 (irq 10) sk1 at skc1 port A: address 00:1c:f0:d1:a3:5d eephy1 at sk1 phy 0: 88E1011 Gigabit PHY, rev. 5 em3 at pci3 dev 2 function 0 Intel PRO/1000MT (82541GI) rev 0x05: apic 5 int 18 (irq 9), address 00:15:17:28:2a:d1 ichpcib0 at pci0 dev 31 function 0 Intel 82801IR LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 2 Intel 82801I SATA rev 0x02: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using apic 5 int 21 (irq 10) for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: MAXTOR STM380215AS wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801I SMBus rev 0x02: apic 5 int 18 (irq 9) iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5 pciide1 at pci0 dev 31 function 5 Intel