Pedido de remoção da lista Novos

[Novidades Acqua Lisboa]

  recebemos um pedido de remogco do seu enderego misc@openbsd.org na lista 
Novos. Por favor, clique no seguinte enderego para confirmar que pretende 
anular a sua subscrigco:
http://www.mktid.com/pub/rm.php?dodel=dodelu=2d50b65318l=1491

A Distancia

[Psicologia Social]

Por favor

Por favor, no responda este mail.

Si desea responder, hagalo a la direccion que figura al
pie.

 

 

 

 

 Inscripciones 2009

a partir del lunes 16 de febrero

  

Psicologia Social

 

 

  

SupervisionGeneral

Licenciada Diana Coblier

 

 

 

 Primera Escuela Virtual de Psicologia Social

Totalmente a Distancia

Para Hispano Parlantes de todo el pams y del mundo.

Tel. 011 - 48657124

  

 

Escuela  de Psicologia Social de Puerto Madryn

Coordina Silvina Savid

Presencial una vez por semana.

Telef.  02965 - 15 - 503239

 

 

Escuela  de Psicologia Social de Trelew

Coordina Marcela Narez

Presencial una vez por semana

Urquiza 458. Telef. 02965 - 15 - 576449

Lunes a Viernes de 18 a 21 horas.

 

 

Teorma y Ticnica Pichon Riviere

Certificados de Estudios avalados por la propia Institucion

Trabajo de Campo desde Primer Aqo

 

 

Inscripcion abierta desde el 16 de febrero

.

 

 

Para consultas por Internet, remitir mail a

fundaciontehuel...@hotmail.com

 

 

Si no desea seguir recibiendo nuestra info, por favor, mandar mail a

fundaciontehuel...@hotmail.com

con la palabra

remover

en el Asunto.
 

Re: wpa2 and osx

[damien . bergamini]

| hi list,
| i have a problem with wpa2 and osx. i could connect to the ap
| if i force it to use wpa1 only. all other wpaprotos gives a :
| WPA2(PSK,unknown/TKIP,AES/TKIP)
| while scanning with airport and the association failed. the test
| cases and dmesg could be found here:
| http://sumi.thepixelz.com/obsd/wpa-openbsd.txt

The unknown comes from the PSK-SHA-256 authentication protocol
supported by OpenBSD (this is a protocol defined in Draft 802.11w
that has a stronger key derivation function than the legacy
PSK-SHA1).  Unfortunately, some broken (non standard compliant)
supplicants are confused by unknown authentication protocols
and try to associate using 802.1X in this case.
I've seen this with Intel PRO/Set on XP too.
I'm not quite sure what to do since it's not OpenBSD fault at
all.  The current approach is that if a user specifies psk
with the wpaakms ifconfig command, both PSK-SHA1 and PSK-SHA-256
are advertised by the AP.  Maybe I should add psk-sha256 to the
list of supported values for wpaakms so that people who have
interoperability problems can disable PSK-SHA-256 with
wpaakms psk.  The default setting would be psk,psk-sha256.

Because we are approaching release, I will probably stop
advertising PSK-SHA-256 by default for 4.5 (AFAIK, only OpenBSD
clients are currently capable of selecting this authentication
protocol, although some very recent versions of wpa_supplicant
may support it too.)

Damien

Re: Openbsd 4.4 and openbgp current problems

[Insan Praja SW]

On Tue, 10 Feb 2009 17:39:50 +0700, Esa Kuusisto esa.kuusi...@gmail.com  
wrote:



Hi

I have samekind of panic problems with two different openbgp routers.
All I get panic: rtfree 2 before dump. I was searching if someone else
have samekind of problem via google and you're only one. My only
question is that did you get any solution for the problem?

Best Regards
-Esa Kuusisto

Hi,
I already send my PR, I haven't found any solution for this problem. On  
S3200 it panicked, on S3000AH it went freeze.

Thanks,


--
insandotpraja(at)gmaildotcom

Re: Problems with OpenBSD 4.4 amd64 install (solved)

[auto709563]

Yes, I did create a separate partition for /etc.
I did the install over without separate partition
for /etc, now it works. Thanks!

On Mon, 09 Feb 2009 14:30:33 +0100 Josh Grosse 
j...@jggimi.homeip.net wrote:
On Mon, 09 Feb 2009 13:38:47 +0100, auto709563 wrote
 I have installed 4.4 on amd64.
 
 When I boot up I get a pretty dmesg, followed by:
 
 Feb 9 18:52:43 init: cannot stat /etc/login.conf: No such file 
or 
 directory
 sh: /etc/rc: No such File or directory
 Feb 9 18:52:45 init: /etc/pwd.db: No such file or directory
 Enter pathname of shell or RETURN for sh:
 
 After this, I get a shell, but nothing but / seems mounted.
 
 I could not save the dmesg.

Very strange.  You have a kernel, and you have init(8), but it 
looks like
looks like /etc is missing or damaged.  Did you, by chance, create 

a separate
partition for /etc?  That could explain this, as /etc is needed in 

order to
boot multi-user.

--
Click for online loan, fast amp; no lender fee, approval today
 
http://tagline.hushmail.com/fc/PnY6qxtVWH9X6ypOhKQjRJXKzvvtV2a1rChpmYbaW63xyCIAZq0Kf/

Re: Tentakel and exec sudo ...

[Falk Brockerhoff - smartTERRA GmbH]

Am 08.02.2009 um 16:18 schrieb Todd C. Miller:


Do you know whether tentakel is running ssh with the -t flag or
not?


I think tentakel's running without this flag. In the file /etc/ 
tentakel.conf I can see:


# first section: global parameters
set ssh_path=/usr/bin/ssh

Adding a  -t at the end doesn't matter :-/


- todd


Regards,

Falk

Re: PF Executive Summary

[James Wright]

Morris, Roy rmorris at internetsecure.com writes:

 
 I need to create an executive summary of pf rules and I
 remember once seeing a link for a tool that read the rules
 and gave you back a 'checkpoint(ish)' output .. Anyone know
 the tool I am talking about or can recommend one? Otherwise
 I am stuck making stick drawings :)
 
 


I do not recall the tool, or one you could use, but perhaps
something could be written based off the yacc grammar*?  Have 
it output {svg,xmi,dot} or something.  I know that there are
tools in perl/CPAN to build a parser from a yacc grammar which 
might be helpful if you're more of a perl than C coder.

* /usr/src/sbin/pfctl/parse.y

Re: Problems with OpenBSD 4.4 amd64 install (solved)

[Otto Moerbeek]

On Tue, Feb 10, 2009 at 02:39:21PM +0100, auto709...@hushmail.com wrote:

 Yes, I did create a separate partition for /etc.
 I did the install over without separate partition
 for /etc, now it works. Thanks!

No suprise here: /etc contains important files to boot the system.
Other top level dirs that really should be in the root partition:
/bin, /sbin, /root and /dev. 

-Otto


 
 On Mon, 09 Feb 2009 14:30:33 +0100 Josh Grosse 
 j...@jggimi.homeip.net wrote:
 On Mon, 09 Feb 2009 13:38:47 +0100, auto709563 wrote
  I have installed 4.4 on amd64.
  
  When I boot up I get a pretty dmesg, followed by:
  
  Feb 9 18:52:43 init: cannot stat /etc/login.conf: No such file 
 or 
  directory
  sh: /etc/rc: No such File or directory
  Feb 9 18:52:45 init: /etc/pwd.db: No such file or directory
  Enter pathname of shell or RETURN for sh:
  
  After this, I get a shell, but nothing but / seems mounted.
  
  I could not save the dmesg.
 
 Very strange.  You have a kernel, and you have init(8), but it 
 looks like
 looks like /etc is missing or damaged.  Did you, by chance, create 
 
 a separate
 partition for /etc?  That could explain this, as /etc is needed in 
 
 order to
 boot multi-user.
 
 --
 Click for online loan, fast amp; no lender fee, approval today
  
 http://tagline.hushmail.com/fc/PnY6qxtVWH9X6ypOhKQjRJXKzvvtV2a1rChpmYbaW63xyCIAZq0Kf/

openBSD newbie: how to display INSTALL.arch during install

[Neoklis Kyriazis]

Hi,

I am new to *BSD and I am trying to instal openBSD 4.4 on an amd64
platform. I tried to find out how to have INSTALL.amd64 displayed
somewhere during installation (like opening a second console and using
less) but it seems that only one console is available during install.

Is there a way to have the installation notes handy apart from a dead
tree printout?

My thanks in advance.

-- 
Best regards


Neoklis  Ham Radio call 5B4AZ
Website: http://5b4az.chronos.org.uk/

Re: openBSD newbie: how to display INSTALL.arch during install

[Josh Grosse]

On Tue, 10 Feb 2009 16:52:08 +0200, Neoklis Kyriazis wrote

 Is there a way to have the installation notes handy apart from a 
 dead tree printout?

One can have the notes present in machine-readable form.  Handy?  No.  

The ramdisk kernel operates in single-user mode, so there is no alternate
console available.  But, one can escape to a subshell.  From there, one could
mount a foreign file system containing the document, and view it with less(1)
or more(1).  

One could also acquire it via ftp(1) over the network, but there is likely
insufficient freespace to save it in the RAM filesystem.  One could obviously
create a spare FFS filesystem to store the file, but then, if one could do
that, one would be familiar enough with OpenBSD to not need the installation
documentation anyway.

SOCKS proxy

[Tony Berth]

Dear List,

I have following case:

 -
 ||
--   | Firewall with Proxy:port [a2]
|
---
| client [a1]  | - ||
--(internet)-| Public accessible server with static IP
[a3]  |
--
'a1' connects only via browser to the internet after defining the proxy:port
of 'a2'

Is it possible to create a SOCKS Proxy from 'a1' to 'a3'?
If 'a1' wasn't blocked to the internet I would: ssh -p 443 -D 2000
userid@a3 but this command times out!
is a way to 'tell' to make use of the proxy in 'a2' and redirect all the
traffic?

Thanks

Tony

Re: openBSD newbie: how to display INSTALL.arch during install

[Jesus Sanchez]

Josh Grosse escribis:

On Tue, 10 Feb 2009 16:52:08 +0200, Neoklis Kyriazis wrote

  
Is there a way to have the installation notes handy apart from a 
dead tree printout?



One can have the notes present in machine-readable form.  Handy?  No.  


The ramdisk kernel operates in single-user mode, so there is no alternate
console available.  But, one can escape to a subshell.  From there, one could
mount a foreign file system containing the document, and view it with less(1)
or more(1).  


One could also acquire it via ftp(1) over the network, but there is likely
insufficient freespace to save it in the RAM filesystem.  One could obviously
create a spare FFS filesystem to store the file, but then, if one could do
that, one would be familiar enough with OpenBSD to not need the installation
documentation anyway.


  

O.o... another computer with screen near??

belive me, print out some pages would affect the subsistence of
trees, the paper factories use controlated environments with fast grown 
trees

species to don't cut forests (at least here in Spain).

Apache on 4.3 - problem with a Flash that no longer reads a 'text' file for data to display..

[K.R. (Randy) Lewis]

Well, up until our big upgrade in October  November (last) to OpenBSD 
4.3 we had
no problems with the standard Apache (httpd).

Now, there is an unexpected behavior for a couple of Web sites we host 
on these
OpenBSD 4.3 servers that reveals itself when a Flash object runs (from 
html code) that
reads a text file for some data to display as the flash runs, and when it
finishes its little animation.   The best example is our own Web site:  
http://www.rtmx.net
but, there are others (customer sites) I don't need to list here. They 
are on the same
servers - all behaving (now) this way.  No text file data read in during 
the Flash run.

Just look at the page source (for the site above) to see the standard 
Flash reference.
The text file it opens can be seen by looking at:  
http://www.rtmx.net/flash.txt
The Flash object runs its little animation, reads the text from the 
(above) file
and the displays it...normally.  Now, under a standard OpenBSD 4.3 it's 
a no go.

So, I'm hoping that someone has seen this 'new' behavior and resolved it 
with their
own site(s) running newer versions of OpenBSD + Apache (standard...not 
the Apache2).

Randy
---
httpd -V, followed by dmesg:
---
srv2# httpd -V
Server version: Apache/1.3.29 (Unix)
Server's Module Magic Number: 19990320:15
Server compiled with
 -D EAPI
 -D HAVE_MMAP
 -D HAVE_SHMGET
 -D USE_MMAP_SCOREBOARD
 -D USE_MMAP_FILES
 -D HAVE_FLOCK_SERIALIZED_ACCEPT
 -D HAVE_SYSVSEM_SERIALIZED_ACCEPT
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D DYNAMIC_MODULE_LIMIT=64
 -D HARD_SERVER_LIMIT=256
 -D HTTPD_ROOT=/var/www
 -D SUEXEC_BIN=/usr/sbin/suexec
 -D DEFAULT_PIDLOG=logs/httpd.pid
 -D DEFAULT_SCOREBOARD=logs/httpd.scoreboard
 -D DEFAULT_LOCKFILE=logs/httpd.lock
 -D DEFAULT_ERRORLOG=logs/error_log
 -D TYPES_CONFIG_FILE=conf/mime.types
 -D SERVER_CONFIG_FILE=conf/httpd.conf
 -D ACCESS_CONFIG_FILE=conf/access.conf
 -D RESOURCE_CONFIG_FILE=conf/srm.conf
srv2#
---
srv2# dmesg
OpenBSD 4.3 (GENERIC.MP) #587: Wed Mar 12 11:21:57 MDT 2008
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Pentium(R) III CPU family 1133MHz (GenuineIntel 
686-class) 1.14 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem  = 3220733952 (3071MB)
avail mem = 3120955392 (2976MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/10/04, BIOS32 rev. 0 @ 0xffe90, 
SMBIOS rev. 2.3 @ 0xfb060 (55 entries)
bios0: vendor Dell Computer Corporation version A09 date 12/10/2004
bios0: Dell Computer Corporation PowerEdge 1550/1133
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC
acpi0: wakeup devices PCI0(S5) PCI2(S5)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 1 (boot processor)
cpu0: apic clock running at 132MHz
cpu1 at mainbus0: apid 0 (application processor)
cpu1: Intel(R) Pentium(R) III CPU family 1133MHz (GenuineIntel 
686-class) 1.14 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 16 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
ioapic1 at mainbus0: apid 3 pa 0xfec01000, version 11, 16 pins
ioapic1: misconfigured as apic 0, remapped to apid 3
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PCI1)
acpiprt2 at acpi0: bus 4 (PCI2)
acpicpu0 at acpi0
acpicpu1 at acpi0
bios0: ROM list: 0xc/0x8000 0xc8000/0x1400
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 ServerWorks CNB20HE Host rev 0x23
pci1 at pchb0 bus 1
ppb0 at pci1 dev 4 function 0 DEC 21154 PCI-PCI rev 0x05
pci2 at ppb0 bus 2
ppb1 at pci2 dev 0 function 0 DEC 21154 PCI-PCI rev 0x05
pci3 at ppb1 bus 3
ami0 at pci3 dev 0 function 0 AMI MegaRAID rev 0x20: apic 3 int 9 (irq 3)
ami0: Dell PERC3/DC, 64b/lhc, FW 199D, BIOS v3.35, 128MB RAM
ami0: 2 channels, 0 FC loops, 1 logical drives
scsibus0 at ami0: 40 targets
sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00,  SCSI2 0/direct fixed
sd0: 139760MB, 17816 cyl, 255 head, 63 sec, 512 bytes/sec, 286228480 sec 
total
scsibus1 at ami0: 16 targets
safte0 at scsibus1 targ 6 lun 0: DELL, 1x3 U2W SCSI BP, 1.21 SCSI2 
3/processor fixed
scsibus2 at ami0: 16 targets
QLogic ISP12160 rev 0x06 at pci2 dev 1 function 0 not configured
pchb1 at pci0 dev 0 function 1 ServerWorks CNB20HE Host rev 0x01
pchb2 at pci0 dev 0 function 2 ServerWorks CNB20HE Host rev 0x01
pchb3 at pci0 dev 0 function 3 ServerWorks CNB20HE Host rev 0x01
pci4 at pchb3 bus 4
ahc0 at pci4 dev 5 function 0 Adaptec AIC-7899 U160 rev 0x01: apic 3 
int 11 (irq 11)
scsibus3 at ahc0: 16 targets
ahc1 at pci4 dev 5 function 1 Adaptec AIC-7899 U160 rev 0x01: apic 3 
int 12 (irq 10)
scsibus4 at ahc1: 16 targets
ubsec0 at pci4 dev 6 function 0 Broadcom 5820 rev 0x10: 3DES MD5 SHA1 
RNG PK, apic 3 int 13 (irq 7)
fxp0 at pci0 dev 1 function 0 Intel 8255x rev 0x08, i82559: apic 3 int 
0 (irq 11), address 00:06:5b:3c:3d:e6
inphy0 at fxp0 phy 1: 

Silly serial console question

[Dave Wilson]

In my grandfather's attic (RIP) I unearthed one of these:

http://www.omnidatasys.net/product/spec_dataterminal_ti703.htm

which in a nutshell is a paper terminal which runs at 300 baud.

I figured it could be fun to set it up as a serial console on one of my
machines, and maybe useful if I left it tailing logfiles to a hard copy
or perhaps using it for a machine I have which keeps PANICing

So I edited the line in /etc/ttys for tty00 to be:

tty00   /usr/libexec/getty std.300vt100 on

and now (after some init HUPing) I get a login prompt, and it takes my
username. When I try and give it a password however, it turns off echo,
but it never seems to notice the carriage return. It just sits there. If
I send a break, it wakes up and says login incorrect, so it's not
completely died.

It's not worth expending any time or effort over, but I thought maybe
someone might be able to say Ha! You need hardware flow control! or
somesuch.

I just thought it might be cool to be able to come in in the morning an
tear off a list of errors from last night :-)

SD

sudo 1.6.9p20 patch in OPENBSD_4_3 and OPENBSD_4_4

[Brian A. Seklecki]

All:

Do we want to slip this into presently supported branches containing
1.6.9p17?  It's a quick patch:

http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2.22only_with_tag=SUDO_1_6_9

I tested it on -rOPENBSD_4_3.  Just be sure to nuke the version string.


$ more sudo_p20.patch 
===
RCS file: /home/anoncvs/cvs/sudo/parse.c,v
retrieving revision 1.160.2.21
retrieving revision 1.160.2.22
diff -u -p -r1.160.2.21 -r1.160.2.22
--- sudo/parse.c2008/11/02 14:35:53 1.160.2.21
+++ sudo/parse.c2009/01/28 00:50:01 1.160.2.22
@@ -651,9 +651,11 @@ usergr_matches(group, user, pw)
 /*
  * If the user has a supplementary group vector, check it first.
  */
-for (i = 0; i  user_ngroups; i++) {
-   if (grp-gr_gid == user_groups[i])
-   return(TRUE);
+if (strcmp(user, user_name) == 0) {
+   for (i = 0; i  user_ngroups; i++) {
+   if (grp-gr_gid == user_groups[i])
+   return(TRUE);
+   }
 }
 if (grp-gr_mem != NULL) {
for (cur = grp-gr_mem; *cur; cur++) {


sekle...@seawing:/usr/src/usr.bin$ sudo patch -p0  sudo_p20.patch 
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--
|===
|RCS file: /home/anoncvs/cvs/sudo/parse.c,v
|retrieving revision 1.160.2.21
|retrieving revision 1.160.2.22
|diff -u -p -r1.160.2.21 -r1.160.2.22
|--- sudo/parse.c   2008/11/02 14:35:53 1.160.2.21
|+++ sudo/parse.c   2009/01/28 00:50:01 1.160.2.22
--
Patching file sudo/parse.c using Plan A...
Hunk #1 succeeded at 606 (offset -45 lines).
done

ssh user keys

[stan]

Given multiple client machines that I wish to allow password less login to a
given target machine. Should I generate unique keys for the users on each
client machine, or should I use the same _user_ keys for each client
machine.

-- 
One of the main causes of the fall of the roman empire was that, lacking
zero, they had no way to indicate successful termination of their C
programs.

Re: Silly serial console question

[Nick Bender]

On Tue, Feb 10, 2009 at 11:38 AM, Dave Wilson
richard.wil...@senokian.com wrote:
 In my grandfather's attic (RIP) I unearthed one of these:

 http://www.omnidatasys.net/product/spec_dataterminal_ti703.htm

 which in a nutshell is a paper terminal which runs at 300 baud.

 I figured it could be fun to set it up as a serial console on one of my
 machines, and maybe useful if I left it tailing logfiles to a hard copy
 or perhaps using it for a machine I have which keeps PANICing

 So I edited the line in /etc/ttys for tty00 to be:

 tty00   /usr/libexec/getty std.300vt100 on

 and now (after some init HUPing) I get a login prompt, and it takes my
 username. When I try and give it a password however, it turns off echo,
 but it never seems to notice the carriage return. It just sits there. If
 I send a break, it wakes up and says login incorrect, so it's not
 completely died.


I would try dumbing it down - a vt100 is a pretty complex beast.

Searching in /etc/termcap for paper yields tty33 and tty37 as options:

 Teletype (tty)
#
# These are the hardcopy Teletypes from before ATT bought the company,
# clattering electromechanical dinosaurs in Bakelite cases that printed on
# pulpy yellow roll paper.  If you remember these you go back a ways.
# Teletype-branded VDTs are listed in the ATT section.
#

I don't remeber these but I do have fond memories of  decwriters
clattering away in the CS lab. If those don't work you could
man 5 termcap and make up your own entry...

-N

Re: sudo 1.6.9p20 patch in OPENBSD_4_3 and OPENBSD_4_4

[Todd C. Miller]

In message 1234278635.17569.9.ca...@soundwave.ws.pitbpa0.priv.collaborativefus
ion.com
so spake Brian A. Seklecki (lavalamp):

 Do we want to slip this into presently supported branches containing
 1.6.9p17?  It's a quick patch:
 
 http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2.
 22only_with_tag=SUDO_1_6_9
 
 I tested it on -rOPENBSD_4_3.  Just be sure to nuke the version string.

I think this is worth doing, though the bug won't affect most
people's configuration.  -current is unaffected as it contains
sudo 1.7.0.

 - todd

Re: Silly serial console question

[Michael Grigoni]

Nick Bender wrote:

snip


 Teletype (tty)
#
# These are the hardcopy Teletypes from before ATT bought the company,
# clattering electromechanical dinosaurs in Bakelite cases that printed on
# pulpy yellow roll paper.  If you remember these you go back a ways.
# Teletype-branded VDTs are listed in the ATT section.
#



TTY 33 and 35 machines were _not_ in Bakelite cases (the cover was made
from a thermoplastic) and there aren't any entries in _this_ termcap file
for Model 28s and other earlier machines in metal cases.

If no one corrects this description, perhaps a patch to /etc/termcap is
in order?

Michael

OT: Free, online backup service provider compatible with BSD

[Steve B]

Can anyone recommend one of the free, online backup service providers? I
would like to tar up all of my config files, custom scripts, etc any time
they change and then upload them to some place offsite. I do not need a lot
of space1GB would be more than sufficient. It would need to be a service
that I can use SSH, FTP or some other protocol to transfer the data.

Steve

Re: OT: Free, online backup service provider compatible with BSD

[Marti Martinez]

I use getdropbox.com; 2gb free. They have windows and Mac clients, and
when I last checked they were planning to have a *nix client, but if
you're planning to tar things, their web interface should be more than
adequate. I can't vouch for their trustworthiness, but they seems to
have a decent handle on putting together a reasonably secure setup.

On Tue, Feb 10, 2009 at 1:57 PM, Steve B stev...@gmail.com wrote:
 Can anyone recommend one of the free, online backup service providers? I
 would like to tar up all of my config files, custom scripts, etc any time
 they change and then upload them to some place offsite. I do not need a lot
 of space1GB would be more than sufficient. It would need to be a service
 that I can use SSH, FTP or some other protocol to transfer the data.

 Steve





-- 
Systems Programmer, Principal
Electrical  Computer Engineering
The University of Arizona
ma...@arizona.edu

Re: OT: Free, online backup service provider compatible with BSD

[L. V. Lammert]

At 01:57 PM 2/10/2009 -0700, Steve B wrote:

Can anyone recommend one of the free, online backup service providers? I
would like to tar up all of my config files, custom scripts, etc any time
they change and then upload them to some place offsite. I do not need a lot
of space1GB would be more than sufficient. It would need to be a service
that I can use SSH, FTP or some other protocol to transfer the data.

Steve


Why not rsync/rshapshot  your own USB drive?

Lee

Re: OT: Free, online backup service provider compatible with BSD

[Ted Unangst]

On Tue, Feb 10, 2009 at 3:57 PM, Steve B stev...@gmail.com wrote:
 Can anyone recommend one of the free, online backup service providers? I
 would like to tar up all of my config files, custom scripts, etc any time
 they change and then upload them to some place offsite. I do not need a lot
 of space1GB would be more than sufficient. It would need to be a service
 that I can use SSH, FTP or some other protocol to transfer the data.

bitbucket, github, ...

Re: OT: Free, online backup service provider compatible with BSD

[Jason Dixon]

On Tue, Feb 10, 2009 at 01:57:31PM -0700, Steve B wrote:
 Can anyone recommend one of the free, online backup service providers? I
 would like to tar up all of my config files, custom scripts, etc any time
 they change and then upload them to some place offsite. I do not need a lot
 of space1GB would be more than sufficient. It would need to be a service
 that I can use SSH, FTP or some other protocol to transfer the data.

If you have a *nix system at home and connectivity to your server,
there's no reason not to just pull your backups down.  Here is a basic
script I use for my own server.

=
#!/bin/sh

# DayOfWeek
DOW=`date +%w`
DATE=`date +%Y%m%d`

ssh r...@foobar.com dump ${DOW}ufa - / | /usr/local/bin/bzip2 | \
dd of=/backups/dumps/colo2-root-${DOW}-${DATE}.bz2
ssh r...@foobar.com dump ${DOW}ufa - /home | /usr/local/bin/bzip2 | \
dd of=/backups/dumps/colo2-home-${DOW}-${DATE}.bz2
ssh r...@foobar.com dump ${DOW}ufa - /var | /usr/local/bin/bzip2 | \
dd of=/backups/dumps/colo2-var-${DOW}-${DATE}.bz2

=

-- 
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/

Re: usr.sbin/wake removal

[Brynet]

Hey,

The removal of this utility is unfortunate, but not the end of the
world.. the ports database at openports.se didn't list net/wol but I
contacted them and they gratefully corrected it.

Still, having such functionality in the base system.. without
requiring devel/gettext.. would be nice. :-)

Could something like the following be considered? not as-is probably,
I'm not the best programmer on earth.. and maybe it should be part of
ping(1) instead?

Example: sudo ifconfig int wake 00:00:00:00:00:00

The code is respectfully copy  pasted from the old wake(8), written
by Marc Balmer/Eugene M. Kim.

-Brynet

[demime 1.01d removed an attachment of type application/octet-stream which had 
a name of ifconfig-wol.diff]

Re: spamd uatraps blacklist size

[Bob Beck]

* Peter N. M. Hansteen pe...@bsdly.net [2009-02-02 10:22]:
 Jose Fragoso inet_use...@samerica.com writes:
 
  This list has gone quite small in size recently. The size changed from
  above 10 IP addresses to only 1 now. Could it be because
  University of Alberta is not being targeted so often anymore? Or is
  it because they have become more selective in trapping addresses?
 
 I actually think that you are seeing a decrease in the number of
 active spam senders.  Other greytrappers (like my robot helpers) have
 seen a decrease in trapped hosts too.  This could the effect of events
 like the McColo takedown last November, and possibly other less
 publicized events could have helped too.  
 
 There is even a tiny possibility that some former spam senders have
 come under a more sensible sysadmin regime, and we can even hope that
 our greytrapping and 'name and shame' efforts are having some effect.
 We can dream, can't we?
 

A little of both. 

In fact the list at 10K was probably an anomoly - I briefly partly broke it
when I was shufflign machines around so you didn't get them all :)  That's
since been changed.

Having said that my trapped volume is only around 35-40K hosts recently - but
this corresponds to my total smtp connection volume has decreased abotu 50 to 
60 percent
since the MrColo and other spambot holder shutdowns in november. I used to peak 
over
2 million total in a day, and now peak just under a million. 

You can see this quite graphically here:

http://bofh.ucs.ualberta.ca/cgi-bin/spam.cgi?days=125

(ignore the black line - it suffers from anomolies when my slaves do something
wrong... :)

Re: spamd uatraps blacklist size

[Bob Beck]

  it because they have become more selective in trapping addresses?


Oh and it's not because of this. We just managed to expire 66,000 
accounts
here which will only make the trapping get better ;) 

Re: usr.sbin/wake removal

[Brynet]

I totally forgot about demime, shame on me.. :-)

Index: ifconfig.8
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
retrieving revision 1.173
diff -u -r1.173 ifconfig.8
--- ifconfig.8  12 Dec 2008 22:09:26 -  1.173
+++ ifconfig.8  10 Feb 2009 22:50:27 -
@@ -412,6 +412,15 @@
 It happens automatically when setting the first address on an interface.
 If the interface was reset when previously marked down,
 the hardware will be re-initialized.
+.It Cm wake Ar etheraddr
+Sends a Wake on LAN (WoL) frame over a local Ethernet network using a
+link-layer (hardware) address.
+.Ar etheraddr
+is the link layer address of the remote machine
+and can be specified as an actual hardware address
+(six hexadecimal numbers separated by colons)
+or as a hostname entry in
+.Pa /etc/ethers .
 .El
 .Pp
 .Nm
@@ -1237,6 +1246,7 @@
 .Xr hostname.if 5 ,
 .Xr hosts 5 ,
 .Xr networks 5 ,
+.Xr ethers 5 ,
 .Xr rc 8 ,
 .Xr tcpdump 8
 .Sh HISTORY
Index: ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.211
diff -u -r1.211 ifconfig.c
--- ifconfig.c  6 Feb 2009 22:07:04 -   1.211
+++ ifconfig.c  10 Feb 2009 22:50:28 -
@@ -64,6 +64,9 @@
 #include sys/socket.h
 #include sys/ioctl.h

+#ifndef SMALL
+#include net/bpf.h
+#endif /* SMALL */
 #include net/if.h
 #include net/if_dl.h
 #include net/if_media.h
@@ -98,6 +101,9 @@
 #include ctype.h
 #include err.h
 #include errno.h
+#ifndef SMALL
+#include fcntl.h
+#endif /* SMALL */
 #include stdio.h
 #include stdlib.h
 #include string.h
@@ -240,7 +246,22 @@
 void   unsetpflow_sender(const char *, int);
 void   setpflow_receiver(const char *, int);
 void   unsetpflow_receiver(const char *, int);
+
+#ifndef BPF_PATH_FORMAT
+#define BPF_PATH_FORMAT /dev/bpf%u
+#endif
+#ifndef SYNC_LEN
+#define SYNC_LEN 6
 #endif
+#ifndef DESTADDR_COUNT
+#define DESTADDR_COUNT 16
+#endif
+void   wolhandler(const char *, int);
+intget_bpf(void);
+intbind_if_to_bpf(char const *, int);
+intget_ether(char const *, struct ether_addr *);
+intsend_wakeup(int, struct ether_addr const *);
+#endif /* SMALL */

 /*
  * Media stuff.  Whenever a media command is first performed, the
@@ -409,7 +430,8 @@
{ -flowsrc,   1,  0,  unsetpflow_sender },
{ flowdst,NEXTARG,0,  setpflow_receiver },
{ -flowdst, 1,0,  unsetpflow_receiver },
-#endif
+   { wake,   NEXTARG,0,  wolhandler },
+#endif /* SMALL */
{ NULL, /*src*/ 0,  0,  setifaddr },
{ NULL, /*dst*/ 0,  0,  setifdstaddr },
{ NULL, /*illegal*/0,   0,  NULL },
@@ -4572,3 +4594,104 @@
warn(SIOCSIFLLADDR);
 }

+#ifndef SMALL
+void
+wolhandler(const char *addr, int param)
+{
+   int bpf;
+   struct ether_addr macaddr;
+
+   bpf = get_bpf();
+   if (bpf == -1 ||
+   bind_if_to_bpf(name, bpf) == -1 ||
+   get_ether(addr, macaddr) == -1 ||
+   send_wakeup(bpf, macaddr) == -1) {
+   warn(error sending Wake on LAN frame over %s to %s,
+   name, addr);
+   }
+   (void)close(bpf);
+   return;
+}
+
+int
+get_bpf(void)
+{
+   int i, fd;
+   char path[MAXPATHLEN];
+
+   for (i = 0;; i++) {
+   if (snprintf(path, sizeof(path), BPF_PATH_FORMAT, i) == -1)
+   return -1;
+
+   fd = open(path, O_RDWR);
+   if (fd != -1)
+   return fd;
+   if (errno == EBUSY)
+   continue;
+   break;
+   }
+   return -1;
+}
+
+int
+bind_if_to_bpf(char const *ifname, int bpf)
+{
+   struct ifreq ifr;
+   u_int dlt;
+
+   if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) =
+   sizeof(ifr.ifr_name))
+   return -1;
+   if (ioctl(bpf, BIOCSETIF, ifr) == -1)
+   return -1;
+   if (ioctl(bpf, BIOCGDLT, dlt) == -1)
+   return -1;
+   if (dlt != DLT_EN10MB)
+   return -1;
+   return 0;
+}
+
+int
+get_ether(char const *text, struct ether_addr *addr)
+{
+   struct ether_addr *paddr;
+   paddr = ether_aton(text);
+   if (paddr != NULL) {
+   *addr = *paddr;
+   return 0;
+   }
+   if (ether_hostton(text, addr))
+   return -1;
+   return 0;
+}
+
+int
+send_wakeup(int bpf, struct ether_addr const *addr)
+{
+   struct {
+   struct ether_header hdr;
+   u_char data[SYNC_LEN + ETHER_ADDR_LEN * DESTADDR_COUNT];
+   } pkt;
+   u_char *p;
+   int i;
+   ssize_t bw;
+   ssize_t len;
+
+   (void)memset(pkt.hdr.ether_dhost, 0xff, sizeof(pkt.hdr.ether_dhost));
+   pkt.hdr.ether_type = htons(0);
+

Re: usr.sbin/wake removal

[Marc Balmer]

Am 10.02.2009 um 23:59 schrieb Brynet:


Hey,

The removal of this utility is unfortunate, but not the end of the
world.. the ports database at openports.se didn't list net/wol but I
contacted them and they gratefully corrected it.

Still, having such functionality in the base system.. without
requiring devel/gettext.. would be nice. :-)

Could something like the following be considered? not as-is probably,
I'm not the best programmer on earth.. and maybe it should be part of
ping(1) instead?

Example: sudo ifconfig int wake 00:00:00:00:00:00

The code is respectfully copy  pasted from the old wake(8), written
by Marc Balmer/Eugene M. Kim.


wake was added to the tree for some reason.
it was then removed for some reason.

now we look at what is the best place for this
functionality.

I'd honestly prefer if we could close the wake
discussion for now.  we will eventually come
up with a solution.




-Brynet

[demime 1.01d removed an attachment of type application/octet-stream  
which had a name of ifconfig-wol.diff]

Re: SSI support for thttpd?

[Brian Keefer]

On Feb 10, 2009, at 12:05 PM, Jakob Schlyter wrote:

actually, the ssi thingy is build but not included in the binary  
package. I've updated the port to include it.


jakob



I just wanted to let you know that I did a make update on the latest  
source and it worked great (macppc -current).


I copied ssi to a cgi-bin directory inside my document root and added - 
c '/cgi-bin/*' to thttpd command line.  It parses SSI statements  
intended for Apache just fine, with the slight nit that it expects the  
path to be relative to the cgi-bin when I use virtual as the include  
type.  I just created hardlinks to the included files and that solved  
the problem.


Thanks for the super-fast response!!!

As a silly aside, thttpd saved my tunnelbroker.net account.  They  
wanted me to put up a website to prove the tunnel belonged to me, and  
after hours of tweaking httpd.conf yielded only frustration, I  
installed thttpd and had it up and running in less than 10 minutes.


--
bk

Re: upgrading packages and ports, ugh

[Juan Miscaro]

2009/2/9 Markus Lude markus.l...@gmx.de:
 On Tue, Feb 10, 2009 at 03:02:28AM +0100, Ingo Schwarze wrote:
 Hi Juan,

 Juan Miscaro wrote on Mon, Feb 09, 2009 at 08:38:01PM -0500:

 [...]

  p5-IO-INET6-2.01p0
  freeze-2.5

 Don't know those two, sorry.

 net/p5-IO-INET6 was replaced by net/p5-IO-Socket-INET6 around the
 beginning of the year because the upstream CPAN package was renamed.

 If you already got p5-IO-Socket-INET6 installed while upgrading you may
 just remove the old p5-IO-INET6 package if it isn't needed anymore.

 Regards,
 Markus



Thanks everyone for these responses.

I've since tried to reinstall (make reinstall) one of those ports and
it now cries:

=== archivers/freeze
===  Cleaning for freeze-2.5
/usr/sbin/pkg_delete  freeze-2.5
Can't remove freeze-2.5 without also removing:
amavisd-new-2.6.2
*** Error code 1 (ignored)

Really strange.

Like I said, I installed amavisd-new via ports (which brought in
freeze).  Then 'pkg_add -u' upgraded amavisd-new using packages.  Now
those packages that need to be upgraded via ports (freeze) cannot do
so without first removing amavisd-new!

What does one do in such cases?

--
jm

Segmentation fault (Core dumped) when Make Build

[Insan Praja SW]

Hi Guys,
When upgrading my OBSD 4.5-beta machine, I got
=== usr.sbin/bind
PATH=/bin:/usr/bin:/sbin:/usr/sbin  CC=cc CFLAGS=-O2 -pipe
LDFLAGS=  INSTALL_PROGRAM=install -c -s  sh  
/usr/src/usr.sbin/bind/configure --prefix=/usr  --localstatedir=/var   
--sysconfdir=/etc  --disable-shared  --disable-threads  
--disable-openssl-version-check

Segmentation fault (core dumped)
*** Error code 139

Stop in /usr/src/usr.sbin/bind (line 70 of  
/usr/src/usr.sbin/bind/Makefile.bsd-wrapper).

*** Error code 1

Stop in /usr/src/usr.sbin (line 48 of /usr/share/mk/bsd.subdir.mk).
*** Error code 1

Stop in /usr/src (line 48 of /usr/share/mk/bsd.subdir.mk).
*** Error code 1

Stop in /usr/src (line 73 of Makefile).

on line 70 /usr/src/usr.sbin/bind/Makefile.bsd-wrapper would be;

66: config.status:
67:PATH=/bin:/usr/bin:/sbin:/usr/sbin \
68:${XCFLAGS} \
69:INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \
70:sh ${.CURDIR}/configure ${CONFIGURE_OPTS}

Any suggestions is much appreciated.
Thanks,

Insan
--
insandotpraja(at)gmaildotcom

Segmentation fault (Core dumped) when Make Build

[Insan Praja SW]

Hi Misc,
Forgot to include the dmesg;

OpenBSD 4.5-beta (GENERIC) #61: Wed Feb 11 13:33:23 WIT 2009
r...@greenbridgevpn.mygreenlinks.net:/usr/src/sys/arch/i386/compile/GENERIC
RTC BIOS diagnostic error dfixed_disk,invalid_time
cpu0: Intel(R) Xeon(R) CPU E3110 @ 3.00GHz (GenuineIntel 686-class) 3 GHz
cpu0:  
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,S

SE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR
real mem  = 2143842304 (2044MB)
avail mem = 206478 (1969MB)
RTC BIOS diagnostic error dfixed_disk,invalid_time
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/12/07, SMBIOS rev. 2.5 @  
0x7fdfd000 (63 entries)
bios0: vendor Intel Corporation version  
S3200X38.86B.00.00.0045.082820081329 date 08/28/2008

bios0: Intel Corporation S3210SH
acpi0 at bios0: rev 2
acpi0: tables DSDT SLIC FACP APIC WDDT MCFG HPET SPCR SSDT SSDT SSDT SSDT  
SSDT HEST BERT ERST EINJ DMAR
acpi0: wakeup devices SLPB(S5) NPE1(S5) NPE6(S5) P32_(S5) PS2M(S1)  
PS2K(S1) ILAN(S5) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) PEX4(S5) PEX5(S5)  
UHC1(S1) UHC2(S1) UHC3(S1) UHC4(S1) EHCI(S1) EHC2(S1) UH42(S1) UHC5(S1)  
UHC6(S1) AZAL(S4)

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 332MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 5 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 5
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (NPE1)
acpiprt2 at acpi0: bus -1 (NPE6)
acpiprt3 at acpi0: bus 3 (P32_)
acpiprt4 at acpi0: bus 1 (PEX0)
acpiprt5 at acpi0: bus -1 (PEX1)
acpiprt6 at acpi0: bus -1 (PEX2)
acpiprt7 at acpi0: bus -1 (PEX3)
acpiprt8 at acpi0: bus 2 (PEX4)
acpiprt9 at acpi0: bus -1 (PEX5)
acpicpu0 at acpi0: FVS, 3000, 2000 MHz
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: PWRB
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x1000
ipmi at mainbus0 not configured
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Intel 3200/3210 Host rev 0x00
em0 at pci0 dev 25 function 0 Intel ICH9 IGP AMT rev 0x02: apic 5 int 20  
(irq 11), address 00:15:17:28:2a:d3
uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x02: apic 5 int 18  
(irq 9)
uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x02: apic 5 int 21  
(irq 10)
ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x02: apic 5 int 17  
(irq 10)

usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb0 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x02: apic 5 int 17  
(irq 11)

pci1 at ppb0 bus 1
em1 at pci1 dev 0 function 0 Intel PRO/1000 PT (82571EB) rev 0x06: apic  
5 int 16 (irq 11), address 00:15:17:86:53:14
em2 at pci1 dev 0 function 1 Intel PRO/1000 PT (82571EB) rev 0x06: apic  
5 int 17 (irq 10), address 00:15:17:86:53:15
ppb1 at pci0 dev 28 function 4 Intel 82801I PCIE rev 0x02: apic 5 int 17  
(irq 11)

pci2 at ppb1 bus 2
vga1 at pci2 dev 0 function 0 Matrox MGA G200e (ServerEngines) rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci2 at pci0 dev 29 function 0 Intel 82801I USB rev 0x02: apic 5 int 23  
(irq 11)
uhci3 at pci0 dev 29 function 1 Intel 82801I USB rev 0x02: apic 5 int 19  
(irq 11)
uhci4 at pci0 dev 29 function 2 Intel 82801I USB rev 0x02: apic 5 int 18  
(irq 9)
ehci1 at pci0 dev 29 function 7 Intel 82801I USB rev 0x02: apic 5 int 23  
(irq 11)

usb1 at ehci1: USB revision 2.0
uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1
ppb2 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0x92
pci3 at ppb2 bus 3
skc0 at pci3 dev 0 function 0 D-Link Systems DGE-530T B1 rev 0x11, Yukon  
Lite (0x9): apic 5 int 16 (irq 11)

sk0 at skc0 port A: address 00:1c:f0:0f:4d:05
eephy0 at sk0 phy 0: 88E1011 Gigabit PHY, rev. 5
skc1 at pci3 dev 1 function 0 D-Link Systems DGE-530T B1 rev 0x11, Yukon  
Lite (0x9): apic 5 int 17 (irq 10)

sk1 at skc1 port A: address 00:1c:f0:d1:a3:5d
eephy1 at sk1 phy 0: 88E1011 Gigabit PHY, rev. 5
em3 at pci3 dev 2 function 0 Intel PRO/1000MT (82541GI) rev 0x05: apic 5  
int 18 (irq 9), address 00:15:17:28:2a:d1
ichpcib0 at pci0 dev 31 function 0 Intel 82801IR LPC rev 0x02: PM  
disabled
pciide0 at pci0 dev 31 function 2 Intel 82801I SATA rev 0x02: DMA,  
channel 0 configured to native-PCI, channel 1 configured to native-PCI

pciide0: using apic 5 int 21 (irq 10) for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: MAXTOR STM380215AS
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
ichiic0 at pci0 dev 31 function 3 Intel 82801I SMBus rev 0x02: apic 5  
int 18 (irq 9)

iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5
spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5
pciide1 at pci0 dev 31 function 5 Intel