Re: Multiboot OpenBSD with Vista

[Bryan]

On Sat, May 16, 2009 at 04:19, Joachim Schipper
joac...@joachimschipper.nl wrote:
 On Fri, May 15, 2009 at 01:08:14PM +0430, MANI wrote:
 Hi,

 First of all you need to know I am running OpenBSD on my laptop and PC
 at home happily as sole OS, but unfortunately I need to dual boot my
 PC at Office because of some proprietary softwares we need at company,
 the other OS is Microsucks Windows Vista
 AFAIK one of the way of dual booting is to copy openbsd.pbr on Drive C
 of windows, but How can I make openbsd.pbr. and why I can not boot to
 OpenBSD using bootable cd ? boot  hd0a:/bsd not working for me.

 OpenBSD is on rwd0a - rwd0f and Vista is on rwd0g and rwd0h. If I go
 to shell on bootable cd and type:

 mount -t ffs /dev/wd0a /mnt

 I can mount wd0a wich is my root partition on /mnt and everythings
 seems ok. So what is the easiest solution to dual booting ?

 Many others have suggested various solutions, but I wrote up a solution
 I would consider easy at
 http://www.joachimschipper.nl/Dual-booting OpenBSD and Vista. (It
 wouldn't be the first time I loaned someone my laptop for a couple of
 minutes. Being able to say turn it on, select Windows is nicer than
 having to tell them which arcane incantations to enter...)

 A bootable CD should work too. I suppose you could do some tricks with
 VMWare and the like.

 But the above is what I use, and I've had no issues.

 B  B  B  B  B  B  B  B Joachim


I multi-boot Vista/OpenBSD on one of my homeservers.  I use GAG.  it
Just Works

http://gag.sourceforge.net/

Re: Why so cool OS doesn't have vuln database?

[Yuriy Grishin]

Thanks a lot!

TomC!E! BodEC!r wrote:

Read the FAQ please http://www.openbsd.org/stable.html

1) Get and update source code trough CVS
2) Rebuild kernel and boot with it
3) Rebuild binaries
4) Done

There was thread about it last month I think.You haven't packages
updated in -stable.You must use -current if you want updated
packages.Ofcourse,that you can update packages on -stable,but really
not all and you will be on your own in this case because FAQ :

Keeping Things in Sync
It is important to understand that OpenBSD is an Operating System,
intended to be taken as a whole, not a kernel with a bunch of
utilities stuck on. You must make sure your kernel, userland (the
supporting utilities and files) and ports tree are all in sync, or
unpleasant things will happen. Said another way (because people just
keep making the error), you can not run brand new ports on a month old
system, or rebuild a kernel from -current source and expect it to work
with a -release userland. Yes, this does mean you need to upgrade your
system if you want to run a new program which was added to the ports
tree today. Sorry, but again, OpenBSD has limited resources available.

One should also understand that the upgrade process is supported in
only one direction: from older to newer, and from -stable to -current.
You can not run 4.5-current (or a snapshot), then decide you are
living too dangerously, and step back to 4.5-stable. You are on your
own if you choose any path other than the supported option of
reloading your system from scratch, do not expect assistance from the
OpenBSD development team.

Yes, this does mean you should think long and hard before committing
yourself to using -current.

2009/5/17 Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru:
  

Martin Schrvder wrote:


2009/5/17, Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru:

  

B OpenBSD just uses different approach, got it.



It's not a technological problem.

Search the archives for discussions of security upgrades to ports.
In short: The devs all run current and such don't need it; not enough
users have stepped forward and started working on it.


  

How does updating-to-stable work?
It updates the kernel right (?)
Does it update installed packages?

--
Code cheap ($3 per an application)







--
http://www.openbsd.org/lyrics.html

  


--
Code cheap ($3 per an application)

Re: Why so cool OS doesn't have vuln database?

[Yuriy Grishin]

Indeed you're right. I've got the same experience with php5-gd library.
The audit program told that this library is vulnerable but there was no 
patch available.

So this message was about useless.
On the other hand in most cases this sort of applications could save 
admin's time.


TomC!E! BodEC!r wrote:

I tried this db app on DragonFly,but guess what.You installed
sudo,then you install this vulnerability-check and it say that you
installed sudo which has local security bug.So what was help for me
then?But if you are admin of some servers then you are reading about
security problems in similar important applications and it's on you to
fight with it.

2009/5/17 Yuriy Grishin grishin-mailing-li...@minselhoz.samara.ru:
  

Jacob Meuser wrote:


On Sun, May 17, 2009 at 09:16:17AM +0500, Yuriy Grishin wrote:

  

Jacob Meuser wrote:



On Sat, May 16, 2009 at 11:14:34PM +0500, Yuriy Grishin wrote:


  

On the other hand maintaining the database is extremely huge work.


  

Did it face some problems?



maintaining the database is extremely huge work.


  

It is for one guy.
It is not for the community.



exactly who is the community?


  

You and me and that guy.
Well, I've just realized that there would be an app like portupgrade in
addition to portaudit and vulnDB (it's even more work).
As I see (from your replicas) my question is burning but I didn't want to
offend anyone of you (I'm not trolling). This is because of I migrated from
FreeBSD and I'm a novice at OpenBSD.

OpenBSD just uses different approach, got it.

--
Code cheap ($3 per an application)






  


--
Code cheap ($3 per an application)

Re: Why so cool OS doesn't have vuln database?

[Janne Johansson]

Yuriy Grishin wrote:

Indeed you're right. I've got the same experience with php5-gd library.
The audit program told that this library is vulnerable but there was no 
patch available.

So this message was about useless.
On the other hand in most cases this sort of applications could save 
admin's time.


Ok, so make it work then:
1 Port the apps (easy)
2 Populate the database (huge work)
3 Build up trust so the average paranoid admin wants to use it (?)
4 Profit!

I await someone saving my admin time.


On the other hand maintaining the database is extremely huge work.

It is not for the community.

exactly who is the community?

You and me and that guy.

Re: Why so cool OS doesn't have vuln database?

[Yuriy Grishin]

Hi, Joachim

I've got that you wanted to say.
There are some tools for that are available.
The main problem is that they detect an intrusion *after* the server is 
compromised.
Intrusion detection systems are good but intrusion prevention systems 
are better.


Joachim Schipper wrote:

On Sun, May 17, 2009 at 03:04:18AM +0200, Ingo Schwarze wrote:
  

Hi Joachim, hi Yurij,

Joachim Schipper wrote on Sat, May 16, 2009 at 01:23:20PM +0200:


On Fri, May 15, 2009 at 10:39:06PM +0500, Yuriy Grishin wrote:
  

I've installed OpenBSD 4.5 on my home gateway.
Random pids and critical files permission are really cool.
I just confused a little bit because I haven't found any way
to check the vulnerabilities of my configuration.
Are there any?


This is not what you are asking for, but security(8) will run nightly
and check various files. This detects unsophisticated intruders and -
more importantly - makes it easy to spot and fix misconfigurations.
  

But be aware of this:

 $ man security | tail -n 7  
BUGS

 The name of this script may provide a false sense of security.

 There are perhaps an infinite number of ways the system can be
 compromised without this script noticing.



Of course.

  

Of course, it can be extended with your own critical files, if desired.
  

Actually, security(8), in contrast to daily(8)/weekly/monthly, does not
support security.local additions right now.  I don't see a pressing need
to implement that hook, either; it would be easy enough, though, just
adding the two lines

  next_part Running /etc/security.local:
  run_script security.local

at the very end of /etc/security does the trick.

Apart from that, i would recommend against locally modifying the script
/etc/security itself.  You can use daily.local for local additions.
Of course, you can also add files to the changelist(5).
Perhaps the latter is what you were hinting at.



Oh, I'm sorry, I should have been more clear.

security(8) runs mtree(8) on, amongst others, /etc/mtree/*.secure. Such
files can be freely added, no?

That is what I intended to say, but I didn't actually say it... sorry
for any confusion that may have resulted!

Joachim

Re: Why so cool OS doesn't have vuln database?

[Yuriy Grishin]

As I said it's unreal for a guy from a Russian village.
You may hit me for that but it's done in FreeBSD therefore it's 
possible.


Janne Johansson wrote:

Yuriy Grishin wrote:

Indeed you're right. I've got the same experience with php5-gd library.
The audit program told that this library is vulnerable but there was 
no patch available.

So this message was about useless.
On the other hand in most cases this sort of applications could save 
admin's time.


Ok, so make it work then:
1 Port the apps (easy)
2 Populate the database (huge work)
3 Build up trust so the average paranoid admin wants to use it (?)
4 Profit!

I await someone saving my admin time.


On the other hand maintaining the database is extremely huge work.

It is not for the community.

exactly who is the community?

You and me and that guy.

Re: Kylin

[ropers]

2009/5/18 (private) HKS hks.priv...@gmail.com:

 intellectual property

Hello oxymoron.

Re: old and new pf tandem test ---help

[Stuart Henderson]

Why come to an OpenBSD list asking about FreeBSD pf? I note that you
didn't come to ask about getting OpenBSD running on your new hardware.
(It might have been quite a simple thing to fix).

You'd be better off asking on a FreeBSD list or the general pf
list. Most of us here don't know FreeBSD pf. It's a bit different.
They don't track OpenBSD's code particularly closely (which is
newer and has more features) and we're not sure what works
and what doesn't in their code.


On 2009-05-18, mehma sarja mehmasa...@gmail.com wrote:
 Ingo and the rest of OpenBSD pf-ers,
 Thanks Ingo for your thoughts. Let me ask a simpler question, is there
 something wrong with the following line on a FreeBSD 7.2 pf?

 pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port =
 imaps flags S/SA modulate state

 Yudhvir

Re: Problem with pf/nat (bug?) and aliases in internal interface

[Stuart Henderson]

As a test, can you try it without using the 192.168.20.1-192.168.20.10
address range format, and see if that behaves any better? You can use
this instead: {192.168.20.0/29 192.168.20.8/31 192.168.20.10}



In gmane.os.openbsd.misc, you wrote:
 Scenario:

 int_if with two ip addresses in two differents lans  (192.168.20.254,
 192.168.21.254).
 more aliases in the external interfaces

 nat rules: every 10 internals ip use an external address for the nat.

 everything works fine, except for the second internal ip address. ip
 from 192.168.21.0/24 are natted with rules of net 192.168.20.0/24

 machines from internal lan use .20.254 or .21.254 as a gateway.
 p.s.
 both of them works, but second ones use wrong nat.

 # uname -mprs
 OpenBSD 4.4 amd64 Intel(R) Xeon(R) CPU 5110 @ 1.60GHz

 # pfctl -vsr
 pass in log quick on bnx1 inet from 192.168.20.0/24 to any flags S/SA keep 
 state
   [ Evaluations: 61921 Packets: 370618Bytes: 216808002   States: 4230 
  ]
   [ Inserted: uid 0 pid 12418 State Creations: 23774 ]
 pass in log quick on bnx1 inet from 192.168.21.0/24 to any flags S/SA keep 
 state
   [ Evaluations: 628   Packets: 13136 Bytes: 10432453States: 117  
  ]
   [ Inserted: uid 0 pid 12418 State Creations: 202   ]

 # pfctl -vvsn | grep -A2 -e '@0' -e '@24' -e '@25'
 @0 nat on bnx0 inet from 192.168.20.1 - 192.168.20.10 to any - xxx.xxx.xxx.1
   [ Evaluations: 34016 Packets: 57999 Bytes: 23576755States: 803  
  ]
   [ Inserted: uid 0 pid 12418 State Creations: 5402  ]
 @24 nat on bnx0 inet from 192.168.20.241 - 192.168.20.254 to any -
 xxx.xxx.xxx.25
   [ Evaluations: 1079  Packets: 3353  Bytes: 1489982 States: 79   
  ]
   [ Inserted: uid 0 pid 12418 State Creations: 179   ]
 @25 nat on bnx0 inet from 192.168.21.1 - 192.168.21.10 to any - 
 xxx.xxx.xxx.26
   [ Evaluations: 793   Packets: 0 Bytes: 0   States: 0
  ]
   [ Inserted: uid 0 pid 12418 State Creations: 0 ]


 -- 
 Cris, member of G.U.F.I
 Italian FreeBSD User Group
 http://www.gufi.org/

Re: Problem with pf/nat (bug?) and aliases in internal interface

[Cristiano Deana]

On 5/18/09 9:46 AM, Stuart Henderson wrote:


As a test, can you try it without using the 192.168.20.1-192.168.20.10
address range format, and see if that behaves any better? You can use
this instead: {192.168.20.0/29 192.168.20.8/31 192.168.20.10}


I already tried with 192.168.21.1, 192.168.21.2 and with a table.
Nothing change in nat rules.

--
Cristiano Deana - FreeCRIS
Ho iniziato a usare FreeBSD perche' m$ usava me. ed e' spiacevole

Por favor leiam. apelo de mae....

[vanessa de oliveira terra]

POR FAVOR. LEIAM !!

Deixo com vocjs um apelo de mce, estou completamente desesperada.
O meu filho se chama Igor de Oliveira terra tem 5 anos de idade,
desapareceu no
dia 10 de fevereiro de 2009 na cidade de belo horizonte.

Estou usando de todas as formas para encontrar meu filho,
por isso venho atravez deste e-mail pedir POR FAVOR, para que olhem
o video e fotos com carinho, depois repassem para seus amigos e parentes.

Video gravado, em sua festa de 5 anos de idade:
Igor de Oliveira terra_video(517,3 KB)

Todas as fotos tiradas de Igor de Oliveira terra que podem ajudar:
Igor de Oliveira terra_fotos(238,17 KB)

Oferecemos uma gratificagco para quem possa nos dar qualquer notmcia,
do paradeiro do Igor.

Email para contato: vanessa...@uol.com.br
Telefone: (31) 3236-8215

Associagco Brasileira de Criangas Desaparecidas
(0XX11) 3337-3331 ou 3337-3332, falar com Ivanice.

Re: Multiboot OpenBSD with legacy systems

[Mathias Schmocker]

Lars Nooden a icrit :

Peter Kay - Syllopsium wrote:

... provided it's given plenty (32 bit : 2GB, 64 bit : 4GB) of RAM. I favour
64bit, even if the driver support is less comprehensive and the memory
requirements are higher.


Both can be pretty bad.  I know very few stupid enough to try to use MS
Vista, but some of those have had the gall to complain to me that they
can't run larger apps without switching to XP.   XP ought to run much
better as a guest under Qemu, anyway.  Not that it should be condoned
either.

Anyway, there was a message about WINE last December:
http://kerneltrap.org/mailarchive/openbsd-misc/2008/12/28/4503544


I have to run V***A on my Laptop for work, and use dhcp with it :(

I found out that TrueCrypt make a fine bootloader too.

ESC at the TC password prompt, and it boots your OpenBSD installation happily !
YMMV

Mathias

Re: Package for kde4

[Jan Stary]

On May 18 02:42:07, Cem Kayali wrote:
 Hello!
 
 Could it be possible to include kde4 and its dependent ports into 
 (snapshot) packages, so that we can test it?

Sure. Go ahead.

Re: rt.fm CVS Mirror going funny?

[Duncan Patton a Campbell]

On Sun, 17 May 2009 03:29:13 -0400
Jeremy Huiskamp jer...@kamper.ca wrote:

 On 5/17/09 2:07 AM, Aaron W. Hsu wrote:
  Hey All,
  
  Has anyone else noticed issues with pulling src/sbin/ping/ping.c from 
  anon...@rt.fm:/cvs? I get this error 
  
  cvs [server aborted]: EOF while looking for end of string \
  in RCS file /cvs/src/sbin/ping/ping.c,v
  
  Does anyone know what might cause this? I tried removing it and refetching 
  it, as well as using the -C option.
  
 
 Yes, always in that spot.  I stopped using this mirror a while ago 
 because of this.
 
 

Something odd about that hostname rt.fm, I'd say.

Dhu

Re: OpenBSD 3.4 hanging after boot

[Duncan Patton a Campbell]

On Sat, 16 May 2009 15:46:35 -0400
Nick Holland n...@holland-consulting.net wrote:

 
 Also...32M would be about the minimum amount of RAM you would want to
 install on at the moment.  If you don't have much of a scrap pile, you
 may have difficulty expanding old machines to the useful minimum.
 
 Nick.
 
 

16M will generally work.

Dhu

Re: Raid controller?

[Duncan Patton a Campbell]

On Fri, 15 May 2009 20:40:44 -0600 (MDT)
Theo de Raadt dera...@cvs.openbsd.org wrote:

 On Fri, 15 May 2009, Chuck Robey wrote:
 
  I'm currently trying to verify something, because while I know makefiles 
  really
  well, the ones for the FreeBSD kernel are too indirect for me, so I can't 
  yet
  verify about the twa driver.
 
 Doesn't make any difference, 3Ware was abandoned by the project many years
 ago due to lack of support. There are many compatible cards out there:
 
  http://openbsd.org/i386.html#hardware
 
 Compare the drivers with the with bioctl compatibility list.
 
 No kidding.
 
 If any of the people we talked to at 3ware weren't such
 LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware

Hard words, Theo.  Do you think anyone you talked to 
could actually understand what you were sayin'?

Dhu

 as well as we support just about everything else in the
 industry.
 
 We did not put them into that lofty position of not being
 supported by OpenBSD.  They put themselves there.  If I
 was angry about it I might say I hope they are happy with
 the result, but the fact is I stopped caring about it ages
 ago.
 
 You came to this mailing list and you brought up 3ware
 because you don't know how to use google.

Re: OpenBSD 3.4 hanging after boot

[Otto Moerbeek]

On Mon, May 18, 2009 at 04:46:33AM -0600, Duncan Patton a Campbell wrote:

 On Sat, 16 May 2009 15:46:35 -0400
 Nick Holland n...@holland-consulting.net wrote:
 
  
  Also...32M would be about the minimum amount of RAM you would want to
  install on at the moment.  If you don't have much of a scrap pile, you
  may have difficulty expanding old machines to the useful minimum.
  
  Nick.
  
  
 
 16M will generally work.
 
 Dhu

Are you sure you want to run a system where even init gets paged out?
Nick is talking about a useful minimum.

-Otto

Re: Raid controller?

[Tony Abernethy]

Duncan Patton a Campbell wrote:
 On Fri, 15 May 2009 20:40:44 -0600 (MDT)
 Theo de Raadt dera...@cvs.openbsd.org wrote:
 
  
  If any of the people we talked to at 3ware weren't such
  LYING BAGS OF HYPOCRITICAL SHIT we'd support their hardware
 
 Hard words, Theo.  Do you think anyone you talked to 
 could actually understand what you were sayin'?
 
 Dhu
Some of us lurk on this list specifically to get a handle on
what hardware to avoid. 

FW: Raid controller?

[Michal]

Theo does have a point...you gain nothing from tip toeing around these
issues...especially when dealing with people like them 

-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of
Duncan Patton a Campbell
Sent: 18 May 2009 12:04
To: Theo de Raadt
Cc: chu...@telenix.org; l...@omnitec.net; ad...@bitwise.net; misc@openbsd.org
Subject: Re: Raid controller?

On Fri, 15 May 2009 20:40:44 -0600 (MDT) Theo de Raadt
dera...@cvs.openbsd.org wrote:

 On Fri, 15 May 2009, Chuck Robey wrote:
 
  I'm currently trying to verify something, because while I know 
  makefiles really well, the ones for the FreeBSD kernel are too 
  indirect for me, so I can't yet verify about the twa driver.
 
 Doesn't make any difference, 3Ware was abandoned by the project many 
 years ago due to lack of support. There are many compatible cards out
there:
 
  http://openbsd.org/i386.html#hardware
 
 Compare the drivers with the with bioctl compatibility list.
 
 No kidding.
 
 If any of the people we talked to at 3ware weren't such LYING BAGS OF 
 HYPOCRITICAL SHIT we'd support their hardware

Hard words, Theo.  Do you think anyone you talked to could actually
understand what you were sayin'?

Dhu

 as well as we support just about everything else in the industry.
 
 We did not put them into that lofty position of not being supported by 
 OpenBSD.  They put themselves there.  If I was angry about it I might 
 say I hope they are happy with the result, but the fact is I stopped 
 caring about it ages ago.
 
 You came to this mailing list and you brought up 3ware because you 
 don't know how to use google.

Re: Raid controller?

[Rod Whitworth]

On Mon, 18 May 2009 05:04:24 -0600, Duncan Patton a Campbell wrote:

Hard words, Theo.  Do you think anyone you talked to 
could actually understand what you were sayin'?

Dumb words, Dhu. Do you think anyone who reads this will think you
could understand what you were meaning if you did not read archival
research?
*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
/earth: write failed, file system is full
cp: /earth/creatures: No space left on device

Re: old and new pf tandem test ---help

[Henning Brauer]

* mehma sarja mehmasa...@gmail.com [2009-05-17 19:43]:
 I want to test two pf firewalls in-line - an old openBSD (3.7 #50, i386) is
 on the 'outside' and a new FreeBSD (7.2 #0 amd64) is on the 'inside.'

OpenBSD 3.7 and FreeBSD 7 are probably en par for pf.
pf in a recent OpenBSD however is more than twice as fast as it was in
the 3.7 days and gained a lot more you don't wanna miss.

pf on !OpenBSD is the starter drug. no more.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

Re: old and new pf tandem test ---help

[Henning Brauer]

* mehma sarja mehmasa...@gmail.com [2009-05-18 03:28]:
 Thanks Ingo for your thoughts. Let me ask a simpler question, is there
 something wrong with the following line on a FreeBSD 7.2 pf?
 
 pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port =
 imaps flags S/SA modulate state

how should we know what ancient parts of pf they use?

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg  Amsterdam

PROPOSSITION CONFIDENTIALE

[Deme Lamine]

You are invited to PROPOSSITION CONFIDENTIALE.


By your host Deme Lamine:


 Date:  Monday May 18, 2009

 Time:  12:00 pm - 1:00 pm (GMT +00:00)
 Location:  Cher Ami Bonjour, Je suis le Directeur en charge de 
l'audit Banque section de compte etrangee de la BANQUE INTERNATIONALE DU 
BURKINA (BIB), j'ai besoin de votre aide urgente dans le transfert de la somme 
de ($ 12,millions) Douze Millon de dollars americaine immidiatement ` votre 
compte.ci ga vous intersse je vous enverrons tous les ditails sur la fagon dont 
on va fait le demache et igalement noter que vous aurez 30% du montant indiqui 
ci-dessus si vous jtes d'accord pour m'aider ` exicuter cette

Guests:

 * kmo...@yahoo.ca
 * claudette200...@yahoo.ca
 * galandav...@gmail.com
 * j...@yahoo.ca
 * eco...@yahoo.fr
 * collectiflibe...@yahoo.ca
 * aaao...@yahoo.ca
 * eric.arse...@sympatico.ca
 * misc@openbsd.org
 * janea...@yahoo.com.ph
 * m...@yahoo.ca
 * immigrant_infos.can...@yahoo.ca
 * d.boisv...@usherbrooke.ca
 * siriusk...@yahoo.ca
 * eric.lapoin...@usherbrooke.ca
 * agent.donaldcar...@yahoo.ca
 * agent_donaldcart...@yahoo.com
 * eric.wilso...@yahoo.com
 * eric.wil...@rediffmail.com
 * eric.sir...@bellnet.ca
 * ell40are...@yahoo.com
 * paces312...@yahoo.ca
 * ericbern...@yahoo.ca
 * jcen...@videotron.ca
 * isabel.deslauri...@mail.mcgill.ca
 * l.s...@yahoo.ca
 * shawna.saint-p...@usherbrooke.ca
 * sams...@videotron.ca
 * ble...@tlb.sympatico.ca
 * claudebeaugrand2...@yahoo.ca
 * ebed...@teluq.uqam.ca
 * shekh...@yahoo.ca
 * mn.6ab67d8703758a1f.90...@wtablettes.net
 * aaaoutl...@yahoo.ca
 * eric.arsenea...@sympatico.ca
 * josiane_mela...@yahoo.ca
 * elannegr...@sympatico.ca
 * e_berthom...@yahoo.fr
 * pachoun2...@yahoo.ca
 * a...@magic.fr
 * aclsmar...@yahoo.ca
 * m.beauv...@videotron.ca
 * c85elc...@yahoo.fr
 * c85belangerjoce...@yahoo.ca
 * humsec...@yahoo.ca.
 * daphne_mar...@yahoo.ca
 * mottet.e...@uqam.ca
 * eric.2.lan...@hec.ca
 * pledge...@yahoo.ca
 * dori...@sympatico.ca
 * lamer...@hotmail.com
 * rocketf...@yahoo.ca
 * patrickm...@hotmail.com
 * clawd...@hotmail.com
 * jo_part...@yahoo.ca
 * thea...@hotmail.com
 * drmikep2...@yahoo.ca
 * val...@shaw.ca
 * peturs...@yahoo.com
 * greg_la_po...@yahoo.ca
 * chant...@etu.unige.ch
 * eric.bre...@umontreal.ca
 * mariechristinetaille...@yahoo.ca
 * chau.t...@ices.on.ca
 * eric.bosche...@mail.mcgill.ca
 * jd_camer...@yahoo.ca
 * uncle.j...@videotron.ca
 * livelyli...@yahoo.ca
 * jnr_ayo...@yahoo.ca
 * patrimo...@videotron.ca
 * ctk.e...@gmail.com
 * ericmoisanbouch...@yahoo.ca
 * moisanboucharde...@ddace.com
 * rik...@yahoo.ca
 * clano...@yahoo.ca
 * gaulle_pie...@hotmail.fr
 * salamy-unile...@yahoo.ca
 * triry...@yahoo.ca
 * trili...@hotmail.com
 * larab...@videotron.ca

invitation_add_to_your_yahoo_calendar:

 
http://calendar.yahoo.com/?v=60ST=20090518T12%2BTITLE=PROPOSSITION+CONFIDENTIALEDUR=0100VIEW=din_loc=Cher+Ami+Bonjour,+Je+suis+le+Directeur+en+charge+de+l%27audit+Banque+section+de+compte+etrangee+de+la+BANQUE+INTERNATIONALE+DU+BURKINA+(BIB),+j%27ai+besoin+de+votre+aide+urgente+dans+le+transfert+de+la+somme+de+($+12,millions)+Douze+Millon+de+dollars+americaine+imm%c3%a9diatement+%c3%a0+votre+compte.ci+%c3%a7a+vous+intersse+je+vous+enverrons+tous+les+d%c3%a9tails+sur+la+fa%c3%a7on+dont+on+va+fait+le+demache+et+%c3%a9galement+noter+que+vous+aurez+30%25+du+montant+indiqu%c3%a9+ci-dessus+si+vous+%c3%aates+d%27accord+pour+m%27aider+%c3%a0+ex%c3%a9cuter+cetteTYPE=10


Copyright ) 2009 All Rights Reserved
 www.yahoo.com

Privacy Policy:
 http://privacy.yahoo.com/privacy/us

Terms of Service:
 http://docs.yahoo.com/info/terms/

Re: old and new pf tandem test ---help

[Otto Moerbeek]

On Mon, May 18, 2009 at 02:51:34PM +0200, Henning Brauer wrote:

 * mehma sarja mehmasa...@gmail.com [2009-05-18 03:28]:
  Thanks Ingo for your thoughts. Let me ask a simpler question, is there
  something wrong with the following line on a FreeBSD 7.2 pf?
  
  pass in log quick on em0 inet proto tcp from any to 121.209.23.121 port =
  imaps flags S/SA modulate state
 
 how should we know what ancient parts of pf they use?

plus, pf rules have little meaning without context.

-Otto

OT Re: Kylin

[Diana Eichert]

On Sun, 17 May 2009, Nick Holland wrote:
SNIP

rant
I, for one, would appreciate government agencies taking a paranoid,
security-oriented approach to computer systems, rather than the
approach most governments and businesses are using, which seems to
boil down to, Security Second to Everything Else.  Or like this:
http://www.fcw.com/Articles/2009/05/07/Hacker-demands-ransom-for-data.aspx
where the only bad guy is the person who exploited an insecure
system, not the fools and assholes who left and CREATED it insecure
in the first place (you can tell them I said that).

SNIP

Nick

If anyone is interested you might take a read at this,
http://en.wikipedia.org/wiki/Shawn_Carpenter

I used to work down the hall from him.  Since both of us worked late
we'd share some coffee.  About the only thing I can say is he made the
strongest coffee I've ever drank.  :-)

diana

Past hissy-fits are not a predictor of future hissy-fits.
Nick Holland(06 Dec 2005)

Re: HD 'Analysis'

[Tobias Walkowiak]

On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote:
 
dd if=/dev/sd1c of=/dev/null bs=64k
^r
 
 Do yourself a favor and use the raw device.

why?

-- 
t.walkow...@wallstreet-online.de

Re: HD 'Analysis'

[Otto Moerbeek]

On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote:

 On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote:
  
 dd if=/dev/sd1c of=/dev/null bs=64k
 ^r
  
  Do yourself a favor and use the raw device.
 
 why?

Because you use block devices for mounting, and raw devices for
anything else. In some cases a block devices might work for a
particular purpose, but why take chances?

-Otto

OT Re: Kylin

[Jacob Yocom-Piatt]

Duncan Patton a Campbell wrote:



the chinese government really feels so vulnerable against U.S.?
i mean, they say it like the WWIII will begin soon and we need
to defend us on the cyberspace with our super-secure OS





They're prob'ly as worried about their own hacks as anyone elses,
but given they've built their own chip it's pretty clear they take
the problems with iNtel rom/microcode seriously enough.  Remember
the foo-rah when Sony came up with it's own 64bit chip?  All that
bs about Sadman buying up a gross of playstations 'cause they're
not trojaned with externally modifiable microcode ?
  



seriously, the OS cannot be anything worth writing home to momma about. 
that they choose to run the OS on special cpus is notable since nobody 
really knows what the bios hackers put into their special sauce. intel 
and amd are originally 'western' companies so i wouldn't trust their 
work product as far i could throw it if i were the chinese. speaking of 
which i don't trust the security of products manufactured in china and 
that's most hardware afaik.


i have speculated before that some hardware manufacturers intentionally 
leave exploitable problems in their products on purpose so the machines 
can be penetrated. it would not surprise me at all if this were the case.

Re: HD 'Analysis'

[Hannah Schroeter]

Hi!

On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote:
On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote:

dd if=/dev/sd1c of=/dev/null bs=64k
^r

 Do yourself a favor and use the raw device.

why?

If nothing else, it'll be much faster.

Kind regards,

Hannah.

Re: Why so cool OS doesn't have vuln database?

[Joachim Schipper]

On Mon, May 18, 2009 at 11:51:02AM +0500, Yuriy Grishin wrote:
 Hi, Joachim

 I've got that you wanted to say.
 There are some tools for that are available.
 The main problem is that they detect an intrusion *after* the server is  
 compromised.
 Intrusion detection systems are good but intrusion prevention systems  
 are better.

It is true that a properly updated database might reduce the window of
opportunity for an attacker (then again, so does regularly running
pkg_add -ui, or if you are willing to put in a little more work, reading
a list like Full-Disclosure and reacting to new vulnerabilities
immediately). However, if you cannot afford to be compromised, patch
management isn't going to help you: you'll have to run programs that
don't have holes in the first place.

This really isn't impossible, especially not for server-side software.

In other words, I personally don't really see the value of your proposed
database. As far as possible, I run secure software; and as far as
possible, I keep up to date on the latest known exploits for software
that I run.

Joachim

Re: HD 'Analysis'

[David Vasek]

On Mon, 18 May 2009, Otto Moerbeek wrote:


On Mon, May 18, 2009 at 03:21:25PM +0200, Tobias Walkowiak wrote:


On Tue, May 05, 2009 at 01:46:00PM +0200, Hannah Schroeter wrote:



  dd if=/dev/sd1c of=/dev/null bs=64k

   ^r

Do yourself a favor and use the raw device.


why?


Because you use block devices for mounting, and raw devices for
anything else. In some cases a block devices might work for a
particular purpose, but why take chances?


While this rule is probably right, a few tools, such as atactl(8) or 
smartctl from ports say something else in their respective man pages. 
Well, these two utilities are not handling the block themselves, but 
anyway. Is this a bug in the man pages?


Regads,
David

relayd - trunked web pages

[uday]

Hi,

I'm experiencing something very peculiar with relayd. I have relayd
for quite sometime in production and I'm observing on a long term that
relayd starts to trunk http responses and I don't seem to know why.
When I restart relayd everything starts working again. Can anyone
point to me a direction to where I can start looking to debug this
issue, eventually resolve it ?

Here is my relayd.conf

relayd_addr=192.168.172.77
https_port=443
http_port=80
table web_hosts { 192.168.223.58  }

interval 10
timeout 1000
prefork 5
log all

http protocol httpssl {
ssl { sslv3, tlsv1, ciphers MEDIUM:!ADH, no sslv2 }
header append $REMOTE_ADDR to X-Forwarded-For
}

http protocol httpsimple {
header append $REMOTE_ADDR to X-Forwarded-For
}

relay https-proxy {
listen on $relayd_addr port $https_port ssl
protocol httpssl
forward to web_hosts port $http_port mode loadbalance check
http / code 200
}

relay http-proxy {
listen on $relayd_addr port $http_port
protocol httpsimple
forward to web_hosts port $http_port mode loadbalance check
http / code 200
}

Here is my pf.conf:

ext_if = vic0
int_if = vic1
ext_ip = 192.168.172.77
ftp_ip  = 192.168.223.58


nat-anchor ftp-proxy/*
nat on $ext_if inet from $int_if - ($ext_if)

rdr-anchor relayd/*
rdr-anchor ftp-proxy/*
pass in on $ext_if inet proto tcp to $ext_ip port 21 flags S/SA keep state
pass out on $int_if inet proto tcp to $ftp_ip port 21 user proxy flags
S/SA keep state
pass in log (all, to pflog1) on $ext_if inet proto tcp to $ext_if port
21 keep state

anchor relayd/*
anchor ftp-proxy/*

UM

Re: Kylin

[(private) HKS]

2009/5/18 Toma Bodar tomas.bod...@gmail.com:
 Common,you think that big western companies which have support from
 western governments care about it?And please don't make white knight
 from western civilization.Everywhere are pros and cons.What type of
 copyright and intellectual property you think?Like Disney which have
 stories based on older stories,but he has law from government on it
 now so original makers has nothing and Disney takes all?And when end
 of this copyright is near some magic happen in government and Disney
 (and others) has next 20 or 50 years.Sounds very respectable for
 copyright and intellectual property of original authors ;-)

 Or maybe you think something like we have.When you create your own
 song and sing it to people somewhere outside of your flat you must pay
 to OSA(something like BSA terrorists,but local).WTH is that.Sounds
 really like care about my copyright - I must pay for my own song ;-)

 Informations are here for share and we can move forward thanks to
 them.If some idiot have patent on double-click then what?One developer
 must incorporated triple-click to his product,next four-click and so
 on?Sounds like history - Earth is just pancake and everyone who want
 to find another idea must use our idea or he will be killed and who
 use our idea without our licence will be killed too.Really we need
 those times back??

For Christ's sake, get off your fucking high horse. My quip was in
response to your implication that China chose a BSD license because it
fit better with their intentions than GPL or similar. As if they gave
a shit.

-HKS



 2009/5/18 (private) HKS hks.priv...@gmail.com:
 2009/5/17 Toma  Bod ar tomas.bod...@gmail.com:
 I know,that's why they choose BSD-style licenced OS ;-)

 Yes, because China's respect for copyright and intellectual property
 is legendary.

 -HKS


 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr:

 Do you really think Chineese governmnt make source public? Not all of
 course
 ;)

 Regards,




 Jesus Sanchez, 05/17/09 20:58:

 TomC!E! BodEC!r escribiC3:

 After quick search on web it looks like it's based on FreeBSD 5.3
 (initial version) with Windows like GUI.So it doesn't looks so secure
 now :-) But government agencies must have reason to receive money so
 why don't make wave about dangerous China with their new
 ultra-hyper-super secure system? Ofcourse that there can be
 interesting modifications.Maybe I will try it in Qemu :-)


 the chinese government really feels so vulnerable against U.S.?
 i mean, they say it like the WWIII will begin soon and we need
 to defend us on the cyberspace with our super-secure OS

 and after all they based it on FreeBSD? I'm a OpenBSD user and
 I really feel that I've enought privacy, don't need a
 super-secret-ultra-secure OS
 nor to say Made In China xD


 Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com
 napsal(a):


 Everyone can try it






http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu
 /


 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca:


 I just noticed this:

 http://www.physorg.com/news161355225.html

 about a secure os that's been under
 development in China since around 2k
 and is now being deployed by the Chinese
 Gov.

 Interestingly, it is built for a hardened
 CPU that, I'd guess, lacks many of the advanced
 features of iNTel architecture cpus.

 Anybody have any more info on this?

 Thanks,

 Dhu

Re: Kylin

[Fosforo]

I don't believe this is the final version... probably something
running under Godson/Loongson ?

http://en.wikipedia.org/wiki/Loongson

[]s Fosforo

On Mon, May 18, 2009 at 12:08 PM, (private) HKS hks.priv...@gmail.com
wrote:
 2009/5/18 Toma  Bod ar tomas.bod...@gmail.com:
 Common,you think that big western companies which have support from
 western governments care about it?And please don't make white knight
 from western civilization.Everywhere are pros and cons.What type of
 copyright and intellectual property you think?Like Disney which have
 stories based on older stories,but he has law from government on it
 now so original makers has nothing and Disney takes all?And when end
 of this copyright is near some magic happen in government and Disney
 (and others) has next 20 or 50 years.Sounds very respectable for
 copyright and intellectual property of original authors ;-)

 Or maybe you think something like we have.When you create your own
 song and sing it to people somewhere outside of your flat you must pay
 to OSA(something like BSA terrorists,but local).WTH is that.Sounds
 really like care about my copyright - I must pay for my own song ;-)

 Informations are here for share and we can move forward thanks to
 them.If some idiot have patent on double-click then what?One developer
 must incorporated triple-click to his product,next four-click and so
 on?Sounds like history - Earth is just pancake and everyone who want
 to find another idea must use our idea or he will be killed and who
 use our idea without our licence will be killed too.Really we need
 those times back??

 For Christ's sake, get off your fucking high horse. My quip was in
 response to your implication that China chose a BSD license because it
 fit better with their intentions than GPL or similar. As if they gave
 a shit.

 -HKS



 2009/5/18 (private) HKS hks.priv...@gmail.com:
 2009/5/17 Toma  Bod ar tomas.bod...@gmail.com:
 I know,that's why they choose BSD-style licenced OS ;-)

 Yes, because China's respect for copyright and intellectual property
 is legendary.

 -HKS


 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr:

 Do you really think Chineese governmnt make source public? Not all of
 course
 ;)

 Regards,




 Jesus Sanchez, 05/17/09 20:58:

 TomC!E! BodEC!r escribiC3:

 After quick search on web it looks like it's based on FreeBSD 5.3
 (initial version) with Windows like GUI.So it doesn't looks so secure
 now :-) But government agencies must have reason to receive money so
 why don't make wave about dangerous China with their new
 ultra-hyper-super secure system? Ofcourse that there can be
 interesting modifications.Maybe I will try it in Qemu :-)


 the chinese government really feels so vulnerable against U.S.?
 i mean, they say it like the WWIII will begin soon and we need
 to defend us on the cyberspace with our super-secure OS

 and after all they based it on FreeBSD? I'm a OpenBSD user and
 I really feel that I've enought privacy, don't need a
 super-secret-ultra-secure OS
 nor to say Made In China xD


 Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com
 napsal(a):


 Everyone can try it







http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu
 /


 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca:


 I just noticed this:

 http://www.physorg.com/news161355225.html

 about a secure os that's been under
 development in China since around 2k
 and is now being deployed by the Chinese
 Gov.

 Interestingly, it is built for a hardened
 CPU that, I'd guess, lacks many of the advanced
 features of iNTel architecture cpus.

 Anybody have any more info on this?

 Thanks,

 Dhu

Re: mp3 stick as both an mp3 stick and an obsd install

[ropers]

2009/5/17 Jan Stary h...@stare.cz:
 Scenario: 4.5 installed on Emtec 2GB-FM mp3 player, using 1G of the
 2G, the rest being 1G of FAT (a separate fdisk partition, labeled as sd0i).
 Everyting works BSD-wise, provided the machine I plug it in can boot off USB
 at all. Now, I still want to be able to use it as a mp3 player.

 I created newfs_msdos on sd0i, can copy files back and forth.
 But when I turn the mp3 player on then, it says 'no song found'.
 (The FM player works.)

 After I (put my quarantine gloves on and) plugged the player into
 a windows machine and repartitioned the 1g partition with win's
 'format', and copied some mp3's, the player _can_ see them and play
 them. If I newfs_msdos the partition again, the player cannot read it again.

 That makes me ask: is there something newfs_msdos doesn't that win
 FAT 'format' does that could be relevant to this? Did someone experience
 the same?

This may be stating the obvious, but I presume you're aware that all
FAT filesystems are not alike? newfs_msdos can create FAT12, FAT16,
and FAT32 partitions.

What kind of FAT partition did you create with Windows, and did you
create the same kind with newfs_msdos?

regards,
--ropers

Re: FW: Raid controller?

[Theo de Raadt]

  If any of the people we talked to at 3ware weren't such LYING BAGS OF 
  HYPOCRITICAL SHIT we'd support their hardware
 
 Hard words, Theo.  Do you think anyone you talked to could actually
 understand what you were sayin'?

I was not the only person who talked to 3Ware.  Over the last 10 years
numerous developers and users have gotten gotten enough hope to try to
talk to them, and have received promises of forthcoming documentation.

All of those promises were lies.  Every person we talked to at 3ware
is unaware what a promise means.  And it goes all the way up to
members of the board and the vice presidential level.  They are LYING
BAGS OF HYPOCRITICAL SHIT.

RAm capacity

[Gustavo Polillo]

in 4.5 release, what the RAM capacity ? 16,24,32,64GB?

Re: RAm capacity

[Claudio Jeker]

On Mon, May 18, 2009 at 02:19:30PM -0300, Gustavo Polillo wrote:
 in 4.5 release, what the RAM capacity ? 16,24,32,64GB?
 

64MB (on a sun4c)

-- 
:wq Claudio

Re: RAm capacity

[Miod Vallat]

  in 4.5 release, what the RAM capacity ? 16,24,32,64GB?
  
 
 64MB (on a sun4c)

Actually, with the memory expansion board, you can use up to 128MB.

Miod

Re: FW: Raid controller?

[Duncan Patton a Campbell]

On Mon, 18 May 2009 10:40:29 -0600
Theo de Raadt dera...@cvs.openbsd.org wrote:

   If any of the people we talked to at 3ware weren't such LYING BAGS OF 
   HYPOCRITICAL SHIT we'd support their hardware
  
  Hard words, Theo.  Do you think anyone you talked to could actually
  understand what you were sayin'?
 
 I was not the only person who talked to 3Ware.  Over the last 10 years
 numerous developers and users have gotten gotten enough hope to try to
 talk to them, and have received promises of forthcoming documentation.
 
 All of those promises were lies.  Every person we talked to at 3ware
 is unaware what a promise means.  And it goes all the way up to
 members of the board and the vice presidential level.  They are LYING
 BAGS OF HYPOCRITICAL SHIT.
 

Ok, a long history... sometimes I find it difficult to
differentiate malice from plain blind incompetence.

Dhu

Re: Kylin

[Duncan Patton a Campbell]

On Mon, 18 May 2009 11:08:33 -0400
(private) HKS hks.priv...@gmail.com wrote:

 2009/5/18 Toma Bodar tomas.bod...@gmail.com:
  Common,you think that big western companies which have support from
  western governments care about it?And please don't make white knight
  from western civilization.Everywhere are pros and cons.What type of
  copyright and intellectual property you think?Like Disney which have
  stories based on older stories,but he has law from government on it
  now so original makers has nothing and Disney takes all?And when end
  of this copyright is near some magic happen in government and Disney
  (and others) has next 20 or 50 years.Sounds very respectable for
  copyright and intellectual property of original authors ;-)
 
  Or maybe you think something like we have.When you create your own
  song and sing it to people somewhere outside of your flat you must pay
  to OSA(something like BSA terrorists,but local).WTH is that.Sounds
  really like care about my copyright - I must pay for my own song ;-)
 
  Informations are here for share and we can move forward thanks to
  them.If some idiot have patent on double-click then what?One developer
  must incorporated triple-click to his product,next four-click and so
  on?Sounds like history - Earth is just pancake and everyone who want
  to find another idea must use our idea or he will be killed and who
  use our idea without our licence will be killed too.Really we need
  those times back??

 For Christ's sake, get off your fucking high horse. My quip was in
 response to your implication that China chose a BSD license because it
 fit better with their intentions than GPL or similar. As if they gave
 a shit.


Actually I think their decision was quite telling.  The Chinese
Gove is not unaware of intellectual property concerns, they
just don't give a shit for western idiots who patent wonton balls.

Dhu



 -HKS


 
  2009/5/18 (private) HKS hks.priv...@gmail.com:
  2009/5/17 Toma  Bod ar tomas.bod...@gmail.com:
  I know,that's why they choose BSD-style licenced OS ;-)
 
  Yes, because China's respect for copyright and intellectual property
  is legendary.
 
  -HKS
 
 
  2009/5/17 Cem Kayali cemkay...@eticaret.com.tr:
 
  Do you really think Chineese governmnt make source public? Not all of
  course
  ;)
 
  Regards,
 
 
 
 
  Jesus Sanchez, 05/17/09 20:58:
 
  TomC!E! BodEC!r escribiC3:
 
  After quick search on web it looks like it's based on FreeBSD 5.3
  (initial version) with Windows like GUI.So it doesn't looks so
secure
  now :-) But government agencies must have reason to receive money so
  why don't make wave about dangerous China with their new
  ultra-hyper-super secure system? Ofcourse that there can be
  interesting modifications.Maybe I will try it in Qemu :-)
 
 
  the chinese government really feels so vulnerable against U.S.?
  i mean, they say it like the WWIII will begin soon and we need
  to defend us on the cyberspace with our super-secure OS
 
  and after all they based it on FreeBSD? I'm a OpenBSD user and
  I really feel that I've enought privacy, don't need a
  super-secret-ultra-secure OS
  nor to say Made In China xD
 
 
  Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com
  napsal(a):
 
 
  Everyone can try it
 
 
 
 
 
 

http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu
  /
 
 
  2009/5/17 Duncan Patton a Campbell campb...@neotext.ca:
 
 
  I just noticed this:
 
  http://www.physorg.com/news161355225.html
 
  about a secure os that's been under
  development in China since around 2k
  and is now being deployed by the Chinese
  Gov.
 
  Interestingly, it is built for a hardened
  CPU that, I'd guess, lacks many of the advanced
  features of iNTel architecture cpus.
 
  Anybody have any more info on this?
 
  Thanks,
 
  Dhu

Re: RAm capacity

[STeve Andre']

On Monday 18 May 2009 13:19:30 Gustavo Polillo wrote:
 in 4.5 release, what the RAM capacity ? 16,24,32,64GB?

Gustavo, OpenBSD runs on 17 or so hardware platforms, so your
answer is kind of hard to answer.  All the world is not i386.

But I'll bet thats what you are asking about, and the answer is
3G for i386.  I think that amd64 is 4G.

--STeve Andre'

Re: aucat freezes sparc64 on -current

[Alexandre Ratchov]

On Sun, May 17, 2009 at 09:03:06PM +0200, Mattieu Baptiste wrote:
 Hi all,
 
 I updated my machine to snapshot 2009-05-15 and the machine freezes
 when I start aucat :
 
 mattieu:/home/mattieu:2$ /usr/bin/aucat -l
 mattieu:/home/maschizo0: pci bus A error
 

it seems related to the audio device driver; aucat is a
simple user process so it cant freeze the box by itself.

do you manage to freeze the box if you use ``aucat -m play -l''
ie playback only mode ?

does it freeze if you start ``aucat -l -b 16384'' ?

-- Alexandre

Re: aucat freezes sparc64 on -current

[Mattieu Baptiste]

Hi,

 it seems related to the audio device driver; aucat is a
 simple user process so it cant freeze the box by itself.

 do you manage to freeze the box if you use ``aucat -m play -l''
 ie playback only mode ?

Play-only mode works fine (it doesn't freeze the box).


 does it freeze if you start ``aucat -l -b 16384'' ?

Yes it freezes with this.

-- 
Mattieu Baptiste
/earth is 102% full ... please delete anyone you can.

make build fails on -STABLE

[Ben Goren]

I just installed 4.5 yesterday from install45.iso on an old Dell  
Precision laptop. dmesg here:

 http://trumpetpower.com/pub/dmesg.boot

I unpacked source from the tarballs and did ``cvs -q up -rOPENBSD_4_5 - 
PAd''

A new kernel built, installed, and booted just fine. However, every  
time I try to do a make build, it bombs out in the exact same spot.  
I've re-run cvs without it finding any new / modified / deleted / etc.  
files.

Typescript here:

 http://trumpetpower.com/pub/build_fail.txt

Suggestions would be most appreciated.

Cheers,

b

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

Re: make build fails on -STABLE

[Philip Guenther]

On Mon, May 18, 2009 at 3:43 PM, Ben Goren b...@trumpetpower.com wrote:
...
 A new kernel built, installed, and booted just fine. However, every
 time I try to do a make build, it bombs out in the exact same spot.
 I've re-run cvs without it finding any new / modified / deleted / etc.
 files.

What are the permissions on the /usr/include/kerberosV/ directory at
the end of the build?

Early on, you can see that it resets them from 700 to 755, but later
error messages make it look like something in the build chmoded the
directory back to 700.  Hmm, perhaps the permissions get copied from
the source tree along the way.  What are the permissions on your
source tree?  Are any of the include directories there mode 700?  If
so, try changing them to 755 and give the build another shot.


Philip Guenther

Re: make build fails on -STABLE

[Ben Goren]

On 2009 May 18, at 4:27 PM, Philip Guenther wrote:

 On Mon, May 18, 2009 at 3:43 PM, Ben Goren b...@trumpetpower.com  
 wrote:
 ...
 A new kernel built, installed, and booted just fine. However, every
 time I try to do a make build, it bombs out in the exact same spot.
 I've re-run cvs without it finding any new / modified / deleted /  
 etc.
 files.

 What are the permissions on the /usr/include/kerberosV/ directory at
 the end of the build?

 Early on, you can see that it resets them from 700 to 755, but later
 error messages make it look like something in the build chmoded the
 directory back to 700.  Hmm, perhaps the permissions get copied from
 the source tree along the way.  What are the permissions on your
 source tree?  Are any of the include directories there mode 700?  If
 so, try changing them to 755 and give the build another shot.

Actually I think I might have it figured out. If so, your idea was  
certainly very close.

I have my umask set to 077 in my .profile. On a lark, before your note  
arrived, I set it to 022 and kicked off another make build. It seems  
to have made it past the point where it was bombing out. I'll send  
another note to the list to confirm (or deny) that that was the problem.

I'll leave it to The Powers That Be (TM) to decide if this is  
something worth checking for or documenting.

Cheers,

b

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

Re: mp3 stick as both an mp3 stick and an obsd install

[Nick Holland]

ropers wrote:
 2009/5/17 Jan Stary h...@stare.cz:
 Scenario: 4.5 installed on Emtec 2GB-FM mp3 player, using 1G of the
 2G, the rest being 1G of FAT (a separate fdisk partition, labeled as sd0i).
 Everyting works BSD-wise, provided the machine I plug it in can boot off USB
 at all. Now, I still want to be able to use it as a mp3 player.

 I created newfs_msdos on sd0i, can copy files back and forth.
 But when I turn the mp3 player on then, it says 'no song found'.
 (The FM player works.)

 After I (put my quarantine gloves on and) plugged the player into
 a windows machine and repartitioned the 1g partition with win's
 'format', and copied some mp3's, the player _can_ see them and play
 them. If I newfs_msdos the partition again, the player cannot read it again.

 That makes me ask: is there something newfs_msdos doesn't that win
 FAT 'format' does that could be relevant to this? Did someone experience
 the same?
 
 This may be stating the obvious, but I presume you're aware that all
 FAT filesystems are not alike? newfs_msdos can create FAT12, FAT16,
 and FAT32 partitions.
 
 What kind of FAT partition did you create with Windows, and did you
 create the same kind with newfs_msdos?
 
 regards,
 --ropers

In addition to those very valid points, if you repartitioned it with
Windows, you almost certainly ended up with the Windows partition at
the beginning of the disk, and very probably as the first MBR partition,
because that's how Windows does flash devices.

Windows can't handle a Windows partition that is not first on a flash
disk, so it wouldn't surprise me if the stripped-way-down-non-OS on an
MP3 player would have even more significant limitations.

Still, a cool thing to do. :)

Nick.

Re: old and new pf tandem test ---help

[mehma sarja]

Otto, Henning and Stuart to-the-point answers. Thanks guys. I have taken
the post over to FreeBSD list. However, Henning, I am curious why you call
pf on anything but OpenBSD a starter drug? Is the performance difference
that huge? pf on FreeBSD 7.2 is version 4.1.

You have piqued my interest and may convince me to switch to OpenBSD. Keep
the posts coming.

Yudhvir

Re: Kylin

[Tomáš Bodžár]

How China can somewhat breach copyright and intellectual property with
BSD licence? ;-)

2009/5/18 (private) HKS hks.priv...@gmail.com:
 2009/5/18 Toma B Bod ar tomas.bod...@gmail.com:
 Common,you think that big western companies which have support from
 western governments care about it?And please don't make white knight
 from western civilization.Everywhere are pros and cons.What type of
 copyright and intellectual property you think?Like Disney which have
 stories based on older stories,but he has law from government on it
 now so original makers has nothing and Disney takes all?And when end
 of this copyright is near some magic happen in government and Disney
 (and others) has next 20 or 50 years.Sounds very respectable for
 copyright and intellectual property of original authors ;-)

 Or maybe you think something like we have.When you create your own
 song and sing it to people somewhere outside of your flat you must pay
 to OSA(something like BSA terrorists,but local).WTH is that.Sounds
 really like care about my copyright - I must pay for my own song ;-)

 Informations are here for share and we can move forward thanks to
 them.If some idiot have patent on double-click then what?One developer
 must incorporated triple-click to his product,next four-click and so
 on?Sounds like history - Earth is just pancake and everyone who want
 to find another idea must use our idea or he will be killed and who
 use our idea without our licence will be killed too.Really we need
 those times back??

 For Christ's sake, get off your fucking high horse. My quip was in
 response to your implication that China chose a BSD license because it
 fit better with their intentions than GPL or similar. As if they gave
 a shit.

 -HKS



 2009/5/18 (private) HKS hks.priv...@gmail.com:
 2009/5/17 Toma B Bod ar tomas.bod...@gmail.com:
 I know,that's why they choose BSD-style licenced OS ;-)

 Yes, because China's respect for copyright and intellectual property
 is legendary.

 -HKS


 2009/5/17 Cem Kayali cemkay...@eticaret.com.tr:

 Do you really think Chineese governmnt make source public? Not all of
 course
 ;)

 Regards,




 Jesus Sanchez, 05/17/09 20:58:

 TomC!E! BodEC!r escribiC3:

 After quick search on web it looks like it's based on FreeBSD 5.3
 (initial version) with Windows like GUI.So it doesn't looks so secure
 now :-) But government agencies must have reason to receive money so
 why don't make wave about dangerous China with their new
 ultra-hyper-super secure system? Ofcourse that there can be
 interesting modifications.Maybe I will try it in Qemu :-)


 the chinese government really feels so vulnerable against U.S.?
 i mean, they say it like the WWIII will begin soon and we need
 to defend us on the cyberspace with our super-secure OS

 and after all they based it on FreeBSD? I'm a OpenBSD user and
 I really feel that I've enought privacy, don't need a
 super-secret-ultra-secure OS
 nor to say Made In China xD


 Dne 17. kvD ten 2009 19:28 TomC!E! BodEC!r tomas.bod...@gmail.com
 napsal(a):


 Everyone can try it







http://www.honeytechblog.com/downlod-kylin-operating-system-by-chinaqingbo-wu
 /


 2009/5/17 Duncan Patton a Campbell campb...@neotext.ca:


 I just noticed this:

 http://www.physorg.com/news161355225.html

 about a secure os that's been under
 development in China since around 2k
 and is now being deployed by the Chinese
 Gov.

 Interestingly, it is built for a hardened
 CPU that, I'd guess, lacks many of the advanced
 features of iNTel architecture cpus.

 Anybody have any more info on this?

 Thanks,

 Dhu

Re: old and new pf tandem test ---help

[Theo de Raadt]

 Otto, Henning and Stuart to-the-point answers. Thanks guys. I have taken
 the post over to FreeBSD list. However, Henning, I am curious why you call
 pf on anything but OpenBSD a starter drug? Is the performance difference
 that huge? pf on FreeBSD 7.2 is version 4.1.

The people you are asking barely remember how OpenBSD 4.1's pf behaved.

Take a moment and think back of what you were doing in February of
2007.  This will momentary put you into the mindset that you are
asking these guys to put themselves into.  We don't remember.