Vpn between OpenBSD and a mac
Hi, i tried the software IPSECURITAS, it doesn't work for me, perhaps i ve a problem with my /etc/ipsec.conf file. Can you please take a look on my ipsec.conf file ? I tried it with an other third software : VPN tracker, it works, but i can't access ressources like servers... a problem with pf.conf file ? (I can ping hosts, but no ressource like vnc or rdp) Here my files : ipsec.conf : ## ike dynamic from any to any \ main auth hmac-sha1 enc aes group modp1024 \ quick auth hmac-sha1 enc aes psk ITisAfake pf.conf : int=rl1 server=192.168.6.2 set skip on lo set skip on enc0 set block-policy drop nat on egress - egress block log all #VPN pass in on egress proto udp from any to egress port 500 pass in on egress proto udp from any to egress port 4500 pass in on egress proto esp from any to egress pass inet proto icmp all icmp-type {echoreq unreach} #FW OUT pass out on egress proto tcp from egress pass out on egress proto udp from egress pass in on $int proto tcp from $int:network to any port \ { 80 443 110 } pass in on $int proto udp from $int:network to any port 53 pass in on $int proto tcp from $int:network to smtp.orange.fr \ port 25 Thank's.
Re: Printing schemas
On Sat, 24 Apr 2010 17:56:14 -0500 Ed Ahlsen-Girard eagir...@cox.net wrote: On Sat, 24 Apr 2010 16:19:23 -0500 Todd Alan Smith tas-misc-open...@puesnada.us wrote: On Sat, Apr 24, 2010 at 3:47 PM, Ed Ahlsen-Girard eagir...@cox.net wrote: I'm looking specifically ay how to print to a USB printer that is hanging off an XP box. Then why didn't you mention that in your first post? Because I wanted the more general information. Printing is one of those Black Magic topics where the people who know it think it's easy, and the people who don't know it cower in fear. In your case, you've got four options: 1.) If supported by the printer, attach the printer to the network. 2.) Use a print sever device to attach the USB/parallel printer to your network. 3.) Use windows file/printer sharing and samba to access it. 4.) Use LPR Service on windows, but be cautious about pass-through http://support.microsoft.com/kb/150930 There's also a the fifth option of attaching the printer directly to your UNIX box (parallel, serial, or USB), but that was outside of your request, and often requires packages to get non-postscript printers working correctly. The first option above is usually the easiest, particularly if the printer understands postscript. The first two requirements for purchasing a printer should be supporting postscript, and having a network connection. Unfortunately, most consumer-level printers do not have these options. If you have consumer-level junk, then an option is a cheap print server device. These typically have an RJ-45 (either 10Mbit or 10/100Mbit) along with one or more parallel, serial and USB ports. It's a nice answer if you don't want a workstation running all the time and they typically provide LPD and ms-windows shares. The third option is use a workstation running windows along with windows print/file sharing. On the unix side, use samba to access the share. You may or may not need additional packages depending on the printer itself. The last option is using the microsoft LPD Service but you need to be cautious about how it is configured. At times, windows makes the wrong decision and actually prints the raw postscript text out. It really depends on how the LPD client is sending data to the LPD Service, and some LPD clients are not very standards compliant. Considering all the strange consumer-level devices out there, and all the vendor provided crapware they often require to run correctly, the topic is difficult to cover beyond the basics above. You might need packages like CUPS, apsfilter, enscript, ghostscript, and others to get consumer-level printers working correctly regardless of how they are connected. --Avoiding this nonsense is why network and postscript support in the printer is *REALLY* desirable. Lastly, if you want to use a windows client system with a networked LPD-only printer (e.g. no windows shares), configuring windows is entirely anti-intuitive. You have to select local printer then add port and then fill in the details, even though the printer is not local by any stretch of the imagination. jcr -- The OpenBSD Journal - http://www.undeadly.org
OpenBSD as L2TP client
Hi A client asked me to setup a low cost router to connect to the Internet. His current Internet connection requires his router to connect to the ISP using L2TP protocol. I've looked through the archives and ports tree for a similar posting, but found none... Is anyone using OpenBSD as an L2TP client to connect to the Inernet (or knows a solution)? -- TIA Paolo
Re: Premature end of archive
On Thu, 22 Apr 2010 17:56:48 +0700 sonjaya sonj...@gmail.com wrote: Length: 1516336 (1.4M), 1139856 (1.1M) remaining 24% [ ] 376,480 38.8K/s in 9.6s 2010-04-22 17:53:34 (38.1 KB/s) - Data connection: Connection reset by peer; Control connection closed. Retrying. then i check in sonicwall 12 UTC 04/22/2010 10:52:56.032 Alert Security Services Gateway Anti-Virus Alert: Mytob.Crypter (Worm) blocked 78.41.115.130, 51671, X3 192.168.xxx.10, 13305, X5 ha ha so the trouble maker is sonicwall Signature based detection has always been flawed, and worse, as the volume of malware increases, so does the number of illegal byte sequences. The result is obvious; more and more stuff will be blocked due to false positives. Using encryption (ssh, scp, ssl) is a way around this problem, and if it does happen when using encryption, then just change to using a different cypher (resulting in a different byte sequence). jcr -- The OpenBSD Journal - http://www.undeadly.org
Re: Printing schemas
On Sat, Apr 24, 2010 at 06:04:38PM -0500, Ed Ahlsen-Girard wrote: Subject:Re: Printing schemas On 2010-04-24 21:16:48 bofh goodb0fh () gmail ! com wrote: Actually, scratch that, shouldn't you read the faq and/or use google? The FAQ has nothing to say about printer setup, and certainly makes no recommendations. The Google-hit articles that address printing are fairly old and/or written by people who don't appear to be close to the OpenBSD or any BSD. I wanted to know what the developers do. In more detail, I have a postscript printer attached with usb to my home server running lpd. My home server is a landisk device running some services I'd like to have always on. It's power consumption is about 3W, less than your typical gigabit ethernet card. It perfectly serves my printing needs. I try to avoid any printer that needs special drivers. -Otto I've already setup lpd on the XP box, but there's certainly more to it than that. The more to it is what I'm looking for. -- Edward Ahlsen-Girard Ft Walton Beach, FL
unreferenced files from MySQL.
Hello. I noticed some unreferenced files from MySQL in my daily output mail; However, i don't have anything in /tmp or /var/tmp to check/fix the problem with fsck. Does this mean i lost some data from the database(s)? How may i fix or remove the reported bad files? Here's the output: OpenBSD 4.6-stable (GENERIC.MP) #2: Mon Apr 19 08:20:01 PDT 2010 r...@test.domain.com:/usr/src/sys/arch/i386/compile/GENERIC.MP 1:32AM up 14:57, 0 users, load averages: 0.99, 0.47, 0.24 Backing up root=/dev/rwd0a to /dev/rwd0d: 33129+1 records in 33129+1 records out 271393792 bytes transferred in 13.506 secs (20093240 bytes/sec) ** /dev/rwd0d ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) MARK FILE SYSTEM CLEAN? yes * FILE SYSTEM WAS MODIFIED * Checking subsystem status: disks: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/wd0a 25966212930611737452%/ /dev/wd0i 519646 6493658 0%/tmp /dev/wd0e15486368 3657428 1105462225%/usr /dev/wd0f36116632138044 34172758 0%/var /dev/wd0h10323146 11208 9795782 0%/var/vmail /dev/wd0g 170281220150524 161616636 0%/var/www Last dump(s) done (Dump '' file systems): mail: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- E083791EB7 880 Sat Apr 24 10:26:31 i...@mydomain.com (connect to 42.22.192.55 [42.22.192.55]:10024: Invalid argument) testm...@yahoo.com -- 1 Kbytes in 1 Request. network: NameMtu Network Address Ipkts IerrsOpkts Oerrs Colls lo0 33200 Link 30718 030718 0 0 lo0 33200 127/8 127.0.0.130718 030718 0 0 lo0 33200 ::1/128 ::1 30718 030718 0 0 lo0 33200 fe80::%lo0/64 fe80::1%lo0 30718 030718 0 0 bge01500 Link 00:19:b9:f9:0d:9560140 441720 0 0 bge01500 69.197.4.202/26 69.197.4.202 60140 4 41720 0 0 bge01500 fe80::%bge0/64 fe80::219:b9ff:fef9:d95%bge060140 441720 0 0 bge01500 72.20.55.89/29 72.20.55.89 60140 441720 0 0 bge01500 72.20.55.90/29 72.20.55.90 60140 441720 0 0 bge01500 72.20.55.91/29 72.20.55.91 60140 441720 0 0 bge01500 72.20.55.92/29 72.20.55.92 60140 441720 0 0 bge01500 72.20.55.93/29 72.20.55.93 60140 441720 0 0 bge01500 72.20.55.94/29 72.20.55.94 60140 441720 0 0 bge1* 1500 Link 00:19:b9:f9:0d:960 00 0 0 enc0* 1536 Link 0 00 0 0 pflog0 33200 Link 0 00 0 0 Checking filesystems: ** /dev/rwd0a (NO WRITE) ** Last Mounted on / ** Root file system 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) ** /dev/rwd0i (NO WRITE) ** Last Mounted on /tmp UNREF FILE I=3 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=4 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=5 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=6 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=7 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no 8 files, 3 used, 259820 free (20 frags, 32475 blocks, 0.0% fragmentation) ** /dev/rwd0e (NO WRITE) ** Last Mounted on /usr 314304 files, 1828714 used, 5914470 free (62566 frags, 731488 blocks, 0.8% fragmentation) ** /dev/rwd0f (NO WRITE) ** Last Mounted on /var 1117 files, 69019 used, 17989297 free (505 frags, 2248599 blocks, 0.0% fragmentation) ** /dev/rwd0h (NO WRITE) ** Last Mounted on /var/vmail 133 files, 5604 used, 5155969 free (193 frags, 644472 blocks, 0.0% fragmentation) ** /dev/rwd0g (NO WRITE) ** Last Mounted on /var/www 5502 files, 75262 used, 85065348 free (244 frags, 10633138 blocks, 0.0% fragmentation) Thanks.
Re: unreferenced files from MySQL.
Andreas Gerdd wrote: Hello. I noticed some unreferenced files from MySQL in my daily output mail; However, i don't have anything in /tmp or /var/tmp to check/fix the problem with fsck. Does this mean i lost some data from the database(s)? How may i fix or remove the reported bad files? Short answer: Ignore them. They are remnants of TEMPORARY tables which are supposed to vanish when connection is dropped. Here's the output: OpenBSD 4.6-stable (GENERIC.MP) #2: Mon Apr 19 08:20:01 PDT 2010 r...@test.domain.com:/usr/src/sys/arch/i386/compile/GENERIC.MP 1:32AM up 14:57, 0 users, load averages: 0.99, 0.47, 0.24 Backing up root=/dev/rwd0a to /dev/rwd0d: 33129+1 records in 33129+1 records out 271393792 bytes transferred in 13.506 secs (20093240 bytes/sec) ** /dev/rwd0d ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) MARK FILE SYSTEM CLEAN? yes * FILE SYSTEM WAS MODIFIED * Checking subsystem status: disks: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/wd0a 25966212930611737452%/ /dev/wd0i 519646 6493658 0%/tmp /dev/wd0e15486368 3657428 1105462225%/usr /dev/wd0f36116632138044 34172758 0%/var /dev/wd0h10323146 11208 9795782 0%/var/vmail /dev/wd0g 170281220150524 161616636 0%/var/www Last dump(s) done (Dump '' file systems): mail: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- E083791EB7 880 Sat Apr 24 10:26:31 i...@mydomain.com (connect to 42.22.192.55 [42.22.192.55]:10024: Invalid argument) testm...@yahoo.com -- 1 Kbytes in 1 Request. network: NameMtu Network Address Ipkts IerrsOpkts Oerrs Colls lo0 33200 Link 30718 030718 0 0 lo0 33200 127/8 127.0.0.130718 030718 0 0 lo0 33200 ::1/128 ::1 30718 030718 0 0 lo0 33200 fe80::%lo0/64 fe80::1%lo0 30718 030718 0 0 bge01500 Link 00:19:b9:f9:0d:9560140 441720 0 0 bge01500 69.197.4.202/26 69.197.4.202 60140 4 41720 0 0 bge01500 fe80::%bge0/64 fe80::219:b9ff:fef9:d95%bge060140 441720 0 0 bge01500 72.20.55.89/29 72.20.55.89 60140 441720 0 0 bge01500 72.20.55.90/29 72.20.55.90 60140 441720 0 0 bge01500 72.20.55.91/29 72.20.55.91 60140 441720 0 0 bge01500 72.20.55.92/29 72.20.55.92 60140 441720 0 0 bge01500 72.20.55.93/29 72.20.55.93 60140 441720 0 0 bge01500 72.20.55.94/29 72.20.55.94 60140 441720 0 0 bge1* 1500 Link 00:19:b9:f9:0d:960 00 0 0 enc0* 1536 Link 0 00 0 0 pflog0 33200 Link 0 00 0 0 Checking filesystems: ** /dev/rwd0a (NO WRITE) ** Last Mounted on / ** Root file system 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) ** /dev/rwd0i (NO WRITE) ** Last Mounted on /tmp UNREF FILE I=3 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=4 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=5 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=6 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=7 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no 8 files, 3 used, 259820 free (20 frags, 32475 blocks, 0.0% fragmentation) ** /dev/rwd0e (NO WRITE) ** Last Mounted on /usr 314304 files, 1828714 used, 5914470 free (62566 frags, 731488 blocks, 0.8% fragmentation) ** /dev/rwd0f (NO WRITE) ** Last Mounted on /var 1117 files, 69019 used, 17989297 free (505 frags, 2248599 blocks, 0.0% fragmentation) ** /dev/rwd0h (NO WRITE) ** Last Mounted on /var/vmail 133 files, 5604 used, 5155969 free (193 frags, 644472 blocks, 0.0% fragmentation) ** /dev/rwd0g (NO WRITE) ** Last Mounted on /var/www 5502 files, 75262 used, 85065348 free (244 frags, 10633138 blocks, 0.0% fragmentation) Thanks. MySQL (at least the one I've got running -current) keeps Files for ISAM tables in /var/mysql and files for TEMPORARY (ISAM) tables in /var like so: # ls -l /tmp/#sql* -rw-rw 1 _mysql wheel 0 Apr 25 06:02 /tmp/#sql7dd3_7_2.MYD -rw-rw 1 _mysql wheel 1024 Apr 25 06:02 /tmp/#sql7dd3_7_2.MYI -rw-rw 1 _mysql wheel
How to refresh a map when using ypldap?
When using ypldap, if I cd /var/yp make I am not able to regenerate the YP maps and can't figure out what I am doing wrong. Here is what I get # cd /var/yp # make === foretell couldn't find /etc/ethers updated netid yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result . . YP server for domain foretell not responding, still trying YP server for domain foretell not responding, still trying Rebooting seems to regenerate the maps. I am saying that because if I add a user to the LDAP database and do a getent passwd I do not see it listed. If I reboot the test system and do a getent passwd, I see the user I added to LDAP before the reboot. I tried yppoll as follows: # yppoll -d foretell -h 127.0.0.1 passwd yp_order: clnt_call: RPC: Procedure unavailable No such map passwd. Reason: Can't communicate with ypbind But ypbind is running and pf is off. # rpcinfo -p program vers proto port 102 tcp111 portmapper 102 udp111 portmapper 142 udp806 ypserv 142 tcp 1009 ypserv 172 udp874 ypbind 172 tcp727 ypbind Are commands like yptest usable when ypldap is used instead of ypserv? What else can I use to figure out where I have made a mistake? I am unsure as to where to look for this type of information. When I try it, I get the following: # yptest Test 1: yp_match localhost hosts.byname yp error: No such map in server's domain Test 2: yp_first yp error: No such map in server's domain Test 3: yp_next Test 4: yp_master yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result Any clues or help will be much appreciated. Thanks very much, Vijay -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Is this a case of paranoia?
Shane, What I have found with our company's installation of Webmarshall is that you can , for example, go to linux.box.sk and surf around for about 5 mins, then all of a sudden it gets blocked. I don't think that Webmarshall is THAT clever to figure out that you are on a site that contains unauthorized content. I think that there is an overpaid, underworked, MCSE on the Webmarshall server looking for something he can use as proof that they still need his expertise ... Danny I hope it is just your employer blocking OpenBSD and Marshal has not added it to their list!
Re: unreferenced files from MySQL.
On Sun, Apr 25, 2010 at 01:21:52PM +0300, Andreas Gerdd wrote: Hello. I noticed some unreferenced files from MySQL in my daily output mail; However, i don't have anything in /tmp or /var/tmp to check/fix the problem with fsck. Does this mean i lost some data from the database(s)? How may i fix or remove the reported bad files? With patience. Running fsck on a mounted filesystem is very likely to show the problems you mentioned. The files will be cleaned up after the last process having a reference to it exits, when softdep (if used) feels so. -Otto Here's the output: OpenBSD 4.6-stable (GENERIC.MP) #2: Mon Apr 19 08:20:01 PDT 2010 r...@test.domain.com:/usr/src/sys/arch/i386/compile/GENERIC.MP 1:32AM up 14:57, 0 users, load averages: 0.99, 0.47, 0.24 Backing up root=/dev/rwd0a to /dev/rwd0d: 33129+1 records in 33129+1 records out 271393792 bytes transferred in 13.506 secs (20093240 bytes/sec) ** /dev/rwd0d ** Last Mounted on / ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) MARK FILE SYSTEM CLEAN? yes * FILE SYSTEM WAS MODIFIED * Checking subsystem status: disks: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/wd0a 25966212930611737452%/ /dev/wd0i 519646 6493658 0%/tmp /dev/wd0e15486368 3657428 1105462225%/usr /dev/wd0f36116632138044 34172758 0%/var /dev/wd0h10323146 11208 9795782 0%/var/vmail /dev/wd0g 170281220150524 161616636 0%/var/www Last dump(s) done (Dump '' file systems): mail: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- E083791EB7 880 Sat Apr 24 10:26:31 i...@mydomain.com (connect to 42.22.192.55 [42.22.192.55]:10024: Invalid argument) testm...@yahoo.com -- 1 Kbytes in 1 Request. network: NameMtu Network Address Ipkts IerrsOpkts Oerrs Colls lo0 33200 Link 30718 030718 0 0 lo0 33200 127/8 127.0.0.130718 030718 0 0 lo0 33200 ::1/128 ::1 30718 030718 0 0 lo0 33200 fe80::%lo0/64 fe80::1%lo0 30718 030718 0 0 bge01500 Link 00:19:b9:f9:0d:9560140 441720 0 0 bge01500 69.197.4.202/26 69.197.4.202 60140 4 41720 0 0 bge01500 fe80::%bge0/64 fe80::219:b9ff:fef9:d95%bge060140 441720 0 0 bge01500 72.20.55.89/29 72.20.55.89 60140 441720 0 0 bge01500 72.20.55.90/29 72.20.55.90 60140 441720 0 0 bge01500 72.20.55.91/29 72.20.55.91 60140 441720 0 0 bge01500 72.20.55.92/29 72.20.55.92 60140 441720 0 0 bge01500 72.20.55.93/29 72.20.55.93 60140 441720 0 0 bge01500 72.20.55.94/29 72.20.55.94 60140 441720 0 0 bge1* 1500 Link 00:19:b9:f9:0d:960 00 0 0 enc0* 1536 Link 0 00 0 0 pflog0 33200 Link 0 00 0 0 Checking filesystems: ** /dev/rwd0a (NO WRITE) ** Last Mounted on / ** Root file system 2602 files, 64653 used, 65178 free (394 frags, 8098 blocks, 0.3% fragmentation) ** /dev/rwd0i (NO WRITE) ** Last Mounted on /tmp UNREF FILE I=3 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=4 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=5 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=6 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no UNREF FILE I=7 OWNER=_mysql MODE=100600 SIZE=0 MTIME=Apr 24 10:36 2010 CLEAR? no 8 files, 3 used, 259820 free (20 frags, 32475 blocks, 0.0% fragmentation) ** /dev/rwd0e (NO WRITE) ** Last Mounted on /usr 314304 files, 1828714 used, 5914470 free (62566 frags, 731488 blocks, 0.8% fragmentation) ** /dev/rwd0f (NO WRITE) ** Last Mounted on /var 1117 files, 69019 used, 17989297 free (505 frags, 2248599 blocks, 0.0% fragmentation) ** /dev/rwd0h (NO WRITE) ** Last Mounted on /var/vmail 133 files, 5604 used, 5155969 free (193 frags, 644472 blocks, 0.0% fragmentation) ** /dev/rwd0g (NO WRITE) ** Last Mounted on /var/www 5502 files, 75262 used, 85065348 free (244 frags, 10633138 blocks, 0.0% fragmentation) Thanks.
Re: How to refresh a map when using ypldap?
Vijay Sankar wrote: When using ypldap, if I cd /var/yp make I am not able to regenerate the YP maps and can't figure out what I am doing wrong. Here is what I get # cd /var/yp # make === foretell couldn't find /etc/ethers updated netid yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result . . YP server for domain foretell not responding, still trying YP server for domain foretell not responding, still trying Rebooting seems to regenerate the maps. I am saying that because if I add a user to the LDAP database and do a getent passwd I do not see it listed. If I reboot the test system and do a getent passwd, I see the user I added to LDAP before the reboot. I tried yppoll as follows: # yppoll -d foretell -h 127.0.0.1 passwd yp_order: clnt_call: RPC: Procedure unavailable No such map passwd. Reason: Can't communicate with ypbind But ypbind is running and pf is off. # rpcinfo -p program vers proto port 102 tcp111 portmapper 102 udp111 portmapper 142 udp806 ypserv 142 tcp 1009 ypserv 172 udp874 ypbind 172 tcp727 ypbind Are commands like yptest usable when ypldap is used instead of ypserv? What else can I use to figure out where I have made a mistake? I am unsure as to where to look for this type of information. When I try it, I get the following: # yptest Test 1: yp_match localhost hosts.byname yp error: No such map in server's domain Test 2: yp_first yp error: No such map in server's domain Test 3: yp_next Test 4: yp_master yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result yp_master: clnt_call: RPC: Can't decode result Any clues or help will be much appreciated. Thanks very much, Vijay Also wanted to mention that killing ypldap and ypbind and then restarting them manually also allows me to see the new user. Avoids a reboot but I am still wondering whether that is the correct way to regenerate the maps. Thanks for any suggestions. -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
uvm_mapent_alloc: out of static map entries
Last week I setup an 4.6 i386 OpenBSD server. The hardware is Dell Poweredge 1850 with 2GB RAM. Its fully updated 4.6 stable. In only a few days it has twice hung with the error on screen: uvm_mapent_alloc: out of static map entries I have looked on the web and found various OpenBSD maillist archive references to this but the impression is that this was fixed ages ago. The server should be a very lightly used mail relay running exim, ssh and nothing much else. I certainly dont want to randomly push buttons: http://kerneltrap.org/mailarchive/openbsd-misc/2008/5/16/1842014 but 2 years ago this seemed under control: http://kerneltrap.org/mailarchive/openbsd-misc/2008/5/16/1841134 But it's not really alarming, unless it continues to print that continuously. Its not doing it continuously - just once and then hang. Below is dmesg output. Please let me know if i can provide any more useful information. Many thanks, Alastair Johnson [r...@relayb..com /etc]# dmesg OpenBSD 4.6-stable (GENERIC) #0: Thu Apr 22 22:41:04 BST 2010 r...@relayb:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 3.20GHz (GenuineIntel 686-class) 3.20 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,CNXT-ID,CX16,xTPR real mem = 2146795520 (2047MB) avail mem = 2067058688 (1971MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 01/09/06, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf9920 (87 entries) bios0: vendor Dell Computer Corporation version A05 date 01/09/2006 bios0: Dell Computer Corporation PowerEdge 1850 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC SPCR HPET MCFG acpi0: wakeup devices PCI0(S5) PALO(S5) PBLO(S5) VPR0(S5) PBHI(S5) VPR1(S5) PICH(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 ioapic1 at mainbus0: apid 3 pa 0xfec8, version 20, 24 pins ioapic1: misconfigured as apic 0, remapped to apid 3 ioapic2 at mainbus0: apid 4 pa 0xfec83000, version 20, 24 pins ioapic2: misconfigured as apic 0, remapped to apid 4 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PALO) acpiprt2 at acpi0: bus 2 (DOBA) acpiprt3 at acpi0: bus 3 (DOBB) acpiprt4 at acpi0: bus 4 (PBLO) acpiprt5 at acpi0: bus 8 (VPR0) acpiprt6 at acpi0: bus 5 (PBHI) acpiprt7 at acpi0: bus 6 (PXB1) acpiprt8 at acpi0: bus 7 (PXB2) acpiprt9 at acpi0: bus 9 (PICH) acpicpu0 at acpi0 bios0: ROM list: 0xc/0xb000! 0xcb000/0x1000 0xcc000/0x800 0xcc800/0x1000 0xcd800/0x2200 0xd/0x600 0xec000/0x4000! ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel E7520 Host rev 0x09 ppb0 at pci0 dev 2 function 0 Intel E7520 PCIE rev 0x09 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 Intel IOP332 PCIE-PCIX rev 0x06 pci2 at ppb1 bus 2 ami0 at pci2 dev 14 function 0 Dell PERC 4e/Di rev 0x06: apic 3 int 14 (irq 7) ami0: Dell 16c, 32b, FW 521X, BIOS vH430, 256MB RAM ami0: 1 channels, 0 FC loops, 1 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00, SCSI2 0/direct fixed sd0: 70010MB, 512 bytes/sec, 143380480 sec total scsibus1 at ami0: 16 targets safte0 at scsibus1 targ 6 lun 0: PE/PV, 1x2 SCSI BP, 1.0 SCSI2 3/processor fixed ppb2 at pci1 dev 0 function 2 Intel IOP332 PCIE-PCIX rev 0x06 pci3 at ppb2 bus 3 skc0 at pci3 dev 11 function 0 3Com 3c940 rev 0x10, Yukon (0x1): apic 3 int 5 (irq 3) sk0 at skc0 port A: address 00:0a:5e:1b:01:6f eephy0 at sk0 phy 0: 88E1011 Gigabit PHY, rev. 3 ppb3 at pci0 dev 4 function 0 Intel E7520 PCIE rev 0x09 pci4 at ppb3 bus 4 ppb4 at pci0 dev 5 function 0 Intel E7520 PCIE rev 0x09 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 Intel PCIE-PCIE rev 0x09 pci6 at ppb5 bus 6 em0 at pci6 dev 7 function 0 Intel PRO/1000MT (82541GI) rev 0x05: apic 4 int 0 (irq 11), address 00:13:72:52:09:16 ppb6 at pci5 dev 0 function 2 Intel PCIE-PCIE rev 0x09 pci7 at ppb6 bus 7 em1 at pci7 dev 8 function 0 Intel PRO/1000MT (82541GI) rev 0x05: apic 4 int 1 (irq 3), address 00:13:72:52:09:17 ppb7 at pci0 dev 6 function 0 Intel E7520 PCIE rev 0x09 pci8 at ppb7 bus 8 uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: apic 2 int 16 (irq 11) uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: apic 2 int 19 (irq 10) uhci2 at pci0 dev 29 function 2 Intel 82801EB/ER USB rev 0x02: apic 2 int 18 (irq 7) ehci0 at pci0 dev 29 function 7 Intel 82801EB/ER USB2 rev 0x02: apic 2 int 23 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb8 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xc2 pci9 at ppb8 bus 9 Dell DRAC 4 rev 0x00 at pci9
Re: Is this a case of paranoia?
On Sun, 25 Apr 2010 17:48 +0200, Danny dannydeb...@gmail.com wrote: Shane, What I have found with our company's installation of Webmarshall is that you can , for example, go to linux.box.sk and surf around for about 5 mins, then all of a sudden it gets blocked. 95% of what these devices trigger on are false-positives. Anyone who has ever dealt with them for any length of time should know that. The trick is tuning them and white-listing stuff to make them more useful. Bottom line... there is nothing malicious about openbsd.org websites. Your network security device has yet another false-positive. Most people I know don't put these things in block mode precisely for these reasons. Brad I don't think that Webmarshall is THAT clever to figure out that you are on a site that contains unauthorized content. I think that there is an overpaid, underworked, MCSE on the Webmarshall server looking for something he can use as proof that they still need his expertise ... Danny I hope it is just your employer blocking OpenBSD and Marshal has not added it to their list!
asking for donation: laptop mostly out of commission
My current development machine is failing... the fan turns on and off in haphazard ways... today, it took me 3/4h to turn it back on, after roughly 30 FAN FAILURE bios messages. Out of warranty, I disassembled it (easy for thinkpads), found nothing obvious, and put it back together (obviously no change). Next time I reboot it, I have no idea whether it will come back. It makes little sense to have it repaired: - would cost a lot, and things will predictably fail again in a little while; my experience being that, when a machine part fails, usually the rest is going to die soon anyways; - this laptop's gfx card is annoying anyways (nvidia), and prevents me from working on some stuff (like ogle tweaks and audio changes, since the gfx speed is so bad I can't do anything that involves synchronized audio/video) So, I'm asking for donations. Antoine conveniently has a paypal account (and lives in the same city I do), so this should be reasonably easy. (Antoine, can you post details). A donated laptop would help, but not that much. This is the primary machine I use to hack on large stuff. It definitely needs to be MP, otherwise make and dpb3 won't go forward, and it has to be ~2GHz or more, otherwise, I won't be able to keep hacking on qt4 and the likes... If you like the new changes in pkg_add or the ports tree, and want to say thank you, you can do that in a very concrete way ;-) Thanks for your attention. -- Marc
Re: asking for donation: laptop mostly out of commission
On Sun, 25 Apr 2010, Marc Espie wrote: ... So, I'm asking for donations. Antoine conveniently has a paypal account (and lives in the same city I do), so this should be reasonably easy. (Antoine, can you post details). Anyone interested in donating money for espie@'s laptop can make a paypal donation to ajacou...@bsdfrog.org. I will post a reply as soon as the needed amount is reached (Marc is looking for a vendor right now to have the exact price). If any money is left, it'll be send as a donation to OpenBSD. Thanks for him! -- Antoine
Re: asking for donation: laptop mostly out of commission
On Sun, Apr 25, 2010 at 07:32:14PM +0200, Antoine Jacoutot wrote: I will post a reply as soon as the needed amount is reached (Marc is looking for a vendor right now to have the exact price). If any money is left, it'll be send as a donation to OpenBSD. The exact price might be a bit complicated, between vendors that don't have it in stock, and model variations. By a quick hunt, the kind of laptop I'm looking for is probably around 800 EUR, give or take a few, assuming they have it in stock. I'm currently looking at thinkpad R500 models, assuming I find one with correct gfx support, and a vendor that has it near Paris. Other suggestions are welcome (preferably in private, dont want to spam misc@ too heavily), especially as to which models are reasonably supported, available, and at a reasonable price...
Re: asking for donation: laptop mostly out of commission
2010/4/25 Antoine Jacoutot ajacou...@bsdfrog.org: On Sun, 25 Apr 2010, Marc Espie wrote: ... So, I'm asking for donations. Antoine conveniently has a paypal account (and lives in the same city I do), so this should be reasonably easy. (Antoine, can you post details). Anyone interested in donating money for espie@'s laptop can make a paypal donation to ajacou...@bsdfrog.org. Sent 20 euros. Happy hacking!! -- We spend the first twelve months of our children's lives teaching them to walk and talk and the next twelve telling them to sit down and shut up.
Re: How to refresh a map when using ypldap?
Hi Vijay, Vijay Sankar wrote on Sun, Apr 25, 2010 at 09:31:14AM -0500: When using ypldap, if I cd /var/yp make Executing Makefile.yp(8) will generate YP maps from static files. There is no way how that could fetch information from LDAP. So i do not think you want to update your maps in this way when using ypldap(8). I am not able to regenerate the YP maps and can't figure out what I am doing wrong. Here is what I get # cd /var/yp # make === foretell couldn't find /etc/ethers Again, here you see that your command is trying to build maps from files in /etc. Is that what you want? updated netid yp_master: clnt_call: RPC: Can't decode result Judging from /usr/src/usr.sbin/ypserv/ypinit/Makefile.yp, the command being executed here is probably /usr/sbin/yppush -d foretell netid.byname Judging from /usr/src/usr.sbin/ypserv/yppush/yppush.c, that program is trying to call yp_master(Domain, ypmap, master); In case of ypldap(8), the call yp_master(3) doesn't appear to make much sense. After all, logically, there is no YP master server, instead, the LDAP server is kind of a master. So i guess Pierre-Yves did not implement support for that call in ypldap(8) - though i did not explicitely check the source. Besides, yppush(8) does not make much sense in the ypldap(8) context. You want to pull from LDAP, not manually push some map onto the server. Rebooting seems to regenerate the maps. Of course, because the ypldap(8) server restarts, so it can't help loading new maps from LDAP. I tried yppoll as follows: # yppoll -d foretell -h 127.0.0.1 passwd yp_order: clnt_call: RPC: Procedure unavailable Looks like ypldap(8) does not implement yp_order(3) - again, i did not check the source. Perhaps it doesn't make much sense. Are you sure LDAP has a concept of YP version numbers in the first place? Otherwise, it can't tell you... No such map passwd. Reason: Can't communicate with ypbind But ypbind is running and pf is off. Oh well, don't get me started on RPC and YP error messages. Frankly, that's not the best part of error messages in OpenBSD. Last year, i did tiny bits of cleanup near the edges of that heap of *, but unfortunately, it is a large heap and probably won't be cleaned up fully this decade. The problem is that the the very design of SUN RPC error messages is questionable at best, but changing it today is not easy. You don't want to break interfaces without a good reason. Basically, YPERR_YPBIND (see /usr/src/lib/libc/yp/yperr_string.c) can happen when... something went wrong. So the second message you are seeing is less important than the first one. Are commands like yptest usable when ypldap is used instead of ypserv? Oh, unlike ypldap(8), yptest(8) is not rocket science. It is just a straightforward hack to issue a few YP client calls. When you have an uncommon setup, typically part of it will work and part of it won't. Count ypldap(8) as one particular example of an uncommon YP setup. # yptest [...] Test 4: yp_master yp_master: clnt_call: RPC: Can't decode result Here you see again that yp_master(3) doesn't appear to be supported by ypldap(8). Also wanted to mention that killing ypldap and ypbind and then restarting them manually also allows me to see the new user. Sure, restarting ypldap(8) will certainly reload the maps from LDAP, how else could the new daemon get at them? Restarting ypbind(8) almost certainly has nothing to do with it. According to the ypldap.conf(5) manual, you can specify in the configuration file how often ypldap(8) shall pull the directory from LDAP. The relevant function for pulling the maps appears to be client_configure() in /usr/src/usr.sbin/ypldap/ldapclient.c. My impression is that it is only called on startup and then periodically, and you can't trigger it manually. In /usr/src/usr.sbin/ypldap/ypldap.c, SIGHUP appears to be ignored, even though comments indicate there were plans to implement it. Thus, i guess your options are - wait for the next periodic update - or kill and restart ypldap(8) in case you are impatient Oh, and in case Pierre-Yves speaks up, listen to him, not to me. ;-) Yours, Ingo
e-shop.gr: Nova και Forthnet μαζί με 40e το μήνα και 70e δώρο!
Episjeuhe_te tgm die}humsg http://www.e-shop.gr/newsletter/mail-100423.html cia ma de_te tir pqosvoq]r lar TGKEVYMIJES PAQACCEKIES 9:00-20:00 STO 211 5000500 Oi til]r isw}oum ap| 24/04/10 l]wqi 10/05/10, ]yr enamtk^seyr tym apohel\tym jai l|mo cia ta l]kg tou e-shop.gr Am h]kete ma diacqave_te ap| tg k_sta emgl]qysgr tou e-shop.gr, paqajako}le apamt^ste sto paq|m le t_tko(subject) tou lgm}lat|r sar: DIACQAVG.
Re: OpenBSD as L2TP client
On 2010-04-25, Paolo Supino paolo.sup...@gmail.com wrote: Hi A client asked me to setup a low cost router to connect to the Internet. His current Internet connection requires his router to connect to the ISP using L2TP protocol. I've looked through the archives and ports tree for a similar posting, but found none... Is anyone using OpenBSD as an L2TP client to connect to the Inernet (or knows a solution)? I haven't tried this but the npppd daemon which is in CURRENT and will be in 4.7 supports L2TP. I don't know of another way to do L2TP op OpenBSD. Best regards, Jona -- Worse is better Richard P. Gabriel
Texas Tea (Testing)
This is a story about a man named Jeb, a poor mountaineer barely kept his family fed, and then one day when he was shootin' at some food, when up from the ground came a'bublin crude... Black Gold. Texas Tea. Actually, this is a story about what *should* happen when a developer asks you to redo something you've already done. Of course, the above quote is from the Beverly Hillbillies since making fun of Texans is one of the favorite pastimes of Californians. ;) I'm certainly not an expert when it comes to testing or debugging in a UNIX environment, but you don't have to be an expert to help. With all the recent posts about users looking for a place to start helping and learning, testing is a great place to get rolling. The following is a long read with complete (overly verbose) details, so fetch a fresh cup of coffee and get comfortable. It's may not be the right or best way to do things, but it's what I did. Though the snapshot info and steps used to set up the system were posted to the intel testing thread on tech@ or set to oga@ directly, marco@ asked me to make sure I got it right. Here's an excerpt of the of the exchange: marco jcr are you dead sure you got all the bits and pieces for that intel driver thing? jcr marco: After cvs update, I built the kernel, then built xenocara, and finally built the new driver. jcr If there were any missing bits after that, then I'm not even aware of them. marco well you kind of forgot to make build marco and more importantly make includes marco would you mind retrying? marco i'll give you the exact commands jcr sure marco first you go to /usr/obj marco rm -rf * marco cd ../xobj marco rm -rf * marco that gives you a clean slate marco update both /usr/src and /usr/xenocara to -current marco then cd /usr/src marco make -j4 obj make -j4 depend make -j4 includes make -j4 tags make -j4 build marco btw all this as root marco once that completes cd ../xenocara marco make bootstrap make -j8 obj make -j 4 build marco once that completes build a kernel with the GEM_INTELDRM thing enabled marco and make install that marco reboot and test marco this is more than one hour on my laptop that is fast marco easily 4 hours on something slow jcr will do. I'll start on it now. Though I had probably done things right the first time, eliminating the possibility that one unknowing got it wrong is sometimes required. I had installed the then recent April 15 snapshot, then followed oga@'s instructions, updated src and xenocara, built the kernel with GEM support, built xenocara, and then finally built the new intel driver. Of course, the changes on current.html had been followed to date. http://www.openbsd.org/faq/current.html As far as *I* knew, everything was perfect. Of course, what I supposedly know could always be wrong. It isn't that I lack the skill to do things correctly and thoroughly, instead it's just that mistakes happen to everyone. It's far better to spend the time to validate a bug by rebuilding the test setup than it is to have one of more developers wasting their time chasing shadows. I usually build without X running (less resources in use and less task switching). Since I've seen two unprovoked crashes with the new intel driver building from a normal terminal (without X) is how I'm doing all of the following. Ahhh the joys of a dedicated test/build box. Before starting on rebuilding everything to make sure it was done right, backup the existing files so I can recreate the error as it exists now. Though it was only the 24th when I started this redo, there have been plenty of commits since the April 15 snapshot and April 17th xenocra cvs update. If one of the changes fixed the issue, being able to recreate the issue might be the only way to figure out what change made the difference. The April 15th snap and GEN enabled kernel used are already saved, so I just need to keep a copy of the current /usr/X11R6 directory which includes the new intel driver I built. # cd /usr # mkdir X11R6-old # cp -R X11R6/* X11R5-old/. Show the relevant configuration: # cat /etc/mk.conf XENOCARA_RERUN_AUTOCONF=Yes SUDO=/usr/bin/sudo ACCEPT_JRL_LICENSE=Yes CHECK_LIB_DEPENDS=Yes # echo MALLOC_OPTIONS # ls /etc/malloc.conf ls: /etc/malloc.conf: No such file or directory # grep nosuidcoredump /etc/sysctl.conf kern.nosuidcoredump=2 # 2=Put suid coredumps in /var/crash # grep allowaperture /etc/sysctl.conf machdep.allowaperture=2 # see xf86(4) # alias mean alias mean='sudo nice -n -16' # Clean out object cruft: # rm -fr /usr/obj/* # rm -fr /usr/xobj/* Deleting the xenocara tree and restoring from an archive of a fresh update is the easiest way to avoid the dumbfuckery of gnu autotools. This is particularly true if you have XENOCARA_RERUN_AUTOCONF set in your /etc/mk.conf since it results in tons and tons of files being modified which results
Re: How to refresh a map when using ypldap?
Ingo Schwarze wrote: Hi Vijay, Vijay Sankar wrote on Sun, Apr 25, 2010 at 09:31:14AM -0500: When using ypldap, if I cd /var/yp make Executing Makefile.yp(8) will generate YP maps from static files. There is no way how that could fetch information from LDAP. So i do not think you want to update your maps in this way when using ypldap(8). I am not able to regenerate the YP maps and can't figure out what I am doing wrong. Here is what I get # cd /var/yp # make === foretell couldn't find /etc/ethers Again, here you see that your command is trying to build maps from files in /etc. Is that what you want? updated netid yp_master: clnt_call: RPC: Can't decode result Judging from /usr/src/usr.sbin/ypserv/ypinit/Makefile.yp, the command being executed here is probably /usr/sbin/yppush -d foretell netid.byname Judging from /usr/src/usr.sbin/ypserv/yppush/yppush.c, that program is trying to call yp_master(Domain, ypmap, master); In case of ypldap(8), the call yp_master(3) doesn't appear to make much sense. After all, logically, there is no YP master server, instead, the LDAP server is kind of a master. So i guess Pierre-Yves did not implement support for that call in ypldap(8) - though i did not explicitely check the source. Besides, yppush(8) does not make much sense in the ypldap(8) context. You want to pull from LDAP, not manually push some map onto the server. Rebooting seems to regenerate the maps. Of course, because the ypldap(8) server restarts, so it can't help loading new maps from LDAP. I tried yppoll as follows: # yppoll -d foretell -h 127.0.0.1 passwd yp_order: clnt_call: RPC: Procedure unavailable Looks like ypldap(8) does not implement yp_order(3) - again, i did not check the source. Perhaps it doesn't make much sense. Are you sure LDAP has a concept of YP version numbers in the first place? Otherwise, it can't tell you... No such map passwd. Reason: Can't communicate with ypbind But ypbind is running and pf is off. Oh well, don't get me started on RPC and YP error messages. Frankly, that's not the best part of error messages in OpenBSD. Last year, i did tiny bits of cleanup near the edges of that heap of *, but unfortunately, it is a large heap and probably won't be cleaned up fully this decade. The problem is that the the very design of SUN RPC error messages is questionable at best, but changing it today is not easy. You don't want to break interfaces without a good reason. Basically, YPERR_YPBIND (see /usr/src/lib/libc/yp/yperr_string.c) can happen when... something went wrong. So the second message you are seeing is less important than the first one. Are commands like yptest usable when ypldap is used instead of ypserv? Oh, unlike ypldap(8), yptest(8) is not rocket science. It is just a straightforward hack to issue a few YP client calls. When you have an uncommon setup, typically part of it will work and part of it won't. Count ypldap(8) as one particular example of an uncommon YP setup. # yptest [...] Test 4: yp_master yp_master: clnt_call: RPC: Can't decode result Here you see again that yp_master(3) doesn't appear to be supported by ypldap(8). Also wanted to mention that killing ypldap and ypbind and then restarting them manually also allows me to see the new user. Sure, restarting ypldap(8) will certainly reload the maps from LDAP, how else could the new daemon get at them? Restarting ypbind(8) almost certainly has nothing to do with it. According to the ypldap.conf(5) manual, you can specify in the configuration file how often ypldap(8) shall pull the directory from LDAP. The relevant function for pulling the maps appears to be client_configure() in /usr/src/usr.sbin/ypldap/ldapclient.c. My impression is that it is only called on startup and then periodically, and you can't trigger it manually. In /usr/src/usr.sbin/ypldap/ypldap.c, SIGHUP appears to be ignored, even though comments indicate there were plans to implement it. Thus, i guess your options are - wait for the next periodic update - or kill and restart ypldap(8) in case you are impatient Oh, and in case Pierre-Yves speaks up, listen to him, not to me. ;-) Yours, Ingo Thank you very much for the detailed reply and your thoughts on this as well as for pointing out the ypldap.conf settings for interval. Setting the interval to 30 instead of the 3600 I had in ypldap.conf makes this very usable. Can't believe what a great idea this is! Thank you aschrijver@ and p...@. Thanks again Ingo, Vijay -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: (204) 885-9535, E-Mail: vsan...@foretell.ca
Hold for now, Re: asking for donation: laptop mostly out of commission
I think we probably have enough money. I'll check things tomorrow (it's nearly zzz time) and tell you how things go. A big collective THANK YOU to everyone so far. I'll be sure to send personal notes (in private of course) once I've cross-checked everything.
Re: Source Overview
On 4/21/10 8:47 PM, Adam M. Dutko wrote: You are not the only one with limited time. Sorry for the late reply, but also I wanted to provide details as to why. I realize. Hi Adam, Sorry for the delay here. Just very limited time on my side. Anyway, here is the credential to access the todo page on the site if you still want to do it. I can put an ssh key if you like and that would be faster and easier for you. Anyway have fun: user: amdutko password: Q2n9lPK Then when you login, in your home directory, you will see a softlink that bring up directly into the todo directory of the openbsdsupport.org site. For now, you can only change things in that directory only, but you can add, etc in there. Thanks for your help on this. Best, Daniel
Re: Texas Tea (Testing)
On Sun, Apr 25, 2010 at 2:49 PM, J.C. Roberts list-...@designtools.org wrote: ... # cat /usr/src/sys/arch/i386/conf/GENERIC_GEM # GENERIC with INTELDRM_GEM include arch/i386/conf/GENERIC option INDELDRM_GEM option DRMDEBUG Please tell us the actual file doesn't misspell INTELDRM_GEM... Philip Guenther
Re: Source Overview
Sorry for the delay here. Just very limited time on my side. Obviously this was a mistake on my part and shoud;n't have been sent to misc@ The account is deleted now. Don't even try. Lack of sleep does crazy thing at time! (; No need to say how stupid that was of me!
Re: Texas Tea (Testing)
I am glad to see someone else agreeing that rm-ing xenocara and getting it again is a good choice. I had to build a few debugging versions and I found the instructions for getting it clean to use again extremely confusing. I was concerned I would get it wrong and mess everything new up. Testing is a chore. But it is educational and helpful. Better than working your butt off to accomplish something pointless! (Which is why I opened my own business, I hate to do pointless tasks unless I choose to. :)
Re: Texas Tea (Testing)
On Sun, 25 Apr 2010 15:22:31 -0700 Philip Guenther guent...@gmail.com wrote: On Sun, Apr 25, 2010 at 2:49 PM, J.C. Roberts list-...@designtools.org wrote: ... # cat /usr/src/sys/arch/i386/conf/GENERIC_GEM # GENERIC with INTELDRM_GEM include arch/i386/conf/GENERIC option INDELDRM_GEM option DRMDEBUG Please tell us the actual file doesn't misspell INTELDRM_GEM... Sorry about that typo. That's just a typo in my notes which were written out on a separate system. The test system has it right. Also, the gem enabled driver won't work with an non-gem kernel. -- The OpenBSD Journal - http://www.undeadly.org
Re: Texas Tea (Testing)
On Sun, Apr 25, 2010 at 05:27:26PM -0500, Chris Bennett wrote: I am glad to see someone else agreeing that rm-ing xenocara and getting it again is a good choice. I had to build a few debugging versions and I found the instructions for getting it clean to use again extremely confusing. I was concerned I would get it wrong and mess everything new up. To get a completely clean tree with nothing unrecognised by cvs, assuming that no files known by cvs are corrupted (do not do this if you have testing drivers in the tree that are not related to cvs). If it breaks, you keep the pieces. $ cvs up | grep ^\? | tr -d '\?' | xargs rm -rf $ cvs up # just in case Those who are better at awk than I could come up with something shorter, I bet. -0- -- Show respect for age. Drink good Scotch for a change.
Re: Texas Tea (Testing)
On Sun, Apr 25, 2010 at 02:49:21PM -0700, J.C. Roberts wrote: This is a story about a man named Jeb, a poor mountaineer barely kept his family fed, and then one day when he was shootin' at some food, when up from the ground came a'bublin crude... Black Gold. Texas Tea. Actually, this is a story about what *should* happen when a developer asks you to redo something you've already done. Of course, the above quote is from the Beverly Hillbillies since making fun of Texans is one of the favorite pastimes of Californians. ;) Y'all are a bunch of rope smoking hippies. Get yourself a nice mug: http://www.cafepress.com/+i_am_from_texas_what_country_are_you_from_mug,411581556
Re: Source Overview
On 4/25/10 6:24 PM, Daniel Ouellet wrote: Sorry for the delay here. Just very limited time on my side. Obviously this was a mistake on my part and shoud;n't have been sent to misc@ The account is deleted now. Don't even try. Really, no point in trying to access it. User near Stuttgart, Baden-W|rttemberg located in Germany are pretty quick here I must say. It was a stupid mistake on my part corrected right away before the follow up and I was just to quick on the reply list button oppose to reply button. I saw it as I sent it, but couldn't stop it then. I deleted the account right away and it's gone. Really no need to even try, or you will just block yourself. Just wonder what you wanted to do? No really, no need to answer that really! Apr 25 18:35:42 www1 sshd[30701]: Invalid user amdutko from xx.xxx.81.65 Apr 25 18:35:42 www1 sshd[16332]: input_userauth_request: invalid user amdutko Apr 25 18:35:42 www1 sshd[30701]: Failed none for invalid user amdutko from xx.xxx.81.65 port 26380 ssh2 Apr 25 18:35:48 www1 sshd[30701]: Failed password for invalid user amdutko from xx.xxx.81.65 port 26380 ssh2 Apr 25 18:35:56 www1 sshd[16332]: Connection closed by xx.xxx.81.65
Re: Texas Tea (Testing)
2010/4/26 Marco Peereboom sl...@peereboom.us: Get yourself a nice mug: http://www.cafepress.com/+i_am_from_texas_what_country_are_you_from_mug,411581556 https://secure.wikimedia.org/wikipedia/en/wiki/Texas_Secession_Debate Best Martin
Re: Texas Tea (Testing)
On Sun, 25 Apr 2010 23:55:35 +0100 Owain Ainsworth zer...@googlemail.com wrote: On Sun, Apr 25, 2010 at 05:27:26PM -0500, Chris Bennett wrote: I am glad to see someone else agreeing that rm-ing xenocara and getting it again is a good choice. I had to build a few debugging versions and I found the instructions for getting it clean to use again extremely confusing. I was concerned I would get it wrong and mess everything new up. To get a completely clean tree with nothing unrecognised by cvs, assuming that no files known by cvs are corrupted (do not do this if you have testing drivers in the tree that are not related to cvs). If it breaks, you keep the pieces. $ cvs up | grep ^\? | tr -d '\?' | xargs rm -rf $ cvs up # just in case Those who are better at awk than I could come up with something shorter, I bet. For me at least, the problem is not 'unrecognized' files, instead it is *modified* files. With XENOCARA_RERUN_AUTOCONF=Yes set in mk.conf, half the damn tree is molested by gnu autoshit resulting supposedly modofied files. Since the `cvs up -C` flag is currently broken in both gnu cvs and opencvs (BUG: user/6363 -- copies modified files rather than moving them out of the way and fetching a fresh copy from cvs, resulting in a merge M rather than U update/fetch of the now missing file), there is no way to simply overwrite the modified files. Anyhow, whether or not '-C' works, you'd still be refetching half (or more) of the xenocara tree since a vast portion of it is gnu autoshit files which have been modified. As for building a lot quicker by not setting XENOCARA_RERUN_AUTOCONF, well, then you would not be testing to make sure gnu autoshit is still working properly. In short, it's a no-win situation. -- The OpenBSD Journal - http://www.undeadly.org
Re: Texas Tea (Testing)
On Sun, Apr 25, 2010 at 06:37:42PM -0700, J.C. Roberts wrote: On Sun, 25 Apr 2010 23:55:35 +0100 Owain Ainsworth zer...@googlemail.com wrote: On Sun, Apr 25, 2010 at 05:27:26PM -0500, Chris Bennett wrote: I am glad to see someone else agreeing that rm-ing xenocara and getting it again is a good choice. I had to build a few debugging versions and I found the instructions for getting it clean to use again extremely confusing. I was concerned I would get it wrong and mess everything new up. To get a completely clean tree with nothing unrecognised by cvs, assuming that no files known by cvs are corrupted (do not do this if you have testing drivers in the tree that are not related to cvs). If it breaks, you keep the pieces. $ cvs up | grep ^\? | tr -d '\?' | xargs rm -rf $ cvs up # just in case Those who are better at awk than I could come up with something shorter, I bet. For me at least, the problem is not 'unrecognized' files, instead it is *modified* files. With XENOCARA_RERUN_AUTOCONF=Yes set in mk.conf, half the damn tree is molested by gnu autoshit resulting supposedly modofied files. Since the `cvs up -C` flag is currently broken in both gnu cvs and opencvs (BUG: user/6363 -- copies modified files rather than moving them out of the way and fetching a fresh copy from cvs, resulting in a merge M rather than U update/fetch of the now missing file), there is no way to simply overwrite the modified files. Anyhow, whether or not '-C' works, you'd still be refetching half (or more) of the xenocara tree since a vast portion of it is gnu autoshit files which have been modified. As for building a lot quicker by not setting XENOCARA_RERUN_AUTOCONF, well, then you would not be testing to make sure gnu autoshit is still working properly. In short, it's a no-win situation. I leave it turned off unless there's a new driver I am playing with. Then I turn it on for that driver build and that one only. Regenning configure really buys you nothing. -0- -- A lack of leadership is no substitute for inaction.
Re: Source Overview
I've started the list at http://openbsdsupport.org/todo and have taken what was posted during our conversation(s) on that list. I will look for others and will be happy to post links given to me for others. Thank you for the account Daniel.
Regular OpenBSD users group meeting location anyone?
Hi, This is the only mailing I will do on this subject, but if you do have a OpenBSD specific users group meeting anywhere in the world, could/would you send me a very quick short details about it? Nothing more then city state or province country usual meeting date URL if any and if not, fell free to send a short blurb about it's locations and all so that users many find it. Or even just the URL of a site for it is fine. Send it off list to me if preferable as to not pollute this list here, or to the list if that's any good. Use your best judgment on this. May be nice to collect this information and make it available so that users may find locations where they might go to share knowedge and interests on their favorite OS. Sorry, I am not interested in Linux and the like. No offense intended. OpenBSD only please. It will be here: http://openbsdsupport.org/ugs/ Adam Dutko offer to help me collect the details and hopefully make something good out of it. If not, then sorry for the noise and just ignore me. Thanks Daniel
Re: Regular OpenBSD users group meeting location anyone?
Actually there is a very good list here: http://www.openbsd.org/groups.html Sorry for the noise!
Re: Regular OpenBSD users group meeting location anyone?
On Mon, Apr 26, 2010 at 12:53:45AM -0400, Daniel Ouellet wrote: Hi, This is the only mailing I will do on this subject, but if you do have a OpenBSD specific users group meeting anywhere in the world, could/would you send me a very quick short details about it? Why duplicate the effort? Please just link to http://www.openbsd.org/groups.html and ask people to send updates to us. -Otto Nothing more then city state or province country usual meeting date URL if any and if not, fell free to send a short blurb about it's locations and all so that users many find it. Or even just the URL of a site for it is fine. Send it off list to me if preferable as to not pollute this list here, or to the list if that's any good. Use your best judgment on this. May be nice to collect this information and make it available so that users may find locations where they might go to share knowedge and interests on their favorite OS. Sorry, I am not interested in Linux and the like. No offense intended. OpenBSD only please. It will be here: http://openbsdsupport.org/ugs/ Adam Dutko offer to help me collect the details and hopefully make something good out of it. If not, then sorry for the noise and just ignore me. Thanks Daniel
Re: Regular OpenBSD users group meeting location anyone?
There is already a page with that information at the OpenBSD website. http://www.openbsd.org/groups.html Date: Mon, 26 Apr 2010 00:53:45 -0400 From: dan...@presscom.net To: misc@openbsd.org Subject: Regular OpenBSD users group meeting location anyone? Hi, This is the only mailing I will do on this subject, but if you do have a OpenBSD specific users group meeting anywhere in the world, could/would you send me a very quick short details about it? Nothing more then city state or province country usual meeting date URL if any and if not, fell free to send a short blurb about it's locations and all so that users many find it. Or even just the URL of a site for it is fine. Send it off list to me if preferable as to not pollute this list here, or to the list if that's any good. Use your best judgment on this. May be nice to collect this information and make it available so that users may find locations where they might go to share knowedge and interests on their favorite OS. Sorry, I am not interested in Linux and the like. No offense intended. OpenBSD only please. It will be here: http://openbsdsupport.org/ugs/ Adam Dutko offer to help me collect the details and hopefully make something good out of it. If not, then sorry for the noise and just ignore me. Thanks Daniel _ Hotmail: Trusted email with Microsofts powerful SPAM protection. https://signup.live.com/signup.aspx?id=60969
Re: Regular OpenBSD users group meeting location anyone?
Why duplicate the effort? Please just link to http://www.openbsd.org/groups.html and ask people to send updates to us. -Otto You are 100% right. It's just not my day today! I was looking for it and find it a but later then sending my email. Might be a good idea to add the link to it from the front page may be. Just an idea, but fell free to ignore me. I need to go get some sleep and stop making a foll of myself... Daniel