Re: Large (3TB) HDD support
2012/6/1 Tyler Morgan tyl...@tradetech.net: http://www.openbsd.org/faq/faq14.html#LargeDrive That doesn't mention GPT, which is the problem with drives 2TB. https://en.wikipedia.org/wiki/GUID_Partition_Table Can OpenBSD already boot from a 4TB drive on an UEFI system? Try to buy systems that don't rely on UEFI. In the next few years, prepare to buy systems and find out they require UEFI, and then demand a refund. Prepare for it to get even worse than that. There are already a number of BIOSes out there capable of nasty (or really cool) stuff pre-OS boot. The BIOS setup page may look like a DOS relic but it doesn't mean it actually is. F.ex. prior to Vista's launch, MS demoed a fullscreen video before any boot code was actually run. UEFI has gotten more press, and given RH an opportunity to present itself as defender of freedom, but it's really an evolution of PCs running black-box code when and where it can do most harm. -- p
Re: llround(), round() broken?
On 4 June 2012 05:55, Alan Corey alan01...@gmail.com wrote: They probably aren't broken, looks like I need to link in some library. B I get undefined reference to when I try to compile/link. B Shouldn't this be mentioned in the man page? B Alan /* B test of llround() round(), fails under 4.7 and 5.0 */ #include stdio.h #include math.h #include stdlib.h #include sys/types.h int main(void) { B int64_t big; B int anint; B big = llround(3/2); B anint = round(3/2); B return 0; } Compile with -lm. Cheers, Ville
help
help topics
Re: ospf broken on trunk interfaces?
On Sun, Jun 03, 2012 at 03:02:36PM -0700, Paul B. Henson wrote: On Sun, Jun 03, 2012 at 05:12:19PM +0200, Claudio Jeker wrote: Is this after a reload of the config or does this also happen when you restart ospfd? It was after a config reload, after following Stuart's suggestion to restart ospfd everything's working great :). Maybe it would be worth a note in the ospfctl man page that sometimes a reload isn't sufficient, and ospfd might need to be completely restarted for an interface that's created after it's already running? I put it on my list of things to look at. Maybe there is an important route message missing to tell ospfd that the trunk(4) is now UP and running. -- :wq Claudio
Re: llround(), round() broken?
Alan Corey writes: They probably aren't broken, looks like I need to link in some library. I get undefined reference to when I try to compile/link. Shouldn't this be mentioned in the man page? FreeBSD has a Library section in its man page: LIBRARY Math Library (libm, -lm) I recall reading on the mandoc mailing lists that OpenBSD man pages do not contain this section, but I don't know why that is. -- Anthony J. Bentley
Re: apmd closes/crashes on lid close
Sometimes apmd crashes from a system suspend, and sometimes it does not. Sometimes xidle runs xlock, and sometimes it does not. Sometimes xlock asks for a password, and sometimes it does not. Can anyone tell me whether they have all of these working consistently and reliably? They were not working for me yesterday. This morning it all worked perfectly. Hours later, none of it worked.
Re: Large (3TB) HDD support
Of course, it isn't /quite/ that simple. GPT is still fairly new, and whilst it's not too difficult to get a number of operating systems to boot from GPT, sharing a disk has a number of gotchas. Exposing dormant OpenBSD partitions to an untrusted OS is stupid unless you have no other choice like on a single-HDD laptop -- but it's unlikely to be a 3TB HDD. I think docs should actively discourage multibooting and present it as a potential risk rather than a feature so people stop bragging how many OSes they crammed on a single disk. Most live-CD firmware updates should also be done with the OpenBSD HDD unplugged. -- p
Re: apmd closes/crashes on lid close
xset dpms 5 10 15 isn't doing anything either, nor xset s 4. On Sun, Jun 3, 2012 at 11:40 PM, Robert Connolly robertconnolly1...@gmail.com wrote: Sometimes apmd crashes from a system suspend, and sometimes it does not. Sometimes xidle runs xlock, and sometimes it does not. Sometimes xlock asks for a password, and sometimes it does not. Can anyone tell me whether they have all of these working consistently and reliably? They were not working for me yesterday. This morning it all worked perfectly. Hours later, none of it worked.
Re: apmd closes/crashes on lid close
dump xset -q and wsconsctl -a, compare working/non-working states, check for possible race condition? -- p xset dpms 5 10 15 isn't doing anything either, nor xset s 4. On Sun, Jun 3, 2012 at 11:40 PM, Robert Connolly robertconnolly1...@gmail.com wrote: Sometimes apmd crashes from a system suspend, and sometimes it does not. Sometimes xidle runs xlock, and sometimes it does not. Sometimes xlock asks for a password, and sometimes it does not. Can anyone tell me whether they have all of these working consistently and reliably? They were not working for me yesterday. This morning it all worked perfectly. Hours later, none of it worked.
Business Leadership Project
Hi there, I wanted to follow up with you about an email I sent a couple weeks ago regarding a resource I had written primarily aimed at business professionals and those with an interest in the business world. The research project provides a comprehensive overview of various business sectors, issues, and educational avenues. It also takes a critical look at how online education platforms are educating future business leaders. I had contacted you initially because I thought this article could be of interest to you and others who frequently visit your site. Please let me know if you would like to take a look at it and I can send it over to you for your perusal. I look forward to hearing from you! Best, Bethenny Time is the scarcest resource and unless it is managed nothing else can be managed. Peter Drucker
Re: basic smtpd question
On Sun, Jun 03, 2012 at 03:02:46PM +0200, Christopher Zimmermann wrote: [...] Relay how? Using smarthost? Possibly password protected? Then you need something like this: map secrets { source db /etc/mail/secrets.db } accept from ... for all relay via smarthost tls auth secrets You should drop the '{' as they will be gone in the future, I made them optional so that it doesn't break setups but it should read: map secrets source db /etc/mail/secrets.db Gilles -- Gilles Chehade https://www.poolp.org | http://pool.ps @poolpOrg
Re: spamd-setup fails from cron
Ok; After running that a few days, it works fine, but... the interval between updates is all over the place. I rewrote it, to only change the sleep value under 2 circumstances: First time run, or after a failure. Now it's updating hourly again. I will not make the same mistake of posting it to the list, because archiving a possibly buggy script that someone may copy someday is not a great idea. However I think the methodology is now sound, so write your own or mail me directly if you want a copy of it to adopt. On Fri, Jun 01, 2012 at 04:45:24PM +1000, David Diggles wrote: #!/bin/sh remaining=$1;shift cmd=$@ lock=/var/run/$(basename $1).lock [ -f $lock ] || { touch $lock while [ $remaining -gt 0 ]; do seconds=$(($RANDOM % $remaining)) echo $(date) $seconds $lock sleep $seconds $cmd return || remaining=$(($remaining - $seconds)) done rm $lock } *groan*.. another mistake.. I'm such an idiot sometimes ;-) I don't recommend running this without checking it first. #!/bin/sh remaining=$1;shift cmd=$@ lock=/var/run/$(basename $1).lock [ -f $lock ] || { touch $lock while [ $remaining -gt 0 ]; do seconds=$(($RANDOM % $remaining)) echo $(date) $seconds $lock sleep $seconds $cmd break || remaining=$(($remaining - $seconds)) done rm $lock }
spamd(8) more persistent blacklisting
Hello folks, Here's a suggested improvement to spamd(8) that keeps blacklisted entries tarpitted while they keep trying. Rationale: often blacklists like uatraps will remove hosts because they have stopped trying there, but will continue elsewhere. If your host is 'elsewhere', and a blacklisted spammer has tried to deliver mail to you, then you will want to keep this spammer trapped for a while even though it has vanished from the blacklist. With this diff, a tarpitted host is inserted or updated as a TRAPPED entry in /var/db/spamd on every incoming tarpit connection. A downside is that the jailed process is no longer chrooted. If that is unacceptable, it could perhaps chroot to dirname(PATH_SPAMD_DB) instead. --- /usr/src/libexec/spamd/spamd.c Sat Feb 20 18:59:32 2010 +++ /usr/src/libexec/spamd/spamd.c Mon Jun 4 10:01:10 2012 @@ -45,6 +45,7 @@ extern int server_lookup(struct sockaddr *, struct sockaddr *, struct sockaddr *); +extern int trapupdate(char *, char *); struct con { int fd; @@ -660,6 +661,7 @@ if (greylist blackcount maxblack) cp-stutter = 0; cp-lists = strdup(loglists(cp)); + trapupdate(PATH_SPAMD_DB, cp-addr); } else cp-lists = NULL; @@ -1306,11 +1308,6 @@ } jail: - if (chroot(/var/empty) == -1 || chdir(/) == -1) { - syslog(LOG_ERR, cannot chdir to /var/empty.); - exit(1); - } - if (pw) if (setgroups(1, pw-pw_gid) || setresgid(pw-pw_gid, pw-pw_gid, pw-pw_gid) || --- /dev/null Mon Jun 4 09:52:51 2012 +++ /usr/src/libexec/spamd/trapupdate.c Wed Mar 7 09:54:38 2012 @@ -0,0 +1,89 @@ +/* update trapped entries. */ + +#include sys/types.h /* inet_pton, dbopen */ +#include sys/socket.h /* inet_pton */ + +#include netinet/in.h /* inet_pton */ +#include arpa/inet.h /* inet_pton */ + +#include db.h /* dbopen */ +#include errno.h /* errno */ +#include fcntl.h /* dbopen */ +#include syslog.h /* syslog_r */ +#include string.h /* memset, strerror */ + +#include grey.h +#include sync.h + +extern int debug; +extern struct syslog_data sdata; +extern int syncsend; +extern time_t trapexp; + +int +trapupdate(char *dbname, char *ip) +{ + HASHINFOhashinfo; + DBT dbk, dbd; + DB *db; + struct gdatagd; + time_t now; + int r; + + now = time(NULL); + memset(hashinfo, 0, sizeof(hashinfo)); + db = dbopen(dbname, O_EXLOCK|O_RDWR, 0600, DB_HASH, hashinfo); + if (db == NULL) { + syslog_r(LOG_ERR, sdata, Can not open db %s: %s, dbname, + strerror(errno)); + return -1; + } + memset(dbk, 0, sizeof(dbk)); + dbk.size = strlen(ip); + dbk.data = ip; + memset(dbd, 0, sizeof(dbd)); + + /* add or update trapped entry */ + r = db-get(db, dbk, dbd, 0); + if (r == -1) { + syslog_r(LOG_NOTICE, sdata, db-get failed (%m)); + goto bad; + } + + if (r) { + /* new entry */ + memset(gd, 0, sizeof(gd)); + gd.first = now; + gd.pass = now; + gd.bcount = 1; + } else { + if (dbd.size != sizeof(gd)) { + /* whatever this is, it doesn't belong */ + db-del(db, dbk, 0); + goto bad; + } + memcpy(gd, dbd.data, sizeof(gd)); + gd.bcount++; + } + gd.pcount = -1; + gd.expire = now + trapexp; + memset(dbk, 0, sizeof(dbk)); + dbk.size = strlen(ip); + dbk.data = ip; + memset(dbd, 0, sizeof(dbd)); + dbd.size = sizeof(gd); + dbd.data = gd; + r = db-put(db, dbk, dbd, 0); + db-close(db); + if (r) { + syslog_r(LOG_NOTICE, sdata, db-put failed (%m)); + return -1; + } + if (syncsend) + sync_trapped(now, now + trapexp, ip); + return 0; +bad: + db-close(db); + return -1; +} + -- Gemaakt met Opera's revolutionaire e-mailprogramma: http://www.opera.com/mail/ (Remove the obvious prefix to reply privately.)
Re: Large (3TB) HDD support
On Mon Jun 4 2012 08:16, Peter Laufenberg wrote: UEFI has gotten more press, and given RH an opportunity to present itself as defender of freedom, but it's really an evolution of PCs running black-box code when and where it can do most harm. In fact, RH betrayed the OSS community by not trying to exert at least some pressure on the big players in the mainboard industry, willing to implement UEFI with Secure Boot adhering to MS's constraints. RH was probably the only big OSS vendor with powers to fight against that pervert situation in that every boot code out there needs to be signed by MS. They probably say, it's only 99 dollars, so what? It's isn't worth the hassle, let's take the most convenient option, which works for us. We don't care for you, outlandish operating system (OSS) vendors ... very sad. Norman.
Re: Large (3TB) HDD support
On Mon, Jun 04, 2012 at 12:16:26AM +0200, frantisek holop wrote: hmm, on Sun, Jun 03, 2012 at 01:39:18PM +0200, Tobias Ulmer said that these must be some really nice disks :] for example only a 200G slice (also 64k/8k) of music/film/picture collection (not even full yet) on a notebook disk (5400 RPM) takes ages: Filesystem SizeUsed Avail Capacity iused ifree %iused Mounted on /dev/sd0d 217G153G 63.5G71% 44815 7197423 1% /data $ time sudo fsck -f /dev/sd0d ** /dev/rsd0d ** File system is already clean ** Last Mounted on /data ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts ** Phase 5 - Check Cyl groups 44815 files, 20076091 used, 8329340 free (13748 frags, 1039449 blocks, 0.0% fragmentation) 4m58.26s real 0m22.50s user 0m7.28s system at 71% disk usage having 1% inode usage, would it be a logical idea to radically slash the number of inodes, perhaps by 50%, even more? if i had 50% of the current total inodes, would the fsck time be halved? for some reason it seemed logical that checking free inodes will be much faster then used ones... This comes down to the FFS1 vs FFS2 difference. Newfs will select FFS2 for bigger filesystems, reducing fsck times significantly at the expense of more efficient disk space allocation in FFS1. by efficient disk space allocation you mean fragmentation? are there any numbers comparing FFS1 to FFS2 in this regard? would there be a perceptible (negative) effect of using FFS2 on slices smaller than 1TB? -f -- experience is nothing but a lot of mistakes. There are two major differences between ffs1 en ffs2 1. ffs2 inodes are twice as big, since the block number sizes have doubled. This has the consequence that the meta data of a ffs2 filesystem take more space. 2. ffs2 initializes inode blocks on a 'as needed' approach. So on a typical filesystem, you have far less inode active blocks compared to the ffs1 situation. (that also explains the much quicker newfs on a ffs2 filesystem). Empty inodes do need to be check to see if they are really empty (do not refer blocks allocated elsewhere), while nonexistent inodes you do not have to/cannot check. That largely explains the speed difference. For smaller file systems, using ffs2 can speed fsck up, but you'll waste some more space on meta data. Note that inode blocks in the ffs2 case always are reserved, the unused inode blocks still take up space. -Otto
Re: Large (3TB) HDD support
On Mon Jun 4 2012 08:16, Peter Laufenberg wrote: UEFI has gotten more press, and given RH an opportunity to present itself as defender of freedom I meant that sarcastically -- p
SMTP server pools at odds with the RFC?
I was just thinking surely resending from a different IP breaks the RFC for SMTP? Then I did some googling, and found this. http://bsdly.blogspot.com.au/2008/10/ietf-failed-to-account-for-greylisting.html Thanks, Peter. So now it is 4 years later, has anything happened?
Re: Large (3TB) HDD support
On Mon Jun 4 2012 11:46, Peter Laufenberg wrote: On Mon Jun 4 2012 08:16, Peter Laufenberg wrote: UEFI has gotten more press, and given RH an opportunity to present itself as defender of freedom I meant that sarcastically Sure you did. I just wanted to highlight this point even more.
Re: Large (3TB) HDD support
On Mon Jun 4 2012 08:16, Peter Laufenberg wrote: UEFI has gotten more press, and given RH an opportunity to present itself as defender of freedom, but it's really an evolution of PCs running black-box code when and where it can do most harm. In fact, RH betrayed the OSS community It's not exactly their 1st offence :) They probably say, it's only 99 dollars, so what? $99 is too little, hopefully they'll charge a lot more so they'll break economies of scale while users scramble to avoid Win8 and possibly we'll see mobos without a mind-boggling array of environmental sensors every web browser already wired to javascript. -- p
metamail broken, lynx ignores mailcap
Are these problems known? Lynx ignores mailcap even after uncommenting PERSONAL_MAILCAP:.mailcap metamail makes Segmentation fault (core dumped). Do someone know an alternative to metamail? Rod.
Re: apmd closes/crashes on lid close
On 2012-06-04, Robert Connolly robertconnolly1...@gmail.com wrote: Sometimes apmd crashes from a system suspend, and sometimes it does not. Sometimes xidle runs xlock, and sometimes it does not. Sometimes xlock asks for a password, and sometimes it does not. Can anyone tell me whether they have all of these working consistently and reliably? They were not working for me yesterday. This morning it all worked perfectly. Hours later, none of it worked. I have these working consistently, but I don't call apm at suspend time as you were doing with your xlock command line. (note that xidle does not lock the screen if the screensaver is disabled, some video players etc do this, however it is consistent).
Re: SMTP server pools at odds with the RFC?
On 2012-06-04, David Diggles da...@elven.com.au wrote: I was just thinking surely resending from a different IP breaks the RFC for SMTP? Then I did some googling, and found this. http://bsdly.blogspot.com.au/2008/10/ietf-failed-to-account-for-greylisting.html Thanks, Peter. So now it is 4 years later, has anything happened? No. It is perfectly valid, and even somewhat normal, to resend from different addresses. Whether this is by pools of senders with shared queues, or whether it's by pools of internal MXes behind NAT boxes, it definitely happens. The majority of such senders try and keep within the same /24. The greylisting.org/puremagic.com whitelist was specifically only for senders which did not follow this (they refused to add sender pools to the list if they stuck within /24). Though that's largely irrelevant as their list hasn't been updated in 6 years..
Re: ddb prompt on formerly stable system (4.9)
On 2012-06-04, ted@comcast.net ted@comcast.net wrote: This morning (before I came to work), I noticed the system wasn't responding.B I went to the basement, got out my really old laptop as a serial console, and noticed the system was giving a ddb prompt. Just for kicks, I reboo ted, and at some point after the networking comes up, the system paniced and gave the ddb prompt again (i can't recall the error - still at work).B I have been doing some googling in my free time, but could not find anything to help me with the question below. Anyway, my stupid question:B This is almost certainly a hardware problem, right?B A dying disk, or something like that? Could be various reasons, hardware or software. Ideally leave the serial console connected so you capture any output before the system enters ddb (if this is not possible then at least do show panic). Also get ps, trace, and show registers might be useful. I am just wondering before I invest a lot of time/effort in trying to fix the system. It is probably worth updating to 5.1 before spending time on it, in case it's a kernel bug which has since been fixed.
Re: SMTP server pools at odds with the RFC?
On Mon, Jun 04, 2012 at 12:34:04PM +, Stuart Henderson wrote: On 2012-06-04, David Diggles da...@elven.com.au wrote: I was just thinking surely resending from a different IP breaks the RFC for SMTP? Then I did some googling, and found this. http://bsdly.blogspot.com.au/2008/10/ietf-failed-to-account-for-greylisting.html Thanks, Peter. So now it is 4 years later, has anything happened? No. It is perfectly valid, and even somewhat normal, to resend from different addresses. Whether this is by pools of senders with shared queues, or whether it's by pools of internal MXes behind NAT boxes, it definitely happens. The majority of such senders try and keep within the same /24. The greylisting.org/puremagic.com whitelist was specifically only for senders which did not follow this (they refused to add sender pools to the list if they stuck within /24). Though that's largely irrelevant as their list hasn't been updated in 6 years.. So I guess this Wikipedia entry is incorrect, Re: breaks SMTP protocol rules? http://en.wikipedia.org/wiki/Greylisting Greylisting will cause longer delivery delays if the sender has a large infrastructure and is sending from a different IP when it retries. However this technically breaks SMTP protocol rules, since delivery is the responsibility of the sending server and its associated IP address, and tossing it back into a pool for retry by a different server in the group breaks this continuity, and will quite correctly and legitimately restart the greylisting process over again, since delivery is being retried from a different server. A past battle lost by greylisters, and the world has since moved on, or something?
Re: SMTP server pools at odds with the RFC?
On Mon, 4 Jun 2012 22:53:54 +1000 David Diggles wrote: Greylisting will cause longer delivery delays if the sender has a large infrastructure and is sending from a different IP when it retries. Most pooling Services like Yahoo and Google seem to get through eventually these days without whitelisting. I haven't found the time and analysed why (retry from same IP after three attempts or something? etc..)
Re: Large (3TB) HDD support
Peter Kay syllops...@syllopsium.co.uk wrote: GPT is a foregone conclusion unless you are blind to the future. The only alternative is OS specific disk hackery, and that does no-one any favours. Well, OpenBSD/i386 (and now /amd64) has used such hackery since the very beginning and doesn't fare too badly with it. Back in the day, I used to run FreeBSD with dangerously dedicated disks that didn't have MBR partitioning at all, just a pure BSD disklabel. (FreeBSD eventually discouraged/abolished this due to some BIOSes refusing to boot disks without an MBR partition table.) GPT's main selling point is that it is superior to MBR if you use either as your native partitioning scheme. That doesn't apply to OpenBSD. GPT is also useful if you want different operating systems to coexist on the same disk. For OpenBSD, that's more of a grudgingly tolerated configuration and not recommended. -- Christian naddy Weisgerber na...@mips.inka.de
Re: llround(), round() broken?
On Mon, Jun 04, 2012 at 12:37:07AM -0600, Anthony J. Bentley wrote: Alan Corey writes: They probably aren't broken, looks like I need to link in some library. I get undefined reference to when I try to compile/link. Shouldn't this be mentioned in the man page? FreeBSD has a Library section in its man page: LIBRARY Math Library (libm, -lm) I recall reading on the mandoc mailing lists that OpenBSD man pages do not contain this section, but I don't know why that is. really because not enough (any) developers have wanted it, and no one has sent diffs. the usual story. jmc
Re: OpenBSD mailing lists demime in an ascii world
On 2012-06-02 13:19, JC)rC)mie CourrC(ges-Anglas wrote: As you'll see in my signature above, 8 bit characters are mangled on OpenBSD mailing lists. Not that I care much, but passing the demime perl script a ''-8'' argument would be enough to solve that (if that is desired). AFAIK SMTP without MIME can only transport ASCII. Simon
Re: (Kinda O.T.) Digital Millennium Copyright Act used to censor hardware specifications
Steve Shockley [steve.shock...@shockley.net] wrote: We Americans have to enjoy the bars, there's not much left to do besides drink. There's always bath salts and eating off homeless people's faces.
Re: SMTP server pools at odds with the RFC?
On 2012-06-04 06:06, David Diggles wrote: I was just thinking surely resending from a different IP breaks the RFC for SMTP? Then I did some googling, and found this. http://bsdly.blogspot.com.au/2008/10/ietf-failed-to-account-for-greylisting.html Not only is greylisting fine from a protocol point of view (as others have pointed out), the IETF is also well aware of it. This is about to become an RFC: http://tools.ietf.org/html/draft-ietf-appsawg-greylisting Abstract This document describes the art of email greylisting, the practice of providing temporarily degraded service to unknown email clients as an anti-abuse mechanism. Greylisting is an established mechanism deemed essential to the repertoire of current anti-abuse email filtering systems. Simon
Re: SMTP server pools at odds with the RFC?
Simon Perreault simon.perrea...@viagenie.ca writes: Not only is greylisting fine from a protocol point of view (as others have pointed out), the IETF is also well aware of it. This is about to become an RFC: http://tools.ietf.org/html/draft-ietf-appsawg-greylisting That's a marked improvement over what appeared to be the status only a few years back. I still don't quite see why they left the crucial parts of RFC5321 as ambigous as they had been in the predecessor, but a greylisting RFC on the standards track is a very welcome development. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: SMTP server pools at odds with the RFC?
Not only is greylisting fine from a protocol point of view (as others have pointed out), the IETF is also well aware of it. This is about to become an RFC: http://tools.ietf.org/html/draft-ietf-appsawg-greylisting That's a marked improvement over what appeared to be the status only a few years back. I still don't quite see why they left the crucial parts of RFC5321 as ambigous as they had been in the predecessor, but a greylisting RFC on the standards track is a very welcome development. whatever. it is still false to say that greylisting wasn't permitted by the original RFC's. it was, and it is.
Re: SMTP server pools at odds with the RFC?
Theo de Raadt dera...@cvs.openbsd.org writes: it is still false to say that greylisting wasn't permitted by the original RFC's. it was, and it is. Any reasonable interpretation (IMO) of the relevant parts of RFC5321 and RFC2821 means that greylisting is well within the protocol specs. That did however not stop people from claiming otherwise, and it was a bit disappointing back in 2008 to find that the update did not provide even clearer language. All water under the bridge soonish now, it seems. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Large (3TB) HDD support
On 4 June 2012 15:06, Christian Weisgerber na...@mips.inka.de wrote: Peter Kay syllops...@syllopsium.co.uk wrote: GPT is a foregone conclusion unless you are blind to the future. The only alternative is OS specific disk hackery, and that does no-one any favours. Well, OpenBSD/i386 (and now /amd64) has used such hackery since the very beginning and doesn't fare too badly with it. Back in the day, I used to run FreeBSD with dangerously dedicated disks that didn't have MBR partitioning at all, just a pure BSD disklabel. (FreeBSD eventually discouraged/abolished this due to some BIOSes refusing to boot disks without an MBR partition table.) Let's leave aside the boot techie stuff which I included mainly as a interesting (to me) related point. I don't have a particular issue with most of the disk hackery that OpenBSD currently performs, but the key detail is that at least under x86, powermac and sgi platforms [1] it seems to work within the boundaries of the native disk partitioning by using a custom disk format, performing custom partition labelling or using a native partition as a container for a custom format (disklabel inside MBR partition). That strategy tends to co-exist quite nicely with other tools/BIOSes/OSes that might inadvertently read the disk (with the exception of the pure BSD disklabel as you say). That's not the case with storing data outside the 2TB limit enforced by the MBR design. It seems to me it would be more sensible to stick a disklabel inside a new OpenBSD GPT partition type. All the data are successfully protected by a known standard and both the users and disk tools are happy. I'll grant that multiboot is a rare and usually inadvisable configuration (although I'd suggest it's useful on laptops sometimes), but protecting all the data on a uniboot system sounds advisable. GPT's main selling point is that it is superior to MBR if you use either as your native partitioning scheme. That doesn't apply to OpenBSD. GPT is also useful if you want different operating systems to coexist on the same disk. For OpenBSD, that's more of a grudgingly tolerated configuration and not recommended. [1] I don't have experience of the other platforms apart than sparc, and that was some time ago.
Re: Large (3TB) HDD support
I don't have a particular issue with most of the disk hackery that OpenBSD currently performs, but the key detail is that at least under x86, powermac and sgi platforms [1] it seems to work within the boundaries of the native disk partitioning by using a custom disk format, performing custom partition labelling or using a native partition as a container for a custom format (disklabel inside MBR partition). That strategy tends to co-exist quite nicely with other tools/BIOSes/OSes that might inadvertently read the disk (with the exception of the pure BSD disklabel as you say). That's not the case with storing data outside the 2TB limit enforced by the MBR design. It seems to me it would be more sensible to stick a disklabel inside a new OpenBSD GPT partition type. All the data are successfully protected by a known standard and both the users and disk tools are happy. The openbsd disklabel can reach up that high easily. The GPT changes nothing. That is just a stub pointing at where openbsd is. You are not talking about partitions we handle here, but about something the bootloader sets up and then we forget about it forever. I'll grant that multiboot is a rare and usually inadvisable configuration (although I'd suggest it's useful on laptops sometimes), but protecting all the data on a uniboot system sounds advisable. There is nothing preventing someone with a GPT + covering MBR from setting up the GPT (which in their case has been mangled by many operating systems) to cover all the OpenBSD space nicely. But the tools our install scripts use do not do that. And you are going to start work on a replacement for fdisk tomorrow, that can do all the MBR stuff still, but also handle GPT? The people who want multiboot to work in a GPT-only-world that they -- and only they -- see coming should really write the code themselves. At this moment, the GPT-only systems that exist come from a vendor that does not envision multiboot, either. Why hold people who you don't pay to a higher standard than the people who you do pay?
Re: SMTP server pools at odds with the RFC?
Theo de Raadt dera...@cvs.openbsd.org writes: it is still false to say that greylisting wasn't permitted by the original RFC's. it was, and it is. Any reasonable interpretation (IMO) of the relevant parts of RFC5321 and RFC2821 means that greylisting is well within the protocol specs. That did however not stop people from claiming otherwise, and it was a bit disappointing back in 2008 to find that the update did not provide even clearer language. I do not agree with your assessment. All water under the bridge soonish now, it seems. Yeah, it is all water under the bridge until, at the last moment, IETF allows someone to add an IPR statement to the end of this new RFC. It is very naive of you of you to think that new document is coming for free. Companies are paying for this to be clarified, and they will want to build a path so that their silver comes to them.
Preferred method for tracking src with git?
What's considered the current 'best practice' for following OpenBSD src with git? I'm interested in trying out git for managing my growing list of pending/WIP patches for the src tree, but there seem to be a bunch of options and I don't know if there's any preference between them. It looks like ustuehler and jcs both wrote their own cvs-to-git importers for handling the OpenBSD src tree: https://github.com/ustuehler/git-cvs https://github.com/jcs/bigcvs2git There's also a bunch of other standard cvs-git tools that seem to have various issues dealing with large CVS trees. I also found some recommendations of using http://anoncvs.estpak.ee/cgi-bin/cgit/ for following the ports tree, but jcs seemed to warn against that last year because the tool they use doesn't produce accurate conversions: https://jcs.org/statuses/2011/10/20/127228971401216000/ (I'm also somewhat hesitant to trust a third-party mirror rather than mirroring from cvs myself and running one of the above conversion tools.) Anyone care to weigh in on their experience and give some recommendations here?
Campamento de Activación Profesional para Secretarias en Cuernavaca! 291936
291936 [IMAGE] Campamento de Activacisn Profesional para Secretarias Ejecutivas, Asistentes Auxiliares Hotel Spa Posada Tlaltenango 6 y 7 Julio Cuernavaca, Morelos. Un evento diferente, un espacio para renovar las ideas, reflexionar y actuar con liderazgo. 2 dmas Especiales a un precio Incremble, Todas las tarifas incluyen Hospedaje y Alimentos. !Reciba la informacisn completa, Inscrmbase y Capacmtese! Por favor responda este e-mail con los datos siguientes. Empresa Nombre Telifono Email Nzmero de Interesados En breve recibira temario, reseqa de expositor y tarifas. Pms Capacitacisn Efectiva de Mixico es una empresa Registrada ante la STPS Trabajamos con expertos en la materia para poder brindar herramientas tacticas, vanguardistas y de facil aplicacisn. Si lo prefiere comunmquese a los telifonos donde con gusto uno de nuestros ejecutivos le atendera. Telifonos: (0133) 8851-2365, (0133) 8851-2741 con mas de 10 lmneas. Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de Mixico Copyright (C) 2011, PMS Capacitacisn Efectiva de Mixico S.C. Derechos Reservados. E-Mail MARKETING SERVICE POWERED BY MEDIAMKTOOLS. Este Mensaje ha sido enviado a misc@openbsd.org como usuario de Pms de Mixico o bien un usuario le refiris para recibir este boletmn. Como usuario de Pms de Mixico, en este acto autoriza de manera expresa que Pms de Mixico le puede contactar vma correo electrsnico u otros medios. ALTO, si en esta ocasisn la informacisn recibida no fue de su interis pero desea recibir informacisn personalizada en relacisn a otros temas favor de indicarlo. Si usted ha recibido este mensaje por error, haga caso omiso de el y de antemano una sincera disculpa por la molestia, reporte su cuenta respondiendo este correo con el subject BAJACAMPING Unsubscribe to this mailing list, reply a blank message with the subject UNSUBSCRIBE BAJACAMPING Tenga en cuenta que la gestisn de nuestras bases de datos es de suma importancia para nosotros y no es intencisn de la empresa la inconformidad del receptor, nuestra intencisn es promover herramientas de utilidad para el [demime 1.01d removed an attachment of type image/jpeg which had a name of image001.jpg]
Re: OpenBSD mailing lists demime in an ascii world
Simon Perreault simon.perrea...@viagenie.ca writes: On 2012-06-02 13:19, JC)rC)mie CourrC(ges-Anglas wrote: ^^ ^^ ^^ As you'll see in my signature above, 8 bit characters are mangled on OpenBSD mailing lists. Not that I care much, but passing the demime perl script a ''-8'' argument would be enough to solve that (if that is desired). AFAIK SMTP without MIME can only transport ASCII. Simon Sure, but shear.ucar.edu advertizes 8BITMIME, the only problem here is demime. Caring about old dumb 7bit-only MTAs sounds like a waste of time to me. -- JC)rC)mie CourrC(ges-Anglas GPG fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15
EUSecWest 2012, Amsterdam, September 19/20, Featuring Mobile PWN2OWN CALL FOR PAPERS - Deadline June 15 2012 AMSTERDAM, Nederland -- The seventh annual EUSecWest applied technical security conference - where the eminent figures in the international security industry get together share best practices and technology - will be held in downtown Amsterdam near Leidseplein Square on September 19/20, 2012. The most significant new discoveries about computer network hack attacks and defenses, commercial security solutions, and pragmatic real world security experience will be presented in a series of informative tutorials. This year the EUSecWest conference will also host dedicated security coverage of mobile devices, and host the first mobile device only focused PWN2OWN competition, where researchers get to demonstrate live vulnerability attack code against designated targets and, if successful, get to keep the target hardware and cash prizes. The EUSecWest meeting provides international researchers a relaxed, comfortable environment to learn from informative tutorials on key developments in security technology, and collaborate and socialize with their peers in one of the world's most scenic cities - a short walk away from several large hotels and the Leidseplein entertainment and shopping district, conveniently close to many famous museums, convenient transport, Vondel Park, and a plentitude of restaurants and bars. The EUSecWest conference will also feature the availability of the Security Masters Dojo expert network security sensei instructors, and their advanced, and intermediate, hands-on training courses - featuring small class sizes and practical application excercises to maximize information transfer. We would like to announce the opportunity to submit papers, courses, and/or lightning talk proposals for selection by the EUSecWest technical review committee. This year we will be doing one hour talks, and some shorter talk sessions. Please make your proposal submissions before June 15th, 2012. Some invited papers have been confirmed, but a limited number of speaking slots are still available. The conference is responsible for travel and accommodations for the speakers. If you have a proposal for a tutorial session then please make your submission by mailing a plain text version of the information along with any other supporting material or formats to synopsis of the material and your biography, papers and, speaking background to secwest12 [at] eusecwest.com Only slides will be needed for the September paper deadline, full text does not have to be submitted - but will be accepted if available. This year we will be opening up the presentation guidelines to include talks not in English (particularly Dutch, Chinese, French, Russian, and Spanish) which we will offer to translate for the speaker if they are not a native English speaker. The EUSecWest 2012 conference consists of tutorials on technical details about current issues, innovative techniques and best practices in the information security realm. The audiences are a multi-national mix of professionals involved on a daily basis with security work: security product vendors, programmers, security officers, and network administrators. We give preference to technical details and new education for a technical audience. The conference itself is a single track series of presentations in a lecture theater environment. The presentations offer speakers the opportunity to showcase on-going research and collaborate with peers while educating and highlighting advancements in security products and techniques. The focus is on innovation, tutorials, and education instead of product pitches. Some commercial content is tolerated, but it needs to be backed up by a technical presenter - either giving a valuable tutorial and best practices instruction or detailing significant new technology in the products. Paper proposals should consist of the following information: 1. Presenter, and geographical location (country of origin/passport) and contact info (e-mail, postal address, phone, fax). 2. Employer and/or affiliations. 3. Brief biography, list of publications and papers. 4. Any significant presentation and educational experience/background. 5. Topic synopsis, Proposed paper title, and a one paragraph description. 6. Reason why this material is innovative or significant or an important tutorial. 7. Optionally, any samples of prepared material or outlines ready. 8. Will you have full text available or only slides? 9. Language of preference for submission. 10. Please list any other publications or conferences where this material has been or will be
Re: Preferred method for tracking src with git?
On Mon, 04 Jun 2012 at 12:52:47 -0700, Matthew Dempsky wrote: It looks like ustuehler and jcs both wrote their own cvs-to-git importers for handling the OpenBSD src tree: https://github.com/ustuehler/git-cvs https://github.com/jcs/bigcvs2git Both will convert HEAD properly, but neither has branch support. I used the fromcvs/togit tool (which the estpak mirror uses) to convert the trees I put on Github, but I found out that that tool doesn't handle all of the branches in OpenBSD's CVS tree properly which caused some files to be missing or at incorrect revisions on -stable branches. I hoped to have properly converted trees on Github for easy cloning/forking but I got lost trying to add branch support to my conversion tool that could properly do OpenBSD's trees.
Re: llround(), round() broken?
man intro (3) comes close in OpenBSD (I did man -k libraries to find it) It just seems like if a function requires a special library that should be mentioned in the function's man page as well as the header file since it needs both to work. I guess it depends on how surprised you are that the function isn't built-in. round() at least is perfectly ordinary in Pascal/Delphi and in Java/Javascript it might be something like math.round(). Alan On 6/4/12, Anthony J. Bentley anthonyjbent...@gmail.com wrote: Alan Corey writes: They probably aren't broken, looks like I need to link in some library. I get undefined reference to when I try to compile/link. Shouldn't this be mentioned in the man page? FreeBSD has a Library section in its man page: LIBRARY Math Library (libm, -lm) I recall reading on the mandoc mailing lists that OpenBSD man pages do not contain this section, but I don't know why that is. -- Anthony J. Bentley -- Credit is the root of all evil. - AB1JX
Re: llround(), round() broken?
This seems to come up most often regarding the math functions. Which Unix system doesn't require -lm for those math functions? man intro (3) comes close in OpenBSD (I did man -k libraries to find it) It just seems like if a function requires a special library that should be mentioned in the function's man page as well as the header file since it needs both to work. I guess it depends on how surprised you are that the function isn't built-in. round() at least is perfectly ordinary in Pascal/Delphi and in Java/Javascript it might be something like math.round(). Alan On 6/4/12, Anthony J. Bentley anthonyjbent...@gmail.com wrote: Alan Corey writes: They probably aren't broken, looks like I need to link in some library. I get undefined reference to when I try to compile/link. Shouldn't this be mentioned in the man page? FreeBSD has a Library section in its man page: LIBRARY Math Library (libm, -lm) I recall reading on the mandoc mailing lists that OpenBSD man pages do not contain this section, but I don't know why that is. -- Anthony J. Bentley -- Credit is the root of all evil. - AB1JX
Rinnova, con Fastandstore
Gamma espositori per negozi Fastandstore. Prodotto in Italia, dal design innovativo. Aprofittane subito. ALCUNI ESEMPI: Serie TAPE Serie TUBE Dai un nuovo look al tuo negozio con le soluzioni espositive di fastandstore. Arredare, ed esposrre da oggi C( semplice con le soluzioni in kit di montaggio. Per saperne di piC9 visita il sito www.fastandstore.it E' molto che aspettavi soluzioni fai da te per negozi e uffici? Fastandstore C( la soluzione; rinnovare, costruire, con gusto e design. Per saperne di piC9 visita il sito www.fastandstore.it Scegli lo stile unico del design italiano che ti proponiamo in questa sezione, alluminio e legno per il tuo nuovo store fai da te. Per saperne di piC9 visita il sito www.fastandstore.it i prodotti esposti sono completamente prodotti in tutte le sue parti in italia negli stabilimenti di Formlife Questa edizione della newsletter C( stata preparata dalla redazione di Fastand lo stand in valigia. Se volete comunicare opinioni, commenti, contestazioni o suggerimenti potete inviare un messaggio all'indirizzo modulartfastandst...@libero.it Questo servizio gratuito di newsletter viene inviato a coloro che sono iscritti al nostro database, a coloro che hanno sottoscritto il servizio compilando le schede di registrazione nel corso di propri eventi o nel corso di eventi organizzati da aziende partner, a coloro che hanno risposto in modo affermativo a una richiesta di adesione telefonica e da elenchi e servizi di pubblico dominio pubblicati anche via web. Il trattamento delle informazioni forniteci C( in conformitC con il D. lg. 196/2003 sulla privacy. Vi ricordiamo che potete interrompere il servizio in ogni momento inviando una e-mail allbindirizzo modulartfastandst...@libero.it FASTANDSTORE by MODULART - all rights reserved - tel 030.7040411 - P.Iva IT02091120986 - www.fastandstore.it [demime 1.01d removed an attachment of type image/jpeg which had a name of 1.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of 2.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of 3.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of 4.jpg] [demime 1.01d removed an attachment of type image/jpeg which had a name of 5.jpg]
Re: llround(), round() broken?
On Mon, Jun 04, 2012 at 20:40, Theo de Raadt wrote: This seems to come up most often regarding the math functions. Which Unix system doesn't require -lm for those math functions? I think these people have no experience writing any C and OpenBSD is the first place they've tried it. Trying to get a working development environment on a modern linux distro is an exercise in frustration due to all the micro packages they've broken it into.
No audio on auvia0 / VIA VT8233 AC97
Hi, I've gotten an old computer and installed OpenBSD on it, to act as a media player. The problem is I have no sound. First attempt was i386-current, 2nd attempt was amd64-5.1. There are 2 audio minijack outputs, one from the sound ports attached to motherboard, the other is a plug leading to the front jack (there are 2 plugs to fit this connector, one labelled ac97 the other HD audio). I've tried of all these, and also disconnecting the front jack altogether. Sound is tested with mplayer, with files of mp4, avi, mkv formats. $ mplayer -cache 1000 -vo sdl -ao null file.avi results in a great picture, with no frame drops $ mplayer -cache 1000 -vo sdl file.avi results in either a blank screen, or a picture that plays for a brief moment then freezes. Jumping forward (page up or arrow) either repeats this brief playback at the new location, or has no effect. I tried changing bios settings but no difference (disabling/enabling onboard AC97 was the only one that seemed related, but I tried usb1/2 etc as well). I don't have windows available to update bios, but from reading AMD erratas 89 and 97, they don't seem related anyway (see dmesg). My understanding is that auvia(4) should work on this machine. Is there something else I can try before getting a PCI soundcard? dmesg, pcidump, mixerctl, audioctl, and mplayer output below all came from amd64-5.1 and mplayer from packages: == OpenBSD 5.1 (GENERIC) #181: Sun Feb 12 09:35:53 MST 2012 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 1072365568 (1022MB) avail mem = 1029746688 (982MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf0720 (45 entries) bios0: vendor American Megatrends Inc. version 0210 date 09/05/2005 bios0: ASUSTeK Computer INC. A8V-MX acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP APIC OEMB acpi0: wakeup devices PCI0(S4) PS2K(S4) PS2M(S4) UAR1(S4) P7P8(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) EHCI(S4) ILAN(S4) SLPB(S4) PWRB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) 64 Processor 3500+, 2200.45 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: AMD errata 89, 97 present, BIOS upgrade may be required cpu0: apic clock running at 200MHz ioapic0 at mainbus0: apid 1 pa 0xfec0, version 3, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 2 (P0P7) acpiprt3 at acpi0: bus 4 (P7P9) acpiprt4 at acpi0: bus 3 (P7P8) acpicpu0 at acpi0: PSS aibs0 at acpi0: RTMP RVLT RFAN acpibtn0 at acpi0: SLPB acpibtn1 at acpi0: PWRB cpu0: Cool'n'Quiet K8 2200 MHz: speeds: 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 VIA K8M800 Host rev 0x00 agp at pchb0 not configured pchb1 at pci0 dev 0 function 1 VIA K8M800 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA K8M800 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA K8M800 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA K8M800 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA K8M800 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA K8HTB AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Radeon VE rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) radeondrm0 at vga1: apic 1 int 16 drm0 at radeondrm0 pciide0 at pci0 dev 15 function 0 VIA VT8251 SATA rev 0x00: DMA pciide0: using apic 1 int 21 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x07: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: ST380011A wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide1:0:0): using PIO mode 4, DMA mode 2 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x90: apic 1 int 20 uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x90: apic 1 int 22 uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x90: apic 1 int 21 uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x90: apic 1 int 23 ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x90: apic 1 int 22 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1 viapm0 at pci0 dev 17 function 0 VIA VT8251 ISA rev 0x00: SMI iic0 at viapm0 spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC3200CL3.0 spdmem1 at iic0 addr 0x51: 512MB DDR SDRAM non-parity PC3200CL3.0 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x70: apic 1 int 22 ac97: codec id 0x414c4761 (Avance