Re: OpenBSD projects

[Predrag Punosevac]

I was too quick with my earlier message. 

I don't think anybody mentioned OpenBSD implementation of dhcp server
and client. IIRC FreeBSD uses OpenBSD version of the client for its base
installation. Traditionally FreeBSD doesn't come with dhcp server which
needs to be installed from ports.

OpenBSD has its own sensorsd which is pure gold and unlike other BSDs
IPMI driver is disabled from generic. FreeBSD has half finished native
sensoring framewark but encourages the use of IPMI. 

OpenBSD has its own SNMP daemon. Somebody could probably clarify what is
the relation to "BSD SNMP" (bsnmp) daemon found in FreeBSD for example.
The OpenBSD snmpd comes with bunch of custom MIBs comparing to net-snmp
which can be installed from the ports and it is too bad that no tool can
out of box pool all PF for example related stuff into RRD and display it
in nice fashion (at least Observium which I am using is not capable of
doing it).

While on the topics of various monitoring utilities. IIRC symon 

http://wpd.home.xs4all.nl/symon/documentation.html

is developed on OpenBSD.

Also fdm is developed by an OpenBSD person

http://sourceforge.net/p/fdm/git/ci/master/tree/MANUAL

Predrag

Re: Discovering the keycode of key.

[Mats O Jansson]

On Fri, 26 Dec 2014, Eduardo Lopes wrote:

> Hello folks! 
> 
> May someone point to me how do I can obtain, in the console, the keycode of 
> any particular key, in OpenBSD?

There is no easy way. If you are intrested in unmapped keys you could use
the following script to map all unmapped characters.

#!/bin/ksh
jot 255 1 |
while read i; do
  str=`wsconsctl keyboard.map | grep "^keycode ${i} = "`
  if [ "$str" = "" ]; then
j=`printf "%03d" $i`
d0=${j%[0-9][0-9]}
k=${j#[0-9]}
d1=${k%[0-9]}
d2=${j#[0-9][0-9]}
`wsconsctl keyboard.map+="keycode $j = $d0 $d1 $d2 at"`
echo $s
  fi
done

If you test a previously unmapped key unshifted shifted and alt gr
you should get tree digits which would be the decimal keycode of that
key.

if you dump keyboard.map after the script has been executed you should
find lines like

keycode 96 = 0 9 6 at

-moj 

> thanks
> 
> Eduardo Lopes.

Re: Discovering the keycode of key.

[Eduardo Lopes]

Joel Rees  gmail.com> writes:

>there was a thread somewhere back there this last week about keymaps that
>might be of interest. Henrique got offended about having to look at source
>code and complained about having to compile the kernel, which was either a
>misunderstanding or deliberately taking things out of proportion. But it
>might help you, too.
>
>(No, I don't know "the" answer to your question. You could find out,
>'though.)

Thanks anyway, but I've read that thread before asking this. It really
helped, but not with this particular matter.

thanks

Eduardo Lopes

Re: OpenBSD projects

[Reyk Floeter]

On Fri, Dec 26, 2014 at 09:42:18AM -0800, jungle Boogie wrote:
> Hello All,
> 
> Here's a list of projects that I'm aware of that openBSD created. Is
> that correct? (p) is for portable. What else am I missing?
> openssh (p)
> opensmtpd (p)
> mandoc (p)
> openntpd (p)
> openbgpd
> libressl (p)
> openiked (p?)

OpenIKED -portable hasn't been updated for while.  OpenBSD's version
is alive and well.  I'm missing a maintainer for the portable version,
and that's some difficult work.

> pf

An ancient version of pf is found in FreeBSD, OS X, iOS etc.  But it
is actively used.

> relayd

FreeBSD has an active port of relayd.

> httpd

Not yet.

> carp
> 
> Thanks,
> Jungle
> 

You're welcome, "Jungle"
Reyk

Re: OpenBSD projects

[Adam Thompson]

On 14-12-27 09:59 AM, Predrag Punosevac wrote:

OpenBSD also has its own LDAP server as well indigenous ypldap daemon
and as far as I know is the only widely deployed UNIX which doesn't use
infamous PAM for LDAP authentication.

Cheers,
Predrag


Going OT here to correct that impression...

HP/UX, AIX and UnixWare/OpenServer all support LDAP authentication 
without going through the PAM layer.


Theoretically, any BSDauth-enabled OS could do so but most others 
(NetBSD, FreeBSD) take the, umm... "easy" way out and do it through PAM.


--
-Adam Thompson
 athom...@athompso.net

Re: OpenBSD projects

[jungle Boogie]

Hi Alexandre,
On 27 December 2014 at 04:01, Alexandre Ratchov  wrote:
> Out of curiousity, what would you do with this list?
>

Well in the coming weeks you'll see a water color painting my wife did
of puffy and some bubbles of some of the openBSD projects. I didn't
know there were so many so I don't think all will fit on the painting.

Also, I'm genuinely interested in the lineage of the projects that
openBSD has created.

For instance, openNTPD is now ten years old! The oBSD developers saw
issues with the standard ntpd ten years ago and wrote their own. Ted's
signify was started about 1 year ago and was, I think, first used with
5.5 -release. oBSD didn't want to rely on existing tools to sign their
software so they wrote their own tool to do the signing and verifying.

>From what I'm gathering, the newest project is httpd. Apache was too
old in base and nginx was becoming too bloated for something
lightweight so httpd was created.

Happy new year to all openBSD developers, fans, and users. October
2015 will be 19 years since the original release of openBSD.

> -- Alexandre

jungle

-- 
---
inum: 883510009027723
sip: jungleboo...@sip2sip.info
xmpp: jungle-boo...@jit.si

Re: httpd puzzlement

[Daniel Jakots]

On Sat, 27 Dec 2014 10:10:27 -0600, Ed Ahlsen-Girard 
wrote:

> I am missing something really obvious. httpd exits logging thusly:
> 
> Dec 27 10:05:07 $hostname httpd[28709]: fatal: send server: Can't
> assign requested address
> 
> rc.conf.local and httpd.conf files are below. httpd.conf sets
> $ext_addr to "egress", but I do not know where egress is defined

`ifconfig egress` to see the interface (and the IP address(es) assigned
to) in the group egress.

Your problem is that you have a bunch of "listen on" like "listen on
2001:db8::53f6:3eab port 81" in your httpd.conf but you don't have
those IP on your computer.

Configuration filed in /etc/examples/ are to be adapted, not blindly
copied and expected to work.

Cheers,
Daniel

Re: httpd puzzlement

[Edgar Pettijohn]

On 12/27/14 10:10, Ed Ahlsen-Girard wrote:

httpd doesn't serve pages on my Dec24 snapshot system (hasn't ever,
actually).

I am missing something really obvious. httpd exits logging thusly:

Dec 27 10:05:07 $hostname httpd[28709]: fatal: send server: Can't assign
requested address

rc.conf.local and httpd.conf files are below. httpd.conf sets
$ext_addr to "egress", but I do not know where egress is defined, or if
I should replace it. Replacing it with the address bound to the
(single) interface did not change anything.

The box uses dhcp but has a reservation: address is always the
same.

Try deleting everything but the following in httpd.conf:

# $OpenBSD: httpd.conf,v 1.11 2014/08/25 14:27:54 reyk Exp $

#
# Macros
#
ext_addr="egress"

#
# Global Options
#
# prefork 3

#
# Servers
#

# A minimal default server
server "default" {
listen on $ext_addr port 80
}

httpd puzzlement

[Ed Ahlsen-Girard]

httpd doesn't serve pages on my Dec24 snapshot system (hasn't ever,
actually).

I am missing something really obvious. httpd exits logging thusly:

Dec 27 10:05:07 $hostname httpd[28709]: fatal: send server: Can't assign
requested address

rc.conf.local and httpd.conf files are below. httpd.conf sets
$ext_addr to "egress", but I do not know where egress is defined, or if
I should replace it. Replacing it with the address bound to the
(single) interface did not change anything.

The box uses dhcp but has a reservation: address is always the
same. 
-- 

Edward Ahlsen-Girard
Ft Walton Beach, FL

ntpd_flags= # enabled during install
httpd_flags=""
xdm_flags=""
lpd_flags=""
smtpd_flags=""

# $OpenBSD: httpd.conf,v 1.11 2014/08/25 14:27:54 reyk Exp $

#
# Macros
#
ext_addr="egress"

#
# Global Options
#
# prefork 3

#
# Servers
#

# A minimal default server
server "default" {
listen on $ext_addr port 80
}

# A name-based "virtual" server on the same address
server "www.example.com" {
listen on $ext_addr port 80

# Logging is enabled by default, but it can be turned off per
server #no log

location "/pub/*" {
directory auto index
log style combined
}

location "*.php" {
fastcgi socket "/run/php-fpm.sock"
}

location "/cgi-bin/*" {
fastcgi

# The /cgi-bin directory is outside of the document root
root "/"
}

root "/htdocs/www.example.com"
}

# An HTTPS server using SSL/TLS
#server "secure.example.com" {
#   listen on 127.0.0.1 ssl port 443

# Define server-specific log files relative to /logs
#   log { access "secure-access.log", error "secure-error.log" }

# Increase connection limits to extend the lifetime
#   connection { max requests 500, timeout 3600 }

#   root "/htdocs/secure.example.com"
#}

# Another server on a different internal IPv4 address
server "intranet.example.com" {
listen on 10.0.0.1 port 80
directory { auto index, index "default.htm" }
root "/htdocs/internet.example.com"
}

# An IPv6-based server on a non-standard port
server "ipv6.example.com" {
listen on 2001:db8::53f6:3eab port 81
root "/htdocs/ipv6.example.com"
}

# Include MIME types instead of the built-in ones
types {
include "/usr/share/misc/mime.types"
}

Re: OpenBSD projects

[Predrag Punosevac]

I am not sure if it classifies as OpenBSD project but pdksh is for
practical purposes as far as I know maintained by OpenBSD people. Many
will argue that so called Mir Korn Shell mksh is just a version of pdksh
developed within OpenBSD project.

OpenBSD also has its own LDAP server as well indigenous ypldap daemon
and as far as I know is the only widely deployed UNIX which doesn't use
infamous PAM for LDAP authentication.

Cheers,
Predrag

Re: OpenBSD projects

[Alexandre Ratchov]

On Fri, Dec 26, 2014 at 09:42:18AM -0800, jungle Boogie wrote:
> Hello All,
> 
> Here's a list of projects that I'm aware of that openBSD created. Is
> that correct? (p) is for portable. What else am I missing?
> openssh (p)
> opensmtpd (p)
> mandoc (p)
> openntpd (p)
> openbgpd
> libressl (p)
> openiked (p?)
> pf
> relayd
> httpd
> carp
> 

sndio and aucat are developped on OpenBSD and work on Linux. Same
for midish, though it's not part of base (doesn't fit my definition
of "base operating system").

Out of curiousity, what would you do with this list?

-- Alexandre

smtpd(8): running as backup MX with +TAG addresses

[Florian Obser]

Hi,

so I want to run smtpd(8) as a backup MX and configure the list of
valid email addresses so that the backup MX rejects invalid
email addresses on accepting the message and not bounce
the mail alter on when it tries to deliver to the primary
mail server.
Currently I have this:
accept from any for domain  recipient  \
relay backup hostname "primary.mx.example.com"

Assuming I have example.com in the domains table and
u...@example.com in the recipient table smptd rejects
rcpt to: 
with
550 Invalid recipient

rcpt to: 
works just fine.

This is on -current.

How can I get +TAG to work on the backup MX?

Thanks,
Florian

-- 
I'm not entirely sure you are real.

Re: Discovering the keycode of key.

[Joel Rees]

2014/12/27 13:33 "Eduardo Lopes" :
>
> Joel Rees  gmail.com> writes:
>
> >
> > showkey doesn't seem to be on my machine, but xev is.
> >
> > Is xev part of the standard X11 install?
> >
>
> Yes, xev is part of Xenocara, but I don´t think the keycodes on X
correlates
> to that on wsconsctl, do they?

there was a thread somewhere back there this last week about keymaps that
might be of interest. Henrique got offended about having to look at source
code and complained about having to compile the kernel, which was either a
misunderstanding or deliberately taking things out of proportion. But it
might help you, too.

(No, I don't know "the" answer to your question. You could find out,
'though.)

Joel Rees

Computer memory is just fancy paper,
CPUs just fancy pens.
All is a stream of text
flowing from the past into the future.

Re: ixgbe_tx_ctx_setup crash

[Kapetanakis Giannis]

On 27/12/14 10:05, Kapetanakis Giannis wrote:

On 26/12/14 12:23, Kapetanakis Giannis wrote:

Hi,

Any ideas on this? I'm getting at least one panic every day.

G

On 24/12/14 06:13, Kapetanakis Giannis wrote:

Today I've installed a 10Gb adapter and upgraded to latest snapshot.
I've had a crash...

Machine is a Fujitsu RX300 S6 and the adapter is an Intel X520 SR1

G

ddb{0}> trace
ixgbe_tx_ctx_setup(d4164980,d919df00,f55a0e5c,f55a0e60,4) at 
ixgbe_tx_ctx_setup

+0x11a
ixgbe_encap(d4164980,d919df00,0,1000,a) at ixgbe_encap+0x16a
ixgbe_start(d4376030,d424f2c0,1,f55a0ed4,d43ac320) at ixgbe_start+0xa7
nettxintr(0,50,0,f55a0f08,d055e282) at nettxintr+0x47
softintr_dispatch(1) at softintr_dispatch+0x5a
Xsoftnet() at Xsoftnet+0x17
--- interrupt ---
cpu_idle_cycle(d0c54a00) at cpu_idle_cycle+0xf
Bad frame pointer: 0xd0d1ee58


I'm still getting the crash at the same point.
I've followed http://www.benzedrine.cx/crashreport.html
and I have managed to trace it to line 2114 of revision 1.113

  2107  /* Set the ether header length */
  2108  vlan_macip_lens |= ehdrlen << IXGBE_ADVTXD_MACLEN_SHIFT;
  2109
  2110  switch (etype) {
  2111  case ETHERTYPE_IP:
  2112  ip = (struct ip *)(mp->m_data + ehdrlen);
  2113  ip_hlen = ip->ip_hl << 2;

2114  ipproto = ip->ip_p;

  2115  type_tucmd_mlhl |= IXGBE_ADVTXD_TUCMD_IPV4;
  2116  break;

I've also tried to revert back to older revisions of if_ix.c (until 
1.108) with no luck.

I will continue a bit more to see if anything changes.

regards,

Giannis


Just to add that I'm running vlan 802.1q trunk on this interface.

G

Re: ixgbe_tx_ctx_setup crash

[Kapetanakis Giannis]

On 26/12/14 12:23, Kapetanakis Giannis wrote:

Hi,

Any ideas on this? I'm getting at least one panic every day.

G

On 24/12/14 06:13, Kapetanakis Giannis wrote:

Today I've installed a 10Gb adapter and upgraded to latest snapshot.
I've had a crash...

Machine is a Fujitsu RX300 S6 and the adapter is an Intel X520 SR1

G

ddb{0}> trace
ixgbe_tx_ctx_setup(d4164980,d919df00,f55a0e5c,f55a0e60,4) at 
ixgbe_tx_ctx_setup

+0x11a
ixgbe_encap(d4164980,d919df00,0,1000,a) at ixgbe_encap+0x16a
ixgbe_start(d4376030,d424f2c0,1,f55a0ed4,d43ac320) at ixgbe_start+0xa7
nettxintr(0,50,0,f55a0f08,d055e282) at nettxintr+0x47
softintr_dispatch(1) at softintr_dispatch+0x5a
Xsoftnet() at Xsoftnet+0x17
--- interrupt ---
cpu_idle_cycle(d0c54a00) at cpu_idle_cycle+0xf
Bad frame pointer: 0xd0d1ee58


I'm still getting the crash at the same point.
I've followed http://www.benzedrine.cx/crashreport.html
and I have managed to trace it to line 2114 of revision 1.113

  2107  /* Set the ether header length */
  2108  vlan_macip_lens |= ehdrlen << IXGBE_ADVTXD_MACLEN_SHIFT;
  2109
  2110  switch (etype) {
  2111  case ETHERTYPE_IP:
  2112  ip = (struct ip *)(mp->m_data + ehdrlen);
  2113  ip_hlen = ip->ip_hl << 2;

2114  ipproto = ip->ip_p;

  2115  type_tucmd_mlhl |= IXGBE_ADVTXD_TUCMD_IPV4;
  2116  break;

I've also tried to revert back to older revisions of if_ix.c (until 
1.108) with no luck.

I will continue a bit more to see if anything changes.

regards,

Giannis



ddb{0}> ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT COMMAND
 27524  29077  29077  0  30x81  netio tcpdump
 29077   7998  29077 76  30x93  bpf tcpdump
  7998   5475   7998  0  30x8b  pause tcsh
  5475  27931   5475  0  30x8b  pause ksh
 27931  26770  27931  0  30x92  selectsshd
 31314  1  31314  0  30x80  poll  cron
 30894  1  30894  0  30x83  ttyin getty
 18970   8424   8424 90  30x90  kqreadospf6d
 32570   8424   8424 90  30x90  kqreadospf6d
  8424  1   8424  0  30x80  kqreadospf6d
 21883   1784   1784 85  30x90  kqreadospfd
   912   1784   1784 85  30x90  kqreadospfd
  1784  1   1784  0  30x80  kqreadospfd
 12595  1  12595  0  30x83  ttyin getty
 25497  1  25497  0  30x83  ttyin getty
 12975  1  12975  0  30x83  ttyin getty
 28159  1  28159  0  30x83  ttyin getty
 32715  1  32715  0  30x83  ttyin getty
 10193   2540   2540 74  30x90  bpf   pflogd
  2540  1   2540  0  30x80  netio pflogd
  2835  1  14597  0  30x80  selectsnmpd
  7479  32707  32707 95  30x90  kqreadsmtpd
 20765  32707  32707 95  30x90  kqreadsmtpd
 28600  32707  32707 95  30x90  kqreadsmtpd
 13782  32707  32707 95  30x90  kqreadsmtpd
 12419  32707  32707 95  30x90  kqreadsmtpd
  2489  32707  32707103  30x90  kqreadsmtpd
 32707  1  32707  0  30x80  kqreadsmtpd
 26770  1  26770  0  30x80  selectsshd
  7240  19769   3791 83  30x90  poll  ntpd
 19769   3791   3791 83  30x90  poll  ntpd
  3791  1   3791  0  30x80  poll  ntpd
 11125  23743  23743 74  30x90  bpf   pflogd
 23743  1  23743  0  30x80  netio pflogd
 28337   5090   5090 73  20x90 syslogd
  5090  1   5090  0  30x80  netio syslogd
 30111  0  0  0  3 0x14200  pgzero zerothread
 14175  0  0  0  3 0x14200  aiodoned aiodoned
 14536  0  0  0  3 0x14200  syncerupdate
 26108  0  0  0  3 0x14200  cleaner cleaner
 25408  0  0  0  3 0x14200  reaperreaper
 28179  0  0  0  3 0x14200  pgdaemon pagedaemon
  3310  0  0  0  3 0x14200  bored crypto
 26495  0  0  0  3 0x14200  pftm pfpurge
  7600  0  0  0  3 0x14200  usbtsk usbtask
 13439  0  0  0  3 0x14200  usbatsk usbatsk
 11642  0  0  0  3 0x14200  bored sensors
 25436  0  0  0  3  0x40014200  acpi0 acpi0
 27440  0  0  0  7  0x40014200idle3
  4660  0  0  0  7  0x40014200idle2
 27534  0  0  0  7  0x40014200idle1
 25518  0  0  0  3 0x14200  bored systqmp
 24295  0  0  0  3 0x14200  bored systq
 15404  0  0  0