Re: athn at usb fixes

[Stuart Henderson]

On 2015-03-02, Stefan Sperling s...@stsp.name wrote:
 I'm tired of replugging this device, and I don't want to
 wear out my laptop's USB ports even more ;)

You can borrow a tip from USB hardware hackers here: use an external
hub to help protect your ports.

Re: pkg_add failure in March 1 snapshot

[Dmitrij D. Czarkoff]

Adam Wolk said:
 Is the issue reproducible? Maybe it was a temporary network glitch?

I can access this repository just fine, it isn't empty, and the same
happens with other repos.

-- 
Dmitrij D. Czarkoff

Re: pkg_add failure in March 1 snapshot

[Peter N. M. Hansteen]

On Tue, Mar 03, 2015 at 12:56:44PM +0100, Adam Wolk wrote:
 I just updated to the March 1 (i386) snapshot and now I'm in process of
 doing a 'pkg_add -uiv' so far no issues on my side (packages are
 downloading and updating).
 
 Is the issue reproducible? Maybe it was a temporary network glitch?
 
 : http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/
 is empty

amd64 packages on i386 is not supported. perhaps pkg_add is simply keeping
you from wrecking your configuration?

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: pkg_add failure in March 1 snapshot

[Dmitry Orlov]

(i386) snapshot and amd64 packages ?
:http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/



On 03.03.2015 17:27, Dmitrij D. Czarkoff wrote:

Adam Wolk said:

Is the issue reproducible? Maybe it was a temporary network glitch?

I can access this repository just fine, it isn't empty, and the same
happens with other repos.

Re: How to view man pages with restricted ksh?

[Ted Unangst]

Craig Skinner wrote:
 Hi folks,
 
 
 $ man rksh
 sh: /tmp/man.v3NbpQf33a: restricted
 sh: /usr/bin/more: restricted

I don't know. Works for me.

carbolite:~ rksh
carbolite:~ man rksh | wc
2971   20398  166126
carbolite:~ cd /
rksh: cd: restricted shell - can't cd

Re: How to view man pages with restricted ksh?

[Ingo Schwarze]

Hi Craig,

Ted Unangst wrote on Tue, Mar 03, 2015 at 10:09:08AM -0500:
 Craig Skinner wrote:

 $ man rksh
 sh: /tmp/man.v3NbpQf33a: restricted
 sh: /usr/bin/more: restricted

That looks like the man you are executing is a shell script starting
with #!/bin/sh.  In particular, it does not look like the mandoc
implementation of man(1) because that doesn't create temporary files.
What does

  $ which man
  $ file `which man`

tell you?

 I don't know. Works for me.
 
 carbolite:~ rksh
 carbolite:~ man rksh | wc
 2971   20398  166126
 carbolite:~ cd /
 rksh: cd: restricted shell - can't cd

Indeed, both the old BSD man(1) that was in OpenBSD 5.6 and the new
mandoc man(1) that will be in OpenBSD 5.7 work onb -current.

Yours,
  Ingo

OpenBSD install has 1 not so logical part

[Thisis theone]

Hello,

Do you expect to run the X Window System? [yes] no
Do you want the X Window System to be started by xdm(1)? [no] no

Isn't this a contradiction? Or is it related to machdep.allowaperture? If
machdep.allowaperture isn't needed anymore, why is it still in the
install?

Many thanks,

bye!

Re: pkg_add failure in March 1 snapshot

[Dmitrij D. Czarkoff]

Dmitry Orlov said:
 (i386) snapshot and amd64 packages ?
 :http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/

No, amd64 everything.

I updated again (from another mirror, which shouldn't matter), and now
everything is fine.

-- 
Dmitrij D. Czarkoff

Re: typo in strip(1) man page

[Jason McIntyre]

On Mon, Mar 02, 2015 at 11:52:49AM -0430, Halim Srama wrote:
 I just noticed that all the points after that are numbered 1 (also below in
 the next enumeration). maybe that's also not right.
 On Mar 2, 2015 11:41 AM, Naim, Halim. halimsr...@gmail.com wrote:
 
  Hi, there is a typo in the manpage for strip. In section
  --only-keep-debug, In the first point, It says:
 
  1.Link the executable... Assuming that is is called...
 
  That should be: that it is called
 

you can check out the latest version of binutils, check whether the bugs
exist still, and open a bug report with the maintainer if it does. then
it'll trickle down...

jmc

uxterm is showing UTF-8 chars with errors?

[Thisis theone]

$ touch árvíztűrő tükörfúrógép
$ ls -lah
-rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r?? t??k??rf??r??g??p
$

I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
this way? Why doesn't it displays it as it is?

Many thanks!

Re: athn at usb fixes

[Stefan Sperling]

On Tue, Mar 03, 2015 at 08:08:29AM +, Stuart Henderson wrote:
 On 2015-03-02, Stefan Sperling s...@stsp.name wrote:
  I'm tired of replugging this device, and I don't want to
  wear out my laptop's USB ports even more ;)
 
 You can borrow a tip from USB hardware hackers here: use an external
 hub to help protect your ports.

But I really need my hub, too!

Re: athn at usb fixes

[Miod Vallat]

You can borrow a tip from USB hardware hackers here: use an external
hub to help protect your ports.


But I really need my hub, too!


Look for people holding ``free hubs!'' signs in the streets...

Re: uxterm is showing UTF-8 chars with errors?

[frantisek holop]

Thisis theone, 03 Mar 2015 16:55:
 $ touch árvíztűrő tükörfúrógép
 $ ls -lah
 -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r?? t??k??rf??r??g??p
 $
 
 I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
 this way? Why doesn't it displays it as it is?

look in the archives, there was a discussion not that
long ago.

$ ls |cat
árvíztűrő tükörfúrógép

-f
-- 
the word of the day is legs.  now spread the word!

Re: uxterm is showing UTF-8 chars with errors?

[Ted Unangst]

Thisis theone wrote:
 $ touch árvíztűrő tükörfúrógép
 $ ls -lah
 -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r?? t??k??rf??r??g??p
 $
 
 I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
 this way? Why doesn't it displays it as it is?

ls doesn't know about utf-8. it only prints basic ascii characters, and
replaces all other bytes with ?.

The problem is not in xterm (or the filesystem). If you run echo * you should
see the name echoed back correctly.

Re: How to view man pages with restricted ksh?

[Craig Skinner]

On 2015-03-03 Tue 16:46 PM |, Ingo Schwarze wrote:
 
 That looks like the man you are executing is a shell script starting
 with #!/bin/sh.  In particular, it does not look like the mandoc
 implementation of man(1) because that doesn't create temporary files.
 What does
 
   $ which man
   $ file `which man`
 
 tell you?

Hi Ingo:

$ man man
sh: /tmp/man.qOsGeBPxS8: restricted
sh: /usr/bin/more: restricted
$ type man
man is /usr/bin/man
$ whence man
/usr/bin/man
$ which man
/usr/bin/man
$ whereis man
/usr/bin/man
$ file $(which man)
/usr/bin/man: ELF 32-bit LSB shared object, Intel 80386, version 1, for 
OpenBSD, dynamically linked (uses shared libs), stripped
$ stat /usr/bin/man
10 47697 -r-xr-xr-x 2 root bin 194256 18768 Aug  8 06:58:18 2014 Aug 8 
06:58:18 2014 Jan 22 11:30:27 2015 16384 40 0 /usr/bin/man
$ stat -r /usr/bin/man
10 47697 0100555 2 0 7 194256 18768 1407477498 1407477498 1421926227 16384 40 0 
/usr/bin/man


Have I fucked something up?


 
 Indeed, both the old BSD man(1) that was in OpenBSD 5.6 and the new
 mandoc man(1) that will be in OpenBSD 5.7 work onb -current.
 

$ uname -srvm
OpenBSD 5.6 GENERIC#274 i386

-- 
BE ALERT  (The world needs more lerts ...)

kernel panic in OpenBSD 5.6 release

[someone]

Hello,

1) If I run transmission-gtk with ex.: 20 torrent files and I'm on a
50 mbit/sec network, after ~10-15 minutes (network fully used,
ethernet, not wifi) my OpenBSD 5.6 64bit on a T61 will always crash
and brings up the gdb. Is that normal? How can I help debug it? I'm
not running it as root, I'm running it as a normal user. I only set
the default datasize-max=2048M in login.conf.

2) If I run mplayer with several videos on a kiosk (Devon IT TC5 x86),
after ~21 days the OS crashed. gdb again showing. Before there was a
winXP machine that did almost the same: after a given time, a few
weeks, mplayer crashed. The solution: put a reboot in crontab for
every week.

How can a userspace program cause an OS crash? Or I am missing
something? How can I help make it better? Or it's just an OS config?

Thanks!

Re: uxterm is showing UTF-8 chars with errors?

[someone]

Thank you for the tricks! :) (Google already indexed it, so less people
will ask it in the future, lol)

Is this an old bug or just a feature?

I know it would be great if the world would only have 1 language: English,
but that will be about ~1000 years away.

http://www.wsj.com/articles/what-the-world-will-speak-in-2115-1420234648


On Tue, Mar 3, 2015 at 5:10 PM, Ted Unangst t...@tedunangst.com wrote:

 Thisis theone wrote:
  $ touch árvíztűrő tükörfúrógép
  $ ls -lah
  -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r??
 t??k??rf??r??g??p
  $
 
  I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
  this way? Why doesn't it displays it as it is?

 ls doesn't know about utf-8. it only prints basic ascii characters, and
 replaces all other bytes with ?.

 The problem is not in xterm (or the filesystem). If you run echo * you
 should
 see the name echoed back correctly.

Problem with Bacula and LTO-5 unit

[Kor son of Rynar]

Dear misc@,

Have been using OpenBSD with Bacula (and LTO-4 tapes) with great success
for many years.

Our bacula server just got upgraded to a Dell PowerEdge R420 with one LTO-5
tape unit.  This server is running OpenBSD 5.6-stable.

The problem is that bacula's btape(8) keeps giving me a Reposition error
-- I have tried many different parameters, including Use MTIOCGET= no,
etc.  (please see below the btape output)

Anyone using OpenBSD, Bacula and LTO-5 units?

Thanks!

--Kor

hw.vendor=Dell Inc.
hw.product=PowerEdge R420

# dmesg | grep st0
st0 at scsibus5 targ 9 lun 0: IBM, ULTRIUM-HH5, D2A1 SCSI4 1/sequential
removable naa.50050763120e22e0


/etc/bacula/bacula-sd.conf

Device {
  Name = LTO-5
  Media Type = LTO-5
  Archive Device = /dev/nrst0
}



# btape -c bacula-sd.conf /dev/nrst0
  [142/1036]
Tape block granularity is 1024 bytes.
btape: butil.c:287-0 Using device: /dev/nrst0 for writing.
btape: btape.c:469-0 open device LTO-5 (/dev/nrst0): OK
*
*test

=== Write, rewind, and re-read test ===

I'm going to write 1 records and an EOF
then write 1 records and an EOF, then rewind,
and re-read the data to verify that it is correct.

This is an *essential* feature ...

btape: btape.c:1153-0 Wrote 1 blocks of 64412 bytes.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1169-0 Wrote 1 blocks of 64412 bytes.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1211-0 Rewind OK.
1 blocks re-read correctly.
1 blocks re-read correctly.
=== Test Succeeded. End Write, rewind, and re-read test ===

btape: btape.c:1279-0 Block position test
btape: btape.c:1291-0 Rewind OK.
Reposition to file:block 0:4
Block 5 re-read correctly.
Reposition to file:block 0:200
Block 201 re-read correctly.
Reposition to file:block 0:
Block 1 re-read correctly.
Reposition to file:block 1:0
Block 10001 re-read correctly.
Reposition to file:block 1:600
Block 10601 re-read correctly.
Reposition to file:block 1:
Block 2 re-read correctly.
=== Test Succeeded. End Write, rewind, and re-read test ===



=== Append files test ===

This test is essential to Bacula.

I'm going to write one record  in file 0,
   two records in file 1,
 and three records in file 2

btape: btape.c:574-0 Rewound LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:469-0 open device LTO-5 (/dev/nrst0): OK
btape: btape.c:574-0 Rewound LTO-5 (/dev/nrst0)
btape: btape.c:1423-0 Now moving to end of medium.
btape: btape.c:625-0 Moved to end of medium.
We should be in file 3. I am at file 4. This is NOT correct

Append test failed. Attempting again.
Setting Hardware End of Medium = no
and Fast Forward Space File = no
and retrying append test.



=== Append files test ===

This test is essential to Bacula.

I'm going to write one record  in file 0,
   two records in file 1,
 and three records in file 2

btape: btape.c:574-0 Rewound LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:1910-0 Wrote one record of 64412 bytes.
btape: btape.c:1912-0 Wrote block to device.
btape: btape.c:604-0 Wrote 1 EOF to LTO-5 (/dev/nrst0)
btape: btape.c:469-0 open device LTO-5 (/dev/nrst0): OK
btape: btape.c:574-0 Rewound LTO-5 (/dev/nrst0)
btape: btape.c:1423-0 Now moving to end of medium.
btape: btape.c:622-0 tape_dev.c:614 read error on LTO-5 (/dev/nrst0).
ERR=Input/output error.
We should be in file 3. I am at file 3. This is correct!

Now the 

Re: How to view man pages with restricted ksh?

[Craig Skinner]

On 2015-03-03 Tue 16:23 PM |, Craig Skinner wrote:
 $ stat -r /usr/bin/man
 10 47697 0100555 2 0 7 194256 18768 1407477498 1407477498 1421926227 16384 40 
 0 /usr/bin/man
 

$ ldd /usr/bin/man
/usr/bin/man:
StartEnd  Type Open Ref GrpRef Name
19f51000 39f55000 exe  10   0  /usr/bin/man
06e0a000 26e3a000 rlib 01   0  /usr/lib/libc.so.77.0
0616a000 0616a000 rtld 01   0  /usr/libexec/ld.so


-- 
Justice, n.:
A decision in your favor.

Re: uxterm is showing UTF-8 chars with errors?

[Stefan Sperling]

On Tue, Mar 03, 2015 at 04:55:01PM +0100, Thisis theone wrote:
 $ touch árvíztűrő tükörfúrógép
 $ ls -lah
 -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r?? t??k??rf??r??g??p
 $
 
 I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
 this way? Why doesn't it displays it as it is?
 
 Many thanks!

This is because ls(1) filters output with isprint(3) and is not aware
of locales (i.e. it does not call setlocale(3)). Run pkg_add colorls
and alias ls=colorls if you need multi-byte ls output.

Please do not start a discussion about adding this feature to base ls(1)
unless you're willing to invest a non-trivial amount of time and energy
working on improved locale support for the entire OS.
It's already been discussed before.

Almost offtopic question to the Improving Browser Security question

[someone]

Hello,

If I:

pkg_add firefox-esr

then I cannot see any separated user for it:

grep -i firefox /etc/passwd

When will OpenBSD have a separated user for the webbrowser by default?

If someone gets in via the webbrowser... it will have the id_rsa, the
*.kdb, etc.

If it will not be default what are the solutions for the people to
run their webbrowser with another user?

$ su - foo
Password:
$ /usr/local/bin/firefox-esr
Error: no display specified
$ exit
echo $DISPLAY
:0
$ su - foo
Password:
export DISPLAY=:0
$ /usr/local/bin/firefox-esr
No protocol specified
No protocol specified
Error: cannot open display: :0
$

Or is X so bad that it's not worth it? Can I run _several X servers_
on my notebook (separated from each other)?

Ex.: CTRL+ALT+F2 would bring up the logged in user with it's own X
server, and CTRL+ALT+F3 another..

Many thanks,

Re: pkg_add failure in March 1 snapshot

[Adam Wolk]

On Tue, Mar 3, 2015, at 01:33 PM, Peter N. M. Hansteen wrote:
 On Tue, Mar 03, 2015 at 12:56:44PM +0100, Adam Wolk wrote:
  I just updated to the March 1 (i386) snapshot and now I'm in process of
  doing a 'pkg_add -uiv' so far no issues on my side (packages are
  downloading and updating).
  
  Is the issue reproducible? Maybe it was a temporary network glitch?
  
  : http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/
  is empty
 
 amd64 packages on i386 is not supported. perhaps pkg_add is simply
 keeping
 you from wrecking your configuration?
 
 -- 
 Peter N. M. Hansteen, member of the first RFC 1149 implementation team
 http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
 Remember to set the evil bit on all malicious network traffic
 delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
 

Hi Peter,

My configuration is fine and works (i386 using i386 packages).
The error message was copied from the original poster as an attempt to
diagnose
what might be wrong with his setup.

Regards,
Adam

Re: kernel panic in OpenBSD 5.6 release

[Josh Grosse]

On 2015-03-03 11:37, someone wrote:


1) If I run transmission-gtk with ex.: 20 torrent files and I'm on a
50 mbit/sec network, after ~10-15 minutes (network fully used,
ethernet, not wifi) my OpenBSD 5.6 64bit on a T61 will always crash
and brings up the gdb. Is that normal?


Do you mean *ddb*, rather than gdb?  If so, its normal when the
kernel panics, yes.


How can I help debug it? ...


Post the panic message, your dmesg(8), and the output from trace and
ps commands in the ddb(4) kernel debugger.

See crash(8) and ddb(4), and for the kind of information needed when
problem reporting, see http://www.openbsd.org/report.html

It's not clear if you are running 5.6-release or if you are running
with any of the errata patches, or 5.6-stable.  If you are running
-release, please note there are 15 errata patches, two of which are
for kernel panics.

Re: uxterm is showing UTF-8 chars with errors?

[Ted Unangst]

Stefan Sperling wrote:
 On Tue, Mar 03, 2015 at 04:55:01PM +0100, Thisis theone wrote:
  $ touch árvíztűrő tükörfúrógép
  $ ls -lah
  -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r?? 
  t??k??rf??r??g??p
  $
  
  I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
  this way? Why doesn't it displays it as it is?
  
  Many thanks!
 
 This is because ls(1) filters output with isprint(3) and is not aware
 of locales (i.e. it does not call setlocale(3)). Run pkg_add colorls
 and alias ls=colorls if you need multi-byte ls output.

As a shortcut, filtering out just esc will prevent most terminal damage? I'm
not sure what other characters can do, though... I vageuly recall that the
intersection of utf-8 and xterm controls is unknowable.

poc diff:

Index: util.c
===
RCS file: /cvs/src/bin/ls/util.c,v
retrieving revision 1.16
diff -u -p -r1.16 util.c
--- util.c  21 Nov 2013 15:54:45 -  1.16
+++ util.c  3 Mar 2015 16:56:15 -
@@ -51,7 +51,7 @@ putname(char *name)
int len;
 
for (len = 0; *name; len++, name++)
-   putchar((!isprint((unsigned char)*name)  f_nonprint) ? '?' : 
*name);
+   putchar((*name == 0x1b  f_nonprint) ? '?' : *name);
return len;
 }

Re: uxterm is showing UTF-8 chars with errors?

[someone]

pkg_add colorls
alias ls=colorls

This one did it, many thanks!!

On Tue, Mar 3, 2015 at 5:41 PM, Stefan Sperling s...@stsp.name wrote:

 On Tue, Mar 03, 2015 at 04:55:01PM +0100, Thisis theone wrote:
  $ touch árvíztűrő tükörfúrógép
  $ ls -lah
  -rw---   1 user  user 0B Feb  8 18:20 ??rv??zt??r??
 t??k??rf??r??g??p
  $
 
  I am using uxterm on OpenBSD 5.6. How can my uxterm show these accents in
  this way? Why doesn't it displays it as it is?
 
  Many thanks!

 This is because ls(1) filters output with isprint(3) and is not aware
 of locales (i.e. it does not call setlocale(3)). Run pkg_add colorls
 and alias ls=colorls if you need multi-byte ls output.

 Please do not start a discussion about adding this feature to base ls(1)
 unless you're willing to invest a non-trivial amount of time and energy
 working on improved locale support for the entire OS.
 It's already been discussed before.

Re: Almost offtopic question to the Improving Browser Security question

[someone]

Wow, copying the .Xauthority to the separated user worked!

But I'm still thinking that the separated user can give out the command:

xinput test 6

and can see what anyone types in via X.


On Tue, Mar 3, 2015 at 5:56 PM, Ryan Freeman r...@slipgate.org wrote:

 On Tue, Mar 03, 2015 at 05:51:27PM +0100, someone wrote:
  Hello,
 
  If I:
 
  pkg_add firefox-esr
 
  then I cannot see any separated user for it:
 
  grep -i firefox /etc/passwd
 
  When will OpenBSD have a separated user for the webbrowser by default?

 I think Ted specifically stated that jailing the browser under its own
 user was outside the scope of what he was intending to do..

  If someone gets in via the webbrowser... it will have the id_rsa, the
  *.kdb, etc.
 
  If it will not be default what are the solutions for the people to
  run their webbrowser with another user?
 
  $ su - foo
  Password:
  $ /usr/local/bin/firefox-esr
  Error: no display specified
  $ exit
  echo $DISPLAY
  :0
  $ su - foo
  Password:
  export DISPLAY=:0
  $ /usr/local/bin/firefox-esr
  No protocol specified
  No protocol specified
  Error: cannot open display: :0
  $
 

 You'll need to copy the .Xauthority file from your main user (the one
 running X) to ~foo/.Xauthority

 From there, you can then run X apps as foo and they should work just
 fine.

  Or is X so bad that it's not worth it? Can I run _several X servers_
  on my notebook (separated from each other)?
 
  Ex.: CTRL+ALT+F2 would bring up the logged in user with it's own X
  server, and CTRL+ALT+F3 another..
 
  Many thanks,

Re: How to view man pages with restricted ksh?

[Ingo Schwarze]

Hi Craig,

Craig Skinner wrote on Tue, Mar 03, 2015 at 04:23:59PM +:
 On 2015-03-03 Tue 16:46 PM |, Ingo Schwarze wrote:

 That looks like the man you are executing is a shell script starting
 with #!/bin/sh.  In particular, it does not look like the mandoc
 implementation of man(1) because that doesn't create temporary files.

Wrong guess on my part.  :)

Thanks for the additional info.  Now i understand:

  schwarze@isnote $ /bin/rksh
  $ echo $SHELL
  /bin/ksh
  $ oman man | wc
   18510669857
  $ ^D
  schwarze@isnote $ export SHELL=/bin/rksh
  schwarze@isnote $ /bin/rksh  
  $ echo $SHELL
  /bin/rksh
  $ oman man
  sh: /tmp/man.Y6LfRbb1ys: restricted
  sh: /usr/bin/less: restricted

Here, oman is the OpenBSD 5.6 man binary running on -current.

So, what happens is this:  the traditional BSD man(1) used in OpenBSD
5.6 uses system(3), see build_page() and main() in the file
/usr/src/usr.bin/man/man.c.  Looking at the file
/usr/src/lib/libc/stdlib/system.c, you see that system(3) runs
_PATH_BSHELL, which is /bin/sh according to /usr/include/paths.h.

When you have SHELL set to /bin/ksh, the shell executed by system(3)
is unrestricted, so it *can* write to the temp file, and it can
start the pager with an absolute path.  That's why tedu@ failed to
reproduce your issue, i think.

On the other hand, when you have SHELL set to /bin/rksh, the shell
executed by system(3) is restricted and stuff fails - what you saw.

Now, the old BSD man(1) isn't very secure (system(3) - yikes!),
and as you see, the whole concept of restricted shells isn't
very secure either, more like some Swiss cheese: At least it's
easy to inadvertently set up in a way that the restrictions don't
actually take effect or can be circumvented.  Here is another
exploit of a technology that is weak in the first place:

  schwarze@isnote $ echo $SHELL 
  /bin/rksh
  schwarze@isnote $ /bin/rksh   
  $ cd /
  /bin/rksh: cd: restricted shell - can't cd
  $ csh
  isnote:schwarze {1} cd /
  isnote: {2} pwd
  /
  isnote: {3} 

The good news is that:

 * OpenBSD 5.7 no longer uses the old BSD man(1).
 * man(1) no longer writes temp files but uses pipe(2).
 * man(1) no longer uses system(3).
 * With the new mandoc implementation of man(1) in OpenBSD 5.7,
   man(1) works no matter what, even in a restricted shell
   with SHELL set to /bin/rksh.

So i fixed your problem some months before you reported it.  :-)

Yours,
  Ingo

Re: Almost offtopic question to the Improving Browser Security question

[Ryan Freeman]

On Tue, Mar 03, 2015 at 05:51:27PM +0100, someone wrote:
 Hello,
 
 If I:
 
 pkg_add firefox-esr
 
 then I cannot see any separated user for it:
 
 grep -i firefox /etc/passwd
 
 When will OpenBSD have a separated user for the webbrowser by default?

I think Ted specifically stated that jailing the browser under its own
user was outside the scope of what he was intending to do..

 If someone gets in via the webbrowser... it will have the id_rsa, the
 *.kdb, etc.
 
 If it will not be default what are the solutions for the people to
 run their webbrowser with another user?
 
 $ su - foo
 Password:
 $ /usr/local/bin/firefox-esr
 Error: no display specified
 $ exit
 echo $DISPLAY
 :0
 $ su - foo
 Password:
 export DISPLAY=:0
 $ /usr/local/bin/firefox-esr
 No protocol specified
 No protocol specified
 Error: cannot open display: :0
 $
 

You'll need to copy the .Xauthority file from your main user (the one
running X) to ~foo/.Xauthority

From there, you can then run X apps as foo and they should work just
fine.

 Or is X so bad that it's not worth it? Can I run _several X servers_
 on my notebook (separated from each other)?
 
 Ex.: CTRL+ALT+F2 would bring up the logged in user with it's own X
 server, and CTRL+ALT+F3 another..
 
 Many thanks,

Re: kernel panic in OpenBSD 5.6 release

[someone]

Only running -release without patches. Ok, then I will try out newer
versions before reporting anything, thanks!

On Tue, Mar 3, 2015 at 5:56 PM, Josh Grosse j...@jggimi.homeip.net wrote:

 On 2015-03-03 11:37, someone wrote:

  1) If I run transmission-gtk with ex.: 20 torrent files and I'm on a
 50 mbit/sec network, after ~10-15 minutes (network fully used,
 ethernet, not wifi) my OpenBSD 5.6 64bit on a T61 will always crash
 and brings up the gdb. Is that normal?


 Do you mean *ddb*, rather than gdb?  If so, its normal when the
 kernel panics, yes.

  How can I help debug it? ...


 Post the panic message, your dmesg(8), and the output from trace and
 ps commands in the ddb(4) kernel debugger.

 See crash(8) and ddb(4), and for the kind of information needed when
 problem reporting, see http://www.openbsd.org/report.html

 It's not clear if you are running 5.6-release or if you are running
 with any of the errata patches, or 5.6-stable.  If you are running
 -release, please note there are 15 errata patches, two of which are
 for kernel panics.

Re: How to view man pages with restricted ksh?

[Ingo Schwarze]

Hi Craig,

Craig Skinner wrote on Tue, Mar 03, 2015 at 06:00:55PM +:

 Unless there's a work around for 5.6, it's not long until 5.7

Well, if you want to, you can update just mandoc(1) and man(1)
to -current on OpenBSD 5.6, it is compatible.  Don't try mixing
versions in general, but in this particular case, it works.
Here is what i just did on the mdocml.bsd.lv server to try it out:

   $ cd /usr/src/usr.bin/mandoc/
   $ make cleandir  # just in case sb. did make w/o make obj
   $ cvs up -dP -rHEAD
   $ make obj
   $ make cleandir
   $ rm -f obj/*  # because arch.o lib.o vol.o existed in 5.6, not in 5.7
   $ make depend
   $ make
   $ sudo make install
   $ sudo makewhatis

Yours,
  Ingo

How to run a GUI app without X?

[someone]

If X security is so bad, how can one run a GUI app, ex.: Firefox without
it? Using framebuffer? How can then someone use a GUI password manager to
copy the pwd to the Firefox in the fb?

google doesn't gives too many answers, to be more precise, zero per hour

can someone at least give keywords to what to search for?

thanks

Re: How to view man pages with restricted ksh?

[Craig Skinner]

On 2015-03-03 Tue 18:21 PM |, Ingo Schwarze wrote:
 
 So I fixed your problem some months before you reported it.  :-)
 

Ace one Ingo.

Unless there's a work around for 5.6, it's not long until 5.7

Cheers.
-- 
Great Lover, n.:
A man who can breathe through his ears.

Re: Almost offtopic question to the Improving Browser Security question

[someone]

http://blogs.gnome.org/alexl/2015/02/17/first-fully-sandboxed-linux-desktop-app/

h, great, looks like X is not soo good regarding security.. maybe
Wayland..

On Tue, Mar 3, 2015 at 6:09 PM, someone thisistheone8...@gmail.com wrote:

 Wow, copying the .Xauthority to the separated user worked!

 But I'm still thinking that the separated user can give out the command:

 xinput test 6

 and can see what anyone types in via X.


 On Tue, Mar 3, 2015 at 5:56 PM, Ryan Freeman r...@slipgate.org wrote:

 On Tue, Mar 03, 2015 at 05:51:27PM +0100, someone wrote:
  Hello,
 
  If I:
 
  pkg_add firefox-esr
 
  then I cannot see any separated user for it:
 
  grep -i firefox /etc/passwd
 
  When will OpenBSD have a separated user for the webbrowser by default?

 I think Ted specifically stated that jailing the browser under its own
 user was outside the scope of what he was intending to do..

  If someone gets in via the webbrowser... it will have the id_rsa, the
  *.kdb, etc.
 
  If it will not be default what are the solutions for the people to
  run their webbrowser with another user?
 
  $ su - foo
  Password:
  $ /usr/local/bin/firefox-esr
  Error: no display specified
  $ exit
  echo $DISPLAY
  :0
  $ su - foo
  Password:
  export DISPLAY=:0
  $ /usr/local/bin/firefox-esr
  No protocol specified
  No protocol specified
  Error: cannot open display: :0
  $
 

 You'll need to copy the .Xauthority file from your main user (the one
 running X) to ~foo/.Xauthority

 From there, you can then run X apps as foo and they should work just
 fine.

  Or is X so bad that it's not worth it? Can I run _several X servers_
  on my notebook (separated from each other)?
 
  Ex.: CTRL+ALT+F2 would bring up the logged in user with it's own X
  server, and CTRL+ALT+F3 another..
 
  Many thanks,

How to run a GUI app without X?

[tixx]

Hello, for OpenBSD you can't.
http://www.openbsd.org/faq/faq11.html#Intro (11.1.2)

Re: OpenBSD install has 1 not so logical part

[Nick Holland]

On 03/03/15 10:55, Thisis theone wrote:

Hello,

Do you expect to run the X Window System? [yes] no
Do you want the X Window System to be started by xdm(1)? [no] no

Isn't this a contradiction? Or is it related to machdep.allowaperture? If
machdep.allowaperture isn't needed anymore, why is it still in the
install?


there's only one kind of hw out there, right?
oh wait.  :)

At the moment, on i386/amd64, only radeon, intel and vesa can avoid the 
xf86(4) driver, there are a lot of other X servers and 
non-Radeon/non-Intel hw that can be handled by something better than 
vesa out there.


The first question sets things up so X *could* be used (if needed).  For 
security reasons, this can't be changed after the system has fully 
booted.  The second determines if X should be started at boot, but X can 
certainly be started post-boot.  Two different things.


Nick.

Re: How to run a GUI app without X?

[Nick Holland]

On 03/03/15 14:15, someone wrote:

If X security is so bad, how can one run a GUI app, ex.: Firefox without
it?


you can't.  Firefox was designed for a very few graphical interfaces -- 
Windows, X, and maybe whatever it is on Mac.



Using framebuffer? How can then someone use a GUI password manager to
copy the pwd to the Firefox in the fb?


you won't.


google doesn't gives too many answers, to be more precise, zero per hour

can someone at least give keywords to what to search for?


how does my computer work?.
This is one of those questions that if you understand how things 
actually work, it's kinda self-explanatory.


Back in the very old days, every program was written to the hardware it 
was run on.  OSs provide a layer of abstraction, so you write your 
application to the OS, and the OS deals with the hardware.  Change your 
hardware, you just reconfigure your OS, and the app doesn't have to 
know.  Plus now one app can use the OS to transfer data to another app.


In the days of PCs, the OS didn't support the graphics, so graphics apps 
had to either support the hw directly or be written to a lower common 
feature set (and boy, did the IBM PC have a very low graphics feature set)


X provides that layer of abstraction for graphical apps on Unix. 
Windows provides that layer of abstraction for ... well, windows apps. 
Both environments do a lot more than just put dots on the screen, both 
also include handling data between apps (i.e., cut/paste).  This is a 
lot more than just a frame buffer.


You want to use an OS frame buffer for Firefox?  ok, great...step 1, 
write a common API usable on on multiple OSs (Solaris, *BSD, Linux, AIX, 
HP/UX ...).  Step 2: Implement on those OSs.  Step 3: Rewrite a lot of 
apps (including Firefox) to use your API instead of X or Windows.  Step 
4: wait for the world to say, yeah, but it doesn't run MY app, so I'm 
not using it!.  Step 5: listen to the few people who even tried it say, 
Hey, this isn't nearly as fast as the GUI support on X or Windows!


Yes, X sucks. (See the fortune(6) files for some commentary on X) But it 
IS the unix standard at this point, I can't even remember an also ran. 
 Changing it would be very very difficult.


Besides, if you are running Firefox, X is probably not your biggest 
security problem.  If your computer is a wooden ship, X is the termite 
colony that might eat through the hull of your ship and sink it some 
day.  Firefox is the cluster of icebergs that are currently surrounding 
your ship.


Nick.

OpenBSD and 40G/100G ethernet cards

[Theron ZORBAS]

Hi,

Is there any plan to support 40G/100G ethernet cards? You may see a vendor's 
product in this category at this link: 
http://www.mellanox.com/page/ethernet_cards_overview
Thanks
Theron

Re: pkg_add failure in March 1 snapshot

[Philip Guenther]

On Tue, Mar 3, 2015 at 3:35 AM, Dmitrij D. Czarkoff czark...@gmail.com wrote:
 I've updated to March 1 snapshot, and after sysmerge tried to update
 packages.  What I got was:

 : $ sudo pkg_add -u
 : Use of uninitialized value $file in hash element at 
 /usr/libdata/perl5/OpenBSD/Temp.pm line 80.
 : Use of uninitialized value $error in concatenation (.) or string at 
 /usr/libdata/perl5/OpenBSD/PackageRepository.pm line 723.

I believe this is reported when $PKG_TMPDIR isn't writable.


Philip Guenther

X really slow dragging windows

[Jason Adams]

Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X 
has really taken a hit
when dragging windows around.  The window trails the pointer by several inches. 
 X performance used
to be surprisingly good on 5.5.

I note the following lines in Xorg.0.log:

 [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 
 (ChipID = 0x4437)
 [56.519] (II) RADEON(0): GPU accel disabled or not working, using 
 shadowfb for KMS

fw_update reports no updates, (it does list a couple radeon entries as it 
checks for firmware).

Any clues as to what may be the issue here?  Is this fixable?


-- 
Those who do not understand Unix are condemned to reinvent it, poorly.

iwn(4) firmware

[Jan Stary]

http://www.openbsd.org/faq/faq6.html#Wireless
lists the supported wireles chipsets, marking with NFF
those that need the non-free firmware to be downloaded.

It does not mark iwn(4) as such, but on my Thinkpad T400 (dmesg below),
I do need to have iwn-firmware-5.11p1 for the chipset, which is

iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5300 rev 0x00: msi, MIMO 3T3R, 
MoW, address 00:21:6a:01:9f:ce

Jan


OpenBSD 5.7-beta (GENERIC.MP) #852: Tue Feb 10 16:31:16 MST 2015
t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 3095072768 (2951MB)
avail mem = 3008819200 (2869MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries)
bios0: vendor LENOVO version 7UET94WW (3.24 ) date 10/17/2012
bios0: LENOVO 64741EG
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT 
SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) 
EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) 
EHC1(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.30 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF
cpu0: 3MB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges
cpu0: apic clock running at 265MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.00 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF
cpu1: 3MB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpimcfg0 at acpi0 addr 0xe000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 2 (EXP0)
acpiprt3 at acpi0: bus 3 (EXP1)
acpiprt4 at acpi0: bus -1 (EXP2)
acpiprt5 at acpi0: bus 5 (EXP3)
acpiprt6 at acpi0: bus 13 (EXP4)
acpiprt7 at acpi0: bus 21 (PCI1)
acpicpu0 at acpi0: C3, C2, C1, PSS
acpicpu1 at acpi0: C3, C2, C1, PSS
acpipwrres0 at acpi0: PUBS, resource for USB0, USB3, USB5, EHC0, EHC1
acpitz0 at acpi0: critical temperature is 127 degC
acpitz1 at acpi0: critical temperature is 100 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model 93P5030 serial  1559 type LION oem SONY
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock0 at acpi0: GDCK not docked (0)
cpu0: Enhanced SpeedStep 2261 MHz: speeds: 2267, 2266, 1600, 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07
vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07
intagp0 at vga1
agp0 at intagp0: aperture at 0xd000, size 0x1000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1280x800
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured
Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured
pciide0 at pci0 dev 3 function 2 Intel GM45 PT IDER rev 0x07: DMA 
(unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI
pciide0: using apic 1 int 18 for native-PCI interrupt
pciide0: channel 0 ignored (not responding; disabled or no drives?)
pciide0: channel 1 ignored (not responding; disabled or no drives?)
puc0 at pci0 dev 3 function 3 Intel GM45 KT rev 0x07: ports: 1 com
com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
com4: probed fifo depth: 0 bytes
em0 at pci0 dev 25 function 0 Intel ICH9 IGP M AMT rev 0x03: msi, address 
00:1c:25:9b:0a:23
uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x03: apic 1 int 20
uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x03: apic 1 int 21
uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x03: apic 1 int 22
ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x03: apic 1 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x03: msi
azalia0: codecs: Conexant CX20561
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x03: msi
pci1 at ppb0 bus 2
ppb1 at pci0 dev 28 function 1 Intel 82801I PCIE rev 0x03: msi
pci2 at ppb1 bus 3
iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5300 rev 0x00: 

Does wpa-psk still exist?

[Bob Eby]

Hi,

I'm trying to connect to a wireless network using OpenBSD 5.6.  I see a
couple FAQ questions talking about a wpa-psk command to convert plaintext
to encrypted string, but still getting secure wireless working is about as
clear as mud.

Thanks,
Bob

Re: Does wpa-psk still exist?

[Maurice McCarthy]

On 2015-03-03 23:21, Bob Eby wrote:

Hi,

I'm trying to connect to a wireless network using OpenBSD 5.6.  I see 
a
couple FAQ questions talking about a wpa-psk command to convert 
plaintext
to encrypted string, but still getting secure wireless working is 
about as

clear as mud.

Thanks,
Bob



Create a file called /etc/hostname.wpi0 (if wpi0 is your wireless 
driver) and put this in it


nwid mynwid
wpakey wpa-psk
dhcp

Save it and run the command

$ sudo sh /etc/netstart

Then read man hostname.if

Purists will say read the man page first but you will remember far 
better by experiencing first.


Good Luck
Mo

Re: File transfer from NetBSD to OpenBSD

[Andrew Daugherity]

On Sun, Mar 1, 2015 at 10:40 AM, etie...@magickarpet.org wrote:

 Hello there,

 Could anyone recommend which filesystem type to use when backing up a few
 hundred GB of files from NetBSD onto a USB disk, planning to restore them
 on an OpenBSD machine. I remember distantly that last time I tried with
 FFS, it didn't work.

I assume NFS/scp/rsync is out of the question?

I've successfully used FreeBSD FFS partitions in NetBSD, after adjusting
the MBR partition type (A5/A6/A9) and disklabel (renamed sd0d to sd0h since
NetBSD uses sd0c for the entire BSD MBR partition and sd0d for the
entire disk), so I would expect it to work with these adjustments, but it
is by no means guaranteed (this was several versions ago), and caveat
emptor applies.

tar is good and simple if you're restoring the whole thing right away, but
if you want to easily get various individual files out of the backup or
rearrange the structure, rsync to ext2 (or ffs, maybe) would be better.

Re: uxterm is showing UTF-8 chars with errors?

[Thomas Bohl]

Am 03.03.2015 um 17:58 schrieb Ted Unangst:

As a shortcut, filtering out just esc will prevent most terminal damage? I'm
not sure what other characters can do, though... I vageuly recall that the
intersection of utf-8 and xterm controls is unknowable.

poc diff:

Index: util.c
===
RCS file: /cvs/src/bin/ls/util.c,v
retrieving revision 1.16
diff -u -p -r1.16 util.c
--- util.c  21 Nov 2013 15:54:45 -  1.16
+++ util.c  3 Mar 2015 16:56:15 -
@@ -51,7 +51,7 @@ putname(char *name)
int len;

for (len = 0; *name; len++, name++)
-   putchar((!isprint((unsigned char)*name)  f_nonprint) ? '?' : 
*name);
+   putchar((*name == 0x1b  f_nonprint) ? '?' : *name);
return len;
  }




Thank you very much! Colorls still showed me ?? for the majority of 
characters. This patch works as expected.



If the filtering is done for security reasons I just want to humbly add 
that in many circumstances pressing the tab-key instead of enter will 
deliver a unsanitized file listing anyway. (By the shell I would assume.)

Re: Does wpa-psk still exist?

[Stefan Sperling]

On Tue, Mar 03, 2015 at 06:21:52PM -0500, Bob Eby wrote:
 Hi,
 
 I'm trying to connect to a wireless network using OpenBSD 5.6.  I see a
 couple FAQ questions talking about a wpa-psk command to convert plaintext
 to encrypted string, but still getting secure wireless working is about as
 clear as mud.
 
 Thanks,
 Bob

wpa-psk has long been replaced with the ifconfig(8) wpakey option.

 wpakey passphrase | hexkey
 Set the WPA key and enable WPA.  The key can be given using
 either a passphrase or a full length hex key, starting with 0x.
 If a passphrase is used the nwid option must be set prior to
 specifying the wpakey option, since ifconfig will hash the nwid
 along with the passphrase to create the key.

Re: OpenBSD and 40G/100G ethernet cards

[Reyk Floeter]

Hi,

 On 03.03.2015, at 23:09, Theron ZORBAS theronzor...@yahoo.com wrote:
 
 Hi,
 
 Is there any plan to support 40G/100G ethernet cards? You may see a vendor's 
 product in this category at this link: 
 http://www.mellanox.com/page/ethernet_cards_overview
 Thanks
 Theron
 

if there is hardware documentation and/or a driver for another OS (eg. 
FreeBSD), we could port it to OpenBSD. I'm not sure about Mellanox, but the 
Intel 40G stuff would definitely be interesting, and there is a FreeBSD driver 
as a starting point. But please don't except any miracles with the performance 
- we hardly do 10G at the moment.

But we don't have the hardware yet, so we depend on donations of two of each 
40G/100G cards and the required cables; we could run them back-to-back and try 
to get them working. Get them to mikeb@ and me, maybe other developers as well. 
Of course, 10/40/100G switch donations would also always work… ;-)

Reyk

Re: Does wpa-psk still exist?

[Nick Holland]

On 03/03/15 18:21, Bob Eby wrote:

Hi,

I'm trying to connect to a wireless network using OpenBSD 5.6.  I see a
couple FAQ questions talking about a wpa-psk command to convert plaintext
to encrypted string, but still getting secure wireless working is about as
clear as mud.


Yes, if you search randomly around the Internet, you can find all kinds 
of obsolete information.


If you use the search box on the OpenBSD FAQ page, the only thing that 
comes up for wpa-psk is it was removed in 4.9.


try http://www.openbsd.org/faq/faq6.html#Wireless

It really isn't that hard.  You have a few basic parameters, you have a 
place to put them.  Then it works.


Nick.

Re: uxterm is showing UTF-8 chars with errors?

[Stefan Sperling]

On Tue, Mar 03, 2015 at 11:41:07PM +0100, Thomas Bohl wrote:
 Thank you very much! Colorls still showed me ?? for the majority of
 characters. This patch works as expected.

I'm not sure what kind of behaviour you expect.

colorls showing some ?? indicates that the character set used by
filenames and your locale character set configuration do not match.
See http://www.openbsd.org/faq/faq10.html#locales in case you
didn't set up your locale yet. Set your locale's charset to
the charset used by your filenames. Then try colorls again.
If charsets align, it should just work.

In case you have mixed charsets in filenames which then causes ?? this
is very hard to deal with in any case. In this situation you could
pkg_add convmv and use that tool to straighten out filename charsets.

Perhaps tedu's diff is a good idea, perhaps not.
Making ls(1) aware of character encodings has some advantages (e.g.
multi-column output always aligns properly) and some disadvantages
(need to set up the locale first, can only use one charset at a time).
Just allowing any garbage might sometimes make things appear to
work as if by magic, but could also corrupt your terminal or worse.
Then again, ls probably shouldn't be in the business of compensating
for bugs in terminal emulators. I suspect many other tools aren't,
either (e.g. df(1) doesn't care).

Re: File transfer from NetBSD to OpenBSD

[Gene]

On Sun, Mar 1, 2015 at 12:06 PM, Janjaap van Velthooven janj...@stack.nl
wrote:

 On Sun, Mar 01, 2015 at 04:40:25PM +, etie...@magickarpet.org wrote:
  Hello there,
 
  Could anyone recommend which filesystem type to use when backing up
  a few hundred GB of files from NetBSD onto a USB disk, planning to
  restore them on an OpenBSD machine. I remember distantly that last
  time I tried with FFS, it didn't work.

 Personally I would just try to tar to the usb device and skip having
 a filesystem on the usb device; that way there is no filesystem to be
 incompatible.


Such a simple and elegant solution.

Having never done this before I just tested it.  Very slick.



  Cheers,
  --
  Étienne

 Janjaap van Velthooven
 --  
/ __/ /_/ __/ /_  __/ __/ /___  /
   / /_  __/___/_/_  /___  / / __/ /___  / /  janj...@stack.nl
  /___/_/_/_/_/_/_/___/_/_/

Re: panic due to bridge mem address conflict on IBM x3650M4 server

[Nick Holland]

On 03/03/15 23:39, Ninad Shaha wrote:
 Dear All,
 
 I want to use openbsd on IBM x3650 M4 server. I am able to install it 
 successfully. But while 1st boot I am getting lots of bridge memory 
 address conflict errors.
 
 Server Details:
 
 IBM X3650 M4
 E5-2670 2.6 Ghz cpu,
 32gb memory
 4 10gig ethernet ports
 
 please guide me to resolve this issue.
 Please check bellow link for errors messages...
 
 http://homepages.iitb.ac.in/~ninadshaha/IBM_Errors.mov

A little hint:

One way to get less attention to your question than you might like is to
post pictures rather than putting the information in your e-mail.

Posting a MOVIE is probably the best way to get almost no attention from
those that you want to notice you.

Get a serial cable and grab your dmesg and error message.
Failing that, hand-transcribe at least enough to let us know you really
care enough to get our attention.

(might want to set your system clock properly, too.)


Nick.

Re: pkg_add failure in March 1 snapshot

[Ted Unangst]

Peter N. M. Hansteen wrote:
 On Tue, Mar 03, 2015 at 12:56:44PM +0100, Adam Wolk wrote:
  I just updated to the March 1 (i386) snapshot and now I'm in process of
  doing a 'pkg_add -uiv' so far no issues on my side (packages are
  downloading and updating).
  
  Is the issue reproducible? Maybe it was a temporary network glitch?
  
  : http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/
  is empty
 
 amd64 packages on i386 is not supported. perhaps pkg_add is simply keeping
 you from wrecking your configuration?

Even so, Use of uninitialized value $file in hash element is not the most
user friendly way to present that information. :)

pkg_add failure in March 1 snapshot

[Dmitrij D. Czarkoff]

Hi!

I've updated to March 1 snapshot, and after sysmerge tried to update
packages.  What I got was:

: $ sudo pkg_add -u
: Use of uninitialized value $file in hash element at 
/usr/libdata/perl5/OpenBSD/Temp.pm line 80.
: Use of uninitialized value $error in concatenation (.) or string at 
/usr/libdata/perl5/OpenBSD/PackageRepository.pm line 723.
: sh: syntax error: unexpected EOF
: Use of uninitialized value $filename in open at 
/usr/libdata/perl5/OpenBSD/PackageRepository.pm line 649.
: http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/ is empty

followed by a list of installed packages that failed to update.

-- 
Dmitrij D. Czarkoff

Re: pkg_add failure in March 1 snapshot

[Adam Wolk]

On Tue, Mar 3, 2015, at 12:35 PM, Dmitrij D. Czarkoff wrote:
 Hi!
 
 I've updated to March 1 snapshot, and after sysmerge tried to update
 packages.  What I got was:
 
 : $ sudo pkg_add -u
 : Use of uninitialized value $file in hash element at
 /usr/libdata/perl5/OpenBSD/Temp.pm line 80.
 : Use of uninitialized value $error in concatenation (.) or string at
 /usr/libdata/perl5/OpenBSD/PackageRepository.pm line 723.
 : sh: syntax error: unexpected EOF
 : Use of uninitialized value $filename in open at
 /usr/libdata/perl5/OpenBSD/PackageRepository.pm line 649.
 : http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/ is
 empty
 
 followed by a list of installed packages that failed to update.
 
 -- 
 Dmitrij D. Czarkoff
 

I just updated to the March 1 (i386) snapshot and now I'm in process of
doing a 'pkg_add -uiv' so far no issues on my side (packages are
downloading and updating).

Is the issue reproducible? Maybe it was a temporary network glitch?

: http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/
is empty

The error looks like being reported from:

PackageRepository.pm:144 sub stemlist. Maybe it's a weirdly named file
in that snapshot directory that breaks the stem split?

Regards,
Adam

panic due to bridge mem address conflict on IBM x3650M4 server

[Ninad Shaha]

Dear All,

I want to use openbsd on IBM x3650 M4 server. I am able to install it 
successfully. But while 1st boot I am getting lots of bridge memory 
address conflict errors.


Server Details:

IBM X3650 M4
E5-2670 2.6 Ghz cpu,
32gb memory
4 10gig ethernet ports

please guide me to resolve this issue.
Please check bellow link for errors messages...

http://homepages.iitb.ac.in/~ninadshaha/IBM_Errors.mov

Thanking you

Regards,
Ninad.

How to view man pages with restricted ksh?

[Craig Skinner]

Hi folks,


$ man rksh
sh: /tmp/man.v3NbpQf33a: restricted
sh: /usr/bin/more: restricted
$ export MANPAGER=less
$ man rksh
sh: /tmp/man.MwpZa2hlUo: restricted
$ man -c rksh
sh: /tmp/man.U7FO8rM3Pc: restricted


$ printenv | sort
HOME=/home/jason
LOGNAME=jason
MAIL=/var/mail/jason
PATH=/usr/bin:/bin:/usr/local/bin:/home/jason/bin
SHELL=/bin/rksh
SSH_CLIENT=192.168.1.10 51139 22
SSH_CONNECTION=192.168.1.10 51139 192.168.1.1 22
SSH_TTY=/dev/ttypb
TERM=xterm
USER=jason
_=/usr/bin/printenv
$ stat /etc/profile /etc/ksh.kshrc ~/.profile ~/.kshrc
stat: /etc/profile: No such file or directory
stat: /etc/ksh.kshrc: No such file or directory
stat: /home/jason/.profile: No such file or directory
stat: /home/jason/.kshrc: No such file or directory

$ uname -srvm
OpenBSD 5.6 GENERIC#274 i386

Any ideas on what to try?


-- 
People who have what they want are very fond of telling
people who haven't what they want that they don't want it.
-- Ogden Nash