Re: vmd and FreeBSD support

[David Lowe]

Ok, thanks for the information! Great.

On 2017-07-26 07:02, Mike Larkin wrote:

On Tue, Jul 25, 2017 at 05:12:46PM -0700, Chris Cappuccio wrote:

Tell it to use a serial console and not a VGA console



There are more bits still missing after that. I posted that I got 
through

the kernel boot/autoconf, not that "everything works".

Don't burn your time on it yet, but at least one other developer is 
looking

at it.

-ml


David Lowe [d.l...@openmailbox.org] wrote:
> Hello,
> a few weeks ago, I read something about vmm hosting FreeBSD. I tried the
> image
> found at 
https://download.freebsd.org/ftp/releases/VM-IMAGES/11.0-RELEASE/amd64/Latest/
> but the boot process just restarts after this situation:
>
>
>
>  +Welcome to FreeBSD---+ +o   .--` /y:`  +.
>  | |  yo`:.:o  `+-
>  |  1. Boot Multi User [Enter] |   y/   -/`   -o/
>  |  2. Boot Single User|  .-  ::/sy+:.
>  |  3. Escape to loader prompt |  / `--  /
>  |  4. Reboot  | `:  :`
>  | | `:  :`
>  |  Options:   |  /  /
>  |  5. Kernel: default/kernel (1 of 2) |  .--.
>  |  6. Configure Boot Options...   |   --  -.
>  | |`:`  `:`
>  | |  .-- `--.
>  | | .---..
>  +-+
>
>
> /boot/kernel/kernel text=0x14ed860 data=0x132538+0x4baa68
> syms=[0x8+0x159ee8+0x8
> +0x172d9c] 08 di= bp= sp=5df6 cs= ip=9336  f=0242
> Booting...
> |reeBSD/x86 bootstrap loader, Revision 1.1
> (r...@releng2.nyi.freebsd.org, Thu Sep 29 01:38:45 UTC 2016)
> Loading /boot/defaults/loader.conf
> /
>
>
> Does anyone know a workaround (or some hint how to convince FreeBSD to
> boot)?
> I also tried NetBSD but without luck.
>
> Thanks!

Re: vmd and FreeBSD support

[Mike Larkin]

On Tue, Jul 25, 2017 at 05:12:46PM -0700, Chris Cappuccio wrote:
> Tell it to use a serial console and not a VGA console
> 

There are more bits still missing after that. I posted that I got through
the kernel boot/autoconf, not that "everything works".

Don't burn your time on it yet, but at least one other developer is looking
at it.

-ml

> David Lowe [d.l...@openmailbox.org] wrote:
> > Hello,
> > a few weeks ago, I read something about vmm hosting FreeBSD. I tried the
> > image
> > found at 
> > https://download.freebsd.org/ftp/releases/VM-IMAGES/11.0-RELEASE/amd64/Latest/
> > but the boot process just restarts after this situation:
> > 
> > 
> > 
> >  +Welcome to FreeBSD---+ +o   .--` /y:`  +.
> >  | |  yo`:.:o  `+-
> >  |  1. Boot Multi User [Enter] |   y/   -/`   -o/
> >  |  2. Boot Single User|  .-  ::/sy+:.
> >  |  3. Escape to loader prompt |  / `--  /
> >  |  4. Reboot  | `:  :`
> >  | | `:  :`
> >  |  Options:   |  /  /
> >  |  5. Kernel: default/kernel (1 of 2) |  .--.
> >  |  6. Configure Boot Options...   |   --  -.
> >  | |`:`  `:`
> >  | |  .-- `--.
> >  | | .---..
> >  +-+
> > 
> > 
> > /boot/kernel/kernel text=0x14ed860 data=0x132538+0x4baa68
> > syms=[0x8+0x159ee8+0x8
> > +0x172d9c] 08 di= bp= sp=5df6 cs= ip=9336  f=0242
> > Booting...
> > |reeBSD/x86 bootstrap loader, Revision 1.1
> > (r...@releng2.nyi.freebsd.org, Thu Sep 29 01:38:45 UTC 2016)
> > Loading /boot/defaults/loader.conf
> > /
> > 
> > 
> > Does anyone know a workaround (or some hint how to convince FreeBSD to
> > boot)?
> > I also tried NetBSD but without luck.
> > 
> > Thanks!
> 

Question from Dummies about FreeBSD PF VS Magic Puffer Fish

[R0me0 ***]

Hello Misc,

I already used currently FreeBSD PF grammar on OpenBSD during years and
AFAIK and I remember this always worked ( On Magic Puffer Fish of course )

My case is simple:

FreeBSD RPI3/AMD64 ( That I tested ) - ( DNS REQUESTS TO LOCALHOST  port
1053 running TOR)


rdr pass on ue0 inet proto udp to port domain ->  127.0.0.1 port 1053

RPI3 just has ethernet and lo interface.

NOT WORK, I NEED explicitly set 127 to IP address of ue0 interface. and
then works ( tried set skip on lo and all magic route-to does ) NOT WORK (
ip forwarding enabled too )

AND then

On magic puffer fish as simple it its works ! not matter's if match or pass
rule/ divert-to or rdr-to

WORKS

JUST WORKS

Anyone, Please can tell me why it does not work on FreeBSD?

What kind of black magic is needed?

Thanks in advance,

Re: octeon port, ubiquity edgerouter

[jungle Boogie]

On Jul 25, 2017 6:59 PM, "Sean Murphy"  wrote:
>
> >>   People are willing to take an unknown (right now) performance
penalty
> >>   to run openBSD on it and with pf.
>
> When I was using my ERL as primary gateway, I found that my network
> performed better than it did with the dd-wrt based router I was using
> previously.  Everything was more stable, easier to keep track of what
> was going on, and my work VPN was faster to connect and performed
> tremendously.  Anyone talking about a "performance penalty" is missing
> the point.

I absolutely DO NOT want blobs in or around openbsd whatsoever, ever.

Im saying I'm presently surprised to see so many folks running openbsd on
this arch and enjoying it. I certainly enjoy running it and the frequent
updates from the team, I can't say either one of those would happen if we
were still using ubiquity's option.

To make this clear, I love openbsd and will forever be grateful for the
project, the individuals and the 20+ years for the labor of love put into
the project.

Keep openbsd blob free!

Re: octeon port, ubiquity edgerouter

[Sean Murphy]

>>   People are willing to take an unknown (right now) performance penalty
>>   to run openBSD on it and with pf.

When I was using my ERL as primary gateway, I found that my network
performed better than it did with the dd-wrt based router I was using
previously.  Everything was more stable, easier to keep track of what
was going on, and my work VPN was faster to connect and performed
tremendously.  Anyone talking about a "performance penalty" is missing
the point.

Re: octeon port, ubiquity edgerouter

[Theo de Raadt]

> I wonder how fast the NIC's will be - using this CPU and still no hardware
> acceleration.
>
>   Yeah, I'm wondering that too. It's pretty cool this platform is
>   becoming more popular to run openBSD on.
>
>   People are willing to take an unknown (right now) performance penalty
>   to run openBSD on it and with pf.

Wow.

So there is a series of self-education problems hiding behind this
conversation.

There is a completely proprietary HW-assist platform that the
vendor has as a blob.  You want us to use that?  You want a blob?
You think it will be reverse engineered?  Keep dreaming.

Or let's go back to using the blob.  What else does it do?  Thought
about that?  Nope, I think that went WHOOSH overhead.

And even if the HW was figured out.  Does it work with the way PF
manages every packet from arrival to delivery?  Or is it a switch-style
cut-through approach, without good inspection/management inflection
points.

Probably something designed for PERFORMANCE, and acting to the detriment
of any attempt to smart filter/route packets.

But still, the statement stands that this is a 'performance penalty'?

How do you figure that??

None of the other architectures have the benefit of such a blob.
They do it all in software.

When we run on amd64, we don't have such a blob.  So we operate with
a 'performance penalty' defacto?

Where do you guys keep coming from??  I mean I keep seeing people who
just don't spend an OUNCE OF EFFORT at actually learning how things
are put together, and then cheerily pat each other on the back on
mailing lists with hope and glee, and cheering on about changing a fan?

You really do deserve each other, and to large degree I think perhaps
on that platform perhaps you should stick with the blob-enhanced
vendor-locked Linux.

Re: Recommendation on OpenBSD host

[Sterling Archer]

You could check if www.1984.is supports OpenBSD. You should be aware
that most traffic to and from Iceland passes throught the UK, by the
way.

On Wed, Jul 26, 2017 at 3:01 AM,   wrote:
> Hey list. I need a server to host a very simple website.
> I've been looking for a OpenBSD host that offers 'full' control
> over the machine though SSH. Anyone has recommendations?
> My needs: simple low traffic httpd(8) website (no javascript),
> even a Core2Duo, 2GB of RAM and a HDD with space to install
> base system (without Xenocara, of course) would be enough.
> I can't do it on some random laptop because I need it to be
> anonymous (it will have sensitive journalistic information[*]).
> Ideally that accept cryptocoins (dashcoin or plain bitcoin) and
> from a country like Romania or Iceland, because of their historic
> free-speech protection (again, *ideally*).
> I see the people from Libreboot have a project to build a host,
> but I don't think they support OpenBSD yet and I think they never
> will... because of Stallmanism BS ("closed firmware == blob").
>
>
> Regards.
>
>
>
> ps. Yes, I've searched the marc.info archive.
> ps2. please don't reply directly to this mail, but to the list.
>
> [*] nothing illegal, btw, it will just possibly make some political
> people very angry.
>

Re: Recommendation on OpenBSD host

[R0me0 ***]

Vultr/Linode I already tested and are good choices.

DigitalOcean - If you used disk encryption, they corrupt your disk



2017-07-25 22:01 GMT-03:00 :

> Hey list. I need a server to host a very simple website.
> I've been looking for a OpenBSD host that offers 'full' control
> over the machine though SSH. Anyone has recommendations?
> My needs: simple low traffic httpd(8) website (no javascript),
> even a Core2Duo, 2GB of RAM and a HDD with space to install
> base system (without Xenocara, of course) would be enough.
> I can't do it on some random laptop because I need it to be
> anonymous (it will have sensitive journalistic information[*]).
> Ideally that accept cryptocoins (dashcoin or plain bitcoin) and
> from a country like Romania or Iceland, because of their historic
> free-speech protection (again, *ideally*).
> I see the people from Libreboot have a project to build a host,
> but I don't think they support OpenBSD yet and I think they never
> will... because of Stallmanism BS ("closed firmware == blob").
>
>
> Regards.
>
>
>
> ps. Yes, I've searched the marc.info archive.
> ps2. please don't reply directly to this mail, but to the list.
>
> [*] nothing illegal, btw, it will just possibly make some political
> people very angry.
>
>

Recommendation on OpenBSD host

[i3jbib]

Hey list. I need a server to host a very simple website.
I've been looking for a OpenBSD host that offers 'full' control
over the machine though SSH. Anyone has recommendations?
My needs: simple low traffic httpd(8) website (no javascript),
even a Core2Duo, 2GB of RAM and a HDD with space to install
base system (without Xenocara, of course) would be enough.
I can't do it on some random laptop because I need it to be
anonymous (it will have sensitive journalistic information[*]).
Ideally that accept cryptocoins (dashcoin or plain bitcoin) and
from a country like Romania or Iceland, because of their historic
free-speech protection (again, *ideally*).
I see the people from Libreboot have a project to build a host,
but I don't think they support OpenBSD yet and I think they never
will... because of Stallmanism BS ("closed firmware == blob").


Regards.



ps. Yes, I've searched the marc.info archive.
ps2. please don't reply directly to this mail, but to the list.

[*] nothing illegal, btw, it will just possibly make some political
people very angry.

Re: vmd and FreeBSD support

[Chris Cappuccio]

Tell it to use a serial console and not a VGA console

David Lowe [d.l...@openmailbox.org] wrote:
> Hello,
> a few weeks ago, I read something about vmm hosting FreeBSD. I tried the
> image
> found at 
> https://download.freebsd.org/ftp/releases/VM-IMAGES/11.0-RELEASE/amd64/Latest/
> but the boot process just restarts after this situation:
> 
> 
> 
>  +Welcome to FreeBSD---+ +o   .--` /y:`  +.
>  | |  yo`:.:o  `+-
>  |  1. Boot Multi User [Enter] |   y/   -/`   -o/
>  |  2. Boot Single User|  .-  ::/sy+:.
>  |  3. Escape to loader prompt |  / `--  /
>  |  4. Reboot  | `:  :`
>  | | `:  :`
>  |  Options:   |  /  /
>  |  5. Kernel: default/kernel (1 of 2) |  .--.
>  |  6. Configure Boot Options...   |   --  -.
>  | |`:`  `:`
>  | |  .-- `--.
>  | | .---..
>  +-+
> 
> 
> /boot/kernel/kernel text=0x14ed860 data=0x132538+0x4baa68
> syms=[0x8+0x159ee8+0x8
> +0x172d9c] 08 di= bp= sp=5df6 cs= ip=9336  f=0242
> Booting...
> |reeBSD/x86 bootstrap loader, Revision 1.1
> (r...@releng2.nyi.freebsd.org, Thu Sep 29 01:38:45 UTC 2016)
> Loading /boot/defaults/loader.conf
> /
> 
> 
> Does anyone know a workaround (or some hint how to convince FreeBSD to
> boot)?
> I also tried NetBSD but without luck.
> 
> Thanks!

Re: octeon port, ubiquity edgerouter

[jungle Boogie]

On 25 July 2017 at 15:20, Doggie  wrote:
> W dniu 2017-07-25 o 19:39, Peter J. Philipp pisze:
>>
>> Actually I bought the silent fans.  So I don't have to write any code,
>> too bad the foxconn fans are a misdesign.  I'll maintenance this router
>> next week for the new fans.  I'm putting it into production at home
>> tomorrow though.
>
>
> Thanks for all the details, Peter, and good luck during next steps of your
> project.
>
> I wonder how fast the NIC's will be - using this CPU and still no hardware
> acceleration.
>

Yeah, I'm wondering that too. It's pretty cool this platform is
becoming more popular to run openBSD on.
People are willing to take an unknown (right now) performance penalty
to run openBSD on it and with pf.

Sounds like ubiquity should just sell it with openBSD loaded on it
support the project. ;)

Re: FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: Unable to create temporary file, Check permissions in temporary files directory.

[Todd Mortimer]

Hi Stephane,

Are you sure that the env[TMP], env[TMPDIR] and env[TEMP] variables are
supposed to be relative to the real system root, or relative to the
chroot? If I were to guess, I would bet that php is trying to create a
file after chrooting itself, and inside the chroot, /var/www/tmp doesn't
exist. Try setting those env vars to /tmp and see if that works. 

Todd

On Tue, Jul 25, 2017 at 09:03:38AM +0200, Stephane HUC "PengouinBSD" wrote:
> Hi all.
> 
> I have this error on my,OpenBSD server (6.1) :
> 
> FastCGI sent in stderr: "PHP message: PHP Warning:  Unknown: Unable to
> create temporary file, Check permissions in temporary files directory.
> in Unknown on line 0
> 
> I use nginx+php70_fpm !
> 
> The php-fpm.conf for the instance:
> 
>  file ***
> [blog.stephane-huc.net]
> prefix = /var/www
> 
> user = user_blog
> group = www
> 
> listen.owner = www
> listen.group = www
> listen.mode = 0660
> 
> listen = run/php-fpm.$pool.sock
> listen.allowed_clients = 127.0.0.1
> 
> chroot = $prefix
> chdir = /
> 
> env[HOSTNAME] = $HOSTNAME
> ;env[PATH] = /usr/local/bin:/usr/bin:/bin
> env[TMP] = /var/www/tmp
> env[TMPDIR] = /var/www/tmp
> env[TEMP] = /var/www/tmp
> 
> php_admin_value[upload_tmp_dir] = /tmp
> php_admin_value[upload_max_filesize] = 8M
> *** EOF ***
> 
> Rights on /var/www/tmp:
> 
> $ ls -al /var/www/
> 
> 
> total 68
> drwxr-xr-x  17 root  daemon   512 Jul  5 04:59 ./
> drwxr-xr-x  25 root  wheel512 Jul  5 19:50 ../
> drwxr-xr-x  10 www   daemon   512 Jul  9 10:31 .ht/
> drwxr-xr-x  11 root  daemon   512 Jul  9 10:31 acme/
> drwxr-xr-x   2 root  daemon   512 Jun 25 13:51 bin/
> drwx-T  16 www   daemon   512 Jul  9 10:31 cache/
> drwxr-xr-x   2 root  daemon   512 Apr  1 21:38 cgi-bin/
> drwxr-xr-x  10 root  daemon   512 Jul  9 10:31 conf/
> drwxr-xr-x   3 root  daemon   512 Jun 25 13:48 etc/
> drwxr-xr-x  12 root  daemon   512 Jul  9 10:29 htdocs/
> drwxr-xr-x   2 root  daemon   512 Jun 24 22:59 html/
> drwxr-xr-x  11 root  daemon  1024 Jul 23 00:00 logs/
> drwxr-xr-x   2 root  daemon   512 Jun 28 18:11 modules/
> drwxr-xr-x  11 root  daemon  1024 Jul 25 08:39 run/
> drwxr-xr-x  10 www   www 2048 Jul  9 10:31 tmp/
> drwxr-xr-x   3 root  daemon   512 Jun 24 20:44 usr/
> drwxr-xr-x   3 root  daemon   512 Jun 24 21:17 var/
> 
> 
> where is the problem?
> 
> 
> -- 
> ~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD "   +=<<<
> 
> Stephane HUC as PengouinBSD or CIOTBSD
> b...@stephane-huc.net
> 

Using queueing on asynchronous interface

[Kaya Saman]

Hi,


I'm trying to setup packet queueing on a WAN interface with 80Mb/s 
downstream bandwidth and 20Mb/s upstream bandwidth.



The first point of call of course is the PF manual: 
https://man.openbsd.org/pf.conf.5



Then had a look to see what others had issues with and solutions suggested:

http://openbsd-archive.7691.n7.nabble.com/Debugging-queues-on-pf-td290829.html

http://misc.openbsd.narkive.com/lWIShFZi/per-vlan-traffic-control


My goal is to use a different queue for up/down were I can change the 
max bandwidth accordingly.



So far I created a default queue outbound on the ext_if which works fine:


queue rootq_out on $ext_if bandwidth 20M
queue mail_out parent rootq_out bandwidth 2M min 1M max 20M
queue http_out parent rootq_out bandwidth 2M min 1M max 20M
queue voice_out parent rootq_out bandwidth 10M min 2M max 20M
queue dns_out parent rootq_out bandwidth 1M min 512K max 20M

queue else_out parent rootq_out bandwidth 5M max 20M default


match out on $ext_if proto tcp from  to any port { 80, 443 } set 
queue http_out set prio 5


match out on $ext_if proto tcp from  to any port { 25, 465, 587, 
993 } set queue mail_out set prio 4


match out on $ext_if proto udp from  to any port 5060 set queue 
voice_out set prio 7


queue rootq_out on $ext_if bandwidth 20M
queue mail_out parent rootq_out bandwidth 2M min 1M max 20M
queue http_out parent rootq_out bandwidth 2M min 1M max 20M
queue voice_out parent rootq_out bandwidth 10M min 2M max 20M
queue dns_out parent rootq_out bandwidth 1M min 512K max 20M


I have a block of IPv4 addresses hence the IP1 and IP2.


But for the downstream I am struggling to get the inbound packets to add 
to the appropriate queue.



I created a list of vlan interfaces called q_if though in one of the 
links above Stuart Henderson doesn't advise it but the vlans are bound 
to an lacp trunk with a group of physical interfaces



queue rootq_in on $q_if bandwidth 80M
queue mail_in parent rootq_in bandwidth 10M min 1M max 80M
queue http_in parent rootq_in bandwidth 10M min 1M max 80M
queue else_in parent rootq_in bandwidth 5M max 80M default


So then tying those to the interface I used:


match out on $q_if proto tcp from any port { 80, 443 } to any set queue 
http_in set prio 5 received-on pppoe0


match out on $q_if proto tcp from any port { 25, 465, 587, 993 } to any 
set queue mail_in set prio 5 received-on pppoe0



I probably am approaching this in the wrong way as the state-table as 
pointed out by Stuart to check, only shows packets travelling outbound 
towards the public net and not back again.



So basically how would one assign queueing to this type of interface? 
There is NAT involved which is why I added the "received-on pppoe0" 
option but even with it off it doesn't function meaning that I am 
confused and doing something wrong :-(




Regards,


Kaya

Re: octeon port, ubiquity edgerouter

[Doggie]

W dniu 2017-07-25 o 19:39, Peter J. Philipp pisze:

Actually I bought the silent fans.  So I don't have to write any code,
too bad the foxconn fans are a misdesign.  I'll maintenance this router
next week for the new fans.  I'm putting it into production at home
tomorrow though.


Thanks for all the details, Peter, and good luck during next steps of 
your project.


I wonder how fast the NIC's will be - using this CPU and still no 
hardware acceleration.


If you ever want to replace the fans again, I have been having very good 
experience with Noctua devices (http://noctua.at/en/products/fan). The 
folks at the company do know what "silence" means.


--
Cheers,
Pawel Waga

vmd and FreeBSD support

[David Lowe]

Hello,
a few weeks ago, I read something about vmm hosting FreeBSD. I tried the 
image
found at 
https://download.freebsd.org/ftp/releases/VM-IMAGES/11.0-RELEASE/amd64/Latest/ 
but the boot process just restarts after this situation:




 +Welcome to FreeBSD---+ +o   .--` /y:`  
+.
 | |  yo`:.:o  
`+-
 |  1. Boot Multi User [Enter] |   y/   -/`   
-o/
 |  2. Boot Single User|  .-  
::/sy+:.
 |  3. Escape to loader prompt |  / `--  
/
 |  4. Reboot  | `:  
:`
 | | `:  
:`
 |  Options:   |  /  
/
 |  5. Kernel: default/kernel (1 of 2) |  .-
-.
 |  6. Configure Boot Options...   |   --  
-.

 | |`:`  `:`
 | |  .-- `--.
 | | .---..
 +-+


/boot/kernel/kernel text=0x14ed860 data=0x132538+0x4baa68 
syms=[0x8+0x159ee8+0x8
+0x172d9c] 08 di= bp= sp=5df6 cs= ip=9336  
f=0242

Booting...
|reeBSD/x86 bootstrap loader, Revision 1.1
(r...@releng2.nyi.freebsd.org, Thu Sep 29 01:38:45 UTC 2016)
Loading /boot/defaults/loader.conf
/


Does anyone know a workaround (or some hint how to convince FreeBSD to 
boot)?

I also tried NetBSD but without luck.

Thanks!

OpenBSD 6.1 installation, on dedicated server, using qemu not working.

[Mxher]

Hello,

I'm renting a dedicated server from a web host that unfortunately does
not propose OpenBSD installation.

So I'm installing OpenBSD using qemu from my host rescue mode (which use
FreeBSD).


Usually it works like a charm but this time, on this server/hardware, it
does not work: OpenBSD does not seem to start at all.
Indeed when I boot with qemu I do not see any logs of the "normal" boot
of the server (I only see qemu's boots in the logs).


Unfortunately my host can't offer me a KVM because the server does not
have any video output.


Do you have any tip I could use to debug this ?
I'm used to this kind of installation but I'm lost on this one, I don't
even know where to look and how to be able to debug without any boot and
no vision on what is going on at boot time.


(I tried with both bsd and bsp.mp kernels.)


Any clue would be really appreciated!

Thank you!



PS: here is the dmesg output from FreeBSD:
Copyright (c) 1992-2016 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 11.0-RELEASE-p1 #0 r306420: Thu Sep 29 01:43:23 UTC 2016
r...@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
FreeBSD clang version 3.8.0 (tags/RELEASE_380/final 262564) (based on
LLVM 3.8.0)
VT(vga): resolution 640x480
CPU: Intel(R) Atom(TM) CPU  C2338  @ 1.74GHz (1750.04-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x406d8  Family=0x6  Model=0x4d  Stepping=8

Features=0xbfebfbff

Features2=0x43d8e3bf
  AMD Features=0x28100800
  AMD Features2=0x101
  Structured Extended Features=0x2282
  VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
  TSC: P-state invariant, performance statistics
real memory  = 6442450944 (6144 MB)
avail memory = 3926736896 (3744 MB)
Event timer "LAPIC" quality 600
ACPI APIC Table: 
WARNING: L1 data cache covers less APIC IDs than a core
0 < 1
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)
ioapic0  irqs 0-23 on motherboard
random: entropy device external interface
kbd0 at kbdmux0
netmap: loaded module
module_register_init: MOD_LOAD (vesa, 0x8101c950, 0) error 19
random: registering fast source Intel Secure Key RNG
random: fast provider: "Intel Secure Key RNG"
vtvga0:  on motherboard
cryptosoft0:  on motherboard
acpi0:  on motherboard
acpi0: Power Button (fixed)
hpet0:  iomem 0xfed03000-0xfed033ff on acpi0
hpet0: invalid period
device_attach: hpet0 attach returned 6
cpu0:  on acpi0
cpu1:  on acpi0
hpet0:  iomem 0xfed03000-0xfed033ff on acpi0
hpet0: invalid period
device_attach: hpet0 attach returned 6
atrtc0:  port 0x70-0x77 on acpi0
Event timer "RTC" frequency 32768 Hz quality 0
attimer0:  port 0x40-0x43,0x50-0x53 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
pcib1:  mem 0xdff0-0xdff1 irq 16 at device
1.0 on pci0
pci1:  on pcib1
igb0:  port
0x1000-0x101f mem 0xdfe0-0xdfe7,0xdfe8-0xdfe83fff irq 16 at
device 0.0 on pci1
igb0: Using MSIX interrupts with 3 vectors
igb0: Ethernet address: 00:08:a2:0c:1e:5a
igb0: Bound queue 0 to cpu 0
igb0: Bound queue 1 to cpu 1
igb0: netmap queues/slots: TX 2/1024, RX 2/1024
pcib2:  mem 0xdff2-0xdff3 irq 19 at device
2.0 on pci0
pci2:  on pcib2
pcib3:  mem 0xdff4-0xdff5 irq 20 at device
3.0 on pci0
pci3:  on pcib3
pcib4:  mem 0xdff6-0xdff7 irq 23 at device
4.0 on pci0
pci4:  on pcib4
pci0:  at device 15.0 (no driver attached)
ehci0:  mem 0xdff81400-0xdff817ff irq
22 at device 22.0 on pci0
usbus0: EHCI version 1.0
usbus0 on ehci0
ahci0:  port
0x2040-0x2047,0x2060-0x2063,0x2048-0x204f,0x2064-0x2067,0x2000-0x201f
mem 0xdff8-0xdff807ff irq 23 at device 23.0 on pci0
ahci0: AHCI v1.30 with 4 3Gbps ports, Port Multiplier not supported
ahcich0:  at channel 0 on ahci0
ahcich1:  at channel 1 on ahci0
ahcich2:  at channel 2 on ahci0
ahcich3:  at channel 3 on ahci0
ahci1:  port
0x2050-0x2057,0x2068-0x206b,0x2058-0x205f,0x206c-0x206f,0x2020-0x203f
mem 0xdff80800-0xdff80fff irq 16 at device 24.0 on pci0
ahci1: AHCI v1.30 with 2 6Gbps ports, Port Multiplier not supported
ahcich4:  at channel 0 on ahci1
ahcich5:  at channel 1 on ahci1
isab0:  at device 31.0 on pci0
isa0:  on isab0
orm0:  at iomem 0xc-0xc0fff on isa0
ppc0: cannot reserve I/O port range
uart0: <16550 or compatible> at port 0x3f8 irq 4 flags 

Re: OpenSMTP and OpenLDAP

[Markus Rosjat]

Hey hendrik,
This was a hint I was looking for thought! I will check that out :)
Regards
Markus

 Ursprüngliche Nachricht 
Von: Henrik Friedrichsen  
Datum: 25.07.17  19:15  (GMT+01:00) 
An: misc@openbsd.org 
Cc: ros...@ghweb.de 
Betreff: Re: OpenSMTP and OpenLDAP 

Hey,

On Tue, Jul 25, 2017 at 10:50:32AM +0200, Markus Rosjat wrote:
> I was just wondering if does two work together at all? I saw examples with
> ldapd that ships with the OS but not with OpenLDAP. Since I try to get my
> user table defined, and the man only has options for db and file, whats the
> way to go here if there is a way at all?

The OpenSMTPD-extras package should have an LDAP filter. I have no
experience with it and whether it works with OpenLDAP, but it might be
starting point:

https://github.com/OpenSMTPD/OpenSMTPD-extras/tree/master/extras/tables/table-ldap

Re: octeon port, ubiquity edgerouter

[Peter J. Philipp]

Actually I bought the silent fans.  So I don't have to write any code,
too bad the foxconn fans are a misdesign.  I'll maintenance this router
next week for the new fans.  I'm putting it into production at home
tomorrow though.

Cheers,

-peter


On 07/25/17 18:38, Peter J. Philipp wrote:
> On Tue, Jul 25, 2017 at 10:58:13AM +0200, Peter J. Philipp wrote:
>> Hi, I got the ER-8.  First impression is that it's in good condition, but the
>> fans are a little noisy, hoping it won't be a pain.  cnmac0 starts on eth4
>> instead of eth0 but that's no problem as long as I remember the order.
> I've had this ER-8 a little over a half day and the only gripe I have is
> the fan noise.  I googled a little about a solution to hardware hack this
> to put less noisy fans in there:
>
> https://community.ubnt.com/t5/EdgeMAX-Stories/Replacing-fans-in-EdgeRouter/cnc-p/1192519#M590
>
> But I'm wondering if there is a more elegant solution.  Is there any 
> capability
> for sensors and fan speed control in the Edgerouter?  Anyone know datasheets
> of this functionality out there somewhere?  I'm willing to try to write a
> driver as a first project, as I can't see these fans going off like that for
> 24/7 in my apartment (even if it's in the hallway).
>
> Regards,
> -peter

Re: OpenSMTP and OpenLDAP

[Henrik Friedrichsen]

Hey,

On Tue, Jul 25, 2017 at 10:50:32AM +0200, Markus Rosjat wrote:
> I was just wondering if does two work together at all? I saw examples with
> ldapd that ships with the OS but not with OpenLDAP. Since I try to get my
> user table defined, and the man only has options for db and file, whats the
> way to go here if there is a way at all?

The OpenSMTPD-extras package should have an LDAP filter. I have no
experience with it and whether it works with OpenLDAP, but it might be
starting point:

https://github.com/OpenSMTPD/OpenSMTPD-extras/tree/master/extras/tables/table-ldap

Re: OpenSMTP and OpenLDAP

[Markus Rosjat]

well it seems no one has an answer to that so while you see always 
examples for ldapd I confused still since man smtpd.conf states you 
should use file:/ or db:/ to define a table and not any other otion like 
ldap:/ is mentioned at all.


So lets refine the question ...

Is LDAP supported in OpenSMTP at all?


And if so, where to find a piece of information how to configure it?

regards

MArkus

Am 25.07.2017 um 10:50 schrieb Markus Rosjat:

Hi there,

I was just wondering if does two work together at all? I saw examples 
with ldapd that ships with the OS but not with OpenLDAP. Since I try to 
get my user table defined, and the man only has options for db and file, 
whats the way to go here if there is a way at all?


Regards



--
Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before 
you print it, think about your responsibility and commitment to the 
ENVIRONMENT

Re: octeon port, ubiquity edgerouter

[Peter J. Philipp]

On Tue, Jul 25, 2017 at 10:58:13AM +0200, Peter J. Philipp wrote:
> Hi, I got the ER-8.  First impression is that it's in good condition, but the
> fans are a little noisy, hoping it won't be a pain.  cnmac0 starts on eth4
> instead of eth0 but that's no problem as long as I remember the order.

I've had this ER-8 a little over a half day and the only gripe I have is
the fan noise.  I googled a little about a solution to hardware hack this
to put less noisy fans in there:

https://community.ubnt.com/t5/EdgeMAX-Stories/Replacing-fans-in-EdgeRouter/cnc-p/1192519#M590

But I'm wondering if there is a more elegant solution.  Is there any capability
for sensors and fan speed control in the Edgerouter?  Anyone know datasheets
of this functionality out there somewhere?  I'm willing to try to write a
driver as a first project, as I can't see these fans going off like that for
24/7 in my apartment (even if it's in the hallway).

Regards,
-peter

Re: Kernel panic on Dell R210 with OpenBSD 6.0 (relayd related ?)

[Mathieu BLANC]

On Tue, May 02, 2017 at 05:03:20PM +, Stuart Henderson wrote:
> Probably the best thing to do at this point is to write a mail to bugs@:
> 
> 1. describe what the machine is doing in detail. carp? ipsec? pfsync?
> what sort of relays? include config (sanitized if necessary, but do that
> consistently).
> 
> 2. copy in the panic message and stack trace as text (re-type it,
> don't attach a picture or send a link to a picture).
> 
> 3. make it a self-contained report with description etc all in the one
> message, don't rely on people having message history.
> 
> 4. include dmesg.

Hi Stuart, 

Thx for your answer !
I didn't have the time to work on this since early may.
But from time to time, I check the commit on pf.c and I saw this one which
seemed to perfectly match my bug :
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf.c?rev=1.1035=text/x-cvsweb-markup

I tried the diff, and it seems to be OK ! I can't trigger the bug right now (it
was 100% before).

So, thx you again, and special thx to bluhm@ who made the patch ! 

-- 
Mathieu

Re: fsck_ffs: cannot alloc 131427074 bytes for lncntp

[Theo de Raadt]

> No. Filesystem is FFS. The os is 4.9 or later but not above 5.4 afaik.

Sorry, that's too old for you to get any 'free support' or assistance.

Re: fsck_ffs: cannot alloc 131427074 bytes for lncntp

[Jon S]

No. Filesystem is FFS. The os is 4.9 or later but not above 5.4 afaik. I
will have physical access to the host tomorrow. It will probably be
replaced and installed with 6.1, but it would still be interesting to know
what kind of error this is and what can be done about it.

On 25 Jul 2017 3:40 pm, "Jeremie Courreges-Anglas"  wrote:

On Tue, Jul 25 2017, Jon S  wrote:
> Hello misc! The message in the subject is the result of trying to run
> fsck_ffs in single user mode when auto fsck fails at boot. Any ideas or
> input on how to solve?

This error message is only present in the -current source code for
fsck_ext2fs (there's src/sbin/fsck_ffs/SMM.doc/4.t but this looks
outdated).

Are you using ext2fs?

--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: signify implementation details and memory usage

[Ted Unangst]

Fabio Scotoni wrote:
> Is there any particular reason why things are being done this way? I
> could imagine that it's to stay compatible with upstream SUPERCOP, but
> mod_ed25519.c does not seem to have changed in CVS for over three years.

Yes, the idea is you should be able to diff the files with those in supercop
and see that they are the same. it's not how i would have made the api, but i
didn't make the api. :)

i'll note that libsodium offers more convenient versions of these functions.

Re: vmd: routing problem

[R0me0 ***]

Hetzner routes additional subnets through a specified mac address on robots
page. ( Some cases you need to open a trouble ticket )
Also, all related information is provided there.

Cheers,

2017-07-25 10:26 GMT-03:00 Stuart Henderson :

> On 2017-07-20, Mike Larkin  wrote:
> > On Thu, Jul 20, 2017 at 02:19:29PM +0200, Leo Unglaub wrote:
> >> Hey,
> >>
> >> On 07/20/17 13:05, Mischa Peters wrote:
> >> > Can you ask them how they route the separate subnet to you?
> >>
> >> as far as i understand it they route the subnet on my main ip address.
> >>
> >>
> >> From there documentation:
> >> > Newly assigned IPv4 subnets are statically routed on the main IP
> address of the server, so no gateway is required.
> >>
> >> I hope that answers your question.
> >> Thanks and greetings
> >> Leo
> >
> >
> > Like I said before, I'm not a networking expert, but what you've said
> there
> > doesn't make sense (at least to me). You'll probably need to explain to
> them
> > what you are trying to do and have them help you. I don't think this is
> a vmd
> > related network issue.
>
> It's a common setup at large-scale colo hosts to conserve IP addresses
> while
> still keeping each customer on their own L2 network. Given a gateway
> address
> of 192.0.2.1 you should be able to use something like this:
>
> route add -inet 192.0.2.1/32 -link -iface em0
> route add -inet default 192.0.2.1
>
> To run these commands automatically at boot, you can prefix the lines
> with ! and add them to hostname.em0.
>
>
>

Re: vmd: routing problem

[Stuart Henderson]

On 2017-07-20, Mike Larkin  wrote:
> On Thu, Jul 20, 2017 at 02:19:29PM +0200, Leo Unglaub wrote:
>> Hey,
>> 
>> On 07/20/17 13:05, Mischa Peters wrote:
>> > Can you ask them how they route the separate subnet to you?
>> 
>> as far as i understand it they route the subnet on my main ip address.
>> 
>> 
>> From there documentation:
>> > Newly assigned IPv4 subnets are statically routed on the main IP address 
>> > of the server, so no gateway is required.
>> 
>> I hope that answers your question.
>> Thanks and greetings
>> Leo
>
>
> Like I said before, I'm not a networking expert, but what you've said there
> doesn't make sense (at least to me). You'll probably need to explain to them
> what you are trying to do and have them help you. I don't think this is a vmd
> related network issue.

It's a common setup at large-scale colo hosts to conserve IP addresses while
still keeping each customer on their own L2 network. Given a gateway address
of 192.0.2.1 you should be able to use something like this:

route add -inet 192.0.2.1/32 -link -iface em0   
 
route add -inet default 192.0.2.1   
  

To run these commands automatically at boot, you can prefix the lines
with ! and add them to hostname.em0.

fsck_ffs: cannot alloc 131427074 bytes for lncntp

[Jon S]

Hello misc! The message in the subject is the result of trying to run
fsck_ffs in single user mode when auto fsck fails at boot. Any ideas or
input on how to solve?

Re: octeon port, ubiquity edgerouter

[Sean Murphy]

Holger,

That hardware acceleration is proprietary to Ubiquiti's EdgeOS, which
is a fork of Vyatta, if I remember correctly, and not implemented in
the OpenBSD port.

On Tue, Jul 25, 2017 at 6:39 AM, Holger Glaess  wrote:
> hi
>
> what about the hardware functions of the edgerouter
>
>
> description
> https://help.ubnt.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading-Explained
>
>
> holger
>
>
>
>> On Mon, Jul 24, 2017 at 07:21:36PM +0200, Peter J. Philipp wrote:
>>> > Now it would be very interesting to see dmesg coming from 8-port ER.
>>
>> Hi, I got the ER-8.  First impression is that it's in good condition, but
>> the
>> fans are a little noisy, hoping it won't be a pain.  cnmac0 starts on eth4
>> instead of eth0 but that's no problem as long as I remember the order.
>>
>> The lanner console cable worked on it with speed 115200.  I've planned on
>> taking this router into production tomorrow.
>>
>>> According to DHL the ER-8 will be delivered here tomorrow.  I'm going to
>>> try
>>> to get a dmesg on list if it's requested.  Thanks to all that made this
>>> hardware possible.  The guy that sent this to me has not included a
>>> console
>>> cable so I have only 1 Lanner FW rollover cable here, hoping it will
>>> work for
>>> this task.  The Lanner rollover cable is cisco compatible it said on
>>> their
>>> support website, so it should work.  Otherwise we'll have to wait about
>>> a day
>>> until I get the rollover cable that I purchased on Amazon yesterday.
>>
>> dmesg follows, thanks to visa@!!!
>>
>> Copyright (c) 1982, 1986, 1989, 1991, 1993
>>   The Regents of the University of California.  All rights reserved.
>> Copyright (c) 1995-2017 OpenBSD. All rights reserved.
>> https://www.OpenBSD.org
>>
>> OpenBSD 6.1-current (GENERIC.MP) #0: Sat Jul 22 21:28:07 UTC 2017
>> visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
>> real mem = 2147483648 (2048MB)
>> avail mem = 2113355776 (2015MB)
>> mainbus0 at root
>> cpu0 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
>> cpu0: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
>> cpu1 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
>> cpu1: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
>> clock0 at mainbus0: int 5
>> iobus0 at mainbus0
>> simplebus0 at iobus0: "soc"
>> octciu0 at simplebus0
>> cn30xxsmi0 at simplebus0
>> cn30xxsmi1 at simplebus0
>> com0 at simplebus0: ns16550a, 64 byte fifo
>> com0: console
>> com1 at simplebus0: ns16550a, 64 byte fifo
>> octmmc0 at simplebus0
>> sdmmc0 at octmmc0: 8-bit, mmc high-speed
>> octuctl0 at iobus0 base 0x118006f00 irq 56
>> ehci0 at octuctl0
>> usb0 at ehci0: USB revision 2.0
>> uhub0 at usb0 configuration 1 interface 0 "Octeon EHCI root hub" rev
>> 2.00/1.00 addr 1
>> ohci0 at octuctl0, version 1.0
>> usb1 at ohci0: USB revision 1.0
>> uhub1 at usb1 configuration 1 interface 0 "Octeon OHCI root hub" rev
>> 1.00/1.00 addr 1
>> octrng0 at iobus0 base 0x14000 irq 0
>> cn30xxgmx0 at iobus0 base 0x118000800
>> cnmac0 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:12
>> ukphy0 at cnmac0 phy 4: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac1 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:13
>> ukphy1 at cnmac1 phy 5: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac2 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:14
>> ukphy2 at cnmac2 phy 6: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac3 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:15
>> ukphy3 at cnmac3 phy 7: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cn30xxgmx1 at iobus0 base 0x118001000
>> cnmac4 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:16
>> ukphy4 at cnmac4 phy 0: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac5 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:17
>> ukphy5 at cnmac5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac6 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:18
>> ukphy6 at cnmac6 phy 2: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> cnmac7 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:19
>> ukphy7 at cnmac7 phy 3: Generic IEEE 802.3u media interface, rev. 3: OUI
>> 0x180361, model 0x0004
>> /dev/ksyms: Symbol table not valid.
>> umass0 at uhub0 port 1 configuration 1 interface 0 "SanDisk Ultra USB 3.0"
>> rev 2.10/1.00 addr 2
>> umass0: using SCSI over Bulk-Only
>> scsibus0 at umass0: 2 targets, initiator 0
>> sd0 at scsibus0 targ 1 lun 0:  SCSI4
>> 0/direct removable serial.07815591241023103380
>> sd0: 118464MB, 512 bytes/sector, 242614272 sectors
>> scsibus1 at sdmmc0: 2 targets, initiator 0
>> sd1 at scsibus1 targ 1 lun 0:  SCSI2 0/direct
>> removable
>> sd1: 3776MB, 512 bytes/sector, 7733248 sectors
>> vscsi0 at root
>> scsibus2 at vscsi0: 256 

signify implementation details and memory usage

[Fabio Scotoni]

Hi misc@,

I've been looking into signify(1) recently. I noticed that signmsg() in
signify.c allocates a buffer sigbuf that is msglen + SIGBYTES in length.
It then calls crypto_sign_ed25519(sigbuf, , msg, msglen, seckey).
crypto_sign_ed25519() in mod_ed25519.c copies the entirety of msg, which
is the whole file loaded into memory, into sigbuf after the signature.
signmsg() saves only the signature and discards the message copy in sigbuf.

In essence, the entire message copy into sigbuf is a dead store. While
this is not an issue with OpenBSD releases because a checksum file of
negligible size is signed, it may become problematic in other contexts,
where signing a separate checksum file is burdensome: For example, when
only one large file is to be signed. A separate checksum file would need
to be supplied because the file does not fit into the signer's (or
expected verifier's) memory twice over.

Verification also suffers from the same issue, see verifymsg() and
crypto_sign_ed25519_open().

Is there any particular reason why things are being done this way? I
could imagine that it's to stay compatible with upstream SUPERCOP, but
mod_ed25519.c does not seem to have changed in CVS for over three years.

Regards,

Fabio

Re: FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: Unable to create temporary file, Check permissions in temporary files directory.

[Johannes Paasila]

On 25 July 2017 5:03:38 pm AEST, "Stephane HUC "PengouinBSD"" 
 wrote:
>Hi all.
>
>I have this error on my,OpenBSD server (6.1) :
>
>FastCGI sent in stderr: "PHP message: PHP Warning:  Unknown: Unable to
>create temporary file, Check permissions in temporary files directory.
>in Unknown on line 0
>
>I use nginx+php70_fpm !
>
>The php-fpm.conf for the instance:
>
> file ***
>[blog.stephane-huc.net]
>prefix = /var/www
>
>user = user_blog
>group = www
>
>listen.owner = www
>listen.group = www
>listen.mode = 0660
>
>listen = run/php-fpm.$pool.sock
>listen.allowed_clients = 127.0.0.1
>
>chroot = $prefix
>chdir = /
>
>env[HOSTNAME] = $HOSTNAME
>;env[PATH] = /usr/local/bin:/usr/bin:/bin
>env[TMP] = /var/www/tmp
>env[TMPDIR] = /var/www/tmp
>env[TEMP] = /var/www/tmp
>
>php_admin_value[upload_tmp_dir] = /tmp
>php_admin_value[upload_max_filesize] = 8M
>*** EOF ***
>
>Rights on /var/www/tmp:
>
>$ ls -al /var/www/
>
>
>total 68
>drwxr-xr-x  17 root  daemon   512 Jul  5 04:59 ./
>drwxr-xr-x  25 root  wheel512 Jul  5 19:50 ../
>drwxr-xr-x  10 www   daemon   512 Jul  9 10:31 .ht/
>drwxr-xr-x  11 root  daemon   512 Jul  9 10:31 acme/
>drwxr-xr-x   2 root  daemon   512 Jun 25 13:51 bin/
>drwx-T  16 www   daemon   512 Jul  9 10:31 cache/
>drwxr-xr-x   2 root  daemon   512 Apr  1 21:38 cgi-bin/
>drwxr-xr-x  10 root  daemon   512 Jul  9 10:31 conf/
>drwxr-xr-x   3 root  daemon   512 Jun 25 13:48 etc/
>drwxr-xr-x  12 root  daemon   512 Jul  9 10:29 htdocs/
>drwxr-xr-x   2 root  daemon   512 Jun 24 22:59 html/
>drwxr-xr-x  11 root  daemon  1024 Jul 23 00:00 logs/
>drwxr-xr-x   2 root  daemon   512 Jun 28 18:11 modules/
>drwxr-xr-x  11 root  daemon  1024 Jul 25 08:39 run/
>drwxr-xr-x  10 www   www 2048 Jul  9 10:31 tmp/
>drwxr-xr-x   3 root  daemon   512 Jun 24 20:44 usr/
>drwxr-xr-x   3 root  daemon   512 Jun 24 21:17 var/
>
>
>where is the problem?

Your tmp directory isn't group writable.

Re: octeon port, ubiquity edgerouter

[Holger Glaess]

hi

what about the hardware functions of the edgerouter


description
https://help.ubnt.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading-Explained


holger



> On Mon, Jul 24, 2017 at 07:21:36PM +0200, Peter J. Philipp wrote:
>> > Now it would be very interesting to see dmesg coming from 8-port ER.
>
> Hi, I got the ER-8.  First impression is that it's in good condition, but
> the
> fans are a little noisy, hoping it won't be a pain.  cnmac0 starts on eth4
> instead of eth0 but that's no problem as long as I remember the order.
>
> The lanner console cable worked on it with speed 115200.  I've planned on
> taking this router into production tomorrow.
>
>> According to DHL the ER-8 will be delivered here tomorrow.  I'm going to
>> try
>> to get a dmesg on list if it's requested.  Thanks to all that made this
>> hardware possible.  The guy that sent this to me has not included a
>> console
>> cable so I have only 1 Lanner FW rollover cable here, hoping it will
>> work for
>> this task.  The Lanner rollover cable is cisco compatible it said on
>> their
>> support website, so it should work.  Otherwise we'll have to wait about
>> a day
>> until I get the rollover cable that I purchased on Amazon yesterday.
>
> dmesg follows, thanks to visa@!!!
>
> Copyright (c) 1982, 1986, 1989, 1991, 1993
>   The Regents of the University of California.  All rights reserved.
> Copyright (c) 1995-2017 OpenBSD. All rights reserved.
> https://www.OpenBSD.org
>
> OpenBSD 6.1-current (GENERIC.MP) #0: Sat Jul 22 21:28:07 UTC 2017
> visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
> real mem = 2147483648 (2048MB)
> avail mem = 2113355776 (2015MB)
> mainbus0 at root
> cpu0 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
> cpu0: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
> cpu1 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
> cpu1: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
> clock0 at mainbus0: int 5
> iobus0 at mainbus0
> simplebus0 at iobus0: "soc"
> octciu0 at simplebus0
> cn30xxsmi0 at simplebus0
> cn30xxsmi1 at simplebus0
> com0 at simplebus0: ns16550a, 64 byte fifo
> com0: console
> com1 at simplebus0: ns16550a, 64 byte fifo
> octmmc0 at simplebus0
> sdmmc0 at octmmc0: 8-bit, mmc high-speed
> octuctl0 at iobus0 base 0x118006f00 irq 56
> ehci0 at octuctl0
> usb0 at ehci0: USB revision 2.0
> uhub0 at usb0 configuration 1 interface 0 "Octeon EHCI root hub" rev
> 2.00/1.00 addr 1
> ohci0 at octuctl0, version 1.0
> usb1 at ohci0: USB revision 1.0
> uhub1 at usb1 configuration 1 interface 0 "Octeon OHCI root hub" rev
> 1.00/1.00 addr 1
> octrng0 at iobus0 base 0x14000 irq 0
> cn30xxgmx0 at iobus0 base 0x118000800
> cnmac0 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:12
> ukphy0 at cnmac0 phy 4: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac1 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:13
> ukphy1 at cnmac1 phy 5: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac2 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:14
> ukphy2 at cnmac2 phy 6: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac3 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:15
> ukphy3 at cnmac3 phy 7: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cn30xxgmx1 at iobus0 base 0x118001000
> cnmac4 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:16
> ukphy4 at cnmac4 phy 0: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac5 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:17
> ukphy5 at cnmac5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac6 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:18
> ukphy6 at cnmac6 phy 2: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> cnmac7 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:19
> ukphy7 at cnmac7 phy 3: Generic IEEE 802.3u media interface, rev. 3: OUI
> 0x180361, model 0x0004
> /dev/ksyms: Symbol table not valid.
> umass0 at uhub0 port 1 configuration 1 interface 0 "SanDisk Ultra USB 3.0"
> rev 2.10/1.00 addr 2
> umass0: using SCSI over Bulk-Only
> scsibus0 at umass0: 2 targets, initiator 0
> sd0 at scsibus0 targ 1 lun 0:  SCSI4
> 0/direct removable serial.07815591241023103380
> sd0: 118464MB, 512 bytes/sector, 242614272 sectors
> scsibus1 at sdmmc0: 2 targets, initiator 0
> sd1 at scsibus1 targ 1 lun 0:  SCSI2 0/direct
> removable
> sd1: 3776MB, 512 bytes/sector, 7733248 sectors
> vscsi0 at root
> scsibus2 at vscsi0: 256 targets
> softraid0 at root
> scsibus3 at softraid0: 256 targets
> boot device: sd0
> root on sd0a (08e1253cf19e0676.a) swap on sd0b dump on sd0b
> WARNING: No TOD clock, believing file system.
> WARNING: CHECK AND RESET THE DATE!
> cpu1 launched
> 
>
> I have decided to install OpenBSD on an external USB stick which takes up
> the
> only port.  This leaves 

Re: octeon port, ubiquity edgerouter

[Peter J. Philipp]

On Mon, Jul 24, 2017 at 07:21:36PM +0200, Peter J. Philipp wrote:
> > Now it would be very interesting to see dmesg coming from 8-port ER.

Hi, I got the ER-8.  First impression is that it's in good condition, but the
fans are a little noisy, hoping it won't be a pain.  cnmac0 starts on eth4
instead of eth0 but that's no problem as long as I remember the order.

The lanner console cable worked on it with speed 115200.  I've planned on 
taking this router into production tomorrow.

> According to DHL the ER-8 will be delivered here tomorrow.  I'm going to try
> to get a dmesg on list if it's requested.  Thanks to all that made this
> hardware possible.  The guy that sent this to me has not included a console
> cable so I have only 1 Lanner FW rollover cable here, hoping it will work for
> this task.  The Lanner rollover cable is cisco compatible it said on their
> support website, so it should work.  Otherwise we'll have to wait about a day
> until I get the rollover cable that I purchased on Amazon yesterday.

dmesg follows, thanks to visa@!!!

Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2017 OpenBSD. All rights reserved.  https://www.OpenBSD.org

OpenBSD 6.1-current (GENERIC.MP) #0: Sat Jul 22 21:28:07 UTC 2017
visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC.MP
real mem = 2147483648 (2048MB)
avail mem = 2113355776 (2015MB)
mainbus0 at root
cpu0 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
cpu0: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
cpu1 at mainbus0: CN61xx CPU rev 0.1 800 MHz, Software FP emulation
cpu1: cache L1-I 512KB D 8KB 64 way, L2 1024KB 8 way
clock0 at mainbus0: int 5
iobus0 at mainbus0
simplebus0 at iobus0: "soc"
octciu0 at simplebus0
cn30xxsmi0 at simplebus0
cn30xxsmi1 at simplebus0
com0 at simplebus0: ns16550a, 64 byte fifo
com0: console
com1 at simplebus0: ns16550a, 64 byte fifo
octmmc0 at simplebus0
sdmmc0 at octmmc0: 8-bit, mmc high-speed
octuctl0 at iobus0 base 0x118006f00 irq 56
ehci0 at octuctl0
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Octeon EHCI root hub" rev 2.00/1.00 
addr 1
ohci0 at octuctl0, version 1.0
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "Octeon OHCI root hub" rev 1.00/1.00 
addr 1
octrng0 at iobus0 base 0x14000 irq 0
cn30xxgmx0 at iobus0 base 0x118000800
cnmac0 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:12
ukphy0 at cnmac0 phy 4: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac1 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:13
ukphy1 at cnmac1 phy 5: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac2 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:14
ukphy2 at cnmac2 phy 6: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac3 at cn30xxgmx0: SGMII, address 24:a4:3c:06:9f:15
ukphy3 at cnmac3 phy 7: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cn30xxgmx1 at iobus0 base 0x118001000
cnmac4 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:16
ukphy4 at cnmac4 phy 0: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac5 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:17
ukphy5 at cnmac5 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac6 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:18
ukphy6 at cnmac6 phy 2: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
cnmac7 at cn30xxgmx1: SGMII, address 24:a4:3c:06:9f:19
ukphy7 at cnmac7 phy 3: Generic IEEE 802.3u media interface, rev. 3: OUI 
0x180361, model 0x0004
/dev/ksyms: Symbol table not valid.
umass0 at uhub0 port 1 configuration 1 interface 0 "SanDisk Ultra USB 3.0" rev 
2.10/1.00 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0:  SCSI4 0/direct 
removable serial.07815591241023103380
sd0: 118464MB, 512 bytes/sector, 242614272 sectors
scsibus1 at sdmmc0: 2 targets, initiator 0
sd1 at scsibus1 targ 1 lun 0:  SCSI2 0/direct removable
sd1: 3776MB, 512 bytes/sector, 7733248 sectors
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
boot device: sd0
root on sd0a (08e1253cf19e0676.a) swap on sd0b dump on sd0b
WARNING: No TOD clock, believing file system.
WARNING: CHECK AND RESET THE DATE!
cpu1 launched


I have decided to install OpenBSD on an external USB stick which takes up the
only port.  This leaves little room for a USB-based RTC unless I also get a
USB hub.  I'll leave sd1 as is in case I ever want to explore the ubiquiti OS 
(edgeOS?).

With best regards,
-peter

Re: Read sysctl from file

[Raimo Niskanen]

On Tue, Jul 25, 2017 at 09:32:33AM +0300, Mihai Popescu wrote:
> > As I see it everybody has agreed upon that and some are now just making
> > suggestions on how to solve the OP's problem, that do not involve adding -p 
> > to
> > OpenBSD's sysctl. So I thik that was uncalled for.
> 
> Not everybody! Man, you talk like a black suit manager here.

Maybe I am ;-)

But I saw nobody in the thread that still advocated that sysctl -p should
be added to OpenBSD.  So that was what i saw was agreed upon by everybody
(in the thread).  Therefore it was not necessary to once again point out
that sysctl -p will never be added to OpenBSD.
Because it will not.
Never.
Already said that.

> 
> > I just do not get that.
> 
> Yes, you obviously don't. It has been explained that the CONCEPT of -p
> is WRONG in OpenBSD area and maybe other areas, too. IF you can grasp
> that, then think why the hell would someone try to implement this and
> find a solution for the OP?

Now that is a different, and valid argument.  To tell someone that
implementing a substitute for sysctl -p is a bad idea because that would
send the wrong message (no message) to the Ansible folks.

But that was not the response the implementer got.

> 
> I think one of the reasons that OpenBSD avoided to become useless
> swiss army knife of OSes is exactly that resitance to implement crap
> "just because ...".

Bla bla bla.  Heard it before.  Agrees completely.  Have said it myself
many times.  Nothing new.  And that was not the subject.

Sorry, maybe it was the subject, but very indirectly.

As I see it is the message that helping someone solve a problem in a way that
encourages other OS:es bad decision is a bad strategy that did not get
through the usual @misc communication style of go f*ck your self you know
nothing.

There are better ways to send that message then what used in this thread.
For example by writing it up front.

-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB

OpenSMTP and OpenLDAP

[Markus Rosjat]

Hi there,

I was just wondering if does two work together at all? I saw examples 
with ldapd that ships with the OS but not with OpenLDAP. Since I try to 
get my user table defined, and the man only has options for db and file, 
whats the way to go here if there is a way at all?


Regards

--
Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before 
you print it, think about your responsibility and commitment to the 
ENVIRONMENT

FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: Unable to create temporary file, Check permissions in temporary files directory.

[Stephane HUC "PengouinBSD"]

Hi all.

I have this error on my,OpenBSD server (6.1) :

FastCGI sent in stderr: "PHP message: PHP Warning:  Unknown: Unable to
create temporary file, Check permissions in temporary files directory.
in Unknown on line 0

I use nginx+php70_fpm !

The php-fpm.conf for the instance:

 file ***
[blog.stephane-huc.net]
prefix = /var/www

user = user_blog
group = www

listen.owner = www
listen.group = www
listen.mode = 0660

listen = run/php-fpm.$pool.sock
listen.allowed_clients = 127.0.0.1

chroot = $prefix
chdir = /

env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /var/www/tmp
env[TMPDIR] = /var/www/tmp
env[TEMP] = /var/www/tmp

php_admin_value[upload_tmp_dir] = /tmp
php_admin_value[upload_max_filesize] = 8M
*** EOF ***

Rights on /var/www/tmp:

$ ls -al /var/www/


total 68
drwxr-xr-x  17 root  daemon   512 Jul  5 04:59 ./
drwxr-xr-x  25 root  wheel512 Jul  5 19:50 ../
drwxr-xr-x  10 www   daemon   512 Jul  9 10:31 .ht/
drwxr-xr-x  11 root  daemon   512 Jul  9 10:31 acme/
drwxr-xr-x   2 root  daemon   512 Jun 25 13:51 bin/
drwx-T  16 www   daemon   512 Jul  9 10:31 cache/
drwxr-xr-x   2 root  daemon   512 Apr  1 21:38 cgi-bin/
drwxr-xr-x  10 root  daemon   512 Jul  9 10:31 conf/
drwxr-xr-x   3 root  daemon   512 Jun 25 13:48 etc/
drwxr-xr-x  12 root  daemon   512 Jul  9 10:29 htdocs/
drwxr-xr-x   2 root  daemon   512 Jun 24 22:59 html/
drwxr-xr-x  11 root  daemon  1024 Jul 23 00:00 logs/
drwxr-xr-x   2 root  daemon   512 Jun 28 18:11 modules/
drwxr-xr-x  11 root  daemon  1024 Jul 25 08:39 run/
drwxr-xr-x  10 www   www 2048 Jul  9 10:31 tmp/
drwxr-xr-x   3 root  daemon   512 Jun 24 20:44 usr/
drwxr-xr-x   3 root  daemon   512 Jun 24 21:17 var/


where is the problem?


-- 
~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD " +=<<<

Stephane HUC as PengouinBSD or CIOTBSD
b...@stephane-huc.net



signature.asc
Description: OpenPGP digital signature

Re: Read sysctl from file

[Mihai Popescu]

> As I see it everybody has agreed upon that and some are now just making
> suggestions on how to solve the OP's problem, that do not involve adding -p to
> OpenBSD's sysctl. So I thik that was uncalled for.

Not everybody! Man, you talk like a black suit manager here.

> I just do not get that.

Yes, you obviously don't. It has been explained that the CONCEPT of -p
is WRONG in OpenBSD area and maybe other areas, too. IF you can grasp
that, then think why the hell would someone try to implement this and
find a solution for the OP?

I think one of the reasons that OpenBSD avoided to become useless
swiss army knife of OSes is exactly that resitance to implement crap
"just because ...".