Re: A (partial) vmmci(4) Linux implementation
On Mon, Mar 11, 2019 at 10:17:56AM +0100, David Sastre wrote: > On Tue, Feb 26, 2019 at 1:32 AM Mike Larkin wrote: > > > For what it's worth, we should probably allocate a real virtio device number > > from Redhat or whoever controls that. I have an old email in my inbox with a > > few contact names, but I never got around to following up. That would fix > > the > > problem of the "stolen" virtio ID. > > Mike, > > In case you (or somebody else on behalf of OpenBSD) have not yet done > so, the procedure to request the allocation of virtio device IDs is > documented here: > > http://docs.oasis-open.org/virtio/virtio/v1.0/cs04/virtio-v1.0-cs04.html#x1-3140003 > > Hope that helps. Thanks David, I'll reach out to them. -ml
Re: man httpd.conf option does not mention option blocks
On Mar 11, 2019 5:20 PM, Evan Silberman wrote: > > Jason McIntyre wrote: > > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > > > Jason McIntyre wrote: > > > > > > > > Index: httpd.conf.5 > > > > === > > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > > > retrieving revision 1.103 > > > > diff -u -r1.103 httpd.conf.5 > > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > > > > @@ -155,7 +155,10 @@ > > > > .Xr patterns 7 . > > > > .El > > > > .Pp > > > > -Followed by a block of options that is enclosed in curly brackets: > > > > +It is followed by a block of directives and values, enclosed in curly > > > > brackets. > > > > +Directives which take multiple > > > > +.Ar option > > > > +values may also group these options in curly brackets. > > > > > > This is better than mine but I don't think the "also" has a referent > > > here. Maybe: > > > "Directives which take multiple option values may be repeated or may > > > group the > > > options in curly brackets." This excludes the possible interpretation > > > that e.g. > > > 'log access "acces_log" error "error_log"' is valid syntax. > > > > > > > "also" because we just said that directives and values are enclosed in > > curly brackets. so "also" meaning "in the same way as we just showed > > you". > > You're right, reading the context more carefully this makes perfect sense. > > > > "repeated" is confusing i think (like you would specify the same option > > value twice). > > Fair enough. I have no further quibbles. > > Evan Silberman > Not that it matters much, but I like it better too. :)
Re: man httpd.conf option does not mention option blocks
Jason McIntyre wrote: > On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > > Jason McIntyre wrote: > > > > > > Index: httpd.conf.5 > > > === > > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > > retrieving revision 1.103 > > > diff -u -r1.103 httpd.conf.5 > > > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > > > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > > > @@ -155,7 +155,10 @@ > > > .Xr patterns 7 . > > > .El > > > .Pp > > > -Followed by a block of options that is enclosed in curly brackets: > > > +It is followed by a block of directives and values, enclosed in curly > > > brackets. > > > +Directives which take multiple > > > +.Ar option > > > +values may also group these options in curly brackets. > > > > This is better than mine but I don't think the "also" has a referent here. > > Maybe: > > "Directives which take multiple option values may be repeated or may group > > the > > options in curly brackets." This excludes the possible interpretation that > > e.g. > > 'log access "acces_log" error "error_log"' is valid syntax. > > > > "also" because we just said that directives and values are enclosed in > curly brackets. so "also" meaning "in the same way as we just showed > you". You're right, reading the context more carefully this makes perfect sense. > > "repeated" is confusing i think (like you would specify the same option > value twice). Fair enough. I have no further quibbles. Evan Silberman
Re: man httpd.conf option does not mention option blocks
On Mon, Mar 11, 2019 at 12:29:41PM -0700, Evan Silberman wrote: > Jason McIntyre wrote: > > > > Index: httpd.conf.5 > > === > > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > > retrieving revision 1.103 > > diff -u -r1.103 httpd.conf.5 > > --- httpd.conf.519 Feb 2019 11:37:26 - 1.103 > > +++ httpd.conf.511 Mar 2019 19:05:57 - > > @@ -155,7 +155,10 @@ > > .Xr patterns 7 . > > .El > > .Pp > > -Followed by a block of options that is enclosed in curly brackets: > > +It is followed by a block of directives and values, enclosed in curly > > brackets. > > +Directives which take multiple > > +.Ar option > > +values may also group these options in curly brackets. > > This is better than mine but I don't think the "also" has a referent here. > Maybe: > "Directives which take multiple option values may be repeated or may group the > options in curly brackets." This excludes the possible interpretation that > e.g. > 'log access "acces_log" error "error_log"' is valid syntax. > "also" because we just said that directives and values are enclosed in curly brackets. so "also" meaning "in the same way as we just showed you". "repeated" is confusing i think (like you would specify the same option value twice). jmc
Re: man httpd.conf option does not mention option blocks
Jason McIntyre wrote: > > Index: httpd.conf.5 > === > RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v > retrieving revision 1.103 > diff -u -r1.103 httpd.conf.5 > --- httpd.conf.5 19 Feb 2019 11:37:26 - 1.103 > +++ httpd.conf.5 11 Mar 2019 19:05:57 - > @@ -155,7 +155,10 @@ > .Xr patterns 7 . > .El > .Pp > -Followed by a block of options that is enclosed in curly brackets: > +It is followed by a block of directives and values, enclosed in curly > brackets. > +Directives which take multiple > +.Ar option > +values may also group these options in curly brackets. This is better than mine but I don't think the "also" has a referent here. Maybe: "Directives which take multiple option values may be repeated or may group the options in curly brackets." This excludes the possible interpretation that e.g. 'log access "acces_log" error "error_log"' is valid syntax. Regards, Evan Silberman
Re: man httpd.conf option does not mention option blocks
On Mon, Mar 11, 2019 at 08:59:30AM -0700, Evan Silberman wrote:
>
>
> > On Mar 10, 2019, at 11:55 PM, Jason McIntyre wrote:
> >
> > +Directives which take multiple
> > +.Ar option
> > +values may themselves be grouped in curly brackets.
>
> I think this implies that the directives (which take multiple option values)
> may be grouped in curly brackets rather than implying the options and their
> values may be grouped in curly brackets as a parameter to the root directive.
> I would try something like:
>
you're right, it's ambiguous. but...
> For some options, the possible values are another set of options. In these
> cases, the main option can be repeated, setting a different suboption each
> time, or the main option may be followed by a block enclosed by curly braces,
> within which each suboption may be set without repeating the name of the main
> option.
>
> I???m not super happy with this paragraph, which gives up brevity for
> precision, but I do think it???s more precise.
>
i don;t really want to go down the road of talking about suboptions!
also the text is super long. i've tweaked my text below. if we can't get
it clear and concise, it might just be easier to give an example.
jmc
Index: httpd.conf.5
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
retrieving revision 1.103
diff -u -r1.103 httpd.conf.5
--- httpd.conf.519 Feb 2019 11:37:26 - 1.103
+++ httpd.conf.511 Mar 2019 19:05:57 -
@@ -155,7 +155,10 @@
.Xr patterns 7 .
.El
.Pp
-Followed by a block of options that is enclosed in curly brackets:
+It is followed by a block of directives and values, enclosed in curly brackets.
+Directives which take multiple
+.Ar option
+values may also group these options in curly brackets.
.Bl -tag -width Ds
.It Ic alias Ar name
Specify an additional alias
@@ -714,9 +717,14 @@
.Bd -literal -offset indent
server "www.example.com" {
alias "example.com"
- listen on * port 80
- listen on * tls port 443
+ listen on * port http
+ listen on * tls port https
root "/htdocs/www.example.com"
+
+ tls {
+ key "/etc/ssl/private/example.com.key
+ certificate "/etc/ssl/example.com.fullchain.pem"
+ }
}
server "www.a.example.com" {
Re: Puffy Security smtpd out of date ( closed )
On 2019-03-11 16:38, Gilles Chehade wrote: > On Mon, Mar 11, 2019 at 11:34:58AM +, Geir Svalland wrote: >> On 2019-03-11 09:58, Janne Johansson wrote: >>> Den fre 8 mars 2019 kl 20:59 skrev Sean Kamath : > It's a shame good work like this is > of no use anymore. According to my opinion, it's well written and easy to > follow. > So, I???ll take issue with the ???well written??? part of that. It doesn???t do much in the way of explaining anything, just a lot of ???put this here???, ???put that there???. >>> The intro to The Book of PF has a REALLY good mantra here on the "This >>> is not a HOWTO" >>> https://home.nuug.no/~peter/pf/en/preface.html >>> >>> I feel it applies equally well to running your own mail server as >>> building your own firewall. >> Well, that was your 2cents to the discussion. >> We all have a right to a opinion and we all are on different levels of >> knowledge and might have different >> milestones when learning. Some times I like to dig deeper, and some >> times I just want something up'n >> running as fast as possible in a somewhat safe and secure way. Then >> taking care of the "why and what's." >> >> I've been running both Sendmail and Postfix for years without any major >> difficulties, but this is my first >> try on OpenSMTP. >> >> After a couple of days of googling, I found this article : >> https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/ >> >> and got very surprised that none of the "know better's" didn't know >> about this, or didn't care to >> enlighten me and pointing me in this direction. This was exactly what I >> was looking for. >> > glad it helps, though keep in mind that I'm writing about code that is on > my laptop or that's very very very fresh and likely to change. > > we're nearly a year apart from that post and I can't even remember all of > the changes, fixes and improvements. Thank you for your answer. Yes, I understand it's been a lot of progress since then and started to catch up on the excellent man pages :-) /Hasse
Re: man httpd.conf option does not mention option blocks
> On Mar 10, 2019, at 11:55 PM, Jason McIntyre wrote: > > +Directives which take multiple > +.Ar option > +values may themselves be grouped in curly brackets. I think this implies that the directives (which take multiple option values) may be grouped in curly brackets rather than implying the options and their values may be grouped in curly brackets as a parameter to the root directive. I would try something like: For some options, the possible values are another set of options. In these cases, the main option can be repeated, setting a different suboption each time, or the main option may be followed by a block enclosed by curly braces, within which each suboption may be set without repeating the name of the main option. I’m not super happy with this paragraph, which gives up brevity for precision, but I do think it’s more precise. Regards, Evan Silberman
Re: Puffy Security smtpd out of date ( closed )
On Mon, Mar 11, 2019 at 11:34:58AM +, Geir Svalland wrote: > > On 2019-03-11 09:58, Janne Johansson wrote: > > Den fre 8 mars 2019 kl 20:59 skrev Sean Kamath : > >>> It's a shame good work like this is > >>> of no use anymore. According to my opinion, it's well written and easy to > >>> follow. > >>> > >> So, I???ll take issue with the ???well written??? part of that. It > >> doesn???t do much in the way of explaining anything, just a lot of ???put > >> this here???, ???put that there???. > > The intro to The Book of PF has a REALLY good mantra here on the "This > > is not a HOWTO" > > https://home.nuug.no/~peter/pf/en/preface.html > > > > I feel it applies equally well to running your own mail server as > > building your own firewall. > > Well, that was your 2cents to the discussion. > We all have a right to a opinion and we all are on different levels of > knowledge and might have different > milestones when learning. Some times I like to dig deeper, and some > times I just want something up'n > running as fast as possible in a somewhat safe and secure way. Then > taking care of the "why and what's." > > I've been running both Sendmail and Postfix for years without any major > difficulties, but this is my first > try on OpenSMTP. > > After a couple of days of googling, I found this article : > https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/ > > and got very surprised that none of the "know better's" didn't know > about this, or didn't care to > enlighten me and pointing me in this direction. This was exactly what I > was looking for. > glad it helps, though keep in mind that I'm writing about code that is on my laptop or that's very very very fresh and likely to change. we're nearly a year apart from that post and I can't even remember all of the changes, fixes and improvements. -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
Re: Running stuff when a network becomes available
Den mån 11 mars 2019 kl 14:11 skrev Ipsen S Ripsbusker : > > I want a few things to happen as soon as I get an internet connection > after not having had one. > It would suffice to add a crontab entry that runs the attachment > periodically. ifstated(8) can be taught to watch over an interface and run whatever scripts you like when some interface comes up, so as long as you can run all mail sending operations and the like from a script, you should be done real quickly. -- May the most significant bit of your life be positive.
Running stuff when a network becomes available
I want a few things to happen as soon as I get an internet connection after not having had one. For example, if I am offline during a long bus trip with a 40-minute transfer but I manage to find a coffee shop with internet access during the transfer, I want to run the things the moment I get access in the coffee shop. I want to run things like these. * Send emails that I have queued for sending. * Receive new emails. * Synchronize fossil repositories * Synchronize git repositories It would suffice to add a crontab entry that runs the attachment periodically. But I request commentary on the following. 1. Is there already a better way to do this? 2. Is there a better way to determine whether I have just established a connection? With great humility, Ipsen on-connect Description: on-connect
Re: usbd_free_xfer: xfer=0xffffff041e9651e0 not free
I get this error too. Alfred Morgan wrote: > I am on OpenBSD 6.4 amd64 also getting this error message. It seems to be > caused by my USB serial device. If I plug it into a Windows machine then > Windows reports that the device is malfunctioning. If I plug into OpenBSD > 6.4 then I get the usbd_free_xfer not free error and my USB ports stop > working and then I have to reboot. If a dev is interested in my > malfunctioning USB serial cable in order to reproduce and fix the issue > then I will be happy to mail it to you. I will send my dmesg on request. > > Leo wrote on 2018-10-13 16:52:36: > > Hello, > > i just upgraded to the latest snapshot and i noticed that all my > > external USB drives are not working anymore. (i tryed 3 different > > external drives) As soon as i plug them into an USB port I get the > > following message in my dmesg: > > > > > usbd_free_xfer: xfer=0xff041e9651e0 not free > > -- > -alfred -- WBR, Mikhaylov Aleksandr
chromium vulnerability?
Dear list, https://thehackernews.com/2019/03/update-google-chrome-hack.html claims there is a serious vulnerability in chrome. I run stable 6.4, with the 69.0.3497.100p0 version, while they advice upgrading to 72.0.3626.121. What should I do if I want to stay on the stable branch and have a secure (to the known point) browser. (Apart from chromium I run firefox, which I try to keep up to date with doas env PKG_PATH=https://packages.rhaalovely.net/pub/OpenBSD/6.4/packages/amd64 pkg_add -u firefox-esr but I guess there is nothing like this for chromium). So do you recommend avoiding chromium until the next stable release of OpenBSD, or what do you do? (I also use "openup", but so far no upgrade for chrome has appeared there). Thanks for comments Ruda
Re: Puffy Security smtpd out of date ( closed )
On 2019-03-11 09:58, Janne Johansson wrote: > Den fre 8 mars 2019 kl 20:59 skrev Sean Kamath : >>> It's a shame good work like this is >>> of no use anymore. According to my opinion, it's well written and easy to >>> follow. >>> >> So, I’ll take issue with the “well written” part of that. It doesn’t do >> much in the way of explaining anything, just a lot of “put this here”, “put >> that there”. > The intro to The Book of PF has a REALLY good mantra here on the "This > is not a HOWTO" > https://home.nuug.no/~peter/pf/en/preface.html > > I feel it applies equally well to running your own mail server as > building your own firewall. Well, that was your 2cents to the discussion. We all have a right to a opinion and we all are on different levels of knowledge and might have different milestones when learning. Some times I like to dig deeper, and some times I just want something up'n running as fast as possible in a somewhat safe and secure way. Then taking care of the "why and what's." I've been running both Sendmail and Postfix for years without any major difficulties, but this is my first try on OpenSMTP. After a couple of days of googling, I found this article : https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/ and got very surprised that none of the "know better's" didn't know about this, or didn't care to enlighten me and pointing me in this direction. This was exactly what I was looking for. /Hasse
Re: A (partial) vmmci(4) Linux implementation
On Tue, Feb 26, 2019 at 1:32 AM Mike Larkin wrote: > For what it's worth, we should probably allocate a real virtio device number > from Redhat or whoever controls that. I have an old email in my inbox with a > few contact names, but I never got around to following up. That would fix the > problem of the "stolen" virtio ID. Mike, In case you (or somebody else on behalf of OpenBSD) have not yet done so, the procedure to request the allocation of virtio device IDs is documented here: http://docs.oasis-open.org/virtio/virtio/v1.0/cs04/virtio-v1.0-cs04.html#x1-3140003 Hope that helps.
Re: Puffy Security smtpd out of date ( closed )
Den fre 8 mars 2019 kl 20:59 skrev Sean Kamath : > > It's a shame good work like this is > > of no use anymore. According to my opinion, it's well written and easy to > > follow. > > > > So, I’ll take issue with the “well written” part of that. It doesn’t do much > in the way of explaining anything, just a lot of “put this here”, “put that > there”. The intro to The Book of PF has a REALLY good mantra here on the "This is not a HOWTO" https://home.nuug.no/~peter/pf/en/preface.html I feel it applies equally well to running your own mail server as building your own firewall. -- May the most significant bit of your life be positive.
Re: man httpd.conf option does not mention option blocks
On Sun, Mar 10, 2019 at 07:03:36PM -0500, Alfred Morgan wrote:
>jmc wrote on? 2019-03-05 6:58:38:
>> > How does this sound?
>> > A specified option may be written inside curly brackets in order to
>specify
>> > a block of one or more specified options.
>>?
>> regarding your sentence - it's confusing. this is a tough one to
>write,
>> i think. from everything following that sentence to the end of that
>> section, can everything take this {} notation?
>Not everything. I found this difficult to explain because the manual
>uses the word "option" as an argument to an "option" as well as the
>main option. The manual does seem to distinguish the two terms by
>referring to the option argument as a "specified option"
>It would really help changing the sub-option name to something else,
>like, "parameter", or "sub-option" but this would require an overhaul
>that I was avoiding.
morning.
thanks for the feedback. i've tidied up your diff a bit. how does it
read?
i could do with feedback on two levels:
- does any developer want to ok alfred's proposed changes to the
examples? i can;t commit this without one.
- does anyone want to nitpick the text regarding multiple options?
thanks,
jmc
Index: httpd.conf.5
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
retrieving revision 1.103
diff -u -r1.103 httpd.conf.5
--- httpd.conf.519 Feb 2019 11:37:26 - 1.103
+++ httpd.conf.511 Mar 2019 06:54:47 -
@@ -155,7 +155,10 @@
.Xr patterns 7 .
.El
.Pp
-Followed by a block of options that is enclosed in curly brackets:
+It is followed by a block of directives and values, enclosed in curly brackets.
+Directives which take multiple
+.Ar option
+values may themselves be grouped in curly brackets.
.Bl -tag -width Ds
.It Ic alias Ar name
Specify an additional alias
@@ -714,9 +717,14 @@
.Bd -literal -offset indent
server "www.example.com" {
alias "example.com"
- listen on * port 80
- listen on * tls port 443
+ listen on * port http
+ listen on * tls port https
root "/htdocs/www.example.com"
+
+ tls {
+ key "/etc/ssl/private/example.com.key
+ certificate "/etc/ssl/example.com.fullchain.pem"
+ }
}
server "www.a.example.com" {
