Re: Community-driven OpenBSD tutorials wiki?

2018-01-04 Thread Lea Chescotta 
Hi Andreas! Personally I really like the idea, i used Arch Linux for
several years and i always liked way the Arch Wiki was always updated
and containing a lot of useful data, that (i know) it's always 
available in the manual pages with a lot of more useful data, 
but i think it's useful to have like a brief description and usage of
the system and tools that one can then complement with the manual 
pages if needed.

I writed a lot of small text files that i use for different tasks,
from video conversion and edition with ffmpeg, to system administration
of different operating systems, including OpenBSD that is the system
Im using in my personal computer for the last couple of months and that
I really love.

If you want i can share with you the text files relevant to the 
installation and usage of OpenBSD that i had for personal use for you
to see if something in them is suitable for your endeavour, they cover
installation and updating processes, mainly for the stable branch that
I installed and maintain in my computer, even the installation in an
full encrypted disk, and basic setup of the environment and tools usage.

Thanks for the initiative!

​

​

> Original Message 
>Subject: Re: Community-driven OpenBSD tutorials wiki?
>Local Time: January 4, 2018 11:50 AM
>UTC Time: January 4, 2018 2:50 PM
>From: n...@nawi.is
>To: Andreas Thulin 
>misc@openbsd.org 
>
>Hello !
>
>No need for flame or complain or something.
>
>What I can remember, there is a German wiki at http://wiki.bsdforen.de
>and posts at http://bsdnow.tv booth are not up to date. And, what you
>find using your prefered search engine. But OpenBSD only - extreme
>seldom.
>
>If it is useful for YOU and, YOU want it - do it.
>
>IMHO I would start it, provide maybe here a table of contents if you
>didn't start already something and, I would call for / handle that off
>list.
>
>Regards,
>
>Christoph
>
>
>
>>Hi all!
>>Thought I'd create an OpenBSD wiki somewhere, where anyone (especially
>>non-developers like myself) could create and edit tutorials for stuff
>>non-developers like myself would find useful. I find that sometimes
>>existing tutorials become outdated, and was thinking that a wiki would
>>make
>>updates easier.
>>Before I go and create anything - are there already a place similar to
>>what
>>I'm describing, where I could get myself involved? (I'm too junior to
>>start
>>suggesting changes and updates to the docs on OpenBSD.org, and I'm not
>>sure
>>they should be used for what I want to achieve.)
>>I know this comes out as yet another "let's start another project no
>>one is
>>asking for", but please be gentle with flaming me - I honestly want to
>>contribute to the community to the extent of my abilities.
>>Cheers,
>>Andreas
>>
>

Re: [OT] how secure is 2 factor auth with a smartphone?

2017-12-14 Thread Lea Chescotta 
Hi! I face the same situation at work, what i simply do is to have
an android tablet (which i also use to read while traveling to work)
just to use the 2 factor authentication at work, and a dumb phone
to make and receive phone calls from my wife and family.

>  Original Message 
> Subject: [OT] how secure is 2 factor auth with a smartphone?
> Local Time: December 13, 2017 11:16 PM
> UTC Time: December 14, 2017 2:16 AM
> From: glasswal...@yahoo.com.br
> To: misc@openbsd.org
>
> Hello guys,
>
> I apologize if the subject is too much out of topic for this list.
>
> Today I was surprised by hearing from a security (?) tech guy that using
> 2 factor authentication with AWS was not problem at all when using a
> smartphone not provided by the company (my own, in the case) that has
> several VMs on this provider.
>
> Considering that the company (my customer in this case) has absolutely
> no control of whatever I install or how do I use my smartphone, it seems
> pretty naive to think it is secure enough. It seems to me more an excuse
> to make professionals like me to pay the bill (the smartphone itself,
> instead of doing the right thing and buying the MFA device, if security
> is really the concern here) and probably the legal responsibility too.
>
> I've being doing a (basically useless nowadays) effort of avoiding a
> smartphone due lack of freedom, privacy and terrible cost-benefits (at
> least here in Brazil, where not only smartphones being expensive, but
> the associated service that also sucks big time).
>
> I did some research in this list archives and couldn't find mention
> about it. This article shed some light about the subject:
>
> https://www.csoonline.com/article/3044605/security/does-a-smartphone-make-two-factor-authentication.html
>
> What do you guys think about? Do you agree with the article author opinion?
>
> Feeling like a Neanderthal here, doesn't matter if a lot of people on
> the streets nowadays look like those spaceship characters of the WALL-E
> movie...
>
> Thanks,
> Alceu

Re: Compiling packages gives me cannot run C compiled programs error

2017-09-16 Thread Lea Chescotta 
I understand, the only doubt i have is that, i thinked that the 
"WRKOBJDIR=/usr/obj/ports" was the compiling directory instead of 
"/usr/ports/pobj*" that you said, or are both directories used for compiling?

Also, i think that the FAQ could have those pre-steps in the "working with 
ports" section, because I followed it and will never have understanded the 
problem if not founded that archived old conversation with the same issue, that 
also don't say where is the file that one have to edit, is /etc/fstab like in 
linux?

And last question, if i want to build many huge ports, like firefox, eclipse, 
java, etc... how much space will i need in the affected partitions? what will 
be a common partition space layout to build ports and from src?

Thanks!

>  Original Message 
> Subject: Re: Compiling packages gives me cannot run C compiled programs error
> Local Time: 15 September 2017 6:52 PM
> UTC Time: 15 September 2017 21:52
> From: j...@wxcvbn.org
> To: Lea Chescotta <lea.chesco...@protonmail.com>
> misc\@openbsd.org <misc@openbsd.org>
>
> On Fri, Sep 15 2017, Lea Chescotta <lea.chesco...@protonmail.com> wrote:
>> I"m trying to build Firefox from the -release ports tree in a -stable 
>> system, and python, a dependency, is giving me the following error:
>>
>> configure: error: cannot run C compiled programs.
>>
>> Searching about the error in the net, i have found this mailing list
>> archive
>> http://openbsd-archive.7691.n7.nabble.com/lang-python-2-7-configure-error-td307559.html
>> where its having the exact same issue with the same package (i"m
>> installing python 2.7.13, dependency of firefox-esr). In that url it
>> says:
>>
>> "I see this same error when I try to build python without having
>> WRKOBJDIR on a filesystem with the wxallowed mount option.
>> To build ports that need to be marked with WXNEEDED, you need to have
>> WRKOBJDIR (usually /usr/ports/pobj) on a filesystem mounted with
>> wxallowed."
>>
>> But i couldn"t find a guide in the FAQ about enabling that setting in the 
>> filesystem. I have the following mount points:
>> /dev/sd0a on / type ffs (local)
>> /dev/sd0k on /home type ffs (local, nodev, nosuid)
>> /dev/sd0d on /tmp type ffs (local, nodev, nosuid)
>> /dev/sd0f on /usr type ffs (local, nodev)
>> /dev/sd0g on /usr/X11R6 type ffs (local, nodev)
>> /dev/sd0h on /usr/local type ffs (local, nodev, wxallowed)
>> /dev/sd0j on /usr/obj type ffs (local, nodev, nosuid)
>> /dev/sd0i on /usr/src type ffs (local, nodev, nosuid)
>> /dev/sd0e on /var type ffs (local, nodev, nosuid)
>>
>> So as i understand i need to add the wxallowed setting in the following 
>> lines to being able to compile ports in /usr/ports, right?
>> /dev/sd0f on /usr type ffs (local, nodev)
>> /dev/sd0j on /usr/obj type ffs (local, nodev, nosuid)
>> /dev/sd0i on /usr/src type ffs (local, nodev, nosuid)
>>
>> My /etc/doas.conf file:
>> permit nopass keepenv :wsrc
>> permit nopass keepenv :wheel
>>
>> My /etc/mk.conf file:
>> SUDO=/usr/bin/doas
>> WRKOBJDIR=/usr/obj/ports
>> DISTDIR=/usr/distfiles
>> PACKAGE_REPOSITORY=/usr/packages
>>
>> I checked out the ports tree with this command:
>> $ cvs -qd anon...@anoncvs.ca.openbsd.org:/cvs checkout -rOPENBSD_6_1 -P ports
>>
>> How can i modify the mount points to add the wxallowed setting so that i can 
>> compile ports in /usr/ports?
>
> If /usr/ports/pobj is on the same partition as /, you need to mount /
> with the wxallowed flag. Not really a good idea, I would create
> a separate partition for /usr/ports/pobj* and mount that with the
> wxallowed flag.
>
> * also for /usr/ports, but that"s not the issue here
>
>> Thanks in advance
>>
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE

Compiling packages gives me cannot run C compiled programs error

2017-09-15 Thread Lea Chescotta 
I'm trying to build Firefox from the -release ports tree in a -stable system, 
and python, a dependency, is giving me the following error:

configure: error: cannot run C compiled programs.

Searching about the error in the net, i have found this mailing list archive 
http://openbsd-archive.7691.n7.nabble.com/lang-python-2-7-configure-error-td307559.html
 where its having the exact same issue with the same package (i'm installing 
python 2.7.13, dependency of firefox-esr). In that url it says:

"I see this same error when I try to build python without having
WRKOBJDIR on a filesystem with the wxallowed mount option.
To build ports that need to be marked with WXNEEDED, you need to have
WRKOBJDIR (usually /usr/ports/pobj) on a filesystem mounted with
wxallowed."

But i couldn't find a guide in the FAQ about enabling that setting in the 
filesystem. I have the following mount points:
/dev/sd0a on / type ffs (local)
/dev/sd0k on /home type ffs (local, nodev, nosuid)
/dev/sd0d on /tmp type ffs (local, nodev, nosuid)
/dev/sd0f on /usr type ffs (local, nodev)
/dev/sd0g on /usr/X11R6 type ffs (local, nodev)
/dev/sd0h on /usr/local type ffs (local, nodev, wxallowed)
/dev/sd0j on /usr/obj type ffs (local, nodev, nosuid)
/dev/sd0i on /usr/src type ffs (local, nodev, nosuid)
/dev/sd0e on /var type ffs (local, nodev, nosuid)

So as i understand i need to add the wxallowed setting in the following lines 
to being able to compile ports in /usr/ports, right?
/dev/sd0f on /usr type ffs (local, nodev)
/dev/sd0j on /usr/obj type ffs (local, nodev, nosuid)
/dev/sd0i on /usr/src type ffs (local, nodev, nosuid)

My /etc/doas.conf file:
permit nopass keepenv :wsrc
permit nopass keepenv :wheel

My /etc/mk.conf file:
SUDO=/usr/bin/doas
WRKOBJDIR=/usr/obj/ports
DISTDIR=/usr/distfiles
PACKAGE_REPOSITORY=/usr/packages

I checked out the ports tree with this command:
$ cvs -qd anon...@anoncvs.ca.openbsd.org:/cvs checkout -rOPENBSD_6_1 -P ports

How can i modify the mount points to add the wxallowed setting so that i can 
compile ports in /usr/ports?

Thanks in advance

Questions regarding installing and upgrading ports in stable

2017-09-13 Thread Lea Chescotta 
Im a newbie in openbsd, so i started reading the documentation in openbsd.org, 
and i want some confirmation or correction on my understanding after reading 
the ports section of the FAQ.

-I've installed -release from http with the "cd61.iso" so i have -release 
installed.
-After that i run "syspatch", so i have -stable installed (-release with latest 
patches applied)
-Then, i added some ports with "pkg_add ", so those packages may be 
outdated in the sense of latest security packages, because -stable don't get 
binary security updates, and issuing "pkg_add  " installed the -stable 
package instead of the -current (latest) version.
-So i proceeded to get the CVS tree of ports as stated in the FAQ, and if i 
build the same ports with "make install" then i will get the latest security 
patches applied to my ports. This got me thinking, that then, it's better to 
install the ports packages directly from compiling from CVS after a fresh 
-release and then -stable installation.
-From this point, (-stable base system and -stable ports from CVS), to update 
everything with the latest security patches i need to "syspatch" to get the 
latest patches applied automatically to base system, and cvs update in the 
ports directory to get the latest patches for installed ports and then "make 
install" to every package that has been updated with security patches. Because 
"pkg_add -Uuv" is only for updating -current ports, and will do nothing in a 
system with -stable ports (because, as stated before, -stable didn't get binary 
ports updates, only the patches in the CVS tree).

Hope to read your corrections in my understanding of the system!

Thanks!

Can't get cvs checkout for src and ports as a normal user to work

2017-09-12 Thread Lea Chescotta 
Hi, i'd trying to make a checkout of the sources and ports to my fresh openbsd 
6.1 install, following this guide https://www.openbsd.org/anoncvs.html but when 
i try to make the checkout i get some errors.

I did this steps as root:
# user mod -G wsrc usuario
# cd /usr
# mkdir -p   xenocara ports src
# chgrp wsrc xenocara ports src
# chmod 775  xenocara ports src

And as a normal user:
$ cd /usr
$ ls -la
total 92
drwxrwxr-x  18 root   wsrc512 Sep 12 11:32 .
drwxr-xr-x  13 root   wheel   512 Sep  8 13:50 ..
drwxr-xr-x   7 root   wheel   512 Apr  1 17:06 X11R6
drwxr-xr-x   2 root   wheel  5632 Sep  8 13:45 bin
drwxr-xr-x   2 root   wheel  1024 Sep  7 11:20 games
drwxr-xr-x  28 root   bin3072 Sep  7 11:20 include
drwxr-xr-x   6 root   wheel  3072 Sep 12 05:18 lib
drwxr-xr-x   5 root   wheel   512 Sep  7 11:20 libdata
drwxr-xr-x   6 root   wheel  1024 Sep  7 11:20 libexec
drwxr-xr-x  11 root   wheel   512 Sep 12 12:21 local
drwxr-xr-x   2 root   wheel   512 Apr  1 16:39 mdec
drwxrwx---   2 build  wobj512 Sep  7 11:19 obj
drwxrwxr-x  34 root   wsrc   1024 Sep 12 11:29 ports
drwxr-xr-x   2 root   wheel  4096 Sep  8 13:45 sbin
drwxr-xr-x  16 root   wheel   512 Apr  1 16:39 share
drwxrwxr-x   2 root   wsrc512 Sep 12 11:28 src
drwxrwxr-x   2 root   wsrc512 Sep 12 11:32 xenocara
drwxrwx---   2 build  wobj512 Sep  7 14:34 xobj

But, when i try to cvs checkout:
$ cvs -qd anon...@obsdacvs.cs.toronto.edu:/cvs checkout -rOPENBSD_6_1 -P src
cvs checkout: warning: cannot make directory CVS in .: Permission denied
cvs checkout: in directory src:
cvs checkout: cannot open CVS/Entries for reading: No such file or directory
cvs checkout: cannot open CVS/Tag: No such file or directory
cvs checkout: cannot open CVS/Tag: No such file or directory
cvs checkout: cannot write src/Makefile: Permission denied
cvs checkout: cannot write src/Makefile.cross: Permission denied
cvs checkout: cannot open CVS/Tag: No such file or directory
cvs [checkout aborted]: cannot make directory src/bin: No such file or directory