Re: OT: how do you write your tools /scripts for everyday tasks

2018-05-30 Thread Niels Kobschaetzki 

On 18/05/30 14:29, Markus Rosjat wrote:

Hi all,

this is more a post to get an overview how the pros (not me ... you 
guys) put there tools together. I can write simple shell scripts and 
this is ok but I do a little python coding once in a while and noticed 
I'm going to write my tools in python. Sure its a little overhead and 
most of the time you ending up using subprocess to call a existing 
tool that you would use on a cmd anyway. So what you guys using these 
days, is it shellscripts, c programs, perl or?


I write usually shell-scripts for /bin/sh, so no bash-isms etc.
But depending on the use case I might use python.

Niels

Re: Autocompletion with pass in ksh

2018-05-28 Thread Niels Kobschaetzki 

On 18/05/28 16:53, justina colmena wrote:

On Sun, 6 May 2018 06:33:13 +0200
Niels Kobschaetzki  wrote:


pass (www.password-store.org) is a password manager


Did you mean https://www.passwordstore.org/ (no hyphen)?

"the standard unix password manager"

It depends on GnuPG,

https://www.gnupg.org/

which is a GNU project. If this is part of an actual Unix standard,
please do tell. "UNIX(R)" is a registered trademark of "The Open Group"


No, it is not a standard. That is probably just an exaggeration. But it
is very useful. GPG is usually installed on unix-oid systems and it is
itself only a shell-script. In addition it needs git for its history and
sync.

Cheers,

Niels

Re: Autocompletion with pass in ksh

2018-05-25 Thread Niels Kobschaetzki 

> On 6. May 2018, at 06:33, Niels Kobschaetzki <ni...@kobschaetzki.net> wrote:
> 
> Hi,
> 
> I learned yesterday of ksh's cusom auto completion. Now I try to figure
> out how to use it together with pass, but maybe someone already did the
> work.

I got a reply on twitter from Roman Zolltarif who wrote a blog post about it :)
https://www.romanzolotarev.com/pass.html#Completions%20in%20Korn%20shell

Niels


smime.p7s
Description: S/MIME cryptographic signature

Autocompletion with pass in ksh

2018-05-24 Thread Niels Kobschaetzki 

Hi,

I learned yesterday of ksh's cusom auto completion. Now I try to figure
out how to use it together with pass, but maybe someone already did the
work.
pass (www.password-store.org) is a password manager and it takes as
arguments actions, a couple of options and at the end the folder and
filename of a password while the base is per default ~/.password-store
I actually only want to complete the folders/names

So when I want to copy the password in
~/.password-store/private/mybank.gpg
I need to type "pass -c private/mybank"
If I want to edit a password I need to type "pass edit private/mybank".
How would I realize the completion of password-names? Can I also
complete the actions? I know that I should be able to complete the
actions, but actions and password-names?

Niels

Re: Why are so many people running and writing about current snapshots

2018-03-27 Thread Niels Kobschaetzki 
On 03/27/2018 02:14 PM, Consus wrote:
> On 22:31 Mon 26 Mar, Z Ero wrote:
>> I just don't want OpenBSD to turn into Linux where the fixation is on
>> newest shiny thing rather than doing code right. Sometimes I think
>> people who are excessively interested in bleeding edge features more
>> want an OS for tinkering with than an OS for production / work. I want
>> something stable to use. But to each his own.
> 
> Err... how exactly megafreeze for several years is bleeding edge? I mean
> there still are CentOS 5 installations in production. And it was
> released in 2007.

CentOS 5 is EOL since March 31st 2017 ;)
CentOS 6 should be on extended support now which is going EOL in
November 2020.

Niels

Re: sudoedit for doas?

2018-02-27 Thread Niels Kobschaetzki 

> On 28. Feb 2018, at 07:50, Hess THR  wrote:
> 
> Hello, 
> 
> hmm, I went through the relevant man pages: 
> 
> https://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/doas.1
> https://man.openbsd.org/doas.conf.5
> 
> but I cannot find a sudoedit alternative for the "doas". 
> 
> Are there any? 

No

Niels

Re: spamd and IPv6

2018-02-14 Thread Niels Kobschaetzki 

On 18/02/14 11:30, Denis Fondras wrote:

does anyone can tell me what the state of spamd and IPv6 is? I would
have expected it to work but I can't set for exampe ::1 or [::1] as a
listening address (neither alone or together with 127.0.0.1).



Unsupported yet. phessler@ has a diff for it.


Thanks

spamd and IPv6

2018-02-13 Thread Niels Kobschaetzki 

Hi,

does anyone can tell me what the state of spamd and IPv6 is? I would
have expected it to work but I can't set for exampe ::1 or [::1] as a
listening address (neither alone or together with 127.0.0.1).

Niels

Re: Manual to cd (change working directory)

2017-12-13 Thread Niels Kobschaetzki 

On 17/12/13 22:22, Freddy Fisker wrote:

I can't get the manual to the cd (change working directory) command. 
When I am trying, I get the manual to cd (ATAPI and SCSI CD-ROM 
driver) instead.


It's the same with: man cd

and in: https://man.openbsd.org/cd


cd is a built-in in a shell. So, you need to do "man ksh" or "man sh" or
whatever shell you use.
On Linux the man page for bash opens, on FreeBSD it is the man page for built-ins, when 
you do "man cd".

Cheers,

Niels

Re: Need an advice about DHCP IPv6 server software

2017-12-09 Thread Niels Kobschaetzki 
Do you block icmp by any chance? For SLAAC and NDP you need not to block ICMP6. 

Niels

> On 9. Dec 2017, at 11:50, Denis  wrote:
> 
> Erik,
> 
> Thank you for your support.
> 
> Can you share IPv6 part of PF.conf you're using for local network SLAAC?
> 
> Still encounter problem with getting IPv6 by Win7 machine.
> 
> Thanks.
> 
> Denis
> 
>> On 12/8/2017 7:06 PM, obsd wrote:
>> Op 8-12-2017 om 15:07 schreef Jan Kalkus:
>>> For what it’s worth, I’ve noticed Windows frequently will not grab
>>> IPv6 addresses via SLAAC.
>>> 
>>> If I disable IPv6 on the network interface and then re-enable it,
>>> then I will be assigned an IPv6 address.
>>> 
>>> Jan Kalkus
>>> 
>> [snip]
>> 
>> I would recheck my configuration if I were you then... Here it is
>> working 100% of the time on approx 10 windows (mixed W7/W10) machines.
>> The rest of the network (linux and OpenBSD works very well as well
>> with IPv6). Of course the firewall handing out the SLAAC is OpenBSD.
>> Only be careful with virtual machines, since you would need settings
>> on the hypervisor to permit multicast on vlans. The SLAAC broadcast is
>> multicast...
>> 
>> Erik
>>

Re: a pf question maybe asked a 1000 times

2017-10-20 Thread Niels Kobschaetzki 

On 17/10/20 12:59, Markus Rosjat wrote:

Hi there,

I was wondering, after reading mr hansteens excelent book about pf and 
the man pages, if I got it all wrong :)


so here is my example pf.conf

ext_if="hvn0"

set skip on lo

block return# block stateless traffic
block inet6

pass in on $ext_if inet proto tcp from any to ($ext_if) port ssh
pass in on $ext_if inet proto tcp from any to ($ext_if) port 443

pass out on $ext_if inet proto tcp from ($ext_if) port { https, submission }

and what I expect is the following:

- traffic ipv4 and ipv6 gets blocked -> general deny
- I let enter ssh traffic
- I let enter https traffic
- I let out treffic on https und submission port
- I should not be able to establish a ssh connection from this host to
  another machine but should connect to be able to connect to this
  machine

what I notice is I can initiate a ssh connection from this machine. So 
there are three possible answers to this:


- 1st with allowing ssh traffic in the first place ssh port will be
  considered passable from both sites of the nic. Which would somehow
  makes no sense to me at all because its a explicit in rule
- 2nd the ssh connection initiated is somehow considered coming fom lo
  and for that not passed to the following rules
- 3rd my rules are just wrong :)

So for all the more skilled human beings out there can you help me with it?


Can you do an ssh to all hosts, or did you try to ssh to the from which
you ssh in?
H1 is yours, H2 is the server with the rules above, H3 some other
machine:

1) H1 --ssh--> H2
  and then you did H2 --ssh--> H1

Or 2) H2 --ssh--> H3?

In case 1 I would expect that it works because the state should allow
that. Only when the connection is terminated, it shouldn't be possible
anymore to ssh from H2 to H1.

Niels

Re: DMCA Free OpenBSD VPS Hosting, multiple payment methods

2017-10-20 Thread Niels Kobschaetzki 


On 17/10/20 08:09, x9p wrote:

Depending on the country the ISP will see then the police coming to their
datacenter and start to pull servers. And then they can close shop because
a single customer was an asshole and did illegal stuff on their ip-range
and hardware. That is self-protection.



agree on that. a single customer can ruin everything. I disagree that you
need to pull servers offline. Just give them the VPS image and put it
offline. Image encrypted, btw.


No, **you** do not pull the servers offline. The police will do that for
you. A lawyer might help to negotiate that it is enough to hand them the
encrypted VPS-image, but that won't necessarily work.

Niels


On 20. Oct 2017, at 08:28, flipchan  wrote:

I want to c a system that Auto encrypts it vms (can "easily" be done
with some lines of python/whateverulike) and just forward all abuses to
the customer, some isp's does this , however they are fucking assholes
ISP that are retarded like dg-access in sweden who doesn't care about
its customers , I am thinking that Switzerland would be a good way to
host something in but as allways do allooot of research, try out acouple
of different and c who works

On October 20, 2017 7:48:42 AM GMT+02:00, Michael Hekeler
 wrote:

An "OpenBSD friendly hoster" is one who knows you are running an

OpenBSD

VPS, and doesn't suggest you change iptables settings when talking

about

your firewall with their support team.


Ah I see ;-)
ILm beginning to understand...
To me the term "OpenBSD friendly hoster" was not clear because for me a

"friendly hoster" is one that cares for the hardware and doesnLt care
for what I run inside my container (RedHat, *BSD, Plan9, whatever)


--
Take Care Sincerely flipchan layerprox dev





--
Schöne Grüße

Niels

Re: DMCA Free OpenBSD VPS Hosting, multiple payment methods

2017-10-20 Thread Niels Kobschaetzki 
Depending on the country the ISP will see then the police coming to their 
datacenter and start to pull servers. And then they can close shop because a 
single customer was an asshole and did illegal stuff on their ip-range and 
hardware. That is self-protection. 

Niels

> On 20. Oct 2017, at 08:28, flipchan  wrote:
> 
> I want to c a system that Auto encrypts it vms (can "easily" be done with 
> some lines of python/whateverulike) and just forward all abuses to the 
> customer, some isp's does this , however they are fucking assholes ISP that 
> are retarded like dg-access in sweden who doesn't care about its customers , 
> I am thinking that Switzerland would be a good way to host something in but 
> as allways do allooot of research, try out acouple of different and c who 
> works 
> 
> On October 20, 2017 7:48:42 AM GMT+02:00, Michael Hekeler 
>  wrote:
>>> An "OpenBSD friendly hoster" is one who knows you are running an
>> OpenBSD
>>> VPS, and doesn't suggest you change iptables settings when talking
>> about
>>> your firewall with their support team.
>> 
>> Ah I see ;-)
>> I´m beginning to understand...
>> To me the term "OpenBSD friendly hoster" was not clear because for me a
>> 
>> "friendly hoster" is one that cares for the hardware and doesn´t care 
>> for what I run inside my container (RedHat, *BSD, Plan9, whatever)
> 
> -- 
> Take Care Sincerely flipchan layerprox dev

Re: awk in OpenBSD

2017-10-18 Thread Niels Kobschaetzki 

> On 19. Oct 2017, at 06:23, flipchan  wrote:
> 
> Yeah blindly follow the flow of the others , DONT THINK SO

That doesn’t explain the reasoning WHY the newer awk is not used. 

>> On October 19, 2017 4:25:09 AM GMT+02:00, Andras Farkas 
>>  wrote:
>> On the 6.2 release page, and confirmed in the source code, one can see
>> The system includes the following major components from outside
>> suppliers:
>> Awk Aug 10, 2011 version
>> This turns out to be one release behind upstream, where the latest
>> release is from December 20 2012: a quick check shows that
>> DragonFlyBSD, FreeBSD, and NetBSD all use this version.
>> 
>> Just out of curiosity, is there a reason why OpenBSD uses the 2011
>> release?

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 19:43, Cág wrote:

Niels Kobschaetzki wrote:


Thanks a lot. But you are using sakura and not xterm for typing
Japanese. I want to use xterm so that I can leave more dependencies
behind :)


You can build st (recommended) as it doesn't have any dependencies that
aren't in the install, if I amn't mistaken; or try rxvt-unicode.

xterm is an unholy mess and shouldn't be used by anybody.


But xterm is in base unlike urxvt or the VTE-terminals. Maybe OpenBSD
should change to urxvt in base. Seems to me, from the user-perspective,
that it would be a simmilar change as from screen to tmux.

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 15:20, Jens John wrote:

On Sun, Oct 15, 2017 at 11:07:55AM +0200, Niels Kobschaetzki wrote:

> I do this because I prefer the default font in xterms for Latin
> text, and the Japanese font is too big for my tastes.  For
> Japanese it's the other way around.  A bigger font is necessary to
> show the detail of kanji.  Either way, it's only a display issue
> and I can edit documents even if the font doesn't display them
> properly.

I hoped, I can find a way to use both at once - Terminess for ascii, a
Japanese font for Japanese.


If specifying multiple fonts in xterm's font resource key at the same
time is not possible, you can achieve this exact behaviour in urvxt,
which supports font lookup lists. There, I have:





meaning, that if a CJK glyph can't be found in Fantasque Sans, it looks
up the glyph in the next listed font.


My understanding was that faceName and faceNameDoublesize are for that. 
Doublesized characters like CJK-characters the font from

faceNameDoublesize is used and for normal sized characters the font from
faceName is used. It seems I am mistaken.

--
Schöne Grüße

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

> On 15. Oct 2017, at 20:24, Tuyosi T  wrote:
> 
> ps
> 
> in case of roxterm
> if the  character encoding is set to UTF8 , input japanese is OK .
> 
> i think xterm is poor at japanese .

xfce4-Terminal works fine, too

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 08:34, Tuyosi T wrote:

hi Niels .

i am a japenese , so i write down about japanese input method in
http://openbsd-akita.blogspot.jp/2017/10/openbsd-62-lumina.html .

i use ibus-anthy .
scim-anthy is impossible for me .


Thanks a lot. But you are using sakura and not xterm for typing
Japanese. I want to use xterm so that I can leave more dependencies
behind :)

--
Schöne Grüße

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 08:35, Bryan Linton wrote:

On 2017-10-15 09:38:56, Niels Kobschaetzki <ni...@kobschaetzki.net> wrote:

On 17/10/15 07:12, Niels Kobschaetzki wrote:
> On 17/10/15 06:41, Niels Kobschaetzki wrote:
> > Hi,
> >
> > I am trying to get Japanese input working in xterm but I just cannot get
> > it to work. It works in xfce4-terminal though.
> >
> > I have in my .profile and my .xsession:
> > export LANG=en_US.UTF-8
> > export LC_NUMERIC=de_DE.UTF-8
> > export LC_TIME=de_DE.UTF-8
> > export LC_MONETARY=de_DE.UTF-8
> > export LC_PAPER=de_DE.UTF-8
> > export LC_NAME=de_DE.UTF-8
> > export LC_ADDRESS=de_DE.UTF-8
> > export LC_TELEPHONE=de_DE.UTF-8
> > export LC_MEASUREMENT=de_DE.UTF-8
> > export LC_IDENTIFICATION=de_DE.UTF-8
> > export LC_CTYPE=en_US.UTF-8
> >
> > export GTK_IM_MODULE=ibus
> > export XMODIFIERS="@im=ibus" xterm
> > export QT_IM_MODULE=ibus
> >
> > I am not sure though what exactly is necessary now because I tried now a
> > lot to get it working.
> >
> > In my .Xdefaults I have:
> > XTerm*faceName: Terminess Powerline:style=Medium
> > XTerm*faceSize: 13
> > xterm*faceNameDoublesize: Sazanami Mincho
> > XTerm*utf8: true
> > XTerm*locale: utf8
> > XTerm*inputMethod: ibus
> >
> > When I have ibus-anthy activated the pop over appears and I can type
> > Japanese but when I hit enter to place it, no characters appear. When I
> > want to open a japanese web page like https://www.asahi.com in lynx
> > there are only garbled characters (and w3m crashes).
> >
> > A mail in Japanese appears correctly in mutt though.
> >
> > What I am missing?
>
> I got a bit further. When I start xterm with "xterm -cjk_width" it works
> \o/
>
> But setting "XTerm*cjkWidth: true" in .Xdefaults has no effect (yes, I
> do a xrdb -merge .Xdefaults)

And now I found yet another issue. The moment I use
xterm*faceNameDoublesize the character "ü" breaks and the line-drawing
characters on the bottom of the index of mutt break as well



I have mostly the same settings as you do in .xinitrc, except I
use UIM instead of ibus.  Everything works well for me.

What do you mean when you say, "when I hit enter to place it, no
characters appear"?  Does nothing happen at all?  Or do you see
dotted rectangles instead of kanji?


nothing appears at all.


I use two different commands to launch xterms depending on whether
I want to use Japanese or not.  In the normal xterm, I can input
text and create documents, but I see dotted rectangles because I
use the default font.  If I view that file with the proper fonts
after creating it, it's fine, so I know the input is being
properly sent and recorded.

I have a jxterm.sh command contaning the following command:
env LC_ALL=ja_JP.UTF-8 xterm -fa "Sazanami Gothic" -fs 16 $1
that I run whenever I want to explicitly use (and see) Japanese.


When I start xterm with these settings, everything works as expected.
Even the "ü" ;)
Thanks :)

I just tried it without setting the environment, and even then it works.
And when I set XTerm*faceName: Sazanami Mincho:style=Regular it also
works.

The problem seems to be that XTerm*faceNameDoublesize isn't used for
some reason.


I do this because I prefer the default font in xterms for Latin
text, and the Japanese font is too big for my tastes.  For
Japanese it's the other way around.  A bigger font is necessary to
show the detail of kanji.  Either way, it's only a display issue
and I can edit documents even if the font doesn't display them
properly.


I hoped, I can find a way to use both at once - Terminess for ascii, a
Japanese font for Japanese.


Does this work if you try using UIM?  What about SCIM?


I tried so far only ibus. I think it is purely a display, not an
IM-method-problem. As written above. When I start it with the settings
from you, it works.


UIM seems to be moribund.  There have been some recent commits,
but the last release was in 2015.  The current release does not
work with QT5.  I brought this up on ports@, since recent commits
have enabled QT5 support, and it was suggested that I contact
upstream and ask them to make a proper release.


I am used to use ibus for quite some time now. I prefer fcitx (instead
of ibus) with mozc (instead of anthy) but I found that I can get them
only properly to work in Arch Linux.

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 07:12, Niels Kobschaetzki wrote:

On 17/10/15 06:41, Niels Kobschaetzki wrote:

Hi,

I am trying to get Japanese input working in xterm but I just cannot get
it to work. It works in xfce4-terminal though.

I have in my .profile and my .xsession:
export LANG=en_US.UTF-8
export LC_NUMERIC=de_DE.UTF-8
export LC_TIME=de_DE.UTF-8
export LC_MONETARY=de_DE.UTF-8
export LC_PAPER=de_DE.UTF-8
export LC_NAME=de_DE.UTF-8
export LC_ADDRESS=de_DE.UTF-8
export LC_TELEPHONE=de_DE.UTF-8
export LC_MEASUREMENT=de_DE.UTF-8
export LC_IDENTIFICATION=de_DE.UTF-8
export LC_CTYPE=en_US.UTF-8

export GTK_IM_MODULE=ibus
export XMODIFIERS="@im=ibus" xterm
export QT_IM_MODULE=ibus

I am not sure though what exactly is necessary now because I tried now a
lot to get it working.

In my .Xdefaults I have:
XTerm*faceName: Terminess Powerline:style=Medium
XTerm*faceSize: 13
xterm*faceNameDoublesize: Sazanami Mincho
XTerm*utf8: true
XTerm*locale: utf8
XTerm*inputMethod: ibus

When I have ibus-anthy activated the pop over appears and I can type
Japanese but when I hit enter to place it, no characters appear. When I
want to open a japanese web page like https://www.asahi.com in lynx
there are only garbled characters (and w3m crashes).

A mail in Japanese appears correctly in mutt though.

What I am missing?


I got a bit further. When I start xterm with "xterm -cjk_width" it works
\o/

But setting "XTerm*cjkWidth: true" in .Xdefaults has no effect (yes, I
do a xrdb -merge .Xdefaults)


And now I found yet another issue. The moment I use
xterm*faceNameDoublesize the character "ü" breaks and the line-drawing
characters on the bottom of the index of mutt break as well

Niels

Re: Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

On 17/10/15 06:41, Niels Kobschaetzki wrote:

Hi,

I am trying to get Japanese input working in xterm but I just cannot get
it to work. It works in xfce4-terminal though.

I have in my .profile and my .xsession:
export LANG=en_US.UTF-8
export LC_NUMERIC=de_DE.UTF-8
export LC_TIME=de_DE.UTF-8
export LC_MONETARY=de_DE.UTF-8
export LC_PAPER=de_DE.UTF-8
export LC_NAME=de_DE.UTF-8
export LC_ADDRESS=de_DE.UTF-8
export LC_TELEPHONE=de_DE.UTF-8
export LC_MEASUREMENT=de_DE.UTF-8
export LC_IDENTIFICATION=de_DE.UTF-8
export LC_CTYPE=en_US.UTF-8

export GTK_IM_MODULE=ibus
export XMODIFIERS="@im=ibus" xterm
export QT_IM_MODULE=ibus

I am not sure though what exactly is necessary now because I tried now a
lot to get it working.

In my .Xdefaults I have:
XTerm*faceName: Terminess Powerline:style=Medium
XTerm*faceSize: 13
xterm*faceNameDoublesize: Sazanami Mincho
XTerm*utf8: true
XTerm*locale: utf8
XTerm*inputMethod: ibus

When I have ibus-anthy activated the pop over appears and I can type
Japanese but when I hit enter to place it, no characters appear. When I
want to open a japanese web page like https://www.asahi.com in lynx
there are only garbled characters (and w3m crashes).

A mail in Japanese appears correctly in mutt though.

What I am missing?


I got a bit further. When I start xterm with "xterm -cjk_width" it works
\o/

But setting "XTerm*cjkWidth: true" in .Xdefaults has no effect (yes, I
do a xrdb -merge .Xdefaults)

Niels

Japanese Input in xterm

2017-10-15 Thread Niels Kobschaetzki 

Hi,

I am trying to get Japanese input working in xterm but I just cannot get
it to work. It works in xfce4-terminal though.

I have in my .profile and my .xsession:
export LANG=en_US.UTF-8
export LC_NUMERIC=de_DE.UTF-8
export LC_TIME=de_DE.UTF-8
export LC_MONETARY=de_DE.UTF-8
export LC_PAPER=de_DE.UTF-8
export LC_NAME=de_DE.UTF-8
export LC_ADDRESS=de_DE.UTF-8
export LC_TELEPHONE=de_DE.UTF-8
export LC_MEASUREMENT=de_DE.UTF-8
export LC_IDENTIFICATION=de_DE.UTF-8
export LC_CTYPE=en_US.UTF-8

export GTK_IM_MODULE=ibus
export XMODIFIERS="@im=ibus" xterm
export QT_IM_MODULE=ibus

I am not sure though what exactly is necessary now because I tried now a
lot to get it working.

In my .Xdefaults I have:
XTerm*faceName: Terminess Powerline:style=Medium
XTerm*faceSize: 13
xterm*faceNameDoublesize: Sazanami Mincho
XTerm*utf8: true
XTerm*locale: utf8
XTerm*inputMethod: ibus

When I have ibus-anthy activated the pop over appears and I can type
Japanese but when I hit enter to place it, no characters appear. When I
want to open a japanese web page like https://www.asahi.com in lynx
there are only garbled characters (and w3m crashes).

A mail in Japanese appears correctly in mutt though.

What I am missing?

--
Cheers

Niels

Re: Security question / idea

2017-10-14 Thread Niels Kobschaetzki 

> On 14. Oct 2017, at 16:26, Bryan C. Everly  wrote:
> 
> Hi misc@,
> 
> In playing around with Libreboot and Coreboot, my belief that physical
> access to the hardware really ups an attacker’s ability to win against most
> security has been massively reinforced.  For example, someone with enough
> practice could take my Thinkpad T500 apart, force flash the BIOS (as I have
> been doing), reassemble it and put it back on my desk in ten to fifteen
> minutes (or maybe faster). The payload they flash could easily include a
> root kit and keylogger which would mitigate the advantage of Full Disk
> Encryption (because they could grab your passphrase keystrokes and send
> them off to the mother ship). So my happy little bubble that FDE would give
> me protection against all but a brute force attack has been popped.
> 
> Here’s my thought. What if we modified our boot code to do a hash of the
> BiOS and stored it persistently across boots?  Then we could compare it
> this time to the last value and take some action / issue some warning that
> something changed. It would be mildly annoying if you actually did just
> update your BIOS to a new version but that would be a small trade off in my
> mind at least.
> 
> The sticking point is this - where do you store the previous hash?  If we
> stored it outside of the FDE container, the attacker could just rewrite it
> on boot and we wouldn’t be able to detect a change. Put it inside the FDE
> and you would have to type your passphrase (sending it to the attacker) to
> read it.
> 
> So now to my ask - would a feature like this be of any interest to others?
> If so, any thoughts on how to securely persist the hash to solve the
> problem I describe above?
> 
> Thanks for any and all feedback.

Isn’t that something like Anti Evil Maid?
http://theinvisiblethings.blogspot.de/2011/09/anti-evil-maid.html?m=1


Niels

Thinkpad X260/T460 and Trackpoint-scrolling

2017-10-08 Thread Niels Kobschaetzki 
Hi,

are here other users who are having a Thinkpad X260 or X460 (or I guess a 
Carbon of the same generation)? I have trouble setting up Trackpoint-scrolling. 
It either stutters a lot or scrolling upwards won’t work. Is here someone with 
a machine like this and would mind to share how s/he set it up?

Niels

Re: Resize partitions?

2017-10-05 Thread Niels Kobschaetzki 

On 17/10/04 23:21, Alexander Hall wrote:



On October 4, 2017 6:58:52 PM GMT+02:00, Niels Kobschaetzki 
<ni...@kobschaetzki.net> wrote:


/.../ And I
don't know OpenBSD enough to know how "dangerous" it is to use
"pkg_delete -a". I used similar functions with linux-distributions and
they wanted to remove a tool like git because nothing depended on it.


It will here too but only if you didn't explicitly install said package. You can also 
mark already installed packages as "explicitly installed" using the fine pkg_* 
tools.

$ pkg_delete -n -a

will probably give you a nice hint, too.


Btw. I like the approach of dnf of Fedora which will not only uninstall
a package but also all its dependencies that aren't used by other
packages.


Thus, an implicit "pkg_delete -a" with no questions asked?


Yes. Since Fedora is very user-centric I guess it fits the use-case
since users probably usually want to delete "everything" when they
uninstall a piece of software and not just the package.

For me "pkg_delete -a " always does nothing. Thus I
thought it just doesn't work with a package name and I am misreading the
man page but apparently it should.

Niels

Re: Resize partitions?

2017-10-04 Thread Niels Kobschaetzki 

On 17/10/04 01:48, Nick Holland wrote:

On 10/03/17 10:10, Niels Kobschaetzki wrote:

On 17/10/03 13:48, Niels Kobschaetzki wrote:

Hi,

I am running currently constantly into the problem that I do not
have enough space left for installing packages and today even
upgrading a snapshot failed because I had not enough space left. Is
there a way to resize partitions? I guess probably not because
there is no volume manager, right? I used originally the suggested
layout by the installer. Any idea what could fill up the space on
/? The partition is only 1GB in size and if I see it correctly only
the base-system is installed there. Did base grew with the latest
snapshots?


I found the problem. It sat in front of the keyboard m) At some point
I created apparently by accident a huge file in /dev and that ate up
all the space in / One problem solved. Now to my other space-problems
where resizing would be a solution but maybe I just need to tidy up
more.


and that's one reason we tell you to partition the heck out of your system.

Best/worst story I heard along those lines was someone who typoed their
backup script, and instead of writing to tape, wrote to a FILE in /dev.
Unfortunately, they used one big partition, so there was plenty of space
for this file...but of course, if the bad thing happened, the tape was
blank.

If you fill a 100M root partition, you clean up junk you left laying
around.  If you fill a 1G root partition, something went horribly wrong,
and you find and fix the problem.  Enlarging is NOT the answer there.

Disks are stupid big these days.  You can't get too small a disk for
many applications.  Leave most of your disk unpartitioned, and you can
go back and "enlarge" anything you want at a later time (well...'cept
for root.  and 1G is a HUGE root partition).  Just create a new
partition, copy everything from the old to the new, change fstab, reboot.


The problem for me with lots of partitions is usually that I have the
"wrong" sizes. Right now I have 1.7G free in /usr/local but 105G in
/home. I am pretty sure that home won't grow that fast that it will fill
up. But /usr/local will with installing programs. And it is at least for
me a hassle to look regularly through my installed programs and decide
what I still need and what not. Especially with some libraries. And I
don't know OpenBSD enough to know how "dangerous" it is to use
"pkg_delete -a". I used similar functions with linux-distributions and
they wanted to remove a tool like git because nothing depended on it.
Btw. I like the approach of dnf of Fedora which will not only uninstall
a package but also all its dependencies that aren't used by other
packages. Anyway, I am only a mediocre fan of tons of partitions and
have a lot of bad experiences in the past with bad estimations what
needs to be which size. I have here for example the partition for
/usr/obj. It is nearly 6G in size, 2K are used according to df and from
what I am reading in the man-page of hier, I need it only when I want to
build OpenBSD by myself. /var is 18.5G in size but only 67.5M are used.
/ is 1G in size; I would have expected to need more.

It seems that I could resize problem-free but I can do this only after I
learned more about OpenBSD and how it uses its file-system. And then I
need to re-install and create the partitions by myself instead of using
the suggestions made by the installer. I guess I'd prefer a small / and
small /usr/X11R6 created by the installer and then something for the
rest. But that would probably mean moving /home into /usr/home and I
don't know what to do about /var.
Well, my family goes to vacation soon and I am home alone; maybe I have
then the time to reinstall (if I am not sorting all the lego-bricks of
the kids into a new sorting system…but that's another story).

Niels

Re: Resize partitions?

2017-10-03 Thread Niels Kobschaetzki 

On 17/10/03 13:48, Niels Kobschaetzki wrote:

Hi,

I am running currently constantly into the problem that I do not have enough 
space left for installing packages and today even upgrading a snapshot failed 
because I had not enough space left.
Is there a way to resize partitions? I guess probably not because there is no 
volume manager, right?
I used originally the suggested layout by the installer. Any idea what could 
fill up the space on /? The partition is only 1GB in size and if I see it 
correctly only the base-system is installed there. Did base grew with the 
latest snapshots?


I found the problem. It sat in front of the keyboard m)
At some point I created apparently by accident a huge file in /dev and
that ate up all the space in /
One problem solved. Now to my other space-problems where resizing would
be a solution but maybe I just need to tidy up more.

--
Schöne Grüße

Niels

Resize partitions?

2017-10-03 Thread Niels Kobschaetzki 
Hi,

I am running currently constantly into the problem that I do not have enough 
space left for installing packages and today even upgrading a snapshot failed 
because I had not enough space left. 
Is there a way to resize partitions? I guess probably not because there is no 
volume manager, right?
I used originally the suggested layout by the installer. Any idea what could 
fill up the space on /? The partition is only 1GB in size and if I see it 
correctly only the base-system is installed there. Did base grew with the 
latest snapshots?

Niels

Re: Serving multiple domains on one machine or IP address

2017-09-18 Thread Niels Kobschaetzki 

> On 19. Sep 2017, at 07:17, Greg Garrison  wrote:
> 



> Additionally I notice that the default client HTTP error messages (e.g. 404 
> error) that HTTPD generates reveal that the server is running OpenBSD. This 
> is not a big deal but if the error messages were configurable so that they 
> could mask the server OS or could display an otherwise custom message I would 
> see value in that. Does this capability exist with without recompiling HTTPD?

Being curious: Why do you want to mask the server-OS in the error message?

Niels

Re: startx fails with (EE) VESA(0): Cannot read int vect

2017-09-17 Thread Niels Kobschaetzki 

On 17/09/17 09:54, Dell Sanders wrote:

Hello,

I have freshly installed openbsd 6.1 on my PC which has a Intel HD Graphics 530 
graphics chipset.

/var/log/Xorg.1.org

(II) VESA(0): intializing int10
(EE) VESA(0): Cannot read int vect

dmesg has some (perhaps relevant) messages -

pchb0 at pci0 dev 0 function 0 vendor "Intel", unknown product 0x190f rev 0x07
"Intel HD Graphics 530" rev 0x06 at pci0 dev 2 function 0 not configured

Any ideas?


My Skylake-CPU has 520. And for getting that to work you need to use a
snapshot and not 6.1. I don't know if 530 is then supported, too.

Niels

cron and desktop-computers

2017-09-15 Thread Niels Kobschaetzki 
Hi,

today I wondered if I need anacron on my laptop. cron(8) states in the man page 
in the section "Daylight Saving Time and other time changes":
"If time has moved forward, those jobs that would have run in the interval that 
has been skipped will be run immediately."

Does that mean anacron is not needed and for example @daily-jobs will be 
executed on boot if the machine was off or in standby. Or other jobs that are 
scheduled while the machine is in standby/turned off?

Niels