Re: how to external encrypted drive that supports OpenBSD and FreeBSD?

[Noth]

Or you could use ext2fs, which is rw supported both on OpenBSD and 
FreeBSD, and is much more suitable than VFAT from a UNIX standpoint. 
FUSE is very slow on OpenBSD.


Cheers,

Noth

On 01/03/2024 18:16, Stefan Kreutz wrote:

Depending on your needs, you could use a FUSE-based solution like encfs.
There are numerous alternatives such as gocryptfs, or ecryptfs but AFAIK
they don't work with OpenBSD's FUSE implementation.

Rclone supports encrypted remotes. Without FUSE you'd need to copy files
manually, though.

You could also have a look at VeraCrypt.

On Fri, Mar 01, 2024 at 04:50:01PM -, beecdadd...@danwin1210.de wrote:

hi list
do you have any recommendation? internet can't find my answer

drive is external usb and it has to be encrypted..
something that can also supports freeBSD is what I need
fast solution is fat32, but how do I encrypt it? freebsd doesn't have
softraid or bioctl

Re: Installing shellinabox on OpenBSD

[Noth]

On 12/02/2024 20:12, Chris Narkiewicz wrote:

On Mon, Feb 12, 2024 at 07:01:11PM +0300, Odhiambo Washington wrote:

The VM is NOT exposed to the Internet so I am not worried.

If security is not a problem, you can use telnet. Windows has telnet
client built-in.

Best regards,
Chris Narkiewicz
Windows has had ssh as a built-in client since Windows 10 (at least 4-5 
years ago). Just launch PowerShell. You can even enable the sshd server.

Re: disk not found after first reboot

[Noth]

On 19/01/2024 01:38, Isak Lyberth wrote:

Hello guys, I am sorry to bother you with such a basic question.
After many years of only using my favorite OS on my firewall, I have
decided to install OpenBSD 7.4 on my Dell Latitude 7490 laptop, fitted with
a 500 GB Samsung 980 (non pro) nvme disk i use the entire disk with auto
partitioning).
it had Windows on it when iÍ got it, I removed it and used Linux Mint for
about a week and now i have installed OpenBSD 7.4. i have tried it a lot of
times, clearing the disk with the dd if=/dev/zero of=/dev/sd0 command and
also dd'd to sd0a, rsd0 and anything i could think of, i also tried exiting
to shell and done some fdisk -iy sd0 (suggested on reddit)
I have tested that I can get FreeBSD and Dragonfly bsd installed on the
laptop.

I will gladly supply more info if needed.
But how do I get my laptop to boot OpenBSD?

Kind regards Isak


Hi,

/dev/sd0c represents the whole drive, so dd should be pointed at it. 
Doing anything just creates a huge file in /dev. If you're having 
beginner problems, try using gpartdisk from a Linux flash drive to 
create an A6 partition and then installing OpenBSD.


Cheers

Noth

Re: FAT names exceeding spec length

[Noth]

Hello,

  Have you tried mounting with the -l flag? Otherwise I'd recommend 
using ext2fs instead of FAT32. Android will handle it natively, and 
OpenBSD can mount that read/write (on a sdXi mountpoint, like FAT32).


Cheers,

Noth

On 05/12/2023 16:46, Nowarez Market wrote:

:-)

so what is techinal explanation of the happening and the cut off to 8.3 ?

-- Nowarez Market

Dec 5, 2023 14:48:49 Anders Andersson :


$ echo "Tcl_Tk 8.5 Programming Cookbook -- Bert Wheeler -- 2011 --
Packt -- 9781849512992 -- 9ed273d2c640e4ae4761242a2c28d31c -- Capitan
Cloud Ebook Repo.pdf" | wc -c -m
     150 150

150 << 255

Re: [solved] syslogd in 7.4 no longer likes self signed certificates for TLS remote logging

[Noth]

Ok I solved it. Two issues:

1. the ca.crt file differed on various VMs, possibly due to bitrot

2. the -C option for syslogd to use the ca.crt as distributed to all VMs 
now (wasn't the case as I would append it's content to /etc/ssl/cert.pem 
and that was sufficient up till now) allows for normal logging over TLS 
once again. Thanks Stuart for the suggestion on that.


 Not sure why it had to break on moving 7.4 but at least it's working 
again.


Cheers,

Noth

Re: syslogd in 7.4 no longer likes self signed certificates for TLS remote logging

[Noth]

Hi Stuart,

On 09/10/2023 23:01, Stuart Henderson wrote:

any chance you previously had added certs to /etc/ssl/cert.pem but lost
that when upgrading?

I always readd the ca.crt used to sign the client certs to 
/etc/ssl/cert.pem and distribute the file at upgrade via siteXX.tgz

It's hard to tell the exact cause of your problem since you do not provice 
crucial
data such as any error messages that would appear in a log somewhere.

if there's nothing useful from syslogd, try connecting with nc -vvc
on the relevant machines too. (there was no relevant change to syslogd
since 7.3. there were changes to the various TLS libs but they should
affect nc as well and errors maybe easier to see there).


There is stuff from syslog (my other post took ages to reach the mailing 
list:


on the server:

Oct  9 23:09:30 loghost syslogd[96442]: tls logger "192.168.0.14:35359" 
connection error: handshake failed: error:14039418:SSL 
routines:ACCEPT_SR_CERT_VRFY:tlsv1 alert unknown ca


on the client:

Oct  9 23:09:02 builder syslogd[71166]: loghost 
"@tls4://loghost.domain.local" connection error: certificate 
verification failed: self signed certificate in certificate chain


# nc -vvc loghost.domain.local 6514
Connection to loghost.domain.local (192.168.0.30) 6514 port 
[tcp/syslog-tls] succeeded!
nc: tls handshake failed (certificate verification failed: self signed 
certificate in certificate chain)



We also do not know much about your configuration or what requirements the setup
is supposed to fill. But sure, in quite a number of situations auto-reneweing
Let's Encrypt certificates would be a serviceable solution.

using self-signed certs and requiring a specific cert (via syslogd's
-C option) is certainly a valid configuration too.

I'm going to give -C a go, it might be easier than adding the cert to 
/etc/ssl/cert.pem


Thanks for the suggestions  and confirming syslogd hadn't changed, maybe 
it's the TLS stuff. I need to check the hashes for /etc/ssl/ca.crt as well.


Cheers,

Noth

Re: syslogd in 7.4 no longer likes self signed certificates for TLS remote logging

[Noth]

Hi

On 09/10/2023 19:59, Peter N. M. Hansteen wrote:

You are aware that OpenBSD 7.4 has not been released yet, right?

Of course.


On Mon, Oct 09, 2023 at 06:42:02PM +0200, Noth wrote:

   This wasn't covered in http://www.openbsd.org/plus74.html . I have a setup
where various OpenBSD instances log via TLS to a central logger, using self
signed certificates I generated locally (10 year validity). Both the server
and the clients verify each other using the -c & -s options for syslogd on
the clients and -K for the server.

   I upgraded to 7.4 via CVS on my VMs but not my routers (yet). The 7.3
routers are still able to connect via TLS but the 7.4 VMs can't as they
don't like the self signed certs. It'd be nice if this was in the
upgrade74.html with some explanation of why this changed.

Actually, if you built from source from a recent -current (HEAD) checkout,
what you got was just that: something that is close to what will be 7.4-release,
(a matter of weeks if not days), but not actually 7.4-release or -stable.
I downloaded 7.4 from CVS last Wednesday and built it. I don't use 
-current. I am aware it's not officially released yet but it's close to 
being.

   Is my path to getting all this working again the way it was to use Let's
Encrypt certificates?

It's hard to tell the exact cause of your problem since you do not provice 
crucial
data such as any error messages that would appear in a log somewhere.

We also do not know much about your configuration or what requirements the setup
is supposed to fill. But sure, in quite a number of situations auto-reneweing
Let's Encrypt certificates would be a serviceable solution.

- Peter


client side /etc/rc.conf.local snippet:

syslogd_flags=-c /etc/ssl/buildhost.domain.local.crt -k 
/etc/ssl/private/buildhost.domain.local.key


client side /etc/syslog.conf snippet:

*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none 
@tls://loghost.domain.local

auth,daemon,syslog,user.info;authpriv,kern.debug @tls://loghost.domain.local

Error message for client is: Oct  9 21:30:50 buildhost syslogd[42102]: 
loghost "@tls://loghost.domain.local" connection error: certificate 
verification failed: self signed certificate in certificate chain


server side rc.conf.local snippet:

syslogd_flags=-u -T 192.168.50.30:514 -S loghost.domain.local -S 
192.168.0.30 -K /etc/ssl/ca.crt



Error server side is: Oct  9 21:31:20 loghost syslogd[39364]: tls logger 
"192.168.0.14:43535" connection error: handshake failed: 
error:14039418:SSL routines:ACCEPT_SR_CERT_VRFY:tlsv1 alert unknown ca


I hope this illustrates it a bit better.

Cheers,

Noth

syslogd in 7.4 no longer likes self signed certificates for TLS remote logging

[Noth]

Hello,

  This wasn't covered in http://www.openbsd.org/plus74.html . I have a 
setup where various OpenBSD instances log via TLS to a central logger, 
using self signed certificates I generated locally (10 year validity). 
Both the server and the clients verify each other using the -c & -s 
options for syslogd on the clients and -K for the server.


  I upgraded to 7.4 via CVS on my VMs but not my routers (yet). The 7.3 
routers are still able to connect via TLS but the 7.4 VMs can't as they 
don't like the self signed certs. It'd be nice if this was in the 
upgrade74.html with some explanation of why this changed.


  Is my path to getting all this working again the way it was to use 
Let's Encrypt certificates?


Cheers,

Noth

Re: syslog.conf syntax to specify several clients

[Noth]

On 07/03/2023 06:35, All wrote:


Hi all,

I have a server that acts as a syslog aggregator
for several other servers. I was trying to see whether
clients can be specified on one line but I can't see anything
regarding syntax for such cases in man pages.

Do we need to specify each client on the separate line?
Like:


Hi, yes you do.

I tried several kinds of semicolon, comma and plus syntax
but have not being able to make it work.
I can only see the very first host (eg. server1) in the log, not others.


From the man page for syslog.conf:

 # Log everything coming from host bastion to a separate file.
 ++bastion
 *.* /var/log/bastion
 +*

Use this block once per server. You should be able to tweak it by 
daemon, auth, etc.


Cheers,

Noth

Re: Compatible

[Noth]

Hi,

  Windows Server OS 2016 doesn't come with OpenSSH as an option, you'll 
have to add it manually using the package over here: 
https://github.com/PowerShell/Win32-OpenSSH/releases . An internet 
search gives plenty of guides on how to do this, even on Server Core. 
You can even have PowerShell as the default shell when logging in.


Cheers,

Noth

On 22/02/2023 23:35, Iwil C wrote:

Hi,

Is OpenSSH compatible with an Azure VM, Windows Server OS 2016 ?

Thanks

Re: Error from reorder_kernel

[Noth]

Your /usr is too small, 2G is the safe size for it these days. 73.3M 
probably isn't enough for reorder_kernel to work. You might have a 
coredump somewhere in /usr/share/relink.


Cheers,

Noth

On 20/11/2022 02:47, Aaron Miller wrote:

On 11/19/22 16:31, Stuart Henderson wrote:


On 2022-11-19, Aaron Miller  wrote:

Hi misc,

I ran into an issue with reorder_kernel on 7.2. It directed me to its
log file, /usr/share/relink/kernel/GENERIC/relink.log, which 
contains this:


    (SHA256) /bsd: OK
    LD="ld" sh makegap.sh 0x gapdummy.o
    ld -T ld.script -X --warn-common -nopie -o newbsd ${SYSTEM_HEAD}
vers.o ${OBJS}
    text    data    bss    dec    hex
    0    0    0    0    0
    mv newbsd newbsd.gdb
    ctfstrip -S -o newbsd newbsd.gdb
    strip: there are no sections to be copied!
    rm -f bsd.gdb
    mv -f newbsd bsd
    mv: newbsd: No such file or directory
    *** Error 1 in /usr/share/relink/kernel/GENERIC (Makefile:1940 
'newbsd')


I think the relevant error is the "strip: there are no sections to be
copied".

Also I saw a blue text error from the kernel (typing it rather than
copy-pasting):

     uvn_flush: obj=0xfd801ee12890, offset=0x576. error during
pageout.

    uvn_flush: WARNING: changes to page may be lost!

What does this mean? And how do I fix it?

Most likely your filesystem is full.

Thanks! Which filesystem should I free space on?

$ df -h
Filesystem Size    Used   Avail Capacity  Mounted on
/dev/sd1a  733M    323M    373M    46%    /
/dev/sd1k  6.2G    4.9G    1.0G    83%    /home
/dev/sd1d  1.1G    436K    1.1G 0%    /tmp
/dev/sd1f  1.5G    1.4G   73.3M    95%    /usr
/dev/sd1g  402M    339M   42.2M    89%    /usr/X11R6
/dev/sd1h  3.2G    2.1G    1.0G    67%    /usr/local
/dev/sd1j  1.8G   1000M    710M    58%    /usr/obj
/dev/sd1i  1.2G    2.0K    1.2G 0%    /usr/src
/dev/sd1e  1.7G    825M    865M    49%    /var

Re: Triple booting Windows/Debian/OpenBSD?

[Noth]

Hi,

   You're lucky enough to have the exact printout block by block of 
the disk layout. I wouldn't want to do this in OpenBSD's fdisk, it'd 
be easier with gparted on a Linux liveCD if you can. It can be done 
with fdisk but it's not very userfriendly.



Thanks. I managed to do it with Linux parted. Gparted doesn't accept 
sectors, only cylinders or {M,G}bytes. Back into Debian. Now, with 
regards to installing OpenBSD:


Be sure to make that NetBSD partition an OpenBSD one while you're at 
it so the installer finds it right away.


And that's where the problems started in the first place.

At the prompt:
(W) (G) (E)

I choose (E) edit. Then, recalling from memory, I selected (disk) and 
changed the NetBSD filesystem to OpenBSD. After that, I couldn't go 
anywhere else. I didn't know what to do and I must have selected the 
whole disk. I wanted to mount / on the ex-NetBSD partition, and that's 
where I got stuck.



Hi,

  Well done on restoring the disklabel. Try this in Linux:

   cfdisk /dev/sda

   then select the NetBSD partition, and change it's type to OpenBSD. 
Save, then reboot and boot the OpenBSD installer. You can then use the G 
option which should select just the OpenBSD partition. Basically you 
don't really need this step anyway as the partition is ready to be 
disklabeled.


Cheers,

Noth

Re: [SPAM] Can I undo OpenBSD GPT partition table and recover my data? was: Triple booting Windows/Debian/OpenBSD?

[Noth]

On 03/11/2022 15:14, Ottavio Caruso wrote:

On Tue, 1 Nov 2022 at 12:27, Ottavio Caruso naively wrote:

I have some spare space on my laptop (a rubbish Thinkpad E130) that was
originally meant for NetBSD, but I gave up on it due suspend/resume not
working.

This is how it looks from Debian:


Device Start   End   Sectors  Size Type
/dev/sda1   2048   1023999   1021952  499M Windows recovery environment
/dev/sda21024000   1226751202752   99M EFI System >>> [EFI
partition]
/dev/sda31226752   1259519 32768   16M Microsoft reserved
/dev/sda41259520  51845119  50585600 24.1G Microsoft basic data
/dev/sda5   51845120 124938239  73093120 34.9G NetBSD FFS
/dev/sda6  223012864 877277183 654264320  312G Microsoft basic data
/dev/sda7  206057472 223012863  16955392  8.1G Linux swap
/dev/sda8  877277184 976773119  99495936 47.4G Linux filesystem >>>
]Debian /home partition]
/dev/sda9  124938240 206057471  81119232 38.7G Linux filesystem >>>
[Debian / root]


So I officially joined the club of idiots who don't back up their
partition table. I wanted to install OpenBSD to free space, instead I
must have overwritten the partition table (hopefully not formatting
the drive because I aborted soon after realizing the mistake). I have
attached two screenshots.

I don't mind reinstalling Windows and Linux but I have a 350GB fat32
partition with tons of videos and books that I'd like to recover.

I have tried using testdisk from cgsecurity but it cannot recover that
particular partition.

Any help will be appreciated.

--
Ottavio Caruso

A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?


Hi,

  You're lucky enough to have the exact printout block by block of the 
disk layout. I wouldn't want to do this in OpenBSD's fdisk, it'd be 
easier with gparted on a Linux liveCD if you can. It can be done with 
fdisk but it's not very userfriendly. Be sure to make that NetBSD 
partition an OpenBSD one while you're at it so the installer finds it 
right away.


Good luck!

Noth

Re: Triple booting Windows/Debian/OpenBSD?

[Noth]

On 01/11/2022 13:27, Ottavio Caruso wrote:

Hi,

I have some spare space on my laptop (a rubbish Thinkpad E130) that 
was originally meant for NetBSD, but I gave up on it due 
suspend/resume not working.


This is how it looks from Debian:


Device Start   End   Sectors  Size Type
/dev/sda1   2048   1023999   1021952  499M Windows recovery 
environment
/dev/sda2    1024000   1226751    202752   99M EFI System >>> [EFI 
partition]

/dev/sda3    1226752   1259519 32768   16M Microsoft reserved
/dev/sda4    1259520  51845119  50585600 24.1G Microsoft basic data
/dev/sda5   51845120 124938239  73093120 34.9G NetBSD FFS
/dev/sda6  223012864 877277183 654264320  312G Microsoft basic data
/dev/sda7  206057472 223012863  16955392  8.1G Linux swap
/dev/sda8  877277184 976773119  99495936 47.4G Linux filesystem >>> 
]Debian /home partition]
/dev/sda9  124938240 206057471  81119232 38.7G Linux filesystem >>> 
[Debian / root]


Questions:

1) Can/should I reuse the EFI partition?

2) Can I reuse and mount the Linux swap partition?

3) I will nuke sda5 and install OpenBSD in there. Anything I need to 
know or do before installation?


I have read the installation guide:
https://www.openbsd.org/faq/faq4.html#Multibooting

but it's quite short and terse.

Is multibooting worth it or is it just a pain in the down under? I did 
install OpenBSD before but in a VM, so... apples and oranges really.


Thanks.




Hi,

  Presumably you are using GRUB to multiboot. Yes you should keep the 
EFI partition and add an OpenBSD directory in there, copy the 
BOOTX64.EFI file to it (available on your local mirror in the 7.2/amd64 
directory) and point your grub.cfg entry to the BOOTX64.EFI file in it. 
It's easiest to edit the /etc/grub.d/40_custom file and add this:


menuentry 'OpenBSD/amd64 normal kernel' {
 insmod part_gpt
 insmod search_fs_uuid
 insmod chain
 chainloader (hd0,gpt2)/EFI/OpenBSD/BOOTX64.EFI
}

and run update-grub to modify grub.cfg.

Cheers,

Noth

Re: Two external monitors via Thinkpad Thunderbolt 3 Dock Gen 2

[Noth]

Last time I checked, OpenBSD doesn't support Thunderbolt.

Cheers,

Noth

On 26/08/2022 17:20, Julian Huhn wrote:
I tried my old docking station, the Thinkpad Ultra Dock Type 40A2 and 
got the same result with it. The screen is mirrored on both external 
monitors. `xrandr` shows both external monitors as one.
The CPU can handle three monitors (two external and one internal). I 
was able to verify this with a Linux live USB drive.


On Fri, Aug 19, 2022 at 03:12:58PM +0200, Julian Huhn wrote:

Moin!

I want to connect two Thinkvision monitors (HDMI and DP) to my X270 
via a Thinkpad Thunderbolt 3 Dock Gen 2 (USB-C) and extend the screen 
over now all three monitors (X270 + Thinkvision + Thinkvision). 
Unfortunately, `xrandr` only shows one external monitor and if i run 
`xrandr --output DP-1 --auto --output eDP-1 --auto --right-of DP-1` 
then both external Thinkvision monitors show the same screen.


What can i do so that OpenBSD will recognize both external monitors 
separately? Is there some limitation on Thunderbolt/USB-C with 
OpenBSD i didn't see?


x270$ xrandr
Screen 0: minimum 320 x 200, current 3926 x 1440, maximum 16384 x 16384
eDP-1 connected primary 1366x768+0+0 (normal left inverted right x 
axis y axis) 277mm x 156mm

  1366x768  60.00*+  48.00
  1280x720  60.00    59.99    59.86    59.74
  1024x768  60.04    60.00
  960x720   60.00
  928x696   60.05
  896x672   60.01
  1024x576  59.95    59.96    59.90    59.82
  960x600   59.93    60.00
  960x540   59.96    59.99    59.63    59.82
  800x600   60.00    60.32    56.25
  840x525   60.01    59.88
  864x486   59.92    59.57
  700x525   59.98
  800x450   59.95    59.82
  640x512   60.02
  700x450   59.96    59.88
  640x480   60.00    59.94
  720x405   59.51    58.99
  684x384   59.88    59.85
  640x400   59.88    59.98
  640x360   59.86    59.83    59.84    59.32
  512x384   60.00
  512x288   60.00    59.92
  480x270   59.63    59.82
  400x300   60.32    56.34
  432x243   59.92    59.57
  320x240   60.05
  360x202   59.51    59.13
  320x180   59.84    59.32
DP-1 connected 2560x1440+1366+0 (normal left inverted right x axis y 
axis) 527mm x 296mm

  2560x1440 59.95*+  74.78
  1920x1200 59.95
  1920x1080 60.00    50.00
  1680x1050 59.88
  1280x1024 75.02    60.02
  1440x900  59.90
  1152x864  75.00
  1280x720  60.00    50.00    59.94
  1024x768  75.03    70.07    60.00
  800x600   72.19    75.00    60.32
  720x576   50.00
  720x480   60.00    59.94
  640x480   75.00    72.81    66.67    60.00    59.94
  720x400   70.08
HDMI-1 disconnected (normal left inverted right x axis y axis)
DP-2 disconnected (normal left inverted right x axis y axis)
HDMI-2 disconnected (normal left inverted right x axis y axis)

x270$ dmesg
OpenBSD 7.2-beta (GENERIC.MP) #693: Mon Aug 15 23:59:09 MDT 2022
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8442761216 (8051MB)
avail mem = 8169517056 (7791MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xca6a (61 entries)
bios0: vendor LENOVO version "R0IET58W (1.36 )" date 04/19/2019
bios0: LENOVO 20K5S09M00
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP TCPA SSDT UEFI SSDT SSDT HPET APIC MCFG ECDT 
SSDT SSDT BOOT BATB SLIC SSDT SSDT SSDT WSMT SSDT SSDT DBGP DBG2 MSDM 
ASF! FPDT UEFI
acpi0: wakeup devices GLAN(S4) XHC_(S3) XDCI(S4) HDAS(S4) RP01(S4) 
RP02(S4) RP04(S4) RP05(S4) RP06(S4) RP07(S4) RP08(S4) RP09(S4) 
RP10(S4) RP11(S4) RP12(S4) RP13(S4) [...]

acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2294.66 MHz, 06-4e-03
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 
64b/line 4-way L2 cache, 3MB 64b/line 12-way L3 cache

cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2294.66 MHz, 06-4e-03
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PG

Re: Zabbix 6.0.3 with Postgresql 14.2 on OpenBSD 7.1 stops graphing after two hours

[Noth]

Hello,

  Thanks for answering, sorry I get back to you so late but I was 
testing configs.


On 19/04/2022 10:30, Mark Patruck wrote:

On 16.04.2022 20:44, Noth wrote:

Hi,


Hi,

  I built the new 7.1 packages for Zabbix and PostgreSQL, and 
upgraded my monitoring VM. To my horror the zabbix_server process 
stops graphing after a couple of hours of uptime, with the 
housekeeper and history syncer processes at over 80% cpu usage. 
PostgreSQL shows INSERT processes stuck at 80% too, and restarting 
zabbix_server hangs, leaving zombie processes. I was using 2 vcpus 
and 2G of RAM. Feeling that the login.conf limits might be the 
problem I uped them by quite a bit:


The zabbix_server process won't eat up your system normally...it's more
database related.

1) how big is your database? (important, as you don't have much memory
   for a busy PostgreSQL database)


It's 5G (I've been running zabbix for years)

2) did you make changes to /var/postgresql/data/postgresql.conf?
   (work_mem, shared_buffers, effective_cache_size, random_page_cost)


No I'm using the default

2) how many items do you monitor?

31


3) did you always follow the Zabbix upgrade guide (especially 5->6)?

I did, and did the special extra steps for postgresql


4) how do your Zabbix server graphs "data gathering", "internal",
   "data handling" look like before the problem starts? Any high
   spikes?
CPU goes to 100%, housekeeper process goes over 80% and top shows 
postgresql processes for zabbix using near to 90% and they build up 
(from two to about five-six) till zabbix_server fails with out of memory 
(warning emails generated by zabbix don't go out because of this despite 
regular system emails going out)


5) have you already tried with a new database instance, i.e. move
   /var/postgresql/data to /var/postgresql/data_old and start with
   Zabbix 6.0.3 from scratch to see, if the database issues start
   immediately even when almost empty?

I did and it runs fine for 24 hours, using the initial ram+cpu config I had.

Zabbix 6.0.3 with Postgresql 14.2 on OpenBSD 7.1 stops graphing after two hours

[Noth]

Hi,

  I built the new 7.1 packages for Zabbix and PostgreSQL, and upgraded 
my monitoring VM. To my horror the zabbix_server process stops graphing 
after a couple of hours of uptime, with the housekeeper and history 
syncer processes at over 80% cpu usage. PostgreSQL shows INSERT 
processes stuck at 80% too, and restarting zabbix_server hangs, leaving 
zombie processes. I was using 2 vcpus and 2G of RAM. Feeling that the 
login.conf limits might be the problem I uped them by quite a bit:


postgresql:\
-:openfiles=1024:\
+:openfiles=4096:\
 :tc=daemon:
:datasize-max=2048M:\
:datasize-cur=2048M:\

I also uped sysctls:

-kern.seminfo.semmns=2048
-kern.shminfo.shmall=1024512
+kern.seminfo.semmns=4096
+kern.shminfo.shmall=1572864

This helped quite a bit, the graphing at least doesn't stop. Yet the housekeeper 
& history sync processes are still stuck continuously at over 80%. I even 
doubled the RAM to 4G and the vcpus to 4. Yet this is what top shows:

CPU0 states: 82.4% user,  0.0% nice, 14.7% sys,  1.0% spin,  0.0% intr,  2.0% 
idle
CPU1 states: 79.4% user,  0.0% nice,  9.8% sys,  0.0% spin,  0.0% intr, 10.8% 
idle
CPU2 states: 80.4% user,  0.0% nice,  9.8% sys,  0.0% spin,  0.0% intr,  9.8% 
idle
CPU3 states: 94.1% user,  0.0% nice,  4.9% sys,  0.0% spin,  0.0% intr,  1.0% 
idle
Memory: Real: 738M/2131M act/tot Free: 1796M Cache: 1091M Swap: 0K/2055M

  PID USERNAME PRI NICE  SIZE   RES STATE WAIT  TIMECPU COMMAND
48835 _postgre  640  307M  247M onproc/0  -23.4H 98.24% postgres: 
zabbix zabbix [local] SELECT
42079 _postgre  640  307M  245M run/2 -25.3H 98.10% postgres: 
zabbix zabbix [local] SELECT
 3630 _postgre  630  308M  282M onproc/1  -21.2H 82.42% postgres: 
zabbix zabbix [local] DELETE
12622 _postgre  600  307M  127M onproc/2  -20.8H 79.10% postgres: 
zabbix zabbix [local] INSERT

None of this behaviour happened with versions 2.x through to 5.x. Yes 
I've followed the pkg-readme for both PostgreSQL and Zabbix. Maybe these 
need adjusting? I'm at a loss on what I need to tune to make everything 
go back to being running with low CPU usage. I am fully aware 6.x now 
collects data points of a gazillion more things (so many entries with 
just $1 as the name now, I'm not sure what's going on there).


Hopefully some of you have an idea, cheers,

Noth

OpenBSD 7.1 (GENERIC.MP) #1: Wed Apr  6 18:48:24 CEST 2022
r...@builder2.nineinchnetworks.ch:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4255670272 (4058MB)
avail mem = 4109398016 (3919MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xbfbcb000 (13 entries)
bios0: vendor BHYVE version "13.0" date 11/10/2020
bios0: FreeBSD BHYVE
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S5
acpi0: tables DSDT FACP HPET APIC MCFG SPCR
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 16777216 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz, 3408.57 MHz, 06-9e-0d
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,SDBG,FMA3,CX16,xTPR,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,ITSC,FSGSBASE,BMI1,HLE,AVX2,BMI2,ERMS,INVPCID,RTM,RDSEED,MD_CLEAR,ARAT,XSAVEOPT,MELTDOWN

cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: CPU supports MTRRs but not enabled by BIOS
cpu0: apic clock running at 134MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz, 3413.28 MHz, 06-9e-0d
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,SDBG,FMA3,CX16,xTPR,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,ITSC,FSGSBASE,BMI1,HLE,AVX2,BMI2,ERMS,INVPCID,RTM,RDSEED,MD_CLEAR,ARAT,XSAVEOPT,MELTDOWN

cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 0, package 1
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz, 3411.94 MHz, 06-9e-0d
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,PBE,SSE3,PCLMUL,DTES64,DS-CPL,SSSE3,SDBG,FMA3,CX16,xTPR,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,ITSC,FSGSBASE,BMI1,HLE,AVX2,BMI2,ERMS,INVPCID,RTM,RDSEED,MD_CLEAR,ARAT,XSAVEOPT,MELTDOWN

cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 0, package 2
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz, 3419.69 MHz, 06-9e-0d
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,API

Re: HPE ProLiant MicroServer Gen10 Plus

[Noth]

https://homeservershow.com/forums/forum/217-microserver-gen10-plus/ is a 
good resource for this server (although I doubt anyone over there has 
tried OpenBSD on it). It should run fine on OpenBSD, the only issue is 
it doesn't have a NVME slot, you'll have to boot off a usb stick if you 
don't want to boot off the disk array. If you're aiming to upgrade the 
CPU to a better Xeon, get the Pentium model to save money. Do get the 
optional iLO module too, it comes in handy.


Cheers,

Noth


On 18/01/2022 22:06, readahead wrote:

Hello,

I'm currently considering purchasing a HPE ProLiant MicroServer Gen10 Plus. The 
machine is to be used mostly as a home NAS (OpenBSD, softraid(4) encryption and 
Samba).

Is this a right machine to run OpenBSD on? Can you please share any experience, 
recommend an exact model, etc.?

Kind regards,
readahead

Re: 7.0 amd64 installer kernel triggering reboot on pcEngines apu1

[Noth]

stty com0 115200

the APUs can't ajust the speed of their serial ports.

On 28/12/2021 22:37, Stuart Henderson wrote:

stty com0 9600 (or whatever speed you want to use)
set tty com0

On 2021-12-28, Darren S.  wrote:

Thought I'd blow the dust off of an apu1 I had around, but the installer
seems to not fully load the kernel and reboots early on.

In case this device is now mushy on the brain:

- 
- 

Details:
- AMD G series T40E APU, 1 GHz dual core (Bobcat core) with 64 bit support,
   32K data + 32K instruction + 512KB L2 cache per core
- DRAM: 2 or 4 GB DDR3-1066 DRAM with a 64 bit bus
- Storage: Boot from SD card (connected through USB), external USB or m-SATA
   SSD. 1 SATA data + power connector.
- Power: About 6 to 12W of 12V DC power depending on CPU load.
- Expansion: 2 miniPCI express (one with SIM socket for 3G modem), LPC bus,
   GPIO header, I2C bus, COM2 (3.3V RXD/TXD).
- Connectivity: 3 Gigabit Ethernet (Realtek RTL8111E), 1 DB9 serial port
(console).
- Firmware: coreboot open source system BIOS with support for iPXE and USB
boot.


Console log:

PC Engines APU BIOS build date: Apr  5 2014

Reading data from file [bootorder]

SeaBIOS (version ?-20140405_120742-frink)

SeaBIOS (version ?-20140405_120742-frink)

Found coreboot cbmem console @ df150400

Found mainboard PC Engines APU

Relocating init from 0x000e8e71 to 0xdf1065e0 (size 39259)

Found CBFS header at 0xfb90

found file "bootorder" in cbmem

CPU Mhz=1001

Found 29 PCI devices (max PCI bus is 06)

Copying PIR from 0xdf160400 to 0x000f27a0

Copying MPTABLE from 0xdf161400/df161410 to 0x000f25a0 with length 1f4

Copying ACPI RSDP from 0xdf162400 to 0x000f2580

Copying SMBIOS entry point from 0xdf16d800 to 0x000f2560

Using pmtimer, ioport 0x808

Scan for VGA option rom

EHCI init on dev 00:12.2 (regs=0xf7f08420)

Found 1 lpt ports

Found 2 serial ports

AHCI controller at 11.0, iobase f7f08000, irq 11
EHCI init on dev 00:13.2 (regs=0xf7f08520)
EHCI init on dev 00:16.2 (regs=0xf7f08620)
Searching bootorder for: /pci@i0cf8/*@11/drive@0/disk@0
AHCI/0: registering: "AHCI/0: SATA SSD ATA-10 Hard-Disk (15272 MiBytes)"
Searching bootorder for: /rom@img/setup
Searching bootorder for: /rom@img/memtest
OHCI init on dev 00:12.0 (regs=0xf7f04000)
OHCI init on dev 00:13.0 (regs=0xf7f05000)
OHCI init on dev 00:14.5 (regs=0xf7f06000)
OHCI init on dev 00:16.0 (regs=0xf7f07000)
Searching bootorder for: /pci@i0cf8/usb@16,2/storage@1/*@0/*@0,0
Searching bootorder for: /pci@i0cf8/usb@16,2/usb-*@1
Searching bootorder for: /pci@i0cf8/usb@12,2/storage@5/*@0/*@0,0
Searching bootorder for: /pci@i0cf8/usb@12,2/usb-*@5
USB MSC vendor='Multiple' product='Card  Reader' rev='1.00' type=0
removable=1
Device reports MEDIUM NOT PRESENT
scsi_is_ready returned -1
Unable to configure USB MSC drive.
Unable to configure USB MSC device.
USB MSC vendor='SanDisk' product='Cruzer Blade' rev='1.00' type=0
removable=1
USB MSC blksize=512 sectors=61341696
All threads complete.
Scan for option roms
Running option rom at c000:0003

iPXE (http://ipxe.org) 00:00.0 C000 PCI2.10 PnP PMMpmm call arg1=1
pmm call arg1=0
+DF0E2FD0pmm call arg1=1
pmm call arg1=0
+DF042FD0 C000


Searching bootorder for: /rom@genroms/pxeboot.rom

Build date: Apr  5 2014
System memory size: 4592 MB

Press F12 for boot menu.

Searching bootorder for: HALT
drive 0x000f2490: PCHS=0/0/0 translation=lba LCHS=1024/255/63 s=61341696
drive 0x000f24f0: PCHS=16383/16/63 translation=lba LCHS=1024/255/63
s=31277232
Space available for UMB: c1000-ee800, f-f2490
Returned 253952 bytes of ZoneHigh
e820 map has 7 items:
   0:  - 0009fc00 = 1 RAM
   1: 0009fc00 - 000a = 2 RESERVED
   2: 000f - 0010 = 2 RESERVED
   3: 0010 - df14e000 = 1 RAM
   4: df14e000 - e000 = 2 RESERVED
   5: f800 - f900 = 2 RESERVED
   6: 0001 - 00011f00 = 1 RAM
enter handle_19:
   NULL
Booting from Hard Disk...
Booting from :7c00
Using drive 0, partition 3.
Loading..
probing: pc0 com0 com1 mem[639K 3568M 496M a20=on]
disk: hd0+ hd1+

OpenBSD/amd64 BOOT 3.53

boot>
cannot open hd0a:/etc/random.seed: No such file or directory
booting hd0a:/7.0/amd64/bsd.rd: 3830471+1598464+3907256+0+704512
[109+288+28]=0x995530
entry point at 0x81001000
PC Engines APU BIOS build date: Apr  5 2014


The last line there shows the boot cycle begin again. What's the advice on
troubleshooting/addressing? No crash, so was going to work back in versions
and see if anything takes.

Re: adding firmware during installation

[Noth]

On 17/11/2021 08:29, Luca Ferrari wrote:

On Tue, Nov 16, 2021 at 3:03 PM Noth  wrote:

Run the installer as usual, then once that has finished:

umount /mnt2 (this is where the install sets are)

remove installer usb drive and insert usb drive with the firmware

mount /dev/sd1a (or sd1i if using vfat) /mnt2

cp /mnt2/iwn-firmware-version.tgz /mnt/root

chroot /mnt

pkg_add /root/iwn-firmware-version.tgz

exit

reboot!

Thanks, however, if I have to install the drivers and reboot, it does
make more sense to me to reboot and install the driver then.
I was searching for a method to add the driver at the beginning of the
installation.
Nevermind, problem solved.

Luca


I think you might want to check out the release(8) manpage. Build a 
release, add the firmware into the $RELEASEDIR before the sh checkflist 
step or possibly the make release one (I haven't tried this) and 
complete the creation of the installation images. Worth doing in a VM 
for ease of use.


Good luck!

Noth

Re: adding firmware during installation

[Noth]

Run the installer as usual, then once that has finished:

umount /mnt2 (this is where the install sets are)

remove installer usb drive and insert usb drive with the firmware

mount /dev/sd1a (or sd1i if using vfat) /mnt2

cp /mnt2/iwn-firmware-version.tgz /mnt/root

chroot /mnt

pkg_add /root/iwn-firmware-version.tgz

exit

reboot!

On 16/11/2021 12:34, Luca Ferrari wrote:

Hi all,
I'm installing OpenBSD 7.0 on a Lenovo Thinkpad T410, and I need the
firmware iwn-firmware-5.11p1.tgz for the wireless card.
Therefore, I opened a shell from the installer, mounted the USB stick
I placed the downloaded firmware on, and now I'm stuck: I cannot
install it because pkg_add is not available, as well as I cannot
extract it to /etc/firmware.
How to proceed from here?

Note: I can solve installing the system without networking and then
add the firmware later on, but I would understand how to do it within
the installation process.

Thanks,
Luca

Re: Issue on RPi4 upgrade to 7.0

[Noth]

You're better off rolling back to 6.9. Upgrade when the issue has been 
solved.


On 20/10/2021 16:12, Nenhum_de_Nos wrote:

Hi,

I just upgraded my RPi4B 4G router to 7.0 and, unlike the RPi3B that all worked 
fine, it fails to boot and the log is:

softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (978f2b14852ab222.a) swap on sd0b dump on sd0b
WARNING: CHECK AND RESET THE DATE!
gpio0 at bcmgpio0: 58 pins
bwfm0: address xx:xx:xx:xx:xx:xx
panic: do_el0_error
Stopped at  panic+0x160:cmp w21, #0x0
 TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
*501374  57858  0   0  00  init
7166  1  0 0x2  02K init
db_enter() at panic+0x15c
panic() at do_el0_error+0x10
athub_v2_1_set_clockgating() at handle_el0_error+0x74
handle_el0_error() at 0x14bf4fdea8
address 0x7d3be8 is invalid
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> reboot
rebooting...

Searching the internet I got to this: 
https://www.mail-archive.com/bugs@openbsd.org/msg17017.html

So I did what was told there, disabled bcmpcie on boot and now the USB won't 
work. I need it for my second NIC. It was all fine on 6.9 till this morning.

It was also mentioned on that mail thread that the U-Boot would matter, so mine 
now is U-Boot 2021.07 (Aug 12 2021 - 02:45:29 -0600) Tried to search for new 
U-Boot for it, no new version found so far. Will keep looking.

Has anyone seen this issue on updates?

Now I am confused if I finish the upgrade by running sysmerge and pkg_add -u or 
if I try to rollback to 6.9 where all worked fine.

thanks,

matheus

Re: Another potential ksh bug?

[Noth]

On 07/12/2020 05:41, Jordan Geoghegan wrote:

Hello again,

I was playing around with ksh array syntax and its behaviour when set 
as read-only. In my testing I noticed that ksh will allow you to 
overwrite the first element of a read-only array. Example snippet:


#!/bin/ksh
arr[0]=val1
arr[1]=val2
readonly arr
echo "${arr[@]}"
arr=yikes
echo "${arr[@]}"

I tested a few other shells, and this bug does exists in the original 
pdksh and is also present in zsh. This bug is not present in ksh93, 
mksh or bash, where they abort when trying to modify the read-only array.


I don't have access to a proper ksh88 shell, but it would be nice if 
someone could confirm its behaviour.


I was just hoping someone could confirm if this is intended behaviour, 
or if it's a bug.


Regards,

Jordan


Hi,

  I tries this with AMIX (UNIX SVR4 for Commodore Amiga) v2.1 which 
presumably is using ksh88 as it hasn't been updated since circa 1992 and 
it does abort at the same place. Screenshot here: 
http://casper.nineinchnetworks.ch/images/kshtest.png .


Cheers,

Noth

Re: [SPAM] Re: APU4 hardware network interfaces tied together

[Noth]

Buy a switch, and buy the APU4. Two ports don't get used, so what? It'll 
be more reliable long term than a RPi4. A router with only one physical 
port isn't a router, it's a host, no matter how many vlans you throw at it.


Cheers,

Noth

On 16/11/2020 18:06, Mihai Popescu wrote:

bridge(4), and add a vether ...

Reading thru man pages I see there are other options: switch, aggr, trunk,
etc.
I barely understand these, since IP is an ugly business.
My intention is to replace ISP router with something based on OpenBSD I can
configure myself. I see now that APU4 is too much, I am inclined to try
RPi4 with an USB network interface. If anyone has any other suggestion,
please email me directly to ease the list.

Thank you all.

Re: Support of the AX1650 card

[Noth]

On 05/11/2020 06:16, yul3n.f...@protonmail.com wrote:

Hi
Thanks for your answers.
This card is USD on new Dell XPSs, it may also be used on other laptop.
If I eventually get the laptop I'll check the output of 'pcidump -v'.


The 11th gen XPS 13? Aka XPS 13 9310? I'm looking at getting one of 
those too.


Cheers,

Noth

Re: Problem with isc_named

[Noth]

On 31/05/2020 20:00, Christer Solskogen wrote:

Hi!

With current (OpenBSD 6.7-current (GENERIC.MP) #232: Sat May 30 18:17:19
MDT 2020) and up-to-date packages, I'm having a hard time running isc_named
as a slave dns.

I get this in the log:
dumping master file: tmp/tmp-lxMn2v1tJx: open: file not found

named.conf is like this:
options {
 directory "/tmp";   // working directory, inside the /var/named
chroot
 // - must be writable by _bind
 version ""; // remove this to allow version queries

 listen-on{ any; };
 listen-on-v6 { any; };

 empty-zones-enable yes;

 allow-recursion { clients; };
};

zone "0.168.192.in-addr.arpa" {
 type slave;
 masterfile-format text;
 file "tmp/0.168.192.in-addr.arpa";
 masters { 192.168.0.4; };
};

zone "antarctica.no" {
 type slave;
 masterfile-format text;
 file "tmp/antarctica.no";
 masters { 192.168.0.4; };
};

zone "carebears.no" {
 type slave;
 masterfile-format text;
 file "tmp/carebears.no";
 masters { 192.168.0.4; };
};


/var/named/tmp is owned by _bind:_bind with drwxrwxr-x

I can't seem to find any error in my config. Could there be something wrong
with the package?
isc-bind-9.16.3p0v0 is the one I have installed.


Hi,

  Why are you putting the zone files in /var/named/tmp? That's probably 
the source of the problem. Use /var/named/{master,slave} for those...


Cheers,

Noth

Re: [SPAM] Re: upgrade 6.6 -> 6.7

[Noth]

On 20/05/2020 10:24, infoomatic wrote:

FreeBSD/bhyve virtualization technology basically uses 2 components: the
bootloader and the hypervisor.

It needs some manual steps (using bhyve-grub as bootloader):

*) sysupgrade -n, then shutdown

*) vm.conf usually has a line like 'grub_run0="kopenbsd -h com0 -r sd0a
/bsd"' - use /bsd.upgrade instead of /bsd - this can also be configured
in grub boot menu

*) Upgrade finishes and reboots again automatically, so in grub use /bsd
again. Using the vm.conf method you need to force the shutdown because
the system is trying to boot /bsd.upgrade again which of course
vanished. (so use /bsd in vm.conf again and start the vm)


So for manual upgrade editing the boot config in grub menu is simple, if
you do automated upgrades going via the vm.conf stuff might be preferable.

Or you might want to upgrade your bhyve config to using uefi as the 
bootloader, so none of these extra steps are needed. Made for flawless 
upgrade with sysupgrade for me.


Cheers,

Noth

Re: booting from a SD card on APU2: ERR R

[Noth]

Try changing the boot order so it goes to the SD card first. I had this 
issue a few months ago when I added an external USB drive.


Cheers,

Noth

On 22/04/2020 23:54, Jan Stary wrote:

This is my brand new APU2.e2 (dmesg below).
I put a 16GB SD card into it,
installed current/amd64 on a USB stick on another machine,
plugged the USB sticku into the APU, booted up:

$ cu -rd -l /dev/cuaU0  -115200
Connected to /dev/cuaU0 (speed 115200)
SeaBIOS (version rel-1.10.0.1)

Press F10 key now for boot menu

Select boot device:

1. USB MSC Drive Generic Flash Disk 8.07
2. SD card  16000MiB
3. Payload [memtest]
4. Payload [setup]

Booting from Hard Disk...
Using drive 0, partition 3.
Loading..


Installation onto the SD card went just fine.
After reboot, I try to boot from it:

Connected to /dev/cuaU0 (speed 115200)
PCEngines apu2
coreboot build 20170228
2032 MB DRAM

SeaBIOS (version rel-1.10.0.1)

Press F10 key now for boot menu

Select boot device:

1. USB MSC Drive Generic Flash Disk 8.07
2. SD card  16000MiB
3. Payload [memtest]
4. Payload [setup]

Booting from Hard Disk...
Using drive 0, partition 3.
Loading
ERR R


Why is that? I can boot from the USB stick,
but not from the SC card I installed on the machine itself ...

Jan



OpenBSD 6.7-beta (GENERIC) #145: Tue Apr 21 21:46:16 MDT 2020
 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 1996148736 (1903MB)
avail mem = 1923190784 (1834MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x77fb7020 (7 entries)
bios0: vendor coreboot version "4.0.7" date 02/28/2017
bios0: PC Engines APU2
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S2 S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HEST SSDT SSDT HPET
acpi0: wakeup devices PWRB(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PBR8(S4) 
UOH1(S3) UOH3(S3) UOH5(S3) XHC0(S4)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD GX-412TC SOC, 998.45 MHz, 16-30-01
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, IBE
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
ioapic1 at mainbus0: apid 5 pa 0xfec2, version 21, 32 pins, remapped
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PBR4)
acpiprt2 at acpi0: bus 1 (PBR5)
acpiprt3 at acpi0: bus 2 (PBR6)
acpiprt4 at acpi0: bus 3 (PBR7)
acpiprt5 at acpi0: bus -1 (PBR8)
acpicpu0 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpibtn0 at acpi0: PWRB
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
acpicmos0 at acpi0
cpu0: 998 MHz: speeds: 1000 800 600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD 16h Root Complex" rev 0x00
pchb1 at pci0 dev 2 function 0 "AMD 16h Host" rev 0x00
ppb0 at pci0 dev 2 function 2 "AMD 16h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel I211" rev 0x03: msi, address 
00:0d:b9:56:5e:fc
ppb1 at pci0 dev 2 function 3 "AMD 16h PCIE" rev 0x00: msi
pci2 at ppb1 bus 2
em1 at pci2 dev 0 function 0 "Intel I211" rev 0x03: msi, address 
00:0d:b9:56:5e:fd
ppb2 at pci0 dev 2 function 4 "AMD 16h PCIE" rev 0x00: msi
pci3 at ppb2 bus 3
em2 at pci3 dev 0 function 0 "Intel I211" rev 0x03: msi, address 
00:0d:b9:56:5e:fe
ccp0 at pci0 dev 8 function 0 "AMD 16h Crypto" rev 0x00
xhci0 at pci0 dev 16 function 0 "AMD Bolton xHCI" rev 0x11: msi, xHCI 1.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "AMD xHCI root hub" rev 3.00/1.00 
addr 1
ahci0 at pci0 dev 17 function 0 "AMD Hudson-2 SATA" rev 0x40: apic 4 int 19, 
AHCI 1.3
scsibus1 at ahci0: 32 targets
ehci0 at pci0 dev 19 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18
usb1 at ehci0: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "AMD EHCI root hub" rev 2.00/1.00 
addr 1
piixpm0 at pci0 dev 20 function 0 "AMD Hudson-2 SMBus" rev 0x42: SMI
iic0 at piixpm0
iic1 at piixpm0
iic1: addr 0x4c 3e=00 48=00 4a=00 4e=00 fc=00 fe=00 words 00= 01= 
02= 03= 04=f

Re: experience setting up a low memory machine

[Noth]

I wouldn't call 64Mb "small" for memory, it's tiny. Even 20 years ago 64 
wasn't really enough. The introduction of kernel relinking on boot has 
been noted since 6.5 (or was it 6.4?) to make tiny memory systems 
obsolete. They simply can't cope. Theo has noted he has other projects 
in the pipeline that will make that situation even worse. The only thing 
I can recommend is to stick to an older version of the OS and not use 
the machine for anything needing web browsing. It can still be a useful 
console terminal to headless devices, for example.


Good luck,

Noth

Re: Low throughput with 1 GigE interface

[Noth]

On 30/01/2020 15:43, livio wrote:

Dear all,

I am unable to achieve decent throughput with a 1 GigE interface
(Intel I210) on OpenBSD 6.6. When running iperf3 I get around 145Mbit/s.

The config/setup is: APU2c4, Win10 notebook, no switch, Cat.6a cable,
MTU 1500, 1000baseT, full-duplex, pf disabled, BSD.mp, no custom Kernel
parameters/optimizations.

With an increased MTU of 9000 (on both devices) the throughput is around
230-250Mbit/s.

When running the same test with a FreeBSD 12.1 on the APU I achieve
around 940Mbit/s (MTU 1500).

The BIOS has been updated to the latest version (v4.11.0.2). The
hardware of the device is: https://pcengines.ch/apu2c0.htm

dmesg output:
https://paste.ee/p/OeRbI

Any inputs and help is highly appreciated.

Many thanks,
Livio

PS: I ran the same tests on an APU1c4 with Realtek RTL8111E interfaces.
The results were lower - around 95Mbit/s.
https://pcengines.ch/apu1c4.htm

PPS: Others also seem to have low throughput. None of the tuning
recommendations I found online substantially improved my results:
https://www.reddit.com/r/openbsd/comments/cg9vhq/poor_network_performance_pcengines_apu4/

According to the manufacturer of the APU2, the problem is with OpenBSD 
not using all cores for network traffic management: 
https://teklager.se/en/knowledge-base/apu2c0-ipfire-throughput-test-much-faster-pfsense/ 

Re: OpenBSD 6.6 wlan DHCP no link .... sleeping

[Noth]

On 21/11/2019 11:53, Getz Mikalsen wrote:

First time posting on this mailing list but hopefully
my post adheres to the Netiquette and that I am posting
this to the appropriate list

I've been trying to get the wifi working on my
IBM thinkpad 240x for a few days now but I seem to have
gotten stuck.

I'm using an Intel 2100 MiniPcie card with the ipw firmware
(https://man.openbsd.org/ipw).
I previously tried using a Intel 2915ABG with the iwi firmware
but kept getting firmware errors so I replaced it with the 2100.

I believe I have managed to connect to my WPA2 secured network
(judging by the output of my ifconfig) but im not able to get
any further. And running DHCP (dhclient ipw0 or sh /etc/netstart)
keeps outputting the same timeout message, No link..sleeping
No further error messages than that.

I have configured my ifconfig through the /etc/hostname.ipw0
file as advised in the man page, my config is as follows.

///
nwid hotspot wpakey password chan up wpaprotos wpa2

inet 10.220.1.156 255.255.255.0
dhcp
///


You're setting a fixed ip address as well as dhcp. You can't have both 
in hostname.ipw0.






This then results in ifconfig outputting the following

///
ipw0: flags=808843 mtu 1500
 lladdr 00:0c:f1:24:1c:2a
 index 1 priority 4 llprio 3
 groups: wlan
 media: IEEE802.11 autoselect (DS11 mode 11b)
 status: active
 ieee80211: nwid hotspot chan 7 bssid 30:23:03:1a:4c:7a -18dBm wpakey 
wpaprotos wpa2 wpaakms psk wpaciphers ccmp
wpagroupcipher ccmp
 inet 10.220.1.156 netmask 0xff00 broadcast 10.220.1.255
///
Disregard anything coming from a FreeBSD forum, the config files don't 
work the same. rc.conf should never be touched, only rc.conf.local, and 
OpenBSD doesn't configure the network via that file.

I have also added this to my rc.conf as advised here
https://forums.freebsd.org/threads/solved-re0-no-link-giving-up-my-card-driver-or-dhcp-server-problem.4566/

///
ifconfig_ipw0="DCHP"
///
 
This is where I get stuck, dhcp still timeouts and gives me

the error message, im able to ping 10.220.1.156 but no other
ip from the router, this make me believe the issues is to be
solved with the route command, "route show" outputs this.

///
Internet
 DestinationGatewayFlagsRefs  UseMtu  
Interface
 10.220.1/2410.220.1.156   Cn 00 - 
8 ipw0
 10.220.1.156   00:0c:f1:24:1c:2a  UHLl   00 - 
1 ipw0
 10.220.1.255   10.220.1.156   Hb 00 - 
1 ipw0
///

What is known that the network is named "hotspot"
passworded with "password", its gateway is "10.220.1.1"

I am also aware of certain IBM thinkpads having issues with
unauthorized MiniPCI cards as brought up here
http://www.thinkwiki.org/wiki/Problem_with_unauthorized_MiniPCI_network_card
but this is only a BIOS whitelist and the combo im using
has been comfirmed to be working on the thinkpads forum and the
BIOS accepts the card.

So where do I go now, is the routing correct?
I dont know much about ip routing and gateways, maybe someone
knows some good resources where I can learn so I wont have
to come asking for help again.

I read the following and thought I might be having a similar
issue but I know too little about internet configurations
to make much of it.
https://serverfault.com/a/581162

As for it being incompatible or not, I can't tell, I'm not a ThinkPad 
specialist.



Cheers,


Noth

Re: vi in ramdisk?

[Noth]

On 08/11/2019 07:06, Philip Guenther wrote:

On Thu, Nov 7, 2019 at 9:57 PM Brennan Vincent 
wrote:


I am asking this out of pure curiosity, not to criticize or start a debate.

Why does the ramdisk not include /usr/bin/vi by default? To date,
it is the only UNIX-like environment I have ever seen without some form
of vi.


The ramdisk space is extremely tight.  We include what we feel is
necessary, PUSHING OUT other stuff as priorities shift.  If you have watch
the commits closely, you would have seen drivers vanish from the ramdisks
on tight archs as new functionality was added.

Given what we want people to use the ramdisks for (installing,
reinstalling, upgrading, fixing boot and set issues), vi is not necessary,
while other functionality and drivers extend their applicability.  We will
keep the latter and not include the former.


Philip Guenther


ed is included in the ramdisk, but if your use case is using vi to fix a 
config file on an existing installation, just do this (assuming you 
mounted everything into /mnt):


chroot /mnt /bin/ksh

export TERM=vt100

vi /etc/yourfile


Cheers,

Noth

6.6 VMs need 320Mb of ram in bhyve

[Noth]

Hi,

  I just upgraded a couple of VMs to 6.6 (thanks to everyone for 
another brilliant release!) that used to manage in 256Mb of RAM. They 
crash at the stage the kernel loads with that amount in 6.6, and with 
288Mb the kernel loading process hangs. It takes 320Mb for them to boot 
without any issues. I don't know what's changed but I thought it'd be 
worth reporting. I'm using bhyve on FreeBSD 12.0.


Cheers,

Noth

Re: can't find libpcap

[Noth]

On 17/08/2019 14:01, shadrock uhuru wrote:

hi everyone
is there a package for pcap or libpcap
or do i have to download the source and compile
shadrock


libpcap is in base, see man pcap. It lives in /usr/lib.

APU2/3/4 get ACPI GPIO & IOMMU support

[Noth]

Hi all,

  The PC Engines APU2/3/4 mainline firmware was updated this week and 
they've enabled ACPI GPIO calls as well as IOMMU support. I saw tech@ 
got a patch for apugpio in March, maybe it could be updated to use ACPI?


Link to firmware is here: 
https://pcengines.github.io/?utm_source=PC+Engines+Open+Source+Firmware+Release_campaign=8e5255d4da-EMAIL_CAMPAIGN_2019_05_10_09_20_COPY_01_medium=email_term=0_b9727cda45-8e5255d4da-48008233



Cheers,

Noth

Re: Postscript printer recommendations

[Noth]

On 13/07/2019 08:06, Jonathan Drews wrote:

Hi Folks:  I need some recommendations on what brand of printers will
work
with Ghostscript (Postscript). The cartridges for my 15 year old HP
Deskjet have gotten too expensive. I know Xerox makes some
Postscript printers. Are there any other manufactureres of Postscript
printers? I am running OpenBSD 6.5 as a desktop. Any advice would be
appreciated. Also, I just want to use printcap and lpd. I would like to
avoid CUPS. Kind Regards,
Jonathan



Brother appear to include PostScript in their printers, my HL-3170CDW 
certainly has it.

Re: [mark.kette...@xs4all.nl: Check your machdep.allowaperture setting]

[Noth]

On 12/06/2019 00:58, Marc Espie wrote:

I think this is generic enough to belong on misc@
- Forwarded message from Mark Kettenis  -

Date: Tue, 11 Jun 2019 19:54:04 +0200 (CEST)
From: Mark Kettenis 
To: t...@openbsd.org
Subject: Check your machdep.allowaperture setting

These days most OpenBSD users should have the machdep.allowaperture
sysctl set to 0 (the default).  Having it set to seomething else poses
security risks and can actually cause problems, in particular on
systems that have multiple GPUs where one of tha GPUs is supported by
inteldrm(4) or radeondrm(4) and the other isn't.

You'll only need to set machdep.allowaperture to a non-zero value if
inteldrm(4) or radeordrm(4) doesn't attach on your machine and you
can't use efifb(4) either.

- End forwarded message -

Well if you need brightness settings on current intel gpus via 
intel_backlight, it has to be set at 3 with no way around it. For 
laptops you're in trouble I guess!

Re: Duplicity & /etc/daily.local

[Noth]

On 22/05/2019 04:46, Patrick Wildt wrote:

On Mon, May 20, 2019 at 11:50:13PM +0200, Noth wrote:

Hi misc@,


   I'm trying to run daily backups to a sftp server for various VMs and
devices on my network, and want to use /etc/daily.local for this. I'm
calling this script from the daily.local file:

env 'GNUPG="/usr/local/bin/gpg" PASSPHRASE="mypassword"'
/root/duplicity-hostname.sh

but unfortunately duplicity can't find gnupg and errors out with this error
message:

Traceback (innermost last):
   File "/usr/local/bin/duplicity", line 1562, in 
 with_tempdir(main)
   File "/usr/local/bin/duplicity", line 1548, in with_tempdir
 fn()
   File "/usr/local/bin/duplicity", line 1387, in main
 action = commandline.ProcessCommandLine(sys.argv[1:])
   File "/usr/local/lib/python2.7/site-packages/duplicity/commandline.py", line 
1088, in ProcessCommandLine
 globals.gpg_profile = gpg.GPGProfile()
   File "/usr/local/lib/python2.7/site-packages/duplicity/gpg.py", line 92, in 
__init__
 self.gpg_version = self.get_gpg_version(globals.gpg_binary)
   File "/usr/local/lib/python2.7/site-packages/duplicity/gpg.py", line 107, in 
get_gpg_version
 res = gnupg.run(["--version"], create_fhs=["stdout"])
   File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", 
line 374, in run
 create_fhs, attach_fhs)
   File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", 
line 423, in _attach_fork_exec
 self._as_child(process, gnupg_commands, args)
   File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", 
line 462, in _as_child
 os.execvp(command[0], command)
   File "/usr/local/lib/python2.7/os.py", line 346, in execvp
 _execvpe(file, args)
   File "/usr/local/lib/python2.7/os.py", line 382, in _execvpe
 func(fullname, *argrest)
  OSError: [Errno 2] No such file or directory

GPGError: failed to determine gnupg version of None from


duplicity-hostname.sh content:

#!/bin/ksh
PASSPHRASE=mypassword
/usr/local/bin/duplicity incremental /var sftp://user@backuphost:/hostname/var
/usr/local/bin/duplicity incremental /etc sftp://user@backuphost:/hostname/etc
/usr/local/bin/duplicity incremental /root sftp://user@backuphost:/hostname/root

Can daily.local even handle this or is the environment too limited?

Cheers,

Noth


I have the same setup and it failed for me as well.  I somehow managed
to fix it by setting PATH and also exporting TERM:

PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games
TERM=xterm
export PATH TERM

And you should probably also do something like:

. /root/.passphrase
test -n "$PASSPHRASE" || exit 0
export PASSPHRASE

Patrick


Hello again,

  Sorry about the delay, I haven't been able to look at this till today.

So:

1. adding PATH does make duplicity find gpg. Thanks Antoine Jacoutot for 
the suggestion on getting the env mailed via cron.


2. Next issue is that the sftp connection fails, because it can't 
authenticate the host and wants confirmation on accepting the key. This 
is despite having copied the user public key to 
user/.ssh/.authorized_keys and tested using sftp user@hostname and sftp 
user@hostname.domain . Current state of the script is this:



#!/bin/ksh
export PASSPHRASE="mypassword"
export PATH=${PATH}:/usr/local/bin
/usr/local/bin/duplicity incremental 
--ssh-options="-oStrictHostKeyChecking=no" /var 
sftp://user@backuphost:/hostname/var


As you can see I'm passing the option so it doesn't ask for 
confirmation, but it still happens:



/usr/local/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:39: 
CryptographyDeprecationWarning: encode_point has been deprecated on 
EllipticCurvePublicNumbers and will be removed in a future version. Please use 
EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed 
point encoding.
  m.add_string(self.Q_C.public_numbers().encode_point())
/usr/local/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:92: 
CryptographyDeprecationWarning: Support for unsafe construction of public 
numbers from encoded data will be removed in a future version. Please use 
EllipticCurvePublicKey.from_encoded_point
  self.curve, Q_S_bytes
/usr/local/lib/python2.7/site-packages/paramiko/kex_ecdh_nist.py:103: 
CryptographyDeprecationWarning: encode_point has been deprecated on 
EllipticCurvePublicNumbers and will be removed in a future version. Please use 
EllipticCurvePublicKey.public_bytes to obtain both compressed and uncompressed 
point encoding.
  hm.add_string(self.Q_C.public_numbers().encode_point())
BackendException: ssh connection to dupuser@tombstone:22 failed: EOF when 
reading a line
The authenticity of host 'tombstone' can't be established.
SSH-ED25519 key fingerprint is fd:60:79:e6:d9:06:47:41:b6:54:19:63:9c:b0:d2:89.
Are 

Duplicity & /etc/daily.local

[Noth]

Hi misc@,


  I'm trying to run daily backups to a sftp server for various VMs and 
devices on my network, and want to use /etc/daily.local for this. I'm 
calling this script from the daily.local file:


env 'GNUPG="/usr/local/bin/gpg" PASSPHRASE="mypassword"' 
/root/duplicity-hostname.sh


but unfortunately duplicity can't find gnupg and errors out with this 
error message:


Traceback (innermost last):
  File "/usr/local/bin/duplicity", line 1562, in 
with_tempdir(main)
  File "/usr/local/bin/duplicity", line 1548, in with_tempdir
fn()
  File "/usr/local/bin/duplicity", line 1387, in main
action = commandline.ProcessCommandLine(sys.argv[1:])
  File "/usr/local/lib/python2.7/site-packages/duplicity/commandline.py", line 
1088, in ProcessCommandLine
globals.gpg_profile = gpg.GPGProfile()
  File "/usr/local/lib/python2.7/site-packages/duplicity/gpg.py", line 92, in 
__init__
self.gpg_version = self.get_gpg_version(globals.gpg_binary)
  File "/usr/local/lib/python2.7/site-packages/duplicity/gpg.py", line 107, in 
get_gpg_version
res = gnupg.run(["--version"], create_fhs=["stdout"])
  File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", line 
374, in run
create_fhs, attach_fhs)
  File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", line 
423, in _attach_fork_exec
self._as_child(process, gnupg_commands, args)
  File "/usr/local/lib/python2.7/site-packages/duplicity/gpginterface.py", line 
462, in _as_child
os.execvp(command[0], command)
  File "/usr/local/lib/python2.7/os.py", line 346, in execvp
_execvpe(file, args)
  File "/usr/local/lib/python2.7/os.py", line 382, in _execvpe
func(fullname, *argrest)
 OSError: [Errno 2] No such file or directory

GPGError: failed to determine gnupg version of None from


duplicity-hostname.sh content:

#!/bin/ksh
PASSPHRASE=mypassword
/usr/local/bin/duplicity incremental /var sftp://user@backuphost:/hostname/var
/usr/local/bin/duplicity incremental /etc sftp://user@backuphost:/hostname/etc
/usr/local/bin/duplicity incremental /root sftp://user@backuphost:/hostname/root

Can daily.local even handle this or is the environment too limited?

Cheers,

Noth

Re: 6.5 PowerPC Packages

[Noth]

On 09/05/2019 16:45, Andrew Luke Nesbit wrote:

On 09/05/2019 14:56, Allan Streib wrote:

Unless https://www.openbsd.org/plat.html is out of date, it doesn't look
like OpenBSD is currently supporting POWER8 or POWER9 plaftorms.

I wonder what is the best way to determine interest in getting OpenBSD
to work on POWER8/9?

My first thought is to ask around in the OpenBSD and OpenPOWER
communities.  Then to see if there is any natural rapport between them
Andrew


There was a massive thread on obtaining POWER8 hardware from IBM to 
support a porting of the OS three years ago. It amounted to IBM's 
opensource people not seeing it as viable because of lack of demand from 
their customers. I doubt this will change any time soon I'm afraid.


Cheers,

Noth

Re: Upgrade procedure (6.4 -> 6.5)

[Noth]

wonky, you pop the hood, look
around, see what's not right.  Grab a couple tools from the trunk
(included!) fix it, and be back on the road before the guy in the Luxury
car has figured out how to call for a tow truck.

Spend a little time learning OpenBSD, and you will find you can make it
do amazing things.

Nick.

The issue raised really is with the installer. Since KARL was 
introduced, 1300M for /usr (the default for 2.5-10G sized disks) isn't 
quite enough. I've had "run out of disk space" problems with the 
upgrader on 6.5 on a autopartitioned 15G SSD because of this. The 
defaults in disklabel need to change so that /usr gets 2G and /usr/X11R6 
is at 500M since that partition is never touched once installed and 
doesn't require 1G of space. I'm not at all convinced /usr/obj & 
/usr/src need partitions either if the computer isn't going to be used 
to run -current.


Noth

Re: Upgrade procedure (6.4 -> 6.5)

[Noth]

On 03/05/2019 10:48, Gonzalo L. Rodriguez wrote:

On Thu, 02 May 2019 at 11:46:20 +0200, Noth wrote:

On 02/05/2019 11:02, Consus wrote:

On 10:27 Thu 02 May, Markus Hennecke wrote:

Am 02.05.2019 um 09:52 schrieb Consus:

I've upgraded my systems from 6.4 to 6.5 without a glitch, but I see
that /etc/networks and some other files (like malloc.conf.5) are still
present, although there is no use for them in the new release.

Is there a reason why these files are not listed in "FIles to remove"?
Is there a way to track them? It's not like something gonna break, but
old configuration files (and manual pages) lying around can make
someone's life harder during the debug session.

Take a look at the sysutils/sysclean port.

That's pretty much how I discovered this. But I want to know the
"official" way. Maybe there is a reason why e.g. perl files are to be
removed, but man pages are not.


I set up a script for sysclean:

cat sysclean65.txt | while read line ; do rm -rf "${line}" ; done

You probably want some /etc/sysclean.ignore bits before that
Agreed, thanks for the suggestion. Hadn't read the manpage properly, 
just for a change. With that you can just pipe sysclean's output to a 
delete script...

Re: Upgrade procedure (6.4 -> 6.5)

[Noth]

On 02/05/2019 11:02, Consus wrote:

On 10:27 Thu 02 May, Markus Hennecke wrote:

Am 02.05.2019 um 09:52 schrieb Consus:

I've upgraded my systems from 6.4 to 6.5 without a glitch, but I see
that /etc/networks and some other files (like malloc.conf.5) are still
present, although there is no use for them in the new release.

Is there a reason why these files are not listed in "FIles to remove"?
Is there a way to track them? It's not like something gonna break, but
old configuration files (and manual pages) lying around can make
someone's life harder during the debug session.

Take a look at the sysutils/sysclean port.

That's pretty much how I discovered this. But I want to know the
"official" way. Maybe there is a reason why e.g. perl files are to be
removed, but man pages are not.


I set up a script for sysclean:

cat sysclean65.txt | while read line ; do rm -rf "${line}" ; done


sysclean65.txt is obtained by running sysclean -a >>sysclean65.txt . I 
don't run that line in sysclean65.sh because the files have to be 
reviewed to prevent deletion of any additional files you may have added, 
like certs or scripts.


HTH

Noth

Re: Migrating smtpd from OpenBSD 6.3 to 6.4 problems

[Noth]

On 24/04/2019 10:16, Bruno Flückiger wrote:

On 23.04., Noth wrote:

Hi,

   I'm trying to migrate my setups for smtpd+dovecot, and I'm about half
there. The scenario is this:

- OpenBSD client machines have smtpd set up to send the daily/weekly mails
to an address u...@example.org handled by central server also running smtpd

- Central server running OpenBSD with smtpd + dovecot for domain
example.org. Local mail is also delivered to u...@example.org

I can mail u...@example.org using the u...@example.org mail account, and
mail from 6.3 machines is still coming in, but I don't receive mail from the
6.4 machines. I'm a bit stumped as to what I've setup wrong here. Any
suggestions are welcome. All this was based on the old faq example that was
removed in 6.4. Dovecot config works fine.

Maillog is full of these errors: result="524 5.2.4 Mailing list expansion
problem"



Client machines smtpd.conf :

listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "maildir" maildir alias 

match from local for "example.org" action "relay"
match from local for local action "maildir"

Client machines aliases file has the root entry modified like thus:

root: u...@example.org


Server smtpd.conf:

queue compression

# pki setup
pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals


# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.org auth-optional
listen on egress port submission tls-require pki mail.example.org auth


# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

action "deliver" mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp -f
%{sender} %{rcpt}" virtual 
action "deliver_local" mda "/usr/libexec/mail.lmtp -d
unix:/var/dovecot/lmtp" alias 
action "relay" relay

match from any for domain  action "deliver"
match from any for local   action "deliver"
match from local for local action "deliver_local"


aliases file same as for clients

domain file:

example.org

virtuals:

ab...@example.org     u...@example.org
postmas...@example.org    u...@example.org
webmas...@example.org    u...@example.org
u...@example.org  vmail



I had the same problem. I believe the root cause was that there is a
forward(5) for root that redirects all mails to my regular user. Adding
an alias for root seems to confuse smtpd if there is already a .forward
file. My solution was to create an alias for my regular user. The chain
is now:

root -> user -> u...@example.net

Cheers,
Bruno

I ajusted my mail aliases file and removed the .forward file but still 
doesn't work, see my other response.

Re: Migrating smtpd from OpenBSD 6.3 to 6.4 problems

[Noth]

On 24/04/2019 02:13, Edgar Pettijohn wrote:

On Apr 23, 2019 6:35 PM, Noth  wrote:


On 23/04/2019 23:51, Edgar Pettijohn wrote:

On Apr 23, 2019 2:49 PM, Noth  wrote:

Hi,

     I'm trying to migrate my setups for smtpd+dovecot, and I'm about half
there. The scenario is this:

- OpenBSD client machines have smtpd set up to send the daily/weekly
mails to an address u...@example.org handled by central server also
running smtpd

- Central server running OpenBSD with smtpd + dovecot for domain
example.org. Local mail is also delivered to u...@example.org

I can mail u...@example.org using the u...@example.org mail account, and
mail from 6.3 machines is still coming in, but I don't receive mail from
the 6.4 machines. I'm a bit stumped as to what I've setup wrong here.
Any suggestions are welcome. All this was based on the old faq example
that was removed in 6.4. Dovecot config works fine.

Maillog is full of these errors: result="524 5.2.4 Mailing list
expansion problem"



Client machines smtpd.conf :

listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "maildir" maildir alias 

match from local for "example.org" action "relay"
match from local for local action "maildir"

Client machines aliases file has the root entry modified like thus:

root: u...@example.org


Server smtpd.conf:

queue compression

# pki setup
pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals


# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.org auth-optional
listen on egress port submission tls-require pki mail.example.org auth


# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

action "deliver" mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp -f
%{sender} %{rcpt}" virtual 
action "deliver_local" mda "/usr/libexec/mail.lmtp -d
unix:/var/dovecot/lmtp" alias 
action "relay" relay

match from any for domain  action "deliver"
match from any for local   action "deliver"
match from local for local action "deliver_local"


aliases file same as for clients

domain file:

example.org

virtuals:

ab...@example.org     u...@example.org
postmas...@example.org    u...@example.org
webmas...@example.org    u...@example.org
u...@example.org  vmail



Are the clients clients sending their mail and the server is having problems or 
vice versa?

Actually the error is 550 invalid recipient because of
r...@hostname.example.org instead of u...@example.org. Sorry about that


Follow the first example from smtpd.conf(5) and set up a "smart host relay" 
then set up the server to listen on 587 and authenticate. That should be the first step. 
I remember having a similar problem but I don't remember the exact solution.

Edgar


OK, using the example in the manpage for smtpd.conf, the client machines 
are able to send to the correct address using this:


listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "local" maildir alias 

match for local action "local"
match for any action "relay"


But the central server isn't able to process local mail ( I use 
/etc/daily as the test). Using the following config, all I get is :


Apr 24 12:19:56 hostname smtpd[35350]:  mda delivery 
evpid=0301bf137eed1f11 from=<> to= 
rcpt= user=vmail delay=0s result=PermFail 
stat=Error ("smtpd: mda command line could not be expanded: No such file 
or directory")


It seems to either have a problem with my virtual file or with the 
aliases one. I've tried redoing both to no avail. As you can see below I 
tried using a different local to local delivery method but that had the 
exact same error, which really puzzled me as no mda keyword is being 
invoked, just lmtp!



server conf (for tables, see above):

pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals

listen on lo0
listen on egress tls pki mail.example.org
listen on egress port submission tls-require pki mail.example.org auth 



action mda_with_aliases mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp 
-f %{sender} %{rcpt}" alias 

#action lmtp-local lmtp localhost:25 alias 
action mda_without_aliases mda "/usr/libexec/mail.lmtp -d 
/var/dovecot/lmtp -f %{sender} %{rcpt}" virtual 


match for local action mda_with_aliases
#match for local action lmtp-local
match from any for domain  action mda_without_aliases

Re: Migrating smtpd from OpenBSD 6.3 to 6.4 problems

[Noth]

On 23/04/2019 23:51, Edgar Pettijohn wrote:

On Apr 23, 2019 2:49 PM, Noth  wrote:

Hi,

   I'm trying to migrate my setups for smtpd+dovecot, and I'm about half
there. The scenario is this:

- OpenBSD client machines have smtpd set up to send the daily/weekly
mails to an address u...@example.org handled by central server also
running smtpd

- Central server running OpenBSD with smtpd + dovecot for domain
example.org. Local mail is also delivered to u...@example.org

I can mail u...@example.org using the u...@example.org mail account, and
mail from 6.3 machines is still coming in, but I don't receive mail from
the 6.4 machines. I'm a bit stumped as to what I've setup wrong here.
Any suggestions are welcome. All this was based on the old faq example
that was removed in 6.4. Dovecot config works fine.

Maillog is full of these errors: result="524 5.2.4 Mailing list
expansion problem"



Client machines smtpd.conf :

listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "maildir" maildir alias 

match from local for "example.org" action "relay"
match from local for local action "maildir"

Client machines aliases file has the root entry modified like thus:

root: u...@example.org


Server smtpd.conf:

queue compression

# pki setup
pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals


# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.org auth-optional
listen on egress port submission tls-require pki mail.example.org auth


# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

action "deliver" mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp -f
%{sender} %{rcpt}" virtual 
action "deliver_local" mda "/usr/libexec/mail.lmtp -d
unix:/var/dovecot/lmtp" alias 
action "relay" relay

match from any for domain  action "deliver"
match from any for local   action "deliver"
match from local for local action "deliver_local"


aliases file same as for clients

domain file:

example.org

virtuals:

ab...@example.org     u...@example.org
postmas...@example.org    u...@example.org
webmas...@example.org    u...@example.org
u...@example.org  vmail



Are the clients clients sending their mail and the server is having problems or 
vice versa?
Actually the error is 550 invalid recipient because of 
r...@hostname.example.org instead of u...@example.org. Sorry about that

Re: Migrating smtpd from OpenBSD 6.3 to 6.4 problems

[Noth]

On 23/04/2019 23:51, Edgar Pettijohn wrote:

On Apr 23, 2019 2:49 PM, Noth  wrote:

Hi,

   I'm trying to migrate my setups for smtpd+dovecot, and I'm about half
there. The scenario is this:

- OpenBSD client machines have smtpd set up to send the daily/weekly
mails to an address u...@example.org handled by central server also
running smtpd

- Central server running OpenBSD with smtpd + dovecot for domain
example.org. Local mail is also delivered to u...@example.org

I can mail u...@example.org using the u...@example.org mail account, and
mail from 6.3 machines is still coming in, but I don't receive mail from
the 6.4 machines. I'm a bit stumped as to what I've setup wrong here.
Any suggestions are welcome. All this was based on the old faq example
that was removed in 6.4. Dovecot config works fine.

Maillog is full of these errors: result="524 5.2.4 Mailing list
expansion problem"



Client machines smtpd.conf :

listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "maildir" maildir alias 

match from local for "example.org" action "relay"
match from local for local action "maildir"

Client machines aliases file has the root entry modified like thus:

root: u...@example.org


Server smtpd.conf:

queue compression

# pki setup
pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals


# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.org auth-optional
listen on egress port submission tls-require pki mail.example.org auth


# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

action "deliver" mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp -f
%{sender} %{rcpt}" virtual 
action "deliver_local" mda "/usr/libexec/mail.lmtp -d
unix:/var/dovecot/lmtp" alias 
action "relay" relay

match from any for domain  action "deliver"
match from any for local   action "deliver"
match from local for local action "deliver_local"


aliases file same as for clients

domain file:

example.org

virtuals:

ab...@example.org     u...@example.org
postmas...@example.org    u...@example.org
webmas...@example.org    u...@example.org
u...@example.org  vmail



Are the clients clients sending their mail and the server is having problems or 
vice versa?


Both. The clients are sending to r...@hostname.example.org instead of 
u...@example.org and the server is refusing emails with the 524 error.

Migrating smtpd from OpenBSD 6.3 to 6.4 problems

[Noth]

Hi,

  I'm trying to migrate my setups for smtpd+dovecot, and I'm about half 
there. The scenario is this:


- OpenBSD client machines have smtpd set up to send the daily/weekly 
mails to an address u...@example.org handled by central server also 
running smtpd


- Central server running OpenBSD with smtpd + dovecot for domain 
example.org. Local mail is also delivered to u...@example.org


I can mail u...@example.org using the u...@example.org mail account, and 
mail from 6.3 machines is still coming in, but I don't receive mail from 
the 6.4 machines. I'm a bit stumped as to what I've setup wrong here. 
Any suggestions are welcome. All this was based on the old faq example 
that was removed in 6.4. Dovecot config works fine.


Maillog is full of these errors: result="524 5.2.4 Mailing list 
expansion problem"




Client machines smtpd.conf :

listen on lo0

table aliases file:/etc/mail/aliases

action "relay" relay host "smtp://mail.example.org" tls no-verify
action "maildir" maildir alias 

match from local for "example.org" action "relay"
match from local for local action "maildir"

Client machines aliases file has the root entry modified like thus:

root: u...@example.org


Server smtpd.conf:

queue compression

# pki setup
pki mail.example.org cert "/etc/ssl/mail.example.org.crt"
pki mail.example.org key "/etc/ssl/private/mail.example.org.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd passwd:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals


# listen ports setup
listen on lo0
listen on egress port 25 tls pki mail.example.org auth-optional
listen on egress port submission tls-require pki mail.example.org auth 



# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

action "deliver" mda "/usr/libexec/mail.lmtp -d /var/dovecot/lmtp -f 
%{sender} %{rcpt}" virtual 
action "deliver_local" mda "/usr/libexec/mail.lmtp -d 
unix:/var/dovecot/lmtp" alias 

action "relay" relay

match from any for domain  action "deliver"
match from any for local   action "deliver"
match from local for local action "deliver_local"


aliases file same as for clients

domain file:

example.org

virtuals:

ab...@example.org     u...@example.org
postmas...@example.org    u...@example.org
webmas...@example.org    u...@example.org
u...@example.org  vmail

Re: X hangs again while on integrated

[Noth]

On 23/04/2019 17:42, Paco Esteban wrote:

On Tue, 23 Apr 2019, Gregory Edigarov wrote:


Hello misc@

it happens with no traces in logs.

most of the time while in chromium, but in firefox too. (with firefox it
just needs more time)

Same here on  i5-6500 (Intel HD Graphics 530). I've  noticed it since my
last snapthot upgrade.


Not seeing it on my i7-6550U (Intel HD Graphics 520) OpenBSD 6.5-current 
(GENERIC.MP) #20: Mon Apr 22 16:43:36 MDT 2019

Re: Dmesg for Dell XPS 9370 second edition

[Noth]

On 14/04/2019 23:30, Mike Larkin wrote:

On Sun, Apr 14, 2019 at 11:18:26PM +0200, Noth wrote:

Works: audio, brightness (with intel_backlight), touchpad (once you turn off
dwiic* in kernel), Xorg

Doesn't work: suspend, hibernate, wifi


hibernate and suspend might have been fixed after this snapshot.


hibernate and suspend work with the 19th of April snapshot! Thanks for 
the heads up!

Re: GNOME extensions won't load in 6.5

[Noth]

Please disregard, after a reboot, it all now loads, not that of course 
the sensor based extensions function but they can be tweaked to support 
OpenBSD instead of Linux, I'm sure.


Sorry for the noise,

Noth

On 15/04/2019 08:26, Noth wrote:

Hi,

  I'm trying to extend the GNOME desktop with some extensions 
(openweather, freon, dash-to-dock, no-title-bar). I installed the 
chrome-shell-extension package and the gnome plugin for both firefox 
and iridium and yet the https://extensions.gnome.org site complains it 
can't talk to the desktop. I've tried installing manually to 
~/.local/share/gnome-shell/extensions/ the various zip archive 
contents, respecting directory names so they match the extension's 
name in metadata.json. Only OpenWeather has worked so far, I can't 
work out why the others aren't showing up in gnome-tweaks. Googling 
barely got me anywhere apart from information on manually installing.


Hopefully someone has an idea how to fix this? Haven't tried gnome on 
openbsd in a couple of years so don't remember if the extensions 
worked or not back then.


Cheers,

Noth

GNOME extensions won't load in 6.5

[Noth]

Hi,

  I'm trying to extend the GNOME desktop with some extensions 
(openweather, freon, dash-to-dock, no-title-bar). I installed the 
chrome-shell-extension package and the gnome plugin for both firefox and 
iridium and yet the https://extensions.gnome.org site complains it can't 
talk to the desktop. I've tried installing manually to 
~/.local/share/gnome-shell/extensions/ the various zip archive contents, 
respecting directory names so they match the extension's name in 
metadata.json. Only OpenWeather has worked so far, I can't work out why 
the others aren't showing up in gnome-tweaks. Googling barely got me 
anywhere apart from information on manually installing.


Hopefully someone has an idea how to fix this? Haven't tried gnome on 
openbsd in a couple of years so don't remember if the extensions worked 
or not back then.


Cheers,

Noth

Dmesg for Dell XPS 9370 second edition

[Noth]

Works: audio, brightness (with intel_backlight), touchpad (once you turn 
off dwiic* in kernel), Xorg


Doesn't work: suspend, hibernate, wifi

OpenBSD 6.5 (GENERIC.MP) #857: Thu Apr 11 08:02:35 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16864186368 (16082MB)
avail mem = 16343445504 (15586MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xe (94 entries)
bios0: vendor Dell Inc. version "1.8.1" date 02/14/2019
bios0: Dell Inc. XPS 13 9370
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT BOOT SSDT HPET SSDT UEFI 
SSDT LPIT SSDT SSDT SSDT SSDT DBGP DBG2 SSDT SSDT MSDM SLIC NHLT TPM2 ASF! DMAR 
BGRT
acpi0: wakeup devices PXSX(S4) RP09(S4) PXSX(S4) RP10(S4) PXSX(S4) RP11(S4) 
PXSX(S4) RP12(S4) PXSX(S4) RP13(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) 
PXSX(S4) RP03(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3393.07 MHz, 06-8e-0a
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 23MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3392.09 MHz, 06-8e-0a
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 4 (application processor)
cpu2: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3392.09 MHz, 06-8e-0a
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 6 (application processor)
cpu3: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3392.09 MHz, 06-8e-0a
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 3, package 0
cpu4 at mainbus0: apid 1 (application processor)
cpu4: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3392.09 MHz, 06-8e-0a
cpu4: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu4: 256KB 64b/line 8-way L2 cache
cpu4: smt 1, core 0, package 0
cpu5 at mainbus0: apid 3 (application processor)
cpu5: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz, 3318.31 MHz, 06-8e-0a
cpu5: 

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

Sorry about that, I totally messed up the names. I want to thank jcs@ 
not jostein@ and the github link is 
https://github.com/jcs/intel_backlight_fbsd . I somehow included a 
totally irrelevant youtube channel I don't even remember clicking.


My apologies,

Noth

On 14/04/2019 05:05, Alessandro De Laurenzis wrote:

Hello Noth,

Could you please double check the two links you posted? It seems that 
the first page doesn't exist and the second one is not relevant...


Thanks

--
Alessandro

Il 14 aprile 2019 00:33:14 CEST, Noth  ha 
scritto:


Thanks to jostein@ on #openbsd, I now have a working touchpad. All it
took was disabling dwiic* in the kernel, and then both the touchpad
(wsmouse0) and touchscreen (wsmouse1) work.

I was also pointed by mlarkin to the intel_backlight
(https://github.com/jostein/intel_backlight_fbsd  ) command which works
perfectly.

So with just one tweak and an extra userland command, the Dell XPS 9350
works 100% under OpenBSD:

- suspend works

- hibernation works

- sound works

- Xorg works, with brightness ajustments possible

- wifi works once you switch out the wifi chip

If you like 13" 3200x1800 screens in a 11.6" size laptop, I can only but
recommend this model.

<https://www.youtube.com/channel/UCkZr2mbA4EbQdSprBgQpb9g>

I also tried the same fixes on the XPS 9370, and got the same succesful
result. However suspend & hibernation don't work for the time being.


    Cheers,

Noth

On 13th/04/2019 17:44, Noth wrote:

It worked around 6.1 but no longer does, Xorg stopped working
with 6.2 and only just started working with the snapshot I
tried yesterday. I hadn't updated in 1-2 months, so not sure
when the fix went in for inteldrm. On 13/04/2019 17:06, joshua
stein wrote:

On 13/04/2019 16:49, Noth wrote:

Hello again,    I updated to the latest snapshot
and now Xorg works! But it has a caveat, the
pointer device detected is the touchscreen not the
touchpad. It's assigned device wsmouse0 and ums1
doesn't seem to recognize the touchpad anymore so
no wsmouse1. I've tested this on the XPS 13 9350
and my new 9370. Same results on both (do make
sure you have the latest firmware installed via
fw_update). 


Did the touchpad ever work or is this a recent regression?

dwiic0 at pci0 dev 21 function 0 "Intel 100 Series
I2C" rev 0x21: apic 2 int 16 iic0 at dwiic0 dwiic1 at
pci0 dev 21 function 1 "Intel 100 Series I2C" rev
0x21: apic 2 int 17 iic1 at dwiic1 ihidev0 at iic1
addr 0x2cdwiic1: timed out reading remaining 29 ,
failed fetching initial HID descriptor 

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

Thanks to jostein@ on #openbsd, I now have a working touchpad. All it 
took was disabling dwiic* in the kernel, and then both the touchpad 
(wsmouse0) and touchscreen (wsmouse1) work.


I was also pointed by mlarkin to the intel_backlight 
(https://github.com/jostein/intel_backlight_fbsd ) command which works 
perfectly.


So with just one tweak and an extra userland command, the Dell XPS 9350 
works 100% under OpenBSD:


- suspend works

- hibernation works

- sound works

- Xorg works, with brightness ajustments possible

- wifi works once you switch out the wifi chip

If you like 13" 3200x1800 screens in a 11.6" size laptop, I can only but 
recommend this model.


<https://www.youtube.com/channel/UCkZr2mbA4EbQdSprBgQpb9g>

I also tried the same fixes on the XPS 9370, and got the same succesful 
result. However suspend & hibernation don't work for the time being.



Cheers,

Noth

On 13th/04/2019 17:44, Noth wrote:
It worked around 6.1 but no longer does, Xorg stopped working with 6.2 
and only just started working with the snapshot I tried yesterday. I 
hadn't updated in 1-2 months, so not sure when the fix went in for 
inteldrm.


On 13/04/2019 17:06, joshua stein wrote:

On 13/04/2019 16:49, Noth wrote:

Hello again,

   I updated to the latest snapshot and now Xorg works! But it has a
caveat, the pointer device detected is the touchscreen not the 
touchpad.

It's assigned device wsmouse0 and ums1 doesn't seem to recognize the
touchpad anymore so no wsmouse1. I've tested this on the XPS 13 
9350 and

my new 9370. Same results on both (do make sure you have the latest
firmware installed via fw_update).

Did the touchpad ever work or is this a recent regression?

dwiic0 at pci0 dev 21 function 0 "Intel 100 Series I2C" rev 0x21: 
apic 2 int

16
iic0 at dwiic0
dwiic1 at pci0 dev 21 function 1 "Intel 100 Series I2C" rev 0x21: 
apic 2 int

17
iic1 at dwiic1
ihidev0 at iic1 addr 0x2cdwiic1: timed out reading remaining 29
, failed fetching initial HID descriptor

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

It worked around 6.1 but no longer does, Xorg stopped working with 6.2 
and only just started working with the snapshot I tried yesterday. I 
hadn't updated in 1-2 months, so not sure when the fix went in for inteldrm.


On 13/04/2019 17:06, joshua stein wrote:

On 13/04/2019 16:49, Noth wrote:

Hello again,

   I updated to the latest snapshot and now Xorg works! But it has a
caveat, the pointer device detected is the touchscreen not the touchpad.
It's assigned device wsmouse0 and ums1 doesn't seem to recognize the
touchpad anymore so no wsmouse1. I've tested this on the XPS 13 9350 and
my new 9370. Same results on both (do make sure you have the latest
firmware installed via fw_update).

Did the touchpad ever work or is this a recent regression?


dwiic0 at pci0 dev 21 function 0 "Intel 100 Series I2C" rev 0x21: apic 2 int
16
iic0 at dwiic0
dwiic1 at pci0 dev 21 function 1 "Intel 100 Series I2C" rev 0x21: apic 2 int
17
iic1 at dwiic1
ihidev0 at iic1 addr 0x2cdwiic1: timed out reading remaining 29
, failed fetching initial HID descriptor

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

uot;Intel 100 Series PMC" rev 0x21 at pci0 dev 31 function 2 not configured
azalia0 at pci0 dev 31 function 3 "Intel 100 Series HD Audio" rev 0x21: msi
azalia0: codecs: Realtek/0x0256, Intel/0x2809, using Realtek/0x0256
audio0 at azalia0
ichiic0 at pci0 dev 31 function 4 "Intel 100 Series SMBus" rev 0x21: 
apic 2 int 16

iic2 at ichiic0
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
vmm0 at mainbus0: VMX/EPT
efifb at mainbus0 not configured
ugen0 at uhub0 port 3 "Intel Bluetooth" rev 2.00/0.01 addr 2
uhidev0 at uhub0 port 4 configuration 1 interface 0 "ELAN Touchscreen" 
rev 2.00/11.12 addr 3

uhidev0: iclass 3/0, 68 report ids
ums0 at uhidev0 reportid 1: 1 button, tip
wsmouse0 at ums0 mux 0
uhid0 at uhidev0 reportid 2: input=64, output=0, feature=0
uhid1 at uhidev0 reportid 3: input=0, output=31, feature=0
uhid2 at uhidev0 reportid 4: input=19, output=0, feature=0
uhid3 at uhidev0 reportid 10: input=0, output=0, feature=1
ums1 at uhidev0 reportid 68
ums1: mouse has no X report
uvideo0 at uhub0 port 5 configuration 1 interface 0 
"CKFEH41I385010011932 Integrated_Webcam_HD" rev 2.01/48.14 addr 4

video0 at uvideo0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
softraid0: sd1 was not shutdown properly
sd1 at scsibus4 targ 1 lun 0:  SCSI2 0/direct fixed
sd1: 243192MB, 512 bytes/sector, 498057342 sectors
root on sd1a (e8047f3f3f75c8b9.a) swap on sd1b dump on sd1b
WARNING: / was not properly unmounted
iwm0: hw rev 0x200, fw ver 16.242414.0, address f0:d5:bf:79:2e:ad
error: [drm:pid76506:intel_dp_link_training_channel_equalization] 
*ERROR* 5.4 Gbps link rate without HBR2/TPS3 support


On 13/04/2019 16:49, Noth wrote:

Hello again,

  I updated to the latest snapshot and now Xorg works! But it has a 
caveat, the pointer device detected is the touchscreen not the 
touchpad. It's assigned device wsmouse0 and ums1 doesn't seem to 
recognize the touchpad anymore so no wsmouse1. I've tested this on the 
XPS 13 9350 and my new 9370. Same results on both (do make sure you 
have the latest firmware installed via fw_update).


Cheers,

Noth

On 03/03/2019 04:31, Bryan Avery wrote:

Thanks for the help, Fred. Unfortunately, I'm still getting a black
screen. I didn't previously have a ~/.xsession, but I created one with
the following contents:

export LANG=en_US.UTF-8
export ENV=$HOME/.kshrc
xrdb -merge $HOME/.Xresources
xsetroot -solid dimgray
xidle &
LANG= xclock -strftime "%a %e %b %Y %H:%M" &
xset b off
setxkbmap -option ctrl:nocaps
exec cwm

I also removed machdep.allowaperture=1 from /etc/sysctl.conf. When I
booted with this configuration, I got a black screen and the
Xorg.0.log gave:

[    13.242] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem
(Operation not permitted)
Check that you have set 'machdep.allowaperture=1'
in /etc/sysctl.conf and reboot your machine
refer to xf86(4) for details
[    13.242] linear framebuffer access unavailable
[    13.312] (--) Using wscons driver on /dev/ttyC4
[    13.370]
X.Org X Server 1.19.6
Release Date: 2017-12-20
[    13.370] X Protocol Version 11, Revision 0
[    13.370] Build Operating System: OpenBSD 6.4 amd64
[    13.370] Current Operating System: OpenBSD c12h17n2o4p.my.domain
6.4 GENERIC.MP#7 amd64
[    13.370] Build Date: 25 October 2018  11:39:05PM
[    13.370]
[    13.370] Current version of pixman: 0.34.0
[    13.370] Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[    13.370] Markers: (--) probed, (**) from config file, (==) 
default setting,

(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[    13.370] (==) Log file: "/var/log/Xorg.0.log", Time: Sat Mar  2
19:00:38 2019
[    13.372] (==) Using config directory: "/etc/X11/xorg.conf.d"
[    13.373] (==) Using system config directory
"/usr/X11R6/share/X11/xorg.conf.d"
[    13.374] (==) No Layout section.  Using the first Screen section.
[    13.374] (==) No screen section available. Using defaults.
[    13.374] (**) |-->Screen "Default Screen Section" (0)
[    13.374] (**) |   |-->Monitor ""
[    13.375] (==) No device specified for screen "Default Screen 
Section".

Using the first device section listed.
[    13.375] (**) |   |-->Device "drm"
[    13.375] (==) No monitor specified for screen "Default Screen 
Section".

Using a default monitor configuration.
[    13.375] (==) Automatically adding devices
[    13.375] (==) Automatically enabling devices
[    13.375] (==) Not automatically adding GPU devices
[    13.375] (==) Max clients allowed: 256, resource mask: 0x1f
[    13.382] (==) FontPath set to:
/usr/X11R6/lib/X11/fonts/misc/,

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

Hello again,

  I updated to the latest snapshot and now Xorg works! But it has a 
caveat, the pointer device detected is the touchscreen not the touchpad. 
It's assigned device wsmouse0 and ums1 doesn't seem to recognize the 
touchpad anymore so no wsmouse1. I've tested this on the XPS 13 9350 and 
my new 9370. Same results on both (do make sure you have the latest 
firmware installed via fw_update).


Cheers,

Noth

On 03/03/2019 04:31, Bryan Avery wrote:

Thanks for the help, Fred. Unfortunately, I'm still getting a black
screen. I didn't previously have a ~/.xsession, but I created one with
the following contents:

export LANG=en_US.UTF-8
export ENV=$HOME/.kshrc
xrdb -merge $HOME/.Xresources
xsetroot -solid dimgray
xidle &
LANG= xclock -strftime "%a %e %b %Y %H:%M" &
xset b off
setxkbmap -option ctrl:nocaps
exec cwm

I also removed machdep.allowaperture=1 from /etc/sysctl.conf. When I
booted with this configuration, I got a black screen and the
Xorg.0.log gave:

[13.242] (WW) checkDevMem: failed to open /dev/xf86 and /dev/mem
(Operation not permitted)
Check that you have set 'machdep.allowaperture=1'
in /etc/sysctl.conf and reboot your machine
refer to xf86(4) for details
[13.242] linear framebuffer access unavailable
[13.312] (--) Using wscons driver on /dev/ttyC4
[13.370]
X.Org X Server 1.19.6
Release Date: 2017-12-20
[13.370] X Protocol Version 11, Revision 0
[13.370] Build Operating System: OpenBSD 6.4 amd64
[13.370] Current Operating System: OpenBSD c12h17n2o4p.my.domain
6.4 GENERIC.MP#7 amd64
[13.370] Build Date: 25 October 2018  11:39:05PM
[13.370]
[13.370] Current version of pixman: 0.34.0
[13.370] Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[13.370] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[13.370] (==) Log file: "/var/log/Xorg.0.log", Time: Sat Mar  2
19:00:38 2019
[13.372] (==) Using config directory: "/etc/X11/xorg.conf.d"
[13.373] (==) Using system config directory
"/usr/X11R6/share/X11/xorg.conf.d"
[13.374] (==) No Layout section.  Using the first Screen section.
[13.374] (==) No screen section available. Using defaults.
[13.374] (**) |-->Screen "Default Screen Section" (0)
[13.374] (**) |   |-->Monitor ""
[13.375] (==) No device specified for screen "Default Screen Section".
Using the first device section listed.
[13.375] (**) |   |-->Device "drm"
[13.375] (==) No monitor specified for screen "Default Screen Section".
Using a default monitor configuration.
[13.375] (==) Automatically adding devices
[13.375] (==) Automatically enabling devices
[13.375] (==) Not automatically adding GPU devices
[13.375] (==) Max clients allowed: 256, resource mask: 0x1f
[13.382] (==) FontPath set to:
/usr/X11R6/lib/X11/fonts/misc/,
/usr/X11R6/lib/X11/fonts/TTF/,
/usr/X11R6/lib/X11/fonts/OTF/,
/usr/X11R6/lib/X11/fonts/Type1/,
/usr/X11R6/lib/X11/fonts/100dpi/,
/usr/X11R6/lib/X11/fonts/75dpi/
[13.382] (==) ModulePath set to "/usr/X11R6/lib/modules"
[13.383] (II) The server relies on wscons to provide the list of
input devices.
If no devices become available, reconfigure wscons or disable AutoAddDevices.
[13.383] (II) Loader magic: 0x35f44c71000
[13.383] (II) Module ABI versions:
[13.383] X.Org ANSI C Emulation: 0.4
[13.383] X.Org Video Driver: 23.0
[13.383] X.Org XInput driver : 24.1
[13.383] X.Org Server Extension : 10.0
[13.383] (--) PCI:*(0:0:2:0) 8086:1916:1028:0704 rev 7, Mem @
0xdb00/16777216, 0x9000/268435456, I/O @ 0xf000/64
[13.383] (II) LoadModule: "glx"
[13.386] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so
[13.400] (II) Module glx: vendor="X.Org Foundation"
[13.400] compiled for 1.19.6, module version = 1.0.0
[13.400] ABI class: X.Org Server Extension, version 10.0
[13.400] (II) LoadModule: "intel"
[13.400] (II) Loading /usr/X11R6/lib/modules/drivers/intel_drv.so
[13.405] (II) Module intel: vendor="X.Org Foundation"
[13.405] compiled for 1.19.6, module version = 2.99.916
[13.405] Module class: X.Org Video Driver
[13.405] ABI class: X.Org Video Driver, version 23.0
[13.405] (II) intel: Driver for Intel(R) Integrated Graphics Chipsets:
i810, i810-dc100, i810e, i815, i830M, 845G, 854, 852GM/855GM, 865G,
915G, E7221 (i915), 915GM, 945G, 945GM, 945GME, Pineview GM,
Pineview G, 965G, G35, 965Q, 946GZ, 965GM, 965GME/GLE, G33, Q35, Q33,
GM45, 4 Series, G45/G43, Q45/Q43, G41, B43
[13.406] (II) intel: Driver for Intel(R) HD Graphics: 2000-6000
[13.406] (II) intel: Driver for Intel(R) Iris(TM) Graphics: 5100, 6100
[13.406] (II) i

Re: GMA500 drivers

[Noth]

On 25/03/2019 09:44, Jonathan Gray wrote:

On Mon, Mar 25, 2019 at 07:50:30AM +, Maurice McCarthy wrote:

On 23/03/2019, Normen Wohner  wrote:

I have now successfully installed OpenBSD
on my Netbook, however Graphics performance
is abysmal.
I know that sadly Linux uses binary blobs for
the GMA500 as it is a licensed Powervr chip.
Any idea on how to "maybe" get faster graphics
working?
I'm willing to do the legwork.


I assume you've tried fw_update to attempt from firmware.openbsd.org ?!

As it is not listed in man 4 intel (don't know how up to date that is)
maybe someone is already porting the firmware driver from freebsd.
Otherwise I'd guess you would have to port a linux driver yourself.

Best Wishes


There is a GPLv2 driver in linux.
"experimental 2D KMS framebuffer driver for the Intel GMA500 ('Poulsbo')
and other Intel IMG based graphics devices"

No one is looking at adding support for obscure Intel PowerVR parts from
over ten years ago with no documentation and incomplete and badly
licensed code.  Running fw_update won't change that.

You've bought the wrong netbook. GMA500 is a disaster of a chip that 
never performed as advertised, even using the Windows driver (which had 
a few rewrites by Intel but never satisfied the customer base, you'll 
find plenty of griping about it on various forums). Sell it off and get 
a model that has a chipset that was actually made by Intel, not 
licensed. There's plenty to choose from if you're into 2010 equipment. 
That's the legwork you need to achieve I'm afraid.

Re: Black screen when starting Xorg with Dell XPS 13 9350

[Noth]

The problem is with the ACPI stack, it's known not to work with this 
laptop (I have the same one). It worked for one release (6.1 iirc) and 
then a regression was introduced that stopped it from working.


hth

Noth

On 03/03/2019 01:01, Fred Crowson wrote:

do you have an .xsession file in your /home/ directory?

machdep.allowaperture=1 should not be needed for xenodm to work...

I once had a similar issue where the X server would start with a black
screen until I toggled either the keyboard brightness setting or the
keyboard shortcut for internal / external monitor.

hth

Fred

On Sat, 2 Mar 2019 at 23:13, Bryan Avery  wrote:

I have been unable to start X with a new install of OpenBSD on my
laptop. I am a beginner with OpenBSD. This is a Skylake laptop with
Intel 520 QHD graphics. During boot, the console shows with underscan,
then the resolution increases (but is still less than native), then
goes black upon starting Xorg. If I disable xenodm, the console is
visible and I am able to login on the laptop. The first time I enabled
and started xenodm, the screen went black. I was able to connect
through SSH and retrieve the Xorg.0.log which told me to add
machdep.allowaperture=1 to /etc/sysctl.conf which I did, but the
screen went black again after I rebooted. I am not able to understand
what went wrong from looking at the dmesg and Xorg.0.log. I have
tested this with and without a config in /etc/X11/xorg.conf.d and get
the same result. I am currently using /etc/X11/xorg.conf.d/intel.conf
with contents:

Section "Device"
   Identifier "drm"
   Driver "intel"
   Option "TearFree" "true"
EndSection

dmesg:

OpenBSD 6.4 (GENERIC.MP) #7: Thu Feb 28 18:56:25 CET 2019
 
r...@syspatch-64-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8433565696 (8042MB)
avail mem = 8168701952 (7790MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xe (94 entries)
bios0: vendor Dell Inc. version "1.9.0" date 08/31/2018
bios0: Dell Inc. XPS 13 9350
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT LPIT SSDT SSDT
SSDT DBGP DBG2 SSDT BOOT SSDT UEFI SSDT MSDM SSDT SLIC TCPA DMAR BGRT
ASF!
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4)
PEG2(S4) PXSX(S4) RP09(S4) PXSX(S4) RP10(S4) PXSX(S4) RP11(S4)
PXSX(S4) RP12(S4) PXSX(S4) RP13(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2295.40 MHz, 06-4e-03
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 23MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2294.66 MHz, 06-4e-03
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2294.65 MHz, 06-4e-03
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2294.65 MHz, 06-4e-03
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,D

Re: Xorg hangs on startup (skylake)

[Noth]

On 10/03/18 12:29, Stefan Sperling wrote:

On Sat, Mar 10, 2018 at 02:18:16PM +0300, abi wrote:

Hello,

I'm new to OpenBSD, but I'm old FreeBSD user. I've installed

OpenBSD 6.2 to XPS 13 /Skylake/ laptop (it runs FreeBSD with unsignificant
issues).

However, the system hangs (blackscreen, hard shutdown required) after startx
command.

Please try a -current snapshot.

Latest snapshot still has this bug. It's ongoing since 6.2 was 
introduced unfortunately.

Re: Black screen when starting Xorg with new laptop.

[Noth]

Can you boot without X running, copy /var/log/Xorg.0.log and dmesg to a 
usb stick or another machine and then upload those to this thread? This 
is an ongoing acpi issue with inteldrm I believe, it stopped working in 
6.2 for Skylake and newer intel GPUs. No change in sight...



Noth


On 26/02/18 23:11, George Ramirez wrote:

Sadly this didn't work. I tried the keys for the screen brightness but
nothing changed.

On Thu, Feb 22, 2018 at 3:29 PM, Andrew <and...@quickstick.net> wrote:


On 02/22/18 09:27, George Ramirez wrote:


with intel 620 UHD graphics. At first, the console shows with underscan,
then the resolution changes to the native one, and finally it goes black.


It's a frustrating problem because there are no errors and it seemingly
doesn't work. I bet X is actually running properly but xbacklight
somehow ended up = 0. Tap the "brightness" key on your keyboard a couple
times and see if it illuminates the display properly. On my ThinkPad
it's [Fn]+[Home]. Also check out man xbacklight(1). Good luck !!!



[65.893] (--) checkDevMem: using aperture driver /dev/xf86
[65.912] (--) Using wscons driver on /dev/ttyC4
[65.931] 
X.Org X Server 1.19.6
Release Date: 2017-12-20
[65.931] X Protocol Version 11, Revision 0
[65.931] Build Operating System: OpenBSD 6.2 amd64 
[65.931] Current Operating System: OpenBSD ghost.nineinchnetworks.ch 6.2 GENERIC.MP#10 amd64
[65.931] Build Date: 21 February 2018  09:42:35PM
[65.931]  
[65.931] Current version of pixman: 0.34.0
[65.931] 	Before reporting problems, check http://wiki.x.org
	to make sure that you have the latest version.
[65.931] Markers: (--) probed, (**) from config file, (==) default setting,
	(++) from command line, (!!) notice, (II) informational,
	(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[65.931] (==) Log file: "/var/log/Xorg.0.log", Time: Tue Feb 27 00:01:56 2018
[65.932] (==) Using system config directory "/usr/X11R6/share/X11/xorg.conf.d"
[65.933] (==) No Layout section.  Using the first Screen section.
[65.933] (==) No screen section available. Using defaults.
[65.933] (**) |-->Screen "Default Screen Section" (0)
[65.933] (**) |   |-->Monitor ""
[65.934] (==) No monitor specified for screen "Default Screen Section".
	Using a default monitor configuration.
[65.934] (==) Automatically adding devices
[65.934] (==) Automatically enabling devices
[65.934] (==) Not automatically adding GPU devices
[65.934] (==) Max clients allowed: 256, resource mask: 0x1f
[65.940] (==) FontPath set to:
	/usr/X11R6/lib/X11/fonts/misc/,
	/usr/X11R6/lib/X11/fonts/TTF/,
	/usr/X11R6/lib/X11/fonts/OTF/,
	/usr/X11R6/lib/X11/fonts/Type1/,
	/usr/X11R6/lib/X11/fonts/100dpi/,
	/usr/X11R6/lib/X11/fonts/75dpi/
[65.940] (==) ModulePath set to "/usr/X11R6/lib/modules"
[65.940] (II) The server relies on wscons to provide the list of input devices.
	If no devices become available, reconfigure wscons or disable AutoAddDevices.
[65.940] (II) Loader magic: 0x137d86742000
[65.940] (II) Module ABI versions:
[65.940] 	X.Org ANSI C Emulation: 0.4
[65.940] 	X.Org Video Driver: 23.0
[65.940] 	X.Org XInput driver : 24.1
[65.940] 	X.Org Server Extension : 10.0
[65.941] (--) PCI:*(0:0:2:0) 8086:1916:1028:0704 rev 7, Mem @ 0xdb00/16777216, 0x9000/268435456, I/O @ 0xf000/64
[65.941] (II) LoadModule: "glx"
[65.942] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so
[65.952] (II) Module glx: vendor="X.Org Foundation"
[65.952] 	compiled for 1.19.6, module version = 1.0.0
[65.952] 	ABI class: X.Org Server Extension, version 10.0
[65.952] (==) Matched modesetting as autoconfigured driver 0
[65.952] (==) Assigned the driver to the xf86ConfigLayout
[65.952] (II) LoadModule: "modesetting"
[65.952] (II) Loading /usr/X11R6/lib/modules/drivers/modesetting_drv.so
[65.953] (II) Module modesetting: vendor="X.Org Foundation"
[65.953] 	compiled for 1.19.6, module version = 1.19.6
[65.953] 	Module class: X.Org Video Driver
[65.953] 	ABI class: X.Org Video Driver, version 23.0
[65.953] (II) modesetting: Driver for Modesetting Kernel Drivers: kms
[65.953] (**) modeset(0): claimed PCI slot 0@0:2:0
[65.953] (II) modeset(0): using default device
[65.954] (II) modeset(0): Creating default Display subsection in Screen section
	"Default Screen Section" for depth/fbbpp 24/32
[65.954] (==) modeset(0): Depth 24, (==) framebuffer bpp 32
[65.954] (==) modeset(0): RGB weight 888
[65.954] (==) modeset(0): Default visual is TrueColor
[65.954] (II) Loading sub module "glamoregl"
[65.954] (II) LoadModule: "glamoregl"
[65.955] (II) Loading /usr/X11R6/lib/modules/libglamoregl.so
[65.968] (II) Module glamoregl: vendor=&q

Re: Suggestions home server

[Noth]

On 14/12/17 20:40, Peter N. M. Hansteen wrote:

On Thu, Dec 14, 2017 at 07:23:51PM +0100, Oliver Marugg wrote:

The HPE Gen10 MicroServer (but BIOS only with contract or under warranty)
could be as a possible solution (does anyone using it with OpenBSD?).

The Gen8 works fine once you set the disk controller to plain SATA mode
instead of the default hardware raid mode.

Haven't had a chance to try the newer versions, but I wouldn't expect
any trouble

Unfortunately it's barely more powerful and the Marvell RAID/S-ATA 
controller seems to be really buggy on opensource OSes. And no iLO. It's 
closer to the G7 than the G8 in design. At least it does 32Gb of ram.


Next step up is the Supermicro, but it's also a step up in budget : 
https://www.supermicro.com/products/system/midtower/5028/SYS-5028D-TN4T.cfm 
128Gb of ram, and a Xeon-D 1541 included. It can be boosted to a Xeon 
1567 for 4 extra cores.


I decided to boost my MicroServer G8 to the max whilst I save up for the 
SuperMicro...


Noth

Re: Image viewer alternative to eog

[Noth]

geeqie is nice and old school.


On 25/11/17 20:51, x9p wrote:

Hi,

Is there a good/safe and light image viewer? Was used to eog, but it has
too many "vfprintf %s NULL" in messages. gimp is too big and good for play
with images, In need of smth fast.

cheers.

x9p

Re: l2tp and openbsd 6.1

[Noth]

Try pppx instead of pppx0, it'll work in pf.conf, including as a macro.


On 05/10/17 18:35, Charles Amstutz wrote:

This works as well:

Pass  in quick on pppx0
Pass out quick on pppx0


This doesn't work

Pass in quick on pppx0 from pppx0  as it complains there is no IP.  Assigning 
pppx0 to a variable doesn't work either. Neither does setting it to be dynamic.


-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of 
Charles Amstutz
Sent: Thursday, October 5, 2017 10:44 AM
To: 'misc@openbsd.org' 
Subject: Re: l2tp and openbsd 6.1

Here is a related but new question,


If pppx0 only exists when someone is vpn'ed in.  How do people handle this in 
pf?  If you don't define rules, packets get blocked on it. But if there is no 
connect, pf complains about pppx0 not having a firewall.

The only thing that seems to work is set skip on pppx0. But then no rules 
process on it.


Has anyone ran into this? how did you handle it.
  

Re: l2tp and openbsd 6.1

[Noth]

5.5, apart from no longer being supported, allows by default for weaker 
ciphers that aren't since 5.9. This was the release that broke android 
6.x/7.x configs if you didn't specify which mod group you wanted.



On 05/10/17 06:51, Vivek Vinod wrote:

I do not understand the question ‎but this may be connected...

My Wi-Fi uses AD (LDAP) auth with certificates‎. I set this up using some 
"guide" without understanding a thing. My IOS, Android and Mac clients connect 
without a hitch. Windows 10 do not.

To get my windows 10 to work, I have to copy over and install the ce‎rtificates 
from a previously connected Mac machine's keychain.

‎In your setup, can you check in your windows 10 certificate store if the necessary 
certificates (if any) have been installed? If not, try copying the certificates. This is 
windows 10 behaviour. It may or may not be related to "self signed 
certificates".

Again, I do not understand a thing. Sorry for the noise.

Please excuse my brevity. Sent from my handphone.
   Original Message
From: Vijay Sankar
Sent: Wednesday 4 October 2017 23:42
To: misc@openbsd.org
Subject: Re: l2tp and openbsd 6.1


Quoting Charles Amstutz :


Yes,

I would like to know this as well, it seems annoying that Android
8/4.x and IOS can connect, but not windows 10 (I haven't tried
earlier windows 10) and android 7.

Its either a user error (which I am willing to admit) or something
very annoying. Especially when my l2tp PSK windows server can accept
connections from anything it seems.

I would like to get this figured out.

I appreciate all of the suggestions, but I still can't get android 7
to connect, no matter which encryption, authentication or modp I use.

-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
Behalf Of lilit-aibolit
Sent: Wednesday, October 4, 2017 2:46 AM
To: misc@openbsd.org
Cc: Charles Amstutz ; yasu...@yasuoka.net
Subject: Re: l2tp and openbsd 6.1

Hi,
with l2tp I have situation when iOS  and Android devices could
connect but Windows 7 and Windows 10 couldn't.

Is it possible to adjust ipsec.conf somehow so it could accept
connection from Windows clients too?
Or is there a way to adjust some settings in Windows so it will work
with current ipsec.conf?

I also noticed that I have to add pass rule for tun0 to PF explicitly:
- pass on tun0 all
instead of having just:
- set skip on  { lo0, tun0 }

Here is ipsec.conf:

ike passive esp transport \
proto udp from a.b.x.y to any port 1701 \ main auth hmac-sha1 enc
aes group modp1024 \ quick auth hmac-sha1 enc aes \ psk "password"

Here is npppd.conf:
authentication LOCAL type local {
     users-file "/etc/npppd/npppd-users"
}
tunnel L2TP protocol l2tp {
     listen on x.x.y.y
}
ipcp IPCP {
     pool-address 192.168.222.2-192.168.222.254
     dns-servers 192.168.a.b
}
interface tun0  address 192.168.222.1 ipcp IPCP bind tunnel from
L2TP authenticated by LOCAL to tun0

Log from Android:

Oct  2 16:22:39 gw npppd[10826]: l2tpd ctrl=4 logtype=Started
RecvSCCRQ from=192.38.129.182:41634/udp tunnel_id=4/4667
protocol=1.0 winsize=1 hostname=anonymous vendor=(no vendorname)
firm= Oct  2 16:22:40 gw npppd[10826]: l2tpd ctrl=4 call=7962
logtype=PPPBind
ppp=3
Oct  2 16:22:41 gw npppd[10826]: ppp id=3 layer=base
logtype=TUNNELSTART user="xxx" duration=1sec layer2=L2TP
layer2from=192.38.129.182:41634
auth=MS-CHAP-V2  ip=192.168.222.110 iface=tun0 Oct  2 16:22:41 gw
/bsd: pipex: ppp=3 iface=tun0 protocol=L2TP id=7962 PIPEX is ready.
Oct  2 16:22:41 gw npppd[10826]: ppp id=3 layer=base Using pipex=yes

Log from IPhone6s:

Oct  2 16:13:13 gw isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got SHA2_256, expected SHA Oct  2 16:13:13 gw
isakmpd[24211]: attribute_unacceptable:
GROUP_DESCRIPTION: got MODP_2048, expected MODP_1024 Oct  2 16:13:13
gw isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got MD5, expected SHA
Oct  2 16:13:13 gw isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got SHA2_512, expected SHA Oct  2 16:13:13 gw
isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got SHA2_256, expected SHA Oct  2 16:13:13 gw
isakmpd[24211]: attribute_unacceptable:
GROUP_DESCRIPTION: got MODP_1536, expected MODP_1024 Oct  2 16:13:13
gw isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got MD5, expected SHA
Oct  2 16:13:13 gw isakmpd[24211]: attribute_unacceptable:
HASH_ALGORITHM: got SHA2_256, expected SHA Oct  2 16:13:14 gw
npppd[10826]: l2tpd ctrl=3 logtype=Started RecvSCCRQ
from=192.38.129.182:65367/udp tunnel_id=3/7 protocol=1.0 winsize=4
hostname=xxx-iPhone vendor=(no vendorname) firm= Oct  2 16:13:14
gw npppd[10826]: l2tpd ctrl=3 call=11161 logtype=PPPBind
ppp=2
Oct  2 16:13:18 gw npppd[10826]: ppp id=2 layer=base
logtype=TUNNELSTART user="xxx" duration=4sec layer2=L2TP
layer2from=192.38.129.182:65367
auth=MS-CHAP-V2  ip=192.168.222.110 iface=tun0 Oct  2 16:13:18 gw
/bsd: pipex: ppp=2 iface=tun0 protocol=L2TP 

Re: l2tp and openbsd 6.1

[Noth]

The problem is on Android 6.x/7.x that need to be rooted to change their 
ipsec settings to allow for higher encryption. The following works on 
those OSes:


cat ipsec.conf:

ike passive esp transport \
    proto udp from "publicip" to any port l2tp \
    main group "modp1024" \
    quick group "modp1024" \
    psk "yourpass"

It's bad, but what can you do? Google won't deal with it, and the 
vendors claim it would break current solutions. I've seen in debug that 
after a few tries Android would give the right aes2-256 keying but by 
then isakmpd was having none of it...


Cheers,

Noth


On 03/10/17 00:49, Charles Amstutz wrote:

Hello Sterling,

Thanks for the response. I changed it to

ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth "hmac-sha1" enc "aes-256" group modp1024\
quick auth "hmac-sha1" enc "aes-256" \
PSK "PSK-GOES-HERE"

and still no luck. I found out that Android 8 will connect (using aes).   I am 
dumpping pflog0 and seeing no blocks. However, that doesn't mean it still isn't 
a potential pf problem I guess. However, if IOS and android 8 would connect, I 
would think that would rule a pf problem?

Is there a way to turn on additional debugging?  I'm using isakmpd -K in 
rc.conf.local, so not using isakmpd.policy/.conf  (from my understanding)
Everything in /var/log/messages is just from npppd. Unless I'm reading it 
wrong, there doesn't appear to be any errors.



-Original Message-
From: Sterling Archer [mailto:deb...@gmail.com]
Sent: Monday, October 2, 2017 5:35 PM
To: Charles Amstutz <charl...@infinitesys.com>
Cc: misc@openbsd.org
Subject: Re: l2tp and openbsd 6.1

On Mon, Oct 2, 2017 at 10:03 PM, Charles Amstutz <charl...@infinitesys.com> 
wrote:

Hello everyone,

I'm new to this list and l2tp/openbsd (but do have working UNIX/Linux 
knowledge).  After searching the previous forum posts (and the internet) I have 
found a lot of information on l2tp ipsec.conf connection strings. However, I 
can't get android to connect. I keep getting IKE negotiation failed errors.

I've looked at sites such as:

http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-andro
id-601-ios.html
https://www.authbsd.com/blog/?p=20
http://daemonforums.org/showthread.php?t=10326
https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openb
sd-invalid_cookie/
https://man.openbsd.org/npppd.conf.5
https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for-
ios-and-osx/
https://marc.info/?l=openbsd-misc=145922338026396=2
https://marc.info/?l=openbsd-misc=145614573528471=2
https://www.mail-archive.com/misc@openbsd.org/msg145747.html
... etc


I can get IOS to connect, but I can't get android 7 to connect.  I've
read that android has bugs with the vpn client in 6.x and 7.x (not
sure if it is fixed in 8 or not). However, what is confusing is it
connections just fine To my windows l2tp server.  Bug tracker:
https://issuetracker.google.com/issues/37074640#c35


My goal: Setup openbsd to work with IOS/android/windows/whatever.

My questions.


1)  Can you have more than one ike line in ipsec.conf? from my presumption 
of looking at sites on the internet, you can, however, I am not sure.

https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless
it is just two examples


2)  Every time I read a site that says, "this configuration worked for me on 
android", it doesn't work for me. I presume it is my lack of understanding, though, 
I'm not ruling out the possible android bug.


I appreciate any help.



Here is my ipsec.conf (this allows IOS to connect)

public_ip = "x.x.x.x"



ike passive esp transport \

   proto udp from $public_ip to any port 1701 \

   main auth "hmac-sha1" enc "aes" group modp1024\

   quick auth "hmac-sha1" enc "aes" \

   psk "PSK-GOES-HERE"

 Here is my npppd.conf



authentication LOCAL type local {

 users-file "/etc/npppd/npppd-users"

}



tunnel L2TP protocol l2tp {

 listen on 0.0.0.0

 listen on ::

}



ipcp IPCP {

 pool-address 10.0.0.101-10.0.0.254

 dns-servers x.x.x.x

}



# use pppx(4) interface.  use an interface per a ppp session.

interface pppx0 address 10.0.0.1 ipcp IPCP

bind tunnel from L2TP authenticated by LOCAL to pppx0

I'm able to connect using a similar setup, but using aes-256 instead of aes as 
encoding in ipsec.conf.

--
:wq!

Re: How does dpb sign packages in 6.1 ?

[Noth]

Ok thanks Stuart & Marc, and of course I managed to pebkac through my 
ports update script... G.



On 05/04/17 10:43, Marc Espie wrote:

dpb no longer does.
Use pkg_sign(1) directly like sthen says.

Before, signing directly during pkg_create(1) made some sense, since
the archive was built just once with the signature inside.

Now that the signature is outside, there is no gain to having pkg_create(1)
sign directly, so that was scraped out.

How does dpb sign packages in 6.1 ?

[Noth]

Hi all,


  I'm trying to use dpb in 6.1-current, and my setup works till it 
tries to sign the package it makes and then fails with this message:



==>  Building package for bzip2-1.0.6p8
Create /data/packages/amd64/all/bzip2-1.0.6p8.tgz
^Mreading plist|ESC[KESC[K^Mchecking 
dependencies|ESC[KESC[K^Mchecksumming|ESC[KESC[K^MESC[13C | 
0%ESC[K^MESC[13C** | 3%ESC[K^MESC[15C* | 6%ESC[K^MESC[16C** | 
9%ESC[K^MESC[18C** | 11%ESC[K^MESC[20C** | 14%ESC[K^MESC[22C* | 
17%ESC[K^MESC[23C** | 20%ESC[K^MESC[25C** | 23%ESC[K^MESC[27C** | 
26%ESC[K^MESC[29C*| 
29%ESC[K^MESC[30C**  | 
31%ESC[K^MESC[32C**| 
34%ESC[K^MESC[34C**  | 
37%ESC[K^MESC[36C* | 
40%ESC[K^MESC[37C**   | 
43%ESC[K^MESC[39C** | 
46%ESC[K^MESC[41C**   | 
49%ESC[K^MESC[43C*  | 
51%ESC[K^MESC[44C**| 
54%ESC[K^MESC[46C**  | 
57%ESC[K^MESC[48C**| 
60%ESC[K^MESC[50C*   | 
63%ESC[K^MESC[51C** | 
66%ESC[K^MESC[53C**   | 
69%ESC[K^MESC[55C** | 71%ESC[K^MESC[57C*
| 74%ESC[K^MESC[58C**  | 77%ESC[K^MESC[60C** | 
80%ESC[K^MESC[62C**  | 83%ESC[K^MESC[64C* | 
86%ESC[K^MESC[65C**   | 89%ESC[K^MESC[67C** | 
91%ESC[K^MESC[69C**   | 94%ESC[K^MESC[71C*  | 
97%ESC[K^MESC[72C**|100%ESC[K^MESC[K^Marchiving|ESC[KESC[K^MESC[10C | 
0%ESC[K^MESC[10C | 1%ESC[K^MESC[10C* | 1%ESC[K^MESC[11C** | 
11%ESC[K^MESC[17C** | 15%ESC[K^MESC[19C* | 15%ESC[K^MESC[20C* | 
17%ESC[K^MESC[21C** | 
38%ESC[K^MESC[35C   | 
58%ESC[K^MESC[47C*  | 
59%ESC[K^MESC[48C**| 
63%ESC[K^MESC[50C*   | 
64%ESC[K^MESC[51C***|100%ESC[K^MESC[Kfile:/data/packages/amd64/tmp/bzip2-1.0.6p8.tgz: 
unsigned package (signify(1) doesn't see old-style signatures)

Fatal error: Bad package /data/packages/amd64/tmp/bzip2-1.0.6p8.tgz
 at /usr/ports/infrastructure/bin/register-plist line 527.
*** Error 1 in archivers/bzip2 
(/usr/ports/infrastructure/mk/bsd.port.mk:1895 
'/data/packages/amd64/all/bzip2-1.0.6p8.tgz')
*** Error 1 in archivers/bzip2 
(/usr/ports/infrastructure/mk/bsd.port.mk:2416 '_internal-package')
*** Error 1 in archivers/bzip2 
(/usr/ports/infrastructure/mk/bsd.port.mk:2396 'package')

===> Exiting archivers/bzip2 with an error
*** Error 1 in /usr/ports (infrastructure/mk/bsd.port.subdir.mk:147 
'package')

Error: job failed 256

I've updated my signify keys and placed them in $CHROOT/etc/signify. I 
can't work out what dpb is expecting now that we no longer have 
SIGNING_PARAMETERS in mk.conf .


Any ideas?

Cheers,

Noth

Re: DPB can't do it's job in 6.0

[Noth]

On 25/08/16 14:39, Marc Espie wrote:

On Fri, Aug 19, 2016 at 08:06:09PM +0200, Noth wrote:

Hi misc@


   I'm a bit disappointed with dpb in 6.0, I haven't tried the chrooting
stuff but was hoping it could still work as before. All I can get it to do
now is start downloading src tarballs, and more often than not fail at that
(manual make -j5 package will build anything). It can barely build anything,
much less x11/gnome. I'd love to know what I can to do rectify this...

That's shitty reporting.  Exactly zero useful info in there.

I'm impressed that my fellow developers did spend some time figuring
out all the stuff you didn't by yourself.

Thanks for wasting their time that they could have used to do something
useful instead.
I apologize for wasting your time but surely it should be indicated 
somewhere that some directories now need owning by _pfetch or _pbuild, 
or better they should have proper ownership when dpb is run as root (a 
check made on startup maybe?). I should have looked at the various logs 
beforehand I agree. I'll do better next time...


Yours sincerely,

Noth

Re: DPB can't do it's job in 6.0

[Noth]

On 22/08/16 17:29, trondd wrote:

On Mon, August 22, 2016 11:17 am, Noth wrote:

Once that's all sorted out building works as root with dpb subdir/port.
However I can't seem to make it use my list of ports to build, it just
complains about a bad pkgpath.

Where do you have the file containing the list?  Even on 5.9 you can't
have it in certain places (such as /root) because it'll interprete that as
a pkgpath.

Tim.



Hm it is in /root... If I move it to /home it's no longer an issue. Thanks!

Re: DPB can't do it's job in 6.0

[Noth]

OK I've worked out most of the problem: permissions and ownership of course!

/usr/ports/distfiles must be owned by _pfetch:_pfetch
/usr/ports/logs /usr/ports/packages /usr/ports/plist /usr/ports/pobj 
need to be owned by  _pbuild:_pbuild .


Also, if you're signing with your own key, it must also be owned by 
_pbuild:_pbuild .


Once that's all sorted out building works as root with dpb subdir/port. 
However I can't seem to make it use my list of ports to build, it just 
complains about a bad pkgpath. This functionality worked in 5.9, doesn't 
anymore, which is rather annoying.


Cheers,

Noth

DPB can't do it's job in 6.0

[Noth]

Hi misc@


  I'm a bit disappointed with dpb in 6.0, I haven't tried the chrooting 
stuff but was hoping it could still work as before. All I can get it to 
do now is start downloading src tarballs, and more often than not fail 
at that (manual make -j5 package will build anything). It can barely 
build anything, much less x11/gnome. I'd love to know what I can to do 
rectify this...



Cheers,


Noth

Re: OpenBSD on AMD Embedded G-Series T40E APU?

[Noth]

As of today, a new firmware is available on PC Engines' website that 
enables iPXE & SD card booting. Last feature missing is ECC Ram, 
hopefully we won't have to wait too long for that. I've flashed my 
APU2B4, seems to work fine.


Cheers,

Noth

Re: OpenBSD on AMD Embedded G-Series T40E APU?

[Noth]

On 03/07/16 20:07, Daniel Ouellet wrote:

On 3/7/16 1:55 PM, Theo de Raadt wrote:

On 3/7/16 12:43 PM, Noth wrote:

On 03/07/16 02:04, Theo de Raadt wrote:

Hey folks,

The website does not seem to have a lot of info on what CPUs are
supported.  I'm looking at this box for a home firewall with OpenBSD

http://www.corpshadow.biz/bizstore/apu1d-red-combo-kit-p-345.html?cPath=51


All of them work.


PC Engines APU models 1D & D4 and 2C2 & 2C4 are fully supported,
although you need -CURRENT or the upcoming 5.9 release to get the
correct identity of the thermal sensor. They're very good boxes for home
& SMB usage.

Not sure about the APU2b and c series yet.

The APU1* yes no issue, the 2* based on their own site it is not fully
working yet.

http://pcengines.ch/apu2b4.htm

But I do not have one for the 2* series to test, i have the previous
version.

Their site does show this clearly:

  BIOS is not feature complete yet, in particular -

• No boot from SD card.
• ECC not working yet.
• iPXE module not included yet.

So, this may need to be confirmed to be sure at 100%.

Do you have one of these boxes?

The original question was as to whether the cpu works.

Daniel, you are wrong.  The CPU works fine.  Furthermore, these
machines being talked about WORK COMPLETELY FINE.

Please stop the factless rumour mongering about hardware you don't have.

Not a rumor. That's why I asked as I said I didn't have one to test and
I can only go with what their site said. That's why I asked.

Sorry if that created confusion, but I am glad to know it is working.

I've beta tested the APU2 since November, and which features are 
complete, work flawlessly in OpenBSD.

Re: OpenBSD on AMD Embedded G-Series T40E APU?

[Noth]

On 03/07/16 02:04, Theo de Raadt wrote:

Hey folks,

The website does not seem to have a lot of info on what CPUs are
supported.  I'm looking at this box for a home firewall with OpenBSD

http://www.corpshadow.biz/bizstore/apu1d-red-combo-kit-p-345.html?cPath=51

All of them work.

PC Engines APU models 1D & D4 and 2C2 & 2C4 are fully supported, 
although you need -CURRENT or the upcoming 5.9 release to get the 
correct identity of the thermal sensor. They're very good boxes for home 
& SMB usage.


Cheers,

Noth

Dualbooting with GRUB in a UEFI environment

[Noth]

Hi misc@,

  I just cracked this and it doesn't seem to be well documented so I 
thought I'd stick it here.


My setup is a VAIO laptop dualbooting Ubuntu 16.04 and OpenBSD -CURRENT. 
I've got sd0a setup as a cryptoraid partition, so I needed a way to 
chainload into the OBSD bootloader to get a prompt to decrypt the 
partition. The following syntax in grub2 (say in /etc/grub.d/40_custom 
on the linux side) works:


menuentry 'OpenBSD/amd64 normal kernel' {
insmod part_gpt
insmod search_fs_uuid
insmod chain
chainloader (hd0,gpt1)/EFI/boot/BSD.BOOTX64.EFI
}
menuentry 'OpenBSD/amd64 ramdisk kernel' --class os {
set root='(hd0,gpt3)'
kopenbsd /bsd.rd
}

Don't forget to run update-grub after editing 40_custom. The gpt1 
partition corresponds to the EFI one that any OS using UEFI creates. You 
can name the BSD bootloader whatever you want with this, and put it in 
it's own dir if necessary. I have shimx64.efi renamed to bootx64.efi as 
my grub "preloader".


The second menu entry is for a bsd.rd placed in the ext2 /boot partition 
Linux uses to access it's kernel upon boot from grub. Many thanks to 
oldlaptop on Freenode for working out the grub2 syntax.


Cheers,

Noth

P.S: Don't CC me, I'm subscribed to the mailing list.

Re: Extend RAID 5

[Noth]

On 21/06/15 06:17, Nick Holland wrote:

On 06/20/15 14:48, LÉVAI Dániel wrote:

Hi!

I'm planning to replace my OpenBSD media center, and was going to test
the new [1] RAID 5 features and functions, but I'm really unexperienced
in this field. How does this work; can I create a 4 disks RAID5 array
(w/ bioctl(8)) and then later just add another disk, and fdisk+growfs?
[1] - http://marc.info/?l=openbsd-techm=142877132517229w=2

I think you did some creative reading of that posting.

Rebuild means (in this context) replacing a failed disk, not
reorganizing the array over more disks.  Adding new disks to an existing
RAID5 another task (if anyone is even considering it).


Can I create a RAID5(4 disks) and a RAID0(2 disks) array and then create
another RAID0 from these two former softraids?

you mean, making a RAID0 from combination of two other softraids?  Yes
and no -- you can do it, but they don't auto-assemble.  I've done this
with softraid mirrored disks providing an encrypted softraid disk.  The
mirror auto-assembles at boot, but the encrypted layer has to be
manually activated after boot.  So, if you have some data that you want
encrypted, this can work -- but the os will probably have to be on
non-encrypted space, and you will activate the encrypted space
post-boot.  Maybe that's useful to you, maybe not.  In general, I don't
like systems that don't boot to a fully-functional state on their own.

Nick.



Sorry to hijack the thread but when I read that RAID5 was coming I had 
to test it in a VM. Unfortunately the bootloader can't read the 
disklabel for sr0a (the whole OS is on a 3 disk RAID5 softraid disk). Is 
this normal at this stage?


Cheers,

Noth

Re: Softraid 1 takes forever to declare disk space free after delete

[Noth]

On 12/06/15 18:11, Joel Sing wrote:

On Saturday 13 June 2015, Joel Sing wrote:

On Friday 12 June 2015, Noth wrote:

Hi misc@

I've got a couple of softraid 1 volumes on a server and the /home one
was filling up a bit too much so I had to delete a bunch of isos and
other non necessary items. I did this yesterday and it still hasn't
cleared the disk space completely yet:

# bioctl -ih sd2
Volume  Status   Size Device
softraid0 0 Online   910G sd2 RAID1
0 Online   910G 0:0.0   noencl sd0d
1 Online   910G 0:1.0   noencl sd1d

# df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home

/home # du -sh
782G.

So there's a rather large disparity there! I've tried issuing sync
commands a few times over the past 24 hours but to no avail :

This has nothing to do with softraid - softraid is just a virtual HBA that
provides a SCSI block device, which you've then put a (presumably FFS) file
system on top of.

Okay, I'll soften this slightly - if you are actually using softdeps you may
be encountering an issue with softraid that is slowing/delaying the
background processing... I'll see if I can reproduce it here once you
confirm.


Is there any solution to this apart from waiting for days on end?

You did not actually give the output from mount(8), however I'm going to
guess - stop using softdeps?


That mail didn't make it through for some reason. Here's the mount -v :

/dev/sd2a on /home type ffs (rw, NFS exported, local, nodev, nosuid, 
softdep, ctime=Thu Jun 11 23:51:13 2015)


Also this partition is shared via NFS, SMBFS  AFP . I tried last night 
turning all of those off and issueing sync multiples times to no avail. 
I ended up rebooting but that's not a workable solution. Let me try 
remounting without softdeps and running the 1G file test again (that did 
clear... after 20 mins).

Re: Softraid 1 takes forever to declare disk space free after delete

[Noth]

On 12/06/15 14:57, Jan Stary wrote:

On Jun 11 19:47:43, nothingn...@citycable.ch wrote:

Hi misc@

   I've got a couple of softraid 1 volumes on a server and the /home one was
filling up a bit too much so I had to delete a bunch of isos and other non
necessary items. I did this yesterday and it still hasn't cleared the disk
space completely yet:

# bioctl -ih sd2
Volume  Status   Size Device
softraid0 0 Online   910G sd2 RAID1
   0 Online   910G 0:0.0   noencl sd0d
   1 Online   910G 0:1.0   noencl sd1d

# df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home

/home # du -sh
782G.

So there's a rather large disparity there!

The numbers reported by df(1) and du(1) mean different things.
As an extreme example, create a huge empty filesystem.
The du(1) size will be zero of course, but df(1) will
show you Avail noticably smaller than Size.

How was sd2a created (newfs) and how is it mounted (mount -v)?

I don't think you have a softraid problem.



/dev/sd2a on /home type ffs (rw, NFS exported, local, nodev, nosuid, 
softdep, ctime=Thu Jun 11 23:51:13 2015)


newfs formated via the installer... this was back around 5.0 or 5.1 so 
I'm not 100% sure of the options used, if any.

Re: Softraid 1 takes forever to declare disk space free after delete

[Noth]

[Fri Jun 12 16:59:18] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G819G   41.6G95%/home
[Fri Jun 12 16:59:23] homeuser@casper: ~ $ dd if=/dev/zero of=file bs=1m 
count=1024

1024+0 records in
1024+0 records out
1073741824 bytes transferred in 19.375 secs (55416456 bytes/sec)
[Fri Jun 12 16:59:58] homeuser@casper: ~ $ du -h file
1.0Gfile
[Fri Jun 12 17:09:53] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G820G   40.6G95%/home
[Fri Jun 12 17:10:07] homeuser@casper: ~ $ rm -f file
[Fri Jun 12 17:10:42] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G820G   40.6G95%/home


On 12/06/15 15:02, Jan Stary wrote:

rm -f file

Re: Softraid 1 takes forever to declare disk space free after delete

[Noth]

On 12/06/15 18:15, Noth wrote:

On 12/06/15 18:11, Joel Sing wrote:

On Saturday 13 June 2015, Joel Sing wrote:

On Friday 12 June 2015, Noth wrote:

Hi misc@

I've got a couple of softraid 1 volumes on a server and the 
/home one

was filling up a bit too much so I had to delete a bunch of isos and
other non necessary items. I did this yesterday and it still hasn't
cleared the disk space completely yet:

# bioctl -ih sd2
Volume  Status   Size Device
softraid0 0 Online   910G sd2 RAID1
0 Online   910G 0:0.0   noencl sd0d
1 Online   910G 0:1.0   noencl sd1d

# df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home

/home # du -sh
782G.

So there's a rather large disparity there! I've tried issuing sync
commands a few times over the past 24 hours but to no avail :
This has nothing to do with softraid - softraid is just a virtual 
HBA that
provides a SCSI block device, which you've then put a (presumably 
FFS) file

system on top of.
Okay, I'll soften this slightly - if you are actually using softdeps 
you may

be encountering an issue with softraid that is slowing/delaying the
background processing... I'll see if I can reproduce it here once you
confirm.


Is there any solution to this apart from waiting for days on end?
You did not actually give the output from mount(8), however I'm 
going to

guess - stop using softdeps?


That mail didn't make it through for some reason. Here's the mount -v :

/dev/sd2a on /home type ffs (rw, NFS exported, local, nodev, nosuid, 
softdep, ctime=Thu Jun 11 23:51:13 2015)


Also this partition is shared via NFS, SMBFS  AFP . I tried last 
night turning all of those off and issueing sync multiples times to no 
avail. I ended up rebooting but that's not a workable solution. Let me 
try remounting without softdeps and running the 1G file test again 
(that did clear... after 20 mins).




With softdeps turned off:

[Fri Jun 12 18:32:09] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G824G   36.4G96%/home
[Fri Jun 12 18:32:14] homeuser@casper: ~ $ dd if=/dev/zero of=file bs=1m 
count=1024

1024+0 records in
1024+0 records out
1073741824 bytes transferred in 19.521 secs (55003901 bytes/sec)
[Fri Jun 12 18:32:41] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G825G   35.4G96%/home
[Fri Jun 12 18:32:50] homeuser@casper: ~ $ rm -f file
[Fri Jun 12 18:32:53] homeuser@casper: ~ $ sync ; sync ; sync ; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G824G   36.4G96%/home

Works a lot better! Double tested on the other softraid partition with 
softdeps:


[Fri Jun 12 18:31:45] root@casper: ~ # sync; sync; sync; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G824G   36.4G96%/home
[Fri Jun 12 18:34:47] root@casper: ~ # dd if=/dev/zero of=file bs=1m 
count=1024

1024+0 records in
1024+0 records out
1073741824 bytes transferred in 17.325 secs (61973836 bytes/sec)
[Fri Jun 12 18:35:26] root@casper: ~ # sync; sync; sync; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G6.6G   12.1G35%/
/dev/sd2a  906G824G   36.4G96%/home
[Fri Jun 12 18:35:36] root@casper: ~ # rm file
[Fri Jun 12 18:35:38] root@casper: ~ # sync; sync; sync; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G6.6G   12.1G35%/
/dev/sd2a  906G824G   36.4G96%/home
[Fri Jun 12 18:37:01] root@casper: ~ # sync; sync; sync; df -h
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.1G30%/
/dev/sd2a  906G824G   36.4G96%/home

Could the superslow update of available space have something to do with 
the partition hitting 100% fill?

Softraid 1 takes forever to declare disk space free after delete

[Noth]

 Intel 82801GR AHCI rev 0x02: msi, AHCI 1.1
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: ATA, WDC WD10JPVT-22A, 01.0 SCSI3 
0/direct fixed naa.50014ee6ad7915f1

sd0: 953869MB, 512 bytes/sector, 1953525168 sectors
sd1 at scsibus1 targ 1 lun 0: ATA, WDC WD10JPVT-22A, 01.0 SCSI3 
0/direct fixed naa.50014ee65823f816

sd1: 953869MB, 512 bytes/sector, 1953525168 sectors
ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 8 
int 19

iic0 at ichiic0
lm1 at iic0 addr 0x2d: W83627DHG
spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-8500 SO-DIMM
spdmem1 at iic0 addr 0x51: 2GB DDR3 SDRAM PC3-8500 SO-DIMM
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
wbsio0 at isa0 port 0x2e/2: W83627UHG rev 0x32
lm2 at wbsio0 port 0x290/8: W83627DHG
lm1: disabling sensors due to alias with lm2
uhidev0 at uhub3 port 2 configuration 1 interface 0 Logitech Logitech 
USB Keyboard rev 1.10/28.00 addr 2

uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
sd2 at scsibus3 targ 1 lun 0: OPENBSD, SR RAID 1, 005 SCSI2 0/direct fixed
sd2: 931338MB, 512 bytes/sector, 1907380720 sectors
sd3 at scsibus3 targ 2 lun 0: OPENBSD, SR RAID 1, 005 SCSI2 0/direct fixed
sd3: 20481MB, 512 bytes/sector, 41945104 sectors
root on sd3a (e0e2efd6dc314ad9.a) swap on sd3b dump on sd3b

Is there any solution to this apart from waiting for days on end?

Noth

P.S. Don't CC me I'm subscribed to the mailing list!

Re: Softraid 1 takes forever to declare disk space free after delete

[Noth]

No clue comes from it...

# fstat  -f /home
USER CMD  PID   FD MOUNTINUM MODE   R/W SZ|DV
root fstat  30300   wd /home   2 drwxr-xr-x   r 512
homeuser  imap   29865   wd /home12595200 drwxr-xr-x   r 3584
homeuser  imap   32331   wd /home12595200 drwxr-xr-x   r 3584
homeuser  imap   21323   wd /home12595200 drwxr-xr-x   r 3584
homeuser  screen 14447   wd /home12595200 drwxr-xr-x   r 3584
homeuser  ksh 9939   wd /home12595200 drwxr-xr-x   r 3584
homeuser  ksh 9939   11 /home12595654 -rw-r--r--  rw 13169
nobody   openvpn105443 /home   3 -rw---   w 232
nobody   openvpn 55373 /home   3 -rw---   w 232
botusereggdrop-1.6.21 24013 text /home11232325 -rwxr-xr-x r 2388189
botusereggdrop-1.6.21 24013   wd /home11230720 drwxr-xr-x r 
1024
botusereggdrop-1.6.21 240135 /home11230916 -rw-r--r-- 
rw0
botusereggdrop-1.6.21 240137 /home11230910 -rw-r--r-- 
rw0
botusereggdrop-1.6.21 240138 /home11232810 -rw-r--r-- 
rw  898
botusereggdrop-1.6.21 240139 /home11232816 -rw-r--r-- rw 
3435

homeuser  irssi  11827   wd /home12595200 drwxr-xr-x   r 3584
homeuser  irssi  11827   10 /home12596270 -rw---   w 4251372
homeuser  irssi  11827   13 /home12595263 -rw---   w 2936014
homeuser  irssi  11827   14 /home12595285 -rw---   w 5120541
homeuser  irssi  11827   16 /home12595286 -rw---   w 70090812
homeuser  irssi  11827   19 /home12595304 -rw---   w 21572482
homeuser  irssi  11827   21 /home12595301 -rw---   w 32415199
homeuser  ksh10774   wd /home12595200 drwxr-xr-x   r 3584
homeuser  ksh10774   12 /home12595654 -rw-r--r--  rw 13169
homeuser  screen  4623   wd /home12595200 drwxr-xr-x   r 3584
root ksh25183   wd /home   2 drwxr-xr-x   r 512

On 11/06/15 21:55, Alexander Hall wrote:

On June 11, 2015 7:47:43 PM GMT+02:00, Noth nothingn...@citycable.ch wrote:

Hi misc@

I've got a couple of softraid 1 volumes on a server and the /home one
was filling up a bit too much so I had to delete a bunch of isos and
other non necessary items. I did this yesterday and it still hasn't
cleared the disk space completely yet:

This doesn't sound like a softraid problem. Is some other process holding those 
files open? Does fstat  -f /home give a clue?

/Alexander


# bioctl -ih sd2
Volume  Status   Size Device
softraid0 0 Online   910G sd2 RAID1
   0 Online   910G 0:0.0   noencl sd0d
   1 Online   910G 0:1.0   noencl sd1d

# df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home

/home # du -sh
782G.

So there's a rather large disparity there! I've tried issuing sync
commands a few times over the past 24 hours but to no avail :

[Thu Jun 11 19:32:03] root@casper: /home # df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home
[Thu Jun 11 19:32:04] root@casper: /home # sync
[Thu Jun 11 19:35:26] root@casper: /home # df -kh
Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/sd3a 19.7G5.6G   13.0G30%/
/dev/sd2a  906G859G1.2G   100%/home

dmesg:
OpenBSD 5.7 (GENERIC.MP) #0: Tue May  5 20:04:33 CEST 2015
r...@openbsd64.nineinchnetworks.ch:/root/binpatchng-2.1.2/work-binpatch57-amd64/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error 80clock_battery
real mem = 4260089856 (4062MB)
avail mem = 4142768128 (3950MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xceebd000 (28 entries)
bios0: vendor Intel Corp. version CCCDT10N.86A.0032.2012.0323.1510
date 03/23/2012
bios0: Intel Corporation D2500CC
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC MCFG HPET
acpi0: wakeup devices SLT1(S4) PS2M(S4) PS2K(S4) UAR1(S3) UAR2(S3)
UAR3(S4) UAR4(S4) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB7(S3) PXSX(S4)

RP01(S4) PXSX(S4) RP02(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU D2500 @ 1.86GHz, 1867.05 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF,ITSC
cpu0: 512KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges
cpu0: apic clock running at 133MHz
cpu0: mwait min=64, max=64, C-substates=0.1.0.0.0, IBE
cpu1 at mainbus0: apid 1 (application