re: Can't boot Loongson after upgrade from 5.2 - 5.3
Did not upgrade mine yet. Wait for Miod's answer. He's the best person for knowledge on this platform. Message du 19/06/13 17:09 De : John Long A : misc@openbsd.org Copie à : Objet : Can't boot Loongson after upgrade from 5.2 - 5.3 Sorry if this is duplicated. Been a few hours since I sent it and did not see it hit the list. Also did not find it on marc or gmane. Has anyone done a successful upgrade from Loongson 5.2 to 5.3? I've done upgrades on numerous platforms and this is the only one I've ever had problems with. The upgrade seemed to go fine and finish normally. After the reboot it goes from the Lemote Dragon screen to a black screen and stops there. After this didn't work I tried copying boot and bsd from the install media to their correct locations on the installed system. Rebooting also no joy. If I try booting manually from pmon into my installed system it stops: PMON boot -k /dev/fs/ext2@wd0/boot/boot Loading file: /dev/fs/ext2@wd0/boot/boot (elf) (elf) 0x81e2/44368 + 0x81e2ad50/4400(z) + OpenBSD/loongson BOOT 0.3 booting wd0a:/bsd: 4988544+588976=0x551db0 804dfe94 a088 .word a088 # . . . . PMON Cluebats graciously anticipated. /jl -- ASCII ribbon campaign ( ) Powered by Lemote Fuloong against HTML e-mail X Loongson MIPS and OpenBSD and proprietary / \ http://www.mutt.org attachments / \ Code Blue or Go Home! Encrypted email preferred PGP Key 2048R/DA65BC04
Re: www.openbsd.org down
On Sat, Jun 25, 2011 at 04:48:27PM +0200, Martijn P. Rijkeboer wrote: The openbsd.org site is hosted on a different IP-address than www.openbsd.org. web server is openbsd.srv.ualberta.ca with ip 142.244.12.42 From south of Paris france I am seeing a very small packet loss (from both wifi and ethernet links) around 6-9 % The site does load and work normally though. There are around 16 hops between me and the server. No hop goes above 200 ms. Link to my ISP is 50 ms. -- Spongebob
openbsd people at RMLL/LSM ?
Hello, I would like to know who is going to the LSM (Libre Software Meeting) of 2011 also called RMLL (Rencontres Mondiales du Logiciel Libre) that will be in Strasbourg this year from 9th to 14th of July. Program shows there will be an OpenBSD booth there. -- Khan!
Re: Can command-line options be specified in any place?
On Wed, Jun 22, 2011 at 09:24:35AM +0200, Tobias Ulmer wrote: This rose tinted OpenBSD is the greatest shit really gets on my nerves. It's all fun to bash others, but from time to time you have to look at their stuff and figure out which parts they did right and you could improve. Yeah sure. Go tell that to Linux that called OpenBSD users masturbating monkeys. -- Where the fsck is my signature ?
Re: Seems OpenBSD isn't absolutely alone in it's quest, atleast on embedded systems.
On Mon, Jun 06, 2011 at 10:31:29AM -0500, Amit Kulkarni wrote: do you need a keyboard or two? Now that you have decided to write your own OS from scratch in s-expressions like language? We should send this guy bullshit to the Linux kernel mailing-list so they can have some fun too. Hey. Those guys are doing open source, we can share the fun even if they're stuck stuffing penguins at home while we get red-leather chicks on our side... -- Threepwood
Re: Seems OpenBSD isn't absolutely alone in it's quest, atleast on embedded systems.
On Mon, Jun 06, 2011 at 01:33:31PM -0300, Christiano F. Haesbaert wrote: Honestly, what are you trying to achieve ? I bet 10 canadian dollars on his 15 minute fame, and eternal storage in Google newsgroup servers of YARGTKBTOD* (*) Yet Another Random Guy That Knows Better Than OpenBSD Developers -- Bill Gates
Re: Seems OpenBSD isn't absolutely alone in it's quest, atleast on embedded systems.
On Mon, Jun 06, 2011 at 08:17:11PM -0400, goodb...@gmail.com wrote: X86 machine language sucks big rocks. x86 is not executed on x86 processors since the Pentium 4. Intel (and AMD) are using RISC cores at the heart of their processors. x86 instructions are translated into RISC code and this code is the one that gets executed. The x86 CISC is just a shell around an RISC heart. -- Overflow
Re: Seems OpenBSD isn't absolutely alone in it's quest, atleast on embedded systems.
On Sun, Jun 05, 2011 at 03:10:42PM +0200, Thomas de Grivel wrote: [..] We should [..] Those two words are the exact spot where the problem really is. That we. OpenBSD is worked upon by developers. They do it, the hard work so people like me, users, can benefit from good code, solid software, trusty operating system. They do it : they write the code. Debug it. Maintain it. Fix it. So, if any change of tools is done, it will be done by them, and them alone. Not me, nor anyone else. Thus, there is no we. There is the developers on one side, and the users on the other. If developers do want the C langage to be replaced by something else, they will do it. Because they will get a benefit from it, and OpenBSD too. Until this happens, C will remain the langage used. If your idea can be, you will have to implement it. You (or someone that shares that same idea) will have to design a compiler that compiles a kernel and gives you a shell like OpenBSD does. It has to work as well as OpenBSD does, be able to do all the things it does, and show by the proof that the langage then used really makes working on it better. Make it work. Like scientists make experiments that are reproductible before saying to the other bald guys in white blouses : guys, it works. You can even try it and check the fact for yourselves, here's the recipe how to do it. We should not tell people that do the work how they should do it. Because they are the ones doing it, since years, and obviously, they're doing a pretty damn good job. If Theo ever hears you say we should in order to tell them how they should code _their_ operating system, I am afraid he will send his special monkey killing-squad and you will vanish from the face of this island. Beware of the monkeys. Especially those that not only eat the banana, but also its skin. -- Guybrush
Re: OT:Re: How do I exclude a directory using tar in OpenBSD?
On Tue, May 31, 2011 at 05:05:55PM -0400, Eric Furman wrote: And what do you do when you are not in charge of the box you need your script to run on? You write a script that uses a statically compiled binary, the one you need. There is a tool to create a .sh script that will contain the binary and your script. If I remember correctly, that's how Star Office installed itself : the .sh extracted what was required and runned. The tool to create such .sh scripts that contains binaries can then be used. Your script will extract locally the binary (make sure where it is somewhere it can run) and then run, using the statically compiled binary. Not pretty but the binary can be updated with the script and your script will be a little fat in size :-) -- Gilbert Fernandes
Re: OT:Re: How do I exclude a directory using tar in OpenBSD?
On Tue, May 31, 2011 at 11:05:18PM +, Kevin Chadwick wrote: if there is such a writable place! Yes. When I tried to make such a script, that contained a static binary, finding such a place was almost a nightmare. In the end, the admin of the foreign server took pity of me and installed locally the binary I required :p -- Gilbert Fernandes
Re: OT:Re: How do I exclude a directory using tar in OpenBSD?
On Tue, May 31, 2011 at 04:11:16PM -0700, patrick keshishian wrote: fucking amateurs. if you ran windows you wouldn't have this problem. Last time I did ran into a window, it did hurt, quite a bit. The window did broke, but I left around a lot of blood and it was messy. Somewhat. Why the obsession for running into windows. I tried, and it was not fun. Hell. I could have more fun sitting on the mud in front of a buldozer. Please excuse me. I have one of those in front of my house, and I need to lie down there for quite some time. -- Gilbert Fernandes
Re: putty or ssh, screen $cmd
On Fri, May 27, 2011 at 10:27:59PM -0400, Nick Holland wrote: dunno what works fine means, but today, we use a program called tmux, which is part of base OpenBSD. And tmux seems better written. On the Yeeloong, using screen will send you in a kernel failure with a Trap 4 error, while using tmux you can do anything you want, it's rock stable. screen has some shitty code inside that overflows my fb and miod even tried to fix it but it keeps crashing. moved to tmux, all problems gone. Using tmux as suggested is a very good idea. First, it's in the base system install, and second, there is some shitty code in screen that does really bad things to some consoles that just go nuts. If you like to use Control-A in tmux like in screen, create a .tmux.conf file in your home folder and put the following inside of it : set-option -g prefix C-a bind-key C-a last-window unbind C-b set -g base-index 1 setw -g aggressive-resize on bind-key -n F10 prev bind-key -n F11 next set-window-option -g mode-keys vi set-window-option -g utf8 on To copy/paste : Control-A to enter copy mode (upper right a thing between [] appears) and go to beginning of text to copy. Press space bar once. Move to end of stuff to copy, press Enter and it's done (sometimes you don't get a visual feedback because of the console, don't care). Use Control-a ] to paste as usual. This config file uses Control-a instead of Control-b, you can press Control-a twice to get between the two last consoles (as screen does). I use F10 and F11 keys to move to previous/ next console, you can remove those lines or change them if you want to use other keys Ditch screen. Use tmux. -- Gilbert Fernandes
Re: putty or ssh, screen $cmd
On Fri, May 27, 2011 at 11:15:14PM -0400, Hugo Villeneuve wrote: Just saying that at least, screen has been working for decades properly. Even if it was archaic. But it's not like tty are anything new themselves (the 8bit version ones). If you try screen on some machines, you will crash so badly that even DDB inside the kernel is frozen after displaying one or two lines of panic. At first, you wonder. Then you try tmux, and it no longer crashes. And last, you go see the screen sources, and it's like being Nicky Larson getting a 10-ton hammer hit on the head... -- Gilbert Fernandes
Re: ospfd/ospf6d causing denial of service(?)
On Wed, May 25, 2011 at 05:22:16PM -0500, Mark Felder wrote: Honestly, the thought that this can easily affect other people with lots of network statements in OSPF is pretty scary, and the thought of running -current is equally scary. You do not need to run current. If a problem is found, and fixed, you can use cvs to see what they did to fix it, get a diff and apply it to your stable release. It might require a little work on your part but you're supposed to know how to do those things I guess :-) This is what open source and access to sources is all about. In the proprietary world, you buy a product. And you do not get access to sources. You do not get a view to what their developpers are doing, daily, to their sources. And if you have a problem, you have to wait. Wait for a patch, or be told you need a new release (that will include a price, too, for something that obviously is a bug and should be fixed for free since it's not an improvement but a bug fix). Those people are working for free. They give you a free product, with no license cost nor cost except download time, you're not even forced to buy a CD. They not only offer you a free product, they give you the right to do anything with it. Even make a closed product from it, or do changes you keep for yourself. Not only it's free in getting is, using it, but they also give you a free access to the current sources, and you can daily see what they do change. And you are also able to get a diff for free for anything they do, and apply it or do whatever you want with it. What more do you want ? One of them to take a plane, come to your company for free, and work there all day and night until the problem is fixed ? Seriously ? And why didn't you come to us in the mailing list with a patch for the problem ? You are not running current and don't want to run current ? Grab the changes from the CVS and backport them to 4.9-stable. Then, give us the patch so everyone like you using stable can have the fix without moving to current. This is what you should have done : give us a patch for stable if that's what matters to you. What we wait from you now, is that patch. And I guess the project developers are waiting for something else : apologies. (why do you put theo in Cc ? he does read the list, you realize you are sending him twice your message ?) -- Gilbert Fernandes
Re: Lemote Leeyong 8101B dmesg
On Thu, May 26, 2011 at 12:04:35PM +0300, Paul Irofti wrote: Yes yes, but does it suspend? :-) As soon you get 4.9 installed the machine, move to current. Platform is being worked upon by Miod, Otto and a few other people so it's way better to run current on it. On current, machine can be put to sleep. Either zzz or the apm command. It does not yet work from closing the lid. Otto reported that machine produces out heat when sleeping, so some parts of the motherboard seem to be using power when in sleep, so it's not perfectly working yet. I wrote a script that ifconfig urtw0 down before going to sleep because the wifi led kept lit when machine was sleeping. I can send you a complete report of what works, what does not if you want. That would be a long email so better not pollute the mailing list with it, especially because those things are getting worked upon. -- Gilbert Fernandes
Re: Lemote Leeyong 8101B dmesg
On Thu, May 26, 2011 at 11:15:40AM +0200, Otto Moerbeek wrote: And does it resume? ;-) Yes it does ;-) If you had the wifi configured, it remains turned on. So what I have right now is a script for sleep (zzz2) that turns off wifi then sleeps. Machine wakes up from any key press. And script resumes and ifconfig urtw0 up. -- Gilbert Fernandes
Installing Puffy on boot display of Lemote Leeyong
or compressed bmp.gz and must be in 8-bit mode. Also, there is only 64 Kb available from bfc6 to bfc7 (64*1024 = 1 in hex). I wanted a sleak and beautiful Puffy for my Lemote, so I selected the following picture from openbsd-france.org : http://openbsd-france.org/goodies/wallpapers/openbsd.jpg Isn't it cute ? :D Ok. Downloaded the wallpaper and resized it to 448 pixels wide. Cropped in order to get a 448 x 224 pixels file. This file is using 8 bit per pixel, and I made sure the dithering was of the highest quality in order to preserve its background dithering. PUFFY CERTIFIED THIS PICTURE Yes, brothers and sisters, Puffy talks to me. We compress this file using gzip (standard compression, don't play with -9 or whatever here ok ?) Here is my own file, ready to burn : http://perso.orange.fr/gilbert.fernandes/openbsd_pmon.bmp.gz Uncompressed, file is around 100 Kb, and compressed using gzip it goes down to 21.8 Kb. Well within the 64 Kb. Now, we move that file to the USB key and get into PMON prompt. As usual, please check the SHA1 of the file on the USB key and make sure it is equal to : 1c9ce4e14c59494b227d8fed554738f37d63fc58 Let's burn it. Be very CAUTIOUS in writing the good address in memory : load -r -f bfc6 /dev/fs/ext2@usb0/openbsd_pmon.bmp.gz And from now on, we will see Puffy greet us on the Lemote boot :) Now, for the glory of the Puffy, here are a few pictures of before and after : ugly puffy some pics of the whole PMON upgrade and Puffy installation : pmon before upgrade: http://gilbert.fernandes.pagesperso-orange.fr/pmon_145.jpg loading the 1.4.9 upgrade : http://gilbert.fernandes.pagesperso-orange.fr/loading_pmon_149.jpg pmon 1.4.9 vers output : http://gilbert.fernandes.pagesperso-orange.fr/pmon149.jpg installing puffy : http://gilbert.fernandes.pagesperso-orange.fr/puffy_lock_and_loaded_baby.jpg puffy installed : http://gilbert.fernandes.pagesperso-orange.fr/flashing_done.jpg This is what is looked like before : http://gilbert.fernandes.pagesperso-orange.fr/this_is_ugly.jpg And this is Puffy in all its glory : http://gilbert.fernandes.pagesperso-orange.fr/its_alliive.jpg Have fun =) -- Gilbert Fernandes
Lemote Leeyong 8101B pr0n
Hello Just received a Lemote Leeyong 8101B (the 10 inches display model). I took pictures of the machine from all sides + a few with a centimeters/inches ruler for people interested by this machine. OpenBSD support page for the platform : http://www.openbsd.org/loongson.html If you do not know anything about it, it's a netbook that is powered by a Loongson (chinese) MIPS-III chip (it has some MIPS-IV operands I think, from a PDF I downloaded that covers its chip available operands). The machine is fully open about it's hardware : no binary blob is used for anything and the BIOS is PMON, a C-written BIOS (Miod says it's crap so it probably is). Weak point of the machine would be autonomy : battery is light and small, is rated for 23 W/h of power (fully charged I get 25 W/h from it). SD model uses 12 W/h and hard-disk model uses 15 W/h so it gives you 1.5 hour of autonomy under load (might get near 2h if not loaded too much but don't hope too much for it). The machine is loaded with a Linux (I did not power it yet). Here are the pictures : https://picasaweb.google.com/gilb/LemoteLeeyong8101_B# If you want some specific pictures, close ups of some parts, please email me. I am going to install OpenBSD using Miod's doc and document each part of it with pictures so the whole process for total noobs can be used. I think this machine is the only machine currently used by Richard Stallman because of its open hardware approach. While Theo is loading his shotgun with salt to take care of me for saying that, please check the pictures and consider it. It's MIPS, it runs OpenBSD, and it works without any binary blob (it also has two stereo speakers on front if you like to listen to music while coding ! Very nice !) Greeting to Miod for his work on the platform, but also Jasper Lievisse, Adriaanse for allowing us to be able to use this very nice platform on OpenBSD. Your beers are waiting for you, all expenses covered by me. -- Gilbert
Re: Minimum bandwidth per IP
I would suggest CBQ (class based queuing) with RED (random early dropping) dhcpd server giving static ips according to MAC, and then enforcing bandwidth using ALTQ. Defining a CBQ with bandwidth, some bandwidht reserved for some IP and not forgetting to create a default class to have all others without reserved bandwith fall inside of it, with a specific/maximal bandwidth allowed. CBQ is easy to use. with a single line you can define a CBQ on an interface, and declare how much bandwith the whole link has. then, you create classes (according to IP or any other scrub that is adapted to your case). not setting borrow is advised, to make sure reserved bandwidth is immediatly available. last time i extensively used ALTQ was in 2000/2001 and at that time, altq and pf were in two separate files i think, i'm not sure. fading memory from that era. send you in private a more detailed explanation. -- Gilbert Fernandes
Lemote Leeyong 8101B dmesg
Forwarded Message From: David Vasek va...@fido.cz Subject: Re: Lemote Leeyong 8101B pr0n Date: Thu, 19 May 2011 18:34:08 +0200 (CEST) Thanks. I think you should post the dmesg (from your own) to @misc too, once you'll have the OS installed. Forwarded Message Here it is : [ using 472848 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2011 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.9 (GENERIC) #189: Wed Mar 2 07:27:17 MST 2011 dera...@loongson.openbsd.org:/usr/src/sys/arch/loongson/compile/GENERIC real mem = 1073741824 (1024MB) avail mem = 1059094528 (1010MB) mainbus0 at root: Lemote Yeeloong cpu0 at mainbus0: STC Loongson2F CPU 797 MHz, STC Loongson2F FPU cpu0: cache L1-I 64KB D 64KB 4 way, L2 512KB 4 way bonito0 at mainbus0: memory and PCI-X controller, rev 1 pci0 at bonito0 bus 0 rl0 at pci0 dev 7 function 0 Realtek 8139 rev 0x10: irq 5, address 00:23:8b:f2:b6:87 rlphy0 at rl0 phy 0: RTL internal PHY smfb0 at pci0 dev 8 function 0 Silicon Motion LynxEM+ rev 0xb0 wsdisplay0 at smfb0 mux 1: console (std, vt100 emulation) ohci0 at pci0 dev 9 function 0 NEC USB rev 0x44: irq 7, version 1.0 ehci0 at pci0 dev 9 function 1 NEC USB rev 0x05: irq 7 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 NEC EHCI root hub rev 2.00/1.00 addr 1 glxpcib0 at pci0 dev 14 function 0 AMD CS5536 ISA rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio gpio1 at glxpcib0: 32 pins pciide0 at pci0 dev 14 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ST9160310AS wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) auglx0 at pci0 dev 14 function 3 AMD CS5536 Audio rev 0x01: isa irq 9, CS5536 AC97 ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0) audio0 at auglx0 ohci1 at pci0 dev 14 function 4 AMD CS5536 USB rev 0x02: isa irq 11, version 1.0, legacy support ehci1 at pci0 dev 14 function 5 AMD CS5536 USB rev 0x02: isa irq 11 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 AMD EHCI root hub rev 2.00/1.00 addr 1 usb2 at ohci0: USB revision 1.0 uhub2 at usb2 NEC OHCI root hub rev 1.00/1.00 addr 1 isa0 at glxpcib0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 mcclock0 at isa0 port 0x70/2: mc146818 or compatible ykbec0 at isa0 port 0x381/3 usb3 at ohci1: USB revision 1.0 uhub3 at usb3 AMD OHCI root hub rev 1.00/1.00 addr 1 clock0 at mainbus0: ticker on int5 using count register apm0 at mainbus0 umass0 at uhub1 port 1 configuration 1 interface 0 Generic USB2.0-CRW rev 2.00/58.87 addr 2 umass0: using SCSI over Bulk-Only scsibus0 at umass0: 2 targets, initiator 0 sd0 at scsibus0 targ 1 lun 0: Generic-, Multi-Card, 1.00 SCSI0 0/direct removable sd0: drive offline umass1 at uhub1 port 2 configuration 1 interface 0 OCZ ATV rev 2.00/11.00 addr 3 umass1: using SCSI over Bulk-Only scsibus1 at umass1: 2 targets, initiator 0 sd1 at scsibus1 targ 1 lun 0: OCZ, ATV, 1100 SCSI0 0/direct removable sd1: 30592MB, 512 bytes/sec, 62652416 sec total urtw0 at uhub1 port 4 Realtek RTL8187B rev 2.00/2.00 addr 4 urtw0: RTL8187B rev E, address 00:17:c4:4e:1e:0a vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root pmon bootpath: /dev/disk/wd0 boot device: wd0 root on wd0a swap on wd0b dump on wd0b
Re: vi in /bin
Real men use DEBUG.EXE --Original Message-- From: Gregory Edigarov Sender: owner-m...@openbsd.org To: misc@openbsd.org Subject: Re: vi in /bin Sent: 18 Dec 2009 11:15 On Fri, 18 Dec 2009 10:28:25 +0100 Igor Sobrado igor.sobr...@gmail.com wrote: On Fri, Dec 18, 2009 at 6:07 AM, David Gwynne l...@animata.net wrote: On 18/12/2009, at 1:26 PM, Raymond Lillard wrote: Real men use cat. :-) real men use COPY CON PROGRAM.EXE real men use EDIT/TECO. real men use XEDIT. -- With best regards, Gregory Edigarov
Re: Thinkpad x200 suspend to ram and to disk newby help
Ouch you're right. Whilst I have some kind of Acpi in the X30 (1.1 or 1.2) its Apm works better so I use Apm only + hibernation made from floppy. The X200 might only work with Acpi for hibernation :( --Original Message-- From: Robert Sender: owner-m...@openbsd.org To: shweg...@gmail.com Cc: misc@openbsd.org Subject: Re: Thinkpad x200 suspend to ram and to disk newby help Sent: Oct 24, 2009 17:43 The X200 uses ACPI. ACPI suspend is still work in progress afaik. Last thing i read about it is that suspend kind of works in some cases, but the resume part doesn't... The X30 is an APM system, so that doesn't realy work for the X200. I don't miss suspend/hybernate support on my X200 - iirc Theo and some other dev are using 40-series Thinkpads which use APM, so they have working suspend. If i missed the crucial acpi-suspend-works commit, i'd be glad to be corrected. - Robert
Re: FW: Raid controller?
Theo is right here. They really don't care. I won't dwelve into details but I worked for a service that used their product, with a government-level contract, and the only thing we waited for was the end of the contract to stop using their products, which we did. We had had a contract with them, and they did not even respect its terms... So think about how they're going to handle your requests when you're not even paying customers. Let's move on.
Re: Even and Odd numbered OpenBSD versions
Or use Pi. Since the Borwein-Beiley-Plouffe equation we can compute any Pi decimal anywhere anyplace in Pi without calculating the previous decimals, and it is a known scientific fact that every OpenBSD that came and will come until the universe becomes a silent, cold and dark place, is contained inside Pi. Regards.
Re: 4.5 delivery - How do they do it?
All those problems will be fixed once we hit the technological singularity. Our most greatest creation, and sadly the last. -Original Message- From: Darrin Chandler dwchand...@stilyagin.com Date: Tue, 21 Apr 2009 08:10:57 To: Theo de Raadtdera...@cvs.openbsd.org Cc: Fubarmodster.v@xoxy.net; Austin Hookaus...@computershop.ca; Miscellaneous OBSDmisc@openbsd.org Subject: Re: 4.5 delivery - How do they do it? On Mon, Apr 20, 2009 at 06:56:15PM -0600, Theo de Raadt wrote: This morning I had an email arrive at Tue, 21 Apr 2009 06:58:36 +1000 (EST) from computershop.ca announcing that my order had been mailed. At 09:05 I went to check my PO box for the morning mail and found my 2 sets of 4.5 CDs How did Austin and the gang know that my package had made it out of customs in time to arrive in this morning's mail and to send the email at just the right time? We are working on changes to do this trick in a variety of our deamons and in our kernel; precognition means that we can identify an upcoming period when such packets will come in -- packets which would defragment and subsequently arrange themselves into an attack above the socket layer. since we can precognitively pre-identify the risk, we can drop them right on the ethernet card and avoid even having them dma into memory! Well, we have only parts of this working in the tree. A few pieces are still missing, but Austin is trying a prototype of the algoritms and heuristics in his shipping operation. I don't think the shipping algorithms will work for network stuff. However, I have some half baked diffs based on bistromathematics that show an amazing throughput improvement. Tested so far on sparc64 and i386, but the robot waiters keep glitching on alpha. -- Darrin Chandler| Phoenix BSD User Group | MetaBUG dwchand...@stilyagin.com | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
Re: European orders
Dear Daniel. OpenBSD is Theo's'work, and his life. He, with all the OpenBSD developers, design, write code and made, make what OpenBSD is. This means it is their operating system, they do the choices of technologies and how they implement them in their operating system. If it happens that you share their view, you are welcome to use it. Otherwise, you can contribute code and perhaps even some day because an official divelopper yourself. And since it is free software, you can fork it too and build upon it and let meritocracy and history be your judge. OpenBSD is their operating system. And that's'it. You don't like it, you don't use it. You want to improve, you contribute code, fork or SHUT THE FSCK UP You are torturing innocent and precious electrons with your troll, your Kharma is burning down to ashes and you're wasting my bandwidth, and each second spent writing this reply is lost forever in my life. --Original Message-- From: Daniel Seuffert Sender: owner-m...@openbsd.org To: Theo de Raadt Cc: misc@openbsd.org ReplyTo: d...@praxisvermittlung24.de Subject: Re: European orders Sent: Mar 31, 2009 17:18 Theo de Raadt wrote: Mr. de Raadt, you are the guy that has accused Mr. Vandeputte in public. You are the guy that failed to put any evicence on the public table. Stop whining, show your evidence like Mr. Vandeputte has and is apparently preparing to show up in the very near future. I have respect for your contributions to Open Source, nothing more or less. Stop speculating if I have ever bought a t-shirt, a poster, a CD-set or anything else from Mr. Vandeputte or anybody else. That's none of your business. I don't care what you do for a living. If it's not enough get a job and work like anybody else. Daniel Seuffert
Applying patch 004 to OpenBSD 4.4 and Apache/OpenSSL (problem with PEM_F_DEF_CALLBACK)
Hello
At work here I have a PC which was loaded with OpenBSD 4.3
I have updated it to OpenBSD 4.4
After having installed it I downloaded from OpenBSD's ftp the
files sys.tar.gz and src.tar.gz which i did tar zxpf in
/usr/src
I then downloaded the latest 4.4.tar.gz patch file and applied
every patch. Everything went fine except the 004 patch.
I was having this error when doing the make :
--start of copy
[root][153] # make -f Makefile.bsd-wrapper
[...]
cc -c -I../../os/unix -I../../include -O2 -pipe -DINET6
-Dss_family=__ss_family -Dss_len=__ss_len -DHAVE_SOCKADDR_LEN -DMOD_SSL=208116
-DEAPI `../../apaci` -DSSL_COMPAT -DSSL_ENGINE -DMOD_SSL_VERSION=\2.8.16\
ssl_engine_pphrase.c
ssl_engine_pphrase.c: In function `ssl_pphrase_Handle_CB':
ssl_engine_pphrase.c:492: error: `PEM_F_DEF_CALLBACK' undeclared (first use in
this function)
ssl_engine_pphrase.c:492: error: (Each undeclared identifier is reported only
once
ssl_engine_pphrase.c:492: error: for each function it appears in.)
*** Error code 1
--end of copy
So I did a rm -rf of the /usr/src and from the following CVSROOT :
[EMAIL PROTECTED]:/cvs/openbsd
I did a cvs up -dP of OPENBSD_44
But I must have done something wrong or so I guess since I could not
compile httpd
So I searched with Google and found that in OpenSSL 0.9.8 they did a
change, which is explained here :
https://issues.apache.org/bugzilla/show_bug.cgi?id=35889
So I did modify my own OpenBSD 4.4
/usr/src/usr.sbin/httpd/src/modules/ssl/ssl_engine_pphrase.c
I replaced the PEM_F_DEF_CALLBACK by PEM_F_PEM_DEF_CALLBACK
at :
[...]
prompt = Enter pass phrase:;
for (;;) {
if ((i = EVP_read_pw_string(buf, bufsize, prompt, FALSE)) != 0) {
PEMerr(PEM_F_PEM_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
memset(buf, 0, (unsigned int)bufsize);
return (-1);
[...]
Now, the commands listed in the beginning of the 004 patch file do apply
properly :
--start of copy
cc -O2 -pipe -DINET6 -Dss_family=__ss_family -Dss_len=__ss_len
-DHAVE_SOCKADDR_LEN -DMOD_SSL=208116 -DEAPI -DHTTPD_USER=\www\
-DUID_MIN=1000 -DGID_MIN=1000 -DUSERDIR_SUFFIX=\public_html\
-DLOG_EXEC=\/var/log/suexec_log\ -DDOC_ROOT=\/var/www/htdocs\
-DSAFE_PATH=\/usr/bin:/bin:/usr/local/bin\ -DUSE_SETUSERCONTEXT -o suexec
-L/usr/lib -L../os/unix -L../ap suexec.o -lm -lap -los -lkeynote -lm -lssl
-lcrypto
=== src/support
=== src
-- /usr/src/usr.sbin/httpd
[root][162] #
--end of copy
I guess that, at some time, I must have done or broken something on this machine
because the patch could not have broken this.
Can someone please confirm me there is nothing wrong in the 004 patch and
that for some reason I don't have a clean copy of OPENBSD_44 sources ?
Best regards,
--
_\(_)/_ Gilbert Fernandes Laga
/(O)\ Administrateur systemes/reseau
Re: Real men don't attack straw men
On Sat, Dec 15, 2007 at 11:42:06PM -0500, [EMAIL PROTECTED] wrote: Would you mind sharing the recipie ? That sounds like a great idea. It's rather easy to do. I have done it just for fun. You can also FTP download using mail. You send commands to a server, it cuts in pieces the file to download and sends those to you in chunks by email. Sometimes email is the lowest common element :) -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: BSD vs Debian [Was: Re: Real men don't attack straw men]
On Sun, Dec 16, 2007 at 01:10:54PM -0500, Douglas A. Tutty wrote: Where I work right now, we have bsd and debian on servers. All user computers run debian or mandrake right now (and we're going to move those to debian). We dont let them choose. It is mandatory. We use bsd and some debian on servers, and they will use free software on computers. The main reason is not freedom or fighting proprietary software. It is (1) getting work done and (2) when we got unix-alike everywhere it makes our job as system admins and network admins easier. I curious (and not wanting to start a new flame war) about the decision tree to put debain on the workstations instead of BSD everywhere. What factors were involved? Where there logistical issues that debian sovled better in this case than BSD? Is it OpenBSD or another? I guess it's not a problem of what those Debian do that a BSD could not do but because the people we are building systems and tools around are working with very advanced mathematics, use some software and tools which do require a Linux base. We could have the whole thing work from BSD code of course. But we dont have the time and we work for people who really wants to have things done. When you have a lack of time, a lot of work and people that judge on things that work and those which dont you get a very low tolerance for stuff that does not immediatly work once installed, and when configured properly. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: swap encryption Re: Putting partition in RAM
On Fri, Dec 14, 2007 at 01:02:42PM +0100, knitti wrote: swap encryption on OpenBSD is done different than what you advise. just use a sysctl for vm.swapencrypt.enable. Much less maintenance headaches. an yes, don't complain about being reminded that this is not a netbsd / linux support list. :) thanks for the tip about openbsd's swap encryption. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Real men don't attack straw men
On Thu, Dec 13, 2007 at 04:16:47PM -0700, Jack J. Woehr wrote: Sounds like the first three lines for Ty's next song! Perhaps this thread of the year will be source of inspiration for Ty and his wonderful next stickers to come. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Real men don't attack straw men
On Fri, Dec 14, 2007 at 03:49:07PM -0500, Richard Stallman wrote: Thus, the risk of leading people to use a non-free system by making a free program run on it is small. However, it is our practice when doing this to remind people that the non-free system is unethical and bad for your freedom. If the pages about the Emacs binaries for Windows don't say this, I'll make sure to add it. If all the free software and very good things like firefox, and so on, are always available to people using proprietary operating systems, what would be the incentive for them to change then ? Having good software spread is good for everyone. It does improve security (openssh everywhere including in proprietary products) and standards (firefox everywhere and not only compilable on linux and bsd-systems). A few years ago I did thought that our best programs like firefox and so on should be kept only for free-operating systems so this would make people move there. But after reflexion, it's just wrong. Freedom is letting people choose. And if they choose proprietary, so be it. Some will change their minds if you explain to them, some won't. But once you talk people about why they could/should adopt a free operating system, that's done. Having good software spread even in proprietary systems is a good thing. Because when you talk to non-technically oriented people about replacing their windows by a linux or bsd, you can tell them : yes, firefox is there too. thunderbird too. what you use everyday will be there, upon a free operating system. This is a very good tool to convince people to replace the lower-layer (their operating system) by something free and not proprietary. Much more than talking of politics. This change will not benefit them directly. But people that have to maintain the computers where they work and Internet itself if we can replace zombie-prone machines by something better. People that are not interested in becoming computer experts will very fast get annoyed by talks about why they should change and politics discussions about freedom and such, because they just see you talk of freedom while underneath all you want is them to do another choice compared to another one, which they did (knowing or not why). I do understand a part of your point of view, Richard. Some people are not interested in freedom as in fighting proprietary software. So you imagine a world where we could move people to free software, even by force, for their good. Where I work right now, we have bsd and debian on servers. All user computers run debian or mandrake right now (and we're going to move those to debian). We dont let them choose. It is mandatory. We use bsd and some debian on servers, and they will use free software on computers. The main reason is not freedom or fighting proprietary software. It is (1) getting work done and (2) when we got unix-alike everywhere it makes our job as system admins and network admins easier. If you do really want a world without proprietary software, you must not let people choose. Thus, realize you are not doing it for freedom but for another goal. Things might be better in this new world, but the path to this world will not be freedom. Here, I have to admit I do understand your point of view of forcing people to use free software. Okay. But I disagree when you explain it's because of freedom we have to force this on them. And everything doesnt need to be democratic and open to discussion. In a company, network and system ingeneers are in charge of geting work done when it's related to computer systems. If they put free operating systems everywhere, their main concern wont be political of freedom-based but to improve their work, the security, ease of management... This is the first place to target : the work environment. And changes there are not freedom based. I like free operating systems. Having sources, a real freedom. But all that talk about politics or freedom in a fantasy-world, no. If you really want that world which does not exist, where people would only use free operating sytems and free programs upon those, you will have to force it down their throats because a lot, lot of people don't care about why it should be that way, and don't care of the big picture. Target the work world where this can be forced upon people if you really want it. Have this done by people who install and take care of the tools those people use. Dont let them choose. Treat them like sheep for their own good, why not. I dont talk to people about how it improves their freedom by having them work from Unix or Linux. They do not care. It does improve the techies life, our work. It gets things done, and that's all about it. It removed and keeps out the chains our grandpas working in the same field had with all their proprietary hardware and softare in their hands. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Putting partition in RAM
On Fri, Dec 07, 2007 at 04:28:27PM -0800, Greg Thomas wrote: So why bother posting that??? on my laptop i use screen. every machine i use (netbsd, openbsd, debian..) has its console there, so i can talk to each machine and each os from one machine with ease. when i did post that line, i thought it did come from the openbsd's fstab my mistake And what has that to do with /tmp on mfs anyway? my netbsd and openbsd boxes all have their /tmp on mfs. openbsd misc is really unique. someone asks for help, you try to help and for each person you try to help you get twice or more morons who make remarks to you instead of spending time helping like you're trying. c'est hallucinant de voir que l'un des meilleur os disponibles rassemble autant de connards pretentieux qui ont rien d'autre a fouttre que d'emmerder les gens qui tentent d'apporter de l'aide aux autres. vous avez que ca a fouttre bande de cons. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Could Hiawatha replace Apache as in base HTTP server if it's license changed?
On Fri, Dec 07, 2007 at 03:14:19PM +, Jason George wrote: Only useful if you are trolling. Hilter. Godwin. Done. you forgot one step my dear friend : 1. hilter 2. godwin 3. ? 4. profit ! ok ok im out. i know the way out... -[] -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Putting partition in RAM
On Fri, Dec 07, 2007 at 01:57:47PM -0800, Jake Conk wrote: I want to put my /tmp partition in RAM and I got the following example from the fstab's man page: swap /tmp mfs rw,nodev,nosuid,-s=153600 0 0 The problem is that I don't want to have any swap in RAM, only my /tmp partition so I'm wondering if I simply remove the swap entry from that line if that would work? technically, swap is never on memory. swap is memory written to the disk (when data is in memory it is either used or cache) what you wrote is the correct way to create a partition in memory (i do the same for my swap, the difference is my disk is one 1 gb / and 95 Gb cgd disk but it is just for the fun of doing it, i am not yet that paranoid...) i suggest you to keep the swap entry. on bsd systems it wont be used that much, and when it does you have usually trouble on your hands (your mileage and size of flames coming from the server might vary). if you are worried and paranoid, you can create a partition, mounted on each boot with a random key for your swap and tmp and that key will be forgotten on each reboot and a new random one used. keep the swap entry. the /tmp one is good and that's how you create one to put your /tmp in memory. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Putting partition in RAM
On Fri, Dec 07, 2007 at 04:02:15PM -0800, Ted Unangst wrote: In my fstab I have : /dev/cgd0b noneswap sw 0 0 and you are not running openbsd. the machine which is hosting mutt is not my soekris is (openbsd 4.2) the chmod should do the trick (1777) -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Putting partition in RAM
On Fri, Dec 07, 2007 at 03:06:05PM -0800, Jake Conk wrote: Ok so I added that entry and it worked fine except for one problem and that is root only had permissions to write to that directory so some services did not start up properly. I then gave the /tmp directory 0777 with chmod and rebooted my machine but it set it back to rwxr-xr-x... How do I have it so that anyone can write to the directory when the computer starts up? In my fstab I have : /dev/cgd0b noneswap sw 0 0 And my /tmp appears as this : drwxrwxrwt 3 root wheel 512 Dec 7 23:06 tmp/ the rights really appear different on my disk. your line in the fstab looks good to me :/ i think it looks like the one in the openbsd faq example. try chmod 1777 on your tmp please and tell me if it helps -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Code signing in OpenBSD
On Thu, Dec 06, 2007 at 09:08:56AM -0600, Marco Peereboom wrote: hitler already Here is yours : ++ | 1 Godwin point | ++ Bye -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Code signing in OpenBSD
On Wed, Dec 05, 2007 at 08:46:16AM -0800, new_guy wrote: Can you dismiss PKI Seems they do. The problem of signing code does not remove the problem of checking the signature. When you sign code and when you ask developers to do so, they need to own some private key which will let you check on the other side with a public key. This private key will have to be very protected. Now, what happens if there's a problem and that key is lost or stolen ? And more specifically, what will happen if this very trouble happens and no ones does see it ? The key can be stolen without anyone knowing and then ? Of course, a blatant and direct hack will be detected but someone who does steal a private key is very cautious in acting as if the key is still secure (exactly like the Allies were able to decipher Enigma encoded messages because of re-use of IV-alike blocks by german submarine crypto responsables or predictible IV-alike according to the date on calendar : the Allies could read a lot but did not act on most and let some ships go down because they needed that secret, being able to decipher, to be kept a secret in order to remain a strategical advantage). You have two main things here. The code signing can be used in the developing process to only let developers add code (this would be another layer over the authentication that already does exist when they do cvs commits to the OpenBSD source tree) and that's Theo (and his developers) choice. If the technology is available and if those clever guys dont use it, I think there's a *hint* there. History has proven Theo and his folks do know a lot about security and especially its culture. Then, you have the distribution itself. Having the hashes stored at the same place as the files itself is not the best thing because if someone is able to change a file on a FTP (be it an official or non official ftp repository) I would hope this cracker will be clever enough to also update the hash files. Having the hashes being signed in some way could help if they are stored at the same place as binary or sources files, and if it's a writable media. Ok. Why not. But how many people are really going to download sources and/or binaries and have a gnupg locally installed PLUS having the public key that goes with the signing private key and are going to check ? Very, very few. If you want this to work, it has to be automated. Otherwise, it's going to be a lot of work, a lot of time spent by people that are quite busy and not for a lot of people on the other side that will really use it. And here comes the head of the nightmare snake we all know about : implementation. Security is a good thing to have. Ideas that can improve it too. But implementation is critical, as it's very often a weak point to attack (remember Netscape's PRNG generator used to attack its SSL ?) And if I remember correctly, Theo often said that if you do think a feature is missing, you should code and shut up and when it's working, tell the people about hey guys I did start from OpenBSD and did this and that to improve the distribution security, how about using it now since it works and it's a real friendly license ? I do not think thus that adding signing to sources will help that much and if it does, the openbsd devs will do it if it's really a good thing (openbsd, openssh.. those guys fucking now what they are doing man..) Signing the hashes could help but you do know very few people are really going to check those. And when you do binary installation, you have hashes of the packages (source and binary) that are used and automatically checked when using ports. This is good because it is systematic and automated. But the problem of trust remains : a signature proves nothing. It just tells you that a package is indeed signed by someone you probably dont personally know and you should ask yourself if you trust him/her. And if it comes to a trust problem, well don't use it. History did prove them right and serious and that's enough for me. And I trust my backups first or before anything else. -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Code signing in OpenBSD
On Thu, Dec 06, 2007 at 04:03:48AM +0100, Linus Sw?las wrote: Or you pull the MD5s from another source than your packages, not bloody likely that the two different sites you've selected for download has both been hacked. This does not protect against the master site being owned though, though I guess that'd be noticed and announced. Having this being the default on ports could be a good thing perhaps. The script would download the package from a FTP and hashes from another one. But the hashes are already stored inside the folder of the package on the ports.. so to what use ? Sources that get downloaded are hashed and the value compared to the one stored by the package maintainer. And you have to trust this person to be serious. And even if he is, if he grabs the latest version of sources for XYZ and those got a hole non published (far, far more easy to use tools to check sources for potential holes to use rather than go hack their repositories...) that won't change anything. Security is a link as Bruce Schneier explained, and it will break at its weakest point. And if it breaks anywhere, the whole thing can go down. Thus, security is a constant process. You select a good quality operating system (a BSD for example) and you don't install anything on it eyes closed. And you do backups. And you store them in a media not connected to anything. And you use various tools to check everything (firewall, rootkit checker, arp tool, etc. etc. ad nauseum). It's really an education. And if you are cautious with backups and make it part of your current life, when shit happens you have solutions. And if shit can happen, it will.. :) -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: Bernstein puts qmail in public domain
On Tue, Dec 04, 2007 at 10:16:27AM -0500, Douglas A. Tutty wrote: Could you be slightly more specific? perhaps checking vulnerabilities reported compared to other products. see also how frequent the fixes are, since some bug fixes can also improve security (some bugs can be used as security holes and openbsd did teach us that many bug fixes that have not been fixed somewhere else can become security problems later, sometimes even monthes later). im not saying anything about exim in the matter, i am not competent on this domain. just some clues and trying not to talk out of my ass (is that theo's flamethrower i see in the corner ? I'm outta here!) -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
Re: In Memoriam: Jun-ichiro Hagino
Dragos Ruiu a icrit : With great sadness, I regret to inform you that Itojun will not be presenting his great knowledge of IPv6 at PacSec. I have been informed by several sources that he passed away yesterday. This is very sad. I just spent some time watching again all his youtube videos and the second one.. he talks of how ipv6 should be wide enough so we should not run out of addresses, not in his lifetime. And then he added that he hoped it would of course not be too short. Seeing this video is strange. Itojun was someone very friendly. And I mean it. Years ago I worked as a journalist for a french magazine called Login (it no longer does exist now, its mother company has gone bankrupt). For one of the issues, I had to write a big paper on Ipv6 and Itojun was, with a France Telecom ingineer specialized in ipv6 and working from Belgium, the one person that answered first when I was looking for advices and links on Internet. Itojun spent a lot of time searching and sending me documentation. Later, I learned that he had to get up early the next day but nonetheless he spent several hours in the night looking for information and writing some for me just for helping me on that paper. Itojun just did it, and didnt even talked about his half night because of this. He was someone gentle and kind and did efforts for others, and without even talking about it. Learning now that he is gone is very sad. A few years later I remember Itojun receiving from someone on one of the openbsd's mailing list a rather rude answer. I did interverne and tried to tell that person he should be more cautious of his talk because he obviously didnt do his homework before being rude to Itojun (if I remember correctly it was after a commit and something was not working perfectly after). Itojun again did not publically answer his feelings, but I remember receiving from him an email later, in private. We do meet rude people or even morons from time to time (especially in openbsd-misc, you know what I mean right ?) and this event did make something to Itojun. I could feel it really hurt him to see someone react with so much rudeness after a commit and having spent time working for the whole community. He was puzzled and really did not understand the whole thing got out of proportion like that. I spent some time after this accident talking with him and telling him about his code and snippets I had seen, and taking some fresh news since our last email exchanges for my ipv6 paper. Only talked with him twice to say, and I will never forget his kindness and being very discrete about his efforts when having to help someone just because you shared something he did like to work upon. Goodbye Itojun.
Re: The future of NetBSD
I have a dream. A dream of unification. Having one BSD. Merging the three projects and, why not, keeping incompatible stuff as options that would be either one or another. But when you tell yourself that it cannot be done, you don't even try it. It would require people to not only do it for the sake of their projects, but for the whole BSD people. Even those who really piss you off in other projects. Because someday, those projects will live on without us. We'll pass on like everyone. Am I alone thinking this ? -- unzip ; strip ; touch ; grep ; find ; finger ; mount ; fsck ; more ; yes ; fsck ; umount ; sleep
