Re: Friday's Calendar;- Beltane is evening of 30th April
Hi. There is a festival on the 30th in Edinburgh, yes. But that doesn't mean that's the one true date. At least reading the wikipedia entry will give some background. I think changing our calendar entry would be wrong. By the way, your mail would have been clearer if you'd attached a diff. jmc Original Message From: Craig Skinner Sent: Friday, 1 May 2015 11:29 To: misc@openbsd.org Subject: Fwd: Friday's Calendar;- Beltane is evening of 30th April Hiya, Beltane was last night in the capital city: - Forwarded message from Reminder Service skin...@britvault.co.uk - Date: Fri, 1 May 2015 07:09:01 +0100 (BST) From: Reminder Service skin...@britvault.co.uk To: skin...@britvault.co.uk Subject: Friday's Calendar ... .. May 01 Beltaine; Feast of the god Bel, sun god May 01 May Day in many places May 01 May Day / Beltane / Bealtaine - Celtic bonfire festival ... .. - End forwarded message - Many of my dance partners have (leading) roles in this Keltic ( other) events - superb photos of living Scottish culture: The Edinburgh Beltane 2015 Thu 30 Apr 2015, Calton Hill. Taking place at Calton Hill on the night of 30th April each year, the Beltane Fire Festival marks the beginning of summer. http://www.EdinburghTourist.Co.UK/beltane-festival-calton-hill/ The modern Beltane Fire Festival is inspired by the ancient Gaelic festival of Beltane which began on the evening before 1 May and marked the beginning of summer.[1][2][3] The modern festival was started in 1988 by a small group of enthusiasts including the musical collective Test Dept, with academic support from the School of Scottish Studies at the University of Edinburgh. Since then the festival has grown, and now involves over 300 voluntary collaborators and performers with available tickets often selling out. http://en.wikipedia.org/wiki/Beltane_Fire_Festival#Historical_background Bonfires continued to be a key part of the festival in the modern era. http://en.wikipedia.org/wiki/Beltane#Bonfires Since 1988, a Beltane Fire Festival has been held every year during the night of 30 April on Calton Hill in Edinburgh, Scotland. http://en.wikipedia.org/wiki/Beltane#Revival https://www.facebook.com/beltanefiresociety $ egrep -R 'Be[a]?lta[i]?ne' /usr/src/usr.bin/calendar /usr/src/usr.bin/calendar/calendars/calendar.history:05/01 Beltaine; Feast of the god Bel, sun god /usr/src/usr.bin/calendar/calendars/calendar.pagan:05/01May Day / Beltane / Bealtaine - Celtic bonfire festival $ fgrep -iR 'May Day' /usr/src/usr.bin/calendar /usr/src/usr.bin/calendar/calendars/calendar.holiday:05/01 May Day in many places /usr/src/usr.bin/calendar/calendars/calendar.holiday:05/07 May Day in United Kingdom /usr/src/usr.bin/calendar/calendars/calendar.pagan:05/01May Day / Beltane / Bealtaine - Celtic bonfire festival
junk directory cleanup question
from /etc/daily:
# Additional junk directory cleanup would go like this:
#if [ -d /scratch -a ! -L /scratch ]; then
# cd /scratch {
# find . ! -name . -atime +1 -execdir rm -f -- {} \;
# find . ! -name . -type d -mtime +1 -execdir rmdir -- {} \; \
# /dev/null 21; }
#fi
is this to suggest that the best thing to do is edit /etc/daily and
wedge in the directories i need cleaned up? i'm only asking because my
first thought of course would be to put this code in /etc/daily.local to
ease merging in any diffs that future upgrades might provide.
perhaps there're reasons i can't suss right now why doing this
daily.local might be sub-optimal.
appreciate any input.
Re: junk directory cleanup question
--- Daniel Ouellet [Tue, Jun 09, 2009 at 08:33:34PM -0400]: --- jmc wrote: is this to suggest that the best thing to do is edit /etc/daily and wedge in the directories i need cleaned up? i'm only asking because my first thought of course would be to put this code in /etc/daily.local to ease merging in any diffs that future upgrades might provide. From man 8 daily: doh! yes, i'm fairly certain i've seen that before--thanks for the nudge.
Re: Simple Installation (about PKG_CACHE)
--- Jose Perez Rodriguez [Fri, May 15, 2009 at 09:15:17PM +0200]: --- Hi. Yesterday I was installing packages from the ftp and i was using this: export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.5/packages/i386/; PKG_CACHE=/home/ pkg_add . But when I install a package the package and the dependencies isn't in /home. I have tried with PKG_DIR=, PKGDIR, and PKG_TMPDIR=, but the result is the same. When I installed OpenBSD 4.4 (long time ago) I used PKG_CACHE= and it worked. What could it be? Is something wrong? how long ago did this work for you? are you using sudo? if so your environment is not being preserved. read sudoers(5) and check out the env_keep option.
Re: Simple Installation (about PKG_CACHE)
--- jmc [Fri, May 15, 2009 at 03:36:55PM -0400]: --- --- Jose Perez Rodriguez [Fri, May 15, 2009 at 09:15:17PM +0200]: --- Hi. Yesterday I was installing packages from the ftp and i was using this: export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.5/packages/i386/; PKG_CACHE=/home/ pkg_add . But when I install a package the package and the dependencies isn't in /home. I have tried with PKG_DIR=, PKGDIR, and PKG_TMPDIR=, but the result is the same. When I installed OpenBSD 4.4 (long time ago) I used PKG_CACHE= and it worked. What could it be? Is something wrong? how long ago did this work for you? are you using sudo? if so your environment is not being preserved. read sudoers(5) and check out the env_keep option. ugh. scratch this. i now see that PKG_CACHE is present in the default 4.5 /etc/sudoers . i'll be right over here if anyone needs me :)
Re: Upgrade or not?
--- Alfredo Perez [Sat, May 09, 2009 at 05:54:31PM -0400]: --- Hi I am running version 4.4 and I am very happy. I use my box to ssh in and get my emails when I am away from home. Should I upgrade to 4.5? http://www.openbsd.org/plus45.html for an idea of what you'll be getting for your efforts. once you get it down for your machine's intracacies, it only takes about 30 minutes, twice a year to stay up to day. with the recent introduction of sysmerge, upgrading is as easy as ever if your machine isn't configed up too exotically. Will security fix continue come out for ver 4.4? i believe for two releases, so patch support for 4.4 will end when 4.6 is released. i'm sure i'll be corrected if i'm wrong. if i'm wrong, i think i'm not off by far.
Re: problem with some graphical apps in 4.5 on some machines
--- Rene Maroufi [Mon, Apr 27, 2009 at 10:51:43PM +0200]: --- Hi, i update 3 machines from 4.4 to 4.5. On 2 of these machines I have a very strange problem: Some graphical apps can't display graphical icons or any image. For example: Pidgin: Shows no icons (red cross instead of the icons). Audacious: Unusable, shows no application window GQview: Unusable as a image viewer, shows no images xpad: missing icons (red cross instead of the icons) Other apps works with all icons: Abiword, Inkscape, OpenOffice.org and Gimp (but image preview doesn't work). I use icewm as window manager. I reinstalled the apps and some dependencieas (with pkg_add -r -F update -F installed) like gtk+2, glitz, cairo, png and jpeg, but nothing changes. not sure if this is directly related, but did you clean out /usr/X11R6/lib/modules as per http://www.openbsd.org/faq/upgrade45.html ?
Re: Can you subscribe to the PF mailing list? I can't
--- Bob Beck [Thu, Apr 09, 2009 at 03:35:36PM -0600]: --- * Cezary Morga c...@therek.net [2009-04-09 15:14]: Nick Guenther wrote: On Wed, Apr 8, 2009 at 12:31 PM, Bryan Irvine sparcta...@gmail.com wrote: The problem is that you can't use the pf mailing list from gmail. -Bryan Because people who use gmail aren't smart enough for PF? Because it's a free webmail provider and so a source of spam? Don't think I've actually ever seen an honest to goodness *spam* sourced from gmail.. Seen lots of stupid people... Because gmail doesn't resend e-mails from the same host the first delivery attempt was made from. It fucks up spamd and every other greylisting app out there. Of course it can be worked around, but it seems not everyone is willing to do so. It's easy to work around if you put google's outbound mx blocks in nospamd table - which is what I do here. this is exactly what i have done as well. it's been talked about before, there's some good scripts to crib from in the archives to assist you. one could also use the info at http://www.dnswl.org/ (someone here pointed me to that recently). i think it's rather a shotgun approach to apply it blindly, but there are good data there to start from. one could also use the info at http://www.dnswl.org/ (someone here pointed me to that recently). i think it's rather a shotgun approach to apply it blindly, but there are good data there to start from.
Re: spamd handling multiple sending servers
--- Mikel Lindsaar [Mon, Mar 23, 2009 at 06:59:03PM +1100]: --- Hi all, New user to spamd, love it. In getting our low traffic email server running, the first thing I noticed while following the logs that sites like gmail et al will retry a message from a different host. Sometimes gmail will send once, try again very soon again from the same host and then queue it, but the queued email might be sent by a different server. check greylisting.org. there's a list of ``misbehaving mailers'' you can consider starting with. you'll need to create whitelists for these addresses to shunt them around spamd. note that this list calls it's contents ``misbehaving mailers''. some of these addresses may be just that, while others may be ranges that use pools of ip addresses for sending mail. there was once a script that was posted here that basically takes the output of a site's SPF records and creates pf tables to be used as a whitelist: dig TXT _spf.google.com. +short for example. now anytime i see a domain i know i've heard from before, i suspect a round-robining smtp send pool and just query that SPF record to create a whitelist entry for it.
Re: PF and CLamAV Integration - how to do it?
--- Marc Balmer [Thu, Mar 19, 2009 at 07:36:18PM +0100]: --- Am 19.03.2009 um 15:27 schrieb Protocol Six Consulting: Hi, I was wondering if anyone here knows how to integrate the PF firewall with ClamAV. smtp-vilter, which is in ports, does that, i started paying attention to this thread because i've been interested in setting up clamav for sometime. i noticed that there's a clamav-milter(8) that gets installed as part of the clamav package. is the general consensus of those in the know to use smtp-vilter instead of clamav-milter for these purposes?
Re: PF and CLamAV Integration - how to do it?
--- Pedro la Peu [Sat, Mar 21, 2009 at 01:35:57AM +]: --- On Friday 20 March 2009 11:15:05 jmc wrote: i started paying attention to this thread because i've been interested in setting up clamav for sometime. i noticed that there's a clamav-milter(8) that gets installed as part of the clamav package. is the general consensus of those in the know to use smtp-vilter instead of clamav-milter for these purposes? Yes, because there are no developers recommending clamav-milter. yep, that's good enough for me. i only paused to ask becuase i had not yet dealt with the milter end of my anti-virus subsystem. after installing smtp-vilter and reading the dox, it became clear it's the package i need to be using... i now have it up and running with the clamav backend only. still reading up on the rest of the possibilities.
Re: might be slightly OT: `probability in PF'
--- Artur Grabowski [Fri, Mar 13, 2009 at 01:13:10PM +0100]: --- jmc j...@cosmicnetworks.net writes: block in log quick on $ext_if from openproxies to any probability 90% is because it seems a little bofh-ly to me. and i guess it borders on security-through obscurity, which of course it not really security at all. but it seems a bit more sinister than just outright blocking, which kinda makes me snicker a bit. make the experience painful enough that they just go away. Just as a side-track, nothing to do with pf, I've done a similar thing with a service I'm running. Instead of blocking the bad guys outright, we have a blacklist of people who get randomized results from the application. Not very much, but enough to confuse the hell out of any now that is pure wretched evil, Art. but i love it!
Re: strange load values
--- Gabri Mate [Wed, Mar 11, 2009 at 08:58:15PM +0100]: --- Hey there! I have a Compaq DL580 G1 with 4x700Mhz PIII, 2GB RAM, 2x36GB U320 SCSI on a HP SmartArray 5300 with 64MB BBU. It's a general purpose 'hobby' server. The average concurrent i believe that Theo and many of the devs have said many times that the load average means nothing. here's a reference to one such thread: http://kerneltrap.org/mailarchive/openbsd-misc/2008/11/8/4041294
might be slightly OT: `probability in PF'
i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i need to know about the probability directive. thanks, devs, for that. quick story: i have a couple dozen websites spread across two OpenBSD/base apache machines. one of my clients runs a web-based forum that's experienced a bit of trouble recently with previously banned users registering multiple accounts through open proxies and causing problems (just open proxies, not tor exit nodes). the mods have quelled the activity for now, but i'm thinking of ways to help them in the future. i use sensible max-src-conn and max-src-conn-rate to be sure to DoS attacks won't cause httpd to knock down my server, but this is a solution to a different problem in my eyes---this is just trying to be a good sysadmin. i have grepped through the logs of other clients, and i don't see any evidence of any traffic from the lists of open proxies i've compiled, so i don't think this would have un-intended effects on them. the only reason i guess that i'm cautious about just getting a list of known open proxies, creating a pf table and running with something like: block in log quick on $ext_if from openproxies to any probability 90% is because it seems a little bofh-ly to me. and i guess it borders on security-through obscurity, which of course it not really security at all. but it seems a bit more sinister than just outright blocking, which kinda makes me snicker a bit. make the experience painful enough that they just go away. and i suppose i've just been dying to find a use for the probability directive. so anyway, how are _you_ using probability? does this seem inline with what it was designed for? how, if at all, do you deal with open proxies? you can respond off-list if this is really too OT for m...@. and i'm not afraid to be told this is the stupidest. idea. ever. if that's what you think. i'm also open to other ideas. thanks and cheers!
Re: might be slightly OT: `probability in PF'
--- Jeffrey 'jf' Lim [Wed, Mar 11, 2009 at 10:09:19PM +0800]: --- On Wed, Mar 11, 2009 at 10:01 PM, jmc j...@cosmicnetworks.net wrote: i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i need to know about the probability directive. thanks, devs, for that. (just as a hint to the rest who are considering whether to read through) doesnt sound philosophical to me! OK, cool. i framed it that way because i didn't want to come across as someone who was asking the list to do my thinking for me. as i suspect lots of misc@ readers do, i come from the ``be liberal in what you accept, conservative in what you send'' school. true the Big Bad Internet has and continues to change rapidly, but i personally still see value in that axiom. outside of the gift from ghod that is spamd(8), this will be the biggest divergence from that axiom that i think i have done in my years as a sys admin. i have grepped through the logs of other clients, and i don't see any evidence of any traffic from the lists of open proxies i've compiled, so i don't think this would have un-intended effects on them. dont see any evidence of *legit* traffic from the list of open proxies you've compiled, u mean. yes, that is what i mean. i also haven't figured out if it's even feasible to keep up with what i'm sure is a rapidly-changing list of open proxies on a daily basis. but that's a sys admin problem, and i'll ask for help on that separately if/when i need it. the lists that i've compiled thus far are from disparate sources, and will require a bit of work to get everything in order. thanks again!
Re: checkout src multiple times
--- Chris [Fri, Feb 27, 2009 at 01:18:56PM +1100]: --- I have had to interrupt (^c) cvs -d$CVSROOT checkout -P src command about three times. I was wondering whether checking out src three times would overwrite the old files or ignore what's already on the disk and update files that are not there or do anything else? cvs(1) will not touch what's already on disk. I know I am supposed to run cvs -d$CVSROOT checkout -P src once and once I have a tree, I can update it at a later time with cvs -d$CVSROOT up -Pd this is covered here: http://www.openbsd.org/anoncvs.html
Re: OpenBSD hosting
--- C. Bensend [Sun, Feb 22, 2009 at 08:00:59PM -0600]: --- I've been at m5hosting for the last few months and so far they're way better than what I've seen elsewhere. Maybe just a bit too expensive, if you compare the hardware with what you can get elsewhere, but they do seem to know what they're doing. I'm also a big fan of m5hosting... I've been with them for coming up on two years, and they've done a fantastic job. They've had their growing pains and are still working out some administrative wrinkles, but I've never had a bad experience dealing with them. the other thing about m5 is that they make regular donations to the OpenBSD projects and purchase CD sets. i would expect, ot at least hope, other hosting providers who support obsd do the same, but
Re: OpenBSD hosting
--- Friedrich Locke [Sun, Feb 22, 2009 at 06:54:34PM -0300]: --- Dear gentleman, i am searching for web hosting service that : supports java, support MySQL allow me shell account access for software development with access to MySQL. allow ssh/sftp access. and runs OpenBSD at least for the shell services. allow me to host dns for my domain. Is anybody aware of a such hosting services... check out m5hosting.com. i think there are shared hosting options, but for a reasonable amount of money, you can have your own dedicated host to run OpenBSD and do as you see fit, within reason. can't say enough good things about the folks at m5hosting. i'm a satisified customer only; i have no interest in the company.
spamd whitelisting not working, sure i'm missing something
i'm trying to deal with mail providers like gmail that have pools of
outgoing smtp servers that shuffle among them for mail delivery.
in the case of gmail, i've taken the output of 'dig txt _spf.google.com.
+short', parsed it appropriately, and added it to table spamd-mywhite.
(in short, i write to /etc/mail/spamd-mywhite and then use pfctl to load
up the table).
relevant pf.conf snippet:
table spamd-mywhite persist file /etc/mail/spamd-mywhite
rdr pass inet proto tcp from spamd to any port smtp - 127.0.0.1 port spamd
rdr pass inet proto tcp from !spamd-white to any port smtp - 127.0.0.1 port
spamd
rdr pass inet proto tcp from spamd-white to any port smtp - 127.0.0.1 port
smtp
rdr pass inet proto tcp from spamd-mywhite to any port smtp - 127.0.0.1 port
smtp
right now, my spamd is stuttering at some gmail addresses, which test
positively that they are in spamd-mywhite, and thus i *believe* should
be handed off directly to smtp given my rules. mail from sourceforge.com
(_spf.sourceforge.com.), mail from facebook.com, and mail from
nytimes.com all apparently worked OK, and don't get stuttered at. i'm
running 4.4-STABLE, unmodified GENERIC kernel, FWIW.
=== j...@cosmicnetworks (ttyp3) ~ {2094} 0-- sudo /sbin/pfctl -T test -t
spamd-mywhite 72.14.220.153
1/1 addresses match.
=== j...@cosmicnetworks (ttyp3) ~ {2095} 0-- sudo /sbin/pfctl -T test -t
spamd-mywhite 209.85.218.176
1/1 addresses match.
=== j...@cosmicnetworks (ttyp3) ~ {2096} 0--
for brevity sake, i didn't include my entire pf.conf. if it would help,
i can share. i just feel i'm missing something really simple and stupid
here.
--john
Re: spamd whitelisting not working, sure i'm missing something
--- (private) HKS [Mon, Feb 16, 2009 at 02:52:32PM -0500]: --- On Mon, Feb 16, 2009 at 2:29 PM, jmc j...@cosmicnetworks.net wrote: i'm trying to deal with mail providers like gmail that have pools of outgoing smtp servers that shuffle among them for mail delivery. relevant pf.conf snippet: table spamd-mywhite persist file /etc/mail/spamd-mywhite rdr pass inet proto tcp from spamd to any port smtp - 127.0.0.1 port spamd rdr pass inet proto tcp from !spamd-white to any port smtp - 127.0.0.1 port spamd rdr pass inet proto tcp from spamd-white to any port smtp - 127.0.0.1 port smtp rdr pass inet proto tcp from spamd-mywhite to any port smtp - 127.0.0.1 port smtp table spamd-mywhite persist file /etc/mail/spamd-mywhite rdr pass inet proto tcp from spamd to any port smtp - 127.0.0.1 port spamd rdr pass inet proto tcp from spamd-mywhite to any port smtp - 127.0.0.1 port smtp rdr pass inet proto tcp from !spamd-white to any port smtp - 127.0.0.1 port spamd rdr pass inet proto tcp from spamd-white to any port smtp - 127.0.0.1 port smtp There you go. cool. thanks. a few people e-mailed me directly with similar advice. i suppose i should have seen the obvious, but i am certain i had e-mails from whitelisted domains get correctly shunted around spamd, so i was refusing to see what i should have. thanks all for the nudge... --john
Re: OT: Free, online backup service provider compatible with BSD
--- Dieter [Thu, Feb 12, 2009 at 02:43:24PM +]: --- :Amen to backups, but why trust some company far away to handle things? :How do you know your data is in good hands, and that they won't slip up :let others see it? I won't mention the concept of the place going under, :financially. : at one job we rented a PO Box, and drove the tapes there on our way home from work. Since stealing from the Post Office was a Federal Offense, it was somewhat safe. Interesting use for a PO box. You can also rent a safety deposit box, and there are companies that store media for off site backups. These are off site, but not very far off site. Think Katrina scale disaster. Several hundred miles away would be better. Which involves either shipping media or having a T1 line. And you'd want this to have serious encryption in any case. i also think it's a good idea to make sure the truck/van they use to come fetch your offsites shouldn't advertise (for stealing) who they are or what they do. i'm thinking of the big trucks i've seen that have to do with a big mountain and a ferromagnetic element. i just recently hired one of these companies for $work, and wasn't too comfortable with the mobile advertisements.
Re: SSL error
--- Doug Milam [Wed, Nov 05, 2008 at 07:58:39PM -0800]: --- I've followed the SSL instructions in the FAQ, http://www.openbsd.org/faq/faq10.html#HTTPS, but I get the following error in Firefox (other browsers don't work either) SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) PF allows connections to port 443, and the IfDefine segment of my httpd.conf is enabled to listen on this port. -DSSL is enabled in rc.conf.local what happens if you `openssl s_client -connect $your_ip:443` ? are you able to negotiate a connection then? are there any hints in the httpd logs? what version of OpenBSD? have you modified httpd's default config in any other way?
Re: Hardware recommendation request
--- nuffnough [Mon, Sep 29, 2008 at 01:28:46PM +1000]: --- Or recommend dual port nics that I can use instead of my current intel nics? http://www.intel.com/products/server/adapters/pro1000mt-dualport/pro1000mt-dualport-overview.htm
Re: assembly for x86
--- G??bri M??t?? [Mon, Sep 22, 2008 at 01:45:30PM +0200]: --- Dear List, I'd like to study the assembly language of the x86 architecture. I've searched for books, but there are a lot of them. Could you please recommend me a good writer/book about this topic? i'm a beginner, but i picked up The Art of Assembly Language, a No Starch Press book by Randall Hyde. ISBN 1886411972. i'm sure there's a much longer list of book an assembly programmer should have at arm's reach, but this is the only one i'm using so far.
Re: FFS2
--- John Nietzsche [Thu, Jul 24, 2008 at 07:19:11PM -0300]: --- Dear OpenBSD friends, how may i format a slice with FFS2? and what to put into /etc/fstab i think you have to be running = 4.2 to have FFS2 support. from newfs(8): -O filesystem-format 2Enhanced fast file system (FFS2). IIRC from some list traffic, you have to be careful what filesystems you format as FFS2 because the install kernels only have FFS compiled in, and that could spell upgrade troubles. you may not need any fstab mods, i haven't experimented yet... sorry i can't help more.
Re: Cronolog Apache?
--- L. V. Lammert [Thu, Jul 03, 2008 at 01:54:45PM -0500]: --- Seems like Cronolog would be a good solution for rotating Apache logs when running Chroot'd, as it eliminates the need for stopping/restarting Apache. rotatelogs(8) works fine for me with the default chroot configuration. i'm sure i don't exercise it to the fullest, but i haven't found any particular shortcomings.
Re: Changing From headers in mail on a whim?
--- Aaron W. Hsu [Tue, Jun 17, 2008 at 03:56:02PM -0500]: --- Hey all, I was looking at mail(1) and wondering if there was any way to get control over the other headers? I haven't checked the source yet, but I couldn't find any documentation on adjusting the from headers on a whim in mail. I send mail to some people from differing addresses, and I'd prefer to be able to do this easily in mail when I need to. I am find with doing a little sendmail magic if that's what is required. Unfortunately, the information I found on the web assumed a mail version that had slightly more options than does the OpenBSD version. if you're not opposed to using something outside of base, i recommend taking a look at mutt. there are send-hooks that do the sort of thing.
Re: Enabling ipv6 in only one interface
--- carlopmart [Wed, Jun 11, 2008 at 05:44:46PM +0200]: --- Hi all, Somebody knows how can I enable ipv6 in only one interface?? How can I do?? I have an openbsd 4.3 server with 6 interfaces and I need to setup ipv6 only in one interface to test some services. have you taken a look at /etc/netstart ?
Re: Window Manager
--- Gonzalo Lionel Rodriguez [Sun, May 04, 2008 at 09:29:42PM -0300]: --- I dont know if it is the place to ask it, but that window manager uses? And why? ratpoison. easy to customize, very minimalistic.
Re: ntfs usb drive fail to mount
--- Lord Sporkton [Thu, Apr 24, 2008 at 02:32:37PM -0700]: ---7 I have an NTFS drive attached via USB that was previously attached to an XP home system [ ... ] # mount -t ntfs -r /dev/sd0i /mnt/usb2 mount_ntfs: /dev/sd0i on /mnt/usb2: Operation not supported you don't say if7you're using a GENERIC kernel or not, but from: http://www.openbsd.org/faq/faq14.html#foreignfs Once you have determined which partition it is you want to use, you can move to the final step: mounting the filesystem contained in it. Most filesystems are supported in the GENERIC kernel: just have a look at the kernel configuration file, located in the /usr/src/sys/arch/arch/conf directory. However, some are not, e.g. the NTFS support is experimental and therefore not included in GENERIC. If you want to use one of the filesystems not supported in GENERIC, you will need to build a custom kernel.
Re: ntfs usb drive fail to mount
--- Lord Sporkton [Thu, Apr 24, 2008 at 03:17:16PM -0700]: --- My appologies, i am indeed using GENERIC, I did think that perhaps it did not support ntfs, but then i also thought it would be rather absent minded to have included mount_ntfs if support was not included, thus since i had mount_ntfs, i assumed i had support for it. I will look into adding ntfs support to my kernel should just be a matter of uncommenting: #option NTFS# Experimental NTFS support and rebuilding.
Re: openbsd hosting services
--- Daniel Anderson [Mon, Mar 17, 2008 at 11:29:59AM -0700]: --- I suggest letting the OpenBSD donation page ( http://openbsd.org/donations.html ) be your first step in this process, since they've donated something to the project and it's always nice to reciprocate. Personally, I chose M5 Computer Security (U.S.-based) and have been very happy with the service. i can second the M5 recommendation. i am 100% satisfied.
Re: Marginal boot CD #1 in OpenBSD 4.2 sets
--- Austin Hook [Mon, Oct 29, 2007 at 10:49:09AM -0700]: --- older one. I presume this means the track alignment is marginal in some cases. i swapped CD drives and that solved my problem. but it sounds as if i should go retrieve that old drive from the garbage now, as i just chalked it up to a bad drive...
Re: CVS update aborts with No space left on device
--- Heinrich Rebehn [Fri, Oct 26, 2007 at 06:42:41PM +0200]: --- Hi list, when i try to update my sources using CVS i get e following error: i think the remote CVS server is giving you that message, not your machine. you could try another mirror or wait a bit and i'm sure it'll be tended to.
Re: procmail sets wrong permissions in /var/mail
On Sat, Jul 02, 2005 at 01:01:51AM +0200, Oliver Fuchs wrote: Problem: using procmail as local mailer sets the wrong permissions in /var/mail. Question: So my issue is that using procmail as local mailer sets the wrong permissions. Is this now less important and known or is it a security risk? And is the only way to avoid setting this permissions to change them in /var/mail by hand? hi. i'm not sure about `wrong', but procmail does appear to create mailboxes 660, with the group id of /var/mail (`wheel'). /etc/security complains if a mailbox is not 600. i don't know if it checks the group id or not, but normal is to use the user's default group, i think. i don't know about security risk, but you can: * alter the relevant file in /etc/mtree to not complain about perms * alter perms in /var/mail/(mailbox) by hand * alter procmail source * alter sendmail config (the local mailer define, i mean) * put up with it * something else i haven't thought of it is a bit of a pain, i agree. i spent a morning looking at this, and didn't come up with much. this issue came up as a netbsd pr (#18788) a few years ago, and they eventually closed it as 3rd party software issue, please complain to procmail maintainer. you could try that to. http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=18788 if anyone else has a more elegant solution, i'd love to know it. there are other issues with running non-base stuff like this (perms to use and so on), so i guess the winning solution is to run what is in base, since it all works nicely together. jmc
Re: wireless usb
On Sun, Jun 26, 2005 at 05:26:21PM -0500, Qv6 wrote: On Sunday 26 June 2005 09:48 am, Jonathan Gray wrote: On Sun, Jun 26, 2005 at 04:46:30AM -0500, Qv6 wrote: http://www.openbsd.org/cgi-bin/man.cgi?query=uralapropos=0sektion=4 manpath=OpenBSD+Currentarch=i386format=html I am familiar with that link and I bought one, a Belkin F5D7050 which is in the list of supported, that the system did not recognize. I just don't want to buy another one and not have it work. the ids for this device were added only a few weeks ago, so you have to run -current for it to work. otherwise it will just attach at ugen: ural0 at uhub0 port 1 ural0: Belkin Belkin 54g USB Network Adapter, rev 2.00/0.01, addr 2 ural0: MAC/BBP RT2570 (rev 0x03), RF RT2526, address 00:11:50:4c:46:59 jmc
Re: Minor patch to afterboot manpage
On Tue, May 31, 2005 at 10:41:38PM -0500, Walter Goulet wrote: Hi, I've recenly installed OpenBSD 3.7 on my Zaurus C3000. While perusing the afterboot manpage to figure out how to configure my system, I noticed that the manpage indicated that the /etc/rc.conf.local file was referred to before the manpage stated that the user had to create this file. So this patch adds a small paragraph instructing the user to create this file immediately after the root password and system date are set. I think this makes the page read better and avoids the user referring to this file before it is created. hi, i did not take the patch, but decided to put the sections of afterboot(8) into a more logical order (i hope). thanks for the report though. please use unified diffs (diff -u) next time. jmc
Re: Kernel PPPoE and NAT (trying mtu)
On Sun, May 22, 2005 at 11:51:06AM +, Adam Gleave wrote: reading in pppoe(4): Problems can arise on machines with private IPs connecting to the Inter- net via a machine running both Network Address Translation (NAT) and pppoe. Standard Ethernet uses a Maximum Transmission Unit (MTU) of 1500 bytes, whereas PPPoE mechanisms need a further 8 bytes of overhead. This leaves a maximum MTU of 1492. pppoe sets the MTU on its interface to 1492 as a matter of course. However, machines connecting on a private LAN will still have their MTUs set to 1500, causing conflict. It goes on to say: Setting the MTU on all interfaces being NAT'ed to 1492, instead of the Ethernet default, 1500. This can be done using ifconfig(8). The following would set the MTU to 1492 on interface bge0: # ifconfig bge0 mtu 1492 My question is, do you set the mtu on the box NAT'ing (fxp0, in this case), the box connecting to it, or both? if you check ifconfig(8) output, you will see that pppoe0 (your external if) has its MTU set to 1492, as explained above. the box that is being nat'ed will have its MTU at 1500, which needs adjusted. having said that, the man page also notes that not all interfaces support adjusting the MTU, so it's more practical to set max-mss, as jason says. that has some drawbacks too though ;( PS: Something weird i've noticed is: pppoe0: phase establish pppoe0: phase authenticate pppoe0: phase terminate pppoe0: phase authenticate pppoe0: phase network Any ideas why it connects, authenticates, terminates, connects again and then stays connected? This isn't a one of, it seems to happen quite consistently EVERY time. i don't know. but as long as it is not cycling through the phases continually, it's probably ok. jmc
