Re: Sudden reboot every 5-10 minutes on latest snapshot
On Sat, May 25, 2024 at 09:13:56AM +, Ali Farzanrad wrote: > > Even when azalia is disabled my system gets sudden reboots. > First sudden reboot was just after playing a music; but next 2 reboots > was happened without playing anything. > This suggests the reboots are not directly caused by the azalia's msi vs old-style interrupts. I'd suggest that you find and old enough snapshot (or release) that used to work reliably on this machine and make sure it still works reliably with the old software version. Not just an hour, use it few days for real work. This would confirm that the hardware is still OK. Take few quick notes of what devices are involved, how the machine is used, etc. Save the dmesg. If this isn't a hardware problem, then grab a new snapshot and try to understand what changed, compare the dmesg, compare the usage pattern etc. Possibly start bissecting the kernel until you find the change that causes the reboots. HTH
Re: Sudden reboot every 5-10 minutes on latest snapshot
On Sat, May 25, 2024 at 12:06:39PM +, Ali Farzanrad wrote: > Ali Farzanrad wrote: > > Alexandre Ratchov wrote: > > > On Fri, May 24, 2024 at 09:04:29PM +, Ali Farzanrad wrote: > > > > Alexandre Ratchov wrote: > > > > > On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: [...] > > I have another problem here. My USB keyboard works great in BOOTX64.EFI > > but will not work on kernel config. > > > > I created /etc/bsd.re-config file and rebooted my system twice to > > disable azalia and then checked if it is disabled using config(8) and > > dmesg(8). > > > > Even when azalia is disabled my system gets sudden reboots. > > First sudden reboot was just after playing a music; but next 2 reboots > > was happened without playing anything. > > > > > Then, just do your regular stuff and see if the system reboots. > > I tested again with my patch. When azalia is disabled, it suddenly > reboots after few minutes, without playing anything. When azalia is > enabled, it lives. > This looks to me like you are chasing down a new rabbit hole every time I open one of your emails. I'd suggest you take a step back from all the stuff you seem to be trying without having a firm grasp on how to observe or report reproducibility. Have you tried out sthen@'s advice to check old kernels + snapshots[1]? I may have missed your response to this. You wrote that you rarely got the issue prior 17-May-2024? If that *is correct*, then you should be able to bisect using the snapshot archive around what date things change. I am highlighting *is correct* above because your issue seems to be unpredictable enough that a few minutes of testing don't mean anything. I suggest you try to find a *clear difference*, meaning between a snapshot where no reboot happens for ideally a whole day of use, and the next one where it clearly happens very quickly (and reproducible at least a second or third time). Your reports also make me wonder how much customization you are running. You've mentioned at least compiling custom kernels and setting bsd.re-config. It's easy to find yourself in virtually unsolvable scenarios by configuring too much. It might be best to try a clean install, ideally without activating xenodm/X11. [1] https://marc.info/?l=openbsd-misc=171646884302309=2
Re: nginx + php = system() not working?
On 25/05/2024 17:51, F Bax wrote: I tried a few things with nginx not in chroot; but got permission errors. The message provided no clue as to which file/directory might be causing it; so eventually I gave up. After some brainstorming; we decided to run inside chroot; use php functions other than system() and use a cron job to do the work that is outside chroot. Now a new issue; nginx does not start during boot; yet does start manually - why? The following commands were issued immediately after boot. # cat /etc/rc.conf.local nginx_flags="" pkg_scripts=php83_fpm # /etc/rc.d/nginx start You forgot to run rcctl enable nginx so that nginx is added to the pkg_scripts= line. Only system daemons can be enabled by adding them as $daemon_flags= in /etc/rc.conf.local . Package daemons must be explicitely added to pkg_scripts= . Cheers, Noth nginx(ok) On Fri, May 17, 2024 at 10:19 AM Souji Thenria wrote: On Fri May 17, 2024 at 2:56 PM BST, F Bax wrote: > In /etc/rc.conf.local - I changed nginx_flags="-u -p /home/Testing" > (home directory of a real user). > reboot system and now browser is refused connection > This site can’t be reached 192.168.1.131 refused to connect. > Neither /var/www/logs/{access|error}.log is changed. > What else needs to change? Can you verify that nginx is running? You may have an error in your configuration. You can check the nginx configuration using nginx -t. Another issue might be that nginx is still running as www and doesn't have access to /home/Testing. Regards, Souji
Re: wifi
On 2024-05-24, Gustavo Rios wrote: > --b1957806193be4bf > Content-Type: text/plain; charset="UTF-8" > Content-Transfer-Encoding: quoted-printable > > Is there plan to add support ? Can't say for sure what somebody might like to work on, but from reading posts from people using these on other OS (which aren't very positive) I wouldn't think this is worth the trouble. I'd suggest looking for an iwm or iwx card in the same form factor (which shouldn't be expensive) and try swapping it.
feedback on nsh running on OpenBSD
Folks if any of you are using nsh on OpenBSD and you have any feedback likes or dislikes would be glad to hear of them, I will try to incorporate any feedback in the course on nsh in BSDCan or in the manual page for nsh Thanks -- Kindest regards, Tom Smyth.
Re: 7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
On Sat, May 25, 2024 at 07:51:31AM +0200, Comète wrote: > Hello, > > This is a link to a screenshot, I can't copy/paste at this step: > > https://ibb.co/tpr8zBz > > Thanks a lot ! > > Comete > looks fine. probably our choice of physaddr conflicting with something from efi. > Le 24 mai 2024 20:38:45 GMT+02:00, Mike Larkin a écrit : > >On Fri, May 24, 2024 at 06:59:24AM +, Comète wrote: > >> Thanks Sven, > >> > >> I can't install OpenBDS because I get the error when trying to boot the > >> install image. > >> > >> Comete > >> > > > >At the boot> prompt, can you show what "mach mem" prints? > > > >Thanks > > > >-ml > > > >> 24 mai 2024 07:48 "Sven Wolf" a écrit: > >> > >> > Hi, > >> > > >> > I had a silimar issue on a Lenovo V130. > >> > For this machine I needed to remove the amdgpu driver in the kernel. > >> > > >> > See also: > >> > https://marc.info/?l=openbsd-misc=160232897421774=2 > >> > https://marc.info/?l=openbsd-tech=160383074317608=2 > >> > > >> > Do you get the error "entry point at 0x1001000" also with the bsd.rd > >> > kernel or only after you > >> > installed the system with the bsd.mp/bsd.sp kernel? > >> > > >> > Best regards, > >> > Sven > >> > > >> > On 5/23/24 22:40, Comète wrote: > >> > > >> >> Hello, > >> >> I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI > >> >> capable only) without success. > >> >> It is stuck at boot on "entry point at 0x1001000". > >> >> Even retried after a BIOS upgrade but no luck either. > >> >> I tried with a snapshot install too with the same result. > >> >> I post here what lspci returns from a debian bookworm: > >> >> 00:00.0 Host bridge: Intel Corporation Device a706 > >> >> 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P > >> >> [Iris Xe Graphics] (rev 04) > >> >> 00:04.0 Signal processing controller: Intel Corporation Raptor Lake > >> >> Dynamic Platform and Thermal > >> >> Framework Processor Participant > >> >> 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port > >> >> 00:06.2 PCI bridge: Intel Corporation Device a73d > >> >> 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI > >> >> Express Root Port > >> >> 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI > >> >> Express Root Port > >> >> 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator > >> >> module > >> >> 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake > >> >> Crashlog and Telemetry (rev 01) > >> >> 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 > >> >> USB Controller > >> >> 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 > >> >> NHI > >> >> 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 > >> >> NHI > >> >> 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI > >> >> Host Controller (rev 01) > >> >> 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev > >> >> 01) > >> >> 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi > >> >> (rev 01) > >> >> 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial > >> >> IO I2C Controller #0 (rev > >> >> 01) > >> >> 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI > >> >> Controller (rev 01) > >> >> 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL > >> >> Redirection (rev 01) > >> >> 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root > >> >> Port #9 (rev 01) > >> >> 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART > >> >> #0 (rev 01) > >> >> 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI > >> >> Controller (rev 01) > >> >> 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller > >> >> (rev 01) > >> >> 00:1f.3 Multimedia audio controller: Intel Corporation Raptor > >> >> Lake-P/U/H cAVS (rev 01) > >> >> 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller > >> >> (rev 01) > >> >> 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI > >> >> Controller (rev 01) > >> >> 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State > >> >> Drive (DRAM-less) (rev 03) > >> >> 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE > >> >> Advanced Pro Modem (rev 01) > >> >>> Thanks for your help. > >> >> Comete > >> > > -- > Envoyé de mon téléphone. Excusez la brièveté. >
Re: nginx + php = system() not working?
I tried a few things with nginx not in chroot; but got permission errors. The message provided no clue as to which file/directory might be causing it; so eventually I gave up. After some brainstorming; we decided to run inside chroot; use php functions other than system() and use a cron job to do the work that is outside chroot. Now a new issue; nginx does not start during boot; yet does start manually - why? The following commands were issued immediately after boot. # cat /etc/rc.conf.local nginx_flags="" pkg_scripts=php83_fpm # /etc/rc.d/nginx start nginx(ok) On Fri, May 17, 2024 at 10:19 AM Souji Thenria wrote: > On Fri May 17, 2024 at 2:56 PM BST, F Bax wrote: > > In /etc/rc.conf.local - I changed nginx_flags="-u -p /home/Testing" > > (home directory of a real user). > > reboot system and now browser is refused connection > > This site can’t be reached 192.168.1.131 refused to connect. > > Neither /var/www/logs/{access|error}.log is changed. > > What else needs to change? > > Can you verify that nginx is running? > You may have an error in your configuration. You can check the nginx > configuration using nginx -t. > > Another issue might be that nginx is still running as www and doesn't > have access to /home/Testing. > > Regards, > Souji >
Re: Sudden reboot every 5-10 minutes on latest snapshot
Ali Farzanrad wrote: > Alexandre Ratchov wrote: > > On Fri, May 24, 2024 at 09:04:29PM +, Ali Farzanrad wrote: > > > Alexandre Ratchov wrote: > > > > On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: > > > > > Hi again, > > > > > > > > > > During my tests it seems that this version of kernel works fine: > > > > > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src > > > > > > > > > > But this version of kernel will cause sudden reboots without any > > > > > kernel > > > > > panic or message after 5-60 minutes in my Minisforum UM790: > > > > > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src > > > > > > > > > > After investigation I found this patch could fix my problem: > > > > > > > > > > Index: azalia.c > > > > > === > > > > > RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v > > > > > diff -u -p -r1.287 azalia.c > > > > > --- azalia.c 17 May 2024 19:43:45 - 1.287 > > > > > +++ azalia.c 24 May 2024 16:26:38 - > > > > > @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, > > > > > azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); > > > > > } > > > > > > > > > > + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ > > > > > + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { > > > > > + switch (PCI_PRODUCT(sc->pciid)) { > > > > > + case PCI_PRODUCT_AMD_17_HDA: > > > > > + case PCI_PRODUCT_AMD_17_1X_HDA: > > > > > + case PCI_PRODUCT_AMD_HUDSON2_HDA: > > > > > + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; > > > > > + } > > > > > + } > > > > > + > > > > > /* interrupt */ > > > > > if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { > > > > > printf(": can't map interrupt\n"); > > > > > > > > > > However it breaks my front 3.5mm audio port and I should use my > > > > > USB-to-3.5mm audio port adapter again. > > > > > > > > > > How may I investigate more? > > > > > > > > > > > > > could you confirm that the system reboots only while you're using the > > > > azalia device? > > > > > > I disabled sndiod, and unplugged my USB-to-3.5mm audio adapter and also > > > unplugged front 3.5mm audio port, then reboot my OpenBSD and waited on > > > xenodm login screen for few minutes; most of the time it reboots in > > > less than 10 minutes... without any interaction from me, or playing > > > anything... > > > > > > > Could you disable the azalia driver and redo your test? reboot, then > > on the boot(8) prompt type "boot -c", then "disable azalia", then > > "quit". > > I have another problem here. My USB keyboard works great in BOOTX64.EFI > but will not work on kernel config. > > I created /etc/bsd.re-config file and rebooted my system twice to > disable azalia and then checked if it is disabled using config(8) and > dmesg(8). > > Even when azalia is disabled my system gets sudden reboots. > First sudden reboot was just after playing a music; but next 2 reboots > was happened without playing anything. > > > Then, just do your regular stuff and see if the system reboots. I tested again with my patch. When azalia is disabled, it suddenly reboots after few minutes, without playing anything. When azalia is enabled, it lives.
Re: Sudden reboot every 5-10 minutes on latest snapshot
Alexandre Ratchov wrote: > On Fri, May 24, 2024 at 09:04:29PM +, Ali Farzanrad wrote: > > Alexandre Ratchov wrote: > > > On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: > > > > Hi again, > > > > > > > > During my tests it seems that this version of kernel works fine: > > > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src > > > > > > > > But this version of kernel will cause sudden reboots without any kernel > > > > panic or message after 5-60 minutes in my Minisforum UM790: > > > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src > > > > > > > > After investigation I found this patch could fix my problem: > > > > > > > > Index: azalia.c > > > > === > > > > RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v > > > > diff -u -p -r1.287 azalia.c > > > > --- azalia.c17 May 2024 19:43:45 - 1.287 > > > > +++ azalia.c24 May 2024 16:26:38 - > > > > @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, > > > > azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); > > > > } > > > > > > > > + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ > > > > + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { > > > > + switch (PCI_PRODUCT(sc->pciid)) { > > > > + case PCI_PRODUCT_AMD_17_HDA: > > > > + case PCI_PRODUCT_AMD_17_1X_HDA: > > > > + case PCI_PRODUCT_AMD_HUDSON2_HDA: > > > > + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; > > > > + } > > > > + } > > > > + > > > > /* interrupt */ > > > > if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { > > > > printf(": can't map interrupt\n"); > > > > > > > > However it breaks my front 3.5mm audio port and I should use my > > > > USB-to-3.5mm audio port adapter again. > > > > > > > > How may I investigate more? > > > > > > > > > > could you confirm that the system reboots only while you're using the > > > azalia device? > > > > I disabled sndiod, and unplugged my USB-to-3.5mm audio adapter and also > > unplugged front 3.5mm audio port, then reboot my OpenBSD and waited on > > xenodm login screen for few minutes; most of the time it reboots in > > less than 10 minutes... without any interaction from me, or playing > > anything... > > > > Could you disable the azalia driver and redo your test? reboot, then > on the boot(8) prompt type "boot -c", then "disable azalia", then > "quit". I have another problem here. My USB keyboard works great in BOOTX64.EFI but will not work on kernel config. I created /etc/bsd.re-config file and rebooted my system twice to disable azalia and then checked if it is disabled using config(8) and dmesg(8). Even when azalia is disabled my system gets sudden reboots. First sudden reboot was just after playing a music; but next 2 reboots was happened without playing anything. > Then, just do your regular stuff and see if the system reboots.
Re: unknown USB vendor
On Fri, 24 May 2024 11:51:49 +0200 Mizsei Zoltán wrote: > Probably https://wikidevi.wi-cat.ru/AMPAK_AP6212 > > Peter J. Philipp írta 2024. máj.. 24, P-n 11:39 órakor: > > Hi, > > > > I got a "are you a human?" on google so I switched to qwant.com for > > searching > > but the search is not as good. I'm looking for the USB vendor of > > this USB > > vendor id. 0x02d0, and the device id is 0xa9a6. Afaict this is a > > ure(4) > > device with a builtin usb hub. But there is no other markings on > > the outside, related to manufacturer. It does not get detected by > > default on an April > > kernel code. It does have a micro-USB cable for the raspberry pi > > zero 2 that > > I wanted to use this with. > > > > Anyone have any details on these vendor and device id's? > > > > Best Regards, > > -pjp > > > > -- > > ** all info about me: lynx https://callpeter.tel, dig loc > > delphinusdns.org ** > From an RPI 4 dmesg: ... bwfm0 at sdmmc0 function 1 manufacturer 0x02d0, product 0xa9a6 at sdmmc0 ...
Re: wifi
I have no idea It depends on a lot of tings: availbility of docs from Realtek, availability of hardware, availability of desire and time from a developer. FreeBSD has a driver, it uses their "bolt a Linux driver on a FreeBSD kernel" framework we don't have. So no easy port of that one. -Otto On Fri, May 24, 2024 at 08:54:40PM -0300, Gustavo Rios wrote: > Is there plan to add support ? > > Thanks a lot > > Em qui., 23 de mai. de 2024 às 04:10, Otto Moerbeek > escreveu: > > > On Thu, May 23, 2024 at 03:56:01AM -0300, Gustavo Rios wrote: > > > > > Here you have them: > > > > ... > > "Realtek 8821CE" rev 0x00 at pci2 dev 0 function 0 not configured > > > > That means there is no driver available in OpenBSD for that card. > > > > -Otto > > > > > -- > The lion and the tiger may be more powerful, but the wolves do not perform > in the circus
Re: Sudden reboot every 5-10 minutes on latest snapshot
On Fri, May 24, 2024 at 09:04:29PM +, Ali Farzanrad wrote: > Alexandre Ratchov wrote: > > On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: > > > Hi again, > > > > > > During my tests it seems that this version of kernel works fine: > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src > > > > > > But this version of kernel will cause sudden reboots without any kernel > > > panic or message after 5-60 minutes in my Minisforum UM790: > > > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src > > > > > > After investigation I found this patch could fix my problem: > > > > > > Index: azalia.c > > > === > > > RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v > > > diff -u -p -r1.287 azalia.c > > > --- azalia.c 17 May 2024 19:43:45 - 1.287 > > > +++ azalia.c 24 May 2024 16:26:38 - > > > @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, > > > azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); > > > } > > > > > > + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ > > > + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { > > > + switch (PCI_PRODUCT(sc->pciid)) { > > > + case PCI_PRODUCT_AMD_17_HDA: > > > + case PCI_PRODUCT_AMD_17_1X_HDA: > > > + case PCI_PRODUCT_AMD_HUDSON2_HDA: > > > + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; > > > + } > > > + } > > > + > > > /* interrupt */ > > > if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { > > > printf(": can't map interrupt\n"); > > > > > > However it breaks my front 3.5mm audio port and I should use my > > > USB-to-3.5mm audio port adapter again. > > > > > > How may I investigate more? > > > > > > > could you confirm that the system reboots only while you're using the > > azalia device? > > I disabled sndiod, and unplugged my USB-to-3.5mm audio adapter and also > unplugged front 3.5mm audio port, then reboot my OpenBSD and waited on > xenodm login screen for few minutes; most of the time it reboots in > less than 10 minutes... without any interaction from me, or playing > anything... > Could you disable the azalia driver and redo your test? reboot, then on the boot(8) prompt type "boot -c", then "disable azalia", then "quit". Then, just do your regular stuff and see if the system reboots.
Re: 7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
Hello, This is a link to a screenshot, I can't copy/paste at this step: https://ibb.co/tpr8zBz Thanks a lot ! Comete Le 24 mai 2024 20:38:45 GMT+02:00, Mike Larkin a écrit : >On Fri, May 24, 2024 at 06:59:24AM +, Comète wrote: >> Thanks Sven, >> >> I can't install OpenBDS because I get the error when trying to boot the >> install image. >> >> Comete >> > >At the boot> prompt, can you show what "mach mem" prints? > >Thanks > >-ml > >> 24 mai 2024 07:48 "Sven Wolf" a écrit: >> >> > Hi, >> > >> > I had a silimar issue on a Lenovo V130. >> > For this machine I needed to remove the amdgpu driver in the kernel. >> > >> > See also: >> > https://marc.info/?l=openbsd-misc=160232897421774=2 >> > https://marc.info/?l=openbsd-tech=160383074317608=2 >> > >> > Do you get the error "entry point at 0x1001000" also with the bsd.rd >> > kernel or only after you >> > installed the system with the bsd.mp/bsd.sp kernel? >> > >> > Best regards, >> > Sven >> > >> > On 5/23/24 22:40, Comète wrote: >> > >> >> Hello, >> >> I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI >> >> capable only) without success. >> >> It is stuck at boot on "entry point at 0x1001000". >> >> Even retried after a BIOS upgrade but no luck either. >> >> I tried with a snapshot install too with the same result. >> >> I post here what lspci returns from a debian bookworm: >> >> 00:00.0 Host bridge: Intel Corporation Device a706 >> >> 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P [Iris >> >> Xe Graphics] (rev 04) >> >> 00:04.0 Signal processing controller: Intel Corporation Raptor Lake >> >> Dynamic Platform and Thermal >> >> Framework Processor Participant >> >> 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port >> >> 00:06.2 PCI bridge: Intel Corporation Device a73d >> >> 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI >> >> Express Root Port >> >> 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI >> >> Express Root Port >> >> 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator >> >> module >> >> 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake >> >> Crashlog and Telemetry (rev 01) >> >> 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 USB >> >> Controller >> >> 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI >> >> 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI >> >> 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI >> >> Host Controller (rev 01) >> >> 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) >> >> 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi >> >> (rev 01) >> >> 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO >> >> I2C Controller #0 (rev >> >> 01) >> >> 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI >> >> Controller (rev 01) >> >> 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL >> >> Redirection (rev 01) >> >> 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root >> >> Port #9 (rev 01) >> >> 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART >> >> #0 (rev 01) >> >> 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI >> >> Controller (rev 01) >> >> 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller >> >> (rev 01) >> >> 00:1f.3 Multimedia audio controller: Intel Corporation Raptor Lake-P/U/H >> >> cAVS (rev 01) >> >> 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller >> >> (rev 01) >> >> 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI >> >> Controller (rev 01) >> >> 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State >> >> Drive (DRAM-less) (rev 03) >> >> 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE >> >> Advanced Pro Modem (rev 01) >> >>> Thanks for your help. >> >> Comete >> -- Envoyé de mon téléphone. Excusez la brièveté.
znc webadmin module V 7.4 and 7.5
Hello i was using znc on OpenBSD 7.4 and it worked correctly, then i did a clean installation of 7.5 and znc does not create the webadmin page, irssi said that webadmin module is loaded! Then i went back to 7.4 and it has the exact same behaviour. Tested adding LoadModule webadmin at znc.conf and it failed. i went to znc irc channel and they said that it could be the OpenBSD package. Could somebody help please? Thanks misc
Re: wifi
Is there plan to add support ? Thanks a lot Em qui., 23 de mai. de 2024 às 04:10, Otto Moerbeek escreveu: > On Thu, May 23, 2024 at 03:56:01AM -0300, Gustavo Rios wrote: > > > Here you have them: > > ... > "Realtek 8821CE" rev 0x00 at pci2 dev 0 function 0 not configured > > That means there is no driver available in OpenBSD for that card. > > -Otto > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: Sudden reboot every 5-10 minutes on latest snapshot
Alexandre Ratchov wrote: > On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: > > Hi again, > > > > During my tests it seems that this version of kernel works fine: > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src > > > > But this version of kernel will cause sudden reboots without any kernel > > panic or message after 5-60 minutes in my Minisforum UM790: > > > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src > > > > After investigation I found this patch could fix my problem: > > > > Index: azalia.c > > === > > RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v > > diff -u -p -r1.287 azalia.c > > --- azalia.c17 May 2024 19:43:45 - 1.287 > > +++ azalia.c24 May 2024 16:26:38 - > > @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, > > azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); > > } > > > > + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ > > + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { > > + switch (PCI_PRODUCT(sc->pciid)) { > > + case PCI_PRODUCT_AMD_17_HDA: > > + case PCI_PRODUCT_AMD_17_1X_HDA: > > + case PCI_PRODUCT_AMD_HUDSON2_HDA: > > + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; > > + } > > + } > > + > > /* interrupt */ > > if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { > > printf(": can't map interrupt\n"); > > > > However it breaks my front 3.5mm audio port and I should use my > > USB-to-3.5mm audio port adapter again. > > > > How may I investigate more? > > > > could you confirm that the system reboots only while you're using the > azalia device? I disabled sndiod, and unplugged my USB-to-3.5mm audio adapter and also unplugged front 3.5mm audio port, then reboot my OpenBSD and waited on xenodm login screen for few minutes; most of the time it reboots in less than 10 minutes... without any interaction from me, or playing anything... > when you apply above diff, is audio unstable or it doesn't work at > all? It doesn't work at all. No input, no output. Even sndioctl will freeze. However when I plug my USB-to-3.5mm audio adapter, and run sndiod with these arguments: -f rsnd/0 -F rsnd/1 I have audio output. However I don't have audio input for such a long time, maybe 2 months (if it could help I can search for latest version of kernel which my mic works with USB-to-3.5mm audio adapter). With latest kernel front 3.5mm audio port works great, both as input and as output; the only problem that I have with it is sudden reboots :(
Re: 7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
On Fri, May 24, 2024 at 06:59:24AM +, Comète wrote: > Thanks Sven, > > I can't install OpenBDS because I get the error when trying to boot the > install image. > > Comete > At the boot> prompt, can you show what "mach mem" prints? Thanks -ml > 24 mai 2024 07:48 "Sven Wolf" a écrit: > > > Hi, > > > > I had a silimar issue on a Lenovo V130. > > For this machine I needed to remove the amdgpu driver in the kernel. > > > > See also: > > https://marc.info/?l=openbsd-misc=160232897421774=2 > > https://marc.info/?l=openbsd-tech=160383074317608=2 > > > > Do you get the error "entry point at 0x1001000" also with the bsd.rd kernel > > or only after you > > installed the system with the bsd.mp/bsd.sp kernel? > > > > Best regards, > > Sven > > > > On 5/23/24 22:40, Comète wrote: > > > >> Hello, > >> I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI capable > >> only) without success. > >> It is stuck at boot on "entry point at 0x1001000". > >> Even retried after a BIOS upgrade but no luck either. > >> I tried with a snapshot install too with the same result. > >> I post here what lspci returns from a debian bookworm: > >> 00:00.0 Host bridge: Intel Corporation Device a706 > >> 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P [Iris > >> Xe Graphics] (rev 04) > >> 00:04.0 Signal processing controller: Intel Corporation Raptor Lake > >> Dynamic Platform and Thermal > >> Framework Processor Participant > >> 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port > >> 00:06.2 PCI bridge: Intel Corporation Device a73d > >> 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI > >> Express Root Port > >> 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI > >> Express Root Port > >> 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator module > >> 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake > >> Crashlog and Telemetry (rev 01) > >> 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 USB > >> Controller > >> 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI > >> 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI > >> 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI Host > >> Controller (rev 01) > >> 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) > >> 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi > >> (rev 01) > >> 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO > >> I2C Controller #0 (rev > >> 01) > >> 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI > >> Controller (rev 01) > >> 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL > >> Redirection (rev 01) > >> 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root > >> Port #9 (rev 01) > >> 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART #0 > >> (rev 01) > >> 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI Controller > >> (rev 01) > >> 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller (rev > >> 01) > >> 00:1f.3 Multimedia audio controller: Intel Corporation Raptor Lake-P/U/H > >> cAVS (rev 01) > >> 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller > >> (rev 01) > >> 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI > >> Controller (rev 01) > >> 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State > >> Drive (DRAM-less) (rev 03) > >> 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE Advanced > >> Pro Modem (rev 01) > >>> Thanks for your help. > >> Comete >
Re: Q: Problems forwarding traffic using pf ...
On Fri, May 24, 2024 at 06:04:25PM +0200, Peter N. M. Hansteen wrote: > On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > > pfctl reports: > > # pfctl -vvs rules | grep @ > > @0 block return log all > > @1 pass in log on em0 inet proto udp from 192.168.178.166 to any tag UDP > > @2 pass out log on ure0 all flags S/SA tagged UDP Why setting "flags S/SA" on a rule meant for UDP packets? > > > > I see that rule 1 is matched, but never rule 2. E.g. > > ... > > May 23 10:32:06.602759 rule 0/(match) block in on em0: 192.168.178.179.5353 > > > 224.0.0.251.5353: 46[|domain] (DF) > > May 23 10:32:06.603963 rule 0/(match) block in on em0: > > fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 46[|domain] [flowlabel > > 0xbaff9] > > May 23 10:32:09.700212 rule 0/(match) block in on em0: 192.168.178.254 > > > 224.0.0.1: igmp query [len 12] (DF) [tos 0xc0] [ttl 1] > > May 23 10:32:13.267374 rule 1/(match) pass in on em0: 192.168.178.166.56334 > > > 192.168.178.11.54321: udp 7 > > So this last one never leaves, right? > > what does the gateway's routing table say about how to reach the destination > network? > > also relevant, what is the configuration of the interfaces involved? > > I'm thinking this could be down to using RFC1918 addresses and not being > extra careful > about netmasks and routes, but we need more info on the actual configuration > to be sure. > > - Peter > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. > --
Re: Sudden reboot every 5-10 minutes on latest snapshot
On Fri, May 24, 2024 at 04:30:52PM +, Ali Farzanrad wrote: > Hi again, > > During my tests it seems that this version of kernel works fine: > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src > > But this version of kernel will cause sudden reboots without any kernel > panic or message after 5-60 minutes in my Minisforum UM790: > > # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src > > After investigation I found this patch could fix my problem: > > Index: azalia.c > === > RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v > diff -u -p -r1.287 azalia.c > --- azalia.c 17 May 2024 19:43:45 - 1.287 > +++ azalia.c 24 May 2024 16:26:38 - > @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, > azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); > } > > + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ > + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { > + switch (PCI_PRODUCT(sc->pciid)) { > + case PCI_PRODUCT_AMD_17_HDA: > + case PCI_PRODUCT_AMD_17_1X_HDA: > + case PCI_PRODUCT_AMD_HUDSON2_HDA: > + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; > + } > + } > + > /* interrupt */ > if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { > printf(": can't map interrupt\n"); > > However it breaks my front 3.5mm audio port and I should use my > USB-to-3.5mm audio port adapter again. > > How may I investigate more? > could you confirm that the system reboots only while you're using the azalia device? when you apply above diff, is audio unstable or it doesn't work at all?
Re: Sudden reboot every 5-10 minutes on latest snapshot
Hi again, During my tests it seems that this version of kernel works fine: # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 19:30" -P src But this version of kernel will cause sudden reboots without any kernel panic or message after 5-60 minutes in my Minisforum UM790: # TZ=UTC cvs -Qd /cvs get -D "2024-05-17 20:00" -P src After investigation I found this patch could fix my problem: Index: azalia.c === RCS file: /home/cvs/src/sys/dev/pci/azalia.c,v diff -u -p -r1.287 azalia.c --- azalia.c17 May 2024 19:43:45 - 1.287 +++ azalia.c24 May 2024 16:26:38 - @@ -557,6 +557,16 @@ azalia_pci_attach(struct device *parent, azalia_pci_write(sc->pc, sc->tag, ICH_PCI_MMC, reg); } + /* disable MSI for AMD Summit Ridge/Raven Ridge HD Audio */ + if (PCI_VENDOR(sc->pciid) == PCI_VENDOR_AMD) { + switch (PCI_PRODUCT(sc->pciid)) { + case PCI_PRODUCT_AMD_17_HDA: + case PCI_PRODUCT_AMD_17_1X_HDA: + case PCI_PRODUCT_AMD_HUDSON2_HDA: + pa->pa_flags &= ~PCI_FLAGS_MSI_ENABLED; + } + } + /* interrupt */ if (pci_intr_map_msi(pa, ) && pci_intr_map(pa, )) { printf(": can't map interrupt\n"); However it breaks my front 3.5mm audio port and I should use my USB-to-3.5mm audio port adapter again. How may I investigate more? > > > > My Minisforum UM790 keeps reboot every 5-10 minutes, without any Kernel > > > > Panic or visible message how may I debug it? > > > > I'm using latest OpenBSD snapshot with this amd64/BUILDINFO: > > > > Build date: 1716424636 - Thu May 23 00:37:16 UTC 2024 > > > > > > Not a lot to go on really. > > > > > > Is the machine doing anything or just idle? > > > > It get reboot even in xenodm login screen without any interaction from me. > > > > > Is X running? > > > > It's funny. I disabled the xenodm and it lived for more than 10 minutes; > > then I enabled and started xenodm and it suddenly rebooted after few > > minutes! > > > > Next time I keep xenodm running, but switched to ttyC0 terminal using > > Alt+Ctrl+F1 key and it lived for more than 10 minutes; then I just > > switched to Xorg using Alt+Ctrl+F5 and it suddenly rebooted again after > > few minutes! > > > > > Do you get the same with 7.5? if yes, try older releases - can you > > > find one where it doesn't happen? > > > > I rarely got same issue in previous snapshots (I think my last snapshot > > was for 6 days ago and I had no serious issue with that). > > > > I think I sould compile and test previous versions of xenocara, right? > > Try with just an older kernel first and leave userland alone. > ftp.hostserver.de and openbsd.cs.toronto.edu both have some old > snaps in /archive. (If no snap was built on a certain day then > the files will be identical in the archive so no point testing > when there was no change - you can use what(1) to show the > version - I'd save a few under names like /bsd.mp. > and type "boot bsd.mp." at the boot loader). > > > > > > > > > > # (dmesg; sysctl hw.sensors) > > > > OpenBSD 7.5-current (GENERIC.MP) #78: Wed May 22 18:31:14 MDT 2024 > > > > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > > > real mem = 31909883904 (30431MB) > > > > avail mem = 30921310208 (29488MB) > > > > random: good seed from bootblocks > > > > mpath0 at root > > > > scsibus0 at mpath0: 256 targets > > > > mainbus0 at root > > > > bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x9ab7f000 (45 entries) > > > > bios0: vendor American Megatrends International, LLC. version "1.01" > > > > date 06/05/2023 > > > > bios0: Micro Computer (HK) Tech Limited F7BSC > > > > efi0 at bios0: UEFI 2.8 > > > > efi0: American Megatrends rev 0x5001d > > > > acpi0 at bios0: ACPI 6.4 > > > > acpi0: sleep states S0 S4 S5 > > > > acpi0: tables DSDT FACP SSDT SSDT FIDT MCFG FPDT VFCT BGRT TPM2 SSDT > > > > CRAT CDIT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT WSMT APIC IVRS > > > > SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT > > > > acpi0: wakeup devices GPP1(S4) GPP0(S4) GPP5(S4) GPP7(S4) GP11(S4) > > > > SWUS(S4) GP12(S4) SWUS(S4) > > > > acpitimer0 at acpi0: 3579545 Hz, 32 bits > > > > acpimcfg0 at acpi0 > > > > acpimcfg0: addr 0xe000, bus 0-255 > > > > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > > > > cpu0 at mainbus0: apid 0 (boot processor) > > > > cpu0: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, > > > > 19-74-01, patch 0a704101 > > > > cpu0: cpuid 1 > > > > edx=178bfbff > > > > > > > > ecx=76f8320b > > > > cpu0: cpuid 6 eax=4 ecx=1 > > > > cpu0: cpuid 7.0 > > > > ebx=f1bf97a9 > > > > ecx=405fce edx=1000 > > > > cpu0: cpuid d.1 eax=f > > > > cpu0: cpuid 8001 edx=2fd3fbff > > > > ecx=75c237ff > > > > cpu0: cpuid 8007 edx=e799 > > > > cpu0: cpuid 8008 > > > > ebx=791ef257 > > > > cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way
Re: Q: Problems forwarding traffic using pf ...
On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > pfctl reports: > # pfctl -vvs rules | grep @ > @0 block return log all > @1 pass in log on em0 inet proto udp from 192.168.178.166 to any tag UDP > @2 pass out log on ure0 all flags S/SA tagged UDP > > I see that rule 1 is matched, but never rule 2. E.g. > ... > May 23 10:32:06.602759 rule 0/(match) block in on em0: 192.168.178.179.5353 > > 224.0.0.251.5353: 46[|domain] (DF) > May 23 10:32:06.603963 rule 0/(match) block in on em0: > fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 46[|domain] [flowlabel > 0xbaff9] > May 23 10:32:09.700212 rule 0/(match) block in on em0: 192.168.178.254 > > 224.0.0.1: igmp query [len 12] (DF) [tos 0xc0] [ttl 1] > May 23 10:32:13.267374 rule 1/(match) pass in on em0: 192.168.178.166.56334 > > 192.168.178.11.54321: udp 7 So this last one never leaves, right? what does the gateway's routing table say about how to reach the destination network? also relevant, what is the configuration of the interfaces involved? I'm thinking this could be down to using RFC1918 addresses and not being extra careful about netmasks and routes, but we need more info on the actual configuration to be sure. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: OpenBSD 7.4 in virtualize env
> Sometimes, rarely, across multiple version ( did not see it in 7.5 so far ) > the log `scsi_xfer pool exhausted` just get spammed forever, > > It doesn't crash, the device just spam the message , so it s active > > I do not have a way to create the problem , but, > i wonder if the code could be modified so the device just drop to DDB >Did you run out of memory / swap perhaps? I have noticed that occurring when my system runs out of swap space. -- jrmu IRCNow (https://ircnow.org) signature.asc Description: PGP signature
Re: OpenBSD 7.4 in virtualize env
On 2024-05-24, Sven F. wrote: > --c4123906193364e5 > Content-Type: text/plain; charset="UTF-8" > > Hello, > > Sometimes, rarely, across multiple version ( did not see it in 7.5 so far ) > the log `scsi_xfer pool exhausted` just get spammed forever, > > It doesn't crash, the device just spam the message , so it s active > > I do not have a way to create the problem , but, > i wonder if the code could be modified so the device just drop to DDB It can, just change the printf to panic. /sys/scsi/scsi_base.c r1.283 fixed the main thing triggering that problem, but it was already committed before 7.4
OpenBSD 7.4 in virtualize env
Hello, Sometimes, rarely, across multiple version ( did not see it in 7.5 so far ) the log `scsi_xfer pool exhausted` just get spammed forever, It doesn't crash, the device just spam the message , so it s active I do not have a way to create the problem , but, i wonder if the code could be modified so the device just drop to DDB something like if this pool is exhausted for "longtime" just crash (or reboot if sysctl is configured that way ) ``` bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf68b0 (9 entries) bios0: vendor SeaBIOS version "2:1.10.2-58953eb7" date 04/01/2014 bios0: OpenStack Foundation OpenStack Nova ... vioscsi0 at virtio1: qsize 128 scsibus1 at vioscsi0: 255 targets sd0 at scsibus1 targ 0 lun 0: ``` I will upgrade to 7.5 soon anyway Best.
Re: Q: Problems forwarding traffic using pf ...
Hi Guys, Thanks for the feedback, to address your points: 1> Possibly stupid question, but did you set the sysctl(s) to enable forwarding? Yes I tried this pf rule change with version 4 forwarding (net.inet.ip.forwarding) both enabled and disabled. Either way the pf "pass out tagged" rule is never matched. I didn't reboot after changing this setting. It's not clear to me if that is necessary. For the version 6 variable (net.inet6.ip6.forwarding) "man 2 sysctl" states: "... changing this variable during operation may cause serious trouble. Hence, this variable should only be set at bootstrap time." Whatever that might mean. Anyway, for the version 4 variable there no similar remark. 2> And there is also mforwarding 3> And multicast=YES rc.conf.local In this first simple proof/test I just tried to forward some UDP. So this is not yet relevant. But I think you are both right, if I get as far as doing multicasting, I'll probably need those. Out of interest I grepped in /etc and it seems that setting multicast=YES influences the netstart script. When multicast is not "YES" then the route for 224.0.0.0/4 is deleted and re-added to the IP loopback address with an option "reject". Cheers, Robb.
Re: unknown USB vendor
Probably https://wikidevi.wi-cat.ru/AMPAK_AP6212 Peter J. Philipp írta 2024. máj.. 24, P-n 11:39 órakor: > Hi, > > I got a "are you a human?" on google so I switched to qwant.com for > searching > but the search is not as good. I'm looking for the USB vendor of this > USB > vendor id. 0x02d0, and the device id is 0xa9a6. Afaict this is a > ure(4) > device with a builtin usb hub. But there is no other markings on the > outside, related to manufacturer. It does not get detected by default > on an April > kernel code. It does have a micro-USB cable for the raspberry pi zero > 2 that > I wanted to use this with. > > Anyone have any details on these vendor and device id's? > > Best Regards, > -pjp > > -- > ** all info about me: lynx https://callpeter.tel, dig loc delphinusdns.org ** -- --Z--
unknown USB vendor
Hi, I got a "are you a human?" on google so I switched to qwant.com for searching but the search is not as good. I'm looking for the USB vendor of this USB vendor id. 0x02d0, and the device id is 0xa9a6. Afaict this is a ure(4) device with a builtin usb hub. But there is no other markings on the outside, related to manufacturer. It does not get detected by default on an April kernel code. It does have a micro-USB cable for the raspberry pi zero 2 that I wanted to use this with. Anyone have any details on these vendor and device id's? Best Regards, -pjp -- ** all info about me: lynx https://callpeter.tel, dig loc delphinusdns.org **
Re: 7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
Thanks Sven, I can't install OpenBDS because I get the error when trying to boot the install image. Comete 24 mai 2024 07:48 "Sven Wolf" a écrit: > Hi, > > I had a silimar issue on a Lenovo V130. > For this machine I needed to remove the amdgpu driver in the kernel. > > See also: > https://marc.info/?l=openbsd-misc=160232897421774=2 > https://marc.info/?l=openbsd-tech=160383074317608=2 > > Do you get the error "entry point at 0x1001000" also with the bsd.rd kernel > or only after you > installed the system with the bsd.mp/bsd.sp kernel? > > Best regards, > Sven > > On 5/23/24 22:40, Comète wrote: > >> Hello, >> I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI capable >> only) without success. >> It is stuck at boot on "entry point at 0x1001000". >> Even retried after a BIOS upgrade but no luck either. >> I tried with a snapshot install too with the same result. >> I post here what lspci returns from a debian bookworm: >> 00:00.0 Host bridge: Intel Corporation Device a706 >> 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P [Iris Xe >> Graphics] (rev 04) >> 00:04.0 Signal processing controller: Intel Corporation Raptor Lake Dynamic >> Platform and Thermal >> Framework Processor Participant >> 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port >> 00:06.2 PCI bridge: Intel Corporation Device a73d >> 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI >> Express Root Port >> 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI >> Express Root Port >> 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator module >> 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake Crashlog >> and Telemetry (rev 01) >> 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 USB >> Controller >> 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI >> 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI >> 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI Host >> Controller (rev 01) >> 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) >> 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi (rev >> 01) >> 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO >> I2C Controller #0 (rev >> 01) >> 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI >> Controller (rev 01) >> 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL Redirection >> (rev 01) >> 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root Port >> #9 (rev 01) >> 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART #0 >> (rev 01) >> 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI Controller >> (rev 01) >> 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller (rev >> 01) >> 00:1f.3 Multimedia audio controller: Intel Corporation Raptor Lake-P/U/H >> cAVS (rev 01) >> 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller (rev >> 01) >> 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI >> Controller (rev 01) >> 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State >> Drive (DRAM-less) (rev 03) >> 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE Advanced >> Pro Modem (rev 01) >>> Thanks for your help. >> Comete
custom syspatch
Suppose I want to add a custom patch to a release system (backport patch from current and compile on release), but keep the system able to load more official syspatches: is it enough to put the relevant new object file (say pf.o) in /usr/share/relink/kernel/GENERIC.MP/ and just do reorder_kernel? The new object will come from manually compiling release sources kernel with specific patch backported from current (on another machine). I took for example syspatch74-009_pf.tgz Apart from the pf.o I also see vers.o and gap.o Should I also provide a new gap.o? I don't understand what this does. In Makefile I see newbsd: ${MAKE_GAP} ${SYSTEM_LD_HEAD} ${SYSTEM_LD} swapgeneric.o ${SYSTEM_LD_TAIL} rm -f bsd.gdb mv -f newbsd bsd so makegap.sh is run from ${MAKE_GAP} which seems to provide a new gap.o Thanks, G
Re: 7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
Hi, I had a silimar issue on a Lenovo V130. For this machine I needed to remove the amdgpu driver in the kernel. See also: https://marc.info/?l=openbsd-misc=160232897421774=2 https://marc.info/?l=openbsd-tech=160383074317608=2 Do you get the error "entry point at 0x1001000" also with the bsd.rd kernel or only after you installed the system with the bsd.mp/bsd.sp kernel? Best regards, Sven On 5/23/24 22:40, Comète wrote: Hello, I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI capable only) without success. It is stuck at boot on "entry point at 0x1001000". Even retried after a BIOS upgrade but no luck either. I tried with a snapshot install too with the same result. I post here what lspci returns from a debian bookworm: 00:00.0 Host bridge: Intel Corporation Device a706 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P [Iris Xe Graphics] (rev 04) 00:04.0 Signal processing controller: Intel Corporation Raptor Lake Dynamic Platform and Thermal Framework Processor Participant 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port 00:06.2 PCI bridge: Intel Corporation Device a73d 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI Express Root Port 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI Express Root Port 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator module 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake Crashlog and Telemetry (rev 01) 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 USB Controller 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI Host Controller (rev 01) 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi (rev 01) 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO I2C Controller #0 (rev 01) 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI Controller (rev 01) 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL Redirection (rev 01) 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root Port #9 (rev 01) 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART #0 (rev 01) 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI Controller (rev 01) 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller (rev 01) 00:1f.3 Multimedia audio controller: Intel Corporation Raptor Lake-P/U/H cAVS (rev 01) 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller (rev 01) 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI Controller (rev 01) 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State Drive (DRAM-less) (rev 03) 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE Advanced Pro Modem (rev 01) Thanks for your help. Comete
Re: advice debugging lockups with swap-thrashing symptoms?
You are probably haunted by a bad issue with DMA memory and running out of it. Your top is missing -SH since then you would probably see the pagedameon go bananas. The problem is you have not enough memory below 4G but the pagedaemon is not able to properly free memory there since it has no proper tracking for that condition. It only knows memory is short and tries to drop as much as possible over and over again. As a result your system becomes unresponsive. The boot loader can print the memory map. Which should show you how much memory is below 4G (I think the command is machine mem). This is a known issue and there is some work going on to fix the problem. -- :wq Claudio Thanks, Claudio. Let me know if I can help by testing anything. In case it's useful, here is the output of "machine memory" at the boot prompt. Transcribed by hand so there are probably errors. boot> machine memory Region 0: type 1 at 0x0 for 609KB Region 1: type 2 at 0xf for 64KB Region 2: type 2 at 0xfec0 for 20480KB Region 3: type 2 at 0xe000 for 262144KB Region 4: type 2 at 0x98400 for 31KB Region 5: type 2 at 0xcfdf for 64KB Region 6: type 1 at 0x10 for 3404292KB Region 7: type 3 at 0xcfde3000 for 52KB Region 8: type 4 at 0xcfde for 12KB REgion 9: type 1 at 0x1 for 13369344KB Low ram: 609KB High ram: 3404292KB Total free memory: 16774245KB -- James
7.5 install crashes on "entry point at 0x1001000" HP Elitebook 840 G10
Hello, I tried to install OpenBSD 7.5 on a new HP Elitebook 840 G10 (UEFI capable only) without success. It is stuck at boot on "entry point at 0x1001000". Even retried after a BIOS upgrade but no luck either. I tried with a snapshot install too with the same result. I post here what lspci returns from a debian bookworm: 00:00.0 Host bridge: Intel Corporation Device a706 00:02.0 VGA compatible controller: Intel Corporation Raptor Lake-P [Iris Xe Graphics] (rev 04) 00:04.0 Signal processing controller: Intel Corporation Raptor Lake Dynamic Platform and Thermal Framework Processor Participant 00:06.0 PCI bridge: Intel Corporation Raptor Lake PCIe 4.0 Graphics Port 00:06.2 PCI bridge: Intel Corporation Device a73d 00:07.0 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI Express Root Port 00:07.2 PCI bridge: Intel Corporation Raptor Lake-P Thunderbolt 4 PCI Express Root Port 00:08.0 System peripheral: Intel Corporation GNA Scoring Accelerator module 00:0a.0 Signal processing controller: Intel Corporation Raptor Lake Crashlog and Telemetry (rev 01) 00:0d.0 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 USB Controller 00:0d.2 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI 00:0d.3 USB controller: Intel Corporation Raptor Lake-P Thunderbolt 4 NHI 00:14.0 USB controller: Intel Corporation Alder Lake PCH USB 3.2 xHCI Host Controller (rev 01) 00:14.2 RAM memory: Intel Corporation Alder Lake PCH Shared SRAM (rev 01) 00:14.3 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi (rev 01) 00:15.0 Serial bus controller: Intel Corporation Alder Lake PCH Serial IO I2C Controller #0 (rev 01) 00:16.0 Communication controller: Intel Corporation Alder Lake PCH HECI Controller (rev 01) 00:16.3 Serial controller: Intel Corporation Alder Lake AMT SOL Redirection (rev 01) 00:1c.0 PCI bridge: Intel Corporation Alder Lake PCH-P PCI Express Root Port #9 (rev 01) 00:1e.0 Communication controller: Intel Corporation Alder Lake PCH UART #0 (rev 01) 00:1e.2 Serial bus controller: Intel Corporation Alder Lake SPI Controller (rev 01) 00:1f.0 ISA bridge: Intel Corporation Raptor Lake LPC/eSPI Controller (rev 01) 00:1f.3 Multimedia audio controller: Intel Corporation Raptor Lake-P/U/H cAVS (rev 01) 00:1f.4 SMBus: Intel Corporation Alder Lake PCH-P SMBus Host Controller (rev 01) 00:1f.5 Serial bus controller: Intel Corporation Alder Lake-P PCH SPI Controller (rev 01) 02:00.0 Non-Volatile memory controller: SK hynix BC901 NVMe Solid State Drive (DRAM-less) (rev 03) 57:00.0 Wireless controller [0d40]: Intel Corporation XMM7560 LTE Advanced Pro Modem (rev 01) Thanks for your help. Comete
Re: Q: Problems forwarding traffic using pf ...
On Thu, May 23, 2024 at 08:24:03PM +0300, Kapetanakis Giannis wrote: > On 23/05/2024 20:18, Peter N. M. Hansteen wrote: > > On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > > > I need to quickly create a solution for forwarding multicast traffic > > > between two systems, so I though perhaps I could use pf to do just that > > > by writing some rules along the lines of: > > > > > > 1. pass in on iface A proto UDP ... tag mcast > > > 2. pass out on iface B tagged mcast > > > > > > And another pair of rules for the reverse direction B -> A. > > > > > > (Obviously I'd add more options to filter specific addresses, etc.) > > Possibly stupid question, but did you set the sysctl(s) to enable > > forwarding? > > > > $ sysctl net.inet.ip.forwarding > > > > and > > > > $ sysctl net.inet6.ip6.forwarding > > > > will provide the answer (as in, if those values are not 1, forwarding > > between interfaces is not enabled) > > > > > And there is also mforwarding > > net.inet.ip.forwarding > net.inet.ip.mforwarding > net.inet6.ip6.forwarding > net.inet6.ip6.mforwarding > > G > And multicast=YES rc.conf.local --
Re: Q: Problems forwarding traffic using pf ...
On 23/05/2024 20:18, Peter N. M. Hansteen wrote: On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: I need to quickly create a solution for forwarding multicast traffic between two systems, so I though perhaps I could use pf to do just that by writing some rules along the lines of: 1. pass in on iface A proto UDP ... tag mcast 2. pass out on iface B tagged mcast And another pair of rules for the reverse direction B -> A. (Obviously I'd add more options to filter specific addresses, etc.) Possibly stupid question, but did you set the sysctl(s) to enable forwarding? $ sysctl net.inet.ip.forwarding and $ sysctl net.inet6.ip6.forwarding will provide the answer (as in, if those values are not 1, forwarding between interfaces is not enabled) And there is also mforwarding net.inet.ip.forwarding net.inet.ip.mforwarding net.inet6.ip6.forwarding net.inet6.ip6.mforwarding G
Re: Q: Problems forwarding traffic using pf ...
On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > I need to quickly create a solution for forwarding multicast traffic > between two systems, so I though perhaps I could use pf to do just that > by writing some rules along the lines of: > > 1. pass in on iface A proto UDP ... tag mcast > 2. pass out on iface B tagged mcast > > And another pair of rules for the reverse direction B -> A. > > (Obviously I'd add more options to filter specific addresses, etc.) Possibly stupid question, but did you set the sysctl(s) to enable forwarding? $ sysctl net.inet.ip.forwarding and $ sysctl net.inet6.ip6.forwarding will provide the answer (as in, if those values are not 1, forwarding between interfaces is not enabled) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: advice debugging lockups with swap-thrashing symptoms?
On Thu, May 23, 2024 at 03:37:24PM +, James Cook wrote: > On Thu, May 23, 2024 at 08:00:37AM GMT, Nick Holland wrote: > > On 5/23/24 03:18, Stuart Henderson wrote: > > > On 2024-05-22, James Cook wrote: > > > > One of my OpenBSD boxes sometimes gets in a weird locked-up or > > > > almost-locked-up state. I'm wondering what I can do to debug it > > > > further next time it happens. > > > ... > > > > I would also expect the cache number to be much higher. E.g. on > > > > this occasion, I was running "git annex fsck", which reads plenty > > > > of data from disk. > > > > > > Heavy filesystem access can result in this sort of thing, I used to > > > have unpacked ports source on one of my machines for grepping over, > > > the machine was pretty much unusable for anything else while that was > > > running. > > > > > > Might be worth trying some noatime mount flags if you don't already have > > > them, at least then you can avoid turning some reads into writes. > > > > > > > Definitely a possibility. Long time ago, I think I asked about the > > possibility of a "disknice" to throttle disk access on individual > > tasks. TedU@ came through for me with something that definitely solved > > my problem, and I use it from time to time since -- basically, it just > > suspends a particular program occasionally, which lets other programs > > have a chance to get disk access. I saved it (and made a tiny update > > that is needed now) and put it here: > > > > https://holland-consulting.net/scripts/disknice.html > > > > > > Also... > > I've seen disks "fail" where they get super-slow. The failure modes > > seems to be difficulty reading data...but after enough retries, it > > succeeds, resetting the retry counter back to zero, and then the next > > read encounters the same problem. You may be able to hear lots of > > activity on the drive with little obvious progress. I'm not convinced > > this is your problem, but ... something to consider. > > > > Nick. > > Thanks for the pointers. disknice sounds useful. However I am skeptical that > this can be explained away as a normal consequence of intense filesystem > access, for a few reasons. > > 1. In the past, even the mouse pointer has frozen. (I'm 95% sure of this > from memory. Will note it more carefully next time this happens.) Surely > that shouldn't depend on disk access? See also tmux/xterm updating very > slowly; does that depend on the filesystem? > > 2. The low 165M cache number makes me suspicious. With 14G free and plenty > of data being read, shouldn't that grow? E.g. right now it's at 11G (and I'm > running git annex fsck like I was before; I have a lot of data to fsck). I > believe I've seen similar small cache numbers in the past. > > 3. The git annex fsck was running on a different hard disk. (Normally it > sits in a cubpoard; I've hooked it up temporarily.) Swap, /, /home etc are > all on a different SSD. I am running the same thing now (different disk) and > perceive no impact on performance. That's not to say there wasn't intense > access to the SSD, though; Firefox is a suspect here. > > Nonetheless, if I can't make any other progress, I'll look into noatime > and/or disknice. (I really wish I could reliably reproduce this, but > unfortunately it just happens every few days or weeks with no apparent > pattern other than the system being under some load when it happens.) > > (I'll note one other thing, just in case: I also experience random crashes > and restarts with this machine that seem to be hardware-related. Very > different from what I'm describing here; has even happened during BIOS POST, > and with no disks inside the machine. I just mention it because it opens the > possibility of unreliable hardware involved, in case that changes things.) > You are probably haunted by a bad issue with DMA memory and running out of it. Your top is missing -SH since then you would probably see the pagedameon go bananas. The problem is you have not enough memory below 4G but the pagedaemon is not able to properly free memory there since it has no proper tracking for that condition. It only knows memory is short and tries to drop as much as possible over and over again. As a result your system becomes unresponsive. The boot loader can print the memory map. Which should show you how much memory is below 4G (I think the command is machine mem). This is a known issue and there is some work going on to fix the problem. -- :wq Claudio
Re: advice debugging lockups with swap-thrashing symptoms?
On Thu, May 23, 2024 at 08:00:37AM GMT, Nick Holland wrote: On 5/23/24 03:18, Stuart Henderson wrote: On 2024-05-22, James Cook wrote: One of my OpenBSD boxes sometimes gets in a weird locked-up or almost-locked-up state. I'm wondering what I can do to debug it further next time it happens. ... I would also expect the cache number to be much higher. E.g. on this occasion, I was running "git annex fsck", which reads plenty of data from disk. Heavy filesystem access can result in this sort of thing, I used to have unpacked ports source on one of my machines for grepping over, the machine was pretty much unusable for anything else while that was running. Might be worth trying some noatime mount flags if you don't already have them, at least then you can avoid turning some reads into writes. Definitely a possibility. Long time ago, I think I asked about the possibility of a "disknice" to throttle disk access on individual tasks. TedU@ came through for me with something that definitely solved my problem, and I use it from time to time since -- basically, it just suspends a particular program occasionally, which lets other programs have a chance to get disk access. I saved it (and made a tiny update that is needed now) and put it here: https://holland-consulting.net/scripts/disknice.html Also... I've seen disks "fail" where they get super-slow. The failure modes seems to be difficulty reading data...but after enough retries, it succeeds, resetting the retry counter back to zero, and then the next read encounters the same problem. You may be able to hear lots of activity on the drive with little obvious progress. I'm not convinced this is your problem, but ... something to consider. Nick. Thanks for the pointers. disknice sounds useful. However I am skeptical that this can be explained away as a normal consequence of intense filesystem access, for a few reasons. 1. In the past, even the mouse pointer has frozen. (I'm 95% sure of this from memory. Will note it more carefully next time this happens.) Surely that shouldn't depend on disk access? See also tmux/xterm updating very slowly; does that depend on the filesystem? 2. The low 165M cache number makes me suspicious. With 14G free and plenty of data being read, shouldn't that grow? E.g. right now it's at 11G (and I'm running git annex fsck like I was before; I have a lot of data to fsck). I believe I've seen similar small cache numbers in the past. 3. The git annex fsck was running on a different hard disk. (Normally it sits in a cubpoard; I've hooked it up temporarily.) Swap, /, /home etc are all on a different SSD. I am running the same thing now (different disk) and perceive no impact on performance. That's not to say there wasn't intense access to the SSD, though; Firefox is a suspect here. Nonetheless, if I can't make any other progress, I'll look into noatime and/or disknice. (I really wish I could reliably reproduce this, but unfortunately it just happens every few days or weeks with no apparent pattern other than the system being under some load when it happens.) (I'll note one other thing, just in case: I also experience random crashes and restarts with this machine that seem to be hardware-related. Very different from what I'm describing here; has even happened during BIOS POST, and with no disks inside the machine. I just mention it because it opens the possibility of unreliable hardware involved, in case that changes things.) -- James
Re: How to assign apps to cwm groups?
On 2024-05-23 22:07:27, Sadeep Madurange wrote: > I'm trying to assign xterm to group 1 and firefox to group 2. Then, > I'd like to only see a specific group at any given time. > > After logging in, I start xterm. Then I start firefox. Problem is > firefox opens right on top of my terminal. I expected it to open in > group 2 such that either it's not visible till I press 4+2 or start > firefox in group 2 and move me to group 2 automatically. Is that not > how groups work? > > Also, with the config below and firefox and terminal open, when I > press 4+1 nothing happens (I still see firefox and xterm stacked). > When I press 4+2, both windows disappears. > > Can someone please let me know how I can configure groups to work a > little like workspaces in i3, if that's possible? Actually, it seems to be working. Not sure what I did, but works as expected with the following config. sticky no autogroup 1"xterm,XTerm" autogroup 2"Firefox" # Commands command mail "xterm -e 'cd ~/Downloads && mutt -F ~/.mutt/muttrc'" command firefoxfirefox bind-key 4-Returnterminal bind-key 4-d menu-cmd bind-key 4S-rrestart bind-key 4S-equit bind-key 4S-qwindow-close bind-key 4-1group-only-1 bind-key 4-2group-only-2 bind-key 4-3group-only-3 bind-key 4-4group-only-4 bind-key 4-5group-only-5 bind-key 4-6group-only-6 bind-key 4-7group-only-7 bind-key 4-8group-only-8 bind-key 4-9group-only-9 bind-key 4S-1 window-movetogroup-1 bind-key 4S-2 window-movetogroup-2 bind-key 4S-3 window-movetogroup-3 bind-key 4S-4 window-movetogroup-4 bind-key 4S-5 window-movetogroup-5 bind-key 4S-6 window-movetogroup-6 bind-key 4S-7 window-movetogroup-7 bind-key 4S-8 window-movetogroup-8 bind-key 4S-9 window-movetogroup-9 # Mouse bindings bind-mouse M-2 window-lower bind-mouse M-3 window-resize -- Sadeep Madurange PGP: 103BF9E3E750BF7E
How to assign apps to cwm groups?
Hello, I'm trying to assign xterm to group 1 and firefox to group 2. Then, I'd like to only see a specific group at any given time. After logging in, I start xterm. Then I start firefox. Problem is firefox opens right on top of my terminal. I expected it to open in group 2 such that either it's not visible till I press 4+2 or start firefox in group 2 and move me to group 2 automatically. Is that not how groups work? Also, with the config below and firefox and terminal open, when I press 4+1 nothing happens (I still see firefox and xterm stacked). When I press 4+2, both windows disappears. Can someone please let me know how I can configure groups to work a little like workspaces in i3, if that's possible? cwmrc content: sticky no bind-key 4-Return "terminal" bind-key 4-d "menu-exec" bind-key 4S-r "restart" bind-key 4S-e "quit" bind-key 4S-q "window-close" bind-key 4-1 "group-only-1" bind-key 4-2 "group-only-2" bind-key 4-3 "group-only-3" # Groups autogroup 1 "xterm,XTerm" autogroup 2 "Firefox" # Mouse bindings bind-mouse M-2 window-lower bind-mouse M-3 window-resize -- Sadeep Madurange PGP: 103BF9E3E750BF7E
Re: Sudden reboot every 5-10 minutes on latest snapshot
On 2024/05/23 12:12, Ali Farzanrad wrote: > Hi Stuart, > > Stuart Henderson wrote: > > On 2024-05-23, Ali Farzanrad wrote: > > > Hi misc@, > > > > > > My Minisforum UM790 keeps reboot every 5-10 minutes, without any Kernel > > > Panic or visible message how may I debug it? > > > I'm using latest OpenBSD snapshot with this amd64/BUILDINFO: > > > Build date: 1716424636 - Thu May 23 00:37:16 UTC 2024 > > > > Not a lot to go on really. > > > > Is the machine doing anything or just idle? > > It get reboot even in xenodm login screen without any interaction from me. > > > Is X running? > > It's funny. I disabled the xenodm and it lived for more than 10 minutes; > then I enabled and started xenodm and it suddenly rebooted after few > minutes! > > Next time I keep xenodm running, but switched to ttyC0 terminal using > Alt+Ctrl+F1 key and it lived for more than 10 minutes; then I just > switched to Xorg using Alt+Ctrl+F5 and it suddenly rebooted again after > few minutes! > > > Do you get the same with 7.5? if yes, try older releases - can you > > find one where it doesn't happen? > > I rarely got same issue in previous snapshots (I think my last snapshot > was for 6 days ago and I had no serious issue with that). > > I think I sould compile and test previous versions of xenocara, right? Try with just an older kernel first and leave userland alone. ftp.hostserver.de and openbsd.cs.toronto.edu both have some old snaps in /archive. (If no snap was built on a certain day then the files will be identical in the archive so no point testing when there was no change - you can use what(1) to show the version - I'd save a few under names like /bsd.mp. and type "boot bsd.mp." at the boot loader). > > > > > > # (dmesg; sysctl hw.sensors) > > > OpenBSD 7.5-current (GENERIC.MP) #78: Wed May 22 18:31:14 MDT 2024 > > > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > > real mem = 31909883904 (30431MB) > > > avail mem = 30921310208 (29488MB) > > > random: good seed from bootblocks > > > mpath0 at root > > > scsibus0 at mpath0: 256 targets > > > mainbus0 at root > > > bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x9ab7f000 (45 entries) > > > bios0: vendor American Megatrends International, LLC. version "1.01" date > > > 06/05/2023 > > > bios0: Micro Computer (HK) Tech Limited F7BSC > > > efi0 at bios0: UEFI 2.8 > > > efi0: American Megatrends rev 0x5001d > > > acpi0 at bios0: ACPI 6.4 > > > acpi0: sleep states S0 S4 S5 > > > acpi0: tables DSDT FACP SSDT SSDT FIDT MCFG FPDT VFCT BGRT TPM2 SSDT CRAT > > > CDIT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT WSMT APIC IVRS SSDT > > > SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT > > > acpi0: wakeup devices GPP1(S4) GPP0(S4) GPP5(S4) GPP7(S4) GP11(S4) > > > SWUS(S4) GP12(S4) SWUS(S4) > > > acpitimer0 at acpi0: 3579545 Hz, 32 bits > > > acpimcfg0 at acpi0 > > > acpimcfg0: addr 0xe000, bus 0-255 > > > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > > > cpu0 at mainbus0: apid 0 (boot processor) > > > cpu0: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu0: cpuid 1 > > > edx=178bfbff > > > > > > ecx=76f8320b > > > cpu0: cpuid 6 eax=4 ecx=1 > > > cpu0: cpuid 7.0 > > > ebx=f1bf97a9 > > > ecx=405fce edx=1000 > > > cpu0: cpuid d.1 eax=f > > > cpu0: cpuid 8001 edx=2fd3fbff > > > ecx=75c237ff > > > cpu0: cpuid 8007 edx=e799 > > > cpu0: cpuid 8008 > > > ebx=791ef257 > > > cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 1MB > > > 64b/line 8-way L2 cache, 16MB 64b/line 16-way L3 cache > > > cpu0: smt 0, core 0, package 0 > > > mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges > > > cpu0: apic clock running at 24MHz > > > cpu0: mwait min=64, max=64, C-substates=1.1, IBE > > > cpu1 at mainbus0: apid 2 (application processor) > > > cpu1: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu1: smt 0, core 1, package 0 > > > cpu2 at mainbus0: apid 4 (application processor) > > > cpu2: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu2: smt 0, core 2, package 0 > > > cpu3 at mainbus0: apid 6 (application processor) > > > cpu3: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu3: smt 0, core 3, package 0 > > > cpu4 at mainbus0: apid 8 (application processor) > > > cpu4: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu4: smt 0, core 4, package 0 > > > cpu5 at mainbus0: apid 10 (application processor) > > > cpu5: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu5: smt 0, core 5, package 0 > > > cpu6 at mainbus0: apid 12 (application processor) > > > cpu6: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > > patch 0a704101 > > > cpu6: smt 0, core 6, package 0 > > > cpu7 at mainbus0: apid 14 (application
Re: Sudden reboot every 5-10 minutes on latest snapshot
Hi Stuart, Stuart Henderson wrote: > On 2024-05-23, Ali Farzanrad wrote: > > Hi misc@, > > > > My Minisforum UM790 keeps reboot every 5-10 minutes, without any Kernel > > Panic or visible message how may I debug it? > > I'm using latest OpenBSD snapshot with this amd64/BUILDINFO: > > Build date: 1716424636 - Thu May 23 00:37:16 UTC 2024 > > Not a lot to go on really. > > Is the machine doing anything or just idle? It get reboot even in xenodm login screen without any interaction from me. > Is X running? It's funny. I disabled the xenodm and it lived for more than 10 minutes; then I enabled and started xenodm and it suddenly rebooted after few minutes! Next time I keep xenodm running, but switched to ttyC0 terminal using Alt+Ctrl+F1 key and it lived for more than 10 minutes; then I just switched to Xorg using Alt+Ctrl+F5 and it suddenly rebooted again after few minutes! > Do you get the same with 7.5? if yes, try older releases - can you > find one where it doesn't happen? I rarely got same issue in previous snapshots (I think my last snapshot was for 6 days ago and I had no serious issue with that). I think I sould compile and test previous versions of xenocara, right? > > > > # (dmesg; sysctl hw.sensors) > > OpenBSD 7.5-current (GENERIC.MP) #78: Wed May 22 18:31:14 MDT 2024 > > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > > real mem = 31909883904 (30431MB) > > avail mem = 30921310208 (29488MB) > > random: good seed from bootblocks > > mpath0 at root > > scsibus0 at mpath0: 256 targets > > mainbus0 at root > > bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x9ab7f000 (45 entries) > > bios0: vendor American Megatrends International, LLC. version "1.01" date > > 06/05/2023 > > bios0: Micro Computer (HK) Tech Limited F7BSC > > efi0 at bios0: UEFI 2.8 > > efi0: American Megatrends rev 0x5001d > > acpi0 at bios0: ACPI 6.4 > > acpi0: sleep states S0 S4 S5 > > acpi0: tables DSDT FACP SSDT SSDT FIDT MCFG FPDT VFCT BGRT TPM2 SSDT CRAT > > CDIT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT WSMT APIC IVRS SSDT SSDT > > SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT > > acpi0: wakeup devices GPP1(S4) GPP0(S4) GPP5(S4) GPP7(S4) GP11(S4) SWUS(S4) > > GP12(S4) SWUS(S4) > > acpitimer0 at acpi0: 3579545 Hz, 32 bits > > acpimcfg0 at acpi0 > > acpimcfg0: addr 0xe000, bus 0-255 > > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > > cpu0 at mainbus0: apid 0 (boot processor) > > cpu0: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu0: cpuid 1 > > edx=178bfbff > > > > ecx=76f8320b > > cpu0: cpuid 6 eax=4 ecx=1 > > cpu0: cpuid 7.0 > > ebx=f1bf97a9 > > ecx=405fce edx=1000 > > cpu0: cpuid d.1 eax=f > > cpu0: cpuid 8001 edx=2fd3fbff > > ecx=75c237ff > > cpu0: cpuid 8007 edx=e799 > > cpu0: cpuid 8008 > > ebx=791ef257 > > cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 1MB > > 64b/line 8-way L2 cache, 16MB 64b/line 16-way L3 cache > > cpu0: smt 0, core 0, package 0 > > mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges > > cpu0: apic clock running at 24MHz > > cpu0: mwait min=64, max=64, C-substates=1.1, IBE > > cpu1 at mainbus0: apid 2 (application processor) > > cpu1: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu1: smt 0, core 1, package 0 > > cpu2 at mainbus0: apid 4 (application processor) > > cpu2: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu2: smt 0, core 2, package 0 > > cpu3 at mainbus0: apid 6 (application processor) > > cpu3: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu3: smt 0, core 3, package 0 > > cpu4 at mainbus0: apid 8 (application processor) > > cpu4: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu4: smt 0, core 4, package 0 > > cpu5 at mainbus0: apid 10 (application processor) > > cpu5: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu5: smt 0, core 5, package 0 > > cpu6 at mainbus0: apid 12 (application processor) > > cpu6: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu6: smt 0, core 6, package 0 > > cpu7 at mainbus0: apid 14 (application processor) > > cpu7: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > > patch 0a704101 > > cpu7: smt 0, core 7, package 0 > > cpu8 at mainbus0: apid 1 (application processor) > > cpu8: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > > patch 0a704101 > > cpu8: smt 1, core 0, package 0 > > cpu9 at mainbus0: apid 3 (application processor) > > cpu9: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > > patch 0a704101 > > cpu9: smt 1, core 1, package 0 > > cpu10 at mainbus0: apid 5 (application processor) > > cpu10: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > > patch 0a704101 > > cpu10:
Re: advice debugging lockups with swap-thrashing symptoms?
On 5/23/24 03:18, Stuart Henderson wrote: On 2024-05-22, James Cook wrote: One of my OpenBSD boxes sometimes gets in a weird locked-up or almost-locked-up state. I'm wondering what I can do to debug it further next time it happens. ... I would also expect the cache number to be much higher. E.g. on this occasion, I was running "git annex fsck", which reads plenty of data from disk. Heavy filesystem access can result in this sort of thing, I used to have unpacked ports source on one of my machines for grepping over, the machine was pretty much unusable for anything else while that was running. Might be worth trying some noatime mount flags if you don't already have them, at least then you can avoid turning some reads into writes. Definitely a possibility. Long time ago, I think I asked about the possibility of a "disknice" to throttle disk access on individual tasks. TedU@ came through for me with something that definitely solved my problem, and I use it from time to time since -- basically, it just suspends a particular program occasionally, which lets other programs have a chance to get disk access. I saved it (and made a tiny update that is needed now) and put it here: https://holland-consulting.net/scripts/disknice.html Also... I've seen disks "fail" where they get super-slow. The failure modes seems to be difficulty reading data...but after enough retries, it succeeds, resetting the retry counter back to zero, and then the next read encounters the same problem. You may be able to hear lots of activity on the drive with little obvious progress. I'm not convinced this is your problem, but ... something to consider. Nick.
Re: how to fsck automatically at boot
On 5/22/24 08:08, Kirill A. Korinsky wrote: On Wed, 22 May 2024 12:53:11 +0100, Nick Holland wrote: For reasons of multi-hour fsck's on a few systems, I'm looking at remounting the problem file systems as "rw" when writing is actually needed and "ro" after the writing is complete (IN THIS APPLICATION, this is known) to reduce my "at risk of power outage" window a lot, but I suspect this will fall deeply within the category of "when I break things, I get to keep all the pieces". :) Do you need atime on that FS? Disable it dramatically reduces chances of manual interraction with fsck. If you move forward and add sync which slow down write but allows to get almost zero porbability of fsck interraction. Already done. :) This is a backup system I have -- lots of symlinks, lots of files. Cool thing is, the fsck is painful, but almost never have to help the fsck along, at least once softdep was removed and they quit crashing in the middle of backups. (softdep removal really hurt these systems -- some tasks went from an hour or so to many hours...but it doesn't impact my life one bit. On the other hand, obviously I was tickling some of those softdep bugs I had heard hit some people). And in other news: couple days ago, I said I rarely need manual intervention on the systems I just yank the cords from. Well, this morning, a system I manage remotely apparently had a couple power events, and one system needed help with the fsck. That's what happens when one boasts. :D Nick.
Re: Sudden reboot every 5-10 minutes on latest snapshot
On 2024-05-23, Ali Farzanrad wrote: > Hi misc@, > > My Minisforum UM790 keeps reboot every 5-10 minutes, without any Kernel > Panic or visible message how may I debug it? > I'm using latest OpenBSD snapshot with this amd64/BUILDINFO: > Build date: 1716424636 - Thu May 23 00:37:16 UTC 2024 Not a lot to go on really. Is the machine doing anything or just idle? Is X running? Do you get the same with 7.5? if yes, try older releases - can you find one where it doesn't happen? > > # (dmesg; sysctl hw.sensors) > OpenBSD 7.5-current (GENERIC.MP) #78: Wed May 22 18:31:14 MDT 2024 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > real mem = 31909883904 (30431MB) > avail mem = 30921310208 (29488MB) > random: good seed from bootblocks > mpath0 at root > scsibus0 at mpath0: 256 targets > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x9ab7f000 (45 entries) > bios0: vendor American Megatrends International, LLC. version "1.01" date > 06/05/2023 > bios0: Micro Computer (HK) Tech Limited F7BSC > efi0 at bios0: UEFI 2.8 > efi0: American Megatrends rev 0x5001d > acpi0 at bios0: ACPI 6.4 > acpi0: sleep states S0 S4 S5 > acpi0: tables DSDT FACP SSDT SSDT FIDT MCFG FPDT VFCT BGRT TPM2 SSDT CRAT > CDIT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT WSMT APIC IVRS SSDT SSDT > SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT > acpi0: wakeup devices GPP1(S4) GPP0(S4) GPP5(S4) GPP7(S4) GP11(S4) SWUS(S4) > GP12(S4) SWUS(S4) > acpitimer0 at acpi0: 3579545 Hz, 32 bits > acpimcfg0 at acpi0 > acpimcfg0: addr 0xe000, bus 0-255 > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu0: cpuid 1 > edx=178bfbff > > ecx=76f8320b > cpu0: cpuid 6 eax=4 ecx=1 > cpu0: cpuid 7.0 > ebx=f1bf97a9 > ecx=405fce edx=1000 > cpu0: cpuid d.1 eax=f > cpu0: cpuid 8001 edx=2fd3fbff > ecx=75c237ff > cpu0: cpuid 8007 edx=e799 > cpu0: cpuid 8008 > ebx=791ef257 > cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line > 8-way L2 cache, 16MB 64b/line 16-way L3 cache > cpu0: smt 0, core 0, package 0 > mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges > cpu0: apic clock running at 24MHz > cpu0: mwait min=64, max=64, C-substates=1.1, IBE > cpu1 at mainbus0: apid 2 (application processor) > cpu1: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu1: smt 0, core 1, package 0 > cpu2 at mainbus0: apid 4 (application processor) > cpu2: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu2: smt 0, core 2, package 0 > cpu3 at mainbus0: apid 6 (application processor) > cpu3: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu3: smt 0, core 3, package 0 > cpu4 at mainbus0: apid 8 (application processor) > cpu4: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu4: smt 0, core 4, package 0 > cpu5 at mainbus0: apid 10 (application processor) > cpu5: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu5: smt 0, core 5, package 0 > cpu6 at mainbus0: apid 12 (application processor) > cpu6: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu6: smt 0, core 6, package 0 > cpu7 at mainbus0: apid 14 (application processor) > cpu7: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, > patch 0a704101 > cpu7: smt 0, core 7, package 0 > cpu8 at mainbus0: apid 1 (application processor) > cpu8: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu8: smt 1, core 0, package 0 > cpu9 at mainbus0: apid 3 (application processor) > cpu9: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu9: smt 1, core 1, package 0 > cpu10 at mainbus0: apid 5 (application processor) > cpu10: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu10: smt 1, core 2, package 0 > cpu11 at mainbus0: apid 7 (application processor) > cpu11: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu11: smt 1, core 3, package 0 > cpu12 at mainbus0: apid 9 (application processor) > cpu12: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu12: smt 1, core 4, package 0 > cpu13 at mainbus0: apid 11 (application processor) > cpu13: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu13: smt 1, core 5, package 0 > cpu14 at mainbus0: apid 13 (application processor) > cpu14: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 > cpu14: smt 1, core 6, package 0 > cpu15 at mainbus0: apid 15 (application processor) > cpu15: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, > patch 0a704101 >
Sudden reboot every 5-10 minutes on latest snapshot
Hi misc@, My Minisforum UM790 keeps reboot every 5-10 minutes, without any Kernel Panic or visible message how may I debug it? I'm using latest OpenBSD snapshot with this amd64/BUILDINFO: Build date: 1716424636 - Thu May 23 00:37:16 UTC 2024 # (dmesg; sysctl hw.sensors) OpenBSD 7.5-current (GENERIC.MP) #78: Wed May 22 18:31:14 MDT 2024 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 31909883904 (30431MB) avail mem = 30921310208 (29488MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x9ab7f000 (45 entries) bios0: vendor American Megatrends International, LLC. version "1.01" date 06/05/2023 bios0: Micro Computer (HK) Tech Limited F7BSC efi0 at bios0: UEFI 2.8 efi0: American Megatrends rev 0x5001d acpi0 at bios0: ACPI 6.4 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP SSDT SSDT FIDT MCFG FPDT VFCT BGRT TPM2 SSDT CRAT CDIT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT WSMT APIC IVRS SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices GPP1(S4) GPP0(S4) GPP5(S4) GPP7(S4) GP11(S4) SWUS(S4) GP12(S4) SWUS(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimcfg0 at acpi0 acpimcfg0: addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu0: cpuid 1 edx=178bfbff ecx=76f8320b cpu0: cpuid 6 eax=4 ecx=1 cpu0: cpuid 7.0 ebx=f1bf97a9 ecx=405fce edx=1000 cpu0: cpuid d.1 eax=f cpu0: cpuid 8001 edx=2fd3fbff ecx=75c237ff cpu0: cpuid 8007 edx=e799 cpu0: cpuid 8008 ebx=791ef257 cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 8-way L2 cache, 16MB 64b/line 16-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 24MHz cpu0: mwait min=64, max=64, C-substates=1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu3: smt 0, core 3, package 0 cpu4 at mainbus0: apid 8 (application processor) cpu4: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu4: smt 0, core 4, package 0 cpu5 at mainbus0: apid 10 (application processor) cpu5: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu5: smt 0, core 5, package 0 cpu6 at mainbus0: apid 12 (application processor) cpu6: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu6: smt 0, core 6, package 0 cpu7 at mainbus0: apid 14 (application processor) cpu7: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.00 MHz, 19-74-01, patch 0a704101 cpu7: smt 0, core 7, package 0 cpu8 at mainbus0: apid 1 (application processor) cpu8: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu8: smt 1, core 0, package 0 cpu9 at mainbus0: apid 3 (application processor) cpu9: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu9: smt 1, core 1, package 0 cpu10 at mainbus0: apid 5 (application processor) cpu10: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu10: smt 1, core 2, package 0 cpu11 at mainbus0: apid 7 (application processor) cpu11: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu11: smt 1, core 3, package 0 cpu12 at mainbus0: apid 9 (application processor) cpu12: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu12: smt 1, core 4, package 0 cpu13 at mainbus0: apid 11 (application processor) cpu13: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu13: smt 1, core 5, package 0 cpu14 at mainbus0: apid 13 (application processor) cpu14: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu14: smt 1, core 6, package 0 cpu15 at mainbus0: apid 15 (application processor) cpu15: AMD Ryzen 9 7940HS w/ Radeon 780M Graphics, 4000.01 MHz, 19-74-01, patch 0a704101 cpu15: smt 1, core 7, package 0 ioapic0 at mainbus0: apid 33 pa 0xfec0, version 21, 24 pins, can't remap ioapic1 at mainbus0: apid 34 pa 0xfec01000, version 21, 32 pins, can't remap acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (GPP1) acpiprt2 at acpi0: bus -1 (GPP2) acpiprt3 at acpi0: bus -1 (GPP0) acpiprt4 at acpi0: bus -1 (GPP3) acpiprt5 at acpi0: bus -1 (GPP4) acpiprt6 at acpi0: bus 2 (GPP5) acpiprt7 at acpi0: bus -1 (GPP6) acpiprt8 at
Q: Problems forwarding traffic using pf ...
Hi All, I need to quickly create a solution for forwarding multicast traffic between two systems, so I though perhaps I could use pf to do just that by writing some rules along the lines of: 1. pass in on iface A proto UDP ... tag mcast 2. pass out on iface B tagged mcast And another pair of rules for the reverse direction B -> A. (Obviously I'd add more options to filter specific addresses, etc.) So I tried to do a quick test / proof of concept. Here is the pf.conf: # cat pf.conf set skip on lo0 set block-policy return set debug warning # Begin by blocking everything block log all # Begin by blocking everything pass in log on em0proto udp from 192.168.178.166 tag UDP pass out log on ure0 tagged UDP ###match route dup-to ure0 tagged TAG_UP # Allow all outbound #pass out log modulate state The two "pass" lines are the basis of the idea. This seems to be pretty much identical to the tagging example "INTNET" in the pf.conf man page. pfctl reports: # pfctl -vvs rules | grep @ @0 block return log all @1 pass in log on em0 inet proto udp from 192.168.178.166 to any tag UDP @2 pass out log on ure0 all flags S/SA tagged UDP I see that rule 1 is matched, but never rule 2. E.g. ... May 23 10:32:06.602759 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 46[|domain] (DF) May 23 10:32:06.603963 rule 0/(match) block in on em0: fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 46[|domain] [flowlabel 0xbaff9] May 23 10:32:09.700212 rule 0/(match) block in on em0: 192.168.178.254 > 224.0.0.1: igmp query [len 12] (DF) [tos 0xc0] [ttl 1] May 23 10:32:13.267374 rule 1/(match) pass in on em0: 192.168.178.166.56334 > 192.168.178.11.54321: udp 7 May 23 10:32:20.592971 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 16 [3q][|domain] (DF) May 23 10:32:21.136275 rule 0/(match) block in on em0: 192.168.178.252.5353 > 224.0.0.251.5353: 48084+[|domain] May 23 10:32:21.137074 rule 0/(match) block in on em0: 192.168.178.252.5353 > 224.0.0.251.5353: 0* [0q] 3/0/3[|domain] ... May 23 10:32:48.588466 rule 1/(match) pass in on em0: 192.168.178.166.56335 > 192.168.178.11.54321: udp 42 May 23 10:32:49.705282 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 0[|domain] (DF) May 23 10:32:49.705839 rule 0/(match) block in on em0: fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 0[|domain] [flowlabel 0xbaff9] ... I must be missing something, but what? Both interfaces are up and configured with IP addresses. I'm running the current snapshot i.e. 7.5 GENERIC.MP#77 amd64. Thanks in advance! Cheers, Robb.
Re: wifi
>From a quick glance it is a bog-standard m.2 / NGFF card, so it should be >fairly trivial to replace the card with a supported one, see the removal >steps at 01:30 : https://www.youtube.com/watch?app=desktop=dqJ9LjY0Jco Stuart Henderson írta 2024. máj.. 23, Cs-n 09:23 órakor: > On 2024-05-23, Gustavo Rios wrote: >> --1fa3f9061917b744 >> Content-Type: text/plain; charset="UTF-8" >> >> Hi folks! >> >> I would like to setup my openbsd wifi but up to now, no success. >> Here is my lspci output. May some one help me ? >> >> Thanks a lot. >> >> 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE >> 802.11ac PCIe Wireless Network Adapter > > OpenBSD doesn't support Realtek 11ac wifi. > > > -- > Please keep replies on the mailing list. -- --Z--
Re: wifi
On 2024-05-23, Gustavo Rios wrote: > --1fa3f9061917b744 > Content-Type: text/plain; charset="UTF-8" > > Hi folks! > > I would like to setup my openbsd wifi but up to now, no success. > Here is my lspci output. May some one help me ? > > Thanks a lot. > > 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE > 802.11ac PCIe Wireless Network Adapter OpenBSD doesn't support Realtek 11ac wifi. -- Please keep replies on the mailing list.
Re: advice debugging lockups with swap-thrashing symptoms?
On 2024-05-22, James Cook wrote: > One of my OpenBSD boxes sometimes gets in a weird locked-up or > almost-locked-up state. I'm wondering what I can do to debug it > further next time it happens. ... > I would also expect the cache number to be much higher. E.g. on > this occasion, I was running "git annex fsck", which reads plenty > of data from disk. Heavy filesystem access can result in this sort of thing, I used to have unpacked ports source on one of my machines for grepping over, the machine was pretty much unusable for anything else while that was running. Might be worth trying some noatime mount flags if you don't already have them, at least then you can avoid turning some reads into writes.
Re: wifi
On Thu, May 23, 2024 at 03:56:01AM -0300, Gustavo Rios wrote: > Here you have them: ... "Realtek 8821CE" rev 0x00 at pci2 dev 0 function 0 not configured That means there is no driver available in OpenBSD for that card. -Otto
Re: wifi
Here you have them: Em qui., 23 de mai. de 2024 às 02:59, Otto Moerbeek escreveu: > On Thu, May 23, 2024 at 01:44:57AM -0300, Gustavo Rios wrote: > > > Hi folks! > > > > I would like to setup my openbsd wifi but up to now, no success. > > Here is my lspci output. May some one help me ? > > > > Thanks a lot. > > > > 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE > > 802.11ac PCIe Wireless Network Adapter > > > > -- > > The lion and the tiger may be more powerful, but the wolves do not > perform > > in the circus > > It helps more to send a dmesg, to see what the kernel thinks about the > device, > > -Otto > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus OpenBSD 7.5 (GENERIC.MP) #82: Wed Mar 20 15:48:40 MDT 2024 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8242978816 (7861MB) avail mem = 7972106240 (7602MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.4 @ 0x5d033000 (75 entries) bios0: vendor Dell Inc. version "1.16.0" date 06/20/2023 bios0: Dell Inc. Inspiron 15 3520 efi0 at bios0: UEFI 2.7 efi0: Dell rev 0x1 acpi0 at bios0: ACPI 6.3 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP SSDT SSDT SSDT HPET APIC MCFG SSDT SSDT SSDT NHLT SSDT LPIT SSDT SSDT DBGP DBG2 BOOT MSDM SSDT TPM2 DMAR SSDT SSDT SSDT SSDT PHAT BGRT FPDT acpi0: wakeup devices PEG0(S4) PEGP(S4) PEGP(S4) PEG2(S4) PEGP(S4) XHCI(S0) XDCI(S4) HDAS(S4) CNVW(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 1920 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.68 MHz, 06-9a-04, patch 042a cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 38MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.2.0.1.0.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.69 MHz, 06-9a-04, patch 042a cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 8 (application processor) cpu2: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042a cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu2: smt 0, core 4, package 0 cpu3 at mainbus0: apid 9 (application processor) cpu3: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042a cpu3:
Re: wifi
On Thu, May 23, 2024 at 01:44:57AM -0300, Gustavo Rios wrote: > Hi folks! > > I would like to setup my openbsd wifi but up to now, no success. > Here is my lspci output. May some one help me ? > > Thanks a lot. > > 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE > 802.11ac PCIe Wireless Network Adapter > > -- > The lion and the tiger may be more powerful, but the wolves do not perform > in the circus It helps more to send a dmesg, to see what the kernel thinks about the device, -Otto
wifi
Hi folks! I would like to setup my openbsd wifi but up to now, no success. Here is my lspci output. May some one help me ? Thanks a lot. 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE 802.11ac PCIe Wireless Network Adapter -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
advice debugging lockups with swap-thrashing symptoms?
Hi, One of my OpenBSD boxes sometimes gets in a weird locked-up or almost-locked-up state. I'm wondering what I can do to debug it further next time it happens. It feels like swap thrashing, but top reports plenty of memory free. Symptoms: 1. top reports lots of free memory, small act/tot and cache amounts, and some swap space used. See example output of "top -ud1" below. Note I ran pkill -9 firefox before running that command, so apparently it's taking a while even for kill -9 to have an effect. It's weird the act/tot amounts are so small when free is so high. I would also expect the cache number to be much higher. E.g. on this occasion, I was running "git annex fsck", which reads plenty of data from disk. With my vague understanding of the vm system I would expect this to result in lots being cached. 3. Hard disk light is constantly active. (Swapping?) 2. System is completely or almost completely unresponsive. Usually when this happens the X11 display appears completely frozen and I can't ssh to the machine, switch to another virtual terminal, or otherwise interact. (I think pinging the box still works in this case.) I will sometimes notice the system slowing down for a minute or so, and hard disk activity increasing, before it completely grinds to a halt. The most recent time I got lucky, and I could still use ssh and run simple commands like top and dmesg. After several minutes, I even saw the X11 display update. My tmux-in-xterm windows were still trying to redraw themselves for several minutes after being resized: a few lines were displayed but many were still missing. Just now, about 40 minutes after the lock-up, my system started responding quickly again, as if nothing was ever wrong. Maybe it hepled that I killed some processes including firefox, but I did that probably more than 10 minutes ago. below dmesg is from when it was in the almost-locked-up state. I think the filesystem full messages at the end can be ignored; that was an issue I resolved earlier. I'm pretty sure I've observed this on 7.4 and/or 7.5 before I switched to current. -- James angel ~ $ top -ud1 load averages: 8.17, 10.86, 10.03angel.falsifian.org 18:44:22 200 processes: 1 starting, 6 running, 171 idle, 1 stopped, 18 dead, 3 on processor up 0 days 04:10:10 CPU0 states: 7.6% user, 0.0% nice, 8.4% sys, 6.6% spin, 2.6% intr, 74.8% idle CPU1 states: 10.1% user, 0.0% nice, 10.6% sys, 4.8% spin, 0.0% intr, 74.5% idle CPU2 states: 9.8% user, 0.0% nice, 10.3% sys, 4.9% spin, 0.0% intr, 75.0% idle Memory: Real: 88K/1197M act/tot Free: 14G Cache: 165M Swap: 1046M/32G PIDUID PRI NICE SIZE RES STATE WAIT TIMECPU COMMAND 77712 1000620 39M 20K run/1 - 3:21 30.52% tmux 79301 1000600 1752K 20K run/1 - 0:42 29.59% sshd-session 96911 48620 10M 20K run/2 - 1:30 26.56% unwind 9794 35610 133M 3156K onproc/2 - 8:12 25.20% Xorg 59778 1000100 610M 20M run/1 thrdeat 19:05 10.84% firefox 27864 1000180 1308K4K sleep/0 sigsusp 0:31 4.98% sh 48161 1000-60 1308K4K sleep/2 piperd0:31 4.59% sh dmesg: OpenBSD 7.5-current (GENERIC.MP) #77: Sun May 19 16:08:08 MDT 2024 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17160474624 (16365MB) avail mem = 16619134976 (15849MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (59 entries) bios0: vendor Award Software International, Inc. version "F7" date 11/20/2009 bios0: Gigabyte Technology Co., Ltd. GA-MA790XT-UD4P acpi0 at bios0: ACPI 1.0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT HPET MCFG TAMG APIC acpi0: wakeup devices PCI0(S5) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) USB6(S3) SBAZ(S4) P2P_(S5) PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimcfg0 at acpi0 acpimcfg0: addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Phenom(tm) II X3 710 Processor, 2611.93 MHz, 10-04-02, patch 01db cpu0: cpuid 1 edx=178bfbff ecx=802009 cpu0: cpuid 8001 edx=efd3fbff ecx=37ff cpu0: cpuid 8007 edx=1f9 cpu0: 64KB 64b/line 2-way D-cache, 64KB 64b/line 2-way I-cache cpu0: 512KB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: AMD erratum 721 detected and fixed mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 200MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Phenom(tm) II X3 710 Processor, 2611.94 MHz, 10-04-02, patch 01db cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: AMD Phenom(tm) II X3 710 Processor, 2612.02 MHz,
Re: how to fsck automatically at boot
On 2024-05-22, Kirill A Korinsky wrote: > On Wed, 22 May 2024 12:53:11 +0100, > Nick Holland wrote: >> > Do you need atime on that FS? Disable it dramatically reduces chances of > manual interraction with fsck. btw: you probably _do_ want atime on /tmp (see /etc/daily). But that's a fairly good candidate for MFS anyway.
Re: httpd & nextcloud
On Wed May 22, 2024 at 4:46 PM BST, Am Jam wrote: Your tip led me in the right direction and I now have what I need. Thank you! Glad I could help. One thing to note. I had to add the following line to get everything to work: - location "/" { block return 301 "$https://$SERVER_NAME/index.php; } I added this line because, for some reason, without this line, navigating to "www.domain.com" would fail. But I noticed that navigating specifically to "www.domain.com/index.php" worked. You might be able to resolve this, by putting the directory index configuration directory index "index.php" in this location context: location "/*.php*" { root "/nextcloud" fastcgi socket "/run/php-fpm.sock" pass } I'm not sure if you can specify the directory index for an entire server context or if you need to define it inside a location context.
Re: httpd & nextcloud
Hi Souji, Your tip led me in the right direction and I now have what I need. Thank you! One thing to note. I had to add the following line to get everything to work: - location "/" { block return 301 "$https://$SERVER_NAME/index.php; } I added this line because, for some reason, without this line, navigating to "www.domain.com" would fail. But I noticed that navigating specifically to "www.domain.com/index.php" worked. For posterity's sake, here is my "working" /etc/httpd.conf: server "www.domain.com" { listen on * tls port 443 # acme-challenge TLS location location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } # enable HTTP Strict Transport Security hsts { preload subdomains max-age 15768000 } tls { certificate "/etc/ssl/domain.io.fullchain.pem" key "/etc/ssl/private/domain.io.key" } # set max upload size to 1G (in bytes) connection max request body 1048576000 connection max requests 1000 connection request timeout 3600 connection timeout 3600 # set root directory root "/nextcloud" directory index "index.php" block drop # ensure that no "*.php*" files can be fetched from these directories location "/config/*" { block drop } location "/data/*" { block drop } location "/*.php*" { root "/nextcloud" fastcgi socket "/run/php-fpm.sock" pass } location "/dist/*" { root "/nextcloud" pass } location "/apps/*" { root "/nextcloud" pass } location "/core/*" { root "/nextcloud" pass } location "/updater/*" { root "/nextcloud" pass } location "/" { block return 301 "https://$SERVER_NAME/index.php; } location "/nextcloud" { block return 301 "$DOCUMENT_URI/index.php" } location "/nextcloud/" { block return 301 "$DOCUMENT_URI/index.php" } location "/.well-known/carddav" { block return 301 "https://$SERVER_NAME/remote.php/dav; } location "/.well-known/caldav" { block return 301 "https://$SERVER_NAME/remote.php/dav; } location "/.well-known/webfinger" { block return 301 "/index.php/.well-known/webfinger" } location "/.well-known/nodeinfo" { block return 301 "/index.php/.well-known/nodeinfo" } location "/ocs-provider/*" { block return 301 "$DOCUMENT_URI/index.php" } location "/ocm-provider/*" { block return 301 "$DOCUMENT_URI/index.php" } } On Wed, May 22, 2024 at 9:58 AM Souji Thenria wrote: > On Wed May 22, 2024 at 2:38 PM BST, Am Jam wrote: > > Hi Everyone, > > Hi Am, > > > Before anyone asks, removing "/nextcloud" from each of the location > strings > > does not work. > > When I do that I get an "ERR_EMPTY_RESPONSE" error in my browser > (Chrome). > > My httpd.conf below was inspired by the one outlined in the nextcloud > > pkg-readme. > > Did you also remove the line: 'request strip 1'? > > So that instead of > > location "/nextcloud/*.php*" { > > root "/nextcloud" > > request strip 1 > > fastcgi socket "/run/php-fpm.sock" > > pass > > } > > you should have: > location "/*.php*" { > root "/nextcloud" > fastcgi socket "/run/php-fpm.sock" > pass > } > > > Regards, > Souji >
Re: httpd & nextcloud
On Wed May 22, 2024 at 2:38 PM BST, Am Jam wrote: Hi Everyone, Hi Am, Before anyone asks, removing "/nextcloud" from each of the location strings does not work. When I do that I get an "ERR_EMPTY_RESPONSE" error in my browser (Chrome). My httpd.conf below was inspired by the one outlined in the nextcloud pkg-readme. Did you also remove the line: 'request strip 1'? So that instead of location "/nextcloud/*.php*" { root "/nextcloud" request strip 1 fastcgi socket "/run/php-fpm.sock" pass } you should have: location "/*.php*" { root "/nextcloud" fastcgi socket "/run/php-fpm.sock" pass } Regards, Souji
httpd & nextcloud
Hi Everyone, I am trying to run a small nextcloud website and I'm having a problem with the URLs. I installed nextcloud via pkg_add, and all of its files were installed under /var/www/nextcloud. The pkg-readmes were helpful in getting nextcloud working with httpd. However, though everything "works", my URLs look like this: - www.domain.com/nextcloud/index.php/foo/bar/... And I can't for the life of me seem to edit /etc/httpd.conf to make it so my URLs look like this: - www.domain.com/index.php/foo/bar/... Furthermore, I can only access nextcloud if I navigate to - www.domain.com/nextcloud I would prefer to access nextcloud by navigating to - www.domain.com Even if I add the following line to /etc/httpd.conf, it works only in the web browser and nextcloud-specific iOS apps don't fully work properly: - location "/" { block return 301 "nextcloud/index.php" } My /etc/httpd.conf is below. Am I missing something obvious? Before anyone asks, removing "/nextcloud" from each of the location strings does not work. When I do that I get an "ERR_EMPTY_RESPONSE" error in my browser (Chrome). My httpd.conf below was inspired by the one outlined in the nextcloud pkg-readme. Thanks in advance. server "www.domain.com" { listen on * tls port 443 # acme-challenge TLS location location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } # enable HTTP Strict Transport Security hsts { preload subdomains max-age 15768000 } tls { certificate "/etc/ssl/domain.com.fullchain.pem" key "/etc/ssl/private/domain.com.key" } # set root directory root "/nextcloud" directory index "index.php" # set max upload size to 1G (in bytes) connection max request body 1048576000 connection max requests 1000 connection request timeout 3600 connection timeout 3600 block drop # ensure that no "*.php*" files can be fetched from these directories location "/nextcloud/config/*" { block drop } location "/nextcloud/data/*" { block drop } location "/nextcloud/*.php*" { root "/nextcloud" request strip 1 fastcgi socket "/run/php-fpm.sock" pass } location "/nextcloud/dist/*" { root "/nextcloud" request strip 1 pass } location "/nextcloud/apps/*" { root "/nextcloud" request strip 1 pass } location "/nextcloud/core/*" { root "/nextcloud" request strip 1 pass } location "/nextcloud/updater/*" { root "/nextcloud" request strip 1 pass } location "/nextcloud" { block return 301 "$DOCUMENT_URI/index.php" } location "/nexctloud/" { block return 301 "$DOCUMENT_URI/index.php" } location "/.well-known/carddav" { block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav; } location "/.well-known/caldav" { block return 301 "https://$SERVER_NAME/nextcloud/remote.php/dav; } location "/.well-known/webfinger" { block return 301 "/nextcloud/index.php/.well-known/webfinger" } location "/.well-known/nodeinfo" { block return 301 "/nextcloud/index.php/.well-known/nodeinfo" } location "/nextcloud/ocs-provider/*" { block return 301 "$DOCUMENT_URI/index.php" } location "/nextcloud/ocm-provider/*" { block return 301 "$DOCUMENT_URI/index.php" } }
Re: how to fsck automatically at boot
On Wed, 22 May 2024 12:53:11 +0100, Nick Holland wrote: > > For reasons of multi-hour fsck's on a few systems, I'm looking at > remounting the problem file systems as "rw" when writing is actually > needed and "ro" after the writing is complete (IN THIS APPLICATION, this > is known) to reduce my "at risk of power outage" window a lot, but I > suspect this will fall deeply within the category of "when I break > things, I get to keep all the pieces". :) > Do you need atime on that FS? Disable it dramatically reduces chances of manual interraction with fsck. If you move forward and add sync which slow down write but allows to get almost zero porbability of fsck interraction. -- wbr, Kirill
Re: Bgpd multipath conf
In the end I found out a way to manage mutipath. Outside the bgpd daemon. Basically I evaluate the bgp peer status from ifstated rules and I install/remove static multipath route on variation. The first test seem promising. In the end I can even manage carp based on peer availabilty with this approach. If someone is interested in conf I can post as well as soon as I finish my test base. Cheers M. Caterpillar: Confidential Green -Original Message- From: Benjamin Raskin Sent: Thursday, May 16, 2024 3:47 PM To: Stuart Henderson ; Marco Agostani Cc: misc@openbsd.org Subject: Re: Bgpd multipath conf CAUTION: EXTERNAL EMAIL This is a message from raskinbenjam...@gmail.com. Use caution when opening unexpected emails and do not click on links or attachments from unknown senders. For more resources, visit security.cat.com/phishing. __ I'm working on something similar right now for bgpd, where any connected /128 ipv6 address will be announced over bgp. For example if the router is connected to an adjacent host that has assigned itself an address through slaac such that the router has an entry for that particular host in the routing table, then the router will announce the host's /128 address. On Thu, May 16, 2024 at 6:24 AM Stuart Henderson wrote: > > On 2024-05-16, Marco Agostani wrote: > > Ok so in the end is there a way to install more then one route in the > > kernel table through bgpd or not ? > > No. That is what "bgpd ... does not handle adding multiple paths for > the same prefix to the FIB" means. (FIB = "forwarding information > base" = kernel route table) > > > And if it's something that could be done in the future ? > > could? sure, if someone were to write the code to support it. > > I don't think it will be a particularly easy thing to do though. > > > -- > Please keep replies on the mailing list. >
Re: how to fsck automatically at boot
On 5/21/24 08:28, Stuart Henderson wrote: On 2024-05-21, Nick Holland wrote: ... When I remove that disk the boot sequence stops and asks for a fsck I would like that this disk is mounted when it's present, but when it's not installed I don't want the boot sequence to stop Make it also "noauto" in fstab and mount it in rc.local. Last I tried this, it didn't do what I wanted -- "noauto" still expects to have the disk there and will fsck it on boot. Failure to be able to do this stops the boot. It's been a while since I last tried this, so perhaps something has changed (including my recollection?) See fstab(5) about fs_passno. ah, so "0" or blank. cool. learned something. That will simplify a few things! And this might be a solution for the OP's problem: make /usr and /usr/* "ro" during normal operation reorder_kernel is run in the background from /etc/rc; for RO /usr you need to wait for that to finish. And I forgot that. d'oh. So yes, file my tidbit under "REALLY BAD ADVICE" and ignore it. For reasons of multi-hour fsck's on a few systems, I'm looking at remounting the problem file systems as "rw" when writing is actually needed and "ro" after the writing is complete (IN THIS APPLICATION, this is known) to reduce my "at risk of power outage" window a lot, but I suspect this will fall deeply within the category of "when I break things, I get to keep all the pieces". :) Nick.
Re: how to fsck automatically at boot
Hello Nick, Stuart, Kirill, Jan, Thank you for all your answers. Le mardi 21 mai 2024 à 14:31:13 UTC+2, Stuart Henderson a écrit : On 2024-05-21, Nick Holland wrote: > On 5/20/24 09:37, Jan Stary wrote: >> On May 20 13:22:26, mikyde...@yahoo.fr wrote: >>> Hello, >>> >>> I have two use cases and problems with fsck. >>> >>> 1) When my openbsd boots after an outage, the system asks me to fsck /, >>> /usr, /var or /home manually. >>> So I do >>> fsck /dev/sd0a >>> And then I'm asked questions and I usually answer F >>> >>> So my question is that I want this process to be done automatically at boot >>> time for each partition that has a problem. >> >> The /etc/rc boot script calls fsck -p; >> if that fails, it means fsck -p was unable to fix a major problem. >> It is the point that it requires an admin's intervention. >> >> You would have to change the fsck call to fsck -y; >> but don't do that. AIUI the rationale for not using -y by default is that fsck may do further damage to a badly damaged disk. But in practice many people wouldn't do anything other than hit 'y' lots or 'F' when fsck complains, in which case patching /etc/rc to run -y by default isn't going to be any worse... And there are certainly some classes of system where you don't really care about losing data (i.e. you can recreate from config management or backups) but you do want to maximise the chances of being able to connect in remotely, and in that case -y can definitely help. > I'd look at why your file systems are always needing these manual > interventions after a hard shutdown. I routinely power down my > personal systems with yanking the power cord if it would take me > longer "properly" connect a console and properly shut down. That really depends on what the system is doing. >>> When I remove that disk the boot sequence stops and asks for a fsck >>> I would like that this disk is mounted when it's present, but when it's not >>> installed I don't want the boot sequence to stop >> >> Make it also "noauto" in fstab and mount it in rc.local. > > Last I tried this, it didn't do what I wanted -- "noauto" still expects > to have the disk there and will fsck it on boot. Failure to be able to > do this stops the boot. It's been a while since I last tried this, so > perhaps something has changed (including my recollection?) See fstab(5) about fs_passno. > And this might be a solution for the OP's problem: > make /usr and /usr/* "ro" during normal operation reorder_kernel is run in the background from /etc/rc; for RO /usr you need to wait for that to finish. -- Please keep replies on the mailing list.
Re: IPv6 routing problems with vether and vmm
On 2024/05/21 20:30, jrmu wrote: > Greetings, > > > > I also don't control the entire /48. > > > > > > Here is the information I was given: > > > > > > My IPv6 Address Subnet: 2602:fccf:400:41::/64 > > > Hypervisor' IPv6 Gateway: 2602:fccf:400::1 > > > > > > I was only given a /64. > > > > So you should use a /64 prefix length not the /48 which you have. > > > > See EXAMPLES in route(8) for how to set the gateway. > > Please excuse my ignorance here, as I am unfamiliar with networking. Can > you explain why /64 is the correct prefix length? Because that is the information they gave you: "Here is the information I was given: My IPv6 Address Subnet: 2602:fccf:400:41::/64" > I am confused because it seems not analogous to IPv4. Your provider has decided to use a different config method for v6 compared to v4. They probably have a route for the whole /64 to your MAC address to avoid having to do neighbour discovery (NDP) for addresses in your subnet. If they did NDP, they have to try to find the MAC address to send packets for that individual address. So if that address isn't in the (limited size) NDP cache their router would need to buffer the packet, try to resolve the address, if that address is not configured anywhere they'd need to wait for a timeout before possibly generating a host-unreachable icmp6 message and discarding the packet. These are all slow operations using cpu resources on a router where those resources are usually quite limited. Now consider the number of addresses in the subnet and that someone on the internet can send packets to any address. There are similar issues for v4 (using ARP rather than NDP to find MAC addresses) but the scale is vastly different - and most addresses will be in use anyway so most of the time a randomly addressed packet will already have the MAC address in the ARP cache. There are other ways to handle this (e.g. add a small 'link net' between the router and your host) but config for that is a bit more hassle to do on the provider's side - typically with that setup you'd have a separate vlan per customer too, as well as the route table entry across the provider's network for the link net, using more resources on routers/switches. > In the IPv4 example, my address is 104.167.241.211, the gateway is > 104.167.241.193, and the subnet mask 255.255.255.192. The network length > then is /26. I don't control the entire /26 subnet, only one single IPv4 > address within it, but my network would have a prefix length of /26. All of the /26 is probably directly reachable (using ARP to lookup the MAC address). And vice-versa, other addresses in the /26 will be expecting to be able to send packets to you directly rather than going via the gateway. > Isn't using a prefix length of /48 the same in the case of IPv6? I don't > control the entire /48, but the gateway 2602:fccf:400::1 shares the > first 48 network bits with my IPv6 address 2602:fccf:400:41:: You almost certainly can't reach the rest of the /48 without going via the gateway. > If I were to set the routing prefix length to 64, then I could manually > add an extra route to the IPv6 gateway. But then, wouldn't I want to set > my IPv4 address with a subnet mask of 255.255.255.255, so that the > network length would be 32 rather than 26, and also add a manual route > there? Some providers do do that for v4, but if they had they'd be telling you to use the /32. There's a lot less reason to do it for v4 though.
Re: packet filter silently ignores a rule
Hello! This was the first thing I checked. But I think there was a deadly combo of two factors: 1) the continuation character 2) The nuance described in man pf.conf: "Care should be taken when commenting out multi-line text: the comment is effective until the end of the entire block." After continuous experimenting with the rules there are too many commented lines mixed with real config blocks in my pf.conf. I really have to do some cleaning. Thank you everybody for all your help! On Tue May 21 16:49:00 2024, Steve Williams wrote: > A lot of Unix configuration files have an issue with the continuation > character "\" IF THERE IS A SPACE AFTER IT!! > > Make sure that the \ is the last character on the line! > > S. > > On 20/05/2024 11:01 p.m., Maksim Rodin wrote: > > I solved the problem by copying the entire rule block right after > > the old one and commenting out the old one. > > > > New: > > pass in on egress inet proto tcp to (egress) port $mail_ports \ > > keep state (max-src-conn 20, \ > > max-src-conn-rate 35/300, overload \ > > flush global) \ > > rdr-to $mail_server > > > > Old: > > pass in on egress inet proto tcp to (egress) \ > > port $mail_ports \ > > keep state (max-src-conn 20, \ > > max-src-conn-rate 35/300, overload \ > > flush global) rdr-to $mail_server > > > > I only split one line and merged two other lines into one > > but I think I did it correctly and I do not see any logical > > changes in the block. > > > > I still cannot understand what happened because there were no > > uncommented excess lines within the old block. > > > > Before copying the entire rule block I even occasionally made > > a typo in the old rule and checked it with pfctl -nf /etc/pf.conf. > > PF still did as if there were no block with the typo at all: > > > > pass in on egress inet proto tcp to (egress) \ > > ort $mail_ports \ > > keep state (max-src-conn 20, \ > > max-src-conn-rate 35/300, overload \ > > flush global) rdr-to $mail_server > > > > > > > > On Mon May 20 11:43:21 2024, Maksim Rodin wrote: > > > Hello, > > > I use OpenBSD 7.5 stable amd64. > > > I uncommented an old rule and the corresponding macro in pf.conf > > > which definitely worked when the > > > machine was on version 7.3 and possibly 7.4. > > > > > > After that: > > > pfctl -nf /etc/pf.conf shows nothing > > > pfctl -f /etc/pf.conf shows nothing > > > So Packet Filter seems to be happy with the config as a whole. > > > > > > pfctl -vvsr shows the old rules WITHOUT the uncommented one. > > > pfctl -vvnf /etc/pf.conf warns that the uncommented macro > > > used in the uncommented rule is NOT used. > > > > > > The output of pfctl -vvnf /etc/pf.conf is appended as > > > pfctl_vvnf file > > > The output of pfctl -vvsr is appended as > > > pfctl_vvsr file > > > > > > > > > Did I miss something when changing the configuration? > > > > > > The uncommented section 1 is: > > > mail_ports = "{ submission imaps }" > > > > > > The uncommented section 2 is: > > > pass in on egress inet proto tcp to (egress) \ > > > port $mail_ports \ > > > keep state (max-src-conn 20, \ > > > max-src-conn-rate 35/300, overload \ > > > flush global) rdr-to $mail_server > > > > > > > > > My whole pf.conf (all uncommented lines): > > > int_if = "{ vether1 em1 em2 em3 }" > > > table { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 \ > > > 169.254.0.0/16 172.16.0.0/12 192.0.2.0/24 \ > > > 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \ > > > } > > > table persist > > > table persist file "/etc/mail/nospamd" > > > table persist file "/etc/pf/bad_ips" > > > > > > transmission_server = "192.168.1.65" > > > mail_server = "192.168.1.171" > > > > > > mail_ports = "{ submission imaps }" > > > > > > block log all > > > set limit table-entries 100 > > > set block-policy drop > > > set syncookies adaptive (start 29%, end 15%) > > > set skip on lo > > > > > > match in all scrub (no-df random-id max-mss 1440) > > > match out on egress inet from (vether1:network) \ > > > to any nat-to (egress:0) > > > > > > block in quick on egress from to any > > > block return out quick on egress from any to > > > block quick from > > > > > > pass out quick inet > > > pass in on $int_if inet > > > > > > pass in on egress inet proto tcp \ > > > to (egress) port 22 keep state \ > > > (max-src-conn 2, max-src-conn-rate 2/300, \ > > > overload flush global) > > > > > > pass in on egress inet proto { tcp udp } \ > > > to (egress) port domain keep state \ > > > (max-src-states 10) \ > > > rdr-to 127.0.0.1 port 8053 > > > > > > pass in on $int_if inet proto { tcp udp } from \ > > > (vether1:network) to (egress) port domain > > > > > > pass in on egress inet proto { tcp udp } \ > > > to (egress) port 5 \ > > > rdr-to $transmission_server > > > > > > pass in on egress inet proto tcp to (egress) \ > > > port $mail_ports \ > > > keep state (max-src-conn 20, \ > > >
Re: IPv6 routing problems with vether and vmm
Greetings, > > I also don't control the entire /48. > > > > Here is the information I was given: > > > > My IPv6 Address Subnet: 2602:fccf:400:41::/64 > > Hypervisor' IPv6 Gateway: 2602:fccf:400::1 > > > > I was only given a /64. > > So you should use a /64 prefix length not the /48 which you have. > > See EXAMPLES in route(8) for how to set the gateway. Please excuse my ignorance here, as I am unfamiliar with networking. Can you explain why /64 is the correct prefix length? I am confused because it seems not analogous to IPv4. In the IPv4 example, my address is 104.167.241.211, the gateway is 104.167.241.193, and the subnet mask 255.255.255.192. The network length then is /26. I don't control the entire /26 subnet, only one single IPv4 address within it, but my network would have a prefix length of /26. Isn't using a prefix length of /48 the same in the case of IPv6? I don't control the entire /48, but the gateway 2602:fccf:400::1 shares the first 48 network bits with my IPv6 address 2602:fccf:400:41:: If I were to set the routing prefix length to 64, then I could manually add an extra route to the IPv6 gateway. But then, wouldn't I want to set my IPv4 address with a subnet mask of 255.255.255.255, so that the network length would be 32 rather than 26, and also add a manual route there? -- jrmu IRCNow (https://ircnow.org) signature.asc Description: PGP signature
Re: IPv6 routing problems with vether and vmm
. On 21/05/2024 22:04, jrmu wrote: Greetings, Here is my configuration: Inside hypervisor: hypervisor$ cat /etc/hostname.em1 inet 104.167.241.211 0xffc0 inet6 2602:fccf:400:41:: 48 Why are you using 48 as mask here and not 64? I don't have control over the hypervisor's gateway, that is provided by my ISP. Okay but my question still apply here. em1 IPv6 address should have /64 as mask and not 48. Your gateway must have a (static) route saying we can reach 2602:fccf::/36 (or a any smaller subnet you will use in your hypervisor) via em1.IPv6.address. I will pick 2602:fccf:400::/48 as the block you plan to use for all your VMs. I also don't control the entire /48. Here is the information I was given: My IPv6 Address Subnet: 2602:fccf:400:41::/64 Hypervisor' IPv6 Gateway: 2602:fccf:400::1 I was only given a /64. When you manage a hypervisor, using only 1x/64 is less than ideal. It's just not enough because you can have more than 1 'type of usage'. I always request at least 1x/56. You have at least 2 solutions: 1. Use the prefix 2602:fccf:400:41::/64 for all your interfaces . For em1 , avoid the first address. It works but some device will not happily accept your packets. Use anything else between 2602:fccf:400:41::1 and 2602:fccf:400:41:::: . Again use 64 as your mask and not 48 on em1. 2. Ask your ISP 2 things: 2.1 Establish point to point with you from 1 prefix 2.2 Route you *another* prefix (as explained in my previous email). If they find difficult to route more than 1x/64 (that will be a shame ) they can stick to 1x/64 but honestly it should not be a big deal. -- Willy Manga
Re: IPv6 routing problems with vether and vmm
On 2024-05-21, jrmu wrote: > > --qhuug7BO2jqFJSbi > Content-Type: text/plain; charset=us-ascii > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > Greetings, > >> > Here is my configuration: >>=20 >> > Inside hypervisor: >>=20 >> > hypervisor$ cat /etc/hostname.em1 >> > inet 104.167.241.211 0xffc0 >> > inet6 2602:fccf:400:41:: 48 >>=20 >> Why are you using 48 as mask here and not 64? > > I don't have control over the hypervisor's gateway, that is provided by > my ISP. > >> Your gateway must have a (static) route saying we can reach 2602:fccf::/36 >> (or a any smaller subnet you will use in your hypervisor) via >> em1.IPv6.address. I will pick 2602:fccf:400::/48 as the block you plan to >> use for all your VMs. > > I also don't control the entire /48. > > Here is the information I was given: > > My IPv6 Address Subnet: 2602:fccf:400:41::/64 > Hypervisor' IPv6 Gateway: 2602:fccf:400::1 > > I was only given a /64. So you should use a /64 prefix length not the /48 which you have. See EXAMPLES in route(8) for how to set the gateway.
Important message for Apple Silicon OpenBSD/arm64 users
As indicated here: https://social.treehouse.systems/@AsahiLinux/112449204541186432 The system firmware that comes with macOS Sonoma 14.5 triggers a bug in the m1n1 bootloader that is used to boot OpenBSD on these machines. The bug will prevent OpenBSD from booting on some machines after the macOS update has been installed. The recommended fix is to update the "stage1" m1n1 by booting into macOS and running: $ curl https://alx.sh | sh choosing the 'm' option when prompted to upgrade as indicated in the aforementioned post. This should work even if you've already installed the macOS update. We've also released a new version of the "apple-boot" firmware (which contains a "stage2" m1n1) that has a workaround for the bug. To install this new firmware on OpenBSD 7.5 or -current, you can do: # fw_update # installboot sd0 This must be done before updating macOS. You can verify that the workaround is installed with the following command: # eeprom -p | grep m1n1 asahi,m1n1-stage2-version: '1.4.14' If the displayed version number is 1.4.14 or later, the workaround is installed. OpenBSD 7.4 users should upgrade to OpenBSD 7.5. Cheers, Mark
Re: IPv6 routing problems with vether and vmm
Greetings, > > Here is my configuration: > > > Inside hypervisor: > > > hypervisor$ cat /etc/hostname.em1 > > inet 104.167.241.211 0xffc0 > > inet6 2602:fccf:400:41:: 48 > > Why are you using 48 as mask here and not 64? I don't have control over the hypervisor's gateway, that is provided by my ISP. > Your gateway must have a (static) route saying we can reach 2602:fccf::/36 > (or a any smaller subnet you will use in your hypervisor) via > em1.IPv6.address. I will pick 2602:fccf:400::/48 as the block you plan to > use for all your VMs. I also don't control the entire /48. Here is the information I was given: My IPv6 Address Subnet: 2602:fccf:400:41::/64 Hypervisor' IPv6 Gateway: 2602:fccf:400::1 I was only given a /64. Thanks for your help. -- jrmu IRCNow (https://ircnow.org) signature.asc Description: PGP signature
Re: IPv6 routing problems with vether and vmm
Hi On 21/05/2024 04:01, jrmu wrote: > Here is my configuration: > Inside hypervisor: > hypervisor$ cat /etc/hostname.em1 > inet 104.167.241.211 0xffc0 > inet6 2602:fccf:400:41:: 48 Why are you using 48 as mask here and not 64? Here is a suggestion in term of routing. From your configuration, you can even restrict the mask here since it's a point to point between your hypervisor and your gateway. something like /etc/hostname.em1 inet6 2602:fccf::2 127 should be okay. Of course you configure your gateway with 2602:fccf::3/127 > hypervisor$ cat /etc/mygate > 104.167.241.193 > 2602:fccf:400::1 From my suggestion, you can change that IPv6 with 2602:fccf::3 Your gateway must have a (static) route saying we can reach 2602:fccf::/36 (or a any smaller subnet you will use in your hypervisor) via em1.IPv6.address. I will pick 2602:fccf:400::/48 as the block you plan to use for all your VMs. Assuming your gateway is running OpenBSD, the route will be: route add -inet6 2602:fccf:400::/48 2602:fccf::2 Now from the hypervisor, you originate that prefix. e.g route add -inet6 -blackhole 2602:fccf:400::/48 ::1 All packets in that block by default is 'swallowed' here. Now any subnet used by any interface (like vether0) here will be reachable from the Internet and of course the VM as well will reach other networks. -- Willy Manga
Re: how to fsck automatically at boot
On 2024-05-21, Nick Holland wrote: > On 5/20/24 09:37, Jan Stary wrote: >> On May 20 13:22:26, mikyde...@yahoo.fr wrote: >>> Hello, >>> >>> I have two use cases and problems with fsck. >>> >>> 1) When my openbsd boots after an outage, the system asks me to fsck /, >>> /usr, /var or /home manually. >>> So I do >>> fsck /dev/sd0a >>> And then I'm asked questions and I usually answer F >>> >>> So my question is that I want this process to be done automatically at boot >>> time for each partition that has a problem. >> >> The /etc/rc boot script calls fsck -p; >> if that fails, it means fsck -p was unable to fix a major problem. >> It is the point that it requires an admin's intervention. >> >> You would have to change the fsck call to fsck -y; >> but don't do that. AIUI the rationale for not using -y by default is that fsck may do further damage to a badly damaged disk. But in practice many people wouldn't do anything other than hit 'y' lots or 'F' when fsck complains, in which case patching /etc/rc to run -y by default isn't going to be any worse... And there are certainly some classes of system where you don't really care about losing data (i.e. you can recreate from config management or backups) but you do want to maximise the chances of being able to connect in remotely, and in that case -y can definitely help. > I'd look at why your file systems are always needing these manual > interventions after a hard shutdown. I routinely power down my > personal systems with yanking the power cord if it would take me > longer "properly" connect a console and properly shut down. That really depends on what the system is doing. >>> When I remove that disk the boot sequence stops and asks for a fsck >>> I would like that this disk is mounted when it's present, but when it's not >>> installed I don't want the boot sequence to stop >> >> Make it also "noauto" in fstab and mount it in rc.local. > > Last I tried this, it didn't do what I wanted -- "noauto" still expects > to have the disk there and will fsck it on boot. Failure to be able to > do this stops the boot. It's been a while since I last tried this, so > perhaps something has changed (including my recollection?) See fstab(5) about fs_passno. > And this might be a solution for the OP's problem: > make /usr and /usr/* "ro" during normal operation reorder_kernel is run in the background from /etc/rc; for RO /usr you need to wait for that to finish. -- Please keep replies on the mailing list.
Re: how to fsck automatically at boot
On 5/20/24 09:37, Jan Stary wrote: On May 20 13:22:26, mikyde...@yahoo.fr wrote: Hello, I have two use cases and problems with fsck. 1) When my openbsd boots after an outage, the system asks me to fsck /, /usr, /var or /home manually. So I do fsck /dev/sd0a And then I'm asked questions and I usually answer F So my question is that I want this process to be done automatically at boot time for each partition that has a problem. The /etc/rc boot script calls fsck -p; if that fails, it means fsck -p was unable to fix a major problem. It is the point that it requires an admin's intervention. You would have to change the fsck call to fsck -y; but don't do that. I'd look at why your file systems are always needing these manual interventions after a hard shutdown. I routinely power down my personal systems with yanking the power cord if it would take me longer "properly" connect a console and properly shut down. yeah, I get fscks, but I rarely get a manual intervention required. It does happen...but rarely. (Also, don't let a server have power outages, obviously.) This is because I use a small server without screen and keyboard. So what? That is no excuse to leave broken filesystems unattended. 2) I have another disk in my small server, and I mount one partition of it with in fstab aa929243b0f5.a /var/mylogs ffs rw,nodev,nosuid 1 2 When I remove that disk the boot sequence stops and asks for a fsck I would like that this disk is mounted when it's present, but when it's not installed I don't want the boot sequence to stop Make it also "noauto" in fstab and mount it in rc.local. Last I tried this, it didn't do what I wanted -- "noauto" still expects to have the disk there and will fsck it on boot. Failure to be able to do this stops the boot. It's been a while since I last tried this, so perhaps something has changed (including my recollection?) I have some backup servers with big file systems that can take hours to fsck. I pulled the mount lines out of /etc/fstab and put them in a separate script that is invoked at boot from /etc/rc.local And this might be a solution for the OP's problem: make /usr and /usr/* "ro" during normal operation, and move all the "lots of volatile data" stuff over to partitions that are mounted post boot by a separate script. Maybe make /tmp an MFS if that's an option. That will minimize the fsck problems, and allow the system to come up for either manual, remote fixing or even fsck -y in the mountall script. Don't forget you ro'd the /usr partitions, otherwise your upgrades will be unpleasant. :) Nick.
Re: packet filter silently ignores a rule
On 2024-05-21, Maksim Rodin wrote: > I solved the problem by copying the entire rule block right after > the old one and commenting out the old one. > > New: > pass in on egress inet proto tcp to (egress) port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload \ > flush global) \ > rdr-to $mail_server > > Old: > pass in on egress inet proto tcp to (egress) \ > port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload \ > flush global) rdr-to $mail_server > > I only split one line and merged two other lines into one > but I think I did it correctly and I do not see any logical > changes in the block. ... >> My whole pf.conf (all uncommented lines): We can't tell if it was done correctly because you excluded commented lines from the file you showed. Read pf.conf(5) DESCRIPTION section, paragraph starting "The current line can be extended over multiple lines".
Re: packet filter silently ignores a rule
I solved the problem by copying the entire rule block right after the old one and commenting out the old one. New: pass in on egress inet proto tcp to (egress) port $mail_ports \ keep state (max-src-conn 20, \ max-src-conn-rate 35/300, overload \ flush global) \ rdr-to $mail_server Old: pass in on egress inet proto tcp to (egress) \ port $mail_ports \ keep state (max-src-conn 20, \ max-src-conn-rate 35/300, overload \ flush global) rdr-to $mail_server I only split one line and merged two other lines into one but I think I did it correctly and I do not see any logical changes in the block. I still cannot understand what happened because there were no uncommented excess lines within the old block. Before copying the entire rule block I even occasionally made a typo in the old rule and checked it with pfctl -nf /etc/pf.conf. PF still did as if there were no block with the typo at all: pass in on egress inet proto tcp to (egress) \ ort $mail_ports \ keep state (max-src-conn 20, \ max-src-conn-rate 35/300, overload \ flush global) rdr-to $mail_server On Mon May 20 11:43:21 2024, Maksim Rodin wrote: > Hello, > I use OpenBSD 7.5 stable amd64. > I uncommented an old rule and the corresponding macro in pf.conf > which definitely worked when the > machine was on version 7.3 and possibly 7.4. > > After that: > pfctl -nf /etc/pf.conf shows nothing > pfctl -f /etc/pf.conf shows nothing > So Packet Filter seems to be happy with the config as a whole. > > pfctl -vvsr shows the old rules WITHOUT the uncommented one. > pfctl -vvnf /etc/pf.conf warns that the uncommented macro > used in the uncommented rule is NOT used. > > The output of pfctl -vvnf /etc/pf.conf is appended as > pfctl_vvnf file > The output of pfctl -vvsr is appended as > pfctl_vvsr file > > > Did I miss something when changing the configuration? > > The uncommented section 1 is: > mail_ports = "{ submission imaps }" > > The uncommented section 2 is: > pass in on egress inet proto tcp to (egress) \ > port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload \ > flush global) rdr-to $mail_server > > > My whole pf.conf (all uncommented lines): > int_if = "{ vether1 em1 em2 em3 }" > table { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 \ >169.254.0.0/16 172.16.0.0/12 192.0.2.0/24 \ >192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \ > } > table persist > table persist file "/etc/mail/nospamd" > table persist file "/etc/pf/bad_ips" > > transmission_server = "192.168.1.65" > mail_server = "192.168.1.171" > > mail_ports = "{ submission imaps }" > > block log all > set limit table-entries 100 > set block-policy drop > set syncookies adaptive (start 29%, end 15%) > set skip on lo > > match in all scrub (no-df random-id max-mss 1440) > match out on egress inet from (vether1:network) \ > to any nat-to (egress:0) > > block in quick on egress from to any > block return out quick on egress from any to > block quick from > > pass out quick inet > pass in on $int_if inet > > pass in on egress inet proto tcp \ > to (egress) port 22 keep state \ > (max-src-conn 2, max-src-conn-rate 2/300, \ > overload flush global) > > pass in on egress inet proto { tcp udp } \ > to (egress) port domain keep state \ > (max-src-states 10) \ > rdr-to 127.0.0.1 port 8053 > > pass in on $int_if inet proto { tcp udp } from \ > (vether1:network) to (egress) port domain > > pass in on egress inet proto { tcp udp } \ > to (egress) port 5 \ > rdr-to $transmission_server > > pass in on egress inet proto tcp to (egress) \ > port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload \ > flush global) rdr-to $mail_server > > pass in on egress proto tcp to (egress) \ > port smtp divert-to 127.0.0.1 port spamd > pass in on egress proto tcp from to (egress) \ > port smtp rdr-to $mail_server > pass in log on egress proto tcp from \ > to (egress) port smtp \ > rdr-to $mail_server > pass out on egress proto tcp to (egress) port smtp > > > -- > Best regards > Maksim Rodin > warning: macro 'mail_ports' not used > Loaded 714 passive OS fingerprints > int_if = "{ vether1 em1 em2 em3 }" > table { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 > 172.16.0.0/12 192.0.2.0/24 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 } > table persist > table persist file "/etc/mail/nospamd" > table persist file "/etc/pf/bad_ips" > transmission_server = "192.168.1.65" > mail_server = "192.168.1.171" > mail_ports = "{ submission imaps }" > set limit table-entries 100 > set block-policy drop > set syncookies adaptive (start 29%, end 15%) > set skip on { lo } > @0 block drop log all > @1 match in all scrub (no-df random-id max-mss 1440) > @2 match out on egress inet from
IPv6 routing problems with vether and vmm
Greetings, I'm running into issues with IPv6 networking using vmm with an openbsd guest, both running OpenBSD 7.5. Setup and diagnostic info here: https://paste.ircnow.org/05ejwpmf4hi74xuz0h2n I am setting up an openbsd virtual machine inside vmm using this configuration: https://wiki.ircnow.org/?n=Vmm.Configure IPv4 networking inside the virtual machine works fine, but IPv6 is failing. I can use the hypervisor's IPv6 address 2602:fccf:400:41:: but am unable to use IPv6 from the virtual machines. Here is my configuration: Inside hypervisor: hypervisor$ cat /etc/hostname.em1 inet 104.167.241.211 0xffc0 inet6 2602:fccf:400:41:: 48 hypervisor$ cat /etc/mygate 104.167.241.193 2602:fccf:400::1 hypervisor$ cat /etc/hostname.vether0 inet 104.167.241.49 255.255.255.248 inet6 2602:fccf:400:41::1 64 hypervisor$ cat /etc/hostname.bridge0 add vether0 Inside virtual machine: vm# cat /etc/hostname.vio0 inet 104.167.241.51 0xffc0 inet6 2602:fccf:400:41:51:: 64 vm# cat /etc/mygate 104.167.241.49 2602:fccf:400:41::1 Hypervisor ifconfig, route, arp, and ndp: hypervisor$ ifconfig lo0: flags=2008049 mtu 32768 index 4 priority 0 llprio 3 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 em0: flags=8802 mtu 1500 lladdr 00:25:90:5a:2d:93 index 1 priority 0 llprio 3 media: Ethernet autoselect (none) status: no carrier em1: flags=8843 mtu 1500 lladdr 00:25:90:5a:2d:92 index 2 priority 0 llprio 3 groups: egress media: Ethernet autoselect (1000baseT full-duplex) status: active inet 104.167.241.211 netmask 0xffc0 broadcast 104.167.241.255 inet6 fe80::225:90ff:fe5a:2d92%em1 prefixlen 64 scopeid 0x2 inet6 2602:fccf:400:41:: prefixlen 48 enc0: flags=0<> index 3 priority 0 llprio 3 groups: enc status: active bridge0: flags=41 mtu 1500 description: switch1-switch0 index 5 llprio 3 groups: bridge priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp tap1 flags=3 port 15 ifpriority 0 ifcost 0 tap2 flags=3 port 10 ifpriority 0 ifcost 0 tap0 flags=3 port 8 ifpriority 0 ifcost 0 vether0 flags=3 port 6 ifpriority 0 ifcost 0 vether0: flags=8943 mtu 1500 lladdr fe:e1:ba:d0:6f:27 index 6 priority 0 llprio 3 groups: vether media: Ethernet autoselect status: active inet 104.167.241.49 netmask 0xfff8 broadcast 104.167.241.55 inet6 fe80::fce1:baff:fed0:6f27%vether0 prefixlen 64 scopeid 0x6 inet6 2602:fccf:400:41::1 prefixlen 64 pflog0: flags=141 mtu 33136 index 7 priority 0 llprio 3 groups: pflog tap0: flags=8943 mtu 1500 lladdr fe:e1:ba:d1:76:b7 description: vm1-if0-mattbsd index 8 priority 0 llprio 3 groups: tap status: active tap2: flags=8943 mtu 1500 lladdr fe:e1:ba:d3:f5:02 description: vm3-if0-errorbsd index 10 priority 0 llprio 3 groups: tap status: active tap1: flags=8943 mtu 1500 lladdr fe:e1:ba:d8:99:f9 description: vm2-if0-jrmu index 15 priority 0 llprio 3 groups: tap status: active hypervisor$ route -n show Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface default104.167.241.193UGS 1146767 - 8 em1 224/4 127.0.0.1 URS00 32768 8 lo0 104.167.241.192/26 104.167.241.211UCn112147 - 4 em1 104.167.241.48/29 104.167.241.49 UCn60 - 4 vether0 104.167.241.48 link#6 UHLc 0 17 - 3 vether0 104.167.241.49 fe:e1:ba:d0:6f:27 UHLl 0 8098 - 1 vether0 104.167.241.50 e8:8b:27:7b:7a:01 UHLc 0 1439 - 3 vether0 104.167.241.51 e8:8b:27:7b:7a:02 UHLc 022740 - 3 vether0 104.167.241.52 link#6 UHLc 0 84 - 3 vether0 104.167.241.53 link#6 UHLc 0 15 - 3 vether0 104.167.241.54 e8:8b:27:7b:7a:03 UHLc 0 1069 - 3 vether0 104.167.241.55 104.167.241.49 UHb0 1005 - 1 vether0 104.167.241.193ac:1f:6b:fe:ca:98 UHLch 1 5705 - 3 em1 104.167.241.21100:25:90:5a:2d:92 UHLl 0 9427 - 1 em1 104.167.241.255104.167.241.211UHb0 4455 - 1 em1 127/8 127.0.0.1 UGRS 00 32768 8 lo0 127.0.0.1 127.0.0.1 UHhl 12 32768 1 lo0 Internet6: Destination Gateway Flags Refs Use Mtu
Re: [PATCH] [cwm] config option to run all apps maximized
Hi, I am experiencing a similar issue in my setup, in my case when running $ xterm -geometry 500x500+0+0 the window lags a lot when toggling maximization again. It happens also if you use client_toggle_fullscreen instead. Also, is there any reason that you maximize instead of fullscreen? Toggling fullscreen I feel is better, since you don't get to see the border. Best regards
Re: how to fsck automatically at boot
On Mon, 20 May 2024 14:22:26 +0100, Mik J wrote: > > aa929243b0f5.a /var/mylogs ffs rw,nodev,nosuid 1 2 You may add noatime which should decrease probability of issues when an outage had happened. Also, you may consider to use sync option which should future decrease probability of issues on an outage. -- wbr, Kirill
Re: how to fsck automatically at boot
On May 20 13:22:26, mikyde...@yahoo.fr wrote: > Hello, > > I have two use cases and problems with fsck. > > 1) When my openbsd boots after an outage, the system asks me to fsck /, /usr, > /var or /home manually. > So I do > fsck /dev/sd0a > And then I'm asked questions and I usually answer F > > So my question is that I want this process to be done automatically at boot > time for each partition that has a problem. The /etc/rc boot script calls fsck -p; if that fails, it means fsck -p was unable to fix a major problem. It is the point that it requires an admin's intervention. You would have to change the fsck call to fsck -y; but don't do that. (Also, don't let a server have power outages, obviously.) > This is because I use a small server without screen and keyboard. So what? That is no excuse to leave broken filesystems unattended. > 2) I have another disk in my small server, and I mount one partition of it > with in fstab > aa929243b0f5.a /var/mylogs ffs rw,nodev,nosuid 1 2 > When I remove that disk the boot sequence stops and asks for a fsck > I would like that this disk is mounted when it's present, but when it's not > installed I don't want the boot sequence to stop Make it also "noauto" in fstab and mount it in rc.local. (Also, don't remove disks from servers, obviously.)
how to fsck automatically at boot
Hello, I have two use cases and problems with fsck. 1) When my openbsd boots after an outage, the system asks me to fsck /, /usr, /var or /home manually. So I do fsck /dev/sd0a And then I'm asked questions and I usually answer F So my question is that I want this process to be done automatically at boot time for each partition that has a problem. If there's no problem, the system would boot at usual. This is because I use a small server without screen and keyboard. 2) I have another disk in my small server, and I mount one partition of it with in fstab aa929243b0f5.a /var/mylogs ffs rw,nodev,nosuid 1 2 When I remove that disk the boot sequence stops and asks for a fsck I would like that this disk is mounted when it's present, but when it's not installed I don't want the boot sequence to stop Is there a way to do these tasks or should I use a script that is executed by /etc/rc.local ? Thank you
Re: pf anchors attached to irrelevant states
On 19/05/2024 19:35, Kapetanakis Giannis wrote: > On 19/05/2024 14:37, Stuart Henderson wrote: >> On 2024-05-19, Kapetanakis Giannis wrote: >>> This is a bit strange. pf works normal, but rules after an enchor an >>> being attached to the anchor (somehow). >>> >>> All states that are created from rules after the anchor, show the anchor >>> (pf rule) number instead of (only) the rule number in pfctl -vv and in >>> pflog. >> I can confirm this is a problem, definitely seen in 7.4, I can't remember >> if 7.3 was affected. 7.2 from Dec 22 seems ok. > > 7.3 release was also affected, just tested on a vm. > > G It seems that this was introduced with 1.1169 of pf.c (2023/01/05) https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf.c.diff?r1=1.1168=1.1169=date=h reverting to 1.1168 shows then rules numbers correct both in pflog and pfctl. Rest of kernel is on 2023-01-12 G
packet filter silently ignores a rule
Hello, I use OpenBSD 7.5 stable amd64. I uncommented an old rule and the corresponding macro in pf.conf which definitely worked when the machine was on version 7.3 and possibly 7.4. After that: pfctl -nf /etc/pf.conf shows nothing pfctl -f /etc/pf.conf shows nothing So Packet Filter seems to be happy with the config as a whole. pfctl -vvsr shows the old rules WITHOUT the uncommented one. pfctl -vvnf /etc/pf.conf warns that the uncommented macro used in the uncommented rule is NOT used. The output of pfctl -vvnf /etc/pf.conf is appended as pfctl_vvnf file The output of pfctl -vvsr is appended as pfctl_vvsr file Did I miss something when changing the configuration? The uncommented section 1 is: mail_ports = "{ submission imaps }" The uncommented section 2 is: pass in on egress inet proto tcp to (egress) \ port $mail_ports \ keep state (max-src-conn 20, \ max-src-conn-rate 35/300, overload \ flush global) rdr-to $mail_server My whole pf.conf (all uncommented lines): int_if = "{ vether1 em1 em2 em3 }" table { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 \ 169.254.0.0/16 172.16.0.0/12 192.0.2.0/24 \ 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 \ } table persist table persist file "/etc/mail/nospamd" table persist file "/etc/pf/bad_ips" transmission_server = "192.168.1.65" mail_server = "192.168.1.171" mail_ports = "{ submission imaps }" block log all set limit table-entries 100 set block-policy drop set syncookies adaptive (start 29%, end 15%) set skip on lo match in all scrub (no-df random-id max-mss 1440) match out on egress inet from (vether1:network) \ to any nat-to (egress:0) block in quick on egress from to any block return out quick on egress from any to block quick from pass out quick inet pass in on $int_if inet pass in on egress inet proto tcp \ to (egress) port 22 keep state \ (max-src-conn 2, max-src-conn-rate 2/300, \ overload flush global) pass in on egress inet proto { tcp udp } \ to (egress) port domain keep state \ (max-src-states 10) \ rdr-to 127.0.0.1 port 8053 pass in on $int_if inet proto { tcp udp } from \ (vether1:network) to (egress) port domain pass in on egress inet proto { tcp udp } \ to (egress) port 5 \ rdr-to $transmission_server pass in on egress inet proto tcp to (egress) \ port $mail_ports \ keep state (max-src-conn 20, \ max-src-conn-rate 35/300, overload \ flush global) rdr-to $mail_server pass in on egress proto tcp to (egress) \ port smtp divert-to 127.0.0.1 port spamd pass in on egress proto tcp from to (egress) \ port smtp rdr-to $mail_server pass in log on egress proto tcp from \ to (egress) port smtp \ rdr-to $mail_server pass out on egress proto tcp to (egress) port smtp -- Best regards Maksim Rodin warning: macro 'mail_ports' not used Loaded 714 passive OS fingerprints int_if = "{ vether1 em1 em2 em3 }" table { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.0.2.0/24 192.168.0.0/16 198.18.0.0/15 198.51.100.0/24 } table persist table persist file "/etc/mail/nospamd" table persist file "/etc/pf/bad_ips" transmission_server = "192.168.1.65" mail_server = "192.168.1.171" mail_ports = "{ submission imaps }" set limit table-entries 100 set block-policy drop set syncookies adaptive (start 29%, end 15%) set skip on { lo } @0 block drop log all @1 match in all scrub (no-df random-id max-mss 1440) @2 match out on egress inet from (vether1:network:*) to any nat-to (egress:0:*) round-robin @3 block drop in quick on egress from to any @4 block return out quick on egress from any to @5 block drop quick from to any @6 pass out quick inet all flags S/SA @7 pass in on vether1 inet all flags S/SA @8 pass in on em1 inet all flags S/SA @9 pass in on em2 inet all flags S/SA @10 pass in on em3 inet all flags S/SA @11 pass in on egress inet proto tcp from any to (egress:*) port = 22 flags S/SA keep state (source-track rule, max-src-conn 2, max-src-conn-rate 2/300, overload flush global, src.track 300) @12 pass in on egress inet proto tcp from any to (egress:*) port = 53 flags S/SA keep state (source-track global, max-src-states 10) rdr-to 127.0.0.1 port 8053 @13 pass in on egress inet proto udp from any to (egress:*) port = 53 keep state (source-track global, max-src-states 10) rdr-to 127.0.0.1 port 8053 @14 pass in on vether1 inet proto tcp from (vether1:network:*) to (egress:*) port = 53 flags S/SA @15 pass in on em1 inet proto tcp from (vether1:network:*) to (egress:*) port = 53 flags S/SA @16 pass in on em2 inet proto tcp from (vether1:network:*) to (egress:*) port = 53 flags S/SA @17 pass in on em3 inet proto tcp from (vether1:network:*) to (egress:*) port = 53 flags S/SA @18 pass in on vether1 inet proto udp from (vether1:network:*) to (egress:*) port = 53 @19 pass in on em1 inet proto udp from (vether1:network:*) to (egress:*)
Re: kernel rebuild to debug problem
On 20/05/2024 00:03, Kirill A. Korinsky wrote: > On Sun, 19 May 2024 20:52:56 +0100, > Kapetanakis Giannis wrote: >> I'm trying to bisect a bug and compile an older kernel from cvs >> >> cvs checkout -D "2023-01-05" src/sys >> >> and following https://www.openbsd.org/faq/faq5.html#Options >> + make install >> >> New kernel compiles and boots but I get: >> >> # pfctl -f /etc/pf.conf >> pfctl: DIOCADDRULE: Operation not supported by device >> >> # pfctl -sr >> pfctl: Permission denied >> >> # pfctl -si | head -1 >> Status: Enabled for 0 days 00:05:03 Debug: err >> >> any ideas about this? >> > You need to build / use no only old kernel but the whole system. > > The simplest way is to use archived version of snapshots from > https://openbsd.cs.toronto.edu/archive/ or another mirror. Thanks for the reply. I did also build pfctl. Unfortunately the date I'm looking for is older than the archives on toronto or hostserver.de Anyway I'll try a build the whole system. Any hints of what specific is needed would be nice, since building the whole system every time until I find the commit I'm looking for would be a pain. G
Re: kernel rebuild to debug problem
On Sun, 19 May 2024 20:52:56 +0100, Kapetanakis Giannis wrote: > > I'm trying to bisect a bug and compile an older kernel from cvs > > cvs checkout -D "2023-01-05" src/sys > > and following https://www.openbsd.org/faq/faq5.html#Options > + make install > > New kernel compiles and boots but I get: > > # pfctl -f /etc/pf.conf > pfctl: DIOCADDRULE: Operation not supported by device > > # pfctl -sr > pfctl: Permission denied > > # pfctl -si | head -1 > Status: Enabled for 0 days 00:05:03 Debug: err > > any ideas about this? > You need to build / use no only old kernel but the whole system. The simplest way is to use archived version of snapshots from https://openbsd.cs.toronto.edu/archive/ or another mirror. -- wbr, Kirill
kernel rebuild to debug problem
I'm trying to bisect a bug and compile an older kernel from cvs cvs checkout -D "2023-01-05" src/sys and following https://www.openbsd.org/faq/faq5.html#Options + make install New kernel compiles and boots but I get: # pfctl -f /etc/pf.conf pfctl: DIOCADDRULE: Operation not supported by device # pfctl -sr pfctl: Permission denied # pfctl -si | head -1 Status: Enabled for 0 days 00:05:03 Debug: err any ideas about this? G
Re: pf anchors attached to irrelevant states
On 5/19/24 13:37, Stuart Henderson wrote: I can confirm this is a problem, definitely seen in 7.4, I can't remember if 7.3 was affected. 7.2 from Dec 22 seems ok. Yes, 7.3 is affected. It is the same problem reported here: https://marc.info/?l=openbsd-misc=168754952806369
Re: pf anchors attached to irrelevant states
On 19/05/2024 14:37, Stuart Henderson wrote: On 2024-05-19, Kapetanakis Giannis wrote: This is a bit strange. pf works normal, but rules after an enchor an being attached to the anchor (somehow). All states that are created from rules after the anchor, show the anchor (pf rule) number instead of (only) the rule number in pfctl -vv and in pflog. I can confirm this is a problem, definitely seen in 7.4, I can't remember if 7.3 was affected. 7.2 from Dec 22 seems ok. 7.3 release was also affected, just tested on a vm. G
Re: pf anchors attached to irrelevant states
On 2024-05-19, Kapetanakis Giannis wrote: > This is a bit strange. pf works normal, but rules after an enchor an > being attached to the anchor (somehow). > > All states that are created from rules after the anchor, show the anchor > (pf rule) number instead of (only) the rule number in pfctl -vv and in > pflog. I can confirm this is a problem, definitely seen in 7.4, I can't remember if 7.3 was affected. 7.2 from Dec 22 seems ok.
pf anchors attached to irrelevant states
This is a bit strange. pf works normal, but rules after an enchor an being attached to the anchor (somehow). All states that are created from rules after the anchor, show the anchor (pf rule) number instead of (only) the rule number in pfctl -vv and in pflog. Here is a quite simple example. # pfctl -sr -a'*' -vv | egrep -v "Evaluations|Inserted" | head -6 @0 match in all scrub (no-df random-id) @1 pass in quick on vio0 from to any flags S/SA set (prio 6) keep state (if-bound, pflow) tag from_external @2 anchor "test" quick all { @0 pass out log quick on egress inet proto tcp from any to any port = 2000 flags S/SA keep state (if-bound) rdr-to 127.0.0.1 } @3 pass out log quick inet proto tcp from any to yy.yy.yy.yy port = 22 flags S/SA keep state (if-bound, pflow) Test traffic for anchor rule works fine (xx.xx.xx.xx is my external ip) # telnet 8.8.8.8 2000 pflog: May 19 13:54:03.427024 rule 2.test.0/(match) pass out on vio0: xx.xx.xx.36179 > 8.8.8.8.2000: S 4080176752:4080176752(0) win 16384 (DF) [tos 0x10] # pfctl -ss -vv | grep -A3 8.8.8.8 vio0 tcp xx.xx.xx.xx:36179 -> 127.0.0.1:2000 (8.8.8.8:2000) SYN_SENT:CLOSED [4080176752 + 2] [0 + 1] age 00:00:01, expires in 00:01:59, 1:0 pkts, 64:0 bytes, anchor 2, rule 0 <<<--- this rule 0 of anchor which is correct id: 661391580039aaa3 creatorid: bfd893f9 See what happens if I try to triger rule @3 and ssh to yy.yy.yy.yy pflog: May 19 13:55:42.386186 rule 2/(match) pass out on vio0: xx.xx.xx.xx.23564 > yy.yy.yy.yy.22: S 3631867116:3631867116(0) win 16384 (DF) [tos 0x48] pfctl -ss -vv|grep -A3 yy.yy.yy.yy vio0 tcp xx.xx.xx.xx:23564 -> yy.yy.yy.yy:22 ESTABLISHED:ESTABLISHED [3631869502 + 37760] wscale 6 [3744464382 + 16384] wscale 7 age 00:01:10, expires in 23:58:54, 16:19 pkts, 3229:3857 bytes, anchor 2, rule 3, pflow id: 661391580039ab07 creatorid: bfd893f9 pflog, logs "rule 2" which is the anchor instead of "rule 3" pfctl, shows "anchor 2, rule 3" instead of just "rule 3" Traffic works normally but there is something fishy here. quick on anchor does not make any difference, although to my understanding it shouldn't matter either set or not set in this case. G
Re: smtpd outgoing mail configuration
On Fri, May 17, 2024 at 08:12:27AM +0200, fr...@lilo.org wrote: How to forward outgoing mail to a remote SMTP server with smtpd? I found this page, but it's out of date I think. https://romanzolotarev.com/openbsd/smtpd-forward.html Tks Pascal I have mine setup like this and its working. My /etc/mail/smtpd.conf: --- start file --- # $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles Exp $ # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. table aliases file:/etc/mail/aliases listen on socket # To accept external mail, replace with: listen on all listen on all action "local_mail" mbox alias action "outbound" relay host smtp://" # Uncomment the following to accept external mail for domain match from # any for domain "" action "local_mail" match from local for local action "local_mail" match from local for any action "outbound" --- End file --- # doas rcctl enable smtpd # doas
Re: pax and ext2fs
On Sat May 18 08:50:21 2024 Philip Guenther wrote: > > So yeah, what's needed is pathconfat(2)** but whether this winding loose > > end ("That poor yak.") merits that much code and surface is yet to be > > examined deeply. > > The fix for this has now been committed, so it'll be in 7.6 and a near > future snapshot. > And you wrote the library! Philip Guenther at https://austingroupbugs.net/view.php?id=1831 wrote: With a fresh cup of coffee, it's 'obvious' the correct action is to use pathconfat(AT_FDCWD, path, _PC_TIMESTAMP_RESOLUTION, AT_SYMLINK_NOFOLLOW) This was touched on in https://austingroupbugs.net/view.php?id=786 [^] (c.f. Geoff's comment 2827 from 2015) so maybe I should just implement this in OpenBSD and drag everyone else along from there. :) No yaks for Philip "John Wayne" Guether, only cows. ;-) > > Philip Guenther > > Walter
Re: nginx + php = system() not working?
On 2024-05-17, Martijn van Duren wrote: > On Thu, 2024-05-16 at 21:58 -0400, F Bax wrote: >> I think I missed something simple? I installed 7.5 release in a VM. I then >> installed nginx and PHP 8.3.3; with pkg_add. I then ran these two commands: >> # rcctl enable php83_fpm >> # rcctl start php83_fpm >> I found an issue with php system() function; so created this simple script >> which produces "HiThere"; why is the date not presented? >> >> > echo 'Hi'; >> system( 'date' ); >> echo 'There'; >> ?> > > All the advise I've seen is horrible. chroot isn't enabled by default > without a reason (php and security have a history). > My first question would by why you need system() in the first place. > If you need the date/time, just use > https://www.php.net/manual/en/class.datetime.php. If it's just a proof > of concept be more precise in what you want to achieve and see if > there's a PHP library equivalent. If there's no reasonable way to > achieve it (which I highly doubt) I advise to copy the required binary > (and dependencies) into the chroot and make a memo to keep them up to > date. There's some information about this in PHP's pkg-readme file. -- Please keep replies on the mailing list.
Re: pax and ext2fs
On Thu, May 16, 2024 at 12:08 AM Philip Guenther wrote: > On Wed, May 15, 2024 at 1:14 AM Philip Guenther wrote: ... >> I think you've managed to hit a spot where the POSIX standard doesn't >> provide a way for a program to find the information it needs to do its job >> correctly. I've filed a ticket there >>https://austingroupbugs.net/view.php?id=1831 >> >> We'll see if my understanding of pathconf() is incorrect or if someone has a >> great idea for how to get around this... > > So yeah, what's needed is pathconfat(2)** but whether this winding loose end > ("That poor yak.") merits that much code and surface is yet to be examined > deeply. The fix for this has now been committed, so it'll be in 7.6 and a near future snapshot. Philip Guenther
Re: nginx + php = system() not working?
"Souji Thenria" wrote: > Another issue might be that nginx is still running as www and doesn't > have access to /home/Testing. As per above suggestion double check that the user by which you run nginx (usually www) has access almost by the group to to the prefix directory declared by the -p flag, and to the subfolders. (and clearly you can't manage to do that on an usr home dir..) Then you should double check your phpfpm user and group by the php-fpm.conf in the following declarations: ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. user = www group = www -dan
Re: nginx + php = system() not working?
On Fri May 17, 2024 at 2:56 PM BST, F Bax wrote: In /etc/rc.conf.local - I changed nginx_flags="-u -p /home/Testing" (home directory of a real user). reboot system and now browser is refused connection This site can’t be reached 192.168.1.131 refused to connect. Neither /var/www/logs/{access|error}.log is changed. What else needs to change? Can you verify that nginx is running? You may have an error in your configuration. You can check the nginx configuration using nginx -t. Another issue might be that nginx is still running as www and doesn't have access to /home/Testing. Regards, Souji
Re: nginx + php = system() not working?
On Thu, 2024-05-16 at 21:58 -0400, F Bax wrote: > I think I missed something simple? I installed 7.5 release in a VM. I then > installed nginx and PHP 8.3.3; with pkg_add. I then ran these two commands: > # rcctl enable php83_fpm > # rcctl start php83_fpm > I found an issue with php system() function; so created this simple script > which produces "HiThere"; why is the date not presented? > > echo 'Hi'; > system( 'date' ); > echo 'There'; > ?> All the advise I've seen is horrible. chroot isn't enabled by default without a reason (php and security have a history). My first question would by why you need system() in the first place. If you need the date/time, just use https://www.php.net/manual/en/class.datetime.php. If it's just a proof of concept be more precise in what you want to achieve and see if there's a PHP library equivalent. If there's no reasonable way to achieve it (which I highly doubt) I advise to copy the required binary (and dependencies) into the chroot and make a memo to keep them up to date. martijn@
Re: nginx + php = system() not working?
Thanks for the tips and security warnings Mike, Souji and Dan, In php-fpm.conf - I changed "; chroot = /var/www" to comment. In /etc/rc.conf.local - I changed nginx_flags="-u -p /home/Testing" (home directory of a real user). reboot system and now browser is refused connection This site can’t be reached 192.168.1.131 refused to connect. Neither /var/www/logs/{access|error}.log is changed. /var/log/php-fpm.log show normal startup; then nothing in any /var/log/ files. [17-May-2024 09:41:59] NOTICE: fpm is running, pid 8072 [17-May-2024 09:41:59] NOTICE: ready to handle connections What else needs to change?
Re: nginx + php = system() not working?
It can even help to run nginx in "unsecure mode" if you want to stay not chrooted: nginx_flags="-u -p /home/mytests" man nginx ; while php-fpm.conf should remain with the default values ; in this case.. -dan Mike Fischer wrote: > > > Am 17.05.2024 um 03:58 schrieb F Bax : > > > > I think I missed something simple? I installed 7.5 release in a VM. > > I then installed nginx and PHP 8.3.3; with pkg_add. I then ran > > these two commands: # rcctl enable php83_fpm # rcctl start php83_fpm > > I found an issue with php system() function; so created this simple > > script which produces "HiThere"; why is the date not presented? > > > system( 'date' ); > > echo 'There'; > > ?> > > You are probably running the php83_fpm process accessed from nginx in > the default chroot(2) environment?
Re: nginx + php = system() not working?
May 17, 2024 11:30:25 Souji Thenria : > -u By default nginx will chroot(2) to the home > directory of the user running the daemon, typically > "www", or to the home directory of user in > nginx.conf. The -u option disables this behaviour, > and returns nginx to the original "unsecure" > behaviour. > > But it doesn't do it on other systems; I cross-checked with nginx > installed on a FreeBSD, where this option doesn't exist. Indeed take care about this option as I use it every day in my dev environment.. ;-)
Re: nginx + php = system() not working?
On Fri May 17, 2024 at 4:38 AM BST, Mike Fischer wrote: OpenBSD httpd would be a different situation because it runs in a chroot(2) environment by default. You can’t call on a PHP-FPM process that is not also running in the chroot(2) environment. The communication between httpd(8) and PHP-FPM fails due to differing opinions about the root of the filesystem when applied to the paths passed from httpd to PHP-FPM. At least I have not managed to get this to work. But AFAIK nginx does not run chroot(2)ed by default. So PHP-FPM does not need to either. On OpenBSD, nginx chroots its process by default. Here is a snippet from the man page nginx(8). -u By default nginx will chroot(2) to the home directory of the user running the daemon, typically "www", or to the home directory of user in nginx.conf. The -u option disables this behaviour, and returns nginx to the original "unsecure" behaviour. But it doesn't do it on other systems; I cross-checked with nginx installed on a FreeBSD, where this option doesn't exist. Since nginx and php_fpm chroot their processes to the same directory (if not changed), nginx should be able to write to the php_fpm socket.