Re: Q: Problems forwarding traffic using pf ...
Hi Guys, Thanks for the feedback, to address your points: 1> Possibly stupid question, but did you set the sysctl(s) to enable forwarding? Yes I tried this pf rule change with version 4 forwarding (net.inet.ip.forwarding) both enabled and disabled. Either way the pf "pass out tagged" rule is never matched. I didn't reboot after changing this setting. It's not clear to me if that is necessary. For the version 6 variable (net.inet6.ip6.forwarding) "man 2 sysctl" states: "... changing this variable during operation may cause serious trouble. Hence, this variable should only be set at bootstrap time." Whatever that might mean. Anyway, for the version 4 variable there no similar remark. 2> And there is also mforwarding 3> And multicast=YES rc.conf.local In this first simple proof/test I just tried to forward some UDP. So this is not yet relevant. But I think you are both right, if I get as far as doing multicasting, I'll probably need those. Out of interest I grepped in /etc and it seems that setting multicast=YES influences the netstart script. When multicast is not "YES" then the route for 224.0.0.0/4 is deleted and re-added to the IP loopback address with an option "reject". Cheers, Robb.
Re: Q: Problems forwarding traffic using pf ...
On Thu, May 23, 2024 at 08:24:03PM +0300, Kapetanakis Giannis wrote: > On 23/05/2024 20:18, Peter N. M. Hansteen wrote: > > On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > > > I need to quickly create a solution for forwarding multicast traffic > > > between two systems, so I though perhaps I could use pf to do just that > > > by writing some rules along the lines of: > > > > > > 1. pass in on iface A proto UDP ... tag mcast > > > 2. pass out on iface B tagged mcast > > > > > > And another pair of rules for the reverse direction B -> A. > > > > > > (Obviously I'd add more options to filter specific addresses, etc.) > > Possibly stupid question, but did you set the sysctl(s) to enable > > forwarding? > > > > $ sysctl net.inet.ip.forwarding > > > > and > > > > $ sysctl net.inet6.ip6.forwarding > > > > will provide the answer (as in, if those values are not 1, forwarding > > between interfaces is not enabled) > > > > > And there is also mforwarding > > net.inet.ip.forwarding > net.inet.ip.mforwarding > net.inet6.ip6.forwarding > net.inet6.ip6.mforwarding > > G > And multicast=YES rc.conf.local --
Re: Q: Problems forwarding traffic using pf ...
On 23/05/2024 20:18, Peter N. M. Hansteen wrote: On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: I need to quickly create a solution for forwarding multicast traffic between two systems, so I though perhaps I could use pf to do just that by writing some rules along the lines of: 1. pass in on iface A proto UDP ... tag mcast 2. pass out on iface B tagged mcast And another pair of rules for the reverse direction B -> A. (Obviously I'd add more options to filter specific addresses, etc.) Possibly stupid question, but did you set the sysctl(s) to enable forwarding? $ sysctl net.inet.ip.forwarding and $ sysctl net.inet6.ip6.forwarding will provide the answer (as in, if those values are not 1, forwarding between interfaces is not enabled) And there is also mforwarding net.inet.ip.forwarding net.inet.ip.mforwarding net.inet6.ip6.forwarding net.inet6.ip6.mforwarding G
Re: Q: Problems forwarding traffic using pf ...
On Thu, May 23, 2024 at 11:14:20AM +0200, Why 42? The lists account. wrote: > I need to quickly create a solution for forwarding multicast traffic > between two systems, so I though perhaps I could use pf to do just that > by writing some rules along the lines of: > > 1. pass in on iface A proto UDP ... tag mcast > 2. pass out on iface B tagged mcast > > And another pair of rules for the reverse direction B -> A. > > (Obviously I'd add more options to filter specific addresses, etc.) Possibly stupid question, but did you set the sysctl(s) to enable forwarding? $ sysctl net.inet.ip.forwarding and $ sysctl net.inet6.ip6.forwarding will provide the answer (as in, if those values are not 1, forwarding between interfaces is not enabled) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Q: Problems forwarding traffic using pf ...
Hi All, I need to quickly create a solution for forwarding multicast traffic between two systems, so I though perhaps I could use pf to do just that by writing some rules along the lines of: 1. pass in on iface A proto UDP ... tag mcast 2. pass out on iface B tagged mcast And another pair of rules for the reverse direction B -> A. (Obviously I'd add more options to filter specific addresses, etc.) So I tried to do a quick test / proof of concept. Here is the pf.conf: # cat pf.conf set skip on lo0 set block-policy return set debug warning # Begin by blocking everything block log all # Begin by blocking everything pass in log on em0proto udp from 192.168.178.166 tag UDP pass out log on ure0 tagged UDP ###match route dup-to ure0 tagged TAG_UP # Allow all outbound #pass out log modulate state The two "pass" lines are the basis of the idea. This seems to be pretty much identical to the tagging example "INTNET" in the pf.conf man page. pfctl reports: # pfctl -vvs rules | grep @ @0 block return log all @1 pass in log on em0 inet proto udp from 192.168.178.166 to any tag UDP @2 pass out log on ure0 all flags S/SA tagged UDP I see that rule 1 is matched, but never rule 2. E.g. ... May 23 10:32:06.602759 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 46[|domain] (DF) May 23 10:32:06.603963 rule 0/(match) block in on em0: fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 46[|domain] [flowlabel 0xbaff9] May 23 10:32:09.700212 rule 0/(match) block in on em0: 192.168.178.254 > 224.0.0.1: igmp query [len 12] (DF) [tos 0xc0] [ttl 1] May 23 10:32:13.267374 rule 1/(match) pass in on em0: 192.168.178.166.56334 > 192.168.178.11.54321: udp 7 May 23 10:32:20.592971 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 16 [3q][|domain] (DF) May 23 10:32:21.136275 rule 0/(match) block in on em0: 192.168.178.252.5353 > 224.0.0.251.5353: 48084+[|domain] May 23 10:32:21.137074 rule 0/(match) block in on em0: 192.168.178.252.5353 > 224.0.0.251.5353: 0* [0q] 3/0/3[|domain] ... May 23 10:32:48.588466 rule 1/(match) pass in on em0: 192.168.178.166.56335 > 192.168.178.11.54321: udp 42 May 23 10:32:49.705282 rule 0/(match) block in on em0: 192.168.178.179.5353 > 224.0.0.251.5353: 0[|domain] (DF) May 23 10:32:49.705839 rule 0/(match) block in on em0: fe80::4434:8bff:fecd:b116.5353 > ff02::fb.5353: 0[|domain] [flowlabel 0xbaff9] ... I must be missing something, but what? Both interfaces are up and configured with IP addresses. I'm running the current snapshot i.e. 7.5 GENERIC.MP#77 amd64. Thanks in advance! Cheers, Robb.
Re: pkg_info -Q confusion
> Am 15.04.2023 um 23:44 schrieb Antun Matanović : > >> I'm generally interested in what is available for the exact machine I am >> running on. > > You could use `pkg_info -a -Q` which searches all the repositories. >> From the pkg_info man page: > -Q substring > Show the names of all packages in the first repository of the > package search path containing the substring in the stems of > their package names. A stem is a package name with all version > and flavor suffixes removed; see pkg_add(1) for more details on > stems. If -a is also specified, show the names of all matching > packages in all repositories instead. So simple and so perfect! Thanks for that hint. I’ll still keep pkglocate around for more complicated partial name searches but for most of my use cases pkg_info -aQ name is exactly what I need. Mike
Re: pkg_info -Q confusion
> I'm generally interested in what is available for the exact machine I am > running on. You could use `pkg_info -a -Q` which searches all the repositories. >From the pkg_info man page: -Q substring Show the names of all packages in the first repository of the package search path containing the substring in the stems of their package names. A stem is a package name with all version and flavor suffixes removed; see pkg_add(1) for more details on stems. If -a is also specified, show the names of all matching packages in all repositories instead.
Re: pkg_info -Q confusion
> Am 14.04.2023 um 18:24 schrieb Allan Streib : > > On Fri, Apr 14, 2023, at 05:50, Stuart Henderson wrote: >> I never found pkg_info -Q to be a useful tool. >> >> Try pkglocate instead ("pkg_add pkglocatedb" first) which allows >> searching on an index that is built from : - as a >> result it lets you do a substring match on package names, not just >> on filenames. > > Also, as mentioned in packages(7) man page, there is a site at > https://openports.pl/ that can be used, though obviously that requires > internet access so may not be appropriate for all cases. I tend to > use it a lot, personally. It does not seem to differentiate between different OpenBSD versions or architectures though? I’m generally interested in what is available for the exact machine I am running on. But I guess at least knowing that there is a port for some version on some platform might be helpful — at least the inverse means I can stop looking now ;-) But still thanks for reminding me of this site. I had forgotten about that. Mike
Re: pkg_info -Q confusion
On Fri, Apr 14, 2023, at 05:50, Stuart Henderson wrote: > I never found pkg_info -Q to be a useful tool. > > Try pkglocate instead ("pkg_add pkglocatedb" first) which allows > searching on an index that is built from : - as a > result it lets you do a substring match on package names, not just > on filenames. Also, as mentioned in packages(7) man page, there is a site at https://openports.pl/ that can be used, though obviously that requires internet access so may not be appropriate for all cases. I tend to use it a lot, personally.
Re: pkg_info -Q confusion
Inline… > Am 14.04.2023 um 12:50 schrieb Stuart Henderson : > > On 2023-04-14, Mike Fischer wrote: >> Usually when looking for a port to install I use `pkg_info -Q name` to >> search for the the port. >> >> Strangely this does not completely work for PHP on OpenBSD 7.3: >> >> `pkg_info -Q php` does not list PHP 7.4.33 and related ports which are >> clearly available. >> >> It seems that -Q only finds ports in packages-stable/, not packages/? >> >> pkg_info(1) does not seem to mention this limitation (or I have missed it). > > That's what is meant by "in the first repository of the package search > path" but it's not very obvious. Ah, I see. Indeed I didn’t realise that was meant by the statement. > If PKG_PATH is not set and you're on a release version, the > pkg_add-based tools (including pkg_info) construct one starting with > the packages-stable directory, in order that -stable updates are > preferred over release packages. This is (mostly) described in > pkg_add(1). > > You can search just the release packages with > > PKG_PATH=http://cdn.openbsd.org/pub/OpenBSD/%v/packages/%a/ pkg_info -Q php Ok, thanks. Not very comfortable but at least a possibility. > >> Is this working as intended? > > Yes though it's a little unfriendly. Yep! > >> Is there a better way to look for available packages? > > I never found pkg_info -Q to be a useful tool. Up to now I never had an issue. But I never noticed this limitation before. (I did notice the lack of being able to search for partial package names but I have gotten used to that.) > Try pkglocate instead ("pkg_add pkglocatedb" first) which allows > searching on an index that is built from : - as a > result it lets you do a substring match on package names, not just > on filenames. > > For a package which includes many files you'll get a lot of output > lines, so something like "pkglocate moo | cut -d: -f1 | uniq" maybe > useful, or "pkglocate moo | grep ^moo". > > And if you're looking for the package containing a particular > binary, "pkglocate bin/moo" cuts out a lot of the useless stuff. Very helpful! Thanks Stuart! Mike
Re: pkg_info -Q confusion
On 2023-04-14, Mike Fischer wrote: > Usually when looking for a port to install I use `pkg_info -Q name` to > search for the the port. > > Strangely this does not completely work for PHP on OpenBSD 7.3: > > `pkg_info -Q php` does not list PHP 7.4.33 and related ports which are > clearly available. > > It seems that -Q only finds ports in packages-stable/, not packages/? > > pkg_info(1) does not seem to mention this limitation (or I have missed it). That's what is meant by "in the first repository of the package search path" but it's not very obvious. If PKG_PATH is not set and you're on a release version, the pkg_add-based tools (including pkg_info) construct one starting with the packages-stable directory, in order that -stable updates are preferred over release packages. This is (mostly) described in pkg_add(1). You can search just the release packages with PKG_PATH=http://cdn.openbsd.org/pub/OpenBSD/%v/packages/%a/ pkg_info -Q php > Is this working as intended? Yes though it's a little unfriendly. > Is there a better way to look for available packages? I never found pkg_info -Q to be a useful tool. Try pkglocate instead ("pkg_add pkglocatedb" first) which allows searching on an index that is built from : - as a result it lets you do a substring match on package names, not just on filenames. For a package which includes many files you'll get a lot of output lines, so something like "pkglocate moo | cut -d: -f1 | uniq" maybe useful, or "pkglocate moo | grep ^moo". And if you're looking for the package containing a particular binary, "pkglocate bin/moo" cuts out a lot of the useless stuff.
pkg_info -Q confusion
Usually when looking for a port to install I use `pkg_info -Q name` to search for the the port. Strangely this does not completely work for PHP on OpenBSD 7.3: `pkg_info -Q php` does not list PHP 7.4.33 and related ports which are clearly available. It seems that -Q only finds ports in packages-stable/, not packages/? pkg_info(1) does not seem to mention this limitation (or I have missed it). Is this working as intended? Is there a better way to look for available packages? Thanks! Mike
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On Wed, Feb 15, 2023 at 03:10:08PM +0100, Why 42? The lists account. wrote: > However, I also tried testing the same two filesystems using the > "Flexible IO Tester" or fio (it's available as a package). When I used it > to do random 4K reads and writes, I appear to have the opposite result: ... > I wonder why that would be? For a start, I would test using something other than /dev/zero as the data source. It's entirely possible that the firmware on an SSD would special case writing a block that contains only 0x00 bytes. In that case, and assuming that the filesystem block boundaries align with the SSD's own internal flash block layout, the SSD would only need to update it's metadata to point those LBA blocks to an internal 'zero' block. This would virtually eliminate the overhead of actually writing to the flash, and allow it to accept data from the host at a much faster speed. As soon as you write a single non-0x00 byte, the drive would have to do a propper write to the main flash memory and not just the area which contains it's internal LBA to flash block mapping, (which may also be write-cached). Depending on the state of the SSD, (recently secerased, used with another OS which supports TRIM, alignment of the filesystem blocks with the raw flash blocks, etc, etc), this could mean either a write, or a read-erase-write cycle. Using /dev/zero as the source definitely makes it a synthetic benchmark.
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On Mon, Feb 13, 2023 at 01:50:13PM -, Stuart Henderson wrote: > ... > It maybe worth checking whether mfs is actually helping - > it's easy to assume that because it's in RAM it must be fast, > but I've had machines where mfs was slower than SSD > (https://marc.info/?l=openbsd-misc=164942119618029=2), > also it's taking memory that could otherwise be used by > buffer cache. Hi All, Since you mentioned it, I thought I would retry your dd test ... # mount | grep /tmp mfs:15266 on /tmp type mfs (asynchronous, local, nodev, nosuid, size=16777216 512-blocks) % cd !$ ; for i in `jot 5`; do dd if=/dev/zero of=mfs bs=1m count=990 2>&1 | grep bytes; done cd /tmp/dd_test ; for i in `jot 5`; do dd if=/dev/zero of=mfs bs=1m count=990 2>&1 | grep bytes; done 1038090240 bytes transferred in 1.376 secs (754215208 bytes/sec) 1038090240 bytes transferred in 1.189 secs (872536649 bytes/sec) 1038090240 bytes transferred in 1.227 secs (845718432 bytes/sec) 1038090240 bytes transferred in 1.186 secs (874866632 bytes/sec) 1038090240 bytes transferred in 1.254 secs (827186370 bytes/sec) # mount | grep /fast /dev/sd1l on /fast type ffs (local, nodev, nosuid, softdep) # dmesg | grep sd1 sd1 at scsibus2 targ 1 lun 0: ... % cd /fast/dd_test ; for i in `jot 5`; do dd if=/dev/zero of=fast bs=1m count=990 2>&1 | grep bytes; done 1038090240 bytes transferred in 0.871 secs (1191076597 bytes/sec) 1038090240 bytes transferred in 0.635 secs (1633246669 bytes/sec) 1038090240 bytes transferred in 0.615 secs (1685529408 bytes/sec) 1038090240 bytes transferred in 0.605 secs (1714639562 bytes/sec) 1038090240 bytes transferred in 0.612 secs (1694489764 bytes/sec) So it seems that the Samsung NVMe device is much faster ... However, I also tried testing the same two filesystems using the "Flexible IO Tester" or fio (it's available as a package). When I used it to do random 4K reads and writes, I appear to have the opposite result: fio --name=rand_mmap_r+w --directory=/tmp/fio_test --rw=randrw --blocksize=4k --size=6g --io_size=60g --runtime=600 --ioengine=psync --fsync=1 --thread --numjobs=1 --group_reporting ... Run status group 0 (all jobs): READ: bw=130MiB/s (136MB/s), 130MiB/s-130MiB/s (136MB/s-136MB/s), io=30.0GiB (32.2GB), run=236394-236394msec WRITE: bw=130MiB/s (136MB/s), 130MiB/s-130MiB/s (136MB/s-136MB/s), io=30.0GiB (32.2GB), run=236394-236394msec % fio --name=rand_mmap_r+w --directory=/fast/fio_test --rw=randrw --blocksize=4k --size=6g --io_size=60g --runtime=600 --ioengine=psync --fsync=1 --thread --numjobs=1 --group_reporting ... Run status group 0 (all jobs): READ: bw=34.8MiB/s (36.5MB/s), 34.8MiB/s-34.8MiB/s (36.5MB/s-36.5MB/s), io=20.4GiB (21.9GB), run=60-60msec WRITE: bw=34.8MiB/s (36.4MB/s), 34.8MiB/s-34.8MiB/s (36.4MB/s-36.4MB/s), io=20.4GiB (21.9GB), run=60-60msec I wonder why that would be? Disclaimer: I know almost nothing about fio, I've never used it before. In particular, it isn't clear to me what the correct/best choice is for the "ioengine" option. (I played around with a few different settings, that's why you can see that "mmap" in the (test)name argument.) This is on a 8th generation i5 Intel NUC running a recent snapshot: 7.2 GENERIC.MP#1049 The CPU has 4 cores, hyperthreading is off. The underlying device for "/fast" is a Samsung M.2 NVMe "stick": nvme0: Samsung SSD 970 EVO Plus 500GB, firmware 1B2QEXM7 ... The full output from fio is included below for anyone who might be interested ... Cheers, Robb. fio --name=rand_mmap_r+w --directory=/tmp/fio_test --rw=randrw --blocksize=4k --size=6g --io_size=60g --runtime=600 --ioengine=psync --fsync=1 --thread --numjobs=1 --group_reporting rand_mmap_r+w: (g=0): rw=randrw, bs=(R) 4096B-4096B, (W) 4096B-4096B, (T) 4096B-4096B, ioengine=psync, iodepth=1 fio-3.33 Starting 1 thread rand_mmap_r+w: Laying out IO file (1 file / 6144MiB) Jobs: 1 (f=1): [m(1)][100.0%][r=134MiB/s,w=134MiB/s][r=34.3k,w=34.2k IOPS][eta 00m:00s] rand_mmap_r+w: (groupid=0, jobs=1): err= 0: pid=669956672: Wed Feb 15 13:52:03 2023 read: IOPS=33.3k, BW=130MiB/s (136MB/s)(30.0GiB/236394msec) clat (nsec): min=1523, max=1504.6k, avg=5387.11, stdev=1201.82 lat (nsec): min=1580, max=1504.7k, avg=5450.15, stdev=1203.46 clat percentiles (nsec): | 1.00th=[ 3632], 5.00th=[ 4576], 10.00th=[ 4832], 20.00th=[ 5024], | 30.00th=[ 5152], 40.00th=[ 5280], 50.00th=[ 5344], 60.00th=[ 5472], | 70.00th=[ 5600], 80.00th=[ 5792], 90.00th=[ 5984], 95.00th=[ 6176], | 99.00th=[ 6496], 99.50th=[ 6688], 99.90th=[13376], 99.95th=[18048], | 99.99th=[26240] bw ( KiB/s): min=126573, max=144312, per=100.00%, avg=133298.71, stdev=2476.36, samples=472 iops: min=31643, max=36078, avg=33324.48, stdev=619.06, samples=472 write: IOPS=33.2k, BW=130MiB/s (136MB/s)(30.0GiB/236394msec); 0 zone resets clat (usec): min=3, max=1549, avg=13.84, stdev= 2.06 lat (usec): min=3, max=1549, avg=13.92, stdev= 2.07 clat
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On 2023-02-12, Why 42? The lists account. wrote: > > You're exactly right. With this entry in fstab: >> swap /tmp mfs rw,nodev,nosuid,-s=4194304 0 0 > > I now have this /tmp space: >> mjoelnir:~ 12.02 13:15:07 % df -h >> Filesystem SizeUsed Avail Capacity Mounted on >> /dev/sd1a 1005M537M418M57%/ >> mfs:67535 1.9G 29.0K1.8G 1%/tmp >> ... > > That's right after a reboot. I'll start Chrome now and it can really chow > down on some /tmp space :-) It maybe worth checking whether mfs is actually helping - it's easy to assume that because it's in RAM it must be fast, but I've had machines where mfs was slower than SSD (https://marc.info/?l=openbsd-misc=164942119618029=2), also it's taking memory that could otherwise be used by buffer cache. The main benefit to me from mfs is for things which I explicitly don't want to hit permanent storage.
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On Sun, Feb 12, 2023 at 01:28:04PM +0100, Why 42? The lists account. wrote: > > On Sun, Feb 05, 2023 at 02:50:44PM -0300, Crystal Kolipe wrote: > > On Sun, Feb 05, 2023 at 06:05:22PM +0100, Why 42? The lists account. wrote: > > ... > > > The fstab file contains this mount entry for tmp: > > > swap /tmp mfs rw,nodev,nosuid,-s=16777216 0 0 > > > > This is 8 Gb, which exceeds the default value for datasize for the daemon > > class in /etc/login.conf. > > > > Have you changed /etc/login.conf from the default? > > > > > Did MFS filesystems go away, or have I screwed something up? > > > > You've screwed something up :). > > You're exactly right. With this entry in fstab: > > swap /tmp mfs rw,nodev,nosuid,-s=4194304 0 0 > > I now have this /tmp space: > > mjoelnir:~ 12.02 13:15:07 % df -h > > Filesystem SizeUsed Avail Capacity Mounted on > > /dev/sd1a 1005M537M418M57%/ > > mfs:67535 1.9G 29.0K1.8G 1%/tmp > > ... If you've got plenty of physical RAM, you can always increase the datasize in login.conf and keep your original 8 Gb mfs ramdisk rather than reducing it. Not sure if that was clear from my original reply :).
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On Sun, Feb 05, 2023 at 02:50:44PM -0300, Crystal Kolipe wrote: > On Sun, Feb 05, 2023 at 06:05:22PM +0100, Why 42? The lists account. wrote: > ... > > The fstab file contains this mount entry for tmp: > > swap /tmp mfs rw,nodev,nosuid,-s=16777216 0 0 > > This is 8 Gb, which exceeds the default value for datasize for the daemon > class in /etc/login.conf. > > Have you changed /etc/login.conf from the default? > > > Did MFS filesystems go away, or have I screwed something up? > > You've screwed something up :). You're exactly right. With this entry in fstab: > swap /tmp mfs rw,nodev,nosuid,-s=4194304 0 0 I now have this /tmp space: > mjoelnir:~ 12.02 13:15:07 % df -h > Filesystem SizeUsed Avail Capacity Mounted on > /dev/sd1a 1005M537M418M57%/ > mfs:67535 1.9G 29.0K1.8G 1%/tmp > ... That's right after a reboot. I'll start Chrome now and it can really chow down on some /tmp space :-) Thanks! Cheers, Robb.
Re: Q: Error: mount_mfs: mmap: Cannot allocate memory
On Sun, Feb 05, 2023 at 06:05:22PM +0100, Why 42? The lists account. wrote: > mount_mfs: mmap: Cannot allocate memory ... > The fstab file contains this mount entry for tmp: > swap /tmp mfs rw,nodev,nosuid,-s=16777216 0 0 This is 8 Gb, which exceeds the default value for datasize for the daemon class in /etc/login.conf. Have you changed /etc/login.conf from the default? > Did MFS filesystems go away, or have I screwed something up? You've screwed something up :).
Q: Error: mount_mfs: mmap: Cannot allocate memory
Hi All, After an update to a recent snapshot on my desktop system, I noticed these mount_mfs messages at boot time: /dev/sd0h (7a1775fef773535e.h): file system is clean; not checking /dev/sd1j (281ef747da03afe7.j): file system is clean; not checking /dev/sd1k (281ef747da03afe7.k): file system is clean; not checking /dev/sd1l (281ef747da03afe7.l): file system is clean; not checking /dev/sd2c (67c92dad63883338.c): file system is clean; not checking mount_mfs: mmap: Cannot allocate memory kbd: keyboard mapping set to de.nodead keyboard.encoding -> de.nodead pf enabled kern.maxproc: 1310 -> 4000 kern.maxthread: 2620 -> 8000 kern.maxfiles: 7030 -> 16000 ddb.panic: 1 -> 0 kern.allowdt: 0 -> 1 starting network reordering: ld.so libc libcrypto sshd. starting early daemons: syslogd pflogd ntpd. starting RPC daemons: portmap mountd nfsd lockd statd. mount_mfs: mmap: Cannot allocate memory savecore: no core dump checking quotas: done. clearing /tmp kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. running rc.sysmerge starting network daemons: sshd sndiod. running rc.firsttime fw_update: added none; updated none; kept intel,inteldrm,vmm starting package daemons: messagebus postfix smartd pcscd avahi_daemon. starting local daemons: sensorsd cron xenodm. The fstab file contains this mount entry for tmp: swap /tmp mfs rw,nodev,nosuid,-s=16777216 0 0 I don't know when this first occurred. I first noticed it when I was investigating why chrome had started to log "filesystem full" messages: e.g. "/: write failed, file system is full.". Since the mfs mount of /tmp failed, it's now using the root fs as /tmp space, which doesn't have much free space. I'm currently running: OpenBSD mjoelnir.fritz.box 7.2 GENERIC.MP#1012 amd64 Did MFS filesystems go away, or have I screwed something up? Cheers, Robb.
Re: pkg_info -Q not finding all entries?
On Mon, 2023-01-30 at 11:26 +, Stuart Henderson wrote: > On 2023-01-30, David Demelier wrote: > > While searching for sqlite3 I've realized that pkg_info -Q sqlite3 > > finds some php packages but not everything available in the remote > > repository: > > This is a consequence of the "first repository of the package search > path" limitation of -Q and how -stable packages are handled. > It only displays packages for which a -stable update is available. > > Workaround: > > PKG_PATH=http://cdn.openbsd.org/pub/OpenBSD/%v/packages/%a/ pkg_info > -Q sqlite > Hi, Thank you for your both answers, I'll keep that around :) -- David
Re: pkg_info -Q not finding all entries?
On 2023-01-30, David Demelier wrote: > While searching for sqlite3 I've realized that pkg_info -Q sqlite3 > finds some php packages but not everything available in the remote > repository: This is a consequence of the "first repository of the package search path" limitation of -Q and how -stable packages are handled. It only displays packages for which a -stable update is available. Workaround: PKG_PATH=http://cdn.openbsd.org/pub/OpenBSD/%v/packages/%a/ pkg_info -Q sqlite though this won't show updates from the packages-stable directory. (Or run -current :-) Another sort-of alternative is to use pkglocate (install the pkglocatedb package, and for some things postprocessing with | cut -d: -f1 | sort -u helps).
Re: pkg_info -Q not finding all entries?
Hi, * David Demelier wrote: > Hello, > > While searching for sqlite3 I've realized that pkg_info -Q sqlite3 > finds some php packages but not everything available in the remote > repository: > > # cat /etc/installurl > https://ftp.fr.openbsd.org/pub/OpenBSD/ > # pkg_info -Q sqlite3 > debug-php-sqlite3-7.4.32p0 > debug-php-sqlite3-7.4.33 > debug-php-sqlite3-8.0.24p0 > debug-php-sqlite3-8.0.25 > debug-php-sqlite3-8.0.26 > debug-php-sqlite3-8.0.27 > debug-php-sqlite3-8.1.11p0 > debug-php-sqlite3-8.1.12 > debug-php-sqlite3-8.1.13 > debug-php-sqlite3-8.1.14 > php-sqlite3-7.4.32p0 > php-sqlite3-7.4.33 > php-sqlite3-8.0.24p0 > php-sqlite3-8.0.25 > php-sqlite3-8.0.26 > php-sqlite3-8.0.27 > php-sqlite3-8.1.11p0 > php-sqlite3-8.1.12 > php-sqlite3-8.1.13 > php-sqlite3-8.1.14 What you see above are the sqlite3 packages from the 7.2 packages-stable/ directory. When you do the same on a -current you get much more results and presumably what you expected. $ pkg_info -Q sqlite3 | wc -l 20 I assume pkg_info looks only in the stable directory and not in both to builds a set between updated and not updates packages... Cheers Matthias
pkg_info -Q not finding all entries?
Hello, While searching for sqlite3 I've realized that pkg_info -Q sqlite3 finds some php packages but not everything available in the remote repository: # cat /etc/installurl https://ftp.fr.openbsd.org/pub/OpenBSD/ # pkg_info -Q sqlite3 debug-php-sqlite3-7.4.32p0 debug-php-sqlite3-7.4.33 debug-php-sqlite3-8.0.24p0 debug-php-sqlite3-8.0.25 debug-php-sqlite3-8.0.26 debug-php-sqlite3-8.0.27 debug-php-sqlite3-8.1.11p0 debug-php-sqlite3-8.1.12 debug-php-sqlite3-8.1.13 debug-php-sqlite3-8.1.14 php-sqlite3-7.4.32p0 php-sqlite3-7.4.33 php-sqlite3-8.0.24p0 php-sqlite3-8.0.25 php-sqlite3-8.0.26 php-sqlite3-8.0.27 php-sqlite3-8.1.11p0 php-sqlite3-8.1.12 php-sqlite3-8.1.13 php-sqlite3-8.1.14 # It also does not list the installed package of the exact name 'sqlite3' (which is installed). # pkg_info sqlite3 Information for inst:sqlite3-3.39.3 Comment: embedded SQL implementation Required by: python-3.9.16 Description: SQLite is a C library that implements an embeddable SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. The distribution comes with a standalone command-line access program (sqlite3) that can be used to administer an SQLite database and which serves as an example of how to use the SQLite library. Maintainer: The OpenBSD ports mailing-list WWW: https://www.sqlite.org/ Do I miss something (or misunderstood the -Q option)? This is 7.2 on amd64. Regards, -- David
Re: Q: dmesg: dt: 443 probes
Am Tue, May 04, 2021 at 03:38:14PM - schrieb Stuart Henderson: > On 2021-05-04, Why 42? The lists account. wrote: > > > > On Mon, May 03, 2021 at 12:59:27AM +0200, Patrick Wildt wrote: > >> > ... > >> > But when I do (as root): "sysctl kern.allowdt=1" it returns this error: > >> > sysctl: kern.allowdt: Operation not permitted > >> > >> Similarly to kern.allowkmem, you can only set it when the securelevel is > >> still 'low'. That's for security. You need to add kern.allowdt=1 to > >> sysctl.conf, and then reboot. Then it'll be enabled after reboot. > > > > Thanks Patrick! After the reboot I was able to experiment with btrace. > > > > Do you use it, do you have any examples that might help to get started? > > Here's one example: > https://marc.info/?l=openbsd-bugs=158583371404603=2 That's exactly the one I use. Though with varying hz (1-60)
Re: Q: dmesg: dt: 443 probes
On 2021-05-04, Why 42? The lists account. wrote: > > On Mon, May 03, 2021 at 12:59:27AM +0200, Patrick Wildt wrote: >> > ... >> > But when I do (as root): "sysctl kern.allowdt=1" it returns this error: >> > sysctl: kern.allowdt: Operation not permitted >> >> Similarly to kern.allowkmem, you can only set it when the securelevel is >> still 'low'. That's for security. You need to add kern.allowdt=1 to >> sysctl.conf, and then reboot. Then it'll be enabled after reboot. > > Thanks Patrick! After the reboot I was able to experiment with btrace. > > Do you use it, do you have any examples that might help to get started? Here's one example: https://marc.info/?l=openbsd-bugs=158583371404603=2
Re: Q: dmesg: dt: 443 probes
On Mon, May 03, 2021 at 12:59:27AM +0200, Patrick Wildt wrote: > > ... > > But when I do (as root): "sysctl kern.allowdt=1" it returns this error: > > sysctl: kern.allowdt: Operation not permitted > > Similarly to kern.allowkmem, you can only set it when the securelevel is > still 'low'. That's for security. You need to add kern.allowdt=1 to > sysctl.conf, and then reboot. Then it'll be enabled after reboot. Thanks Patrick! After the reboot I was able to experiment with btrace. Do you use it, do you have any examples that might help to get started? Using the bfptrace reference guide: https://github.com/iovisor/bpftrace/blob/master/docs/reference_guide.md I was able to get a simple "Hello World" to run, but more than that seemed to cause me some problems e.g. > # btrace -e 'BEGIN{ @enq = 0 } tracepoint:sched:enqueue { @enq = @enq + 1; } > interval:s:10 { printf("sched_enqueue: %d\n", @enq) ; @enq = 0; }' > btrace:1:77: syntax error: > BEGIN{ @enq = 0 } tracepoint:sched:enqueue { @enq = @enq + 1; } interval:s:10 > { printf("sched_enqueue: %d\n", @enq) ; @enq = 0; } > ^ Doesn't seem to like the interval syntax? Or this one which does run but then takes an assertion failure: > # btrace -e 'BEGIN{ @enq = 0 } tracepoint:sched:enqueue { @enq = > lhist(retval, 0, 1000, 100); }' > assertion "hist->hstep == step" failed: file > "/usr/src/usr.sbin/btrace/map.c", line 246, function "hist_increment" > zsh: abort (core dumped) btrace -e Thanks again in any case! Cheers, Robb.
Re: Q: dmesg: dt: 443 probes
Am Sun, May 02, 2021 at 11:49:10PM +0200 schrieb Why 42? The lists account.: > > Actually I do notice one thing, having just upgraded to: > kern.version=OpenBSD 6.9-current (GENERIC.MP) #492: Sat May 1 17:37:28 MDT > 2021 > > I checked the output from dmesg and I have a new boot time message: > dt: 443 probes > > man dt tells me that dt is dynamic tracing and that I can enable it by > setting kern.allowdt. > > But when I do (as root): "sysctl kern.allowdt=1" it returns this error: > sysctl: kern.allowdt: Operation not permitted Similarly to kern.allowkmem, you can only set it when the securelevel is still 'low'. That's for security. You need to add kern.allowdt=1 to sysctl.conf, and then reboot. Then it'll be enabled after reboot. > What am I missing? > > Cheers, > Robb. > > FYI: This is on an Intel NUC: > bios0 at mainbus0: SMBIOS rev. 3.2 @ 0x7a9a4000 (77 entries) > bios0: vendor Intel Corp. version "BECFL357.86A.0087.2020.1209.1115" date > 12/09/2020 > bios0: Intel(R) Client Systems NUC8i5BEH >
Q: dmesg: dt: 443 probes
Actually I do notice one thing, having just upgraded to: kern.version=OpenBSD 6.9-current (GENERIC.MP) #492: Sat May 1 17:37:28 MDT 2021 I checked the output from dmesg and I have a new boot time message: dt: 443 probes man dt tells me that dt is dynamic tracing and that I can enable it by setting kern.allowdt. But when I do (as root): "sysctl kern.allowdt=1" it returns this error: sysctl: kern.allowdt: Operation not permitted What am I missing? Cheers, Robb. FYI: This is on an Intel NUC: bios0 at mainbus0: SMBIOS rev. 3.2 @ 0x7a9a4000 (77 entries) bios0: vendor Intel Corp. version "BECFL357.86A.0087.2020.1209.1115" date 12/09/2020 bios0: Intel(R) Client Systems NUC8i5BEH
Re: Q: pkg_add fails with: TLS handshake failure: ocsp verify failed: Undefined error ...
On Fri, Mar 19, 2021 at 04:56:11PM +, Stuart Henderson wrote: > In gmane.os.openbsd.misc, li...@y42.org wrote: > > > > Hi All, > > > > What would cause pkg_add -u to report this error? > >> https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: TLS handshake > >> failure: ocsp verify failed: Undefined error: 0 > >> https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: empty > >> Couldn't find updates for ... a long list of (all?) installed packages ... > > > > Error 0? > > There is some problem doing OCSP validation. It validates OK with openssl > 1.0.2u and 1.1.1j but not with libressl. DFN run their own PKI and OCSP > responder so it might hit some edge case that isn't seen with other > responders. I missed a typo in tobhe's diff. This fixes it for me. Index: x509/x509_purp.c === RCS file: /cvs/src/lib/libcrypto/x509/x509_purp.c,v retrieving revision 1.3 diff -u -p -r1.3 x509_purp.c --- x509/x509_purp.c13 Mar 2021 23:01:49 - 1.3 +++ x509/x509_purp.c19 Mar 2021 17:21:29 - @@ -571,7 +571,7 @@ x509v3_cache_extensions(X509 *x) if (x->skid == NULL && i != -1) x->ex_flags |= EXFLAG_INVALID; x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, , NULL); - if (x->skid == NULL && i != -1) + if (x->akid == NULL && i != -1) x->ex_flags |= EXFLAG_INVALID; /* Does subject name match issuer? */
Re: Q: pkg_add fails with: TLS handshake failure: ocsp verify failed: Undefined error ...
-BEGIN CERTIFICATE- MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi 1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN 9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP BSeOE6Fuwg== -END CERTIFICATE- EOF
Q: pkg_add fails with: TLS handshake failure: ocsp verify failed: Undefined error ...
Hi All, What would cause pkg_add -u to report this error? > https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: TLS handshake > failure: ocsp verify failed: Undefined error: 0 > https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: empty > Couldn't find updates for ... a long list of (all?) installed packages ... Error 0? That directory, on fau.de, is not empty. I have just rebooted after running sysupgrade to arrive at: > OpenBSD mjoelnir.fritz.box 6.9 GENERIC.MP#416 amd64 And as my next step I wanted to then upgrade my installed packages. Did I miss something? Cheers, Robb.
Re: FFS sync/async/softdep mount opts clarifications gap q stable is softdep now?
On Sunday, 14 March 2021 16:31, Joseph Mayer wrote: > Hi misc@! (Copying posters to the previous threads on this topic) Pondering further: 5) "mount -o sync" is practically never useful, isn't it so?: mount's default synchronicity setting is that data is written asynchronously. But, fsync(int fd) "causes all modified data and attributes of fd to be moved to a permanent storage device" (http://man.openbsd.org/fsync.2), thereby serving as synchronous checkpoint for a file's writes to disk up to that moment, isn't it so. (And if like this doing fsync() at sync points, there is no relevance in calling sync() (http://man.openbsd.org/sync.2) on top of that, right.) Normal Unix software will not expect fwrite():s to hit disk in sequential order, but instead transactional mechanisms will use fsync() to ensure pending writes have been flushed to disk. (The underlying disk's actual propensity to actually flush itself, would be a separate question altogether and vary between SSD manufacturers.) Relative to mount's default setting, "mount -o sync" just enforces some form of stricter order of writes to disk than the default, and in practice software will not expect and thus not have value of such an order. Therefore, "mount -o sync" is normally not practically relevant neither on development nor on production machines? (Note http://man.openbsd.org/sync.2 says the in-kernel process runs sync() every 30 seconds, good to know. I presume this means sync() will write any not yet written *data* to disk where data is in asynchronous mode, while not yet written metadata will always? sometimes? *NOT* be written where metadata is in asynchronous mode.)
FFS sync/async/softdep mount opts clarifications gap q stable is softdep now?
Hi misc@! (Copying posters to the previous threads on this topic) I just took the time to go through the ML archive's writeups between now and 2015, about FFS mount options in respect of synchronicity and especially softdep. Here I like to bring up four points to conversation: 1) OpenBSD's synchronicity for FFS actually consist of two separate sub-settings: one for metadata and one for data 2) The -o sync/async/softdep options are a bit unintiutive 3) Generally don't use "async" 4) How stable is softdep now? Here we go: 1) A clarification: OpenBSD's synchronicity for FFS actually consist of two separate sub-settings: (a) Synchronicity of access to metadata (as in directory and file structures). The options here are synchronous, asynchronous, and soft dependencies. Synchronous is the default. (b) Synchronicity of access to data (as in file contents). The options here are synchronous and asynchronous. Asynchronous is the default. This is not at all obvious from the mount(8) man page, however pondering the question and reading the ML archives carefully, this is what I see. Maybe this could be added in very brief form to the man page. 2) The mount options in respect of synchronicity are a bit unintuitive. Especially what is easy to miss is that the default setting is NOT reached by any of the three major options which are called "sync", "async" and "softdep". What these three actually do is the following: sync : Make both metadata and data access synchronous. (That means to switch off the asynchronicity of access to data.) async : Make both metadata and data access asynchronous. (That means to switch off the synchronicity of access to metadata.) softdep: Operate metadata according to the logics of the special "softdep" mode, and keep data access asynchronous. So again for clarity, note that neither of these three are the default. Is there even any "-o" option that causes an immitation of the default? 3) Normally don't ever use async: In the past I tried to run OpenBSD with "async" and after an unexpected system crash (power loss etc.) the file system is in shambles and may need OS reinstallation, reinstallation of programs, such, so I generally recommend against it. Writing lots of files as in "tar xvfz ports.tar.gz" is considerably sped up in async mode however. I presume what "async" does under the hood is to postpone flushing filesystem metadata writes to disk as long as it can. I presume this is why I saw such a tendency to corruption too, that there even did not seem to be a built-in timer to flush the metadata to disk. Did I get this right? Does even fsync(8) cause an async FFS to write its metadata to disk? A "/tmp" partition can be "async" I guess, presuming that you would newfs(8) it on every reboot, thereby protecting your boot process from having fsck fail. 4) How stable is softdep now? If I got it right, softdep emerged in the time of HDD:s, as a way to lessen the amount of disk seek operations when creating/modifying many files and directories. I understand on an SSD, softdep is performance-positive compared to default settings though much less noticeably. Softdep is supposed to be as reliable as synchronous metadata, but it bulks the IO operations.. leading to less write operations in total, and this is why it has a performance benefit on SSD:s too? (2015 performance benefit on SSD report: https://marc.info/?l=openbsd-misc=142294090200592=2 1.17 seconds on FFS, 0.76 seconds on softdep = 54% speedup.) Operationally softdep is supposed to be noncontroversial - it has some RAM overhead, which should be fine on modern machines. A system with defaults (=sync+asyc) vs "softdep" (=softdep+async) will behave the equivalently, essentially - Nick pointed out in an old ML post that in case of power loss, with softdep, a not-closed file that was being written to will likely be truncated. I saw a mentioning of one person in 2015 complain of having lost data with softdep: https://marc.info/?l=openbsd-misc=142174547612722=2 In the ML archive are some stability concerns though: There is some mentioning that if you do too many file creations/ deletions, the softdep logics could "fall behind" and... the kernel would crash - is this real!? (2015 someone mentioned that slow disk writes can cause the fall behind error: https://marc.info/?l=openbsd-misc=142193536805243=2 ) Also, if the underlying block device reports a write error to the softdep logics, then the kernel could panic too - why not just report to dmesg or such and fail in a more agreeable fashion?? If this is the failure mode, then softdep is mostly not appropriate for remote servers, and instead it should be used for laptops/desktops only - computers where unexpected reboots are manageable. Has softdep been updated, or is there any sysctl available, for it to not cause system reboots? (An example of such a crash from
Re: Quick Q: proc: table is full ?
On Tue, Jan 19, 2021 at 05:56:16PM -, Stuart Henderson wrote: > > What causes "proc: table is full", or better asked, what limit might I be > > hitting? > Perhaps kern.maxthread; check kern.nthreads. Hi Stuart, Aha. I think you have nailed it: > mjoelnir:/etc 19.01 21:13:02 # sysctl kern | egrep 'max(proc|thread)' > kern.maxproc=8192 > kern.maxthread=1950 > mjoelnir:/etc 19.01 21:13:19 # ^max^n > sysctl kern | egrep 'n(proc|thread)' > kern.nthreads=1736 > kern.nprocs=283 I see that, way back when, I increased kern.maxproc to 8192 in /etc/sysctl.conf. But I didn't realise then that I might also need to increase the maxthread value. I'll change these and see if that helps. (Bound to!) I find the message to be a bit misleading though: "proc: table is full" Clearer might be something like: "kernel: thread table full: reached limit: kern.maxthread" Or similar. I.e. the who, the what and the why. Thanks for the tip! Cheers, Robb.
Re: Quick Q: proc: table is full ?
On 2021-01-19, Why 42? The lists account. wrote: > > Hi All, > > What causes "proc: table is full", or better asked, what limit might I be > hitting? Perhaps kern.maxthread; check kern.nthreads.
Quick Q: proc: table is full ?
Hi All, What causes "proc: table is full", or better asked, what limit might I be hitting? I wrote a quick loop to check how many processes are running i.e. > while true > do > DATE=`date +'%Y.%m.%d %H:%M:%S'` > echo -n "${DATE}: " > ps -AHk | wc -l > sleep 90 > done > 2021.01.19 12:59:21: 1821 > 2021.01.19 13:00:51: 1731 > 2021.01.19 13:02:21: 1698 > 2021.01.19 13:03:52: 1696 > ... I have yet to see a high of more than ~2000. Sysctl shows me these proc values: > kern.maxproc=8192 > kern.nprocs=283 I am the only user on the machine (Xfce Desktop and too many browser tabs). I am a member of "staff" so I think these limits apply: > staff:\ > :datasize-cur=8192M:\ > :datasize-max=infinity:\ > :maxproc-cur=7500:\ > :maxproc-max=1:\ > :openfiles-cur=15000:\ > :openfiles-max=2:\ > :ignorenologin:\ > :requirehome@:\ > :tc=default: Running "limit" in my shell (zsh) shows: > cputime unlimited > filesizeunlimited > datasize8192MB > stacksize 4MB > coredumpsizeunlimited > memoryuse 31608MB > memorylocked10537MB > maxproc 7500 > descriptors 15000 Also, a related question ... that message shows up in the output of dmesg and also gets logged to the messages file, but it isn't reported in my Xconsole window. In there I see stuff like this: > Console log for mjoelnir > drm:pid64450:intel_pipe_update_start *ERROR* [drm] *ERROR* Potential atomic > update failure on pipe A > uvm_mapent_alloc: out of static map entries But no corresponding proc table full messages. Is it not considered to be important enough to also go to this console? Thanks in advance! Cheers, Robb.
hostctl -q print no infomation
A am using OpenBSD-current on VMware ESXi. The hostinfo command print no information with -q option. Is this a expected behavior? $ hostctl guestinfo.ip 172.19.200.100 $ hostctl -q guestinfo.ip $ The following is an extract from man hostctl. -q Don't ask for confirmation of any default options. -- ASOU Masato
Re: pkg_info -Q bug?
Thanks Stuart, I tried that package and it indeed does what i needed :) But I decided to scratch my itch anyway and dug a bit into the pkg_info code to figure out what was going on and I found the culprit: is the match_locations function in the PackageRepositoryList class that all the matches from the first repository that has some. I changed that behaviour but that had some side effects so I modified the PkgInfo class, the patch follows. Hope this might help for future work on pkg_info. Cheers, Antonio ## Index: usr.sbin/pkg_add/OpenBSD/PkgInfo.pm === RCS file: /cvs/src/usr.sbin/pkg_add/OpenBSD/PkgInfo.pm,v retrieving revision 1.49 diff -u -p -u -p -r1.49 PkgInfo.pm --- usr.sbin/pkg_add/OpenBSD/PkgInfo.pm7 Oct 2017 13:23:05 -1.49 +++ usr.sbin/pkg_add/OpenBSD/PkgInfo.pm23 Nov 2019 17:45:52 - @@ -597,15 +597,18 @@ sub parse_and_run $state->say("PKG_PATH=#1", $ENV{PKG_PATH} // "") if $state->verbose; my $partial = OpenBSD::Search::PartialStem->new($state->opt('Q')); -my $r = $state->repo->match_locations($partial); -for my $pkg (sort {$a->name cmp $b->name} @$r) { -my $p = $pkg->name; -if ($state->hasanyopt('cdfMqs')) { -$self->print_info($state, $p, $pkg); -} else { -$state->say( -is_installed($p) ? "#1 (installed)" : "#1", $p); +for my $repo (@{$state->locator->default_path($state)->{l}}) { +$state->say("Repo: #1:#2", $repo->urlscheme, $repo->baseurl); +my $r = $repo->match_locations($partial); +for my $pkg (sort {$a->name cmp $b->name} @$r) { +my $p = $pkg->name; +if ($state->hasanyopt('cdfMqs')) { +$self->print_info($state, $p, $pkg); +} else { +$state->say( +is_installed($p) ? "#1 (installed)" : "#1", $p); +} } } ## On Tue, Nov 19, 2019 at 22:53 Stuart Henderson wrote: > > On 2019-11-19, Marc Espie wrote: > > On Tue, Nov 19, 2019 at 12:13:37PM +0200, Dumitru Moldovan wrote: > >> On Mon, Nov 18, 2019 at 11:15:05AM +0100, Antonio Bibiano wrote: > >> > Hello, > >> > I just wanted to add to this thread that I incurred in the same > >> > issue on a fresh 6.6 installation. > >> > I also tried with a different mirror in /etc/installurl and receive > >> > the same partial response from pkg_info -Q. > >> > What makes it even more odd is that pkg_add finds the correct package. > >> > >> Thanks Antonio for double-checking this! I have also tested it on a > >> fresh installation at the time and got the same results. > >> > >> Maybe the behaviour is undefined if PKG_PATH is not set, which is fine > >> by me. But still, it's quite puzzling and against the principle of > >> least surprise. > > > > It's one of those little things that is well known, but that won't change > > until I have time to look at it, and it's definitely not a high priority > > problem right now. > > > > > > As a workaround (but also something that would be more likely to give > the results wanted than a properly-working pkg_info -Q which doesn't match > filenames inside the packages), you might like to "pkg_add pkglocatedb" > and use the "pkglocate" tool that this provides. >
Re: pkg_info -Q bug?
On 2019-11-19, Marc Espie wrote: > On Tue, Nov 19, 2019 at 12:13:37PM +0200, Dumitru Moldovan wrote: >> On Mon, Nov 18, 2019 at 11:15:05AM +0100, Antonio Bibiano wrote: >> > Hello, >> > I just wanted to add to this thread that I incurred in the same >> > issue on a fresh 6.6 installation. >> > I also tried with a different mirror in /etc/installurl and receive >> > the same partial response from pkg_info -Q. >> > What makes it even more odd is that pkg_add finds the correct package. >> >> Thanks Antonio for double-checking this! I have also tested it on a >> fresh installation at the time and got the same results. >> >> Maybe the behaviour is undefined if PKG_PATH is not set, which is fine >> by me. But still, it's quite puzzling and against the principle of >> least surprise. > > It's one of those little things that is well known, but that won't change > until I have time to look at it, and it's definitely not a high priority > problem right now. > > As a workaround (but also something that would be more likely to give the results wanted than a properly-working pkg_info -Q which doesn't match filenames inside the packages), you might like to "pkg_add pkglocatedb" and use the "pkglocate" tool that this provides.
Re: pkg_info -Q bug?
On Tue, Nov 19, 2019 at 12:13:37PM +0200, Dumitru Moldovan wrote: > On Mon, Nov 18, 2019 at 11:15:05AM +0100, Antonio Bibiano wrote: > > Hello, > > I just wanted to add to this thread that I incurred in the same > > issue on a fresh 6.6 installation. > > I also tried with a different mirror in /etc/installurl and receive > > the same partial response from pkg_info -Q. > > What makes it even more odd is that pkg_add finds the correct package. > > Thanks Antonio for double-checking this! I have also tested it on a > fresh installation at the time and got the same results. > > Maybe the behaviour is undefined if PKG_PATH is not set, which is fine > by me. But still, it's quite puzzling and against the principle of > least surprise. It's one of those little things that is well known, but that won't change until I have time to look at it, and it's definitely not a high priority problem right now.
Re: pkg_info -Q bug?
On Mon, Nov 18, 2019 at 11:15:05AM +0100, Antonio Bibiano wrote: Hello, I just wanted to add to this thread that I incurred in the same issue on a fresh 6.6 installation. I also tried with a different mirror in /etc/installurl and receive the same partial response from pkg_info -Q. What makes it even more odd is that pkg_add finds the correct package. Thanks Antonio for double-checking this! I have also tested it on a fresh installation at the time and got the same results. Maybe the behaviour is undefined if PKG_PATH is not set, which is fine by me. But still, it's quite puzzling and against the principle of least surprise.
Re: pkg_info -Q bug?
Hello, I just wanted to add to this thread that I incurred in the same issue on a fresh 6.6 installation. I also tried with a different mirror in /etc/installurl and receive the same partial response from pkg_info -Q. What makes it even more odd is that pkg_add finds the correct package. Cheers, Antonio Bibiano On Fri, Nov 08, 2019 at 09:34:06PM GMT, Dumitru Moldovan wrote: >On Fri, Nov 08, 2019 at 08:04:45PM +, Raf Czlonka wrote: >>On Fri, Nov 08, 2019 at 05:45:23PM GMT, Dumitru Moldovan wrote: >>> >>> Hi misc, >>> >>> I see pkg_info's man page says: >>> >>>-Q query >>>Show all packages in $PKG_PATH which match the given query. >>> >>> Trying in 6.6 to find the Python module "mysqlclient", I get the >>> following puzzling results: >>> >>> $ pkg_info -Q mysql >>> php-mysqli-7.2.24 >>> php-mysqli-7.3.11 >>> php-pdo_mysql-7.2.24 >>> php-pdo_mysql-7.3.11 >>> >>> $ pkg_info -Q py-mysql >>> py-mysql-1.2.5p6 >>> py-mysqlclient-1.4.2p0 >>> >>> Am I doing something wrong? Why is "py-mysqlclient" not matched for >>> the first query? >>> >> >>Hi Dumitru, >> >>Not only isn't "py-mysqlclient" matched, but also over 40 other >>packages with "mysql" string. >> >>How does your $PKG_PATH look like? > >Thanks for looking into it! > >$PKG_PATH is empty here, should have checked it first. I get the >expected results with: > >PKG_PATH=`cat /etc/installurl`/`uname -r`/packages/`uname -m`/ pkg_info -Q >mysql > >But now I don't understand why I got any results at all with an empty >$PKG_PATH... Maybe I would have read that one line in the man page >more carefully if there was no result at all to begin with. :-] >
Re: pkg_info -Q bug?
On Fri, Nov 08, 2019 at 08:04:45PM +, Raf Czlonka wrote: On Fri, Nov 08, 2019 at 05:45:23PM GMT, Dumitru Moldovan wrote: Hi misc, I see pkg_info's man page says: -Q query Show all packages in $PKG_PATH which match the given query. Trying in 6.6 to find the Python module "mysqlclient", I get the following puzzling results: $ pkg_info -Q mysql php-mysqli-7.2.24 php-mysqli-7.3.11 php-pdo_mysql-7.2.24 php-pdo_mysql-7.3.11 $ pkg_info -Q py-mysql py-mysql-1.2.5p6 py-mysqlclient-1.4.2p0 Am I doing something wrong? Why is "py-mysqlclient" not matched for the first query? Hi Dumitru, Not only isn't "py-mysqlclient" matched, but also over 40 other packages with "mysql" string. How does your $PKG_PATH look like? Thanks for looking into it! $PKG_PATH is empty here, should have checked it first. I get the expected results with: PKG_PATH=`cat /etc/installurl`/`uname -r`/packages/`uname -m`/ pkg_info -Q mysql But now I don't understand why I got any results at all with an empty $PKG_PATH... Maybe I would have read that one line in the man page more carefully if there was no result at all to begin with. :-]
Re: pkg_info -Q bug?
On Fri, Nov 08, 2019 at 05:45:23PM GMT, Dumitru Moldovan wrote: > > Hi misc, > > I see pkg_info's man page says: > >-Q query >Show all packages in $PKG_PATH which match the given query. > > Trying in 6.6 to find the Python module "mysqlclient", I get the > following puzzling results: > > $ pkg_info -Q mysql > php-mysqli-7.2.24 > php-mysqli-7.3.11 > php-pdo_mysql-7.2.24 > php-pdo_mysql-7.3.11 > > $ pkg_info -Q py-mysql > py-mysql-1.2.5p6 > py-mysqlclient-1.4.2p0 > > Am I doing something wrong? Why is "py-mysqlclient" not matched for > the first query? > Hi Dumitru, Not only isn't "py-mysqlclient" matched, but also over 40 other packages with "mysql" string. How does your $PKG_PATH look like? Regards, Raf
pkg_info -Q bug?
Hi misc, I see pkg_info's man page says: -Q query Show all packages in $PKG_PATH which match the given query. Trying in 6.6 to find the Python module "mysqlclient", I get the following puzzling results: $ pkg_info -Q mysql php-mysqli-7.2.24 php-mysqli-7.3.11 php-pdo_mysql-7.2.24 php-pdo_mysql-7.3.11 $ pkg_info -Q py-mysql py-mysql-1.2.5p6 py-mysqlclient-1.4.2p0 Am I doing something wrong? Why is "py-mysqlclient" not matched for the first query? Thanks!
pkg_info -Q multiple queries?
Hello, Is there a way to do multiple queries at once using pkg_info? Something like: pkg_info -Q query1 query2 ... The best I've found so far is to do something like: for q in query1 query2 ...; do pkg_info -Q $q; done which is slow when the list of queries is long (my network bandwidth is not what I would like it to be...) Background: I'm running 6.5-release and would like to upgrade to 6.6-release by doing an offline upgrade, downloading the base system and packages in advance at work to do the upgrade offline later at home (where my network bandwidth is even worse than at work). So for packages I would like to do something like this, in a script (with the hope that package dependencies have not changed too much between 6.5 and 6.6): export PKG_PATH=.../6.6/packages/... pkg_info -z | xargs pkg_info -q -Q | while read p; do wget $PKG_PATH/$p.tgz; done (or even better: pkg_info -z | pkg_info -q -Q | while ...) Note: I also tried to combine pkg_info with pkg_add: export PKG_PATH=.../6.6/packages/... export PKG_CACHE=... pkg_info -mz > pkglist pkg_add -n -l pkglist but: 1) pkg_add only downloads into $PKG_CACHE the packages listed in the pkglist file, not the dependencies; 2) pkg_add deletes each package it downloads after the download is finished. Is there some magic combination of options that I can use with pkg_add to make it download and keep all the packages listed in the pkglist file, plus all the required dependencies? (being able to do: pkg_info -mz | pkg_add -n -l would be nice too!) Thanks, Philippe
Re: boot -s shutdown q.?
Hi Harold, harold felton wrote on Sat, Jul 06, 2019 at 12:52:12PM +: > > boot -s > (only / mounted ro, other filesystems [/usr,..] not-mounted) > # shutdown now > shutdown: unveil: No such file or directory > (original version, and recompiled-default-version same-msg) > > # shutdown.patch now > shutdown: unveil: Read-only file system Yes, Bob Beck@ decided that's a bug in the kernel in the implementation of the unveil(2) syscall, and he is working on a fix. > i started to try and look thru the code and was trying to > figure out how/whether i could help further... i believe > the correct-answer, as mentioned before, is to just use > the correct command 'halt'... (followed by 4-sec pwr-btn) Yes, that's a workaround for now. To reboot instead of halt, you can also use reboot(8). [...] > as part of this incarnation of this box - i have some oddities > in my file-system - so recompiling the kernel has been a bit > of a challenge... Sure, compiling a kernel may not be convenient on every machine. > for now, _I_ am no longer worried about the > problem of using /sbin/shutdown during a 'boot -s' session... Eventually, it will be fixed anyway, thanks for reporting. > i will continue using everything as-is since i believe that > the system is basically running as normally as ever... Yes, from what you said, i see no indication either that you hosed your box. (Obviously, i can't vouch for it being OK either.) Yours, Ingo
Re: boot -s shutdown q.?
update: re-patch... > boot -s (only / mounted ro, other filesystems [/usr,..] not-mounted) # shutdown now shutdown: unveil: No such file or directory (original version, and recompiled-default-version same-msg) # shutdown.patch now shutdown: unveil: Read-only file system i started to try and look thru the code and was trying to figure out how/whether i could help further... i believe the correct-answer, as mentioned before, is to just use the correct command 'halt'... (followed by 4-sec pwr-btn) afaict, the 'die...()' routine is not actually getting run and even if it did - the syslog() would fail also... as part of this incarnation of this box - i have some oddities in my file-system - so recompiling the kernel has been a bit of a challenge... for now, _I_ am no longer worried about the problem of using /sbin/shutdown during a 'boot -s' session... i will continue using everything as-is since i believe that the system is basically running as normally as ever... thank you, again, for all of your help... :-) sincerely, harold felton. On Sat, Jul 6, 2019 at 12:04 AM harold felton wrote: > thanx ingo, > > correct - it did not occur to me to mount /usr since my single-user > skills are minimal, at best... "halt" should have been my correct response > (rather than power-button 4-sec) and i will need to go spend a bit more > time to be able to try your untested-patch... (ie - i need to do the > compile) > > i WILL test it in a day or two and report back... thank you for the > help and explanations... apologies for being unclear at-the-start... > > sincerely, harold felton. > > On Sat, Jul 6, 2019 at 2:44 PM Ingo Schwarze wrote: > >> Hi Harold, >> >> harold felton wrote on Fri, Jul 05, 2019 at 11:16:01PM +: >> > On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: >> >> >> boot -s >> >> Did you mount(8) /usr between the above and the below? >> >> >> # shutdown now >> >> > shutdown: unveil: No such file or directory >> >> If the answer to the above question is "no", then i suspect from >> code inspection that the following patch may help (untested). >> >> The point of the patch is tolerating unveil(2) failure if /usr/bin/ >> does not exist. Later, trying to execle(3) _PATH_WALL will of >> course fail, too, but that's harmless because it merely results in >> the child dying with a syslog message. >> >> All that said, in single user mode, it may be more reliable to >> use halt(8) directly rather than trying to fire up a bloated >> monster application suite like shutdown(8). >> >> > ps - i would rather reinstall than try to debug >> >> If the patch below helps, reinstalling is most likely not needed. >> >> Does it help? >> Ingo >> >> P.S. >> If some crazy person deletes /etc or /sbin or runs shutdown(8) >> from a directory that was deleted after changing into it, >> similar failures look likely - but while that might want fixing, >> too, and while printing the unveil argument in case of failure >> might also make sense, the case of _PATH_WALL is probably the >> most important one because not having /usr mounted wouldn't >> seem all that unusual. >> >> >> Index: shutdown.c >> === >> RCS file: /cvs/src/sbin/shutdown/shutdown.c,v >> retrieving revision 1.52 >> diff -u -p -r1.52 shutdown.c >> --- shutdown.c 3 Aug 2018 17:09:22 - 1.52 >> +++ shutdown.c 6 Jul 2019 14:32:10 - >> @@ -169,7 +169,7 @@ main(int argc, char *argv[]) >> err(1, "unveil"); >> if (unveil(_PATH_RC, "r") == -1) >> err(1, "unveil"); >> - if (unveil(_PATH_WALL, "x") == -1) >> + if (unveil(_PATH_WALL, "x") == -1 && errno != ENOENT) >> err(1, "unveil"); >> if (unveil(_PATH_FASTBOOT, "wc") == -1) >> err(1, "unveil"); >> > > > -- > harold at hfelton.com > -- harold at hfelton.com
Re: boot -s shutdown q.?
thanx ingo, correct - it did not occur to me to mount /usr since my single-user skills are minimal, at best... "halt" should have been my correct response (rather than power-button 4-sec) and i will need to go spend a bit more time to be able to try your untested-patch... (ie - i need to do the compile) i WILL test it in a day or two and report back... thank you for the help and explanations... apologies for being unclear at-the-start... sincerely, harold felton. On Sat, Jul 6, 2019 at 2:44 PM Ingo Schwarze wrote: > Hi Harold, > > harold felton wrote on Fri, Jul 05, 2019 at 11:16:01PM +: > > On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: > > >> boot -s > > Did you mount(8) /usr between the above and the below? > > >> # shutdown now > > > shutdown: unveil: No such file or directory > > If the answer to the above question is "no", then i suspect from > code inspection that the following patch may help (untested). > > The point of the patch is tolerating unveil(2) failure if /usr/bin/ > does not exist. Later, trying to execle(3) _PATH_WALL will of > course fail, too, but that's harmless because it merely results in > the child dying with a syslog message. > > All that said, in single user mode, it may be more reliable to > use halt(8) directly rather than trying to fire up a bloated > monster application suite like shutdown(8). > > > ps - i would rather reinstall than try to debug > > If the patch below helps, reinstalling is most likely not needed. > > Does it help? > Ingo > > P.S. > If some crazy person deletes /etc or /sbin or runs shutdown(8) > from a directory that was deleted after changing into it, > similar failures look likely - but while that might want fixing, > too, and while printing the unveil argument in case of failure > might also make sense, the case of _PATH_WALL is probably the > most important one because not having /usr mounted wouldn't > seem all that unusual. > > > Index: shutdown.c > === > RCS file: /cvs/src/sbin/shutdown/shutdown.c,v > retrieving revision 1.52 > diff -u -p -r1.52 shutdown.c > --- shutdown.c 3 Aug 2018 17:09:22 - 1.52 > +++ shutdown.c 6 Jul 2019 14:32:10 - > @@ -169,7 +169,7 @@ main(int argc, char *argv[]) > err(1, "unveil"); > if (unveil(_PATH_RC, "r") == -1) > err(1, "unveil"); > - if (unveil(_PATH_WALL, "x") == -1) > + if (unveil(_PATH_WALL, "x") == -1 && errno != ENOENT) > err(1, "unveil"); > if (unveil(_PATH_FASTBOOT, "wc") == -1) > err(1, "unveil"); > -- harold at hfelton.com
Re: boot -s shutdown q.?
Hi Harold, harold felton wrote on Fri, Jul 05, 2019 at 11:16:01PM +: > On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: >> boot -s Did you mount(8) /usr between the above and the below? >> # shutdown now > shutdown: unveil: No such file or directory If the answer to the above question is "no", then i suspect from code inspection that the following patch may help (untested). The point of the patch is tolerating unveil(2) failure if /usr/bin/ does not exist. Later, trying to execle(3) _PATH_WALL will of course fail, too, but that's harmless because it merely results in the child dying with a syslog message. All that said, in single user mode, it may be more reliable to use halt(8) directly rather than trying to fire up a bloated monster application suite like shutdown(8). > ps - i would rather reinstall than try to debug If the patch below helps, reinstalling is most likely not needed. Does it help? Ingo P.S. If some crazy person deletes /etc or /sbin or runs shutdown(8) from a directory that was deleted after changing into it, similar failures look likely - but while that might want fixing, too, and while printing the unveil argument in case of failure might also make sense, the case of _PATH_WALL is probably the most important one because not having /usr mounted wouldn't seem all that unusual. Index: shutdown.c === RCS file: /cvs/src/sbin/shutdown/shutdown.c,v retrieving revision 1.52 diff -u -p -r1.52 shutdown.c --- shutdown.c 3 Aug 2018 17:09:22 - 1.52 +++ shutdown.c 6 Jul 2019 14:32:10 - @@ -169,7 +169,7 @@ main(int argc, char *argv[]) err(1, "unveil"); if (unveil(_PATH_RC, "r") == -1) err(1, "unveil"); - if (unveil(_PATH_WALL, "x") == -1) + if (unveil(_PATH_WALL, "x") == -1 && errno != ENOENT) err(1, "unveil"); if (unveil(_PATH_FASTBOOT, "wc") == -1) err(1, "unveil");
Re: boot -s shutdown q.?
adding dmesg/hw-sensors... hth, h. On Fri, Jul 5, 2019 at 11:16 PM harold felton wrote: > uh - ok, but i had gone into single-user to run/fix some fsck-stuff > so i had assumed that somehow i mightve borked something... > > shutdown: unveil: No such file or directory > > is the exact message... > > in-case-it-matters i hit RETURN for default sh ... since i was in > single-user > mode i wasnt able to run 'locate' and am basically assuming that i should > just recreate another sdcard (from cd) to start over... basically, we had > an > earthquake here in socal yesterday and power got wonky... also, i use a > kvm-switch between that-machine and this-one to write the email, so i > needed > to go rerun the command-sequence just now... > > should i reboot into full-multi-user and grab a dmesg as well ? guess > so... > > brb, h. > > On Sat, Jul 6, 2019 at 1:45 PM Otto Moerbeek wrote: > >> On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: >> >> > howdee, >> > >> > just need a confirmation that there is something wrong >> > with my system since i dont have a spare running atm... >> > >> > > boot -s >> > # shutdown now >> > >> > i get an error message about "unveil" missing ? >> > >> > tia, h. >> > >> > ps - i would rather reinstall than try to debug but can >> > provide dmesg if nec. (running 6.5-syspatch of amd64 >> > from usb-sdcard on bare-metal zotac-id89 machine) >> >> Why make life harder than needed for people who might want help you? >> Give the exact error message. >> >> -Otto >> > > > -- > harold at hfelton.com > -- harold at hfelton.com OpenBSD 6.5 (GENERIC.MP) #1: Mon May 27 18:27:59 CEST 2019 r...@syspatch-65-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 9604997120 (9160MB) avail mem = 9304276992 (8873MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe96e0 (74 entries) bios0: vendor American Megatrends Inc. version "4.6.5" date 05/22/2014 bios0: ZOTAC ZBOX-ID88/ID89/ID90 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP APIC FPDT MCFG MSDM HPET SSDT SSDT SSDT BGRT acpi0: wakeup devices P0P1(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) USB6(S3) USB7(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i3-3220T CPU @ 2.80GHz, 2794.08 MHz, 06-3a-09 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i3-3220T CPU @ 2.80GHz, 2793.65 MHz, 06-3a-09 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,AVX,F16C,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 acpimcfg0: addr 0xf800, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P1) acpiprt2 at acpi0: bus 2 (RP01) acpiprt3 at acpi0: bus 3 (RP02) acpiprt4 at acpi0: bus 4 (RP03) acpiprt5 at acpi0: bus -1 (RP04) acpiprt6 at acpi0: bus 5 (RP05) acpiprt7 at acpi0: bus -1 (RP06) acpiprt8 at acpi0: bus -1 (RP07) acpiprt9 at acpi0: bus -1 (RP08) acpiprt10 at acpi0: bus 1 (PEG0) acpiprt11 at acpi0: bus -1 (PEG1) acpiprt12 at acpi0: bus -1 (PEG2) acpiprt13 at acpi0: bus -1 (PEG3) acpiec0 at acpi0: not present acpicpu0 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: C3(350@80 mwait.1@0x20), C2(500@59 mwait.1@0x10), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: FN00, resource for FAN0 acpipwrres1 at acpi0: FN01, resource for FAN1 acpipwrres2 at acpi0: FN02, resource for FAN2 acpipwrres3 at acpi0: FN03, resource for FAN3 acpipwrres4 at acpi0: FN04, resource for FAN4 acpitz0 at acpi0: critical temperature is 92 degC acpitz1 at acpi0: critical temperature is 92 degC acpipci0 at acpi0 PCI0: 0x0010 0x0011 0x acpicmos0 at acpi0 acpibtn0 at acpi0: PWRB "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not
Re: boot -s shutdown q.?
uh - ok, but i had gone into single-user to run/fix some fsck-stuff so i had assumed that somehow i mightve borked something... shutdown: unveil: No such file or directory is the exact message... in-case-it-matters i hit RETURN for default sh ... since i was in single-user mode i wasnt able to run 'locate' and am basically assuming that i should just recreate another sdcard (from cd) to start over... basically, we had an earthquake here in socal yesterday and power got wonky... also, i use a kvm-switch between that-machine and this-one to write the email, so i needed to go rerun the command-sequence just now... should i reboot into full-multi-user and grab a dmesg as well ? guess so... brb, h. On Sat, Jul 6, 2019 at 1:45 PM Otto Moerbeek wrote: > On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: > > > howdee, > > > > just need a confirmation that there is something wrong > > with my system since i dont have a spare running atm... > > > > > boot -s > > # shutdown now > > > > i get an error message about "unveil" missing ? > > > > tia, h. > > > > ps - i would rather reinstall than try to debug but can > > provide dmesg if nec. (running 6.5-syspatch of amd64 > > from usb-sdcard on bare-metal zotac-id89 machine) > > Why make life harder than needed for people who might want help you? > Give the exact error message. > > -Otto > -- harold at hfelton.com
Re: boot -s shutdown q.?
On Fri, Jul 05, 2019 at 10:39:55PM +, harold felton wrote: > howdee, > > just need a confirmation that there is something wrong > with my system since i dont have a spare running atm... > > > boot -s > # shutdown now > > i get an error message about "unveil" missing ? > > tia, h. > > ps - i would rather reinstall than try to debug but can > provide dmesg if nec. (running 6.5-syspatch of amd64 > from usb-sdcard on bare-metal zotac-id89 machine) Why make life harder than needed for people who might want help you? Give the exact error message. -Otto
boot -s shutdown q.?
howdee, just need a confirmation that there is something wrong with my system since i dont have a spare running atm... > boot -s # shutdown now i get an error message about "unveil" missing ? tia, h. ps - i would rather reinstall than try to debug but can provide dmesg if nec. (running 6.5-syspatch of amd64 from usb-sdcard on bare-metal zotac-id89 machine)
Re: Q: Systems with Skylake based XEON silver CPUs supported by OpenBSD 6.3 amd64
Hello Peter, On Wed, 2018-07-18 at 12:40 +, Steiner Peter wrote: > Hello folks, > > we are currently looking for new server hardware compatible with > OpenBSD 6.3 amd64. > I couldn't find a compatibility list for current systems. > > We'd like to use Skylake based XEONs (e.g. Xeon Silver 4108) in > current dual (or single) socket systems > like "Dell PowerR640", "Fujitsu RX2530M4" (maybe "ProLiant DL360 > Gen10" or "Lenovo ThinkSystem SR550") I just brought up 6.3 on a new Fujitsu Primergy TX1310 M3 which runs the Xeon E3-1225 v6 Kaby Lake (low-end Xeon) in the last couple of weeks. It works fine, the biggest PITA was figuring out what the BIOS is calling legacy boot, I didn't want to use UEFI. I did see a failure to load i915 firmware in the dmesg or log, I didn't follow up on it because I ASSumed it was for the display adapter- which btw works fine over VGA enough to install and get it minimally set up. Since then I'm running it headless. 6.3 has been totally stable (no surprise) and what's interesting is sometimes a terminal running top over SSH looks like the box is dead. I don't ever remember seeing an OS that idled so well. Only the clock on tmux changing lets you know the system is alive. Just outstanding. /jl > > > Does anybody have hints for me where to look for information about > hardware compatibility? > > If someone actually runs OpenBSD 6.3 on a current XEON (or even an > AMD EPIC) please let me know ;-) > > > Thanks in advance! > > > greetings from Austria > -Peter > > > PS: btw. our current OpenBSD systems have Broadwell-EP Xeon CPUs (for > example E5-2620v4 in "Lenovo x3550M5" and "Fujitsu PRIMERGY RX2530 > M2") with several Intel 82599 10Gbit NICs, running perfectly with > OpenBSD 6.3 > > PPS: I already got the information that 6.3 boots into kernel panic > on a "Fujitsu RX2530M4" with Xeon Silver 4110 >
Q: Systems with Skylake based XEON silver CPUs supported by OpenBSD 6.3 amd64
Hello folks, we are currently looking for new server hardware compatible with OpenBSD 6.3 amd64. I couldn't find a compatibility list for current systems. We'd like to use Skylake based XEONs (e.g. Xeon Silver 4108) in current dual (or single) socket systems like "Dell PowerR640", "Fujitsu RX2530M4" (maybe "ProLiant DL360 Gen10" or "Lenovo ThinkSystem SR550") Does anybody have hints for me where to look for information about hardware compatibility? If someone actually runs OpenBSD 6.3 on a current XEON (or even an AMD EPIC) please let me know ;-) Thanks in advance! greetings from Austria -Peter PS: btw. our current OpenBSD systems have Broadwell-EP Xeon CPUs (for example E5-2620v4 in "Lenovo x3550M5" and "Fujitsu PRIMERGY RX2530 M2") with several Intel 82599 10Gbit NICs, running perfectly with OpenBSD 6.3 PPS: I already got the information that 6.3 boots into kernel panic on a "Fujitsu RX2530M4" with Xeon Silver 4110
Re: =?UTF-8?Q?Re:_=ef=bf=bccloning_to_smaller_hard_disk?
my way has a weak point that the kernel of the small HDD may become different from that of the big HDD by of using ' upgrade ' . ( it is good in case of virsion up 6.2->6.3 ) are there sophistcated methods not chainging kernel ? i used 'upgrade' process to load the boot loader to small HDD . - regards
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
On 04/15/18 14:37, Jeffrey Joshua Rollin wrote: On 15 April 2018 at 12:03, Juan Francisco Cantero Hurtado <i...@juanfra.info <mailto:i...@juanfra.info>> wrote: On Sun, Apr 15, 2018 at 11:19:50AM +0100, Jeffrey Joshua Rollin wrote: > No, it works fine with pkg_add, as I have repeatedly said, and a few months ago I did have a problem where a trailing slash caused problems with syspatch, which, without any pressure from me, I was informed would be fixed. The issue may simply be one of consistency, but looks more likely to be an error in the pkg_info script. > > So, to sum up: > > Pkg_add works; > Syspatch works; > Cloudflare was up last time I tried it; > Despite the above, pkg_info -Q does *not* work. Try this: $ su -l root # echo 'https://fastly.cdn.openbsd.org/pub/OpenBSD/ <https://fastly.cdn.openbsd.org/pub/OpenBSD/>' > /etc/installurl # unset PKG_PATH # pkg_info -Q mate If fastly works, try with cloudflare again. BTW, we don't have a metapackage for mate. Whoops, I forgot about this bit. Yes, fastly works, but trying just https://cdn.openbsd.org/pub/OpenBSD/ does not; I tried that because it was listed on the OpenBSD website FAQ, having forgotten fthat I'd used cloudflare before; the same error came up with the address listed on the website, as I mentioned previously. You are missing the `cloudflare' part. Yesterday you had /org instead of .org. edgar:9$ PKG_PATH=https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.3/packages/amd64 pkg_info -Q mate checkmate-0.21 libmatekbd-1.20.0 libmatemixer-1.20.0 libmateweather-1.20.0 mate-calc-1.20.0 mate-control-center-1.20.0 mate-desktop-1.20.0 mate-icon-theme-1.20.0 mate-media-1.20.0 mate-menus-1.20.0 mate-notification-daemon-1.20.0 mate-panel-1.20.0 mate-power-manager-1.20.0 mate-screensaver-1.20.0 mate-session-manager-1.20.0 mate-settings-daemon-1.20.0 mate-terminal-1.20.0 mate-themes-3.22.15 mate-utils-1.20.0 sslmate-1.5.1p1 tmate-2.2.1p0 For now, I'll just stick to fastly. Thanks. -- Juan Francisco Cantero Hurtado http://juanfra.info
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
On 15 April 2018 at 12:03, Juan Francisco Cantero Hurtado <i...@juanfra.info> wrote: > On Sun, Apr 15, 2018 at 11:19:50AM +0100, Jeffrey Joshua Rollin wrote: > > No, it works fine with pkg_add, as I have repeatedly said, and a few > months ago I did have a problem where a trailing slash caused problems with > syspatch, which, without any pressure from me, I was informed would be > fixed. The issue may simply be one of consistency, but looks more likely to > be an error in the pkg_info script. > > > > So, to sum up: > > > > Pkg_add works; > > Syspatch works; > > Cloudflare was up last time I tried it; > > Despite the above, pkg_info -Q does *not* work. > > Try this: > > $ su -l root > # echo 'https://fastly.cdn.openbsd.org/pub/OpenBSD/' > /etc/installurl > # unset PKG_PATH > # pkg_info -Q mate > > If fastly works, try with cloudflare again. BTW, we don't have a > metapackage for mate. > Whoops, I forgot about this bit. Yes, fastly works, but trying just https://cdn.openbsd.org/pub/OpenBSD/ does not; I tried that because it was listed on the OpenBSD website FAQ, having forgotten fthat I'd used cloudflare before; the same error came up with the address listed on the website, as I mentioned previously. For now, I'll just stick to fastly. Thanks. > -- > Juan Francisco Cantero Hurtado http://juanfra.info >
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
Yes, I'd already remembered that myself. Sent from Blue On 15 Apr 2018, 12:03, at 12:03, Juan Francisco Cantero Hurtado <i...@juanfra.info> wrote: >On Sun, Apr 15, 2018 at 11:19:50AM +0100, Jeffrey Joshua Rollin wrote: >> No, it works fine with pkg_add, as I have repeatedly said, and a few >months ago I did have a problem where a trailing slash caused problems >with syspatch, which, without any pressure from me, I was informed >would be fixed. The issue may simply be one of consistency, but looks >more likely to be an error in the pkg_info script. >> >> So, to sum up: >> >> Pkg_add works; >> Syspatch works; >> Cloudflare was up last time I tried it; >> Despite the above, pkg_info -Q does *not* work. > >Try this: > >$ su -l root ># echo 'https://fastly.cdn.openbsd.org/pub/OpenBSD/' > /etc/installurl ># unset PKG_PATH ># pkg_info -Q mate > >If fastly works, try with cloudflare again. BTW, we don't have a >metapackage for mate. > >> >> Jeff >> >> Sent from Blue >> >> On 15 Apr 2018, 03:26, at 03:26, Edgar Pettijohn ><ed...@pettijohn-web.com> wrote: >> > >> > >> >On 04/14/18 19:34, Jeffrey Joshua Rollin wrote: >> >> >> >> >> >> Sent from Blue <http://www.bluemail.me/r?b=12687> >> >> On 15 Apr 2018, at 00:31, Edgar Pettijohn <ed...@pettijohn-web.com >> >> <mailto:ed...@pettijohn-web.com>> wrote: >> >> >> >> >> >> On 04/14/18 15:08, Jeffrey Joshua Rollin wrote: >> >> >> >> Hi, I've installed OpenBSD 6.3-release for amd64 on >> >> virtualbox, and updated it with syspatch as of 20:40 UTC. >> >> pkg_info -Q seems to be failing. Specifically, I tried $ >> >> pkg_info -Q mate ...and also as root, to remind myself >what >> >> the metapackage is [I have a feeling it's just "mate" >anyway] >> >> [EDIT: Metapackages? maybe I'm thinking of FreeBSD]; but: >> >> pkg_info -Q firefox also fails, despite the fact I just >> >> successfully installed Firefox. The relevant error is as >> >> follows: Redirected to >> >> >> >>https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 >> >> >> >> >> >^^ >> >Your PKG_PATH appears to have a couple of errors. >> > >> >https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.3/packages/amd64 >> > >> >and I can't remember but it may need to end with a `/' >> >> >> >> Can't locate object method "syslog" via package >> >> "OpenBSD::PkgInfo::State" at >> >> /usr/libdata/perl5/OpenBSD/PackageRepository.pm >> >> <http://PackageRepository.pm> line 302, <$fh> line 3. >Thanks, >> >> Jeff. >> >> >> >> edgar:7$ pkg_info -Q mate >> >> checkmate-0.21 >> >> libmatekbd-1.20.0 >> >> libmatemixer-1.20.0 >> >> libmateweather-1.20.0 >> >> mate-calc-1.20.0 >> >> mate-control-center-1.20.0 >> >> mate-desktop-1.20.0 >> >> mate-icon-theme-1.20.0 >> >> mate-media-1.20.0 >> >> mate-menus-1.20.0 >> >> mate-notification-daemon-1.20.0 >> >> mate-panel-1.20.0 >> >> mate-power-manager-1.20.0 >> >> mate-screensaver-1.20.0 >> >> mate-session-manager-1.20.0 >> >> mate-settings-daemon-1.20.0 >> >> mate-terminal-1.20.0 >> >> mate-themes-3.22.15 >> >> mate-utils-1.20.0 >> >> sslmate-1.5.1p1 >> >> tmate-2.2.1p0 >> >> >> >> I suspect its because >> >> >> >> >> >>https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 >> >> >> >> doesn't exist or is down. >> >> >> >> It exists, and is unlikely to be a transient error, >> >> >> >> because I tried it several times, and as I said, was able >> >> >> >> to download software even though I couldn't query it. >> >> >> >> (I subsequently found a YouTube tutorial which listed >> >> >> >> most of the packages in your message.) >> >> >> >> I will try again, and/or with a different mirror in >> >> >> >> the morning. >> >> >> >> Jeff >> >> > >-- >Juan Francisco Cantero Hurtado http://juanfra.info
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
On Sun, Apr 15, 2018 at 11:19:50AM +0100, Jeffrey Joshua Rollin wrote: > No, it works fine with pkg_add, as I have repeatedly said, and a few months > ago I did have a problem where a trailing slash caused problems with > syspatch, which, without any pressure from me, I was informed would be fixed. > The issue may simply be one of consistency, but looks more likely to be an > error in the pkg_info script. > > So, to sum up: > > Pkg_add works; > Syspatch works; > Cloudflare was up last time I tried it; > Despite the above, pkg_info -Q does *not* work. Try this: $ su -l root # echo 'https://fastly.cdn.openbsd.org/pub/OpenBSD/' > /etc/installurl # unset PKG_PATH # pkg_info -Q mate If fastly works, try with cloudflare again. BTW, we don't have a metapackage for mate. > > Jeff > > Sent from Blue > > On 15 Apr 2018, 03:26, at 03:26, Edgar Pettijohn <ed...@pettijohn-web.com> > wrote: > > > > > >On 04/14/18 19:34, Jeffrey Joshua Rollin wrote: > >> > >> > >> Sent from Blue <http://www.bluemail.me/r?b=12687> > >> On 15 Apr 2018, at 00:31, Edgar Pettijohn <ed...@pettijohn-web.com > >> <mailto:ed...@pettijohn-web.com>> wrote: > >> > >> > >> On 04/14/18 15:08, Jeffrey Joshua Rollin wrote: > >> > >> Hi, I've installed OpenBSD 6.3-release for amd64 on > >> virtualbox, and updated it with syspatch as of 20:40 UTC. > >> pkg_info -Q seems to be failing. Specifically, I tried $ > >> pkg_info -Q mate ...and also as root, to remind myself what > >> the metapackage is [I have a feeling it's just "mate" anyway] > >> [EDIT: Metapackages? maybe I'm thinking of FreeBSD]; but: > >> pkg_info -Q firefox also fails, despite the fact I just > >> successfully installed Firefox. The relevant error is as > >> follows: Redirected to > >> > >https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 > >> > >> > >^^ > >Your PKG_PATH appears to have a couple of errors. > > > >https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.3/packages/amd64 > > > >and I can't remember but it may need to end with a `/' > >> > >> Can't locate object method "syslog" via package > >> "OpenBSD::PkgInfo::State" at > >> /usr/libdata/perl5/OpenBSD/PackageRepository.pm > >> <http://PackageRepository.pm> line 302, <$fh> line 3. Thanks, > >> Jeff. > >> > >> edgar:7$ pkg_info -Q mate > >> checkmate-0.21 > >> libmatekbd-1.20.0 > >> libmatemixer-1.20.0 > >> libmateweather-1.20.0 > >> mate-calc-1.20.0 > >> mate-control-center-1.20.0 > >> mate-desktop-1.20.0 > >> mate-icon-theme-1.20.0 > >> mate-media-1.20.0 > >> mate-menus-1.20.0 > >> mate-notification-daemon-1.20.0 > >> mate-panel-1.20.0 > >> mate-power-manager-1.20.0 > >> mate-screensaver-1.20.0 > >> mate-session-manager-1.20.0 > >> mate-settings-daemon-1.20.0 > >> mate-terminal-1.20.0 > >> mate-themes-3.22.15 > >> mate-utils-1.20.0 > >> sslmate-1.5.1p1 > >> tmate-2.2.1p0 > >> > >> I suspect its because > >> > >> > >https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 > >> > >> doesn't exist or is down. > >> > >> It exists, and is unlikely to be a transient error, > >> > >> because I tried it several times, and as I said, was able > >> > >> to download software even though I couldn't query it. > >> > >> (I subsequently found a YouTube tutorial which listed > >> > >> most of the packages in your message.) > >> > >> I will try again, and/or with a different mirror in > >> > >> the morning. > >> > >> Jeff > >> -- Juan Francisco Cantero Hurtado http://juanfra.info
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
No, it works fine with pkg_add, as I have repeatedly said, and a few months ago I did have a problem where a trailing slash caused problems with syspatch, which, without any pressure from me, I was informed would be fixed. The issue may simply be one of consistency, but looks more likely to be an error in the pkg_info script. So, to sum up: Pkg_add works; Syspatch works; Cloudflare was up last time I tried it; Despite the above, pkg_info -Q does *not* work. Jeff Sent from Blue On 15 Apr 2018, 03:26, at 03:26, Edgar Pettijohn <ed...@pettijohn-web.com> wrote: > > >On 04/14/18 19:34, Jeffrey Joshua Rollin wrote: >> >> >> Sent from Blue <http://www.bluemail.me/r?b=12687> >> On 15 Apr 2018, at 00:31, Edgar Pettijohn <ed...@pettijohn-web.com >> <mailto:ed...@pettijohn-web.com>> wrote: >> >> >> On 04/14/18 15:08, Jeffrey Joshua Rollin wrote: >> >> Hi, I've installed OpenBSD 6.3-release for amd64 on >> virtualbox, and updated it with syspatch as of 20:40 UTC. >> pkg_info -Q seems to be failing. Specifically, I tried $ >> pkg_info -Q mate ...and also as root, to remind myself what >> the metapackage is [I have a feeling it's just "mate" anyway] >> [EDIT: Metapackages? maybe I'm thinking of FreeBSD]; but: >> pkg_info -Q firefox also fails, despite the fact I just >> successfully installed Firefox. The relevant error is as >> follows: Redirected to >> >https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 >> >> >^^ >Your PKG_PATH appears to have a couple of errors. > >https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.3/packages/amd64 > >and I can't remember but it may need to end with a `/' >> >> Can't locate object method "syslog" via package >> "OpenBSD::PkgInfo::State" at >> /usr/libdata/perl5/OpenBSD/PackageRepository.pm >> <http://PackageRepository.pm> line 302, <$fh> line 3. Thanks, >> Jeff. >> >> edgar:7$ pkg_info -Q mate >> checkmate-0.21 >> libmatekbd-1.20.0 >> libmatemixer-1.20.0 >> libmateweather-1.20.0 >> mate-calc-1.20.0 >> mate-control-center-1.20.0 >> mate-desktop-1.20.0 >> mate-icon-theme-1.20.0 >> mate-media-1.20.0 >> mate-menus-1.20.0 >> mate-notification-daemon-1.20.0 >> mate-panel-1.20.0 >> mate-power-manager-1.20.0 >> mate-screensaver-1.20.0 >> mate-session-manager-1.20.0 >> mate-settings-daemon-1.20.0 >> mate-terminal-1.20.0 >> mate-themes-3.22.15 >> mate-utils-1.20.0 >> sslmate-1.5.1p1 >> tmate-2.2.1p0 >> >> I suspect its because >> >> >https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 >> >> doesn't exist or is down. >> >> It exists, and is unlikely to be a transient error, >> >> because I tried it several times, and as I said, was able >> >> to download software even though I couldn't query it. >> >> (I subsequently found a YouTube tutorial which listed >> >> most of the packages in your message.) >> >> I will try again, and/or with a different mirror in >> >> the morning. >> >> Jeff >>
Re: pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
On 04/14/18 19:34, Jeffrey Joshua Rollin wrote: Sent from Blue <http://www.bluemail.me/r?b=12687> On 15 Apr 2018, at 00:31, Edgar Pettijohn <ed...@pettijohn-web.com <mailto:ed...@pettijohn-web.com>> wrote: On 04/14/18 15:08, Jeffrey Joshua Rollin wrote: Hi, I've installed OpenBSD 6.3-release for amd64 on virtualbox, and updated it with syspatch as of 20:40 UTC. pkg_info -Q seems to be failing. Specifically, I tried $ pkg_info -Q mate ...and also as root, to remind myself what the metapackage is [I have a feeling it's just "mate" anyway] [EDIT: Metapackages? maybe I'm thinking of FreeBSD]; but: pkg_info -Q firefox also fails, despite the fact I just successfully installed Firefox. The relevant error is as follows: Redirected to https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 ^^ Your PKG_PATH appears to have a couple of errors. https://cloudflare.cdn.openbsd.org/pub/OpenBSD/6.3/packages/amd64 and I can't remember but it may need to end with a `/' Can't locate object method "syslog" via package "OpenBSD::PkgInfo::State" at /usr/libdata/perl5/OpenBSD/PackageRepository.pm <http://PackageRepository.pm> line 302, <$fh> line 3. Thanks, Jeff. edgar:7$ pkg_info -Q mate checkmate-0.21 libmatekbd-1.20.0 libmatemixer-1.20.0 libmateweather-1.20.0 mate-calc-1.20.0 mate-control-center-1.20.0 mate-desktop-1.20.0 mate-icon-theme-1.20.0 mate-media-1.20.0 mate-menus-1.20.0 mate-notification-daemon-1.20.0 mate-panel-1.20.0 mate-power-manager-1.20.0 mate-screensaver-1.20.0 mate-session-manager-1.20.0 mate-settings-daemon-1.20.0 mate-terminal-1.20.0 mate-themes-3.22.15 mate-utils-1.20.0 sslmate-1.5.1p1 tmate-2.2.1p0 I suspect its because https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 doesn't exist or is down. It exists, and is unlikely to be a transient error, because I tried it several times, and as I said, was able to download software even though I couldn't query it. (I subsequently found a YouTube tutorial which listed most of the packages in your message.) I will try again, and/or with a different mirror in the morning. Jeff
pkg_info -Q fails [OpenBSD 6.3 amd64/virtualbox]
Hi, I've installed OpenBSD 6.3-release for amd64 on virtualbox, and updated it with syspatch as of 20:40 UTC. pkg_info -Q seems to be failing. Specifically, I tried $ pkg_info -Q mate ...and also as root, to remind myself what the metapackage is [I have a feeling it's just "mate" anyway] [EDIT: Metapackages? maybe I'm thinking of FreeBSD]; but: pkg_info -Q firefox also fails, despite the fact I just successfully installed Firefox. The relevant error is as follows: Redirected to https://cloudflare.cdn.openbsd/org/pub/OpenBSD/6.3/packages-stable/amd64 Can't locate object method "syslog" via package "OpenBSD::PkgInfo::State" at /usr/libdata/perl5/OpenBSD/PackageRepository.pm line 302, <$fh> line 3. Thanks, Jeff.
Re: [Q] Thinkpad x230, softraid crypto and ZZZ
> On 03 Jul 2016, at 20:30, Mike Larkinwrote: > > On Sun, Jul 03, 2016 at 01:40:39PM -0400, Bryan Everly wrote: >> Hi, >> >> I have suspend to RAM working just fine on this system but when I try to >> suspend to disk (ZZZ) it just hangs the system (I thought it might just >> be slow so I let it run for 2 hours and it never completed). Some data >> points: >> >> 1. I encrypt my boot drive (sd0) with softraid >> >> 2. My /etc/fstab points to a swap partition outside of the softraid >> volume and is 2x my RAM size >> > > from your dmesg below: >> root on sd2a (71b4bf84dbfc9f74.a) swap on sd2b dump on sd2b > > That's where we take the swap location from. And that's your sr crypto > device according to the dmesg. Is this large enough? > > Try putting swap inside the sr crypto volume and it should be fine. > Don't try to use some strange mix of half-crypto and half-not. (why > someone would go to the effort of encrypting everything *except* swap > leaves me scratching my head). If I remember correctly, swap is encrypted by default anyway. > Note - you have just about the exact same machine as I do, where > ZZZ was developed. I also have sr crypto in use and 16GB. As a matter of > fact, the x230 in configs like yours probably received the most testing > of any machine out there as that's what most developers had during the > timeframe ZZZ was being shaken out. > > Generally, when ZZZing, an x230 with 16GB writes out about 600-800MB > when doing general purpose stuff like browsing, compiling, etc. Strictly for > ZZZ, you don't need 2X RAM size. Just 1X RAM size is "enough" as if we can't fit > the hibernated image into a size 1X the size of your RAM, you're hooped > anyway. This will still take a few minutes as the I/O routines used by > ZZZ are not optimal, but you should see the disk activity light (faintly, > as you are using SSDs). > > If you still can't get it working, you'll need to do some surgery to > see what's failing. You'll need to disable X and inteldrm temporarily, > and remove the call to wsdisplay_suspend around line 2370 in > sys/dev/acpi/acpi.c to leave the screen on while ZZZing. Then, initiate > a ZZZ from the text console and see what's going on. Maybe a panic. If you do > this test, remember that the suspending and resuming kernels must match (eg, > if you ZZZ after booting "/bsd.test", make sure you boot "/bsd.test" again > after powering back up or it will discard the hibernated image). > > -ml > >> 3. I am running apmd with the -A flag >> >> 4. I have 16gb of RAM on the machine >> >> Thanks in advance for any help. Some relevant information below: >> >> $ cat /etc/fstab >> >> 71b4bf84dbfc9f74.a / ffs rw,softdep,noatime 1 1 >> 71b4bf84dbfc9f74.g /home ffs rw,softdep,noatime,nodev,nosuid 1 2 >> 71b4bf84dbfc9f74.d /tmp ffs rw,softdep,noatime,nodev,nosuid 1 2 >> 71b4bf84dbfc9f74.f /usr ffs rw,softdep,noatime,nodev,wxallowed 1 2 >> 71b4bf84dbfc9f74.e /var ffs rw,softdep,noatime,nodev,nosuid 1 2 >> /dev/sd0b none swap sw 0 0 >> >> $ doas disklabel -p g sd0 >> # /dev/rsd0c: >> type: SCSI >> disk: SCSI disk >> label: Samsung SSD 850 >> duid: 25c676a513f5cd3d >> flags: >> bytes/sector: 512 >> sectors/track: 63 >> tracks/cylinder: 255 >> sectors/cylinder: 16065 >> cylinders: 121601 >> total sectors: 1953525168 # total bytes: 931.5G >> boundstart: 64 >> boundend: 1953520065 >> drivedata: 0 >> >> 16 partitions: >> #size offset fstype [fsize bsize cpg] >> a: 899.5G 67119570RAID >> b:32.0G 64swap # none >> c: 931.5G0 unused >> >> $ doas disklabel -p g sd2 >> # /dev/rsd2c: >> type: SCSI >> disk: SCSI disk >> label: SR CRYPTO >> duid: 71b4bf84dbfc9f74 >> flags: >> bytes/sector: 512 >> sectors/track: 63 >> tracks/cylinder: 255 >> sectors/cylinder: 16065 >> cylinders: 117422 >> total sectors: 1886399967 # total bytes: 899.5G >> boundstart: 64 >> boundend: 1886384430 >> drivedata: 0 >> >> 16 partitions: >> #size offset fstype [fsize bsize cpg] >> a: 1.0G 64 4.2BSD 2048 163841 # / >> c: 899.5G0 unused >> d: 4.0G 35904832 4.2BSD 2048 163841 # /tmp >> e:35.7G 44293408 4.2BSD 2048 163841 # /var >> f: 400.0G119248640 4.2BSD 4096 327681 # /usr >> g: 442.6G958100480 4.2BSD 4096 327681 # /home >> >> $ cat /etc/rc.conf.local >> apmd_flags=-A >> hotplugd_flags= >> httpd_flags= >> pkg_scripts=postgresql nagios php56_fpm slim >> postgresql_flags=-D /var/postgresql/data >> slowcgi_flags="" >> >> $ swapctl -l >> Device 512-blocks UsedAvail Capacity Priority >> /dev/sd0b 671195060 67119506 0%0 >> >> dmesg attached as dmesg.txt >> OpenBSD 6.0-beta (GENERIC.MP) #2: Sun Jul 3 10:17:41 EDT 2016 >>
Re: [Q] Thinkpad x230, softraid crypto and ZZZ
On Sun, Jul 03, 2016 at 01:40:39PM -0400, Bryan Everly wrote: > Hi, > > I have suspend to RAM working just fine on this system but when I try to > suspend to disk (ZZZ) it just hangs the system (I thought it might just > be slow so I let it run for 2 hours and it never completed). Some data > points: > > 1. I encrypt my boot drive (sd0) with softraid > > 2. My /etc/fstab points to a swap partition outside of the softraid > volume and is 2x my RAM size > from your dmesg below: > root on sd2a (71b4bf84dbfc9f74.a) swap on sd2b dump on sd2b That's where we take the swap location from. And that's your sr crypto device according to the dmesg. Is this large enough? Try putting swap inside the sr crypto volume and it should be fine. Don't try to use some strange mix of half-crypto and half-not. (why someone would go to the effort of encrypting everything *except* swap leaves me scratching my head). Note - you have just about the exact same machine as I do, where ZZZ was developed. I also have sr crypto in use and 16GB. As a matter of fact, the x230 in configs like yours probably received the most testing of any machine out there as that's what most developers had during the timeframe ZZZ was being shaken out. Generally, when ZZZing, an x230 with 16GB writes out about 600-800MB when doing general purpose stuff like browsing, compiling, etc. Strictly for ZZZ, you don't need 2X RAM size. Just 1X RAM size is "enough" as if we can't fit the hibernated image into a size 1X the size of your RAM, you're hooped anyway. This will still take a few minutes as the I/O routines used by ZZZ are not optimal, but you should see the disk activity light (faintly, as you are using SSDs). If you still can't get it working, you'll need to do some surgery to see what's failing. You'll need to disable X and inteldrm temporarily, and remove the call to wsdisplay_suspend around line 2370 in sys/dev/acpi/acpi.c to leave the screen on while ZZZing. Then, initiate a ZZZ from the text console and see what's going on. Maybe a panic. If you do this test, remember that the suspending and resuming kernels must match (eg, if you ZZZ after booting "/bsd.test", make sure you boot "/bsd.test" again after powering back up or it will discard the hibernated image). -ml > 3. I am running apmd with the -A flag > > 4. I have 16gb of RAM on the machine > > Thanks in advance for any help. Some relevant information below: > > $ cat /etc/fstab > > 71b4bf84dbfc9f74.a / ffs rw,softdep,noatime 1 1 > 71b4bf84dbfc9f74.g /home ffs rw,softdep,noatime,nodev,nosuid 1 2 > 71b4bf84dbfc9f74.d /tmp ffs rw,softdep,noatime,nodev,nosuid 1 2 > 71b4bf84dbfc9f74.f /usr ffs rw,softdep,noatime,nodev,wxallowed 1 2 > 71b4bf84dbfc9f74.e /var ffs rw,softdep,noatime,nodev,nosuid 1 2 > /dev/sd0b none swap sw 0 0 > > $ doas disklabel -p g sd0 > # /dev/rsd0c: > type: SCSI > disk: SCSI disk > label: Samsung SSD 850 > duid: 25c676a513f5cd3d > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 121601 > total sectors: 1953525168 # total bytes: 931.5G > boundstart: 64 > boundend: 1953520065 > drivedata: 0 > > 16 partitions: > #size offset fstype [fsize bsize cpg] >a: 899.5G 67119570RAID >b:32.0G 64swap # none >c: 931.5G0 unused > > $ doas disklabel -p g sd2 > # /dev/rsd2c: > type: SCSI > disk: SCSI disk > label: SR CRYPTO > duid: 71b4bf84dbfc9f74 > flags: > bytes/sector: 512 > sectors/track: 63 > tracks/cylinder: 255 > sectors/cylinder: 16065 > cylinders: 117422 > total sectors: 1886399967 # total bytes: 899.5G > boundstart: 64 > boundend: 1886384430 > drivedata: 0 > > 16 partitions: > #size offset fstype [fsize bsize cpg] >a: 1.0G 64 4.2BSD 2048 163841 # / >c: 899.5G0 unused >d: 4.0G 35904832 4.2BSD 2048 163841 # /tmp >e:35.7G 44293408 4.2BSD 2048 163841 # /var >f: 400.0G119248640 4.2BSD 4096 327681 # /usr >g: 442.6G958100480 4.2BSD 4096 327681 # /home > > $ cat /etc/rc.conf.local > apmd_flags=-A > hotplugd_flags= > httpd_flags= > pkg_scripts=postgresql nagios php56_fpm slim > postgresql_flags=-D /var/postgresql/data > slowcgi_flags="" > > $ swapctl -l > Device 512-blocks UsedAvail Capacity Priority > /dev/sd0b 671195060 67119506 0%0 > > dmesg attached as dmesg.txt > OpenBSD 6.0-beta (GENERIC.MP) #2: Sun Jul 3 10:17:41 EDT 2016 > bceve...@bcebsd.theeverlys.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP > real mem = 16844517376 (16064MB) > avail mem = 16329490432 (15573MB) > mpath0 at root > scsibus0 at mpath0: 256 targets > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdae9d000 (70 entries) > bios0: vendor
[Q] Thinkpad x230, softraid crypto and ZZZ
Hi, I have suspend to RAM working just fine on this system but when I try to suspend to disk (ZZZ) it just hangs the system (I thought it might just be slow so I let it run for 2 hours and it never completed). Some data points: 1. I encrypt my boot drive (sd0) with softraid 2. My /etc/fstab points to a swap partition outside of the softraid volume and is 2x my RAM size 3. I am running apmd with the -A flag 4. I have 16gb of RAM on the machine Thanks in advance for any help. Some relevant information below: $ cat /etc/fstab 71b4bf84dbfc9f74.a / ffs rw,softdep,noatime 1 1 71b4bf84dbfc9f74.g /home ffs rw,softdep,noatime,nodev,nosuid 1 2 71b4bf84dbfc9f74.d /tmp ffs rw,softdep,noatime,nodev,nosuid 1 2 71b4bf84dbfc9f74.f /usr ffs rw,softdep,noatime,nodev,wxallowed 1 2 71b4bf84dbfc9f74.e /var ffs rw,softdep,noatime,nodev,nosuid 1 2 /dev/sd0b none swap sw 0 0 $ doas disklabel -p g sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: Samsung SSD 850 duid: 25c676a513f5cd3d flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 121601 total sectors: 1953525168 # total bytes: 931.5G boundstart: 64 boundend: 1953520065 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 899.5G 67119570RAID b:32.0G 64swap # none c: 931.5G0 unused $ doas disklabel -p g sd2 # /dev/rsd2c: type: SCSI disk: SCSI disk label: SR CRYPTO duid: 71b4bf84dbfc9f74 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 117422 total sectors: 1886399967 # total bytes: 899.5G boundstart: 64 boundend: 1886384430 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 1.0G 64 4.2BSD 2048 163841 # / c: 899.5G0 unused d: 4.0G 35904832 4.2BSD 2048 163841 # /tmp e:35.7G 44293408 4.2BSD 2048 163841 # /var f: 400.0G119248640 4.2BSD 4096 327681 # /usr g: 442.6G958100480 4.2BSD 4096 327681 # /home $ cat /etc/rc.conf.local apmd_flags=-A hotplugd_flags= httpd_flags= pkg_scripts=postgresql nagios php56_fpm slim postgresql_flags=-D /var/postgresql/data slowcgi_flags="" $ swapctl -l Device 512-blocks UsedAvail Capacity Priority /dev/sd0b 671195060 67119506 0%0 dmesg attached as dmesg.txt OpenBSD 6.0-beta (GENERIC.MP) #2: Sun Jul 3 10:17:41 EDT 2016 bceve...@bcebsd.theeverlys.com:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 16844517376 (16064MB) avail mem = 16329490432 (15573MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdae9d000 (70 entries) bios0: vendor LENOVO version "G2ET82WW (2.02 )" date 09/11/2012 bios0: LENOVO 2325HP8 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SLIC TCPA SSDT SSDT SSDT HPET APIC MCFG ECDT FPDT ASF! UEFI UEFI POAT SSDT SSDT UEFI DBG2 acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP3(S4) XHCI(S3) EHC1(S3) EHC2(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.58 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.11 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.11 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0,
Re: [Q] Building a release, how do I create install60.fs and install60.iso
With help from Theo Buehler, I was able to create the install60.fs and install60.iso images. I would like to propose a patch to /usr/src/share/man/man8/release.8 that includes what I learned. I have attached a CVS diff of the proposed manpage change. Should I submit the patch to this list or to another? Thanks everyone! Index: release.8 === RCS file: /cvs/src/share/man/man8/release.8,v retrieving revision 1.72 diff -u -p -r1.72 release.8 @@ -34,6 +34,8 @@ Build and install xenocara. Make and validate the xenocara release. .It Make the third party packages. +.It +Build the installer images. .El .Pp The following sections describe each of the required steps in detail. @@ -338,6 +340,26 @@ subsystem of contributed applications is for installation, either individually or in bulk. This is described in .Xr ports 7 . +.Ss 8. Build the installer images +.Pp +At this point, +.Va RELEASEDIR +contains the +.Ox +.Sq tarballs +necessary to install the system by hand or upgrade an existing system. +.Pp +To create the install${VERSION}.fs (bootable flash drive installer) and the +install${VERSION}.iso (bootable optical media installer): +.Bd -literal -offset indent +# export RELDIR=your-releasedir; export RELXDIR=your-xenocara-releasedir +# cd /usr/src/distrib/${ARCH}/iso && make +# cd /usr/src/distrib/${ARCH}/iso && make install +# unset RELDIR RELXDIR +.Ed +.Pp +At this point, you will have the two installer images in your release +directory. .Sh SEE ALSO .Xr cvs 1 , .Xr doas 1 ,
Re: [Q] Building a release, how do I create install60.fs and install60.iso
> They are part of release. > (man release) > > The rules are somewhere arch-dependent under distrib, e.g., > distrib/macppc/iso Marc, Thanks for the reply. I was following along with man release - unfortunately my RELEASEDIR doesn't contain those two files. I'm guessing that there is some additional make target that I need to tickle but I haven't found it yet. I'll keep digging. Thanks, Bryan
Re: [Q] Building a release, how do I create install60.fs and install60.iso
Thanks Scott. I'm backing up the internal drive via time machine right now. I have a hacked kernel that is seeing the NVMe drive just fine. I'm going to shrink it, create an empty partition and see what happens when I try to install OpenBSD 6.0-current on it. Thanks, Bryan On Fri, Jun 17, 2016 at 11:30 AM, Scott Bondswrote: > Just wanted to say good luck and I'm rooting for you! I've got a Macbook8,1 > that would be better with OpenBSD running most days instead of OS X. :) > > > On 06/16, Bryan C. Everly wrote: >> >> Sorry if this is an obvious one but I've been all over the FAQ, read the >> makefiles, etc. and cannot for the life of me figure out how those files >> get created. I have everything else (all of the *.tgz files, etc.) just >> not these two. >> >> I'm probably on a fool's errand but I'm trying to get this MacBook 9,1 >> working. I have figured out that the PCI identifier for the NVMe >> controller in this one is actually 0x2003 (seems like the older model was >> 0x2001 according to the mailing lists). >> >> If I can get an installer image, I'm going to try risking my internal >> drive's sanity and see if I can get it partitioned with the NVMe driver as >> it is today. I've been looking at the SPI driver code in the Linux kernel >> and it seems comprehensible... >> >> Thanks for any help folks can provide. >> >> -- >> >> Thanks, >> Bryan
Re: [Q] Building a release, how do I create install60.fs and install60.iso
Just wanted to say good luck and I'm rooting for you! I've got a Macbook8,1 that would be better with OpenBSD running most days instead of OS X. :) On 06/16, Bryan C. Everly wrote: Sorry if this is an obvious one but I've been all over the FAQ, read the makefiles, etc. and cannot for the life of me figure out how those files get created. I have everything else (all of the *.tgz files, etc.) just not these two. I'm probably on a fool's errand but I'm trying to get this MacBook 9,1 working. I have figured out that the PCI identifier for the NVMe controller in this one is actually 0x2003 (seems like the older model was 0x2001 according to the mailing lists). If I can get an installer image, I'm going to try risking my internal drive's sanity and see if I can get it partitioned with the NVMe driver as it is today. I've been looking at the SPI driver code in the Linux kernel and it seems comprehensible... Thanks for any help folks can provide. -- Thanks, Bryan
Re: [Q] Building a release, how do I create install60.fs and install60.iso
On Thu, Jun 16, 2016 at 09:39:50PM -0400, Bryan C. Everly wrote: > Sorry if this is an obvious one but I've been all over the FAQ, read the > makefiles, etc. and cannot for the life of me figure out how those files > get created. I have everything else (all of the *.tgz files, etc.) just > not these two. > > I'm probably on a fool's errand but I'm trying to get this MacBook 9,1 > working. I have figured out that the PCI identifier for the NVMe > controller in this one is actually 0x2003 (seems like the older model was > 0x2001 according to the mailing lists). > > If I can get an installer image, I'm going to try risking my internal > drive's sanity and see if I can get it partitioned with the NVMe driver as > it is today. I've been looking at the SPI driver code in the Linux kernel > and it seems comprehensible... They are part of release. (man release) The rules are somewhere arch-dependent under distrib, e.g., distrib/macppc/iso
Re: [Q] Building a release, how do I create install60.fs and install60.iso
On 17.06.2016 03:39, Bryan C. Everly wrote: Sorry if this is an obvious one but I've been all over the FAQ, read the makefiles, etc. and cannot for the life of me figure out how those files get created. I have everything else (all of the *.tgz files, etc.) just not these two. man release But I suspect you were already there. You can take a look at ISO available from mirrors and check its contents and create that ISO same way with your files I'm probably on a fool's errand but I'm trying to get this MacBook 9,1 working. I have figured out that the PCI identifier for the NVMe controller in this one is actually 0x2003 (seems like the older model was 0x2001 according to the mailing lists). If I can get an installer image, I'm going to try risking my internal drive's sanity and see if I can get it partitioned with the NVMe driver as it is today. I've been looking at the SPI driver code in the Linux kernel and it seems comprehensible... Thanks for any help folks can provide. Most easy way is to use snapshot, but because of BETA phase now last one is 15 days old so either you can try it if it works else you can try something else. USB flash is simply as HDD so you can eg. make dd of your current to flash. For EFI you can follow https://blog.jasper.la/openbsd-uefi-bootloader-howto/ (only "special" part here is -b option for fdisk which is not so understandable in man, rest is easy)
[Q] Building a release, how do I create install60.fs and install60.iso
Sorry if this is an obvious one but I've been all over the FAQ, read the makefiles, etc. and cannot for the life of me figure out how those files get created. I have everything else (all of the *.tgz files, etc.) just not these two. I'm probably on a fool's errand but I'm trying to get this MacBook 9,1 working. I have figured out that the PCI identifier for the NVMe controller in this one is actually 0x2003 (seems like the older model was 0x2001 according to the mailing lists). If I can get an installer image, I'm going to try risking my internal drive's sanity and see if I can get it partitioned with the NVMe driver as it is today. I've been looking at the SPI driver code in the Linux kernel and it seems comprehensible... Thanks for any help folks can provide. -- Thanks, Bryan
Can read-only mmap() and fwrite() be combined.. via msync or something? In OpenBSD now. (repetition of Q sorry)
Hi! This question was answered as part of another conversation 1-2 years ago however I totally forgot and due to its relative complexity I simply wish to ask it again as to have it set in stone: In OpenBSD's current absence of a Unified Buffer Cache, is there any trick that I can apply to use a read-only mmap() for quickly reading data, but fwrite() to do the writing, and this way get mmap's speed benefits for the reading but still not be under any risk of breaking my data by unintended writes? I guess if it would be possible, then it would be done through that I would ensure that the reading (via memory access) and writing (fwrite()) activities would be *temporally separated*, and between each such block, I would need to put some kind of code that would do some kind of flush/reset as to force the mmap to get updated with the latest writes. Possible, if so how? Thanks! Tinker
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
Another feature to look for is spin down of the dedicated hot spare. Go Vikings :) Patrick > On Feb 21, 2016, at 7:23 AM, Marcus MERIGHIwrote: > > ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 21:05 (CET): >> So glad to understand better what's in the box. >> >> Also please note that I'm not trying to suggest to implement lots of >> crap, am perfectly clear that high security is correlated with low >> complexity. >> >> On 2016-02-21 00:29, Marcus MERIGHI wrote: >>> ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 16:43 (CET): >> .. >>> You appear to mean bioctl(8). Thats the only place I could find the word >>> 'patrol'. bioctl(8) can control more than softraid(4) devices. >>> >>> bio(4): >>>The following device drivers register with bio for volume >>> management: >>> >>> ami(4) American Megatrends Inc. MegaRAID >>> PATA/SATA/SCSI RAID controller >>> arc(4) Areca Technology Corporation SAS/SATA RAID >>> controller >>> cac(4) Compaq Smart Array 2/3/4 SCSI RAID controller >>> ciss(4)Compaq Smart Array SAS/SATA/SCSI RAID >>> controller >>> ips(4) IBM SATA/SCSI ServeRAID controller >>> mfi(4) LSI Logic & Dell MegaRAID SAS RAID controller >>> mpi(4) LSI Logic Fusion-MPT Message Passing Interface >>> mpii(4)LSI Logic Fusion-MPT Message Passing Interface >>> II >>> softraid(4)Software RAID >>> >>> It is talking about controlling a HW raid controller, in that 'patrol' >>> paragraph, isn't it? >> >> So by this you mean that patrolling is really implemented for >> softraid?? > > No, I said the opposite. > > I'm sure my english language capabilities are not perfect. But what you > make of it is really surprising! (And even funny in the cabaret way.) > > I'll keep trying. But sooner or later we'll have to take this off list. > Or to newbies. There you get help from the same people but without > having your misinterpretations in the 'official' archives for other poor > souls to find ;-) > > http://mailman.theapt.org/listinfo/openbsd-newbies > >> (Karel and Constantine don't agree??) >> >> So I just do.. "bioctl -t start sdX" wher sdX is the name of my softraid >> device, and it'll do the "scrub" as in reading through all underlying > > bioctl(8) is clear, I think: > -t patrol-function > Control the RAID card's patrol functionality, if > supported. patrol-function may be one of: > > Why do you think it will work for softraid(4) when it says it does for > hardware-RAID? > > I have a theory: you have some experience with other Operating Systems > and their built in help system that have led you to not fully read but > just search/skim for keywords. Do yourself (and me) a favour and read > them fully. Top to bottom. Take every word as put there thoughtfully, > not in a hurry. You can find manpage content discussions all over the > archives. manpages are taken seriously. > > Please repeat: bio(4)/bioctl(8) controls RAID devices. These can be in > hardware or software. Some functions (-a, -b, -H, -t, -u) are only > useable/usefull when controlling a hardware RAID. The manpage even gives > direct clues on whether hardware- or software RAID is the topic. First > synopsis, second synopsis. 'The options for RAID controllers are as > follows:' (=hardware) 'In addition to the relevant options listed above, > the options for softraid(4) devices are as follows:' (=software). > Did you note the 'relevant' part? That word is there on purpose, I > suppose. It is there to tell you that not all, but the relevant parts of > the hardware RAID parameters also apply to software RAID (that comes > below). I would consider '-v' relevant, '-a' ('Control the RAID card's > alarm functionality, if supported') not. > > (Example: what '-a' does for hardware RAID can be done with sensorsd(8) > for software RAID (=softraid(4)). Once a softraid volume is configured, > you get 'hw.sensors.softraid0.drive0=online (sd1), OK'. > Try 'sysctl hw.sensors.softraid0'.) > >> physical media to check its internal integrity so for RAID1C that will be >> data readability and that checksums are correct, and "doas bioctl > softraid0" >> will show me the % status, and if I don't get any errors before it goes > back >> to normal it means the patrol was successful right? > > No idea, never had a hardware RAID controller. > >> (And as usual patrol is implemented to have the lowest priority, so it >> should not interfere extreemely much with ordinary SSD softraid operation.) > > I think the patrolling is done by the hardware RAID controller. > bioctl(8) just commands it to do so. > * Rebuild - I think I saw some console dump of the status of a rebuild process on the net, so MAYBE or NO..? >>> >>> That's what it looks like: >>> >>> $
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 21:05 (CET): > So glad to understand better what's in the box. > > Also please note that I'm not trying to suggest to implement lots of > crap, am perfectly clear that high security is correlated with low > complexity. > > On 2016-02-21 00:29, Marcus MERIGHI wrote: > >ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 16:43 (CET): > .. > >You appear to mean bioctl(8). Thats the only place I could find the word > >'patrol'. bioctl(8) can control more than softraid(4) devices. > > > >bio(4): > > The following device drivers register with bio for volume > >management: > > > > ami(4) American Megatrends Inc. MegaRAID > > PATA/SATA/SCSI RAID controller > > arc(4) Areca Technology Corporation SAS/SATA RAID > > controller > > cac(4) Compaq Smart Array 2/3/4 SCSI RAID controller > > ciss(4)Compaq Smart Array SAS/SATA/SCSI RAID > >controller > > ips(4) IBM SATA/SCSI ServeRAID controller > > mfi(4) LSI Logic & Dell MegaRAID SAS RAID controller > > mpi(4) LSI Logic Fusion-MPT Message Passing Interface > > mpii(4)LSI Logic Fusion-MPT Message Passing Interface > >II > > softraid(4)Software RAID > > > >It is talking about controlling a HW raid controller, in that 'patrol' > >paragraph, isn't it? > > So by this you mean that patrolling is really implemented for > softraid?? No, I said the opposite. I'm sure my english language capabilities are not perfect. But what you make of it is really surprising! (And even funny in the cabaret way.) I'll keep trying. But sooner or later we'll have to take this off list. Or to newbies. There you get help from the same people but without having your misinterpretations in the 'official' archives for other poor souls to find ;-) http://mailman.theapt.org/listinfo/openbsd-newbies > (Karel and Constantine don't agree??) > > So I just do.. "bioctl -t start sdX" wher sdX is the name of my softraid > device, and it'll do the "scrub" as in reading through all underlying bioctl(8) is clear, I think: -t patrol-function Control the RAID card's patrol functionality, if supported. patrol-function may be one of: Why do you think it will work for softraid(4) when it says it does for hardware-RAID? I have a theory: you have some experience with other Operating Systems and their built in help system that have led you to not fully read but just search/skim for keywords. Do yourself (and me) a favour and read them fully. Top to bottom. Take every word as put there thoughtfully, not in a hurry. You can find manpage content discussions all over the archives. manpages are taken seriously. Please repeat: bio(4)/bioctl(8) controls RAID devices. These can be in hardware or software. Some functions (-a, -b, -H, -t, -u) are only useable/usefull when controlling a hardware RAID. The manpage even gives direct clues on whether hardware- or software RAID is the topic. First synopsis, second synopsis. 'The options for RAID controllers are as follows:' (=hardware) 'In addition to the relevant options listed above, the options for softraid(4) devices are as follows:' (=software). Did you note the 'relevant' part? That word is there on purpose, I suppose. It is there to tell you that not all, but the relevant parts of the hardware RAID parameters also apply to software RAID (that comes below). I would consider '-v' relevant, '-a' ('Control the RAID card's alarm functionality, if supported') not. (Example: what '-a' does for hardware RAID can be done with sensorsd(8) for software RAID (=softraid(4)). Once a softraid volume is configured, you get 'hw.sensors.softraid0.drive0=online (sd1), OK'. Try 'sysctl hw.sensors.softraid0'.) > physical media to check its internal integrity so for RAID1C that will be > data readability and that checksums are correct, and "doas bioctl softraid0" > will show me the % status, and if I don't get any errors before it goes back > to normal it means the patrol was successful right? No idea, never had a hardware RAID controller. > (And as usual patrol is implemented to have the lowest priority, so it > should not interfere extreemely much with ordinary SSD softraid operation.) I think the patrolling is done by the hardware RAID controller. bioctl(8) just commands it to do so. > >> * Rebuild - I think I saw some console dump of the status of a rebuild > >>process on the net, so MAYBE or NO..? > > > >That's what it looks like: > > > >$ doas bioctl softraid0 > >Volume Status Size Device > >softraid0 0 Rebuild12002360033280 sd6 RAID5 35% done > > 0 Rebuild 4000786726912 0:0.0 noencl > > 1 Online 4000786726912 0:1.0 noencl > > 2 Online
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 20 February 2016 at 14:29, Tinkerwrote: [..] > On 2016-02-21 04:39, Constantine A. Murenin wrote: [..] >> When you do http://mdoc.su/o/newfs.8, it does not write to every >> sector of the underlying partition; thus you cannot expect all sectors >> to be the same. > > > Ah right, so at least to prepare for a RAID1C rebuild to work, at raid setup > time before disklabel/newfs, one should initialize by doing "dd if=/dev/zero > of=thelogicalraiddevice". This would make the logical view from within softraid_raid1 appear the same (e.g., an `sd3` regardless of which chunk it is being read from), but the underlying `sd{0,1,2}a` chunks that would be backing it up would still be different, because metadata (http://bxr.su/o/sys/dev/softraidvar.h#sr_metadata). C.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 2016-02-21 05:05, Karel Gardas wrote: The RAID 1 discipline does not initialize the mirror upon creation. This is by design because all sectors that are read are written first. There is no point in wasting a lot of time syncing random data. I'm afraid the claim "all sectors that are read are written first" is not generally right. E.g. disklabel On 2016-02-21 04:39, Constantine A. Murenin wrote: .. Wait, I don't see the philosophical problem that you seem to be highlighting here ("sectors are .. written first" and "on top of the filesystem" and "forcing reads to be done from a certain chunk only"), what am I missing/what is it that I don't understand? When you do http://mdoc.su/o/newfs.8, it does not write to every sector of the underlying partition; thus you cannot expect all sectors to be the same. Ah right, so at least to prepare for a RAID1C rebuild to work, at raid setup time before disklabel/newfs, one should initialize by doing "dd if=/dev/zero of=thelogicalraiddevice". Also, so you mean that "patrol" even if it's in the manual is not supported for RAID1 nor for RAID1C nor for RAID5 or any other raid discipline. Looking forward to see what Marcus says & test myself & read code. Heh, I didn't even know about this "patrol"; learn something new every day! A BXR.SU for "patrol" has a few MFI(4) hits across the BSDs, and ultimately reveals the `bioc_patrol` symbol (well, a struct, really, http://bxr.su/o/sys/dev/biovar.h#bioc_patrol), a search of which reveals that http://bxr.su/o/sys/dev/ic/mfi.c#mfi_ioctl_patrol is the only driver reference for this symbol. So, I don't think you'll be getting any patrol from softraid(4); it was added very recently by uebayasi@ on 2015-05-29, based on mfiutil from FreeBSD (http://mdoc.su/f/mfiutil.8), and only for mfi(4). Aha, so to sum up the findings: * Scrub aka patrol is not supported (on the level of softraid) - perfectly fine. * Hot spares are supported (plug in with "bioctl -H" and plug out with "bioctl -O") * Rebuild is supported, and I should just figure out how (what do the two "bioctl -R" variants do respectively, and can it be done live, and does that mean it works like a hot-plug-in). * Hotswap is supported if hot-plug-in is supported via "bioctl -R", so should clarify that. So just some minor piece of clarity left now. And also the separate SATA controller post. All in all I think it looks neat.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On Sat, Feb 20, 2016 at 8:44 PM, Constantine A. Mureninwrote: > > Scrub cannot possibly be supported due to the design of the softraid: > > http://mdoc.su/o/softraid.4 > > The RAID 1 discipline does not initialize the mirror upon creation. This > is by design because all sectors that are read are written first. There > is no point in wasting a lot of time syncing random data. I'm afraid the claim "all sectors that are read are written first" is not generally right. E.g. disklabel
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 20 February 2016 at 12:23, Tinkerwrote: > > On 2016-02-21 01:29, Karel Gardas wrote: >> >> scrub is IIRC not supported by any softraid yet. > > > But there's "patrol"! > > "bioctl -t start mysoftraid" [...] > On 2016-02-21 02:44, Constantine A. Murenin wrote: >> >> On 20 February 2016 at 10:29, Karel Gardas wrote: >>> >>> scrub is IIRC not supported by any softraid yet. Rebuild by all which >>> support redundancy. Marcus recommendation to read man pages can just >>> be highlighted here. Otherwise just read the code for ultimate >>> reference of what is or is not done. >> >> >> Scrub cannot possibly be supported due to the design of the softraid: >> >> http://mdoc.su/o/softraid.4 >> >> The RAID 1 discipline does not initialize the mirror upon creation. >> This is by design because all sectors that are read are written first. >> There >> is no point in wasting a lot of time syncing random data. >> >> >> IIRC, other raid disciplines are not that much different, either. >> >> E.g., a scrub implementation would have to be implemented on top of >> the filesystem, and would have to be able to temporarily force the >> reads to be done from a certain chunk only. >> >> Long-term, it'll probably be easier to re-do the logic to actually >> zero-out all the unused sectors, if scrub support is deemed important. >> Which is why things like ZFS are superior due to having the awareness >> of the underlying storage blocks. > > > Wait, I don't see the philosophical problem that you seem to be highlighting > here ("sectors are .. written first" and "on top of the filesystem" and > "forcing reads to be done from a certain chunk only"), what am I > missing/what is it that I don't understand? When you do http://mdoc.su/o/newfs.8, it does not write to every sector of the underlying partition; thus you cannot expect all sectors to be the same. > > > Also, so you mean that "patrol" even if it's in the manual is not supported > for RAID1 nor for RAID1C nor for RAID5 or any other raid discipline. Looking > forward to see what Marcus says & test myself & read code. Heh, I didn't even know about this "patrol"; learn something new every day! A BXR.SU for "patrol" has a few MFI(4) hits across the BSDs, and ultimately reveals the `bioc_patrol` symbol (well, a struct, really, http://bxr.su/o/sys/dev/biovar.h#bioc_patrol), a search of which reveals that http://bxr.su/o/sys/dev/ic/mfi.c#mfi_ioctl_patrol is the only driver reference for this symbol. So, I don't think you'll be getting any patrol from softraid(4); it was added very recently by uebayasi@ on 2015-05-29, based on mfiutil from FreeBSD (http://mdoc.su/f/mfiutil.8), and only for mfi(4). C.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On Sat, Feb 20, 2016 at 9:23 PM, Tinkerwrote: > > On 2016-02-21 01:29, Karel Gardas wrote: >> >> scrub is IIRC not supported by any softraid yet. > > > But there's "patrol"! > > "bioctl -t start mysoftraid" bioctl also supports hardware raid cards besides softraid, so that's what you are looking on now IMHO.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 2016-02-21 01:29, Karel Gardas wrote: scrub is IIRC not supported by any softraid yet. But there's "patrol"! "bioctl -t start mysoftraid" Rebuild by all which support redundancy. Yey! Clarified by Marcus & looking forward to his clarification Marcus recommendation to read man pages can just be highlighted here. Otherwise just read the code for ultimate reference of what is or is not done. Yey! On 2016-02-21 02:44, Constantine A. Murenin wrote: On 20 February 2016 at 10:29, Karel Gardaswrote: scrub is IIRC not supported by any softraid yet. Rebuild by all which support redundancy. Marcus recommendation to read man pages can just be highlighted here. Otherwise just read the code for ultimate reference of what is or is not done. Scrub cannot possibly be supported due to the design of the softraid: http://mdoc.su/o/softraid.4 The RAID 1 discipline does not initialize the mirror upon creation. This is by design because all sectors that are read are written first. There is no point in wasting a lot of time syncing random data. IIRC, other raid disciplines are not that much different, either. E.g., a scrub implementation would have to be implemented on top of the filesystem, and would have to be able to temporarily force the reads to be done from a certain chunk only. Long-term, it'll probably be easier to re-do the logic to actually zero-out all the unused sectors, if scrub support is deemed important. Which is why things like ZFS are superior due to having the awareness of the underlying storage blocks. Wait, I don't see the philosophical problem that you seem to be highlighting here ("sectors are .. written first" and "on top of the filesystem" and "forcing reads to be done from a certain chunk only"), what am I missing/what is it that I don't understand? Also, so you mean that "patrol" even if it's in the manual is not supported for RAID1 nor for RAID1C nor for RAID5 or any other raid discipline. Looking forward to see what Marcus says & test myself & read code.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
Marcus, Holy moly, that is beautiful. So glad to understand better what's in the box. Also please note that I'm not trying to suggest to implement lots of crap, am perfectly clear that high security is correlated with low complexity. On 2016-02-21 00:29, Marcus MERIGHI wrote: ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 16:43 (CET): .. You appear to mean bioctl(8). Thats the only place I could find the word 'patrol'. bioctl(8) can control more than softraid(4) devices. bio(4): The following device drivers register with bio for volume management: ami(4) American Megatrends Inc. MegaRAID PATA/SATA/SCSI RAID controller arc(4) Areca Technology Corporation SAS/SATA RAID controller cac(4) Compaq Smart Array 2/3/4 SCSI RAID controller ciss(4)Compaq Smart Array SAS/SATA/SCSI RAID controller ips(4) IBM SATA/SCSI ServeRAID controller mfi(4) LSI Logic & Dell MegaRAID SAS RAID controller mpi(4) LSI Logic Fusion-MPT Message Passing Interface mpii(4)LSI Logic Fusion-MPT Message Passing Interface II softraid(4)Software RAID It is talking about controlling a HW raid controller, in that 'patrol' paragraph, isn't it? So by this you mean that patrolling is really implemented for softraid?? (Karel and Constantine don't agree??) So I just do.. "bioctl -t start sdX" wher sdX is the name of my softraid device, and it'll do the "scrub" as in reading through all underlying physical media to check its internal integrity so for RAID1C that will be data readability and that checksums are correct, and "doas bioctl softraid0" will show me the % status, and if I don't get any errors before it goes back to normal it means the patrol was successful right? (And as usual patrol is implemented to have the lowest priority, so it should not interfere extreemely much with ordinary SSD softraid operation.) * Rebuild - I think I saw some console dump of the status of a rebuild process on the net, so MAYBE or NO..? That's what it looks like: $ doas bioctl softraid0 Volume Status Size Device softraid0 0 Rebuild12002360033280 sd6 RAID5 35% done 0 Rebuild 4000786726912 0:0.0 noencl 1 Online 4000786726912 0:1.0 noencl 2 Online 4000786726912 0:2.0 noencl 3 Online 4000786726912 0:3.0 noencl Yey!! Wait, can you explain to me what I would write instead of "device" and "channel:target[.lun]" in "bioctl -R device" and "bioctl -R channel:target[.lun]", AND what effect those would have? Say that my sd0 and sd1 SSD:s run a RAID1C already, can I then make softraid extend my RAID1C with my sd2 SSD by "rebuilding" it, as a way to live-copy in all my data to sd2, so this would work as a kind of live attach even if expensive? Does it work for a softraid that's live already? * Hotspare - MAYBE, "man softraid" says "Currently there is no automated mechanism to recover from failed disks.", but that is not so specific wording, and I think I read a hint somewhere that there is hotspare functionality. bioctl(8) -H channel:target[.lun] If the device at channel:target[.lun] is currently marked ``Unused'', promote it to being a ``Hot Spare''. That's the only mention of 'hot spare'. And again talking about controlling a hardware RAID controller, isn't it? What is 'not so specific' about 'no' (as in "Currently there is *no* automated mechanism to recover from failed disks")? Awesome. I guess "bioctl softraid0" will list which hotspares there are currently, and that "-d" will drop a hotspare. The fact that there is hotspare functionality, means that there are cases when softraid will take a disk out of use. That will be when that disk reports itself as COMPLETELY out of use ALL BY ITSELF, such as self-detaching itself on the level of the SATA controller or reporting failure via some SMART command? A disk just half-breaking with broken sectors and 99% IO slowdown will not cause it to go offline though so I guess I should buy enterprise drives with IO access time guarantees then. * Hotswap - MAYBE, this would depend on if there's rebuild. Only disconnect ("bioctl -O" I think; "bioctl -d" is to.. unmount or self-destruct a softraid?) bioctl -O should fail the chunk specified, simulating hardware failure. After this command you have an 'Offline' chunk in the 'bioctl' output. bioctl -d 'detach', not 'destroy'; just as sdX appears when you assamble a softraid volume, this makes it go away. better unmount before... So "-d" is to take down a whole softraid. "-O" could work to take out a single physical disk but it's unclean. So then, there is a very unrefined
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 20 February 2016 at 10:29, Karel Gardaswrote: > scrub is IIRC not supported by any softraid yet. Rebuild by all which > support redundancy. Marcus recommendation to read man pages can just > be highlighted here. Otherwise just read the code for ultimate > reference of what is or is not done. Scrub cannot possibly be supported due to the design of the softraid: http://mdoc.su/o/softraid.4 The RAID 1 discipline does not initialize the mirror upon creation. This is by design because all sectors that are read are written first. There is no point in wasting a lot of time syncing random data. IIRC, other raid disciplines are not that much different, either. E.g., a scrub implementation would have to be implemented on top of the filesystem, and would have to be able to temporarily force the reads to be done from a certain chunk only. Long-term, it'll probably be easier to re-do the logic to actually zero-out all the unused sectors, if scrub support is deemed important. Which is why things like ZFS are superior due to having the awareness of the underlying storage blocks. C.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
scrub is IIRC not supported by any softraid yet. Rebuild by all which support redundancy. Marcus recommendation to read man pages can just be highlighted here. Otherwise just read the code for ultimate reference of what is or is not done.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 16:43 (CET): > On 2016-02-20 22:23, Marcus MERIGHI wrote: > >ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 15:29 (CET): > >>This email is an attempt to get some knowledge on how softraid works. > > > >So many of your questions are answered if you start with bioctl(8)[1], > >and continue with softraid(4)[2]. Maybe bio(4)[3] helps, too. > > > >What's there is usually documented. What's not documented is usually not > >there. Or was it the other way around? ;-) > > > >[1]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bioctl.8 > >[2]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/softraid.4 > >[3]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bio.4 > > > >Happy reading, Marcus > > Marcus, I read the docs carefully, and based on them, my best > understanding is still unclear on all 4 points - > > * Scrub - MAYBE??? There's some words about "patrol" in the man page that > could mean it's there. You appear to mean bioctl(8). Thats the only place I could find the word 'patrol'. bioctl(8) can control more than softraid(4) devices. bio(4): The following device drivers register with bio for volume management: ami(4) American Megatrends Inc. MegaRAID PATA/SATA/SCSI RAID controller arc(4) Areca Technology Corporation SAS/SATA RAID controller cac(4) Compaq Smart Array 2/3/4 SCSI RAID controller ciss(4)Compaq Smart Array SAS/SATA/SCSI RAID controller ips(4) IBM SATA/SCSI ServeRAID controller mfi(4) LSI Logic & Dell MegaRAID SAS RAID controller mpi(4) LSI Logic Fusion-MPT Message Passing Interface mpii(4)LSI Logic Fusion-MPT Message Passing Interface II softraid(4)Software RAID It is talking about controlling a HW raid controller, in that 'patrol' paragraph, isn't it? > * Rebuild - I think I saw some console dump of the status of a rebuild > process on the net, so MAYBE or NO..? That's what it looks like: $ doas bioctl softraid0 Volume Status Size Device softraid0 0 Rebuild12002360033280 sd6 RAID5 35% done 0 Rebuild 4000786726912 0:0.0 noencl 1 Online 4000786726912 0:1.0 noencl 2 Online 4000786726912 0:2.0 noencl 3 Online 4000786726912 0:3.0 noencl > * Hotspare - MAYBE, "man softraid" says "Currently there is no automated > mechanism to recover from failed disks.", but that is not so specific > wording, and I think I read a hint somewhere that there is hotspare > functionality. bioctl(8) -H channel:target[.lun] If the device at channel:target[.lun] is currently marked ``Unused'', promote it to being a ``Hot Spare''. That's the only mention of 'hot spare'. And again talking about controlling a hardware RAID controller, isn't it? What is 'not so specific' about 'no' (as in "Currently there is *no* automated mechanism to recover from failed disks")? > * Hotswap - MAYBE, this would depend on if there's rebuild. Only disconnect > ("bioctl -O" I think; "bioctl -d" is to.. unmount or self-destruct a > softraid?) bioctl -O should fail the chunk specified, simulating hardware failure. After this command you have an 'Offline' chunk in the 'bioctl' output. bioctl -d 'detach', not 'destroy'; just as sdX appears when you assamble a softraid volume, this makes it go away. better unmount before... > The man pages are sometimes over-minimalistic with respect to an individual > user who's trying to learn, this is why I'm asking for your clarification. I am quite sure the man pages are kept as condensed as they are on purpose. You can always read mplayer(1) if you want something lengthy ;-) > So your clarifications would still be much appreciated. Nothing authoritative from me! I am just trying to flatten your learning curve. Bye, Marcus
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
On 2016-02-20 22:23, Marcus MERIGHI wrote: ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 15:29 (CET): This email is an attempt to get some knowledge on how softraid works. So many of your questions are answered if you start with bioctl(8)[1], and continue with softraid(4)[2]. Maybe bio(4)[3] helps, too. What's there is usually documented. What's not documented is usually not there. Or was it the other way around? ;-) [1]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bioctl.8 [2]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/softraid.4 [3]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bio.4 Happy reading, Marcus Marcus, I read the docs carefully, and based on them, my best understanding is still unclear on all 4 points - * Scrub - MAYBE??? There's some words about "patrol" in the man page that could mean it's there. * Rebuild - I think I saw some console dump of the status of a rebuild process on the net, so MAYBE or NO..? * Hotspare - MAYBE, "man softraid" says "Currently there is no automated mechanism to recover from failed disks.", but that is not so specific wording, and I think I read a hint somewhere that there is hotspare functionality. * Hotswap - MAYBE, this would depend on if there's rebuild. Only disconnect ("bioctl -O" I think; "bioctl -d" is to.. unmount or self-destruct a softraid?) The man pages are sometimes over-minimalistic with respect to an individual user who's trying to learn, this is why I'm asking for your clarification. So your clarifications would still be much appreciated.
Re: OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
ti...@openmailbox.org (Tinker), 2016.02.20 (Sat) 15:29 (CET): > This email is an attempt to get some knowledge on how softraid works. So many of your questions are answered if you start with bioctl(8)[1], and continue with softraid(4)[2]. Maybe bio(4)[3] helps, too. What's there is usually documented. What's not documented is usually not there. Or was it the other way around? ;-) [1]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/bioctl.8 [2]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/softraid.4 [3]http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bio.4 Happy reading, Marcus > There's basically zero docs on these topics out here (all docs are > about how to set it up first & subsequent times in non-failure cases). > > If you would be able to respond in "HOWTO form" would be awesome, then > at least this will be the Ultimate Softraid Reference :D > > Q1: > Can softraid do > > a) Scrub (as in read all the underlying media and check they're in check, > e.g. "raid fsck"), > > b) Hotspare (as in have one or more pre-designated physical disks that the > softraid would switch into use if one of the physical disks in use already > breaks), > > c) Hotswap (as in I could unplug one of the physical disks in a raid live, > and presuming my HBA allows it, the OpenBSD kernel + softraid will be happy > to plug in and plug out disks live - and I guess perhaps that needs to play > together with the rebuild then)? > > > Q2: > And, how do you use the rebuild + these three things? Specifically: > > a) How do I check the status of a rebuild from the console? (E.g. disk > blablaX rebuilding 12.3% done, get report if the rebuild failed, etc.) > b) How do I plug in a physical disk live into my RAID1 softraid? > > c) How do I plug out a physical disk live from my RAID1 softraid? > > d) How do I initiate a rebuild on a RAID1 softraid, such as plugging in the > brand new disk sdX into my RAID1 softraid or sdX was used previously or > suffered a power outage or whatever - how do I rebuild it? > > e) How do I get a listing of all my softraids and of all the physical disks > plugged into them, from the console? > > f) How do I tell softraid to "scrub" i.e. intregrity-check all the physical > disks running in the softraid, including every sector so actually all of > their surfaces are read (presuming that the RAID takes up all the disks)? > > g) How do I tell my RAID1 softraid that if sdX dies, then sdY should be > plugged in (i.e. hot spare)? > > Also, how do I get a printout of that configuration from the console, > and how do I remove a hotspare? > > h) After I plug out a physical disk from my softraid ( c) above), what > should I generally need to do before unplugging it also physically - just > wait 60 seconds or do some magic "SATA power off" command or the like? > (Given an ultra nice SATA or HW RAID controller such as LSI HBA or LSI > Megaraid.) > > i) When I plug in a physical disk on my SAS/SATA HBA (be it an LSI HBA or > LSI HW RAID), will OpenBSD autodetect it and assign a device name for it > just like it does for USB devices so it's complete hotswap/plug and play? > > j) When I plug in a softraid that worked before, what kind of trouble could > happen - if it won't get going at all, should I just reset from backup, or > is there some kind of "rescue rebuild" I could attempt? > > k) Do I need to know anything about DUID vs. device name use within the > softraid? > > > Looking forward to your explanation, thanks!! :DD > Tinker > > > !DSPAM:56c879bd171961725512869!
OpenBSD softraid can do scrub, hotspare, hotswap? How do rebuild + those 3 really done? (Absence of docs and howtos - ultimate Q!)
Hi, This email is an attempt to get some knowledge on how softraid works. There's basically zero docs on these topics out here (all docs are about how to set it up first & subsequent times in non-failure cases). If you would be able to respond in "HOWTO form" would be awesome, then at least this will be the Ultimate Softraid Reference :D Q1: Can softraid do a) Scrub (as in read all the underlying media and check they're in check, e.g. "raid fsck"), b) Hotspare (as in have one or more pre-designated physical disks that the softraid would switch into use if one of the physical disks in use already breaks), c) Hotswap (as in I could unplug one of the physical disks in a raid live, and presuming my HBA allows it, the OpenBSD kernel + softraid will be happy to plug in and plug out disks live - and I guess perhaps that needs to play together with the rebuild then)? Q2: And, how do you use the rebuild + these three things? Specifically: a) How do I check the status of a rebuild from the console? (E.g. disk blablaX rebuilding 12.3% done, get report if the rebuild failed, etc.) b) How do I plug in a physical disk live into my RAID1 softraid? c) How do I plug out a physical disk live from my RAID1 softraid? d) How do I initiate a rebuild on a RAID1 softraid, such as plugging in the brand new disk sdX into my RAID1 softraid or sdX was used previously or suffered a power outage or whatever - how do I rebuild it? e) How do I get a listing of all my softraids and of all the physical disks plugged into them, from the console? f) How do I tell softraid to "scrub" i.e. intregrity-check all the physical disks running in the softraid, including every sector so actually all of their surfaces are read (presuming that the RAID takes up all the disks)? g) How do I tell my RAID1 softraid that if sdX dies, then sdY should be plugged in (i.e. hot spare)? Also, how do I get a printout of that configuration from the console, and how do I remove a hotspare? h) After I plug out a physical disk from my softraid ( c) above), what should I generally need to do before unplugging it also physically - just wait 60 seconds or do some magic "SATA power off" command or the like? (Given an ultra nice SATA or HW RAID controller such as LSI HBA or LSI Megaraid.) i) When I plug in a physical disk on my SAS/SATA HBA (be it an LSI HBA or LSI HW RAID), will OpenBSD autodetect it and assign a device name for it just like it does for USB devices so it's complete hotswap/plug and play? j) When I plug in a softraid that worked before, what kind of trouble could happen - if it won't get going at all, should I just reset from backup, or is there some kind of "rescue rebuild" I could attempt? k) Do I need to know anything about DUID vs. device name use within the softraid? Looking forward to your explanation, thanks!! :DD Tinker
Re: routing q
On 19/10/15(Mon) 13:37, Gregory Edigarov wrote: > On 10/19/2015 01:24 PM, Stuart Henderson wrote: > >On 2015-10-19, Gregory Edigarovwrote: > >>In order to conserve address space I am trying to confugure 'ip > >>unnumbred' in cisco terminology, that is have an interface borrow the ip > >>of a different interface, I am experimenting with vether0 and vlans the > >>thing is to have one 'main' address on some 'real' interface and then > >>just add routes pointing to the right interfaces. > >> > >># ifconfig vether0 192.168.100.1/24 up > >># ifconfig vlan2 vlandev vether0 up > >># ifconfig vlan3 vlandev vether0 up > >># route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 > >>route: writing to routing socket: Network is unreachable > >>add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable > >> > >>the same result I have if I am trying to configure this on a real > >>interface connected to my network: > >> > >># ifconfig vlan2 vlandev re0 > >># ifconfig vlan3 vlandev re0 > >># ifconfig re0 alias 192.168.100.1 > >># route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 > >>route: writing to routing socket: Network is unreachable > >>add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable > >> > >># uname -a > >>OpenBSD lbld12.duckdns.org 5.8 GENERIC.MP#1507 amd64 > >> > >>I thoght OpenBSD supports such thing. > >> > >>am I missing something? > >I don't *think* this is expected to work at the moment unless possibly > >you specify a destination MAC address with -link. > > > >It does work with point-to-point interfaces, e.g. you can have > >192.0.2.1/28 on em0 and 192.0.2.1/32 on pppoe0 and things will work > >as expected, but in that case you don't have a problem of picking a > >particular link-layer address, just "the pppoe0 interface" is enough > >information for the system to know where to send the packet. > > > >The best I've done so far for address conservation on ethernet-like > >interfaces is to use /31's (which works well). > > > Yes, I know /31 would work correctly, but I wanted further space > conservation. Does it? > Is that a correct explanation that this does not work because our routing > table still wants a link layer address, errrmmm, arp table is included in > routing table? I believe it's simpler than that. You cannot attach a route to an interface without address, so I'm quite sure it will work if you add an address to vlan2.
Re: routing q
On 10/19/2015 02:14 PM, Martin Pieuchot wrote: On 19/10/15(Mon) 13:37, Gregory Edigarov wrote: On 10/19/2015 01:24 PM, Stuart Henderson wrote: On 2015-10-19, Gregory Edigarovwrote: In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco terminology, that is have an interface borrow the ip of a different interface, I am experimenting with vether0 and vlans the thing is to have one 'main' address on some 'real' interface and then just add routes pointing to the right interfaces. # ifconfig vether0 192.168.100.1/24 up # ifconfig vlan2 vlandev vether0 up # ifconfig vlan3 vlandev vether0 up # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable the same result I have if I am trying to configure this on a real interface connected to my network: # ifconfig vlan2 vlandev re0 # ifconfig vlan3 vlandev re0 # ifconfig re0 alias 192.168.100.1 # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable # uname -a OpenBSD lbld12.duckdns.org 5.8 GENERIC.MP#1507 amd64 I thoght OpenBSD supports such thing. am I missing something? I don't *think* this is expected to work at the moment unless possibly you specify a destination MAC address with -link. It does work with point-to-point interfaces, e.g. you can have 192.0.2.1/28 on em0 and 192.0.2.1/32 on pppoe0 and things will work as expected, but in that case you don't have a problem of picking a particular link-layer address, just "the pppoe0 interface" is enough information for the system to know where to send the packet. The best I've done so far for address conservation on ethernet-like interfaces is to use /31's (which works well). Yes, I know /31 would work correctly, but I wanted further space conservation. Does it? Is that a correct explanation that this does not work because our routing table still wants a link layer address, errrmmm, arp table is included in routing table? I believe it's simpler than that. You cannot attach a route to an interface without address, so I'm quite sure it will work if you add an address to vlan2. yes, adding a route works now. thanks, Martin. will test some further later.
routing q
Hello, In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco terminology, that is have an interface borrow the ip of a different interface, I am experimenting with vether0 and vlans the thing is to have one 'main' address on some 'real' interface and then just add routes pointing to the right interfaces. # ifconfig vether0 192.168.100.1/24 up # ifconfig vlan2 vlandev vether0 up # ifconfig vlan3 vlandev vether0 up # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable the same result I have if I am trying to configure this on a real interface connected to my network: # ifconfig vlan2 vlandev re0 # ifconfig vlan3 vlandev re0 # ifconfig re0 alias 192.168.100.1 # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable # uname -a OpenBSD lbld12.duckdns.org 5.8 GENERIC.MP#1507 amd64 I thoght OpenBSD supports such thing. am I missing something? -- With best regards, Gregory Edigarov
Re: routing q
On 2015-10-19, Gregory Edigarovwrote: > In order to conserve address space I am trying to confugure 'ip > unnumbred' in cisco terminology, that is have an interface borrow the ip > of a different interface, I am experimenting with vether0 and vlans the > thing is to have one 'main' address on some 'real' interface and then > just add routes pointing to the right interfaces. > > # ifconfig vether0 192.168.100.1/24 up > # ifconfig vlan2 vlandev vether0 up > # ifconfig vlan3 vlandev vether0 up > # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 > route: writing to routing socket: Network is unreachable > add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable > > the same result I have if I am trying to configure this on a real > interface connected to my network: > > # ifconfig vlan2 vlandev re0 > # ifconfig vlan3 vlandev re0 > # ifconfig re0 alias 192.168.100.1 > # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 > route: writing to routing socket: Network is unreachable > add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable > > # uname -a > OpenBSD lbld12.duckdns.org 5.8 GENERIC.MP#1507 amd64 > > I thoght OpenBSD supports such thing. > > am I missing something? I don't *think* this is expected to work at the moment unless possibly you specify a destination MAC address with -link. It does work with point-to-point interfaces, e.g. you can have 192.0.2.1/28 on em0 and 192.0.2.1/32 on pppoe0 and things will work as expected, but in that case you don't have a problem of picking a particular link-layer address, just "the pppoe0 interface" is enough information for the system to know where to send the packet. The best I've done so far for address conservation on ethernet-like interfaces is to use /31's (which works well).
Re: routing q
On 10/19/2015 01:24 PM, Stuart Henderson wrote: On 2015-10-19, Gregory Edigarovwrote: In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco terminology, that is have an interface borrow the ip of a different interface, I am experimenting with vether0 and vlans the thing is to have one 'main' address on some 'real' interface and then just add routes pointing to the right interfaces. # ifconfig vether0 192.168.100.1/24 up # ifconfig vlan2 vlandev vether0 up # ifconfig vlan3 vlandev vether0 up # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable the same result I have if I am trying to configure this on a real interface connected to my network: # ifconfig vlan2 vlandev re0 # ifconfig vlan3 vlandev re0 # ifconfig re0 alias 192.168.100.1 # route add 192.168.100.2/32 192.168.100.1 -cloning -ifp vlan2 route: writing to routing socket: Network is unreachable add host 192.168.100.2/32: gateway 192.168.100.1: Network is unreachable # uname -a OpenBSD lbld12.duckdns.org 5.8 GENERIC.MP#1507 amd64 I thoght OpenBSD supports such thing. am I missing something? I don't *think* this is expected to work at the moment unless possibly you specify a destination MAC address with -link. It does work with point-to-point interfaces, e.g. you can have 192.0.2.1/28 on em0 and 192.0.2.1/32 on pppoe0 and things will work as expected, but in that case you don't have a problem of picking a particular link-layer address, just "the pppoe0 interface" is enough information for the system to know where to send the packet. The best I've done so far for address conservation on ethernet-like interfaces is to use /31's (which works well). Yes, I know /31 would work correctly, but I wanted further space conservation. Is that a correct explanation that this does not work because our routing table still wants a link layer address, errrmmm, arp table is included in routing table?
Re: Fwd: Re: Q: Assistance with pf.conf rules
On 2015-06-24, John Nyhuis jnyh...@uw.edu wrote: bond0 is a virtual interface that consists of two LACP bonded NICs. This doesn't sound like OpenBSD...
Re: Fwd: Re: Q: Assistance with pf.conf rules
On 06/24/15 18:41, John Nyhuis wrote: Thanks for the advice... I think I have discovered the problem... bond0 is a virtual interface that consists of two LACP bonded NICs. All rules targeting the bond0 interface are ignored by pf, (I have no idea why), and only rules targeting the physical NICs that are members of bond0 get applied... ...so What does /etc/hostname.bond0 contain? man_if=bond0 #our Management vNIC is bond0 (bond bnx0, bnx1) pass quick on $man_if all keep state ...fails without error and is not listed with a pfctl -vf /etc/pf.conf pass quick on { bnx0, bnx1 } all keep state ...actually loads rules, as seen by pfctl -vf /etc/pf.conf Any idea why this is the case? Is this a bug in pf? I can't think of a reason why this strangeness would be by design... I think I can just work around this by creating a table and changing my rule: table fw { bnx0, bnx1 } pass quick on fw all keep state ideas or comments? Anyone have a better way? Thanks, John Nyhuis IT Manager, Stam Lab 2211 Elliott Avenue 6th Floor, 6S139 Seattle, WA 98121 O: (206)-267-1097 ext 220 F: (206)-441-3033 Forwarded Message Subject: Re: Q: Assistance with pf.conf rules Date: Mon, 22 Jun 2015 18:42:25 -0500 From: Edgar Pettijohn ed...@pettijohn-web.com To: John Nyhuis jnyh...@uw.edu I am by no means an expert, but using # pfctl -vf /etc/pf.conf will show you how the rules are loaded and may help you spot the error. I know it has helped me before. On 06/18/15 19:33, John Nyhuis wrote: I am building and OpenBSD 5.7 +pf +pfsync +stp bridging firewall. It's 90% working great, but I have a mistake in my pf.conf, and I've been staring at it for days, and have not spotted my error. Would anyone be willing to review my rules and point out my mistake? ---ix0 - ix1 -- | world |-| pf bridge |--| switch | --- - -- \/ \ / $man_if ix0 connects from the WAN and is filtered and bridged to ix1, which is connected to the LAN switch bond0 = $man_if (bnx0 + bnx1) is connected from the management interface on the bridge to the switch My problem: ssh connections from the world to the management interface of the bridge are being blocked. ssh connections from the world to the switch are not, implying that my mistake is in my management interface rule block. cat /etc/pf.conf ##JN general rules that apply to all interfaces and this specific server set skip on lo #ignore local interface man_if=bond0 #our Management vNIC is bond0 (bond: bnx0, bnx1) br=ix0# This is a bridge, so only filter on one bridge interface int_if=ix1#internal interface of bridge #set block-policy drop #drop packets rather then send rejections. set block-policy return #means we refuse packets, sending back a response match in all scrub (no-df) #means we reassemble all incoming packets to fix any overflows, etc. block in log on $br all #Default deny all in, exceptions must be listed below pass out on $br all #We trust ourselves, don't block outgoing pass in quick on $int_if all#don't filter on internal interface, only external pass out quick on $int_if all #don't filter on internal interface, only external pass quick on pfsync0 proto pfsync keep state #Allow pfsync to sync firewall states #ICMP: allow ping from any network -JN pass in on $br inet proto icmp from any icmp-type echoreq #SSH: ssh ports protected from brute force by fail2ban, allow ssh into DMZ by default pass in on any proto tcp from any to any port 22 keep state pass out on any proto tcp from any to any port 22 keep state ##JN Rules for Firewalls table fw { 140.142.217.141, 140.142.217.140 } #JN Lister and Rimmer pass out quick on $man_if all keep state#We trust ourselves ##SSH: allow in from world, should be redundant, but SSH is being blocked -JN pass in on $man_if proto tcp from any to fw port 22 keep state ##Block brute force attacks table bruteforce persist block quick log from bruteforce pass log on $man_if inet proto tcp from any to any port ssh flags S/SA keep state (max-src-conn 100, \ max-src-conn-rate 15/5, overload bruteforce flush global) ##JN Rules for Switch 140.142.217.135, the DMZ switch table sw135 { 140.142.217.135 } #pass out on $br proto { tcp, udp, icmp } from sw135 to any keep state ##SSH: allow in from world, already allowed by default -JN #pass in on $br proto tcp from any to sw135 port 22 keep state ##Hacker IP Addresses [LEAVE THIS RULE LAST] table bad { 202.131.227.252, 220.231.54.232, 200.118.119.48 } #addresses of known hackers block drop in log quick on $br from bad to any If anyone could point out why I can ssh into the LAN, but get blocked by sshing to the management interface of the firewall, you have my gratitude.
Fwd: Re: Q: Assistance with pf.conf rules
Thanks for the advice... I think I have discovered the problem... bond0 is a virtual interface that consists of two LACP bonded NICs. All rules targeting the bond0 interface are ignored by pf, (I have no idea why), and only rules targeting the physical NICs that are members of bond0 get applied... ...so man_if=bond0 #our Management vNIC is bond0 (bond bnx0, bnx1) pass quick on $man_if all keep state ...fails without error and is not listed with a pfctl -vf /etc/pf.conf pass quick on { bnx0, bnx1 } all keep state ...actually loads rules, as seen by pfctl -vf /etc/pf.conf Any idea why this is the case? Is this a bug in pf? I can't think of a reason why this strangeness would be by design... I think I can just work around this by creating a table and changing my rule: table fw { bnx0, bnx1 } pass quick on fw all keep state ideas or comments? Anyone have a better way? Thanks, John Nyhuis IT Manager, Stam Lab 2211 Elliott Avenue 6th Floor, 6S139 Seattle, WA 98121 O: (206)-267-1097 ext 220 F: (206)-441-3033 Forwarded Message Subject: Re: Q: Assistance with pf.conf rules Date: Mon, 22 Jun 2015 18:42:25 -0500 From: Edgar Pettijohn ed...@pettijohn-web.com To: John Nyhuis jnyh...@uw.edu I am by no means an expert, but using # pfctl -vf /etc/pf.conf will show you how the rules are loaded and may help you spot the error. I know it has helped me before. On 06/18/15 19:33, John Nyhuis wrote: I am building and OpenBSD 5.7 +pf +pfsync +stp bridging firewall. It's 90% working great, but I have a mistake in my pf.conf, and I've been staring at it for days, and have not spotted my error. Would anyone be willing to review my rules and point out my mistake? ---ix0 - ix1 -- | world |-| pf bridge |--| switch | --- - -- \/ \ / $man_if ix0 connects from the WAN and is filtered and bridged to ix1, which is connected to the LAN switch bond0 = $man_if (bnx0 + bnx1) is connected from the management interface on the bridge to the switch My problem: ssh connections from the world to the management interface of the bridge are being blocked. ssh connections from the world to the switch are not, implying that my mistake is in my management interface rule block. cat /etc/pf.conf ##JN general rules that apply to all interfaces and this specific server set skip on lo #ignore local interface man_if=bond0 #our Management vNIC is bond0 (bond: bnx0, bnx1) br=ix0# This is a bridge, so only filter on one bridge interface int_if=ix1#internal interface of bridge #set block-policy drop #drop packets rather then send rejections. set block-policy return #means we refuse packets, sending back a response match in all scrub (no-df) #means we reassemble all incoming packets to fix any overflows, etc. block in log on $br all #Default deny all in, exceptions must be listed below pass out on $br all #We trust ourselves, don't block outgoing pass in quick on $int_if all#don't filter on internal interface, only external pass out quick on $int_if all #don't filter on internal interface, only external pass quick on pfsync0 proto pfsync keep state #Allow pfsync to sync firewall states #ICMP: allow ping from any network -JN pass in on $br inet proto icmp from any icmp-type echoreq #SSH: ssh ports protected from brute force by fail2ban, allow ssh into DMZ by default pass in on any proto tcp from any to any port 22 keep state pass out on any proto tcp from any to any port 22 keep state ##JN Rules for Firewalls table fw { 140.142.217.141, 140.142.217.140 } #JN Lister and Rimmer pass out quick on $man_if all keep state#We trust ourselves ##SSH: allow in from world, should be redundant, but SSH is being blocked -JN pass in on $man_if proto tcp from any to fw port 22 keep state ##Block brute force attacks table bruteforce persist block quick log from bruteforce pass log on $man_if inet proto tcp from any to any port ssh flags S/SA keep state (max-src-conn 100, \ max-src-conn-rate 15/5, overload bruteforce flush global) ##JN Rules for Switch 140.142.217.135, the DMZ switch table sw135 { 140.142.217.135 } #pass out on $br proto { tcp, udp, icmp } from sw135 to any keep state ##SSH: allow in from world, already allowed by default -JN #pass in on $br proto tcp from any to sw135 port 22 keep state ##Hacker IP Addresses [LEAVE THIS RULE LAST] table bad { 202.131.227.252, 220.231.54.232, 200.118.119.48 } #addresses of known hackers block drop in log quick on $br from bad to any If anyone could point out why I can ssh into the LAN, but get blocked by sshing to the management interface of the firewall, you have my gratitude.
Q: Assistance with pf.conf rules
I am building and OpenBSD 5.7 +pf +pfsync +stp bridging firewall. It's 90% working great, but I have a mistake in my pf.conf, and I've been staring at it for days, and have not spotted my error. Would anyone be willing to review my rules and point out my mistake? ---ix0 - ix1 -- | world |-| pf bridge |--| switch | --- - -- \/ \ / $man_if ix0 connects from the WAN and is filtered and bridged to ix1, which is connected to the LAN switch bond0 = $man_if (bnx0 + bnx1) is connected from the management interface on the bridge to the switch My problem: ssh connections from the world to the management interface of the bridge are being blocked. ssh connections from the world to the switch are not, implying that my mistake is in my management interface rule block. cat /etc/pf.conf ##JN general rules that apply to all interfaces and this specific server set skip on lo #ignore local interface man_if=bond0 #our Management vNIC is bond0 (bond: bnx0, bnx1) br=ix0# This is a bridge, so only filter on one bridge interface int_if=ix1#internal interface of bridge #set block-policy drop #drop packets rather then send rejections. set block-policy return #means we refuse packets, sending back a response match in all scrub (no-df) #means we reassemble all incoming packets to fix any overflows, etc. block in log on $br all #Default deny all in, exceptions must be listed below pass out on $br all #We trust ourselves, don't block outgoing pass in quick on $int_if all#don't filter on internal interface, only external pass out quick on $int_if all #don't filter on internal interface, only external pass quick on pfsync0 proto pfsync keep state #Allow pfsync to sync firewall states #ICMP: allow ping from any network -JN pass in on $br inet proto icmp from any icmp-type echoreq #SSH: ssh ports protected from brute force by fail2ban, allow ssh into DMZ by default pass in on any proto tcp from any to any port 22 keep state pass out on any proto tcp from any to any port 22 keep state ##JN Rules for Firewalls table fw { 140.142.217.141, 140.142.217.140 } #JN Lister and Rimmer pass out quick on $man_if all keep state#We trust ourselves ##SSH: allow in from world, should be redundant, but SSH is being blocked -JN pass in on $man_if proto tcp from any to fw port 22 keep state ##Block brute force attacks table bruteforce persist block quick log from bruteforce pass log on $man_if inet proto tcp from any to any port ssh flags S/SA keep state (max-src-conn 100, \ max-src-conn-rate 15/5, overload bruteforce flush global) ##JN Rules for Switch 140.142.217.135, the DMZ switch table sw135 { 140.142.217.135 } #pass out on $br proto { tcp, udp, icmp } from sw135 to any keep state ##SSH: allow in from world, already allowed by default -JN #pass in on $br proto tcp from any to sw135 port 22 keep state ##Hacker IP Addresses [LEAVE THIS RULE LAST] table bad { 202.131.227.252, 220.231.54.232, 200.118.119.48 } #addresses of known hackers block drop in log quick on $br from bad to any If anyone could point out why I can ssh into the LAN, but get blocked by sshing to the management interface of the firewall, you have my gratitude. -- Thanks, John Nyhuis IT Manager, Stam Lab 2211 Elliott Avenue 6th Floor, 6S139 Seattle, WA 98121 O: (206)-267-1097 ext 220 F: (206)-441-3033
Re: foomatic-rip 'f' exited =?US-ASCII?Q?(retcode=3D9)?=
On Tue, Aug 19, 2014 at 11:25 PM, Predrag Punosevac simple printcap file for printing using lpd and foomatic-rip for about seven years now but since past release it stop working predrag@oko$ uname -a OpenBSD oko.bagdala2.net 5.6 GENERIC.MP#333 amd64 lp|HP|HP Photosmart 5250:\ :lp=/dev/ulpt0:\ :af=/etc/foomatic/HP-PhotoSmart_C5200.ppd:\ :if=/usr/local/bin/foomatic-rip:\ l sent to user predrag about job by daemon with permission 664. Spooling directory has correct permission. This is the only thing I see in log files Aug 19 23:10:16 oko lpd[15224]: lp: filter 'f' exited (retcode=9) Aug 19 23:10:16 oko lpd[15224]: m/etc/foomatic/lpd/lp.ppd:\ :sd=/var/spo stdin on printer lp ((null)) Aug 19 23:10:16 oko lpd[15224]: lp: job could not be printed (cfA002oko.bagdala2.net) However /tmp/foomatic-rip-mF6GXB.log is a bit more punoseva...@gmail.com wrote: I 1.0.54 running... :sh:sd=/var/spool/output:\ :lf=/var/log/lpd-errs: I am of course in the daemon group and /etc/ulpt0 is own so long time ago. The above is obviously caused by options passed to foomatic-rip. I also dislike the fact that one of the paths involve CUPS. Can somebody point to me what am I doing wrong here. I noticed that /etc/foomatic is no longer created automatically. Also filter.conf file is no longer needed? Thanks! Predrag It appears that I can print spool-lessly with foomatic-rip -P HP-PhotoSmart_C5200 --ppd HP-PhotoSmart_C5200.ppd /dev/ulpt0 so it seems that problem is that somehow I have to pass printer Id=HP-PhotoSmart_C5200 to cups filter via printcap which coincide with log outpu. Predrag