Re: sendmail vs. other MTAs
Dan Harnett wrote: On Tue, May 12, 2009 at 09:55:48PM +0200, Felipe Alfaro Solana wrote: On Tue, May 12, 2009 at 9:31 PM, L. V. Lammert l...@omnitec.net wrote: At 09:16 PM 5/12/2009 +0200, Felipe Alfaro Solana wrote: If you want simple, install Webmin. Runs fine with sendmail, default install! I'm not that crazy to combine something that remembers passwords in clear text with an MTA that has a horrible security track record. If this is clear text, I want to know where you got your glasses: B B B B admin:XXl2dzFGzv.Yk:0 Also, if sendmail has such a horrible track record, why is it the default MTA on this system? We handle 40K+ emails daily on a single box with no problems at all. http://en.securitylab.ru/nvd/378946.php http://www.sendmail.org/releases/8.13.2 If memory serve me well. 8.13.0 was in OpenBSD 3.6 and a few upgrades were done and by 3.7 we had sendmail 8.13.3. Pass any alerts from your security lab list you use to try to make your point. So if you still run 3.6 today by all mean YOU DESERVED TO BE HACKED!!! There is a load of very good people that do their very best to make the OS as secure as possible, clean and easy to use and the less whiner can do is justify their fricking complains with data that is years in the pass and use that as a fact for saying things are not good! Just like I said, getting lower and lower every day on m...@. LinuxOLuserFobia complains about missing feature and then complain about old crap because they can't stay current in their setup and justify their whining with old crap! Can we just move on this sh*t hole please? New version are release every 6 months. Even now with the new sysmerge toll there isn't a single reason not to stay up to date. You can eve skip many version all at once and it works flawlessly as well. I tested it for fun, Only from 3.8 or 3.9 up to 4.5 is an issue because of the zip part that is not compatible. I don't recall the exact version I did it from as a test, but even then you can get away very simply doing it too. Not recommended obviously, but just to show that it is working and all done in less then 10 minutes, even less with the new version now that does a lots of thinking for you should you have a void between the two ears you should use. Even the upgrade process almost become bullet proof as the OS itself. What else you want??? Stop whining and bringing very old and totally irrelevant data to try to make a point It only show stupidity and laziness as to not keep systems running up to date as they should! So what's your point again with: http://en.securitylab.ru/nvd/378946.php Best, Daniel
Re: sendmail vs. other MTAs
L. V. Lammert wrote: At 02:22 PM 5/12/2009 -0700, Henry Sieff wrote: On Tue, May 12, 2009 at 11:07 AM, L. V. Lammert l...@omnitec.net wrote: If you want simple, install Webmin. Runs fine with sendmail, default install! Yeah, because if you can't see the complexity, it doesn't exist. What does complexity have to do with a user interface? Looks like someone else should go download their favorite Linux. Or as in this case may be use @gmail.com email as they can't obviously setup their own mail server looks like. Or can make it secure, or set it up with spam filter properly so they use @gmail.com. Not everyone that have @gmail.com can't do their mail server by all mean, I don't make it a general rule, but may be in this specific case here it might well be the case! (; May be we should asked if Theo would create a linux@ list and let all these guys subscribe to it and beat each other up all day long, convincing each others of their ways and God thinking and leave misc@ alone for good stuff. Can we? OK, I need to stop feeding the trolls!
Re: sendmail vs. other MTAs
Theo de Raadt wrote: I am waiting smtpd though, but I doubt it will be able replace my exim installations any time soon. The best part is that noone cares about that. Not totally true I hope. Many does, just doesn't look like it. But, you are 150% right however, it sure DO NOT get the RESPECT it deserves! Very sad!
Re: Multiboot OpenBSD with Vista
Lars Nooden wrote: I've not see a port of WINE to OpenBSD for some time, but it'd be worth a try, just in case. Actually I was just looking at this last night and it's not working yet. Getting closer all the time and good progress was done for sure looks like, but still some issues are not worked out yet; More details here: http://wiki.winehq.org/OpenBSD A specific wiki was setup just for OpenBSD to try to bring it up to speed should you be interested. But the short of it, not a go yet. Looks like it might go one day. Austin was actually asking for some help on one of the issue he is working on and the last updates and diff he putted in was 4/20/2009 I think.
Re: Multiboot OpenBSD with Vista
Leonardo Rodrigues wrote: It's really good to know that there's someone working recently on bringing Wine to OpenBSD. It really isn't a trivial port =( No it' snot. But I think Hustin is kind of stuck a bit. He got it to compile, etc. But it crash when run simple things and looks like it related to malloc may be. He can do the Wine part, but not as familiar for the OpenBSD part and was asking for help, or details on that side to see if he can finish it up. He did lots of progress for sure and it's been a few months that he is working on it. If I recall, from last last summer or something like that. He had some stuff working on 4.4, but it's broken on 4.5, so he really try to bring it to current for sure. If successful, yes it sure would be nice! (; Some issues were dependency wrong n 4.5, may be as the list of ports wasn't fully updated at the time he tried, but some testing might help. Definitely much more ahead then last summer for sure and if successful, it would be current now.
Clarification needed on namespace export of the protocol include files definitions?
Hi, This is very minor in all, but I would love some clarifications as I obviously don't understand this as clearly as I should looks like. An example is in the commit Rev 1.5 of extern.h for tftp. I see this commit from Theo TIMEOUT* values are not part of the protocol. tftp.h is a namespace export of the protocol. you shall not add non-protocol stuff to such a file, period. But the RFC 2349 page 2 extend the TFTP RCF 1350 with this: timeout The Timeout Interval option, timeout (case in-sensitive). This is a NULL-terminated field. #secs The number of seconds to wait before retransmitting, specified in ASCII. Valid values range between 1 and 255 seconds, inclusive. This is a NULL-terminated field. So, the timeout value from 1 to 255 are valid and could have been defined into tftp.h for example couldn't it have been? It's not a complain, but I really would love to understand the logic as to what goes or should go into YourGismo.h and YourGismod.h for YourGismo application? For what I understand, the YourGismo.h would have definition of the protocol and what's defined in the RFC as YourGismod.h would have definitions use by your application design, but that may or may not be define in the RFC. Am I wrong? Sorry if that's totally obvious, I thought I got it before and I really don't get it here and I would love for someone to provide me clarifications so that I do understand it properly. Clearly there is something missing in what I assumed before. May be it could be that I do not understand the real English meaning of the namespace export of the protocol, but I took it to mean any variable that could be define as to help read the code that are included in RFC as well as any extension of them should they apply. It's it the case here? I obviously would put it in there, but looks like I would be wrong and I would really love to understand it properly. Please be generous on your comments if any so that it could be very clear to understand. May be an example(s) might be best if you can think of any. It might help me get it. Many thanks for your time. Daniel
Re: OpenNTPD warning
Jordi Espasa Clofent wrote: # sync to a single server server yes server hora.roa.es You shouldn't have this here like that. server yes The man(5) ntpd.conf if pretty clear on that. server address [weight weight-value] Specify the IP address or the hostname of an NTP server to syn- chronize to. If it appears multiple times, ntpd(8) will try to synchronize to all of the servers specified. If a hostname re- solves to multiple IPv4 and/or IPv6 addresses, ntpd(8) uses the first address. If it does not get a reply, ntpd(8) retries with the next address and continues to do so until a working address is found. For example: server 10.0.0.2 weight 5 server ntp.example.org weight 1 server yes is neither an IP address or a full qualify name server. So, as it say here, it will try to access hora.roa.es as well as yes, witch it will not be able to obvioulsy and will give you errors. So, just make your configuration properly and you will fix your problem. Best, Daniel
List of old forked or frozen code like apache that needs cleanup?
Hi, Is there some code in the tree that like apache a few years ago stop following the source for valid license reason, or was forked, kind of, that would need or benefit from cleanup just like I did apache in 2004-2006? Kind of disgraceful janitor work if you like, but that would be beneficial never the less and sure clean the tree a little bit. I am asking as I have a few guys that want to learn some stuff and I would take this on myself to make it happen somehow if there is a need for it or some that needs to be done. Worst case I could do some myself like in the pass years. Anything that have a bunch of Windows, Novel, or what not code in there that is frozen or only maintain by OpenBSD now that needs cleanup would be nice to know. Fell free to reply in private as to not pollute the list unless there is a need for it. Make your list as long as you want so that I may pick something interesting if possible, or that really is in bad need of dead code removal under OpenBSD. If there is a real need for that, then I could start sending diff's for it. Thanks for your time! Daniel
Can't get tls on smtpd to work right, just can't connect to server using tls.
Hi, I am having problem testing this and my be I am missing something simple, so any pointers would be appreciates. To test this I created the cert as describe in man 8 starttls as follow and below are all the steps I did without success so far: Create the missing directory and change to it. # mkdir /etc/mail/certs # cd /etc/mail/certs Generate the key and certificate based on my interface name dc0 in this case as follow: # openssl dsaparam 1024 -out dsa1024.pem # openssl req -x509 -nodes -days 365 -newkey dsa:dsa1024.pem \ -out /etc/mail/certs/dc0.crt -keyout /etc/mail/certs/dc0.key I answer the various question about the country, start, city, etc. Country Name (2 letter code) []: State or Province Name (full name) []: Locality Name (eg, city) []: Organization Name (eg, company) []: Organizational Unit Name (eg, section) []: Common Name (eg, fully qualified host name) []: Email Address []: Then all look good after that. I move my certificate and key to be root readable only as recommended in man 8 starttls as follow: # chmod -R go-rwx /etc/mail/certs And I finally removed the not needed dsa1024.pem file as well as suggested in man 8 starttls # rm dsa1024.pem Now it look like this: # ls -al total 16 drwx-- 2 root wheel 512 Jun 2 20:50 . drwxr-xr-x 3 root wheel 1024 Jun 2 20:44 .. -rw--- 1 root wheel 1241 Jun 2 20:47 dc0.crt -rw--- 1 root wheel 668 Jun 2 20:47 dc0.key I also created a link for the lo0 interface, witch I am not sure why we should use tls there as it's local, but anyway, for completeness I did never the less. Here I used the same key, but I could created a second key too. Unless I am missing something, I guess for lo0 shou;dn't tls be ignore anyway? Just a thought as you are already on the system at that point so why use it, or even smtps? Anyway, I do: # ln -s dc0.crt lo0.crt # ln -s dc0.key lo0.key and I have the final needed files as this: # ls -al total 16 drwx-- 2 root wheel 512 Jun 2 20:53 . drwxr-xr-x 3 root wheel 1024 Jun 2 20:44 .. -rw--- 1 root wheel 1241 Jun 2 20:47 dc0.crt -rw--- 1 root wheel 668 Jun 2 20:47 dc0.key lrwxr-xr-x 1 root wheel 7 Jun 2 20:53 lo0.crt - dc0.crt lrwxr-xr-x 1 root wheel 7 Jun 2 20:53 lo0.key - dc0.key Then I put the configuration in the /etc/mail/smtpd.conf file to use them: listen on lo0 tls certificate /etc/mail/certs/lo0.crt enable auth listen on dc0 tls certificate /etc/mail/certs/dc0.crt enable auth and I get errors: # pkill smtpd # smtpd /etc/mail/smtpd.conf:12: syntax error /etc/mail/smtpd.conf:13: syntax error Even only on dc0 only I get the same things: # cat /etc/mail/smtpd.conf | grep listen listen on dc0 tls certificate /etc/mail/certs/dc0.crt enable auth # pkill smtpd # smtpd /etc/mail/smtpd.conf:6: syntax error Any variation of it give me the same errors except this one: listen on dc0 tls If I try to specify the certificate name, location, full path, etc I get errors, even if I add or not the end options enable auth. I can't connect to the smtpd using clients with only tls enable. I test this using thunderbird and setup the sending mail server to use tls ONLY. I keep getting errors trying to connect to it. It refuse connection to it. I try everything I can think of some far and I am still not successful doing it. The only part that works very well for weeks so far is without any tls like this: # cat /etc/mail/smtpd.conf | grep listen listen on dc0 # pkill smtpd # smtpd But with tls configuration, I can see the starttls in the offering: # telnet no-spam1.realconnect.com 25 Trying ::1... Connected to no-spam1.realconnect.com. Escape character is '^]'. 220 no-spam1.realconnect.com ESMTP OpenSMTPD EHLO testing 250-no-spam1.realconnect.com Hello testing [IPv6:::1], pleased to meet you 250-8BITMIME 250-STARTTLS 250 HELP quit 221 no-spam1.realconnect.com Closing connection Connection closed by foreign host. Anything I am forgetting that is obvious, or is it not ready to be use yet? Thanks for the feedback. Best, Daniel
Re: Can't get tls on smtpd to work right, just can't connect to server using tls.
I didn't see you mention a certificate authority, is this self-signed? Yes it is self signed. starttls says: If you don't intend to use TLS for authentication (and if you are using self-signed certificates you probably don't) you can simply link your new certificate to CAcert.pem. # ln -s /etc/mail/certs/mycert.pem /etc/mail/certs/CAcert.pem If, on the other hand, you intend to use TLS for authentication you should install your certificate authority bundle as /etc/mail/certs/CAcert.pem. You didn't mention this file. Because it doesn't apply at all for smtpd and nowhere in the code does it look for that anyway. So, no I didn't do anything about it. I did look at the code first and I did find the answer to one of my questions, (the part for the name) but still the smtpd refuse connections for tls exchange. Just for the archive, the man smtpd on the configuration have: listen on interface [port port] [tls | smtps] [certificate name] [enable auth] where I was failing for the name part ONLY on the [certificate name] was that I use the full file name as dc0.crt instead of dc0 only as the code does add the .crt part to the name. But that address only the name part of the configuration I had errors with. It doesn't fix the issue I can't get the system to work with tls. Most likely it is something stupid, but I can't se it never th eless. Best, Daniel
Re: Can't get tls on smtpd to work right, just can't connect to server using tls.
If you don't intend to use TLS for authentication (and if you are using self-signed certificates you probably don't) you can simply link your new certificate to CAcert.pem. # ln -s /etc/mail/certs/mycert.pem /etc/mail/certs/CAcert.pem If, on the other hand, you intend to use TLS for authentication you should install your certificate authority bundle as /etc/mail/certs/CAcert.pem. You didn't mention this file. So, just in case something else in the system might look for this, I did the following: ln -s dc0.crt CAcert.pem I didn't think it would make any differencem but just for testing I did anyway and I now have; # ls -al total 16 drwx-- 2 root wheel 512 Jun 2 22:05 . drwxr-xr-x 3 root wheel 1024 Jun 2 20:56 .. lrwxr-xr-x 1 root wheel 7 Jun 2 22:05 CAcert.pem - dc0.crt -rw--- 1 root wheel 1241 Jun 2 20:47 dc0.crt -rw--- 1 root wheel 668 Jun 2 20:47 dc0.key lrwxr-xr-x 1 root wheel 7 Jun 2 20:53 lo0.crt - dc0.crt lrwxr-xr-x 1 root wheel 7 Jun 2 20:53 lo0.key - dc0.key And still no go. Obviously here the dc0.crt is what the mycert.pem would have been anyway. smtpd.conf is looking for name.crt where the .crt is burned in the code, so it's not optional to have it. # cat /usr/src/usr.sbin/smtpd/ssl.c | grep .crt /etc/mail/certs/%s.crt, name)) { So, that's for the clue, but that's not is yet anyway. Best, Daniel
Re: Can't get tls on smtpd to work right, just can't connect to server using tls.
Gilles Chehade wrote: Daniel Ouellet a icrit : Hi, I am having problem testing this and my be I am missing something simple, so any pointers would be appreciates. To test this I created the cert as describe in man 8 starttls as follow and below are all the steps I did without success so far: [...] Yes, for some reason you will not succeed having ssl/tls work by following the starttls man page. Current workaround until I spot what's wrong, is to follow the same procedure than for generating certificates for web servers in ssl(8), this will work. I'm currently doing some ssl related work in smtpd so it's likely I'll have news soon. Many thanks for the advise! I will try that and see. Great work by the way, I really love it so far! I got use to update it every few days and more in the last week. (; Best Daniel
Re: List of old forked or frozen code like apache that needs cleanup?
Please guys, lets stop this. I now regret even asking. It wasn't mean to be as it was taken down that path as what can we do to help, or what's needed, etc I thought the title was clear. My fault and I apologies to have sent this in. What I was really ONLY asking or looking for was an application, or multiple one that STOP being sync with the original because of license issue or what not and that kind of become OpenBSD only and that may have lots of GNU/Windows crap in it like apache had before 2004 and that would definitely benefit from the same idea of cleanup. That was THE ONLY question I had and if there was still such a thing in the tree that I could work with 4 kids in a special computer project at school where I would take it on my own to process the what I would call DEAD CODE REMOVAL just like I did here as an example: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/main/http_protocol.c.diff?r1=1.26;r2=1.27;f=h Anything else or any other direction this tread took was unintentional and I very much apologies for it. It wasn't my intention and I should have know better when I sent it. My fault and I am very, very sorry about it. If there is such a thing, I would love to know, if not, that's fine too, but please lets not make this turn into a joke like it was a few years back. Again, I am very sorry to have open that can of worms, it really wasn't what I had in mind and how I thought I phrase the question, but obviously I was wrong. My deepest apologies for the nose! Daniel
Re: List of old forked or frozen code like apache that needs cleanup?
Alexander Hall wrote: Daniel Ouellet wrote: My deepest apologies for the nose! I don't mind it. Men, should have been noise not nose. Fair picking, I deserved it! (;
Re: MySQL and ulimit
Gaby Vanhegan wrote: I'm having an annoying time trying to make MySQL run with a large amount of buffer memory. I have 4Gb of RAM and 8Gb of swap and I need to increase the data size limit for the _mysql login class. Currently it's set to unlimited but it doesn't seem to be coming through to the _mysql login class: How do you start your MySQL, do you actually tell it to use that class? http://openbsdsupport.org/mysql.htm For may be more details that you may have overlooked. Best, Daniel
Re: MySQL and ulimit
If the machine has mare than enough physical RAM and tons of swap, is there no way to configure MySQL to hold a 2Gb buffer in memory? I really want to avoid building a custom kernel and it feels like I should be able to get this working using login.conf, ulimit and sysctl settings. Or is this a wall that is not meant to be broken through? If I may asked, why would you really want to get a 2GB buffer??? I obviously do not know what your setup is or your application here, or how big your database actually is, but if you are trying to have everything in ram for speed for example and that your application do not make changes to the database, then you could always setup a partition in ram disk only and put your table there. You could mount /var/mysql/test in a ram disk that you configure to use 2GB or ram and that would do what you want. If you need to make changes to that database in RAM, then you could use replication to save the changes to the physical hard disk, witch would need to run to copy of MySQL obviously to replicate it live to a different table name. I did that before and it does actually works well, that's when I had slow hardware and I would around it that way, now I don't need that anymore, but still possible to do it, if that's really want you need. You can create your table to be loaded on the start and be put into ram disk, or may be even under volatile table as well, but not knowing what you want to do, these are just ideas that may or may not apply or may be even stupid as well to do depending of what you really try to solved as a problem. The ram disk I must say was a very cleaver idea and works very well back then, but needed raidframe, witch I didn't really like to use. I might do it again now with Marco softraide for fun and see if that would actually works or not, just as a test. Anyway, hope this may give you some thoughts or not as I am not really sure where you try to go here. But no matter what, you still limited to 4 GB for physical memory anyway. Best, Daniel
Re: junk directory cleanup question
jmc wrote: is this to suggest that the best thing to do is edit /etc/daily and wedge in the directories i need cleaned up? i'm only asking because my first thought of course would be to put this code in /etc/daily.local to ease merging in any diffs that future upgrades might provide. From man 8 daily: These scripts should not be altered. Local additions should be made to the files /etc/daily.local, /etc/weekly.local, and /etc/monthly.local, which will be executed by /etc/daily, /etc/weekly, and /etc/monthly, re- spectively. The *.local files are executed first, which makes it conve- nient to do any necessary cleanup and backup before the script is run.
Re: apc ups daemon - SUCCESS
Thanasis wrote: on 06/11/2009 07:55 PM Diana Eichert wrote the following: On Thu, 11 Jun 2009, Thanasis wrote: As I said, the compilation didn't need anything special, except perhaps using gmake instead of make. That's all. So, it's minimum effort for someone experienced with the ports system and with the Makefile(s) to put it in. :-) So, I have to respond. This is the most Give Me, Give Me, Give Me response I've heard in awhile. First you have problems and ask for help, plenty of people chime in with ideas, then you get it working, then someone suggests you give back to the project because to them, and perhaps the commuunity, it appears OpenBSD is useful to you. You decline, suggesting it's a minimum effort for someone experienced with the posts system. How do you think these projects work? People sitting on the their ass and expecting someone else to do things. This is why I quit trying to help people on misc@, to much give me, not enough give back. not a g.day diana Sorry, if I made you feel that way, but believe me, really, if I could do it (put apcupsd in the openbsd ports), I would happily do so. But not everyone is a developer ... O:-) PS: And thanks to every one for their help :-) You got it working never the less didn't you? So, doesn't need to be a dev to get there. Diana is 150% right once more! Doing the port is in the FAQ and in response to the help you got, plenty of it, you could do it, or worst case read the FAQ and create a port. I am sure if it is not perfect and you submit it, as much as you got help to get your stuff going, if there was something wrong in your port, or try of it anyway, you would get even more help making it right! Diana is right, you want to take and not give back what so ever and find excuses not to even give it a shut! This is a shame big time! Take and never give back! Real shame!
Re: BGP and NATting to multiple ISPs
Hi, here is a few ideas for you. A few things to think about here depending on what issue you really try to solved. First a good ISP after you actually reach them have built redundancy on their network, so unless you try a cheap one, then you should be fine there. Then what could go wrong? Well plenty yes, but less take them. - Power, well UPS, if UPS runs out, two ISP will do nothing. - single router blow up, same thing. So, you designed it with two as you put it, great. - Local loop, last mile, well if it get cut, then it's cut and needs to be fix. So two line needs to come in. One solution may be as simple as getting these two lines form the same ISP and have them merge together. Like if you use T1 for example, then they could be bundle together via PPP and allow you to use the full capacity of both and if one goes down, you still have the first one and nothing is lost, no traffic is lost and all continue, just slower. You might be able to get it cheaper if both from the same ISP as well and they would need to be provision on the same router on their end anyway to merge them. This way, you don't need BGP, you get backup as you want to get, on line goes dead, you still have the second one. But then, you don't have your IP problem and believe me, getting any IP's from ARIN these days is pretty darn hard! Unless you want IPvShit, then you will be giving them right away. They change their policy last month if my memory is good and you sure can get it for your site, but then, you hell open a truck load of other issues however. This combine lines also address your requirement of balancing your traffic, but in this case, you don't need anything special, it works no problem. I don't know how things are in Chicago, but if it is like hereon the east coast, looks like Verizon enjoy playing with wire in central office and disconnect lines at random. I don't really think they are doing that, but sure hell look like it however as problem are always with the local loop! So, this may well works for you and get you want you want to do. Just a thought anyway for your consideration that may address your needs in a different way. Best, Daniel
Re: BGP and NATting to multiple ISPs
I'm in *no* way convinced that running out of a resource (IPv4 addresses) would be a good thing. It's been my experience that most network engineers agree with me. Many will agree with you big time! There was a chance to make it right and address many issues that could have been address with the new standard, but instead, politics and power struggle got the best of it and they even try to reintroduce old bugs that was/is in IPv4 and that everyone knows was bad. Looks like history serve nothing, but just repeated itself. They had a chance to make it right and easy, but sadly it wasn't the path that was taken. Even one of my funniest reading was if memory served well a reply from Theo on source originate routing if I remember well. That was in 2007 I think, or may be older. I would need to dig it, but there is so many example of well known issue in IPv4 that everyone try to work around it to make it better and the same issue were re-introduce in IPv6... Why!?!?!
New disklable doesn't keep old partitions if requested
Hi, I try to keep the actual partition of the disk as it was before and do a fresh install, but the snapshots looks like simply do not allow this now. You can select Custom label and it will show the previous label, but then when you write it, obviously no changes are present, but when you Quit it, it comes back to the same question and looks like you can't move on from there. Good if you want to use the auto label, but if you want to keep the old one, then what really should be the step then? Here is an example: No label changes. '/' must be configured! The auto-allocated layout for wd0 is: #size offset fstype [fsize bsize cpg] a: 1.0G0 4.2BSD 2048 163841 # / b: 1.3G 2097648swap c:74.5G0 unused d: 4.0G 4719456 4.2BSD 2048 163841 # /tmp e: 6.0G 13109040 4.2BSD 2048 163841 # /var f: 1.9G 25692912 4.2BSD 2048 163841 # /usr g: 1.0G 29778336 4.2BSD 2048 163841 # /usr/X11R6 h: 5.4G 31875984 4.2BSD 2048 163841 # /usr/local i: 2.0G 43210944 4.2BSD 2048 163841 # /usr/src j: 2.0G 47406240 4.2BSD 2048 163841 # /usr/obj k:49.9G 51601536 4.2BSD 2048 163841 # /home Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a] C You will now create a Sun-style disklabel on the disk. The disklabel defines how OpenBSD splits up the disk into OpenBSD partitions in which filesystems and swap space are created. You must provide each filesystem's mountpoint in this program. This platform requires that partition offsets/sizes be on cylinder boundaries. Partition offsets/sizes will be rounded to the nearest cylinder automatically. Label editor (enter '?' for help at any prompt) p OpenBSD area: 0-156301488; size: 156301488; free: 0 #size offset fstype [fsize bsize cpg] a: 10493280 4.2BSD 2048 163841 b: 8389584 1049328swap c:1563014880 unused d: 2097648 9438912 4.2BSD 2048 163841 e: 20972448 11536560 4.2BSD 2048 163841 f: 2097648 32509008 4.2BSD 2048 163841 g: 10486224 34606656 4.2BSD 2048 163841 h: 2097648 45092880 4.2BSD 2048 163841 i:109110960 47190528 4.2BSD 2048 163841 w q No label changes. '/' must be configured! The auto-allocated layout for wd0 is: #size offset fstype [fsize bsize cpg] a: 1.0G0 4.2BSD 2048 163841 # / b: 1.3G 2097648swap c:74.5G0 unused d: 4.0G 4719456 4.2BSD 2048 163841 # /tmp e: 6.0G 13109040 4.2BSD 2048 163841 # /var f: 1.9G 25692912 4.2BSD 2048 163841 # /usr g: 1.0G 29778336 4.2BSD 2048 163841 # /usr/X11R6 h: 5.4G 31875984 4.2BSD 2048 163841 # /usr/local i: 2.0G 43210944 4.2BSD 2048 163841 # /usr/src j: 2.0G 47406240 4.2BSD 2048 163841 # /usr/obj k:49.9G 51601536 4.2BSD 2048 163841 # /home Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a] E This platform requires that partition offsets/sizes be on cylinder boundaries. Partition offsets/sizes will be rounded to the nearest cylinder automatically. Label editor (enter '?' for help at any prompt)
Re: New disklable doesn't keep old partitions if requested
No label changes. Wait. Don't you see what is wrong above? Let me guess. The last time you used this disk, partition d was your /home partition, right, and i is /var? Nope. Here is the standard setup on a truck load of servers. All use the same partition table, unless there is a very special need. I try to keep them all similar as much as possible and I do all fresh install every 6 months (not upgrade) using the sitexx.tgz files. It's more work to keep the sitexx.tgz files in sync, but at the same time, it provide for quick install and always run clean fresh install, plus should one server blow up, putting one back in service is just less the 10 minutes away max. And it force anyone to keep documentation of the setup, or changes of it by needing to keep sitexx.tgz in order. Here is an example here for fstab: # cat /etc/fstab /dev/wd0a / ffs rw 1 1 /dev/wd0i /data ffs rw,nodev,nosuid 1 2 /dev/wd0h /home ffs rw,nodev,nosuid 1 2 /dev/wd0d /tmp ffs rw,nodev,nosuid 1 2 /dev/wd0g /usr ffs rw,nodev 1 2 /dev/wd0e /var ffs rw,nodev,nosuid 1 2 /dev/wd0f /var/log ffs rw,nodev,nosuid 1 2 We don't know what partition to mount where. That I totally agree, but when I do the custom, and make no changes to the partition table, then why does it come back asking me to redo it instead of keep going and then I can re-enter the old mount name in the old partitions as it used to be? Same results with edit auto label as well. I can pass this pass deleting all and recreating all, but before (4.5 and before) I could keep the same label, and yes I needed to enter the mount point in label, witch was fine and I have no issue with that or doing it. You failed to fill in the information, using at least the 'm' command, and then when you quit disklabel it correctly says: Theo, I failed to follow you here. Sorry if that's obvious, but I fail to see it. The man page does say the m command is to modify parameters for an existing partition. I am not creating a new one, but just want to use the old one and I have no problem if I need to re inter the mount point obviously as it needed to be done as well before. But it doesn't allow me to do so IF I do not make changes to the partition table. It does force me to do m for each partition, not changing any data other then entering the mount point. Before, I could pass this and just enter the mount point and keep going. So, I have redone it to test it and yes, I can use the m for each partitions and not modify any data for the partition size and all and just provide the mount point then when I write it and quit, it does continue the process as before. But this wasn't required before. So, if one wants to keep the same partition then before, what would be the best way then? I thought that it would be logical to do the custom selection, not making any changes to the partition table as before and then when save, just needed to type the mount point and move on. But I can't do that now without needed to use the m for each partition, not making any changes to the partition size, offset and all and then provide the mount point. '/' must be configured! Read what it says. The nice install script then nicely goes back to trying to see if you will learn to read next time. I am sure not saying it's not nice. It is very nice and I like the new way for sure. I just never used to have the need to do this before. It previous version allow me to provide the name after no changes where done in the partition and the system didn't know what the partition were instead of going back to it asking to redo it all. That part of the previous install made more sense to me, but I sure can do it the new way. Instead of using the same partition table and then have to enter the mount point for each one, now it needs to use m for each partition, keep the setting the same for the size, offset and all and only enter the mount point now. It does add way more steps in that situation yes. Is that a big deal, no, just wonder why or if there was a way to skip that to be like in previous version? Wouldn't it make more sense if a custom setup is selected and no changes are done to the partition label, then to be assume the partition itself wanted to be kept intact and then only the mount label needed to be provided as before? The short of it is if you make no changes to the partition table, yes the system do not know what mount point you want, then why not only asked for the mount point then when getting out of the custom disklable part? That's how it was before. Is there really a need not to allow this? I really have no problem either way, but just wonder why or if there was a way to skip it. That was the essence of my question. Best, Daniel
Re: New disklable doesn't keep old partitions if requested
You need to learn how to listen. That's fair Theo. But to make it short. Before when at the disklabel part of the install, one could just type 'q' and it was then asked for the mount point of that actual unchanged partition as before and skip the 'm' steps if you want. Now you can't just type 'q' and do this, but needs to do 'm' for each partitions and keep the same size, offset, etc the same and provide then the mount point, then save, quit and keep going. If there is a way to skip these additional steps using 'm' on disk unchanged partition between install and just need to type 'q' as before and provide the needed mount points obviously, I would like to know how now? Doesn't appear to be possible anymore. Am I wrong? Best, Daniel
Re: New disklable doesn't keep old partitions if requested
Hi Matthew Use 'n' instead of 'm' to provide the needed mount points. That address my question. An obvious over site on my part! I never used it until today as far back as version 2.8. With the old installer, while in the disk label editor, you could name your mount points while creating (command 'a') or modifying (command 'm') your partitions, or you could just name the mount points for existing partitions without otherwise those partitions (command 'n'). I see that now. After you finished the disk label editor, the old installer would then prompt you to name your mount points. If you'd already named them in the disk label editor, this was redundant. The new installer removes the redundancy and requires that you name your mount points in the editor. That's where my confusion came from. I wrongly assume that you create the partitions and then named them after the fact. I was obviously wrong and made the wrong assumptions here. When you choose C for a custom layout, the installer shows you this: -- You will now create an OpenBSD disklabel inside the OpenBSD MBR partition. The disklabel defines how OpenBSD splits up the MBR partition into OpenBSD partitions in which filesystems and swap space are created. You must provide each filesystem's mountpoint in this program. -- Note the last sentence. I saw that one and obviously read it, but didn't sync in for me. Based on previous years, I assume that, yes you need to partition your disk and then obviously will also need to provide the mount point when you are done. Before, you could provide them after the fact like you explain and obviously was a miss understanding of the process on my part that you clarify for me. Sorry for the noise. And Theo, I am truly sorry you got upset on this question from me here. I obviously failed to understand it properly and that's why I asked the question. My apology for your increase in temper cause by my question, but I just obviously didn't get it right and this clear it up for me. I was obviously wrongly looking for the installer asking me for the mount point as before, witch I see now was wrong to assume on my part. Thanks for your time and clarification on my miss understanding. One need to be ready to get a beat up to get clarifications, but that's fine. And Theo, I NEVER intended to make you waste time here. It was an honest miss understanding on my part obviously. Best regards, Daniel
delegation-only added in 3.5 and removed in 4.5 a few months ago.
Hi, I was trying to find out the reason why the delegation-only zone was removed in 4.5 as it was there as far back as 3.5. marc.info search on misc list show the last reference to that as May 2007. Not a big deal, I was just trying to understand why it may not be needed, or seen as useful anymore? There is lots of content at that regards years back, but not much anymore or as to why not to be used now. Any inside may be as to why then? Just curious. Regards, Daniel
Re: delegation-only added in 3.5 and removed in 4.5 a few months ago.
Claudio Jeker wrote: On Fri, Jul 10, 2009 at 04:10:09AM -0400, Daniel Ouellet wrote: Hi, I was trying to find out the reason why the delegation-only zone was removed in 4.5 as it was there as far back as 3.5. marc.info search on misc list show the last reference to that as May 2007. Not a big deal, I was just trying to understand why it may not be needed, or seen as useful anymore? There is lots of content at that regards years back, but not much anymore or as to why not to be used now. Any inside may be as to why then? It was added during the time .com added a *.com entry to their zone to redirect everybody to some website. It was dropped a bit later because of all the compains and I hopefully doubt it will ever come back. So the delegation-only hack is no longer needed for these zones. Thanks for the answer and the details. But Verisign wasn't the only one doing it based on feedback on the net. But I could be wrong. Anyway, nice to know it's getting better.
What might be th cause of psycho0: correctable DMA error AFAR xxx AFSR xxx on Sun V100?
Hi, I wonder if there is anything else I could do here to find out what might be the problem. I get plenty of errors like this on the console: psycho0: correctable DMA error AFAR 47b8c200 AFSR 406200ff0080 psycho0: correctable DMA error AFAR 47b90aa8 AFSR 4062ff00a080 psycho0: correctable DMA error AFAR 47b945e0 AFSR 486200ff8080 psycho0: correctable DMA error AFAR 47b980f0 AFSR 486200ffc080 psycho0: correctable DMA error AFAR 47b9c098 AFSR 4862ff006080 psycho0: correctable DMA error AFAR 47ba0028 AFSR 4062ff00a080 psycho0: correctable DMA error AFAR 47ba4018 AFSR 4862ff006080 psycho0: correctable DMA error AFAR 47ba8038 AFSR 4862ff00e080 psycho0: correctable DMA error AFAR 47bac010 AFSR 406200ff4080 psycho0: correctable DMA error AFAR 47bb00d8 AFSR 4862ff006080 Even if that doesn't really have anything to do with it, I replace the drive just in case with a brand new one to see. Same results. Searching on google I only came up with a diff that was put in lace in July 2008 here: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/sparc64/dev/psycho.c.diff?r1=1.61;r2=1.62;f=h That from the archive on tech@ point to the same problem and address this to at a minimum clear these errors and keep going. Is this really hardware failure, or bad driver may be somehow? I can get these by doing a fresh install from scratch, do newfs and I can create these errors as well sometime by just doing something like this for testing: dd if=/dev/zero of=/free/test count=1000 bs=1m Not really sure what it really mean here and it happens on one server only so far but not on plenty of others of the same model. Sun V100. dmesg below if needed, but it's the same as others. The drive is 160GB and less then 137GB is use in disklabel, the rest simply through away like many others system like this. 49 others have the same drive no problem. But doesn't appear to be a drive issue anyway. The server does hang time to time. Any clue would be welcome. Thanks Daniel == console is /p...@1f,0/i...@7/ser...@0,3f8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2009 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.6 (GENERIC) #38: Fri Jul 3 18:45:13 MDT 2009 dera...@sparc64.openbsd.org:/usr/src/sys/arch/sparc64/compile/GENERIC real mem = 2147483648 (2048MB) avail mem = 2065604608 (1969MB) mainbus0 at root: Sun Fire V100 (UltraSPARC-IIe 548MHz) cpu0 at mainbus0: SUNW,UltraSPARC-IIe (rev 3.3) @ 548 MHz cpu0: physical 16K instruction (32 b/l), 16K data (32 b/l), 512K external (64 b/l) psycho0 at mainbus0: SUNW,sabre, impl 0, version 0, ign 7c0 psycho0: bus range 0-0, PCI bus 0 psycho0: dvma map 6000-7fff pci0 at psycho0 ebus0 at pci0 dev 7 function 0 Acer Labs M1533 ISA rev 0x00 dma at ebus0 addr 0- ivec 0x2a not configured rtc0 at ebus0 addr 70-71: m5819 power0 at ebus0 addr 2000-2007 ivec 0x23 SUNW,lomh at ebus0 addr 8010-8011 ivec 0x2a not configured com0 at ebus0 addr 3f8-3ff ivec 0x2b: ns16550a, 16 byte fifo com0: console com1 at ebus0 addr 2e8-2ef ivec 0x2b: ns16550a, 16 byte fifo flashprom at ebus0 addr 0-7 not configured alipm0 at pci0 dev 3 function 0 Acer Labs M7101 Power rev 0x00: 74KHz clock iic0 at alipm0 max1617 at alipm0 addr 0x18 skipped due to alipm0 bugs spdmem0 at iic0 addr 0x54: 512MB SDRAM registered ECC PC133CL2 spdmem1 at iic0 addr 0x55: 512MB SDRAM registered ECC PC133CL2 spdmem2 at iic0 addr 0x56: 512MB SDRAM registered ECC PC133CL2 spdmem3 at iic0 addr 0x57: 512MB SDRAM registered ECC PC133CL2 dc0 at pci0 dev 12 function 0 Davicom DM9102 rev 0x31: ivec 0x7c6, address 00:03:ba:2a:89:64 amphy0 at dc0 phy 1: DM9102 10/100 PHY, rev. 0 dc1 at pci0 dev 5 function 0 Davicom DM9102 rev 0x31: ivec 0x7dc, address 00:03:ba:2a:89:65 amphy1 at dc1 phy 1: DM9102 10/100 PHY, rev. 0 ohci0 at pci0 dev 10 function 0 Acer Labs M5237 USB rev 0x03: ivec 0x7e4, version 1.0, legacy support pciide0 at pci0 dev 13 function 0 Acer Labs M5229 UDMA IDE rev 0xc3: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide0: using ivec 0x7cc for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST3160815A wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TEAC, CD-224E, P.9A ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, DMA mode 2 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 Acer Labs OHCI root hub rev 1.00/1.00 addr 1 softraid0 at root bootpath: /p...@1f,0/i...@d,0/d...@0,0 root on wd0a swap on wd0b dump on wd0b
Re: Problem getting packages
Simon Loewen wrote: Where can I get these from? http://marc.info/?l=openbsd-ports-cvsm=123653096012674w=2 Can't resolve p5-Compress-Raw-Zlib In base. Can't resolve p5-IO-Compress-Base In base. Can't resolve p5-IO-Compress-Zlib In base. Can't resolve p5-Compress-Zlib In base. Can't resolve p5-IO-Zlib In base. Can't resolve p5-Archive-Tar In base. Can't resolve p5-IO-INET6 http://marc.info/?l=openbsd-ports-cvsm=123088683223617w=2 Hope this help you some. There is many you don't need to install anymore. (; Daniel
Re: Q: How to shop for a laptop to run OpenBSD?
I will (hope) to buy a new laptop in a couple of months, how to make sure that the one I pick will work under OpenBSD. I understand that there is a list of supported hardware at: http://www.openbsd.org/i386.html The way I do it and did it was simple really. I burned myself a live cd that run OpenBSD with X already on it, a bunch of applications and all. http://bsdanywhere.org/download/ Then I boot the laptop by simply sticking the CD in the various laptop in display. So, booted, but no X, some didn't boot and some ran well. Try a few applications and all was good. Checked the dmesg right there from the CD for some not supported hardware and all. Pick the one I like and pay fir it and walk out of the store with it. Was quick. I just told the rep that's what I was doing and asked him if he wanted to watch as well. He watch the first one then let me do the rest alone. Some store are more welling then others to let you do this, but make sure you pick a day that is not full of customers in there as they may not like it so much. (; That's the quickest way I found out how to do as something the flash drive needs to have the bios changed to boot from and some just don't, but the CD is always on new stuff anyway the boot device before the hard drive, so no special changes needed to test and with the CD you are sure it will not write to the drive as well too. Well, not unless you really want to do so anyway. Hope this help you some never the less.
Re: spawn: fork() failed
Siju George wrote: Hi, Some times i am not able to open more than n number of xterms in my X ( fvwm2 ). 'n' varies but the error I get while trying to open xterm through another x term is $ xterm xterm: Error 29, errno 35: Resource temporarily unavailable Reason: spawn: fork() failed If I try to open aterm through another aterm i get. $ aterm aterm: can't fork aterm: aborting Sometimes $ls jut hangs! What could be the trouble? Thanks Siju I am not saying for sure this is your problem, but every time I have seen issue with fork it's because you reach the number of process limits under the login class of that user. Cold be as simple as that really and increasing the running process limits for the class used by that user may just do the trick. They are use the default class, if that account is special and does need more, then may be you can create a special class for it and increase the limits process allow here. Just something to think about and try that I could think of. If that's not it, then sorry for the noise. Hope it help you never the less. Best, Daniel
Re: Supporting OpenBSD
Hi Nick, Great post! Rod Whitworth wrote: Good pitch, Nick. I'd love to see it on a wider screen somewhere. As to have this on a bigger screen! It has! (; April 21, 2009 at Apple Store in Tysons Virginia! For the Apple Night School event. All night long from 5PM to ~10PM or so on it's own table and also bigger screen too. The idea is what kids are doing with their computers and all as well as what they do with their MAC computers. Well, this is not news to some on this list here, but my son did promote OpenBSD as well as I in a big way and a unique way too. You can check the following pictures below if you want proof. 9 of them all around 3.5 to 4Mb sorry about that. Specially you can notice the last 4 pictures and the last one with the big screen on it. That's in the Apple store for presentations. Puffy did show up that night big time and a few Genius sure asked a few very interesting questions about the setup and all to witch my son provided all the answers they wanted. Only one said that the warranty was not valid on the MAC laptop anymore as it was temper with for dual boot and all to witch my son proudly answer that's it's been like that for a very long time and to make the Genius happy also said something in the lines of That's no problem is it? If Apple makes good hardware, I don't really need that Apple Care and all to run great software on it do I? Are you saying that Apple do not make good hardware and I should pick a different company then? To witch the Genius didn't have any answer and left it alone and the other Genius got a good smile out of. (; Anyway, my son is a freak of Lego's and OpenBSD and that night show up how to use BlockSmith on him workstation in dualboot and how to use OpenBSD to secure his MAC right there in the Apple store on bigger screen then his laptop! (; He even did a Lego figure of one of the Genius right there in BlockSmith witch I can tell you got him the hart of the various Genius there in the store too. (; I guess I call that Puffy PR!,(; http://openbsdsupport.org/apple-night/OpenBSD-1.jpg http://openbsdsupport.org/apple-night/OpenBSD-2.jpg http://openbsdsupport.org/apple-night/OpenBSD-3.jpg http://openbsdsupport.org/apple-night/OpenBSD-4.jpg http://openbsdsupport.org/apple-night/OpenBSD-5.jpg http://openbsdsupport.org/apple-night/OpenBSD-6.jpg http://openbsdsupport.org/apple-night/OpenBSD-7.jpg http://openbsdsupport.org/apple-night/OpenBSD-8.jpg http://openbsdsupport.org/apple-night/OpenBSD-9.jpg He got many questions and really got the curiosity of the people in the store that night going for sure. Did anyone got home and got a CD after that, obviously I can't say. I would like to believe that may be some did! But, did Puffy got visibility in the more obvious and may be hot places, I guess so. (; Sometime you will never know where Puffy will show up and how big the screen he might end up on. (; And you can notice the different OpenBSD T-Shirt's there as well including the Apple one around the neck oppose to hide the Puffy one. Even to the question of Well, it might be difficult to install this OS then? by some of the visitors and Genius. Believe it or not, the answer came from my youngest son that was there too in the wireframe Puffy T-Shirt and that you can see there. He explain how to do it and also explain that he did many servers install as well in my business replacing hard drive and all. Even a demo install in 5 minutes was possible to do. (; If not even a Teenager can do it in public, then I guess a Genius should be able to right? Sure got the attention of many there and really show that installing OpenBSD is even much faster then Mac OS X. OK, not all the X was install, but you get the picture. Visitor sure did! (; So, talk about big screen, well you got one. OK it's far from Australia I know, but never the less, you can fell the vibe now can you? (; Best, Daniel
Re: Defending OpenBSD Performance
Henning Brauer wrote: * Nick n...@holland-consulting.net [2009-09-15 13:52]: Yep. Most performance-oriented thing I've done with OpenBSD was firewalling a 45Mbps T3 line. It did tax the machine a little bit, but the primary firewall was a Celeron 600, about five years old at the time it was put into service (failover was a PIII-750, which showed a lot lower load, I think it was more the cache than the MHz). i have a bgp machine forwarding 800MBit/s of real world generic internet traffic. can handle at least twice that. enough of a benchmark? Henning, If I may ask here. One thing that would be nice for the records is to get a little bit more details on your setup doing that if you have no problem providing it obviously. Specially the PF configuration tie to this bgp router as well may well be very educating to many. I always wonder what simple difference from stock install might be there in the hardware or sysctl to get there, what network card are use now, but more important is the PF configuration use in some router as well. I really do not recall have seen one email on the subject. That would be great to have. Not something to preach by, but something useful and base line if you want to start with. I for one would welcome it and would be curious as to what PF configuration tie with the bgp router are actually in use and proven to be good with decent speed. Obviously I assume there is a minimum of PF in use there, but may be not? Am I wrong? I don't know if many would appreciate this for the records, but I sure would love it. Should you find a little time to put it on misc@ know you would have an avid reader for it! (; Best, Daniel
Re: Defending OpenBSD Performance
If I may ask here. One thing that would be nice for the records is to get a little bit more details on your setup doing that if you have no problem providing it obviously. Specially the PF configuration tie to this bgp router as well may well be very educating to many. it doesn't run pf. Interesting! I always thought that a minimum of PF was in use. So, if I may ask, how you do some minimum like: ip verify unicast source reachable-via any for announcement to you from multiple BGP sources or even: ip verify unicast source reachable-via rx for announcement from a single and uniq bgp source then? Or do you even do this? No right or wrong answer, just curious? No ban of not valid or spoof IP block then? Or may be black hole? Or do you even bother with it and just let it be? What about letting in only valid destination IP's or letting out valid originating IP's out then? No filter for it at all as no PF is there to do this? Again not any tricky question, just wonder of what best practice then some may use bgp for their network, not only for one bgp feed obviously. I obviously wrongly assume there was a minimum of PF in use as well, witch I see I was wrong to think so. I thought PF was use to validate traffic, letting only valid IP's in/out and not accepting range of not valid BGP announcement as well. Is there a way to do this that I may obviously have miss by not doing it via PF?
Re: Defending OpenBSD Performance
Ross Cameron wrote: On 15/09/2009, Henning Brauer lists-open...@bsws.de wrote: i have a bgp machine forwarding 800MBit/s of real world generic internet traffic. can handle at least twice that. enough of a benchmark? Any chance you could post the spec. of said machine? I'd especially be interested in CPU/Chipset/NICs/RAM,... Hi Ross, Not sure that Henning will give more details on this. I understand that prefer not to, witch is fine. He did provide most of what you are asking here however. Sun 4150, you can get the spec on that box. Not to many processor choise there, so even the slowest one will be good. Ram, he said as close as 1Gb only and network cards, use em. Many Sun use that be default, not all the time but many. For the chipset, well, the DMESG would help to get that, but sadly they changed time to time, so not sure you will always get the same anyway. (; I have the 4100, not the 4150, I can send you that if you want, but not the same hardware obviously. I was more curious about other component of the setup to do it right, but sadly I am not sure my questions were well received. I was more interested on what some users and specially Henning as he is involved in bgpd a lots as to what filtering a BGP setup would/could use to make it better. Not sure he is welling to offer more details, witch is totally fine really, I can understand not wanted to do so. I hope this gives you some anywar to some of your questions never the less. Best, Daniel
Re: Sun V120 gem and hme interfaces hang
Bryan S. Leaman wrote: Hi All, I have a production firewall on a Sun V120 running OpenBSD 4.5 sparc64, with 2 active interfaces. Two weeks ago, the gem1 interface suddenly hung and I was able to revive it using ifconfig gem1 down; ifconfig gem1 up. I found the following m...@openbsd thread from March 2009: http://www.mail-archive.com/misc@openbsd.org/msg73257.html Did you try the mp kernel to see if that makes a difference for you. Also, don't forget that the fix here is not in 4.5, but pass 4.5 And anything in your logs for timeout message may be? And 4.6 is really around the corner now. Might be best to run it and see. Best, Daniel
Re: Sun V120 gem and hme interfaces hang
Did you try the mp kernel to see if that makes a difference for you. Out of curiosity, what effect would this have on a single CPU box? Using a different kernel with different options compile in it. For me at the time the MP kernel didn't have the problem that the sp had and looking the difference in between them pointed out to look in one direction to address the patch at the time. That's why I asked if you tried it. The bottom line is MP kernel does wok on single core processor. It's just like having a CPU with one core only really. There is nothing wrong trying it, it will not kill your box. (; Also, don't forget that the fix here is not in 4.5, but pass 4.5 And anything in your logs for timeout message may be? And 4.6 is really around the corner now. Might be best to run it and see. I know the fix for gem is in 4.6, but does the same problem affect hme? Since I'm having the problem with both drivers, I'm not sure if the 4.6 fix is related to the problem I'm seeing. Unlike your experience, I'm not getting any error messages in any logs or on the console. The only clue is the ierrs/oerrs and some error counts on the switch. There might be the same type of watch dog issue in the hme that it was on the gem. I can't tell you for sure, but the bottom line here as well if you really want to find a problem or possibly a bug like it's explain n the FaQ, you need to try the latet snapshot first and report if that still have your problem with it or not. There is so many changes lately in it. Your problem may well be gone, or still present, however you need to help yourself and try to find more and the start of it is to try all you can, witch you still haven't done it. Don't forget, you are the one with the problem, not the dev, but you would like them to look into it. Start by providing valuable details and may be if one have time, or an idea it he/she might look into it. But you need to provide more details first and at a minimum try to isolate it. Many tests do not need to be a programmer to do them and provide valuable details. For all everyone knows, the problem may well be fix by now, or not. I was able to kill the interface several times by pushing data through the firewall (into hme0 and out hme1) at around 70Mbps for 5-10 minutes. Same result--hme1 stopped responding but I could ping hosts on the hme0 side. I'm fairly sure (it was a long night...) that one time I did the ifconfig down/up on *hme0* and that revived hme1, which seemed odd. I am not saying it's the same problem here, but it sure behave the exact same way. See if you have timeout in the logs or not from that hme driver. But without you doing more tests on your box, it will not be looked at before it's done for sure. I ran systat ifstat during the failure, and it showed data flowing inbound through the firewall into hme0 and out hme1, but nothing in the other direction. So hme1 seems to be half working. Not sure if it matters, but I'm using altq with hfsc. May be an auto duplex negotiation issue, or not. But did you try and see if that might help or even make a difference? Just try to think or all possibility and tests some. Like different switch, or fix the port speed on the switch and hme card just to test. Try MOP kernel, try snapshot ( and if you do, don't forget that changes were done in PF that may affect you and need changes to the PF configuration in 4.6) Then and only then will you have more data to report and may be look into what might be the issue. Hope this help you some and provide you some tests that really out to be done to be helpful. Just think about it as it is now. You report an issue, but it would be much more helpful if thee is a case that remove the issue and then compare between the two setup could be looked at. For all we know now it may just be a switch port issue really. I am not saying it is, but could be as that's the same element in the picture as before on one end of it. I know you have that for many weeks now based on your previous email, so you try to isolate it, witch is good, but then go all the way to find it and really try more stuff then what you do now. You may fix it real quick doing so and wonder why you didn't do it sooner after that fact. I really hope it help you never the less and give you some ideas to try. The best way to get help if to help yourself first and really try many things and then you have more valuable data to use and report with. Best, Daniel
Re: anyone, low power rack-mount server for home usage?
Sergio Aguayo wrote: I have a Sun Cobalt RaQ 550. However that one runs Linux but with latest firmware versions i've been told that it can run NetBSD, but not OpenBSD. The RaQ 550 like all the other RaQ and cube units, never had a success at OpenBSD. There was a very old may be something going on for the RaQ 2+ , many years ago, but the RaQ3 and up including the 550 run i386 oppose to the previous version that run MIPS and to my knowledge and in the archive there isn't any success for OpenBSD on them. I wish someone would prove me wrong, but as far as I know there isn't been any success on it. Not much interest in it I guess, plus I am not sure anyone have any time for it either. You can run NetBSD on them and it's pretty stable and good if you want to go that way and the RaQ 550 is dirt cheap on EBay too. You can have one for $20 or less including shipping to your house, in the US anyway. What I do like for small server that are the same size is the Sun X1 if you can get them with good memory as if you need to add them later, it's not worth it really. I mean price wise anyway, but sure run well, nice and for a long time and just pretty lower in power too. Less the 10 watts if you do it right. A bit noise with the default fan however. But I wonder these days if you are not better just to built your own with the new very small board available and price wise they have been going down a lots in the last few years too and cpu power and all really do not compare anymore. Good luck.
Re: anyone, low power rack-mount server for home usage?
supermicro has atom-based systems. i have such a board an am happy with it. Henning, how's the remote console redirection on that box? Any feedback may be? Just looking for minimum like the LOM on the old SUN V100 and the like. Don't need CD remote mount and all that. SSH over Ethernet would be nice, but I can deal without it. Sad that none of these board actually have a decent remote console without the need for additional board when it's possible. That's really all that I am really missing the most in the various new boxes these days. Just can't get one small with decent remote console access. Thanks for any feedback if you have time and ever tried it. Best, Daniel
Re: anyone, low power rack-mount server for home usage?
Henning Brauer wrote: * Daniel Ouellet dan...@presscom.net [2009-11-09 00:57]: supermicro has atom-based systems. i have such a board an am happy with it. Henning, how's the remote console redirection on that box? Any feedback may be? same as on the real supermicros: works like a charm. Many thanks for the feedback. Much appreciated! I guess I will need to try one next then. Good to know. Best as always, Daniel
Re: Can't get carp to fail over all interfaces with pfsync
FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $ cat /etc/hostname.carp1 inet 192.168.110.254 255.255.255.224 192.168.110.255 vhid 1 advskew 0 pass password $ cat /etc/hostname.pfsync0 Shouldn't you run different vhid ID of carp on different carp instance. Here you have Carp0 and carp 1 both running with vhid 1, so how will the system see them as different one?
Re: aac raid status
Punchline: I had a chat with one of the top techs at this mail system provider, and told him about the OpenBSD experience with Adaptec. He told me they have come to the same conclusion and that their next generation product would have a much better (by OpenBSD standards) manufacturer for the RAID systems... More of a punch line would be if they actually see the light for real as well and use OpenBSD instead with softraid and all. Wouldn't that be the killer. They already know about BSD, so using OpenBSD shouldn't really be such a problem but going from BSD to Linux for mail system? OK, I am not a big fan of Linux, I must confess, but using something rock solid and on email, I know of none that come close to OpenBSD for stability , security and all. That would make their stuff install and forget for ever! Call that good marketing, that's what company wants, install and forget. But sure good writing as usual and I hope they listen to you too Nick. They couldn't have someone more convincing to listen too! Best of luck. Daniel
Re: Truncation Data Loss
Bryan Irvine wrote: I lost a picture of Bob Becks ass this same exact way. Very popular piece of art! And a collectors item these days, specially in Germany looks like! (; Might be the next hot item on some stickers coming your way next release! (; Probably would however need a disclaimer as a requirements of being 18 to open the new packages.
Re: parfait
Theo de Raadt wrote: This is the second time they have sent us a log. For me, it is a game to see how quickly we can go through the entire dump of errors they give us, fixing all of them. Almost done. Very nice for you to play the game Theo! And I for one, wants to thank you and all the other developers very much to always make it better each day and every day! Thanks are sadly pretty rare on misc@ oppose to cry and demands, or real thanks at the: http://openbsd.org/orders.html Just wanted to take the time to acknowledge your constants effort! Best, Daniel
Sun X4100 M2 with amd64.mp kernel reboot constantly
This is an old issue and not new, but I tried the latest snapshot in case the situation have changed to no avail. I git a little bit more details however after letting it reboot constantly may be 40 times or so. Then it jam and was able to get a screen shut of the remote console before forcing it to reboot and here is what i got. Hopefully it will be more useful and yes I can't do ps, or ddb as it is totally jam, or simply reboot constantly, always at the same place. See the console output, screen shut if you want to see it here and the dmesg below as well from the amd64 single kernel bot as I can't get it with the mp kernel. I wish I could provide more, but I can't. No console, no ps, no ddb, nothing is possible pass this point here. I only was able to get this much twice be letting it reboot constantly for about 45 minutes before it jam again at the same stage so that I can get a screen shut of it to type it below. The real screen shut is also available here http://openbsdsupport.org/images/sun4100.png if you want to see it, but that's the same as I type below as I copy it from the screen shut I was able to capture in the process when it actually didn't reboot constantly, but jam for good. No issue with the i386 kernel, or the i386.mp, nor with the amd64, only the amd64.mp kernel does this problem and is reproduceable at will. Not sure what else I could provide to help isolate this, but if anything, I would be more then happy to do so. Best, Daniel == Console output in free mode retype as seen on the console when crash and frozen and need to be unfrozen by doing a hard reset. .. Automatic boot in progress: starting file system checks. /dev/rsd0a: file system is clean; not checking kernel:uvm_f kernel: kernel: protection fault trap, code=0 Stopped at Xintr_legacy7+0x24d:iret ddb{2} kernel: privileged instruction fault trap, code=0 Faulted in DDB; continuing... === dmesg OpenBSD 4.6-current (GENERIC) #6: Fri Dec 4 22:47:14 MST 2009 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 3756982272 (3582MB) avail mem = 3650658304 (3481MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfbd50 (70 entries) bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 bios0: Sun Microsystems Sun Fire X4100 M2 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR SLIT OEMB HPET IPET SRAT SSDT acpi0: wakeup devices PS2K(S1) PS2M(S1) USB0(S4) USB1(S4) MAC_(S5) P0P1(S4) P0P2(S4) P0P3(S4) P0P4(S4) P0P5(S4) IO4B(S4) BR5B(S4) BR5C(S4) BR5D(S4) BR5E(S4) IOB2(S4) BR2B(S4) BR2C(S4) BR2D(S4) BR2E(S4) PWRB(S1) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2216, 2393.93 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 15 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0: apid 16 pa 0xfeafd000, version 11, 7 pins ioapic1: misconfigured as apic 0, can't remap to apid 16 ioapic2 at mainbus0: apid 17 pa 0xfeafc000, version 11, 7 pins ioapic2: misconfigured as apic 1, can't remap to apid 17 ioapic3 at mainbus0: apid 14 pa 0xfeaff000, version 11, 24 pins acpihpet0 at acpi0: 2500 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 4 (P0P4) acpiprt3 at acpi0: bus 5 (P0P5) acpiprt4 at acpi0: bus 128 (PCIB) acpiprt5 at acpi0: bus 133 (POGA) acpiprt6 at acpi0: bus 134 (POGB) acpiprt7 at acpi0: bus 131 (BR5D) acpiprt8 at acpi0: bus 132 (BR5E) acpicpu0 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: PowerNow! K8 2393 MHz: speeds: 2400 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0 NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3 nviic0 at pci0 dev 1 function 1 NVIDIA nForce4 SMBus rev 0xa2 iic0 at nviic0 spdmem0 at iic0 addr 0x52: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem1 at iic0 addr 0x53: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 iic1 at nviic0 iic1: addr 0x18 00=01 01=01 02=00 03=00 words 00=0101 01=0101 02= 03= 04= 05= 06= 07= iic1: addr 0x19 00=01 01=00 02=00 03=01 words 00=0101 01= 02= 03=0101 04= 05= 06= 07= iic1: addr 0x1a 02=00 03=00 words 00= 01= 02= 03= 04= 05= 06= 07=
Re: Sun X4100 M2 with amd64.mp kernel reboot constantly
Marco Peereboom wrote: I did test i386 on it and that seemed to work ok but I did not run it for more than a few builds. amd64 UP seems fine too. For the i386.mp or single kernel, it does run fine. I run it for two years so far no problem. The i386.mp needed to be rebooted twice with 4.6 on it in the few months. I put the 4.6 on July 4 on it when it was tag as 4.6 and run ever sense no problem other then 2 reboot, but doesn't look to be related to the same issue. Before that, it ran well and I have them for 3= years by now no problem what so ever. I ran amd64 as well well, only the mp give problem in the last 3 years. Just can't get a ddb output to get more details. These machines are of questionable quality. Theo has one that will crash just sitting at the boot prompt. With the amd64.mp, yes it will crash at the boot prompt, it simply need to access the drive a little and will go south, but does run well for years on if the kernel is not installed. I used them on pretty heavy database for years on well as long as I agree to either use amg64 and let go of the extra core on both cpu's or run the i386 and I am fine. Only one time so far did I get a bit more output on the console, but I can't say what it was and couldn't get a screen shut at the time. I can only recall something in regards to initializing the second cpu or something in these lines, but it shouldn't be consider as valid feedback as I sadly simply can't recall the output well to be of any value. I only kind of recall that, but take it as such, not more weight should be given to that part. The only way I can get more output on the console is if I let it reboot constantly and watch it, sometime it will crash and giv more details on the console and freeze there, and some time it will freeze for may be 5 or 10 minutes and reboot then. So, if I see it, I can grab it, but most of the time it just reboot all the time as soon as it gets to the line with /dev/rsd0a: file system is clean; not checking but 1 out of may be 40 times, +- 10 I guess it will crash a bit later and give more on the console and if you are lucky, you will get more output. However in all cases, it's not possible to get ddb, or trace or anything out of the console what so ever. I tried many times without success yet. Put different bios, different ilom, with raid or not, etc. All the same results. Not much help I know, but that's all I have got so far. May be a one second wait at each step pass that may give more, but that's just a stupid idea I guess.
Re: SMP
I don't, and many times we don't have the luxury of having such examples or data. I'm in a different kind of real-world situation: I'm setting up a database server on a 4-core machine that is going to carry a heavy load -- it's performance will be critical to the success of the project -- and I need to choose the OS that gives me the best chance of meeting my performance and stability requirements. Since the database will be large, I'd really like to get this right the first time and don't have the time to do experiments/benchmarking to guide me. That's why I'm asking questions, hopefully to improve the probability of getting this right. Hi, I am not sure what database you will use, either ProgreSQL or MySQL. or something different. You do not specify if your database applications will do heavy updates, or heavy read, two different approaches to the problem and can be solved differently as well. You do not say either what you defined as heavy either. I have been using database on OpenBSD for 11 years now and yes I do heavy access as well as updates on it without issue. You can even find trace of this in archives for years back and many suggestions to improve the setup witch is overlook most of the time by to many. Both database operations are different, one can benefit from threads more, the other operate better without. Not really a multiple cores issues here. And yes heavy load in my book is not define only as a small 100K query per hours either, nor one million would be consider to heavy either. So, what's heavy for you may be just simple routine for others and no, I do not miss the fine lock either yet anyway. Would be nice, but really, I haven't run into it's need for me anyway yet. Now if you have to do this project and want it right and aid you don't have the time to do it right, or experiment to make it right, I would really questions your reason here. Do you expect others to do the work for you? No offense intended, but if you want it right, wouldn't you think at a minimum you need to take the time to make it right and test it. If this is how you do things really, as a side note, I sure wouldn't want you to work for me for sure. How could I trust you to do it right if you don't even want to test it and spec what you need to start with? Again, I don't mean to offend you, so if that does it, I am sorry for that, but I put it for your thoughts process and suggest to do your homework, not be a manager type form the start and try to find someone else to blame before you get started on your project in case it goes wrong and then jump to take all the credit if it does right oppose to give it to the one that would tell you all how to do it. Make sense no? Any just to make sure you understand it. You come and asked this, then justify it by saying its heavy and need fine lock, but still you do not put forward anything for anyone to tell you if yes or no it make sense for the load you expect, or that database of choice you want to use, but just to try to push your point forward and see if anyone would bite and do the work for you. There is a lots of heavy users of database on this list and none complains not having fine lock. In some extreme cases, yes it may be helpful, but again replications for example for pretty darn heavy query is very simple to do and I can tell you that you would be hard press to run out of capacity. All depend on what you define as heavy and what you do. Hope this provide you some food for thoughts. Best, Daniel
Used of dd for mirroring of quick disk replacement across servers, and second question for bigger drives?
Hi, I am pretty sure this is not possible at all, but again, may be something else is available that I haven't found/think yet. Two questions I have. 1. use of dd across servers. 2. use dd or the like to increase disk size with same content in the end. == 1. I am trying to see if I can mirror raw disks across servers just like I would do on the same server. dd if=/dev/rsd0c of=/dev/rwd1c bs=1m Not the end of the world, but if possible it would be great. I have situations where this would be very useful as I always have servers ready with nothing on them to take over if needed and if I get signed of possible failure of drives and all, be able to do this would be very nice oppose to drive and physically do it on the same server. More of a convenience then a must have, but I can't come up with an idea to do so. Any way to do this anyone knows of? 2. The second question again relate to this is I also have the needs to replace with bigger drives now and this is on Solaris with plenty of hard and symbolic links and on system that include installations of software at the company that run proprietary software and really do not provide details sadly. So far I always take care of drives that may be flaky by simply booting an OpenBSD live CD and use DD to mirror the SCSI drive in it, remove the old, put the new one in and be done with it. I do that to keep drive in best shape and be sure it doesn't crash on me. Or provide me better chance not to anyway. But now, I would really need to use bigger drives and dd is great fro identical drives, however doesn't really do a good job for different size obviously. Anyone have a suggestion that may be as simple as the above describe one that works. I always loved the dd way with drives in the same server. - Shutdown server. - Add new SCSI drive in the box. - Boot OpenBSD live CD - use dd to mirror drive as is, no need to know anything about it. - Wait patently until it's done. - Remove old drive. - Put new drive in place. - Reboot and all is back to work. Then I can do this in two more years and sleep well in between time knowing that chances the SCSI drive failed on me is much more remote, still there, but less likely. However, now this process do not really work obviously with different size hard drives... (; I can't come up with an alternative solution as simple as this one. Any clue as to may be something that might work and somewhat guaranty to have identical ending working setup, but on a bigger drive? Many thanks for any possible suggestion that may address these questions with simple alike solutions.
Re: SMP
On 12/11/09 12:51 PM, Donald Allen wrote: Thanks to everyone who took the time to weigh in on this. Perhaps most useful to me are the comments of those who have used OpenBSD for heavy database work (I intend to use Postgresql) and have gotten satisfactory results. Then using PostgreSQL should really work well for you then and you wouldn't really need or benefit much from multicore kernel with the giant lock removed as PostgreSQL is not and do not use threads anyway by design oppose to MySQL that does. So, that choice of database eliminate your biggest concern form the start. Enjoy your retirement and try to still have fun. Best, Daniel
Re: OT: Have you hugged your local OpenBSD dev lately?
On 12/14/09 11:43 AM, Bob Beck wrote: From past experience, I would expect much waving of hands over a two weeks periods, with lots of expert telling you It's a complicated problem, running around in circle finding even MORE complicated problems to solve, and then things going back to its general state of apathy with respect to security issues. I don't believe it's apathy, as much as a realization that in general, the focus of the developers will always be on speed and eye candy to the expense of all else, including stability and security. As such we concentrate on looking at things that can mitigate somewhat, at least in the saner cases, such as when it is not an accellerated driver with full access to the machine. Then we at least have some more secure by default options. The fact is though, Monsterously accellerated X with full access to the machine hardware bypasseses much of the security protection openbsd provides. Do some people want/need it? sure. but they sould do so understanding that they are incurring a greater risk by using it. in this manner. Well, Bob, this is much like the new study that just came out for kids, here replace kids by your favorite X users and X developers that wants these goodies. The conclusion is pretty much the same and can read like: The Journal Of Child Psychology And Psychiatry has concluded that an estimated 98 percent of children under the age of 10 are remorseless sociopaths with little regard for anything other than their own egocentric interests and pleasures. http://www.theonion.com/content/news/new_study_reveals_most_children I just don't think in this case here that it is limited to Children only. (; Peace, Daniel
How often packages are recompile when lib changes
Hi, Just a quick question to know how often the current packages are recompile when there is a lib increase or if they are not unless the packages itself get an update too. Just wonder as I install current December 4, and install current package as well if MySQL no problem. I tried yesterday and now MySQL packages complain of lib not found and needs the previous version as the one install in the current system. Not a big deal, just a simple question to know if the packages are recompile based on lib changes or only on packages changes itself only. Not a big deal as I manage anyway, just wonder for my knowledge as I never really came across that yet so far and just wonder. Other then that, best wish to all for the holidays! Daniel
Re: How often packages are recompile when lib changes
Chris Bennett wrote: Daniel Ouellet wrote: Hi, Just a quick question to know how often the current packages are recompile when there is a lib increase or if they are not unless the packages itself get an update too. Just wonder as I install current December 4, and install current package as well if MySQL no problem. I tried yesterday and now MySQL packages complain of lib not found and needs the previous version as the one install in the current system. Not a big deal, just a simple question to know if the packages are recompile based on lib changes or only on packages changes itself only. Not a big deal as I manage anyway, just wonder for my knowledge as I never really came across that yet so far and just wonder. Other then that, best wish to all for the holidays! Daniel Packages that use a lib that changes need to reinstall to use the new correct lib. Even if the package itself has no changes at all. Both snapshots install on new system. Are you using the correct package source? Are you using pkg_add -ui -F update F updatedepends ? Not an upgrade, but fresh install on new system with snapshots, not packages source as there isn't a need for that, snapshots packages are available as well. I just wonder how often they are recompile if they are at time other then when the package itself is updated due to lib changes may be or anything like that. If you are using -current, then you can no longer use the -current package source until you update to latest -current. If you use -current, you need to stay put or upgrade everything together Thanks for the feedback, but yes I know about using current and snapshots. I did this on a brand new setup using snapshot for sparc64 and yes I was using the snapshots as well for packages too. Install from ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/sparc64/ and packages from the same: $ export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/`machine -a`/ and doing pkg_add mysql-server, will not install mysql server or client, but only the perl dependency and not the packages for mysql 5.1.41 and will give error for libc.so.53.0, major error even if it is present and will want to have libc.so.52.0 that is not present and is not on the install I did December 4 either for amd64.
Re: How often packages are recompile when lib changes
Just for the records, this libc was bump up at the H2K9, witch is totally fine for sure and I have no issue or complains about it. Log entry is clear about it Bump the libc major for the post-h2k9 string of ABI changes and additions (rthreads, MB_LEN_MAX, rdomains) and is also available here: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/shlib_version.diff?r1=1.119;r2=1.120;f=h I am only wonder if when this happened if the various packages that depend on them for example are redone. I know there was cut back in the pass as well for lack of men power for this. Again not a complain what so ever. I just wanted to know if the built system actually redo them when this happened or not and only packages are rebuilt only when they are change themselves. Sorry for the noise, just wanted to know for my own knowledge and I am fine redoing it from port, but I prefer use packages when available, thats' all. Obviously the package now wants to use libc.so.52.0 witch is not present in a fresh new snapshots install as only the libc.so.53.0 is now, but would be present on an upgrade snapshots. I sure can copy over the libc.so.52.0 and be done with it. My question was only in regards to packages rebuilt when this situation happened nothing more nothing less. Sorry for the noise. Best, Daniel
Re: Disk errors
I can get a large SATA disk pretty cheap, but this board doesn't accept SATA. Anyone have any thoughts on whether I should just pay more for a smaller PATA or get the SATA. If I get the SATA, I will need to buy either a SATA pci card or get a SATA to IDE adapter. Are there any problems I should expect with these two choices for SATA? Well, I just finish one more replacement of SATA drive today. The forth time, yes you read it, 4 times so far in 2 years. Yes it is on a busy database, but never the less, I thought that SATA wasn't so bad! Even IDE drives were better then that. I reach the conclusion and will start this process to trash, yes trash any thing I use that happened to use SATA. I guess newer doesn't mean better and that cheap may be good for really cheap stuff as long as you really don't care about the data or the time wasted rebuilding this stuff. Call me stupid, but I miss the OLD SCSI. At a minimum, they were fast, reliable, yes when they blow up they could just jam hard real fast, but in most cases, you got sign of them falling before they did. This SATA crap is really the worst drives I have seen in a long time. Of all 4, they were Western Digital, Seagate and Fujitsu. I guess the only choices now is to use SAS and that's about it as all others are going out of the market, or use solid state drives, witch are still pretty expensive when the size go high. So, do as you wish, but if you asked me, put a bit more money in it and get better drives then SATA one. Every one have their opinion, but if the drives are real busy, I don't think many would recommend to use SATA unless you use softraid and all, but even then, I guess they might suggest to still use something better. I know I am done with SATA drives experience have proven it just way to clearly to me! Best, Daniel
Is SOL redirection on OpenBSD IPMI kernel enable is possible with Winbond WPCM450 BMC?
Hi, I have been digging a lots of reading in the last few days and I start to wonder if I am not running in a dead end. I am testing the remote management capability. I got nice serial console access working very well based on the FAQ 7.6. I also got the IMPI enable in kernel and get plenty of sensors reading. I continue to play with the IPMI/BMC and got the packages impitool for my OpenBSD box and configure the access and all to that test box good. I can even have a nice shell to the IMPI over TCP on that box too. I can do changes for the TCP, do power cycle, reboot, monitoring, etc. Bunch of fun stuff. Get all the sensors over tcp good, or better yet on the local shell as well via the ipmitool package. I try to read the IPMI 2.0 and 1.5 specs from Intel here: http://www.intel.com/design/servers/ipmi/spec.htm Pretty long stuff I must admit. Didn't read all for sure. Various other documents there and look like SOL, ISOL, TSOL are all available on the shell to as well as over LAN, but pass that I hit a wall. I know it does work for the box I am testing with as I get that remote console via their web access with java and all like Sun if you are familiar with that. It's cool, but I really like the CLI instead of the blotted java stuff. What I am trying to do is to see if I can actually get console redirection, or serial redirection to that IPMI shell or not, or better yet to a remote connection, but I start to think that it may not be possible without a FULL iLOM like processor optional board may be? But with a local shell already and all, I would think it may be possible to do specially that the web interface to the IMPI/BCM allow all that I would need to do and more. Reading all the specs and what ever I could put my hands on via google, I thought that it would be possible. But I am so close I can have the shell in impi using the impitool and issue the SOL activate command and looks like it may go do something, but then I just can't pass that. I don't know what else I could read to get that going and start to think that may be it can't be done, or I haven't found the right info yet. Anyone have a clue stick may be, or simply a NO answer so that I would stop pulling what ever hair I still have left? Obviously I can't say how to connect the OpenBSD console to IPMI, like I can do the serial to the COM1 via the stty and tty, etc. Based on the specs of IPMI I would think it should be possible. But is it? I would very much appreciate a pointer, may be a URL to some other good docs that I may have not find yet, or even a simple no, that's not possible to do at all with may be some meat details as to why so that I understand would be great! I just fell there is a very stupid thing I am not doing right, but I can't find it! The specs of the box say clearly that KVM-over-LAN is supported, virtual media over LAN, witch I really don't care for, but may be nice to play with. If I ever need that, then may be at that time I would use the java stuff, but for most of the time, why go that far. dmesg below if that's of any value. The box is this one if that needed too. http://www.supermicro.com/products/system/1U/5015/SYS-5015A-PHF.cfm Thanks for your time. Best, Daniel = OpenBSD 4.7 (GENERIC.MP) #130: Wed Mar 17 20:48:50 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3219652608 (3070MB) avail mem = 3126497280 (2981MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0x9ac00 (19 entries) bios0: vendor American Megatrends Inc. version 1.0b date 01/19/2010 bios0: Supermicro X7SPA-HF acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC MCFG SLIC OEMB HPET EINJ BERT ERST HEST acpi0: wakeup devices P0P1(S4) PS2K(S4) PS2M(S4) USB0(S4) USB1(S4) USB2(S4) USB5(S4) EUSB(S4) USB3(S4) USB4(S4) USB6(S4) USBE(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) GBE_(S4) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.89 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG cpu0: 512KB 64b/line 8-way L2 cache cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.67 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CX16,xTPR,NXE,LONG cpu1: 512KB 64b/line 8-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Atom(TM) CPU D510 @ 1.66GHz, 1666.67 MHz cpu2:
Re: Trying to boot OpenBSD on Juniper Networks J2320.
Well, This is a purely selfish comment for sure. But I must say that if OpenBSD could one day run on real router hardware and support theses various interface, that would be a dream come true for me for sure. Not that OpenBSD can't do a lots already, it sure can, but still there in many places where I just can't use it and having a pure open source router where any bugs can be fix, etc and not be stuck with the endless (useless in many case) smartnet or Juno OS would sure be a plus. I must say that I am very interested by this and it did trigger my curiosity for sure. The issue still the same however with all these Cisco hardware, may not be the same for Juniper, the processor and memory is ALWAYS under power and scarce in size. There is a lots to be said about using off the self hardware for router, but also, if the processor was any decent, running OpenBSD on a lower grade 26xx Cisco route would be absolutely great! Then running OpenBSD on any decent Juniper hardware would be a real gift! On 4/13/10 1:10 PM, Jason George wrote: Top-posting because I am lazy... Since those Junipers are pseudo-chassis-based with pluggable cards, I think you are dying on how the backplane is laid out and detected by OpenBSD. In the interim, please make sure that dms@ sees the dmesg, principally for the em(4) interface. For what it's worth, I have run OpenBSD successfully on a Cisco 4240 IDS/IPS device, --J Hello m...@. Subj: Trying to boot from Secondary Compact Flash ... Using drive 0, partition 3. Loading... probing: pc0 com0 com1 apm pci mem[635K 1022M a20=on] 7156348+1055080 [52+363840+348188]=0x882ae8 OpenBSD/i386 BOOT 3.02 entry point at 0x200120 com0: 9600 baud [ using 712452 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2010 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.7-current (GENERIC) #603: Mon Apr 12 16:28:26 MDT 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Celeron(R) CPU 2.00GHz (GenuineIntel 686-class) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36, CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR real mem = 1073115136 (1023MB) avail mem = 1029746688 (982MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 06/20/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfbbf0 (71 entries) bios0: vendor American Megatrends Inc. version 080012 date 06/20/2007 bios0: JUNIPER NETWORKS SHASTA_MBD_865 acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC OEMB8b800) at pcib_callback+0x48 acpi0: wakeup devices P0P4(S4) MC97(S4) USB1(S4) USB2(S4) USB3(S4) USB4(S4) EUSB(S4) GBEN(S4) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat0) at config_attach+0x105 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 100MHzay+0x3a ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0)678,d0203001) at isapnp_find+0x99 acpiprt1 at acpi0: bus 1 (P0P4)d0a84770,d08a8fdc) at isapnp_match+0x83 acpicpu0 at acpi0d1cc1900,4,1) at isascan+0xf9 acpibtn0 at acpi0: SLPBcc1b00,d0a84db0,d1ca4080,d1ca9000) at config_scan+0xaf acpibtn1 at acpi0: PWRBd08a8280,d0a84db0,d061f134,d07d5557) at config_attach+0x pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82865G Host rev 0x0248 Intel 82865G Video rev 0x02 at pci0 dev 2 function 0 not configuredonfig_proc ppb0 at pci0 dev 3 function 0 Intel 82865G CSA rev 0x02 pci1 at ppb0 bus 2afc0,d08a6738,d0a84e70,d0502450) at config_attach+0x105 em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547GI) rev 0x00: apic 1 int 18 (irq 5) em0: The EEPROM Checksum Is Not Valid(0,d08a6714,0,0,0) at config_attach+0xfd em0: Unable to initialize the hardware04d01ba) at config_rootfound+0x27 uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: apic 1 int 16 (irq 5) uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: apic 1 int 19 (irq 5) uhci2 at pci0 dev 29 function 2 Intel 82801EB/ER USB rev 0x02: apic 1 int 18 (irq 5) uhci3 at pci0 dev 29 function 3 Intel 82801EB/ER USB rev 0x02: apic 1 int 16 (irq 5) ppb1 at pci0 dev 30 function 0 Intel 82801BA Hub-to-PCI rev 0xc2 pci2 at ppb1 bus 1 fxp0 at pci2 dev 8 function 0 Intel PRO/100 VE rev 0x02, i82562: apic 1 int 20 (irq 5), address ff:ff:ff:ff:ff:ff inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0 Cavium NITROX Lite rev 0x00 at pci2 dev 15 function 0 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801EB/ER LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility pciide0: channel 0 disabled (no drives) wd0 at pciide0 channel 1 drive 0: wd0: 1-sector PIO, LBA, 967MB, 1980720 sectors wd0(pciide0:1:0): using PIO mode 4, DMA mode 2
Re: Source Overview
Please read as this is your challenge back should you actually step up to it with the usual line shut up and hack type of answer. This tread now spread on tech@ too and include may be 3 or 4 treads all referring to todo lists, janitor and all. I don't find it interesting anymore and plenty of answers were provided, but again nothing is done about it so in the same spirit of the well knows shut up and hack, I decided to show again how useless this might be and I would be more then happy to be proven wrong big time. I will even pay the beer if I am proven wrong for good. Now to close this for good and to show as many time in the pass that it will not go anyway, I setup yet one more users maintain lists here: http://todo.openbsdsupport.org/ or here if you prefer: http://openbsdsupport.org/todo/ same place anyway, but the URL is obvious I guess in the first one. There is nothing there and I challenge anyone that complain in the last week or so about not having a list and that it would be useful and allow great things to happened to do it. I WILL PROVIDE AN ACCOUNT to anyone that is actualy serious in doing this list and that will take it on. Collect all the variosu todo lists, make it clean and real here, not with funny pictures, design, and all. Just the list. It could be even as simple as a simple list of URL to places that have todo already. I don't think it will go anyway, but in the same spirit of showing the true color of winners, I raise yet again this variation on the same idea and same challenge as before. I have that domain as far back as 2004 following yet an other endless discussion about documentations/howto and all. Yes, I got minimal amount of contributions to it after all was setup but the wining stop. Just no progress however. I do have very minimal contribution in my inbox that I haven't been able to update yet as for lack of time on my part, but at the same time I sure do not get a regular flow of updates either in the 6+ years it exists. I know it will not go anywhere, but that's not the developers jog to make these lists that no one look at anyway, but many have done so. Also, I want to make it VERY CLEAR that this have nothing to do with the project what so ever. It's not endorse or supported by the project what so ever and it not associated with it in any shape or form. If you have a problem with that, take it with me, not the project. Theo knows about it, he told me log ago that was a waste of time and useless things to do and he was 100% right! But it still exists to stop the wining if nothing else as looks like we have more noise on the list always as time pass. So, may be if the only contribution this does is to reduce it, then so be it and just that is worth my time. Now, take the challenge on and show that everyone was wrong by doing your part. Contact me off list if you are serious and will do the list and i will give you access as long as you are not abusing of it. Hopefully this will close the subject and if anything good come out of it then great. Let see where it goes from here. The ball is in your camp now. You want a list, then make it so. Best, Daniel
Re: Source Overview
I simply requested the account on that persons system because I offered to help maintain the task list. I've not been contacted so I assume they're not interested. You are not the only one with limited time. Sorry for the late reply, but also I wanted to provide details as to why. Your text was: If you provide me an account and if everyone is OK sending me minimally formatted TODO lists I will gladly be the point of contact and maintain that list. What qualifies as minimally formatted? 1) Each item on a separate line prepended with a *. 2) (OPTIONAL) If you want, order them by importance. I will attempt to clean-up grammar and spelling. The short of it is that in it if you look at it. It add more work to the developers by asking them to send in stuff. They already have it done for some. So, why duplicate the list. It will just get out of sync and obsolete very soon. Plus they have a list, so I think the most logical and efficient way to do it would be just like this: 1. Name 2. Very short blurb for area the todo cover 3. URL to the developers list. And that's it. Nothing more is needed. Frankly if a developer spend time making a todo list and publish it, then it must be some what maintain when ever they have time. Asking to add more management to track it and maintain yet an additional list is wrong in my book. Plus I am still not convince it's helpful, but never the less I would sure be welcome to be proven wrong. The only think that this gives me as an idea that may have some merit is that a list of user group might be good to have and I can add that to the site. But again, that should be as minimal as possible. City, state or province, country, language and URL to the site for the group. If no URL, then some details could be added and that may actually get some usage may be. But keeping the time needed to maintain anything like this is a plus and not required any more from the developers have to be the goal. But again, I am not sure it's even good, but like I said, I am not oppose to. Like everyone else I have very little time and I didn't reply before, nor this morning to your email at 5:32AM when I saw it at 7:30 AM EST as I just finish an other project and I do need to get some sleep sometime as little as it might be and I have some kind of a life too and kids to take care of as well. So, sorry for the delay. Like I said, I am not doing a perfect job and I will admit that, but I try. Better then most anyway that asked and do nothing. I will continue off list for the rest as there is no point on doing it here. I already saved the email from Alexandre Ratchov for his list that he sent to m...@. Just didn't have time to post it yet, but it will. Now I need to go feed the kids, so more delay on my part. Best, Daniel
Re: newbie help with PF. block all, then allowing port 22 doesnt work.
## Traffic IN pass in log quick on $t_externa inet proto { tcp, udp } from any to ($t_externa) \ port { 22 8080 } keep state In your pf configuration it doesn't show where you actually define the macro for your interface $t_externa. Are you sure the rules you run are what you think they are. Did it load properly and may be you want to check the rules as active with pfctl -sr And check that display. I think you may find what you are looking for. Compare your pf.conf with what you actually see in pfctl -sr and you will work your issue out. Best, Daniel
Re: Source Overview
On 4/22/10 2:05 AM, Pete Vickers wrote: In keeping with your 'lets get something up on there to point the whiners at', how about adding this: * Add support for RFC5837 to OpenBSD's IP stack. This could be suitable task since it presumably has 'cool factor' is an easily definable task, and is not trivial to write. /Pete Hi Pete, With all due respect. May be I didn't read the list right, but I didn't see your name here: http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/geo/openbsd-developers/files/OpenBSD?rev=1.53;content-type=text%2Fplain Meaning you are not a developers. May be I am wrong. That list is for what the developers fell they have on their todo list, not a list of users request. So, that may be they can get help, not for them to take requests! If you want it, may be you could start it right? I sure have no intention of starting a list of users requests at all. Sorry not my intentions what so ever. I fell grateful to even get what they gracefully share with me and that's a gift in itself. For what was/is important to me, I pay them to do it, if they are interested in what I may need, or try to do it myself when time allow me to do so. Best regards, Daniel
Re: Source Overview
Neither are you, so why does that matter? Never said on imply I was. If you got a different feeling, my deepest apology to you Claudio! Best, Daniel
Re: Source Overview
On 4/21/10 8:47 PM, Adam M. Dutko wrote: You are not the only one with limited time. Sorry for the late reply, but also I wanted to provide details as to why. I realize. Hi Adam, Sorry for the delay here. Just very limited time on my side. Anyway, here is the credential to access the todo page on the site if you still want to do it. I can put an ssh key if you like and that would be faster and easier for you. Anyway have fun: user: amdutko password: Q2n9lPK Then when you login, in your home directory, you will see a softlink that bring up directly into the todo directory of the openbsdsupport.org site. For now, you can only change things in that directory only, but you can add, etc in there. Thanks for your help on this. Best, Daniel
Re: Source Overview
Sorry for the delay here. Just very limited time on my side. Obviously this was a mistake on my part and shoud;n't have been sent to misc@ The account is deleted now. Don't even try. Lack of sleep does crazy thing at time! (; No need to say how stupid that was of me!
Re: Source Overview
On 4/25/10 6:24 PM, Daniel Ouellet wrote: Sorry for the delay here. Just very limited time on my side. Obviously this was a mistake on my part and shoud;n't have been sent to misc@ The account is deleted now. Don't even try. Really, no point in trying to access it. User near Stuttgart, Baden-W|rttemberg located in Germany are pretty quick here I must say. It was a stupid mistake on my part corrected right away before the follow up and I was just to quick on the reply list button oppose to reply button. I saw it as I sent it, but couldn't stop it then. I deleted the account right away and it's gone. Really no need to even try, or you will just block yourself. Just wonder what you wanted to do? No really, no need to answer that really! Apr 25 18:35:42 www1 sshd[30701]: Invalid user amdutko from xx.xxx.81.65 Apr 25 18:35:42 www1 sshd[16332]: input_userauth_request: invalid user amdutko Apr 25 18:35:42 www1 sshd[30701]: Failed none for invalid user amdutko from xx.xxx.81.65 port 26380 ssh2 Apr 25 18:35:48 www1 sshd[30701]: Failed password for invalid user amdutko from xx.xxx.81.65 port 26380 ssh2 Apr 25 18:35:56 www1 sshd[16332]: Connection closed by xx.xxx.81.65
Regular OpenBSD users group meeting location anyone?
Hi, This is the only mailing I will do on this subject, but if you do have a OpenBSD specific users group meeting anywhere in the world, could/would you send me a very quick short details about it? Nothing more then city state or province country usual meeting date URL if any and if not, fell free to send a short blurb about it's locations and all so that users many find it. Or even just the URL of a site for it is fine. Send it off list to me if preferable as to not pollute this list here, or to the list if that's any good. Use your best judgment on this. May be nice to collect this information and make it available so that users may find locations where they might go to share knowedge and interests on their favorite OS. Sorry, I am not interested in Linux and the like. No offense intended. OpenBSD only please. It will be here: http://openbsdsupport.org/ugs/ Adam Dutko offer to help me collect the details and hopefully make something good out of it. If not, then sorry for the noise and just ignore me. Thanks Daniel
Re: Regular OpenBSD users group meeting location anyone?
Actually there is a very good list here: http://www.openbsd.org/groups.html Sorry for the noise!
Re: Regular OpenBSD users group meeting location anyone?
Why duplicate the effort? Please just link to http://www.openbsd.org/groups.html and ask people to send updates to us. -Otto You are 100% right. It's just not my day today! I was looking for it and find it a but later then sending my email. Might be a good idea to add the link to it from the front page may be. Just an idea, but fell free to ignore me. I need to go get some sleep and stop making a foll of myself... Daniel
Re: 4.7 CDs arrived in Colorado
On 4/28/10 10:38 AM, Leonardo Rodrigues wrote: Humm... will packages for 4.7 be available now on FTP, since people are already getting their pre-order cd sets? May 19. That's the date of the official release. Same thing at each release cycle.
Re: State of multiprocessing and multithreading in OpenBSD
Someone told me my Atari ST was garbage and their Amiga was better. Hey, I will stay out of the rest, but the Atari wasn't bad, however the Amiga was really great and many years ahead of it's time. (; I had to sale my 2000 and 1000 with all my books, my Astec compiler (Really expensive piece of software!) and plenty of other software including my co processor IBM board with at the time the math co processor as well, just so that I could pay part of my college education and even if it's been so many years, I still miss it! (; Yea, these days. Really an incredible machine! A long way from my first sinclair Z80 with thermal printer and all. Talk about expensive toys! (; Going back under my rock now. (; Daniel
Re: State of multiprocessing and multithreading in OpenBSD
On 5/5/10 10:58 PM, Alvaro Mantilla Gimenez wrote: On Thu, 2010-05-06 at 14:29 +1200, richardtoo...@paradise.net.nz wrote: Quoting Juan Miscarojmisc...@gmail.com: cut Someone told me my Atari ST was garbage and their Amiga was better. Of course Amiga was better!!! :-P Yea men! Amen to that! (:::
Virtual domains/users setup with smtpd.
Hi, I am very much hoping that I could get the input of a kind sole out there, or even to send me a working configuration is find. But I spend the last three days on/off to try to get the virtual alias/domains working on smtpd and I can't get there. I read the man page no less the 20 times, google and all. Eve saw the changes in alias done a few days, ago. 13 now. Even the latest fix here: http://www.mail-archive.com/misc@openbsd.org/msg90204.html Or the few example here: https://calomel.org/opensmtpd.html I try on 4.5, 4.7 and after the fix posted 13 days ago, I did try on current as well. I even empty a bottle of wine tonight to calm me down as I hit the wall a few times and I am getting upset. May be I don't understand the english as it should be, but for me, there is something missing in the man page that I can't break yet. I try no less then may be 100 variation on possible, and very unlikely possibility to get this working, but I cant get there. I set up two servers to test, one with 4.5 one with current and even test on 4.6 a few times. I strip to the minimum, but frankly, I hit the wall. It got to be the most stupid missing details, but please any help would be great. I can't figure it out with the docs I read so far and believe me I read a hell of a lots so far. Below is what I understand, I guess at this time that should work as writing all that I tried would be way to long. What am I missing? Here are the details: Now tested on current on sparc 64. I have multiple domains for testing and ll. All DNS are ok. I see the incoming right. I get constant errors at the receiving end: May 11 21:07:45 spamtrap smtpd[24488]: 1273626465.PixuMJ6IS1qoctUk: from=dan...@presscom.net, relay=smtp1.realconnect.com [66.63.3.242], stat=LocalError (530 5.0.0 Recipient rejected: dan...@opensipd.com) I can deliver local mail to local user on that box. I try to setup virtual users on that box, or virtual users forwarded to remote address as well for testing. That I can't get there. Putting anything in /etc/mail/aliases and doing the newalias will not do it. The simplest configuration as I understand it based on the man page and I even removed any tls stuff as well to keep it simple should be: mail to root@ the hostname will work, no problem. I create the virtual.db file with a single line as follow: # cat virtual dan...@opensipd.com: dan...@presscom.net makemap -t aliases -o /etc/mail/virtual.db /etc/mail/virtual the smtpd.conf have this: listen on lo0 listen on dc0 map aliases { source db /etc/mail/aliases.db } map virtual { source db /etc/mail/virtual.db } accept for all relay accept from all for local deliver to mbox accept for domain opensipd.com alias virtual deliver to mbox But the above isn't right and give configuration errors. Even if the man page suggest it should be possible; for domain domain [alias map] This rule applies to mail destined for the specified domain. This parameter supports the `*' wildcard, so that a single rule for all sub-domains can be used, for example: accept for domain *.example.com deliver to mbox If specified, map is used for looking up alternative destinations for addresses in this domain. May be I don't understand that part properly. Anyway, putting: accept from all for domain opensipd.com alias virtual deliver to mbox give errors as well. accept from all for virtual virtual deliver to mbox give no success either. even f there isn't any error at the start. I still get the : 530 5.0.0 Recipient rejected: dan...@opensipd.com Even trying this for a test; accept from all for virtual virtual relay will not go. Or this; accept from all for domain virtual deliver to mbox no error at startup, but still no go. Anyway, I got a very long list of variation and all kind of trial and nothing works for me so far. Please anyone can tell me what actually works in a step by step as long like what ever I read just do not give me the answer and I am at a lost to get it going. It got to very very stupid and I am sure I will beat myself over the head when it's working, but I can't get it, or understand the man page properly. Some small details is definitely missing for me to get it and may be a very small additional example in the man page might help lost sole like me. Anyone have a small amount of time to graciously offer me to light my candle here? Best, Daniel PS; I didn't put all the variation I tried in the last three days as many were just plan stupid, but I tried anyway just in case. I just can't get there.
Re: Relayd on localhost with multiple SSL Certificates
On 5/11/10 8:05 PM, Keith wrote: Hi. is it possible to get multiple http relayd relays listening on localhost each with a different port # and each with a different ssl certificate ? SSL certificate are host name bound, not port bound isn't it? So, I would say no, but I could be wrong.
Re: Virtual domains/users setup with smtpd.
On 5/12/10 4:21 PM, Gilles Chehade wrote: I have very sporadic access to internet this week, your mail is very hard to read, can you summarize as much as possible and describe your exact issue with output from smtpd -dv, smtpd.conf and making sure you are running the latest smtpd ? Will check back my mails tomorrow evening Hi Gilles, Sorry for the long delay here. Just to mouch things in the works. In Short what I try to do, spearing you all the details is to simply setup a virtual domain with a single user as a test. For the example, I have a server setup and add one domain to it and try to have one user send emails to the server and getting it to a remote address. Something like: dan...@opensipd.com to be relay to dan...@presscom.net Nothing more for now. Also, the setup is used with the latest snapshot to start with, but as it doesn't have all your two latest patch as well in the sparc64 yet, I did the CVS updates too and compile the absolute latest smtpd. I had already got the source as well. # dmesg | grep '(GENERIC)' OpenBSD 4.7-current (GENERIC) #315: Tue Apr 27 03:15:34 MDT 2010 # cd /usr # cvs -qd anon...@anoncvs.ca.openbsd.org:/cvs get -P src/usr.sbin/smtpd # cd src/usr.sbin/smtpd # make clean === makemap snip Lots of output. # make === makemap snip Lots of output. # pkill smtpd # make install === makemap snip Lots of output. # smtpd Now running the latest one. Reading some of your previous answers on misc@, this configuration below have to do it. A side note, I also tried again tonight these two possibility accept for domain opensipd.com deliver to mbox replace with accept for domain opensipd.com alias virtual deliver to mbox just in case. Still no go. And I tried without the as well with both variation above: accept from all for local deliver to mbox Just in case it possibly could cause a problem as well, but no go either. === in /etc/smtpd.conf === listen on lo0 listen on dc0 map aliases { source db /etc/mail/aliases.db } map virtual { source db /etc/mail/virtual.db } accept from all for local deliver to mbox accept for virtual virtual deliver to mbox accept for domain opensipd.com deliver to mbox accept for all relay # cat virtual dan...@opensipd.com: dan...@presscom.net Create the db with. Full path just to be sure it use your version of makemap. /usr/libexec/smtpd/makemap -t aliases -o /etc/mail/virtual.db /etc/mail/virtual Still get the error: 530 5.0.0 Recipient rejected: dan...@opensipd.com Full debug below as well and even disable pf to be 100%: # smtpd -dv startup [debug mode] parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:1::203:baff:fe10:6165 port 25 flags 0x0 cert dc0 smtp_setup_events: listen on 66.63.0.75 port 25 flags 0x0 cert dc0 smtp_setup_events: listen on IPv6:fe80:4::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on IPv6:::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on 127.0.0.1 port 25 flags 0x0 cert lo0 smtp: will accept at most 245 clients smtp_new: incoming client on listener: 0x4beb6800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=402 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: dan...@opensipd.com smtp: got imsg_mfa_mail/rcpt 1273802922.ANMDYzJ7fPexgiyX: from=dan...@realconnect.com, relay=host-2.ouellet.us [66.63.44.67], stat=LocalError (530 5.0.0 Recipient rejected: dan...@opensipd.com) command: QUIT args: (null) session_destroy: killing client: 0x477fc000 ^Csmtp server exiting runner handler exiting queue handler exiting mail transfer agent exiting mail filter exiting mail delivery agent exiting lookup agent exiting control process exiting parent terminating # * I also try to create a user in the /etc/aliases file to see if that works. It do not either. Only works for real users, not aliases to local user. the local server is spamtrp.realconnect.com, so email to r...@spamtrap.realconnect.com will be deliver to root local account. In aliases I also created these two tests account to see: # cat aliases | grep test test: dan...@presscom.net test2: root and run newaliases obviously. Still no go and debug show it as well: # smtpd -dv startup [debug mode] parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:1::203:baff:fe10:6165 port 25 flags 0x0 cert dc0 smtp_setup_events: listen
Re: Virtual domains/users setup with smtpd.
^^^--- unless you mention from all, it will only accept from lo0 accept for domain opensipd.com deliver to mbox ^^^--- same here accept for all relay ^^^--- but don't do it here I had tried that before and no go. The only one that works is to root at the local hostname, or real users, no aliases what so ever being virtual or local one. Like r...@spamtrap.realconnect.com or r...@opensipd.com will do be in the local root mail account and that's the last two you can see in the log below showing it as well. Here are all the details: # hostname spamtrap.realconnect.com # cat /etc/mail/aliases | grep test test: dan...@presscom.net test2: root # newaliases /etc/mail/aliases: 56 aliases # cat /etc/mail/smtpd.conf listen on lo0 listen on dc0 map aliases { source db /etc/mail/aliases.db } map virtual { source db /etc/mail/virtual.db } accept from all for local deliver to mbox accept from all for virtual virtual deliver to mbox accept from all for domain opensipd.com deliver to mbox accept for all relay # cat virtual te...@opensipd.com: dan...@presscom.net te...@opensipd.com: root # /usr/libexec/smtpd/makemap -t aliases -o /etc/mail/virtual.db /etc/mail/virtual # pkill smtpd # smtpd -dv startup [debug mode] parent_send_config: configuring smtp parent_send_config_client_certs: configuring smtp parent_send_config_ruleset: reloading rules and maps smtp_setup_events: listen on IPv6:fe80:1::203:baff:fe10:6165 port 25 flags 0x0 cert dc0 smtp_setup_events: listen on 66.63.0.75 port 25 flags 0x0 cert dc0 smtp_setup_events: listen on IPv6:fe80:4::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on IPv6:::1 port 25 flags 0x0 cert lo0 smtp_setup_events: listen on 127.0.0.1 port 25 flags 0x0 cert lo0 smtp: will accept at most 245 clients smtp_new: incoming client on listener: 0x4bd55800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=412 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: t...@spamtrap.realconnect.com smtp: got imsg_mfa_mail/rcpt 1273835446.EG3NGPKJR7lFn6wJ: from=dan...@realconnect.com, relay=host-2.ouellet.us [66.63.44.67], stat=LocalError (530 5.0.0 Recipient rejected: t...@spamtrap.realconnect.com) command: QUIT args: (null) session_destroy: killing client: 0x437a8000 smtp_new: incoming client on listener: 0x4bd55800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=413 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: te...@spamtrap.realconnect.com smtp: got imsg_mfa_mail/rcpt 1273835453.XUkSzWxzYz9J9W5C: from=dan...@realconnect.com, relay=host-2.ouellet.us [66.63.44.67], stat=LocalError (530 5.0.0 Recipient rejected: te...@spamtrap.realconnect.com) command: QUIT args: (null) session_destroy: killing client: 0x437a8000 smtp_new: incoming client on listener: 0x4bd55800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=401 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: te...@opensipd.com smtp: got imsg_mfa_mail/rcpt 1273835468.DrzO68BYcwUW9CEQ: from=dan...@realconnect.com, relay=host-2.ouellet.us [66.63.44.67], stat=LocalError (530 5.0.0 Recipient rejected: te...@opensipd.com) command: QUIT args: (null) session_destroy: killing client: 0x4df54000 smtp_new: incoming client on listener: 0x4bd55800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=401 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: te...@opensipd.com smtp: got imsg_mfa_mail/rcpt 1273835475.vpDWCOIUN0gNz1gP: from=dan...@realconnect.com, relay=host-2.ouellet.us [66.63.44.67], stat=LocalError (530 5.0.0 Recipient rejected: te...@opensipd.com) command: QUIT args: (null) session_destroy: killing client: 0x4df54000 smtp_new: incoming client on listener: 0x4bd55800 lookup_ptr 66.63.44.67 lookup_ptr success session_pickup: greeting client command: EHLO args: host-2.ouellet.us command: MAIL FROM args: dan...@realconnect.com SIZE=400 session_rfc5321_mail_handler: sending notification to mfa smtp: got imsg_mfa_mail/rcpt smtp: imsg_queue_create_message returned command: RCPT TOargs: r...@opensipd.com smtp: got imsg_queue_commit_envelopes command: DATA
Re: Virtual domains/users setup with smtpd.
On 5/14/10 7:16 AM, Daniel Ouellet wrote: ^^^--- unless you mention from all, it will only accept from lo0 accept for domain opensipd.com deliver to mbox ^^^--- same here accept for all relay ^^^--- but don't do it here Also, just on case you wonder if it is working locally on the server itself. It doesn't: # mail t...@spamtrap.realconnect.com Subject: Test . EOT Null message body; hope that's ok # send-mail: 530 5.0.0 Recipient rejected: t...@spamtrap.realconnect.com # mail te...@spamtrap.realconnect.com Subject: Test . EOT Null message body; hope that's ok # send-mail: 530 5.0.0 Recipient rejected: te...@spamtrap.realconnect.com # mail te...@opensipd.com Subject: test . EOT Null message body; hope that's ok # send-mail: 530 5.0.0 Recipient rejected: te...@opensipd.com # mail te...@opensipd.com Subject: test . EOT Null message body; hope that's ok # send-mail: 530 5.0.0 Recipient rejected: te...@opensipd.com
Re: Virtual domains/users setup with smtpd.
On 5/14/10 9:10 AM, Owain G. ainsworth wrote: You are missing aliasesname of aliases if you wish for your aliases to work. For the alias it does, but the issue is for the virtual. So changing: accept from all for local deliver to mbox to accept from all for local alias aliases deliver to mbox works yes. I did put the URL for that correction in my original post: http://www.mail-archive.com/misc@openbsd.org/msg90204.html So, may be we should put into the man page as well for that example using alias then. Here is a diff for that. Index: smtpd.conf.5 === RCS file: /cvs/src/usr.sbin/smtpd/smtpd.conf.5,v retrieving revision 1.32 diff -N -u -p smtpd.conf.5 --- smtpd.conf.527 Apr 2010 14:39:24 - 1.32 +++ smtpd.conf.514 May 2010 23:44:49 - @@ -332,7 +332,7 @@ would look like this: listen on lo0 map aliases { source db /etc/mail/aliases.db } map secrets { source db /etc/mail/secrets.db } -accept for local deliver to mbox +accept for local alias aliases deliver to mbox accept for all relay via smtp.gmail.com tls enable auth .Ed .Pp However for the original issue, still no virtual working yet. One question that it bring to me however is this in the man page then: -t type Specify the format of the resulting map file. The default map format is suitable for storing simple, unstructured, key-to-value string associations. However, if the mapped value has special meaning, as in the case of the virtual domains file, a suitable type must be provided. The available output types are: aliases The mapped value is a comma-separated list of mail destinations. This format can be used for building user aliases and virtual domains files. set There is no mapped value - a map of this type will only allow for the lookup of keys. This format can be used for building primary domain maps. When would the set type be use then? If this is for primary domain only, I assume this mean domain to be deliver on the local server. If so, then the alias only is used to create the account in that case. If so and you have test in the aliases file, then test@ will answer for all the domains in on the server, not only a specific one? I get the aliases type, but I do not get the set type here? Best, Daniel
Re: Virtual domains/users setup with smtpd.
On 5/17/10 4:41 AM, Gilles Chehade wrote: You are confusing me :-) I am very sorry! That's the last thing I want to do. So, I will try to make it very short and as clear as I can. (; I simplify the configuration to the minimum and as I still not able to get the virtual part working, I try something below that is simple and appear to be logical to me. If I am wrong, then take the 20 pound hammer and beat me over the head with it. I can't see it! if I have the following smtpd.conf: listen on lo0 listen on dc0 map vdomains { source db /etc/mail/vdomains.db } accept from all for local deliver to mbox #accept from all for domain opensipd.com deliver to mbox #accept from all for virtual vdomains deliver to mbox accept for all relay The only two things I will do here between the restart of smtpd are to either comment out only one or the other below: #accept from all for domain opensipd.com deliver to mbox #accept from all for virtual vdomains deliver to mbox one at a time to test it. With accept from all for domain opensipd.com deliver to mbox #accept from all for virtual vdomains deliver to mbox No other changes, I can send email to r...@opensipd.com and I get it into the root local account. That works. now, if I reverse it: #accept from all for domain opensipd.com deliver to mbox accept from all for virtual vdomains deliver to mbox I should be able to get the email in the same local root account if the vdomains have the following in it: # cat vdomains r...@opensipd.com root and I had created the vdomains.db with the makemap as this: # /usr/libexec/smtpd/makemap -t aliases vdomains Am I not understanding this properly? It got to work right? But it doesn't. I always get the error: 530 5.0.0 Recipient rejected: r...@opensipd.com I haven't been able to get the virtual to works once and I can't say how many variation I did. Way to many to list them and a few totally stupid as well, but just in case I tried. So, isn't the above is valid and should work as a simple test? Daniel
Re: hfsc service curve
On 5/21/10 3:43 AM, Leonardo Lombardo wrote: can someone describe me exactly how hfsc service curve works ? Read this and it should provide a pretty good idea. https://calomel.org/pf_hfsc.html And complete your learning with the man page. Best, Daniel
Re: 4.7 identifies HDDs differently than 4.6 (during upgrade)
On 6/5/10 10:56 PM, Neal Hogan wrote: I had not determined that. . . I did not see where somebody's HDDs were interpreted differently. Hi Neal, It's not the HHD that is interpreted differently, it's the changes and improvement to the controller that is better supported in 4.7 then before. Look at the DMESG again and you will see it. The way to think about it if I may suggest an analogy is like for network cards. There is a hell of a lots of them that are n2000 compatible, but they are not all the same. Over time if you design a driver that take advantage of some feature of your network card, then it may well not be seen as n2000 compatible anymore but as it's real hardware design. So, before you had your controller using a compatible mode if you want to access your drive, but then it was improve and you get additional feature, speed and all. Or would you have prefer that OpenBSD didn't work at all with your controller, meaning not even offering you the possibility of using a different driver that allow you to use your hardware. I suspect that you wouldn't have not wanted the possibility of using your computer right? Or am I wrong? Your system benefit from improvement now that wasn't there before. So be happy and use it instead of seeing it as a flaw and raise objection to it. But you can also tell me to get lost and that's fine too. But that's the logic you should take the improvement as. There is always improvement to the system at each release. Example of this, today I watch the presentation on mdocml and to be honest I was very surprise to learn that the roff, troff, nroff, what ever variations of *off was a real turn off! (; It include no less the 700 files in base, 200K lines of code and around 50K line of C++ alone, etc and obviously is all GPL. All sooner or later will go and is already in the system now and much faster by a factor of 60 or so in speed and 10K lines of code, meaning 200K down to 10K or 20 time smaller. So, following your logic they shouldn't do these then? I think it's much better to keep going and at that rate every improvement like this reduce bugs, improve security and all. Even if thee isn't any bug known yet, logic dictate that no matter what, less code reduce the chances of bugs and all. So, be happy that your system got better and do not need to be use in compatible mode now if you want to thin about it that way. If you keep complaining about improvement, well, you may one day not get any at all, then what!? Be grateful for what you got and be happy that your systen work better now then it was a few months ago. Regards, Daniel
Re: Processeur Atom ?
On 6/10/10 2:41 PM, FRLinux wrote: I guess he is asking if all Atom processors are compatible with OpenBSD, which i guess is pretty much a given :) My question (sorry for hijacking this thread) is : is there any people on this list who switched from soekris (geode) to atom, and are they happy with speed and everything? Reason I mention that is i'd love to move my setup to atom/ssd eventually but haven't seen much on the list about it. http://marc.info/?l=openbsd-miscm=127050936423288w=2 And pretty easy remote install and management of the box too: http://marc.info/?l=openbsd-miscm=127078571618143w=2 Works well so far. Daniel
Re: Processeur Atom
On 6/10/10 4:06 PM, E.T wrote: My main question and therefore, is that OpenBSD supports a 100%, the atom D510?. The X server is configured with more time. But there will be no more bugs or conflicts later, more severe and troublesome. Same URL as earlier today. You should check the archive first. DMESG included: http://marc.info/?l=openbsd-miscm=127078571618143w=2 http://marc.info/?l=openbsd-miscm=127050936423288w=2 Fully loaded with memory and two pretty good drives as wellas shown in dmseg. Total power to run it is as follow: Power: 31 Watts. Power factor: 87% No need to say this is very quiet, no fan, but I did add one blower type in it just to keep it real cool, even if not needed and it's a very quiet one too. Add 1.4 watt to the power, so really no big deal. Best, Daniel
Re: Why I left OpenBSD
These are all perception problems not real problems. Again, if one doesn't need flash one can do anything and everything on OpenBSD just fine. I am not claiming that OpenBSD should be used under all circumstances however making blanket statements that OpenBSD can't handle it is dumb. Well, I agree up to 99%. I have been looking for a simple solution to remotely edit SQL database for years. Yes, solutions does exists, Open Office have db to, but none allow me to process, or paste multiple records at once for example. The only solution I have is to use Access with the layer ODBC on Windows to do that very quickly And yes Access is strictly use as a GUI interface if you want to edit content of SQL database on remote servers and event if that's not as fast as it might be, doing 100K paste records in that SQL DB remotely works very well and no I can't do that with Open Office and I still haven't found something to do it that way yet. Open Office allow me to edit one records at a time. Fine for many cases, but not for all. Even on a MAC I do sadly use VMWare to run Windows and have Access there as I have no alternative. Call that sad and it is. But that's one case. Only one yes, but one case where I have no alternative, or find one yet and I sure have been looking for years. All that said, for everything else yes I totally agree with you. I do not have any other case. Best, Daniel
Re: Why I left OpenBSD
This sounds like a very solvable problem unless it is a proprietary database. Nope. It's just MySQL. The only proprietary software I have to run on Solaris and that I wish I could run in OpenBSD is Broadworks from Broadsoft for VoIP. But I am dreaming to be able to do that!? If you have a suggestion for the database I am all ears! (; I even sent a few emails for ideas in the last 10 years on the subject without any success yet. This is how I do it and I sent that to MySQL list in 1999. Many users looks like use my suggestion to do the same. Works very well for everyone and is a big time savers I must admit. http://lists.mysql.com/myodbc/638 Best, Daniel
Re: Why I left OpenBSD
On 6/11/10 7:46 PM, Marco Peereboom wrote: Haha odbc and mysqueel you do like pain eh? I know. But it's fast and when customers use MySQL, then you flow with it. Why do you need ms access? Strictly as a GUI interface only. Liek select a row and paste huge quantity of data that customers sent to update their database, etc. All done at once and I get them most of the time in excel and sometime in Access. So, select all data, and paste in Access link to MySQL via ODBC and all is pasting all at once oppose to Open Office for example that will and can only do one row. Think of it as a quick interfcae of editing directly the database records. If oyu edit only one record, then you can do somethng else, but dong multiple one, then it's still the fastest way. I still don't get what the problem is. It's a speed of usage issue for multiple row editing. I can do quick edit directly with MySQL client in the DB, but when it comes to multiple rows entry, etc. If you get the data in either from and then try to convert in SQL statement for import and all. It takes way to much time to do it and in the end, What I do in 30 seconds would take a very long time doing it like that. It's a practical data editing and entry that it's used for. And again Access is only and strictly use for it's capability of GUI edit/paste only. And obviously I still need it to read the data I get obviously. I know the idea looks stupid. I grant you that. (; But if you ever see it, you would see that it is darn quick and save countless hours and as time is always missing in my days, anything that same me some will be strongly consider. Plus ODBC is pretty darn old to and looks like places start to drop it's usage too. It's a very limited usage and I really do not care for any features of Access, etc. I could care less for it. As I sai,d I only and strictly use it as a GUI over ODBC to edit records directly in the remote database. Nothing else. I may not explain myself very well I agree. Sometime I have problem doing so. but that's all there is to it really. Nothing more then that. That's why it looks to stupid doing so and replacing it should be very simple. But I just do not have an alternative for it and I looked for many years! That is really the only thing I still have that force me to keep VMWare, Microsoft and Access on a MAC for example. Everything else have been replaced and I do not have an alternative yet on an OpenBSD desktop. A very small price to pay, but never the less still stuck with it.
Re: Why I left OpenBSD
On 6/11/10 7:46 PM, Marco Peereboom wrote: Haha odbc and mysqueel you do like pain eh? Anyway, I will let the tread die. I don't think it's of any interest to anyone and I shouldn't hijack treads. Thanks Marco. I am sure it's more boring them a great OpenBSD OS for sure! I wish I have an alternative, but I don't and I live with it. Not the end of the world.
Re: anyone use these for firewall?
On 6/15/10 11:58 AM, Chris Smith wrote: Neither of which are listed as supported by 4.7, does -current possibly support these? It they worked and the dmesg is in the archive as well. Best, Daniel
Re: anyone use these for firewall?
On 6/15/10 11:58 AM, Chris Smith wrote: Ran across these Supermicro boxes: http://www.supermicro.com/products/system/1U/5015/SYS-5015A-PHF.cfm and http://www.supermicro.com/products/system/1U/5015/SYS-5015A-PHF.cfm?typ=E dmesg in the archive and yes they work very well. Even very nice remote maintenance capability too.
Re: Multiple web servers hosting different sites behind single public IP (all listening on port 80)?
I can port-map to the various servers just fine (ie: abc.com:8080, abc.com:, etc.) but this is NOT the desired configuration. The 3 different web servers should all be accessible via port 80: abc.com, coolstuff.abc.com, abc.com/coolstuff Can you give me a bit more details as to what you really want to do. - Look to me if I understand you right, it's pretty simple. All your servers would have the same content and you spread the load between them. - And you try to have coolstuff.abc.com redirected to your web server directory at abc.com/coolstuff? If so, that's pretty easy to do and rewrite module in httpd does do that for you. I do that all the time! Working live example if you need to see it to know and understand my question to you. example http://wheredoyoufit.org will redirect you to http://typology.people-press.org/ Or an other example redirecting oyu inside a sub directory of a site like this: http://pandemicfluandyou.org will redirect you inside a sub directory here: http://healthyamericans.org/pandemic-flu/ Is that what you try to do? If not, I do not follow your question. Or if so, you sure can use relayd, but no need for it really. You may even redirect your various URL to different port too if that makes your life easier and then in pf, you redirect them to a specific server at all times. There is many solutions, but what is the problem you try to address. Sorry if I am tick, but that's what I understood from your question. Best, Daniel
Re: x4100
On 6/30/10 9:27 PM, Marco Peereboom wrote: It seems that the sun X4100 works now with amd64 GENERIC.MP. I'd like to get some test reports from folks in the field. You have to checkout a kernel using cvs because all niceness isn't in snaps yet. Just for the archive, but Marco already have feedback. No go for the Sun x4100 M2 with latest snapshot Thu Jul 1 15:28:35 MDT 2010 Only need to do: dd if=/dev/zero of=/var/test bs=1m count=1000 And you have a crash right away and reboot. dmesg below: Best, Daniel OpenBSD 4.7-current (GENERIC.MP) #60: Thu Jul 1 15:28:35 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3756982272 (3582MB) avail mem = 3643121664 (3474MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfbd50 (70 entries) bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 bios0: Sun Microsystems Sun Fire X4100 M2 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR SLIT OEMB HPET IPET SRAT SSDT acpi0: wakeup devices PS2K(S1) PS2M(S1) USB0(S4) USB1(S4) MAC_(S5) P0P1(S4) P0P2(S4) P0P3(S4) P0P4(S4) P0P5(S4) IO4B(S4) BR5B(S4) BR5C(S4) BR5D(S4) BR5E(S4) IOB2(S4) BR2B(S4) BR2C(S4) BR2D(S4) BR2E(S4) PWRB(S1) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2216, 2393.92 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2 at mainbus0: apid 2 (application processor) cpu2: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3 at mainbus0: apid 3 (application processor) cpu3: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative ioapic0 at mainbus0: apid 15 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0: apid 16 pa 0xfeafd000, version 11, 7 pins ioapic1: misconfigured as apic 0, can't remap to apid 16 ioapic2 at mainbus0: apid 17 pa 0xfeafc000, version 11, 7 pins ioapic2: misconfigured as apic 1, can't remap to apid 17 ioapic3 at mainbus0: apid 14 pa 0xfeaff000, version 11, 24 pins acpihpet0 at acpi0: 2500 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 4 (P0P4) acpiprt3 at acpi0: bus 5 (P0P5) acpiprt4 at acpi0: bus 128 (PCIB) acpiprt5 at acpi0: bus 133 (POGA) acpiprt6 at acpi0: bus 134 (POGB) acpiprt7 at acpi0: bus 131 (BR5D) acpiprt8 at acpi0: bus 132 (BR5E) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi at mainbus0 not configured cpu0: PowerNow! K8 2393 MHz: speeds: 2400 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0 NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3 nviic0 at pci0 dev 1 function 1 NVIDIA nForce4 SMBus rev 0xa2 iic0 at nviic0 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem1 at iic0 addr 0x51: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem2 at iic0 addr 0x52: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem3 at iic0 addr 0x53: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 iic1 at nviic0 iic1: addr 0x18 00=01 01=01 02=00 03=00 words 00=0101 01=0101 02= 03= 04= 05= 06=
Re: x4100
Only difference I can see with what you have here is the bios is more recent on mine and I have two drives setup as raid 1. bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 That's it. I have 4 of them, all with the same problem. On 7/2/10 12:47 AM, Marco Peereboom wrote: # dd if=/dev/zero of=/var/test bs=1m count=1000 1000+0 records in 1000+0 records out 1048576000 bytes transferred in 21.012 secs (49901672 bytes/sec) bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf8fb0 (65 entries) bios0: vendor American Megatrends Inc. version 080010 date 08/10/2005 bios0: Sun Microsystems Sun Fire X4100 Server Bah I had been testing on a non M2 version. Well at least this one works even though it used to have issues as well. On Thu, Jul 01, 2010 at 11:16:45PM -0400, Daniel Ouellet wrote: On 6/30/10 9:27 PM, Marco Peereboom wrote: It seems that the sun X4100 works now with amd64 GENERIC.MP. I'd like to get some test reports from folks in the field. You have to checkout a kernel using cvs because all niceness isn't in snaps yet. Just for the archive, but Marco already have feedback. No go for the Sun x4100 M2 with latest snapshot Thu Jul 1 15:28:35 MDT 2010 Only need to do: dd if=/dev/zero of=/var/test bs=1m count=1000 And you have a crash right away and reboot. dmesg below: Best, Daniel OpenBSD 4.7-current (GENERIC.MP) #60: Thu Jul 1 15:28:35 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3756982272 (3582MB) avail mem = 3643121664 (3474MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xfbd50 (70 entries) bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 bios0: Sun Microsystems Sun Fire X4100 M2 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR SLIT OEMB HPET IPET SRAT SSDT acpi0: wakeup devices PS2K(S1) PS2M(S1) USB0(S4) USB1(S4) MAC_(S5) P0P1(S4) P0P2(S4) P0P3(S4) P0P4(S4) P0P5(S4) IO4B(S4) BR5B(S4) BR5C(S4) BR5D(S4) BR5E(S4) IOB2(S4) BR2B(S4) BR2C(S4) BR2D(S4) BR2E(S4) PWRB(S1) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Dual-Core AMD Opteron(tm) Processor 2216, 2393.92 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2 at mainbus0: apid 2 (application processor) cpu2: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu2: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3 at mainbus0: apid 3 (application processor) cpu3: Dual-Core AMD Opteron(tm) Processor 2216, 2393.64 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu3: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative ioapic0 at mainbus0: apid 15 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0: apid 16 pa 0xfeafd000, version 11, 7 pins ioapic1: misconfigured as apic 0, can't remap to apid 16 ioapic2 at mainbus0: apid 17 pa 0xfeafc000, version 11, 7 pins ioapic2: misconfigured as apic 1, can't remap to apid 17 ioapic3 at mainbus0: apid 14 pa 0xfeaff000, version 11, 24 pins acpihpet0 at acpi0: 2500 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 4 (P0P4) acpiprt3 at acpi0: bus 5 (P0P5) acpiprt4 at acpi0: bus 128 (PCIB) acpiprt5 at acpi0: bus 133 (POGA) acpiprt6 at acpi0: bus 134 (POGB) acpiprt7 at acpi0: bus 131 (BR5D) acpiprt8 at acpi0: bus 132 (BR5E) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS acpibtn0 at acpi0: PWRB ipmi
Re: what is the OpenBSd equivalent for kern.maxfilesperproc on OpenBSD?
On 7/2/10 1:25 AM, Siju George wrote: Hi, It is for Squid Optimizations from http://wiki.squid-cache.org/SquidFaq/SystemSpecificOptimizations Well your description is miss leading here. The text on that page said: ... increase the number of system-wide ... so, that would be # sysctl | grep kern.maxfiles kern.maxfiles=7030 and that is: # The maximum number of open files that may be open in the system. However, the name of the sysclt that your document refer at kern.maxfilesperproc=8192 Of files per process is set in login.conf and as an example: # Setting used by MySQL daemon mysql:\ :openfiles-cur=2048:\ :openfiles-max=3072:\ :tc=daemon: So, you set that up under the class you will use. man(5) login.conf So, depend what you really want to do, use the right place, or if you are not sure, then don't touch it. Best, Daniel thanks :-) Siju
Any interest to possibly make OpenBSD run on the iPad?
I am sure this wouldn't cover the time needed to make this happened by far and it may not be possible or easy for sure, I realize that. But if any developer(s) may have the interest and possibly the time to do so and actually make that a reality in a decent time frame, I would be more then happy to buy one iPad and have it ship to that person. Depending on the interest and time frame, I might be able to do this two time, but I can't commit to two at this time, so keep that in mind. I pay for it from my pocket and funds are not as plenty as it was once. May be if any other users want to see that possibly happening, then they might do a pool to buy more and have it ship to the right person. This is an open offer and as long as Theo confirmed the genuine developer(s) to me, that's all good for me and like in the pass for a few other hardware I did, I would do this again. My selfish interest in it for me is that I am getting older and yes small screen are getting harder to use for me and I do need bigger screen and how ever I still like to get minimal carrying hardware when I need to go to various POP to do work locally via console and all, I waste more time with smaller screen then the actual work. I guess age start to gets it's toll on me. If there is any interest and possibility, great, if not that's totally fine too. I will not loose any sleep over it. (; It's more a cool wish then a real need to use the iPad. I can be contacted off list if there is real interest and if not then the offer still stand. My only wish in exchange is to have OpenBSD run on it with the wireless and a nice addition to the FAQ to install OpenBSD on the iPad, that's all. But don't get me wrong, I realise that even that offer sure do not cover all the time that would be required to make that a reality, so it's more an interest of love then anythng else here, however I do know that support for OpenBSD on new hardware will not happened without some developers getting that hardware in their hands, so there it is. And in case this wasn't obvious, the hardware provided is obviously for you to keep and enjoy should you want to and make that a reality. Happy 4th of July. Best, Daniel
Re: Current fails to boot a Dell R300
On 1/4/10 6:12 PM, Edd Barrett wrote: On Mon, Jan 04, 2010 at 04:17:31PM -0600, Bryan wrote: I posted something earlier today about it as well... The devs know about this. Apparently some SCSI changes in the kernel broke this. You could try again with the patch posted just few minutes ago by dlg@, or wait for the next snapshot to be ready. http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/atapiscsi/atapiscsi.c?rev=1.85 May fix your problem. Best, Daniel
Re: routing and pf at 10Gbps
On 2/11/10 2:46 PM, Henning Brauer wrote: disk i/o is irrelevant. you will need a very very very fast opengl capable graphics card with loads of memory of course. ??? I am sure I am missing something big here, but Fast Video Card with OpenGL for router? Are you trying to look live every packets routed here? If I may asked Henning, please give me a clue stick as that part I really do not understand what so ever. No bunt intended, I just do not understand that at all, please help me get it? What Video have to do with routing? Best, Daniel
Re: selling bsd in cd for profit??
On 2/26/10 7:44 PM, Citra Cool wrote: Can I selling openBSD in CD for profit?? You can always become an OpenBSD reseller if you want. If my memory served me right, you can buy the CD in bulk directly from Theo. If you buy 25 or more from him at once, he will give you a pretty good discount ( I think it was 40%, but please don't take it as being right!) on them and then you can sale them at the same price as the project if you like and that's one way for you to help some. I can't recall right now the final price you would pay for 25 or more, but fell free to contact Theo directly and proceed. I am pretty sure he would be happy to work with you if you actually are serious about doing so. Just don't waste his time if you are not going to do 25 and more however. If you are thinking of using the ISO and make CD to sale them, that's not allow and you would hurt the project doing so. But don't take any of what I wrote here as the truth, I am not the final person to say yes or no on this. Theo is! Best, Daniel
Re: HPN SSH
Anyone taken a look at these patches? I'm curious if there's security implications to this. http://www.psc.edu/networking/projects/hpn-ssh/ I can't say, but based on pass experience I would say that if the patches were god and pass upstream without any security issue that they would be part of OpenSSH already unless they are with GNU license obviously. I know OpenBSD do not go after speed first, but security, however anytime efficient improvement do not go against the first goal of security, I didn't see to many patch refuse for sure, specially here for example where it is a factor of 10x. So, may be that was a project on the side that no one knew, however I don't think so. So, based on that I would say that if the patches are not included in the main tree that the developers must think there are not right or that there is issues with them. That's simple logic really. I never say anyone rejecting patches just to reject them, following that logic I would say if they are not in the tree, then they must judge that there are issue with them, or that this project never cared to send them upstream to get them included and argue the pros/cons of them to a satisfaction to be included. That's my take on it. Draw your own conclusion however, your judgment is as good as mine. Best, Daniel
Both snapshots bsd/bsd.mp of Mach 7 on Sun X4100 M2 i386 crash n boot right away, but March 4 was running
Hi, The new snapshots for March 7 on Sun X4100 M2 crash right away on boot and go directly to bbd. This was running with the March 4 snapshots. Below you see the dmesg, the trace and the ps. The dmesg is from an other server running an earlier version of the OS as I didn't keep the bsd for March 4 in my testing for the new release. (; The screen capture of the console for the ps and trace is here as I didn't want to retype everything. http://openbsdsupport.org/BSD.2010-03-08.png Dmesg below as well: OpenBSD 4.5 (GENERIC.MP) #108: Sat Feb 28 14:58:58 MST 2009 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 real mem = 3757658112 (3583MB) avail mem = 3649417216 (3480MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 04/11/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfbd50 (70 entries) bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 bios0: Sun Microsystems Sun Fire X4100 M2 acpi at bios0 function 0x0 not configured mpbios0 at bios0: Intel MP Specification 1.4 cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 cpu2 at mainbus0: apid 2 (application processor) cpu2: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 cpu3 at mainbus0: apid 3 (application processor) cpu3: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 mpbios0: bus 0 is type PCI mpbios0: bus 1 is type PCI mpbios0: bus 2 is type PCI mpbios0: bus 3 is type PCI mpbios0: bus 4 is type PCI mpbios0: bus 5 is type PCI mpbios0: bus 128 is type PCI mpbios0: bus 129 is type PCI mpbios0: bus 130 is type PCI mpbios0: bus 131 is type PCI mpbios0: bus 132 is type PCI mpbios0: bus 133 is type PCI mpbios0: bus 134 is type PCI mpbios0: bus 135 is type ISA ioapic0 at mainbus0: apid 15 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0: apid 16 pa 0xfeafd000, version 11, 7 pins ioapic1: misconfigured as apic 0, can't remap to apid 16 ioapic2 at mainbus0: apid 17 pa 0xfeafc000, version 11, 7 pins ioapic2: misconfigured as apic 1, can't remap to apid 17 ioapic3 at mainbus0: apid 14 pa 0xfeaff000, version 11, 24 pins pcibios0 at bios0: rev 3.0 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4e20/272 (15 entries) pcibios0: no compatible PCI ICU found: ICU vendor 0x10de product 0x0051 pcibios0: Warning, unable to fix up PCI interrupt routing pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0xa000 0xca000/0x1800 0xcb800/0x1000 0xcc800/0x1000 0xcd800/0x5c00 0xd3800/0x1000 ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 (no bios) NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3 nviic0 at pci0 dev 1 function 1 NVIDIA nForce4 SMBus rev 0xa2 iic0 at nviic0 spdmem0 at iic0 addr 0x52: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem1 at iic0 addr 0x53: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 iic1 at nviic0 iic1: addr 0x18 00=01 01=01 02=00 03=00 words 00=0101 01=0101 02= 03= 04= 05= 06= 07= iic1: addr 0x19 00=01 01=00 02=00 03=01 words 00=0101 01= 02= 03=0101 04= 05= 06= 07= iic1: addr 0x1a 02=00 03=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic1: addr 0x1c 02=00 03=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic1: addr 0x48 01=00 03=50 07=00 0a=4b 0e=19 11=00 12=4b 13=50 14=19 15=50 16=50 17=50 18=19 19=00 1a=4b 1b=50 1c=50 1d=50 1e=50 1f=50 20=19 21=00 22=4b 23=50 24=50 25=19 26=50 27=50 28=19 29=00 2a=4b 2b=50 2c=4b 2d=4b 2e=4b 2f=4b 30=19 31=00 32=4b 33=50 34=50 35=50 36=00 37=50 38=19 39=00 3a=4b 3b=50 3c=00 3d=50 3e=19 3f=50 40=19 41=00 42=4b 43=50 44=4b 45=4b 48=19 49=00 4a=4b 4d=4b 4e=19 4f=4b 50=19 51=00 52=4b 53=50 54=50 55=50 56=50 57=00 58=19 59=00 5a=4b 5b=50 5c=50 5d=50 5e=50 5f=50 60=19 61=00 62=4b 63=50 64=50 65=50 66=19 67=50 68=19 69=00 6a=4b 6b=50 6c=19 6d=50 6e=50 6f=50 70=19 71=00 72=4b 73=50 74=50 75=50 76=50 77=50 78=19 79=00 7a=4b 7b=50 7c=50 7d=50 7e=19 7f=50 80=19 81=00 82=4b 83=50 84=19 85=50 86=50 87=50 88=19 89=00 8a=4b 8b=50 8c=50 8d=50 8e=50 8f=50 90=19 91=00 92=4b 93=50 94=50
Re: Both snapshots bsd/bsd.mp of Mach 7 on Sun X4100 M2 i386 crash n boot right away, but March 4 was running
More updates on this. I tested the new snapshots as well that just hit the tree a few minutes ago. March 8, 2010 at 11:59 mts and it is also still broken, but trace give different results, so here it is as well, but I had to do two screen shut this time as it didn't fit all on one screen for ps and trace. http://openbsdsupport.org/ps.2010-03-08.11.59.mts.png http://openbsdsupport.org/trace.2010-03-08.11.59.mts.png Best, Daniel
Re: Both snapshots bsd/bsd.mp of Mach 7 on Sun X4100 M2 i386 crash n boot right away, but March 4 was running
What's the panic message? Sorry that it took me so long to answer back. I had to get this back up and find an earlier snapshots that works and I found on in Brasil. However in my testing I saw also yet a new version that just hit the tree, this one at 14:50MST that works. Here is the dmesg for both. And now there is a new one as well that came up, this one is March 8 for 14:50 MST, not the 11:59 and this time looks like it is booting again. Both dmesg bellow for interest only I guess. I tried to find the crash details, but I don't have it at this time. Not sure if you still want it, I could try to find yet an other mirror that have the crashing snapshots, but not sure that it's productive now. Anyway, I will redo it all now once more to be sure. March 4 working. OpenBSD 4.7-beta (GENERIC.MP) #435: Thu Mar 4 11:11:28 MST 2010 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 real mem = 3757592576 (3583MB) avail mem = 3657285632 (3487MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 04/11/07, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfbd50 (70 entries) bios0: vendor American Megatrends Inc. version 0ABJX039 date 04/11/2007 bios0: Sun Microsystems Sun Fire X4100 M2 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR SLIT OEMB HPET IPET SRAT SSDT acpi0: wakeup devices PS2K(S1) PS2M(S1) USB0(S4) USB1(S4) MAC_(S5) P0P1(S4) P0P2(S4) P0P3(S4) P0P4(S4) P0P5(S4) IO4B(S4) BR5B(S4) BR5C(S4) BR5D(S4) BR5E(S4) IOB2(S4) BR2B(S4) BR2C(S4) BR2D(S4) BR2E(S4) PWRB(S1) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 cpu2 at mainbus0: apid 2 (application processor) cpu2: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu2: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 cpu3 at mainbus0: apid 3 (application processor) cpu3: Dual-Core AMD Opteron(tm) Processor 2216 (AuthenticAMD 686-class, 1024KB L2 cache) 2.40 GHz cpu3: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,CX16 ioapic0 at mainbus0: apid 15 pa 0xfec0, version 11, 24 pins ioapic1 at mainbus0: apid 16 pa 0xfeafd000, version 11, 7 pins ioapic1: misconfigured as apic 0, can't remap to apid 16 ioapic2 at mainbus0: apid 17 pa 0xfeafc000, version 11, 7 pins ioapic2: misconfigured as apic 1, can't remap to apid 17 ioapic3 at mainbus0: apid 14 pa 0xfeaff000, version 11, 24 pins acpihpet0 at acpi0: 2500 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P1) acpiprt2 at acpi0: bus 4 (P0P4) acpiprt3 at acpi0: bus 5 (P0P5) acpiprt4 at acpi0: bus 128 (PCIB) acpiprt5 at acpi0: bus 133 (POGA) acpiprt6 at acpi0: bus 134 (POGB) acpiprt7 at acpi0: bus 131 (BR5D) acpiprt8 at acpi0: bus 132 (BR5E) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS acpibtn0 at acpi0: PWRB bios0: ROM list: 0xc/0xa000 0xca000/0x1800 0xcb800/0x1000 0xcc800/0x1000 0xcd800/0x5c00 0xd3800/0x1000 ipmi at mainbus0 not configured cpu0: PowerNow! K8 2394 MHz: speeds: 2400 2200 2000 1800 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) NVIDIA nForce4 DDR rev 0xa3 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 NVIDIA nForce4 ISA rev 0xa3 nviic0 at pci0 dev 1 function 1 NVIDIA nForce4 SMBus rev 0xa2 iic0 at nviic0 spdmem0 at iic0 addr 0x52: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 spdmem1 at iic0 addr 0x53: 1GB DDR2 SDRAM registered cmd/addr parity, data ECC PC2-5300CL5 iic1 at nviic0 iic1: addr 0x18 00=01 01=01 02=00 03=00 words 00=0101 01=0101 02= 03= 04= 05= 06= 07= iic1: addr 0x1c 02=00 03=00 words 00= 01= 02= 03= 04= 05= 06= 07= iic1: addr 0x1d 00=0f 01=0f 02=00 03=00 words 00= 01=0f0f 02= 03= 04= 05= 06= 07= admcts0 at iic1 addr 0x2c admcts1 at iic1 addr 0x2d iic1: addr 0x48 00=1a 01=ff 02=ff 03=50 04=4b 05=ff 06=ff 08=1a 09=00 0a=4b 10=1a 11=00 12=4b 18=1a 19=00 1a=4b 20=1a 21=00 22=4b 28=1a 29=00 2a=4b 30=1a 31=00 32=4b 38=1a 39=00 3a=4b 3e=1a 40=1a 41=00 42=4b 48=1a 49=00 4a=4b 4e=1a 50=1a 51=00 52=4b 58=1a 59=00 5a=4b 60=1a 61=00 62=4b 68=1a 69=00 6a=4b 70=1a 71=00 72=4b 78=1a 79=00 7a=4b 80=1a 81=00 82=4b 88=1a 89=00 8a=4b 90=1a
Re: A small research paper - Thoughts about Cisco.
On 3/11/10 6:13 AM, TS Lura wrote: Dear OpenBSD community, I'm doing a small research paper on Cisco and try to find out if they are evil or not in relative to open/free source/standards, and business practice. Eg. locking people to their product line aka the MS way. I'm sending this mail to you guys because I think many of you know allot about networking, and the networking industry. I'm hoping that someone would be kind and share some of their impressions of Cisco with me. My hypothesis is that Cisco is following the best business practice in relation to proprietary and open/free source. To answer this hypothesis I'm trying to find out if Cisco is using their proprietary solution when there is a better open/free alternative. My preliminary thoughts is taken from what I have perceived, that Cisco makes a proprietary solution to give them a edge and uniqueness in the marked which they can harvest capital from. And when that solution has become commonplace they switch over to non-proprietary solutions to become more interoperable and thus stay competitive. First, Is this reasonable observation? Second, Are there any deviations from this trend? If so, why? I'm very grateful for any reply I get. Kind regards, TSLura. Well, this is a big question and you will get a very wide feedback and I would guess, not much good one, but I sure could wrong. For my own having to deal with them for years and have sadly plenty of SmartNet contract as well, they only thing I can tell you, and there is a lot. The only time I ear from Cisco, even if some IOS may have big bugs in them and that may affect me, they will only contact me when the SmartNet time to renew comes! One would thank that they may follow up with their own urgent fix, but no! For the ISL, you already got that reply, but a few years ago, they still were trying to force you to buy their switches and use ISL over the standard 802.11Q! For VoIP, even if SIP is the wide standard, they still try to lock you in their Skiny protocol over the wide standard one and even if you hve smartnet on their 7960 SIP phones, unless you use their own proprietary system they will not support the SIP standard and provide IOS upgrade for it as they should, even with smartnet. They called meon that and try to talk me init, but I cancel ALL the smartnet for ANY Cisco IP phones and that's a lots of them. What's the point of having smartnet if you can't get IOS upgrades and there answer was for the physical device if it break, you get it replace and all. Well, you know what, if it break I can replace if with Polycom instead and they support it better then Cisco does! But if I can't do that, then even getting a new Cisco is better and cheaper int he end then having a worthless smartnet on the phones! As for OpenStandard, CARP and VRRP is a good example, you can research that if you like. That's an OpenBSD solution over a Cisco suppose to be Open one! Then you have the same thing when you need new equipment, if you tell Cisco that you are looking at competition product of their, then you will get discount as long as you know what you are talking about on the hardware. Never on the SmartNet. But very interestingly here, if you talk about Open solutions, like the bgpd or even the ospfd, or better yet, the upcoming MPLS, then you really get them talking and yes, they will call you and try to talk to you in not touching that telling you all kind of bullshit that it's not supported, that you will get problem, it will not work, that you will be better served by Cisco and they will stand by you to help you in emergency and all that crap sale talk. Don't get me wrong Cisco does have good product for most of them. They will help some, may be not as they should for sure if you have SmartNet, but that will cost you big time! However, you will be stuck in this endless continuous under power hardware that needs constant upgrade all the time and they will suck you dry in smartnet contract for not much servic in the end provided sadly in the last few years by 1/2 the time from people that you can't even understand when you talk to them. Sadly the one I find the best are when you open your ticket at night and you get them from down under in Australia. They follow up better and give you better feedback then sadly anyone so far I got in the US and definitely much better then when you are so unlucky to get them from Asia when they follow their script to the letter for most of them when you talk tot hem. You will get some good one at time, but by far it's not the norm as long as you can understand them. Don't get me wrong, some are very nice and know their stuff, but that's not the norm by far and for the price you have to pay for your smartnet, you sure hell have the right to expect BETTER!!! In short, my own experience is as follow. The niceness of Cisco is directly in reverse of the choice of solution you pick being the start
Re: any web management gui for pf ?
On 3/14/10 3:48 AM, PP;QQ P(P8P?P8QP8P= wrote: the problem was described very precisely pf gui like pfsense, but installable on clean OpenBSD box, wasn't it ? Then why don't you use pfsense and port it back to OpenBSD. After all pf was created on OpenBSD and works better on OpenBSD anyway and the license of pfsense is BSD. http://www.pfsense.org/index.php?option=com_contenttask=viewid=42Itemid=62 So, if that's what you really want, then help yourself and make it work and you will have exactly what you want. You have been told there isn't one decent and you want pfsense like, so use that and bring it to OpenBSD as you want. And right on the pfsense website there is a big logo with Commercial Support Available If you can't do it, then pay them to do it for you and your team will have what they want. But frankly, I would very much recommend you to simply edit the pf.conf and refer to the manual if you have question, there isn't anything that will ever do it better, really no joke or punch intended, there isn't anything that will come close to it. Best of luck. Daniel