OpenBSD as virtual guest, host machine acting as router for the guest(s) subnet(s)
Hi All! One of my hosting providers has recently enforced the new routing policy for additional IP-addresses and instead of old good bridging mode from now on requires that all additional IPs should be routed via primary IP. I've already found quite a good HOWTO, but unfortunately it does describe how to configure Linux virtual guest on the Linux KVM host. My task is a bit different, I have to configure OpenBSD 5.6 guest on the Linux (Ubuntu) KVM host. Debian/Ubuntu HOWTO document suggests following configuration: Prerequisites: Main (KVM host) public IP: xxx.yyy.5.102 Netmask: 255.255.255.252 Default gateway: xxx.yyy.5.101 Additional IP (for the guest machine): xxx.yyy.4.212 HOWTO suggests following settings: Host OS /etc/network/interfaces: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address xxx.yyy.5.102 netmask 255.255.255.255# to enforce all the traffic through GW, not allowing direct connection between rack neighbours gateway xxx.yyy.5.101 pointopoint xxx.yyy.5.101 auto br212 iface br212 inet static address 172.30.64.1 #or any other 'private' non-routable IP pre-up brctl addbr $IFACE post-up route add -host xxx.yyy.4.212 $IFACE post-down brctl delbr $IFACE Guest OS /etc/network/interfaces: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address xxx.yyy.4.212 netmask 255.255.255.255 gateway xxx.yyy.5.102 pointopoint xxx.yyy.5.102 == So, my question is, what and how should I configure on OpenBSD guest? I've tried to adjust /etc/hostname.vio0 (I'm using virtio NIC on the host), but l can't understand the syntax for Point-to-point settings. Thanx in advance, Kirill
Puppet and OpenBSD. Any examples/experience for unattended provisioning?
Hi All, Looks like there is no comprehensive guide/howto in the Net for $subj... Googling gives some discussions and presentations regarding running puppet server on OpenBSD, which is not so interesting. My task is to automate provisioning of bunch of OpenBSD servers across several LANs and puppet would be a good helper here (OK, maybe Saltstack could be an alternative solution, but there is even less info about such a combination out there). Thanx in advance, Kirill
Your PHP install does not have the mhash() function.
Hi All! Using phpldapadmin under OpenBSD 5.9 recently I ran into a problem with php-5.6 (fpm). phpldapadmin cannot work with password hashes and shows the message: Your PHP install does not have the mhash() function. In the older versions there was separate extension for php-mhash, in the current one this is not the case. mhash library from ports tree is already installed. Any ideas (except building php binary from sources with --with-mhash option)? Thanx in advance, Kirill
Re: OpenBSD on AWS EC2 Nitro
OK, looks like ENA (Elastic Network Adapter) is the main show stopper here, There is a glimpse of optimism here, FreeBSD port of ENA driver is already out there: https://github.com/amzn/amzn-drivers/tree/master/kernel/fbsd/ena I'm trying to catch the AMD-specific crash logs from t3a-type instances to post them here. On 06.10.20 07:50, Kirill Peskov wrote: > Hi All! > > Not so long time ago I've got the challenge to fire up OpenBSD instance > in AWS. It was almost out-of-the-box successful with just a few manual > post-configs... However, with recently introduced "Nitro" hypervisor > (heavily streamlined KVM) old methods of hacking OpenBSD into the Amazon > Cloud seem not to be working, due to not yet fully known list of > reasons, but some of the key differences between "t2" and "t3" > generations are obvious, t3 has new components: > > Root disk: NVMe root disk > NIC: Elastic Network Adapter (Amazon ENA) > > In addition, AWS has a bit cheaper line of instances, AMD-based "t3a". > > So far, from the instance startup logs I can see that NVMe device is > detected by OpenBSD kernel, but looks like OS is unable to find root > partition on the drive. AMD instance crashes with kernel fault on very > early stage. > > Has anyone tried the same? Any success? > > > Cheers, > > Kirill smime.p7s Description: S/MIME Cryptographic Signature
OpenBSD on AWS EC2 Nitro
Hi All! Not so long time ago I've got the challenge to fire up OpenBSD instance in AWS. It was almost out-of-the-box successful with just a few manual post-configs... However, with recently introduced "Nitro" hypervisor (heavily streamlined KVM) old methods of hacking OpenBSD into the Amazon Cloud seem not to be working, due to not yet fully known list of reasons, but some of the key differences between "t2" and "t3" generations are obvious, t3 has new components: Root disk: NVMe root disk NIC: Elastic Network Adapter (Amazon ENA) In addition, AWS has a bit cheaper line of instances, AMD-based "t3a". So far, from the instance startup logs I can see that NVMe device is detected by OpenBSD kernel, but looks like OS is unable to find root partition on the drive. AMD instance crashes with kernel fault on very early stage. Has anyone tried the same? Any success? Cheers, Kirill
Set environment variable for non-interactive shell
Hi All, I'm currently trying to figure out, how to set global environment variable, valid for multiple users including root, so Ansible will be able to accept it as "fact" for both root and non-root users. I've already tried to play with .cshrc files and /etc/rc.local, nothing worked so far, looks like I'm missing something important. Thanx in advance, Kirill smime.p7s Description: S/MIME Cryptographic Signature
Re: Set environment variable for non-interactive shell
Unfortunately neither /etc/profile nor ~/.profile won't be parsed if shell is non-interactive. Simplest example will be: if the content of /etc/profile is: MY_ENV=DEV export MY_ENV Then if I login to the host like this: ssh username@myopenbsdhost.local myopenbsdhost$ env _=/usr/bin/env LOGNAME=username PWD=/home/username HOME=/home/username SSH_TTY=/dev/ttyp0 MY_ENV=DEV TERM=xterm-256color SHELL=/bin/ksh ...blabla... So OK in this case. But if I run: ssh username@myopenbsdhost.local env _=/usr/bin/env LOGNAME=username PWD=/home/username HOME=/home/username SSH_TTY=/dev/ttyp0 SHELL=/bin/ksh ...blabla... Got the idea? Other BSDs and Linux behaves exactly the same way, /etc/profile and ~/.profile are parsed for interactive shells only. On 06.11.20 15:56, Dante Catalfamo wrote: > Hey Kirill, > > The default shell in OpenBSD is usually ksh unless otherwise > specified. You should check out the ksh(1) man page. > > You should be able to achieve what you want by setting the variable in > /etc/profile. Hope that helps. > > Dante > > On 2020-11-06 6:23 a.m., Kirill Peskov wrote: >> Hi All, >> >> I'm currently trying to figure out, how to set global environment >> variable, valid for multiple users including root, so Ansible will be >> able to accept it as "fact" for both root and non-root users. I've >> already tried to play with .cshrc files and /etc/rc.local, nothing >> worked so far, looks like I'm missing something important. >> >> Thanx in advance, >> >> Kirill >> >> smime.p7s Description: S/MIME Cryptographic Signature
Re: Set environment variable for non-interactive shell
Unfortunately manpage for login.conf does not give any example, only brief description: setenv envlist A list of environment variables and associated values to be set for the class. so if I would like to set for example global variable MY_ENV=DEV for all users and any login method, then what should I put here instead of XX? default:\ :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\ :umask=022:\ :setenv=XX:\ :...blabla...:\ On 06.11.20 16:28, Todd C. Miller wrote: > Typically, this kind of thing is done in /etc/login.conf. > > - todd smime.p7s Description: S/MIME Cryptographic Signature