Re: How to allow root telnet to a NetBSD 6.1.5 box
* jmitchel (jmitc...@mail.bigjar.com) wrote: > Hello, > > I have an appliance that I'm upgrading from 1.6.2 (I know, I know) to 6.1.5. > The appliance currently only has the root account. I want users to be able > to set up the box without having to use a serial cable, so I'm configuring > it with a default IP and want them to be able to telnet in to set it up. The > problem is, when I try to telnet as root, I get "root login refused on this > terminal." telnet is deprecated these day. You should always use ssh. You have only one account, so telnet as any wheel user then su will not work. So far, try this (I haven't tested). Open /etc/pam.d/login and comment out the following line. #accountrequisite pam_securetty.so Then try telnet as root again. And let me know if it solves. -- Pongthep Kulkrisada "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." -- Dennis M. Ritchie
Re: Packet filtering issues (both NPF and PF)
* D'Arcy J.M. Cain (da...@netbsd.org) wrote: > npf_if.c:53:2: > error: #error "NPF and PF are mutually exclusive; please select one" > #error "NPF and PF are mutually exclusive; please select one" ^ > nbmkdep: compile failed. Very informative, thank you very much. -- Pongthep Kulkrisada "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." -- Dennis M. Ritchie
Packet filtering issues (both NPF and PF)
I'm running NetBSD on Macbook Air (core i5-64 bits). I have 2 issues about PF and NPF. 1. Previously, I ran 6.1_STABLE on port i386. Right after updating from src to 7.0, NPF reported errors at booting. After I read man pages, I had to edit /etc/npf.conf to comply with 7.0. And it was still exactly the same NPF rules as when I was on 6.x. I rebooted. Once it reached npf portion in /etc/rc.conf, the system crashed with many lines of green error messages. (I don't know how to log it.) 2. So I switched to 7.0 on port amd64 (fresh install from iso). This time NPF works pretty fine. But PF doesn't work. (Yes, I test both packet filters.) I have been using this /etc/pf.conf since NetBSD 5.x, and never changed it. Rebooting succeed; I can issue any commands without using network. But whenever I use network e.g. lynx or even ping, the system crashes with many lines of green error messages. Are there anyone encountering these problems, or having any workaround? At the moment, I only have 7.0 on port amd64. So now I need workaround for item 2 only. Are there any major changes in PF configuration from 6.x to 7.0? Thanks in advance. -- Pongthep Kulkrisada "UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity." -- Dennis M. Ritchie
Re: Why doesn't NetBSD recognize my entries in /etc/hosts?
* Benny Siegert (bsieg...@gmail.com) wrote: > Other ways to get rid of the CRs are the "dos2unix" filter and opening > in vim, setting :set fileformat=unix and saving. vim in brief :se ff=unix if you are not a vim user, % tr -d '\r' < dosfile.txt > unixfile.txt should also work. -- Pongthep Kulkrisada "Nothing ever exists entirely alone without relativity."
Re: termcap issue
* Pongthep Kulkrisada (ptkris...@gmail.com) wrote: * Martin Husemann (mar...@duskware.de) wrote: Please file a PR giving more details (like: what method you use to log in, what terminal emulator you run, what shell you are using, output of stty -a, your TERM environment settings, ) send-pr with details done. * Chris Bannister (cbannis...@slingshot.co.nz) wrote: On Fri, Aug 21, 2015 at 12:11:08AM +0700, Pongthep Kulkrisada wrote: * Pongthep Kulkrisada (ptkris...@gmail.com) wrote: * John Klos (j...@ziaspace.com) wrote: Sometime between RC1 and RC2, something happened to termcap. I often ssh from a Mac (TERM is xterm-256color) and nothing has changed on that end for ages. However, now on any NetBSD-7.0_RC2 system, the shell shows ^? whenever a backspace is entered and the terminal is not interactive. Also, in insert mode in vi, one has to use control-h, as now backspace enters ^?. What changed? It'd be nice if this were fixed. I also encountered the same problem. I have also tried... stty erase ^H bindkey \177 delete-char Nothing seems to work, this time I have to go back to 6.1_STABLE. It is still not fixed in 7.0_RC3. Mac users still have to press ^H to delete. Any solutions or workaround would be highly appreciated. Shouldn't a bug be filed instead of just hoping someone will read this and do it for you? If you were more careful and followed this thread, you would find that send-pr was done from me since 7.0_RC2. Shall I repeat send-pr again on RC3? Anyway, I have found the solution by myself and another solution from this board. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Dave Huang (k...@azeotrope.org) wrote: On Fri, Aug 21, 2015 at 11:51:24PM +0700, Pongthep Kulkrisada wrote: stty erase ^? doesn't work. Hmm, it works for me. What does stty -a show after you do stty erase ^? ? Oops! sorry for my bad. I was doing something else. TGIF stty erase ^? works for me. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Martin Husemann (mar...@duskware.de) wrote: On Sat, Aug 22, 2015 at 08:43:57PM +0700, Pongthep Kulkrisada wrote: If you were more careful and followed this thread, you would find that send-pr was done from me since 7.0_RC2. Which PR is it? I am relatively new to this list. (subscribed last month) Once I did send-pr, after that I have no idea how to find it. But I certainly sent on 3-Aug-2015. I query in gnat database, the last port-i386 PR was on 2-Jun-2015. Probably, it has yet filed. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Martin Husemann (mar...@duskware.de) wrote: On Sat, Aug 22, 2015 at 10:55:02PM +0700, Pongthep Kulkrisada wrote: I am relatively new to this list. (subscribed last month) Once I did send-pr, after that I have no idea how to find it. But I certainly sent on 3-Aug-2015. You shuold get a reply back from gnats (usually within a few minutes, maybe hours) telling you the ticket number. If that does not happen, something went wrong. I have never received anything from gnats. Probably, something went wrong. send-pr brought me to vim editor. Just editing (long text conforming the given format) and save/quit. I don't think I made any mistakes. After that, there was a message telling me that PR was sent out. By the way, I used root account to send it. Nevertheless, now the solution is known. Should I resend it? -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: Necessity of rebuilding pkgsrc after updating the system
Thank you very much, Eric. pkg_chk -g to create the list (/usr/pkgsrc/pkgchk.conf). pkg_delete \* to remove everything. Rebuild pkg_chk itself pkg_chk -a -s Those work pretty fine. * Eric Haszlakiewicz (e...@nimenees.com) wrote: On August 20, 2015 10:45:21 AM EDT, Pongthep Kulkrisada ptkris...@gmail.com wrote: * Rhialto (rhia...@falu.nl) wrote: and after removing everything, pkg_chk -a would rebuild them. How to remove everything (i.e. remove pkgs listed in /usr/pkgsrc/pkgchk.conf)? I have checked pkg_chk(8) man page. But I didn't find it. Thank you, This should do it: pkg_delete \* Or you can try rm -rf on /usr/pkg and /var/db/pkg, but that might leave droppings around in other places, and will of course erase any config (or other) files you have in /usr/pkg/etc. Eric -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Johnny Billquist (b...@update.uu.se) wrote: Either change your Mac to send a BS character, or configure your NetBSD system to do an erase when receiving a DEL. (stty erase ^?) stty erase ^? doesn't work. The only thing that works is adding these lines to /etc/rc.conf. % grep wsconsctl /etc/rc.conf wsconsctl -w map+=keycode 14 = BackSpace /dev/null wsconsctl -w map+=keycode 211 = Cmd_ResetEmul Delete /dev/null -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Pongthep Kulkrisada (ptkris...@gmail.com) wrote: * John Klos (j...@ziaspace.com) wrote: Sometime between RC1 and RC2, something happened to termcap. I often ssh from a Mac (TERM is xterm-256color) and nothing has changed on that end for ages. However, now on any NetBSD-7.0_RC2 system, the shell shows ^? whenever a backspace is entered and the terminal is not interactive. Also, in insert mode in vi, one has to use control-h, as now backspace enters ^?. What changed? It'd be nice if this were fixed. I also encountered the same problem. I have also tried... stty erase ^H bindkey \177 delete-char Nothing seems to work, this time I have to go back to 6.1_STABLE. It is still not fixed in 7.0_RC3. Mac users still have to press ^H to delete. Any solutions or workaround would be highly appreciated. Thank you, -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: Necessity of rebuilding pkgsrc after updating the system
Thanks for all your responses. * Ottavio Caruso (ottavio2006-net...@yahoo.com) wrote: Never done it myself, but have you considered this: pkg_info -Q PKGPATH -a pkgs_i_want_to_have pkg_info -a | sed 's/ .*//' | tail -r | while read p ; do pkg_delete $p ; done cat pkgs_i_want_to_have | (while read pp ; do cd /usr/pkgsrc/$pp ; make make install ; done) I have seen it. But I thought there was a simpler way i.e. a single command. I was wrong. There is no straight way. * Eric Haszlakiewicz (e...@nimenees.com) wrote: That won't do quite what you want because it'll mark *all* packages as ones that you explicitly asked to be installed, which tends to lead to a lot of unnecessary work figuring out why you're getting conflict between old and new versions or renamed packages that other packages depend on. Pkgsrc keeps track of which ones you pkg_add'ed (or make install'd) vs what just happened to get installed as a dependency and if you stick to just trying to (re)install the former things go much smoother. I don't remember offhand how to get that list, but I think it was not quite as obvious as it should be, so you might need to look around a bit for the right commands. I compared the output from pkg_info -Q PKGPATH -a and /var/db/pkg. The contents are different. But I don't know that much. * Greg Troxel (g...@ir.bbn.com) wrote: Another approach, which will have a period of possible trouble and then be ok is to mark all packages as needing rebuild and then running pkg_rolling-replace. cd /var/db/pkg pkg_admin set rebuild=YES * cd /usr/pkgsrc pkg_rolling-replace -uvk /dev/null RR.000 21 Probably, that is the answer I'm looking for. I shall look into it. Though, it is not a single command. Last of all, thank you very much. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: Necessity of rebuilding pkgsrc after updating the system
* Ottavio Caruso (ottavio2006-net...@yahoo.com) wrote: On 17 August 2015 at 15:47, Pongthep Kulkrisada ptkris...@gmail.com wrote: * Eric Haszlakiewicz (e...@nimenees.com) wrote: However, you can try pkgin full-upgrade and see if it works for you. (assuming you just want to install pre-built packages, and don't have customizations to the builds) I have never used pkgin. I always do everything from source. Except for the first installation from iso image. Out of curiosity, is there any reason why you must install from sources: performance or what else? I really like pkgin and, if it wasn't for the fact that sometimes there are massive build failures on Netbsd production servers, I'd use it all the time. I like C Programming and love coding. I always use PKG_OPTIONS.pkg or edit /etc/mk.conf before compiling. I can see package dependencies prior to compilation. And I can see source code. Can pkgin do that? I don't know. I have never used pkgin. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: Necessity of rebuilding pkgsrc after updating the system
Thank you for your replies. * Martin Husemann (mar...@duskware.de) wrote: The answer is not a simple yes or no. The basic idea is: you can upgrade the base system and keep using the old pkgs just fine. Once I used to consider this issue when I was updating from 5.x to 6.x. sizeof (time_t) was changed from 32 bits to 64 bits. And time_t is likely to be used in nearly all applications (I think). So that time I was thinking that it was very necessary to rebuild all installed pkgsrc. * Ottavio Caruso (ottavio2006-net...@yahoo.com) wrote: blind leading the blind here. My gut feeling is: no. Isn't *BSD based on the principle that the base system is somewhat separated from 3rd party userland? Please see above. * Eric Haszlakiewicz (e...@nimenees.com) wrote: However, you can try pkgin full-upgrade and see if it works for you. (assuming you just want to install pre-built packages, and don't have customizations to the builds) I have never used pkgin. I always do everything from source. Except for the first installation from iso image. So far, the answer depends on many factors. In case rebuild all installed pkgsrc is required. Rebuild one by one is very painful. So my question... Is there a SINGLE command to force rebuild all installed pkgsrc? pkg_chk -u -s doesn't do that, if it is still in the same quarter. Thank you, -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Necessity of rebuilding pkgsrc after updating the system
Hi all, After updating the system from 6.x to 7.x (i.e. update across major branches), should I have to rebuild all pkgsrc? If yes, how to force rebuild it? I looked through the handbook, I didn't find the information. # pkg_chk -u -s doesn't do the trick with the same quarter of pkgsrc. Thanks in advance, -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: ntpdc doesn't work as expect
* Havard Eidnes (h...@uninett.no) wrote: I found that ntpdc doesn't work, while ntpq works pretty fine. This is the effect of a newer ntp version and updated /etc/ntp.conf. After some security issues, ntpdc support has been turned off by default. # New ntpd disables the ntpdc protocol by default, to re-enable uncomment # the following line enable mode7 Thank you very much. Your advices are very helpful and informative. I've just seen these lines in /etc/ntp.conf on 7.0_RC2. (missing on 6.1_STABLE) -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
ntpdc doesn't work as expect
Hi all, I'm not sure if this problem has been posted in this list. I didn't find it. I found that ntpdc doesn't work, while ntpq works pretty fine. I tested both on 6.1_STABLE and 7.0_RC2. The results are the same. (I only tested on IPv4.) Anyone have a clue, please point me out. Thanks in advance, Here's the output from 6.1_STABLE. % uname -a NetBSD netbsd.localdomain 6.1_STABLE NetBSD 6.1_STABLE (GENERIC) #2: Sat Aug 1 21:28:32 ICT 2015 root@netbsd.localdomain:/usr/obj/sys/arch/i386/compile/GENERIC i386 % cat /etc/rc.conf | grep ntpd ntpdate=YES ntpdate_flags=-b time.navy.mi.th asia.pool.ntp.org ntp.nict.jp ntpd=YES % ntpq -p remote refid st t when poll reach delay offset jitter == +x2204.ipv9.xyz 202.47.249.212 u 70 128 377 10.2790.309 31.508 *122.155.169.213 202.47.249.202 u2 128 3779.0941.476 0.964 2001:3c8:e10e:3 .INIT. 16 u- 102400.0000.000 0.000 % ntpdc -p localhost.localdomain: timed out, nothing received ***Request timed out % -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* Martin Husemann (mar...@duskware.de) wrote: Please file a PR giving more details (like: what method you use to log in, what terminal emulator you run, what shell you are using, output of stty -a, your TERM environment settings, ) send-pr with details done. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: termcap issue
* John Klos (j...@ziaspace.com) wrote: Hi, Sometime between RC1 and RC2, something happened to termcap. I often ssh from a Mac (TERM is xterm-256color) and nothing has changed on that end for ages. However, now on any NetBSD-7.0_RC2 system, the shell shows ^? whenever a backspace is entered and the terminal is not interactive. Also, in insert mode in vi, one has to use control-h, as now backspace enters ^?. What changed? It'd be nice if this were fixed. Thanks, John Klos I also encountered the same problem. I have also tried... stty erase ^H bindkey \177 delete-char Nothing seems to work, this time I have to go back to 6.1_STABLE. -- Pongthep Kulkrisada Nothing ever exists entirely alone without relativity.
Re: NPF documentation
Hi All,
* Mindaugas Rasiukevicius (rm...@netbsd.org) wrote:
As those of you tracking source changes may have already noticed, there
have been various improvements to NPF over the last few months (e.g. support
for dynamic NPF rules).
Very great to have listened this.
I have posted an npf question in this list since Jan 2013.
But there has been no reply.
Additionally, I created a web page for NPF documentation:
http://www.netbsd.org/~rmind/npf/
Sorry, it seems that the doc is still not updated as in npf.conf(5)
regarding interfaces.
$ext_if = wm0
should be changed to
$ext_if = inet4(wm0)
or inet6
NetBSD 6.1 has recently entered Release Candidate
stage, therefore wider testing would be more than welcome!
Here's my minimal /etc/npf.conf.
# cat /etc/npf.conf
$ext_if = inet4(pcn0)
procedure log {
log: npflog0
}
procedure norm {
normalise: random-id
}
group (name external, interface $ext_if) {
pass all
}
group (default) {
pass final on lo0 all
block all
}
This configuration results in an error.
# npfctl reload
/etc/npf.conf:5:1: invalid parameter 'npflog0' near '}'
So I suspected that npflog might be not ready.
I tried commenting out three lines of procedure log.
Then again...
# npfctl reload
npfctl: ioctl: Invalid argument
In order to totally eliminate all errors, I must comment out ALL procedures.
Is this a bug or mis-configuration?
It did not happen when I first checkout to netbsd-6-0-RELEASE.
It has been happening since I made it STABLE.
# uname -a
NetBSD netbsd.localdomain 6.1_RC1 NetBSD 6.1_RC1 (GENERIC) #5: Fri Mar 8
17:34:39 ICT 2013
root@netbsd.localdomain:/usr/obj/sys/arch/i386/compile/GENERIC i386
Thanks in advance,
--
Pongthep Kulkrisada
UNIX is basically a simple operating system,
but you have to be a genius to understand the simplicity.
-- Dennis M. Ritchie
