of the cvsweb port (ports/devel/cvsweb/pkg/README)
for some ideas what may be required.
(Which reminds me that this needs updating for perl 5.20. Ugh.)
--
Christian naddy Weisgerber na...@mips.inka.de
by installboot, editing the duids in /etc/fstab, and
fixing up /etc/hostname.*,
Yep, that's how I do this.
but I'm hoping that there's a better way.
Better how?
--
Christian naddy Weisgerber na...@mips.inka.de
during restore, you better run installboot.
--
Christian naddy Weisgerber na...@mips.inka.de
On 2014-11-07, System Administrator ad...@bitwise.net wrote:
In the description of the -b option:
...
three elliptic curve sizes: 256, 384 or 521 bits.
Is 521 correct
Yes. Those are ecdsa-sha2-nistp521 keys.
--
Christian naddy Weisgerber na...@mips.inka.de
--
Christian naddy Weisgerber na...@mips.inka.de
impossible. Decompress
your sets beforehand.)
--
Christian naddy Weisgerber na...@mips.inka.de
to drive a USB device with all the USB bus
complexity.
For laptops with Intel AMT, it should be possible to use the
serial-over-LAN feature (cf. the comms/amtterm port).
--
Christian naddy Weisgerber na...@mips.inka.de
/ttyUx in your /etc/ttys and ensure ttyflags(8)
runs after the device attaches.
Running a getty(8) on a serial port is not a console. You have no
access to boot(8), boot_config(8), the bootup kernel messages, or
single-user mode.
--
Christian naddy Weisgerber na
.
MPlayer restores the screen blanker on exit. It usually manages
to do so when crashing, too.
--
Christian naddy Weisgerber na...@mips.inka.de
the key length the question was about.
And the fingerprints on that page, from ssh-keygen -l, are in a
different format than SSHFP records.
You can use this:
https://github.com/xelerance/sshfp to generate the dns records for a
given host.
Or just use ssh-keygen -R.
--
Christian naddy Weisgerber
it does. Try ssh-keygen -lf known_hosts.
Is it important to have the bit length published with the fingerprint?
No.
--
Christian naddy Weisgerber na...@mips.inka.de
On 2014-09-30, Stefan Wollny stefan.wol...@web.de wrote:
I might have missed something, but could you provide me with an update
on this issue?
The openbsdstore.com has opend.
So what does this mean with regard to Lehmanns?
--
Christian naddy Weisgerber na
features,
exported functions originated in Korn shell and the fact that
OpenBSD's /bin/ksh doesn't implement them is a documented shortcoming
of pdksh (see src/bin/ksh/NOTES).
--
Christian naddy Weisgerber na...@mips.inka.de
.
In short, your system loses time faster than ntpd can correct.
--
Christian naddy Weisgerber na...@mips.inka.de
: localhost resolves to more than 1 hosts
and then it listens only on ::1 and not on 127.0.0.1 (the order is
normal, I guess, because family inet6 inet4 in resolv.conf) and I
think both should be listened on, no ?
A server can only listen on a single address at the moment.
--
Christian naddy
will badly lock up your system and having
a multitude of bad sectors will render the rest of the drive
effectively unrecoverable.
--
Christian naddy Weisgerber na...@mips.inka.de
On 2014-08-25, Dave Anderson d...@daveanderson.com wrote:
Yup, time for a new disk. I'm off to do some research on who makes the
most reliable ones these days. [Suggestions from anyone knowledgable
are welcome.]
Here's a bold suggestion: Don't buy consumer drives.
--
Christian naddy
with. The saying goes
that nobody wants backup, everybody wants restore, but I'd really
prefer not having to restore either.
Now, the real question is whether enterprise drives actually *are*
more reliable than consumer drives.
--
Christian naddy Weisgerber na...@mips.inka.de
... fifo (O_WRONLY) blocks until there is a reader.
By contrast, dd ... of=fifo (O_RDWR) does not block and if you
run it in a loop, you'll end up with a busy loop.
--
Christian naddy Weisgerber na...@mips.inka.de
On 2014-08-16, Christian Weisgerber na...@mips.inka.de wrote:
How about making etc/random.seed a named pipe and feeding chunks
of /dev/random to it?
I've now put this into my /etc/rc.local:
---
# Provide fresh random.seed for pxeboot
if cd /tftpboot/etc; then
rm -f
PXEBOOT 3.23
boot
cannot open tftp:/etc/random.seed: No such file or directory
--
Christian naddy Weisgerber na...@mips.inka.de
.
How about making etc/random.seed a named pipe and feeding chunks
of /dev/random to it? Something like
# cd /tftpboot
# mkfifo etc/random.seed
# while true; do dd if=/dev/random count=1 etc/random.seed 2/dev/null; done
seems to work at first blush.
--
Christian naddy Weisgerber
and terminate. This will close the outgoing cua(4) device,
de-asserting DTR, which with the usual null modem cable will de-assert
DCD at the incoming tty(4) device, which in turn should result in
a SIGHUP being sent to the processes on that tty.
I don't know offhand why this doesn't work.
--
Christian
file /var/www/run/nginx.pid
Related issue: If you are running httpd, any attempt to signal nginx
will be futile.
--
Christian naddy Weisgerber na...@mips.inka.de
you don't have to enter a PW) normal user access to a
repository (the chrooting makes upgrades a little more exciting than
Or simply export the repository with NFS and just run local
checkouts from that. The remote cvs protocol is cumbersome; avoid
it if you can.
--
Christian naddy Weisgerber
into some problems. One is SSH
fails to run. When I try to run it with /usr/sbin/sshd several
error messages are displayed. Starting with key_load_private:
incorrect passphrase supplied to decrypt private key.
Fixed about a week ago.
There's a new snapshot up.
--
Christian naddy Weisgerber
On 2014-07-05, Артур Истомин art.is...@yandex.ru wrote:
I will share my config with you with one caveat: I'm from Alabama, and we all
know what that means ...
You intrigued me. What it means to be from Alabama?
In Birmingham they love the governor?
--
Christian naddy Weisgerber
.
The portable version we use has an inner loop that requires 25
multiplications 32x32-64 bits for each 16-byte block. For simple
CPUs, that will stall out the pipeline.
--
Christian naddy Weisgerber na...@mips.inka.de
, no.
Question: How can we set GCM in nginx? Why couldn't a fresh Firefox connect
via HTTPS to foo.com (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2)? It can connect
to www.ssllabs.com via HTTPS (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2)
No, it doesn't. Not with that cipher suite.
--
Christian naddy Weisgerber
there was a change that
requires a new boot(8), otherwise a serial console won't be set
correctly with a new kernel.
--
Christian naddy Weisgerber na...@mips.inka.de
.
where is this documented?
I don't think it is explicitly documented anywhere, but this may
be pertinent:
Upgrades are only supported from one release to the release immediately
following it. Do not skip releases. If you got lucky skipping releases
in the past, you may not this time.
--
Christian
fallout from the ssh changes on June 23:
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
--
Christian naddy Weisgerber na...@mips.inka.de
-lf taskulf for a simpler check.)
This is fixed now.
--
Christian naddy Weisgerber na...@mips.inka.de
in _XData32 () from /usr/X11R6/lib/libX11.so.16.0
#1 0x05adb1e05629 in XChangeProperty () from
/usr/X11R6/lib/libX11.so.16.0
Oh, that one. Yeah, that's a very unfortunate API that leads to
int/long confusions. We've already fixed numerous instances of
this.
--
Christian naddy Weisgerber
is of no
use.
--
Christian naddy Weisgerber na...@mips.inka.de
. I guess ssh-keygen should be in sync one way or the other
with the other ssh components.
--
Christian naddy Weisgerber na...@mips.inka.de
On Tue, 10 Jun 2014 12:14:46 -0600
Theo de Raadt dera...@cvs.openbsd.org wrote:
I was reading stuff in misc@ about OpenSSL broken things. I see
people from OpenBSD started LibreSSL project and they are forking
OpenSSL and remove the bad code. This is past, but I see more and
more lesions
On Thu, 12 Jun 2014 23:51:58 -0400
Brad Smith b...@comstyle.com wrote:
On 12/06/14 11:43 PM, Christian Pedaschus wrote:
wouldn't it be a feature?
less warts, less bugs, less features, less compatible, but secure?
What good is having a brand new from scratch API when almost nothing
uses
ups, forgot to cc the list...
On Thu, 12 Jun 2014 23:59:46 -0400
Brad Smith b...@comstyle.com wrote:
On 12/06/14 11:59 PM, Christian Pedaschus wrote:
On Thu, 12 Jun 2014 23:51:58 -0400
Brad Smith b...@comstyle.com wrote:
On 12/06/14 11:43 PM, Christian Pedaschus wrote:
wouldn't
size of a single I/O transfer the kernel handles;
larger reads or writes will be broken up into multiple transfers.
--
Christian naddy Weisgerber na...@mips.inka.de
/sd1c
Temperature is fine, never exceeded the limits.
smartctl -t short /dev/sd1c
Not supported, it seems.
--
Christian naddy Weisgerber na...@mips.inka.de
the disk survives that long.
Whatever's wrong with it, it's a tenacious little bugger. There
still hasn't been a single hard read error. Anyway, I guess we can
close the topic.
--
Christian naddy Weisgerber na...@mips.inka.de
make
install there again.
--
Christian naddy Weisgerber na...@mips.inka.de
, but why the heck
are there no error indications of any kind?
Any other ideas?
--
Christian naddy Weisgerber na...@mips.inka.de
in the miniserver/workstation class.
--
Christian naddy Weisgerber na...@mips.inka.de
Am 05/25/14 06:29, schrieb Philip Guenther:
On Sat, May 24, 2014 at 9:03 PM, Christian Schulte c...@schulte.it wrote:
Am 05/25/14 04:21, schrieb Philip Guenther:
On Sat, May 24, 2014 at 5:59 PM, Christian Schulte c...@schulte.it
wrote:
please see the output of 'dmesg', 'audioctl -f /dev
Am 05/25/14 06:49, schrieb patrick keshishian:
On 5/24/14, Philip Guenther guent...@gmail.com wrote:
On Sat, May 24, 2014 at 9:03 PM, Christian Schulte c...@schulte.it wrote:
Am 05/25/14 04:21, schrieb Philip Guenther:
On Sat, May 24, 2014 at 5:59 PM, Christian Schulte c...@schulte.it
wrote
Am 05/25/14 09:39, schrieb patrick keshishian:
On 5/25/14, Christian Schulte c...@schulte.it wrote:
Am 05/25/14 06:49, schrieb patrick keshishian:
On 5/24/14, Philip Guenther guent...@gmail.com wrote:
On Sat, May 24, 2014 at 9:03 PM, Christian Schulte c...@schulte.it
wrote:
Am 05/25/14 04
and mute on your keyboard
or close to it?
Try to push them, it may be on mute or very low volume.
Indeed. Never tried those buttons during playback. Always looked at the
output of mixerctl and there nothing changes. It really was that simple.
Damn it.
Regards,
--
Christian
.
The only solution is to wait for the packages to be updated.
A full package build for sparc64 takes about ten days on the available
infrastructure (three machines).
--
Christian naddy Weisgerber na...@mips.inka.de
Hello misc@,
please see the output of 'dmesg', 'audioctl -f /dev/audio' and 'mixerctl'
included in this message. Is it correct that executing 'aucat -i something.wav'
should produce audible output with things setup like this ?
Regards,
Christian
$ dmesg
OpenBSD 5.5-stable (1KHZ.MP) #18: Sun
Am 05/25/14 04:21, schrieb Philip Guenther:
On Sat, May 24, 2014 at 5:59 PM, Christian Schulte c...@schulte.it wrote:
please see the output of 'dmesg', 'audioctl -f /dev/audio' and 'mixerctl'
included in this message. Is it correct that executing 'aucat -i
something.wav' should produce
On 2014-05-22, M Farkas-Dyck strake...@gmail.com wrote:
At ksh prompt, type a multibyte character, and move or backspace over
it, for examples:
ksh's command line editor simply does not support multi-byte
characters.
--
Christian naddy Weisgerber na...@mips.inka.de
dev 29 function 0 not configured
but with this there are no USB buses at all. No hidden uhci.
(I'm documenting this here for general benefit. I have no urgent
need for uaudio on that machine; if push comes to shove, the analog
outputs of the built-in azalia will do just fine.)
--
Christian
will be there. I might
try that, but at the moment the single PCI slot is already occupied.
There should also be high speed USB audio devices, and possibly
asynchronous ones, but this kind of information is difficult to
discern from the packaging or the manual leaflets.
--
Christian naddy Weisgerber
: audio rev 1.00, 8 mixer controls
audio1 at uaudio0
uhidev4 at uhub2 port 4 configuration 1 interface 3 ABC C-Media USB Headphone
Set rev 1.10/1.00 addr 5
uhidev4: iclass 3/0
uhid2 at uhidev4: input=4, output=4, feature=0
--
Christian naddy Weisgerber na...@mips.inka.de
with USB2 ports. Maybe
there are audio dongles that run at hi-speed, otherwise uaudio(4)
looks pretty useless.
Hmpf.
--
Christian naddy Weisgerber na...@mips.inka.de
and choose an amd64, but to be sure:
How long would Yeelong compile heavy apps from ports
like jdk?
If the packages are not available from ftp.openbsd.org, the most
likely reason is that they simply don't build on mips64el, so
compiling them yourself isn't an option.
--
Christian naddy
On 2014-05-14, Marc Espie es...@nerim.net wrote:
There's no point in providing SHA256.sig for packages.
We provide the SHA256 file to allow bulk integrity checking of the
packages. There may be little point in signing it, but signing it
also doesn't cost us anything, so why not?
--
Christian
thought there was a way to see
the expiration time, but now I can't find it.
--
Christian naddy Weisgerber na...@mips.inka.de
means
that developers and bulk builders don't want to enable them, so we
don't actually know what breakage will result.
--
Christian naddy Weisgerber na...@mips.inka.de
A changelog can be found at
https://github.com/chneukirchen/cwm/blob/linux/README
http://chneukirchen.org/releases/cwm-5.5.tar.gz
http://chneukirchen.org/releases/cwm-5.5.tar.gz.asc
Enjoy!
--
Christian Neukirchen chneukirc...@gmail.com http://chneukirchen.org
0e21a48b4973beb7ddf265bea48b73b0c39a589e
it as a door stop?
Looking over ubsec(4), I'd say its hardware random generator is
indeed the only useful function left. Since you already have the
card in place, why throw it away?
--
Christian naddy Weisgerber na...@mips.inka.de
, it worked
for /usr/src but there were writes to /usr/xenocara.
--
Christian naddy Weisgerber na...@mips.inka.de
On 2014-02-11, Jan Stary h...@stare.cz wrote:
On my current/amd64 install, some manpages get installed under
/usr/share/man/man8/macppc/ - is that intentional?
Yes. All man pages are installed on all archs.
--
Christian naddy Weisgerber na...@mips.inka.de
Kim Twain kimtwa...@gmail.com wrote:
Well, I can fetch the ports tree in a secure way, verify its integrity
and origin,
You can? How?
--
Christian naddy Weisgerber na...@mips.inka.de
- (gdb)
-unknown- (clang, binutils, occasionally in ports)
-portbld- (most ports)
would never confuse anybody, would it?
--
Christian naddy Weisgerber na...@mips.inka.de
.
dummy? No, Adam will think we're stupid.
generic? No, Adam will think we're cheap.
Maybe we can just leave it.
--
Christian naddy Weisgerber na...@mips.inka.de
Miod Vallat m...@online.fr wrote:
i386-donatetoopenbsdfoundationtoday-openbsd5.4?
or i386-bikeshed-openbsd.
What is the string equivalent of goatse or tubgirl?
--
Christian naddy Weisgerber na...@mips.inka.de
target name.
FreeBSD is more playful: It has ${ARCH}-portbld-freebsd${OSREL} in
its ports tree and configures gdb with ${TARGET_ARCH}-marcel-freebsd,
because Marcel Moolenaar did the import work.
--
Christian naddy Weisgerber na...@mips.inka.de
http://www.cbc.ca/news/politics/csec-used-airport-wi-fi-to-track-canadian-travellers-edward-snowden-documents-1.2517881
If you didn't know already, this is your cue to look up ifconfig(8)'s
lladdr random.
--
Christian naddy Weisgerber na...@mips.inka.de
Markus Lude markus.l...@gmx.de wrote:
since updating to the latest snapshot on sparc64 from 22nd january ntpd
switches back and forth between synced and unsynced clock every few
minutes. Does anyone notice similar behavior?
Yes, I see the same on -current (amd64, sparc64).
--
Christian
.)
--
Christian naddy Weisgerber na...@mips.inka.de
on the NAT gateway (e.g. RAM error, buggy code
writing into random location), and that regenerating the checksum
hides such corruption.
--
Christian naddy Weisgerber na...@mips.inka.de
test, in the
September 23 issue, revealed a number of models that were eerily
in agreement with our 3,500-euro reference unit, including the
cheapest one (10 euros).
But really, any unit you buy is probably good enough.
--
Christian naddy Weisgerber na...@mips.inka.de
-2 cryptographic hashes, which were
not only specified by NIST, but in fact designed by the NSA.
Of course mainstream cryptographers don't think that SHA-2 is
insecure, much less backdoored, but that again raises the question:
What do mean by that NIST crypto you want to avoid?
--
Christian naddy
-suite negotiation configuration and socket?
Wäre es gut, wenn die ganze Welt eine Sprache sprechen würde?
--
Christian naddy Weisgerber na...@mips.inka.de
executables on deinstall.
There's no quick way to clean up /etc and /dev.
Also, if you don't compile things on a box and you're not desperately
short of space, why even bother?
--
Christian naddy Weisgerber na...@mips.inka.de
Christian Weisgerber na...@mips.inka.de wrote:
# cd /mnt
# rm -rf /bin /sbin
# cd /mnt/usr
# rm -rf X11R6 bin games include lib libdata libexec sbin share
As several people have pointed out, this should be:
# cd /mnt
# rm -rf bin sbin
# cd /mnt/usr
# rm -rf X11R6 bin games include lib
file; do
rmdir $file echo $file
done -EOF
$dirs
EOF
fi
}
delete-old-files
delete-old-libs
delete-old-dirs
8
--
Christian naddy Weisgerber na...@mips.inka.de
.
I'm particularly intrigued by the radar return bugs.
It's 2014, and somehow I've woken up in a cyberpunk novel.
--
Christian naddy Weisgerber na...@mips.inka.de
button for 4 or 5 seconds
and reboot.
Try disabling apmd, it is known to cause hangs on some systems.
Which seems odd because my X230 suffers those hangs only when it
is sitting there idling, but not when it is flat out busy or during
interactive use.
--
Christian naddy Weisgerber
in scrolling regions any longer.
This appears to have been silently (?) fixed.
--
Christian naddy Weisgerber na...@mips.inka.de
Evan Root cellarr...@gmail.com wrote:
Tmux is a very good idea, I hadn't thought of it before but I'm already
using screen as the serial console client,
So why don't you use screen's scrollback buffer?
--
Christian naddy Weisgerber na...@mips.inka.de
of 1) not having a pager 2) trying to look
at too many files that scroll off the screen and
ftp ls . |less
--
Christian naddy Weisgerber na...@mips.inka.de
Christian Weisgerber na...@mips.inka.de wrote:
---
#!/bin/sh
SAFE=$HOME/.pwsafe
TMPFILE=`mktemp /tmp/pwsafeXX` || exit 1
trap 'rm -P $TMPFILE' 0 1 2 15
STTY=`stty -g`
echo -n Password:
stty -echo
read PASSWORD
stty $STTY
set -e
echo -n $PASSWORD | openssl
| openssl aes-256-cbc -d -in $SAFE -out $TMPFILE -pass
stdin
${EDITOR-${VISUAL-vi}} $TMPFILE
echo -n $PASSWORD | openssl aes-256-cbc -in $TMPFILE -out $SAFE -pass
stdin
---
--
Christian naddy Weisgerber na...@mips.inka.de
Brad Smith b...@comstyle.com wrote:
pkg_locate libuuid.so - no?
Even if that tool was installed that would not locate anything
if the package in question is not already installed, right?
Wrong.
--
Christian naddy Weisgerber na...@mips.inka.de
-permission-based
read restrictions.
--
Christian naddy Weisgerber na...@mips.inka.de
the URL, but if this interests you and you can't
figure out who this is (it's not Wim; it's the other guys), then drop
me a line.
What a stupid game. Are you talking about tekmote.nl?
--
Christian naddy Weisgerber na...@mips.inka.de
Am 11/09/13 22:21, schrieb Philip Guenther:
Sorry, but I don't really find your tests convincing.
* Only test the worst case of a matching buffer.
* Unreasonably large example used (are there *any* 256MB memcmp or
bcmp in the kernel?)
* Use of fprintf in the inner loop adds large fixed
Hello misc@,
are the i386 GENERIC and GENERIC.MP kernels built using '-O2' as is
setup in '/usr/src/sys/arch/i386/conf/Makefile.i386' or is COPTS set to
something else in '/etc/mk.conf' during 'make release' ?
Regards,
--
Christian Schulte
Am 11/09/13 05:44, schrieb Philip Guenther:
On Fri, Nov 8, 2013 at 7:30 PM, Christian Schulte c...@schulte.it wrote:
are the i386 GENERIC and GENERIC.MP kernels built using '-O2' as is
setup in '/usr/src/sys/arch/i386/conf/Makefile.i386' or is COPTS set to
something else in '/etc/mk.conf
Chris Cappuccio ch...@nmedia.net wrote:
Mr. Pugsley, an ethernet NIC includes a Modulator and Demodulator for
any of 10BaseT, 100BaseTX, 1000BaseT, 1BaseThingies, fiber versions
of the same, and so on.
Wait, wait, Ethernet is baseband, so there is no (de)modulator.
--
Christian naddy
reappear with the next snapshot.
--
Christian naddy Weisgerber na...@mips.inka.de
chipits...@gmail.com wrote:
actually, I'm not going to block icmp at all, I was curious why
net.inet.icmp.tstamprepl=1 by default.
So you can run timed, of course.
As others have said, the time is not a secret.
--
Christian naddy Weisgerber na...@mips.inka.de
Lars Noodén lars.noo...@gmail.com wrote:
Is there a way in ssh(1) to get the identity specified by -i to take
precedence over what is already in the agent?
IdentitiesOnly, see ssh_config(5).
--
Christian naddy Weisgerber na...@mips.inka.de
Since I mentioned the likelihood of a non-recoverable disk error,
here's a terrific paper that should make everbody sleep very poorly:
An Analysis of Data Corruption in the Storage Stack
http://www.cs.toronto.edu/~bianca/papers/fast08.pdf
--
Christian naddy Weisgerber
data.
--
Christian naddy Weisgerber na...@mips.inka.de
...
--
Christian naddy Weisgerber na...@mips.inka.de
401 - 500 of 1018 matches
Mail list logo