Re: Setuid changed on /sbin/ping after installing patch 022_resolv

Thank you for clarifying! Yes, I misunderstood what was meant by setuid change, it makes sense it is checking for any change in a setuid binary. It may be worth changing the wording in the security(8) message from Setuid changes: to Changed setuid binaries: as this would

Setuid changed on /sbin/ping after installing patch 022_resolv

Hi all, security(8) sent me an alert that Setuid changed on /sbin/ping and /sbin/ping6: Running security(8): Setuid changes: -r-sr-xr-x 2 root bin 347728 Sep 27 17:40:01 2022 /sbin/ping -r-sr-xr-x 1 root bin 347776 Mar 11 19:42:17 2023 /sbin/ping

Re: How does bsd.upgrade work?

On Thu, Oct 21, 2021 at 03:46:20PM +0200, Janne Johansson wrote: https://marc.info/?l=openbsd-tech=138829898720574=2 and https://marc.info/?l=openbsd-tech=139013674405106=2 might help. Thanks. This is the critical section:

Re: How does bsd.upgrade work?

On Tue, Oct 19, 2021 at 09:32:21PM +0100, Stuart Henderson wrote: That's intentional. OK. Since you didn't realise this breaks sysupgrade you might also not realise it weakens RNG initialisation, it is not recommended Where can I read more about this?

Re: How does bsd.upgrade work?

On Mon, Oct 18, 2021 at 05:41:26PM +0200, Florian Obser wrote: I wouldn't call this "resolved". You are missing the point that bsd.upgrade should run automatically. *shrug* My setup is not standard, so it's normal that bsd.upgrade not run automatically. The solution I used, as far as I know,

Re: How does bsd.upgrade work?

On Mon, Oct 18, 2021 at 07:41:57PM -, Stuart Henderson wrote: I resolved the problem. The solution was to run `sysupgrade -n` to download all the upgrade files, and leave the `bsd.upgrade` kernel in place, next to the `bsd` kernel I usually boot. Then, at the next boot, manually boot the

Re: How does bsd.upgrade work?

On Fri, Oct 15, 2021 at 10:14:56PM +, tetrahe...@danwin1210.me wrote: My setup is a little bit unusual, and I'm trying to understand why `uname -a` is still reporting 6.9 after I successfully booted bsd.upgrade and saw the upgrade process scroll past. I resolved the problem. The solution

Re: How does bsd.upgrade work?

On Sat, Oct 16, 2021 at 10:28:33AM -, Stuart Henderson wrote: The boot loader looks for /bsd.upgrade with 'x' filesystem permissions. If present it removes the x flag and boots. (I think this should be documented in boot(8) for the various arch but is missing). I agree. The install

How does bsd.upgrade work?

It's not documented in the `sysupgrade` manpage. My setup is a little bit unusual, and I'm trying to understand why `uname -a` is still reporting 6.9 after I successfully booted bsd.upgrade and saw the upgrade process scroll past.

Re: Minimum RAM for Chrome

On Sat, Aug 07, 2021 at 01:15:52PM -, Stuart Henderson wrote: Am I running into system memory limits ("minimum 8GB RAM to surf the web"? what is the world coming to?) or is another issue likely the cause? I wouldn't rule that possibility out… I manage with Firefox on Linux with a 2GB

Minimum RAM for Chrome

I've got a spare laptop that I use for web browsing. Since it only has 4GB RAM, OpenBSD seemed a good fit for it. However Chrome is extremely slow. I've increased system resource limits as mentioned in the email list archives, but that didn't resolve the issue. If I turn off video acceleration

Packages/libraries in disarray after sysupgrade

After upgrading 6.8->6.9 (stable, not current) using sysupgrade, I am finding it not possible to install packages via pkg_add When I try to install something, I get a series of errors like "dependency library name>: bad major" or ": minor is too small" I am assuming I need to be installing

Re:

Hi, you need to recreate, unfortunately. This has been discussed before, if you search the archives for my email address you will find the discussion :) On Sat, May 01, 2021 at 01:39:58PM +0300, Irshad Sulaiman wrote: Hi is it possible to change from passphrase to key disk in bictl

Re: .profile not being loaded (ksh) when opening shell in X

On Tue, Apr 27, 2021 at 09:37:05AM +0200, Alexandre Ratchov wrote: If you're using a display manager (xenodm or whatever), you've to include your .profile in your session login script (X equivalent of shell's ~/.profile concept), so the envoronment (and other global login settings) from your

Re: .profile not being loaded (ksh) when opening shell in X

On Tue, Apr 27, 2021 at 08:04:32AM +0300, Pierre-Philipp Braun wrote: Could also just source your profile in your .xsession. That's what I'm in the habit of doing. I believe there's no need for neither login-shells nor those X-level tricks. To load the interactive environment into xterms or

Re: .profile not being loaded (ksh) when opening shell in X

On Mon, Apr 26, 2021 at 05:46:14PM -0400, Allan Streib wrote: "tetrahe...@danwin1210.me" writes: It looks like the custom $PATH is not being passed from the login shell on downwards, since ~/.profile is only read by a login shell. I just was looking into the same thing last night. The ksh

.profile not being loaded (ksh) when opening shell in X

I have some custom additions to my $PATH. They're defined in ~/.profile and they are correctly loaded when I log in from a text console. When I log in to X (cwm) and open a terminal window, $PATH does not contain the entries. I tried `chmod +x` on my .profile but that didn't help. Both the

Re: Cultural underground legende Seymour Cray and his legacy

On Thu, Apr 22, 2021 at 11:26:00AM -0600, jpeg bild wrote: Your postings are the result of recent secret MKULTRA experiments. good to know the cia runs pysops in mailinglists too gangstalking is confirmed real According to recently declassified CIA documents, most gangstalking perpetrators

Re: Trusted Boot with OpenBSD

That's very interesting, and good work patching the assembly code. On Wed, Apr 21, 2021 at 08:26:18AM +, podolica wrote: Hi all, I have tested if the trusted boot implementation of Julius Zint for OpenBSD 6.5 (https://marc.info/?l=openbsd-misc=158255450604977=2) is still working in

Re: TouchPad, right clicking, and cwm

On Sun, Apr 18, 2021 at 11:09:00PM +0200, Ulf Brosziewski wrote: They are using them. Which problems do you expect? The "ClickFinger" mechanism is the only feature of synaptics(4) that doesn't work properly because MT data are missing. Users that prefer synaptics(4) to wsmouse(4) will turn

Re: TouchPad, right clicking, and cwm

On Fri, Apr 16, 2021 at 08:56:59PM +0200, Ulf Brosziewski wrote: Unfortunately, that "trick" is no general solution because turning the "ClickPad" option off makes click-and-drag operations with two fingers impossible. If you don't use that "gesture", or perform it with one finger only, the

Re: TouchPad, right clicking, and cwm

On Fri, Apr 16, 2021 at 12:08:56AM +0200, Ulf Brosziewski wrote: Could you remove the "ClickPad" option from the configuration file and try two-finger clicks again? The combination of that option with the "ClickFinger" mechanism is broken, and you probably don't need it if you don't use

TouchPad, right clicking, and cwm

Hi, I'm trying to get my TouchPad/trackpad to right click. I put the following in my /etc/X11/xorg.conf.d/70-synaptics.conf: Section "InputClass" Identifier "touchpad" Driver "synaptics" MatchIsTouchpad "on" Option "ClickPad" "on" Option "VertEdgeScroll"

Auto-mounting removable disks

I have a removable disk that I want to auto-mount. However, it may not always be present. If I put an entry in fstab for it, will the system be able to cope even if the disk is not present? Is there a better way to do this?

Re: Keeping xlock on top in cwm

On Thu, Mar 18, 2021 at 06:53:31AM +0100, Robert Klein wrote: Thanks, but I like having xconsole... is there any way to make it obey the gap? I start xconsole in Xsetup_0 as follows xconsole -geometry 480x130-0-26 \ -daemon \ -notify \ -verbose \ -exitOnFail The

Re: Keeping xlock on top in cwm

On Tue, Mar 16, 2021 at 04:53:32PM -0400, Dave Voutila wrote: I worked out how to set a "gap" so that maximized windows won't obscure the xclock line at the bottom. That helped. Unfortunately, it's not enough. By default `xconsole` is sized and positioned so, if brought forward, `xconsole`

Re: Keeping xlock on top in cwm

On Tue, Mar 16, 2021 at 06:11:09PM +, tetrahe...@danwin1210.me wrote: In cwm, is there a way to keep a particular window (in this case, xclock) "always on top"? I don't see anything in the man page, but maybe I missed something: https://man.openbsd.org/cwmrc I worked out how to set a

Keeping xlock on top in cwm

In cwm, is there a way to keep a particular window (in this case, xclock) "always on top"? I don't see anything in the man page, but maybe I missed something: https://man.openbsd.org/cwmrc

Re: Default partitions allocate only 1GB to /

On Sun, Feb 28, 2021 at 08:30:14PM +0100, Janne Johansson wrote: Is /var a filesystem of its own? Otherwise it could be /var/tmp or some other place under /var which is used for unpacking packages. Yes, /var is on its own filesystem, with 10.4G available.

Re: Default partitions allocate only 1GB to /

On Sun, Feb 28, 2021 at 05:17:15PM +, James Cook wrote: > This makes little sense to me. Why should deleting a 20MB file on a > filesystem with >700MB free space be sufficient for the install to go > through? Especially when the install obviously doesn't need that much space > on the

Re: Default partitions allocate only 1GB to /

On Sat, Feb 27, 2021 at 11:52:39PM +, James Cook wrote: Sorry, you're right, pkg_add can add files to /. But generally those will be quite small (/etc/make2fs.conf sounds like a configuration file). How big is your root partition, and how much space is used? For example mine is like this

Re: Default partitions allocate only 1GB to /

On Sat, Feb 27, 2021 at 11:52:39PM +, James Cook wrote: If you have a lot more space used, you could try to figure out what's using it. My go-to command is "du -xah /|sort -h|less" That's a neat command, and amazingly enough it did the trick: there was a 20MB file, INS@yjf(...) located in

Re: Default partitions allocate only 1GB to /

On Sat, Feb 27, 2021 at 03:27:41PM -0600, Edgar Pettijohn wrote: Its more likely that you accidentaly used dd to write to a usb stick and instead wrote to a file in /dev. Thats the only way I've ever had this problem. You're right -- I had written a file to /dev. After deleting it, the

Re: Default partitions allocate only 1GB to /

On Sat, Feb 27, 2021 at 08:27:07PM +, James Cook wrote: Something's strange about your setup. The installer normally creates a separate partition for /usr and maybe /usr/local. If you're using pkg_add, then packages go in /usr/local, so they shouldn't end up on your root partition. If your

Default partitions allocate only 1GB to /

When installing OpenBSD, the default partition layout only allocates 1GB to / ... most of the disk space is allocated to /home. Once you start installing packages, / quickly grows beyond 1GB, and it looks like even some large packages exceed the available space on their own: Error:

Re: Bootloader on USB stick fails with "root device not found"

On Sun, Jan 31, 2021 at 12:06:37PM +0100, Stefan Sperling wrote: On Sun, Jan 31, 2021 at 11:47:04AM +0100, Stefan Sperling wrote: In general, crypto softraid volumes don't auto-assemble. I forgot that softraid volumes that use a key disk instead of a passphrase will auto-assemble. Have you

Re: Bootloader on USB stick fails with "root device not found"

On Wed, Feb 10, 2021 at 03:59:12PM +0100, Stefan Sperling wrote: On Wed, Feb 10, 2021 at 01:00:33PM +, Frank Beuth wrote: On Tue, Feb 02, 2021 at 10:50:39PM +0100, Stefan Sperling wrote: > The idea of protecting key disks with a passphrase (two-factor auth) has > been raised before. It has

Re: Bootloader on USB stick fails with "root device not found"

On Sun, Jan 31, 2021 at 12:06:37PM +0100, Stefan Sperling wrote: On Sun, Jan 31, 2021 at 11:47:04AM +0100, Stefan Sperling wrote: In general, crypto softraid volumes don't auto-assemble. I forgot that softraid volumes that use a key disk instead of a passphrase will auto-assemble. Have you

Re: Bootloader on USB stick fails with "root device not found"

On Fri, Jan 29, 2021 at 12:46:50PM +, tetrahe...@danwin1210.me wrote: - when booting from the bootloader on the internal HD, and after decrypting the encrypted volume, the system is able to find the disk e8 without trouble, but - when booting from the bootloader on the USB stick,

Re: Bootloader on USB stick fails with "root device not found"

On Tue, Jan 26, 2021 at 03:41:23PM +, tetrahe...@danwin1210.me wrote: Any ideas why the kernel isn't seeing sr0a as a root device? As suggested in the "Managed to mess up the system encrypted disk. I can no longer boot" thread, I tried running installboot from the working (booted from

Re: Managed to mess up the system encrypted disk. I can no longer boot.

the softraid determined this kind of behavior. Best regards, Samarul P.S. To tetrahedra --- maybe this solution will solve your problem also. Unfortunately not... I will explain what I tried over in that thread.

Re: Can't set 'from' address in .mailrc

On Thu, Jan 28, 2021 at 09:51:57PM +, Stuart Henderson wrote: Not 100% sure but I think you can just edit it in the template file. But unless you've got a properly configured mail setup on the machine saving it as a text file is probably easier. Editing it in the template file did the

Re: Can't set 'from' address in .mailrc

On Thu, Jan 28, 2021 at 05:30:47PM +0100, Marcus MERIGHI wrote: 2. Where can I find the message that 'sendbug' composed? 'ls /var/spool/smtpd/queue/*' does not show any messages in any of the subfolders, did smtpd delete it because it couldn't be delivered? Do you see smtpd[30872]: warn:

Re: Can't set 'from' address in .mailrc

On Thu, Jan 28, 2021 at 05:30:07PM -, Stuart Henderson wrote: You could use "sendbug -P > sendbug.out" to get your report in a file and send that from a different host. Or edit the file and $ cat sendbug.out | mail -s "my bug report" -r my_lap...@domain.com \ -c my_lap...@domain.com

Can't set 'from' address in .mailrc

I'm trying to set up my system so I can use 'sendbug' to send in a bug report for a kernel panic, and a number of issues have cropped up. 1. My mail provider won't let me send email from but only from . Therefore I tried adding to ~/.mailrc: set from "my_lap...@domain.com"

Re: Managed to mess up the system encrypted disk. I can no longer boot.

On Wed, Jan 27, 2021 at 05:50:07PM +0200, Samarul Meu wrote: After searching online I discovered this: boot sr0a:/bsd. Now it asks for my Passphrase and it starts booting but then it hangs softraid0 at root scsibus2 at softraid0: 256 targets panic: root device (3312a...) not found Stopped at

Re: cwm manpage default keybinding is incorrect

On Tue, Jan 26, 2021 at 12:06:43PM -0500, Okan Demirmen wrote: Please see my 2nd post where I explained I was hitting "Backspace", and the official documentation does not mention any binding for CM-Backspace. I did not see a 2nd post; in any case, this is not cwm(1), rather the default

Re: cwm manpage default keybinding is incorrect

On Tue, Jan 26, 2021 at 09:39:31AM -0500, Okan Demirmen wrote: On Sat 2021.01.23 at 01:04 +, tetrahe...@danwin1210.me wrote: The cwm default keybindings listed in the manpage do not appear to be entirely correct: https://man.openbsd.org/cwm For example the man page lists: CM-Delete

Re: Bootloader on USB stick fails with "root device not found"

On Mon, Jan 25, 2021 at 08:08:20PM +0100, Jan Stary wrote: I am trying to set up the bootloader on an external USB stick to boot my FDE-encrypted disk: Why? You say you can boot from the disk itself. See the original linked email discussion from my post for the reasons why. Short answer: if

Re: FDE disk setup instructions are misleading when installing from USB

On Sat, Jan 23, 2021 at 04:25:39PM -0800, Bryan Wright wrote: Perhaps someone will make some changes to the installer or documentation. But, I can tell you, a diff, or at least a proposed specific solution, will always go a lot further than pointing out a potential problem, simply because

Bootloader on USB stick fails with "root device not found"

As per this discussion I am trying to set up the bootloader on an external USB stick to boot my FDE-encrypted disk: https://marc.info/?l=openbsd-misc=158196161321272=2 When booting from the USB stick (which contains a full install), I follow the softraid.4 man page example and do: boot> boot

Re: FDE disk setup instructions are misleading when installing from USB

On Fri, Jan 22, 2021 at 04:44:31PM -0800, Bryan Wright wrote: but to set up FDE I had to reference the official FAQ Referring to the official documentation is a key distinction between successful OpenBSD use and that of many other systems; the early that gets hammered home the better,

cwm manpage default keybinding is incorrect

The cwm default keybindings listed in the manpage do not appear to be entirely correct: https://man.openbsd.org/cwm For example the man page lists: CM-DeleteLock the screen. However, CM-Delete actually restarts the window manager (!) on my install (6.8).

Re: FDE disk setup instructions are misleading when installing from USB

On Fri, Jan 22, 2021 at 02:39:25PM -0800, Bryan Wright wrote: Because, there is no guarantee that the drives will be loaded in a given order on boot, there would be little benefit in changing the example. If the entire page is read, everything should be clear enough, but if anything were to

FDE disk setup instructions are misleading when installing from USB

When installing from a USB thumb drive, the machine's internal HDD usually shows up as sd0 and the thumb drive as sd1. However, the FDE installation instructions suggest that we should overwite the first 1MB of sd1 with zeros: # dd

Re: Integrating OpenBSD into Xen/Qubes

On Fri, Oct 16, 2020 at 11:35:40AM +0200, Anders Andersson wrote: How could any hardening in OpenBSD protect from someone owning the hardware? Or do you mean that an OpenBSD guest would run with exclusive access to the NIC and then every other guest is routed through that guest? Yes, exactly.

Integrating OpenBSD into Xen/Qubes

A number of people are working on integrating OpenBSD into Qubes. In particular, OpenBSD's hardening and mitigations are potentially very useful in talking to the NIC: Xen vulnerabilities have been repeatedly found that would allow a guest with PCI access to compromise the entire system, and