Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On Tue, May 02, 2006 at 10:05:28PM -0700, paul dansing wrote: Is there some reason this issue is being ignored? What, you people need to see an exploit before you will even LOOK at it and answer whether it is vuln? sorry, but wouldn't it make more sense to ask on a php list whether those versions of php have the vulnerabilities? maybe they are just on the php 5.1.x line? really, the php folks are more to blame for the lack of details, IMO. have you tested Robert's php update and given him feedback? if not, you really have no place to complain. and if you are not satisfied with this, then install php-5.1.3 on your own and be done with it. -- [EMAIL PROTECTED]
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
Is somebody stopping you from installing via source? Kian paul dansing wrote: Is there some reason this issue is being ignored? What, you people need to see an exploit before you will even LOOK at it and answer whether it is vuln? Can someone please give a straight answer about these PHP security holes? OpenBSD 3.9 released yesterday had packages supporting: php 4.4.1p0 php 5.0.5p0 are either of these vulnerable? if so, is someone going to release updated packages (not just ports)? the php 5.1.3 release: The security issues resolved include the following: * Disallow certain characters in session names. * Fixed a buffer overflow inside the wordwrap() function. * Prevent jumps to parent directory via the 2nd parameter of the tempnam() function. * Enforce safe_mode for the source parameter of the copy() function. * Fixed cross-site scripting inside the phpinfo() function. * Fixed offset/length parameter validation inside the substr_compare() function. * Fixed a heap corruption inside the session extension. * Fixed a bug that would allow variable to survive unset(). thanks Monday, May 1, 2006, 7:18:50 AM, you wrote: Hi. I haven't recieved a single test report, but I still get letters about asking for an update. How's that? This tarball also includes mysqli, fastcgi and hardened php support: http://gi.unideb.hu/~robert/php.tar.gz On (28/04/06 01:59), Robert Nagy wrote: Hi. Finally after fighting with pear I've managed to create a working update for the php5 port. The PHP guys have changed the installation method of pear to use some crappy PHP_Archive. With this move they broke the installation of pear on serveral linux distros (e.g. Frugalware), OpenDarwin and on OpenBSD of course. Any other crappy package managements where they install files directly to ${LOCALBASE} -- Kian Mohageri ResTek, Western Washington University [EMAIL PROTECTED]
Re: PCMCIA on a laptop with a Insyde Software MobilePRO BIOS not working
On 5/3/06, Lars Hansson [EMAIL PROTECTED] wrote: Just good ole GENERIC with no parameters. Only thing that doesnt work are the APM and the temperature sensors. Oh well. I guess there is more to the Insyde BIOS than just meets the eye. I do hate the way Acer has implemented it, on the TM2400 though... Thanks for the answers Lars :) -- Regards Henrik
Re: dell 2650 (-current)
On 5/2/06, Okan Demirmen [EMAIL PROTECTED] wrote: Hi - So I have this wierd problem, which is duplicated on 3 identical machines, where I get a bunch of bmc_io_wait fails messages (see the end of the dmesg). The longer the machine is on, the more messages get tacked on. I'm wondering what this could be. Any ideas/hints? Something similar happened to me with X4200. marco@ committed a fix which disables any found iic sensors if ipmi is present. This is seen in your message as: iic0 at piixpm0: disabled to avoid ipmi0 interactions Try to disable ipmi on boot, and see if your problems go away. You should see some sensors in hw.sensors provided by piixpm. Or, try to disable iic on boot as well. I'm sure marco@ will offer a much better answer.
de(4) NIC change in 3.9 release
I updated my i386 3.8 system to 3.9 and noticed that my ALTQ rules wouldn't load on de0 de(4), giving error: pfctl: de0: driver does not support altq ALTQ worked before and I can't see any explicit notice of was this changed on purpose. Has anyone else come across this?
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On Tue, May 02, 2006 at 10:05:28PM -0700, paul dansing wrote: Is there some reason this issue is being ignored? What, you people need to see an exploit before you will even LOOK at it and answer whether it is vuln? I'm not the maintainer of php itself, but still I have an opinion. I don't like php, from a security point of view. It has an AWFUL track record. Some people will tell you it has seen lots of vulnerabilities because it's in heavy use. Well, I've had a look at the code, it has seen lots of vulnerabilities because it was never designed with security in mind. That said, we provide php because some people may want it. I personally would NOT want to run that on any kind of web server (in fact, I use perl's HTML::Mason as the same kind of framework). I can give you a simple answer though. Yes, php* is vulnerable. Doesn't matter whether you're talking about this vulnerability, or another. There will be another one lurking around the corner. Fixing vulnerabilities in the php code is like sticking a finger in a dike. Great legendary stuff, doesn't really work in reality.
Re: using torrents for packages?
Isn`t it be possible to switch to torrents to install packages? Are you talking about a torrent for each package? No thanks. Grab them while you can, honey ;-) http://charybdis.xenon-nrw.net/~josen/OpenBSD_39_amd64_torrent/ This thread is the funniest and most useless I ever saw on misc. Who would really want to distribute OpenBSD by torrent? For each single package... LOL -Falk
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On Tue, 2 May 2006, paul dansing wrote: Is there some reason this issue is being ignored? What, you people need to see an exploit before you will even LOOK at it and answer whether it is vuln? It isn't our job to tell you what software is vulnerable. But maybe you should read your own email, especially it includes this quote from the OpenBSD developer who is trying to update our PHP version: I haven't recieved a single test report, but I still get letters about asking for an update. How's that? This tarball also includes mysqli, fastcgi and hardened php support: http://gi.unideb.hu/~robert/php.tar.gz So, if you really case then stop whinging and start testing! -d
i386 chroot on amd64 platform (obsd 3.9)
Hello, I've installed OpenBSD 3.9(amd64) on AMD64 box and now I thought about installing i386 OpenBSD minimal install into this installation just to be able to chroot from amd64 environment to i386 without a need to reboot computer. I tried this, but it seems at least on GENERIC kernels it's not supported: # chroot `pwd`/i386/ chroot: /bin/ksh: Exec format error # machine amd64 # file i386/bin/ksh i386/bin/ksh: ELF 32-bit LSB executable, Intel 80386, version 1, for OpenBSD, statically linked, stripped is this way supported in different kernel configuration? Is it recommended by you OpenBSD folks? I'm asking since this is how I test software on both platforms on debian. Thanks a lot, Karel -- Karel Gardas [EMAIL PROTECTED] ObjectSecurity Ltd. http://www.objectsecurity.com
Re: X.Org server security vulnerability
Just a thought, but in accordance with FAQ section 5.5 Building X (http://www.openbsd.org/faq/faq5.html#Xbld) Shouldn't the patch instruct user to cd in /usr/Xbld to perform the make build? Best regards, --patrick Patch for 002_xorg.patch :-) --8CUT-8-- --- 002_xorg.patch-orig Wed May 3 00:01:32 2006 +++ 002_xorg.patch Wed May 3 00:40:26 2006 @@ -1,8 +1,11 @@ Apply by doing: - cd /usr/src/XF4 + cd /usr/XF4 patch -p0 002_xorg.patch And then rebuild and install X: + test -d /usr/Xbld || \ + (mkdir -p /usr/Xbld cd /usr/Xbld lndir ../XF4) + cd /usr/Xbld make build Index: xc/programs/Xserver/render/mitri.c --8CUT-8-- --- Peter Valchev [EMAIL PROTECTED] wrote: A security vulnerability has been found in the X.Org server -- CVE-2006-1526. Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server. Patches for the respective releases: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/002_xorg.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/007_xorg.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: OT: Thoe's x commit and homeland security audit
On Tue, May 02, 2006 at 09:39:38PM -0400, Steve Shockley wrote: Ste Jones wrote: 7 days before the official patch 7 weeks. 7 days, watch here: Theo's patch +++ 2006/03/10 17:29:51 1.14 Xorg's patch +++ 2006-03-17 23:29:35.0 +0200 -- | /\ ASCII Ribbon | Jonathan Glaschke - Lorenz-Goertz-Stra_e 71, | \ / Campaign Against | 41238 Moenchengladbach, Germany; | XHTML In Mail | jabber: [EMAIL PROTECTED] | / \ And News | http://jonathan-glaschke.de/ [demime 1.01d removed an attachment of type application/pgp-signature]
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
php is required in order to use many of the more mature web applications such as forum software. i run apache chroot, use modsecurity, and use ipf to limit the www user. a tight systrace policy might help but not very much incremental gain. everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch in another language? also, i wish openbsd would release updated packages instead of just the patches. i would do it myself but who would trust a binary some random guy posts? openbsd maintainers have to step up and do this. why aren't you guys releasing package updates anyway? when you post a source patch on your errata page, take the few extra minutes to make a updated package and post that as well please! :) thanks
groff
I notice groff hasn't been updated in 2-3 years. Any particular reason?
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On 2006/05/03 01:08, paul dansing wrote: also, i wish openbsd would release updated packages instead of just the patches. This generally does happen for security updates, look at e.g. openvpn in a 3.8 packages mirror (not one but two updates...they're not there for 3.9 yet, but port updates only went into OPENBSD_3_9 recently, so you might find the new packages built from these arrive soon).
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
Hi Paul, everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch in another language? Stop complaining and actually do something about it. Playing victim is not going to get you anywhere. But let's not get sidetracked, shall we? openbsd maintainers have to step up and do this. why aren't you guys releasing package updates anyway? No offense, but someone might take offense at your tone. Just so you know. when you post a source patch on your errata page, take the few extra minutes to make a updated package and post that as well please! :) http://www.openbsd.org/pkg-stable.html HTH... Nico
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
PHP will be updated in 3.9 and 3.8. But first we need to take the port in HEAD to 5.1.*. I alrady sent updates to mailing lists but Ido not see any test report from you. If we update a port in a stable branch we do build the updated packages. Maybe you should rad some documentation.
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On 5/3/06, paul dansing [EMAIL PROTECTED] wrote: php is required in order to use many of the more mature web applications such as forum software. It's open for debate whether maturity also extends to the platform chosen for an application. Fortunately, everyone gets to decide that for themselves. everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch You suspend the service or continue it, waiting for said security breach. Alternatively, you could continue along bolting things down or auditing code. Or put in the testing effort as requested by developers. Try what works best for you. when you post a source patch on your errata page, take the few extra minutes to make a updated package and post that as well please! :) Perhaps developers see a better use for those few extra minutes. IIRC, updated packages (with increasing patch level numbers) also end up on the distribution sites. If I'm wrong on this, feel free to correct me. If such a timeframe does not cover your needs, how about setting up your own build host? It is rather easy to generate release filesets and packages from the -stable branch. At the expense of some resources, you solve your problem. It works for me, that is. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On Wed, May 03, 2006 at 01:08:50AM -0700, paul dansing wrote: also, i wish openbsd would release updated packages instead of just the patches. i would do it myself but who would trust a binary some random guy posts? openbsd maintainers have to step up and do this. why aren't you guys releasing package updates anyway? when you post a source patch on your errata page, take the few extra minutes to make a updated package and post that as well please! :) You don't know what you're talking about. Releasing updated packages means having an extra machine that would run only stable, and building stuff on that as well. This is not a few minutes more, more like three or four hours of definitely not fun work.
Re: groff
On Wed, May 03, 2006 at 02:32:28AM -0600, D. E. Evans wrote: I notice groff hasn't been updated in 2-3 years. Any particular reason? someone would need to step up and do the work, if they wanted it... jmc
Xen/OpenBSD Summer of Code project
We've put up some Xen-related projects for the Google Summer of Code, and one of them of particular interest is a port of OpenBSD to Xen 3.0 as a native guest OS. Full list: http://www.xensource.com/summerofcode.html Interested hackers are encouraged to apply; it is a fun project, some NetBSD code already exists, and will be useful. -- Anil Madhavapeddy http://anil.recoil.org XenSource http://www.xensource.com
Re: OT: Thoe's x commit and homeland security audit
On 03/05/06, Ste Jones [EMAIL PROTECTED] wrote: Is Theo the automated code scanner mentioned here? http://news.yahoo.com/s/zd/20060502/tc_zd/177195 In reference to this commit http://www.openbsd.org/cgi-bin/cvsweb/XF4/xc/programs/Xserver/hw/xfree86/common/xf86Init.c.diff?r1=1.13r2=1.14 7 days before the official patch http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-geteuid.diff Just curious I think Theo's comment also deserves some attention: proper geteuid calls because suse hires people who mistype things The article doesn't really mention this, but it looks like it's not one of the original X bugs, but the one that was added in X.Org 6.9.0 by, according to Theo, SuSE. I.e. it could not have been discovered two years ago, because it didn't exist at that time. :) One other good conclusion, is that no OpenBSD -RELEASEs were ever affected by this bug. :) Constantine.
Re: OT: Thoe's x commit and homeland security audit
On 03/05/06, Constantine A. Murenin [EMAIL PROTECTED] wrote: On 03/05/06, Ste Jones [EMAIL PROTECTED] wrote: Is Theo the automated code scanner mentioned here? http://news.yahoo.com/s/zd/20060502/tc_zd/177195 In reference to this commit http://www.openbsd.org/cgi-bin/cvsweb/XF4/xc/programs/Xserver/hw/xfree86/common/xf86Init.c.diff?r1=1.13r2=1.14 7 days before the official patch http://xorg.freedesktop.org/releases/X11R6.9.0/patches/x11r6.9.0-geteuid.diff Just curious I think Theo's comment also deserves some attention: proper geteuid calls because suse hires people who mistype things The article doesn't really mention this, but it looks like it's not one of the original X bugs, but the one that was added in X.Org 6.9.0 by, according to Theo, SuSE. I.e. it could not have been discovered two years ago, because it didn't exist at that time. :) One other good conclusion, is that no OpenBSD -RELEASEs were ever affected by this bug. :) That is to say, the article is rather misleading -- it even mentions OS X, but OS X includes xfree86 4.4 (http://www.apple.com/macosx/features/x11/), which doesn't have this bug. I.e. only a very limited number of actual non-linux installations would be affected. Nothing to worry here, but it'll be fun to know how it actually was discovered. :)
Re: Nexthop changing in iBGP session using openbgpd against a Cisco
Claudio Jeker wrote: On Thu, Apr 27, 2006 at 04:24:57PM +0100, Dunc wrote: Hi all, I'm trying to configure an OpenBSD box as a BGP route reflector. I have an iBGP peer configured to one of our core routers which has an eBGP session to one of our providers. I have configured that neighbor with the route-reflector option in bgpd.conf. If I log updates, and watch the log as the session comes up, I see a lot of updates come in, with the next-hop attribute set to the IP of our provider, which is what I would expect as the next-hop should not be changed in iBGP. If I then show fib or show rib with bgpctl, the next-hop for all these routes is actually the IP of our core router, rather than that of our provider. I have configured a static route on the OpenBSD box to our provider's IP, so the problem isn't that it is an unreachable network. I think I must be missing something, because AFAIK, this isn't the correct behaviour for iBGP. Show rib and show fib shows the true nexthop and not the exit nexthop. The true nexthop is the one that is one hop from your router whereas the exit nexthop is the nexthop sent to you by the BGP update. Ok, I configured another router to have an iBGP peer, and set both neighbors to be route-reflector clients, and can see that it is indeed passing routes on with the exit nexthop set. This behaviour of putting the true next hop into the routing table seems weird to me though, surely it should be the job of whatever IGP one uses, or even just by using static routes, to decide how to get to the exit nexthop, rather than the true nexthop be entered into the routing tables? In any case, is there any way I can see the actual routes received from a peer? ( I've noticed that I can do this by logging updates, but is there a bgpctl command equivalent to show ip bgp neighbors neighbor received-routes ? ) Many thanks for replying to my original question, Regards, Dunc
The Japanese input
Hello all. Had working this by the time of the following post: http://archives.neohapsis.com/archives/openbsd/2005-11/1690.html Now with 3.9 GENERIC #723 i386 neither xemacs anthy or kinput2 -wnn (jserver) installs for me[1]. Would be really grateful if someone could possibly share the joy of the kanji manipulation. [1] http://www.ne.jp/asahi/diver/hrk/openbsd/s-anthy.html. vladas
Re: i386 chroot on amd64 platform (obsd 3.9)
Karel Gardas wrote: Hello, I've installed OpenBSD 3.9(amd64) on AMD64 box and now I thought about installing i386 OpenBSD minimal install into this installation just to be able to chroot from amd64 environment to i386 without a need to reboot computer. I tried this, but it seems at least on GENERIC kernels it's not supported: # chroot `pwd`/i386/ chroot: /bin/ksh: Exec format error # machine amd64 # file i386/bin/ksh i386/bin/ksh: ELF 32-bit LSB executable, Intel 80386, version 1, for OpenBSD, statically linked, stripped OpenBSD/amd64 is a totally different platform than OpenBSD/i386. Do you expect to be able to run sparc apps on alpha? is this way supported in different kernel configuration? Is it recommended by you OpenBSD folks? I'm asking since this is how I test software on both platforms on debian. And we all know OpenBSD is just another Linux variant. Sounds like either they spent a lot of time putting in a compatibility layer or very little time putting in 64 bit code support. I'm guessing it was something expedient to help compatibility with binary stuff that wasn't available in 64 bit code. You probably think this is a feature of Debian. As someone who watched the world spend over a decade running 8088 code and work around 8088 limitations (i.e., EMS)on 80286, 80386 and 80486 and later processors, I think this is a really bad idea. I am SO glad that OpenBSD has kept them separate. Here's an interesting thought...wonder how one would handle the W^X on your hypothetical OpenBSD/amd64-32. Some code could use the NX bit, others would have to play with the MMU...sounds unlikely to be done right. ok, never mind...not that interesting at all. Nick.
Parabens
[IMAGE][IMAGE][IMAGE][IMAGE] PARABINS!!! Vocj acaba de ser sorteado na promogco (Assim de Prjmios na Americanas.com!!) Apss um processo de selegco intenso, o qual inclui pessoas cadastradas em sites de relacionamento, clientes de diversos provedores de servigos de internet (Ibest, UOL, Terra, BrTurbo, etc.), e outros servigos na internet, VOCJ foi um dos diversos vencedores! Vocj podera escolher um destes produtos: [IMAGE] Micro System MCM240/21 400W Flat Hi-Fi c/MP3 - Philips. Dispensa Comentarios. Um excelente Micro System. [IMAGE] Um celular de puro estilo: o Siemens CF75 i um celular feito para dar o que falar. [IMAGE] Ouga sua mzsica MP3,WMA ou FM onde vocj estiver com o GoGear 256 MB Mas ATENGCO. Nco perca tempo pois se vocj nco entrar em contato conosco logo estes prjmios poderco nco estar mais disponmveis. Entre em contato conosco agora atravis da forma mais segura de contato e desenvolvida pela Americanas.com. Baixe o programa Formulario de Contato e entre em contato com nss agora mesmo. Clique aqui para baixar o programa Formulario de Contato.
Re: build a kernel
hi after a rebuild of the gcc compiler with this instruction http://openbsd.org/faq/faq5.html#NewCompiler a kernel build and a make build will be successful. thanks to all for help. holger -Urspr|ngliche Nachricht- Von: holger glaess [EMAIL PROTECTED] Gesendet: 02.05.06 14:03:50 An: misc@openbsd.org Betreff: build a kernel hi i did an cvsup from 38 to 3.9 then everthing was documented ( cd /usr/src/sys/arch/i386/conf ; config GENERIC ; cd ../compile/GENERIC ; make depend ) to make shure if i did somthing wrong i got the whole source by ftp (src.tar.gz and sys.tar.gz ) for 3.9 and get on both this error ! any clue for me ? holger # make depend mkdir -p /usr/src/sys/arch/i386/compile/GENERIC/lib/kern depending the kern library objects depending the compat library objects sh /usr/src/sys/arch/i386/compile/GENERIC/../../../../kern/genassym.sh cc -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes -Wno-uninitialized -Wno-format -Wno-main -fno-builtin-printf -fno-builtin-log -O2 -pipe -nostdinc -I. -I/usr/src/sys/arch/i386/compile/GENERIC/../../../../arch -I/usr/src/sys/arch/i386/compile/GENERIC/../../../.. -DDDB -DDIAGNOSTIC -DKTRACE -DACCOUNTING -DKMEMSTATS -DPTRACE -DCRYPTO -DSYSVMSG -DSYSVSEM -DSYSVSHM -DUVM_SWAP_ENCRYPT -DCOMPAT_35 -DCOMPAT_43 -DLKM -DFFS -DFFS_SOFTUPDATES -DUFS_DIRHASH -DQUOTA -DEXT2FS -DMFS -DXFS -DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DNFSCLIENT -DNFSSERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DPORTAL -DINET -DALTQ -DINET6 -DIPSEC -DPPP_BSDCOMP -DPPP_DEFLATE -DMROUTING -DBOOT_CONFIG -DI386_CPU -DI486_CPU -DI586_CPU -DI686_CPU -DUSER_PCICONF -DUSER_LDT -DAPERTURE -DCOMPAT_SVR4 -DCOMPAT_IBCS2 -DCOMPAT_LINUX -DCOMPAT_FREEBSD -DCOMPAT_BSDOS -DCOMPAT_AOUT -DPROCFS -DACPIVERBOSE -DPCIVERBOSE -DEISAVERBOSE -DUSBVERBOSE -DWSDISP! LAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD -DWSDISPLAY_DEFAULTSCREENS=6 -DWSDISPLAY_COMPAT_PCVT -DPCIAGP -D_KERNEL -Di386 -DMAXUSERS=32 /usr/src/sys/arch/i386/compile/GENERIC/../../../../arch/i386/i386/genassym.cf assym.h.tmp mv -f assym.h.tmp assym.h In file included from /usr/src/sys/uvm/uvm_map.h:392, from /usr/src/sys/uvm/uvm_extern.h:380, from /usr/src/sys/sys/user.h:45, from /tmp/genassym_c.nXGRIw9116:9: /usr/src/sys/sys/systm.h:163: warning: conflicting types for built-in function `vsnprintf' /usr/src/sys/sys/systm.h:165: warning: conflicting types for built-in function `snprintf' /usr/src/sys/sys/systm.h:190: warning: conflicting types for built-in function `memcpy' /usr/src/sys/sys/systm.h:195: warning: conflicting types for built-in function `memset' In file included from /usr/src/sys/sys/systm.h:303, from /usr/src/sys/uvm/uvm_map.h:392, from /usr/src/sys/uvm/uvm_extern.h:380, from /usr/src/sys/sys/user.h:45, from /tmp/genassym_c.nXGRIw9116:9: /usr/src/sys/lib/libkern/libkern.h:158: warning: conflicting types for built-in function `memcmp' /usr/src/sys/lib/libkern/libkern.h:165: warning: conflicting types for built-in function `strncpy' /usr/src/sys/lib/libkern/libkern.h:171: warning: conflicting types for built-in function `strncmp' *** Error code 1 Stop in /usr/src/sys/arch/i386/compile/GENERIC (line 691 of Makefile). #
Re: build a kernel
On Wednesday 03 May 2006 07:15, holger glaess wrote: hi after a rebuild of the gcc compiler with this instruction http://openbsd.org/faq/faq5.html#NewCompiler a kernel build and a make build will be successful. thanks to all for help. holger Building upgrades between versions is not supported. Please upgrade with an install disk/bsd.rd then update to -stable. Tim Donahue
002 patch and priv sep
002 patch for 3.9 says crash it and to execute malicious code within the X server. What side of the privilege separated X does this apply to? -- Will Happy I don't install X on my servers Backman
disk bad block
Hi misc, I would like to create a large partition on a disk, but this disk has a known bad block. How could I create the partition without the bad block ? One solution is to create two partitions without the bad block and use ccd. Is there another solution ? And is there any way to isolate some bad blocks on an existing partition? I know that I should buy another disk :-) Thanks Paulo Manoel Mafra LCMI - Laboratorio de Controle e Micro Informatica Departamento de Automagco e Sistemas - UFSC
Re: i386 chroot on amd64 platform (obsd 3.9)
Nick Holland wrote: Karel Gardas wrote: Hello, I've installed OpenBSD 3.9(amd64) on AMD64 box and now I thought about installing i386 OpenBSD minimal install into this installation just to be able to chroot from amd64 environment to i386 without a need to reboot computer. I tried this, but it seems at least on GENERIC kernels it's not supported: # chroot `pwd`/i386/ chroot: /bin/ksh: Exec format error # machine amd64 # file i386/bin/ksh i386/bin/ksh: ELF 32-bit LSB executable, Intel 80386, version 1, for OpenBSD, statically linked, stripped OpenBSD/amd64 is a totally different platform than OpenBSD/i386. Do you expect to be able to run sparc apps on alpha? No, but I just expect to run code of processor variant on processor which certainly support executing the code natively. is this way supported in different kernel configuration? Is it recommended by you OpenBSD folks? I'm asking since this is how I test software on both platforms on debian. And we all know OpenBSD is just another Linux variant. Why such sarcasm? Is it forbidden to move from Linux to OpenBSD? I'm not aware of the fact that I would claim OBSD is just Linux variant in the paragraph above... Sounds like either they spent a lot of time putting in a compatibility layer or very little time putting in 64 bit code support. Well, debian itself is quite clean. It provides AMD64 bit kernel with IA32 support and pure AMD64 userland. It's up to the user to install IA32 bit chroot inside such environment, since kernel is ready to support it. Others (SuSE/RedHat IIRC) are mixing AMD64/IA32 user-land (at least libraries) together, i.e. in one system different dirs. I'm guessing it was something expedient to help compatibility with binary stuff that wasn't available in 64 bit code. You probably think this is a feature of Debian. Not at all, I think this is a feature of linux kernel on amd64 platform, hence my question if openbsd kernel supports the same. As someone who watched the world spend over a decade running 8088 code and work around 8088 limitations (i.e., EMS)on 80286, 80386 and 80486 and later processors, I think this is a really bad idea. I am SO glad that OpenBSD has kept them separate. Here's an interesting thought...wonder how one would handle the W^X on your hypothetical OpenBSD/amd64-32. Some code could use the NX bit, others would have to play with the MMU...sounds unlikely to be done right. And that's exactly why I've been thinking about it, hence I asked here, otherwise I would plainly expected that ia32 is supported on amd64. :-) Thanks! Karel -- Karel Gardas [EMAIL PROTECTED] ObjectSecurity Ltd. http://www.objectsecurity.com
error clamav at 3.9
dear all i try install clamav and get erro # pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/clamav-0.88.tgz parsing clamav-0.88 Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: Unknown command. Dependencies for clamav-0.88 resolve to: unzip-5.52, lha-1.14i.ac20050924, zoo-2.10.1, unarj-2.43, arc-5.21n, gmp-4.1.4p0, curl-7.15.1, unrar-3.54p0, bzip2-1.0.3 (todo: unarj-2.43,unrar-3.54p0,zoo-2.10.1,gmp-4.1.4p0,curl-7.15.1) Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: 550 Failed to open file. clamav-0.88:Can't find unarj-2.43 /usr/sbin/pkg_add: unarj-2.43:Fatal error -sonjaya-
Re: www.openbsd.org defaults to Japanese
you've been redirected elsewhere? Sure doesn't here. -Bob * Tan Dang [EMAIL PROTECTED] [2006-05-02 18:04]: Any reason why www.openbsd.org displays Japanese by default now? Tan -- | | | The ASCII Fork Campaign \|/ against gratuitous use of threads. |
Re: patch validation
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2006-05-02 20:07]: yea. i'll keep that in mind. too bad it doesnt work in an audit. (Ahem) horseshit. If you as your regular business practice set up a procedure that the admins keep notes on a system and documents whenever fixes are applied (try a tool such as plod), and that you have a documented process saying that is what you do this, it will work absoultely fine in an audit. If you just decide to keep a piece of paper in your desk, or some shitty little file in your homedir that nobody knows about, and only you do it, and it's not documented as part of your process anywhere, it will not work as part of an audit. -Bob
Re: Bootable Sparc64 CD
On Tue, 2 May 2006, Chris wrote: I would really love to experiment with building my own bootable Sparc64 CD - Is there a How-To on this? The best how-to i'm aware of: http://www.openbsd.org/cgi-bin/cvsweb/src/distrib/sparc64/cdfs/Makefile?rev=1.11 Also read mkhybrid(8) and mksuncd(1) Enjoy, -f http://www.blackant.net/ -- Best regards, Chris Possessions increase to fill the space available for their storage.
Re: disk bad block
Paulo Manoel Mafra wrote: Hi misc, I would like to create a large partition on a disk, but this disk has a known bad block. How could I create the partition without the bad block ? One solution is to create two partitions without the bad block and use ccd. Is there another solution ? And is there any way to isolate some bad blocks on an existing partition? Somehow create a file which occupies those blocks. Preferably including neighboring blocks. Do not EVER delete or use the file. I know that I should buy another disk :-) Yes, it almost certainly has other problems. For a long time, drives will show a bad sector only when the hardware has run out of spares in the neighborhood. When it shows a bad block, there is more that one problem already on the disk. Probably useful as a learning experience watching a disk slowly go bad. However you do not want to put your only copy of anything important on it. Thanks Paulo Manoel Mafra LCMI - Laboratorio de Controle e Micro Informatica Departamento de Automagco e Sistemas - UFSC
Re: error clamav at 3.9
sonjaya wrote: dear all i try install clamav and get erro snip clamav-0.88:Can't find unarj-2.43 /usr/sbin/pkg_add: unarj-2.43:Fatal error Some of the dependencies, like unarj, don't have licenses that allow them to be posted to FTP sites. You have to build them yourself from /usr/ports. -sonjaya- -- Support OpenBSD: http://www.openbsd.org/orders.html
Re: disk bad block
On 2006/05/03 10:24, Paulo Manoel Mafra wrote: I would like to create a large partition on a disk, but this disk has a known bad block. How could I create the partition without the bad block ? Use a different drive? It's normal for drives to have bad blocks, they used to be printed on a label attached to the drive, modern drives have spare capacity which is automatically allocated over bad or failing blocks. If this isn't happening any more, the drive is not worth trusting. One solution is to create two partitions without the bad block and use ccd. Is there another solution ? badsect(8) if your data is worth nothing.
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
paul dansing [EMAIL PROTECTED] wrote: php is required in order to use many of the more mature web applications such as forum software. i run apache chroot, use modsecurity, and use ipf to limit the www user. a tight systrace policy might help but not very much incremental gain. everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch in another language? There is in fact mature web software out there that's not written in PHP. Just as an example: http://www.gossamer-threads.com/ You can probably find free (no $$$) stuff also if you poke around a bit. The real problem is that PHP (and MySQL too) is ubiquitous, whereas you'll be hard-pressed to find web hosts who offer accounts with mod_perl, fastcgi, or postgresql. They exist, but they're just not as common, and they tend to charge more than $4.99/mo. Then again, it sounds like you're running your own OpenBSD server, so this probably isn't an issue... -- Stephen Takacs [EMAIL PROTECTED] http://perlguru.net/ 4149 FD56 D078 C988 9027 1EB4 04CC F80F 72CB 09DA
Re: Compilers make a system less secure?
Hello chefren, Wednesday, May 3, 2006, 8:34:09 AM, you wrote: c There are lots of dangers, and of course there is need of an operator c but if guns are around even an child of 2 years old can kill someone. c Eh: Without the tool (gun): there is definitely no problem. Of course c it's possible to kill someone with a long piece of frozen water but c that's not a sensible discussion. Weapons shouldn't be available in c civil situations. c All agree with that for digital tools but not for hardware... Guns c lead to dangerous escalation possibilities. c Still impossible to kill someone with a gun and the necessary c ammunition if both are not physical available! Yeah... whatever. I choose not to live this way. On another topic... You might want to consider sending future replies to list, instead of sending them to me directly, off-list. It's easy, just address them to misc@openbsd.org -wittig http://www.robertwittig.com/ . http://robertwittig.net/
Re: OT: opinion on this opinion...
Ted Unangst wrote: On 5/2/06, poncenby [EMAIL PROTECTED] wrote: Taken from http://wiki.noreply.org/noreply/TheOnionRouter/ TorFAQ#ServerAnonymity FreeBSD 4.x, all versions of OpenBSD, and all versions of NetBSD have broken gethostbyname_r() implementations that cause Tor's threads to stomp on each other. So rather than threading on these platforms, we made Tor fork new processes. This means you need way more memory to run a Tor server, especially an exit server. If you want to run a Tor server, we recommend you upgrade to a better OS. i got a flat tire the other day, so now i have to buy a new car. if using fork() really makes it use that much more memory than threading, they've done something terribly weird. Well, they appear to be claiming Linux as a better OS, so god only knows what they've done to their server :)
Re: exploit for openbsd 3.9 php 4.4.1p0/5.0.5p0
On Wed, 3 May 2006 01:08:50 -0700 paul dansing [EMAIL PROTECTED] wrote: php is required in order to use many of the more mature web applications such as forum software. i run apache chroot, use modsecurity, and use ipf to limit the www user. a tight systrace policy might help but not very much incremental gain. everyone says php is a security breach waiting to happen, so what else can i do if i want to use these large apps without rewriting them from scratch in another language? There is plenty of stuff written in better languages. Not only is PHP a horrible nightmare, but 90% of the code written in it is even worse. Are you actually looking at the code you are using, or are you just installing crap like phpBB because everyone else does? Adam
Re: Compilers make a system less secure?
On 05/03/06 17:50, Robert C Wittig wrote: Hello chefren, .. Yeah... whatever. I choose not to live this way. Some things are not to be chosen by individuals in a civil society... On another topic... You might want to consider sending future replies to list, instead of sending them to me directly, off-list. It's easy, just address them to misc@openbsd.org This has nothing to do with OpenBSD and it's pretty impolite to transfer information send to you personally to a mailing list. You may wish to live that way but you won't make lots of friends with it. ---chefren
Re: Recommended NIC: Gbit Realtek or 100Mbit 3Com/Intel
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2006-05-03 00:44]: Hello, I'm thinking about playing with pfsync/carp a bit and for this I will need to buy few additional NICs. From various notes it seems Gbit Realtek chips might not be that crappy as their 100Mbit counterprarts (except 8139c+) and the cards with them seem to even be cheaper than 100Mbit cards from 3Com and Intel. Now the question is what's better for this deployment/playing? Since I'd like to learn I'm not in the possition to solve various strange or instable hardware issues, hence reluctant to give Realtek a try (e.g. U.S. Robotics USR997902). Is there anybody here using Realtek 8169(S) based NIC and satified with them? realtek gigE is easily better than 3com, but then, what is not? I'd look for cheapish sk(4)s. there are some. they are pretty darn good. -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
FTP download/CD sales ratio
Hi all, I'd just want to say that I've bought OpenBSD 3.9 CD's and still not received them ! So, I've download it (one time for home, one time for job), it's easier than waiting for the CDs :) But this let me think that the estimated FTP/CD ratio is not very meaningfull (about the money question). I don't know how to estimate the part of unpaied FTP OpenBSD download. I know I live on Reunion Island, but Wim... What are you doing man !? ;) This message has been cyphered, wifi'ed, bridged, filtered, routed, nat'ed, pppoe'ed with OpenBSD 3.9. Thank you for making this possible. Bruno.
Re: Linksys support... hmm
2006/4/30, Shane J Pearson [EMAIL PROTECTED]: Hi Lasse, On 2006.04.30, at 8:38 PM, Lasse Bach wrote: I also need to know if v5 of the WMP54G uses a Ralink Technology RT25x0 chip? Are you unable to avoid it? Maybe someone on the mailing list can provide me with an answer to: 2. Why are such information not available to their customers? Because they suck (the company). I'm using Nintendo USB Wifi connector, and it works kindly since 3.9-beta, as you can see : $ dmesg | grep ural ural0 at uhub0 port 1 ural0: Nintendo Nintendo Wi-Fi USB Connector, rev 2.00/0.01, addr 2 ural0: MAC/BBP RT2570 (rev 0x05), RF RT2526, address 00:0d:0b:c3:cb:bb Its bundled with a chord that allow you to glue it high on a wall :) I wonder if a PCI-minipci card with a minipci RT25x0 based card might be good for you? From RAL(4): The following Mini PCI adapters should work: Amigo AWI-922W. Billionton MIWLGRL. Gigabyte GN-WIKG. MSI MP54G2. MSI MS-6833. Tonze PC-620C. Zinwell ZWX-G360. Shane
Re: OT: Thoe's x commit and homeland security audit
On 5/3/06, Constantine A. Murenin [EMAIL PROTECTED] wrote: Nothing to worry here, but it'll be fun to know how it actually was discovered. :) http://blogs.sun.com/roller/page/alanc?entry=security_hole_in_xorg_6
does openbsd support 64 bit counter
Hi all I heard from freebsd newsgroup that FreeBSD's internal network counters are 32-bit and can't support 64 bit counter in net-snmp! how abt openbsd? I need to run net-snmp to support 64 bit counter Thank you for your information. I am running freebsd 4.11 release and want to have net-snmp to support 64 bit counter FreeBSD's internal network counters are 32-bit, so it won't help you.
amilo 3438G and installing 3.9
Hi I've problem to install 3.9 on my FS Amilo M3438G with a VIA VT6421 SATA and Intel 82801FB controller. When the installation starts it says, no disk could be found. In my bios I can only change minimized setting, I can't even see the harddrive listed there, but I can see the cdrom. I opened the lappy and found out that the disk is a Samsung SATA. Another strange thing is that after a while in installation, the system freeze and I've to reboot. Google told me there are some problems with this laptop and playing games in Windows, but that's not my case. I have been able to boot various linux livecds on this laptop without problems. Now I don't know if any support is missing in openbsd or I should add anything while booting openbsd bootloader. I did anyhow write a dmesg from shell which can be found bellow. Any suggestions are welcome. /bkw OpenBSD 3.9 (RAMDISK_CD) #1025: Thu Mar 2 02:43:29 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel(R) Pentium(R) M processor 1.73GHz (GenuineIntel 686-class) 1.74 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 1073127424 (1047976K) avail mem = 973643776 (950824K) using 4278 buffers containing 5376 bytes (52500K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 07/29/05, BIOS32 rev. 0 @ 0xf0010 apm0 at bios0: Power Management spec V1.2 apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4590/288 (16 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801FBM LPC rev 0x00) pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0xec00! 0xcf000/0x5000! 0xd4000/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM/PM/GMS Host rev 0x04 ppb0 at pci0 dev 1 function 0 Intel 82915PM/GM PCIE rev 0x04 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 NVIDIA GeForce Go 6800 rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) Intel 82801FB HD Audio rev 0x04 at pci0 dev 27 function 0 not configured ppb1 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x04 pci2 at ppb1 bus 2 uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x04: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x04: irq 3 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x04: irq 5 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x04: irq 10 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x04: irq 11 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd4 pci3 at ppb2 bus 3 Intel PRO/Wireless 2200BG rev 0x05 at pci3 dev 3 function 0 not configured Texas Instruments TSB43AB22 FireWire rev 0x00 at pci3 dev 4 function 0 not configured re0 at pci3 dev 5 function 0 Realtek 8169 rev 0x10: irq 3, address 00:03:0d:35:1e:6f rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 pciide0 at pci3 dev 7 function 0 VIA VT6421 SATA rev 0x50: DMA pciide0: using irq 10 for native-PCI interrupt ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x04: PM disabled pciide1 at pci0 dev 31 function 1 Intel 82801FB IDE rev 0x04: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: _NEC, DVD+-RW ND-6650A, 1.42 SCSI0 5/cdrom removable cd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide1: channel 1 disabled (no drives) Intel 82801FB SMBus rev 0x04 at pci0 dev 31 function 3 not configured isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 npx0 at isa0 port 0xf0/16: using exception 16 biomask fffd netmask fffd ttymask rd0: fixed, 3800 blocks uhidev0 at uhub2 port 2 configuration 1 interface 0 uhidev0: Logitech USB-PS/2 Optical Mouse, rev 2.00/20.00, addr 2, iclass 3/1 uhid at uhidev0 not configured root on rd0a rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02
Re: [UPDATE] php5 to version 5.1.2 (IMPORTANT)
5.1.3 eerr.
EHNT or other NetFlow tools
I couldn't find EHNT in ports or packages. Does anyone know if EHNT works on OpenBSD? Are there other NetFlow tools you use? thanks, Nicholas http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Re: Compilers make a system less secure?
Hello chefren, Wednesday, May 3, 2006, 11:37:48 AM, you wrote: c This has nothing to do with OpenBSD and it's pretty impolite to c transfer information send to you personally to a mailing list. c You may wish to live that way but you won't make lots of friends with it. I have my MUA set so that this (and other) email-list sub-directories reply automatically to the list for which they receive email, and only noticed that you had emailed me off-list on the last email, so all my replies to you and everyone else on this and all other lists are sent to list, unless the email is marked 'off list' or some variation, in which case either my filter catches it, or I can at least visibly see that it is not list-mail. -wittig http://www.robertwittig.com/ . http://robertwittig.net/
Re: Compilers make a system less secure?
Hello chefren, Wednesday, May 3, 2006, 11:37:48 AM, you wrote: For what it's worth... Also... I have threading enabled, so a reply of any sort from a list-mail will cue on the thread. In order to escape the sort rule, one must begin an entirely new email. I do not intentionally reply to off-list emails, on-list, or otherwise go out of my way to piss people off... life is short enough as it is. In the future, if you mark 'Off List' email as such, I will make a point of replying off-list. -wittig http://www.robertwittig.com/ . http://robertwittig.net/
OT: X.org bug ( can someone enlighten me ? )
Hi, I don't understand this piece of code: if (getuid() == 0 || geteuid() != 0) Why check if the geteuid() != 0 if we are only wanting to root to run the block inside the if statement? My reasoning is that if geteuid != 0 then the statement evaluates to true and the code block gets run just like the statement evaluates to true if the process does have uid of 0. This doesn't make sense to me. Can anyone draw a better diagram to help me make some sense of this? James
Evaluating load average
I'm looking for some hints on evaluating load average. I have a new system that is showing load averages over .50 most of the time, but I don't see that it is doing much according to systat vmstat. I figured that this machine would be way overpowered for the job it is doing. Is load average (like what is displayed in uptime) really a good indicator? What tips do people have for profiling? -- Will Here is the dmesg: OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36, CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID real mem = 2146807808 (2096492K) avail mem = 1952808960 (1907040K) using 4278 buffers containing 107442176 bytes (104924K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 01/09/06, BIOS32 rev. 0 @ 0xffe90 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfb4b0/320 (18 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801EB/ER LPC rev 0x00) pcibios0: PCI bus #11 is the last bus bios0: ROM list: 0xc/0xb000! 0xcb000/0x1000 0xcc000/0x1000 0xcd000/0x2200 0xec000/0x4000! ipmi0 at mainbus0: version 1.5 interface KCS iobase 0xca8/8 spacing 4 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel E7520 MCH rev 0x09 ppb0 at pci0 dev 2 function 0 Intel MCH PCIE rev 0x09 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 Intel IOP331 Channel 0 rev 0x06 pci2 at ppb1 bus 2 ami0 at pci2 dev 14 function 0 Dell PERC 4e/Di rev 0x06: irq 7 Dell 16d 32b ami0: FW 521X, BIOS vH430, 256MB RAM ami0: 2 channels, 0 FC loops, 1 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00, SCSI2 0/direct fixed sd0: 69880MB, 69880 cyl, 64 head, 32 sec, 512 bytes/sec, 143114240 sec total scsibus1 at ami0: 16 targets safte0 at scsibus1 targ 6 lun 0: PE/PV, 1x6 SCSI BP, 1.0 SCSI2 3/processor fixed scsibus2 at ami0: 16 targets ppb2 at pci1 dev 0 function 2 Intel IOP331 Channel 1 rev 0x06 pci3 at ppb2 bus 3 ppb3 at pci0 dev 4 function 0 Intel MCH PCIE rev 0x09 pci4 at ppb3 bus 4 ppb4 at pci0 dev 5 function 0 Intel MCH PCIE rev 0x09 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 Intel PCIE-PCIE rev 0x09 pci6 at ppb5 bus 6 em0 at pci6 dev 7 function 0 Intel PRO/1000MT (82541GI) rev 0x05: irq 11, address 00:13:72:55:29:53 ppb6 at pci5 dev 0 function 2 Intel PCIE-PCIE rev 0x09 pci7 at ppb6 bus 7 em1 at pci7 dev 8 function 0 Intel PRO/1000MT (82541GI) rev 0x05: irq 3, address 00:13:72:55:29:54 ppb7 at pci0 dev 6 function 0 Intel MCH PCIE rev 0x09 pci8 at ppb7 bus 8 ppb8 at pci8 dev 0 function 0 Intel PCIE-PCIE rev 0x09 pci9 at ppb8 bus 9 ppb9 at pci8 dev 0 function 2 Intel PCIE-PCIE rev 0x09 pci10 at ppb9 bus 10 uhci0 at pci0 dev 29 function 0 Intel 82801EB/ER USB rev 0x02: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 82801EB/ER USB rev 0x02: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 Intel 82801EB/ER USB rev 0x02: irq 7 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 Intel 82801EB/ER USB2 rev 0x02: irq 5 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb10 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0xc2 pci11 at ppb10 bus 11 vga1 at pci11 dev 13 function 0 ATI Radeon VE QY rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ichpcib0 at pci0 dev 31 function 0 Intel 82801EB/ER LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801EB/ER IDE rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus3 at atapiscsi0: 2 targets cd0 at scsibus3 targ 0 lun 0: TEAC, CD-ROM CD-224E-N, 3.AB SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 biomask efe5 netmask efed ttymask ffef
Re: OT: X.org bug ( can someone enlighten me ? )
On 5/3/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I don't understand this piece of code: if (getuid() == 0 || geteuid() != 0) Why check if the geteuid() != 0 if we are only wanting to root to run the block inside the if statement? getuid returns the real user id, geteuid returns the effective user id. so the question is: are we really root? or are we somebody else who doesn't have root privs? in either case, it's ok to load modules from weird places. if root is running X, we trust them. if it's not root, but they don't have euid == 0, then they can't do any harm, so let them do what they want. note that the test is broken if X is setuid to some id other than 0. now you can grab whatever privileges the non-root setuid has.
Re: Evaluating load average
On 5/3/06, Will H. Backman [EMAIL PROTECTED] wrote: I'm looking for some hints on evaluating load average. I have a new system that is showing load averages over .50 most of the time, but I don't see that it is doing much according to systat vmstat. I figured that this machine would be way overpowered for the job it is doing. Is load average (like what is displayed in uptime) really a good indicator? i never look at load; it's meaningless. watching vmstat, iostat and netstat all with -w 1 is probably much more informative.
Re: Evaluating load average
On Wed, May 03, 2006 at 03:30:35PM -0400, Will H. Backman wrote: I'm looking for some hints on evaluating load average. I have a new system that is showing load averages over .50 most of the time, but I don't see that it is doing much according to systat vmstat. I figured that this machine would be way overpowered for the job it is doing. Is load average (like what is displayed in uptime) really a good indicator? What tips do people have for profiling? Load average is very useful as long as you realize what it means. Another good thing is the cpu states (%) as seen in top. So you may be running with .50 load avg, and 99.9% idle cpu. Heck, you can be running 1.75 load avg and 99.9% idle. Anyway, check top to see what processes are doing, and what the cpu states line says. -- Darrin Chandler| Phoenix BSD Users Group [EMAIL PROTECTED] | http://bsd.phoenix.az.us/ http://www.stilyagin.com/ |
Any people with a W83781D lm(4)?
If you have this lm(4) variant, can you please mail me the output of sysctl hw.sensors? I'm trying to resolve an issue where the data sheet is unclear, and seeing some output from the real world will probably help me solve it. Mark
inexplicable behaviour on godaddy.com
i'm using konqueror and everything is fantastic. except when i go to godaddy.com things are slow as molasses: the mouse takes several seconds to change from a hand to an arrow when leaving a link typing into forms takes several seconds per letter ftp access is quick until i try to download anything (this is true even if i use the standard ftp or axyftp or cftp) - then it usually doesn't work at all. the ftp thing is particularly strange because 1. ftp works great anywhere else other than godaddy 2. there are no problems when using freebsd going to godaddy 3. if i ssh into a freebsd box and ftp to godaddy everything is cool 4. if i ssh into another openbsd box and ftp to godaddy it's bad all this seems to suggest that openbsd doesn't like godaddy.com for some reason (or visa versa). i am not too familiar with ftp (i generally use fish anyway) and whether there are settings that need to be tweaked. thanks in advance for any ideas! -- In friendship, prad ... with you on your journey Towards Freedom http://www.towardsfreedom.com (website) Information, Inspiration, Imagination - truly a site for soaring I's
Re: dell 2650 (-current)
hmmm that should not have happened. I have to do some ipmi work one of these days so i'll add this one to the list of things to look at. On Tue, May 02, 2006 at 10:46:54AM -0400, Okan Demirmen wrote: Hi - So I have this wierd problem, which is duplicated on 3 identical machines, where I get a bunch of bmc_io_wait fails messages (see the end of the dmesg). The longer the machine is on, the more messages get tacked on. I'm wondering what this could be. Any ideas/hints? For the curious, the machines have bios rev. a20, 3.35 drac and 1.01 backplane firmware. Thanks, Okan (dmesg and sysctl hw.sensors output included) OpenBSD 3.9-current (GENERIC) #720: Thu Apr 27 21:42:15 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID real mem = 2146926592 (2096608K) avail mem = 1950842880 (1905120K) using 4256 buffers containing 107450368 bytes (104932K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 10/21/04, BIOS32 rev. 0 @ 0xffe90 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc410/176 (9 entries) pcibios0: PCI Interrupt Router at 000:15:0 (ServerWorks CSB5 rev 0x00) pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000 0xc9000/0x6000 0xcf000/0x1800 0xd0800/0x600 0xec000/0x4000! ipmi0 at mainbus0: version 1.0 interface SMIC iobase 0xecf4/3 spacing 1 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 ServerWorks CMIC-WS Host (GC-LE) rev 0x13 pchb1 at pci0 dev 0 function 1 ServerWorks CMIC-WS Host (GC-LE) rev 0x00 pci1 at pchb1 bus 3 bge0 at pci1 dev 6 function 0 Broadcom BCM5701 rev 0x15, BCM5701 B5 (0x0105): irq 11, address 00:0b:db:e3:ed:6e brgphy0 at bge0 phy 1: BCM5701 10/100/1000baseT PHY, rev. 0 bge1 at pci1 dev 8 function 0 Broadcom BCM5701 rev 0x15, BCM5701 B5 (0x0105): irq 10, address 00:0b:db:e3:ed:6f brgphy1 at bge1 phy 1: BCM5701 10/100/1000baseT PHY, rev. 0 pchb2 at pci0 dev 0 function 2 ServerWorks CMIC-LE rev 0x00 pci2 at pchb2 bus 1 Dell DRAC 4 Embedded/Optional rev 0x00 at pci0 dev 4 function 0 not configured Dell PERC 3/Di rev 0x00 at pci0 dev 4 function 1 not configured Dell DRAC 3 Optional rev 0x00 at pci0 dev 4 function 2 not configured vga1 at pci0 dev 14 function 0 ATI Rage XL rev 0x27 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) piixpm0 at pci0 dev 15 function 0 ServerWorks CSB5 rev 0x93: SMI iic0 at piixpm0: disabled to avoid ipmi0 interactions pciide0 at pci0 dev 15 function 1 ServerWorks CSB5 IDE rev 0x93: DMA atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SAMSUNG, CD-ROM SN-124, N102 SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 ohci0 at pci0 dev 15 function 2 ServerWorks OSB4/CSB5 USB rev 0x05: irq 5, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: ServerWorks OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 4 ports with 4 removable, self powered pcib0 at pci0 dev 15 function 3 ServerWorks CSB5 LPC rev 0x00 pchb3 at pci0 dev 16 function 0 ServerWorks CIOB-X2 PCIX rev 0x03 pchb4 at pci0 dev 16 function 2 ServerWorks CIOB-X2 PCIX rev 0x03 pci3 at pchb4 bus 4 ppb0 at pci3 dev 8 function 0 Intel 80303 IOP rev 0x01 pci4 at ppb0 bus 5 ahc0 at pci4 dev 6 function 0 Adaptec AIC-7899 U160 rev 0x01: irq 7 scsibus1 at ahc0: 16 targets sd0 at scsibus1 targ 0 lun 0: COMPAQ, BD0186398C, BC1P SCSI2 0/direct fixed sd0: 17365MB, 7001 cyl, 20 head, 254 sec, 512 bytes/sec, 35565080 sec total safte0 at scsibus1 targ 6 lun 0: PE/PV, 1x5 SCSI BP, 1.1 SCSI2 3/processor fixed ahc1 at pci4 dev 6 function 1 Adaptec AIC-7899 U160 rev 0x01: irq 11 scsibus2 at ahc1: 16 targets pchb5 at pci0 dev 17 function 0 ServerWorks CIOB-X2 PCIX rev 0x05 pchb6 at pci0 dev 17 function 2 ServerWorks CIOB-X2 PCIX rev 0x05 pci5 at pchb6 bus 2 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom0: console pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask fbe5 netmask ffe5 ttymask ffe7 pctr: user-level cycle counter enabled ahc0: target 0 using 16bit transfers ahc0: target 0 synchronous at 80.0MHz DT, offset = 0x3f dkcsum: sd0 matches BIOS drive 0x80 root on sd0a
Re: inexplicable behaviour on godaddy.com
prad wrote: i'm using konqueror and everything is fantastic. except when i go to godaddy.com snip all this seems to suggest that openbsd doesn't like godaddy.com for some reason (or visa versa). May be you are accessing many of their parked domains? (: http://news.netcraft.com/archives/2006/04/06/april_2006_web_server_survey.html Just a joke.
Re: [UPDATE] php5 to version 5.1.2 (IMPORTANT)
Hi. 5.0.3 is out so here is a new diff. Test it please. Index: Makefile === RCS file: /cvs/ports/www/php5/Makefile,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 Makefile --- Makefile2 Oct 2004 11:32:35 - 1.1.1.1 +++ Makefile3 May 2006 17:05:19 - @@ -1,7 +1,9 @@ # $OpenBSD: Makefile,v 1.1.1.1 2004/10/02 11:32:35 robert Exp $ SUBDIR += core +SBUDIR += core,hardened SUBDIR += extensions +SUBDIR += extensions,hardened SUBDIR += extensions,no_x11 .include bsd.port.subdir.mk Index: Makefile.inc === RCS file: /cvs/ports/www/php5/Makefile.inc,v retrieving revision 1.7 diff -u -r1.7 Makefile.inc --- Makefile.inc29 Dec 2005 23:03:29 - 1.7 +++ Makefile.inc3 May 2006 17:05:19 - @@ -2,23 +2,24 @@ # This port currently only works with archs supporting dynamic loading # and has Apache that supports DSO's. -NOT_FOR_ARCHS= ${NO_SHARED_ARCHS} +NOT_FOR_ARCHS= ${NO_SHARED_ARCHS} -V= 5.0.5 -DISTNAME= php-${V} -CATEGORIES=www lang - -MAINTAINER=Robert Nagy [EMAIL PROTECTED] -HOMEPAGE= http://www.php.net/ - -MASTER_SITES= http://us2.php.net/distributions/ \ - http://se.php.net/distributions/ \ - http://no.php.net/distributions/ \ - http://uk.php.net/distributions/ +V= 5.1.3 +DISTNAME?= php-${V} +CATEGORIES=www lang + +MAINTAINER=Robert Nagy [EMAIL PROTECTED] +HOMEPAGE= http://www.php.net/ + +MASTER_SITES= http://us2.php.net/distributions/ \ + http://se.php.net/distributions/ \ + http://no.php.net/distributions/ \ + http://uk.php.net/distributions/ +MASTER_SITES0= http://anoncvs.silihost.hu/ +MASTER_SITES1= http://www.hardened-php.net/ # UPGRADERS: please read BOTH the PHP and Zend licenses # and make sure they are safe before an upgrade - PERMIT_PACKAGE_CDROM= Yes PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes @@ -41,6 +42,7 @@ PHP_LDFLAGS= -lstdc++ -lm .endif +USE_LIBTOOL= Yes CONFIGURE_STYLE= autoconf AUTOCONF_VERSION= 2.52 CONFIGURE_ENV= CFLAGS=${CFLAGS} -I${LOCALBASE}/include \ @@ -65,3 +67,14 @@ CHECKSUM_FILE= ${.CURDIR}/../distinfo PATCH_LIST=${.CURDIR}/../patches/patch-* \ patch-* + +# the hardened flavor is used by both core and extensions +FLAVORS+= hardened +FLAVOR?= + +.if ${FLAVOR:L:Mhardened} +HARDENED_V=0.4.9 +PATCHFILES=hardening-patch-${V}-${HARDENED_V}.patch.gz:1 +SUPDISTFILES= ${PATCHFILES} +PATCH_DIST_STRIP= -p1 +.endif Index: distinfo === RCS file: /cvs/ports/www/php5/distinfo,v retrieving revision 1.7 diff -u -r1.7 distinfo --- distinfo29 Dec 2005 23:03:29 - 1.7 +++ distinfo3 May 2006 17:05:19 - @@ -1,4 +1,12 @@ -MD5 (php-5.0.5.tar.gz) = ae36a2aa35cfaa58bdc5b9a525e6f451 -RMD160 (php-5.0.5.tar.gz) = f94cd33d13a298b5b5d2389a2d2b2079fe231fce -SHA1 (php-5.0.5.tar.gz) = 031ac2b1f56f4f6b20b17206a52627790b51f3bb -SIZE (php-5.0.5.tar.gz) = 6082082 +MD5 (hardening-patch-5.1.3-0.4.9.patch.gz) = 5603a75a960a9a5ba32c697c7ec7fd9b +MD5 (pear-20060428.tar.gz) = 28ab6f44a90cbcb5dd9ed0aef32d2fa9 +MD5 (php-5.1.3.tar.gz) = 6fa84f22af9dcfa50f901f6d0391b190 +RMD160 (hardening-patch-5.1.3-0.4.9.patch.gz) = 0b798a0b03243fb8f6637241c4ed05b93cb012c0 +RMD160 (pear-20060428.tar.gz) = 34bac3122dfc8218efdce0ea7df046da031e72e7 +RMD160 (php-5.1.3.tar.gz) = 52d76288498b270e0b81d02ce85a52578c213a09 +SHA1 (hardening-patch-5.1.3-0.4.9.patch.gz) = cc939abae8b56c250e8354c88f7600b0e7917a53 +SHA1 (pear-20060428.tar.gz) = 09713b3052904c1c45acba015dc067ddad0136cb +SHA1 (php-5.1.3.tar.gz) = ca1e61f9772cc82c2217bc674d63decbd442d963 +SIZE (hardening-patch-5.1.3-0.4.9.patch.gz) = 57748 +SIZE (pear-20060428.tar.gz) = 619353 +SIZE (php-5.1.3.tar.gz) = 7585574 Index: core/Makefile === RCS file: /cvs/ports/www/php5/core/Makefile,v retrieving revision 1.13 diff -u -r1.13 Makefile --- core/Makefile 8 Feb 2006 04:54:50 - 1.13 +++ core/Makefile 3 May 2006 17:05:19 - @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.13 2006/02/08 04:54:50 david Exp $ +# $OpenBSD: Makefile,v 1.12 2005/12/29 23:03:29 sturm Exp $ MULTI_PACKAGES=-pear SUBPACKAGE?= @@ -7,8 +7,10 @@ COMMENT-pear= base classes for common PHP tasks PKGNAME= php5-core-${V} FULLPKGNAME-pear= php5-pear-${V} +DISTFILES= php-${V}.tar.gz \ + pear-20060428.tar.gz:0 -CONFIGURE_ARGS+= --with-apxs=/usr/sbin/apxs \ +CONFIGURE_ARGS+=--with-apxs=/usr/sbin/apxs \ --without-mysql \
Re: Evaluating load average
On 5/3/06, Will H. Backman [EMAIL PROTECTED] wrote: I'm looking for some hints on evaluating load average. I have a new system that is showing load averages over .50 most of the time, but I don't see that it is doing much according to systat vmstat. I figured that this machine would be way overpowered for the job it is doing. Is load average (like what is displayed in uptime) really a good indicator? What tips do people have for profiling? -- Will I've only really used load average in the context of what the load average has been historically. It's not too great for tuning specific performance bottlenecks (deciding it's time to get a faster disk, for example) because too many components are involved in the calculation, but if you happen to keep track of the typical load average historically, and one day you notice that the load average is five times higher than it ever has been in the past, you know something's working harder than normal. -Josh
Re: EHNT or other NetFlow tools
On 5/3/06, Nicholas Timperio [EMAIL PROTECTED] wrote: I couldn't find EHNT in ports or packages. Does anyone know if EHNT works on OpenBSD? Are there other NetFlow tools you use? thanks, Nicholas http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ pmacct works great; I've been using it in product for sFlow collection. www.pmacct.org aaron.glenn
Re: EHNT or other NetFlow tools
I couldn't find EHNT in ports or packages. Does anyone know if EHNT works on OpenBSD? Are there other NetFlow tools you use? thanks, Nicholas http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ I have not had time to look at these but the following ports come up in a quick search of my /usr/ports/net directory. I don't know how they compare to EHNT but they are on my list to play with for our network at work. net/flowd/ net/flow-tools/ net/softflowd/ -- Tim Donahue
appling X-Patch - make build breaks?
I applied the X-Patch and got this error: main.c:371: error: syntax error before if Error Code 1 Stop in /usr/XF4/xc-old/programms/Xserver/hw/xfree86/XF86Setup Error Code 1 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/002_xorg.patch Instructions: Apply by doing: cd /usr/src/XF4 patch -p0 002_xorg.patch And then rebuild and install X: make build OpenBSD 3.9, i386. I don`t think you need a dmesg here. XF4-Sources are located in /usr/XF4. Kind regards, Sebastian
Re: appling X-Patch - make build breaks?
On 5/4/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Stop in /usr/XF4/xc-old/programms/Xserver/hw/xfree86/XF86Setup A quick guess: did you install the tcl and tk packages? IIRC, the FAQ mentions those as a prerequisite for building XF86Setup on i386. The lines in the preceding source code deal with tk parsing command line arguments. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: appling X-Patch - make build breaks?
On 5/3/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I applied the X-Patch and got this error: main.c:371: error: syntax error before if Error Code 1 Stop in /usr/XF4/xc-old/programms/Xserver/hw/xfree86/XF86Setup Error Code 1 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/002_xorg.patch look at the file which has the error. look at the files changed by the patch. how is it even possible the patch breaks the build?
de NIC change - ALTQ broken
I updated my i386 3.8 system to 3.9 and noticed that my ALTQ rules wouldn't load on de0 de(4), giving error: pfctl: de0: driver does not support altq ALTQ worked before and I can't see any explicit notice of this being disabled on purpose. Has anyone else come across this?
Re: FTP download/CD sales ratio
On Wed, 3 May 2006 21:25:10 +0400 Bruno Carnazzi [EMAIL PROTECTED] wrote: Hi all, I'd just want to say that I've bought OpenBSD 3.9 CD's and still not received them ! So, I've download it (one time for home, one time for job), it's easier than waiting for the CDs :) But this let me think that the estimated FTP/CD ratio is not very meaningfull (about the money question). I don't know how to estimate the part of unpaied FTP OpenBSD download. I do the same thing. I've had a OpenBSD subscription through bsdmall for some time. That way, I don't have to remember to order the CDs, they just arrive and my credit card gets billed automagically. But they can be slow as molasses. If it takes until mid June against this year, I'm planning on cancelling that subscription and ordering directly starting with the next release. Eric Johnson
Re: FTP download/CD sales ratio
Eric Johnson wrote: I've had a OpenBSD subscription through bsdmall for some time. That way, I don't have to remember to order the CDs, they just arrive and my credit card gets billed automagically. You don't HAVE to remember. Theo reminds you at the VERY earliest that you can order CDs. As soon as you see pre-orders are up, order. I did and have had my 3.9 CDs for a couple weeks now. For me, not wanting to build all the packages I use, I only wait until release day to download the rest of the packages (from a mirror). -ME -- Support OpenBSD: http://www.openbsd.org/orders.html