Hard drive going bad? or something else? (obsd4.0)
I just finished installing OpenBSD 4.0 on a machine of mine. After installation first thing I did was to get some ports installed. First post was PostgreSQL. Running 'make build' failed with an error pointing in configure script. I looked at it to see if it was the patch process that messed up or not. I couldn't be too sure. I did a 'make clean' and started the build over again. This time configure went on and the build process began, but soon after failed again with: cc -O2 -pipe -Wall -Wmissing-prototypes -Wpointer-arith -Winline -Wendif-labels -fno-strict-aliasing -fpic -DPIC -I../../../../../../src/include -I/usr/include/kerberosV -c -o utf8_and_gb18030.o utf8_and_gb18030.c In file included from utf8_and_gb18030.c:17: ../../Unicode/gb18030_to_utf8.map:29313: error: syntax error before '{' token gmake[3]: *** [utf8_and_gb18030.o] Error 1 gmake[3]: Leaving directory `/usr/ports/databases/postgresql/w-postgresql-8.1.4/postgresql-8.1.4/src/backend/utils/mb/conversion_procs/utf8_and_gb18030' gmake[2]: *** [all] Error 2 I thought that was strange. This wasn't one of the patched files. I wondered if something might be wrong with the dist-file. I untared it in my home dir and ran a recursive 'diff -qr' on both dirs and found a handful of files different. I did a manual diff on these files and strange difference appear (see pasted output at end of message). So, I untared the dist-file again in my home dir, in a different dir and ran the diff -rq on the two virgin directories in my home. Again a few files came up different. I checksums on the dist-file are matching fine, so it isn't the source of the problem. I've not see this type of problem before, so I turn to you guys. Is this a sign that maybe a drive is going bad? Or sign of bad memory? What's going on here!? I know it is almost Halloween and all, but this is kinda _spooky_ to say the least. Idea? Please? :-) gmake[3]: Leaving directory `/usr/ports/databases/postgresql/w-postgresql-8.1.4/postgresql-8.1.4/src/backend/utils/mb/conversion_procs/utf8_and_euc_tw' gmake[3]: Entering directory `/usr/ports/databases/postgresql/w-postgresql-8.1.4/postgresql-8.1.4/src/backend/utils/mb/conversion_procs/utf8_and_gb18030' cc -O2 -pipe -Wall -Wmissing-prototypes -Wpointer-arith -Winline -Wendif-labels -fno-strict-aliasing -fpic -DPIC -I../../../../../../src/include -I/usr/include/kerberosV -c -o utf8_and_gb18030.o utf8_and_gb18030.c In file included from utf8_and_gb18030.c:17: ../../Unicode/gb18030_to_utf8.map:29313: error: syntax error before '{' token gmake[3]: *** [utf8_and_gb18030.o] Error 1 gmake[3]: Leaving directory `/usr/ports/databases/postgresql/w-postgresql-8.1.4/postgresql-8.1.4/src/backend/utils/mb/conversion_procs/utf8_and_gb18030' gmake[2]: *** [all] Error 2 --- src/backend/utils/mb/Unicode/gb18030_to_utf8.mapSat Aug 23 22:18:04 2003 +++ /home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode//gb18030_to_utf8.map Sat Aug 23 22:18:04 2003 @@ -29309,9 +29309,8 @@ static pg_local_to_utf LUmapGB18030[ 633 {0x8134a137, 0xe19895}, {0x8134a138, 0xe19896}, {0x8134a139, 0xe19897}, - {0x8134a230, 0xe19898 - {0x8134a136, 0xe19894}, - + {0x8134a230, 0xe19898}, + {0x8134a231, 0xe19899}, {0x8134a232, 0xe1989a}, {0x8134a233, 0xe1989b}, {0x8134a234, 0xe1989c}, $ ls -l src/backend/utils/mb/Unicode/gb18030_to_utf8.map -rw-r--r-- 1 root wheel 1547811 Aug 23 2003 src/backend/utils/mb/Unicode/gb18030_to_utf8.map $ ls -l /home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode//gb18030_to_utf8.map -rw-r--r-- 1 sidster sidster 1547811 Aug 23 2003 /home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode//gb18030_to_utf8.map $ md5 src/backend/utils/mb/Unicode/gb18030_to_utf8.map /home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode//gb18030_to_utf8.map MD5 (src/backend/utils/mb/Unicode/gb18030_to_utf8.map) = c38472696883c20280cabe6aa122d1ac MD5 (/home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode/) = d41d8cd98f00b204e9800998ecf8427e $ diff -qr . /home/sidster/src/postgresql-8.1.4/ | grep -v ^Only diff -qr ./config/config.sub /home/sidster/src/postgresql-8.1.4/config/config.sub Files ./config/config.sub and /home/sidster/src/postgresql-8.1.4/config/config.sub differ diff -qr ./configure /home/sidster/src/postgresql-8.1.4/configure Files ./configure and /home/sidster/src/postgresql-8.1.4/configure differ diff -qr ./src/Makefile.shlib /home/sidster/src/postgresql-8.1.4/src/Makefile.shlib Files ./src/Makefile.shlib and /home/sidster/src/postgresql-8.1.4/src/Makefile.shlib differ diff -qr ./src/backend/po/ru.po /home/sidster/src/postgresql-8.1.4/src/backend/po/ru.po Files ./src/backend/po/ru.po and /home/sidster/src/postgresql-8.1.4/src/backend/po/ru.po differ diff -qr ./src/backend/utils/mb/Unicode/gb18030_to_utf8.map /home/sidster/src/postgresql-8.1.4/src/backend/utils/mb/Unicode/gb18030_to_utf8.map Files ./src/backend/utils/mb/Unicode/gb18030_to_utf8.map and
Re: Is there a deluser equivalent in OpenBSD?
On Mon, Oct 30, 2006 at 12:38:59AM -0500, Eric Furman wrote: | On Sun, 29 Oct 2006 23:12:49 +0100 (CET), Otto Moerbeek | [EMAIL PROTECTED] said: | but as has been pointed out, it is trivial to write a script | that would automatically go out and modify /etc/group | on even a large number of boxes. | | This is rough, needs polishing, use at own risk, blah blah... | | BOXES=server1 server 2 server3. . . | | for box in $BOXES | do | { sleep 5;echo username;sleep 2;echo password;sleep 2; | echosudo do some command left as exercise for reader; | sleep 3;echo exit; } |telnet $box 2/tmp/rcmd.error 1/dev/null | done | | You got to be kidding. This is the worst script I've seen in ages. | | I only offered this because the OP seemed to indicate that he had | a large number of machines and it would be inconvenient to make | the change to /etc/group on all of them. If you administer several | dozen to more than a hundred machines it is quite inconvenient to | do this. If there is a better way of doing this I would be quite | interested in hearing about it. Please do not point out the security | implications of this. It has already been greatly considered. It | should be clearly obvious how this can be made safe. And no, I | haven't used telnet in nearly ten years, but I and all my users | always type telnet at the command line. It's familiar. | I offered help. You offered nothing but useless noise. You offered no such thing, I'm afraid. If you haven't used telnet for nearly ten years[1], why do you still type it at the command line ? Don't pipe sleep and echo's (esp. passwords) to telnet. Not a good plan. This is horribly insecure in multiple ways. Even if you had greatly considered these, you should have indicated as much. People not as experienced as you may read your example and take it for a good solution, security-wise. BOXES=your set of machines ID=the username you want to have run the script CMD=some command left as exercise for reader for box in ${BOXES} do ssh [EMAIL PROTECTED] ${CMD} done Don't forget to set up proper keys for authenticating and using an ssh-agent on the machine you're doing this from. This still may not be the best way to handle many machines (as in, 1000s) as the serialisation will make your machines be out of sync for quite a long time. If ${CMD} is overly complex, consider putting everything in a script, and add an `scp ${script} [EMAIL PROTECTED]:/tmp/` before the ssh-line and change that line to `ssh [EMAIL PROTECTED] sh /tmp/${script}` Please don't offer bad help. Better to offer nothing at all. Paul 'WEiRD' de Weerd [1]: I still use telnet on a daily basis, I just don't use telnetd. -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Applying patch ?
Are you in /usr/src/ when you apply the patch? Did you download and unpack the source tree? Does no good to patch something that isn't there. -- Joel Goguen Bachelor of Computer Science III University of New Brunswick http://iapetus.dyndns.org/ Maverick wrote: uppsss I am sorry I forgot to add the important bit. When i run patch -p0 001_sendmail.patch, it asked me for the file to patch. Can you please give me an example how to go that in sendmail patch? Thanks a lot for your help I do appreciate that. Joe S wrote: Maverick wrote: Thanks a lot for the answer I have tried it but i have something after that as well # cd /usr/src # patch -p0 001_sendmail.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -- |Apply by doing: | cd /usr/src | patch -p0 001_sendmail.patch | |And then rebuild and install sendmail: | cd gnu/usr.sbin/sendmail | make obj | make depend | make | make install | |Index: gnu/usr.sbin/sendmail/libsm/fflush.c |=== |RCS file: /cvs/src/gnu/usr.sbin/sendmail/libsm/fflush.c,v |retrieving revision 1.2 |diff -u -p -r1.2 fflush.c |--- gnu/usr.sbin/sendmail/libsm/fflush.c 1 Oct 2001 17:18:29 - 1.2 |+++ gnu/usr.sbin/sendmail/l Can you please tell me what i can i do with this? You have applied the patch to the sendmail source code. Now you must rebuild and install sendmail. The output from the patch command tells you what to do: |And then rebuild and install sendmail: | cd gnu/usr.sbin/sendmail | make obj | make depend | make | make install Since you are new to OpenBSD, you should know that OpenBSD tells you how to do all of the important things. In other words, OpenBSD is very well documented. However, to be successful you must learn to find the documentation. In this case it was right under your nose. All/most patches will tell you how to apply them. Also check the OpenBSD FAQ.
Re: Hard drive going bad? or something else? (obsd4.0)
I've not see this type of problem before, so I turn to you guys. Is this a sign that maybe a drive is going bad? Or sign of bad memory? What's going on here!? I know it is almost Halloween and all, but this is kinda _spooky_ to say the least. Idea? Please? :-) Hard drives contain lots of moving parts, a known reliability risk. Therefore most if not all modern hard disks and associated logic contain more or less elaborate internal self-checking logic to detect failing media, failing spindle motor, failing head positioning mechanism, over and under voltage, bus driver failure, etc. Most of these will result in kernel messages and/or other obvious signs of system distress. Your dmesg (assuming it was done after the failed build) doesn't show any evidence of such problem, so there's no reason to suspect a hard disk going bad. More likely possibilities are bad memory, a bad motherboard, incompatible memory, bad disk controller, mis-configured bus speeds, environmental problem, or possibly but less likely, a bad cpu. Memory is simple: if you buy a consumer grade home machine, you get memory that has no self-check logic. A chip going bad could well produce the problems you show below. A server class machine will nearly always contain ECC memory. A few companies (Dell, Sun) also make commercial grade desktop machines, which usually also contain ECC. Note that most home computer stores and even many professionals don't understand or value ECC memory, and will steer you away from such technology. If it's memory, even without self-check logic that may still be easy to see if it's broken. memcheck86+ has a good reputation. This is a stand-alone program, which you can leave running overnight. If it fails memcheck86+, then the problem is obvious. If it passes, the memory is still not in the clear; for instance, it's in theory possible for the memory to fail when accessed by DMA but not by the processor. If you can get the memory to fail more or less predictably, and you have multiple memory modules, you may be able to play remove swap games to identify which module is bad. Check your hardward doc first - on some systems, modules may need to be paired in some particular fashion. It is certainly worth checking your machine for obvious physical problems. For instance, check air paths to ensure they aren't blocked. Be suspicious of burning smells, obvious heat, excessive fan noise, or lack of distinct air flow. Check the inside of the machine. Is there excessive dust build-up? Are the fan blades clean? Do the fans spin very smoothly and fairly freely? Are the cables in the way? Are there any loose cables? Loose boards? Bad solder joints or cracks? (On most modern motherboards, it's not worth spending much time checking this if it's not easy to get to; removing the motherboard may itself cause damage, and even a large crack sufficient to produce complete failure may be nearly impossible to spot). Other signs of physical distress? Ideally you want your machine to be in a climate-controlled environment comfortable to people. Dust, very dry air, excessive moisture, temperature cycles, etc. are all bad. Electrically conductive dust can become particularly exciting. An older or fancier machine may have a separate disk controller, in which case if you have a spare it may be worth swapping. Your machine is probably not one of these. On many newer machines, the BIOS can contain settings which alter the speed or timing of various bus components. Getting this wrong can produce subtle weirdness, or obvious and drammatic signs of failure. It may take a while for subtle weirdness to manifest itself in any obvious fashion. If you have ECC memory, make sure the bios knows that. Sorting all this out can take time. If the machine is an older one, it may be cheaper to replace it than figure out what failed. Also, in case you missed it, building large software packages is an excellent way to burn a new machines in or establish that an existing machine is reliable. :-) -Marcus
Ralink broken after last update
I'm running Canyon CN-WF511 wireless PCI card (Ralink RT2561S) in hostap mode in my 30m2 flat, serving one laptop next room. The wireless quality has always been less than stellar, even when few meters from the OpenBSD box antenna. But it works for reading mail and news and thats all that matters in this case. Unfortunately, after updating last week (I'm following -current) things got a bit worse. When in the same room with the AP, it works as craptastically as before, but further away (say 5 meters and a concrete wall between) things slowly cripple to the point when laptop can't even find the AP. Long story short, looks like this update is to blame here: replace rssadapt(9) with amrr for automatic rate control. as a side-effect, this should fix all the bogus xmit rate panics users have been complaining about for some time when operating in HostAP mode. I grabbed previous versions of relevant files from cvsweb and rebuilt the kernel. Things work well now. Btw, I, too, suffered kernel panics before but forcing mode 11b in hostname.ral0 took care of that. Here's my dmesg: http://doktor.kompro.ee/dmesg PS. I stared at the output of tcpdump -i ral0 -y IEEE802_11_RADIO when it was broken but could'nt make any sense of it. If someone would tell me what to look for there, I'm willing to break things again and investigate.
Re: mounting problems
Jay Jesus Amorin wrote: hi, pls. help me mount my partition in my linux partitions ... http://www.openbsd.org/faq/faq14.html#foreignfs Nick.
Re: docs for OpenLDAP and cyrus-imapd on OpenBSD?
I have it working a similar setup. All you need once the openldap side is runnning (and there are lots of docs about OpenLDAP for users authentication out there): Thanks, got openldap with bdb up using various example conf files... Getting the openldap side supporting a table or index or proper schema? that can be referenced by sendmail and cyrus and putting the username,realm,password into it is my stuck point now, and that is beyond the misc/openbsd list. I subscribed to the cyrus info and sasl email lists and if need be the openldap lists... I'll summarize my notes on a webpage when successful and post back to misc list the url. I think another part of the puzzle maybe that I need to copy sendmail schema and have that in slapd.conf cp /usr/src/gnu/usr.sbin/sendmail/cf/sendmail.schema /etc/openldap/schema/ # grep sendmail /etc/openldap/slapd.conf include /etc/openldap/schema/sendmail.schema ? You will need a sendmail compiled with SASL and ldap support, just add this to /etc/mk.conf: WANT_LDAP=yes WANT_SMTPAUTH=yes That was very helpful and something misc OpenBSD related, I knew about exporting WANT_SMTPAUTH prior to compiling sendmail, but I did realize that a value needed to be set for WANT_LDAP.
EuroBSDCon is coming up !
Hi all, EuroBSDCon, the main European BSD event is coming up in less than two weeks. We would also like to inform that people who want to attend the event should sign up as soon as possible in order to take advantage of the early bird rate, which will be available until November 2. Way more than a 100 people already registered for the event, so go to http://www.eurobsdcon.org/register/ in order to register ! We hope to see you all in Milan ! -- Massimiliano Stucchi
Re: Ralink broken after last update
On Mon, Oct 30, 2006 at 01:06:14PM +0200, Erki Malling wrote: I'm running Canyon CN-WF511 wireless PCI card (Ralink RT2561S) in hostap mode in my 30m2 flat, serving one laptop next room. The wireless quality has always been less than stellar, even when few meters from the OpenBSD box antenna. But it works for reading mail and news and thats all that matters in this case. Unfortunately, after updating last week (I'm following -current) things got a bit worse. When in the same room with the AP, it works as craptastically as before, but further away (say 5 meters and a concrete wall between) things slowly cripple to the point when laptop can't even find the AP. Long story short, looks like this update is to blame here: replace rssadapt(9) with amrr for automatic rate control. as a side-effect, this should fix all the bogus xmit rate panics users have been complaining about for some time when operating in HostAP mode. I grabbed previous versions of relevant files from cvsweb and rebuilt the kernel. Things work well now. I am having exactly the same problem. As you stated, backing out the AMMR commit fixes it. In case more people are seeing this, here is a diff that does the backout, for testing purposes: http://www2.par.inf.puc-rio.br/~pedro/ral-backout.diff -p.
Re: bridge(4) RSTP
Hi, Patch applies cleanly and appears to work great: [EMAIL PROTECTED] ~ tcpdump -i bge1 stp tcpdump: listening on bge1, link-type EN10MB 15:25:02.061139 802.1d RSTP config flags=0x3clearn,fwd,role=desig root=6011.0:18:74:61:e5:40 rootcost=0x0 bridge=6011.0:18:74:61:e5:40 port=0x8630 age=0/0 max=20/0 hello=2/0 fwdelay=15/0 I'm not coders either so I can't review your patch's quality, but would be good to get it verified in the tree. thanks. /Pete On 29. okt. 2006, at 14.15, Stuart Henderson wrote: On 2006/10/27 14:03, Pete Vickers wrote: A nice start could be to teach our tcpdump about RSTP. At present it just pukes: something like this? (coding style probably sucks, but I'm no coder :) Index: print-stp.c === RCS file: /data/cvsroot/OpenBSD/src/usr.sbin/tcpdump/print-stp.c,v retrieving revision 1.4 diff -u -r1.4 print-stp.c
defaults for OpenSSH
Hi misc, In order to have sane configuration defaults in OpenBSD, what are the good reasons to not disable ssh root access, and to not disable sshv1 protocol by default ? Best regards, Bruno.
OpenBSD Audio!
I just had to mention that the OpenBSD audio cd is great for playing at the office. Thanks OpenBSD! Not only is the operating system a pleasure to use, but the music has us all in great spirits here. Mike H
Randomized malloc() randomized mmap()
Hi all, Reading Theo de Raadt's presentation about exploit mitigation techniques, I could not understand the advantages of using randomized malloc and randomized mmap techniques. I've searched on the Internet about this subject but I couldn't find a thing, maybe because this subject is too technical. I'm sorry for the lack of abilities to understand the presentation. Could anyone, please, give me an example or point me any website in which I could find informations in order to understand why randomized malloc and randomized mmap are more secure than the traditional ones? Thanks in advance for the time wasted reading this e-mail. -- Joco Salvatti Undergraduating in Computer Science Federal University of Para - UFPA web: http://www.openbsd-pa.org e-mail: [EMAIL PROTECTED]
why my LCD monitor repeat black screen
Hello, I'm using OB3.9 release version, and X.org plus fvwm2, after start X windows, what I got is my LCD monitor repeat black screen between several minutes, even there have keyboard and mouse movement. after black screen, I can ctrl+alt+F1 then ctrl_alt+F5 to switch back screen. keyboard and mouse still can respond when black. I even disable DPMS and xscreensave, it still repeat. is this a LCD HW problem? but not happen in winxp installed same PC. LCD is a ViewSonic 903b. Thanks in advence. follow is dmesg and xset q output. dmesg** OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Athlon(tm) XP 1700+ (AuthenticAMD 686-class, 256KB L2 cache) 1.48 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE cpu0: AMD Powernow: TS real mem = 804823040 (785960K) avail mem = 726990848 (709952K) using 4278 buffers containing 40345600 bytes (39400K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(e0) BIOS, date 01/14/03, BIOS32 rev. 0 @ 0xf9b60 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xc604 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc580/128 (6 entries) pcibios0: PCI Exclusive IRQs: 6 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8235 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xec00 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA VT8366 PCI rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8366 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 NVIDIA GeForce4 MX 440 rev 0xa3 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) rl0 at pci0 dev 11 function 0 Realtek 8139 rev 0x10: irq 11, address 00:e0:4c:93:7f:f1 rlphy0 at rl0 phy 0: RTL internal PHY uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x80: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x80: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x80: irq 6 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 3 VIA VT6202 USB rev 0x82: irq 11 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered viapm0 at pci0 dev 17 function 0 VIA VT8235 ISA rev 0x00 iic0 at viapm0 unknown at iic0 addr 0x18 not configured maxtmp0 at iic0 addr 0x4c: lm90 pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: ST380021A wd0: 16-sector PIO, LBA, 76319MB, 156301488 sectors wd1 at pciide0 channel 0 drive 1: Maxtor 31536H2 wd1: 16-sector PIO, LBA, 14324MB, 29336832 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TECLAST, 52 CD-ROM, 0.3E SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4 auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x50: irq 6 ac97: codec id 0x414c4720 (Avance Logic ALC650) ac97: codec features 20 bit DAC, 18 bit ADC, Realtek 3D audio0 at auvia0 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 it0 at isa0 port 0x290/8: IT87 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo biomask ef65 netmask ef65 ttymask ffe7 pctr: user-level cycle counter enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matches BIOS drive 0x80 dkcsum: wd1 matches BIOS drive 0x81 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 wd0a: aborted command, interface CRC error reading fsbn 128 of 128-143 (wd0 bn 86044268; cn 85361 tn 6 sn 2), retrying wd0: transfer error, downgrading to Ultra-DMA mode 4 wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 5 wd0a: aborted command, interface CRC error reading fsbn 128 of 128-143 (wd0 bn 86044268; cn 85361 tn 6 sn 2), retrying wd0: soft
Re: Ralink broken after last update
2006/10/30, Erki Malling [EMAIL PROTECTED]: I'm running Canyon CN-WF511 wireless PCI card (Ralink RT2561S) in hostap mode in my 30m2 flat, serving one laptop next room. The wireless quality has always been less than stellar, even when few meters from the OpenBSD box antenna. But it works for reading mail and news and thats all that matters in this case. Unfortunately, after updating last week (I'm following -current) things got a bit worse. When in the same room with the AP, it works as craptastically as before, but further away (say 5 meters and a concrete wall between) things slowly cripple to the point when laptop can't even find the AP. I'm in this case too using OpenBSD 4.0-current (GENERIC) #1163: Thu Oct 19 14:40:44 MDT 2006 : ural0 at uhub0 port 1 ural0: Nintendo Nintendo Wi-Fi USB Connector, rev 2.00/0.01, addr 2 ural0: MAC/BBP RT2571 (rev 0x05), RF RT2526, address 00:0d:0b:c3:cb:bb ural0 is in hostap mode, /etc/hostname.ural0 : 192.168.13.254 255.255.255.0 media DS11 mediaopt hostap mode 11b nwid w3lC0m3_H0 m3 chan 11 I use it from my powerbook, and sometimes, I lost Wi-Fi connectivity for about 1 minutes... Screen helps :) Best regards. Long story short, looks like this update is to blame here: replace rssadapt(9) with amrr for automatic rate control. as a side-effect, this should fix all the bogus xmit rate panics users have been complaining about for some time when operating in HostAP mode. I grabbed previous versions of relevant files from cvsweb and rebuilt the kernel. Things work well now. Btw, I, too, suffered kernel panics before but forcing mode 11b in hostname.ral0 took care of that. Here's my dmesg: http://doktor.kompro.ee/dmesg PS. I stared at the output of tcpdump -i ral0 -y IEEE802_11_RADIO when it was broken but could'nt make any sense of it. If someone would tell me what to look for there, I'm willing to break things again and investigate.
kern.nprocs not (closely) matching ps -ax |wc -l ??
I understand that the ps -ax would have spawned at least one more process (and a header) than the sysctl count, but I'm not seeing why sysctl is showing 11 more processes than ps does: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=46 35 kern.nprocs=46 This machine has been up a while and has had enough various errors to make the boot dmesg disappear from logs, so here's the various kern.* sysctl's that show what kernel I'm running: kern.ostype=OpenBSD kern.osrelease=3.8 kern.osrevision=200511 kern.version=OpenBSD 3.8-current (GENERIC) #320: Sat Dec 17 10:09:10 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC A 3.9 system is a tad different, but exhibits the same strangeness: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=48 39 kern.nprocs=48 Any idea where the discrepancy might be coming from? --Bill
Re: defaults for OpenSSH
2006/10/30, daniel [EMAIL PROTECTED]: Bruno Carnazzi wrote: In order to have sane configuration defaults in OpenBSD, what are the good reasons to not disable ssh root access, and to not disable sshv1 protocol by default ? It's insane if you can't login after a fresh install... But a fresh install with only root account is not sane :) d. -- Hi, I'm a .signature virus! Copy me to your .signature file and help me propagate, thanks!
Re: defaults for OpenSSH
Bruno Carnazzi wrote: 2006/10/30, daniel [EMAIL PROTECTED]: Bruno Carnazzi wrote: In order to have sane configuration defaults in OpenBSD, what are the good reasons to not disable ssh root access, and to not disable sshv1 protocol by default ? It's insane if you can't login after a fresh install... But a fresh install with only root account is not sane :) If you're doing a remote upgrade or install, it's at *least* helpful (if not necessary) to be able to connect via SSH to the freshly installed, just-rebooted system. -- Matthew Weigel
Re: kern.nprocs not (closely) matching ps -ax |wc -l ??
On 10/30/06, Bill Marquette [EMAIL PROTECTED] wrote: I understand that the ps -ax would have spawned at least one more process (and a header) than the sysctl count, but I'm not seeing why sysctl is showing 11 more processes than ps does: Check out the -k option to ps. Philip Guenther
Re: kern.nprocs not (closely) matching ps -ax |wc -l ??
On Mon, 30 Oct 2006, Bill Marquette wrote: I understand that the ps -ax would have spawned at least one more process (and a header) than the sysctl count, but I'm not seeing why sysctl is showing 11 more processes than ps does: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=46 35 kern.nprocs=46 This machine has been up a while and has had enough various errors to make the boot dmesg disappear from logs, so here's the various kern.* sysctl's that show what kernel I'm running: kern.ostype=OpenBSD kern.osrelease=3.8 kern.osrevision=200511 kern.version=OpenBSD 3.8-current (GENERIC) #320: Sat Dec 17 10:09:10 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC A 3.9 system is a tad different, but exhibits the same strangeness: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=48 39 kern.nprocs=48 Any idea where the discrepancy might be coming from? By default, ps does not show kernel processes. See ps(1), -k option. -Otto
Re: Lenovo notebooks
On Sun, Oct 29, 2006 at 11:44:41AM +0100, Jonathan Thornburg wrote: The main thing I've found which doesn't work at all well is sending video to the external video connector to drive a projector for conference presentations. The usual tricks like changing the X resolution (with 'xrandr') and toggling Fn-F7 have no effect whatsoever -- so far as I can tell there's no signal at all going to the external video connector. The only way I have found to make this work is to reboot, enter the IBM BIOS setup, and set the 'boot video device' to 'LCD + VGA' (instead of the default 'Thinkpad LCD'). The machine then boots normally (with the console display), but when I start X the builtin display is blank and 1280x1024 video is sent to the external connector. My usual 'xterm -fn 7x14 -fg white -bg black' is really ugly in this video mode, but 'xpdf -fullscreen' looks fine. On a T43 I also have to have output set to LCD+VGA, and to reboot with a connector in the VGA port if I want video out to actually work; annoying but not unbearable. The thing that I have not yet conquered is the almost total randomness as to what resolution X will use. On a handful of data projectors, I've got the correct 1024x768; on most I get 640x480; and I get occasional oddities like clipped 1024x768 (missing 20-30 pixels on all edges). Nothing I've tried thus far has persuaded X to use a sensible resolution in such cases. My guess would be that the T43p - which I believe uses a completely different video card to the T43 - may be immune to such problems. Laurie -- http://tratt.net/laurie/-- Personal http://convergepl.org/ -- The Converge programming language http://sosym.dcs.kcl.ac.uk/ -- Software and Systems Modelling Team
Re: defaults for OpenSSH
In order to have sane configuration defaults in OpenBSD, what are the good reasons to not disable ssh root access, Machine administration. and to not disable sshv1 protocol by default ? I am actually more worried about security problems in the protocol 2 code which is roughly 4-5x as complicated. People's fears are misplaced. But it is fun to ride a meme, isn't it.
macppc kernel panic during boot with 10.23.2006 snapshot
This is on a 400mhz 1st gen tibook. It boots runs fine with 3.9. Unfortunately the keyboard isn't doing anything useful, so all i can report is what's on the screen: the last message is: - openpic0 at macobio0 offset 0x4000panic: trap type 200 at 2eafb0 ( openpic_do_pending_int+0x230) lr 2ea674 Stopped at Debugger+0x10; lwz50,2025 - I'm not convinced updating from 3.9 to 4.0-CURRENT via source is the best idea, so unless someone has a quick fix for this i'll hang out a couple of days and try the next snapshot Thanks, Ben
low through-put on bge cards OBSD 4.0 3.9
I have a pair of Sunfire x2100's I am trying to configure as vpn routers to bridge between two Data Centres. isakmpd - easy working bridging - also easy bridging over ipsec tunnel - surprisingly easy as well The problem I am having is the one part that I _assumed_ would be the easiest. I can not seem to get more that ~43 megabytes per second through the bge cards on these boxes. This is the unencrypted speed with the cards attached by x-over cable or on a 2950 switch with only these two boxes attached. I am running 4.0 using the 386 mp kernel compiled for IOAPIC. I had essentially the same results w/ 3.9. I tried installing Suse 10.0 just to see what kind of throughput I got there, and was getting ~80 megabytes per second. This told me that the HW was at least capable of getting the throughput I expected. Of course the bloody linux dist is useless for these types of applications.
low through-put on bge cards OBSD 4.0 3.9
I have a pair of Sunfire x2100's I am trying to configure as vpn routers to bridge between two Data Centres. isakmpd - easy working bridging - also easy bridging over ipsec tunnel - surprisingly easy as well The problem I am having is the one part that I _assumed_ would be the easiest. I can not seem to get more that ~43 megabytes per second through the bge cards on these boxes. This is the unencrypted speed with the cards attached by x-over cable or on a 2950 switch with only these two boxes attached. I am running 4.0 using the 386 mp kernel compiled for IOAPIC. I had essentially the same results w/ 3.9. I tried installing Suse 10.0 just to see what kind of throughput I got there, and was getting ~80 megabytes per second. This told me that the HW was at least capable of getting the throughput I expected. Of course the bloody linux dist is useless for these types of applications. Any suggestions?
Re: Contributing and Shame [Was: Lenovo notebooks?]
Otto Moerbeek wrote: On Sat, 28 Oct 2006, Breen Ouellette wrote: I honestly do not know as I do not have access to the size of the user base nor the financial needs of the project. If 5000 users gave $100 per year to the project that would be half a million dollars. Are there 5000 users? Is half a million per year more or less than the project earns now? Half a million seems like a lot, but it only represents 10 developers on a yearly salary of $50,000, and I personally feel that there are developers that are worth at least that much for a full time contribution. Do the paid developers currently take more or less salary to work full time on OpenBSD? How much of the yearly budget needs to go toward hardware purchases? Operating expenses? Does Revenue Canada get its dirty little fingers into this? There are too many unknown variables to answer this. There is one known factor, though: almost all developers work as volunteers, the project does not pay salaries (there have been exceptions, but I'm talking about the current situation). Some developers work for companies and do OpenBSD (related) stuff in their work time, but in general, developers work in their spare time. The exception being Theo, of course. That is why I went with what I believe is a fairly conservative number for the user base, although it is a wild guess. But it seems that 5000 people could make an impressive difference to project funding if they were so inclined to donate a mediocre amount on a yearly basis. Based on the DARPA funding days, did having more developers on salary help the situation? There comes a point where throwing money at a problem doesn't help anymore, but I have never seen a concrete financial goal for OpenBSD so I don't know if there is one. Perhaps a donations thermometer on the front page, with appropriate links to Project Goals or Donations listing specifics of how additionally raised funding will be applied, would give some people more incentive to donate. This kind of thing can light a fire under some people. I would equate it to the vendor mailing campaigns. A lot of us wouldn't write emails if Theo didn't tell us where to send them. Once he provides a direction, though, the emails start flying. Maybe the same would be true with money! It seems like a fairly low impact way to try and boost donations, at any rate. Breeno PS - This topic came up back in 2003, but the thread degenerated into an argument about 'selling printed copies of the BSD license on shiny paper for $500 a pop'. The point was also made that some people will not change their donating habits if there is a donation meter. I actually fall into that category. However, I am open to the idea that not everyone falls into that category, just as not everyone falls into the CD-buyer category. Some people need a little convincing - which a meter plus goals might achieve. Since this is squarely in Theo's court - sorry in advance if this is still an idea that you have no interest in implementing.
Re: low through-put on bge cards OBSD 4.0 3.9
On Mon, 30 Oct 2006, Dag Richards wrote: I can not seem to get more that ~43 megabytes per second through the bge cards on these boxes. This is the unencrypted speed with the cards attached by x-over cable or on a 2950 switch with only these two boxes attached. [snip] Any suggestions? Try bumping net.inet.tcp.recvspace and net.inet.tcp.sendspace. http://www.openbsd.org/faq/faq6.html#Tuning -- Kyle George [EMAIL PROTECTED]
Re: Ralink broken after last update
Could you please run the following commands on your ral-based access point, preferably before and after the rssadapt-AMRR change: # netstat -i # ifconfig -M ral0 Thanks, Damien | I'm running Canyon CN-WF511 wireless PCI card (Ralink RT2561S) | in hostap mode in my 30m2 flat, serving one laptop next room. | The wireless quality has always been less than stellar, even | when few meters from the OpenBSD box antenna. But it works for | reading mail and news and thats all that matters in this case. | | Unfortunately, after updating last week (I'm following -current) | things got a bit worse. When in the same room with the AP, it works | as craptastically as before, but further away (say 5 meters and a | concrete wall between) things slowly cripple to the point when laptop | can't even find the AP. | | Long story short, looks like this update is to blame here: | | replace rssadapt(9) with amrr for automatic rate control. | as a side-effect, this should fix all the bogus xmit rate panics | users have been complaining about for some time when operating in | HostAP mode. | | I grabbed previous versions of relevant files from cvsweb and | rebuilt the kernel. | | Things work well now. | | Btw, I, too, suffered kernel panics before but forcing mode 11b in | hostname.ral0 took care of that. | | Here's my dmesg: http://doktor.kompro.ee/dmesg | | PS. I stared at the output of tcpdump -i ral0 -y IEEE802_11_RADIO | when it was broken but could'nt make any sense of it. | If someone would tell me what to look for there, I'm willing | to break things again and investigate.
Re: Ralink broken after last update
| I'm in this case too using OpenBSD 4.0-current (GENERIC) #1163: Thu | Oct 19 14:40:44 MDT 2006 : | | ural0 at uhub0 port 1 | ural0: Nintendo Nintendo Wi-Fi USB Connector, rev 2.00/0.01, addr 2 | ural0: MAC/BBP RT2571 (rev 0x05), RF RT2526, address 00:0d:0b:c3:cb:bb | | ural0 is in hostap mode, /etc/hostname.ural0 : | | 192.168.13.254 255.255.255.0 media DS11 mediaopt hostap mode 11b nwid w3lC0m3_H0 | m3 chan 11 | | I use it from my powerbook, and sometimes, I lost Wi-Fi connectivity | for about 1 minutes... Screen helps :) This is a different problem. ural(4) has always used AMRR for rate control and it isn't even enabled in hostap mode. Is your problem new to OpenBSD 4.0 or was it already existing in previous releases? Is your powerbook wifi adapter working in powersave mode? Thanks, Damien
Re: Contributing and Shame [Was: Lenovo notebooks?]
In article [EMAIL PROTECTED], Breen Ouellette wrote: I feel that if the user base can meet the financial needs of the project then the user base is doing its part. Unfortunately, I know of several people who use OpenBSD that will never send in a flat penny. These are the same people that have 2TB of disk space on their main desktop, running a pirated copy of Windows XP, with 2000 CDs and DVDs of pirated music and movies sitting on their bookshelf. They feel that everything that isn't nailed down should be free. I believe that you mean they feel that anything that is not nailed down is free to be stolen. There is quite the chasm between free and stolen property. --Toby.
Re: Secure Apache Webserver
On Sun, Oct 29, 2006 at 03:20:25PM +0100, Aiko Barz wrote: Hello, I already discussed this subject on the list. There were several possible solutions for this subject and I have chosen one, I would like to present now. The problem: I have several vhosts, which are used by several people. The Apache is running with $UID 67. Users can access the system by using scponly, which is jailed into /var/www. No problem here so far. This issue was, that all scripts must be readable or even writeable for the Apache Webserver. So one hacked page could damage other vhosts by writing some PHP code to access the other vhosts within /var/www. My solution: 1. I made SuExec working within the chroot environment. (http://www.openbsdsupport.org/ApacheSuexecChroot.html) 2. I wrote a patch for suexec.c to handle *.php correctly. (http://files.haeckser.net/haeckser.net/suexec.patch) 3. I compiled PHP by my own with CGI-support and moved the binary into the chroot. 4. I removed mod_php and mod_perl and set the Apache directives User, Group, AddHandler cgi-script and Options +ExecCGI. Now, every PHP-script has the permissions 700 and gets executed with its own $UID. I feel much better now. :) I believe it is possible to set this up using FastCGI, which will actually be (reasonably?) fast too. Yes, I am a FastCGI fanboy. Joachim
Re: new postgresql in ports
On Sun, Oct 29, 2006 at 11:59:33PM +0100, LeVA wrote: 2006. October 29. 22:30, viq: On 29/10/06, LeVA [EMAIL PROTECTED] wrote: Hi! There was a commit today which updates postgresql to version 8.1.5. This fix made it to the stable branch too, so will there be a package for it, or I have to compile it from ports? I don't really understand how this updating process work yet, so just forgive (but not ignore :) me, if I'm writing foolish things. From what I've seen, for current the packages are usually built something like once or twice a month, for most arches. For stable, from the discussions here I understand packages are (re)built if they are updated, but pretty much only for i386. So if you don't want to wait, or are on a different architecture, you need to build it from ports. I'm using -stable and i386. I can wait, and I want to, if I only knew how long... (at least approximately; 1 week | 2 months?). I see that screen still hasn't got an updated package, altough there was a security update for it a few days (maybe 1 week?) ago. A couple of days. If you know what you are doing, you can do the compilation yourself. Joachim
Re: I need help in interpreting some Docs
[Excuse me for the very late reaction, please; I was away this weekend.] On Thu, Oct 26, 2006 at 03:46:45PM -0700, John Draper wrote: Joachim Schipper wrote: I also posted this to the snort users list, [EMAIL PROTECTED], but (sigh) my postings are not making it to the list. Have they changed their list mailing address? I suppose I shouldn't ask that in this forum, but if anyone knows the snort mailing list address, and if it's different, then I need to know that. I really wouldn't know what snort mailing lists are there, but are you *really* certain that is not just one random guy? a quick google does suggest so, and does suggest that https://lists.sourceforge.net/lists/listinfo/snort-users might be a good place to start (note the [EMAIL PROTECTED]). I just learned they changed the name of the mailing list, which I joined more then 3 years ago. I'm still getting mail from [EMAIL PROTECTED] but for some reason, sending mail there no longer works, but I did get a different Email, and have since sent this posting to them as well, and confirmed it is working now. I think I've decided to download and test SnortSam and see if it meets my needs. It seems to only support OpenBSD 3.6 (I have 3.8), and have joined the SnortSam mailing list so I can direct my questions to this list as I start learning it. Just be sure to install 4.0 before doing any serious work. It shouldn't be too different, and running an old version is un-fun. Questions are, of course, welcome; that's what this list is for, to a certain extent. However, I can't believe you actually tried to find the answer to the IPTables question before posting. (I could see how one would have trouble finding the answer to the other questions.) I might have been looking in the wrong place - sorry! These things happen. No harm done. I'm sorry, I overreacted a bit. Also, if you had actually taken a look at the port, /usr/ports/net/snort, you'd have noticed the flexresp option (and the lack of inline option, I didn't notice it, because how would I know to look for it? I don't even know what a flexresp option is and yes, I agree with you that I should use the ports tree, but I WILL need to build snort from source, expecially if I intend to use SnortSam, because I already looked at their docs, and am putting together an installation plan. I develop this plan while I'm reading the archives in the mailing lists, of which I'm focusing on SnortSam right now, and getting it to work with OpenBSD's PF... but as I said earlier, SnortSam supports up to ver 3.6 of OPenBSD, but they only said they tested it to that version, I'm hopeful SnortSam WOULD work with the new 3.8. It should, and probably will. Joachim
kevent sample code?
Can anyone point me at some sample code for kevent. I am trying to write a program that will watch a file for a write and can then read the new lines and act upon them. So far, I get the first event but not subsequent events. Stuart van Zee [EMAIL PROTECTED]
Re: Secure Apache Webserver
Joachim Schipper wrote: I believe it is possible to set this up using FastCGI, which will actually be (reasonably?) fast too. Yes, I am a FastCGI fanboy. I just spent the whole day setting up FastCGi using www/mod_fastcgi and www/fcgi. I ended up with a server process, written C, that runs outside the apache chroot as a FastCGIExternalServer and Apache communicating with this through mod_fastcgi using an AF_UNIX socket. The fastcgi server connects to a PostgreSQL database to do stuff, and yes, this setup is fucking fast. And of course it does not have the security problems PHP has, the slowness of CGI nor the overhead of Zope...
misc, Da Ve recommends that you use Google Calendar
I've been using Google Calendar to organize my calendar, find interesting events, and share my schedule with friends and family members. I thought you might like to use Google Calendar, too. -- Da Ve recommends that you use Google Calendar. To accept this invitation and register for an account, please visit: [http://www.google.com/calendar/] Google Calendar helps you keep track of everything going on in your life and those of the important people around you, and also help you discover interesting things to do with your time.
Re: specified device does not match mounted device
Here is a late afterthought... I wrote on Mon, Oct 02, 2006 at 11:36:38PM +0200: Karel Kulhavy wrote: I tried to mount a CD-ROM twice: [EMAIL PROTECTED]:~$ mount /dev/cd0c /mnt/cdrom mount_ffs: /dev/cd0c on /mnt/cdrom: \ specified device does not match mounted device As soon as you start using OpenBSD 4.0, this won't happen to you again, see here: $ cd /usr/src/sbin/mount_ffs $ cvs log mount_ffs.c|grep -B1 -A2 2006/08/11 revision 1.19 date: 2006/08/11 11:47:39; author: pedro; state: Exp; lines: +2 -6 Give a less cryptic error message when trying to mount invalid file systems, okay thib@ ian@ millert@ beck@ You will now get Invalid argument. The improvement was committed more than a month before we discussed the point... Somewhat amazing, i must say... Apparently, reading source-changes@ is useful when trying to answer questions. :-/ [...] Man mount doesn't mention the error message. I suggest the error message to be added and explained in the mount manual page. Maybe the mount_ffs(8) man page could be improved; i will perhaps think about it... After the improvement by pedro@, i think no fix to the man pages is required. In any case, it would be out of place both in mount(8) and mount_ffs(8), and it _is_ mentioned briefly in mount(2). Concerning the rest of my lengthy message, i dimly remember somebody recently talking about improving the way the system handles medium not present and/or medium not ready conditions from CD drives. I even think it was Theo, so quite possibly part of the rest of what i said may be outdated, too. Anyway, i'm too lazy now to check that in detail.
Re: kern.nprocs not (closely) matching ps -ax |wc -l ??
On 10/30/06, Otto Moerbeek [EMAIL PROTECTED] wrote: On Mon, 30 Oct 2006, Bill Marquette wrote: I understand that the ps -ax would have spawned at least one more process (and a header) than the sysctl count, but I'm not seeing why sysctl is showing 11 more processes than ps does: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=46 35 kern.nprocs=46 This machine has been up a while and has had enough various errors to make the boot dmesg disappear from logs, so here's the various kern.* sysctl's that show what kernel I'm running: kern.ostype=OpenBSD kern.osrelease=3.8 kern.osrevision=200511 kern.version=OpenBSD 3.8-current (GENERIC) #320: Sat Dec 17 10:09:10 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC A 3.9 system is a tad different, but exhibits the same strangeness: $ sysctl kern.nprocs (ps -ax |wc -l) sysctl kern.nprocs kern.nprocs=48 39 kern.nprocs=48 Any idea where the discrepancy might be coming from? By default, ps does not show kernel processes. See ps(1), -k option. -Otto Gah, thanks! Never occurred to me that -a wouldn't show all processes. Learn something every day, thanks to all for their responses. --Bill --Bill
Re: EuroBSDCon is coming up !
OpenCON 2006, the OpenBSD conference will be held in Venice, Italy, December 2-3. Massimiliano Stucchi wrote: EuroBSDCon, the main European BSD event is coming up in less than two weeks. I do not want to miss this occasion to make you aware of a different event that is also taking in place in Italy at about the same time, but with a slighty different focus: OpenCON 2006. Focused on OpenBSD. And unless in Milan, a lot of OpenBSD developers will be present in Venice. OpenCON 2006, unlike EuroBSDCon, is a conference dedicated to OpenBSD only. The main European OpenBSD event. We already have registrations from more than ten countries and lots of OpenBSD developers from all over the world, Europe, Australia, Canada, USA, Switzerland, Germany, Belgium, Turkey, etc. will attend this ground breaking OpenBSD event and give talks on their recent work in OpenBSD. Check the program on our website, www.opencon.org. We would also like to inform that people who want to attend the event should sign up as soon as possible in order to take advantage of the early bird rate, which will be available until November 2. OpenCON 2006 is totally free to attend. Listen to OpenBSD developers for absolutely no cost. Register whenever you want, there is no strict deadline. You can join the OpenBSD party on Saturday if you want to. Find all the details on http://www.opencon.org/ OpenCON 2006 takes place on December 2-3 in Venice, ideally located at the Marco Polo Airport (VCE). With beste Regards, Marc Balmer, OpenCON 2006 Organizing Comittee Organizer of the 2005 EuroBSDCon Conference in Basel, Switzerland.
Re: specified device does not match mounted device
On Mon, Oct 30, 2006 at 10:40:53PM +0100, Ingo Schwarze wrote: The improvement was committed more than a month before we discussed the point... Somewhat amazing, i must say... Apparently, reading source-changes@ is useful when trying to answer questions. :-/ Sorry for not warning you guys about this. I thought I had done so. -p.
Re: low through-put on bge cards OBSD 4.0 3.9
Kyle George wrote: On Mon, 30 Oct 2006, Dag Richards wrote: I can not seem to get more that ~43 megabytes per second through the bge cards on these boxes. This is the unencrypted speed with the cards attached by x-over cable or on a 2950 switch with only these two boxes attached. [snip] Any suggestions? Try bumping net.inet.tcp.recvspace and net.inet.tcp.sendspace. http://www.openbsd.org/faq/faq6.html#Tuning Yes I had tried setting the send and receive buffers to 65536 om 3.9 it helped but not much as I recall. I just tried setting the buffers on 4.0 and got ~57 MBps throughput, so thanks thats it better. I am using the oh so precise and accurate ftp as a means of measuring throughput. I know it is at best an imprecise method, but I was so far off my expectation I did not see the point in being more rigorous. I just download the iperf package, I will see if I can get some more precise numbers.
Re: kevent sample code?
On 10/30/06, stuartv [EMAIL PROTECTED] wrote: Can anyone point me at some sample code for kevent. I am trying to write a program that will watch a file for a write and can then read the new lines and act upon them. So far, I get the first event but not subsequent events. tail(1) uses kevent for following a file, I can't imagine any simpler examples. -- Jon
Re: Is there a deluser equivalent in OpenBSD?
It was pointed out to me in private e-mail that I mistakenly assumed telnet to be telnet and not ssh. I'm quoting parts of the private e-mail I received to the list in the hopes of educating others on the use of ssh. On Mon, Oct 30, 2006 at 04:04:34PM -0500, Eric Furman wrote: | On Mon, 30 Oct 2006 10:12:58 +0100, Paul de Weerd [EMAIL PROTECTED] | said: | You offered no such thing, I'm afraid. If you haven't used telnet for | nearly ten years[1], why do you still type it at the command line ? | | telnet is a link to ssh. I thought that was obvious. Not quite, no. Apart from breaking stuff for your users, you even used the wrong semantics for ssh (telnet) in your script : for box in $BOXES do { sleep 5;echo username;sleep 2;echo password;sleep 2; echosudo do some command left as exercise for reader; sleep 3;echo exit; } |telnet $box 2/tmp/rcmd.error 1/dev/null done You first echo username and then password. If you've used telnet and ssh(1) a few times, you'd know that telnet/telnetd will ask for a username, ssh/sshd will not. The last combination defaults to your current username or takes the one given on the commandline. If you knew a bit about the inner workings of both, you'd also know why this is. Your example script uses telnet-style semantics and the telnet-commandname. That makes it somewhat unlikely that it really is the ssh-binary you're executing. Unless of course you have no experience in writing scripts like these, in which case I see no reason for you to bad mouth Otto for voicing his opinion *against* your script. | Don't pipe sleep and echo's (esp. passwords) to telnet. Not a good | | It's not actually telnet. This is wrong in so many ways. If you want to prevent your users from using telnet, replace telnet with a `echo telnet is deprecated, use ssh in stead`-script. But as I indicated in my original e-mail, there's a lot of use for telnet(1), so you may not want to do this. You keep using telnet when you really shouldn't be using this. When you or your users are on another system, you'll stick to using telnet. This is s wrong. Educate yourself and your users. Learn to use ssh. Even on trusted networks - it's just good practice. Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/ [demime 1.01d removed an attachment of type application/pgp-signature]
Freetype2 without X11 or no_x11 package
Hi, I have a soekris that I udpdate to OpenBSD 4.0. I want to install symon, that use gd2 that use freetype2 that is part of X11. I do not have installed X11 on the soekris drive (obviously). There is no no_x11 flavor for g2. There is no package for freetype2. How to solve this ? Create flavor no_x11 ? But, I need the freetype2 ! and there is no package. Create a freetype2 package ?!?! Or install X11... Any help is welcomed. Pailloncy Jean-Gerard
Via C7 fully supported?
Is the VIA C7 cpu fully supported yet? According to http://www.openbsd.org/i386.html#hardware , only the VIA C3 is supported. According to http://www.openbsd.org/40.html#new , Improved speed control on some systems: * New SpeedStep detection code, also adds support for VIA C7-M, and several newer Pentium M's. That seems to be the only change related to the C7 I can find. The padlock feature designed to speed up crypto looks useful.
Re: NOD32 Antivirus and OpenBSD?
On Fri, 27 Oct 2006 08:53:00 -0400, stuartv wrote working on it). The reason we run AV at the border AND on the inside boxes is quite simply that I have seen way too many times in my carreer a virus be ignored by one AV package but caught by another. Security is a must where I work and the added protection Good point. Running anti-malware software on border machines, such as STMP servers, proxies, etc. is an important countermeasure for network wide infection. It's very much possible to have an outdated or undefended node in the network but in border defense line, that's not the case. On a border server, I wouldn't recommend clamav or any antivirus software. Clamav has had many vulnerabilities and some of them remotely exploitable. And it's not just the antivirus software you have to keep up-to-date, but all the other software that is required to make it function, like the software that transports the email from the email server to the antivirus software and back again. b = clamav or any antivirus product that checks for viruses in email on some server w = any antivirus software that runs on the users' windows computer such as norton antivirus assume b and w are always updated. Protect email? b = yes w = yes Protect users from malicious websites? b = no w = yes Protect from infected media, like floppy, cd, dvd, or usb drive? b = no w = yes Put load on server? b = yes w = no Protect files that have managed to be distributed by any other means other than email? b = no w = yes Protect laptop users who take their laptops off the company site? b = no w = yes Protect a network from an infected laptop? b = no w = yes Protect users who use file-sharing programs like bittorrent or kazaa? b = no w = yes If b or w stopped working, would users still get their email? b = very possibly no w = very possibly yes With all the complexity that b needs in comparison to w, I'd rather just stick with w (kiss, keep it simple stupid). But you do bring up a good point, security in layers and one software doesn't catch everything.
Re: NOD32 Antivirus and OpenBSD?
On 10/30/06, smith [EMAIL PROTECTED] wrote: Put load on server? b = yes w = no *snicker* Protect a network from an infected laptop? b = no w = yes Pfff! At best I'd say w = possibly yes having seen various antivirus programs pop and say i detected that i'm propagating this malware, but i'm not stopping it! or i just received this malware and i dropped the ball now i'm infected too! -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: Via C7 fully supported?
Is the VIA C7 cpu fully supported yet? C7-M dmesg below. The padlock feature designed to speed up crypto looks useful. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-128-cbc 31885.24k 118568.67k 312349.58k 535048.83k 649099.91k Regards, Greg OpenBSD 4.0-current (GENERIC) #1159: Tue Oct 17 18:24:33 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 1000MHz (CentaurHauls 686-class) 1 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MM X,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: unknown Enhanced SpeedStep CPU, msr 0x04090a0904000a09 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1000 MHz (844 mV): speeds: 1000, 400 MHz cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 266825728 (260572K) avail mem = 235655168 (230132K) using 3287 buffers containing 13463552 bytes (13148K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(d2) BIOS, date 06/26/06, BIOS32 rev. 0 @ 0xf9ed0, SMBIOS rev. 2.3 @ 0xf (33 entries) apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xd274 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfd180/224 (12 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 13 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 10 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc8000/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00 pchb3 at pci0 dev 0 function 3 VIA PT890 Host rev 0x00 pchb4 at pci0 dev 0 function 4 VIA CN700 Host rev 0x00 pchb5 at pci0 dev 0 function 7 VIA CN700 Host rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 re0 at pci0 dev 11 function 0 Realtek 8169 rev 0x10: irq 10, address 00:03:1d:03:97:ad rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0 re1 at pci0 dev 12 function 0 Realtek 8169 rev 0x10: irq 10, address 00:03:1d:03:97:ae rgephy1 at re1 phy 7: RTL8169S/8110S PHY, rev. 0 re2 at pci0 dev 13 function 0 Realtek 8169 rev 0x10: irq 10, address 00:03:1d:03:97:af rgephy2 at re2 phy 7: RTL8169S/8110S PHY, rev. 0 re3 at pci0 dev 14 function 0 Realtek 8169 rev 0x10: irq 10, address 00:03:1d:03:97:b0 rgephy3 at re3 phy 7: RTL8169S/8110S PHY, rev. 0 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 10 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility pciide1: channel 0 disabled (no drives) wd0 at pciide1 channel 1 drive 1: SanDisk SDCFH-512 wd0: 1-sector PIO, LBA, 488MB, 1000944 sectors wd0(pciide1:1:1): using PIO mode 4, DMA mode 2 uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 10 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 10 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: irq 10 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered viapm0 at pci0 dev 17 function 0 VIA VT8237 ISA rev 0x00 iic0 at viapm0 lm1 at iic0 addr 0x2f: W83782D auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x60: irq 10 ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0) audio0 at auvia0 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom0: console pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pccom2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 biomask ff45 netmask ff45 ttymask ffc7 pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0
Re: Via C7 fully supported?
Sweet Is there any company doing a ready-to-use board with this chip? Something like what soekris does...but with the VIA C7 chip... JD
Re: Contributing and Shame [Was: Lenovo notebooks?]
Tobias Weingartner wrote: In article [EMAIL PROTECTED], Breen Ouellette wrote: I feel that if the user base can meet the financial needs of the project then the user base is doing its part. Unfortunately, I know of several people who use OpenBSD that will never send in a flat penny. These are the same people that have 2TB of disk space on their main desktop, running a pirated copy of Windows XP, with 2000 CDs and DVDs of pirated music and movies sitting on their bookshelf. They feel that everything that isn't nailed down should be free. I believe that you mean they feel that anything that is not nailed down is free to be stolen. There is quite the chasm between free and stolen property. Indeed. That sums up the attitude very nicely. Breeno
Re: NOD32 Antivirus and OpenBSD?
On Thu, 26 Oct 2006 23:28:41 -0400, STeve Andre' wrote On Thursday 26 October 2006 20:16, smith wrote: Some people like to run antivirus software on UNIX boxes to ensure they're not carriers for Windows viruses, etc. Personally, I think it should be the responsibility of the Windows users to secure their own machines rather than relying on the kindness of others. -Damian I second that. Why waste server resources and decrease server security, when all Windows machines should be running their own antivirus software to begin with. Why? Because an OpenBSD system isn't subject to the possibility of being co-opted as a Windows machine can, thats why. Different perspectives are a good thing. --STeve Andre' If openbsd is running 3rd party software (clamav) it can.
Re: Via C7 fully supported?
Hi Jean-Daniel, Is there any company doing a ready-to-use board with this chip? Something like what soekris does...but with the VIA C7 chip... I have received my first Jetway mini-itx board yesterday. My supplier lists it as: Jetway J7F4K Series VIA CN700 VIA C7 @ 1.5 GHz D (TDP 25 W) It has 2 onboard Gigabit devices (Dual RealteK RTL8110SC 10 / 100 / 1000 PCI LAN PHY). With an add-on board, you can put in an additional 3 of those babies. The total price will then be below euro 200. Unfortunately, I'm experiencing memory problems with the board, so I haven't been able to actually boot it. As soon as I can get it to work properly and find out about the PadLock stuff on this board, it is off to Melbourne. Be well... Nico
Re: Hard drive going bad? or something else? (obsd4.0)
On 10/30/06, patrick ~ [EMAIL PROTECTED] wrote: I'm going to try swapping out modules, maybe I'll get lucky. unrelated but needing an archive mention is something odd I just ran across with the deadly uncorrectable sector messages is that I had two used maxtor drives that died on me after changing their axial orientation from their position previously.
Re: Hard drive going bad? or something else? (obsd4.0)
Thanks for the insightful info. Yes, as another user had suggested privately, I was running memtest86 since pretty much my post last night (early morning). Thus far 16 passes, running almost 17 hours and no errors. Although, I know, and as you pointed out, no errors doesn't really rule out bad memory module(s). I'm going to try swapping out modules, maybe I'll get lucky. --- Marcus Watts [EMAIL PROTECTED] wrote: I've not see this type of problem before, so I turn to you guys. Is this a sign that maybe a drive is going bad? Or sign of bad memory? What's going on here!? I know it is almost Halloween and all, but this is kinda _spooky_ to say the least. Idea? Please? :-) Hard drives contain lots of moving parts, a known reliability risk. Therefore most if not all modern hard disks and associated logic contain more or less elaborate internal self-checking logic to detect failing media, failing spindle motor, failing head positioning mechanism, over and under voltage, bus driver failure, etc. Most of these will result in kernel messages and/or other obvious signs of system distress. Your dmesg (assuming it was done after the failed build) doesn't show any evidence of such problem, so there's no reason to suspect a hard disk going bad. More likely possibilities are bad memory, a bad motherboard, incompatible memory, bad disk controller, mis-configured bus speeds, environmental problem, or possibly but less likely, a bad cpu. Memory is simple: if you buy a consumer grade home machine, you get memory that has no self-check logic. A chip going bad could well produce the problems you show below. A server class machine will nearly always contain ECC memory. A few companies (Dell, Sun) also make commercial grade desktop machines, which usually also contain ECC. Note that most home computer stores and even many professionals don't understand or value ECC memory, and will steer you away from such technology. If it's memory, even without self-check logic that may still be easy to see if it's broken. memcheck86+ has a good reputation. This is a stand-alone program, which you can leave running overnight. If it fails memcheck86+, then the problem is obvious. If it passes, the memory is still not in the clear; for instance, it's in theory possible for the memory to fail when accessed by DMA but not by the processor. If you can get the memory to fail more or less predictably, and you have multiple memory modules, you may be able to play remove swap games to identify which module is bad. Check your hardward doc first - on some systems, modules may need to be paired in some particular fashion. It is certainly worth checking your machine for obvious physical problems. For instance, check air paths to ensure they aren't blocked. Be suspicious of burning smells, obvious heat, excessive fan noise, or lack of distinct air flow. Check the inside of the machine. Is there excessive dust build-up? Are the fan blades clean? Do the fans spin very smoothly and fairly freely? Are the cables in the way? Are there any loose cables? Loose boards? Bad solder joints or cracks? (On most modern motherboards, it's not worth spending much time checking this if it's not easy to get to; removing the motherboard may itself cause damage, and even a large crack sufficient to produce complete failure may be nearly impossible to spot). Other signs of physical distress? Ideally you want your machine to be in a climate-controlled environment comfortable to people. Dust, very dry air, excessive moisture, temperature cycles, etc. are all bad. Electrically conductive dust can become particularly exciting. An older or fancier machine may have a separate disk controller, in which case if you have a spare it may be worth swapping. Your machine is probably not one of these. On many newer machines, the BIOS can contain settings which alter the speed or timing of various bus components. Getting this wrong can produce subtle weirdness, or obvious and drammatic signs of failure. It may take a while for subtle weirdness to manifest itself in any obvious fashion. If you have ECC memory, make sure the bios knows that. Sorting all this out can take time. If the machine is an older one, it may be cheaper to replace it than figure out what failed. Also, in case you missed it, building large software packages is an excellent way to burn a new machines in or establish that an existing machine is reliable. :-) -Marcus Get your email and see which of your friends are online - Right on the New Yahoo.com (http://www.yahoo.com/preview)