Re: filesystems?

2007-09-04 Thread Mike Swanson
Personally, ext2 should be an excellent choice; efficient disk usage and 
read/write support in all those OSes, including Windows, 
http://fs-driver.org/

I've been using that driver on Windows XP for a while now, so far no errors. 
It's not open source or anything unfortunately; but the open source 
ext2-on-Winodws projects seem to be riddled with errors, ironically.



Re: sasyncd: no shared key specified

2007-09-04 Thread Stuart Henderson
On 2007/09/03 23:42, Jacob Yocom-Piatt wrote:
 tried sasyncd out on 4.1-release and noticed that when i uncomment the basic 
 settings in the default /etc/sasyncd.conf file that i see

Just deleting the lines with comments should get it working for
you.

There must be something funny with the parser, it doesn't like
a line with a comment, followed by a newline, between the first
real line of the config and the key.

 # IP addresses or hostnames of sasyncd(8) peers.
 peer 10.0.0.2
 #peer 10.0.0.3
 #peer 10.0.0.4
 # Track master/slave state on this carp(4) interface.
 interface carp1

It's a bit early in the morning for me to see what's wrong with
conf.y but here's a test case:

peer 10.0.0.2
#

interface carp1
sharedkey 0x349fec85c11f6b658d5c457d4668e035f11dfdccb849d5053a8763787b74db70

...alternatively with the #\n\n between interface and sharedkey.



Re: partioning for multiple OS's

2007-09-04 Thread Guido Tschakert
stan schrieb:
 I have a new laptop.
 
 It came with Vista on it. I used gpartd to resize those partions, and added
 Ubuntu. Now I want to add OpenBSD, and FreeBSD. I'd like to do OpenBSD
 next.
 
 When I boot the 4.1 CD, I get to the partioning step, and I am confused.
 Since I can't figure out how to capture the screen imafe from a machine
 booted off of the CD. I'll show you what Linux's cfdisk shows.
 
 NameFlags  Part Type  FS Type  [Label]Size (MB)
 --
   sda1Primary   Unknown (27)  10479.01 
   sda2BootPrimary   FAT16[]   31453.48
   sda3Primary   Linux ReiserFS3.54
   sda5Logical   Linux swap / Solaris   3997.49
   Logical   Free Space74109.78
 
 How can I acomplish this?
 
 
 


Hello,

do you need to have dual (triple, quadruple) boot, or would you like to
hear about other possibilities?

I would say: use some kind of virtualization (vmware server, xen,
virtual pc )

Doing that, you have not to worry about partitioning and boot loader
configuration (which all is possible but will also likely end in a mess).
You have the possibilities to play with network between the virtual
machines and the host, you can eazy share data between them, and it is
eazy to set up.

Virtualization ist not a solution for everything but a solution for a
lot of things (I'm sure a lot of people here would agree), especially if
you want to play around with things.

guido



New user help

2007-09-04 Thread Adrian Fisher
Hello there,

I recently began to read about OpenBSD with a view to installing it on
my home system (I am somewhat new to Unix) and while I was able to
install the base system without any problems I was unable to find
clear instructions or pointers on how to go on from there.

I wish to install the system then install and use the KDE interface
and use CVSync to update all source and follow the stable branch.  I
am confident that if someone was to send me details of how to
accomplish this I would be able to learn much more about the system
and how to use it.

At the moment I use Ubuntu and come from an M$ background so want to
learn as much as possible.  I sometimes make mistakes (as can be seen
in my previous post but I am improving).

Thanks in advance.

A.



Re: New user help

2007-09-04 Thread Peter N. M. Hansteen
Adrian Fisher [EMAIL PROTECTED] writes:

 I wish to install the system then install and use the KDE interface

You did install the *tgz parts? 

If so, you should be ready to fetch and install packages such as the
various kde bits from your favorite mirror as per the FAQ's packages
section, http://www.openbsd.org/faq/faq15.html

 and use CVSync to update all source and follow the stable branch.  I
 am confident that if someone was to send me details of how to
 accomplish this I would be able to learn much more about the system
 and how to use it.

it's not really that hard, for sure. You may want to spend a little
time browsing the faq, for these issues the building the system from
source at http://www.openbsd.org/faq/faq5.html may be worth
reading.

Other useful alternatives for fetching source is csup (pkg_add csup) 
and its ancestor cvsup.  See which one appeals to you.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.



Re: 4.1-stable 'make build' dies with 'out of memory' building perl

2007-09-04 Thread j . thornburg
In http://marc.info/?l=openbsd-miscm=118786051715312w=1
I wrote:
 I run -stable on an IBM/Lenovo T41p laptop with 512M memory and 2G swap.
 I cvs-updated /usr/src on Aug 22 around 21:00 GMT.  As usual, I followed
 the instructions at  http://www.openbsd.org/stable.html  to rebuild...
 but unlike all the other times I've done this, this time 'make build'
 died while building perl.
[[...cut-n-paste error transcript ending with out of memory...]]
 A 'make build' usually takes 2 or 3 hours on this system, and the system
 has enough memory that (with the top-level 'make build' at nice 20) I
 don't
 notice any significant slowdown in concurrent interactive use.  I've
 certainly never noticed 'make build' paging before.

 How much memory is an i386 4.1-stable 'make build' supposed to need?

 Or is this more likely a cvs bit-bash which has garbled my tree
 and the failure symptom just happens to be an infinite recursion
 somewhere?

I'm pleased to report that I have solved the problem:
Just (as root)  rm /etc/malloc.conf  (which previously was a
symlink pointing to FGJP).

So... it seems that 'make build' doesn't like malloc.conf being
set to something other than the default (which is 'nothing at all').
Ok, lesson learned for next time...

My question now is, was this an OpenBSD bug (which I should report
on gnats), or a user error (which I should not report on gnats, at
least not on the OpenBSD gnats :) ?

ciao,
--
-- Jonathan Thornburg (remove -animal to reply)
[EMAIL PROTECTED]
   School of Mathematics, U of Southampton, England
   Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral.
  -- quote by Freire / poster by Oxfam



Re: OT recommended mobo with lots of pci slots

2007-09-04 Thread Jay Jesus Amorin

hi,

Just an o.t. based on your experience, can anyone pls recommend to me a 
intel/asus/epox mobo for dual core or pentium 4 proc with a lots of pci 
slot probably 4 or 5 pci slots and works fine on openbsd .


is there a good(at least) support on linux or bsd for intel dual core proc?


Thanks for your help guys.

--
Jay Jesus D. Amorin

Mobile: +639156275787
Home: +63 35 422-0023
Email: jay [at] jayamorin [dot] ph

YM: jayamorin



Re: New user help

2007-09-04 Thread Peter N. M. Hansteen
[EMAIL PROTECTED] (Peter N. M. Hansteen) writes:

 Adrian Fisher [EMAIL PROTECTED] writes:

 I wish to install the system then install and use the KDE interface

 You did install the *tgz parts? 

sorry, that came out wrong, it should have been 'x*tgz parts'. 

I do need more coffee.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
Remember to set the evil bit on all malicious network traffic
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.



Re: New user help

2007-09-04 Thread Stuart Henderson
On 2007/09/04 09:40, Adrian Fisher wrote:
 I recently began to read about OpenBSD with a view to installing it on
 my home system (I am somewhat new to Unix) and while I was able to
 install the base system without any problems I was unable to find
 clear instructions or pointers on how to go on from there.

Good start; the best way forward is to play around with the system
and learn your way around the documentation. As a new user, you're in
a good position to help identify areas that could benefit from more
detail, adjustments, or even just linking between sections.

Coming from MS and desktop Linux it might require a slight
change of mindset to trust the documentation, but it's one you need
to make to get much out of OpenBSD.

 I wish to install the system then install and use the KDE interface

http://www.openbsd.org/faq/faq15.html should help you get that
installed. As Peter pointed out you need to have the X file sets
too, if you missed them, the easiest way to add them is to boot
the installer and do an upgrade install. (The normal way to
start X is to place xdm_flags= in /etc/rc.conf.local).

 and use CVSync to update all source and follow the stable branch.  I

You'll find more about cvsync and building the OS from source
on www.openbsd.org, but there's plenty more to learn as it is.
There's really no hurry to get into source builds.

I don't know what you already know, but I'd suggest vi or mg,
basic use of pkg_* tools, grep, locate, man as all being good
to learn early.



Re: partioning for multiple OS's

2007-09-04 Thread stan
On Tue, Sep 04, 2007 at 12:55:56AM -0400, bofh wrote:
 On 9/3/07, stan [EMAIL PROTECTED] wrote:
   
NameFlags  Part Type  FS Type  [Label]Size 
(MB)
--
  sda1Primary   Unknown (27)  
10479.01
  sda2BootPrimary   FAT16[]   
31453.48
  sda3Primary   Linux ReiserFS
3.54
  sda5Logical   Linux swap / Solaris   
3997.49
  Logical   Free Space
74109.78
 
 sda1 is most probably your rescue space or bios utilities.  Not
 recommended for deletion.
 
I'm not really a Windows person. Could you explain why Windows needs _2_
partions? In the distant past I had windows on a multiboot machine without
this.

-- 
I'm sorry, no one here has any intentions of helping you with anything. 
I am the manager of all of Customer Service.



Ultraportable Laptop

2007-09-04 Thread Raimo Niskanen
Hi all!

I am pondering on which ultraportable laptop would be fine
for OpenBSD. The Lenovo ThinkPad X61 comes first to mind
since OpenBSD traditionally has been good at ThinkPads,
but a display of 1024x768 is too small. They should be
bigger nowdays.

Lenovo 3000 V100 (V200) is another choice, but it
appears they do not have at all the same rugged
mechanics as the ThinkPad series.

Samsung Q35 is a notebook that appears to have familiar
hardware, but I am too much of a novice to tell.

Sony Vaio TZ is another praised notebook, but I hear
the Sony Vaio series have been no good with OpenBSD.


Comments? Has anyone run Samsung Q35? It seems to be
the best alternative so far.


-- 

/ Raimo Niskanen, Erlang/OTP, Ericsson AB



Re: Centralized ports collection server

2007-09-04 Thread Marc Espie
On Tue, Sep 04, 2007 at 04:15:23AM +0200, Adriaan wrote:
 On 9/4/07, John Nietzsche [EMAIL PROTECTED] wrote:
  Dear gentleman,
 
  i would like to set a single box in my network to keep syncronized to
  the ports collection infra structure. My ideia is to export the
  directory /usr/ports to all my local connected machines. So, there
  would be no need to sync them all. I would like to be able to build
  the utilities/lib/etc once and be able to install them every machine
  with the same hardware/OS version.
 
  Is that possible?
  How show be my /etc/exports control configuration file?
 
 
 An alternative would be to use one box to create binary packages from
 ports. Copy or link the packages to one directory which you make
 available to the clients by NFS, scp or ftp.
 
 You now can install the binary packages on the clients by setting
 their PKG_PATH to that directory of the building machine.

Depends if all your boxes are the same architecture.
In any case, this is more or less sketched out in ports(7) (BULK PACKAGE 
BUILDING, in particular).

Roughly sketched:
- there are distinct areas in /usr/ports. There's the main stuff, there are
the distfiles, there are the packages, there are the cookies, and there are 
the working directories. You will want to use separate rules for each.
- You probably want to fetch the distfiles on the NFS server itself 
(using the mechanism described in mirroring-ports(7)
- keep the work directory local. That's what WRKOBJDIR is for.
- the ports tree has some mechanism to ensure that two thingies do not build
the same package at the same time. With separate workdirs, this is less of
an issue, as the chances of collision are less... but be careful. it's
probably a good idea to lock stuff on machines that share some not read-only
stuff (e.g., packages for the same architecture).
- you might want to put the built packages on a separate partition with
distinct rules: they're all that's needed if you just want to install stuff
on a machine.
- think about what you do with the various update and bulk cookies.

There. The only thing we do not handle at all is shared installation through
NFS. pkg_add really does not cope with machines which share only /usr/local
and not /etc, for instance...



Re: New user help

2007-09-04 Thread Vim Visual
For the kde thing, try something like

---
pkg_add curl

curl ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/packages/i386/ | awk
'{print $NF}'  /tmp/curl.out


for package in `grep -i ^wget /tmp/curl.out` `grep -i ^kdebase
/tmp/curl.out` `grep -i ^kdelibs /tmp/curl.out`\
   `grep -i ^kdeaddons /tmp/curl.out` `grep -i ^kdeadmin
/tmp/curl.out` `grep -i ^kdeartwork /tmp/curl.out` \
   `grep -i ^kdeedu /tmp/curl.out` `grep -i ^kdegames
/tmp/curl.out` `grep -i ^kdegraphics /tmp/curl.out` \
   `grep -i ^kdemultimedia /tmp/curl.out` `grep -i
^kdenetwork /tmp/curl.out` \
   `grep -i ^kdepim /tmp/curl.out` `grep -i ^kdesdk
/tmp/curl.out` `grep -i ^kdetoys /tmp/curl.out` \
   `grep -i ^kdeutils /tmp/curl.out` `grep -i ^kde-i18n-ca
/tmp/curl.out`
do
if ! pkg_add ${package} ; then
echo pkg_add of ${package} failed 12
fi
done
-

I have a big script to automatically install the software I always use
from a recent snapshot (-current, in development), plus PF, plus
antialiasing, plus X set-up etc etc. If you're interested, I can post
it

Cheers

Pau Amaro-Seoane



Re: Ultraportable Laptop

2007-09-04 Thread Jeroen Massar
Raimo Niskanen wrote:
 Hi all!

 I am pondering on which ultraportable laptop would be fine
 for OpenBSD. The Lenovo ThinkPad X61 comes first to mind
 since OpenBSD traditionally has been good at ThinkPads,
 but a display of 1024x768 is too small. They should be
 bigger nowdays.

Get the x61 Tablet edition with the a 12.1 SuperView SXGA+ TFT
1400x1050 190nit and all your problems are solved :)

See:
http://shop.lenovo.com/ISS_Static/merchandising/US/PDFs/X61tablet.pdf

Do note that some things (sound,hibernate) have not been solved yet on
OpenBSD, see the thread from last week orso, but it should not be too
long for those items to be resolved.

Enjoy!

Greets,
 Jeroen

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]



IPSEC.CONF with Dynamic IP address (parse HOST name) doesnt seem to work

2007-09-04 Thread * VLGroup Forums
Hello everyone,

I have several VPN tunnels between OBSD 3.8 systems (LAN to LAN via
VPN). These all have fixed IP addresses and all works
fine  :-) . However, now I have a OBSD 3.8 system that gets a Dynamic IP
address. I mapped that address to a hostname using DynDNS.org
Using ipcheck.py (a python program) it keeps the DynDns.org DNS servers
up-to-date when a IP change occurs. So far, so good.

I was hoping to   simply   use the DynDns host name in the IPSEC.CONF
file, but that doesnt seem to work :-(( .
For this mail I changed the name to remote5.dyndns.org. The real
name pings ok can  Ii can use it to SSH into the machine.

#
# IPSEC to remote location 5
# Active host, remote location is passive
#
ike esp from 172.17.0.0/16  to 192.168.76.0/22 peer remote5.dyndns.org
ike esp from openbsd ip  to 192.168.76.0/22 peer remote5.dyndns.org
ike esp from openbsd ip  to remote5.dyndns.org

Note the remote5.dyndns.org instead of a IP address.

When I load this config file I get :

# ipsecctl -f /etc/ipsec.conf

/etc/ipsec.conf: 46: could not parse host specification
/etc/ipsec.conf: 47: could not parse host specification
/etc/ipsec.conf: 48: could not parse host specification
ipsecctl: Syntax error in config file: ipsec rules not loaded

How to get around this, that is, get the host named 'parsed' inside the
ipsec.conf file towards the
correct IP address ?

regards
Wiljoh



Re: filesystems?

2007-09-04 Thread Jona Joachim
On Mon, 3 Sep 2007 18:17:44 +0200
Martin SchrC6der [EMAIL PROTECTED] wrote:

 2007/9/3, The One [EMAIL PROTECTED]:
  FAT32.

 And everyone can be compiled to read NTFS; Linux can even write to it.

FreeBSD can also write NTFS using the ntfs-3g driver together with
fusefs.


Jona

--
I am chaos. I am the substance from which your artists and scientists
build rhythms. I am the spirit with which your children and clowns
laugh in happy anarchy. I am chaos. I am alive, and tell you that you
are free. Eris, Goddess Of Chaos, Discord  Confusion



Re: filesystems?

2007-09-04 Thread Eric Elena
Le mardi 04 septembre 2007 C  00:23 +0200, Tonnerre LOMBARD a C)crit :
 Salut,
 
 On Mon, Sep 03, 2007 at 05:10:57PM +0200, Eric Elena wrote:
  I think fat32 is a good choice: you have nothing to install.
 
 Did you ever have to debug a deep directory structure where something
 caused all directory to become files? On a 500G disk? Fun.
 
   Tonnerre

No I didn't. Is it so fun? :)
I didn't say fat32 is a good FS but IMHO it's a FS with less constraints
than other ones. Imagine your network is down or you don't remember the
name of the driver and you need to access to the data stored on a FFS
disk from a new win box. I would say it's also fun :)
To avoid this problem, you can create a small fat partition, store all
the drivers (ext, ufs, ...) on it, and create multiple ufs/ext/..
partitions to prevent huge data loss.
But it depends on the use you will have of your disk.



Re: IPSEC.CONF with Dynamic IP address (parse HOST name) doesnt seem to work

2007-09-04 Thread Hans-Joerg Hoexer
Just use a recent snapshot.  Support for names instead of ip addresses has
been added, mh, at least a year ago.

HJ.

On Tue, Sep 04, 2007 at 12:32:55PM +0200, * VLGroup Forums wrote:
 Hello everyone,
 
 I have several VPN tunnels between OBSD 3.8 systems (LAN to LAN via
 VPN). These all have fixed IP addresses and all works
 fine  :-) . However, now I have a OBSD 3.8 system that gets a Dynamic IP
 address. I mapped that address to a hostname using DynDNS.org
 Using ipcheck.py (a python program) it keeps the DynDns.org DNS servers
 up-to-date when a IP change occurs. So far, so good.
 
 I was hoping to   simply   use the DynDns host name in the IPSEC.CONF
 file, but that doesnt seem to work :-(( .
 For this mail I changed the name to remote5.dyndns.org. The real
 name pings ok can  Ii can use it to SSH into the machine.
 
 #
 # IPSEC to remote location 5
 # Active host, remote location is passive
 #
 ike esp from 172.17.0.0/16  to 192.168.76.0/22 peer remote5.dyndns.org
 ike esp from openbsd ip  to 192.168.76.0/22 peer remote5.dyndns.org
 ike esp from openbsd ip  to remote5.dyndns.org
 
 Note the remote5.dyndns.org instead of a IP address.
 
 When I load this config file I get :
 
 # ipsecctl -f /etc/ipsec.conf
 
 /etc/ipsec.conf: 46: could not parse host specification
 /etc/ipsec.conf: 47: could not parse host specification
 /etc/ipsec.conf: 48: could not parse host specification
 ipsecctl: Syntax error in config file: ipsec rules not loaded
 
 How to get around this, that is, get the host named 'parsed' inside the
 ipsec.conf file towards the
 correct IP address ?
 
 regards
 Wiljoh



Re: filesystems?

2007-09-04 Thread Hannah Schroeter
Hi!

On Mon, Sep 03, 2007 at 10:48:27PM -0400, stan wrote:
On Mon, Sep 03, 2007 at 07:22:47PM -0400, Douglas A. Tutty wrote:
 On Tue, Sep 04, 2007 at 12:23:34AM +0200, Tonnerre LOMBARD wrote:
  On Mon, Sep 03, 2007 at 05:10:57PM +0200, Eric Elena wrote:
   I think fat32 is a good choice: you have nothing to install.

  Did you ever have to debug a deep directory structure where something
  caused all directory to become files? On a 500G disk? Fun.

 I would suggest that the OP be very specific with what is needed.  What
 size of filesystem?  Which operating systems need to read only and which
 to read and write.  Given how flexible Linux and OBSD are, I would guess
 that the limit will be what can windows do.  I don't know since I only
 used windows 3.1 for some games when I wasn't running OS/2.  For 7 years
 its been Debian and now I'm transitioning to OBSD.  I never have to
 interoperate with windows users.

OK, let's eliminate Windows from the requiremant. Now we have OpenBSD,
Linux, and FreeBSD in order of importance. All 3 need read/write access. I
will be using this to move data, and I want to be able to keep various
places in sync, using rsync. So modification date, and file name retention
are important.

Where does that lead us?

For me, ext2 works fine, on a USB hard drive.

Initialized it under OpenBSD:

First partitioned it into 2 primary partitions, one OpenBSD, one ext2.

Edited the disklabel accordingly (have the ext2 on slice i). newfs'ed (a
as ffs, mostly for backup purposes for OpenBSD boxen only, i.e. no
respect for other OS's needs; i as ext2, using mke2fs from the e2fsprogs
port/package).

At least on OpenBSD and on Linux it has worked fine up to now, both
reading and writing on both platforms.

Kind regards,

Hannah.



Re: Ultraportable Laptop

2007-09-04 Thread Michael Dexter
 I am pondering on which ultraportable laptop would be fine
 for OpenBSD. The Lenovo ThinkPad X61 comes first to mind
 since OpenBSD traditionally has been good at ThinkPads,
 but a display of 1024x768 is too small.

Do take a look at the Toshiba Portege M's and R's. My M300 has proven extremely 
stable with OpenBSD.

Michael.



Re: Ultraportable Laptop

2007-09-04 Thread Marco Peereboom
I love my Fijitsu lifebook q2010.

On Tue, Sep 04, 2007 at 12:01:36PM +0200, Raimo Niskanen wrote:
 Hi all!
 
 I am pondering on which ultraportable laptop would be fine
 for OpenBSD. The Lenovo ThinkPad X61 comes first to mind
 since OpenBSD traditionally has been good at ThinkPads,
 but a display of 1024x768 is too small. They should be
 bigger nowdays.
 
 Lenovo 3000 V100 (V200) is another choice, but it
 appears they do not have at all the same rugged
 mechanics as the ThinkPad series.
 
 Samsung Q35 is a notebook that appears to have familiar
 hardware, but I am too much of a novice to tell.
 
 Sony Vaio TZ is another praised notebook, but I hear
 the Sony Vaio series have been no good with OpenBSD.
 
 
 Comments? Has anyone run Samsung Q35? It seems to be
 the best alternative so far.
 
 
 -- 
 
 / Raimo Niskanen, Erlang/OTP, Ericsson AB



Re: Microsoft gets the Most Secure Operating Systems award

2007-09-04 Thread The One
But how would it spread? There have been 2 OS X viruses, yet they
spread terribly.

And Apple has already fixed the issue. :)

-The One

On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote:
 On 9/1/07, The One [EMAIL PROTECTED] wrote:
  On 3/23/07 2:53 AM, Theo de Raadt wrote:
   Symantec have been trying to demonise OS X for a long while.
  
   And it is going to work soon.
  
   Because OS X has no Propolice-like compiler stack protection, nor
   anything like W^X which makes parts of the address space
   non-executable, nor anything like address space randomization which
   makes certain attacks very difficult, especially with the previous two
   techniques.
  
   So when they have a bug, it is exploitable just like bugs are on any
   other powerpc or i386 machine running some other operating system.
  
   These days even operating systems like Vista have the above 3 security
   technologies.
  
 
  First of all, bugs and viruses are two different things.
 
  Second, OS X does not need third-party protection. All of the
  protection is built into the OS!
 
  If Vista is so secure, then why does one need to download
  virus/spyware protection when it can simply be built into the OS?
 
  -The One
 
 

 I don't have virus/spyware protection and I've been fine before with
 Vista and XP.

 Perhaps you mean to say why do users who install things they
 shouldn't need virus/spyware protection? which I would argue that the
 OS doesn't matter. I could write a script that asks for rootly
 permission in OS X and start nuking stuff with the promise of prettier
 icons for their desktop or IM client.

 If you were to argue for worms and things of the like, then I would
 agree. The only virus I will probably ever catch is some zero-day that
 hits the world and gets in my work network (won't happen at my house
 -- I live alone)



ipsec.conf/ipsecctl interop with Windows XP

2007-09-04 Thread Dan Brosemer
Has anyone got ipsec.conf/ipsecctl to interop with Windows XP?  I had this
working flawlessly with my isakmpd.conf, but rather like the new syntax and
want to switch.

I have it to the point of giving me this message when I start isakmpd with
'-K -d -vvv'

090413.992346 Default isakmpd: phase 1 done: initiator id 
/C=CA/ST=Ontario/L=Sault Ste. Marie/O=Clean North/[EMAIL PROTECTED], responder 
id c0a82101: 192.168.33.1, src: 192.168.33.1 dst: 192.168.33.151

But no tunnels are created and no more messages are displayed.

My ipsec.conf looks like this (tried with and without the 'quick...' line:

ike passive esp from any to 0.0.0.0 main auth hmac-sha1 enc 3des-cbc \
   quick auth hmac-sha1 enc 3des-cbc \
   group modp1024

And the isakmpd.conf (working) it replaces looks like this:

[Phase 1]
Default=ISAKMP-peer-WI

[Phase-1-ID]
ID-type=USER_FQDN
Name=   [EMAIL PROTECTED]

[ISAKMP-peer-WI]
Phase=  1
Transport=  udp
Configuration=  Default-main-mode
ID= Phase-1-ID

[Default-main-mode]
DOI=IPSEC
EXCHANGE_TYPE=  ID_PROT
Transforms= 3DES-SHA-RSA

[Default-quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=  QUICK_MODE
Suites= QM-ESP-AES-SHA-PFS-SUITE

[3DES-SHA-RSA]
ENCRYPTION_ALGORITHM=   3DES_CBC
HASH_ALGORITHM= SHA
AUTHENTICATION_METHOD=  RSA_SIG
GROUP_DESCRIPTION=  MODP_1024
Life=   LIFE_28800_SECS

[LIFE_28800_SECS]
LIFE_TYPE=  SECONDS
LIFE_DURATION=  28800,600:36000

Is there anyone who knows the magic sauce I'm failing to sprinkle on this
setup?  I would be grateful for any assistance.

Thanks.

-Dan

-- 
Burnished gallows set with red
 Caress the fevered, empty mind
 Of man who hangs bloodied and blind
 To reach for wisdom, not for bread.  -- Deoridhe Grimsdaughter



Re: Microsoft gets the Most Secure Operating Systems award

2007-09-04 Thread Lars Hansson
Welcome to a really long time ago.

---
Lars Hansson



Re: IPSec

2007-09-04 Thread Hans-Joerg Hoexer
Hi,

could you try the attached diff, please?

Index: message.c
===
RCS file: /cvs/src/sbin/isakmpd/message.c,v
retrieving revision 1.126
diff -u -p -r1.126 message.c
--- message.c   2 Jun 2007 01:29:11 -   1.126
+++ message.c   3 Sep 2007 22:30:46 -
@@ -927,6 +927,7 @@ message_validate_notify(struct message *
if (type  ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE ||
(type = ISAKMP_NOTIFY_RESERVED_MIN 
type  ISAKMP_NOTIFY_PRIVATE_MIN) ||
+   type == ISAKMP_NOTIFY_STATUS_CONNECTED ||
(type = ISAKMP_NOTIFY_STATUS_RESERVED1_MIN 
type = ISAKMP_NOTIFY_STATUS_RESERVED1_MAX) ||
(type = ISAKMP_NOTIFY_STATUS_DOI_MIN 



Re: That whole Linux stealing our code thing

2007-09-04 Thread Rui Miguel Silva Seabra
On Wed, Sep 05, 2007 at 01:53:53AM +1000, Sunnz wrote:
 2007/9/3, Rui Miguel Silva Seabra [EMAIL PROTECTED]:
  Then a choice of licenses is offered to the receiver. If he only uses the
  software, neither affects him, but if he distributes, he either does it
  under the terms of the GPL v2 or under the terms of the BSD, or just as
  dual licensed. Actually, strictly speaking, the word *alternatively* might
  be interpreted in a more radical way as meaning you can't distribute in a
  dual licensed form, but I don't subscribe that.
 
 
 Hi.
 
 My understanding is:
 
 1) BSD/ISC and GPL Licenses are just a set of condition that you need
 to satisfy should you like to re-distribute its code.

Two sets, actually, that interssect for the most portion of them.

 2) Dual License means you need to satisfy conditions of either BSD/ISC, or 
 GPL.
 
 So basically, all it tells you is that you are granted to
 re-distribute the source code under certain conditions, that however
 does not grant you any permission to alter its copyright notice,
 right?

If the person chooses to use the GNU GPL they have to respect the GNU GPL's
conditions, not the BSD ones.

Anyway, it's a moot point since the SFLC found a much more polite way of
converting to the GNU GPL without needing to remove it.

Rui

-- 
Wibble.
Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?



Re: That whole Linux stealing our code thing

2007-09-04 Thread Sunnz
2007/9/3, Rui Miguel Silva Seabra [EMAIL PROTECTED]:
 Then a choice of licenses is offered to the receiver. If he only uses the
 software, neither affects him, but if he distributes, he either does it
 under the terms of the GPL v2 or under the terms of the BSD, or just as
 dual licensed. Actually, strictly speaking, the word *alternatively* might
 be interpreted in a more radical way as meaning you can't distribute in a
 dual licensed form, but I don't subscribe that.


Hi.

My understanding is:

1) BSD/ISC and GPL Licenses are just a set of condition that you need
to satisfy should you like to re-distribute its code.

2) Dual License means you need to satisfy conditions of either BSD/ISC, or GPL.

So basically, all it tells you is that you are granted to
re-distribute the source code under certain conditions, that however
does not grant you any permission to alter its copyright notice,
right?
-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0



Any new OpenBSD/landisk hardware?

2007-09-04 Thread Alexander Hall

Hi all!

I've been looking around for the Plextor PX-EH{16,25,40}'s lately and 
discovered that they seem to be on the way out, if available at all. At 
least on the Swedish sites.


Is there any new OpenBSD compatible landisk-like hardware available, 
other than that listed on landisk.html?


(does not have to be restricted to OpenBSD/landisk, though)

/Alexander



Re: Ultraportable Laptop

2007-09-04 Thread nicodache
anybody with an Asus S6F(m) or U1F running OpenBSD ?
These are aslo quite small, and while the S6F is quite thick, it comes
with an internal DVD burner. Second battery push the autonomy up to
10h. Thinking about buying it, and using some BSD on it.

On 9/4/07, Marco Peereboom [EMAIL PROTECTED] wrote:
 I love my Fijitsu lifebook q2010.

 On Tue, Sep 04, 2007 at 12:01:36PM +0200, Raimo Niskanen wrote:
  Hi all!
 
  I am pondering on which ultraportable laptop would be fine
  for OpenBSD. The Lenovo ThinkPad X61 comes first to mind
  since OpenBSD traditionally has been good at ThinkPads,
  but a display of 1024x768 is too small. They should be
  bigger nowdays.
 
  Lenovo 3000 V100 (V200) is another choice, but it
  appears they do not have at all the same rugged
  mechanics as the ThinkPad series.
 
  Samsung Q35 is a notebook that appears to have familiar
  hardware, but I am too much of a novice to tell.
 
  Sony Vaio TZ is another praised notebook, but I hear
  the Sony Vaio series have been no good with OpenBSD.
 
 
  Comments? Has anyone run Samsung Q35? It seems to be
  the best alternative so far.
 
 
  --
 
  / Raimo Niskanen, Erlang/OTP, Ericsson AB



Re: That whole Linux stealing our code thing

2007-09-04 Thread Jacob Yocom-Piatt

Rui Miguel Silva Seabra wrote:

If the person chooses to use the GNU GPL they have to respect the GNU GPL's
conditions, not the BSD ones.

Anyway, it's a moot point since the SFLC found a much more polite way of
converting to the GNU GPL without needing to remove it.

  


speaking of moot and polite, i would appreciate it if you could refrain 
from posting any further about this topic, as your posts are (1) moot 
and (2) not very polite to the eyes and brains of other list readers. 
you have had more than ample opportunity to voice your opinions on the 
topic, now give it a rest.




Re: That whole Linux stealing our code thing

2007-09-04 Thread Daniel A. Ramaley
On Saturday 01 September 2007 17:49, Rui Miguel Silva Seabra wrote:
On Sat, Sep 01, 2007 at 04:40:53PM -0600, Theo de Raadt wrote:
  Most dictionaries I had at my hand define alternative as choices.
  You can get http://en.wiktionary.org/wiki/alternative

 Wow.  Let's all go practice law with a dictionary.

? But you mentioned dictionaries first...

You do realize that when it comes to legal documents, such as licenses, 
that general-purpose dictionaries are inadequate, right? If you want to 
look up legal terms, you need a law dictionary.

I think that if one is ignorant enough of law that one needs to consult 
a legal dictionary for more than one or two terms in order to 
understand a document, then perhaps it would be best to either do a lot 
of studying to become more knowledgeable, or find someone with more 
legal training to interpret the document. As a layperson with little 
in-depth knowledge of legal code, that's how i see things anyway.


Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA



Re: Any new OpenBSD/landisk hardware?

2007-09-04 Thread Diana Eichert

On Tue, 4 Sep 2007, Alexander Hall wrote:


Hi all!

I've been looking around for the Plextor PX-EH{16,25,40}'s lately and 
discovered that they seem to be on the way out, if available at all. At least 
on the Swedish sites.


Is there any new OpenBSD compatible landisk-like hardware available, other 
than that listed on landisk.html?


(does not have to be restricted to OpenBSD/landisk, though)

/Alexander


Plextor PX-EH h/w has been and is still readily available in the US,
though it has been heavily discounted recently at certain online
retailers.

diana



Re: That whole Linux stealing our code thing

2007-09-04 Thread Rui Miguel Silva Seabra
On Tue, Sep 04, 2007 at 11:37:00AM -0500, Daniel A. Ramaley wrote:
 On Saturday 01 September 2007 17:49, Rui Miguel Silva Seabra wrote:
 On Sat, Sep 01, 2007 at 04:40:53PM -0600, Theo de Raadt wrote:
   Most dictionaries I had at my hand define alternative as choices.
   You can get http://en.wiktionary.org/wiki/alternative
 
  Wow.  Let's all go practice law with a dictionary.
 
 ? But you mentioned dictionaries first...
 
 You do realize that when it comes to legal documents, such as licenses, 
 that general-purpose dictionaries are inadequate, right? If you want to 
 look up legal terms, you need a law dictionary.
 
 I think that if one is ignorant enough of law that one needs to consult 
 a legal dictionary for more than one or two terms in order to 
 understand a document, then perhaps it would be best to either do a lot 
 of studying to become more knowledgeable, or find someone with more 
 legal training to interpret the document. As a layperson with little 
 in-depth knowledge of legal code, that's how i see things anyway.

I think that if *alternative* means both at the same time in any reputable
dictionary (legal or not), then I'm on a parallel reality for sure.

Other than that, you're just being pretentious.

Rui

-- 
Or not.
Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?



Re: That whole Linux stealing our code thing

2007-09-04 Thread Sunnz
2007/9/5, Rui Miguel Silva Seabra [EMAIL PROTECTED]:
 On Wed, Sep 05, 2007 at 01:53:53AM +1000, Sunnz wrote:
  2007/9/3, Rui Miguel Silva Seabra [EMAIL PROTECTED]:
   Then a choice of licenses is offered to the receiver. If he only uses the
   software, neither affects him, but if he distributes, he either does it
   under the terms of the GPL v2 or under the terms of the BSD, or just as
   dual licensed. Actually, strictly speaking, the word *alternatively* might
   be interpreted in a more radical way as meaning you can't distribute in a
   dual licensed form, but I don't subscribe that.
 
 
  Hi.
 
  My understanding is:
 
  1) BSD/ISC and GPL Licenses are just a set of condition that you need
  to satisfy should you like to re-distribute its code.

 Two sets, actually, that interssect for the most portion of them.

  2) Dual License means you need to satisfy conditions of either BSD/ISC, or 
  GPL.
 
  So basically, all it tells you is that you are granted to
  re-distribute the source code under certain conditions, that however
  does not grant you any permission to alter its copyright notice,
  right?

 If the person chooses to use the GNU GPL they have to respect the GNU GPL's
 conditions, not the BSD ones.

GNU GPL, however, only grants the right to re-distribute (under
certain conditions), but not re-license, right?

BTW, if satisfying requires in GPL would imply satisfaction of BSDL anyway, no?


 Rui

 --
 Wibble.
 Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
 + No matter how much you do, you never do enough -- unknown
 + Whatever you do will be insignificant,
 | but it is very important that you do it -- Gandhi
 + So let's do it...?



-- 
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0



Re: That whole Linux stealing our code thing

2007-09-04 Thread Timo Schoeler
Thus Rui Miguel Silva Seabra [EMAIL PROTECTED] spake on Tue, 4 Sep 2007
18:38:09 +0100:

 On Tue, Sep 04, 2007 at 11:37:00AM -0500, Daniel A. Ramaley wrote:
  On Saturday 01 September 2007 17:49, Rui Miguel Silva Seabra wrote:
  On Sat, Sep 01, 2007 at 04:40:53PM -0600, Theo de Raadt wrote:
Most dictionaries I had at my hand define alternative as
choices. You can get http://en.wiktionary.org/wiki/alternative
  
   Wow.  Let's all go practice law with a dictionary.
  
  ? But you mentioned dictionaries first...
  
  You do realize that when it comes to legal documents, such as
  licenses, that general-purpose dictionaries are inadequate, right?
  If you want to look up legal terms, you need a law dictionary.
  
  I think that if one is ignorant enough of law that one needs to
  consult a legal dictionary for more than one or two terms in order
  to understand a document, then perhaps it would be best to either
  do a lot of studying to become more knowledgeable, or find someone
  with more legal training to interpret the document. As a layperson
  with little in-depth knowledge of legal code, that's how i see
  things anyway.
 
 I think that if *alternative* means both at the same time in any
 reputable dictionary (legal or not),

Show those. Besides this, it is WRONG.

http://en.wiktionary.org/wiki/alternative

Hence the meaning of ALTERNATIVE: NOT all at the same time. Maybe you
need a Heisenberg experience to understand?

 then I'm on a parallel reality
 for sure.

Obviously, yes.

 Other than that, you're just being pretentious.

Please, let this thread die.

Timo



Re: That whole Linux stealing our code thing

2007-09-04 Thread Rui Miguel Silva Seabra
On Tue, Sep 04, 2007 at 09:41:04PM +0200, Timo Schoeler wrote:
  I think that if *alternative* means both at the same time in any
  reputable dictionary (legal or not),
 
 Show those. Besides this, it is WRONG.
 
 http://en.wiktionary.org/wiki/alternative
 
 Hence the meaning of ALTERNATIVE: NOT all at the same time. Maybe you
 need a Heisenberg experience to understand?

Are you lying intentionally? NOT all at the same time is far from
the definition of the word in that page (which I had already linked to).

   1. A situation which allows a choice between two or more possibilities.
   2. A choice between two or more possibilities.
   3. One of several things which can be chosen.

All implying only one, and not both.

  then I'm on a parallel reality
  for sure.
 
 Obviously, yes.

Glad to.

  Other than that, you're just being pretentious.
 
 Please, let this thread die.

Glad you're helping it.

Rui

-- 
Hail Eris, Hack Linux!
Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?



ifstated.conf for pppoe

2007-09-04 Thread Jacob Yocom-Piatt
anybody got an ifstated.conf they're willing to share for having 
redundancy on their pppoe connection? example: your firewall that does 
the pppoe goes down and you want another machine to restart the pppoe 
session and route your network.


am building one right now and will post it if nobody else ponies up in 
the next few hours.


cheers,
jake

--



Re: That whole Linux stealing our code thing

2007-09-04 Thread Timo Schoeler
Thus Rui Miguel Silva Seabra [EMAIL PROTECTED] spake on Tue, 4 Sep 2007
20:52:59 +0100:

 On Tue, Sep 04, 2007 at 09:41:04PM +0200, Timo Schoeler wrote:
   I think that if *alternative* means both at the same time in any
   reputable dictionary (legal or not),
  
  Show those. Besides this, it is WRONG.
  
  http://en.wiktionary.org/wiki/alternative
  
  Hence the meaning of ALTERNATIVE: NOT all at the same time. Maybe
  you need a Heisenberg experience to understand?
 
 Are you lying intentionally?

Given that you live in a parallel world where everything is *^-1, I'm
saying the truth. Fine, good that you realize that.

 NOT all at the same time is far from
 the definition of the word in that page (which I had already linked
 to).

Huh?

1. A situation which allows a choice between two or more
 possibilities.

You are standing at the edge of Niagara Falls (as a matter of fact,
your parallel reality might not know something like this, so have a
look here [0]).

You have the CHOICE of jumping OR stepping back.

You do NOT have the possibility to do BOTH AT THE SAME TIME.

(Given your not at least an Angel or something similar.)

2. A choice between two or more possibilities.

Aha.

3. One of several things which can be chosen.

One. Of N. Very clear, isn't it?

 All implying only one, and not both.

Yes, and why do you state the opposite?

   then I'm on a parallel reality
   for sure.
  
  Obviously, yes.
 
 Glad to.

Yes, you'd be an all-time winner of the Darwin Awards [1] in this
universe.

   Other than that, you're just being pretentious.
  
  Please, let this thread die.
 
 Glad you're helping it.

Even your universe surely knows people use polemics when running out of
facts.

 Rui

Timo

[0] -- http://en.wikipedia.org/wiki/Niagara_Falls

[1] -- http://en.wikipedia.org/wiki/Darwin_Awards



Question about dynamic DNS (BIND 8 EOL: OpenBSD Makes It Easy)

2007-09-04 Thread Tom Van Looy

I read the article on undeadly and a question came up.

dhcpd in base install does not support dynamic DNS (which is modern I 
guess) so I followed this guide to configure a 4.0 box to support it 
http://www.bsdguides.org/guides/openbsd/networking/dynamic_dns_dhcp.php


But the following seems wrong to me:
cd /usr/sbin
mkdir isc-dhcp-2.0
mv dhcpd isc-dhcp-2.0/
mv /usr/local/sbin/dhcpd dhcpd

Because it breaks the rule of packages being outside of the base 
install. So, what is the correct way to do it? I'm going to upgrade 4.0 
to 4.2 when it releases so I actually am looking for information on this.


Or, is nobody using dynamic DNS for some reason?
Thanks for any advise about this.

Tom Van Looy



Re: Question about dynamic DNS (BIND 8 EOL: OpenBSD Makes It Easy)

2007-09-04 Thread Stuart Henderson
On 2007/09/04 22:13, Tom Van Looy wrote:

 But the following seems wrong to me:
 cd /usr/sbin
 mkdir isc-dhcp-2.0
 mv dhcpd isc-dhcp-2.0/
 mv /usr/local/sbin/dhcpd dhcpd

oh, that will cause fun 6-12 months later at upgrade time when you've
forgotten about it. run it from /usr/local/sbin in rc.local if you must...

 Or, is nobody using dynamic DNS for some reason?

I don't. If you do, watch out for the names people try to
register. Amusing things could probably done with wpad, for
example.



Re: That whole Linux stealing our code thing

2007-09-04 Thread Darrin Chandler
On Tue, Sep 04, 2007 at 10:08:46PM +0200, Timo Schoeler wrote:
  Are you lying intentionally?
 
 Given that you live in a parallel world where everything is *^-1, I'm
 saying the truth. Fine, good that you realize that.

I don't think you two are adding much to the common knowledge at this
point. Perhaps it's best moved to private email.

-- 
Darrin Chandler|  Phoenix BSD User Group  |  MetaBUG
[EMAIL PROTECTED]   |  http://phxbug.org/  |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation



How to properly configure man.conf

2007-09-04 Thread Amit
Hey guys,

Recently started using OpenBSD (4.0) as my development server. I just
installed dejagnu and one of the dependencies is TCL. At the end of
pkg_add, this is the output

*
sudo pkg_add -i dejagnu
...
dejagnu-1.4.3p4: complete
--- tcl-8.4.7p1 ---
You may wish to add /usr/local/lib/tcl8.4/man to /etc/man.conf
*

I tried editing man.conf and added the following lines,

**
_whatdb /usr/local/lib/tcl8.4/man/whatis.db

tcl /usr/local/lib/tcl8.4/man/

9F  /usr/local/lib/tcl8.4/man/{man}9
**

Now, I run the following command:

**
$ man Tcl
man: no entry for Tcl in the manual.
$ man -f Tcl
Tcl (n) - Tool Command Language
**

Am I missing something?

Thanks,
Amit



Re: How to properly configure man.conf

2007-09-04 Thread Jason McIntyre
On Tue, Sep 04, 2007 at 01:30:43PM -0700, Amit wrote:
 Hey guys,
 
 Recently started using OpenBSD (4.0) as my development server. I just
 installed dejagnu and one of the dependencies is TCL. At the end of
 pkg_add, this is the output
 
 *
 sudo pkg_add -i dejagnu
 ...
 dejagnu-1.4.3p4: complete
 --- tcl-8.4.7p1 ---
 You may wish to add /usr/local/lib/tcl8.4/man to /etc/man.conf
 *
 
 I tried editing man.conf and added the following lines,
 
 **
 _whatdb /usr/local/lib/tcl8.4/man/whatis.db
 
 tcl /usr/local/lib/tcl8.4/man/
 
 9F  /usr/local/lib/tcl8.4/man/{man}9
 **
 
 Now, I run the following command:
 
 **
 $ man Tcl
 man: no entry for Tcl in the manual.
 $ man -f Tcl
 Tcl (n) - Tool Command Language
 **
 
 Am I missing something?
 

you'll have to specify the section:

$ man -s tcl Tcl

that should pick it up, i think. if you add the tcl8.4 dir to _default, you
will be able to omit -s.

failing that, check that there are pages where you think, and that it is
Tcl and not tcl, or somesuch.

also see -M, -m, MANPATH, man(1), and man.conf(5). 

jmc



Re: That whole Linux stealing our code thing

2007-09-04 Thread Rui Miguel Silva Seabra
Hi Sunnz,

On Wed, Sep 05, 2007 at 04:32:20AM +1000, Sunnz wrote:
  If the person chooses to use the GNU GPL they have to respect the GNU GPL's
  conditions, not the BSD ones.
 
 GNU GPL, however, only grants the right to re-distribute (under
 certain conditions), but not re-license, right?

No, the GNU GPL grants you the rights to
 0. run it for any purpose
 1. study  modify it
 2. reditribution of pristine copies
 3. redistribution of derivatives

All this just like the BSD. However, unlike the BSD, it does so in a reciprocal
level: if you redistribute in the conditions of 2. or 3. you must license it
under these (the GNU GPL's) terms.

 BTW, if satisfying requires in GPL would imply satisfaction of BSDL anyway, 
 no?

It's closer to include than imply, if you want to use these terms, since
satisfying the BSDL means allowing proprietary derivatives, which the GPL aims
to forbid.

Rui

-- 
Kallisti!
Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?



Re: partioning for multiple OS's

2007-09-04 Thread stan
On Tue, Sep 04, 2007 at 08:30:27AM +0200, Guido Tschakert wrote:
 stan schrieb:
  I have a new laptop.
  
  It came with Vista on it. I used gpartd to resize those partions, and added
  Ubuntu. Now I want to add OpenBSD, and FreeBSD. I'd like to do OpenBSD
  next.
  
  When I boot the 4.1 CD, I get to the partioning step, and I am confused.
  Since I can't figure out how to capture the screen imafe from a machine
  booted off of the CD. I'll show you what Linux's cfdisk shows.
  
  NameFlags  Part Type  FS Type  [Label]Size (MB)
  --
sda1Primary   Unknown (27)  10479.01 
sda2BootPrimary   FAT16[]   31453.48
sda3Primary   Linux ReiserFS3.54
sda5Logical   Linux swap / Solaris   3997.49
Logical   Free Space74109.78
  
  How can I acomplish this?
  
  
  
 
 
 Hello,
 
 do you need to have dual (triple, quadruple) boot, or would you like to
 hear about other possibilities?

Call me old fashinoned, but I prefer multiple boot.

-- 
I'm sorry, no one here has any intentions of helping you with anything. 
I am the manager of all of Customer Service.



Re: ifstated.conf for pppoe

2007-09-04 Thread Can E. Acar
 anybody got an ifstated.conf they're willing to share for having 
 redundancy on their pppoe connection? example: your firewall that does 
 the pppoe goes down and you want another machine to restart the pppoe 
 session and route your network.

I dont have the configuration with me right now (and it is probably gone
since the site using it does not have adsl anymore) however the most
fun configuration I did was something like that:

two adsl links, two OpenBSD firewalls, using carp for failover.
each firewall had connections to _both_ adsl modems, so that
they can balance outgoing stuff.

The load balancing was done using multipath routing (route -multi).
The carp was used on the inner interface.

So if carp was master, I would bring UP both pppoe interfaces
if one of the pppoe connections went down, I would adjust
routing to route over the remaining session etc.

In order to make failover work smoothly, I matched the MAC
addresses on the corresponding outer interfaces of each
firewall so that they can see the same pppoe sessions,
and built the kernel with PPPOE_TERM_UNKNOWN_SESSIONS

Can

-- 
In theory, there is no difference between theory and practice.
But, in practice, there is.



Max throughput ?

2007-09-04 Thread Michael Gale

Hey,

	It was suggested that we create an OpenBSD server with 9GB interfaces 
to start. 7 Will be used right off the bat.


This would function as a core router brining 7 GB networks together on 
the inside of a main firewall. I suggested that maybe we would have some 
bandwidth issues with trying to push that much traffic through a single 
server.


Can any one comment on this ? Would it not be better to use some think 
like a Cisco layer 3 GB switch.


--
Michael Gale

Nothing is impossible to a willing mind. - Monk Hae Chang



Re: Microsoft gets the Most Secure Operating Systems award

2007-09-04 Thread Nick Shank

The One wrote:

But how would it spread? There have been 2 OS X viruses, yet they
spread terribly.

And Apple has already fixed the issue. :)

-The One

On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote:
  

On 9/1/07, The One [EMAIL PROTECTED] wrote:


On 3/23/07 2:53 AM, Theo de Raadt wrote:
  

Symantec have been trying to demonise OS X for a long while.
  

And it is going to work soon.

Because OS X has no Propolice-like compiler stack protection, nor
anything like W^X which makes parts of the address space
non-executable, nor anything like address space randomization which
makes certain attacks very difficult, especially with the previous two
techniques.

So when they have a bug, it is exploitable just like bugs are on any
other powerpc or i386 machine running some other operating system.

These days even operating systems like Vista have the above 3 security
technologies.



First of all, bugs and viruses are two different things.

Second, OS X does not need third-party protection. All of the
protection is built into the OS!

If Vista is so secure, then why does one need to download
virus/spyware protection when it can simply be built into the OS?

-The One


  

I don't have virus/spyware protection and I've been fine before with
Vista and XP.

Perhaps you mean to say why do users who install things they
shouldn't need virus/spyware protection? which I would argue that the
OS doesn't matter. I could write a script that asks for rootly
permission in OS X and start nuking stuff with the promise of prettier
icons for their desktop or IM client.

If you were to argue for worms and things of the like, then I would
agree. The only virus I will probably ever catch is some zero-day that
hits the world and gets in my work network (won't happen at my house
-- I live alone)



  
Here we hit the heart of the issue. The virus and spyware detection 
software for Windows isn't really to protect to the OS. It's to protect 
the user from themselves.




Re: Any new OpenBSD/landisk hardware?

2007-09-04 Thread Alexander Hall

Diana Eichert wrote:

On Tue, 4 Sep 2007, Alexander Hall wrote:


Hi all!

I've been looking around for the Plextor PX-EH{16,25,40}'s lately and 
discovered that they seem to be on the way out, if available at all. 
At least on the Swedish sites.


Is there any new OpenBSD compatible landisk-like hardware available, 
other than that listed on landisk.html?


(does not have to be restricted to OpenBSD/landisk, though)

/Alexander


Plextor PX-EH h/w has been and is still readily available in the US,
though it has been heavily discounted recently at certain online
retailers.

diana


That scares me a little, since if there will be no hardware available, I 
guess the development of obsd/landisk will eventually come to an end. 
Well, thinking of it, I guess the sh4 could have other uses than serving 
landisk's.


Anyway, you don't happen to know any retailers that ship world-wide (or 
at least Sweden-wide), with decent shipping costs? I looked around a bit 
and it seems to me that most of them are only targeting the US market. 
Of course, I may be totally blind.


While at the subject, are the Plextor's really as useless for serving 
files as sometimes stated? The two drives I'm aiming to buy are supposed 
to form a geographically separated, rsync'd, storage pair. Mainly for 
documents, i.e. no streaming video or so. Samba and nfs comes to mind, 
but really not much more. I'd estimate at most two simultaneous users 
but probably less. :-)


Is the bottleneck a slow processor, the hard drive, lousy I/O or 
something else?


Thanks,
/Alexander



switch or server? (was Re: Max throughput ?)

2007-09-04 Thread David Newman
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 9/4/07 3:03 PM, Michael Gale wrote:
 Hey,
 
 It was suggested that we create an OpenBSD server with 9GB
 interfaces to start. 

I think here you mean 9 1-Gbit/s interfaces

7 Will be used right off the bat.
 
 This would function as a core router brining 7 GB networks together on
 the inside of a main firewall. I suggested that maybe we would have some
 bandwidth issues with trying to push that much traffic through a single
 server.

RFCs 2544 and 2889 define router and switch test methodologies.

A related document, RFC 1242, defines throughput as the maximum
zero-loss rate. Note that throughput is a single rate. Ergo, there's no
such thing as max or min or any other kind of throughput. There's
just throughput.

 Can any one comment on this ? Would it not be better to use some think
 like a Cisco layer 3 GB switch.

Most el cheapo gig switches will do the job without packet loss.

Manageability, routing, an sshd server, redundant power, support, etc.,
cost extra.

Commercial switches achieved line-rate, zero-loss performance around a
decade ago, with small-frame latency and jitter in the tens of
microseconds. These use ASICs or FPGAs or NPs to get there.

Big studly servers equipped with 10G interfaces currently achieve
goodput somewhere north of 1G but south of 10G with higher latency and
jitter than switches. I'm not aware of anyone getting loss-free
performance at N-Gbit/s (where N  7) using server hardware alone.

dn
iD8DBQFG3eCTyPxGVjntI4IRAqu8AKDotF/6ReuA+V/L2Z6Ng7f8tbCpQgCg1YR4
4g+vFsK6cmph88YQGnrXl54=
=0N3R
-END PGP SIGNATURE-



Re: filesystems?

2007-09-04 Thread Tonnerre LOMBARD
Salut,

On Tue, Sep 04, 2007 at 01:10:14PM +0200, Eric Elena wrote:
 No I didn't. Is it so fun? :)

Oh yes. By the way, I must say that for additional fun, the directory
names were A, B, C, ..., Y, Z. Gives you quite something to search for.

Tonnerre

[demime 1.01d removed an attachment of type application/pgp-signature]



Is Intel 82566MM supported?

2007-09-04 Thread Roman Strogin
Many latest laptops have Intel 82566MM Gigabit Ethernet controller.
On man pages I read that em driver supports 82566DC,
82566DM. Is 82566MM supported?

Roman.



Re: That whole Linux stealing our code thing

2007-09-04 Thread Jona Joachim
On Sat, 1 Sep 2007 08:40:30 -0500
Marco Peereboom [EMAIL PROTECTED] wrote:

 Wrong wrong wrong.
 
 You interpretation is not relevant.  The interpretation of the law is.
 You can't go around changing legal interpretation at your convenience.
 
 I interpret that downloading mp3s is like totally legal now doesn't
 make it so.  Try it and see what happens.
 
 Let me try once more to explain how this works.  Here is the license
 of a piece of code I wrote:
  * Copyright (c) 2007 Marco Peereboom [EMAIL PROTECTED]
  *
  * Permission to use, copy, modify, and distribute this software for
 any
  * purpose with or without fee is hereby granted, provided that the
  * above  copyright notice and this permission notice appear in all
 copies.
 
 This means if you want to use my code in any way shape or form you
 MUST maintain the copyright  license.  It says on ALL copies
 therefore this includes other code, binary files, source, GPL goo etc.
 
 The whole point is that one can't go around interpreting law.  That's
 a judge's job.  I am not interpreting any licenses for anybody, I am
 stating facts as they exist today in the frame of the law.  Don't like
 that?  I suggest suing someone to see if you can get a judge to agree
 with your interpretation; from there you can claim jurisprudence.
 
 On Sat, Sep 01, 2007 at 08:52:45AM -0400, David H. Lynch Jr. wrote:
  Theo de Raadt wrote:
  
  For the record -- I was right and the Linux developers cannot
  change the licenses in any of those ways proposed in those diffs,
  or that conversation (http://lkml.org/lkml/2007/8/28/157).
  
  It is illegal to modify a license unless you are the owner/author,
  because it is a legal document.  
  
 With respect to both you and Eban, I  would disagree..
  
 The law requires complying with the license not preserving it.
 The license is a part of the copyrighted work.
 It grants users rights beyond those of copyright law.
 
 Wrong.  Copyright includes ALL rights; the license is what surrenders
 some of these rights.  Copyright is INCLUSIVE.  In other words if if
 write my totally 1337 program that has NO license it automatically is
 completely covered by copyright.  One can NOT copy it, can NOT modify
 it  can NOT distribute it.  It is the most restrictive license.
 
  
 The ISC License requires little more than preserving the
  copyright notice, not the license itself,
 And even that I would think is redundant as removing a copyright
  notice would likely violate copyright law.
 
 Not likely; it is breaking the law.
 
  
 BSD Licensed code has found its way into proprietary products,
  with no availability of source - and no preservation
 of license.
 
 Try to run strings on windows command line utilities.  You'll see that
 they preserved the copyrights as required.
 
 If you are not preserving the copyrights and the license in the file
 you are breaking the law.

I did run strings on some Windows XP command line tools just out of
curiosity and while I was able to find the copyright line I couldn't
find any license.
I don't want to reanimate this thread, I want it to die as quickly as
possible but I was just wondering why they don't need to provide the
license conditions.


Jona

-- 
I am chaos. I am the substance from which your artists and scientists
build rhythms. I am the spirit with which your children and clowns
laugh in happy anarchy. I am chaos. I am alive, and tell you that you
are free. Eris, Goddess Of Chaos, Discord  Confusion



Re: That whole Linux stealing our code thing

2007-09-04 Thread Theo de Raadt
 I did run strings on some Windows XP command line tools just out of
 curiosity and while I was able to find the copyright line I couldn't
 find any license.

The license on that code says:

 * 1. Redistributions of source code must retain the above copyright
 *notice, this list of conditions and the following disclaimer.

What you ran strings on is not source code.  It was the binary.

Then license on the original code continues:

 * 2. Redistributions in binary form must reproduce the above copyright
 *notice, this list of conditions and the following disclaimer in the
 *documentation and/or other materials provided with the distribution.

Well, if you take your Microsoft documentation, and dig really deep,
you will find the whole notice copied into it there.  Go ahead, you'll
find it.  Can't take that long.

Furthermore, older copies of the license used to say:

 * 3. All advertising materials mentioning features or use of this software
 *must display the following acknowledgement:
 *This product includes software developed by the University of
 *California, Berkeley and its contributors.

And.. once again, older copies of Windows DID follow that rule, too,
just like Sun and everyone else.  The only vendor who ever failed to
do this was ATT / USL, who included modified BSD manuals in their
Unixware commercial distributions, and that mistake resulted in USL
losing the USL v BSDI  University of California lawsuit.  (I have
simplified the situation, s/losing/settling at a serious loss/).

That particular term was rescinded on July 22, 1999 by UCB, and since
that time vendors are no longer required to follow term 3.  Some still
do, though, since their licensing-in-advertising people haven't heard
the news.

After UCB recinded that term, Todd Miller and I went and found all the
code in the tree where that license term had been copied, and used by
a new author -- and we contacted those author and asked them to recind
their term too.  I think, in the end, they all did.

As far as I know the 3-term BSD license is totally dead, except in
NetBSD, where their group still pushes developers to place new code
under a full 4-term license.  Sometimes we reluctantly include such
code, hoping that one day this situation can be improved.

 I don't want to reanimate this thread, I want it to die as quickly as
 possible but I was just wondering why they don't need to provide the
 license conditions.

Microsoft, like everyone else, follows the license to a 'T'.


Sorry, I probably gave you more information than you wanted.



Re: That whole Linux stealing our code thing

2007-09-04 Thread Brett Lymn
On Tue, Sep 04, 2007 at 06:16:35PM -0600, Theo de Raadt wrote:
 
 As far as I know the 3-term BSD license is totally dead, except in
 NetBSD, where their group still pushes developers to place new code
 under a full 4-term license.  Sometimes we reluctantly include such
 code, hoping that one day this situation can be improved.
 

The 4 term licence in NetBSD is mostly dead too.  It is not pushed as
desirable at all, it is up to the individual developer to use the
licence they feel appropriate and that seems, more often than not, to
be the 3 term licence.

Not that it matters much but I think the advertising clause is a waste
of time and does make life far more difficult for the people who do
want to comply with the licence conditions - they have to trawl
through all the code and pull out all the individuals that want their
names mentioned.  It made a little more sense when the sources were
under the BSD umbrella but now it's just silly having to list a cast
of thousands in any advertising.

-- 
Brett Lymn



Re: That whole Linux stealing our code thing

2007-09-04 Thread Jona Joachim
On Tue, 04 Sep 2007 18:16:35 -0600
Theo de Raadt [EMAIL PROTECTED] wrote:

  I did run strings on some Windows XP command line tools just out of
  curiosity and while I was able to find the copyright line I couldn't
  find any license.
 
 The license on that code says:
 
  * 1. Redistributions of source code must retain the above copyright
  *notice, this list of conditions and the following disclaimer.
 
 What you ran strings on is not source code.  It was the binary.
 
 Then license on the original code continues:
 
  * 2. Redistributions in binary form must reproduce the above
 copyright
  *notice, this list of conditions and the following disclaimer in
 the
  *documentation and/or other materials provided with the
 distribution.
 
 Well, if you take your Microsoft documentation, and dig really deep,
 you will find the whole notice copied into it there.  Go ahead, you'll
 find it.  Can't take that long.

Thanks a lot for the clarification!

  I don't want to reanimate this thread, I want it to die as quickly
  as possible but I was just wondering why they don't need to provide
  the license conditions.
 
 Microsoft, like everyone else, follows the license to a 'T'.
 
 
 Sorry, I probably gave you more information than you wanted.

You can't get too much information IMO.
While I knew the rough lines of the story it's interesting to read some
details. Thanks for that!


Jona

-- 
I am chaos. I am the substance from which your artists and scientists
build rhythms. I am the spirit with which your children and clowns
laugh in happy anarchy. I am chaos. I am alive, and tell you that you
are free. Eris, Goddess Of Chaos, Discord  Confusion



Re: Atheros 5424

2007-09-04 Thread Tobias Weingartner
In article [EMAIL PROTECTED], Aaron Hsu wrote:
 
 I am just wondering if any work is going into the Atheros 5424 chipset? (I 
 noticed some disturbing news about new code being added to the Atheros code.)
 
 How much work would be involved to get the chipset working?

Documentation?  Seriously, why not ask Atheros for programming docs
for the chipset in question?

-- 
 [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax



Re: That whole Linux stealing our code thing

2007-09-04 Thread Theo de Raadt
  As far as I know the 3-term BSD license is totally dead, except in
  NetBSD, where their group still pushes developers to place new code
  under a full 4-term license.  Sometimes we reluctantly include such
  code, hoping that one day this situation can be improved.
  
 
 The 4 term licence in NetBSD is mostly dead too.  It is not pushed as
 desirable at all, it is up to the individual developer to use the
 licence they feel appropriate and that seems, more often than not, to
 be the 3 term licence.

I beg to differ.  Do a grep of their entire tree.  You'll be surprised.



Re: That whole Linux stealing our code thing

2007-09-04 Thread Marco Peereboom
blah blah blah

You are worse than a mother in law.  Shut up already.  Your drivel
stopped being amusing 178000 emails ago.

On Tue, Sep 04, 2007 at 10:18:33PM +0100, Rui Miguel Silva Seabra wrote:
 Hi Sunnz,
 
 On Wed, Sep 05, 2007 at 04:32:20AM +1000, Sunnz wrote:
   If the person chooses to use the GNU GPL they have to respect the GNU 
   GPL's
   conditions, not the BSD ones.
  
  GNU GPL, however, only grants the right to re-distribute (under
  certain conditions), but not re-license, right?
 
 No, the GNU GPL grants you the rights to
  0. run it for any purpose
  1. study  modify it
  2. reditribution of pristine copies
  3. redistribution of derivatives
 
 All this just like the BSD. However, unlike the BSD, it does so in a 
 reciprocal
 level: if you redistribute in the conditions of 2. or 3. you must license it
 under these (the GNU GPL's) terms.
 
  BTW, if satisfying requires in GPL would imply satisfaction of BSDL anyway, 
  no?
 
 It's closer to include than imply, if you want to use these terms, since
 satisfying the BSDL means allowing proprietary derivatives, which the GPL aims
 to forbid.
 
 Rui
 
 -- 
 Kallisti!
 Today is Boomtime, the 28th day of Bureaucracy in the YOLD 3173
 + No matter how much you do, you never do enough -- unknown
 + Whatever you do will be insignificant,
 | but it is very important that you do it -- Gandhi
 + So let's do it...?



Re: How do I configure Cyclades Z serial ports with OpenBSD?

2007-09-04 Thread Don Jackson
OK, thanks for the pointers!

I rebuilt the kernel, uncommenting the cz driver.
Installed the new kernel on that machine, rebooted.

Now I get:

Sep  4 21:15:18 log01 /bsd: cz0 at pci1 dev 9 function 0 Cyclades
Cyclom-Z rev 0x01cz0: Cyclades-Ze, no channels at
tached, firmware 3.3.1
Sep  4 21:15:18 log01 /bsd: cz0: polling mode, 20 ms interval (2 ticks)

But I don't see any /dev/ttyZ?? ports.  What do I do next?

Thanks!

Don


On 9/2/07, Martin Reindl [EMAIL PROTECTED] wrote:
 Don Jackson [EMAIL PROTECTED] wrote:

  Hello,
 
  I am running OpenBSD 4.1 stable.
  I installed a Cyclades Ze PCI card, and hooked it up to the external 1U box.
 
  When my machine boots, I see:
 
Cyclades Cyclom-Z rev 0x01 at pci1 dev 9 function 0 not configured
 
  So the OS/driver does see the card.
 
  How do I get from where I am to functioning /dev/ttyZ?? ports?
 
  Thank you in advance for any advice or pointers you can give me.
 
  Don

 Have a look at the cz(4) driver, you need to comment it out in GENERIC
 (preferably in -current).