upgrading ports from 4.1 to 4.2
I will be upgrading my ports tree from 4.1-release to 4.2-release when 4.2 comes out. This is my first ports upgrade. So I was wondering if my action plan looks right: - backup my existing 4.1 /usr/ports directory - untar the 4.2 ports tgz file in /usr/ports - go to /usr/ports/path/to/application to update each application - do I need to do this for each individual application I installed from the ports tree? Is there any automated way of doing this? - also is there any way to distinguish applications I installed from the package list and applications I installed from the ports tree? Thanks.
Re: upgrading ports from 4.1 to 4.2
On 2007/09/10 16:13, Chris wrote: - also is there any way to distinguish applications I installed from the package list and applications I installed from the ports tree? No; ports just create packages. If you 'make install' this checks /usr/ports/packages/whatever/foo.tgz is up-to-date and builds it if necessary, then runs pkg_add on it. But this is of little consequence... do the pkg_add -ui, then ls -l /var/db/pkg and you can easily spot anything that didn't get updated.
problem with ipsec tunnel between pix and openbsd
Hi, I setup a tunnel between a pix and an openbsd isakmpd to connect two networks behind each tunnel endpoint. pinging through the tunnel from both sides works, for the first 15 minutes. then the ping stops working. When I recreate the tunnel, then the ping starts to work again. I start isakmpd with isakmpd -k and I use ipsecctl to activate the tunnel. To work around the problem I added dead peer detection to the isakmpd.conf file. It checks every 10 seconds for a dead peer, this detects that the tunnel is not in a good state, and restarts it. I also found in an old howto that I have to create a policy file, that says that the OpenBSD box is the initiator of the tunnel. I have not found a way to prevent the tunnel to go into that bad state. I think I have a problem with rekeying. In my eyes activating the DPD is only a working on the symptoms, so I assume there must be a better way to fix the problem. here my isakmpd.conf file: [General] Listen-on=131.103.56.171 Default-phase-1-lifetime= 28800,60:86400 Default-phase-2-lifetime= 1200,60:86400 DPD-check-interval= 10 Policy-File=/etc/isakmpd/isakmpd.policy and here my ipsecctl.conf file: ike active esp from 192.168.0.0/24 to 10.1.0.0/24 \ local $my_gw peer $remote_gw \ main auth hmac-md5 enc 3des group grp2 \ quick auth hmac-md5 enc aes group none \ psk MyTopSecretKey any idea what I can try to prevent the tunnel stop working? kind regards Sebastian
Re: scanner??
I forgot to mention... ahem... I want to use it with OpenBSD, of course... (just in case of) Pau 2007/9/10, Vim Visual [EMAIL PROTECTED]: Hi, Yet almost an amateur, I have totally moved to OpenBSD, I have preordered my CDs, I bought them in the last release, tshirt/s too and I am a missionary of the Unique Truth and try to convert all salvages around me to it. Now, I am looking forward to buying a scanner. I don't want a scanner, printer, washing machine and vacuum cleaner, I just want a scanner that scans documents and pictures. That's it. ... and I wonder whether any of you has a recommendation for me. Do you? Thanks a lot, Pau Amaro Seoane
Re: scanner??
On Monday 10 September 2007 12:08:48 Vim Visual wrote: ... and I wonder whether any of you has a recommendation for me. Epson are usually very well supported. See: http://www.sane-project.org/cgi-bin/driver.pl -- Antoine
scanner??
Hi, Yet almost an amateur, I have totally moved to OpenBSD, I have preordered my CDs, I bought them in the last release, tshirt/s too and I am a missionary of the Unique Truth and try to convert all salvages around me to it. Now, I am looking forward to buying a scanner. I don't want a scanner, printer, washing machine and vacuum cleaner, I just want a scanner that scans documents and pictures. That's it. ... and I wonder whether any of you has a recommendation for me. Do you? Thanks a lot, Pau Amaro Seoane
Re: /bin file called [
On 2007/09/10 11:44, Didier Wiroth wrote: When I do my own release I noticed that a file called [ is created in the /bin directory: This file is not present in the official base4x.tgz file (from ftp or cd) it's there, it's just a little difficult to escape correctly. $ tar tzf /data/ftp/pub/OpenBSD/snapshots/i386/base42.tgz ./bin/[[] ./bin/[
Re: /bin file called [
On Monday 10 September 2007 11:44:24 Didier Wiroth wrote: Hello, When I do my own release I noticed that a file called [ is created in the /bin directory: Here is an ls -la of /bin, see the first file: $ ll /bin/ total 16080 drwxr-xr-x 2 root wheel 1.0K May 18 16:33 . drwxr-xr-x 14 root wheel 512B May 18 17:00 .. -r-xr-xr-x 2 root bin89.8K May 18 16:33 [ This file is a hardlink. $ man [ TEST(1)OpenBSD Reference ManualTEST(1) NAME test - condition evaluation utility SYNOPSIS test expression [ expression ] .. $ ls -il /bin/\[ /bin/test 1869 -r-xr-xr-x 2 root bin 79136 Aug 23 18:10 /bin/[ 1869 -r-xr-xr-x 2 root bin 79136 Aug 23 18:10 /bin/test - see, same inode -- Antoine
Re: /bin file called [
Didier Wiroth wrote: Hello, When I do my own release I noticed that a file called [ is created in the /bin directory: -r-xr-xr-x 2 root bin89.8K May 18 16:33 [ -r-xr-xr-x 2 root bin89.8K May 18 16:33 test Hard link to /bin/test, see test(1) $ ls -l /bin/[ -r-xr-xr-x 2 root bin 79136 Mar 11 2007 /bin/[ $ ls -l /bin/test -r-xr-xr-x 2 root bin 79136 Mar 11 2007 /bin/test $ file /bin/[ /bin/[: ELF 32-bit LSB executable, Intel 80386, version 1, for OpenBSD, statically linked, stripped $ uname -a OpenBSD teak.kepax.co.uk 4.1 GENERIC#1435 i386
Re: /bin file called [
On Mon, Sep 10, 2007 at 11:44:24AM +0200, Didier Wiroth wrote:
| Hello,
| When I do my own release I noticed that a file called [ is created in the
/bin directory:
| Here is an ls -la of /bin, see the first file:
| $ ll /bin/
| total 16080
| -r-xr-xr-x 2 root bin89.8K May 18 16:33 [
| -r-xr-xr-x 2 root bin89.8K May 18 16:33 test
^-- Note the linkcount...
Try the following : ls -li /bin/{[,test}
You'll see that [ and test have the same inode number. This is because
they are the same program. Try reading the manpage for [(1) ('man [').
| This file is not present in the official base4x.tgz file (from ftp or
cd)
| I noticed that this file was created on my i386 and my amd64 platforms
| Has anyone else noticed that?
This file is present on my sparc64 machine which I installed from the
official 4.1 CD. I think you'll find that base4x.tgz has this hardlink
and installs it each and every time ;)
Cheers,
Paul 'WEiRD' de Weerd
--
[++-]+++.+++[---].+++[+
+++-].++[-]+.--.[-]
http://www.weirdnet.nl/
[demime 1.01d removed an attachment of type application/pgp-signature]
/bin file called [
Hello, When I do my own release I noticed that a file called [ is created in the /bin directory: Here is an ls -la of /bin, see the first file: $ ll /bin/ total 16080 drwxr-xr-x 2 root wheel 1.0K May 18 16:33 . drwxr-xr-x 14 root wheel 512B May 18 17:00 .. -r-xr-xr-x 2 root bin89.8K May 18 16:33 [ -r-xr-xr-x 1 root bin 103K May 18 16:33 cat -r-xr-xr-x 3 root bin 208K May 18 16:33 chgrp -r-xr-xr-x 1 root bin 104K May 18 16:33 chio -r-xr-xr-x 3 root bin 208K May 18 16:33 chmod -r-xr-xr-x 5 root bin 127K May 18 16:33 cksum -r-xr-xr-x 1 root bin 116K May 18 16:33 cp -r-xr-xr-x 3 root bin 310K May 18 16:33 cpio -r-xr-xr-x 1 root bin 320K May 18 16:33 csh -r-xr-xr-x 1 root bin 112K May 18 16:33 date -r-xr-xr-x 1 root bin99.4K May 18 16:33 dd -r-xr-xr-x 1 root bin96.1K May 18 16:33 df -r-xr-xr-x 1 root bin86.4K May 18 16:33 domainname -r-xr-xr-x 1 root bin85.4K May 18 16:33 echo -r-xr-xr-x 1 root bin 186K May 18 16:33 ed -r-xr-xr-x 2 root bin 241K May 18 16:33 eject -r-xr-xr-x 1 root bin 132K May 18 16:33 expr -r-xr-xr-x 1 root bin86.4K May 18 16:33 hostname -r-xr-xr-x 1 root bin86.3K May 18 16:33 kill -r-xr-xr-x 3 root bin 388K May 18 16:33 ksh -r-xr-xr-x 1 root bin87.8K May 18 16:33 ln -r-xr-xr-x 1 root bin 206K May 18 16:33 ls -r-xr-xr-x 5 root bin 127K May 18 16:33 md5 -r-xr-xr-x 1 root bin 103K May 18 16:33 mkdir -r-xr-xr-x 2 root bin 241K May 18 16:33 mt -r-xr-xr-x 1 root bin 191K May 18 16:33 mv -r-xr-xr-x 3 root bin 310K May 18 16:33 pax -r-xr-xr-x 1 root bin 236K May 18 16:33 ps -r-xr-xr-x 1 root bin86.3K May 18 16:33 pwd -r-xr-xr-x 1 root bin 253K May 18 16:33 rcp -r-xr-xr-x 3 root bin 388K May 18 16:33 rksh -r-xr-xr-x 1 root bin 205K May 18 16:33 rm -r-xr-xr-x 1 root bin94.5K May 18 16:33 rmail -r-xr-xr-x 5 root bin 127K May 18 16:33 rmd160 -r-xr-xr-x 1 root bin99.3K May 18 16:33 rmdir -r-xr-xr-x 3 root bin 388K May 18 16:33 sh -r-xr-xr-x 5 root bin 127K May 18 16:33 sha1 -r-xr-xr-x 1 root bin98.9K May 18 16:33 sleep -r-xr-xr-x 1 root bin 110K May 18 16:33 stty -r-xr-xr-x 5 root bin 127K May 18 16:33 sum -r-xr-xr-x 1 root bin 6.0K May 18 16:33 sync -r-xr-xr-x 1 root bin 420K May 18 16:33 systrace -r-xr-xr-x 3 root bin 310K May 18 16:33 tar -r-xr-xr-x 2 root bin89.8K May 18 16:33 test This file is not present in the official base4x.tgz file (from ftp or cd) I noticed that this file was created on my i386 and my amd64 platforms Has anyone else noticed that? Thanks a lot Didier
Re: upgrading ports from 4.1 to 4.2
On 10/09/2007, nicodache [EMAIL PROTECTED] wrote: package are nice, but hwo do they handle flavor ? because I installed a system without X, and each time in try to install (by ports) a new software, it tries to compile it using X, and thus fails. are package compiled using standard choice, thus using X I don't have ? or are package built in a more intelligent manner, like based on what's already installed ? (If you want to send me to a man page I didn't found, please do ;)) Non X11 FLAVORS are suffixed with 'no-x11' As to whether all flavors are built; I am unsure. -- Best Regards Edd --- http://students.dec.bournemouth.ac.uk/ebarrett
Virtualisation
Hello there, Does OpenBSD support virtualisation where multiple computers operate as one single virtual system rather than just one system running as multiple virtual systems? I am thinking of buying a series of blade systems which I want to run as one single system to offer redundancy for increased reliability. Does anyone have any suggestions as to which would be the most suitable ones to choose? I know Sun advertise Solaris as being capable of this but don't yet know about xBSD. I rather like Sun Microsystems kit but have yet to decide which I will go for. It will be used for a high volume network so will need something with a high bandwidth capacity. Regards, A.
Re: Ports changes web page is badly out of date
Landry Breuil wrote: http://www.openbsd.org/portsplus/index.html which is referenced by http://www.openbsd.org/plus42.html yeah, perhaps someone feels like start keeping portsplus up to date from now on? please contact me if so. http://ports.openbsd.nu/ homepage would be a good start point to collect information, or creating an automatic system parsing ports-changes@ messages.. but OpenBSD website is fully static, so page would have to be manually updated. Just copying machine-wise from a maillist to a webpage is probably not what you'd want anyhow, but rather like plus.html, where someone (like me) actually does some kind of selection of what actually affects users and what doesn't.
Re: Virtualisation
On Sep 10, 2007, at 8:01 AM, Adrian Fisher wrote: Hello there, Does OpenBSD support virtualisation where multiple computers operate as one single virtual system rather than just one system running as multiple virtual systems? I am thinking of buying a series of blade systems which I want to run as one single system to offer redundancy for increased reliability. Does anyone have any suggestions as to which would be the most suitable ones to choose? I know Sun advertise Solaris as being capable of this but don't yet know about xBSD. I rather like Sun Microsystems kit but have yet to decide which I will go for. It will be used for a high volume network so will need something with a high bandwidth capacity. There are clustering features in OpenBSD (e.g. CARP) and in ports, but it doesn't support a whole-system method of clustering. It would help to know what you're trying to support via aggregation and redundancy (bandwidth, databases, application servers, etc). By the way, what happens when your blade chassis craps out? ;) --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: Ports changes web page is badly out of date
Hi, http://ports.openbsd.nu/ homepage would be a good start point I agree. I use this page a lot and it's quite a nice interface. -- Best Regards Edd --- http://students.dec.bournemouth.ac.uk/ebarrett
Re: /bin file called [
Thank you all for the info!
- -
Didier Wiroth
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Paul de Weerd
Sent: 10 September 2007 13:12
To: Didier Wiroth
Cc: misc@openbsd.org
Subject: Re: /bin file called [
On Mon, Sep 10, 2007 at 11:44:24AM +0200, Didier Wiroth wrote:
| Hello,
| When I do my own release I noticed that a file called [ is
created in the
/bin directory:
| Here is an ls -la of /bin, see the first file:
| $ ll /bin/
| total 16080
| -r-xr-xr-x 2 root bin89.8K May 18 16:33 [
| -r-xr-xr-x 2 root bin89.8K May 18 16:33 test
^-- Note the linkcount...
Try the following : ls -li /bin/{[,test}
You'll see that [ and test have the same inode number. This is because
they are the same program. Try reading the manpage for [(1) ('man [').
| This file is not present in the official base4x.tgz file
(from ftp or
cd)
| I noticed that this file was created on my i386 and my
amd64 platforms
| Has anyone else noticed that?
Sendmail client multiple MX
Hi I'got a problem with sendmail on OpenBSD 4.1 It seems that the sendmail smtp client only try 2 mx for a domain with 4 mx with the same priority (e.g. aol.com) ; DiG 9.3.4 mx aol.com ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 60021 ;; flags: qr aa; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 18 ;; QUESTION SECTION: ;aol.com. IN MX ;; ANSWER SECTION: aol.com.3600IN MX 15 mailin-04.mx.aol.com. aol.com.3600IN MX 15 mailin-01.mx.aol.com. aol.com.3600IN MX 15 mailin-02.mx.aol.com. aol.com.3600IN MX 15 mailin-03.mx.aol.com. Is it possible to configure sendmail to connect to all the mx ? Thanks in advance
Re: Sendmail client multiple MX
[EMAIL PROTECTED] wrote: Hi I'got a problem with sendmail on OpenBSD 4.1 It seems that the sendmail smtp client only try 2 mx for a domain with 4 mx with the same priority (e.g. aol.com) ;; QUESTION SECTION: ;aol.com. IN MX ;; ANSWER SECTION: aol.com.3600IN MX 15 mailin-04.mx.aol.com. aol.com.3600IN MX 15 mailin-01.mx.aol.com. aol.com.3600IN MX 15 mailin-02.mx.aol.com. aol.com.3600IN MX 15 mailin-03.mx.aol.com. A few more boxes that you forgot about: $ dig mailin-01.mx.aol.com +short 64.12.137.184 64.12.137.249 205.188.158.121 205.188.159.57 $ dig mailin-02.mx.aol.com +short 64.12.137.89 64.12.137.168 205.188.155.89 205.188.157.25 $ dig mailin-03.mx.aol.com +short 64.12.138.120 64.12.138.153 205.188.157.217 $ dig mailin-04.mx.aol.com +short 205.188.159.216 64.12.138.57 64.12.138.88 Depending on the config, Sendmail should try all of the above IPs until it delivers mail.
Re: Sendmail client multiple MX
Craig Skinner wrote: [EMAIL PROTECTED] wrote: Hi I'got a problem with sendmail on OpenBSD 4.1 It seems that the sendmail smtp client only try 2 mx for a domain with 4 mx with the same priority (e.g. aol.com) Forgot to say, AOL demands rDNS, so sendmail may be giving up when it gets x rejects, if your rDNS is bad. http://postmaster.aol.com/info/rdns.html
Re: Virtualisation
Adrian Fisher wrote: Hello there, Does OpenBSD support virtualisation where multiple computers operate as one single virtual system rather than just one system running as multiple virtual systems? I am thinking of buying a series of blade systems which I want to run as one single system to offer redundancy for increased reliability. Does anyone have any suggestions as to which would be the most suitable ones to choose? I know Sun advertise Solaris as being capable of this but don't yet know about xBSD. I rather like Sun Microsystems kit but have yet to decide which I will go for. It will be used for a high volume network so will need something with a high bandwidth capacity. I think this is more or less the goal of DragonflyBSD or plan9. You can also have a look at MOSIX on google. However, you should not expect to be able to run all applications with this kind of model. As someone mentioned, OpenBSD is extremely good at load balancing applications with the bundle of pf/carp/hostated/ifstated. It all depends on what you plan to run on this cluster.
Re: Show your appreciation and get your 4.2 DVD
Theo de Raadt wrote: snip Decreasing CD sales means the margins have to be adjusted. More of you are relying on our FTP services, and also donating less. snip Hey Theo just a quick suggestion to increase the cash donations: Why aren't the web-order-cash-donations (no longer) added to the donations.html page ? Sad but unfortunately true there are petty people like me for whom that actually matters. They are, but there is a lot of latency. Yes, that really sucks. Perhaps I will take a shot at 'pushing' a lot of them forward today.
help needed with laptop hdd
Hi, unfortunately the harddisk in my X40 died. And even worse, I just learned that the disk in the X40 is kind of special. It is a 1.8 hard disk that does NOT use the ZIF connector (these are somewhat common) but the same 44pin connector 2.5 disks use. 1.8 disks with that connector have only ever been made by Hitachi. I have looked for a disk up and down all day without success. So, if anyone is able to kind-of quickly get me a Hitachi HTC426060G9AT00, that would be most welcome and would allow me to hack when I am at home again ;( I am in Hamburg/Germany, btw. Thanks. Henning
Re: Virtualisation
I want to use it for a mixture of web-hosting, virtual servers, etc. but also for running a new online game. I want to ensure (as much as is possible) that a system fails for whatever reason the workload running on it is automatically redistributed across the remaining systems. A. On 10/09/2007, Jason Dixon [EMAIL PROTECTED] wrote: On Sep 10, 2007, at 8:01 AM, Adrian Fisher wrote: Hello there, Does OpenBSD support virtualisation where multiple computers operate as one single virtual system rather than just one system running as multiple virtual systems? I am thinking of buying a series of blade systems which I want to run as one single system to offer redundancy for increased reliability. Does anyone have any suggestions as to which would be the most suitable ones to choose? I know Sun advertise Solaris as being capable of this but don't yet know about xBSD. I rather like Sun Microsystems kit but have yet to decide which I will go for. It will be used for a high volume network so will need something with a high bandwidth capacity. There are clustering features in OpenBSD (e.g. CARP) and in ports, but it doesn't support a whole-system method of clustering. It would help to know what you're trying to support via aggregation and redundancy (bandwidth, databases, application servers, etc). By the way, what happens when your blade chassis craps out? ;) --- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: upgrading ports from 4.1 to 4.2
not supported as in we don't care if you have problem with it, or not supported as in it will certainly end with a segfault ? On 9/10/07, Stuart Henderson [EMAIL PROTECTED] wrote: building from ports without X is not supported (including those that don't need X to run).
Re: help needed with laptop hdd
On 9/10/07, Henning Brauer [EMAIL PROTECTED] wrote: Hi, unfortunately the harddisk in my X40 died. And even worse, I just learned that the disk in the X40 is kind of special. It is a 1.8 hard disk that does NOT use the ZIF connector (these are somewhat common) but the same 44pin connector 2.5 disks use. 1.8 disks with that connector have only ever been made by Hitachi. I have looked for a disk up and down all day without success. So, if anyone is able to kind-of quickly get me a Hitachi HTC426060G9AT00, that would be most welcome and would allow me to hack when I am at home again ;( I am in Hamburg/Germany, btw. [snip] My financial situation does not allow me to get you one :-( But after some googling I found one. According to http://computers.pricegrabber.com/hard-drives/m/10437456/ the price is USD 399.-- for a 60GB disk. =Adriaan=
[OT] password aging/expiry
i want to make a little survey to see how many people use password aging and if yes, how long ? why ? (of course, depending on sensitivity of your box) a few +/- (+) * As passwords age, the probability that they are compromised grows. = but how much age ? 1 month ? 1 year ? * if compromised, limit usefulness = when you have a pass, you use it now, not next year ... and install a backdoor so you use it only once. * limit password sharing = not really, better explain users to avoid sharing (-) * can put a lot of strain on helpdesk depending on the computer level of your users (forgotten password, locked accounts, don't understand, ...) * if too short, only minor changes are done to the password ex: xx1, xx2, xx3, ... (number, date, ...) * alone, does not enforce good passphrase = does not replace a good policy and user explanation * if too much restrictions on passphrase, they will go on post-it, PDA or else which are, in general, less secure. * doesn't help common user to get and keep a strong passphrase * doesn't replace good accounts management (when someone quit, disable the account and else) a few policy on the net: http://www.uncfsu.edu/itts/networking/passwords.htm 180d http://west.wwu.edu/atus/web/pwordaging.shtml regularly http://www.pasteur.fr/infosci/utilinfo/HOWTO/passwd.html1y http://www.columbia.edu/acis/sy/unixdev/policy/password-aging.html http://security.georgetown.edu/passwords.html no aging rule http://www.int-evry.fr/s2ia/unix/mode-d-emploi/change-passwd.htm 6m thanks Regards
Re: help needed with laptop hdd
On Monday, September 10, 2007 at 17:48:31 +0200, Henning Brauer wrote: Hi, unfortunately the harddisk in my X40 died. And even worse, I just learned that the disk in the X40 is kind of special. It is a 1.8 hard disk that does NOT use the ZIF connector (these are somewhat common) but the same 44pin connector 2.5 disks use. 1.8 disks with that connector have only ever been made by Hitachi. I have looked for a disk up and down all day without success. So, if anyone is able to kind-of quickly get me a Hitachi HTC426060G9AT00, that would be most welcome and would allow me to hack when I am at home again ;( I am in Hamburg/Germany, btw. There's a HTC426040G9AT00 for 99 euro at www.alternate.nl. Although the model number indicates that it is the correct drive (but only 40 GB instead of 60 GB), the website says that it has a ZIF connector. I suppose it's a mistake on the website. I'm willing to get the drive and send it to you, if you can live with the reduced capacity. It would be nice if someone can step in to share the cost. Maurice
Re: upgrading ports from 4.1 to 4.2
nicodache schrieb: ok. so you all advice me to install 4.2 with xbase. and with that, I can install packages/ports with no_x11, and things that needs X parts will work correctly ? I'll go for that :) You can install no_x11 packages without xbase AFAIR. But you can't build them from ports. Greetings Markus
Re: upgrading ports from 4.1 to 4.2
ok. so you all advice me to install 4.2 with xbase. and with that, I can install packages/ports with no_x11, and things that needs X parts will work correctly ? I'll go for that :) On 9/10/07, Markus Hennecke [EMAIL PROTECTED] wrote: nicodache schrieb: On 9/10/07, Stuart Henderson [EMAIL PROTECTED] wrote: building from ports without X is not supported (including those that don't need X to run). not supported as in we don't care if you have problem with it, or not supported as in it will certainly end with a segfault ? Not supported as in it won't build and certainly no one will care about problems related to the missing X. Greetings Markus
Re: help needed with laptop hdd
On Mon, Sep 10, 2007 at 05:48:31PM +0200, Henning Brauer wrote: Hi, unfortunately the harddisk in my X40 died. And even worse, I just learned that the disk in the X40 is kind of special. It is a 1.8 hard disk that does NOT use the ZIF connector (these are somewhat common) but the same 44pin connector 2.5 disks use. 1.8 disks with that connector have only ever been made by Hitachi. I have looked for a disk up and down all day without success. So, if anyone is able to kind-of quickly get me a Hitachi HTC426060G9AT00, that would be most welcome and would allow me to hack when I am at home again ;( I am in Hamburg/Germany, btw. Hi Henning. Unfortunately my X40 died too (acid from the battery leaked into the system killing half of the keyboard and almost all of the screen :/) But the Harddisk seems to be intact (I could retrieve the data without any problems). I can ship it to you (I from germany too ;). So if you whish contact me offlist. So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: how get colour mutt when ssh from OBSD?
On 9/10/07, Douglas A. Tutty [EMAIL PROTECTED] wrote: Hello, I have a box that runs OpenBSD that sshes into my Debian box. On OpenBSD, the default colour term is vt220 so when I ssh to debian, TERM is set to vt220. env TERM=xterm-color [EMAIL PROTECTED]
Re: how get colour mutt when ssh from OBSD?
On 9/10/07, Douglas A. Tutty [EMAIL PROTECTED] wrote: Hello, I have a box that runs OpenBSD that sshes into my Debian box. On OpenBSD, the default colour term is vt220 so when I ssh to debian, TERM is set to vt220. When I run mc, all is well; colour, line draw, whatever. When I run lynx or mutt, I get black on white with no colour. On Lynx this means that my blue on gray ends up as white on black; with mutt I don't get the blue top and bottom lines or the red thread lines. If I ssh in from an xterm, with TERM=xterm, everything is fine. Does anyone have any clues on this? I've often wondered about this myself. All I know is that if I run mutt inside screen, I get colors. Terry
Re: Show your appreciation and get your 4.2 DVD
Theo de Raadt wrote: Theo de Raadt wrote: Theo de Raadt wrote: snip Decreasing CD sales means the margins have to be adjusted. More of you are relying on our FTP services, and also donating less. snip Hey Theo just a quick suggestion to increase the cash donations: Why aren't the web-order-cash-donations (no longer) added to the donations.html page ? Sad but unfortunately true there are petty people like me for whom that actually matters. They are, but there is a lot of latency. Yes, that really sucks. Perhaps I will take a shot at 'pushing' a lot of them forward today. Yup me too petty and whiner. I have been sending $20 a month for something over a year. I was on the donation page, then gone. Sent mail to Austin a couple of times, got peevish and wanted to stop the donation ... then remembered, I don't do it for credit. I do it so the project can continue, or in this case buy pizza for one day of one hackathon once a year. I order CD, poster and T-shirt for every release, not because I think you care but because I get fantastic value for dollar. Yours is a special case. Yours comes as that weird mailed cheque, and I did add you. Bizzare, but I never commited it, because ... I don't know how. Bizzare. Maybe it conflicted by the time I wanted to. The big issue these days is donation fraud -- I'm not joking. About 20-30% of donations by credit/paypal come in, and then the transaction does not clear (credit card) or gets backed out of later (credit card or paypal). We have been trying to not cope with that through a process of deleting names later, and that has introduced latency. But I don't know how to tell the public those figures. It is unbelievably stupid. I did not know that. You have already spent way more time on this than the donation in question is worth. I do it this way because it is automated from my perspective and therefore reliable, and allows me to retain control of the transaction. If there is a better way I would be happy to change.
Re: OT: Sun X4100 M2 management interface out of wack suggestions?
Hi, Quick updates on this one. My problem is now solved and I got very nice help from some gentlemen working at Sun that step in off list to help me out and all is now finally work. Nice to see some good guys following misc@ and be interested to make sure Sun hardware (some of them anyway) works with our favorite OS. Thanks Daniel
For Sale 92 apt/32 retail units in OKC
CRRC is pleased to announce for sale Lightning Creek Retail and Apartments. Lightning Creek is a 92-unit apartment/32-unit retail property located in Oklahoma City, Oklahoma. To view the complete marketing package visit www.crrc.us/lightningcreek.htm Mike Buhl CRRC 2425 Wilcox Drive Norman, OK 73069 (405) 360-5966 [EMAIL PROTECTED] To be removed send a blank email to [EMAIL PROTECTED] with UNSUBSCRIBE in the subject line In order to ensure removal please send the email from the address that received our email You can also visit www.crrc.us/removalrequest.htm
Re: filesystems?
I think that the best choice is FAT32 it will works out-of-the-box on all systems a usb stick isn't a device that must have some performance IMHO 2007/9/8, Shawn K. Quinn [EMAIL PROTECTED]: On Sun, 2007-09-02 at 20:51 -0400, stan wrote: I'm trying to decide what filesystem to use on a USB drive. I'd like to be able to access the unit from OpenBSD, FreeBSD, Linux, and perhaps Windows. What is the intersection of the sets of filesystems supported by these various OS's? There do exist ext2fs drivers for Windows; obviously anything which boots the kernel, Linux, can read and write ext2fs. There may well exist UFS drivers for Windows but I haven't looked. (I only use OpenBSD on my firewall/router.) If you can live with the limitations of FAT32, then you may want to use that; fragmentation really isn't as much of an issue if it's a solid state device (you don't say). I personally find it ludicrous not to be able to use a filename on a Unix-like OS that wasn't legal in Microsoft MS-DOS 1.0 (e.g. filenames with colons). -- Shawn K. Quinn [EMAIL PROTECTED] -- .''`. Andrea Ferraresi [EMAIL PROTECTED] : :' : irc.FreeNode.net #lslug | JID [EMAIL PROTECTED] . `` Registered Linux user #388877 and Machine #289399 `- WebMaster http://www.ls-lug.org
Re: filesystems?
At 10:33 PM 9/10/2007 +0200, Andrea Ferraresi wrote: I think that the best choice is FAT32 it will works out-of-the-box on all systems a usb stick isn't a device that must have some performance IMHO Watch out for USB sticks!! Many now are coming with 'U3' - a piece of crap piece of s/w that will try to crash your machine whenever you insert it. Here's a link to the removal page from U3: http://www.u3.com/uninstall/ Lee
Re: problem with ipsec tunnel between pix and openbsd
Sebastian Reitenbach wrote:
Hi,
I setup a tunnel between a pix and an openbsd isakmpd to
connect two networks behind each tunnel endpoint.
pinging through the tunnel from both sides works, for
the first 15 minutes. then the ping stops working.
When I recreate the tunnel, then the ping starts to
work again. I start isakmpd with isakmpd -k and I use
ipsecctl to activate the tunnel.
To work around the problem I added dead peer detection
to the isakmpd.conf file. It checks every 10 seconds for a
dead peer, this detects that the tunnel is not in a good
state, and restarts it. I also found in an old howto that
I have to create a policy file, that says that the OpenBSD
box is the initiator of the tunnel.
I have not found a way to prevent the tunnel to go into
that bad state. I think I have a problem with rekeying.
In my eyes activating the DPD is only a
working on the symptoms, so I assume there must be a better
way to fix the problem.
here my isakmpd.conf file:
[General]
Listen-on=131.103.56.171
Default-phase-1-lifetime= 28800,60:86400
Default-phase-2-lifetime= 1200,60:86400
DPD-check-interval= 10
Policy-File=/etc/isakmpd/isakmpd.policy
and here my ipsecctl.conf file:
ike active esp from 192.168.0.0/24 to 10.1.0.0/24 \
local $my_gw peer $remote_gw \
main auth hmac-md5 enc 3des group grp2 \
quick auth hmac-md5 enc aes group none \
psk MyTopSecretKey
any idea what I can try to prevent the tunnel stop working?
kind regards
Sebastian
It will be helpful, if you can give the corresponding PIX configuration as well.
your ipsecctl.conf seems to be good! Can you give us the output of ipsecctl -vv
-sa and tail -f /var/log/{daemon, messages}
Prabhu
-
Re: filesystems?
L. V. Lammert [EMAIL PROTECTED] writes: Watch out for USB sticks!! Many now are coming with 'U3' - a piece of crap piece of s/w that will try to crash your machine whenever you insert it. oh, so that's what happened when I put my new 4GB USB stick into a Windows machine. On OpenBSD, it just mounted like regular (but looking at messages right now it actually shows up as an emulated CD plus the regular drive), while on Windows it went through several minutes of things 'just happening' and requiring a reboot. Here's a link to the removal page from U3: http://www.u3.com/uninstall/ ah, thanks for the link. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Virtualisation
On 9/10/07, Adrian Fisher [EMAIL PROTECTED] wrote: I want to use it for a mixture of web-hosting, virtual servers, etc. but also for running a new online game. I want to ensure (as much as is possible) that a system fails for whatever reason the workload running on it is automatically redistributed across the remaining systems. wont a well written game have very little crunching going on, just a ton of push and pull? I'd rather design something that isn't going to box me into needing the application to see one singular environment. a bit off topic though. I'm trying to encourage you to avoid the smp model IOW. Its overrated.
Re: filesystems?
On 2007/09/10 23:54, Peter N. M. Hansteen wrote: oh, so that's what happened when I put my new 4GB USB stick into a Windows machine. On OpenBSD, it just mounted like regular (but looking at messages right now it actually shows up as an emulated CD plus the regular drive) Kinda like huawei e220 (except that one hides the real device until it's poked by a driver). I think this method of not having to ship a CDROM with the devices will become the norm very quickly.
Re: CARP access outside a subnet
Sorry about dredging this up again. A move got in the way and ... well, anyway. The upshot is, the hostnames have changed, and the subnet has changed, but the configuration and problem are effectively identical. The pings from the outside don't error out, they just never return. the outside machine: [EMAIL PROTECTED]:~$ ping 65.103.82.90 PING 65.103.82.90 (65.103.82.90): 56 data bytes ^C --- 65.103.82.90 ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss [EMAIL PROTECTED]:~$ tcpdump on the carp master: carp-md# tcpdump -e -n -i xennet1 host miskatonic.uberh4x0r.org tcpdump: WARNING: xennet1: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on xennet1, link-type EN10MB (Ethernet), capture size 96 bytes 19:14:17.758467 00:16:3e:56:2d:c7 00:00:5e:00:01:41, ethertype IPv4 (0x0800), length 98: IP 70.90.241.185 65.103.82.90: icmp 64: echo request seq 0 19:14:18.754646 00:16:3e:56:2d:c7 00:00:5e:00:01:41, ethertype IPv4 (0x0800), length 98: IP 70.90.241.185 65.103.82.90: icmp 64: echo request seq 1 19:14:19.760833 00:16:3e:56:2d:c7 00:00:5e:00:01:41, ethertype IPv4 (0x0800), length 98: IP 70.90.241.185 65.103.82.90: icmp 64: echo request seq 2 19:14:20.757493 00:16:3e:56:2d:c7 00:00:5e:00:01:41, ethertype IPv4 (0x0800), length 98: IP 70.90.241.185 65.103.82.90: icmp 64: echo request seq 3 but it turns out i can't get to the internet from the master, either. carp-md# route -n get default route to: default destination: default mask: default gateway: 65.103.82.94 local addr: 65.103.82.90 interface: carp65 flags: UP,GATEWAY,DONE,STATIC recvpipe sendpipe ssthresh rtt,msecrttvar hopcount mtu expire 0 0 0 0 0 0 0 0 carp-md# ping 65.103.82.94 PING modem-meus.dsrw.org (65.103.82.94): 56 data bytes 64 bytes from 65.103.82.94: icmp_seq=0 ttl=64 time=2.473 ms 64 bytes from 65.103.82.94: icmp_seq=1 ttl=64 time=0.868 ms 64 bytes from 65.103.82.94: icmp_seq=2 ttl=64 time=0.846 ms ^C modem-meus.dsrw.org PING Statistics 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.846/1.396/2.473/0.933 ms carp-md# ping -c1 miskatonic.uberh4x0r.org PING miskatonic.uberh4x0r.org (70.90.241.185): 56 data bytes ping: sendto: No route to host ^C miskatonic.uberh4x0r.org PING Statistics 1 packets transmitted, 0 packets received, 100.0% packet loss carp-md# .94 is the DSL modem, which is the default route for my real router. This machine can, of course, get to the internet. router-meus# route -n get default route to: default destination: default mask: default gateway: 65.103.82.94 local addr: 65.103.82.81 interface: xennet1 flags: UP,GATEWAY,DONE,STATIC recvpipe sendpipe ssthresh rtt,msecrttvar hopcount mtu expire 0 0 0 0 0 0 0 0 router-meus# ping -c1 65.103.82.94 PING modem-meus.dsrw.org (65.103.82.94): 56 data bytes 64 bytes from 65.103.82.94: icmp_seq=0 ttl=64 time=0.889 ms modem-meus.dsrw.org PING Statistics 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.889/0.889/0.889/0.000 ms router-meus# ping -c1 miskatonic.uberh4x0r.org PING miskatonic.uberh4x0r.org (70.90.241.185): 56 data bytes 64 bytes from 70.90.241.185: icmp_seq=0 ttl=51 time=92.139 ms miskatonic.uberh4x0r.org PING Statistics 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 92.139/92.139/92.139/0.000 ms router-meus# On 16 Apr 2007, Markus Wernig wrote: Hi I'm not sure about carp supporting addresses in other subnets than the physical one. But to debug this further: - what does tcpdump -e -n -i xennet1 show on the routers when you ping the virtual interface from outside the lan? - is the route for the egress path the same as for the ingress path (i.e. does the route back to the accessing device point out over the same interface (xennet1) that the packets come in on)? - maybe your next hop router does not receive the virtual mac address. check the arp table on the next hop router. - what is the error message when pinging from the outside and who generates it? krgds /markus david l goodrich wrote: I'm sorry to bring this up again, since it didn't get any responses the first time. But I haven't had any luck on my own, and was hoping someone might have an idea. On 4/9/07, david l goodrich dlgoodrich wrote: I have two hosts in a CARP group. on router-meus-cd1, i have the following network configuration: router-meus-cd1# ifconfig xennet1 xennet1: flags=8963UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 capabilities=2800TCP4CSUM_Tx,UDP4CSUM_Tx enabled=0 address: 00:16:3e:71:ef:6f inet 10.10.10.2 netmask 0xff00 broadcast
Re: filesystems?
On Mon, 10 Sep 2007, Stuart Henderson wrote: On 2007/09/10 23:54, Peter N. M. Hansteen wrote: oh, so that's what happened when I put my new 4GB USB stick into a Windows machine. On OpenBSD, it just mounted like regular (but looking at messages right now it actually shows up as an emulated CD plus the regular drive) Kinda like huawei e220 (except that one hides the real device until it's poked by a driver). I think this method of not having to ship a CDROM with the devices will become the norm very quickly. CDROM images for drivers [as a reference] are fine, .. but U3 *autoinstalls* a driver on the host system! Any machine that detects the autorun is susceptable to being hosed by U3, hence the warning. The CD is not for drivers, but it's for installing THEIR stupid SW on YOUR machine on every insertion. If the prices weren't so low, it wouldn't be worth purchasing them. Lee
