Re: Dummy question about .htaccess
Tom Rosso wrote: You may also consider moving the passwd file out of htdocs. I believe this is a security hazard. Mine is in /var/www/etc. Basically it should be anywhere except any web-accessible directory. However, HTTP Basic Authentication is worse than basic FTP. The password and username get sent unencrypted for each request. I see that mod_auth_kerberos is part of the packages available for OpenBSD: http://www.openbsd.org/4.3_packages/i386/mod_auth_kerb-5.3p1.tgz-long.html Would combining that with SSL/TLS be what is most recommended here for serving sensitive data over the web? Regards -Lars
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
IF YOU took time to read PROPERLY Jonathan, the drivers WORKS, BUT ONLY FOR ONE NATIVE ENTRY in the disklabel. but like I WROTE, i structured my bsd system in more THAN ONE native bsd entry ie /usr/local ... IS ON wd0e if i load wd0e i get the proper size, but what's ls on my screen IS THE MAIN ROOT. so get back to your project , ill get back to subsidaries who actually cares about openbsd full market deployment overlordship. enjoy, neko --- On Mon, 10/27/08, Jonathan Schleifer [EMAIL PROTECTED] wrote: From: Jonathan Schleifer [EMAIL PROTECTED] Subject: Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ? To: Aram HAVARNEANU [EMAIL PROTECTED] Cc: misc@openbsd.org Date: Monday, October 27, 2008, 6:29 AM Am 27.10.2008 um 10:49 schrieb Aram HAVARNEANU: I have been using it extensively for several years (since it first appeared) on about ~10 systems and never had a single problem with it. Is your bug reproducible? Did you fill a bug report? It was reproducable, as it seemed to always happen when an application tried to write to it. Some directories would get unreadble in Windows then and when booting back to Linux, the FS was always unclean and e2fsck tried to fix it with the beforementioned result. I did not report it as the driver seemed to be already dead at that time. The driver still doesn't run on Vista, but the ext2fsd driver does, so I think fs-driver.org can be considered obsoleted by ext2fsd - which has its own, different problems (at least no data loss), but supports UTF-8 encoded filenames. -- Jonathan [demime 1.01d removed an attachment of type application/pgp-signature which had a name of PGP.sig]
change serial console to display
Hello gents, I did configure my old box with serial console probably 2 y ago. Now I'd like to get it back to normal. I don't have null modem cable available. What needs to be changed? I already tried without success: echo /etc/boot.conf or set tty pc0 but I'm still not able to get login on display. Any suggestions? -- ico
Re: change serial console to display
ico wrote: echo /etc/boot.conf Remember also /etc/ttys http://www.openbsd.org/faq/faq7.html#SerCon Regards, -Lars
NTFS EXPERT Read/Write MULTI OS ready to DEPLOY on HIS obsd ?
WO obviously you read what you want to read, i have being using openbsd since 2.6 and contributing, so please read before posting. ihave being wanted this request since 3.7. nothing has being done, allthou a project like backtrack, released it in their first month of deployment. a computer is a lock , code is the key, and for some reason your saying some keys shouldnt be used but are used. you getting digital dusted here, im suggesting and your flaming back to either get the f out or got to microsoft YOU HAVE SERIOUS TROLLING ISSUES thanks for everything leaveing you for tech for good I KNEW BUT NOW I KNOW WHY THEO NEVER READS MISC --- On Mon, 10/27/08, J.C. Roberts [EMAIL PROTECTED] wrote: From: J.C. Roberts [EMAIL PROTECTED] Subject: Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ? To: [EMAIL PROTECTED] Cc: misc@openbsd.org Date: Monday, October 27, 2008, 3:40 AM On Sunday 26 October 2008, Neko wrote: its shows that some poor trolls here dont own ultraportables with no external drives, and use more than one os alternative. i pass data from bsd to fat 32 so in m$ its then copy onto ntfs, i have 1 disk - 8 os, nothing is being done , but more and more ultraportables sells, yes it could be resolv into using an ext2 partition instead, but that is not resolving a problem its going around it covering eyes and ears. my stuff works, its just a pain , and ffs driver in windooz cant read more than one disklabel. bsd suggest using more than one partition, in that problem , one is the solution, next time i wont RTFM, and do as i see fit because their more opinions than guidlines. now as for backwards bsd. why does freebsd write to ntfs? why does osx write to ntfs.. seems to me that is more some obstination done not to support it. shure im doing it wrong , because nothing is being done. but shure a color-ls.pkg is more important if you ask me, SARCASTIC neko neko, Your impolite off list response to me was one thing, but publicly calling Ted Unangst a troll is pure stupidity. Ted is one of the people kind enough to give you OpenBSD. The only good thing about you being stupid enough to put 8 operating systems on one disk is the people on this mailing list have an 87.5% chance you'll decide to use some other OS, uninstall OpenBSD, unsubscribe from misc@, and your pointless bitching will end. You and everyone else dumb enough to run the read/write NTFS code offered by ntfs-g3.org or similar are only one Windows Update away from corrupting all your data. The NTFS file system is intentionally undocumented, so Microsoft can, and will, change their internal NTFS specification whenever they want. This means your misguided use of the ntfs-g3.org code can start destroying your NTFS data whenever Microsoft decides they want your data destroyed. Microsoft very intentionally tries to make sure their products are undocumented and incompatible for two reasons; (1) it allows Microsoft to lock-in the end users, and (2) some end users and some free software developers are dumb enough to burn up all their time and resources attempting to attain and maintain compatibility with Microsoft's ever changing undocumented crap. There really are people in the world smart enough to avoid wasting their time with intentionally undocumented and incompatible crap from vendors like Microsoft. You are obviously not one of them. You are not even smart enough to understand the real problems caused by running a sad hack to access an undocumented file system that the vendor can change at any moment. Worse yet, you're dumb enough to bitch and complain because OpenBSD is smart enough to prevent you from shooting yourself in the foot with unreliable file system code. The best thing you can do is uninstall OpenBSD, unsubscribe from misc@, and continue down your ignorant path to eventual data destruction using one of the seven other operating systems you currently have installed. -JCR
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Am 28.10.2008 um 08:49 schrieb Neko: IF YOU took time to read PROPERLY Jonathan, 1.) Top posting is evil. 2.) Stop using caps all the time. 3.) I wasn't replying to your post. You are not the only person discussing on this list. 4.) If YOU took the time to read PROPERLY Neko, to which post it was a reply the drivers WORKS, BUT ONLY FOR ONE NATIVE ENTRY in the disklabel. I was not talking about the disklabel at all but like I WROTE, i structured my bsd system in more THAN ONE native Honestly? I don't care. I was replying to the post about fs-driver.org. so get back to your project , ill get back to subsidaries who actually cares about openbsd full market deployment overlordship. Please, troll somewhere else. No, you won't get any fish here. -- Jonathan [demime 1.01d removed an attachment of type application/pgp-signature which had a name of PGP.sig]
Re: change serial console to display
On 08:49:13 Oct 28, ico wrote: Hello gents, I did configure my old box with serial console probably 2 y ago. Now I'd like to get it back to normal. I don't have null modem cable available. What needs to be changed? I already tried without success: echo /etc/boot.conf or set tty pc0 but I'm still not able to get login on display. Any suggestions? Your /etc/ttys should have the line: tty00 /usr/libexec/getty std.9600 vt100 on secure -Girish
Re: NTFS EXPERT Read/Write MULTI OS ready to DEPLOY on HIS obsd ?
Am 28.10.2008 um 08:33 schrieb Neko: WO obviously you read what you want to read, Same for you. i have being using openbsd since 2.6 and contributing, so please read before posting. If you have been contributing ihave being wanted this request since 3.7. then why do you cry instead of implementing it yourself? nothing has being done, allthou a project like backtrack, released it in their first month of deployment. Implement it yourself or STFU, that's how OpenSource works. you getting digital dusted here, im suggesting and your flaming back to either get the f out or got to microsoft I (and I think may others) suggest you just leave this list and troll somewhere else. YOU HAVE SERIOUS TROLLING ISSUES Uhm, am I the only one finding huge amounts of irony here? I KNEW BUT NOW I KNOW WHY THEO NEVER READS MISC He does read misc, you can even find postings from him here PS: Creating a new thread doesn't give you more credibility, it does the opposite -- Jonathan [demime 1.01d removed an attachment of type application/pgp-signature which had a name of PGP.sig]
Re: change serial console to display
ico schrieb: Hello gents, I did configure my old box with serial console probably 2 y ago. Now I'd like to get it back to normal. I don't have null modem cable available. What needs to be changed? I already tried without success: echo /etc/boot.conf or set tty pc0 but I'm still not able to get login on display. Any suggestions? Did you try to switch to a different console? like ctrl-alt-f2?
Re: PostgreSQL Problems
Simon Connah wrote: Sorry if this is the wrong list, I debated whether to post it to ports but as it is not a problem with the port itself and is more a user problem (i.e I'm being stupid :)) I thought misc was probably more appropriate. Anyway I've been trying to get PostgreSQL setup on my 4.3 box and I'm not having much luck at all. I've followed the instructions in README.OpenBSD but I think I am missing something very simple here. Any help would be greatly appreciated. Thank you. It would probably be easier to post a log of all the steps I have taken so here it is: [Sun Oct 26 16:20:48 [EMAIL PROTECTED]:~]sudo su - [Sun Oct 26 16:20:52 [EMAIL PROTECTED]:~]passwd _postgresql Changing local password for _postgresql. New password: Retype new password: [Sun Oct 26 16:21:12 [EMAIL PROTECTED]:~]logout [Sun Oct 26 16:21:16 [EMAIL PROTECTED]:~]su - _postgresql Password: $ mkdir /var/postgresql/data $ initdb -D /var/postgresql/data -U postgres -A md5 -W The files belonging to this database system will be owned by user _postgresql. This user must also own the server process. The database cluster will be initialized with locale C. fixing permissions on existing directory /var/postgresql/data ... ok creating subdirectories ... ok selecting default max_connections ... 10 selecting default shared_buffers/max_fsm_pages ... 400kB/2 creating configuration files ... ok creating template1 database in /var/postgresql/data/base/1 ... FATAL: could not create shared memory segment: Cannot allocate memory DETAIL: Failed system call was shmget(key=1, size=1646592, 03600). HINT: This error usually means that PostgreSQL's request for a shared memory segment exceeded available memory or swap space. To reduce the request size (currently 1646592 bytes), reduce PostgreSQL's shared_buffers parameter (currently 50) and/or its max_connections parameter (currently 10). The PostgreSQL documentation contains more information about shared memory configuration. child process exited with exit code 1 initdb: removing contents of data directory /var/postgresql/data Also have a look in docs about shared memory allocation : http://developer.postgresql.org/pgdocs/postgres/kernel-resources.html $ logout sh: logout: not found $ exit [Sun Oct 26 16:23:32 [EMAIL PROTECTED]:~]sudo shutdown -r now Shutdown NOW! shutdown: [pid 30708] [Sun Oct 26 16:23:44 [EMAIL PROTECTED]:~] *** FINAL System shutdown message from [EMAIL PROTECTED] *** System going down IMMEDIATELY System shutdown time has arrived Connection to 192.168.1.15 closed by remote host. Connection to 192.168.1.15 closed. typhoon:~ simon$ ssh [EMAIL PROTECTED] ssh: connect to host 192.168.1.15 port 22: Connection refused typhoon:~ simon$ ssh [EMAIL PROTECTED] [EMAIL PROTECTED]'s password: Last login: Sun Oct 26 16:22:14 2008 from typhoon.local OpenBSD 4.3 (GENERIC) #2: Wed Oct 22 22:43:28 BST 2008 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. [Sun Oct 26 16:25:14 [EMAIL PROTECTED]:~]top [Sun Oct 26 16:25:36 [EMAIL PROTECTED]:~]su - _postgresql Password: $ initdb -D /var/postgresql/data -U postgres -A md5 -W The files belonging to this database system will be owned by user _postgresql. This user must also own the server process. The database cluster will be initialized with locale C. fixing permissions on existing directory /var/postgresql/data ... ok creating subdirectories ... ok selecting default max_connections ... 40 selecting default shared_buffers/max_fsm_pages ... 28MB/179200 creating configuration files ... ok creating template1 database in /var/postgresql/data/base/1 ... ok initializing pg_authid ... ok Enter new superuser password: Enter it again: setting password ... ok initializing dependencies ... ok creating system views ... ok loading system objects' descriptions ... ok creating conversions ... ok setting privileges on built-in objects ... ok creating information schema ... ok vacuuming database template1 ... ok copying template1 to template0 ... ok copying template1 to postgres ... ok Success. You can now start the database server using: postgres -D /var/postgresql/data or pg_ctl -D /var/postgresql/data -l logfile start $ pg_ctl -D /var/postgresql/data -l logfile start server starting $ createuser simon Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n) y Shall the new role be allowed to create more new roles? (y/n) y Password: createuser: could not connect to database postgres: FATAL: password authentication failed for user _postgresql $ createuser simon Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n)
Re: NTFS EXPERT Read/Write MULTI OS ready to DEPLOY on HIS obsd ?
On Tue, Oct 28, 2008 at 9:33 AM, Neko [EMAIL PROTECTED] wrote: WO obviously you read what you want to read, i have being using openbsd since 2.6 and contributing, so please read before posting. What did you contribute? Code and commentary (wish lists) are NOT the same thing. ihave being wanted this request since 3.7. Have you tried to hack in FreeBSD's FUSE and NTFS-3G yourself? If you have what errors are you having? People are more likely to help if you're showing some efforts yourself. /* As a matter of curiosity why in the name of all that is good in the universe are you interested in using NTFS anyways? It is by NO means a common denominator when it comest to the varied scope of OSs available on the planet. */ nothing has being done, allthou a project like backtrack, released it in their first month of deployment. Uhm Backtrack is a GNU/Linux system, implementing FUSE/NTFS-3G on it is a doddle 'cause uhm oh yes the code was originally written on that tool chain. a computer is a lock , code is the key, and for some reason your saying some keys shouldnt be used but are used. Some projects take licensing very seriously for a good reason, they have a moral/philosophical reason for not including GPL code in OpenBSD-base. One of the reason's that for some of my projects I choose OpenBSD is this moral stand point. Other's are less strict about this, I stand corrected but I think that FreeBSD is more lax about this (only until a suitable replacement code piece is found). you getting digital dusted here, im suggesting and your flaming back to either get the f out or got to microsoft You are guilty of the flaming sin yourself, heal thy self physician. YOU HAVE SERIOUS TROLLING ISSUES See above comment. thanks for everything leaveing you for tech for good Changing mailing lists without changing attitude will land you up with the same problems. I'm under correction but I think a LOT of the people on the MISC list are probably also on TECH. I KNEW BUT NOW I KNOW WHY THEO NEVER READS MISC Hey actually does read this list, and answers too sometimes (mostly brief BUT hey it is him at least).
Re: change serial console to display
On Tuesday 28 October 2008, Girish Venkatachalam wrote: On 08:49:13 Oct 28, ico wrote: Hello gents, I did configure my old box with serial console probably 2 y ago. Now I'd like to get it back to normal. I don't have null modem cable available. What needs to be changed? I already tried without success: echo /etc/boot.conf or set tty pc0 but I'm still not able to get login on display. Any suggestions? Your /etc/ttys should have the line: tty00 /usr/libexec/getty std.9600 vt100 on secure -Girish Actually, you've got it backwards. The line you posted is to enable the serial console. The original poster already has serial enabled, but now wants to disable it. The correct line in /etc/ttys would be: tty00 /usr/libexec/getty std.9600 unknown off The details of setup are in the FAQ-7 http://www.openbsd.org/faq/faq7.html#SerCon -JCR
Re: Rare ntpd listen * failure
Hi, Christian Weisgerber schrieb: Very rarely, ntpd with a listen * configuration fails to start up for me, saying it can't bind to an address. As far as I can remember, that always happened to the very last address, a global IPv6 one. I can confirm this behaviour. Only happens when also using IPv6 and pretty much only happens when ntpd is started during bootup. This may not be ntpd's fault. I know some people have problems with isakmpd starting up isakmpd is just working fine for me though... Michael
Rare ntpd listen * failure
Very rarely, ntpd with a listen * configuration fails to start up for me, saying it can't bind to an address. As far as I can remember, that always happened to the very last address, a global IPv6 one. The condition is so rare, I'm not sure how I recovered from it on past occurrences. The last time it happened was two days ago on my laptop, after I had added a second ethernet interface for testing purposes. I was busy with something else so I didn't investigate and the problem went away when I ejected the interface. I haven't been able to reproduce it. This may not be ntpd's fault. I know some people have problems with isakmpd starting up before v6 duplicate address detection (DAD) has settled for all interfaces. Could DAD stall for minutes or never finish at all? Anyway, I just wanted to throw this out there as an observation. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: NTFS EXPERT Read/Write MULTI OS ready to DEPLOY on HIS obsd ?
On Tuesday 28 October 2008, Neko wrote: i have being using openbsd since 2.6 and contributing, so please read before posting. Liar. http://mlblog.osdir.com/openbsd.tech/2002-10/msg00208.shtml You also took a 5 year long break between 2003 and 2008. You should take another 5 year long break, or even better, take a permanent break from OpenBSD. --We won't miss you. YOU HAVE SERIOUS TROLLING ISSUES Nope. You've been rude to everyone, both on list and off. You have even insulted a number of the developers who gave you OpenBSD, including Theo, Nick Holland, Ted Unangst and others, both on misc@ and [EMAIL PROTECTED] The archives of the mailing lists have plenty of examples of you insulting people and doing nothing more than whining. -JCR
Re: Dell XPS M1330 Ethernet support?
Thank you for the information, but does it actually work for you? I have tested the latest AMD64 4.4 snapshot and while I can bring the device up and LEDs are blinking I get no response from my router. Should I try again with i386? Also, slightly unrelated, is it possible to break out of some unresponsive setup item(say ftp to openbsd.org without a connection) without leaving the setup altogether? Thank you 2008/10/27 Kevin Cornies [EMAIL PROTECTED]: On Sat, Oct 25, 2008 at 09:20:14PM +0900, Jordi Beltran Creix wrote: I recently acquired a Dell opensource laptop and am trying to install OpenBSD on it. But I am having a problem with the Ethernet. The device is detected as a Broadcom chipset and is managed by the bge driver. This is all from a i386 4.3 CD but I had the same problem with an old 4.4 snapshot. bge0 at pci4 dev 0 function 0 Broadcom BCM5906NP rev 0x02, BCM5906A2(0xc002): irq 10, address ... If I ifconfig from the (s)hell I can set up everything but it complains that status: no carrier. And indeed there is no light whatsoever in the socket. The device works in Ubuntu with the Tigon3 driver, so I suspected it could need some sort of firmware, but this is not the Intel wireless and everything else is supposed to be more or less open. The laptop is listed as working(minus ACPI) as of 4.2 in /i386-laptop.html although its dmesg doesn't quite agree: Broadcom BCM5906M rev 0x02 at pci4 dev 0 function 0 not configured Has anyone managed to get 1330 Ethernet to work? Thank you Works in Oct 15th -current. bge0 at pci4 dev 0 function 0 Broadcom BCM5906M rev 0x02, BCM5906 A2 (0xc002): apic 2 int 17 (irq 10), address 00:1d:09:39:50:49 brgphy0 at bge0 phy 1: BCM5906 10/100baseTX PHY, rev. 0
Re: Serial ATA RAID ctrl on PCI
On Monday 27 October 2008, Mikolaj Kucharski wrote: Hi, I'm looking SATA controller with h/w RAID support which is working on OpenBSD and has: - minimum 4 SATA ports (internal preferably) - Built-in RAID 0, RAID 1, RAID 1+0, RAID 5 - Hot swap (not a must) - PCI bus - large drives support (500GB) - use as RAID and non-RAID controller (not a must) You didn't mention SATA 150 versus SATA 300 (aka SATA 2) ? You didn't mention PCI width (32-bit versus 64-bit) ? You didn't mention PCI speed (33, 66, 100, 133 MHz) ? Attempting Hot-Swap with SATA drives is normally an invitation to disaster. The following are listed as supported on: http://www.openbsd.org/i386.html LSI MegaRAID SATA 150-4(four disk) PCI 64-bit/66 MHz LSI MegaRAID SATA 150-6(six disk) PCI 64-bit/66 MHz LSI MegaRAID SATA 300-4X (four disk) ? LSI MegaRAID SATA 300-4XLP (four disk) ? LSI MegaRAID SATA 300-8X (eight disk) PCI-X 64-bit, 133/100/66 MHz LSI MegaRAID SATA 300-8XLP (eight disk) ? You can get more info on the above from here: http://www.lsi.com/storage_home/products_home/internal_raid/megaraid_sata/index.html For some strange reason LSI is no longer listing the plain 300-4X but it is still listing the 300-4XLP If you have the wild idea of taking a four 500+GB drives and striping them together into a single partition of 2+TB size, realize the sane limit on OpenBSD 4.3 is only 1TB. I remember seeing Marco@ post something about building a 2TB partition, but he's a trained professional and licensed to do crazy stuff :-) -JCR
J.C. Roberts [EMAIL PROTECTED] saiz OpenBSD. --We won't miss you.
SO YOU HUNT DOWN PEOPLE FOR , AFTER I COUNTERFLAME THE FACT OF SOMEONE TELLING ME TO GO TO AN OTHER PROJECT, I WONT REMOVE THE CAPS CAUSE YOU WILL ACKNOWLEDGE THAT NOW YOUR ASKING ME TO PAY OF FUCK OFF. YOUR BITING THE HAND THAT FEEDS YOU I DO TELL MY CUSTOMERS THAT THIS FORUM/PROJECT IS LEGENDARY FOR TROLLING BUT YOUR ABUSE RITE THERE IS BEYOND PUSHER MARKETING. contribute people or hell hunt your down to diss you on the forums git a life neko --- On Tue, 10/28/08, J.C. Roberts [EMAIL PROTECTED] wrote: From: J.C. Roberts [EMAIL PROTECTED] Subject: Re: NTFS EXPERT Read/Write MULTI OS ready to DEPLOY on HIS obsd ? To: misc@openbsd.org Date: Tuesday, October 28, 2008, 7:30 AM On Tuesday 28 October 2008, Neko wrote: i have being using openbsd since 2.6 and contributing, so please read before posting. Liar. http://mlblog.osdir.com/openbsd.tech/2002-10/msg00208.shtml You also took a 5 year long break between 2003 and 2008. You should take another 5 year long break, or even better, take a permanent break from OpenBSD. --We won't miss you. YOU HAVE SERIOUS TROLLING ISSUES Nope. You've been rude to everyone, both on list and off. You have even insulted a number of the developers who gave you OpenBSD, including Theo, Nick Holland, Ted Unangst and others, both on misc@ and [EMAIL PROTECTED] The archives of the mailing lists have plenty of examples of you insulting people and doing nothing more than whining. -JCR
Re: Serial ATA RAID ctrl on PCI
On Mon, Oct 27, 2008 at 11:14:50PM +, Mikolaj Kucharski wrote: Hi, I'm looking SATA controller with h/w RAID support which is working on OpenBSD and has: - minimum 4 SATA ports (internal preferably) - Built-in RAID 0, RAID 1, RAID 1+0, RAID 5 - Hot swap (not a must) - PCI bus - large drives support (500GB) - use as RAID and non-RAID controller (not a must) Have a look at the man -k RAID output. Especially arc(4) and ami(4) are great SATA RAID controllers on OpenBSD. -- :wq Claudio
Re: IBM x3350
I can personally attest that it runs like a clock on VMWare Server as well. Ed I don't know about that, but if it doesn't you can install obsd over vmware esxi and it will work like a charm :) uday On Mon, Oct 27, 2008 at 4:03 PM, Johan Borch [EMAIL PROTECTED] wrote: Hi, I know that there has been a lot of mails about the IBM x-series lately, but is it the same problem with all of them (Adaptec raid)? I couldn't find anything about the x3350 on the lists, anyone knows if that one works with OpenBSD? Regards Johan
Re: J.C. Roberts [EMAIL PROTECTED] saiz OpenBSD. --We won't miss you.
On Tue, Oct 28, 2008 at 05:37:24AM -0700, Neko wrote: SO YOU HUNT DOWN PEOPLE FOR , AFTER I COUNTERFLAME THE FACT OF SOMEONE TELLING ME TO GO TO AN OTHER PROJECT, I WONT REMOVE THE CAPS CAUSE YOU WILL ACKNOWLEDGE THAT NOW YOUR ASKING ME TO PAY OF FUCK OFF. YOUR BITING THE HAND THAT FEEDS YOU I DO TELL MY CUSTOMERS THAT THIS FORUM/PROJECT IS LEGENDARY FOR TROLLING BUT YOUR ABUSE RITE THERE IS BEYOND PUSHER MARKETING. contribute people or hell hunt your down to diss you on the forums git a life [EMAIL PROTECTED]:~$git clone a://life Initialized empty Git repository in /home/oga/life/.git/ fatal: I don't handle protocol 'a' sorry, try again. neko -- You cannot achieve the impossible without attempting the absurd.
Capture serial port output to a file
Problem: OpenBSD 4.2 on i386 Serial port /dev/cua00 connected to the console port on a firewall. I need to catch all text output from the serial port to a file. The process doing this must survive a loss of network. The box is running headless. I have tried simple things like cat and buffer, but these processes exit after one or two lines of output. I need a process that will run until interrupted, and that doesn't need a controlling session. Google searches on this yield a lot of noise about redirecting console output to a serial port. _ OpenBSD is the _only_ operating system that takes security as seriously as it should be taken. Consider the why of OpenBSD's accomplishments. Remove the why and you remove what they accomplished. Use OpenBSD and think like Windows and get Windows security.
Re: Rare ntpd listen * failure
On 2008-10-28, Michael [EMAIL PROTECTED] wrote: This may not be ntpd's fault. I know some people have problems with isakmpd starting up isakmpd is just working fine for me though... isakmpd was changed recently not to bind to a tentative address, you can run into the problem with this if you have custom startup scripts and presumably also on a fast system. http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/isakmpd/virtual.c.diff?r1=1.28;r2=1.29
Re: J.C. Roberts [EMAIL PROTECTED] saiz OpenBSD. --We won't miss you.
Am 28.10.2008 um 13:37 schrieb Neko: Lots of shit written in caps I think it should be clear now that he's just a kid and that we should all just ignore him. He's not worth it wasting any time replying. -- Jonathan [demime 1.01d removed an attachment of type application/pgp-signature which had a name of PGP.sig]
Re: Capture serial port output to a file
echo '@reboot screen -d -m -L /dev/cua00 9600' | crontab - but mind your existing crontab.
Re: J.C. Roberts [EMAIL PROTECTED] saiz OpenBSD. --We won't miss you.
2008/10/28 Owain Ainsworth [EMAIL PROTECTED]: On Tue, Oct 28, 2008 at 05:37:24AM -0700, Neko wrote: git a life [EMAIL PROTECTED]:~$git clone a://life Initialized empty Git repository in /home/oga/life/.git/ fatal: I don't handle protocol 'a' Didn't anyone ever tell you not to run arbitrary commands you read on a mailing list? grin kmw -- Far better is it to dare mighty things, to win glorious triumphs, even if checkered by failure, than to take rank with those poor spirits who neither enjoy much nor suffer much, because they live in the gray twilight that knows not victory or defeat.
Re: J.C. Roberts [EMAIL PROTECTED] saiz OpenBSD. --We won't miss you.
On Tue, Oct 28, 2008 at 05:37:24AM -0700, Neko wrote: [ Lots of all-caps shit that I won't read ] Welcome to /dev/null. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
commercial support - pf/relayd
Hi, just wanted to know if there were any commercial support available for pf/relayd in particular or any other support contract that could include these two components. sincerely, uday
Re: commercial support - pf/relayd
On Tuesday 28 October 2008, uday wrote: Hi, just wanted to know if there were any commercial support available for pf/relayd in particular or any other support contract that could include these two components. sincerely, uday What kind of support are you after? There's a great list of commercial support on the project site: http://www.openbsd.org/support.html It might also be wise to talk to the developers of the specific components you're asking about. You can look them up in cvs. kind regards, jcr
Re: Capture serial port output to a file
On Tue, Oct 28, 2008 at 02:45:07PM +0100, Marc Balmer wrote: I could suggest you run cu in a screen session. I have used cu ... | tee logfile in the past, but there are possibly more elegant solutions Screen can do logging and open windows to serial ports directly by itself (as I mentioned in my other mail). It's been working very reliably for me; some my servers are daisy chained together, and whenever I've had one fail, the one before it has had a log of its output, even after unattended reboots. screen is a gem. A soekris and a serial card and openbsd is an incredible console server for server administration, especially compared to the dedicated hardware ones.
Re: commercial support - pf/relayd
2008/10/28 uday [EMAIL PROTECTED]: Hi, just wanted to know if there were any commercial support available for pf/relayd in particular or any other support contract that could include these two components. Have you looked here? http://www.openbsd.org/support.html You could also try these guys: http://www.genua.de/index.en.html http://www.rayservers.com/consulting (That's just the first two random OpenBSD-literate companiest that do consulting that come to my mind; I haven't had any dealings with them.) You also can't go wrong here: http://www.bsws.de/en/about/contact.shtml (because there you'd end up talking to a programmer who actually wrote a lot of the code). Or maybe make some of the other OpenBSD coders an offer. E.g. Daniel Hartmeier is the initial author of PF (and he has continued to code), and there are quite a few others (and I'm not saying that any of them are better than the others; the guys I'm mentioning here are just the first names that popped into my head). Or ask Peter Hansteen --who wrote a book on PF-- if he is available. Thanks and regards, --ropers
Using OpenBGPD as a route-server
Hi Misc, I am trying to make OpenBGPD work as a route-server for a little hobby project I am working on. As it's very hard to find configuration examples for this usage on the web i have to turn here. What I am trying to achieve: - A route-server acting as a transparent route distributor. - Control by neighbours who their prefixes are announced to, based on communities. Making OpenBGP work as a transparent AS was the easy part. However I'm stuck in the communities control part. How it is supposed to work, my route-server has AS1234 in my test environment. If a neighbour announces: 1. { community 1234:1234 } -- Their prefixes will be announced to EVERY other neighbour. 2. { community 1234:as} -- Their prefixes will ONLY be announced to AS, ie: 1234:8943 will only send the prefixes to AS8943. 3. { community 1234:1234 1234:AS } -- Their prefixes will be announced to every other neighbour EXCEPT AS. I have been able to achieve the first 2 ways the prefix control should work, but I can't manage to get the 3rd to work. Before moving to OpenBGPD I managed to produce the way I want it to work in Quagga but I simply do not want to use that. Would anyone have an idea on how to make OpenBGPD not announce prefixes to specific neighbours if they appear in the 1234:1234 1234:AS list? My configuration: -- AS 1234 router-id 10.0.0.60 fib-update no log updates listen on 10.0.0.60 nexthop qualify via bgp transparent-as yes group peers-rs-v4 { announce IPv4 unicast softreconfig in yes enforce neighbor-as yes neighbor 10.0.0.61 { descr juniperm5 remote-as 65501 announce all passive } neighbor 10.0.0.64 { descr foundryxmr remote-as 65502 announce all passive } neighbor 10.0.0.63 { descr cisco7200 remote-as 65503 announce all passive } } deny from any deny from any prefix 0.0.0.0/0 deny from any prefix 10.0.0.0/8 prefixlen = 8 deny from any prefix 172.16.0.0/12 prefixlen = 12 deny from any prefix { 192.168.0.0/16 169.254.0.0/16 } prefixlen = 16 deny from any prefix 169.254.0.0/16 prefixlen = 32 deny from any community *:* deny to any community *:* # Community 1234:65502 goes to AS65502 allow from any community 1234:65502 allow to 10.0.0.64 community 1234:65502 # Community 1234:1234 goes to everyone allow from any community 1234:1234 allow to any community 1234:1234
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Neko [EMAIL PROTECTED] writes: its shows that some poor trolls here dont own ultraportables with no external drives, and use more than one os alternative. When your machine is a tool, not a toy, you run one operating system, whichever that might be. //art
Re: Capture serial port output to a file
On 2008-10-28, Bruce Bauer [EMAIL PROTECTED] wrote: Problem: OpenBSD 4.2 on i386 Serial port /dev/cua00 connected to the console port on a firewall. I need to catch all text output from the serial port to a file. The process doing this must survive a loss of network. The box is running headless. I have tried simple things like cat and buffer, but these processes exit after one or two lines of output. I need a process that will run until interrupted, and that doesn't need a controlling session. try conserver, it's ideal for this. in ports/packages.
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Neko [EMAIL PROTECTED] writes: its shows that some poor trolls here dont own ultraportables with no external drives, and use more than one os alternative. When your machine is a tool, not a toy, you run one operating system, whichever that might be. //art Art, I have a machine, it is a tool, and it has two operating systems. I want a prize!
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Forgive me for stating the obvious but insulting members of misc@ is not going to get you closer to your goal, Neko. I'm sure that nobody enjoys receiving multiple emails about this issue. So please, for the sake of those of us who don't want to read any more about this situation, let the issue be. 2008/10/28 Neko [EMAIL PROTECTED] IF YOU took time to read PROPERLY Jonathan, the drivers WORKS, BUT ONLY FOR ONE NATIVE ENTRY in the disklabel. but like I WROTE, i structured my bsd system in more THAN ONE native bsd entry ie /usr/local ... IS ON wd0e if i load wd0e i get the proper size, but what's ls on my screen IS THE MAIN ROOT. so get back to your project , ill get back to subsidaries who actually cares about openbsd full market deployment overlordship. enjoy, neko
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
Hahaha, I wanted to say the same thing but figured that this wouldn't be an appropriate venue for a discussion of this nature. But since someone else brought it up, I figure I might as well add my two cents. I currently run Debian and Windows XP on my laptop and I use it as a learning tool (because I am nowhere near a guru unlike many of the people here!). Cheers, Heimdall 2008/10/28 Anton Parol [EMAIL PROTECTED] Neko [EMAIL PROTECTED] writes: its shows that some poor trolls here dont own ultraportables with no external drives, and use more than one os alternative. When your machine is a tool, not a toy, you run one operating system, whichever that might be. //art Art, I have a machine, it is a tool, and it has two operating systems. I want a prize!
Re: PostgreSQL Problems
On Mon, Oct 27, 2008 at 5:19 AM, Simon Connah [EMAIL PROTECTED] wrote: Sorry if this is the wrong list, I debated whether to post it to ports but as it is not a problem with the port itself and is more a user problem (i.e I'm being stupid :)) I thought misc was probably more appropriate. Anyway I've been trying to get PostgreSQL setup on my 4.3 box and I'm not having much luck at all. I've followed the instructions in README.OpenBSD but I think I am missing something very simple here. Any help would be greatly appreciated. Over the weekend I had almost the exact same error. In my case it turns out I had forgotten to kill the running postgres process when running initdb. -B
fjnews11-2008
FUNJET ASSOCIAZIONE SPORTIVA FUNJET www.funjet.it [EMAIL PROTECTED] FJNEWS 11/2008 A.S.D. Funjet di Empoli, in collaborazione con lo staff organizzativo PARAFLIGHT di Massa ed il Comune di Massa, h lieta di presentare l'ultimo importante impegno agonistico della lunga stagione 2008, con l'organizzazione del 10 G.P. PARAFLIGHT MASSA 60 e ultima prova di Campionato Italiano Moto D'acqua Endurance 2008. Le gare si terranno Domenica 2 Novembre nello specchio di mare compreso tra il Circolo Sportivo Balneare Paraflight sito in lungomare Levante a Ronchi e il pontile di Marina di Massa. Sicuramente una gara molto emozionante, che vedr` i piloti, provenienti da tutta Italia affrontarsi in una prova di resistenza molto impegnativa, che prevede 2 manche di 45 minuti ciascuna. Non mancheranno le dimostrazioni di Moto D'Acqua Freestyle con la presenza del Campione Italiano Freestyle Pro 2008 Valerio Calderoni. Questi gli orari della manifestazione: 12.00 Prima manche. 14.30 Esibizione Freestyle. 15.00 Seconda manche. 17.00 Premiazioni. LOCANDINA Continuate a seguirci su www.funjet.it news anticipazioni risultati agonistici gossip e la nuova FUNJET TV (FUNTUBE)...e. www.motodacqua.eu dove h possibile trovare e scaricare le foto in forma originale alla massima definizione di tutte le gare e gli show Funjet. Le news di Funjet.it.Notizie e info dal mondo delle moto d'acqua.Questa news letter viene spedita a circa 15000 mail ai piloti, gli sponsor, testate giornalistiche, aziende del settore, partners, uffici marketing, agenzie pubblicitarie, uffici stampa, televisioni e radio. Le informazioni contenute nella presente comunicazione e relativi allegati possono essere copiati e ritrasmessi con qualsiasi mezzo di comunicazione purchi venga sempre citata la fonte. Per particolari esigenze e o collaborazioni contattare la redazione.
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
On Sun, Oct 26, 2008 at 12:57 AM, Denis Doroshenko [EMAIL PROTECTED] wrote: On Sun, Oct 26, 2008 at 9:10 AM, Matthew Weigel [EMAIL PROTECTED] wrote: Neko wrote: this is the future. people use multiple os on their machine That's actually the past... multibooting seemed way more popular ten years ago than now. I'm going to go out on a limb here, and say that most people - even if their machine is set up to boot multiple systems - really just use one OS per computer. have you done any analysis of statistical data in order to say so? otherwise all those way more popular, most people it is a big IYHO. On the other hand, CIFS/NFS network storage devices are cheap, and people can use them whether they dual boot, or simply have multiple machines on their network. Then too, a lot of people just use boring old thumb drives to store data that all their systems can use. well with NFS i'd agree, in case there is a robust free NFS implementation for MS Windows (haven't looked for that myself, as I don't seem to have NFS storage in my home LAN). MS actually offers one: http://technet.microsoft.com/en-us/interopmigration/bb380242.aspx I've even used it. It works pretty good though it is a bit awkward feeling. -B
generate pgp
I'm trying to generate pgp to use with email. Anyone know a simple how to? or can help me with commandline tool? thanks
Re: generate pgp
Benjamin Adams wrote: I'm trying to generate pgp to use with email. Which mail client? Pine? Alpine? Mutt? Thunderbird? Opera? Anyone know a simple how to? or can help me with commandline tool? thanks http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-3.html http://www.doc.ic.ac.uk/csg/faqs/gpghowto.html see also The GNU Privacy Assistant http://www.openbsd.org/4.3_packages/i386/gpa-0.4.3.tgz-long.html Enigmail http://www.openbsd.org/4.3_packages/i386/enigmail-0.95.5p0.tgz-long.html You can use a RSA key for both signing and encrypting, though may have to add it after the initial key creation as a subkey. regards -Lars
Re: generate pgp
On Tue, 28 Oct 2008 13:44:46 -0400 Benjamin Adams [EMAIL PROTECTED] wrote: I'm trying to generate pgp to use with email. Anyone know a simple how to? or can help me with commandline tool? thanks Hum, generate pgp ? You have GnuPG in the ports tree, and there is a package, so you can just use pkg_add(8) to install it. Then, you may want to generate a key pair, that is a private (secret) and a public key. Both can be generated using the command : gpg --gen-key Once GnuPG is installed you can just read its man page and/or gpg --help You obviously also need to read the excellent documentation that can be found on http://www.gnupg.org/ ; http://www.rossde.com/PGP/ is also a good thing to read (I really like its keyservers list). Regards, Maxime DERCHE PS This is an OpenBSD mailing list, so here we talk about OpenBSD. You may want to read http://www.openbsd.org/mail.html to learn about this list... -- Maxime DERCHE : maxime /at/ mouet-mouet.net | maxime.derche /at/ free.fr http://www.mouet-mouet.net/maxime/blog/index.php
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
On Tue, Oct 28, 2008 at 12:31:14PM -0400, Heimdall Imbert wrote: Hahaha, I wanted to say the same thing but figured that this wouldn't be an appropriate venue for a discussion of this nature. But since someone else brought it up, I figure I might as well add my two cents. I currently run Debian and Windows XP on my laptop and I use it as a learning tool (because I am nowhere near a guru unlike many of the people here!). I am nothing like a guru, and nothing approaching a programmer. I cannot write a simple shell script without rereading parts of man pages to remember how it goes; sometimes I cannot even write a simple XHTML file without consulting the definition at w3.org to remember how it goes. I have never used Windows, I used Linux only briefly, and since then I've used nothing but OpenBSD (except where I have a shell account on a machine that belongs to someone else, and then only remotely). In my opinion OpenBSD is the ultimate learning tool, perhaps largely because of the high quality of its documentation. Also because on mailing lists like this one the developers are willing to tell it straight however the rest of us may react (I view that in itself as a form of generosity). You just have to commit to reading carefully and with patience (mainly towards the gradual accumulation of your own understanding). I think the widespread view that OpenBSD is only, or mainly, for gurus is an unfortunate myth. On the other hand, it may be true that OpenBSD is only, or mainly, for people who are willing to read carefully and patiently, and who understand and accept how OpenBSD is offered to the world for free. I believe that the latter point could be better and more widely understood. cheers, -wb (Who's received his copy of 4.4 late last week, and thanks the developers for another job (predictably) well done.)
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
I understand what you mean. I guess I should have chosen a better word. And my issue isn't that I don't read (I read as much as I can on user forums, I subscribe and read to Debian and OpenBSD mailing distributions and tinker with what I can). Unfortunately, it feels as if some of the things that I work on are trivial in comparison to some of the things that I read on this mailing list. So I guess that, at least in my eyes, you guys are gurus. :P 2008/10/28 William Boshuck [EMAIL PROTECTED] On Tue, Oct 28, 2008 at 12:31:14PM -0400, Heimdall Imbert wrote: Hahaha, I wanted to say the same thing but figured that this wouldn't be an appropriate venue for a discussion of this nature. But since someone else brought it up, I figure I might as well add my two cents. I currently run Debian and Windows XP on my laptop and I use it as a learning tool (because I am nowhere near a guru unlike many of the people here!). I am nothing like a guru, and nothing approaching a programmer. I cannot write a simple shell script without rereading parts of man pages to remember how it goes; sometimes I cannot even write a simple XHTML file without consulting the definition at w3.org to remember how it goes. I have never used Windows, I used Linux only briefly, and since then I've used nothing but OpenBSD (except where I have a shell account on a machine that belongs to someone else, and then only remotely). In my opinion OpenBSD is the ultimate learning tool, perhaps largely because of the high quality of its documentation. Also because on mailing lists like this one the developers are willing to tell it straight however the rest of us may react (I view that in itself as a form of generosity). You just have to commit to reading carefully and with patience (mainly towards the gradual accumulation of your own understanding). I think the widespread view that OpenBSD is only, or mainly, for gurus is an unfortunate myth. On the other hand, it may be true that OpenBSD is only, or mainly, for people who are willing to read carefully and patiently, and who understand and accept how OpenBSD is offered to the world for free. I believe that the latter point could be better and more widely understood. cheers, -wb (Who's received his copy of 4.4 late last week, and thanks the developers for another job (predictably) well done.)
Re: change serial console to display
Dna Tue, Oct 28, 2008 at 04:07:19AM -0700, J.C. Roberts spisal(a) : On Tuesday 28 October 2008, Girish Venkatachalam wrote: On 08:49:13 Oct 28, ico wrote: Hello gents, I did configure my old box with serial console probably 2 y ago. Now I'd like to get it back to normal. I don't have null modem cable available. What needs to be changed? I already tried without success: echo /etc/boot.conf or set tty pc0 but I'm still not able to get login on display. Any suggestions? Your /etc/ttys should have the line: tty00 /usr/libexec/getty std.9600 vt100 on secure -Girish Actually, you've got it backwards. The line you posted is to enable the serial console. The original poster already has serial enabled, but now wants to disable it. The correct line in /etc/ttys would be: tty00 /usr/libexec/getty std.9600 unknown off The details of setup are in the FAQ-7 http://www.openbsd.org/faq/faq7.html#SerCon -JCR Yes sir, I'm reading FAQ first. I know I enabled in /etc/ttys console line, but you know, all I have when it's booting is only few commands. Like echo and set tty and stty. Then it starts booting and my monitor shows me no signal. I'm not sure, how could I modify /etc/ttys to replace existing console line with unknown off. Except maybe mounting disk elsewhere. As you see, I was not very successful with my set tty commands. If it's possible to do it this way it would be great. -- ico
Possible bug in IPSec? (was Packets sent with wrong SPI)
A briefer summary of the problem: Router A has two interfaces: 10.123.0.46/24 and 10.100.0.1/16 Router B has one interface: 10.123.0.48/24 When using manual IPSec keying with a single flow between 10.123.0.46 and 10.123.0.48, it works fine. When I add a flow between 10.100.0.0/16 and 10.123.0.48, traffic from 10.123.0.46 to 10.123.0.48 is encoded with the wrong SPI. The reverse direction is fine. Config files and dmesg are below, in my original message. This appears to be a bug, but what additional information can I provide to help diagnose it? Can anyone else reproduce this? -HKS On Tue, Oct 21, 2008 at 3:13 PM, (private) HKS [EMAIL PROTECTED] wrote: OpenBSD 4.3. I'm trying to get a couple IPSec VPNs up and am running into increasingly bizarre behavior in my test environment. The current issue is that packets are being sent encoded with the wrong SPI. Router A has two interfaces: 10.123.0.46/24 and 10.100.0.1/16. Router B has one interface: 10.123.0.48/24. I can get A and B encrypting traffic between 10.123.0.46 and 10.123.0.48 with no problem, but when I add flows for 10.100.0.0/16 the SPIs start getting mixed up. Specifically, pings from 10.123.0.46 (A) to 10.123.0.48 (B) use the wrong SPII am using manual keying to eliminate isakmpd as a source of other issues (that were probably my fault somehow). The keys are the defaults included in the ipsec.conf example since this is a test environment. Here is router A's ipsec.conf: -- flow esp from 10.123.0.46 to 10.123.0.48 local 10.123.0.46 peer 10.123.0.48 type require esp tunnel from 10.123.0.46 to 10.123.0.48 spi 0x00010002:0x00020001 authkey 0x54f79f479a32814347bb768d3e01b2b58e49ce674ec6e2d327b63408c56ef4e8:0x7f48ee352c626cdc2a731b9d90bd63e29db2a9c683044b70b2f4441521b622d6 enckey 0xb341aa065c3850edd6a61e150d6a5fd3:0xf7795f6bdd697a43a4d28dcf1b79062d flow esp from 10.100.0.0/16 to 10.123.0.48 peer 10.123.0.48 type require esp tunnel from 10.100.0.0/16 to 10.123.0.48 spi 0x00010004:0x00040001 authkey 0x54f79f479a32814347bb768d3e01b2b58e49ce674ec6e2d327b63408c56ef4e8:0x7f48ee352c626cdc2a731b9d90bd63e29db2a9c683044b70b2f4441521b622d6 enckey 0xb341aa065c3850edd6a61e150d6a5fd3:0xf7795f6bdd697a43a4d28dcf1b79062d -- Output from router A's ipsecctl -sa looks like you would expect: -- FLOWS: flow esp in from 10.123.0.48 to 10.100.0.0/16 peer 10.123.0.48 type require flow esp out from 10.100.0.0/16 to 10.123.0.48 peer 10.123.0.48 type require flow esp in from 10.123.0.48 to 10.123.0.46 local 10.123.0.46 peer 10.123.0.48 type require flow esp out from 10.123.0.46 to 10.123.0.48 local 10.123.0.46 peer 10.123.0.48 type require SAD: esp tunnel from 10.123.0.46 to 10.123.0.48 spi 0x00010002 auth hmac-sha2-256 enc aes esp tunnel from 10.100.0.0 to 10.123.0.48 spi 0x00010004 auth hmac-sha2-256 enc aes esp tunnel from 10.123.0.48 to 10.123.0.46 spi 0x00020001 auth hmac-sha2-256 enc aes esp tunnel from 10.123.0.48 to 10.100.0.0 spi 0x00040001 auth hmac-sha2-256 enc aes -- Attempting to ping 10.123.0.48 from 10.123.0.46 gets no response, and tcpdump -i enc0 shows this: -- tcpdump: listening on enc0, link-type ENC 09:15:11.230658 (authentic,confidential): SPI 0x00010004: 10.123.0.46 10.123.0.48: icmp: echo request (encap) 09:15:12.240381 (authentic,confidential): SPI 0x00010004: 10.123.0.46 10.123.0.48: icmp: echo request (encap) 09:15:13.250028 (authentic,confidential): SPI 0x00010004: 10.123.0.46 10.123.0.48: icmp: echo request (encap) 09:15:14.260702 (authentic,confidential): SPI 0x00010004: 10.123.0.46 10.123.0.48: icmp: echo request (encap) -- Which is clearly the wrong SPI. If I try to ping in the reverse direction, B sends its packets with the correct SPI while the replies are encoded for 0x00010004. Removing the subnet lines from ipsec.conf corrects this issue. Is this a bug in IPsec or something I'm doing wrong? Thanks for the help. dmesg follows. -HKS OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz (GenuineIntel 686-class) 2.33 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,DS-CPL real mem = 267939840 (255MB) avail mem = 251031552 (239MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 12/06/06, BIOS32 rev. 0 @ 0xfd880, SMBIOS rev. 2.31 @ 0xe0010 (45 entries) bios0: vendor Phoenix Technologies LTD version 6.00 date 12/06/2006 bios0: VMware, Inc. VMware Virtual Platform apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xfd880/0x780 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries) pcibios0: PCI Interrupt Router at 000:07:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x1000
Re: Serial ATA RAID ctrl on PCI
On Oct 28, 2008, at 5:46 AM, Claudio Jeker wrote: Have a look at the man -k RAID output. Especially arc(4) and ami(4) are great SATA RAID controllers on OpenBSD. Does OpenBSD's arc(4) driver support any method to report RAID status and/or failures? If not, then how is an admin supposed to understand the health of arc supported RAID array?
Re: Serial ATA RAID ctrl on PCI
Did you read the man page for arc(4)? It says right there. On Tue, Oct 28, 2008 at 4:24 PM, Don Jackson [EMAIL PROTECTED] wrote: On Oct 28, 2008, at 5:46 AM, Claudio Jeker wrote: Have a look at the man -k RAID output. Especially arc(4) and ami(4) are great SATA RAID controllers on OpenBSD. Does OpenBSD's arc(4) driver support any method to report RAID status and/or failures? If not, then how is an admin supposed to understand the health of arc supported RAID array?
4.3 won't boot at all on my laptop
Hi, I've got a Toshiba Satellite A60 (that has no floppy. Can only boot from CD). I've burnt the various *.iso files to CD but my laptop doesn't recognise them as bootable but I know whet work. I've begun the installation process on several machines using these disks and they work. I then, took the HDD out of my laptop, installed it into a desktop PC and installed OpenBSD 4.3 on the drive. Before I took the laptop's HHD out of the desktop, I even booted from it to make sure the installation went okay. It did but when I stick the HDD back in the laptop, It just won't boot. No booting from perfectly good CD? No booting from perfectly good installation to HDD? Does anyone know why this might be happening? I've been installing OpenBSD since 2.8 and NEVER seen this. -- View this message in context: http://www.nabble.com/4.3-won%27t-boot-at-all-on-my-laptop-tp20217926p20217926.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: Serial ATA RAID ctrl on PCI
On Oct 28, 2008, at 3:47 PM, Robert Franklin wrote: Did you read the man page for arc(4)? It says right there. I did, and I'm not seeing anything. It does talk about this: -a alarm-function Control the RAID card's alarm functionality, if supported. alarm-function may be one of: disable Disable the alarm on the RAID controller. enable Enable the alarm on the RAID controller. get Retrieve the current alarm state (enabled or disabled). silence | quiet Silence the alarm if it is currently beeping. The alarm-function may be specified as given above, or by the first letter only (e.g. -a e). But this all seems related to turning on/off the beeper, rather than giving me some textual indication of the health of the raid system. If my server is in a colo miles away, the alarm buzzer is not going to be particularly useful to me. Compare this to the ami driver, which states: Logical disk status is exposed under the hw.sensors sysctl(8) and can be monitored using sensorsd(8). For example: $ sysctl hw.sensors.ami0 hw.sensors.ami0.drive0=online (sd0), OK hw.sensors.ami0.drive1=degraded (sd1), WARNING hw.sensors.ami0.drive2=failed (sd2), CRITICAL This exactly the kind of thing I am asking if arc supports, and if it doesn't (which is what I suspect), then IMHO, OpenBSD's support for Areca cards is not as awesome as its support for LSI Megaraid boards On Tue, Oct 28, 2008 at 4:24 PM, Don Jackson [EMAIL PROTECTED] wrote: On Oct 28, 2008, at 5:46 AM, Claudio Jeker wrote: Have a look at the man -k RAID output. Especially arc(4) and ami(4) are great SATA RAID controllers on OpenBSD. Does OpenBSD's arc(4) driver support any method to report RAID status and/or failures? If not, then how is an admin supposed to understand the health of arc supported RAID array?
Re: Serial ATA RAID ctrl on PCI
On Tue, Oct 28, 2008 at 04:26:11PM -0700, Don Jackson wrote: On Oct 28, 2008, at 3:47 PM, Robert Franklin wrote: Did you read the man page for arc(4)? It says right there. I did, and I'm not seeing anything. It does talk about this: -a alarm-function Control the RAID card's alarm functionality, if supported. alarm-function may be one of: disable Disable the alarm on the RAID controller. enable Enable the alarm on the RAID controller. get Retrieve the current alarm state (enabled or disabled). silence | quiet Silence the alarm if it is currently beeping. The alarm-function may be specified as given above, or by the first letter only (e.g. -a e). But this all seems related to turning on/off the beeper, rather than giving me some textual indication of the health of the raid system. If my server is in a colo miles away, the alarm buzzer is not going to be particularly useful to me. Compare this to the ami driver, which states: Logical disk status is exposed under the hw.sensors sysctl(8) and can be monitored using sensorsd(8). For example: $ sysctl hw.sensors.ami0 hw.sensors.ami0.drive0=online (sd0), OK hw.sensors.ami0.drive1=degraded (sd1), WARNING hw.sensors.ami0.drive2=failed (sd2), CRITICAL This exactly the kind of thing I am asking if arc supports, and if it doesn't (which is what I suspect), then IMHO, OpenBSD's support for Areca cards is not as awesome as its support for LSI Megaraid boards Yes, it should work the same as ami/mfi. ie: hw.sensors.arc0.drive0=online (sd0), OK hw.sensors.arc0.drive1=online (sd1), OK hw.sensors.arc0.drive2=online (sd2), OK hw.sensors.arc0.drive3=online (sd3), OK hw.sensors.arc0.drive4=online (sd4), OK hw.sensors.arc0.drive5=online (sd5), OK hw.sensors.arc0.drive6=online (sd6), OK hw.sensors.arc0.drive7=online (sd7), OK hw.sensors.arc0.drive8=online (sd8), OK hw.sensors.arc0.drive9=online (sd9), OK hw.sensors.arc0.drive10=online (sd10), OK If you have an sgpio enabled controller you can toggle LEDs on disk bays etc.
Re: 4.3 won't boot at all on my laptop
On Oct 28, 2008, at 4:11 PM, Stevoid wrote: I've burnt the various *.iso files to CD but my laptop doesn't recognise them as bootable but I know whet work. I've begun the installation process on several machines using these disks and they work. Are you 100% certain you burned the iso as an image, and not as a file? I then, took the HDD out of my laptop, installed it into a desktop PC and installed OpenBSD 4.3 on the drive. Before I took the laptop's HHD out of the desktop, I even booted from it to make sure the installation went okay. It did but when I stick the HDD back in the laptop, It just won't boot. It's hard to help if I don't know what the error is. What is the error? No booting from perfectly good CD? No booting from perfectly good installation to HDD? Different BIOS may have different requirements, read the installboot(8) and biosboot(8) man pages for your architecture. Does anyone know why this might be happening? I've been installing OpenBSD since 2.8 and NEVER seen this. It seems odd, but without better listing of what the hardware is (or is not) doing, no one is going to be much help at all. In 2001/2002 I had a Toshiba Satellite, to get it to boot anything other than Windows I recall having to install Grub to get the system to boot. Toshiba has never been particularly friendly to Open Source OS users.
X not recovering from sleep
Hi misc@ When I resume from a suspend on my IBM ThinkPad X41 using either zzz or closing the lid - X crashes and I'm unable to use Ctrl+Alt+F1 to get to a console to recover - I can ssh into the X41 in this state. It's a fresh install of 4.4 (dmesg below), and I'm running X without an xorg.conf. Can anyone suggest a fix? Thanks Fred -- dmesg follows: OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.60GHz (GenuineIntel 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 real mem = 1600548864 (1526MB) avail mem = 1538166784 (1466MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/14/06, BIOS32 rev. 0 @ 0xfd750, SMBIOS rev. 2.33 @ 0xe0010 (59 entries) bios0: vendor IBM version 74ET61WW (2.06 ) date 03/14/2006 bios0: IBM 2525FAG apm0 at bios0: Power Management spec V1.2 apm0: battery life expectancy 100% apm0: AC on, battery charge high acpi at bios0 function 0x0 not configured pcibios0 at bios0: rev 2.1 @ 0xfd6e0/0x920 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdec0/240 (13 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0xe800! 0xce800/0x1600 0xd/0x1000 0xdc000/0x4000! 0xe/0x1 cpu0 at mainbus0 cpu0: Enhanced SpeedStep 1600 MHz (1116 mV): speeds: 1600, 1500, 1400, 1300, 1200, 1100, 1000, 900, 800, 600 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82915GM Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82915GM Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: aperture at 0xc000, size 0x1000 drm at vga1 unsupported Intel 82915GM Video rev 0x03 at pci0 dev 2 function 1 not configured ppb0 at pci0 dev 28 function 0 Intel 82801FB PCIE rev 0x03: irq 11 pci1 at ppb0 bus 2 bge0 at pci1 dev 0 function 0 Broadcom BCM5751M rev 0x11, BCM5750 B1 (0x4101): irq 11, address 00:16:d3:2f:63:7c brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0 uhci0 at pci0 dev 29 function 0 Intel 82801FB USB rev 0x03: irq 11 uhci1 at pci0 dev 29 function 1 Intel 82801FB USB rev 0x03: irq 11 uhci2 at pci0 dev 29 function 2 Intel 82801FB USB rev 0x03: irq 11 uhci3 at pci0 dev 29 function 3 Intel 82801FB USB rev 0x03: irq 11 ehci0 at pci0 dev 29 function 7 Intel 82801FB USB rev 0x03: irq 11 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb1 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xd3 pci2 at ppb1 bus 4 cbb0 at pci2 dev 0 function 0 Ricoh 5C476 CardBus rev 0x8d: irq 11 sdhc0 at pci2 dev 0 function 1 Ricoh 5C822 SD/MMC rev 0x13: irq 11 sdmmc0 at sdhc0 iwi0 at pci2 dev 2 function 0 Intel PRO/Wireless 2915ABG rev 0x05: irq 11, address 00:16:6f:c1:16:40 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 5 device 0 cacheline 0x0, lattimer 0xb0 pcmcia0 at cardslot0 auich0 at pci0 dev 30 function 2 Intel 82801FB AC97 rev 0x03: irq 11, ICH6 AC97 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 Intel 82801FB Modem rev 0x03 at pci0 dev 30 function 3 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801FBM LPC rev 0x03: PM disabled pciide0 at pci0 dev 31 function 2 Intel 82801FBM SATA rev 0x03: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: HTC426060G9AT00 wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 ichiic0 at pci0 dev 31 function 3 Intel 82801FB SMBus rev 0x03: irq 11 iic0 at ichiic0 spdmem0 at iic0 addr 0x51: 1GB DDR2 SDRAM non-parity PC2-4200CL3 SO-DIMM usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 aps0 at isa0 port 0x1600/31 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 biomask effd netmask effd ttymask mtrr: Pentium Pro MTRR support scsibus0 at sdmmc0: 2 targets, initiator 0 sd0 at scsibus0 targ 1 lun 0: SD/MMC, Drive #01, SCSI2 0/direct fixed sd0: 1947MB, 248 cyl, 255 head, 63 sec, 512 bytes/sec, 3987456 sec total ugen0 at uhub3 port 2
Re: Capture serial port output to a file
screen looks like it will work. I must have missed the other mail. I'm building the port now and will report later. Thanks --- [EMAIL PROTECTED] wrote: From: Jussi Peltola [EMAIL PROTECTED] To: misc@openbsd.org Subject: Re: Capture serial port output to a file Date: Tue, 28 Oct 2008 17:22:54 +0200 On Tue, Oct 28, 2008 at 02:45:07PM +0100, Marc Balmer wrote: I could suggest you run cu in a screen session. I have used cu ... | tee logfile in the past, but there are possibly more elegant solutions Screen can do logging and open windows to serial ports directly by itself (as I mentioned in my other mail). It's been working very reliably for me; some my servers are daisy chained together, and whenever I've had one fail, the one before it has had a log of its output, even after unattended reboots. screen is a gem. A soekris and a serial card and openbsd is an incredible console server for server administration, especially compared to the dedicated hardware ones.
Re: Serial ATA RAID ctrl on PCI
On 2008-10-28, Don Jackson [EMAIL PROTECTED] wrote: On Oct 28, 2008, at 3:47 PM, Robert Franklin wrote: Did you read the man page for arc(4)? It says right there. I did, and I'm not seeing anything. ... arc supports alarm control and monitoring of volumes configured on the controllers via the bio(4) interface and the bioctl(8) utility. ...
Longest Uptime?
I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? Thanks -- View this message in context: http://www.nabble.com/Longest-Uptime--tp20219082p20219082.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: Longest Uptime?
On Oct 29, 2008, at 9:54 AM, new_guy wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? When I built a NAT gateway for home some five years ago (On OpenBSD 3.4), it could go on for more than 580 days without rebooting (though it didn't act as a public mail server), after which point I had a power outage and decided anyway to apply updates more diligently given the hassle it is to upgrade / reinstall a box all the way to the latest version when you let more than one version pass. :) -- Stephane LAPIE Email: [EMAIL PROTECTED] Phone: +81 (0)42 319 5164
Re: Longest Uptime?
On Tue, 28 Oct 2008, new_guy wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across What is your point? Dogs live way longer than that. Just put one in front of your hosting provider and you should be safe for about 15 years. Nice things about dogs is that they don't need rebooting. -- Antoine
Re: Longest Uptime?
On Tue, Oct 28, 2008 at 05:54:12PM -0700, new_guy wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? I think the final word on this was pronounced (perhaps predictably) by Artur Grabowski. http://marc.info/?l=openbsd-miscm=116792821815901w=2 See especially the link in the foregoing message: http://www.blahonga.org/~art/diffs/epenis-enlargement.20060210 -wb
Re: Longest Uptime?
On Tue, Oct 28, 2008 at 8:54 PM, new_guy [EMAIL PROTECTED] wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? Thanks -- View this message in context: http://www.nabble.com/Longest-Uptime--tp20219082p20219082.html Sent from the openbsd user - misc mailing list archive at Nabble.com. Hmm, yeah sure I'll bite. The longest I've seen that I still have a record of (screen shot of the uptime command) was a machine I installed as a firewall for a very important mail server. Please note, I was not in charge of maintaining it, otherwise it would not have reached this uptime, but it was over two years. As far as I could tell (I got onto the box once in a blue moon) it was not hacked, but seeing as all it did was run pf, and only allowed ssh from 2 IP addresses (both I controlled, and were firewalled themselves), that doesn't seem extraordinary. I will type out the uptime/uname command as in the picture: $ uptime 10:54AM up 745 days, 22:36, 0 users, load averages: 0.13, 0.09, 0.08 $ uname -a OpenBSD bassfishing 3.1 GENERIC#0 i386 $ As far as uptimes I don't have records of, a friend of mine has worked on old systems that weren't rebooted because they were afraid it would not boot back up again. One of them pre-internet, I believe it did some financial stuff. However, no proof there. -- Jason
Re: change serial console to display
On Tuesday 28 October 2008, ico wrote: I'm not sure, how could I modify /etc/ttys to replace existing console line with unknown off. Except maybe mounting disk elsewhere. Since you're trying to disable your serial console setup, I'm guessing you have a keyboard and monitor attached now. If you can boot to CD, then it's fairly easy. Just mount / manually from your hard disk {s,w}d0a and then you can edit /etc/ttys -Jon
Re: aterm, rxvt -- memory usage
I would love to see rxvt-unicode in ports, personally. It'd be much more convenient, for me at least. It's definitely my favoured terminal. On Tue, Oct 21, 2008 at 3:18 PM, Jesus Sanchez [EMAIL PROTECTED] wrote: Hi list! I thought it would be great to have rxvt-unicode on the ports tree, so I reopened this thread to see users interest about have rxvt-unicode on OpenBSD as official supported application. -Jesus fulvio ciriaco escribis: From: Arun G Nair [EMAIL PROTECTED] Subject: Re: aterm, rxvt -- memory usage Date: Tue, 22 Apr 2008 22:43:56 +0530 On Mon, Apr 21, 2008 at 11:44 PM, Claer [EMAIL PROTECTED] wrote: I personnaly use unicode rxvt. It's a clone of rxvt that comes with unicode (oh surprising) and with client/server mode to reduce memory usage when you have serveral terms like I used to have. urxvt is also one of the rare terms out there with transparency and whitening the background and not darkening it. Hi, I where can I find urxvt for openbsd ? I can't seem to find it in ports. Am using 4.2. -Arun -- ...Keep Smiling... Hi, I have a working port (in current) for rxvt-unicode. Find it enclosed in the form of a patch file. add urxvt*perl-ext-common: matcher,tabbed,selection-popup,option-popup,searchable-scrollbackM-s,readline to your .Xdefaults to make use of perl add-ons. These are tabs, regexp search in scrollback buffer, readline ... Fulvio diff -rNup rxvt-unicode/Makefile /usr/ports/x11/rxvt-unicode/Makefile --- rxvt-unicode/Makefile Thu Jan 1 01:00:00 1970 +++ /usr/ports/x11/rxvt-unicode/MakefileSun Feb 24 23:12:07 2008 @@ -0,0 +1,38 @@ +# $OpenBSD: Makefile,v 1.38 2008-02-22 fulvio$ + +COMMENT=rxvt based terminal with perl plugin enhancements + +VER= 9.02 +DISTNAME= rxvt-unicode-${VER} +EXTRACT_SUFX= .tar.bz2 + +CATEGORIES=x11 +MASTER_SITES= http://dist.schmorp.de/rxvt-unicode/ + +HOMEPAGE= http://software.schmorp.de/pkg/rxvt-unicode.html + +MAINTAINER=TOBEASSIGNED + +# GPL +PERMIT_PACKAGE_CDROM= Yes +PERMIT_PACKAGE_FTP= Yes +PERMIT_DISTFILES_CDROM= Yes +PERMIT_DISTFILES_FTP= Yes +WANTLIB= X11 Xpm c Xft fontconfig + +USE_X11= Yes +USE_LIBTOOL= Yes +LIBTOOL_FLAGS= --tag=disable-shared +CONFIGURE_STYLE= gnu + +CONFIGURE_ARGS=\ + --enable-perl \ + --enable-smart-resize \ + --enable-xft \ + --enable-font-styles \ + --enable-utmp \ + --enable-wtmp \ + --enable-transparency \ + --enable-rxvt-scroll + +.include bsd.port.mk diff -rNup rxvt-unicode/distinfo /usr/ports/x11/rxvt-unicode/distinfo --- rxvt-unicode/distinfo Thu Jan 1 01:00:00 1970 +++ /usr/ports/x11/rxvt-unicode/distinfoSun Feb 24 22:43:37 2008 @@ -0,0 +1,4 @@ +SHA1 (rxvt-unicode-9.02.tar.bz2) = f58a851ab4bf2da60a926a4885749302e73a92ed +MD5 (rxvt-unicode-9.02.tar.bz2) = f3c4fea3d544a340fa5a1d601ff5f204 +SIZE (rxvt-unicode-9.02.tar.bz2) = 862299 +SHA256 (rxvt-unicode-9.02.tar.bz2) = 234b9a3e3f88c4984b1e909f8028638fc3b61d801d8afaa9cd08154b1a480a31 diff -rNup rxvt-unicode/pkg/DESCR /usr/ports/x11/rxvt-unicode/pkg/DESCR --- rxvt-unicode/pkg/DESCR Thu Jan 1 01:00:00 1970 +++ /usr/ports/x11/rxvt-unicode/pkg/DESCR Sun Feb 24 23:10:47 2008 @@ -0,0 +1,27 @@ +rxvt-unicode is a clone of the well known terminal emulator rxvt. +Its main features (many of them unique) over rxvt are: + +* Stores text in Unicode (either UCS-2 or UCS-4). +* Uses locale-correct input, output and width: as long as your system supports the locale, rxvt-unicode will display correctly. +* Daemon mode: one daemon can open multiple windows on multiple displays, which improves memory usage and startup time considerably. +* Embedded perl, for endless customization and improvement opportunities, such as: + o Tabbed terminal support. + o Regex-driven customisable selection that can properly select shell arguments, urls etc. + o Selection-transformation and option popup menus. + o Automatically transforming the selection once made. + o Incremental scrollback buffer search. + o Automatic URL-underlining and launching. + o Remote pastebin, digital clock, block graphics to ascii filter and whatever you like to implement for yourself. +* Crash-free. At least I try, but rxvt-unicode certainly crashes much less often than rxvt and its many clones, and reproducible bugs get fixed immediately. +* Completely flicker-free. +* Re-wraps long lines instead of splitting or cutting them on resizes. +* Full combining character support (unlike xterm :). +* Multiple fonts supported at the same time: No need to choose between nice japanese and ugly latin, or no japanese and nice latin characters :). +* Supports Xft and core fonts in any combination. +* Can easily be
Re: Longest Uptime?
On Tue, Oct 28, 2008 at 9:21 PM, Jason Crawford [EMAIL PROTECTED] wrote: As far as uptimes I don't have records of I think Art's the final word, but one of the more impressive uptimes I heard about was this vax system in .de or some such. They kept the uptime even across 2 cross-town moves! This was quite a few moons ago. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk This officer's men seem to follow him merely out of idle curiosity. -- Sandhurst officer cadet evaluation. Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0feature=related
Re: Capture serial port output to a file
Marc Balmer wrote: * Bruce Bauer wrote: Problem: OpenBSD 4.2 on i386 Serial port /dev/cua00 connected to the console port on a firewall. I need to catch all text output from the serial port to a file. The process doing this must survive a loss of network. The box is running headless. I could suggest you run cu in a screen session. I have used cu ... | tee logfile in the past, but there are possibly more elegant solutions Not sure it is more elegant, but I mention it just because I was happy to find out about it: script(1). It's in base. Nick.
Re: Longest Uptime?
On Tuesday 28 October 2008, new_guy wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? Thanks We all have embarrassing secrets regarding systems we've failed to properly maintain, but bragging about uptime is just like bragging about the ugliest people you've slept with. Sure, you did it, but that doesn't make it a good idea. (Jon glances lustfully at his ancient but seldom used laptop) -- Jon
file encrypyion
I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm
Prevencion de Fraude
B!100% PrC!ctico! CC3mo Optimizar el Control Interno para la PrevenciC3n de Fraudes Monterrey - 05 de Noviembre\MC)xico, D.F. - 06 de Noviembre\ Guadalajara - 07 de Noviembre Las tareas diarias de los negocios son tan dinC!micas, que se requiere de un excelente control interno que garantice un confiable manejo de todas las operaciones de la empresa. Los fraudes en compras, ventas, cobranzas, inventarios y otras C!reas vulnerables, son riesgos que se viven a diario, situaciC3n por la cual debemos hacernos los siguientes cuestionamientos B?Nuestro sistema de control interno es efectivo? B?Trabajamos para prevenir o para detectar acciones fraudulentas? B?Conocemos las C!reas crC-ticas de nuestra organizaciC3n que requieren controles estrictos? El buen funcionamiento de una organizaciC3n, no sC3lo depende de un excelente sistema de control interno, la auditorC-a periC3dica es una actividad bC!sica para identificar fallas de control y para la detecciC3n de fraudes, sin embargo B?Nuestro personal tiene la experiencia necesaria para desarrollar las funciones de auditorC-a y para detectar y descubrir acciones fraudulentas? B?CC3mo detectar y combatir situaciones sospechosas? B?DC3nde se originan principalmente los fraudes? B?QuC) puede hacer al respecto? Al participar en este exclusivo curso conocerC!: CC3mo diseC1ar un sistema adecuado para eliminar desfalcos en su organizaciC3n. QuiC)nes los realizan y cC3mo se consuman los fraudes en ventas, compras, almacenes e inventarios, tesorerC-a, cobranza y otras C!reas vulnerables de la empresa. CC3mo controlar las famosas bcajas chicasb y los bviC!ticosb que como plaga invaden la empresa y son verdaderas coladeras de dinero que ofrecen oportunidades para realizar gastos personales con dinero de la compaC1C-a. -Solicite un folleto gratuito con la informaciC3n Completa de este seminario Responda este correo con los siguientes datos: Seminario: CC3mo Optimizar el Control Interno para la PrevenciC3n de Fraudes Nombre: Empresa: Puesto: Telefono: Ciudad: O llamenos al 01.800.250.10.20 (Lada sin costo) . Esta invitaciC3n fuC) enviada a: misc@openbsd.org Si no desea e-mails futuros responda nofrau
Re: Longest Uptime?
... From a file I sent the output of uptime and date to a while back... bash-2.04$ cat .days 2:08PM up days, 19:28, 2 users, load averages: 0.11, 0.12, 0.08 Fri Mar 23 14:08:50 PDT 2007 Soon after that the UPS my box was connected to at the ISP died and had to be replaced. It's still a stock 2.8 GENERIC#399 i386 system that has seen many attacks but not a break in. It's not a critical system, only my toy box. While the big uptime was fun I now believe in doing my updates/upgrades and rebooting a little more often. C -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J.C. Roberts Sent: Tuesday, October 28, 2008 7:30 PM To: new_guy Cc: misc@openbsd.org Subject: Re: Longest Uptime? On Tuesday 28 October 2008, new_guy wrote: I know. Longest uptime is silly, macho, pointless stuff... but I ran across an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The only reason it was not an open mail relay is that /var was full. So, I thought to myself, I bet I could run an OpenBSD box for that amount of time or longer without getting hacked and without doing much to it. Just wondering what's the longest OpenBSD uptime some folks on misc have seen? Thanks We all have embarrassing secrets regarding systems we've failed to properly maintain, but bragging about uptime is just like bragging about the ugliest people you've slept with. Sure, you did it, but that doesn't make it a good idea. (Jon glances lustfully at his ancient but seldom used laptop) -- Jon
Re: generate pgp
On 13:44:46 Oct 28, Benjamin Adams wrote: I'm trying to generate pgp to use with email. Anyone know a simple how to? or can help me with commandline tool? thanks I was in the same boat as you several months ago and after a lot of dilly dallying I ended up enabling it in my favorite mail client mutt(1). Actually mutt makes life simple in many ways and PGP is no exception. You have to learn to use a tiny proportion of the vast options that GNU privacy guard offers you. It is typical GNU bloat-ware and has mile long man pages. Anyway please find an excerpt from my muttrc that could get you going assuming that you know how to use mutt already... There are several tiny HOWTOs on the Internet for solving your problem if you google for 'mutt pgp'. Hope this helps. -Girish # My PGP settings # GnuPG commands set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f set pgp_verify_command=gpg --no-verbose --batch --output - --verify %s %f set pgp_decrypt_command=gpg --passphrase-fd 0 --no-verbose --batch --output - %f #set pgp_sign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f set pgp_sign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f set pgp_clearsign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f set pgp_encrypt_only_command=/usr/local/bin/pgpewrap gpg -v --batch --output - --encrypt --encrypt-to 0x48e0da0a --textmode --armor --always-trust -- -r %r -- %f set pgp_encrypt_sign_command=/usr/local/bin/pgpewrap gpg --passphrase-fd 0 -v --batch --output - --encrypt --encrypt-to 0x48e0da0a --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f set pgp_import_command=gpg --no-verbose --import -v %f set pgp_export_command=gpg --no-verbose --export --armor %r set pgp_verify_key_command=gpg --no-verbose --batch --fingerprint --check-sigs %r set pgp_list_pubring_command=gpg --no-verbose --batch --with-colons --list-keys %r set pgp_list_secring_command=gpg --no-verbose --batch --with-colons --list-secret-keys %r set pgp_getkeys_command= set pgp_sign_as=S set pgp_autoinline set pgp_replyinline set crypt_autosign set crypt_replysign set crypt_verify_sig set crypt_autosign
Re: file encrypyion
On Tuesday 28 October 2008, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm Yep, everything you need is already in base. see the openssl(1) man page Encrypting: # openssl enc -des3 -e -in plaintext -out cyphertext Decrypting: # openssl enc -des3 -d -in cyphertext -out plaintext -- Jon
Deploying carp with limited global IPs
In preparing for a possible carp redundacy setup for a client's border router/firewall I have found no information so far as to whether it is possible to have carp working where the link to the ISP is a /30. Every example I have found in presentations and tutorials has used 3 IPs on a typical dual firewall setup. So they assume (all fictional addresses here) something like 4.3.2.1 is the upstream router, with .2 for the $ext_if in unit 1, .3 for $ext_if in unit 2 and .4 for the carp0 in each. With a common enough point-to-point /30 link where upstream is .1 and the firewall is .2, what can we use in hostname.xx0 in each of the firewalls? No more IPs are available from the ISP apart from a routed subnet that is expecting to arrive via .2. References to the documentation that did not surface in my searches would be appreciated. Thanks, Rod/ (PS It is going to get worse: There will be two IPv4 links and a combined IPv4/IPv6 link.) *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Re: file encrypyion
On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. I use: openssl aes-256-cbc -a -e -salt -in file -out file.aes and to decrypt: openssl aes-256-cbc -a -d -salt -in file.aes -out file I'll be interested in what others use or comments on what I use. Doug.
Re: file encrypyion
http://www.openbsd.org/cgi-bin/man.cgi?query=vnconfigapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm
Re: file encrypyion
On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm Assuming you have a public key for '[EMAIL PROTECTED]' and corresponding private key to decrypt. Use this as a 'quick and dirty' example. Openssl can probably be substituted for gpg. cd / sudo tar cf - $(find . -maxdepth 1 ! -name './tmp' ! -name '.') 2/dev/null | gpg -r [EMAIL PROTECTED] | ssh somehost dd of=/space/obsd-kvm.`date +%`
Re: Deploying carp with limited global IPs
I've used the following for a while (naturally this assumes that the ISP link is delivered via some shared medium and not a point-to-point link) /etc/hostname.xxx0: up description to ISP /etc/hostname.carp0: inet 192.168.1.2 255.255.255.252 192.168.1.3 vhid 1 carpdev xxx0 -Steve S. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rod Whitworth Sent: Tuesday, October 28, 2008 11:49 PM To: Miscellaneous OBSD Subject: Deploying carp with limited global IPs In preparing for a possible carp redundacy setup for a client's border router/firewall I have found no information so far as to whether it is possible to have carp working where the link to the ISP is a /30. Every example I have found in presentations and tutorials has used 3 IPs on a typical dual firewall setup. So they assume (all fictional addresses here) something like 4.3.2.1 is the upstream router, with .2 for the $ext_if in unit 1, .3 for $ext_if in unit 2 and .4 for the carp0 in each. With a common enough point-to-point /30 link where upstream is .1 and the firewall is .2, what can we use in hostname.xx0 in each of the firewalls? No more IPs are available from the ISP apart from a routed subnet that is expecting to arrive via .2.
Re: file encrypyion
A backup scheme that increases the size of the backed up file isn't very efficient. On Oct 28, 2008, at 9:02 PM, Tomas Bodzar [EMAIL PROTECTED] wrote: http://www.openbsd.org/cgi-bin/man.cgi?query=vnconfigapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm
Re: file encrypyion
On Tue, Oct 28, 2008 at 11:04:34PM -0500, John Jackson wrote: On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm Assuming you have a public key for '[EMAIL PROTECTED]' and corresponding private key to decrypt. Use this as a 'quick and dirty' example. Openssl can probably be substituted for gpg. Forgot the trailing double-quote below. cd / sudo tar cf - $(find . -maxdepth 1 ! -name './tmp' ! -name '.') 2/dev/null | gpg -r [EMAIL PROTECTED] | ssh somehost dd of=/space/obsd-kvm.`date +%`
Re: file encrypyion
On 15:48:25 Oct 29, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. In case you are not averse to entering passwords everytime you mount then mount_vnd(8) works. Just follow the instructions in the man page carefully. Not at all hard to get it working. Much cleaner than OpenSSL or GPG as the whole file system is encrypted. -Girish
Re: file encrypyion
On 29/10/2008, at 4:42 PM, J.C. Roberts wrote: On Tuesday 28 October 2008, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm Yep, everything you need is already in base. see the openssl(1) man page Encrypting: # openssl enc -des3 -e -in plaintext -out cyphertext Decrypting: # openssl enc -des3 -d -in cyphertext -out plaintext Thank you, this is exactly what I'm looking for. I had a feeling in my bones there was something like this, but on this day neither google nor apropos were my friend (although if I had spelt crypt correctly, apropos would have - sorry for the noise). And I really didnt want to go the gpg path. Once again, Thanks. paulm
Re: file encrypyion
On Tue, Oct 28, 2008 at 11:04:34PM -0500, John Jackson wrote: On Wed, Oct 29, 2008 at 03:48:25PM +1300, Paul M wrote: I'm looking for a way to encrypy backup files for secure storage. Gpg is an obvious candidate, but I'm wondering if there's anything in base, perhaps a creative use of ssh or some other tool, though not something liable to break, obviously. Any thoughts would be much appreciated. paulm Assuming you have a public key for '[EMAIL PROTECTED]' and corresponding private key to decrypt. Use this as a 'quick and dirty' example. Openssl can probably be substituted for gpg. cd / sudo tar cf - $(find . -maxdepth 1 ! -name './tmp' ! -name '.') 2/dev/null | gpg -r [EMAIL PROTECTED] | ssh somehost dd of=/space/obsd-kvm.`date +%` Would be helpful to add a decent extension: cd / sudo tar cf - $(find . -maxdepth 1 ! -name './tmp' ! -name '.') 2/dev/null | gpg -r [EMAIL PROTECTED] | ssh somehost dd of=/space/obsd-kvm.`date +%F`.tar
Looking for EeePC 701
Hi Folks, We want to add USB BULK support for UVC devices in our uvideo(4) driver. There are not that many UVC devices around which do BULK transfers, but the advantage would be that BULK transfers are working a bit more stable than our current ISOC implementation and we could do some further testing. One device which I know for sure that has a built-in BULK cabable device is the EeePC 701. If somebody would be willing to donate such a device to me, please contact me off-list. Thanks. Regards, Marcus -- [ Marcus Glocker, [EMAIL PROTECTED], [EMAIL PROTECTED] ]