Re: The rant about browsers

2014-08-24 Thread Mihai Popescu 
 ok, how do I put this nicely...
 To run a modern browser, you need a modern computer.  1.5GB RAM and a
 celeron processor doesn't cut it.

 Nick

Moving towards a modern computers one will have problems with
supported hardware. Maybe some desktops are ok, but what can you do
about laptops. There is no documentation and manufactures are pushing
all kinds of crazy shits like fake RAID, UEFI, ACPI, etc. New software
is pressing for new hardware too.
There is a stupid movement for browsers too: W3C approves and is
trying to make a strandard for any shit you can bring inside a
browser. Developers are following - who would want users to leave
because X browser doesn't support Y feature. This rush has only
one 'benefit', more money for harware manufacturers' pockets. I let
the people with more experience to anticipate and describe the future.

Thanks.

Re: OpenBSD 5.5-STABLE: Full Disk Encryption (bioctl) and Smard Cards

2014-08-24 Thread Alexander Hall 
On August 23, 2014 6:26:04 PM CEST, Артур Истомин art.is...@yandex.ru wrote:
On Sat, Aug 23, 2014 at 02:09:20PM +0200, Alexander Hall wrote:
 
 
 On August 23, 2014 4:33:55 AM CEST, Артур Истомин
art.is...@yandex.ru wrote:
 On Fri, Aug 22, 2014 at 04:03:59PM -0700, Zach Leslie wrote:
   However, I don't know how it is seen by the system and if it
would
   show up as a drive. Anyone in here is using a smart card to
decrypt
   volumes at boot?
  
  You could use a YubiKey with a static long password to unlock the
 boot
  volume.
 
 [offtop]
 
 Are there any YubiKey-like devices that can contain many static
 password, not one like YubiKey?
 
 Not sure it helps, but mine contains two...

I
t helps! I need one for login password and second for firefox's
password
manager. Which model do you use?

I don't actively use it, and I don't remember exactly, but it should be 
available from their list of models and datasheets...

Re: Postfix and SASL authentication.

2014-08-24 Thread giacomo 
Hi.
Here there are other informations about the configuration of mail system.

1. The mail system use virtual users.
2. The postfix main.cf is:

# Enable SASL authentication in the Postfix SMTP server
smtpd_sasl_auth_enable = yes
# Postfix 2.3 and later
#smtpd_sasl_path = smtpd
# Only accept mail from trusted networks, authenticated clients or mail 
with
# a 'RCPT TO' address that Postfix is forwarder or final destination for
smtpd_recipient_restrictions = permit_mynetworks, 
permit_sasl_authenticated, 
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_invalid_hostname,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauth_destination,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client combined.njabl.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit
# Enable inter-operability with old SMTP clients
broken_sasl_auth_clients = yes
# Name of the Postfix SMTP server's local SASL authentication realm
smtpd_sasl_local_domain = $mydomain
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
#smtpd_sasl_security_options = noanonymous
smtpd_sasl_security_options =
# Quota e delivery
virtual_transport = qdeliver
qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1 

3. The master.cf is:

smtps inet  n   -   -   -   -   smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

4. The /var/local/lib/sasl2/smtpd.conf is:

pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
#authdaemond_path: /var/sasl2/socket
authdaemond_path: /var/run/courier-auth/socket
log_level: 7

Thanks.

Luciano.

On 22.08.14, 16:23, giacomo wrote:
 Hello everyone.
 I recently created a mail server based on Postfix with MySQL and
 SASL authentication and TLS. I have problems to use authentication
 SASL. The errors are:
 
 telnet 192.168.1.242 25
 Trying 192.168.1.242...
 Connected to 192.168.1.242.
 Escape character is '^]'.
 220 mail2.domain.com ESMTP Postfix
 ehlo tin.it
 250-mail2.domain.com
 250-PIPELINING
 250-SIZE 1024
 250-VRFY
 250-ETRN
 250-STARTTLS
 250-AUTH PLAIN LOGIN
 250-AUTH=PLAIN LOGIN
 250-ENHANCEDSTATUSCODES
 250-8BITMIME
 250 DSN
 AUTH PLAIN AGQubGlzYWlhQGdydXBwb2lzaWwuY29tAGxpc2FpYQ==
 535 5.7.8 Error: authentication failed: generic failure
 
 /var/maillog
 
 Jul  5 23:11:19 mail2 postfix/smtpd[3717]:
 warning: SASL authentication failure: could not verify password
 Jul  5 23:11:19 mail2 postfix/smtpd[3717]:
 warning: SASL authentication failure: Password verification failed
 Jul  5 23:11:19 mail2 postfix/smtpd[3717]:
 warning: unknown[192.168.1.248]:
 SASL PLAIN authentication failed: generic failure
 
 System OpenBSD v. 5.5
 
 Packages:
 
 courier-authlib-0.65.0p2
 courier-authlib-mysql-0.65.0p5
 courier-imap-4.13p0
 courier-pop3-4.13p0
 cyrus-sasl-2.1.26p10-mysql
 mysql-client-5.1.73v0
 mysql-server-5.1.73v0
 
 Port:
 postfix-2.12.20140109-sasl2-mysql (compilated to enable SASL e MySQL)
 
 In the old version of OpenBSD it seam to work.
 
 Any suggestions?
 
 Thanks.
 
 
 -- 
 Isaia Luciano
 --
 Le informazioni contenute nella presente e-mail e nei documenti/files
 eventualmente allegati sono confidenziali. Essi  sono riservati
 esclusivamente al destinatario della stessa. La loro eventuale
 comunicazione, diffusione o, comunque, rivelazione a terzi, nonche' la
 copiatura e/o conservazione e' vietata. Se avete ricevuto questa e-mail per
 errore, Vi preghiamo cortesemente di informare immediatamente il mittente
 della stessa e di distruggerla o, comunque, cancellarla dal Vostro sistema.
 
 This e-mail contains confidential and/or privileged information. If you are
 not the intended recipient (or have received this e-mail in error), please
 notify the sender immediately and destroy this e-mail. Any unauthorised

5.5 panic in ffs_blkfree

2014-08-24 Thread Roger Hammerstein 
sorry, i could not get the panic string

ddb{3} trace
Debugger() at Debugger+0x5
panic() at panic+0xee
ffs_blkfree() at ffs_blkfree+0x717
ffs_indirtrunc() at ffs_indirtrunc+0x2ac
ffs_indirtrunc() at ffs_indirtrunc+0x28e
ffs_truncate() at ffs_truncate+0xb45
ufs_inactive() at ufs_inactive+0x109
VOP_INACTIVE() at VOP_INACTIVE+0x28
vput() at vput+0x3e
ufs_rename() at ufs_rename+0xdb0
VOP_RENAME() at VOP_RENAME+0x3b
dorenameat() at dorenameat+0x249
syscall() at syscall+0x24f
--- syscall (number 128) ---
end trace frame: 0x0, count: -13
0xe66317e083a:
ddb{3}


dell  r310, dns server with isc-bind port rotatinglogs on /var,  no
softupdates.





OpenBSD  5.5 GENERIC.MP#315 amd64
OpenBSD 5.5 (GENERIC.MP) #315: Wed Mar  5 09:37:46 MST 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 17153232896 (16358MB)
avail mem = 16688005120 (15914MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xbf79c000 (66 entries)
bios0: vendor Dell Inc. version 1.6.4 date 03/03/2011
bios0: Dell Inc. PowerEdge R310