Lewman interview
Andrew Lewman of the Tor Project gave an interview to the BBC here: http://www.bbc.co.uk/news/technology-28886465 Regards Moss
Re: Postfix and SASL authentication.
On 2014-08-24 Sun 18:44 PM |, giacomo wrote: Hi. Here there are other informations about the configuration of mail system. 1. The mail system use virtual users. 2. The postfix main.cf is: # Enable SASL authentication in the Postfix SMTP server smtpd_sasl_auth_enable = yes # Postfix 2.3 and later #smtpd_sasl_path = smtpd # Only accept mail from trusted networks, authenticated clients or mail with # a 'RCPT TO' address that Postfix is forwarder or final destination for smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, DSBL is GONE and highly unlikely to return. Please remove it from your mail server configuration. ( 03/09/2009 http://dsbl.org/) reject_rbl_client sbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, The blacklists on the easynet.nl domain discontinued on 1/12/2003 (http://vamsoft.com/company/news/easynet-nl-blacklists-discontinued) reject_rbl_client combined.njabl.org, njabl.org OFFLINE since 1/3/2013 (http://www.dnsbl.info/dnsbl-njabl-org.php) reject_rbl_client dul.dnsbl.sorbs.net, permit Join the Postfix users mailing list (http://www.postfix.org/lists.html) Send them a problem description the output of both: $ postconf -nf $ postconf -Mf Sorry I can help further as I don't use SSL with SMTP as it can't be enforced throughout a message's life - therefore I consider it a false sense of security.
Re: 5.5 panic in ffs_blkfree
you can go show panic in ddb if you werent watching the console for the panic
string.
On 25 Aug 2014, at 4:39 am, Roger Hammerstein cheek...@live.com wrote:
sorry, i could not get the panic string
ddb{3} trace
Debugger() at Debugger+0x5
panic() at panic+0xee
ffs_blkfree() at ffs_blkfree+0x717
ffs_indirtrunc() at ffs_indirtrunc+0x2ac
ffs_indirtrunc() at ffs_indirtrunc+0x28e
ffs_truncate() at ffs_truncate+0xb45
ufs_inactive() at ufs_inactive+0x109
VOP_INACTIVE() at VOP_INACTIVE+0x28
vput() at vput+0x3e
ufs_rename() at ufs_rename+0xdb0
VOP_RENAME() at VOP_RENAME+0x3b
dorenameat() at dorenameat+0x249
syscall() at syscall+0x24f
--- syscall (number 128) ---
end trace frame: 0x0, count: -13
0xe66317e083a:
ddb{3}
dell r310, dns server with isc-bind port rotatinglogs on /var, no
softupdates.
OpenBSD 5.5 GENERIC.MP#315 amd64
OpenBSD 5.5 (GENERIC.MP) #315: Wed Mar 5 09:37:46 MST 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 17153232896 (16358MB)
avail mem = 16688005120 (15914MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xbf79c000 (66 entries)
bios0: vendor Dell Inc. version 1.6.4 date 03/03/2011
bios0: Dell Inc. PowerEdge R310
Re: The rant about browsers
Hi, a rant about browser is almost justified, they are currently the among the worst piece of software installed on your computer. Unfortuantely, with today's Cloud IT scenario, also quite necessary. Most people wrote that it is a memory/CPU issue. The CPU is at most a problem of speed with very complex pages, with lots of AJAX and stuff (or well if you try video). The rest is RAM. Browsers seem to throw it away. Let me share my experience with you. First of all: I use professionally Browsers on windows 7, all the day, usually two/three browsers, dozens of tabs and lots of heavy pages with javascrit/ajax although usually no plugins (flash, etc). They rarely crash, really. Also RAM usage is high, but settles for me around 1.5G even with lots of tabs. Rarely it passes the 2.5G mark (note though: no videos, audio... just using cloud apps all day). On 2014-08-23 16:31:01 +0200 Gregory Edigarov ediga...@qarea.com wrote: I tried: Firefox - bad, bad, bad. It fails 1000 times a day. That's strange. I use Firefox on NetBSD, Mac 10.4 and on Windows 7 and it is a fairly decent browser, although the latest revisions (especially the new interface) . I find it reasonably stable on NetBSD Chromium - it is better, in terms. Yes, it will not fail on the plain place (it is a Russian idiom, which means 'from nothing' or 'from no reason one can observe'), but left for some time it starts to be so slow... was forced to stay away from it too. but after all it is the only browser under OpenBSD that have a working lastpass plugin. (and I need lastpass, if I want to share my passwords between home and job computers) I don't touch it with a pole, it comes from Google and I hate its interface too. Seamonkey - potentially good project. but suffers from the same problems like firefox. although it is fails much much less, the frequency is still unacceptable for me. That is my daily bread browser. I have it on: 1) windows 7, every day for work, 9 hours a day, stable as a rock 2) windows XP, only 1G of ram, for personal browsing, it works well, very well... never crashes and I can even watch YouTube videos, chec Yahoo Mail, Google mail... 3) OpenBSD and FreeBSD the OpenBSD and FreeBSD don't have plugins... but I too get more crashes, even if the machine is lower-spec than the obsolete windows XP machine! They crash on me say every second or third day. I don't think it is openbsd specific, but I may be wrong. If, at least, there are issues with other BSD cousins as well. I know, I should write to upstream mailing lists of the projects I've mentioned above, but before that, I want to know if somebody else is suffering such problems and I am still sure maintatiners of the corresponding ports will do it better than me if they find it is a problem. which problems? besides getting crashes how do you distinguish the different problems? Do you check the core files? I can tell for sure that on OpenBSD and FreeBSD (but linux is not so much better, although i didn't count it in because I have the flash plugin under linux) I have more troubles than on Windows, even Windows XP with 1G of RAM... Do the browsers consume more ram on Unix than on windows? are certain components less stable? I do wonder. I'm on holidays so i don't have access to OpenBSD, but I tried to start seamonkey on Windows XP and FreeBSD: just seamonkey homepage loaded: WinXP: 93.3MB, FreeBSD: 186M (112M res) second tab with google mail open: WinXp 154M, FreeBSD: 314M (224M Res) third tab with my blog open (*): WinXP 221M, FreeBSD: 338M (251M Res) Wow, on FreeBSD (O need to do an OpenBSD and Linux comparison as soon as possible) memory goes away like butter! now I close gmail and the empty tab, just leaving my blog open: WinXP 215M, FreeBSD 331 (248M res) now I hit the homepage button and should be back at the beginning, I wait for it to settle a bit: WinXP: 143M, FreeBSD 318M (237 res) As a further note, in this state top tells me there are 29 threads open! I'm shocked. I'll do further test, there seem to be leaks everywhere, however for some reason on FreeBSD Ram usage is almost twice as high sometimes... so clearly RAM limits get hit earlier. (*) http://multixden.blogspot.com Riccardo
Re: The rant about browsers
On Mon, Aug 25, 2014 at 8:03 AM, Riccardo Mottola riccardo.mott...@libero.it wrote: Attempting to translate because apparently I enjoy pain... Basically you are saying Windoze XP/7 whatever rock? - Sent from my truly ancient AMD modem via an apparently defective Chromium browser Oh crap it's gonna crash... *poof* j/k
Re: The rant about browsers
Hi, Todd Zimmermann wrote: On Mon, Aug 25, 2014 at 8:03 AM, Riccardo Mottola riccardo.mott...@libero.it wrote: Attempting to translate because apparently I enjoy pain... Basically you are saying Windoze XP/7 whatever rock? - Sent from my truly ancient AMD modem via an apparently defective Chromium browser Oh crap it's gonna crash... *poof* j/k I feel your sarcasm, but really if it comes to browser stability and resource usage, then yes... Windows XP/7 are better than my Unix boxen! I'm not speaking about anything else, nor do I say browsing is impossible on BSD. I just make a comparison being a heavy day-work browser user. Riccaardo
Re: The rant about browsers
I feel your sarcasm, but really if it comes to browser stability and resource usage, then yes... Windows XP/7 are better than my Unix boxen! I'm not speaking about anything else, nor do I say browsing is impossible on BSD. I just make a comparison being a heavy day-work browser user. Go to Windows only then, it is a simple choice. You make me laugh: you don't touch Chromium because it is from Google, but you are using Gmail! Show me your study about browsers' stability and resources usage on OSes, please. No, the fact that you are a heavy user doesn't count!
Bad performance with re(4)
Hi friends, I'm experiencing really poor network performance via the Realtek 8101E (re) Ethernet card on my HP Mini 110. Using the default setting of tcpbench I'm getting an average Mbps of 0.172 versus a compatible machine (Asus Eee PC (alc)) where I'm getting 92.690 Mbps. I suspect this class of card might just not be supported very well or perhaps is just a big smelly meatball but I figured I'd ask in case someone has run into similar problems with this NIC. Any suggestions? OpenBSD 5.6-current (GENERIC.MP) #344: Sun Aug 24 16:18:23 MDT 2014 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error 80clock_battery real mem = 1044639744 (996MB) avail mem = 1008156672 (961MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe6c10 (20 entries) bios0: vendor Hewlett-Packard version F.15 date 01/14/2011 bios0: Hewlett-Packard HP Mini 110-3000 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP HPET APIC MCFG SLIC BOOT SSDT SSDT SSDT WDAT acpi0: wakeup devices PWRB(S4) LID0(S4) P32_(S4) UHC1(S3) UHC2(S3) ECHI(S3) EXP1(S4) PXSX(S4) EXP2(S4) AZAL(S4) MODM(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Atom(TM) CPU N450 @ 1.66GHz, 1662.99 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF cpu0: 512KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges cpu0: apic clock running at 166MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.0.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Atom(TM) CPU N450 @ 1.66GHz, 1662.68 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF cpu1: 512KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 3 (P32_) acpiprt2 at acpi0: bus 1 (EXP1) acpiprt3 at acpi0: bus 2 (EXP2) acpiec0 at acpi0 acpicpu0 at acpi0: C2, C1, PSS acpicpu1 at acpi0: C2, C1, PSS acpipwrres0 at acpi0: FN00 acpitz0 at acpi0: critical temperature is 87 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: LID0 acpibat0 at acpi0: BAT0 not present acpiac0 at acpi0: AC unit online acpivideo0 at acpi0: OVGA acpivout0 at acpivideo0: DD02 cpu0: Enhanced SpeedStep 1662 MHz: speeds: 1666, 1333, 1000 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Pineview DMI rev 0x00 vga1 at pci0 dev 2 function 0 Intel Pineview Video rev 0x00 intagp0 at vga1 agp0 at intagp0: aperture at 0x4000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x600 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel Pineview Video rev 0x00 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi azalia0: codecs: IDT/0x7667 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: msi pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x04: RTL8401E (0x2400), msi, address 00:21:cc:50:2e:32 rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1 vendor Realtek, unknown product 0x5288 (class undefined unknown subclass 0x00, rev 0x01) at pci1 dev 0 function 1 not configured ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: msi pci2 at ppb1 bus 2 athn0 at pci2 dev 0 function 0 Atheros AR9285 rev 0x01: apic 4 int 17 athn0: AR9285 rev 2 (1T1R), ROM rev 13, address 00:25:d3:d1:37:16 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 4 int 16 uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 4 int 18 uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 4 int 17 uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 4 int 19 ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 4 int 16 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci3 at ppb2 bus 3 pcib0 at pci0 dev 31 function 0 Intel NM10 LPC rev 0x02 ahci0 at pci0 dev 31 function 2 Intel 82801GR AHCI rev 0x02: msi, AHCI 1.1 scsibus1 at ahci0: 32 targets sd0 at scsibus1 targ 0 lun 0: ATA, WDC WD1600BEVT-2, 01.0 SCSI3 0/direct fixed naa.50014ee2af635574 sd0: 152627MB, 512 bytes/sector, 312581808 sectors ichiic0 at pci0 dev 31 function 3 Intel 82801GB SMBus rev 0x02: apic 4 int 17 iic0 at ichiic0
Re: The rant about browsers
On Monday, August 25, 2014 5:08:36 PM Mihai Popescu wrote: I feel your sarcasm, but really if it comes to browser stability and resource usage, then yes... Windows XP/7 are better than my Unix boxen! I'm not speaking about anything else, nor do I say browsing is impossible on BSD. I just make a comparison being a heavy day-work browser user. Go to Windows only then, it is a simple choice. You make me laugh: you don't touch Chromium because it is from Google, but you are using Gmail! Show me your study about browsers' stability and resources usage on OSes, please. No, the fact that you are a heavy user doesn't count! Actually, I can somewhat understand his reaction. Let's not be so quick to judge here. Yes, many windows-primary web browsers -DO- seem to be less-than-capable under Unix. However, is that a problem with Unix? Or is that a problem with the browsers being -first developed- for Windows, and then ported to the other OSs. There are also more restrictions on UNIX than on Windows, so when you - do- exceed the limits on UNIX, apps misbehave because they aren't expecting to be told No. You can't have more RAM because on Windows, they ask for more RAM, they get more RAM. Now, does this mean that windows is better? No. Not really. What it means is, those browsers are not written with limits in mind. What needs to be done is find the leaks and patch the leaks.. OR use browsers that are lighter and/or smarter about their memory usage. For example, even the KDE browser: konqueror, seems to work MUCH faster and lighter on my older laptop, than do either Firefox OR Chromium. This isn't to brag or say KDE is awesome and everything else sucks.. It's more to prove a point. Many mainstream browsers simply require more cpu and RAM than they really should, especially on older systems. The problem isn't with the OS. It's with the apps and with the limits that the user has defined.. The default limits in OpenBSD are great for servers, but for desktop usage and to run modern browsers (among other heavy apps) you need to jack up the limits quite a bit. Just my $0.02USD Chuck Burns
Re: Postfix and SASL authentication.
On 25.08.14, 10:06, Craig R. Skinner wrote: DSBL is GONE and highly unlikely to return. Please remove it from your mail server configuration. ( 03/09/2009 http://dsbl.org/) reject_rbl_client sbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, The blacklists on the easynet.nl domain discontinued on 1/12/2003 (http://vamsoft.com/company/news/easynet-nl-blacklists-discontinued) reject_rbl_client combined.njabl.org, njabl.org OFFLINE since 1/3/2013 (http://www.dnsbl.info/dnsbl-njabl-org.php) reject_rbl_client dul.dnsbl.sorbs.net, permit Join the Postfix users mailing list (http://www.postfix.org/lists.html) OK! I'm sorry but I found this option on an old configuration. I delete them. Send them a problem description the output of both: $ postconf -nf alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id sleep 5 header_checks = pcre:/etc/postfix/header_checks html_directory = /usr/local/share/doc/postfix/html inet_interfaces = all inet_protocols = all mail_owner = _postfix mailq_path = /usr/local/sbin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = domain.com myhostname = mail2.domain.com mynetworks = 127.0.0.0/8, 192.168.1.0/24, 192.168.3.0/24 myorigin = $myhostname newaliases_path = /usr/local/sbin/newaliases qdeliver_destination_concurrency_limit = 1 qdeliver_destination_recipient_limit = 1 queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix/readme relay_domains = $mydestination sample_directory = /etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = _postdrop smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtpd_banner = $myhostname ESMTP $mail_name smtpd_milters = unix:/var/spool/postfix/var/run/milter-spamd/spamd.sock unix:/var/spool/postfix/var/run/milter-clamav/clamav.sock smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination, reject_rbl_client bl.spamcop.net, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client combined.njabl.org, reject_rbl_client dul.dnsbl.sorbs.net, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_security_options = smtpd_tls_CAfile = /etc/ssl/ca.crt smtpd_tls_cert_file = /etc/postfix/ssl/server.crt smtpd_tls_key_file = /etc/postfix/ssl/private/server.key smtpd_tls_loglevel = 1 smtpd_tls_security_level = may tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:2000 virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf virtual_minimum_uid = 2000 virtual_transport = qdeliver virtual_uid_maps = static:2000 $ postconf -Mf smtp inet n - n - - smtpd smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING pickup unix n - - 60 1 pickup cleanupunix n - - - 0 cleanup qmgr unix n - - 300 1 qmgr tlsmgr unix - - - 1000? 1 tlsmgr rewriteunix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp
How to log in automatically to GUI?
I installed an OpenBSD desktop and in the /etc: rc.conf.local:xdm_flags=# enabled during install How can I set the automatic login for a user without prompting for password? Many thanks!
Did anyone tried WPAWPA2 Enterprise / LEAP on OpenBSD 5.5?
How can I configure (via console, not using GUI) on OpenBSD to connect to a WPAWPA2 Enterprise / LEAP wireless connection? Does anybody has any scripts for this?
Re: Did anyone tried WPAWPA2 Enterprise / LEAP on OpenBSD 5.5?
On Mon, 25 Aug 2014 21:58:58 +0200 somelooser3...@hushmail.com wrote:
How can I configure (via console, not using GUI) on OpenBSD to connect
to a
WPAWPA2 Enterprise / LEAP
wireless connection? Does anybody has any scripts for this?
echo -n 'setting up wlan: '
ifconfig iwn0 scan |sed -nEe 's/^[[:space:]]*nwid ?([^]*)?
chan .*$/\1/p' | \ while read nwid
do
case $nwid in
eduroam)
echo $nwid.
route delete default
ifconfig iwn0 inet -inet6 \
media autoselect \
-bssid \
-chan \
-nwkey \
nwid $nwid \
wpa \
wpaprotos wpa2 \
wpaakms 802.1x \
wpaciphers ccmp \
wpagroupcipher ccmp \
up
rm -f rm /var/run/wpa_supplicant/iwn0
wpa_supplicant -B -c /etc/wpa_supplicant.conf -D openbsd -i iwn0
dhclient iwn0
break 1
;;
esac
[...]
done
/etc/wpa_supplicant.conf:
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
ap_scan=0
network={
ssid=eduroam
key_mgmt=WPA-EAP
eap=PEAP
identity=x...@d.tld
password=XXX
}
--
http://gmerlin.de
OpenPGP: http://gmerlin.de/christopher.pub
F190 D013 8F01 AA53 E080 3F3C F17F B0A1 D44E 4FEE
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
tmux mutt and f1
does anyone know of a way to make urxvt play together nicely with mutt (and tmux) regarding the f1 key? it works in xterm... macro index,pager f1 shell-escapeless /usr/local/share/doc/mutt/manual.txtenter help -f -- on a scale of 1 to 10, 4 is about 7.
Re: How to log in automatically to GUI?
I think the port x11 http://openports.se/x11/slim can do auto logins On Mon, Aug 25, 2014 at 2:54 PM, somelooser3...@hushmail.com wrote: I installed an OpenBSD desktop and in the /etc: rc.conf.local:xdm_flags=# enabled during install How can I set the automatic login for a user without prompting for password? Many thanks!
Help, please, understanding AHCI error on amd64
My amd64 notebook (full dmesg below) has started reporting an error which I don't adequately understand. Any explanations or ideas as to how to figure out exactly what is broken would be greatly appreciated. This started while untarring the ports tree from the source CD immediately after upgrading from 5.4-release to 5.5-release (from CD). I initially guessed that it was related to some change in 5.5, but testing while booted from install CDs for 5.4-release, 5.6-20140822 and a 4.7-release I had handy all give the same result. The error appears to be tied to a particular spot on the disk (it seems to occur when, e.g., I try to 'ls' a particular directory) but it looks to me like it could be a controller error or perhaps a controller quirk which OpenBSD doesn't handle well. The only information about it I can find is these two messages in /var/log/messages: Aug 18 14:08:08 minya /bsd: ahci0: attempting to idle device Aug 18 14:08:08 minya /bsd: ahci0: couldn't recover NCQ error, failing all outstanding commands. I've hunted through all the other log files I can think of without finding anything that looks related. Other than this, the system appears to be running normally (though I haven't been doing much with it other than poking around trying to understand this problem). Dave OpenBSD 5.5 (GENERIC.MP) #315: Wed Mar 5 09:37:46 MST 2014 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 6371405824 (6076MB) avail mem = 6193184768 (5906MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe67b0 (33 entries) bios0: vendor Hewlett-Packard version F.02 date 10/03/2011 bios0: Hewlett-Packard HP Pavilion dv7 Notebook PC acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP ASF! HPET APIC MCFG SLIC SSDT BOOT ASPT SSDT SSDT SSDT SSDT acpi0: wakeup devices P0P1(S3) LID_(S3) GLAN(S4) EHC1(S3) EHC2(S3) HDEF(S0) PXSX(S4) RP01(S4) PXSX(S4) RP02(S3) PXSX(S4) RP03(S3) PXSX(S4) RP04(S3) PXSX(S4) RP05(S3) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.78 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0, core 1, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 cpu4 at mainbus0: apid 4 (application processor) cpu4: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu4: 256KB 64b/line 8-way L2 cache cpu4: smt 0, core 2, package 0 cpu5 at mainbus0: apid 5 (application processor) cpu5: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, 1995.47 MHz cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,LONG,LAHF,PERF,ITSC cpu5: 256KB 64b/line 8-way L2 cache cpu5: smt 1, core 2, package 0 cpu6 at mainbus0: apid 6
Re: Help, please, understanding AHCI error on amd64
On 14-08-25 03:49 PM, Dave Anderson wrote: My amd64 notebook (full dmesg below) has started reporting an error which I don't adequately understand. Any explanations or ideas as to how to figure out exactly what is broken would be greatly appreciated. Your hard disk is in the process of (hopefully slowly!) breaking. This started while untarring the ports tree from the source CD immediately after upgrading from 5.4-release to 5.5-release (from CD). I initially guessed that it was related to some change in 5.5, but testing while booted from install CDs for 5.4-release, 5.6-20140822 and a 4.7-release I had handy all give the same result. Normal. It won't matter what software you're running because it's a hardware issue. The error appears to be tied to a particular spot on the disk (it seems to occur when, e.g., I try to 'ls' a particular directory) Yes. It'll be some particular sector that the disk controller is having difficulty reading. No matter what version of the OS you boot, those directory entries still reside on the same sector on disk. but it looks to me like it could be a controller error or perhaps a controller quirk which OpenBSD doesn't handle well. The only information about it I can find is these two messages in /var/log/messages: Aug 18 14:08:08 minya /bsd: ahci0: attempting to idle device Aug 18 14:08:08 minya /bsd: ahci0: couldn't recover NCQ error, failing all outstanding commands. Nope. The quirk is that your HDD is taking too long to read that sector (normally because of too many retries), the AHCI stack times out, and the only sane thing to do with timing out a request is to pretend all the other pending commands have also failed - otherwise you could get undefined results (i.e. even worse errors). Presumably the HDD eventually manages to read the sector, and succeeds the time the VFS or block-cache or whatever I/O layer resubmits the request for that data. Otherwise you'd see other error messages following the two you mention. I've hunted through all the other log files I can think of without finding anything that looks related. Other than this, the system appears to be running normally (though I haven't been doing much with it other than poking around trying to understand this problem). Nope - this is the only symptom you're likely to see, unless you happen to be running some sort of SMART monitor and you happen to be monitoring correctable read errors in that tool. From the hard disk's standpoint, all is well - you asked for a sector, and it (eventually) gave it to you. The only problem is that your software is too impatient, from a certain point of view. From a real-world point of view, however, you probably should make sure everything on that disk is backed up. Then you should either do a low-level format (almost impossible nowadays[1]) and still not trust it for important data, or just replace it. -Adam [1] While low-level formatting is not really possible nowadays unless you work in the manufacturer's lab, a few ATA Secure Erase passes might resuscitate the disk for a while if you really, really, REALLY don't want to replace it right now for some reason. Most people boot a Linux CD to do this, but atactl(8) appears to support the secerase command. There are all sorts of things that could prevent you from doing this, and if you can't work past them, you probably should just throw the drive away. -- -Adam Thompson athom...@athompso.net
Re: hang at syncing disks... done
Marko Cupać wrote, On 08/21/14 15:32: On 21-08-2014 11:38, Marko Cupać wrote: I have just installed OpenBSD 5.5 on my ThinkPad T440. At first glance everything seems to work OK, except for the fact that, when shutting down or restarting, system hangs at 'hang at syncing disks... done'. This could be possibly due to my questionable decision not to create swap partition. Once I reinstalled, with swap partition this time, the problem went away. I'm not convinced. I never create swap partitions on my Thinkpads (T61, T410) and they never hang at shutdown (or `halt -p`). These laptops have been running the release version since at least 5.0. Also, I never touch my rc.shutdown. I'm wondering if your disk is failing?
Re: Help, please, understanding AHCI error on amd64
On Mon, 25 Aug 2014, Adam Thompson wrote: On 14-08-25 03:49 PM, Dave Anderson wrote: My amd64 notebook (full dmesg below) has started reporting an error which I don't adequately understand. Any explanations or ideas as to how to figure out exactly what is broken would be greatly appreciated. Your hard disk is in the process of (hopefully slowly!) breaking. This started while untarring the ports tree from the source CD immediately after upgrading from 5.4-release to 5.5-release (from CD). I initially guessed that it was related to some change in 5.5, but testing while booted from install CDs for 5.4-release, 5.6-20140822 and a 4.7-release I had handy all give the same result. Normal. It won't matter what software you're running because it's a hardware issue. The error appears to be tied to a particular spot on the disk (it seems to occur when, e.g., I try to 'ls' a particular directory) Yes. It'll be some particular sector that the disk controller is having difficulty reading. No matter what version of the OS you boot, those directory entries still reside on the same sector on disk. but it looks to me like it could be a controller error or perhaps a controller quirk which OpenBSD doesn't handle well. The only information about it I can find is these two messages in /var/log/messages: Aug 18 14:08:08 minya /bsd: ahci0: attempting to idle device Aug 18 14:08:08 minya /bsd: ahci0: couldn't recover NCQ error, failing all outstanding commands. Nope. The quirk is that your HDD is taking too long to read that sector (normally because of too many retries), the AHCI stack times out, and the only sane thing to do with timing out a request is to pretend all the other pending commands have also failed - otherwise you could get undefined results (i.e. even worse errors). Presumably the HDD eventually manages to read the sector, and succeeds the time the VFS or block-cache or whatever I/O layer resubmits the request for that data. Otherwise you'd see other error messages following the two you mention. I've hunted through all the other log files I can think of without finding anything that looks related. Other than this, the system appears to be running normally (though I haven't been doing much with it other than poking around trying to understand this problem). Nope - this is the only symptom you're likely to see, unless you happen to be running some sort of SMART monitor and you happen to be monitoring correctable read errors in that tool. From the hard disk's standpoint, all is well - you asked for a sector, and it (eventually) gave it to you. The only problem is that your software is too impatient, from a certain point of view. That all makes sense. Thanks. It would be nice if that error message mentioned the timeout -- I think that would have convinced me that it was definitely the disk that was dying rather than it possibly being something else. From a real-world point of view, however, you probably should make sure everything on that disk is backed up. Then you should either do a low-level format (almost impossible nowadays[1]) and still not trust it for important data, or just replace it. -Adam [1] While low-level formatting is not really possible nowadays unless you work in the manufacturer's lab, a few ATA Secure Erase passes might resuscitate the disk for a while if you really, really, REALLY don't want to replace it right now for some reason. Most people boot a Linux CD to do this, but atactl(8) appears to support the secerase command. There are all sorts of things that could prevent you from doing this, and if you can't work past them, you probably should just throw the drive away. Yup, time for a new disk. I'm off to do some research on who makes the most reliable ones these days. [Suggestions from anyone knowledgable are welcome.] Dave -- Dave Anderson d...@daveanderson.com
Re: How to log in automatically to GUI?
somelooser3...@hushmail.com wrote, On 08/25/14 12:54: I installed an OpenBSD desktop and in the /etc: rc.conf.local:xdm_flags=# enabled during install How can I set the automatic login for a user without prompting for password? It seems one should be able to get getty(8) to do this using /etc/ttys. I tried: console /usr/bin/su -l USER -c /usr/X11R6/bin/startx xterm on secure which automatically launched X, but I didn't have access to the console (i.e., no write permission on /dev/console, no keyboard, etc.). I looked into fbtab(5), but I'm not sure how this works in this situation. It seems the default fbtab should suffice. I also tried: console /usr/bin/login -f USER vt220 on secure but that didn't work. It's apparently not setting up the login environment properly. I figured it I could get a user logged in. From that point you could run startx(1) from the user's login script. If someone knows how to do this properly via getty(8), I would be very interested.
Re: OpenBSD 5.5-STABLE: Full Disk Encryption (bioctl) and Smard Cards
On 2014-08-23, Zach Leslie xaque...@gmail.com wrote: All yubikeys have the two slots, to my knowledge, which can be set either static or otp. Yes 2 slots - the gui and cli programming tools are in packages. Not sure about newer ones, but older yubikeys are quite limited in maximum static password length (16 chars iirc).
