Re: disk change-out and packages
On Wed, Mar 04, 2015 at 01:22:55PM GMT, Ed Ahlsen-Girard wrote: First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. You have forgotten '-p' option - from 'man 1 cp': Preserve in the copy as many of the modification time, access time, file flags, file mode, user ID, and group ID as allowed by permissions. In the same manual, however, it reads: However, cp copies hard linked files as separate files. To preserve hard links, use a utility such as pax(1) or tar(1) instead. So using 'cp' to, effectively, mirror the disk, is not the best of ideas. Reinstalled, mounted the new slices as before, and ran: #!/bin/sh tar -cXf - /* | tar -xpf - -C /tree tar -cXf - /home/* | tar -xpf - -C /tree/home tar -cXf - /usr/* | tar -xpf - -C /tree/usr tar -cXf - /usr/X11R6/* | tar -xpf - -C /tree/usr/X11R6 tar -cXf - /usr/local/* | tar -xpf - -C /tree/usr/local tar -cXf - /usr/obj/* | tar -xpf - -C /tree/usr/obj tar -cXf - /usr/src/* | tar -xpf - -C /tree/usr/src tar -cXf - /var/* | tar -xpf - -C /tree/var I had copied the new disk's fstab so that the duids were right when I started from it. Results were interesting. I got another copy of /home inside /tree/home, as well as what I wanted in it, and youtube-dl turns out to make filenames too long for tar. Nevertheless, I could log in as myself. But running my usual packages at login didn't work: file not found. That's because the syntax is wrong - your working directory ('-C') should have been '/tree' in all of the above. Also, drop the asterisk '*'. You could have shortened it all to: tar -cXf - / | tar -xpf - -C /tree for i in /home /usr /var ; do tar -cf - $i | tar -xpf - -C /tree ; done Should I have not tried to save that much time? You could have simply reinstalled OpenBSD on the new disk, copied the crucial data (i.e. '/home') and reinstalled ports/packages, but copying the data using 'tar' would have taken much less time... provided you got it right the first time ;^) I thought tar | tar would get everything. Do I need to install the packages on the new disk? Is this a time that pkg_check is my friend? Fix it using the above info, and reinstalling packages should not be necessary. Regards, Raf
Does LibreSSL support RSA export-grade keys? - FREAK Attack
Hello, --- Does LibreSSL supports RSA export-grade keys? - FREAK Attack Apple's SecureTransport and OpenSSL -- have a bug in them. This bug causes them to accept RSA export-grade keys *even when the client didn't ask for export-grade RSA.* The impact of this bug can be quite nasty: it admits a 'man in the middle' attack whereby an active attacker can force down the quality of a connection, provided that the client is vulnerable *and *the server supports export RSA. The MITM attack works as follows: 1. In the client's Hello message, it asks for a standard 'RSA' ciphersuite. 2. The MITM attacker changes this message to ask for 'export RSA'. 3. The server responds with a 512-bit export RSA key, signed with its long-term key. 4. The client accepts this weak key due to the OpenSSL/SecureTransport bug. 5. The attacker factors the RSA modulus to recover the corresponding RSA decryption key. 6. When the client encrypts the 'pre-master secret' to the server, the attacker can now decrypt it to recover the TLS 'master secret'. 7. From here on out, the attacker sees plaintext and can inject anything it wants. http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html -- UPDATE: http://undeadly.org/cgi?action=articlesid=20150304092744 The following CVEs did not apply to LibreSSL: ... CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA why doesn't it apply? The US Export cyphers were removed? :) --- Couldn't LibreSSL only have HIGH ciphers and only PFS? All others should be removed, no? openssl ciphers HIGH --- Thanks, http://www.openbsdfoundation.org/
Re: lynx is gone?
Peter Hessler phess...@theapt.org writes: 1) lynx has some amazingly insecure code 2) the installer installs a functional pkg.conf if you installed from the network. 3) nethack is not in base -- Manuel Giraud
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
I think that's a win. What about PFS-only + HIGH ciphers? On Wed, Mar 4, 2015 at 4:32 PM, Ted Unangst t...@tedunangst.com wrote: someone wrote: Does LibreSSL supports RSA export-grade keys? - FREAK Attack Export ciphers were deleted from LibreSSL last summer.
Re: disk change-out and packages
On Wed, 4 Mar 2015, Raf Czlonka wrote: In the same manual, however, it reads: However, cp copies hard linked files as separate files. To preserve hard links, use a utility such as pax(1) or tar(1) instead. So using 'cp' to, effectively, mirror the disk, is not the best of ideas. rsync -avH will copy hard linked files, .. and is a much better option - especially if using a network connection [e.g. to the backup disk mounted on another machine]. Lee
Re: disk change-out and packages
Ed Ahlsen-Girard eagir...@cox.net writes: I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. For this kind of things, dump/restore is a good way too that won't mess anything. AFAIK your differents source directories (/, /home, ...) have to already be differents partitions, then you can go like this: # mount -o async /dev/sd?a /tree # cd /tree # dump -0a -f - / | restore -rf - # mount -o async /dev/sd?d /tree/home # cd /tree/home # dump -0a -f - /home | restore -rf - -- Manuel Giraud
Re: lynx is gone?
1) lynx has some amazingly insecure code 2) the installer installs a functional pkg.conf if you installed from the network. On 2015 Mar 04 (Wed) at 10:11:17 -0500 (-0500), Bob Eby wrote: :Lynx is gone. Wow just wow, I'm stupefied by just how much you guys have :removed from base. : :The least you could do is put something on afterboot useful to getting a :web browser up and running. Note: it's usually helpful to have a :web-browser to do things like oh, I don't know, find a suitable mirror for :pkg_add? : :It was fun playing with the packet filter all those years ago, but I think :I've had my fill of OpenBSD after lack of new hard drive formats, WPA2 :hassles, failure to get very popular and important firmwares (ipw anyone?) :into the distribution. (Nothing like installing over a wireless NIC when :you don't have the firmware and can't download it over said NIC) : :Honestly, every new box I try to find some use for OpenBSD but every time :go back to some Linux flavor to actually do ... well ? anything. (Except :play nethack. I guess, yeah, *thats* more important than a default web :browser) : -- Might as well be frank, monsieur. It would take a miracle to get you out of Casablanca and the Germans have outlawed miracles. -- Casablanca
Re: disk change-out and packages
On Wed, Mar 04, 2015 at 03:22:45PM GMT, L. V. Lammert wrote: rsync -avH will copy hard linked files, .. and is a much better option - especially if using a network connection [e.g. to the backup disk mounted on another machine]. Hi Lee, I was meant to mention it but given the issues the OP had with (seemingly) simple 'tar' syntax, I did not want to get into explaining yet another tool (i.e. trailing slash, etc.). Besides, it's not in base. Regards, Raf
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
I think that's a win. What about PFS-only + HIGH ciphers? What about interoperability? It is too early to restrict LibreSSL to PFS ciphersuites, alas. Miod
Re: slow to no throughout on ral
On Wed, Mar 04, 2015 at 05:06:57PM +0200, Lars Nooden wrote: The only other strange symptom is that the machine locks up hard every week or two requiring a powercycle or hardware reset to restart. I can find nothing in the logs anywhere near the time of the lock ups. The main board runs at about 60 deg, according to systat, and the other card an ADSL card runs at about 80 deg, so I don't think it is temperature. What should I be looking at? Sounds like your soekris power adapter is dying. Earlier discussion: http://marc.info/?l=openbsd-miscm=139574811317516w=2 http://marc.info/?l=openbsd-miscm=139577725328950w=2
Re: pkg_add failure in March 1 snapshot
Marc Espie said: I believe this is reported when $PKG_TMPDIR isn't writable. Definitely looks like somebody had fun with his /var/tmp - /tmp change... :p Not me. I didn't even touch either directory neither before nor after the breakage. -- Dmitrij D. Czarkoff
Re: disk change-out and packages
On Mar 04 07:22:55, eagir...@cox.net wrote: I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. You said you installed on the new disk already. Boot form it, and treat your old disk as backup. What I usually do in a situation like this is cd /home ; dump /old/home | restore rf - Files seemed to get there but something was not right with permissions when I tried booting the new disk dump | restore beats almost anything else (when on the same machine). Boot from the freshly installed new disk and copy from the old. not the other way round. Nevertheless, I could log in as myself. Again, boot your new system as soon as it is bootable, and copy user data from the old disk; that includes vipw(8) to retain the old accounts, the old /etc/*, the old crontabs, the old /root. But running my usual packages at login didn't work: file not found. Install them from scratch, and only copy over their configs fom /etc. Hint: ls /old/var/db/pkg (only those you actually want, don't make the package system think that you explicitly want e.g. libdvdcss-1.3.0 if it is just a dependency of what you actually want). Should I have not tried to save that much time? I thought tar | tar would get everything. Do I need to install the packages on the new disk? It's the easiest way, and better that cp /usr/local Also, you are running a different version of the OS now. Jan
Re: lynx is gone?
On Wed, Mar 04, 2015 at 04:49:06PM +0100, Manuel Giraud wrote: Peter Hessler phess...@theapt.org writes: 1) lynx has some amazingly insecure code 2) the installer installs a functional pkg.conf if you installed from the network. 3) nethack is not in base At least parts of nethack is GPL.
Re: iwn(4) firmware
On Mar 04 17:57:22, czark...@gmail.com wrote: Jan Stary said: http://www.openbsd.org/faq/faq6.html#Wireless lists the supported wireles chipsets, marking with NFF those that need the non-free firmware to be downloaded. It does not mark iwn(4) as such, It should. --- faq6.html.orig 2015-03-04 18:42:39.0 +0100 +++ faq6.html 2015-03-04 18:43:07.0 +0100 @@ -1873,7 +1873,7 @@ Intel PRO/Wireless 2100 802.11b. sup(N lia href=http://www.openbsd.org/cgi-bin/man.cgi?query=iwiamp;sektion=4;iwi(4)/a Intel PRO/Wireless 2200BG/2225BG/2915ABG 802.11a/b/g. sup(NFF)/sup lia href=http://www.openbsd.org/cgi-bin/man.cgi?query=iwnamp;sektion=4;iwn(4)/a -Intel WiFi Link 4965/5100/5300 802.11a/b/g/Draft-N wireless. +Intel WiFi Link 4965/5100/5300 802.11a/b/g/Draft-N wireless. sup(NFF)/sup lia href=http://www.openbsd.org/cgi-bin/man.cgi?query=maloamp;sektion=4;malo(4)/a Marvell Libertas 802.11b/g lia href=http://www.openbsd.org/cgi-bin/man.cgi?query=otusamp;sektion=4;otus(4)/a
Re: touchpad slight regression (snap: 20141121-20150217)
Hello again On 27/02/15(Fri) 11:40, patrick keshishian wrote: I can confirm this change alone causes no adverse, observable change on my x120e's touchpad. Could you guys confirm that the last fix from Ulf also fixes your issue? https://marc.info/?l=openbsd-techm=142513927519879w=2 Thanks, Martin
Re: disk change-out and packages
I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. Reinstalled, mounted the new slices as before, and ran: #!/bin/sh tar -cXf - /* | tar -xpf - -C /tree tar -cXf - /home/* | tar -xpf - -C /tree/home tar -cXf - /usr/* | tar -xpf - -C /tree/usr tar -cXf - /usr/X11R6/* | tar -xpf - -C /tree/usr/X11R6 tar -cXf - /usr/local/* | tar -xpf - -C /tree/usr/local tar -cXf - /usr/obj/* | tar -xpf - -C /tree/usr/obj tar -cXf - /usr/src/* | tar -xpf - -C /tree/usr/src tar -cXf - /var/* | tar -xpf - -C /tree/var I had copied the new disk's fstab so that the duids were right when I started from it. Results were interesting. I got another copy of /home inside /tree/home, as well as what I wanted in it, and youtube-dl turns out to make filenames too long for tar. Nevertheless, I could log in as myself. But running my usual packages at login didn't work: file not found. Should I have not tried to save that much time? I thought tar | tar would get everything. Do I need to install the packages on the new disk? Is this a time that pkg_check is my friend? pax -rw -pe was what you wanted. Possibly with the -k option too. If you are intending to do this filesystem-by-filesystem, you may experience better results using the dump restore tools, in a form something like: cd /new/filesystem dump 0af - /filesystem | restore -f -
Re: iwn(4) firmware
Jan Stary said: http://www.openbsd.org/faq/faq6.html#Wireless lists the supported wireles chipsets, marking with NFF those that need the non-free firmware to be downloaded. It does not mark iwn(4) as such, It should. -- Dmitrij D. Czarkoff
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
Sometimes you have to break things to make it better On Wed, Mar 4, 2015 at 5:13 PM, Miod Vallat m...@online.fr wrote: I think that's a win. What about PFS-only + HIGH ciphers? What about interoperability? It is too early to restrict LibreSSL to PFS ciphersuites, alas. Miod
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote: Sometimes you have to break things to make it better Yes, and getting people to stop using LibreSSL because it suddenly is not interoperable with anything would surely help a lot. Instead, we are trying to get developers to try and use LibreSSL provided libtsl, which defaults to sane, strong crypto choices. Miod
Re: lynx is gone?
Its not in my pay grade to offer a technical opinion on Lynx removal! But ,,WHAT r u folks using instead, considering?? thanks OpenBSD
Re: lynx is gone?
On 04-03-2015 15:48, Jeff St. George wrote: Its not in my pay grade to offer a technical opinion on Lynx removal! But ,,WHAT r u folks using instead, considering?? Well, for the task the OP mentioned, finding a mirror for pkg_add, you could do plenty of things to accomplish that. netcating to the OpenBSD site and running the http get's by hand is one that comes to mind. curling the mirrors page is another. The fact is, there are no decent/secure text mode browsers, and given the discussion on tech@ last year about lynx removal, I believe it should have gone sooner. I don't think any other text mode browser will make into base in the near future, unless someone develops a secure one. Cheers, Giancarlo Razzolini
Re: Help, my 5.6 stable is insane : cant resolv dns inside programs (ftp and curl)
On Wed, Mar 04, 2015 at 06:47:38PM GMT, sven falempin wrote: # i did play around with the file resolv.conf # cat /etc/resolv.conf lookup file nameserver 127.0.0.1 nameserver 8.8.8.8 # because i dont get it i even did that # cat /etc/resolv.conf.tail nameserver 8.8.8.8 This is due to the fact that both 'host' and 'dig' are *DNS* lookup utilities - for obvious reasons, they care only about 'nameserver' entries in '/etc/resolv.conf'. For other utilities, which rely on gethostbyname(3) and gethostbyaddr(3), the 'lookup' option specifies the database and, if more than one, the order which is to be searched for host information. In your example above, 'lookup' is only set up for '/etc/hosts' hence utilities like 'ftp', or 'curl', fail - change it to 'lookup file bind' (or remove that line altogether) and everything will go back to normal. Remove 'nameserver' options from there and, as you might expect, DNS lookups themselves will fail. Raf
Re: lynx is gone?
On 2015-03-04, Giancarlo Razzolini wrote: curling the mirrors page is another. This was my first thought. I don't think this is out of anyone's league if they are already choosing to install OpenBSD.
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
On Thu, 5 Mar 2015, at 07:37 AM, someone wrote: interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote: Sometimes you have to break things to make it better Yes, and getting people to stop using LibreSSL because it suddenly is not interoperable with anything would surely help a lot. Instead, we are trying to get developers to try and use LibreSSL provided libtsl, which defaults to sane, strong crypto choices. Miod Disable RC4 and non-PFS ciphers in Firefox (there are extensions, eg. SSleuth, that can help with doing this) and see how many sites stop working. Better yet, see how many bank's sites stop working. -- Carlin
Re: touchpad slight regression (snap: 20141121-20150217)
On 3/4/15, Martin Pieuchot mpieuc...@nolizard.org wrote: On 04/03/15(Wed) 10:49, patrick keshishian wrote: On 3/4/15, Martin Pieuchot mpieuc...@nolizard.org wrote: Hello again On 27/02/15(Fri) 11:40, patrick keshishian wrote: I can confirm this change alone causes no adverse, observable change on my x120e's touchpad. Could you guys confirm that the last fix from Ulf also fixes your issue? https://marc.info/?l=openbsd-techm=142513927519879w=2 Hi, Apologies. I thought that patch was sent for comment by experts (there was a lot of questions/second guesses accompanying the referenced post/patch). Testing is always welcome! Is this to be tested on its own or in conjunction with sys/dev/wscons/wsmouse.c patch from this thread? On its own :) This patch seems to work fine. I don't see the issue I reported. Thank you, --patrick Thanks, Martin
Re: disk change-out and packages
On Wed, Mar 04, 2015 at 06:54:20PM GMT, L. V. Lammert wrote: Raf, Lee, No issue there, .. but rsync is much better than anything IN base for file synchronization (cross-filesystem, works over ssh [et al], properly handles permissions and hardlinks, . ). If there is an issue installing packages I would think that should probably be addressed first. For *file synchronisation*, 'rsync' is, indeed, *very* good - no doubt! I often use it myself. However, here we're talking about a disk swap-over. 'tar' or, as others have already suggested, 'dump/restore' will do just fine. 'rsync', as I have previously mentioned, will only contribute to OP's further confusion (as he was already struggling with tar's syntax) so helping to fix the issues at hand seemed like a batter idea than (potentially) introducing new ones. rsync's availability as a package/port is, indeed, as secondary matter. Raf
Re: Help, my 5.6 stable is insane : cant resolv dns inside programs (ftp and curl)
On Wed, Mar 04, 2015 at 07:15:58PM GMT, sven falempin wrote: YES, lookup file bind, (but i did delete the line completly and it wasnt working.) Hmmm... then the behaviour you describe seems to both contradict my own experience (double-checked a second ago) as well as the 'resolv.conf(5)' man page: If the lookup keyword is not used in the system's resolv.conf file then the assumed order is bind file. Furthermore, if the system's resolv.conf file does not exist, then the only database used is file. Fun fact , i actually know that but i fail to spot it . Thank you :-) No worries :^) Raf
Help, my 5.6 stable is insane : cant resolv dns inside programs (ftp and curl)
# i did play around with the file resolv.conf # cat /etc/resolv.conf lookup file nameserver 127.0.0.1 nameserver 8.8.8.8 # because i dont get it i even did that # cat /etc/resolv.conf.tail nameserver 8.8.8.8 [0]-[router]-[~] # host google.ca google.ca has address 173.194.45.47 google.ca has address 173.194.45.55 google.ca has address 173.194.45.56 google.ca has address 173.194.45.63 google.ca has IPv6 address 2a00:1450:4007:805::100f google.ca mail is handled by 30 alt2.aspmx.l.google.com. google.ca mail is handled by 20 alt1.aspmx.l.google.com. google.ca mail is handled by 40 alt3.aspmx.l.google.com. google.ca mail is handled by 50 alt4.aspmx.l.google.com. google.ca mail is handled by 10 aspmx.l.google.com. [0]-[router]-[~] # host google.ca 127.0.0.1 Using domain server: Name: 127.0.0.1 Address: 127.0.0.1#53 Aliases: google.ca has address 173.194.45.47 google.ca has address 173.194.45.55 google.ca has address 173.194.45.56 google.ca has address 173.194.45.63 google.ca has IPv6 address 2a00:1450:4007:805::100f google.ca mail is handled by 30 alt2.aspmx.l.google.com. google.ca mail is handled by 20 alt1.aspmx.l.google.com. google.ca mail is handled by 40 alt3.aspmx.l.google.com. google.ca mail is handled by 50 alt4.aspmx.l.google.com. google.ca mail is handled by 10 aspmx.l.google.com. [0]-[router]-[~] # host google.ca 8.8.8.8 Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: google.ca has address 216.58.211.99 google.ca has IPv6 address 2a00:1450:4007:806::1017 google.ca mail is handled by 40 alt3.aspmx.l.google.com. google.ca mail is handled by 50 alt4.aspmx.l.google.com. google.ca mail is handled by 10 aspmx.l.google.com. google.ca mail is handled by 20 alt1.aspmx.l.google.com. google.ca mail is handled by 30 alt2.aspmx.l.google.com. [0]-[router]-[~] # ftp -o /dev/null http://google.ca ftp: google.ca: no address associated with name [1]-[router]-[~] # # dig 127.0.0.1 google.fr [.also work ok.] -- - () ascii ribbon campaign - against html e-mail /\
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
Sometimes you have to break things to make it better Yes, and getting people to stop using LibreSSL because it suddenly is not interoperable with anything would surely help a lot. Instead, we are trying to get developers to try and use LibreSSL provided libtsl, which defaults to sane, strong crypto choices. Miod
Re: touchpad slight regression (snap: 20141121-20150217)
On 3/4/15, Martin Pieuchot mpieuc...@nolizard.org wrote: Hello again On 27/02/15(Fri) 11:40, patrick keshishian wrote: I can confirm this change alone causes no adverse, observable change on my x120e's touchpad. Could you guys confirm that the last fix from Ulf also fixes your issue? https://marc.info/?l=openbsd-techm=142513927519879w=2 Hi, Apologies. I thought that patch was sent for comment by experts (there was a lot of questions/second guesses accompanying the referenced post/patch). Is this to be tested on its own or in conjunction with sys/dev/wscons/wsmouse.c patch from this thread? --patrick
Re: touchpad slight regression (snap: 20141121-20150217)
On 04/03/15(Wed) 10:49, patrick keshishian wrote: On 3/4/15, Martin Pieuchot mpieuc...@nolizard.org wrote: Hello again On 27/02/15(Fri) 11:40, patrick keshishian wrote: I can confirm this change alone causes no adverse, observable change on my x120e's touchpad. Could you guys confirm that the last fix from Ulf also fixes your issue? https://marc.info/?l=openbsd-techm=142513927519879w=2 Hi, Apologies. I thought that patch was sent for comment by experts (there was a lot of questions/second guesses accompanying the referenced post/patch). Testing is always welcome! Is this to be tested on its own or in conjunction with sys/dev/wscons/wsmouse.c patch from this thread? On its own :) Thanks, Martin
Re: disk change-out and packages
On Wed, 4 Mar 2015, Raf Czlonka wrote: Hi Lee, I was meant to mention it but given the issues the OP had with (seemingly) simple 'tar' syntax, I did not want to get into explaining yet another tool (i.e. trailing slash, etc.). Besides, it's not in base. Regards, Raf Raf, No issue there, .. but rsync is much better than anything IN base for file synchronization (cross-filesystem, works over ssh [et al], properly handles permissions and hardlinks, . ). If there is an issue installing packages I would think that should probably be addressed first. Lee
Re: disk change-out and packages
On 4 March 2015, Manuel Giraud man...@ledu-giraud.fr wrote: Ed Ahlsen-Girard eagir...@cox.net writes: I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. For this kind of things, dump/restore is a good way too that won't mess anything. AFAIK your differents source directories (/, /home, ...) have to already be differents partitions, then you can go like this: # mount -o async /dev/sd?a /tree # cd /tree # dump -0a -f - / | restore -rf - # mount -o async /dev/sd?d /tree/home # cd /tree/home # dump -0a -f - /home | restore -rf - +1 for dump / restore. cp doesn't handle hardlinks, tar / pax have limitations on maximum path length, rsync is resource-hungry if you tell it to deal with hardlinks, and cpio has other limitations on file names. Really, dump / restore is the only viable choice for this kind of task. Regards, Liviu Daia
Re: lynx is gone?
On Wed, Mar 4, 2015 at 2:15 PM, L.R. D.S. arrowscr...@mail.com wrote: 1) lynx has some amazingly insecure code So, remove Xombrero from base too, he segfault everytime and is much more insecure due to ECMAscript engine of WebKit. curl Please guys, a browser is different from a http/ftp downloader. A browser have HTML parser, and funcionality's for you... ahm... browse? I accidentally posted off list the first time. I'm just a user, but my preference is to let the devs, for lack of a better word, dev. If I knew how to run the OpenBSD project to end up with something like OpenBSD, which I'm fond of, I'd be . . . a lot smarter . . . The app (lynx) is on the CD's as a package, for now, at least. That works fine for me, and I am a pretty frequent lynx user. My 2 cents. Carl T.
Re: lynx is gone?
L.R. D.S. wrote: So, remove Xombrero from base too, he segfault everytime Done!
Re: X really slow dragging windows
On 03/04/2015 01:16 PM, Nils Reuße wrote: On 04.03.2015 02:39, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? Hi Jason, i can confirm this issue, though i have no idea how to fix it. I also use an ATI card (HD 4250), but mine is supported and used with KMS. I've noticed this quite a while ago, but it doesn't bug me that much using a tiling wm. Regards Are you seeing the GPU disabled line in your Xorg.0.log? My card is also supported, but I get that GPU not working line, and until that gets solved I am stuck using shadowfb, (and ugly friends). And I believe that is the reason for the slowness. -- Those who do not understand Unix are condemned to reinvent it, poorly.
Re: lynx is gone?
1) lynx has some amazingly insecure code So, remove Xombrero from base too, he segfault everytime and is much more insecure due to ECMAscript engine of WebKit. curl Please guys, a browser is different from a http/ftp downloader. A browser have HTML parser, and funcionality's for you... ahm... browse?
Re: X really slow dragging windows
On 04.03.2015 02:39, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? Hi Jason, i can confirm this issue, though i have no idea how to fix it. I also use an ATI card (HD 4250), but mine is supported and used with KMS. I've noticed this quite a while ago, but it doesn't bug me that much using a tiling wm. Regards Nils
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
someone wrote: Does LibreSSL supports RSA export-grade keys? - FREAK Attack Export ciphers were deleted from LibreSSL last summer.
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
They are just using what the softwares provide. https://jve.linuxwall.info/blog/index.php?post/TLS_Survey This guy scanned Alexa's list of top 1,000,000 websites. At janvier 11 2014. 45% of them had TLS support. 1.23% of websites only accept 3DES, and 1.56% of websites only accept RC4. PFS support was 75% ! 38 websites only accept SSLv2. lol. TLS 1.2 support is 33% so shit, that still would need time. And this was one year ago. In the meantime we had POODLE, Heartbleed that had informed people to update. What did it took to disable SSLv3 in the main webbrowsers? Just a little push that is named POODLE. You are the OpenBSD team, break things to make it better! Just loud thinking, but isn't it time to say NO to weak things? No RC*/DES/MD5/non-PFS/etc. Many thanks for your hard work! On Wed, Mar 4, 2015 at 7:54 PM, Carlin Bingham c...@viennan.net wrote: On Thu, 5 Mar 2015, at 07:37 AM, someone wrote: interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote: Sometimes you have to break things to make it better Yes, and getting people to stop using LibreSSL because it suddenly is not interoperable with anything would surely help a lot. Instead, we are trying to get developers to try and use LibreSSL provided libtsl, which defaults to sane, strong crypto choices. Miod Disable RC4 and non-PFS ciphers in Firefox (there are extensions, eg. SSleuth, that can help with doing this) and see how many sites stop working. Better yet, see how many bank's sites stop working. -- Carlin
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ There are still idiots top-posting, why wouldn't there be idiots misconfiguring TLS servers or not giving a damn? Miod
Re: Help, my 5.6 stable is insane : cant resolv dns inside programs (ftp and curl)
On Wed, Mar 4, 2015 at 2:11 PM, Raf Czlonka rczlo...@gmail.com wrote: On Wed, Mar 04, 2015 at 06:47:38PM GMT, sven falempin wrote: # i did play around with the file resolv.conf # cat /etc/resolv.conf lookup file nameserver 127.0.0.1 nameserver 8.8.8.8 # because i dont get it i even did that # cat /etc/resolv.conf.tail nameserver 8.8.8.8 This is due to the fact that both 'host' and 'dig' are *DNS* lookup utilities - for obvious reasons, they care only about 'nameserver' entries in '/etc/resolv.conf'. For other utilities, which rely on gethostbyname(3) and gethostbyaddr(3), the 'lookup' option specifies the database and, if more than one, the order which is to be searched for host information. In your example above, 'lookup' is only set up for '/etc/hosts' hence utilities like 'ftp', or 'curl', fail - change it to 'lookup file bind' (or remove that line altogether) and everything will go back to normal. Remove 'nameserver' options from there and, as you might expect, DNS lookups themselves will fail. Raf YES, lookup file bind, (but i did delete the line completly and it wasnt working.) Fun fact , i actually know that but i fail to spot it . Thank you :-) -- - () ascii ribbon campaign - against html e-mail /\
Re: lynx is gone?
-Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Bob Eby Sent: Wednesday, March 04, 2015 10:11 AM To: misc@openbsd.org Subject: lynx is gone? Lynx is gone. Wow just wow, I'm stupefied by just how much you guys have removed from base. The least you could do is put something on afterboot useful to getting a web browser up and running. Note: it's usually helpful to have a web-browser to do things like oh, I don't know, find a suitable mirror for pkg_add? #ftp -o - http://www.openbsd.org/ftp.html | grep nofollow
Re: lynx is gone?
On Wed, Mar 4, 2015 at 1:48 PM, Jeff St. George f...@speednet.com wrote: Its not in my pay grade to offer a technical opinion on Lynx removal! But ,,WHAT r u folks using instead, considering?? typically when I am setting up a server I have a laptop with me. the laptop will either have my pre-planning notes, or if it doesn't have that, it will be where I record my as-built notes. either way, at the end I will have a record on my laptop of all the key information I would need if I ever have to rebuild that particular server. since I have my laptop with me anyway, if I need to look at any web pages during the server install, I use that. if I really need to fetch a web page on the server itself, I use ftp (which also supports http). if it's not a server (i.e. I'm setting up a workstation) then I'll typically want X and something like Firefox. -ken
Re: Audio probles like, slow response in applications that use audio
Hi, Updating the situation, I already used -stable, and I am using now -current, and still the problem. I tried some browsers like (firefox, midori and chromium), and they get really slow when I am watching a html5 video, and it freezes all the time if the video is in HD. Here is almost all the problem information:http://marc.info/?l=openbsd-miscm=142385651303855w=2 -- Regards Henrique Lengler
Re: X really slow dragging windows
On 03/04/2015 04:34 AM, Jonathan Gray wrote: On Tue, Mar 03, 2015 at 05:39:51PM -0800, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? A full dmesg and Xorg.0.log would be helpful. If you could try a snapshot there are some changes in -current that may be relevant. The dmesg is as follows, and i suspect the Xorg log would be redundant, as there seems to lines in the dmesg seem to suggest the problem happens fairly early. Search for the line: drm: initializing kernel modesetting (RS200 0x1002:0x4437 0x1179:0xFF10) It all goes gunnysack after that. Thing is, I don't know what to do about that. begin paste--- OpenBSD 5.6 (GENERIC) #274: Fri Aug 8 00:05:13 MDT 2014 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Celeron(R) CPU 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,CNXT-ID,xTPR,PERF real mem = 1274507264 (1215MB) avail mem = 1241239552 (1183MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/16/04, BIOS32 rev. 0 @ 0xe9950, SMBIOS rev. 2.3 @ 0xeb160 (37 entries) bios0: vendor TOSHIBA version Version 1.70 date 09/10/2004 bios0: TOSHIBA Satellite A60 acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC BOOT SSDT SSDT acpi0: wakeup devices LID_(S4) USB0(S3) USB1(S3) USB2(S3) MC97(S3) P2P_(S4) LAN0(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 133MHz ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 1 (AGP_) acpiprt1 at acpi0: bus 0 (PCI0) acpiprt2 at acpi0: bus 2 (P2P_) acpiec0 at acpi0 acpicpu0 at acpi0: C2, C1 acpipwrres0 at acpi0: PUT2, resource for PUT2 acpipwrres1 at acpi0: PFA1, resource for FAN1 acpitz0 at acpi0: critical temperature is 105 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PWRB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model PA3384-BAS/BRS serial 6B52 type Li-I bios0: ROM list: 0xc/0xf000 0xe/0x2000! 0xe6000/0x1000! 0xeb000/0x5000! pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 ATI RS250 AGP rev 0x05 agp at pchb0 not configured ppb0 at pci0 dev 1 function 0 ATI RS200 PCI rev 0x00 pci1 at ppb0 bus 1 radeondrm0 at pci1 dev 5 function 0 ATI Radeon Mobility IGP rev 0x00 drm0 at radeondrm0 radeondrm0: apic 2 int 16 ohci0 at pci0 dev 19 function 0 ATI SB200 USB rev 0x01: apic 2 int 19, version 1.0, legacy support ohci1 at pci0 dev 19 function 1 ATI SB200 USB rev 0x01: apic 2 int 19, version 1.0, legacy support ehci0 at pci0 dev 19 function 2 ATI SB200 USB2 rev 0x01: apic 2 int 19 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 ATI EHCI root hub rev 2.00/1.00 addr 1 piixpm0 at pci0 dev 20 function 0 ATI SB200 SMBus rev 0x18: SMI iic0 at piixpm0 spdmem0 at iic0 addr 0x50: 1GB DDR SDRAM non-parity PC2700CL2.5 pciide0 at pci0 dev 20 function 1 ATI SB200 IDE rev 0x00: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: IC25N030ATMR04-0 wd0: 16-sector PIO, LBA48, 28615MB, 58605120 sectors wd0(pciide0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: MATSHITA, UJDA760 DVD/CDRW, 1.50 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 2 pcib0 at pci0 dev 20 function 3 ATI SB200 ISA rev 0x00 ppb1 at pci0 dev 20 function 4 ATI SB200 PCI rev 0x00 pci2 at ppb1 bus 2 ath0 at pci2 dev 4 function 0 Atheros AR5212 rev 0x01: apic 2 int 17 ath0: AR5213A 5.9 phy 4.3 rf2112a 4.6 eeprom 4.8, WOR4W, address 00:11:f5:03:c9:a2 cbb0 at pci2 dev 6 function 0 TI PCI1410 CardBus rev 0x02: apic 2 int 19, CardBus support disabled rl0 at pci2 dev 7 function 0 Realtek 8139 rev 0x10: apic 2 int 18, address 00:a0:d1:b4:d4:79 rlphy0 at rl0 phy 0: RTL internal PHY cardslot0 at cbb0 slot 0 flags 0 pcmcia0 at cardslot0 auixp0 at pci0 dev 20 function 5 ATI SB200 AC97 rev 0x00: apic 2 int 17 auixp0: soft resetting aclink
Re: lynx is gone?
So, remove Xombrero from base too, he segfault everytime Done! Hey, wait! The plan was to improve browsers, wasn't it? That's not the same thing as deleting them, you know! Then again, if we set the firefox to keep the tedu (err... or was it the other way round...?) we need not be surpised that browsers end up... getting lost. :-D Everyone please lock the tree: somebody let a tedu loose! Yours, Ingo
Re: lynx is gone?
This sounds like: As with a knife one could cut throats, let's start eating only with the fork. Oh, btw, but also the fork could poke, so let's use just the spoon. Using netcat or ftp to browse the web/intranet/localhost in the 3rd millennium is like eating a steak with a spoon. It's the same logic of leaving open root ssh access with pw=password: nothing can stop a stupid misuse of things. But this is not a good reason to delete ssh. And, just for the records, I bet that 99% of use of lynx is just sysadmin stuff on CLI systems, for the rest (the dangerous horrid scary world...) there are X clients with Firefox. Who's going to warez sites with lynx? Of course we're all a pkg_add away, but that is not the point. Security is a damn good thing. Excesses not. Il 04/mar/2015 20:01 Giancarlo Razzolini grazzol...@gmail.com ha scritto: On 04-03-2015 15:48, Jeff St. George wrote: Its not in my pay grade to offer a technical opinion on Lynx removal! But ,,WHAT r u folks using instead, considering?? Well, for the task the OP mentioned, finding a mirror for pkg_add, you could do plenty of things to accomplish that. netcating to the OpenBSD site and running the http get's by hand is one that comes to mind. curling the mirrors page is another. The fact is, there are no decent/secure text mode browsers, and given the discussion on tech@ last year about lynx removal, I believe it should have gone sooner. I don't think any other text mode browser will make into base in the near future, unless someone develops a secure one. Cheers, Giancarlo Razzolini On 04-03-2015 15:48, Jeff St. George wrote: Its not in my pay grade to offer a technical opinion on Lynx removal! But ,,WHAT r u folks using instead, considering?? Well, for the task the OP mentioned, finding a mirror for pkg_add, you could do plenty of things to accomplish that. netcating to the OpenBSD site and running the http get's by hand is one that comes to mind. curling the mirrors page is another. The fact is, there are no decent/secure text mode browsers, and given the discussion on tech@ last year about lynx removal, I believe it should have gone sooner. I don't think any other text mode browser will make into base in the near future, unless someone develops a secure one. Cheers, Giancarlo Razzolini
Re: Issue to run some ksh script with httpd
Get done! I forgot the http header Content-Type'. 2015-03-04 22:26 GMT-03:00 Antonio Feitosa antonio@gmail.com: HI I made the correct configuration to run bgplg script, but somehow I can't run ksh script. I already made the copy of /bin/ksh to /var/www/bin/sh and fix the permission of script file. The web page appears blank, with no data, but bgplg works. Somebody knows how to fix that? Regards, -- Antonio Feitosa (http://twitter.com/teebsd) #DevOps believer in Prototype Driven Development, #Security Consultant, #OpenBSD addicted, #ARM hobbyst and #Blues #Musician. #P2P is the real #cloudcomputing. Rio de Janeiro, Brazil · Github: https://github.com/TeeBSD Blog: http://teebsd.github.io/ -- Antonio Feitosa (http://twitter.com/teebsd) #DevOps believer in Prototype Driven Development, #Security Consultant, #OpenBSD addicted, #ARM hobbyst and #Blues #Musician. #P2P is the real #cloudcomputing. Rio de Janeiro, Brazil · Github: https://github.com/TeeBSD Blog: http://teebsd.github.io/
Re: X really slow dragging windows
On Wed, Mar 04, 2015 at 02:12:09PM -0800, Jason Adams wrote: On 03/04/2015 04:34 AM, Jonathan Gray wrote: On Tue, Mar 03, 2015 at 05:39:51PM -0800, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? A full dmesg and Xorg.0.log would be helpful. If you could try a snapshot there are some changes in -current that may be relevant. The dmesg is as follows, and i suspect the Xorg log would be redundant, as there seems to lines in the dmesg seem to suggest the problem happens fairly early. Search for the line: drm: initializing kernel modesetting (RS200 0x1002:0x4437 0x1179:0xFF10) It all goes gunnysack after that. Thing is, I don't know what to do about that. There is no AGP driver for RS100/RS200/RS300 in the tree. The commit to align the gart may help still: diff --git sys/dev/pci/drm/radeon/radeon_gart.c sys/dev/pci/drm/radeon/radeon_gart.c index 9de93f0..d17b676 100644 --- sys/dev/pci/drm/radeon/radeon_gart.c +++ sys/dev/pci/drm/radeon/radeon_gart.c @@ -75,8 +75,8 @@ int radeon_gart_table_ram_alloc(struct radeon_device *rdev) flags |= BUS_DMA_NOCACHE; } #endif - dmah = drm_dmamem_alloc(rdev-dmat, rdev-gart.table_size, 0, - 1, rdev-gart.table_size, flags, 0); + dmah = drm_dmamem_alloc(rdev-dmat, rdev-gart.table_size, + rdev-gart.table_size, 1, rdev-gart.table_size, flags, 0); if (dmah == NULL) { return -ENOMEM; } diff --git sys/dev/pci/drm/radeon/rs400.c sys/dev/pci/drm/radeon/rs400.c index ea320eb..45172b1 100644 --- sys/dev/pci/drm/radeon/rs400.c +++ sys/dev/pci/drm/radeon/rs400.c @@ -220,7 +220,7 @@ int rs400_gart_set_page(struct radeon_device *rdev, int i, uint64_t addr) return -EINVAL; } - entry = (lower_32_bits(addr) PAGE_MASK) | + entry = (lower_32_bits(addr) ~PAGE_MASK) | ((upper_32_bits(addr) 0xff) 4) | RS400_PTE_WRITEABLE | RS400_PTE_READABLE; entry = cpu_to_le32(entry);
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
On Thu, 5 Mar 2015, at 07:37 AM, someone wrote: interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote: Sometimes you have to break things to make it better Yes, and getting people to stop using LibreSSL because it suddenly is not interoperable with anything would surely help a lot. Instead, we are trying to get developers to try and use LibreSSL provided libtsl, which defaults to sane, strong crypto choices. Miod Disable RC4 and non-PFS ciphers in Firefox (there are extensions, eg. SSleuth, that can help with doing this) and see how many sites stop Indeed. thisistheone is someone who throws out uneducated thoughts without any practice. Oh wait, this is misc. I forgot.
Re: Does LibreSSL support RSA export-grade keys? - FREAK Attack
interoperable - you mean there are still softwares that really count and still cannot use/support HIGH ciphers? wow. What a world we live in.. :\ Look, stop being a child. There are plenty of discussions about this topic in many places.
Issue to run some ksh script with httpd
HI I made the correct configuration to run bgplg script, but somehow I can't run ksh script. I already made the copy of /bin/ksh to /var/www/bin/sh and fix the permission of script file. The web page appears blank, with no data, but bgplg works. Somebody knows how to fix that? Regards, -- Antonio Feitosa (http://twitter.com/teebsd) #DevOps believer in Prototype Driven Development, #Security Consultant, #OpenBSD addicted, #ARM hobbyst and #Blues #Musician. #P2P is the real #cloudcomputing. Rio de Janeiro, Brazil · Github: https://github.com/TeeBSD Blog: http://teebsd.github.io/
cvs(1) template when committing
Hi, My goal was to make cvs (in base) to show a template (with files commiting) in editor when cvs commit is executed. E.g.: Modified files: program.c program.h Fix: __fill this up__ Comments: __fill this up__ Where program.c program.h is auto filled in (by cvs hooks?). The reason for this is so to make cvs log or cvs log source_file shows up every log entry with files modified and it's purpose. Reading the docs, it points to rcsinfo file in CVSROOT might be able to do it. So I did a pkg_add cvs-guide and read /usr/local/share/doc/cvs-guide/html/cvsbook.html. Gave a few tries using hooks commitinfo, loginfo, verifymsg, rcsinfo loginfo and only managed to make cvs present static template in editor (vi) from a template file. I can't seem to figure out how to make it include file name committing into the template. Anyone got this working? How do you make it work? Edward.
Re: X really slow dragging windows
On 05.03.2015 08:14, Nils Reuße wrote: On 04.03.2015 22:42, Jason Adams wrote: On 03/04/2015 01:16 PM, Nils Reuße wrote: On 04.03.2015 02:39, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? Hi Jason, i can confirm this issue, though i have no idea how to fix it. I also use an ATI card (HD 4250), but mine is supported and used with KMS. I've noticed this quite a while ago, but it doesn't bug me that much using a tiling wm. Regards Are you seeing the GPU disabled line in your Xorg.0.log? My card is also supported, but I get that GPU not working line, and until that gets solved I am stuck using shadowfb, (and ugly friends). And I believe that is the reason for the slowness. No, i don't see anything beeing disabled in my xorg log, and my card is working fine (just tried openarena, which always worked and still works fine). In my last mail i forgot to mention that i'm running the latest -current snapshot as of yesterday, but as is said, i've noticed this problem a few months before (but after 5.6). dmesg and my xorg log attached. OpenBSD 5.7-beta (GENERIC.MP) #871: Tue Mar 3 17:40:49 MST 2015 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3738107904 (3564MB) avail mem = 3634679808 (3466MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (61 entries) bios0: vendor Award Software International, Inc. version F5 date 09/30/2010 bios0: Gigabyte Technology Co., Ltd. GA-880GMA-UD2H acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT HPET MCFG MATS APIC acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) USB6(S3) SBAZ(S4) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) P2P_(S5) PCE2(S4) PCE3(S4) PCE4(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) II X2 240e Processor, 2813.27 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu0: AMD erratum 721 detected and fixed cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 200MHz cpu0: mwait min=64, max=64, C-substates=0.0.0.0.0, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) II X2 240e Processor, 2812.93 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu1: AMD erratum 721 detected and fixed cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (PEX0) acpiprt2 at acpi0: bus 6 (PEX1) acpiprt3 at acpi0: bus -1 (PEX2) acpiprt4 at acpi0: bus -1 (PEX3) acpiprt5 at acpi0: bus 4 (P2P_) acpiprt6 at acpi0: bus -1 (PCE2) acpiprt7 at acpi0: bus -1 (PCE3) acpiprt8 at acpi0: bus -1 (PCE4) acpiprt9 at acpi0: bus -1 (PCE5) acpiprt10 at acpi0: bus -1 (PCE6) acpiprt11 at acpi0: bus -1 (PCE7) acpiprt12 at acpi0: bus 2 (PCE9) acpiprt13 at acpi0: bus 3 (PCEA) acpiprt14 at acpi0: bus -1 (PCEB) acpiprt15 at acpi0: bus -1 (PCEC) acpiprt16 at acpi0: bus 1 (AGP_) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpibtn0 at acpi0: PWRB cpu0: 2813 MHz: speeds: 2800 2100 1600 800 MHz pci0 at mainbus0 bus 0 0:0:0: mem address conflict 0xe000/0x2000 pchb0 at pci0 dev 0 function 0 AMD RS880 Host rev 0x00 ppb0 at pci0 dev 1 function 0 AMD
Re: X really slow dragging windows
On 04.03.2015 22:42, Jason Adams wrote: On 03/04/2015 01:16 PM, Nils ReuÃe wrote: On 04.03.2015 02:39, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? Hi Jason, i can confirm this issue, though i have no idea how to fix it. I also use an ATI card (HD 4250), but mine is supported and used with KMS. I've noticed this quite a while ago, but it doesn't bug me that much using a tiling wm. Regards Are you seeing the GPU disabled line in your Xorg.0.log? My card is also supported, but I get that GPU not working line, and until that gets solved I am stuck using shadowfb, (and ugly friends). And I believe that is the reason for the slowness. No, i don't see anything beeing disabled in my xorg log, and my card is working fine (just tried openarena, which always worked and still works fine). In my last mail i forgot to mention that i'm running the latest -current snapshot as of yesterday, but as is said, i've noticed this problem a few months before (but after 5.6). dmesg and my xorg log attached. OpenBSD 5.7-beta (GENERIC.MP) #871: Tue Mar 3 17:40:49 MST 2015 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3738107904 (3564MB) avail mem = 3634679808 (3466MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0100 (61 entries) bios0: vendor Award Software International, Inc. version F5 date 09/30/2010 bios0: Gigabyte Technology Co., Ltd. GA-880GMA-UD2H acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT HPET MCFG MATS APIC acpi0: wakeup devices USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) USB6(S3) SBAZ(S4) PEX0(S5) PEX1(S5) PEX2(S5) PEX3(S5) P2P_(S5) PCE2(S4) PCE3(S4) PCE4(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) II X2 240e Processor, 2813.27 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu0: AMD erratum 721 detected and fixed cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 200MHz cpu0: mwait min=64, max=64, C-substates=0.0.0.0.0, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) II X2 240e Processor, 2812.93 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu1: AMD erratum 721 detected and fixed cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 2 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (PEX0) acpiprt2 at acpi0: bus 6 (PEX1) acpiprt3 at acpi0: bus -1 (PEX2) acpiprt4 at acpi0: bus -1 (PEX3) acpiprt5 at acpi0: bus 4 (P2P_) acpiprt6 at acpi0: bus -1 (PCE2) acpiprt7 at acpi0: bus -1 (PCE3) acpiprt8 at acpi0: bus -1 (PCE4) acpiprt9 at acpi0: bus -1 (PCE5) acpiprt10 at acpi0: bus -1 (PCE6) acpiprt11 at acpi0: bus -1 (PCE7) acpiprt12 at acpi0: bus 2 (PCE9) acpiprt13 at acpi0: bus 3 (PCEA) acpiprt14 at acpi0: bus -1 (PCEB) acpiprt15 at acpi0: bus -1 (PCEC) acpiprt16 at acpi0: bus 1 (AGP_) acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpibtn0 at acpi0: PWRB cpu0: 2813 MHz: speeds: 2800 2100 1600 800 MHz pci0 at mainbus0 bus 0 0:0:0: mem address conflict 0xe000/0x2000 pchb0 at pci0 dev 0 function 0 AMD RS880 Host rev 0x00 ppb0 at pci0 dev 1 function 0 AMD RS780 PCIE rev 0x00
Re: iwn(4) firmware
On Mar 04 09:19:42, phess...@theapt.org wrote: And when you run fw_update, does it fetch the correct firmware? iwn-firmware-5.11p1 is what fw_update fetched. Isn't it the correct one? On 2015 Mar 04 (Wed) at 08:26:16 +0100 (+0100), Jan Stary wrote: :http://www.openbsd.org/faq/faq6.html#Wireless :lists the supported wireles chipsets, marking with NFF :those that need the non-free firmware to be downloaded. : :It does not mark iwn(4) as such, but on my Thinkpad T400 (dmesg below), :I do need to have iwn-firmware-5.11p1 for the chipset, which is : :iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5300 rev 0x00: msi, MIMO 3T3R, MoW, address 00:21:6a:01:9f:ce : : Jan : : :OpenBSD 5.7-beta (GENERIC.MP) #852: Tue Feb 10 16:31:16 MST 2015 :t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP :real mem = 3095072768 (2951MB) :avail mem = 3008819200 (2869MB) :mpath0 at root :scsibus0 at mpath0: 256 targets :mainbus0 at root :bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) :bios0: vendor LENOVO version 7UET94WW (3.24 ) date 10/17/2012 :bios0: LENOVO 64741EG :acpi0 at bios0: rev 2 :acpi0: sleep states S0 S3 S4 S5 :acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT :acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) :acpitimer0 at acpi0: 3579545 Hz, 24 bits :acpiec0 at acpi0 :acpimadt0 at acpi0 addr 0xfee0: PC-AT compat :cpu0 at mainbus0: apid 0 (boot processor) :cpu0: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.30 MHz :cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF :cpu0: 3MB 64b/line 8-way L2 cache :cpu0: smt 0, core 0, package 0 :mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges :cpu0: apic clock running at 265MHz :cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE :cpu1 at mainbus0: apid 1 (application processor) :cpu1: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.00 MHz :cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF :cpu1: 3MB 64b/line 8-way L2 cache :cpu1: smt 0, core 1, package 0 :ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins :ioapic0: misconfigured as apic 2, remapped to apid 1 :acpimcfg0 at acpi0 addr 0xe000, bus 0-63 :acpihpet0 at acpi0: 14318179 Hz :acpiprt0 at acpi0: bus 0 (PCI0) :acpiprt1 at acpi0: bus -1 (AGP_) :acpiprt2 at acpi0: bus 2 (EXP0) :acpiprt3 at acpi0: bus 3 (EXP1) :acpiprt4 at acpi0: bus -1 (EXP2) :acpiprt5 at acpi0: bus 5 (EXP3) :acpiprt6 at acpi0: bus 13 (EXP4) :acpiprt7 at acpi0: bus 21 (PCI1) :acpicpu0 at acpi0: C3, C2, C1, PSS :acpicpu1 at acpi0: C3, C2, C1, PSS :acpipwrres0 at acpi0: PUBS, resource for USB0, USB3, USB5, EHC0, EHC1 :acpitz0 at acpi0: critical temperature is 127 degC :acpitz1 at acpi0: critical temperature is 100 degC :acpibtn0 at acpi0: LID_ :acpibtn1 at acpi0: SLPB :acpibat0 at acpi0: BAT0 model 93P5030 serial 1559 type LION oem SONY :acpibat1 at acpi0: BAT1 not present :acpiac0 at acpi0: AC unit online :acpithinkpad0 at acpi0 :acpidock0 at acpi0: GDCK not docked (0) :cpu0: Enhanced SpeedStep 2261 MHz: speeds: 2267, 2266, 1600, 800 MHz :pci0 at mainbus0 bus 0 :pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 :vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 :intagp0 at vga1 :agp0 at intagp0: aperture at 0xd000, size 0x1000 :inteldrm0 at vga1 :drm0 at inteldrm0 :inteldrm0: 1280x800 :wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) :wsdisplay0: screen 1-5 added (std, vt100 emulation) :Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured :Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured :pciide0 at pci0 dev 3 function 2 Intel GM45 PT IDER rev 0x07: DMA (unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI :pciide0: using apic 1 int 18 for native-PCI interrupt :pciide0: channel 0 ignored (not responding; disabled or no drives?) :pciide0: channel 1 ignored (not responding; disabled or no drives?) :puc0 at pci0 dev 3 function 3 Intel GM45 KT rev 0x07: ports: 1 com :com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo :com4: probed fifo depth: 0 bytes :em0 at pci0 dev 25 function 0 Intel ICH9 IGP M AMT rev 0x03: msi, address 00:1c:25:9b:0a:23 :uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x03: apic 1 int 20 :uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x03: apic 1 int 21 :uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x03: apic 1 int 22 :ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x03: apic 1
Re: iwn(4) firmware
And when you run fw_update, does it fetch the correct firmware? On 2015 Mar 04 (Wed) at 08:26:16 +0100 (+0100), Jan Stary wrote: :http://www.openbsd.org/faq/faq6.html#Wireless :lists the supported wireles chipsets, marking with NFF :those that need the non-free firmware to be downloaded. : :It does not mark iwn(4) as such, but on my Thinkpad T400 (dmesg below), :I do need to have iwn-firmware-5.11p1 for the chipset, which is : :iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5300 rev 0x00: msi, MIMO 3T3R, MoW, address 00:21:6a:01:9f:ce : : Jan : : :OpenBSD 5.7-beta (GENERIC.MP) #852: Tue Feb 10 16:31:16 MST 2015 :t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP :real mem = 3095072768 (2951MB) :avail mem = 3008819200 (2869MB) :mpath0 at root :scsibus0 at mpath0: 256 targets :mainbus0 at root :bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) :bios0: vendor LENOVO version 7UET94WW (3.24 ) date 10/17/2012 :bios0: LENOVO 64741EG :acpi0 at bios0: rev 2 :acpi0: sleep states S0 S3 S4 S5 :acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT :acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) :acpitimer0 at acpi0: 3579545 Hz, 24 bits :acpiec0 at acpi0 :acpimadt0 at acpi0 addr 0xfee0: PC-AT compat :cpu0 at mainbus0: apid 0 (boot processor) :cpu0: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.30 MHz :cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF :cpu0: 3MB 64b/line 8-way L2 cache :cpu0: smt 0, core 0, package 0 :mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges :cpu0: apic clock running at 265MHz :cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE :cpu1 at mainbus0: apid 1 (application processor) :cpu1: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz, 2261.00 MHz :cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF :cpu1: 3MB 64b/line 8-way L2 cache :cpu1: smt 0, core 1, package 0 :ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins :ioapic0: misconfigured as apic 2, remapped to apid 1 :acpimcfg0 at acpi0 addr 0xe000, bus 0-63 :acpihpet0 at acpi0: 14318179 Hz :acpiprt0 at acpi0: bus 0 (PCI0) :acpiprt1 at acpi0: bus -1 (AGP_) :acpiprt2 at acpi0: bus 2 (EXP0) :acpiprt3 at acpi0: bus 3 (EXP1) :acpiprt4 at acpi0: bus -1 (EXP2) :acpiprt5 at acpi0: bus 5 (EXP3) :acpiprt6 at acpi0: bus 13 (EXP4) :acpiprt7 at acpi0: bus 21 (PCI1) :acpicpu0 at acpi0: C3, C2, C1, PSS :acpicpu1 at acpi0: C3, C2, C1, PSS :acpipwrres0 at acpi0: PUBS, resource for USB0, USB3, USB5, EHC0, EHC1 :acpitz0 at acpi0: critical temperature is 127 degC :acpitz1 at acpi0: critical temperature is 100 degC :acpibtn0 at acpi0: LID_ :acpibtn1 at acpi0: SLPB :acpibat0 at acpi0: BAT0 model 93P5030 serial 1559 type LION oem SONY :acpibat1 at acpi0: BAT1 not present :acpiac0 at acpi0: AC unit online :acpithinkpad0 at acpi0 :acpidock0 at acpi0: GDCK not docked (0) :cpu0: Enhanced SpeedStep 2261 MHz: speeds: 2267, 2266, 1600, 800 MHz :pci0 at mainbus0 bus 0 :pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 :vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 :intagp0 at vga1 :agp0 at intagp0: aperture at 0xd000, size 0x1000 :inteldrm0 at vga1 :drm0 at inteldrm0 :inteldrm0: 1280x800 :wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) :wsdisplay0: screen 1-5 added (std, vt100 emulation) :Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured :Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured :pciide0 at pci0 dev 3 function 2 Intel GM45 PT IDER rev 0x07: DMA (unsupported), channel 0 wired to native-PCI, channel 1 wired to native-PCI :pciide0: using apic 1 int 18 for native-PCI interrupt :pciide0: channel 0 ignored (not responding; disabled or no drives?) :pciide0: channel 1 ignored (not responding; disabled or no drives?) :puc0 at pci0 dev 3 function 3 Intel GM45 KT rev 0x07: ports: 1 com :com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo :com4: probed fifo depth: 0 bytes :em0 at pci0 dev 25 function 0 Intel ICH9 IGP M AMT rev 0x03: msi, address 00:1c:25:9b:0a:23 :uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x03: apic 1 int 20 :uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x03: apic 1 int 21 :uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x03: apic 1 int 22 :ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x03: apic 1 int 23 :usb0 at ehci0: USB revision 2.0 :uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 :azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x03: msi :azalia0: codecs: Conexant CX20561 :audio0 at azalia0
Re: relayd memory usage when loading large URL lists
On 2015-03-01, Felipe Scarel fbsca...@gmail.com wrote: Now loading the phishing/domains URL list, which has about ~63k entries. relayd's parent process ballons to over 2GB memory usage (I'm assuming it's reading the URL lists and building a data structure for the relays), Yes, it's building a red-black tree structure during startup. So that's about ~520 MB of memory per relay process, out of 3 total. This is probably shared (fork does copy-on-write, so forked processes can just use the original memory unless they make changes to it). Try adjusting the prefork number and check the free memory with top(1) rather than the per-process memory with ps(1).
Re: Does wpa-psk still exist?
On Tue, Mar 03, 2015 at 06:21:52PM -0500, Bob Eby wrote: I'm trying to connect to a wireless network using OpenBSD 5.6. I see a couple FAQ questions talking about a wpa-psk command to convert plaintext to encrypted string, but still getting secure wireless working is about as clear as mud. wpa-psk was retired in 4.9 or thereabouts. For WPA with a simple pre-shared key these days you would put something like this in your /etc/hostname.if up nwid unwiredbsd wpakey mylongpassphrase dhcp rtsol (where .if would be, say .iwm0, .iwn0 etc) If there are FAQ-style (or ugh, HOWTO-style) documents out there that still mention manual conversion of your passphrase via wpa-psk as a viable option, please to everybody a favor and contact their authors to either update or remove. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Almost offtopic question to the Improving Browser Security question
On 2015-03-03, someone thisistheone8...@gmail.com wrote: Wow, copying the .Xauthority to the separated user worked! But I'm still thinking that the separated user can give out the command: xinput test 6 and can see what anyone types in via X. See xauth(1) about generating an untrusted auth token. If you're feeling lazy, enabling ssh X forwarding and using ssh -X user@localhost might be easier, but will be slower.
Re: pkg_add failure in March 1 snapshot
On Tue, Mar 03, 2015 at 09:20:00AM -0500, Ted Unangst wrote: Peter N. M. Hansteen wrote: On Tue, Mar 03, 2015 at 12:56:44PM +0100, Adam Wolk wrote: I just updated to the March 1 (i386) snapshot and now I'm in process of doing a 'pkg_add -uiv' so far no issues on my side (packages are downloading and updating). Is the issue reproducible? Maybe it was a temporary network glitch? : http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/snapshots/packages/amd64/ is empty amd64 packages on i386 is not supported. perhaps pkg_add is simply keeping you from wrecking your configuration? Even so, Use of uninitialized value $file in hash element is not the most user friendly way to present that information. :) There are so many funny failure modes in pkg_add that it's impossible to test them all beforehand. Especially because people do the most stupid things and pkg_add is reliant on a LOT of things.
Re: pkg_add failure in March 1 snapshot
On Tue, Mar 03, 2015 at 01:17:33PM -0800, Philip Guenther wrote: On Tue, Mar 3, 2015 at 3:35 AM, Dmitrij D. Czarkoff czark...@gmail.com wrote: I've updated to March 1 snapshot, and after sysmerge tried to update packages. What I got was: : $ sudo pkg_add -u : Use of uninitialized value $file in hash element at /usr/libdata/perl5/OpenBSD/Temp.pm line 80. : Use of uninitialized value $error in concatenation (.) or string at /usr/libdata/perl5/OpenBSD/PackageRepository.pm line 723. I believe this is reported when $PKG_TMPDIR isn't writable. Good catch. I know how to fix the error, I'll have to check whether to error out directly, or if I can make it propagate up. Definitely looks like somebody had fun with his /var/tmp - /tmp change... :p
Re: How to run a GUI app without X?
Thanks for all the useful comments :) On Wed, Mar 4, 2015 at 12:33 PM, Jiri B ji...@devio.us wrote: On Tue, Mar 03, 2015 at 08:16:11PM +0100, someone wrote: If X security is so bad, how can one run a GUI app, ex.: Firefox without it? Using framebuffer? How can then someone use a GUI password manager to copy the pwd to the Firefox in the fb? google doesn't gives too many answers, to be more precise, zero per hour can someone at least give keywords to what to search for? thanks Check QubesOS and thei lightweight protocol for sharing graphical output. Make a research if something like that could be done on OpenBSD (yep, no virtualization but using different users...). j.
Re: [Tor-BSD] Recognizing Randomness Exhaustion
* Libertas liber...@mykolab.com [2015-01-02 06:25]: I've tuned PF parameters in the past, but it doesn't seem to be the issue. My current pfctl and netstat -m outputs suggest that there are more than enough available resources and no reported failures. just a sidenote, it is safe to bump the default state limit, very far even on anything semi-modern. the default limit of 10k states is good for workstations and the like or tiny embedded-style deployments. I've gone up to 2M, things get a bit slow if your state table really is that big but everything keeps working. I remember someone on tor-...@list.nycbug.org suggesting that it could be at least partially due to PF being slower than other OS's firewalls. I feel offended :) Pretty certainly not. However, we're now finding that a profusion of gettimeofday() syscalls may be the issue. It was independently discovered by the operator of IPredator, the highest-bandwidth Tor relay: https://ipredator.se/guide/torserver#performance My 800 KB/s exit node had up to 7,000 gettimeofday() calls a second, along with hundreds of clock_gettime() calls. those aren't all that cheap... -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: How to run a GUI app without X?
On Tue, Mar 03, 2015 at 08:16:11PM +0100, someone wrote: If X security is so bad, how can one run a GUI app, ex.: Firefox without it? Using framebuffer? How can then someone use a GUI password manager to copy the pwd to the Firefox in the fb? google doesn't gives too many answers, to be more precise, zero per hour can someone at least give keywords to what to search for? thanks Check QubesOS and thei lightweight protocol for sharing graphical output. Make a research if something like that could be done on OpenBSD (yep, no virtualization but using different users...). j.
Re: OpenBSD install has 1 not so logical part
Thanks for clarifying! On Tue, Mar 3, 2015 at 9:33 PM, Nick Holland n...@holland-consulting.net wrote: On 03/03/15 10:55, Thisis theone wrote: Hello, Do you expect to run the X Window System? [yes] no Do you want the X Window System to be started by xdm(1)? [no] no Isn't this a contradiction? Or is it related to machdep.allowaperture? If machdep.allowaperture isn't needed anymore, why is it still in the install? there's only one kind of hw out there, right? oh wait. :) At the moment, on i386/amd64, only radeon, intel and vesa can avoid the xf86(4) driver, there are a lot of other X servers and non-Radeon/non-Intel hw that can be handled by something better than vesa out there. The first question sets things up so X *could* be used (if needed). For security reasons, this can't be changed after the system has fully booted. The second determines if X should be started at boot, but X can certainly be started post-boot. Two different things. Nick.
Re: relayd memory usage when loading large URL lists
On Wed, Mar 4, 2015 at 6:29 AM, Stuart Henderson s...@spacehopper.org wrote: On 2015-03-01, Felipe Scarel fbsca...@gmail.com wrote: Now loading the phishing/domains URL list, which has about ~63k entries. relayd's parent process ballons to over 2GB memory usage (I'm assuming it's reading the URL lists and building a data structure for the relays), Yes, it's building a red-black tree structure during startup. Nice to know. So that's about ~520 MB of memory per relay process, out of 3 total. This is probably shared (fork does copy-on-write, so forked processes can just use the original memory unless they make changes to it). Try adjusting the prefork number and check the free memory with top(1) rather than the per-process memory with ps(1). Alright, I'll do that. In other news, Reyk replied to me via Twitter saying that relayd is not optimized for large blacklists yet. I'll keep using the current version for the time being, as ~100k URLs is sufficient for my current demand. Thanks for your help!
OpenBSD Foundation GSOC 2015
The OpenBSD Foundation is pleased to announce that we have been accepted as a mentoring organization for Google Summer of Code 2015. As such if you are a student who qualifies to apply for GSOC, you will be able to find us in Google's Summer of Code Application process.For details on the application process and the relevant timelines please see https://www.google-melange.com/gsoc/homepage/google/gsoc2015 We have an ideas page which is located at http://www.openbsdfoundation.org/gsoc2015.html I will repeat my usual disclaimer here on behalf of the foundation - doing anything with GSOC does *not* guarantee the result will end up in OpenBSD or any related project. That having been said we hope to be able to put some mentors together with students to accomplish things that may become useful to the community at large. Ken Westerback, The OpenBSD Foundation
Re: Does wpa-psk still exist?
On Wed, Mar 04, 2015 at 07:39:05AM -0500 or thereabouts, Bob Eby wrote: I had tried this link: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/hostname.if.5?query=hostname.ifsec=5 Which seemed to say this would work: nwid mynwid wpakey mywpakey dhcp which doesn't work, what is up, unwiredbsd, rtsol etc? Thanks, Bob up is a command to start your wireless interface unwiredbsd is the name of the wireless network to which you wish to connect rtsol may be characterised as dhcp for ipv6
Re: Does wpa-psk still exist?
I had tried this link: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/hostname.if.5?query=hostname.ifsec=5 Which seemed to say this would work: nwid mynwid wpakey mywpakey dhcp which doesn't work, what is up, unwiredbsd, rtsol etc? Thanks, Bob
disk change-out and packages
I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. Reinstalled, mounted the new slices as before, and ran: #!/bin/sh tar -cXf - /* | tar -xpf - -C /tree tar -cXf - /home/* | tar -xpf - -C /tree/home tar -cXf - /usr/* | tar -xpf - -C /tree/usr tar -cXf - /usr/X11R6/* | tar -xpf - -C /tree/usr/X11R6 tar -cXf - /usr/local/* | tar -xpf - -C /tree/usr/local tar -cXf - /usr/obj/* | tar -xpf - -C /tree/usr/obj tar -cXf - /usr/src/* | tar -xpf - -C /tree/usr/src tar -cXf - /var/* | tar -xpf - -C /tree/var I had copied the new disk's fstab so that the duids were right when I started from it. Results were interesting. I got another copy of /home inside /tree/home, as well as what I wanted in it, and youtube-dl turns out to make filenames too long for tar. Nevertheless, I could log in as myself. But running my usual packages at login didn't work: file not found. Should I have not tried to save that much time? I thought tar | tar would get everything. Do I need to install the packages on the new disk? Is this a time that pkg_check is my friend? -- Edward Ahlsen-Girard Ft Walton Beach, FL
Weird problem with NATed VLAN connection to one specific web server
Hello, I run OpenBSD 5.6 as gateway for wireless networks. Interfaces: em0 - link to switch with Ubiquiti APs that provide 4 SSIDs vlan 2 - 10.10.12.0/24, SSID Guests vlan 3 - 10.10.13.0/24, SSID Devs vlan 4 - 10.10.14.0/24, SSID VPNs (The last SSID is Internal in internal_nw_2 192.168.168.0/24, no VLAN, with EAP-TLS authentication against (different, not the OpenBSD) RADIUS server and these clients go through different gateway via the AP switch) em1 - internet em2 - in internal_nw_1 172.16.0.0/16 em3 - in internal_nw_2 192.168.168.0/24 Guests are allowed typical internet traffic (web, mail, IM protocols...), bandwith is limited Devs are allowed to 1st internal network and selected hosts on internet VPNs are allowed only VPN protocols to internet Everything works fine except traffic from the VLANs to one media portal in our country - idnes.cz. When I had allowed NAT from the untagged internal_nw_2 and set one wireless client to use my OpenBSD as the gateway I connected to the idnes.cz website without any problems. But when I try to connect to it from any of the vlan wireless networks (allowed it temporarily from all) it just doesn't connect although any other http/s traffic to any other webserver is working without problems. I ran tcpdumps on the router and on the client, I see that vlan tags are stripped after NAT and reapplied in responses. I don't have any more ideas how should I continue in debugging and solving this stramge problem. Can anybody help me please? pf options: set block-policy return set loginterface egress set skip on lo Example of traffic that works - to ihned.cz (81.95.101.8) On vlan2 interface Feb 06 16:16:23.023894 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 66: 10.10.12.100.24913 81.95.101.8.80: S 1686897114:1686897114(0) win 8192 mss 1460,nop,wscale 8,nop,nop,sackOK (DF) Feb 06 16:16:23.024350 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 1434: 81.95.101.8.80 10.10.12.100.24908: . 4045:5425(1380) ack 1288 win 1114 (DF) Feb 06 16:16:23.025477 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 56: 10.10.12.100.24905 81.95.101.8.80: . ack 5764 win 258 (DF) Feb 06 16:16:23.025956 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 493: 10.10.12.100.24905 81.95.101.8.80: P 1280:1719(439) ack 5764 win 258 (DF) Feb 06 16:16:23.028124 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 1063: 81.95.101.8.80 10.10.12.100.24908: P 5425:6434(1009) ack 1288 win 1114 (DF) Feb 06 16:16:23.028823 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 1434: 81.95.101.8.80 10.10.12.100.24907: . 28682:30062(1380) ack 2162 win 1248 (DF) Feb 06 16:16:23.029815 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 56: 10.10.12.100.24908 81.95.101.8.80: . ack 6434 win 258 (DF) Feb 06 16:16:23.031059 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 498: 10.10.12.100.24912 54.228.187.145.80: P 831:1275(444) ack 1275 win 251 (DF) Feb 06 16:16:23.031301 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 814: 81.95.101.8.80 10.10.12.100.24907: P 30062:30822(760) ack 2162 win 1248 (DF) Feb 06 16:16:23.035400 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 1434: 81.95.101.8.80 10.10.12.100.24906: . 26405:27785(1380) ack 2150 win 1248 (DF) Feb 06 16:16:23.035406 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 1016: 81.95.101.8.80 10.10.12.100.24906: P 27785:28747(962) ack 2150 win 1248 (DF) Feb 06 16:16:23.037786 00:22:fb:3d:2f:38 00:50:56:a4:00:05 0800 56: 10.10.12.100.24907 81.95.101.8.80: . ack 30822 win 258 (DF) Feb 06 16:16:23.038120 00:50:56:a4:00:05 00:22:fb:3d:2f:38 0800 66: 81.95.101.8.80 10.10.12.100.24913: S 1565502224:1565502224(0) ack 1686897115 win 14600 mss 1380,nop,nop,sac kOK,nop,wscale 4 (DF) On inet_if interface - Feb 06 16:16:23.023963 00:50:56:a4:00:08 00:15:62:2e:8c:38 0800 66: x.y.z.161.50198 81.95.101.8.80: S 1686897114:1686897114(0) win 8192 mss 1460,nop,wscale 8,nop,nop,sackOK (DF) Feb 06 16:16:23.024306 00:15:62:2e:8c:38 00:50:56:a4:00:08 0800 1434: 81.95.101.8.80 x.y.z.161.55093: . 4045:5425(1380) ack 1288 win 1114 (DF) Feb 06 16:16:23.024639 00:15:62:2e:8c:38 00:50:56:a4:00:08 0800 1063: 81.95.101.8.80 x.y.z.161.55093: P 5425:6434(1009) ack 1288 win 1114 (DF) Feb 06 16:16:23.025508 00:50:56:a4:00:08 00:15:62:2e:8c:38 0800 54: x.y.z.161.63797 81.95.101.8.80: . ack 5764 win 258 (DF) Feb 06 16:16:23.025978 00:50:56:a4:00:08 00:15:62:2e:8c:38 0800 493: x.y.z.161.63797 81.95.101.8.80: P 1280:1719(439) ack 5764 win 258 (DF) Feb 06 16:16:23.028780 00:15:62:2e:8c:38 00:50:56:a4:00:08 0800 1434: 81.95.101.8.80 x.y.z.161.52735: . 28682:30062(1380) ack 2162 win 1248 (DF) Feb 06 16:16:23.028830 00:15:62:2e:8c:38 00:50:56:a4:00:08 0800 814: 81.95.101.8.80 x.y.z.161.52735: P 30062:30822(760) ack 2162 win 1248 (DF) Feb 06 16:16:23.029838 00:50:56:a4:00:08 00:15:62:2e:8c:38 0800 54: x.y.z.161.55093 81.95.101.8.80: . ack 6434 win 258 (DF) Feb 06 16:16:23.031269 00:15:62:2e:8c:38 00:50:56:a4:00:08 0800 1434: 81.95.101.8.80 x.y.z.161.60762: . 26405:27785(1380) ack 2150 win
Re: X really slow dragging windows
On Tue, Mar 03, 2015 at 05:39:51PM -0800, Jason Adams wrote: Somewhere along the road of moving from 5.5 to 5.6 (i386) my performance in X has really taken a hit when dragging windows around. The window trails the pointer by several inches. X performance used to be surprisingly good on 5.5. I note the following lines in Xorg.0.log: [56.517] (--) RADEON(0): Chipset: ATI Radeon Mobility 7000 IGP 4437 (ChipID = 0x4437) [56.519] (II) RADEON(0): GPU accel disabled or not working, using shadowfb for KMS fw_update reports no updates, (it does list a couple radeon entries as it checks for firmware). Any clues as to what may be the issue here? Is this fixable? A full dmesg and Xorg.0.log would be helpful. If you could try a snapshot there are some changes in -current that may be relevant.
Re: Does wpa-psk still exist?
On 03/04/15 07:38, Bob Eby wrote: I had tried this link: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/hostname.if.5?query=hostname.ifsec=5 Which seemed to say this would work: nwid mynwid wpakey mywpakey dhcp which doesn't work, what is up, unwiredbsd, rtsol etc? You did it wrong. Most likely, that's not your nwid or wpakey. And you probably don't have a .if interface. Based on the information you provided, that's all I can or will say. Nick.
Re: Does wpa-psk still exist?
On Wed, Mar 04, 2015 at 08:05:02AM -0500 or thereabouts, Nick Holland wrote: On 03/04/15 07:38, Bob Eby wrote: I had tried this link: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/hostname.if.5?query=hostname.ifsec=5 Which seemed to say this would work: nwid mynwid wpakey mywpakey dhcp which doesn't work, what is up, unwiredbsd, rtsol etc? You did it wrong. Most likely, that's not your nwid or wpakey. And you probably don't have a .if interface. Based on the information you provided, that's all I can or will say. Nick. Do you have the firmware for your wireless? http://firmware.openbsd.org
Re: disk change-out and packages
On Wed, 4 Mar 2015, Ed Ahlsen-Girard wrote: I decided to upgrade the internal drive, so I hooked up the new on on the CD's usual SATA channel and installed, having adjust the disklabel more to suit me (the auto partition of /usr left it really tight on space, and home was not big enough). First method: mount all the slices in /tree and run a series of cp -R as root. Files seemed to get there but something was not right with permissions when I tried booting the new disk, so I dropped back and did some research. Reinstalled, mounted the new slices as before, and ran: #!/bin/sh tar -cXf - /* | tar -xpf - -C /tree tar -cXf - /home/* | tar -xpf - -C /tree/home tar -cXf - /usr/* | tar -xpf - -C /tree/usr tar -cXf - /usr/X11R6/* | tar -xpf - -C /tree/usr/X11R6 tar -cXf - /usr/local/* | tar -xpf - -C /tree/usr/local tar -cXf - /usr/obj/* | tar -xpf - -C /tree/usr/obj tar -cXf - /usr/src/* | tar -xpf - -C /tree/usr/src tar -cXf - /var/* | tar -xpf - -C /tree/var I had copied the new disk's fstab so that the duids were right when I started from it. Results were interesting. I got another copy of /home inside /tree/home, as well as what I wanted in it, and youtube-dl turns out to make filenames too long for tar. Nevertheless, I could log in as myself. But running my usual packages at login didn't work: file not found. Should I have not tried to save that much time? I thought tar | tar would get everything. Do I need to install the packages on the new disk? Is this a time that pkg_check is my friend? pax -rw -pe was what you wanted. Possibly with the -k option too. Regards, David
slow to no throughout on ral
I have an old Soekris 5501 with a wireless (WL-RT2561-ST 802.11a/b/g) PCI card, running a recent snapshot. I have slow wireless transfer rate and sluggishness that went from being occasional to nearly 100% of the time. Instead of 830kB/s or so from the net, I'm getting transfer rates of around about 80kB/s and less in mode 11g. My Yeeloong no longer connects via wireless to that network but the problem is present even with Ubuntu or OS X clients. The problem does not seem to manifest on the wired LAN. I've tried turning off PF and downloading locally over the WLAN from the Soekris using httpd directly. Even then I get the low tranfer speeds. The problem showed up while the system software was relatively stable and I had not done any recent snapshot upgrade, but I have since done many. I've tried switching channels from 11 to 1 but that had no apparent effect. Over a large transfer the speed can go up and down by a factor of 10 or a little more during the span of the transfer, but mostly hover at the slow end. Sometimes it stops tranferring completely for a while. The only other strange symptom is that the machine locks up hard every week or two requiring a powercycle or hardware reset to restart. I can find nothing in the logs anywhere near the time of the lock ups. The main board runs at about 60 deg, according to systat, and the other card an ADSL card runs at about 80 deg, so I don't think it is temperature. What should I be looking at? Regards, /Lars TM) Integrated Processor by AMD PCS (AuthenticAMD 586-class) 500 MHz cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX,MMXX,3DNOW2,3DNOW real mem = 536363008 (511MB) avail mem = 515227648 (491MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: date 20/70/03, BIOS32 rev. 0 @ 0xfac40 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc8000/0xa800 cpu0 at mainbus0: (uniprocessor) mtrr: K6-family MTRR support (2 registers) amdmsr0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) 0:20:0: io address conflict 0x6100/0x100 0:20:0: io address conflict 0x6200/0x200 pchb0 at pci0 dev 1 function 0 AMD Geode LX rev 0x33 glxsb0 at pci0 dev 1 function 2 AMD Geode LX Crypto rev 0x00: RNG AES vr0 at pci0 dev 6 function 0 VIA VT6105M RhineIII rev 0x96: irq 11, address 00:00:24:cb:a9:24 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr1 at pci0 dev 7 function 0 VIA VT6105M RhineIII rev 0x96: irq 5, address 00:00:24:cb:a9:25 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr2 at pci0 dev 8 function 0 VIA VT6105M RhineIII rev 0x96: irq 9, address 00:00:24:cb:a9:26 ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 vr3 at pci0 dev 9 function 0 VIA VT6105M RhineIII rev 0x96: irq 12, address 00:00:24:cb:a9:27 ukphy3 at vr3 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI 0x004063, model 0x0034 re0 at pci0 dev 14 function 0 Realtek 8139 rev 0x20: RTL8139C+ (0x7480), irq 10, address 00:0a:fa:20:03:79 rlphy0 at re0 phy 0: RTL internal PHY ral0 at pci0 dev 17 function 0 Ralink RT2561S rev 0x00: irq 15, address 00:12:0e:61:54:68 ral0: MAC/BBP RT2561C, RF RT5225 glxpcib0 at pci0 dev 20 function 0 AMD CS5536 ISA rev 0x03: rev 3, 32-bit 3579545Hz timer, watchdog, gpio, i2c gpio0 at glxpcib0: 32 pins iic0 at glxpcib0 pciide0 at pci0 dev 20 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: SanDisk SDCFH-004G wd0: 1-sector PIO, LBA48, 3825MB, 7835184 sectors wd1 at pciide0 channel 0 drive 1: ELITE PRO CF CARD 4GB wd1: 1-sector PIO, LBA, 3823MB, 7831152 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) ohci0 at pci0 dev 21 function 0 AMD CS5536 USB rev 0x02: irq 7, version 1.0, legacy support ehci0 at pci0 dev 21 function 1 AMD CS5536 USB rev 0x02: irq 7 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 AMD EHCI root hub rev 2.00/1.00 addr 1 isa0 at glxpcib0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard pcppi0 at isa0 port 0x61 spkr0 at pcppi0 nsclpcsio0 at isa0 port 0x2e/2: NSC PC87366 rev 9: GPIO VLM TMS gpio1 at nsclpcsio0: 29 pins npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 usb1 at ohci0: USB revision 1.0 uhub1 at usb1 AMD OHCI root hub rev 1.00/1.00 addr 1 vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets softraid0:
lynx is gone?
Lynx is gone. Wow just wow, I'm stupefied by just how much you guys have removed from base. The least you could do is put something on afterboot useful to getting a web browser up and running. Note: it's usually helpful to have a web-browser to do things like oh, I don't know, find a suitable mirror for pkg_add? It was fun playing with the packet filter all those years ago, but I think I've had my fill of OpenBSD after lack of new hard drive formats, WPA2 hassles, failure to get very popular and important firmwares (ipw anyone?) into the distribution. (Nothing like installing over a wireless NIC when you don't have the firmware and can't download it over said NIC) Honestly, every new box I try to find some use for OpenBSD but every time go back to some Linux flavor to actually do ... well ? anything. (Except play nethack. I guess, yeah, *thats* more important than a default web browser)