Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)
> Can you try the diff following or > > http://yasuoka.net/~yasuoka/BOOTX64.EFI > > ? Then enter "machine memory" on "boot> " prompt and check the last line. > It shows whether the memory area for kernel is free or not. Like > > Load address: Conventional(7) 0x for KB > > is good sign. Great, thanks. I grabbed the binary. machine memory: http://i.imgur.com/gtiAIxc.jpg Another boot attempt, with hang (hd0d is intentional): http://i.imgur.com/tcVm4r6.jpg >> boot> machine disk >> DiskBIOS# TypeCylsHeads SecsFlags Checksum >> hd0 0x80label 956 64 32 0x2 0xe4afa028 >> hd1 0x81label 1023255 63 0x0 0x0 >> boot> > > Isn't this a result of BIOS boot? Yes, my bad. Thanks. Brian
Re: Making IPv6 NAT prefer privacy address
Em 22-09-2015 15:06, Daniel Gillen escreveu: > Hi > > I currently have the following rule to nat traffic out to the internet: > > match out on $if_ext inet6 from $if_int:network to any nat-to ($if_ext) > > But this chooses from one of the configures addresses (using round-robin). > > Is there a way I can configure pf to prefer the privacy address (the one > without my MAC in it)? > > Thx in advance > > Daniel > Nat on IPv6? Why? Also, if I'm not mistaken, if your card has a privacy address, it will be the one used, but for connections originated from the firewall itself. I'm not aware of any rule you could make that would get you only privacy address. I didn't read the code, but ($if_ext) would give you the first address, IIRC. Which, in your case, is not the privacy address. Also, you could check if your CPE (router) answer to DHCPv6 requests. If so, and if it follows RFC 7084, you could ask a IA_NA from it, and you'd get an address which is not the privacy address, but also is not based on your MAC address. Cheers, Giancarlo Razzolini
Re: speedup shutdown
2015/09/22 3:21 "Quartz": >> >> The two daemons you refer to, treat SIGHUP as a "please re-read your >> configuration files and restart". This is semi-common. This happens to >> also be the two daemons you are testing this with, causing some confusino. > >> Not everything, but some things will still be running. > > It wasn't just syslogd and sshd, -HUP also doesn't shut down any of the pflogd/dhclient/cron stuff either. The only process it actually stops is sndiod, all the others restart on their own. > > >> After running commands #1, #3 and #5; almost everything should be >> killed. Command #1 should take care of the vast majority of daemons >> started at boot; #3 and #5 are to catch the ones that aren't. > > Well, -TERM stops every PID I typed in (the four I didn't being init, two ksh's and ps itself), so I'm not sure where that leave me. I guess it's some kind of timing thing or race condition? > I haven't tried this on openbsd, but I wrote a little tool for someone who was fussing about debian taking too long to shut down: http://joels-programming-fun.blogspot.jp/2014/08/this-is-demonstration-of-way-to.html You'll want to tune some of it, probably, may not need to grep, may want to change the timing. Just remember, writing to a file at shutdown will interfere with the shutdown, especially if you use timing too fast to finish one log entry before the next one starts. And you may want to deliberately kill the process before the shutdown process does the final sync. And don't forget to remove things before you put the thing into production. Joel Rees Computer memory is just fancy paper, CPUs just fancy pens. All is a stream of text flowing from the past into the future.
Making IPv6 NAT prefer privacy address
Hi I currently have the following rule to nat traffic out to the internet: match out on $if_ext inet6 from $if_int:network to any nat-to ($if_ext) But this chooses from one of the configures addresses (using round-robin). Is there a way I can configure pf to prefer the privacy address (the one without my MAC in it)? Thx in advance Daniel -- Unix _IS_ user friendly - it's just selective about who its friends are!
Re: update/upgrade
> On Sep 20, 2015, at 9:36 PM, Quartzwrote: > >> Does your embedded storage run NOR/NAND or something like SDHC Memory >> Cards? >> >> If your systems are running SDHC you can easily create clones with a >> laptop& the DD utility. > > A couple of them do, but it doesn't matter in this case. The main issue with > compiling is that it can effectively knock the system offline for hours which > isn't acceptable. Any process that involves shutting the machine off or > booting into a separate OS image has the same problem. > > It's just a question of minimizing downtime. > Is it possible to upgrade via separate OS? Chroot into a new system, run sysmerge & voila?
dhclient broken on 2015-09-21 amd64 snapshot
I just updated my current box to yesterdays (2015-09-21) snapshot. Now it won't keep a network address. eisenhower# dhclient -d em0 DHCPREQUEST on em0 to 255.255.255.255 DHCPACK from 129.21.208.254 (d0:c2:82:f2:94:00) SIOCAIFADDR failed (129.21.208.29): File exists bound to 129.21.208.29 -- renewal in 5400 seconds. Active address (129.21.208.29) deleted; exiting eisenhower# ifconfig lo0: flags=8049mtu 32768 priority: 0 groups: lo inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 em0: flags=8843 mtu 1500 lladdr 00:1c:c4:1e:40:10 priority: 0 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active enc0: flags=0<> priority: 0 groups: enc status: active pflog0: flags=141 mtu 33144 priority: 0 groups: pflog I'm seeing a note on the current FAQ from the 12th indicating the ifmedia options have been extended to 64 bits. I'm seeing a change to ifconfig in the tree for this, but I don't see a corresponding change to dhclient in the tree (looking at cvsweb). Did the dhclient change get overlooked? Am I doing something else obviously wrong? (dmesg below) --Kurt OpenBSD 5.8-current (GENERIC.MP) #1375: Mon Sep 21 20:01:15 MDT 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4135260160 (3943MB) avail mem = 4005974016 (3820MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xeb920 (68 entries) bios0: vendor Hewlett-Packard version "786E1 v01.16" date 08/17/2011 bios0: Hewlett-Packard HP Compaq dc7700 Small Form Factor acpi0 at bios0: rev 0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC ASF! MCFG TCPA SLIC HPET acpi0: wakeup devices COM1(S4) COM2(S4) PCI0(S4) PEG1(S4) IGBE(S4) PCX1(S4) PCX2(S4) HUB_(S4) USB1(S3) USB2(S3) USB3(S3) USB4(S3) USB5(S3) EUS1(S3) EUS2(S3) PBT N(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz, 2660.32 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR cpu0: 4MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz, 2659.99 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR cpu1: 4MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 1 acpimcfg0 at acpi0 addr 0xf400, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG1) acpiprt2 at acpi0: bus 32 (PCX1) acpiprt3 at acpi0: bus -1 (PCX2) acpiprt4 at acpi0: bus 7 (HUB_) acpicpu0 at acpi0: C1(@1 halt!), PSS acpicpu1 at acpi0: C1(@1 halt!), PSS acpibtn0 at acpi0: PBTN cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2667, 2128, 1596 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel 82Q965 Host" rev 0x02 vga1 at pci0 dev 2 function 0 "Intel 82Q965 Video" rev 0x02 intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1024x768 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) "Intel 82Q965 HECI" rev 0x02 at pci0 dev 3 function 0 not configured em0 at pci0 dev 25 function 0 "Intel ICH8 IGP AMT" rev 0x02: msi, address 00:1c:c4:1e:40:10 uhci0 at pci0 dev 26 function 0 "Intel 82801H USB" rev 0x02: apic 1 int 20 uhci1 at pci0 dev 26 function 1 "Intel 82801H USB" rev 0x02: apic 1 int 21 ehci0 at pci0 dev 26 function 7 "Intel 82801H USB" rev 0x02: apic 1 int 22 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801H HD Audio" rev 0x02: msi azalia0: codecs: Realtek ALC262 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x02: msi pci1 at ppb0 bus 32 uhci2 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x02: apic 1 int 20 uhci3 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x02: apic 1 int 21 ehci1 at pci0 dev 29 function 7 "Intel 82801H USB" rev 0x02: apic 1 int 20 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb1 at
Re: console color
> OK, thanks. After some searching based on this info and some messing > around, it looks like 'export TERM=ansi' and setting t_Co=8 will get me > limited colors in vim without screwing anything up. Further to the excellent write-up by miod@ simply put if you're on x86 PC console any of these enables colors: $ export TERM=wsvt25 $ export TERM=pccon To confirm: $ echo $TERM ; tput colors $ tmux These are defined in /etc/termcap Hint: in the file search for (open|net)bsd|colou?r and Co#8|Co#256 for a broader range of TERM capabilities. You can also reference for an understanding what do the definitions in /etc/termcap mean $ man 5 terminfo $ man 5 termcap If you get sick of console colors and your eyes start hurting from dark blue fg on black bg and other high-low contrast issue just set it back to vt220: $ export TERM=vt220 Or even better, use xterm. In X you can use $ export TERM=xterm-256color $ export TERM=screen-256color # slant instead of reverse highlight $ export TERM=tmux-256color You could also set TERM in .profile testing whether you're on the PC console or in X, and whether you're running an interactive shell and/or a tmux session.
Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)
On Tue, 22 Sep 2015 14:20:22 -0500 Brian Conwaywrote: >> Can you try the diff following or >> >> http://yasuoka.net/~yasuoka/BOOTX64.EFI >> >> ? Then enter "machine memory" on "boot> " prompt and check the last line. >> It shows whether the memory area for kernel is free or not. Like >> >> Load address: Conventional(7) 0x for KB >> >> is good sign. > > Great, thanks. I grabbed the binary. Thanks, > machine memory: > > http://i.imgur.com/gtiAIxc.jpg This picture shows Load address: Loader Data (2) 0xd0 for 4096KB FATAL This is what I want to know. 0xd0 + 4M is overlapping the kernel area. I think the following diff or http://yasuoka.net/~yasuoka/BOOTX64.EFI (updated) will fix the problem. Index: sys/arch/amd64/stand/efiboot/Makefile.common === RCS file: /disk/cvs/openbsd/src/sys/arch/amd64/stand/efiboot/Makefile.common,v retrieving revision 1.1 diff -u -p -u -p -r1.1 Makefile.common --- sys/arch/amd64/stand/efiboot/Makefile.common2 Sep 2015 01:52:25 - 1.1 +++ sys/arch/amd64/stand/efiboot/Makefile.common23 Sep 2015 02:45:52 - @@ -7,6 +7,8 @@ EFIDIR= ${.CURDIR}/../../efi OBJCOPY?= objcopy OBJDUMP?= objdump +EFI_HEAP_LIMIT=0xc0 + LDFLAGS+= -nostdlib -T${.CURDIR}/../${LDSCRIPT} -Bsymbolic -shared COPTS+=-DEFIBOOT -DNEEDS_HEAP_H -DLINKADDR=${LINKADDR} -I${.CURDIR}/.. @@ -65,6 +67,7 @@ ${PROG}: ${PROG.so} .include CFLAGS+= -Wno-pointer-sign CPPFLAGS+= -DSMALL -DSLOW -DNOBYFOUR -D__INTERNAL_LIBSA_CREAD +CPPFLAGS+= -DHEAP_LIMIT=${EFI_HEAP_LIMIT} ${PROG.so}: ${OBJS} ${LD} ${LDFLAGS} -o ${.TARGET}.tmp ${OBJS} ${LDADD} Index: sys/arch/amd64/stand/efiboot/efiboot.c === RCS file: /disk/cvs/openbsd/src/sys/arch/amd64/stand/efiboot/efiboot.c,v retrieving revision 1.3 diff -u -p -u -p -r1.3 efiboot.c --- sys/arch/amd64/stand/efiboot/efiboot.c 3 Sep 2015 09:22:40 - 1.3 +++ sys/arch/amd64/stand/efiboot/efiboot.c 23 Sep 2015 02:45:53 - @@ -42,7 +42,7 @@ EFI_RUNTIME_SERVICES *RS; EFI_HANDLE IH, efi_bootdp = NULL; EFI_PHYSICAL_ADDRESSheap; EFI_LOADED_IMAGE *loadedImage; -UINTN heapsiz = 3 * 1024 * 1024; +UINTN heapsiz = 1 * 1024 * 1024; UINTN mmap_key; static EFI_GUID imgdp_guid = { 0xbc62157e, 0x3e33, 0x4fec, { 0x99, 0x20, 0x2d, 0x3b, 0x36, 0xd7, 0x50, 0xdf }}; @@ -199,7 +199,7 @@ efi_heap_init(void) { EFI_STATUS status; - heap = 0x100; /* Below kernel base address */ + heap = HEAP_LIMIT; status = EFI_CALL(BS->AllocatePages, AllocateMaxAddress, EfiLoaderData, EFI_SIZE_TO_PAGES(heapsiz), ); if (status != EFI_SUCCESS)
Re: doas and home directory of target user
Ahem. Dmesg below. (Sorry about that.) On Wed, Sep 23, 2015 at 8:29 AM, Joel Reeswrote: > Thank you, Dan, Ben, and Frank. I see that I have left out some > important information: > > user2 is specified as a non-login class of user in /etc/login.conf, > auth=reject: shell=/sbin/nologin, and has a default shell of > /sbin/nologin in /etc/passwd . > > On Tue, Sep 22, 2015 at 5:41 PM, Joel Rees wrote: >> I have this rule in doas.conf: >> >> permit nopass user1 as user2 >> >> As user1, I try this at the command line: >> >> doas -u user2 whoami >> >> and it tells me I am user2, as I expect. And >> >>doas -u user2 ls >> >> tells me I don't have permission. I kind of expect this. >> >> I'm looking for a way to do the equivalent of >> >> sudo -u user2 -s "cd; ls" >> >> I don't see a way to do this with doas, at least not without a short >> intermediary script, which script is not going to be able to do cd ~/. >> >> Should I assume that doas is not intended to do this sort of thing? > > With this intermediary script: > > #! /bin/sh > export USER=user2 > . /etc/ksh.kshrc > printenv > ls > > I get > > MAIL=/var/mail/user1 > LOGNAME=user1 > HOME=/home/classU/user1 > > PATH=/home/classU/user1/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:. > DISPLAY=:0.0 > TERM=xterm > USER=user2 > ls: .: Permission denied > > Which, I guess, does surprise me. > >> (And therefore [I should] do things "right" by setting up ssh with public-key >> authentication to do the user switch?) > > Which would also require enabling login for user2. (I tried this > without thinking yesterday.) > >> (Or go all out and set up chroot to run an instance of X11 and firefox? ;-/ >> ) > > Would this also require enabling login? -- Joel Rees --- OpenBSD 5.8-current (GENERIC.MP) #1367: Sat Sep 12 14:59:55 MDT 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 1835790336 (1750MB) avail mem = 1776250880 (1693MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP UEFI HPET APIC MCFG ASF! BOOT FPDT MSDM SSDT SSDT SSDT SSDT SSDT acpi0: wakeup devices GPP0(S5) GPP1(S4) OHC1(S3) OHC2(S3) OHC3(S3) EHC1(S3) EHC2(S3) EHC3(S3) XHC0(S4) AWAD(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD A4-1200 APU with Radeon(TM) HD Graphics, 998.27 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,ITSC,BMI1 cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD A4-1200 APU with Radeon(TM) HD Graphics, 998.13 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,ITSC,BMI1 cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 0 pa 0xfec0, version 21, 24 pins ioapic1 at mainbus0: apid 5 pa 0xfec01000, version 21, 32 pins ioapic1: misconfigured as apic 0, remapped to apid 5 acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (GPP0) acpiprt2 at acpi0: bus 5 (GPP1) acpiprt3 at acpi0: bus -1 (GPP2) acpiprt4 at acpi0: bus -1 (GPP3) acpiprt5 at acpi0: bus -1 (GFX_) acpiec0 at acpi0 acpicpu0 at acpi0: !C2(0@400 io@0x414), C1(@1 halt!), PSS acpicpu1 at acpi0: !C2(0@400 io@0x414), C1(@1 halt!), PSS acpipwrres0 at acpi0: FN00, resource for FAN0 acpitz0 at acpi0: critical temperature is 118 degC acpibtn0 at acpi0: PWRB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model "Primary" serial 43346 03/09/2014 type LIon oem "Hewlett-Packard" acpibtn1 at acpi0: LID_ acpivideo0 at acpi0: VGA_ acpivideo1 at acpi0: VGA_ cpu0: 998 MHz: speeds: 1000 900 800 700 600
Re: doas and home directory of target user
Thank you, Dan, Ben, and Frank. I see that I have left out some important information: user2 is specified as a non-login class of user in /etc/login.conf, auth=reject: shell=/sbin/nologin, and has a default shell of /sbin/nologin in /etc/passwd . On Tue, Sep 22, 2015 at 5:41 PM, Joel Reeswrote: > I have this rule in doas.conf: > > permit nopass user1 as user2 > > As user1, I try this at the command line: > > doas -u user2 whoami > > and it tells me I am user2, as I expect. And > >doas -u user2 ls > > tells me I don't have permission. I kind of expect this. > > I'm looking for a way to do the equivalent of > > sudo -u user2 -s "cd; ls" > > I don't see a way to do this with doas, at least not without a short > intermediary script, which script is not going to be able to do cd ~/. > > Should I assume that doas is not intended to do this sort of thing? With this intermediary script: #! /bin/sh export USER=user2 . /etc/ksh.kshrc printenv ls I get MAIL=/var/mail/user1 LOGNAME=user1 HOME=/home/classU/user1 PATH=/home/classU/user1/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:. DISPLAY=:0.0 TERM=xterm USER=user2 ls: .: Permission denied Which, I guess, does surprise me. > (And therefore [I should] do things "right" by setting up ssh with public-key > authentication to do the user switch?) Which would also require enabling login for user2. (I tried this without thinking yesterday.) > (Or go all out and set up chroot to run an instance of X11 and firefox? ;-/ > ) Would this also require enabling login? -- Joel Rees Be careful when you look at conspiracy. Arm yourself with knowledge of yourself, as well: http://reiisi.blogspot.jp/2011/10/conspiracy-theories.html
Re: ugen0 instead of urtwn0
On 09/22/15 06:52, Thuban wrote: Grab relevant src/sys/dev/usb/if_urtwn.c sys/dev/usb/usbdevs from CVS, than cd sys/dev/usb && make, than rebuild/install kernel as described in FAQ. I rebuild and installed the kernel without any error, but still, the usb stick isn't detected as urtwn. What did I do wrong : # cd /usr # export CVSROOT=anon...@anoncvs.fr.openbsd.org:/cvs # cvs -d$CVSROOT checkout -rOPENBSD_5_7 -P src # cd //usr/src/sys/dev # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/usbdevs # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/if_urtwn.c # # rebuild/install kernel -- Thuban Hi dmesg(8) and usbdevs(8) -v output would be useful. Cheers Fred
doas and home directory of target user
I have this rule in doas.conf: permit nopass user1 as user2 As user1, I try this at the command line: doas -u user2 whoami and it tells me I am user2, as I expect. And doas -u user2 ls tells me I don't have permission. I kind of expect this. I'm looking for a way to do the equivalent of sudo -u user2 -s "cd; ls" I don't see a way to do this with doas, at least not without a short intermediary script, which script is not going to be able to do cd ~/. Should I assume that doas is not intended to do this sort of thing? (And therefore do things "right" by setting up ssh with public-key authentication to do the user switch?) (Or go all out and set up chroot to run an instance of X11 and firefox? ;-/ ) Joel Rees Computer memory is just fancy paper, CPUs just fancy pens. All is a stream of text flowing from the past into the future.
Re: SR RAID5 rebuild/stability issue.
On Tue, Sep 22, 2015 at 3:20 AM, Chris Cappucciowrote: > Karel Gardas [gard...@gmail.com] wrote: >> >> Let me ask, should SR RAID5 survive such testing or is for example >> rebuilding with off-lined drive considered unsupported feature? >> > > It's new, considered experimental and not well tested. OK so I'll omit this from my testing. > Are you working with someone to bring your RAID1 changes in tree? The > complete, understood improvements should be individually labeled > and committed, one by one. So far on tech@ I was merely ignored, but this is probably due to the fact that I posted patches[1][2][3] clearly marked as a work-in-progress. Once the patch is complete I will offer my view how it may be divided and perhaps discussion will start... [1] https://www.mail-archive.com/tech@openbsd.org/msg25388.html [2] https://www.mail-archive.com/tech@openbsd.org/msg25419.html [3] https://www.mail-archive.com/tech@openbsd.org/msg25716.html
Re: ugen0 instead of urtwn0
On Tue, Sep 22, 2015 at 8:52 AM, Thubanwrote: >> Grab relevant >> >> src/sys/dev/usb/if_urtwn.c >> sys/dev/usb/usbdevs >> >> from CVS, than cd sys/dev/usb && make, than rebuild/install kernel >> as described in FAQ. >> > I rebuild and installed the kernel without any error, but still, the usb > stick isn't detected as urtwn. > > What did I do wrong : > > # cd /usr > # export CVSROOT=anon...@anoncvs.fr.openbsd.org:/cvs > # cvs -d$CVSROOT checkout -rOPENBSD_5_7 -P src You don't want to do this if you're going to checkout src/sys/*, the two cvs(1) commands below will create /usr/src/sys/dev/src/sys/dev/* instead of updating /usr/src/sys/dev/* as intended. > # cd //usr/src/sys/dev > # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/usbdevs > # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/if_urtwn.c > # # rebuild/install kernel > > -- > Thuban > PubKey : http://yeuxdelibad.net/Divers/thuban.pub > -Kimmo
Re: solved qemu tap
as homework install run CorePlus-5.1-jaOK(by cdrom)X OK puppy precise571fail perhaps debian should be run as CUI (character base) in slow machine . is very attractive except its slowness . in this vertual space we develop defending power against evil crackers
Re: ugen0 instead of urtwn0
> > I rebuild and installed the kernel without any error, but still, the usb > > stick isn't detected as urtwn. > > > > What did I do wrong : > > > > # cd /usr > > # export CVSROOT=anon...@anoncvs.fr.openbsd.org:/cvs > > # cvs -d$CVSROOT checkout -rOPENBSD_5_7 -P src > > > You don't want to do this if you're going to checkout src/sys/*, the > two cvs(1) commands below will > create /usr/src/sys/dev/src/sys/dev/* instead of updating > /usr/src/sys/dev/* as intended. > > # cd //usr/src/sys/dev > > > > # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/usbdevs > > # cvs -d$CVSROOT -bOPENBSD_5_8 get src/sys/dev/if_urtwn.c Right, files were in wrong place. Thanks. I tried to rebuild the kernel with usbdevs and if_urtwn.c at the correct emplacement, but now build fail. In if_urtwn.c, there are undecladerd variables : if_urtwn.c:3556: error: 'R88E_HIMRE_TXERR' undeclared (first usr un this function) ... #you know the song I guess some file is missing, of course, because mixing 5.7 and 5.8 couldn't for like that. Here are dmesg and usbdevs -v as requested : dmesg : OpenBSD 5.7-stable (GENERIC.MP) #1: Tue Sep 22 07:41:56 CEST 2015 r...@openbsd.my.domain:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2128605184 (2029MB) avail mem = 2068082688 (1972MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf0450 (76 entries) bios0: vendor Dell Inc. version "2.2.0" date 03/29/2007 bios0: Dell Inc. OptiPlex 745 acpi0 at bios0: rev 2 acpi0: TCPA checksum error acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT APIC BOOT ASF! MCFG HPET TCPA SLIC acpi0: wakeup devices VBTN(S4) PCI0(S5) PCI4(S5) PCI2(S5) PCI3(S5) PCI1(S5) PCI5(S5) PCI6(S5) MOU_(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) USB4(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz, 1862.22 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF cpu0: 2MB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 266MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz, 1862.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM 2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF cpu1: 2MB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 4 (PCI4) acpiprt1 at acpi0: bus 2 (PCI2) acpiprt2 at acpi0: bus -1 (PCI3) acpiprt3 at acpi0: bus 1 (PCI1) acpiprt4 at acpi0: bus 3 (PCI5) acpiprt5 at acpi0: bus -1 (PCI6) acpiprt6 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0 acpicpu1 at acpi0 acpibtn0 at acpi0: VBTN memory map conflict 0x7fe03c00/0x1fc400 pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel 82Q965 Host" rev 0x02 ppb0 at pci0 dev 1 function 0 "Intel 82Q965 PCIE" rev 0x02: msi pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "NVIDIA GeForce 210" rev 0xa2 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) azalia0 at pci1 dev 0 function 1 vendor "NVIDIA", unknown product 0x0be3 rev 0xa1: msi azalia0: no supported codecs uhci0 at pci0 dev 26 function 0 "Intel 82801H USB" rev 0x02: apic 8 int 16 uhci1 at pci0 dev 26 function 1 "Intel 82801H USB" rev 0x02: apic 8 int 17 ehci0 at pci0 dev 26 function 7 "Intel 82801H USB" rev 0x02: apic 8 int 22 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia1 at pci0 dev 27 function 0 "Intel 82801H HD Audio" rev 0x02: msi azalia1: codecs: Analog Devices AD1983 audio0 at azalia1 ppb1 at pci0 dev 28 function 0 "Intel 82801H PCIE" rev 0x02: msi pci2 at ppb1 bus 2 ppb2 at pci0 dev 28 function 4 "Intel 82801H PCIE" rev 0x02: msi pci3 at ppb2 bus 3 bge0 at pci3 dev 0 function 0 "Broadcom BCM5754" rev 0x02, BCM5754/5787 A2 (0xb002): msi, address 00:19:b9:2f:0a:50 brgphy0 at bge0 phy 1: BCM5787 10/100/1000baseT PHY, rev. 0 uhci2 at pci0 dev 29 function 0 "Intel 82801H USB" rev 0x02: apic 8 int 23 uhci3 at pci0 dev 29 function 1 "Intel 82801H USB" rev 0x02: apic 8 int 17
Re: ugen0 instead of urtwn0
On Mon, Sep 21, 2015 at 11:14:22AM +0200, Thuban wrote: > Hi, > I have a usb wifi dongle supposed to work with urtwn firmware. > usbdevs returns WNA 1000Mv2 Netgear listed here [0] > > But the device is detected as ugen. > > How can I fix this? This device was added to -current after 5.8. It will work out of the box in OpenBSD 5.9. The easiest way to get support for it is to use snapshots (i.e. -current). See the "Snapshots" section in http://www.openbsd.org/faq/faq5.html#Flavors You can try to get it to work with 5.7 but this might not work. Getting this device to work on 5.8 (to be released on Oct 18) should be possible using the steps below. Starting with pristine OpenBSD 5.8 kernel source (or 5.7, if you want to try your luck), add the line product NETGEAR WNA1000Mv2 0x9043 WNA1000Mv2 somewhere in the file /usr/src/sys/dev/usb/usbdevs as shown here: === RCS file: /cvs/src/sys/dev/usb/usbdevs,v retrieving revision 1.654 retrieving revision 1.655 diff -u -r1.654 -r1.655 --- src/sys/dev/usb/usbdevs 2015/07/15 13:25:49 1.654 +++ src/sys/dev/usb/usbdevs 2015/08/22 15:10:19 1.655 @@ -3135,6 +3135,7 @@ product NETGEAR WNA11000x9030 WNA1100 product NETGEAR WNA10000x9040 WNA1000 product NETGEAR WNA1000M 0x9041 WNA1000M +product NETGEAR WNA1000Mv2 0x9043 WNA1000Mv2 /* Netgear(2) products */ product NETGEAR2 MA101 0x4100 MA101 Now run $ cd /usr/src/sys/dev/usb/ $ make to re-create the USB device list header files usbdevs.h and usbdevs_data.h. Next, add the line { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000Mv2 }, to /usr/src/sys/dev/usb/if_urtwn.c somewhere in the driver's ID table, as shown here: === RCS file: /cvs/src/sys/dev/usb/if_urtwn.c,v retrieving revision 1.48 retrieving revision 1.49 diff -u -r1.48 -r1.49 --- src/sys/dev/usb/if_urtwn.c 2015/06/12 15:47:31 1.48 +++ src/sys/dev/usb/if_urtwn.c 2015/08/22 15:19:33 1.49 @@ -110,6 +110,7 @@ { USB_VENDOR_IODATA,USB_PRODUCT_IODATA_WNG150UM }, { USB_VENDOR_IODATA,USB_PRODUCT_IODATA_RTL8192CU }, { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000M }, + { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_WNA1000Mv2 }, { USB_VENDOR_NETGEAR, USB_PRODUCT_NETGEAR_RTL8192CU }, { USB_VENDOR_NETGEAR4, USB_PRODUCT_NETGEAR4_RTL8188CU }, { USB_VENDOR_NETWEEN, USB_PRODUCT_NETWEEN_RTL8192CU }, Now compile a new kernel and install it. For more information on the steps involved in compiling the kernel, see http://www.openbsd.org/faq/faq5.html#Bld and in particular this section: http://www.openbsd.org/faq/faq5.html#BldKernel
Re: UEFI boot attempt on AM1 platform with logs (9/16 snapshot)
Hi, On Thu, 17 Sep 2015 20:47:22 -0500 Brian Conwaywrote: > The NUC 2820 I was previously testing snapshots with has moved on to a > better place (and lacked any meaningful serial console support), but > here are some logs from an MSI AM1I motherboard, both the attempted > UEFI boot and the successful BIOS boot. It also appears to hang during > kernel load. Let me know if I can provide any more info. Can you try the diff following or http://yasuoka.net/~yasuoka/BOOTX64.EFI ? Then enter "machine memory" on "boot> " prompt and check the last line. It shows whether the memory area for kernel is free or not. Like Load address: Conventional(7) 0x for KB is good sign. > Side note: Is com0 console not yet support by EFIBOOT? I got an error > along those lines when attempting 'set tty com0', I assume this is > already known. No, it's not supported yet. > boot> machine disk > DiskBIOS# TypeCylsHeads SecsFlags Checksum > hd0 0x80label 956 64 32 0x2 0xe4afa028 > hd1 0x81label 1023255 63 0x0 0x0 > boot> Isn't this a result of BIOS boot? Index: sys/arch/amd64/stand/efiboot/efiboot.c === RCS file: /disk/cvs/openbsd/src/sys/arch/amd64/stand/efiboot/efiboot.c,v retrieving revision 1.3 diff -u -p -u -p -r1.3 efiboot.c --- sys/arch/amd64/stand/efiboot/efiboot.c 3 Sep 2015 09:22:40 - 1.3 +++ sys/arch/amd64/stand/efiboot/efiboot.c 22 Sep 2015 10:35:40 - @@ -193,6 +193,7 @@ next: * Memory ***/ bios_memmap_t bios_memmap[64]; +static int efi_badloadaddr = 0; static void efi_heap_init(void) @@ -224,6 +225,8 @@ efi_memprobe(void) printf("%uK", bm->size / 1024); } } + if (efi_badloadaddr) + printf(" BAD"); printf("]"); } @@ -233,9 +236,10 @@ efi_memprobe_internal(void) EFI_STATUS status; UINTNmapkey, mmsiz, siz; UINT32 mmver; + UINT64 pend; EFI_MEMORY_DESCRIPTOR *mm0, *mm; int i, n; - bios_memmap_t*bm, bm0; + bios_memmap_t *bm, bm0; cnvmem = extmem = 0; bios_memmap[0].type = BIOS_MAP_END; @@ -255,6 +259,11 @@ efi_memprobe_internal(void) bm0.type = BIOS_MAP_END; bm0.addr = mm->PhysicalStart; bm0.size = mm->NumberOfPages * EFI_PAGE_SIZE; + pend = mm->PhysicalStart + mm->NumberOfPages * EFI_PAGE_SIZE; + if (!(pend <= 0x100 || 0x200 < mm->PhysicalStart) && + mm->Type != EfiConventionalMemory) + efi_badloadaddr = 1; + if (mm->Type == EfiReservedMemoryType || mm->Type == EfiUnusableMemory || mm->Type == EfiRuntimeServicesCode || @@ -614,5 +623,49 @@ int Xpoweroff_efi(void) { EFI_CALL(RS->ResetSystem, EfiResetShutdown, EFI_SUCCESS, 0, NULL); + return (0); +} + +int +Xmemory_efi(void) +{ + EFI_STATUS status; + UINTNmapkey, mmsiz, siz; + UINT32 mmver; + UINT64 pend; + EFI_MEMORY_DESCRIPTOR *mm0, *mm; + int i, n; + const char *typestr; + + siz = 0; + status = EFI_CALL(BS->GetMemoryMap, , NULL, , , + ); + if (status != EFI_BUFFER_TOO_SMALL) + panic("cannot get the size of memory map"); + mm0 = alloc(siz); + status = EFI_CALL(BS->GetMemoryMap, , mm0, , , ); + if (status != EFI_SUCCESS) + panic("cannot get the memory map"); + n = siz / mmsiz; + mmap_key = mapkey; + + for (i = 0, mm = mm0; i < n; i++, mm = NextMemoryDescriptor(mm, mmsiz)){ + pend = mm->PhysicalStart + mm->NumberOfPages * EFI_PAGE_SIZE; + if (pend <= 0x100 || 0x200 < mm->PhysicalStart) + continue; + typestr = + (mm->Type == EfiLoaderCode)? "Loader Code " : + (mm->Type == EfiLoaderData)? "Loader Data " : + (mm->Type == EfiBootServicesCode)? "BS Code " : + (mm->Type == EfiBootServicesData)? "BS Data " : + (mm->Type == EfiConventionalMemory)? "Conventional" : + "Other"; + printf("Load address: %s(%d) 0x%llx for %uKB%s\n", + typestr, mm->Type, mm->PhysicalStart, + (unsigned)((mm->NumberOfPages * EFI_PAGE_SIZE) / 1024), + (mm->Type != EfiConventionalMemory)? " FATAL" : ""); + } + free(mm0, siz); +
Re: doas and home directory of target user
On Tue, 22 Sep 2015 17:41:57 +0900 Joel Reeswrote: > I have this rule in doas.conf: > > permit nopass user1 as user2 > > As user1, I try this at the command line: > > doas -u user2 whoami > > and it tells me I am user2, as I expect. And > >doas -u user2 ls > > tells me I don't have permission. I kind of expect this. > > I'm looking for a way to do the equivalent of > > sudo -u user2 -s "cd; ls" My two slightly different solutions $ doas -u user2 -s << EOF > cd /home/user2 > > ls > EOF $ doas -u user2 env HOME=/home/user2 /bin/ksh << EOF > cd > ls > EOF Greetings ben
Recommended miniPCI express wireless module for PC Engines' APU system board?
If I recall correctly, some of you reported problems with PC Engines' default option Compex WLE200NX 802.11a/b/g/n. Oh, there is a new Compex WLE600VX 802.11ac as well (for apu, please check software support first). Or, perhaps, I'm better off buying a 3rd party one from Amazon? Intel modules are popular there.
Re: doas and home directory of target user
On Tue, 22 Sep 2015 17:41:57 +0900 Joel Reeswrote: > I have this rule in doas.conf: > > permit nopass user1 as user2 > > As user1, I try this at the command line: > > doas -u user2 whoami > > and it tells me I am user2, as I expect. And > >doas -u user2 ls > > tells me I don't have permission. I kind of expect this. > > I'm looking for a way to do the equivalent of > > sudo -u user2 -s "cd; ls" > > I don't see a way to do this with doas, at least not without a short > intermediary script, which script is not going to be able to do cd ~/. > > Should I assume that doas is not intended to do this sort of thing? > > (And therefore do things "right" by setting up ssh with public-key > authentication to do the user switch?) > > (Or go all out and set up chroot to run an instance of X11 and firefox? ;-/ > ) > > Joel Rees > > Computer memory is just fancy paper, > CPUs just fancy pens. > All is a stream of text > flowing from the past into the future. > if you are just trying to run multiple commands, you can do it under a shell eg $ doas -u user2 ksh -c "cd; ls" although it may be better to do $ doas -u user2 ksh -c "cd && ls" so that you know it successfully changed dir. if you are trying to 'cd' to user2's home, thats slightly more tricky, since $HOME is maintained from the parent shell. there doesn't seem to be a simple way to get a login shell, but there is way using su. in /etc/doas.conf permit nopass user1 as root cmd su args -l user2 and you can run: $ doas su -l user2 but that doesn't seem let you run commands. although, if you just want to log in user2, you can use ssh (you don't need chroot necessarily). you can just set up /home/user2/.ssh/authorized_keys and do: $ ssh user2@localhost and you can run a command that way with no problem, and it's simpler: $ ssh user2@localhost ls if you are using firefox this would be better since you have -X (X11 security restrictions.) $ ssh -X user2@localhost firefox if you do want to go down that route though see this: https://marc.info/?l=openbsd-misc=142676615612510=2 you needn't go all the way, but the info is still good re ssh. if you just want to run the command as the user as if they were logged in, ssh is probably your best bet: $ ssh user2@localhost ksh -c "cd; ls" according to sudo(8) your original "cd; ls" would be passed to the shell just as above. so basically that last command is the equivalent to your 'sudo -u user2 -s "cd; ls"'.