Re: VMD linux/debian cdrom issue
More 'color' ;-) proxmox iso's do, and they also include zfs on root as an option, but they require gui bits to install from what I can tell. https://www.proxmox.com/en/downloads Penned by Carlos Cardenas on 20180823 8:45.44, we have: | On Thu, Aug 23, 2018 at 12:43:17PM +0200, Martijn van Duren wrote: | > Hello Ales, | > | > I ran into the same problem and found that the Debian installer doesn't | > include the virtio drivers and thus can't use the cdrom or the disk. | > | > I worked around this by bootstrapping the disk via the qemu port and | > booting the disk from vmm once it's finally done. Qemu is significantly | > slower than vmm, so do get another cup of $BEVERAGE. | > | > I haven't taken the time to contact Debian about this, so it's | > probably not yet known to them. | > | > Hope this helps for now. | > | > martijn@ | | To add some color what martijn said, the standard debian isos do not | include the virtio drivers; however, the netinst iso does (for whatever | reason). You can boot off that and perform a network install if you're | so inclined. | | However, after typing that, I attempted to boot a netinst 9.5 iso and it | looks like those drivers are not there anymore (they have hyperv and xen | pv drivers present though). You can use an older netinst ISO to do it | as it will still have them but I don't know how far back you'll need to | go since it's been a while since I tested debian. | | At this point, if you want debian, it looks like you'll have to | bootstrap with qemu. I would also encourage you to contact the debian | folks about this as well, specifically the inclusion of virtio drivers | since they are already including hyperv and xen. | | +--+ | Carlos | | > On 08/23/18 12:18, Ales Tepina wrote: | > > Hello! | > > | > > I have a lenovo T470 running current on which i would like to use vmd | > > to run debian for some work specific stuff. | > > I'm having trouble installing debian though because the installer | > > doesn't seem to find cdrom. | > > | > > My vm.conf is pretty basic: | > > switch "local" { | > > interface bridge0 | > > } | > > vm "work" { | > > disable | > > memory 2G | > > cdrom "/home/vm/debian-9.5.0-amd64-xfce-CD-1.iso" | > > disk "/home/vm/debian.img" | > > interface { switch "local" } | > > } | > > | > > On the debian installer boot menu, i select Install and press TAB to | > > edit the menu entry. I remove the "quiet" at the end and append from | > > --- onwards so at the end it looks like this: | > > (omitted part)/install.amd/vmlinuz desktop=xfce vga=788 | > > initrd=/install.amd/initrd.gz --- clocksource=tsc console=ttyS0,115200 | > > noapic | > > | > > The text based installer starts and i'm able to choose language, | > > location and keyboard. | > > At the "Detect and mount CD-ROM section, i'm informed that "No common | > > CD-ROM drive was detected." and i'm given the option to load CD-ROM | > > drivers from removable media. When i select NO the installer gives me | > > the option to manually select a CD-ROM module or device. I can choose | > > between none and cdrom. The cdrom option just asks me for a device | > > like /dev/ cdrom | > > | > > I tried with debian netboot image - same problem. | > > | > > I've read Mike Larkin's slides "OpenBSD vmm/vmd Update" and if some of | > > you are running linux in vmm (for testing purposes of course) i would | > > be gratefull to know how did you manage to get past this problem? | > > | > > Best regards, Ales | > > | > -- Todd Fries .. t...@fries.net |\ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC\ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com\ 1.866.792.3418 (FAX) | PO Box 16169, Oklahoma City, OK 73113-2169 \ sip:freedae...@ekiga.net | "..in support of free software solutions." \ sip:4052279...@ekiga.net \ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt
Re: VMD linux/debian cdrom issue
On Thu, Aug 23, 2018 at 12:43:17PM +0200, Martijn van Duren wrote: > Hello Ales, > > I ran into the same problem and found that the Debian installer doesn't > include the virtio drivers and thus can't use the cdrom or the disk. > > I worked around this by bootstrapping the disk via the qemu port and > booting the disk from vmm once it's finally done. Qemu is significantly > slower than vmm, so do get another cup of $BEVERAGE. > > I haven't taken the time to contact Debian about this, so it's > probably not yet known to them. > > Hope this helps for now. > > martijn@ To add some color what martijn said, the standard debian isos do not include the virtio drivers; however, the netinst iso does (for whatever reason). You can boot off that and perform a network install if you're so inclined. However, after typing that, I attempted to boot a netinst 9.5 iso and it looks like those drivers are not there anymore (they have hyperv and xen pv drivers present though). You can use an older netinst ISO to do it as it will still have them but I don't know how far back you'll need to go since it's been a while since I tested debian. At this point, if you want debian, it looks like you'll have to bootstrap with qemu. I would also encourage you to contact the debian folks about this as well, specifically the inclusion of virtio drivers since they are already including hyperv and xen. +--+ Carlos > On 08/23/18 12:18, Ales Tepina wrote: > > Hello! > > > > I have a lenovo T470 running current on which i would like to use vmd > > to run debian for some work specific stuff. > > I'm having trouble installing debian though because the installer > > doesn't seem to find cdrom. > > > > My vm.conf is pretty basic: > > switch "local" { > > interface bridge0 > > } > > vm "work" { > > disable > > memory 2G > > cdrom "/home/vm/debian-9.5.0-amd64-xfce-CD-1.iso" > > disk "/home/vm/debian.img" > > interface { switch "local" } > > } > > > > On the debian installer boot menu, i select Install and press TAB to > > edit the menu entry. I remove the "quiet" at the end and append from > > --- onwards so at the end it looks like this: > > (omitted part)/install.amd/vmlinuz desktop=xfce vga=788 > > initrd=/install.amd/initrd.gz --- clocksource=tsc console=ttyS0,115200 > > noapic > > > > The text based installer starts and i'm able to choose language, > > location and keyboard. > > At the "Detect and mount CD-ROM section, i'm informed that "No common > > CD-ROM drive was detected." and i'm given the option to load CD-ROM > > drivers from removable media. When i select NO the installer gives me > > the option to manually select a CD-ROM module or device. I can choose > > between none and cdrom. The cdrom option just asks me for a device > > like /dev/ cdrom > > > > I tried with debian netboot image - same problem. > > > > I've read Mike Larkin's slides "OpenBSD vmm/vmd Update" and if some of > > you are running linux in vmm (for testing purposes of course) i would > > be gratefull to know how did you manage to get past this problem? > > > > Best regards, Ales > > >
Re: wifi gui manager
On Aug 23, 2018 2:34 AM, Stefan Sperling wrote: > > On Wed, Aug 22, 2018 at 06:38:11PM -0700, Chris Bennett wrote: > > Well, there are probably additional reasons too, but my father happily > > runs OpenBSD. Of course, he needs to be able to turn the computer off. > > I would recommend using doas(1) to grant 'shutdown' to a particular user. > You don't want to run a web browser from an account in the operator group. > > The operator group grants permissions far beyond turning the computer off. > The group has read access to raw disk devices. Applications running as > operator can bypass filesystem permissions by reading raw disk blocks. > > $ ls -l /dev/sd0a > brw-r- 1 root operator - 4, 0 Apr 5 22:02 /dev/sd0a > > This means for instance that secrets stored in /etc are exposed. Password > hashes, letsencrypt account keys and certs, smtp auth passwords, wifi > passwords, VPN secrets, ... > > My understanding is that operator was introduced at a time when > taking system backups required the computer to wait for tapes > being swapped by a human. These operators didn't need root but > were trusted with sensitive data. > That makes sense. I believe I read something similar somewhere as well.
Re: VMD linux/debian cdrom issue
Martijn van Duren wrote: > (…) > I worked around this by bootstrapping the disk via the qemu port and > booting the disk from vmm once it's finally done. Qemu is significantly > slower than vmm, so do get another cup of $BEVERAGE. > (…) Another option is to grab https://cdimage.debian.org/cdimage/openstack/current/debian-9.5.2-20180809-openstack-amd64.raw It does not have a premade account so you need to add your ssh public key where it belongs. Boot it via vmd, let the autosetup thing die from timeout. Connect via ssh, uninstall all software related to the autosetup thing (I do not remember the name, but if you watch the first boot, you will have some clue) Reboot the vm. To add a ssh key, I did not succeed in mounting the file via vnconfig, not sure whether it is doable or not so I used a Debian system I had access to. On the linux host: # losetup /dev/loop0 debian-9.5.2-20180809-openstack-amd64.raw # kpartx -a /dev/loop0 # mount /dev/mapper/loop0p1 /tmp/vmdisk/ ### the moment you add your ssh public key. # umount /dev/mapper/loop0p1 # kpartx -d /dev/loop0 # losetup -d /dev/loop0 Hope it helps as well.
Re: VMD linux/debian cdrom issue
Hello Ales, I ran into the same problem and found that the Debian installer doesn't include the virtio drivers and thus can't use the cdrom or the disk. I worked around this by bootstrapping the disk via the qemu port and booting the disk from vmm once it's finally done. Qemu is significantly slower than vmm, so do get another cup of $BEVERAGE. I haven't taken the time to contact Debian about this, so it's probably not yet known to them. Hope this helps for now. martijn@ On 08/23/18 12:18, Ales Tepina wrote: > Hello! > > I have a lenovo T470 running current on which i would like to use vmd > to run debian for some work specific stuff. > I'm having trouble installing debian though because the installer > doesn't seem to find cdrom. > > My vm.conf is pretty basic: > switch "local" { > interface bridge0 > } > vm "work" { > disable > memory 2G > cdrom "/home/vm/debian-9.5.0-amd64-xfce-CD-1.iso" > disk "/home/vm/debian.img" > interface { switch "local" } > } > > On the debian installer boot menu, i select Install and press TAB to > edit the menu entry. I remove the "quiet" at the end and append from > --- onwards so at the end it looks like this: > (omitted part)/install.amd/vmlinuz desktop=xfce vga=788 > initrd=/install.amd/initrd.gz --- clocksource=tsc console=ttyS0,115200 > noapic > > The text based installer starts and i'm able to choose language, > location and keyboard. > At the "Detect and mount CD-ROM section, i'm informed that "No common > CD-ROM drive was detected." and i'm given the option to load CD-ROM > drivers from removable media. When i select NO the installer gives me > the option to manually select a CD-ROM module or device. I can choose > between none and cdrom. The cdrom option just asks me for a device > like /dev/ cdrom > > I tried with debian netboot image - same problem. > > I've read Mike Larkin's slides "OpenBSD vmm/vmd Update" and if some of > you are running linux in vmm (for testing purposes of course) i would > be gratefull to know how did you manage to get past this problem? > > Best regards, Ales >
VMD linux/debian cdrom issue
Hello! I have a lenovo T470 running current on which i would like to use vmd to run debian for some work specific stuff. I'm having trouble installing debian though because the installer doesn't seem to find cdrom. My vm.conf is pretty basic: switch "local" { interface bridge0 } vm "work" { disable memory 2G cdrom "/home/vm/debian-9.5.0-amd64-xfce-CD-1.iso" disk "/home/vm/debian.img" interface { switch "local" } } On the debian installer boot menu, i select Install and press TAB to edit the menu entry. I remove the "quiet" at the end and append from --- onwards so at the end it looks like this: (omitted part)/install.amd/vmlinuz desktop=xfce vga=788 initrd=/install.amd/initrd.gz --- clocksource=tsc console=ttyS0,115200 noapic The text based installer starts and i'm able to choose language, location and keyboard. At the "Detect and mount CD-ROM section, i'm informed that "No common CD-ROM drive was detected." and i'm given the option to load CD-ROM drivers from removable media. When i select NO the installer gives me the option to manually select a CD-ROM module or device. I can choose between none and cdrom. The cdrom option just asks me for a device like /dev/ cdrom I tried with debian netboot image - same problem. I've read Mike Larkin's slides "OpenBSD vmm/vmd Update" and if some of you are running linux in vmm (for testing purposes of course) i would be gratefull to know how did you manage to get past this problem? Best regards, Ales
dhclient hang on OpenBSD 6.3 on sis network card
Hello, I'm running a diskless Soekris net4526 (i386 architecture) and I have encountered a problem when using dhcp setting on my hostname.sis0 file. The booting process stops at 'Starting network'. If I set the interface's hostname.sis0 to static IP, everything works OK. If I bring up the interface statically and _then_ run netstart, it also hangs as it does in the boot process. air# echo "dhcp" >/etc/hostname.sis0 air# /etc/netstart -n sis0 ifconfig sis0 down;dhclient sis0 air# /etc/netstart sis0 At this point the machine stops responding and must be hard-reset. ^C doesn't do anything. If I replicate the steps /etc/netstart takes and run ifconfig and dhclient separately, it appears as the problem resides in dhclient, as it straight up freezes and doesn't respond to ^C: air# ifconfig sis0 down air# dhclient -v sis0 However, if I set my IP configuration statically to somewhere in my subnet and then run dhclient, everything works as it should: air# ifconfig sis0 sis0: flags=8843 mtu 1500 lladdr 00:00:24:c4:56:20 index 2 priority 0 llprio 3 groups: netboot media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.16.11 netmask 0xff00 broadcast 192.168.16.255 air# dhclient -v sis0 sis0: DHCPDISCOVER - interval 1 sis0: DHCPOFFER from 192.168.16.1 (00:22:4d:a6:12:6f) sis0: DHCPREQUEST to 255.255.255.255 sis0: DHCPACK from 192.168.16.1 (00:22:4d:a6:12:6f) sis0: bound to 192.168.16.11 from 192.168.16.1 (00:22:4d:a6:12:6f) air# My dmesg output: OpenBSD 6.3 (GENERIC) #490: Sat Mar 24 14:31:33 MDT 2018 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD Am486DX4 W/B or Am5x86 W/B 150 ("AuthenticAMD" 486-class) cpu0: FPU real mem = 66600960 (63MB) avail mem = 51486720 (49MB) warning: no entropy supplied by boot loader mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: date 20/80/03, BIOS32 rev. 0 @ 0xf7840 pcibios0 at bios0: rev 2.0 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xc8000/0x9000 cpu0 at mainbus0: (uniprocessor) pci0 at mainbus0 bus 0: configuration mode 1 (no bios) elansc0 at pci0 dev 0 function 0 "AMD ElanSC520 PCI" rev 0x00: product 0 stepping 1.1, CPU clock 133MHz, reset 0 gpio0 at elansc0: 32 pins ath0 at pci0 dev 17 function 0 "Atheros AR5212" rev 0x01: irq 10 ath0: AR5414 10.5 phy 6.1 rf2414 6.3 eeprom 5.2, FCC2A*, address 00:0c:42:1b:f6:0e sis0 at pci0 dev 18 function 0 "NS DP83815 10/100" rev 0x00, DP83816A: irq 11, address 00:00:24:c4:56:20 nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 isa0 at mainbus0 isadma0 at isa0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard wdc1 at isa0 port 0x170/8 irq 15 wd0 at wdc1 channel 0 drive 0: <064MB ATA Flash Disk> wd0: 1-sector PIO, LBA, 61MB, 125056 sectors wd0(wdc1:0:0): using BIOS timings pcppi0 at isa0 port 0x61 spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets PXE boot MAC address 00:00:24:c4:56:20, interface sis0 nfs_boot: using interface sis0, with revarp & bootparams nfs_boot: client_addr=192.168.16.11 nfs_boot: server_addr=192.168.16.1 hostname=air root on 192.168.16.1:/var/exports/air nfs_boot: bootparam get swap: 60 WARNING: no swap Is there something I am missing? -- Thanks in advance Kristjan Komlosi
openBGPd crashes in 6.2 and 6.3: "a politician in the decision process"
Hi, openBGPd is running at an internet exchange, two openBSD route servers (rs3 on openBSD 6.3 and rs4 on openBSD 6.2, both virtual machines on different hypervisors in different locations) connect with peering customers. We've experienced crashes in openBGPd twice in the past two weeks. Both times with the same error message: "fatal in RDE: Uh, oh a politician in the decision process". These error messages are logged on both route servers right before they crash within seconds of each other. The route servers had been running quite reliably for a long time before the recent incidents. The daemon can then be restarted without an issue. CPU usage prior to the crash is minimal (<5%). In the minutes before the crash we're seeing error messages like the following in daemon.log: bgpd[23099]: no such peer: id=4294967037 Sample of logs just before the crash: Aug 22 15:38:58 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 91.206.52.170 AS6939: update 81.163.124.0/24 via 91.206.52.170 Aug 22 15:38:58 rs3 bgpd[23099]: no such peer: id=4294967037 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::11 AS31424: withdraw 2a01:6a8::/32 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: withdraw 2a01:6a8::/32 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::aa AS6939: withdraw 2804:364c::/33 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::aa AS6939: withdraw 2804:364c:8000::/33 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::11 AS31424: update 2a01:6a8::/32 via 2001:7f8:24::11 Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::aa AS6939: update 2804:364c::/33 via 2001:7f8:24::aa Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::aa AS6939: update 2804:364c:8000::/33 via 2001:7f8:24::aa Aug 22 15:38:59 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: update 2a01:6a8::/32 via 2001:7f8:24::bf Aug 22 15:39:00 rs3 bgpd[23099]: Connection attempt from neighbor 91.206.52.139 while session is in state Idle Aug 22 15:39:01 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 91.206.52.96 AS31042: update 185.64.172.0/24 via 91.206.52.96 Aug 22 15:39:01 rs3 bgpd[43763]: fatal in RDE: Uh, oh a politician in the decision process Aug 22 15:39:01 rs3 bgpd[99961]: peer closed imsg connection Aug 22 15:39:01 rs3 bgpd[99961]: main: Lost connection to RDE Aug 22 15:39:01 rs3 bgpd[23099]: peer closed imsg connection Aug 22 15:39:01 rs3 bgpd[23099]: SE: Lost connection to parent Logs just before the "no such peer" messages appear: Aug 22 15:36:43 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 91.206.52.54 AS34554: update 80.75.112.0/20 via 91.206.52.54 Aug 22 15:36:43 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::36 AS34554: update 2a01:6a8::/32 via 2001:7f8:24::36 Aug 22 15:36:44 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: update 2a0d:8d80::/32 via 2001:7f8:24::bf Aug 22 15:36:47 rs3 bgpd[23099]: neighbor 91.206.52.96: graceful restart of IPv4 unicast, keeping routes Aug 22 15:36:47 rs3 bgpd[23099]: neighbor 91.206.52.96: state change Established -> Idle, reason: Connection closed Aug 22 15:36:47 rs3 bgpd[23099]: neighbor 91.206.52.96: removed Aug 22 15:36:49 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::11 AS31424: withdraw 2a01:6a8::/32 Aug 22 15:36:49 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: withdraw 2a01:6a8::/32 Aug 22 15:36:49 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::11 AS31424: update 2a01:6a8::/32 via 2001:7f8:24::11 Aug 22 15:36:49 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: update 2a01:6a8::/32 via 2001:7f8:24::bf Aug 22 15:36:54 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 2001:7f8:24::bf AS33891: update 2a0d:8d80::/32 via 2001:7f8:24::bf Aug 22 15:36:55 rs3 bgpd[43763]: Rib Loc-RIB: neighbor 91.206.52.170 AS6939: update 197.249.160.0/19 via 91.206.52.170 Aug 22 15:36:55 rs3 bgpd[23099]: no such peer: id=4294967037 I haven't found much about the error message apart from this mailing list thread: https://www.mail-archive.com/misc@openbsd.org/msg04565.html The thread suggests that invoking bgpctl may cause the failure. 'bgpctl show' is invoked every few minutes through our monitoring system to check on the status of peer connections. Can anybody point me to a possible cause or troubleshooting regarding this issue? Could a misconfigured/broken peer be the cause? Has anybody dealt with a similar problem? I can provide bgpd.conf and full logs of both incidents if necessary. Best regards, Pietro Stäheli
Re: wifi gui manager
On Wed, Aug 22, 2018 at 06:38:11PM -0700, Chris Bennett wrote: > Well, there are probably additional reasons too, but my father happily > runs OpenBSD. Of course, he needs to be able to turn the computer off. I would recommend using doas(1) to grant 'shutdown' to a particular user. You don't want to run a web browser from an account in the operator group. The operator group grants permissions far beyond turning the computer off. The group has read access to raw disk devices. Applications running as operator can bypass filesystem permissions by reading raw disk blocks. $ ls -l /dev/sd0a brw-r- 1 root operator - 4, 0 Apr 5 22:02 /dev/sd0a This means for instance that secrets stored in /etc are exposed. Password hashes, letsencrypt account keys and certs, smtp auth passwords, wifi passwords, VPN secrets, ... My understanding is that operator was introduced at a time when taking system backups required the computer to wait for tapes being swapped by a human. These operators didn't need root but were trusted with sensitive data.