Re: migrate users from old system
On 10/16/18 10:39, Markus Rosjat wrote: > hi all, > > > what is the right way to do a migration of users from one system to > another? I did the following but it seems to get some problems with > permissions on the files and directories. > > 1. copy passwd, group, master.passwd to new machine yep. > 2. clean up files (some users doent exist anymore) how did you do this? > > 3. use pwd_mkdb to create a new db IF you use vipw to remove users that no longer exist, when you exit, it will sync everything for you. If not, make a token edit with vipw, then save it. > this gave no errors but after migrating some files with rsync to the new > machine it seems that some directories not read- /writeable (for example > by openLDAP) even all the permissions are set correct. If you rsync through an intermediary machines, i.e., an rsync backup system, make sure you use the --numeric-ids option, otherwise, it will try to sync the names (rather than numeric IDs) of the things it can -- and totally scramble the things it can't. If you are going directly from the old machine to the new machine, make sure you copy over the passwd, master.passwd and group files first. Also -- assuming there was an OS upgrade, copying over the user and group files just broke all new system users, so re-run sysmerge. Nick.
Re: [relayd] set response header for tagged connexion
On 10/17/18 4:14 AM, Thuban wrote: > Hi, > I want to set a header according to the requested path. The goal is to > increase > the cache-control according to file extension. > > For now, I have in relayd.conf something like : > > match request path "/*.css" tag "CSS" > match tagged "CSS" response header set "Cache-Control" value "max-age=1814400" I think you might want to try moving 'response' left, so the line begins 'match response tagged ' t > Of course, there is a syntax error. > > Any advice ? > >
Re: Need help installing 6.3 to Acer Aspire with eMMC drive; sdmmc troubles
> I'd suggest installing to a USB drive instead. After booting that, collect > information from sendbug(1) to make a bug report (often simplest done by > running "sendbug -P > /tmp/sendbug.txt" and then sending the file from a > normal email client to b...@openbsd.org with a description of what happens - > please run sendbug as root to get more information). Thank you for the suggestion, Stuart! That was fun, but now the plot gets thicker. I installed 6.3 to a usb stick, but when I reboot into the install, my eMMC is suddenly showing up as 29GB, as it should. Should I try somehow manually installing from my openbsd install on the usb to the eMMC? That seems convoluted but possibly fun. Here are the sdmmc related lines from dmesg in the install environment: sdhc0 at acpi0: SDHD addr 0x90a02000/0x1000 irq 44 sdhc0: SDHC 3.0, 200 MHz base clock sdmmc0 at sdhc0: 8-bit, sd high-speed, mmc high-speed, dma ... sdmmc0: can't re-read EXT_CSD sdmmc0: mem init failed scsibus0 at sdmmc0: 2 targets, initiator 0 sd0 at scsibus0 targ 1 lun 0: SCSI2 0/direct removable sd0: 1024MB, 512 bytes/sector, 2097152 sectors And after installing to usb dmesg: sdhc0 at acpi0: SDHD addr 0x90a02000/0x1000 irq 44 sdhc0: SDHC 3.0, 200 MHz base clock sdmmc0 at sdhc0: 8-bit, sd high-speed, mmc high-speed, dma ... sdhc_sdclk_frequency_select: command in progress scsibus1 at sdmmc0: 2 targets, initiator 0 sd0 at scsibus1 targ 1 lun 0: SCSI2 0/direct removable sd0: 29824MB, 512 bytes/sector, 61079552 sectors So I'm not seeing the same error from my usb install of 6.3, and am getting access to the full eMMC. Fdisk could see the whole thing. I probably could have re-partitioned it. Presumably my sendbug PR isn't worth much since the problem wasn't happening in that system? -Nathan
ThinkPad X220 Trackpoint Pointer Wheel Emulation Issues
First off, I'm new around here, so my apologies in advance if this is the wrong list or I've formatted something incorrectly. I've recently installed OpenBSD 6.3 on my Thinkpad X220. I'm happy to report that almost everything seems to work the way it should (suspend/resume, wireless, volume controls, etc.). However, I've been having some difficulty with the TrackPoint. The TrackPoint works fine as a pointing device, however the "WS Pointer Wheel Emulation" emulation feature is not working. For those unfamiliar, this allows the middle mouse button to be held down, and while it is held, the TrackPoint can be used to scroll vertically or horizontally. After conducting some research, I have written the following script to set the appropriate xinput properties to properly enable the pointer wheel emulation functionality: #!/bin/sh xinput set-prop /dev/wsmouse "WS Pointer Wheel Emulation" 1 xinput set-prop /dev/wsmouse "WS Pointer Wheel Emulation Button" 2 xinput set-prop /dev/wsmouse "WS Pointer Wheel Emulation Axes" 6 7 4 5 xinput set-prop /dev/wsmouse "WS Pointer Wheel Emulation Timeout" 500 xinput set-prop /dev/wsmouse "WS Pointer Wheel Emulation Inertia" 20 I have tried many different variations on the input parameters. One interesting behavior I have discovered is that if I set the emulation axes to "4 5 0 0" then I can scroll up and down by moving the track point left or right by holding the middle mouse button. However, when I use "6 7 4 5" or "0 0 4 5", the up and down scrolling generally does not work at all (occasionally jumping in the direction the trackpoint was pushed). I have spent several days troubleshooting this issue and haven't had any luck. I think this may be a bug, but I wanted to see if anyone else had similar issues and knew of a solution before submitting a bug report. I am under the impression that this list does not permit attachments, so I will refrain from attaching the full output of dmesg and other long logs, but I will include the output of some commands that I think might be relevant. Finally, I tried digging into some of the source code for Xenocara and the wsmouse drive. Unfortunately, my knowledge of OpenBSD and Xorg are insufficient to draw any useful conclusions. However, I think the following files may be relevant / a good starting point for someone more knowledgeable than I: * xenocara/driver/xf86-input-ws/include/ws-properties.h * xenocara/driver/xf86-input-ws/src/emuwheel.c I would really appreciate any suggestions to troubleshoot further. Charles ### possibly relevant output follows nessus$ dmesg | grep -i mouse wsmouse0 at pms0 mux 0 nessus$ dmesg | grep -i ws wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) wskbd0 at pckbd0: console keyboard, using wsdisplay0 wsmouse0 at pms0 mux 0 nessus$ xinput ⎡ Virtual core pointer id=2 [master pointer (3)] ⎜ ↳ Virtual core XTEST pointer id=4 [slave pointer (2)] ⎜ ↳ /dev/wsmouse id=7 [slave pointer (2)] ⎣ Virtual core keyboard id=3 [master keyboard (2)] ↳ Virtual core XTEST keyboard id=5 [slave keyboard (3)] ↳ /dev/wskbd id=6 [slave keyboard (3)] nessus$ xinput list-props /dev/wsmouse Device '/dev/wsmouse': Device Enabled (140): 1 Coordinate Transformation Matrix (141): 1.00, 0.00, 0.00, 0.00, 1.00, 0.00, 0.00, 0.00, 1.00 Device Accel Profile (253): 0 Device Accel Constant Deceleration (254): 1.00 Device Accel Adaptive Deceleration (255): 1.00 Device Accel Velocity Scaling (256): 10.00 WS Pointer Middle Button Emulation (257): 2 WS Pointer Middle Button Timeout (258): 50 WS Pointer Wheel Emulation (259): 1 WS Pointer Wheel Emulation Axes (260): 4, 5, 0, 0 WS Pointer Wheel Emulation Inertia (261): 20 WS Pointer Wheel Emulation Timeout (262): 500 WS Pointer Wheel Emulation Button (263): 2 nessus$ cat /etc/X11/xorg.conf nessus$ X -version X.Org X Server 1.19.6 Release Date: 2017-12-20 X Protocol Version 11, Revision 0 Build Operating System: OpenBSD 6.3 amd64 Current Operating System: OpenBSD nessus.domain_redacted 6.3 GENERIC.MP#107 amd64 Build Date: 24 March 2018 02:38:24PM Current version of pixman: 0.34.0 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version.
Re: Qemu: Serial access to OpenBSD host
I use the following commands: $ nbsvm foo newimg $ nbsvm foo start -cdrom cd63.iso --no-reboot -- serial # Installer $ nbsvm foo start $ nbsvm foo serial or $ nbsvm foo start -- serial And in the final openbsd installation: $ cat /etc/boot.conf set tty com0 Simple? See https://github.com/ChoHag/nbsvm Disclaimer - it's mine. I've also some scripts which take cdXX.iso and/or installXX.iso and inject an autoinstall.conf into it so that automatic installation is easy without a PXE setup (or any networking for that matter) but those are still in ~/src somewhere. Mathew
Qemu: Serial access to OpenBSD host
Hi, I have hard to of getting serial port working with qemu in Linux host and OpenBSD quest. I am using following command: # qemu-system-x86_64 -curses -boot d -smp 2 -m 1G -nographic \ -cdrom install63.iso -drive file=/dev/sda,format=raw \ -drive file=/dev/sdb,format=raw -net nic,model=rtl8139 -net user \ -device isa-serial,chardev=charserial0,id=serial0 -chardev tty,id=charserial0,path=/dev/tty0 In the boot prompt I set com0 as the default tty > set tty com0 And then I try to connect to the tty using screen on the host screen /dev/tty0 9600 But I do not get any output and cannot give any input. I have tried to use different chardevs (pty, socket) but with no difference. Does anyone have pointers what could be the problem or how I should continue to debug this? I am already successful in installing OpenBSD with the following Qemu command, but I would really like to automate setup of the machines (autoinstall by itself doesn't work because I want to setup raid 1 with the devices). I already have scripted everything so that I could setup the machine with one command if I just could have some programmatic IO to the qemu quest. Best Regards, Justus Hämäläinen
[relayd] set response header for tagged connexion
Hi, I want to set a header according to the requested path. The goal is to increase the cache-control according to file extension. For now, I have in relayd.conf something like : match request path "/*.css" tag "CSS" match tagged "CSS" response header set "Cache-Control" value "max-age=1814400" Of course, there is a syntax error. Any advice ? -- thuban
Re: Redistributing between bgpd and ospfd
Tommy Nevtelen(to...@nevtelen.com) on 2018.10.16 15:11:51 +0200: > On Tue, Oct 16, 2018 at 10:21:37AM +0200, Claudio Jeker wrote: > > On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote: > > > Hello, > > > > > > Only relying on OSPF hellos effectively makes it mimic BGP with its > > > keepalives. I will ponder the value of transporting the underlay in > > > OSPF, effectively transporting loopback peering addresses for BGP in > > > OSPF. I am not sure that it will make my life easier but will consider > > > it. > > > > OSPF is generally faster at converging after reroute and it is possible to > > set the router-dead-time to minimal which will give you a 1 second > > timeout. Also the default of 40sec is lower than the 90sec of BGP. > > Additionally OSPF may give you multipath routes so the failover for BGP > > may be not noticable. Also GRE has a way to emulate link state but to be > > honest if I use OSPF on a GRE link I will not turn it on (unless > > requested). > > I guess the brewing BFD support would speed this up for BGP when it arrives > and make OSPF less useful if speed is the thing that needs to be solved. > > Also I've been thinking about the following config in ospfd > > rtlabel label external-tag number > Map route labels to external route tags and vice versa. The >external route tag is a non-negative 32-bit number >attached to AS-external OSPF LSAs. > > What exactly does this mean? As I understand it is to map rtlabels to LSA > Type 5 tags. But what do you do with it then? Could this be used for what > this thread is talking about or is it totally off? If you do this on two (or more routers) you distribute the routes and they end up in the fib with that rtlabel (note the "and vice versa"). You can do all the things you can do with route labels, for example use them in pf filters. And yes, you could also use it to redistribute them into bgp (although that needs to happen on another router i think): ospfd ---type5 lsa---> ospfd --> fib with rtlabel --> bgpd ... hostA hostB hostBhostB /Benno
migrate users from old system
hi all, what is the right way to do a migration of users from one system to another? I did the following but it seems to get some problems with permissions on the files and directories. 1. copy passwd, group, master.passwd to new machine 2. clean up files (some users doent exist anymore) 3. use pwd_mkdb to create a new db this gave no errors but after migrating some files with rsync to the new machine it seems that some directories not read- /writeable (for example by openLDAP) even all the permissions are set correct. So I wonder if it might has to do with the user accounts themself. Any advice would be helpful. Regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: Redistributing between bgpd and ospfd
On Tue, Oct 16, 2018 at 10:21:37AM +0200, Claudio Jeker wrote: > On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote: > > Hello, > > > > Only relying on OSPF hellos effectively makes it mimic BGP with its > > keepalives. I will ponder the value of transporting the underlay in > > OSPF, effectively transporting loopback peering addresses for BGP in > > OSPF. I am not sure that it will make my life easier but will consider > > it. > > OSPF is generally faster at converging after reroute and it is possible to > set the router-dead-time to minimal which will give you a 1 second > timeout. Also the default of 40sec is lower than the 90sec of BGP. > Additionally OSPF may give you multipath routes so the failover for BGP > may be not noticable. Also GRE has a way to emulate link state but to be > honest if I use OSPF on a GRE link I will not turn it on (unless > requested). I guess the brewing BFD support would speed this up for BGP when it arrives and make OSPF less useful if speed is the thing that needs to be solved. Also I've been thinking about the following config in ospfd rtlabel label external-tag number Map route labels to external route tags and vice versa. The external route tag is a non-negative 32-bit number attached to AS-external OSPF LSAs. What exactly does this mean? As I understand it is to map rtlabels to LSA Type 5 tags. But what do you do with it then? Could this be used for what this thread is talking about or is it totally off? -- Tommy Nevtelen
find the process that heavily uses a disc
Hello, please, how can I monitor disk usage and tell what process is using it heavily? (I hear [and see] that the disk is being used, but cannot think of a process that would cause it.) Thanks Ruda
mgre questions
Hi, I'm trying to test mgre on 6.3, but without luck. There isn't much on it in gre and ifconfig manpages, I am mostly trying out configuration as stated here: [http://openbsd-archive.7691.n7.nabble.com/mgre-4-point-to-multipoint-gre-tunnels-td337655.html] ...except I found out mgre tunnel is specified with 'tunneladdr' and not 'tunnel', and inet is specified with netmask (/24 in my case). Are there some more texts on mgre on OpenBSD? Can they be terminated on CARP and pppoe interfaces? Right now I am trying to create mgre on CARP interface on one side and pppoe interface on the other side, I just can't make it work, and I don't see anything blocked in pf. Standard gre works fine. Any advice? Thank you in advance, -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
Re: CARP on Hyper-V VM
Hi Ricardo, You must set the VM's network adapter to 'Enable MAC address spoofing' under 'Advanced Features'. nope this isn't solving the problem. I can only ping the virtual ip from the local machine still. It might need the NDIS Extention enabled on the vSwitch too but I did't changed that because of the probable network disconnection. I will give it a shot later. regards MArkus -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: Raspberry Pi 2 Model B Support?
On 2018-10-16, def...@posteo.de wrote: > Hello, > > FreeBSD is already on the Pi 2. Does OpenBSD 6.3 Support Raspberry Pi 2 > Model B? It doesn't. See https://www.openbsd.org/armv7.html for the supported hardware for the 32-bit ARM port. There is some support for rpi3 on https://www.openbsd.org/arm64.html but it's limited - console is on serial (you will need a ttl serial interface), no SD card, and AIUI ethernet only works on rpi3b not rpi3b+ at present, so at present this is mostly of interest to people working on improving hardware support.
Re: CARP on Hyper-V VM
Hi Markus, You must set the VM's network adapter to 'Enable MAC address spoofing' under 'Advanced Features'. /mestre On 10:03 Tue 16 Oct , Markus Rosjat wrote: > Hi there, > > i just have a question to CARP on Hyper-V VMs. It seems there was a > problemwith the virtual IP not be reachable from somewere else then the > machine itself. Since I try to set up CARP on such a VM an noticed the same > behaviour on a OpenBSD 6.1 I wonder if this issue is resolved in 6.3? > > regards > > -- > Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de > > G+H Webservice GbR Gorzolla, Herrmann > Königsbrücker Str. 70, 01099 Dresden > > http://www.ghweb.de > fon: +49 351 8107220 fax: +49 351 8107227 > > Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you > print it, think about your responsibility and commitment to the ENVIRONMENT >
Raspberry Pi 2 Model B Support?
Hello, FreeBSD is already on the Pi 2. Does OpenBSD 6.3 Support Raspberry Pi 2 Model B? Many Thx.
CARP on Hyper-V VM
Hi there, i just have a question to CARP on Hyper-V VMs. It seems there was a problemwith the virtual IP not be reachable from somewere else then the machine itself. Since I try to set up CARP on such a VM an noticed the same behaviour on a OpenBSD 6.1 I wonder if this issue is resolved in 6.3? regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: Redistributing between bgpd and ospfd
On Tue, Oct 16, 2018 at 09:13:20AM +0200, open...@kene.nu wrote: > Hello, > > Only relying on OSPF hellos effectively makes it mimic BGP with its > keepalives. I will ponder the value of transporting the underlay in > OSPF, effectively transporting loopback peering addresses for BGP in > OSPF. I am not sure that it will make my life easier but will consider > it. OSPF is generally faster at converging after reroute and it is possible to set the router-dead-time to minimal which will give you a 1 second timeout. Also the default of 40sec is lower than the 90sec of BGP. Additionally OSPF may give you multipath routes so the failover for BGP may be not noticable. Also GRE has a way to emulate link state but to be honest if I use OSPF on a GRE link I will not turn it on (unless requested). > Thanks for the quick replies everyone. You confirmed that I am not > entirely a moron. > > Still, having the ability to set rtlabels in ospfd would be nice. > On Mon, Oct 15, 2018 at 5:59 PM Stuart Henderson wrote: > > > > On 2018-10-15, open...@kene.nu wrote: > > > in theory. But when WAN links are composed of IPSEC and GRE (which > > > does not have link state) OSPF falls to pieces as the core idea of is > > > link-state. > > > > OSPF primarily uses hellos. Link-state is also used to speed up failover > > up but is not required. > > > > There was a bug in ospfd with DR selection that results in problems > > (specifically multiple routers thinking they were all DR) after a > > netsplit if there was no link-state change. This was already fixed > > though so if you are running 6.3+ and still seeing problems, please > > send a bug report with some information. > > > > > -- :wq Claudio
Re: Redistributing between bgpd and ospfd
On 2018-10-16, open...@kene.nu wrote: > Only relying on OSPF hellos effectively makes it mimic BGP with its > keepalives. I will ponder the value of transporting the underlay in > OSPF, effectively transporting loopback peering addresses for BGP in > OSPF. I am not sure that it will make my life easier but will consider > it. I like being able to run BGP sessions between loopback addresses (rather than normal interface addresses which can go down), it makes it fairly easy to handle multiple paths between routers (I'm not sure how you would do that without an IGP unless you rely on lower-layer mechanisms like switch failover and loop-avoidance protocols).
Re: Redistributing between bgpd and ospfd
Hello, Only relying on OSPF hellos effectively makes it mimic BGP with its keepalives. I will ponder the value of transporting the underlay in OSPF, effectively transporting loopback peering addresses for BGP in OSPF. I am not sure that it will make my life easier but will consider it. Thanks for the quick replies everyone. You confirmed that I am not entirely a moron. Still, having the ability to set rtlabels in ospfd would be nice. On Mon, Oct 15, 2018 at 5:59 PM Stuart Henderson wrote: > > On 2018-10-15, open...@kene.nu wrote: > > in theory. But when WAN links are composed of IPSEC and GRE (which > > does not have link state) OSPF falls to pieces as the core idea of is > > link-state. > > OSPF primarily uses hellos. Link-state is also used to speed up failover > up but is not required. > > There was a bug in ospfd with DR selection that results in problems > (specifically multiple routers thinking they were all DR) after a > netsplit if there was no link-state change. This was already fixed > though so if you are running 6.3+ and still seeing problems, please > send a bug report with some information. > >
