Thank you
Hi All, Just wanted to say thanks for the hard work, OpenBSD runs better than any other OS on my laptop. One thing that really stands out is suspend and resume, I have *never* had a Linux or Windows laptop do it properly. Obviously everything else works great, I just wanted to point this out as people have the misconception that OpenBSD is not desktop/laptop friendly. P.S. join is a great new addition too. -- Wayn0
Few ldapd questions
Hi Misc, I have been using ldapd for the past five years for centralized user authorization and authentication for a growing university research group. Secured connections are provided using STARTTLS even thought all queries are done on the private network. More recently I did some more reading and forced all openldap-clients to use FIPS approved algorithms for higher security protection https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf Things appear to be working like a charm. However I am a bit confused about doing two things with ldapd. By reading man pages https://man.openbsd.org/ldapd.conf.5 it seems to me that able to deny anonymous reads from the machines with valid certificate of authority of my LDAP server by adding some kind filter rules. However, I am unable to find any ldapd examples. Secondly is there a way for ldapd to deny access to client machines which don't present valid client certificates and keys? Thanks for your help. Predrag
Re: Wallpaper artwork created for OpenBSD
Hi Stuart, Thanks for your suggestions. I will remove them. Mingjing On 星期五, 2018-11-09 07:31:59 Stuart Henderson wrote In gmane.os.openbsd.misc, you wrote: > On Thu, Nov 08, 2018 at 03:52:06PM +0800, Alex wrote: >> Dear OpenBSD users, developers, contributors, My name is Mingjing a *BSD user and lover from China. My friend and I did some wallpapers for OpenBSD and other opensource project in the free time. For now they are designed only for smart phones. The pictures are 1920*1080. I put them on Github (https://github.com/opensourcecn/wallpapers) and we've packaged them into android APKs on Google Play ( http://bit.ly/2JPetLy and http://bit.ly/2qxX8xU). All the wallpapers released in BSD license that you can do what ever you want. Feel free to use them and give me suggestions if you have. Thanks Mingjing > > So, you're taking OpenBSD art without permission and publishing it as a > "free app" with ads. Why the app needs so many permissions?. This is *not* under BSD license, it is copyrighted artwork. It would be nice if the apps were removed without the copyright owner having to mess around with DMCA notices...
Re: Wallpaper artwork created for OpenBSD
Hi Juan, Thanks for the reply and suggestions. We don't have Google Play account so we ask a friend who has account for help. And I put the wallpaper in github so you don't need to download the app instead. About the permissions you mentioned I will check with my friend. If there are some permission inappropriate I will ask to unpublish it. Thanks Mingjing On 星期五, 2018-11-09 03:48:02 Juan Francisco Cantero Hurtado wrote On Thu, Nov 08, 2018 at 03:52:06PM +0800, Alex wrote: > Dear OpenBSD users, developers, contributors, My name is Mingjing a *BSD user and lover from China. My friend and I did some wallpapers for OpenBSD and other opensource project in the free time. For now they are designed only for smart phones. The pictures are 1920*1080. I put them on Github (https://github.com/opensourcecn/wallpapers) and we've packaged them into android APKs on Google Play ( http://bit.ly/2JPetLy and http://bit.ly/2qxX8xU). All the wallpapers released in BSD license that you can do what ever you want. Feel free to use them and give me suggestions if you have. Thanks Mingjing So, you're taking OpenBSD art without permission and publishing it as a "free app" with ads. Why the app needs so many permissions?. You're not even a *BSD user. The description contains this gem: "The copyright of the openBSD project belongs to: The Regents of the University of California © and we promise this application abide by the CC4.0 agreements." Since September you've only published 50+ wallpaper and crappy launchers. -- Juan Francisco Cantero Hurtado http://juanfra.info
Re: OpenBSD terminals and ligatures
On 03/11/2018 18:58, Philippe wrote: > Hello dear openbsd users, > > I would like to install a font (Fira Code), with ligatures. Hello again, I know why this wasn't working: the package does not contain the FiraCode font with ligatures. So, the solution is: mkdir ~/.local/share/fonts/ cd ~/.local/share/fonts git clone https://github.com/tonsky/FiraCode fc-cache -vf Et voilà. After a simple restart of the X session, this works! :-) I hoped to have the FiraCode fonts with ligatures without having to install it by myself. I wonder why this font doesn't have ligatures in packages, is this for compatibility reasons? Thanks. -- Philippe
Re: Wallpaper artwork created for OpenBSD
In gmane.os.openbsd.misc, you wrote: > On Thu, Nov 08, 2018 at 03:52:06PM +0800, Alex wrote: >> Dear OpenBSD users, developers, contributors, My name is Mingjing a *BSD >> user and lover from China. My friend and I did some wallpapers for OpenBSD >> and other opensource project in the free time. For now they are designed >> only for smart phones. The pictures are 1920*1080. I put them on Github >> (https://github.com/opensourcecn/wallpapers) and we've packaged them into >> android APKs on Google Play ( http://bit.ly/2JPetLy and >> http://bit.ly/2qxX8xU). All the wallpapers released in BSD license that you >> can do what ever you want. Feel free to use them and give me suggestions if >> you have. Thanks Mingjing > > So, you're taking OpenBSD art without permission and publishing it as a > "free app" with ads. Why the app needs so many permissions?. This is *not* under BSD license, it is copyrighted artwork. It would be nice if the apps were removed without the copyright owner having to mess around with DMCA notices...
Re: Wallpaper artwork created for OpenBSD
On Thu, Nov 08, 2018 at 03:52:06PM +0800, Alex wrote: > Dear OpenBSD users, developers, contributors, My name is Mingjing a *BSD user > and lover from China. My friend and I did some wallpapers for OpenBSD and > other opensource project in the free time. For now they are designed only for > smart phones. The pictures are 1920*1080. I put them on Github > (https://github.com/opensourcecn/wallpapers) and we've packaged them into > android APKs on Google Play ( http://bit.ly/2JPetLy and > http://bit.ly/2qxX8xU). All the wallpapers released in BSD license that you > can do what ever you want. Feel free to use them and give me suggestions if > you have. Thanks Mingjing So, you're taking OpenBSD art without permission and publishing it as a "free app" with ads. Why the app needs so many permissions?. You're not even a *BSD user. The description contains this gem: "The copyright of the openBSD project belongs to: The Regents of the University of California © and we promise this application abide by the CC4.0 agreements." Since September you've only published 50+ wallpaper and crappy launchers. -- Juan Francisco Cantero Hurtado http://juanfra.info
Re: "relay as" domain rewrite in new smtpd.conf syntax
On Thu, Nov 08, 2018 at 12:40:51PM -0500, Allan Streib wrote: > Prior to 6.4, in smtpd.conf(5), the relay directive supported the "as" > parameter: > > If the as parameter is specified, smtpd(8) will rewrite the sender > advertised in the SMTP session. address may be a user, a domain > prefixed with ???@???, or an email address, causing smtpd(8) to rewrite > the user-part, the domain-part, or the entire address, respectively. > > In the new smtpd.conf(5) syntax, how is that rewrite achieved, > specifically the "@" prefix behavior to rewrite the domain part? > The relay delivery methods also support additional options: [...] mail-from mailaddr Use mailaddr as the MAIL FROM address within the SMTP transaction. so this would be something like: action relay_00 relay mail-from "@foobar.org" match [...] action relay_00 -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg
"relay as" domain rewrite in new smtpd.conf syntax
Prior to 6.4, in smtpd.conf(5), the relay directive supported the "as" parameter: If the as parameter is specified, smtpd(8) will rewrite the sender advertised in the SMTP session. address may be a user, a domain prefixed with ‘@’, or an email address, causing smtpd(8) to rewrite the user-part, the domain-part, or the entire address, respectively. In the new smtpd.conf(5) syntax, how is that rewrite achieved, specifically the "@" prefix behavior to rewrite the domain part? Thanks, Allan
[armv7] Beaglebone - libraries
Hello all, I just bought a beaglebone black 'rev C) and installed OpenBSD. I would like to install Adafruit_BBIO (for python) however it seems that is only for linux platform. The prerequisite is : epoll.h (only for linux.) I am not a hacker / developer. I would like to start to play with coding and sensors in C or Python. Do you know if: * libraries for OpenBSD exist in Python or C/C++ ? * Adaptation is possible for Adafruit_BBIO on OpenBSD (for dummie like me) ? Thanks in advance. Olivier.
Re: mail doesn't read mail from /var/mail/root
Mystery solved! The very first line is missing a space between ‘Nov’ and ‘1’ (should be two spaces). After adding it back, mail can now parse the file. (Also, Nov 1 is Thu, not Sun, but that wouldn’t have prevented mail from parsing the file). I will send a patch to tech@ adding that space back - it would be cool to make a contribution of a single character ;). On Thu, Nov 8, 2018, at 7:32 AM, ivp...@eml.cc wrote: > And regardless, /usr/src/usr.bin/mail/main.c:95 unsets MAIL > environment> variable when an '-u' flag is present, and the problem I'm > reporting > persists even when I run > > mail -u root > > as root. > > On Thu, Nov 8, 2018, at 7:29 AM, ivp...@eml.cc wrote: > > Yes, and I didn't change any defaults: > > > > # set | grep MAIL > > MAIL=/var/mail/root > > MAILCHECK=600 > > > > On Thu, Nov 8, 2018, at 7:23 AM, Otto Moerbeek wrote: > > > On Thu, Nov 08, 2018 at 07:18:57AM -0800, ivp...@eml.cc wrote: > > > > > > > I also tested on 6.4-release, and can confirm the same behavior.> > > > > > Is you MAIL environment var set? > > > > > > -Otto > > > > > > > > > > > On Thu, Nov 8, 2018, at 7:13 AM, ivp...@eml.cc wrote: > > > > > On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > > > > > > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > > > > > > >Hello, > > > > > > > > > > > > > >I must be missing something obvious, but since installing > > > > > > >6.4-current> > > > > > >(on a few versions in a row), I can't get > > > > > > >mail to read > > > > > > >/var/mail/root.> > > > > > > > > > > > > >After logging in, I see: > > > > > > > > > > > > > >>---< > > > > > > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > > > > > > > > > > > >[... skipped ...] > > > > > > > > > > > > > >You have mail. > > > > > > >thor# mail > > > > > > >No mail for root > > > > > > >thor# mail -f /var/mail/root > > > > > > >Mail version 8.1.2 01/15/2001. Type ? for help. > > > > > > >"/var/mail/root": 0 messages > > > > > > >thor# ls -l /var/mail/root > > > > > > >-rw--- 1 root wheel 3.9K Oct 20 00:37 > > > > > > >/var/mail/root> > > > > > >thor# head /var/mail/root > > > > > > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 > > > > > > >MDT 2018> > > > > > >Return-Path: root > > > > > > >Date: Nov 1 06:30:00 MDT 2018 > > > > > > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > > > > > > >To: root > > > > > > >Subject: Welcome to OpenBSD 6.4! > > > > > > > > > > > > > >This message attempts to describe the most basic initial > > > > > > >questions that> > > > > > >a > > > > > > >system administrator of an OpenBSD box might have. You are > > > > > > >urged to> > > > > > >save > > > > > > >this message for later reference. > > > > > > >>--< > > > > > > > > > > > > > >I also remember that I had this problem since the first > > > > > > >time I> > > > > > >installed 6.4-current on my new laptop. > > > > > > > > > > > > > >I do receive local mail (e.g., from crontab) for a non- > > > > > > >priveleged user> > > > > > >created during setup. > > > > > > > > > > > > > >Any ideas of what might be going on? > > > > > > > > > > > > > >Best, > > > > > > >ivpgbe > > > > > > > > > > > > It's because the Welcome email that gets sent to root and > > > > > > the user> > > > > > created during install is dated in the future. > > > > > > It has the > > > > > > initial> > > > > > planned release date of Nov. 1st. Mail(1) can't > > > > > > seem to see > > > > > > into the> > > > > > future. > > > > > > > > > > Good catch - that explains why I would not see it after the > > > > > install. But> > > > > today is Nov 8 (as confirmed by date(1), and it > > > > > still doesn't > > > > > see it,> > > > > even after I touch(1) the file. Should I report it > > > > > as a bug? > > > > > > > > > > The mismatch between Nov 1 and the actual release is probably > > > > > another> > > > > bug. Should I report as well? > > > > > > > > > > Thanks! > > > > >
Re: mail doesn't read mail from /var/mail/root
And regardless, /usr/src/usr.bin/mail/main.c:95 unsets MAIL environment variable when an '-u' flag is present, and the problem I'm reporting persists even when I run mail -u root as root. On Thu, Nov 8, 2018, at 7:29 AM, ivp...@eml.cc wrote: > Yes, and I didn't change any defaults: > > # set | grep MAIL > MAIL=/var/mail/root > MAILCHECK=600 > > On Thu, Nov 8, 2018, at 7:23 AM, Otto Moerbeek wrote: > > On Thu, Nov 08, 2018 at 07:18:57AM -0800, ivp...@eml.cc wrote: > > > > > I also tested on 6.4-release, and can confirm the same behavior. > > > > Is you MAIL environment var set? > > > > -Otto > > > > > > > > On Thu, Nov 8, 2018, at 7:13 AM, ivp...@eml.cc wrote: > > > > On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > > > > > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > > > > > >Hello, > > > > > > > > > > > >I must be missing something obvious, but since installing 6.4-current > > > > > >(on a few versions in a row), I can't get mail to read > > > > > >/var/mail/root. > > > > > > > > > > > >After logging in, I see: > > > > > > > > > > > >>---< > > > > > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > > > > > > > > > >[... skipped ...] > > > > > > > > > > > >You have mail. > > > > > >thor# mail > > > > > >No mail for root > > > > > >thor# mail -f /var/mail/root > > > > > >Mail version 8.1.2 01/15/2001. Type ? for help. > > > > > >"/var/mail/root": 0 messages > > > > > >thor# ls -l /var/mail/root > > > > > >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root > > > > > >thor# head /var/mail/root > > > > > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 > > > > > >Return-Path: root > > > > > >Date: Nov 1 06:30:00 MDT 2018 > > > > > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > > > > > >To: root > > > > > >Subject: Welcome to OpenBSD 6.4! > > > > > > > > > > > >This message attempts to describe the most basic initial questions > > > > > >that > > > > > >a > > > > > >system administrator of an OpenBSD box might have. You are urged to > > > > > >save > > > > > >this message for later reference. > > > > > >>--< > > > > > > > > > > > >I also remember that I had this problem since the first time I > > > > > >installed 6.4-current on my new laptop. > > > > > > > > > > > >I do receive local mail (e.g., from crontab) for a non-priveleged > > > > > >user > > > > > >created during setup. > > > > > > > > > > > >Any ideas of what might be going on? > > > > > > > > > > > >Best, > > > > > >ivpgbe > > > > > > > > > > It's because the Welcome email that gets sent to root and the user > > > > > created during install is dated in the future. It has the initial > > > > > planned release date of Nov. 1st. Mail(1) can't seem to see into the > > > > > future. > > > > > > > > Good catch - that explains why I would not see it after the install. > > > > But > > > > today is Nov 8 (as confirmed by date(1), and it still doesn't see it, > > > > even after I touch(1) the file. Should I report it as a bug? > > > > > > > > The mismatch between Nov 1 and the actual release is probably another > > > > bug. Should I report as well? > > > > > > > > Thanks! > > >
Re: mail doesn't read mail from /var/mail/root
Yes, and I didn't change any defaults: # set | grep MAIL MAIL=/var/mail/root MAILCHECK=600 On Thu, Nov 8, 2018, at 7:23 AM, Otto Moerbeek wrote: > On Thu, Nov 08, 2018 at 07:18:57AM -0800, ivp...@eml.cc wrote: > > > I also tested on 6.4-release, and can confirm the same behavior. > > Is you MAIL environment var set? > > -Otto > > > > > On Thu, Nov 8, 2018, at 7:13 AM, ivp...@eml.cc wrote: > > > On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > > > > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > > > > >Hello, > > > > > > > > > >I must be missing something obvious, but since installing 6.4-current > > > > >(on a few versions in a row), I can't get mail to read /var/mail/root. > > > > > > > > > >After logging in, I see: > > > > > > > > > >>---< > > > > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > > > > > > > >[... skipped ...] > > > > > > > > > >You have mail. > > > > >thor# mail > > > > >No mail for root > > > > >thor# mail -f /var/mail/root > > > > >Mail version 8.1.2 01/15/2001. Type ? for help. > > > > >"/var/mail/root": 0 messages > > > > >thor# ls -l /var/mail/root > > > > >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root > > > > >thor# head /var/mail/root > > > > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 > > > > >Return-Path: root > > > > >Date: Nov 1 06:30:00 MDT 2018 > > > > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > > > > >To: root > > > > >Subject: Welcome to OpenBSD 6.4! > > > > > > > > > >This message attempts to describe the most basic initial questions that > > > > >a > > > > >system administrator of an OpenBSD box might have. You are urged to > > > > >save > > > > >this message for later reference. > > > > >>--< > > > > > > > > > >I also remember that I had this problem since the first time I > > > > >installed 6.4-current on my new laptop. > > > > > > > > > >I do receive local mail (e.g., from crontab) for a non-priveleged user > > > > >created during setup. > > > > > > > > > >Any ideas of what might be going on? > > > > > > > > > >Best, > > > > >ivpgbe > > > > > > > > It's because the Welcome email that gets sent to root and the user > > > > created during install is dated in the future. It has the initial > > > > planned release date of Nov. 1st. Mail(1) can't seem to see into the > > > > future. > > > > > > Good catch - that explains why I would not see it after the install. But > > > today is Nov 8 (as confirmed by date(1), and it still doesn't see it, > > > even after I touch(1) the file. Should I report it as a bug? > > > > > > The mismatch between Nov 1 and the actual release is probably another > > > bug. Should I report as well? > > > > > > Thanks! > >
Re: mail doesn't read mail from /var/mail/root
On Thu, Nov 08, 2018 at 07:18:57AM -0800, ivp...@eml.cc wrote: > I also tested on 6.4-release, and can confirm the same behavior. Is you MAIL environment var set? -Otto > > On Thu, Nov 8, 2018, at 7:13 AM, ivp...@eml.cc wrote: > > On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > > > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > > > >Hello, > > > > > > > >I must be missing something obvious, but since installing 6.4-current > > > >(on a few versions in a row), I can't get mail to read /var/mail/root. > > > > > > > >After logging in, I see: > > > > > > > >>---< > > > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > > > > > >[... skipped ...] > > > > > > > >You have mail. > > > >thor# mail > > > >No mail for root > > > >thor# mail -f /var/mail/root > > > >Mail version 8.1.2 01/15/2001. Type ? for help. > > > >"/var/mail/root": 0 messages > > > >thor# ls -l /var/mail/root > > > >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root > > > >thor# head /var/mail/root > > > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 > > > >Return-Path: root > > > >Date: Nov 1 06:30:00 MDT 2018 > > > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > > > >To: root > > > >Subject: Welcome to OpenBSD 6.4! > > > > > > > >This message attempts to describe the most basic initial questions that > > > >a > > > >system administrator of an OpenBSD box might have. You are urged to > > > >save > > > >this message for later reference. > > > >>--< > > > > > > > >I also remember that I had this problem since the first time I > > > >installed 6.4-current on my new laptop. > > > > > > > >I do receive local mail (e.g., from crontab) for a non-priveleged user > > > >created during setup. > > > > > > > >Any ideas of what might be going on? > > > > > > > >Best, > > > >ivpgbe > > > > > > It's because the Welcome email that gets sent to root and the user > > > created during install is dated in the future. It has the initial > > > planned release date of Nov. 1st. Mail(1) can't seem to see into the > > > future. > > > > Good catch - that explains why I would not see it after the install. But > > today is Nov 8 (as confirmed by date(1), and it still doesn't see it, > > even after I touch(1) the file. Should I report it as a bug? > > > > The mismatch between Nov 1 and the actual release is probably another > > bug. Should I report as well? > > > > Thanks! >
Re: mail doesn't read mail from /var/mail/root
I also tested on 6.4-release, and can confirm the same behavior. On Thu, Nov 8, 2018, at 7:13 AM, ivp...@eml.cc wrote: > On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > > >Hello, > > > > > >I must be missing something obvious, but since installing 6.4-current > > >(on a few versions in a row), I can't get mail to read /var/mail/root. > > > > > >After logging in, I see: > > > > > >>---< > > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > > > >[... skipped ...] > > > > > >You have mail. > > >thor# mail > > >No mail for root > > >thor# mail -f /var/mail/root > > >Mail version 8.1.2 01/15/2001. Type ? for help. > > >"/var/mail/root": 0 messages > > >thor# ls -l /var/mail/root > > >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root > > >thor# head /var/mail/root > > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 > > >Return-Path: root > > >Date: Nov 1 06:30:00 MDT 2018 > > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > > >To: root > > >Subject: Welcome to OpenBSD 6.4! > > > > > >This message attempts to describe the most basic initial questions that > > >a > > >system administrator of an OpenBSD box might have. You are urged to > > >save > > >this message for later reference. > > >>--< > > > > > >I also remember that I had this problem since the first time I > > >installed 6.4-current on my new laptop. > > > > > >I do receive local mail (e.g., from crontab) for a non-priveleged user > > >created during setup. > > > > > >Any ideas of what might be going on? > > > > > >Best, > > >ivpgbe > > > > It's because the Welcome email that gets sent to root and the user > > created during install is dated in the future. It has the initial > > planned release date of Nov. 1st. Mail(1) can't seem to see into the > > future. > > Good catch - that explains why I would not see it after the install. But > today is Nov 8 (as confirmed by date(1), and it still doesn't see it, > even after I touch(1) the file. Should I report it as a bug? > > The mismatch between Nov 1 and the actual release is probably another > bug. Should I report as well? > > Thanks!
Re: mail doesn't read mail from /var/mail/root
On Thu, Nov 8, 2018, at 6:03 AM, TronDD wrote: > On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: > >Hello, > > > >I must be missing something obvious, but since installing 6.4-current > >(on a few versions in a row), I can't get mail to read /var/mail/root. > > > >After logging in, I see: > > > >>---< > >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > > > >[... skipped ...] > > > >You have mail. > >thor# mail > >No mail for root > >thor# mail -f /var/mail/root > >Mail version 8.1.2 01/15/2001. Type ? for help. > >"/var/mail/root": 0 messages > >thor# ls -l /var/mail/root > >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root > >thor# head /var/mail/root > >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 > >Return-Path: root > >Date: Nov 1 06:30:00 MDT 2018 > >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) > >To: root > >Subject: Welcome to OpenBSD 6.4! > > > >This message attempts to describe the most basic initial questions that > >a > >system administrator of an OpenBSD box might have. You are urged to > >save > >this message for later reference. > >>--< > > > >I also remember that I had this problem since the first time I > >installed 6.4-current on my new laptop. > > > >I do receive local mail (e.g., from crontab) for a non-priveleged user > >created during setup. > > > >Any ideas of what might be going on? > > > >Best, > >ivpgbe > > It's because the Welcome email that gets sent to root and the user > created during install is dated in the future. It has the initial > planned release date of Nov. 1st. Mail(1) can't seem to see into the > future. Good catch - that explains why I would not see it after the install. But today is Nov 8 (as confirmed by date(1), and it still doesn't see it, even after I touch(1) the file. Should I report it as a bug? The mismatch between Nov 1 and the actual release is probably another bug. Should I report as well? Thanks!
Re: mail doesn't read mail from /var/mail/root
On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: >Hello, > >I must be missing something obvious, but since installing 6.4-current >(on a few versions in a row), I can't get mail to read /var/mail/root. > >After logging in, I see: > >>---< >OpenBSD 6.4-current (GENERIC.MP) #425: Sun Nov 4 > >[... skipped ...] > >You have mail. >thor# mail >No mail for root >thor# mail -f /var/mail/root >Mail version 8.1.2 01/15/2001. Type ? for help. >"/var/mail/root": 0 messages >thor# ls -l /var/mail/root >-rw--- 1 root wheel 3.9K Oct 20 00:37 /var/mail/root >thor# head /var/mail/root >From dera...@do-not-reply.openbsd.org Sun Nov 1 06:30:00 MDT 2018 >Return-Path: root >Date: Nov 1 06:30:00 MDT 2018 >From: dera...@do-not-reply.openbsd.org (Theo de Raadt) >To: root >Subject: Welcome to OpenBSD 6.4! > >This message attempts to describe the most basic initial questions that >a >system administrator of an OpenBSD box might have. You are urged to >save >this message for later reference. >>--< > >I also remember that I had this problem since the first time I >installed 6.4-current on my new laptop. > >I do receive local mail (e.g., from crontab) for a non-priveleged user >created during setup. > >Any ideas of what might be going on? > >Best, >ivpgbe It's because the Welcome email that gets sent to root and the user created during install is dated in the future. It has the initial planned release date of Nov. 1st. Mail(1) can't seem to see into the future.
Re: 6.4 - Unable to boot after successfully installed
OK you were all right... After let the default partionning values, I'm able to boot normally. I would thank Stefan and Kenneth about their detailed replies. Many thanks for your help, and faq is answering my new questions about that. Cheers Luthing -- Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
Re: ikev2 and road warriors setup
I've been playing around with netcat. I noticed that the netcat process on my VPN_server does not show any "X" on stdout for ports 4500 and 1701. May it be relevant to my VPN issue? VPN_serv is A.B.C.77/23 (it is not behind NAT): $ pfctl -s rules pass all flags S/SA $ nc -u -l 500 X.Y.Z.11/29$ nc -vuz A.B.C.77 4500 A.B.C.69/23$ nc -vuz A.B.C.77 4500 $ nc -u -l 4500 NOTHING IS HERE $ nc -u -l 4499 $ nc -u -l 4501 X.Y.Z.11/29$ nc -vuz A.B.C.77 1701 A.B.C.69/23$ nc -vuz A.B.C.77 1701 $ nc -u -l 1701 NOTHING IS HERE $ nc -u -l 22 $ nc -u -l 1234 On Wed, 7 Nov 2018 12:17:09 +0100 Radek wrote: > Yesterday I tried this scenario: > > Win7_warrior - 192.168.x.x, NAT, GW: 1.2.3.119 > VPN_L2TP (Mikrotik) - A.B.C.75/23, not NATed > VPN_IKEv2 - A.B.C.77/23, not NATed > > I connected Win7_warrior to VPN_L2TP and then to VPN_IKEv2. I was having two > active VPN conn in one time. > Next, I disconnected VPN_L2TP. VPN_IKEv2 was still active and was working > fine. > > When I disconnected VPN_IKEv2 and was trying to connect VPN_IKEv2 omitting > VPN_L2TP - I got 809. > > Removing home_router which is between Win7_warrior and 1.2.3.119 does not > change anything. > > Another thing: > I install VPN_IKEv2 OS via PXEboot and get private IP from dhcp server. Then > I move to public A.B.C.77/23 editing /etc/hostname, mygate, resolv.conf. > Maybe I missed something in network conf that is important for OpenIKED? > > Any idea? > > > On Tue, 6 Nov 2018 11:21:52 +0100 > Radek wrote: > > > Hello Kim, > > > > > My question was concerning the VPN_server, is the server NATed? > > A.B.C.0/23 is not NATed, it is a public pool. VPN_server is not NATed. > > > > > How is A.B.C.0/23 connected to the 'rest' of the world? Router/Firewall > > > ... > > I only have switches in my building. > > All routers/firewalls of my network are in another building, I do not know > > the whole network structure, devices, security policies... but I have never > > noticed that any ports were blocked. > > > > I can setup a IKEV2 site-to-site VPN A.B.C.D/23 <--> !A.B.C.0/23 and it > > works like a charm. > > https://community.riocities.com/openike_openbsd.html > > But I can not setup a VPN_server for road warriors. > > > > I have just set up a VPN_L2TP_serv on Mikrotik (A.B.C.75/23). I can connect > > my Win7_warrior from !A.B.C.0/23 (currently testing on GSM network). > > L2TP and IKEV2 use 500, 4500 ports. If L2TP works fine so I conclude that > > it is not any Router/FW problem. > > > > On Tue, 6 Nov 2018 07:48:37 +0100 > > Kim Zeitler wrote: > > > > > Good morning Radek, > > > > > > I have a suspicion ... > > > > > > > For (1), (2) and (3) VPN is working just fine with Win7_warrior and > > > > puffy_warrior if they are connecting from A.B.C.0/23 (it does not > > > > matter if warrior has public IP or it is behind NAT). The rest of the > > > > world fails to connect the VPN_server. > > > My question was concerning the VPN_server, is the server NATed? > > > How is A.B.C.0/23 connected to the 'rest' of the world? Router/Firewall > > > ... > > > > > > Cheers, > > > Kim > > > > > > > > > > > > -- > > radek > > > -- > radek -- radek
Re: iridium-browser + unveil
Am 08.11.18 um 12:47 schrieb Florian Obser: > The point of unveil in chrome is that it can't exfiltrate your ssh > private key. Got it! Thank you for making things clear.
Re: Munin node over IPv6
On jeu. 8 nov. 12:32:31 2018, Florian Obser wrote: > > can you try the following: > > > > host ::1 (or even host :::1 it seems that a bug requires to add an extra > > colon) With explicit IPv6 addresses and without the INET6 pkg installed, munin crashes > I believe one needs p5-IO-Socket-INET6 installed. > I have host * in my config and that gives me: > > tcp 0 0 *.4949 *.*LISTEN > tcp6 0 0 *.4949 *.*LISTEN But with the pkg, it works: root@kaiminus:~ # telnet guinch.swordarmor.fr 4949 Trying 2a00:5884:102:1::9... Connected to guinch.swordarmor.fr. Escape character is '^]'. # munin node at guinch.swordarmor.fr list amavis cpu df df_inode if_enc0 if_errcoll_enc0 if_errcoll_tun0 if_errcoll_tun10 if_errcoll_tun11 if_errcoll_tun12 if_errcoll_tun13 if_errcoll_tun2 if_errcoll_tun3 if_errcoll_tun4 if_errcoll_tun5 if_errcoll_tun6 if_errcoll_tun7 if_errcoll_tun8 if_errcoll_tun9 if_errcoll_vio0 if_pps_enc0 if_pps_tun0 if_pps_tun10 if_pps_tun11 if_pps_tun12 if_pps_tun13 if_pps_tun2 if_pps_tun3 if_pps_tun4 if_pps_tun5 if_pps_tun6 if_pps_tun7 if_pps_tun8 if_pps_tun9 if_pps_vio0 if_tun0 if_tun10 if_tun11 if_tun12 if_tun13 if_tun2 if_tun3 if_tun4 if_tun5 if_tun6 if_tun7 if_tun8 if_tun9 if_vio0 load memory netstat open_files processes systat uptime users vmstat Thank you very much to the both of you! -- Alarig (but I think you’re real)
Re: iridium-browser + unveil
On Thu, Nov 08, 2018 at 09:45:38AM +0100, Stefan Wollny wrote: > Am 08.11.18 um 09:03 schrieb Stefan Wollny: > > Hi there, > > > > just a little nit with the iridium-browser unveiled: > > > > I changed the 'exec' command in /usr/local/bin/iridium like so: > > - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}" > > + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}" > > > > With this change I can browse the web as before. BUT: My startpage is a > > html-file in the users home directory containing a huge collection of > > links to web sites. I use this file at home and at work where I am > > forced to use the most popular unsafe OS. With iridium unveiled this > > page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'. > > > > Switching back to the exec without "--enable-unveil" and iridium finds > > the file again. Easily reproducible. > > > > With other browsers (e.g. FF, otter, netsurf, links+) this particular > > file is accessible. No reason not to enable unveil on iridium in > > particular as it just has been updated (in ports). > > > Found an easy solution: While access to the user's home directory is not > permitted, access to the subfolders _is_ allowed. Simply copied that > particular file to ~/Downloads/, changed the path in iridium's settings > and we're back to familiar operations. :-) > > Now: How to give permission to access my home directory? > I'm afraid you are missing the point. If you want it to have access to your home directory run it without --enable-unveil. For all intents and purposes that's the same thing as "giving permission to ~/" The point of unveil in chrome is that it can't exfiltrate your ssh private key. -- I'm not entirely sure you are real.
Re: iridium-browser + unveil
On Thu, Nov 08, 2018 at 10:52:11AM +0200, Dumitru Moldovan wrote: > On Thu, 8 Nov 2018 09:03:51 +0100, Stefan Wollny wrote: > > > > I changed the 'exec' command in /usr/local/bin/iridium like so: > > - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}" > > + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}" > > > > With this change I can browse the web as before. BUT: My startpage is a > > html-file in the users home directory containing a huge collection of > > links to web sites. I use this file at home and at work where I am > > forced to use the most popular unsafe OS. With iridium unveiled this > > page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'. > > With unveil enabled, your browser can only download files to your ~/Downloads > sub-dir, and can only upload files from your ~/Uploads sub-dir. So maybe put > your HTML file in ~/Uploads and use the new location as the start page? > > Disclaimer: I am not a user of Iridium or Chromium with unveil, but this is > what I remember from Bob Beck's presentation on the subject at EuroBSDCon in > September. Hope I got the sub-dirs right! Thinking about it, there should > be write access to ~/.cache as well, maybe even /tmp, but these are just > extra details. > It's only ~/Downloads -- I'm not entirely sure you are real.
Re: Munin node over IPv6
On Thu, Nov 08, 2018 at 12:21:58PM +0100, Solene Rapenne wrote: > Alarig Le Lay wrote: > > Hi, > > > > I would like to pull my munin node over IPv6, but the process is only > > listening on IPv4. > > > > guinch# grep '^host' /etc/munin/munin-node.conf > > host * > > guinch# netstat -af inet | grep 4949 > > tcp 0 0 *.4949 *.*LISTEN > > guinch# netstat -af inet6 | grep 4949 > > guinch# > > > > This configuration works on other OSes. > > How could I make it on OpenBSD? > > > > Thanks, > > can you try the following: > > host ::1 (or even host :::1 it seems that a bug requires to add an extra > colon) > I believe one needs p5-IO-Socket-INET6 installed. I have host * in my config and that gives me: tcp 0 0 *.4949 *.*LISTEN tcp6 0 0 *.4949 *.*LISTEN Cheers, Florian -- I'm not entirely sure you are real.
Re: Munin node over IPv6
Alarig Le Lay wrote: > Hi, > > I would like to pull my munin node over IPv6, but the process is only > listening on IPv4. > > guinch# grep '^host' /etc/munin/munin-node.conf > host * > guinch# netstat -af inet | grep 4949 > tcp 0 0 *.4949 *.*LISTEN > guinch# netstat -af inet6 | grep 4949 > guinch# > > This configuration works on other OSes. > How could I make it on OpenBSD? > > Thanks, can you try the following: host ::1 (or even host :::1 it seems that a bug requires to add an extra colon)
Munin node over IPv6
Hi, I would like to pull my munin node over IPv6, but the process is only listening on IPv4. guinch# grep '^host' /etc/munin/munin-node.conf host * guinch# netstat -af inet | grep 4949 tcp 0 0 *.4949 *.*LISTEN guinch# netstat -af inet6 | grep 4949 guinch# This configuration works on other OSes. How could I make it on OpenBSD? Thanks, -- Alarig
Re: 'auto-join' to the wifi
On Thu, Nov 08, 2018 at 01:12:35PM +0500, Артур Истомин wrote: > There is example for hostname.if for auto-join to wifi network > https://www.mail-archive.com/source-changes@openbsd.org/msg99921.html > > But what if I have different networks with dynamic and static IPs or another > different options? For example: > > join home wpakey password <-- has static IP and 'wpaprotos wpa1' > option Adding the 'wpaprotos wpa1' option on the same line is supposed to work. Unfornately this is broken right now, see: https://marc.info/?l=openbsd-bugs&m=154118247412508&w=2 Regarding IP addresses: Wifi doesn't know about IP addresses! All 'join' will take care of is setting interface status to 'active'. So you need to handle such differences yourself in some way. > join work wpakey mekmitasdigoat > dhcp > inet6 autoconf > up > > Thanks! >
'auto-join' to the wifi
There is example for hostname.if for auto-join to wifi network https://www.mail-archive.com/source-changes@openbsd.org/msg99921.html But what if I have different networks with dynamic and static IPs or another different options? For example: join home wpakey password <-- has static IP and 'wpaprotos wpa1' option join work wpakey mekmitasdigoat dhcp inet6 autoconf up Thanks!
Re: iridium-browser + unveil
On Thu, 8 Nov 2018 09:03:51 +0100, Stefan Wollny wrote: > > I changed the 'exec' command in /usr/local/bin/iridium like so: > - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}" > + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}" > > With this change I can browse the web as before. BUT: My startpage is a > html-file in the users home directory containing a huge collection of > links to web sites. I use this file at home and at work where I am > forced to use the most popular unsafe OS. With iridium unveiled this > page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'. With unveil enabled, your browser can only download files to your ~/Downloads sub-dir, and can only upload files from your ~/Uploads sub-dir. So maybe put your HTML file in ~/Uploads and use the new location as the start page? Disclaimer: I am not a user of Iridium or Chromium with unveil, but this is what I remember from Bob Beck's presentation on the subject at EuroBSDCon in September. Hope I got the sub-dirs right! Thinking about it, there should be write access to ~/.cache as well, maybe even /tmp, but these are just extra details.
Re: iridium-browser + unveil
Am 08.11.18 um 09:03 schrieb Stefan Wollny: > Hi there, > > just a little nit with the iridium-browser unveiled: > > I changed the 'exec' command in /usr/local/bin/iridium like so: > - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}" > + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}" > > With this change I can browse the web as before. BUT: My startpage is a > html-file in the users home directory containing a huge collection of > links to web sites. I use this file at home and at work where I am > forced to use the most popular unsafe OS. With iridium unveiled this > page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'. > > Switching back to the exec without "--enable-unveil" and iridium finds > the file again. Easily reproducible. > > With other browsers (e.g. FF, otter, netsurf, links+) this particular > file is accessible. No reason not to enable unveil on iridium in > particular as it just has been updated (in ports). > Found an easy solution: While access to the user's home directory is not permitted, access to the subfolders _is_ allowed. Simply copied that particular file to ~/Downloads/, changed the path in iridium's settings and we're back to familiar operations. :-) Now: How to give permission to access my home directory?
iridium-browser + unveil
Hi there, just a little nit with the iridium-browser unveiled: I changed the 'exec' command in /usr/local/bin/iridium like so: - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}" + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}" With this change I can browse the web as before. BUT: My startpage is a html-file in the users home directory containing a huge collection of links to web sites. I use this file at home and at work where I am forced to use the most popular unsafe OS. With iridium unveiled this page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'. Switching back to the exec without "--enable-unveil" and iridium finds the file again. Easily reproducible. With other browsers (e.g. FF, otter, netsurf, links+) this particular file is accessible. No reason not to enable unveil on iridium in particular as it just has been updated (in ports). Best, STEFAN