Re: "OpenBSD Doc" App idea
Sep 8, 2023 01:51:44 Shokara Kou : > then I suggest reading Michael W. Lucas's book > called Absolute OpenBSD[1] (and other books feature on OpenBSD's > site[2]). Though it's not a mobile app, it's still an excellent source > of documentation. Hello, sorry for the nap ;D Thank you for the suggestion Shokara. And no, book and app can't be considered the same expecially in the full-text search feature and if you want in the user appeal like the tailored solution of the app gives away. I think to have clarified all the the details of the app I'm minding that I hope someone can develop before or after. I included also the screenshot. And i added some candies on how for market reasons this and many other public initiatives are not easy to happen when is about OpenBSD. Adding, my 10$ a year to OpenBSD cause will surely not change that, unfortunately. I'm pretty happy about all what the thread expressed. Beside I support the suggestion to read Absolute OpenBSD book. -- Daniele Bonini
Re: Dokuwiki
> Am 08.09.2023 um 00:38 schrieb latin...@vcn.bc.ca:
>
> Hello
>
> Does somebody can help? OpenBSD 7.3 Dokuwiki
> # ps ax |grep dokuwiki
> 27461 p0 S+p 0:00.01 grep dokuwiki
DokuWiki is not a process. So the above does not make any sense.
> The error.log at /www/log is full of this messages and dokuwiki stop working:
>
> Access to the script '/dokuwiki' has been denied (see
> security.limit_extensions)
…
> Access to the script '/dokuwiki' has been denied (see
> security.limit_extensions)
>
> Thanks for your attention.
You need to show us the relevant server {} block in your /etc/httpd.conf
(assuming that you are using httpd(8) as the web server).
The actual error message refers to the php-fpm setting, see
https://www.php.net/manual/en/install.fpm.configuration.php#security-limit-extensions.
But feeding the path /dokuwiki to php-fpm does not make any sense, so the root
cause is somewhere else.
Also you may want to take a look at https://www.dokuwiki.org/install:openbsd
for some additional hints.
This is what a working httpd.conf could look like:
(You may want to replace the server name with an FQDN or add an alias setting.
You would also need a port 80 host to redirect to https and to handle ACME
certificate verification. But that is all standard web server stuff, not
specific to DokuWiki.)
server "default" {
listen on $my_ipv6 tls port 443
tls {
certificate "/etc/ssl/acme/fullchain.pem"
key "/etc/ssl/acme/private/privkey.pem"
}
log style combined
root "/dokuwiki"
directory index doku.php
connection max request body 2097152 # Default is 2M for
upload_max_filesize and 8M for post_max_size.
location "/*.inc" { block }
location "/*.ht*" { block }
location "/data/*" { block }
location "/conf/*" { block }
location "/bin/*" { block }
location "/inc/*" { block }
location "/vendor/*" { block }
location "*.php" {
fastcgi socket "/run/php-fpm.sock"
}
}
Mike
Re: desire for journaled filesystem
My main computer is Void Linux. If I had to restore from backup every time the disks became mildly messed up, all my time would be spent backing up and restoring. I remember back in the 90's and early 00's before journalling every system crash was grounds for an ulcer. I didn't know that the main OpenBSD filesystem didn't journal. SteveT Ronan Viel said on Tue, 5 Sep 2023 16:37:19 +0200 >What about backup? >tar is ready to use. > >Ronan > >> Le 5 sept. 2023 à 16:12, John Holland a >> écrit : >> >> I just had a kernel panic when reloading a firefox tab pointed at >> facebook. After restarting, all the filesystems had errors but /home >> was particularly bad and caused the boot to stop and prompt if I >> wanted to enter a root shell. >> >> >> I eventually got fsck to mark the /home filesystem clean but it >> found >4000 lost files that it moved to lost I am not so >> experienced with this, running "file" on a few of them shows that >> they may be intact files but they have numeric names now. >> >> >> I've really been enjoying OpenBSD but I think it could really use a >> journaled filesystem. I believe I have the correct options in fstab >> for the best results: >> >> 1f08fbc2b303f0ef.k /home ffs rw,softdep,noatime,nodev,nosuid 1 2 >> >> >> I was just thinking how much I was enjoying OpenBSD compared to some >> others when this happened. >> >> >> OpenZFS? License issues? Hammer? Anything? >> >
Re: Open-source security processor
On 9/8/23 00:24, Richard Thornton wrote: Say you had the guts of an x86_64 desktop running Windows on the bench and another computer running OpenBSD right next to it, is there some mechanism available that could allow you to integrity scan the NVMe drive (and also the firmware but that's probably an easier problem solved with something like SPI) of the powered-off x86_64 with the OpenBSD box, like a hardware device that allows both OpenBSD and the laptop physical hardware level access to the same NVMe, or would you have the NVMe in OpenBSD, scan it and then somehow "hand over" the NVMe to Windows? The NVMe drive can't be physically touched, not just swapped from board to board, I'm thinking of this from a more "embedded" viewpoint. If you think about a forensic analysis and/or integrity check of the *contents* of the NVMe, you should draw a binary image of the disk and analyze that. If you cannot remove the disk, but boot the system from an external device (into whatever OS you prefer), you could create such a copy from there (dd is your friend). You could also analyze the disk directly from there, but there's a high probability that you will modify it by doing so (in case you have to mount the filesystems). If you cannot boot the system from an external device (because it is eg. in a hibernated state that you need to preserve), I don't think there is much you can do without removing the disk from the computer. /m
Re: "OpenBSD Doc" App idea
Hi again Daniele, > I do not know if this is acceptable and forgive me for the unwanted > advertisement but attached a screenshot of the basic functionalities of the > app > I was wondering about. If you want a good source of offline documentation for OpenBSD but don't want to use an offline copy of man.openbsd.org (like the man set on a regular OpenBSD install), then I suggest reading Michael W. Lucas's book called Absolute OpenBSD[1] (and other books feature on OpenBSD's site[2]). Though it's not a mobile app, it's still an excellent source of documentation. A decent mobile PDF reader of your choice in addition to an offline copy of the man pages used with Termux should be close to what you're asking for? You can also try adapting a Linux manpage app called Man Man[3] for use with OpenBSD's man page too, but I don't see why you cannot just use the previously mentioned options instead of going through the effort of patching an Android program. Regards, Shokara [1]: https://mwl.io/nonfiction/os#ao2e [2]: https://www.openbsd.org/books.html [3]: https://f-droid.org/packages/com.adonai.manman/
Dokuwiki
Hello Does somebody can help? OpenBSD 7.3 Dokuwiki # ps ax |grep dokuwiki 27461 p0 S+p 0:00.01 grep dokuwiki The error.log at /www/log is full of this messages and dokuwiki stop working: Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Access to the script '/dokuwiki' has been denied (see security.limit_extensions) Thanks for your attention.
Open-source security processor
Apologies, this might be a little bit OT but I was thinking of this and I thought about the wonderful folks at OpenBSD. Say you had the guts of an x86_64 desktop running Windows on the bench and another computer running OpenBSD right next to it, is there some mechanism available that could allow you to integrity scan the NVMe drive (and also the firmware but that's probably an easier problem solved with something like SPI) of the powered-off x86_64 with the OpenBSD box, like a hardware device that allows both OpenBSD and the laptop physical hardware level access to the same NVMe, or would you have the NVMe in OpenBSD, scan it and then somehow "hand over" the NVMe to Windows? The NVMe drive can't be physically touched, not just swapped from board to board, I'm thinking of this from a more "embedded" viewpoint. Or am I thinking about an external CPU validating an OS install in completely the wrong way? Thanks Richard
Re: "OpenBSD Doc" App idea
Sep 7, 2023 23:39:46 Ingo Schwarze : >> working offline > > That's a pretty bad idea. The information on man.openbsd.org > is automatically updated every night; an offline copy would almost > instantly become outdated I'm pointing to a rich version of the FAQ more than the man, this should have less frequent changes. Hovewer, it is the main downside to solve. Being securely offline needs to find the right approach to these updates. -- Daniele Bonini
Re: "OpenBSD Doc" App idea
Hi Daniele, Daniele B. wrote on Thu, Sep 07, 2023 at 10:47:47PM +0200: >> I don't know if Android has a similar feature, but at least on iOS you >> can save a particular website to your home as a webapp from Safari. > Thanks for the answer Shokara. My initiative was to call for the > development in the community of a serious app, with commands directory I'm not quite sure what you mean by "commands directory", but we certainly provide a directory of commands: https://man.openbsd.org/?query=.=1=1 > and full-text search, OpenBSD does not provide full-text search for its documentation because full-text search is less powerful and more noisy than the semantic search we do provide. For details, see https://man.openbsd.org/man1/apropos.1 https://man.openbsd.org/man.cgi.8 in particular https://man.openbsd.org/man1/apropos.1#Macro_Keys https://man.openbsd.org/man.cgi.8#HTML_search_interface If you really want full-text search very badly, you can turn to NetBSD. Last time i looked, they provided full-text search but not semantic search. On OpenBSD, you can of course use $ grep -R regexp /usr/share/man but that will always spew lots of noise and only very rarely any additional useful results in addition to what $ man -k any~regexp provides. > working offline That's a pretty bad idea. The information on man.openbsd.org is automatically updated every night; an offline copy would almost instantly become outdated. Yours, Ingo
Re: "OpenBSD Doc" App idea
> I don't know if Android has a similar feature, but at least on iOS you > can save a particular website to your home as a webapp from Safari. Thanks for the answer Shokara. My initiative was to call for the development in the community of a serious app, with commands directory and full-text search, working offline on multiple device with different screen orientation. Beside the possibility to create an home link of the online site on Android.
Re: "OpenBSD Doc" App idea
Thank you to touch base with the usual insults too, Jan. ;D >> Windowz Doc, Mac Doc, Linux Doc and OpenBSD Doc App I know how to discriminate and sort these apps obviously, it was an humoristic axe I played against the non obvious coudardy to leave OpenBSD always at the last place on the market for the joy of few but us. I simply never would like to find myself in the urgent need of the doc and see that online version could be quite "confusing" or sort of "incomplete In some parts" caused by an "erroneus transmission". Indeed I came from my search my App Store around Unix and found: - FreeBSD Doc; - Unix Tutorial; - Linux command library; And nothing about OpenBSD sporting neither its doc nor one marketing pin, from here my initiative.
Re: "OpenBSD Doc" App idea
Hi Daniele, > I was clearly meaning doing the doc app before to put the whole OpenBSD on > the cloud, > sorry for the late clarification. ;D I don't know if Android has a similar feature, but at least on iOS you can save a particular website to your home as a webapp from Safari. That way you can still have the up-to-date OpenBSD documentation from man.openbsd.org in a pseudo-app. Regards, Shokara
Re: "OpenBSD Doc" App idea
On Sep 07 18:19:29, my2...@has.im wrote: > Clearly I do not want to discriminate among > Windowz Doc, Mac Doc, Linux Doc and OpenBSD Doc > mobile apps, of the App Store ( the proposed order is clearly random) Learn to discriminate, for everyone's sake.
Re: "OpenBSD Doc" App idea
Without even reading ahead: you are either trolling or just fucking retarded. (Is that a haiku?) On Sep 07 16:27:18, my2...@has.im wrote: > Hello, > > Just pushing myself over any device limit.. > I just searched the App Stores for "Unix" and related ones > and wondering if we can hope to have an "OpenBSD Doc" > app beside a "FreeBSD Doc" app anytime soon? > > Anyone's offer? Yes I'm talking to you.. ;D > > -- Daniele Bonini > >
Re: Stacked MTUs
On 7.9.2023. 18:45, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: > I'm setting up jumbograms on a couple of vlans stacked > on an aggr and I need a sanithy check that I'm doing > this right. > > The switches use a hardware MTU of 9192. We want an IP > MTU of 9000 for the vlans. I'm assuming this will work? > > ifconfig em1 mtu 9192 > ifconfig em5 mtu 9192 > ifconfig aggr0 9192 # em1+em5 lacp > ifconfig vlanX mtu 9000 # stacked on aggr0 > ifconfig vlanY mtu 1500 # ditto > > --lyndon > can you send dmesg | grep em ifconfig em1 hwfeatures ifconfig em5 hwfeatures
Re: "OpenBSD Doc" App idea
Sep 7, 2023 19:24:51 Ingo Schwarze : > > In particular, there is no interest in providing an "OpenBSD Doc" > app on Google Play, nor can i see any need for such an app. I was clearly meaning doing the doc app before to put the whole OpenBSD on the cloud, sorry for the late clarification. ;D -- Daniele Bonini
Re: Stacked MTUs
> dmesg | grep em em0 at pci8 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:25:90:b8:82:b8 em1 at pci9 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:25:90:b8:82:b9 em2 at pci12 dev 0 function 0 "Intel I350" rev 0x01: msi, address 00:25:90:b8:82:ba em3 at pci12 dev 0 function 1 "Intel I350" rev 0x01: msi, address 00:25:90:b8:82:bb em4 at pci12 dev 0 function 2 "Intel I350" rev 0x01: msi, address 00:25:90:b8:82:bc em5 at pci12 dev 0 function 3 "Intel I350" rev 0x01: msi, address 00:25:90:b8:82:bd > ifconfig em1 hwfeatures em1: flags=8b43 mtu 1500 hwfeatures=10 hardmtu 9216 lladdr fe:e1:ba:d0:1d:61 index 4 priority 0 llprio 3 trunk: trunkdev aggr0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active > ifconfig em5 hwfeatures em5: flags=8b43 mtu 1500 hwfeatures=10 hardmtu 9216 lladdr fe:e1:ba:d0:1d:61 index 8 priority 0 llprio 3 trunk: trunkdev aggr0 media: Ethernet autoselect (1000baseT full-duplex,master) status: active
Re: "OpenBSD Doc" App idea
Hi Daniele, Daniele B. wrote on Thu, Sep 07, 2023 at 06:08:06PM +0200: > I simply opened my Google Play and I tried to search Unix > and related terms, etc etc. I had to look up what "Google Play" means, but now your question is specific enough to allow an authoritative answer: Providing apps to the "Google Play" app store falls outside the scope of the OpenBSD project. In particular, there is no interest in providing an "OpenBSD Doc" app on Google Play, nor can i see any need for such an app. To access OpenBSD docs on your Android device, simply use https://man.openbsd.org/ and report any adaptive design issues you might encounter. Yours, Ingo -- > Sorry to have awaked you, I may have looked asleep, but i was merely writing documentation. =:c) #slackers
Stacked MTUs
I'm setting up jumbograms on a couple of vlans stacked on an aggr and I need a sanithy check that I'm doing this right. The switches use a hardware MTU of 9192. We want an IP MTU of 9000 for the vlans. I'm assuming this will work? ifconfig em1 mtu 9192 ifconfig em5 mtu 9192 ifconfig aggr0 9192 # em1+em5 lacp ifconfig vlanX mtu 9000 # stacked on aggr0 ifconfig vlanY mtu 1500 # ditto --lyndon
Re: "OpenBSD Doc" App idea
Clearly I do not want to discriminate among Windowz Doc, Mac Doc, Linux Doc and OpenBSD Doc mobile apps, of the App Store ( the proposed order is clearly random) -- Daniele Bonini
Re: "OpenBSD Doc" App idea
Hey Ingo, > I feel very confused Sorry to have awaked you, I didn't think "App Sore" could cause so much disappointment in one person, sorry for that. I notice that you oftwn write me sporting some .de domains, it will be a case I say. I guess you are pointing about "my blood". However, no problem! I simply opened my Google Play and I tried to search Unix and related terms, etc etc. as mentiomed > https://termux.dev/ Thank you very nide and off topic. Appreciated, german one! -- Daniele Bonini Sep 7, 2023 17:46:49 Ingo Schwarze : > In case you are talking about Android mobile devices - which, > admittedly, is a wild guess on my part - the Termux system already > includes the OpenBSD version of man(1) by default, and it has been > doing so for more than a decade now. In that sense, Android already > has an OpenBSD documentation app. For more information, see: > > https://termux.dev/ > > In case you are talking about Apple devices running macOS, newer > versions of that system now also use the OpenBSD implementation as > the formatting engine in their man(1) program - though last time i > heard something about that, it didn't appear to be quite stable yet > but hastily stitched together and rather buggy, as usual with Unix > software on macOS in general. > >> Anyone's offer? Yes I'm talking to you.. ;D > > I feel very confused by your request, and i fear i don't really > understand what you are asking for.
Re: "OpenBSD Doc" App idea
Hi Daniele, Daniele B. wrote on Thu, Sep 07, 2023 at 04:27:18PM +0200: > Just pushing myself over any device limit.. Huh? What does that mean? > I just searched the App Stores for "Unix" and related ones > and wondering if we can hope to have an "OpenBSD Doc" > app beside a "FreeBSD Doc" app anytime soon? I'm usually interested in anything related to BSD documentation, but it seems pretty unclear to me what you are talking about here. What is the meaning of the term "app store"? The "app store" for OpenBSD is documented in the manual pages pkg_add(1) and packages(7), but you do not need any of that for reading OpenBSD documentation nor for reading third-party documentation on OpenBSD. The "app" you use on OpenBSD for reading documentation is standardized by POSIX, called man(1), and on OpenBSD, it provides many extensions to the standard. Alternatively, at points in time when you do not have access to any OpenBSD system, you can also read OpenBSD documentation here, without needing any "app" whatsoever, in plain HTML5+CSS format: https://man.openbsd.org/ Now *if* you are talking about mobile devices, effort has been spent on giving https://man.openbsd.org/ an adaptive design. In case there are still any respects in which it isn't mobile-friendly, reports are quite welcome. Again, no "app store" needed for all i know... In case you are talking about Android mobile devices - which, admittedly, is a wild guess on my part - the Termux system already includes the OpenBSD version of man(1) by default, and it has been doing so for more than a decade now. In that sense, Android already has an OpenBSD documentation app. For more information, see: https://termux.dev/ In case you are talking about Apple devices running macOS, newer versions of that system now also use the OpenBSD implementation as the formatting engine in their man(1) program - though last time i heard something about that, it didn't appear to be quite stable yet but hastily stitched together and rather buggy, as usual with Unix software on macOS in general. > Anyone's offer? Yes I'm talking to you.. ;D I feel very confused by your request, and i fear i don't really understand what you are asking for. Yours, Ingo
"OpenBSD Doc" App idea
Hello, Just pushing myself over any device limit.. I just searched the App Stores for "Unix" and related ones and wondering if we can hope to have an "OpenBSD Doc" app beside a "FreeBSD Doc" app anytime soon? Anyone's offer? Yes I'm talking to you.. ;D -- Daniele Bonini
