Re: "OpenBSD Doc" App idea

[David Rinehart]

After an issue with mangl, from ports, I discovered and configure man.cgi

on localhost httpd after install - works great (online or offline)!


Thanks,

David Rinehart


On 9/8/23 13:54, Amarendra Godbole wrote:
> On Fri, Sep 8, 2023 at 8:02 AM Luke Call  wrote:
>> On 2023-09-07 22:47:47+0200, Daniele B.  wrote:
 I don't know if Android has a similar feature, but at least on iOS you
 can save a particular website to your home as a webapp from Safari.
>>> Thanks for the answer Shokara. My initiative was to call for the development
>>> in the community of a serious app, with commands directory and full-text 
>>> search,
>>> working offline on multiple device with different screen orientation.
>>>
>>> Beside the possibility to create an home link of the online site on Android.
>>>
>> If you need full-text search from the desktop, this does the job for me.
>> I put it in my path and call the script "mank" since it resembles
>> Linux's "man -K" well enough
>> for me, and has been useful when I just know I read something but can't
>> remember where well enough to use apropos.  It is not fast.  It assumes
>> bash is installed from packages, but could easily be changed to use ksh 
>> instead.
>>
>> #!/usr/bin/env bash
>> set -eux
>> TMP=$(mktemp -t mank-tmp-output_XX)
>> nice grep -irE -C "$1" /usr/share/man/* 2>&1 > $TMP || true
>> nice grep -irE -C "$1" /usr/local/man/* 2>&1 >> $TMP || true
>> less -p "$1" $TMP
>> rm -f $TMP
>> echo $?
>>
>> I also have used wget a couple of times in the past to locally mirror
>> www.openbsd.org in case I needed something and can't get online, and
>> then one could grep that also (or use google to do a full-text online search
>> of that site), but I don't know whether that wget thing is a great idea.
> [...]
>
> Alternately, you can also clone the www repo: https://github.com/openbsd/www
>
> Thanks.
>
> -ag
>

Re: veb and vport on apu2 -- config feedback

[Amarendra Godbole]

On Fri, Sep 8, 2023 at 8:07 PM Daniel Ouellet  wrote:
>
> Hi,
>
> A few things here.
>
> Comcast DO NOT use 9000 mtu, so don't try to use that.
>
> They sadly ONLY support 1500.
>
> if you force 9000 mtu, you will only create fragments.
>
> You can find it if you search for it as well.
>
> https://forums.xfinity.com/conversations/your-home-network/mtu-size/602db12cc5375f08cd47b1ad
>
> Also if you actually want to use the martian table, make it complete
> also available is you search for the reserved IP's
>
> table  const { 0/8, 10/8, 100.64/10, 127/8, 169.254/16, \
> 172.16/12, 192/24, 192.0.2/24, 192.168/16, 198.18/15, 198.51.100/24, \
> 203.0.113/24, 224/4, 240/4, 255.255.255.255/32 }
>
> Daniel

Thanks Daniel, I have made the recommended changes. Appreciate your feedback.

-Amarendra

>
>
> On 9/8/23 9:41 PM, Amarendra Godbole wrote:
> > On Fri, Jun 23, 2023 at 6:18 PM David Gwynne  wrote:
> >>
> >> looks good to me after a quick read.
> >>
> >>> On 23 Jun 2023, at 12:15, Amarendra Godbole  
> >>> wrote:
> >>>
> >>> I am planning to experiment with veb on my PC Engines apu2e4 board. It
> >>> has three ports (em0, 1 and 2). Current configuration has em0 hooked
> >>> up to cable modem, while em1 and em2 are internal LAN. I don't have a
> >>> good ability to troubleshoot via a serial console, since the apu board
> >>> sits in the garage on top of a cabinet -- running serial cable to a
> >>> laptop is challenging, though not impossible. So I am looking for
> >>> feedback so as to keep this troubleshooting time minimal.
> > [...]
> >
> > Thanks for the review, David. I finally managed to find a window when
> > my family was away from the internet, so I could experiment. :-) My
> > internet is delivered via Comcast cable modem, hooked to the APU's em0
> > port. A Ruckus wireless AP connects to em1.
> >
> > Here is a fully working configuration:
> >
> > $ cat hostname.em0
> > dhcp description "comcast uplink"
> >
> > $ cat hostname.em1
> > mtu 9000
> > up
> >
> > $ cat hostname.em2
> > mtu 9000
> > up
> >
> > $ cat hostname.veb0
> > add em1
> > add em2
> > add vport0
> > link0
> > up
> >
> > $ cat hostname.vport0
> > inet 192.168.1.1 255.255.255.0 192.168.1.255
> > mtu 9000
> > group internal
> > up
> >
> > $ cat pf.conf
> > table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16  
> > \
> >172.16.0.0/12 192.0.0.0/24 192.0.2.0/24
> > 224.0.0.0/3  \
> >192.168.0.0/16 198.18.0.0/15
> > 198.51.100.0/24   \
> > 203.0.113.0/24 }
> >
> > set block-policy drop
> > set loginterface egress
> > set skip on lo0
> > match in all scrub (no-df random-id max-mss 1440)
> >
> > antispoof quick for egress
> > block in from no-route
> > block in quick from urpf-failed
> >
> > block in quick on egress from  to any
> > block return out quick on egress from any to 
> >
> > block all
> > match out on egress nat-to (egress)
> > pass out quick inet
> > pass in on internal inet
> > block return in quick on internal proto { udp tcp } to ! internal port
> > { domain domain-s }
> >
> > $ cat rc.conf.local
> > dhcpd_flags=vport0
> > unbound_flags=
> > unbound_timeout=240
> >
> > $ ifconfig
> > lo0: flags=8049 mtu 32768
> > index 5 priority 0 llprio 3
> > groups: lo
> > inet6 ::1 prefixlen 128
> > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
> > inet 127.0.0.1 netmask 0xff00
> >
> > em0: flags=808843 mtu 1500
> > lladdr 00:0d:b9:56:f4:fc
> > index 1 priority 0 llprio 3
> > groups: egress
> > media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
> > status: active
> > inet 98.35.243.87 netmask 0xff00 broadcast 98.35.243.255
> >
> > em1: flags=8b43
> > mtu 9000
> > lladdr 00:0d:b9:56:f4:fd
> > index 2 priority 0 llprio 3
> > media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
> > status: active
> >
> > em2: flags=8b43
> > mtu 9000
> > lladdr 00:0d:b9:56:f4:fe
> > index 3 priority 0 llprio 3
> > media: Ethernet autoselect (none)
> > status: no carrier
> >
> > enc0: flags=0<>
> > index 4 priority 0 llprio 3
> > groups: enc
> > status: active
> >
> > veb0: flags=9843
> > index 6 llprio 3
> > groups: veb
> > em1 flags=3
> > port 2 ifpriority 0 ifcost 0
> > em2 flags=3
> > port 3 ifpriority 0 ifcost 0
> > vport0 flags=3
> > port 7 ifpriority 0 ifcost 0
> >
> > vport0: flags=8943 mtu 9000
> > lladdr fe:e1:ba:d0:18:bd
> > index 7 priority 0 llprio 3
> > groups: vport internal
> > inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255
> >
> > pflog0: flags=141 mtu 33136
> > index 8 priority 0 llprio 3
> > groups: pflog
> >
> > Thanks.
> >
> > -Amarendra
> >
>

Re: veb and vport on apu2 -- config feedback

[Daniel Ouellet]

Hi,

A few things here.

Comcast DO NOT use 9000 mtu, so don't try to use that.

They sadly ONLY support 1500.

if you force 9000 mtu, you will only create fragments.

You can find it if you search for it as well.

https://forums.xfinity.com/conversations/your-home-network/mtu-size/602db12cc5375f08cd47b1ad

Also if you actually want to use the martian table, make it complete 
also available is you search for the reserved IP's


table  const { 0/8, 10/8, 100.64/10, 127/8, 169.254/16, \
172.16/12, 192/24, 192.0.2/24, 192.168/16, 198.18/15, 198.51.100/24, \
203.0.113/24, 224/4, 240/4, 255.255.255.255/32 }

Daniel


On 9/8/23 9:41 PM, Amarendra Godbole wrote:

On Fri, Jun 23, 2023 at 6:18 PM David Gwynne  wrote:


looks good to me after a quick read.


On 23 Jun 2023, at 12:15, Amarendra Godbole  wrote:

I am planning to experiment with veb on my PC Engines apu2e4 board. It
has three ports (em0, 1 and 2). Current configuration has em0 hooked
up to cable modem, while em1 and em2 are internal LAN. I don't have a
good ability to troubleshoot via a serial console, since the apu board
sits in the garage on top of a cabinet -- running serial cable to a
laptop is challenging, though not impossible. So I am looking for
feedback so as to keep this troubleshooting time minimal.

[...]

Thanks for the review, David. I finally managed to find a window when
my family was away from the internet, so I could experiment. :-) My
internet is delivered via Comcast cable modem, hooked to the APU's em0
port. A Ruckus wireless AP connects to em1.

Here is a fully working configuration:

$ cat hostname.em0
dhcp description "comcast uplink"

$ cat hostname.em1
mtu 9000
up

$ cat hostname.em2
mtu 9000
up

$ cat hostname.veb0
add em1
add em2
add vport0
link0
up

$ cat hostname.vport0
inet 192.168.1.1 255.255.255.0 192.168.1.255
mtu 9000
group internal
up

$ cat pf.conf
table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16  \
   172.16.0.0/12 192.0.0.0/24 192.0.2.0/24
224.0.0.0/3  \
   192.168.0.0/16 198.18.0.0/15
198.51.100.0/24   \
203.0.113.0/24 }

set block-policy drop
set loginterface egress
set skip on lo0
match in all scrub (no-df random-id max-mss 1440)

antispoof quick for egress
block in from no-route
block in quick from urpf-failed

block in quick on egress from  to any
block return out quick on egress from any to 

block all
match out on egress nat-to (egress)
pass out quick inet
pass in on internal inet
block return in quick on internal proto { udp tcp } to ! internal port
{ domain domain-s }

$ cat rc.conf.local
dhcpd_flags=vport0
unbound_flags=
unbound_timeout=240

$ ifconfig
lo0: flags=8049 mtu 32768
index 5 priority 0 llprio 3
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff00

em0: flags=808843 mtu 1500
lladdr 00:0d:b9:56:f4:fc
index 1 priority 0 llprio 3
groups: egress
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet 98.35.243.87 netmask 0xff00 broadcast 98.35.243.255

em1: flags=8b43
mtu 9000
lladdr 00:0d:b9:56:f4:fd
index 2 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active

em2: flags=8b43
mtu 9000
lladdr 00:0d:b9:56:f4:fe
index 3 priority 0 llprio 3
media: Ethernet autoselect (none)
status: no carrier

enc0: flags=0<>
index 4 priority 0 llprio 3
groups: enc
status: active

veb0: flags=9843
index 6 llprio 3
groups: veb
em1 flags=3
port 2 ifpriority 0 ifcost 0
em2 flags=3
port 3 ifpriority 0 ifcost 0
vport0 flags=3
port 7 ifpriority 0 ifcost 0

vport0: flags=8943 mtu 9000
lladdr fe:e1:ba:d0:18:bd
index 7 priority 0 llprio 3
groups: vport internal
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255

pflog0: flags=141 mtu 33136
index 8 priority 0 llprio 3
groups: pflog

Thanks.

-Amarendra

Re: veb and vport on apu2 -- config feedback

[Amarendra Godbole]

On Fri, Jun 23, 2023 at 6:18 PM David Gwynne  wrote:
>
> looks good to me after a quick read.
>
> > On 23 Jun 2023, at 12:15, Amarendra Godbole  
> > wrote:
> >
> > I am planning to experiment with veb on my PC Engines apu2e4 board. It
> > has three ports (em0, 1 and 2). Current configuration has em0 hooked
> > up to cable modem, while em1 and em2 are internal LAN. I don't have a
> > good ability to troubleshoot via a serial console, since the apu board
> > sits in the garage on top of a cabinet -- running serial cable to a
> > laptop is challenging, though not impossible. So I am looking for
> > feedback so as to keep this troubleshooting time minimal.
[...]

Thanks for the review, David. I finally managed to find a window when
my family was away from the internet, so I could experiment. :-) My
internet is delivered via Comcast cable modem, hooked to the APU's em0
port. A Ruckus wireless AP connects to em1.

Here is a fully working configuration:

$ cat hostname.em0
dhcp description "comcast uplink"

$ cat hostname.em1
mtu 9000
up

$ cat hostname.em2
mtu 9000
up

$ cat hostname.veb0
add em1
add em2
add vport0
link0
up

$ cat hostname.vport0
inet 192.168.1.1 255.255.255.0 192.168.1.255
mtu 9000
group internal
up

$ cat pf.conf
table  { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16  \
  172.16.0.0/12 192.0.0.0/24 192.0.2.0/24
224.0.0.0/3  \
  192.168.0.0/16 198.18.0.0/15
198.51.100.0/24   \
   203.0.113.0/24 }

set block-policy drop
set loginterface egress
set skip on lo0
match in all scrub (no-df random-id max-mss 1440)

antispoof quick for egress
block in from no-route
block in quick from urpf-failed

block in quick on egress from  to any
block return out quick on egress from any to 

block all
match out on egress nat-to (egress)
pass out quick inet
pass in on internal inet
block return in quick on internal proto { udp tcp } to ! internal port
{ domain domain-s }

$ cat rc.conf.local
dhcpd_flags=vport0
unbound_flags=
unbound_timeout=240

$ ifconfig
lo0: flags=8049 mtu 32768
index 5 priority 0 llprio 3
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
inet 127.0.0.1 netmask 0xff00

em0: flags=808843 mtu 1500
lladdr 00:0d:b9:56:f4:fc
index 1 priority 0 llprio 3
groups: egress
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active
inet 98.35.243.87 netmask 0xff00 broadcast 98.35.243.255

em1: flags=8b43
mtu 9000
lladdr 00:0d:b9:56:f4:fd
index 2 priority 0 llprio 3
media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)
status: active

em2: flags=8b43
mtu 9000
lladdr 00:0d:b9:56:f4:fe
index 3 priority 0 llprio 3
media: Ethernet autoselect (none)
status: no carrier

enc0: flags=0<>
index 4 priority 0 llprio 3
groups: enc
status: active

veb0: flags=9843
index 6 llprio 3
groups: veb
em1 flags=3
port 2 ifpriority 0 ifcost 0
em2 flags=3
port 3 ifpriority 0 ifcost 0
vport0 flags=3
port 7 ifpriority 0 ifcost 0

vport0: flags=8943 mtu 9000
lladdr fe:e1:ba:d0:18:bd
index 7 priority 0 llprio 3
groups: vport internal
inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255

pflog0: flags=141 mtu 33136
index 8 priority 0 llprio 3
groups: pflog

Thanks.

-Amarendra

Re: desire for journaled filesystem

[Rudolf Leitgeb]

If push comes to shove, then the journaling file system may lose
more data, but it will be consistent. FFS will have written as much
as possible, sometimes without association with an inode, that's when
people encounter full lost+found directories.

Neither file system will correctly record the most recent additions,
but will most likely hold on to all the old stuff. Backup is therefore
of little help in most situations like this.

>From this perspective the main difference is, that a journaling FS
will be consistent and bootable after each and every crash (and I've 
seen hundreds), whereas I have positively seen instances, in which FFS
would throw me into root console and ask for manual fsck.

The latter is not much of a problem in a desktop (assuming you know 
how to clean up), but definitely a big nuissance for routers or off site
machines. I do agree, that home routers (like my EdgeRouter) should run on
a readonly FS to avoid this problem the right way, not scream for FS
journals.

On Wed, 2023-09-06 at 08:05 +0200, Janne Johansson wrote:
> Den tis 5 sep. 2023 kl 20:53 skrev John Holland :
> > 
> > I have a backup that is at least 2 days old offsite at a friend’s house. It 
> > would be a
> > bit of a pain to go retrieve it, but I could do that.
> > 
> >  Short of that, I have 4000+ files in lost+found with names like #1094827. 
> > What can I
> > do with those? I tried running “file” on the first 50 via xargs and they 
> > mostly at
> > least purport to be some sort of intact file. How can I determine what they 
> > are?
> > Please don’t suggest that I manually use “file” and then an appropriate 
> > program to
> > examine each one in turn
> > 
> 
> Those "files" are fragments of files, named after the inode number,
> which you get when fsck finds a not-complete chain of
> directory-entry/filename -> inode -> linked list of file-contents.
> 
> While fsck can't figure out the filename and where in the directory
> structure it is meant to belong, or possibly if it is only some part
> of a whole file, it will give you a chance to recover at least partial
> contents from the lost+found folder. Sometimes this might be awesome
> if you can dig out some key or pw needed for something super
> important, sometimes you get half of a database file and that is
> probably close to zero usefulness.
> 
> That said, if it was (as written later) browser cache and partial
> downloads, it is not very surprising that data files exist which are
> not yet linked during the download, or temp files unlinked for later
> deletion by the FS, had the computer not crashed. If you had something
> like zfs, those half-written or half-deleted files might just have
> been totally missing instead of ending up in lost+found, since they
> represent a point-in-time in which the FS is not in a consistent
> state, so the end result would mostly have been the same, this data is
> not visible under your home account after the crash.
> 
> Journaling has some great advantages, like write aggregation if your
> journal can be placed on a faster device and when it comes to quick
> checkups after crashes, an empty journal often means the fs was not in
> a broken state and probably needs less or no total checkup by fsck
> tools, which is nice.
> It will not fix a half-downloaded ISO or unlinked temp files that you
> for some reason want to look at afterwards, nor will the journal fix
> any kind of broken sectors, though checksumming file systems will of
> course help you find the errors before handing the bad sectors over to
> your applications.
> 

Re: desire for journaled filesystem

[Gregory Edigarov]

On Wed, 6 Sep 2023 22:52:59 -0400
Nick Holland  wrote:

> On 9/6/23 08:23, John Holland wrote:
> > Janne-
> > 
> > Thanks for all that useful information.
> > 
> > others- this is a thinkpad, that's not on all the time, so a cron
> > backup is not that good. I actually back up manually, currently
> > using "borg" for that. I mostly just do email and web on it so
> > there's probably nothing serious lost. In a few days I will have
> > the external disk with the backup back here and I may see what I
> > can find on it. My /home partition has a lot of data on it because
> > I built an AWS Openbsd machine image on it. But it would be good to
> > see whether my system is working correctly.
> 
> Cats are fuzzy
> Fire is hot
> Journaling file systems are complicated
> Backups are important.

well, speaking about backups,what I (well, somewhat) miss on openbsd,
is the ability to make a snapshot of filesystem, (in the style of
freebsd mksnap). but I can live without it definitely.
my sources are in git, my data backups live in borg, the system is
subject to reinstall in case of disaster.

 
 

Re: Update from 6.5 to 7.3

[Daniel Ouellet]

I did a few from 6.6 to 7.3 and it was real easy.

The source I used was:

http://ftp.eu.openbsd.org/pub/OpenBSD/

Looks like this it the one that have the most files from the older version.

They have all the files from 2.0 and up. (;

Nice if you want to see how the system evolved over time. (;

Not saying it's the only one, but that's the best I found with all the 
oldest one and it worked like a charm.



The only thing is that the file system change for the default type in 
6.7 from ffs to ffs2.


The sysupgrade started in 6.6, so may be that's why my upgrades were 
super easy.


But anything older then 6.7, I did the fresh installed because of the 
file system change in 6.7


I didn't have any issue with softraid either for any systems that were 
6.7 all the way to 7.3 and it was fairly quick.


At the end I also used the sysclean as well, BUT SETUP the 
/etc/sysclean.ignore FIRST. Really that was took me more time to be sure 
I did this right. But if your careful and know your systems, I see no 
problem. If you use it without being careful, you CAN MESS YOURSELF real 
bad!


Anything 6.6 and older I did fresh install to change the file system use 
by default.


On softraid system upgrade from 6.7 to 7.3 easy as well. And you can see 
the file syetem you use as well.


Softraid here:
sp1$  doas dumpfs /dev/rsd2a | head -1
magic   19540119 (FFS2) timeFri Sep  8 16:38:40 2023

So that's the only hickup may be that I can see.

One NONE Softraid system you see the same thing except this is
$ doas dumpfs /dev/rsd0a | head -1
magic   11954 (FFS1)timeThu Aug 24 16:29:48 2023

But on system like Octeon, the space from the /usr is just a bit to 
small. :(


I didn't try top do it because of this.

Hope this help you and answer your question.

Daniel

On 9/8/23 1:54 PM, Marc Espie wrote:

On Fri, Sep 08, 2023 at 06:36:57PM +0200, Alessandro Baggi wrote:



Il 08/09/23 18:24, Peter N. M. Hansteen ha scritto:

On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:

I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This
is a firewall.
The problem is that I cannot find older ISO of OpenBSD. Can someone point me
in the right direction?


If you are planning to go the supported route and upgrade from release to 
release,
you have eight rounds of upgrading ahead.

If this is a firewall that does not do anything else, I would join a few of the
other posters here in recommending that you back up the tiny number of files
that could differ from a default install do a fresh reinstall, only editing
in the things you need from your old /etc/ such as (likely most of) pf.conf.

- Peter



Actually I upgraded from 6.5 to 7.0 and I learned many new things. Wow...I
love OpenBSD.


Please tell us about your experience ! it's probably going to be rather
interesting.

Re: "OpenBSD Doc" App idea

[Amarendra Godbole]

On Fri, Sep 8, 2023 at 8:02 AM Luke Call  wrote:
>
> On 2023-09-07 22:47:47+0200, Daniele B.  wrote:
> >
> > > I don't know if Android has a similar feature, but at least on iOS you
> > > can save a particular website to your home as a webapp from Safari.
> >
> > Thanks for the answer Shokara. My initiative was to call for the development
> > in the community of a serious app, with commands directory and full-text 
> > search,
> > working offline on multiple device with different screen orientation.
> >
> > Beside the possibility to create an home link of the online site on Android.
> >
>
> If you need full-text search from the desktop, this does the job for me.
> I put it in my path and call the script "mank" since it resembles
> Linux's "man -K" well enough
> for me, and has been useful when I just know I read something but can't
> remember where well enough to use apropos.  It is not fast.  It assumes
> bash is installed from packages, but could easily be changed to use ksh 
> instead.
>
> #!/usr/bin/env bash
> set -eux
> TMP=$(mktemp -t mank-tmp-output_XX)
> nice grep -irE -C "$1" /usr/share/man/* 2>&1 > $TMP || true
> nice grep -irE -C "$1" /usr/local/man/* 2>&1 >> $TMP || true
> less -p "$1" $TMP
> rm -f $TMP
> echo $?
>
> I also have used wget a couple of times in the past to locally mirror
> www.openbsd.org in case I needed something and can't get online, and
> then one could grep that also (or use google to do a full-text online search
> of that site), but I don't know whether that wget thing is a great idea.
[...]

Alternately, you can also clone the www repo: https://github.com/openbsd/www

Thanks.

-ag

Re: Update from 6.5 to 7.3

[Marc Espie]

On Fri, Sep 08, 2023 at 06:36:57PM +0200, Alessandro Baggi wrote:
> 
> 
> Il 08/09/23 18:24, Peter N. M. Hansteen ha scritto:
> > On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:
> > > I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. 
> > > This
> > > is a firewall.
> > > The problem is that I cannot find older ISO of OpenBSD. Can someone point 
> > > me
> > > in the right direction?
> > 
> > If you are planning to go the supported route and upgrade from release to 
> > release,
> > you have eight rounds of upgrading ahead.
> > 
> > If this is a firewall that does not do anything else, I would join a few of 
> > the
> > other posters here in recommending that you back up the tiny number of files
> > that could differ from a default install do a fresh reinstall, only editing
> > in the things you need from your old /etc/ such as (likely most of) pf.conf.
> > 
> > - Peter
> > 
> 
> Actually I upgraded from 6.5 to 7.0 and I learned many new things. Wow...I
> love OpenBSD.

Please tell us about your experience ! it's probably going to be rather
interesting.

Re: Update from 6.5 to 7.3

[Alessandro Baggi]

Il 08/09/23 18:24, Peter N. M. Hansteen ha scritto:

On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:

I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This
is a firewall.
The problem is that I cannot find older ISO of OpenBSD. Can someone point me
in the right direction?


If you are planning to go the supported route and upgrade from release to 
release,
you have eight rounds of upgrading ahead.

If this is a firewall that does not do anything else, I would join a few of the
other posters here in recommending that you back up the tiny number of files
that could differ from a default install do a fresh reinstall, only editing
in the things you need from your old /etc/ such as (likely most of) pf.conf.

- Peter



Actually I upgraded from 6.5 to 7.0 and I learned many new things. 
Wow...I love OpenBSD.


Definitely I will install fresh from 7.3.

Thank you for your suggestions.

Best regards

Re: Update from 6.5 to 7.3

[Peter N. M. Hansteen]

On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:
> I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This
> is a firewall.
> The problem is that I cannot find older ISO of OpenBSD. Can someone point me
> in the right direction?

If you are planning to go the supported route and upgrade from release to 
release,
you have eight rounds of upgrading ahead.

If this is a firewall that does not do anything else, I would join a few of the
other posters here in recommending that you back up the tiny number of files
that could differ from a default install do a fresh reinstall, only editing
in the things you need from your old /etc/ such as (likely most of) pf.conf.

- Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Update from 6.5 to 7.3

[deich...@placebonol.com]

Once upon a time I provided an official OpenBSD mirror with every release that 
had a CD release, going back to 2.3, but then the drive failed and I didn't 
have time to rebuild it.

73
diana

On September 8, 2023 2:12:57 AM MDT, "Herbert J. Skuhra"  
wrote:
>On Fri, 08 Sep 2023 10:01:45 +0200, Alessandro Baggi wrote:
>> 
>> Hi list,
>> I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an
>> APU2D. This is a firewall.
>> The problem is that I cannot find older ISO of OpenBSD. Can someone
>> point me in the right direction?
>> 
>> Thank you in advance.
>
>Mirror in Australia:
>
>https://mirror.aarnet.edu.au/pub/OpenBSD/
>
>--
>Herbert
>

Correct donation page

[misc]

Hi misc,

Trying to donate some BTC. In the donation page 
"https://www.openbsd.org/donations.html;


There is a mention to cryptocurrencies being accepted.

The OpenBSD Foundation collects donations by Cheque, Bank Draft, PayPal, 
PayPal recurring, or Bitcoin. 



Following "https://www.openbsdfoundation.org/donations.html; lacks an 
address to receive the funds.


Cheers

Re: DisplayPort to HDMI DRM error report

[Mischa Peters]

It's not you, it's me.
I configured the wrong switch port. :/
Should work now.

Mischa

On 2023-09-08 16:46, Daniele B wrote:

Hello,

I just inserted in my student mini pc
OpenBSD 7.2

a brand new DP(male) to HDMI(female) adapter:
https://amazon.it/dp/B08GFJF7LP/

The adapter runs well as I'm able to interact with the station.
But just before the disk initialization some DRM message are reported
as diplayed below.

The tail of the dmesg says this:

drm:pid0:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20

inteldrm0: 1920x1080, 32bpp
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using 
wskbd0

wskbd1: connecting to wsdisplay0
wsdisplay0: screen 1-5 added (std, vt100 emulation)
drm:pid901:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected 
DP dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected 
DP dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected 
DP dual mode adaptor ID 20


Hope it is just fine to work around the prb.


-- Daniele Bonini

Re: Update from 6.5 to 7.3

[Jan Stary]

If it's a firewall, chances are that what it's worth
is a few files in /etc. It might be much easier to backup,
reinstall with 7.3 and give those few files some love.

Jan


On Sep 08 10:01:45, alessandro.ba...@gmail.com wrote:
> Hi list,
> I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This
> is a firewall.
> The problem is that I cannot find older ISO of OpenBSD. Can someone point me
> in the right direction?
> 
> Thank you in advance.
> 
> 

Re: "OpenBSD Doc" App idea

[Luke Call]

On 2023-09-07 22:47:47+0200, Daniele B.  wrote:
> 
> > I don't know if Android has a similar feature, but at least on iOS you
> > can save a particular website to your home as a webapp from Safari.
> 
> Thanks for the answer Shokara. My initiative was to call for the development
> in the community of a serious app, with commands directory and full-text 
> search,
> working offline on multiple device with different screen orientation.
> 
> Beside the possibility to create an home link of the online site on Android.
> 

If you need full-text search from the desktop, this does the job for me.
I put it in my path and call the script "mank" since it resembles 
Linux's "man -K" well enough
for me, and has been useful when I just know I read something but can't
remember where well enough to use apropos.  It is not fast.  It assumes
bash is installed from packages, but could easily be changed to use ksh instead.

#!/usr/bin/env bash
set -eux
TMP=$(mktemp -t mank-tmp-output_XX)
nice grep -irE -C "$1" /usr/share/man/* 2>&1 > $TMP || true
nice grep -irE -C "$1" /usr/local/man/* 2>&1 >> $TMP || true
less -p "$1" $TMP
rm -f $TMP
echo $?

I also have used wget a couple of times in the past to locally mirror
www.openbsd.org in case I needed something and can't get online, and
then one could grep that also (or use google to do a full-text online search
of that site), but I don't know whether that wget thing is a great idea.

DisplayPort to HDMI DRM error report

[Daniele B]

Hello,

I just inserted in my student mini pc
OpenBSD 7.2

a brand new DP(male) to HDMI(female) adapter:
https://amazon.it/dp/B08GFJF7LP/

The adapter runs well as I'm able to interact with the station.
But just before the disk initialization some DRM message are reported
as diplayed below.

The tail of the dmesg says this:

drm:pid0:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20

inteldrm0: 1920x1080, 32bpp
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using 
wskbd0

wskbd1: connecting to wsdisplay0
wsdisplay0: screen 1-5 added (std, vt100 emulation)
drm:pid901:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20
drm:pid65608:drm_dp_dual_mode_detect *ERROR* [drm] *ERROR* Unexpected DP 
dual mode adaptor ID 20


Hope it is just fine to work around the prb.


-- Daniele Bonini

Re: Update from 6.5 to 7.3

[Todd]

The minimum size for /usr has changed recently.   If you used auto
partitioning when you installed 6.5, /usr is probably too small for 7.3.


On Fri, Sep 8, 2023 at 6:52 AM Zé Loff  wrote:

> On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:
> > Hi list,
> > I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D.
> This
> > is a firewall.
> > The problem is that I cannot find older ISO of OpenBSD. Can someone
> point me
> > in the right direction?
> >
> > Thank you in advance.
> >
>
> Considering this is a firewall I'm assuming it doesn't differ
> significantly from a base install (network config, pf.conf, perhaps some
> ssh keys, a couple of packages).  If this is the case I'd much rather do
> a fresh install and redo the changes.  Unless you have a very complex
> setup, it's much quicker to start from scratch than do eight upgrades in
> a row.
>
> --
>
>
>

Re: Update from 6.5 to 7.3

[Zé Loff]

On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote:
> Hi list,
> I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This
> is a firewall.
> The problem is that I cannot find older ISO of OpenBSD. Can someone point me
> in the right direction?
> 
> Thank you in advance.
> 

Considering this is a firewall I'm assuming it doesn't differ
significantly from a base install (network config, pf.conf, perhaps some
ssh keys, a couple of packages).  If this is the case I'd much rather do
a fresh install and redo the changes.  Unless you have a very complex
setup, it's much quicker to start from scratch than do eight upgrades in
a row.

-- 
 

Re: Update from 6.5 to 7.3

[Alessandro Baggi]

Il 08/09/23 10:12, Herbert J. Skuhra ha scritto:

On Fri, 08 Sep 2023 10:01:45 +0200, Alessandro Baggi wrote:


Hi list,
I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an
APU2D. This is a firewall.
The problem is that I cannot find older ISO of OpenBSD. Can someone
point me in the right direction?

Thank you in advance.


Mirror in Australia:

https://mirror.aarnet.edu.au/pub/OpenBSD/

--
Herbert



Hi Herbert,
thank you very much for the resource.

Best regards.

Re: Update from 6.5 to 7.3

[Herbert J. Skuhra]

On Fri, 08 Sep 2023 10:01:45 +0200, Alessandro Baggi wrote:
> 
> Hi list,
> I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an
> APU2D. This is a firewall.
> The problem is that I cannot find older ISO of OpenBSD. Can someone
> point me in the right direction?
> 
> Thank you in advance.

Mirror in Australia:

https://mirror.aarnet.edu.au/pub/OpenBSD/

--
Herbert

Update from 6.5 to 7.3

[Alessandro Baggi]

Hi list,
I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. 
This is a firewall.
The problem is that I cannot find older ISO of OpenBSD. Can someone 
point me in the right direction?


Thank you in advance.

Re: desire for journaled filesystem

[Janne Johansson]

Den fre 8 sep. 2023 kl 03:47 skrev Steve Litt :
>
> My main computer is Void Linux. If I had to restore from backup every
> time the disks became mildly messed up, all my time would be spent
> backing up and restoring.
>
> I remember back in the 90's and early 00's before journalling every
> system crash was grounds for an ulcer.

Then again, ext2-3-4 run in asynch mode for all operations, which is
why e2fsck takes such a long time, the act of creating a new file
needs at least four operations (allocating space for contents, adding
filename entry to directory, creating inode for metadata and writing
out the actual contents).

If you run async file systems, these can happen in any random order,
and if you have a crash while files are being created (and deleted)
any of these may or may not have happened. BSD ffs does these mostly
in order (where softdep can change/delay some of them) which means
that fsck for ffs can know that if step 3 isn't done, step 4 will not
have started either.

For e2fsck, all possible combinations must be explored. Adding to
this, ext filesystems don't seem to have any kind of way to express "I
found an unchecked error so I am in need of a detailed fsck", which is
why dists using ext2 would have "magic" files like touching /autofsck
and removing said file in order to indicate if last shutdown was good
or bad.

Even with this simplistic method, they would STILL force fsck every
100 days or 58 reboots, because well, you can't tell if there ever was
an error during the last 100 days, since there is no method to mark
the known-broken fs as needing fsck.

In the light of this, the need for a journal (even at the cost of
slightly more IO at times) becomes obvious. The fine folks over at the
penguin camp will rather write to a journal "I am about to create
/tmp/tmp.FSGSGRg3", then send those four operations, then clear the
journal entry again, just so the middle 4 ops can be async, than
"suffer" some ordering in the file system operations.

Now, bsd can run softdep which speeds some writes up, at some cost and
some added risk, and you can certainly mount async and have really
large risks added, but for each of those two steps, I would make very
sure that I had either useless data, or (as suggested) good backups in
place.

As Nick wrote, bsd people tend to like the fact that when your IO
subsystem says "the data is on the disk", it actually is there. Ext4
had a nice period* when "on the disk" meant "it will be on disk in 2
and a half minutes" even for atomic operations. You can imagine how
many people managed to have issues or lose power in the span of 150
seconds. I think they shortened the time, but the amount of tears
needed for the "go fast even if you go in the wrong direction" crowd
to change their minds was quite large.

To me, it is like usb writing speeds. OpenBSD will have dog slow
speed. But it will also allow you to unmount the device when the write
is finished. Other common OSes will tell you "done!" in a few seconds,
then the stick is still blinking, and you ask to unmount and then it
still takes this long amount of time because it was just lying to you
about the writes being finished. If I am to wait 30 seconds to write a
large ISO to my stick, I'd rather have the computer show me it is
working, instead of hoping I would write the file in "three" seconds
and then read comics for 27 seconds before unmounting so I don't
notice the discrepancy.

*)  
https://www.pointsoftware.ch/2014/02/05/linux-filesystems-part-4-ext4-vs-ext3-and-why-delayed-allocation-is-bad/

-- 
May the most significant bit of your life be positive.