Re: "OpenBSD Doc" App idea
On 8/9/23 00:27, Daniele B. wrote: Just pushing myself over any device limit.. I just searched the App Stores for "Unix" and related ones and wondering if we can hope to have an "OpenBSD Doc" app beside a "FreeBSD Doc" app anytime soon? Anyone's offer? Yes I'm talking to you.. ;D Nothing stopping you from writing one. About the only thing you can't do without prior permission is imply any sort of "official" status for said software. Mark it clearly as being an unofficial third-party tool, and you shouldn't have any problems legally. (If in doubt, consult a lawyer.) Having one that pulls the latest docs from a CVS mirror then renders them on the fly could be nice I guess if done well. If done poorly, it'll be a nightmare for all concerned (CVS mirror admins included). Another option might be to pull the docs from the Github mirror. Sure, won't be 100% latest, since the official upstream is CVS with the Github mirror a "best effort" secondary concern… but at least if you hammer it with a poorly written client, it'll be Microsoft's problem not an issue for the OpenBSD mirror admins. The rest of us can just use the website or man pages the way we've always done. -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere.
Re: "OpenBSD Doc" App idea
Not quite. Haikus have a 5-7-5 pattern. But, with a few subtle modifications, it can be: Without reading more, you are either trolling, or fucking retarded. It does grow tiresome, Daniele. Read the room a little bit. On 9/7/23 14:30, Jan Stary wrote: Without even reading ahead: you are either trolling or just fucking retarded. (Is that a haiku?) On Sep 07 16:27:18, my2...@has.im wrote: Hello, Just pushing myself over any device limit.. I just searched the App Stores for "Unix" and related ones and wondering if we can hope to have an "OpenBSD Doc" app beside a "FreeBSD Doc" app anytime soon? Anyone's offer? Yes I'm talking to you.. ;D -- Daniele Bonini
Re: DisplayPort to HDMI DRM error report
Try also with less beer sometime solve. >It's not you, it's me. >I configured the wrong switch port. :/ >Should work now. >Mischa
rmt, rcmd, /etc/hosts.equiv and .rhosts
Hello, Just investigating about /etc/hosts.equiv and ~/.rhosts and I was quite serious to think that my system doesn't need both of them I then start to look carefully my /etc and discovered a link that read like this: 0 lrwxrwx--- 1 root wheel 13 Mar 25 17:14 /etc/rmt -> /usr/sbin/rmt man rmt: rmt is a program used by the remote dump and restore programs through an interprocess communication connection. Traditionally it is used for manipulating a magnetic tape drive but it may be used for regular file access as well. rmt is normally started up with an rcmd(3) or rcmdsh(3) call. [...] BUGS: People tempted to use this for a remote file access protocol are discouraged. man rcmd: The rcmd() function is used by the superuser to execute a command on a remote machine using an authentication scheme based on reserved port numbers. [...] The rresvport() and rresvport_af() functions return a descriptor to a socket with an address in the privileged port space. [...] The ruserok() function takes a remote host's name, two user names, and a flag indicating whether the local user's name is that of the superuser. Then, if the user is not the superuser, it checks the /etc/hosts.equiv file. If that lookup is not done, or is unsuccessful, the .rhosts in the local user's home directory is checked to see if the request for service is allowed. If this file does not exist, is not a regular file, is owned by anyone other than the user or the superuser, or is writeable by anyone other than the owner, the check automatically fails. Zero is returned if the machine name is listed in the hosts.equiv file, or the host and remote user name are found in the .rhosts file; otherwise ruserok() returns -1. man rcmdsh: The rcmdsh() function is used by normal users to execute a command on a remote machine using an authentication scheme based on reserved port numbers using ssh(1) or the value of rshprog (if non-null). SUPERBUG (by myself): One can be "tempted" to think to a ruserok() function that hacked can return always OK (0) and otherwise one can always revert to rcmdsh() with the help of a "good" rshprog. I'm here to ask enlightment about the opportunity to define /etc/hosts.equiv and ~/.rhosts but mainly if it is still the case (and why) to have this rmt link in etc. Last if not first, what is the best practice to defend myself form BUG and SUPERBUG listed above. Thanks, appreciated. -- Daniele Bonini
Re: Update from 6.5 to 7.3
> On Sep 9, 2023, at 00:54, Alessandro Baggi wrote: >> Il 08/09/23 19:54, Marc Espie ha scritto: >> On Fri, Sep 08, 2023 at 06:36:57PM +0200, Alessandro Baggi wrote: >>> >>> Il 08/09/23 18:24, Peter N. M. Hansteen ha scritto: On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote: > I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. > This > is a firewall. If you are planning to go the supported route and upgrade from release to release, you have eight rounds of upgrading ahead. >>> >>> Actually I upgraded from 6.5 to 7.0 and I learned many new things. Wow...I >>> love OpenBSD. >> Please tell us about your experience ! it's probably going to be rather >> interesting. > > The process is really easy I’ll echo Alessandro’s comments, and add: I’ve been upgrading two OpenBSD Vultr instances since at LEAST 6.4. I can say this authoritatively because I have a directory for each release, with a “Pre” and “Post” file of what to do. I’m actually pretty sure I’ve done it since 6.0, but wasn’t smart enough to keep notes back then. My general process is: * Clone the instance to a new instance * Upgrade the clone and walk through everything in the upgradeXX.html page * sysupgrade * sysmerge * pkg_add -u * pkg_delete -a (check what it does!) * sysclean (confirm what it’s deleting!) * syspatch * reboot * Rinse and repeat until everything comes up cleanly, documenting the things that often have to be handled: * Sysmerge issues (usually pretty straightforward, but sometimes I do wish I could (easily) use sdiff. :-) (it’s pretty easy to do it “manually”, but it took me a few tries to figure it out). * pkg_add -u issues (I’m lookin’ at you, PHP. OMG. I run roundcube, and every other release I have to put back in some extensions to PHP.). <- THIS IS WHERE THE NOTES ARE HELPFUL (doing the same thing over and over again). * The VERY rare “and make sure you do before you even start” type stuff * Take a snapshot * Run the upgrade process with the notes. To date, I’ve never had to revert to the snapshot for a failure. I got WAY behind when OpenSMTPD changes syntax on a bunch of stuff, so I did 6.4->7.1 in like a month. Note, these are my production mail servers (yeah, personal mail servers, but still — the family is NOT happy when mail doesn’t work). The biggest hiccup was having to ask Vultr to mark the instance as an OpenBSD 7.0 instance (which fixed some vm problem causing my instance to reboot randomly). This worked so well, I started to do it for the ALIX/APUs at the house I use for firewalls. Generally, same process. Before that, I had a git repository of installation scripts (I still have that, and used it to go from the ALIX to the APU firewalls, rather than just copying files — keeps the installation bits fresh. :-)). I’ll also say that the more you understand what you’re running on the system, how it’s configured, and how it works, the easier it is when something unexpected happens. So don’t just install using recipes on the web. I mean, it’s fine to use them as a guide, but understand what each step is doing, and why. It really helps a couple of years later when you’re upgrading, and something breaks. Sean
xscreensaver-settings keeps on crashing
This is incredibly frustrating and has remained a problem throughout upgrades! Do I rebuild xenocara? Anyone know how to fix this? xscreensaver-settings crashes: " $ xscreensaver-settings xscreensaver-settings: 13:47:37: X error: xscreensaver-settings: Failed request: BadMatch (invalid parameter attributes) xscreensaver-settings: Major opcode: 42 (X_SetInputFocus) xscreensaver-settings: Resource id: 0x143 xscreensaver-settings: Serial number: 454 / 456 $ "
Re: unbound and root.hints
Il 09/09/23 16:54, Otto Moerbeek ha scritto: On Sat, Sep 09, 2023 at 04:45:51PM +0200, Alessandro Baggi wrote: Hi list, when using unbound on OpenBSD 6.5 in the default configuration unbound comes with root.hints file. Upgrading to OpenBSD 7.3 I noticed that root.hints is not more supplied but unbound manual page says: "root-hints: read the root hints from this file. Default is nothing, using builtin hints for the IN class. The file has the format of zone files, with root nameserver names and addresses only. The default may become outdated, when servers change, therefore it is good practice to use a root-hints file." Where I can find root-hints file? Thank you in advance. https://www.iana.org/domains/root/files But don't worry too much, as long as at least one IP in the (builtin) hints works, a DNS resolver can bootstrap. -Otto Hi Otto, thank you for your answer and the resource. Best regards
Re: unbound and root.hints
On Sat, Sep 09, 2023 at 04:45:51PM +0200, Alessandro Baggi wrote: > Hi list, > when using unbound on OpenBSD 6.5 in the default configuration unbound comes > with root.hints file. > > Upgrading to OpenBSD 7.3 I noticed that root.hints is not more supplied but > unbound manual page says: > > "root-hints: > read the root hints from this file. Default is nothing, using > builtin hints for the IN class. The file has the format of zone > files, with root nameserver names and addresses only. The > default may become outdated, when servers change, therefore it > is good practice to use a root-hints file." > > Where I can find root-hints file? > > Thank you in advance. > https://www.iana.org/domains/root/files But don't worry too much, as long as at least one IP in the (builtin) hints works, a DNS resolver can bootstrap. -Otto
unbound and root.hints
Hi list, when using unbound on OpenBSD 6.5 in the default configuration unbound comes with root.hints file. Upgrading to OpenBSD 7.3 I noticed that root.hints is not more supplied but unbound manual page says: "root-hints: read the root hints from this file. Default is nothing, using builtin hints for the IN class. The file has the format of zone files, with root nameserver names and addresses only. The default may become outdated, when servers change, therefore it is good practice to use a root-hints file." Where I can find root-hints file? Thank you in advance.
Re: Update from 6.5 to 7.3
Il 08/09/23 19:54, Marc Espie ha scritto: On Fri, Sep 08, 2023 at 06:36:57PM +0200, Alessandro Baggi wrote: Il 08/09/23 18:24, Peter N. M. Hansteen ha scritto: On Fri, Sep 08, 2023 at 10:01:45AM +0200, Alessandro Baggi wrote: I've a problem. I need to upgrade OpenBSD from 6.5 to 7.3 on an APU2D. This is a firewall. The problem is that I cannot find older ISO of OpenBSD. Can someone point me in the right direction? If you are planning to go the supported route and upgrade from release to release, you have eight rounds of upgrading ahead. If this is a firewall that does not do anything else, I would join a few of the other posters here in recommending that you back up the tiny number of files that could differ from a default install do a fresh reinstall, only editing in the things you need from your old /etc/ such as (likely most of) pf.conf. - Peter Actually I upgraded from 6.5 to 7.0 and I learned many new things. Wow...I love OpenBSD. Please tell us about your experience ! it's probably going to be rather interesting. The process is really easy, more easy than on Linux distros. I used media installation images until I learned about sysupgrade, but I can't run it due to cert.pem expired so I did proceed with media installation from 6.5 to 7.0. At 7.0 I copied a valid cert.pem from a 7.3 install and tried to run sysupgrade but it took very long time to get upgrades. I don't know if this is due to my APU2D low resources (on a VM with 7.3 it did very quickly) but sysupgrade stay there for several minutes before starting something (that I can read). I learned also about sysmerge and syspatch, I love this tools. On 6.5 I installed wget with pkg_add and (obviously) running wget from 6.5 to 7.0 got seg fault. So I proceeded to remove all packages installed with pkg_add. Here I learned new things about tool pkg_info. So I reinstalled needed packages with pkg_add. This process is really easy and clean. I learned about a new tool called sysclean but I have not yet tried it. Plus before every upgrade, I read notes from https://www.openbsd.org/faq/upgradeXX.html I got good information about what's updated and what changed for critical services like pf.conf syntax changes. This helped me to reduce errors during upgrade. During the upgrade process from 6.5 to 7.3 I expected a big changes in the system but this is not the case. I love this, OpenBSD (through upgrades) remains modern with new packages (including feautures) and removing unsupported/obsolete software without modifing the core system deeply. The best it does not change to much from 6.5 to 7.0 and this is very good because it maintans a compatibility with scripts and software used in older release (except is some case but it is rare in my usage case). This is not the case of Linux like RHEL upgrades from one major release to another one (I call that a big bang upgrade) where you need to re-deploy all due to incompatibility. Probably the best linux distro that is similar to OpenBSD is Slackware (witch I love) and in second place debian. This is my experiences running upgrades on OpenBSD. PS: I noticed that I can found many resources (blog post, maling list archives, reddit posts) that helped me to solve some problem Best regards
