Re: upgrade i386 kernel to amd64

2020-03-02 Thread Bryan Irvine 
backup your important files, format and re-install.

On Mon, Mar 2, 2020 at 5:16 PM Justin Muir  wrote:

> Hello all,
>
> Running GENERIC i386 kernel on on a 64-bit amd machine. Just wondering
> whether an upgrade amd64 is warranted. Any opinions?
>
> If so, just upgrade system? Re-compile kernel? Other options?
>
>
> tia!
>
> J
>

Re: pledging fork?

2016-04-24 Thread Bryan Irvine 
Can someone commit this please? :-)

--- theo.c 2016-04-24 16:04:34.0 -0700
+++ theo.c.new 2016-04-24 16:05:25.0 -0700
@@ -195,6 +195,7 @@
  "I want a new vax, one that's not so slow.",
  "This sausage is made from unsound meat.",
  "The people who wrote this code are not on your side.",
+"If you can't use ktrace, you should not try to do pledge work.
You are not tall enough to ride.",
 };

 static const int ntalk = sizeof(talk)/sizeof(talk[0]);

On Sun, Apr 24, 2016 at 10:09 AM, Theo de Raadt  wrote:

> If you can't use ktrace, you should not try to do pledge work.
>
> You are not tall enough to ride.
>
> >I'm having a problem with pledge on openbsd
> >
> >#include 
> >void main(void) { pledge("proc", NULL); fork(); }
> >
> >when I run this I get:
> >
> >Program received signal SIGABRT, Aborted.
> >0x05f7309c70ba in mprotect () at :2
> >
> >here is a backtrace
> >
> >#0  0x05f7309c70ba in mprotect () at :2
> >#1  0x05f7309c6cae in *_libc___cxa_finalize (dso=0x0)
> > at /usr/src/lib/libc/stdlib/atexit.c:154
> >#2  0x05f7309c507e in *_libc_exit (status=1702)
> > at /usr/src/lib/libc/stdlib/exit.c:57
> >#3  0x05f44cd009d8 in _start () from testprogram
> >#4  0x in ?? ()
> >
> >would this be a bug in pledge or am I using it wrong?

Re: Install on compact flash

2015-10-19 Thread Bryan Irvine 
I ran native on compact flash as an experiment for 5+ years without ever
changing the CF card. I only migrated away from it because my old soekris
couldn't keep up with my internet speeds once I upgraded. It still boots
and works fine. Personally I found the hassle of maintaining a ramdisk
frankenstein was worse than just replacing the compact flash should it fail
(which it never did.) but of course YMMV.

On Thu, Oct 15, 2015 at 9:19 AM, Paolo Aglialoro  wrote:

> Hello,
>
> I would like to create an embedded amd64 installation, with system running
> on a 8GB 233x CF card attached to an Intel ITX mb.
>
> In order to minimise nand wear off, I would like to put on ramdisk (the
> machine would have 2GB ram, so I believe enough also for that, but I still
> can upgrade it to 4GB if needed) the parts of the file hierarchy with most
> intensive system write I/O, like, for instance, /tmp and I imagine some
> parts of /var.
>
> My questions are two:
> 1. What are the dirs I should take into account to go to ramdisk?
> 2. What is the correct filesystem type to put in fstab for all the entries
> of point 1. in order to store them in ramdisk?
>
> Thanks in advance for ur answers

Re: Ubiquiti EdgeRouter Lite

2015-08-18 Thread Bryan Irvine 
On Tue, Aug 18, 2015 at 5:11 AM, Ted Unangst  wrote:

> Predrag Punosevac wrote:
> > Dear All,
> >
> > I am contemplating buying a new machine which will act as a router/DNS
> > caching server for my home network. Is anybody currently running OpenBSD
> > on the Ubiquiti Networks EdgeRouter LITE in that capacity? I saw that in
> > June 2015 USB support was added which allows installing to local disk on
> > machine. Can anybody point me to a work in progress documentation diff
> > for installing 5.8 octeon port.  I am reading right now
>
> Here are my notes, which are basic, but should be enough to get you
> through if
> you're familiar with openbsd.
> http://www.tedunangst.com/flak/post/OpenBSD-on-ERL
>
>
What kind of network throughput do see? I had to replace my ancient soekris
when I upgraded over 10Mb/s awhile ago. This sounds like a promising
replacement without having to spend $400-$500.

-B

OT: OpenBSD firewalls powering QuakeCon

2015-08-03 Thread Bryan Irvine 
Interesting interview with the guys running the NOC at QuakeCon.

https://www.youtube.com/watch?v=mOv62lBdlXU

Re: Dual-NSD setup management

2015-05-27 Thread Bryan Irvine 
Additionally to all this good advice, you can create multiple loopback
interfaces if you did want to use divert-to. 'ifconfig create lo1' then you
don't need to use weird ports to accomplish things.

On Wed, May 27, 2015 at 4:06 AM, Stuart Henderson 
wrote:

> On 2015-05-26, Felipe Scarel  wrote:
> > after reading some documentation on the NSD manpage and online, it
> > seems there's no support for views as offered with BIND. I've gathered
> > that the general suggestion is to run two separate instances (running
> > on 127.0.0.1, for example), and divert traffic from pf depending on
> > the connecting source-address.
>
> What are you using views *for*?
>
> If it's to present some internal-only hosts to a trusted network that
> is also using you as a resolver, just use local-data entries in unbound
> for internal use, and run NSD facing external hosts. Simple setup and
> fairly easy to use.
>
> If it's something more complex (i.e. where you have other resolvers
> querying you and need to present different views to these based on IP
> address etc) then yes you will need two separate authoritative servers
> (or you could keep using BIND for this job of course).

Re: DigitalOcean's BSD debut is FreeBSD only

2014-12-16 Thread Bryan Irvine 
FWIW I have an OpenBSD 'box' with rootbsd.net. Never a single issue ever.

On Tue, Dec 16, 2014 at 7:10 AM,  wrote:
>
> Hi,
>
> It seems that DigitalOcean's BSD debut is going to be FreeBSD only. We, in
> the OpenBSD community, are being asked to open up a separate UserVoice vote
> for OpenBSD -- despite the fact that we've worked so hard to promote the
> existing one. So, please drop by and share your frustrations:
>
>
> https://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/3232571-support-bsd-os
> -- I reckon around half the votes are from OpenBSD users.
>
> Many thanks!
>
> O.D.

Re: Smokeping issues on 5.6

2014-11-13 Thread Bryan Irvine 
Probably need to setuid root the fping binaries so the _smokeping user can
run it.

On Thu, Nov 13, 2014 at 12:34 PM, Mxher  wrote:

> Hi all,
>
> I'm not able to start Smokeping on my (recently installed) OpenBSD 5.6.
>
> Here is the issue:
> # smokeping --debug --nodaemon
> Dropping privileges to _smokeping ...
> require Smokeping::probes::FPing6 failed: Can't locate
> Smokeping/probes/FPing6.pm:   Permission denied at (eval 25) line 2,
>  line 110.
>
>
> /etc/smokeping# grep -i fping config
>
> + FPing
> binary = /usr/local/sbin/fping
> + FPing6
> binary = /usr/local/sbin/fping6
> probe = FPing
> probe = FPing6
> probe = FPing6
> probe = FPing6
> probe = FPing6
> probe = FPing6
> probe = FPing6
>
>
> # sha1 /usr/local/lib/Smokeping/probes/FPing6.pm
> /usr/local/lib/Smokeping/probes/FPing.pm
> SHA1 (/usr/local/lib/Smokeping/probes/FPing6.pm) =
> cb5012474ab1a04f1a364fcf44accffba4621844
> SHA1 (/usr/local/lib/Smokeping/probes/FPing.pm) =
> 7b0acd7b6afb490398892d4863ebbb4f91b275a4
>
>
> Am I missing something? Any ideas?
>
> Thanks.
>
> Mxher

Re: building -stable fails on 5.5

2014-05-21 Thread Bryan Irvine 
I'll try again tonight.  I had rm -rf /usr/src/* and /usr/ob/* prior to
copying and pasting the commands directly from the faq including the cvs
checkout.  If it's working for others I must not be doing something right.


On Wed, May 21, 2014 at 12:13 PM, Stuart Henderson wrote:

> On 2014-05-21, Bryan Irvine  wrote:
> > I did another cvs up -Pd last night and re-attempted the build, and it
> > still fails in the same place. I'm not sure how to proceed with getting
> > -stable built.
>
> Standard debug things if you're running into a build issue:
>
> - make sure /usr/obj is clean before you start
>
> - move away the old source tree and fetch a new one (or make absolutely
> sure you have a clean tree; note "cvs up" returning no results is *not*
> enough - cvs ignore some files by default)
>
> - make sure you 'make obj' before building

Re: building -stable fails on 5.5

2014-05-21 Thread Bryan Irvine 
I did another cvs up -Pd last night and re-attempted the build, and it
still fails in the same place. I'm not sure how to proceed with getting
-stable built.


On Wed, May 14, 2014 at 9:44 PM, Bryan Irvine  wrote:

> I can't seem to get -stable to build. It fails at exactly this spot every
> time.  The kernel and xorg compiles to release just fine.
>
> ...
> Creating Makefile in src/main
> Creating Makefile in src/modules/standard
> diff -u /usr/src/usr.sbin/httpd/src/include/ap_config_auto.h
> /usr/src/usr.sbin/httpd/obj/src/include/ap_config_auto.h.new
> --- /usr/src/usr.sbin/httpd/src/include/ap_config_auto.hTue Dec  9
> 12:33:30 2008
> +++ /usr/src/usr.sbin/httpd/obj/src/include/ap_config_auto.h.new
>  Tue May 13 22:57:59 2014
> @@ -86,14 +86,4 @@
>  #define HAVE_SOCKADDR_LEN 1
>  #endif
>
> -/* build flag: -DMOD_SSL=208116 */
> -#ifndef MOD_SSL
> -#define MOD_SSL 208116
> -#endif
> -
> -/* build flag: -DEAPI */
> -#ifndef EAPI
> -#define EAPI 1
> -#endif
> -
>  #endif /* AP_CONFIG_AUTO_H */
> *** Error 1 in usr.sbin/httpd (Makefile.bsd-wrapper:646
> '/usr/src/usr.sbin/httpd/obj/config.status')
> *** Error 1 in usr.sbin (:48 'all')
> *** Error 1 in . (:48 'all')
> *** Error 1 in /usr/src (Makefile:89 'build')
>
> # cat /usr/src/CVS/Tag
>
> TOPENBSD_5_5
>
> OpenBSD 5.5 (GENERIC) #276: Wed Mar  5 09:57:06 MST 2014
> dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
> cpu0: AMD Sempron(tm) Processor 2800+ ("AuthenticAMD" 686-class, 256KB L2
> cache) 1.61 GHz
> cpu0:
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,SSE3,LAHF
> real mem  = 2129817600 (2031MB)
> avail mem = 2082729984 (1986MB)
> mainbus0 at root
> bios0 at mainbus0: AT/286+ BIOS, date 10/14/05, BIOS32 rev. 0 @ 0xf0010,
> SMBIOS rev. 2.3 @ 0xf0530 (54 entries)
> bios0: vendor American Megatrends Inc. version "0204" date 10/14/2005
> bios0: ASUSTeK Computer Inc. K8V-MX
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S1 S3 S4 S5
> acpi0: tables DSDT FACP APIC OEMB
> acpi0: wakeup devices PCI0(S4) PS2K(S4) PS2M(S4) UAR2(S4) AC97(S4)
> USB1(S4) USB2(S4) USB3(S4) USB4(S4) EHCI(S4) ILAN(S4) PWRB(S4)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: AMD erratum 89 present, BIOS upgrade may be required
> cpu0: apic clock running at 200MHz
> ioapic0 at mainbus0: apid 1 pa 0xfec0, version 3, 24 pins
> ioapic0: misconfigured as apic 2, remapped to apid 1
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus 1 (P0P1)
> acpicpu0 at acpi0
> aibs0 at acpi0 RTMP RVLT RFAN
> acpibtn0 at acpi0: PWRB
> bios0: ROM list: 0xc/0x8200 0xc8800/0x1000
> pci0 at mainbus0 bus 0: configuration mode 1 (bios)
> pchb0 at pci0 dev 0 function 0 "VIA K8M800 Host" rev 0x00
> agp at pchb0 not configured
> pchb1 at pci0 dev 0 function 1 "VIA K8M800 Host" rev 0x00
> pchb2 at pci0 dev 0 function 2 "VIA K8M800 Host" rev 0x00
> pchb3 at pci0 dev 0 function 3 "VIA K8M800 Host" rev 0x00
> pchb4 at pci0 dev 0 function 4 "VIA K8M800 Host" rev 0x00
> pchb5 at pci0 dev 0 function 7 "VIA K8M800 Host" rev 0x00
> ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00
> pci1 at ppb0 bus 1
> vga1 at pci1 dev 0 function 0 "VIA S3 Unichrome PRO IGP" rev 0x01
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> em0 at pci0 dev 11 function 0 "Intel 82541GI" rev 0x05: apic 1 int 16,
> address 00:1b:21:0b:d9:90
> rl0 at pci0 dev 13 function 0 "Realtek 8139" rev 0x10: apic 1 int 18,
> address 00:20:18:8a:46:e2
> rlphy0 at rl0 phy 0: RTL internal PHY
> pciide0 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA
> pciide0: using apic 1 int 20 for native-PCI interrupt
> pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133,
> channel 0 configured to compatibility, channel 1 configured to compatibility
> wd0 at pciide1 channel 0 drive 0: 
> wd0: 16-sector PIO, LBA, 76318MB, 156299375 sectors
> wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
> pciide1: channel 1 disabled (no drives)
> uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
> uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
> uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
> uhci3 at pci0 d

building -stable fails on 5.5

2014-05-14 Thread Bryan Irvine 
I can't seem to get -stable to build. It fails at exactly this spot every
time.  The kernel and xorg compiles to release just fine.

...
Creating Makefile in src/main
Creating Makefile in src/modules/standard
diff -u /usr/src/usr.sbin/httpd/src/include/ap_config_auto.h
/usr/src/usr.sbin/httpd/obj/src/include/ap_config_auto.h.new
--- /usr/src/usr.sbin/httpd/src/include/ap_config_auto.hTue Dec  9
12:33:30 2008
+++ /usr/src/usr.sbin/httpd/obj/src/include/ap_config_auto.h.newTue
May 13 22:57:59 2014
@@ -86,14 +86,4 @@
 #define HAVE_SOCKADDR_LEN 1
 #endif

-/* build flag: -DMOD_SSL=208116 */
-#ifndef MOD_SSL
-#define MOD_SSL 208116
-#endif
-
-/* build flag: -DEAPI */
-#ifndef EAPI
-#define EAPI 1
-#endif
-
 #endif /* AP_CONFIG_AUTO_H */
*** Error 1 in usr.sbin/httpd (Makefile.bsd-wrapper:646
'/usr/src/usr.sbin/httpd/obj/config.status')
*** Error 1 in usr.sbin (:48 'all')
*** Error 1 in . (:48 'all')
*** Error 1 in /usr/src (Makefile:89 'build')

# cat /usr/src/CVS/Tag

TOPENBSD_5_5

OpenBSD 5.5 (GENERIC) #276: Wed Mar  5 09:57:06 MST 2014
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Sempron(tm) Processor 2800+ ("AuthenticAMD" 686-class, 256KB L2
cache) 1.61 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,SSE3,LAHF
real mem  = 2129817600 (2031MB)
avail mem = 2082729984 (1986MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 10/14/05, BIOS32 rev. 0 @ 0xf0010,
SMBIOS rev. 2.3 @ 0xf0530 (54 entries)
bios0: vendor American Megatrends Inc. version "0204" date 10/14/2005
bios0: ASUSTeK Computer Inc. K8V-MX
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC OEMB
acpi0: wakeup devices PCI0(S4) PS2K(S4) PS2M(S4) UAR2(S4) AC97(S4) USB1(S4)
USB2(S4) USB3(S4) USB4(S4) EHCI(S4) ILAN(S4) PWRB(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: AMD erratum 89 present, BIOS upgrade may be required
cpu0: apic clock running at 200MHz
ioapic0 at mainbus0: apid 1 pa 0xfec0, version 3, 24 pins
ioapic0: misconfigured as apic 2, remapped to apid 1
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (P0P1)
acpicpu0 at acpi0
aibs0 at acpi0 RTMP RVLT RFAN
acpibtn0 at acpi0: PWRB
bios0: ROM list: 0xc/0x8200 0xc8800/0x1000
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "VIA K8M800 Host" rev 0x00
agp at pchb0 not configured
pchb1 at pci0 dev 0 function 1 "VIA K8M800 Host" rev 0x00
pchb2 at pci0 dev 0 function 2 "VIA K8M800 Host" rev 0x00
pchb3 at pci0 dev 0 function 3 "VIA K8M800 Host" rev 0x00
pchb4 at pci0 dev 0 function 4 "VIA K8M800 Host" rev 0x00
pchb5 at pci0 dev 0 function 7 "VIA K8M800 Host" rev 0x00
ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "VIA S3 Unichrome PRO IGP" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
em0 at pci0 dev 11 function 0 "Intel 82541GI" rev 0x05: apic 1 int 16,
address 00:1b:21:0b:d9:90
rl0 at pci0 dev 13 function 0 "Realtek 8139" rev 0x10: apic 1 int 18,
address 00:20:18:8a:46:e2
rlphy0 at rl0 phy 0: RTL internal PHY
pciide0 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA
pciide0: using apic 1 int 20 for native-PCI interrupt
pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133,
channel 0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide1 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 76318MB, 156299375 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide1: channel 1 disabled (no drives)
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: apic 1 int 21
ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: apic 1 int 21
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1
viapm0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00: SMI
iic0 at viapm0
spdmem0 at iic0 addr 0x50: 1GB DDR SDRAM non-parity PC3200CL3.0
spdmem1 at iic0 addr 0x51: 1GB DDR SDRAM non-parity PC3200CL3.0
auvia0 at pci0 dev 17 function 5 "VIA VT8233 AC97" rev 0x60: apic 1 int 22
ac97: codec id 0x41445368 (Analog Devices AD1888)
ac97: codec features headphone, 20 bit DAC, No 3D Stereo
audio0 at auvia0
vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x78: apic 1 int 23,
address 00:15:f2:4c:31:e6
rlphy1 at vr0 phy 1: RTL8201L 10/100 PHY, rev. 1
pchb6 at pci0 dev 24 function 0 "AMD AMD64 0Fh HyperTransport" rev 0x00
pchb7 at pci0 dev 24 function 1 "AMD AMD64 0Fh Address Map" rev 0x00
pchb8 at p

Re: Is Soekris OpenBSD friendly?

2013-11-15 Thread Bryan Irvine 
OpenBSD is listed under Software on the page you linked.  As I understand
it the people who developed CARP did it on Soekris hardware, and this demo
was done using soekris 4801's. (but don't quote me on that, my memory is
hazy).

https://web.archive.org/web/20060323025207/http://os.newsforge.com/os/06/01/02/1643229.shtml?tid=8&tid=18



On Fri, Nov 15, 2013 at 4:03 PM, SmithS  wrote:

> Greetings misc@.  After coming across a link[1] to make an OpenBSD
> router using a "Soekris" device, I think I will make one.  Does anyone
> else have this hardware and can verify all the components work?
> I think Intel NICs are good, but everything else?  I have never heard
> of this brand before so I want to be safe before buying.  The model
> number[2] is "6501-30"
>
> [1] http://www.bsdnow.tv/tutorials/openbsd-router
> [2] https://soekris.com/products/net6501/net6501-30-board-case.html
>
> greetz,
> SmithS

Re: Can't boot Loongson after upgrade from 5.2 -> 5.3

2013-06-19 Thread Bryan Irvine 
but it booted and ran the installer?


On Wed, Jun 19, 2013 at 8:00 AM, John Long  wrote:

> A fresh install also doesn't boot and using PMON to boot into it fails the
> same way as on the old install. Well crap. That was unexpected.
>
> PMON> boot -k /dev/fs/ext2@wd0/boot/boot
> Loading file: /dev/fs/ext2@wd0/boot/boot (elf)
> (elf)
> 0x81e2/44368 + 0x81e2ad50/4400(z) +
> >> OpenBSD/loongson BOOT 0.3
> booting wd0a:/bsd: 4988544+588976=0x551db0
> 804fde94 a088 .word   a088  # . . . .
> PMON>
>
> Thanks,
>
> /jl
>
> --
> ASCII ribbon campaign ( ) Powered by Lemote Fuloong
>  against HTML e-mail   X  Loongson MIPS and OpenBSD
>and proprietary/ \http://www.mutt.org
>  attachments /   \  Code Blue or Go Home!
>  Encrypted email preferred  PGP Key 2048R/DA65BC04

Re: Suspend/Resume on Lemote Yeeloong netbook

2013-06-06 Thread Bryan Irvine 
oops, replied to only Miod.


On Thu, Jun 6, 2013 at 9:43 AM, Bryan Irvine  wrote:

>
>
>
> On Wed, Jun 5, 2013 at 9:25 PM, Miod Vallat  wrote:
>
>> > I have installed OpenBSD onto my Lemote netbook, and have apmd running
>> on
>> > startup. If I run the command 'zzz' the computer suspends perfectly.
>> > However, on turning the machine back on, it boots as normal, with
>> complains
>> > about being uncleanly shutdown.
>>
>> How did you `turn the machine back on'?
>>
>> > On closing the lid of the netbook, the computer remains on.
>>
>> OpenBSD is not able to detect lid close on the Yeeloong at the moment.
>>
>> > So, simply put, how can I make suspend/resume work? I'm happy to run the
>> > 'zzz' command instead of closing the lid, I'd just like to know how to
>> make
>> > it work at all.
>>
>> Suspend: zzz
>> Resume: press any key or the touchpad. Do not touch the power button.
>>
>
This only intermittently works on my 8089B.

Re: Upgrading 3.8 to current

2012-10-13 Thread Bryan Irvine 
You will need some planning. Pf syntax changed quite a bit a couple releases
back.

I'd consider backing up the files converting pf.conf to the new syntax and
doing a clean install of 5.2 (out soon).


-Bryan

On Oct 13, 2012, at 9:47 AM, Matt Morrow  wrote:

> After dealing with a number of issues due to an old 3.8 install which have
> been resolved in current releases, I think I'm going to do the individual
> release upgrades (3.8->3.9->4.0, etc etc)
>
> The 3.9 upgrade guide says:
>
> pfsync(4) 
has
> changed format, so it can not keep state between a 3.8 and a 3.9 box.
> Mismatched systems will lose all connections when you switch which box is
> master, as states will not be transfered between systems. You can minimize
> the impact of this by upgrading your backup boxes first, so there is only
> one loss of active states.
>
>
> Can anyone explain what that means in terms of my existing pf configuration
> working as a simple router with a port forward? Does this simply mean that
> during the upgrade, if I had multiple servers running, that boxes would
> temporarily lose connectivity during the upgrade as they wouldnt switch
> over to a backup server automatically?

Re: Fuloong: how to boot single user mode from pmon?

2012-07-17 Thread Bryan Irvine 
On Tue, Jul 17, 2012 at 1:41 PM, Miod Vallat  wrote:
>> This is still based on the fairly old Loongson 2F; the gen-3 CPUs being
>> available only in laptops, right? Not the easiest naming scheme to
>> follow...
>
> Nope, you are confusing things.
>
> 1, 1A, 1B: 32-bit only processors. Move along.
>
> 2, 2A, 2B, 2C: 64-bit but extra instructions conflict with official MIPS
> opcode assignment. ``Oops''. Hard to find, if at all, nowadays.
>
> 2D: I'm not sure it has even shipped.
>
> 2E: found on the first Fuloong generation; might run OpenBSD/loongson,
> some tinkering work probably necessary, impossible to find at least in
> Europe (in other words: I have not been able to get one, therefore I can
> not confirm it works, and I won't bother unless one 2E system shows up
> in my mailbox or on my doorstep).
>
> 2F: found on the currently available systems: Fuloong 2F (6003, 6004),
> Yeeloong laptop, Linloong all-in-one PC (with 17" LCD). All these
> systems are supported, a not-so-insignificant number of our developers
> have one, and they work well.
>
> 2G: fixed 2F without the branch prediction bug. I am told the recent
> Yeeloong and Fuloong are fit with 2G processors. I am not even sure
> these can be told apart in software, as 2G supposedly reports itself as
> a 2F level.
>
> 3A: the long-awaited new generation. Supposed to ship in Q3 2010, then
> S2 2011, then S1 2012, then ``anytime soon''. I know that the GCC
> compile farm has two dekstop 3A motherboards, and one of the
> FreeBSD/mips mailing list subscribers has got one about two weeks ago,
> too. I have no idea how he got his, given that the systems are still not
> available to mere mortals. I am not expecting such systems to be
> available until next year (and I'd really like to get a motherboard,
> rather than
> yet-another-laptop-which-keyboard-will-die-after-two-months, but beggers
> can't be choosers).
>

You can order a 3f 'sample' laptop but it is considered
pre-production, and the cost is over $800 US. Though I'm not sure if
that's how the FreeBSD user got theirs.

-B

Re: bsd.rd anonymous ftp login broken?

2012-07-11 Thread Bryan Irvine 
On Wed, Jul 11, 2012 at 12:55 PM, Jan Stary  wrote:
> Trying to reinstall with the current i386/bsd.rd.
> All goes well until I actually select a ftp mirror,
> and asked for the ftp login, I accept the default of
> 'anonymous'. It keeps asking:
>
> ftp login ? anonymous [enter]
> ftp login ? anonymous [enter]
> ftp login ? anonymous [enter]
>
> and never gets past this.
>
> Tried with different ftp mirrors,
> so it's not that the one mirror is broken.

Works for me.  Are you behind something?

-Bryan

Re: OpenBSD's webpage desing

2012-06-27 Thread Bryan Irvine 
On Wed, Jun 27, 2012 at 10:48 AM, Bret Lambert 
wrote:
>> PHP is like s early 2000s.  When's Python gonna go into base?
>
> You're behind the times; python's been replaced by ruby running on top
> of mongodb

ah crap! Off to buy a bunch of O'Reilly books about that.

I guess that means migrating the mailing lists to Diaspora then?

Re: OpenBSD's webpage desing

2012-06-27 Thread Bryan Irvine 
On Tue, Jun 26, 2012 at 8:02 PM, Theo de Raadt 
wrote:
>> > On Tue, Jun 26, 2012 at 3:24 PM,  wrote:
>> > > I'd prefer the (small) team of developers to work on the code.
>> >
>> > Well, that's a false dichotomy: not all OpenBSD committers work on the
>> > code. A handful work primarily on maintaining the website and/or
>> > documentation, because that's an important job too.
>> >
>> >
>> Fair enough, I am not a developer, so it was entirely my 2c.
>>
>> I'm sure there are a lot of people who pop up and offer to do stuff but
when the
>> going gets tough and not much fun, they melt away like snowflakes.  I've
seen it
>> in a number of organisations - lots of ideas, not enough implementers (if
>> there's such a word.)
>
> Yeah.  I get mails like that.  "We can make this much prettier using php".

PHP is like s early 2000s.  When's Python gonna go into base?

/me ducks

Re: OpenBSD's webpage desing

2012-06-26 Thread Bryan Irvine 
On Tue, Jun 26, 2012 at 2:46 PM, Pablo Velasco Fernández
 wrote:
> Hi. I was loolong the FreeBSD web page. And its a cool page with a cool
> desing. Maybe OpenBSD should change their own page to a most "visual" web
> page. ( Its only my opinion ) What do you think?
>

I'm on freebsd page with lynx and don't see what you're talking about.  :)

-B

Re: OpenBSD forked

2012-06-21 Thread Bryan Irvine 
On Thu, Jun 21, 2012 at 12:30 PM, Miod Vallat  wrote:
>> I do hope they succeed on that matter at least.  If they can't even
>> get amd64/i386/arm working with LLVM, then it's a rough road ahead for
>> us when we also have to worry about sparc, sh, mips, hppa, vax, and
>> m88k too.
>
> There's always the possibility to split OpenBSD, `outsourcing' the
> platforms which do not matter except to crazy nutcases to `RusticBSD'.


I still have high hopes for jigglypuffbsd.

Re: Learning C Programming

2012-06-21 Thread Bryan Irvine 
On Thu, Jun 21, 2012 at 10:55 AM, Amit Kulkarni  wrote:
>>  Talk about learning C Programming and the K&R book being a good one.  Is
>> this the book?
>>
>> http://www.amazon.com/C-Programming-Language-2nd-Edition/dp/0131103628
>
> yes it is, and i am surprised it is ~ $50. it is such a small book.
>

That does seem a little bit high.  I don't remember what I got mine
for years ago.

That being said, it is worth a pile of "Learn C in num time" books.  :-)

Re: Learning C Programming

2012-06-21 Thread Bryan Irvine 
On Thu, Jun 21, 2012 at 10:37 AM, cody chandler
 wrote:
> Hello,
>
>  Talk about learning C Programming and the K&R book being a good one.  Is
> this the book?
>
> http://www.amazon.com/C-Programming-Language-2nd-Edition/dp/0131103628
>
> Figured it would be best to start new instead of keeping the Chat forked
> and moving away from the topid of the OBSD Fork.
>

Yup!

That's the one.

-B

Re: errors compiling webkit on lemote

2012-06-17 Thread Bryan Irvine 
On Jun 16, 2012, at 12:45 AM, Janne Johansson  wrote:

> 2012/6/15 Bryan Irvine :
>> On Fri, Jun 15, 2012 at 2:15 AM, Janne Johansson 
wrote:
>>> The ulimits will ultimately be capped by the platform MAXDSIZ, which
>>> for mipses probably is 1G:
>>>
>>> ./arch/mips64/include/vmparam.h:#define MAXDSIZ
>>> (1*1024*1024*1024)  /* max data size */
>>>
>>> ..so that's where "ulimit -d unlimited" will allow at most.
>>
>> Ah, that explains why messing with ulimit didn't seem to make any
difference.
>>
>> Would adjusting that help me in this case?
>
> Can't say. One thing for sure is that the limits are there to make
> sure small-mem systems (32-bits CPUs) dont have their kernel, stack,
> heap, libs and memorymapped I/O areas overlap for any program. Perhaps
> you can up it a bit perhaps not, best way would be to try.
>
> There is a neat dungeon of stuff to read and learn in order to figure
> out what the maximum size for any given platform would be and how it
> affects max stack size, brk() sizes and what not. You are likely to be
> eaten by a grue. =)

Many many grues! I kind of tried a few experiments. Most of them ended badly
the rest didn't affect anything at all. *sigh*

Re: errors compiling webkit on lemote

2012-06-15 Thread Bryan Irvine 
On Fri, Jun 15, 2012 at 2:15 AM, Janne Johansson  wrote:
> The ulimits will ultimately be capped by the platform MAXDSIZ, which
> for mipses probably is 1G:
>
> ./arch/mips64/include/vmparam.h:#define MAXDSIZ
> (1*1024*1024*1024)      /* max data size */
>
> ..so that's where "ulimit -d unlimited" will allow at most.

Ah, that explains why messing with ulimit didn't seem to make any difference.

Would adjusting that help me in this case?

Re: errors compiling webkit on lemote

2012-06-14 Thread Bryan Irvine 
On Thu, Jun 14, 2012 at 6:13 AM, Rafael Sadowski 
wrote:
> On Wed Jun 13, 2012 at 05:03:14PM -0700, Bryan Irvine wrote:
>> Lines leading up the errors:
>> gmake[1]: Entering directory `/home/ports/pobj/webkit-1.6.1/webkit-1.6.1'
>> /usr/ports/infrastructure/bin/libtool   --tag=CXX   --mode=compile c++
>> -DHAVE_CONFIG_H -I.  -Wall -W -Wcast-align -Wchar-subscripts
>> -Wreturn-type -Wformat -Wformat-security -Wno-format-y2k -Wundef
>> -Wmissing-format-attribute -Wpointer-arith -Wwrite-strings
>> -Wno-unused-parameter -Wno-parentheses -fno-exceptions
>> -DENABLE_GLIB_SUPPORT=1 -DBUILDING_CAIRO__=1 -DBUILDING_GTK__=1
>> -DWTF_CHANGES -DXP_UNIX -DWTF_USE_ICU_UNICODE=1
>> -DWTF_USE_GSTREAMER=1 -DGTK_API_VERSION_2=1 -DNDEBUG   -I./Source
>> -I./Source/JavaScriptCore -I./Source/JavaScriptCore/API
>> -I./Source/JavaScriptCore/assembler -I./Source/JavaScriptCore/bytecode
>> -I./Source/JavaScriptCore/bytecompiler -I./Source/JavaScriptCore/dfg
>> -I./Source/JavaScriptCore/heap -I./Source/JavaScriptCore/debugger
>> -I./Source/JavaScriptCore/ForwardingHeaders
>> -I./Source/JavaScriptCore/interpreter -I./Source/JavaScriptCore/jit
>> -I./Source/JavaScriptCore/jit -I./Source/JavaScriptCore/parser
>> -I./Source/JavaScriptCore/profiler -I./Source/JavaScriptCore/runtime
>> -I./Source/JavaScriptCore/wtf -I./Source/JavaScriptCore/wtf
>> -I./Source/JavaScriptCore/wtf/gobject
>> -I./Source/JavaScriptCore/wtf/gtk -I./Source/JavaScriptCore/wtf/text
>> -I./Source/JavaScriptCore/wtf/unicode -I./Source/JavaScriptCore/yarr
>> -I./Source/JavaScriptCore -I./Source/JavaScriptCore/parser
>> -I./Source/JavaScriptCore/runtime -I/usr/local/include/libpng
>> -I/usr/local/include -I/usr/X11R6/include -fno-rtti -fstrict-aliasing
>> -O3  -I/usr/local/include/glib-2.0 -I/usr/local/lib/glib-2.0/include
>> -D_REENTRANT  -I/usr/local/include  -O2 -pipe -MT
>> Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo -MD
>> -MP -MF
Source/JavaScriptCore/parser/.deps/libjavascriptcoregtk_1_0_la-Lexer.Tpo
>> -c -o Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo
>> `test -f 'Source/JavaScriptCore/parser/Lexer.cpp' || echo
>> './'`Source/JavaScriptCore/parser/Lexer.cpp
>> c++ -DHAVE_CONFIG_H -I. -Wall -W -Wcast-align -Wchar-subscripts
>> -Wreturn-type -Wformat -Wformat-security -Wno-format-y2k -Wundef
>> -Wmissing-format-attribute -Wpointer-arith -Wwrite-strings
>> -Wno-unused-parameter -Wno-parentheses -fno-exceptions
>> -DENABLE_GLIB_SUPPORT=1 -DBUILDING_CAIRO__=1 -DBUILDING_GTK__=1
>> -DWTF_CHANGES -DXP_UNIX -DWTF_USE_ICU_UNICODE=1 -DWTF_USE_GSTREAMER=1
>> -DGTK_API_VERSION_2=1 -DNDEBUG -I./Source -I./Source/JavaScriptCore
>> -I./Source/JavaScriptCore/API -I./Source/JavaScriptCore/assembler
>> -I./Source/JavaScriptCore/bytecode
>> -I./Source/JavaScriptCore/bytecompiler -I./Source/JavaScriptCore/dfg
>> -I./Source/JavaScriptCore/heap -I./Source/JavaScriptCore/debugger
>> -I./Source/JavaScriptCore/ForwardingHeaders
>> -I./Source/JavaScriptCore/interpreter -I./Source/JavaScriptCore/jit
>> -I./Source/JavaScriptCore/jit -I./Source/JavaScriptCore/parser
>> -I./Source/JavaScriptCore/profiler -I./Source/JavaScriptCore/runtime
>> -I./Source/JavaScriptCore/wtf -I./Source/JavaScriptCore/wtf
>> -I./Source/JavaScriptCore/wtf/gobject
>> -I./Source/JavaScriptCore/wtf/gtk -I./Source/JavaScriptCore/wtf/text
>> -I./Source/JavaScriptCore/wtf/unicode -I./Source/JavaScriptCore/yarr
>> -I./Source/JavaScriptCore -I./Source/JavaScriptCore/parser
>> -I./Source/JavaScriptCore/runtime -I/usr/local/include/libpng
>> -I/usr/local/include -I/usr/X11R6/include -fno-rtti -fstrict-aliasing
>> -O3 -I/usr/local/include/glib-2.0 -I/usr/local/lib/glib-2.0/include
>> -D_REENTRANT -I/usr/local/include -O2 -pipe -MT
>> Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo -MD
>> -MP -MF
Source/JavaScriptCore/parser/.deps/libjavascriptcoregtk_1_0_la-Lexer.Tpo
>> -c Source/JavaScriptCore/parser/Lexer.cpp -fPIC -DPIC -o
>> Source/JavaScriptCore/parser/.libs/libjavascriptcoregtk_1_0_la-Lexer.o
>> gmake[1]: Leaving directory `/home/ports/pobj/webkit-1.6.1/webkit-1.6.1'
>> *** Error code 2
>>
>> Stop in /home/ports/www/webkit (line 2444 of
>> /usr/ports/infrastructure/mk/bsd.port.mk).
>> *** Error code 1
>>
>> Stop in /home/ports/www/webkit (line 2197 of
>> /usr/ports/infrastructure/mk/bsd.port.mk).
>>
>
> Do you see "VMEM_WARNING=Yes?
>
> Cheers, Rafael

I did.  I increased the limit though they appear to already be at max
values.  When watching top during the compile it never gets to a point
where it needs to swap.

This is what top shows right before it dies:
Memory: Real: 210M/339M act/tot Free: 671M Cache: 674M Swap: 0k/1280M

errors compiling webkit on lemote

2012-06-13 Thread Bryan Irvine 
Lines leading up the errors:
gmake[1]: Entering directory `/home/ports/pobj/webkit-1.6.1/webkit-1.6.1'
/usr/ports/infrastructure/bin/libtool   --tag=CXX   --mode=compile c++
-DHAVE_CONFIG_H -I.  -Wall -W -Wcast-align -Wchar-subscripts
-Wreturn-type -Wformat -Wformat-security -Wno-format-y2k -Wundef
-Wmissing-format-attribute -Wpointer-arith -Wwrite-strings
-Wno-unused-parameter -Wno-parentheses -fno-exceptions
-DENABLE_GLIB_SUPPORT=1 -DBUILDING_CAIRO__=1 -DBUILDING_GTK__=1
-DWTF_CHANGES -DXP_UNIX -DWTF_USE_ICU_UNICODE=1
-DWTF_USE_GSTREAMER=1 -DGTK_API_VERSION_2=1 -DNDEBUG   -I./Source
-I./Source/JavaScriptCore -I./Source/JavaScriptCore/API
-I./Source/JavaScriptCore/assembler -I./Source/JavaScriptCore/bytecode
-I./Source/JavaScriptCore/bytecompiler -I./Source/JavaScriptCore/dfg
-I./Source/JavaScriptCore/heap -I./Source/JavaScriptCore/debugger
-I./Source/JavaScriptCore/ForwardingHeaders
-I./Source/JavaScriptCore/interpreter -I./Source/JavaScriptCore/jit
-I./Source/JavaScriptCore/jit -I./Source/JavaScriptCore/parser
-I./Source/JavaScriptCore/profiler -I./Source/JavaScriptCore/runtime
-I./Source/JavaScriptCore/wtf -I./Source/JavaScriptCore/wtf
-I./Source/JavaScriptCore/wtf/gobject
-I./Source/JavaScriptCore/wtf/gtk -I./Source/JavaScriptCore/wtf/text
-I./Source/JavaScriptCore/wtf/unicode -I./Source/JavaScriptCore/yarr
-I./Source/JavaScriptCore -I./Source/JavaScriptCore/parser
-I./Source/JavaScriptCore/runtime -I/usr/local/include/libpng
-I/usr/local/include -I/usr/X11R6/include -fno-rtti -fstrict-aliasing
-O3  -I/usr/local/include/glib-2.0 -I/usr/local/lib/glib-2.0/include
-D_REENTRANT  -I/usr/local/include  -O2 -pipe -MT
Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo -MD
-MP -MF Source/JavaScriptCore/parser/.deps/libjavascriptcoregtk_1_0_la-Lexer.Tpo
-c -o Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo
`test -f 'Source/JavaScriptCore/parser/Lexer.cpp' || echo
'./'`Source/JavaScriptCore/parser/Lexer.cpp
c++ -DHAVE_CONFIG_H -I. -Wall -W -Wcast-align -Wchar-subscripts
-Wreturn-type -Wformat -Wformat-security -Wno-format-y2k -Wundef
-Wmissing-format-attribute -Wpointer-arith -Wwrite-strings
-Wno-unused-parameter -Wno-parentheses -fno-exceptions
-DENABLE_GLIB_SUPPORT=1 -DBUILDING_CAIRO__=1 -DBUILDING_GTK__=1
-DWTF_CHANGES -DXP_UNIX -DWTF_USE_ICU_UNICODE=1 -DWTF_USE_GSTREAMER=1
-DGTK_API_VERSION_2=1 -DNDEBUG -I./Source -I./Source/JavaScriptCore
-I./Source/JavaScriptCore/API -I./Source/JavaScriptCore/assembler
-I./Source/JavaScriptCore/bytecode
-I./Source/JavaScriptCore/bytecompiler -I./Source/JavaScriptCore/dfg
-I./Source/JavaScriptCore/heap -I./Source/JavaScriptCore/debugger
-I./Source/JavaScriptCore/ForwardingHeaders
-I./Source/JavaScriptCore/interpreter -I./Source/JavaScriptCore/jit
-I./Source/JavaScriptCore/jit -I./Source/JavaScriptCore/parser
-I./Source/JavaScriptCore/profiler -I./Source/JavaScriptCore/runtime
-I./Source/JavaScriptCore/wtf -I./Source/JavaScriptCore/wtf
-I./Source/JavaScriptCore/wtf/gobject
-I./Source/JavaScriptCore/wtf/gtk -I./Source/JavaScriptCore/wtf/text
-I./Source/JavaScriptCore/wtf/unicode -I./Source/JavaScriptCore/yarr
-I./Source/JavaScriptCore -I./Source/JavaScriptCore/parser
-I./Source/JavaScriptCore/runtime -I/usr/local/include/libpng
-I/usr/local/include -I/usr/X11R6/include -fno-rtti -fstrict-aliasing
-O3 -I/usr/local/include/glib-2.0 -I/usr/local/lib/glib-2.0/include
-D_REENTRANT -I/usr/local/include -O2 -pipe -MT
Source/JavaScriptCore/parser/libjavascriptcoregtk_1_0_la-Lexer.lo -MD
-MP -MF Source/JavaScriptCore/parser/.deps/libjavascriptcoregtk_1_0_la-Lexer.Tpo
-c Source/JavaScriptCore/parser/Lexer.cpp -fPIC -DPIC -o
Source/JavaScriptCore/parser/.libs/libjavascriptcoregtk_1_0_la-Lexer.o
gmake[1]: Leaving directory `/home/ports/pobj/webkit-1.6.1/webkit-1.6.1'
*** Error code 2

Stop in /home/ports/www/webkit (line 2444 of
/usr/ports/infrastructure/mk/bsd.port.mk).
*** Error code 1

Stop in /home/ports/www/webkit (line 2197 of
/usr/ports/infrastructure/mk/bsd.port.mk).



Dmesg:

[ using 466480 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2012 OpenBSD. All rights reserved.  http://www.OpenBSD.org

OpenBSD 5.1 (GENERIC) #93: Sun Feb 12 18:10:05 MST 2012
dera...@loongson.openbsd.org:/usr/src/sys/arch/loongson/compile/GENERIC
real mem = 1073741824 (1024MB)
avail mem = 1059160064 (1010MB)
mainbus0 at root: Lemote Yeeloong
cpu0 at mainbus0: STC Loongson2F CPU 797 MHz, STC Loongson2F FPU
cpu0: cache L1-I 64KB D 64KB 4 way, L2 512KB 4 way
bonito0 at mainbus0: memory and PCI-X controller, rev 1
pci0 at bonito0 bus 0
rl0 at pci0 dev 7 function 0 "Realtek 8139" rev 0x10: irq 5, address
00:23:8b:84:6f:40
rlphy0 at rl0 phy 0: RTL internal PHY
smfb0 at pci0 dev 8 function 0 "Silicon Motion LynxEM+" rev 0xb0
wsdisplay0 at smfb0 mux 1: console (std, vt100 emulation)
ohci0 at pci0 dev 9 function 0 "NEC USB" rev 0x44: irq 7, version 1.0
eh

Re: ddb prompt on formerly stable system (4.9)

2012-06-03 Thread Bryan Irvine 
When you get the ddb run ps and trace. Also include dmesg output.



On Jun 3, 2012, at 7:36 PM, ted@comcast.net wrote:

> Hello:
>
> If this is a really stupid question, please be gentle.
>
>
> So, I have had a machine with 4.9 running for a year or so.B  Except for
some
> minor tweaking (changes to pf.conf and the like), nothing has been
installed
> and there have been no major changes to it.
>
>
> This morning (before I came to work), I noticed the system wasn't
> responding.B  I went to the basement, got out my really old laptop as a
serial
> console, and noticed the system was giving a "ddb>" prompt.
>
>
>
> Just for kicks, I reboo ted, and at some point after the networking comes
up,
> the system paniced and gave the "ddb>" prompt again (i can't recall the
error
> - still at work).B  I have been doing some googling in my free time, but
could
> not find anything to help me with the question below.
>
>
>
> Anyway, my stupid question:B  This is almost certainly a hardware problem,
> right?B  A dying disk, or something like that?
>
>
>
> I am just wondering before I invest a lot of time/effort in trying to fix
the
> system.
>
>
>
> Thanks
>
> bye - ted

Re: OpenBSD in April's issue of the CACM

2012-05-29 Thread Bryan Irvine 
On Tue, May 29, 2012 at 1:40 PM, Theo de Raadt 
wrote:
>> I was just reading the April's issue of the Communications of the ACM (the
>> flagship magazine of the Association for Computing Machinery), and noticed
>> that OpenBSD and its developers were mentioned in one article, in a rather
>> negative way:
>>
>> "Unfortunately, there is a segment of the open source community that
>> is
>> incapable of playing well with others, when those others don't play
>> the way
>> they want them to. For those who have not had to deal with these
>>  people, it's
>> a bit like talking to a four-year-old. When you explain
>> checkers to your
>> niece, she might decide that she doesn't like your
>> rules and follows her own
>> rules. You humor her, she's being creative,
>> and this is amusing in a
>> four-year-old. If you were playing chess with a
>>  colleague who suddenly told
>> you that the king could move one, two, or
>> three places in one go, you would
>> be pissed off, because this person
>> would obviously be screwing with you, or
>> insane.  Have I lost my mind?! What does this have to do with VRRP or
network
>> protocols? The
>>  OpenBSD team, led as always by their Glorious Leader (their
>> words, not
>> mine), decided that a RAND license just wasn't free enough for
>> them.
>> They wrote their own protocol, which was completely incompatible with
>> VRRP. Well, you say, that's not so bad; that's competition, and we all
>> know
>> that competition is good and brings better products, and it's the
>> glorious
>> triumph of Capitalism. But there is one last little nit to this
>>  story. The
>> new protocol dubbed CARP (Common Address Redundancy
>> Protocol) uses the exact
>> same IP number as VRRP (112). Most people, and
>> KV includes himself in this
>> group, think this was a jerk move. "Why
>> would they do this?" I hear you cry.
>> Well, it turns out that they
>> believe themselves to be in a war with the
>> enemies of open source, as
>> well as with those opposed to motherhood and apple
>> pie. Stomping on the
>> same protocol number was, in their minds, a strike
>> against their enemies
>>  and all for the good. Of course, it makes operating
>> devices with both
>> protocols in the same network difficult, and it makes
>> debugging the
>> software that implements the protocol nearly impossible."
>> Here is the link to the article:
>>
http://cacm.acm.org/magazines/2012/4/147357-the-network-protocol-battle/abstr
>> act
>>
>> If you are not a member of the ACM, you can read it in ACM Queue, in which
it
>> was published in January: http://queue.acm.org/detail.cfm?id=2090149
>>
>> I somehow feel this is a very distorted view of what really happened.
Perhaps
>> it would be good if somebody "official" wrote a Letter to the Editor
>> (Communications of the ACM publish them in every issue)?
>
> I've seen this discussed in a few places.  It is completely distorted.
> This will be my only mail about this, because there are always people
> who want to rewrite history and the that author is one of them.
>
> We have the email archives of the private communications with IETF,
> IANA, Cisco, HP, Nokia, and other organizations to try to solve this
> protocol/service issue going back almost 2 years before we released
> the first CARP and pfsync code outside our group.
>
> IANA refused to give us new unique protocol and service number because
> we had not gone through the process of following the rules layed out
> by the IETF VRRP guys.
>
> Yet, we had discussions all the way up to the top to try to
> solve this.  Let me quote the signature from one email -- and I had more
> than 30 emails with this guy trying to find a way out of this:
>
>Robert Barr
>Patent Counsel
>Cisco Systems
>408-525-9706
>
> Robert Barr was the one who could have said:  Sure, we abandon the claim
> of HSRP on VRRP, and guess what?  We'd have simply gone to VRRP.
>
> My vrrp email folder has 145 emails in it, all of them leading up to
> the point where we abandoned efforts to work with IETF/IANA/Companies
> and instead deployd a new protocol.  THE TERMS GIVEN TO USE WERE
> IMPOSSIBLE.
>
> IANA was saying that there was *no way in hell* that we would get new
> protocol or service numbers, unless we submitted our work to a
> standards commitee and let them mangle it.  Unlike the CACM author,
> we're not stammering idiots.  We know exactly what would have
> happened.  CARP would have been absorbed into IETF's VRRP plan and
> spat out the other side in a few years with all the patent glue stuck
> to it again.
>
> There were too many people with big skin in the battle, since Alcatel
> and Cisco were using the super lame VRRP / HSRP patent issue as one of
> the components in some huge patent battles they had going on at the
> time.
>
> As a result of the big companies being involved in a patent war, IANA
> abrogated their responsibility of being responsible, and instead
> decided to be as spiteful and unrecognizing of the reason w

Re: puffy copyright infringement?

2012-05-23 Thread Bryan Irvine 
It looks more like this one. :-)

http://www.openbsd.org/art/puffy/puflogv500X325.gif


On Wed, May 23, 2012 at 5:04 PM, David Diggles  wrote:
> Literally, cut and paste.
>
> http://www.openbsd.org/images/tshirt-4.gif
>
> For comparison.
>
> On Wed, May 23, 2012 at 04:50:24PM +0200, frantisek holop wrote:
>> do i see it correctly that this is the openbsd puffy logo?
>>
>> http://www.windowsphone.com/en-GB/apps/3bebd4c5-3514-4df0-a738-fd1db5ae11bf
>>
>> (cookies must be enabled for this idiotic site)
>>
>> -f
>> --
>> i don't have a solution but i really admire the problem.

Re: webcam/mic

2012-04-11 Thread Bryan Irvine 
On Wednesday, April 11, 2012, Miod Vallat wrote:

> > This might be dumb question, but I haven't found the answer anywhere
> > else yet.  I have a lemote 8089b and I'm trying to figure out what
> > software I'd use in order to use the webcam/microphone.  I'm not
> > trying to solve any particular problem other than my own curiosity of
> > how I'd record/ take pictures (video chat would be cool too but is
> > only a bonus).
>
> The webcam doesn't show up in dmesg on the 8101 and the late 8089
> models. I've been trying to fiddle with the registers that supposedly
> enable it, with no reproduceable results, and eventually gave up.
>
> If you're lucky, the webcam enable key combination (should be something
> like Fn-F2) will make it appear and attach as an uvideo device. But I
> wouldn't hold my breath on this.
>
> Miod
>

I tried both with and without holding my breath with no luck.

webcam/mic

2012-04-11 Thread Bryan Irvine 
This might be dumb question, but I haven't found the answer anywhere
else yet.  I have a lemote 8089b and I'm trying to figure out what
software I'd use in order to use the webcam/microphone.  I'm not
trying to solve any particular problem other than my own curiosity of
how I'd record/ take pictures (video chat would be cool too but is
only a bonus).

Here's my dmesg:

OpenBSD 5.0 (GENERIC) #26: Wed Aug 17 10:41:08 MDT 2011
x...@xxx.xxx:/usr/src/sys/arch/loongson/compile/GENERIC
real mem = 1073741824 (1024MB)
avail mem = 1059209216 (1010MB)
mainbus0 at root: Lemote Yeeloong
cpu0 at mainbus0: STC Loongson2F CPU 797 MHz, STC Loongson2F FPU
cpu0: cache L1-I 64KB D 64KB 4 way, L2 512KB 4 way
bonito0 at mainbus0: memory and PCI-X controller, rev 1
pci0 at bonito0 bus 0
rl0 at pci0 dev 7 function 0 Realtek 8139 rev 0x10: irq 5, address
xx:xx:xx:xx:
rlphy0 at rl0 phy 0: RTL internal PHY
smfb0 at pci0 dev 8 function 0 Silicon Motion LynxEM+ rev 0xb0
wsdisplay0 at smfb0 mux 1: console (std, vt100 emulation)
ohci0 at pci0 dev 9 function 0 NEC USB rev 0x44: irq 7, version 1.0
ehci0 at pci0 dev 9 function 1 NEC USB rev 0x05: irq 7
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 NEC EHCI root hub rev 2.00/1.00 addr 1
glxpcib0 at pci0 dev 14 function 0 AMD CS5536 ISA rev 0x03: rev 3,
32-bit 3579545Hz timer, watchdog, gpio
gpio1 at glxpcib0: 32 pins
pciide0 at pci0 dev 14 function 2 AMD CS5536 IDE rev 0x01: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
auglx0 at pci0 dev 14 function 3 AMD CS5536 Audio rev 0x01: isa irq 9,
CS5536 AC97
ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0)
audio0 at auglx0
ohci1 at pci0 dev 14 function 4 AMD CS5536 USB rev 0x02: isa irq 11,
version 1.0, legacy support
ehci1 at pci0 dev 14 function 5 AMD CS5536 USB rev 0x02: isa irq 11
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 AMD EHCI root hub rev 2.00/1.00 addr 1
usb2 at ohci0: USB revision 1.0
uhub2 at usb2 NEC OHCI root hub rev 1.00/1.00 addr 1
isa0 at glxpcib0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
mcclock0 at isa0 port 0x70/2: mc146818 or compatible
ykbec0 at isa0 port 0x381/3
usb3 at ohci1: USB revision 1.0
uhub3 at usb3 AMD OHCI root hub rev 1.00/1.00 addr 1
clock0 at mainbus0: ticker on int5 using count register
apm0 at mainbus0
umass0 at uhub1 port 1 configuration 1 interface 0 Generic USB2.0-CRW
rev 2.00/58.87 addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0:  SCSI0
0/direct removable serial.0bda015811417340
urtw0 at uhub1 port 4 Realtek RTL8187B rev 2.00/2.00 addr 3
urtw0: RTL8187B rev E, address xx:xx:xx:xx:
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
pmon bootpath: /dev/disk/wd0
boot device: wd0
root on wd0a swap on wd0b dump on wd0b
WARNING: / was not properly unmounted
ehci_idone: ex=0xc0088200 is done!
ehci_idone: ex=0xc0088200 is done!
apm0: battery high
urtw1 at uhub1 port 2 Realtek RTL8187 rev 2.00/1.00 addr 4
urtw1: RTL8187 rev 0x04, RFv2, address xx:xx:xx:xx:

Re: vnc teminal fuctions?

2012-03-20 Thread Bryan Irvine 
See tmux.

Sent from my iPhone

On Mar 20, 2012, at 8:15 PM, f5b  wrote:

> Can OpenBSD base fulfill the following fuctions?
> How?
>
> 1. One guy login local machine via userA
> 2. I remote login the same machine via userA@ssh
> 3. The guy sit in the front of the machine can see what I see
> 4. We(local & remote) all can control the terminal via keyboard in the same
time so we can collaborate with each other.
>
> I know some vnc ports can do the same thing.
> server:x11vnc
> client:ssvnc

Re: xfce4 freeze on Loongson netbook

2012-03-20 Thread Bryan Irvine 
On Tue, Mar 20, 2012 at 8:41 AM, Alan Cheng  wrote:
> Hello List,
>
> So I'm using a Loongson YeeLoong netbook. I installed XFCE4 without any
> issues, But it will freeze after around 15 minutes, even if I do nothing on
> it. Starting "terminal" will cause it to freeze immediately.
>
> I can still SSH into this netbook after freeze and everything else seems to
> be fine.
>
> This happens back during 4.9 days. It's the same on 5.0 and current
> snapshot.
>

It works fine on my 8089 running 5.0 -release.

Re: 5.0 Stable (amd64) build appears broken.

2012-02-21 Thread Bryan Irvine 
On Tue, Feb 21, 2012 at 10:28 AM, Duncan Patton a Campbell
 wrote:
> On Tue, 21 Feb 2012 09:53:48 -0800
> Philip Guenther  wrote:
>
>> On Tue, Feb 21, 2012 at 8:16 AM, Duncan Patton a Campbell
>>  wrote:
>> > On Mon, 20 Feb 2012 23:24:56 -0500
>> > Ted Unangst  wrote:
>> >
>> >> On Mon, Feb 20, 2012, Duncan Patton a Campbell wrote:
>> >> > On Mon, 20 Feb 2012 10:05:19 -0500
>> >> > Ted Unangst  wrote:
>> >> >
>> >> >> you are running config from a different version than the source you
>> >> >> are trying to compile.
>> >> >
>> >> > Ok, but if I've started with 5.0 Release, how do I get 5.0 Stable's
>> config
>> >> > without
>> >> > building it?
>> >>
>> >> I would revisit the assumption you are building 5.0 on 5.0.  You are
>> >> reporting an error nobody else is reporting, that just happens to be
>> >> exactly the error one sees when building with a mismatched config and
>> >> src, so You see where I'm coming from?
>> >>
>> >
>> > Yes.  I do.  I can only assume I've buggerd up the src tree somehow.
>> >
>> > uname -svmpr
>> > OpenBSD 5.0 GENERIC.MP#63 amd64 AMD A6-3670 APU with Radeon(tm) HD
Graphics
>>
>> It's most likely that you're currently running a 5.0 kernel with 4.9
>> binaries.  To upgrade from 4.9 to 5.0 by building from source you
>> would have needed to follow the steps in the "following -current" page
>> of the FAQ during the run-up to the 5.0 release.  Once 5.0 was
>> released, the presumption became that you'll install 5.0 sets and work
>> from there.
>>
>> Probably the simplest way forward is to just follow the steps outlined
here:
>>http://www.openbsd.org/faq/upgrade50.html
>
> There's a minor error in http://www.openbsd.org/faq/faq5.html such that
> it specifies that to "follow stable" you can pull the whole tree with cvs
> and run as such.  This is not the case.  The 5.0-Stable tree will not
> build without the tree being first primed with the 5.0-Release code.

I think you are doing something wrong. I haven't 'primed' it before a
build for at least 5 years now.  I suspect you might be trying to
build -current (5.1-beta) on a 5.0 -release system.

-B

Re: adding icewm

2012-02-02 Thread Bryan Irvine 
pkg_add -i icewm

Man pkg_add for more details.



On Feb 2, 2012, at 6:29 PM, Richard Thornton 
wrote:

> How do I add this window manager?
>
> RT

Lemote Yeelong won't wake up from zzz when called from X

2012-01-23 Thread Bryan Irvine 
If I directly call zzz  from xterm running under xfce4 it sleeps and
doesn't wake up.  I'm pretty sure I know the reason (and even suspect
this is the expected behavior), but was hoping someone smarter would
chime in with the reason.

Thanks,

-Bryan

Re: claimed 5.0 problems on sparc64 (was Re: Upgrading AMD64 4.9-stable to 5.0)

2012-01-13 Thread Bryan Irvine 
On Fri, Jan 13, 2012 at 12:22 PM, Richard Thornton
 wrote:

> OpenBSD 5.0-current (GENERIC) #65: Thu Nov  3 00:58:36 MDT 2011

>
PKG_PATH=ftp://openbsd.mirror.frontiernet.net/pub/OpenBSD/5.0/packages/sparc6
4/

You're trying to use -stable packages on a -current system?
Re-install the OS, and don't use the snapshots directory to get your files.

-B

Re: Longsoon/Godson MIPS boxes, where to buy?

2012-01-02 Thread Bryan Irvine 
On Mon, Jan 2, 2012 at 9:10 AM, Nomen Nescio  wrote:

> I don't believe in paying top dollar to some shop in Europe just so they can
> make a few thousand percent markup on a unit when the guys who actually make
> them get paid enough for a half of bag of rice per month. I don't give a
> shit what connections you have or why you think I should enrich your buddies
> but it ain't going to happen. It's not a boutique item or a collectable,
> it's just a low-end MIPS box. When the mini hits 50 bucks I'll buy a
> bunch. Until then, "that's TOO FUCKING HIGH!!!" Got it, asshole?

I know a bunch of people with SGI O2's that might let them go for
that. How many do you want?

-B

Re: Where to buy Lemote FuLoong MIPS boxes?

2011-12-13 Thread Bryan Irvine 
On Tue, Dec 13, 2011 at 11:44 AM, Nomen Nescio  wrote:
> The prices at the "official European shop" in the Netherlands are sky high.
> I thought this was supposed to be a 150 dollar PC. Does anybody have a good
> cheap source for these or other MIPS boxes? Thanks.

Same problem here in the US.  Some retailers are selling them for
upwards of $500 (after shipping) for the 'cheap' model.

I just got a quote from alibaba.com to import an 8089-B from Lemote
for $190 + $48 (I think that's 182E (where's that darn Euro key?))

-Bryan

Re: Performance problems with OpenBSD 4.9 under ESXi 5

2011-11-02 Thread Bryan Irvine 
> I have some OpenBSD AMD64 (as 'other-64bit') VMs running fine for months under
> ESX 4.1.0 e.g:

We've had the Seattle BSD user group site hosted on an OpenBSD VM for
something like 2 years with no problems.  I can probably ask our host
what config options they[1] used when setting it up. If anyone
needs/wants a dmesg or something I can provide that.


[1] http://www.thunderboltcomputing.com/ I'm not sure what plan we're
under as they donate the hosting to us.

-Bryan

Re: USB mouse

2011-10-26 Thread Bryan Irvine 
On Wed, Oct 26, 2011 at 3:52 PM, Zantgo  wrote:
> How I can run USB mouse?

You have to extract the drivers from the ubuntu linux installation CD.

Re: /dev/srandom vs. /dev/arandom

2011-10-18 Thread Bryan Irvine 
On Tue, Oct 18, 2011 at 11:12 AM, Theo de Raadt 
wrote:
>> On Tue, Oct 18, 2011 at 12:20 PM, Theo de Raadt 
wrote:
>> >> In any case, I'm
>> >> getting just under 600KB/s on average with /dev/random. This is on a
rather
>> >> old machine, so I guess it's not too bad.
>> >
>> > I am getting 9MB/sec on a zaurus (416 MHz xscale arm).
>>
>> Just so everyone is on the same page, how are you measuring that?  dd
>> if=/dev/random of=/dev/null ?
>
> dd if=/dev/random of=/dev/null bs=32k

I typed this and only got 596k on my Sun IPX (40Mhz).

Can you fix this please?  *ducks*

-B

Re: OpenBSD fw freezing with ps/trace.

2011-10-17 Thread Bryan Irvine 
On Mon, Oct 17, 2011 at 8:20 AM, Chris Cappuccio  wrote:
> Time to upgrade to 5.0.  Report any failures after you do that.

I think he's saying it's been doing this since 4.6.  I parsed that as
him being on at least the current release.

Leon, can you send a dmesg?

Re: Loongson -- is it actually encumbered now?

2011-09-09 Thread Bryan Irvine 
On Fri, Sep 9, 2011 at 11:59 AM, Daniel Villarreal
 wrote:
> Is any computing platform entirely free ? Is any computer processor perfect
> ? I'd like to know what processors the OpenBSD developers prefer to use.

VAX of course!

Re: ftpd server

2011-09-01 Thread Bryan Irvine 
On Tue, Aug 30, 2011 at 11:38 PM, fqui nonez  wrote:
> Hello
>
> I have a ftpd server box, OBSD-4.9, and pflog shows:
>
> Aug 29 10:11:03.520900 rule 3/(match) pass in on rl0:
> 190.87.195.241.2732 > 192.168.5.2.21: S 2008995709:2008995709(0) win
> 65535 
> Aug 29 10:15:52.825409 rule 3/(match) pass in on rl0:
> 190.87.195.241.3190 > 192.168.5.2.21: S 409025537:409025537(0) win
> 65535 
> Aug 29 10:27:40.085461 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 2719210498:2719210554(56) ack 2008995823 win
> 17424 (DF) [tos 0x10]
> Aug 29 10:28:44.085510 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:29:48.085560 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:30:52.085653 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:31:56.085655 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:32:29.475695 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 2719185758:2719185814(56) ack 409025651 win
> 17424 [tos 0x10]
> Aug 29 10:33:00.085705 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:33:33.475738 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:34:04.085762 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:34:37.475788 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:35:08.085806 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.2732: R 57:57(0) ack 1 win 0 (DF) [tos 0x10]
> Aug 29 10:35:41.475843 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:36:45.475901 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:37:49.475947 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 (DF) [tos 0x10]
> Aug 29 10:38:53.476001 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: FP 0:56(56) ack 1 win 17424 [tos 0x10]
> Aug 29 10:39:57.476044 rule 1/(match) block out on rl0: 192.168.5.2.21
>> 190.87.195.241.3190: R 57:57(0) ack 1 win 0 [tos 0x10]
>
> pf rules are:
>
> set skip on lo
> block in log all
> block out log all
> pass out log quick on rl0
> pass in log quick on rl0 proto tcp from any to port {20 21 22}
> antispoof quick log for rl0
> pass# to establish keep-state
>
> It look for me, that somebody send code over port 21, then ftpd
> respond over port 21, and pf stops sftp!
> I have seen that normal behaviour of ftpd is logged on random ports;
> as effect of ftp_proxy.
>
> Is it happening something weird here?

The FTP protocol itself is weird.

Most (all?) modern FTP clients now include SFTP/SCP.  I convinced a
client to switch to that a few years ago, and their customers are
still using it to this day (chrooted with no login shell of course).
If you must use FTP you are always going to have problems firewalling
and troubleshooting whether someones client is set to active/passive,
or whether they're also behind a firewall.  Just make the switch and
wash your hands of that protocol.  :-)

-Bryan

Re: Mac Mini Server

2011-07-13 Thread Bryan Irvine 
On Wed, Jul 13, 2011 at 9:55 AM, Sergey Bronnikov  wrote:
> What is the sense to buy Mac and install openbsd on it?
> You pay for Mac OS when you buy a Mac. So what is the sense
> to install another OS on it?

He wants to?  Is another reason necessary?

-B

Re: Can command-line options be specified in any place?

2011-06-22 Thread Bryan Irvine 
On Wednesday, June 22, 2011, ropers  wrote:
> On 22 June 2011 21:22, Bryan Irvine  wrote:
>>
>> For what it's worth ls, is part of GNU.
>>
>> I yanked this right from ls.c
>>
>> /* Written by Richard Stallman and David MacKenzie.  */
>>
>> **ducks**
>
> Huh?
>
>
http://www.openbsd.org/cgi-bin/cvsweb/src/bin/ls/ls.c?rev=1.37;content-type=t
ext%2Fplain

I was correcting the assumption that Linus wrote the linux version if
ls. Sorry to confuse. :-)

Re: Can command-line options be specified in any place?

2011-06-22 Thread Bryan Irvine 
> Linus didn't do his homework properly. That, combined with the fact that
> Linux became such a huge success is both a blessing and a curse to us
> in the unix community; on the one hand Linux provides us with plenty of
> young blood in a new generation of hackers... while on the other hand
> they can't speak properly!

For what it's worth ls, is part of GNU.

I yanked this right from ls.c

/* Written by Richard Stallman and David MacKenzie.  */

**ducks**

Re: Control of OpenBSD through a web interface

2011-06-15 Thread Bryan Irvine 
If you must do it just use webmin (make sure you have SSLeay installed).

If this is more of a technical exercise for yourself.  Pick up the CGI
Programming in C and PERL book by Thomas Bhoutell.  It's old but it
was one of my faves once upon a time.

-Bryan

2011/6/15 Jean-Frangois SIMON :
> Hi,
>
> I have a remote controlled machine which I manage by ssh and yet I'm in the
> process of making up a small web page through which basic commands can be
> passed.
>
> I have no clear idea regarding how to design this, in the first place I
> thought about a cgi script written in C which I did manage to have it say
> "hello world" at the present time, but not yet much more.
>
> There's not yet clear clues regarding how to make this peace of web
> interface talk to the system and I would like to make it clean by means of
> elegant way to deal with web page <-> system communication.
>
> Any clue regarding the way it could be ?
>
> Thanks,
>
> Jean-Frangois

Re: Odd CARP behavior

2011-05-20 Thread Bryan Irvine 
On Thu, May 19, 2011 at 3:57 PM, Gary Thornock  wrote:
> My previous company has a pair of firewalls running OpenBSD 4.4 with
> CARP.  They've been running with no problem since just after the 4.4
> release, until the last couple of days.
>
> Now, the firewall that should be in BACKUP state has somehow decided
> that it needs to be MASTER for some, but not all, of the CARP interfaces,
> even though the master machine is running fine.  Something like this:
>
>
> if  machine 1   machine 2
> carp0   MASTER  BACKUP
> carp1   MASTER  BACKUP
> carp2   MASTER  MASTER
> carp3   MASTER  BACKUP
> carp4   MASTER  MASTER
>
>
> The interfaces where both machines try to be MASTER at the same time
> become unreliable or unreachable.
>
> I looked around Google but couldn't turn up any reports of similar
> issues.  Admittedly I might have been searching for the wrong terms,
> though.
>
> Any ideas as to what could be causing this problem?  They're likely
> to rebuild both machines in the next week or so, either with 4.6 (so
> they can keep their existing pf.conf) or with 4.9 so as to be current,
> but they'd like some assurance that a rebuild will actually solve the
> problem.  (If it were, say, a failing NIC, updating the software
> wouldn't help.)
>
> For whatever it's worth, the machines in question are Poweredge R200s,
> with the two on-board Broadcom gigabit ports and an additional Intel
> gigabit card for pfsync.  They're running the i386 rather than the
> amd64 version of OpenBSD.
>


What does netstat -s -p carp show?

Run that on each firewall.

Also, can you paste the contents of hostname.carp2 and hostname.carp4
from each firewall?

-Bryan

Re: Is there kernel option like as vga=?

2011-05-03 Thread Bryan Irvine 
On Tue, May 3, 2011 at 9:11 AM, Iori Yoneji  wrote:
> Konnichiwa, probably my English contain mistakes, fogive.
>
> I'm looking for the way to adjust text console pixel size.
>
> I uses SONY laptop PC, PCG-FX77Z/BP, a little bit obsolete Athlon M
> machine.
> It must be pleasure for me that this has SXGA+(1400x1050) color LCD,
> but this make me mad.
>
> When I uses preinstalled windows XP, the symptom submerged.
> Next, When I started to use Debian GNU/Linux, I noticed about
> some annoying lines next to the pointer, and/or somewhere else in LCD.
> Then I have very in trouble, but solved with vga option.
> Setting and passing vga=834 option to kernel, the text console and
> boot message became in 1400x1050 mode, and it didn't conflict with X.
> Without conflict between X and text console in pixel, the annoying lines
> dissapear.
> Yes, this hack go well. I got huge space in console and X is not make me
> mad.
>
>
> Now, I want to this again in OpenBSD.
> I wanted to much know about BSDs, and OpenBSD atracted me. As I thought,
> X in OpenBSD has the line next to the pointer. It perhaps be sync error.
> Even if I uses cool Afterstep, it make me disapointed.
>
> But It seems OpenBSD has no flame buffer, or vga-like option.
> I tried to use wsconscfg, but not succeeded.
>
> I runed this in ttyC0 as root:
>
> wsfontload -h 8 -e ibm /usr/share/misc/pcvtfonts/vt220l.808
> wsconscfg -dF 5
> wsconscfg -t 80x50 5
>
> this was in FAQ7.5 Code. But I have found just only destroyed console at
> ttyC5. Man page of wsconscfg is more confusing.
>
> My quetion is below:
> Can I configure the text terminal size and boot message size?
> How should I so?
> In case not, what is workaround?
>


I'm not sure if this is what you are meaning to do.

http://www.openbsd.org/faq/faq7.html#80x50

-Bryan

Re: Wildest Africa Tour

2011-04-05 Thread Bryan Irvine 
On Mon, Apr 4, 2011 at 7:45 AM, Anton Parol  wrote:
> OpenBSD vs a Lion?

It holds it's own against a snow leopard. :-)

-B

Re: OBDS vs. NetBSD security

2011-03-25 Thread Bryan Irvine 
On Fri, Mar 25, 2011 at 3:14 AM, johhny_at_poland77
 wrote:
> If i search for the two words: OpenBSD and NetBSD on:
>
> http://www.exploit-db.com/
>
> then i get 17 hits regarding security bugs on OpenBSD, and 8 hits regarding 
> security bugs on NetBSD.
>
> So what are the differences exactly in the _REALITY_?
>
> Anybody has any links, that how does NetBSD and OpenBSD audit their code? :O
>
> I'm not trolling, just want the real security! It's not a flame topic..
>
> p.s: if i search for FreeBSD... :\ too many hits to count..

JigglyPuffBSD doesn't have anything at all listed on that site. I
might need to switch my firewalls soon.

-Bryan

Re: Choosing a window manager...

2011-03-15 Thread Bryan Irvine 
On Tue, Mar 15, 2011 at 11:50 AM, marc  wrote:
> Hi all,
>
> I'm deciding between kde, xfce, gnome, and fluxbox (in order of
> preference). Any experiences? Any relevant security issues on any of them?

what's wrong with afterstep? ;-)

Re: FBI And OpenBSD...

2010-12-15 Thread Bryan Irvine 
On Wed, Dec 15, 2010 at 3:12 PM, BSD  wrote:
> On 12/15/10 16:17, Randy Wrench wrote:
>>
>> http://www.phoronix.com/scan.php?page=news_item&px=ODkxMw
>>
>>
>>
>> Government organizations, whether they be from the United States, the
>> European
>> Union, or anywhere else for that matter, contributing to open-source
>> projects
>> is not new. Heck, Security Enhanced Linux (SELinux) in the mainline kernel
>> can
>> largely be attributed to the United State's National Security Agency
>> (NSA).
>> More organizations contributing to open-source isn't bad -- government or
>> not
>> -- when it's mutually beneficial work with good intentions. However, there
>> are
>> new allegations being made today about OpenBSD's networking stack, in
>> particular it's IPsec code. The FBI allegedly paid OpenBSD developers to
>> insert back-doors into the code-base...
>>
>>
>>
>>
>>
>> The above url carried an article which is disturbing to say the least...
>> Anyone know more about this???
>>
>>
> How about /. and the rest of the world? Theo forwarded the original email
> hours ago.

/. sucks.  But they posted on it 24 hours ago.

-B

Re: FBI And OpenBSD...

2010-12-15 Thread Bryan Irvine 
In addition Gregory Perry allegedly responded and added PF to list the
of targets.

http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd

-Bryan


On Wed, Dec 15, 2010 at 2:17 PM, Randy Wrench  wrote:
> http://www.phoronix.com/scan.php?page=news_item&px=ODkxMw
>
>
>
> Government organizations, whether they be from the United States, the European
> Union, or anywhere else for that matter, contributing to open-source projects
> is not new. Heck, Security Enhanced Linux (SELinux) in the mainline kernel can
> largely be attributed to the United State's National Security Agency (NSA).
> More organizations contributing to open-source isn't bad -- government or not
> -- when it's mutually beneficial work with good intentions. However, there are
> new allegations being made today about OpenBSD's networking stack, in
> particular it's IPsec code. The FBI allegedly paid OpenBSD developers to
> insert back-doors into the code-base...
>
>
>
>
>
> The above url carried an article which is disturbing to say the least...
> Anyone know more about this???

Re: sha256 hash for /bsd

2010-12-09 Thread Bryan Irvine 
Get a new bsd.

On Thu, Dec 9, 2010 at 9:29 PM, OpenBSD Geek  wrote:
> So how can i proceed ?
>
> On Thu, 9 Dec 2010 23:30:20 -0600, J Sisson
> wrote:   If it's different from the sha256 on bsd from an official mirror,
>
> then yes, your ftp's /bsd is bad. =)

Re: em(4) is just 10baseT

2010-11-17 Thread Bryan Irvine 
On Tue, Nov 16, 2010 at 10:25 PM, Jochen Fabricius  wrote:
> Hi,
>
>> Hi,
>>
>> What does:
>>
>> ifconfig em0 media
>>
>> say?
>>
>> Fred
>>
>
>  ifconfig em0 media
> em0: flags=8843 mtu 1500
>lladdr 90:fb:a6:46:db:e1
>priority: 0
>groups: egress
>media: Ethernet autoselect (10baseT full-duplex,rxpause,txpause)
>status: active
>supported media:
>media 10baseT
>media 10baseT mediaopt full-duplex
>media 100baseTX
>media 100baseTX mediaopt full-duplex
>media 1000baseT mediaopt full-duplex
>media 1000baseT
>media autoselect
>inet 10.0.0.100 netmask 0xff00 broadcast 10.0.0.255
>
> I tried ifconfig em0 media 100baseTX (+ mediaopt full-duplex) then I have no
connection.

Make sure you are setting both sides to 100-full or you will end up in
a duplex mismatch.

-B

Re: Building a Practical Penetration Test Lab

2010-11-12 Thread Bryan Irvine 
> I've heard of people not even getting past the install even with a
> hardware virtualisation capable cpu.

On VirtualBox this is probably more to do with the dynamic image size.
 You have to create the disk image as a fixed size in order to
complete the install.  After that it works fine.

-Bryan

Re: Architeture Choose

2010-11-08 Thread Bryan Irvine 
On Mon, Nov 8, 2010 at 9:44 AM, Christopher Dukes  wrote:
> On Fri, 2010-11-05 at 14:30 -0400, Joe McDonagh wrote:
>> "If your Sun fails" <-- that's a big IF. It's approaching a possibility
>> of 0 in my experience.
>>
>> If performance isn't an issue and stability is your chief goal, none of
>> this hardware is as stable as a Sun.
>
> Not quite my experience.
> In 2001 I worked at a place with a lot of used Sun hardware courtesy of
> Fujitsu layoffs (Sparc 20s, Ultra 5s).
> Entirely too many fried ethernet ports on the sparc 20s.
> And it took too many iterations to find a sparc 20 that wouldn't crash
> and burn while building OpenBSD from source.
> A fidgety developer kicking an ultra 5 from a | orientation to a _
> orientation would reliably destroy the power supply and harddrives.
> On the bright side, I could repair the ultra 5s with power supply and
> drives scavenged from eMachines with ALI motherboards with the wonderful
> DMA that shoved garbage into memory for every OS we tried on them.

I had a U10 with a Gig of ram that would crash during building. It
turned out to be a bad RAM module.

I'm with Henning though.  I've yet to see a dead Netra, stacks and
stacks of e220r/e420r's that haven't ever had any issues.  I used to
have a bunch of the e220r series that had like 4 years (maybe more)
worth of dmesg's in the output because they were never powered off,
only restarted for upgrades.

-B

Re: How to convert .img to .iso

2010-11-08 Thread Bryan Irvine 
On Mon, Nov 8, 2010 at 8:22 AM, James Hozier  wrote:
> Since there are apparently is no software for this kind of conversion, by 
> what other
> means or methods are there to do this on OpenBSD? I cannot mount .img at all 
> with
> either vnconfig or '-o loop'.

-t msdos?

Re: Architeture Choose

2010-11-05 Thread Bryan Irvine 
On Fri, Nov 5, 2010 at 11:30 AM, Joe McDonagh
 wrote:
> "If your Sun fails" <-- that's a big IF. It's approaching a possibility of 0
> in my experience.
>
> If performance isn't an issue and stability is your chief goal, none of this
> hardware is as stable as a Sun.

Agreed

I've only seen 3 Sun hardware failures (I'm talking about sparcs) in
something like 15 years (not counting things like disks or whatever).
One was an IPX, that had a motherboard battery die and was easily
replaced, but took some work to figure out how to rewrite the prom
(after 17 or so years this is still running), another e450 that
someone had modified to 'make it faster' and it kept blowing some CPU
bridge-thing, and another ultra 1 with an actual logic board failure
(it was 10 years old by that point though).

as an aside I've thought about putting a bigger disk in the IPX just
to see how long it takes to make a release.  My netra T1 takes 24
hours and 5.5 seconds to make a full release (including X).  Based on
absolutely no calculations at all I'd guess a month and 5 seconds.

Just for fun:
OpenBSD 4.7 (GENERIC) #152: Fri Mar 19 02:33:48 MDT 2010
  dera...@sparc.openbsd.org:/usr/src/sys/arch/sparc/compile/GENERIC
real mem = 66973696 (63MB)
avail mem = 59752448 (56MB)
mainbus0 at root: SUNW,Sun 4/50
cpu0 at mainbus0: W8601/8701 or MB86903 @ 40 MHz, on-chip FPU; cache
chip bug - trap page uncached
cpu0: 64K byte write-through, 32 bytes/line, hw flush cache enabled
memreg0 at mainbus0 ioaddr 0xf400
clock0 at mainbus0 ioaddr 0xf200: mk48t02 (eeprom)
timer0 at mainbus0 ioaddr 0xf300 delay constant 17
auxreg0 at mainbus0 ioaddr 0xf743
zs0 at mainbus0 ioaddr 0xf100 pri 12, softpri 6
zstty0 at zs0 channel 0
zstty1 at zs0 channel 1
zs1 at mainbus0 ioaddr 0xf000 pri 12, softpri 6
zskbd0 at zs1 channel 0: keyboard, type 5, layout 0x22
wskbd0 at zskbd0: console keyboard
zsms0 at zs1 channel 1
wsmouse0 at zsms0 mux 0
audioamd0 at mainbus0 ioaddr 0xf7201000 pri 13, softpri 4
audio0 at audioamd0
sbus0 at mainbus0 ioaddr 0xf800: clock = 20 MHz
dma0 at sbus0 slot 0 offset 0x40: rev 1+
esp0 at sbus0 slot 0 offset 0x80 pri 3: ESP100A, 25MHz
scsibus0 at esp0: 8 targets, initiator 7
probe(esp0:3:0): max sync rate 8.33MB/s
sd0 at scsibus0 targ 3 lun 0:  SCSI2 0/direct fixed
sd0: 4303MB, 512 bytes/sec, 8813870 sec total
le0 at sbus0 slot 0 offset 0xc0 pri 5: address 08:00:20:08:b4:84
le0: 16 receive buffers, 4 transmit buffers
dma1 at sbus0 slot 1 offset 0x81000: rev esc
esp1 at dma1 offset 0x8 pri 3: ESP200, 40MHz
scsibus1 at esp1: 8 targets, initiator 7
lebuffer0 at sbus0 slot 1 offset 0x4: 128K memory
le1 at lebuffer0 offset 0x6 pri 5: address 08:00:20:08:b4:84
le1: 64 receive buffers, 16 transmit buffers
dma2 at sbus0 slot 2 offset 0x81000: rev esc
esp2 at dma2 offset 0x8 pri 3: ESP200, 25MHz
scsibus2 at esp2: 8 targets, initiator 7
lebuffer1 at sbus0 slot 2 offset 0x4: 128K memory
le2 at lebuffer1 offset 0x6 pri 5: address 08:00:20:08:b4:84
le2: 64 receive buffers, 16 transmit buffers
cgsix0 at sbus0 slot 3 offset 0x0 pri 7: SUNW,501-1672, 1152x900, rev 8
wsdisplay0 at cgsix0 mux 1: console (std, sun emulation), using wskbd0
fdc0 at mainbus0 ioaddr 0xf720 pri 11, softpri 4: chip 82072
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
bootpath: /s...@1,f800/e...@0,80/s...@3,0
root on sd0a swap on sd0b dump on sd0

Re: FreeBSD isn't Free

2010-10-06 Thread Bryan Irvine 
On Wed, Oct 6, 2010 at 10:34 AM, Sevan / Venture37  wrote:
> On 6 October 2010 17:47, Ted Unangst  wrote:
>> I'm pretty sure that not every FreeBSD user with a laptop "system
>> incorporating such software" has such a letter because I know I sure
>> as hell never got one.
>
> more importantly, do these guys?
> http://twitter.com/bsdevents/status/26264498108
> http://imenpardis.com/news/

What about these guys?
http://en.wikipedia.org/wiki/FreeBSD#Derivatives

-B

netatalk causes panic

2010-09-25 Thread Bryan Irvine 
I'm running a custom kernel (because it's required).  The only change
I made was uncommenting the following line.

option  NETATALK# AppleTalk

I installed netatalk from packages.

and when I try to start it I immediately get a ddb> prompt


# sh /etc/netatalk/rc.atalk
starting appletalk daemons:uvm_fault(0xd66c8008, 0x0, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at  ifa_add+0x9:cmpb$0x12,0x1(%eax)



ddb> trace
ifa_add(d1b32c00,d1c15480,4,dbec5e78,194f80) at ifa_add+0x9
at_control(8020690c,dbec5e78,d1b32c00,d66e42cc,d1b32c00,d66e42cc,dbec5da0,d03a7
51a) at at_control+0x27a
ifioctl(d676177c,8020690c,dbec5e78,d66e42cc,0) at ifioctl+0x1d8
sys_ioctl(d66e42cc,dbec5f68,dbec5f58,4,89) at sys_ioctl+0x125
syscall() at syscall+0x24e
--- syscall (number 54) ---
0xa6a22d1:



ddb> ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
*31082  29496  31082  0  7   0atalkd
 29496  11251  11251  0  3  0x4082  wait  atalkd
 11251  19979  11251  0  3  0x4082  pause sh
 28643  13906  21838502  2  0x4580mysqld
 19979  1  19979  0  3  0x4082  pause ksh
 12444  1  12444  0  3  0x4082  ttyin getty
 12407  1  12407  0  3  0x4082  ttyin getty
 31882  1  31882  0  3  0x4082  ttyin getty
  1902  1   1902  0  3  0x4082  ttyin getty
 10436  1  10436  0  3  0x4082  ttyin getty
 10021  1  10021  0  30x80  selectcron
  7284  1  21838  0  3 0x40182  selectdopewars
 19721  1  11920  0  30x80  selectsnmpd
 11007  11486  11486 67  3   0x180  netconhttpd
 13450  11486  11486 67  3   0x180  netconhttpd
  2266  11486  11486 67  3   0x180  netconhttpd
 16688  11486  11486 67  3   0x180  netconhttpd
  7305  11486  11486 67  3   0x180  netconhttpd
 28221  11486  11486 67  3   0x180  netconhttpd
  7946  11486  11486 67  3   0x180  netconhttpd
 26505  11486  11486 67  3   0x180  netconhttpd

 22980  11486  11486 67  3   0x180  netconhttpd
 27215  11486  11486 67  3   0x180  netconhttpd
 19430  11486  11486 67  3   0x180  netconhttpd
 14445  11486  11486 67  3   0x180  netconhttpd
 10526  11486  11486 67  3   0x180  netconhttpd
 10894  11486  11486 67  3   0x180  netconhttpd
 17826  11486  11486 67  3   0x180  netconhttpd
 13906  1  21838  0  3  0x4082  pause sh
 21201  1  21201  0  3   0x180  selectinetd
 11486  1  11486  0  30x80  selecthttpd
 19402  1  19402  0  3 0x40180  selectsendmail
 30123  1  30123  0  30x80  selectsshd
 24933  1  24933  0  30x80  poll  ntpd
 14964  28444  14964 83  3   0x180  poll  ntpd
 28444  1  28444 83  3   0x180  poll  ntpd
 25465  26183  26183 74  3   0x180  bpf   pflogd
 26183  1  26183  0  30x80  netio pflogd
 29418  21378  21378 73  2   0x180syslogd
 21378  1  21378  0  30x88  netio syslogd
 14808  1  14808 77  3   0x180  poll  dhclient
 21518  1  21838  0  30x82  poll  dhclient
16  0  0  0  30x100200  bored crypto
15  0  0  0  30x100200  aiodoned  aiodoned
14  0  0  0  30x100200  syncerupdate
13  0  0  0  30x100200  cleaner   cleaner
12  0  0  0  30x100200  reaperreaper
11  0  0  0  30x100200  pgdaemon  pagedaemon
10  0  0  0  30x100200  pftm  pfpurge
 9  0  0  0  30x100200  usbevtusb2
 8  0  0  0  30x100200  usbevtusb1
 7  0  0  0  30x100200  usbtskusbtask
 6  0  0  0  30x100200  usbevtusb0
 5  0  0  0  30x100200  acpi_idle acpi0
 4  0  0  0  30x100200  bored syswq
 3  0  0  0  3  0x40100200idle0
 2  0  0  0  30x100200  kmalloc   kmthread
 1  0  1  0  3  0x4080  wait  init
 0 -1  0  0  3 0x80200  scheduler swapper





OpenBSD 4.7-stable (GENERIC) #9: Fri Sep 24 02:03:40 PDT 2010
r...@servy.allyourbasearebelongto.us:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz ("GenuineIntel" 686-class) 2.42 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,

Re: CARP-ed dns server ?

2010-09-19 Thread Bryan Irvine 
On Sun, Sep 19, 2010 at 11:29 PM, PP;QQ P(P8P?P8QP8P=
 wrote:
> Hello!
>
> does anybody run dns server on CARP interface ?

Yes.

Re: Popping sounds with azalia(4) device

2010-09-16 Thread Bryan Irvine 
On Thu, Sep 16, 2010 at 8:03 AM, Joe Gidi  wrote:
> On Thu, September 16, 2010 6:15 am, Jacob Meuser wrote:
>> On Thu, Sep 16, 2010 at 02:17:36AM -0400, Joe Gidi wrote:
>>> I'm getting frequent popping sounds from the azalia device on my system,
>>> roughly every 15-30 seconds. I have a pair of stereo speakers plugged in
>>> to the green speaker jack, and the pops always seem to alternate
>>> channels
>>> (one on the left, the next one on the right).
>>>
>>> The pops do not occur under Windows, so I don't believe there's a
>>> hardware
>>> problem.
>>>
>>> Mixerctl -v output and dmesg follow. The pops are quieter if I take
>>> "mix"
>>> off of inputs.mix2_source so it's just using dac-0:1, but they are still
>>> present.
>>>
>>> Any ideas?
>>
>> do you hear the noise only when playing something, or do you hear it
>> even when nothing is playing?
>>
>> --
>> jake...@sdf.lonestar.org
>> SDF Public Access UNIX System - http://sdf.lonestar.org
>>
>
> I hear it even when nothing is playing.

I had a similar experience once and it turned out to be interference
from my cell phone.

-B

Re: 4.8 Release and Download and

2010-09-10 Thread Bryan Irvine 
On Fri, Sep 10, 2010 at 4:22 PM, J.C. Roberts  wrote:
> On Fri, 10 Sep 2010 11:19:16 -0700 Bryan Irvine 
> wrote:
>>
>> I also heard it said once (though I'm sure I'll be corrected if wrong)
>> that Theo's salary comes from CD purchases but not donations.  So the
>> only way to keep him employed full-time on OpenBSD is by buying the
>> disks.
>>
>> -B
>
> Curiosity is only human, but to respect the privacy of others, sometimes
> it must be curtailed.

Agreed...though I'm confused about the point you're making.

> I do possess a very vivid imagination, and worse, a truly caustic sense
> of humor, so should I start publicly and wildly speculating about how
> *you* make a living?

Naturally you are always free to do so.

> The result might be very entertaining for some, but it wouldn't be very
> polite or fair to you.

Maybe so, but I've not said anything he himself has not said in public.
http://www.mail-archive.com/misc@openbsd.org/msg74265.html

It seemed to me that it was being suggested to skip buying the CD and
making a donation was a good idea.  I'm merely pointing out that in
order to keep Theo's significant other happy (which certainly benefits
us all I'm sure ;-) a CD purchase would still be appropriate.

-B

Re: 4.8 Release and Download and

2010-09-10 Thread Bryan Irvine 
I also heard it said once (though I'm sure I'll be corrected if wrong)
that Theo's salary comes from CD purchases but not donations.  So the
only way to keep him employed full-time on OpenBSD is by buying the
disks.

-B

On Thu, Sep 9, 2010 at 6:12 PM, J.C. Roberts  wrote:
> On Fri, 10 Sep 2010 00:58:40 +0100 Keith  wrote:
>>
>>   Seeing that orders are being taken for the 4.8 release got me
>> thinking about purchasing a copy, I don't need a copy on CD so just a
>> download for my architecture would be fine. In the past I've sent a
>> small donated to the project and was wondering if there's way that I
>> could buy the right to download the OS before the official release.
>>
>> Personally I would happily pay the same as the full CD costs and
>> probably some more to just download the OS and the project would save
>> on the production of the CD and the postage.
>>
>> I'd defiantly pay for 802.11G, hope that it's working in this release.
>>
>> Keith
>>
>
> Keith,
>
> It seems you're kind of missing the point. The developers *GIVE* the
> code away free to everyone. If you appreciate all the time, effort and
> expense the developers sink into giving away code for free, then the
> right answer is to try to give back to them in some way. Donations are
> always welcome.
>
> Some people work at companies where they use OpenBSD in their
> businesses. Since it's often impossible to get their companies to make a
> straight forward donation, instead they *BUY* a big stack of release
> CDs for their company. Of course, they don't actually need a big stack
> of CDs, but it was the only way the could get approval from the bosses.
>
> As for pre-ordering release CDs, yes, the discs are often (but not
> always) delivered before the official release date. Of course, until the
> actual release date when the CVS and package mirrors open up to public
> access, having the CDs early really doesn't give you much of a head
> start.
>
> Some people don't want stacks and stacks of CDs around, so instead of
> ordering release CDs, the order T-Shirts, posters or best of all, just
> make donations to give back to the project and developers who give them
> so much.
>
> Personally, I buy the release CDs just for the stickers. ;)
>
> Either way, release CD sales and donations really do help to fund
> continued development of OpenBSD.
>
> jcr
>
>
> --
> The OpenBSD Journal - http://www.undeadly.org

Re: how to fix fstab in single user mode for bootable "Live" USB drive

2010-08-27 Thread Bryan Irvine 
On Fri, Aug 27, 2010 at 5:38 AM, Marcus  wrote:
> how to fix fstab in single user mode for bootable "Live" USB drive
>
> http://www.openbsd.org/faq/faq14.html#flashmemLive
> says:
> If your target machine has an ahci(4) or SCSI interface, you will
> probably find your USB drive's identifier changing. Having multiple
> versions of your /etc/fstab file may make this easier to "fix" (in
> single user mode).
>
> Install OpenBSD to USB drive in a notbook.   the usb drive is
> recognized as "sd1"
>
> Now put the USB drive into another PC an boot from USB. the usb dirve
> is recognized as "sd0".
>
> in the single user mode.
> "fsck -p / && mount -uw /"   not work
> "fsck -p /usr && mount /usr" not work
> "vi /etc/fstab" not work.
>
> question:
> how to mount root / writable and active vi editor?

Without looking, I'd guess that you need to change the last step to

env TERM=vt100 vi /etc/fstab

Re: undeadly article

2010-08-16 Thread Bryan Irvine 
On Mon, Aug 16, 2010 at 9:50 AM, Damien Miller  wrote:
> On Mon, 16 Aug 2010, Mihai Popescu B.S. wrote:
>
>> Hello,
>>
>> I have read the undeadly.org article about how to "play" with airport
>> security. I don't know who is the guy acting like this on an airport,
>> but my brain triggered something I read in the past, about a well
>> known guy from open source who was throw out from an airplane by the
>> security team.
>>
>> Just my thought, maybe not related to misc ... but I think this story
>> is not in the line of good old undeadly.
>
> What? I think you are blaming the victim here. The perpetrators are the
> pinheads who think laptops are dangerous goods and people who carry
> more than one are probable terrorists.


That's it! You've just bought yourself "random passenger" status.
Enjoy your cavity search.

-B

Re: Same shit all over again

2010-08-16 Thread Bryan Irvine 
Will someone warn me 2 minutes before Theo gets back?  I'd like to
have some popcorn ready.   :-)




On Mon, Aug 16, 2010 at 9:27 AM, Bob Beck  wrote:
>> Well, tinyurl redirects to my box which redirects to trollaxer.  Here is
>> the culprit log for falling for such a silly trick.
>>
>> 83.101.24.229 - - [15/Aug/2010:19:13:12 -0400] "GET /why.html HTTP/1.1"
>> 200 136 "-" "Mozilla/5.0 (X11; U; OpenBSD i386; en-US; rv:1.9.0.11)
>> Gecko/2009070118 Firefox/3.0.11"
>>
>> # host kd85.com
>> kd85.com has address 83.101.24.229
>>
>> # cat why.html
>> 
>> 
>>> content="0;url=http://www.trollaxor.com/2010/06/why-i-left-openbsd.html";
/>
>> 
>>
>> 
>
> Nicely done David - I'm very impressed - as you know I mentioned
> before this on hackers that this sounded very kd85 like - and you
> confirmed my suspicions very effectively.
>
> Any time I see someone talking about "commit bits" I think of this and
> laugh - as this is someone who has never done a commit to OpenBSD.
>
> The lies in the message that was sent are pretty good to - Were we in
> the middle of a release cycle - were people cranky? Yes, absolutely -
> you know what - sane people have disagreements - all the time.
>
> however.
>
> Machines were not turned off.
>
> Everyone still had access to what they were doing
>
> Was the tree locked? yes - as problems have been found in test and
> need to be fixed. It's still locked - but we'll ship a good release
> for that.
>
> The priceless one is how the wim calls for a "vote" - yeah - that
> works real well for netbsd.
>
> and is also signing his messages "H" and "R" to decieve  people as to
> the real identity and to foster suspicion within the community I find
> that particularly reprehensible - but not surprising. Nothing could
> surpirse me from this source anymore. I get the impression that this
> sort of behaviour is normal from Wim - it seems to make the same
> amount of sense as kd85's normal business practices - Sorry I can't go
> along with that. I pay my taxes, and I pay for my own house with my
> own money.  I encourage Wim to fork his own project that will be run
> and funded fully, and openly, and accountable to all involved. I'm
> sure it will be a resounding success.

Re: which monitoring do you use (on OpenBSD)

2010-08-14 Thread Bryan Irvine 
I like Zenoss, though the new interface is a little difficult to
understand.  Also, the OP wanted something that he can run on OpenBSD
and Zenoss runs on Linux.  I like splunk a lot as well.  I use splunk
to send events to Zenoss.

-B



On Sat, Aug 14, 2010 at 2:21 AM, Toni Mueller  wrote:
> On Fri, 13.08.2010 at 14:36:21 +0100, Kevin Chadwick  
> wrote:
>> What do people think of monit.
>
> Ok, I'll chime in: What do people think of Zenoss and splunk?
>
> I'm so far leaning twoards trying Zenoss, but it surely has a high
> barrier-of-entry, and I'm only interested in splunk for comparison.
>
>
> Kind regards,
> --Toni++

Re: How to Downgrade from 4.7 to 4.6

2010-08-06 Thread Bryan Irvine 
On Fri, Aug 6, 2010 at 9:27 PM, Chris Cappuccio  wrote:
> Considering that 4.7 isn't known to have major, show-stopper bugs in PF like 
> you experience, you may want to consider that there is a bug in some other 
> part of the system like the ethernet driver or some such.
>
> If you can try 4.8 snapshots first, and perhaps post your tests, results, and 
> dmesg to the list, then someone can help you narrow down what the actual 
> problem is.

Additionally posting what the actual problem is might help as well.

-B

Re: a minor correction to rc.conf comments

2010-07-29 Thread Bryan Irvine 
On Thu, Jul 29, 2010 at 4:49 PM, Ed Ahlsen-Girard  wrote:
> From:   Marco Peereboom 
> Date:   2010-07-29 23:25:14
>
>>
>> On Fri, Jul 30, 2010 at 01:17:28AM +0400, Vadim Zhukov wrote:
>> > On 30 July 2010 c. 00:37:23 Kenneth R Westerback wrote:
>> > > On Thu, Jul 29, 2010 at 10:54:29AM -0700, Randal L. Schwartz
>> > > wrote:
>> > > > > "Jason" == Jason McIntyre  writes:
>> > > >
>> > > > Jason> fixed this and the syslogd_flags example above it, which
>> > > > Jason> had
>> > > > the same Jason> error.
>> > > >
>> > > > The style guide for a former employer of mine forbid these,
>> > > > requiring us to spell out "for example" and "that is".  Even if
>> > > > you can get them right, it's not obvious that the reader would
>> > > > know them as well.
>> > > >
>> > > >
>> > > > --
>> > > > Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1
>> > > > 503 777 0095 
>> > > > http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix
>> > > > consulting, Technical writing, Comedy, etc. etc. See
>> > > > http://methodsandmessages.vox.com/ for Smalltalk and Seaside
>> > > > discussion
>> > >
>> > > You mean not everyone speaks enough latin to know the difference
>> > > between "exempli gratia" and "id est"? What is modern education
>> > > coming to.
>> >
>> > Well, here, in Russia, while English/German/French are more or less
>> > popular in the schools, Latin is being learned by specialists only
>> > (medicians, historians etc.) almost. And it's the way it is for
>> > about a century, if not more.
>>
>> In russia latin learns you!
>
> Omnia dici possunt Latine.

Romanus eunt domus

Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64

2010-06-04 Thread Bryan Irvine 

> Clearing the obj
> directory as part of the upgrade is like flushing your toilet based on the
> date -- may help, but after a while, things start to stink.  It isn't the
> general (or proper) solution.

oops.

What's the recommended procedure for this?

-B

Re: OpenBSD 4.7 Released, May 19 2010

2010-05-19 Thread Bryan Irvine 
On Wed, May 19, 2010 at 1:13 PM, L. V. Lammert  wrote:
> On Wed, 19 May 2010, Bryan Irvine wrote:
>
>> You sure?
>>
>> FTP Listing of /pub/OpenBSD/ at ftp.openbsd.org
>> Parent Directory
>>
> Works fine here, .. you must have a problem with your /etc/hosts?
>
> ftp://ftp.openbsd.org/pub/OpenBSD/4.7/
>

Nope, works now.

Re: OpenBSD 4.7 Released, May 19 2010

2010-05-19 Thread Bryan Irvine 
You sure?

FTP Listing of /pub/OpenBSD/ at ftp.openbsd.org
Parent Directory

Sep 28 2008 00:00Directory 4.2
Sep 28 2008 00:00Directory 4.3
Sep 04 2008 00:00Directory 4.4
Mar 25 2009 00:00Directory 4.5
Oct 08 2009 00:00Directory 4.6
Nov 11 2009 00:00Directory OpenBGPD
Nov 11 2009 00:00Directory OpenNTPD
Apr 15 2010 18:32Directory OpenSSH
Feb 07 1997 00:00  238 README
May 18 2010 16:03Directory distfiles
May 18 2010 19:04Directory doc
Dec 31 2009 13:2510608 ftplist
Apr 01 2010 03:59Directory patches
Feb 05 2010 14:46Directory snapshots
Mar 18 2010 13:27Directory songs
Jan 07 2005 00:00Directory tools


On Wed, May 19, 2010 at 12:18 PM, Bob Beck  wrote:
> well, that looks a bit screwed, since it lists ftp.openbsd.org as not
> having everything :)
>
>
> On 19 May 2010 12:19, Stuart Henderson  wrote:
>> On 2010-05-19, Jorge Medina  wrote:
>>> Congratulations but I can't find a mirror with the release
>>
>> http://spacehopper.org/up2date.html

Re: Relayd on localhost with multiple SSL Certificates

2010-05-11 Thread Bryan Irvine 
On Tue, May 11, 2010 at 5:05 PM, Keith  wrote:
> Hi. is it possible to get multiple http relayd relays listening on
localhost
> each with a different port # and each with a different ssl certificate ?
>
> I've followed a tutorial I found on the net about setting up a firewall up
> so that no services we bound to any network interfaces and then using pf
> rdr's to pass say https traffic to localhost where you have relayd
listening
> and let it do the ssl decryption. So if pf failed for some reason then
there
> would be no services available for anyone to connect to !
>
> I've got this setup working for http and a single https certificate just
now
> and it seems to be working fine but I need to be able to host multiple SSL
> Certificates. If seems that the certificate appears to need to be named
> after the IP  that it's listening on and this is going to cause issues as
> there's only one 127.0.0.1 I think.
>
> Our current setup consists of a pair of firewalls running openbsd, carp, pf
> and relayd. Currently the carp interface has just one IP but we will assign
> others to as we free up the other IP addresses in our range.
>
> I guess it's not the best idea to do the ssl offloading on the firewall so
> in the future when another  server becomes available I will probably want
it
> to do the SSL decryption. I guess if we do that we could just get the new
> server a number of IP addresses and let relayd listed on each of them with
> the SSL certs named after each IP.  (If that makes sense)
>
> Could anyone give me some advice plz ?

I can't think of a situation where what you describe doesn't sound
wacky.  Maybe I misunderstand the intentions, can you link the
'tutorial'?

Also, to do more than 1 SSL site you will just need to add another IP
that coresponds with the cert.  Maybe 'ifconfig lo1 127.0.0.2' is
enough?

-Bryan

Re: VPN between OpenBSD Gateway and a mac

2010-04-26 Thread Bryan Irvine 
On Fri, Apr 23, 2010 at 11:13 AM, jul  wrote:
> Bryan Irvine wrote on 23/04/10 17:49:
>> I use poptop (ports) with great success on built-in mac VPN client.
>
> with which release of macos/openbsd/poptop ?

I've used it with all version of Mac OS since around 10.2 or 10.3 and
the Openbsd of the time up till my current setup of mac os 10.6 and
OpenBSD 4.6.

> I'm interested to your complete configuration. I tried some openbsd vpn
> with macos and iphone and have not managed to it (not much time to work
> it either)

The sample configs show you everything.

-Bryan

Re: VPN between OpenBSD Gateway and a mac

2010-04-23 Thread Bryan Irvine 
On Thu, Apr 22, 2010 at 10:23 PM,   wrote:
> Hi,
>
> At work, we use OpenBSD as a gateway (PF for firewalling, and Vpn using
> (ipsec.conf file and isakmpd -K).
> We have 2 companies connected in vpn with our OpenBSD Box. All works fine.
>
> Now, i wish to connect at work from my home using a Mac (MAC OS 10.6), but
> i don't know how to configure it.
> On mac os, i can connect me on a vpn using :
> - pptp
> - L2TP using ipsec
> - cisco ipsec
>
> If someone can help me. Or perhaps i need to use ssh -w ? But how it works

I use poptop (ports) with great success on built-in mac VPN client.

Re: Radius Auth and Insecurity Outputs

2010-04-19 Thread Bryan Irvine 
On Mon, Apr 19, 2010 at 3:09 PM, Andrew Klettke
 wrote:
> Thanks again Ted,
>
> This is an ugly hack (and one that I'll have to keep performing with these
> types of installs), but if it's the only way to get /etc/security to stop
> complaining, then I guess that's what I'll have to do.

Hi Andrew - Long time no see.

Add your custom /etc/security file to a file called site46.tgz and it
will exist at install time.  :-)

-B

Re: Xorg.conf with OpenBSD 4.6 macppc does not work with alternate configuration

2010-04-14 Thread Bryan Irvine 
On Wed, Apr 14, 2010 at 2:13 PM, Super Biscuit  wrote:
> $uname -a
> OpenBSD moo.my.domain 4.6 GENERIC#43 macppc
>
> I have followed the howto section in the readme file and remain with an 8bit 
> resolution at 800x600.
> If there is anything wrong with my configuration?
> X did not start with new_xorg.conf.1.text or new_xorg.conf.2.txt.
> The only working xorg.conf which had good resolution was from a previous 
> debian install done with an ubuntu live disk.
> I do realize that there is a difference between the OSes; but, the xorg.conf 
> and resolutions should be the same for both.


I went through this a few years and got it going with a little help from Nick.

http://marc.info/?l=openbsd-misc&m=116492822327679&w=2

-B

Re: which ISO for a VM?

2010-04-02 Thread Bryan Irvine 
On Fri, Apr 2, 2010 at 2:42 AM, David Coppa  wrote:
> On Fri, Apr 2, 2010 at 11:23 AM, Zachary Uram  wrote:
>> I have never run OpenBSD before and want to try it out. Wondering if
>> there is an ISO I can run in VirtualBox? If not what is the
>> recommended method for users who wish to run OpenBSD in
>> virtualization?
>
> dunno if the "disk full" issue on VirtualBox has been solved...
> btw OpenBSD works well as vmware guest (tested on both VMware Server
> and ESX, with i386 and amd64)
>

I only experienced the "disk full" alert when using VB's auto
expanding disk feature.  If you create it as a fixed size, it works
just fine.

I've used it a dev/test environment for quite some time.

-B

Re: earmark on hfsplus port

2010-03-22 Thread Bryan Irvine 
On Mon, Mar 22, 2010 at 9:59 AM, Ted Roby  wrote:
> I've noticed this environment variable in misc/hfsplus
>
>
> # this only makes sense on macintosh (powerpc) systems.
> ONLY_FOR_ARCHS= powerpc
>
>
> It used to only make sense on powerpc systems, but Macintosh
> hardware now uses i386 architecture. Of course, changing this
> variable is not enough to cause a successful build.
>
> Has someone else setup a common way to get misc/hfsplus
> on i386, and I missed the answer on google?
>
> Is there a reason this would be a bad idea?
>
> If I "port" this port to i386 would it be warmly accepted?

I'm sure someone else will correct me if I'm wrong.  I believe the
only reason this is needed on ppc machines is because the openfirmware
expects an hfs volume to boot from so the bootloader is stored on a
small hfs partition.  If that's the case this isn't needed on i386
Macs.

-Bryan

Re: 4.7 make release fails

2010-03-08 Thread Bryan Irvine 
On Mon, Mar 8, 2010 at 10:12 AM, Ron McDowell  wrote:
> Philip Guenther wrote:
>>
>> On Sun, Mar 7, 2010 at 3:42 PM, Ron McDowell  wrote:
>> ...
>>
>>>
>>> mtree -def /usr/src/distrib/i386/ramdisk_cd/../../miniroot/mtree.conf -p
>>> /mnt/ -u
>>> .:  gid (0, 1000, modified)
>>>
>>
>> It appears that you changed root's primary/default gid from 0 to 1000.
>>  Don't do that.
>>
>>
>> Philip Guenther
>>
>
> Good catch, Philip.   That indeed was/is the problem, but it wasn't
> intentional.
>
> su is not setting the group for me.  sudo does, so I rebuilt using sudo and
> everything worked fine.


 'su -' should.

-B

Re: Opteron 250 Overheating

2010-03-04 Thread Bryan Irvine 
On Thu, Mar 4, 2010 at 8:53 AM, daniel  wrote:
> On Mar 4, 2010, at 9:18 AM, J.C. Roberts wrote:
>
>> On Wed, 3 Mar 2010 17:57:22 -0800 "Christopher Ahrens"
>>  wrote:
>>
> Henning Brauer wrote:
>>
>> * Jeff Ross  [2010-03-02 16:59]:
>>>
>>> I bought a replacement supermicro motherboard off fleabay that
>>> has dual Opteron 250 @2.4GHz.  The cpus have passive heatsinks,
>>> it is in a supermicro 2U chassis with 4 front fans.
>>
>> do you have the air shroud? this plastic thing that forms a
>> "tunnel" over the heatsinks? it is required.
>>
>
> No, the motherboard didn't come with that.  If I can find one will
> that mean I don't need the active heatsinks?

 that's how supermicro delivers the 2U systems, so i'd say yes, you
 won't
>>>
>>> need them.
>>>
>>> I had this problem before, an old Cereal box + Scissors + tape fixed
>>> it right up.  But your mileage may vary
>>
>> I'm Jealous! --I've always wanted a cereal console.
>>
> I know it's only Thursday but...
>
> On a cereal console:
> - exit doesn't work; you must type cheerio
> - make release involves building Cap'n Crunchgen
> - the secret to attaining Cocoa Puffy privilege is using Special K
>  (NOTE: you must use the Corn Pops shell)
> - you can mount ISO images with Fruit Loops

What do you expect from an Alpha-bits release that barely Posts and
requires you to be constantly running the file system Chex after the
Kix start?

:-D

-B

Re: OBSD + PHP + Postgresql(chrooted)

2010-03-04 Thread Bryan Irvine 
On Tue, Mar 2, 2010 at 9:45 PM, Henry Gall  wrote:
> I am trying to replace mysql with postgresql on my openbsd + apache +php
> server.
>
> I need to install postgresql from source, as I need special options, and
the
> latest version.
>
> I am runnning openbsd 4.5, php 5.2.8 from packages,
> postgresql-8.4.2 from source. All dependencies from packages.
>
>
> Postgresql compiles and installs fine, works fine as a stand alone server.
>
> Since I have a running mysql server, I have the /var/www/run/ directories
> and subdirectories
>
> I edited postgresql.conf to have the socket in /var/www/tmp, which it does
>
> I did put the _postgresql user and processes in their own login class
> (usermod -L postgresql _postgresql)
>
>
> I tried to preload the libpd.so.5.2 library, it can't since by the
> time it gets to it,
> php5 is already loaded.
>
> I put the following in /etc/rc.conf.local
>
> if [ -x /usr/local/bin/pg_ctl ]; then
>echo -n ' postgresql'
>su -l _postgresql -c "nohup /usr/local/bin/pg_ctl start \
>-D /var/postgresql/data -l /var/postgresql/logfile \
>-o '-D /var/postgresql/data' >/dev/null"
> fi
> (that's where I need pg_ctl and data to be) but it won't load at boot
anyway.
> That's even secondary, I can start the pgsql server by hand after
> boot, and restart
> apache, the server is not intended to be rebooted often anyway.
>
> I can't get postgresql to work with php with the chrooted environment.
> I searched the
> archives and googled quite a bit, without success.

I always found it easier to set postgres to listen on localhost and
connect to it via port 5432.

-B

HPN SSH

2010-03-02 Thread Bryan Irvine 
Anyone taken a look at these patches?  I'm curious if there's security
implications to this.

http://www.psc.edu/networking/projects/hpn-ssh/


-Bryan

Re: Problems with Build World

2010-03-02 Thread Bryan Irvine 
On Tue, Mar 2, 2010 at 11:17 AM, Bryan  wrote:
> On 3/2/2010 12:32 PM, Marc Espie wrote:
>>
>> No, it's more complicated than that. It obviously installs mk stuff, then
>> include, then it builds libs and install them, then it builds everything
>> else and installs it.
>>
>> It's not a complicated bootstrap procedure like in freebsd land, it
>> assumes
>> you already have a mostly working system (for instance, it takes no
>> precautions
>> for compiler bootstrap).
>>
>> follow release(8), find out the step you missed (most likely make obj) and
>> proceed from there. You definitely want a clean build before you play
>>
>> (snide remark: you think you're smart, so you took shortcuts. Well, think
>> again. And anyone who can follow instructions can actually build OpenBSD
>> fairly easily. ;-) )
>>
>
> I missed building "make obj" on a few occasions.  It happens if you are
> typing in things too quickly, or it's late at night.  I got into the habit
> of using a script that I built from the faq to build each (kernel,
userland,
> X).
>
> The most recent thing I did was move /usr/obj, /usr/xobj/, /usr/build, and
> /tmp to a ramdisk to allow for faster building, and also began using the
> "-j" on make.  I forgot that I could do that. Makes things way faster.  But
> I only did the scripting and changes when I knew what I was doing, and I
had
> enough RAM.
>
> for example, here is my script to build my kernel:
>
> #!/bin/sh
>
> cd /usr/obj
> rm -rf *
> cd /usr/xobj
> rm -rf *
> cd /usr/build
> rm -rf *
> cp /usr/src/sys/arch/i386/conf/GENERIC.MP .
> config -s /usr/src/sys -b . GENERIC.MP
> make clean && make depend && make && make install

What if for some reason /usr/obj doesn't exist? what will it remove?  :-)


-B

Re: Sun Fire 880 phantom disks

2010-03-01 Thread Bryan Irvine 
On Mon, Mar 1, 2010 at 2:44 PM, bofh  wrote:
> On Mon, Mar 1, 2010 at 5:28 PM, David Gwynne  wrote:
>
>> your 880 has two internal fibre loops. you see teh disks once on the first
>> loop, and again on the second loop.
>>
>> i am slowly working on finishing mpath(4), which will let you see your
>> disks
>> once no matter how many paths you have to them. if someone could email me
>> some
>> spare time so i can finish working on it, that would be great.
>
>
> Please provide specs of this "spare time" you need.  Is it circular in
> shape, like one of those round tuits I used to have quite a collection of?
>
> It's not related to one of those "get a life" things at all, is it?

I think the spare time to which he refers comes in the form of
denominations. A stack of 20's 2" high might be enough time.

-B

Re: poor setwork performance on gigabit link

2010-02-26 Thread Bryan Irvine 

> net.inet.tcp.recvspace=16384
> net.inet.tcp.sendspace=16384


http://www.openbsd.org/faq/faq6.html

Section 6.6.4

-Bryan

Re: routing and pf at 10Gbps

2010-02-11 Thread Bryan Irvine 
> Performance, cheapness, quality. You should choose only two of these.
> Do not play with totally-software routers, buy Juniper.


http://praetorianprefect.com/archives/2010/01/juniper-kernel-crash-scapy-code/

Re: http://www.apache.org/dist/httpd/Announcement1.3.html

2010-02-04 Thread Bryan Irvine 
On Thu, Feb 4, 2010 at 2:15 PM, Marco Peereboom  wrote:
> I'll trust henning drunk over the apache foundation.
>
> On Thu, Feb 04, 2010 at 09:24:35PM +, Sevan / Venture37 wrote:
>> On 4 February 2010 11:11, Marco Peereboom  wrote:
>> > Besides it doesn't have all the Henning love either...
>>
>> blatant case of stockholm syndrome! ;)

I dunno, rumor has it he listens to humppa while drinking.

Re: Alternatives to Wireshark.

2010-01-27 Thread Bryan Irvine 
I like ettercap for that.

On Wed, Jan 27, 2010 at 12:23 PM, Christiano F. Haesbaert
 wrote:
> Hi there,
>
> I've always used wireshark for packet sniffing, it solved most of my needs.
>
> First of all, I'm not questioning the why of not having a port, I've
> read the previous posts (I really don't care why, don't start a
> discussion).
>
> My main need is debugging DNS packets (mDNS), and reading raw tcpdump
> output isn't very easy, I need to really debug the protocol, so
> something that could show me field names and values would be cool.
>
> Right now I'm using tcpdump and accounting stuff like: ok this is the
> id, so the next 2 bytes is the query type and so on... (this isn't
> working :-D).
>
> I understand I could make some script to interpret the values, but I'm
> sure you guys already though of something better.
>
> Thanks.

Re: Announcing: JigglyPuffBSD

2010-01-25 Thread Bryan Irvine 
On Tue, Jan 19, 2010 at 12:26 PM, Jason Dixon  wrote:
> I'm proud to announce the rebirth of JigglyPuffBSD.  Catering to the
> distinguished *BSD user, JigglyPuffBSD aims to meet the demanding
> requirements of today's enterprise architectures.  With support for a
> broad range of buzzwords, it excels in B.S. and P.O.S. applications.
>
> As a fork of OpenBSD, we're proud of our heritage.  We've taken great
> pains to craft our regex with performance and precision in mind.
> Copyrights have been rewritten and attributions vanquished.  This is not
> your grandfather's BSD.  We're American and damn proud of it.
>
> http://jigglypuffbsd.blogspot.com/
>


Someday JiiglyPuffBSD will make it on one of those "history of unix"
timelines that come out periodically.  I can just feel it.

-Bryan

Re: make OpenBSD beep at start

2010-01-24 Thread Bryan Irvine 
echo $'\a'


On Sat, Jan 23, 2010 at 4:32 PM, jean-francois  wrote:
> Hi list,
>
> Can someone give a hin on how to make the speaker to beep for example with
> a command or a C program ?
>
> I started to write a little C program thinking there was a beep() functione,
> but it seems not 
>
> Regards.

Re: Announcing: JigglyPuffBSD

2010-01-20 Thread Bryan Irvine 
On Wed, Jan 20, 2010 at 2:05 AM, Peter N. M. Hansteen 
wrote:
> "Bret S. Lambert"  writes:
>
>>> I don't like the color of your mascott, will refork into
>>> ReJigglyPuffBSD, with a red one.
>>
>> Dislike your choice of default mutt schemes; will rerefork
>> into HotDogStandBSD.
>
> TrollBSD.  Forked with a sed one-liner, released via another one that
> turns all available desktop themes into grey and moss green colors.


Wasn't there a fork just like a few years ago?  Except they left
Theo's name in the default email or something?

Re: Announcing: JigglyPuffBSD

2010-01-19 Thread Bryan Irvine 
On Tue, Jan 19, 2010 at 12:26 PM, Jason Dixon  wrote:
> I'm proud to announce the rebirth of JigglyPuffBSD.  Catering to the
> distinguished *BSD user, JigglyPuffBSD aims to meet the demanding
> requirements of today's enterprise architectures.  With support for a
> broad range of buzzwords, it excels in B.S. and P.O.S. applications.
>
> As a fork of OpenBSD, we're proud of our heritage.  We've taken great
> pains to craft our regex with performance and precision in mind.
> Copyrights have been rewritten and attributions vanquished.  This is not
> your grandfather's BSD.  We're American and damn proud of it.
>
> http://jigglypuffbsd.blogspot.com/

You never mentioned...You do *buy* the CD's to make your images right?

;)

Re: OpenBSD CPU Load Calculation of a Process

2010-01-14 Thread Bryan Irvine 

> $ for((i=0;i<4;i++)); do ./cpucalc 28175 ; done
> 6
> 6
> 6
> 6

My guess is that your system is evil and you should repent of something.

  1   2   3   4   >