OpenBSD 6.1/httpd SNI and acme-client

2017-04-13 Thread Leighton Sheppard 
Hi,

Sorry for spam, but I just wanted to share a pointer on how I have
setup httpd/SNI in OpenBSD 6.1 to work with HTTPS redirect and
acme-client. I used the following httpd.conf which works well:


Regards,
Leighton


# $OpenBSD: httpd.conf,v 1.14 2015/02/04 08:39:35 florian Exp $

server "example.com" {
listen on * port 80
listen on :: port 80
alias secure.example,com
alias www.example.com

log { access "example.com-access.log", error "example.com-error.log" }

location "/.well-known/acme-challenge/*" {
root "/htdocs/example.com/acme"
root strip 2
}
location "/*" {
block return 301 "https://$SERVER_NAME$REQUEST_URI;
}
}

server "example.com" {
listen on * tls port 443
listen on :: tls port 443
alias secure.example.com
alias www.example.com

log { access "example.com-sslaccess.log", error
"example.com-sslerror.log" }

tls certificate "/etc/ssl/example.com.fullchain.pem"
tls key "/etc/ssl/private/example.com.key.pem"

directory { index "index.php" }
location "*.php" { fastcgi socket "/run/php-fpm.sock" }

root "/htdocs/example.com/"
}

Re: OpenBSD 6.1 - bravo

2017-04-15 Thread Leighton Sheppard 
Also from me, great work!


With 6.1 I can now decommission some legacy VM's :)



From: owner-m...@openbsd.org  on behalf of Mikael

Sent: 13 April 2017 04:20
To: OpenBSD general usage list
Subject: Re: OpenBSD 6.1 - bravo

Also from me, big thanks!

2017-04-12 16:45 GMT+08:00 Clément.J :

> Thank you OpenBSD team for this new release 6.1
> OpenBSD makes me happy every day for so many usages
> so thank you so much everyone for your great work.


2017-04-12 16:45 GMT+08:00 Clément.J :

> Thank you OpenBSD team for this new release 6.1
> OpenBSD makes me happy every day for so many usages
> so thank you so much everyone for your great work.
>
> have a good day
> vive OpenBSD
>
>
> Le 12-04-2017 10:27, Stuart Henderson a écrit :
>
>> On 2017-04-12, Jordon  wrote:
>>
>>> rcctl enable dhcrelay
 rcctl set dhcrelay flags -i athn0 192.168.1.1 "assuming that is
 your routers

>>> address"
>>>
 rcctl start dhcrelay

 and possibly add -d (log to stderr) to see what its doing.


>>> Thank you!  That got it working!  So why is that necessary?  Doesnt
>>> the bridge
>>> just forward everything?  Or are DHCP requests broadcasts that dont
>>> get
>>> forwarded?
>>>
>>
>> It shouldn't be necessary, dhcrelay is normally used when you have a
>> subnet behind a router, and the DHCP server is a separate machine on
>> a
>> different subnet.
>>
>> Could it be a PF rule problem?
>>
>> Normally you would only have an IP address on one member of the
>> bridge,
>> just "up" on the others..

Re: Please: Is there ANY chance that Linux binaries might run again???

2017-03-07 Thread Leighton Sheppard 
Hi,

I use Word Online on my OBsd laptop, which does help. I appreciate that
requires an Office 365 subscription which may not make it a palatable
option.


Regards,
Leighton
-Original Message-
From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of
Andre Ruppert
Sent: 08 March 2017 05:39
To: misc@openbsd.org
Subject: Re: Please: Is there ANY chance that Linux binaries might run
again???

Softmaker doesn't support any of the BSDs - they've done it years ago
for FreeBSD but the customer's interest was too little.

Am 07.03.17 um 23:52 schrieb Damian McGuckin:
> On Tue, 7 Mar 2017, Stefan Wollny wrote:
>
>> Yes - I will (again) contact SoftMaker trying to persuade them to
>> provide an OpenBSD-version of their office suite. But they seem to have
>> none with some decent Unix/OpenBSD-knowledge, just Linux. Sigh...
>
> I would buy SoftMaker on OpenBSD.




Andre Ruppert

[demime 1.01d removed an attachment of type application/pkcs7-signature which
had a name of smime.p7s]

Re: Kernel relinking not working after upgrade to latest snaphot

2017-06-19 Thread Leighton Sheppard 
Thanks for the detailed update, very helpful.

Regards,
Leighton
On Fri, Jun 16, 2017 at 04:28:59PM +0200, Martijn Rijkeboer wrote:
> On 06/16/17 16:11, Theo de Raadt wrote:
> > This is intentional.  But the script /etc/rc may not be working
> > exactly as intended yet.  rpe, tb and I are still iterating this, and
> > also attempting to satisfy the unhibernate case which requires booting
> > the original kernel.
> > 
> > The intent of the hash is so that a developer can build their own kernel
> > from elsewhere.  Upon the next boot, it will notice that that the hash
> > is different.  This means the developer is testing their own kernel,
> > and does not want auto relinking to occur.
> > 
> > However if the hash matches then /bsd is under system management, and
> > can be relinked.
> > 
> > Finally, if there is no hash file, this was an install or an upgrade,
> > and it can go into this managed-mode where it auto relinks at boot.
> > 
> > You can also make it relink on future boots by deleting the hash file.
> > 
> > As you can tell we're trying to find a happy middle ground between
> > automatic safety, and developers being in control of their own
> > machines.
> > 
> > There is also a bootblock change coming, to assist unhibernate.
> 
> OK, good to know.
> 
> 
> >> After upgrading to the latest snapshot I noticed that the kernel is no
> >> longer relinked on boot. The cause seems to be that the SHA256 checksum
> >> doesn't match the kernel.
> >>
> >> # cat /usr/share/compile/GENERIC.MP/SHA256
> >> SHA256 (/bsd) =
> >> bfcce01e68e62cc5d9666096206492be3f5c310e9711f2a14ac9c75e279585a1
> >>
> >> # sha256 /bsd
> >> SHA256 (/bsd) =
> >> 10da3cee5c0bf44ce9182b2603be46b2adfc200222ca74d169691f79750bd05b
> >>
> >> # sysctl kern.version
> >> kern.version=OpenBSD 6.1-current (GENERIC.MP) #13: Thu Jun 15 19:34:58
> >> MDT 2017
> >> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> >>
> >>
> >> Is this on purpose or an error on my side?
> >>
> >> Kind regards,
> >>
> >>
> >> Martijn Rijkeboer
>

Re: spamd does not start

2017-06-19 Thread Leighton Sheppard 
Hi,

Have you tried starting spamd with -d flag, to see if there is any output?

Are any other messages in the other log files, daemon.log for example? I'm 
assuming that you maybe forgot to reload/restart sysyslogd after modifying the 
syslog.conf file.


Regards,
Leighton

On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote:
> Hello
> 
> I am running OpenBSD 6.1 in a VM and I have trouble getting spamd running.
> 
> Here is how I try to run spamd:
> 
> $ doas rcctl enable spamd
> $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/vicharana.net.key
> -C /etc/ssl/vicharana.net.crt
> $ doas rcctl start spamd
> spamd(ok)
> 
> But I dont think spamd is running because ps does not show it
> $ ps aux | grep spam
> hrishi   45984  0.0  0.0   680 4 p2  R+p   11:24AM0:00.00 grep spam
> (ks
> 
> 
> I earlier edited /etc/syslogd.conf, added the following lines
> 
> !spamd
> daemon.info /var/log/spamd
> 
> $ doas rcctl restart syslogd
> doas (hri...@obsd.vicharana.net) password:
> syslogd(ok)
> syslogd(ok)
> 
> The /var/log/spamd file does not exist.
> 
> What am I doing wrong? How can I get spamd running?
> 
> Thanks
> Hrishi

Re: spamd does not start

2017-06-19 Thread Leighton Sheppard 
On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote:
Thanks for confirming, pleased to hear it.
Back out to the sun and bbq for me...

> Worked after I regenerated the key and crt file
> 
> On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com> wrote:
> 
> > Thank you for the response. I restarted syslogd after using
> >
> > $ doas rcctl restart syslogd
> > syslogd(ok)
> > syslogd(ok)
> >
> > So it should  pick up the new config. Perhaps /var/log/spamd is not
> > created because nothing has been logged by spamd (since it is not running)
> >
> > When I run spamd with debug (thanks for suggesting) I get this error
> >
> > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K 
> > /etc/ssl/private/vicharana.net.key
> > -C /etc/ssl/vicharana.net.crt
> >
> > whitelisted 64.233.189.26
> > whitelisted 74.125.130.27
> > whitelisted 74.125.24.27
> > spamd: whitelisted 74.125.200.27
> > failed to configure TLS - failed to load private keywhitelisted
> > 74.125.68.27
> >
> > whitelisted 74.125.200.26
> >
> > Both files are readable by root as well as all members of wheel
> >
> > $ ls -l  /etc/ssl/private/vicharana.net.key
> > -rw-r-  1 root  wheel  3243 May 15 18:42 /etc/ssl/private/vicharana.
> > net.key
> >
> > $ ls -l /etc/ssl/vicharana.net.crt
> > -rw-r-  1 root  wheel  1679 May 15 18:43 /etc/ssl/vicharana.net.crt
> >
> > The files were generated using the command lines
> > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096
> > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out
> > /etc/ssl/vicharana.net.crt -days 730
> >
> > Is there an error in the way I generated the keys?
> >
> > Thanks
> > Hrishi
> >
> >
> >
> > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard <
> > leigh...@openbsd.leighling.co.uk> wrote:
> >
> >> Hi,
> >>
> >> Have you tried starting spamd with -d flag, to see if there is any output?
> >>
> >> Are any other messages in the other log files, daemon.log for example?
> >> I'm assuming that you maybe forgot to reload/restart sysyslogd after
> >> modifying the syslog.conf file.
> >>
> >>
> >> Regards,
> >> Leighton
> >>
> >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote:
> >> > Hello
> >> >
> >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd
> >> running.
> >> >
> >> > Here is how I try to run spamd:
> >> >
> >> > $ doas rcctl enable spamd
> >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/vicharana.net
> >> .key
> >> > -C /etc/ssl/vicharana.net.crt
> >> > $ doas rcctl start spamd
> >> > spamd(ok)
> >> >
> >> > But I dont think spamd is running because ps does not show it
> >> > $ ps aux | grep spam
> >> > hrishi   45984  0.0  0.0   680 4 p2  R+p   11:24AM0:00.00 grep
> >> spam
> >> > (ks
> >> >
> >> >
> >> > I earlier edited /etc/syslogd.conf, added the following lines
> >> >
> >> > !spamd
> >> > daemon.info /var/log/spamd
> >> >
> >> > $ doas rcctl restart syslogd
> >> > doas (hri...@obsd.vicharana.net) password:
> >> > syslogd(ok)
> >> > syslogd(ok)
> >> >
> >> > The /var/log/spamd file does not exist.
> >> >
> >> > What am I doing wrong? How can I get spamd running?
> >> >
> >> > Thanks
> >> > Hrishi
> >>
> >
> >

Re: spamd does not start

2017-06-19 Thread Leighton Sheppard 
Try creating the file first:

$ doas touch /var/log/spamd
$ doas chmod 640 /var/log/spamd


On Sun, Jun 18, 2017 at 05:13:02PM +0530, Hrishikesh Muruk wrote:
> almost everything works...logging to /var/log/spamd still not happening
> though I have restarted syslogd with
> 
> $ rcctl restart syslogd
> 
> 
> On Sun, Jun 18, 2017 at 4:52 PM, Leighton Sheppard <
> leigh...@openbsd.leighling.co.uk> wrote:
> 
> > On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote:
> > Thanks for confirming, pleased to hear it.
> > Back out to the sun and bbq for me...
> >
> > > Worked after I regenerated the key and crt file
> > >
> > > On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com>
> > wrote:
> > >
> > > > Thank you for the response. I restarted syslogd after using
> > > >
> > > > $ doas rcctl restart syslogd
> > > > syslogd(ok)
> > > > syslogd(ok)
> > > >
> > > > So it should  pick up the new config. Perhaps /var/log/spamd is not
> > > > created because nothing has been logged by spamd (since it is not
> > running)
> > > >
> > > > When I run spamd with debug (thanks for suggesting) I get this error
> > > >
> > > > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K
> > /etc/ssl/private/vicharana.net.key
> > > > -C /etc/ssl/vicharana.net.crt
> > > >
> > > > whitelisted 64.233.189.26
> > > > whitelisted 74.125.130.27
> > > > whitelisted 74.125.24.27
> > > > spamd: whitelisted 74.125.200.27
> > > > failed to configure TLS - failed to load private keywhitelisted
> > > > 74.125.68.27
> > > >
> > > > whitelisted 74.125.200.26
> > > >
> > > > Both files are readable by root as well as all members of wheel
> > > >
> > > > $ ls -l  /etc/ssl/private/vicharana.net.key
> > > > -rw-r-  1 root  wheel  3243 May 15 18:42
> > /etc/ssl/private/vicharana.
> > > > net.key
> > > >
> > > > $ ls -l /etc/ssl/vicharana.net.crt
> > > > -rw-r-  1 root  wheel  1679 May 15 18:43 /etc/ssl/vicharana.net.crt
> > > >
> > > > The files were generated using the command lines
> > > > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096
> > > > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out
> > > > /etc/ssl/vicharana.net.crt -days 730
> > > >
> > > > Is there an error in the way I generated the keys?
> > > >
> > > > Thanks
> > > > Hrishi
> > > >
> > > >
> > > >
> > > > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard <
> > > > leigh...@openbsd.leighling.co.uk> wrote:
> > > >
> > > >> Hi,
> > > >>
> > > >> Have you tried starting spamd with -d flag, to see if there is any
> > output?
> > > >>
> > > >> Are any other messages in the other log files, daemon.log for example?
> > > >> I'm assuming that you maybe forgot to reload/restart sysyslogd after
> > > >> modifying the syslog.conf file.
> > > >>
> > > >>
> > > >> Regards,
> > > >> Leighton
> > > >>
> > > >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote:
> > > >> > Hello
> > > >> >
> > > >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd
> > > >> running.
> > > >> >
> > > >> > Here is how I try to run spamd:
> > > >> >
> > > >> > $ doas rcctl enable spamd
> > > >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/
> > vicharana.net
> > > >> .key
> > > >> > -C /etc/ssl/vicharana.net.crt
> > > >> > $ doas rcctl start spamd
> > > >> > spamd(ok)
> > > >> >
> > > >> > But I dont think spamd is running because ps does not show it
> > > >> > $ ps aux | grep spam
> > > >> > hrishi   45984  0.0  0.0   680 4 p2  R+p   11:24AM0:00.00
> > grep
> > > >> spam
> > > >> > (ks
> > > >> >
> > > >> >
> > > >> > I earlier edited /etc/syslogd.conf, added the following lines
> > > >> >
> > > >> > !spamd
> > > >> > daemon.info /var/log/spamd
> > > >> >
> > > >> > $ doas rcctl restart syslogd
> > > >> > doas (hri...@obsd.vicharana.net) password:
> > > >> > syslogd(ok)
> > > >> > syslogd(ok)
> > > >> >
> > > >> > The /var/log/spamd file does not exist.
> > > >> >
> > > >> > What am I doing wrong? How can I get spamd running?
> > > >> >
> > > >> > Thanks
> > > >> > Hrishi
> > > >>
> > > >
> > > >
> >

Re: Can I use OpenBSD as a desktop system?

2017-06-17 Thread Leighton Sheppard 
Thanks for sharing, looks a great resource... I personally use OpenBSD on my 
lappy,as a desktop OS and it works very well indeed (Thinkpad x230, 4GB ram and 
128GB SSD).


On Sat, Jun 17, 2017 at 11:43:13AM +0200, Olivier Burelli wrote:
> On Tue, 13 Jun 2017 05:56:52 -0500 (CDT)
> Eric Johnson  wrote:
> 
> > 
> > On Sun, 11 Jun 2017, Rupert Gallagher wrote:
> > 
> > > I spent yesterday and today installing 6.1 from scratch on a Dell
> > > Optiplex gx620. The machine has a pentium 4 @3.0GHz with 4GB non ECC
> > > RAM, returning a passmark of 354*. The aim is to replace the
> > > accountant's windows 10 pro tomorrow morning, moving the disk into his
> > > more recent Dell. In summary, I have everything he needs, including a
> > > gui that looks like windows 7, except for the following, so far:
> > 
> > I don't know about the Optiplex gx620, but I have a refurbished Optiplex
> > 790 that I bought earlier this year.  It gave me all kinds of problems
> > with network issues and ssh.  For example, when I ran syspatch after the
> > first three patches were released, sshd would no longer run if I was using
> > IPv6.  Also, connections to other machines would fail suddenly, sometimes
> > within seconds.
> > 
> > I stuck in another disk and installed Fedora Workstation on it and had the
> > same issues so it wasn't because of OpenBSD.
> > 
> > I ended up upgrading the firmware and that seems to have fixed the issues.
> > That proved to be a bit of a problem because you have to be running
> > Windows to upgrade the firmware.  I have some old versions of Windows
> > around, but they all require IDE drives.  I finally got Windows running
> > (it sure ran slow compared to OpenBSD) and installed the firmware.
> > 
> > I bought this computer to become my primary workstation replacing a Lenovo
> > desktop running SuSE Linux.  I have a couple of packages that need Linux
> > so I'll keep the older workstation, but on another table, and use ssh from
> > this computer as necessary.
> > 
> > For what it's worth, my top preference for a window manager is
> > WindowMaker.  That's all I've used for years on both OpenBSD and Linux.
> > 
> > Eric
> 
> 
> No one talked about this personnal project ?
> 
> http://daemonforums.org/showthread.php?t=10229
> 
> It's running fine on all minimalist configuration...
> 
> 
> -- 
> Olivier  Burelli 
>

Re: spamd does not start

2017-06-18 Thread Leighton Sheppard 
On Sun, Jun 18, 2017 at 05:35:13PM +, Stuart Henderson wrote:
> On 2017-06-18, Leighton Sheppard <leigh...@openbsd.leighling.co.uk> wrote:
> > I've just changed my mail relay from Exchange Online to Gmail, seems it was 
> > getting blocked.
> 
> Quite likely - Microsoft's outbound mail relays don't play well with spamd.
> 
> 
Yeah, not surprised, given the state of their SPF records! They have literally 
hundreds of IP ranges!

Oh well, glad your issue is resolved anyway. :)

Re: spamd does not start

2017-06-18 Thread Leighton Sheppard 
I've just changed my mail relay from Exchange Online to Gmail, seems it was 
getting blocked.
Hopefully this works.

On Sun, Jun 18, 2017 at 12:49:43PM +0100, Leighton Sheppard wrote:
> Try creating the file first:
> 
> $ doas touch /var/log/spamd
> $ doas chmod 640 /var/log/spamd
> 
> 
> On Sun, Jun 18, 2017 at 05:13:02PM +0530, Hrishikesh Muruk wrote:
> > almost everything works...logging to /var/log/spamd still not happening
> > though I have restarted syslogd with
> > 
> > $ rcctl restart syslogd
> > 
> > 
> > On Sun, Jun 18, 2017 at 4:52 PM, Leighton Sheppard <
> > leigh...@openbsd.leighling.co.uk> wrote:
> > 
> > > On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote:
> > > Thanks for confirming, pleased to hear it.
> > > Back out to the sun and bbq for me...
> > >
> > > > Worked after I regenerated the key and crt file
> > > >
> > > > On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com>
> > > wrote:
> > > >
> > > > > Thank you for the response. I restarted syslogd after using
> > > > >
> > > > > $ doas rcctl restart syslogd
> > > > > syslogd(ok)
> > > > > syslogd(ok)
> > > > >
> > > > > So it should  pick up the new config. Perhaps /var/log/spamd is not
> > > > > created because nothing has been logged by spamd (since it is not
> > > running)
> > > > >
> > > > > When I run spamd with debug (thanks for suggesting) I get this error
> > > > >
> > > > > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K
> > > /etc/ssl/private/vicharana.net.key
> > > > > -C /etc/ssl/vicharana.net.crt
> > > > >
> > > > > whitelisted 64.233.189.26
> > > > > whitelisted 74.125.130.27
> > > > > whitelisted 74.125.24.27
> > > > > spamd: whitelisted 74.125.200.27
> > > > > failed to configure TLS - failed to load private keywhitelisted
> > > > > 74.125.68.27
> > > > >
> > > > > whitelisted 74.125.200.26
> > > > >
> > > > > Both files are readable by root as well as all members of wheel
> > > > >
> > > > > $ ls -l  /etc/ssl/private/vicharana.net.key
> > > > > -rw-r-  1 root  wheel  3243 May 15 18:42
> > > /etc/ssl/private/vicharana.
> > > > > net.key
> > > > >
> > > > > $ ls -l /etc/ssl/vicharana.net.crt
> > > > > -rw-r-  1 root  wheel  1679 May 15 18:43 
> > > > > /etc/ssl/vicharana.net.crt
> > > > >
> > > > > The files were generated using the command lines
> > > > > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096
> > > > > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out
> > > > > /etc/ssl/vicharana.net.crt -days 730
> > > > >
> > > > > Is there an error in the way I generated the keys?
> > > > >
> > > > > Thanks
> > > > > Hrishi
> > > > >
> > > > >
> > > > >
> > > > > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard <
> > > > > leigh...@openbsd.leighling.co.uk> wrote:
> > > > >
> > > > >> Hi,
> > > > >>
> > > > >> Have you tried starting spamd with -d flag, to see if there is any
> > > output?
> > > > >>
> > > > >> Are any other messages in the other log files, daemon.log for 
> > > > >> example?
> > > > >> I'm assuming that you maybe forgot to reload/restart sysyslogd after
> > > > >> modifying the syslog.conf file.
> > > > >>
> > > > >>
> > > > >> Regards,
> > > > >> Leighton
> > > > >>
> > > > >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote:
> > > > >> > Hello
> > > > >> >
> > > > >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd
> > > > >> running.
> > > > >> >
> > > > >> > Here is how I try to run spamd:
> > > > >> >
> > > > >> > $ doas rcctl enable spamd
> > > > >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/
> > > vicharana.net
> > > > >> .key
> > > > >> > -C /etc/ssl/vicharana.net.crt
> > > > >> > $ doas rcctl start spamd
> > > > >> > spamd(ok)
> > > > >> >
> > > > >> > But I dont think spamd is running because ps does not show it
> > > > >> > $ ps aux | grep spam
> > > > >> > hrishi   45984  0.0  0.0   680 4 p2  R+p   11:24AM0:00.00
> > > grep
> > > > >> spam
> > > > >> > (ks
> > > > >> >
> > > > >> >
> > > > >> > I earlier edited /etc/syslogd.conf, added the following lines
> > > > >> >
> > > > >> > !spamd
> > > > >> > daemon.info /var/log/spamd
> > > > >> >
> > > > >> > $ doas rcctl restart syslogd
> > > > >> > doas (hri...@obsd.vicharana.net) password:
> > > > >> > syslogd(ok)
> > > > >> > syslogd(ok)
> > > > >> >
> > > > >> > The /var/log/spamd file does not exist.
> > > > >> >
> > > > >> > What am I doing wrong? How can I get spamd running?
> > > > >> >
> > > > >> > Thanks
> > > > >> > Hrishi
> > > > >>
> > > > >
> > > > >
> > >

Re: smtpd.conf new grammar

2018-05-26 Thread Leighton Sheppard 
On Thu, May 24, 2018 at 02:18:56PM +0200, Gilles Chehade wrote:
> Hi,
> 
> I have just committed a major change in smtpd that'll require smtpd.conf
> to be rewritten before your update to the new code.
> 
> The new grammar is not TOO different from the former one, a lot of stuff
> remains exactly identical, but the ruleset is now split into two parts:
> 
> - a named action
> - a matching pattern which is associated to a named action
> 
> In effect, instead of having:
> 
> accept from any for local deliver to mbox
> 
> 
> You will have:
> 
> action "my_action" mbox
> 
> match from any for local action "my_action"
> 
> 
> There are a few keywords that have been shortened too but all in all the
> switch to new grammar is easy, the smtpd.conf man page has been updated,
> and it continues being improved thanks to ingo and jmc.
> 
> The man page by itself should be enough to do the switch.
> 
> Since this is quite a major change, I also wrote a post that describes a
> conversion of my own complex smtpd.conf to new grammar:
> 
> https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/
> 
> 
> I have also compiled a list of directives recognized by the parser which
> I intend to use for regress tests:
> 
> https://poolp.org/~gilles/smtpd.conf
> 
> 
> As for the reasons behind the change they are numerous, I explained some
> at EuroBSDCon 2017, I explained some on my blog, the bottom line is that
> while one-line rules were apparently an awesome idea, they were actually
> a design error that had consequences on pretty much the entire daemon.
> 
> We didn't realize it until a few months ago, we tried hard to maintain a
> one-line rule grammar but it became more and more obvious that this just
> isn't doable without creating issues and unnecessary complexity.
> 
> The new grammar is cleaner, it helped remove ~700 lines of complex code,
> made the handling of .forward files as well much safer, removed a lot of
> very unpleasant side-effects most people didn't even realize existed ...
> until they hit that one case for which we had no way to work around.
> 
> 
> Anyways,
> looking forward for you to test and report how it works for you :-)
> 
> 
> -- 
> Gilles Chehade
> 
> https://www.poolp.org  @poolpOrg
> 

Hi,

I upgraded my laptop and VM both to the latest snapshot this morning, and 
migrated the configuration for smtpd.conf to the new grammar. No issues 
to report and I like the new format!

Regards,
Leighton

Re: Using OpenBSD on a thinkpad?

2018-02-24 Thread Leighton Sheppard 
On Fri, Feb 23, 2018 at 11:59:54PM +, frohw...@ymail.com wrote:
> Hi,
> 
> I use an x230, too, but I have some problems with the enterprise WPA. It 
> disconnects at irregular intervals and then at the moment I need to manually 
> reconnect with 'ifconfig iwn0 down up' -> wpa_cli reconn -> wpa_cli reassoc 
> -> dhclient iwn0.
> 
> Would be interested if your wpa_supplicant is differently configured from 
> mine if you don't have such problems... If it's roughly the same, then it 
> must be specific to the wifi configuration at my workplace.
> 
> Thanks
> 
> PS: Didn't cc the list because it's somewhat off topic. If I can identify a 
> fix, I would probably cc the list again.
> 
Hi,

For this lappy I use WPA2-Enterprise in Protected-Peap mode, using a Radius 
server for authentication. I've written up the notes a while ago:  
https://www.computersystems.guru/?p=1356

Might not be relevant, however, please check to see your firmware is updated. 
As I run -current on this laptop, this maybe more up to date than yours.


Regards,
Leighton

Re: Using OpenBSD on a thinkpad?

2018-02-23 Thread Leighton Sheppard 
On Wed, Feb 21, 2018 at 12:55:39PM +0100, C. wrote:
> -> 2018-02-19 Mon 10:00, crimeangot...@nigge.rs, :
> > 
> > Hey everyone, I am pretty stupid when it comes to less user friendly
> > operating systems. I currently use slackware/windows and am thinking
> > of using OpenBSD on either my thinkpad e420 or my libreboot t400. Are
> > either supported(or at least possible to install on?) I???m sorry if
> > this question has already been asked but I can???t really find any
> > answers and the mailing list archive is barren as well.  Thanks!
> 
> OpenBSD 6.2 runs smoothly on my Thinkpad X260 and on the Thinkpad T470
> as well. 
> 
> The only thing I tested without any success was the DisplayPort on the
> docking station. I had not had the time to investigate further. (It
> works neither on my X260 nor on my T470.) The Mini-DP on the X260 worked
> fine, better even than on Linux. I have not yet tested the DP in the
> USB-C-Everything-Port on the T470.
> 
> Kind regards
> Christian
> -- 
> [ Insert favourite quote here. ]

I use an x230 daily with OpenBSD, no issues at all. Got WPA2-Enterprise working 
well with it also, just some minor wpa_supplicant setup needed.