OpenBSD 6.1/httpd SNI and acme-client
Hi, Sorry for spam, but I just wanted to share a pointer on how I have setup httpd/SNI in OpenBSD 6.1 to work with HTTPS redirect and acme-client. I used the following httpd.conf which works well: Regards, Leighton # $OpenBSD: httpd.conf,v 1.14 2015/02/04 08:39:35 florian Exp $ server "example.com" { listen on * port 80 listen on :: port 80 alias secure.example,com alias www.example.com log { access "example.com-access.log", error "example.com-error.log" } location "/.well-known/acme-challenge/*" { root "/htdocs/example.com/acme" root strip 2 } location "/*" { block return 301 "https://$SERVER_NAME$REQUEST_URI; } } server "example.com" { listen on * tls port 443 listen on :: tls port 443 alias secure.example.com alias www.example.com log { access "example.com-sslaccess.log", error "example.com-sslerror.log" } tls certificate "/etc/ssl/example.com.fullchain.pem" tls key "/etc/ssl/private/example.com.key.pem" directory { index "index.php" } location "*.php" { fastcgi socket "/run/php-fpm.sock" } root "/htdocs/example.com/" }
Re: OpenBSD 6.1 - bravo
Also from me, great work! With 6.1 I can now decommission some legacy VM's :) From: owner-m...@openbsd.orgon behalf of Mikael Sent: 13 April 2017 04:20 To: OpenBSD general usage list Subject: Re: OpenBSD 6.1 - bravo Also from me, big thanks! 2017-04-12 16:45 GMT+08:00 Clément.J : > Thank you OpenBSD team for this new release 6.1 > OpenBSD makes me happy every day for so many usages > so thank you so much everyone for your great work. 2017-04-12 16:45 GMT+08:00 Clément.J : > Thank you OpenBSD team for this new release 6.1 > OpenBSD makes me happy every day for so many usages > so thank you so much everyone for your great work. > > have a good day > vive OpenBSD > > > Le 12-04-2017 10:27, Stuart Henderson a écrit : > >> On 2017-04-12, Jordon wrote: >> >>> rcctl enable dhcrelay rcctl set dhcrelay flags -i athn0 192.168.1.1 "assuming that is your routers >>> address" >>> rcctl start dhcrelay and possibly add -d (log to stderr) to see what its doing. >>> Thank you! That got it working! So why is that necessary? Doesnt >>> the bridge >>> just forward everything? Or are DHCP requests broadcasts that dont >>> get >>> forwarded? >>> >> >> It shouldn't be necessary, dhcrelay is normally used when you have a >> subnet behind a router, and the DHCP server is a separate machine on >> a >> different subnet. >> >> Could it be a PF rule problem? >> >> Normally you would only have an IP address on one member of the >> bridge, >> just "up" on the others..
Re: Please: Is there ANY chance that Linux binaries might run again???
Hi, I use Word Online on my OBsd laptop, which does help. I appreciate that requires an Office 365 subscription which may not make it a palatable option. Regards, Leighton -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Andre Ruppert Sent: 08 March 2017 05:39 To: misc@openbsd.org Subject: Re: Please: Is there ANY chance that Linux binaries might run again??? Softmaker doesn't support any of the BSDs - they've done it years ago for FreeBSD but the customer's interest was too little. Am 07.03.17 um 23:52 schrieb Damian McGuckin: > On Tue, 7 Mar 2017, Stefan Wollny wrote: > >> Yes - I will (again) contact SoftMaker trying to persuade them to >> provide an OpenBSD-version of their office suite. But they seem to have >> none with some decent Unix/OpenBSD-knowledge, just Linux. Sigh... > > I would buy SoftMaker on OpenBSD. Andre Ruppert [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: Kernel relinking not working after upgrade to latest snaphot
Thanks for the detailed update, very helpful. Regards, Leighton On Fri, Jun 16, 2017 at 04:28:59PM +0200, Martijn Rijkeboer wrote: > On 06/16/17 16:11, Theo de Raadt wrote: > > This is intentional. But the script /etc/rc may not be working > > exactly as intended yet. rpe, tb and I are still iterating this, and > > also attempting to satisfy the unhibernate case which requires booting > > the original kernel. > > > > The intent of the hash is so that a developer can build their own kernel > > from elsewhere. Upon the next boot, it will notice that that the hash > > is different. This means the developer is testing their own kernel, > > and does not want auto relinking to occur. > > > > However if the hash matches then /bsd is under system management, and > > can be relinked. > > > > Finally, if there is no hash file, this was an install or an upgrade, > > and it can go into this managed-mode where it auto relinks at boot. > > > > You can also make it relink on future boots by deleting the hash file. > > > > As you can tell we're trying to find a happy middle ground between > > automatic safety, and developers being in control of their own > > machines. > > > > There is also a bootblock change coming, to assist unhibernate. > > OK, good to know. > > > >> After upgrading to the latest snapshot I noticed that the kernel is no > >> longer relinked on boot. The cause seems to be that the SHA256 checksum > >> doesn't match the kernel. > >> > >> # cat /usr/share/compile/GENERIC.MP/SHA256 > >> SHA256 (/bsd) = > >> bfcce01e68e62cc5d9666096206492be3f5c310e9711f2a14ac9c75e279585a1 > >> > >> # sha256 /bsd > >> SHA256 (/bsd) = > >> 10da3cee5c0bf44ce9182b2603be46b2adfc200222ca74d169691f79750bd05b > >> > >> # sysctl kern.version > >> kern.version=OpenBSD 6.1-current (GENERIC.MP) #13: Thu Jun 15 19:34:58 > >> MDT 2017 > >> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > >> > >> > >> Is this on purpose or an error on my side? > >> > >> Kind regards, > >> > >> > >> Martijn Rijkeboer >
Re: spamd does not start
Hi, Have you tried starting spamd with -d flag, to see if there is any output? Are any other messages in the other log files, daemon.log for example? I'm assuming that you maybe forgot to reload/restart sysyslogd after modifying the syslog.conf file. Regards, Leighton On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote: > Hello > > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd running. > > Here is how I try to run spamd: > > $ doas rcctl enable spamd > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/vicharana.net.key > -C /etc/ssl/vicharana.net.crt > $ doas rcctl start spamd > spamd(ok) > > But I dont think spamd is running because ps does not show it > $ ps aux | grep spam > hrishi 45984 0.0 0.0 680 4 p2 R+p 11:24AM0:00.00 grep spam > (ks > > > I earlier edited /etc/syslogd.conf, added the following lines > > !spamd > daemon.info /var/log/spamd > > $ doas rcctl restart syslogd > doas (hri...@obsd.vicharana.net) password: > syslogd(ok) > syslogd(ok) > > The /var/log/spamd file does not exist. > > What am I doing wrong? How can I get spamd running? > > Thanks > Hrishi
Re: spamd does not start
On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote: Thanks for confirming, pleased to hear it. Back out to the sun and bbq for me... > Worked after I regenerated the key and crt file > > On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com> wrote: > > > Thank you for the response. I restarted syslogd after using > > > > $ doas rcctl restart syslogd > > syslogd(ok) > > syslogd(ok) > > > > So it should pick up the new config. Perhaps /var/log/spamd is not > > created because nothing has been logged by spamd (since it is not running) > > > > When I run spamd with debug (thanks for suggesting) I get this error > > > > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K > > /etc/ssl/private/vicharana.net.key > > -C /etc/ssl/vicharana.net.crt > > > > whitelisted 64.233.189.26 > > whitelisted 74.125.130.27 > > whitelisted 74.125.24.27 > > spamd: whitelisted 74.125.200.27 > > failed to configure TLS - failed to load private keywhitelisted > > 74.125.68.27 > > > > whitelisted 74.125.200.26 > > > > Both files are readable by root as well as all members of wheel > > > > $ ls -l /etc/ssl/private/vicharana.net.key > > -rw-r- 1 root wheel 3243 May 15 18:42 /etc/ssl/private/vicharana. > > net.key > > > > $ ls -l /etc/ssl/vicharana.net.crt > > -rw-r- 1 root wheel 1679 May 15 18:43 /etc/ssl/vicharana.net.crt > > > > The files were generated using the command lines > > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096 > > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out > > /etc/ssl/vicharana.net.crt -days 730 > > > > Is there an error in the way I generated the keys? > > > > Thanks > > Hrishi > > > > > > > > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard < > > leigh...@openbsd.leighling.co.uk> wrote: > > > >> Hi, > >> > >> Have you tried starting spamd with -d flag, to see if there is any output? > >> > >> Are any other messages in the other log files, daemon.log for example? > >> I'm assuming that you maybe forgot to reload/restart sysyslogd after > >> modifying the syslog.conf file. > >> > >> > >> Regards, > >> Leighton > >> > >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote: > >> > Hello > >> > > >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd > >> running. > >> > > >> > Here is how I try to run spamd: > >> > > >> > $ doas rcctl enable spamd > >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/vicharana.net > >> .key > >> > -C /etc/ssl/vicharana.net.crt > >> > $ doas rcctl start spamd > >> > spamd(ok) > >> > > >> > But I dont think spamd is running because ps does not show it > >> > $ ps aux | grep spam > >> > hrishi 45984 0.0 0.0 680 4 p2 R+p 11:24AM0:00.00 grep > >> spam > >> > (ks > >> > > >> > > >> > I earlier edited /etc/syslogd.conf, added the following lines > >> > > >> > !spamd > >> > daemon.info /var/log/spamd > >> > > >> > $ doas rcctl restart syslogd > >> > doas (hri...@obsd.vicharana.net) password: > >> > syslogd(ok) > >> > syslogd(ok) > >> > > >> > The /var/log/spamd file does not exist. > >> > > >> > What am I doing wrong? How can I get spamd running? > >> > > >> > Thanks > >> > Hrishi > >> > > > >
Re: spamd does not start
Try creating the file first: $ doas touch /var/log/spamd $ doas chmod 640 /var/log/spamd On Sun, Jun 18, 2017 at 05:13:02PM +0530, Hrishikesh Muruk wrote: > almost everything works...logging to /var/log/spamd still not happening > though I have restarted syslogd with > > $ rcctl restart syslogd > > > On Sun, Jun 18, 2017 at 4:52 PM, Leighton Sheppard < > leigh...@openbsd.leighling.co.uk> wrote: > > > On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote: > > Thanks for confirming, pleased to hear it. > > Back out to the sun and bbq for me... > > > > > Worked after I regenerated the key and crt file > > > > > > On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com> > > wrote: > > > > > > > Thank you for the response. I restarted syslogd after using > > > > > > > > $ doas rcctl restart syslogd > > > > syslogd(ok) > > > > syslogd(ok) > > > > > > > > So it should pick up the new config. Perhaps /var/log/spamd is not > > > > created because nothing has been logged by spamd (since it is not > > running) > > > > > > > > When I run spamd with debug (thanks for suggesting) I get this error > > > > > > > > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K > > /etc/ssl/private/vicharana.net.key > > > > -C /etc/ssl/vicharana.net.crt > > > > > > > > whitelisted 64.233.189.26 > > > > whitelisted 74.125.130.27 > > > > whitelisted 74.125.24.27 > > > > spamd: whitelisted 74.125.200.27 > > > > failed to configure TLS - failed to load private keywhitelisted > > > > 74.125.68.27 > > > > > > > > whitelisted 74.125.200.26 > > > > > > > > Both files are readable by root as well as all members of wheel > > > > > > > > $ ls -l /etc/ssl/private/vicharana.net.key > > > > -rw-r- 1 root wheel 3243 May 15 18:42 > > /etc/ssl/private/vicharana. > > > > net.key > > > > > > > > $ ls -l /etc/ssl/vicharana.net.crt > > > > -rw-r- 1 root wheel 1679 May 15 18:43 /etc/ssl/vicharana.net.crt > > > > > > > > The files were generated using the command lines > > > > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096 > > > > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out > > > > /etc/ssl/vicharana.net.crt -days 730 > > > > > > > > Is there an error in the way I generated the keys? > > > > > > > > Thanks > > > > Hrishi > > > > > > > > > > > > > > > > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard < > > > > leigh...@openbsd.leighling.co.uk> wrote: > > > > > > > >> Hi, > > > >> > > > >> Have you tried starting spamd with -d flag, to see if there is any > > output? > > > >> > > > >> Are any other messages in the other log files, daemon.log for example? > > > >> I'm assuming that you maybe forgot to reload/restart sysyslogd after > > > >> modifying the syslog.conf file. > > > >> > > > >> > > > >> Regards, > > > >> Leighton > > > >> > > > >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote: > > > >> > Hello > > > >> > > > > >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd > > > >> running. > > > >> > > > > >> > Here is how I try to run spamd: > > > >> > > > > >> > $ doas rcctl enable spamd > > > >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/ > > vicharana.net > > > >> .key > > > >> > -C /etc/ssl/vicharana.net.crt > > > >> > $ doas rcctl start spamd > > > >> > spamd(ok) > > > >> > > > > >> > But I dont think spamd is running because ps does not show it > > > >> > $ ps aux | grep spam > > > >> > hrishi 45984 0.0 0.0 680 4 p2 R+p 11:24AM0:00.00 > > grep > > > >> spam > > > >> > (ks > > > >> > > > > >> > > > > >> > I earlier edited /etc/syslogd.conf, added the following lines > > > >> > > > > >> > !spamd > > > >> > daemon.info /var/log/spamd > > > >> > > > > >> > $ doas rcctl restart syslogd > > > >> > doas (hri...@obsd.vicharana.net) password: > > > >> > syslogd(ok) > > > >> > syslogd(ok) > > > >> > > > > >> > The /var/log/spamd file does not exist. > > > >> > > > > >> > What am I doing wrong? How can I get spamd running? > > > >> > > > > >> > Thanks > > > >> > Hrishi > > > >> > > > > > > > > > >
Re: Can I use OpenBSD as a desktop system?
Thanks for sharing, looks a great resource... I personally use OpenBSD on my lappy,as a desktop OS and it works very well indeed (Thinkpad x230, 4GB ram and 128GB SSD). On Sat, Jun 17, 2017 at 11:43:13AM +0200, Olivier Burelli wrote: > On Tue, 13 Jun 2017 05:56:52 -0500 (CDT) > Eric Johnsonwrote: > > > > > On Sun, 11 Jun 2017, Rupert Gallagher wrote: > > > > > I spent yesterday and today installing 6.1 from scratch on a Dell > > > Optiplex gx620. The machine has a pentium 4 @3.0GHz with 4GB non ECC > > > RAM, returning a passmark of 354*. The aim is to replace the > > > accountant's windows 10 pro tomorrow morning, moving the disk into his > > > more recent Dell. In summary, I have everything he needs, including a > > > gui that looks like windows 7, except for the following, so far: > > > > I don't know about the Optiplex gx620, but I have a refurbished Optiplex > > 790 that I bought earlier this year. It gave me all kinds of problems > > with network issues and ssh. For example, when I ran syspatch after the > > first three patches were released, sshd would no longer run if I was using > > IPv6. Also, connections to other machines would fail suddenly, sometimes > > within seconds. > > > > I stuck in another disk and installed Fedora Workstation on it and had the > > same issues so it wasn't because of OpenBSD. > > > > I ended up upgrading the firmware and that seems to have fixed the issues. > > That proved to be a bit of a problem because you have to be running > > Windows to upgrade the firmware. I have some old versions of Windows > > around, but they all require IDE drives. I finally got Windows running > > (it sure ran slow compared to OpenBSD) and installed the firmware. > > > > I bought this computer to become my primary workstation replacing a Lenovo > > desktop running SuSE Linux. I have a couple of packages that need Linux > > so I'll keep the older workstation, but on another table, and use ssh from > > this computer as necessary. > > > > For what it's worth, my top preference for a window manager is > > WindowMaker. That's all I've used for years on both OpenBSD and Linux. > > > > Eric > > > No one talked about this personnal project ? > > http://daemonforums.org/showthread.php?t=10229 > > It's running fine on all minimalist configuration... > > > -- > Olivier Burelli >
Re: spamd does not start
On Sun, Jun 18, 2017 at 05:35:13PM +, Stuart Henderson wrote: > On 2017-06-18, Leighton Sheppard <leigh...@openbsd.leighling.co.uk> wrote: > > I've just changed my mail relay from Exchange Online to Gmail, seems it was > > getting blocked. > > Quite likely - Microsoft's outbound mail relays don't play well with spamd. > > Yeah, not surprised, given the state of their SPF records! They have literally hundreds of IP ranges! Oh well, glad your issue is resolved anyway. :)
Re: spamd does not start
I've just changed my mail relay from Exchange Online to Gmail, seems it was getting blocked. Hopefully this works. On Sun, Jun 18, 2017 at 12:49:43PM +0100, Leighton Sheppard wrote: > Try creating the file first: > > $ doas touch /var/log/spamd > $ doas chmod 640 /var/log/spamd > > > On Sun, Jun 18, 2017 at 05:13:02PM +0530, Hrishikesh Muruk wrote: > > almost everything works...logging to /var/log/spamd still not happening > > though I have restarted syslogd with > > > > $ rcctl restart syslogd > > > > > > On Sun, Jun 18, 2017 at 4:52 PM, Leighton Sheppard < > > leigh...@openbsd.leighling.co.uk> wrote: > > > > > On Sun, Jun 18, 2017 at 04:36:06PM +0530, Hrishikesh Muruk wrote: > > > Thanks for confirming, pleased to hear it. > > > Back out to the sun and bbq for me... > > > > > > > Worked after I regenerated the key and crt file > > > > > > > > On Sun, Jun 18, 2017 at 3:16 PM, Hrishikesh Muruk <hris...@gmail.com> > > > wrote: > > > > > > > > > Thank you for the response. I restarted syslogd after using > > > > > > > > > > $ doas rcctl restart syslogd > > > > > syslogd(ok) > > > > > syslogd(ok) > > > > > > > > > > So it should pick up the new config. Perhaps /var/log/spamd is not > > > > > created because nothing has been logged by spamd (since it is not > > > running) > > > > > > > > > > When I run spamd with debug (thanks for suggesting) I get this error > > > > > > > > > > $ doas /usr/libexec/spamd -d -v -G 2:4:864 -K > > > /etc/ssl/private/vicharana.net.key > > > > > -C /etc/ssl/vicharana.net.crt > > > > > > > > > > whitelisted 64.233.189.26 > > > > > whitelisted 74.125.130.27 > > > > > whitelisted 74.125.24.27 > > > > > spamd: whitelisted 74.125.200.27 > > > > > failed to configure TLS - failed to load private keywhitelisted > > > > > 74.125.68.27 > > > > > > > > > > whitelisted 74.125.200.26 > > > > > > > > > > Both files are readable by root as well as all members of wheel > > > > > > > > > > $ ls -l /etc/ssl/private/vicharana.net.key > > > > > -rw-r- 1 root wheel 3243 May 15 18:42 > > > /etc/ssl/private/vicharana. > > > > > net.key > > > > > > > > > > $ ls -l /etc/ssl/vicharana.net.crt > > > > > -rw-r- 1 root wheel 1679 May 15 18:43 > > > > > /etc/ssl/vicharana.net.crt > > > > > > > > > > The files were generated using the command lines > > > > > $ openssl genrsa -out /etc/ssl/private/vicharana.net.key 4096 > > > > > $ openssl req -new -x509 -key /etc/ssl/private/vicharana.net.key -out > > > > > /etc/ssl/vicharana.net.crt -days 730 > > > > > > > > > > Is there an error in the way I generated the keys? > > > > > > > > > > Thanks > > > > > Hrishi > > > > > > > > > > > > > > > > > > > > On Sun, Jun 18, 2017 at 12:02 PM, Leighton Sheppard < > > > > > leigh...@openbsd.leighling.co.uk> wrote: > > > > > > > > > >> Hi, > > > > >> > > > > >> Have you tried starting spamd with -d flag, to see if there is any > > > output? > > > > >> > > > > >> Are any other messages in the other log files, daemon.log for > > > > >> example? > > > > >> I'm assuming that you maybe forgot to reload/restart sysyslogd after > > > > >> modifying the syslog.conf file. > > > > >> > > > > >> > > > > >> Regards, > > > > >> Leighton > > > > >> > > > > >> On Sun, Jun 18, 2017 at 11:28:01AM +0530, Hrishikesh Muruk wrote: > > > > >> > Hello > > > > >> > > > > > >> > I am running OpenBSD 6.1 in a VM and I have trouble getting spamd > > > > >> running. > > > > >> > > > > > >> > Here is how I try to run spamd: > > > > >> > > > > > >> > $ doas rcctl enable spamd > > > > >> > $ rcctl set spamd flags -v -G 2:4:864 -K /etc/ssl/private/ > > > vicharana.net > > > > >> .key > > > > >> > -C /etc/ssl/vicharana.net.crt > > > > >> > $ doas rcctl start spamd > > > > >> > spamd(ok) > > > > >> > > > > > >> > But I dont think spamd is running because ps does not show it > > > > >> > $ ps aux | grep spam > > > > >> > hrishi 45984 0.0 0.0 680 4 p2 R+p 11:24AM0:00.00 > > > grep > > > > >> spam > > > > >> > (ks > > > > >> > > > > > >> > > > > > >> > I earlier edited /etc/syslogd.conf, added the following lines > > > > >> > > > > > >> > !spamd > > > > >> > daemon.info /var/log/spamd > > > > >> > > > > > >> > $ doas rcctl restart syslogd > > > > >> > doas (hri...@obsd.vicharana.net) password: > > > > >> > syslogd(ok) > > > > >> > syslogd(ok) > > > > >> > > > > > >> > The /var/log/spamd file does not exist. > > > > >> > > > > > >> > What am I doing wrong? How can I get spamd running? > > > > >> > > > > > >> > Thanks > > > > >> > Hrishi > > > > >> > > > > > > > > > > > > >
Re: smtpd.conf new grammar
On Thu, May 24, 2018 at 02:18:56PM +0200, Gilles Chehade wrote: > Hi, > > I have just committed a major change in smtpd that'll require smtpd.conf > to be rewritten before your update to the new code. > > The new grammar is not TOO different from the former one, a lot of stuff > remains exactly identical, but the ruleset is now split into two parts: > > - a named action > - a matching pattern which is associated to a named action > > In effect, instead of having: > > accept from any for local deliver to mbox > > > You will have: > > action "my_action" mbox > > match from any for local action "my_action" > > > There are a few keywords that have been shortened too but all in all the > switch to new grammar is easy, the smtpd.conf man page has been updated, > and it continues being improved thanks to ingo and jmc. > > The man page by itself should be enough to do the switch. > > Since this is quite a major change, I also wrote a post that describes a > conversion of my own complex smtpd.conf to new grammar: > > https://poolp.org/posts/2018-05-21/switching-to-opensmtpd-new-config/ > > > I have also compiled a list of directives recognized by the parser which > I intend to use for regress tests: > > https://poolp.org/~gilles/smtpd.conf > > > As for the reasons behind the change they are numerous, I explained some > at EuroBSDCon 2017, I explained some on my blog, the bottom line is that > while one-line rules were apparently an awesome idea, they were actually > a design error that had consequences on pretty much the entire daemon. > > We didn't realize it until a few months ago, we tried hard to maintain a > one-line rule grammar but it became more and more obvious that this just > isn't doable without creating issues and unnecessary complexity. > > The new grammar is cleaner, it helped remove ~700 lines of complex code, > made the handling of .forward files as well much safer, removed a lot of > very unpleasant side-effects most people didn't even realize existed ... > until they hit that one case for which we had no way to work around. > > > Anyways, > looking forward for you to test and report how it works for you :-) > > > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg > Hi, I upgraded my laptop and VM both to the latest snapshot this morning, and migrated the configuration for smtpd.conf to the new grammar. No issues to report and I like the new format! Regards, Leighton
Re: Using OpenBSD on a thinkpad?
On Fri, Feb 23, 2018 at 11:59:54PM +, frohw...@ymail.com wrote: > Hi, > > I use an x230, too, but I have some problems with the enterprise WPA. It > disconnects at irregular intervals and then at the moment I need to manually > reconnect with 'ifconfig iwn0 down up' -> wpa_cli reconn -> wpa_cli reassoc > -> dhclient iwn0. > > Would be interested if your wpa_supplicant is differently configured from > mine if you don't have such problems... If it's roughly the same, then it > must be specific to the wifi configuration at my workplace. > > Thanks > > PS: Didn't cc the list because it's somewhat off topic. If I can identify a > fix, I would probably cc the list again. > Hi, For this lappy I use WPA2-Enterprise in Protected-Peap mode, using a Radius server for authentication. I've written up the notes a while ago: https://www.computersystems.guru/?p=1356 Might not be relevant, however, please check to see your firmware is updated. As I run -current on this laptop, this maybe more up to date than yours. Regards, Leighton
Re: Using OpenBSD on a thinkpad?
On Wed, Feb 21, 2018 at 12:55:39PM +0100, C. wrote: > -> 2018-02-19 Mon 10:00, crimeangot...@nigge.rs,: > > > > Hey everyone, I am pretty stupid when it comes to less user friendly > > operating systems. I currently use slackware/windows and am thinking > > of using OpenBSD on either my thinkpad e420 or my libreboot t400. Are > > either supported(or at least possible to install on?) I???m sorry if > > this question has already been asked but I can???t really find any > > answers and the mailing list archive is barren as well. Thanks! > > OpenBSD 6.2 runs smoothly on my Thinkpad X260 and on the Thinkpad T470 > as well. > > The only thing I tested without any success was the DisplayPort on the > docking station. I had not had the time to investigate further. (It > works neither on my X260 nor on my T470.) The Mini-DP on the X260 worked > fine, better even than on Linux. I have not yet tested the DP in the > USB-C-Everything-Port on the T470. > > Kind regards > Christian > -- > [ Insert favourite quote here. ] I use an x230 daily with OpenBSD, no issues at all. Got WPA2-Enterprise working well with it also, just some minor wpa_supplicant setup needed.