Re: Install on Multiple Disks

[Otto Moerbeek]

On Wed, 22 Jun 2005, L. V. Lammert wrote:

 At 02:04 PM 6/22/2005 -0500, Gabe Johanns wrote:
  Hello,
  
  I have been running BSD on a desktop machine for 3 months and I would like
  to install OpenBSD on my test server. My test box is a P500 with 128MB of
  RAM and three disk drives.
  
  I would like to use 100% of the storage space on all three drives while
  installing / on wd0, /swap on wd1, and all other partitions on wd2.
  
  I have not found a way to use the installer to partition my drives in this
  manner using fdisk and disklabel. I have looked in the man files and in
  online FAQ's (although I have found how to move and resize the partitions on
  an existing installation of the OS.)
 
 The installer is not setup that way, .. but why complicate life? Install / 
 /usr on your main drive (they don't need a lot of space, anyway), .. you can
 always move /home and/or /var to the other drives after installation.

This is wrong info. It's perfectly possible to install with
various filesystems on different disks.

I'd have to check to know for sure, but I think having a swap
partition on the root disk is mandatory. But you can always add extra
swap partitions later. 

So do someting like:

create wd0a (/)  and wd0b (swap) on wd0
create wd1b (swap) on wd1
create other partitions on wd2, specifying the various mouint points

-Otto

Re: difference between newfs and newfs -m 1 on a 250G hd?

[Otto Moerbeek]

On Sun, 26 Jun 2005, Ted Unangst wrote:

 On Sat, 25 Jun 2005, bofh wrote:
 
  I tried a newfs -m 1 /dev/wd3a. After newfs is over, wd3a is not mountable.
  fsck can't find any usable superblock. However, when I did a newfs
  /dev/wd3a, the resulting partition checks out fine (fsck is ok with it) and
  mounts without problems. Any idea why?
 
 you changed a default and found a bug.  less than 1% of users ever use -m.  
 there's really no good reason to use -m 1, and several reasons not to (not 
 least of which is it apparently doesn't work).  leave it alone and use the 
 default; you will be happier.

Sound advice.

But in addition to that, I noticed you have disk offsets starting at
zero.  On various patforms this is a problem, because you did not run
fdisk.  Check http://www.openbsd.org/faq/faq4.html#blankfdisk. Please
include platform info (dmesg) next time. 

-Otto

Re: SH programming

[Otto Moerbeek]

On Sun, 26 Jun 2005, Peter Bako wrote:

 Ok, so this is not really an OpenBSD question but I am doing this on an
 OpenBSD system and I am about to lose my mind...
 
 I have done some basic shell scripting before but I've not had to deal with
 actual integer math before and now it is killing me.  The script takes a
 parameter in (year number) and is supposed to subtract 1900 from it and then
 multiply the result by 365.  (This is part of a larger script that deal with
 converting dates to a single numeric value, but this one problem is an
 example of the problems I am having with this entire script.)  So, this is
 what I have:
 
 #!/bin/sh
 month=$1 
 day=$2
 year=$3
 
 dayscount=$(expr ($year - 1900) * 365)
 echo $dayscount
 exit
 
 This will generate a syntax error: `$year' unexpected error.  I have tried
 all sorts of variations and I am not getting it!!!  HELP!!!

When using ksh, you can do:

#!/bin/ksh
month=$1 
day=$2
year=$3

dayscount=$((($year - 1900) * 365))
echo $dayscount
exit

When using sh, you'll need expr(1), for which all parts of the
expression are separate arguments, and you need to escape all special
shell chars:

#!/bin/sh
month=$1 
day=$2
year=$3

dayscount=`expr \( $year - 1900 \) \* 365`
echo $dayscount
exit

 BTW, obviously I need a good book on SH programming.  Any suggestions?

For ksh, the Korn Shell Book by David Korn and (iirc Morris Bolsky)
comes to mind.

-Otto

Re: difference between newfs and newfs -m 1 on a 250G hd?

[Otto Moerbeek]

On Sun, 26 Jun 2005, bofh wrote:

 On 6/26/05, Otto Moerbeek [EMAIL PROTECTED] wrote:
 
 
  On Sun, 26 Jun 2005, Ted Unangst wrote:
 
   you changed a default and found a bug. less than 1% of users ever use
  -m.
   there's really no good reason to use -m 1, and several reasons not to
  (not
   least of which is it apparently doesn't work). leave it alone and use
  the
   default; you will be happier.
 
 
 Umm, I know for the kernel, we're supposed to use GENERIC if we want to
 report a bug, but I did not realize that this carries through to the
 userspace as well.

Well, bugs that happen with default settings just have higher
priority.  Deviations form the defaults, especially if the man pages
contain advise against it, are frowned upon. 

 The only reason I reported it is because I it was a bug I've never seen
 before, and I figured you guys might be interested.

I'm mildy interested...

 Sound advice.
 
  But in addition to that, I noticed you have disk offsets starting at
  zero. On various patforms this is a problem, because you did not run
  fdisk. Check http://www.openbsd.org/faq/faq4.html#blankfdisk. Please
  include platform info (dmesg) next time.
 
 
 Ah, it's ok, I'm not booting from it. Would have posted dmesg, but I figured
 it wasn't necessary. If this is not a known bug, and if there's any interest
 in a dmesg at all, I'll post it. Thanx.

Try to reproduce the problem after having run fdisk (if it is
applicable, still don't know your platform, arghhh), disklabel and
newfs. If you can still reproduce the problem, I'll put this on my
TODO list, but not very high. 

-Otto

Call for disk donations (was Re: difference between newfs and newfs -m 1 on a 250G hd?)

[Otto Moerbeek]

On Mon, 27 Jun 2005, Otto Moerbeek wrote:

 Try to reproduce the problem after having run fdisk (if it is
 applicable, still don't know your platform, arghhh), disklabel and
 newfs. If you can still reproduce the problem, I'll put this on my
 TODO list, but not very high. 

OK, you got me curious. I tried to reproduce your problem on a
-current system using a sparse svnd image of 250G, I don't have a 250G disk.

I could not reproduce your problem. This might be well be because I made
some fixes to newfs that went into 3.7. 

This clearly shows that patform and version info is needed in bug reports.

But actually this post is a call for donations.

My work to fix the userland disk utilities (fdisk, disklabel, newfs)
to work properly on large file systems always has been handicapped
because I do not have very large disks. I think I managed to make all
legal block and fragment size combinations work in 3.7, but I always
have to resort to svnd tricks to test my stuff. Now as you all know
testing using a simulation always has the chanche of hiding real
bugs or introducing problems that would not have occurred using the
real thing, and so introducing noise in the test results. 

So if some kind persons are willing to donate some large disks (say 
150G), I'd be very happy. Ideally I want to be able to create 1TB file
systems, the limit of UFS1. I do not need a single disk that large,
since I can use ccd(4). I can use both IDE and SCSI disks. I do not
have a mortherboard that has SATA. 

Please contact me privately if you have someting to offer. I live in
the Netherlands.

Note: to avoid any misunderstanding: this is NOT a promise to work on
UFS2 support. Since I'm almost 100% a userland hacker, this is out of
my league.

-Otto

Re: SH programming

[Otto Moerbeek]

On Mon, 27 Jun 2005 [EMAIL PROTECTED] wrote:

 The following seems to work.
 
 $ year=2005
 $ foo=$(expr $year - 1900 )
 $ dayscount=$(expr $foo \* 365 )
 $ echo $dayscount
 38325
 
 Problems include an unescaped asterisk
 man expr indicates that parentheses should work
   but my playing with them seems to indicate otherwise.
 ---Correction:
 $ dayscount=$(expr \( $year - 1900 \) \* 365 )
 $ echo $dayscount
 38325
 
 Parens that are destined for expr instead of the shell must also be escaped.

And this is almost exaclty the sh script I sent in my reply. The
escaping of parentheses is obviously needed to avoid them being
interpreted by the shell. That is standard shell programming stuff.

And please do not toppost.

-Otto

 
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
 Otto Moerbeek
 Sent: Monday, June 27, 2005 2:08 AM
 To: Peter Bako
 Cc: misc@openbsd.org
 Subject: Re: SH programming
 
 
 On Sun, 26 Jun 2005, Peter Bako wrote:
 
  Ok, so this is not really an OpenBSD question but I am doing this on an
  OpenBSD system and I am about to lose my mind...
 
  I have done some basic shell scripting before but I've not had to deal
 with
  actual integer math before and now it is killing me.  The script takes a
  parameter in (year number) and is supposed to subtract 1900 from it and
 then
  multiply the result by 365.  (This is part of a larger script that deal
 with
  converting dates to a single numeric value, but this one problem is an
  example of the problems I am having with this entire script.)  So, this is
  what I have:
 
  #!/bin/sh
  month=$1
  day=$2
  year=$3
 
  dayscount=$(expr ($year - 1900) * 365)
  echo $dayscount
  exit
 
  This will generate a syntax error: `$year' unexpected error.  I have
 tried
  all sorts of variations and I am not getting it!!!  HELP!!!
 
 When using ksh, you can do:
 
 #!/bin/ksh
 month=$1
 day=$2
 year=$3
 
 dayscount=$((($year - 1900) * 365))
 echo $dayscount
 exit
 
 When using sh, you'll need expr(1), for which all parts of the
 expression are separate arguments, and you need to escape all special
 shell chars:
 
 #!/bin/sh
 month=$1
 day=$2
 year=$3
 
 dayscount=`expr \( $year - 1900 \) \* 365`
 echo $dayscount
 exit
 
  BTW, obviously I need a good book on SH programming.  Any suggestions?
 
 For ksh, the Korn Shell Book by David Korn and (iirc Morris Bolsky)
 comes to mind.
 
   -Otto

Re: Getting X11 to start on a Mac Mini (?)

[Otto Moerbeek]

On Mon, 27 Jun 2005, Chandler May wrote:

 Hi,
 
 I recently set up OpenBSD 3.7 for the first time on a new Mac Mini,
 and I haven't been able to get X11 up and running on it. I installed
 X11 during the initial operating system install, and have not
 installed anything X11-related since. I'm a newbie to OpenBSD, so
 perhaps there are required graphics drivers for my setup that I am not
 aware of? Anyway...
 
 upon `startx`:
 
 (EE) Screen(s) found, but none have a usable configuration
 
 Fatal server error:
 no screens found

Try the xorg.conf below as a start. It has some specific stuff 
related to my LCD, screen, but it should get you started.

Note that it may take a few tries to get X in the air, there's seems
to be some timing issue. Never had time to really attack that.

-Otto


Section ServerLayout
Identifier X.org Configured
Screen  0  Screen0 0 0
InputDeviceMouse0 CorePointer
InputDeviceKeyboard0 CoreKeyboard
EndSection

Section Files
RgbPath  /usr/X11R6/lib/X11/rgb
FontPath /usr/X11R6/lib/X11/fonts/misc/
FontPath /usr/X11R6/lib/X11/fonts/75dpi/:unscaled
FontPath /usr/X11R6/lib/X11/fonts/100dpi/:unscaled
FontPath /usr/local/lib/X11/fonts/ghostscript/
FontPath /usr/X11R6/lib/X11/fonts/Type1/
FontPath /usr/X11R6/lib/X11/fonts/TTF/
FontPath /usr/X11R6/lib/X11/fonts/CID/
FontPath /usr/local/lib/X11/fonts/mscorefonts/
EndSection

Section Module
EndSection

Section InputDevice
Identifier  Keyboard0
Driver  kbd
EndSection

Section InputDevice
Identifier  Mouse0
Driver  mouse
Option  Protocol wsmouse
Option  Device /dev/wsmouse
Option  ZAxisMapping 4 5
EndSection

Section Monitor
Identifier   Monitor0
VendorName   Monitor Vendor
ModelNameMonitor Model
HorizSync31 - 81
VertRefresh  59 - 61
EndSection

Section Device
### Available Driver options are:-
### Values: i: integer, f: float, bool: True/False,
### string: String, freq: f Hz/kHz/MHz
### [arg]: arg optional
#Option NoAccel   # [bool]
#Option SWcursor  # [bool]
#Option Dac6Bit   # [bool]
#Option Dac8Bit   # [bool]
#Option PanelOff  # [bool]
#Option DDCMode   # [bool]
Option MonitorLayout  None,CRT # [str]
#Option IgnoreEDID# [bool]
#Option UseFBDev  # [bool]
#Option VideoKey  # i
#Option MergedFB  on # [bool]
#Option CRT2HSync # [str]
#Option CRT2VRefresh  # [str]
#Option CRT2Position  Clone# [str]
#Option MetaModes # [str]
#Option MergedDPI # [str]
#Option NoMergedXinerama  # [bool]
#Option MergedXineramaCRT2IsScreen0   # [bool]
#Option DisplayPriority   # [str]
#Option PanelSize 1280x1024 # [str]
#Option ForceMinDotClock  # freq
#Option RenderAccel   # [bool]
#Option SubPixelOrder # [str]
#Option ShowCache # [bool]
#Option DynamicClocks # [bool]
Option iBookHacks on# [bool]
Identifier  Card0
Driver  ati
VendorName  ATI Technologies Inc
BoardName   Unknown Board
BusID   PCI:0:16:0
EndSection

Section Screen
Identifier Screen0
Device Card0
MonitorMonitor0
DefaultDepth 24
SubSection Display
Viewport   0 0
Depth 1
EndSubSection
SubSection Display
Viewport   0 0
Depth 4
EndSubSection
SubSection Display
Viewport   0 0
Depth 8
Modes 1280x1024
EndSubSection
SubSection Display
Viewport   0 0
Depth 15
EndSubSection
SubSection Display
Viewport   0 0
Depth 16
EndSubSection
SubSection Display
Viewport   0 0
Depth 24
Modes 1280x1024
EndSubSection
EndSection

Re: Interrupting df

[Otto Moerbeek]

On Tue, 28 Jun 2005, Stephan Wehner wrote:

 I'm running df and it just hangs. 
 
 ^C doesn't interrupt it. ^Z doesn't interrupt it.
 
 My guess is that some filesystem is not responding; still I should be
 able to get my console back, shouldn't I?
 
 Is this the BSD way? (My other linux machine responds to interrupts). 
 
 Stephan
 
 #uname -a
 OpenBSD myosin.sugarmotor.net 3.7 GENERIC#50 i386


This got to be a contender for the most useless problem report this year.

Since you do not provide any details on your setup (dmesg, are you using NFS,
how are the filesystems mounted, anything in the log files or console)
we cannot help you.

Check http://www.openbsd.org/mail.html and report.html and try again.

-Otto

Re: SCSI and disk geometry

[Otto Moerbeek]

On Wed, 29 Jun 2005, [iso-8859-15] Josi M. [iso-8859-15] Fandiqo wrote:

 Hello,

  I'm trying to install OpenBSD in three servers with
 identical hardware and I was able to install it in two
 of them but not in the third.

 Each server detects a diferent geometry for the SCSI
 disks  :-?

 server1 - geometry: 817199/87/1 [71096313 Sectors]
 server2 - geometry: 2843852/25/1 [71096300 Sectors]
 server3 - geometry: 4425/255/63 [71087625 Sectors]

 in the third server the geometry causes a broken MBR

 anyone knows that can be causing this?

 Thank you.

 dmesg, fdisk and disklabel:
 http://195.55.55.164/tests/OpenBSD/server1.txt
 http://195.55.55.164/tests/OpenBSD/server2.txt
 http://195.55.55.164/tests/OpenBSD/server3.txt


I cannot explain the differences in geometry. Your disklabels look OK,
it might be a BIOS thing that hits you. This smells like a problem
Nick loves ;-)

You server3 log puzzles me, since it is incomplete. I do not see you
setting the size in fdisk.  This is important since there are a few
CAVEATS; see fdisk(8).

I see you violate the MBR boundary rules on server 1 and 2 as well.
You might be just lucky the other two servers work, and have a hidden
problem there as well.

If possible, it is easiest to just use the whole disk for OpenBSD,
since fdisk -i (as done by the installer) just takes care of
everything.

-Otto

Re: SCSI and disk geometry

[Otto Moerbeek]

On Wed, 29 Jun 2005, Otto Moerbeek wrote:

 On Wed, 29 Jun 2005, [iso-8859-15] Josi M. [iso-8859-15] Fandiqo wrote:
 
  Hello,
 
   I'm trying to install OpenBSD in three servers with
  identical hardware and I was able to install it in two
  of them but not in the third.
 
  Each server detects a diferent geometry for the SCSI
  disks  :-?
 
  server1 - geometry: 817199/87/1 [71096313 Sectors]
  server2 - geometry: 2843852/25/1 [71096300 Sectors]
  server3 - geometry: 4425/255/63 [71087625 Sectors]
 
  in the third server the geometry causes a broken MBR
 
  anyone knows that can be causing this?
 
  Thank you.
 
  dmesg, fdisk and disklabel:
  http://195.55.55.164/tests/OpenBSD/server1.txt
  http://195.55.55.164/tests/OpenBSD/server2.txt
  http://195.55.55.164/tests/OpenBSD/server3.txt
 
 
 I cannot explain the differences in geometry. Your disklabels look OK,
 it might be a BIOS thing that hits you. This smells like a problem
 Nick loves ;-)

As a start, the output of sysctl machdep.bios.diskinfo for all three
machines might be interesting.

-Otto

Re: sleep patterns...

[Otto Moerbeek]

On Mon, 4 Jul 2005, Thanos Tsouanas wrote:

 On Mon, Jul 04, 2005 at 09:00:18AM +0100, unixadmin99 wrote:
  Oops!
  Accidently emptied half the contents of src.tar.gz into /usr/bin while
  undergoing an install under the intoxication of sleep.
  What's the most efficient way of rectifying this?
 
 Something like..
 
 tar tvfz src.tar.gz | xargs rm -f
 
 should work...

But might throw away some files that belong in /usr/bin

-Otto

Re: Call for disk donations (was Re: difference between newfs and newfs -m 1 on a 250G hd?)

[Otto Moerbeek]

On Mon, 27 Jun 2005, Otto Moerbeek wrote:

 My work to fix the userland disk utilities (fdisk, disklabel, newfs)
 to work properly on large file systems always has been handicapped
 because I do not have very large disks. I think I managed to make all
 legal block and fragment size combinations work in 3.7, but I always
 have to resort to svnd tricks to test my stuff. Now as you all know
 testing using a simulation always has the chanche of hiding real
 bugs or introducing problems that would not have occurred using the
 real thing, and so introducing noise in the test results. 
 
 So if some kind persons are willing to donate some large disks (say 
 150G), I'd be very happy. Ideally I want to be able to create 1TB file
 systems, the limit of UFS1. I do not need a single disk that large,
 since I can use ccd(4). I can use both IDE and SCSI disks. I do not
 have a mortherboard that has SATA. 

Indeed, some kind persons donated enough so I have now 4 300MB SATA
disks coming my way, plus a LSI MegaRAID SATA controller. I already
have a machine with 4 empty bays and power to spare, so I expect to
have a setup that's capable of creating large file systems running
soon. 

In the mean time, I'm creating some test programs to fill file systems
with files containing simple patterns, so I later check the contents
both by reading and checking the complete file or just by sampling of
some bytes at different offsets.

Thanks to all who donated!

-Otto

Re: Semi-OT: Problems getting find to not recurse

[Otto Moerbeek]

On Wed, 6 Jul 2005, C. Bensend wrote:

 Hey folks,
 
OK, I think I've got the dunce hat on today, and I'm about to
 go crazy with this one.
 
I have a script on an OpenBSD 3.7-STABLE machine that does
 a find in a directory, and uses rm to remove files older than
 two days (where RETAIN = +2) :
 
 find /path/to/dir -type f -name \*.gz -mtime ${RETAIN} -exec rm {} \;
 
This directory has a subdir (a .ssh), and no matter what I
 do, I cannot get find to NOT recurse into this subdirectory.  I've
 tried using -path, ! -path, -maxdepth 0|1, and none of them seem
 to do what I want.  I only want find to examine the /path/to/dir
 directory, and not any subdirs.
 
I've been through the man page so many times, I can just about
 recite it.  Am I just missing something, or is this not possible?
 I'm guessing it's the former and I've just stared at it too long to
 see the obvious.

Something like this should work (compare some of th examples of the man
page):

find /path/to/dir -name .ssh -type d -prune -or \
-type f -name \*.gz -mtime ${RETAIN} -exec rm {} \;

-Otto

Re: Background developer knowledge

[Otto Moerbeek]

On Wed, 6 Jul 2005, Edd Barrett wrote:

 Hi,
 
 One of my friends has always said that you can not read the source
 without context. He is right. If you don't know what your looking for,
 it will not make any sense. This proves a problem if you have nothing to
 fix and just wish to learn.
 
 Would you not agree?

Of course the context of a source file is the program it is part of
and the function it is supposed to perform.  Now there are a bunch of
simple, straightforward commands in any Unix system, which can be used
to start learning. 

Take a simple command. Even yes(1) can be used as an example. Read the
man page and try to map the functionality described in the man page to
the source you are seeing. While you're at it, check the man page of
the functions it uses to accomplish its task.

Move on to more complex programs that use more and more library
functions and system calls. Study the implementation of the library
functions and system calls, now that you know what they are supposed
to do and you have seen them used in actual programs. 

If you have no context, start building it. Of course, reading a few
good books might help as well.

-Otto

Re: Semi-OT: Problems getting find to not recurse

[Otto Moerbeek]

On Wed, 6 Jul 2005, Matthias Kilian wrote:

 On Wed, Jul 06, 2005 at 02:33:30PM -0500, C. Bensend wrote:
   find /path/to/dir -name .ssh -type d -prune -or \
 -type f -name \*.gz -mtime ${RETAIN} -exec rm {} \;
  
  Thank you very much, Otto.  That works just fine.  It's greatly
  appreciated!
 
 Well, even if it helped, I can't reproduce your problem:

 
 find /home/kili -maxdepth 1 -type f -name \* -mtime +1 -exec echo {} \; |
 grep ssh
 
 yields no output at all. [And of course, I *do* have a .ssh directory.]

That's because you are not doing the same search.  Especially
-maxdepth 1 will influence the results. 

-Otto

Re: Some questions related to shell scripts

[Otto Moerbeek]

On Thu, 14 Jul 2005, Dave Anderson wrote:

 It also, at least under OpenBSD, has the serious problem that $$
 isn't the PID of the shell running the script but rather the PID of the
 original shell (whatever exactly that means; some testing suggests
 that it's the last process on the PPID chain which is still in this
 process group) and I haven't yet found any straightforward way of
 getting the PID of the bottom-level shell, which is what is needed
 for the stale-lock testing to work at all when the exclusion needed is
 among scripts run in subshells of the same shell.  (I realize that I
 could create a trivial program which writes its PPID to stdout, or hack
 /bin/sh to add a new variable which contains the PID I want -- but I'd
 prefer to use the tools which come as part of the base system.  This
 has also left me rather curious as to *why* the PID and PPID of the
 original shell are easily accessible in scripts but those of the
 subshell actually running the script aren't.)

I did not check your script, but POSIX says this:

$   Expands to the decimal process ID of the invoked shell. In a
subshell (see Shell Execution Environment ), '$' shall expand to the
same value as that of the current shell.

There's a similar phrase in the man page,

-Otto

Re: restore: Tape block size problem?

[Otto Moerbeek]

On Wed, 27 Jul 2005, Daniel Hamlin wrote:

 I am attempting to perform and verify a backup on a server, per the
 instructions in the FAQ, but am getting this error:
 
 restore: Tape block size (32758) is not a multiple of dump block size (1024)
 
 Is there something I'm doing wrong or is this a hardware problem?  This is the
 first backup attempt for this server, and the hardware is donated.
 
 Dan Hamlin

Fixed in 3.6-stable, a patch is available. Please read
html://www.openbsd.org/errata.html before reporting a problem,

-Otto


 
 
 # mount
 /dev/sd0a on / type ffs (local, softdep)
 /dev/sd0i on /home type ffs (local, nodev, nosuid, softdep)
 /dev/sd0d on /usr type ffs (local, nodev, softdep)
 /dev/sd1a on /usr/local/samba/share type ffs (local, nodev, softdep)
 /dev/sd0e on /var type ffs (local, nodev, nosuid, softdep)
 /dev/sd0f on /var/log type ffs (local, nodev, nosuid, softdep)
 /dev/sd0g on /var/spool type ffs (local, nodev, nosuid, softdep)
 /dev/sd0h on /var/www type ffs (local, nodev, nosuid, softdep)
 # dump -0au -f /dev/rst0 /dev/rsd1a
  DUMP: Date of this level 0 dump: Wed Jul 27 10:13:35 2005
  DUMP: Date of last level 0 dump: the epoch
  DUMP: Dumping /dev/rsd1a (/usr/local/samba/share) to /dev/rst0
  DUMP: mapping (Pass I) [regular files]
  DUMP: mapping (Pass II) [directories]
  DUMP: estimated 1647628 tape blocks.
  DUMP: Volume 1 started at: Wed Jul 27 10:13:42 2005
  DUMP: dumping (Pass III) [directories]
  DUMP: dumping (Pass IV) [regular files]
  DUMP: 7.61% done, finished in 1:00
  DUMP: 15.45% done, finished in 0:54
  DUMP: 23.23% done, finished in 0:49
  DUMP: 31.05% done, finished in 0:44
  DUMP: 39.10% done, finished in 0:38
  DUMP: 48.17% done, finished in 0:32
  DUMP: 57.22% done, finished in 0:26
  DUMP: 66.36% done, finished in 0:20
  DUMP: 75.06% done, finished in 0:14
  DUMP: 83.40% done, finished in 0:09
  DUMP: 91.80% done, finished in 0:04
  DUMP: 1651755 tape blocks on 1 volume
  DUMP: Volume 1 completed at: Wed Jul 27 11:13:18 2005
  DUMP: Volume 1 took 0:59:36
  DUMP: Volume 1 transfer rate: 461 KB/s
  DUMP: Date of this level 0 dump: Wed Jul 27 10:13:35 2005
  DUMP: Date this dump completed:  Wed Jul 27 11:13:18 2005
  DUMP: Average transfer rate: 461 KB/s
  DUMP: level 0 dump on Wed Jul 27 10:13:35 2005
  DUMP: Closing /dev/rst0
  DUMP: DUMP IS DONE
 # restore -tvs 1  -f /dev/rst0
 Verify tape and initialize maps
 restore: Tape block size (32758) is not a multiple of dump block size (1024)
 #
 
 OpenBSD 3.6 (GENERIC) #59: Fri Sep 17 12:32:57 MDT 2004
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: Intel Pentium III (GenuineIntel 686-class, 512KB L2 cache) 499 MHz
 cpu0:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
 real mem  = 133783552 (130648K)
 avail mem = 115458048 (112752K)
 using 1658 buffers containing 6791168 bytes (6632K) of memory
 mainbus0 (root)
 bios0 at mainbus0: AT/286+(00) BIOS, date 07/14/99, BIOS32 rev. 0 @ 0xf
 pcibios0 at bios0: rev 2.1 @ 0xf/0x2000
 pcibios0: PCI BIOS has 9 Interrupt Routing table entries
 pcibios0: PCI Interrupt Router at 000:20:0 (Intel 82371AB PIIX4 ISA rev
 0x00)
 pcibios0: PCI bus #1 is the last bus
 bios0: ROM list: 0xc/0x8000 0xc8000/0x800 0xe8000/0x6000! 0xee000/0x2000!
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
 pchb0 at pci0 dev 0 function 0 Intel 82443BX rev 0x03
 siop0 at pci0 dev 6 function 0 Symbios Logic 53c875 rev 0x14: irq 5, using
 4K of on-board RAM
 scsibus0 at siop0: 16 targets
 sd0 at scsibus0 targ 0 lun 0: COMPAQ, BB00921B91, 3B05 SCSI2 0/direct fixed
 sd0: 8678MB, 5273 cyl, 20 head, 168 sec, 512 bytes/sec, 17773524 sec total
 sd1 at scsibus0 targ 1 lun 0: COMPAQ, BB00921B91, 3B05 SCSI2 0/direct fixed
 sd1: 8678MB, 5273 cyl, 20 head, 168 sec, 512 bytes/sec, 17773524 sec total
 siop1 at pci0 dev 6 function 1 Symbios Logic 53c875 rev 0x14: irq 9, using
 4K of on-board RAM
 scsibus1 at siop1: 16 targets
 tl0 at pci0 dev 7 function 0 Compaq ProLiant Netelligent 10/100 TX rev 0x10:
 irq 10 address 00:50:8b
 :a2:5a:25
 lxtphy0 at tl0 phy 1: LXT970 10/100 media interface, rev. 3
 ukphy0 at tl0 phy 31: Generic IEEE 802.3u media interface
 ukphy0: OUI 0x100014, model 0x0001, rev. 5
 vga1 at pci0 dev 8 function 0 ATI Mach64 GV rev 0x7a
 wsdisplay0 at vga1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 Compaq Netelligent ASMC rev 0x00 at pci0 dev 9 function 0 not configured
 ppb0 at pci0 dev 10 function 0 DEC 21152 PCI-PCI rev 0x03
 pci1 at ppb0 bus 1
 ahc1 at pci1 dev 8 function 0 Adaptec AHA-2940U rev 0x00: irq 11
 scsibus2 at ahc1: 8 targets
 st0 at scsibus2 targ 6 lun 0: HP, C1533A, A708 SCSI2 1/sequential removable
 st0: density code 0x13, 512-byte blocks, write-enabled
 pcib0 at pci0 dev 20 function 0 Intel 82371AB PIIX4 ISA rev 0x02
 pciide0 at pci0 dev 20 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0
 wired to compatibility,
 channel 1 wired 

Re: network adapter order

[Otto Moerbeek]

On Mon, 1 Aug 2005, Michiel van der Kraats wrote:

 Hi,
 
 Is it possible to change the order in which the kernel detects and names
 network interfaces? I have a system which has one fxp onboard and one fxp as a
 PCI card. With the PCI card, the onboard NIC is named fxp1 and the PCI card
 fxp0. Can something be done to change the ordering? It's conceptually easier
 to tell people the onboard NIC is their internal network.

If it's just an internal/external thing just switch the cables.

-Otto

Re: Shell scripting problem -- help, please!

[Otto Moerbeek]

On Wed, 3 Aug 2005, Dave Anderson wrote:

 Something's screwy here, using the 'set -A' command in /bin/sh on
 3.7-release.  AFAICT the complicated file-match expression should (in
 this case) produce the same results as the simple one, but it doesn't
 seem to match at all when used in this script -- but does produce the
 expected result when cut-and-pasted to a command line.
 
 Any constructive comments would be greatly appreciated.


I do not understand this yet, but the desired behaviour is achieved if
you force the file name matching to be done in the call:

#!/bin/sh
function DoIt {
  set -A files $*
  echo match = '$1'
  typeset -i idx
  idx=0
  while [ idx -lt ${#files[*]} ] ; do
echo files[$idx] = '${files[$idx]}'
idx=idx+1
  done
  return 0
}
DoIt /tmp/tst/*
echo 
DoIt 
/tmp/tst/+([a-zA-Z])+([0-9]).@(in|out).@(block|pass).@(destIP|destPort|srcIP)

$ sh x
match = '/tmp/tst/ne3.in.block.destIP'
files[0] = '/tmp/tst/ne3.in.block.destIP'
files[1] = '/tmp/tst/ne3.in.block.destPort'
files[2] = '/tmp/tst/ne3.in.block.srcIP'

match = '/tmp/tst/ne3.in.block.destIP'
files[0] = '/tmp/tst/ne3.in.block.destIP'
files[1] = '/tmp/tst/ne3.in.block.destPort'
files[2] = '/tmp/tst/ne3.in.block.srcIP'

Alternatively, adding an 'eval' before the 'set' command also fixes
the problem:

#!/bin/sh
function DoIt {
  eval set -A files $1
  echo match = '$1'
  typeset -i idx
  idx=0
  while [ idx -lt ${#files[*]} ] ; do
echo files[$idx] = '${files[$idx]}'
idx=idx+1
  done
  return 0
}
DoIt /tmp/tst/*
echo 
DoIt 
/tmp/tst/+([a-zA-Z])+([0-9]).@(in|out).@(block|pass).@(destIP|destPort|srcIP)


-Otto

Re: timekeeping on Soekris net4801 w/ ntpd. 3.8

[Otto Moerbeek]

On Tue, 15 Nov 2005, Johan wrote:

  Personally I'd like to see a log message like this:
 
  Tue Nov 15 20:31:33 NTPD clock is 60.000356s off, adjusting by 0.0128s
 
 
 I actually like this one... makes sense and is still very short and concise

This adujsting by information is not available to ntpd. ntpd
requests an adjustment using the adjtim(2) system call. The argument
is the actual offset. It is up to the kernel to decide how fast the
adjustment will be done. 

Both Theo and Henning have stated very clearly the log message is not
going to change. So there's no point in coming up with new
suggestions. 

-Otto

Re: Code comprehension

[Otto Moerbeek]

On Wed, 16 Nov 2005, Bruno Carnazzi wrote:

   Hi All,
 
 I'm a junior system administrator, working on free operating system
 such as Linux and recently OpenBSD. I really enjoy OpenBSD for its
 simplicity, concisness and security. I've got a small experience of C
 programming, from my studies. I'd like to understand deeply the
 conception of this system, through reading and understanding his code.
 I consider it's a big work, lots of thing to learn. I suppose some
 people already take this way, so I'd like to know if someone has
 advice to give in this way ? Where to start ? A tool from the userland
 ? Directly attack the kernel (!!) or something else ? Prerequisite ?

My advice would be to start in whatever part interests you. Curiosity
will guide you through src. If you are overwhelmed, start by looking
at the more simple programs in userland. Read the man pages of the
command, try to match behaviour to code or vice versa. Study the man
pages of the library and system calls being done. Continue with the
study of the implementation of these. Do not forget that quite some
kernel functions are documented in section 9.

Another way is to watch the cvs mailing list and check what changes
are done to the system. Trying to understand the changes will teach
you a lot.

As for books that might help, there are a few listed on
http://www.openbsd.org/books.html

The Design and Implementation of the 4.4 BSD Operating System will
give you the big picture and quite some details as well.

-Otto

Re: slightly OT: TCP checksum and RFC conformity

[Otto Moerbeek]

On Thu, 17 Nov 2005, Andreas Bartelt wrote:

 Hi,
 
 Tobias Weingartner wrote:
  On Thursday, November 17, Andreas Bartelt wrote:
  
   As much better algorithms for error detection are known and PC performance
   (and also Internet traffic) has increased a lot since the introduction of
   TCP - do you think that the original checksum algorithm is still the best
   choice in terms of a reliability/performance tradeoff?
  
  
  Nope, it is not.  But that's the reason it's called a standard.  You
  get some good, and some bad with them.  Welcome to the real world...
  
 
 it's probably my lack of knowledge, but I thought it would be possible to
 solve this by a TCP option without breaking interoperability. So this is
 actually a design decision which can't be corrected without a TCP replacement
 (which, I guess, won't happen in the next years)?

Yes, it could be solved with options. There's even an RFC for it. But
since aparently nobody is implementing it, it is probably not very
interesting.

-Otto

Re: tools in openbsd

[Otto Moerbeek]

On Fri, 18 Nov 2005, Gustavo Rios wrote:

 Dear folks,
 
 I have been around with a doubt in my mind. While i see many good
 tools in the net, i could not figure it out why they cannot be come
 default in openbsd dist.
 
 For instance, i am very confortable with tools like qmail and djbdns.
 I ask because i love programming and i am very confident about my
 work. I would be very proud to have my work included in openbsd but
 have no ideia how i could make it happen.
 
 Probably some core developer could lead me towards my goal (In private, 
 please).
 
 PS: Don't you get me wrong, please, i just would like to contribute to such a
 exceptional OS. I hope nobody get offended by such a question.

http://www.openbsd.org/faq/faq1.html#HowAbout

-Otto

Re: remote su root: SORRY

[Otto Moerbeek]

On Mon, 21 Nov 2005, Lars Hansson wrote:

 On Mon, 21 Nov 2005 14:02:17 +1100
 Paul Yiu [EMAIL PROTECTED] wrote:
  /etc/passwd
  pyiu:*:1002:10:P Yiu:/home/pyiu:/usr/local/bin/bash
  
  /etc/group
  wheel:*:0:root,pyiu
 
 10 != 0

Indeed, but what does that have to do with the problem? You do not
have to have wheel as primary group to be able to use su(1).

I would like to see the output of userinfo pyiu. Added to that, the
output of getcap -f /etc/login.conf class, where class is the login
class of teh user, as reported by userinfo.

Also, we need to see the exact command line used and errors reported.
Not just some vague description. 

-Otto

Re: Copying disk partitions

[Otto Moerbeek]

On Mon, 21 Nov 2005, Nick Holland wrote:

  PS I also don't understand why the first 16*512 bytes are
  skipped when using dd?
 
 I was really hoping someone else would answer this, I'm not completely
 sure about my answer...I think that's where the PBR and the disklabel
 hides.  Actually, I *know* it is the PBR, I'm guessing about the
 disklabel, but looking at the contents, I'm pretty sure I'm at least
 partly right.

Yes, you are right. Try disklabel -r /dev/rwd0a to read the disklabel
from the partition directly. It wil succceed for the a partition, but
not for the others. 

Without -r, disklabel succeeds in getting the in core disklabel for
any partition, but that is behaviour of the ioctl, as documented in
diskabel(5). 

Now I'm wondering where the label hides if there's no a partition

-Otto

Re: remote su root: SORRY

[Otto Moerbeek]

On Wed, 23 Nov 2005, Paul Yiu wrote:

 Hi Otto,
 
 I would like to see the output of userinfo pyiu. Added to that, the
 output of getcap -f /etc/login.conf class, where class is the login
 class of teh user, as reported by userinfo.
 
 login   pyiu
 passwd  WhatEverWasHere
 uid 1002
 groups  users wheel
 change  NEVER
 class  
 gecos   Paul Yiu
 dir /home/pyiu
 shell   /usr/local/bin/bash
 expire  NEVER
 
 pyiu do not assign to any class as shown above.
 -bash-3.00# getcap -f /etc/login.conf default
 default::path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin 
 /usr/local/bin:  :umask=022: :datasize-max=256M: 
 :datasize-cur=75M:  :maxproc-max=128:   :maxproc-cur=64:
 :openfiles-cur=64:  :stacksize-cur=4M:  
 :localcipher=blowfish,6::ypcipher=old:  :auth=passwd,skey:  
 :auth-ftp=passwd:
 
 Also, we need to see the exact command line used and errors reported.
 Not just some vague description. 
 
 I use ssh.com client 3.2.9 to login as pyiu and type su to su as root 
 and what has been capture in /var/log/authlog is
 Nov 21 11:27:02 openbsd1 su: BAD SU pyiu to root on /dev/ttyp0
 I can provide more details if necessery.

Sigh. Exact details please. Does su print Sorry? Or anything else?

Some things you can do to isolate the problem:

1. Login on console as pyiu and try to su.
2. When logged in, ssh to localhost as pyiu and then try to su

Please give exact reports on what is printed on screen and written to
authlog in these cases.

If that does not give a clue, I might need to add some debug code to
su to see what is going on.

-Otto

Re: bioctl Device Support

[Otto Moerbeek]

On Wed, 23 Nov 2005, Gaby vanhegan wrote:

 HI,
 
 I've just upgraded to 3.8, hoping that ami/bioctl would support my  
 RAID card, which it doesn't:
 
 ami0 at pci1 dev 14 function 1 Intel 80960RP ATU rev 0x02: irq 14  
 Dell 467/32b
 ami0: FW 1.06, BIOS v1p00, 128MB RAM
 ami0: 2 channels, 16 targets, 1 logical drives
 scsibus0 at ami0: 1 targets
 sd0 at scsibus0 targ 0 lun 0: AMI, Host drive #00,  SCSI2 0/direct  
 fixed
 sd0: 17136MB, 2184 cyl, 255 head, 63 sec, 512 bytes/sec, 35094528 sec  
 total
 scsibus1 at ami0: 16 targets
 safte0 at scsibus1 targ 6 lun 0: DELL, 1x6 SCSI BP, 5.47 SCSI2 3/ 
 processor fixed
 scsibus2 at ami0: 16 targets
 
 If I can ask, which models of RAID card are being worked on for the  
 3.9 release?

I may be missing something obvious here, but this looks like the card
_is_ supported. What output where you expecting? What does bioctl ami0
print? 

-Otto

Re: bioctl Device Support

[Otto Moerbeek]

On Wed, 23 Nov 2005, Gaby vanhegan wrote:

 On 23 Nov 2005, at 20:10, Gaby vanhegan wrote:
 
  I figured that it would be supported:
 
  # bioctl ami0
  bioctl: BIOCINQ: Operation not supported by device
  # bioctl -Dv ami0
  bioctl: cookie = 0xd0f51e90
  bio_inq
  bioctl: BIOCINQ: Operation not supported by device
 
  Apparently not :(  Here's a full dmesg:
 
 Just a thought, that machine had been upgraded from 3.5 to 3.8  
 (following the steps in the excellent upgrade FAQ's).  I upgraded  
 from 3.5 - 3.6 - 3.7 - 3.8.  Perhaps this might have some bearing  
 on the problem?

Don't know how you upgraded, but one thing that might be wrong is de
bio dev entry:

[EMAIL PROTECTED]:35]$ ls -l /dev/bio*
crw---  1 root  wheel   79,   0 Jul  7 20:34 /dev/bio
[EMAIL PROTECTED]:36]$ 

-Otto

Re: Theorical question on dual core vs single CPU in routing setup.

[Otto Moerbeek]

On Sat, 26 Nov 2005, Daniel Ouellet wrote:

 Here a question I found interesting for my own education, and I am trying to
 come to peace with as far as applications usage with dual core, or
 multi-processor vs single one.
 
 I was asking myself if I would actually benefit from a dual core processor, or
 multi-processor system in a routing setup and more I think about it, I would
 think not as the application is not multi-treads to start with and there isn't
 must else running as well.
 
 Am I wrong in my understanding?

If you run a routing daemon, and are doing routing your are doing
multiple things simultaneously: an application (which in some cases
consists of multiple processes) and the kernel both do work.

 
 Looking at the code of bgpd/ospfs, I don't see it design as using multiple
 treads ( doesn't mean I understand it fully either) so it wouldn't benefit
 from a dual core server then, and as the routing table basically is process by
 the kernel, I would think it would be useless to have multi core no?

The current thread library does not take advantage of mult-core or
multi-procesoer setups. There's work being done on an alternative
threading implementation which does take advantage of having more than
one processor, but that is not finished yet. 

Currently, the unit of scheduling is a process. The scheduling of
threads is done in userland by the pthreads library.

Currently a multi-threaded application will not benefit directly from
MP.

 
 In a setup where multiple applications are running, or where the applications
 are design with treads in it, yes, but here am I wrong to think that for a
 setup where routing with multiple Ethernet ports and where bgpd/ospfd is
 running with pf that it wouldn't really be a benefit? They all are dependent
 on each other and as such would need to wait anyway if the routing table
 changed.
 
 Can someone correct my understanding, or lack there of, I was curious about
 that now.

The kernel itself does not take advantage of multiple CPUs. But the
routing daemon _might_ benefit from having multiple CPUs. The answer is
also dependent on the impact GENERIC.MP has on performance, because it
does introduce overhead, havig to coordinate things between the CPUs.

So the only real way of answering this is to do measurements.

 Multi-processor is only useful when you can do multiple things, not related to
 each other at the same time, or the application is design with treads in mind,
 so here I guess the benefit would be minimal no?
 
 Unless I miss something in the code, or something in how bsd.mp works (as it
 would be required to run dual core CPU), may as well put the money for the
 speed instead of dual core no?
 
 It's not a big issue, but it got me thinking about it at the point that I
 really got curious as to the outcome now, and wonder if I actually understand
 it right, or if I am full of it!
 
 Thanks for your time.
 
 Daniel

If the kernel is busy, an MP setup might help since the other
processor(s) are available for user processes, but if these processes
often require services from the kernel, the benefits of MP will be low, and
in some cases even be negative. 

-Otto

Re: Updated CCD Mirroring HOWTO

[Otto Moerbeek]

On Sat, 26 Nov 2005, Robbert Haarman wrote:

 The reason I wrote the HOWTO is that, in my opinion of course, the 
 manpages don't make it clear how to set things up. Searching the 
 archives for more information came up with some contradictory messages, 
 and some instances of people being misled by the way things worked and 
 the way things were described in the manpages. My HOWTO is an effort to 
 gather the relevant information in one place, and provide clear steps 
 for getting things working. Replacing the HOWTO with links to the 
 manpages is not an option, because, first of all, the manpages don't 
 provide the information that the HOWTO does, and secondly, the manpages 
 are already assumed to have been read, so linking to them again wouldn't 
 add anything.
 
 I completely understand your position that documentation should provide 
 the details people need to understand how things work. I agree with 
 that. I would have provided this information if I had, myself, known how 
 things work. However, I don't know this, and it seems the only way to 
 find it out would be to read the source code of various parts of the 
 kernel. Still, I figured I had learned enough to write a useful and 
 helpful document that at least described how to get things running. You 
 clearly think this is harmful; I think it might help some people.

It is much more helpfull if you describe what information you feel is
missing, unclear or incorrect in the man pages.

Getting things running on a certain setup does not mean your procedure
will work in another situation. That's the big danger of promoting
some notes on how you did something to something that is suggesting it
is the right way of doing things.

Man pages are the autorative documentation. If you find them lacking,
help us in making them better.

-Otto

Re: Theorical question on dual core vs single CPU in routing setup.

[Otto Moerbeek]

On Sun, 27 Nov 2005, Daniel Ouellet wrote:

 Henning Brauer wrote:
  * Daniel Ouellet [EMAIL PROTECTED] [2005-11-26 08:57]:
   Looking at the code of bgpd/ospfs, I don't see it design as using multiple
   treads ( doesn't mean I understand it fully either) so it wouldn't benefit
   from a dual core server then, and as the routing table basically is
   process by the kernel, I would think it would be useless to have multi
   core no?
  
  
  
  bgpd and ospfd are not threaded at all, on purpose.
  
  however, they are multiple processes. in case of bgpd, the session engine
  and the parent process on one CPU and the RDE on the other should give
  performance benefits. and you're not only doing bgpd, you are also
  forwarding packets, so MP might really improve your total performance.
  
 
 I thought about this, but I am still not sure that it would benefit. I didn't
 asked before on Otto answer where:
 
 If you run a routing daemon, and are doing routing your are doing
 multiple things simultaneously: an application (which in some cases
 consists of multiple processes) and the kernel both do work
 
 Isn't it that all the routing changes anyway, either from BGPd or OSPFd are
 both ending in the PF table at the kernel level. That's what I understand

That's a misunderstanding: pf does not route, it's the ip layer code
in the kernel. Hint: routing existed before anybody even though of firewalls.

 anyway and unless I miss something PF in that case would be the party making
 the routing here and PF been single tread and looking at the process list, I
 don't see multiple pf processes, so the routing would be a linear process so
 multi core, or even multi processor wouldn't really help for that. Yes, they
 could for BGP session flap, etc. But that's about it no? In short, it the
 setup was perfect ( no such thing obviously) meaning no route changes for
 flap, but only for new additions of networks, etc. The routing table wouldn't

Indeed, if the route deamon does nothing, only the kernel is doing
work. In general the work being done will be something like:

Interface receives a packet, driver puts it on queue, ip layer picks
up packet, decides on route, puts it on queue and kicks the driver of
the outgoing interface, which sends it out. If pf ius active, it will
do its thing too, of course.

 change and as such the process would be PF doing the work in a linear fashion
 making the use of multi core, or multi processor useless in that case, or may
 be even negatively impact it?

As Henning said, in some cases interrupt processing on MP machines
might be faster.

 I agree that there might be something I don't understand that may affect this
 and that's why I try to see what may change that, but other then small process
 doing very little to start with and some changes to routing table because of
 flap, the routing itself of moving packets around wouldn't benefit, or may
 actually be impair par the scheduling of process no?
 
 I know this is a very remote question, but I am trying to make sure I
 understand it right. That's what I thought above anyway, is it right or wrong?

Yes, if the routing daemon is idle you are right. But in practise the
routing daemon will be active, and the impact on performance will be
hard to predict, bcause it is very much dependant on a lot of things.

 
 Daniel
 
 PS: Don't get me wrong, one OpenBSD router kills many times over a good size
 Cisco one, no questions there! But I am more interested in the efficiency of
 OpenBSD itself compare it itself as an understanding of how things work under
 the hood.

-Otto

Re: openbsd web site design proposals (from HOTO write bad docs)

[Otto Moerbeek]

On Mon, 28 Nov 2005, J.C. Roberts wrote:

 On Mon, 28 Nov 2005 10:29:43 -0500, Jeremy David
 [EMAIL PROTECTED] wrote:
 
 There are 5 errors on the main page alone. That means that no matter how
 useful the content on the website is, the code breaks down for a lot of
 people. Standards are important. Where HTML is concerned, they're doubly so,
 because there are so many different clients (browsers) being used by so many
 different kinds of people.
 
 Jeremy,
 
 I encourage you to do a bit more research before posting something like
 the above. Did you really think the compliance errors were never noticed
 before you pointed them out?
 
 Yes, you are right that the site is not perfectly W3C standards
 compliant. The point you missed is the overwhelming majority of clients
 (browsers) are *ALSO* not compliant with the standards. The supposed
 errors you pointed out are nothing more than work-arounds for
 non-compliant browsers. Contrary to your claims, those supposed errors
 do not break anything, instead they actually _FIX_ problems in buggy
 browsers.

It's even a FAQ: http://www.openbsd.org/faq/faq8.html#wwwnotstd

-Otto

Re: Frequency of 3.8 Malloc Options Check

[Otto Moerbeek]

On Tue, 29 Nov 2005, Dave Feustel wrote:

 On Tuesday 29 November 2005 19:19, Todd C. Miller wrote:
  Note that you can also set the malloc options from within a program
  you are developing.  I've found this to be quite useful for adding
  a belt and suspenders mode during developement (the use after
  free checks in particular).
 
   - todd
 
 Interesting! I hadn't thought of that possibility. I just tried defining
 MALLOC_OPTIONS as an environment symbol. I put in all the letters
 mentioned in 'man malloc' but malloc repeatedly reports the presence
 of an unknown letter.

it's likely D, which is not available by default, as documented.

-Otto

Re: Interesting ps -ax listing

[Otto Moerbeek]

On Wed, 30 Nov 2005, Dave Feustel wrote:

 While running kde 3.4.2 on OpenBSD 3.8, upon logging out from my normal user 
 id and then logging back in with a new user id and executing ps -ax, I found 
 an instance of kde kicker running before I had invoked startkde as the new 
 user. I was not able to delete the process using kill -9, so I  logged out,
 logged back in under the previous user name and then was able to delete the
 kicker task using kill -9. My understanding is that all user processes (eg,
 kde processes) are terminated when the user logs out. Is that correct?
 Any ideas as to how the user process survived the logout?

If a process detaches from the terminal, it will survive. Another way
is using nohup(1). 

If kde leaves processes hanging around, it looks like a bug in kde. 

-Otto

Re: USB stuff (was Re: theo)

[Otto Moerbeek]

On Fri, 2 Dec 2005, Shawn K. Quinn wrote:

 On Thu, 2005-12-01 at 22:51 -0600, [EMAIL PROTECTED] wrote:
  Considering the goals of OpenBSD, I would not expect USB rodents,
  sound cards or even video to be necessarily well supported.
 
 The reality is that USB gear is becoming much, much more common. USB
 HIDs (human interface devices) should be well supported, as in many
 cases that's all that is available (given that the USB-PS/2 adapters
 often get lost and are manufacturer-specific).
 
  If using the mouse was of prime importance, I'd use Windows
 
 Not a choice when freedom is *anywhere* on the list of concerns. I,
 personally, am actively boycotting Microsoft at the current time
 (including hardware and the Xb*x gaming consoles).
 
 Don't get me wrong, I don't use OpenBSD for everything either (I am
 writing this from a Debian GNU/Linux system). But asserting that USB
 device support in OpenBSD is unrealistic, is questionable at best and
 downright ludicrous at worst. We already have some USB-only KVM
 switches.
 
 -- 
 Shawn K. Quinn [EMAIL PROTECTED]

What are you trying to say?

USB support in OpenBSD is very decent. Of course there wil always be
machine/device combinations that have problems, but in general things
are fine.

-Otto

Re: find a file greater than X MB's

[Otto Moerbeek]

On Fri, 2 Dec 2005, Bob DeBolt wrote:

 Greets
 
 I have had an issue with a hard drive filling up in a very short time after 
 upgrading a software package. Although I resolved the issue and all is well 
 now, I spent more time than I should have looking for files greater than a 
 certain size. 
 
 I tried numerous combinations of find switches using the find man page and 
 on and on but couldn't get the simple result of files greater than a 
 specified size, 2MB in my case.
 
 I had a document several weeks ago that used a piped cut command and was very 
 cool indeed, can't find it now that I need it.
 
 I have come to realize there are so many more tools for openbsd ( unix in 
 general ) than I had realized to process the ouput as well.
 
 Any takers?

find . -size +2097152c

-Otto

Re: 3.8 userland build fails on amd64 and sparc64

[Otto Moerbeek]

On Mon, 5 Dec 2005, Dag Richards wrote:

 After extracting sources from the cd,  checking out current, building
 installing and booting from the new kernel, make build fails.
 
 
 The error message indicates that xargs is being called with an unsupported
 argument, -r as I recall.  If I then just build and install xargs the make
 build completes.
 
 This has happened now on both a sparc64 and an amd64 machine.

Always be sure to read http://www.openbsd.org/faq/current.html when
following -current.

-Otto

Re: gethostbyname in 3.8 returns error -1

[Otto Moerbeek]

On Tue, 6 Dec 2005, Federico Giannici wrote:

 Since I upgraded an OpenBSD/amd64 3.7 to 3.8 (following instructions in the
 Upgrade Guide) sometimes gethostbyname() returns NULL with h_errno equal to
 -1 (Resolver internal error).

What is the value of errno?

 
 The program (OpenSER 1.0.0) had no problems under 3.7.
 The domain string is correct.
 
 The error seems to appear the SECOND time the gethostbyname() function is
 called by the same process.
 
 What could be the problem?

Check the usual suspect: /etc/resolv.conf

If that does not help: there have been changes to the resolver code
between 3.7 and 3.8 as well. One thing is does is checking if
/etc/resolv.conf has been changed and then reload things.  We need
more info to see what is going on. OB

Compiling the resolver code with -DDEBUG and enabling debug by
including options debug in resolv.conf can give a clue.

Or ktrace the process.

-Otto

Re: NFS and Rebooting problem

[Otto Moerbeek]

On Wed, 7 Dec 2005, Denny White wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 
 I was hoping someone could shed some light with some good
 links, sample configurations, etc., that might help me
 with the following. Not looking for someone to fix it
 for me or anything like that. Maybe the following will show
 that I have tried reading, googling, experimenting, etc.,
 before asking. I don't want to have any settings too high
 to cause other problems, just to change what's neccessary.
 When I'd drag  drop files to copy from a windows xp box
 to an nfs share on the obsd box, the obsd system would
 reboot. I thought at first that it was either something
 conflicting from the xp box, or that I had a hardware
 problem on the obsd box. That had happened once with a
 bad simm, but I had replaced it  had had no further
 problems until now. Before running a time consuming
 memory test on the obsd box, I did some reading on obsd
 tunables, and am now able to copy a file over from the
 xp box without the system rebooting. Below is a list of
 the changes:
 
 net.inet.tcp.keepinittime=600
 net.inet.tcp.keepidle=28800
 net.inet.tcp.keepintvl=600
 net.inet.tcp.recvspace=65536 net.inet.tcp.sendspace=32768
 net.inet.udp.recvspace=83200 net.bpf.bufsize=65536 vfs.nfs.iothreads=4

What type of nfs mount are you using? v2 or v3; udp or tcp?

Any info on the console the moment the machine reboots? What is the
value of tyhe ddb.panic sysctl? Anything in the logs?

-Otto


 Before the problem started occurring, I was using softupdates. I tried running
 without them, thinking maybe that had some bearing on
 the problem. Apparently it didn't. The only thing that helped was the
 changes listed above. I read that if you increase the tcp.recvspace 
 tcp.sendspace too high, you can cause a kernel panic when booting.
 That hasn't happened so far, with the above values. Exactly how high
 I can go without problems, I don't know. The obsd box is used for email
  learning, mostly. No high usage production server. The largest file
 I've tried to copy to the nfs share since making the changes was about
 26mb. No reboot this time. Before the changes, about the largest I could
 copy without trouble was 2mb. Right now, I'm limited on memory. There's
 only 256mb on the obsd box. That might be a problem, too, if I keep
 increasing the above values. There is no problem with file sizes when
 using scp across the network. Forgot to mention that I had tested it
 too, by mounting an obsd nfs share over on a fbsd box  had tried to
 copy a large file over, resulting in a reboot. That was when I figured
 I had it narrowed down to hardware or an obsd settings problem, the
 latter apparently being the case. Thanks for any answers  advice.
 Below is output of uname -a  dmesg.
 
 OpenBSD badboybox.cableone.net 3.8 GENERIC#0 i386
 
 OpenBSD 3.8-stable (GENERIC) #0: Fri Dec  2 01:25:13 CST 2005
 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: Intel Pentium III (GenuineIntel 686-class) 601 MHz
 cpu0:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
 real mem  = 267952128 (261672K)
 avail mem = 237613056 (232044K)
 using 3296 buffers containing 13500416 bytes (13184K) of memory
 mainbus0 (root)
 bios0 at mainbus0: AT/286+(a7) BIOS, date 01/31/02, BIOS32 rev. 0 @ 0xfb4f0
 apm0 at bios0: Power Management spec V1.2
 apm0: AC on, battery charge unknown
 apm0: flags 70102 dobusy 1 doidle 1
 pcibios0 at bios0: rev 2.1 @ 0xf/0xb970
 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdd90/144 (7 entries)
 pcibios0: PCI Exclusive IRQs: 5 9 10 11
 pcibios0: PCI Interrupt Router at 000:07:0 (VIA VT82C596A ISA rev 0x00)
 pcibios0: PCI bus #1 is the last bus
 bios0: ROM list: 0xc/0x8000
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
 pchb0 at pci0 dev 0 function 0 VIA VT82C691 PCI rev 0xc4
 ppb0 at pci0 dev 1 function 0 VIA VT82C598 AGP rev 0x00
 pci1 at ppb0 bus 1
 pcib0 at pci0 dev 7 function 0 VIA VT82C686 ISA rev 0x22
 pciide0 at pci0 dev 7 function 1 VIA VT82C571 IDE rev 0x10: ATA66, channel 0
 configured to compatibility, channel 1 configured to compatibility
 wd0 at pciide0 channel 0 drive 0: WDC WD300BB-00AUA1
 wd0: 16-sector PIO, LBA, 28629MB, 58633344 sectors
 wd1 at pciide0 channel 0 drive 1: WDC WD400BB-00AUA1
 wd1: 16-sector PIO, LBA, 38166MB, 78165360 sectors
 wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 4
 atapiscsi0 at pciide0 channel 1 drive 0
 scsibus0 at atapiscsi0: 2 targets
 cd0 at scsibus0 targ 0 lun 0: HP, CD-Writer+ 9500b, 1.06 SCSI0 5/cdrom
 removable
 atapiscsi1 at pciide0 channel 1 drive 1
 scsibus1 at atapiscsi1: 2 targets
 cd1 at scsibus1 targ 0 lun 0: ASUS, CD-S500/A, 1.0K SCSI0 5/cdrom removable
 cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
 cd1(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2
 uhci0 at pci0 dev 7 function 2 VIA VT83C572 USB rev 0x10: irq 9
 usb0 at uhci0: USB 

Re: gethostbyname in 3.8 returns error -1

[Otto Moerbeek]

On Wed, 7 Dec 2005, Ted Unangst wrote:

 On 12/7/05, Federico Giannici [EMAIL PROTECTED] wrote:
   May it be relevant that the program is run chrootted???
  
   I'm going to make some tests, as soon as I have the time...
 
  Got it!
  I simply copied  /etc/resolv.conf to the chrootted path and the
  problem disappeared.
 
  So something changed beetween 3.7 and 3.8 in the way /etc/resolv.conf is
  accessed...
 
 i made some changes to the resolver, though they should deal with this
 situation (unless there's a bug).

I only grepped through the code of openser briefly, but this scenario
seems likely. 

1. App calls res_init() which calls _res_init(1); _resp-restimespe
does not get set 

2. App calls gethostbyname(), all is fine. 

3. App does chroot.  

4. App calls gethostbyname(), which calls _res_init(0). Let's assume
the recheck is done. The stat() will fail, but since _resp-restimespec
is not set, it will fall through and try to read /etc/resolv.conf from
within the chroot.


-Otto

Re: I dump'd my restore drive (request for confirmation)

[Otto Moerbeek]

On Wed, 7 Dec 2005, Whyzzi wrote:

 Well, I accidentally disklabeled it. I was playing with ccd recently
 and stupidly began ccd type recovery on a dump copy hard drive by
 entering disklabel and changing the unused wd2a partition into a
 4.2BSD partition, offset of course by 63, writing to the disklabel and
 returning to the command prompt. I tried to set things right (by
 resetting the things back to the way it was). Anywho, is there any
 chance of recovering what is on this hard drive?
 
 right now I see
 
 # disklabel -E wd2
 .. blah blah blah ...
 16 partitions:
 # sizeoffset  fstype [fsize bsize  cpg]
   a:  39102147 0  unused  0 0  # Cyl 0 - 
 38791*
   c:  39102336 0  unused  0 0  # Cyl 0 - 38791
 
 
 # restore -rvs 1 -f /dev/rwd2a
 Verify tape and initialize maps
 restore: /dev/rwd2a: Device not configured
 # restore -rvs 1 -f /dev/rwd2c
 Verify tape and initialize maps
 Tape block size is 32
 restore: Tape is not a dump tape
 
 It is, quite possible that it didn't work properly to begin with, as I
 did never check (my very bad).

The partition being of type unused does prevent it from being read.
Try changing it to 4.2BSD (m a command in disklabel editor). That'll
allow you to read it. Of course I don;t know how much damage has been
done and if restore will be able.


 
 I was wondering if there was any way to recover what is on that drive,
 say with dd or something, or a way to rebuild the dump. To be
 complete, since I've already poured gasoline over myself and lit the
 BBQ-lighter and gave it a big hug, I suspect the answer is no (in
 which case to be burned to a crisp) or there is something else left to
 try.
 
 Thanks for the Info! Either way I still feel like I'm hosed.
 
 --
 I know too much and yet do not practise what I know.

-Otto

Re: OpenNTPD does not 'pull-in' wrong time

[Otto Moerbeek]

On Tue, 13 Dec 2005, Uwe Dippel wrote:

 On Mon, 12 Dec 2005 22:30:07 -0500, Nick Holland wrote:
 
  1) set time properly, using rdate or ntpd -s.
 
 Done
 
  2) now how does it do?
 
 Drifting off:
 
 Dec 13 12:49:00 cip ntpd[26647]: ntp engine ready
 Dec 13 12:49:22 cip ntpd[26647]: peer 172.16.0.4 now valid
 Dec 13 12:50:16 cip ntpd[22805]: adjusting local clock by 39.362721s
 Dec 13 12:54:45 cip ntpd[22805]: adjusting local clock by 40.094713s
 Dec 13 12:55:20 cip ntpd[22805]: adjusting local clock by 45.676478s
 Dec 13 12:59:15 cip ntpd[22805]: adjusting local clock by 50.446791s
 Dec 13 13:02:33 cip ntpd[22805]: adjusting local clock by 51.229806s
 ...
 Dec 13 15:48:58 cip ntpd[22805]: adjusting local clock by 274.515302s
 Dec 13 15:52:48 cip ntpd[22805]: adjusting local clock by 279.199983s
 Dec 13 15:56:08 cip ntpd[22805]: adjusting local clock by 283.888464s
 
 
  HOWEVER, you may be dealing with a drift that is much bigger than ntpd
  is designed to handle.  Don't expect ntpd to make sense of a wildly
  drifting clock, it is only designed to provide little nudges in the
  right direction, not rework the entire clock hardware and software to
  compensate for a problem.
 
 I am pretty sure that this is what it is.

There is a fix in current concerning adjtime() adjusting in the wrong
direction, but that only happens with much larger offsets. That fix
also has nothing to do with UP vs MP. You are looking at a genuine mp
bug, it seems.

 So my question remains valid: How to get bsd.mp calculate time properly
 when bsd does ?

I have seen some some timekeeping related problems. But so far no
developer stepped up the really solve them. In most cases, the
problems are not that big.  But your hardware seems to be exposing a
bug in a much more dramatic way. 

 I had some suggestions in that earlier thread, but all was about setting
 ACPI, TSC. Nothing similar in the vast range of HP's BIOS settings.
 I read the config, in order to switch off ACPI, but as far as I found,
 there's naught.
 
 I feel a bit depressed, because I had made all this fuss about getting
 Dual core and run all the Internet-facing servers of our College of IT on
 OpenBSD; and now we're down to run single core. Makes me look stupid. I
 already had the first chap 'generously' offering to 'help out' with Fedora.

It is more or less to be expected that new hardware exposes problems
once in a while. Most of the time, things will be fine, but not always.

OpenBSD developers have (access to) a lot of gear, but not everything
under the sun. Also, most of the time, we only get access to new
hardware once it has been on the market for a while. New hardware does
not arrive magically in our hands.  Keep that in mind when selecting
machines.

-Otto

Re: login.conf - chpass - _mysql

[Otto Moerbeek]

On Fri, 16 Dec 2005, Uwe Dippel wrote:

 Just another curiosity:
 The archive is full of suggestions to combat the dreaded MySQL Error No.9
 with a specific login class (and others); usually suggested to be 'mysql'
 in login.conf.
 
 Now, for reasons of pure logic and beauty, I call it _mysql.
 Then - if my logic is correct - I need to define this class for the user
 _mysql. 'chpass' is a way. Alas, it won't accept neither _mysql nor mysql
 as class and mumbles something about a typo.

Please report exact command lines and error messages.

 This I don't understand, because from the creation of login.conf onwards,
 _mysql is shown as possible login class with adduser. Would this be a bug
 in chpass ? Using vipw permits this change, though.
 
 Second: In my understanding, rc runs as daemon; so will there be any
 effect to starting mysql in rc.local through this class ? Will rc not
 automatically and irrevocably start mysql with the parameters of daemon
 (login class) ?
 The only way I could imagine this class to ever take effect would be when
 starting mysql as root with sudo on an already running box.
 
 All this could be badly wrong, though. Please correct me if it is !
 Only, if it is: Is this (_)mysql login class not rather useless ? Should
 we then not rather put _mysql into daemon; in order to have exactly the
 same parameters starting from rc (at boot) and anytime later ?

Use su(1) to start the command with a given login class.

-Otto

Re: login.conf - chpass - _mysql

[Otto Moerbeek]

On Fri, 16 Dec 2005, Uwe Dippel wrote:

 On Thu, 15 Dec 2005 18:07:52 +0100, Otto Moerbeek wrote:
 
  Please report exact command lines and error messages.
 
 chpass _mysql
 [change daemon into mysql or _mysql]; :wq
 chpass: illegal character in the class field
 re-edit the password file? [y]:

I cannot reproduce this here. _mysql is accepted and processed correctly.

 
  Use su(1) to start the command with a given login class.
 
 like
 # su -c _mysql _mysql -c date
 This account is currently not available.
 ?
 
 Hey, I don't want to offend anyone in here !
 I only found some 20 occurrences of that additional login class and the
 same number of this suggestion. While typing, I asked myself, how the
 environment will be picked up, ever. And started to think ... and started
 to have doubts.

You'll have to give it the right args:

# su -m -c staff bin -c ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 159744
stack(kbytes)4096
lockedmem(kbytes)157262
memory(kbytes)   471136
nofiles(descriptors) 64
processes128
# su -m -c daemon bin -c ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 524288
stack(kbytes)8192
lockedmem(kbytes)157262
memory(kbytes)   471136
nofiles(descriptors) 128
processes532
# 

 I bet 90% of those people who report success with mysql with this class do
 not have it due to this login class, but due to the values of the daemon
 class. With which their mysql runs, incidentially.
 
 # sudo -c _mysql -u _mysql date
 Fri Dec 16 09:51:03 SGT 2005
 
 This is what I was hinting at in my post, btw. This is the only thing I
 got working for a user with nologin.

-Otto

Re: A Little Tip for OpenBSD Users of KDE

[Otto Moerbeek]

On Tue, 27 Dec 2005, Dave Feustel wrote:

 by KDE are root-owned and world rw. There is also a problem with the socket
 /tmp/.X11-unix/X0. This is documented on the web and even in an OpenBSD
 presentation on XFree86 from about 2002.

Dunno about KDE but can you elaborate or give refs why having a world
writable unix domain socket is considered a problem?

The references I've found talk about a missing sticky bit on the
/tmp/.X11-unix dir, which is something different.

-Otto

Re: A Little Tip for OpenBSD Users of KDE

[Otto Moerbeek]

On Tue, 27 Dec 2005, Dave Feustel wrote:

 On Tuesday 27 December 2005 11:05, Otto Moerbeek wrote:
  
  On Tue, 27 Dec 2005, Dave Feustel wrote:
  
   by KDE are root-owned and world rw. There is also a problem with the 
   socket
   /tmp/.X11-unix/X0. This is documented on the web and even in an OpenBSD
   presentation on XFree86 from about 2002.
  
  Dunno about KDE but can you elaborate or give refs why having a world
  writable unix domain socket is considered a problem?
 
 Here is a presentation of XFree86 security issues that I found yesterday
 that seems to be relevant. X0 permissions are specifically addressed. I am 
 definitely having fewer (if any) problems after several times rm'ing the tmp 
 files associated with Xorg and KDE. I've done it with no problems except 
 when I do it while KDE is running. Then DCOP dies. The most reliable way
 of reactivating DCOP correctly is (right now) to reboot KDE.
 
 http://www.openbsd.org/papers/xf86-sec.pdf

Indeed this paper mentions problems withg unix domain sockets. But it
is talking about socket _creation_, not _using_ the a unix domain
socket.

So far you only have given very vague, circumstantial evidence.

-Otto

Re: A Little Tip for OpenBSD Users of KDE

[Otto Moerbeek]

On Tue, 27 Dec 2005, Ted Unangst wrote:

 On 12/27/05, Otto Moerbeek [EMAIL PROTECTED] wrote:
  On Tue, 27 Dec 2005, Dave Feustel wrote:
 
   by KDE are root-owned and world rw. There is also a problem with the 
   socket
   /tmp/.X11-unix/X0. This is documented on the web and even in an OpenBSD
   presentation on XFree86 from about 2002.
 
  Dunno about KDE but can you elaborate or give refs why having a world
  writable unix domain socket is considered a problem?
 
 this is obviously a source of confusion.  the permissions on a socket
 mean *nothing*.  anyone can open any socket regardless of permissions,
 so long as they have necessary directory permissions to find it.

That used to be the case. But since quite some time, you'll need
write permission to open a unix domain socket.

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/kern/uipc_usrreq.c?rev=1.2content-type=text/x-cvsweb-markup

-Otto

Re: now, some issues that are OBSD front and center

[Otto Moerbeek]

On Tue, 27 Dec 2005, Julesg wrote:

 So I spent yesterday putting up a nice OpenBSD box;  Lot's of space, very 
 fast -- and first thing today I discovered that EGCS does not equal GCC.
 
 I'd like to know what's involved in removing EGCS and installing GCC?
 
 And if you aren't a compiler person, my guess is that this not a trivial 
 thing to do;  And this has nothing to do with what I like, or even which is 
 better;  I have lot's of code that simply bombs!  Even using -g I can't say 
 br main in gdb.  It bombs BEFORE execution -- though it works fine on gcc 
 on FreeBSD.

Please wrap your lines. And next time include some details. Check
www.openbsd.html/report.html and mail.html.

If your code bombs, my advice would be to check the code, not
change compiler. OpenBSd has some more restrictive memory management,
which proabbly has triggered a bug in your code.

Depending on platform, OpenBSD uses gcc 2.95 or gcc 3.3.5, both
modified to suit our needs.  You cannot switch compilers without
breaking things. 

As for crashing before main is called: that might happen, but you
still have a core file which can help you spot the problem.

 
 So I already know the problem, it's memory -- I come pretty close to the 
 limit's of the environment.
 
 So, has anyone swapped compilers re OpenBSD?

What makes you think that will solve you problem?

-Otto

Re: Blowfish still good enough?

[Otto Moerbeek]

On Fri, 30 Dec 2005, Travers Buda wrote:

 On Friday 30 December 2005 00:08, Damien Miller wrote:
  On Thu, 29 Dec 2005, Travers Buda wrote:
   The key schedule in both is _much_ faster than Blowfish.
 
  That is not a feature, at least not in the contexts where we use
  blowfish most.
 
 Yes, I realize that. I did not say fast key schedules are desireable. 
 You're jumping the gun.
 
  guess what? We have used long salts with Blowfish passwords since at
  least 1999.
 
 I was unaware of this. I shall read that paper before I continue 
 replying. 
 
  If there is a use of Blowfish in OpenBSD that you think is
  inappropriate then please send diffs.
 
 I'm not concerned with the use of Blowfish in the password file, rather 
 I think it's the best choice. What I think is irrelevent here 
 really--the facts speak for themselves. 
 
 What I'm concerned about is the use of Blowfish in vm.swapencrypt.enable 
 and vnconfig -k. Just because its use in the password file is genius, 
 does not necessairly mean it would make for the best option elsewhere. 

Swapencrypt uses aes. Check /usr/src/sys/uvm/uvm_swap_encrypt.c

 
 What I'm worried about is that several devs implemented this fantastic 
 password file scheme, then perhaps (no accusations yet) got deluded 
 that Blowfish is the greatest thing since sliced bread and decided it's 
 fit for everything--including their laundry. 

If you do not trust us, why use OpenBSD?

 
  If there is a use of Blowfish in OpenBSD that you think is.
  inappropriate then please send diffs.  
 
 I am in the process of learning various languages, starting with C. 
 (Crypto still affects everyone--including those who don't program or 
 are cryptographers.) I also would hope that things would be evaluated 
 for problems before solutions are applied.
 
 I'm just looking for some reassurances, Mr. Miller. Docs are preferable, 
 unfortunately the informative link you sent me earlier does not cover 
 the use of Blowfish elsewhere in OpenBSD. That's what I've been looking 
 for; I had to turn here since I could not find such info. 
 
 I also knew I'd get lambasted on misc since the prospect of a lack of 
 documentation of OpenBSD is preposterous. 
 

-Otto

Re: UDF - where are we ?

[Otto Moerbeek]

On Fri, 30 Dec 2005, Uwe Dippel wrote:

 Tried the last hours to debug a growisofs problem; which finally turned
 out to be a UDF problem; after I found
 http://groups.google.com.my/group/mailing.openbsd.bugs/browse_frm/thread/cc83628ed178e43c/433bf632f7ad2f55?tvc=1#433bf632f7ad2f55
 
 growisofs writes proper DVDs of any size; only mount doesn't work; any
 file larger than 2 GB will show with wrong content and a negative size.
 No wonder, it mounts as iso9660.
 But how do I get it mounted as udf ? I tried 
 mount -t udf /dev/cd0c /dvd, but it comes with a blue kernel message: 
 udf-mount: enforcing read-only mode
 mount -t udf /dev/cd0c dvd
 mount_udf: mount: Invalid argument
 while
 mount /dev/cd0c dvd
 is fine, but as iso9660
 
 The FAQ says: 
 The newer Universal Disk Format (UDF) filesystem on some
 DVDs is not supported. However, almost all DVD-Video and DVD-ROM discs use the
 UDF bridge format, which is a combination of the DVD MicroUDF (subset of UDF
 1.02) and ISO 9660 file systems. This bridge format provides backwards
 compatibility for operating systems which do not yet support UDF.
 
 And man mount_udf says:
 The mount_udf command attaches a UDF filesystem (typically found on a
 DVD) residing on the device special to the global filesystem namespace at
 the location indicated by node.  This command is invoked by mount(8) when
 using the syntax
 
 mount [options] -t udf special node
 
 Can someone please shed a light on this, thanks,

What does disklabel cd0 say?

-Otto

Re: Current installed on 1.1: Problems using svnd?

[Otto Moerbeek]

On Mon, 2 Jan 2006, [EMAIL PROTECTED] wrote:

 Hello everybody,
 
 I installed oBSD current for AMD64 on 1.1.2006, created a encrypted
 partition for /home and ran into some trouble.
 
 The permissions for /home or /tmp didn't changed:
 drwxr-xr-x   6 root  wheel  512 Jan  2 07:59 tmp
 drwxr-xr-x   2 root  wheel  512 Jan  1 17:11 crypto
 
 /crypto is the place where the cryptfile is stored.
 svnd is used to mount it to /home where the home of the normal users are.
 
 The problems I noticed are those:
 
 $ eval `ssh-agent`
 mkdtemp: private socket dir: Permission denied
 $ sylpheed
 bind: Permission denied
 
 Could somebody point me to my error because for me it makes no sense that
 just because of a crypto-partition these things break.

Your tmp has wrong permissions. Should be 1777.

-Otto

 
 mount output:
 $ mount
 /dev/sd0a on / type ffs (local, softdep)
 /dev/sd0h on /crypto type ffs (local, nodev, nosuid, softdep)
 /dev/sd0d on /tmp type ffs (local, nodev, nosuid, softdep)
 /dev/sd0g on /usr type ffs (local, nodev, softdep)
 /dev/sd0f on /var type ffs (local, nodev, nosuid, softdep)
 /dev/svnd0c on /home type ffs (local, nodev, nosuid, softdep)
 
 $ uname -a
 OpenBSD bird.home.net 3.8 GENERIC.MP#663 amd64
 $ id
 uid=1000(sebastian) gid=1000(sebastian) groups=1000(sebastian), 0(wheel)
 
 Shell-Code from /etc/rc.local
 
 /usr/sbin/vnconfig -ck /dev/svnd0c /crypto/cryptfile
 sleep 1
 /sbin/mount -o softdep,nodev,nosuid -f /dev/svnd0c /home
 
 And the Shell-Code from 7etc/rc.shutdown
 
 /sbin/umount /home
 sleep 1
 /usr/sbin/vnconfig -u /dev/svnd0c
 
 
 It would be nice if somebody would tell me where I did a misstake because
 I see no logical reasons why these things fail now.
 
 The only thing wich changed is that I tried to use a cryptopartition for
 the whole /home now.
 
 Kind regards,
 Sebastian
 -- 
 Don't buy anything from YeongYang.
 Their Computercases are expensiv, they WTX-powersuplies start burning and
 their support refuse any RMA even there's still some warenty.

Re: tar(1) File is too long for ustar

[Otto Moerbeek]

On Mon, 2 Jan 2006, Nuno Morgadinho wrote:

 How to use tar(1) to compress ridiculous large files? 
 
 #tar cvfz /dev/rst0 /fitabackup
 /fitabackup/server1.tgz
 /fitabackup/server3.tgz
 * tar: File is too long for ustar /fitabackup/server3.tgz *
 
 server3.tgz has 10.0Gb.

I must be stupid or this error message is not generated by tar. Please
provide the EXACT message, and an ls -l of the /fitabackup dir.

ustar is supposed to handle files up to 64G.

-Otto

Re: tar(1) File is too long for ustar

[Otto Moerbeek]

On Mon, 2 Jan 2006, Matthias Kilian wrote:

 On Mon, Jan 02, 2006 at 08:44:02PM +0100, Otto Moerbeek wrote:
   * tar: File is too long for ustar /fitabackup/server3.tgz *
 [...]
   server3.tgz has 10.0Gb.
  
  I must be stupid or this error message is not generated by tar. Please
  provide the EXACT message, and an ls -l of the /fitabackup dir.
 
 It's in /usr/src/bin/tar/tar.c, line 1028.

Ok, I'm stupid, sorry.

 
  ustar is supposed to handle files up to 64G.
 
 If I don't misinterpret the code, the problem is that the size for
 a 10GB file needs 12 octal digits, which doen't fit 0-terminated
 into hd-size.

Wonder if hd-size should be 0-terminated, but no time to check now.

-Otto

Re: tar(1) File is too long for ustar

[Otto Moerbeek]

On Mon, 2 Jan 2006, Matthias Kilian wrote:

 On Mon, Jan 02, 2006 at 10:05:21PM +0100, Otto Moerbeek wrote:
   If I don't misinterpret the code, the problem is that the size for
   a 10GB file needs 12 octal digits, which doen't fit 0-terminated
   into hd-size.
  
  Wonder if hd-size should be 0-terminated, but no time to check now.
 
 IMHO, it should.
 
 Quoting 1003.1 (2004 ed.): [The last sentence is important]
 
 The fields magic, uname, and gname are character strings
 each terminated by a NUL character. The fields name, linkname,
 and prefix are NUL-terminated character strings except when
 all characters in the array contain non-NUL characters
 including the last character.  The version field is two
 octets containing the characters 00 (zero-zero). The
 typeflag contains a single character. All other fields are
 leading zero-filled octal numbers using digits from the
 ISO/IEC 646:1991 standard IRV. Each numeric field is
 terminated by one or more space or NUL characters.
 
 It's POSIX, thus it's odd.

OK, then the cpio man page in -current is in error.

BTW, to solve the OP problem: try using dump(8) instead of tar(1).

-Otto

Re: NFS-Question (nfs-server timeouts..?)

[Otto Moerbeek]

On Tue, 3 Jan 2006, Sebastian Rother wrote:

 Hi everybody,
 
 I've a question related to NFS.
 
 I#ve 2 PCs at home. One is a Server (NFS) running 3.8 and the other is my
 workstation running current.
 
 Server provides a NFS-Share. Let's call it /nfs
 Workstation mounts the NFS-Share into /mnt/nfs
 
 If the Workstation calculates something and I power off the Server to
 save some energy and power on this system later the workstation
 will NOT be able to read/write anything to the NFS-Share.
 It will simply report:
 
 nfs server server:/nfs: not responding
 
 The workstation will not hang but the shell where I did e.g.
 ls /mnt/nfs hangs and can't get killed anyway.
 
 Even a sudo umount -f /mnt/nfs stoped working and reported the same
 error-message.
 
 I would say it's a Bug in the NFS-Implementation because it should
 handle such things.
 
 My fstab-entry is:
 server:/nfs on /mnt/nfs type nfs (nodev, nosuid, v3, tcp, soft, intr,
 timeo=100)
 
 So there IS a timeout specified but it wont help.
 The only solution is to reboot the workstation.
 
 So is this a Problem related to NFS or did I missed anything???
 It seams just during a reboot the timeout is noticed so after ~some
 seconds the machine will reboot.
 
 I've the same issues with an 3.8 Client so it shouldn't be
 current-related.

A workaround is probably not to use tcp. I use udp here (with standard
options), and my clients recover nicely after a server
powerdown/powerup. 

-Otto

Re: vnconfig strange behaviour (or my mistake?)

[Otto Moerbeek]

On Wed, 4 Jan 2006, Vladas Urbonas wrote:

 Hi all, sorry for bothering.
 
 My problem is as follows:
 
 0. 3.8 GENERIC
 1. I am creating 1.5Gb all-zeroes file with dd
 2. vnconfig -ck /dev/svnd0c file.img
 3. fdisk -e /dev/rsvnd0c

use fdisk -i svnd0, much easier.

 4. dislabel -E /dev/rsvnd0c

disklabel -E svnd0, delete extisting 'a' partition and recreate with
default values.

 5. newfs /dev/rsvnd0c

Use /dev/rsvnd0a 

 6. mount /dev/svnd0c /mnt
 7. copying in files into /mnt
 
 And after this the file.img becomes like 800Gb on
 the filesystem.
 
 df shows that /mnt size is 1.5 as expected.
 
 
 Is it a sign of a bad disk (I have tried this on several
 different partitions, with two different machines - still
 the same), or I am overlooking something way to
 obviuous.
 
 
 
 Would be grateful for any of your comments, suggestions.
 
 
 Vladas

Re: stupid sata raid question

[Otto Moerbeek]

On Tue, 3 Jan 2006, Bryan Irvine wrote:

 Is there a good/cheap SATA RAID card that doesn't use that retarded soft 
 RAID?
 
 In other words, will this card present itself to OBSD at install as a
 single disk?
 
 http://www.lsilogic.com/products/megaraid/sata_150_4.html

yes,

-Otto

Re: DadOS - sys shutdown with XDM

[Otto Moerbeek]

On Tue, 3 Jan 2006, Dave Feustel wrote:

 On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
 
  The rule of thumb for granting privileges is simple; avoid granting
  permissions whenever possible.
 
 Check the ownership/privileges on /tmp/.X11-unix/X0 after you start kde or 
 Xorg.

Come on, this is a unix domain socket, as has been pointed out before.
You keep on repeating this nonsense. Having a world writable socket is
not a problem in itself. X has it's own authentication/authorization
scheme, which is used both for unix domain sockets and tcp sockets. 

 Also check the ownership/privileges on the /dev/[pt]typ* pair allocated
 to any konsole session running under kde on openbsd. 

Now that is likely a problem. A workaround is to use xterm instead
of konsole.

-Otto

Re: DadOS - sys shutdown with XDM

[Otto Moerbeek]

On Tue, 3 Jan 2006, Dave Feustel wrote:

 On Tuesday 03 January 2006 17:50, Otto Moerbeek wrote:
  
  On Tue, 3 Jan 2006, Dave Feustel wrote:
  
   On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
   
The rule of thumb for granting privileges is simple; avoid granting
permissions whenever possible.
   
   Check the ownership/privileges on /tmp/.X11-unix/X0 after you start kde 
   or Xorg.
  
  Come on, this is a unix domain socket, as has been pointed out before.
  You keep on repeating this nonsense. Having a world writable socket is
  not a problem in itself. X has it's own authentication/authorization
  scheme, which is used both for unix domain sockets and tcp sockets. 
 
 I confess that I do not understand the ramifications of the world rw+suid
 permissions on this socket. I do wonder why this socket has world rw when 
 it seems to work equally well after I do a chmod 4700 on it at the beginning 
 of every kde session. Do not the permissions applied to this socket violate 
 the principle of least privilege mentioned above?

It does not have suid permissions. This clearly shows you understand
little about permissions. Hint: it's a socket, starting with an 's'.

The princpiple is not violated, because having the socket writable for
others has it's uses, maybe?

-Otto

Re: How Do I Get snprintf(3) to Return -1?

[Otto Moerbeek]

On Thu, 5 Jan 2006, veins wrote:

  I'm having trouble making snprintf return -1.  I've tried stuff like:
  
  len = snprintf(str, 0, %.-Z\n, 9);
  printf(%d, len);
  
  but that just prints `2'.  Does snprintf ever return -1?
  
  -Ray-
   
 you might want to take a look at how vfprintf() is implemented in
/usr/src/lib/libc/stdio/

But that's just the implemenation. Which can change. The API defines
snprintf can return -1, so you should check for it.

On systems that support wide chars, snprintf can return -1 if an
encoding problem has occurred, for example.

-Otto

Re: MAXNAMLEN, NAME_MAX, FILENAME_MAX Plus One or Not?

[Otto Moerbeek]

On Fri, 6 Jan 2006, Ray Lai wrote:

 What are the proper uses of MAXNAMLEN, NAME_MAX, and FILENAME_MAX?
 Do they represent filenames with or without paths?  Do they include
 the terminating null or not?  The source seems inconsistent:

Posix says: {NAME_MAX} Maximum number of bytes in a filename (not
including terminating null).  Minimum Acceptable Value:
{_POSIX_NAME_MAX}

The other two are non-posix:

MAXNAMLEN is file name length, not a path, excluding the NUL byte.

FILENAME_MAX is from ANSI C, in practise it's value is equal to the
posix PATH_MAX, which is the maximum length of a path name _including_
NUL.

In practice, a lot of unix programs use MAXPATHLEN, which is in
general equal to the posix PATH_MAX.


-Otto

Re: NIS Problems

[Otto Moerbeek]

On Sat, 7 Jan 2006, Lachlan Gunn wrote:

 Hi,
 I'm setting up NIS for my home network using OpenBSD on the
 server-side.  However, when I try to make changes (ie. to the
 passwords) on the client side (Gentoo Linux) it responds with an error
 (without any information on what that error is).  Upon attempting to
 do the same operation on the OpenBSD box, it responds with an error
 telling me Couldn't change YP password information..
 
 Am I understanding correctly that I am supposed to be using chsh -y?
 chsh without the -y only changes the local data without modifying the
 NIS-stored data.

Check rc.conf, yppasswd is disabled by default.

-Otto

Re: pf not logging to /var/log/pflog...

[Otto Moerbeek]

On Mon, 9 Jan 2006, poncenby smythe wrote:

 On 9 Jan 2006, at 10:43, Olivier Mehani wrote:
 
  On Sun, Jan 08, 2006 at 10:51:12PM +, poncenby smythe wrote:
   I am running 3.8 GENERIC on i386 and can't figure out why pf isn't
   logging
   the packets I've told it to, here is a snippet from /etc/ pf.conf...
  
  Maybe a stupid check, but did you enable pf in rc.conf ?
 
 pf is set to NO in /etc/rc.conf, but is enabled with the following commands in
 ppp.linkup script:
 
 adsl:
! sh -c /sbin/ifconfig pflog0 up
! sh -c /sbin/pfctl -f /etc/pf.conf -e
 
 the ppp link is called adsl and running pfctl -ss reports pf is enabled.

Why enable pf only when the link is up? It's non-standard and
potentially dangarous. You're better of using the standard way of
enabling pf.

-Otto

Re: pf not logging to /var/log/pflog...

[Otto Moerbeek]

On Mon, 9 Jan 2006, poncenby smythe wrote:

 On 9 Jan 2006, at 19:37, Otto Moerbeek wrote:
 
  
  On Mon, 9 Jan 2006, poncenby smythe wrote:
  
   On 9 Jan 2006, at 10:43, Olivier Mehani wrote:
   
On Sun, Jan 08, 2006 at 10:51:12PM +, poncenby smythe wrote:
 I am running 3.8 GENERIC on i386 and can't figure out why pf isn't
 logging
 the packets I've told it to, here is a snippet from /etc/ pf.conf...

Maybe a stupid check, but did you enable pf in rc.conf ?
   
   pf is set to NO in /etc/rc.conf, but is enabled with the following
   commands in
   ppp.linkup script:
   
   adsl:
 ! sh -c /sbin/ifconfig pflog0 up
 ! sh -c /sbin/pfctl -f /etc/pf.conf -e
   
   the ppp link is called adsl and running pfctl -ss reports pf is enabled.
  
  Why enable pf only when the link is up? It's non-standard and
  potentially dangarous. You're better of using the standard way of
  enabling pf.
 
 Making PF=YES in /etc/rc.conf does not seem to work as required due to my pf
 complaining it cannot determine an ip address for the tun0 interface, and then
 falls back on what I assume is a default rule set of some kind. I would rather
 not use ppp.linkup to start pf but don't know how to change the order daemons
 start (ppp is handled by daemontools which I guess is going to make it even
 harder), although I would rather not use daemontools for ppp.

Check the () syntax for interfaces. It was designed to handle these
kind of situations.

-Otto

Re: pf not logging to /var/log/pflog...

[Otto Moerbeek]

On Mon, 9 Jan 2006, Olivier Mehani wrote:

 On Mon, Jan 09, 2006 at 08:37:04PM +0100, Otto Moerbeek wrote:
   adsl:
  ! sh -c /sbin/ifconfig pflog0 up
 
 As far as I remember, it's not necessary to ifconfig pflog0 up to use it.
 
  Why enable pf only when the link is up? It's non-standard and
  potentially dangarous. You're better of using the standard way of
  enabling pf.
 
 However non standard, I don't clearly see the potential danger in this. Can 
 you
 elaborate ?

- There's a race between getting the net up and pf being enabled. That
means there's a moment in time when you are not protected.

 - Assume that sometimes things go wrong. You make a typo in pf.conf,
for example. What would happen if you reboot?

-Otto

Re: df -h stats for same file systems display different result son AMD64 then on i386

[Otto Moerbeek]

On Sun, 15 Jan 2006, Daniel Ouellet wrote:

[snip lots of talk by a confused person]

 16 partitions:
 # sizeoffset  fstype [fsize bsize  cpg]
   a:52409763  4.2BSD   2048 16384  328 # Cyl 0*-   519
   b:   8388576524160swap   # Cyl   520 -  8841
   c:  78165360 0  unused  0 0  # Cyl 0 - 77544
   d:   2097648   8912736  4.2BSD   2048 16384  328 # Cyl  8842 - 10922
   e:  52429104  11010384  4.2BSD   2048 16384  328 # Cyl 10923 - 62935
   f:   2097648  63439488  4.2BSD   2048 16384  328 # Cyl 62936 - 65016
   g:  10486224  65537136  4.2BSD   2048 16384  328 # Cyl 65017 - 75419
   h:   2132865  76023360  4.2BSD   2048 16384  328 # Cyl 75420 -
 77535*

 16 partitions:
 # sizeoffset  fstype [fsize bsize  cpg]
   a:52409763  4.2BSD   1024  8192   86 # Cyl 0*-   519
   b:   8388576524160swap   # Cyl   520 -  8841
   c:  58633344 0  unused  0 0  # Cyl 0 - 58167
   d:   1048320   8912736  4.2BSD   1024  8192   86 # Cyl  8842 -  9881
   e:  27263376   9961056  4.2BSD   1024  8192   86 # Cyl  9882 - 36928
   f:   2097648  37224432  4.2BSD   1024  8192   86 # Cyl 36929 - 39009
   g:   9436896  39322080  4.2BSD   1024  8192   86 # Cyl 39010 - 48371
   h:   9874368  48758976  4.2BSD   1024  8192   86 # Cyl 48372 - 58167

Since the bsize and fsize differ, it is expected that the used kbytes of the
file systems differ. Also, the inode table size will not be the same.

You're comparing apples and oranges.

BTW, you don't say which version(s) you are running. That's bad. since
some bugs were fixed in the -h display. Run df without -h to see the
real numbers.

To check if the inode/block/fragment free numbers add up, you could
use dumpfs, but that is a hell of a lot of work. 

-Otto

Re: df -h stats for same file systems display different result son AMD64 then on i386

[Otto Moerbeek]

On Sun, 15 Jan 2006, Daniel Ouellet wrote:

 Otto Moerbeek wrote:
  On Sun, 15 Jan 2006, Daniel Ouellet wrote:

  Since the bsize and fsize differ, it is expected that the used kbytes of the
  file systems differ. Also, the inode table size will not be the same.
 
 Not sure that I would agree fully with that, but I differ to your judgment.
 Yes there will and should be difference in usage as if you have a lots of
 small files, you are waisting more space if you fsize are bigger, unless I
 don't understand that part. Would it mean that the df -h would take the number
 of inode in use * the fsize to display the results for human then?

I do not understand what you mean. Of course df does not do such
calculation, because it does not mean anything. Inodes allocated does
have little to do with total space in use. fsize is fragment size,
which is something different than file size.

  You're comparing apples and oranges.
 
 I don't disagree to some extend as you know better, but I still try to
 understand it however. Shouldn't the df -h display the same results however to
 human? I am not arguing, but rather try to understand it. If it is design to
 be human converted, why a human would need to know or consider the file size
 in use then to compare the results?

The human thing is only doing the conversion to megabytes and such. It
does not compensate for space wasted due to blocks not being fully used
and such.

Now I agree that the difference you are seeing is larger than I would
expect. I would run a ls -laR or du -k on the filesystems and diff the
results to see if the contents are realy the same. My bet is that
you'll discover some files that are not on the system with a smaller
usage.  It is also perfectly possible that files having holes (also
called spare files) play a role: they take less space than their
length, but depending on how you copy them, the copy does take the
full amount of blocks. 

  BTW, you don't say which version(s) you are running. That's bad. since
  some bugs were fixed in the -h display. Run df without -h to see the
  real numbers.
 
 All run 3.8. Sorry about that.
 
 the 4.6GB have 4870062 * 1024 = 4,986,943,488
 www1# df
 Filesystem  1K-blocks  Used Avail Capacity  Mounted on
 /dev/wd0a  256814 4146420251017%/
 /dev/wd0h 104815854995698 0%/home
 /dev/wd0d 1030550 2979022 0%/tmp
 /dev/wd0g 5159638310910   4590748 6%/usr
 /dev/wd0e25799860   4870062  1963980620%/var
 /dev/wd0f 1030550  1546977478 0%/var/qmail

The above display used df -k, while the one below does not. Probably
you've set some alias for df or so, or you are using the BLOCKSIZE env
var. Why are you making things more difficult than needed for us (and
yourself?).

 
 the 8.1GB have 15967148 * 512 = 8,175,179,776
 # df
 Filesystem  512-blocks  Used Avail Capacity  Mounted on
 /dev/wd0a   513628 6558842236013%/
 /dev/wd0h  186162852   1768496 0%/home
 /dev/wd0d  2061100 4   1958044 0%/tmp
 /dev/wd0g  9904156424544   8984408 5%/usr
 /dev/wd0e 33022236   1537612  29833516 5%/var
 /dev/wd1b 16412252   1937920  1365372012%/var/mysql
 /dev/wd0f  2061100 4   1958044 0%/var/qmail
 /dev/wd1a 41280348  15967148  2324918441%/var/www/sites
 
 The funny part is that the first above /var include more files then the
 /var/www/sites below and still display less space in use.
 
  To check if the inode/block/fragment free numbers add up, you could
  use dumpfs, but that is a hell of a lot of work. 
  -Otto
  
 
 It's not a huge deal and the systems works well, I am just puzzle by the
 results and want to understand it, that's all.

Re: df -h stats for same file systems display different result son AMD64 then on i386

[Otto Moerbeek]

On Mon, 16 Jan 2006, Daniel Ouellet wrote:

 Just a bit more information on this.
 
 As I couldn't understand if that was an AMD64 issue as illogical as that might
 be, I decided to put that to the test. So, I pull out an other AMD64 server
 and it's running 3.8, same fsize and bsize, one drive, etc.
 
 Use rsync to mirror the content and the results are consistent with the i386.
 So, that prove it's not that at a minimum.
 
 So, the source is 4.4GB and expand to 7.7GB.
 
 I have no logical explications what so ever.

You have been told an explanation (sparse files).

-Otto

 
 So, I will stop here and just drop it as I have nothing else logical I can
 think of to look at why that might be.
 
 I will just have to put it in the unknown pile and leave it alone.
 
 One thing for sure, I will be wiping that box out to be sure next.
 
 Unless someone have an idea, again, not a problem, but something very weird I
 was trying to understand and find some logical explication too.
 
 I will just have to take it as such and leave it alone.
 
 So, case close as I have no more idea or clue.
 
 This was done on a brand new server and using rsync to copy identical files
 from the source to the destination.
 
 ==
 Source:
 www1# disklabel wd0
 # Inside MBR partition 3: type A6 start 63 size 78156162
 # /dev/rwd0c:
 type: ESDI
 disk: ESDI/IDE disk
 label: Maxtor 6E040L0
 flags:
 bytes/sector: 512
 sectors/track: 63
 tracks/cylinder: 16
 sectors/cylinder: 1008
 cylinders: 16383
 total sectors: 78165360
 rpm: 3600
 interleave: 1
 trackskew: 0
 cylinderskew: 0
 headswitch: 0   # microseconds
 track-to-track seek: 0  # microseconds
 drivedata: 0
 
 16 partitions:
 # sizeoffset  fstype [fsize bsize  cpg]
   a:52409763  4.2BSD   2048 16384  328 # Cyl 0*-   519
   b:   8388576524160swap   # Cyl   520 -  8841
   c:  78165360 0  unused  0 0  # Cyl 0 - 77544
   d:   2097648   8912736  4.2BSD   2048 16384  328 # Cyl  8842 - 10922
   e:  52429104  11010384  4.2BSD   2048 16384  328 # Cyl 10923 - 62935
   f:   2097648  63439488  4.2BSD   2048 16384  328 # Cyl 62936 - 65016
   g:  10486224  65537136  4.2BSD   2048 16384  328 # Cyl 65017 - 75419
   h:   2132865  76023360  4.2BSD   2048 16384  328 # Cyl 75420 -
 77535*
 www1# df -h
 Filesystem SizeUsed   Avail Capacity  Mounted on
 /dev/wd0a  251M   40.5M198M17%/
 /dev/wd0h 1024M   54.0K972M 0%/home
 /dev/wd0d 1006M8.5M948M 1%/tmp
 /dev/wd0g  4.9G304M4.4G 6%/usr
 /dev/wd0e 24.6G4.7G   18.7G20%/var
 /dev/wd0f 1006M1.5M955M 0%/var/qmail
 
 =
 
 Destination.
 # disklabel wd0
 # Inside MBR partition 3: type A6 start 63 size 156296322
 # /dev/rwd0c:
 type: ESDI
 disk: ESDI/IDE disk
 label: Maxtor 6L080M0
 flags:
 bytes/sector: 512
 sectors/track: 63
 tracks/cylinder: 16
 sectors/cylinder: 1008
 cylinders: 16383
 total sectors: 156301488
 rpm: 3600
 interleave: 1
 trackskew: 0
 cylinderskew: 0
 headswitch: 0   # microseconds
 track-to-track seek: 0  # microseconds
 drivedata: 0
 
 16 partitions:
 # sizeoffset  fstype [fsize bsize  cpg]
   a:   104825763  4.2BSD   2048 16384  328 # Cyl 0*-  1039
   b:  16777152   1048320swap   # Cyl  1040 - 17683
   c: 156301488 0  unused  0 0  # Cyl 0 -155060
   d:  10486224  17825472  4.2BSD   2048 16384  328 # Cyl 17684 - 28086
   e:  83885760  28311696  4.2BSD   2048 16384  328 # Cyl 28087 -111306
   f:   4194288 112197456  4.2BSD   2048 16384  328 # Cyl 111307
 -115467
   g:   2097648 116391744  4.2BSD   2048 16384  328 # Cyl 115468
 -117548
   h:  20971440 118489392  4.2BSD   2048 16384  328 # Cyl 117549
 -138353
   i:  16835553 139460832  4.2BSD   2048 16384  328 # Cyl 138354
 -155055*
 # df -h
 Filesystem SizeUsed   Avail Capacity  Mounted on
 /dev/wd0a  502M   49.3M427M10%/
 /dev/wd0i  7.9G2.0K7.5G 0%/home
 /dev/wd0d  4.9G2.0K4.7G 0%/tmp
 /dev/wd0h  9.8G958M8.4G10%/usr
 /dev/wd0e 39.4G7.7G   29.7G21%/var
 /dev/wd0f  2.0G252K1.9G 0%/var/log
 /dev/wd0g 1006M2.0K956M 0%/var/qmail

Re: df -h stats for same file systems display different result son AMD64 then on i386 (Source solved)

[Otto Moerbeek]

On Tue, 17 Jan 2006, Daniel Ouellet wrote:

 OK,
 
 Here is the source of the problem. The cache file generated by webazolver is
 the source of the problem. Based on the information of the software webalizer,
 as this:
 
 Cached DNS addresses have a TTL (time to live) of 3 days.  This may be
 changed at compile time by editing the dns_resolv.h header file and
 changing the value for DNS_CACHE_TTL.
 
 The cache file is process each night, and the records older then 3 days are
 remove, but somehow that file become a sparse file in the process and when
 copy else where show it's real size. In my case that file was using a bit over
 4 millions blocks more then it should have and give me the 4GB+ difference in
 mirroring the content.
 
 So, as far as I can see it, this process of expiring the records from the
 cache file that is always reuse doesn't shrink the file really, but somehow
 just mark the records inside the file as bad, or something like that.
 
 So, nothing to do with OpenBSD at all but I would think there is a bug in the
 portion of webalizer however base on what I see from it's usage.
 
 Now the source of the problem was found and many thanks to all that stick with
 me along the way.

You are wrong in thinking sparse files are a problem. Having sparse
files quite a nifty feature, I would say. 


-Otto

Re: df -h stats for same file systems display different result son AMD64 then on i386 (Source solved)

[Otto Moerbeek]

On Tue, 17 Jan 2006, Joachim Schipper wrote:

 On Tue, Jan 17, 2006 at 02:15:57PM +0100, Otto Moerbeek wrote:

  You are wrong in thinking sparse files are a problem. Having sparse
  files quite a nifty feature, I would say. 
 
 Are we talking about webazolver or OpenBSD?
 
 I'd argue that relying on the OS handling sparse files this way instead
 of handling your own log data in an efficient way *is* a problem, as
 evidenced by Daniels post. After all, it's reasonable to copy data to,
 say, a different drive and expect it to take about as much space as the
 original.

Now that's a wrong assumption. A file is a row of bytes. The only
thing I can assume is that if I write a byte at a certain position, I
will get the same byte back when reading the file. Furthermoe, the
file size (not the disk space used!) is the largest position written.
If I assume anything more, I'm assuming too much.

For an application, having sparse files is completely transparant. The
application doesn't even know the difference. How the OS stores the
file is up to the OS.

Again, assuming a copy of a file takes up as much space as the
original is wrong. 

 On the other hand, I agree with you that handling sparse files
 efficiently is rather neat in an OS.

-Otto

Re: NIS/NFS server and MFS

[Otto Moerbeek]

On Sun, 22 Jan 2006, Jose Fragoso wrote:

 Hi,
 
 I was given the task to setup an OpenBSD NFS server. The machine allocated 
 for the task is fairly well served with RAM memory (2G). I though of using 
 MFS for the /tmp filesystem, but I don't know:

Wrap your lines!

 
 1. How much space would I need in /tmp for this task. Is NFS/NIS hungry of 
 /tmp space?

No, NFS and NIS do not use /tmp at all.

 
 2. If I would have any significant gain in performance by doing this or leave 
 the memory allocation for the operating system.

Given the above, no performance gain will be expected.

-Otto

 
 I thank in advance any comments, suggestions and criticisms.
 
 Best regards,
 
 Josi

Re: view available inodes on partition

[Otto Moerbeek]

On Wed, 25 Jan 2006, Matthew Closson wrote:

 Hello,
 
 Is there a way to view how many inodes are still available on a partition.
 I'm decompressing a ton of small files onto a 60Gb onto my /dev/wd1a. And I'm
 not really concerned about running out of space, but possibly out of inodes, I
 just used the default parameters creating the filesystem, which is ffs.

df -i

-Otto

Re: MS Security VP Mike Nash remarks on MS vs OpenBSD security.

[Otto Moerbeek]

On Thu, 26 Jan 2006, Rob W wrote:

 http://www.securityfocus.com/bid/16375 is minor but important enough to
 report?
 
 A way to remotly crash a OpenBSD box is minor?

If the number of systems affected is low, the answer may be yes. This
problem only exists if you enable specific scrubbing options in pf. 

As a rule of thumb, you can look at the fraction of machines affected
multiplied but the severity of the problem. This gives some 
indication if something is going to hit errata. 

We are not hiding things, just follow src-changes to get everything.

-Otto

Re: Strange behaviour of ``ifconfig -alias''

[Otto Moerbeek]

On Fri, 27 Jan 2006, Alexander Hall wrote:

 Hi!
 
 I just noticed (the hard way) a strange behaviour of ifconfig. In short, if I
 supply a netmask when removing an alias with ``-alias address'', it is not,
 as one would expect, ignored, but rather used as the netmask for the primary
 address of the interface.
 
 While it would not be necessary to supply the netmask when removing an alias,
 I cannot see that this behaviour would be expected. I would rather expect an
 error or that the netmask was ignored.
 
 Or am I totally wrong?

alias/-alias is a _parameter_ and should come after the address. 
It would be better if ifconfig would be more strict, but its argument
parsing code is a nightmare

-Otto

 
 Example follows:
 
 $ ifconfig xl0
 xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:06:5b:36:f8:e1
 groups: egress
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet6 fe80::206:5bff:fe36:f8e1%xl0 prefixlen 64 scopeid 0x1
 inet 192.168.2.130 netmask 0xff00 broadcast 192.168.2.255
 $ sudo ifconfig xl0 inet alias 192.168.2.140 netmask 255.255.255.255
 $ ifconfig xl0
 xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:06:5b:36:f8:e1
 groups: egress
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet6 fe80::206:5bff:fe36:f8e1%xl0 prefixlen 64 scopeid 0x1
 inet 192.168.2.130 netmask 0xff00 broadcast 192.168.2.255
 inet 192.168.2.140 netmask 0x broadcast 192.168.2.140
 $ sudo ifconfig xl0 inet -alias 192.168.2.140 netmask 255.255.255.255
 ifconfig: SIOCAIFADDR: File exists
 $ ifconfig xl0
 xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:06:5b:36:f8:e1
 groups: egress
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active
 inet6 fe80::206:5bff:fe36:f8e1%xl0 prefixlen 64 scopeid 0x1
 inet 192.168.2.130 netmask 0x broadcast 192.168.2.130
^^
  madness
 
 /Alexander

Re: Intel 82801 SMBus dmesg question

[Otto Moerbeek]

On Fri, 27 Jan 2006, Denny White wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 
 Had originally posted a message Tuning NFS File Transfer Speed
 and had eventually posted a Solved reply to it on the list.
 That turned out to be erroneous. It did turn out to be a hardware
 issue. Had some leaking capacitors on the old VIA Abit mobo and
 replaced it with a Aopen MX3ST mobo picked up on the cheap. All
 seems to be working okay so far, but my question concerns what
 dmesg is saying. I googled all over, searched in the archives,
 and came up with lots of dmesg's that mentioned it, but didn't
 explain specifically what that one line meant. It says:
 
 Intel 82801BA SMBus rev 0x05 at pci0 dev 31 function 3 not configured
 
 Before asking anything on the list, I tried different things in the BIOS
 like disabling USB, the onboard NIC, juggled some IRQ's, just generally
 doing some experimenting, but the message is still there. I'd just like
 to know what exactly it means  maybe be pointed to a site that explains
 it so I can learn more about it. Will put in output of dmesg  ifconfig
 below. Thanks for all replies.

There's nothing wrong. It just mean SMBus is not supported. SMBus is a
system management bus.  It is generally used to read and control fans,
temperature sensors and such.  It is not supported on 3.8, but 3.9
will support a wide variety of SMBus controllers. 

Install 3.9-beta to take a look. It's available on the various
mirrors.  The ichiic(4) and iic(4) man pages contain some more info.
You can read them via the web site:
http://www.openbsd.org/cgi-bin/man.cgi?query=ichiic


-Otto

Re: fsck fixes in daily output

[Otto Moerbeek]

On Fri, 3 Feb 2006, Jeff Quast wrote:

 Below is a forward of the daily output I receive. I do have it configured to
 backup my root partition on the same disk, and I am aware how silly that
 is. This was done to see how it behaves for a future install where the root
 FS will be backed up on a separate disk.
 
 I also realize this is not GENERIC, and that is bad. It is recompiled to
 exclude a few usb devices so my APC unit is detected properly.
 
 My question is, these errors have been occurring daily for over a month.
 Should I be concerned about the integrity of my root FS?

No. a live filesystem is copied with dd. It is expected that the copy
has inconsistencies. That's why the fsck is there in the first place.

-Otto

 
 -- Forwarded message --
 From: Charlie Root [EMAIL PROTECTED]
 Date: Feb 3, 2006 1:36 AM
 Subject: harlan.1984.ru daily output
 To: [EMAIL PROTECTED]
 
 OpenBSD 3.8-stable (FILESERV) #0: Tue Jan 24 21:28:29 EST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/FILESERV
 
 1:30AM  up 4 days,  4:33, 4 users, load averages: 0.25, 0.17, 0.10
 
 Running daily.local:
 
 Removing scratch and junk files:
 
 Backing up root filesystem:
 copying /dev/rwd0a to /dev/rwd0d
 32755+1 records in
 32755+1 records out
 268329472 bytes transferred in 40.740 secs (6586349 bytes/sec)
 ** /dev/rwd0d
 ** Last Mounted on /
 ** Phase 1 - Check Blocks and Sizes
 ** Phase 2 - Check Pathnames
 ** Phase 3 - Check Connectivity
 ** Phase 4 - Check Reference Counts
 UNREF FILE I=178  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? yes
 
 UNREF FILE I=187  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? yes
 
 UNREF FILE I=202  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? yes
 
 UNREF FILE I=211  OWNER=root MODE=100600
 SIZE=0 MTIME=Feb  3 01:30 2006
 CLEAR? yes
 
 ** Phase 5 - Check Cyl groups
 FREE BLK COUNT(S) WRONG IN SUPERBLK
 SALVAGE? yes
 
 SUMMARY INFORMATION BAD
 SALVAGE? yes
 
 BLK(S) MISSING IN BIT MAPS
 SALVAGE? yes
 
 3154 files, 19276 used, 109131 free (419 frags, 13589 blocks,
 0.3%fragmentation)
 
 MARK FILE SYSTEM CLEAN? yes
 
 
 * FILE SYSTEM WAS MODIFIED *
 
 Checking subsystem status:
 
 disks:
 Filesystem  1K-blocks  Used Avail Capacity  Mounted on
 /dev/wd0a  256814 3855220542216%/
 /dev/wd0g 4126462   1485244   243489638%/home
 /dev/wd0f 820   3185986   465678841%/usr
 /dev/wd0e 120787020049894698017%/var
 /dev/wd0h62289370  55133120   404178293%/storage/mnt/ide0
 /dev/sd0a17635370   3058960  1369464218%/storage/mnt/scsi0
 /dev/sd1a17635370   9422848   733075456%/storage/mnt/scsi1
 
 Last dump(s) done (Dump '' file systems):
 
 
 network:
 NameMtu   Network Address  Ipkts IerrsOpkts Oerrs
 Colls
 lo0 33224 Link  112761 0   112761
 0 0
 lo0 33224 127/8   127.0.0.1   112761 0   112761
 0 0
 lo0 33224 ::1/128 ::1 112761 0   112761
 0 0
 lo0 33224 fe80::%lo0/64 fe80::1%lo0 112761 0   112761
 0 0
 re0 1500  Link  00:09:5b:bd:c0:a7   262342 0   230385
 0 0
 re0 1500  fe80::%re0/64 fe80::209:5bff:febd:c0a7%re0   262342 0
 230385 0 0
 re0 1500  192.168.0/24 192.168.0.3 262342 0   230385
 0 0
 pflog0  33224 Link   0 00
 0 0
 pfsync0 1348  Link   0 00
 0 0
 enc0*   1536  Link   0 00
 0 0
 
 
 Running calendar in the background.
 
 Checking filesystems:
 ** /dev/rwd0a (NO WRITE)
 ** Last Mounted on /
 ** Root file system
 UNREF FILE I=178  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? no
 
 UNREF FILE I=187  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? no
 
 UNREF FILE I=202  OWNER=_mysql MODE=100600
 SIZE=0 MTIME=Jan 29 20:57 2006
 CLEAR? no
 
 UNREF FILE I=211  OWNER=root MODE=100600
 SIZE=0 MTIME=Feb  3 01:30 2006
 CLEAR? no
 
 3158 files, 19277 used, 109130 free (418 frags, 13589 blocks,
 0.3%fragmentation)
 ** /dev/rwd0g (NO WRITE)
 ** Last Mounted on /home
 ZERO LENGTH DIR I=206246  OWNER=dingo MODE=40755
 SIZE=0 MTIME=Jan 29 21:45 2006
 CLEAR? no
 
 ZERO LENGTH DIR I=206603  OWNER=dingo MODE=40755
 SIZE=0 MTIME=Jan 30 20:03 2006
 CLEAR? no
 
 17519 files, 742622 used, 1320609 free (873 frags, 164967 blocks,
 0.0%fragmentation)
 ** /dev/rwd0f (NO WRITE)
 ** Last Mounted on /usr
 290726 files, 1592993 used, 2534782 free (29534 frags, 313156 blocks,
 0.7%fragmentation)
 ** /dev/rwd0e (NO WRITE)
 ** Last Mounted on /var
 2569 files, 100250 used, 503685 free (477 frags, 62901 blocks,
 0.1%fragmentation)
 ** /dev/rwd0h (NO WRITE)
 ** Last Mounted on /storage/mnt/ide0
 39652 files, 27566560 used, 3578125 free (501 frags, 447203 blocks,
 

Re: data sctructures

[Otto Moerbeek]

On Wed, 8 Feb 2006, Gustavo Rios wrote:

 2006/2/8, Otto Moerbeek [EMAIL PROTECTED]:
 
 
  On Wed, 8 Feb 2006, Gustavo Rios wrote:
 
   i saw openbsd uses red-black trees inside. I could not figure it out a
   motivation for not using AVL, SPL or even something based on
   http://user.it.uu.se/~arnea/abs/simp.html.
  
   I could not figure what would it be the best/average/worst cost, i.e.,
   O(f(n)) for those method above.
  
   Thanks a lot for your time and cooperation.
 
  Why would red-black trees not be a good choice?
 
 I just wanted to know which would it be the best choice, and why?
 For instance, i don't know the best/average/worst case for the method 
 supplied.
 I don't have a simple source of reference where i could see these
 metrics, prefereable on the internet.

I don't think you searched very good. Wikipedia has entries on all of
the well known balanced tree alghorithms.

-Otto

 
  For dictionaries, red-black trees are considered pretty much the best
  algorithm. See for example Sedgewick Algorithms in C, third ed,
  especially the conclusions in paragraph 13.6.
 
  -Otto

Re: data sctructures

[Otto Moerbeek]

On Wed, 8 Feb 2006, Gustavo Rios wrote:

 Don't get me wrong, i am very confident with openbsd.
 
 Although i am very confident using the openbsd native support for my
 needs, all of them have some thing i dislike.
 
 First: i would really enjoy worst case O(log2 n), none of the method i
 know so far make such garantee. Another problem is about memory usage:
 They all requires 3 pointer (left/right node and the element pointer)
 plus space for thing like left/right subtree weight, color, etc.
 
 I could see a paradise for the following scenario: worst case
 search/delete/insert in O(log2 N) and space requirement O(3N).
 
 Is that possible? Any suggestions?

From a complexity theory point of view, you are talking nonsense,
since O(3n) equals O(n). I doubt there exists a balanced tree
algorithm that does not need some extra data per node. Of course you
can build an ordinary tree and balance it without extra data per node,
but that's gonna cost you extra time.

At least r-b trees guarantee O(log n) worst case for all operations.
The other algorithms are pretty good as well, though I cannot remember
the exact complexity characteristics.

Oh, if there is an upper bound on the number of entries, a hash table
is also good for dictionaries. But they wast space as well.

-Otto

Re: dynamically linked suid binaries - Request for enlightment

[Otto Moerbeek]

On Fri, 10 Feb 2006, Tilo Stritzky wrote:

 Hi list,
 
 while doing some reading on secure software development 
 (//www.ranum.com/security/computer_security/archives/security-for-developers.pdf)
 I came across the advice always link your priviliged binaries
 statically.
 
 However a quick check on my system revealed me almost all suid/sgid
 programs being dynamically linked (the two exceptions traceroute/traceroute6
 startle me even more).
 
 Since the advice makes sense to me (it keeps some rather
 complicated machinery out of delicate matters)
 I'm wondering why it is not followed on OpenBSD.
 
 Are there other ways to simply 'do this right'?
 
 I would apreciate any pointers for further reading on that matter.

Read man ld.so. The dynamic linker has special provisions to handle
s/guid programs.  

-Otto

Re: Sudo

[Otto Moerbeek]

On Sat, 11 Feb 2006, Dave Feustel wrote:

 I don't know whether this is or would be considered as a bug, 
 or whether it is generally known, but sudo, when successfully 
 invoked  with a password  in one shell, becomes active in all 
 shells of that user for the timed duration.

This is pathetic. Why don't you read the docs before posting such a
discovery? 

-Otto

Re: Sudo

[Otto Moerbeek]

On Sat, 11 Feb 2006, Dave Feustel wrote:

 On Saturday 11 February 2006 11:04, [EMAIL PROTECTED] wrote:
  man sudo for starters.
  (actually that's quite enough even for a noob like me)
  (even a very out of date linux is enough)
  sheesh
 
 Actually --with-tickets is not mentioned in sudo.
 (I was sent '--with-tickets' info off-list by a helpful person.)
 I found out via a google search on 'tickets sudo' about
 the behavior I had discovered and reported. Then after Otto
 let me know how pathetic my post was,  I went back to man sudo
 but found nothing about tickets or about sudo being active in
 all shells. There may be something in the sudo man page that 
 describes this behavior, but I haven't spotted it yet. 
 My reading skills must be deteriorating.

Why do you think cross references to other manual pages exist in
almost all man pages?

-Otto

Re: Proper way to set login.conf control for application started as root and soon drop privileges

[Otto Moerbeek]

On Mon, 13 Feb 2006, Daniel Ouellet wrote:

 I was trying to control some applications that start as root and soon after
 are drop privileges to their own user, but looks like I am not very
 successful.
 
 To see if it was possible to do so, I tested with httpd for example, but
 searching on marc, I came across a posting from Henning on a different subject
 that however make me wonder what's the proper way to do it in that case?
 
 If I take the httpd example, the quote goes as follow:
 
 you are mistaken. apache starts as root and drops privileges to
 www:www, that does not mean it inherits the resource limits from that
 login class.
 
 So, I get it to mean that you can't use the login.conf to actually control
 their resources. So, this bear the question then as to what other alternative
 can you use, if any?

su -m -c login_class command

-Otto

Re: PF or BPF

[Otto Moerbeek]

On Mon, 13 Feb 2006, Ted Unangst wrote:

 On 2/13/06, Dave Feustel [EMAIL PROTECTED] wrote:
  What OpenBSD programs use bpf.
 
 tcpdump.

And there's more:

$ cd /usr/src
$ grep -lr bpf.h bin sbin usr.bin usr.sbin libexec

will give you a nice list.

-Otto

Re: xargs PF or BPF

[Otto Moerbeek]

On Tue, 14 Feb 2006, Michael Schmidt wrote:

 Matthias Kilian wrote:
 
  And watch out for silly file names containing whitespace.
  
  BTW: if this is a contest on creative use of find(1) and other
  standard tools:
  
  $ find . -type f | sed '[EMAIL PROTECTED]@grep -l -- foo @' | sh
  
  Yes, this isn't robust against whitespace, either PLUS it's
  inefficient. But in some cases the find ... | sed ... | sh pattern
  is quite useful.
   
 
 Sometime ago I have had the same problem with spaces in filenames and dealing
 with them as xargs parameters. There I have used (here only as an example):
 
 find . -print | grep -i ' ' | xargs -I {} ls -ald {}
 
 FYI, that has been on a non-OpenBSD system.
 I4m not at my OpenBSD system at the moment, so I can4t check whether OpenBSD
 xargs supports the shown options. Maybe someone may test it.
 
 One may check this at a directory with space-containing filenames.
 Without the -I {} and {} parts you get funny output.
 

Well, -print0 in find and xargs -0 are designed to deal with that.
Sadly these are not in POSIX (which is not documented correctly in the
xargs case).

-Otto

Re: State of Rthreads in OpenBSD 3.9

[Otto Moerbeek]

On Tue, 14 Feb 2006, [EMAIL PROTECTED] wrote:

 Is the new Rthreads library functional enought 3.9 that it can be used for
 'experimental' purposes? Has there been anything documented yet as to it's
 used?

The moment it was committed it has been allright for experimenting,
just do not expect all your experiments to succeed.

There is a bunch of work to be done, however. Both kernel and
userland. 

Tedu posted a diff to lib/libc/sys/Makefile.inc on tech@ that you'll
need. Also, yo need to enable the RTHREADS option in your kernel.
After building and installing, just move away the existing
libpthread.so.x.y and link librthread.so.1.0 to that name. 

Some caveats I know:

- run with LD_BIND_NOW=1, otherwise you'll see processes dying once in
  a while.
- programs that use thread suspend/resume sometimes end up in a state
  with all threads suspended. This can be observed when running java
  programs like tomcat, for example.
- There are problems with thread local storage. kde triggers these problems.
- Signal handling is nowhere near complete or correct. Example: mysql
  does not want to quit when asked with mysqladmin. It appears to
  run ok otherwise.
- Some archs will have problems dealing with threads modyfing page
  protection. AFAIK, i386 does not have this problem.
- Thread cancellation points are not implemented.

-Otto

Re: xargs PF or BPF

[Otto Moerbeek]

On Tue, 14 Feb 2006, Ray Lai wrote:

 On Tue, Feb 14, 2006 at 11:39:45AM +0100, Otto Moerbeek wrote:
  On Tue, 14 Feb 2006, Michael Schmidt wrote:
  
   Matthias Kilian wrote:
   
And watch out for silly file names containing whitespace.

BTW: if this is a contest on creative use of find(1) and other
standard tools:

$ find . -type f | sed '[EMAIL PROTECTED]@grep -l -- foo @' | sh

Yes, this isn't robust against whitespace, either PLUS it's
inefficient. But in some cases the find ... | sed ... | sh pattern
is quite useful.
 
   
   Sometime ago I have had the same problem with spaces in filenames and 
   dealing
   with them as xargs parameters. There I have used (here only as an 
   example):
   
   find . -print | grep -i ' ' | xargs -I {} ls -ald {}
   
   FYI, that has been on a non-OpenBSD system.
   I4m not at my OpenBSD system at the moment, so I can4t check whether 
   OpenBSD
   xargs supports the shown options. Maybe someone may test it.
   
   One may check this at a directory with space-containing filenames.
   Without the -I {} and {} parts you get funny output.
   
  
  Well, -print0 in find and xargs -0 are designed to deal with that.
  Sadly these are not in POSIX (which is not documented correctly in the
  xargs case).
 
 Does this diff fix it?  (I also added a comma after the last -R.)

I already committed a similar diff,

-Otto

 
 -Ray-
 
 Index: xargs.1
 ===
 RCS file: /cvs/src/usr.bin/xargs/xargs.1,v
 retrieving revision 1.15
 diff -u -r1.15 xargs.1
 --- xargs.1   12 Sep 2005 09:44:59 -  1.15
 +++ xargs.1   14 Feb 2006 13:37:48 -
 @@ -316,7 +316,8 @@
  .St -p1003.2
  compliant.
  The
 -.Fl J , o , P , R
 +.Fl 0 , J , o , P ,
 +.Fl R ,
  and
  .Fl r
  options are non-standard

Re: Could someone, running latest snapshots confirm this problem

[Otto Moerbeek]

On Tue, 14 Feb 2006, Didier Wiroth wrote:

 Hi,
 I'm running current (built yesterday) on another i386 laptop with an Xorg 6.9 
 build (from 19 January) where the maps fr_CH, de_CH etc all work without 
 problem.
 There must have been some related keyboard map file changes since that day in 
 the x sources.
 Are there any X gurus around that have an idea how to fix the problem?

http://www.openbsd.org/faq/current.html#20060131

-Otto

Re: PF or BPF

[Otto Moerbeek]

On Tue, 14 Feb 2006, Diana Eichert wrote:

 I was thinking there should have been something in the commit message
 about Dave contributing to this fix.  The entire xargs discussion wouldn't
 have occurred if I hadn't used find in my reply to Dave regarding PF
 or BPF.
 
 http://marc.theaimsgroup.com/?l=openbsd-cvsm=113991945111836w=2
 Log message:
 Document that -0 is an non-standard extension (sad but true).
 ok millert@
 
 g.day
 
 diana

Something like: Even a thread started by Dave might eventually--if
the topic has sufficiently departed from the original subject--lead to
a (small) improvement to OpenBSD?

-Otto

Re: PF or BPF

[Otto Moerbeek]

On Tue, 14 Feb 2006, Tony Sterrett wrote:

   I'm not sure I'd do it in that way. I'm thinking if BPF provided stateful
   inspection is would be
   more useful.
  
  Asking for stateful inspection in bpf(4) is like wanting a carburettor
  for a pushbike. You might be able to shoehorn it in there, but it won't
  be pretty, will ruin its simplicity and probably won't be much use.
 
 Yeah this would be something in addition to BPF and not to alter BPF. I like
 the simple
 functionary but I think it would be hard to management complex rule(s). The
 language is
 a little clunky. Just think is doing something when you have to check protocol
 #, source and dst address
 and TCP flags. I guess  the fact that BPF branches only forward does both
 simplify and limit its scope.

Having only forward jumps is an essential (security) feature of bpf.
This makes it possible to validate the bpf code to ensure that it
terminates. After all, bpf let's a user inject code into the kernel.
You want to be 100% sure it doesn't do nasty things. See
sys/net/bpf_filter:bpf_validate().

-Otto

Re: SIZE vs. RES in top(1) output

[Otto Moerbeek]

On Wed, 15 Feb 2006, Paul de Weerd wrote:

 All,
 
 I'm a bit confused on the difference between SIZE and RES in the
 output of top(1) (the same goes for VSZ vs RSS in ps(1) output). The
 manpage says :
 
 SIZE  The total size of the process (the text, data, and stack
   segments).
 
 RES   The current amount of resident memory.
 
 Reading the page I'd think they should be equal; I'd say the total
 size of the process should equal the amount of resident memory. This
 is of course completely wrong (there's two fields for a reason), looking
 at a semi-random pair of processes on a system I have running here, I
 have one process with a SIZE of 696K and a RES of 19M (SIZE  RES) and
 also another one with a SIZE of 176K and a RES of 4K (SIZE  RES).
 
 I figured I'd check the code for more enlightenment. In
 /usr/src/usr.bin/top/machine.c I see :
 
 format_k(pagetok(PROCSIZE(pp))),
 format_k(pagetok(pp-p_vm_rssize)),
 
 PROCSIZE is #defined as the sum of (pp)-p_vm_[tds]size, but I can not
 find how these sizes relate to p_vm_rssize. I eventually end up in
 sys/sysctl.h where the kinfo_proc2 structure is defined. It says :
 
 int32_t p_vm_rssize;/* SEGSZ_T: current resident set size 
 in pages */
 int32_t p_vm_tsize; /* SEGSZ_T: text size (pages) */
 int32_t p_vm_dsize; /* SEGSZ_T: data size (pages) */
 int32_t p_vm_ssize; /* SEGSZ_T: stack size (pages) */
 
 This, unfortunately, does not clear things up for me, I'd still read
 this to mean that rssize = tsize + dsize + ssize. How come SIZE can be
 larger or smaller than RES ? Is there any documentation on this ?
 
 The only thing I can think of is that RES does not take swapped out
 memory into account (resident as in active and currently loaded in
 RAM), but in that case SIZE = RES, never SIZE  RES. And then I also
 see SIZE  RES on machines that have never touched swapped since boot,
 so that (partially) rules out swap as an answer. Is this perhaps
 related to dynamic libraries which are shared between processes and
 thus not counted in SIZE but are part of RES (or vice versa) ?
 Unlikely to be a good/complete answer, static binaries also have
 different values for SIZE and RES.

Yes, shared pages complicate matters a lot. Also, there are pages
(like code or other r/o pages) that are counted in SIZE, but are not
paged in, so they are not counted in RES.

-Otto

 
 Anyway, I should probably stop making a fool out of myself by making
 any more pointless guesses. Does anyone have a cluebat available for
 me ?
 
 Thanks,
 
 Paul 'WEiRD' de Weerd
 
 -- 
 [++-]+++.+++[---].+++[+
 +++-].++[-]+.--.[-]
  http://www.weirdnet.nl/ 

Re: df reports capacity 100%

[Otto Moerbeek]

On Thu, 22 Mar 2007, Stephan A. Rickauer wrote:

 Our Soekris (4.0-stable) NFS mounts a remote share:
 
 # df -h /projects
 FilesystemSizeUsed   Avail Capacity  Mounted on
 linsrv01:/projects410G2.0T   417G  498%  /projects
 
 # grep projects /etc/fstab
 linsrv01:/projects /projects nfs rw,auto 0 0
 
 
 where linsrv01 is a SLES10 NFS server (amd64). Probably /projects has
 been increased there using LVM/xfs_grow and the nfs mount hasn't been
 renewed ever since. However, if I do remount the remote NFS share on the
 soekries, the Size is not updated.
 
 on linsrv01, df reports:
 Filesystem   Size  Used Avail Use% Mounted on
 /projects2.4T  2.0T  418G  84% /projects
 
 
 Not a problem at all, but maybe some developer is interested in
 understanding this phenomena or knows what one can do to cleanly update
 the Size information.

This is a known bug and not fixable until we change the statfs
structure. 

http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yesnumbers=5169

-Otto

Re: Saving memory on small machines

[Otto Moerbeek]

On Thu, 22 Mar 2007, Kamil Monticolo wrote:

  The OpenBSD kernel is a bit over 5MB. I assume that gets loaded into memory
  and is not swappable, giving me 43MB left, which isn't a lot.
 
 You can turn off ipv6, altq if not needed, and of course lots of hardware 
 that you don't need also. For example I have a 2 x smaller kernel that 
 GENERIC on my laptop:
 $ uname -a
 OpenBSD squirrel 4.1 BIRKOFF#0 i386
 $ ls -lh /bsd{,.orig} 
 -rw-r--r--  1 root  wheel   2.9M Mar  9 00:39 /bsd
 -rw-r--r--  1 root  wheel   5.8M Feb 22 13:32 /bsd.orig
 
 You may also stripe nearly all of your libraries, for example:
 
 # ls -lhS /usr/lib/libcrypto*a
 -r--r--r--  1 root  bin  11.7M Mar 22 13:53 /usr/lib/libcrypto_pic.a
 -r--r--r--  1 root  bin  11.6M Mar 22 13:53 /usr/lib/libcrypto_p.a
 -r--r--r--  1 root  bin  11.5M Mar 22 13:53 /usr/lib/libcrypto.a
 # strip -s /usr/lib/libcrypto*a
 # ls -lhS /usr/lib/libcrypto*a  
 -r--r--r--  1 root  bin   909K Mar 22 13:53 /usr/lib/libcrypto_pic.a
 -r--r--r--  1 root  bin   865K Mar 22 13:53 /usr/lib/libcrypto_p.a
 -r--r--r--  1 root  bin   835K Mar 22 13:53 /usr/lib/libcrypto.a
 
 looks fine? Hope this helps.
 
 Kamil Monticolo aka birkoff

It saves even more space if you do

alias strip=rm

-Otto

Re: ntpd can no longer cope with the clock drift

[Otto Moerbeek]

On Sat, 24 Mar 2007, viq wrote:

 I have a rather old x86 box, running a 600 MHz Duron. It does have
 problems keeping the clock in sync, so one of the first things I ran
 on it was OpenNTPd, and it was sometimes spamming the logs with the
 sync messages, but keeping the time beautifully. That is, untill
 yesterday, when I updated from 7th Match snapshots to 22nd March
 snapshots. Right now the clock difference increases few seconds every
 hour, which is less than what it would be if left alone, but
 apparently more than ntpd can deal with. So... How can I deal with
 that? What more info is needed to help diagnose this?

In snaps i386 moved to a new timekeeping mechanism called
timecounters. The range of clock error adjustment timecounters can do
is somewhat more limited than the old mechanism. It's on my list to
look into that. 

Btw, with sysctl kern.timecounter you can look if there are
alternative time sources on your system. Choose another by setting
kern.timecounter.hardware if there is more than one available (apart
from dummy). 

-Otto

Re: OpenNTPD reliability

[Otto Moerbeek]

On Mon, 26 Mar 2007, Luca Corti wrote:

 On Sun, 2007-03-25 at 14:26 -0700, Darrin Chandler wrote:
  Have you measured the time from ntpd startup until it logs `clock is now
  synced' in the log? On the same machine, I see anywhere from 10 minutes
  to about 1 hour. In normal cases, machines acting as time servers are
  always on. If it takes less than an hour for ntpd to sync, and then it's
  up for months at a time then there's little problem.
 
 I left OpenNTPd running over the weekend and it wasn't synced this
 morning. Today I've manually changed time 30 minutes in the past and
 then run ntpd -s. Now It seems to report it is synced to the clients.
 
 
  If you want to turn on a computer and have it fetch some times from the
  network and report that it's synced... well, that's not accurate. A big,
  full-blown, complex thing like xntpd won't do it, either.
  If you don't really care what time it is, but want all your local
  computers to have the same time (or very, very close) there are other
  ways such as timed(8). Then you can have a computer using ntpd, and
  synced or not it can be a timed master for your network.
 
 No, I'd like the clock to be synced and as accurate as possible. But not
 being able to sync at all is quite bad.

Could you run put the clock ahead 5min and run again with ntpd -d,
(don't forget to kill any existing ntpd process), let it run for some
hours, saving the log. Then apply the diff below and repeat. Then send
me both logs. The diff fixes a potential problem that won't surface on
OpenBSD, but might on other systems. 

-Otto

Index: util.c
===
RCS file: /cvs/src/usr.sbin/ntpd/util.c,v
retrieving revision 1.12
diff -u -p -r1.12 util.c
--- util.c  27 Oct 2006 12:22:41 -  1.12
+++ util.c  26 Mar 2007 07:53:43 -
@@ -64,6 +64,10 @@ d_to_tv(double d, struct timeval *tv)
 {
tv-tv_sec = (long)d;
tv-tv_usec = (d - tv-tv_sec) * 100;
+   while (tv-tv_usec  0) {
+   tv-tv_usec += 100;
+   tv-tv_sec -= 1;
+   }
 }
 
 double

Re: ntpd not synching

[Otto Moerbeek]

On Tue, 27 Mar 2007, [EMAIL PROTECTED] wrote:

 hi,
 
 i'm trying to keep my local clock synched through ntpd. i used to do
 that with ntpdate, but since ntpd is available in a standard install
 i thought i'd try that. i start ntpd at boot, with added -s to synch
 the clock right away. however, after that it starts moving the clock 
 backwards. restarting ntpd just makes it repeat the process :
 
 [old ntpd, started at boot]
 Mar 27 08:46:58  ntpd[20919]: adjusting local clock by 9642.320276s
 Mar 27 08:49:06  ntpd[20919]: adjusting local clock by 2143.405987s
 Mar 27 08:50:07  ntpd[20919]: adjusting local clock by 2142.248606s
 Mar 27 08:51:42  ntpd[20919]: adjusting local clock by 9644.027785s
 Mar 27 08:54:45  ntpd[1871]: ntp_dispatch_imsg in ntp engine: pipe closed
 Mar 27 08:54:45  ntpd[1871]: ntp engine exiting
 [restart]
 Mar 27 08:55:02  ntpd[2426]: ntp engine ready
 Mar 27 11:35:52  ntpd[16439]: set local clock to Tue Mar 27 11:35:52 CEST 
 2007 (offset 9649.641093s)
 Mar 27 11:36:09  ntpd[2426]: peer 194.146.227.112 now valid
 [some more peers snipped]
 Mar 27 11:37:33  ntpd[6515]: adjusting local clock by 1.288053s
 Mar 27 11:40:10  ntpd[6515]: adjusting local clock by 6.464148s
 Mar 27 11:40:10  ntpd[2426]: clock is now synced
 Mar 27 11:44:23  ntpd[6515]: adjusting local clock by 10.656797s
 Mar 27 11:46:36  ntpd[6515]: adjusting local clock by 13.004900s
 Mar 27 11:46:36  ntpd[2426]: clock is now unsynced
 Mar 27 11:49:17  ntpd[6515]: adjusting local clock by 11.683026s
 Mar 27 11:53:39  ntpd[6515]: adjusting local clock by 15.193740s
 
 (if left alone, this adjustment will increase perpetually).
 
 timezone is set correctly :
 $ ls -la /etc/localtime 
 lrwxr-xr-x  1 root  wheel  36 Dec  2 00:38 /etc/localtime - 
 /usr/share/zoneinfo/Europe/Amsterdam
 
 $ date
 Tue Mar 27 12:25:30 CEST 2007
 
 any ideas ? it _has_ managed to keep the clock synched once,
 but after a reboot it went completely bonkers. i tried removing
 the drift-file and restarting it as well, to no avail. i'm
 running 4.0-release, and the provided ntpd.
 
 -- 
 CUL8R, Peter.

It looks like your clock drifts more that ntpd can compensate. Please
share some details on your setup, like the dmesg.  Also, if you remove
the drift file, you must reboot, since otherwise the existing
frequency compensations stays in effect. 

-Otto

Re: SCP/SFTP: Couldn't open /dev/null

[Otto Moerbeek]

On Tue, 27 Mar 2007, Joachim Schipper wrote:

 On Tue, Mar 27, 2007 at 08:23:17PM +0200, Tasmanian Devil wrote:
  Hello, list! :-)
  
  After reading this list for several monthes with dedication and after
  learning a lot from all of you, I've a strange problem myself now:
  
  I'm following -current on an Apple Mac mini (GENERIC.MP with ACPI
  enabled, dmesg below) and I transfer files with SCP and SFTP to this
  server. After a few successful transfers, /dev/null obviously breaks
  somehow on the server (Couldn't open /dev/null error on the client
  side):
  
  /dev root# ls -l null
  -rw---  1 root  wheel  56 Mar 27 18:13 null
  
  After a ./MAKEDEV std everything works fine again, at least for the
  next few file transfers:
  
  /dev root# ls -l null
  crw-rw-rw-  1 root  wheel2,   2 Mar 27 19:50 null
  
  At first I thought the upgrade to OpenSSH 4.6 with a snapshot from
  about two weeks ago would have fixed this problem, but it just
  happened again. I've searched on the web and in the mailing list
  archive, but couldn't find anything related to this problem so far. I
  have never seen this problem on any of my other OpenBSD machines.
  
  Has anybody an idea what I could do to find the cause of this
  disappearing /dev/null? Thank you in advance for your help!
 
 Well, it doesn't disappear so much as having its permissions altered,
 but I'm certain you are aware of that.

The device also turned into a regular file. Maybe the content of the
null file gives a hint of what went wrong. Which files were you
copying and to which directory? scp -v might help to see what is going on.

 Are you sure it's OpenSSH? What other daemons are using to /dev/null
 (fstat?)? It would make sense if some daemon thought it was a logfile or
 somesuch and decided to 'secure' it...

-Otto

Re: cron doesn't run commands in /etc/crontab?

[Otto Moerbeek]

On Wed, 28 Mar 2007, Will Maier wrote:

 According to cron(8), cron should be able to read commands from a
 properly formatted and chmoded /etc/crontab file. I've created such
 a file, but I can't seem to get cron to run the test command in it.
 
 # cat EOF  /etc/crontab
 */1  *   *   *   *   /usr/bin/touch /tmp/crontest
 EOF
 # chmod 0600 /etc/crontab
 
 cron then successfully loads the changes made to that file:
 
 Mar 28 07:23:01 lass cron[11652]: (*system*) RELOAD (/etc/crontab)
 
 I can also verify that the system file is loaded by watching the
 output of `cron -x load`. The command is valid per crontab(5) and
 works when inserted in root's tab using `crontab -e`.

No, the system crontab (/etc/crontab) file needs an extra field, as
described in the manual. 

-Otto

Re: ntpd not synching

[Otto Moerbeek]

On Wed, 28 Mar 2007, [EMAIL PROTECTED] wrote:

 hi,
 
 On Tue, Mar 27, 2007 at 01:49:16PM +0200, Otto Moerbeek wrote:
  
  It looks like your clock drifts more that ntpd can compensate. Please
  share some details on your setup, like the dmesg.  Also, if you remove
  the drift file, you must reboot, since otherwise the existing
  frequency compensations stays in effect. 
 
 ok, i cleared the drift-file and rebooted. as near as i can
 figure (i had to boot multiple times, and unclean at that) this
 is what happend slightly bfore/during/after the last boot (the times 
 are so screwed i can't really make it out).

Yep, this configrms it. Your clock is drifting so much that ntpd can't
keep up. I'm afraid there's not a lot I can do about that.

-Otto

 
 Mar 28 20:12:46  ntpd[6515]: adjusting local clock by 950.304366s
 Mar 28 20:17:11  ntpd[6515]: adjusting local clock by 954.223055s
 Mar 28 22:53:00  ntpd[18691]: ntp engine ready
 Mar 28 20:49:13  ntpd[14539]: set local clock to Wed Mar 28 20:49:13 CEST 
 2007 (offset -7427.749161s)
 Mar 28 20:49:13  ntpd[18691]: reply from 213.246.63.72: negative delay 
 -7427.686509s, next query 3068s
 Mar 28 20:49:13  ntpd[18691]: reply from 62.220.226.2: negative delay 
 -7427.684053s, next query 3199s
 Mar 28 20:49:13  ntpd[18691]: reply from 149.156.70.5: negative delay 
 -7427.676747s, next query 3149s
 Mar 28 20:49:13  ntpd[18691]: reply from 193.11.184.180: negative delay 
 -7427.676303s, next query 3136s
 Mar 28 20:49:13  ntpd[18691]: reply from 194.215.7.39: not synced, next query 
 3052s
 Mar 28 20:49:13  ntpd[18691]: reply from 128.241.238.31: negative delay 
 -7427.633371s, next query 3083s
 Mar 28 20:49:13  savecore: no core dump
 Mar 28 20:58:54  ntpd[3522]: peer 80.240.210.253 now valid
 [peers snipped]
 Mar 28 20:59:57  ntpd[31863]: adjusting local clock by 2.284285s
 Mar 28 21:02:37  ntpd[18773]: ntp engine ready
 Mar 28 21:02:37  ntpd[18773]: reply from 194.215.7.39: not synced, next query 
 3110s
 Mar 28 21:02:37  savecore: no core dump
 Mar 28 21:02:52  ntpd[18773]: peer 217.150.242.8 now valid
 Mar 28 21:02:59  ntpd[18773]: peer 213.246.63.72 now valid
 Mar 28 21:02:59  ntpd[18773]: peer 193.11.184.180 now valid
 Mar 28 21:02:59  ntpd[18773]: peer 128.241.238.31 now valid
 Mar 28 21:03:00  ntpd[18773]: peer 149.156.70.5 now valid
 Mar 28 21:03:03  ntpd[18773]: peer 62.220.226.2 now valid
 Mar 28 21:03:57  ntpd[2354]: adjusting local clock by 6.573991s
 Mar 28 21:06:04  ntpd[2354]: adjusting local clock by 3.905197s
 Mar 28 21:08:37  ntpd[2354]: adjusting local clock by 8.475628s
 Mar 28 21:08:37  ntpd[18773]: clock is now synced
 Mar 28 21:10:49  ntpd[2354]: adjusting local clock by 8.951453s
 Mar 28 21:10:49  ntpd[18773]: clock is now unsynced
 Mar 28 21:15:06  ntpd[2354]: adjusting local clock by 12.813542s
 Mar 28 21:15:06  ntpd[18773]: clock is now synced
 Mar 28 21:19:15  ntpd[2354]: adjusting local clock by 15.447946s
 Mar 28 21:19:15  ntpd[18773]: clock is now unsynced
 Mar 28 21:23:05  ntpd[2354]: adjusting local clock by 15.624800s
 Mar 28 21:23:10  ntpd[18773]: peer 213.246.63.72 now invalid
 Mar 28 21:25:45  ntpd[2354]: adjusting local clock by 16.648412s
 Mar 28 21:27:49  ntpd[2354]: adjusting local clock by 20.718507s
 Mar 28 21:31:04  ntpd[2354]: adjusting local clock by 16.498430s
 Mar 28 21:33:13  ntpd[2354]: adjusting local clock by 20.223130s
 Mar 28 21:35:57  ntpd[2354]: adjusting local clock by 20.095667s
 
 as i write this, the local clock is already 29 seconds behind
 what 'rdate -p pool.ntp.org' reports.
 
 dmesg :
 
 OpenBSD 4.0 (GENERIC) #1107: Sat Sep 16 19:15:58 MDT 2006
 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: VIA Esther processor 1500MHz (CentaurHauls 686-class) 1.51 GHz
 cpu0: 
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,SSE3
 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA
 real mem  = 468152320 (457180K)
 avail mem = 418967552 (409148K)
 using 4256 buffers containing 23511040 bytes (22960K) of memory
 mainbus0 (root)
 bios0 at mainbus0: AT/286+(d9) BIOS, date 09/15/06, BIOS32 rev. 0 @ 0xfa960, 
 SMBIOS rev. 2.3 @ 0xf (33 entries)
 apm0 at bios0: Power Management spec V1.2
 apm0: AC on, battery charge unknown
 apm0: flags 70102 dobusy 1 doidle 1
 pcibios0 at bios0: rev 2.1 @ 0xf/0xcce4
 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcc20/192 (10 entries)
 pcibios0: bad IRQ table checksum
 pcibios0: PCI BIOS has 10 Interrupt Routing table entries
 pcibios0: PCI Exclusive IRQs: 5 10 11 15
 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8237 ISA rev 0x00)
 pcibios0: PCI bus #1 is the last bus
 bios0: ROM list: 0xc/0xfc00 0xd/0x1000 0xd1000/0x1000 0xd2000/0x5000!
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
 pchb0 at pci0 dev 0 function 0 VIA CN700 Host rev 0x00
 pchb1 at pci0 dev 0 function 1 VIA CN700 Host rev 0x00
 pchb2 at pci0 dev 0 function 2 VIA CN700 Host rev 0x00
 pchb3 at pci0 dev 0 function 3

Re: ROOTBACKUP=1 corruption problems on amd64 (OPENBSD_4_0)

[Otto Moerbeek]

On Thu, 29 Mar 2007, Didier Wiroth wrote:

 Hello,
 I'm using ROOTBACKUP=1 to have daily backups on several boxes running
 amd64 OPENBSD_4_0.
 Actually I noticed that on 1 box (the hardware is +/- 3 month old), the
 partition is *always* corrupted after the backup.
 The corruption happens every day. 
 
 Does anyone have an idea what could be the problem?

You're copying a life filessytem. Inconsitencies are to be expected.
It's the reason why fsck is run.

-Otto

 
 I'm using a LSI Megaraid controller (see dmesg below), here is the
 output.
 #bioctl ami0
 Volume  Status   Size Device
  ami0 0 Online   10485760 sd0 RAID5
   0 Online   400083124224 0:0.0   noencl ST3400620NS
 3.AE
   1 Online   400083124224 0:1.0   noencl ST3400620NS
 3.AE
   2 Online   400083124224 0:2.0   noencl ST3400620NS
 3.AE
   3 Online   400083124224 0:3.0   noencl ST3400620NS
 3.AE
   4 Online   400083124224 0:4.0   noencl ST3400620NS
 3.AE
  ami0 1 Online2097152 sd1 RAID0
   0 Online   400083124224 0:0.0   noencl ST3400620NS
 3.AE
   1 Online   400083124224 0:1.0   noencl ST3400620NS
 3.AE
   2 Online   400083124224 0:2.0   noencl ST3400620NS
 3.AE
   3 Online   400083124224 0:3.0   noencl ST3400620NS
 3.AE
   4 Online   400083124224 0:4.0   noencl ST3400620NS
 3.AE
  ami0 2 Online   73924608 sd2 RAID5
   0 Online   400083124224 0:0.0   noencl ST3400620NS
 3.AE
   1 Online   400083124224 0:1.0   noencl ST3400620NS
 3.AE
   2 Online   400083124224 0:2.0   noencl ST3400620NS
 3.AE
   3 Online   400083124224 0:3.0   noencl ST3400620NS
 3.AE
   4 Online   400083124224 0:4.0   noencl ST3400620NS
 3.AE
  ami0 3 Online   739451600896 sd3 RAID5
   0 Online   400083124224 0:0.0   noencl ST3400620NS
 3.AE
   1 Online   400083124224 0:1.0   noencl ST3400620NS
 3.AE
   2 Online   400083124224 0:2.0   noencl ST3400620NS
 3.AE
   3 Online   400083124224 0:3.0   noencl ST3400620NS
 3.AE
   4 Online   400083124224 0:4.0   noencl ST3400620NS
 3.AE
  ami0 4 Hot spare400083124224 0:5.0   noencl ST3400620NS
 3.AE
 
 Here is the daily mail report I get:
 Backing up root filesystem:
 
 copying /dev/rsd0a to /dev/rsd0h
 262139+1 records in
 262139+1 records out
 2147443200 bytes transferred in 548.279 secs (3916696 bytes/sec)
 ** /dev/rsd0h
 ** Last Mounted on /
 ** Phase 1 - Check Blocks and Sizes
 ** Phase 2 - Check Pathnames
 ** Phase 3 - Check Connectivity
 ** Phase 4 - Check Reference Counts
 UNREF FILE I=103073  OWNER=root MODE=100555
 SIZE=282672 MTIME=Feb 13 08:58 2007
 CLEAR? yes
 
 UNREF FILE I=103086  OWNER=root MODE=100555
 SIZE=106928 MTIME=Feb 13 08:58 2007
 CLEAR? yes
 
 UNREF FILE I=103113  OWNER=root MODE=100500
 SIZE=255536 MTIME=Feb 13 08:58 2007
 CLEAR? yes
 
 ** Phase 5 - Check Cyl groups
 FREE BLK COUNT(S) WRONG IN SUPERBLK
 SALVAGE? yes
 
 SUMMARY INFORMATION BAD
 SALVAGE? yes
 
 BLK(S) MISSING IN BIT MAPS
 SALVAGE? yes
 
 3116 files, 24391 used, 1007208 free (280 frags, 125866 blocks, 0.0%
 fragmentation)
 
 MARK FILE SYSTEM CLEAN? yes
  end snip --
 
 Here is the dmesg:
 OpenBSD 4.0-stable (GENERIC.MP) #0: Mon Jan  8 12:54:22 CET 2007
  
 [EMAIL PROTECTED]:/home/sources/src/sys/arch/amd64/compile/G
 ENERIC.MP
 real mem = 2146562048 (2096252K)
 avail mem = 1834729472 (1791728K)
 using 22937 buffers containing 214863872 bytes (209828K) of memory
 mainbus0 (root)
 bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf0690 (74 entries)
 bios0: stem manufacturer P5WDG2 WS PRO
 mainbus0: Intel MP Specification (Version 1.4) (INTELPRO )
 cpu0 at mainbus0: apid 0 (boot processor)
 cpu0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, 2404.44 MHz
 cpu0:
 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
 CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,LONG
 cpu0: 4MB 64b/line 16-way L2 cache
 cpu0: apic clock running at 267MHz
 cpu1 at mainbus0: apid 1 (application processor)
 cpu1: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz, 2404.11 MHz
 cpu1:
 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
 CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,LONG
 cpu1: 4MB 64b/line 16-way L2 cache
 mpbios: bus 0 is type PCI
 mpbios: bus 1 is type PCI
 mpbios: bus 2 is type PCI
 mpbios: bus 3 is type PCI
 mpbios: bus 4 is type PCI
 mpbios: bus 5 is type PCI
 mpbios: bus 6 is type ISA
 ioapic0 at mainbus0 apid 2 pa 0xfec0, version 20, 24 pins
 ioapic1 at mainbus0 apid 3 pa 0xfec1, version 20, 24 pins
 pci0 at mainbus0 bus 0: configuration mode 1
 pchb0 at pci0 dev 0 function 0 vendor Intel, unknown product 0x277c
 rev 0xc0
 ppb0 at pci0 dev 1 function 0 vendor Intel, unknown product 0x277d rev
 0xc0
 

Re: Apple hardware support?

[Otto Moerbeek]

On Thu, 29 Mar 2007, David Given wrote:

 Is there anyone working on porting OpenBSD to Intel Apple hardware? Such as
 the Macbook?
 
 I can't imagine it would be particularly hard; there'd need to be a way of
 loading and running a kernel via EFI, and then tweaking the hardware
 detection.

Work on your imagination and don't jump to conclusions.

Apple managed to make i386 hardware that is slightly different than
other PC hardware and with it own set of quircks/bugs. Some progress
has been made, but depending on the model and processor (e.g. Core Duo
vs Core Duo 2) the Apple Intels either works mostly or don't work
(yet). 

 The reason why I ask is that I've been eyeing the new Apple TV with a certain
 amount of interest. For only 150 UKP, you get a rather nice little box with
 very low power requirements and some decent hardware, which would be ideal as
 a home server. And I know the hardware is very similar to the Macbook. And,
 of
 course, the best server software is OpenBSD.

Similar hardware is not enough to know. The devil is in the details.
Sending an Apple TV to an interested developer might speed things up. 

-Otto