Re: client limit (100) reached, refusing connection from xx.xxx.x.26 OpenBSD 5.1
Motty Cruzwrites: > I see the following error in my firewall log: > client limit (100) reached, refusing connection from xx.xxx.x.26 (this > IP is on the firewall interface facing the public) > proxy cannot connect to server xx.xxx.x.48: No route to host Looks like a log message from ftp-proxy(8); the max 100 sessions limit is documented in the manpage. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: HUAWEI dongle
"Read, James C"writes: >>A full dmesg output, or at least an indication of what model the dongle is >>would be useful here. > > Would love to be able to do that. Anybody had success mounting an OpenBSD > filesystem in linux? IIRC it's something like mount -o ro,44bsd. > 0x00 > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Native EFI Bootloader Support
Joel Reeswrites: [...] > (Not that I particularly want to, but the US tax office seems to > expect everyone who is required to report certain things to be able to > run a current version of the Adobe PDF viewer. Or, if there is a > community supported pdf viewer that allows "filling out electronic pdf > forms". I'm not yet aware of it.) The last time I had such a need, I used graphics/evince. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ftp.html
Stuart Hendersonwrites: > On 2015-09-11, Rob Pierce wrote: >> Agreed about the word order. How about this? >> >> Index: ftp.html >>=== >> RCS file: /cvs/www/ftp.html,v >> retrieving revision 1.673 >> diff -u -p -r1.673 ftp.html >> --- ftp.html 25 Jul 2015 19:24:18 - 1.673 >> +++ ftp.html 11 Sep 2015 12:30:18 - >> @@ -61,7 +61,7 @@ upgrade your system very quickly. >> Download via >>HTTP/FTP >> >> -OpenBSD can be also easily installed via HTTP or FTP. >> +OpenBSD can also be easily obtained via HTTP or FTP. >> Typically you need a single small piece of boot media (e.g., a boot floppy) Boot floppy, really? :) >> and then the rest of the files can be installed from a number of locations, >> including directly off the Internet. >> >> > > I would just drop the word 'easily' here. +1 > Also, see the line at the top of the file, you are patching the wrong file. > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Show us your /etc/profile
Alexander Hall alexan...@beard.se writes: [...] I'm pretty sure this messes up $? at the prompt. Try: false echo $? You could circumvent this by saving $? at the beginning of the function and returning it at the end. Here's an excerpt of my .kshrc. The '$' is printed in red if the last command failed, $? is preserved in case I want to know the exact value. --- _nc=$(tput sgr0) _red=$(tput setaf 1) --- _ps1_err () { local _rc=$? [ $_rc -ne 0 ] printf %s $_red return $_rc } PS1='\h \w\[$(_ps1_err)\]\$\[$_nc\] ' --- -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: DHCPv6 server - send_packet6: Network is unreachable
Claus Lensbøl cl...@fab-it.dk writes: [...] Does anyone have a clue about what this issue could be? Or maybe give a direction in which I could try to debug? Please provide missing information, such as the OpenBSD version you're using, the version of your isc-dhcp package, your dhcpd configuration, etc You're also mentioning pf yet you don't provide your pf.conf. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ps: display command arguments
Ingo Feinerer feine...@logic.at writes: Hi, Hi Ingo, when running R --file=~/test.R --args -i -j -k with R from math/R in ports and test.R as commandArgs(TRUE) Sys.sleep(10) ps output displays /usr/local/lib/R/bin/exec/R --file=/home/user/test.R --args --args --args --args (Note the four --args.) However, R appears to have the right arguments (the first --args is deliberately ignored by R): R commandArgs(TRUE) [1] -i -j -k Any ideas why the display of the arguments in ps differs from the command line? One possible explanation is that R modifies its original argv[] in place. --8-- #include unistd.h int main(int argc, char *argv[]) { if (argc 2) return 1; argv[1] = new-argv[1]; sleep(20); return 0; } --8-- If you launch ./r some-arg you'll see new-argv[1] in ps(1) output. As a side note this doesn't happen on Linux thus some projects don't care much about the possible breakage on OpenBSD (see the pexp in net/geomyidae/pkg/geomyidae.rc). With a simple shell script I cannot reproduce this. E.g., ./test.sh --args -i -j -k with test.sh as #!/bin/sh * echo $@ sleep 10 results in ps displaying /bin/sh ./test.sh --args -i -j -k ksh doesn't do weird stuff like that, at least... * you could insert ''set -- --args --args --args --args'' here, to replace the original arguments, ksh wouldn't modify argv either. Best regards, Ingo -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: WiFi BCM43224 not configured!
Stefan Sperling s...@stsp.name writes: On Wed, Jun 17, 2015 at 12:47:57PM +0200, Jérémie Courrèges-Anglas wrote: IIUC BCM43* nics could have been supported if development efforts hadn't been killed by licensing issues. I doubt there are developers who want to work on this anymore. You're probably referring to the b43 Linux driver story from years ago. Our bwi(4) has nothing to do with that. It was ported from DragonflyBSD. I was thinking about bcw(4). I believe the BCM43224 chip could be supported by bwn(4) in FreeBSD and definitely brcmsmac in Linux, both of which have a suitable licence. Not sure about bwn(4), according to their online manpage, but indeed the license of the linux driver seems appropriate[1]. Of course, there's a non-trivial amount of work involved in porting either of these drivers over. Volunteers, please sign in blood here: __ :) [1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/net/wireless/brcm80211/brcmsmac -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: WiFi BCM43224 not configured!
Mohammad BadieZadegan mbzade...@gmail.com writes: Is that possible to informing the OpenBSD developers that use its driver on the next release? Sorry but merely asking developers for feature X in release+1 is not the way to go. IIUC BCM43* nics could have been supported if development efforts hadn't been killed by licensing issues. I doubt there are developers who want to work on this anymore. Please follow Stefan's advices in http://marc.info/?l=openbsd-portsm=143453181530615w=2 : Please replace it with a different supported minipci card, or use a supported USB wifi dongle. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: jwm ; speedy window manager
Eivind Eide xeno...@gmail.com writes: i recommend jwm as window manager . Second that. It's a good WM for slow systems. But obsd port sticks at 2.1.0 http://openports.se/x11/jwm while upstreams have 2.2.2 http://www.joewing.net/projects/jwm/release-2.2.shtml#v2.2.2 ...probably have to read myself up on updating obsd ports one day instead of whining... We couldn't see the updates since upstream changed the location where the releases are stored. This has now been fixed and the road is clear if anyone wants to give a shot at updating it. ;) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: smtpd outbound SSL3_GET_KEY_EXCHANGE:bad dh p length
Marcus MERIGHI mcmer-open...@tor.at writes: Hello, Hi, frankenstein warning: stable.mtier.org, all patches applied the mail server in question doesn't deliver to a certain destination (Network error on destination MXs). Other destinations work. When I connect manually I can send messages via the destination server. But no TLS involved this way. SMTP greeting of destination server: $ nc 216.55.105.124 25 220 mobile-systems.at ESMTP Sendmail 8.14.5/8.13.4; Mon, 30 Mar 2015 13:12:39 +0200 (CEST) log entries on originating server: Mar 30 13:11:18 frax smtpd[28031]: smtp-out: Connecting to smtp+tls://216.55.105.124:25 (216.55.105.124.hera.net) on session 23d6e647b646bf14... Mar 30 13:11:18 frax smtpd[28031]: smtp-out: Connected on session 23d6e647b646bf14 Mar 30 13:11:24 frax smtpd[28031]: smtp-out: Error on session 23d6e647b646bf14: IO Error: error:1408D06E:SSL routines:SSL3_GET_KEY_EXCHANGE:bad dh p length Mar 30 13:11:24 frax smtpd[28031]: smtp-out: Disabling route [] - 216.55.105.124 (216.55.105.124.hera.net) for 800s Mar 30 13:11:24 frax smtpd[28031]: smtp-out: No valid route for [connector:[]-[relay:yyy.at,heloname=mail.xxx.at],0x0] Mar 30 13:11:24 frax smtpd[28031]: smtp-out: No valid route for [connector:[]-[relay:yyy.at,heloname=mail.xxx.at],0x0] I guess it's about the line: Error on session 23d6e647b646bf14: IO Error: error:1408D06E:SSL routines:SSL3_GET_KEY_EXCHANGE:bad dh p length Any hints on what's going wrong here? This is likely due to /usr/src/lib/libssl/src/ssl/s3_clnt.c rev 1.108, rev 1.85.2.1 on branch OPENBSD_5_6. Any hints on how to solve or work around? Try to suggest mobile-systems.at folks that they use bigger dh params? (512 - = 1024 bits) Thanks in advance, Marcus P.S.: is m...@opensmtpd.org dead? The last mail I received from this list was 22 hours ago. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: [man ksh] missing keystroke for delete-char-forward
A diff has been committed (-current) to bind Delete (ESC[3~) to delete-char-forward. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: pkg_add vs. cvs -up, and pkg_check telling me about unknown files directories
Joel Rees joel.r...@gmail.com writes: I recently tried, for fun, or because I wasn't thinking, I'm not sure which, doing a cvs -up in /usr/ports. It told me P or U for archivers/cabextract, net/isc-bind, and www/drupal6/views, none of which should be installed on my system. (I don't remember which was P and which U.) Since they are not supposed to be installed, I did not run make in any of their directories in /usr/ports. cvs operations have little to do with the packages you have installed / ports you have built. man cvs | less +'/ U ' pkg_check is known to report false positives. I doubt there is enough data to tell whether your pkg_add / pkg_info glitches are real issues or just local, transient errors. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: postgresql-server exiting abnormally after upgrade to -snapshot
j...@wxcvbn.org (Jérémie Courrèges-Anglas) writes: Please try the diff below. It fixes the backwards memcpy problem easily noticeable with psql -h ::1. Updated diff. Thanks to Stuart for reminding me that netmasks sa_len values can be much surprising. $OpenBSD$ --- src/backend/libpq/hba.c.origMon Feb 16 21:53:21 2015 +++ src/backend/libpq/hba.c Mon Feb 16 23:08:38 2015 @@ -700,8 +700,13 @@ check_ip(SockAddr *raddr, struct sockaddr * addr, stru struct sockaddr_storage addrcopy, maskcopy; - memcpy(addrcopy, addr, sizeof(addrcopy)); - memcpy(maskcopy, mask, sizeof(maskcopy)); + memcpy(addrcopy, addr, sizeof(struct sockaddr_in)); + /* +* On some OSes, if mask is obtained from eg. getifaddrs(3), sa_len +* can vary wildly. We already know that addr-sa_family == AF_INET, +* so just use sizeof(struct sockaddr_in). +*/ + memcpy(maskcopy, mask, sizeof(struct sockaddr_in)); pg_promote_v4_to_v6_addr(addrcopy); pg_promote_v4_to_v6_mask(maskcopy); -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: postgresql-server exiting abnormally after upgrade to -snapshot
Please try the diff below. It fixes the backwards memcpy problem easily noticeable with psql -h ::1. $OpenBSD$ --- src/backend/libpq/hba.c.origMon Feb 16 21:53:21 2015 +++ src/backend/libpq/hba.c Mon Feb 16 21:54:44 2015 @@ -700,8 +700,8 @@ check_ip(SockAddr *raddr, struct sockaddr * addr, stru struct sockaddr_storage addrcopy, maskcopy; - memcpy(addrcopy, addr, sizeof(addrcopy)); - memcpy(maskcopy, mask, sizeof(maskcopy)); + memcpy(addrcopy, addr, addr-sa_len); + memcpy(maskcopy, mask, mask-sa_len); pg_promote_v4_to_v6_addr(addrcopy); pg_promote_v4_to_v6_mask(maskcopy); -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: sudo nohup tcpdump at startup
fRANz andrea.francesc...@gmail.com writes: On Thu, Jan 29, 2015 at 10:54 PM, Christopher Barry christopher.r.ba...@gmail.com wrote: what happens if you source /etc/rc.local instead? as in: [ -f /etc/rc.local ] . /etc/rc.local Hi Christopher, I'm sorry, same behaviour: some commands were correctly invoked, for example: /sbin/ifconfig pflog0 up /sbin/pflogd -f /dev/null but not tcpdump in this specific form: sudo nohup tcpdump -n -v -l -q -n -e -ttt -i pflog0 action block | logger -t pf -p local2.info The complete file is: # cat /etc/rc.local /sbin/ifconfig pflog0 up /sbin/pflogd -f /dev/null sudo nohup tcpdump -n -v -l -q -n -e -ttt -i pflog0 action block | logger -t pf -p local2.info Here nohup applies to tcpdump(1) only, not to logger(1). - nohup logger -t pf -p local2.info I already tried full paths but don't help. Again, it's not a problem hack the rc file but when possible I avoid it, as suggested many times in this list ;-) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: LibReSSL CHACHA20/POLY1305
Renaud Allard ren...@allard.it writes: On 11/14/2014 10:12 AM, Jonathan Gray wrote: Now openssl ciphers CHACHA20 works as intended # openssl ciphers CHACHA20 ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305 This is already present in rev 1.68/-current http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/ssl_ciph.c.diff?r2=1.68r1=1.67f=u So now, I have set in nginx.conf this ssl_ciphers !aNULL:AES256:AES128:CHACHA20:@STRENGTH; But using sslscan, I still get: FailedTLSv1 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 I guess it means that you didn't feed with nginx an ecdsa cert. Is that somewhere else? -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: security - pass the hash style attacks?
Philip Guenther guent...@gmail.com writes: [apologies for the contentless previous message] On Sun, Nov 2, 2014 at 4:43 PM, Philip Guenther guent...@gmail.com wrote: On Sun, Nov 2, 2014 at 4:41 PM, Nex6|Bill n6gh...@yahoo.com wrote: ... what about kerberos? (windows K5 vs Unix K5?) There's a bunch of *really good* papers on Kerberos's design which discuss exactly these sorts of issues and how they are addressed or completely avoided. I remember finding the one cast as a dialog between two system programmers (one named Athena...) as a good intro on this stuff. Yup. First tutorial link on this page: http://web.mit.edu/kerberos/papers.html -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: OT: integrating git branch output into ksh PS1 shell prompt?
Fred Snurd fredsn...@yahoo.com writes: Git fans like to know what branch is current, and bash's implementation of PS1 allows for update each time it is displayed. All of my attempts of adding a call to a ksh function into PS1 appear to be evaluated at the time that PS1 is set, but not upon each new display of the shell prompt. Does anyone have suggestions on how to have ksh execute a function upon each display of PS1? Use single quotes, eg. _ps1_err() { local _rc=$? [ $_rc -ne 0 ] printf %s $_red return $_rc } PS1='\h \w\[$(_ps1_err)\]\$\[$_nc\] ' -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: OpenBSD 5.5 + FreeRADIUS 2.2: PID directory deleted on reboot?
Andrew Lester martinblan...@gmail.com writes: Hi all, Hi, This is probably a very simple question, but for the life of me I have not been able to locate a solution. I am running a RADIUS server on OpenBSD 5.5 stable (+ openssl patches) using FreeRADIUS 2.2.0p2 from the ports tree. When I first installed FreeRADIUS, it worked great. However, when I rebooted the system, radiusd would no longer start. I discovered the run_dir of /var/lrun/radiusd, which houses the PID file and socket, was missing. I re-created the directory and changed its ownership to _freeradius. After that, it started working again. But whenever the system reboots, the entire /var/run/radiusd directory gets deleted somehow. That's a fact, /var/run is cleaned up at boot time. The only references I could find regarding this happening with OpenBSD was on a blog, where the recommendation was simply to manually re-create the directory. There must be something I am missing here, and I feel like it’s probably quite simple. Does anybody know what I need to do in order to prevent the run dir from being deleted, or know if there is a better location for it where it won’t be automatically deleted when the system reboots? The fr package comes with an rc script that takes care of this for you: rc_pre() { /usr/bin/install -d -o _freeradius /var/run/radiusd } If you don't use it (eg. because you run radiusd -X in tmux), just add that line to /etc/rc.local. Thanks in advance for any help, it is much appreciated and OpenBSD rocks! :) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Custom kernel with PIPEX without IPSEC failed to compile
Ivan Solonin iss...@gmail.com writes: I tried to compile custom kernel in the 5.5 release of OpenBSD on landisk platform with PIPEX, but found requirment of IPSEC by PIPEX. As I've found in file /sys/netinet/udp_usrreq.c it uses IPSEC only with L2TP to distinguish IPsec packets against non-IPsec. Is PIPEX so strong require IPSEC? Is it possible to compile custom kernel with PIPEX enabled, but without IPSEC? The landisk 5.5 kernel weighs 3664076 bytes. I'd say that trying to get rid of a few kilobytes won't help much. Regarding your actual question, no idea. ;) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Custom kernel with PIPEX without IPSEC failed to compile
Sender: owner-m...@openbsd.org On-Behalf-Of: j...@wxcvbn.org Subject: Re: Custom kernel with PIPEX without IPSEC failed to compile Message-Id: 87lhspkug7@ritchie.wxcvbn.org Recipient: adam.atkin...@damovo.com Received: from Mail2.damovo.com (109.204.121.44) by UK001B237.d.grp (10.8.1.9) with Microsoft SMTP Server (TLS) id 14.2.318.4; Sun, 22 Jun 2014 13:20:57 +0100 Received: from cluster-j.mailcontrol.com (85.115.54.190) by Mail2.damovo.com (109.204.121.44) with Microsoft SMTP Server (TLS) id 14.2.318.4; Sun, 22 Jun 2014 13:20:56 +0100 Received: from shear.ucar.edu (lists.openbsd.org [192.43.244.163]) by rly45j.srv.mailcontrol.com (MailControl) with ESMTP id s5MCKqbQ004783 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for adam.atkin...@damovo.com; Sun, 22 Jun 2014 13:20:55 +0100 Received: from openbsd.org (localhost [127.0.0.1]) by shear.ucar.edu (8.14.5/8.14.5) with ESMTP id s5MCUnkU005827 for adam.atkin...@damovo.com; Sun, 22 Jun 2014 06:30:49 -0600 (MDT) Received: from chomsky.autogeree.net (chomsky.autogeree.net [91.216.110.36]) by shear.ucar.edu (8.14.5/8.14.5) with ESMTP id s5MCUTvg030186 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO) for misc@openbsd.org; Sun, 22 Jun 2014 06:30:31 -0600 (MDT) Received: from ritchie.wxcvbn.org (localhost [127.0.0.1]) by wxcvbn.org (8.14.8/8.14.8) with ESMTP id s5MCJcxL011658; Sun, 22 Jun 2014 14:19:38 +0200 (CEST) Received: (from jca@localhost) by ritchie.wxcvbn.org (8.14.8/8.14.8/Submit) id s5MCJaa4026132; Sun, 22 Jun 2014 14:19:36 +0200 (CEST) From: =?utf-8?Q?J=C3=A9r=C3=A9mie_Courr=C3=A8ges-Anglas?= j...@wxcvbn.org To: Ivan Solonin iss...@gmail.com CC: misc@openbsd.org Subject: Re: Custom kernel with PIPEX without IPSEC failed to compile References: op.xhul9xnc16z...@ic0.lan.rlan Mail-Followup-To: Ivan Solonin iss...@gmail.com, misc@openbsd.org Date: Sun, 22 Jun 2014 14:19:36 +0200 Message-ID: 87lhspkug7@ritchie.wxcvbn.org User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 List-Help: mailto:majord...@openbsd.org?body=help List-ID: misc.openbsd.org List-Owner: mailto:owner-m...@openbsd.org List-Post: mailto:misc@openbsd.org List-Subscribe: mailto:majord...@openbsd.org?body=sub%20misc List-Unsubscribe: mailto:majord...@openbsd.org?body=unsub%20misc X-Loop: misc@openbsd.org Precedence: list Sender: owner-m...@openbsd.org X-Mailcontrol-Inbound: 8gSgIv9v3sbRnxYICSb3h!uiaIa96vptNsOUTq2TeYo= X-Spam-Score: 1.106 X-Scanned-By: MailControl 28796.38 (www.mailcontrol.com) on 10.74.0.155 Return-Path: owner-misc+M140773=adam.atkinson=damovo@openbsd.org X-MS-Exchange-Organization-OriginalArrivalTime: 22 Jun 2014 12:20:56.5112 (UTC) X-MS-Exchange-Organization-OriginalClientIPAddress: 85.115.54.190 X-MS-Exchange-Organization-OriginalServerIPAddress: 109.204.121.44 X-MS-Exchange-Organization-MessageDirectionality: Incoming X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: Mail2.damovo.com X-MS-Exchange-Organization-PRD: openbsd.org Received-SPF: None (Mail2.damovo.com: owner-m...@openbsd.org does not designate permitted sender hosts) X-MS-Exchange-Organization-OriginalSize: 2778 X-MS-Exchange-Forest-MessageScope: ---- X-MS-Exchange-Organization-MessageScope: ---- X-MS-Exchange-Organization-HygienePolicy: Standard X-MS-Exchange-Organization-AVStamp-Mailbox: MSFTFF;1;0;0 0 0 X-MS-Exchange-Organization-MessageLatencyInProgress: LSRV=Mail2.damovo.com:TOTAL=0;2014-06-22T12:20:56.760Z X-MS-Exchange-Forest-ArrivalHubServer: UK001B237.d.grp X-MS-Exchange-Organization-SenderIdResult: NONE X-MS-Exchange-Organization-AuthSource: Mail2.damovo.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-MessageLatency: SRV=Mail2.damovo.com:TOTAL=0 X-MS-Exchange-Organization-Recipient-Limit-Verified: True X-MS-Exchange-Forest-RulesExecuted: UK001B237 X-MS-Exchange-Organization-Rules-Execution-History: WW-SetDomainsAsNotJunk%%%DamovoUK-FaultEscalation%%%DamovoUK_AutoResponse%%%DE-UPSAlarmRule%%%BE-OutboundDisclaimer%%%WW-OutboundDisclaimer%%%UK-OutboundDisclaimer%%%IE-OutboundDisclaimer%%%DamovoUK_GFiRule%%%DE-Redirect_Techem%%%CH-SupportRule%%%UKScanToEmailBlockExternal Ivan Solonin iss...@gmail.com writes: I tried to compile custom kernel in the 5.5 release of OpenBSD on landisk platform with PIPEX, but found requirment of IPSEC by PIPEX. As I've found in file /sys/netinet/udp_usrreq.c it uses IPSEC only with L2TP to distinguish IPsec packets against non-IPsec. Is PIPEX so strong require IPSEC? Is it possible to compile custom kernel with PIPEX enabled, but without IPSEC? The landisk 5.5 kernel weighs 3664076 bytes. I'd say that trying to get rid of a few kilobytes won't help much. Regarding your actual question, no idea. ;) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF
Re: Ethernet configuration problem
Salut Thuban, hi folks, Thuban thu...@yeuxdelibad.net writes: Hello, I am currently trying to install OpenBSD 5.5 on a usb stick, and didn't manage to connect to the internet (to download file sets). Neither dhcp works. I tried to configure the interface manually, but the ethernet interface seems to still be sleeping. I used this command : ifconfig jme0 inet 192.168.1.68 255.255.255.0 192.168.1.255 If it can help, here is an extract from the `dmesg` command (written by hand, sorry) jme0 at pci3 dev 0 function 0 JMicron JMC250 rev 0x05; msi, address ... The OpenBSD project doesn't seem to have any record of this particular revision of this card. Thus I wouldn't expect it to work. What would be cool, now, if you have a working wireless interface (I guess you don't) or if you have another usb stick: send the dmesg of your machine as hinted here: http://www.openbsd.org/faq/faq4.html#SendDmesg Note that you can also download the sets before performing the install in bsd.rd (then you can fetch them from your second USB stick). jmphy0 at jme0 phy 1: JMP211 10/100/1000 PHY, rev.1 The command ifconfig detect 2 interfaces : jme0 and vlan0 (wifi I guess?) No, vlan interfaces are... vlan interfaces. There is no network interface named wlan on OpenBSD, those wireless interfaces are named like the drivers that support them. Do you have any suggestion to make this ethernet working? Send your hardware to a developer interested in adding support for it? :) All my apologize for my bad english and beginner questions. Regards, -- Thuban PubKey : http://yeuxdelibad.net/Divers/thuban.pub KeyID : 0x54CD2F2F [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Chain loading from grub 0.97
Benjamin Heath benjamin.joel.he...@gmail.com writes: Hello misc! I've had Openbsd 5.5 for a while as the sole system on my eeepc. I decided to install grub and multi boot to either Linux or Freebsd. # pkg_add grub # grub-install # reboot Oops. I didn't configure it. Oh well, I'm sure I can just use grub manually to chainload Openbsd. First I make sure nothing was erased. grub find /boot (hd0,3,a) grub find /bsd.rd (hd0,3,a) grub find /root/.profile (hd0,3,a) So it's clearly still there. grub rootnoverify (hd0,3,a) grub chainloader +1 grub boot What about (untested): grub rootnoverify (hd0,3) grub chainloader +1 grub boot [...] -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: bind port broken
Stéphane Guedon steph...@22decembre.eu writes: Le lundi 19 mai 2014 14:59:54, vous avez écrit : You provide zero details on what you are doing, how can someone know what to fix without the minimum bits of information. I was aware of the thing, yet didn't know what to do since I have done really really few. I just placed myself in /usr/ports/net/isc-bind and launched a make clean, then make as explained on the faq page. Then, make produced a lot of compil work which ended at : [...] *** Error 2 in bin/named (Makefile:559 'named') *** Error 1 in bin (Makefile:100 'subdirs') *** Error 1 in /usr/obj/ports/isc-bind-9.9.3pl1/build-amd64 (Makefile:107 'subdirs') *** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2659 '/usr/obj/ports/isc-bind-9.9.3pl1/build-amd64/.build_done') *** Error 1 in /usr/ports/net/isc-bind (/usr/ports/infrastructure/mk/bsd.port.mk:2388 'all') The release is bind 9.9.3, I am on amd64 and my openbsd is a 5.5 just upgraded (so I had to rebuild my bind cause it contains the dnssec signer I use). $ cd /usr/ports/net/isc-bind cvs up -r OPENBSD_5_5 Makefile gives me a 9.9.5 bind port, not 9.9.3. Confusing... [...] -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: bgpd/session.c+rde.c code explanation
Denis Fondras open...@ledeuns.net writes: please, if you want to help, be MUCH more precise (and get clear on what side of the fork() we are). With a report like that I had to go through large parts of code to ecventually maybe spot what you are referring to. That doesn't help, that just costs time. I appreciate the effort, but please make it easier to consume for us :) Sorry for the imprecise question. I am reading src/usr.sbin/bgpd/rde.c (rev 1.328). At line 234 (so in the child process), there is : if ((conf = calloc(1, sizeof(struct bgpd_config))) == NULL) I can't find any free(conf) later in the code. From _exit(2) I don't understand it can free allocated memory on itself. How is it handled ? By the OS, which cleans up after the process exits. If it wasn't that way, we'd all have a much shorter uptime... -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: bgpd/session.c+rde.c code explanation
Denis Fondras open...@ledeuns.net writes: By the OS, which cleans up after the process exits. If it wasn't that way, we'd all have a much shorter uptime... Thank you Jérémie :) I had not considered it as I can see ... free(ibuf_rde); ... free(ibuf_main); ... at the end of session_main() in session.c. Maybe you should consider this as best effort. It's a good thing to clean up at the end of a function in an executable, even in error cases where the end result is exit(1) / err() / fatal(), because code gets copied and used in different contexts (where cleaning up could be necessary). But from discussions on tech@ a few months ago, you'll see that there is no real interest in amending those non-problems if no true audit is done to track down all occurrences in a particular piece of software. That said, thid diff works fine on a simple test setup. Index: session.c === RCS file: /cvs/src/usr.sbin/bgpd/session.c,v retrieving revision 1.334 diff -u -p -p -u -r1.334 session.c --- session.c 22 Jan 2014 04:08:08 - 1.334 +++ session.c 6 May 2014 13:21:26 - @@ -599,6 +599,7 @@ session_main(int pipe_m2s[2], int pipe_s free(la); } free(conf-listen_addrs); + free(conf); free(peer_l); free(mrt_l); free(pfd); -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: dovecot-lda delivery failure: can't expand ~/
Steve Fairhead st...@fivetrees.com writes: Hi folks, Hi, I'm preparing a new machine (OpenBSD 5.5, Dovecot 2.2.10) to replace an elderly but venerable (OpenBSD 4.3, Dovecot 1.0.10) mailserver. Access from mail clients to the IMAP Maildirs is working fine (so it's not an auth issue, I think), but local mail delivery (to/from system users) is failing. The maillog shows this: May 4 12:03:10 hglserver-test1 dovecot: lda(steve): Error: user steve: Initialization failed: Namespace '': Home directory not set for user. Can't expand ~/ for mail root dir in: ~/Maildir May 4 12:03:10 hglserver-test1 dovecot: lda(steve): Fatal: Invalid user settings. Refer to server log for more information. May 4 12:03:10 hglserver-test1 sendmail[5139]: s440WjIS026017: to=| /usr/local/libexec/dovecot/deliver, ctladdr=steve (1000/1000), delay=10:30:25, xdelay=00:00:00, mailer=prog, pri=2269378, dsn=4.0.0, stat=Deferred: prog mailer (/bin/sh) exited with EX_TEMPFAIL The configuration for mail location is: mail_location = maildir:~/Maildir and again, mail clients can see this. I'm using sendmail with .forward files calling the LDA as documented in the Dovecot wiki: | /usr/local/libexec/dovecot/deliver Note that this is now merely a symlink to /usr/local/libexec/dovecot/dovecot-lda. where dovecot/deliver is a stock symlink to dovecot-lda. The conf.d/15-lda.conf file is stock, which appears correct to me. I've searched and searched for clues; the lack of relevant results in e.g. Google leads me to the humbling conclusion that I'm doing something monumentally stupid. Any cluebats gratefully accepted. I use the dovecot, just to fill and access my maildir (no listener or auth involved), with ''dovecot-lda -kc conffile'' from my .forward. It uses the environment to expand my ~/Maildir path, and userdb { driver = passwd } (just to avoid spam about disabling the duplicates database). -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: bgpd/session.c+rde.c code explanation
Claudio Jeker cje...@diehard.n-r-g.com writes: On Tue, May 06, 2014 at 03:32:06PM +0200, Jérémie Courrèges-Anglas wrote: Denis Fondras open...@ledeuns.net writes: By the OS, which cleans up after the process exits. If it wasn't that way, we'd all have a much shorter uptime... Thank you Jérémie :) I had not considered it as I can see ... free(ibuf_rde); ... free(ibuf_main); ... at the end of session_main() in session.c. Maybe you should consider this as best effort. It's a good thing to clean up at the end of a function in an executable, even in error cases where the end result is exit(1) / err() / fatal(), because code gets copied and used in different contexts (where cleaning up could be necessary). Bad advice, you should not cleanup before err() or fatal() ever. It could very well be that you hit a bug that trashed your heap and calling free() will not solve anything. Doing cleanup before exit is only used to check for memleaks with simple tools. I do agree with your argument, but I find it hard to apply every time. When looking at one function it can be hard to see if the caller(s) will call fatal() or not (not all errors are fatal, after all). Sorry for the bad advice. [...] -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Hearbleed and OpenSSL 1.0.1c
Lars Bonnesen lars.bonne...@gmail.com writes: Just want to make sure if I get this right. Patches 007 and 008 (OpenSSL-fix) for 5.4 has been run. OpenBSD 5.5 install source code patch branch run and compiled. On both setup I get this: # openssl version -a OpenSSL 1.0.1c 10 May 2012 built on: date not available platform: information not available options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: information not available OPENSSLDIR: /etc/ssl As far as I understand, OpenSSL 1.0.1g is needed in order to be home same reg. heartbleed. I know that OpenBSD's OpenSSL is a fork, and this is maybe where the confussion comes in... but can someone clarify for me the above? The patches you applied are just that, patches that fix the problem they're supposed to fix. There is no reason to change the OpenSSL version in such a patch, it would be a lie. This is not related to the fork, which happened in -current and does not affect 5.5. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: pkg_add http://${REDIRECT}
Hi, Try to deal with packages like the OpenBSD project does. Just stuff your packages in http://foo/$release/packages/$arch/ Tell your clients to tweak their pkg.conf and run pkg_add 10bees That's it. When you have a new version / a bumped package, just upload it there. You don't need to purge the older ones; this would allow your clients to rollback to an older version easily. Supporting -current involves more work, you'd have to coordinate with both the OpenBSD development process and your clients to distribute freshly built packages. BTW for 5.5+ you will have to deal with signed packages. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ftp-proxy versus IPv4 and IPv6 dual stack?
John Jasen jja...@realityfailure.org writes: As a quick sanity check, the ftp-proxy daemon in OpenBSD 5.4 through -current does NOT listen on IPv4 and IPv6 simultaneously? As documented. In order to support FTP over IPv4 and IPv6, two running ftp-proxy daemons would be required, one with the -6 flag? Yup. Well, if you need ftp-proxy in the first place. Are you sure you need FTP btw? :) If so, I do not see an immediate way to fire two ftp-proxy instances in rc.conf.* -- would one of them have to be triggered from rc.local? Or is there a cleaner way? They can't be started by the same, unmodified rc.d/ftpproxy script*. I'd start both from rc.local to prevent confusion. * if it had to be integrated with rc.d(8), that would mean adding a ftpproxy6 script, hooking it in /etc/rc and adding a -4 flag to ftpproxy so that the daemons command lines differ properly for rc.d(8) signalling. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ftp-proxy versus IPv4 and IPv6 dual stack?
Stuart Henderson s...@spacehopper.org writes: On 2014-04-15, Jérémie Courrèges-Anglas j...@wxcvbn.org wrote: * if it had to be integrated with rc.d(8), that would mean adding a ftpproxy6 script, hooking it in /etc/rc and adding a -4 flag to ftpproxy so that the daemons command lines differ properly for rc.d(8) signalling. It needs handling one way or another, and that doesn't seem *too* horrible (not that it's exactly nice).. other alternatives i can think of, more or less ugly / worth it: - tweaking pexp - ln /usr/sbin/ftp-proxy /usr/sbin/ftp6-proxy, handle argv[0] - handling carefuly both v4 and v6 in the same ftpproxy option 2 looks easy and less error-prone even if the name looks ugly. dunno what others think. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: 003_ftp.patch, cert ref count
Mike Small sma...@panix.com writes: Was looking at http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/003_ftp.patch.sig this last chunk... + if (ssl_verify) { + X509 *cert; + + cert = SSL_get_peer_certificate(ssl); + if (cert == NULL) { + fprintf(ttyout, %s: no server certificate\n, + getprogname()); + goto cleanup_url_get; + } + + if (ssl_check_hostname(cert, host) != 0) { + fprintf(ttyout, %s: host `%s' not present in + server certificate\n, + getprogname(), host); + goto cleanup_url_get; + } + + X509_free(cert); } If that second check fails and you goto cleanup_url_get you skip X509_free(cert). Wouldn't that screw up the reference count? Good catch. Or does that not matter after SSL_Shutdown and SSL_Free are called? It does not matter because if the second check fails, we're going to exit the process anyway, so a memory leak does not have an impact; I'm more concerned by the ssl_ctx allocation, for which I already have a diff. Thanks, -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: heartbleed ssl bug and ports or packages question
Didier Wiroth dwir...@gmail.com writes: Hello, I'm not a developer but more of an openbsd hobbyist. I'm using current with current packages that are a few days old. I patched my openbsd servers and revoked all my ssl keys, generated new ones and changed every possible password. Even though, as far as I understood, you can't be sure credentials have not been read out of memory and your system has not been compromised at some point in the past. Anyway, I had a look at the following patch and was reading the comments: http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/002_openssl.patch.sig and came across this line: Also recompile any statically-linked binaries depending on it F.ex. I use dovecot: # ldd `which dovecot` /usr/local/sbin/dovecot: StartEnd Type Open Ref GrpRef Name 04f81c50 04f81c913000 exe 10 0 /usr/local/sbin/dovecot 04fa2152c000 04fa219f4000 rlib 01 0 /usr/local/lib/dovecot/libdovecot.so.2.0 04fa1d89 04fa1dd7d000 rlib 01 0 /usr/lib/libc.so.74.0 04fa275a7000 04fa27aa4000 rlib 01 0 /usr/local/lib/libiconv.so.6.0 04fa2bb0 04fa2bb0 rtld 01 0 /usr/libexec/ld.so The following library is not listed: /usr/lib/libssl.so.20.0 So I guess ssl was statically compiled in the dovecot package/port, as dovecot supports ssl and I currently use it. /usr/local/sbin/dovecot is not the listener facing the network. ldd /usr/local/libexec/dovecot/imap-login Is it possible to track which ports or packages have statically compiled in ssl support? I can't think of a reliable way to do this. I doubt there are many of such ports. Do I need to recompile/rebuild the port with the patched libssl library? or better ... but slower: Do I need to recompile every ports to be sure the bug can't be exploited on my openbsd systems? Your call. Note that dpb makes it easy. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: unlink utility
Dmitrij D. Czarkoff czark...@gmail.com writes: Gilles Chehade said: without commenting on the need for the utility itself, the code you have provided does not respect the coding style of OpenBSD, and your main function shouldn't be returning errno Sorry, I was not paying enough attention to style. Not discussing the usefulness of unlink(1), but it's bikeshedding time here. Sorry. :) What about this one: unlink.c /* * Copyright (c) 2014 Dmitrij D. Czarkoff czark...@gmail.com * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include errno.h #include locale.h #include stdio.h #include stdlib.h #include unistd.h extern char *__progname; static void usage(void); int main(int argc, char **argv) { setlocale(LC_ALL, ); if (argc != 2) usage(); I suggest using getopt() and the usual argc -= optind, argv += optind dance, for consistency at the source level and to handle -- transparently. else if (unlink(*(argv + 1))) { With what I said above, this becomes *argv. perror(__progname); return (1); err() can do this in one line, while giving you a more rich error message: err(1, unable to delete `%s', *argv); } return (0); } static void usage(void) { (void)fprintf(stderr, usage: %s file\n, __progname); Now that we have getprogname(), maybe we could start using it? exit(1); } -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: unlink utility
Theo de Raadt dera...@cvs.openbsd.org writes: but given that 'unlink' is already used in some scripts I would like to see some proof of that. The way I see it, the ports tree is a large enough ecosystem capable of measuring whether something is in use. So, since it isn't in the ports tree, please show some proof. The only port that we patch so that it calls rm -f instead of unlink at runtime is sysutils/gitolite. The patch has already been committed upstream. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ksh reopening stdin
LEVAI Daniel l...@ecentrum.hu writes: Hi! Hi Daniel, I'm doing this: --- script.sh --- #!/bin/ksh for word in $(tr '\n' ' ');do # ^^ tr(1) reads from standard input ... some stuff ... done read FOO case ${FOO} in ... ... ... esac --- script.sh --- $ script.sh /foo/bar The problem with this of course, is that I want `read' to read from the user interactively, also from stdin, but stdin is piped to the script (and subsequently to tr(1)) before `read'. So now `read' just gets eof. I'm thinking about something along the lines of first closing the stdin that is piped to the script (somehow, I don't know), then reopening it (also, somehow). I know this sounds vague, but does the concept makes sense at all? I was playing around with something like this: for word in $(tr ..);do; ... ;done exec 3/dev/stdin exec - exec 03 read FOO Try using ''read /dev/tty'' for your interactive user input. Thanks for any pointers! Daniel -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: The unknown in i386-unknown-openbsd5.4
na...@mips.inka.de (Christian Weisgerber) writes: [...] Maybe we can just leave it. Indeed. -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE (previous: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494)
Re: The unknown in i386-unknown-openbsd5.4
Adam Jensen han...@riseup.net writes: On Sun, 02 Feb 2014 18:19:50 +0100 j...@wxcvbn.org (Jérémie Courrèges-Anglas) wrote: Maybe we can just leave it. Indeed. Well, at least you didn't call it a bikeshed issue (though, that probably would have been a more compelling statement). Fine: I call this a bikeshed issue. -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE (previous: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494)
Re: OpenBSD as a router on Oracle T5120
Eduardo Meyer dudu.me...@gmail.com writes: [...] I will try ftp://ftp.openbsd.org//pub/OpenBSD/snapshots/sparc64/install55.iso right now. Other than simply running it is there anything else I should look at, or any new command line tool to play around? Disabling pf and kern.pool_debug would save some CPU cycles. -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE (previous: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494)
Re: netstat segfault on -current
Alexey Suslikov alexey.susli...@gmail.com writes: On Tue, Dec 24, 2013 at 12:16 AM, Chris Smith obsd_m...@chrissmith.org wrote: On Mon, Dec 23, 2013 at 5:10 PM, Alexey E. Suslikov alexey.susli...@gmail.com wrote: blind guess - you have kernel and userland out of sync. Not so. It doesn't matter how so: ABI is either in sync, or it is out of sync (hence the issue). cvs up and rebuild/reinstall netstat. This may very well be a real issue, not just another case of out-of-sync. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Is Ext2 stable enough for normal use?
Tekk t...@parlementum.net writes: I've got an ext3 /home partition which I use under linux, how likely is it that files will get clobbered if I use the same /home under a dual boot with openbsd? This is a really really really bad idea, even without taking into account that ext2fs support is minimal (eg. some recent modifications made on ext2/3 created on Linux make the FS unusable on OpenBSD). -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Issues compiling binkd-1.1 on OpenBSD 5.3 (testing on 5.4 in a bit, as well); ns_msg undeclared
Damon Getsman damo.g...@gmail.com writes: I've got a system that I'm trying to get connected to another fidonet hub [again], but I'm having issues now that I'm having to connect to a new coordinator. Previously I was able to connect via binkd-0.9.4, but I'm having issues that I can't get resolved between several people very experienced with binkd; it appears to be an incompatibility between more recent versions and 0.9.4, not a configuration issue. Unfortunately, when attempting to get binkd-1.1 to compile on my OpenBSD 5.3 system, there appears to be some issues either locating a library or finding the correct library to install on my system. There is a rather large lack of information for my situation available; as far as anybody experienced with fidonet or binkd (as far as I know) knows, I'm the only person that has had binkd running on OpenBSD, let alone run into these incompatibilities and tried to get binkd-1.1 to compile in this environment. Here is the problem that I've been getting, starting with the 'configure' shell script output that seems to be applicable: -=-=- checking for ns_initparse... no checking for ns_msg._msg_ptr... no checking for ns_msg._ptr... no -=-=- and then, compilation seems to go fine until I hit the last few files before final linkage; 'make' errors follow: -=-=- Compiling srv_gai.c... srv_gai.c: In function 'srv_getaddrinfo': srv_gai.c:82: error: 'ns_msg' undeclared (first use in this function) srv_gai.c:82: error: (Each undeclared identifier is reported only once srv_gai.c:82: error: for each function it appears in.) srv_gai.c:82: error: expected ';' before 'nsb' srv_gai.c:83: error: 'ns_rr' undeclared (first use in this function) srv_gai.c:83: error: expected ';' before 'rrb' srv_gai.c:137: error: 'ns_c_in' undeclared (first use in this function) srv_gai.c:137: error: 'ns_t_srv' undeclared (first use in this function) srv_gai.c:151: warning: implicit declaration of function 'ns_initparse' srv_gai.c:151: error: 'nsb' undeclared (first use in this function) srv_gai.c:163: warning: implicit declaration of function 'ns_msg_count' srv_gai.c:163: error: 'ns_s_an' undeclared (first use in this function) srv_gai.c:164: warning: implicit declaration of function 'ns_parserr' srv_gai.c:164: error: 'rrb' undeclared (first use in this function) srv_gai.c:168: warning: implicit declaration of function 'ns_rr_class' srv_gai.c:171: warning: implicit declaration of function 'ns_rr_type' srv_gai.c:173: warning: implicit declaration of function 'ns_rr_rdlen' srv_gai.c:178: warning: implicit declaration of function 'ns_rr_rdata' srv_gai.c:178: warning: assignment makes pointer from integer without a cast *** Error 1 in /usr/src/binkd-1.1 (Makefile:76 'srv_gai.o': @gcc -c -DPACKAGE_NAME=\\ -DPACKAGE_TARNAME=\\ -DPACKAGE_VERSION=\\ -DPACK...) -=-=- You need stuff that was moved from base to the net/libbind package. Now, I will be the first one to admit that my knowledge of Makefile syntax and operations is pretty limited. I can fumble my way through general modifications, but I'm not sure I'm doing things correctly. I've gotten some difficult packages to compile that haven't wanted to on particular systems, but I find these solutions pretty much by educated guess. I know C/C++, but I can't say that I've ever coded anything more than a few hundred (600) lines long in that language. So as far as porting to a new operating system, taking into account SYSV/BSD differences and anything else, I'm pretty lost. My web searching for the ns_msg and associated functions seemed to indicate that this is a part of libspf2, Well, libspf2 depends on libbind. which I then installed via pkg_add to my system. Right off the bat I attempted a freshly started 'configure' and 'make'. The configuration still indicated success, but with the same 'not found' messages that I indicated in my first cut 'n paste in this message. I then made several modifications to the Makefile and even attempted manual compilation of srv_gai.c with different command lines, trying to manually specify -lspf2. No luck. I even tried switching the order of the compilation in order to compile unix/ns_parse.c prior to srv_gai.c, thinking (strictly due to the superficial resemblance of the name of this file and hints that I saw in the source code) that perhaps an ns_msg may reside in there. Yeah, it was desperation time by this point. No go. So... you need to add /usr/local/include/bind/ to the include search list, /usr/local/lib/libbind/ to the lib search list (with -L and -R), you need to link against libbind (-lbind), and you need to patch srv_gai.c so that it includes arpa/nameser.h. The provided Makefile.in doesn't honor CPPFLAGS / LDFLAGS. At this point I'm totally out of ideas. I'd be grateful for anything that anybody might be able to suggest. Well, with possible exception of switching operating systems. My machine that has ports forwarded
Re: Patch to fix /etc/rc.d/identd...
Adam Jeanguenat a...@voyager.6v6.org writes: Below is a patch to fix the identd rc.d script, which currently doesn't allow you to stop the daemon because ${pexp} is passed incorrectly. Fixed, thanks. Note the string identd: resolver is 16 chars long and at the limit of what OpenBSD cares about (according to the pgrep/pkill(1) man page), but it works fine. I suppose both strings could be shortened if desired, but I figured the least amount of ambiguity was the best. This 16-bytes limitation is not a problem when using -f. If identd is already running, /var/run/rc.d/identd will need to be manually deleted first as it contains the wrong ${pexp}. --avj Index: identd === RCS file: /home/cvsync/src/etc/rc.d/identd,v retrieving revision 1.6 diff -u -p -r1.6 identd --- identd8 Aug 2013 15:41:28 - 1.6 +++ identd4 Dec 2013 19:17:26 - @@ -7,6 +7,7 @@ daemon_flags=-e . /etc/rc.d/rc.subr +pexp=identd: (listen|resolver) rc_reload=NO rc_cmd $1 -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Issues compiling binkd-1.1 on OpenBSD 5.3 (testing on 5.4 in a bit, as well); ns_msg undeclared
j...@wxcvbn.org (Jérémie Courrèges-Anglas) writes: [...] If building binkd on OpenBSD is so painful then a port could be useful. Something like that... [demime 1.01d removed an attachment of type application/octet-stream] -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: samba and e2fsprogs packages -- 5.4
Peter Fraser p...@thinkage.ca writes: samba required the e2fsprogs package. The problem occurs when trying to use samba's net command. The net command requires libuuid. It was not easy to find where libuuid was located. This kind of report should go to ports@... (redirecting there on purpose). What's the exact error / problem? -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Are there OpenBSD users who are not IT professionals?
Salim Shaw salims...@vfemail.net writes: OpenBSD is for the world. You have to ask yourself a few questions. Are you an open source advocate? Do you like the freedom to use an operating system the way you want to? Do you value stability and code correctness in an operating system? Is security paramount in your computing world? Do you value accurate documentation and a developer world who pride themselves on correctness? If the answer to these few question is yes, then OpenBSD is for you. I'd like to point out that yes is not a required answer to all those questions. Just pick what you like... [...] -- jca | PGP : 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Mount CD/DVD and playback DVD as normal user
Fred open...@crowsons.com writes: On 11/12/13 20:48, Laurence Rochfort wrote: Thanks Fred, /cdrom is the mount point, so no I don't think it should be a symlink. The command is: $ mount /dev/cd0a /cdrom mount_cd9660: /dev/cd0a on /cdrom: Operation not permitted Hi Laurence, You are right it should just be a node so not a symlink. The issue is with root owning /cdrom - but if you add /cdrom entry to fbtab: port:fred ~ tail -2 /etc/fbtab #/dev/ttyC0 0600/dev/fd0 /dev/ttyC00600/cdrom ^ 0700 *might* give better results. Then the user who logs in can then mount /cdrom port:fred ~ mount -tcd9660 /dev/cd0a /cdrom port:fred ~ mount /dev/sd0a on / type ffs (local) /dev/sd0k on /home type ffs (local, nodev, nosuid) /dev/sd0d on /tmp type ffs (local, nodev, nosuid) /dev/sd0f on /usr type ffs (local, nodev) /dev/sd0g on /usr/X11R6 type ffs (local, nodev) /dev/sd0h on /usr/local type ffs (local, nodev) /dev/sd0j on /usr/obj type ffs (local, nodev, nosuid) /dev/sd0i on /usr/src type ffs (local, nodev, nosuid) /dev/sd0e on /var type ffs (local, nodev, nosuid) /dev/sd2i on /mnt/usbpen type msdos (local) /dev/cd0a on /cdrom type cd9660 (local, nodev, nosuid, read-only) I had to read mount(8) and fbtab(5) to work it out... hth Fred -- jca | PGP : 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Similar tool as poudriere for OpenBSD
C. L. Martinez carlopm...@gmail.com writes: On Mon, Nov 11, 2013 at 4:29 PM, Vigdis vigdis+o...@chown.me wrote: On Mon, 11 Nov 2013 15:37:17 +, C. L. Martinez carlopm...@gmail.com wrote: Hi all, Exists some tool in OpenBSD similar to poudriere for FreeBSD? This tool builds massive packages for FreeBSD hosts and for different versions and releses (current, stable, release). https://wiki.freebsd.org/PkgPrimer https://fossil.etoilebsd.net/poudriere/doc/trunk/doc/index.wiki Thanks. http://openbsd.org/faq/faq15.html#dpb Yep, pretty pretty close ... But if I understand correctly, if I would like to build ports for i386 and amd64 archs I need to use two hosts: one to build i386 ports and another to build amd64 ports, correct?? Yes; there is no support for running i386 executables on amd64 thus dpb indeed has no support for that. Also the machines in your dpb cluster have to run the same OpenBSD version, with a ports tree in sync. -- jca | PGP : 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: openldap-2.4.36 server
Predrag Punosevac punoseva...@gmail.com writes: Hi Misc, Hi, this is a question for ports@. I am playing with OpenLDAP and I have a question about OpenLDAP server. I see in ports OpenLDAP server version 2.3.43 and the client version 2.4.36 even though current release is 2.4.37. Is there a particular reason besides lack of man power and interest why the server is not updated to 2.4.36 or newer? On -current i386: $ pkg_info -Q openldap openldap-client-2.4.36 (installed) openldap-server-2.3.43p13 openldap-server-2.4.36 openldap-server-2.4.36-aci I have hard time believing that 2.4.36 in the base due to licensing. There's ldapd in base if you want to give it a try. Am I missing something obvious as usual? Well... ;) -- jca | PGP : 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: segfault in netstat
Scott McEachern sc...@blackstaff.ca writes: Using the latest i386 snapshot (Nov8), running netstat as root causes a segfault. Earlier snaps may be affected, I'm just noticing this now. Running as a non-root user seems to be fine. # netstat -an Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp 0 0 192.168.1.5.22 192.168.1.4.41282 ESTABLISHED tcp 0216 192.168.1.5.22 192.168.1.4.18447 ESTABLISHED tcp 0 0 192.168.1.5.22 192.168.1.4.21025 ESTABLISHED tcp 0 0 *.6000 *.* LISTEN tcp 0 0 127.0.0.1.587 *.* LISTEN tcp 0 0 127.0.0.1.25 *.* LISTEN tcp 0 0 *.22 *.* LISTEN Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) udp 0 0 *.514 *.* Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp6 0 0 *.6000 *.* LISTEN tcp6 0 0 ::1.587*.* LISTEN tcp6 0 0 ::1.25 *.* LISTEN tcp6 0 0 *.22 *.* LISTEN Active UNIX domain sockets AddressType Recv-Q Send-Q Inode Conn Refs Nextref Addr Segmentation fault # netstat Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp 0 0 blackstaff.ssh 192.168.1.4.41282 ESTABLISHED tcp 0 0 blackstaff.ssh 192.168.1.4.18447 ESTABLISHED tcp 0 0 blackstaff.ssh 192.168.1.4.21025 ESTABLISHED Active UNIX domain sockets AddressType Recv-Q Send-Q Inode Conn Refs Nextref Addr Segmentation fault No core file seems to be left behind. netstat is setgid kmem Anyone else seeing this? Yup (fresh i386). -- jca | PGP : 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Full disk encryption and hibernate on amd64
Tomas Bodzar tomas.bod...@gmail.com writes: On Thu, Oct 24, 2013 at 2:14 PM, David Coppa dco...@gmail.com wrote: On Thu, Oct 24, 2013 at 2:02 PM, Jiri B ji...@devio.us wrote: Hi, after I read mlarkin@'s report on Undeadly.org[1] about hibernation, I've got curious question. How does it work with full disk encryption (FDE) which OpenBSD offers? [1] http://undeadly.org/cgi?action=articlesid=20131024092852mode=expandedcount=0 jirib It does not work, afaik mmm yesterday installed my laptop Dell E6320 with -current amd64 including whole disk encrypted with softraid and was able to do zzz either in console or X just fine including resume. This is about ZZZ. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: IRC
Just for the record: the freenode #openbsd irc channel isn't the official irc channel of the OpenBSD project. We don't care about what happens there. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Sorry OpenBSD people, been a bit busy
John Long codeb...@inbox.lv writes: On Wed, Oct 09, 2013 at 12:41:07PM +0100, sbienddr...@googlemail.com wrote: Am I being monitored for receiving these emails? No, you're being monitored for using google, stupid. Please follow Peter's advice: On 10/09/13 12:18, Peter Hessler wrote: This has gotten massively off topic. Can we please let the thread end here? Did anybody consider the possibility Theo didn't start this thread? The email headers looked ok at a quick glance but that didn't sound very much like him. He did. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: GNOME on OpenBSD 5.3 amd64
obsd, cgi obsd...@postafiok.hu writes: I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on VirtualBox), see the howto below. But after the howto, reboot, startx with a normal user: https://i.imgur.com/MaT8lcW.png Xorg.0.log https://pastee.org/p8ppa # original: http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-display-manager-on-openbsd-4-8/ External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below. --- when installing: -g* --- echo 'export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' ~/.profile; . ~/.profile pkg_add -i -vv gnome-session gdm # if there was Can't install foo message, try the pkg_add line again --- vi /etc/rc.local Append/modify the following lines in /etc/rc.local: if [ -x /usr/local/sbin/gdm ]; then echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) fi --- echo 'exec gnome-session' /root/.xinitrc; chmod +x /root/.xinitrc exit echo 'exec gnome-session' .xinitrc; chmod +x .xinitrc --- pkg_add -i -vv metacity pkg_add -i -vv gnome-panel pkg_add -i -vv nautilus --- vi /etc/rc.conf.local Append/modify the following lines : xdm_flags=NO gnome_enable=YES gdm_enable=YES --- pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus gnome-settings-daemon gnome-themes-standard # for some reason, these aren't found: gnome-themes-extras gnome-utils gnome-applets2 gnome-system-monitor gnome-nettool --- So the question is anybody has a working howto for installing GNOME on OpenBSD? Just so that Antoine doesn't feel forced to send another mail about this recurring subject: pkg_add gnome, *read* the various readmes, don't use virtualbox. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: GNOME on OpenBSD 5.3 amd64
obsd, cgi obsd...@postafiok.hu writes: Hi! External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below. -- I went to openbsd.org, typed GNOME in the search form: - the first hit was a PDF from 2007 - all the remaining were regarding packages Very few (if any) external software packages are documented on the website. What now? Can you please point out where is the official GNOME install documentation for 5.3? or no one uses GNOME with 5.3 on the misc list? pkg_add gnome, *read* the various readmes, ... The OpenBSD-specific documentation is either printed on screen at pkg_add time or installed at /usr/local/share/doc/pkg-readmes/$package (you *need* to read. pkg_add doesn't spit out information for fun). ps.: I found that other people have problems with GNOME on 5.3, maybe it's a bug? ( http://community.spiceworks.com/topic/349701-gnome-on-openbsd-5-3-amd64 ) I don't think this page is of any value, neither for the OpenBSD porters nor for you... Thanks UPDATE: oh, ok I just read the bottom part: don't use virtualbox. - so the bug comes out when using virtualbox?, ok, Thanks! I will try it with other VM's or directly! Getting an accelerated Xorg using virtualbox is afaik not possible. If you want gnome-shell, don't use vb or a non-intel graphics card (on 5.3, that is). [...] -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: [OT] quotes speedup sed
Denis Fondras open...@ledeuns.net writes: Hello all, Hi, This afternoon I stumbled upon a weirdness I can't explain. I hope some misc-guru can give a clue. I was parsing a 45kB html document on my OpenBSD 5.3 with the help of sed to extract a value and it was awfully slow. Quoting the input string gave it a real boost : $ time echo $webpage | sed -n -r 's/(.*)\token\:\([a-zA-Z0-9]+)\(.*)/\2/p' 0m0.19s real 0m0.00s user 0m0.00s system $ time echo $webpage | sed -n -r 's/(.*)\token\:\([a-zA-Z0-9]+)\(.*)/\2/p' 2m14.39s real 2m12.95s user 0m0.00s system What could be the explanation ? Without the quotes the shell performs splitting, maybe ksh(1) is a bit slow at this... I'd rather download the page to a temp file rather than put that stuff into memory. Doing the same with GNU sed is instantaneous in both case (quoted/unquoted). Just by replacing sed by gsed, on the same system? Thank you in advance, Denis -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: OpenBSD5.3/PF Settings help request
Hi, Adelin Balou adelin.ba...@etu.univ-valenciennes.fr writes: [...] Please find attached my pf.conf file. [...] [demime 1.01d removed an attachment of type application/octet-stream which had a name of pf.conf] No attachment allowed here. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: python
Stefan Wollny stefan.wol...@web.de writes: Hi there! Hi, As some of you might have noticed I had recently some issues with my ancient IBM/lenovo T60 (10 years young and still running; ye). Tonight I reinstalled my system to 5.4-current #62. When installing all those packages needed on any decent desktop I stumpled upon python: One package had a dependency to python-2.7.5 and provided the advice if this version is going to be the system-wide python-installion to make the relevant symlinks. But: At least one other package (libreoffice) requires python-3.3.2 . Now what is the best way to go: (1) Do nothing as the packages will use the python-version they need. (2) Set symlinks to python-2.7.5 (3) Set symlinks to python-3.3.2 Any hints, advices, remarks? Ports are patched to use the versioned python executables / ressources. Thus you are free to do whatever pleases you. Thank you for your time to read and Thank you if you reply. Regards, STEFAN P.S.: When writing this the system crashed for the first time after re-installing! 'crashed' means the system entirely stopped responding! How can I provide ANY information on such a behaviour? (claws-mail had made a backup-copy of my writing, except the P.S., of course) http://www.openbsd.org/report.html -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: cvsync, rsync
hru...@gmail.com writes: Alexander Hall alexan...@beard.se wrote: Marc already anwered all your questions. Let me quote it. Fuck off The most brilliant answers of the experts: [...] Those people, that you qualify as experts, have spent hours reading and answering your mails. I bet you're pretty happy with this, yet I fail to understand what's your goal. You're wasting our time because you fail to understand what people are telling you; this time could be otherwise used to improve OpenBSD. This is harmful, can you get it? Fuck off? In my opinion you deserve way more harsh insults. You wanted a troll, you got it, now can you please let this list improve its signal/noise ratio? -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: More detailed information about last commands executed than lastcomm
Wiesław Kielas wieslaw.kie...@bluemedia.pl writes: Dear misc@, Is there any way to get information about last commands executed on a OpenBSD machine? I'm interested in getting the command name along with arguments passed to it. From what I gathered so far, lastcomm can't show command arguments - is there any way/other tool which can do that? Seems like there's nothing in sys/acct.h for storing cli args. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: fvwm in base [was: X -configure segmentation fault]
James Griffin j...@kontrol.kode5.net writes: * Thomas Adam tho...@xteddy.org [2013-09-12 10:17:56 +0100]: On 12 September 2013 06:10, Carson Chittom car...@wistly.net wrote: Zoran Kolic zko...@sbb.rs writes: In fact, fvwm is in base part. A while ago, there was a message to misc from the fvwm developer about relicensing fvwm to allow a more recent version into base. I wonder if there is any status update? That is I. Unfortunately, FVWM cannot be relicensed. -- Thomas Adam If it can't be relicensed so an up-to-date version can be included in the base distribution then is there much point in it being there at all? People can simply use the package/port to install a supported version and the base distribution can simply have cwm as its main wm. Lots of people use the base fvwm. Which works fine for them, even if older. Also fvwm is easier to work than cwm when you don't know either. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: pkg_add hung?
Jeffrey Walton noloa...@gmail.com writes: On Sun, Sep 15, 2013 at 6:24 AM, Jeffrey Walton noloa...@gmail.com wrote: On Sun, Sep 15, 2013 at 6:21 AM, Maxime o...@mxher.fr wrote: Le 15/09/2013 12:08, Jeffrey Walton a écrit : Before I spend my time and the list's time on this issue, I've read 15.1 and 15.2 from http://www.openbsd.org/faq/faq15.html#PkgMgmt. The command show at http://postimg.org/image/ke2g1wlb9/55c1891b/ attempted to install 'subversion'. Its been running for about 6 hours, so believe something is wrong. Obviously, my speculation could be (and likely is) wrong. I've searched for pkg_add hung. If the BSD folks call a hung program something else, please let me know so I can search for it. The docs state I will get an error. I have not received an error. What is the relevant man page or manual to rtfm? What should I do next? Which PKG_PATH are you using? Are you able to connect to the mirror? ftp://mirror.jmu.edu/pub/OpenBSD/ Mt bad. That was the mirror. Here's the full PKG_PATH (from the capture): ftp://mirror.jmu.edu/pub/OpenBSD/OpenBSD/5.3.packages/amd64/ (with the trailing slash). Try with http://, your network may be the culprit. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: rcsfile(5)
Jason McIntyre j...@kerhand.co.uk writes: On Sat, Sep 14, 2013 at 12:32:25PM -0600, Kyle R W Milz wrote: Hello misc@, Was reading through rcs manual pages and came across a reference to rcsfile(5) in the rcscan(1) and rcscmp(1) SEE ALSO sections however I can't seem to find it. Am I dense or is it missing? none of these files exist on a default install. you're maybe reading pages from another rcs implementation. ~$ man -w rcscmp /usr/local/man/man1/rcscmp.1 ~$ grep rcscmp /var/db/pkg/*/+CONTENTS /var/db/pkg/cvsync-0.24.19p2/+CONTENTS:@bin bin/rcscmp /var/db/pkg/cvsync-0.24.19p2/+CONTENTS:@man man/man1/rcscmp.1 ~$ -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: How does one use adduser in OpenBSD (stuck inEnter username[] loop)?
Jeffrey Walton noloa...@gmail.com writes: On Sat, Sep 14, 2013 at 7:08 PM, Martin Schröder mar...@oneiros.de wrote: 2013/9/15 Jeffrey Walton noloa...@gmail.com: I wanted to add myself to the sudo group. man sudo It appears to lack information on adding a user (I went through this man page before asking the question). Then, I went to the web and landed on an overflow page (I think its the 'meta' site, and not the 'stack' site). That's what took me to 'adduser'. man visudo I don't know vi. I do known emacs, but its not on this system so I can't edit /etc/sudo by hand. To make things clear: you should always use visudo(8). It does validation on the modified sudoers(5) file. And just like a lot of programs, visudo(8) respects the VISUAL and EDITOR environment variables. So you're not forced to use vi(1), the base system also ships with ed(1) and mg(1). I tried to add emacs through pkg_add, but it appears broke. Surely emacs has been ported to every *nix system in existence, so its baffling (to me) the package manager cannot find it. I am the emacs package maintainer. If you encounter problems not documented by the README, please send a mail to po...@openbsd.org, with a full description. man adduser I tried `adduser jwalton sudo`, and it did not work even though the command looks well formed. I got the command from the overflow site. man group Does not appear applicable. I want to add a user to a group, and not create or delete groups. adduser is not a standardized command, you can't expect it to behave the same way as it does on some other OSes. Just stating a fact. And 'usermod -G sudo jwalton' does not work, either. It errors with Can't append group sudo for user jwalton. $ getent group sudo $ # no output There is no group named `sudo' in the default install, though you can add one. On the other hand, just use visudo(8) and read the bits about the wheel group. This stuff really should not be this hard... You're on a different OS now, some things stay the same, some change. On the plus side the documentation is quite extensive. Manpages, the FAQ and other pieces of information are a big concern here, so make use of them. Have fun. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: How does one use adduser in OpenBSD (stuck inEnter username[] loop)?
Jeffrey Walton noloa...@gmail.com writes: Thanks Shawn. Sorry to go offlist. So, I'm trying to do some initial testing. I'm on a MacBook with OpenBSD in a VM. All I want to do is run my compiler over some source files. Parallels? MacBooks have a funky keyboard, and when I try to use visudo to move the cursor around, some of the arrow keys don't work. Not to mention the DELETE key (or the key combinations I know to use to simulate delete). visudo responds with ^? is not valid. I'm sure I'll have that file corrupted shortly. The vi(1) editor in base doesn't behave the same way as vim wrt. some keys. export EDITOR=mg and profit. I really don't get why this shit is so f**k'ing difficult. How is running around with a root terminal open more secure than exec'ing one command under sudo??? No one said it was more secure. As I already said in another mail, you can't meet a new OS and expect everything to work as you think they should. Thanks for the advice. Jeff On Sat, Sep 14, 2013 at 7:53 PM, Shawn K. Quinn skqu...@rushpost.com wrote: On Sat, Sep 14, 2013, at 06:47 PM, Martin Schröder wrote: 2013/9/15 Jeffrey Walton noloa...@gmail.com: man visudo I don't know vi. I do known emacs, but its not on this system so I Then learn it. This is unix. You really should use visudo to edit /etc/sudoers, not an editor. Note that you can configure visudo, vipw, and vigr to use an editor besides vi. It's possible to get by on Unix without knowing vi, I did so on GNU/Linux systems for most of 4 years, but I finally broke down and figured it out and promptly realized it wasn't as hard as it had been made out to be. -- Shawn K. Quinn skqu...@rushpost.com -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: How does one use adduser in OpenBSD (stuck inEnter username[] loop)?
Jeffrey Walton noloa...@gmail.com writes: On Sat, Sep 14, 2013 at 10:08 PM, Philip Guenther guent...@gmail.com wrote: On Sat, Sep 14, 2013 at 7:00 PM, Jeffrey Walton noloa...@gmail.com wrote: ... Yeah, I should have taken a screen capture. I don't use the mail program too often (its been years since I've had to), so it was not a priority. Screen capture? In order to convey what was presumably a one line error message? If cut-n-paste won't work, might I suggest just (carefully) typing it? Yes, I'm lazy like that. Plus it removes any ambiguity. Side note: it's lost on me why you're unable to run the compiler because of tangles with adduser/sudo/whatever. Oh, that's my own doing. I need to install wget and subversion to fetch the sources. Plus, I want to see how a Clang 3.3 build goes. (Compilers and software engineering are my business, not system administration). $ su - Password: # pkg_add subversion llvm That's it. You're not into system adminstration yet you want to do unneeded configuration when you have a precise goal. What do you expect? Re wget, there is ftp(1). That's already a lot of mails and a lot of attention for what is a rather simple problem. Just have a break. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Exploits
Andy a...@brandwatch.com writes: On first look I couldn't see the exploit in that old PDF being listed on the errata's. Maybe I'm being blind ;) Or maybe you need to take a second look (010). The security problem is described, a workaround and a patch are available. Publishing an exact how-to-reproduce-and-expoit-a-bug isn't one of the the responsibilities of the OpenBSD project, afaik. On Sat 07 Sep 2013 19:45:38 BST, Greg Thomas wrote: Does this document still hold any truth with current OpenBSD; Come on, really? http://www.openbsd.org/errata40.html On Sat, Sep 7, 2013 at 8:13 AM, andy a...@brandwatch.com wrote: Hi everyone, I have a feeling that I may get some strong opinions on this question, so please don't flame me or anything, I'm asking because I don't know. Does this document still hold any truth with current OpenBSD; https://www.blackhat.com/presentations/bh-usa-07/Ortega/Whitepaper/bh-usa-07-ortega-WP.pdf Cheers, Andy. Ciao, -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: mdoc(7) .Sq Fl for a dash
Hi, Jason McIntyre j...@kerhand.co.uk writes: On Tue, Jul 16, 2013 at 12:36:32AM +0200, Jérémie Courrèges-Anglas wrote: Fl may seem wrong because we're talking about an argument, but I don't think a bare `-' (a hyphen) would be better. We're talking about an ascii minus sign here; mandoc_char(7) says a minus sign can be obtained with \- . it's not a minus sign. it's a literal -. I was thinking encoding-wise: you're typing an ascii minus sign, at the cli. If you have a man/mdoc formatter that distinguishes hyphens and minus signs, it could produce different output for those, and you would not be able to copy-paste examples. Maybe mandoc doesn't, but groff can (some distros even disabled this behavior). i'm not sure i follow. the differing widths of - will only happen if you add mark up. I'm not saying we should add markup, but that some occurences of - should be converted to \-. They do not have the same meaning. i'm arguing to remove it. That would be a step backwards, I think. a literal -, with no mark up, can be copied/pasted no matter what the output format. well, i say this without actually having tried it. Nope, and that's the whole point: you'd have to try it with mandoc, several versions of groff (possibly with local patches), heirloom troff, using different input *and* output formats *and* different locales. but if you can;t, something is not right. Well, I think I understand that one that may prefer a hyphen or an em-dash to be represented differently from a minus sign. Be it on tty, or an ps or an html document. if you add markup (you suggested \-), I suggested using \- because that's the sequence documented as producing a minus sign. See mdoc_char(7), groff_char(7). then the width will vary for output formats such as postscript. that might stop you being able to paste (though again i've never tried). ... \- is afaik treated correctly in all the cases I described above, except for a very small number of groff versions, when in an UTF-8 locale or using ps/pdf (there you can get an unicode minus sign). This case was quickly fixed. You can see lots of reports about all these problems on the WWW. Now if you think \- is wrong for a command-line flag, a litteral - argument, or inside a command name, tell this to Ingo, since that's what is produced by a Fl inside mandoc. ;) jmc -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: mdoc(7) .Sq Fl for a dash
Jason McIntyre j...@kerhand.co.uk writes: On Mon, Jul 15, 2013 at 07:53:04PM +0200, Jan Stary wrote: Some of the manpages, e.g. crontab(1), markup the folklore phrase named file, or standard input if the pseudo-filename `-' is given as named file, or standard input if the pseudo-filename .Sq Fl is given. Is this correct semantic markup? IMHO not: it just abuses the fact that the flags (Fl) happen to start with a dash; but that's not what is meant here; this is not a flag; it is the literal dash that is recognized in place of a filename. Then it is an argument (Ar). So I believe it should be simply .Sq - Right? See below. The diff below replaces those occurences that a grep revealed for me in /usr/share/man; Another grep reveals that most other manpages actually use .Sq -. I left out oldrdist(1) and shutdown(8) where it _is_ actually a flag and the code processes it as such. Jan ok, i agree with this. Fl seems wrong. however there's some ambiguity, for me anyway - do oldrdist and shutdown actually process - differently, or do the manuals talk about them differently? Fl may seem wrong because we're talking about an argument, but I don't think a bare `-' (a hyphen) would be better. We're talking about an ascii minus sign here; mandoc_char(7) says a minus sign can be obtained with \- . I wonder about cat(1) using .Pq Sq \- is that really telling mandoc to treat it as a minus sign? What about: .Pq Sq Ar \- for oldrdist, - is actually the argument to -f. so it's not an option, as far as i can see. just the manual seems to blur things by documenting If either the -f or `-' option is not specified, whereas above, the text suggests -f- or -f - is how it would work. Yup, sounds weird. The text above is right, the next sentence should be changed. Why not: If the .Fl f option is not specified, the program looks first for... I've just discovered oldrdist, btw. I hope tedu isn't reading this mail. :) similarly, look at cat(1): If file is a single dash (`-') or absent, cat reads from the standard input. no mention of - in SYNOPSIS. but shutdown(8), which lists - in SYNOPSIS: If `-' is supplied as an option, the warning message is read from standard input. shutdown.c uses '-' in its getopt string, so that it can be passed before (and probably between) other options (see SYNOPSIS). This does not match the way most utilities from the base system handle options and arguments, so I think the current wording is ok (see getopt(3), STANDARDS). so, it looks like oldrdist and shutdown are just talking about - differently to other manuals, but not behaving differently to other apps. i.e. we should tweak oldrdist and shutdown too. can anyone confirm if there is a technical difference (and, if there is, does it translate into practical difference for users)? Both use it as read input from stdin, but I think only oldrdist needs a tweak. jmc Index: src/libexec/getty/getty.8 === RCS file: /cvs/src/libexec/getty/getty.8,v retrieving revision 1.13 diff -u -p -u -p -r1.13 getty.8 --- src/libexec/getty/getty.831 May 2007 19:19:39 - 1.13 +++ src/libexec/getty/getty.815 Jul 2013 17:42:42 - @@ -55,7 +55,7 @@ is the special device file in .Pa /dev to open for the terminal (for example, ``ttyh0''). If there is no argument or the argument is -.Sq Fl , +.Sq - , the tty line is assumed to be open as file descriptor 0. .Pp The Index: src/usr.bin/diff/diff.1 === RCS file: /cvs/src/usr.bin/diff/diff.1,v retrieving revision 1.41 diff -u -p -u -p -r1.41 diff.1 --- src/usr.bin/diff/diff.1 20 Jan 2013 11:19:12 - 1.41 +++ src/usr.bin/diff/diff.1 15 Jul 2013 17:42:53 - @@ -331,7 +331,7 @@ If either or .Ar file2 is -.Sq Fl , +.Sq - , the standard input is used in its place. .Ss Output Style Index: src/usr.sbin/cron/crontab.1 === RCS file: /cvs/src/usr.sbin/cron/crontab.1,v retrieving revision 1.28 diff -u -p -u -p -r1.28 crontab.1 --- src/usr.sbin/cron/crontab.1 31 Jan 2011 19:13:31 - 1.28 +++ src/usr.sbin/cron/crontab.1 15 Jul 2013 17:42:57 - @@ -48,7 +48,7 @@ they are not intended to be edited direc .Pp The first form of this command is used to install a new crontab from some named file, or standard input if the pseudo-filename -.Sq Fl +.Sq - is given. .Pp If the -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: mdoc(7) .Sq Fl for a dash
Jason McIntyre j...@kerhand.co.uk writes: On Mon, Jul 15, 2013 at 11:34:53PM +0200, Jérémie Courrèges-Anglas wrote: Jason McIntyre j...@kerhand.co.uk writes: On Mon, Jul 15, 2013 at 07:53:04PM +0200, Jan Stary wrote: Some of the manpages, e.g. crontab(1), markup the folklore phrase named file, or standard input if the pseudo-filename `-' is given as named file, or standard input if the pseudo-filename .Sq Fl is given. Is this correct semantic markup? IMHO not: it just abuses the fact that the flags (Fl) happen to start with a dash; but that's not what is meant here; this is not a flag; it is the literal dash that is recognized in place of a filename. Then it is an argument (Ar). not really. Ar represents an argument name - this is a literal argument. That makes sense. it should therefore be Li, but because the markup on a single character is hard to spot, we use Sq. there is a Ql macro which does the right thing, but the effect would be the same as using Sq. Sq is probably best, i think. So I believe it should be simply .Sq - Right? See below. The diff below replaces those occurences that a grep revealed for me in /usr/share/man; Another grep reveals that most other manpages actually use .Sq -. I left out oldrdist(1) and shutdown(8) where it _is_ actually a flag and the code processes it as such. Jan ok, i agree with this. Fl seems wrong. however there's some ambiguity, for me anyway - do oldrdist and shutdown actually process - differently, or do the manuals talk about them differently? Fl may seem wrong because we're talking about an argument, but I don't think a bare `-' (a hyphen) would be better. We're talking about an ascii minus sign here; mandoc_char(7) says a minus sign can be obtained with \- . it's not a minus sign. it's a literal -. I was thinking encoding-wise: you're typing an ascii minus sign, at the cli. If you have a man/mdoc formatter that distinguishes hyphens and minus signs, it could produce different output for those, and you would not be able to copy-paste examples. Maybe mandoc doesn't, but groff can (some distros even disabled this behavior). I wonder about cat(1) using .Pq Sq \- is that really telling mandoc to treat it as a minus sign? What about: .Pq Sq Ar \- the \ is wrong, yes. but so is Ar [...] -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: mdoc(7) -width description
Jan Stary h...@stare.cz writes: The mdoc(7) manpage says about .Bl that The -width and -offset arguments accept scaling widths as described in roff(7) or use the length of the given string. The words width or offset do not appear anywhere in roff(7). You're looking at the roff(7) manpage that comes with groff. Your pager probably prints /usr/local/man/cat7/roff.0 at the bottom of your screen. You could use man -a and then enter :n to get the base manpage. A description of the often seen 'Ds' is given in the .Bd section, but again it points to roff(7) for the complete description, which is not there. Is that meant to be another roff-related manpage from base? Or groff(7)? Jan -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: days of the month
Max Power open...@cpnetserver.net writes: Hi, Hi. Please stop using all-caps mail subjects. o.s.: OpenBSD 5.3/amd64 If I create a directory with the command: mkdir $(date +'%d') You'd better put double quotes around your command substitutions rather than simple quotes around fixed, non-special strings: $(date '+%d') why this is the result: 1, 2, 3, 4, 5, 6, 7, 08, 09, 10, etc. Why the '0' [zero] appears only ahead the digit 8 and 9..? You must have done something wrong: $ date -j +%d 2013701 01 $ See strftime(3). -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: days of the month
Max Power open...@cpnetserver.net writes: You must have done something wrong: I have not done anything. Hey, you must have done *something*. Else you wouldn't be reporting about it. You just don't want to tell us *exactly* what you've done. The system is the default installation. I'm not saying that you have fucked up your system. You'd better put double quotes around your command substitutions rather than simple quotes around fixed, non-special strings: $(date '+%d') Ok, but why the command: mkdir $(date +'%d') after the digit 7 works fine? If you showed us the actual commands you use, we wouldn't have to guess. To further explain what Jan said in an earlier mail: somewhere in your script the number output by date(1) is interpreted while in an arithmetic context, where numbers starting with '0' are interpreted as octal, and their leading zero gets trimmed. But this doesn't happen for 08 and 09 which aren't valid octal numbers. ~$ v=03; v=$(($v)) ~$ echo $v 3 ~$ v=08; v=$(($v)) ksh: 08: bad number `08' ~$ echo $v 08 ~$ Hence the reference to August, where scripts that have worked fine so far start failing with weird error messages. If I insert the date manually then it works fine - example: # date 20130707 Now I can say that you're trying to fuck up your system. :) but no by default. Why? thanks -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: IDE disk erasing/zeroing at ~2.4MB/s
Nathan Goings binarysp...@binaryspike.com writes: I have a disk -- IIRC, Seagate Barracuda 160gb 7200RPM 8MB Cache SATA 3.0GB/s dmesg: wd0 at pciide0 channel 0 drive 0: ST3160811AS wd0: 16-sector PIO, LBA48, 152626MB, 312579695 sectors wd0 (pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 However, when I run `dd if=/dev/zero of=/dev/wd0c bs=1M' After 3-4 hours, it's only running at ~2.4MB/s. CPU usage is about 30%. See other replies. First, shouldn't SATA drives be sd0? (Looked in BIOS, can't find any SATA-to-IDE options enabled) Second, what can I do to speed it up? or troubleshoot it at least? See pciide(4). My day-to-day laptop has the same drive controller, previous BIOS versions had a switch to choose SATA but they removed it. *shrug* -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: bsd.regress.mk: detect core dumps
Sergey Bronnikov este...@gmail.com writes: Imho test should FAIL in case coredump was detected. I don't think that's a good idea; the current test (checking the exit status of the child make process) looks enough to me. If a test doesn't fail when a program dumps core then either the test should be fixed... or it may do so on purpose. --- bsd.regress.mk_ Sun Jun 30 15:32:02 2013 +++ bsd.regress.mk__ Sun Jun 30 15:46:04 2013 @@ -98,7 +98,7 @@ # XXX - we need a better method to see if a test fails due to timeout or just # normal failure. . if !defined(REGRESS_MAXTIME) - ${_SKIP_FAIL}if cd ${.CURDIR} ${MAKE} ${RT}; then \ + ${_SKIP_FAIL}if cd ${.CURDIR} ${MAKE} ${RT} ! (test -e *.core); then \ ~$ ! (test -e a.core b.core); echo $? ksh: test: b.core: unexpected operator/operand 0 ~$ Also core dumps may not sit in the current directory. echo -n SUCCESS ${_REGRESS_OUT} ; \ else \ echo -n FAIL ${_REGRESS_OUT} ; \ Regards, -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: HTTPD2 script problem
Some people say you ask noob questions; I'm 99% certain that you're just making fun of us, but let's try... - man rc.d - http://www.openbsd.org/faq/faq10.html#rc Please read this *carefully*, all you need to know is there; please keep that in mind the next time you have a question, or you'll just get ignored. Ciao, -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: libfaac in ffmpeg on OpenBSD
Peter J. Philipp p...@centroid.eu writes: I made a patch to /usr/ports/graphics/ffmpeg but it needs fixing up to integrate it into the ports. However my patch works, which is awesome. The patch is uuencoded here: http://emea.centroid.eu/blog/index.php?article=1370984565 Perhaps we can see this in OpenBSD 5.4? Then I don't have to recompile ffmpeg. OK, the legal issue has already been dealt with by Stuart. I hesitated replying to you privately, but I think proposals like this one should be avoided. On the technical side, your patch should have added audio/faac to LIB_DEPENDS. But about the method... - your mail should probably have been sent to ports@, not misc@ - your mail could easily include an inlined diff (an attachment is also possible on ports@). Instead here one should go to a website, copy/paste some text, uudecode it... wait - your diff is not based on -current, patching fails - any explanation other than I need this or go to ShitOverflow for the details? As a side not I don't even know what the heck is an Apple TV and I don't really care about that... -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: libfaac in ffmpeg on OpenBSD
Peter J. Philipp p...@centroid.eu writes: On 06/12/13 12:38, Jérémie Courrèges-Anglas wrote: Peter J. Philipp p...@centroid.eu writes: I made a patch to /usr/ports/graphics/ffmpeg but it needs fixing up to integrate it into the ports. However my patch works, which is awesome. The patch is uuencoded here: http://emea.centroid.eu/blog/index.php?article=1370984565 Perhaps we can see this in OpenBSD 5.4? Then I don't have to recompile ffmpeg. OK, the legal issue has already been dealt with by Stuart. I hesitated replying to you privately, but I think proposals like this one should be avoided. On the technical side, your patch should have added audio/faac to LIB_DEPENDS. But about the method... - your mail should probably have been sent to ports@, not misc@ - your mail could easily include an inlined diff (an attachment is also possible on ports@). Instead here one should go to a website, copy/paste some text, uudecode it... wait - your diff is not based on -current, patching fails - any explanation other than I need this or go to ShitOverflow for the details? As a side not I don't even know what the heck is an Apple TV and I don't really care about that... Since there was a legal thing the issue is closed. However you're just nagging. Fine, I thought I was trying to be helpful, but after reading again my reply I admit that I shouldn't have wrote the last sentence. Sorry if you felt offended. I enhanced the OpenBSD port You did not. and thought I'd share, your response will make me keep these things secret in the future. I'd like to tell you that's a shame, but then I wouldn't be honest. Have a nice day, -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: obsd 5.3 and openldap
Friedrich Locke friedrich.lo...@gmail.com writes: Hi folks, Hi, may someone in the list tell me if with obsd5.3 openldap supports hdb or even bdb. Weren't you the one that requested adding support for mdb on ports, a while ago? I thought you knew. :) Since i do need to get a directory service and have no knownledge on openldap internals, i come to you in order to suggest how could i help in order to get mdb supported by OpenBSD Ports OpenLDAP. As far as I understand it, I can see three possible solutions: - switch to ldapd(8) - fix the bdb/hdb code in OpenLDAP so that it works on OpenBSD - nag the OpenBSD developers so that they implement Unified Buffer Cache, or even better, just do it. I don't understand that stuff but I'm sure that isn't easy... As far as i know, openldap in openbsd ports is broken. Can't really answer this. Do you mean anything openldap, or just slapd / the slap* tools? Thanks you all. gustavo. -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Ruby on Rails and the chrooted nginx(8)
Charles Rapenne charles.rape...@gmail.com writes: Hi Please someone correct me if I'm wrong, but I don't think using Nginx with chroot is useful when dealing with proxy_pass or fastcgi application. There's still the possibility that a nginx worker is compromised. If your RoR app is compromised, it won't be chrooted as it's not running in a chroot. All nginx will do is serving static files. Not that I know how easy it is to do so with Rails, but nothing prevents you from running your fastcgi processes inside a chroot. Regards 2013/6/9 openda...@hushmail.com: Hi, Is anybody here running Ruby on Rails in the chrooted nginx(8) and know if it's worth the hassle? I notice the docs saying: Some applications are pretty simple, and chroot(2)ing them makes sense. Others are very complex, and are either not worth the effort of forcing them into a chroot(2), or by the time you copy enough of the system into the chroot, you have lost the benefit of the chroot(2) environment. -- http://www.openbsd.org/faq/faq10.html#httpdchroot O.D. -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Why is there no pkg_find(1)?
openda...@hushmail.com writes: Hi, Why is there no pkg_find(1)? Because pkg_info -Q probably does what you need. Having to grep ones FTP mirror or download the entire ports tree to do a make search doesn't seem like such a good idea. There's [snip]/pkg_find.html -- what do you guys think of that? My grandma would write more elegant and correct shell scripts. -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Header files for C/C++ development
eatg75 eat...@hotmail.com writes: Hi there I am 'experimenting' with OpenBSD and pondering to switch from Linux to OpenBSD, I have installed OpenBSD in a virtual machine and during the installation I did not select the comp53 package when I rebooted and installed clang a tried to compile a simple hello world in C and I got errors saying 'stdio.h file not found' and I searched in both /usr/include and /usr/local/include for stdio.h but I didn't find it (and /usr/include is empty). I searched in the 'misc' mailing list for similar threads all way back to 2001 but I didn't find nothing helpful. Can someone help me. wild guess: try to install comp53.tgz PS: Forgive me for my newbieness and thanks anyway. -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: bug in ksh tab complete
Ted Unangst t...@tedunangst.com writes: [...] If ksh is going to treat : as magic, then it needs to escape it when autocompleting. (step 2 above) I do agree, but... why should ':' be special? -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: bug in ksh tab complete
Philip Guenther guent...@gmail.com writes: On Mon, Jun 3, 2013 at 9:29 AM, Jérémie Courrèges-Anglas j...@wxcvbn.org wrote: Ted Unangst t...@tedunangst.com writes: If ksh is going to treat : as magic, then it needs to escape it when autocompleting. (step 2 above) I do agree, but... why should ':' be special? So that things like PATH=/usr/local/bin:/usr/btab and scp target:/etc/passtab will autocomplete the paths to the right of the colon. Makes sense. I don't remember having relied on that behaviour. -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: inotify for BSD?
Doesn't kqueue() fit your needs? -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: inotify for BSD?
Peter J. Philipp p...@centroid.eu writes: On 05/15/13 13:41, Jérémie Courrèges-Anglas wrote: Doesn't kqueue() fit your needs? Thank you for your reply, I've never used kqueue before, does this only report events on descriptors that have been opened? I think so. I'm wondering if an implementation is done to recurseively watch directories in inotify (as written about in the limitations), then it would require a lot less filedescriptors even for kqueue correct? And thus make monitoring a filesystem's events a lot more efficient? As is, kqueue() won't monitor a directory tree recursively. But there are examples of kqueue() use; see for example the sysutils/gamin ports (also devel/glib2 uses it for GIOs, I think). -peter -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: ARK-2120L
Hugo Osvaldo Barrera h...@osvaldobarrera.com.ar writes: Hi, Hi, I'm intending on getting a ARK-2120L [1] to server as a gateway for my network. I've been doing some research as to whether or not it'll work on OpenBSD. So far I've evaluated: CPU (Intel Atom, should work fine). LAN (82583V, is listed as working with em). However, I'm curious as to whether I should take something else into consideration, in particular, the chipset. Do I need to check for some other driver compatibility, or should that be it? The datasheet doesn't provide much information except supported by Linux 2.6. Do thing like the USB chipset require a specific driver, or is that sort of stuff standard? (sorry, I'm a bit ignorant on this regard). I wouldn't worry about USB. I'm also slightly curious about the video driver. I don't care about X, or video acceleration, since I'll only use video for OpenBSD installation, nothing else. Should video work for any modern video card, even if only at a very poor resolution? Or do I still need to be careful about driver support? This model has four serial ports, that would probably be nicer than needing a screen and a keyboard. [1] http://www.advantech.com/products/ARK-2120L/mod_BD7B04DE-B994-4D74-96DE-21CDB 3F8158B.aspx [2][PDF] http://cms.tempel.es//adimage.php?filename=9_015551.pdfcontenttype=pdf Thanks, -- Hugo Osvaldo Barrera [demime 1.01d removed an attachment of type application/pgp-signature] -- Jérémie Courrèges-Anglas PGP Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: sendmail stops remote delivery when PTR for local IP points to domain-part
Paul de Weerd we...@weirdnet.nl writes: For the sendmail heroes out there... Let's say I have the following in DNS: $ORIGIN example.com. @ IN MX 10 mx1 @ IN A 192.0.2.1 @ IN 2001:db8::1 mx1 IN A 192.0.2.2 mx1 IN 2001:db8::2 www IN A 192.0.2.1 www IN 2001:db8::1 $ORIGIN 2.0.192.in-addr.arpa. 1 IN PTR example.com. 2 IN PTR mx1.example.com. $ORIGIN 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa. 1 IN PTR example.com. 2 IN PTR mx1.example.com. (assume there's SOA and NS records too, they're not relevant to the question) Now on machine 'www.example.com' (this is the hostname set in /etc/myname) I would like to send e-mail to x...@example.com. However, sendmail ignores the MX record and attempts local delivery (which fails, because 'xxx' is not a local user). There's a ton of ways to solve this: - get rid of sendmail - change PTR records to www.example.com I'd really go with this. - relay all mail via a smarthost (e.g. mx1.example.com) - rewrite to @mx1.example.com and fix on mx1 - run a local resolver that lies about PTRs - ... However, I'd like to not do any of these but simply instruct sendmail to ignore what PTRs are saying local IPs are called. I don't want to make an exception for whatever happens to be in PTR, my sendmail config is vanilla OpenBSD defaults and I expect all mail to be delivered according to what's in DNS (except for mail to www.example.com, the actual hostname (although I'd be interested to learn how to do the same for mails directed @www.example.com)). Can anybody think of a way to achieve this ? http://weldon.whipple.org/sendmail/removew.html discusses this and gives solutions. HTH Thanks, Paul 'WEiRD' de Weerd -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: strange bash (prompt) problem
MJ m...@netauth.com writes: Hi, Sometimes, maybe once ever 100 commands or so, I get the following type of error: [root@black socklog]# dmesg | less -bash: $'\302\240less': command not found Here you have an UTF-8 non-breaking space character. It is not reproducible, at least I don't know how to reproduce it. Hitting up arrow will reproduce it, but typing the command again will make it go away. It seems to only happen when piping output through something. Any ideas how to fix this? Don't type on both your AltGr and your Space key when you don't intend to. [root@black ~]# cat .bash_profile alias ll='ls -al' PAGER=less PATH=/usr/local/bin:/usr/local/sbin:$PATH PS1=[\u@\h \W]# LANG=en_US.UTF-8 PKG_PATH=http://ftp.funet.fi/pub/mirrors/ftp.openbsd.org/pub/OpenBSD/5.2/packages/i386 export PAGER PATH PKG_PATH PS1 LANG Thanks. -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: installer - moving sets location right after network for automated installation
Theo de Raadt dera...@cvs.openbsd.org writes: [...] The 5th word in your original email is we, and what you really mean to use there is the plural you. Is that a new theo.c entry? -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: 802.11n on obsd
Sean Shoufu Luo luosho...@gmail.com writes: Hi, Hi, Does OBSD support real 802.11n? It seems not. Although many 802.11n devices are claimed supported, 802.11n capability is mostly not excluded, like run(4), otus(4), urtwn(4). This has already been asked many times in the past. From the manpage of one of the wifi card drivers I use: CAVEATS The iwn driver does not support any of the 802.11n capabilities offered by the adapters. Additional work is required in ieee80211(9) before those features can be supported. The manpages you mention say the same. And, btw, how to find the official status page, for example, about supported hardward, the list provided in the page http://openbsd.org/i386.html seems not updated. www.openbsd.org and openbsd.org aren't the same machines, you should prefer the former. But they're in sync and both have this cvs Id on the i386.html page: $OpenBSD: i386.html,v 1.713 2013/01/30 09:47:46 kirby Exp $ I can't think of something both official and more and up-to-date. Regards, -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Millions of files in /var/www inode / out of space issue.
Jiri B ji...@devio.us writes: On Wed, Feb 20, 2013 at 12:32:02AM +0100, Matthias Appel wrote: And by talking of ZFS, why not consider ext3/4,reiser,xfs,jfs,ntfs,whatever-fs to be ported to OpenBSD? Where are the diffs? For example real improvement would be FAT/NTFS speed on OpenBSD, as it is much much slower than on Linux. Even with ''mount -o sync ...'' on the Linux side? -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: [obsd] Re: Assigning an IP address to a bridge
Nick Holland n...@holland-consulting.net writes: [...] While I personally love the Reboot and voila, I'm always concerned about how non-English/French readers would handle this -- does a Chinese person reading the FAQ understand this? I'm hopelessly monolingual, so maybe I worry about the wrong things here (and this from the guy who re-styled the FAQ as the Hitchhiker's Guide / Bugbuster's Guide, so what do I know? :) I just asked a chinese friend; he does agree with you, and proposed that's it!. but...good work, thanks! Yup, this is indeed a Frequently Asked Question. :) Nick. -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: hi OpenBSD
Robert Kopp wrote: almost cannot believe it..what do you think [url snipped] Robert Url shorteners are bad
Re: add a daemon user
Wesley M.A. open...@e-solutions.re writes: Hi, Hi To add a daemon user like for example _nginx : useradd -L daemon -d /var/empty -s /sbin/nologin -g =uid _nginx Is this enough ? [...] Depends. Your _nginx user will likely serve files, you don't want to put them in /var/empty, which is where other daemons chroot. Do you want to chroot? Why not use the www user? Why not use the devel nginx package, if you need a more recent version? -- Jérémie Courrèges-Anglas GPG Key Fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: OpenBSD/iwn(4) support for WPA2/PEAP/MSCHAPv2?
Reyk Floeter r...@openbsd.org writes: On Wed, Jan 23, 2013 at 5:41 PM, Erling Westenvik erling.westen...@gmail.com wrote: I need to connect my ThinkPad T500 running 5.2 current to the wifi network here at my university. E.g. the eduroam network which is available at most universities through, at least, Europe. After Googling around for a while I'm not sure whether OpenBSD yet has support for WPA2 and PEAP/MSCHAPv2. And if it does: if someone could provide me with a sample ifconfig? I haven't checked wpa_supplicant for a while, but you can find it in ports and some people actually seem to use it with OpenBSD. You can even find examples, the following is from a university in Germany (http://www.rz.rwth-aachen.de/aw/cms/rz/Themen/unsere_dienste/kommunikation/netzbetrieb/dienste/wlan/installation/~sib/openbsd/?lang=de): This webpage shows something that looks like a FreeBSD configuration, only with s/Free/Open/. network={ ssid=eduroam key_mgmt=WPA-EAP eap=TTLS identity=tim-acco...@rwth-aachen.de anonymous_identity=tim-acco...@rwth-aachen.de password=PASSWORT-FÜR-TIM-ACCOUNT ca_cert=/etc/certs/eduroam-chain.pem phase2=auth=PAP } But, again, I haven't tested it myself. I don't think they have either. :) Reyk -- Jérémie Courrèges-Anglas GPG Key Fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: OpenBSD/iwn(4) support for WPA2/PEAP/MSCHAPv2?
Erling Westenvik wrote: On Thu, Jan 24, 2013 at 08:57:50AM +0100, Alexander Hall wrote: When I need eduroam, I connect my android phone via usb/urndis and let the phone handle the WPA2 enterprise stuff. Yes, my Android phone connects to eduroam but I did not think about the possibility of connecting my laptop to the phone via usb. Would you mind to share your config for doing that? Last time I tried, it was like... - plug the usb cable - dhclient urndis0
Re: do we have a Perl interface to sysctl(3)?
Philip Guenther guent...@gmail.com writes: On Mon, Jan 14, 2013 at 1:16 AM, Jonathan Thornburg jth...@astro.indiana.edu wrote: FreeBSD has the BSD-Sysctl perl module available from CPAN, which would be ideal for my purposes... except that it doesn't (yet) support OpenBSD. So, uh, what fails if you try to build it? cpan output [...] OS unsupported (openbsd). Here's a nickel, go buy yourself a real OS. [..] Dunno why they stripped kid from this sentence, the meaning wouldn't have been much altered. 8) -- Jérémie Courrèges-Anglas GPG Key fingerprint: 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494