Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps

e mantra I developed, as my coworkers insisted on using (for instance) the React JS package that had "Exfil" as a dependency, was: "When in Rome." On Fri, Mar 29, 2024 at 4:44 PM wrote: > Luke A. Call writes: > > > > On 2024-03-29 09:01:07-0400, James Hu

Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps

Exfiltrator. There's an 11-letter word that starts with "ex". X11. On Thu, Mar 28, 2024 at 7:39 PM Luke A. Call wrote: > On 2024-03-28 17:28:56+0100, Jan Stary wrote: > > > (2) I've learned that X11 allows locally running malware to sniff the > > > keystrokes input to any other X11-using app

Re: pdftotext

pkg_info poppler-utils - Information for https://cdn.openbsd.org/pub/OpenBSD/7.5/packages/amd64/poppler-utils-24.02.0.tgz Comment: PDF conversion tools and utilities Description: This package contains xpdf-workalike command line utilities for getting information of

Re: "FollowSymLinks" equivalent in httpd?

d httpd by default runs chrooted to /var/www, so if you want to use absolute paths you will need to leave out /var/www. For example if you want c.txt to be a a symlink pointing to /var/www/htdocs/a.txt you could run ln -s /htdocs/a.txt symlink_file_name.txt -- James

Re: Manpages offline?

Awesome, thanks for the info! On Fri, Dec 22, 2023 at 4:09 PM William Demchick wrote: > Kia ora James, > > I believe that service is currently down for maintenance, with a > planned restoration in around 12 hours: > https://marc.info/?l=openbsd-tech=17030184061758

Manpages offline?

Hi, I'm not sure if this is the place for this, but I noticed that https://man.openbsd.org/ seems to be offline. Does anyone know if these manpages are hosted somewhere else, or maybe if this will be fixed? Thanks

relayd not retrying relay's server-side connections

forward to tls { keypair "falsifian.org" } } relay reverse_proxy_https_6 { listen on ::1 port 7201 tls protocol reverse_proxy forward to port 7203 forward to port 7204 } -- James

Re: How to set up a data disk of 4TB?

Perfect, thanks a lot. It worked like a charm. > On 9 Dec 2022, at 17:23, Crystal Kolipe wrote: > > On Fri, Dec 09, 2022 at 04:19:49PM +0000, James Johnson wrote: >> Hi all, >> >> I have installed an internal hard drive of 4TB. This drive will be use

How to set up a data disk of 4TB?

Hi all, I have installed an internal hard drive of 4TB. This drive will be used for storing data only. It will not contain the OpenBSD system itself. Knowing the limitations of MBR, I have opted for a GPT partitioning system : fdisk -A sd0 Following this, I am trying to add the partition with

Re: Configure OpenBSD for remote server rarely used

Ah, pretty cool, I'll keep it in mind for my next project ;) On 28.11.2022 10:36, Bodie wrote: And if you really need low consumption, rugged computer and do not mind about the costs you can go eg. this way :-) https://teguar.com/ip67-box-pc-twb-2945 /

Re: Configure OpenBSD for remote server rarely used

Thanks a lot for all the great advice, that is very useful. It all makes sense. > On 27 Nov 2022, at 21:10, Tomasz Rola wrote: > > On Sun, Nov 27, 2022 at 09:37:19AM +0000, James Johnson wrote: >> Hi all, >> >> OpenBSD is amazing. But I need help in configuring

Re: Configure OpenBSD for remote server rarely used

reboots? Should I do a daily, weekly, monthly reboot? > On 27 Nov 2022, at 20:00, Bodie wrote: > > > > On 27.11.2022 10:37, James Johnson wrote: >> Hi all, >> OpenBSD is amazing. But I need help in configuring it correctly as a >> remote server, rarely used. &g

Re: Configure OpenBSD for remote server rarely used

"Does it just need to wake up to run a script and then shut down again" -> yes, that's basically that. Of course, requirements might evolve. "Why does it even have to be a separate machine?" -> There are benefits to this, including data safety (different location). Thank you for your help, have

Re: Configure OpenBSD for remote server rarely used

> On 27 Nov 2022, at 17:28, Jan Stary wrote: > > On Nov 27 17:10:11, mytraddr...@gmail.com wrote: >> I am not intending to switch the machine. > > Why? It is just not an option for this specific project. > >> In terms of resources, I am mainly concerned about hard drives >> and cpu being

Re: Configure OpenBSD for remote server rarely used

Thank you for the pointer, I will look into that. > On 27 Nov 2022, at 14:13, T K wrote: > > "I have been able to lower the CPU speed by running `apm -L`." > For automation purposes consider using obsdfreqd (pkg_add obsdfreqd) instead. > > niedz., 27 lis 2022, 10

Re: Configure OpenBSD for remote server rarely used

Thanks for your response. I am not intending to switch the machine. In terms of resources, I am mainly concerned about hard drives and cpu being worn down unnecessarily. I am not sure how much of a concern this should be though. Yes, I do know in advance when the machine needs to run and when

Configure OpenBSD for remote server rarely used

Hi all, OpenBSD is amazing. But I need help in configuring it correctly as a remote server, rarely used. The main thing I am trying to do is to make it sleep every now and then to protect resources. I am very flexible on how to do this, but have been unable to do so. Here's what I tried :

Re: inet6 autoconf fails; "slaacd[##]: sendmsg: Can't assign requested address"

> but it's with unmodified 7.0 release source. (I lost the original Oops, I mean 7.0 stable. I followed the anoncvs FAQ instructions using the OPENBSD_7_0 tag. -- James

inet6 autoconf fails; "slaacd[##]: sendmsg: Can't assign requested address"

://clientarea.ramnode.com/knowledgebase.php?action=displayarticle=120 [1] https://marc.info/?l=openbsd-misc=158860746708443=2 [2] https://marc.info/?l=openbsd-cvs=15825831624=2 -- James OpenBSD 7.0-stable (GENERIC.MP) #1: Mon Dec 27 02:20:30 UTC 2021 falsif...@h0.falsifian.org:/usr/src/sys/arch/amd6

Re: Disk partition not recognized

ave a disklabel, right? Could the in-memory disklabel be out of sync? Does the problem persist if you reboot, or detach/re-attach the disk? -- James

Re: suspend/resume kills X

d-bugs=149005961017985=2 I work around it by switching to a different virtual console before suspending. This is the command I use to lock my X session, switch vts, and sleep: xlock -startCmd 'wsconsctl -f /dev/ttyCcfg display.focus=0 && zzz' For that to work, I need to have access to /dev/ttyCcfg. I added /dev/ttyCcfg to /etc/X11/xenodm/{Give,Take}Console (handled the same way as the other devices files in those scripts) to solve that. I can't comment on the security implications of doing that. -- James

Re: nvme boot

tor, 25784 sectors root on sd1a (44a8e9daa00bd12b.a) swap on sd1b dump on sd1b inteldrm0: 1920x1080, 32bpp wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (std, vt100 emulation) iwx0: hw rev 0x340, fw ver 63.c04f3485.0, address 4c:1d:96:49:90:03 video0 detached uvideo0 detached uhub0 detached uhub1 detached uhub0 at usb0 configuration 1 interface 0 "Intel xHCI root hub" rev 3.00/1.00 addr 1 uhub1 at usb1 configuration 1 interface 0 "Intel xHCI root hub" rev 3.00/1.00 addr 1 uvideo0 at uhub0 port 5 configuration 1 interface 0 "CN09357G8LG0098MAFA2A01 Integrated_Webcam_HD" rev 2.01/80.08 addr 2 video0 at uvideo0 iwx0: unhandled firmware response 0x3fd/0x200c rx ring 64[10] -- James

Re: Server certs expired higher up the chain, imaps and https

ne that doesn't end with the expired one. I couldn't find this functionality in OpenBSD's acme-client. However, I tried manually editing the fullchain pem file downloaded by acme-client, deleting the third of three certificates in the file, and now my older clients are happy (but presumably old Android phones will not be happy). -- James

Re: snapshot miniroot69.img not bootable anymore

: 445 probes uvideo0 at uhub0 port 5 configuration 1 interface 0 "CN09357G8LG0098MAFA2A01 Integrated_Webcam_HD" rev 2.01/80.08 addr 2 video0 at uvideo0 axen0 at uhub1 port 3 configuration 1 interface 0 "ASIX Elec. Corp. AX88179" rev 3.00/1.00 addr 2 axen0: AX88179, address 00:90:9e:9d:0f:34 rgephy0 at axen0 phy 3: RTL8169S/8110S/8211 PHY, rev. 5 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd1 at scsibus3 targ 1 lun 0: sd1: 125903MB, 512 bytes/sector, 25784 sectors root on sd1a (44a8e9daa00bd12b.a) swap on sd1b dump on sd1b inteldrm0: 1920x1080, 32bpp wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (std, vt100 emulation) iwx0: hw rev 0x340, fw ver 48.1335886879.0, address 4c:1d:96:49:90:03 -- James

Re: autofs

powerful, but the wolves do not perform > in the circus See amd(8). I have not used it or Linux's autofs, but I think they have the same purpose. -- James

Re: openrsync manpage error

ync. It is also sufficient to make rsync an alias for openrsync on the remote machine. -- James

Re: VMM 6.9amd64 host video acceleration

ome errrors on the console. I think some involved "Channel closing". If it would help, I can keep more careful track and report them to the list. The LibGl errors look less familiar. Stab in the dark: are your ports and system in sync? (I always run pkg_add -u after upgrading to a new snapshot.) -- James

Re: CWM + Web Browser Navigation

pe something that doesn't involve Mod4, cwm won't intercept it. Also for some reason the Firefox keyboard shortcut ctrl-[ for back is stuck in my head so I can always use that. -- James

Re: help debug NFS

-tcp-clients-after-5-minutes-idle-td402844.html As a work around, I've set up a cron script that stat's the mount point every four minutes. That stops the mount from hanging. I hope that helps. James On Sun, Apr 11, 2021 at 2:04 AM Родин Максим wrote: > > Hello > I have an NFS server o

Relayd cannot load keypair

I'm on openbsd 6.8, ran syspatch today. relayd.conf: table { 192.168.1.158 } http protocol "httpproxy" { pass request quick header "Host" value "nextcloud.mydomain.com" \ forward to block } relay "proxy" { listen on 192.168.1.156 port 80 protocol "httpproxy" forward to

Re: Default partitions allocate only 1GB to /

On Sat, Feb 27, 2021 at 11:21:45PM +, tetrahe...@danwin1210.me wrote: > On Sat, Feb 27, 2021 at 08:27:07PM +0000, James Cook wrote: > > Something's strange about your setup. The installer normally creates a > > separate partition for /usr and maybe /usr/local. If you're us

Re: Default partitions allocate only 1GB to /

normally creates a separate partition for /usr and maybe /usr/local. If you're using pkg_add, then packages go in /usr/local, so they shouldn't end up on your root partition. If your disk is really tiny the installer won't create a separate /usr partition, but in that case it won't make a separate /home either. -- James

Re: Unknown process modifying routing table

I've disabled my VPN on the machine as well as dhclient, connecting via a fixed static IP address and DNS servers. My routing table is still being modifed by PID 0 (which I assume to be the kernel) every 30 minutes or so. Ntpd is also disabled. I have also caught my machine communicating to

Re: Keyboard on raspberry pi rpi3b not working

I have a similar situation with a Logitech G series keyboard. From reading man pages for usb, usbhid, wscons, ect. I'm able to get the keyboard input using usbhidctl(8) and if I leave this program running I I'm able to use my external keyboard. Does anyone know how to have the keyboard

Unknown process modifying routing table

Hi all, My routing table is being modified by an unknown process. I have system accounting enabled and I'm monitoring route changes but the PID of the process reported by `route monitor` is always 0 for these unknown changes. I've seen my default route (VPN) being

Re: Issues with Teclast F7 Plus

On 13 Dec 2020, 13:27:48 +, Joel Carnat wrote: > Hello, > > I just got a Teclast F7 Plus laptop and installed OpenBSD 6.8-current on > it. Most things works except apm and touchpad > > Using zzz or ZZZ, it seems suspend/hibernation start but are never > achieved. The backlight keyboard and

Re: Dissing Misks

gt; > I've never regretted setting up a MBR boot system on an "either will > do" machine. I have regretted setting up a GPT system on a machine > that became unreliable, and thus had to be replaced, and I spent too > long trying to find a new used system that was also GPT capable. Oops; fair enough; I forgot about booting. -- James

Re: Dissing Misks

gh that barrier with the 'b' command, as Allan indicated. > > If you are using softraid, you will have to repeat the disklabel 'b' > thing for the softraid disks, too. I usually forget that part. > > Nick. If you're starting fresh, isn't it simpler to use a GPT partition table if you want to go past that limit? -- James

Predict which changes will be in snapshot pulled by sysupgrade?

rticle;sid=2008094306 [1] https://ftp.openbsd.org/pub/OpenBSD/doc/history/obsd-faq43.pdf ("It is sometimes asked...") -- James

Re: softraid0 errors after 6.8 upgrade

> the upgrade? I did not find anything in the changelog. Could this happen if there's a problem with the disk blocks backing the content of those files? I don't think fsck tries to read blocks that only store file content. -- James

Re: System auditing and logging

recorded to a specific subset. Is there any interest in modifying ktrace to allow for specifying individual names of syscalls to trace? e.g. ktrace -t c -u execve,sendmsg On Fri, Nov 13, 2020 at 07:57:54AM -0700, Theo de Raadt wrote: man accton James wrote: Recently a machine running OpenBSD

System auditing and logging

Recently a machine running OpenBSD 6.8 had its configuration changed and I believe it to have been subject to a malicious attack. This change is completely unexplainable, compromised security, and would have required root access. The log files reveal nothing out of the ordinary except for

Re: Approved way to update installed ports after system upgrade?

advance. >From https://www.openbsd.org/faq/upgrade68.html , I think this is your answer: "Finish up by upgrading the packages using pkg_add -u." -- James

No longer can change brightness

Hello, The latest snapshots (maybe 1 week ago) have made wsconsctl(8) no longer functional for changing display brightness on my MacBook Pro mid 2014. The expected behavior would be to `wsconsctl display.brigthness=X` to change the value for the desired percentage, but it always return

Re: time_t

d do if they were unsigned. There are probably more compelling examples where it's even more obvious unsigned ints will not do what you probably wanted, but that's what came to me on the spot. In any case, my previous employer's (C++) style guide strongly discouraged use of unsigned integer types for this reason. -- James

Re: Microsoft's war on plain text email in open source

She never really says how old her "partner" is. Perhaps he is a developer who has literally "...grown up in the last five or ten years..." On Wed, Aug 26, 2020 at 9:50 AM Rafael Possamai wrote: > >- Original message - > >From: Greg Thomas > > > >"... he had to set up an entirely new

Re: multiple simultaneous X sessions?

Xnest and Xephyr? Right, I think the vnc / Xnest / Xephyr suggestions assume you've got one "main" user accessing the sessions that belong to the other users. I don't really know enough to comment on how much any of this helps with security. -- James

Re: multiple simultaneous X sessions?

my normal practice in my Debian days, switching among them with Ctrl-Alt-FN.) Either way, thanks much for any info. Luke Call I don't know if it's possible to do exactly what you want, but as an alternative, maybe you could get a similar effect using Xnest or vnc. -- James

Re: email attachments in firefox

but probably look for "firefox" in that directory.) -- James

pkg_add man page doesn't document default path properly

on a release. Neither page seems to give a straightforward answer. Eventually I figured it out by looking at the output of pkg_info.) -- James (previously jc...@cs.berkeley.edu)

Re: mpd: failed to open default sndio device

Did you find a solution to this? Copying ~/.sndio/cookie into _mpd's home directory did not fix this error for me. On Fri, Oct 18, 2019 at 02:34:48PM +0300, Кирилл wrote: Hello. After install mpd: $ mpc play Antimatter - Over Your Shoulder [paused] #1/7 0:00/4:41 (0%) volume:100% repeat:

Re: DNS and rdomains

this helps, Tom Smyth On Wed, 27 May 2020 at 23:24, James wrote: Hi all, How can I allow different rdomains to use separate DNS nameservers? Thanks -- Kindest regards, Tom Smyth.

DNS and rdomains

Hi all, How can I allow different rdomains to use separate DNS nameservers? Thanks

dhcp dhcp problem with ramnode.com: "CLASSLESS_STATIC_ROUTES too long" (workaround included)

t delved deep enough into the code to understand the significance of that, but mentioning it in case it's relevant. BTW, this is my first time using OpenBSD, and I'm quite happy so far. James

Re: Question regarding server hardware

On 2019-09-07, James Huddle wrote: >> I recently purchased a Dell T-330 server that I had intended to >> install OpenBSD on and use as a serious web server. My goal was to >> have more control than would be (naturally) given with, say an AWS VM. >> And by control, I me

Question regarding server hardware

I recently purchased a Dell T-330 server that I had intended to install OpenBSD on and use as a serious web server. My goal was to have more control than would be (naturally) given with, say an AWS VM. And by control, I mean what is *not* running on the box - security-wise. Apparently, Dell

Re: Piping multiple lines of text via ssh

erstanding your problem, take a look at the "-n" switch in the ssh man pages. I ran in to a similar issue that you're having and this solved it. I hope this helps...James

Re: PF firewall for desktop

Lots of miscommunications in these threads. The original poster here was talking about setting up a virtual firewall machine to deal with traffic on a single box. Most of the war stories are from sys admins protecting a corporate LAN (or larger) with lawyers and accountants weighing in. Of

Re: PF firewall for desktop

IP is a fairly high-order construct. Beneath it , the data link and physical layers remain almost unnoticed. One thought that came to mind would be to attack a machine on the same LAN, and then exploit an Ethernet vulnerability to listen to "the wire". Not sure how many (if any) Ethernet

Re: PF firewall for desktop

I like your suggestion! I am security paranoid to a fault. For me, a system is either rock solid or wide open. obsd is the closest I've found to rock solid, and frankly a virtualbox vm running on win7 feels wide open. But the more I thought about your idea, the more I liked it. Win7 w/o the

Re: single user question

Sorry. Stefan. Batting 1000. -Jim On Tue, May 21, 2019 at 1:20 PM James Huddle wrote: > Just a quick shout-out to Roderick: > Thank you for the paper reference. It's probably perfect for my needs, > but I've been a bit busy, as of late. So no papers, regardless of year > wr

Re: single user question

Just a quick shout-out to Roderick: Thank you for the paper reference. It's probably perfect for my needs, but I've been a bit busy, as of late. So no papers, regardless of year written. One of my favorite references is Thompson's "Reflections on Trusting Trust" so I'm hep to your SuperFly-Era

Re: single user question

First of all, I must say that it is with genuine gratitude that I read your responses! Moving on... On Wed, May 15, 2019 at 3:05 PM James Huddle wrote: >> What I am trying to do (thank you Troy Martin), is work through >> the standard answers and missteps toward a more secure OS,

Re: single user question

>What I"m saying is that it takes less work overall to subtract from a >system in a supportable way than it is to try and handcraft an >unsupportable system. If you know the supportable system well and your goal is only a slight variation of that that system does, then that makes perfect sense.

single user question

If the following questions trigger a sense of road rage, you may safely assume they are not directed to you. Is anyone running in single-user mode regularly? Is anyone running a web server, for instance, in single-user mode? Many thanks in advance. Shields up. -Jim

Re: When will be created a great desktop experience for OpenBSD?

I love the default minimalism, simplicity and freedom of OpenBSD to make it how I want it. My "Perfect OpenBSD": spectrwm, dmenu, urxvt (with perl tabbing), tmux, etc. On Wed, May 8, 2019 at 7:40 AM Peter N. M. Hansteen wrote: > > When will be created a great desktop experience for OpenBSD? > >

Re: Research and OpenBSD: How can I help?

Thank you, Mihai. I needed that. And honest, sincere thanks to Theo, for working hard, smart, and continuously for decades. You are unique. -Jim Huddle On Thu, Feb 21, 2019 at 8:31 AM Mihai Popescu wrote: > > Frankly, I'd settle for popping the BIOS out and replacing it > with a 1970's EPROM

Re: Research and OpenBSD: How can I help?

Feb 21, 2019 at 1:03 AM Frank Beuth wrote: > On Wed, Feb 20, 2019 at 09:16:04PM -0500, James Huddle wrote: > >Personally, I envision a sort of "open source BIOS" > >library in the distant future. Something we jack in on jtag > >if we have to. There is no harm in *s

Re: Research and OpenBSD: How can I help?

>An area that I am personally interested in is running >OpenBSD on fully open-source / binary-blob-free >hardware: hardware where there is no proprietary >firmware that could hide vendor backdoors, and >ideally where even the design of the chip is available >to the user for review. (Heck yes)^2

Re: wscons API question: input handling?

is ncurses too high-level for your needs? That might work. On Tue, Feb 19, 2019 at 1:27 PM Leonid Bobrov wrote: > On Tue, Feb 19, 2019 at 04:01:08PM +, tfrohw...@fastmail.com wrote: > > Is the package x11/xbindkeys what you are looking for? > > > > No, I need a direct access to keyboard

Re: Firefox (and SeaMonkey) automatically creates a Desktop folder in $HOME

Xianwen, If you create ~/.config/user-dirs.dirs with the following lines it will prevent Firefox from creating those folders: XDG_DESKTOP_DIR="$HOME" XDG_DOCUMENTS_DIR="$HOME" XDG_DOWNLOAD_DIR="$HOME" Jim On Wed, Feb 14, 2018 at 7:23 AM, Xianwen Chen wrote: > Dear

Re: password-free SSH was Re: [ot] Security of my bit coin wallet

minate the need to use passwords when speaking the protocol and establish some sort of reality to host mapping. Remember we can never actually verify anything in the internet due to MITM. We can just increase our probability of success while decreasing the attack surface for dictionaries. What do you

password-free SSH was Re: [ot] Security of my bit coin wallet

nks, > > -- > Raul > Thanks, James > On Wed, Nov 15, 2017 at 8:46 AM, James <jamex1...@gmail.com> wrote: >> While a little off topic it is security related so I hope you don't mind. >> >> This is the misc list, right? >> >> Assumption 1. >

[ot] Security of my bit coin wallet

somewhere, but eventually someone has a password that is used to, unlock a bitcoin. Is that correct reasoning or are there alternatives? Thanks, James

Re: X710 10Gb card not configured

- On 26 Sep, 2017, at 20:25, Jonathan Gray j...@jsg.id.au wrote: | On Tue, Sep 26, 2017 at 05:35:40PM -0700, James A. Peltier wrote: |> Hi Misc, |> |> I am running the latest OpenBSD snapshot and it appears that the 10Gb cards that |> we have in the unit aren't recognized o

X710 10Gb card not configured

Capability 0x03: Device Serial Number 0x0150: Enhanced Capability 0x0e: Alternate Routing ID 0x01a0: Enhanced Capability 0x17: TPH Requester 0x01b0: Enhanced Capability 0x0d: Access Control Services 0x00e0: Capability 0x03: Vital Product Data (VPD) -- James A. Peltier

Re: OpenBSD-based ISP

mance configurations but I think > that OpenBSD can handle 400mbps without tweaking. > > I'm wrong? > What am I doing bad? > > Thank you! > > > > -- James Shupe, HermeTek developer/ engineer BSD/ Linux support & hosting jsh...@hermetek.com | www.hermetek.com Office 5127922525 | Mobile 5122846350

Re: KERNEL PANIC: HP 250 G5 Notebook PC (W4M67EA)

On Sat, Jan 07, 2017 at 03:32:22PM -0800, Mike Larkin wrote: > Also, this is the third time (that I recall) that HP has thrown us a curveball > in their ACPI implementation (although at least this time they seem to be > spec-compliant and it's us missing stuff). Toshiba is another vendor that >

Re: DigitalOcean and OpenBSD

as a replacement for my exisiting FreeBSD and Debian VPS instances. I have been impressed enough that I plan to replace my FreeBSD and Debian instances with OpenBSD instances before the end of the year. - James > On 25/08/2016, at 8:25 AM, Pedro Tender <mascar...@sailormoon.pt> wrote: > &

httpd.conf(5) macros not expanding for tls options

ions, nothing to do A similar error occurs if I explicitly define the path for the certificate (i.e. without using the macro) and use the macro for the key. Are macros not supported for the 'tls certificate' and 'tls key' options? Regards, James

Re: Weird errors during install.site

w it away. My initial thought was I would have to echo all the scripted commands I wanted to make to >> rc.firsttime. But your suggestion of creating a separate rc.firstime.tail script and then appending the whole thing to rc.firsttime at once seems like an elegant solution which I will adopt. Thank you, James

Weird errors during install.site

any, would be appropriate. I would appreciate any tips. :) Regards, James

producing SHA256 & release(8)?

Before proposing a diff, I need clarification. The release(8) manpage states: "xenocara uses DESTDIR and RELEASEDIR as described above. While they may be set to the values used to build the rest of the system, be aware that the existing contents of DESTDIR will be removed as part of the xenocara

support update

0 C USA P Texas T Pflugerville Z 78691 O HermeTek Network Solutions I James Shupe A P.O. Box 2264 M sa...@hermetek.com U https://www.hermetek.com/bsd-linux-support B 512.792.2525 X 512.888.9889 N We provide open infrastructure design, development, deployment, maintenance and training. We

Clarification on vhid/carpnode settings for load-balanced fw configuration

Hi, all. I'm setting up a pair of load-balanced firewalls using carp. I've got nearly everything going, but encountered this in the man page: "If IP balancing is being used on a firewall, it is recommended to configure the carpnodes in a symmetrical manner. This is achieved by simply using the

Re: BIOS call fallback

>The OpenBSD process is quite well understood. Use the best methods, >doubt what you do, refractor. Simple in concept, but it takes a lot >of time. >Therefore I am looking forward to seeing what you and James can do. >How long do you think it will take you? Can we expect to se

Re: Boot loader uses INT 13h [WAS BIOS call fallback]

>> a security consideration, as far as I can see the bootloader loads using INT >> 13h calls. How can the kernel be sure it is really operating in ring 0 and not >> in some VM given that this is the case? >Hey, it looks like you are just trying to be a dick. On the assumption that you are not

Re: BIOS call fallback

>I guess in the absence of a seriously thought out wish list such a project could be open ended. >The more care spent in hardware design choices I guess the more likely we could avoid the mess >that various legacies have caused. Here's a suggestion for a community that is base around the claim of

Boot loader uses INT 13h [WAS BIOS call fallback]

Hi, a security consideration, as far as I can see the bootloader loads using INT 13h calls. How can the kernel be sure it is really operating in ring 0 and not in some VM given that this is the case?

Re: BIOS call fallback

> Well there you go. Get to it. See you in 10 years. Seriously, though. The thought must have crossed your mind at least once during all these years of mopping up the mess that MS/Intel seem to have concocted over the years. I wonder what a hardware system designed by BSD bootloader, kernel

Re: BIOS call fallback

>Because the kernel cannot know what memory it should leave untouched, >to use such BIOS functions. Why not? I understand that there is some degree of variance amongst BIOS usage of memory but the upper bounds seem to be clearly defined (if I am not misinformed). And surely it would be possible

BIOS call fallback

Hi, forgive my ignorance and lack of knowledge on OS fundamentals. As my signature suggests I am a complete beginner with 0x00 knowledge of the subject. Regardless of that fact here comes my rather naive question: Given that most OS mailing lists/forums seem to be dominated with hardware

Re: HUAWEI dongle

>Please send dmesg and the output of: >usbdevs -dv >Both while the Huawei dongle is plugged into your machine, of course... Would love to be able to do that. Anybody had any success mounting an OpenBSD file system in linux? 0x00

Re: HUAWEI dongle

and running? I need to connect to the internet to do work on and I've had it with just about every other OS there. Daer Samej From: Michael McConville <mm...@mykolab.com> Sent: Saturday, December 19, 2015 6:43 PM To: Read, James C Cc: misc@openbsd.org Subje

HUAWEI dongle

Hi, I just installed 5.8, I know my dongle is detected and correctly switched to the right mode because a) I can see in dmesg output that the device is detected and labelled ugen0 b) I can see the led light continuously on the dongle, this only happens in other environments I've used the dongle

Re: HUAWEI dongle

>Unfortunately, without more information on YOUR dongle, (which would come >from a dmesg, and/or usbdevs output), I can't give you any specific advice. I'm having trouble mounting my OpenBSD file system under linux so can't get the dmesg for you right now. But I remember the line started with

Huawei E3533 and umsm

Hi, my dmesg gives: umsm0 at uhub0 port 1 configuration 1 interface 0 @HUAWEI HUAWEI Mobile@ rev 2.00/1.02 addr 2 my usbdevs -dv uhub0 port 1 addr 2 : high speed, power 500 mA, config 1, HUAWEI Mobile E303(0x1f01), HUAWEI Technologies(0x12d1), rev 1.02 cu /dev/cua00 gives Connected to

Re: HUAWEI dongle

>There was recently a good discussion about which WiFi dongles are >reliably supported. I'd suggest finding cheap well-reviewed options >online and searching their names on the list archives. my dmesg gives: umsm0 at uhub0 port 1 configuration 1 interface 0 @HUAWEI HUAWEI Mobile@ rev 2.00/1.02

Re: HUAWEI dongle

>A full dmesg output, or at least an indication of what model the dongle is >would be useful here. Would love to be able to do that. Anybody had success mounting an OpenBSD filesystem in linux? 0x00

dotted lines flashing on the virtual terminal

Never seen this one before. Just done a clean base install of 5.8 Got white lines of - - flashing across my screen at urandom places. Is this some kind of buffering problem? 0x00

  1   2   3   4   5   6   7   8   9   >