Re: installboot: no OpenBSD partition
After some more investigation and especially after stumbling upon a mail from Otto Moerbeek from 2020, I found that the problem was a missing 'i' partition in the disklabel. installboot(8) needs the 'i' partition in the disklabel to find the EFI partition, otherwise it will try to fall back to MBR. After manually adding the 'i' partition, everything went find. Here is the updated disklabel: # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: KINGSTON SA400S3 duid: 09a9344c23abff6c flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 14593 total sectors: 234441648 boundstart: 1024 boundend: 234441615 16 partitions: # size offset fstype [fsize bsize cpg] a: 230692352 1024 4.2BSD 2048 16384 12960 # / b: 3748239 230693376 swap # none c: 234441648 0 unused i: 960 64 MSDOS installboot(8) works as expected now: # installboot -v sd0 Using / as root installing bootstrap on /dev/rsd0c using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot copying /usr/mdec/BOOTIA32.EFI to /tmp/installboot.AfBA3OfNsR/efi/BOOT/BOOTIA32.EFI copying /usr/mdec/BOOTX64.EFI to /tmp/installboot.AfBA3OfNsR/efi/BOOT/BOOTX64.EFI Best regards, Jona On 16/07/2023 17:28, Jona Joachim wrote: Hi, I have trouble with installboot on a small embedded amd64 system. I get the following error during sysupgrade and also when I run installboot manually: installboot: no OpenBSD partition. You can find the output of installboot, fdisk and disklabel below. I also attached a full dmesg. I initially installed with 7.2 and I just upgraded to 7.3. This should be a GPT install but installboot seems to find an MBR, maybe this is the source of the problem. If possible, I would like to be able to fix this problem without reinstalling the system. Do you have some idea what's going on? Best regards, Jona # installboot -v sd0 /usr/mdec/biosboot /usr/mdec/boot Using / as root installing bootstrap on /dev/rsd0c using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot copying /usr/mdec/boot to //boot looking for superblock at 65536 found valid ffs2 superblock //boot is 6 blocks x 16384 bytes fs block shift 2; part offset 1024; inode block 56, offset 2928 expecting 64-bit fs blocks (incr 4) master boot record (MBR) at sector 0 partition 0: type 0xEE offset 1 size 4294967295 installboot: no OpenBSD partition # fdisk sd0 Disk: sd0 Usable LBA: 34 to 234441614 [234441648 Sectors] #: type [ start: size ] 0: EFI Sys [ 64: 960 ] 1: OpenBSD [ 1024: 234440591 ] # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: KINGSTON SA400S3 duid: 09a9344c23abff6c flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 14593 total sectors: 234441648 boundstart: 1024 boundend: 234441615 16 partitions: # size offset fstype [fsize bsize cpg] a: 230692352 1024 4.2BSD 2048 16384 12960 # / b: 3748239 230693376 swap # none c: 234441648 0 unused
installboot: no OpenBSD partition
Hi, I have trouble with installboot on a small embedded amd64 system. I get the following error during sysupgrade and also when I run installboot manually: installboot: no OpenBSD partition. You can find the output of installboot, fdisk and disklabel below. I also attached a full dmesg. I initially installed with 7.2 and I just upgraded to 7.3. This should be a GPT install but installboot seems to find an MBR, maybe this is the source of the problem. If possible, I would like to be able to fix this problem without reinstalling the system. Do you have some idea what's going on? Best regards, Jona # installboot -v sd0 /usr/mdec/biosboot /usr/mdec/boot Using / as root installing bootstrap on /dev/rsd0c using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot copying /usr/mdec/boot to //boot looking for superblock at 65536 found valid ffs2 superblock //boot is 6 blocks x 16384 bytes fs block shift 2; part offset 1024; inode block 56, offset 2928 expecting 64-bit fs blocks (incr 4) master boot record (MBR) at sector 0 partition 0: type 0xEE offset 1 size 4294967295 installboot: no OpenBSD partition # fdisk sd0 Disk: sd0 Usable LBA: 34 to 234441614 [234441648 Sectors] #: type [ start: size ] 0: EFI Sys [ 64: 960 ] 1: OpenBSD [ 1024: 234440591 ] # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: KINGSTON SA400S3 duid: 09a9344c23abff6c flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 14593 total sectors: 234441648 boundstart: 1024 boundend: 234441615 16 partitions: # size offset fstype [fsize bsize cpg] a: 230692352 1024 4.2BSD 2048 16384 12960 # / b: 3748239 230693376 swap # none c: 234441648 0 unused OpenBSD 7.3 (GENERIC) #1072: Sat Mar 25 10:26:08 MDT 2023 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 7933616128 (7566MB) avail mem = 7673876480 (7318MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.2 @ 0xcce1b000 (22 entries) bios0: vendor American Megatrends Inc. version "P1.30" date 11/27/2020 bios0: ASRock 4X4 BOX efi0 at bios0: UEFI 2.7 efi0: American Megatrends rev 0x50010 acpi0 at bios0: ACPI 6.0Undefined scope: \\_SB_.PCI0.SBRG.EC0_ acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SDEV SSDT FIDT MCFG AAFT IADT IAMT HPET SSDT VFCT TPM2 SSDT CRAT CDIT SSDT SSDT SSDT SSDT WSMT APIC SSDT SSDT FPDT acpi0: wakeup devices GPP0(S4) GPP2(S4) GPP3(S4) GPP4(S4) GPP5(S4) GP17(S4) XHC0(S4) XHC1(S4) GP18(S4) GP19(S4) SIO1(S3) GPP1(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimcfg0 at acpi0 acpimcfg0: addr 0xf000, bus 0-127 acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Ryzen 5 4500U with Radeon Graphics, 2375.00 MHz, 17-60-01 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TCE,TOPEXT,CPCTR,DBKP,PCTRL3,MWAITX,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,PQM,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA,UMIP,IBPB,IBRS,STIBP,SSBD,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 512KB 64b/line 8-way L2 cache, 4MB 64b/line 16-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 100MHz cpu0: mwait min=64, max=64, C-substates=1.1, IBE cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured cpu at mainbus0: not configured ioapic0 at mainbus0: apid 7 pa 0xfec0, version 21, 24 pins ioapic1 at mainbus0: apid 8 pa 0xfec01000, version 21, 32 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (GPP0) acpiprt2 at acpi0: bus 3 (GPP3) acpiprt3 at acpi0: bus -1 (GPP4) acpiprt4 at acpi0: bus 4 (GP17) acpiprt5 at acpi0: bus 5 (GP18) acpiprt6 at acpi0: bus -1 (GP19) acpiprt7 at acpi0: bus 2 (GPP1) acpipci0 at acpi0 PCI0: 0x0010 0x0011 0x acpicmos0 at acpi0 acpibtn0 at acpi0: PWRB "ACPI0010" at acpi0 not configured acpicpu0 at acpi0: C3(0@350 io@0x415), C2(0@400 io@0x414), C1(0@1 mwait), PSS acpicpu1 at acpi0: no cpu matching ACPI ID 2 acpicpu2 at acpi0: no cpu matching ACPI ID 3 acpicpu3 at acpi0: no cpu matching ACPI ID 4 acpicpu4 at acpi0: no cpu matching ACPI ID 5 acpicpu5 at acpi0: no cpu matching ACPI ID 6 acpicpu6 at acpi0: no cpu matching ACPI ID 7 acpicpu7 at acpi0: no
Re: Unable to create IKEv2 VPN using strongSwan to iked
Hmm, I tried your configuration and I get the same behaviour with strongswan. I don't have an iPhone to test. I tried playing around with the settings switching from x509 to PSK, changing strongswan knobs, always with the same result. I can connect to other strongswan responders using this same client. Do you have other special settings in other strongswan config files? Do you have any special pf rules? I run with pf disabled for these tests. I don't think running pf is required to establish a tunnel. Best regards, Jona On Apr 20, 2020, 16:02, at 16:02, R0me0 *** wrote: >Ajust as your necessity * > >( Don't forget to adjust your pf rules accordingly ) * > > > >OpenBSD 6.X ( Works with IPHONE AND STRONGSWAN ) > >ikev2 "roadwarrior" passive esp from 0.0.0.0/0 to 10.20.30.0/24 \ > local egress peer any \ > ikesa enc aes-256 auth hmac-sha2-256 group modp2048 \ > childsa enc aes-256 auth hmac-sha2-256 group modp2048 \ > dstid r...@openbsd.org psk "psk_passphrase" config address 10.20.30.32 > > > >Iphone = just disable certificates and set psk > > >Interoperability with StrongSwan > > ># cat /etc/ipsec.conf > > ipsec.conf – strongSwan IPsec configuration file ># basic configuration > >config setup > >conn %default >ikelifetime=60m >keylife=20m >rekeymargin=3m >keyingtries=1 >keyexchange=ikev2 >authby=secret >ike=aes256-sha256-modp2048! >esp=aes256-sha256-modp2048! > >conn strongswan >left=%any >leftfirewall=yes >leftsourceip=%config >right=REMOTE_PEER_IP >rightid=puffymagic.ikedvpn.com >rightsubnet=192.168.0.0/24,172.8.50.0/24 ( networks you want access on >other side ) ( behind magic puffer fish ) >auto=add > > > ># cat /etc/ipsec.secrets > ># ipsec.secrets – strongSwan IPsec secrets file >: PSK “strongopeniked” > > > >PS: Magic Puffer Fish Rock! > >Em seg., 20 de abr. de 2020 às 09:49, Jona Joachim >escreveu: > >> Hi, >> >> I am trying to connect to iked running on OpenBSD 6.6 from a >strongSwan >> 5.7.2 initiator running on Ubuntu 19.10 (which is behind NAT). I am >> using x509 certificates generated by ikectl. >> >> The tunnel cannot be established. It is hard for me to see what's >going >> on. strongswan seems to be sending the same IKE_AUTH packet again and >> again and iked does not seem to respond even though it receives the >> packet and does not show an error. The only thing fishy I see in iked >> output is "sa_state: cannot switch: AUTH_SUCCESS -> VALID", not sure >why >> it "cannot switch". >> >> Does anybody have a working setup between iked and strongSwan or any >> insights? Config files and logs below. >> >> Thanks, >> >> Jona >> >> >> iked.conf: >> >> ikev2 passive esp \ >> from 0.0.0.0/0 to 10.201.201.0/24 \ >> from 192.168.0.0/16 to 10.244.244.0/24 \ >> from 10.244.244.0/24 to 192.168.0.0/16 \ >> local 1.2.3.4 peer any \ >> srcid vpn.example.com \ >> config address 10.201.201.0/24 \ >> config name-server 10.201.201.1 \ >> tag "IKED" >> >> >> ipsec.conf (strongSwan): >> >> config setup >> # strictcrlpolicy=yes >> # uniqueids = no >> >> conn puffvpn >> keyexchange=ikev2 >> dpddelay=5s >> dpdtimeout=60s >> dpdaction=restart >> >> left=%defaultroute >> leftcert=wookie.crt >> leftsubnet=192.168.0.0/16 >> leftfirewall=yes >> leftid="wookie" >> >> right=vpn.example.com >> rightsubnet=10.201.201.0/24 >> rightid="vpn.example.com" >> >> auto=start >> >> strongswan log: >> >> # ipsec up puffvpn >> initiating IKE_SA puffvpn[5] to 1.2.3.4 >> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) >> N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] >> sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (928 bytes) >> received packet: from 1.2.3.4[500] to 192.168.4.103[500] (38 bytes) >> parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] >> peer didn't accept DH group ECP_256, it requested MODP_2048 >> initiating IKE_SA puffvpn[5] to 1.2.3.4 >> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) >> N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] >> sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (1120 bytes) >> retransmit 1 of request with message ID 0 >> sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (1120 bytes) >> retransmit 2 of r
Unable to create IKEv2 VPN using strongSwan to iked
Hi, I am trying to connect to iked running on OpenBSD 6.6 from a strongSwan 5.7.2 initiator running on Ubuntu 19.10 (which is behind NAT). I am using x509 certificates generated by ikectl. The tunnel cannot be established. It is hard for me to see what's going on. strongswan seems to be sending the same IKE_AUTH packet again and again and iked does not seem to respond even though it receives the packet and does not show an error. The only thing fishy I see in iked output is "sa_state: cannot switch: AUTH_SUCCESS -> VALID", not sure why it "cannot switch". Does anybody have a working setup between iked and strongSwan or any insights? Config files and logs below. Thanks, Jona iked.conf: ikev2 passive esp \ from 0.0.0.0/0 to 10.201.201.0/24 \ from 192.168.0.0/16 to 10.244.244.0/24 \ from 10.244.244.0/24 to 192.168.0.0/16 \ local 1.2.3.4 peer any \ srcid vpn.example.com \ config address 10.201.201.0/24 \ config name-server 10.201.201.1 \ tag "IKED" ipsec.conf (strongSwan): config setup # strictcrlpolicy=yes # uniqueids = no conn puffvpn keyexchange=ikev2 dpddelay=5s dpdtimeout=60s dpdaction=restart left=%defaultroute leftcert=wookie.crt leftsubnet=192.168.0.0/16 leftfirewall=yes leftid="wookie" right=vpn.example.com rightsubnet=10.201.201.0/24 rightid="vpn.example.com" auto=start strongswan log: # ipsec up puffvpn initiating IKE_SA puffvpn[5] to 1.2.3.4 generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (928 bytes) received packet: from 1.2.3.4[500] to 192.168.4.103[500] (38 bytes) parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] peer didn't accept DH group ECP_256, it requested MODP_2048 initiating IKE_SA puffvpn[5] to 1.2.3.4 generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ] sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (1120 bytes) retransmit 1 of request with message ID 0 sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (1120 bytes) retransmit 2 of request with message ID 0 sending packet: from 192.168.4.103[500] to 1.2.3.4[500] (1120 bytes) received packet: from 1.2.3.4[500] to 192.168.4.103[500] (471 bytes) parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(HASH_ALG) ] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 local host is behind NAT, sending keep alives received 1 cert requests for an unknown ca sending cert request for "CN=35.180.187.116" sending cert request for "C=FR, ST=Ile-de-France, L=Paris, O=OpenBSD, OU=iked, CN=VPN CA, E=j...@joachim.cc" authentication of 'wookie' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful sending end entity cert "C=FR, ST=Ile-de-France, L=Paris, O=puffvpn, OU=iked, CN=wookie, E=j...@joachim.cc" establishing CHILD_SA puffvpn{7} generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ] sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) retransmit 1 of request with message ID 1 sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) retransmit 2 of request with message ID 1 sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) retransmit 3 of request with message ID 1 sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) sending keep alive to 1.2.3.4[4500] retransmit 4 of request with message ID 1 sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) sending keep alive to 1.2.3.4[4500] sending keep alive to 1.2.3.4[4500] retransmit 5 of request with message ID 1 sending packet: from 192.168.4.103[4500] to 1.2.3.4[4500] (1568 bytes) sending keep alive to 1.2.3.4[4500] sending keep alive to 1.2.3.4[4500] sending keep alive to 1.2.3.4[4500] giving up after 5 retransmits peer not responding, trying again (2/3) establishing connection 'puffvpn' failed iked log: # iked -dvv ikev2 "policy1" passive esp inet from 10.244.244.0/24 to 192.168.0.0/16 from 0.0.0.0/0 to 10.201.201.0/24 from 192.168.0.0/16 to 10.244.244.0/24 loc al 1.2.3.4 peer any ikesa enc aes-256,aes-192,aes-128,3des prf hmac-sha2-256,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group modp2048,modp1536,modp 1024 childsa enc aes-256,aes-192,aes-128 auth hmac-sha2-256,hmac-sha1 srcid vpn.example.com lifetime 10800 bytes 536870912 signature config address 1 0.201.201.0 config name-server 10.201.201.1 tag "IKED" /etc/iked.conf: loaded 1 configuration rules ca_privkey_serialize: type RSA_KEY length 1192 ca_pubkey_serialize: type RSA_KEY length 270 ca_privkey_to_method: type RSA_KEY method RSA_SIG ca_getkey: received private key type RSA_KEY length 1192 ca_getkey: received public key type RSA_KEY length 270 ca_dispatch_parent: config reset ca_reload: loaded
iked cannot estabilsh tunnel when responder provides address configuration
Hi all, I'm trying (again) to setup iked. I want to set up a site-to-site IKEv2 VPN where both sides are behind NAT with a central OpenBSD responder which handles openbsd and strongswan initiators on both sides. But first I'm starting small and I try to create a small site-to-site VPN with 2 peers where one is behind NAT using OpenBSD iked on both sides. Both sides run OpenBSD 6.6 with all syspatches applied. This simple configuration is working, however I'm confronted with a strange finding where the setup stops working when I add an address configuration directive on the responder side. Now I know that the OpenBSD iked client does not support IP configuration but I expected it to ignore the directive instead of going into what seems to be a wait loop. I could not find any information regarding this issue in documentation or forums. I want to set up the address configuration because I plan to use it for the strongswan client later on. Here is the working configuration: Responder: ikev2 passive esp \ from 0.0.0.0/0 to 10.201.201.0/24 \ local 1.2.3.4 peer any \ srcid vpn.example.com \ tag "IKED" Initiator: ikev2 active esp \ from 0.0.0.0/0 to 10.201.201.0/24 \ peer 1.2.3.4 \ srcid initiator \ tag "IKED" Responder iked -dv: ikev2 "policy1" passive esp inet from 0.0.0.0/0 to 10.201.201.0/24 local 1.2.3.4 peer any ikesa enc aes-256,aes-192,aes-128,3des prf hmac-sha2-256,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group modp2048,modp1536,modp1024 childsa enc aes-256,aes-192,aes-128 auth hmac-sha2-256,hmac-sha1 srcid vpn.example.com lifetime 10800 bytes 536870912 signature tag "IKED" spi=0xc1079b808ecf48e5: recv IKE_SA_INIT req 0 peer 5.6.7.8:500 local 1.2.3.4:500, 510 bytes, policy 'policy1' spi=0xc1079b808ecf48e5: send IKE_SA_INIT res 0 peer 5.6.7.8:500 local 1.2.3.4:500, 451 bytes spi=0xc1079b808ecf48e5: recv IKE_AUTH req 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 784 bytes, policy 'policy1' spi=0xc1079b808ecf48e5: send IKE_AUTH res 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 720 bytes, NAT-T spi=0xc1079b808ecf48e5: sa_state: VALID -> ESTABLISHED from 5.6.7.8:4500 to 1.2.3.4:4500 policy 'policy1' Now if I change the responder config to add address configuration without changing the initiator config: ikev2 passive esp \ from 0.0.0.0/0 to 10.201.201.0/24 \ local 1.2.3.4 peer any \ srcid vpn.example.com \ config address 10.201.201.0/24 \ tag "IKED" Responder: ikev2 "policy1" passive esp inet from 0.0.0.0/0 to 10.201.201.0/24 local 1.2.3.4 peer any ikesa enc aes-256,aes-192,aes-128,3des prf hmac-sha2-256,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group modp2048,modp1536,modp1024 childsa enc aes-256,aes-192,aes-128 auth hmac-sha2-256,hmac-sha1 srcid vpn.example.com lifetime 10800 bytes 536870912 signature config address 10.201.201.0 tag "IKED" spi=0x9b7bbe0baad5565b: recv IKE_SA_INIT req 0 peer 5.6.7.8:500 local 1.2.3.4:500, 510 bytes, policy 'policy1' spi=0x9b7bbe0baad5565b: send IKE_SA_INIT res 0 peer 5.6.7.8:500 local 1.2.3.4:500, 451 bytes spi=0x9b7bbe0baad5565b: recv IKE_AUTH req 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 784 bytes, policy 'policy1' spi=0x9b7bbe0baad5565b: recv IKE_AUTH req 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 784 bytes, policy 'policy1' spi=0x9b7bbe0baad5565b: recv IKE_AUTH req 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 784 bytes, policy 'policy1' spi=0x9b7bbe0baad5565b: recv IKE_AUTH req 1 peer 5.6.7.8:4500 local 1.2.3.4:4500, 784 bytes, policy 'policy1' (... repeat forever) Initiator: ikev2 "policy1" active esp inet from 0.0.0.0/0 to 10.201.201.0/24 local any peer 1.2.3.4 ikesa enc aes-256,aes-192,aes-128,3des prf hmac-sha2-25 6,hmac-sha1 auth hmac-sha2-256,hmac-sha1 group modp2048,modp1536,modp1024 childsa enc aes-256,aes-192,aes-128 auth hmac-sha2-256,hmac-sha1 srcid initiator lifetime 10800 bytes 536870912 rsa tag "IKED" spi=0x9b7bbe0baad5565b: send IKE_SA_INIT req 0 peer 1.2.3.4:500 local 0.0.0.0:500, 510 bytes spi=0x9b7bbe0baad5565b: recv IKE_SA_INIT res 0 peer 1.2.3.4:500 local 192.168.5.2:500, 451 bytes, policy 'policy1' spi=0x9b7bbe0baad5565b: send IKE_AUTH req 1 peer 1.2.3.4:4500 local 192.168.5.2:4500, 784 bytes, NAT-T (... repeat forever) Thanks for your insights. Best regards, Jona JOACHIM smime.p7s Description: S/MIME Cryptographic Signature
Re: ownership of mailboxes with dovecot
On 2019-12-31, Roderick wrote: > > On Tue, 31 Dec 2019, Eike Lantzsch wrote: > >> I'm using an IMAP mailserver with dovecot which is entirely limited to my >> local network. >> It pulls my external mail with fetchmail. [...] >> user username1@foodomain.local.fantasea mailbox is owned by vmail [...] >> Obviously dovecot has other ideas about security than OpenBSD. > > Is dovecot or fetchmail who create the mailboxes?! > >> Can I remedy this (then: how?) or should I go on to ignore this warning? > > Perhaps configuring fetchmail? Maybe the best approach would be to configure fetchmail to forward mail to the Dovecot LDA, for example over LMTP. This way only Dovecot ever writes to the mailbox and you have the added benefit of using additional features such as sieve and indexed mailboxes. Best regards, Jona
relayd WebDAV / CalDAV
Hi, I'm trying to replace my nginx setup with httpd + relayd. I want to use relayd for virtual hosts and "TLS acceleration". I have trouble with my Radicale CalDAV service. Radicale listens on localhost port 5232. relayd forwards the connection correctly until the client issues an http PROPFIND request. At that point relayd returns 500 Internal server error. It seems relayd is not happy with webdav requests. Is there a way to tell it to transparently forward unknown requests? Here's my old nginx config: % cat /etc/nginx/sites/radicale.conf server { listen 443; server_name radicale.my.domain; ssl on; ssl_certificate /etc/nginx/certs/radicale.crt; ssl_certificate_key /etc/nginx/certs/radicale.key; location / { proxy_passhttp://127.0.0.1:5232; } } Here's the replacement relayd config: % cat /etc/relayd.conf table { 127.0.0.1 } table { 127.0.0.1 } hostradicale="radicale.my.domain" log updates # Protocols http protocol "tlsvhosts" { return error pass match request header "Host" value $hostradicale forward to } # Relay rules relay tlsaccel { listen on egress port 443 tls protocol "tlsvhosts" forward to port 80 check tcp forward to port 5232 check tcp }
Re: OpenBSD Songs - License
On 2016-08-05, <46rc1p+8qbgq1pcsq...@guerrillamail.com> <46rc1p+8qbgq1pcsq...@guerrillamail.com> wrote: > Hi all, > > I've just discovered the OpenBSD Songs, but unfortunately I can't > tell under which license they've been released. It would be really helpful if > you could update your website with this information See: http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/telephony/asterisk-openbsd-moh/Makefile?rev=1.24=text/x-cvsweb-markup # Copyright held by Theo; ok for non-commercial-redistribution Best regards, Jona
Re: LPR/LPD does not run filters
On 2015-10-27, Stuart Henderson <s...@spacehopper.org> wrote: > On 2015-10-25, Jona Joachim <j...@joachim.cc> wrote: >> Hi, >> I was tired of CUPS so I decided keep it simple and stupid and use >> lpd/lpr. Strangely, things don't work out as expected. It seems that >> lpd never executes input filters. >> >> Here is the content of /etc/printcap: >> lp|hl6050|Brother HL6050:\ >> :lp=:rm=hl6050.lan:\ >> :if=/home/jaj/bin/printbrother.sh:\ >> :sh: >> >> mg3150|canon|Canon MG3150:\ >> :lp=:rm=canon.lan:\ >> :if=/home/jaj/bin/printcanon.sh:\ >> :sh: >> >> Here is the content of printcanon.sh: >> #!/bin/sh >> >> logger "printcanon called $@" >> >> /usr/local/bin/a2ps -BRq --columns=1 -o - | \ >> /usr/local/bin/foomatic-rip -q -P Canon-PIXMA-MG3150 \ >> --ppd /home/jaj/bin/Canon-PIXMA-MG3150-ijs-simplified.ppd >> >> printbrother.sh is the same except for driver and ppd. >> Both scripts are executable. >> I never see the "printcanon called" message in syslog and the printers >> get incorrect data. The first printer understands a subset of >> postscript so it prints fine, the second printer however does not. >> If I run a document manually through the filter and the enqueue it to >> lpr, the printers are more than happy to print. >> >> I see no error nowhere. >> >> $ cat /var/log/lpd-errs >> Oct 25 07:47:01 asterix lpd[9652]: restarted >> Oct 25 14:57:06 asterix lpd[17953]: restarted >> >> $ cat /var/spool/output/lpd/status >> sending to hl6050.lan >> >> I went through the code of lpd to see where things could go wrong but >> it's a bit complex and I couldn't understand the bits. >> >> Does anybody know where I could look to solve this? >> >> Best regards, >> Jona >> >> > > Does the lpd user have permission to run those scripts? Maybe run lpd > under ktrace -i for more clues. lpd filters definitely worked in -current > as of April because I was using them for the music queue at p2k15. I found out that it is related to using 'rm' instead of 'lp'. It executes filters if I set lp=5...@hl6050.lan. It does not if I set rm=hl6050.lan.
Re: LPR/LPD does not run filters
On 2015-10-27, Stuart Henderson <s...@spacehopper.org> wrote: > On 2015-10-25, Jona Joachim <j...@joachim.cc> wrote: >> Hi, >> I was tired of CUPS so I decided keep it simple and stupid and use >> lpd/lpr. Strangely, things don't work out as expected. It seems that >> lpd never executes input filters. >> >> Here is the content of /etc/printcap: >> lp|hl6050|Brother HL6050:\ >> :lp=:rm=hl6050.lan:\ >> :if=/home/jaj/bin/printbrother.sh:\ >> :sh: >> >> mg3150|canon|Canon MG3150:\ >> :lp=:rm=canon.lan:\ >> :if=/home/jaj/bin/printcanon.sh:\ >> :sh: >> >> Here is the content of printcanon.sh: >> #!/bin/sh >> >> logger "printcanon called $@" >> >> /usr/local/bin/a2ps -BRq --columns=1 -o - | \ >> /usr/local/bin/foomatic-rip -q -P Canon-PIXMA-MG3150 \ >> --ppd /home/jaj/bin/Canon-PIXMA-MG3150-ijs-simplified.ppd >> >> printbrother.sh is the same except for driver and ppd. >> Both scripts are executable. >> I never see the "printcanon called" message in syslog and the printers >> get incorrect data. The first printer understands a subset of >> postscript so it prints fine, the second printer however does not. >> If I run a document manually through the filter and the enqueue it to >> lpr, the printers are more than happy to print. >> >> I see no error nowhere. >> >> $ cat /var/log/lpd-errs >> Oct 25 07:47:01 asterix lpd[9652]: restarted >> Oct 25 14:57:06 asterix lpd[17953]: restarted >> >> $ cat /var/spool/output/lpd/status >> sending to hl6050.lan >> >> I went through the code of lpd to see where things could go wrong but >> it's a bit complex and I couldn't understand the bits. >> >> Does anybody know where I could look to solve this? >> >> Best regards, >> Jona >> >> > > Does the lpd user have permission to run those scripts? Maybe run lpd > under ktrace -i for more clues. lpd filters definitely worked in -current > as of April because I was using them for the music queue at p2k15. Well, specifying 'lp' instead of 'rm' does make it run filters, but the job is not sent to the printer, even when I use the port@host format from the man page. As soon as I set 'rm', filters are no longer executed.
LPR/LPD does not run filters
Hi, I was tired of CUPS so I decided keep it simple and stupid and use lpd/lpr. Strangely, things don't work out as expected. It seems that lpd never executes input filters. Here is the content of /etc/printcap: lp|hl6050|Brother HL6050:\ :lp=:rm=hl6050.lan:\ :if=/home/jaj/bin/printbrother.sh:\ :sh: mg3150|canon|Canon MG3150:\ :lp=:rm=canon.lan:\ :if=/home/jaj/bin/printcanon.sh:\ :sh: Here is the content of printcanon.sh: #!/bin/sh logger "printcanon called $@" /usr/local/bin/a2ps -BRq --columns=1 -o - | \ /usr/local/bin/foomatic-rip -q -P Canon-PIXMA-MG3150 \ --ppd /home/jaj/bin/Canon-PIXMA-MG3150-ijs-simplified.ppd printbrother.sh is the same except for driver and ppd. Both scripts are executable. I never see the "printcanon called" message in syslog and the printers get incorrect data. The first printer understands a subset of postscript so it prints fine, the second printer however does not. If I run a document manually through the filter and the enqueue it to lpr, the printers are more than happy to print. I see no error nowhere. $ cat /var/log/lpd-errs Oct 25 07:47:01 asterix lpd[9652]: restarted Oct 25 14:57:06 asterix lpd[17953]: restarted $ cat /var/spool/output/lpd/status sending to hl6050.lan I went through the code of lpd to see where things could go wrong but it's a bit complex and I couldn't understand the bits. Does anybody know where I could look to solve this? Best regards, Jona
Re: LPR/LPD does not run filters
On 2015-10-25, Predrag Punosevacwrote: >> Hi, >> I was tired of CUPS so I decided keep it simple and stupid and use >> lpd/lpr. Strangely, things don't work out as expected. It seems that >> lpd never executes input filters. >> >> Here is the content of /etc/printcap: >> lp|hl6050|Brother HL6050:\ >> :lp=:rm=hl6050.lan:\ >> :if=/home/jaj/bin/printbrother.sh:\ >> :sh: >> >> mg3150|canon|Canon MG3150:\ >> :lp=:rm=canon.lan:\ >> :if=/home/jaj/bin/printcanon.sh:\ >> :sh: >> >> Here is the content of printcanon.sh: >> #!/bin/sh >> >> logger "printcanon called $@" >> >> /usr/local/bin/a2ps -BRq --columns=1 -o - | \ >> /usr/local/bin/foomatic-rip -q -P Canon-PIXMA-MG3150 \ >> --ppd /home/jaj/bin/Canon-PIXMA-MG3150-ijs-simplified.ppd >> >> printbrother.sh is the same except for driver and ppd. >> Both scripts are executable. >> I never see the "printcanon called" message in syslog and the printers >> get incorrect data. The first printer understands a subset of >> postscript so it prints fine, the second printer however does not. >> If I run a document manually through the filter and the enqueue it to >> lpr, the printers are more than happy to print. >> >> I see no error nowhere. >> >> $ cat /var/log/lpd-errs >> Oct 25 07:47:01 asterix lpd[9652]: restarted >> Oct 25 14:57:06 asterix lpd[17953]: restarted >> >> $ cat /var/spool/output/lpd/status >> sending to hl6050.lan >> >> I went through the code of lpd to see where things could go wrong but >> it's a bit complex and I couldn't understand the bits. >> >> Does anybody know where I could look to solve this? >> >> Best regards, >> Jona >> > > Have you checked ports mailing list? I posted this about a year ago. > > > I know that many people were very frustrated when upstream broke > foomatic-rip for LPD users. Thanks to Antoine Jacoutot many of us will > be CUPS free for years to come. I am leaving internet trace for people > who would be looking for the info but Antoine documentation > > /usr/local/share/doc/pkg-readmes/cups-filters-1.0.54p2 > > is golden standard. > > In the nut shell what I did: Yes, you did exactly the same as me.
Re: iked rsa pki configuration
On 2015-08-19, Sebastien Marie sema...@openbsd.org wrote: On Wed, Aug 19, 2015 at 10:33:54AM +0200, Reyk Floeter wrote: I attached a diff that generates new .cnf files by expanding the variables in the source .cnf files and generating target .cnf files. It works with both, ikeca.cnf and x508v3.cnf (ignore the warnings), but you/we should install ikeca.cnf to /etc/ssl/ by default. There are more pending changes for ikectl (eg. from semarie@), but I'd like to fix this first. OK? Reyk Index: Makefile === RCS file: /cvs/src/usr.sbin/ikectl/Makefile,v retrieving revision 1.3 diff -u -p -u -p -r1.3 Makefile --- Makefile 18 Jan 2014 05:54:51 - 1.3 +++ Makefile 19 Aug 2015 08:12:39 - @@ -3,7 +3,7 @@ .PATH: ${.CURDIR}/../../sbin/iked PROG= ikectl -SRCS= log.c ikeca.c ikectl.c parser.c +SRCS= log.c ikeca.c ikectl.c parser.c util.c util.c is missing from diff util.c is pulled in from the iked folder. It is already in the tree.
Re: iked rsa pki configuration
On 2015-08-19, Reyk Floeter r...@openbsd.org wrote: On Wed, Aug 19, 2015 at 02:04:47PM +1000, Jonathan Gray wrote: On Tue, Aug 18, 2015 at 09:22:14PM +0200, Reyk Floeter wrote: On Tue, Aug 18, 2015 at 02:26:29PM +, Jona Joachim wrote: Hi, I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between two OpenBSD boxes running a recent amd64 snapshot. The client is behing a NAT. The setup works with a PSK but I cannot make it work with RSA certificates. No matter what I tried, the client seems to fail connecting with: ca_getreq: no valid local certificate found I turn to the mailing list to see if anybody can point me into the right direction. I loosely followed the following guide: http://puffysecurity.com/wiki/openikedoffshore.html I will try to shorten the command output to make it more readable. There is an OpenSSL error during the creation of the CA concerning a missing element in openssl.cnf. I did not modify openssl.cnf. On the server side I did the following: # ikectl ca ikeca create [...] Signature ok subject=/C=NL/CN=ikeca/emailAddress=j...@joachim.cc Getting Private key Using configuration from /etc/ssl/openssl.cnf variable lookup failed for ca::default_ca 7504668282756:error:0E06D06C:configuration file routines:NCONF_get_string:no value:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/conf/conf_lib.c:323:group=ca name=default_ca It seems that the changes in LibreSSL (or newer OpenSSL before the fork) broke some things in ikectl. Specifically, the possibility to overwrite variables like CERTIP or CERTFQDN via $ENV:: options in x509v3.cnf ikeca.cnf* seems to be broken; or not longer supported because of security concerns. Your log file gives a hint that the default CERTFQDN = nohost.nodomain value from /etc/ssl/x509v3.cnf (or /etc/ssl/ikeca.cnf) is used instead of the CERTFQDN overwrite from the environment (as set by ikectl): ca_getreq: found CA /C=NL/CN=ikeca/emailAddress=j...@joachim.cc ca_x509_subjectaltname: FQDN/nohost.nodomain ca_x509_subjectaltname_cmp: FQDN/nohost.nodomain mismatched ca_getreq: no valid local certificate found If libressl no longer supports $ENV in the .cnf files, we have to find another way, eg. by generating and using a .cnf file for each certificate. LibreSSL purposefully removed support for environment variables in http://marc.info/?l=openbsd-cvsm=142876823016723w=2 http://marc.info/?l=openbsd-cvsm=142876823016723w=2 So another way is indeed needed. In this case, LibreSSL was Theo who unintentionally broke ikectl. I attached a diff that generates new .cnf files by expanding the variables in the source .cnf files and generating target .cnf files. It works with both, ikeca.cnf and x508v3.cnf (ignore the warnings), but you/we should install ikeca.cnf to /etc/ssl/ by default. The patch fixes certificate generation for me. SubjectAltName gets set correctly and iked is happy. It is unfortunate that openssl does not accept SANs as command line arguments. I like the nice stringe expansion solution. Maybe libtls will wrap this up nicely, making it possible to generate the certificates through the API.
Re: iked rsa pki configuration
On 2015-08-18, Reyk Floeter r...@openbsd.org wrote: On Tue, Aug 18, 2015 at 02:26:29PM +, Jona Joachim wrote: Hi, I'm currently trying to setup a road warrior IKEv2 IPSEC tunnel between two OpenBSD boxes running a recent amd64 snapshot. The client is behing a NAT. The setup works with a PSK but I cannot make it work with RSA certificates. No matter what I tried, the client seems to fail connecting with: ca_getreq: no valid local certificate found I turn to the mailing list to see if anybody can point me into the right direction. I loosely followed the following guide: http://puffysecurity.com/wiki/openikedoffshore.html I will try to shorten the command output to make it more readable. There is an OpenSSL error during the creation of the CA concerning a missing element in openssl.cnf. I did not modify openssl.cnf. On the server side I did the following: # ikectl ca ikeca create [...] Signature ok subject=/C=NL/CN=ikeca/emailAddress=j...@joachim.cc Getting Private key Using configuration from /etc/ssl/openssl.cnf variable lookup failed for ca::default_ca 7504668282756:error:0E06D06C:configuration file routines:NCONF_get_string:no value:/usr/src/lib/libcrypto/crypto/../../libssl/src/crypto/conf/conf_lib.c:323:group=ca name=default_ca It seems that the changes in LibreSSL (or newer OpenSSL before the fork) broke some things in ikectl. Specifically, the possibility to overwrite variables like CERTIP or CERTFQDN via $ENV:: options in x509v3.cnf ikeca.cnf* seems to be broken; or not longer supported because of security concerns. Your log file gives a hint that the default CERTFQDN = nohost.nodomain value from /etc/ssl/x509v3.cnf (or /etc/ssl/ikeca.cnf) is used instead of the CERTFQDN overwrite from the environment (as set by ikectl): ca_getreq: found CA /C=NL/CN=ikeca/emailAddress=j...@joachim.cc ca_x509_subjectaltname: FQDN/nohost.nodomain ca_x509_subjectaltname_cmp: FQDN/nohost.nodomain mismatched ca_getreq: no valid local certificate found If libressl no longer supports $ENV in the .cnf files, we have to find another way, eg. by generating and using a .cnf file for each certificate. As a workaround, you could try to edit CERTFQDN/CERTIP in x509v3.cnf/ikeca.cnf manually before generating the certificate. Manually editing x509v3.cnf permitted to create valid certificates and solved the problem. Strange that I am the first one to run into this problem. Thank you very much for the quick support!
Re: Ubiquiti EdgeRouter Lite
On 2015-08-18, Ted Unangst t...@tedunangst.com wrote: Predrag Punosevac wrote: Dear All, I am contemplating buying a new machine which will act as a router/DNS caching server for my home network. Is anybody currently running OpenBSD on the Ubiquiti Networks EdgeRouter LITE in that capacity? I saw that in June 2015 USB support was added which allows installing to local disk on machine. Can anybody point me to a work in progress documentation diff for installing 5.8 octeon port. I am reading right now Here are my notes, which are basic, but should be enough to get you through if you're familiar with openbsd. http://www.tedunangst.com/flak/post/OpenBSD-on-ERL Thank you very much for the write-up! I'm looking into buying hardware to build a small OpenBSD home router and this looks interesting. You say that the machine will not be able to serve as an IPSEC gateway. Is that when you consider Gigabit ethernet or do you think that even a 10 Mbit connection will require too much computational power to do IPSEC on this machine? You also mention the usb driver which is not so reliable. I don't see a USB port on the machine. Is this an internal bus? I would be interested to use it with hostapd with a usb wifi nic. Kindly, Jona Joachim
iked rsa pki configuration
config_free_proposals: free 0x1321b9042c00 ca_getreq: found CA /C=NL/CN=ikeca/emailAddress=j...@joachim.cc ca_x509_subjectaltname: FQDN/nohost.nodomain ca_x509_subjectaltname_cmp: FQDN/nohost.nodomain mismatched ca_getreq: no valid local certificate found ca_setauth: auth length 272 ikev2_getimsgdata: imsg 18 rspi 0xbefb86b890333bf9 ispi 0xbd1fee3cb9ebd386 initiator 1 sa valid type 0 data length 0 ikev2_dispatch_cert: cert type NONE length 0, ignored ikev2_getimsgdata: imsg 23 rspi 0xbefb86b890333bf9 ispi 0xbd1fee3cb9ebd386 initiator 1 sa valid type 14 data length 272 ikev2_dispatch_cert: AUTH type 14 len 272 sa_stateflags: 0x00 - 0x04 auth (required 0x05 cert,auth) sa_stateok: SA_INIT flags 0x04, require 0x05 cert,auth ikev2_init_ike_sa: policy1 is already active Kind regards, Jona Joachim
Re: cdce0 in ifconfig
On 2015-04-29, Cristián Edwards cri...@gmail.com wrote: Problem is that only the ugen driver is present... so I think there is no chance of speaking with the modem. Will read the link thoruoughly You have a cdce device. As sthen@ already kindly suggested, you should be able to just do dhclient cdce0.
Re: 500 httpd error with owncloud
On 2014-12-29, Clemens Gößnitzer e1126...@student.tuwien.ac.at wrote: Hey, Since your initial email you have not included any config files, i.e. httpd.conf, etc. Would you, perhaps, care to share them with us? My shew stone is being serviced. Of course. Here they are: # cat /etc/httpd.conf server default { listen on wpi0 port 80 directory { no index, index index.php } location *.php { fastcgi socket /run/php-fpm.sock } } types { include /usr/share/misc/mime.types } /etc/php-5.5.ini: everything default except the values mentioned in the pkg-readme of owncloud: allow_url_fopen = On memory_limit = 512M upload_max_filesize = 1024M # to accept large files upload post_max_size = 1030M# sync with above value all other php module config files unchanged, and active according to phpinfo(). # cat /var/www/owncloud/config/config.php ?php $CONFIG = array ( 'instanceid' = 'MY_ID', 'passwordsalt' = 'MY_PW-SALT', 'secret' = 'MY_SECRECT', 'trusted_domains' = array ( 0 = '192.168.178.49', ), 'datadirectory' = '/owncloud-data', 'overwrite.cli.url' = 'http://192.168.178.49/owncloud', 'dbtype' = 'sqlite3', 'version' = '7.0.4.2', 'dbname' = 'owncloud_db', 'dbhost' = '127.0.0.1', 'dbtableprefix' = 'oc_', 'dbuser' = 'oc_clemens', 'dbpassword' = 'MY_DB-PASSWORD', 'installed' = true, ); Was the sqlite database created? 'installed = true' means that it assumes that the database is functional and it will not be initialized. Also you will not need the hostname, user, db prefix, etc. with sqlite. Also make sure that you don't need any url rewrites. I'm using owncloud-6.0.4 and the documentation recommends url rewrites which are not mandatory for owncloud to work but perhaps this changed in the new version. Perhaps you should try with nginx and the recommended configuration and see if it works and then go back to httpd. Best regards, Jona
Re: fastcgi support in httpd(8)
On 2014-11-22, Riley Baird bm-2cvqnduybau5do2dfjtrn7zbaj246s4...@bitmessage.ch wrote: Hi, I am running OpenBSD 5.6-stable (without the X packages). I have successfully setup the httpd(8) webserver, but only for static webpages. I have been unable to get cgi (perl) scripts to run. That is because httpd(8) does not support plain CGI. It supports FastCGI which is an entirely different thing. You probably want to run slowcgi(8) which is a a FastCGI to CGI wrapper server. Best regards, J JOACHIM
Re: I have several questions
On 2014-08-11, Theo de Raadt dera...@cvs.openbsd.org wrote: Did you use separate disk partitions, or just make one big / partition? If the latter, that would *probably* stop the signature verification from being possible. By installation files I mean installation files on CD The installation program says it can't verify and I have to make an answer to let installation program go ahead You mean you used the install*.iso or install*.fs files for installation. This is documented that these media do not have signatures for the contents inside themselves. For those install methods you have to verify the install media files themselves beforehands. Did you do that? You didn't, did you. And then you booted that on your machine? Tsk tsk. This is the least of your problems... This has not been an problem in the last twenty or so years. Best regards, J JOACHIM
Audio output to multiple devices
Hello, if I have multiple audio devices rsnd/0 and rsnd/1, is it possible to duplicate the output of one program and play it across both devices at the same time? I went through the sndio manual but I could not find a way to do this. Best regards, Jona
Re: Audio output to multiple devices
On 2014-07-31, Alexandre Ratchov a...@caoua.org wrote: On Thu, Jul 31, 2014 at 04:26:11PM +, Jona Joachim wrote: Hello, if I have multiple audio devices rsnd/0 and rsnd/1, is it possible to duplicate the output of one program and play it across both devices at the same time? I went through the sndio manual but I could not find a way to do this. hi, that isn't possible yet. You could duplicate it across two sub-devices of the same hardware device though (eg. rear speakers and front speakers). Thank you very much!
Re: Gnome 3, toad and my android phone
On 2014-05-24, Nils R m...@hxgn.net wrote: Hi misc@, i'm currently trying to find an easy way to copy the pictures i made with my android phone to my openbsd -current machine. To make things easy, i installed the gnome, gnome-extras and toad (like advised in [1].) My usb sticks mount fine, but the android phone is only seen by the system, but not mounted by toad in any way (neither when i tell it to connect over MTP, nor over PTP.) Relevant snippet from dmesg: ugen0 at uhub2 port 2 motorola XT1032 rev 2.00/2.28 addr 2 mtp-detect finds the device, the output of this command is attached. So far i haven't tried to sync files over the command line, and would like to avoid this. Is there a way to make it work with toad, or do i have to rely on file sync via commadline/sftp or something like that? MTP support is scarce in OpenBSD for the moment. If your phone supports USB mass storage mode then you should probably use that. If not, you can try jmtpfs from the openbsd-wip ports: https://github.com/jasperla/openbsd-wip/tree/master/sysutils/jmtpfs It mounts the MTP filesystem with fuse(4). However it is quite unstable for me. If you only want to copy your pictures, the most reliable way is to use graphics/gphoto2 (for example gphoto2 --get-all-files). Best regards, Jona
Re: Gnome 3, toad and my android phone
On 2014-05-24, Nils R m...@hxgn.net wrote: Jona Joachim schrieb am 24.05.2014 12:06: On 2014-05-24, Nils R m...@hxgn.net wrote: Hi misc@, i'm currently trying to find an easy way to copy the pictures i made with my android phone to my openbsd -current machine. To make things easy, i installed the gnome, gnome-extras and toad (like advised in [1].) My usb sticks mount fine, but the android phone is only seen by the system, but not mounted by toad in any way (neither when i tell it to connect over MTP, nor over PTP.) Relevant snippet from dmesg: ugen0 at uhub2 port 2 motorola XT1032 rev 2.00/2.28 addr 2 mtp-detect finds the device, the output of this command is attached. So far i haven't tried to sync files over the command line, and would like to avoid this. Is there a way to make it work with toad, or do i have to rely on file sync via commadline/sftp or something like that? MTP support is scarce in OpenBSD for the moment. If your phone supports USB mass storage mode then you should probably use that. If not, you can try jmtpfs from the openbsd-wip ports: https://github.com/jasperla/openbsd-wip/tree/master/sysutils/jmtpfs It mounts the MTP filesystem with fuse(4). However it is quite unstable for me. If you only want to copy your pictures, the most reliable way is to use graphics/gphoto2 (for example gphoto2 --get-all-files). Best regards, Jona Hi Jona, thanks, i'll try that out as well. Pictures are the most important thing, but access to my videos, music and the filesystem in general (to sync my flash cards from mnemosyne) would be very nice, too. To my understanding, there is no (working) bluetooth support on openbsd either yet. Bluetooth support existed but was removed because the code was unmaintained and interest was lacking. gphoto2 copies videos and maybe audio (at least there is a --get-all-audio-data option) Best regards, Jona
Yaifo 5.5 amd64
Hi, since the upgrade from 5.4 to 5.5 can be quite dangerous when done manually with only remote access, I patched yaifo to upgrade my personal server. It is functional only for amd64, I did not test any other platform. For those who are interested, you can find the patched version here: http://joachim.cc/files/yaifo55.tar.gz Best regards, Jona JOACHIM
Re: Yaifo WIP
On 2014-02-09, Stuart Henderson s...@spacehopper.org wrote: On 2014-02-08, Jona Joachim j...@joachim.cc wrote: Hello, I've been in need for yaifo for quite some time now, so I decided to bring up some patches to make it work with -CURRENT. Seems like a good time to ask: with the new autoinstall(8) functionality, do you still need yaifo? Are there any small changes to the auto installer that would help the standard installer replace yaifo in more situations? I think yaifo is very useful for situations where the machine is in some datacenter where you do not control the network infrastructure and don't have local access. In this case, you do not control the dhcp server (if there is one) and autoinstall cannot work. If autoinstall had the option to read the config files from the local hard drive this could be addressed. One of the advantages of yaifo is also that you can see in real-time if things go wrong during the upgrade and correct the errors (broken mirrors, changes to devices, etc.) autoinstall is definitely a great feature, I haven't tried it out so far. Best regards, Jona
Yaifo WIP
Hello, I've been in need for yaifo for quite some time now, so I decided to bring up some patches to make it work with -CURRENT. This is work in progress. I only built it on amd64, maybe it will build on i386 but it will certainly not work for other architectures. yaifo.rd boots but you cannot do much via ssh because it fails to allocate a pty: asterix% ssh root@10.0.0.17 PTY allocation request failed on channel 0 Welcome to the OpenBSD/amd64 5.5 installation program. So basically you can type commands but don't get any output. I don't know why this happens, I even tried to add the pty pseudo-device to the kernel config file without success. yaifo.fs does not work, it cannot find the kernel to boot. installboot throws some warnings but I don't have enough understanding of the boot process to figure out right now what's going wrong. If anybody wants to have a look, here is the patched tarball: http://joachim.cc/files/yaifo-55beta-wip.tar.gz I was able to build it against OpenBSD 5.5 GENERIC.MP#284 amd64. Best regards, Jona
Re: Yaifo WIP
On 2014-02-08, Jona Joachim j...@joachim.cc wrote: Hello, I've been in need for yaifo for quite some time now, so I decided to bring up some patches to make it work with -CURRENT. This is work in progress. I only built it on amd64, maybe it will build on i386 but it will certainly not work for other architectures. yaifo.rd boots but you cannot do much via ssh because it fails to allocate a pty: asterix% ssh root@10.0.0.17 PTY allocation request failed on channel 0 As Miod suggested off list, this was due to the fact that the necessary devices were not created in /dev. This is fixed in the updated tarball: http://joachim.cc/files/yaifo-55beta-wip.tar.gz asterix% ssh root@10.0.0.17 Enter passphrase for key '/home/jaj/.ssh/id_rsa': Welcome to YAIFO: The network-based installer for OpenBSD. Welcome to the OpenBSD/amd64 5.5 installation program. (I)nstall, (U)pgrade or (S)hell?
Re: cwm rocks : but...
On 2013-10-05, Thomas Pfaff tpf...@tp76.info wrote: On Sat, 5 Oct 2013 23:10:07 +0200 Thomas Pfaff tpf...@tp76.info wrote: * can the openbsd 'xdm' be made to look equally minimalistic? (i tried fiddling with the resources, made my system freeze). best. I like this -- http://tp76.info/stuff/slim-login.png I should probably also have said that this is x11/slim with a custom theme (also found here -- http://tp76.info/stuff/SLIM-Puffy.tar.gz). The question was about xdm which is not x11/slim. By the way, there is an x11/slim-themes package which has an OpenBSD theme. Best regards, Jona
installboot invalid boot record signature, yaifo
Hi, I'm currently patching yaifo to make it work with -CURRENT. The build is going fine, however I'm stuck at an installboot error which I don't understand. /usr/bin/sudo /usr/mdec/installboot -v /mnt/boot /usr/mdec/biosboot /dev/rvnd0c boot: /mnt/boot proto: /usr/mdec/biosboot device: /dev/rvnd0c installboot: disklabel type unknown /mnt/boot is 9 blocks x 8192 bytes fs block shift 1; part offset 0; inode block 32, offset 936 master boot record (MBR) at sector 0 installboot: invalid boot record signature (0x) @ sector 0 I don't understand why installboot fails here and I can't find a reference to the error. Can anybody explain to me what is going wrong? You can find the whole log attached. Best regards, Jona [demime 1.01d removed an attachment of type application/octet-stream which had a name of make2.log]
Re: Starting popa3d ...
On 2011-09-13, samt samtw...@gmail.com wrote: On 13/09/2011 9:04 PM, Tor Houghton wrote: On Tue, Sep 13, 2011 at 12:19:21PM +0930, David Walker wrote: Hi. uname -rsv OpenBSD 5.0 GENERIC#39 I'm gearing up to use popa3d and testing it on a machine. I tried the following in rc.conf.local (where V is version number and exeunt) ... popa3d_flags=-D popa3d_flags=-V popa3d_flags=-D -V ... and it does not start. Even though I see this in RC.D(8) ... snip popa3d is started by inetd; for example $ grep -i pop /etc/inetd.conf 127.0.0.1:pop3 stream tcp nowait root/usr/sbin/popa3d popa3d in my case, i only listen on localhost (connections to this daemon gets forwarded by stunnel or ssh). kind regards, tor houghton Short answer to OP: Not all binaries that can be run as services have rc.d(8) control scripts. Quick and dirty way to find out if you can run the daemon that way: grep popa3d /etc/rc.conf Best regards, Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: dhclient implementation
On 2011-08-27, I??igo Ortiz de Urbina inigoortizdeurb...@gmail.com wrote: On Sat, Aug 27, 2011 at 1:01 AM, Jona Joachim j...@hcl-club.lu wrote: On 2011-08-26, I??igo Ortiz de Urbina inigoortizdeurb...@gmail.com wrote: Supersede gives me what I want. It just felt weird those entries ended up on resolv.conf when I had not requested them. Thanks and sorry for the noise. This is expected behaviour for the prepend option, it does just that: request the name servers and prepend the one(s) you supplied. That way by default the system will use the name server you supplied in the configuration file but will fall back to the ones given by your router in case the first name server is not reachable. As I said Jona offlist, yes, I understand that behavior. I did not say anything off list.
Re: dhclient implementation
On 2011-08-26, I?igo Ortiz de Urbina tarom...@gmail.com wrote: Hi all users and developers I simply noticed what I would call a weird behaviour on my 32 bit 4.9 GENERIC#671 box's dhclient, which I hope is not the expected behavior. While reading RFC2131, I didnt find any sentence stating or implying that is the desired behavior, as in a server MUST Say I run a local instance of named on my machine. I dont want dhcp to overwrite my resolv.conf, so I add the classical prepend dns-name-servers to my dhclient.conf. I capture the traffic while asking for an IP address (no prior leases) and I can see how DHCP packets do not request DNS servers. However, which I am afraid happens more often than not, my crappy Comtrend domestic router ignores the request and simply decides to always answer including my ISPs DNS servers. I could check this with Wireshark also. The result is resolv.conf has 3 nameserver entries, instead of the only one I want to prepend. Not sure I understand exactly what you mean but perhaps you want supersede instead of prepend. Best regards, Jona
Re: dhclient implementation
On 2011-08-26, I??igo Ortiz de Urbina inigoortizdeurb...@gmail.com wrote: Supersede gives me what I want. It just felt weird those entries ended up on resolv.conf when I had not requested them. Thanks and sorry for the noise. This is expected behaviour for the prepend option, it does just that: request the name servers and prepend the one(s) you supplied. That way by default the system will use the name server you supplied in the configuration file but will fall back to the ones given by your router in case the first name server is not reachable. Best regards, Jona
Re: status of ACPI suspend/resume on Thinkpad T60 w/ T7200 processor?
On Sat, Aug 06, 2011 at 03:24:42AM +0200, Benny Lofgren wrote: On 2011-08-05 17.51, Pedro la Peu wrote: On Friday 05 August 2011 13:35:16 Jona Joachim wrote: There are other resume related problems on my Stinkpad Z61M (console is blank after resume and bge0 can no longer get a link) but at least the machine and X resume enough to be useful. I've got a Z61p with what I assume is similar hardware (haven't got mine handy right now so can't get a dmesg) and exactly the same symptoms. The resume would indeed be useful even with the blank text console if only the network got back online, but alas no. If memory serves, not even the wpi wifi survives a suspend/resume cycle. wpi(4) did come back nicely back when resume worked on my T60. However the console never survived a resume, only X was usable. Best regards, Jona
Re: status of ACPI suspend/resume on Thinkpad T60 w/ T7200 processor?
On 2011-08-04, Mike Larkin mlar...@azathoth.net wrote: On Thu, Aug 04, 2011 at 09:37:00PM +, Jona Joachim wrote: On 2011-08-04, Jonathan Thornburg jth...@astro.indiana.edu wrote: What's the status of suspend/resume on thinkpad T60 series models, particularly the T60 with T7200 cpu? So far as I know these are ACPI and I know there have been a lot of improvements lately... but on 2010-10-23 Luca Corti luca () fantacast ! it (message http://marc.info/?l=openbsd-miscm=128780398703487w=1) reported Dmesg from my T60 (T7200) below. No big issues, but the fan is in fact a bit loud on OpenBSD, even when running apmd -C. It could even suspend and resume correctly recently, then stopped working but I don't mind since I don't use s/r. [[...]] OpenBSD 4.8-current (GENERIC.MP) #591: Tue Oct 19 11:45:02 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP Does suspend/resume work on T60 as of 4.9-{release,stable}? -current? It does not work in 4.9. I haven't checked -CURRENT but I don't expect it to work on -CURRENT either. It used to work at some point but I think it was a change to the radeon driver that broke it (I assume you have a radeon card). As of now it suspends but does not resume. Does the moon icon stay lit, start blinking, go off? Does the screen backlight light up (even if it's black). Did you try resuming from text mode (eg no X)? When I try to resume it starts blinking. The screen backlight does not light up, the screen stays totally dark, same behaviour with or without X. Best regards, Jona
Re: status of ACPI suspend/resume on Thinkpad T60 w/ T7200 processor?
On 2011-08-04, Jonathan Thornburg jth...@astro.indiana.edu wrote: What's the status of suspend/resume on thinkpad T60 series models, particularly the T60 with T7200 cpu? So far as I know these are ACPI and I know there have been a lot of improvements lately... but on 2010-10-23 Luca Corti luca () fantacast ! it (message http://marc.info/?l=openbsd-miscm=128780398703487w=1) reported Dmesg from my T60 (T7200) below. No big issues, but the fan is in fact a bit loud on OpenBSD, even when running apmd -C. It could even suspend and resume correctly recently, then stopped working but I don't mind since I don't use s/r. [[...]] OpenBSD 4.8-current (GENERIC.MP) #591: Tue Oct 19 11:45:02 MDT 2010 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP Does suspend/resume work on T60 as of 4.9-{release,stable}? -current? It does not work in 4.9. I haven't checked -CURRENT but I don't expect it to work on -CURRENT either. It used to work at some point but I think it was a change to the radeon driver that broke it (I assume you have a radeon card). As of now it suspends but does not resume. Best regards, Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: Laffs with Lennart
On 2011-07-16, Chris Cappuccio ch...@nmedia.net wrote: Lennart Poettering has graced the world with his brilliance one more time. Why? Lennart doesn't think BSD is too relevant anymore. [nolog] This is nothing new, it has been anticipated by BSD developers a long time ago: http://talks.dixongroup.net/nycbsdcon2006/ Best regards, Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: aucat(1) mixing streams from different users
On Tue, Jun 28, 2011 at 11:01:26AM +0200, Alexandre Ratchov wrote: On Mon, Jun 27, 2011 at 02:21:25PM +, Jona Joachim wrote: The simpler -- and most natural imho -- would be configure mpd to use unix domain sockets (instead of TCP) and to run it as your user id instead of _mpd. If you can't, you can cheat by copying mpd's ~/.aucat_cookie in your home directory (it must have mode 0600) this way aucat will consider _mpd and you are the same person. After all, I guess you run _mpd for you ;) I see, this is the new authentication mechanism kicking in :) Thanks for the explanation, now that I know what's causing it, it's easy to fix. Too bad if this works, because nobody will fix mpd to use unix domain sockets by default ;-) Well, just running mpd as my user id fixes the problem, no need for unix domain sockets. I usually try to run daemons that don't need to be reached from outside on unix domain sockets, however with mpd the problem is that not all clients support them. Best regards, Jona -- Worse is better Richard P. Gabriel
aucat(1) mixing streams from different users
Hi, I start mpd and aucat with default settings using rc scripts. aucat thus runs as user _sndio and mpd runs as _mpd. Access to sndio between mpd and programs running as a different user are mutually exclusive, so when mpd is playing music nothing else can access the sound device. According to the aucat(1) manpage: [...] the server can be started by the super-user, [...] but for privacy reasons only one user may have connections to it at a given time. I was wondering if this is intended behaviour because aucat here does not run as root but as _sndio. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: aucat(1) mixing streams from different users
On 2011-06-27, Alexandre Ratchov a...@caoua.org wrote: On Mon, Jun 27, 2011 at 02:42:42PM +0200, Jona Joachim wrote: Hi, I start mpd and aucat with default settings using rc scripts. aucat thus runs as user _sndio and mpd runs as _mpd. Access to sndio between mpd and programs running as a different user are mutually exclusive, so when mpd is playing music nothing else can access the sound device. According to the aucat(1) manpage: [...] the server can be started by the super-user, [...] but for privacy reasons only one user may have connections to it at a given time. I was wondering if this is intended behaviour because aucat here does not run as root but as _sndio. This is ok, the _sndio user is to avoid running the server with root privileges, it's not involved in the authentication process. You can find slightly more details about how it works in the AUTHENTICATION section of the sndio(7) man page. The simpler -- and most natural imho -- would be configure mpd to use unix domain sockets (instead of TCP) and to run it as your user id instead of _mpd. If you can't, you can cheat by copying mpd's ~/.aucat_cookie in your home directory (it must have mode 0600) this way aucat will consider _mpd and you are the same person. After all, I guess you run _mpd for you ;) I see, this is the new authentication mechanism kicking in :) Thanks for the explanation, now that I know what's causing it, it's easy to fix. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: html5 video and browsers
On 2011-05-10, LEVAI Daniel l...@ecentrum.hu wrote: Hi! I'm trying out youtube with html5 videos, and I have few question to the fellow video watchers. In mozilla-firefox I can't even enable html5 in youtube :/ Works perfectly for me. In chrome the video plays, but without sound. In xxxterm everything works perfectly. It also works flawlessly for me in webkit-based browsers like midori or xxxterm. I don't know about chromium though. Is it normal that the fullscreen playback is slow and laggy on a moderate hardware (i386, ThinkPad T60, Intel(R) CPU T2400 @ 1.83GHz)? Why run i386 on a T60? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: html5 video and browsers
On Tue, May 10, 2011 at 02:23:16PM +0200, Paul de Weerd wrote: On Tue, May 10, 2011 at 12:05:00PM +, Jona Joachim wrote: | Is it normal that the fullscreen playback is slow and laggy on a | moderate hardware (i386, ThinkPad T60, Intel(R) CPU T2400 @ 1.83GHz)? | | Why run i386 on a T60? Because that CPU does not support amd64[1]. Oh, well sorry, I didn't know they made them with different CPUs, I thought they all had a 64 bit Core Duo CPU. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: 49.html typo
On 2011-04-26, Christiano F. Haesbaert haesba...@haesbaert.org wrote: On 25 April 2011 17:54, Jona Joachim j...@hcl-club.lu wrote: Very unsignificant but well... [...] Great ! I need this, can we get it in soon ? Who is we? From the looks of your Gravatar, we is probably your group of 13-year-olds. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: DUID's and fstab
On 2011-04-12, Alexander Polakov polac...@gmail.com wrote: * Stuart Henderson s...@spacehopper.org [110412 15:48]: On 2011-04-12, jirib ji...@devio.us wrote: On Tue, 12 Apr 2011 02:06:51 +0400 Alexander Polakov polac...@gmail.com wrote: I am probably misunderstanding something, but are DUID's supposed to be used in place of device filenames in fstab? I suppose they are, so this looks strange to me: % sudo mount f777cc5bbeded528.a mount: can't find fstab entry for f777cc5bbeded528.a. # mount wd0i mount: can't find fstab entry for wd0i. # mount /dev/sd0i # I agree that this feature would be very useful if it would work with DUIDs, especially when mounting disks automatically with hotplugd. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Choosing a window manager...
On 2011-03-15, Bret Lambert bret.lamb...@gmail.com wrote: On Tue, Mar 15, 2011 at 8:03 PM, Kevin Smith openbsd...@gmail.com wrote: I'm deciding between kde, xfce, gnome, and fluxbox (in order of preference). Any experiences? Any relevant security issues on any of them? What you're asking is akin to: Hey everyone, I'm trying to decide between: Catholicism, Judaism, Buddhism, and Hinduism. What's the best? Obviously, the answer is Zoroastrianism. Ahura Mazda bless you all. No, Discordianism it is. -- Worse is better Richard P. Gabriel
Re: FBI And OpenBSD...
On 2010-12-16, Michael Dexter dex...@ambidexter.com wrote: On 12/15/10 2:17 PM, Randy Wrench wrote: The above url carried an article which is disturbing to say the least... Wait a minute... I thought US citizens stayed away from the crypto code to keep it untainted of US export controls. I smell a prank. (And prey that's the case.) See: http://permalink.gmane.org/gmane.comp.security.bugtraq/45620 -- Worse is better Richard P. Gabriel
Re: How to open PDF that requires Adobe 9
On 2010-12-05, Brynet bry...@gmail.com wrote: Hi, Why are you using xpdf? it's so old and crummy :-). print/epdfview, which uses the poppler library. AFAIK the poppler library is based on xpdf code so the result would be about the same. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Advice on learning C as first language
On 2010-11-24, Jan Stary h...@stare.cz wrote: On Nov 24 06:55:20, James Hozier wrote: I read online that the first programming language one learns could be crucial to the person's future programming skills and habits that become ported to other programming languages they learn later Start with LISP, I'm tellin' ya. Come on, LISP is from teh past, learn Haskell already. -- Worse is better Richard P. Gabriel
Re: An OpenBSD smartphone
On 2010-11-17, Ted Unangst ted.unan...@gmail.com wrote: Compared to the hardware available today, the openmoko is ridiculously obsolete. On top of that graphics and wifi documentation is only available under NDA and the reverse engineered Linux drivers are broken. The hardware is slow and buggy and the OpenBSD Moko port is dead. Just don't buy it ;) Best regards, Jona -- Worse is better Richard P. Gabriel
Re: An OpenBSD smartphone
On 2010-11-17, Martin Schr?der mar...@oneiros.de wrote: 2010/11/17 Ted Unangst ted.unan...@gmail.com: Compared to the hardware available today, the openmoko is ridiculously obsolete. And the supplier in question is known to hate Theo and OpenBSD. Obvious troll is obvious. -- Worse is better Richard P. Gabriel
Re: xmobar 0.11.1
On 2010-11-13, Nick open...@acrasis.net wrote: This .xmobarrc Config { font = xft:Sans-8:bold, bgColor = black, fgColor = grey, position = Top, lowerOnStart = False, commands = [ Run Cpu [-L,3,-H,50,--normal,green,--high,red] 10, Run Date %Y-%m-%d %a %H:%M:%S date 10, Run StdinReader ], sepChar = %, alignSep = }{, template = %cpu% } %StdinReader% { fc=#ee9a00%date%/fc } works on Debian 'squeeze' but on OpenBSD 4.8 i386 produces xmobar: /home/nick/.xmobarrc: configuration file contains errors at: Config (line 11, column 6): error reading the commands: this usually means that a command could not be parsed. The error could be located at the begining of the command which follows the offending one. field: [ Run Cpu [-L,3,-H,50,--normal,green,--high,red] 10, Run Date %Y-%m-%d %a %H:%M:%S date 10, Run StdinReader] It does work if I remove use of the 'Cpu' plugin. Help? Hi, the CPU module is disabled on OpenBSD since the implementation is Linux specific. Actually among the Monitor modules only Battery works at the moment. I don't know how to access CPU load information on OpenBSD so I would have to dig the API documentation and I really don't have the time at the moment. However you can probably hack around it by running an external script using the Run Com or PipeReader commands. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Wireless Network GUI
On 2010-10-07, Christiano F. Haesbaert haesba...@haesbaert.org wrote: Why not make a curses GUI ? I find it much more useful than gtk/qt (IMHO). What would be really nice IMHO is to expose an API that gives access to ifconfig functionality so everybody could easily write their own UI. Basically to to write your GUI you need to rewrite part of ifconfig. Also I always wondered whether it is technically possible to scan for APs without losing your connection to your current AP, that would be very handy to implement transparent roaming. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: setting up crypto softraid
On 2010-07-29, Jan Stary h...@stare.cz wrote: I have found myself replicating a tiny script that sets up crypto on most of my recent machines, either in rc.local directly or calling it from rc.local. Is this the right way to do it, or is there some support for it in rc(8) already that I missed? Jan #!/bin/sh RAIDPART=/dev/sd0o CRYPTOFS=/dev/sd1a MOUNTDIR=/crypto bioctl softraid0 | grep CRYPTO\ || bioctl -v -c C -l $RAIDPART softraid0 \ fsck $CRYPTOFS \ mount -v -s -o rw,nodev,nosuid,noatime,softdep $CRYPTOFS $MOUNTDIR The problem is that you can't be sure that the new device that softraid attaches will be sd1. For example if you have a umass(4) connected when you boot things will get mixed up. Earlier today I thought about writing a script based on the hw.sensors.softraid0.drive0 sysctl value which will tell you whether it has been attached correctly and what device was attached. Best regards, Jona -- Worse is better Richard P. Gabriel
uaudio0: audio descriptors make no sense, with logitech webcam
Hi, I have a Logitech C200 webcam which includes a uvideo and a uaudio device for voice recording. The video part works correctly and is usable, however uaudio is not so happy, it complains in dmesg and no audio(4) device is attached: uaudio0: audio descriptors make no sense, error=4 Here's what I get from usbdevs: port 2 addr 2: high speed, power 500 mA, config 1, Webcam C200(0x0802), Logitech(0x046d), rev 0.09, iSerialNumber A0AC6750 And here's the full dmesg output related to this device: uvideo0 at uhub0 port 2 configuration 1 interface 0 Logitech Webcam C200 rev 2.00/0.09 addr 2 video0 at uvideo0 uaudio0 at uhub0 port 2 configuration 1 interface 2 Logitech Webcam C200 rev 2.00/0.09 addr 2 uaudio0: audio descriptors make no sense, error=4 solo% uname -a OpenBSD solo.my.domain 4.7 GENERIC#117 i386 Does anybody know what may be wrong here? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: OpenBSD users.
On 2010-07-17, Mateusz Gierblinski mateusz.gierblin...@gmail.com wrote: Hi misc@ I'm just wondering. Where are you OpenBSD users from? I'm from Belgium, anyone else? Are you aware that by sending such useless mails you are transforming energy and contributing to global warming? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Thanks for the ACPI suspend+resume work!
On 2010-07-09, Antoine Jacoutot ajacou...@bsdfrog.org wrote: On Fri, 9 Jul 2010, Josh Rickmar wrote: A big thank you to everyone who has been working on the ACPI code! Suspend and resume now work nearly flawlessly on my Thinkpad T500 (dmesg below) on the July 8 current snapshot. The only thing I've noticed is that my iwn(4) wifi connection doesn't automaticaly reconnet, but that's minor. Also, wsdisplay seems unhappy. After resume on my T60, X11 comes back but I don't see any output in the console, even though commands I type get executed. I'd also like to thank you all for this work! Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Ordering CDs in Europe becoming increasingly difficult
On 2010-07-08, OpenBSD Europe Orders ord...@openbsdeurope.com wrote: Jona Joachim wrote: Hi, I've been buying every CD release over the last couple of years. I purchased 4.6 from openbsdeurope.com and it was just as comfortable as with Wim the years before. However I haven't purchased 4.7 yet because the ordering involves too much hassle. openbsdeurope.com now requires you to create an account in order to place an order, that's really annoying. On top of that the regex they use to verify your e-mail address is flawed. We see it another way. When we used PayPal exclusively people purchased and _then_ emailed us asking for an address change because they hadn't bothered to update their PayPal information. 'On top of that' we had people _not_ wanting to use PayPal but other various methods, bank transfer, terminal etc etc... Please tell us how to win? I didn't mean to sound rude. It's just that remembering yet another password for an account I use once or twice a year is really annoying especially when it could be easier. You could have a form where the user can enter his address or alternatively hit a use paypal address checkbox or something like that. I like the KISS principle of the SpongiForm ordering system used on openbsd.org. If you had emailed us we would have just taken your order via email and allowed a PayPal payment... like many others have. I will make this very, very clear from the home page. I didn't know that this was an option. I'm not a big fan of PayPal either, I had trouble with them in the past. The easiest for me would be a payement by credit card but I don't know if you can handle that. If you prefer PayPal it's fine, too. I will drop you a mail shortly to place the order. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Set dhcp from command line?
On 2010-07-08, Chet Langin clan...@siu.edu wrote: I would like to set DHCP for an interface from the command line. I have tried... # ifconfig re0 dhcp ..and I get this error... ifconfig: dhcp: bad value Using version 4.5. Can anyone tell me how to do this? dhclient re0 man dhclient man ifconfig -- Worse is better Richard P. Gabriel
Re: GPRS/3G Modem : USB : HUAWEI : K3565
On 2010-05-14, Mayuresh Kathe mayur...@kathe.in wrote: has anyone got the above mentioned device to work under openbsd? if yes, may i know the process to get it working at my end? i'm with vodafone plan in mumbai, india. Could you perhaps send relevant dmesg(8) output of when you plug in the device? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: lpd printing
On 2010-05-07, Chris Bennett ch...@bennettconstruction.biz wrote: On 05/07/10 16:59, Frank Bax wrote: I've never printed from my OpenBSD desktop. I've used lpd on Windows to print to HP printers with HP JetDirect. I read the recent thread about lpd/postscript. Will I be able to use lpd to print to any HP JetDirect printer? I'm looking at getting an HP 1518ni colour laser. Does HP postscript level 3 emulation qualify as postscript support Frank If your printer is postscript, LPRng + apsfilter is a simple way to install. It is also very lightweight. Is there any reason why you are advising to use LPRng over lpd(8) which is in the base system? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: aucat + korg nanokontrol midi controller
On Thu, May 06, 2010 at 08:14:41AM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 10:12:25PM +0200, Jona Joachim wrote: Here's a press release of the start button: solo% midicat -o - -q midithru:0 | hexdump -ve '1/1 %02x\n' b0 2d 7f b0 2d 00 this a control message. Try other scenes. MMC messages aucat supports are: f0 7f xx 06 01 f7 stop f0 7f xx 06 02 f7 start f0 7f xx 06 44 06 01 pp pp pp pp f7 relocate Well, scene selection doesn't change anything here, I get the same byte sequence regardless the selected scene. Jona -- Worse is better Richard P. Gabriel
aucat + korg nanokontrol midi controller
Hi, I would like to thank everybody who worked on libsndio/aucat, especially ratchov@, I really love the design and the the it just works(TM) experience. I recently bought a Korg NanoKONTROL[1] midi controller and the volume control in aucat just works using the sliders. However I'm not quite savvy in the whole MIDI business and I was wondering if it was possible to personalize the use of it. For example there is a scene selection button on the bottom left and to be able to use it with aucat I need to select scene 4, how come it's scene 4 and not 1? I was also wondering whether I could use the turn knobs instead of the sliders for the volume control. Perhaps it's possible to do some magic with the audio/midish port? The controller also has start/stop etc. buttons. These probably send MMC messages and I was wondering whether it would be possible to use these to control aucat -t slave? Best regards, Jona [1] http://blog.ianbeyer.com/files/2009/11/nanoKONTROL_top.jpg -- Worse is better Richard P. Gabriel [demime 1.01d removed an attachment of type application/pgp-signature]
Re: aucat + korg nanokontrol midi controller
On Wed, May 05, 2010 at 07:57:31PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 06:13:20PM +0200, Jona Joachim wrote: [snip] I recently bought a Korg NanoKONTROL[1] midi controller and the volume control in aucat just works using the sliders. However I'm not quite savvy in the whole MIDI business and I was wondering if it was possible to personalize the use of it. For example there is a scene selection button on the bottom left and to be able to use it with aucat I need to select scene 4, how come it's scene 4 and not 1? I guess sliders of different scenes are mapped to different controllers. And it happens that scene 4 contains a slider that maps to the appropriate volume control of aucat. To control the volume, the simpler is to configure the nanokontrol as follows: first slider to (channel 0, controller 7), next slider to (channel 1, controller 7), and so on. This way you get one slider per application. That works as-is, if I select scene 4 I get 1 slider per application mapped correctly. I was also wondering whether I could use the turn knobs instead of the sliders for the volume control. Perhaps it's possible to do some magic with the audio/midish port? So all you need is to assign volume controls to knobs, there's probably a way to configure the nanokontrol to do so. midish can map any control number any other one, so you can cheat with it. But using it is more complicated than just configuring the nanokontrol. Well unless you want to be able to do other fancy things with it, like save/reload your settings or record volume automations into midi files etc... well just configuring the nanokontrol means making the provided software run in wine or something, I guess it would be easier to use midish ;) The controller also has start/stop etc. buttons. These probably send MMC messages and I was wondering whether it would be possible to use these to control aucat -t slave? yes exactly. This is to start multiple applications synchronously (ex. play a track with one program while you record another track with another program..) Yes but I don't know how to make it work, at least it doesn't work if I do the following: aucat -l -t slave -q midithru:0 The applications don't start when I hit the start button. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: aucat + korg nanokontrol midi controller
On Wed, May 05, 2010 at 09:17:15PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 08:20:38PM +0200, Jona Joachim wrote: On Wed, May 05, 2010 at 07:57:31PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 06:13:20PM +0200, Jona Joachim wrote: [snip] I recently bought a Korg NanoKONTROL[1] midi controller and the volume control in aucat just works using the sliders. However I'm not quite savvy in the whole MIDI business and I was wondering if it was possible to personalize the use of it. For example there is a scene selection button on the bottom left and to be able to use it with aucat I need to select scene 4, how come it's scene 4 and not 1? I guess sliders of different scenes are mapped to different controllers. And it happens that scene 4 contains a slider that maps to the appropriate volume control of aucat. To control the volume, the simpler is to configure the nanokontrol as follows: first slider to (channel 0, controller 7), next slider to (channel 1, controller 7), and so on. This way you get one slider per application. That works as-is, if I select scene 4 I get 1 slider per application mapped correctly. excellent, this way you escape the windows ``editor'' ;) The controller also has start/stop etc. buttons. These probably send MMC messages and I was wondering whether it would be possible to use these to control aucat -t slave? yes exactly. This is to start multiple applications synchronously (ex. play a track with one program while you record another track with another program..) Yes but I don't know how to make it work, at least it doesn't work if I do the following: aucat -l -t slave -q midithru:0 The applications don't start when I hit the start button. oh, you have to use ``-q rmidi:nanokontrol_number'', as you probably did for the volume. Except if you have started the following before you start aucat: midicat -l -q rmidi:nanokontrol_number I actually have midicat running. I also tried with rmidi:n without midicat with the same result. volume control works but start/stop doesn't. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: aucat + korg nanokontrol midi controller
On Wed, May 05, 2010 at 09:49:51PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 09:19:05PM +0200, Jona Joachim wrote: On Wed, May 05, 2010 at 09:17:15PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 08:20:38PM +0200, Jona Joachim wrote: On Wed, May 05, 2010 at 07:57:31PM +0200, Alexandre Ratchov wrote: On Wed, May 05, 2010 at 06:13:20PM +0200, Jona Joachim wrote: [snip] I recently bought a Korg NanoKONTROL[1] midi controller and the volume control in aucat just works using the sliders. However I'm not quite savvy in the whole MIDI business and I was wondering if it was possible to personalize the use of it. For example there is a scene selection button on the bottom left and to be able to use it with aucat I need to select scene 4, how come it's scene 4 and not 1? I guess sliders of different scenes are mapped to different controllers. And it happens that scene 4 contains a slider that maps to the appropriate volume control of aucat. To control the volume, the simpler is to configure the nanokontrol as follows: first slider to (channel 0, controller 7), next slider to (channel 1, controller 7), and so on. This way you get one slider per application. That works as-is, if I select scene 4 I get 1 slider per application mapped correctly. excellent, this way you escape the windows ``editor'' ;) The controller also has start/stop etc. buttons. These probably send MMC messages and I was wondering whether it would be possible to use these to control aucat -t slave? yes exactly. This is to start multiple applications synchronously (ex. play a track with one program while you record another track with another program..) Yes but I don't know how to make it work, at least it doesn't work if I do the following: aucat -l -t slave -q midithru:0 The applications don't start when I hit the start button. oh, you have to use ``-q rmidi:nanokontrol_number'', as you probably did for the volume. Except if you have started the following before you start aucat: midicat -l -q rmidi:nanokontrol_number I actually have midicat running. I also tried with rmidi:n without midicat with the same result. volume control works but start/stop doesn't. hmmm... could you send a hexdump of what message the start button sends? For instance with my setup I'd do: $ midicat -o - -q rmidi:2 | hexdump -ve '1/1 %02x\n' f0 7f 7f 06 02 f7 Here's a press release of the start button: solo% midicat -o - -q midithru:0 | hexdump -ve '1/1 %02x\n' b0 2d 7f b0 2d 00 there are multiple MMC start messages. BTW any MIDI device is supposed to come with a ``MIDI implementation chart'' that gives the list of messages the device transmits and receives, this is often the last pages of the manual. Did you get one ? I can't seem to find anything like that in the manual. -- Worse is better Richard P. Gabriel
Re: OpenBSD as L2TP client
On 2010-04-25, Paolo Supino paolo.sup...@gmail.com wrote: Hi A client asked me to setup a low cost router to connect to the Internet. His current Internet connection requires his router to connect to the ISP using L2TP protocol. I've looked through the archives and ports tree for a similar posting, but found none... Is anyone using OpenBSD as an L2TP client to connect to the Inernet (or knows a solution)? I haven't tried this but the npppd daemon which is in CURRENT and will be in 4.7 supports L2TP. I don't know of another way to do L2TP op OpenBSD. Best regards, Jona -- Worse is better Richard P. Gabriel
find the CWD of a child process
Hi! It happens to me all the time that I want to spawn a new xterm in the same directory that I am currently in, for example when I want to open a file with vim but keep a shell in the same directory. xterm actually has a nice builtin function for this: spawn-new-terminal() you can affect that function via the xterm*VT100.translations resource. however the implementation of this is Linux-specific and it is not activated in the OpenBSD build process. Here's a exerpt from HandleSpawnTerminal() in xenocara/app/xterm/misc.c: /* * Determine the current working directory of the child so that we can * spawn a new terminal in the same directory. * * If we cannot get the CWD of the child, just use our own. */ if (screen-pid) { char child_cwd_link[sizeof(PROCFS_ROOT) + 80]; sprintf(child_cwd_link, PROCFS_ROOT /%lu/cwd, (unsigned long) screen-pid); child_cwd = Readlink(child_cwd_link); } So it obviously tries to access procfs to get that value. Is there a way to access the same value via the OpenBSD API? Best regards, Jona -- Worse is better Richard P. Gabriel
Re: What does your environment look like?
On 2010-01-04, Nick Guenther kou...@gmail.com wrote: On Sun, Jan 3, 2010 at 3:01 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: I use default fvwm(1) and I'm happy with that. I tried cwm(1) after this post http://undeadly.org/cgi?action=articlesid=20090502141551 and I found it very clean and useful, but I still use fvwm(1). Anyway I plan to try this one http://www.scrotwm.org/ I never figured out fvwm. It has multiple desktops and you can drag windows between them but it jumps them too far too easily. Tell me, what's the appeal? I'm willing to think I'm just not understanding it (though points should always be allotted for intuitiveness). I use wmii with a bunch of dmenu custom menus. I haven't found a file manager I like (xfe is the best so far, but it uses some weird custom toolkit, thunar is nice but really wants famd, which for some reason seems associated with trackerd spinning up and eating my CPU, the rox-filer in packages doesn't work right). hmm, I've been using it for years, what is the problem with ROX? doesn't work everywhere, so I keep firefox and epiphany and galeon around (why is it that Gecko seems so much slower on OpenBSD than Linux?). I try to use mpd but sometimes I just don't bother to set it up locally (especially since I have a media server now), so I stick with Totem (I hate VLC's UI and mplayer is only really any good for one offs; totem is codewise pretty heavy but at least the interface makes sense). I've recently discovered that smplayer is quite nice OpenBSD on the desktop feels like a lot of compromises to me :( . If I still got off from using the command line everywhere it wouldn't be a problem but it is. nothing beats the command line ;) Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Trouble with a uaudio(4) device
On 2009-10-24, Jacob Meuser jake...@sdf.lonestar.org wrote: On Fri, Oct 23, 2009 at 07:02:54PM +0200, Remco wrote: Jona Joachim wrote: Here's the dmesg output when I plug in the device: uaudio0 at uhub3 port 2 configuration 1 interface 0 Ten X Technology, Inc. USB AUDIO rev 1.10/2.04 addr 2 uaudio0: ignored input endpoint of type adaptive that means the input (recording) endpoint was not configured. I completely missed this line when I read the dmesg... han% audioctl -f /dev/audio1 audioctl: /dev/audio1: Device not configured han% aucat -f /dev/audio1 -l aucat: /dev/audio1: can't open device those both fail because they try to open the device for full-duplex operation, but there is no recording capability. 'audioctl -f /dev/audioctl1' should work though. yes that works indeed. I don't really know how to debug this any further. This is on i386 -current. It seems this patch was applied 8 days ago different patch was applied, but same idea. anyway, I have one of the Ten X deally-jobbers. it was like 3 bucks on ebay. they really are worth $5. there's no real volume control and it's the lowest quality (both playback and recording) device I have. the ~10 year old PCI cards I got from the thrift store ($5 each) work and sound much better. Well I got this one for $3 with free shipping so I couldn't really be disappointed. I thought I could use it for VoIP. aucat -f /dev/audio1 -m play -l works but when I play sound I only get a solid beep tone from the device. I'll try again with above mentioned patch applied. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: Trouble with a uaudio(4) device
On 2009-10-23, Daniel Gracia Garallar danie...@electronicagracia.com wrote: Probably you'll have to create the /dev/audio1 device. Just go to /etc and make a 'sudo MAKEDEV audio1'. This script will create all the required devs to operate your audio card. no, that's not the problem, /dev/audio[0-2] are created by default... -- Worse is better Richard P. Gabriel
Trouble with a uaudio(4) device
Here's the dmesg output when I plug in the device: uaudio0 at uhub3 port 2 configuration 1 interface 0 Ten X Technology, Inc. USB AUDIO rev 1.10/2.04 addr 2 uaudio0: ignored input endpoint of type adaptive uaudio0: audio rev 1.00, 4 mixer controls audio1 at uaudio0 uhidev1 at uhub3 port 2 configuration 1 interface 3 Ten X Technology, Inc. USB AUDIO rev 1.10/2.04 addr 2 uhidev1: iclass 3/1 uhid0 at uhidev1: input=8, output=8, feature=0 uhidev2 at uhub3 port 2 configuration 1 interface 4 Ten X Technology, Inc. USB AUDIO rev 1.10/2.04 addr 2 uhidev2: iclass 3/1, 3 report ids uhid1 at uhidev2 reportid 3: input=1, output=0, feature=0 When I try to use it I get the following errors: han% audioctl -f /dev/audio1 audioctl: /dev/audio1: Device not configured han% aucat -f /dev/audio1 -l aucat: /dev/audio1: can't open device I don't really know how to debug this any further. This is on i386 -current. Here's some more info about the hardware: port 2 addr 2: full speed, power 500 mA, config 1, USB AUDIO(0xf211), Ten X Technology, Inc.(0x1130), rev 2.04 n% usbhidctl -f /dev/uhid0 No_Event=1 [0] No_Event=1 [1] No_Event=1 [2] No_Event=1 [3] No_Event=1 [4] No_Event=1 [5] No_Event=1 [6] No_Event=1 [7] Undefined.Num_Lock=0 Undefined.Caps_Lock=0 Undefined.Scroll_Lock=0 Undefined.Compose=0 Undefined.Kana=0 Undefined.Power=0 Undefined.Shift=0 Undefined.Do_Not_Disturb=0 Undefined.Mute=0 Undefined.Tone_Enable=0 Undefined.High_Cut_Filter=0 Undefined.Low_Cut_Filter=0 Undefined.Equalizer_Enable=0 Undefined.Sound_Field_On=0 Undefined.Surround_Field_On=0 Undefined.Repeat=0 Undefined.Stereo=0 Undefined.Sampling_Rate_Detect=0 Undefined.Spinning=0 Undefined.CAV=0 Undefined.CLV=0 Undefined.Recording_Format_Detect=0 Undefined.Off-Hook=0 Undefined.Ring=0 Undefined.Message_Waiting=0 Undefined.Data_Mode=0 Undefined.Battery_Operation=0 Undefined.Battery_OK=0 Undefined.Battery_Low=0 Undefined.Speaker=0 Undefined.Head_Set=0 Undefined.Hold=0 Undefined.Microphone=0 Undefined.Coverage=0 Undefined.Night_Mode=0 Undefined.Send_Calls=0 Undefined.Call_Pickup=0 Undefined.Conference=0 Undefined.Stand-by=0 Undefined.Camera_On=0 Undefined.Camera_Off=0 Undefined.On-Line=0 Undefined.Off-Line=0 Undefined.Busy=0 Undefined.Ready=0 Undefined.Paper-Out=0 Undefined.Paper-Jam=0 Undefined.Remote=0 Undefined.Forward=0 Undefined.Reverse=0 Undefined.Stop=0 Undefined.Rewind=0 Undefined.Fast_Forward=0 Undefined.Play=0 Undefined.Pause=0 Undefined.Record=0 Undefined.Error=0 Undefined.Usage_Selected_Indicator=0 Undefined.Usage_In_Use_Indicator=0 Undefined.Usage_Multi_Mode_Indicator=0 Undefined.Indicator_On=0 Undefined.Indicator_Flash=0 Undefined.Indicator_Slow_Blink=0 Undefined.Indicator_Fast_Blink=0 han% usbhidctl -f /dev/uhid1 Consumer_Control.Volume_Up=0 Consumer_Control.Volume_Down=0 Consumer_Control.Mute=0 Consumer_Control.Scan_Next_Track=0 Consumer_Control.Scan_Previous_Track=0 Consumer_Control.Pause/Play=0 -- Worse is better Richard P. Gabriel
Re: Would a consolidated greytrapping list be useful?
On 2009-10-04, Peter N. M. Hansteen pe...@bsdly.net wrote: I suppose everybody here knows what greytrapping is and why no spamd setup is really complete without at least Bob Beck's uatraps in its config. But then some of do our own local greytrapping, and I for one have been exporting the contents of my local-greytrap once per hour to a publicly accessible location for the benefit of anybody who wants to use the information. I assume there are others out there who do their own greytrapping, and it might be a good thing for all of us if the data generated at those various locations was made available to others. The data would likely overlap quite a bit with established sources such as uatraps and nixspam, but more likely than not we would be catching a few that would otherwise slip through the cracks. So I'm considering setting up a consolidated greytrap list to supplement uatraps and others, if other greytrappers out there are willing to share their data. My list is available at [1], with a the list of trap addresses and some description at [2], with a policy statement of sorts at [3] (I imagine I would require a similar statement from any participants), and various field notes available at my blog (see the signature). Would something like this be useful? Any comments and feedback (including why this would be a monumentally stupid idea) welcome. I definetely welcome this, I added your blacklist to my spamd.conf and I'll see how it works out. I don't do greytrapping yet but I may consider it in the future. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: /dev/audio: Device busy
On 2009-10-02, Buzzer 4625...@gmail.com wrote: pO DANNYM RADIOPEREHWATA OT 2-Oct-2009 07:18, Paul de Weerd BYL ZAME^EN W \FIRE, NA ^ASTOTE misc, S TAKIM SOOB]ENIEM: | I need to play a few audio files simultaneously. | | can't open /dev/audio: Device busy. | | man 1 aucat | | Could you be more verbose? What make you think that I did not read man | aucat? tried aucat. Mine seems to be misfunctioning too, can you share with the list what problems you had with aucat in servermode ? Did it give any errormessages ? I ran aucat with '-l' key, then I try to play wav file with 'aucat file.wav' command or 'aucat -s deafault file.wav'. aucat -s default send.wav aucat: can't open /dev/audio: Device busy aucat: send.wav: could not play You know, if you assume we can read your mind, we're going to make some assumptions of our own... I'm waiting for step by step advices. It would be good idea to make suitable issue in the FAQ. You don't learn anything from step by step advices. Step by step advices create stupid users. You just have to read through the fine documentation. /dev/audio can only be opened by one application at a time, in your case you want aucat to open it so that it can multiplex stuff for you. If aucat says Device busy then that means that another application is currently using the audio device, kill that application. After you did that you just have to run aucat -l and you're good to go, play your music in mplayer, vlc, totem, whatever, you will be fine. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: burning cd
On 2009-09-17, igor denisov denisovigor1...@rambler.ru wrote: Hello there, when i issue #cdrecord -scanbus I get cdrecord: No such file or directory. Cannot open SCSI driver. dmesg | grep 'cd' cd0 at scsibus0 targ 0 lun 0: Optiarc, DVD RW AD-7540A, 1.01 ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 may somebody to tell me how to use cdrecord the hardware I have with? Regards, igor denisov. the easiest way to burn a cd is probably to use the cdio(1) tool that comes with the base system. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: smtpd update
On 2009-09-16, Jacek Masiulaniec jac...@dobremiasto.net wrote: Hi, smtpd has recently benefited from many changes to the local and remote delivery code paths. Their aim is to advance smtpd few steps further to being well suited for production use. I have been working on this for a number of weeks, and to put it bluntly - the changes are massive. So, please grab the latest smtpd and give it a spin. I have smtpd from the latest snapshot running smoothly on my client. Here's my configuration: listen on lo0 map aliases { source db /etc/mail/aliases.db } accept for all relay via hcl-club.lu port submission tls certificate hcl I do certificate based authentication on the server (running postfix). Works very well ATM. Thank you very much! Best regards, Jona -- Worse is better Richard P. Gabriel
Re: IrDA
On 2009-09-02, Fred Crowson fred.crow...@googlemail.com wrote: On 8/30/09, soko.tica soko.t...@gmail.com wrote: On 8/28/09, Mike Hammer mikeham...@fastmail.fm wrote: Does anyone have IrDA working on a T60 Thinkpad? FAQ http://openbsd.org/i386.html#hardware says: Unsupported Hardware: Infrared devices, such as commonly found on laptops I have in the past successfully used the birda package on i386 laptops to get IrDA working with OpenBSD. YMMV - I've not done this recently... hth Fred I successfully use IrDA on a T60 with OpenBSD -CURRENT amd64 together with the birda package cheers, Jona -- Worse is better Richard P. Gabriel
lack of wordexp(3)
Hi, I was wondering whether there is a special reason why OpenBSD doesn't include the wordexp/wordfree functions. It seems like they are part of POSIX.1 and OpenBSD does feature the similar glob(3) function. Best regards, Jona -- Worse is better Richard P. Gabriel
Re: NTFS-3G Stable Read/Write Driver ready to merge on cvs obsd ?
On 2008-10-27, Neko [EMAIL PROTECTED] wrote: its shows that some poor trolls here dont own ultraportables with no external drives, and use more than one os alternative. i pass data from bsd to fat 32 so in m$ its then copy onto ntfs, i have 1 disk - 8 os, nothing is being done , but more and more ultraportables sells, yes it could be resolv into using an ext2 partition instead, but that is not resolving a problem its going around it covering eyes and ears. my stuff works, its just a pain , and ffs driver in windooz cant read more than one disklabel. bsd suggest using more than one partition, in that problem , one is the solution, next time i wont RTFM, and do as i see fit because their more opinions than guidlines. now as for backwards bsd. why does freebsd write to ntfs? why does osx write to ntfs.. seems to me that is more some obstination done not to support it. Why doesn't Windows write to UFS? See, UFS has been around much longer than NTFS and the code is BSD licensed. Why don't you phone the MS support and whine about them not supporting UFS? After all you paid them and their ultimate goal is to please their customers, a goal which OpenBSD doesn't have. Alternatively you could ask them to send free documentation to the OpenBSD developers. shure im doing it wrong , because nothing is being done. Please send your code to tech@ but shure a color-ls.pkg is more important if you ask me, SARCASTIC Not getting your point here but please don't top-post. Best regards, Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: dvorak keyboard not working
On 2008-09-02, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: [demime could not interpret encoding - treating as plain text] How do I get the dvorak keyboard to run on OpenBSD 4.3. I tried: * man kbd and using us.dvorak * man wsconsctl and wsconsctl -w keyboard.encoding=us.dvorak -w is a very old wsconsctl option, the 4.3 manual definetely doesn't mention it. wsconsctl keyboard.encoding=us.dvorak is working here: spaceman% wsconsctl keyboard.encoding=us.dvorak keyboard.encoding - us.dvorak Of course this sets the layout for the console, not X. Some efforts were made to make X recognize and use the layout used by wscons, however I don't think it recognizes dvorak ATM, so you have to edit xorg.conf. Here's what I'm using: spaceman% cat /etc/kbdtype us.dvorak.swapctrlcaps spaceman% cat /etc/X11/xorg.conf | grep Xkb Option XkbLayout us Option XkbVariant dvorak Option XkbOptions ctrl:swapcaps,compose:menu * searched the mailing list * googled and tried some suggestions for Freebsd I can not seem to get it to work. Cheers, Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: 3D Hardware Accerlation
On 2008-07-30, Owain Ainsworth [EMAIL PROTECTED] wrote: On Thu, Jul 31, 2008 at 12:14:36AM +0200, Reyk Floeter wrote: On Wed, Jul 30, 2008 at 10:58:10PM +0200, thacrazze wrote: Hello, sorry that I give you a hard time but how is status of 3D Hardware Accerlation in OpenBSD? I heard it works with the i810 driver. But how is the current status? You can try a recent snapshot and compile a kernel with inteldrm* at vga? (commented out with a '#' in GENERIC). $ dmesg | grep vga vga1 at pci0 dev 2 function 0 Intel GM965 Video rev 0x0c wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) agp0 at vga1: aperture at 0xe000, size 0x1000 inteldrm0 at vga1: Intel i965GM(0), 1.6.0 20080312 $ uname -srvmp OpenBSD 4.4 GENERIC.MP#74 amd64 Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz Or indeed radeondrm, etc. Look at the bottom of GENERIC for commented entries. If you find any problems, mail me. Is it supposed to work with R500-based cards? I'm just wondering because I upgraded after the drm related changed got into the tree yesterday and it doesn't work for me. In the system message buffer I see: info: [drm] Setting GART location based on new memory map info: [drm] Loading R500 Microcode info: [drm] Num pipes: 1 info: [drm] writeback test succeeded in 2 usecs In the X log file I get: drmOpenDevice: node name is /dev/drm0 drmOpenDevice: open result is 11, (OK) drmAvailable: 1 drmOpenByBusid: Searching for BusID pci::01:00.0 drmOpenDevice: node name is /dev/drm0 drmOpenDevice: open result is 11, (OK) drmOpenByBusid: drmOpenMinor returns 11 drmOpenByBusid: drmGetBusid reports pci::01:00.0 (EE) AIGLX error: Calling driver entry point failed(EE) AIGLX: reverting to software rendering My card is an ATI Radeon Mobility X1400 and according to the xorg-driver-ati people it should work with git versions of the radeon driver and Mesa. Kind regards, Jona
GENERIC.MP amd64 panic in kern_lock.c
Hi! I got that panic while running sudo make clean in /usr/xenocara. make could not fork and then I get panic saying assertion __mp_lock_held(sched_lock) == 0 failed in kern_lock.c It's a ThinkPad T60 running a GENERIC.MP amd64 snapshot pulled yesterday from openbsd.informatik.uni-erlangen.de. I don't have a serial console on that machine so I took pictures of the screen to get the output of ps and trace. The pictures are of very bad quality, I only have an old cheap camera... Sorry. ps shows *a lot* of make processes. I didn't run with -j and I don't have any fancy options in my mk.conf. uname -a: OpenBSD spaceman.my.domain 4.3 GENERIC.MP#1732 amd64 You can find the picture here: http://www.hcl-club.lu/~jaj/stuff/obsd_panic-generic.mp-1732.tar [demime 1.01d removed an attachment of type application/pgp-signature]
Re: Call for testing - uvideo(4)
On 2008-06-14, Lars Noodin [EMAIL PROTECTED] wrote: I see on undeadly a call for testing uvideo(4) in CURRENT which seems to require UVC (USB Video Class) compatible webcams. Would that include the webcam built into last year's models of MacBook Pro? What options, if any, are there for IEEE 1394? I have one such web cam lying around. There has been a post on this list one or two days ago where somebody asked about the support iSight cameras. Unfortunately it seems like these cameras do not comply with the usb video standard. I don't know if this applies to your cam, too but chances are that yes... Jona -- Pond-erosa Puff wouldn't take no guff Water oughta be clean and free So he fought the fight and he set things right With his OpenBSD
Re: Small diff to make dhclient(8) go to background immediately
On 2008-05-19, Cesare Gargano [EMAIL PROTECTED] wrote: On 19/05/08 15:50 +0200, Cesare Gargano wrote: On 18/05/08 17:20 +0200, Jona Joachim wrote: I very much appreciate the work of reyk@ on dhclient to make it renew the lease when the link is lost. However it might happen that you don't have a link at the moment where you launch dhclient but you know that you might get a link afterwards. This is true when you launch your laptop somewhere where you have wifi connectivity but unfortunately you're in a spot where you don't currently receive it. If you specify 'dhcp' in hostname.if you will have to wait until dhclient times out or hit Ctrl-C at startup. This tiny patch adds an option to dhclient to tell it to just go into background and wait until you get a link. I would appreciate any comments. Thanks! Index: dhclient.c (snip diff) Ehi! Your diff is already there! cat /etc/dhclient.conf link_timeout 0; is link-timeout Ehm! Enjoy! You're right, I guess I was making things overly complicated...
Re: Small diff to make dhclient(8) go to background immediately
On 2008-05-19, Cesare Gargano [EMAIL PROTECTED] wrote: On 19/05/08 15:50 +0200, Cesare Gargano wrote: On 18/05/08 17:20 +0200, Jona Joachim wrote: I very much appreciate the work of reyk@ on dhclient to make it renew the lease when the link is lost. However it might happen that you don't have a link at the moment where you launch dhclient but you know that you might get a link afterwards. This is true when you launch your laptop somewhere where you have wifi connectivity but unfortunately you're in a spot where you don't currently receive it. If you specify 'dhcp' in hostname.if you will have to wait until dhclient times out or hit Ctrl-C at startup. This tiny patch adds an option to dhclient to tell it to just go into background and wait until you get a link. I would appreciate any comments. Thanks! Index: dhclient.c (snip diff) Ehi! Your diff is already there! cat /etc/dhclient.conf link_timeout 0; is link-timeout Ehm! Enjoy! You're right, I guess I was making things overly complicated.
Small diff to make dhclient(8) go to background immediately
I very much appreciate the work of reyk@ on dhclient to make it renew the lease when the link is lost. However it might happen that you don't have a link at the moment where you launch dhclient but you know that you might get a link afterwards. This is true when you launch your laptop somewhere where you have wifi connectivity but unfortunately you're in a spot where you don't currently receive it. If you specify 'dhcp' in hostname.if you will have to wait until dhclient times out or hit Ctrl-C at startup. This tiny patch adds an option to dhclient to tell it to just go into background and wait until you get a link. I would appreciate any comments. Thanks! Index: dhclient.c === RCS file: /cvs/src/sbin/dhclient/dhclient.c,v retrieving revision 1.118 diff -u -r1.118 dhclient.c --- dhclient.c 9 May 2008 05:19:14 - 1.118 +++ dhclient.c 18 May 2008 15:11:53 - @@ -253,7 +253,7 @@ int main(int argc, char *argv[]) { - int ch, fd, quiet = 0, i = 0, pipe_fd[2]; + int ch, fd, quiet = 0, background = 0, i = 0, pipe_fd[2]; extern char *__progname; struct passwd *pw; @@ -261,8 +261,11 @@ openlog(__progname, LOG_PID | LOG_NDELAY, DHCPD_LOG_FACILITY); setlogmask(LOG_UPTO(LOG_INFO)); - while ((ch = getopt(argc, argv, c:dl:qu)) != -1) + while ((ch = getopt(argc, argv, bc:dl:qu)) != -1) switch (ch) { + case 'b': + background = 1; + break; case 'c': path_dhclient_conf = optarg; break; @@ -319,6 +322,9 @@ read_client_conf(); + if (background) + goto dispatch; + if (!(ifi-linkstat = interface_link_status(ifi-name))) { fprintf(stderr, %s: no link ..., ifi-name); if (config-link_timeout == 0) { @@ -409,7 +415,7 @@ { extern char *__progname; - fprintf(stderr, usage: %s [-dqu] [-c file] [-l file] interface\n, + fprintf(stderr, usage: %s [-bdqu] [-c file] [-l file] interface\n, __progname); exit(1); }
Freeze during boot after recent upgrade (amd64 -current)
Hi! After upgrading my system, which runs amd64 -CURRENT, to the latest snapshot yesterday it freezes during boot after showing the message: setting tty flags. The last time I upgraded before this was just after WPA support was available, so something must have happened between these two moments. I upgraded my config under /etc using mergemaster. Normally I run GENERIC.MP but I tested with GENERIC and it yielded the same results. Is any aware of what might be going wrong? Best regards, Jona
Re: Freeze during boot after recent upgrade (amd64 -current)
Le Thu, 24 Apr 2008 12:33:32 +, Stuart Henderson a C)critB : On 2008-04-24, Jona Joachim [EMAIL PROTECTED] wrote: Hi! After upgrading my system, which runs amd64 -CURRENT, to the latest snapshot yesterday it freezes during boot after showing the message: setting tty flags. The last time I upgraded before this was just after WPA support was available, so something must have happened between these two moments. I upgraded my config under /etc using mergemaster. Normally I run GENERIC.MP but I tested with GENERIC and it yielded the same results. Is any aware of what might be going wrong? Best regards, Jona Serial or vga console? VGA. This is on a Thinkpad T60 laptop, I don't have a serial interface. Also I didn't touch the default tty configuration.
Re: Freeze during boot after recent upgrade (amd64 -current)
Le Thu, 24 Apr 2008 13:17:37 +, Jona Joachim a C)critB : Le Thu, 24 Apr 2008 12:33:32 +, Stuart Henderson a C)critB : On 2008-04-24, Jona Joachim [EMAIL PROTECTED] wrote: Hi! After upgrading my system, which runs amd64 -CURRENT, to the latest snapshot yesterday it freezes during boot after showing the message: setting tty flags. The last time I upgraded before this was just after WPA support was available, so something must have happened between these two moments. I upgraded my config under /etc using mergemaster. Normally I run GENERIC.MP but I tested with GENERIC and it yielded the same results. Is any aware of what might be going wrong? Best regards, Jona Serial or vga console? VGA. This is on a Thinkpad T60 laptop, I don't have a serial interface. Also I didn't touch the default tty configuration. The error is triggered by: ttyflags -a in /etc/rc. The machine boots up normally if I comment out this line. If I issue the command after having booted successfully I can reproduce the freeze. Let me know if you need further information.
cvs.1 contains dead link under SEE ALSO
Hi! At the end of the CVS(1) manpage, under the SEE ALSO section, there is a link to http://www.loria.fr/~molli/cvs-index.html There seems to be no content anymore under this url. Best regards, Jona
Re: halt -p does not work with GENERIC.MP on 4.2-STABLE
On Fri, 25 Jan 2008 09:43:36 +0100, Pierre Riteau wrote: On Jan 25, 2008 9:13 AM, Nicolas Letellier [EMAIL PROTECTED] wrote: I use OpenBSD 4.2-stable with a core2duo laptop. When I use GENERIC kernel, 'halt -p' works perfectly. However, when I use GENERIC.MP, 'halt -p' does not work and says : apm0: APM set power state: interface not connected (3) the operating system has halted Please press any key to reboot You should try with -current. Much work was done on ACPI since 4.2. And I don't think the developers are interested in these kind of bugs in -stable. I can confirm that it doesn't work on a fairly recent snapshot. It does work with GENERIC but when you do a `halt -p` under GENERIC.MP you get syncing disks and then something like UHCI controller halted and then nothing. This is on a ThinkPad T60 (ACPI only) running amd64. Jona
Re: most secure graphical browser
On Sat, 19 Jan 2008 08:47:56 +1300, Joel Wiramu Pauling wrote: One other note, if your planning on doing any internet banking, your pretty much stuck with Firefox or Opera (using binary emulation). Haven't tried ie under wine on openbsd, it may work also. Why? Because a lot of the internet banking sites are useless and while things like konqueror load them, badly hacked together js, and other bits fail a lot, things you won't notice until you go to do something like a funds transfer etc. You might be lucky and your banks website isn't ass. But I would be checking it thoroughly before making a browser decision. Talking about brainfucked bank sites... My bank checks for the browser's user-agent: Firefox on win32 an Linux passes, Firefox on *BSD is denied access, unless you change the user-agent string... I sent them a mail explaining them why this utter nonsense and I just got a standard reply. Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Re: A sad thread - RMS vs. OpenBSD
On Mon, 07 Jan 2008 00:02:19 -0800, Reid Nichol wrote: --- Duncan Patton a Campbell [EMAIL PROTECTED] wrote: On Sun, 6 Jan 2008 22:21:14 -0500 Eliah Kagan [EMAIL PROTECTED] wrote: (There are also multiple useful, mutually-inconsistent formal systems in both fields.) Provably so? +1 I'd love an example of Math being inconsistent. Quite frankly, I'd be surprised if this is true. The following sentence is true. The previous sentence is false. Oh and by the way this sentence is also false. Best regards, Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Re: Slow Performance on Encrypted svnd
On Fri, 16 Nov 2007 14:34:22 -0800, Ted Unangst wrote: On 11/16/07, Nick Guenther [EMAIL PROTECTED] wrote: On 11/16/07, Ted Unangst [EMAIL PROTECTED] wrote: instead of pondering problems with using the whole disk, you could just use svnd with a file. Yeah but doesn't this hint at some horrible inefficiency in the stack somewhere? it hints at using tools the wrong way leading to poor results. Who says the tool is used the wrong way? You? I think when OpenBSD developers go and write a howto about how to use a tool in a certain way then you can be sure it's meant to be used this way. Please refer to: https://www.mainframe.cx/~ckuethe/encrypted_disks.html Best regards, Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Re: OT: OpenBSD on Asus eeePC
On Wed, 14 Nov 2007 10:56:25 +0100, Karl Sjodahl - dunceor wrote: On Nov 14, 2007 10:45 AM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/11/14 10:37, Alexey Suslikov wrote: As sthen@ mentioned, there are models with other WLAN, so be careful with it. I doubt there are different wlan, it doesn't make any sense. They are PCIE mini card, btw, so you'll probably have a harder time finding a replacement than if they were Mini PCI. (the in- tree options are iwn and rum). N.B. the flash is soldered. Personally I think I'd wait for the 8G ones - from my experience with Zaurus, 4G can be a bit limiting, Yeah I agree, 4GB is a bit small. According to Wikipedia it has a slot for SD and SDHC cards. Best regards, Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Re: Powered by obsd stickers and other stuff
On Sat, 10 Nov 2007 01:18:42 +0100, Iqigo Tejedor Arrondo wrote: Hello all Some art, at slw spanish foul asymetric connection. The sources are xcf, at 1600x1200. Clarify that I am not a designer :) I have make the typical Powered by stickers: http://inigo.homeunix.net/files/art/powered_by_puffy_black.png http://inigo.homeunix.net/files/art/powered_by_puffy_grey.png I hope that those stickers replace the vista compatible of the developers laptops :) There are some backgrounds: A blue rounded gradient with puffy: http://inigo.homeunix.net/files/art/background_blue_puff_1024x768.png http://inigo.homeunix.net/files/art/background_blue_puffy_text_1024x768.png At first I thought you just copied that one: http://www.openbsd-france.org/reposit/wallpapers/openbsd_yellow.png and I wanted to accuse you of plagiarism but then I noticed there are some differences between the two pictures :) The pictures are quite nice. I especially like the old picture filter one. The half wire / half red beastie looks kinda strange :) Best regards, Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Thanks for the work on acpi!
I saw a lot of acpi related commits over the last few days. acpibat, acpiac and temperature sensors and now detected and work as expected on my Thinkpad T60 in -CURRENT! spaceman% dmesg | grep acpi acpi0 at mainbus0: rev 2 acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET SLIC BOOT SSDT SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3) DURT(S3) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3) USB1(S3) USB2(S3) USB7(S3) HDEF(S4) acpitimer at acpi0 not configured acpimadt0 at acpi0 addr 0xfee0: PC-AT compat acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus 4 (EXP2) acpiprt5 at acpi0: bus 12 (EXP3) acpiprt6 at acpi0: bus 21 (PCI1) acpiec0 at acpi0: EC__ acpicpu at acpi0 not configured acpicpu at acpi0 not configured acpitz0 at acpi0: critical temperature 127 degC acpitz1 at acpi0: critical temperature 99 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4504 serial 41653 type LION oem SANYO acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpidock at acpi0 not configured spaceman% sysctl hw hw.machine=amd64 hw.model=Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz hw.ncpu=2 hw.byteorder=1234 hw.physmem=1072099328 hw.usermem=1072091136 hw.pagesize=4096 hw.disknames=cd0,sd0,sd1 hw.diskcount=3 hw.sensors.cpu0.temp0=60.00 degC hw.sensors.cpu1.temp0=60.00 degC hw.sensors.acpitz0.temp0=60.05 degC (zone temperature) hw.sensors.acpitz1.temp0=63.05 degC (zone temperature) hw.sensors.acpibat0.volt0=10.80 VDC (voltage) hw.sensors.acpibat0.volt1=11.67 VDC (current voltage) hw.sensors.acpibat0.watthour0=56.09 Wh (last full capacity) hw.sensors.acpibat0.watthour1=2.80 Wh (warning capacity) hw.sensors.acpibat0.watthour2=0.20 Wh (low capacity) hw.sensors.acpibat0.watthour3=44.66 Wh (remaining capacity), OK hw.sensors.acpibat0.raw0=1 (battery discharging), OK hw.sensors.acpibat0.raw1=22 (rate) hw.sensors.acpiac0.indicator0=Off (power supply) hw.sensors.aps0.temp0=36.00 degC hw.sensors.aps0.temp1=36.00 degC hw.sensors.aps0.indicator0=On (Keyboard Active) hw.sensors.aps0.indicator1=Off (Mouse Active) hw.sensors.aps0.indicator2=On (Lid Open) hw.sensors.aps0.raw0=507 (X_ACCEL) hw.sensors.aps0.raw1=538 (Y_ACCEL) hw.sensors.aps0.raw2=507 (X_VAR) hw.sensors.aps0.raw3=538 (Y_VAR) hw.cpuspeed=1994 hw.setperf=100 hw.vendor=LENOVO hw.product=2007QPG hw.version=ThinkPad T60 hw.serialno=L32Z1K9 hw.uuid=f7d7ad81-4941-11cb-a0bc-86862e763339 Thanks for your hard work! Best regards, Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
Re: Google employment opportunity
On Fri, 12 Oct 2007 20:39:07 -0400 Frank Hale [EMAIL PROTECTED] wrote: OMG a Google employee was dumb enough to spam an entire mailing list to get to one person. WOW, I thought they hired really smart people. Be gentle with them, they read your mail. Jona -- I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free. Eris, Goddess Of Chaos, Discord Confusion
X11 very slow with SMP kernel
Hi! I can see X redraw the screen top down very slowly when I use the SMP kernel on my Thinkpad T60. I can actually see it draw the background first and then every widget one by one. I don't see this behaviour when I use GENERIC. I use an the amd64 kernel. I tried with a 2 month old snapshot and a freshly built GENERIC.MP checked out this afternoon with the same result. spaceman% uname -a OpenBSD spaceman.my.domain 4.2 GENERIC.MP#0 amd64 dmesg: http://www.hcl-club.lu/~jaj/foo/dmesg `X -version`: http://www.hcl-club.lu/~jaj/foo/xversion Is this a know issue? Do I need to rebuild Xenocara with special knobs to use it with bsd.mp? Could you point me into a direction to further investigate this? Best regards, Jona