Re: Keeping OpenBSD installation clean
If you're doing this development in a VM, take a snapshot before making those littering changes. Then revert when you're done. On Fri, Apr 4, 2014 at 2:29 AM, Denis Fondras open...@ledeuns.net wrote: Hello all, I am using OpenBSD to test multiple softwares of any kind (that might become ports in the future) and I get to install many dependencies and my system becomes rotten and bloated with unused libraries and chunks pretty fast. So I end up reinstalling the system more often than I can handle to clean conflicting libraries. What is the (porter's) preferred way to keep the system clean ? Thank you in advance, Denis
Re: mac mini
There are many generations of Mac Mini. I have a i386 Core Duo (read: old) that ran OpenBSD. I have a macppc (read: older) that also runs OpenBSD quite well. I have wired Ethernet, so I wasn't concerned with wireless. I can't comment on that. On Wed, Nov 20, 2013 at 1:09 PM, Friedrich Locke friedrich.lo...@gmail.com wrote: Does anyone here run Open/FreeBSD on mac mini ? Does the OS fully supports macmini hadrwared ? Thank you for the answers. Fried.
Re: snapshot ssh: ChrootDirectory sftp Connection closed
I observed the same thing. Adding UsePrivilegeSeparation no to my sshd_config allowed connections. I haven't been able to troubleshoot this further. On Tue, Apr 16, 2013 at 6:07 AM, Ville Valkonen weezeld...@gmail.com wrote: On 16 April 2013 07:25, f5b f...@163.com wrote: server kern.version=OpenBSD 5.3-current (GENERIC.MP) #71: Sat Apr 13 17:21:57 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP /etc/ssh/sshd_config only add after last line Match Group share ForceCommand internal-sftp ChrootDirectory /home/chroot/ # sshd -t ##ok # mkdir /home/chroot/ # adduser share frome other machine, the user share can not sftp to the server, but same config in Mar 1 snapshot, sftp is ok. Hi, same observations here. -- Sincerely, Ville Valkonen
Re: openbsd and vmware
The only problem I ever had with running OpenBSD with ESX/i was doing snapshots for backups with BackupExec. With the vmt(4), vCenter and BackupExec *think* that VMware Tools is running and try to quiesce the VM before backing it up. That fails, so the backup fails. Disabling the vmt(4) driver in the kernel allowed vCenter/BackupExec to see OpenBSD as a non-compatible snapshot capable system (even though I could take snapshots in general) and would back it up. On Tue, Feb 5, 2013 at 9:53 AM, Bentley, Dain dbent...@nas.edu wrote: I've personally never has issues and performance is good. I've been running a php-fpm/nginx stack with OpenBSD and VMware and performance has been great. Only issue is the tools install. I've had issues with that but it runs fine without it. I've also run it on KVM and found VMWare to be better. I have iSCSI storage with ZFS as a backend and can't complain Sent from my Android phone using TouchDown (www.nitrodesk.com) -Original Message- From: Bogdan Andu [bo...@yahoo.com] Received: Tuesday, 05 Feb 2013, 6:04am To: misc@openbsd.org [misc@openbsd.org] Subject: openbsd and vmware Hello, A few questions related to openbsd and vmware. What are the best practices to run OpenBSD in vmware? Are there any known problems one should take into consideration before virtualization? I already have a functional machine runnig OpenBSD 5.2 /amd64 on bare metal. It is possible to create a virtual machine from one already running apart from installing the os in vm and then migrating and installing all applications? Thank you in advanced, Bogdan
Re: virtualization
For CARP, you need to enable promiscuous mode on your vSwitch. On Jan 5, 2013 5:44 AM, Aaron Mason simplersolut...@gmail.com wrote: On Sat, Jan 5, 2013 at 8:47 PM, Alan Cheng bsdp...@gmail.com wrote: I've been using virtualbox to run OpenBSD for over 2 years and I'm happy with it. The only issue I had is when I have more than 3 snapshots for a guest OS (OpenBSD or others) and its hard disk is 20+G, VM export seems not work. I tried VMWare Workstation and it works great too for OpenBSD, but since Virtualbox does not cost any money, I stick with it. On Sat, Jan 5, 2013 at 7:42 AM, Friedrich Locke friedrich.lo...@gmail.comwrote: Hi folks! I have a windows desktop and would like to install a virtualization software in order to have two virtual machine. I pretend to install OpenBSD on both of them. Which virtualization solution would be the best one for OpenBSD to run on ? Thanks. Had no problems with the free VMware Server and VMware ESXi - although the latter seemed to struggle with DHCP over CARP, which I'm assured has no excuse not to work... -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
Re: openBSD 5.2 amd64 on lenovo x201s
Interestingly, I believe the last time I suspended my T510 and resumed, my USB ports did have power. I'l double check when I get home. On Thu, Jan 3, 2013 at 12:40 PM, Jes jjje...@gmail.com wrote: And probably no power on usb ports after resume, like my T410. BR Jes
Re: Upgrading OpenBSD
On Mon, May 21, 2012 at 9:43 PM, Richards, Toby toby.richa...@slo.courts.ca.gov wrote: OpenBSD does have an Upgrade option, but does it upgrade the installed packages? pkg_add -ui
Re: chromium can't start since two snapshots
On Sat, May 19, 2012 at 6:58 AM, Peter N. M. Hansteen pe...@bsdly.net wrote: Here, on amd64, removing only the .config/chromium/SingletonLock did the trick. It would have taken me a while to infer that from the error message, though ;) Hopefully this will fix it: http://marc.info/?l=openbsd-ports-cvsm=133727364220056w=2 -ME
Re: authorized_keys and security(8)
On Thu, May 3, 2012 at 2:16 PM, Tyler Morgan tyl...@tradetech.net wrote: On 4/25/2012 5:11 PM, Stuart Henderson wrote: On 2012-04-24, Tylerdisc...@gmail.com wrote: My problem is security(8) complains about this every day: Login admin is off but still has a valid shell and alternate access files in home directory are still readable. vipw and set the crypted password to 13 *'s. pretty sure the old /etc/security script did the same thing in this respect. Thanks for the help. This worked -- security is no longer whining about the accounts -- and I found the proper documentation in passwd(5). FYI: For a test, I added foo with useradd(8) and bar with adduser(8): # grep -E (foo|bar) /etc/master.passwd foo:*:1002:1002::0:0::/home/foo:/bin/ksh bar:*:1003:1003::0:0:bar:/home/bar:/bin/ksh Looks like useradd does the right thing and adduser does not. -ME
Re: authorized_keys and security(8)
On Thu, May 03, 2012 at 02:48:14PM -0400, Mike Erdely wrote:
FYI: For a test, I added foo with useradd(8) and bar with adduser(8):
# grep -E (foo|bar) /etc/master.passwd
foo:*:1002:1002::0:0::/home/foo:/bin/ksh
bar:*:1003:1003::0:0:bar:/home/bar:/bin/ksh
Looks like useradd does the right thing and adduser does not.
With the diff below I added baz:
foo:*:1002:1002::0:0::/home/foo:/bin/ksh
bar:*:1003:1003::0:0:bar:/home/bar:/bin/ksh
baz:*:1004:1004::0:0:baz:/home/baz:/bin/ksh
ok?
Index: adduser.perl
===
RCS file: /cvs/src/usr.sbin/adduser/adduser.perl,v
retrieving revision 1.58
diff -u -p -r1.58 adduser.perl
--- adduser.perl22 Sep 2011 10:59:23 - 1.58
+++ adduser.perl3 May 2012 19:00:17 -
@@ -800,7 +800,7 @@ sub new_users {
if (new_users_ok) {
$new_users_ok = 1;
- $cryptpwd = *;# Locked by default
+ $cryptpwd = *;# Locked by default
$cryptpwd = encrypt($password, salt) if ($password ne );
$log_cl = if ($log_cl eq default);
Re: authorized_keys and security(8)
On Thu, May 3, 2012 at 5:43 PM, Alexander Hall ha...@openbsd.org wrote: I'm not sure about this. The check in security is there for a reason. If you want to bypass it, it might be better to have to do it manually. The inconsistancy is annoying though, as is the *-trick, which I believe is merely a way to make it seem like a password while it is not. I see two separate issues. 1. The two ways to add users are inconsistent. 2. The security script may not be doing what it's supposed to if the password is *. So, I think either my diff should go in or we should change useradd. And/or maybe the security script should bitch if your password is *. -ME
Re: Enough is enough!
On Sun, Nov 07, 2010 at 12:52:19PM -0500, Steve Shockley wrote: On 11/2/2010 3:13 PM, bsdmas...@hushmail.com wrote: You've been warned. That's awesome! I'm going to end all my messages with that now, no matter what the subject. You've been warned. Steve, As stupid as this thread has been, you made me laugh out loud. Literally. -ME You've been warned.
Re: undeadly article
On Tue, Aug 17, 2010 at 07:30:55PM +0300, Paul Irofti wrote: jcr, please forgive my fellow romanian as us gypsies don't get to travel much and don't know the mysteries of these flying birds and their inner workings. Gypsies who don't travel, eh? -ME
Re: power management of USB-connected disks
On Tue, Jul 20, 2010 at 03:14:40PM +1000, David Gwynne wrote: On 20/07/2010, at 2:48 AM, Jan Stary wrote: I wonder whether there is something like atactl(8) that I could use to control the power management of these disks - spin them down when not used etc, to reduce noise and heat (I have yet to measure if it would also mean a nontrivial power saving). there is a (very very) slight chance that the chip that translates from scsi over usb to ata on the actual drive supports the ATA PASSTHRU scsi commands, which the openbsd kernel will now try. this means you might be able to run atactl against those disks. you will need a -current system to try that with though. considering how budget those usb to ata chips are, i wouldnt hold much hope. dlg For what it's worth, I use two different USB disks on my server that are used in a similar fashion to Jan. And, there is always a short delay before using the disks for the first time after a long period of inactivity. So, I think they are sleeping. -ME snippet from dmesg: umass0 at uhub0 port 3 configuration 1 interface 0 Western Digital External HDD rev 2.00/1.06 addr 2 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd1 at scsibus2 targ 1 lun 0: WD, 5000YS External, 106a SCSI2 0/direct fixed sd1: 476940MB, 512 bytes/sec, 976773168 sec total uhidev0 at uhub0 port 3 configuration 1 interface 1 Western Digital External HDD rev 2.00/1.06 addr 2 uhidev0: iclass 3/0 uhid0 at uhidev0: input=1, output=2, feature=0 umass1 at uhub0 port 4 configuration 1 interface 0 Western Digital My Book rev 2.00/1.75 addr 3 umass1: using SCSI over Bulk-Only scsibus3 at umass1: 2 targets, initiator 0 sd2 at scsibus3 targ 1 lun 0: WD, 10EADS External, 1.75 SCSI2 0/direct fixed sd2: 953869MB, 512 bytes/sec, 1953525168 sec total
Re: Set dhcp from command line?
On Thu, Jul 08, 2010 at 10:15:26AM -0500, Chet Langin wrote: I would like to set DHCP for an interface from the command line. I have tried... # ifconfig re0 dhcp ..and I get this error... ifconfig: dhcp: bad value Using version 4.5. Can anyone tell me how to do this? Try `dhclient re0` -ME
Re: Building bacula-fd on OpenBSD 4.5
On Wed, Oct 14, 2009 at 05:41:42PM -0300, Daniel Bareiro wrote: Apparently the same happens with FreeBSD 4.9. Some BSD make implementations can't handle Bacula's makefiles. Using GNU make I no longer have the mentioned problem. Thanks to both for your replies. Yeah. Looking at the port would have helped there too (USE_GMAKE=Yes). -ME
Re: Building bacula-fd on OpenBSD 4.5
You should be able to look at the port in -current to see which configure options to use. -ME On Sun, Oct 11, 2009 at 09:47:41PM -0300, Daniel Bareiro wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, all! I'm trying to compile Bacula 3.0.2 with the source code from the official site. For it I've dowloaded the bacula-3.0.2.tar.gz file. I did the configuration using the following syntax: # ./configure \ --prefix=/usr \ --sbindir=/usr/sbin \ --sysconfdir=/etc/bacula \ --with-scriptdir=/etc/bacula/scripts \ --enable-smartalloc \ --with-openssl \ --enable-client-only \ --with-working-dir=/var/lib/bacula \ --with-pid-dir=/var/run \ --with-subsys-dir=/var/lock But after executing: # make -j6 I get some error messages: fugu:/tmp/bacula-3.0.2# make -j6 ==Entering directory /tmp/bacula-3.0.2/src ==Entering directory /tmp/bacula-3.0.2/scripts ==Entering directory /tmp/bacula-3.0.2/src/lib Compiling res.c Compiling lockmgr.c Compiling breg.c Compiling address_conf.c Compiling parse_conf.c Compiling htable.c Compiling tls.c Compiling rblist.c Compiling smartall.c Compiling var.c Compiling signal.c Making libbaccfg.la ... /tmp/bacula-3.0.2/libtool --silent --tag=CXX --mode=link /usr/bin/g++-o libbaccfg.la parse_conf$(DEFAULT_OBJECT_TYPE) res$(DEFAULT_OBJECT_TYPE) -export-dynamic -rpath /usr/lib -version-info 1:0:0 /bin/sh: DEFAULT_OBJECT_TYPE: not found /bin/sh: DEFAULT_OBJECT_TYPE: not found g++: no input files *** Error code 1 Stop in /tmp/bacula-3.0.2/src/lib: Exit status 1 (libbaccfg.la, line 234 of Makefile) == Error in /tmp/bacula-3.0.2/src/lib == ==Entering directory /tmp/bacula-3.0.2/src/findlib Compiling mkpath.c Compiling fstype.c Compiling create_file.c Compiling enable_priv.c Compiling drivetype.c Compiling bfile.c Compiling attribs.c Compiling find_one.c Compiling match.c Compiling find.c Compiling savecwd.c make: make: don't know how to make ../lib/libbac.la. Stop in /tmp/bacula-3.0.2/src/findlib. == Error in /tmp/bacula-3.0.2/src/findlib == ==Entering directory /tmp/bacula-3.0.2/src/filed Compiling verify.c Compiling verify_vol.c Compiling job.c Compiling restore.c Compiling pythonfd.c Compiling status.c Compiling heartbeat.c Compiling filed_conf.c Compiling filed.c Compiling fd_plugins.c Compiling estimate.c Compiling backup.c Compiling authenticate.c Compiling acl.c Compiling accurate.c Compiling xattr.c make: make: don't know how to make ../findlib/libbacfind.la. Stop in /tmp/bacula-3.0.2/src/filed. == Error in /tmp/bacula-3.0.2/src/filed == ==Entering directory /tmp/bacula-3.0.2/src/console make: make: don't know how to make ../lib/libbac.la. Stop in /tmp/bacula-3.0.2/src/console. == Error in /tmp/bacula-3.0.2/src/console == ==Entering directory /tmp/bacula-3.0.2/src/plugins/fd /tmp/bacula-3.0.2/libtool --silent --tag=CXX --mode=compile /usr/bin/g++ -fno-strict-aliasing -fno-exceptions -fno-rtti -g -O2 -Wall -fno-strict-aliasing
Re: 4.6 will be released on October 1st?
On Wed, Aug 12, 2009 at 02:22:44PM +0800, Uwe Dippel wrote: At least, that's what the website says at http://openbsd.org/46.html True or typo? (I'd expect November 1st.) True.
Re: the openbsd mug
This. Was. Awesome. On Sun, Aug 09, 2009 at 07:03:10PM +0930, David Walker wrote: hi, i just ordered my 4.6 preordre from openbsdeurope.com i also got the new mug. is this the same mug that openbsd sell on openbsd.org? will there be a new mug design for each future releases? thanks in advance --robbo Have you checked it? Really tested it? I think you've been had. Do you know what the problem is? There's a handle on the side! A handle! The tray on my cup holder is round. Round! Even those FreeBSD morons know not to put a handle on the side: http://www.cafepress.com.au/FreeBSD_Users.317118537 They can't make an operating system worth spit but at least they get the beverage part right. Frankly they're as dumb as you but you guys are dumber. Way dumber. How can you make release mug with a handle? http://www.openbsd.org/mug.html Idiots. And before any of you lowlifes ask the problem is not my end. I use it the same as any other mug. I've been doing this for a long time (drinking) and the problem is at your end. Nothing is different at my end. Well I got a new tray but that wouldn't ever make any difference. Of course it's a new mug also and I haven't checked the product description but hey that never stopped me calling other people idiots. You guys are a bunch of clowns. You'll never get anywhere. Frankly your ship has got a flat tyre and the lights are on. Yes the lights are ON! It's your fault developers. BrokenBSD. Big hiya to PJ. I'm on your side. http://www.radio-active.net.au/blog/2005/05/beerserver.jpg Best wishes.
Re: Delete packages with dependencies
On Tue, Aug 04, 2009 at 11:11:17AM -0400, Luis Useche wrote: Hello Guys, I was wondering if there is some tool that delete the packages specified along with their deletable dependencies. Deletable means packages that pkg_add added automatically (as dependencies of the installed one) and are not dependency of another package. This will ensure (in most of the cases) that you don't end up with a system with unnecessary packages. I couldn't find in pkg_delete(1) any option that implements the previous semantic. Here's what I do (it's kinda silly): $ /bin/ls -1a /var/db/pkg/ | grep -Ev ^(\.|\.\.)$ plist $ vi plist # remove pkgs I want to KEEP (vim, ...) $ for f in `cat plist`; do sudo pkg_delete $f; done $ for f in `cat plist`; do sudo pkg_delete $f; done $ for f in `cat plist`; do sudo pkg_delete $f; done $ for f in `cat plist`; do sudo pkg_delete $f; done Keep running that until nothing gets removed. It's a hack, but it does what I want. If something in plist is a dependency, it won't get removed. -ME
Re: tmux vs screen questions
On Thu, Jul 16, 2009 at 12:46:44AM +0200, frantisek holop wrote: but i can't seem to be able to send a real ^x to the window. screen's escape command lets me set that if i press ^x x (control-x, followed by a single x) the terminal gets sent a sequence of ^x Add 'bind x send-keys ^x' (without the quotes) -ME
Re: Winbind Samba on OpenBSD
On Wed, Jul 08, 2009 at 11:32:46AM +0100, Edd Barrett wrote: On Tue, Jul 07, 2009 at 10:28:34AM -0400, Jason Beaudoin wrote: Did you have a look at www.kernel-panic.it ? There are some tutorials. yes, there's some helpful info for samba, but I haven't yet seen anything related to winbind.. unless my google foo needs some work. Winbind is a PAM plugin. OpenBSD does not use this mechanism. Winbind depends on the use of nsswitch.conf. I don't know if ypldap can be used to talk to AD? That's its purpose (to be used with LDAP) and Active Directory is a bastardized^wenhanced implementation of LDAP. Along with login-ldap, ypldap should give you the same functionality as winbind, afaik. But, winbind is useful with integrating Windows-based authentication with applications such as squid (but it's been years since I've done that). -ME
Re: balsa not in ports?
A very recent submission (not yet clearly linked) to the OpenBSD website is the ports handbook. You should check it out: http://www.openbsd.org/faq/ports/ I await your submission for the port you'd like. -ME On Tue, Jun 23, 2009 at 12:15:21AM -0400, Eric d'Alibut wrote: On Mon, Jun 22, 2009 at 10:29 PM, Daniel Dickman said, Eric, attached is a starting point if you -- or someone else -- want to finish the work to get balsa ported over. The patches are quick hacks to get it to compile (so you'll need to investigate why it doesn't compile and fix properly) and dependencies need to be set It does compile here, on a stock $ uname -a OpenBSD trollboy.legomenon.org 4.5 GENERIC#1749 i386 system. I should hasten to add that is also _runs_, although my test drive has been hardly down the driveway yet. All this even after I added to the Makefile: --with-gpgme=yes \ --with-ssl \ Libesmtp is another matter. Just as an fyi, I can report that the off-the-shelf tarball of libesmtp-1.0.4 fails to build with: gcc -DHAVE_CONFIG_H -I. -I. -I. -I. -pthread -std=c99 -pedantic -g -O2 -pthread -std=c99 -pedantic -g -O2 -MT headers.lo -MD -MP -MF .deps/headers.Tpo -c headers.c -fPIC -DPIC -o .libs/headers.o headers.c: In function `print_message_id': headers.c:161: error: storage size of `tv' isn't known headers.c:170: warning: implicit declaration of function `gettimeofday' gmake[2]: *** [headers.lo] Error 1 gmake[2]: Leaving directory `/usr/local/src/libesmtp-1.0.4' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/local/src/libesmtp-1.0.4' gmake: *** [all] Error 2 OpenBSD ships with sendmail so the loss of smtp ought not be a deal-breaker, yes? -- No no no, my fish's name is Eric, Eric the fish. He's an halibut. I am not a looney! Why should I be tarred with the epithet looney merely because I have a pet halibut?
Re: ping asking for root privilege.
On Sat, May 23, 2009 at 05:36:30PM -0300, Christiano Farina Haesbaert wrote: I've update my base system and now everytime I ping something it gives me a permission denied, if I run as root, averything is fine. Is it safe to assume that you updated your base system using tar? Did you forget the -p flag for tar? /sbin/ping is an SUID binary. -ME
Re: Help with PKG_PATH=
On Thu, May 14, 2009 at 01:39:13PM -0700, Fortunato wrote: # pwd /root/Desktop # ls -l openbgpd-4.4.1.tgz -rw-r--r-- 1 root wheel 163070 May 13 18:08 openbgpd-4.4.1.tgz # export PKG_PATH=/root/Desktop # pkg_add openbgpd-4.4.1.tgz Can't find openbgpd-4.4.1.tgz /usr/sbin/pkg_add: openbgpd-4.4.1.tgz:Fatal error openbgpd is not a package. It's included in the base operating system (assuming you're running OpenBSD). $ which bgpd /usr/sbin/bgpd -ME
CapBUG OpenBSD 4.5 Release Party in Columbia, MD USA
CapBUG is hosting an OpenBSD 4.5 Release Party at Victoria Gastro Pub [http://www.victoriagastropub.com/] in Columbia, MD USA [http://tinyurl.com/victorias] on Thursday, May 14, 2009 at 6:30 PM EDT. Please join us for a Lagunitas Undercover Investigation Shut-down Ale (or some other beverage). Please RSVP either by replying on the mailing list (or email i...@capbug.org if you are not subscribed). Hope to see you there, -ME
Re: Unable to mount CD/DVD-RW drive in OpenBSD 4.4/i386.
On Thu, Apr 23, 2009 at 12:13:06PM -0700, minsai0...@yahoo.com wrote: /dev/cd0a /mnt/cdrom cd9660 ro,noauto 0 0 Does /mnt/cdrom exist?
Re: BSD User Group in Spain | Grupo de Usuarios de BSD en Espanya.
If you can't get a mailing list set up, I can host a list for you on metabug.org. You can also send meeting information (and other posts) to i...@metabug.org and we'll post them to http://metabug.org/ This goes for anyone who is interested in setting up a BUG but doesn't have the resources for a website/mailing list. -ME On Mon, Apr 20, 2009 at 12:22:50PM -0300, Gonzalo Lionel Rodriguez wrote: http://OpenBSDeros.org ;) 2009/4/20 Gilles Chehade gil...@openbsd.org: On Mon, Apr 20, 2009 at 08:43:30AM +0200, Daniel Andersen wrote: [English] Hello everyone. As an OpenBSD user bordering zealotry (especially during heated discussions) who is living in Spain, I suggest any of us who also live in that country start a BSD User Group. Although I can't really afford to host a website for it at the moment, and local User Groups usually make more sense, I'm all for the creation of a national (or, more correctly, nation-wide) BUG. Contact me (or simply post to this thread) if you would like to discuss the idea. [Spanish] Hola a todos. Como usuario de OpenBSD al borde del fanaticismo (especialmente en discusiones acaloradas/apasionadas) residente en Espanya, sugiero a todos aquellos que tambien vivimos en este pais que fundemos un Grupo de Usuarios de BSD. Aunque en este momento no puedo permitirme alojar una pagina web para el grupo, y en la mayoria de los casos los Grupos de Usuarios _locales_ tienen mas sentido, creo que seria agradable tener un GUB nacional (en el sentido de no especializado en ninguna region en particular). Contacta conmigo (o simplemente escribe a esta thread) si quieres hablar sobre la idea. If you speak both English and Spanish, be amused at my strange translation. Go Sapir-Whorf! Let me know if a spanish BUG gets created, and count me in ;-) Gilles -- Gilles Chehade http://www.poolp.org/~gilles/
Re: I can't download OpenBSD 4.5, 550 /pub/OpenBSD/4.5: Permission denied.
On Thu, Apr 16, 2009 at 10:31:41PM +0200, Juan Jimenez Galdos wrote: Hi. I want download OPenBSD 4.5 but i can't. I try to enter in the directory but it says 550 /pub/OpenBSD/4.5: Permission denied. The others directories work well. Thank you very much. OpenBSD 4.5 will be released on or about May 1.
Re: screen(1) on boot
On Wed, Apr 08, 2009 at 04:58:38PM -0400, Nick Guenther wrote: I'm trying to make my torrents get started with my server. A script is at http://ubuntuforums.org/archive/index.php/t-859543.html that starts it up in a detached screen session, but obviously the linux-ism of that script won't work here. I pulled out the important bits and just to start off wrote this script which I placed in ~/bin/scr: #!/bin/sh TAG=TAG=`date +%H%M%S` sudo -u kousu -H /usr/local/bin/screen -d -m -S $TAG If I run this script as myself or as root (to simulate running as /etc/rc) it works: $ sh bin/scr $ screen -ls There is a screen on: 21423.152001(Detached) 1 Socket in /tmp/uscreens/S-kousu. Try the @reboot entry in your personal crontab. That's how I get my tmux session going. And switch to tmux, it's better. :) -ME
Re: I can't connect to Internet
On Mon, Apr 06, 2009 at 10:01:46PM +0200, Jose P.G wrote: Ok, Internet is working. But i have the same problem. The strange is that i can connect to the ftps when i am installing openbsd4.4, but not when i am doing this. pkg_path is correct so i suppose that i am making an error writing, though all i do is export pkg_path= ftp://ftp.openbsd.org/ub/openbsd/4.4/packages/i386/; and pkg_add gnome2. What could be doing this? Thank you very much. Assuming that you're not copy and pasting and are just typing the URL wrong in your email, try `export PKG_PATH=ftp://...` -ME
Re: Multiple obsd installations on one harddrive
On Fri, Mar 27, 2009 at 12:38:27AM +0100, misc(at)openbsd.org wrote: I have a question regarding openbsd and partitions. I want to have more than one obsd installation on one harddrive. The idea behind that question ist to be able to install a newer release in parallel, chroot into it, compile stuff, install packages etc and boot into that partition when it's done. I want to avoid onside reinstallations (and I don't want to have several old versions of libs, in short, the default patch-way). I don't know if that is a good idea, perhaps there is a much easier way. Here's how I did it: http://erdelynet.com/tech/openbsd/2nd-install-1-disk/
Re: PF Seems To Reload Its Default Rules Unexpectedly
On Mon, Mar 09, 2009 at 08:10:00AM -0700, Dag Richards wrote: Interesting, that is brings up a question for me... what do we do in this case? My ISP seems to be content to give the same ip back over and over again. If they did not is there something I can do besides monitor my $ext_if and reload the rules on ip addr change? ($ext_if)
Re: man windowrc
On Sun, Mar 01, 2009 at 06:29:36PM -0500, punoseva...@gmail.com wrote: Is there are chance that somebody writes a man pages for windowrc? I am finding that launching more than 2 windows in the same console (which is the default number) is quite cumbersome at least comparing to dtwm. I found only one thread about the topic http://archive.openbsd.nu/?ml=openbsd-misca=2008-06m=7658403 on the net which is useful but not a substitute for man pages. Due to the generic nature of the term window have developers thought of changing the name of the console manager from the base. Take a look at tmux in ports/packages. -ME
Re: sftp chroot ?
On Mon, Feb 23, 2009 at 06:19:07PM +0100, Jean-Francois wrote: Hi All, As far as I understand, the sftp service is always running since it is the ssh daemon (maybe one can correct me if I'm wrong). Hence I need to chroot some users to specific directories. I prefer not to use vsftp at present time if this feature is available with sftp of OpenBSD. One can help me ? http://lmgtfy.com/?q=sftp+chroot+openbsd
Re: sftp chroot ?
On Mon, Feb 23, 2009 at 04:21:01PM -0500, Michael W. Lucas wrote: On Mon, Feb 23, 2009 at 07:33:23PM +0100, Jean-Francois wrote: - Is it possible to chrrot only some users ? I don't believe so. You could look at scponly, it can chroot users. It's an add-on shell, not in ports, has not been audited by OpenBSD, etc. YMMV. I am afraid that is I do this then all users will be chrooted and I won't be able to turn this back since I will not have access to /etc. Run a separate sshd instance on a different port, with -p. Test the changes there. Ugh. Bad advice. Please see sshd_config(5) and http://undeadly.org/cgi?action=articlesid=20080220110039 -ME
Re: How to have multiple vlan passing through a bridge, not originate from it and allow to filter on each vlan on the bridge
On Sun, Feb 22, 2009 at 03:23:27AM -0500, Daniel Ouellet wrote:
# cat hostname.dc0
inet 10.0.1.2 255.255.255.0 NONE media 100baseTX mediaopt full-duplex
description Uplink
# cat hostname.dc1
up media 100baseTX mediaopt full-duplex description LAN
# cat bridgename.bridge0
add dc0 add dc1 up
Now, if I try what I think should be logical
ifconfig vlan2 create
ifconfig vlan2 vlandev dc0
ifconfig vlan2 up
brconfig bridge0 add vlan2 up
This is completely untested, but what about this?
# cat /etc/hostname.dc{0,1}
up
up
# cat /etc/hostname.vlan{2,1002}
up vlan 2 vlandev dc0
up vlan 2 vlandev dc1
# cat /etc/bridgename.bridge0
add vlan2 add vlan1002 up
-ME
November December meetings
With the holidays coming up, we should start thinking about scheduling our meetings in November and December to accomodate as many people as possible. So, I propose that we have November's meeting on November 18th. If we can't come up with a topic, maybe we just meet at a bar and do a Beer and BSD. Then, Bret let me know that there's a *chance* that he'll be able to make a meeting in December if we hold it earlier in the month. So, we'll do that. I propose we have a December meeting either December 9 or 16, depending on how late Bret may be in the DC area. Thoughts? Does anyone have any topic ideas for November? December? When I ask for talk ideas, I am looking for either talks for you to give or talks you'd like to see others give. So, if you are interested in something, let me know and maybe Jason or I (or someone else) would be able to give that talk. Also, let us know which of the proposed dates (or better dates) are good for you so that we can get the best turnout. -ME
Re: November December meetings
Ugh. I regret naming the CapBUG mailing list misc@. Sorry for the noise. If you're in the Columbia, Maryland USA area, please feel free to sign up for the mailing list (http://capbug.org/mail/). -ME On Sun, Nov 02, 2008 at 01:29:31PM -0500, Mike Erdely wrote: With the holidays coming up, we should start thinking about scheduling our meetings in November and December to accomodate as many people as possible. So, I propose that we have November's meeting on November 18th. If we can't come up with a topic, maybe we just meet at a bar and do a Beer and BSD. Then, Bret let me know that there's a *chance* that he'll be able to make a meeting in December if we hold it earlier in the month. So, we'll do that. I propose we have a December meeting either December 9 or 16, depending on how late Bret may be in the DC area. Thoughts? Does anyone have any topic ideas for November? December? When I ask for talk ideas, I am looking for either talks for you to give or talks you'd like to see others give. So, if you are interested in something, let me know and maybe Jason or I (or someone else) would be able to give that talk. Also, let us know which of the proposed dates (or better dates) are good for you so that we can get the best turnout. -ME
Re: Trying yaifo 4.3
That is not supported. Set up qemu + openbsd and build it on that It'll take a while, but it should work. -ME On Thu, Sep 25, 2008 at 06:02:51PM -0700, Francisco Valladolid Hdez. wrote: Hi folks Recently I acquired a VIA C3 mobo (mini-itx) and are experimenting with two BSD systems on it, NetBSD and OpenBSD, my two favorite O.S's. I'm reading about the yaifo in the merdely web site, and have a doubt. I trying to compile it from my NetBSD laptop but it require the openbsd sources, it's correctly ? How can build yaifo in another plataform distint from OpenBSD. Anyone can me advice on it ? Best Regards. --- --- ficovh - http://bsdguy.net In the beginning God created the heavens and the earth. Gen. 1:1
Re: nagios check_via_ssh on (chroot) OpenBSD
On Fri, Sep 12, 2008 at 10:26:37PM +0200, Pete Vickers wrote: Does anyone have it running in nagios chroot environment ? I used to. perhaps like the ssh libraries are not needed, but where should the ssh keys be put ? Libraries not needed since it's /usr/local/sbin/nagios that executes the plugin, not httpd. [EMAIL PROTECTED] /grep nagios /etc/passwd _nagios:*:550:550:Nagios user:/var/www/nagios:/sbin/nologin in /var/www/nagios/.ssh/ ? Looks right. Did you try it? TiA, Pete Vickers [EMAIL PROTECTED] | +47 48 17 91 00 SystemNet AS
Re: Possibly OT... allowing daemon mpd to access samba shares
On Thu, Sep 04, 2008 at 11:25:14PM +0200, Antoine Jacoutot wrote: On Thu, 4 Sep 2008, Anathae Townsend wrote: gid 561. Permissions are -rwxrwx---, user _mpd (mpd drops to this user when started by root, is a member of _mpd and samba. If I set permissions on the directory to 777, mpd runs fine. I always saw that behaviour with mpd. I'd be curious if anyone comes up with a solution. I saw this too. I wonder if setgid is failing. I haven't had a chance to look though. -ME
Re: nmeaattach(8) removed in -current, superseeded by ldattach(8)
On Mon, Jun 09, 2008 at 04:52:24PM -0700, James Hartley wrote: For those interested, Marc has more information posted on undeadly.com. Ahem. http://undeadly.org/ Thanks again, Marc! Indeed. :) -ME
Re: Unbound: a validating, recursive, and caching DNS resolver
On Wed, May 21, 2008 at 02:09:23PM -0300, Andr?s wrote: I just read about this project, might be of interest: http://unbound.net/ You forgot a link: http://marc.info/?l=openbsd-portsm=121131428431723w=2
Re: chroot issues with accessing /dev/ entries
On Sat, Apr 26, 2008 at 03:58:25PM +0200, Torsten wrote: # tcpdump tcpdump: Failed to open bpf device for fxp0: Device not configured Is /tmp mounted nodev? Look at mount(8). -ME
Re: chroot issues with accessing /dev/ entries
On Sat, Apr 26, 2008 at 05:51:22PM +0200, Torsten wrote: Is there a way to have devices under that mountpoint? If you mount it without nodev, refer to MAKEDEV(8). -ME
4.3 Celebrations! (Was: Chatting with dev...)
On Wed, Apr 16, 2008 at 09:25:19PM +0200, Floor Terra wrote: As we're already off topic: Why not talk to the developers personally? On the 4.2 release date a small group of OpenBSD users and developers went to a cafe in Amsterdam. You'll get much more information out of a developer after a few beers. ;) If there are people from around Amsterdam who are willing to have a small release party for 4.3 I'll be happy to attend. Last time was fun! Pics: http://brobding.mine.nu/Brobding.mine.nu/Albums/Pages/OpenBSD_4.2.html Following Floor's example, CapBUG (Capital Area BSD User Group, which meets in Columbia, Maryland, USA) will hold its monthly meeting on April 29th at 6:30 PM EST. After our guest speaker gives his presentation, we will hit a nearby pub to hoist a few beers in celebration of the upcoming OpenBSD 4.3 release. A few OpenBSD developers will be on hand (jdixon@, blambert@ and myself) and maybe we can convince millert@ to join us. :) We will have a handful of OpenBSD 4.3 CDs on hand for sale and maybe a giveaway. More information: http://capbug.org/news/april-meeting-zfs-and-dtrace/ Hope to see you there, -ME
Re: remove port
On Sat, Apr 12, 2008 at 09:03:04PM -0700, Anil Saini wrote: how can i completely uninstall port or package from openBSD http://www.openbsd.org/faq/faq15.html#PkgMgmt
Re: OpenBSD + python + cron
On Fri, Mar 14, 2008 at 10:43:31AM -0400, Stuart VanZee wrote:
I have a python script that I have written that uses
the GnuPGInterface module to encrypt and sign some
files. It works great when I run it from a command
prompt but when I set it to run via cron it errors
out. Here is a copy of the traceback:
snip
Stuart,
Try putting this in your crontab:
x y * * * env PATH=${PATH}:/usr/local/sbin:/usr/local/bin
/usr/local/sbin/your.py
The default crontab PATH does not include the local s?bin directories.
-ME
Re: spamd-setup hangup/timeout settings
On Wed, Jan 09, 2008 at 09:59:58AM -0500, Frank Bax wrote: Are there any alternative? /etc/mail/spamd.conf mentions www.de.openbsd.org; but Beck's traplist.gz is not actually mirrored there. You could point to a local copy (/var/db/traplist.gz) in spamd.conf and download it in a separate cron process. -ME
Re: how to create a sha256 hash
On Fri, Jan 04, 2008 at 09:30:36PM -0800, Jon wrote: hi how to create a sha256 value for file in openbsd ? can you please provide the command similar to sha1 foobar or md5 foobar man 1 cksum
FW: Re: how to create package example..
Forgot to CC [EMAIL PROTECTED] - Forwarded message from Mike Erdely [EMAIL PROTECTED] - Date: Sat, 5 Jan 2008 00:55:00 -0500 From: Mike Erdely [EMAIL PROTECTED] Subject: Re: how to create package example.. To: Jon [EMAIL PROTECTED] Download ports.tar.gz. Extract it in /usr. Look at /usr/ports/geo/openbsd-developers. It's a perfect port that doesn't download anything or build anything. It' has a file that's in ./files that gets copied to the fake area and then added to a package. Refer to that port and man 5 bsd.port.mk for the meanings of the variables and Makefile targets (like do-install). It's perfect for what you're looking for and not a hack way to do something in a different way than is designed. -ME On Fri, Jan 04, 2008 at 09:24:03PM -0800, Jon wrote: Not doing any thing strange.. just want to create a binary (foobar) and create a package so I can add it.** Why I want to do that is not the question. I know I can tar the install location with +CONTENT and +DESC etc.. and get done with it.. I would like to know how to use pkg_create or the ports for a sw that is not current ports directory. I have tried using the ports and working with an example, and it seems like it is beyond my understanding. It works with what ever is in the ports, but I can't seem to replicate it All I need is a ** screen dump ** of a creating a package for a software dist that is not in the default ports. Can some one help provide that examples - with out pointing out a rtfm / source code for a bsd.mk etc.. I have tried and can't seem to understand - so please do put a command of pkg_create with dummy variables.. many thanks.. On Jan 3, 2008 3:52 PM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2008/01/03 15:04, Jon wrote: I understand the value and usefulness and the reccomendation of Ports.. This is for my own software. I have also searched the net for examples and can't find any. You'd have to be doing something _very_ strange for there to be any advantage in not just making your own port and typing make package, the tgz file will then appear in /usr/ports/$ARCH/all. You don't have to distribute that port at all. It doesn't even have to build the software, just unpacking a tar file would be perfectly ok (like the Opera and Acrobat ports do). (Note that even these PERMIT_*=no ports still build a package locally. EVERY installation from the ports tree is done by building a package and using pkg_add). If you still really must, all OpenBSD packages are produced using the ports tree, so you can find several thousand examples there. Pick something, make fake then make -n _internal-package-only to see how pkg_create is called. If you want more than this, well, you know where to find the source :-) - End forwarded message -
Re: ssh client in bsd.rd
On Fri, Dec 21, 2007 at 07:50:03AM -0800, Ray Percival wrote: On Dec 21, 2007, at 7:34, Lars NoodC)n [EMAIL PROTECTED] wrote: The RAM-disk kernel (bsd.rd) seems to be missing an SSH client. Presumably that's been left out on purpose. Is there any reason beside size that it is not included? Ask google about yaifo. yaifo doesn't include an ssh client. -ME
Re: when was a pkg installed !!!
On Wed, Nov 07, 2007 at 11:43:14PM -0500, Jeremy Huiskamp wrote: You could hack pkg_add to write a log msg every time it completes an installation and just refer to the log for timestamps. If you're going to go through that much trouble, keep server change logs. It's a good practice anyway. -ME
Re: OBSD on MacBook
On Sun, Nov 04, 2007 at 10:46:28PM +0800, Koh Choon Lin wrote: Hi everyone! Anyone has a success story on installing OBSD on MacBook or MB Pro? I have two MacBook Pros (one for work and my personal laptop). Both are dual booting OpenBSD (one i386 and one amd64). X only works with the VESA driver at 1024x768 (yuck). Sound works great (thanks to deanna@). Suspend doesn't work. Wireless doesn't work. But... it's *fast*. -ME
Re: Call for Papers AsiaBSDCon 2008
On Wed, Oct 10, 2007 at 12:04:05PM +0530, Siju George wrote: http://2008.asiabsdcon.org/ Could somebody publish this in Undeadly too please? Siju: http://undeadly.org/cgi?action=submit -ME
Re: Instant Messenger (CLI-based multi-protocol)
On Sat, Sep 22, 2007 at 08:05:57PM -0500, Sean Darby wrote: Is there a better program out there somewhere that is CLI-based for using chat with Yahoo, AIM, MSN, ICQ, IRC, and Jabber? I'm using irssi (irc client) with bitlbee (IM to IRC gateway). I'm VERY happy with it. -ME
Re: Shutdown script (derived from Simple startup daemon's on boot question?)
On Wed, Sep 19, 2007 at 04:25:49PM +0300, Tomas wrote: And can I ask how do you do it? Because I don't want to write my mysql password in rc.shutdown script. Try: /usr/local/share/mysql/mysql.server stop
Re: another spamd-setup question
On Wed, Sep 19, 2007 at 06:16:32PM -0400, Juan Miscaro wrote: I tried it but whenever I include the larger 'uatraps' I get: pfctl: Cannot allocate memory. I have plenty of free memory and cpu. Not sure why it's breaking up. man pf.conf(5). look for table-entries -ME
Re: maybe OT 3 year anniversay of Chuck Yerkes death
On Mon, Aug 27, 2007 at 01:08:25PM -0600, ACP wrote: Just wanted to remember you Chuck, take it easy wherever you are. We'll hoist a few in his honor at the CapBUG meeting tonight. If you're in the MD/DC area and can join us, please do. http://capbug.org/ -ME
Re: pkg_add can't install a package
On Fri, Aug 17, 2007 at 11:48:34AM +0300, Tomas wrote: 1. export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386 I know your question has been answered, so I'll just say: use a mirror. http://www.openbsd.org/ftp.html -ME
Re: Newbie: what to do with disk enumeration?
On Sun, Aug 12, 2007 at 05:34:37PM +0300, Pekka Niiranen wrote: Can't open /dev/rwd1a: Device not configured Enter pathname of shell or RETURN for sh: Since you're getting the kernel to load, it sounds to me that all you have to do is fix your fstab. -ME
Re: Newbie: what to do with disk enumeration?
On Sun, Aug 12, 2007 at 12:17:53PM -0400, Mike Erdely wrote: On Sun, Aug 12, 2007 at 05:34:37PM +0300, Pekka Niiranen wrote: Can't open /dev/rwd1a: Device not configured Enter pathname of shell or RETURN for sh: Since you're getting the kernel to load, it sounds to me that all you have to do is fix your fstab. I left off a helpful piece of info... (since / won't mount): Reboot and type: bsd.rd at the boot prompt (you did install that file, right?). Then, manually mount your / partition to /mnt and fix /mnt/etc/fstab. You could run: sed -e 's#/dev/wd1#/dev/wd2#' /mnt/etc/fstab /tmp/fstab Then: cp /tmp/fstab /mnt/etc/fstab -ME
Re: sendmail SMTP auth
On Thu, Aug 09, 2007 at 12:32:10PM -0400, Paolo Supino wrote: I want to add SMTP auth to sendmail. Will it be easier for me to try and add the support to the source shipped by OpenBSD or to the source that I will download from sendmail.org? Other suggestions on setting up a mail server with SMTP auth are welcome. 1. Put 'WANT_SMTPAUTH=1' in your /etc/mk.conf file. 2. Extract src.tar.gz to /usr/src. 3. Rebuild sendmail. -ME
Re: Laptop death...
On Wed, Aug 01, 2007 at 06:57:53PM +0100, The King of Norway wrote: Apologies for reviving an old post. If anyone is interested, there's a discussion on this topic at the OpenBSD Journal. http://undeadly.org/cgi?action=articlesid=20070727210751 Thanks for all of the donations! We've gotten enough to get a laptop: http://undeadly.org/cgi?action=articlesid=20070727210751mode=expanded -ME
Re: Publishing your spamtraps list, is that a wise move?
On Thu, Jul 05, 2007 at 11:07:55AM +0200, Peter N. M. Hansteen wrote: Now I wonder if it would be a good idea to put that list of spamtrap addresses on a web page for the address slurpers to find and use, so I can detect spam senders early and either treat them to 24 hours at the time in the tar pit or have them move on to the next target. The only downside to this that I can see is that occasionally somebody naive and innocent sending backscatter (bounces of undeliverable spam) would be tarpitted for a while. I've done exactly this. I made the page about grey trapping so it should be clear to even the most dum^H^H^Hnaive sender. http://erdelynet.com/tech/grey-trapping/ -ME
Re: Publishing your spamtraps list, is that a wise move?
On Thu, Jul 05, 2007 at 08:35:00AM -0700, Darrin Chandler wrote: I thought about this a while back, and I found a weakness. Now, I haven't seen this used, but it's trivially possible. Here's the deal: You publish spamtrap addresses, and of course you make them easily recognizable as such so you don't trap real people. Spammers spend a very small amount of effort and harvest spamtrap addresses *on purpose* and use them as sender addresses (joe job). The result being, of course, that you blacklist significant valid portions of the internet. Am I wrong here? That should significantly cut down on spam! I think spamtrap addresses only cause blacklisting when they're the recipient. Now, a DOS attack _could_ be to log into legitimate ISPs like Yahoo, Gmail, MSN, AOL, ... and flood your server with messages to your Spam Trap addresses. If you're not specifically whitelisting those addresses (with a no rdr rule or something), then you'll be blacklisting legitimate senders. I think there's too much work involved in doing that. But I've been wrong before. Correct me if I'm wrong (or don't get your scenario). -ME
Re: openvpn on openbsd 4.1
On Mon, Jul 02, 2007 at 07:19:23PM +0700, sonjaya wrote: i have installed openvpn from ports dan i try follow manual like this : # pwd /etc/openvpn/easy-rsa/2.0 # ./vars NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys # ./clean-all # ./build-ca Please edit the vars script to reflect your configuration, then source it with source ./vars. Next, to start with a fresh PKI configuration and to delete any previous certificates and keys, run ./clean-all. Finally, you can run this tool (pkitool) to build certificates/keys. # where is wrong ? Try running . ./vars so that the vars get read into your environment. -ME
Re: can not install binaries with pkg_add
On Mon, Jul 02, 2007 at 10:53:44AM -0400, Alden Pierre wrote: Interestingly enough when I attempt to do 'ls -la /var/tmp/' the only file that's there is a vi.recovery directory. The beauty of this is when ever I try to retype 'pkg_add -i screen', the file is always something different. Do you have write access to /var/tmp? -ME
Re: c2k7 hackathon is over
On Sat, Jun 02, 2007 at 04:05:27PM -0700, Darren Spruell wrote: On 6/2/07, Theo de Raadt [EMAIL PROTECTED] wrote: The c2k7 hackathon is over, with roughly 50 developers attending the event for 10 days in Calgary. So many projects were started or finished, it is basically impossible for me to describe all the projects. I elect merdely to fill in all the holes on Undeadly. :) Ha! I could barely keep up with the new ports commits. I started having to just delete the src commits without reading them. I'm looking forward to reading someone else's summaries. Hope you guys out there enjoy the changes that we've made. I'm sure many will. I've enjoyed reading the commit messages, particularly in areas of increased pf performance. Killer work. I tried to keep up with the commit messages myself, but my work to freetime ratio didn't allow it. From the commit messages I did read, I can't wait for 4.2! You know, Darren, you can submit your own recap of the hackathon commits and dwc would be happy to commit them! -ME
Re: NAT with PF
On Wed, May 16, 2007 at 09:55:13AM -0700, BradenM - Sonoma Computer wrote: The NAT rule is as such: pfctl -sn nat on rl0 inet from 192.168.0.0/24 to 192.168.0.1 - 64.142.102.8 Try: nat on rl0 inet from 192.168.0.0/24 to any - 64.142.102.8 -ME
Re: OpenBSD 4.1 Torrents
On Wed, May 02, 2007 at 08:07:10PM -0400, Clint M. Sand wrote: On Tue, May 01, 2007 at 02:33:50PM -0700, andrew fresh wrote: http://openbsd.somedomain.net/index.php?version=4.1 Just out of curiosity... Is it logical to use an OS for the intense focus on security and correctness, yet download the binaries from a random person on a mailing list instead of any official source with reasonable file integrity checking process in place? Seems odd that people would use OpenBSD because they trust the code, yet download the binaries from random torrents on the internet. man 1 cksum ftp://ftp5.usa.openbsd.org/pub/OpenBSD/4.1/i386/CKSUM FWIW: I know Andrew and he's trustworthy. But am I? :) -ME
Re: 4.1 and Macbook Pro
On Tue, May 01, 2007 at 09:20:35PM +0200, Otto Moerbeek wrote: Huh? How is the OP supposed to get an install if the cd41.iso isn't working? To get around this problem, I installed using 4.0 and threw bsd.rd from 4.1 onto a CDR. After installing 4.0, I copied the bsd.rd from the CDR to /bsd. Then I ran config -ef /bsd and enabled acpi. Rebooting and installing 4.1 worked fine. Note: by 4.1, I mean a snapshot. I haven't gotten my CDs yet. :) -ME
Re: NFS mount by non-root
On Thu, Apr 26, 2007 at 03:33:47AM +, Douglas Maus wrote: Is it possible for users (non-root) to mount NFS exports? From mount_nfs(8): HISTORY The -P flag historically informed the kernel to use a reserved port when communicating with clients. In OpenBSD, a reserved port is always used. This means to me that you will always have to be root to use mount_nfs. Unless I'm missing something. -ME
Re: PHP mail() function + postFix + OpenBSD
In response to Greg, James Turner wrote: First make sure mini_sendmail is located in /var/www/bin. Second add or edit the sendmail_path in your php.ini and restart apache. Make it look something like this: sendmail_path = /bin/mini_sendmail -t [EMAIL PROTECTED] where [EMAIL PROTECTED] is the address you want the mail to come from. Hope this helps. Does php still require a shell to launch femail or mini_sendmail? This has been discussed in the archives, Greg. -ME
Re: 4.1 packages on the ftp sites
On Tue, Apr 24, 2007 at 12:37:52AM +0200, frantisek holop wrote: i can't think of any serious reason, could you help out a bit? getting dangerously close to whining, i really think you are punishing pre-orderers here. the faq says prefer binary packages. i'd really like to. What part of OpenBSD 4.1 will be released on May 1, do you not understand? -ME
Re: Sending mail from rc.local
On Sun, Apr 15, 2007 at 10:00:38PM +0200, Ivo van der Sangen wrote: I am trying to send mail from rc.local to inform users about reboots. I wrote a script /root/reboot_notification containing the following: #!/bin/sh for user in `/bin/cat /root/reboot_notification_users`; do echo $SERVER has rebooted at `/bin/date` | /usr/bin/mail -s $server reboot $user done I do something somewhat similar. Look for @reboot in crontab(5). -ME
Re: force password changes
On Thu, Apr 12, 2007 at 02:06:24PM -0700, John N. Brahy wrote: What's the best way to force users to change their passwords? Either tell them very forcefully or: man login.conf(5) -ME
Re: bcw(4) is gone
On Wed, Apr 11, 2007 at 08:20:51PM +0200, Timo Schoeler wrote: On Wed, 11 Apr 2007 20:08:44 +0200 Marc Balmer wrote: [X] -- communism isn't as bad as the GPL ;) [X] marco is a communist no; if so, he's as good as communist as George W. Bush as president. WTF! What the hell does GPL, communism or GWB have to do with OpenBSD? Let this thread die. -ME
Re: safe PF start / restart
On Wed, Apr 11, 2007 at 02:44:10PM -0400, Jeff Quast wrote: On 4/11/07, christian johansson [EMAIL PROTECTED] wrote: feature in shorewall - safe restart. Is there a ready made script accomplishing this for openbsd / pf? Or any plans of building such functionality? I've done this with pf. I used at(1) like anybody would. You can load a new rule using pfctl -f /etc/pf.conf/new, with an at(1) job to load /etc/pf.conf at 60 seconds. If you want some fancy prompt, wrap it with /bin/sh. Personaly I'd hate to see this as an actual 'feature' anywhere. If everything this trivial was implemented into pfctl I would stop reading manuals top to bottom. You should look at the command prompt like a live programming enviroment. I recommend reading The UNIX Programming Environment by Brian W. Kernighan and Rob Pike. Once you have a working ruleset, most changes shouldn't be enough to effect YOUR connectivity to the firewall. After running $EDITOR to change your ruleset, run 'pfctl -nvf /etc/pf.conf' to make sure the output matches your expectations before running 'pfctl -f /etc/pf.conf'. -ME
Re: where to download IOBSD iso?
On Mon, Apr 02, 2007 at 01:44:02AM +0300, Soner Tari wrote:
I'm especially amazed that you guys have really paid for the
iobsd.org domain name just to crack a joke on April fool's day :).
To quell this discussion before it starts, the OpenBSD team did not
pay for the domain. An individual (jdixon) did. So, no trolling about
mis-spending OpenBSD funds ('cause that would be stupid).
-ME
Re: Apple hardware support?
Otto Moerbeek wrote: On Thu, 29 Mar 2007, Tasmanian Devil wrote: The i386 GENERIC.MP kernel runs fine on Intel Macs. You just need to enable ACPI with config -ef bsd.mp (or on the boot prompt). This is not true. At least it has been reported that the MacBook Pro with Core Due 2 processor does not run. Tas is right. I have my MacBook Pro Core 2 Duo dual booting with OS X and OpenBSD (snap around 3/10). I _think_ my installation process was this (since I didn't do make release with -current): 1. Install 4.0 from the CD. 2. Copy an ACPI-enabled bsd.rd to a CDROM, boot to OpenBSD and copy to the hard drive. 3. Reboot and boot to bsd.rd and install the snapshot using FTP. Note: Wifi did not work. Video used VESA driver. I didn't test much else. Next time I get a chance, I'll send a dmesg to [EMAIL PROTECTED] BTW, you can install OpenBSD on a BootCamp partition. After creating the Bootcamp partition using the wizard, boot using the OpenBSD CD, and in the fdisk step in the installer, set the partition type to A6, make it active and update the MBR. I did this. -ME
Re: login_ldap
Joachim Schipper wrote:
On Tue, Mar 27, 2007 at 04:49:05PM -0400, Mike Erdely wrote:
I'm trying to get login_ldap to work with cvs pserver (run out of inetd).
I think you are misunderstanding some things, or doing something that
doesn't work; however, since I've never tried to set up a pserver, you'd
best check what I'm going to say next.
I tried to give as much info as I could...
First, read login.conf(5), and note that just adding the above isn't
going to help any. You must define a new login class, at least, and
change master.passwd(5) to make sure the appropriate user has your newly
defined login class (the value of 'appropriate' depends on whether or
not the stuff below is correct...).
I did read login.conf(5) and I must have missed something. But, I think
you're not understanding how this stuff works:
1. I installed the login_ldap package.
2. I added a ldap section to login.conf
3. I configured my users to be part of the ldap class (using vipw).
Users have no local password set.
4. I tested using CVS over SSH and it works as expected.
5. I tried using pserver and cannot authenticate.
6. I set a local password that is different from my ldap password (ssh
still uses ldap. sudo still uses ldap).
7. I tried pserver and was able to authenticate with the local password
but not ldap's password.
I had previously had a similar problem with ftp until I made this change
to login.conf:
- auth-ftp-defaults:auth-ftp=password:
+ auth-ftp-defaults:auth-ftp=-ldap:
Then, you should have whatever daemon your users use to connect with the
usual BSD login mechanism (which might be called bsdauth, or whatever).
I don't believe GNU CVS does that, and OpenCVS doesn't do authentication
at all. Your best bet is probably setting up ssh; sshd uses the BSD
authentication routines by default.
You would think that the daemon would use the usual BSD login
mechanism but ftpd doesn't. And pserver running out of inetd doesn't
either. I don't know if the fact that I'm using inetd for pserver has
any bearing on this issue, but I thought giving all information would be
helpful.
I know my best bet is using ssh. I'd much rather use ssh. But you
can't always do what you want. Some of my 50 developers are using COTS
development tools that ONLY know pserver. They don't like it either,
but it's required for the project they're working on. So, while pserver
sucks, it's necessary in this case.
However, unless I am sorely mistaken, by this point, there's no need to
set up inetd and what you have is a CVS repository, but *not* a pserver.
What I've decided to do since I can't make this work ('cause I'm an
idiot) and pserver is insecure and sucks, I'm going to set local
passwords for users that require pserver that are different from their
LDAP password. That way, their LDAP password won't go in the clear.
Thanks for you input.
-ME
Re: login_ldap
Vijay Sankar wrote: I use login_ldap but don't have any experience with cvs pserver. Just in case it has any relevance or triggers some other solution . . . 1) Are you using LDAPv2 or LDAPv3? If you are using v3, you may want to try v2. I'm using the default in login.conf for login_ldap, which is to use v3. 2) What does /var/log/ldap.log say about authentication attempts? I assume this would be on an OpenLDAP server and not the CVS/login_ldap client. I'm using blush / MS AD as the LDAP server. Remember, ssh, cvs over ssh and sudo work great with my login.conf ldap user class. It feels like pserver is not respecting that authentication method. Vijay !DSPAM:1,460aa359109502517112723!
login_ldap
I'm trying to get login_ldap to work with cvs pserver (run out of inetd). Regular SSH logins work fine. I know to make ftpd work with login_ldap, you have to make the following change in login.conf: - auth-ftp-defaults:auth-ftp=password: + auth-ftp-defaults:auth-ftp=-ldap: For trying to make pserver work, I _tried_ adding auth-pserver-defaults:auth-pserver=-ldap: to login.conf and :tc=auth-pserver-defaults:\ to the default section in login.conf. I still can't login to pserver with my LDAP password. If I change my local password from no password to some password, I can login so pserver is working. Anyone know how to make pserver work with login_ldap? Thanks. -ME
Re: Two indentical timed cronjobs, one gets ignored
On Tue, Mar 20, 2007 at 03:44:05AM +0100, Han Boetes wrote: I just had two cronjobs which were set on the same time and the first match was executed and the second was ignored. Does /var/cron/log say anything? Of course this is not entirely enexpected but is this considered a bug or something which would be nice to be mentioned in the manpage as a caveat? I have many jobs that run at the same time. -ME
Re: OpenBSD 4.1 Pre-Orders...
Darrin Chandler wrote: Have you got yours yet?! Of course! And a shirt (the polo). And a book (to help Jacek). And some cash (to help Theo). http://undeadly.org/cgi?action=articlesid=20070312181549 -ME
Re: Spamassassin overwrites manual of OpenBSD spamd
Guido Tschakert wrote: The first and the last entry are both spamd (8), but spamassassin from ports has overwritten /usr/local/man/man8/spamd.8 from the system (which I am looking for) The man page for OpenBSD's spamd is not in /usr/local. On my system, SpamAssassin's spamd is (1) not (8). For OpenBSD's spamd: man 8 spamd For SpamAssassin: man 1 spamd That spamd (8) in /usr/local must be from something else: $ apropos spamd spamd (8) - spam deferral daemon spamd-setup (8) - parse and load file of spammer addresses spamd.conf (5) - configuration file read by spamd-setup(8) for spamd(8) spamdb (8) - spamd database tool spamlogd (8) - spamd whitelist updating daemon Mail::SpamAssassin::Client (3p) - Client for spamd Protocol spamc (1) - client for spamd spamd (1) - daemonized version of spamassassin $ -ME
Re: Adding /dev/sd5?
Jeff Ross wrote: Any gotchas on adding the other sd device? Should this be something that is added to MAKEDEV? While there is no real sd5 on my machine and I didn't check beforehand to see if sd5 existed, this worked for me: cd /dev; ./MAKEDEV sd5 -ME
Re: hosts file and caching name server
Daniel Polak wrote: Is it possible to have bind consult the hosts file (or an equivalent) before querying DNS? I've used dnsspoof from the dsniff package for something similar before. I didn't spend too much time looking, but it seems that dnsmasq does what you want. (http://www.thekelleys.org.uk/dnsmasq/doc.html) It's also in packages. -ME
Re: OpenBSD under Parallels Desktop
Christopher Snell wrote: Has anybody been able to run OpenBSD 4.0 or newer under Parallels Desktop? Booting the 3.9 media works just fine and I am able to install the OS. Booting 4.0 (or newer snapshots) media results in a lock-up of the VM at the (I)nstall/(U)pgrade prompt. I'd post a dmesg(1) but I'm unable to select text in the VM. I'm running the latest build (3120) of Parallels Desktop under Mac OS X 10.4.8. 4.0 works fine for me. The snap with kernel #1341 works fine for me. Newer snaps do not. It _might_ have something to do with jcs@'s new keyboard code: http://undeadly.org/cgi?action=articlesid=20070112100204 I emailed him a dmesg along with some info about what works and what doesn't. The next thing to try is an manual upgrade by CVS source to -CURRENT, I suppose... If I'm right, that shouldn't help. It'd be a good test to see if it's the installer or the keyboard code in the kernel. -ME
Re: Sony VAIO needed
Didier Wiroth wrote: Marco Peereboom wrote: I am taking paypal donations on [EMAIL PROTECTED] for a new or used laptop. I'm in, come on guys !!! +$100 Let's get this laptop! Kind regards, Didier -ME
Re: p5-MIME-tools-5.420.tgz
sausted wrote: I am trying to install p5-MIME-tools-5.420 using pkg_add but I keep getting the following error: p5-MIME-tools-5.420:Can't find p5-Convert-BinHex-1.119 /usr/sbin/pkg_add: p5-Convert-BinHex-1.119:Fatal error I am new to OpenBSD...could someone help me? You have to build the port yourself. No acceptable license. From the Makefile: PERMIT_PACKAGE_CDROM= no license PERMIT_PACKAGE_FTP= no license PERMIT_DISTFILES_CDROM= no license PERMIT_DISTFILES_FTP= Yes -ME
Re: p5-MIME-tools-5.420.tgz
Scott Austed wrote: On 1/17/07, *Mike Erdely* wrote: You have to build the port yourself. Could you point me in the right direction on how I can do this? See: http://www.openbsd.org/faq/faq15.html # Extract the ports tree. # cd /usr/ports/converters/p5-Convert-BinHex # make install Then pkg_add p5-MIME-tools-5.420 will work. -ME
Re: openbsd 4.0 installation: kernel hangup
Michel Hubert wrote: Get stuck on the same place on IBM x335 using Adaptec 2100S RAID controller when installing 4.0. Worked well on OpenBSD 3.7 Is that controler still supported? Working for me... OpenBSD 4.0 (GENERIC.MP) #1: Thu Nov 16 18:35:23 EST 2006 [EMAIL PROTECTED]:/home/binpatch/work-binpatch-4.0/src/sys/arch/i386/compile/GENERIC.MP cpu0: AMD Athlon(tm) MP 2400+ (AuthenticAMD 686-class, 256KB L2 cache) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 1073246208 (1048092K) avail mem = 970956800 (948200K) using 4256 buffers containing 53764096 bytes (52504K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(03) BIOS, date 08/01/03, BIOS32 rev. 0 @ 0xfb100, SMBIOS rev. 2.2 @ 0xf0800 (44 entries) bios0: MICRO-STAR INTERNATIONAL CO., LTD MS-6501 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdf94 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdec0/208 (11 entries) pcibios0: PCI Exclusive IRQs: 5 11 pcibios0: PCI Interrupt Router at 000:07:0 (AMD 768 Power rev 0x00) pcibios0: PCI bus #3 is the last bus bios0: ROM list: 0xc/0xf400 0xd/0x6000! 0xd6000/0x1800 mainbus0: Intel MP Specification (Version 1.4) (OEM0 PROD) cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266 MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) MP 2400+ (AuthenticAMD 686-class, 256KB L2 cache) 2.01 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV mainbus0: bus 0 is type PCI mainbus0: bus 1 is type PCI mainbus0: bus 2 is type PCI mainbus0: bus 3 is type PCI mainbus0: bus 4 is type ISA ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 AMD 762 PCI rev 0x20 ppb0 at pci0 dev 1 function 0 AMD 762 PCI-PCI rev 0x00 pci1 at ppb0 bus 1 pcib0 at pci0 dev 7 function 0 AMD 768 ISA rev 0x05 pciide0 at pci0 dev 7 function 1 AMD 768 IDE rev 0x04: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: LITEON, CD-ROM LTN526S, YS0N SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) amdpm0 at pci0 dev 7 function 3 AMD 768 Power rev 0x03: rng active iic0 at amdpm0 auich0 at pci0 dev 7 function 5 AMD 768 AC97 rev 0x03: apic 2 int 17 (irq 11), AMD768 AC97 ac97: codec id 0x414c4710 (Avance Logic ALC200) ac97: codec features headphone, 18 bit DAC, 18 bit ADC, Realtek 3D audio0 at auich0 vga1 at pci0 dev 8 function 0 NVIDIA GeForce FX 5200 rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ppb1 at pci0 dev 9 function 0 DPT PCI-PCI rev 0x02 pci2 at ppb1 bus 2 iop0 at pci0 dev 9 function 1 DPT SmartRAID (I2O) rev 0x02: I2O adapter ADAPTEC 2100S iop0: interrupting at apic 2 int 17 (irq 11) ppb2 at pci0 dev 16 function 0 AMD 768 PCI-PCI rev 0x05 pci3 at ppb2 bus 3 ohci0 at pci3 dev 0 function 0 AMD 768 USB rev 0x07: apic 2 int 19 (irq 11), version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: AMD OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 4 ports with 4 removable, self powered fxp0 at pci3 dev 9 function 0 Intel 8255x rev 0x10, i82551: apic 2 int 17 (irq 11), address 00:0c:76:7f:78:46 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port 0x290/8: W83627HF npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask 0 netmask 0 ttymask 0 ioapic0: pin 17 shares different IPL interrupts (40..90), degraded performance pctr: user-level cycle counter enabled mtrr: Pentium Pro MTRR support apm0: disconnected iop0: configuring... ioprbs0 at iop0 tid 525: ADAPTEC, RAID-1, 370F direct access, fixed scsibus1 at ioprbs0: 1 targets sd0 at scsibus1 targ 0 lun 0: I2O, Container #00, SCSI2 0/direct fixed sd0: 35003MB, 35003 cyl, 64 head, 32 sec, 512 bytes/sec, 71686144 sec total ioprbs1 at iop0 tid 526: ADAPTEC, RAID-5, 370F direct access, fixed scsibus2 at ioprbs1: 1 targets sd1 at scsibus2 targ 0 lun 0: I2O, Container #00, SCSI2 0/direct fixed sd1: 858306MB, 858306 cyl, 64 head, 32 sec, 512 bytes/sec, 1757810688 sec total iopsp0 at iop0 tid 8: SCSI port
OpenBSD User Groups
We're listed on http://www.openbsd.org/groups.html. I've submitted entries for FreeBSD and NetBSD too. -ME
Re: OpenBSD User Groups
Maryland BSD User Group: http://mdbug.org/ If you're in the Maryland, DC, Northern VA area, please join our mailing list (http://mdbug.org/mail/). We're planning a meeting (probably) in Bethesda for Wednesday, January 31 at around 6:30. More details will be posted at http://mdbug.org/. -ME Mike Erdely wrote: We're listed on http://www.openbsd.org/groups.html. I've submitted entries for FreeBSD and NetBSD too. -ME
Re: php mail() function fails
noob lenoobie wrote: My problem is the following : I'm unable to send mail from php. Problem is with the Apache chroot. I've used http://phpmailer.sourceforge.net/ successfully. -ME
Re: php mail() function fails
Robert Nagy wrote: On (12/01/07 03:28), Mike Erdely wrote: noob lenoobie wrote: My problem is the following : I'm unable to send mail from php. Problem is with the Apache chroot. I've used http://phpmailer.sourceforge.net/ successfully. What about using some stuff that we have in the ports system? Like mini_sendmail? I can't remember why I chose not to use mini_sendmail. I tried it and didn't like something about it. -ME
[Fwd: Re: php mail() function fails]
Now I remember why I chose to go with something else! Original Message Subject: Re: php mail() function fails Date: Fri, 12 Jan 2007 15:59:23 + From: Ste Jones [EMAIL PROTECTED] To: misc@openbsd.org Just out of interest does femail need a sh in the chroot like mini_sendmail?
