no output from zathura

2022-04-18 Thread Shadrock Uhuru

Hi everyone
i have zathura zathura-ps zathura-pdf-mupdf installed,
i run zathura from the command line with zathura file.pdf which opens zathura 
with nothing
displayed,
the shell that i run zathura from displays the following

zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_ctx_new_imp'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 'jbig2_data_in'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_make_global_ctx'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_global_ctx_free'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_complete_page'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_page_out'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_release_page'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'jbig2_ctx_free'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_set_default_decoder_parameters'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_create_decompress'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_set_info_handler'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_set_warning_handler'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_set_error_handler'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_setup_decoder'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_default_create'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_set_read_function'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_set_skip_function'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_set_seek_function'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_set_user_data'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_set_user_data_length'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_read_header'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 'opj_decode'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_stream_destroy'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_destroy_codec'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'opj_image_destroy'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'gumbo_parse_with_options'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'gumbo_destroy_output'
zathura:/usr/local/lib/zathura/libpdf-mupdf.so: undefined symbol 
'gumbo_normalized_tagname'
error: Could not load plugin '/usr/local/lib/zathura/libpdf-mupdf.so' (Cannot 
load specified object).
error: Could not determine file type.

---

this error appears if i try to open a pdf or ps file,
i managed to open one out of about ten ps files i tried,
is this a known problem or something i'm not doing right ?

shadrock



tldextract ?

2022-03-09 Thread Shadrock Uhuru

hi everyone
i use qutebrowser to surf the web
i added the qute-pass userscript which needs tldextract,
there's no tldextract package i can find in openbsd so i installed 
py3-tld-0.9.3p4
qutebrowser still errors when i try i use qute-pass,
the process report shows the following :-

Process 65554: /home/shadrock/.config/qutebrowser/userscripts/qute-pass
Info
Command 
/home/shadrock/.config/qutebrowser/userscripts/qute-pass
Status  Userscript exited with status 1.
Standard output
No output.
Standard error
Traceback (most recent call last):
  File "/home/shadrock/.config/qutebrowser/userscripts/qute-pass", line
  63, in 
  import tldextract
  ModuleNotFoundError: No module named 'tldextract'

any help would be appreciated.
thanks
shadrock



Re: raspberry pi 3b+ how to boot with hdmi

2022-01-08 Thread Shadrock Uhuru




From: Marcus MERIGHI 
To: openbsd 
Date: Sat, 1 Jan 2022 08:42:27 +0100
Subject: Re: raspberry pi 3b+ how to boot with hdmi

Good morning 2022,

niyal...@gmail.com (Shadrock Uhuru), 2021.01.01 (Sat) 05:54 (CET):

> From: Stuart Henderson 
> To: misc@openbsd.org
> Date: Tue, 28 Dec 2021 12:55:27 - (UTC)
> Subject: Re: raspberry pi 3b+ how to boot with hdmi

> > On 2021-12-28, Shadrock Uhuru  wrote:
> > i have successfully installed the latest snapshot onto a rpi3b+
> > using a serial cable,
> > after rebooting still with the serial cable everything startup
> > fine,
> > when i try to reboot with a hdmi monitor connected
> > i get a few line at startup then the screen goes blank,
> > what configuration do i change to make the hdmi monitor the
> > primary
> > display when booting ?

> See the text around "To use video output on the framebuffer instead"
> in the INSTALL.arm64 file distributed with the install sets.

i now have output on the hdmi monitor,
one thing that i've noticed is the boot up information
stops after displaying the date and doesn't proceed to the login
prompt,
i can ping and ssh into the pi but no login prompt,


It might need something like this in /etc/ttys:

ttyC0   "/usr/libexec/getty std.9600"   vt220   on  secure

See ttys(5)!

Marcus


Hi Marcus
your suggestion solved the problem,

many thanks 
shadrock




Re: raspberry pi 3b+ how to boot with hdmi

2021-12-31 Thread Shadrock Uhuru




From: Stuart Henderson 
To: misc@openbsd.org
Date: Tue, 28 Dec 2021 12:55:27 - (UTC)
Subject: Re: raspberry pi 3b+ how to boot with hdmi



> On 2021-12-28, Shadrock Uhuru  wrote:
> hi everyone
> i have successfully installed the latest snapshot onto a rpi3b+
> using a serial cable,
> after rebooting still with the serial cable everything startup fine,
> when i try to reboot with a hdmi monitor connected
> i get a few line at startup then the screen goes blank,
> what configuration do i change to make the hdmi monitor the primary
> display when booting ?



See the text around "To use video output on the framebuffer instead"
in the INSTALL.arm64 file distributed with the install sets.


hi stuart
thanks for the reply,
i now have output on the hdmi monitor,
one thing that i've noticed is the boot up information
stops after displaying the date and doesn't proceed to the login prompt,
i can ping and ssh into the pi but no login prompt,
is there still something i need to do ?

shadrock



qq

2021-12-30 Thread Shadrock Uhuru

From: Stuart Henderson 
To: misc@openbsd.org
Date: Tue, 28 Dec 2021 12:55:27 - (UTC)
Subject: Re: raspberry pi 3b+ how to boot with hdmi



On 2021-12-28, Shadrock Uhuru  wrote:
hi everyone
i have successfully installed the latest snapshot onto a rpi3b+
using a serial cable,
after rebooting still with the serial cable everything startup fine,
when i try to reboot with a hdmi monitor connected
i get a few line at startup then the screen goes blank,
what configuration do i change to make the hdmi monitor the primary
display when booting ?



See the text around "To use video output on the framebuffer instead"
in the INSTALL.arm64 file distributed with the install sets.


hi stuart
thanks for the reply,
i now have output on the hdmi monitor,
one thing that i've noticed is the boot up information
stops after displaying the date and doesn't proceed to the login prompt,
i can ping and ssh into the pi but no login prompt,
is there still something i need to do ?

shadrock



raspberry pi 3b+ how to boot with hdmi

2021-12-28 Thread Shadrock Uhuru

hi everyone
i have successfully installed the latest snapshot onto a rpi3b+
using a serial cable,
after rebooting still with the serial cable everything startup fine,
when i try to reboot with a hdmi monitor connected 
i get a few line at startup then the screen goes blank,

what configuration do i change to make the hdmi monitor the primary
display when booting ?

thanks shadrock



raspberry pi3 doesn,t boot after install

2021-11-28 Thread Shadrock Uhuru
hi everyone 
i've installed openbsd 7.0 onto a usb stick connected to my raspberry pi 3 
with a serial cable,

installation completes without a problem,
after the congratulation promt i remove the power supply remove the usb
stick
and mount the i partition of the usb stick on my laptop,
and add program_usb_boot_mode=1 to config.txt file,
i unmount and return the usbstick to the raspberry pi,
i removed the installation sd card and power up again 
connected the serial console with cu -l cuaU0 -s 115200

but the pi has not booted.
have i missed any steps out ?



Re: after sysupgrade, /etc/rc syntax error

2021-07-25 Thread shadrock uhuru
worked perfectly
many thanks
shadrock


On Sat, 24 Jul 2021 at 21:42, shadrock uhuru  wrote:

> thanks for the quick reply Andreas
> will try it later tonight when i'm back at the laptop.
> shadrock
>
> On Sat, 24 Jul 2021 at 20:36, Andreas Kusalananda Kähäri <
> andreas.kah...@abc.se> wrote:
>
>> On Sat, Jul 24, 2021 at 07:11:30PM +0100, shadrock uhuru wrote:
>> > Hi all
>> > i am running openbsd snapshot and have sysupgraded  often without a
>> single
>> > hitch,
>> > on this occasion i have encountered the following error after the
>> > sysupgrade and the laptop tried to reboot
>> > i entered sh and had a look at /etc/rc with ed,
>> > the if is matched with a fi.
>> > so i need suggestions where to turn to next
>> > -
>> >
>> > reordeing libraries: done
>> > /etc/rc[464]: syntax error: `if' unmatched
>> > enter pathname of shell or return for sh:
>> >
>> >
>> > laptop# ed /etc/rc
>> > 16304
>> > 464
>> > if (($(ifconfig | grep -c ': flags=.*<.*AUTOCONF.*> mtu) == 0)); then
>> > count=0
>> > while ((count++ < 20 && $(route -n show | grep -c '^default ') ==
>> 0));
>> > do
>> > sleep .5
>> > done
>> > fi
>> >
>> > ---
>> >
>> > any help would be  appreciated.
>> > shadrock
>>
>> I ran into this too.  It's fixed in the most recent snapshot(s).  Note
>> the missing single quote after "mtu".  Fix with
>>
>> 464s/mtu/&'
>> w
>>
>> in ed.
>>
>> Regards,
>>
>> --
>> Andreas (Kusalananda) Kähäri
>> SciLifeLab, NBIS, ICM
>> Uppsala University, Sweden
>>
>> .
>>
>


Re: after sysupgrade, /etc/rc syntax error

2021-07-24 Thread shadrock uhuru
thanks for the quick reply Andreas
will try it later tonight when i'm back at the laptop.
shadrock

On Sat, 24 Jul 2021 at 20:36, Andreas Kusalananda Kähäri <
andreas.kah...@abc.se> wrote:

> On Sat, Jul 24, 2021 at 07:11:30PM +0100, shadrock uhuru wrote:
> > Hi all
> > i am running openbsd snapshot and have sysupgraded  often without a
> single
> > hitch,
> > on this occasion i have encountered the following error after the
> > sysupgrade and the laptop tried to reboot
> > i entered sh and had a look at /etc/rc with ed,
> > the if is matched with a fi.
> > so i need suggestions where to turn to next
> > -
> >
> > reordeing libraries: done
> > /etc/rc[464]: syntax error: `if' unmatched
> > enter pathname of shell or return for sh:
> >
> >
> > laptop# ed /etc/rc
> > 16304
> > 464
> > if (($(ifconfig | grep -c ': flags=.*<.*AUTOCONF.*> mtu) == 0)); then
> > count=0
> > while ((count++ < 20 && $(route -n show | grep -c '^default ') ==
> 0));
> > do
> > sleep .5
> > done
> > fi
> >
> > ---
> >
> > any help would be  appreciated.
> > shadrock
>
> I ran into this too.  It's fixed in the most recent snapshot(s).  Note
> the missing single quote after "mtu".  Fix with
>
> 464s/mtu/&'
> w
>
> in ed.
>
> Regards,
>
> --
> Andreas (Kusalananda) Kähäri
> SciLifeLab, NBIS, ICM
> Uppsala University, Sweden
>
> .
>


after sysupgrade, /etc/rc syntax error

2021-07-24 Thread shadrock uhuru
Hi all
i am running openbsd snapshot and have sysupgraded  often without a single
hitch,
on this occasion i have encountered the following error after the
sysupgrade and the laptop tried to reboot
i entered sh and had a look at /etc/rc with ed,
the if is matched with a fi.
so i need suggestions where to turn to next
-

reordeing libraries: done
/etc/rc[464]: syntax error: `if' unmatched
enter pathname of shell or return for sh:


laptop# ed /etc/rc
16304
464
if (($(ifconfig | grep -c ': flags=.*<.*AUTOCONF.*> mtu) == 0)); then
count=0
while ((count++ < 20 && $(route -n show | grep -c '^default ') == 0));
do
sleep .5
done
fi

---

any help would be  appreciated.
shadrock


can't set export GPG_TTY=$(tty)

2021-06-18 Thread Shadrock Uhuru
hi everyone 
i have added export GPG_TTY=$(tty); eval $(gpg-agent --daemon) 
to my .profile file

and also tried adding it to my .zshrc,
my window manager is I3,
when i open a terminal and and type env | grep GPG_TTY
i get GPG_TTY=not a tty,
if i run the export command in the terminal 
then i get GPG_TTY=/dev/ttype3 .
where should i be putting the export command so that there is a tty 
ready when the terminal is opened.

shadrock



can texlive package be installed ?

2021-02-27 Thread Shadrock Uhuru

system information.
OpenBSD 6.9 GENERIC.MP#343 amd64
flavor: current

when i try to install texlive,
all i get is :-

 doas pkg_add -v texlive_texmf-full
 Update candidates: quirks-3.588 -> quirks-3.588
 quirks-3.588 signed on 2021-02-26T23:14:00Z
 Ustar
 
[https://ftp.OpenBSD.org/pub/OpenBSD/snapshots/packages/amd64/texlive_texmf-full-2020p1.tgz][share/texmf-dist/bibtex/bib/beebe/printing-history.bib]:
 Premature end of archive in header:
 pkg_add: Installation of texlive_texmf-full-2020p1 failed, partial
 installation recorded as partial-texlive_texmf-full-2020p1.6


any suggestions ?

shadrock



firefox crashed, no web access after attempted fix

2021-01-16 Thread Shadrock Uhuru

hi everyone
i'm running 6.8 current,
my problem started when firefox which had been working perfectly
suddenly started crashing on startup,
i don't know if it was because i shutdown the laptop with to many tab
open in firefox,
after many google searches i tried creating a new profile and copying
over from a previous profile
the suggested files and directories which gave me a startable firefox,
my bookmark sidebar lists my bookmarks,
and my addons are displayed on the toolbar,
the problem is nothing happens if i
type in an address,
type something in the search bar
or click a bookmark in the sidebar,
the rotating arrow doesn't change to a cross ,
or if i click an addon icon either nothing happens or an empty menu is
opened,
the next thing i did was to backup my mozilla/firefox folder then
removed the original,
i sysupgraded,
pkg_add -Uu, had to repeat it a couple of time thinking the repositories
were not in sync
after doing pkg_add -u instead the packages upgraded,
i threw in a pkg_clean to tidy things up,
then i pkg_delete then pkg_add firefox,
i'm still unable to surf the web before or after restoring my backup
mozilla/firefox directory,
could i have missing libraries of software that firefox needs ?
pkg_add firefox installs without a problem,
i have pastebined a copy of the directory structure
and a copy of the log output when i start firefox with the -p option.

fox_directory  http://sprunge.us/79hyB7
fox_log_output http://sprunge.us/umVBxr

i am currently using netsurf as my browser but i would like firefox up
and running again asap
any help would be welcomed
shadrock




Re: what should i do with these package warnings

2020-07-12 Thread Shadrock Uhuru

From: Stuart Henderson 
To: misc@openbsd.org
Subject: Re: what should i do with these package warnings
Date: Tue, 7 Jul 2020 08:36:51 - (UTC)

On 2020-07-07, Shadrock Uhuru  wrote:


hi everyone
Q2
should i remove these missing dependencies ?
also the issue of "lib should exist, lib is not a directory",
all the indicated files are in /usr/local/lib,

is /usr/local/lib a directory, or have you done something non-standard?
these are not normal, try to figure out what caused them.


Reverse dependencies: ok
Files from packages: ok
--- .libs-partial-evince-3.32.0p0-light.1 ---
lib should exist
lib is not a directory
lib/libevdocument3.so.0.2 should exist
lib/libevdocument3.so.0.2 is not a file
can't read lib/libevdocument3.so.0.2
lib/libevview3.so.0.0 should exist
lib/libevview3.so.0.0 is not a file


no idea what is going on with your system but something is messed up!


Hi Stuart
thanks for the reply,
i let pkg_check fix the various warnings and removed the Obsolete
package,
/usr/local/lib is a directory, 
i removed python3.7 as i have python3.8 installed,

and i have done nothing non-standard to the filesystem?
i am running the latest snapshot
i have pastebin the output of the latest 'pkg_check -Fvvv' i have done
at http://ix.io/2rrW ,
the issue with the 'lib should exist' and  'lib is not a directory'
warnings
relate to older versions of software than the currently installed ones.
are there file that i could edit or repair to remove references to these
older software ?
is there anything else i can do to figure out what the problem is ?

==
current installed version is evince 3.36.7
--- .libs-partial-evince-3.32.0p0-light.1 ---
lib should exist
lib is not a directory
lib/libevdocument3.so.0.2 should exist
lib/libevdocument3.so.0.2 is not a file
can't read lib/libevdocument3.so.0.2
lib/libevview3.so.0.0 should exist
lib/libevview3.so.0.0 is not a file
can't read lib/libevview3.so.0.0


current installed version is firefox 78.0.1
--- .libs-partial-firefox-67.0 ---
lib should exist
lib is not a directory
lib/firefox should exist
lib/firefox is not a directory
lib/firefox/gmp-clearkey should exist
lib/firefox/gmp-clearkey is not a directory
lib/firefox/gmp-clearkey/0.1 should exist
lib/firefox/gmp-clearkey/0.1 is not a directory
lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0 should exist
lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0 is not a file
can't read lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0
lib/firefox/gtk2 should exist
lib/firefox/gtk2 is not a directory
lib/firefox/gtk2/libmozgtk.so.84.0 should exist
lib/firefox/gtk2/libmozgtk.so.84.0 is not a file
can't read lib/firefox/gtk2/libmozgtk.so.84.0
lib/firefox/liblgpllibs.so.84.0 should exist
lib/firefox/liblgpllibs.so.84.0 is not a file
can't read lib/firefox/liblgpllibs.so.84.0
lib/firefox/libmozavcodec.so.84.0 should exist
lib/firefox/libmozavcodec.so.84.0 is not a file
can't read lib/firefox/libmozavcodec.so.84.0
lib/firefox/libmozavutil.so.84.0 should exist
lib/firefox/libmozavutil.so.84.0 is not a file
can't read lib/firefox/libmozavutil.so.84.0
lib/firefox/libmozgtk.so.84.0 should exist
lib/firefox/libmozgtk.so.84.0 is not a file
can't read lib/firefox/libmozgtk.so.84.0
lib/firefox/libxul.so.84.0 should exist
lib/firefox/libxul.so.84.0 is not a file
can't read lib/firefox/libxul.so.84.0

current installed version is gtk+3--
--- .libs-partial-gtk+2-2.24.32p5 ---
lib should exist
lib is not a directory
lib/libgailutil.so.26.0 should exist
lib/libgailutil.so.26.0 is not a file
can't read lib/libgailutil.so.26.0
lib/libgdk-x11-2.0.so.2400.0 should exist
lib/libgdk-x11-2.0.so.2400.0 is not a file

python3.7 removed
--- .libs-partial-python-3.7.6p1 ---
lib should exist
lib is not a directory
lib/libpython3.7m.so.0.0 should exist
lib/libpython3.7m.so.0.0 is not a file
can't read lib/libpython3.7m.so.0.0

thank shadrock



smime.p7s
Description: S/MIME cryptographic signature


what should i do with these package warnings

2020-07-06 Thread Shadrock Uhuru

hi everyone

Q1
should i remove these Obsolete package ?

doas pkg_add -u  
quirks-3.369 signed on 2020-06-27T20:23:25Z

Obsolete package: grantlee-0.5.1p5 (no longer maintained upstream)
Obsolete package: kfilemetadata-4.14.3p2 (no longer maintained upstream)
Obsolete package: libkexiv2-4.14.3p1 (no longer maintained upstream)
Obsolete package: kdesdk-strigi-analyzers-4.14.3p1 (no longer maintained 
upstream)
Obsolete package: libkdeedu-4.14.3p3 (no longer maintained upstream)
Obsolete package: attica-0.4.2p5 (no longer maintained upstream)
Obsolete package: kde-wallpapers-4.14.3 (no longer maintained upstream)
Obsolete package: phonon-vlc-0.10.3 (no longer maintained upstream)
Obsolete package: kde-base-artwork-4.14.3 (no longer maintained upstream)
Obsolete package: kde4-locale-en_US-4.14.10p0 (no longer maintained upstream)
Obsolete package: soprano-2.9.4p3 (no longer maintained upstream)
Obsolete package: kde4-locale-4.14.3p2 (no longer maintained upstream)
Obsolete package: libkscreen-1.0.4p2 (no longer maintained upstream)
Obsolete package: libkcddb-4.14.3p1 (no longer maintained upstream)
Obsolete package: kde4-kopete-sounds-4.14.3p5 (no longer maintained upstream)
Obsolete package: kde4-langlist-4.14.10p0 (no longer maintained upstream)
Obsolete package: libkdegames-4.14.3p1 (no longer maintained upstream)
Obsolete package: qimageblitz-0.0.6p3 (no longer maintained upstream)
Obsolete package: kwebkitpart-1.2p8 (no longer maintained upstream)
Obsolete package: libkcompactdisc-4.14.3p2 (no longer maintained upstream)
Obsolete package: cagibi-0.2.0p5 (no longer maintained upstream)
Obsolete package: kdegraphics-strigi-analyzer-4.14.3p1 (no longer maintained 
upstream)
Obsolete package: kdenetwork-strigi-analyzers-4.14.3p2 (no longer maintained 
upstream)

Couldn't find updates for 
attica-0.4.2p5 cagibi-0.2.0p5
geolite-country-20180401p2 gnucash-3.10 
grantlee-0.5.1p5 kde-base-artwork-4.14.3
kde-wallpapers-4.14.3 
kde4-kopete-sounds-4.14.3p5

kde4-langlist-4.14.10p0
kde4-locale-4.14.3p2 
kde4-locale-en_US-4.14.10p0
kdegraphics-strigi-analyzer-4.14.3p1 
kdenetwork-strigi-analyzers-4.14.3p2
kdesdk-strigi-analyzers-4.14.3p1 
kfilemetadata-4.14.3p2

kross-interpreters-4.14.3p8
kwebkitpart-1.2p8 
libkcddb-4.14.3p1

libkcompactdisc-4.14.3p2
libkdeedu-4.14.3p3 
libkdegames-4.14.3p1

libkexiv2-4.14.3p1
libkscreen-1.0.4p2
phonon-vlc-0.10.3 
polkit-qt4-0.112.0p8

qimageblitz-0.0.6p3
quazip-0.7.3p4
soprano-2.9.4p3 
spidermonkey-60.9.0v1

strigi-0.7.8p3i

-


Q2
should i remove these missing dependencies ?
also the issue of "lib should exist, lib is not a directory",
all the indicated files are in /usr/local/lib,
should there be a link between /lib and /usr.local/lib to get rid of
these warnings
or should i just ignore these warnings as well ?

doas pkg_check  
Packing-list sanity: ok

xca-2.3.0 has too many dependencies: gtk-update-icon-cache-3.24.20
Remove missing dependencies: gtk-update-icon-cache-3.24.20 ? [y/N/a] n
apvlv-0.1.5pl0p3 has too many dependencies: desktop-file-utils-0.26
Remove missing dependencies: desktop-file-utils-0.26 ? [y/N/a] n
Direct dependencies: ok
gettext-runtime-0.20.2: bogus reverse dependencies: libkfbapi-1.0p7
gettext-runtime-0.20.2: bogus reverse dependencies: kdepimlibs-4.14.10p7
gettext-runtime-0.20.2 has too many reverse dependencies: gnucash-3.10
kdelibs-4.14.10p20 kdepimlibs-4.14.10p7 libkfbapi-1.0p7
Remove missing reverse dependencies: gnucash-3.10 kdelibs-4.14.10p20
kdepimlibs-4.14.10p7 libkfbapi-1.0p7 ? [y/N/a] n
Reverse dependencies: ok
Files from packages: ok
--- .libs-partial-evince-3.32.0p0-light.1 ---
lib should exist
lib is not a directory
lib/libevdocument3.so.0.2 should exist
lib/libevdocument3.so.0.2 is not a file
can't read lib/libevdocument3.so.0.2
lib/libevview3.so.0.0 should exist
lib/libevview3.so.0.0 is not a file
can't read lib/libevview3.so.0.0
--- .libs-partial-firefox-67.0 ---
lib should exist
lib is not a directory
lib/firefox should exist
lib/firefox is not a directory
lib/firefox/gmp-clearkey should exist
lib/firefox/gmp-clearkey is not a directory
lib/firefox/gmp-clearkey/0.1 should exist
lib/firefox/gmp-clearkey/0.1 is not a directory
lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0 should exist
lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0 is not a file
can't read lib/firefox/gmp-clearkey/0.1/libclearkey.so.84.0
lib/firefox/gtk2 should exist
lib/firefox/gtk2 is not a directory
lib/firefox/gtk2/libmozgtk.so.84.0 should exist
lib/firefox/gtk2/libmozgtk.so.84.0 is not a file
can't read lib/firefox/gtk2/libmozgtk.so.84.0
lib/firefox/liblgpllibs.so.84.0 should exist
lib/firefox/liblgpllibs.so.84.0 is not a file
can't read lib/firefox/liblgpllibs.so.84.0
lib/firefox/libmozavcodec.so.84.0 should exist
lib/firefox/libmozavcodec.so.84.0 is not a file
can't read lib/firefox/libmozavcodec.so.84.0
lib/firefox/libmozavutil.so.84.0 should exist
lib/firefox/libmozavutil.so.84.0 is not a file
can't read 

Re: pass 'password manager' problem

2020-02-26 Thread Shadrock Uhuru

On 26.02.2020 10:57, Andreas Kusalananda Kähäri wrote:

On Wed, Feb 26, 2020 at 09:37:53AM +, Shadrock Uhuru wrote:
> > ---

> >
> > shadrock

Hi
yes i have gpg2 installed

gpg-agent.conf has cat .gnupg/gpg-agent.conf

default-cache-ttl 300
max-cache-ttl 99

and i've added export GPG_TTY=$(tty) ~/.profile

but still no joy.

shadrock


Hi,

Do you *also* have gpg installed?  If I remember correctly, pass tries
to use gpg rather than gpg2 if gpg is installed when installing pass.


--
Andreas (Kusalananda) Kähäri
SciLifeLab, NBIS, ICM
Uppsala University, Sweden

.


Hi yes i also have gpg installed,
i see this at the beginning of the pass script :-


GPG_OPTS=( $PASSWORD_STORE_GPG_OPTS "--quiet" "--yes"
"--compress-algo=none" "--no-encrypt-to" )
GPG="gpg"
export GPG_TTY="${GPG_TTY:-$(tty 2>/dev/null)}"
which gpg2 &>/dev/null && GPG="gpg2"
[[ -n $GPG_AGENT_INFO || $GPG == "gpg2" ]] && GPG_OPTS+=( "--batch"
"--use-agent" )


which looks like gpg2 is used if it is installed.

shadrock


smime.p7s
Description: S/MIME cryptographic signature


Re: pass 'password manager' problem

2020-02-26 Thread Shadrock Uhuru

Date: Mon, 24 Feb 2020 14:11:19 - (UTC)




As far as I have seen in the pass script, --batch mode is oly invoked if you 
are running a gpg agent or are running gpg2.

Do you have gpg2 installed?

Do you have a gpg agent configured?

You may need to include the following line in your ~.profile :
export GPG_TTY=$(tty)

Shadrock Uhuru  wrote:

[-- text/plain, encoding 8bit, charset: utf-8, 61 lines --]

Hi


From: Rubén Llorente 
To: misc@openbsd.org
Subject: Re: pass 'password manager' problem
Date: Fri, 21 Feb 2020 16:22:37 - (UTC)

Do you have a ~.gnupg/gpg.conf ? Pass works fine for me.

Shadrock Uhuru  wrote:

[-- text/plain, encoding 7bit, charset: utf-8, 6 lines --]

running 'pass username' returns
"gpg: Sorry, we are in batchmode - can't get input",
am i missing a piece of software or setting ?

shadrock



yes i have the following
cat ~/.gnupg/gpg.conf

use-agent
pinentry-mode loopback
personal-cipher-preferences CAMELLIA256 AES256 AES192 AES CAST5
# personal-cipher-preferences AES256 AES192 AES CAST5 CAMELLIA192
# BLOWFISH TWOFISH CAMELLIA128 3DES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZIP ZLIB
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES
CAST5 ZLIB BZIP2 ZIP Uncompressed
cert-digest-algo SHA512
digest-algo SHA256
s2k-mode 3
s2k-digest-algo SHA512
s2k-cipher-algo AES256
s2k-count 1015808
charset utf-8
fixed-list-mode
no-greeting
no-secmem-warning
no-comments
no-emit-version
keyid-format 0xlong
list-options show-uid-validity
verify-options show-uid-validity
keyserver-options import-clean-sigs import-clean-uids export-clean-sigs
export-clean-uids
keyserver hkp://hkps.pool.sks-keyservers.net
keyserver-options auto-key-retrieve
keyserver-options no-honor-keyserver-url
escape-from-lines
bzip2-compress-level 9
compress-level 9
with-fingerprint


---

shadrock


Hi
yes i have gpg2 installed

gpg-agent.conf has 
cat .gnupg/gpg-agent.conf


default-cache-ttl 300
max-cache-ttl 99

and i've added export GPG_TTY=$(tty) ~/.profile

but still no joy.

shadrock



Re: pass 'password manager' problem

2020-02-23 Thread Shadrock Uhuru

Hi


From: Rubén Llorente 
To: misc@openbsd.org
Subject: Re: pass 'password manager' problem
Date: Fri, 21 Feb 2020 16:22:37 - (UTC)

Do you have a ~.gnupg/gpg.conf ? Pass works fine for me.

Shadrock Uhuru  wrote:

[-- text/plain, encoding 7bit, charset: utf-8, 6 lines --]

running 'pass username' returns
"gpg: Sorry, we are in batchmode - can't get input",
am i missing a piece of software or setting ?

shadrock



yes i have the following 
cat ~/.gnupg/gpg.conf


use-agent
pinentry-mode loopback
personal-cipher-preferences CAMELLIA256 AES256 AES192 AES CAST5
# personal-cipher-preferences AES256 AES192 AES CAST5 CAMELLIA192
# BLOWFISH TWOFISH CAMELLIA128 3DES
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
personal-compress-preferences BZIP2 ZIP ZLIB
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES
CAST5 ZLIB BZIP2 ZIP Uncompressed
cert-digest-algo SHA512
digest-algo SHA256
s2k-mode 3
s2k-digest-algo SHA512
s2k-cipher-algo AES256
s2k-count 1015808
charset utf-8
fixed-list-mode
no-greeting
no-secmem-warning
no-comments
no-emit-version
keyid-format 0xlong
list-options show-uid-validity
verify-options show-uid-validity
keyserver-options import-clean-sigs import-clean-uids export-clean-sigs
export-clean-uids
keyserver hkp://hkps.pool.sks-keyservers.net
keyserver-options auto-key-retrieve
keyserver-options no-honor-keyserver-url
escape-from-lines
bzip2-compress-level 9
compress-level 9
with-fingerprint


---

shadrock


smime.p7s
Description: S/MIME cryptographic signature


pass 'password manager' problem

2020-02-21 Thread Shadrock Uhuru
running 'pass username' returns 
"gpg: Sorry, we are in batchmode - can't get input",

am i missing a piece of software or setting ?

shadrock


smime.p7s
Description: S/MIME cryptographic signature


Re: no flows with my iked vpn

2020-02-13 Thread Shadrock Uhuru

On 13.02.2020 08:43, Robert Paschedag wrote:


sent from my mobile device

Am 12. Februar 2020 15:07:46 schrieb Shadrock Uhuru :


hi everyone
i have setup iked on my firewall and laptop as a roadwarrior setup
following https://www.openbsd.org/faq/faq17.html
i.ve tested from within the local network
but no flows are started.
could someone have a look at the following files to see where i have
erred.


Looks like your client cert (pegasus) is missing a subjectAltName.

Robert




# my iked config method
http://paste.openstack.org/show/789464/

imhoptep iked logs (responder)
http://paste.openstack.org/show/789465/

pegasus iked logs (initiator)
http://paste.openstack.org/show/789466/

thanks shadrock





As https://www.openbsd.org/faq/faq17.html does not mention anything
about subjectAltName 
i've researched across the net and found the following information :-


IKEv2 VPN server certificate must contain either the server's IP address
or its FQDN as the subjectAltName,
Roadwarriors usually have dynamic IP addresses assigned 
by the ISP they are currently attached to. 
In order to simplify the routing from 
my-net (tissisat.co.uk) back to the roadwarrior (pegasus) 
it would be desirable if the roadwarrior 
had an inner IP address chosen from a pre-assigned pool.


if this is the way to deal with subjectAltName
what are the steps to achieve this ?

shadrock


smime.p7s
Description: S/MIME cryptographic signature


no flows with my iked vpn

2020-02-12 Thread Shadrock Uhuru

hi everyone
i have setup iked on my firewall and laptop as a roadwarrior setup
following https://www.openbsd.org/faq/faq17.html
i.ve tested from within the local network 
but no flows are started.

could someone have a look at the following files to see where i have
erred.


# my iked config method
http://paste.openstack.org/show/789464/

imhoptep iked logs (responder)
http://paste.openstack.org/show/789465/

pegasus iked logs (initiator)
http://paste.openstack.org/show/789466/

thanks shadrock


smime.p7s
Description: S/MIME cryptographic signature


Re: do i need to configure mkinitcpio.conf for my md array ?

2020-01-16 Thread Shadrock Uhuru

On 16.01.2020 13:20, infoomatic wrote:

what do you want to achieve?

If you want to access the array from OpenBSD then I see no possibility
with this configuration.

If you want a dual-boot system I suggest you configure the 4-disk raid
in OpenBSD and in arch linux you could use a VM and use hardware
passthrough to access the data.


Am 16.01.20 um 13:10 schrieb Shadrock Uhuru:

i have just configured my 4 disk raid 10 array with mdadm,
the filesystem is ext4 unencrypted
and arch is installed on a separate disk,
do i need to reconfigure mkinitcpio.conf for my md array so that the
array is assembled and started at boot,
all the examples i've seen have arch installed on the raid array
including the example in tne wiki
https://wiki.archlinux.org/index.php/RAID
i have not reboot the new array yet so i would like to make sure
everything necessary is configure before i do that.

shadrock




please accept my apoligies this was for the arch maillist

shadrock


smime.p7s
Description: S/MIME cryptographic signature


do i need to configure mkinitcpio.conf for my md array ?

2020-01-16 Thread Shadrock Uhuru

i have just configured my 4 disk raid 10 array with mdadm,
the filesystem is ext4 unencrypted
and arch is installed on a separate disk,
do i need to reconfigure mkinitcpio.conf for my md array 
so that the array is assembled and started at boot,
all the examples i've seen have arch installed on the raid array 
including the example in tne wiki https://wiki.archlinux.org/index.php/RAID
i have not reboot the new array yet 
so i would like to make sure everything necessary is configure before i do that.


shadrock



smime.p7s
Description: S/MIME cryptographic signature


Re: [arch-general] how to upgrade 2017 server ?

2020-01-14 Thread Shadrock Uhuru

On 15.01.2020 02:05, Shadrock Uhuru wrote:

On 11.01.2020 14:00, Chris Billington wrote:

Pacman static will likely help, but you'll need to actually install it and
use it, i.e.:

sudo pacman -S pacman-static
sudo pacman-static -Syu

On Sat, Jan 11, 2020 at 1:57 PM Shadrock Uhuru via arch-general <
arch-gene...@archlinux.org> wrote:


i have a server that has not been booted since 2017,
i tried upgrading with pacman -Syu,
i have post the screen output at http://paste.openstack.org/show/788264/
i thought adding Eli Schwartz' personal repository to  pacman.conf
would have allowed the upgrade with his Binary builds of pacman-static.
is my problem still to do with the xz to zstd change or something
different ?

shadrock



many thanks to Eli Schwartz and his repository
and all who offered suggestions
the server is now upgraded.
shadrock


smime.p7s
Description: S/MIME cryptographic signature


Re: wrong pkg_add url after sysupgrade

2019-10-10 Thread shadrock uhuru
On 10/9/19 2:56 PM, Paul de Weerd wrote:

On Wed, Oct 09, 2019 at 01:40:42PM +, shadrock uhuru wrote:
| after trying sysupgrade for the first time on my laptop running snapshots
| running the following command returns no such dir.
|
| doas pkg_add -u
| https://ftp.OpenBSD.org/pub/OpenBSD/6.6/packages/amd64/: no such dir
| pkg_info p5-finance
| https://ftp.OpenBSD.org/pub/OpenBSD/6.6/packages/amd64/: no such dir
|
| my /etc/installurl has
| cat /etc/installurl
| https://ftp.OpenBSD.org/pub/OpenBSD
|
| does this need editing
| if so what url should i use ?

Same url, different command: pkg_add -u -Dsnap

Twice a year there's a brief window where snapshots have the name of
the upcoming release.  During that time, you must add -Dsnap to
pkg_add.  It doesn't hurt to have -Dsnap when you're running something
-current or -beta, so if you always run snaps, best to train you
muscle memory to do -Dsnap always :)

Cheers,

Paul 'WEiRD' de Weerd


thanks  Paul


wrong pkg_add url after sysupgrade

2019-10-09 Thread shadrock uhuru
after trying sysupgrade for the first time on my laptop running snapshots
running the following command returns no such dir.

doas pkg_add -u
https://ftp.OpenBSD.org/pub/OpenBSD/6.6/packages/amd64/: no such dir
pkg_info p5-finance
https://ftp.OpenBSD.org/pub/OpenBSD/6.6/packages/amd64/: no such dir

my /etc/installurl has
cat /etc/installurl
https://ftp.OpenBSD.org/pub/OpenBSD

does this need editing
if so what url should i use ?

shadrock


dhcpcd[82953]: pppoe0: DHCPv6 REPLY: NoAddrsAvail

2019-10-07 Thread shadrock uhuru
hi everyone
does the following error in */var/log/*{messages,daemon} indicate a problem
at my internet providers end of the line or one of my config files

dhcpcd[82953]: pppoe0: DHCPv6 REPLY: NoAddrsAvail

i have pd prefix addresses being assigned on my lan network but no nd
prefix address assigned to my egress interface on the firewall ?

dhcpcd.conf

ipv6only
noipv6rs
duid
persistent
option rapid_commit
require dhcp_server_identifier
slaac private
nohook resolv.conf, lookup-hostname
allowinterfaces em0 em1 tun0 pppoe0
script ""

interface pppoe0
  ia_na 1
  ia_pd 2 em0/0
  ia_pd 3 em1/1
  ia_pd 4 tun0/2
==

this is a section from /var/log/daemon after a restart of dhcpcd.

Oct  3 11:08:07 imhotep rad[70380]: engine exiting
Oct  3 11:08:07 imhotep rad[14635]: frontend exiting
Oct  3 11:08:07 imhotep rad[39834]: terminating
Oct  3 11:08:07 imhotep rad[18320]: startup
Oct  4 01:10:25 imhotep dhcpcd[82019]: received SIGTERM, stopping
Oct  4 01:10:25 imhotep dhcpcd[82019]: tun0: removing interface
Oct  4 01:10:25 imhotep dhcpcd[82019]: em0: removing interface
Oct  4 01:10:25 imhotep dhcpcd[82019]: pppoe0: removing interface
Oct  4 01:10:25 imhotep dhcpcd[82019]: dhcpcd exited
Oct  4 01:10:25 imhotep dhcpcd[82953]: tun0: unsupported interface type 83
Oct  4 01:10:25 imhotep dhcpcd[82953]: DUID
00:04:44:45:4c:4c:38:00:10:57:80:47:b9:c0:4f:57:32:4a
Oct  4 01:10:25 imhotep dhcpcd[82953]: em0: IAID 23:e3:c7:92
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: IAID 00:00:00:06
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: IA type 3 IAID 00:00:00:01
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: IA type 25 IAID 00:00:00:02
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: IA type 25 IAID 00:00:00:03
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: IA type 25 IAID 00:00:00:04
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: DHCPv6 REPLY: NoAddrsAvail
Oct  4 01:10:25 imhotep dhcpcd[82953]: pppoe0: rebinding prior DHCPv6 lease
Oct  4 01:10:25 imhotep dhcpcd[82953]: tun0: IAID 74:75:6e:30
Oct  4 01:10:26 imhotep dhcpcd[82953]: pppoe0: DHCPv6 REPLY: NoAddrsAvail
Oct  4 01:10:26 imhotep dhcpcd[82953]: pppoe0: REPLY6 received from
fe80::4afd:8eff:feaa:a4d1
Oct  4 01:10:26 imhotep dhcpcd[82953]: pppoe0: renew in 86400, rebind in
138240, expire in 259200 seconds
Oct  4 01:10:26 imhotep dhcpcd[82953]: lo0: adding reject route to
2a02:1234:658b::/48 via ::1
Oct  4 01:10:26 imhotep dhcpcd[82953]: pppoe0: delegated prefix
2a02:1234:658b::/48
Oct  4 01:10:26 imhotep dhcpcd[82953]: em0: adding address
2a02:1234:658b::1/48
Oct  4 01:10:26 imhotep dhcpcd[82953]: em0: changing route to
2a02:1234:658b::/48
Oct  4 01:10:26 imhotep dhcpcd[82953]: forked to background, child pid 6456

thanks shadrock


Re: authpf unable to exit ssh without control C

2019-09-17 Thread shadrock uhuru
> To:
> misc@openbsd.org
>
>
> On 9/15/19 7:31 AM, shadrock uhuru wrote:
>> hi everyone
>> i can login with authpf but unable to exit or control D out of the ssh
>> session
>> the only way out is to control C which also kills any other ordinary ssh
>> user connected to the server
>> my authpf user has authpf as its login shell and login class,
>> is this normal behaviour  ?
>> shadrock
>>
> If I understand your request, you want someone to log into your system,
> which brings up authpf, and you want them to be able to do something to
> exit to a shell prompt on that server and still leave the authpf rules
> in place?
>
> That's not the way authpf was designed.
>
> The idea is that when authpf is invoked, it activates certain rules,
> presumably regarding the IP address in question, and when authpf exits,
> it removes those changes.  Connect to authpf, now you can access the
> web site, or FTP or whatever it is you need, terminate authpf, and no
> one else at your IP can do those things.  If you are letting these same
> users access the shell prompt, your usage is not as paranoid as authpf
> was designed to deal with, it's probably not the right tool for the job,
> or your expectations are wrong.
>
> I run a private IRC server, which is blocked on the 'net by PF, but as
> all the users are people I know in real life and friends, I trust them
> to be able to activate their own IP addresses, so I just wrote a simple
> (and surely insecure) script to add that user's IP address to the PF
> table that permits them access to the system.  What this doesn't do
> (and I'm not sure how you expect to do this) is clear the connections
> when they leave.  In my case, I don't care -- the odds that after Fred
> gets a new IP address that his old IP address will end up in the hands
> of someone wanting to have access to my IRC server for malicious
> reasons (and they find it!) is pretty small.  But that might not be
> your use case.  If you need to close those openings...you had best
> think hard about how you expect that to happen.
>
> Nick.
>
> Subject:
> Re: authpf unable to exit ssh without control C
> From:
> Nick Holland 
> Date:
> 9/16/19, 12:39 PM
>

Hi Nick
i have sorted the problem with some pointers from irc.openbsd folks,
what i actually needed was to be able to login with ssh  with a non
authpf user to view tcpdumps etc and then  login to another ssh session
with a authpf user for testing but when i logged out the authpf user it
logged out the non authpf user aswell,
it turns out that as both logins were from my laptop i.e the same ip
address
i needed to use the authpf-noip shell for the authpf user,
now i can exit the ssh session for the authpf user without taking down
the ssh session for the non authpf user .
thanks for your time
shadrock


authpf unable to exit ssh without control C

2019-09-15 Thread shadrock uhuru
hi everyone
i can login with authpf but unable to exit or control D out of the ssh
session
the only way out is to control C which also kills any other ordinary ssh
user connected to the server
my authpf user has authpf as its login shell and login class,
is this normal behaviour  ?
shadrock



pppoe no carrier

2019-09-09 Thread shadrock uhuru
hi everyone
i have setup pppoe and the interface comes up fine,
the pppoedev is connected  to a fritzbox modem and zen internet is the
provider
speaking to one of their advisers i was told that all i had to do was
connect to one of the lan ports on the fritzbox then i could do the
pppoe from my firewall
when i reboot the firewall with the pppoe configuration ,
ifconfig shows the interface up and it shows a PADI being sent but no
carrier on the pppoe interface,
is there anyone who has a similar setup and can give me pointers,
in particular is there anything in the fritzboz i should disable ?

shadrock



antispoof or urpf-failed ?

2019-09-02 Thread shadrock uhuru
hi everyone

http://lists.dragonflybsd.org/pipermail/users/2017-August/313577.html
states that the "urpf-failed" block rule causes the IPv6 traffic (ping)
significant packet loss,
while IPv4 remains fine
is this correct ?

https://lipidity.com/openbsd/router/ states
The antispoof rules should be replaced by a strict Unicast Reverse Path
Forwarding (uRPF) check:
block in log quick from urpf-failed

i have both antispoof and urpf-failed, should i leave both in my pf.conf
or remove antispoof ?

shadrock



Re: dhcrelay

2019-08-29 Thread shadrock uhuru
hiya
thanks for the reply
> hi eveyone
> if i have a dhcp server in subnet A connected to interface em0 (lan) and
> subnet B connected to interface iwn0 (wireless zone) on the router
> with dhcrelay -i em0 running on the router should the wireless subnet be
> able?? to get its dhcp address from the dhcp server on the lan ?
> No, you would need to run 
>
>dhcrelay -i iwn0 
>
> to do that.
finally got that sorted,
but led me to another question
i have two dhcp servers on samba domain controllers,
can a second server-ip address be added like this to dhcrelay

dhcrelay -i iwn0  

i haven't seen any examples like this on the net
shadrock



missing PD Prefix 's

2019-08-29 Thread shadrock uhuru
hi everyone

how do i check if rad is working correctly
i have a PD Prefix address on my routers wan interface
but not on its lan interface or anywhere on the lan
rad is configured with the following
cat /etc/rad.conf
interface em0
interface em1
interface tun0

i also have dhcpcd configured
cat << EOF > /etc/dhcpcd.conf
ipv6only
noipv6rs
duid
persistent
option rapid_commit
require dhcp_server_identifier
slaac private
nohook resolv.conf, lookup-hostname
allowinterfaces bge0 em0 em1 tun0
script ""

interface bge0
  ia_na 1
  ia_pd 2 em0/0
  ia_pd 3 em1/1
  ia_pd 4 tun0/2
 



Re :dhcrelay

2019-08-25 Thread shadrock uhuru
> To:
> shadrock uhuru 
> CC:
> misc@openbsd.org
>
>
> shadrock uhuru(niyal...@gmail.com) on 2019.08.23 18:46:32 +0100:
>> hi eveyone
>> if i have a dhcp server in subnet A connected to interface em0 (lan) and
>> subnet B connected to interface iwn0 (wireless zone) on the router
>> with dhcrelay -i em0 running on the router should the wireless subnet be
>> able?? to get its dhcp address from the dhcp server on the lan ?
> No, you would need to run 
>
>dhcrelay -i iwn0 
>
> to do that.
>
> Subject:
> Re: dhcrelay
> From:
> Sebastian Benoit 
> Date:
> 8/23/19, 10:12 PM
>
thank Sebastian
i have two samba  active domain controllers with dhcp installed on each,
is it possible to do this

dhcrelay -i iwn0  

or can only one dhcp server address be specified ?
shadrock


dhcrelay

2019-08-23 Thread shadrock uhuru
hi eveyone
if i have a dhcp server in subnet A connected to interface em0 (lan) and
subnet B connected to interface iwn0 (wireless zone) on the router
with dhcrelay -i em0 running on the router should the wireless subnet be
able  to get its dhcp address from the dhcp server on the lan ?



Re: pf.conf anchor directories

2019-08-20 Thread shadrock uhuru
> hiya
> can you have lines like this in pf.conf
> anchor "authpf/vpn/*" in on $VPN_IFACE
> anchor "authpf/wireless/*" in on $WIRE_IFACE
> and have anchors in /etc/authpf/vpn with your vpn rules
> and anchors in /etc/authpf/wireless with your wireless rules ?
>
> shadrock
> To:
> shadrock uhuru 
> CC:
> misc@openbsd.org
>
>
> yes
>
> Subject:
> Re: pf.conf anchor directories
> From:
> Klemens Nanni 
> Date:
> 8/20/19, 10:28 AM
>
thanks
shadrock


pf.conf anchor directories

2019-08-19 Thread shadrock uhuru
hiya
can you have lines like this in pf.conf
anchor "authpf/vpn/*" in on $VPN_IFACE
anchor "authpf/wireless/*" in on $WIRE_IFACE
and have anchors in /etc/authpf/vpn with your vpn rules
and anchors in /etc/authpf/wireless with your wireless rules ?

shadrock



Re: can't find libpcap

2019-08-18 Thread shadrock uhuru
> Hi,
>
> shadrock uhuru wrote on Sat, Aug 17, 2019 at 01:01:08PM +0100:
>
>> is there a package for pcap or libpcap
>> or do i have to download the source and compile
> to answer such questions, use pkg_locate(1).
>
># pkg_add pkglocatedb
>$ man pkg_locate
>$ pkg_locate libpcap.so
>
> This may also provide a clue:
>
>$ ldd $(which tcpdump)
>
> Yours,
>   Ingo
>
thanks Ingo


Re: can't find libpcap

2019-08-17 Thread shadrock uhuru



On 8/17/19 1:07 PM, Noth wrote:
> On 17/08/2019 14:01, shadrock uhuru wrote:
>> hi everyone
>> is there a package for pcap or libpcap
>> or do i have to download the source and compile
>> shadrock
>>
> libpcap is in base, see man pcap. It lives in /usr/lib.
thanks



can't find libpcap

2019-08-17 Thread shadrock uhuru
hi everyone
is there a package for pcap or libpcap
or do i have to download the source and compile
shadrock



packet filter questions

2019-08-16 Thread shadrock uhuru
hi  everyone

#
# internal interface
INT_IFACE = "em0"
# external wan interface
EXT_IFACE = "bge0"
# wireless interface
WIRE_IFACE = "em1"
# openvpn interface
VPN_IFACE = "tun0"
LO_IFACE = "lo"
LO_ADDR_INET4 = "127.0.0.1"
LO_ADDR_INET6 = "::1"
pass in quick inet log on !$EXT_IFACE $ATCP to port ftp divert-to
$LO_ADDR_INET4 port 8021
pass in quick inet6 log on !$EXT_IFACE $ATCP to port ftp divert-to
$LO_ADDR_INET6 port 8021
pass out proto tcp from $proxy to any port ftp
#

if i use !$EXT_IFACE in th pass line will the proxy work for
INT_IFACE,WIRE_IFACE and VPN_IFACE ?
could i merge the two divert lines if i remove inet and inet6 and
replaced LO_ADDR_INET4 and LO_ADDR_INET6 with LO_IFACE ?

shadrock



Re: adding ipv6 and pppoe to my firewall

2019-07-19 Thread shadrock uhuru
Hi Stuart
thanks for the reply

On 7/12/19 1:20 PM, owner-m...@openbsd.org wrote:
>> hypothetical ipv4 Address and ipv6 prefix from zen:
>> ND Prefix: :::::/64
>> PD Prefix: ::::/48
>> IPv4 Address:     12.34.56.78 (Subnet mask 255.255.255.255)
---
>>     fw1 em0: 192.168.2.2 (lan)
>>     fw1 em1: 12.34.56.78 (wan)
i have taken carp out of the configuration which leaves me with:

/etc/hostname.em0
mtu 1508
inet 192.168.2.2 255.255.255.0 NONE

/etc/hostname.em1
mtu 1508
inet 12.34.56.78 255.255.255.255 NONE
inet6 autoconf -autoconfprivacy -soii

/etc/hostname.pppoe
mtu 1500
inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1 authproto chap
authname "XXX@isp" authkey "XXX" up
dest 0.0.0.1
inet6 eui64
!/sbin/route add default -ifp pppoe0 0.0.0.1
!/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 -priority 8

/etc/rad.conf
interface em0

dhcpcd to be added

> If you need DHCPv6-PD then don't hardcode the addresses on the
> inside interfaces, just let PD fetch them.(For the UK ISPs I'm most familiar 
> with, zen seems to need PD otherwise
> they don't route the block to me, at least in the config they've got
> on my user account
by inside interfaces do you mean the lan facing nic on the firewall and
any tun interfaces ?
i am on zen also and will have a look at dhcpcd
> question 5
>>> do i need to put -autoconfprivacy -soii  in the nics or should i remove it.
> Don't use autoconf on interfaces where you run rad(8), that is like
> running dhclient and dhcpd on the same interface.
>
so remove autoconf from em0 ?

should i be using the mtu option in rad.conf to ensure that all nodes on
a link use the same MTU value i.e. 1508 ?

could you send examples of the following files to compare with mine for
any misconfigurations on my side please.
wan hostname file
lan hostname file
pppoe hostname file
rad.conf
dhcpcd.conf

thanks
shadrock


Re: adding ipv6 and pppoe to my firewall

2019-07-19 Thread shadrock uhuru
Hi Stuart
thanks for the reply

On 7/12/19 1:20 PM, misc@openbsd.org wrote:
>> hypothetical ipv4 Address and ipv6 prefix from zen:
>> ND Prefix: :::::/64
>> PD Prefix: ::::/48
>> IPv4 Address: ?? 12.34.56.78 (Subnet mask 255.255.255.255)
---
>> ?? fw1 em0: 192.168.2.2 (lan)
>> ?? fw1 em1: 12.34.56.78 (wan)
i have taken carp out of the configuration which leaves me with:

/etc/hostname.em0
mtu 1508
inet 192.168.2.2 255.255.255.0 NONE

/etc/hostname.em1
mtu 1508
inet 12.34.56.78 255.255.255.255 NONE
inet6 autoconf -autoconfprivacy -soii

/etc/hostname.pppoe
mtu 1500
inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1 authproto chap
authname "XXX@isp" authkey "XXX" up
dest 0.0.0.1
inet6 eui64
!/sbin/route add default -ifp pppoe0 0.0.0.1
!/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 -priority 8

/etc/rad.conf
interface em0

dhcpcd to be added

> If you need DHCPv6-PD then don't hardcode the addresses on the
> inside interfaces, just let PD fetch them.(For the UK ISPs I'm most familiar 
> with, zen seems to need PD otherwise
> they don't route the block to me, at least in the config they've got
> on my user account
by inside interfaces do you mean the lan facing nic on the firewall and
any tun interfaces ?
i am on zen also and will have a look at dhcpcd
> question 5
>>> do i need to put -autoconfprivacy -soii?? in the nics or should i remove it.
> Don't use autoconf on interfaces where you run rad(8), that is like
> running dhclient and dhcpd on the same interface.
>
so remove autoconf from em0 ?

should i be using the mtu option in rad.conf to ensure that all nodes on
a link use the same MTU value i.e. 1508 ?

could you send examples of the following files to compare with mine for
any misconfigurations on my side please.
wan hostname file
lan hostname file
pppoe hostname file
rad.conf
dhcpcd.conf

thanks
shadrock



Re: adding ipv6 and pppoe to my firewall

2019-07-10 Thread shadrock uhuru
> hi  everyone
> i have a dual redundant firewall setup the same as the example given at
> https://www.openbsd.org/faq/pf/carp.html
> i was originally with virgin media but have moved to a provider
> offering ipv4, ipv6 and fixed ip addresses,
> i am now trying  to add ipv6 and pppoe to the firewall.
> i haven't found an example on the web of a carp, pppoe and ipv6 firewall ,
> so i've had to pieced together bits of info from different places
> using the following hypothetical addresses this is my planned
> configuration ,
> please feel free to correct where there are mistakes.
>
> IPv6 Address:
> ND Prefix: :::::/64
> PD Prefix: ::::/48
> IPv4 Address:     12.34.56.78 (Subnet mask 255.255.255.255)
>
>     fw1 em0: 192.168.2.2 (lan)
>     fw1 em1: 192.168.3.2 (wan)
>     fw1 em2: 192.168.4.1 (pfsync)
>     fw2 em0: 192.168.2.3 (lan)
>     fw2 em1: 192.168.3.3 (wan)
>     fw2 em2: 192.168.4.2 (pfsync)
>     LAN shared IP: 192.168.2.1 (carp_lan)
>     WAN/internet shared IP: 12.34.56.78 (carp_wan)
>
> fw1
> /etc/hostname.em0
> inet 192.168.2.2 255.255.255.0 NONE
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::100 64
>
> /etc/hostname.em1
> inet 192.168.3.2 255.255.255.0 NONE
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::200 64
>
> /etc/hostname.em2
> inet 192.168.4.1 255.255.255.0 NONE
>
> /etc/hostname.carp_lan.nic
> inet 192.168.2.1 255.255.255.0 192.168.2.255 vhid 1 carpdev em0 advskew
> 5 pass $PASSWORDIN
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::300 prefixlen 64 vhid 1 carpdev em0
> advskew 5 pass $PASSWORDIN
>
> /etc/hostname.carp_wan.nic
> inet 12.34.56.78 255.255.255.255 'broadcast_addr' vhid 2 carpdev em1
> advskew 100 pass $PASSWORDOUT
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::400 prefixlen 64 vhid 2 carpdev $em1
> advskew 100 pass $PASSWORDOUT
>
>
> fw2
> /etc/hostname.em0
> inet 192.168.2.3 255.255.255.0 NONE
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::150 64
>
> /etc/hostname.em1
> inet 192.168.3.3 255.255.255.0 NONE
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::250 64
>
> /etc/hostname.em2
> inet 192.168.4.2 255.255.255.0 NONE
>
> /etc/hostname.carp_lan.nic
> inet 192.168.2.1 255.255.255.0 192.168.2.255 vhid 1 carpdev em0 advskew
> 5 pass $PASSWORDIN
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::350 prefixlen 64 vhid 1 carpdev em0
> advskew 5 pass $PASSWORDIN
>
> /etc/hostname.carp_wan.nic
> inet 12.34.56.78 255.255.255.255 'broadcast_addr' vhid 2 carpdev em1
> advskew 100 pass $PASSWORDOUT
> inet6 autoconf -autoconfprivacy -soii
> inet6 alias :::::450 prefixlen 64 vhid 2 carpdev $em1
> advskew 100 pass $PASSWORDOUT
>
> /etc/hostname.pppoe
> mtu 1500
> inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1/carp2 authproto chap
> authname "XXX@isp" authkey "XXX" up
> dest 0.0.0.1
> inet6 -autoconfprivacy
> inet6 autoconf
> !/sbin/route add default -ifp pppoe0 0.0.0.1
> !/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 -priority 8
>
> % cat /etc/rc.d/dhcp6c
> #!/bin/sh
>
> daemon="/usr/local/sbin/dhcp6c"
>
> . /etc/rc.d/rc.subr
>
> rc_reload=NO
>
> rc_cmd $1
>
> % cat /etc/dhcp6c.conf
> interface pppoe0 {
>     send ia-pd 0;
>     send domain-name-servers;
>     send rapid-commit;
> };
>
> id-assoc pd {
>     prefix-interface em1 {
>         sla-id 0;
>         sla-len 8;
>     };
> };
>
> % echo 'dhcp6c_flags=pppoe0' | tee -a /etc/rc.conf.local
> dhcp6c_flags=pppoe0
>
> % echo '!/etc/rc.d/dhcp6c restart' | tee -a /etc/hostname.pppoe0
> !/etc/rc.d/dhcp6c restart
>
> % /etc/rc.d/dhcp6c restart
> dhcp6c(ok)
>     };
> };
>
> question 1
> in hostname.pppoe do i set pppoedev to the wan facing nic or the wan
> carp interface on each firewall
> question 2
> in dhcpv6.conf do i set the interface and prefix_interface to the wan
> and lan facing nic or the wan and lan carp interface on each firewall
> question 3
> what broadcast address do i use for in the carp_wan configuration if the
> mask is 255.255.255.255
> question 4
> do i just add interface em0 to rad.conf
> or do i use the complex case to set the prefix and basic DNS options.
> interface em1 {
>     prefix ::::/48
>     dns {
>     nameserver ::::53
>     search example.org
> question 5
> do i need to put -autoconfprivacy -soii  in the nics or should i remove it.
>
> shadrock
is there no one who can help me with this ?

shadrock



adding ipv6 and pppoe to my firewall

2019-07-09 Thread shadrock uhuru
hi  everyone
i have a dual redundant firewall setup the same as the example given at
https://www.openbsd.org/faq/pf/carp.html
i was originally with virgin media but have moved to a provider
offering ipv4, ipv6 and fixed ip addresses,
i am now trying  to add ipv6 and pppoe to the firewall.
i haven't found an example on the web of a carp, pppoe and ipv6 firewall ,
so i've had to pieced together bits of info from different places
using the following hypothetical addresses this is my planned
configuration ,
please feel free to correct where there are mistakes.

IPv6 Address:
ND Prefix: :::::/64
PD Prefix: ::::/48
IPv4 Address:     12.34.56.78 (Subnet mask 255.255.255.255)

    fw1 em0: 192.168.2.2 (lan)
    fw1 em1: 192.168.3.2 (wan)
    fw1 em2: 192.168.4.1 (pfsync)
    fw2 em0: 192.168.2.3 (lan)
    fw2 em1: 192.168.3.3 (wan)
    fw2 em2: 192.168.4.2 (pfsync)
    LAN shared IP: 192.168.2.1 (carp_lan)
    WAN/internet shared IP: 12.34.56.78 (carp_wan)

fw1
/etc/hostname.em0
inet 192.168.2.2 255.255.255.0 NONE
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::100 64

/etc/hostname.em1
inet 192.168.3.2 255.255.255.0 NONE
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::200 64

/etc/hostname.em2
inet 192.168.4.1 255.255.255.0 NONE

/etc/hostname.carp_lan.nic
inet 192.168.2.1 255.255.255.0 192.168.2.255 vhid 1 carpdev em0 advskew
5 pass $PASSWORDIN
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::300 prefixlen 64 vhid 1 carpdev em0
advskew 5 pass $PASSWORDIN

/etc/hostname.carp_wan.nic
inet 12.34.56.78 255.255.255.255 'broadcast_addr' vhid 2 carpdev em1
advskew 100 pass $PASSWORDOUT
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::400 prefixlen 64 vhid 2 carpdev $em1
advskew 100 pass $PASSWORDOUT


fw2
/etc/hostname.em0
inet 192.168.2.3 255.255.255.0 NONE
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::150 64

/etc/hostname.em1
inet 192.168.3.3 255.255.255.0 NONE
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::250 64

/etc/hostname.em2
inet 192.168.4.2 255.255.255.0 NONE

/etc/hostname.carp_lan.nic
inet 192.168.2.1 255.255.255.0 192.168.2.255 vhid 1 carpdev em0 advskew
5 pass $PASSWORDIN
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::350 prefixlen 64 vhid 1 carpdev em0
advskew 5 pass $PASSWORDIN

/etc/hostname.carp_wan.nic
inet 12.34.56.78 255.255.255.255 'broadcast_addr' vhid 2 carpdev em1
advskew 100 pass $PASSWORDOUT
inet6 autoconf -autoconfprivacy -soii
inet6 alias :::::450 prefixlen 64 vhid 2 carpdev $em1
advskew 100 pass $PASSWORDOUT

/etc/hostname.pppoe
mtu 1500
inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1/carp2 authproto chap
authname "XXX@isp" authkey "XXX" up
dest 0.0.0.1
inet6 -autoconfprivacy
inet6 autoconf
!/sbin/route add default -ifp pppoe0 0.0.0.1
!/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 -priority 8

% cat /etc/rc.d/dhcp6c
#!/bin/sh

daemon="/usr/local/sbin/dhcp6c"

. /etc/rc.d/rc.subr

rc_reload=NO

rc_cmd $1

% cat /etc/dhcp6c.conf
interface pppoe0 {
    send ia-pd 0;
    send domain-name-servers;
    send rapid-commit;
};

id-assoc pd {
    prefix-interface em1 {
        sla-id 0;
        sla-len 8;
    };
};

% echo 'dhcp6c_flags=pppoe0' | tee -a /etc/rc.conf.local
dhcp6c_flags=pppoe0

% echo '!/etc/rc.d/dhcp6c restart' | tee -a /etc/hostname.pppoe0
!/etc/rc.d/dhcp6c restart

% /etc/rc.d/dhcp6c restart
dhcp6c(ok)
    };
};

question 1
in hostname.pppoe do i set pppoedev to the wan facing nic or the wan
carp interface on each firewall
question 2
in dhcpv6.conf do i set the interface and prefix_interface to the wan
and lan facing nic or the wan and lan carp interface on each firewall
question 3
what broadcast address do i use for in the carp_wan configuration if the
mask is 255.255.255.255
question 4
do i just add interface em0 to rad.conf
or do i use the complex case to set the prefix and basic DNS options.
interface em1 {
    prefix ::::/48
    dns {
    nameserver ::::53
    search example.org
qeustion5
do i need to put -autoconfprivacy -soii  in the nics or should i remove it.

shadrock



Fwd: howto verify keydisk backup

2019-06-19 Thread shadrock uhuru




 Forwarded Message 
Subject:Re: howto verify keydisk backup
Date:   Wed, 19 Jun 2019 09:23:53 +0100
From:   shadrock uhuru 
To: noah pugsley 





On 6/19/19 5:25 AM, noah pugsley wrote:
> On Tue, Jun 18, 2019 at 5:37 PM shadrock uhuru  wrote:
>> hi everyone
>> my keydisk is on a compactflash sandisk ultra 2 card,
>> which was created during disk encryption
>>
>> doas disklabel sd1
>> # /dev/rsd1c:
>> type: SCSI
>> disk: SCSI disk
>> label: USB CARD READER
>> duid: ea53e532b5ae2a0f
>> flags:
>> bytes/sector: 512
>> sectors/track: 63
>> tracks/cylinder: 255
>> sectors/cylinder: 16065
>> cylinders: 31
>> total sectors: 501760
>> boundstart: 64
>> boundend: 498015
>> drivedata: 0
>>
>> 16 partitions:
>> #   size   offset  fstype [fsize bsize   cpg]
>>   a:16001  64  RAID
>>   c:501760 0   unused
>>
>>
>> i boot my laptop  (samsung np300e5A) with this connected to a card
>> reader  connected to a usb port and i'm able to boot without a problem
>>
>> I HAVE A cruzer memory stick to use as a BACKUP keydisk
>>
>> doas disklabel sd3
>> # /dev/rsd3c:
>> type: SCSI
>> disk: SCSI disk
>> label: Cruzer Fit
>> duid: 7fe58412fc668f9e
>> flags:
>> bytes/sector: 512
>> sectors/track: 63
>> tracks/cylinder: 255
>> sectors/cylinder: 16065
>> cylinders: 972
>> total sectors: 15630336
>> boundstart: 64
>> boundend: 15615180
>> drivedata: 0
>>
>> 16 partitions:
>> #size   offset  fstype [fsize bsize   cpg]
>>   a:16001   64RAID
>>   c: 156303360  unused
>>
>> using the backup instruction on the openbsd faq i create an image of the 
>> keydisk
>>
>> dd bs=8192 skip=1 if=/dev/rsd1a of=backup-keydisk.img
>>
>> 999+1 records in
>> 999+1 records out
>> 8184320 bytes transferred in 2.251 secs (3634754 bytes/sec)
>>
>> i restore the image to the backup usb memory stick using
>>
>> dd bs=8192 seek=1 if=backup-keydisk.img of=/dev/rsd3a
>>
>> 999+1 records in
>> 999+1 records out
>> 8184320 bytes transferred in 1.744 secs (4690370 bytes/sec)
>>
> I might be speaking out of turn here, but I'm pretty sure you want to
> dd rsdXc, that images the entire disk, not just the a partition.
i don't think that would work,
the two memory sticks are  different sizes with the compactflash being
256mb and the cruzer being 8gb,
if i am wrong let me know,
this is why i dd the partition with the keydisk data on.

shadrock
>> when i try to boot off the backup usb memory stick i get
>> using drive 0 partition 3
>> no os
>>
>> i tried to verify the keydisk image  with diff using
>>
>> doas diff /dev/rsd1a backup-keydisk.img
>> Binary files /dev/rsd1a and backup-keydisk.img differ
>> ---
>>
>> is there a problem with the hardware combination of usb sticks i use for 
>> keydisk backup
>> or the commands i use especially the diff command to try and verify the 
>> image file ?
>>
>> shadrock
>>



howto verify keydisk backup

2019-06-18 Thread shadrock uhuru
hi everyone
my keydisk is on a compactflash sandisk ultra 2 card,
which was created during disk encryption

doas disklabel sd1
# /dev/rsd1c:
type: SCSI
disk: SCSI disk
label: USB CARD READER
duid: ea53e532b5ae2a0f
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 31
total sectors: 501760
boundstart: 64
boundend: 498015
drivedata: 0

16 partitions:
#   size   offset  fstype [fsize bsize   cpg]
  a:16001  64  RAID
  c:501760 0   unused


i boot my laptop  (samsung np300e5A) with this connected to a card
reader  connected to a usb port and i'm able to boot without a problem

I HAVE A cruzer memory stick to use as a BACKUP keydisk

doas disklabel sd3
# /dev/rsd3c:
type: SCSI
disk: SCSI disk
label: Cruzer Fit
duid: 7fe58412fc668f9e
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 972
total sectors: 15630336
boundstart: 64
boundend: 15615180
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
  a:16001   64RAID
  c: 156303360  unused

using the backup instruction on the openbsd faq i create an image of the keydisk

dd bs=8192 skip=1 if=/dev/rsd1a of=backup-keydisk.img

999+1 records in
999+1 records out
8184320 bytes transferred in 2.251 secs (3634754 bytes/sec)

i restore the image to the backup usb memory stick using

dd bs=8192 seek=1 if=backup-keydisk.img of=/dev/rsd3a

999+1 records in
999+1 records out
8184320 bytes transferred in 1.744 secs (4690370 bytes/sec)


when i try to boot off the backup usb memory stick i get
using drive 0 partition 3
no os

i tried to verify the keydisk image  with diff using 

doas diff /dev/rsd1a backup-keydisk.img
Binary files /dev/rsd1a and backup-keydisk.img differ
---

is there a problem with the hardware combination of usb sticks i use for 
keydisk backup
or the commands i use especially the diff command to try and verify the image 
file ?

shadrock



how to setup wireless for redundent firewalls ?

2019-05-23 Thread shadrock uhuru
hi everyone
i have two firewalls setup with carp and pfsync
with my wireless router fed straight into the switch connected to the lan ,
this is fine for me as a single user of my network.
i would like to improve the setup to include other users while allowing
them  access to the internet and limiting their access to my network.
i will be adding another network port  to both firewalls ,
i assume i will need to have two wireless routers,
one plugged into each firewall,
are the two wireless routers setup to have
the same ssid and password for smooth fail-over ?

shadrock



Re: i3bar not working after 6.5 upgrade

2019-05-14 Thread shadrock uhuru



On 5/13/19 12:51 PM, Edgar Pettijohn wrote:
> On May 13, 2019 2:58 AM, shadrock uhuru  wrote:
>>
>>
>> On 5/13/19 1:35 AM, shadrock uhuru wrote:
>>> hi everyone
>>> since upgrading to 6.5 my i3bar no longer works.
>>> i have not changed the configuration in any way
>>> when i run the i3status command manually in a terminal the bar is not
>>> displayed but the correct infomation that would be on the i3bar is
>>> echoed to the terminal.
>>> the message on the right hand of the i3bar is
>>> error: status_command not found or is missing a library dependency
>>> (exit 127)
>>> the left hand side of the bar is functioning correctly 
>>> the following is from the i3 log file.
>>>
>>> grep i3bar  'i3log-2019-05-12-0-41-37'
>>>  
>>> 05/12/19 00:41:40 - config_parser.c:parse_config:267 - CONFIG(line
>>> 152): # Start i3bar to display a workspace bar (plus the system
>>> information i3status
>>> 05/12/19 00:41:41 - Starting bar process: i3bar  --bar_id=bar-0
>>> --socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
>>> 05/12/19 00:41:41 - executing: i3bar  --bar_id=bar-0
>>> --socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
>>> 05/12/19 00:41:41 - WM_CLASS changed to i3bar (instance), i3bar (class)
>>> 05/12/19 00:41:41 - WM_NAME changed to "i3bar for output LVDS-1"
>>> 05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
>>> 05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
>>> [/usr/obj/ports/i3-4.16.1/i3-4.16.1/../i3-4.16.1/i3bar/src/child.c:468]
>>> ERROR: Child (pid: 72679) unexpectedly exited with status 127
>>>
>>>
>> how do i debug for a missing library ?
>> shadrock
>>
> LD_DEBUG=1 
thanks
found the problem by enabling logging for i3
i had my i3 config file at ~/.i3 instead of at ~/.config/i3 which had an
old i3 config file ,
after copying everything from ~i3 to ~/config/i3 and restarting i3 all
is working again.
shadrock



Re: i3bar not working after 6.5 upgrade

2019-05-13 Thread shadrock uhuru



On 5/13/19 1:35 AM, shadrock uhuru wrote:
> hi everyone
> since upgrading to 6.5 my i3bar no longer works.
> i have not changed the configuration in any way
> when i run the i3status command manually in a terminal the bar is not
> displayed but the correct infomation that would be on the i3bar is
> echoed to the terminal.
> the message on the right hand of the i3bar is
> error: status_command not found or is missing a library dependency
> (exit 127)
> the left hand side of the bar is functioning correctly 
> the following is from the i3 log file.
>
> grep i3bar  'i3log-2019-05-12-0-41-37'
>  
> 05/12/19 00:41:40 - config_parser.c:parse_config:267 - CONFIG(line
> 152): # Start i3bar to display a workspace bar (plus the system
> information i3status
> 05/12/19 00:41:41 - Starting bar process: i3bar  --bar_id=bar-0
> --socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
> 05/12/19 00:41:41 - executing: i3bar  --bar_id=bar-0
> --socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
> 05/12/19 00:41:41 - WM_CLASS changed to i3bar (instance), i3bar (class)
> 05/12/19 00:41:41 - WM_NAME changed to "i3bar for output LVDS-1"
> 05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
> 05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
> [/usr/obj/ports/i3-4.16.1/i3-4.16.1/../i3-4.16.1/i3bar/src/child.c:468]
> ERROR: Child (pid: 72679) unexpectedly exited with status 127
>
>
how do i debug for a missing library ?
shadrock



i3bar not working after 6.5 upgrade

2019-05-13 Thread shadrock uhuru
hi everyone
since upgrading to 6.5 my i3bar no longer works.
i have not changed the configuration in any way
when i run the i3status command manually in a terminal the correct
information that would be on the i3bar is echoed to the terminal.
the message on the right hand of the i3bar is
error: status_command not found or is missing a library dependency (exit
127)
the left hand side of the bar displays the workspace
the following is from the i3 log file.

grep i3bar  'i3log-2019-05-12-0-41-37'
 
05/12/19 00:41:40 - config_parser.c:parse_config:267 - CONFIG(line 152):
# Start i3bar to display a workspace bar (plus the system information
i3status
05/12/19 00:41:41 - Starting bar process: i3bar  --bar_id=bar-0
--socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
05/12/19 00:41:41 - executing: i3bar  --bar_id=bar-0
--socket="/tmp/i3-shadrock.Q7Rfx2/ipc-socket.80799"
05/12/19 00:41:41 - WM_CLASS changed to i3bar (instance), i3bar (class)
05/12/19 00:41:41 - WM_NAME changed to "i3bar for output LVDS-1"
05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
05/12/19 00:41:41 - Checking window 0x00e3 (class i3bar)
[/usr/obj/ports/i3-4.16.1/i3-4.16.1/../i3-4.16.1/i3bar/src/child.c:468]
ERROR: Child (pid: 72679) unexpectedly exited with status 127




Re: Upgrade procedure encrypted filesystem (6.4 -> 6.5)

2019-05-09 Thread shadrock uhuru



On 5/9/19 11:56 AM, cho...@jtan.com wrote:
> shadrock uhuru writes:
>> i've got a couple of follow up queries concerning post upgrade things todo.
>>
>> --- -dbus-1.12.10p0v0 ---
>> Remember to update /etc/machine-id
>> how do i update machine_id, i didn't find any man pages to explain ?
> Ignore it. Nothing bad will happen. It's a linuxism.
>
>> --- -libxml-2.9.8p0 ---
>> Remember to update /var/db/xmlcatalog
>> how do i update /var/db/xmlcatalog, found man xmlcatalog but mentions
>> nothing about updating ?
> Ignore it. Nothing bad will happen. Nothing done in XML ever mattered.
>
>> --- -node-8.12.0 ---
>> Error deleting directory /usr/local/lib/kde4/plugins: Directory not empty
>> /usr/local/lib/kde4/plugins contains:
>>
>> ls /usr/local/lib/kde4/plugins
>>
>> accessible    imageformats  phonon_s_backend
>> accessiblebridge  kauth script
>> designer  kscreen   styles
>> grantlee  marble
>> gui_platform  phonon_platform
>>
>> should i go ahead and delete everything in the directory manually ?
> Remove everything that is to do with KDE and go and quietly contemplate
> the life choices which led to you having it installed in the first place.
Hi chohag
it was a leftover when i first installed my laptop
used it for about a week then switch to I3 and never looked back.
will pkg_delete kde4 remove it all ?
shadrock
> Matthew
>



Re: Upgrade procedure encrypted filesystem (6.4 -> 6.5)

2019-05-09 Thread shadrock uhuru



On 5/7/19 9:16 PM, Omar Polo wrote:
> On Tue, May 07, 2019 at 02:04:03AM +0100, shadrock uhuru wrote:
>>
>> On 5/6/19 8:18 PM, Omar Polo wrote:
>>> On Mon, May 06, 2019 at 07:46:53PM +0100, shadrock uhuru wrote:
>>>> hi everyone
>>>> when upgrading my laptop which is encrypted with a keydisk
>>>> i assume that i boot the 6.5 kernel which will be on a usb stick with
>>>> the keydisk inserted,
>>>> will the hard drive still be decrypted and upgraded,
>>>> also will the encryption step need to be redone or will the keydisk
>>>> continue to unlock the 6.5 filesystem on subsequent reboots.
>>>> thanks
>>>> shadrock
>>> Just follow the guide[1]: during the upgrade process the installer will
>>> ask you what disk contains the installation.  Be sure to point it to
>>> the right disk.  The disk will (of course!) still be encrypted after
>>> the upgrade, and you won't need to do anything else.
>>>
>>> [1]: https://www.openbsd.org/faq/upgrade65.html
>> many thanks Omar
> I've forgot one thing (hope it's not too late.)  Point the installer
> to the right *virtual* disk.  For example, in my case I have a disk
> (attached as sd0) with FDE.  When decrypted, a virtual disk sd1 is
> attached, so when I upgrade I point the installer to sd1.  In any case,
> the installer will try to mount the partitions, so you should see an
> error if you point it to the wrong disk.
>
> Also, sorry if I wrote directly to you instead of replying to the ml.
> As always, I foget to CC :)
either way works for me.
Hi Omar and all who helped
i got it upgraded, it was way easier than i expected,
i've got a couple of follow up queries concerning post upgrade things todo.

--- -dbus-1.12.10p0v0 ---
Remember to update /etc/machine-id
how do i update machine_id, i didn't find any man pages to explain ?

--- -libxml-2.9.8p0 ---
Remember to update /var/db/xmlcatalog
how do i update /var/db/xmlcatalog, found man xmlcatalog but mentions
nothing about updating ?

--- -node-8.12.0 ---
Error deleting directory /usr/local/lib/kde4/plugins: Directory not empty
/usr/local/lib/kde4/plugins contains:

ls /usr/local/lib/kde4/plugins

accessible    imageformats  phonon_s_backend
accessiblebridge  kauth script
designer  kscreen   styles
grantlee  marble
gui_platform  phonon_platform

should i go ahead and delete everything in the directory manually ?

shadrock



Upgrade procedure encrypted filesystem (6.4 -> 6.5)

2019-05-06 Thread shadrock uhuru
hi everyone
when upgrading my laptop which is encrypted with a keydisk
i assume that i boot the 6.5 kernel which will be on a usb stick with
the keydisk inserted,
will the hard drive still be decrypted and upgraded,
also will the encryption step need to be redone or will the keydisk
continue to unlock the 6.5 filesystem on subsequent reboots.
thanks
shadrock



missing sdl header and lib files

2019-02-08 Thread shadrock uhuru
hi everyone

i have added the following packages

sdl
sdl-mixer
sdl_image
sdl_net
sdl_ttf
sdl2
sdl2-mixer
sdl2_image
sdl2_net
sdl2_ttf

the lib and header files are missing

are there additional packages to add for these.

shadrock



pycharm updates ?

2019-01-30 Thread shadrock uhuru
hi everyone

just a quick question about pycharm updates
do i allow pycharm to update its's IDE and Plugins or
only update it with pkg_add -u ?

shadrock



howto set terminus font in .Xresources for xterm

2018-12-31 Thread shadrock uhuru
hi everyone

what is the correct command to put in .Xresources for the terminus font,
the following is my Xresources file,
i've tried a few variation but all i get when i start xterm is cannot
load font,
font loading is new to me so i have only try examples off the web
---


XTerm*utf8: 1
! XTerm*font: -*-terminus-medium-*-*-*-18-*-*-*-*-*-iso10646-1
XTerm*font: terminus-12
XTerm*italicFont: terminus-12
XTerm*selectToClipboard: true


!    ! Use a nice truetype font and size by default...
!    xterm*faceName: DejaVu Sans Mono Book
!    xterm*faceSize: 11

xterm*loginshell: true

xterm*savelines: 16384

! double-click to select whole URLs :D
xterm*charClass: 33:48,36-47:48,58-59:48,61:48,63-64:48,95:48,126:48
XTerm*on3Clicks: regex
([[:alpha:]]+://)?([[:alnum:]!#+,./=?@_~-]|(%[[:xdigit:]][[:xdigit:]]))+
*VT100*translations: #override Shift :
exec-formatted("google-chrome '%t'", PRIMARY)

! DOS-box colours...
!    xterm*foreground: rgb:a8/a8/a8
    xterm*foreground: rgb:ff/ff/00
    xterm*background: rgb:00/00/00
    xterm*color0: rgb:00/00/00
    xterm*color1: rgb:a8/00/00
    xterm*color2: rgb:00/a8/00
    xterm*color3: rgb:a8/54/00
    xterm*color4: rgb:00/00/a8
    xterm*color5: rgb:a8/00/a8
    xterm*color6: rgb:00/a8/a8
    xterm*color7: rgb:a8/a8/a8
    xterm*color8: rgb:54/54/54
    xterm*color9: rgb:fc/54/54
    xterm*color10: rgb:54/fc/54
    xterm*color11: rgb:fc/fc/54
    xterm*color12: rgb:54/54/fc
    xterm*color13: rgb:fc/54/fc
    xterm*color14: rgb:54/fc/fc
    xterm*color15: rgb:fc/fc/fc

! right hand side scrollbar...
    xterm*rightScrollBar: true
    xterm*ScrollBar: true

! stop output to terminal from jumping down to bottom of scroll again
    xterm*scrollTtyOutput: false

---

thanks shadrock



Re: ports/devel/pygame make install error

2018-12-28 Thread shadrock uhuru


On 12/27/18 3:35 PM, Edgar Pettijohn wrote:
 i have openbsd 6.4 release installed
 how do i fix this ?
> Don't mix release with current ports.
>
> Either install a current snapshot or ...
>
>> doas cvs -d anon...@anoncvs1.ca.openbsd.org:/cvs -q up -Pd -A
>>
> rm -rf /usr/ports
> And checkout a release ports tree.
>
> See the FAQ for instructions.
>
>> shadrock
>>
carried out instructions as above
and successfully installed pygame
i didn't notice i had use the wrong cvs update command

many thanks

shadrock



Re: ports/devel/pygame make install error

2018-12-27 Thread shadrock uhuru


On 12/27/18 3:48 AM, Anthony J. Bentley wrote:
> shadrock uhuru writes:
>> hi everyone
>>
>> i have openbsd 6.4 release installed
>>
>> when i try to make install  ports/devel/pygame i get an error stating
>>
>> create /usr/ports/packages/amd64/all/py-game-1.9.3.tgz
>> error: Libraries in packing-list in the port tree
>> and libraries from installed packages don't match
>>
>> how do i fix this ?
> As the error message says, the library versions you have installed
> don't match the library versions in your checked out ports tree.
> So update your ports tree and packages to -current.
>
> The remainder of the output (that you cut out) shows which exact
> libraries are out of sync on your system.


i have updated the packages with doas pkg_add -u
but when updating the port tree with the following command

doas cvs -d anon...@anoncvs1.ca.openbsd.org:/cvs -q up -Pd -A

i was continually getting  - packet_write_wait: Connection to
129.128.197.20 port 22: broken pipe but changed repository and manage to
complete the update but i still get the following error

Create /usr/ports/packages/amd64/all/py-game-1.9.3.tgz
Error: Libraries in packing-lists in the ports tree
   and libraries from installed packages don't match
--- /tmp/dep_cache.riRhLvqpZ/portstree-py-game-1.9.3    Thu Dec 27
14:58:48 2018
+++ /tmp/dep_cache.riRhLvqpZ/inst-py-game-1.9.3 Thu Dec 27 14:58:48 2018
@@ -3,7 +3,7 @@
 -W SDL_mixer.5.0
 -W SDL_ttf.8.1
 -W X11.16.1
--W jpeg.70.0
+-W jpeg.69.0
 -W png.17.5
 -W pthread.25.1
 -W freetype.29.0
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:3248
'wantlib-args')
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2014
'/usr/ports/packages/amd64/all/py-game-1.9.3.tgz')
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2475
'_internal-package')
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2454 'package')
*** Error 1 in . (/usr/ports/infrastructure/mk/bsd.port.mk:2027
'/var/db/pkg/py-game-1.9.3/+CONTENTS')
*** Error 1 in /usr/ports/devel/pygame
(/usr/ports/infrastructure/mk/bsd.port.mk:2454 'install')

shadrock



ports/devel/pygame make install error

2018-12-26 Thread shadrock uhuru
hi everyone

i have openbsd 6.4 release installed

when i try to make install  ports/devel/pygame i get an error stating

create /usr/ports/packages/amd64/all/py-game-1.9.3.tgz
error: Libraries in packing-list in the port tree
and libraries from installed packages don't match

how do i fix this ?

shadrock



keydisk not found when unhibernating

2018-11-27 Thread shadrock uhuru
hi everyone

on powering up the laptop after closing the lid
the keydisk is not found
i shutdown the laptop and with the power button
then restart it again
this time the keydisk is found.
is this behaviour normal for resuming from hibernation with an encrypted
filesytem ?

shadrock



apmd: howto resume with screen locked

2018-11-27 Thread shadrock uhuru


On 11/26/18 9:26 AM, Peter Hessler wrote:
> On 2018 Nov 26 (Mon) at 01:18:59 + (+), shadrock uhuru wrote:
> :
> :also how do i resume from hibernate or suspend with the screen locked
> :
> :i use i3 and lock the screen with xautolock and i3lock in .i3/config
> :
> :i put i3lock in /etc/apm/resume
> :
> :when i  resume from ZZZ no lock screen appears, i am brought straight
> :to  my desktop
> :
> :shadrock
> :
>
> /etc/apm/resume is ran as root, so you'll need that script to run i3lock
> as your user, or to trigger i3's screenlock mechanism
>
> I have a similar thing enabled on my laptop, but it's in /etc/apm/suspend:
> pkill -USR1 -x xidle
>
>
HI Peter

thanks for the reply


i have removed my resume file

and created a suspend file and linked hibernate to it with the following
in suspend:

#!/bin/sh
pkill -USR1 -x xidle


i also removed the xautolock and i3lock line in .i3/config

and added the following to .xinitrc:

xscreensaver-no-splash &
xidle -program '/usr/X11R6/bin/xlock -mode random' -timeout 300 &

the screen lock now works as expected when resuming the laptop.

thanks

shadrock





apmd: howto resume with screen locked

2018-11-25 Thread shadrock uhuru


also how do i resume from hibernate or suspend with the screen locked

i use i3 and lock the screen with xautolock and i3lock in .i3/config

i put i3lock in /etc/apm/resume

when i  resume from ZZZ no lock screen appears, i am brought straight
to  my desktop

shadrock



apmd: howto resume with screen locked

2018-11-25 Thread shadrock uhuru
Hi everyone

i have in my /etc/rc.conf.local

apmd "-A -Z8 -t120"

my laptop doesn't hibernate when the power falls below 8%

is there more that i need to configure ?

shadrock