Re: Weird disk problem
On Thu, Jun 5, 2014, at 05:24 PM, STeve Andre' wrote: On 06/05/14 17:38, Christian Weisgerber wrote: I have a 3TB disk here... sd1 at scsibus1 targ 1 lun 0: ATA, Hitachi HUA72303, MKAO SCSI3 0/direct fixed naa.5000cca225c5fbeb sd1: 2861588MB, 512 bytes/sector, 5860533168 sectors ... that's serving as a general media dump with a single FFS2 file system on it. Filesystem SizeUsed Avail Capacity Mounted on /dev/sd1d 2.7T2.5T 63.7G98%/export Yesterday, I experienced the odd effect that reading some files, or parts of files, from that disk became excruciatingly slow. We're talking a few kB/s here. Other files were fine. There were no kernel errors/warnings whatsoever. There were no read errors, the disk was just 100% busy and appeared to be returning data drip by drip. # atactl sd1 smartstatus No SMART threshold exceeded No change on reboot. dd(1) from the raw device was initially fast, then slowed to a crawl as it progressed. I eventually fixed it all by powering off the machine, jiggling the SATA connectors (all fine), and powering the machine back up. Tonight the problem is back. Something is very wrong. Given that dd if=/dev/rsd1c also seems affected, the filesystem layer can be excluded. I won't cry too much over a dying disk, but why the heck are there no error indications of any kind? Any other ideas? Anything in dmesg/kernel log about operations timing out? I think you are relying on the smart system too much. Certainly try what David said, but it's obvious that the disk is sick despite what the smart system may say. I've had about seven disk failures in the last several years. Three or four of them the smart system was absolutely correct, with the others being less informative. I've also had a false notice that a disk was bad, but worked for several years, till it got too small for its task. Smart is good, but it has its limitations. It best deals with gradual errors, not fast catastrophic ones. Running smartmontools should give you enough information to determine if you have a sick disk, though it may require looking at the values and seeing if you have a rise in e.g. the number of sectors remapped; I would not trust atactl sd# smartstatus by itself. Failing that, there are more time-honored empirical tests, such as assuming the worst for the disk's health if it is making weird noises when it slows to a crawl. It could also be either the SATA cabling or the SATA controller that is having trouble after warming up (with specific bit patterns, or just in general). I know that sounds weird, but SATA cables aren't that expensive to replace and it's quite possible the OP got a dud. -- Shawn K. Quinn skqu...@rushpost.com
5.5/i386 acpitz0: _AL0[0] _PR0 failed
on wd0b dump on wd0b acpitz0: _AL0[0] _PR0 failed acpitz0: _AL0[0] _PR0 failed [many more duplicates of the previous two lines snipped] -- Shawn K. Quinn skqu...@rushpost.com
Re: Parallela boards on OpenBSD ?
On Sat, Apr 26, 2014, at 02:02 AM, Tomáš Bodžár wrote: Out of curiosity was anyone in any form of contact with http://www.parallella.org/2014/04/10/parallella-pre-order-shipping-update/regarding possible support in BSD? Looks like their support is GNU/Linux-centric, but I know we have other ARM-based CPU ports already so we're at least halfway there. I wish I was in a position to buy hardware for donation to the developers to speed up the process, and if I was, I would. -- Shawn K. Quinn skqu...@rushpost.com
Re: disklabel: phantom partition extends past end of unit message on amd64, possible bug?
On Wed, Apr 23, 2014, at 06:50 AM, Otto Moerbeek wrote: A slightly different fix has been commited, -Otto At first glance, the bug appears to be squashed. (I'll report back if I find out otherwise later.) Thanks! -- Shawn K. Quinn skqu...@rushpost.com
Re: tmpfs weirdness
On Tue, Apr 22, 2014, at 11:24 PM, Chris Cappuccio wrote: there are some interesting patches in bitrig that you could try to apply in the openbsd tree, recompile your kernel and see if any of them help. https://github.com/bitrig/bitrig/commit/c2ce175 Fix integer overflows handling objects = 2G Fix a series of overflows preventing objects larger than two gigabytes from being handled correctly by uvm_aobj.c. Since kernel_object_store is 4G on amd64, this is slightly worrying. I started with this one, and I cannot get it to apply cleanly. It looks like whatever is in -current now has diverged enough from what Bitrig took or vice versa to make applying it by hand tricky at best. Given my horrible luck with this one, I am hesitant to try the others. -- Shawn K. Quinn skqu...@rushpost.com
Re: tmpfs weirdness
On Mon, Apr 21, 2014, at 12:26 AM, Shawn K. Quinn wrote: With a tmpfs mounted on /tmp: $ cd /tmp $ dd if=/dev/zero of=0 bs=1M ; sync ; sleep 5 ; rm 0 results in dmesg getting spammed with: uao_flush: strange, got an out of range flush (fixed) Forgot to mention, this is on amd64 with a recent snapshot. If the tmpfs is large enough (larger than physical RAM, maybe?) another error happens (I don't have it handy right now) That error would be: pagedaemon: wait_pla deadlock detected! Screenshots of ddb info available temporarily at: http://www.shawnkquinn.com/openbsd-tmpfs-crash/ (Some may be duplicates, a couple may have a small part of the screen cut off. Enough should be legible to figure out what's going on.) and the system usually winds up wedged badly enough that boot dump from ddb won't work as designed. I can reproduce this on request. Also, it should be noted tmpfs allocates the entire amount of memory available by default. When I do something similar with mfs, I can write at least an 8G file to a 10G mfs disk, and the system does not actually crash. It does slow down and the load average skyrockets (8.25 right after killing dd) but the system never becomes unusable. -- Shawn K. Quinn skqu...@rushpost.com
disklabel: phantom partition extends past end of unit message on amd64, possible bug?
Either I'm missing something obvious, or something is amiss in disklabel as of the April 19 snapshot for amd64. I'm thinking it's the latter because, as you can see below, 'disklabel -E' has no issue with what 'disklabel -e' complains about: Script started on Tue Apr 22 21:44:41 2014 # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: ST3750528AS duid: e6430fb1fad1094c flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 91201 total sectors: 1953525168 boundstart: 64 boundend: 1953525168 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 2097152 64 4.2BSD 2048 163841 # / b: 70243488 2097216swap # none c: 19535251680 unused d: 8911776 72340704 4.2BSD 2048 163841 e: 8911776124776832 4.2BSD 2048 163841 # /usr f:171964064133688608 4.2BSD 2048 163841 g: 8385920305652672 4.2BSD 2048 163841 # /var/squid h: 20964853314038592 4.2BSD 2048 163841 # /usr/local i:197091136335003456 4.2BSD 2048 163841 # /media/shawn-backups k:524291584532094592 4.2BSD 4096 327681 # /media/music l:120118048 1056386176 4.2BSD 2048 163841 m: 25181216 1176504224 4.2BSD 2048 163841 # /var/www n: 2097152 1201685440 4.2BSD 2048 163841 o: 83901568 1203782592 4.2BSD 2048 163841 # /var p:665840960 1287684160 4.2BSD 4096 327681 # /home # disklabel -E sd0 Label editor (enter '?' for help at any prompt) c partition to change size: [] p Partition p is currently 665840960 sectors in size, and can have a maximum size of 665841008 sectors. size: [665840960] c partition to change size: [] c Partition must be between 'a' and 'p' (excluding 'c'). q No label changes. # disklabel -e sd0 disklabel: partition c: partition extends past end of unit disklabel: partition p: partition extends past end of unit re-edit the label? [y]: n # ^D Script done on Tue Apr 22 21:45:05 2014 (The editor session after 'disklabel -e' is simply ':q', so it's getting back the same disklabel that I got to edit with no changes.) -- Shawn K. Quinn skqu...@rushpost.com
tmpfs weirdness
With a tmpfs mounted on /tmp: $ cd /tmp $ dd if=/dev/zero of=0 bs=1M ; sync ; sleep 5 ; rm 0 results in dmesg getting spammed with: uao_flush: strange, got an out of range flush (fixed) If the tmpfs is large enough (larger than physical RAM, maybe?) another error happens (I don't have it handy right now) and the system usually winds up wedged badly enough that boot dump from ddb won't work as designed. I can reproduce this on request. -- Shawn K. Quinn skqu...@rushpost.com
Re: sudo -u environment help
On Fri, Apr 4, 2014, at 12:05 PM, David Coppa wrote: On Fri, Apr 4, 2014 at 7:01 PM, Todd norr...@gmail.com wrote: I think this should work sudo su - user Sure, it works. I often use it. sudo -s user should work as well I think. -- Shawn K. Quinn skqu...@rushpost.com
Re: system resets with openbsd flash drive
On Mon, Mar 31, 2014, at 10:35 PM, Jim Rowan wrote: Hi, I'm trying to resurrect some neoware ca22 thinclient boxes, and seeing strange behavior I don't know how to interpret. [...] Suspicious that it was the usb drive itself, I tried three separate brands. Same thing. I put grml on one of them, it boots fine. I put nanobsd on the same one; again boots fine. With openbsd on the usb drive, and I wipe out the beginning of the drive with dd, it then does not reset. [...] One of the confusing things is the reset that happens when the usb drive is plugged in while in the bios setup... What can I do next? It seems like the BIOS looks at the partition table and panics when it sees the OpenBSD partition, which honestly it should not care about. Anti-virus protection run amok perhaps? Either that, or some other type of BIOS bug. -- Shawn K. Quinn skqu...@rushpost.com
Re: upgrades no longer allow ftp for sets
On Sat, Mar 29, 2014, at 09:44 AM, Theo de Raadt wrote: Eventually, will base ftpd be removed? Unlikely. Why not? You got rid of base telnetd a while back. -- Shawn K. Quinn skqu...@rushpost.com
Re: upgrades no longer allow ftp for sets
On Thu, Mar 27, 2014, at 09:14 AM, Jiri B wrote: On Thu, Mar 27, 2014 at 08:10:05AM -0600, Theo de Raadt wrote: TdR ... placing openssl there is not part of any solution that would work. TdR What are other possible solutions? Do you think sftp would fit? Can you replace ftp with sftp? I'd prefer to maintain a limited access sftp server rather than a http one. Wow. No. Could you please elaborate why not sftp for sets (and/or for pkg_add)? My educated guess is that ssh and sftp would not fit on the install disks. Though there are probably other reasons as well, including the fact that to truly be secure you'd have to verify the host keys beforehand as they could not be stored on the install disks. -- Shawn K. Quinn skqu...@rushpost.com
Re: Seagate ST3250310AS not recognized
On Wed, Mar 26, 2014, at 05:11 PM, L. V. Lammert wrote: On Wed, 26 Mar 2014, Charlie Farinella wrote: I'm trying to install OpenBSD 5.4 on a Dell Vostro 400, it's several years old but not ancient. 4GB RAM, 250GB Seagate ST3250310AS hard drive. The installation goes normally until it tries to find the hard drive and then tells me no hard drive is available. Assuming it is recognized in the machine BIOS, .. you mmight have to install a DOS partition table first - it probably still has an ESX partition table, even after wiping. On OpenBSD the drive itself should show up in the installer regardless of whatever garbage is in the partition table. For a Windows install, your advice would be spot-on, but OpenBSD's installer is much more intelligent than anything that came out of Redmond, WA, US. -- Shawn K. Quinn skqu...@rushpost.com
Re: upgrades no longer allow ftp for sets
On Tue, Mar 25, 2014, at 06:58 PM, n...@leviacomm.net wrote: Since the 23 March snapshot I've no longer been able to get the sets via ftp during upgrade, is this intentional or is this an error on my end? This worked on the snapshot form 19 March and earlier using the amd64-snapshot bsd.rd indirectly from ftp3.usa.openbsd.org (Local ftp mirror with rsync daily pull from ftp3). I would guess it's intentional as there's no real reason to pick FTP over HTTP anymore. -- Shawn K. Quinn skqu...@rushpost.com
Re: upgrades no longer allow ftp for sets
On Tue, Mar 25, 2014, at 08:10 PM, n...@leviacomm.net wrote: Thanks and I understand the reasoning. The current ftp server won't be able to do http and use of siteXX files prevents using an external source. Will nfs be supported or am I going to need more hardware? What is preventing you from using, say, a USB thumb drive as the install media? Also note you can install from multiple sources (http for everything else, then a local disk for the siteXX files). -- Shawn K. Quinn skqu...@rushpost.com
Re: Kernel error with March 20th amd64 snapshot
On Fri, Mar 21, 2014, at 07:34 PM, Tristan PILAT wrote:
Hello,
I noticed a crash with the March 20th amd64 snapshot. When I
unplug my USB wireless mouse receiver, i get this;
wskbd1: disconnecting from wsdisplay0
wskbd1 detached
ukbd0 detached
uhidev0 detached
uvm_faut(0x81dc6f00, 0x24, 0, 1) - e
kernel: page faut trap, code=0
Stopper at strlcpy+0x16movzbl 0(%rcx), %eax
ddb1{1}
I own a thinkpad x230 and only the right side USB port is working
after the upgrade, the two left side USB port are not working
anymore. Find attached my dmesg.
A similar crash happened with the March 19th snapshot here as well when
switching computers on my USB KVM switch. My backtrace also indicates a
kernel trap in strlcpy. I was about to upgrade to the March 20th
snapshot to see if it was still there.
--
Shawn K. Quinn
skqu...@rushpost.com
Re: Trouble with connect to www.aeroflot.ru
On Wed, Mar 19, 2014, at 09:07 AM, Leonov Aleksey wrote: Hi folks, I can`t connect to www.aeroflot.ru from lynx on openbsd 5.4. I can connect from gentoo, windows. Anybody can connect to wwe.aeroflot.ru from openbsd 5.4? Right now according to http://isup.me/aeroflot.ru it's down for everyone. -- Shawn K. Quinn skqu...@rushpost.com
Re: Vision 2020: Making OpenBSD the world's fastest OS
On Wed, Mar 5, 2014, at 09:08 AM, openda...@hushmail.com wrote: Anybody have any thoughts on how to achieve this? OpenBSD has never been about making the fastest operating system, only the most secure operating system. You're welcome to fork the project and pursue different goals if you wish. -- Shawn K. Quinn skqu...@rushpost.com
Re: sysmerge trouble
On Sun, Feb 23, 2014, at 03:45 PM, Ed Ahlsen-Girard wrote: Took a while to submit this, but for the past ~ six weeks of snapshots sysmerge fails thus: ERROR: failed to populate from /usr/src and create checksum file sysmerge works fine for me on amd64 sans the occasional incident of operator error. What's under your /usr/src? What's your sysmerge command line? -- Shawn K. Quinn skqu...@rushpost.com
Re: Some clarification on -stable
On Mon, Feb 10, 2014, at 04:18 PM, Laurence Rochfort wrote: Hello, I'm updating to 5.4-stable and would like some clarification. 1) You must make sure your kernel, userland (the supporting utilities and files) andports tree are all in sync, or unpleasant things will happen. Does this mean I may no longer install binary packages from the FTP servers, only compile ports, after updating to -stable? You can use the binary packages from the mirror sites after updating to -stable. The purpose of -stable is to remain as compatible with -release as possible while fixing important security bugs and stability issues. 2) There are a couple additional steps that some users may wish to perform, depending on the purpose of the build and if X is installed: Should one always build Xenocara if X is installed, or only if the errata page lists a patch for Xenocara? Having -release X packages with -stable userland is something you can often get away with but isn't recommended. I would always rebuild both if keeping up with -stable. -- Shawn K. Quinn skqu...@rushpost.com
Re: Upgrade path from 4.1?
On Thu, Feb 6, 2014, at 04:07 PM, Chris Bennett wrote: It never hurts to be careful. And backup everything before you turn off those disks since they are old. Old disks keep running but often can't restart from a stop. If for some reason you do find yourself with disks that will not spin up again after being spun down, try leaving the box powered up at the failed boot screen for a time (at least 15 minutes, I recommend at least 30 minutes) before rebooting. This at least worked for me on a 200 megabyte disk in the 1990s (I fortunately have not had the problem since). -- Shawn K. Quinn skqu...@rushpost.com
Re: Power consumption of various architectures
On Mon, Jan 20, 2014, at 06:22 PM, Juan Francisco Cantero Hurtado wrote: I use a (good) power meter. Don't buy the cheapest one. There's also the possibility of using a clamp-style AC ammeter on the power cable and multiplying by the nominal line voltage. -- Shawn K. Quinn skqu...@rushpost.com
Re: Trouble with Huawei e3276
On Thu, Jan 23, 2014, at 01:34 AM, Кирилл Каплин wrote: Hello. This is my trouble: huawei e3276 recognized as cdrom on OpenBSD 5.4. After I try to add entry with id to usbdevs and recompile the kernel, it start to recognize as urndis, but with errors and no success. Any ideas? And what info I must provide to you? Try to mount this cdrom and do an ls of it; a lot of devices use this trick to store Windows drivers without a separate physical optical disc shipping with the product. If so, this is fixable but slightly more involved than just adding a new device id to a table. -- Shawn K. Quinn skqu...@rushpost.com
Re: dmassage - openbsd 5.4 build failure
On Wed, Jan 1, 2014, at 06:17 PM, Theo de Raadt wrote: I think dmassage being unmaintained for 12 years, and this issue just coming up now, probably says a lot about that type of person. It's a type of person who can't fix dmassage, and then, sends us a mail. Sorry, but it's the truth. Very little, if anything, has changed in either the kernel configuration procedure or the format of a kernel's dmesg in the last 12 years. So this is more a case of if it ain't broke, don't fix it. If anything has changed, it's what device drivers you can rip out and still get the kernel to compile. I will admit most of the reasons for doing so today are a lot less compelling in years past, when every byte of RAM counted for something (best example being a couple of non-PCI 486 systems when you could cut the kernel size almost in half by not putting in all those useless PCI drivers). Today, you have to try to find something with less than 128MiB of RAM in it, and the odds are in your favor of having more even if it's a dumpster rescue. The only use I can think of might be security (it's much harder to use an external USB storage device if the kernel is compiled not to look for them) but I'm sure there are better ways to do even this. -- Shawn K. Quinn skqu...@rushpost.com
Re: dmassage - openbsd 5.4 build failure
On Wed, Dec 25, 2013, at 08:25 AM, Riccardo Mottola wrote: Hi, prompted by the quest of a smaller kernel on my old OmniBook 800 (for which memory modules are harder to find than a standard laptop), I tried my luck with dmassage against a stock GENERIC 5.4 kernel conf. I used the generated config fil, except that I enabled a couple of more PCMCIA drivers, which are of course all disabled except the currently inserted card. What I found is as of a few versions ago, I forget exactly when, dmassage by itself will generate a busted kernel config now. Basically, to have a working kernel you need to compile in certain drivers, even if they not show up in the dmesg. Unfortunately I've forgotten which ones they were and I don't have a system I can experiment on... -- Shawn K. Quinn skqu...@rushpost.com
Re: Is Ext2 stable enough for normal use?
On Thu, Dec 19, 2013, at 02:09 AM, Marcus MERIGHI wrote: Am 12/18/13 23:09, schrieb Evan Root: I have a perverted solution, use fat32. It's failures are very well understood. Inspired by 'perverted solution': maybe NTFS? http://marc.info/?l=openbsd-miscm=138209682226904 http://marc.info/?l=openbsd-techm=137027292319143 I know for a fact that on GNU/Linux, NTFS performance is terrible, especially on larger files. True story: once I tried backing up something as a large .zip file to NTFS on a GNU/Linux system. The ETA would start off saying something reasonable like 3 hours then, three hours later, it would be about 8 hours and it would keep going up from there. -- Shawn K. Quinn skqu...@rushpost.com
Re: Is Ext2 stable enough for normal use?
On Mon, Dec 16, 2013, at 05:26 PM, Donald Allen wrote: On Mon, Dec 16, 2013 at 5:48 PM, Tekk t...@parlementum.net wrote: I've got an ext3 /home partition which I use under linux, how likely is it that files will get clobbered if I use the same /home under a dual boot with openbsd? Your subject asks about the stability of the ext2 support in OpenBSD, but your message says you have an ext3 partition you want to access. ext2 and ext3 are not the same thing -- ext3 is a journaled variant of ext2 that OpenBSD does not support. See http://www.openbsd.org/faq/faq9.html Don't do it. My understanding is read/write access is considerably more risky than read-only access. If you just need to read that /home under OpenBSD it's much less complicated and less risky as you can just mount /home read-only and be done with it (even if it's still ext3). At minimum, if you insist on read-write, you should get rid of the journal thus converting ext3 back to ext2. It's a Really Bad Idea to mount ext3 as ext2 read-write unless you are extra careful to shut down cleanly every time and even then it's dubious. It *might* be less risky if you format that /home as FFS and access it using the Linux kernel's UFS/FFS module. Or, you could simply keep separate /home for GNU/Linux and OpenBSD, which to me is perhaps the cleanest solution. (I tend to compile a lot of stuff and install it to $HOME/bin when I don't want it cluttering up /usr/local/bin which is something I will admit a lot of users probably don't do.) -- Shawn K. Quinn skqu...@rushpost.com
Re: Single process needing a lot of memory
On Fri, Dec 13, 2013, at 05:36 AM, Zé Loff wrote: Hi all First of all, sorry for the kind on newbie question. I'm running some memory-heavy statistical analyses using R, which require more memory than what's physically available. I.e. the machine (a x201, which is running -current amd64) has 4Gb of physical mem, but R needs at least 6Gb. If I understand correctly, this is what virtual mem is there for, but -- and here's the newbie part -- I'm not quite sure on how to make it work. [...] 3. vmemoryuse=3G + datasize-max=infinity Admittedly not knowing what I was doing. Big time SNAFU. Everything slows to a crawl when memory usage goes past the available phys mem (about 3.6G). And by a crawl I mean unusable if using X, requiring great patience if on virtual consoles. top shows R using over 1000% (not a typo) CPU although the CPU summary lines say they're all idling. state is run/3, wait column says pagerse. Swap usage increases, though. R never gets back to a usable state. Clue bat required. Is there anything else that needs to be done to enable R to (properly) use some of the virtual memory? I think R is using virtual memory as best it can, and I seriously doubt you will get anything resembling satisfactory performance without upgrading the RAM (memory) to 8Gb. Basic computing terminology: virtual (something X) means (something X) that isn't really there. Virtual memory isn't really RAM (memory), it's disk space. And you're going to get the performance of disk space, which is orders of magnitude slower than RAM. So: 1) segment this problem such that R never needs more than about 3Gb of RAM in one run if possible, 2) upgrade the RAM, or 3) give R a very long time to complete the task at hand and back up your hard disk regularly because it will get a workout. -- Shawn K. Quinn skqu...@rushpost.com
Re: System starvation when running fsck_msdos
On Wed, Dec 4, 2013, at 05:00 PM, Jeff Ross wrote: Hi all, I have a small server (5.4-current, more or less, dmesg and other pertinent details follow) in an office acting as firewall/samba server. We are trying to use an external USB hard drive as a backup. Because these are windows folk and because this is a server with 512M of ram and their backup needs aren't that great, that 1TB external drive has one 50GB ms-dos partion at i, the rest of the drive is unused. Hotplugd is setup to automagically mount the drive, when it is inserted. But since I have no way (that I know of anyway) to cleanly umount the drive if it is just yanked out while mounted, when the backup script starts if it doesn't find the drive mounted it tries to fsck-msdos's it first and then mount it. What I'm finding is that when the server tries to fsck_msdos the msdos partition, it will more often that not bring the server down. It doesn't panic but it gets so resource starved that it is, for all intents and purposes, locked up--I can't even ssh into it. I have noticed that regular FAT/msdos filesystem access to a USB thumb drive has abysmal throughput, worse than a comparable Windows machine by a factor of at least 2. I'd be willing to contribute towards a bounty fund to get the FAT/msdos filesystem code improved (my programming skills are limited, but I'll have a small surplus of money in about a month). A good start to fix your problem would be to profile fsck_msdos and see exactly what functions are eating up the most CPU time and RAM, and go from there. I have access to a computer with 512M RAM running OpenBSD and can run tests using a similarly sized filesystem and see if it's reproducible. Does an ms-dos file system require far more than the 1MB of ram per 1 GB of disk space that http://openbsd.org/faq/faq14.html#LargeDrive suggests? I don't think 1MB RAM per 1GB disk space applies to fsck_msdos, only the fsck for FFS. -- Shawn K. Quinn skqu...@rushpost.com
Re: Help troubleshooting performance problem
On Sat, Nov 30, 2013, at 03:55 PM, Kenneth R Westerback wrote: On Sat, Nov 30, 2013 at 04:02:58PM -0500, John Hynes wrote: OpenBSD 5.3 (GENERIC.MP) #0: Fri Sep 13 04:11:52 EDT 2013 j...@hytronix-gw1.hytronix.com:/usr/src/sys/arch/amd64/compile/ GENERIC.MP Try 5.4 or -current. Issues with non-home-compiled kernels are more interesting. I thought as long as it was an unmodified GENERIC or GENERIC.MP that the issue was still valid. Is this no longer the case? -- Shawn K. Quinn skqu...@rushpost.com
Re: Patch to remove adult content from spamd(8) man page
On Thu, Nov 21, 2013, at 11:33 AM, J. Lewis Muir wrote: I found some of the example email addresses and domains in the spamd(8) man page to be somewhat adult in nature. If given the choice, I'd choose to read the man page without the adult content. Here's a patch against -current that replaces the adult examples with cleaner alternatives. Would a developer be willing to accept this patch? The OpenBSD man pages are not a Disney movie. For that matter, neither is most of the rest of the world, or the Internet. If you deal at all with spam on the Internet, you will see far, far worse than that. Actually, even if you somehow manage to not get a single piece of spam, you'll see far worse things from time to time on this mailing list right here. I like bigbu...@bofh.ucs.ualberta.ca and I cannot lie. -- Shawn K. Quinn skqu...@rushpost.com
Re: Patch to remove adult content from spamd(8) man page
On Thu, Nov 21, 2013, at 01:51 PM, J. Lewis Muir wrote: I was just wishing I didn't have to read a few examples that to me were off-color. Honestly, those examples are no worse than 'Gnomovision' (which makes passes at compilers). You haven't begun to see off-color until you've seen some of the spam out there. To me it was requesting a small improvement to the documentation, for which I did the work and submitted a patch. I was hoping it wouldn't really matter much to anyone, and then I wouldn't be bothered by the examples anymore. It's good you submitted a patch. But apparently it does matter a whole lot to some people, and honestly, to me it's the principle of the thing more than anything else. You really want to see off-color? Run these two commands. Prepare to faint. $ find /usr/src -type f | xargs grep -w fuck $ find /usr/src -type f | xargs grep -w shit -- Shawn K. Quinn skqu...@rushpost.com
Re: Are there OpenBSD users who are not IT professionals?
On Tue, Nov 19, 2013, at 09:37 AM, za...@gmx.com wrote: Hi I am new to OpenBSD. In fact, I am a total newbie here. After reading many posts on this list, I formed the impression that all or most OpenBSD users are high-end IT professionals. I was wondering: are there OpenBSD users who are not so advanced in terms of IT expertise? That is, who are simple computer *users*, not IT professionals? I have a lot of tech knowledge and have no trouble using a CLI, but I'm not an IT professional at least in the sense that I do not get a paycheck from working in IT. I need to know this because I am starting feeling that, as an average computer user, I might be out of place here. I was attracted to OpenBSD by its security-by-default philosophy. Admittedly, I don't know much about security and I would not be able to set the proper security settings on my own, so I have decided to adopt OpenBSD and use it for simple day-to-day tasks, as a desktop OS (as I would any popular Linux distribution). Does this choice of mine, and its underlying reasoning, make sense? Taken by itself, the reasoning is solid. It's the same reason I use OpenBSD for a system which is primarily a firewall/router. Are there any significant drawbacks to my adoption of OpenBSD (such as OpenBSD being too technical and too difficult, as compared, say, to Linux distros)? Please, give me some advice. If OpenBSD is not for me, I would rather know it sooner than later. Using OpenBSD as a desktop may be more painful for you than anticipated depending on your exact hardware configuration and exactly what you want to do. For example, thanks to HTML5, at least watching YouTube videos is now possible without having to resort to the computing equivalent of a game of Twister. (Before, one either did without YouTube or used youtube-dl and mplayer.) Some things may be more difficult than necessary if certain boneheads in charge assumed handing out a GNU/Linux binary the same way they hand out Windows and MacOS X binaries is enough (happens way too often). Due to secure by default there are a lot of things that would just work on a GNU/Linux system that will not work on OpenBSD without twiddling a sysctl or two, or running something as root that wouldn't require it on GNU/Linux. -- Shawn K. Quinn skqu...@rushpost.com
Re: Is Soekris OpenBSD friendly?
On Fri, Nov 15, 2013, at 10:55 PM, Johan Beisser wrote: I'm not sure what you mean by too slow to route. I've a net4501 with 64mb of RAM that's handling all of my IP traffic at home. Biggest problem is swapping taking out available interrupts. Back in the day I used full-size PCs with processor and memory specs similar to a net4501 with no issues. Some of them even had enough disk space left over to run Squid. -- Shawn K. Quinn skqu...@rushpost.com
fresh checkout of tagged 5.4 FTBFS
Is it not supposed to be possible to build a checkout of tagged 5.4 source from 5.3-stable? === ../kerberosV/lib/libasn1 compile_et /usr/src/kerberosV/lib/libasn1/../../../kerberosV/src/lib/asn1/asn1_err.et asn1_compile --one-code-file --preserve-binary=TBSCertificate --preserve-binary=TBSCRLCertList --preserve-binary=Name --sequence=GeneralNames --sequence=Extensions --sequence=CRLDistributionPoints /usr/src/kerberosV/lib/libasn1/../../../kerberosV/src/lib/asn1/rfc2459.asn1 rfc2459_asn1 Usage: asn1_compile [--version] [--help] [asn1-file [name]] *** Error 1 in kerberosV/lib/libasn1 (Makefile:53 'asn1_rfc2459_asn1.x') *** Error 1 in kerberosV/lib (bsd.subdir.mk:48 'depend') *** Error 1 in lib (bsd.subdir.mk:48 'depend') *** Error 1 in /usr/src (Makefile:86 'build') 1m5.68s real 0m6.40s user 0m8.22s system -- Shawn K. Quinn skqu...@rushpost.com
Re: How does one use adduser in OpenBSD (stuck inEnter username[] loop)?
On Sat, Sep 14, 2013, at 06:47 PM, Martin Schröder wrote: 2013/9/15 Jeffrey Walton noloa...@gmail.com: man visudo I don't know vi. I do known emacs, but its not on this system so I Then learn it. This is unix. You really should use visudo to edit /etc/sudoers, not an editor. Note that you can configure visudo, vipw, and vigr to use an editor besides vi. It's possible to get by on Unix without knowing vi, I did so on GNU/Linux systems for most of 4 years, but I finally broke down and figured it out and promptly realized it wasn't as hard as it had been made out to be. -- Shawn K. Quinn skqu...@rushpost.com
Re: Asterisk Music on Hold
On Wed, 2013-05-15 at 17:14 +, Peter Fraser wrote: I will admit that sometimes I am stupid. The URL does stream. It plays quite happily with VLC on a Windows Box. None of my OpenBSD boxed have audio (or more likely audio drivers) on them. So I had nothing to test with. My apologies; maybe it works only from inside Canada (I'm in the US). -- Shawn K. Quinn skqu...@rushpost.com
Re: Asterisk Music on Hold
On Tue, 2013-05-14 at 19:04 +, Peter Fraser wrote: Does anyone know how to use CBC streaming music for music on hold for Asterisk. I tried the obvious in musiconhold.conf (after installing mpg123) [mp3stream] mode=custom format=SLIN directory=/usr/local/share/asterisk/moh-empty application=/usr/local/bin/mpg123 -q -r 8000 -f 8192 -s --mono http://playerservices.streamtheworld.com/pls/CBC_BAROQU_H.pls I can't even get this URL or the URLs in the playlist to work properly in an actual music player (mpg123 and Banshee on Ubuntu). If I were you, I would first make sure the stream you are using is actually playable somewhere before fooling with Asterisk. -- Shawn K. Quinn skqu...@rushpost.com
Re: Blocking traceroute
On Thu, 2013-04-18 at 22:35 +, fek...@tormail.org wrote: I want to create a Tor hidden server, which people SSH into over Tor. Users could discover the IP server by running traceroute. To stop this I have added a simple rule to pf.conf based off helping traceroute. Otherwise they could just build or run their own binary traceroute. Doesn't traceroute need to be setuid root to work? $ ls -l `which traceroute` -r-sr-xr-x 1 root bin 189176 Aug 1 2012 /usr/sbin/traceroute Though, honestly, traceroute is the least of your problems, read on... Is there anything else I should take into consideration when trying to prevent a server from being discovered? The server will be behind a NAT with only a LAN address. ping, ifconfig, lynx or for that matter most web browsers (that can be used to browse to sites like ipchicken.com or whatismyip.com). Unless, of course, you are careful to either only allow outbound connections via Tor (difficult but possible), or not allow outside Internet connectivity at all (easier but may well defeat the purpose of what you're trying to do). -- Shawn K. Quinn skqu...@rushpost.com
Re: Regional google result for openbsd org ?
On Sat, 2013-02-23 at 23:07 +0530, Mohit Chawla wrote: Hi, I wonder if anyone else is getting search hits like these and if they are valid ? I got these as the first three results: http://www.openbsdindia.org/ www.openbsdindia.org/ftp.html www.openbsdindia.org/security.html This looks to me like it's simply a mirror of the website unannounced to the project. I think the preferred naming is www.in.openbsd.org i.e. country code under the main openbsd.org domain instead of a whole new domain. I don't think there's malicious intent; perhaps someone representing the project officially should reach out to whoever's running the domain so it may be included as an official mirror. -- Shawn K. Quinn skqu...@rushpost.com
Re: Assigning an IP address to a bridge
On Tue, 2013-02-12 at 00:16 +0100, Jeremie Le Hen wrote: What is the advised way to assign an IP address to a bridge(4) interface? The one time I had to do this, I assigned the IP to one member interface of the bridge, and left the other one without an IP, and it worked for my purposes. -- Shawn K. Quinn skqu...@rushpost.com
Re: usb hub as kvm switch
On Sat, 2013-02-09 at 05:54 +0100, Zoran Kolic wrote: I have two nodes side by side. KVM switches for just usb are almost imposible to find in my area. I plan to use usb keyboard and usb mouse only, since my mo- nitor has two adapters for both boxen. Is it possible to use plain usb hub to do the job? One of the nodes would be openbsd 5.2 amd64. I don't see how a plain hub could possibly work as a KVM switch, unless I am missing something. A workaround you may consider would be a PS/2 KVM switch where the KVM switch's PS/2 exit cables go into PS/2-USB adapters. (Or are those adapters just as rare in your area?) -- Shawn K. Quinn skqu...@rushpost.com
Re: ethernet adapter: TrendNet TU2-ETG
On Mon, Oct 15, 2012, at 12:32 AM, Wesley wrote: Hi, I use OpenBSD 5.1, i have this connected : TU2-ETG From dmesg : axe0 at uhub2 port 2 configuration 1 interface 0 ASIX Electronics AX88178 rev 2.00/0.01 addr 2 axe0: AX88178, address 00:50:b6:4e:5a:c9 Dhcp, static address doesn't work. 'ifconfig axe0 media' give me : axe0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:50:b6:4e:5a:c9 priority: 0 media: Ethernet none (none) supported media: media none inet 192.168.0.56 netmask 0xff00 broadcast 192.168.0.255 man axe : AX88178 seems to be support, but this model : TU2-ETG, not... Is it possible to have it working for example the new release 5.2 ? I can't test snapshots, i386\install52.iso or cd52.iso, broken...still 10 oct 12 (Don't worry, i know it is a second posts about this problem, perhaps since 4.9 there's news, or it can be solved i.e http://comments.gmane.org/gmane.os.openbsd.misc/191903) Looks like some kind of issue with the MII because of media none. Driver needs updating, perhaps? -- Shawn K. Quinn skqu...@rushpost.com
Re: Upgrading 3.8 to current
On Sat, Oct 13, 2012, at 12:18 PM, Marc Espie wrote: On Sat, Oct 13, 2012 at 11:47:50AM -0500, Matt Morrow wrote: After dealing with a number of issues due to an old 3.8 install which have been resolved in current releases, I think I'm going to do the individual release upgrades (3.8-3.9-4.0, etc etc) [...] Do you *really* want to go from 3.8 to 5.2 one release at a time ?.. I think this is just one case where I would backup, reinstall, fix things... While technically this method is unsupported, what I would do if faced with this predicament is backup, upgrade the 3.8 install directly to 5.2 and then make all the changes that have taken place in between. (This assumes it's i386, btw.) If for some reason I wound up with a busted system (I'm really not sure how well 5.2 would react to a 3.8-era ports database, for example), I'd start over with a clean 5.2 install and restore what I needed from the backups. That said, going through each individual release upgrade may be a bit safer, but it's a lot more time consuming. -- Shawn K. Quinn skqu...@rushpost.com
Re: Ubiquiti EdgeMax
On Wed, Sep 12, 2012, at 02:31 PM, Miod Vallat wrote: Dual-core MIPS64 processor with hardware acceleration for packet processing and encryption/decryption. And conveniently not giving any more details. Also, there might be no easy way to load anything but the manufacturer-provided software. Their OS is based on Debian GNU/Linux, so it's certainly not out of the question that OpenBSD could be made to run on it. Only 99 USD, wonder if OpenBSD can run on it and take advantage of the hardware acceleration. Without decent hardware documentation, it can't. Agreed, but the fact it uses an OS which uses the kernel Linux is encouraging, though GPL source code is pretty much useless to a BSD-licensed project from a documentation standpoint. We have nothing to lose by asking for docs, though. -- Shawn K. Quinn skqu...@rushpost.com
zyd and Trendnet TEW-429UB adapter
Just a heads-up for anyone in the market for OpenBSD-compatible USB wireless adapters: A friend of mine recently bought a Trendnet TEW-429UB which according to the zyd manpage has the ZyDAS chipset. (Technically, he bought it for a laptop running a GNU+Linux system but my advice has been to buy wireless hardware that will work with OpenBSD because of the project's commitment to software freedom, but the issue still applies equally.) Well, some clown changed the wireless chipset in that adapter without changing the model number. What is there now is some Realtek wireless chipset (the rtw driver doesn't support anything USB so I doubt it's an 8180, I think I remember seeing a reference to 8198 somewhere). -- Shawn K. Quinn [EMAIL PROTECTED]
Re: About Xen: maybe a reiterative question but ..
On Wed, 2007-10-24 at 20:27 -0500, L. V. Lammert wrote: The fact that Microshaft crap has hundreds or thousands of vulnerabilities is the other extreme of the list. I have gone as far as to say Windows is insecure by default which is still much more true than it should be. Of course I'm still holding out some hope (not a lot) that Microsoft really, truly gives a damn someday. -- Shawn K. Quinn [EMAIL PROTECTED]
zyd and Trendnet TEW-424UB adapter (was Re: zyd and Trendnet TEW-429UB adapter)
On Sun, 2007-10-28 at 10:51 -0500, Shawn K. Quinn wrote: A friend of mine recently bought a Trendnet TEW-429UB I guess now I'm the clown, because I misremembered and mistyped the model number. It's the TEW-424UB, not the 429UB. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: : expansion of FAQ# 1.10 re OpenBSD as a desktop system
On Mon, 2007-10-15 at 19:34 -0400, Douglas A. Tutty wrote: I need to look something up in a catalog. The catalog doesn't come in print. I phone the supplier, they say look on the web. Its in flash. So, I need flash to get work done. Maybe it's time to look for an alternate supplier that makes the catalog available as HTML or PDF? -- Shawn K. Quinn [EMAIL PROTECTED]
Re: How can I install 4 OS'es on one disk?
On Sun, 2007-10-07 at 13:47 -0400, Nick Holland wrote: Linux will use an extended partition, but I'm not sure if it can boot from one, nor do I know if a boot loader will extract it and boot from there (and I suspect there will be vendor-specific BIOS questions, too). That's your problem to figure out. GNU/Linux has no problem booting from an extended partition, I've done it before. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: partition layout
On Thu, 2007-10-04 at 17:10 -0700, Clint Pachl wrote: The only thing I would use that 486 for would be an X client, with a good graphics card, a router, or as a command line tinkering system. Yes, a 486 is still plenty of system for use as a router, assuming the right networking hardware is available for it. Heck, I miss my old Pentium 100 I was using as a router (well, sort of). -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Speeding up OBSD bootup
On Sat, 2007-10-06 at 16:31 -0400, Constantine A. Murenin wrote: On 06/10/2007, Karel Kulhavy [EMAIL PROTECTED] wrote: Is it possible to specify the kernel that the hardware for which there are drivers probing for but I don't have in my PC is absent? You might want to checkout ports/sysutils/dmassage/. Obviously, under improper use this might disable all hotpluggable USB stuff. Ideally, you should plug in all USB gadgets you ever plan to use with the laptop before running dmassage. If you can't do that, then you should specifically re-enable them. Be sure to enable things like the SCSI subsystem if you plan to use a USB mass storage device (pen drive, external hard drive, CD-/DVD-ROM, floppy drive). I made the mistake of leaving this out once after compiling a custom kernel, then weeks later plugged in a pen drive and wondered why I wasn't able to mount the damn thing. (Note this is exactly why you shouldn't compile a custom kernel unless you know what you're doing.) -- Shawn K. Quinn [EMAIL PROTECTED]
Re: netstart location
On Mon, 2007-08-06 at 20:17 -0400, Nick Guenther wrote: Besides tradition, is there any particular reason that netstart is in /etc? This has always confused me, I'd think it would be in /sbin. Further, why is it not exectuable? You can always symlink it to /sbin and change the permissions to executable after the install is done. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: The Atheros story in much fewer words
On Fri, 2007-09-14 at 11:39 +, Sebastien Carlier wrote: Rui, On 2007-09-14 11:13:11, Rui Miguel Silva Seabra wrote: The spirit of the GNU GPL is to maintain freedom for all users. You don't seem to get the fact that the BSD license is *more free* than the GPL because the BSD license imposes *fewer requirements* on distribution. Do you seriously believe people have to be coerced into being free? If you call the power to handcuff users to your customized code based on a BSD-licensed original an additional freedom, then you're right, and you should be working for Microsoft, Apple, or some other company that makes their profits by putting walls between computer users. I don't call that a freedom. That's no more a right than the right to keep another human being as a slave. We (in the US) got rid of that particular broken system over a century ago, and for good reason. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: The Atheros story in much fewer words
On Fri, 2007-09-14 at 00:30 -0400, Nick Holland wrote: Obviously you have missed some of my commentaries on the GPL vs. BSD philosophy. I don't hate the GPL. I dislike it compared to the BSD alternative in general (I dislike milk chocolate compared to dark chocolate, too, but either beats the heck out of, uh, most things. :) but the short version is, it boils down to which you fear more: Big Companies using your code and thus, you as a developer, without pay or allowing you to use their code. -- or -- Big Companies NOT using your code, and rolling their own (inferior, incompatible, inconsistent, proprietary) crap instead. A lot of big companies simply don't care. If there exists code they can use without having to hire programmers, and without having to share their modifications to the rest of the community, great. (And it still amazes me that at least some big companies treat having to share under the same conditions which let them get the code to begin with, to be such a big deal.) I can make a pretty convincing case for either. However, as much as I'd dislike seeing Microsoft take OpenBSD code and ideas without compensation of any kind, I'd much prefer they use the code and ideas to not using 'em. But that's me. Not all may agree, and that's a good thing. I'm sure they'd love to do it! Large companies like Microsoft *love* BSD code. They can grab it, and at most, they have to give credit to the developers in their advertisements and put the standard AS IS blurb in the documentation. Your tone is similar to that of people who refuse to condemn the acts of vandals or killers simply because they are (loosely and self- proclaimed) of the same arbitrary group as they are. An attack on them is an an attack on me, and we can't have that! I'm not saying the arbitrary removal of the original license from code is wrong. I *am*, however, very much against the inexcusable slander of the GNU project based on the views of a few (unfortunately) less-than-scrupulous people. Even though BSD-style licenses are compatible with the GPL, there are perfectly acceptable social goals achieved only by releasing under the GPL or a similar license. holy shit. The ends (perfectly acceptable social goals) justify the means (theft of intellectual property)? I never said this. If this is what you believe, state it as your own. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: OpenBSD Install Goal
On Fri, 2007-09-14 at 18:55 -0700, asdf wrote: --- Marco Peereboom [EMAIL PROTECTED] wrote: I installed FreeBSD once in my life. Took me 3 tries and I am sure some kittens were murdered in the process. I am also pretty sure I wept at some point. Honestly I can't remember a much worse installer; maybe SCO OpenServer but not by much. I've used FreeBSD and Linux for some time ( 5 years) now and IMO I don't think the FreeBSD installer is _that_ bad. It might be confusing to the first time novice user but honestly I've seen worse Linux installers. Linux, the kernel, does not have an installer. Only the GNU variant operating systems using Linux, the kernel, actually have installers. Assuming this is what you meant, could you actually name which ones? Having said that I think that the OpenBSD installer is awesome. Nothing beats its simplicity, and it's one of the few installers I can think of (besides NetBSD perhaps?) that boots from one floppy disk. How amazing is that??!! No need whatsoever to even think of changing the OpenBSD installer - it just works so well. I will agree it does, once one overcomes any intimidation factor from getting a tty interface. (Not that there ever was such intimidation for *me*, mind you.) -- Shawn K. Quinn [EMAIL PROTECTED]
Re: The Atheros story in much fewer words
On Thu, 2007-09-13 at 07:09 -0400, Nick Holland wrote: GNUspeak: These are definitely not the views of the GNU project. They *might* be views of the self-styled Linux nerds that think they are k00l and eleet because they read Slashdot, but to imply the GNU project espouses these views is, quite frankly, slanderous. Give back to the community! (which really means, I'm the community, gimme, gimme, gimme!) There may be some in the free software movement that think like this, but this is far from a majority view. Free as in Freedom! (but Free as in no monetary charge beats the hell out of taking a stand) Again, Richard Stallman's famous speech makes it clear monetary charge is not the reason for the free software movement. Free software: It's all about the price. The rest of the talk about freedom, etc. is just trying to keep them from looking like cheap, greedy bastards. At least for an awful lot of 'em. You know, it's fine if you hate the GPL. But I'll be damned if I just sit here and let you spread outright Goddamned *lies* about the free software movement and the people that represent it. I'm not cheap. I'm not greedy. All I am after, is the freedom to use my computer the way I want to without Microsoft, Apple, Google, AOL, Adobe, Real, or other large companies being able to step in and say no you can't do that, it's not in our (financial) best interests to let you. For me, it's always been about freedom. I would think for most of the free software movement that truly knows what's going on, it *is* about freedom. While it may be seen as distateful to make modifications to BSD-licensed code, and place those modifications under the GPL or a similar share alike license, based upon what I understand of copyright law, it's perfectly legal. Even though BSD-style licenses are compatible with the GPL, there are perfectly acceptable social goals achieved only by releasing under the GPL or a similar license. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: The Atheros story in much fewer words
On Thu, 2007-09-13 at 12:32 -0700, Darren Spruell wrote: Before you embark on your storm in a teacup, re-read (and re-read again if you still don't get it) Nick's message. It's clear you missed/misunderstood half of the points he was making. 1) I'm on the list, no need to CC me. 2) Like, duh, I understand perfectly well what his point is: to slander the GNU project and its users. I re-read the message several times before replying. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: That whole Linux stealing our code thing
On Sat, 2007-09-01 at 00:42 -0600, Theo de Raadt wrote: [responding to Dmitrij Czarkoff:] So true, the license You use can't be removed. But when You get the dual-licensed software, when You start modifying it You arrange the licensing deal on terms of either first or second or both licenses. You choose the license You gain You rights from and after You accepted it, You can do whatever You want copyright until the law and the license You accepted prohibit. The license You didn't accept doesn't restrict You any way until otherwise stated by the developper. That is utterly false. All of the licenses we use in the open source world (1) Do not permit removal of the license by a non-author (2) Do not permit modification of the license by a non-author. I would say this is probably true of any license anywhere. To be honest, though, the philosophy is actually a lot closer to the free software movement started by Richard Stallman than the open source movement later splintered off by whoever it was (Eric Raymond maybe?). The main difference seperating us (the BSD-derived OS camp) from the GNU(/Linux) camp is the differing social goals we are after. I, of course, consider myself closer to the GNU camp, but have no problem contributing to a BSD-licensed project under that license. Not that my programming skills are yet back up to snuff to do so, but that's a rant for another day and thread... -- Shawn K. Quinn [EMAIL PROTECTED]
Re: cvs up, no space left in /tmp
On Thu, 2007-08-09 at 19:36 +0200, Mackan wrote: Hi, For many months, I've had this in root's crontab: # update src tree 0 4 * * * cd /usr/src cvs -q up - rOPENBSD_4_1 -Pd with no problem. For about a week now I get mail from cron about no space left on device. I need some advise on how to find whats wrong. [...] can't create temporary directory /tmp/cvs-serv19063 No space left on device [...] # df -hi Filesystem SizeUsed Avail Capacity iused ifree %iused Mounted on /dev/wd0a 147M 37.7M102M27%2208 1699012% / /dev/wd0d 148M104K140M 0% 14 19312 0% /tmp Like, duh, /tmp is full! -- Shawn K. Quinn [EMAIL PROTECTED]
Re: ADVERT: C12G
On Tue, 2007-07-10 at 09:02 +0100, Robin Carey wrote: Ultra-Secure Communications: C12-GAMMA; a free software product for FreeBSD/Linux: http://www.leopard.uk.com/cion Remmber that today, the Boston Tea Party would be considered a terrorist act, but it was necessary for the American Revolution to succeed. So I think the proper place for your anti-freedom license, however well intentioned, is a place where the sun does not shine. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: OBSD 4.1 drops to ddb with cdd0: error 22 on component 0 (and 1 (mirror))
On Sat, 2007-06-16 at 15:00 +0200, Marius Hooge wrote: Of course I did.. I just replaced the PSU with a spare one i got lying around. - It didn't work out. (Can a PSU even cause such errors?) A failing PSU is perhaps the least obvious hardware failure of all, because it looks like some combination of everything else. Been there, done that. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: [OT] Open Source OSS for OpenBSD?
On Thu, 2007-06-14 at 19:23 -0600, Theo de Raadt wrote: I have been throwing around a phrase for a few weeks. Perhaps it should be popularized. OpenBSD is free as in air. Unfortunately, Richard Stallman beat you to this one by about 24 years. He never popularized it, but this was one of the phrases he used in the first posts announcing the GNU project. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Snapshots src/sys tarballs
On Wed, 2007-05-30 at 15:59 -0600, Theo de Raadt wrote: [Jimmy Mitchener wrote:] Is there a reason snapshots do not currently come with a src/sys.tar.gz as releases do? Because every snapshot for every architecture is done on a different tree, and some are even done 5-6 times a day. So this would require, if I can guess this right, 2.6GB per day. Supplied over a T1. Obviously a full tarball isn't the answer, but how about enough information to reproduce the source code used to make the snapshot? Something along the lines of the timestamp for the cvs update command mentioned by Han Boetes elsewhere in the thread, plus the noncommitted diffs, made available in an extra file or files written as part of the automated snapshot build procedure. It seems like a problem even my rather limited programming skills could solve, assuming I can find the time. While the FAQ claims there is no significant benefit, I would think that anything that could potentially make fixing bugs easier (especially for code which may not be available from the CVS server) should at least be strongly considered. It is well known in the free software community that the more eyeballs look at source code, the more bugs get found and fixed. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: bcw(4) is gone
On Mon, 2007-04-09 at 22:34 -0400, Jason Dixon wrote: GPL advocates claim their license prevents commercial entities from stealing their freedom. These are the same people who have no problem giving up their freedoms (in the form of NDA's, closed-source kernel modules, etc) to the companies they're trying to fight. True free software movement supporters will not sign an agreement not to help their neighbor such as an NDA. Some in the open source movement have no trouble accepting a binary only driver, or specifications under NDA, or what have you, for convenience. That's what open source is about: convenience, not freedom for its own sake. This is exactly why it is important to make a distinction between the free software movement and the open source movement and not lump the two together. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: bcw(4) is gone
On Fri, 2007-04-06 at 10:22 -0400, [EMAIL PROTECTED] wrote: They stated that they don't want Broadcom to take their work and close it. Why do they care? What possible difference does it make? Broadcom will get a driver that actually works well? They're not going to make any money off their work on the Broadcom driver (the GPL nonsense makes sure of that) so why do they give a flying f*** *what* Broadcom does with their code? Speaking as someone who has read more of the gnu.org and fsf.org Web sites and (probably) listened to Richard Stallman speeches than most of the OpenBSD user community: Nothing in the GPL prohibits commercial use of code released under the GPL. It is perfectly fine to sell copies of GPLed code at any price. What is *not* perfectly fine is to sell copies of GPLed code without allowing access to the source code. The GPL is not about limiting commerical use of software. The GPL is about preserving freedom (i.e. share and share alike). The GNU Ada compiler is commerical software, which also happens to be released under the GPL. (It is worth noting that even Richard Stallman himself understands that the GPL and LGPL are not always the best choices. One example of this: http://lists.xiph.org/pipermail/icecast-dev/2001-February/05.html) -- Shawn K. Quinn [EMAIL PROTECTED]
Re: bcw(4) is gone
On Mon, 2007-04-09 at 18:29 +0100, Jeroen Massar wrote: The GPL is not about limiting commerical use of software. The GPL is about preserving freedom (i.e. share and share alike). The GNU Ada compiler is commerical software, which also happens to be released under the GPL. That is simply dual-licensing, something different altogether ;) I think you are misinterpreting commercial to imply proprietary. It does not: http://www.gnu.org/philosophy/words-to-avoid.html#Commercial -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Is OpenBSD good/best for my 486?
On Fri, 2007-03-23 at 10:49 -0400, Douglas Allan Tutty wrote: On Fri, Mar 23, 2007 at 06:56:32AM -0500, Shawn K. Quinn wrote: On Wed, 2007-03-21 at 22:37 -0400, Douglas Allan Tutty wrote: Hello, I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. Assuming you don't try to do more with it than you have CPU and RAM for, you should be fine. However, once you've tested that all your hardware works with the GENERIC kernel, I would strongly recommend you compile a custom kernel and run that (do a Web search for a Perl program called dmassage which will help immensely), but keep a copy of GENERIC around in case problems do creep in. The reason for compiling a custom kernel in this case is to save memory; I saved about 2.5M on a similar system, which is a lot when you only have 32M to begin with (with any system much newer it's usually not worth it). I thought compiling a custom kernel was _discouraged_? Officially it's discouraged; from my point of view, you have one of the rare situations where a case could be made for it. Note that you should *always* keep a copy of GENERIC around for troubleshooting. I just loaded the 486 to the most I ever do: ssh to the big box (titan) to pon courer (the modem) and run bwm ssh to titan for mutt run aptitude, update the package list run top to watch everything run X with icewm: rxvt ssh titan, to run conquorer go to theweathernetwork.com I'm using 6 MB swap, but the system is not spending any time waiting for I/O. Aptitude is taking 75% of the CPU, top on a 2 second delay is taking 10%. I can still browse the net; the wait is a slow dial-up connection. I don't know how to tell how big the kernel in memory is since its modular. Linux, the kernel, as distributed in Debian GNU/Linux, the full oeprating system, is modular. The OpenBSD kernel is not, it's monolithic. An apples-to-apples comparison would be a Linux kernel configured with no module support and most possible device drivers compiled into the kernel directly (and, IMHO, that falls squarely into the category of kids, don't try this at home for a box with only 32M of RAM). -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Is OpenBSD good/best for my 486?
On Sun, 2007-03-25 at 12:44 -0400, Nick Holland wrote: 32M is at a point where if it isn't enough, you need a better machine. Tweaking the kernel to make it run better in 32M is just perfume on the pig. If that's what you need to do, get a less smelly pig. Wow, I guess back in the day, I had one great smelling pig, then (at least my mom didn't complain that it stunk up the place). Replacing the box wasn't really an option at the time, and the 100 MHz Pentium with a mere 32M of RAM worked admirably right up until the hard disk finally gave up the ghost. (The same role is now filled by a 600 MHz Athlon with 128M of RAM, which of course is way overkill for a basic firewall/router with Squid, but the only box I have not otherwise occupied.) -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Is OpenBSD good/best for my 486?
On Wed, 2007-03-21 at 22:37 -0400, Douglas Allan Tutty wrote: Hello, I've got a 486DX4-100 with 32 MB ram, ISA bus, with two drives: 840 MB and 1280 MB IDE. Currently running Debian GNU/Linux Sarge. [...] Debian Etch will need more than 32 MB ram so am starting the planning. I've compared Open-, Net-, and Free-BSD (via google search and reading the three web-sites) and like the security-by-default nature of Open- and its reputation for solid documentation. I'm used to the command line (hate GUI) and vi. Is there any reason that OpenBSD wouldn't be my best choice for this box? Assuming you don't try to do more with it than you have CPU and RAM for, you should be fine. However, once you've tested that all your hardware works with the GENERIC kernel, I would strongly recommend you compile a custom kernel and run that (do a Web search for a Perl program called dmassage which will help immensely), but keep a copy of GENERIC around in case problems do creep in. The reason for compiling a custom kernel in this case is to save memory; I saved about 2.5M on a similar system, which is a lot when you only have 32M to begin with (with any system much newer it's usually not worth it). -- Shawn K. Quinn [EMAIL PROTECTED]
Re: No Blob without Puffy
On Mon, 2007-03-19 at 10:54 -0500, Matthew Weigel wrote: No, there's not a difference. Theo said he was willing to take the emails public; this Daniel guy took him at his word, and made them public. The only foul I see is Theo threatening to take Daniel's emails public in the first place. I disagree. I think it was appropriate in this case to show the world exactly how hypocritical this supposed no blob campaign really is. Sometimes sunlight really is the best disinfectant. It wouldn't have been the first time Theo published e-mails; from what I have observed, he doesn't do so without good cause. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: NOOP and Spamd
On Mon, 2007-03-19 at 14:04 +0800, Lars Hansson wrote: He probably mean MS Mail, an ancient Microsoft mail system that no sane person should be running in 2007. Regardless, if NOOP is in the SMTP standard, and spamd does not handle it correctly, that is a bug that needs to be fixed. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Important OpenBSD errata
On Sat, 2007-03-17 at 19:08 +0100, Karel Kulhavy wrote: I also suggest that the list include the cumulative amount for each donor, sorted so that the biggest donors are at the top. To me, this makes about as much sense as publishing a similar list for penis size (and whatever its female equivalent would be). Money is not the only way to contribute to a project. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: max filesize split(1)
On Tue, 2006-10-17 at 10:39 -0700, Ted Unangst wrote: On 10/17/06, Otto Moerbeek [EMAIL PROTECTED] wrote: There is no uniform way to ask the max file size of a given file system. ffs filestems do have that info in therir superblock, though, you can see it with dumpfs(8). it hardly matters. if the file is on the filesystem, the filesystem supports files of that size. Isn't it possible, though, to split a file on one filesystem, writing the pieces to another filesystem with a smaller maximum file size? -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Oldest Server you run
On Thu, 2006-10-12 at 20:54 +0200, Falk Husemann wrote: Hello List! We're trying to put an old server to good use again and would like to know what's exactly the oldest machine running OpenBSD? Until recently, a Pentium 100 MHz with 32M RAM and approx. 3G hard drive. The last of these components finally reached end-of-life a few months ago. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Gratuitous ARP problem with OpenBSD and MS Cluster Services
On Fri, 2006-07-28 at 14:26 -0700, Clayton Wheeler wrote: I have a pair of OpenBSD 3.9 firewalls (using pf and carp) attached to a network with a Windows server cluster on it. The Windows cluster moves a shared IP address between nodes using the MAC address of the actual cluster node, not a common virtual MAC address like pf uses. When it does this, it sends out gratuitous ARP requests to indicate that the cluster IP is now associated with a different MAC address. This is an absolutely abhorrent case of software design/engineering. Of course, I would not be surprised if there is an even more abhorrent case of software design/engineering (namely, something lower level in Windows itself) that makes this the only feasible method. Microsoft has no excuse, as CARP is available under the same license as the code they used to help build the original Windows TCP/IP stack. Yes, crontab'ing arp -ad as Karsten suggested is a good workaround, but I'd hardly call that a long term fix. -- Shawn K. Quinn
Re: Doubts about OpenBSD security.
On Wed, 2006-06-21 at 14:23 -0300, JoC#o Salvatti wrote: Let's suppose an attacker entered the room where an OpenBSD server is located in, and by mistake the system administrator has forgotten to logout the root login session. So the attacker could enter in single user mode, without the need for the root password, and load a malicious kernel module. He also could do millions of other things, but changing root's password, because the system administrator would notice it immediatelly. There isn't much to be done at the operating system level to compensate for a lack of physical security. Asking for the password when it's already circumvented is futile. I believe it could be more difficult for the attacker if there were a different password to log in the system in single user mode. It would just be annoying for untold numbers of OpenBSD sysadmins across the planet, and would not fulfill any real security goal. -- Shawn K. Quinn
Re: Laptop recommendations
On Mon, 2006-05-29 at 17:46 -0600, Theo de Raadt wrote: Intel is trying to release documentation and open up as fast as they can to stay in the market. It's almost pathetic, but yes, it is benefiting us (as it should, and thus, us running on their machines benefits them, as it should). In your opinion, has Intel changed enough so far to justify buying their products for use on a computer which will run OpenBSD? (Sadly, it may not matter much for one of my planned purchases, as the only barebones laptop with something besides ATI or nVidious video chips I could find is for AMD processors.) -- Shawn K. Quinn
Re: Ethereal on 3.9?
On Wed, 2006-05-24 at 23:50 -0300, Kroty wrote: [EMAIL PROTECTED] wrote: This topic usually comes up near each release. Has anyone tried the 3.8 instructions below yet on 3.9? Why don't you try man tcpdump? Ethereal/tethereal have functionality that tcpdump never will (and in some cases, this is for good reason as in general, you don't want the programming equivalent of a Rube Goldberg contraption as the default packet dumper/viewer). -- Shawn K. Quinn
Re: apple usb modem
On Mon, 2006-05-29 at 00:18 -0700, akonsu wrote: hello, i have apple usb modem left over from my imac g5 that i got rid of. is there any chance of getting this modem to work with openbsd in stead of the unsupported winmodem that i have on my laptop? Plug it in and see if you get a ucom device. If you do, then it'll probably work. If not, then you're probably SOL. -- Shawn K. Quinn
USB stuff (was Re: theo)
On Thu, 2005-12-01 at 22:51 -0600, [EMAIL PROTECTED] wrote: Considering the goals of OpenBSD, I would not expect USB rodents, sound cards or even video to be necessarily well supported. The reality is that USB gear is becoming much, much more common. USB HIDs (human interface devices) should be well supported, as in many cases that's all that is available (given that the USB-PS/2 adapters often get lost and are manufacturer-specific). If using the mouse was of prime importance, I'd use Windows Not a choice when freedom is *anywhere* on the list of concerns. I, personally, am actively boycotting Microsoft at the current time (including hardware and the Xb*x gaming consoles). Don't get me wrong, I don't use OpenBSD for everything either (I am writing this from a Debian GNU/Linux system). But asserting that USB device support in OpenBSD is unrealistic, is questionable at best and downright ludicrous at worst. We already have some USB-only KVM switches. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Telnet daemon retired in 3.8 ?
On Mon, 2005-11-07 at 17:28 -0600, Matthew S Elmore wrote: I understand the advantages of ssh over telnet, but telnet is still heavily used in many environments. Telnet is a horribly insecure protocol subject to at least two attacks by third parties with access to any part of the network between the two hosts. Thus, telnetd is gone for a damn good reason, that being that it's a turd that has no place in a secure by default OS. If you absolutely must have telnetd, I guess you can compile it from the source in 3.7, but please, you should be fully aware that this opens up security holes big enough that a tank can be driven through without the appropriate countermeasures; at a minimum, you should use one-time passwords (S/Key) to make password sniffing useless, and only allow telnet connections from networks where you know for sure nobody with root access will try to hijack or eavesdrop on connections (such as a LAN where either you are the sole admin or you know and trust the other admins). -- Shawn K. Quinn [EMAIL PROTECTED]
Re: OpenBSD website Design.
On Mon, 2005-09-12 at 09:19 -0500, [EMAIL PROTECTED] wrote: censorship is about the dumbest activity in which anyone can participate. even censoring dave via excommunication with regard to his postings is a slippery slope. if he had a grant, would you pull it because he doesn't share your views? i get sick of hearing about KDE and X too, but to censor it only makes understanding it that much more difficult. If you want to get an idea of where things can go, look in the archives for what happened to Darren Reed (I think it was a good 2-3 years ago). I agree with you in principle, but at the same time, realize this isn't the [EMAIL PROTECTED] mailing list. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: [OT]: good home switch?
On Sun, 2005-09-04 at 13:57 +0200, [EMAIL PROTECTED] wrote: p.s. Forget about D-Link! I recomment to stay far far away of these crap. I am using a D-Link switch and it has performed acceptably so far. Their wireless access points might be another story, though... -- Shawn K. Quinn [EMAIL PROTECTED]
Re: using restore command from files?
On Mon, 2005-08-29 at 17:53 -0400, Matt Singerman wrote: You were correct on this one, sir. Thanks. I fixed this, and the system now boots! Huzzah! I am having one final (I hope) problem, though: the network interface seems to have mysteriously changed from dc0 to xl0. How can I change the network interface? You probably want to do something like: cd /etc; mv hostname.dc0 hostname.xl0; ./netstart -- Shawn K. Quinn [EMAIL PROTECTED]
Re: /usr/share/pf/ suggestion
On Tue, 2005-08-23 at 17:25 -0400, Jason Crawford wrote: Secondly, it seems pretty pointless to setup pf on a single host. I beg to differ. man pf.conf, and look at the user and group keywords. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Could not read network Connection list
On Mon, 2005-08-22 at 11:49 +0100, Stuart Henderson wrote: If you don't already have something like 'pass quick on lo0' near the start of your PF ruleset, you might like to add it. Actually, as of 3.7 set skip on lo0 is the preferred method of bypassing pf on loopback. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Major Surprise with xdm on 3.7
On Thu, 2005-08-11 at 15:56 -0400, Will H. Backman wrote: I have heard that OpenGL stuff doesn't like this, so while you can get multiple desktops on different virtual consoles, you won't have an equal experience on them. I was under the impression OpenBSD didn't support OpenGL anyway, or did I misread something? -- Shawn K. Quinn [EMAIL PROTECTED]
bridging and routing on the same box
This is primarily an informative post for those who will search the archives later with a similar problem. Constructive comments are appreciated, however. My main firewall has three network cards in it, back when I was anticipating the future need for another network segment (for reasons I won't go into). I converted the one extra box I did have, into another OpenBSD box and put two network cards in it, with the idea of bridging between two of the three cards in the firewall and getting rid of the current binat rule completely in the long term (a side effect is I get to use the old 10MBps cards I have for something useful; I know ne cards are synonymous with cow turds to a lot of people, but the amount of data I'm moving through them is low enough to mitigate the glaring flaws). Until some point in the future, however, I still have one box behind binat. When first testing this setup, binat to that box didn't work. In order to get the binat working again, I had to explicitly pass the external address on the original external interface in pf.conf in order for it to work properly. Whether this is a quirk, a bug, or a feature of the bridging code, I'm not sure. (IMO: probably just a quirk, probably not a bug, possibly a feature.) And remember, if in doubt about what exactly is going wrong in a pf ruleset, enable logging on all block rules, and use the information thus obtained to track down the problem. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Negotiating a license for Sun Java on OpenBSD?
On Mon, 2005-08-08 at 10:23 -0400, Michael W. Lucas wrote: I can't see spending my time working on Sun's code, but that's your choice, and if it works for you more power to you. You know, for every Kurt, there have to be several hundred people (OpenBSD users or otherwise) who say if I wanted to deal with Sun every day, I'd run Solaris instead and frankly, I don't blame them. Every attempt to use Java here has caused more problems than it has solved; it's simply a resource pig. I'm sure it runs great on the fully loaded sparc64 boxen that Sun salesweasels are pimping for $UNGODLY_AMOUNT_OF_CASH; sorry, but I don't have that kind of money. I can't wait until Kaffe is usable as a JVM, as I suspect it won't have the same problems that Sun has put into its reference Java implementation. Until then, I've decided simply to avoid using Java applications as much as possible. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: syslogd udp port
On Sat, 2005-08-06 at 03:00 +0100, poncenby wrote: Shawn K. Quinn wrote: On Fri, 2005-08-05 at 07:33 +0100, poncenby wrote: May I suggest some tolerance(doesn't have to be sincere) for people who are simply either too busy or too lazy to read man pages in their entirety. or just simply ignore the email. surely certain people on this list (theo - that's you!) don't actually enjoy patronising their loyal userbase? You should be reading the man page first, then asking questions on list (or elsewhere, e.g. IRC), not the other way around. And ignoring these sorts of e-mails isn't an option, as people need to know the expected protocol is to read the man page first. Start out with the goal of making an operating system possible to use without reading documentation, and you wind up with something like Microsoft Windows (however, even Microsoft must document a lot of things, even if it is only available in electronic form). I'm sure you've either already been down that road, or have no desire to go down it. The people that WTFM intend for you to RTFM. wow shawn, that's really clever. you have saved yourself thirty eight key depressions and managed to convey no sense of authority. Wow ponceby, that's really clever. You have shown the world your ability to half-ass-type and not express one Goddamn coherent thought. In the time it took you to write this, you could have read a man page, possibly two or three if you're a fast reader. if only i could be as l33t If you want to be understood, type English. I have no idea what the hell an el-thirty-three-tee is. You're obviously not averse to reading (and, rather unfortunately, replying to) messages on the list. Why, then, are you averse to reading man pages? (Don't answer this publicly, but reflect on the answer to yourself.) -- Shawn K. Quinn [EMAIL PROTECTED]
Re: syslogd udp port
On Fri, 2005-08-05 at 07:33 +0100, poncenby wrote: May I suggest some tolerance(doesn't have to be sincere) for people who are simply either too busy or too lazy to read man pages in their entirety. or just simply ignore the email. surely certain people on this list (theo - that's you!) don't actually enjoy patronising their loyal userbase? You should be reading the man page first, then asking questions on list (or elsewhere, e.g. IRC), not the other way around. And ignoring these sorts of e-mails isn't an option, as people need to know the expected protocol is to read the man page first. Start out with the goal of making an operating system possible to use without reading documentation, and you wind up with something like Microsoft Windows (however, even Microsoft must document a lot of things, even if it is only available in electronic form). I'm sure you've either already been down that road, or have no desire to go down it. The people that WTFM intend for you to RTFM. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Sun hme0 PCI on i386 supported?
On Fri, 2005-08-05 at 19:34 +0200, Laurens Vets wrote: So, the question is, will this Sun card work in my i386 machine? I personally only use i386 myself, but my understanding is that any PCI driver in OpenBSD is supposed to work on any architecture that has a PCI bus. If ping works, chances are the card is working. I'd look elsewhere for the problems with TCP and UDP. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: login group for users should be?
On Fri, 2005-08-05 at 13:21 +0200, Tim wrote: When creating a user I am wondering what is recommended when assigning a login group to the user. There are to alternatives, giving the user unique login group (same as his name) or giving the user a general login group such as users. What do you recommend? I, personally, always use a unique login group, and add the group users as a secondary group. But, like a lot of other things, it really depends on what you need, and what your users need. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Using state and routing inbound traffic
On Fri, 2005-08-05 at 20:44 +, Karl O. Pinc wrote: We've been talking TCP here, one can only hope that the applications using UDP have some sort of equivalent throttling mechanism. Even if not, most of my traffic is TCP. It's up to each application using UDP whether or not they have a throttling mechanism. As an example, I'm pretty sure Armagetron does not have one as such, it just sends updates and the client handles any significant amount of packet loss very ungracefully. Other things like DNS resolution won't have a throttling mechanism because they don't need one. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Using state and routing inbound traffic
Oops, sorry, wrong list. Meant this to go to the pf list. -- Shawn K. Quinn [EMAIL PROTECTED]
hardware monitoring
I'm able to get sensor data from the BIOS; is there something I'm missing to be able to get them from within OpenBSD on this system? dmesg follows... OpenBSD 3.7-current (GENERIC) #1: Sat Jul 30 19:44:49 CDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: AMD-K7(tm) Processor (AuthenticAMD 686-class, 512KB L2 cache) 604 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,MMX real mem = 267952128 (261672K) avail mem = 237645824 (232076K) using 3296 buffers containing 13500416 bytes (13184K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 02/22/00, BIOS32 rev. 0 @ 0xfdad0 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf7ae0/176 (9 entries) pcibios0: PCI Interrupt Router at 000:07:3 (AMD 756 Power rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 AMD 751 System rev 0x25 ppb0 at pci0 dev 1 function 0 AMD 751 PCI-PCI rev 0x01 pci1 at ppb0 bus 1 pcib0 at pci0 dev 7 function 0 AMD 756 ISA rev 0x01 pciide0 at pci0 dev 7 function 1 AMD 756 IDE rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: WDC AC26400B wd0: 16-sector PIO, LBA, 6149MB, 12594960 sectors wd1 at pciide0 channel 0 drive 1: WDC WD273BA wd1: 16-sector PIO, LBA, 26105MB, 53464320 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SAF, CD-RW4424A, 1.18 SCSI0 5/cdrom removable atapiscsi1 at pciide0 channel 1 drive 1 scsibus1 at atapiscsi1: 2 targets cd1 at scsibus1 targ 0 lun 0: , 40X CD-ROM, 1.3C SCSI0 5/cdrom removable pciide0:1:0: multi-word DMA disabled due to chip revision cd0(pciide0:1:0): using PIO mode 4 cd1(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2 AMD 756 Power rev 0x03 at pci0 dev 7 function 3 not configured ohci0 at pci0 dev 7 function 4 AMD 756 USB Host rev 0x06: irq 11, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: AMD OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 4 ports with 4 removable, self powered vga1 at pci0 dev 8 function 0 S3 ViRGE rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) cmpci0 at pci0 dev 10 function 0 C-Media Electronics CMI8738/C3DX Audio rev 0x10: irq 10 audio0 at cmpci0 rl0 at pci0 dev 11 function 0 D-Link Systems 530TX+ rev 0x10: irq 9 address 00:11:95:26:23:07 rlphy0 at rl0 phy 0: RTL internal phy isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask e965 netmask eb65 ttymask fbe7 pctr: user-level cycle counter enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matched BIOS disk 80 dkcsum: wd1 matched BIOS disk 81 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Ammunition needed to defend OpenBSD/pf
On Wed, 2005-08-03 at 10:30 +0200, Alexander Farber wrote: Hi, I have 1 argument for D-Link and against OpenBSD: D-Link can DSL. OpenBSD can not. So you have to buy at least a DSL modem for OpenBSD. And since you are buying a DSL modem, why not add 20 Euros and buy a DSL-router? At least for a small home network. You mean having the DSL router and modem be in the same physical box, thus introducing a single point of failure? That's a huge minus. I once had a DSL modem go bad on me, and setting up my routing and firewall rules all over again just because I had to get a new modem would have been a nightmare. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Ammunition needed to defend OpenBSD/pf
On Wed, 2005-08-03 at 09:47 -0400, Will H. Backman wrote: Many of these devices provide the what if I get hit by a bus protection of a simple, single purpose system. If you use something like OpenBSD, it can be viewed as a homegrown application that must be supported by the organization, and that depends on the individual who set it up. You don't need to know how to use vi to modify the firewall settings on one of those dlink devices. You don't need to use vi to modify OpenBSD config files either; there's also mg. You can also scp to another box and edit them with whatever you want there if you don't like either vi or mg. I have a D-Link access point here, and the Web-based config was a bit confusing in places. Not to mention, the Web-based config means it eats an IP address, even though it's basically a bridge. I would much rather have a serial port and shell prompt. I'm not saying that a dumb, web configurable device is better. I've seen too many point and click firewalls that were setup incorrectly by someone who didn't know what they were doing. Emacs and vi make sure a total idiot cannot change your firewall settings. Agreed, it seems more and more that people think typing is an optional part of computer literacy. Especially given the level of people that abbreviate three-letter words in chat/IM... -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Ammunition needed to defend OpenBSD/pf
On Tue, 2005-08-02 at 22:09 -0400, Jim Fron wrote: What it does that an OBSD solution can't is be low power, cheap, and bought off the shelf (maybe there are off-the-shelf suppliers of OBSD machines, but they aren't in every strip mall in the country). To the third of those, I agree. To the first two of those, I offer as counterexamples the rather famous Soekris Technologies hardware. Even a loaded net4801 is relatively low power (1.5A at 12V). As for cheap, they certainly aren't out of our budget as home users. -- Shawn K. Quinn [EMAIL PROTECTED]
