Re: TOFU/cert pinning in libtls

2020-05-09 Thread Ted Unangst
On 2020-05-09, Bob Beck wrote: > > oolong$ man -k Xr=tls_peer_cert_hash > > nc(1) - arbitrary TCP and UDP connections and listens > > > > That's far from ideal IMO, but I don't know where, of the many tls_* > > manpages, would I reference it. > > man tls_peer_cert_hash > > happily brings up

Re: mounting ext3 using doas

2020-02-09 Thread Ted Unangst
dmthomp...@gmx.com wrote: > So I tried doas with this "permit nopass me as root cmd mount_ext2fs" > but still no luck. > > So I was hoping for a hand from you kind souls. > > Oh and when I try to mount at command line using doas I get 'syntax error at > line > 7' there's nothing wrong with

Re: DNS lookups on a different port for testing?

2020-01-22 Thread Ted Unangst
Claus Assmann wrote: > The functional tests for sendmail use ldns-testns as DNS server > which provides specific test data and error behaviours. > It runs on a port > 1024 to avoid requiring root access. you can use a combination of pf.conf rdr-to and 127.0.0.2 etc. i.e., bind to port 5353, have

Re: How do I change the birth time of a file?

2020-01-16 Thread Ted Unangst
Duncan Patton a Campbell wrote: > > The change time (c_time in struct stat) cannot be explicitly set by > > any API and is maintained by the kernel. > > man touch ? does not set ctime except as a side effect.

Re: sysupgrade woes on beaglebone black

2020-01-09 Thread Ted Unangst
Jan Stary wrote: > Installing base66.tgz 100% |**| 99116 MB - 07:12edT- > Installing comp66.tgz 83% |* | 45312 KB - > stalledT-syncing disks... done > rebooting... > > Why does it reboot here? The SD card is slow, and is being both read > and

Re: httpd redirect

2019-11-15 Thread Ted Unangst
Thomas wrote: > Hi, > > I need to do this redirect with httpd: > > from: > http://my.old.site/#info > to: > https://my.new.site/products/product.html browsers don't send #fragments to the server. so short answer: impossible.

Re: urtwn(4) gets wedged periodically

2019-11-13 Thread Ted Unangst
Brennan Vincent wrote: > > On 11/13/19 1:56 AM, Ted Unangst wrote: > > Brennan Vincent wrote: > >> Hello, > >> > >> I have a Wi-Fi USB adapter. urtwn(4) normally works fine, but it's a bit > >> flaky... > >> I don't think this is a hardwar

Re: urtwn(4) gets wedged periodically

2019-11-12 Thread Ted Unangst
Brennan Vincent wrote: > Hello, > > I have a Wi-Fi USB adapter. urtwn(4) normally works fine, but it's a bit > flaky... > I don't think this is a hardware issue because the device is > working fine on Ubuntu. I think this is and isn't a hardware issue? I had the same problem with an edimax a

Re: inteldrm changes cause high temperature / fan speeds (was: Downgrade 6.6 to 6.5)

2019-11-12 Thread Ted Unangst
Tero Koskinen wrote: > Eventually I pinned the problem down to April 14/15: > > FAULTY 091f8f6587f dlg Mon Apr 15 02:59:41 2019 + the myx_cmd > FAULTY 1bbcb699ab8 dlg Mon Apr 15 00:28:29 2019 + there's a bunch > PROBLEM! 7f4dd37977d jsg Sun Apr 14 10:14:50 2019 + Update shared

Re: this assembly example works in linux, netbsd - but not in openbsd, why?

2019-10-29 Thread Ted Unangst
Guild Navigator wrote: > But what would be the OpenBSD correct way to > write such simple print-from-the-array-of-strings program? printf

Re: question about man starttls and linking to cert.pem

2019-08-10 Thread Ted Unangst
freda_bundc...@nym.hush.com wrote: > Description: > man starttls says one can link a new certificate to cert.pem with > ln -s /etc/ssl/mail.example.com.crt /etc/ssl/cert.pem if one does not > intend That entire section seems dumb and outdated. I would prefer we simply not give any

Re: Filesystem corruption on OpenBSD routers after power outage?

2019-06-17 Thread Ted Unangst
Theo de Raadt wrote: > How does sync() fix this? Please explain this. Look at the source > code. > > sync() is an asyncronous call requesting syncronization, and once > it has marked the blocks that should be pushed, it returns before > the work has been done. Ah, indeed. > > 2. cp could do

Re: Filesystem corruption on OpenBSD routers after power outage?

2019-06-17 Thread Ted Unangst
Mogens Jensen wrote: > Even after many tries, I have not yet been able to corrupt the > filesystem so fsck cannot repair it without manual intervention. > However, if power is removed while the 'reorder_kernel' script runs, > the system will become completely unbootable. I could do this multiple

Re: Debug Tool for golang

2019-05-31 Thread Ted Unangst
Kevin Chadwick wrote: > Does anyone debug golang on OpenBSD and can advise on llvm/gcc or provide any > other insight? I just use log.

Re: Criteria for errata

2019-05-10 Thread Ted Unangst
Jeremy O'Brien wrote: > I've snagged the 6.5 xenocara.tar.gz, patched it with just that above fix, > and installed it on my system which has made X rock-stable for me. This is > totally fine for me personally, but I was curious if other people have run > into this issue on their 6.5 installs,

Re: `man 2 sysctl` issue

2019-05-07 Thread Ted Unangst
Kent Watsen wrote: > But when using sysctl(8) or /etc/sysctl.conf, a couple variables need an > extra 'm': > > semni --> semmni > semnu --> semmnu > > Is this intentional? The extra letters are intentional. I've fixed the man page. Thanks.

Re: signify(1) signatures with a YubiHSM

2019-05-07 Thread Ted Unangst
Jason A. Donenfeld wrote: > I'm using signify(1) for update signatures in the upcoming WireGuard for > Windows (there'll be OpenBSD news soon in that department, I hope!). Not > wanting to store keys on my laptop or something, I managed to get a YubiHSM > to produce valid signify(1) signatures. I

Re: User who invoke doas

2019-05-02 Thread Ted Unangst
Nick Holland wrote: > > In a shell script invoked by doas, is it possible to find which user > > invoke the script? my search a the moment has come up empty. > > most likely place would be an environment variable, right? > > # echo "I started out as $LOGNAME" > I started out as nick

Re: authentication methods: how do they work?

2019-03-27 Thread Ted Unangst
Boris Epstein wrote: > Thanks. It makes sense to be able to select login methods under some > circumstances - but do I have an option of forcing the user to log in using > a predetermined set of methods (for instance, password and then a secure > key, or password and Yubkey, or password and SSL

Re: Is there a fix for stock vi's bug-for-bug compatible ESC-equals-return feature?

2019-02-20 Thread Ted Unangst
ropers wrote: > I personally agree with Sijmen. OpenBSD has always prioritised > correctness over legacy compatibility and standards compliance. > Instinctively, leaving a slightly "buggy" thing in base on the theory > that anyone who doesn't like it should just install larger and less >

Re: Is there a fix for stock vi's bug-for-bug compatible ESC-equals-return feature?

2019-02-19 Thread Ted Unangst
I think the answer is, you want traditional vi, you get traditional vi. If you want something else, try ports.

Re: emmc support on Ubiquiti Networks UniFi Security Gateway PRO-4

2019-02-12 Thread Ted Unangst
Diana Eichert wrote: > If so, is there a good way to dump existing factory firmware from emmc > before I install OpenBSD? At some point I may have to restore to > factory. Assuming you netboot bsd.rd, there's dd on the ramdisk. Alas, no netcat, but it does have the nfs client, so you can save

Re: gdb: DW_TAG_ (abbrev = 85, offset = 20161909)

2019-02-09 Thread Ted Unangst
Claus Assmann wrote: > Any suggestion how I can debug that program? (it's huge and written > in C++ with which I am not familiar anyway :-( You want egdb from ports, especially for anything c++. (pkg_add gdb)

Re: easy todo: timespeccmp.3

2019-02-06 Thread Ted Unangst
Ingo Schwarze wrote: > Hi Ted, > > Ted Unangst wrote on Wed, Feb 06, 2019 at 02:25:40PM -0500: > > > We are missing a man page for timespeccmp (and related macro functions). > > should be pretty easy to grab a page from freesd, adapt it a bit, and > > make

easy todo: timespeccmp.3

2019-02-06 Thread Ted Unangst
We are missing a man page for timespeccmp (and related macro functions). It should be pretty easy to grab a page from freesd, adapt it a bit, and make a patch if anybody is looking for something to do.

Re: Use xenodm like startx?

2019-01-30 Thread Ted Unangst
John Ankarström wrote: > Hi, > > I just got OpenBSD installed on my new laptop, and so far, it works great. > But since I applied the latest X11 patch, I can no longer use startx to > launch X11, unless I do it as root, which probably isn’t a good idea. Seems > like I have to use xenodm. > >

Re: doas called multiple times hangs

2019-01-20 Thread Ted Unangst
Ted Unangst wrote: > Dariusz Sendkowski wrote: > > Yes, it does. > > > > I extracted 'unveilcommands' function from doas.c and put it into a > > standalone program to run it. > > It turned out the result was the same as in doas command. When I disab

Re: doas called multiple times hangs

2019-01-20 Thread Ted Unangst
Dariusz Sendkowski wrote: > Yes, it does. > > I extracted 'unveilcommands' function from doas.c and put it into a > standalone program to run it. > It turned out the result was the same as in doas command. When I disable > unveil, then it works fine. This diff should fix the problem. Index:

Re: doas called multiple times hangs

2019-01-20 Thread Ted Unangst
Dariusz Sendkowski wrote: > I investigated the problem a little more and found, that when there is a > non-existent directory entry in my PATH, the problem occurs. If all of the > directories from my PATH exist, then it works fine. To help isolate the problem, if you disable unveil, does it work?

Re: Backlight on Dell Laptop not adjusting brightness

2019-01-11 Thread Ted Unangst
Paul Swanson wrote: > $ wsconsctl display.brightness=5 > display.brightness -> 5.00% > > This laptop is essentially all Intel Skylake under the hood some I'm wondering > why it's not playing nice like on the Lenovo / ThinkPads. > > Below is my dmesg and also Xorg.0.log. > "DELLABC6" at acpi0 not

Re: Backlight on Dell Laptop not adjusting brightness

2019-01-11 Thread Ted Unangst
Paul Swanson wrote: > I'd like to chase this up a bit further and see if there's anything I can do > to > improve support on this model; Ubuntu has great support so I can perhaps look > for there for ideas and inspiration. > > Ted, do you have any suggestions for what parts of OpenBSD I should

Re: Backlight on Dell Laptop not adjusting brightness

2019-01-09 Thread Ted Unangst
Paul Swanson wrote: > This laptop is essentially all Intel Skylake under the hood some I'm wondering > why it's not playing nice like on the Lenovo / ThinkPads. There's no guarantee that the screen backlight is actually wired to the graphics chip and not just some acpi buttons. :( > I'd really

Re: Porting some software to OpenBSD

2019-01-05 Thread Ted Unangst
Adam Steen wrote: > 'log(DEBUG, "Solo5: clock_init(): freq=%lu\n", freq);' > > but am getting the following error > > ' > error: format specifies type 'unsigned long' but the argument has type > 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat] > freq); > ^~~~ > 1

Re: netstat *:* udp sockets

2018-12-17 Thread Ted Unangst
Sebastian Benoit wrote: > > > or what should it show? Only sockets that are bound > > > but not connected (local port != 0 but remote addr/port = 0)? > > > > see my other mail for that diff. > > here. Ok for one or the other? as a non expert, this matches my expectation of what "listening"

Re: netstat *:* udp sockets

2018-12-16 Thread Ted Unangst
Claudio Jeker wrote: > On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote: > > Philip Guenther wrote: > > > And, perhaps more directly, how would I block this in pf.conf? > > > > > > > > > > Excellent choice, blocking dhclient from receivin

Re: netstat *:* udp sockets

2018-12-14 Thread Ted Unangst
Ted Unangst wrote: > Philip Guenther wrote: > > And, perhaps more directly, how would I block this in pf.conf? > > > > > > > Excellent choice, blocking dhclient from receiving the leases that it > > requests. > > "What problem are you trying to sol

Re: netstat *:* udp sockets

2018-12-14 Thread Ted Unangst
Philip Guenther wrote: > And, perhaps more directly, how would I block this in pf.conf? > > > > Excellent choice, blocking dhclient from receiving the leases that it > requests. > "What problem are you trying to solve?" Well, this may be something of a lost cause, but I would prefer that chrome

netstat *:* udp sockets

2018-12-13 Thread Ted Unangst
netstat -an tells me I am listening to all the udp. Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address(state) udp 0 0 *.**.* udp 0 0 127.0.0.1.53 *.*

Re: Change to init in -current?

2018-11-12 Thread Ted Unangst
Theodore Wynnychenko wrote: > Does this mean that getty is only allowed to access "/usr/bin/login," and that > my custom script is not in an allowed location after unveil "locks down" > getty? yes. > Obviously, my script is named autologin.sh and lives in /local; and it does > exist with

Re: File sealing

2018-11-01 Thread Ted Unangst
Simon Ser wrote: > Sometimes the two processes don't trust each other, for instance in the > case of Wayland. Bad clients may try to crash the compositor. > > One way to crash the compositor is to send a shared memory file descriptor > and then shrink the file. When the compositor tries to read

Re: File sealing

2018-11-01 Thread Ted Unangst
Simon Ser wrote: > Hi all> I'd like to know if there are plans to add a feature similar to file > sealing [2] in OpenBSD. I don't think so. You explained a possible use, but didn't actually explain if code using file sealing already exists.

Re: 6.4 doas gives "command not found" if no #!/bin/sh up top

2018-10-29 Thread Ted Unangst
tomr wrote: > I'm a bit confused here. I have some cwm keybindings that `doas rcctl` > things, which now aren't working as they used to - which isn't > necessarily a problem - but I'm surprised at the behaviour below: > > # this doesn't work anymore.. > $ doas rcctl > doas: rcctl: command not

Re: 6.4 doas gives "command not found" if no #!/bin/sh up top

2018-10-21 Thread Ted Unangst
Ted Unangst wrote: > Ted Unangst wrote: > > Derek wrote: > > > Adding a "#!/bin/sh" at the top of the scripts made them all work again. > > > > i don't believe this is a change; that's how it should always work. > > sorry, this appears wrong.

Re: 6.4 doas gives "command not found" if no #!/bin/sh up top

2018-10-21 Thread Ted Unangst
Ted Unangst wrote: > Derek wrote: > > Just upgraded from 6.3 to 6.4 and the doas behaviour seems to have changed. > > > > I finally solved it, but just posting here in case anyone has this problem. > > > > I had a few little shell scripts in /usr/local/sbin/

Re: 6.4 doas gives "command not found" if no #!/bin/sh up top

2018-10-21 Thread Ted Unangst
Derek wrote: > Just upgraded from 6.3 to 6.4 and the doas behaviour seems to have changed. > > I finally solved it, but just posting here in case anyone has this problem. > > I had a few little shell scripts in /usr/local/sbin/ - intended to be run > by doas : one-liners like bioctl mounting a

Re: net-snmpd extend and doas : a tty is required

2018-04-12 Thread Ted Unangst
Joel Carnat wrote: > Hi, > > I want net-snmpd to run a script via the extend directive. > This script has to run a command using doas to get temporary root > permission. > > The script is run on snmpcmd call but the doas command returns: > doas: a tty is required > > Is there a way to run doas

Re: xlock Does Not Unlock (Snapshot)

2018-03-22 Thread Ted Unangst
Chris Wojo wrote: > I feel like these two issues could be related; but I'm not aware of any way > to diagnose why it won't accept my password or yubikey. > The yubikey authentication works on login; just not on screen locks. this depends on login.conf i believe, but for xlock you may have to

Re: signify [file ... ]

2018-03-11 Thread Ted Unangst
Andrew wrote: > Just wondering if signify(1) is intended to exit 0 ONLY if the [file > ...] is within the shell's pwd ?? By chance, I noticed that > /path/to/file will fail on the same bsd.rd controlling for the working > directory. Mostly, yes. The filename is compared to the one in the

Re: Signify option semantics

2018-02-08 Thread Ted Unangst
multiplex'd wrote: > Hello all, > > I've been reading into the signify(1) program a little recently, and the > manual page mentons the '-t' option, which is used to ensure the public > key deduced from the signature comment "matches /etc/signify/*-keytype.pub", > where 'keytype' is the argument

Re: MAXDSIZ limits

2018-01-30 Thread Ted Unangst
Jordan Geoghegan wrote: > Is there any particular reason for the low sparc64 MAXDSIZ? Is there any > way for this limit to be increased as I have some large data > manipulation that needs to be done and I really would love to be able to increasing the value can be done by changing the header

Re: MAXDSIZ limits

2018-01-30 Thread Ted Unangst
Jordan Geoghegan wrote: > amd64 MAXDSIZ : ((paddr_t)32*1024*1024*1024) > i386 MAXDSIZ : (3UL*1024*1024*1024) > sparc64 MAXDSIZ : (8L*1024*1024*1024) > mips64 MAXDSIZ : 16UL*1024*1024*1024 > hppa MAXDSIZ : 1*1024*1024*1024UL > arm64 MAXDSIZ: ((paddr_t)16*1024*1024*1024) > > Could

Re: Kernel memory leaking on Intel CPUs?

2018-01-06 Thread Ted Unangst
Ted Unangst wrote: > Otto Moerbeek wrote: > > Sparc64 and powerpc also have speculative execution, branch > > prediction and extensive caches. It is much wiser to assume they are > > also affected by (similar) bugs/explots or whatever you call it. > > A lot of the comm

Re: Kernel memory leaking on Intel CPUs?

2018-01-06 Thread Ted Unangst
Otto Moerbeek wrote: > Sparc64 and powerpc also have speculative execution, branch > prediction and extensive caches. It is much wiser to assume they are > also affected by (similar) bugs/explots or whatever you call it. A lot of the commonly available sparc64 gear, T2 and USIII, are in order.

Re: bug tracking system for OpenBSD

2017-12-20 Thread Ted Unangst
Kai Wetlesen wrote: > Put bluntly, I was busy with completing my bachelors degree which was far > more important. You would have waited six months regardless. Now that it’s > done and out of the way I’ll happily take your advice. No need to explain that other things come up. OpenBSD developers

Re: bug tracking system for OpenBSD

2017-12-19 Thread Ted Unangst
Kai Wetlesen wrote: > > > you don't have to announce your bug database the first day you set it up. > > > in > > > fact, it's better not to. but in a few months time, when somebody > > > inevitably > > > asks misc how do i contribute, where's the todo list, you'll have this > > > handy > > >

Re: Wireless not working with Linksys

2017-09-23 Thread Ted Unangst
TimoMyyrä wrote: > > But scan results see the 2.4Ghz network but not the 5Ghz network: > > > > $ doas ifconfig iwn0 scan | grep MyNet > > nwid MyNet chan 11 bssid xx:xx:xx:xx:xx:xx -21dBm HT-MCS23 > > privacy,short_preamble,short_slottime,wpa2,wpa1 > > > > > > timo > > Actually,

Re: Wireless not working with Linksys

2017-09-23 Thread Ted Unangst
TimoMyyrä wrote: > I just got Linksys 1900ACS wireless router and it works great, except with > OpenBSD. I've got Thinkpad T430s running -current and I can't get DHCP lease > from the new > router. > I noticed lines: "dhclient[22294]: fatal in iwn0: yielding responsibility" in > messages file

Re: Query regarding exec in mandocdb.c

2017-08-26 Thread Ted Unangst
Ted Unangst wrote: > Ingo Schwarze wrote: > > > this could just be memcmp. > > > > I avoided that over quibbles about the argument type (off_t vs. > > size_t), though i admit that database files larger than a Gigabyte > > make no sense at all. > > &g

Re: Query regarding exec in mandocdb.c

2017-08-26 Thread Ted Unangst
Ingo Schwarze wrote: > > this could just be memcmp. > > I avoided that over quibbles about the argument type (off_t vs. > size_t), though i admit that database files larger than a Gigabyte > make no sense at all. > > If you consider that an improvement, i'm not opposed to using > memcmp(3). But

Re: Query regarding exec in mandocdb.c

2017-08-26 Thread Ted Unangst
Ingo Schwarze wrote: > + if ((cp1 = mmap(NULL, sb1.st_size, PROT_READ, MAP_PRIVATE, > + fd1, 0)) == NULL) { > + say(MANDOC_DB, ""); > + goto err; > + } > + if ((cp2 = mmap(NULL, sb2.st_size, PROT_READ, MAP_PRIVATE, > + fd2, 0)) == NULL) { > +

Re: Full disk encryption questions

2017-08-17 Thread Ted Unangst
Philippe Meunier wrote: > - is the panic intended (well, known to the developers and considered > normal; I hesitate to call it a feature) or is it an oversight? no, nothing bioctl does should kill init like that. > - I would have thought that, once the softraid volume has been created, its >

Re: lock X on suspend

2017-08-14 Thread Ted Unangst
tomr wrote: > I've been struggling to get X to lock by calling xlock(1) from > /etc/apm/{hibernate,resume,standby,suspend} > > Haven't seen a lot of useful debug output from xlock... > > # xlock -verbose ; echo $? > 1 > # xlock -verbose -display :0.0 ; echo $? > No protocol specified > 1 > # >

x40 users?

2017-08-11 Thread Ted Unangst
anyone using an x40? what have you set machdep.apmhalt to?

Re: How to find out which files were changed in -CURRENT and -STABLE between two releases?

2017-08-10 Thread Ted Unangst
pipfsta...@openmailbox.org wrote: > Hello, > > CVS is delivering me my daily dose of PITA (and I'm delivering a daily > dose of whining to the list). I feel like I'm trying to use a wooden bicycle > driven by jolts from the ground to make a tour from Washington, DC to > Sacramento, California. >

Re: touchpad input driver: testing needed

2017-07-31 Thread Ted Unangst
Bryan Vyhmeister wrote: > On Mon, Jul 31, 2017 at 11:02:28PM +0200, Ulf Brosziewski wrote: > > for you. As always, a dmesg would be appreciated. The output of > > # wsconsctl | grep 'mouse' > > could also be of interest here (you must run it as root). > > This report is from a MacBookAir7,2

Re: Calculate the frequency of the tsc timecounter

2017-07-30 Thread Ted Unangst
Adam Steen wrote: > Sorry, i sent that before i had finished. > > I am trying to find an equivalent of the following code for FreeBSD we don't currently export this info, but we could add some sysctls. there's some cpufeatures stuff there, but generally stuff isn't exported until somebody finds

Re: diff exit status

2017-07-26 Thread Ted Unangst
Ibrahim Khalifa wrote: > Hi, > > If you run diff against two directories where you have file(s) and the only > difference is that you have file(s) that only exists in one of the > directories, diff will exit with 0. If you use -N och -P it will however exit > with 1. > > Reading through the

Re: signify implementation details and memory usage

2017-07-25 Thread Ted Unangst
Fabio Scotoni wrote: > Is there any particular reason why things are being done this way? I > could imagine that it's to stay compatible with upstream SUPERCOP, but > mod_ed25519.c does not seem to have changed in CVS for over three years. Yes, the idea is you should be able to diff the files

Re: Verified auth tty ioctl()s implementation details

2017-07-17 Thread Ted Unangst
multiplex'd wrote: > From an end-user standpoint, this means that if a user has run a > priviledged command using sudo and then (within the timeout) runs a > script which itself calls sudo, then they will not be prompted to > enter a password as the script is running with the same foreground >

Re: Using signify into shell script

2017-07-15 Thread Ted Unangst
Stephane HUC PengouinBSD wrote: > > $ signify -G -p Test.pub -s Test.sec > passphrase: > signify: please provide a password > $ ls -al | egrep Test > $ > > If not entry password, key files are not created! you can create keys without passphrases using -n.

Re: Skylake experience with -current

2017-07-11 Thread Ted Unangst
Bryan C. Everly wrote: > Thanks again to tedu and everyone else who put in the effort to get us > working on this architecture. I can't imagine it was easy! For the record, it wasn't me. Kettenis did some great work, though.

Re: A question of lock usage in OpenBSD kernel code

2017-07-07 Thread Ted Unangst
J Doe wrote: > Ok, thank you for clarifying that for me. I will proceed with development in > C. As an aside - do OpenBSD developers track with the latest standard (C11), > or is another standard preferred ? mostly c89. in particular, don't mix code and declarations.

Re: Playing (screwing up ) with partitions

2017-07-04 Thread Ted Unangst
Manuel Solis wrote: > My question is: > I know that i am missing some step to fulfill the shrinking process > but in the FAQ there is only a way to grow fs and i didn’t find the shrinking > fs, and in the book says that i should move the partition, well it does not > say it but i figured out

Re: Missed ifconfig [[-]txpower dBm] option for 802.11

2017-07-04 Thread Ted Unangst
Denis wrote: > Looking for ifconfig '[[-]txpower dBm]' option which was present in > OpenBSD 5.4 amd64. Try to find 'txpower' on 6.0 amd64 but seems it > missed out. > > Actively using it to match power for 802.11 card and it's RF recipient > (post amp). What mechanism of output power matching is

Re: ext2 or usb problem

2017-07-01 Thread Ted Unangst
Donald Allen wrote: > I am guessing, but do not know, that the trouble here is either in the > ext2 support or perhaps in the usb driver. If ext2, I realize that it It wouldn't surprise me that the USB stack can get wedged if it does lots of IO. ext2fs probably has other bugs, but I wouldn't

Re: ipmi driver broken

2017-06-28 Thread Ted Unangst
Paul B. Henson wrote: > After applying this and installing the resulting kernel, ipmi worked > fine. I skipped 6.0, but just updated my boxes to 6.1, and see the same > ipmi failures. It looks like this fix hasn't been applied, the code in > head is still missing this line. I applied it again to

Re: Bioctl rounds doesn't appear to affect the passphrase time?

2017-06-25 Thread Ted Unangst
Kevin Chadwick wrote: > On Fri, 23 Jun 2017 20:24:24 +0200 > > > > > > > I started by trying very high values with a simple password and > > > > > expected to have to wait a long time but it was always around 7 > > > > > seconds? > > > > very high as in -r 2000 ? > > > > > > Yeah,

Re: Bioctl rounds doesn't appear to affect the passphrase time?

2017-06-23 Thread Ted Unangst
Kevin Chadwick wrote: > On Fri, 23 Jun 2017 18:13:20 +0200 > > > > > I started by trying very high values with a simple password and > > > expected to have to wait a long time but it was always around 7 > > > seconds? > > very high as in -r 2000 ? > > Yeah, 2048? Is there a MAX? i do not

Re: A question of lock usage in OpenBSD kernel code

2017-06-23 Thread Ted Unangst
Jia-Ju Bai wrote: > Hi, > > I am a freshman in developing OpenBSD drivers, and I have a question in > lock usage in OpenBSD kernel code. > > I only find two kinds of locks which are often used in OpenBSD drivers, > namely "mutex lock" and "rw lock". I want to know which lock can be held > when

Re: bug tracking system for OpenBSD

2017-06-20 Thread Ted Unangst
Kai Wetlesen wrote: > What would a potential curator of a bug tracker need > to do besides spin up a server, install, and maintain > the chosen (or written) software? not underestimate the effort involved. so this has come up before, and the answer remains the same. anyone can setup a bug

Re: Is this an intrusion?

2017-06-15 Thread Ted Unangst
Maurice McCarthy wrote: > Hi, > > $ xauth list > ... > advancedsearch.virginmedia.com:0 MIT-MAGIC-COOKIE-1 > f3aa08ed0926482c51f5cb386e28a0ea > > > Virgin Media is my ISP. Is this an intrusion into my system please? I > ran xauth remove ... just for the sake of it anyhow. well, even if it

Re: Use of upwexpire to configure user password expiry policy

2017-06-09 Thread Ted Unangst
Darren Marshall wrote: > Hi guys, > > I'm trying to create a policy whereby a user added to an OpenBSD 6.0 system > automatically gets their password expiry set to 60 days. > > I did think that this could be accomplished by adding upwexpire="60d" to > /etc/adduser.conf but subsequent adding of a

Re: password hash options

2017-05-30 Thread Ted Unangst
Allan Streib wrote: > My /etc/login.conf file has "blowfish,a" as the value for localciper in > the default class. > > The login.conf(5) man page sys this about the "localcipher" capability: > > localcipherstring blowfish,aThe cipher to use for >

Re: bioctl crypto size limitation ?

2017-05-26 Thread Ted Unangst
sharon s. wrote: > > > >> softraid0: invalid metadata format > > You filled the disk with random data, which is not a valid metadata > > format... > I followed the FAQ, http://www.openbsd.org/faq/faq14.html#softraidCrypto . Sorry, I was hasty. You can also try creating smaller partitions. 16TB,

Re: smtpd doesn't start

2017-05-26 Thread Ted Unangst
Choose a display name wrote: > >As always, you can post your smtpd.config, dmesg and any errors > >you're receiving. "it doesn't work" and "i have a problem" won't > >get you much help on this list. > > I get no error, smtpd just hangs if network is up. > It looks like this: > > # smtpctl show

Re: bioctl crypto size limitation ?

2017-05-26 Thread Ted Unangst
myml...@gmx.com wrote: > Steps to recreate: > > dd if=/dev/random of=/dev/rsd0c bs=1m (took over a week) > > fdisk -iy -g sd0 (I left off the "-b 960" because this is not a > bootable partiton) > > disklabel -E sd0 > > Label editor (enter '?' for help at any prompt) > > a a > offset: [64]

Re: battery not detected on old macbook

2017-05-17 Thread Ted Unangst
Jan Stary wrote: > This is current current/i386 on a 2006 MacBook1,1 (model A1181). > dmesg and sysctl hw below. > > OpenBSD 6.1-current (GENERIC.MP) #0: Wed May 10 23:42:09 CEST 2017 > h...@macbook.stare.cz:/usr/src/sys/arch/i386/compile/GENERIC.MP > "ACPI0002" at acpi0 not configured The

Re: syspatch on diskless fails (stat -qf %Sd / issue)

2017-05-03 Thread Ted Unangst
Andreas KusalanandaKähäri wrote: > I'll try copying from an existing installation, and if that proves to be > too problematic, I guess I just have to check out the OPENBSD_6_1 branch > and build a new release (which I really had hoped I would not have to > do). There's nothing magic about the

Re: syspatch dhcpd

2017-05-03 Thread Ted Unangst
Renaud Allard wrote: > I did not reboot directly, I first tried a "ktrace dhcpd" which > instantly lead to a kernel panic. After the mandatory reboot, everything well that's somewhat disturbing.

Re: pledge from command line

2017-04-27 Thread Ted Unangst
Michael Hendricks wrote: > I would like to have pledge on the command line so I can restrict an ad-hoc > process during execution. For example: > > $ pledge "stdio" sed -e "s/foo/bar/g" output.txt > > I can't modify sed, for example, because I don't always want it pledged > that tightly. Since

Re: torrent downloads

2017-04-27 Thread Ted Unangst
Christoph R. Murauer wrote: > True but let me be a littlebit paranoid. Would it not be possible to create a > new .fs / .iso with new keys in /etc/signify/* and new SHA256 / .sig files to > place bad content and distribute it using a torrent ? I came across this idea > as I readed long time ago

Re: torrent downloads

2017-04-27 Thread Ted Unangst
Christoph R. Murauer wrote: > Let's say, you provide a torrent for the .fs and .iso files. Who trusts a > SHA256.sig file from an unofficial torrent ? The whole point of signing the SHA256 is you don't have to trust the person who gives it to you.

Re: pledge for sockets?

2017-04-26 Thread Ted Unangst
Luke Small wrote: > Would it be a good idea to make a pledge like call that limits a process > from connecting to ports and/or hosts? Maybe it could be done in way that > the kernel is made aware of the limitations like in a pledge call and while > the process is alive, the kernel spawns pf rules

Re: Installer disk info improvement (was - Re: querying scsi id/wwn for scsi disk)

2017-04-02 Thread Ted Unangst
Robert Peichaer wrote: > Parsing dmesg output always tends to be fragile, but what about this? > Use whatever is enclosed in <> in the dmesg output for a disk and get > the size from disklabel. This looks insane. If somebody can tell us what output they want, we can provide it in a more useful

Re: Missing message-ID header in OpenSMTPD emails

2017-03-31 Thread Ted Unangst
LD wrote: > I don't use the submission port on either server, just port 25, but 5.9 > sends a message-id and 6.0 does not. What does "/if necessary/" mean for the > 5.9 server? What is the deciding factor to make the header necessary? I > would like the v6.0 server to send a message-id too, how do

Re: Question about Skylake GPU support

2017-03-31 Thread Ted Unangst
narvu...@tutanota.com wrote: > Hello, > > Currently, there is no support for Skylake GPU, I just want to know if > someone is working on it. > If not, are there some technical difficulties to support this generation ? Or > nobody is working on it ? The technical difficulty is that upstream,

Re: tar and pax issue with pledge arguments. in -current

2017-03-24 Thread Ted Unangst
mitchell wodach wrote: > I have not updated my -current box for about a week and a half so I > don't know if that has something to with this. Should I update with a > newer snapshot from the mirrors? Yes.

Re: Userspace reproducibly hangs for a few minutes

2017-03-20 Thread Ted Unangst
Filippo Valsorda wrote: > Sometimes the hang lasts seconds, sometimes minutes. During the hang > everything is unresponsive except the kernel: network traffic drops, > serial console is stuck, ssh is stuck and eventually times out, > sometimes other applications running on the machine notice that

Re: grep -E -F

2017-03-15 Thread Ted Unangst
Ingo Schwarze wrote: > Hi Philip, > > oops, our mails crossed. > > > Standardese: POSIX doesn't specify that they are exclusive options > > It does: > > http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap12.html > > section 12.1, clause 8 That also says: The use of

Re: where are antialiased fonts now documented?

2017-03-14 Thread Ted Unangst
Jonathan Thornburg wrote: > What Fine Manual(s) should I be reading for up-to-date information > on antialiased fonts? I can't find anything relevant in xterm(1) or > any of the X server man pages. Interestingly, the example from the > 5.8-stable FAQ, > xterm -fa 'Mono' -fs 14 > *does* work on

  1   2   3   4   5   6   7   8   9   10   >