On 24/11/2019 09:20, Rachel Roch wrote: You can't seriously be calling "-x* -game*" an unsupported configuration ? Seems to me like a sensible thing to do on any box that's going to be headless for its entire life and only ever accessed via SSH (or text console at a push). I agree in principle. However... Many software packages include dependencies on X libraries (not merely in OpenBSD but in general). Personally I don't think it is worth going to all the trouble of eliminating every unnecessary dependency on X libraries, especially considering that many of these packages are complex, complicated, and deeply integrated in to the OS. The effort is better spent elsewhere. I haven't looked but I expect that games packages don't take a lot of storage relatively speaking. I once experienced a situation where something broke -- on a Linux system I think -- where a non-games package failed to install or execute because I hadn't installed any games packages and therefore the expected directory structure that would have otherwise been created wasn't in place. Different users will have different interpretations of what comprises the "minimal set of software packages and their configurations for a functional headless server". The two broad examples above are descriptions of depedencies that some people would find harmless. Others would find them messy. Others would find them harmless /and/ messy. Personally I don't mind. I would prefer a stable system where all the dependencies are in place, the system is supported, and I am able to seek support from the community. Resources are too scarce to spend fixing this (in my opinion) non-problem. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 16/11/2019 06:55, Roderick wrote: On Thu, 22 Jan 1970, Chris Bennett wrote: Yes, but ed also allows one to easily work with only 1-3 lines of screen. I think with every line editor is so? I don't know of any line editors aside from ed, Vi's open mode, Sam, Edlin, and QED and its deriviatives. This has gotten me thinking about whether line-based editing is really the best abstraction for simple editors. If I understand right then this is what structural regular expressions are supposed to expand on. The power of ed is in the regular expressions, search and substitution. I assumed that the canonical reference for ed was K, "The Unix Programming Environment". But since then I have discovered this book: https://mwl.io/nonfiction/tools#ed When I return home I will buy it. (I'm overseas at the moment.) What are some other good books for learning ed? How about online resources, e.g., FTP sites with collections of interesting scripts. I'm particularly interested in its history, usage idioms, different implementations, multilingual capabilities, and using it as a vehicle for mastering regular expressions to the point that they are second nature. Sam looks very interesting too, and twenty years after writing my first text editor I've returned to my favorite type of personal side project, and looking for the kindest mix of functionality and simplicity. The key was understanding not to make something "no simpler" than the simplest useful design. The only thing that I find more comfortable in sos and miss in ed is the line alter mode that allows to interactively delete and insert characters in a line. What is sos? Is it something like open mode in Vi? That is also what one wants to carefully do in configuration files. Normaly no big editing. Indeed. Sometimes my blood runs cold when I'm writing and deploying a hotfix of this nature in a production system. The example that somebody gave earlier in this(?) thread about fixing a `/etc/fstab` is one that I have experience with. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 15/11/2019 04:45, Raymond, David wrote: I have done similar things on Linux for years and am now doing them on OpenBSD. Sounds like what you want to do can be done with a simple rsync script. OpenBSD ffs (ufs) should be stable, it has been around for decades in various incarnations. I have never noticed bit rot in this system, though I imagine it could happen if a disk is gradually going bad. Please correct me if I'm wrong because I don't want to spread incorrect information. A couple of months ago I read a couple of reports of filesystem corruption on OpenBSD. I didn't have time to investigate deeply and I don't know if these issues were even real. Even if they were real I don't know if the problem was due to user error or a defect in the OS. Does anybody know anything about this? That's why multiple backups help. Agreed. See below. You might want to set up a raid5 backup, as this detects parity errors. More complicated though. This is exactly the kind of reason that hybrid volume management systems + filesystems such as Btrfs and ZFS have become popular. I do not know anything about OpenBSD's LVM. One weakness in such as system (ask me how I know!) is that if the NAS goes gradually bad, the errors will propagate to the backup. Using rsync without the --delete option most of the time alleviates this somewhat. Only run with --delete when the backup starts getting full and you are confident that your NAS drive is ok. This is an excellent reason for implementing a system that includes not only backups, but long term storage /archives/ too. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 03/11/2019 12:44, Xianwen Chen (陈贤文) wrote: Does _pandoc_ work on OpenBSD now? Pandoc doesn't work on OpenBSD? This is seriously a bit of a shock. It is one of the most useful tools I have ever used. If you are writing any sort of documentation then I *highly* recommend checking it out on a platform where is does work. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 28/08/2019 15:32, Mohamed salah wrote: I wanna put something in discussion, what's your motivational to use OPENBSD what not other bsd's what not gnu/Linux Of all the things that naturally pull me towards BSD, I can not think of anything that OpenBSD does better than the other BSD's. Conversely OpenBSD is not very good at being a file server. It's also not very good at SMP. These issues have been known for a long time and it doesn't take much research to find out these facts when evalutation technologies for specific important use cases. I understand that the SMP deficiencies are being worked on. I don't know about the lack of file server functionality however. In other words, I don't know how important it is for the OpenBSD project that it eventually becomes a top contender when evaluating an OS for a file server or NAS. I also use NetBSD. NetBSD and OpenBSD are both excellent and often I enjoy using NetBSD more. I use OpenBSD for many reasons. Here are a few, and many of them apply equally well to my use of NetBSD: - The /community/ of /any/ software that I have the luxury of choosing is a critical factor. It is equally as important as the technology itself. OpenBSD's community has been wonderful to work with. I mostly interact on the the firstname.lastname@example.org mailing list and the #OpenBSD IRC channel on freenode. - Its out-of-the box pf firewall. This has a LOT of community knowledge, which is a huge advantage. Not only is this important to implement 100% correctly, but it's important that you understand all the relevant lurking unknowns so that you don't have false confidence in a misconfigured firewall. This is one area where a large community of experts is extremely helpful. - I would prefer to use a simply configured OS instead of an appliance like OPNSence or pfSense. I don't think they add much value. However, if I was a network or security engineer in a large enterprise, I'd probaby be working very differently. Based on my experiences working in large corporate enterprises so far, i.e., based on my observations, I'd probably be using an appliance from Cisco, Juniper, F5, etc. This is not a negative point against choosing OpenBSD. I've never been in a position of influence in a large, corporate enterprise's network division (I'm not a network engineer professionally). It's an observation, not something I would /necessarily/ choose. To be fair, I have seen many amazing things that these expensive devices from Cisco, Juniper, and F5 can do too. On the other hand the libre nature of OpenBSD is one its major benefits. If you ever need to audit your security infrastructure then OpenBSD puts you in a good place right from the beginning. - OpenBSD's documentation is excellent. Documentation is clear and complete. Man pages exist and are meaningful. In fact, I use OpenBSD's (and other *BSD's) coding standards and documentation style as a model for my own projects, even they have nothing in particular to do with *BSD. - OpenBSD has a concise base system that is understandable, learnable without too much congitive stress, and (usually) fast to install. - As somebody else has mentioned, they use OpenBSD precisely *because* they also use other operating systems. It is the same for me. It is important to learn how different OS'es do similar functions. Moreover, I am starting to learn how to write my software to be more portable. Portable software is, by its nature, of a higher standard than software that runs only on GNU/Linux, for example. I'm still a beginner as far as this is concerned. It means expanding beyond *nix too. (This blind adherence to "the Unix philosophy" as though its superiority in OS design is axiomatically true has had a negative effect on the collective imagination of many people.) - OpenBSD runs on architectures other than x86_64 that I am interested in. For example, PowerPC-based Apple Macintosh systems and SPARC-based systems. This ties in intimimately with my previous point re: support of architectures. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Why make this complicated? Get a Shure SM58 and be happy for the rest of your life. On 11 August 2019 17:22:33 BST, Samuel Larkin wrote: >I have a focusritte scarlett interface which mostly works under >openBSD. You could then get a XLR mic such as the Audio Technica >AT2020. It is a little more expensive to go that route but makes it >easier to upgrade in the future.
Hi Tom, What are you actually doing? What kind of audio are you processing? Can you tell us more about your project? Andrew On 9 August 2019 19:43:12 BST, Tom Smyth wrote: >Hi All, > >just wondering any of you audiophiles who use OpenBSD do you have >recommended Microphones / Sound cards / data acquisition interfaces >that would work well with OpenBSD... >any recommendations suggestions welcome ... Sound is not something >I have messed much with OpenBSD... and I may as well ask people in the >know > >Thanks and Happy Friday Folks > > >-- >Kindest regards, >Tom Smyth.
On 14/07/2019 14:05, Roderick wrote: On Sun, 14 Jul 2019, U'll Be King of the Stars wrote: Is there documentation that explains how to configure this kind of point-to-point Ethernet connection, and associated routing tables, on OpenBSD? I never had problems with it: just as normal LAN. Yes, but there are caveats and it requires manual configuration. Depending on the OS there are different sorts of gremlins to look out for when configuring the connection. Point to point. Hmm. I used slip+tcp/ip instead of zmodem to transfer files between rs232. Now remains ppp, a litle more complicated. When I said "point to point" I meant an Ethernet connection that goes directly from one machine to another (with a crossover adapter if the NIC can't be configured to do this manually or via autodetection). Such a connection would not pass through any hub, switch, or router. I don't know if that was clear. I've used SLIP+TCP/IP or PPP+TCP/IP over RS232 in the age of dialup ISP's. And also for a months when I was trying to access my personal workstation on my university campus, from home. But I just followed instructions to get the darn thing working and I can not remember how it is configured or how I would get it to work now. THIS would certainly be an interesting and useful thing to learn about. Also, I would like to learn how to use ZMODEM (and other protocols) to transfer files again. I haven't used it since my BBS days. ^ All of this kind of knowledge needs to be documented thoroughly. Hardware specifications need to be made clear too. Preferably all open source. I'm keen to do this (but first is getting my web site and CMS set up). Knowing how to quickly set up such a communications link can rescue an emergency scenario. But the primary use case now is to be able to directly interface between a laptop computer (running OpenBSD) and an out of band management interface on a server (BMC/IPMI). Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 14/07/2019 10:35, cho...@jtan.com wrote: I also string a cable between their ethernet ports for maximum speed which I bring up manually at each and because I'm too lazy to automate it, that's 10.100.200.2/24 on linux and 10.200.200.1/24 on openbsd. Is there documentation that explains how to configure this kind of point-to-point Ethernet connection, and associated routing tables, on OpenBSD? Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
[Please ignore the previous message I sent on this topic. I accidentally pressed 'Send' before my message was complete.] On 22/06/2019 19:52, cho...@jtan.com wrote: > Lyndon Nerenberg writes: >> We are looking forward to that. *However*, there is a lot to be >> said for regularly re-installing your hosts from scratch. This >> ensures your installer scripts don't rot as host system "features" >> accrete over time. This is prone to happen when you Ansible- or > > Or as I like to put it: Reboot* often, to ensure that you can. Uptime is > overrated. In my experience, there are indeed benefits to rebooting production servers on a scheduled maintenance basis. Here are two example problems that it could help with: 1. If long-running processes are running then there is some chance that the system is suffering memory fragmentation. This will make your server slower. I think it could also/either trigger an OOM. 2. Untested changes could have been deployed since last reboot. They might have unpredictable effects on the startup scripts. 3. The startup scripts might no longer work _at all_ if the server has been in continual operation for a long time, such as five years. This can happen due to the phenomenon known as "bit rot". Some benefits of a regular, scheduled reboot cycle: 1. Rebooting will clear up memory fragmentation. 2. Rebooting will improve confidence that it is possible to reboot the server in a clean way and that the startup scripts still work. After initial boot the server will progress to its intended runtime state. ("Have you tried turning it off and then back on again?") Having this kind of confidence is particularly important when a server crashes or when you need to perform unscheduled maintenance to deploy to urgent hotfix. Another thought literally just occurred to me. Regular _unscheduled_ reboots seem like a typical chaos engineering technique. I haven't investigated chaos engineering closely but I'd be surprised if it isn't. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 22/06/2019 19:52, cho...@jtan.com wrote: > Lyndon Nerenberg writes: >> We are looking forward to that. *However*, there is a lot to be >> said for regularly re-installing your hosts from scratch. This >> ensures your installer scripts don't rot as host system "features" >> accrete over time. This is prone to happen when you Ansible- or > > Or as I like to put it: Reboot* often, to ensure that you can. Uptime is > overrated. In my experience, there are indeed benefits to rebooting production servers on a scheduled maintenance basis. If long-running processes are running then there is some chance that the system is suffering memory fragmentation. This will make your server slower. I think it could also/either trigger an OOM. Untested changes could have been deployed since last reboot. They might have unpredictable side-effects on the startup scripts. Some benefits of a regular, scheduled reboot cycle:d 1. Rebooting will clear up memory fragmentation. 2. Rebooting will improve confidence that it is possible to reboot the server and in a clean way and improve confidence that the startup scripts still work. After initial boot it will progress to its intended runtime state. ("Have you tried turning it off and then back on again?") This is particularly important in a situation where a server crashes, needs unscheduled maintenance, or you need to decide whether it is safe to reboot (A thought just occurred to me that the following reasons might be a part of chaos engineering, which I have been meaning to investigate but haven't found time yet.) -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
On 21 June 2019 14:04:50 BST, Florian Obser wrote: >On Thu, Jun 20, 2019 at 10:47:49PM +0200, mathijs wrote: >> this makes misc@ so much more amusing > >It really doesn't. We are not here to have manure tossed at us for the >audience's amusement. Agreed. This kind of abuse happens in any FOSS project. This "Maxim" is an absolute creep, but many people are far, far worse, even. I wasted so much time and energy in the FOSS project I ran having to take countermeasures against such people.
Dear Maxim, How are you? Have you considered taking time away from the computer and doing something else for a while? Abusing people generally doesn't work well when you're asking for something to be done, regardless of whether or not it's paid work. Why would anybody with any self-respect respond to your demands? For example, if you were my manager at work I would have reported you to HR by now. You seem frustrated. Are you under a lot of pressure or is it something else? These are rhetorical questions. Have you considered searching deep inside yourself to find a way to transform this angry energy into something else? Obviously I don't really want to get involved in your personal life because it's none of my business. But whatever you do, please look after yourself. Kind regards, Andrew On 20/06/2019 22:31, Maxim Bourmistrov wrote: > Why the f I have old kernel? > The ONE taking care of all sh. > > On Thu, 20 Jun 2019 at 22:43, Maxim Bourmistrov > wrote: > >> btw, after reboot, sys converted to 6.4 kernel. yet again >> I removed all /bsd* >> Do I need to rm /usr/obj* as well >> >> On Thu, 20 Jun 2019 at 22:12, Theo de Raadt wrote: >> >>> Maxim Bourmistrov wrote: >>> What is seen in 'top' is what compile does to the sys. snmpd just >>> freacks out, and the rest as well. This is VMWare. Storage below is VSAN. bgpd streches 4 arms - to fw1 and 3 remote VPS. No big deal here. >>> Private stuff, no massive peering. No peering at all, except mentioned. Compile sucks out all rss and I don't think this is OK to have this >>> machine in line, handling traffic. If I had only one node, with active connections, I'd say I'm offline >>> while compile is active. >>> >>> My laptop does the required relink in under 10 seconds. >>> >>> 0m05.54s real 0m03.21s user 0m02.15s system >>> >>> My landisk with 64MB of ram and a 266MHz cpu is a little slow. >>> >>> It's great you have an opinion. I have a different opinion. >>> Isn't it great we can all have different opinions? >>> >>> Must say, I'm glad I'm not relying on your failing services.. >>> >> -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Honestly I think the best thing is to ignore people like this. From the start it was clear that this is a very angry person who needs to spend more time looking in the mirror and less time at the computer. I used to run a FLOSS project and experienced this kind of abuse regularly. Andrew On 20 June 2019 21:44:16 BST, Theo de Raadt wrote: >The OpenBSD user community is has too many people like this. > > >From: Maxim Bourmistrov >Date: Thu, 20 Jun 2019 22:34:54 +0200 >Subject: Re: Reboot and re-link >To: Theo de Raadt > >Go away?! I'm your user - FIX IT. > >On Thu, 20 Jun 2019 at 22:32, Theo de Raadt >wrote: > > I take a lot of responsibility, which is why the system has KARL. > > Go away. > >From: Maxim Bourmistrov >Date: Thu, 20 Jun 2019 22:35:21 +0200 >Subject: Re: Reboot and re-link >To: Theo de Raadt > >Fix it NOW! > >On Thu, 20 Jun 2019 at 22:34, Maxim Bourmistrov > wrote: > > Go away?! I'm your user - FIX IT. > >On Thu, 20 Jun 2019 at 22:32, Theo de Raadt >wrote: > > I take a lot of responsibility, which is why the system has KARL. > > Go away. > >From: Maxim Bourmistrov >Date: Thu, 20 Jun 2019 22:41:25 +0200 >Subject: Re: Reboot and re-link >To: Theo de Raadt > >You are not true here. >You get paid. >Fuck man, I like OS and been following for a long time. Team does good >stuff. >But something is not OK, since 6.5. >Question is what is not OK. >You devs might help out.
On 13/06/2019 20:56, Misc User wrote: > On 6/13/2019 9:42 AM, Adam Thompson wrote: >> On 2019-06-12 03:55, Ingo Schwarze wrote: >> During initial system installation & deployment, before doas is >> configured, and assuming you haven't [yet] added your SSH keys to >> ~root/.ssh/allowed_keys, it's quite impossible to avoid using su. >> (AFAIK. If there's another way, let me know!) > > siteXX.tgz > > https://www.openbsd.org/faq/faq4.html#site This is a neat solution. Another could be to use single user mode as per https://www.openbsd.org/faq/faq8.html#LostPW . This is pretty low level and whether or not it is sufficient depends on what sort of extra configuration needs doing. Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9
Hi all, I am buliding an Internet-facing firewall plus router on the bare metal of a small and quiet machine at home. I am investigating OpenBSD+pf and NetBSD+npf, and will choose either one depending on many factors. I considered pfSense, but I would rather use a plain operating system and keeps things simple. I have a Supermicro A1SRi-2358F and an A1SRi-2558F laid aside for these sorts of tasks. (See https://www.supermicro.com/products/motherboard/Atom/X10/A1SRi-2358F.cfm and https://www.supermicro.com/products/motherboard/Atom/X10/A1SRi-2558F.cfm . ) I am well aware of the boot cycle bricking problem (Erratum 54 in the C2000 spec). I have researched this, etc. Do these boards work well with OpenBSD? In other words, are they well supported? Thanks! Kind regards, Andrew -- OpenPGP key: EB28 0338 28B7 19DA DAB0 B193 D21D 996E 883B E5B9 signature.asc Description: OpenPGP digital signature