Re: Bootable installation partition on a hard drive?
On 7/9/20 5:07 pm, Walt wrote: > I have a new server on order that should arrive in a few days. It's intended > purpose is to replace my current firewall. It has no CD and so I'll make and > use a bootable flash drive as described in the Installation Guide section of > the FAQ. > > The server will have a second ssd drive and so I got to wondering if it might > be useful to create a bootable partition on the drive and install the > installation on it. > > I'm probably not going to do this but I am curious about whether it would > work very well. I'll probably install a second copy of the OS on the second > drive and mirror all configuration files to it so that if anything happens to > the main drive, I can turn around and boot from the second and be up and > running almost immediately. Maybe you want to just run them in a softraid mirror... https://www.openbsd.org/faq/faq14.html#softraidDI > > Thanks, > > Walt > > Sent with [ProtonMail](https://protonmail.com) Secure Email. >
Re: fw_update issue with colon in URL
On 15/7/20 5:57 am, mabi wrote: > http://firmware.openbsd.org/firmware/6.7/: no such dir > Couldn't find updates for intel-firmware-20191115v0 > > It looks like I have a colon ":" at the end of the URL which of course makes > the URL invalid. Now how could this happen? and in which file do I fix that? That's just a separator in the output, not in the URL. : hth
Re: More than 16 partitions
On 2020-04-24 04:45, zeurk...@volny.cz wrote: > Your point is well-taken (though this is just the way mespeaks); yet, > Theo is a native speaker No-one is a native speaker of this made up crap, mecraps
Re: Hosting a CDN question
On 2020-03-18 19:42, Stuart Henderson wrote: > On 2020-03-17, Flipchan wrote: >> Yeah the point with a cdn is to lower the latency of it so therefor you what >> is needed is just not only a fast http server but a traffic redirector >> depending on the end users origin > > Doing this via redirects does not lower latency, it increases it. > > It may reduce overall time to fetch objects if they are large enough > that faster transfers speed things up enough to offset the higher > latency from connecting to one server, requesting, being redirected, > connecting to the second server, requesting, receiving content. This is equally true if there are many objects to fetch, especially if they aren't all fetched at once - they don't need to be large for the magic to help. > To reduce latency you need another way to direct users to a nearby > server without doing redirects. Usually either geolocation-aware DNS > that hands out an IP address close to the user's DNS resolver (this > can have problems if the user uses a non-local resolver as is the case > with some DNS privacy services, but is not usually too bad - look at > thd geoip flavour of the isc-bind port, or gdnsd)), or BGP anycast with > connections to other networks around the world (as well as BGP skills, > you need an AS number, at least a /24 of address space that you can use > for this purpose, and hosting providers that will allow you to make BGP > announcements). I've never used this, but it definitely attempts to solve these issues: https://trafficcontrol.apache.org/ IIRC it was developed at Comcast for VOD (ie many large objects), and is built around Apache Traffic Server (ex Yahoo) It uses DNS to get as close as it can, then 302s the first HTTP request based on source IP > Alternatively the pages pulling in the content can do a dynamic > lookup and use a local-to-the-user hostname when referencing > the objects
Re: Jitsi on OpenBSD
On 2020-03-16 21:59, Edd Barrett wrote: > Could be that the jitsi server is overloaded. I doubt that - unless it's changed since I last looked, the Jitsi server does very little actual "work" during a call... most of the work is done in the browser (which is why Jitsi scales to "many calls" very well, and "many participants" very poorly)
changed UpdateHostKeys behaviour in current?
I've just updated to the latest snap, and now every SSH connection I make is asking me to accept updated hostkeys. $ ssh somehost Learned new hostkey: RSA SHA256: Learned new hostkey: ED25519 SHA256: Accept updated hostkeys? (yes/no): I see that some changes have been occurring around UpdateHostKeys - https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c Eg https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ssh.c?rev=1.415=text/x-cvsweb-markup Is this expected behaviour? Kind of creepy to have every connection ask to accept new host keys at the same time! Thanks
Re: Disable ftp in pkg_add syspatch sysupgrade
On 2019-10-29 20:19, PJ wrote: > Am 28.10.19 um 23:52 schrieb Stuart Henderson: >> On 2019-10-28, Andy Lemin wrote: >>> Hi guys, >>> >>> Does anyone know if it is possible to completely disable ftp in the package >>> management utilities; pkg_add, syspatch, sysupgrade etc? >>> >>> My PKG_PATH references http:// urls, as does /etc/install. But I cannot >>> stop these tools trying to use ftp which does not work! :( >> Can you show some example URLs, for example from "pgrep -lf ftp" while >> trying to use one of these utilities? >> >> The only place I would expect to see ftp:// URLs used > > > grep ftp /usr/sbin/sysupgrade $ grep -ne ftp -e URL -e MIRROR /usr/sbin/sysupgrade 102:0) MIRROR=$(sed 's/#.*//;/^$/d' /etc/installurl) 2>/dev/null || 103:MIRROR=https://cdn.openbsd.org/pub/OpenBSD 105:1) MIRROR=$1 117:URL=${MIRROR}/snapshots/${ARCH}/ 119:URL=${MIRROR}/${NEXT_VERSION}/${ARCH}/ 136:unpriv -f SHA256.sig ftp -Vmo SHA256.sig ${URL}SHA256.sig 176:unpriv -f $f ftp -Vmo ${f} ${URL}${f} Your point? > >> is when fetching >> certain distfiles while building some things from ports (and they would >> usually fallback to http://ftp.openbsd.org/pub/OpenBSD/distfiles if >> the ftp fetch failed).. >> >> >> >
Re: How to dock laptop more easily
On 2019-10-14 19:33, Marcus MERIGHI wrote: > j...@begriffs.com (Joe Nelson), 2019.10.14 (Mon) 04:32 (CEST): >> I'd like to write a daemon to change machdep.lidaction and the xrandr output >> as >> an external monitor or power is attached/detached from my laptop. Is there a >> way to detect those events from a C program? > > x-on-resize[1] might help with detecting plug/unplug events of external > monitors. > > [1] > https://keithp.com/blogs/x-on-resize/ > git://people.freedesktop.org/~keithp/x-on-resize > https://github.com/thedward/x-on-resize > https://marc.info/?l=openbsd-misc=148839239518671 I was about to mention x-on-resize. I use it to invoke autorandr. https://pypi.org/project/autorandr/ And for power there's already sensorsd $ sysctl hw.sensors.acpibat0.raw0 hw.sensors.acpibat0.raw0=1 (battery discharging), OK Not sure how you will transition from this state: >> PowerMon Open| SleepDisplay >> --+-- >> x| asleep to this one: >> xx| awakeexternal I.e. wake up from standby when power is applied, without opening the laptop - machdep.lidaction won't help with that. t > Marcus > >> Here is how I want the sleep state and output display to change based on >> whether power is connected, an external monitor is attached, and the laptop >> is >> open: >> >> PowerMon Open| SleepDisplay >> --+-- >> xxx | awakeboth >> xx| awakeexternal >> x x | awakelaptop >> x | asleep >> xx | awakeboth >> x| asleep >> x | awakelaptop >> | asleep >> >> -- >> Joe Nelson https://begriffs.com >> >
Re: Ansible install Re: Reboot and re-link
On 6/22/19 7:23 AM, Frank Beuth wrote: > I wonder if there is a way to have Ansible build a custom > autoinstall.conf (using templates) and insert it into bsd.rd immediately > prior to uploading. I use elfrdsetroot from upobsd to do something along these lines $ pkg_info upobsd Information for inst:upobsd-1.1 Comment: download, verify and patch bsd.rd image Description: upobsd is a ksh(1) script designed to download, verify and optionally patch bsd.rd image. upobsd will download bsd.rd image using ftp(1) from mirror defined in installurl(5), will verify the downloaded file using signify(1) and local key inside /etc/signify to ensure integrity, and optionally patch the image for adding auto_install.conf or auto_upgrade.conf file to add support of offline autoinstall(8). Maintainer: Sebastien Marie WWW: https://bitbucket.org/semarie/upobsd
ppp connect problem - Change route failed: errno: Network is unreachable
Hi, ppp does connect, over my bridging dsl router, but it drops the connection after approx 20 seconds. I think the important log entry is this: tun0: Warning: 0.0.0.0/0: Change route failed: errno: Network is unreachable I tried with and without my regular ppp.linkup so I'm sure it's nothing in there. I'm working on this from about 10.5k miles remote so I've got to be a bit careful, but I've bunged my public key in .ssh/authorized_keys and added passwordless sudo for meself so I can do a fair bit with my precious 20 seconds. I've included the log between two redials below, followed closely by my ppp.conf, ppp.linkup and finally a 'netstat -nrfinet'. Please cc me in replies as I'm not on list. thanks a lot rgds Tom Ryan Oct 12 01:14:55 fairfield ppp[24551]: tun0: Phase: deflink: HUPing 25083 Oct 12 01:14:55 fairfield ppp[24551]: tun0: Phase: deflink: hangup - opening Oct 12 01:14:55 fairfield ppp[24551]: tun0: Phase: deflink: Enter pause (15) for redialing. Oct 12 01:14:55 fairfield ppp[24551]: tun0: Chat: deflink: Reconnect try 328 of 1 Oct 12 01:15:10 fairfield ppp[24551]: tun0: Chat: deflink: Redial timer expired. Oct 12 01:15:10 fairfield ppp[24551]: tun0: Warning: Carrier settings ignored Oct 12 01:15:10 fairfield ppp[24551]: tun0: Phase: deflink: Connected! Oct 12 01:15:10 fairfield ppp[24551]: tun0: Phase: deflink: opening - dial Oct 12 01:15:10 fairfield ppp[24551]: tun0: Phase: deflink: dial - carrier Oct 12 01:15:10 fairfield ppp[24551]: tun0: Phase: deflink: carrier - login Oct 12 01:15:10 fairfield ppp[24551]: tun0: Phase: deflink: login - lcp Oct 12 01:15:10 fairfield ppp[24551]: tun0: LCP: FSM: Using deflink as a transport Oct 12 01:15:10 fairfield ppp[24551]: tun0: LCP: deflink: State change Initial -- Closed Oct 12 01:15:10 fairfield ppp[24551]: tun0: LCP: deflink: State change Closed -- Stopped Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: LayerStart Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: SendConfigReq(247) state = Stopped Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MRU[4] 1500 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x12e40f3c Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: QUALPROTO[8] proto c025, interval 5000ms Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: State change Stopped -- Req-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: RecvConfigReq(117) state = Req-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MRU[4] 1492 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x78576f89 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: SendConfigAck(117) state = Req-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MRU[4] 1492 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x78576f89 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: State change Req-Sent -- Ack-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: RecvConfigRej(247) state = Ack-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: QUALPROTO[8] proto c025, interval 5000ms Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: SendConfigReq(248) state = Ack-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MRU[4] 1500 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x12e40f3c Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: RecvConfigAck(248) state = Ack-Sent Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MRU[4] 1500 Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x12e40f3c Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: State change Ack-Sent -- Opened Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: LayerUp Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: SendEchoRequest(0) state = Opened Oct 12 01:15:11 fairfield ppp[24551]: tun0: Phase: bundle: Authenticate Oct 12 01:15:11 fairfield ppp[24551]: tun0: Phase: deflink: his = CHAP 0x05, mine = none Oct 12 01:15:11 fairfield ppp[24551]: tun0: Phase: Chap Input: CHALLENGE (16 bytes from vez8-exhibition) Oct 12 01:15:11 fairfield ppp[24551]: tun0: Phase: Chap Output: RESPONSE (###) Oct 12 01:15:11 fairfield ppp[24551]: tun0: LCP: deflink: RecvEchoReply(0) state = Opened Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: deflink: RecvConfigReq(2) state = Opened Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: deflink: LayerDown Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x78e2a657 Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: deflink: SendConfigReq(249) state = Opened Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: MRU[4] 1500 Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: MAGICNUM[6] 0x4273c88f Oct 12 01:15:13 fairfield ppp[24551]: tun0: LCP: QUALPROTO[8] proto