SCSI enclosure + disks wanted

2005-08-08 Thread Theo de Raadt
We are looking for a SCSI RAID enclosure + at least a few disks, for testing/development purposes, in Toronto. This is to make the raid management stuff work better. A few of us are working on the code, but we would like the main scsi guys in Toronto to play along too. The stuff is making

Re: SCSI enclosure + disks wanted

2005-08-08 Thread Theo de Raadt
Is this for mainly testing or is actually planed for real usage? It is for testing and development. I've got ultra2 stuff around, 9GB disks and both DEC/alpha and generic rackmount enclosures... -By todays' standards 8x9GB is not a lot of room, and ultra2 is not exactly fast but it *might*

Re: sgi 02 latest snapshot CD37.iso boot problems

2005-08-12 Thread Theo de Raadt
Look Roger, you have a SERIOUS READING PROBLEM. Hello Mark and List, thank you for the reply and assistance. I have tried Booting from CD-ROM installation media with cd38.iso but the 02 does not recognize the media. When I go into the maintenance menu and boot -f dksc(0,4,8)boot, it

Re: Crypto cards

2005-08-20 Thread Theo de Raadt
I recently acquired a Broadcom 5805 for use with my OpenBSD box. Googling for the past hour has not quite yielded the info I need, though I may not be hitting the right keywords, so I'm turning here for a bit of help. Will I need to recompile any of my applications i.e. OpenSSL, OpenSSH,

3.8 beta requests

2005-08-22 Thread Theo de Raadt
We are heading towards making the real 3.8 release soonish. I would like to ask the community to do lots of testing over the next week if they can. This release will bring a lot of new ideas from us. One of them in particular is somewhat risky. I think it is time to talk about that one, and

Re: 3.8 beta requests

2005-08-22 Thread Theo de Raadt
We ask our users to help us uncover and fix more of these bugs in applications. Some will even be exploitable. Instead of saying that OpenBSD is busted in this regard, please realize that the software which is crashing is showing how shoddily it was written. Then help us fix it. For

Re: 3.8 beta requests

2005-08-22 Thread Theo de Raadt
We are heading towards making the real 3.8 release soonish. I would like to ask the community to do lots of testing over the next week if they can. What is the best way to test? Should we be downloading snapshots daily? Install snapshots. Install snapshot packages. Try using it as if it

Re: 3.8 beta requests

2005-08-23 Thread Theo de Raadt
Your mail has nothing to do with the 3.8 release, nor with testing our code, nor with the malloc stuff I posted. You are hijacking yet another thread with your broken code, and it is quite frankly getting boring. I am not sure if this is related. But when I code assembly to pass a double

Re: 3.8 beta requests

2005-08-23 Thread Theo de Raadt
We are heading towards making the real 3.8 release soonish. I was wondering, when can we start pre-ordering our cd-sets? We normally setup pre-orders 1 month before. We might do it a bit earlier... dunno. But it is hard to do when artwork is not final yet :)

Re: 3.8 beta requests

2005-08-23 Thread Theo de Raadt
On 8/23/05, Theo de Raadt [EMAIL PROTECTED] wrote: This release will bring a lot of new ideas from us. One of them in particular is somewhat risky. First off: I like the idea. The technical merit is obvious. I have a question regarding the timing, though. Is there a particular reason

Re: OpenBSD 3.7 on Soekris rebooting at random

2005-08-23 Thread Theo de Raadt
My OpenBSD 3.7 running on a Soekris net4511 reboots with no obvious reason. I've started monitoring the memory usage, load average and pf states, but these do not seem to be related to the problem. I'm also using the hardware watchdog which I will disable to see if it is involved in the

Re: 3.8 beta requests

2005-08-23 Thread Theo de Raadt
# Is this the way it is supposed to be? cheers, Masoud Sharbiani On Mon, Aug 22, 2005 at 05:33:40PM -0600, Theo de Raadt wrote: We are heading towards making the real 3.8 release soonish. I would like to ask the community to do lots of testing over the next week if they can

Re: /usr/share/pf/ suggestion

2005-08-23 Thread Theo de Raadt
Secondly, it seems pretty pointless to setup pf on a single host. That is the most ridiculous thing I've heard all day. Lots of people run servers and must block them, on the same machine. Probably every single one of us.

Re: /usr/share/pf/ suggestion

2005-08-23 Thread Theo de Raadt
That is the most ridiculous thing I've heard all day. Lots of people run servers and must block them, on the same machine. Probably every single one of us. I'm not sure I understand what you mean. If you're going to run a server, what's the point of blocking it? Might as well turn it

Re: /usr/share/pf/ suggestion

2005-08-23 Thread Theo de Raadt
I never said that. PF isn't the only way to block packets, like TCP wrappers or ACL's within the server itself. That is horse shit, and shows that you don't know how actual code works. I prefer to filter problems BEFORE THE ACTUAL CODE RUNS. Perhaps you don't know what a pre-authentication bug

Re: /usr/share/pf/ suggestion

2005-08-23 Thread Theo de Raadt
Your statements are beyond ridiculous. You are saying If you need to filter it, you should not be running it. X doesn't have to listen on TCP 6000, you can setup a unix socket, and it's no longer reachable from the network, and you still have full functionality (I know, I do just that).

Re: 3.8 beta requests

2005-08-24 Thread Theo de Raadt
A few things that get bitten are some packages doing their own and very different memory management, but can't avoid malloc altogether. That is ports/lang/clisp, that seems to be also gprolog Can you describe how these programs manage to seg fault doing their memory management? How do

Re: Netgear WG511T on CURRENT: Supported or not?

2005-08-27 Thread Theo de Raadt
I can return the card easily enough, but there has been some discussion previously of removing non-working cards from the ath(4) man page. Has anyone gotten this card to work properly? Should it also be removed from http://www.openbsd.org/i386.html ? No, no, no. Newer versions of chipsets

Re: raid kernel

2005-08-27 Thread Theo de Raadt
Just curious, what does the dev team think about Vinum? I want a raid model that acts as if it is a regular scsi drive, ie. sdN. Like our hardware raid controllers work. Right now what we have in the tree is poo, and vinum is just as much poo too. I do not envision enabling this stuff in

Re: core dumps disabled after chroot?

2005-08-28 Thread Theo de Raadt
I want to chroot an application I'm developing, but I still want coredumps... _dump.c_ #include stdlib.h int main() { abort(); } # gcc dump.c -o dump # ./dump Abort trap (core dumped) # chroot ./ ./dump Abort trap

Re: Shouldn't OpenBSD X11 come out with -nolisten tcp as default?

2005-08-29 Thread Theo de Raadt
I thought it would make sence for most secure OS. One port less listening the World. That's not security.

Re: isc_log_open 'named.run' failed

2005-08-29 Thread Theo de Raadt
If this is the stock BIND that ships with OpenBSD, shouldn't it just work without any permissions/ownership changes? OpenBSD does not ship with a stock BIND. It has privilege seperation added, which has already saved us from problems a few times. Yes, that means there might be some new small

Re: Lifecycle question

2005-09-06 Thread Theo de Raadt
The reason why I bother this list is that I am impressed of OpenBSD from the technical point of view. I like its consistency and purity. But in business environments or comparable organizations where money is an issue, one needs to think about system management very carefully, since it

Hardware wanted

2005-09-07 Thread Theo de Raadt
From time to time we get people offering us machines like ss10's and such. Well we don't need those anymore (we have a few test ones running in the project, and then quite a few more ss20's spread around, and enough spares here and there -- even in the server room here the sparc packages are

Re: OpenBSD 3.8 - http://www.openbsd.org/38.html - Question

2005-09-10 Thread Theo de Raadt
Hello everybody, I found an entry on the Website wich confused me: New functionality: . . . wd http://www.openbsd.org/cgi-bin/man.cgi?query=wdsektion=4 disks have the security feature frozen before being attached to prevent malicious users setting a password that would prevent the

Re: OpenBSD 3.8 - http://www.openbsd.org/38.html - Question

2005-09-10 Thread Theo de Raadt
Yes you're right Theo but isn't that a Problem an OS shouldn't deal with? Are you even trying to make sense? I mean that is no software related Problem. It's part of the physical security maybe or it's maybe part of your own net of trust. Theere some PRO and CONTRA but it deals mostly

Re: Preordering 3.8?

2005-09-12 Thread Theo de Raadt
Since a November release seems to be shaping up, any idea when we can begin pre-ordering? :-) I've like the idea of getting it without remembering to order at release time. In just a few days. We are still working on tshirt artwork.

Re: NYCBSDCON slides

2005-09-18 Thread Theo de Raadt
Jason Dixon wrote: I gave a modified version of my OSCON talk at the inaugural NYC BSD Conference yesterday (http://www.nycbsdcon.org). The big addition was a successful demonstration of a failover IPSec tunnel using sasyncd. Hi Jason, list Not sure if I'll get flamed for this,

Re: snapshots (was: Re: NFS server broken in -current?)

2005-09-20 Thread Theo de Raadt
In contrast, Otto zeroed in on the problem in minutes. And I had a patch 5 minutes later, and we are considering it.

Re: Portmap non-local set / unset attempt

2005-09-22 Thread Theo de Raadt
I'm receiving the following messages from portmap when starting Legato Networker's nsrexecd. The nsrexecd I'm running is the Linux version under emulation: portmap[16083]: non-local unset attempt (might be from 127.0.0.1) portmap[16083]: non-local set attempt (might be from 127.0.0.1)

Re: Portmap non-local set / unset attempt

2005-09-22 Thread Theo de Raadt
People keep yammering this bullshit about Security is a process. Bullshit! Lies! It's about paying attention to the frigging details when they are right in front of your face. And it is very clear other vendors do not pay attention to the details, considering the work I did here was

Re: Portmap non-local set / unset attempt

2005-09-22 Thread Theo de Raadt
Which is why I now know MORE about air-conditioners than most of the technicians who come here. The phrase, and everything you said, is all excuses for the vendors. I bet that the air-conditoner technicians believe that Air-conditioner maintainance is a process. Which is why they can never

Re: gcc-propolice question

2005-09-26 Thread Theo de Raadt
i noticed in the assembly generated from openbsd's gcc that when allocating the initial buffer , it subtracts more bytes than it normaly should. meaning: function(int , int , int){ char b0[10],b1[5],int* } should need 0x20 bytes instead openbsd's gcc subtracts 0x63 . is it cause of

Re: Which SATA controller to purchase

2005-09-26 Thread Theo de Raadt
Don't the OpenBSD developers already work hard enough, that now we are supposed to do even more boring business oriented things for you all? Every release, more people download OpenBSD and fewer people buy OpenBSD. But the solution is not to make OpenBSD developers web businessmen. That is a road

Re: Supermicro Dual Xeon 3.2ghz, doesn't boot with amd64:bsd.mp ... suggestions?

2005-09-26 Thread Theo de Raadt
Intel amd64-compatible machines today do not fully conform to the specifications that the amd64 codebase uses to find handle processors and interrupt routing and such. Intel still wants people to use the old old 32-bit only ways, or stupid ACPI. I don't know of anyone looking into this at the

Re: Which SATA controller to purchase

2005-09-26 Thread Theo de Raadt
Don't the OpenBSD developers already work hard enough, that now we are supposed to do even more boring business oriented things for you all? Every release, more people download OpenBSD and fewer people buy OpenBSD. But the solution is not to make OpenBSD developers web businessmen.

Re: Setting up printer with cups Epson Stylus Photo 820

2005-09-26 Thread Theo de Raadt
Someone is telling you to use a non-standard FreeBSD extension. That's hogwash. I suggest you advice them that their FAQ has an error. That is not standard to any other system. And even then, it is even more wrong. I've since found a link under the Gimp-Print FAQ that talks about the

OpenBSD 3.8 song

2005-09-27 Thread Theo de Raadt
The OpenBSD 3.8 song is now available, at http://www.openbsd.org/lyrics.html#38 Many wonderful new things have made it into OpenBSD 3.8, but we wanted to focus on one particular thing -- our support for native free-software RAID management on at least one brand of RAID card, those made

Re: Creating an MSDOS partiotion on OpenBSD

2005-09-27 Thread Theo de Raadt
I have an OpenBSD 3.7 i386 installation on an external usb-enclosure. I have some space left, and I would like to create an msdos partition (to transfer files between windows and OpenBSD). I have tried to create one using OpenBSD's fdisk; then I have formatted the new partition in windows

Re: One time passwords?

2005-09-27 Thread Theo de Raadt
If you don't trust the endpoint, no amount of one time passwords, or ssh will save you. You will get keylogged, or followed in, and owned. it's that simple. Why mess around with gymnastics like s/key from an untrusted host instead of solving the real threat to your security? I was in a

Re: One time passwords?

2005-09-27 Thread Theo de Raadt
If I use an OTP to log into a remote system via an untrusted host, and I don't type any further passwords in, what exposure am I presenting? What exactly do you think untrusted means in the phrase untrusted host? Come on, THINK...

Re: One time passwords?

2005-09-27 Thread Theo de Raadt
What exactly do you think untrusted means in the phrase untrusted host? That anything and everything will be captured and logged in plain text. That's what _I_ consider untrusted. Everything including the login credentials, but they're a one-time thing. Right? Is that not the case?

Re: Building bsd.rd with Adaptec Support

2005-09-28 Thread Theo de Raadt
What's the easiest way for me to build a bsd.rd disk that will allow me to upgrade my crappy Adaptec-powered machine from 3.6 to 3.7 or -current? Does bsd.rd have all the install/upgrade/shell stuff embedded in it, or is there some magic that is done by the ramdisks that are on the ftp

Re: question about OPENBSD_3_8_BASE

2005-09-28 Thread Theo de Raadt
I have a few questions regarding TAGs, especially for a new ones. When a X_Y_BASE TAG is issued for example OPENBSD_3_8_BASE, does that mean the sources are not changing anymore or are there still changes? How do you know when the code is fixed and will be the same as on the cd. When the

Cypress CY7C637xx and CY7C640/1xx USB serial devices

2005-09-28 Thread Theo de Raadt
If anyone has any USB serial devices based on the Cypress CY7C637xx and CY7C640/1xx chips, and is willing to give us one or two, we'd like that. (They are not currently supported, since they use hid instead of bulk) Mail me. Thanks.

Re: ThinkPad 600x Com Port

2005-09-28 Thread Theo de Raadt
a cisco router cu -s 9600 -l tty00 now that's what I would normally do to get access, any hints to where I am going wrong here would be great. pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo try using cua00 instead of tty00 The difference between these device nodes documented in

Re: Something hosing my msdos/FAT32 file system

2005-09-28 Thread Theo de Raadt
so which part of the referenced mail you don't understand? (http://marc.theaimsgroup.com/?l=openbsd-miscm=110488032901414w=2) let me see: openbsd version: check kernel dated: check environment: check instructions to repeat (even though somewhat vague, what can you do, it's the nature of

GDT raid cards

2005-09-28 Thread Theo de Raadt
If anyone has any spare GDT raid cards they are not using, please let me know. I suspect that it is the next target for the raid management stuff. (We now know how some pieces of the stuff work). Thanks.

Re: ATA Soft Updates or Write Caching

2005-09-30 Thread Theo de Raadt
When using ATA drives, I have to make a choice between write caching or soft updates, since write caching with soft updates creates an unsafe situation. I assume by 'write caching' you mean async. No. You have that wrong. async is always unsafe. Everything else you say says that you

Re: ATA Soft Updates or Write Caching

2005-09-30 Thread Theo de Raadt
I mean the hardware write cache built into the ATA drives In principle this is a problem. I reality it is not, or at least, it bites us very rarely. I read somewhere that, unlike SCSI drives, the write cache in ATA drives results in misinformation about when data was actually written to

Re: ATA Soft Updates or Write Caching

2005-09-30 Thread Theo de Raadt
On Fri, Sep 30, 2005 at 09:39:42PM +0200, Matthias Kilian wrote: I assume by 'write caching' you mean async. No. I think he meant caching by the disk device (see the note about atactl writecachedisable). I forgot: And thus may be as (or even more) worse as async. But then

Re: Serial Weather Station

2005-10-01 Thread Theo de Raadt
man 4 cua or man 4 tty Then see the section about cua(4) devices. And don't use tty's like that. That is what cua devices are for. Connecting out. I have a laptop at home which is an old dell latitude xpi p133 st. I use it as a small server, running OpenBSD 3.7. I would like to have my

Apple Mac G5 or G4 dual-cpu

2005-10-04 Thread Theo de Raadt
We would love it if someone is able to supply one or our developers in the Netherlands with a dual-cpu Mac. It does not matter if it is G4 or G5, either will do. If anyone can, please drop me a note. Thanks.

macppc G5 support coming

2005-10-04 Thread Theo de Raadt
Well, since Miod has kind of let the cat out of the bag regarding the G5 work, I might as well show the results, since I have the machine that is currently running it best, a dual G5 Xserve. About 3 weeks ago Mark Kettenis started the Apple G5 support effort. A little bit later Dale joined in to

Re: Apple Mac G5 or G4 dual-cpu

2005-10-04 Thread Theo de Raadt
We would love it if someone is able to supply one or our developers in the Netherlands with a dual-cpu Mac. It does not matter if it is G4 or G5, either will do. If anyone can, please drop me a note. Thanks. So SMP is next on the list of Mark Kettenis after G5 support? Splendid! No

Re: problems with new macppc snapshot

2005-10-05 Thread Theo de Raadt
I've just upgraded my Powerbook G4 to the latest macppc snapshot and now I have a problem booting. Under openfirwware, I type the following : boot hd:,ofwboot /bsd It starts fine (as it always did for the last 10 months), the kernel gets loaded _but_ it looks like it does not find the

Re: High Interrupt Mode Reported by 'Top' for Soekris 4801

2005-10-06 Thread Theo de Raadt
If the Soekris did not come with ethernet chipsets which are just slightly over the bar of rl(4), the wimpy processor in the machine might be able to cope.

Re: High Interrupt Mode Reported by 'Top' for Soekris 4801

2005-10-06 Thread Theo de Raadt
If the Soekris did not come with ethernet chipsets which are just slightly over the bar of rl(4), the wimpy processor in the machine might be able to cope. Throughput is only marginally better using an em in the pci slot of a 4801. I think there's some other problem. Yeah -- the super

Re: Slow write speed on ICH6R

2005-10-13 Thread Theo de Raadt
so try to help each other and don't be a smartass... OK, I'm getting tired of this. You think someone is going to help you now? No. We're going to delete your mail. We are going to utterly ignore you from now on. I do it all the time. It is much easier to delete mail from people like you.

Re: how to tell if I getting anything out of my hifn1411 card

2005-10-13 Thread Theo de Raadt
Even though the card is detected, I'm not seeing any boost in IPsec performance. Cpu is a Geode1100 - doing 10Mb/s IPsec has it maxed out :) The cpu is unable to feed the crypto card fast enough. You would think that doing crypto operations, especially 3DES is a lot of work. And it is. But

Re: ipsecadm group returns write: Invalid argument

2005-10-13 Thread Theo de Raadt
By the way, I think a lot of you should start using isakmpd -a and ipsecctl and ipsec.conf more. It is a better way to use Ipsec. Check out the man pages. And when you find weaknesses or things not yet written, mail hshoexer@ and prod him to complete it ;-) Thanks.

Re: Happy Birthday OpenBSD ! 10 years !

2005-10-14 Thread Theo de Raadt
Oct 14 OpenBSD born, Saturday 16:36 MST, 1995 Sorry, but so many of you are uninformed. RCS file: /cvs/src/Makefile,v revision 1.1 date: 1995/10/18 08:37:01; author: deraadt; state: Exp; branches: 1.1.1; Initial revision That is when the repository was created. That is the official

Re: Happy Birthday OpenBSD ! 10 years !

2005-10-14 Thread Theo de Raadt
Mickey's calendar is not telling the truth. There problem is there are a few things which happened in the days beforehands (13th, 14th, 17th) as the decision to setup a repository started being taken. It took a few days to get things imported just right. Machines were slow back in those days,

Re: wi(4) or wicontrol broken

2005-10-16 Thread Theo de Raadt
You tried to go back... (3.8-current - OPENBSD_3_8_BASE which corresponds to 3.8-release). If you want 3.8-release, the easiest thing to do will be to wait for the actual release, and then install from scratch. Are you saying that the snapshot of 10/14 is 3.8-current? If so, my bad. Let

Re: apm: connect error on IBM R50e

2005-10-17 Thread Theo de Raadt
On Mon, Oct 17, 2005 at 03:27:12PM +0200, PrzemysE?aw Nowaczyk wrote: Jason McIntyre wrote: i don't know much about the issues involved (i don't know anything about them actually) but basically apm is not supported on this machine. i have an r40e with the same issue, and it is a

OpenBSD's 10th birthday

2005-10-18 Thread Theo de Raadt
Now it is really OpenBSD's 10th birthday ;)

Re: OpenBSD Kernel Crash in uvm_fault or uvm_rb_remove (not quite sure which it originates from)

2005-10-18 Thread Theo de Raadt
On Tue, 18 Oct 2005 09:22:26 -0600 Wolfpaw - Dale Corse admin- [EMAIL PROTECTED] wrote: It dropped to DDB (because I forgot to disable it :( and I did The following: First thing you should probably do is actually read what is on the screen and actually send the output of ps,

Re: Assigning static device names for USB devices

2005-10-18 Thread Theo de Raadt
On 10/18/05, Chris Kuethe [EMAIL PROTECTED] wrote: On 18/10/05, Ray Lai [EMAIL PROTECTED] wrote: On Sun, Oct 16, 2005 at 09:00:16PM +0300, Antti Harri wrote: I have two USB printers, is there a way to assign a fixed device name instead of device name being assigned dynamically?

Wolfpaw - Dale Corse

2005-10-19 Thread Theo de Raadt
People -- just ignore him. He may use OpenBSD, but if he can't stop himself from being a beligerant fool, not submitting the right reports, why bother wasting eveveryone's time by chit-chatting and arguing with him? Do what the developers do -- delete his mail and don't respond.

Re: em(4) problems with -current

2005-10-19 Thread Theo de Raadt
Someone with one of these problematic cards should put it in the mail to Brad in Toronto. That is your best bet.

Re: Statefull VPN failover a fork from Re: iptables vs pf

2005-10-21 Thread Theo de Raadt
Please note that at this time, sasyncd can fail IPSEC associations to a 2nd machine But not yet fail them back, when the master recovers The developer of this stuff hasn't finished it yet.

Re: OpenBSD MetaStore: Distributed hosting?

2005-10-22 Thread Theo de Raadt
Please take this off our lists. I am sure noone cares. Why block access to your website in an attempt to block spam? Spam harvesters? If so it's pointless, these lists are archived all over the net, your address is already out there. No, I just block netblocks because I don't care

Re: openssh in other products

2005-10-25 Thread Theo de Raadt
Public Domain is a legal term, meaning that all the potential rights handed by copyright have been surrendered. Since we retain one of the basic rights of Copyright law (to be known as the author) it is important that noone incorrectly state the legal position of the source code. Under Copyright

Re: Wireless bridge setup

2005-10-26 Thread Theo de Raadt
If I remember correctly, bridging only works in hostap mode. Bingo, someone remembered -- and that is correct. In the other modes, MAC addresses of course do not get exposed correctly, and your access point cannot impersonate the other hosts it is required to. It is fairly obvious if you think

Re: LSISAS1068 driver support

2005-10-27 Thread Theo de Raadt
The chipset is LSI SAS 1068, and according to LSI, supported with the mpt driver. Here is the link to LSI's information: http://www.lsilogic.com/products/sas_ics/lsisas1068.html Unlike what Olivier had to pipe up with (why are so many of our users sending useless mails these days?)...

Re: strcpy to strlcpy warnings

2005-10-27 Thread Theo de Raadt
First of all, it's been a while since I've written c, so I'm curious if this is a bulk change I can do. I'm changing code that another programmer did, but we got rid of him for doing stupid things. So I'm auditing his source code on a few of our customer's sites and I came across a

Re: spamd -s option

2005-10-29 Thread Theo de Raadt
In the source to to spamd, specifically spamd.c , I see that the maximum value of the -s option is 10 (seconds). What is the reason for this please? Anyone know or hazard a guess? Many spammers automatically disconnect when this is done.

Re: a truly openbsd day

2005-10-31 Thread Theo de Raadt
I'd love to see a bootable OpenBSD desktop CD with all applications tightly wrapped by systrace, so I don't need to recreate and redistribute the boot disk after each new Firefox, GAIM, etc exploit. It is really unfortunate that I have never seen a perfect systrace policy. Not once. Not even

3.8 release, November 1 2005

2005-10-31 Thread Theo de Raadt
ports.tar.gz src.tar.gz sys.tar.gz OpenBSD 3.8 includes artwork and CD artistic layout by Ty Semaka, who also arranged an audio track on the OpenBSD 3.8 CD set. Ports tree and package building by Peter Valchev, Nikolay Sturm and Christian Weisgerber. System builds by Theo de Raadt and Kenji

Re: A great article ( found on the OpenBSD site)

2005-11-01 Thread Theo de Raadt
Ah, an American speaks. Sounds like a bold and daring idea, but one should be aware that they might find themselves unemployed if they practice such a philosophy at most companies. PG quote: My experience is that if something has to be done, just do it - don't ask! They

Re: amd64 port works on Intel EM64T?

2005-11-01 Thread Theo de Raadt
After a search of the lists, it seems that the amd64 port will work on Intel EM64T hardware. Does the OpenBSD AMD64 port avoid the prefetch/prefetchx that Intel is supposed to have screwed up with their AMD64 clone? I don't think we use that functionality. There are other slight differences

Re: Crypto card question

2005-11-01 Thread Theo de Raadt
I'm setting up an OpenBSD 3.7 box as a VPN/SSH server. It will have a Broadcom 5805 installed to help offload some of the crypto processing. Our employees have laptops with XP loaded and Intel Pro 100/S cards installed. Will the crypto functionality on these cards work in conjunction with the

Re: Crypto card question

2005-11-02 Thread Theo de Raadt
On 11/2/05, Theo de Raadt [EMAIL PROTECTED] wrote: I'm setting up an OpenBSD 3.7 box as a VPN/SSH server. It will have a Broadcom 5805 installed to help offload some of the crypto processing. Our employees have laptops with XP loaded and Intel Pro 100/S cards installed

Re: Telnet daemon retired in 3.8 ?

2005-11-10 Thread Theo de Raadt
It in not the question of sshd works or, not! In large environments, where you have a large number of legacy hardware (like Apollo 700, HP 3000, HP 7000, Solaris 2.5.1 etc., etc.), and the purpose of a UNIX box is other than to run a firewall, a webserver, mail-server, or MySQL, plus you

Re: Access Control Mechanism (DAC x MAC)

2007-07-03 Thread Theo de Raadt
Having Read about computer security, one of the parts that mostly called up my atention were the access control mechanisms. I've found out that the mechanism used by mostly of the Unix-like systems is DAC (Discretionary Access Control) and as I could see OpenBSD fits in that mechanism as

Re: WRAP board IIC port

2007-07-04 Thread Theo de Raadt
On Sat, Jun 30, 2007 at 10:46:55AM +0200, Leon Komlo?i wrote: I'm trying to connect various IC's to IIC port on WRAP.1E board. Without any success. IC's are Dallas DS1621,DS1631,DS1624. Here is dmesg line: DS1621: iic1: addr 0x48 22=0a 40=0a 41=0f 42=0a 43=0a 44=0a 45=0a 46=0a

Re: i386 - ramdiskA full again?

2007-07-04 Thread Theo de Raadt
Using a July 3 checkout, make release fails with file system full -- is it just me? Kind of. Things like this will happen, and then they will be fixed. Then they will happen again. That's just the process. Noone really needs to alert us, since we have to cope with this on our own already.

Re: Hmm...

2007-07-25 Thread Theo de Raadt
Somebody wrote on undeadly that they had arranged for Theo to get one so this shouldn't be any problem. Theo anything you can confirm so people doesn't send you several of these which money could go to other better stuff. I can confirm there's a card on the way. Thanks guys.

The OpenBSD Foundation

2007-07-26 Thread Theo de Raadt
There have been a few questions as to whether I endorse the OpenBSD Foundation. That question comes up because the OpenBSD Foundation is not the same as OpenBSD. The Foundation is a parallel entity which builds a new way for funding the project; making it easier for companies and other

Re: netboot vs pxeboot

2007-07-31 Thread Theo de Raadt
am working through a netboot install onto a sparc64 machine and noticed that netboot != pxeboot and want to determine the minimum requirements for netbooting. so with netbooting it requires rarpd, tftp and NFS? not used to the NFS requirement when pxebooting and usually just have dhcpd

Re: Kuro5hin: OpenBSD Founder Theo deRaadt Has Conflict of Interest With AMD

2007-08-05 Thread Theo de Raadt
OpenBSD Founder Theo deRaadt Has Conflict of Interest With AMD By David Marcus, 2007-08-05 03:41:29 Section: Technology, Topic: I formerly had a great deal of respect, bordering on admiration, for Theo deRaadt's refusals to compromise his open source principles, even in the face

Re: setting dscp or tos bits

2007-08-23 Thread Theo de Raadt
And here we come full circle. Given the OpenBSD now IS a router -- whether it's a little two-interface pf box for home use or some big studly hardware running OpenBGPD and OpenOSPFD box for ISPs, I would say the addition of support for DSCP re-marking would be a very desirable feature.

Software freedom

2007-08-26 Thread Theo de Raadt
If anyone had any doubt that our insistance on freedom was important, just read this. http://mail-index.netbsd.org/source-changes/2007/08/24/0027.html What is even more astounding is the incestious love-in these other groups have, with their Sam-worship, that prevents them from doing the obvious

Re: Software freedom

2007-08-27 Thread Theo de Raadt
rest of the kernel uses it to store the value of curlwp. Sam won't recompile the HAL for us (fair enough), and we can't modify the HAL to use another register because doing so could put us in breach of the license (v. crappy). So, do a save/set/restore on %s7 in KernIntr() How hard is

Re: FOSS Open Hardware Documentation

2007-08-28 Thread Theo de Raadt
On Tue, Aug 28, 2007 at 04:08:02PM +0100, Edd Barrett wrote: On 28/08/07, Craig Skinner - Sun Microsystems - Linlithgow - Scotland Yay! Action at last. Wow! This is great news. Better late than never, but damn is it late. Indeed, that is the correct sentiment regarding Sun's action

Re: Linux Driver Violates BSD License

2007-08-28 Thread Theo de Raadt
On 8/28/07, Darrin Chandler [EMAIL PROTECTED] wrote: Normally I wouldn't repeat undeadly stuff here on misc@, but I'm sure many of you will want to know. http://undeadly.org/cgi?action=articlesid=20070829001634 And if you do this kind of thing, it's worth letting the rest of the

That whole Linux stealing our code thing

2007-08-31 Thread Theo de Raadt
[bcc'd to Eben Moglen so that people don't flood him] I stopped making public statements in the recent controversy because Eben Moglen started working behind the scenes to 'improve' what Linux people are doing wrong with licensing, and he asked me to give him pause, so his team could work.

Re: That whole Linux stealing our code thing

2007-09-01 Thread Theo de Raadt
On Saturday 01 September 2007 05:40:52 Theo de Raadt wrote: It is illegal to modify a license unless you are the owner/author, because it is a legal document. If there are multiple owners/authors, they must all agree. A person who receives the file under two licenses can use the file

Re: That whole Linux stealing our code thing

2007-09-01 Thread Theo de Raadt
Theo de Raadt wrote: For the record -- I was right and the Linux developers cannot change the licenses in any of those ways proposed in those diffs, or that conversation (http://lkml.org/lkml/2007/8/28/157). It is illegal to modify a license unless you are the owner/author, because

Re: That whole Linux stealing our code thing

2007-09-01 Thread Theo de Raadt
? a. Copyright 2006 Theo de Raadt. b. Copyright 2006 Theo de Raadt You may use or distribute this file without modifications. The answer is b. The first licence grants NO RIGHTS AT ALL, and retains them all for the author

  1   2   3   4   5   6   7   8   9   10   >