dera...@openbsd.org (Theo de Raadt), 2015.12.02 (Wed) 02:18 (CET):
> >I don't think that quite covers it. Those of us who have the choice
> >can send checks or Paypal money directly to Theo, as described on the
> >Donations page. I think checks are preferable, because they eliminate
> >Paypal skimm
On Tue, Dec 01, 2015 at 08:54:25AM -, Sarevok Anchev wrote:
> Hello,
>
> Recently I submitted openbsd_rcctl to ansible. In order to speed up the
> process of having it included by default, I'm asking the community to
> review/test the module and drop a comment at
> https://github.com/ansible/a
On Tue, Dec 1, 2015 at 11:21 PM, Tinker wrote:
> So your current solution is *NOT* data-safe toward "mis-write":s and other
> write errors that go unnoticed at write time.
yes, if write error is silent, drive do not know about it nor it
signals to OS, then yes, this will go unnoticed. If drive s
On Wed, Dec 2, 2015 at 6:06 AM, Tinker wrote:
> In comparison, Karel's RAID1C in its present form would be like downloading
> the file twice, and per-block CRC32 hashes twice, and then comparing both
> copies to know you got the right thing.
>
> That's nice as it provides some automatic healing, b
On 2015-12-02 17:31, Karel Gardas wrote:
I think RAID1C is capable of detecting mis-directed write. I wrote
about it in some of my previous email.
Hi Karel,
I'll follow up on the other things in a separate email later, but, you
clarify that you think RAID1C has protection against misdirected
On Tue, Dec 01, 2015 at 05:53:22PM -0800, Nathan Wheeler wrote:
> I have a similar sort of setup during installs and I clear out the
> first 10m before setting up the CRYPTO disk and it works for me. I
> don't think you're zeroing out enough at the beginning of the disk.
>
> dd if=/dev/zero of=/de
As "hotplug pseudo-device passes device attachment and detachment
events", does it mean it is too late to blacklist/whitelist hotplug
devices?
I was checking https://github.com/dkopecek/usbguard and I got
curious if blacklisting/whitelisting of removable usb devices
could be done in hotplugd.
j.
On Wed, Dec 2, 2015 at 10:39 AM, Tinker wrote:
> On 2015-12-02 17:31, Karel Gardas wrote:
>>
>> I think RAID1C is capable of detecting mis-directed write. I wrote
>> about it in some of my previous email.
>
>
> Hi Karel,
>
> I'll follow up on the other things in a separate email later, but, you
>
On 2015-12-02 18:10, Karel Gardas wrote:
On Wed, Dec 2, 2015 at 10:39 AM, Tinker wrote:
On 2015-12-02 17:31, Karel Gardas wrote:
I think RAID1C is capable of detecting mis-directed write. I wrote
about it in some of my previous email.
Hi Karel,
I'll follow up on the other things in a sepa
On Wed, Dec 02, 2015 at 10:44:44AM +0100, Patrik Lundin wrote:
> On Tue, Dec 01, 2015 at 05:53:22PM -0800, Nathan Wheeler wrote:
> > I have a similar sort of setup during installs and I clear out the
> > first 10m before setting up the CRYPTO disk and it works for me. I
> > don't think you're zeroi
> To answer your question: In that case, as soon as that invalid data would
> actually be read from disk, it would be caught by the checksums that are
> guaranteed to be kept in RAM, so that is, the first-level checkums (or the
> über-checksum) match would fail.
Ah, ok, but then this is safe only
I'm puzzled by the following. According to the documentation it should work?
The example at http://www.openbsd.org/faq/pf/anchors.html indeed works,
but that's an inline anchor.
Here's the problem: I would like to define a macro in an anchor, and use
that macro in other anchors below it -- like
I just wanted to thank everyone for their feedback. Thanks a lot!
You guys are amazing.
Best regards,
Felipe Gomes
On Wed, Dec 2, 2015 at 4:03 AM, Bruno Flueckiger wrote:
> On 01.12.2015 16:50, Felipe Gomes wrote:
>
>> Folks,
>>
>> I've been trying to search for more information on OpenBSD as
Hi list,
I don't know how to start to make Deep Packet Inspection. My interest is
OpenBSD and pf related.
Anyone has already used on OpenBSD? It is possibile on OpenBSD with
shipped (base/ports) software?
Every tips are appreciated.
Thanks in advance.
On Tue, 1 Dec 2015 20:41:15 +
Callum Davies wrote:
> I have two "devices" using IA32 UEFI firmware with 64-bit
> hardware. An Asus EeeBook X502TA and qemu-system-x86_64 with
> an IA32 TianoCore firmware. Neither of these will boot from
> snapshots/amd64/install58.fs.
>
> Attempting to run b
On Wed, Dec 02, 2015 at 12:45:26PM +0100, Alessandro Baggi wrote:
> Hi list,
> I don't know how to start to make Deep Packet Inspection. My interest is
> OpenBSD and pf related.
>
> Anyone has already used on OpenBSD? It is possibile on OpenBSD with shipped
> (base/ports) software?
>
> Every tips
On Wed, Dec 02, 2015 at 11:34:25AM +0100, Raimo Niskanen wrote:
>
> If you are zeroing the char devices under the feet of a running OS i would
> not dare to guess what happens. Can you try to zero the key disk and the
> first 1MB of the RAID partition from bsd.rd instead?
>
Given that I can not
When i push home at a ksh prompt in xterm, the cursor goes to the beginning of
the line. When i do the same in tmux, nothing happens.
TERM in xterm is xterm. TERM in tmux is screen.
How do i fix this? (Why do i need to fix it?)
On Tue, Dec 1, 2015 at 8:18 PM, Theo de Raadt wrote:
>>"All I can do is buy the CD's and give some $ to the
>>foundation. Any other suggestion is not productive."
>>
>>I don't think that quite covers it. Those of us who have the choice
>>can send checks or Paypal money directly to Theo, as descri
On 2015-12-02, Alessandro Baggi wrote:
> Hi list,
> I don't know how to start to make Deep Packet Inspection. My interest is
> OpenBSD and pf related.
>
> Anyone has already used on OpenBSD? It is possibile on OpenBSD with
> shipped (base/ports) software?
>
> Every tips are appreciated.
>
> Than
2 décembre 2015 13:00 "Felipe Gomes" a écrit:
> I just
wanted to thank everyone for their feedback. Thanks a lot!
>
> You guys are
amazing.
>
> Best regards,
> Felipe Gomes
>
> On Wed, Dec 2, 2015 at 4:03
AM, Bruno Flueckiger wrote:
>
>> On 01.12.2015 16:50,
Felipe Gomes wrote:
>>
>>> Folks,
On Tue, 1 Dec 2015 23:49:37 + (UTC)
Stuart Henderson wrote:
> Neither isakmpd nor iked tracks DNS changes.
This is good to know, thank you for the information.
> On the central side use "passive" not "dynamic". Remove the "peer
> $gw_branche" to set this for the 'default peer' (i.e. to avoi
Do you have anything in your .tmux.conf?
On Wed, Dec 2, 2015 at 6:42 AM, Ted Unangst wrote:
> When i push home at a ksh prompt in xterm, the cursor goes to the
> beginning of
> the line. When i do the same in tmux, nothing happens.
>
> TERM in xterm is xterm. TERM in tmux is screen.
>
> How do i
I don't search an all in one solution software for DPI, but asking if
there is some software on base/ports to accomplish to this purpose and
if someone had configured a solution with OBSD for DPI (personal
experiences). My question is malformed, sorry.
Il 02/12/2015 13:25, Romain FABBRI ha sc
Em 02-12-2015 12:56, Alessandro Baggi escreveu:
> I don't search an all in one solution software for DPI, but asking if
> there is some software on base/ports to accomplish to this purpose and
> if someone had configured a solution with OBSD for DPI (personal
> experiences). My question is malforme
Em 02-12-2015 10:42, Ted Unangst escreveu:
> How do i fix this? (Why do i need to fix it?)
Coincidentally, I saw that same question asked today on IRC and it
wasn't even on OpenBSD. The OP changed it by setting TERM to xterm-256
if I'm not mistaken. And he also nailed it down to the fact that the n
Em 02-12-2015 07:56, Sarevok Anchev escreveu:
> .. but I don't think it's relevant as I've tried to run the test between
> pf.conf and the base anchor, and still macros defined in pf.conf are not
> available from /etc/pf/anchors/base.
>
> Is this intended behaviour?
Macros need to be present in eac
I have recently upgraded my OpenBSD server from 5.6 to 5.8 (following
the appropriate procedure and not skipping upgrades, of course).
Unfortunately, when I finished the 2 hops from 5.6 to 5.8, I realized
that claws-mail was no longer able to access the GPG key agent (I think
that's what it uses,
I have no clue what a hackathon costs, any ballpark averages?
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Theo de Raadt
Sent: Wednesday, December 2, 2015 11:11 AM
To: Donald Allen
Cc: Theo de Raadt; misc; Richard Thornton
Subject: Re: A
> But if we lose the project leader due to lack of exercise and food,
> that's not good for the project. You made it very clear in a previous
> message to this thread that no Foundation money comes to you. So while
> the Foundation may be doing good things with their money, we, the
> community, nee
Ax0n wrote:
> Do you have anything in your .tmux.conf?
No, don't have one. (i don't want one)
> I have no clue what a hackathon costs, any ballpark averages?
http://www.openbsdfoundation.org/financials/2014/IncomeStatement2014.txt
http://www.openbsdfoundation.org/financials/2013/IncomeStatement2013.txt
These reports can be compared against http://www.openbsd.org/hackathons.html
to find ev
Giancarlo Razzolini wrote:
> Em 02-12-2015 10:42, Ted Unangst escreveu:
> > How do i fix this? (Why do i need to fix it?)
> Coincidentally, I saw that same question asked today on IRC and it
> wasn't even on OpenBSD. The OP changed it by setting TERM to xterm-256
> if I'm not mistaken. And he also
On Wed, Dec 02, 2015 at 01:35:10PM +0100, Patrik Lundin wrote:
> On Wed, Dec 02, 2015 at 12:45:26PM +0100, Alessandro Baggi wrote:
> > Hi list,
> > I don't know how to start to make Deep Packet Inspection. My interest is
> > OpenBSD and pf related.
> >
> > Anyone has already used on OpenBSD? It is
On Wed, Dec 2, 2015 at 11:11 AM, Theo de Raadt wrote:
>> But if we lose the project leader due to lack of exercise and food,
>> that's not good for the project. You made it very clear in a previous
>> message to this thread that no Foundation money comes to you. So while
>> the Foundation may be d
Folks,
I'm kinda worried with the performance: the host is a Dell R815 4 CPU
Opteron 6136 / 64GB. There are no other VMs at the moment, just a single
stance of OpenBSD 5.8 installed, 4 virtual CPUs, 8 GB RAM.
I've already enabled softdep on fstab, however it's taking more than 45
minutes to compi
On 2015-12-02 16:21, Theo de Raadt wrote:
I have no clue what a hackathon costs, any ballpark averages?
http://www.openbsdfoundation.org/financials/2014/IncomeStatement2014.txt
http://www.openbsdfoundation.org/financials/2013/IncomeStatement2013.txt
These reports can be compared against
htt
On 25. Nov 8:02:17, Stuart Henderson wrote:
> On 2015-11-24, Uwe Werler wrote:
> > Hello,
> >
> > I'm just testing ssl interception and noticed the following problem.
> > Sometimes the Subject/Subject Alternative Name of the cert is altered with
> > a different name than the one the original ce
On 2015/12/02 14:53, Uwe Werler wrote:
> On 25. Nov 8:02:17, Stuart Henderson wrote:
> > On 2015-11-24, Uwe Werler wrote:
> > > Hello,
> > >
> > > I'm just testing ssl interception and noticed the following problem.
> > > Sometimes the Subject/Subject Alternative Name of the cert is altered
> >
On Wed, Dec 02, 2015 at 02:40:48PM -0200, Felipe Gomes wrote:
> I'm kinda worried with the performance: the host is a Dell R815 4 CPU
> Opteron 6136 / 64GB. There are no other VMs at the moment, just a single
> stance of OpenBSD 5.8 installed, 4 virtual CPUs, 8 GB RAM.
>
> I've already enabled sof
Ax0n wrote:
Do you have anything in your .tmux.conf?
Ha, I have a funny problem in tmux that thwarts me. I changed the prefix key to C-a but the sequence C-a C-a doesn't
work like C-b C-b,
the C-a doesn't ever seem to get sent to the shell. Which means I can't jump to head-of-line Emacs-style l
We'll see if this gets to the list, sending from a phone.
Anyway, screen steals C-a so to jump to the start of a line, hit C-a, then a
again.
Might work for you.
> 2 dec. 2015 kl. 18:43 skrev Jack J. Woehr :
>
> Ax0n wrote:
>> Do you have anything in your .tmux.conf?
>>
> Ha, I have a funny pro
Hi,
I'm looking for a uwsgi port for use with nginx and django. Searching
the ports collection I don't find anything. I'd like to know if that's
not done because no one has needed it yet or because of some security
implication that I don't know about.
I'd prefer a port since I don't want to use t
Johan Mellberg wrote:
Anyway, screen steals C-a so to jump to the start of a line, hit C-a, then a
again.
Doesn't work :(
--
Jack J. Woehr # Science is more than a body of knowledge. It's a way of
www.well.com/~jax # thinking, a way of skeptically interrogating the universe
www.softwoehr.c
On 2015-12-02, Christopher Sean Hilton wrote:
> Hi,
>
> I'm looking for a uwsgi port for use with nginx and django. Searching
> the ports collection I don't find anything. I'd like to know if that's
> not done because no one has needed it yet or because of some security
> implication that I don't
Node.js modules have been removed also in favor of npm.
I highly recommend virtualenv and pip to keep your system cleaner if not
every other reason (package versions, incompatibilities, etc).
Keep Python packages away from your system and into their own environment.
On Dec 2, 2015 6:58 PM, "Christo
On Wed, Dec 02, 2015 at 01:37:52PM -0200, Giancarlo Razzolini wrote:
> Macros need to be present in each anchor file. Tables don't need to. I
> have a little script that copies all my macros after I edit /etc/pf.conf
> to the anchors. I use commented marks on /etc/pf.con to know where to
> begin co
Spending a little time with 'cat -v', I ended up with the following
non-.tmux.conf approach to making home/end happy in tmux with an
otherwise-unmodified ksh shell:
bind '^[[1~'=beginning-of-line
bind '^[[4~'=end-of-line
It doesn't appear to break normal xterm[-256color] use.
These are still wor
Philip Guenther wrote:
My crystal ball says that you changed the prefix but didn't change the
binding of 'a'. I would verify my crystal ball against your
config...but you didn't show your config...
I only made the change I noted, and thank you for some helpful advice!
--
Jack J. Woehr # S
If you have multiple apps in production with different versions of packages
that break compatibility then you'll be in a world of pain.
You also have supervisor to make it rc-able.
On Dec 2, 2015 7:52 PM, "Christopher Sean Hilton"
wrote:
> On Wed, Dec 02, 2015 at 07:19:25PM +, Pedro Tender wr
On Wed, Dec 2, 2015 at 9:43 AM, Jack J. Woehr wrote:
> Ha, I have a funny problem in tmux that thwarts me. I changed the prefix key
> to C-a but the sequence C-a C-a doesn't work like C-b C-b,
> the C-a doesn't ever seem to get sent to the shell. Which means I can't jump
> to head-of-line Emacs-st
On Wed, Dec 02, 2015 at 07:19:25PM +, Pedro Tender wrote:
> Node.js modules have been removed also in favor of npm.
> I highly recommend virtualenv and pip to keep your system cleaner if not
> every other reason (package versions, incompatibilities, etc).
> Keep Python packages away from your s
Everything boils down to whether you'd like to run more than one app on
your box.
> While I love pip and virtualenv in development, I don't understand the
> advantage they offer over the system package manager on a production
> machine.
Easy: whenever you can't be bothered with proper containers.
On 2 December 2015 at 12:11, YASUOKA Masahiko wrote:
> On Tue, 1 Dec 2015 20:41:15 +
> Callum Davies wrote:
>> I have two "devices" using IA32 UEFI firmware with 64-bit
>> hardware. An Asus EeeBook X502TA and qemu-system-x86_64 with
>> an IA32 TianoCore firmware. Neither of these will boot
On 30.11.2015 14:08, Atanas Vladimirov wrote:
Hi,
I'm not sure if this is related to resent em(4) changes, but after
upgrade from:
Hi,
Just ignore my previous assumptions. I thinks that I found the real
cause for
this upload speed problem. I'm using ifstated to inform me when
something goe
On Wed, 2 Dec 2015 07:58:26 -0800, Damon Getsman
wrote:
> I realized
> that claws-mail was no longer able to access the GPG key agent (I
> think that's what it uses, my apologies if I'm using the wrong
> terminology) and had switched to using some console based passphrase
> dialog.
Hi,
First of
On Wed, Dec 02, 2015 at 07:54:48PM +, Pedro Tender wrote:
> If you have multiple apps in production with different versions of packages
> that break compatibility then you'll be in a world of pain.
I do see that advantage.
> You also have supervisor to make it rc-able.
pip/virtualenv include
On Wed, Dec 02, 2015 at 09:16:05PM +0100, Kamil CholewiÅski wrote:
> Everything boils down to whether you'd like to run more than one app on
> your box.
>
> > While I love pip and virtualenv in development, I don't understand the
> > advantage they offer over the system package manager on a produc
I'm trying to make several changes to my disklabel at once. If I try
to do it with -R to read in a file I get disklabel: ioctl DIOCWDINFO:
Open partition would move or shrink
So I used -E and used the interactive editor, which let me get through
the same edits without complaining about anything,
> I'm trying to make several changes to my disklabel at once. If I try
> to do it with -R to read in a file I get disklabel: ioctl DIOCWDINFO:
> Open partition would move or shrink
You are attempting to change the position or size of a mounted partition.
You can't do that. The filesystem will at
On Wed, Dec 02, 2015 at 09:19:25PM +, Pedro Tender wrote:
>You have a port http://ports.su/sysutils/supervisor
>
Thanks for the tip, that's exactly what I'm looking for!! I also
wanted to say thanks for the input. I understand what you are saying
and when I run into version incompatiblity
I understand what it's saying but I can't figure out which one it's
complaining about. All I have mounted is:
freebie# mount
/dev/wd0a on / type ffs (local)
/dev/wd0i on /win_c type msdos (local)
/dev/wd0l on /win_d type msdos (local)
/dev/wd0m on /win_e type msdos (local)
/dev/wd0n on /usr type
You have a port http://ports.su/sysutils/supervisor
On Dec 2, 2015 8:54 PM, "Christopher Sean Hilton"
wrote:
> On Wed, Dec 02, 2015 at 07:54:48PM +, Pedro Tender wrote:
> > If you have multiple apps in production with different versions of
> packages
> > that break compatibility then you'll b
Karel, the most important thing at the bottom of the email :)
On 2015-12-02 19:10, Karel Gardas wrote:
To answer your question: In that case, as soon as that invalid data
would
actually be read from disk, it would be caught by the checksums that
are
guaranteed to be kept in RAM, so that is, the
On 02.12.2015 22:25, Atanas Vladimirov wrote:
On 30.11.2015 14:08, Atanas Vladimirov wrote:
Hi,
I'm not sure if this is related to resent em(4) changes, but after
upgrade from:
Hi,
Just ignore my previous assumptions.
Hi,
Sorry for the noise! Please ignore all of my previous emails.
It se
On 2015-12-02 08:26, Patrik Lundin wrote:
Hello,
I have a custom installer script which automatically creates RAID
devices and assembles an sd1 CRYPTO device before the ordinary
installer
continues (making the installer use sd1 for the rest of the
installation).
This works well, other than ne
I don't think it should be the contributors who should choose directly to who
the money is "attributed".
That being exactly the role of the foundation, in my opinion.
But maybe :
- the foundation could take into account the time given by each dev
- the devs could have their own votes in regards to
> You already implemented caching of checksums
no, this part is not working yet.
> I would guess the whole total-checksum functionality could be done in
> 1000-2000 locs. Feels realistic?
I don't think so, but please try it and send me your patch.
On Thu, Dec 03, 2015 at 05:52:13AM +0800, Tinker wrote:
> On 2015-12-02 08:26, Patrik Lundin wrote:
> >
> >This works well, other than needing this patch since the keydisk is on
> >the same harddrive:
> >http://marc.info/?l=openbsd-misc&m=141450636905550&w=2
>
>
> I vote +1 for including this pat
I want to be able to use systrace for privilege escalation for kompare for
sysmerge diffs and kate. Why isn't systrace able to do this?
-Luke
03 дек. 2015 г. 4:27 полÑзоваÑÐµÐ»Ñ "Luke Small"
напиÑал:
>
> I want to be able to use systrace for privilege escalation for kompare for
> sysmerge diffs and kate. Why isn't systrace able to do this?
Because noone wrote a systrace policy for Kate and Kompare (for your
install
I don't see anything in the archives about this. On 5.7 i386 with
fvwm several times a day my cursor changes to the left-pointing finger
arrow that Firefox uses to point to links and clicking on things has
no effect. I can't change the focus, if an rxvt window has the focus
I can type in it. Toda
72 matches
Mail list logo