Re: mpv won't play video : "Consider fixing your graphic drivers"
Sylvain Saboua writes: > [vo/sdl] Using opengl > [vo/sdl] Warning: this legacy VO has bad performance. Consider fixing > your graphics drivers, or not forcing the sdl VO. This message is specific to the sdl and xv outputs. The mpv manpage says: The recommended output driver is --vo=gpu, which is the default. All other drivers are for compatibility or special purposes. If the default does not work, it will fallback to other drivers (in the same order as listed by --vo=help). So either you're specifying sdl manually (in a config file?) or the default is not working and mpv is falling back to sdl. Can you confirm which it is? > What could go wrong ? I doubt that it would only be that my > computer isn't powerful enough. I have tried different --vo > arguments without success. What does "without success" mean? That it continues to fall back to sdl and print that message (say, if you specify --vo=gpu)?
Re: How to disable httpd's default
Crystal Kolipe writes: > On Fri, Jan 14, 2022 at 01:49:01AM -0700, Anthony J. Bentley wrote: > > The natural next question would be what leaks when someone accesses the > > server using a made-up hostname. > > By 'made-up hostname', I'm assuming that you mean connecting to the server's > IP address and then having the TLS handshake include an SNI field containing > a domain name that is not listed in the public DNS for that IP, and for > which the server is not specifically configured. > > In that case, what are you concerned about leaking? I understood the original question to mean a situation like: the server is intended to serve pages for a given set of hostnames, including over TLS; if an IP address or any other hostname is requested, then don't serve any of those pages and don't leak any valid hostnames through the certificate. That's a question I've had myself. > I didn't suggest a 'fake' certificate. I suggested a certificate with a > literal IP in the CN and SAN fields. This would be the correct certificate > to present when connecting to the literal IP, and in the case of a 'made-up' > hostname that the server doesn't actually host, a literal IP cert makes > sense too. 'Fake' was not a judgmental term. I was suggesting that if there is no intent to serve actual content when the user manually enters an IP address, then there's no need for the certificate to manually specify the IP; instead it makes more sense to generate a single catch-all certificate for all invalid cases (many hostnames and potentially multiple IP addresses). In that case, the reserved name "invalid" makes sense, doesn't it? Regardless, you're right, specifying the invalid block first and dropping the wildcard block does work as expected in this situation.
Re: How to disable httpd's default
i...@protonmail.com writes:
> I would like to avoid httpd giving anything if a user types in the IP
> address of the server.
httpd.conf(5) says:
server name {...}
Match the server name using shell globbing rules. This can be an
explicit name, www.example.com, or a name including wildcards,
*.example.com.
>From that I would expect to be able to create server blocks enumerating
valid hostnames, name the last block "*", and specify a self-signed
certificate with a domain name of "invalid".
So I tried it:
server "example" {
listen on * port 80
listen on * tls port 443
tls certificate "/etc/ssl/example.crt"
tls key "/etc/ssl/private/example.key"
}
server "*" {
listen on * port 80
listen on * tls port 443
tls certificate "/etc/ssl/invalid.crt"
tls key "/etc/ssl/private/invalid.key"
block
}
Results:
- http://example/ displays index.html (expected)
- http://127.0.0.1/ displays 403 (expected)
- http://noexist/ displays 403 (expected)
- https://example/ displays index.html, cert for example (expected)
- https://127.0.0.1/ displays 403, cert for example (unexpected)
- https://noexist/ displays 403, cert for example (unexpected)
Is that a bug?
I can "force" the desired behavior by duplicating the invalid block
to mention that certificate first. But it doesn't seem like that
should be necessary.
server "invalid" {
listen on * tls port 443
tls certificate "/etc/ssl/invalid.crt"
tls key "/etc/ssl/private/invalid.key"
block
}
server "example" {
listen on * port 80
listen on * tls port 443
tls certificate "/etc/ssl/example.crt"
tls key "/etc/ssl/private/example.key"
}
server "*" {
listen on * port 80
listen on * tls port 443
tls certificate "/etc/ssl/invalid.crt"
tls key "/etc/ssl/private/invalid.key"
block
}
- http://example/ displays index.html
- http://127.0.0.1/ displays 403
- http://noexist/ displays 403
- https://example/ displays index.html, cert for example
- https://127.0.0.1/ displays 403, cert for invalid
- https://noexist/ displays 403, cert for invalid
Re: How to disable httpd's default
Crystal Kolipe writes: > On Thu, Jan 13, 2022 at 11:46:18PM +, i...@protonmail.com wrote: > > I would like to avoid httpd giving anything if a user types in the IP > > address of the server. > > > > At first I just made an empty page, which is fine for port 80, but if > > the user then types https://xxx.xxx.xxx.xxx, then the certificate for a > > domain shows, which doesn't fit the IP address. > > Why not create a dummy self-signed certificate that only has the IP > address and no domain names? The natural next question would be what leaks when someone accesses the server using a made-up hostname. Manually generating fake certificates feels like the wrong solution for this.
Re: relayd unable to get local issuer certificate
Jordan Geoghegan writes: > I generated a TLS cert with acme-client and tested and confirmed it > worked with httpd. Do curl/wget/ftp behave the same with httpd? If so that would imply the problem is with the certificate. > I then configured relayd to perform TLS acceleration > by following examples in the man pages. Everything works great when > tested from a web browser. However, when I try to fetch a file via curl, > wget or ftp etc, I get a cert validation error: (ip and domain removed > for privacy) Did you generate a full chain certificate with acme-client?
Re: Relayd cannot load keypair
James Chase writes: > /etc/relayd.conf:25: cannot load keypair nextcloud.mydomain.com > for relay secure_proxy > > The keys are in /etc/ssl/ and /etc/ssl/private, and I got them from > acme-client via lets encrypt. Named: > nextcloud.mydomain.com:443.fullchain.crt > and > nextcloud.mydomain.com:443.key >From relayd.conf(5): keypair name The relay will attempt to look up a private key in /etc/ssl/private/name:port.key and a public certificate in /etc/ssl/name:port.crt, where port is the specified port that the relay listens on. If these files are not present, the relay will continue to look in /etc/ssl/private/name.key and /etc/ssl/name.crt. So you need to tell acme-client to generate a fullchain certificate simply called name:port.crt, not name:port.fullchain.crt. -- Anthony J. Bentley
Re: relayd, ipv6, and tls keypair names
Hi,
j...@ircnow.org writes:
> Then it seems relayd also works. So I suspect relayd is ignoring
> the tls keypair directive for IPv6 addresses. In other words, when IPv6 is en
> abled,
> relayd appears to ignore:
>
> tls { keypair example.com }
>
> Can someone verify if this is correct behavior, if I misconfigured, or
> if this is a bug?
You're making things a bit harder for yourself with your choice of
certificate filenames. For starters, on webservers I've never had
any use for a certificate without full chain. So I just create a
full chain certificate under the usual certificate filename in my
acme-client config.
domain example.com {
domain key "/etc/ssl/private/example.com.key"
domain full chain certificate "/etc/ssl/example.com.crt"
sign with letsencrypt
}
No symlinks necessary.
Then in relayd I create two relays, listening to the same protocol
block.
table { 127.0.0.1 }
log connection
http protocol myremote {
tls keypair "example.com"
return error
pass
}
relay mysite4 {
listen on 127.0.0.1 port 443 tls
protocol myremote
forward to check tcp port 80
}
relay mysite6 {
listen on ::1 port 443 tls
protocol myremote
forward to check tcp port 80
}
The problem really is that you can't listen on IPv4 and IPv6 in the
same relay block. This might be a bug although I suppose it could be
intentional (I've never found relayd's configuration very intuitive).
--
Anthony J. Bentley
Re: [net/rtorrent] no manual page (manpage) for rtorrent.
sylvain.sab...@free.fr writes: > Ever since I've used this software, which must get > back to 6.4 or so, the manual page has been missing. The manpage was removed years ago by upstream. Sad but true. The current documentation for rtorrent is only accessible as a wiki: https://github.com/rakshasa/rtorrent/wiki
Re: phonetics on OpenBSD: IPA transcription
Hi Jan, Jan Stary writes: > Assigning the keysymbols for IPA symbols to the keycodes > (in some way I choose, preferably compatible to the existing > IPA keyboards out there) would amount to writing a layout > such as those in /usr/X11R6/share/X11/xkb/symbols/, right? > > A quick search for 'xkb layout ipa' shows that a few of those exist. > Is any of them prevalent, or at least used by phoneticians? > Are any such layouts in the Xorg distribution already? As I'm not a phoneticist I use Compose(5) instead of a full layout. I have no special insights as to designing or loading such layouts. SIL, which authored the Doulos and Charis fonts you mentioned and is a big player in the open source linguistics space, recommends their keyboard layout: https://keyman.com/keyboards/sil_ipa This is used by Keyman, which seems to be some sort of frontend to load keyboard layouts into ibus. We don't have Keyman in ports, but if it's useful software it would be good to add it. If you'd rather write an X keyboard layout directly (to avoid extra software like ibus), and no other layout exists, it would probably be a good idea to use their key arrangement as a base for writing your own. > How do I install a font that has glyphs for those symbols? > Is there anything for that in ports? There are lots of Unicode fonts in ports. XTerm's default font supports the IPA ranges. Several fixed-width fonts in ports, like Go Mono, are also usable in the terminal and cover those characters. The Doulos and Charis fonts you mentioned are also in ports. -- Anthony J. Bentley
Re: Content-Security-Policy makes page render differently
Paul Pace writes: > When I load a page from OpenBSD served with relayd and httpd with > Content-Security-Policy set to default-src self, I can see that a basic > HTML page that normally renders with all of the text in the center is > now rendered on the left. > > I have this currently configured with http://mostlybsd.com not loading > the header and https://mostlybsd.com loading the header. > > [...] > > Is there something I am missing? You are missing that "style-src 'self'" does not allow
Re: relayd: Why doesn't "tls keypair" look for the fullchain certificate?
Chad Hoolie writes:
> Why does "tls keypair" in relayd.conf look for the regular and not the
> fullchain certificate?
Certificate filenames are defined by your acme-client.conf.
> Thus, forcing users who want an A+ certificate to spend hours
> searching the web for this hack?
>
> cd /etc/ssl
> doas mv foobar.com.crt foobar.com.crt.bak
> doas ln -s foobar.com.fullchain.pem foobar.com.crt
Rather than symlink, just tell acme-client to create certificates with
the filename relayd expects.
domain example.com {
domain key "/etc/ssl/private/example.com.key"
domain full chain certificate "/etc/ssl/example.com.crt"
sign with letsencrypt
}
Re: user-agent spoofing info; working around site "requirements"
Bryan Stenson writes: > Given: > - the bank has a HTTP interface > - the bank "requires" a specific browser/version > - the bank "requires" a specific set of closed-source operating systems > - OpenBSD ships recent browsers (chromium, firefox, etc) > > Problem: > When logging into said financial institution, the page declines to > work correctly because I don't have an operating system on their list. > > Solution: > Spoof (add/modify) "user-agent" http header (via browser plugin, for > example), to include a common user-agent used by one of the > aforementioned "required operating systems". I'm always wary of installing extensions in the browser. You can change the user agent in Chrome out of the box with the developer tools: menu -> More tools -> Developer tools (or Ctrl+Shift+I) tools menu -> More tools -> Network conditions An annoying process to be sure, but one I only need now and then. In January Google proposed using the same UA string on all platforms (more or less). So maybe this will be less of a problem in the future. https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/-2JIRNMWJ7s/yHe4tQNLCgAJ
Re: Kernel Panics with rtorrent
Hi Victor, I hit what appears to be the same panic in April: https://marc.info/?l=openbsd-bugs=155568856220887=2 On Thu, Jan 16, 2020 at 6:12 PM Victor Tarabola Cortiano wrote: > I was having mutiple kernel panics while using rtorrent with over 60 > active torrents and multiple files. I don't think I've ever seen a program stress OpenBSD as hard as rtorrent does. A while back I came to the conclusion that part of the problem is excessive gettimeofday() in libtorrent, but didn't investigate further. > I would get multiple "re0: watchdog timeout" messages I've gotten many (very, very, very many) of those over four years using re(4), especially in conjunction with rtorrent. Panics rare; usually I only lost network (which only came back with a reboot) and observed serious system performance degradation (as in keyboard/mouse barely worked). Reading the archives and cvs log it seems that there have been many race conditions in the driver, some of which have been fixed, some which are still present. These show up less than they used to, I assume due to kernel and driver improvements, but it's still bad enough that after years of constantly encountering watchdog timeouts on re(4) I switched to different networking hardware. -- Anthony J. Bentley
Re: netsurf-fb fails on framebuffer console
putridsou...@gmail.com writes:
> I'm running openbsd 6.6-current Dec24 snapshot
>
> The browser works perfectly within X.
> But fails without it.
> Following output is given by command:netsurf-fb -v
Framebuffer targets supported by netsurf-fb are those implemented by
libnsfb. From libnsfb.h:
/** The type of framebuffer surface. */
enum nsfb_type_e {
NSFB_SURFACE_NONE = 0, /**< No surface */
NSFB_SURFACE_RAM, /**< RAM surface */
NSFB_SURFACE_SDL, /**< SDL surface */
NSFB_SURFACE_LINUX, /**< Linux framebuffer surface */
NSFB_SURFACE_VNC, /**< VNC surface */
NSFB_SURFACE_ABLE, /**< ABLE framebuffer surface */
NSFB_SURFACE_X, /**< X windows surface */
NSFB_SURFACE_WL /**< Wayland surface */
};
Our package enables all targets that work on OpenBSD. Those are the SDL
(netsurf-fb -f sdl) and XCB (netsurf-fb -f x) targets.
Both of them require X.
--
Anthony J. Bentley
Re: [PATCH] links update for www/openiked/papers.html
Alex Naumov writes: > Hey, > yet another patch for www. Thanks. Your mail client wrapped long lines though, corrupting the patch. I had to apply it by hand. -- Anthony J. Bentley
Re: [PATCH] link fix for www/openiked/index.html
Alex Naumov writes: > here is a small fix for www/openiked/index.html Committed, thanks.
Re: Is there an easier way to browse ports?
Adam Thompson writes: > openports.se Generated by scraping, and thus often incomplete. Taking a look, it's missing many of my recent commits, and even entire ports. > ports.su Extremely out of date. "These pages were generated 2018-11-21T13Z"...
Re: relayd reverse proxy with TLS to multiple servers
Bertalan Zoltán Péter writes: > Mainly, my problem is that I am unsure in general about this setup (the > manual doesn't have an example for this and I struggle to find any guide > online) and that I can see relayd not using the correct keypairs: > > ---8<--- > $ openssl s_client -connect example.com:443 | grep CN > [...] > depth=0 CN = example.com > [...] > subject=/CN=example.com > [...] > > $ openssl s_client -connect matrix.example.com:443 | grep CN > [...] > depth=0 CN = example.com > [...] > subject=/CN=example.com > [...] > ---8<--- > > If I am not mistaken, the CN for the second request should be > 'matrix.example.com' if it were to work as I would like. I don't claim to understand all of openssl's output, but when I try it on my certs I get various CNs that I don't expect either, even though I'm quite confident the certificate has a valid hostname. For a simpler test, try ftp(1), which will fail if the certificate hostname doesn't match the domain visited: $ ftp -o - https://wrong.host.badssl.com/ Trying 104.154.89.105... Requesting https://wrong.host.badssl.com/ ftp: SSL write error: name `wrong.host.badssl.com' not present in server certificate -- Anthony J. Bentley
Re: Transparent 301-to-https redirection with relayd
open...@phbits.com writes:
> Try this for relayd.conf
>
> table { 127.0.0.1 }
>
> http protocol httpfilter {
> return error
> match request header "Host" value "www.openbsd.org" tag "HOST_OK"
> block request
> pass tagged "HOST_OK"
> }
That blocks every host not in the list, whereas I want to pass every
unlisted host through unmolested.
--
Anthony J. Bentley
Transparent 301-to-https redirection with relayd
Hi,
I have relayd configured as a basic HTTP pass-through:
http protocol httpfilter {
return error
}
relay "proxy" {
listen on 127.0.0.1 port 8080
protocol httpfilter
forward to destination
}
I'd like to prevent certain domains from ever being accessed over
unencrypted http. So I set up httpd:
server "httpfilter" {
listen on localhost port 8081
block return 301 "https://$HTTP_HOST$REQUEST_URI;
}
The idea is to check the host header and if it matches my whitelist,
send it to httpd which will force a redirect to https before ever
leaving the LAN.
I don't understand relayd configuration too well. I tried this:
table { 127.0.0.1 }
http protocol httpfilter {
return error
match request header "Host" value "www.openbsd.org" forward to
}
relay "proxy" {
listen on 127.0.0.1 port 8080
protocol httpfilter
forward to destination
forward to port 8081
}
It seems to do what I want:
$ ftp -o - http://www.openbsd.org/ >/dev/null
Trying 129.128.5.194...
Requesting http://www.openbsd.org/
Redirected to https://www.openbsd.org/
Trying 129.128.5.194...
Requesting https://www.openbsd.org/
4033 bytes received in 0.07 seconds (57.97 KB/s)
Except that it sends every host to httpd:
$ ftp -o - http://neverssl.com/ >/dev/null
Trying 13.33.67.177...
Requesting http://neverssl.com/
Redirected to https://neverssl.com/
Trying 13.33.67.177...
Requesting https://neverssl.com/
ftp: SSL write error: name `neverssl.com' not present in server certificate
Fiddling with the config further doesn't seem to get me anywhere
closer to redirecting only whitelisted domains. I must be missing
something, but what?
--
Anthony J. Bentley
Re: Malloc config became global sysctl in 6.5
Igor Podlesny writes: > On Sat, 27 Apr 2019 at 12:26, Sebastien Marie wrote: > > On Sat, Apr 27, 2019 at 12:17:21PM +0700, Igor Podlesny wrote: > > > Previously users could have different behaviour of malloc simultaneously: > one in > > > global FS, others in chroots. Say, in global it could be more relaxed > [...] > > malloc(3) man page mentions several ways to set malloc options: > > > > - globally with vm.malloc_conf sysctl(2) > > - externally per apps with environment variable MALLOC_OPTIONS > > - internally per apps with global variable malloc_options in the program > > > > So I suppose you want to look at exported MALLOC_OPTIONS environment > > variable. > > Wrong. Environment is easy to be changed by any non-privileged process. > OTOH, root owned /etc/malloc.conf is not. Back then, when both /etc/malloc.conf and MALLOC_OPTIONS were set, which did a program prefer? -- Anthony J. Bentley
Re: Malloc config became global sysctl in 6.5
Igor Podlesny writes: > Previously users could have different behaviour of malloc simultaneously: one > in > global FS, others in chroots. Say, in global it could be more relaxed > with lesser > performance impact and in some chroots more drastic, at contrary. With > 6.5 it's not > possible anymore, is it really so? This change has own pluses as well > indeed: one > knob to rule them all but then what if you need something special in > just one place, > something that shouldn't be following global sysctl parameters -- how > do you get it(?) You didn't check the manpage. Upon the first call to the malloc() family of functions, an initialization sequence inspects the value of the vm.malloc_conf sysctl(2), next checks the environment for a variable called MALLOC_OPTIONS, and finally looks at the global variable malloc_options in the program. -- Anthony J. Bentley
Re: Substitute mandoc for tlb command
Артур Истомин writes: > I need t command to accomplish example from "The AWK Programming Language" > book. > Is it possible somehow substitute it with mandoc? Yes, simply substitute mandoc for tbl and the examples in the book will work. Just make sure to render the output in a large terminal to avoid wrapping.
Re: amd64 cc error unknown argument '-msave-args'
Jyri Hovila [Turvamies.fi] writes: > Theo, with all due respect, there are many situations where upgrading > to a snapshot really isn't an option. In such a situation, you shouldn't expect to be able to build -current all the time. And the advice you'll always get is: update to a snapshot, because that makes the build problems magically go away. > > Those instructions to exist the noise on the list everytime we > > make a change and people don't notice or understand it and suddenly > > they are in over their heads > > Again with all due respect, should all users of OpenBSD constantly watch the > development in order to be able to use it? The point of upgrading to a snapshot before building -current is you don't have to be intimately familiar with what's going on in -current that might affect a build. > Then again: using RELEASE is a huge pain from the perspective of a server adm > inistrator with many [often virtual] hosts to maintain. The pain is so big th > at it actually drove me away from using OpenBSD for almost a decade. This thread started with someone mistakenly building -current from -stable. The OP intended to build -stable from -stable. The solution is simple and documented: build -stable from -stable, build -current from a snapshot, or even better, don't install from source if you can help it. Is your suggestion that OpenBSD focus development effort on making it possible to build -current from any conceivable post-6.4 checkout? That seems an impossible task, one that would take time away from other development efforts. Once again, the alternative is simple and well documented: build -stable from -stable, build -current from snaps. -- Anthony J. Bentley
Re: ports/devel/pygame make install error
shadrock uhuru writes: > hi everyone > > i have openbsd 6.4 release installed > > when i try to make install ports/devel/pygame i get an error stating > > create /usr/ports/packages/amd64/all/py-game-1.9.3.tgz > error: Libraries in packing-list in the port tree > and libraries from installed packages don't match > > how do i fix this ? As the error message says, the library versions you have installed don't match the library versions in your checked out ports tree. So update your ports tree and packages to -current. The remainder of the output (that you cut out) shows which exact libraries are out of sync on your system.
Re: phonetic alphabet on OpenBSD
Christian Weisgerber writes: > On 2018-10-14, Jan Stary wrote: > > How do you type the phonetic alphabet in vim? > > Is there a standard keyboard layout for the English part of IPA? > > I don't use vim, but the sad answer is that I copy and paste, > principally from Wikipedia's IPA page. If you're only dealing with > English, the Help:IPA/English page is more convenient. > > In general, I use the X11 compose key to enter special characters. > See /usr/X11R6/share/X11/locale/en_US.UTF-8/Compose for the available > combinations. That's sufficient for entering the letters and > diacritics used in all European languages that use the Latin alphabet. > However, it does not cover IPA. Moving further away from Jan's request for a "standard way", compose key sequences can be custom-defined in ~/.XCompose (see Compose(5)). I find having my own compose sequences very useful for math and Unicode in general (faster to type and easier to remember than TeX/HTML escapes) but not a replacement for things like Japanese that really require an IME or dedicated keyboard layout. Not sure where IPA would fall in that spectrum but copying and pasting is so painful that custom compose sequences must be more convenient than that. -- Anthony J. Bentley
Re: wifi gui manager
Consus writes: > On 18:07 Tue 21 Aug, Stuart Henderson wrote: > > On 2018-08-21, Consus wrote: > > > On 15:05 Tue 21 Aug, Stuart Henderson wrote: > > >> > Also what's wrong with gitlab/github? > > >> > > >> They encourage devs to be lazy and not produce proper stable release ass > ets. > > >> Lots of mess in the ports tree from people who just tag something on git > hub, > > >> don't produce a stable tarball, don't generate autoconf scripts etc. > > > > > > What do you mean by "stable tarball"? If a tag contains stable version > > > of code you just download the tarball that is generated for the tag. > > > > So you are part of the problem! > > > > I mean a tarball that is generated once and not change, rather than somethi > ng > > which changes depending on what software is installed on the cluster node. > > If you create a release > (https://help.github.com/articles/creating-releases/) then all > associated generated tarballs are immutable, as far as I know. They're not immutable.
Re: Let's Encrypt Error with cgit, httpd, acme-client
he...@ezaquarii.com writes:
> On 21/08/2018 20:46, Parikh, Samir wrote:> # cgit CGI
> > root "/cgi-bin/cgit.cgi"
> > fastcgi socket "/run/slowcgi.sock"
> > location "/.well-known/acme-challenge/*" {
> > root { "/acme", strip 2 }
> > }
> > }
>
> Do you have /var/www/cgi-bin/cgit.cgi/.well-known/acme-challenge/ directory?
>
> Because this is where the httpd server will look for it.
Not when you have a location block specifying the correct root...
Re: Let's Encrypt Error with cgit, httpd, acme-client
Hi Samir, Parikh, Samir writes: > I am running cgit to host my git repositories on OpenBSD 6.3 and am > trying enable https using Let's Encrypt. I run cgit as well (with the same httpd.conf, acme-client.conf, file permissions, etc), and have no trouble creating and renewing certs. Do you see anything in /var/www/logs/access.log? Here's what I see: example.com 66.133.109.36 - - [21/Aug/2018:23:03:35 -0600] "GET /.well-known/acme-challenge/YXRuZWJ1c2FvdGV1Ym5hc290ZGFvZXNudGh1YW9lc25 HTTP/1.1" 200 87
Re: nvi and unicode
Thuban writes: > Default vi (nvi) in OpenBSD doesn't handle correctly most of UTF-8 > sings such as "é", "à" or so. One need to install nvi package to do so. > Is it planned to replace the vi binary in the future? > Is there any reason I can't think to keep this vi version? nvi2's main deficiency is that it cannot handle invalid characters at all: they interfere with display, searching, and writing. This is a big change from base nvi which merely visually escapes non-ASCII characters. In the past nvi2 has also had some pretty severe bugs including frequent crashes and irreversible file truncation on :w which makes me wary of bringing it in. UTF-8 in OpenBSD's base vi is definitely a desired feature. The primary blocker to implementing it is simply that nobody has done the work.
Re: re0: watchdog timeout on recent current
Gregory Edigarov writes: > Hello everybody, > > ok, so here is the symptoms. the thing happens usually during the high > traffic, like when I am trying to watch video on a tv, which is > connected to my home server/router on re0 (it is the local interface). > > the video freezes immediately. something like ifconfig re0 down && pfctl > -Fst && ifconfig re0 up, hepls a bit but not every time, sometimes I > need to reboot. > > during the March and until the middle of April it was working fine, do I > think it was broklen quite recently. I've had this problem on an RTL8168G since I first got the machine three years ago. It has gotten much better; back then it happened a few times a day and locked up the machine solid. I still see it from time to time (including a couple of times this week) but it barely slows things down and ifconfig down/up is usually enough to bring it back. https://marc.info/?l=openbsd-misc=143701763323995=2 I have no idea where to even begin to make an effective bug report. Unfortunately in all this time I've never figured out how to reproduce it either--just that it happens occasionally under heavy network load.
Re: [Patch] remove xdm reference from X(7)
Solene Rapenne writes: > Hello > > I don't know if it's the right place to submit a diff. > > The man page X(7) refers to xdm(1) in "SEE ALSO". Thanks, but X(7) comes from upstream. Typically we don't modify upstream manuals in Xenocara, as doing so would add more work to X updates. Improvements to OpenBSD-maintained docs like cwm(1) and xenodm(1) are welcome though. > I also found that the first line of the file is a comment with a > character 't' alone. Manpages often do that as a marker to run the tbl preprocessor (similarly with 'e' for eqn, and so on). -- Anthony J. Bentley
Re: Flatbed scanner that works well with OpenBSD?
Base Pr1me writes: > Did you give your userland user/group permissions to use the uhub/ugen > device? Of course; without that I wasn't able to detect the scanner in the first place. > On Fri, Jan 19, 2018 at 9:59 AM, Anthony J. Bentley <anth...@anjbe.name> > wrote: > > > Bryan Linton writes: > > > Hello misc@ > > > > > > I'm currently looking to purchase a scanner that works well with OpenBSD. > > > > > > I'm aware of the list provided at: > > > > > > http://www.sane-project.org/sane-mfgs.html > > > > > > but I recently purchased (and returned) a scanner that was listed as > > being > > > fully supported on that list because no matter what I did, I couldn't > > > get it to work right with xsane or scanimage. Though I purchased it > > used, > > > so it's possible it may have simply been broken from the get-go. > > > > > > Does anyone happen to know of a scanner that is *known* to work well > > > with OpenBSD? > > > > Well, I just bought a CanoScan 9000F MkII specifically because it was > > marked as fully supported on that list, and I can say it does NOT work > > on OpenBSD; scanimage -L detects it just fine but attempting to scan > > gives an I/O error. As a workaround I plugged it into a Linux laptop, > > started saned, and scan seamlessly from OpenBSD with scanimage's network > > support, until I find the time to make a proper bug report. > > > > In the past I used a CanoScan LiDE 20 quite regularly from OpenBSD, but > > that was several years ago. > > > >
Re: Flatbed scanner that works well with OpenBSD?
Bryan Linton writes: > Hello misc@ > > I'm currently looking to purchase a scanner that works well with OpenBSD. > > I'm aware of the list provided at: > > http://www.sane-project.org/sane-mfgs.html > > but I recently purchased (and returned) a scanner that was listed as being > fully supported on that list because no matter what I did, I couldn't > get it to work right with xsane or scanimage. Though I purchased it used, > so it's possible it may have simply been broken from the get-go. > > Does anyone happen to know of a scanner that is *known* to work well > with OpenBSD? Well, I just bought a CanoScan 9000F MkII specifically because it was marked as fully supported on that list, and I can say it does NOT work on OpenBSD; scanimage -L detects it just fine but attempting to scan gives an I/O error. As a workaround I plugged it into a Linux laptop, started saned, and scan seamlessly from OpenBSD with scanimage's network support, until I find the time to make a proper bug report. In the past I used a CanoScan LiDE 20 quite regularly from OpenBSD, but that was several years ago.
Re: identifying software and licenses used in base install
cho...@jtan.com writes: > "Theo de Raadt" writes: > > > Is there, by chance, such a breakdown available for these already? > > > > > No. We did our best. > > To be fair, these statements are potentially contradictory. If you > (plural) only "did your best" (and what more could have been done?) > then it is at least in *theory* possible that some mis-licensed piece > of code slipped through. > > In fact I expect this didn't happen, but regardless ... Of course it's possible. There's no contradiction in saying so. We also do our best to write bug-free software. You might be shocked to hear that there are still bugs in OpenBSD. I suspect that OpenBSD is stricter than the vast majority of comparable free software projects. OpenBSD has a demonstrated history and culture of removing or rewriting nonfree code. I personally have confidence both that we have removed all nonfree code, or very close to it, and that we haven't introduced more. But providing a *guarantee* is a tall order, and certainly not one I'm willing to fulfill. If the chance of a license error slipping through is unacceptable to someone like Kent, due to his choice of customer or some other reason, he needs to audit the source himself until he's confident. Why should he, or his customer, trust what we *say*? That's what the code is for. If no person ever audited the source of the software they use, that would be a sad state of affairs.
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Ingo Schwarze writes: > Hi, > > Anthony J. Bentley wrote on Fri, Dec 01, 2017 at 08:18:59AM -0700: > > Philippe Meunier writes: > > >> - In addition, when the precompose resource is set to false and TrueType > >> fonts are used, the result of printf "e\xcc\x81\n" itself is wrong (even > >> before trying to copy-paste it): od(1) shows that the correct sequence o > f > >> bytes is printed but it is displayed without accent. That's another bug > >> in xterm. The result is displayed correctly when the precompose resourc > e > >> is set to true. > > > Yes, this matches what I'm seeing. > > To me, that seems to imply that xterm(1), with the bugs it has now, > works significantly better with Precompose enabled: at least it > displays the correct glyphs, while there seem to be cases where it > displays wrong glyphs without Precompose. Right? > > Doesn't that imply that it would be better to fix this bug first, > before disabling Precompose? I certainly hate that xterm(1) is > doing normalization by default now, but if removing that exposes a > bug that causes display of incorrect glyphs, that would seem like > a serious regression to me. > > What do you think? I was internally debating this earlier. The bug is already exposed by any combining characters that don't have precomposed forms. It also doesn't show up with the default (i.e. non TrueType) fonts. Given that and how unfriendly the precomposition behavior is, I think disabling it is still reasonable.
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Philippe Meunier writes: > - When the precompose resource is set to false, copy-pasting the result of > printf "e\xcc\x81\n" never works correctly in xterm, regardless of > whether I use TrueType fonts or not. xterm copy-pastes the correct > sequence of bytes but that sequence is not displayed correctly. That's a > bug in xterm. I get slightly different results: with TrueType fonts enabled, LC_CTYPE set to en_US.UTF-8, and precompose disabled, accents are not displayed, but they do copy and paste correctly. I tested this on a fresh install as well as my desktop. I haven't been able to trigger the results you're getting (best guess: your LC_CTYPE is unset or set funny? But I don't get the same results even then). > - In addition, when the precompose resource is set to false and TrueType > fonts are used, the result of printf "e\xcc\x81\n" itself is wrong (even > before trying to copy-paste it): od(1) shows that the correct sequence of > bytes is printed but it is displayed without accent. That's another bug > in xterm. The result is displayed correctly when the precompose resource > is set to true. Yes, this matches what I'm seeing.
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Ingo Schwarze writes: > >> +*precompose: false > > > Sure. > > On a more serious note, i'll commit that tomorrow then > based on OK bentley@ unless somebody can point out a downside. Please update the OPENBSD SPECIFICS section of the manual as well. > Hum, i don't doubt your analysis. But now i don't understand why > uxterm(1) works for Allan and plain xterm(1) doesn't... Yeah, my guess is he never disabled precomposition for uxterm, meaning what he's seeing are not actually combining characters, meaning xterm doesn't bug out.
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Hi Ingo, Ingo Schwarze writes: > Except in a professional typesetting system like groff or LaTeX, i > consider anything that makes the end user worry about fonts > fundamentally broken. I think everybody's in agreement that xterm is broken and wrong here. > Fonts that work should be installed by default > and not configurable, in my opinion. Toying around with fonts > causes nothing but grief. You'll need extra fonts once I finish my patch to add situationally appropriate emoji to all our manpages. > +*precompose: false Sure. > +*VT100.utf8: 1 xterm(1): This option and the utf8 resource are overridden by the -lc and -en options and locale resource. We set the locale resource, so this appears redundant. > +*VT100.font2: -misc-fixed-medium-r-normal--8-80-75-75-c-50-iso10646-1 > +*VT100.font: -misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso10646 > -1 > +*VT100.font3: -misc-fixed-medium-r-normal--14-130-75-75-c-70-iso10646-1 > +*VT100.font4: -misc-fixed-medium-r-normal--13-120-75-75-c-80-iso10646-1 > +*VT100.font5: -misc-fixed-medium-r-normal--18-120-100-100-c-90-iso10646-1 > +*VT100.font6: -misc-fixed-medium-r-normal--20-200-75-75-c-100-iso10646-1 These are already the default according to appres(1). -- Anthony J. Bentley
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Philippe Meunier writes: > The strange part is that, when I copy the first filename and paste > it to become the second filename, the second filename is shown without > any accent, even though the first and second filenames are now the exact > same sequence of bytes (I checked using od(1)). So on the command line > it actually looks like this: > > $ cp Thérèse Therese > cp: Thérèse and Thérèse are identical (not copied). > > which looks wrong but works as expected. I tried to play with various > things like the allowPasteControls resource but to no avail. It looks > like an xterm bug to me but at this point I'm not even sure of that... > Anyone has any clue? I get the same result, but only when using TrueType fonts (default or no). If I Ctrl-rightclick and uncheck "TrueType Fonts", the accents show up. So it looks like xterm's rendering of combining characters is broken, or unimplemented.
Re: xterm(1) changing UTF-8 characters when copy-pasting?
Ingo Schwarze writes: > That's a bad idea. Do not use non-ASCII bytes in file names. > You are in for all kinds of trouble. I don't agree. In a situation where a single user will be accessing files, you can use whatever naming scheme you like. UTF-8 works exactly how you would expect: the filename you enter is the filename you'll get. Misencoded files can also exist, with exactly the results you would expect also: you can't necessarily type it, but if you can pass the exact filename, programs will work. Same goes with control characters like backspaces in file names (far more annoying than UTF-8). Saying you can't is impractical. Anyone downloading lots of external files through web browsers, torrent clients, or any number of other programs in ports will eventually encounter files with UTF-8 filenames. They work just fine. Keeping spaces out of filenames is already a lost battle, let alone limiting them to the POSIX portable filename character set (A-Za-z0-9._-). Obviously once you start talking about files on external media or otherwise accessible by users in other locales, that conclusion changes. But I'm talking about a personal desktop here. > > So it looks like xterm is changing > > I'm not convinced it is xterm; it might also be the X libraries > supporting copying with the mouse. Anyway, whatever does it is > allowed to. This is indeed xterm's fault. precompose (class Precompose) Tells xterm whether to precompose UTF-8 data into Normalization Form C, which combines commonly-used accents onto base characters. If it does not do this, accents are left as separatate characters. The default is "true". In my opinion, that's a *very* poor default. I don't expect base tools to canonicalize text like that. UTF-8 strings work fine when passed to grep(1), but grep doesn't -- nor would I expect it to -- canonicalize strings, or ignore zero-width no-break spaces in running text, or any other sort of weird transformation invented by the Unicode committee. The only unexpected thing here is xterm doing these transformations without asking. -- Anthony J. Bentley
Re: Xbox 360 controller emulators/snes9x hangs at startup
Nam Nguyen writes: > After further research, this commit[1][2] may explain what is going on. > > > Remove SIGIO support. Base tools do not implement it and ports relying > > on libusbhid, generally via SDL, shouldn't do it either since it's not > > portable. > > If I understand correctly, I should take up this issue with the > developers of the affected ports to not rely on this non-portable > code. Many emulators rely on SDL. I incorrectly viewed this as a > regression with uhid(4). Instead, it is a design decision by OpenBSD to > break backward compatibility, in favor of more portable code. Causing every single one of the dozens of ports that use SDL or SDL2 for joysticks to freeze and ignore kill(1) was not a design decision, it was an oversight. That happens occasionally. Unfortunately this particular runtime regression was not noticed until quite some time after the commit.
Re: Mupen64plus dumps core on Intel(R) 945GME x86/MMX/SSE2 (OpenBSD 6.1-current)
Jan Vlach writes: > Hello openbsd-misc, > > I'm trying to run mupen64plus with Mario Kart 64 rom on OpenBSD > 6.1-current. mupen64plus dumps core eventually with error in DMESG: > -- > "error: > [drm:pid38441:intel_pipe_config_compare] *ERROR* mismatch in > gmch_pfit.lvds_border_bits (expected 32768, found 0) > pipe state doesn't match! > -- I would attribute this to video drivers and your particular video card (unfortunately). I see no crash with my GM45 or Radeon HD 5450, or software rendering. > I've recompiled mupen64plus with debug symbols to provide more useful > backtrace (Down below), but producing that backtrace crashes gdb, that > one dumps core too. This backtrace (without debug symbols) is included > too. Should I recompile gdb too? The mupen64plus core library is built against the gcc from ports. You probably need the ports gdb for that. > What can I do to make this work again? Setting LIBGL_ALWAYS_SOFTWARE=1 in your environment will almost certainly prevent the crash, but it will also make it unplayably slow. It looks like you're using the default rice plugin. You might want to try mupen64plus-video-glide64mk2, which is more actively developed by upstream (although they haven't made it the default for some reason). The codebase is different, so it may or may not hit the same problem. -- Anthony J. Bentley
Re: Android device detach/attach loop
Adam Van Ymeren writes: > I was attempting to to use android's adb toolbut when I enable usb > debugging on my phoneit appears to repeatedly detach/reattach the device. > > Anyone experience this before or have any advice on how to debug this? ... > Jan 2 15:12:30 adam-laptop /bsd: ugen2 at uhub0 port 5 "Samsung Galaxy > Nexus" rev 2.00/2.16 addr 2 This seems to be a problem with the Galaxy Nexus, and I've seen it on mine. I did buy another Galaxy Nexus to pass on to any dev with potential interest but couldn't reproduce the problem on the new phone; maybe I forgot to enable USB debugging.
Re: LibreSSL on old OpenBSD
Roderick writes: > > Or what, do you think that guenther's commits to our headers are meant > > to make them worse? > > If guenthers commits to your headers made you better or worse, was not > the question. So what was your question? You make a roundabout email about libressl and endian.h and mutt and sysconf. You say you don't want help debugging problems. You say you don't want details. So what exactly do you want? To complain that there are no standard interfaces, and then purposely *not* upgrade to a release that provides those exact standard interfaces? > Or does things change from time to time for the sake of change? Some things never change. misc@ seems to be one of them.
Re: LibreSSL on old OpenBSD
Roderick writes: > I know, you will complain, because I mention here that I still use > OpenBSD 4.8 in a machine. Then why do you ask? Do you think people will happily take time to help you debug problems on a system that has been *explicitly* unsupported for the past five years? > In file included from /usr/include/machine/endian.h:58, > from ../include/compat/machine/endian.h:36, > from rc4/rc4_enc.c:59: > /usr/include/sys/endian.h:162: error: expected '=', ',', ';', 'asm' or > '__attribute__' before 'htobe64' > /usr/include/sys/endian.h:163: error: expected '=', ',', ';', 'asm' or > '__attribute__' before 'htobe32' > /usr/include/sys/endian.h:164: error: expected '=', ',', ';', 'asm' or > '__attribute__' before 'htobe16' > /usr/include/sys/endian.h: > << > > What did change here from OpenBSD 4.8 to the current versions? Is it an > esential change? Did you look at the CVS history? Obviously not, or you would have seen right away that there have been *essential* changes to endian.h over the course of the last five years. Or what, do you think that guenther's commits to our headers are meant to make them worse?
Re: letsencrypt && https && openbsd.org = https://www.openbsd.org/
"Constantine A. Murenin" writes: > On 8 December 2015 at 19:26, Anthony J. Bentley <anth...@anjbe.name> wrote: > > Giancarlo Razzolini writes: > >> One of the main benefits of the TLS wouldn't only be to render > >> impossible for anyone to know which pages you're accessing on the site, > >> but also the fact that we would get a little more security getting the > >> SSH fingerprints for the anoncvs servers. Having them in clear text as > >> they are today, isn't very secure. > > > > Another attack currently possible against www.openbsd.org is changing > > the https://openbsdstore.com links to http://openbsdstore.com, and > > running sslstrip on that. Or the PayPal links... > > For real! And yet another attack currently possible against > www.openbsd.org is being able to view the web-site from any OpenBSD > release, even the early ones that did include lynx in base > (http://mdoc.su/OpenBSD-2.3/lynx.1), yet are surely missing not only > TLSv1.2 (if not OpenSSL in the first place!), but the requisite CA > entries in their corresponding cert.pem file as well (that is, if such > file was even present). Why even bring up OpenBSD 2.3? Anyone running that 19 years after its release has much bigger problems than not being able to connect to www.openbsd.org. > And if you're in Kazakhstan, it's also possible to view > www.openbsd.org without any issues or security warnings, and will > continue being so even after 2016-01-01 when the new telecommunication > directive takes force. (Or was the feature to ignore invalid > certificates already added to lynx nowadays?) I can't tell if you're saying it's a *good* thing that http provides no notice that your connection is compromised. Are you serious? Look, the whole CA model comes with a lot of baggage. Let's Encrypt has elements of a new approach but is still tied to that way of thinking. Talking on misc@ won't make www.openbsd.org more secure. But you're defending telnet in 2015.
Re: letsencrypt && https && openbsd.org = https://www.openbsd.org/
Kevin Chadwick writes: > What is your problem with it, there are many VPN services promoted > precisely for this issue as it completely rather than partially stops > ISP's monitoring traffic like TalkTalks homesafe service that is > likely hackable itself. Why encrypt anything? Just run it through a VPN! Who needs SSH when you can run telnet over a VPN? It completely protects the connection! Well, except for the endpoint from the VPN to the destination server. And the VPN provider itself can listen to or spoof whatever he wants. But hey, who cares about that?
Re: letsencrypt && https && openbsd.org = https://www.openbsd.org/
Kevin Chadwick writes: > The cvs page fingerprint page could be https enabled, however you can > use googles cache over https, also buy a CD to help the project greatly > would do far more for world security than TLS everywhere and even look > at mailing list archives over https as a web of trust. > > ISPs snooping is a compelling reason but not enough for me to adopt > HSTS, a VPN makes more sense. I changed my ISP instead though ;). There are valid complaints about HTTPS (generally involving the CA system, sthen brought some of them up), but some of these responses are just ridiculous. I mean, really? "ISPs snooping is a compelling reason but not enough for me to adopt SSH instead of telnet, a VPN makes more sense." And you would trust signify keys from Google Cache? Come on.
Re: letsencrypt && https && openbsd.org = https://www.openbsd.org/
Giancarlo Razzolini writes: > One of the main benefits of the TLS wouldn't only be to render > impossible for anyone to know which pages you're accessing on the site, > but also the fact that we would get a little more security getting the > SSH fingerprints for the anoncvs servers. Having them in clear text as > they are today, isn't very secure. Another attack currently possible against www.openbsd.org is changing the https://openbsdstore.com links to http://openbsdstore.com, and running sslstrip on that. Or the PayPal links...
Re: Is it possible to use pledge(2) to make something similar to firejail?
Lampshade writes: > Is it possible, in theory, to use pledge(2) to make something similar to fire > jail? > https://packages.debian.org/sid/main/firejail > Firejail is a Gnu/Linux's program which executes Firefox as it's descendant > with reduced privilages. > For example I would like to restrict Firefox to not write and read to directo > ry > outside /home/firefox directory. Let's assume that I run firefox as another u > ser than > my normal account. I would restrict, using traditional Unix privilages, Firef > ox > and all its descendants, logging as another user to regain privilages to > for example to /home/open. I imagine that would still leave huge attack vecto > r > to pown system and/or sniff password, but I think it is better than nothing. After the recent Firefox pdf.js exploit (where malicious PDFs on an ad server were reading files under ~, including ssh keys), I started running Firefox as its own user, and tightened the permissions on my home directory so Firefox can't access it. There's a large class of attacks this doesn't help against (anything that uses X to access keystrokes or similar) but it stops a large set of potential Firefox exploits right away with nothing but Unix filesystem permissions. http://lists.dragonflybsd.org/pipermail/users/2015-August/228324.html -- Anthony J. Bentley
Re: Question about quotation rules
Hi Rob, Rob Pierce writes: > Good evening, > > Is there a written/unwritten rule for using quotation marks? Do man pages and > web pages follow the same rules? > > When would I use 'this', "this", `this', ``this'', “this“, etc.? Generally: In manuals, use .Dq and .Sq for double and single quotes. In www, use " and '. There are some other macros in mdoc(7) that generate quote marks (.Qq and friends), when you specifically need straight quotes (e.g., code listings) and can't just type " directly (e.g., on a macro line). For personal webpages I use UTF-8 quotes (U+2019/A, U+201C/D) directly. But for pages with many authors, like www.openbsd.org, it's best to go with what's simple and works: " and '. Keep the burden on authors light. The text is what's important. `` '' is an artifact. The only place they look balanced is on the console and in troff's PDF output. Everywhere else (such as the xterm and firefox defaults) has displayed this unbalanced for years. " looks better and is easier to type. -- Anthony J. Bentley
Re: /etc/pkg.conf when installing from snapshots
Joel Rees writes: Is it unusual/unreasonable to install, not update, from a snapshot bsd.rd? If installing from a snapshot bsd.rd is not too unreasonable, does everyone doing that edit /etc/pkg.conf by hand to point to the local mirror's snapshots before re-booting, to pick up the firmware stuff in the first boot? In my case, that would be changing http://ftp.jaist.ac.jp/pub/OpenBSD/%c/packages/%a in /etc/pkg.conf to http://ftp.jaist.ac.jp/pub/OpenBSD/snapshots/packages/%a %c typically expands to 'snapshots' when you're running snapshots, but around release tagging time it's temporarily changed to match what the release will expand to. In a few weeks %c will expand to 'snapshots' again.
watchdog timeouts on re(4) Realtek 8168
Hi, I recently built a new machine. Occasionally (meaning a couple of times a day), the network dies in the following fashion: First, the system slows down (mouse becomes jerky and unresponsive). Shortly after, dmesg prints: Jul 15 20:38:23 cathet re0: watchdog timeout Once the watchdog timeout message has been printed, the network becomes inaccessible. Usually followed by (variants of): Jul 15 20:40:17 cathet last message repeated 5 times The system continues being very slow and may even lock up (no response to mouse, caps lock led doesn't toggle, etc). Either way, I usually hold down the power button to reset at this point. ifconfig down/up doesn't stop the timeouts. OpenBSD 5.8-beta (GENERIC.MP) #1126: Sun Jul 5 18:43:48 MDT 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 34283859968 (32695MB) avail mem = 33240956928 (31701MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xec2b0 (89 entries) bios0: vendor American Megatrends Inc. version 2205 date 10/09/2014 bios0: ASUS All Series acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC FPDT SSDT SSDT SSDT MCFG HPET SSDT SSDT acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) UAR1(S4) PS2K(S4) PS2M(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, 3292.82 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, 3292.38 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, 3292.38 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, 3292.38 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 0, core 3, package 0 ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEG0) acpiprt2 at acpi0: bus -1 (PEG1) acpiprt3 at acpi0: bus -1 (PEG2) acpiprt4 at acpi0: bus 2 (RP01) acpiprt5 at acpi0: bus -1 (RP02) acpiprt6 at acpi0: bus 3 (RP03) acpiprt7 at acpi0: bus 4 (RP04) acpiprt8 at acpi0: bus -1 (RP05) acpiprt9 at acpi0: bus -1 (RP06) acpiprt10 at acpi0: bus -1 (RP07) acpiprt11 at acpi0: bus -1 (RP08) acpiec0 at acpi0: not present acpicpu0 at acpi0: C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu2 at acpi0: C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu3 at acpi0: C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: PG00, resource for PEG0 acpipwrres1 at acpi0: PG01, resource for PEG1 acpipwrres2 at acpi0: PG02, resource for PEG2 acpipwrres3 at acpi0: FN00, resource for FAN0 acpipwrres4 at acpi0: FN01, resource for FAN1 acpipwrres5 at acpi0: FN02, resource for FAN2 acpipwrres6 at acpi0: FN03, resource for FAN3 acpipwrres7
Re: usbhidctl(1) and usbhidaction(1)
Martin Pieuchot writes: On 07/05/15(Thu) 14:40, ludovic coues wrote: hello, I wanted to know if anyone get either usbhidctl(1) or usbhidaction(1) working and if so for which usage. If you're using any of these tools, please do not hesitate to explain how ;) Ludovic is currently working on our base USB tools as part of a GSoC, so any piece of information would be much appreciated. I use usbhidaction to activate the volume/mute keys on my USB keyboard. Consumer:Volume_Increment 1 mixerctl outputs.master=+8 mixerctl outputs.master.mute=off Consumer:Volume_Decrement 1 mixerctl outputs.master=-8 mixerctl outputs.master.mute=off Consumer:Mute 1 mixerctl outputs.master.mute=toggle -- Anthony J. Bentley
Re: null checks before free()
Hi Adam, Adam Wolk writes: So how should I interpret this in relation to the above commit messages? 1) double free is safe, no need for null checks 2) double free is detected by OpenBSD, no need for null checks we will kill your program 3) double free is unsafe, avoid double free I would like to think that (2) is true. Though reading the man page makes an initial impression (at least for me) that (3) is true and could lead to people following the rule of null checking before a free call? Should the man page be altered to discouraged the use of null checks before calls to free? Double free is absolutely unsafe. Null checks are unnecessary. I *think* you're assuming that freeing a pointer sets it to null. This is not the case. -- Anthony J. Bentley
Re: ffs and utf8
Joel Rees writes: You can even handle broken UTF-8 and unconverted UTF-16/32 of whatever byte order spit into the file name as a sequence of bytes if and only if you escape NUL, slash, and your escape character properly, restoring the escaped characters when putting the file names on the network. This is just asking for security issues. It's the same kind of thinking that caused the designers of Java to allow embedding NUL in strings as 0xc0 0x80, or CESU-8 where you can encode astral characters with surrogate pairs instead of just writing the character directly. The kinds of things that make people think Unicode is complex and prone to security issues, even though neither of them are allowed by the UTF-8 spec! Normalization alone does not know how to restore a potentially normalized name. It needs some sort of flag character that says this name was normalized, and a way to choose between de-normalized forms when more than one denormalized form maps to one particular normal form. Once you start stacking multiple accents this becomes unworkable. I haven't used Apple OSses since around 10.4, but Mac OS X was doing a thing where certain well-known directory names were aliased according to the current locale. For instance, the user's music directory was shown as 「音楽」 when the locale was set to ja_JP.UTF-8. IMO this is totally crazy behavior and unrelated to the Unicode issue. -- Anthony J. Bentley
Re: ffs and utf8
Joel Rees writes: 2014/12/03 22:23 Dmitrij D. Czarkoff czark...@gmail.com: First of all, I really don't believe that preservation of non-canonical form should be a consideration for any software. There is no particular canonical form for some kinds of software. Unix, in particular, happens to have file name limitations that are compatible with all versions of Unicode past 2.0, at least, in UTF-8, but it has no native encoding. To me, the current state of affairs--where filenames can contain anything and the same filename can and does get interpreted differently by different programs--feels extremely dangerous. Moving to a single, well-defined encoding for filenames would make things simpler and safer. Well, it might. That's why we're discussing this carefully, to figure out if something like this is actually workable. There are two kinds of features being discussed: 1) Unicode normalization. This is analogous to case insensitivity: multiple filenames map to the same (normalized) filename. 2) Disallowing particular characters. 1-31 and invalid UTF-8 sequences are popular examples. Maybe one is workable. Maybe both are, or neither. Say I have a hypothetical machine with the above two features (normalizing to NFC, disallowing 1-31/invalid UTF-8). Now I log into a typical Unix anything but \0 or / machine, via SFTP or whatever. What are the failure modes? The first kind is that I could type get x followed by get y, where x and y are canonically the same in Unicode but represented differently because they're not normalized on the remote host. I would expect this to work smoothly: first I download x to NFC(x), and then b overwrites it. The second kind is that I could type get z, where z contains an invalid character. How should my system handle this? Error as if I had asked for a filename that's too long? Come up with a new errno? I don't know, but in this hypothetical machine it should fail somehow. But creating new files is only part of the problem. If we still allow them in existing files, we lose all the security/robustness benefits and just annoy ourselves by adding restrictions with no point. So say I mount a filesystem containing the same files a, b, and c. What happens? - Fail to mount? (Simultaneously simplest, safest, and least useful) - Hide the files? (Seems potentially unsafe) - Try to escape the filenames? (Seems crazy) Is it currently possible to take a hex editor and add / to a filename (as opposed to a pathname) inside a disk image? If that's possible, how do systems currently deal with it? Because it's the same problem. FAT32 has both case insensitivity and disallowed characters. How well does OpenBSD handle those restrictions? If not optimally, then how can they be made better? If it already handles them with aplomb, then is it applicable to the above scenarios? -- Anthony J. Bentley
Re: ffs and utf8
Hi Ingo, Ingo Schwarze writes: While the article is old, the essence of what Schneier said here still stands, and it is not likely to fall in the future: https://www.schneier.com/crypto-gram-0007.html#9 The most interesting sentence here is: Unicode is just too complex to ever be secure. This is sort of valid, and it's why the only sane way to handle UTF-8 is to ignore the complexities and escape methods he alluded to. Codepoints should be represented with the shortest possible sequence. Surrogate pairs should not be encoded in UTF-8. Byte order marks should not exist in UTF-8. UTF-8 parsers should handle encoding errors in the same well-defined way: abort decoding on invalid sequence and retry starting with the second byte. I like how Plan 9 handled Unicode. Aside from inventing UTF-8--an encoding scheme that actually makes sense with C strings, unlike the disastrous designs-by-committee that were UCS-2 and UTF-16--they basically used it as just a way to have more than 256 characters. Most parts of Unicode proper, like collation or canonical equivalence, were simply dropped. Noncompliant? Sure, but it made things dramatically simpler. In other words, divorce UTF-8 the encoding from Unicode the standard. Homograph attacks are a real concern with any large character set. But: 1) I've been tricked by... well, not attacks, but simply badly written filenames with plain old ASCII: e instead of a, spaces instead of underscores, 0/O or l/I/1. It's easy to fool the human mind by feeding it something that sort of looks like what's expected. 2) Given that filenames can contain literally anything except / and \0, there are so many other attacks that enforcing valid UTF-8 in filenames would be a hypothetical improvement (not that I'm necessarily advocating doing that in OpenBSD). Spaces are bad enough. How many shell scripts handle *newlines* correctly? What about VT100 escape sequences? This whole thing is a security nightmare already. I happily use UTF-8 filenames on OpenBSD, and have done so for years. -- Anthony J. Bentley
Re: ffs and utf8
Ted Unangst writes: On Mon, Dec 01, 2014 at 12:43, Dmitrij D. Czarkoff wrote: Janne Johansson said: There is quite a bit of difference between changing the storage format and making some dates impossible that previously did work. Don't think so. Something got changed, things got broken and need to be fixed. The only real question is: is the change worth the trouble. I think it is, although unanimous negative reaction hints that I am probably missing something important. Fixing time_t did not suddenly make OpenBSD systems unable to communicate with other systems with other time_t sizes. It was an implementation detail, but the various protocols and formats that embed dates and times in them were not changed. Your proposed change changes an important protocol: the one that lets me save files I receive from others to my filesystem. When I can no longer save web pages or email attachments and send them back to the sender with the same name, you have broken the protocol. Should I be able to save web pages or email attachments with filenames containing newlines? How about backspaces? What about terminal escape sequences, or ASCII control codes? Yes, these have been possible in Unix since time immemorial. And the fact that to this day there's no way for me to sanitize them terrifies me. -- Anthony J. Bentley
Re: recommended input methods?
Hi Bryan, Bryan Linton writes: I can't speak for anything officially recommended, but for Japanese at least... (snip) As far as Spanish is concerned... (snip) I'd be interested in what other people use for the above tasks as well. For typing non-ASCII characters, I use a compose key (see Compose(5)). $ setxkbmap -option compose:ralt With XCompose you can remap your dead key sequences as much as you like too, since they're just extra compose keys. Works great for European languages with occasional accents as well as arbitrary UTF-8 symbols which I end up using very often. Multi_key comma c : ç Multi_key grave e : è Multi_key apostrophe e : é Multi_key asciicircum e : ê Multi_key quotedbl e : ë Multi_key asciitilde n : ñ Multi_key asterisk G : Γ Multi_key minus l : → Multi_key plus minus : ± And so on. Sadly, this isn't really suitable for a language like Japanese that really needs a true IME. yasuoka@ has suggested uim/anthy in the past (http://yasuoka.net/~yasuoka/openbsd-desktop.html), and I haven't seen anyone suggest an alternate method for Japanese input. It beats typing romaji into Google Translate. -- Anthony J. Bentley
X200 tablet doesn't work
I have a Lenovo X200 Tablet. The tablet and stylus work fine under Xubuntu but seem to have no effect under OpenBSD. I know a few people with working tablets apparently out of the box, so something seems wrong? dmesg and Xorg.0.log below... OpenBSD 5.5-current (GENERIC.MP) #247: Sun Jul 6 08:26:15 MDT 2014 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4168814592 (3975MB) avail mem = 4049063936 (3861MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (68 entries) bios0: vendor LENOVO version 7WET71WW (3.21 ) date 11/29/2012 bios0: LENOVO 7453AH3 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU L9400 @ 1.86GHz, 798.13 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges cpu0: apic clock running at 265MHz cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU L9400 @ 1.86GHz, 798.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,NXE,LONG,LAHF,PERF cpu1: 6MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS, resource for USB0, USB3, USB5, EHC0, EHC1 acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 104 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4658 serial 24837 type LION oem SANYO acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) cpu0: Enhanced SpeedStep 798 MHz: speeds: 1867, 1866, 1600, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1280x800 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured puc0 at pci0 dev 3 function 3 Intel GM45 KT rev 0x07: ports: 1 com com4 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo com4: probed fifo depth: 15 bytes em0 at pci0 dev 25 function 0 Intel ICH9 IGP M AMT rev 0x03: msi, address 00:1f:16:18:a5:cb uhci0 at pci0 dev 26 function 0 Intel 82801I USB rev 0x03: apic 1 int 20 uhci1 at pci0 dev 26 function 1 Intel 82801I USB rev 0x03: apic 1 int 21 uhci2 at pci0 dev 26 function 2 Intel 82801I USB rev 0x03: apic 1 int 22 ehci0 at pci0 dev 26 function 7 Intel 82801I USB rev 0x03: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 Intel 82801I HD Audio rev 0x03: msi azalia0: codecs: Conexant CX20561 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801I PCIE rev 0x03: msi pci1 at ppb0 bus 2 ppb1 at pci0 dev 28 function 1 Intel 82801I PCIE rev 0x03: msi pci2 at ppb1 bus 3 iwn0 at pci2 dev 0 function 0 Intel WiFi Link 5100 rev 0x00: msi, MIMO 1T2R, MoW, address 00:22:fa:98:44:8a ppb2 at pci0 dev 28 function 3 Intel 82801I PCIE rev 0x03: msi pci3 at ppb2 bus 5 uhci3 at pci0 dev 29 function 0 Intel 82801I USB rev 0x03: apic 1 int 16 uhci4 at pci0 dev 29 function 1 Intel 82801I USB rev 0x03: apic 1 int 17 uhci5 at pci0 dev 29 function 2 Intel 82801I USB rev 0x03: apic 1 int 18 ehci1 at pci0 dev 29 function 7 Intel 82801I USB rev 0x03: apic 1 int 19 usb1 at ehci1: USB revision 2.0 uhub1 at usb1 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0x93 pci4 at ppb3 bus 13 pcib0 at
Re: X200 tablet doesn't work
On 7/13/14, Anthony J. Bentley anth...@cathet.us wrote: [92.254] (--) checkDevMem: using aperture driver /dev/xf86 [92.281] (--) Using wscons driver on /dev/ttyC4 in pcvt compatibility mode (version 3.32) [92.353] X.Org X Server 1.15.1 Release Date: 2014-04-13 [92.353] X Protocol Version 11, Revision 0 [92.353] Build Operating System: OpenBSD 5.5 amd64 [92.353] Current Operating System: OpenBSD aspen.gateway.2wire.net 5.5 GENERIC.MP#247 amd64 [92.354] Build Date: 06 July 2014 07:48:42AM [92.354] [92.354] Current version of pixman: 0.32.4 [92.354] Bah, truncated... [92.254] (--) checkDevMem: using aperture driver /dev/xf86 [92.281] (--) Using wscons driver on /dev/ttyC4 in pcvt compatibility mode (version 3.32) [92.353] X.Org X Server 1.15.1 Release Date: 2014-04-13 [92.353] X Protocol Version 11, Revision 0 [92.353] Build Operating System: OpenBSD 5.5 amd64 [92.353] Current Operating System: OpenBSD aspen.gateway.2wire.net 5.5 GENERIC.MP#247 amd64 [92.354] Build Date: 06 July 2014 07:48:42AM [92.354] [92.354] Current version of pixman: 0.32.4 [92.354]Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. [92.354] Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. [92.355] (==) Log file: /var/log/Xorg.0.log, Time: Wed Jul 9 22:34:27 2014 [92.402] (==) Using system config directory /usr/X11R6/share/X11/xorg.conf.d [92.403] (==) No Layout section. Using the first Screen section. [92.403] (==) No screen section available. Using defaults. [92.403] (**) |--Screen Default Screen Section (0) [92.403] (**) | |--Monitor default monitor [92.404] (==) No monitor specified for screen Default Screen Section. Using a default monitor configuration. [92.404] (==) Disabling SIGIO handlers for input devices [92.404] (==) Automatically adding devices [92.405] (==) Automatically enabling devices [92.405] (==) Not automatically adding GPU devices [92.557] (==) FontPath set to: /usr/X11R6/lib/X11/fonts/misc/, /usr/X11R6/lib/X11/fonts/TTF/, /usr/X11R6/lib/X11/fonts/OTF/, /usr/X11R6/lib/X11/fonts/Type1/, /usr/X11R6/lib/X11/fonts/100dpi/, /usr/X11R6/lib/X11/fonts/75dpi/ [92.557] (==) ModulePath set to /usr/X11R6/lib/modules [92.557] (II) The server relies on wscons to provide the list of input devices. If no devices become available, reconfigure wscons or disable AutoAddDevices. [92.569] (II) Loader magic: 0x12d16ef07500 [92.569] (II) Module ABI versions: [92.569]X.Org ANSI C Emulation: 0.4 [92.569]X.Org Video Driver: 15.0 [92.569]X.Org XInput driver : 20.0 [92.569]X.Org Server Extension : 8.0 [92.572] (--) PCI:*(0:0:2:0) 8086:2a42:17aa:20e4 rev 7, Mem @ 0xf200/4194304, 0xd000/268435456, I/O @ 0x1800/8 [92.572] (--) PCI: (0:0:2:1) 8086:2a43:17aa:20e4 rev 7, Mem @ 0xf240/1048576 [92.572] Initializing built-in extension Generic Event Extension [92.572] Initializing built-in extension SHAPE [92.572] Initializing built-in extension MIT-SHM [92.572] Initializing built-in extension XInputExtension [92.573] Initializing built-in extension XTEST [92.573] Initializing built-in extension BIG-REQUESTS [92.573] Initializing built-in extension SYNC [92.573] Initializing built-in extension XKEYBOARD [92.573] Initializing built-in extension XC-MISC [92.573] Initializing built-in extension SECURITY [92.573] Initializing built-in extension XINERAMA [92.573] Initializing built-in extension XFIXES [92.573] Initializing built-in extension RENDER [92.573] Initializing built-in extension RANDR [92.573] Initializing built-in extension COMPOSITE [92.573] Initializing built-in extension DAMAGE [92.573] Initializing built-in extension MIT-SCREEN-SAVER [92.574] Initializing built-in extension DOUBLE-BUFFER [92.574] Initializing built-in extension RECORD [92.574] Initializing built-in extension DPMS [92.574] Initializing built-in extension Present [92.574] Initializing built-in extension X-Resource [92.574] Initializing built-in extension XVideo [92.574] Initializing built-in extension XVideo-MotionCompensation [92.574] Initializing built-in extension XFree86-VidModeExtension [92.574] Initializing built-in extension XFree86-DGA [92.574] Initializing built-in extension XFree86-DRI [92.574] Initializing built-in extension DRI2 [92.574] (II) LoadModule: glx [92.610] (II) Loading /usr/X11R6/lib/modules/extensions/libglx.so [92.630] (II) Module glx: vendor=X.Org Foundation [92.630]compiled for 1.15.1, module version = 1.0.0 [92.630]ABI
Re: ksh (vi mode): discard line after editing with fc?
Alessandro DE LAURENZIS writes: Hello, I'm wondering how I could discard (not execute) a line after having loaded it into vi (fc -e vi, or v for brevity in vi-mode). :wq, :q, :q! - all of them execute the line. I'm feeling really stupid... The file initially contains the original line. So quitting without saving means the contents of the file, the original line, get executed. I just ddZZ when I activate the editor by accident. It would be nice to have unchanged file cancel the command. That's the behavior that VCSes have trained me to expect. But since bash behaves the same as ksh here, it might be difficult to justify changing it. -- Anthony J. Bentley
Re: OpenBSD site SSL
John Darrah writes: Hi. Would it be possible to get SSL on the OpenBSD website(s)? It would be just a couple lines to change in nginx.conf/httpd.conf. SSL certificates are free from Startcom and cheap from other vendors. It would be really nice to have, even if it's not the default. I feel naked viewing the site over plain http. Thanks. If you want encrypted access to the OpenBSD web site, do a CVS checkout and view it locally...
Re: mailx : mime handling?
Predrag Punosevac writes: hru...@gmail.com wrote: Predrag Punosevac punoseva...@gmail.com wrote: On 2013-09-26 Thu 10:15 AM |, Roberto E. Vargas Caballero wrote: I use mutt basically because it has threading support, and I cannot live without it. NetBSD version of mailx does support threading as well http://netbsd.gw.com/cgi-bin/man-cgi?mailx++NetBSD-current and it does have the right license :) Cheers, Predrag Heirloom mailx also supports threads and has BSD license. Who wants such an mailx, can install the port. If you make from OpenBSD mailx a mailx similar to heirloom mailx, then there will be no small mail client anymore. I would suggest that you compare man pages for Heirloom mailx and NetBSD version of mailx. Heirloom mailx does so much more than attachments and threading. It is still the smallest fully featured MUA in existance. To be frank with you I was checking your claim about Heriloom license. Makefile has indeed this line #BSD I would sware that it was custom license but you might be actually right on that one. I was wondering if William Yodlowsky can confirm licensing. If we're talking about s-nail, yes, it is BSD-licensed. cd /usr/ports/mail/s-nail make extract then look at the individual source files under WRKOBJDIR. Of course, there are several small bits (MD5, etc) that are external contributions. -- Anthony J. Bentley
Re: update my box and Cinnamon avaible
Brett Mahar writes: On 09/22/13 22:03, Roelof Wobben wrote: 2) Is a new version of Cinnamon avaible for OpenBSD and if so, how can I install it. The easiest way to find out what is available is by looking at http://openports.se/ The x11 page shows the window managers which have been ported to openbsd. Just a note... OpenPorts is a third-party service that manually parses the ports tree to extract information, and as a result it sometimes gets stuff wrong. See http://marc.info/?l=openbsd-portsm=137063135316700w=2 There are some tools in the ports tree, like ports-readmes, that fulfill the same purpose but make use of the infrastructure to do a better job. http://ports.su/ is based on this. -- Anthony J. Bentley
Re: Man page that explains the file format of man pages?
Evan Root writes: Hello Misc, I tried man 5 man for an explanation of the synopsis section of the man page and it says there isn't a manual for the file format conventions of manual pages. Sometimes I have difficulty with the syntax of the synopsis sections, is there a document I can refer to? OpenBSD manuals are written in the mdoc macro language. There is a page describing it, in section 7 (not 5). It is mentioned in the SEE ALSO section of man(1). man 7 mdoc There is also a man(7) page, describing the older man macros, but these are not used for new manuals in OpenBSD. mdoc has the advantage of being a semantic format, unlike the old man language where the commands mostly change only the presentation. -- Anthony J. Bentley
Re: Seeking GUI refuge
Hi Patrick, Patrick Mc(avery writes: Hi Jan I just tried the fvwm from my linux distro repos. It's pretty nice. I could always compile the GPL version from source on OpenBSD, i will give it a shot. You don't need to compile from source to use the newer fvwm. Just install the fvwm2 package.
Re: up/down in pdksh-history with set -o vi
Stefan Olsson writes: Hello, I suspect my problem is not entirely OpenBSD-related but more to do with pdksh and keybindings. I usually do set -o vi in my .profile. In bash on OS/X it then works to go up and down in history with both j+k or up+down-keys. If I ssh to a OpenBSD host from my Mac, I can NOT use up+down in the shell (ksh), but it works fine in less or vi. It even works fine with up+down keys in bash on OpenBSD - so what do I need to do in ksh to make up+down-keys work (apart from doing set -o emacs)?? sturban@LassoLouise:~ $ bind | egrep prefix-2|up-history|down-history ^N = down-history ^P = up-history ^X = prefix-2 ^[O = prefix-2 ^[[ = prefix-2 ^XA = up-history ^XB = down-history - TERM=xterm-256color And yes, I have read this message already: http://www.mail-archive.com/misc@openbsd.org/msg81796.html I guess it's a bug. See: http://marc.info/?l=openbsd-miscm=135757054604300w=2
Re: Strange ksh history behaviour
Stefan Sperling writes: On Mon, Jan 07, 2013 at 02:09:01PM +0100, Lars von den Driesch wrote: However, I like vim and as soon as I set the EDITOR env variable to it the arrow up/down functionality is gone. In fact even if EDITOR is set with export EDITOR= the functionality is gone. Commands typed in still appear in the history using fc -l. I just cannot use the arrow-keys. What am I missing here? Can someone confirm this? It's a silly ksh misfeature. ksh switches to vi editing mode as soon as vi is set as an editor. Well, that's one part of the problem. The other issue is that arrow keys don't work in vi mode even though they probably should.
Re: BSD licensed gnupg replacement question
Reyk Floeter writes: On Thu, Dec 6, 2012 at 8:36 PM, Dustin Fechner d...@hush.com wrote: On 12/06/2012 08:10 PM, Maximo Pech wrote: that there isn't a single production ready, gnupg-like, BSD licensed tool out there (I don't have the skills and time to program one myself). NetBSD has netpgp, which is BSD licensed: https://en.wikipedia.org/wiki/Netpgp Actually, did anyone on this list ever have a deeper look at it or compared it with GNUPG? http://marc.info/?l=openbsd-portsm=13538616225w=2
Re: Bitcoin client for OpenBSD?
Anonymous writes: Is there a bitcoin client for OpenBSD or is anyone porting one? pstumpf@ posted one to ports@ a few months back: http://marc.info/?l=openbsd-portsm=133804045927036w=2 Haven't heard of any updates since then.
Re: OpenBSD 5.1 Raid 10
Matt Morrow writes: I cannot find anything anywhere to indicate whether softraid supports raid 10, and if so, how it is done. Can anyone shed any light? I'm working with 4 disks. I want to stripe the first 2, and mirror on the second set. The softraid(4) man page lists which softraid disciplines are supported.
Re: !!!!
Jérémie Courrèges-Anglas writes: Kevin Chadwick ma1l1i...@yahoo.co.uk writes: [...] Another issue may be that isn't gpg GNU/GPL and can't be in base. That's only a detail regarding the whole problem, but there is netpgp[1], for which there is no port yet. [1] http://blog.netbsd.org/tnf/entry/netpgp netpgp requires serious auditing before it should be considered even for ports. The code is full of buffer overflows and double frees. (Interesting note: upstream never noticed them, because although they're a problem on any system, they only crash on OpenBSD due to our strict memory checks. Proactive security made these bugs visible immediately.) If anyone's interested in working on it, there is a port in progress in the openbsd-wip ports repo... https://github.com/jasperla/openbsd-wip/tree/master/security/netpgp
Re: Signatures for distribution sets and packages?
johnw writes: Just a curious, why openbsd do not support scp/sftp to download packages, like the anoncvs does? pkg_add does support scp for downloading packages, though there aren't any mirrors that use it. See pkg_add(1): Each package name may be specified as a filename (which normally consists of the package name itself plus the ``.tgz'' suffix) or a URL referring to FTP, HTTP, HTTPS, or SCP locations. The following examples are valid: pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/i386/m4-1.4.tgz pkg_add -v scp://login@host/usr/ports/packages/sparc/all/tcl-8.4.7.tgz -- Anthony J. Bentley
Re: man page contents [was: Re: C******.org]
Eric Oyen writes: h. that may be another method of viewing a man page, converting it to a text based PDF. that is something to consider. mandoc supports PDF output as well. For example, with the following command: mandoc -Tpdf /usr/share/man/man1/ls.1 /tmp/ls.pdf
Re: mojibake
ropers writes: This diff fixes things: --- bsdcan11-mandoc-openbsd.html 2012-06-30 22:18:52.0 +0200 +++ bsdcan11-mandoc-openbsd.html.newentities 2012-06-30 22:34:58.0 +0200 @@ -13,7 +13,7 @@ pa href=http://www.flickr.com/photos/tomkoadam/4778126822/;img src=http://farm5.static.flickr.com/4115/4778126822_555b453a1e.jpg;/a/p -pCsiko - Foal. - Photo: Adam Tomko @flickr (CC)/p +pCsikoacute; - Foal. - Photo: Adam Tomkoacute; @flickr (CC)/p HR PIngo Schwarze: Mandoc in OpenBSD - page 2: INTRO I - @@ -725,7 +725,7 @@ HR PIngo Schwarze: Mandoc in OpenBSD - page 22: RECURRING II - BSDCan 2011, May 13, Ottawa/P -H1Bogue deja vue:/H1 +H1Bogue deacute;jagrave; vue:/H1 H2Collecting regression tests./H2 UL LISlow start in 2009: That's it. That's all. The advantage of using pure ASCII plus HTML escapes in a page is that it displays the correct content regardless of declared character encoding. The disadvantage is that it means adding escapes *everywhere*. Can you imagine writing http://www.openbsd.org/cs/ in anything but native UTF-8? At some point we have to pick an encoding and stick with it. So again, the complaint was that there was mojibake gibberish in Ingo's presentation, because the character encoding isn't specified but defaults to UTF-8 in modern browsers, while the page is actually iso-8859-1 encoded. Actually, modern browsers do not default to a particular encoding (in fact, this violates the HTML standard). Instead, they attempt to autodetect the charset. Sometimes this works, and sometimes it doesn't -- I've seen UTF-8 pages incorrectly detected as ISO-8859-1, and in particularly bad cases, vice versa. There were many objection to a simple addition of HEADMETA http-equiv=Content-Type content=text/html; charset=iso-8859-1 /HEAD/ as a fix. Yes, this is pretty ugly. But the only alternative is using one encoding everywhere and setting the appropriate HTTP header instead of an HTML meta tag. Actually, that's not a bad idea, but it means using UTF-8 on all pages, since that's the only encoding that can handle the different translations on the OpenBSD website. It would also require removing or altering meta tags on all pages (but considering the alternative is *adding* meta tags to all pages...). But then I thought, what about browsers that don't support UTF-8 yet; this is going to break things for them. I challenge you to find a single browser in ports that doesn't. IE6 supports UTF-8 properly. Even Lynx works fine when the user has a UTF-8 locale. (And ISO-8859-* are also locale-dependent, so this is not any worse.) So, in summary, the options are: Use HTML escapes everywhere. IMO, highly impractical. Use any encoding you wish, and set a meta tag when appropriate. This is basically what we have now. (The front pages of /, /de/, /fr/ all use ISO-8859-1; /cs/ uses UTF-8; /lt/ uses ISO-8859-13.) Use UTF-8 everywhere, and enforce this either with an HTTP header or meta tags. -- Anthony J. Bentley
Re: mojibake
Dave Anderson writes: So, in summary, the options are: Use HTML escapes everywhere. IMO, highly impractical. Use any encoding you wish, and set a meta tag when appropriate. This is basically what we have now. (The front pages of /, /de/, /fr/ all use ISO-8859-1; /cs/ uses UTF-8; /lt/ uses ISO-8859-13.) Use UTF-8 everywhere, and enforce this either with an HTTP header or meta tags. You missed one: use any encoding you wish, and configure the server to send the proper charset value in the real headers (by encoding the appropriate charset info in the file-name extension). I was limiting the options to those that can be easily mirrored. All of those are basically server-agnostic; yours is not. And I can't imagine a situation when you'd ever want to do that anyway--sticking to one encoding is much simpler and saner. -- Anthony J. Bentley
Re: OpenBSD's webpage desing
frantisek holop writes: For dynamic content it's even simpler -- the program producing the content should also provide the corresponding header information. and it does so inside the head of the page. a perfectly normal and accepted practice. btw. a content-type meta tag is _mandatory_ in most doctype's. go on, leave it out, cause it's ugly Not a single doctype requires a meta content-type tag. Although it's good practice to include one for servers that don't specify a charset in HTTP, the fact is that if for any reason the server specifies a different charset, it will override the one in the meta tag. This is historical practice (and probably correct according to RFC) and will never change.
Re: Portable version of cwm(1)?
Aaron W. Hsu writes: Has anyone done a portable version of cwm(1) from the OpenBSD tree? I just made an attempt, and it was pretty straightforward, but if someone has made a more serious attempt I would prefer to consider that. Christian Neukirchen has one, and plans to keep it in sync with every OpenBSD release: http://chneukirchen.org/releases/
Re: llround(), round() broken?
russell writes: $man math DESCRIPTION These functions constitute the C math library, libm. The link editor searches this library under the ``-lm'' option. Declarations for these functions may be obtained from the include file math.h. That manpage was removed from base 11 months ago.
Re: llround(), round() broken?
Alan Corey writes: They probably aren't broken, looks like I need to link in some library. I get undefined reference to when I try to compile/link. Shouldn't this be mentioned in the man page? FreeBSD has a Library section in its man page: LIBRARY Math Library (libm, -lm) I recall reading on the mandoc mailing lists that OpenBSD man pages do not contain this section, but I don't know why that is. -- Anthony J. Bentley
Re: 5.0 - 5.1 Touchpad mouse tap now ignored
F Bax writes: I upgraded from 5.0 to 5.1 yesterday; everything looks good except that tap of touchpad is ignored. It used to act the same as left click. dmesg follows... Are there any suggestions what files I should be looking at? The synclient(1) or synaptics(4) manpages might be what you're looking for. -- Anthony J. Bentley
Re: using xmodmap to make Caps Lock a control key: worked = 4.9, broken in 5.0
Hi Jonathan, On Tue, Nov 8, 2011 at 1:49 PM, Jonathan Thornburg jth...@astro.indiana.edu wrote: to make the Caps Lock key be a(nother) control key. B For OpenBSD 4.9 and earlier (on both this and other laptops), this worked fine. B But as of my newly-installed 5.0-release, this seems to be a no-op: Caps Lock stays a caps-lock key. You can just run setxkbmap -option ctrl:swapcaps. -- Anthony J. Bentley
Re: Loongson -- is it actually encumbered now?
Hi Daniel, On Fri, Sep 9, 2011 at 12:59 PM, Daniel Villarreal yclwebmas...@gmail.com wrote: Is any computing platform entirely free ? Is any computer processor perfect ? Several years ago Sun released the Verilog source for the hardware designs of the UltraSPARC T1 and T2 CPUs under the GPL[1]. But you will be hard-pressed to find a free FPGA or ASIC platform to run said designs on. The world of digital hardware is even more proprietary and locked-down than most software developers can imagine. [1] http://www.opensparc.net/ -- Anthony J. Bentley
Re: Does anybody use deroff(1)?
Hi Kristaps, On Thu, Sep 1, 2011 at 5:25 PM, Kristaps Dzonsons krist...@bsd.lv wrote: I'm curious---does anybody use deroff(1)? B And if so, for what? B I'm only interested in contemporary uses unless you have some awesome stories. B I guesss I'm curious if it has any particular utility other than deroff | spell. B (Does anybody use spell(1), for that matter?) I do use troff, and hence deroff | spell, for class papers (provided no collaboration is needed, else I use TeX). Nothing special. Actually, I have been meaning to write a mdoc-like macro set useful for paper writing, because I find myself missing its rules for punctuation and such when using -me... Currently I use base OpenBSD spell very often, but it doesn't work with high-bit characters. Haven't gotten around to looking at alternatives yet. Also, your demandoc(1) looks great, and it fixes some real issues I have encountered with deroff(1). -- Anthony J. Bentley
Re: Outdated example in smtpd.conf(5)
Scratch that, I did not read smtpd(8) carefully enough. Sorry for the noise. On Sun, May 1, 2011 at 7:23 PM, Anthony J. Bentley anthonyjbent...@gmail.com wrote: I recently upgraded to a snapshot and tried to set up smtpd. But the first example in the smtpd.conf(5) manpage fails with a usage error: # makemap /etc/mail/secrets Usage: makemap [-C cffile] [-N] [-c cachesize] [-D commentchar] B B B B B B B [-d] [-e] [-f] [-l] [-o] [-r] [-s] [-t delimiter] B B B B B B B [-u] [-v] type mapname What is the correct way to perform this step? Should the manpage be updated? -- Anthony J. Bentley
Outdated example in smtpd.conf(5)
I recently upgraded to a snapshot and tried to set up smtpd. But the first example in the smtpd.conf(5) manpage fails with a usage error: # makemap /etc/mail/secrets Usage: makemap [-C cffile] [-N] [-c cachesize] [-D commentchar] [-d] [-e] [-f] [-l] [-o] [-r] [-s] [-t delimiter] [-u] [-v] type mapname What is the correct way to perform this step? Should the manpage be updated? -- Anthony J. Bentley
Re: Webcam detected as uaudio(4) device
Hi Jacob, uaudio0 at uhub1 port 1 configuration 1 interface 1 Logitech Camera rev 2.0 0/1.00 addr 2 uaudio0: audio descriptors make no sense, error=4 ugen0 at uhub1 port 1 configuration 1 Logitech Camera rev 2.00/1.00 addr 2 Should it should be connecting to uvideo(4) instead? usbdevs -v: you need to look at the descriptors. usbctl from the usbutil package. Controller /dev/usb0: port 5 addr 4: high speed, power 500 mA, config 1, BisonCam, NB Pro(0x0203 ), Bison Electronics Inc.(0x5986), rev 3.08 usbctl -f /dev/usb0 -a 4 Here is the output of usbctl -f /dev/usb1 -a 2. (The BisonCam is a different built-in webcam that works.) Someone pointed out that the Logitech may have a microphone built in that makes it come up as uaudio. But even then it doesn't work--comes up as /dev/uaudio0 in the log, but ls /dev/uaudio0 says it doesn't exist. DEVICE addr 2 DEVICE descriptor: bLength=18 bDescriptorType=device(1) bcdUSB=2.00 bDeviceClass=255 bDeviceSubClass=255 bDeviceProtocol=255 bMaxPacketSize=8 idVendor=0x046d idProduct=0x08f5 bcdDevice=100 iManufacturer=0() iProduct=1(Camera) iSerialNumber=0() bNumConfigurations=1 CONFIGURATION descriptor 0: bLength=9 bDescriptorType=config(2) wTotalLength=173 bNumInterface=3 bConfigurationValue=1 iConfiguration=0() bmAttributes=80 bMaxPower=100 mA INTERFACE descriptor 0: bLength=9 bDescriptorType=interface(4) bInterfaceNumber=0 bAlternateSetting=0 bNumEndpoints=2 bInterfaceClass=255 bInterfaceSubClass=255 bInterfaceProtocol=255 iInterface=0() ENDPOINT descriptor: bLength=7 bDescriptorType=endpoint(5) bEndpointAddress=1-in bmAttributes=isochronous wMaxPacketSize=0 bInterval=1 ENDPOINT descriptor: bLength=7 bDescriptorType=endpoint(5) bEndpointAddress=2-in bmAttributes=interrupt wMaxPacketSize=1 bInterval=16 INTERFACE descriptor 1: bLength=9 bDescriptorType=interface(4) bInterfaceNumber=0 bAlternateSetting=1 bNumEndpoints=2 bInterfaceClass=255 bInterfaceSubClass=255 bInterfaceProtocol=255 iInterface=0() ENDPOINT descriptor: bLength=7 bDescriptorType=endpoint(5) bEndpointAddress=1-in bmAttributes=isochronous wMaxPacketSize=1023 bInterval=1 ENDPOINT descriptor: bLength=7 bDescriptorType=endpoint(5) bEndpointAddress=2-in bmAttributes=interrupt wMaxPacketSize=1 bInterval=16 INTERFACE descriptor 2: bLength=9 bDescriptorType=interface(4) bInterfaceNumber=1 bAlternateSetting=0 bNumEndpoints=0 bInterfaceClass=1 bInterfaceSubClass=1 bInterfaceProtocol=0 iInterface=0() AC interface descriptor bLength=9 bDescriptorType=cs_interface(36) bDescriptorSubtype=header(1) bcdADC=2.00 wTotalLength=39 bInCollection=1 baInterfaceNr[0]=2 AC unit descriptor Input terminal descriptor bLength=12 bDescriptorType=cs_interface(36) bDescriptorSubtype=2 bTerminalId=1 wTerminalType=513 bAssocTerminal=0 bNrChannels=1 wChannelConfig= iChannelNames=0 iTerminal=0 AC unit descriptor Feature unit descriptor bLength=9 bDescriptorType=cs_interface(36) bDescriptorSubtype=6 bUnitId=2 bSourceId=1 bControlSize=2 bmaControls[0]=0043 AC unit descriptor Output terminal descriptor bLength=9 bDescriptorType=cs_interface(36) bDescriptorSubtype=3 bTerminalId=3 wTerminalType=257 bAssocTerminal=0 bSourceId=2 iTerminal=0 INTERFACE descriptor 3: bLength=9 bDescriptorType=interface(4) bInterfaceNumber=2 bAlternateSetting=0 bNumEndpoints=1 bInterfaceClass=1 bInterfaceSubClass=2 bInterfaceProtocol=0 iInterface=0() ENDPOINT descriptor: bLength=9 bDescriptorType=endpoint(5) bEndpointAddress=3-in bmAttributes=isochronous wMaxPacketSize=0 bInterval=1 INTERFACE descriptor 4: bLength=9 bDescriptorType=interface(4) bInterfaceNumber=2 bAlternateSetting=1 bNumEndpoints=1 bInterfaceClass=1 bInterfaceSubClass=2 bInterfaceProtocol=0 iInterface=0() bLength=7 bDescriptorType=cs_interface(36) bDescriptorSubtype=as_general(1) bTerminalLink=3 bDelay=1 wFormatTag=1 bLength=20 bDescriptorType=cs_interface(36) bDescriptorSubtype=format_type(2) bFormatType=1 bNrChannels=1 bSubFrameSize=2 bBitResolution=16 bSamFreqType=4 tSamFreq[0]=8000 tSamFreq[1]=11025 tSamFreq[2]=16000 tSamFreq[3]=22050 ENDPOINT descriptor: bLength=9 bDescriptorType=endpoint(5) bEndpointAddress=3-in bmAttributes=isochronous wMaxPacketSize=52 bInterval=1 bLength=7 bDescriptorType=cs_endpoint(37) bDescriptorSubtype=as_general(1) bmAttributes=1 bLockDelayUnits=0 wLockDelay=0 current configuration 1 --
Webcam detected as uaudio(4) device
Hi, I have a USB webcam. No model number on the cam, but looks to be a Logitech QuickCam Communicate STX. When I plug it in, I get this: uaudio0 at uhub1 port 1 configuration 1 interface 1 Logitech Camera rev 2.00/1.00 addr 2 uaudio0: audio descriptors make no sense, error=4 ugen0 at uhub1 port 1 configuration 1 Logitech Camera rev 2.00/1.00 addr 2 Should it should be connecting to uvideo(4) instead? usbdevs -v: Controller /dev/usb0: addr 1: high speed, self powered, config 1, EHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered port 3 addr 3: high speed, power 500 mA, config 1, USB2.0 WLAN(0x1002), ATHER(0x0cf3), rev 1.06, iSerialNumber 12345 port 4 powered port 5 addr 4: high speed, power 500 mA, config 1, BisonCam, NB Pro(0x0203), Bison Electronics Inc.(0x5986), rev 3.08 port 6 addr 2: high speed, power 500 mA, config 1, USB2.0-CRW(0x0158), Generic(0x0bda), rev 58.87, iSerialNumber 2007111417340 port 7 powered port 8 powered Controller /dev/usb1: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 addr 2: full speed, power 100 mA, config 1, Camera(0x08f5), Logitech(0x046d), rev 1.00 port 2 powered Controller /dev/usb2: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb3: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb4: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered OpenBSD 4.9-beta (GENERIC.MP) #767: Sat Jan 29 10:01:32 MST 2011 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE real mem = 1062502400 (1013MB) avail mem = 1034964992 (987MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/08/08, SMBIOS rev. 2.4 @ 0x3f607010 (45 entries) bios0: vendor American Megatrends Inc. version 4.6.3 date 02/23/2009 bios0: MICRO-STAR INTERNATIONAL CO., LTD MS-N033 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP APIC SSDT SSDT SSDT acpi0: wakeup devices P0P2(S4) PEGP(S4) USB0(S1) USB1(S1) USB2(S1) USB3(S1) EHCI(S1) MC97(S4) P0P1(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P2) acpiprt2 at acpi0: bus 1 (P0P4) acpiprt3 at acpi0: bus -1 (P0P5) acpiprt4 at acpi0: bus 2 (P0P6) acpiprt5 at acpi0: bus -1 (P0P7) acpiprt6 at acpi0: bus -1 (P0P8) acpiprt7 at acpi0: bus -1 (P0P9) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature 100 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model MS-N033 serial type LION oem MSI Corp. acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB acpivideo0 at acpi0: IGD_ acpivout0 at acpivideo0: CRT_ acpivout1 at acpivideo0: LCD_ bios0: ROM list: 0xc/0xea00! 0xcf000/0x1000 cpu0: Enhanced SpeedStep 1667 MHz: speeds: 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xc000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 11) drm0 at inteldrm0 Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 2 int 16 (irq 11) azalia0: codecs: Realtek ALC888 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 2 int 16 (irq 11) pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102E (0x3480), apic 2 int 16 (irq 11), address 00:24:21:62:f5:5d rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1 ppb1 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 2 int 18 (irq 10) pci2 at ppb1 bus 2 Realtek 8187SE rev 0x22 at pci2 dev 0 function 0 not configured uhci0 at pci0 dev 29 function 0 Intel 82801GB USB
Re: Mounting NTFS, Invalid argument
On Mon, Mar 07, 2011 at 07:57:56AM +0100, Otto Moerbeek wrote: NTFS support is not enabled in the GENERIC kernel. Oops, I may be wrong. It is enabled on recent i386 and amd64 kernels. But since you neglect to give us a dmesg, we cannot tell if it is actually enable on your machine. That's true. Mitigating that now... I am running a 4.9 snapshot. OpenBSD 4.9-beta (GENERIC.MP) #767: Sat Jan 29 10:01:32 MST 2011 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE real mem = 1062502400 (1013MB) avail mem = 1034964992 (987MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/08/08, SMBIOS rev. 2.4 @ 0x3f607010 (45 entries) bios0: vendor American Megatrends Inc. version 4.6.3 date 02/23/2009 bios0: MICRO-STAR INTERNATIONAL CO., LTD MS-N033 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP APIC SSDT SSDT SSDT acpi0: wakeup devices P0P2(S4) PEGP(S4) USB0(S1) USB1(S1) USB2(S1) USB3(S1) EHCI(S1) MC97(S4) P0P1(S4) P0P4(S4) P0P5(S4) P0P6(S4) P0P7(S4) P0P8(S4) P0P9(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 166MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (P0P2) acpiprt2 at acpi0: bus 1 (P0P4) acpiprt3 at acpi0: bus -1 (P0P5) acpiprt4 at acpi0: bus 2 (P0P6) acpiprt5 at acpi0: bus -1 (P0P7) acpiprt6 at acpi0: bus -1 (P0P8) acpiprt7 at acpi0: bus -1 (P0P9) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpitz0 at acpi0: critical temperature 100 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model MS-N033 serial type LION oem MSI Corp. acpibtn0 at acpi0: LID0 acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB acpivideo0 at acpi0: IGD_ acpivout0 at acpivideo0: CRT_ acpivout1 at acpivideo0: LCD_ bios0: ROM list: 0xc/0xea00! 0xcf000/0x1000 cpu0: Enhanced SpeedStep 1667 MHz: speeds: 1333, 1067, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xc000, size 0x1000 inteldrm0 at vga1: apic 2 int 16 (irq 11) drm0 at inteldrm0 Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: apic 2 int 16 (irq 11) azalia0: codecs: Realtek ALC888 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 2 int 16 (irq 11) pci1 at ppb0 bus 1 re0 at pci1 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102E (0x3480), apic 2 int 16 (irq 11), address 00:24:21:62:f5:5d rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1 ppb1 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 2 int 18 (irq 10) pci2 at ppb1 bus 2 Realtek 8187SE rev 0x22 at pci2 dev 0 function 0 not configured uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 2 int 23 (irq 5) uhci1 at pci0 dev 29 function 1 Intel 82801GB USB rev 0x02: apic 2 int 19 (irq 3) uhci2 at pci0 dev 29 function 2 Intel 82801GB USB rev 0x02: apic 2 int 18 (irq 10) uhci3 at pci0 dev 29 function 3 Intel 82801GB USB rev 0x02: apic 2 int 16 (irq 11) ehci0 at pci0 dev 29 function 7 Intel 82801GB USB rev 0x02: apic 2 int 23 (irq 5) usb0 at ehci0: USB revision 2.0 uhub0 at usb0 Intel EHCI root hub rev 2.00/1.00 addr 1 ppb2 at pci0 dev 30 function 0 Intel 82801BAM Hub-to-PCI rev 0xe2 pci3 at ppb2 bus 3 ichpcib0 at pci0 dev 31 function 0 Intel 82801GBM LPC rev 0x02: PM disabled pciide0 at pci0 dev 31 function 2 Intel 82801GBM SATA rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: WDC WD1600BEVT-22ZCT0 wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6 usb1 at uhci0: USB revision 1.0 uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1 usb4 at uhci3: USB revision 1.0 uhub4 at usb4 Intel UHCI root hub rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at
Mounting NTFS, Invalid argument
Hi, When I attempt to mount a NTFS-formatted external drive, it fails: # mount -t ntfs /dev/sd2i /media/usb/ mount_ntfs: /dev/sd2i on /media/usb: Invalid argument There is a note about this under BUGS in mount_ntfs(8): If the attempt to mount NTFS gives you an error like this: # mount -t ntfs /dev/wd0k /mnt mount_ntfs: /dev/wd0k on /mnt: Invalid argument make sure that the appropriate partition has the correct entry in the disk label, particularly that the partition offset is correct. If the NTFS partition is the first partition on the disk, the offset should be '63' (see disklabel(8)). However, disklabel already says 63 for the argument, so this seems not to apply. Also, the size entry matches fdisk output and the type is (obviously) NTFS. Any ideas of what to debug? Is this a PEBKAC? fdisk: Disk: sd2 geometry: 14593/255/63 [234441648 Sectors] Offset: 0 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 07 0 1 1 - 14592 254 63 [ 63: 234436482 ] NTFS 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused disklabel: # /dev/rsd2c: type: SCSI disk: SCSI disk label: HM121HC duid: flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 14593 total sectors: 234441648 boundstart: 0 boundend: 234441648 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] c:2344416480 unused i:234436482 63NTFS
Re: change cwm screensaver?
Hi Michael, Is there a way to easily change the cwm screensaver? It's not in the man pages or the archives. (Daft, I know. And petty.) from cwmrc(5): The name entries term and lock have a special meaning. They point to the terminal and screen locking programs specified by keybindings. The defaults are xterm(1) and xlock(1), respectively. -- Anthony J. Bentley
Re: test for installed status of package, ports questions
Hi Travis, On Mon, Jan 31, 2011 at 12:29 PM, tra...@subspacefield.org wrote: Currently I install some packages, but that's a bit of a time-waster in that it will reinstall. B Is there a way I can test for whether a package has been installed already, given only the package name, and not necessarily the executable name (if there is one)? B I tried pkg_info and the exit code is zero even if the package isn't installed. Try pkg_info | grep pkgname. Also, I've noticed that if I don't have X11 installed, I can't seem to install certain packages (such as subversion) and certain ports (EMACS, and even if I set FLAVOR=no_x11). B What's up with that? Covered in the FAQ: http://www.openbsd.org/faq/faq4.html#FilesNeededX -- Anthony J. Bentley
Re: indent style(9)
Hi Gregory, Just wondering, which settings for indent correspond to style(9)? I have had good luck with these: -bap -br -ce -ci4 -cli0 -d0 -di0 -i8 -ip -l79 -nbc -ncdb -ndj -ei -nfc1 -nlp -npcs -psl -sc -sob I believe I got these from a NetBSD mailing list. Maybe someone interested should try making a -knf switch? -- Anthony J. Bentley
Re: indent style(9)
Hi Gregory, Just wondering, which settings for indent correspond to style(9)? I have had good luck with these: ... I believe I got these from a NetBSD mailing list. By the way, I highly recommend you check these against the manual rather than take my word for it. Reading the man page right now, it looks like some of these are either on by default or unimplemented. -- Anthony J. Bentley
Re: Keyboard Layout on Xorg or GNOME
Hi Daniel, I'm running -current. I have an US keyboard but need the dead keys, since my native language have accents and other local punctuation. I've always used American keyboards without dead keys so I can't really help here. But an alternative is to set up a compose key, e.g., with $ setxkbmap -option compose:ralt to make it right alt. Then you can press (in sequence) Alt ' e to get an e with acute accent, etc. This is configurable as well; you can set up a file in ~/.XCompose if you want to change the default bindings. Note that it uses Latin1 only by default, but you can get full access to Unicode with LC_CTYPE=en_US.UTF-8 set. -- Anthony J. Bentley
Re: How to open PDF that requires Adobe 9
UPS is so annoying. The UPS developer's guide is in a 9MB PDF file. When I open it with xpdf(1) I get a (1) page PDF that states I need to download the the latest Adobe crapware to view it. How can I get around this? Why does xpdf even abide? I tried the following gs(1) command hoping it would convert it, but failed with an unrecoverable error (I can paste the error output here if someone thinks it will be helpful): gs -dNOPAUSE -dSAFER -dBATCH -sDEVICE=pdfwrite -sOutputFile=foo.pdf guide.pdf I also tried without the options, NOPAUSE, etc. Any suggestions? This happens when there are multiple PDFs embedded in a single PDF file. I remember reading a Ghostscript bug about this (could probably find it again if I had the exact error message), but unfortunately Mupdf still doesn't support it. Standard Adobe Reader lets you view but not extract, even. I had to go to a computer lab and use Acrobat on a Mac to pull out the individual files. It's probably not a hard problem to solve, but I don't know of any open-source programs that do this yet. -- Anthony J. Bentley b
Re: LLVM build
Also, the same concept could be ported to OpenBSD? In my opinion, the openbsd want to be a GPL-free OpenSource OS, and the BSD-licensed C compiler provided by the LLVM can help. This has been discussed here before. I believe there's some resistance to using LLVM as a system compiler for OpenBSD because it is a) not small (though it's smaller than gcc) b) c++ The momentum in OpenBSD is more with PCC, though that still has a long ways to go.
