Re: audio plays too fast
On Mon, Aug 15, 2005 at 11:24:24PM +0200, Jernej Vodopivec wrote: > Hello! > > I couldn't find any acceptable solution for my problem - the problem > is that sound is playing too fast. I've found out that many people > has/had the same problem before but the problem is still here.. > > I am running obsd 3.7 on Toshiba Satellite 2410-304 (auich0 at pci0 > dev 31 function 5 "Intel 82801CA/CAM AC97" rev 0x02: irq 11, ICH3 > AC97; ac97: codec id 0x594d803 (Yamaha YMF753-S); ac97: codec features > 18 bit DAC, No 3D Stereo; audio0 at auich0). > > I think this is obsd specific problem because I didn't have this > problem when I was running debian linux, freebsd or windows on this > laptop. did you read the CAVEATS section of auich(4)? AFAIK, and I've been known to be wrong, those other OSes have rate converters in the drivers, but OBSD leaves this to userland. -- <[EMAIL PROTECTED]>
Re: Shared memory / SQL
On Fri, 19 Aug 2005 15:01:12 +1000 Graeme Lee <[EMAIL PROTECTED]> wrote: > I think I was talking about the disk buffer, not the shared buffer. You said it "uses the os disk buffer" and doesn't maintain its own. Everything that reads data from the filesystem uses the OS's buffer. Postgresql's shared buffer cache is used to cache data read from disk, so it is a disk cache maintained by on its own. I think postgresql stores and purges data in the shared buffer cache with an understanding of table/column access, so you should get more benefit from using extra RAM there than increasing BUFCACHEPERCENT, not positive though. > My bad for not being explicit enough. Also, back-peddling here a > bit... 'twould seem that fsync = true is the default setting flushing > data to disk, which will always be a bit of a hit for writes. No? Yes, but its only the write-ahead log that is being flushed to disk, not the actual data files. So the performance hit isn't that bad, and its needed to ensure that your data is not lost or corrupted if an unclean shutdown happens. Also keep in mind that its only flushed per transaction, so if you need to insert 10,000 rows, start a transaction first, do your inserts, then commit it and you will only get 1 fsync() instead of 10,000. Adam
Re: eap driver audioctl issue
On Tue, Aug 16, 2005 at 01:26:05PM -0300, Lost Reality wrote: > So...it's a bug ? > > # audioctl play.rate > play.rate=8000 > # audioctl play.rate=44100 > audioctl: set failed: Invalid argument > # audioctl play.rate > play.rate=44100 > # > > I made a little prog (a "DSP"), where (like in audioctl.c), this ioctl > ALWAYS returns -1: > if (ioctl(ES, AUDIO_SETINFO, &Inf) < 0) err(0, "AUDIO_SETINFO"); obviously, some steps missing here. are you doing AUDIO_INITINFO(&Inf); AUDIO_GETINFO(&Inf); Inf.foo = bar; AUDIO_SETINFO(&Inf); or just AUDIO_INITINFO(&Inf); Inf.foo = bar; AUDIO_SETINFO(&Inf); if you are doing the first, like audioctl does, try the second. does that work properly? > (audioctl.c) > if (writeinfo && ioctl(fd, AUDIO_SETINFO, &info) < 0) > err(1, "set failed"); > > I think it's related to some device-independent driver...I don't have the > skills and time to go ahead, sorry :( I spent some time looking into this last week. I found at least two things that cause this with emu(4). first is 'record.port=0x0'. this always causes an EINVAL in sys/dev/audio.c::au_set_port(). I can get past this error by setting a valid source. perhaps emu(4) (and possibly and other drivers) should set a (valid) default recording source? second is in sys/dev/audio.c::au_set_lr_value(), which is actually caused by sys/dev/ic/ac97.c::ac97_mixer_set_port(), but I didn't figure out why this is returning EINVAL. -- <[EMAIL PROTECTED]>
ipcheck.py
I have a basic shell script that cron runs periodically to update my dyndns.org account. It invokes ipcheck.py: [EMAIL PROTECTED] cat /usr/local/sbin/ipcheck.sh #!/bin/sh /usr/local/bin/python /usr/local/bin/ipcheck.py -l -d /etc/ipcheck -i tun0 -w user pass xxx.dyndns.org However, I keep getting spammed by messages such as this all the time: Date: Mon, 8 Aug 2005 06:30:02 -0400 (EDT) From: Cron Daemon <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Cron <[EMAIL PROTECTED]> /bin/sh /usr/local/sbin/ipcheck.sh Traceback (most recent call last): File "/usr/local/bin/ipcheck.py", line 5025, in ? _main(sys.argv) File "/usr/local/bin/ipcheck.py", line 4386, in _main (fileip, filehosts) = datfile.read() File "/usr/local/bin/ipcheck.py", line 795, in read assert hosts AssertionError Does anyone have any idea why this is happening? I read the directions for ipcheck and did a google search and it appears as if I am doing everything correctly. Thanks, Blake
Re: Shared memory / SQL
Adam wrote: On Fri, 19 Aug 2005 12:28:20 +1000 Graeme Lee <[EMAIL PROTECTED]> wrote: Postgresql uses the os disk buffer. It does not maintain its own. Yes it does. Postgresql uses a shared buffer cache, and increasing the number of shared buffers in your postgresql.conf can make a huge difference in performance. If your postgresql server has alot of free RAM, you should be giving it more for its cache. The link you provided even talks about this quite a bit. Adam I think I was talking about the disk buffer, not the shared buffer. My bad for not being explicit enough. Also, back-peddling here a bit... 'twould seem that fsync = true is the default setting flushing data to disk, which will always be a bit of a hit for writes. No? G
Re: sendmail and mutt (RunAsUser for MSP ignored)
On Thu, Aug 18, 2005, [EMAIL PROTECTED] wrote:
> SMTP AUTH to my ISP. mutt is using the default submit.mc, calling
> via "/usr/sbin/sendmail -C/etc/mail/submit.cf -oem -oi" .
Don't use -C, sendmail doesn't like that.
(see man sendmail and doc/op/op.*)
> -r-xr-sr-x 1 root smmsp 606532 Aug 16 05:30 sendmail
ls -ln `grep '^sendmail' /etc/mailer.conf | awk '{print $2}'`
> WARNING: RunAsUser for MSP ignored, check group ids (egid=1000,
> want=25)
Whose gid is 1000?
Re: Shared memory / SQL
On Fri, 19 Aug 2005 12:28:20 +1000 Graeme Lee <[EMAIL PROTECTED]> wrote: > Postgresql uses the os disk buffer. It does not maintain its own. Yes it does. Postgresql uses a shared buffer cache, and increasing the number of shared buffers in your postgresql.conf can make a huge difference in performance. If your postgresql server has alot of free RAM, you should be giving it more for its cache. The link you provided even talks about this quite a bit. Adam
Re: backup filesystem
On 8/19/05, Masoud Sharbiani <[EMAIL PROTECTED]> wrote: > /me puts the anti flame suit on: > How about vfat? > Masoud > then you wont be able to preserve the permissions exactly. --Siju
Re: Amanda clients, behind a pf firewall?
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 You can build Amanda Yourself and specify certain port ranges, which is a big win when configuring a firewall. Here are the rules i have in a neutral format (i actually use Netfilter on that firewall): server/src ports 702:712/udp -> clients/dst port 10080/udp (The next rule is actually for replies from the previous rule. The previous rule is for requests to the clients to estimate how much space they need. Estimating that can take a while, so the entry in the firewall's state table tends to timeout before a reply is received.) clients/src port 10080/udp -> server/dst ports 702:712/udp server/src ports 1024:/tcp -> clients/dst ports 1702:1712/tcp clients/src ports any/tcp -> server/dst ports 10082:10083/tcp The last two rules are for 1) the actual backup or restore data 2) indexing and tape services for restores The ranges 702:712/udp and 1702:1712/tcp are the ones i chose when compiling Amanda. If explicit ranges are not chosen at compile time, the ranges are rather unbounded. UDP is probably restricted to being less than 1024 (because explicitly specifying something outside of that ranges gives an error), and TCP is restricted to being 1024 or greater (same reason). -& stan wrote: > Can anyone tell me how what pf rules I need to allow an Amanda > machine outised of the firewall to backup clients that are inside > the firewall? > > Curently amcheck runs fine, but I think the actuall run will > fail. At least it did last night. > - -- GPG key / Schl|ssel -- http://simultan.dyndns.org/~arjones/gpgkey.txt Encrypt everything. / Alles verschl|sseln. Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFDBVrgoI7tqy5bNGMRAxOMAJ4vhwF1csIHXGDBNtREda07stPj1wCg3Pnr 3iulo2tM9s6lu4tAo9eJm3w= =SkTH -END PGP SIGNATURE-
sendmail and mutt (RunAsUser for MSP ignored)
I've checked the FAQ, I've checked the list archives, I've even checked the bug reports. I'm running OpenBSD 3.7-stable. I've installed mutt-1.4.2ip0 from /usr/ports/mail/mutt/stable . sendmail is using the default localhost.mc with just a few lines added so that it can relay via SMTP AUTH to my ISP. mutt is using the default submit.mc, calling via "/usr/sbin/sendmail -C/etc/mail/submit.cf -oem -oi" . I've verified, in so far as it is documented, that the installation is correct... -r-xr-sr-x 1 root smmsp 606532 Aug 16 05:30 sendmail drwxrwx--- 2 smmsp smmsp 512 Aug 18 01:31 clientmqueue drwx-- 2 root wheel 512 Aug 18 01:37 mqueue -r--r--r-- 1 root wheel 39362 Aug 18 01:37 /etc/mail/localhost.cf -r--r--r-- 1 root wheel 40257 Aug 18 02:04 /etc/mail/submit.cf $ grep smmsp /etc/passwd smmsp:*:25:25:Sendmail Message Submission Program:/nonexistent:/sbin/nologin $ grep smmsp /etc/group smmsp:*:25: So I try to send a test message to myself, and mutt complains... WARNING: RunAsUser for MSP ignored, check group ids (egid=1000, want=25) and sendmail (names changed to protect the innocent) complains Aug 18 23:47:08 hostname sendmail[448]: NOQUEUE: Authentication- Warning: hostname.domainname: Processed by username with -C /etc/mail/submit.cf Aug 18 23:47:08 hostname sendmail[448]: NOQUEUE: Authentication- Warning: hostname.domainname: Processed from queue /var/spool/clientmqueue Aug 18 23:47:08 hostname sendmail[448]: NOQUEUE: SYSERR(username): can not chdir(/var/spool/clientmqueue/): Permission denied So what is wrong with this picture, and what can I do to fix it? As far as I know, my present installation varies from the default only in the slight modification I made to localhost.mc and the compilation of mutt. If it's working okay for everyone else, what does your install look like? Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427
Re: backup filesystem
/me puts the anti flame suit on: How about vfat? Masoud Edd Barrett wrote: Hello, How about a _encrypted_ tarball on a filesystem that both of the OS'es understand? Im not interested in encryption (this time). Like FFS, right? See this is why I asked here, I know that FFS is close friends with UFS, but I wasnt sure. So you reckon I can use native solaris FS and mount in OBSD? Thanks for your reply Regards Edd
Re: Shared memory / SQL
David Hill wrote:
Hello -
I need to build a server that will run PostgreSQL 8, handling up to 150
connections. The current database size is roughly 2GB now with 2.8 million
rows in it's biggest table. This is expected to continue to grow steadily over
time.
The hardware I have to work with is a single 3Ghz p4 processor, 1GB RAM, and 2
36.7GB SCSI drives with a Dell Perc for doing RAID.
How is OpenBSD's shared memory performance? Could it handle this type of load
well? Many people suggest I go with FreeBSD instead because they say FreeBSD's
shared memory performance is superior, something about a sysctl called
kern.ipc.shm_use_phys to stop shared memory from swapping out and to use the
physical ram instead, among a few other reasons.
If OpenBSD would work just as well, I am sure I will have to increase the SHM*
options in the kernel. Does OpenBSD have any barriers when it comes to that?
Thanks for any help.
David
Difficult to say. I run a Postgresql database server (dmesg at end)
Similar specs, 2 x 2.4G Xeon, 1GB RAM, 2 x 36.7 GB SCSI (RAID 1)
I run 2 separate database clusters (bound to separate ips) each with
their connection limit set to 100 without issue. The biggest database
is only 600 MB though. It's largest table has over 7.5 million lines
(it's a log) which hardly ever gets searched. The rest is quite fast.
So far I've never even come close to using swap space. The biggest
bottle neck is raid 1. It should have been raid 0 imho
Postgresql uses the os disk buffer. It does not maintain its own. You
may benefit by increasing the buffcachepct. Here's a decent link on
hardware performance tuning:
http://www.postgresql.org/files/documentation/books/aw_pgsql/hw_performance/
Graeme
OpenBSD 3.6-stable (GENERIC.MP) #2: Fri Jul 8 11:39:20 EST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Xeon(TM) CPU 2.40GHz ("GenuineIntel" 686-class) 2.40 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID
real mem = 1073197056 (1048044K)
avail mem = 757547008 (739792K)
using 4278 buffers containing 268820480 bytes (262520K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 04/11/04, BIOS32 rev. 0 @ 0xffe90
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc410/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:15:0 ("ServerWorks CSB5
SouthBridge" rev 0x00)
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x4000 0xcc000/0x600 0xec000/0x4000!
mainbus0: Intel MP Specification (Version 1.4) (DELL PE 0121 )
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 132 MHz
cpu1 at mainbus0: apid 6 (application processor)
cpu1: Intel(R) Xeon(TM) CPU 2.40GHz ("GenuineIntel" 686-class) 2.40 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type PCI
mainbus0: bus 5 is type PCI
mainbus0: bus 6 is type ISA
ioapic0 at mainbus0: apid 8 pa 0xfec0, version 11, 16 pins
ioapic0: misconfigured as apic 0, remapped to apic 8
ioapic1 at mainbus0: apid 9 pa 0xfec01000, version 11, 16 pins
ioapic1: misconfigured as apic 0, remapped to apic 9
ioapic2 at mainbus0: apid 10 pa 0xfec02000, version 11, 16 pins
ioapic2: misconfigured as apic 0, remapped to apic 10
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "ServerWorks CNB20-HE" rev 0x33
pchb1 at pci0 dev 0 function 1 "ServerWorks CNB20-HE" rev 0x00
pci1 at pchb1 bus 3
bge0 at pci1 dev 6 function 0 "Broadcom BCM5703X" rev 0x02: apic 9 int
12 (irq 7) address 00:0f:1f:6e:2d:af
brgphy0 at bge0 phy 1: BCM5703 10/100/1000baseT PHY, rev. 2
bge1 at pci1 dev 8 function 0 "Broadcom BCM5703X" rev 0x02: apic 9 int
13 (irq 11) address 00:0f:1f:6e:2d:b1
brgphy1 at bge1 phy 1: BCM5703 10/100/1000baseT PHY, rev. 2
pchb2 at pci0 dev 0 function 2 "ServerWorks CNB20-HE" rev 0x00
pci2 at pchb2 bus 1
vendor "Dell", unknown product 0xc (class undefined unknown subclass
0x00, rev 0x00) at pci0 dev 4 function 0 not configured
"Dell PERC 3/Di" rev 0x00 at pci0 dev 4 function 1 not configured
vendor "Dell", unknown product 0xd (class undefined unknown subclass
0x00, rev 0x00) at pci0 dev 4 function 2 not configured
vga1 at pci0 dev 14 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pchb3 at pci0 dev 15 function 0 "ServerWorks CSB5 SouthBridge" rev 0x93
pciide0 at pci0 dev 15 function 1 "ServerWorks CSB5 IDE" rev 0x93: DMA
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, DMA mod
Re: back and neck pain
On Thu, Aug 18, 2005 at 07:24:56PM -0400, [EMAIL PROTECTED] wrote: > A friend told me about you- i have a' spondie'-l4-l5, that surgey helped a > little, and 10 mos. later my car fell off the jacks, breaking my back-burst > fracture of t-12, and aggrivating the 'spondie'. I have a lot of pain and > percocets have helped, can you help me? man neckpain(1)
Amanda clients, behind a pf firewall?
Can anyone tell me how what pf rules I need to allow an Amanda machine outised of the firewall to backup clients that are inside the firewall? Curently amcheck runs fine, but I think the actuall run will fail. At least it did last night. -- U.S. Encouraged by Vietnam Vote - Officials Cite 83% Turnout Despite Vietcong Terror - New York Times 9/3/1967
kernel page fault on initial login (OpenBSD 3.7 Release)
Hi,
I've just recently installed OpenBSD 3.7 (Release) on a Celeron 466 w/
256MB of RAM.
I created a boot floppy and from there the install went flawlessly.
However, after booting the systems for first time I am getting a
kernel page fault error as soon as I try to type in a userid.
This is what I'm seeing after waiting for the login prompt and hitting one key:
---
OpenBSD/i386 (wormy.starbase) (ttyC0)
login: kernel: page fault trap, code = 0
Stopped atpckbc_enqueue_cmd+0x7d: sbbb 0(%eax),%al
ddb> kernel: page fault trap, code = 0
Faulted in DDB; continuing...
ddb>
---
I'm left at a debugger prompt that seems functional so I may be able
to pull some more info if required.
I can log into the machine via ssh normally (as long as I don't touch
the local keyboard and trigger the error). Any idea what might be
going on?
Thanks,
Dave
P.S. dmesg below:
OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Celeron ("GenuineIntel" 686-class, 128KB L2 cache) 468 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR
real mem = 267952128 (261672K)
avail mem = 237731840 (232160K)
using 3296 buffers containing 13500416 bytes (13184K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(c7) BIOS, date 04/23/99, BIOS32 rev. 0 @ 0xfb100
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf/0xb57c
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdb20/160 (8 entries)
pcibios0: PCI Exclusive IRQs: 9 10 11
pcibios0: PCI Interrupt Router at 000:07:0 ("VIA VT82C596A ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xa800
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA VT82C691 PCI" rev 0x02
ppb0 at pci0 dev 1 function 0 "VIA VT82C598 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "Nvidia Vanta" rev 0x15
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "VIA VT82C596A ISA" rev 0x06
pciide0 at pci0 dev 7 function 1 "VIA VT82C571 IDE" rev 0x06: ATA33,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0:
wd0: 32-sector PIO, LBA, 1039MB, 2128536 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable
cd0(pciide0:1:1): using PIO mode 4, Ultra-DMA mode 2
uhci0 at pci0 dev 7 function 2 "VIA VT83C572 USB" rev 0x02: irq 10
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"VIA VT82C596 Power Mgmt" rev 0x00 at pci0 dev 7 function 3 not configured
rl0 at pci0 dev 10 function 0 "Realtek 8139" rev 0x10: irq 9 address
00:10:b5:0f:0a:45
rlphy0 at rl0 phy 0: RTL internal phy
cmpci0 at pci0 dev 13 function 0 "C-Media Electronics CMI8338A Audio"
rev 0x10: irq 9
audio0 at cmpci0
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
ne0: irq 9 already in use
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ed65 netmask ef65 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
WARNING: / was not properly unmounted
vge0 on Abit Av8 (amd64)
I recently installed a snapshot (august 17th) from ftp.rt.fm using FTP install. When I booted from the CDROM, I was able to use the vge0 interface to download the packages. I rebooted and flashed the BIOS because the system/BIOS was saying it couldn't detect the CPU model. I rebooted after the BIOS flash, the system came up detecting the CPU okay, except now I keep getting vge0 watchdog timeouts. If anyone could shed some light, it would be much appriciated. Thanks. Here is a dmesg: [ using 447280 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2005 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.8-beta (GENERIC.MP) #0: Thu Aug 18 12:22:10 CDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2147020800 (2096700K) avail mem = 1836371968 (1793332K) using 22937 buffers containing 214908928 bytes (209872K) of memory mainbus0 (root) mainbus0: Intel MP Specification (Version 1.4) (OEM0 PROD) cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+, 2247.74 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,NXE,MMXX,FF XSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 204309497Hz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+, 2247.41 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,NXE,MMXX,FF XSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative mpbios: bus 0 is type PCI mpbios: bus 1 is type PCI mpbios: bus 2 is type ISA ioapic0 at mainbus0 apid 2: pa 0x83742e24, version 3, 24 pins ioapic0: misconfigured as apic 0 ioapic0: remapped to apic 2 pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 "VIA K8HTB Host" rev 0x00 pchb1 at pci0 dev 0 function 1 "VIA K8HTB Host" rev 0x00 pchb2 at pci0 dev 0 function 2 "VIA K8HTB Host" rev 0x00 pchb3 at pci0 dev 0 function 3 "VIA K8HTB Host" rev 0x00 pchb4 at pci0 dev 0 function 4 "VIA K8HTB Host" rev 0x00 pchb5 at pci0 dev 0 function 7 "VIA K8HTB Host" rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00 pci1 at ppb0 bus 1 vge0 at pci0 dev 14 function 0 "VIA VT612x" rev 0x11: apic 2 int 23 (irq 10), address 00:50:8d:d3:79:be ciphy0 at vge0 phy 1: Cicada CS8201 10/100/1000TX PHY, rev. 2 pciide0 at pci0 dev 15 function 0 "VIA VT8237 SATA" rev 0x80: DMA pciide0: using apic 2 int 20 (irq 11) for native-PCI interrupt pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: apic 2 int 21 (irq 11) usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: apic 2 int 21 (irq 5) usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered "VIA VT8237 ISA" rev 0x00 at pci0 dev 17 function 0 not configured pchb6 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb7 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb8 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb9 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00 isa0 at mainbus0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo com0: console pckbc0 at isa0 port 0x6
back and neck pain
A friend told me about you- i have a' spondie'-l4-l5, that surgey helped a little, and 10 mos. later my car fell off the jacks, breaking my back-burst fracture of t-12, and aggrivating the 'spondie'. I have a lot of pain and percocets have helped, can you help me?
Re: backup filesystem
> > Hello, > > How about a _encrypted_ tarball on a filesystem that both of the OS'es > > understand? Im not interested in encryption (this time). > Like FFS, right? See this is why I asked here, I know that FFS is close friends with UFS, but I wasnt sure. So you reckon I can use native solaris FS and mount in OBSD? Thanks for your reply Regards Edd
Re: ayuda con sendmail
On Thu, Aug 18, 2005, Efrin Sanchez wrote: > Aug 18 14:22:55 sanjorge sm-mta[17316]: ruleset=check_relay, > arg1=localhost.my.domain, arg2=127.0.0.1, relay=localhost.my.domain > [127.0.0.1], reject=553 5.3.0 RELAY #Relevo de Correo desde That's funny we are just discussing what to do about comments in the input for makemap... "RELAY #Relevo de Correo desde" is NOT a valid RHS for an access map entry. "RELAY" is correct, see cf/README and man makemap.
Re: ayuda con sendmail
2005/8/18, Efrin Sanchez <[EMAIL PROTECTED]>: > no pueden salir ni entrar correos [snip] > que puedo hacer > La lista de corre en espaqol esta aqum/The Spanish mailing list is here: http://groups.google.com.mx/group/OpenBSD-Mexico/ ?Seguro que es un OpenBSD? Tal parece que no pudo resolver el dominio gmail.com, quiza algzn problema con el servidor DNS o tu conexisn a Internet. Continuemos la discusisn en la direccisn que te envii. -- Gerardo Santana Gsmez Garrido http://www.openbsd.org.mx/santana/ "Entre los individuos, como entre las naciones, el respeto al derecho ajeno es la paz" -Don Benito Juarez
Re: umts & mtu
It is a Novatel Wireless / Qualcomm. Support has been added for this card has been added in -CURRENT, but this version is running on 3.6. It seems a little bit different than the one vodafone is offering. I cant set the speed > 115200 Reyk Floeter wrote: On Thu, Aug 18, 2005 at 06:23:50PM +0200, Bolke de Bruin wrote: I am working on an UMTS (via ppp) connection. This connection seems to have a very small mtu namely 480 bytes. If found this out using different sizes when pinging. To accomodate vor this I have added a scrub rule to pf.conf: scrub out on tun0 all fragment reassemble max-mss 472 in ppp.conf I have added: set mtu max 472 set mru max 472 Still I am unable to do any webbrowsing or ssh to the outside. Does someone have experience with these kind of connections? Isn't the mtu a bit too small? which card? i'm using umts with a option 3g from vodafone and pppd without problems. reyk $ cat /etc/ppp/peers/vodafone /dev/ttyU0 460800 :0.0.0.1 connect '/usr/sbin/chat -v -f /etc/ppp/vodafone.chat' disconnect '/usr/sbin/chat -v -f /etc/ppp/disconnect.chat' crtscts defaultroute ipcp-accept-local ipcp-accept-remote lock modem ms-dns 139.7.30.125 ms-dns 139.7.30.126 noauth noipdefault novj user d2 nodetach debug $ cat /etc/ppp/vodafone.chat # first unlock the device once with AT+CPIN="" 'ABORT' 'BUSY' 'ABORT' 'ERROR' 'ABORT' 'NO CARRIER' 'ABORT' 'NO DIALTONE' 'REPORT''CONNECT' 'TIMEOUT' '10' '' 'AT+CPIN?' '+CPIN: READY' 'AT_OPSYS=3,2' 'OK''AT+CGDCONT=2,"IP","web.vodafone.de"' 'OK''AT+CGDCONT=1,"IP","web.vodafone.de"' '' 'ATZ' 'OK''ATE1' 'OK''AT&F' 'TIMEOUT' '60' 'OK''ATD*99***1#' 'CONNECT' ''
Shared memory / SQL
Hello - I need to build a server that will run PostgreSQL 8, handling up to 150 connections. The current database size is roughly 2GB now with 2.8 million rows in it's biggest table. This is expected to continue to grow steadily over time. The hardware I have to work with is a single 3Ghz p4 processor, 1GB RAM, and 2 36.7GB SCSI drives with a Dell Perc for doing RAID. How is OpenBSD's shared memory performance? Could it handle this type of load well? Many people suggest I go with FreeBSD instead because they say FreeBSD's shared memory performance is superior, something about a sysctl called kern.ipc.shm_use_phys to stop shared memory from swapping out and to use the physical ram instead, among a few other reasons. If OpenBSD would work just as well, I am sure I will have to increase the SHM* options in the kernel. Does OpenBSD have any barriers when it comes to that? Thanks for any help. David
Re: umts & mtu
On Thu, Aug 18, 2005 at 06:23:50PM +0200, Bolke de Bruin wrote: > I am working on an UMTS (via ppp) connection. This connection seems to > have a very small mtu namely 480 bytes. If found this out using > different sizes when pinging. To accomodate vor this I have added a > scrub rule to pf.conf: > > scrub out on tun0 all fragment reassemble max-mss 472 > > in ppp.conf > > I have added: >set mtu max 472 >set mru max 472 > > Still I am unable to do any webbrowsing or ssh to the outside. Does > someone have experience with these kind of connections? Isn't the mtu a > bit too small? > which card? i'm using umts with a option 3g from vodafone and pppd without problems. reyk $ cat /etc/ppp/peers/vodafone /dev/ttyU0 460800 :0.0.0.1 connect '/usr/sbin/chat -v -f /etc/ppp/vodafone.chat' disconnect '/usr/sbin/chat -v -f /etc/ppp/disconnect.chat' crtscts defaultroute ipcp-accept-local ipcp-accept-remote lock modem ms-dns 139.7.30.125 ms-dns 139.7.30.126 noauth noipdefault novj user d2 nodetach debug $ cat /etc/ppp/vodafone.chat # first unlock the device once with AT+CPIN="" 'ABORT' 'BUSY' 'ABORT' 'ERROR' 'ABORT' 'NO CARRIER' 'ABORT' 'NO DIALTONE' 'REPORT''CONNECT' 'TIMEOUT' '10' '' 'AT+CPIN?' '+CPIN: READY' 'AT_OPSYS=3,2' 'OK''AT+CGDCONT=2,"IP","web.vodafone.de"' 'OK''AT+CGDCONT=1,"IP","web.vodafone.de"' '' 'ATZ' 'OK''ATE1' 'OK''AT&F' 'TIMEOUT' '60' 'OK''ATD*99***1#' 'CONNECT' ''
OpenBSD and web cameras - searching for a definitive answer
Hi everyone! Despite searching thoroughly through the mailing list archives and Google, I was not able to find a clear answer to this question: are there any programs available to control a modern USB webcam, such as Logitech QuickCam or Vimicro webcam, using OpenBSD (3.7)? The graphics/cqcam port only supports parallel port webcams, which in my opinion should be considered obsolete. The graphics/vid port only supports cameras with Omnivision OV511 or OV511+ chipsets, meaning that at least QuickCam and Vimicro are *not* supported. I'm now trying to find out if the current Creative webcams still use the OV511+ chipset. The Vimicro camera was properly recognized and assigned to /dev/ ugen0, but I found no way to use it. The Logitech QuickCam was not even recognized - except for it's built-in microphone, which was assigned to /dev/uaudio0. Can anyone shed any light on this issue? Thanks! - Jyri # This message has been checked for viruses and spam. www.turvamies.fi [EMAIL PROTECTED] #
Re: Hard Disk Password Security Info
Chris Kuethe <[EMAIL PROTECTED]> wrote: > Before we get too worked up over this, can someone who actually cares > spend an afternoon with a pair of identical disks to tell us whether > or not a board swap will defeat the password (and on what sort of > drive)? It won't. The password isn't saved in the firmware, it's saved on the disk. Thus changing the firmware won't change anything since the replaced firmware will also read the password from the disk. Only a patched firmware that does not read the password will help. -- Jonathan
Re: backup filesystem
On Thu, 18 Aug 2005 16:35:31 -0400 Masoud Sharbiani <[EMAIL PROTECTED]> wrote: > Hello, > How about a _encrypted_ tarball on a filesystem that both of the OS'es > understand? Like FFS, right? > cheers, > Masoud > > On Thu, Aug 18, 2005 at 06:03:58PM +0100, Edd Barrett wrote: > > Hi, > > > > I shall be transporting a hard disk between two sites for backup > > purposes. The backup shall be on a RAID-1 mirror in an openbsd server. > > The disk will primarily be used in a sun workstation running solaris. > > > > My question is, which filesystem do you guys recommend. If possible I > > would like to preserve permssions and filename exactly. > > > > Best Regards > > > > Edd > -- "Security is decided by quality" -- Theo de Raadt
Re: backup filesystem
Hello, How about a _encrypted_ tarball on a filesystem that both of the OS'es understand? cheers, Masoud On Thu, Aug 18, 2005 at 06:03:58PM +0100, Edd Barrett wrote: > Hi, > > I shall be transporting a hard disk between two sites for backup > purposes. The backup shall be on a RAID-1 mirror in an openbsd server. > The disk will primarily be used in a sun workstation running solaris. > > My question is, which filesystem do you guys recommend. If possible I > would like to preserve permssions and filename exactly. > > Best Regards > > Edd
Re: Hard Disk Password Security Info
On 8/18/05, Dave Feustel <[EMAIL PROTECTED]> wrote: > On Thursday 18 August 2005 09:38, Dimitry Andric wrote: > > By zapping the firmware, or triggering some other magic switch, you're > > probably always able to unlock these disks. > > That does seem to be the case right now for at least one company specializing > in disk data recovery. But that approach to getting the data is expensive and > time consuming. In other words: forget about getting access to > password-protected > disk data with a screwdriver and another computer. What about a board swap? Recently I had a drive with a cooked controller board. I put an identical controller board (same disk model, controller board revision, firmware revision, month of manufacture) on the disk can and got my data back. Before we get too worked up over this, can someone who actually cares spend an afternoon with a pair of identical disks to tell us whether or not a board swap will defeat the password (and on what sort of drive)? CL -- GDB has a 'break' feature; why doesn't it have 'fix' too?
ayuda con sendmail
no pueden salir ni entrar correos Aug 18 14:09:06 sanjorge sm-mta[10537]: j7IJ8xb5010537: ruleset=check_mail, arg1=<[EMAIL PROTECTED]>, relay=xproxy.gmail.com [66.249.82.194], reject=553 5.1.8 <[EMAIL PROTECTED]>... Domain of sender address [EMAIL PROTECTED] does not exist Aug 18 14:09:06 sanjorge sm-mta[10537]: j7IJ8xb5010537: from=<[EMAIL PROTECTED]>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=xproxy.gmail.com [66.249.82.194] Aug 18 14:22:55 sanjorge sm-mta[17316]: ruleset=check_relay, arg1=localhost.my.domain, arg2=127.0.0.1, relay=localhost.my.domain [127.0.0.1], reject=553 5.3.0 RELAY #Relevo de Correo desde Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSq006544: [EMAIL PROTECTED], ctladdr=san (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30053, relay=[127.0.0.1] [127.0.0.1], dsn=5.6.0, stat=Data format error Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSq006544: j7IJMtSr006544: DSN: Data format error Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSr006544: to=san, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=31077, relay=[127.0.0.1], dsn=5.6.0, stat=Data format error Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSr006544: j7IJMtSs006544: return to sender: Data format error Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSs006544: to=postmaster, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=32101, relay=[127.0.0.1], dsn=5.6.0, stat=Data format error Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSr006544: Losing ./qfj7IJMtSr006544: savemail panic Aug 18 14:22:55 sanjorge sendmail[6544]: j7IJMtSr006544: SYSERR(root): savemail: cannot save rejected email anywhere que puedo hacer -- ___ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
Re: How to patch a physically weak system & recommended use of sudo?
On Thu, 18 Aug 2005 14:12:00 -0400, Nick Holland <[EMAIL PROTECTED]> wrote: >I also tend to have an "alias ]=sudo" in my .profiles. It's obvious you can type accurately *and* you don't have a cat... (; JCR
Re: How to patch a physically weak system & recommended use of sudo?
On Thu, Aug 18, 2005 at 04:02:21PM +, Scott Plumlee wrote: > Nick Holland wrote: > >When I set up an OpenBSD system, one of the first things I do is create > >a personal user for myself, put myself in the wheel group, configure > >sudo to let wheel users do anything, log in as that user, and disable > >root logins. Completely disable. This does a few things... > > Is your preferred method for doing so to remove the root user, or set > the shell to nologin, or something else? I like the idea, but I'd > rather not shoot myself in the foot doing it. What I normally do is use vipw to change the encrypted root PW to "*" or put a number of identical repeating characters in middle of the encrypted PW. "Completely disable" is probably the wrong expression...as you could still log in single user (no PW prompted for), and if you could find a REASON you absolutely had to login as root from a multi-user system, you could always do a "sudo su -" which will take you to root directly. I've done this, but never had reason that I *had* to do it. By "completely disable", I meant "Unable to directly log into the account from a login prompt". That's what happens when writing an e-mail and realizing I should have left for work 15 minutes earlier... Don't remove the root user, don't probably need to change the login shell (though I can't think of any way that would hurt you). sudo -s is handy for doing lots of root activies, if you are not worried about command logging. I also tend to have an "alias ]=sudo" in my .profiles. It seems to help encourage me not to use "sudo -s" because I'm lazy. :) I'm sure there is some use of the ] key in a command line I'm blowing out, but I haven't come across it yet. :) Nick.
Re: Hard Disk Password Security Info
On Thursday 18 August 2005 11:19, Andrew Dalgleish wrote: > On Thu, Aug 18, 2005 at 10:28:45AM -0500, Dave Feustel wrote: > > The c't article, the link to which I posted to misc@ yesterday, stated that > > a data > > recovery company was able to retrieve the user disk password (set by the > > authors > > of the article) from the disk, aparently without opening (and thus voiding > > the > > warranty of) the disk. > > If I've stolen your laptop with the aim of stealing data, I'm not > too worried about voiding your warranty. That will teach me to make an off-topic comment :-) > Personally I'd place more trust in OS-based encryption. > See vnconfig(1).
Re: Hard Disk Password Security Info
On Thu, Aug 18, 2005 at 10:28:45AM -0500, Dave Feustel wrote: > The c't article, the link to which I posted to misc@ yesterday, stated that a > data > recovery company was able to retrieve the user disk password (set by the > authors > of the article) from the disk, aparently without opening (and thus voiding > the > warranty of) the disk. If I've stolen your laptop with the aim of stealing data, I'm not too worried about voiding your warranty. Personally I'd place more trust in OS-based encryption. See vnconfig(1).
Hard resets with onboard auvia(4)
Hi misc@, I have this Gigabyte 7VM400M-RZ motherboard with VIA KM400/VIA 8235 chipset and the auvia(4) driver (3.7-stable) attaches and plays distorted sound, but trying to play sound sometimes also leads to instant hard resets. I have useful information to provide to any interested developer (the mandatory OpenBSD dmesg, plus Knoppix/Linux dmesg + lspci -vvv + lspci -nvvv, plus what the motherboard drivers for Windows think is installed). Both Windows and Linux can play sound fine, so perhaps the chip is just being misidentified. If necessary, I can even arrange for ssh access for developers (when I get home in a few hours). Can anyone help? Thanks! fabio.olive -- i drowned in the universal pool of entropy eris has saved me, and she has set me free ex sed lex awk yacc, e pluribus unix, amem
Re: Hard resets with onboard auvia(4)
> I have this Gigabyte 7VM400M-RZ motherboard with VIA KM400/VIA 8235 > chipset and the auvia(4) driver (3.7-stable) attaches and plays > distorted sound, but trying to play sound sometimes also leads to > instant hard resets. BTW, I'm not subscribed to the list, so please keep me in the Cc:. fabio.olive -- i drowned in the universal pool of entropy eris has saved me, and she has set me free ex sed lex awk yacc, e pluribus unix, amem
backup filesystem
Hi, I shall be transporting a hard disk between two sites for backup purposes. The backup shall be on a RAID-1 mirror in an openbsd server. The disk will primarily be used in a sun workstation running solaris. My question is, which filesystem do you guys recommend. If possible I would like to preserve permssions and filename exactly. Best Regards Edd
Re: fortinet experience
in the future do not cross post to {Open,Free,Net}BSD.
You already sent the ?n to freebsd-questions.. now back
to openbsd misc..
close( )
Re: umts & mtu
Additionally it seems that the mtu using the same card using windows actually is 1500. Bolke de Bruin wrote: Hi, I am working on an UMTS (via ppp) connection. This connection seems to have a very small mtu namely 480 bytes. If found this out using different sizes when pinging. To accomodate vor this I have added a scrub rule to pf.conf: scrub out on tun0 all fragment reassemble max-mss 472 in ppp.conf I have added: set mtu max 472 set mru max 472 Still I am unable to do any webbrowsing or ssh to the outside. Does someone have experience with these kind of connections? Isn't the mtu a bit too small? Kind regards, Bolke
Re: How to patch a physically weak system & recommended use of sudo?
On 8/18/05, Scott Plumlee <[EMAIL PROTECTED]> wrote: > Nick Holland wrote: > > Tim wrote: > > > >>Hello > >> > >>1. I have a old computer that is slow and has little memory. But I > >>want to keep it updated with patches. I can't compile these patches > >>on the system but I could do it on another faster system. But how can > >>I later apply the compiled patches to the weak system? > > > > > > In addition to the previously mentioned release(8) process (also > > documented here: http://www.openbsd.org/faq/faq5.html#Release), there is > > another thing you could do: run snapshots. They will have all the > > security and reliability updates (before they are in -stable, in fact), > > but also feature updates. > > > > > >>2. Alot of you seem to use sudo instead of su - when you want to do > >>something that requires privileges. Why is this? What settings are > >>you using for sudo? > > > > > > Took me a while to get interested in sudo, which is unfortunate. Way > > cool program. > > > > When I set up an OpenBSD system, one of the first things I do is create > > a personal user for myself, put myself in the wheel group, configure > > sudo to let wheel users do anything, log in as that user, and disable > > root logins. Completely disable. This does a few things... > > Is your preferred method for doing so to remove the root user, or set > the shell to nologin, or something else? I like the idea, but I'd > rather not shoot myself in the foot doing it. Disabling root locally is extremely dangerous in my opinion. Just disable any remote root logins, but keep root locally accessable. If the attacker has local access, not being able to login as root doesn't do much. Jason
Re: Hard Disk Password Security Info
On 2005-08-18 at 00:46:39 Dave Feustel wrote: > With most notebooks it is possible to secure the hard disk against > unauthorized access with the aid of a password. See the atactl(8) manpage, in particular the sec* commands. However, I don't believe these harddisks actually encrypt all data on the disk, so it's not really a security measure. By zapping the firmware, or triggering some other magic switch, you're probably always able to unlock these disks. [demime 1.01d removed an attachment of type application/pgp-signature]
Re: How to patch a physically weak system & recommended use of su do?
From: Scott Plumlee [mailto:[EMAIL PROTECTED] > > Took me a while to get interested in sudo, which is > unfortunate. Way > > cool program. > > > > When I set up an OpenBSD system, one of the first things I > do is create > > a personal user for myself, put myself in the wheel group, configure > > sudo to let wheel users do anything, log in as that user, > and disable > > root logins. Completely disable. This does a few things... > > Is your preferred method for doing so to remove the root user, or set > the shell to nologin, or something else? I like the idea, but I'd > rather not shoot myself in the foot doing it. Bad idea to disable root's console login capabilities - you do need to run system maintenence from time to time. Pick a secure password and secure the physical access to the machine, but don't lose root's ability to log in. The suggestion is probably in reference to disabling root logins from sshd. Then you're forced into logging in remotely as a non-root user, at which point you can use sudo to run commands as root post authentication. DS
OpenBSD 3.7 and web cameras - searching for a definitive answer
Hi everyone! Despite a thorough search through mailing list archives and Google, I was not able to find a clear answer to this question: is it possible to use a modern USB webcam, such as Logitech QuickCam or Vimicro webcam, with OpenBSD 3.7? The graphics/cqcam port only support parallel port webcams, which in my opinion can reasonably be considered obsolete. The graphics/vid port only supports cameras with the Omnivision OV511 or OV511+ chipsets, meaning that at least QuickCam and Vimicro are *not* supported by vid. I have not been able to find any of the cameras Vid is known to support - not as new, not as used. I'm currently trying to find out if the current Creative webcams still have the OV511 chipsets. The Vimicro camera was properly recognized and assigned to /dev/ ugen0, but I found no way to use it. The Logitech QuickCam was not even recognized - except for it's built-in microphone, which was assigned to /dev/uaudio0. Can anyone shed any light on this issue? Thanks! - Jyri # This message has been checked for viruses and spam. www.turvamies.fi [EMAIL PROTECTED] #
umts & mtu
Hi, I am working on an UMTS (via ppp) connection. This connection seems to have a very small mtu namely 480 bytes. If found this out using different sizes when pinging. To accomodate vor this I have added a scrub rule to pf.conf: scrub out on tun0 all fragment reassemble max-mss 472 in ppp.conf I have added: set mtu max 472 set mru max 472 Still I am unable to do any webbrowsing or ssh to the outside. Does someone have experience with these kind of connections? Isn't the mtu a bit too small? Kind regards, Bolke
Re: Xorg Problems on 3.7
It appears that the Xorg bug is one that will always default the resolution down to 640x480 on the Dell Latitude with ATI Mobility M3 chipsets. Dave Feustel <[EMAIL PROTECTED]> wrote:On Tuesday 16 August 2005 13:43, you wrote: > the resolution bug for Xorg I also have a Dell Latitude running OopenBSD 3.7. What is the "resolution bug"? Thanks, Dave Feustel - Start your day with Yahoo! - make it your home page
Re: ami0 and bioctl.
Maybe. The older cards have some issues that need to be worked around in the
driver. This is very tricky stuff though and takes a lot of time to get right.
On Thu, Aug 18, 2005 at 05:13:38PM +0200, Laurens Vets wrote:
> Thanks for the information. Will it ever be?
>
> Marco Peereboom wrote:
> >This controller is currently not supported.
> >
> >On Thu, Aug 18, 2005 at 01:14:01PM +0200, Laurens Vets wrote:
> >
> >>Hi all,
> >>
> >>I've just upgraded to -current (3.8-beta, snapshots op August 16th) to
> >>try out the bioctl utility on my raid controller. However, when I try
> >>to access it, I always get the error "bioctl: bioc_ioctl() call failed":
> >>
> >># bioctl -Dhiv ami0
> >>bioctl: cookie = 0xd0c56e80
> >>bio_inq
> >>bioctl: bioc_ioctl() call failed
> >>
> >># bioctl -Dhiv sd0
> >>bioctl: cookie = 0x0
> >>bio_inq
> >>bioctl: bioc_ioctl() call failed
> >>
> >># bioctl -Dhiv -a get ami0
> >>bioctl: cookie = 0xd0c56e80
> >>bio_inq
> >>bioctl: bioc_ioctl() call failed
> >>
> >>Any ideas to what I might be doing wrong? The controller is a Dell
> >>PERC2/SC in `Mass Storage' mode. Full dmesg:
> >>
> >>OpenBSD 3.8-beta (GENERIC.MP) #260: Tue Aug 16 07:20:51 MDT 2005
> >> [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
> >>cpu0: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
> >>cpu0:
> >>FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
> >>X,FXSR,SSE
> >>real mem = 268013568 (261732K)
> >>avail mem = 237621248 (232052K)
> >>using 3297 buffers containing 13504512 bytes (13188K) of memory
> >>mainbus0 (root)
> >>bios0 at mainbus0: AT/286+(00) BIOS, date 02/13/03, BIOS32 rev. 0 @
> >>0xffe90
> >>pcibios0 at bios0: rev 2.1 @ 0xf/0x1
> >>pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc7c0/176 (9 entries)
> >>pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
> >>pcibios0: PCI bus #4 is the last bus
> >>bios0: ROM list: 0xc/0x8000 0xc8000/0xc00 0xc9000/0x800 0xc9800/0x800
> >>mainbus0: Intel MP Specification (Version 1.4) (DELL PowerEdge 81)
> >>cpu0 at mainbus0: apid 1 (boot processor)
> >>cpu0: apic clock running at 99 MHz
> >>cpu1 at mainbus0: apid 0 (application processor)
> >>cpu1: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
> >>cpu1:
> >>FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
> >>X,FXSR,SSE
> >>mainbus0: bus 0 is type PCI
> >>mainbus0: bus 1 is type PCI
> >>mainbus0: bus 2 is type PCI
> >>mainbus0: bus 3 is type PCI
> >>mainbus0: bus 4 is type PCI
> >>mainbus0: bus 5 is type ISA
> >>ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
> >>ioapic0: misconfigured as apic 0, remapped to apic 2
> >>pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
> >>pchb0 at pci0 dev 0 function 0 "Intel 82440BX AGP" rev 0x00
> >>ppb0 at pci0 dev 1 function 0 "Intel 82440BX AGP" rev 0x00
> >>pci1 at ppb0 bus 1
> >>vga1 at pci1 dev 0 function 0 "ATI Mach64 GD" rev 0x5c
> >>wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> >>wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> >>ppb1 at pci0 dev 2 function 0 "DEC 21152 PCI-PCI" rev 0x03
> >>pci2 at ppb1 bus 2
> >>ahc1 at pci2 dev 4 function 0 "Adaptec AIC-7890/1 U2" rev 0x00: apic 2
> >>int 16 (i
> >>rq 11)
> >>scsibus0 at ahc1: 16 targets
> >>ahc2 at pci2 dev 6 function 0 "Adaptec AIC-7860" rev 0x03: apic 2 int 16
> >>(irq 11
> >>)
> >>scsibus1 at ahc2: 8 targets
> >>cd0 at scsibus1 targ 5 lun 0: SCSI2
> >>5/cdrom remova
> >>ble
> >>ppb2 at pci2 dev 10 function 0 "Intel i960 RP PCI-PCI" rev 0x05
> >>pci3 at ppb2 bus 3
> >>ami0 at pci2 dev 10 function 1 "Intel 80960RP ATU" rev 0x05: apic 2 int
> >>18 (irq
> >>10) Dell 466v2/32b
> >>ami0: FW 3.00, BIOS v1.36, 16MB RAM
> >>ami0: 1 channels, 16 targets, 1 logical drives
> >>scsibus2 at ami0: 1 targets
> >>sd0 at scsibus2 targ 0 lun 0: SCSI2 0/direct fixed
> >>sd0: 42840MB, 5461 cyl, 255 head, 63 sec, 512 bytes/sec, 87736320 sec
> >>total
> >>scsibus3 at ami0: 16 targets
> >>safte0 at scsibus3 targ 6 lun 0: SCSI2
> >>3/processor
> >>fixed
> >>pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
> >>pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
> >>channel 0 wi
> >>red to compatibility, channel 1 wired to compatibility
> >>pciide0: channel 0 ignored (disabled)
> >>pciide0: channel 1 ignored (disabled)
> >>uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01pci_intr_map:
> >>bus 0 d
> >>ev 7 func 2 pin 4; line 5
> >>pci_intr_map: no MP mapping found
> >>isa_intr_establish: no MP mapping found
> >>: irq 5
> >>usb0 at uhci0: USB revision 1.0
> >>uhub0 at usb0
> >>uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
> >>uhub0: 2 ports with 2 removable, self powered
> >>"Intel 82371AB Power" rev 0x02 at pci0 dev 7 function 3 not configured
> >>xl0 at pci0 dev 12 function 0 "3Com 3c905 100Base-TX" rev 0x00: apic 2
> >>int 22 (i
> >>rq 14), address 00:60:08:78:35:0c
> >>nsphy0 at xl0 phy 24:
Re: How to patch a physically weak system & recommended use of sudo?
Nick Holland wrote: Tim wrote: Hello 1. I have a old computer that is slow and has little memory. But I want to keep it updated with patches. I can't compile these patches on the system but I could do it on another faster system. But how can I later apply the compiled patches to the weak system? In addition to the previously mentioned release(8) process (also documented here: http://www.openbsd.org/faq/faq5.html#Release), there is another thing you could do: run snapshots. They will have all the security and reliability updates (before they are in -stable, in fact), but also feature updates. 2. Alot of you seem to use sudo instead of su - when you want to do something that requires privileges. Why is this? What settings are you using for sudo? Took me a while to get interested in sudo, which is unfortunate. Way cool program. When I set up an OpenBSD system, one of the first things I do is create a personal user for myself, put myself in the wheel group, configure sudo to let wheel users do anything, log in as that user, and disable root logins. Completely disable. This does a few things... Is your preferred method for doing so to remove the root user, or set the shell to nologin, or something else? I like the idea, but I'd rather not shoot myself in the foot doing it.
Re: Hard Disk Password Security Info
On Thursday 18 August 2005 10:16, Timothy Donahue wrote: > The only way to recover information off of a disk that has the ata security > password protection implemented correctly is to transplant the platters into > another disk (of the same type). The c't article, the link to which I posted to misc@ yesterday, stated that a data recovery company was able to retrieve the user disk password (set by the authors of the article) from the disk, aparently without opening (and thus voiding the warranty of) the disk. This statement, if true, would contracdict your assertion. I do believe that your assertion will become true in the future. > IIRC, if the security spec is implemented > correctly then just changing the external controller is not enough to allow > the password to be bypassed and swapping the platters into another disk is > not a trivial task. It is not encrypted, but the controller will refuse to > read information off of the disk. > > Tim Donahue
Re: Hard Disk Password Security Info
On Thursday 18 August 2005 11:02 am, Dave Feustel wrote: > On Thursday 18 August 2005 09:38, Dimitry Andric wrote: > > See the atactl(8) manpage, in particular the sec* commands. > > I was looking that that manpage yesterday. It confirms that it > is possible to make the disk data inaccessible to anyone without > the user password. > > > However, I don't believe these harddisks actually encrypt all data on the > > disk, so it's not really a security measure. > > OK. How long will it take you to get data off a disk made maximally secure > via atactl commands? (Answer: most likely you won't get the data, ever). > Also note that if atactl is used to set the user disk password, you > will not be able to boot from a computer with a bios that doesn't offer you > the opportunity to type in the user password you set while the system was > running. That's what the 'freeze' command is for. (You did read about the > freeze command, right?) > > > By zapping the firmware, or triggering some other magic switch, you're > > probably always able to unlock these disks. > > That does seem to be the case right now for at least one company > specializing in disk data recovery. But that approach to getting the data > is expensive and time consuming. In other words: forget about getting > access to password-protected disk data with a screwdriver and another > computer. The only way to recover information off of a disk that has the ata security password protection implemented correctly is to transplant the platters into another disk (of the same type). IIRC, if the security spec is implemented correctly then just changing the external controller is not enough to allow the password to be bypassed and swapping the platters into another disk is not a trivial task. It is not encrypted, but the controller will refuse to read information off of the disk. Tim Donahue
Re: ami0 and bioctl.
Thanks for the information. Will it ever be?
Marco Peereboom wrote:
This controller is currently not supported.
On Thu, Aug 18, 2005 at 01:14:01PM +0200, Laurens Vets wrote:
Hi all,
I've just upgraded to -current (3.8-beta, snapshots op August 16th) to
try out the bioctl utility on my raid controller. However, when I try
to access it, I always get the error "bioctl: bioc_ioctl() call failed":
# bioctl -Dhiv ami0
bioctl: cookie = 0xd0c56e80
bio_inq
bioctl: bioc_ioctl() call failed
# bioctl -Dhiv sd0
bioctl: cookie = 0x0
bio_inq
bioctl: bioc_ioctl() call failed
# bioctl -Dhiv -a get ami0
bioctl: cookie = 0xd0c56e80
bio_inq
bioctl: bioc_ioctl() call failed
Any ideas to what I might be doing wrong? The controller is a Dell
PERC2/SC in `Mass Storage' mode. Full dmesg:
OpenBSD 3.8-beta (GENERIC.MP) #260: Tue Aug 16 07:20:51 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
X,FXSR,SSE
real mem = 268013568 (261732K)
avail mem = 237621248 (232052K)
using 3297 buffers containing 13504512 bytes (13188K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 02/13/03, BIOS32 rev. 0 @ 0xffe90
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc7c0/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #4 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0xc00 0xc9000/0x800 0xc9800/0x800
mainbus0: Intel MP Specification (Version 1.4) (DELL PowerEdge 81)
cpu0 at mainbus0: apid 1 (boot processor)
cpu0: apic clock running at 99 MHz
cpu1 at mainbus0: apid 0 (application processor)
cpu1: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
X,FXSR,SSE
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type PCI
mainbus0: bus 5 is type ISA
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
ioapic0: misconfigured as apic 0, remapped to apic 2
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82440BX AGP" rev 0x00
ppb0 at pci0 dev 1 function 0 "Intel 82440BX AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Mach64 GD" rev 0x5c
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 2 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci2 at ppb1 bus 2
ahc1 at pci2 dev 4 function 0 "Adaptec AIC-7890/1 U2" rev 0x00: apic 2
int 16 (i
rq 11)
scsibus0 at ahc1: 16 targets
ahc2 at pci2 dev 6 function 0 "Adaptec AIC-7860" rev 0x03: apic 2 int 16
(irq 11
)
scsibus1 at ahc2: 8 targets
cd0 at scsibus1 targ 5 lun 0: SCSI2
5/cdrom remova
ble
ppb2 at pci2 dev 10 function 0 "Intel i960 RP PCI-PCI" rev 0x05
pci3 at ppb2 bus 3
ami0 at pci2 dev 10 function 1 "Intel 80960RP ATU" rev 0x05: apic 2 int
18 (irq
10) Dell 466v2/32b
ami0: FW 3.00, BIOS v1.36, 16MB RAM
ami0: 1 channels, 16 targets, 1 logical drives
scsibus2 at ami0: 1 targets
sd0 at scsibus2 targ 0 lun 0: SCSI2 0/direct fixed
sd0: 42840MB, 5461 cyl, 255 head, 63 sec, 512 bytes/sec, 87736320 sec total
scsibus3 at ami0: 16 targets
safte0 at scsibus3 targ 6 lun 0: SCSI2
3/processor
fixed
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
channel 0 wi
red to compatibility, channel 1 wired to compatibility
pciide0: channel 0 ignored (disabled)
pciide0: channel 1 ignored (disabled)
uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01pci_intr_map:
bus 0 d
ev 7 func 2 pin 4; line 5
pci_intr_map: no MP mapping found
isa_intr_establish: no MP mapping found
: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"Intel 82371AB Power" rev 0x02 at pci0 dev 7 function 3 not configured
xl0 at pci0 dev 12 function 0 "3Com 3c905 100Base-TX" rev 0x00: apic 2
int 22 (i
rq 14), address 00:60:08:78:35:0c
nsphy0 at xl0 phy 24: DP83840 10/100 PHY, rev. 1
ppb3 at pci0 dev 14 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci4 at ppb3 bus 4
"Sun PCIO Ebus2" rev 0x01 at pci4 dev 0 function 0 not configured
hme0 at pci4 dev 0 function 1 "Sun HME" rev 0x01: address 08:00:20:e4:22:53
luphy0 at hme0 phy 1: LU6612 10/100 PHY, rev. 1
hme0: using apic 2 int 22 (irq 14) for interrupt
isp0 at pci4 dev 4 function 0 "QLogic ISP1020" rev 0x05: apic 2 int 17
(irq 5)
isp0: Polled Mailbox Command (0x2) Timeout
isp0: Polled Mailbox Command (0x34) Timeout
isp0: Polled Mailbox Command (0x8) Timeout
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wsk
Re: How to patch a physically weak system & recommended use of sudo?
Tim wrote: > Hello > > 1. I have a old computer that is slow and has little memory. But I > want to keep it updated with patches. I can't compile these patches > on the system but I could do it on another faster system. But how can > I later apply the compiled patches to the weak system? In addition to the previously mentioned release(8) process (also documented here: http://www.openbsd.org/faq/faq5.html#Release), there is another thing you could do: run snapshots. They will have all the security and reliability updates (before they are in -stable, in fact), but also feature updates. > 2. Alot of you seem to use sudo instead of su - when you want to do > something that requires privileges. Why is this? What settings are > you using for sudo? Took me a while to get interested in sudo, which is unfortunate. Way cool program. When I set up an OpenBSD system, one of the first things I do is create a personal user for myself, put myself in the wheel group, configure sudo to let wheel users do anything, log in as that user, and disable root logins. Completely disable. This does a few things... 1) Ensures that random PW guessing attacks at "root" will not succeed. (this isn't a huge security gain, but from completely random attackers, it gives them two things to guess, not just one. If you are going after me personally, yeah, not so hard: my most common user name is 'nick' :) 2) Ensures that for systems that have to be administered by multiple users (i.e., business users), that there is no one user who has "more" access than any other, and thus, you have full redundancy in maintainers. 3) In multiply administered systems, you don't have to share any passwords between administrators. Sharing PWs is a bad thing, m'kay? (su requires sharing of root PWs) note: while this is a nice trick for OpenBSD, be careful using it on lesser Unixes -- many need a PW for root access for single user mode (by default at least). As mentioned elsewhere, you can also restrict what people do on a system -- for example, I have set up "controlled" firewalls for schools, where a teacher could turn on and off Internet connections in their classroom. You might not want the teacher to have full access to all functionality in the firewall, but they do need root-level access to change the filter rules. So, permit the proper commands with sudo, wrap it all up in nice scripts, and it becomes very easy and very transparent. Try that with "su" :) Note that in this case, it isn't that I distrust the teacher's intent, I just don't trust their knowledge of Unix administration, and don't want them having accidents... if I didn't trust at least their intent, I don't think I'd let 'em in. :) Try it, it's addictive. :) Nick.
Re: Hard Disk Password Security Info
On Thursday 18 August 2005 09:38, Dimitry Andric wrote: > See the atactl(8) manpage, in particular the sec* commands. I was looking that that manpage yesterday. It confirms that it is possible to make the disk data inaccessible to anyone without the user password. > However, I don't believe these harddisks actually encrypt all data on the > disk, > so it's not really a security measure. OK. How long will it take you to get data off a disk made maximally secure via atactl commands? (Answer: most likely you won't get the data, ever). Also note that if atactl is used to set the user disk password, you will not be able to boot from a computer with a bios that doesn't offer you the opportunity to type in the user password you set while the system was running. That's what the 'freeze' command is for. (You did read about the freeze command, right?) > By zapping the firmware, or triggering some other magic switch, you're > probably always able to unlock these disks. That does seem to be the case right now for at least one company specializing in disk data recovery. But that approach to getting the data is expensive and time consuming. In other words: forget about getting access to password-protected disk data with a screwdriver and another computer.
Re: ami0 and bioctl.
This controller is currently not supported.
On Thu, Aug 18, 2005 at 01:14:01PM +0200, Laurens Vets wrote:
> Hi all,
>
> I've just upgraded to -current (3.8-beta, snapshots op August 16th) to
> try out the bioctl utility on my raid controller. However, when I try
> to access it, I always get the error "bioctl: bioc_ioctl() call failed":
>
> # bioctl -Dhiv ami0
> bioctl: cookie = 0xd0c56e80
> bio_inq
> bioctl: bioc_ioctl() call failed
>
> # bioctl -Dhiv sd0
> bioctl: cookie = 0x0
> bio_inq
> bioctl: bioc_ioctl() call failed
>
> # bioctl -Dhiv -a get ami0
> bioctl: cookie = 0xd0c56e80
> bio_inq
> bioctl: bioc_ioctl() call failed
>
> Any ideas to what I might be doing wrong? The controller is a Dell
> PERC2/SC in `Mass Storage' mode. Full dmesg:
>
> OpenBSD 3.8-beta (GENERIC.MP) #260: Tue Aug 16 07:20:51 MDT 2005
> [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
> cpu0: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
> cpu0:
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
> X,FXSR,SSE
> real mem = 268013568 (261732K)
> avail mem = 237621248 (232052K)
> using 3297 buffers containing 13504512 bytes (13188K) of memory
> mainbus0 (root)
> bios0 at mainbus0: AT/286+(00) BIOS, date 02/13/03, BIOS32 rev. 0 @ 0xffe90
> pcibios0 at bios0: rev 2.1 @ 0xf/0x1
> pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc7c0/176 (9 entries)
> pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
> pcibios0: PCI bus #4 is the last bus
> bios0: ROM list: 0xc/0x8000 0xc8000/0xc00 0xc9000/0x800 0xc9800/0x800
> mainbus0: Intel MP Specification (Version 1.4) (DELL PowerEdge 81)
> cpu0 at mainbus0: apid 1 (boot processor)
> cpu0: apic clock running at 99 MHz
> cpu1 at mainbus0: apid 0 (application processor)
> cpu1: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
> cpu1:
> FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
> X,FXSR,SSE
> mainbus0: bus 0 is type PCI
> mainbus0: bus 1 is type PCI
> mainbus0: bus 2 is type PCI
> mainbus0: bus 3 is type PCI
> mainbus0: bus 4 is type PCI
> mainbus0: bus 5 is type ISA
> ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
> ioapic0: misconfigured as apic 0, remapped to apic 2
> pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
> pchb0 at pci0 dev 0 function 0 "Intel 82440BX AGP" rev 0x00
> ppb0 at pci0 dev 1 function 0 "Intel 82440BX AGP" rev 0x00
> pci1 at ppb0 bus 1
> vga1 at pci1 dev 0 function 0 "ATI Mach64 GD" rev 0x5c
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> ppb1 at pci0 dev 2 function 0 "DEC 21152 PCI-PCI" rev 0x03
> pci2 at ppb1 bus 2
> ahc1 at pci2 dev 4 function 0 "Adaptec AIC-7890/1 U2" rev 0x00: apic 2
> int 16 (i
> rq 11)
> scsibus0 at ahc1: 16 targets
> ahc2 at pci2 dev 6 function 0 "Adaptec AIC-7860" rev 0x03: apic 2 int 16
> (irq 11
> )
> scsibus1 at ahc2: 8 targets
> cd0 at scsibus1 targ 5 lun 0: SCSI2
> 5/cdrom remova
> ble
> ppb2 at pci2 dev 10 function 0 "Intel i960 RP PCI-PCI" rev 0x05
> pci3 at ppb2 bus 3
> ami0 at pci2 dev 10 function 1 "Intel 80960RP ATU" rev 0x05: apic 2 int
> 18 (irq
> 10) Dell 466v2/32b
> ami0: FW 3.00, BIOS v1.36, 16MB RAM
> ami0: 1 channels, 16 targets, 1 logical drives
> scsibus2 at ami0: 1 targets
> sd0 at scsibus2 targ 0 lun 0: SCSI2 0/direct fixed
> sd0: 42840MB, 5461 cyl, 255 head, 63 sec, 512 bytes/sec, 87736320 sec total
> scsibus3 at ami0: 16 targets
> safte0 at scsibus3 targ 6 lun 0: SCSI2
> 3/processor
> fixed
> pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
> pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
> channel 0 wi
> red to compatibility, channel 1 wired to compatibility
> pciide0: channel 0 ignored (disabled)
> pciide0: channel 1 ignored (disabled)
> uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01pci_intr_map:
> bus 0 d
> ev 7 func 2 pin 4; line 5
> pci_intr_map: no MP mapping found
> isa_intr_establish: no MP mapping found
> : irq 5
> usb0 at uhci0: USB revision 1.0
> uhub0 at usb0
> uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
> uhub0: 2 ports with 2 removable, self powered
> "Intel 82371AB Power" rev 0x02 at pci0 dev 7 function 3 not configured
> xl0 at pci0 dev 12 function 0 "3Com 3c905 100Base-TX" rev 0x00: apic 2
> int 22 (i
> rq 14), address 00:60:08:78:35:0c
> nsphy0 at xl0 phy 24: DP83840 10/100 PHY, rev. 1
> ppb3 at pci0 dev 14 function 0 "DEC 21152 PCI-PCI" rev 0x03
> pci4 at ppb3 bus 4
> "Sun PCIO Ebus2" rev 0x01 at pci4 dev 0 function 0 not configured
> hme0 at pci4 dev 0 function 1 "Sun HME" rev 0x01: address 08:00:20:e4:22:53
> luphy0 at hme0 phy 1: LU6612 10/100 PHY, rev. 1
> hme0: using apic 2 int 22 (irq 14) for interrupt
> isp0 at pci4 dev 4 function 0 "QLogic ISP1020" rev 0x05: apic 2 int 17
> (irq 5)
> isp0: Polled Mailbox Command (0x2) Timeout
> isp0: Polled Mailbox Command (0x34) Timeout
> isp0:
Re: How to patch a physically weak system & recommended use of sudo?
On 8/18/05, Tim <[EMAIL PROTECTED]> wrote: > Hello > > 1. I have a old computer that is slow and has little memory. But I want to > keep it updated with patches. I can't compile these patches on the system but > I could do it on another faster system. But how can I later apply the > compiled patches to the weak system? > I would suggest getting a fast machine to build whatever version of OpenBSD you're running, then make a release(8) of that version. I impliment this in any networks I run multiple OpenBSD installations and it works quite well. After I build the release, I then put it on an ftp server and I can mass upgrade/install OpenBSD machines in a very short period of time. > 2. Alot of you seem to use sudo instead of su - when you want to do something > that requires privileges. Why is this? What settings are you using for sudo? > This has been discussed a lot in the past, and I'm sure you can find plenty in the archives about it. I know I could ramble on and on about the advantages and disadvantages of both su and sudo, it's more a matter of which tool you feel most comfortable with, know best, and the type of usage and administration the system in question requires. Jason
Re: more 1 than client can use same port from router (for bittorrent)
On Sat, Aug 06, 2005 at 05:19:46PM +0200, Erik Wikstrvm wrote: > On 2005-08-06 16:48, Vivek Ayer wrote: > >Hi guys, > > > >I was wondering if it was possible to port forward the same port to > >more than one client behind a router. Currently, my client is the only > >one using bittorrent behind the router. I have this in /etc/pf.conf: > > > >rdr pass on $ext_if proto tcp to port 6881:6889 -> 192.168.0.3 port > >6881:6889 > > > >What do I do if other people on the subnet wanted to use the same > >ports (6881:6889) to use bittorrent (clients other than 192.168.0.3)? > >Thanks. > > Sorry, no can do. The other clients would have to use a BT-client where > they can specify the port(s) to use and forward those to the right one. Or round-robin redirect to each client and pray. With so many connections, it might not even be noticable. -Ray-
Re: fortinet experiences
On 8/18/05, mdff <[EMAIL PROTECTED]> wrote: > dear misc, > not related to misc, but to security, so has > anyone experiences with boxes from fortinet? > details: http://www.fortinet.com/ > cu... > > Fortinet and Clavister seems to be similar, though Fortinet a little looks better in terms of proxying (if memory serves right), I imagine you want to protect windows boxes, remember that there is no alternative to host security as well. I have one Clavister R33 that I pensioned when I got my obsd 3.6 cd's some time ago, the only use I can imagine for the Clavister now is if I ever wanted to run L2TP tunneling from a Windows XP roaming client. Though with web mail and ZyXEL ZyWALL P1 crypto adapters it's pretty moot. Now when I come to think of it, the Clavister box looks like a Soekris, so maby I should try fitting OBSD on it and start using it again...
latest bsd.rd crashes during boot
Hi All,
While trying to upgrade to the latest snapshot (dated August 17) I'm
experiencing some issues with the bsd.rd kernel. Below is the dmesg
for bsd.rd and the normal kernel (from a ~3 weeks old snapshot). Has
anyone else seen this ? This is on a Toshiba Tecra 8100 laptop. If any
other info is required, please let me know.
Cheers,
Paul 'WEiRD' de Weerd
--
>> OpenBSD/i386 BOOT 2.10
boot> boot bsd.rd
booting hd0a:bsd.rd: 4367300+828044 [52+151088+137371]=0x53aec4
entry point at 0x100120
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved. http://www.OpenBSD.org
OpenBSD 3.8-beta (RAMDISK_CD) #765: Wed Aug 17 11:32:59 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 598 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 267886592 (261608K)
avail mem = 238587904 (232996K)
using 3295 buffers containing 13496320 bytes (13180K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(63) BIOS, date 10/07/02, BIOS32 rev. 0 @ 0xfc376
apm0 at bios0: Power Management spec V1.2
apm0: flags 20102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ee0/192 (10 entries)
pcibios0: PCI Interrupt Router at 000:05:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0xc000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82443BX AGP" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "S3 Savage/MX-MV" rev 0x11
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
pcib0 at pci0 dev 5 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
pciide0 at pci0 dev 5 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0:
wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
uhci0 at pci0 dev 5 function 2 "Intel 82371AB USB" rev 0x01: irq 11
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"Intel 82371AB Power" rev 0x03 at pci0 dev 5 function 3 not configured
vendor "Toshiba", unknown product 0x0d01 (class wireless subclass IrDA, rev
0x00) at pci0 dev 9 function 0 not configured
cbb0 at pci0 dev 11 function 0 "Toshiba ToPIC95B CardBus" rev 0x07: irq 11
cbb1 at pci0 dev 11 function 1 "Toshiba ToPIC95B CardBus" rev 0x07: irq 11
"Yamaha 744" rev 0x02 at pci0 dev 12 function 0 not configured
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 2 device 0 cacheline 0x0, lattimer 0x0
pcmcia0 at cardslot0
cardslot1 at cbb1 slot 1 flags 0
cardbus1 at cardslot1: bus 3 device 0 cacheline 0x0, lattimer 0x0
pcmcia1 at cardslot1
biomask ffed netmask ffed ttymask ffef
rd0: fixed, 3800 blocks
uvm_fault(0xd052b3e0, 0xd0a78000, 0, 1) -> e
fatal page fault in supervisor mode
trap type 6 code 0 eip d02bdd42 cs 8 eflags 10212 cr2 d0a78000 cpl 0
panic: trap type 6, code=0, pc=d02bdd42
syncing disks... done
dumping to dev 1101, offset 0
dump error 19
rebooting...
>> OpenBSD/i386 BOOT 2.10
boot>
booting hd0a:/bsd: 4767456+949008 [52+244128+225735]=0x5e6700
entry point at 0x100120
[ using 470288 bytes of bsd ELF symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved. http://www.OpenBSD.org
OpenBSD 3.7-current (GENERIC) #0: Sat Jul 30 20:17:14 CEST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 598 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 267886592 (261608K)
avail mem = 237584384 (232016K)
using 3295 buffers containing 13496320 bytes (13180K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(63) BIOS, date 10/07/02, BIOS32 rev. 0 @ 0xfc376
apm0 at bios0: Power Management spec V1.2
apm0: battery life expectancy 98%
apm0: AC off, battery charge high, estimated 2:01 hours
apm0: flags 20102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf4ee0/192 (10 en
Re: How to patch a physically weak system & recommended use of sudo?
On Thu, Aug 18, 2005 at 01:03:27PM +0200, Tim wrote: > Hello > > 1. I have a old computer that is slow and has little memory. But I want to > keep it updated with patches. I can't compile these patches on the system > but I could do it on another faster system. But how can I later apply the > compiled patches to the weak system? I had a similar old slow computer so I: 1) Build and install the patches on a faster computer. 2) NFS mount /usr/src and /usr/obj from the faster computer so that I can access them from the slower. 3) sudo make install for each of the patched components. Of course, OpenBSD versions are exactly the same on both computers.
Re: How to patch a physically weak system & recommended use of sudo?
On 8/18/05, Stuart Henderson <[EMAIL PROTECTED]> wrote: [snip] > > 2. Alot of you seem to use sudo instead of su - when you want to do > > something that requires privileges. Why is this? What settings are > > you using for sudo? > > Various reasons .. if you use sudo on each command you want to execute > as root, you get a useful audit trail in the system log (or by mail, if > wanted). (if you sudo -s, or use sudo to run a shell, this bypasses > it). Also you can control which commands can be run by which users. You > can have it ask for the (user's) password every time, or you can have > it ask no more than every XX minutes. See sudoers(5) for more options. Using sudo is a good habit to get into, because when/if you admin multi-user systems, it allows you to grant fine-grained privileges to users without having to give anyone root's password. Even on single-user systems, it allows you to perform certain (very specific) actions as root (e.g. mount/umount on removeable storage from gkrellm) without being prompted for a password. As Stuart noted, you also get an audit trail, and if you're using sudosh (which, last I checked, runs on most modern UNIX-like systems except BSD - doh), you get complete record/playback functionality, with timing, for everything typed during a session. See http://sf.net/projects/sudosh/ for more. I have heard rumors that work is underway to merge sudosh functionality into sudo, but Todd Miller (or the sudo mailing list) would be the one to ask about that. -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key
Re: OBSD on Dell C640
According to http://www.openbsd.org/i386-laptop.html, yes. But you could've found it out yourself! If you did some research. Jasper On Thu, 18 Aug 2005 19:26:54 +0600 "Chanka A. Perera" <[EMAIL PROTECTED]> wrote: > Hi, > > If anyone has successfully installed OBSD 3.7 on Dell Latitude C640 > please let me know. > > Thanks, > > Chanka Perera > -- > http://www.linux.lk/~chanka > -- "Security is decided by quality" -- Theo de Raadt
OBSD on Dell C640
Hi, If anyone has successfully installed OBSD 3.7 on Dell Latitude C640 please let me know. Thanks, Chanka Perera -- http://www.linux.lk/~chanka
fortinet experiences
dear misc, not related to misc, but to security, so has anyone experiences with boxes from fortinet? details: http://www.fortinet.com/ cu...
Re: 8/13 snapshot and DHCP
Christian Jones wrote: On 8/17/05, Kenneth R Westerback <[EMAIL PROTECTED]> wrote: I would find it helpful. An exact model of Linksys device would also help. The specific model I've had problems with (don't know about the OP) is a BEFW11S4 ver. 2 "Wireless Access Point and Cable/DSL Router with 4-port switch". This new problem is the second I've had with this device that seems to specifically affect OpenBSD; the first is described in OpenBSD bug report 3875, but seems to now be resolved (perhaps inadvertently--that problem started with 3.6, wasn't fixed as far as I know, but seems to work in 3.7). CDJ Mine's a Linksys BEFSX41 running the latest firmware (1.50.18). I tried various options in /etc/dhclient.conf (including all defaults) with the same results. I'll try to generate a tcpdump this evening if that would be helpful. -- Emmett "Buddy" Pate
Re: How to patch a physically weak system & recommended use of sudo?
--On 18 August 2005 13:03 +0200, Tim wrote: 1. I have a old computer that is slow and has little memory. But I want to keep it updated with patches. I can't compile these patches on the system but I could do it on another faster system. But how can I later apply the compiled patches to the weak system? One way to do this is to build a release(8) and use the normal bsd.rd process to upgrade to your newly-created tgz files. 2. Alot of you seem to use sudo instead of su - when you want to do something that requires privileges. Why is this? What settings are you using for sudo? Various reasons .. if you use sudo on each command you want to execute as root, you get a useful audit trail in the system log (or by mail, if wanted). (if you sudo -s, or use sudo to run a shell, this bypasses it). Also you can control which commands can be run by which users. You can have it ask for the (user's) password every time, or you can have it ask no more than every XX minutes. See sudoers(5) for more options.
ami0 and bioctl.
Hi all,
I've just upgraded to -current (3.8-beta, snapshots op August 16th) to
try out the bioctl utility on my raid controller. However, when I try
to access it, I always get the error "bioctl: bioc_ioctl() call failed":
# bioctl -Dhiv ami0
bioctl: cookie = 0xd0c56e80
bio_inq
bioctl: bioc_ioctl() call failed
# bioctl -Dhiv sd0
bioctl: cookie = 0x0
bio_inq
bioctl: bioc_ioctl() call failed
# bioctl -Dhiv -a get ami0
bioctl: cookie = 0xd0c56e80
bio_inq
bioctl: bioc_ioctl() call failed
Any ideas to what I might be doing wrong? The controller is a Dell
PERC2/SC in `Mass Storage' mode. Full dmesg:
OpenBSD 3.8-beta (GENERIC.MP) #260: Tue Aug 16 07:20:51 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
X,FXSR,SSE
real mem = 268013568 (261732K)
avail mem = 237621248 (232052K)
using 3297 buffers containing 13504512 bytes (13188K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 02/13/03, BIOS32 rev. 0 @ 0xffe90
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc7c0/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #4 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0xc00 0xc9000/0x800 0xc9800/0x800
mainbus0: Intel MP Specification (Version 1.4) (DELL PowerEdge 81)
cpu0 at mainbus0: apid 1 (boot processor)
cpu0: apic clock running at 99 MHz
cpu1 at mainbus0: apid 0 (application processor)
cpu1: Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache) 499 MHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MM
X,FXSR,SSE
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type PCI
mainbus0: bus 5 is type ISA
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
ioapic0: misconfigured as apic 0, remapped to apic 2
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82440BX AGP" rev 0x00
ppb0 at pci0 dev 1 function 0 "Intel 82440BX AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Mach64 GD" rev 0x5c
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb1 at pci0 dev 2 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci2 at ppb1 bus 2
ahc1 at pci2 dev 4 function 0 "Adaptec AIC-7890/1 U2" rev 0x00: apic 2
int 16 (i
rq 11)
scsibus0 at ahc1: 16 targets
ahc2 at pci2 dev 6 function 0 "Adaptec AIC-7860" rev 0x03: apic 2 int 16
(irq 11
)
scsibus1 at ahc2: 8 targets
cd0 at scsibus1 targ 5 lun 0: SCSI2
5/cdrom remova
ble
ppb2 at pci2 dev 10 function 0 "Intel i960 RP PCI-PCI" rev 0x05
pci3 at ppb2 bus 3
ami0 at pci2 dev 10 function 1 "Intel 80960RP ATU" rev 0x05: apic 2 int
18 (irq
10) Dell 466v2/32b
ami0: FW 3.00, BIOS v1.36, 16MB RAM
ami0: 1 channels, 16 targets, 1 logical drives
scsibus2 at ami0: 1 targets
sd0 at scsibus2 targ 0 lun 0: SCSI2 0/direct fixed
sd0: 42840MB, 5461 cyl, 255 head, 63 sec, 512 bytes/sec, 87736320 sec total
scsibus3 at ami0: 16 targets
safte0 at scsibus3 targ 6 lun 0: SCSI2
3/processor
fixed
pcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x02
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA,
channel 0 wi
red to compatibility, channel 1 wired to compatibility
pciide0: channel 0 ignored (disabled)
pciide0: channel 1 ignored (disabled)
uhci0 at pci0 dev 7 function 2 "Intel 82371AB USB" rev 0x01pci_intr_map:
bus 0 d
ev 7 func 2 pin 4; line 5
pci_intr_map: no MP mapping found
isa_intr_establish: no MP mapping found
: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
"Intel 82371AB Power" rev 0x02 at pci0 dev 7 function 3 not configured
xl0 at pci0 dev 12 function 0 "3Com 3c905 100Base-TX" rev 0x00: apic 2
int 22 (i
rq 14), address 00:60:08:78:35:0c
nsphy0 at xl0 phy 24: DP83840 10/100 PHY, rev. 1
ppb3 at pci0 dev 14 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci4 at ppb3 bus 4
"Sun PCIO Ebus2" rev 0x01 at pci4 dev 0 function 0 not configured
hme0 at pci4 dev 0 function 1 "Sun HME" rev 0x01: address 08:00:20:e4:22:53
luphy0 at hme0 phy 1: LU6612 10/100 PHY, rev. 1
hme0: using apic 2 int 22 (irq 14) for interrupt
isp0 at pci4 dev 4 function 0 "QLogic ISP1020" rev 0x05: apic 2 int 17
(irq 5)
isp0: Polled Mailbox Command (0x2) Timeout
isp0: Polled Mailbox Command (0x34) Timeout
isp0: Polled Mailbox Command (0x8) Timeout
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0:
spkr0 at pcppi0
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port
How to patch a physically weak system & recommended use of sudo?
Hello 1. I have a old computer that is slow and has little memory. But I want to keep it updated with patches. I can't compile these patches on the system but I could do it on another faster system. But how can I later apply the compiled patches to the weak system? 2. Alot of you seem to use sudo instead of su - when you want to do something that requires privileges. Why is this? What settings are you using for sudo? Thank you! Tim
Re: 1U case for Soekris boards?
Thanks to everyone for the replies on this one. I have had several suggestions from people. Some folks suggested an Epia Mini-ITX, but to the best of my knowledge these systems do not support full serial control like my old SS20. This is quite important to me as I do not have monitor or input devices in or near the rack. I like being able to console in to my routers, firewalls etc. I understand that a proper 1U case is being planned, so I will wait for that to be made available. Regards, Nick http://www.msn.co.uk/newsletters
