NETHERLAND NOTIFICATION!

2006-04-14 Thread MICHAEL GLASS
Jeg har en ny e-mail-adresse!Nu kan du e-maile mig pe: [EMAIL PROTECTED]

Toto Lotto NL

Spadestraat 1,

Oosterhout,

The Netherlands.


Dear Lucky Winner,

 

We are pleased to announce you as one of the 3 lucky winners in the Toto Mega 
Jackpot Lottery 


draw held recently. All 3 winning addresses were randomly selected from a batch 
of 5,000,000 


(Five Million) emails. Your email address emerged alongside 2 others as a 3rd 
category winner in 

this month's draw.You have therefore been approved for a total payoutof 
4,000,000 Euros (Four 


Million Euros only) The following particulars are attached to your lotto 
payment order:

 

(i) Winning numbers: 05,11,25,31,59 62

(ii) Serial number: 71-2-5166

(iii) Reference number: TLNL-111

 

Please contact our solicitors for further processing of your prize:

 

Mr.Simon Williams

Simon and Simon Solicitors

2e Tuindwarsstraat 8,

Jordaan,

1015 RZ Amsterdam,

The Netherlands, NL

Email: [EMAIL PROTECTED]

   

You are also advised to provide him with the under listed

information as soon as possible:

 

1. Name in full

2. Address

3. Nationality

4. Age

5. Occupation

6. Phone/Fax

 

On behalf of members and staff of Toto Lotto please accept my hearty 

congratulations!

Sincerely,

Michael Glass

 

N.B:

1. All claims that are not processed would be nullified after 10 

working days from today

 

2. The reference number quoted above should be in all your 

correspondence with our solicitors.

 

3. Do inform our solicitors of any change of address or names.

 

4. All winners under the age of 18 are automatically dis-qualified.

 

5. Please do not reply to this email. Contact our solicitors as 

indicated 

above.



- MICHAEL GLASS



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Joachim Schipper
On Thu, Apr 13, 2006 at 10:19:28PM -0400, John L. Scarfone wrote:
 On Fri, Apr 14, 2006 at 02:05:37AM +0200, Joachim Schipper stated:
  On Thu, Apr 13, 2006 at 08:09:20PM +0200, Piotrek Kapczuk wrote:
   So, where do these commits go now ?  To OPENBSD_3_9_BASE ?
   People say they received CD's. The CD's were burned with frozen
   OPENBSD_3_9_BASE. Right ? So, how one should follow -stable if commits
   aren't in -stable ?
  
  Wait for -stable to begin existing?
  
 It does exist.

Ah, you're right. Sorry, I understood from someone else's posting that
it didn't.

(hint: sendmail bug).
   Thanks for hint. It rings some bells, but poorly. I can't recall the
   details. What rel was then ? I can't find it on google.
  
  It was a couple of days ago. It was fixed in -current, 3.7 and 3.8,
  though, so fixing it in 3.9 might not be too difficult.
  
 It was fixed.  First time I've seen it happen before official release
 though.

Well, security problems just before releases are not that common. ;-)

Anyway, to answer the original question: download a src.tgz from
somewhere, the 3.8 version from your local mirror should do, and cvs up
it to OPENBSD_3_9.

And, just to reiterate for the benefit of those who have not seen it
yet: no, a source-code upgrade from 3.8 to 3.9 is not supported.
3.9-release - 3.9-stable should work, though.

Joachim



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Piotrek Kapczuk
Hi

2006-04-14, 10:37:47, you wrote:


 On Thu, Apr 13, 2006 at 10:19:28PM -0400, John L. Scarfone wrote:
 On Fri, Apr 14, 2006 at 02:05:37AM +0200, Joachim Schipper stated:
  On Thu, Apr 13, 2006 at 08:09:20PM +0200, Piotrek Kapczuk wrote:
   So, where do these commits go now ?  To OPENBSD_3_9_BASE ?
   People say they received CD's. The CD's were burned with frozen
   OPENBSD_3_9_BASE. Right ? So, how one should follow -stable if commits
   aren't in -stable ?

[...]

(hint: sendmail bug).
   Thanks for hint. It rings some bells, but poorly. I can't recall the
   details. What rel was then ? I can't find it on google.
  
  It was a couple of days ago. It was fixed in -current, 3.7 and 3.8,
  though, so fixing it in 3.9 might not be too difficult.

 It was fixed.  First time I've seen it happen before official release
 though.

 Well, security problems just before releases are not that common. ;-)

If I understand this right. This commit is in OPENBSD_3_9_BASE in cvs but it's
not on CD's. Isn't it ?

 Anyway, to answer the original question: download a src.tgz from
 somewhere, the 3.8 version from your local mirror should do, and cvs up
 it to OPENBSD_3_9.

Instead of this, can I checkout full src with tag OPENBSD_3_9_BASE ? The
result should be the same.

-- 
Regards
Piotrek Kapczuk



PPPoe question

2006-04-14 Thread mbaki
Hi all,

I'm having a weird problem with my connection, I switched from cable to
dsl (covad), and they gave me a netopia router to be setup in bridge mode
so that my OpenBSD 3.9 current can acquire the IP address. My 3.9 has 2
NIC, (fxp0 and xl0). My xl0 is my public IP, my fxp0 is 192.168.3.2, one
of my internal machines(Mac) is 192.168.3.111, and my netopia router is
192.168.3.1 all connected to a dumb switch.
My openbsd works fine, I'm able to access the net ping my 192.168.3.111
machine and so forth, however, my 3.111 machine cannot ping the 3.2
interface on my BSD even though the BSD can ping the 3.111 and they're on
a dumb switch.

Any idea why it's behaving like this, I was able to ping my server before
installing the covad router. Unless the covad router is denying my
request.
My pf.conf file allows me to ping my bsd box internally.



Mac(3.111)- ---
   |-- |switch|--fxp0(3.2)-- |  BSD|--xl0Internet
Netopia(3.1)  -|  |  | |
---



My ppp.conf

default:
 set log Phase Chat IPCP CCP tun command
 set redial 15 0
 set reconnect 15 1

pppoe:
 set device !/usr/sbin/pppoe -i xl0
 disable acfcomp protocomp
 deny acfcomp
 set mtu max 1492
 set speed sync
 enable lqr
 set lqrperiod 5
 set cd 5
 set dial
 set login
 set timeout 0
 set authname xxx
 set authkey xx
 add! default HISADDR
 enable dns
 enable mssfixup


Thank you



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Nick Holland

Piotrek Kapczuk wrote:
...

It was fixed.  First time I've seen it happen before official release
though.



Well, security problems just before releases are not that common. ;-)


If I understand this right. This commit is in OPENBSD_3_9_BASE in cvs but it's
not on CD's. Isn't it ?


n...


Anyway, to answer the original question: download a src.tgz from
somewhere, the 3.8 version from your local mirror should do, and cvs up
it to OPENBSD_3_9.


Instead of this, can I checkout full src with tag OPENBSD_3_9_BASE ? The
result should be the same.


N...

http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.sbin/sendmail/libsm/fflush.c

OPENBSD_3_9_BASE is tagged...and that's it.  (well..usually.  I'm sure 
there's some exception somewhere...)


The patches were put into OPENBSD_3_9 (a.k.a., stable), it turns out. 
That's not at all usual, and rather surprised me.  Apparently, this is a 
Special Case.


Nick.



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Srebrenko Sehic
On 4/14/06, Nick Holland [EMAIL PROTECTED] wrote:

 http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.sbin/sendmail/libsm/fflush.c

 OPENBSD_3_9_BASE is tagged...and that's it.  (well..usually.  I'm sure
 there's some exception somewhere...)

 The patches were put into OPENBSD_3_9 (a.k.a., stable), it turns out.
 That's not at all usual, and rather surprised me.  Apparently, this is a
 Special Case.

No. All patches past the _BASE tag always go into -STABLE. In this
case, correctly into OPENBSD_3_9. This is not special AFAIK.



network/mask in AllowUsers (sshd_config)

2006-04-14 Thread Dick Visser

Hi guys

Is there any way of configuring networks in sshd_config's AllowUsers?

You can put in user, [EMAIL PROTECTED], but no [EMAIL PROTECTED]/mask.
Having networks in AllowUsers would be extremely usefull.

Best regards,

--
Dick Visser
TERENA (IT Support Officer)
Singel 468D  1017AW  Amsterdam
The Netherlands
IP Phone: sip://[EMAIL PROTECTED]
Legacy phone:  +31205304488
http://www.terena.nl/~dick/pgp.key.asc



Re: network/mask in AllowUsers (sshd_config)

2006-04-14 Thread Lukasz Sztachanski
On Fri, Apr 14, 2006 at 12:24:33PM +0200, Dick Visser wrote:
 Hi guys
 
 Is there any way of configuring networks in sshd_config's AllowUsers?
 
 You can put in user, [EMAIL PROTECTED], but no [EMAIL PROTECTED]/mask.
 Having networks in AllowUsers would be extremely usefull.
 
 Best regards,
 
this can be done with hosts_access(5). Afair, user@ restricting needs
identd on client side( well, that's quite obvious).



- Lukasz Sztachanski


-- 
0x058B7133 // 16AB 4EBC 29DA D92D 8DBE  BC01 FC91 9EF7 058B 7133
http://entropy.pl



Patch for asynch sendmail vulnerability on OPENBSD_3_6 stable

2006-04-14 Thread Michael Flanagan
I found myself needing up apply the recent patch for sendmail against  
an aging 3.6 stable box.


I took the sendmail patch for the 3.7 stable branch and applied it  
against 3.6 stable. It applied cleanly with the exception of a half  
dozen hunks in a couple of files. I merged those by hand and am up  
and running with a rebuilt sendmail.


In case this saves anyone a little time, I've created a diff of what  
I'm running against 3.6 stable. It applies cleanly. You can find it  
here:


http://pokernut.net/wp-content/OPENBSD36_sendmail.patch

Michael



wifi troubles

2006-04-14 Thread Georg Wendenburg

Hi,

I'm trying to connect to a Wifi ISP over PPPoE, with the hardware:

Soekris net4511
Senao NL-2511CD PLUS EXT2 PCMCIA (wi driver)
13dBi Patch antenna

using OBSD 3.8 GENERIC kernel via flashdist.

Using the same PCMCIA and the same antenna, at the same location,
on a Windows98 laptop with RASPPPOE it works like a charm, but with
OpenBSD it is unable to start the PPPoE negotiation, it stays forever on
the PPPoE-Discovery phase, and never receives an answer from the AP;
asking to the ISP, they say that there are to much noise, and the
assotiation to the AP goes down, but not in the windows box.

And now i'm really lost ...

if any one could help ...

Thanks in advance

georg


- network configuration on the net4511:

ifconfig pppoe0 pppoedev wi0
ifconfig wi0 up nwid  media autoselect
spppcontrol pppoe0 myauthproto=chap myauthname= myauthkey=
ifconfig pppoe0 inet 0.0.0.0 0.0.0.1 netmask 0x
route add default 0.0.0.1
ifconfig pppoe0 up

- dmesg on the net4511:

OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD Am486DX4 W/B or Am5x86 W/B 150 (AuthenticAMD 486-class)
cpu0: FPU
real mem  = 66691072 (65128K)
avail mem = 53334016 (52084K)
using 839 buffers containing 3436544 bytes (3356K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 20/50/27, BIOS32 rev. 0 @ 0xf7840
pcibios0 at bios0: rev 2.0 @ 0xf/0x1
pcibios0: pcibios_get_intr_routing - function not supported
pcibios0: PCI IRQ Routing information unavailable.
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc8000/0x9000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
elansc0 at pci0 dev 0 function 0 AMD ElanSC520 PCI rev 0x00: product 0 
stepping 1.1, CPU clock 100MHz, reset 0

gpio0 at elansc0: 32 pins
cbb0 at pci0 dev 9 function 0 Texas Instruments PCI1410 CardBus rev 
0x02: irq 10
sis0 at pci0 dev 18 function 0 NS DP83815 10/100 rev 0x00: DP83816A, 
irq 11, address 00:00:24:c5:74:e4

nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1
sis1 at pci0 dev 19 function 0 NS DP83815 10/100 rev 0x00: DP83816A, 
irq 5, address 00:00:24:c5:74:e5

nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 1 device 0 cacheline 0x10, lattimer 0x3f
pcmcia0 at cardslot0
isa0 at mainbus0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
wdc0 at isa0 port 0x1f0/8 irq 14
wd0 at wdc0 channel 0 drive 0: SILICONSYSTEMS INC 64MB
wd0: 1-sector PIO, LBA, 62MB, 128128 sectors
wd0(wdc0:0:0): using BIOS timings
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
sysbeep0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom0: console
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
biomask f7c5 netmask ffe5 ttymask ffe7
pctr: no performance counters in CPU
wi0 at pcmcia0 function 0 INTERSIL, HFA384x/IEEE, Version 01.02 port 
0xa000/64
wi0: PRISM2.5 ISL3873 (0x800c), Firmware 1.1.0 (primary), 1.4.9 
(station), address 00:02:6f:06:0b:1d

dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
pppoe0: phase establish



Re: a little success in vnc over openvpn

2006-04-14 Thread Tim Donahue
On Friday 14 April 2006 07:45, OS rider wrote:
 Hi all , my name is takesima , a japanese .
 i can manipulate a windows 2000 machine ( which address is 192.168.1.222
 ) via internet .

 the point is  rdr on tun0 inet proto tcp from any to 10.4.0.2 -
 192.168.1.22 in pf.conf  and  vncviewer 10.4.0.2 .

 i wrote details in the last part of http://nakajin.dyndns.org/pikara.html .
 this is my first trial ,then there may be mistakes , so please point out
 them .

 regards

Perhaps this is easier than using a redirect statement in pf.conf. 

Set `sysctl -w net.inet.ip.forwarding=1` on both servers if it not already 
set.

vncviewer 192.168.1.122

Tim Donahue



Re: network/mask in AllowUsers (sshd_config)

2006-04-14 Thread Joachim Schipper
On Fri, Apr 14, 2006 at 01:49:20PM +0200, Lukasz Sztachanski wrote:
 On Fri, Apr 14, 2006 at 12:24:33PM +0200, Dick Visser wrote:
  Hi guys
  
  Is there any way of configuring networks in sshd_config's AllowUsers?
  
  You can put in user, [EMAIL PROTECTED], but no [EMAIL PROTECTED]/mask.
  Having networks in AllowUsers would be extremely usefull.
  
  Best regards,
  
 this can be done with hosts_access(5). Afair, user@ restricting needs
 identd on client side( well, that's quite obvious).

Not when it's integrated into OpenSSH. Of course, that would not be
TCPwrapper, but something custom-coded.

As to its being useful - methinks public-key authentication is
preferable to IP-based filtering.

Joachim



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Nick Holland
On Fri, Apr 14, 2006 at 01:16:17PM +0200, Srebrenko Sehic wrote:
 On 4/14/06, Nick Holland [EMAIL PROTECTED] wrote:
 
  http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.sbin/sendmail/libsm/fflush.c
 
  OPENBSD_3_9_BASE is tagged...and that's it.  (well..usually.  I'm sure
  there's some exception somewhere...)
 
  The patches were put into OPENBSD_3_9 (a.k.a., stable), it turns out.
  That's not at all usual, and rather surprised me.  Apparently, this is a
  Special Case.
 
 No. All patches past the _BASE tag always go into -STABLE. In this
 case, correctly into OPENBSD_3_9. This is not special AFAIK.
 
*sigh*
HELLO...  Topic is WHEN they go in.
3.9 is not official yet.  This patch set went into -stable already.
That *is* unusual.

Nick.



Re: Patch for asynch sendmail vulnerability on OPENBSD_3_6 stable

2006-04-14 Thread Will H. Backman

Michael Flanagan wrote:
I found myself needing up apply the recent patch for sendmail against 
an aging 3.6 stable box.


I took the sendmail patch for the 3.7 stable branch and applied it 
against 3.6 stable. It applied cleanly with the exception of a half 
dozen hunks in a couple of files. I merged those by hand and am up and 
running with a rebuilt sendmail.


In case this saves anyone a little time, I've created a diff of what 
I'm running against 3.6 stable. It applies cleanly. You can find it here:


http://pokernut.net/wp-content/OPENBSD36_sendmail.patch

Michael

Does anyone know of any tests for the problem?  How would I test such an 
unofficial patch?  I never did see anything that said OpenBSD was 
affected by the problem, and I'm always hoping that some of the OS level 
protections might help in situations like this.




Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Srebrenko Sehic
On 4/14/06, Nick Holland [EMAIL PROTECTED] wrote:

  No. All patches past the _BASE tag always go into -STABLE. In this
  case, correctly into OPENBSD_3_9. This is not special AFAIK.

 *sigh*
 HELLO...  Topic is WHEN they go in.
 3.9 is not official yet.  This patch set went into -stable already.
 That *is* unusual.

So you say that the patch should go into OPENBSD_3_9 branch after 3.9
is *officially* released? Well, I wonder how people who pre-orded
their CDs, got them, installed 3.9-RELEASE and run Sendmail are going
to patch their systems?

Wait for 3.9 to hit FTP mirrors? No. They sync to -rOPENBSD_3_9 and
get the patch.



Re: Thank you my dear GOD bless you.

2006-04-14 Thread Nils.Reuvers
sigh 

-Original Message-
From: Ms.KIMAEVE LIOUDMILA [mailto:[EMAIL PROTECTED] 
Sent: vrijdag 14 april 2006 12:30
To: misc@openbsd.org
Subject: Thank you my dear GOD bless you.

My Dear. 
  
I have a profiling amount in an excess of US$123M, which I seek your
partnership in accommodating for me. You will be rewarded with 40% of
the total sum for your partnership.Can you be my partner on this?
 
INTRODUCTION OF MY SELF: 
I am Ms.KIMAEVA LIOUDMILA, a personal secretary to Mikhail Khodorkovsky
the richest man in Russia and owner of the following companies: Chairman
CEO: YUKOS OIL (Russian Most Largest Oil Company) Chairman CEO: Menatep
SBP Bank (A well reputable financial institution with its branches all
over the world)
 
SOURCE OF FUNDS: 
The documents of the above funds in question was handed over to me to be
used in payment of an American oil merchant for his last oil deal with
my boss Mikhail Khodorkovsky. Already the funds have been deposited with
GULF TRESURY SERVICES PLC UK ,where the final crediting is expected to
be carried out. While I was on the process, My Boss got arrested for his
involvement on politics in financing the leading and opposing political
parties (the Union of Right Forces, led by Boris Nemtsov, and Yabloko, a
liberal/social democratic party led by Gregor Yavlinsky) which poses
treat to President Vladimir Putin second tenure as Russian president.
You can catch more of the story on this
 
http://newsfromrussia.com/main/2003/11/13/51215.html 
  
YOUR ROLE: 
All I need from you is to stand as the beneficiary of the above quoted
sum and I will arrange for the documentation which will enable GULF
TRESURY SERVICES PLC UK transfer the sum to you. I have decided to use
this sum to relocate to American continent and never to be connected to
any of Mikhail Khodorkovsky conglomerates. 
 
The transaction has to be concluded in 2 weeks before Mikhail
Khodorkovsky is out from prison. As soon as I get your willingness to
comply I will give you more details.
 
Thank you very much 
  
Regards 
  
Ms.KIMAEVE LIOUDMILA



=
A disclaimer applies to this email and any attachments. 
Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this 
disclaimer.



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread D. E. Evans
   So you say that the patch should go into OPENBSD_3_9 branch after 3.9
   is *officially* released? Well, I wonder how people who pre-orded
   their CDs, got them, installed 3.9-RELEASE and run Sendmail are going
   to patch their systems?

I got 3.8 almost 2 weeks early, and seem to remember applying -stable
that day, (though I don't believe there were needful security patches
at the time).  What I would have found unusual is to not have
security patches applied to the tree.  Just because upgrading via
CVS will most likely hose your system, doesn't mean that once
upgraded properly it shouldn't be available.  CDs went out almost
a month early this time around, which would have made for an
awkward situation, even with the manual patches available.



why /dev/rwd0c instead of /dev/wd0c?

2006-04-14 Thread João Salvatti
Hi all,

When I run 'disklabel wd0', it returns:

# /dev/rwd0c:

My question is: why /dev/rwd0c instead of /dev/wd0c?

Thanks..

--
Joco Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://www.openbsd-pa.org
e-mail: [EMAIL PROTECTED]



Re: why /dev/rwd0c instead of /dev/wd0c?

2006-04-14 Thread Otto Moerbeek
On Fri, 14 Apr 2006, Joco Salvatti wrote:

 Hi all,

 When I run 'disklabel wd0', it returns:

 # /dev/rwd0c:

 My question is: why /dev/rwd0c instead of /dev/wd0c?

Because disklabel opens the raw device, block devices are normally
only used to access filesystems.

-Otto



Re: why /dev/rwd0c instead of /dev/wd0c?

2006-04-14 Thread Tim Donahue
On Friday 14 April 2006 10:56, Joco Salvatti wrote:
 Hi all,

 When I run 'disklabel wd0', it returns:

 # /dev/rwd0c:

 My question is: why /dev/rwd0c instead of /dev/wd0c?

 Thanks..


From `man disklabel`:
 diskSpecify the disk to operate on.  It can be specified either by
 its full pathname or an abbreviated disk form.  In its abbreviat-
 ed form, the path to the device, the `r' denoting raw device,
 and the slice, can all be omitted.  For example, the first IDE
 disk can be specified as either /dev/rwd0c, /dev/wd0c, or wd0.


Tim Donahue



BSD booth

2006-04-14 Thread Dru
I met Nikolay at the BSD booth at Linuxworld Boston and he is interested in 
putting together a BSD booth at OpenFest in Sofia, Bulgaria later this year. Do 
we have any contacts in that part of the world who can make sure that there is 
some OpenBSD swag at the booth? Please cc Nikolay in any responses in case he 
is not subscribed to this list.


Dru



ksh: cannot fork - try again ??

2006-04-14 Thread Jacob Yocom-Piatt
since i've started doing C programming on my openbsd-3.8 release machine, i've
had a problem with running processes. sometimes i get the following message when
trying to issue shell commands:

ksh: cannot fork - try again

looking at my ulimit output, i see the following:

$ ulimit -a
time(cpu-seconds)unlimited
file(blocks) unlimited
coredump(blocks) unlimited
data(kbytes) 524288
stack(kbytes)4096
lockedmem(kbytes)316622
memory(kbytes)   945236
nofiles(descriptors) 128
processes128

should i change my login class settings in /etc/login.conf, or is sufficient to
change them with $ ulimit -n 128, etc.? i'm not sure what's going on here, so
any advice is appreciated.

this is my desktop machine and i have a lot of stuff open concurrently on it.

cheers,
jake



Re: why /dev/rwd0c instead of /dev/wd0c?

2006-04-14 Thread João Salvatti
Thanks folks.

On 4/14/06, Tim Donahue [EMAIL PROTECTED] wrote:
 On Friday 14 April 2006 10:56, Joco Salvatti wrote:
  Hi all,
 
  When I run 'disklabel wd0', it returns:
 
  # /dev/rwd0c:
 
  My question is: why /dev/rwd0c instead of /dev/wd0c?
 
  Thanks..
 

 From `man disklabel`:
  diskSpecify the disk to operate on.  It can be specified either by
  its full pathname or an abbreviated disk form.  In its abbreviat-
  ed form, the path to the device, the `r' denoting raw device,
  and the slice, can all be omitted.  For example, the first IDE
  disk can be specified as either /dev/rwd0c, /dev/wd0c, or wd0.


 Tim Donahue




--
Joco Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://www.openbsd-pa.org
e-mail: [EMAIL PROTECTED]



Re: ksh: cannot fork - try again ??

2006-04-14 Thread Otto Moerbeek
On Fri, 14 Apr 2006, Jacob Yocom-Piatt wrote:

 since i've started doing C programming on my openbsd-3.8 release machine, i've
 had a problem with running processes. sometimes i get the following message 
 when
 trying to issue shell commands:
 
 ksh: cannot fork - try again
 
 looking at my ulimit output, i see the following:
 
 $ ulimit -a
 time(cpu-seconds)unlimited
 file(blocks) unlimited
 coredump(blocks) unlimited
 data(kbytes) 524288
 stack(kbytes)4096
 lockedmem(kbytes)316622
 memory(kbytes)   945236
 nofiles(descriptors) 128
 processes128
 
 should i change my login class settings in /etc/login.conf, or is sufficient 
 to
 change them with $ ulimit -n 128, etc.? i'm not sure what's going on here, 
 so
 any advice is appreciated.
 
 this is my desktop machine and i have a lot of stuff open concurrently on it.

First check if your programming efforts aren't generating lots of
runaway processes. If that's not the case, login.conf is the answer;
ulimit one works for the current shell and processes forked by the
current shell. BTW, ulimit -n is for file descriptors, not procceses.

-Otto



Re: ksh: cannot fork - try again ??

2006-04-14 Thread Gerardo Santana Gómez Garrido
2006/4/14, Jacob Yocom-Piatt [EMAIL PROTECTED]:
 since i've started doing C programming on my openbsd-3.8 release machine, i've
 had a problem with running processes. sometimes i get the following message 
 when
 trying to issue shell commands:

 ksh: cannot fork - try again

 looking at my ulimit output, i see the following:

 $ ulimit -a
 time(cpu-seconds)unlimited
 file(blocks) unlimited
 coredump(blocks) unlimited
 data(kbytes) 524288
 stack(kbytes)4096
 lockedmem(kbytes)316622
 memory(kbytes)   945236
 nofiles(descriptors) 128
 processes128

 should i change my login class settings in /etc/login.conf, or is sufficient 
 to
 change them with $ ulimit -n 128, etc.? i'm not sure what's going on here, 
 so
 any advice is appreciated.

 this is my desktop machine and i have a lot of stuff open concurrently on it.

Hhmmm... is it KDE?, it may use many file descriptors, specially while
browsing with Konqueror.



 cheers,
 jake




--
Gerardo Santana
Between individuals, as between nations, respect for the rights of
others is peace - Don Benito Juarez
http://santanatechnotes.blogspot.com/



Re: Patch for asynch sendmail vulnerability on OPENBSD_3_6 stable

2006-04-14 Thread Ted Unangst
On 4/14/06, Will H. Backman [EMAIL PROTECTED] wrote:
 unofficial patch?  I never did see anything that said OpenBSD was
 affected by the problem, and I'm always hoping that some of the OS level
 protections might help in situations like this.

not likely.



Re: ksh: cannot fork - try again ??

2006-04-14 Thread sico
 since i've started doing C programming on my openbsd-3.8 release machine,
 i've
 had a problem with running processes. sometimes i get the following
 message when
 trying to issue shell commands:

 ksh: cannot fork - try again

[rest deleted for brevity]

Are you maybe running out of memory? Is your swap partition big enough?

CU, Sico.

-- 



Re: ksh: cannot fork - try again ??

2006-04-14 Thread Jacob Yocom-Piatt
 Original message 
Date: Fri, 14 Apr 2006 21:05:55 +0200 (CEST)
From: [EMAIL PROTECTED]  
Subject: Re: ksh: cannot fork - try again ??  
To: [EMAIL PROTECTED]
Cc: misc@openbsd.org

 since i've started doing C programming on my openbsd-3.8 release machine,
 i've
 had a problem with running processes. sometimes i get the following
 message when
 trying to issue shell commands:

 ksh: cannot fork - try again

[rest deleted for brevity]

Are you maybe running out of memory? Is your swap partition big enough?

CU, Sico.

-- 


i have 730MB of 1GB available and that likely answers your question about swap.

i am also not running KDE, i use the default fvwm.

i will change my login class to staff and restart my X session, a la otto's
suggestion, to see if that fixes it.

everybody who replied CC'ed me, so i got 3 duplicate replies since i'm
subscribed to [EMAIL PROTECTED] why the CC fellas?



Re: ksh: cannot fork - try again ??

2006-04-14 Thread sico
 ksh: cannot fork - try again

[rest deleted for brevity]

Are you maybe running out of memory? Is your swap partition big enough?

CU, Sico.

--


 i have 730MB of 1GB available and that likely answers your question about
 swap.

I suppose.

 i am also not running KDE, i use the default fvwm.

 i will change my login class to staff and restart my X session, a la
 otto's
 suggestion, to see if that fixes it.

Do try every suggestion, as the solution to your problem could be among them.

 everybody who replied CC'ed me, so i got 3 duplicate replies since i'm
 subscribed to [EMAIL PROTECTED] why the CC fellas?

A matter of habit I suppose, sorry for that. With procmail I myself kill
dupes so as to not have that problem.

CU,
Sico.
-- 



Re: Is Sony Ericsson GC85 supported?

2006-04-14 Thread Felix Kronlage
On Sat, Apr 15, 2006 at 12:22:00AM +0200, Alex Holst wrote:

 I'm trying to find supported GPRS/UMTS modems in stores around here,
 which is harder than you might think. According to i386.html, these two
 are supported:
 # Sony Ericsson GC75 GSM/GPRS modems
 # Sony Ericsson GC89 GSM/EGDE modems 
 Thus far I've found a Sony Ericsson GC85 - anyone happen know if it's
 similar enough to one of the other two to be supported?

from what I've found on the net it seems like the GC85 is like the GC89
just without wifi. Beware that these cards (including the GC85)
are not UMTS capable. they do gsm/gprs and (gc85,gc89) edge.
while it's likely that the gc85 works (or just needs to be attached to
the proper com driver), it could also be that Sony Ericsson decided to 
use completly different hardware for the gc85 (walk down to the
store with your OpenBSD laptop and try to convince the clerk to let
you insert it :)

UMTS cards that are known to work reliable are:

Novatel Merlin U530
Option GlobeTrotter 3G Fusion
Option GlobeTrotter 3G QUAD
Vodafone Mobile Connect 3G

also see ubsa(4) for the last three of these.

felix



Re: ksh: cannot fork - try again ??

2006-04-14 Thread Han Boetes
Jacob Yocom-Piatt wrote:
 everybody who replied CC'ed me, so i got 3 duplicate replies
 since i'm subscribed to [EMAIL PROTECTED] why the CC fellas?

Add a recipe to your mailfilter; something like this:

# You don't want to miss you are CC-ed after all. You just don't want
# them in your maildir.
if (/^(Cc|To).*(misc|tech|bugs|gnats|source-changes)@/) {
to $DEFAULT/cc
}



# Han



Re: Spamd, gmail and aol...

2006-04-14 Thread Craig Skinner
On Fri, Apr 07, 2006 at 09:41:56AM -0600, Jeff Ross wrote:
 
 I have the following gmail servers whitelisted in my /etc/whitelist
 
 #gmail
 64.233.162.192/28   # zproxy gmail
 64.233.170.192/28   # rproxy gmail
 64.233.182.192/28   # nproxy gmail
 64.233.184.192/28   # wproxy gmail
 66.249.82.192/28   # xproxy gmail
 66.249.92.192/28   # uproxy gmail
 216.239.56.240/28   # mproxy gmail
 

Hi lads,

See any probs with this wee idea to auto generate the above?

# cat /root/bin/mk-gmail-spamd-whitelist
#!/bin/ksh

file=/etc/spamd.whitelist.gmail

for l in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5
6 7 8 9
do
  echo \#${l}proxy.gmail.com  ${file}~
  dig ${l}proxy.gmail.com +short 21 | fgrep -v \;  ${file}~
done

mv ${file}~ ${file}


# crontab -l | fgrep gmail
@daily  $HOME/bin/mk-gmail-spamd-whitelist

# fgrep gmail /etc/spamd.conf
:file=/etc/spamd.whitelist.gmail:


Just generated this lot:

# cat /etc/spamd.whitelist.gmail
#aproxy.gmail.com
#bproxy.gmail.com
#cproxy.gmail.com
#dproxy.gmail.com
#eproxy.gmail.com
#fproxy.gmail.com
#gproxy.gmail.com
#hproxy.gmail.com
72.14.214.203
72.14.214.204
72.14.214.205
72.14.214.206
72.14.214.207
72.14.214.192
72.14.214.193
72.14.214.194
72.14.214.195
72.14.214.196
72.14.214.197
72.14.214.198
72.14.214.199
72.14.214.200
72.14.214.201
72.14.214.202
#iproxy.gmail.com
#jproxy.gmail.com
#kproxy.gmail.com
#lproxy.gmail.com
#mproxy.gmail.com
216.239.56.249
216.239.56.250
216.239.56.251
216.239.56.252
216.239.56.253
216.239.56.240
216.239.56.241
216.239.56.242
216.239.56.243
216.239.56.244
216.239.56.245
216.239.56.246
216.239.56.247
216.239.56.248
#nproxy.gmail.com
64.233.182.203
64.233.182.204
64.233.182.205
64.233.182.206
64.233.182.207
64.233.182.184
64.233.182.185
64.233.182.186
64.233.182.187
64.233.182.188
64.233.182.189
64.233.182.190
64.233.182.191
64.233.182.192
64.233.182.193
64.233.182.194
64.233.182.195
64.233.182.196
64.233.182.197
64.233.182.198
64.233.182.199
64.233.182.200
64.233.182.201
64.233.182.202
#oproxy.gmail.com
#pproxy.gmail.com
64.233.166.180
64.233.166.181
64.233.166.182
64.233.166.183
64.233.166.176
64.233.166.177
64.233.166.178
64.233.166.179
#qproxy.gmail.com
72.14.204.207
72.14.204.224
72.14.204.225
72.14.204.226
72.14.204.227
72.14.204.228
72.14.204.229
72.14.204.230
72.14.204.231
72.14.204.232
72.14.204.233
72.14.204.234
72.14.204.235
72.14.204.236
72.14.204.237
72.14.204.238
72.14.204.239
72.14.204.192
72.14.204.193
72.14.204.194
72.14.204.195
72.14.204.196
72.14.204.197
72.14.204.198
72.14.204.199
72.14.204.200
72.14.204.201
72.14.204.202
72.14.204.203
72.14.204.204
72.14.204.205
72.14.204.206
#rproxy.gmail.com
64.233.170.195
64.233.170.196
64.233.170.197
64.233.170.198
64.233.170.199
64.233.170.200
64.233.170.201
64.233.170.202
64.233.170.203
64.233.170.204
64.233.170.205
64.233.170.206
64.233.170.207
64.233.170.192
64.233.170.193
64.233.170.194
#sproxy.gmail.com
#tproxy.gmail.com
#uproxy.gmail.com
66.249.92.203
66.249.92.204
66.249.92.205
66.249.92.206
66.249.92.207
66.249.92.168
66.249.92.169
66.249.92.170
66.249.92.171
66.249.92.172
66.249.92.173
66.249.92.174
66.249.92.175
66.249.92.192
66.249.92.193
66.249.92.194
66.249.92.195
66.249.92.196
66.249.92.197
66.249.92.198
66.249.92.199
66.249.92.200
66.249.92.201
66.249.92.202
#vproxy.gmail.com
#wproxy.gmail.com
64.233.184.232
64.233.184.233
64.233.184.234
64.233.184.235
64.233.184.236
64.233.184.237
64.233.184.238
64.233.184.239
64.233.184.224
64.233.184.225
64.233.184.226
64.233.184.227
64.233.184.228
64.233.184.229
64.233.184.230
64.233.184.231
#xproxy.gmail.com
66.249.82.203
66.249.82.204
66.249.82.205
66.249.82.206
66.249.82.207
66.249.82.192
66.249.82.193
66.249.82.194
66.249.82.195
66.249.82.196
66.249.82.197
66.249.82.198
66.249.82.199
66.249.82.200
66.249.82.201
66.249.82.202
#yproxy.gmail.com
#zproxy.gmail.com
64.233.162.198
64.233.162.199
64.233.162.200
64.233.162.201
64.233.162.202
64.233.162.203
64.233.162.204
64.233.162.205
64.233.162.206
64.233.162.207
64.233.162.192
64.233.162.193
64.233.162.194
64.233.162.195
64.233.162.196
64.233.162.197
#0proxy.gmail.com
#1proxy.gmail.com
#2proxy.gmail.com
#3proxy.gmail.com
#4proxy.gmail.com
#5proxy.gmail.com
#6proxy.gmail.com
#7proxy.gmail.com
#8proxy.gmail.com
#9proxy.gmail.com



Nmap No buffer space available

2006-04-14 Thread Chris Alatakis

# pfctl -F all  pfctl -d
# nmap -vv -sP '0.0.0.*'

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-04-15 01:58 UCT
sendto in send_ip_packet: sendto(3, packet, 40, 0, 62.201.118.82, 16) = 
No buffer space available

Sleeping 15 seconds then retrying

openbsd 3.7 over a pppoe conection.

I seacrhed google and find many people with the same problem.
But no answer.

Is there any fix of using nmap on openbsd through a ppp conection
or I m just loosing my time and nmap will not work as usuall?

Anyone that using nmap over pppoe link succesfully on openbsd and
has any suggestions?


Thanks

Chris



Please Restore Your Account Access

2006-04-14 Thread Halifax Security Alert
[IMAGE]



personal  business account

Security Alert

Please note that Your Halifax Online Account is about to expire. In order
for it to remain active, please use the link below to proceed and restore
access to Your Account.

https://www.halifax-online.co.uk/_mem_bin/formslogin.asp



Mail option

2006-04-14 Thread D. E. Evans
Maybe I'm the only one around who still uses it, but there's one
option in mailx from SysV that I miss with OpenBSD: ~a.  It would
be simpler to have either ~a to add the --  with newline, and
read in my .signature, or a .mailrc option that automates the 
additions, (preferably both).  As it is now, I must manually add
the --  and newline, then ~r my .signature.

Any takers?
-- 
D. E. Evans [EMAIL PROTECTED]
URL:http://www.deevans.net



Set up root partition as read only.

2006-04-14 Thread João Salvatti
Hi all,

To increase the security level of my OpenBSD system I have defined at
/etc/fstab that the root partition should be read only. /etc/fstab
follows:


/dev/wd0a / ffs ro,softdep 1 1
/dev/wd0g /home ffs rw,softdep,nodev,nosuid,noexec 1 2
/dev/wd0f /tmp ffs rw,softdep,nodev,nosuid,noexec 1 2
/dev/wd0d /usr ffs rw,softdep,nodev 1 2
/dev/wd0e /var ffs rw,softdep,nodev,nosuid,noexec 1 2

After rebooting my system I tested to check whether these settins were
applied correctly:

# cd /
# touch test

 When I ran ls the 'test' file was there. I mean, the ro flag that I
had added to my root partition had no effect. Has anyone ever faced
this?

Thanks.


--
Joco Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://www.openbsd-pa.org
e-mail: [EMAIL PROTECTED]



Re: Set up root partition as read only.

2006-04-14 Thread Tony
Joco Salvatti wrote:

 Hi all,

 To increase the security level of my OpenBSD system I have defined at
 /etc/fstab that the root partition should be read only. /etc/fstab
 follows:

Me, I just lurk here but:
1) if having / ro would actually improve security,
they would have done so long ago.
2) There are probably essential reasons why / cannot be read-only
on a useable system. Involving /etc, maybe.

You maybe can get the desired effect if you make / small enough
so there isn't room to write anything else.



 /dev/wd0a / ffs ro,softdep 1 1
 /dev/wd0g /home ffs rw,softdep,nodev,nosuid,noexec 1 2
 /dev/wd0f /tmp ffs rw,softdep,nodev,nosuid,noexec 1 2
 /dev/wd0d /usr ffs rw,softdep,nodev 1 2
 /dev/wd0e /var ffs rw,softdep,nodev,nosuid,noexec 1 2

 After rebooting my system I tested to check whether these settins were
 applied correctly:

 # cd /
 # touch test

  When I ran ls the 'test' file was there. I mean, the ro flag that I
 had added to my root partition had no effect. Has anyone ever faced
 this?

 Thanks.


 --
 Joco Salvatti
 Undergraduating in Computer Science
 Federal University of Para - UFPA
 web: http://www.openbsd-pa.org
 e-mail: [EMAIL PROTECTED]



Re: OpenBSD 3.9 stable from cvs

2006-04-14 Thread Shane J Pearson

On 2006.04.14, at 11:05 PM, Srebrenko Sehic wrote:

Well, I wonder how people who pre-orded their CDs, got them,  
installed 3.9-RELEASE and run Sendmail are going to patch their  
systems?


Use the source code from the CD's themselves and then download the  
patch from

http://www.openbsd.org/errata.html and apply?



Re: Set up root partition as read only.

2006-04-14 Thread Chris Kuethe
On 4/14/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
 Me, I just lurk here but:
 1) if having / ro would actually improve security,
 they would have done so long ago.
 2) There are probably essential reasons why / cannot be read-only
 on a useable system. Involving /etc, maybe.

it causes problems unless you hack up /etc/rc in a big way. I had
boxen i did this on - firewalls with filesystems on CF so fsck was a
pain - but there were a lot of changes needed. In the end, it didn't
win me enough, so I just went back to rw / ...

   When I ran ls the 'test' file was there. I mean, the ro flag that I
  had added to my root partition had no effect. Has anyone ever faced
  this?

read /etc/rc.

--
GDB has a 'break' feature; why doesn't it have 'fix' too?