Re: The future of NetBSD
I don't think that binary only drivers are well enough. Surely better than nothing but ... No fucking way. No support is FAR FAR better than a blob. Yes, really! Don't forget that an open source team sometimes makes api changes that might break a binary only driver. And companies sometimes are slow in fixing. A.K.A. Never. And when they try it usually doesn't work right. Worst of all *you* have no clue how they kludged a so called fix together. Vendor code is usually pretty darn bad and I wonder why people never revolt against that. Or the vendor did some mistakes in his own driver. First the paying customers are served. All the other folks (open source ..) surely will come last. Open source users paid for the hardware didn't they? Or because they use an alternative OS now they stole the hardware? This argument is retarded. For some smaller corps supporting open source developers is simply a burden that costs time and so money. Docs are part of the development process. If they are not than you don't want that hardware. I know this from a medium sized german company producing nice audio recording cards. It was impossible to get a card and documentation from them for a FreeBSD developers. And after weeks and months of asking via e-mail they decided finally to tell the truth that they don't want to support open source developers anymore, it makes too much work. They are unable to spend so much time answering open source developers questions although they got documentation. This experience they made with Linux developers. I call horseshit on this one too. Vendors do not have to support shit if they free their docs. NOTHING because the OS developers will do it for FREE for them. This argument is a steaming pile of shit with peanuts in it. It is this attitude that is killing Linux and FreeBSD. They will allow anyone to shit and piss in their sandbox and say GREAT THANKS! You people need to get through your heads that blobs are killing your operating system that you pretend to care so much about. Allowing blobs is the equivalent of eating fast food; it is convenient now but 10 years from now your ass wont fit through the door. A man will fight harder for his interests than for his rights. -- Napoleon Bonaparte Andreas /// -- Andreas Klemm - Powered by FreeBSD 6 Need a magic printfilter today ? - http://www.apsfilter.org/ Hi All! I agree totally with Mr. Peereboom. IMHO, BLOBS are not sustainable in the long run. If a manufacturer decides to retire a particular model (driver support included) while OS keeps on releasing newer versions (which include changes in the design and/or how things are implemented) one will be facing two scenarios: stasis or an unstable system. Both I believe is distasteful. I'd rather purchase hardware that will enable me to (ab)use it until it no longer works (MBTF deadend) using either NetBSD or OpenBSD :). Joseph A. Dacuma
Re: sharing ffs filesystems between NetBSD and OpenBSD
In message [EMAIL PROTECTED], Pedro Martelletto writes: On Tue, Sep 05, 2006 at 07:24:55PM +0200, Igor Sobrado wrote: Indeed, it is a BSD disklabel related problem not a ffs's one. It *is* a FFS problem. The superblocks are different. The BSD disklabel provides information not only about the disk partitions but also about the geometry of the disk--these parameters clearly differ between NetBSD and OpenBSD. (Certainly I do not think that it is a BIOS issue in this case.) If the geometry of the disk differs in NetBSD and OpenBSD any command that uses this information can damage the filesystem. I do not know if you are right, but certainly diverging disklabels can explain the problem I outlined in the first message to this thread; even worse, diverging disklabels are an excellent foundation for my fear about future damages to the files stored in the media. It would be nice making the disklabels (and superblocks if different) compatible again. Don't know the advantages of diverging disklabels (but I guess that BSD developers have not changed the disklabels in incompatible ways without good reasons to do it) but, certainly, the ffs/ffs2 filesystems should strictly follow the model proposed by McKusick for ffs and soft updates in the papers published at ACM TOCS. Cheers, Igor.
Xorg on Dell PowerEdge SC 430
Hi, has anyone here managed to get X working on a Dell PowerEdge SC 430 yet? I'm using the onboard graphics (or trying to). I run OpenBSD 3.9 with Xorg ver: X Window System Version 6.9.0 (for OpenBSD) Release Date: 21 December 2005 dmesg shows this for the graphics which looks right vga1 at pci5 dev 7 function 0 XGI Technology Volari Z7 rev 0x00 Have any of you managed to get this working? Any help would be most welcome. My current xorg.conf is as follows: Section ServerLayout Identifier X.org Configured Screen 0 Screen0 0 0 InputDeviceMouse0 CorePointer InputDeviceKeyboard0 CoreKeyboard EndSection Section Files RgbPath /usr/X11R6/lib/X11/rgb ModulePath /usr/X11R6/lib/modules FontPath /usr/X11R6/lib/X11/fonts/misc/ FontPath /usr/X11R6/lib/X11/fonts/TTF/ FontPath /usr/X11R6/lib/X11/fonts/Type1/ FontPath /usr/X11R6/lib/X11/fonts/CID/ FontPath /usr/X11R6/lib/X11/fonts/75dpi/ FontPath /usr/X11R6/lib/X11/fonts/100dpi/ EndSection Section Module Load dbe Load extmod Load glx Load record Load xtrap Load freetype Load type1 EndSection Section InputDevice Identifier Keyboard0 Driver kbd EndSection Section InputDevice Identifier Mouse0 Driver mouse Option Protocol wsmouse Option Device /dev/wsmouse Option ZAxisMapping 4 5 6 7 EndSection Section Monitor #DisplaySize 340 270 # mm Identifier Monitor0 VendorName DEL ModelNameDELL E173FP ### Comment all HorizSync and VertSync values to use DDC: HorizSync31.0 - 80.0 VertRefresh 56.0 - 75.0 Option DPMS EndSection Section Device ### Available Driver options are:- ### Values: i: integer, f: float, bool: True/False, ### string: String, freq: f Hz/kHz/MHz ### [arg]: arg optional #Option Accel # [bool] #Option AccelMethod # str #Option TurboQueue# [bool] #Option FastVram # [bool] #Option HostBus # [bool] #Option RenderAcceleration# [bool] #Option ForceCRT1Type # str #Option ForceCRT2Type # str #Option ShadowFB # [bool] #Option DRI # [bool] #Option AGPSize # i #Option GARTSize # i #Option Vesa # [bool] #Option MaxXFBMem # i #Option EnableSiSCtrl # [bool] #Option SWCursor # [bool] #Option HWCursor # [bool] #Option UseColorHWCursor # [bool] #Option Rotate# str #Option Reflect # str #Option Xvideo# [bool] #Option InternalModes # [bool] #Option OverruleFrequencyRanges # [bool] #Option RestoreBySetMode # [bool] #Option ForceCRT1 # [bool] #Option XvOnCRT2 # [bool] #Option PanelDelayCompensation# i #Option PDC # i #Option PanelDelayCompensation2 # i #Option PDC2 # i #Option PanelDelayCompensation1 # i #Option PDC1 # i #Option EMI # i #Option LVDSHL# i #Option ForcePanelRGB # i #Option SpecialTiming # str #Option TVStandard# str #Option UseROMData# [bool] #Option UseOEMData# [bool] #Option YV12 # [bool] #Option CHTVType # [bool] #Option CHTVOverscan # [bool] #Option CHTVSuperOverscan # [bool] #Option CHTVLumaBandwidthCVBS # i #Option CHTVLumaBandwidthSVIDEO # i #Option CHTVLumaFlickerFilter # i #Option CHTVChromaBandwidth # i #Option CHTVChromaFlickerFilter # i #Option CHTVCVBSColor # [bool] #Option CHTVTextEnhance # i #Option CHTVContrast # i #Option SISTVEdgeEnhance # i #Option SISTVAntiFlicker # str #Option SISTVSaturation # i #Option SISTVCFilter # [bool] #Option SISTVYFilter
Re: IKE Phase-II fails - GETSPI: Operation not supported
please provide all information. On Tue, Sep 05, 2006 at 02:50:12PM -0400, John Ruff wrote: I'm trying implement a IPSec/VPN tunnel and phase-II of the IKE negotiation is failing with the following errors seen from 'isakmpd - dKL -D A=90': 110340.763012 Default pf_key_v2_get_spi: GETSPI: Operation not supported 110340.763362 Default initiator_send_HASH_SA_NONCE: doi-get_spi failed 110340.763933 Default exchange_run: doi-initiator (0x86aa2380) failed This occurs after Phase-II proposals have been accepted. The other peer is functioning fine, I have other tunnels to it from Cisco PIXs and FreeBSD (raccon) boxes. Should this be reported as a bug? I'm running: 4.0-current (GENERIC #1103) - x86 Thanks.
Re: LANPARTY UT NF590 SLI-M2R/G Compatibility?
On 2006/09/05 21:20, Alejandro wrote: I read www.openbsd.org/amd64.html and i have doubts with the chipset, audio and lan. audio is probably azalia(4), lan is probably nfe(4) - MCP55 is listed (not MCP55PXE but I bet that just indicates there's a BIOS module for network-booting). You might need a snapshot (or 4.0 when it's available) and remember there's a choice of i386 and amd64 kernels, as well as GENERIC/GENERIC.MP. The best way is to buy the board somewhere that will allow you to exchange it if it doesn't work with OpenBSD, otherwise it would also be helpful if you could at least boot an install CD on a machine with the same motherboard, but of course these things aren't always possible. Unless someone has tried this particular board you won't know for sure whether it works, but in general: common motherboards seem to work reasonably well, you're most likely to see problems with specialist boards (server etc) or boards with parts that aren't very common.
Re: ssh problem
On 2006/09/05 22:21, Leonard Jacobs wrote: Well I wish it were this easy, or perhaps I am still missing something. I added AllowUsers username in the sshd_config file and changed the drive to read/write and here's the results: Was the user added normally (adduser/vipw)? If not, was pwd_mkdb run to update pwd.db and spwd.db? Of course I would love to disallow Root logins but will await the resolution of allowing regular users to connect via ssh first. Soekris - what is it, single-user system running as a router or something? There's probably not very much benefit from disabling root logins in such a case, just use good passwords or use keys and PasswordAuthentication no (and if possible only allow your legitimate IP addresses to connect), but you still want that if you disable root logins.
Re: The future of NetBSD
thus Joseph A. Dacuma spake: I don't think that binary only drivers are well enough. Surely better than nothing but ... No fucking way. No support is FAR FAR better than a blob. Yes, really! Don't forget that an open source team sometimes makes api changes that might break a binary only driver. And companies sometimes are slow in fixing. A.K.A. Never. And when they try it usually doesn't work right. Worst of all *you* have no clue how they kludged a so called fix together. Vendor code is usually pretty darn bad and I wonder why people never revolt against that. Or the vendor did some mistakes in his own driver. First the paying customers are served. All the other folks (open source ..) surely will come last. Open source users paid for the hardware didn't they? Or because they use an alternative OS now they stole the hardware? This argument is retarded. For some smaller corps supporting open source developers is simply a burden that costs time and so money. Docs are part of the development process. If they are not than you don't want that hardware. I know this from a medium sized german company producing nice audio recording cards. It was impossible to get a card and documentation from them for a FreeBSD developers. And after weeks and months of asking via e-mail they decided finally to tell the truth that they don't want to support open source developers anymore, it makes too much work. They are unable to spend so much time answering open source developers questions although they got documentation. This experience they made with Linux developers. I call horseshit on this one too. Vendors do not have to support shit if they free their docs. NOTHING because the OS developers will do it for FREE for them. This argument is a steaming pile of shit with peanuts in it. It is this attitude that is killing Linux and FreeBSD. They will allow anyone to shit and piss in their sandbox and say GREAT THANKS! You people need to get through your heads that blobs are killing your operating system that you pretend to care so much about. Allowing blobs is the equivalent of eating fast food; it is convenient now but 10 years from now your ass wont fit through the door. A man will fight harder for his interests than for his rights. -- Napoleon Bonaparte Andreas /// -- Andreas Klemm - Powered by FreeBSD 6 Need a magic printfilter today ? - http://www.apsfilter.org/ Hi All! I agree totally with Mr. Peereboom. IMHO, BLOBS are not sustainable in the long run. If a manufacturer decides to retire a particular model (driver support included) while OS keeps on releasing newer versions (which include changes in the design and/or how things are implemented) one will be facing two scenarios: stasis or an unstable system. Both I believe is distasteful. definitely. but on the other hand there's 15 minutes of fame if you support a device (using a blob) today -- as others won't support it. I'd rather purchase hardware that will enable me to (ab)use it until it no longer works (MBTF deadend) using either NetBSD or OpenBSD :). true, but NetBSD allows blobs. Joseph A. Dacuma timo
Re: The future of NetBSD
On Wed, 06 Sep 2006 09:47:32 +0200 Timo Schoeler [EMAIL PROTECTED] wrote: : Hi All! : : I agree totally with Mr. Peereboom. IMHO, BLOBS are not sustainable : in the long run. If a manufacturer decides to retire a particular : model (driver support included) while OS keeps on releasing newer : versions (which include changes in the design and/or how things are : implemented) one will be facing two scenarios: stasis or an : unstable system. Both I believe is distasteful. : : definitely. but on the other hand there's 15 minutes of fame if you : support a device (using a blob) today -- as others won't support it. If you want 15 minutes of fame, go rob a liquor store. -- One thing the inventors can't seem to get the bugs out of is fresh paint.
Serial Console and /etc/ttys
Hiya, My work was chucking out an IBM serial console (infowindow II 3153), so I grabbed it to see if I could get it working with my boxes. a) Using my Sun Blade 100 the console works fine. As you probably know, most sun machines set the default console to the serial line (vt100 9600 8N1) if no keyboard is present. This is probably a good indication that the console is properly set up for vt100 emulation (?). b) If I plug in to my i386 -current box and modify /etc/ttys to run a getty on /dev/tty00 for vt100, nothing happens on the console. If I set the device to /dev/cua00 I get a half arsed terminal. Passwords echo and theres no controlling tty so the shell is severely crippled. Apps like vi and top simply will not run. I have seen similar problems by searching google/lists, but none have solved the issue. I have seen someone solve the issue by adding softcar onto the end of the ttys line, but alas this did not help. Can enyone enlighten me? Best Regards Edd
Re: Serial Console and /etc/ttys
On 06/09/06, Tom Cosgrove [EMAIL PROTECTED] wrote: Edd Barrett 6-Sep-06 11:16 Hiya, My work was chucking out an IBM serial console (infowindow II 3153), so I grabbed it to see if I could get it working with my boxes. a) Using my Sun Blade 100 the console works fine. As you probably know, most sun machines set the default console to the serial line (vt100 9600 8N1) if no keyboard is present. This is probably a good indication that the console is properly set up for vt100 emulation (?). b) If I plug in to my i386 -current box and modify /etc/ttys to run a getty on /dev/tty00 for vt100, nothing happens on the console. Then you modified /etc/ttys incorrectly. Unless you show us the exact lines you used, only someone who has made exactly this mistake before will be able to help. Also, did you make any changes to /etc/boot.conf? Are you trying to run a serial console. I am not attempting to change the default console no. I still wish my other keyboard and screen to take this role. Also, when you say nothing happens on the console do you mean the VDU screen? console in BSD means a specific thing: the console device (which receives the white-on-blue kernel output, for example). I mean the console attached via serial device If I set the device to /dev/cua00 I get a half arsed terminal. Passwords echo and theres no controlling tty so the shell is severely crippled. Apps like vi and top simply will not run. Dont use cua00, that is for dialling out. Running a termainl on a port is effectively dialling in to the computer. Right you are. I have seen similar problems by searching google/lists, but none have solved the issue. I have seen someone solve the issue by adding softcar onto the end of the ttys line, but alas this did not help. Can enyone enlighten me? Best Regards Edd You'll need to send a more detailed email to misc@ I'm at work now, but Ill follow this up when I get home. Thanks Tom Best Regards Edd
Mail gateway behind MS Exchange
Hi all, I must set up a mail gateway for my office. My boss is tired of spam and I wonder what I can do. I haven't found similar cases in the archive. Our mail server (which runs MS Exchange) receives mails from a master site filtering mails by applying a [SPAM] keyword in the subject. But it's not satisfying enough and I must study an other solution locally. I think spamd can't help a lot since mails aren't received directly. Maybe you have similar cases with spamassassin+clamav or relaydb, procmail ? Regards, Cedric Brisseau
Re: Mail gateway behind MS Exchange
On 2006/09/06 13:19, Cedric Brisseau wrote: I think spamd can't help a lot since mails aren't received directly. oh, what do you mean by aren't received directly?
Re: Mail gateway behind MS Exchange
Stuart Henderson wrote: On 2006/09/06 13:19, Cedric Brisseau wrote: I think spamd can't help a lot since mails aren't received directly. oh, what do you mean by aren't received directly? I think he means, the mail are fetched from their provider with a mechanism similar to fetchmail and their provider also have a spam filter (and putthe keyword spam in the subject). So what you can do if this is the case, use fetchmail to fetch the mails feed the mails in a MTA (Postfix, sendmail) they can send them to a content filter (amavis with clamav and spamassassin for example) and after that, the mails are send to your MS-Crap. If you have time you can also build a mechanism to feed spam (and probably ham) to your content filter to train the content filter. But don't forget to tell your boss and colleagues that there is no 100% protection for spam ;-) guido
Re: sharing ffs filesystems between NetBSD and OpenBSD
How could I possibly have missed that question... On Tue, Sep 05, 2006 at 11:13:06AM +0200, Igor Sobrado wrote: By the way, when will ffs2 be available in OpenBSD? From the changelogs I see that there is some work being done in preparation for ffs2, these are excellent news. Kernel support is near completion, 4.1 is likely to ship with it. However, that's not enough. There's still a lot of work to do. Basically, it's an equation of very few people hacking on stuff and a lot of whine-only slackers who, for some obscure reason, prefer to ignore and not test file system diffs. -p.
Re: sharing ffs filesystems between NetBSD and OpenBSD
On Wed, Sep 06, 2006 at 09:53:43AM +0200, Igor Sobrado wrote: but certainly diverging disklabels can explain the problem I outlined in the first message to this thread Uh, yes, maybe. I didn't read it, to be honest. I just looked at the Ted mail you were pointed at. That's definitely talking about different superblocks. :-) -p.
Re: Mail gateway behind MS Exchange
On 2006/09/06 14:28, Guido Tschakert wrote: I think spamd can't help a lot since mails aren't received directly. oh, what do you mean by aren't received directly? I think he means, the mail are fetched from their provider with a mechanism similar to fetchmail and their provider also have a spam filter (and putthe keyword spam in the subject). well, that's one possibility, the other possibility is as OP described in the later mail (unix mailhub forwarding mail onto a variety of other servers over smtp, so the other servers see all connections coming from the mailhub's IP address, so spamd won't help). And other options, like UUCP and ODMR, exist too. The other missing piece I forgot to write alongside the bit about /etc/mail/access is about using /etc/mail/mailertable to pass the mail on to the correct server (example.com smtp:[10.0.0.25] or similar).
Only one disk detected on PCI SATA controller VT6421
I have a VIA 6421 in a Dell Optiplex PPro machine where the card, BIOS, and OpenBSD's bootloader detect two identical drives just fine. When I boot in to OpenBSD, only the first drive is seen. I've searched the archives and found http://archives.neohapsis.com/archives/openbsd/2006-08/0597.html but it doesn't seem to apply in this case as the BIOS and bootloader both detect both drives. Worthy of note is that I am booting from sd0 which the BIOS configures as the third disk. I don't imagine this is the problem and unfortunately this BIOS is too old to change that. I would be grateful for any suggestions? Output of the bootloader and a dmesg are included below. Thanks in advance. -Dan Loading... probing: pc0 com0 com1 apm mem[640k 159M a20=on] disk: fd0 hd0+ hd1+* hd2 OpenBSD/i386 BOOT 2.10 boot booting hd2a:/bsd: 5839872+912272 [52+283888+268942]=0x6f78b8 entry point at 0x200120 [ using 553256 bytes of bsd ELF symbol table ] Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2006 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 4.0 (GENERIC) #1104: Fri Sep 1 11:54:27 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium Pro (GenuineIntel 686-class, 256KB L2 cache) 180 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV real mem = 167346176 (163424K) avail mem = 145031168 (141632K) using 2068 buffers containing 8470528 bytes (8272K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 02/11/00, BIOS32 rev. 0 @ 0xffe90 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI BIOS has 8 Interrupt Routing table entries pcibios0: PCI Interrupt Router at 000:13:0 (Intel 82371SB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x5000! 0xd/0x7000 0xd8000/0x800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82441FX rev 0x02 pcib0 at pci0 dev 13 function 0 Intel 82371SB ISA rev 0x01 pciide0 at pci0 dev 13 function 1 Intel 82371SB IDE rev 0x00: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility pciide0: channel 0 ignored (disabled) pciide0: channel 1 ignored (disabled) ppb0 at pci0 dev 14 function 0 DEC 21052 PCI-PCI rev 0x01 pci1 at ppb0 bus 1 pciide1 at pci1 dev 9 function 0 VIA VT6421 SATA rev 0x50: DMA pciide1: using irq 12 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: WDC WD3200SD-01KNB0 wd0: 16-sector PIO, LBA48, 305245MB, 625142448 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 yds0 at pci1 dev 10 function 0 Yamaha 724F rev 0x03: irq 11 ahc0 at pci1 dev 11 function 0 Adaptec AHA-2940U rev 0x00: irq 11 scsibus0 at ahc0: 16 targets sd0 at scsibus0 targ 0 lun 0: FUJITSU, MAP3367NP, 0106 SCSI3 0/direct fixed sd0: 35046MB, 48122 cyl, 2 head, 745 sec, 512 bytes/sec, 71775284 sec total vga1 at pci0 dev 16 function 0 S3 Trio32/64 rev 0x54 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) fxp0 at pci0 dev 17 function 0 Intel 8255x rev 0x05, i82558: irq 14, address 00:08:c7:ca:d6:f5 inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask bf65 netmask ff65 ttymask ffe7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matches BIOS drive 0x80 ahc0: target 0 using 16bit transfers ahc0: target 0 synchronous at 20.0MHz, offset = 0x8 dkcsum: sd0 matches BIOS drive 0x82 root on sd0a rootdev=0x400 rrootdev=0xd00 rawdev=0xd02 ac97: codec id 0x574d4c00 (Wolfson WM9701A) ac97: codec features 18 bit DAC, 18 bit ADC, No 3D Stereo audio0 at yds0 opl at yds0 not configured opl at yds0 not configured opl at yds0 not configured opl at yds0 not configured mpu at yds0 not configured mpu at yds0 not configured mpu at yds0 not configured mpu at yds0 not configured -- Burnished gallows set with red Caress the fevered, empty mind Of man who hangs bloodied and blind To reach for wisdom, not for bread. -- Deoridhe Grimsdaughter
Re: Mail gateway behind MS Exchange
Cedric Brisseau wrote: I think spamd can't help a lot since mails aren't received directly. Maybe you have similar cases with spamassassin+clamav or relaydb, procmail ? postfix (with basic smtpd restrictions that can do wonders) clamav + spamassassin (with bayes enabled) ran from amavisd You can set up clean/spam/virus/etc. quarantines with amavisd nicely, so no need to worry that some very important mail could be misclassified and discarded (I guess that's what you meant by not received directly). Bayes filter in SA is, in my case and after decent learning, effectively 100% accurate, with minimally adjusted SA's default bayes scores.
Re: Mail gateway behind MS Exchange
On 9/6/06, Stuart Henderson [EMAIL PROTECTED] wrote: On 2006/09/06 14:28, Guido Tschakert wrote: I think spamd can't help a lot since mails aren't received directly. oh, what do you mean by aren't received directly? I think he means, the mail are fetched from their provider with a mechanism similar to fetchmail and their provider also have a spam filter (and putthe keyword spam in the subject). well, that's one possibility, the other possibility is as OP described in the later mail (unix mailhub forwarding mail onto a variety of other servers over smtp, so the other servers see all connections coming from the mailhub's IP address, so spamd won't help). Yes, that's it. Sorry for my bad english. And other options, like UUCP and ODMR, exist too. The other missing piece I forgot to write alongside the bit about /etc/mail/access is about using /etc/mail/mailertable to pass the mail on to the correct server (example.com smtp:[10.0.0.25] or similar).
Re: sharing ffs filesystems between NetBSD and OpenBSD
Ops! I did not added the -group switch to repl(1)!!! Sorry, this message should be directed to the mailing list too. --- Forwarded Message Date:Wed, 06 Sep 2006 16:09:18 +0200 From:Igor Sobrado [EMAIL PROTECTED] To: Pedro Martelletto [EMAIL PROTECTED] Subject: Re: sharing ffs filesystems between NetBSD and OpenBSD In message [EMAIL PROTECTED], Pedro Martelletto writes: How could I possibly have missed that question... On Tue, Sep 05, 2006 at 11:13:06AM +0200, Igor Sobrado wrote: By the way, when will ffs2 be available in OpenBSD? From the changelogs I see that there is some work being done in preparation for ffs2, these are excellent news. Kernel support is near completion, 4.1 is likely to ship with it. However, that's not enough. There's still a lot of work to do. Will it be available in one or two years? Wow! It is excellent!!! Certainly ffs2 should not be released until it is working (a filesystem is a critical component when speaking about OS stability!); availability in one or two years are excellent news. Basically, it's an equation of very few people hacking on stuff and a lot of whine-only slackers who, for some obscure reason, prefer to ignore and not test file system diffs. There are probably more important problems to be fixed. :-) Perhaps ffs2 advantages are not obvious yet. Apart of lazy initialization (perhaps the feature easiest to see from a users point of view) its expandability will be great. Adding some fine grained permissions should not be difficult once ffs2 is working. I think that it is an excellent filesystem but, to be honest, I was thinking on ffs2 as a way to support interchangeable external drives in both NetBSD and OpenBSD. As there are other issues that should be fixed before making these drives portable (e.g., the BSD disk label incompatibilities) there is not a strong reason for asking for ffs2 now. I was thinking on ffs2 as a way to share the same (ffs2) filesystem between both OSes. Now, it seems that there is no reason for downgrading the filesystem on the disks attached to NetBSD. It is certainly better not sharing drives between both OSes. Cheers, Igor. --- End of Forwarded Message
Re: sharing ffs filesystems between NetBSD and OpenBSD
In message [EMAIL PROTECTED], Pedro Martelletto writes: On Wed, Sep 06, 2006 at 09:53:43AM +0200, Igor Sobrado wrote: but certainly diverging disklabels can explain the problem I outlined in the first message to this thread Uh, yes, maybe. I didn't read it, to be honest. I just looked at the Ted mail you were pointed at. That's definitely talking about different superblocks. :-) There are a lot of differences in both the disk label and the filesystem structure, indeed. Well, it is time to decide what OS will manage each drive. I will probably set up one flash drive as FAT32 (for compatibility purposes with other OSes), other for NetBSD and the last one for OpenBSD. About the 80 GB HDD... don't know... I will need to carefully think on this issue next weekend. Best regards, Igor.
Re: Serial Console and /etc/ttys
On 06/09/06, Tom Cosgrove [EMAIL PROTECTED] wrote: Edd Barrett 6-Sep-06 11:16 Hiya, My work was chucking out an IBM serial console (infowindow II 3153), so I grabbed it to see if I could get it working with my boxes. a) Using my Sun Blade 100 the console works fine. As you probably know, most sun machines set the default console to the serial line (vt100 9600 8N1) if no keyboard is present. This is probably a good indication that the console is properly set up for vt100 emulation (?). b) If I plug in to my i386 -current box and modify /etc/ttys to run a getty on /dev/tty00 for vt100, nothing happens on the console. Then you modified /etc/ttys incorrectly. Unless you show us the exact lines you used, only someone who has made exactly this mistake before will be able to help. Also, did you make any changes to /etc/boot.conf? Are you trying to run a serial console. Also, when you say nothing happens on the console do you mean the VDU screen? console in BSD means a specific thing: the console device (which receives the white-on-blue kernel output, for example). If I set the device to /dev/cua00 I get a half arsed terminal. Passwords echo and theres no controlling tty so the shell is severely crippled. Apps like vi and top simply will not run. Dont use cua00, that is for dialling out. Running a termainl on a port is effectively dialling in to the computer. I have seen similar problems by searching google/lists, but none have solved the issue. I have seen someone solve the issue by adding softcar onto the end of the ttys line, but alas this did not help. Can enyone enlighten me? Best Regards Edd You'll need to send a more detailed email to misc@ Thanks Tom The /etc/ttys line reads: tty00 /usr/libexec/getty std.9600 vt100 on secure Which according to the faq is fine? http://openbsd.org/faq/faq7.html#SerCon Regards Edd
Re: Mail gateway behind MS Exchange
At 01:19 PM 9/6/2006 +0200, Cedric Brisseau wrote: Hi all, I must set up a mail gateway for my office. My boss is tired of spam and I wonder what I can do. I haven't found similar cases in the archive. Our mail server (which runs MS Exchange) receives mails from a master site filtering mails by applying a [SPAM] keyword in the subject. But it's not satisfying enough and I must study an other solution locally. I think spamd can't help a lot since mails aren't received directly. Maybe you have similar cases with spamassassin+clamav or relaydb, procmail ? Assuming you would be running an OBSD machine as the 'mail gateway' for your Exchange server (your comment about 'received directly' needs to be clarified), these might be of help: http://www.ossapp.com/mailserver/ (Postfix - we're testing this one) http://flakshack.com/anti-spam/wiki/index.php (Postfix) http://www.maildroid.org/ (Outdated, but good info for Sendmail) HTH, Lee
Re: Some questions related to 4.0
On Tue, Sep 05, 2006 at 10:39:31PM +0200, [EMAIL PROTECTED] wrote: Hello everybody, I`ve some questions related to the upcomming 4.0 Release. I`ve read that SpeedStep was deactivated for SMP. Could somebody explain me why this was done? I`ve read some AMD announcements and they`ll produce (this year maybe even) a 4 Core CPU. And as advantage they`ve pointed out that Cores could get deactivated or run with different Speeds to save Energy. This would be in fact an advantage and will appear even for home-users some day I think. This has been discussed already, I believe in the last week. Search the archives. Something else: cdio(1) can now perform track-at-once burning and rewritable blanking. Is it planed to create a own CD Burn application on OpenBSD? I`ve read a lot peoples do have problems with cdrtools (lets name it Debian and others) and even forked cdrtools. But except of this cdio provides a lot functionality already and now burning support was added too that`s why I ask. To the best of my knowledge, cdio *is* a CD burning application. OpenBSD does not support a large amount of memory, as far as I know. Link: http://archives.neohapsis.com/archives/openbsd/2004-11/2964.html This has recently changed. I didn`t found somethign wich mentions this on the plus.html So: Is that fixed now? I`ve 2GB RAM and would like to buy some more (AMD64). Yes, this should work. Last but not least: Has Henning something in the backhand? He owns openhttpd.org for some months now.. :) People are making all sorts of speculations, but I am not aware of the answer. Nothing happens on the CVS list, though, and presumably Henning is busy enough already. Joachim
Re: Serial Console and /etc/ttys
On Wed, 6 Sep 2006, Edd Barrett wrote: You'll need to send a more detailed email to misc@ Thanks Tom The /etc/ttys line reads: tty00 /usr/libexec/getty std.9600 vt100 on secure Which according to the faq is fine? http://openbsd.org/faq/faq7.html#SerCon Regards Edd You'll need to use a null modem cable from the terminal to the computer. Your original symptoms sound vaguely like you're not using a null modem cable. Is getty running? (Did you HUP init?) Is getty respawning very rapidly? Small semantic note in the interests of clarity: it's called a terminal not a console. This was confusing some, maybe. (Console is a function, i.e. used for booting, receives certain system messages. Terminal is a thing; a terminal may be used as a console, but also may be used as a simple login device.) Dave -- Experience runs an expensive school, but fools will learn in no other. -- Benjamin Franklin
Bellnet.ca PPPOE Problems
I've been having trouble since 3.9 trying to get BELL dsl with a reserved ip to actually work as a second connection on my openbsd machine. I've upgrade to the Aug 31st snapshot of 4 to try and use the new ifconfig pppoe commands. I'm getting sporadic and not always directly reproducible problems. hostname.pppoe0 inet 70.52.123.23 255.255.255.255 64.230.199.12 pppoedev rl1 authproto pap authname [EMAIL PROTECTED] authkey BELL2005 up !/sbin/route add 64.230.199.12 70.52.242.23 1st Tcpdump tcpdump: listening on pppoe0, link-type PPP_ETHER 12:24:32.019294 Configure-Request, Magic-Number=874803770, Vendor-Ext 12:24:32.020965 Configure-Request, Max-Rx-Unit=1492, Auth-Prot PAP, Magic-Number=67343315, Vendor-Ext 12:24:32.020981 Configure-Ack, Max-Rx-Unit=1492, Auth-Prot PAP, Magic-Number=67343315, Vendor-Ext 12:24:32.031198 Configure-Ack, Magic-Number=874803770, Vendor-Ext 12:24:32.031213 Authenticate-Request, [EMAIL PROTECTED], Passwd=BELL2005 12:24:33.067456 Authenticate-Request, [EMAIL PROTECTED], Passwd=BELL2005 12:24:33.335544 Authenticate-Ack *12:24:33.335563 Configure-Request, Unknown IPCP code 0x61 12:24:33.361609 Configure-Ack, Unknown IPCP code 0x0* 12:24:33.543443 Configure-Request, IP-Address=64.230.199.12 12:24:33.543458 Configure-Ack, IP-Address=64.230.199.12 *12:24:33.569420 Terminate-Request, Unknown IPCP code 0x0 12:24:33.569428 Terminate-Ack, Unknown IPCP code 0x0* 2nd Tcpdump # ifconfig pppoe0 up; tcpdump -i pppoe0 tcpdump: listening on pppoe0, link-type PPP_ETHER 12:25:42.012908 Configure-Request, Magic-Number=67551440, Vendor-Ext 12:25:42.015055 Configure-Request, Max-Rx-Unit=1492, Auth-Prot PAP, Magic-Number=1151254039, Vendor-Ext 12:25:42.015070 Configure-Ack, Max-Rx-Unit=1492, Auth-Prot PAP, Magic-Number=1151254039, Vendor-Ext 12:25:42.026045 Configure-Ack, Magic-Number=67551440, Vendor-Ext 12:25:42.026060 Authenticate-Request, [EMAIL PROTECTED], Passwd=BELL2005 12:25:43.062236 Authenticate-Request, [EMAIL PROTECTED], Passwd=BELL2005 12:25:43.330642 Authenticate-Ack 12:25:43.330660 Terminate-Request 12:25:43.356947 Terminate-Ack If i destroy the pppoe0 adapter and use sh netstart pppoe0 to recreate it i'll get the same results over, over. Occasionally it will connect without the IPCP errors listed in the first dump.
security updates
Hi! Someone could please tell me how can I verify that these security bugs are fixed or not in openbsd-3.9-stable? PHP: CVE-2006-4020 [0] OpenSSL: CVE-2006-4339 [1] OpenSSL: I'm updating my source tree regurarly and didn't notice any changes to openssl's sources. PHP: I can verify that the php5-core sources from ports (-stable) doesn't contain the patch from the php bug tracker [2]. I think it means that my current php5 install is vulnerable to this flaw. Do I need to manually apply the patch, or there will be an update to this? Thanks! Daniel Links: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 [1] http://www.openssl.org/news/secadv_20060905.txt [2] http://bugs.php.net/bug.php?id=38322 -- LeVA
named failure, i386 current (Aug 1 snapshot)
Test, test, test! I hear the mantra, and I obey.
--
I had this BIND failure just now, as reported in /var/log/daemon and
/var/log/messages, wrapped here for readability:
...named[24100]: /usr/src/usr.sbin/bind/lib/isc/buffer.c:83:
REQUIREb) != 0L)
(((const isc__magic_t *)(b))-magic == (0x42756621U failed
There apparently was an invalid buffer, line 83 tests ISC_BUFFER_VALID,
as shown below:
.
.
.
void
isc__buffer_availableregion(isc_buffer_t *b, isc_region_t *r) {
/*
* Make 'r' refer to the available region of 'b'.
*/
REQUIRE(ISC_BUFFER_VALID(b));
REQUIRE(r != NULL);
ISC__BUFFER_AVAILABLEREGION(b, r);
}
.
.
.
If I knew *anything* at all about BIND, I would be happy to help diagnose
this further.
-Josh-
Re: Mail gateway behind MS Exchange
Cedric Brisseau wrote: Hi all, I must set up a mail gateway for my office. My boss is tired of spam and I wonder what I can do. I haven't found similar cases in the archive. Our mail server (which runs MS Exchange) receives mails from a master site filtering mails by applying a [SPAM] keyword in the subject. But it's not satisfying enough and I must study an other solution locally. I think spamd can't help a lot since mails aren't received directly. Maybe you have similar cases with spamassassin+clamav or relaydb, procmail ? Regards, Cedric Brisseau As someone said in this thread - what you want to do is this; Setup a gateway using Postfix/Amavisd/ClamAv - this is your relay. You setup exchange to relay though Postfix and have the filtering done locally. Add in a script (I can provide that off-list) that will allow you to pull newly added user to Active Dir and pump the info to a file that is created on the Postfix relay. A cron on the relay can be set to update the postfix file when needed in addition to a vb script I have that will run on your E2K3 server with the help of ssh. It sounds complex (it is for a newb) but once you wrap yer head around what's going on - it really works very well. I did that at my company and its a work of art. Unless you want to pay for add ons like Mail Essentials (I think that is by far the best offering for E2K3 - Symantec just plain sux). -- Best regards, Chris A 60-day warranty guarantees that the product will self-destruct on the 61st day.
how to adjust lcd brightness on VAIO laptops
Hi, is there anybody using OpenBSD on VAIO laptops? Mine is PCG-V505BX, and it's soft-keys are not functional, e.g. you need additional tool to control LCD brightness. Under Linux, such tools is spicctrl, under FreeBSD - setbrightness from picturebook suite or (modern way) sysctl dev.acpi_sony.0.brightness. But OpenBSD lacks acpi support for now. If somebody uses OpenBSD on VAIO laptops, how do you control screen brightness? Thanks.
Re: Mail gateway behind MS Exchange
Someone, who I consider very knowledgeable with BSD, liked dspam. Take a look at that. On Wed, 6 Sep 2006 13:19:54 +0200, Cedric Brisseau wrote Hi all, I must set up a mail gateway for my office. My boss is tired of spam and I wonder what I can do. I haven't found similar cases in the archive. Our mail server (which runs MS Exchange) receives mails from a master site filtering mails by applying a [SPAM] keyword in the subject. But it's not satisfying enough and I must study an other solution locally. I think spamd can't help a lot since mails aren't received directly. Maybe you have similar cases with spamassassin+clamav or relaydb, procmail ? Regards, Cedric Brisseau
Re: CPAN error
Hi, Just ran into this problem on a fresh 3.9 install. I did a manual install of module MD5-1.7.tar.gz from cpan.org and that seemed to fix any checksum errors on further perl modules installed via perl -MCPAN -e shell I had also manually installed Bundle-CPAN-1.852.tar.gz also from cpan.org prior to adding MD5-1.7.tar.gz but it had no effect alone. Should anyone see a problem with this please let me know. Chris On Wednesday 30 August 2006 05:46, you wrote: Hi all, Yesterday I installed Openbsd3.9 and wanted to install Digest::SHA1 using CPAN I get an error complaining the MD5 checksum is incorrect and to delete it from /root/.cpan../../etc etc (which I did). This happens with other modules too. I can download the modules manually and run perl Makefile.pl, make make install, but was wandering why I'm having this problem. Thanks BSD Networking, Microsoft Notworking -- ..:::.::.::.:... Number 41 Media Corporation First Floor - 612 View Street Victoria BC V8W 1J5 We have moved! Please note our new address. T 250.414.0410 F 250.414.0411 number41media.com --- -- ..:::.::.::.:... Number 41 Media Corporation First Floor - 612 View Street Victoria BC V8W 1J5 We have moved! Please note our new address. T 250.414.0410 F 250.414.0411 number41media.com
bind -stable make
Greetings, When attempting to update bind on a 3.9-stable machine I ran into a slight error installing the man page for nslookup, # cd /usr/src/usr.sbin/bind # make ... # make install ... for m in dig.1 host.1 nslookup.8; do /usr/bin/install -c -m 644 /usr/src/usr.sbin/bind/bin/dig/$m /usr/man/man1; done install: /usr/src/usr.sbin/bind/bin/dig/nslookup.8: No such file or directory *** Error code 71 Stop in /usr/src/usr.sbin/bind/obj/bin/dig (line 369 of Makefile). *** Error code 1 Stop in /usr/src/usr.sbin/bind/obj/bin (line 106 of Makefile). *** Error code 1 Stop in /usr/src/usr.sbin/bind (line 108 of Makefile). # _I think_ the following diff is required, --- Makefile.in.origWed Sep 6 21:18:24 2006 +++ Makefile.in Wed Sep 6 21:18:35 2006 @@ -57,7 +57,7 @@ SRCS = dig.c dighost.c host.c nslookup.c -MANPAGES = dig.1 host.1 nslookup.8 +MANPAGES = dig.1 host.1 nslookup.1 HTMLPAGES =dig.html host.html nslookup.html
FreeBSD emulation
hi, hate to bother, ... I'm running 3.8 on a sun E450 sparc64. I need to be able to enable freebsd binary emulation. I checked the /etc/sysctl.conf file to un-remark the line, but it isn't there; which makes me think that the sparc64 version of 3.8 doesn't provide emulation by default in the kernel, or, it's not available at all on the sparc64 platform. Am I out of luck? or do I just recompile the kernel? thanks
Re: FreeBSD emulation
On Wed, 06 Sep 2006 21:46:31 -0600 David B. [EMAIL PROTECTED] wrote: hi, hate to bother, ... I'm running 3.8 on a sun E450 sparc64. I need to be able to enable freebsd binary emulation. I checked the /etc/sysctl.conf file to un-remark the line, but it isn't there; which makes me think that the sparc64 version of 3.8 doesn't provide emulation by default in the kernel, or, it's not available at all on the sparc64 platform. Am I out of luck? or do I just recompile the kernel? thanks Hi did you try sysctl -a |grep freebsd ?
Re: bind -stable make
On 9/6/06, Steven Surdock [EMAIL PROTECTED] wrote: Greetings, When attempting to update bind on a 3.9-stable machine I ran into a slight error installing the man page for nslookup, # cd /usr/src/usr.sbin/bind # make ... # make install ... for m in dig.1 host.1 nslookup.8; do /usr/bin/install -c -m 644 /usr/src/usr.sbin/bind/bin/dig/$m /usr/man/man1; done install: /usr/src/usr.sbin/bind/bin/dig/nslookup.8: No such file or directory *** Error code 71 Stop in /usr/src/usr.sbin/bind/obj/bin/dig (line 369 of Makefile). *** Error code 1 Stop in /usr/src/usr.sbin/bind/obj/bin (line 106 of Makefile). *** Error code 1 Stop in /usr/src/usr.sbin/bind (line 108 of Makefile). # _I think_ the following diff is required, --- Makefile.in.origWed Sep 6 21:18:24 2006 +++ Makefile.in Wed Sep 6 21:18:35 2006 @@ -57,7 +57,7 @@ SRCS = dig.c dighost.c host.c nslookup.c -MANPAGES = dig.1 host.1 nslookup.8 +MANPAGES = dig.1 host.1 nslookup.1 HTMLPAGES =dig.html host.html nslookup.html Worked fine for me this afternoon. Among other things, something's not right in your paste/procedure. You can't run a regular make in that directory unless you've run ./configure by hand, and that's not how it's supposed to be built. [EMAIL PROTECTED] cd /usr/src/usr.sbin/bind/ [EMAIL PROTECTED] sudo make make: no target to make. All you need to do is use the wrapper Makefile; there are other examples of this in previous patches. [EMAIL PROTECTED] sudo make -f Makefile.bsd-wrapper clean [EMAIL PROTECTED] sudo make -f Makefile.bsd-wrapper [EMAIL PROTECTED] sudo make -f Makefile.bsd-wrapper install
Re: FreeBSD emulation
On Wed, Sep 06, 2006 at 09:46:31PM -0600, David B. wrote: hi, hate to bother, ... I'm running 3.8 on a sun E450 sparc64. I need to be able to enable freebsd binary emulation. [snip] Am I out of luck? or do I just recompile the kernel? The option COMPAT_FREEBSD is apparently in the i386 and amd64 GENERIC kernels only. Because compat_freebsd(8) speaks to i386-specific calls, this would likely limit emulation to i386-capable hardware.
