multiple nis domain on a single master server: how to manage ?

[Gustavo Rios]

Dear obsd friends,

i would like to configure NIS for handling multiple NIS domains. I
would like to know how have you been doing such ? How to add a user
only to a given nis domain (i.e., do a specific domain passwd file)?
AFAIK, useradd only add to /etc/passwd? How to manage uid/gid and the
like.

thanks in advance.

Re: Intel's Open Source Policy Doesn't Make Sense

[Lars Hansson]

Wolfgang S. Rupprecht wrote:

d) There are so many patents issued for obvious techniques used in
   computer peripheral chips that releasing documentation might tempt
   an ethically challenged company to sue them for royalties.

Intel has been on record as stating that patent issues are now a
significant problem for them.
  
Funny how that doesn't seem to be an issue for many other companies 
making similar products, at least not to the extent of preventing them 
from releasing documentation.

Also, this does not really matter for firmware redistribution.

---
Lars Hansson

Re: Question About low cost CD's

[zoolman]

Dear / Steve

This is a Brilliant Idea, but would be the ones I make "I mean the CD's" Like 
the ones Copyrighted? there must be a difference even in the layout plus this 
is preventing me from feeling happy with my CD's Posters you know all that 
fanatic stuff.

Any Way will see what pop's up the next day's
=
YALLA  FREE Internet Number inside Egypt : 0777 

Visit YALLA Site www.yalla.com 

Re: Intel's Open Source Policy Doesn't Make Sense

[Breen Ouellette]

Wolfgang S. Rupprecht wrote:
a) Intel doesn't own the technology, but licensed it from another 
   vendor.  The licensing terms don't allow Intel to release full 
   details.


b) Intel has agreements with other customers/vendors to not release 
   information about a particular piece of hardware.


c) Intel doesn't feel that it's worth the cost to provide information
   for driver developers.



d) There are so many patents issued for obvious techniques used in
   computer peripheral chips that releasing documentation might tempt
   an ethically challenged company to sue them for royalties.

Intel has been on record as stating that patent issues are now a
significant problem for them.

-wolfgang
  


That's just their way of saying that AMD is patenting technology that 
Intel has to licence, and that is just so very terrible for them. I 
mean, shame on AMD for taking the shiny toy away from Intel.  :)


And seriously, is Intel insinuating that they are using patented 
technology without licencing it? That seems rather bogus to me. 
Ignorance of breaking the law does not waive their liability under the 
law, and if they get caught in this kind of lie then I hope the legal 
system stomps all over them. It would serve them right. If Intel doesn't 
like the patent system, then they can lobby against it. But they are 
just a hair's width shy of admitting guilt if they actually make 
arguments like the one attributed above.


Breeno

PS - before I get accused of being a 'commie' in this latest round of 
discussions regarding bad corporate behaviour, I'd just like to say that 
it was my understanding that believing the law should not be broken is 
not how you define a communist.

Re: NFS mount in /etc/fstab

[stan]

On Wed, Oct 04, 2006 at 09:49:57AM +0800, Ikmal Ahmad wrote:
> On 10/4/06, stan <[EMAIL PROTECTED]> wrote:
> >Can I use the bg, and soft options in a /etc/fstab entry
> >that references a NFS mounted filesystem?
> >
> >The idea is to allow the machine to boot, even if the machine
> >NFS server machine is unavailable.
> 
> how about amd? which will mount automatically when filesystem is
> accessed 
> http://www.openbsd.org/cgi-bin/man.cgi?query=amd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
> 
I've used that in the past, and may use it again. But it's not 
the right tool for the task at hand.

-- 
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

3.9 NFS DoS

[Eddy [the Obsessed] Cullen]

Hello,

Recently started playing with OBSD. I have the machine setup as a file
server at home. It is running NFS, DHCP and DNS.

When I try to do large writes to my BSD box (from a SuSE 10.1 client)
over NFS, using async I/O (default for mount -t nfs ... on SuSE), it
causes a DoS, that is, the NFS will stop, but so will all other traffic
to/from the server. If it was just NFS, it might not be so bad, but it
also knocks out DHCP and DNS (I can't even ping the machine!).

Very annoying.

Yes, I am aware that I can work-around it by using sync I/O on the
client... but that REALLY sux, as it cripples performance.

What exactly is the problem? Are there options to fix it?

The server is an Athlon 600 w/512MB RAM and a hardware RAID 1 sATA
array. (The same machine ran SuSE 10 in the same capacity quite
comfortably for about 12 months...)

Eddy

Re: NFS mount in /etc/fstab

[Ikmal Ahmad]

On 10/4/06, stan <[EMAIL PROTECTED]> wrote:

Can I use the bg, and soft options in a /etc/fstab entry
that references a NFS mounted filesystem?

The idea is to allow the machine to boot, even if the machine
NFS server machine is unavailable.


how about amd? which will mount automatically when filesystem is
accessed 
http://www.openbsd.org/cgi-bin/man.cgi?query=amd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html


--
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)





--
Thanks & Regards,
Ikmal aka EvoIVGSR

http://www.leakage.org/
http://root.justdied.com/mylife/
http://www.openbsd.org.my/
http://mirrors.mybsd.org.my/

Re: NFS mount in /etc/fstab

[Peter Valchev]

> Can I use the bg, and soft options in a /etc/fstab entry
> that references a NFS mounted filesystem?
> 
> The idea is to allow the machine to boot, even if the machine
> NFS server machine is unavailable.

Read mount_nfs(8), there are options that do what you want.  Of course
understand that while what you want to do is cool in some cases (doesn't
hang the machine), depending on the usage it may do more evil (a file
access failing as opposed to succeeding a minute later).

NFS mount in /etc/fstab

[stan]

Can I use the bg, and soft options in a /etc/fstab entry
that references a NFS mounted filesystem?

The idea is to allow the machine to boot, even if the machine
NFS server machine is unavailable.

-- 
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: Intel's Open Source Policy Doesn't Make Sense

[Constantine A. Murenin]

On 03/10/06, Wolfgang S. Rupprecht
<[EMAIL PROTECTED]> wrote:

> a) Intel doesn't own the technology, but licensed it from another
>vendor.  The licensing terms don't allow Intel to release full
>details.
>
> b) Intel has agreements with other customers/vendors to not release
>information about a particular piece of hardware.
>
> c) Intel doesn't feel that it's worth the cost to provide information
>for driver developers.

d) There are so many patents issued for obvious techniques used in
   computer peripheral chips that releasing documentation might tempt
   an ethically challenged company to sue them for royalties.

Intel has been on record as stating that patent issues are now a
significant problem for them.


If Intel releases documentation, wouldn't it work the other way
around, too? FreeBSD RelEng people are famous for mentioning that an
old release of FreeBSD was used to invalidate a patent:
   "In September 2003, we know of a case where FreeBSD 1.1 was used
in a court of law to invalidate a bogus software patent."

Cheers,
Constantine.

CARP Backup Interfaces

[Nick Davey]

Hi,
I have two firewalls running CARP and pfsync for high availability. The 
physical interfaces do not have IP addresses, only the CARP interface 
do. The problem is is that the backup CARP interface still needs to be 
able to source and forward traffic. Is this possible?


Nick

Re: annoying openbsd mutt package

[ziconix]

On Tue, 03 Oct 2006 13:02:57 -0500, joerch <[EMAIL PROTECTED]> wrote:


On Tue, Oct 03, 2006 at 04:02:21PM +0200, Zoran Kolic wrote:

Is there any chance to "touch" that file?
Make it and go on.
If the app looks for that file, post to mean
that you told it so. Could you try to change
".muttrc" for that option?


I believe that the /var/mail/whoever file is needed for
more than the mutt package !?

Why not:

sudo touch /var/mail/whoever
sudo chown whoever:whoever /var/mail/whoever
sudo chmod 600 /var/mail/whoever

It is maybe a simple solution.



I find that if you become root and mail the user that takes care of the  
problem...

What machine can I mirror OpenBSD's cvsup tree from

[stan]

I'd like to set up a local cvsup mirror for OpenBSD, as
I have a very slow conection from work. What machine
may I do this from?

-- 
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: The new 4.0 song(s)

[Jacob Yocom-Piatt]

 Original message 
>Date: Tue, 03 Oct 2006 23:07:21 +0200
>From: RedShift <[EMAIL PROTECTED]>  
>Subject: Re: The new 4.0 song(s)  
>To: misc@openbsd.org
>
>Yeah! This one will definitely score some chicks!
>
>Theo de Raadt wrote:
>> We have just put up the new songs for 4.0
>> 
>> There are two... well, there is one for 4.0, but there is an extra
>> song that Ty made by himself (without any input from us) specifically
>> for the audio CD.
>> 
>> Much to our amusement that track relates so strongly to the current
>> Intel (open source frauds) situation, so I decided to release the
>> audio for that on the net as well.
>> 
>> Enjoy at http://www.openbsd.org/lyrics.html
>

the extra song is quite good. keep up the good work, ty! parts sound a bit like
vsnares, which isn't a bad thing, IMO.

the beatboxing is particularly choice. i must say that listening to humppa
leaves me feeling confused, as though i should be at a circus but i'm not.

Re: The new 4.0 song(s)

[Jack J. Woehr]

On Oct 3, 2006, at 2:01 PM, Theo de Raadt wrote:

> Enjoy at http://www.openbsd.org/lyrics.html

Genial!

-- 
Jack J. Woehr
Director of Development
Absolute Performance, Inc.
[EMAIL PROTECTED]
303-443-7000 ext. 527

Re: Intel's Open Source Policy Doesn't Make Sense

[Wolfgang S. Rupprecht]

> a) Intel doesn't own the technology, but licensed it from another 
>vendor.  The licensing terms don't allow Intel to release full 
>details.
>
> b) Intel has agreements with other customers/vendors to not release 
>information about a particular piece of hardware.
>
> c) Intel doesn't feel that it's worth the cost to provide information
>for driver developers.

d) There are so many patents issued for obvious techniques used in
   computer peripheral chips that releasing documentation might tempt
   an ethically challenged company to sue them for royalties.

Intel has been on record as stating that patent issues are now a
significant problem for them.

-wolfgang
-- 
Wolfgang S. Rupprechthttp://www.wsrcc.com/wolfgang/

Re: The new 4.0 song(s)

[RedShift]

Yeah! This one will definitely score some chicks!

Theo de Raadt wrote:

We have just put up the new songs for 4.0

There are two... well, there is one for 4.0, but there is an extra
song that Ty made by himself (without any input from us) specifically
for the audio CD.

Much to our amusement that track relates so strongly to the current
Intel (open source frauds) situation, so I decided to release the
audio for that on the net as well.

Enjoy at http://www.openbsd.org/lyrics.html

Re: CDROM mounts always on 2nd attempt

[Theo de Raadt]

> Could the first problem occur if the cd is being mounted while it is  
> still spinning up, i.e. if you attempt to mount immediately upon  
> inserting the cd? I could be reading too much into the error message  
> but that's what it looks like it might(tm) mean.

That is exactly what it means.  And the CD drive sends a specific error
that our kernel should interpret as "oh what the heck, I'll wait a bit
longer".

That is what will be fixed.  Wait..

Re: CDROM mounts always on 2nd attempt

[Michael Hernandez]

On Oct 3, 2006, at 4:04 PM, Joachim Schipper wrote:


On Tue, Oct 03, 2006 at 08:31:55PM +0200, Karel Kulhavy wrote:

When I mount /dev/cd0c I always get this in dmesg:
cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x0
SENSE KEY: Not Ready
 ASC/ASCQ: Logical Unit Is in Process Of Becoming Ready

And this in application:
[EMAIL PROTECTED]:~$ mount /mnt/cd
mount_cd9660: /dev/cd0c on /mnt/cd: Input/output error

When I retry, it mounts. Do you know what the error messages mean and
why it is error? To me it looks like the OS should wait if the  
unit is not

yet ready. What I can hear is that it is spinning up the disk slowly.
I don't know why slowly when it's a 50x or 48x speed drive or  
something like

this, but it does.

Can I somehow determine the type of the drive? My dmesg is full of  
these

messages:
uid 1000 on /: file system full
uid 1000 on /: file system full
uid 1000 on /: file system full


While I'm not sure about how to deal with the first problem (the  
obvious

workaround is to run dd if=/dev/rcd0a of=/dev/null count=1 first, or
somesuch, but that's a workaround), the second is indicative of /  
being

filled. Don't do that; not doing that is easier if /home is on a
different partition.

Joachim



Could the first problem occur if the cd is being mounted while it is  
still spinning up, i.e. if you attempt to mount immediately upon  
inserting the cd? I could be reading too much into the error message  
but that's what it looks like it might(tm) mean.


Mike

Re: comment /var mount

[Riley McIntire]

On 10/2/06, Chris Kuethe <[EMAIL PROTECTED]> wrote:

On 10/2/06, Riley McIntire <[EMAIL PROTECTED]> wrote:
> On 10/2/06, Ray <[EMAIL PROTECTED]> wrote:
> > I plan to MFS swap the /var to ramdisk as the following line in fstab:
>
> > Is there any gotcha if comment out line 258 in /etc/rc to:
> > # mount /var >/dev/null 2>&1
>
> Works for me. Haven't had any problems.

Don't hack /etc/rc


I tend to agree, but haven't found a good alternative...


set the "noauto" flag on /var. that will prevent it from being mounted
by "mount -a" but "mount /var" will mount it anyway.


Ray didn't mention what he was doing.

In one case, I'm using an mfs to mount /var on a soekris based
firewall. The problem with the ``noauto'' option is that /var gets
mounted at line 258 rather than (I think) 201. In this case, using
dhclient on one interface, the network needs to start. However, the
network is started about line 251, and needs to log to /var, which if
mount'd at 258 fails. So in this instance, which isn't really
uncommon, /var needs to mount at 201.

I don't see another solution that doesn't involve more mucking about.

Riley
--
"Education: The ability to listen to almost anything without losing
your temper or self confidence." - -- Robert Frost

Re: [MAYBE SPAM] Re: Looking for HowTo instructions ...

[Adam]

Damian Wiest <[EMAIL PROTECTED]> wrote:

> Do whatever you like.  I'm simply stating my preference and providing 
> an alternative setup for people to consider.  I don't find receiving
> 200+ messages a day from cron jobs running on the network with identical 
> subject lines to be a particularly good setup.  In this case, having 
> cron mail me the results of the job is not "exactly what I want" as you
> seem to believe.

I didn't say its exactly what you want, I said its exactly what the person
asking about periodic wants.  You are the one making blanket statements
about "bad cron jobs" without considering what is intended.

> If you can come up with a better scheme for managing emailed output from
> hundreds of jobs running on hundreds of machines, then please share.
> As it stands, you're merely trolling.

I don't need to come up with any such scheme, as I don't have any such
problem.  I simply said that cron is ideal for running a task and then
sending an email about it.  This is true wether you let cron send the
mail or if you do it yourself in the script.  I think you need to learn
what a troll is, or stop tossing it around like that.  You are not the
definition of good, and telling you as much is not trolling.

Adam

Re: CDROM mounts always on 2nd attempt

[Theo de Raadt]

> When I mount /dev/cd0c I always get this in dmesg:
> cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x0
> SENSE KEY: Not Ready
>  ASC/ASCQ: Logical Unit Is in Process Of Becoming Ready
> 
> And this in application:
> [EMAIL PROTECTED]:~$ mount /mnt/cd
> mount_cd9660: /dev/cd0c on /mnt/cd: Input/output error

The cd driver kernel code should spin on that temporary error.
This will be fixed (it was fixed in the st code a while back).

Re: [MAYBE SPAM] Re: Looking for HowTo instructions ...

[Damian Wiest]

On Tue, Oct 03, 2006 at 03:06:20PM -0400, Adam wrote:
>  Damian Wiest <[EMAIL PROTECTED]> wrote:
> 
> > On Mon, Oct 02, 2006 at 07:54:05PM -0400, Adam wrote:
> > > Damian Wiest <[EMAIL PROTECTED]> wrote:
> > > 
> > > > Suppose your cron jobs don't emit output, which any good job shouldn't 
> > > > do.
> > > 
> > > Huh?  If you want a task to run on a schedule, and then mail you the 
> > > results,
> > > then cron is exactly what you want.  Any "good job" does what its author
> > > wants it to.  If they want it to emit output, then having it be silent for
> > > no reason does not make it a "good job".
> > > 
> > > Adam
> > 
> > The way I structure my jobs, no output is _ever_ mailed by the cron 
> > daemon.  Instead, the job itself traps output and sends an appropriate 
> > email message, with an appropriate subject to the appropriate user.
> 
> Good for you.  But "what Damian likes to do" is not the definition of
> "good".

It's my definition :)

>  Like I said, if someone wants output mailed from cron, then
> making the job silent just because Damian thinks that's "good" is dumb.
> 
> Adam

Do whatever you like.  I'm simply stating my preference and providing 
an alternative setup for people to consider.  I don't find receiving
200+ messages a day from cron jobs running on the network with identical 
subject lines to be a particularly good setup.  In this case, having 
cron mail me the results of the job is not "exactly what I want" as you
seem to believe.

If you can come up with a better scheme for managing emailed output from
hundreds of jobs running on hundreds of machines, then please share.
As it stands, you're merely trolling.

-Damian

Re: dmesg timestamps

[Joachim Schipper]

On Tue, Oct 03, 2006 at 08:40:38PM +0200, Karel Kulhavy wrote:
> Is it possible to turn on some kind of timestamps or sequence numbers in 
> dmesg?
> When I ocassionally get an error message (uncorrectable error on CD), I would
> like to know if I got one recently or not. Difficult to distinguish 1000 and
> 1001 messages of this type in dmesg otherwise.

That's what /var/log/messages is for.

Joachim

Re: CDROM mounts always on 2nd attempt

[Joachim Schipper]

On Tue, Oct 03, 2006 at 08:31:55PM +0200, Karel Kulhavy wrote:
> When I mount /dev/cd0c I always get this in dmesg:
> cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x0
> SENSE KEY: Not Ready
>  ASC/ASCQ: Logical Unit Is in Process Of Becoming Ready
> 
> And this in application:
> [EMAIL PROTECTED]:~$ mount /mnt/cd
> mount_cd9660: /dev/cd0c on /mnt/cd: Input/output error
> 
> When I retry, it mounts. Do you know what the error messages mean and
> why it is error? To me it looks like the OS should wait if the unit is not
> yet ready. What I can hear is that it is spinning up the disk slowly.
> I don't know why slowly when it's a 50x or 48x speed drive or something like
> this, but it does.
> 
> Can I somehow determine the type of the drive? My dmesg is full of these
> messages:
> uid 1000 on /: file system full
> uid 1000 on /: file system full
> uid 1000 on /: file system full

While I'm not sure about how to deal with the first problem (the obvious
workaround is to run dd if=/dev/rcd0a of=/dev/null count=1 first, or
somesuch, but that's a workaround), the second is indicative of / being
filled. Don't do that; not doing that is easier if /home is on a
different partition.

Joachim

The new 4.0 song(s)

[Theo de Raadt]

We have just put up the new songs for 4.0

There are two... well, there is one for 4.0, but there is an extra
song that Ty made by himself (without any input from us) specifically
for the audio CD.

Much to our amusement that track relates so strongly to the current
Intel (open source frauds) situation, so I decided to release the
audio for that on the net as well.

Enjoy at http://www.openbsd.org/lyrics.html

Re: FreeBSD Netbackup client on AMD 64 version of OpenBSD?

[Ted Unangst]

On 10/3/06, Michael Durket <[EMAIL PROTECTED]> wrote:

Searching via Google it appears that a few people have reported
that the FreeBSD version of Veritas Netbackup will run under
OpenBSD if FreeBSD emulation is compiled into the kernel.


the amd64 platform does not support any emulations.

Re: Looking for HowTo instructions ...

[Adam]

 Damian Wiest <[EMAIL PROTECTED]> wrote:

> On Mon, Oct 02, 2006 at 07:54:05PM -0400, Adam wrote:
> > Damian Wiest <[EMAIL PROTECTED]> wrote:
> > 
> > > Suppose your cron jobs don't emit output, which any good job shouldn't do.
> > 
> > Huh?  If you want a task to run on a schedule, and then mail you the 
> > results,
> > then cron is exactly what you want.  Any "good job" does what its author
> > wants it to.  If they want it to emit output, then having it be silent for
> > no reason does not make it a "good job".
> > 
> > Adam
> 
> The way I structure my jobs, no output is _ever_ mailed by the cron 
> daemon.  Instead, the job itself traps output and sends an appropriate 
> email message, with an appropriate subject to the appropriate user.

Good for you.  But "what Damian likes to do" is not the definition of
"good".  Like I said, if someone wants output mailed from cron, then
making the job silent just because Damian thinks that's "good" is dumb.

Adam

Re: ral0 errors

[Bob Bostwick \(Lists\)]

Unfortunately I'm not on location right now, but I'll have the info on
the PowerBook card tonight.

Thanks!

|-Original Message-
|From: Damien Bergamini [mailto:[EMAIL PROTECTED]
|Sent: Tuesday, October 03, 2006 12:30 AM
|To: Bob Bostwick (Lists)
|Cc: misc@openbsd.org
|Subject: Re: ral0 errors
|
|Could you provide a dmesg of your OpenBSD wireless router so that
|I can know what Ralink chip and radio you have?
|Do you know the model of the wireless adapter in your PowerBook?
|These messages are not normal so sending them to /dev/null is not
|an option ;)
|I'm quite busy right now but I'll look at this problem after work.
|
|Thanks,
|Damien
|
|
||I have OBSD setup as my wireless router and it works perfectly!
However
|| when I connect with my PowerBook, I start getting tons of output on
the
|| console.  The PowerBook does connect and it can use the network.
||
|| 1.) Is there anything I can do about this?
|| 2.) If not can I send these messages to /dev/null somehow?  I still
want
|| to get most messages on the console, but this one happens so often
that
|| I can't do anything else if I'm on the console.
||
|| cat /etc/hostname.ral0
|| inet 192.168.2.254 255.255.255.0 NONE media autoselect mediaopt
hostap
|| mode 11g nwid Devious_WL_BackOff chan 11
||
|| I'm also using OpenVPN for this and have several other machines
|| connected wirelessly no problem, but whenever the PowerBook connects
I
|| get
||
|| Sep 28 12:47:49 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:49 mbsd /bsd: ral0: sending data frame failed 0x0099aafa
|| Sep 28 12:47:49 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:49 mbsd /bsd: ral0: sending data frame failed 0x0099aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x00c9aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:50 mbsd /bsd: ral0: sending data frame failed 0x0319aafa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x001003fa
|| Sep 28 12:47:51 mbsd /bsd: ral0: sending data frame failed 0x05d1aafa
||
|| Thanks
||
|| B
|
dmesg

OpenBSD 4.0 (GENERIC) #1104: Fri Sep  1 11:54:27 MDT 2006

[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

cpu0: AMD Athlon(tm) XP 2600+ ("AuthenticAMD" 686-class, 256KB L2 cache) 2.09 
GHz

cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE

real mem  = 536375296 (523804K)

avail mem = 481370112 (470088K)

using 4256 buffers containing 26923008 bytes (26292K) of memory

mainbus0 (root)

bios0 at mainbus0: AT/286+(23) BIOS, date 05/14/03, BIOS32 rev. 0 @ 0xfb490, 
SMBIOS rev. 2.2 @ 0xf (43 entries)

bios0: ASUSTeK Computer INC. A7N8X

apm0 at bios0: Power Management spec V1.2

apm0: AC on, battery charge unknown

apm0: flags 70102 dobusy 1 doidle 1

pcibios0 at bios0: rev 2.1 @ 0xf/0xdf84

pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdeb0/208 (11 entries)

pcibios0: PCI Exclusive IRQs: 5 11

pcibios0: no compatible PCI ICU found

pcibios0: Warning, unable to fix up PCI interrupt routing

pcibios0: PCI bus #2 is the last bus

bios0: ROM list: 0xc/0xa000 0xcc000/0x4000! 0xd/0x1800

cpu0 at mainbus0

pci0 at mainbus0 bus 0: configuration mode 1 (no bios)

pchb0 at pci0 dev 0 function 0 "NVIDIA nForce2 PCI" rev 0xa2

"NVIDIA nForce2" rev 0xa2 at pci0 dev 0 function 1 not configured

"NVIDIA nForce2" rev 0xa2 at pci0 dev 0 function 2 not configured

"NVIDIA nForce2" rev 0xa2 at pci0 dev 0 function 3 not configured

"NVIDIA nForce2" rev 0xa2 at pci0 dev 0 function 4 not configured

"NVIDIA nForce2" rev 0xa2 at pci0 dev 0 function 5 not configured

pcib0 at pci0 dev 1 function 0 "NVIDIA nForce2 ISA" rev 0xa3

nviic0 at pci0 dev 1 function 1 "NVIDIA 

Re: dmesg timestamps

[Theo de Raadt]

> Is it possible to turn on some kind of timestamps or sequence numbers in 
> dmesg?

No.

> When I ocassionally get an error message (uncorrectable error on CD), I would
> like to know if I got one recently or not. Difficult to distinguish 1000 and
> 1001 messages of this type in dmesg otherwise.

syslogd remembers when the kernel gave it messages, and puts the timestamp
into the syslog output files.

FreeBSD Netbackup client on AMD 64 version of OpenBSD?

[Michael Durket]

Searching via Google it appears that a few people have reported 
that the FreeBSD version of Veritas Netbackup will run under 
OpenBSD if FreeBSD emulation is compiled into the kernel.

It is not compiled into the AMD kernel version that I have 
(OpenBSD 3.7) and in fact, when I turn on the necessary 
options, errors are generated on the make (which can be 
solved). What I'm wondering is, before I go through all the
trouble to fix it, is there anyone out there who has successfully
run the FreeBSD Netbackup on an AMD version of OpenBSD with 
emulation enabled, or does that combination really only work
with the i386 kernels?

Thanks,

  Michael Durket

dmesg timestamps

[Karel Kulhavy]

Is it possible to turn on some kind of timestamps or sequence numbers in dmesg?
When I ocassionally get an error message (uncorrectable error on CD), I would
like to know if I got one recently or not. Difficult to distinguish 1000 and
1001 messages of this type in dmesg otherwise.

CL<

CDROM mounts always on 2nd attempt

[Karel Kulhavy]

When I mount /dev/cd0c I always get this in dmesg:
cd0(atapiscsi0:0:0): Check Condition (error 0x70) on opcode 0x0
SENSE KEY: Not Ready
 ASC/ASCQ: Logical Unit Is in Process Of Becoming Ready

And this in application:
[EMAIL PROTECTED]:~$ mount /mnt/cd
mount_cd9660: /dev/cd0c on /mnt/cd: Input/output error

When I retry, it mounts. Do you know what the error messages mean and
why it is error? To me it looks like the OS should wait if the unit is not
yet ready. What I can hear is that it is spinning up the disk slowly.
I don't know why slowly when it's a 50x or 48x speed drive or something like
this, but it does.

Can I somehow determine the type of the drive? My dmesg is full of these
messages:
uid 1000 on /: file system full
uid 1000 on /: file system full
uid 1000 on /: file system full

CL<

Re: OpenNTPD Question/Problem on OpenBSD 3.9 (stable) GENERIC #617 kernel

[Henning Brauer]

* Prabhu Gurumurthy <[EMAIL PROTECTED]> [2006-10-03 19:49]:
> There seems to be a lot of jitter on OpenNTPD based machines (i.e DMZ 
> machines). This prevents the Intranet machines to sync up to the OpenBSD 

this could happen with machines that have a very bad system clock, i. 
e. ntpd needsto constantly account for the drift because the clock is 
running too fast or too slow. starting with 4.0 there is a permanent 
tick adjustment, so that ntpd can correct the tick frequency. that 
should fix these issues.

-- 
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

Re: Looking for HowTo instructions ...

[Damian Wiest]

On Mon, Oct 02, 2006 at 07:54:05PM -0400, Adam wrote:
> Damian Wiest <[EMAIL PROTECTED]> wrote:
> 
> > Suppose your cron jobs don't emit output, which any good job shouldn't do.
> 
> Huh?  If you want a task to run on a schedule, and then mail you the results,
> then cron is exactly what you want.  Any "good job" does what its author
> wants it to.  If they want it to emit output, then having it be silent for
> no reason does not make it a "good job".
> 
> Adam

The way I structure my jobs, no output is _ever_ mailed by the cron 
daemon.  Instead, the job itself traps output and sends an appropriate 
email message, with an appropriate subject to the appropriate user.

An email message with a subject line of 'Output from "cron" job' is 
useless.  Messages with a subject of "[SUCCESS] backup.sh" or 
"[FAILURE] backup.sh" are much more useful.  I can filter the messages
more easily, I have more confidence in a junior admin not missing an 
important message and I can have success and error conditions notify 
different people.

I get daily email messages from too many jobs running as root on too 
many different machines for cron's default email output to be useful.

-Damian

OpenNTPD Question/Problem on OpenBSD 3.9 (stable) GENERIC #617 kernel

[Prabhu Gurumurthy]

All -
   This is going to be a long email. My apologies for that! I have a 
question regarding performance of OpenNTPD vs generic/DaveMills NTPD.


Setup:
1. We have 3 machines in our DMZ which act as our primary NTP servers.
2. We have close to 8 machines in our Intranet which act as secondary 
NTP servers, which serve all our network and they all get their 
time(rather try to) from our Primary NTP servers.


All the 3 primary NTP servers run OpenBSD 3.9 stable (i.e from the CD) 
and GENERIC kernel. and are in DMZ. All the them have identical 
hardware, in fact Dell PowerEdge 650 and all have same setup,

* same release install i.e 3.9 install from OpenBSD CD.
* GENERIC kernel and NO modification using ukc or recompile

DMZ NTP servers.
dmz-ntp1
uname: OpenBSD dmz-ntp1.XXX.YYY 3.9 GENERIC#617 i386
Snippet of dmesg:
OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

dmz-ntp2
uname: OpenBSD dmz-ntp2.XXX.YYY 3.9 GENERIC#617 i386
OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

dmz-ntp3
uname: OpenBSD dmz-ntp3 XXX.YYY 3.9 GENERIC#617 i386
OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC

ntpd configuration is the same for all the DMZ boxes.
Shown below are with comments removed!
[Begin Conf]
server 0.us.pool.ntp.org
server 1.us.pool.ntp.org
server 2.us.pool.ntp.org

server dmz-ntp1.XXX.YYY
server dmz-ntp2.XXX.YYY
server dmz-ntp3.XXX.YYY

listen on *
[End Conf]

All our internal boxes run RHEL4u2
Linux arrowhead.XXX.YYY 2.6.9-22.ELsmp #1 SMP Mon Sep 19 18:32:14 EDT 
2005 i686 i686 i386 GNU/Linux


ntpd configuration is the same for all internal boxes.
Show below are with comments removed.

[Begin Conf]
server dmz-ntp1.XXX.YYY
server dmz-ntp2.XXX.YYY
server dmz-ntp3.XXX.YYY


peer ntp01.XXX.YYY
peer ntp02.XXX.YYY
peer ntp03.XXX.YYY
peer ntp04.XXX.YYY
peer ntp05.XXX.YYY
peer ntp06.XXX.YYY
peer ntp07.XXX.YYY
peer ntp08.XXX.YYY
peer ntp09.XXX.YYY
peer ntp10.XXX.YYY

server 127.127.1.0
fudge 127.127.1.0 stratum 10

driftfile /var/lib/ntp/drift
[End Conf]

All NTP machines are reachable on port 123.

Problem:
There seems to be a lot of jitter on OpenNTPD based machines (i.e DMZ 
machines). This prevents the Intranet machines to sync up to the OpenBSD 
machines. So we installed NTPD (not OpenNTPD) from ports and restared 
NTP on the dmz-ntp3 and lo and behold all Linux boxes starting syncing 
up with this box, but not to any other OpenNTPD based machines (which 
are 2 right now).


NTP stats from the Intranet boxes.
Please ignore

NTP stats from our Intranet box called arrowhead running RHEL4u2
--== ntpq -p arrowhead ==--
remoterefid  st t when poll reach   delay   offset  jitter
==
dmz-ntp1  93.5.230.181 4 u   22 1024  3770.734  -270.18  87.034
-dmz-ntp3 24.123.214.973 u  903 1024  3771.373  -10.758   3.727
xdmz-ntp2 220.249.119.159  4 u  960 1024  3770.932  -213.16 246.533
arrowhead .STEP.  16 u- 102400.0000.000 4000.00
+aspen10.200.2.65  5 u  559 1024  3764.154   -0.673   0.142
+baldy10.200.1.243 5 u  270 1024  3773.3640.145   1.597
buttermilk 10.200.2.87  5 u  576 1024  3762.3870.718   0.203
-copper   10.200.1.222 4 u  971 1024  3763.1301.433   0.584
 cypress  10.200.2.87  5 u  426 1024  3764.032   -0.456   0.111
*heavenly 10.200.1.222 4 u  772 1024  3763.314   -0.136   0.630
-kirkwood 10.200.2.68  3 u  610 1024  3774.017   -2.248   3.995
-shasta   66.92.68.11  2 u  747 1024  376   10.674  -12.836   3.089
 LOCAL(0)LOCAL(0)10 l   63   64

NTP stats from our Intranet box called aspen running RHEL4u2
--== ntpq -p aspen ==--
remote refid  st t when poll reach   delay   offset  jitter
==
xdmz-ntp1  93.5.230.181 4 u  292 1024  3770.867  -240.39  86.761
-dmz-ntp3 24.123.214.973 u  797 1024  3771.143  -12.227   3.712
xdmz-ntp2 220.249.119.159  4 u  908 1024  3772.641  -222.98 247.827
-arrowhead 10.200.1.245 5 u  552 1024  3773.8450.828   0.409
 aspen .STEP.  16 u- 102400.0000.000 4000.00
-baldy 10.200.1.222 4 u 1015 1024  3764.710   -0.608   0.941
+buttermilk 10.200.1.245 5 u  888 1024  3763.9130.013   0.210
*copper10.200.1.222 4 u  979 1024  3766.0860.130   0.248
-cypress   10.200.2.87  5 u  989 1024  3763.7890.254   0.437
-heavenly 10.200.2.87  5 u  299 1024  3775.3261.349   0.759
+kirkwood 199.184.165.135  3 u  284 1024  3779.448   -0.471   0.523
-shasta 66.33.216.11 3 u   26 1024  3765.536  -16.241   4.331
 LOCAL(0)  LOCAL(0)10 l   52   64  3770.0000.000   0.001

Re: Question About low cost CD's

[M.Salah]

Dear / Steve


You are correct, unfortunately even if the system was first introduced by
its "Name" over an

embedded device as a firewall appliance or a router, it won't find a room to
breath in!

becuase they follow here the brands or let me rephrase it they follow the
knowen brands.


M.Salah

Re: Some recommendations on file locations sought

[John Draper]

Will Maier wrote:


On Fri, Sep 22, 2006 at 01:29:56PM -0700, John Draper wrote:
 


Here is what I did...

htpasswd -c /var/www/conf/auth/passwd edp
< I set the password here >

chown root.nogroup /var/www/conf/auth/passwd
chmod 640 /var/www/conf/auth/passwd
   



What user/group are you running httpd as? Is that user a member of
nogroup? Can that user read the file?
 


"www"


[...]
 


But the Apache rejects my password.  I tried it several times,
same thing,  rejection.
   



Did you look at the error_log?
 

Yes - it didn't give me any meaningful information - but I did manage to 
get a workaround
to work,  by changing the permissions,  but it was ust guesswork,  as if 
there are wrong

permissions,  the system is never going to let me know.

John

Re: NIS server

[Rogier Krieger]

On 10/3/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:

[...] note that at least OpenBSD can authenticate
directly against LDAP, using sysutils/login_ldap.


Personally, I suspect the OP has a specific interest in implementing
NIS. Through NIS, OpenBSD can obtain the information it would
otherwise get from the password file (i.e. user entries). IIRC, there
is no alternative 'nsswitch-like' tool available for OpenBSD. If I'm
wrong on this, feel free to correct me (you'd make me happy).

As nice a tool as login_ldap may be, it still requires you to add such
entries, limiting scalability. Unfortunately, I do not know of an
LDAP-based NIS working on OpenBSD, so this probably isn't too much
help to the OP either. Sorry for wasting the bandwidth.

Cheers,

Rogier

--
If you don't know where you're going, any road will get you there.

Re: Question About low cost CD's

[Steve Shockley]

M.Salah wrote:

I would like to help funding the project but not Like this !! more money
goes to the wrong person.


You could always make your own CDs or DVDs, and then donate whatever 
you're comfortable with to the project.  That way all the money goes to 
the project, and there's little cost to the project.  As long as you 
currently have a computer with an OS, that should meet your needs.

Re: RAIDFrame parity rebuild: why so slow?

[L. V. Lammert]

On Mon, 02 Oct 2006 20:11:36 +0200
nothingness <[EMAIL PROTECTED]> wrote:

> Hi all,
>
>   I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've
> never seen any performance improvement in getting the system to work
> any faster at rebuilding parity after a hard shutdown.


We have used a number of RAIDframe 1 configs in the past, .. having seen 
the same issues we have switched to rsync. MUCH simpler, no boot delay, and 
it's actually simpler to recover if a disk crashes.


Most of these systems can live just fine with a 15 minute backup, .. the 
same rsync process works just fine for off-machine (USB) and off-site.


Lee

Re: annoying openbsd mutt package

[joerch]

On Tue, Oct 03, 2006 at 04:02:21PM +0200, Zoran Kolic wrote:
> Is there any chance to "touch" that file?
> Make it and go on.
> If the app looks for that file, post to mean
> that you told it so. Could you try to change
> ".muttrc" for that option?

I believe that the /var/mail/whoever file is needed for
more than the mutt package !?

Why not:

sudo touch /var/mail/whoever
sudo chown whoever:whoever /var/mail/whoever
sudo chmod 600 /var/mail/whoever

It is maybe a simple solution.

-- 
gruesse 
joerg "joerch" buechner
--

Re: Question About low cost CD's

[Pedro Martelletto]

What's more effective in this case is pressuring local vendors so _they_
get to import the CDs. If you prove them there's a reasonable consumer
market, then they certainly will try to make the CDs available.

Vendors know the process. Vendors can negotiate and get cheaper prices.
Vendors can arrange for cheaper shipping. Vendors can pressure the local
government for less extorsive taxes.

There are many different countries out there, each with a distinct
reality, government and legislation. Unfortunately, there's nothing much
OpenBSD can do to workaround the requirements needed for the CD to reach
your tray beyond making it available for order.

But vendors can.

-p.

Re: RAIDFrame parity rebuild: why so slow?

[Greg Oster]

"Jeff Quast" writes:
> On 10/3/06, Joerg Zinke <[EMAIL PROTECTED]> wrote:
> > On Mon, 02 Oct 2006 20:11:36 +0200
> > nothingness <[EMAIL PROTECTED]> wrote:
> >
> > > Hi all,
> > >
> > >   I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've
> > > never seen any performance improvement in getting the system to work
> > > any faster at rebuilding parity after a hard shutdown. I've tried
> > > RAID1, RAID5, SCSI drives, IDE drives, processors from PentiumII 400s
> > > to Athlon64 3200+ and it has *always* been ridiculously slow at
> > > rebuilding. Just a 9G RAID5 partition takes over 2 hours. A 60G RAID1
> > > takes 11 hours. 11!!! Before flaming me to say, just go and edit the
> > > code, it's never been out of beta or whatever, explain why compared
> > > to other OSes it's always so slow, even to build the first time
> > > around. Linux's code in particular comes to mind.
> >
> > maybe this is one of the reasons why raidframe is not officially
> > supported and not enabled in stable kernel. i think another reason is
> 
> or that it doubles the size of a kernel for a function <5% of openbsd users 
> use.

RAIDframe on i386 archs used to be about 500K, which is ~10% of the 
current size of /bsd.  In a certain other BSD, RAIDframe now weighs in 
at about 148K for i386.

[snip]
> Raidframe was originaly a simulator. A simulator. It was never meant
> to be a kernel driver. It is not meant to ensure speed. It is not
> meant to actualy be used to store real data.

RAIDframe was developed as a framework.  It wasn't just a simulator. 
It wasn't just a user-land RAID driver.  It wasn't just a kernel driver.
It was built with all three to allow rapid prototyping of new types 
of RAID.  Yes, there is some overhead to this, but it's not as large 
as the code size might suggest... (e.g. compare the performance
difference between CCD vs RAID0..)

Later...

Greg Oster

Re: RE: filenames with extra characters like "é,è,ö ..." with rsync

[Christian Weisgerber]

Didier Wiroth <[EMAIL PROTECTED]> wrote:

> Thanks, but I already did that, and I currently use this option. ;-)
> This options strips/removes the special characters,

No, it doesn't.  Not in the general case.

> isn't it possible to to store the files with the the extra characters?

I just tried rsyncing a few files with 8-bit characters in their
names between two OpenBSD boxes and there is no problem whatsoever.
-8 isn't even needed.

-- 
Christian "naddy" Weisgerber  [EMAIL PROTECTED]

Re: annoying openbsd mutt package

[Zoran Kolic]

Is there any chance to "touch" that file?
Make it and go on.
If the app looks for that file, post to mean
that you told it so. Could you try to change
".muttrc" for that option?

  Zoran

Re: Question About low cost CD's

[M.Salah]

Dear / Siju

Your relly hit the point, I relly wish that there is some thing like that
"EE".

and from my side I see no problem doing it for that part of the world "where
I am I mean"

What can I say I wish that there was more advertisement for the BSD's in my
country!

many ppl uses one of the BSD's around but more uses Linux Distro's why?
because it looks

more convenient for a windows user

*sighs*

Thanks any way


M.Salah

Re: Serial control of LCD display

[Jeff Quast]

On 10/2/06, Peter Bako <[EMAIL PROTECTED]> wrote:

I am trying to get a CrystalFontz 632 serial display to work with an OpenBSD
box.  Under Windows I can just connect the display to a com port, run
Hyperterminal and send text directly to it, so I assumed that I could just
send a data stream to /dev/tty00 under OpenBSD and make it work as well.
Unfortunately it is not turning out to be anywhere that simple.


So far, neither OS does any more than the other.


If I use cu or tip and connect to /dev/tty00 and 19200 then I can send data
to the display, but eventually I need to be able to send data to it from a
shell script.  Any attempt I make to send data to it (such as cat test >
/dev/tty00) results in an error of "sh: Cannot create /dev/tty00:
Interrupted system call".

I've tried to mess with the stty command to setup the serial port (open it
up, set the speed, etc), but no luck, that error always comes up.  Can
anyone point me to the right direction on this?

Thanks,
Peter


Peter,

I would write what you need in C. I can help you along or start you
out with ~30 lines to do the job if necessary. It is very simple if
you are even just partly familiar with C. After 5 or so lines of
initializing the device, its just basic file i/o operations.

If you are more comfortable with python or perl, these can probobly
handle the job as well.

as for being able to use stty, then echo to it, I don't think its
possible. Anyone?

Re: RAIDFrame parity rebuild: why so slow?

[Jeff Quast]

On 10/3/06, Joerg Zinke <[EMAIL PROTECTED]> wrote:

On Mon, 02 Oct 2006 20:11:36 +0200
nothingness <[EMAIL PROTECTED]> wrote:

> Hi all,
>
>   I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've
> never seen any performance improvement in getting the system to work
> any faster at rebuilding parity after a hard shutdown. I've tried
> RAID1, RAID5, SCSI drives, IDE drives, processors from PentiumII 400s
> to Athlon64 3200+ and it has *always* been ridiculously slow at
> rebuilding. Just a 9G RAID5 partition takes over 2 hours. A 60G RAID1
> takes 11 hours. 11!!! Before flaming me to say, just go and edit the
> code, it's never been out of beta or whatever, explain why compared
> to other OSes it's always so slow, even to build the first time
> around. Linux's code in particular comes to mind.

maybe this is one of the reasons why raidframe is not officially
supported and not enabled in stable kernel. i think another reason is


or that it doubles the size of a kernel for a function <5% of openbsd users use.


that the actual raidframe implementation is not the best - citation of a
developer: "the code is crap"... but hey its open source, go, go, go:


You really shouldn't speak hearsay when it comes to source code. Its
open source, look yourself and make a judgement. It should only take
about two minutes to make a basic judement call


rewrite it :)

i use a 250 gb raid 1 and tooks 3h to rebuild parity on an athlon 2600
(32-bit).

regards,

joerg



If you really hate it so much, ^c it. Its just ensuring your parity.
Skip it if you don't like it. I occasionaly do. If you want speed, and
not reliability, then skip it and use stripe. This is like complaining
fsck_ffs is too slow. Don't complain when data is lost during a power
failure because you never bothered to ensure parity (or do not use
backups, use battery backups, or just keep trying to use emulated
opera with macromedia flash player)

I find tests with iozone to prove that a stripe of two 55MB/s disks
perform at 110MB/s almost to do the decimal, showing that raidframe
does a fantastic job.

Raidframe was originaly a simulator. A simulator. It was never meant
to be a kernel driver. It is not meant to ensure speed. It is not
meant to actualy be used to store real data. You're lucky you have it.
You should thank the author for making it a kernel driver.

rough parity consitancy check estimates of my own:
4-disk + spare raid5. U160 scsi, 15k rpm drives @ 20GB: ~3 minutes
2-disk raid0. U160 scsi, 15k rpm drives @ 8gb: ~2 minutes or less
3-disk raid5. 1 sata, 2 ide, (desktop-class disks) @ 260GB: ~50 minutes

raidframe is a theorm in action. It is old. I'm sure alot of functions
(including parity check) could be rewritten to perform much better
with modern processor designs in mind. That is your job. If you can't
handle it, then spend money on a true hardware raid card.

* (Don't get an adaptec onboard like me, or you'll still be using raidframe :) *

PS: You're post included no dmesg or patch.
You are just complaining. WHAaa :(

Re: Question About low cost CD's

[Siju George]

On 10/3/06, Stuart Henderson <[EMAIL PROTECTED]> wrote:

On 2006/10/03 12:25, M.Salah wrote:
> I would like to help funding the project but not Like this !! more money
> goes to the wrong person.
>
> so it would be nice to have low cost cd's to be shipped for those out side
> USA/Canada especially when you have this huge currency exchange rate.

This isn't exactly what you're asking, but it may be worth asking a book
shop if they can order it (the CD has an ISBN number shown on the release
page; for 4.0 it's 0-9731791-8-X). This probably won't help the CD cost
but might save on shipping and tax.



I think he is asking for some thing similar to the EEE ( Eastern
Economy Edition ) books.
I did manage to get a few BSD books ( 2 of them on OpenBSD, the PF
book could not be published in EEE because Jacek fell ill and went out
of contact after the first round of talks- But Jeremy has kindly shown
his willingness to get his PF book published in the EE edition ) with
the help of J. C. Roberts and other good BSD friends published in
India in the EEE editions.

No starch press was extremely friendly in their approach towards my
request. For example if I order Michael's "Absolute OpenBSD" fro the
website it would cost me 40 dollars + 40 dollars shipping ie.
approximately 80x50=4000 Indian Rupees. At the time I started using
OpenBSD it was more than my one month's total salary :-)

Now No Starch Press produces the EEE edition which cost me just 1/10
th the price i.e approximately 400 Rupee ( 10 dollars ) from the
nearest book store.

Now I did not not ask Theo about EE edition of OpenBSD CDs because
after the current conversion from Rupee to dollars I don't think the
project is going to get any significant revenue. And since OpenBSD CDs
are primarily a way to supporting the project it would be an almost
futile exercise. Another fact is that at this point there are not many
people who will purchase the OpenBSD CDs even if there is an EE
edition.

But your currency seems to be higher than  mine :-)
Also in some case I feel sending in Money or hardware might better
benefit the project. As you said in some cases more money goes to the
wrong person :-(

Kind Regards

Siju

Re: ipsec vpn: freebsd and openbsd

[Martin Gignac]

IPsec is based on standards (RFCs) while OpenVPN is not (it is based
on "standard" SSL, though).

I guess the best way to make your mind up is to actually go to the
OpenVPN web site (http://openvpn.net/) and read up on it. There's some
good info there.

Also, a visit on Google with keywords "openvpn ipsec comparison" or
"openvpn vs ipsec" should return some good info. Both approaches
achieve the same goal (a secure, tunneled VPN) in quite different
ways. In the past I have found OpenVPN to be quite easy to use when
setting up machines with different OSes at both ends (I've done Linux
<--> FreeBSD and Windows <--> FreeBSD VPNs with OpenVPN). I would say
that one of the advantages of OpenVPN over IPsec when using different
OSes is that configuration is pretty much identical (or at least close
to it) independent of the OS you're using, so if you're planning to
make many VPNs between all kinds of OSes it could be a good
alternative.

Read up on it and decide for yourself. I find it to be quite an
interesting product.

On 10/3/06, kintaro oe <[EMAIL PROTECTED]> wrote:

hey guys,

thanks a lot of the advice. hh..It seems the alternative is
openvpn..but whats the difference between them (openvpn and ipsec)?both are
secure..but dont know the reliability and stability. any advice then? thanks!
cheers,


-Martin

--
"Suburbia is where the developer bulldozes out the trees, then names
the streets after them."

  --Bill Vaughan

Bug 5247

[Tim van der Molen]

I think I have found the cause of bug 5247:
.
I'm not familiar enough with Lynx' source code to write a patch, but
hopefully the following information will make it easier for someone else
to do it.

A short description of the bug: lynx segfaults if the LYNX_TEMP_SPACE or
TMPDIR environment variable is a non-existent directory or a directory
for which lynx has insufficient permissions.

In src/gnu/usr.bin/lynx/src/LYMain.c:1203, a directory name starting
with either LYNX_TEMP_SPACE or TMPDIR is passed as an argument to
mkdtemp(). For the values of LYNX_TEMP_SPACE or TMPDIR mentioned above,
mkdtemp() returns NULL. Eventually, this value is passed as an argument
to strlen() which causes the segfault.

An obvious fix would be to check the return value of mkdtemp().

Here is the relevant source code:

src/gnu/usr.bin/lynx/src/LYMain.c:

lynx_temp_space is either LYNX_TEMP_SPACE or TMPDIR.

1202: StrAllocCat(lynx_temp_space, "/lynx-XX");
1203: lynx_temp_space = mkdtemp(lynx_temp_space);
1225: if ((HTStat(lynx_temp_space, &dir_info) < 0

src/gnu/usr.bin/lynx/WWW/Library/Implementation/HTFile.c:

2023: PUBLIC int HTStat ARGS2(
2024: CONST char *,   filename,
2025: struct stat *,  data)
2028: size_t len = strlen(filename);

HTH.

Regards,
Tim

Re: Deploying isakmp/vpn with PKI

[Joachim Schipper]

On Tue, Oct 03, 2006 at 12:51:47PM +0200, carlopmart wrote:
> Hi all,
> 
>  i need to deploy a PKI Linux based infraestructure, including 
> authentication (single sign on) for several Linux and OpenBSD servers. 
> We have two openbsd firewall clusters (3.9) with vpn using isakmpd. Is 
> it possible to use x509 certs generated on a Fedora Directory Server (I 
> have used to deploy PKI) to  authenticate VPN users?? Somebody knows if 
> these could be works?? If I need to upgrade to 4.0 is not a problem.
> 
> Many thanks and sorry for my bad english.

If those are just standard OpenSSL-style x509 certificates, you can
generate them whereever you want, and they will work just fine.

4.0 has a lot of improvements, and ISTR that some of those are
necessary to use ipsec.conf with clients that change IP adresses.

Joachim

Re: startting arpwatch port on boot?

[Fred Crowson]

stan wrote:

What is the prefered way to ave a daemon built from the ports tree (in this
case arpwatch) strated at boot time?


/etc/rc.local see man 8 rc

HTH
Fred
--
OpenBSD on the Zaurus C3200
http://www.crowsons.net/puters/zaurus.php

Re: startting arpwatch port on boot?

[Antoine Jacoutot]

On Tue, 3 Oct 2006, stan wrote:


What is the prefered way to ave a daemon built from the ports tree (in this
case arpwatch) strated at boot time?


See rc(8).
The "preferred" way is to use rc.local.

ex. something as simple as the following should suffice:

# start my great deamon
if [ -x /usr/local/sbin/greatdaemond ]; then
echo -n ' greatdaemond'; /usr/local/sbin/greatdaemond
fi

--
Antoine

Re: NIS server

[Joachim Schipper]

On Tue, Oct 03, 2006 at 01:30:11AM -0300, Gustavo Rios wrote:
> I wonder if some here knows a NIS server (ypserv) that uses openldap
> as information source!
> 
> If so, please, let me know. I am desperately searching for a nis
> server that uses ldap.

This may not be useful, but note that at least OpenBSD can authenticate
directly against LDAP, using sysutils/login_ldap. (And so can Linux, and
I assume FreeBSD, NetBSD, and I assume Solaris. And most other *NIX
systems.)

(Disclaimer: I've never tried any of the above.)

Joachim

Re: startting arpwatch port on boot?

[Stuart Henderson]

On 2006/10/03 07:14, stan wrote:
> What is the prefered way to ave a daemon built from the ports tree (in this
> case arpwatch) strated at boot time?

start it from /etc/rc.local

Re: Question About low cost CD's

[Stuart Henderson]

On 2006/10/03 12:25, M.Salah wrote:
> I would like to help funding the project but not Like this !! more money
> goes to the wrong person.
> 
> so it would be nice to have low cost cd's to be shipped for those out side
> USA/Canada especially when you have this huge currency exchange rate.

This isn't exactly what you're asking, but it may be worth asking a book
shop if they can order it (the CD has an ISBN number shown on the release
page; for 4.0 it's 0-9731791-8-X). This probably won't help the CD cost
but might save on shipping and tax.

startting arpwatch port on boot?

[stan]

What is the prefered way to ave a daemon built from the ports tree (in this
case arpwatch) strated at boot time?

-- 
Unix is very simple, but it takes a genius to understand the simplicity.
(Dennis Ritchie)

Re: annoying openbsd mutt package

[Craig Skinner]

On Mon, Oct 02, 2006 at 10:06:34PM -0300, Gustavo Rios wrote:
> I am using mutt with openbsd. I am getting annoyed by a message error
> i got just after i start it on command line:
> 
> The message is the following:
> 
> /var/mail/grios: No such file or directory (errno = 2)

$ echo $MAIL

And then:

set folder="$MAIL"
set mbox="$MAIL"
set mbox_type=Maildir


-- 
Craig Skinner | http://www.kepax.co.uk | [EMAIL PROTECTED]

Deploying isakmp/vpn with PKI

[carlopmart]

Hi all,

 i need to deploy a PKI Linux based infraestructure, including 
authentication (single sign on) for several Linux and OpenBSD servers. 
We have two openbsd firewall clusters (3.9) with vpn using isakmpd. Is 
it possible to use x509 certs generated on a Fedora Directory Server (I 
have used to deploy PKI) to  authenticate VPN users?? Somebody knows if 
these could be works?? If I need to upgrade to 4.0 is not a problem.


Many thanks and sorry for my bad english.

--
CL Martinez
carlopmart {at} gmail {d0t} com

Re: comment /var mount

[Craig Skinner]

On Mon, Oct 02, 2006 at 10:52:50PM +, Ray wrote:
> > Don't hack /etc/rc
> > 
> > set the "noauto" flag on /var. that will prevent it from being mounted
> > by "mount -a" but "mount /var" will mount it anyway.
> 
> 
> Thanks Riley!  
> 
> I would rather leave rc alone - but found out that using noauto option may 
> stop the device from giving out DHCP leases after reboot - some sort of 
> conflict, but haven't figured it out yet - or proven that it's the noauto 
> option.  It seems healthier with the comment in /etc/rc - but testing more...
> 

Pop in a "mount /var" line in rc.local before you start the dhcp server
in the same file.

-- 
Craig Skinner | http://www.kepax.co.uk | [EMAIL PROTECTED]

Re: rebooting failure - dmesg included

[Stuart Henderson]

On 2006/10/03 17:40, Rod.. Whitworth wrote:
> Are there any config changes that are worth trying, any BIOS settings
> that might work, any bit of code I can run to bypass the buggy
> bios/chipset/whatever ?

I had success on one box by changing BIOS settings. I made a couple
of likely-looking changes at once so I don't know which particular one
worked, and due to lack of time with the machine I didn't bother
finding out, but I did get it to reboot successfully.

> Please don't reply off-list or CC me.

If you can, add a 'Mail-Followup-To: [EMAIL PROTECTED]' header.

Question About low cost CD's

[M.Salah]

Hi all

Is there any chance that OpenBSD Author "this goes to Theo right?" Could
give the people out Side USA/Canada a low cost cd's?

Because starting with me I found that if I purchased the cd sets it would
coast me more than they want.

Plus they won't benefit from it at all except they had what they asked for
only!, why is that!? according to xe.com 50 USD's = 285.688 EGP "Egypt
Pounds" !! "1 USD = 5.71377 EGP~1 EGP = 0.175016 USD" Plus the surtax on the
shipment when I drop by to pick it up!

I would like to help funding the project but not Like this !! more money
goes to the wrong person.

so it would be nice to have low cost cd's to be shipped for those out side
USA/Canada especially when you have this huge currency

exchange rate.


PS: Sorry for the long e-mail

-- 
M.Salah

Re: RAIDFrame parity rebuild: why so slow?

[Joerg Zinke]

On Mon, 02 Oct 2006 20:11:36 +0200
nothingness <[EMAIL PROTECTED]> wrote:

> Hi all,
> 
>   I've been using RAIDFrame on OpenBSD since 3.1 and in 4 years I've
> never seen any performance improvement in getting the system to work
> any faster at rebuilding parity after a hard shutdown. I've tried
> RAID1, RAID5, SCSI drives, IDE drives, processors from PentiumII 400s
> to Athlon64 3200+ and it has *always* been ridiculously slow at
> rebuilding. Just a 9G RAID5 partition takes over 2 hours. A 60G RAID1
> takes 11 hours. 11!!! Before flaming me to say, just go and edit the
> code, it's never been out of beta or whatever, explain why compared
> to other OSes it's always so slow, even to build the first time
> around. Linux's code in particular comes to mind.

maybe this is one of the reasons why raidframe is not officially
supported and not enabled in stable kernel. i think another reason is
that the actual raidframe implementation is not the best - citation of a
developer: "the code is crap"... but hey its open source, go, go, go:
rewrite it :)

i use a 250 gb raid 1 and tooks 3h to rebuild parity on an athlon 2600
(32-bit).
 
regards,

joerg

-- 
https://www.umaxx.net

A: Because it messes up the order in which people read text.
Q: Why does top-posting make it difficult?
A: Top-posting.
Q: What is something that makes email communication difficult?

rebooting failure - dmesg included

[Rod.. Whitworth]

In the past I have been annoyed by (mostly Intel) mobos that reboot
instead of powering down when halt -p is entered. We just tell 'em to
halt and then hit the switch at the blue message. Forget sometimes =
just one more cycle ;-)

BUT now I have found a mobo that does powerdowns just fine. Problem is
it won't reboot if the reboot command (or any alternative) is issued.
It just hangs with the Rebooting . . . message.

Google and MARC found me a few hits but any that looked like my case
went unanswered and came from a fair way back in time.

Are there any config changes that are worth trying, any BIOS settings
that might work, any bit of code I can run to bypass the buggy
bios/chipset/whatever ?

Please don't reply off-list or CC me. I am subscribed and I will not
see mail that doesn't arrive from the list-server. Anything coming from
elsewhere is greytrapped.

Thanks,
Rod/
dmesg follows:
OpenBSD 4.0 (GENERIC) #1104: Fri Sep  1 11:54:27 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Celeron(R) CPU 2.66GHz ("GenuineIntel" 686-class) 2.66
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,TM2,CNX
T-ID,CX16
real mem  = 234123264 (228636K)
avail mem = 205885440 (201060K)
using 2883 buffers containing 11808768 bytes (11532K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 01/25/06, BIOS32 rev. 0 @
0xf0010, SMBIOS rev. 2.3 @ 0xf0510 (55 entries)
bios0: ASUSTeK Computer INC. P5S800-VM
apm0 at bios0: Power Management spec V1.2
apm0: AC on, no battery
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf64f0/160 (8 entries)
pcibios0: PCI Interrupt Router at 000:02:0 ("SiS 85C503 System" rev
0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x1000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "SiS 661 PCI" rev 0x11
ppb0 at pci0 dev 1 function 0 "SiS 648FX AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "SiS 6330 VGA" rev 0x00: aperture at
0xd000, size 0x40
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 2 function 0 "SiS 964 ISA" rev 0x36
pciide0 at pci0 dev 2 function 5 "SiS 5513 EIDE" rev 0x01: 661: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 38166MB, 78165360 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0
5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ohci0 at pci0 dev 3 function 0 "SiS 5597/5598 USB" rev 0x0f: irq 5,
version 1.0, legacy support
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: SiS OHCI root hub, rev 1.00/1.00, addr 1
uhub0: 3 ports with 3 removable, self powered
ohci1 at pci0 dev 3 function 1 "SiS 5597/5598 USB" rev 0x0f: irq 5,
version 1.0, legacy support
usb1 at ohci1: USB revision 1.0
uhub1 at usb1
uhub1: SiS OHCI root hub, rev 1.00/1.00, addr 1
uhub1: 3 ports with 3 removable, self powered
ohci2 at pci0 dev 3 function 2 "SiS 5597/5598 USB" rev 0x0f: irq 5,
version 1.0, legacy support
usb2 at ohci2: USB revision 1.0
uhub2 at usb2
uhub2: SiS OHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 3 function 3 "SiS 7002 USB" rev 0x00: irq 10
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: SiS EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 8 ports with 8 removable, self powered
rl0 at pci0 dev 11 function 0 "Realtek 8139" rev 0x10: irq 5, address
00:15:f2:5a:f2:ca
rlphy0 at rl0 phy 0: RTL internal PHY
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
lm0 at isa0 port 0x290/8: unknown Winbond chip (ID 0xa1)
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask ef65 netmask ef65 ttymask ffe7
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
syncing disks... 
OpenBSD 4.0 (GENERIC) #1104: Fri Sep  1 11:54:27 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Celeron(R) CPU 2.66GHz ("GenuineIntel" 686-class) 2.66
GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PS

Re: annoying openbsd mutt package

[Jurjen Oskam]

On Mon, Oct 02, 2006 at 10:06:34PM -0300, Gustavo Rios wrote:

> I am using mutt with openbsd. I am getting annoyed by a message error
> i got just after i start it on command line:
> 
> The message is the following:
> 
> /var/mail/grios: No such file or directory (errno = 2)
[...]
> I don't know what i am supposed to do to prevent it from happening.

Read the mutt manpage, specifically the "ENVIRONMENT" section.

-- 
Jurjen Oskam