Re: ntfs usb drive fail to mount
On 2008-04-27, Lord Sporkton <[EMAIL PROTECTED]> wrote: > Personally i feel it is wrong to include a controlling mechanism for a > feature that is not included. I feel if i have to go so far as to > rebuild my kernel, then i can certainly take a few more steps to add > mount_ntfs. Sounds like an easy way to end up with kernel and userland out-of-sync...
powerdown does not work with acpi
Hello misc. I use 4.3-current on an asustek laptop. For use acpi, I have to disable apm (via UKC). Powerdown works perfectly with GENERIC and apm. However, it does not work with GENERIC and acpi (I have to disable apm for acpi works). With GENERIC.MP, powerdown does not work. When I say powerdown does not work, it means the machine always reboot... When I do a powerdown, the machine halt... and reboot, whitout any messages. It's a little problem for me, if I can't halt my machine. See my dmesg: OpenBSD 4.3-current (GENERIC) #0: Fri Apr 25 22:33:12 CEST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Genuine Intel(R) CPU T2300 @ 1.66GHz ("GenuineIntel" 686-class) 1.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,EST,TM2,xTPR real mem = 1073115136 (1023MB) avail mem = 1029562368 (981MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 07/27/06, BIOS32 rev. 0 @ 0xf0010, SMBIOS rev. 2.3 @ 0xfc660 (35 entries) bios0: vendor American Megatrends Inc. version "A6JCMAS.219" date 07/27/2006 bios0: ASUSTeK Computer Inc. A6JC apm at bios0 function 0x15 not configured acpi0 at bios0: rev 0 acpi0: tables DSDT FACP APIC MCFG BOOT OEMB acpi0: wakeup devices P0P2(S0) P0P1(S0) CBS0(S0) P394(S0) USB0(S0) USB1(S0) EUSB(S0) MC97(S0) P0P4(S0) P0P5(S0) P0P6(S0) P0P7(S0) P0P8(S0) P0P9(S0) HDAC(S0) SLPB(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (P0P2) acpiprt2 at acpi0: bus 4 (P0P1) acpiprt3 at acpi0: bus 2 (P0P4) acpiprt4 at acpi0: bus -1 (P0P5) acpiprt5 at acpi0: bus -1 (P0P6) acpiprt6 at acpi0: bus 3 (P0P7) acpiprt7 at acpi0: bus -1 (P0P8) acpiprt8 at acpi0: bus -1 (P0P9) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2 acpitz0 at acpi0acpitz0: THRM: failed to read _CRT : no critical temperature defined acpitz0: THRM: failed to read _AC0 acpitz0: THRM: failed to read _PSV acpiac0 at acpi0: AC unit in unknown state acpibat0 at acpi0: BAT0 serial type LIon oem "ASUSTEK" acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB bios0: ROM list: 0xc/0xf000 cpu0 at mainbus0 cpu0: unknown Enhanced SpeedStep CPU, msr 0x06130a2c06000613 cpu0: using only highest and lowest power states cpu0: Enhanced SpeedStep 1000 MHz (1004 mV): speeds: 1667, 1000 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "Intel 82945GM Host" rev 0x03 ppb0 at pci0 dev 1 function 0 "Intel 82945GM PCIE" rev 0x03: irq 11 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "NVIDIA GeForce 7300 Go" rev 0xa1 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) agp0 at vga1: no integrated graphics azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02: irq 3 azalia0: codec[s]: Realtek ALC880, Motorola/0x3055, using Realtek ALC880 audio0 at azalia0 ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x02: irq 11 pci2 at ppb1 bus 2 re0 at pci2 dev 0 function 0 "Realtek 8168" rev 0x01: RTL8168 2 (0x3800), irq 11, address 00:18:f3:5b:f6:31 rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2 ppb2 at pci0 dev 28 function 3 "Intel 82801GB PCIE" rev 0x02: irq 5 pci3 at ppb2 bus 3 wpi0 at pci3 dev 0 function 0 "Intel PRO/Wireless 3945ABG" rev 0x02: irq 5, MoW2, address 00:13:02:dd:05:5f uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x02: irq 7 uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x02: irq 5 uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x02: irq 4 uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x02: irq 6 ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x02: irq 7 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0xe2 pci4 at ppb3 bus 4 cbb0 at pci4 dev 1 function 0 "Ricoh 5C476 CardBus" rev 0xb3: irq 3 "Ricoh 5C552 Firewire" rev 0x08 at pci4 dev 1 function 1 not configured sdhc0 at pci4 dev 1 function 2 "Ricoh 5C822 SD/MMC" rev 0x17: irq 5 sdmmc0 at sdhc0 "Ricoh 5C592 Memory Stick" rev 0x08 at pci4 dev 1 function 3 not configured cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 5 device 0 cacheline 0x0, lattimer 0x40 pcmcia0 at cardslot0 ichpcib0 at pci0 dev 31 function 0 "Intel 82801GBM LPC" rev 0x02: PM disabled pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 95396MB, 195371568 sectors atapiscsi0 at pciide0 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: ATAPI 5/cdrom removable wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 cd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) usb1 at uhci0: USB revision 1.0 uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb2 at
Re: minimac on openbsd
On Fri, 25 Apr 2008, Aaron Glenn wrote: On Sun, Mar 23, 2008 at 6:15 AM, sonjaya <[EMAIL PROTECTED]> wrote: Also default minimac is only 1 ethernet how to add another ethernet can support in minimac and openbsd. I'd find a low power switch capable of dot1q tagging and use the single ethernet port as a trunk port on the macmini. but if power is an issue adding another device is silly; get a soekris (or something cheaper) with multiple ethernet ports. or get a USB ethernet adapter. Cheers Sam -- They were meant for each other. Possibly as punishment.
Upgrade 4.1->4.2->4.3
Greetings, Can anyone enlighten me as to why DHCP clients are no longer retrieving their domain name from my OpenBSD DHCP/DNS server which I recently upgraded from 4.1 to 4.3 via 4.2? DHCP and DNS seems to functioning normally otherwise... Any advice appreciated (as always), Damon
Re: rdr to squid proxy with authentication
Claer wrote: On Wed, Apr 23 2008 at 40:17, Monah Baki wrote: Hi all, Hi, I implemented the following rule and so far I can see that all users are accessing my proxy server Tried the following in /etc/inetd.conf 127.0.0.1:5000 stream tcp nowait nobody /usr/bin/nc nc -w \ 20 192.168.3.106 8080 rdr on $int_if proto tcp from $int_net to $ext_if port 80 -> \ 127.0.0.1 port 5000 But I have one question, my proxy requires authentication before browsing, how can I have the firewall also authenticate, because if I disable on the squid proxy authentication, it works. If I enable it, all sites I try to visit comes up with a page that I need authentication first to use the proxy. Using transparent proxying + auth is generally considered a bad idea. But if you really want to do this, I would suggest using authpf. You can set up squid to do the proxying without authentication, set up pf to deny all traffic to the squid instance and set up authpf rules to allow all authenticated users passage to squid. http://www.openbsd.org/faq/pf/authpf.html Hope this helps. Aaron
Re: Nvidia Quadro NVS 140M
I have a laptop with that thing and performance is worse than a 1994 PC ISA video card. I ordered a new motherboard so that I can get rid of it. I talked with the nvidia guy and he assured me that there is no way that they'll fix this in the open source driver. On Sun, Apr 27, 2008 at 01:13:40PM +1000, mufurcz wrote: > Hi, > > We've got a few Lenovo T61 with Nvidia Quadro NVS 140M video cards. > > As far as I know, these cards are based on the GeForce 8400M G or GS > chip set (not an expert), and provides some entry level 3D performance, > more than enough to run X. > > Will this cards supported in the upcoming 4.3? > > mufurcz
Re: Nvidia Quadro NVS 140M
> I talked with the nvidia guy and he assured me that there is no way > that they'll fix this in the open source driver. > that's rather horrendous.. anymore info on this? Was he referring to the nv developers from being able to "figure out" the magick? or that his nVidia people were unwilling to intervene? both? so frustrating.. thanks for sharing! regards, ~Jason
Re: Nvidia Quadro NVS 140M
On Sun, Apr 27, 2008 at 01:13:40PM +1000, mufurcz wrote: > Hi, > > We've got a few Lenovo T61 with Nvidia Quadro NVS 140M video cards. > > As far as I know, these cards are based on the GeForce 8400M G or GS > chip set (not an expert), and provides some entry level 3D performance, > more than enough to run X. > > Will this cards supported in the upcoming 4.3? My R61 has got the same card, it's supported in 4.3, to the extent that I have the full panel resolution correctly detected. However, X is slow, really slow. And there's no acceleration for anything, including no xvideo mode. xvidtune doesn't allow any other mode but the native mode. So, depends what you intend. Basic desk work with `normal apps' like xterm: no issue. Fast stuff with accelerated graphics, video -> stay away Maybe nouveau will be better. It's so fucking hard to find a correct laptop where most everything will work correctly these days...
Re: Nvidia Quadro NVS 140M
On Sunday 27 April 2008 15:23:16 Jason Beaudoin wrote: > > I talked with the nvidia guy and he assured me that there is no way > > that they'll fix this in the open source driver. > > that's rather horrendous.. > anymore info on this? Was he referring to the nv developers from being > able to "figure out" the magick? or that his nVidia people were > unwilling to intervene? both? > > so frustrating.. > > thanks for sharing! > > regards, > ~Jason Jason, This is really not an interesting or relevant discussion. He's expressed nVidias unwillingness to deal w/ the issues in the drivers and we know from before that nVidia will not give us docs. So they deserve only be ignored, both on mailinglists and by you who are considering getting a new graphics card or computer. So let's kill this discussion off by concluding that when you buy a new computer or graphics card you should get it with other graphics then Nvidia. Regards Johan M:son
Re: Nvidia Quadro NVS 140M
Marc Espie ha scritto: On Sun, Apr 27, 2008 at 01:13:40PM +1000, mufurcz wrote: Hi, We've got a few Lenovo T61 with Nvidia Quadro NVS 140M video cards. As far as I know, these cards are based on the GeForce 8400M G or GS chip set (not an expert), and provides some entry level 3D performance, more than enough to run X. Will this cards supported in the upcoming 4.3? My R61 has got the same card, it's supported in 4.3, to the extent that I have the full panel resolution correctly detected. However, X is slow, really slow. And there's no acceleration for anything, including no xvideo mode. xvidtune doesn't allow any other mode but the native mode. So, depends what you intend. Basic desk work with `normal apps' like xterm: no issue. Fast stuff with accelerated graphics, video -> stay away Yeah, it's boring to have a video card and you cant see at least a movie...It's more slow than a turtle...poor turtle :( Maybe nouveau will be better. It's so fucking hard to find a correct laptop where most everything will work correctly these days... Exactly... How it's fuckin possible??? With laptops it's ever the same thing...You can use console, but no desktop environment. If you want to have/use, need to play with linux with blob or windowz... Fuck... It's better to use console than using other shit :)
Re: ntfs usb drive fail to mount
On Sun, Apr 27, 2008 at 12:48 AM, Ivo van der Sangen <[EMAIL PROTECTED]> wrote: > Would it be a good idea to note the lack of support for NTFS > filesystems in a GENERIC kerel in mount_ntfs(8)? If it is appreciated > I will send a diff. [...] But then it has to be removed *when* NTFS becomes a part of GENERIC. One place where this can be put up is the FAQ, but I'm still skeptical. IMHO, things as of now are fine. -Amarendra
Re: Nvidia Quadro NVS 140M
On 2008-04-27, Jason Beaudoin <[EMAIL PROTECTED]> wrote: >> I talked with the nvidia guy and he assured me that there is no way >> that they'll fix this in the open source driver. >> > > that's rather horrendous.. > anymore info on this? Was he referring to the nv developers from being > able to "figure out" the magick? or that his nVidia people were > unwilling to intervene? both? The nv developers *are* nVidia. As is pretty typical for a vendor-provided "open-source" driver, it is not code that can be properly maintained without vendor support. It may be "open source" but it is not truly Open.
Re: Nvidia Quadro NVS 140M
Marco Peereboom wrote: I have a laptop with that thing and performance is worse than a 1994 PC ISA video card. I ordered a new motherboard so that I can get rid of it. I talked with the nvidia guy and he assured me that there is no way that they'll fix this in the open source driver. Would like do the same thing, unfortunately NO budget (as usual)! Looked up the Nvidia site, they provide binary Solaris x64/x86 drivers (latest version 169.12/26-02-2008): `To download and install the driver, follow the steps below: STEP 1: Review the NVIDIA Software License. You will need to accept this license prior to downloading any files.` . and, if you have ANY question or problems (sic!): . `If you have any questions or problems, please check the NVIDIA Solaris Discussion forum. You can also contact Sun Microsystems for support at http://sunsolove.sun.com, or your local service provider.` Stinks! Burlesque . mufurcz
Re: Nvidia Quadro NVS 140M
He said that the clock on the chip is running in the lowest possible speed during boot and he added that clock settings won't be added to the open source driver. Setting a registry somewhere is obviously is a major IP hurdle to overcome. Stay away from this thing. I swear I have the fastest possible laptop to only run at PII speeds when compiling code. Text scrolling is super slow and consumes the cpu at 100%. I can not code on the box because of that so I tend to run it either over the network or without X. It is an awesome laptop when not in X. Can't wait for my motherboard with intel graphics... OpenBSD 4.3-current (GENERIC.MP) #0: Fri Apr 25 12:16:15 CDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3755974656 (3581MB) avail mem = 3633864704 (3465MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf68a0 (63 entries) bios0: vendor Dell Inc. version "A05" date 11/05/2007 bios0: Dell Inc. Latitude D830 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP HPET APIC ASF! MCFG SLIC TCPA SSDT acpi0: wakeup devices PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) USB4(S0) USB5(S0) EHC2(S0) EHCI(S0) AZAL(S3) RP01(S3) RP02(S4) RP03(S3) RP04(S3) RP05(S3) RP 06(S5) LID_(S3) PBTN(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU T7800 @ 2.60GHz, 2593.86 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16 ,xTPR,NXE,LONG cpu0: 4MB 64b/line 16-way L2 cache cpu0: apic clock running at 199MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU T7800 @ 2.60GHz, 2593.50 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,EST,TM2,CX16 ,xTPR,NXE,LONG cpu1: 4MB 64b/line 16-way L2 cache On Sun, Apr 27, 2008 at 09:23:16AM -0400, Jason Beaudoin wrote: > > I talked with the nvidia guy and he assured me that there is no way > > that they'll fix this in the open source driver. > > > > that's rather horrendous.. > anymore info on this? Was he referring to the nv developers from being > able to "figure out" the magick? or that his nVidia people were > unwilling to intervene? both? > > so frustrating.. > > thanks for sharing! > > regards, > ~Jason
cron - setusercontext failed for root
I'm setting up an embedded system from scratch with OpenBSD. The system is VERY much stripped down to the absolute necessary files only. I have troubles using cron: in /etc/crontab I have: --- SHELL=/bin/sh PATH=/bin:/sbin:/usr/bin:/usr/sbin HOME=/tmp/log */1 * * * * root /bin/sh -c "echo DEBUGMARKER>/tmp/console" --- I have an entry for root in /etc/passwd (and master.passwd respectively). Nevertheless, when cron starts, I get this: --- # /usr/sbin/cron -n -x sch debug flags enabled: sch [9538] cron started [9538] GMToff=7200 [9538] Target time=1209315180, sec-to-wait=28 [9538] tick(53,16,26,3,0) user [root:0:0:...] cmd="/bin/sh -c "echo DEBUGMARKER>/tmp/console"" [9538] Target time=1209315240, sec-to-wait=60 log_it: (root 14005) CMD (/bin/sh -c "echo DEBUGMARKER>/tmp/console") setusercontext failed for root log_it: (root 20135) MAIL (mailed 31 bytes of output but got status 0x0001) [9538] Target time=1209315240, sec-to-wait=59 --- The problem seems to be: "setusercontext failed for root" Why is this so and what can I do to solve this? A little more explanation: I'm not using std init-procedure, the kernel loads a custom init-script which does the things the system is designed to do. One task in the init-script is to start crond which is just there to do some cleanups regularly. Help will be appreciated! T.
Re: chroot issues with accessing /dev/ entries
> >> I am setting up an embedded system that's supposed to run from RAMDISK > >> only. > > > > You really should not do this. The RAMDISK kernel uses the > > SMALL_KERNEL option, and this can have all sorts of unknown effects. > > I appreciate you comment, but it seems I'm missing something or there's > a misunderstanding. I don't see the connection between using mount_mfs > and the ramdisk kernel. I don't think I'm using a ramdisk kernel. I'm > using a self compiled standard kernel, only I am creating a ramdisk with > mount_mfs in my init-script, copy my stuff into that ramdisk and chroot > to it. I don't see there's anything wrong with this? That's not what you said. You said "run from RAMDISK only".
Re: chroot issues with accessing /dev/ entries
I am setting up an embedded system that's supposed to run from RAMDISK only. You really should not do this. The RAMDISK kernel uses the SMALL_KERNEL option, and this can have all sorts of unknown effects. I appreciate you comment, but it seems I'm missing something or there's a misunderstanding. I don't see the connection between using mount_mfs and the ramdisk kernel. I don't think I'm using a ramdisk kernel. I'm using a self compiled standard kernel, only I am creating a ramdisk with mount_mfs in my init-script, copy my stuff into that ramdisk and chroot to it. I don't see there's anything wrong with this?
Solved: Re: chroot issues with accessing /dev/ entries
OK, thank you, that got me onto the right track, now I think I know what the problem is: mount_mfs. /sbin/mount_mfs -s 9 swap /mnt Is there a way to have devices under that mountpoint? Of course, just mknod(8) them (each time after creating the mfs), Thanks everybody for your help. For whatever reason it did not work (for me) to just copy (pax) the /dev/* files from / to my ramdisk-mountpoint (/mnt). The files were there but always caused a "failed to open" error when used from within the chrooted environment. It also did not work to first chroot and then (within the chroot environment) create the files with mknod. What worked was first creating the files with mknod and then chroot. I don't know why this is so, but I'm happy with it.
Re: cron - setusercontext failed for root
On 2008-04-27, Torsten <[EMAIL PROTECTED]> wrote: > I'm setting up an embedded system from scratch with OpenBSD. The system > is VERY much stripped down to the absolute necessary files only. Then it's no longer OpenBSD which is the whole operating system, the most you can say is it's using some parts from OpenBSD, so it's not exactly on-topic here. You can do a lot more to track down the problem yourself... > The problem seems to be: "setusercontext failed for root" > Why is this so Some suggestions: 1. ktrace(1)/kdump(1) 2. gdb(1). 3. Compare one/both of the above with a working system. 4. Look at setusercontext(3), work out what might fail.
RAID 0+1
I'm looking to set up a test unit this summer to try RAID 1+0 or 3+0. The goal is to be able to stream data quickly but tolerate loss of at least one disk at a time. It looks like there are three options supporting at least RAID level 0 and 1, can/should any of these be stacked yet? softraid http://www.openbsd.org/cgi-bin/man.cgi?query=softraid raidframe http://www.openbsd.org/cgi-bin/man.cgi?query=raid ccd http://www.openbsd.org/cgi-bin/man.cgi?query=ccd It looks like one disk (or CF) is needed for a base OpenBSD system, and the other 4+ for RAID. Is that the best way to ensure unattended booting? Also, what kind of data would you want back on the tests? It's early enough that I can work it into the plans. Regards, -Lars
Re: Upgrade 4.1->4.2->4.3
Damon McMahon wrote: > Greetings, > > Can anyone enlighten me as to why DHCP clients are no longer > retrieving their domain name from my OpenBSD DHCP/DNS server which I > recently upgraded from 4.1 to 4.3 via 4.2? DHCP and DNS seems to > functioning normally otherwise... > > Any advice appreciated (as always), > Damon it is your DHCP /SERVER/ machine which was upgraded, not the clients (I say this because I started out the note thinking it was a client that was upgraded and no longer fetching from the DHCP server) Show us what is happening, what you expected to happen, why you expected etc., rather than diagnosing the problem for us. :) Contents of dhcpd.conf would be interesting, as well as any message in /var/log/daemon regarding dhcpd. More details on what you did for the upgrade might also be interesting, as a fair number of people (including me) have upgraded their DHCP servers from 4.1 (and before) to 4.2 to 4.3 without reporting this problem, so my guess at this point is either something strange was done during the upgrade process or the problem is not directly related to the upgrade. There isn't much to dhcpd: dhcpd.conf and /usr/sbin/dhcpd are about it. Some other files launch it, but if it is running, it will be mostly those two files. dhcpd was replaced in the upgrade process, dhcpd.conf /should/ be untouched. Looking at the dates on those files will tell a few things, I suspect. Nick.
Re: RAID 0+1
> It looks like one disk (or CF) is needed for a base OpenBSD system, and > the other 4+ for RAID. Is that the best way to ensure unattended booting? I can only speak of raidframe as its the only one I've used. If you mean for attaching the array automatically then as mentioned in the manpage make sure your raid config file is in /etc, it'll be picked up by the rc script + a fstab entry. You can use a array as your root fs aswell, check out the " Auto-configuration and Root on RAID" of raidctl(8) Sevan / Venture37 _ Bag extra points with the Walkers Brit Trip Game http://www.walkersbrittrips.co.uk/game
vpn, isakmpd, and X509 certificates
Hello ports@, I'm a happy user of sane OpenBSD IPsec. There is one thing that I haven't been able to figure out yet though. I want to simultaneously connect to two IPsec servers, both of which are OpenBSD boxes and both of them use X509 certificates. These two servers are managed by different administrators and are absolutely unrelated. Hence, their X509 certs are created with different CAs. In both cases, I haven't been given opportunity to provide my own CSR for them to generate my certificate. Hence, I'm given two pair of keys/certs for each server. Basically, the two CSRs are signed using two different private keys. What this means to me is that I need to have two separate /etc/isakmpd/priavte/local.key for each server. I believe that /etc/isakmpd/priavte/local.key is glued in isakmpd and I have no way of specifying a separate local.key for each server I'm connecting to. Am I missing something? By the way, I obviously use ipsecctl(8) to configure IPsec. Thanks in advance.
Re: Nvidia Quadro NVS 140M
Damnit, my T61 will arrive next week, and I didn't know how serious this issue was when I ordered the laptop =( I may be stuck with it, since Lenovo takes almost a month to deliver a laptop here in Brazil, and if I decide to change the motherboard, I wouldn't like to even think about the time it would take. How about using the vesa driver instead?
Re: vpn, isakmpd, and X509 certificates
On 2008/04/27 14:18, Marten Rizwan wrote: > Hello ports@, this isn't exactly ports@ material...CC'd/reply-to set to misc. > I'm a happy user of sane OpenBSD IPsec. There is one thing that I haven't been able to figure out yet though. I want to simultaneously connect to two IPsec servers, both of which are OpenBSD boxes and both of them use X509 certificates. These two servers are managed by different administrators and are absolutely unrelated. Hence, their X509 certs are created with different CAs. In both cases, I haven't been given opportunity to provide my own CSR for them to generate my certificate. Hence, I'm given two pair of keys/certs for each server. Basically, the two CSRs are signed using two different private keys. What this means to me is that I need to have two separate /etc/isakmpd/priavte/local.key for each server. I believe that /etc/isakmpd/priavte/local.key is glued in isakmpd and I have no way of specifying a separate local.key for each server I'm connecting to. Am I missing something? By the way, I obviously use ipsecctl(8) to configure IPsec. > Thanks in advance. > I haven't tried this, and it's not in the manual as far as I can see, but it looks like isakmpd looks in files named after the identity of the local peer (i.e. srcid) before it tries local.key. If you get it working, let me know the details and I'll try and come up with something for the manual...
Re: Nvidia Quadro NVS 140M
On Sun, Apr 27, 2008 at 2:29 PM, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote: > Damnit, my T61 will arrive next week, and I didn't know how serious > this issue was when I ordered the laptop =( > I may be stuck with it, since Lenovo takes almost a month to deliver a > laptop here in Brazil, and if I decide to change the motherboard, I > wouldn't like to even think about the time it would take. > > How about using the vesa driver instead? I've been using/testing the vesa driver for about a week now with my (older) 6200 PCIex, as I was experiencing similar sporatic lockups in X. My only issue with the vesa driver is support for running mplayer in full screen mode.. no problems other than that. cheers, ~Jason
Re: Nvidia Quadro NVS 140M
> It's so fucking hard to find a correct laptop where most everything will > work correctly these days... Generally, the best-supported laptops on OpenBSD are the Lenovo ThinkPads. Detailed specifications of the individual chipsets in current ThinkPad models can be found at ftp://ftp.software.ibm.com/pc/pcinstitute/psref/tabook.pdf Before purchasing a ThinkPad, it is prudent to compare the chipsets in those specifications to the list of OpenBSD-supported chipsets at http://www.openbsd.org/i386.html (or at http://www.openbsd.org/amd64.html if you plan to run 64-bit OpenBSD). The two most commonly-encountered incompatibilities are with the wireless and with the graphics chipsets. OpenBSD does not support the Atheros wireless chipsets in current ThinkPad models--but the Intel wireless chipsets (currently Intel PRO/Wireless 3945ABG, and Intel Wireless WiFi Link 4965AG) are supported. The graphics chipsets supported by the intel driver http://www.openbsd.org/cgi-bin/man.cgi?query=intel also work well with OpenBSD. NVIDIA and ATI graphics chipsets have suffered from various incompatibilities with OpenBSD (but it is hoped that support for ATI will improve now that specifications for their graphics chipsets are available to the open source developers who write the drivers). If you are overwhelmed by the number of different ThinkPad models, then you should be aware that Lenovo designs some ThinkPads for compatibility with SUSE Linux. A link to a list of those Linux-compatible models is available on the Lenovo notebook main page at http://shop.lenovo.com/us/notebooks/ Although compatibility with SUSE Linux is no guarantee of compatibility with OpenBSD, the hardware-compatibility issues present in both operating systems are similar enough that this list can be a useful place to start looking for an appropriate model.
Re: vpn, isakmpd, and X509 certificates
Hello Stuart, > On 2008/04/27 14:18, Marten Rizwan wrote: > > Hello ports@, > > this isn't exactly ports@ material...CC'd/reply-to set to misc. > apologize for sending this to ports@, my mistake. > > I'm a happy user of sane OpenBSD IPsec. There is one thing that > I haven't been able to figure out yet though. I want to simultaneously > connect to two IPsec servers, both of which are OpenBSD boxes and > both of them use X509 certificates. These two servers are managed > by different administrators and are absolutely unrelated. Hence, > their X509 certs are created with different CAs. In both cases, I > haven't been given opportunity to provide my own CSR for them to > generate my certificate. Hence, I'm given two pair of keys/certs > for each server. Basically, the two CSRs are signed using two > different private keys. What this means to me is that I need to > have two separate /etc/isakmpd/priavte/local.key for each server. > I believe that /etc/isakmpd/priavte/local.key is glued in isakmpd > and I have no way of specifying a separate local.key for each server > I'm connecting to. Am I missing something? By the way, I obviously > use ipsecctl(8) to configure IPsec. > > Thanks in advance. > > > > I haven't tried this, and it's not in the manual as far as I can > see, but it looks like isakmpd looks in files named after the > identity of the local peer (i.e. srcid) before it tries local.key. > If you get it working, let me know the details and I'll try and > come up with something for the manual... Great idea, I just systraced isakmpd and it does look for srcid of the local peer, which in my case is FQDN. Notice that if your FQDN is for example level1.blah.org, the key should be placed as "/etc/isakmpd/private/level1.blah.org" *without* .key extension. here is the relevant part from systrace: native-fsread: filename eq "/etc/isakmpd/private/level1.blah.org" then permit native-fsread: filename eq "/etc/isakmpd/private/local.key" then permit
Re: vpn, isakmpd, and X509 certificates
> I haven't tried this, and it's not in the manual as far as I can > see, but it looks like isakmpd looks in files named after the > identity of the local peer (i.e. srcid) before it tries local.key. > If you get it working, let me know the details and I'll try and > come up with something for the manual... forgot to mention, same thing goes for ca.crt native-fsread: filename eq "/etc/isakmpd/ca/level1.blah.org" then permit Thanks.
Re: mrxvt and ksh issue
Hi, Thanks for your info! I have try using mrxvt various -hold and nothing helps me. It does not solve the problem of "zombie" kshs with Ctrl+Alt+Backspace. I still think this is a bug. I tried to find some answers and I found a interesting conclusion in the book "Unix power Tools" (O'Reilly) in chapter 38.16 (last paragraph). I paste the text. "So, to get rid of a zombie, you must wait for it. If you have already done so or if the process' PPID is 1, the process is almost certainly stuck in a device driver (42.1) close routine, and if it remains that way forever, the driver has a bug." Keep investigating. Jesus- Antoine Jacoutot escribis: Hi. Sorry, a bit late on this but I've been busy. Did you have a look at the '-hold' option? >From what you've been saying, disabling it should solve your problem. -hold mask Hold the tab open after the child process in it exits. mask is the mask of flags which control weather the tab will be held open based on the exit status of the child process. If the lowest bit (0x01) of mask is set, then the tab will always be held open after the child exits. If the next bit (0x02) is set, then the tab will only be held open if the child exits abnormally (e.g. via abort(1)). If the third bit (0x04) is set, then the tab will be held open if the child exits with non-zero status. NOTE: In previous versions of mrxvt this was a boolean option. For backward compatibility, the value of True, On, Yes will be treated as 1 and anything illegal will be treated as 0. The default is 0x06. [holdExit]
Re: Upgrade 4.1->4.2->4.3
What Nick said. But most probably - you didn't enable dhcpd in rc.conf. On 4/27/08, Damon McMahon <[EMAIL PROTECTED]> wrote: > Greetings, > > Can anyone enlighten me as to why DHCP clients are no longer > retrieving their domain name from my OpenBSD DHCP/DNS server which I > recently upgraded from 4.1 to 4.3 via 4.2? DHCP and DNS seems to > functioning normally otherwise... > > Any advice appreciated (as always), > Damon > > -- Sent from Gmail for mobile | mobile.google.com http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
Re: vpn, isakmpd, and X509 certificates
On 2008-04-27, Marten Rizwan <[EMAIL PROTECTED]> wrote: > Great idea, I just systraced isakmpd Oh nice, I never thought of using systrace like that. Much easier to read than kdump output as a first step when looking at this sort of problem, thanks for the idea :-)
web development on OpenBSD
Hello, I plan to develop a money management app for personal use on OpenBSD. Since I am not big on any backend /prog.language I have decided to ask the experts, what should i choose. Based on the consensus and depth of a response, I will devote my time studying that language/server and try to build this app. requirement: Browser based app. with AJAX (multiuser if possible) my_hardware_limitation: 40gig disk, 1GB RAM , no video RAM, pentium 4 CPU 2GHz Level of expertise: starter which components will be a good fit?: 1. Backend: MySQL or SQLite 2. webserver: apache or Lighttpd 3. development language: PHP or Java or Javascript (and XML I guess) Thanks in advance. -BG ~~aapka kalyan ho~~
Re: Nvidia Quadro NVS 140M
On 2008-04-27, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2008-04-27, Jason Beaudoin <[EMAIL PROTECTED]> wrote: >>> I talked with the nvidia guy and he assured me that there is no way >>> that they'll fix this in the open source driver. >>> >> >> that's rather horrendous.. >> anymore info on this? Was he referring to the nv developers from being >> able to "figure out" the magick? or that his nVidia people were >> unwilling to intervene? both? > > The nv developers *are* nVidia. Ah, it was pointed out offlist that I didn't look far enough back in the history of the driver, this is only the recent work (basically adding ids and a few smaller changes), the original driver is not from them. But it is still not a maintainable driver.
Re: web development on OpenBSD
> which components will be a good fit?: > > 1. Backend: MySQL or SQLite > 2. webserver: apache or Lighttpd > 3. development language: PHP or Java or Javascript (and XML I guess) > > Thanks in advance. > -BG I would give PostgreSQL a look, it doesn't get as much press as MySQL, But it is VERY solid, and it is BSD licensed Sam Fourman Jr.
Redirect traffic based on sub-domain?
Hi, Is it possible to have PF redirecting traffic based on sub-domains? I.e. I want traffic to a.mydomain.nu to be redirected to machine 'a and traffic to b.mydomain.nu to be redirected to machine 'b'.' /Markus
Acer Aspire 3004WLCi and 4.3
Got my 4.3 cd's 4 days ago :) Thanks for a great system. I have installed 4.3 on this laptop and have a few problems: 1). using pkg_add to install packages from cd is very slow: it took over 5 minutes to install firefox and over 10 minutes to install abiword. 2). "startx" takes a minimum of 80 seconds to load fvwm, and over 2 minutes to load windowmaker. I have tried with no /etc/X11/xorg.conf, with the sis driver, and then finally with the vesa driver. Not enough time difference to mention. 3). After running X, it takes 10 minutes for Firefox to load and bring up the initial screen/url. Just to start firefox, type in my webmail url, check mail, logout, and shutdown firefox takes 19 minutes (I've tried that 3 times). When loading, firefox uses 95% cpu according to "top". 4). I noticed while trying to install packages, perl uses over 90% cpu, and that is installing from console without X running. 5). Creating keys on first boot too so long I left the room after 5 minutes and kept checking till about 15 minutes when they were finally made. This all has happened after a fresh install. FWIW- FreeBSD 7.0 won't even install on this laptop. I have tried installing 4.3 before and after FreeBSD in case I did something wrong during installation. During installation I installed all packages (including x*.tgz). Any help appreciated on fixing this. I have never tried installing any bsd on a laptop till trying this one. Is there something I need to know to do first? btw- I installed 4.3 on a 500mhz Dell Optiplex GX1 and it is great :) The machine is AMD 1.8ghz with 512 megs ram. OpenBSD partition is 12 gig. Here is dmesg: OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Mobile AMD Sempron(tm) Processor 3100+ ("AuthenticAMD" 686-class, 256KB L2 cache) 1.81 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3 cpu0: AMD erratum 89 present, BIOS upgrade may be required real mem = 468217856 (446MB) avail mem = 444559360 (423MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 02/20/06, BIOS32 rev. 0 @ 0xfd5f0, SMBIOS rev. 2.31 @ 0x1befb000 (24 entries) bios0: vendor Acer version "3A32" date 02/20/06 bios0: Acer, inc. Aspire 3000 Acpi0 at bios0: rev 0 acpi0: tables DSDT FACP SSDT APIC BOOT acpi0: wakeup devices PCI0(S5) LAN_(S5) MODM(S3) USB0(S3) USB1(S3) USB2(S3) USB3(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiprt0 at acpi0: bus 0 (PCI0) acpiec0 at acpi0 acpicpu0 at acpi0: C3, C2, PSS acpitz0 at acpi0: critical temperature 97 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 not present acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PWRB acpibtn2 at acpi0: SLPB bios0: ROM list: 0xc/0xc000 0xdc000/0x8000! cpu0 at mainbus0 cpu0: PowerNow! K8 1801 MHz: speeds: 1800 1600 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "SiS 760 PCI" rev 0x03 agp0 at pchb0: aperture at 0xe000, size 0x40 ppb0 at pci0 dev 1 function 0 "SiS 86C202 VGA" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "SiS 6330 VGA" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pcib0 at pci0 dev 2 function 0 "SiS 85C503 System" rev 0x25 pciide0 at pci0 dev 2 function 5 "SiS 5513 EIDE" rev 0x00: 760: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 "SiS 7013 Modem" rev 0xa0 at pci0 dev 2 function 6 not configured auich0 at pci0 dev 2 function 7 "SiS 7012 AC97" rev 0xa0: irq 5, SiS7012 AC97 ac97: codec id 0x414c4770 (Avance Logic ALC203 rev 0) ac97: codec features headphone, 20 bit DAC, 18 bit ADC, No 3D Stereo audio0 at auich0 ohci0 at pci0 dev 3 function 0 "SiS 5597/5598 USB" rev 0x0f: irq 9, version 1.0, legacy support ohci1 at pci0 dev 3 function 1 "SiS 5597/5598 USB" rev 0x0f: irq 11, version 1.0, legacy support ehci0 at pci0 dev 3 function 2 "SiS 7002 USB" rev 0x00: irq 10 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "SiS EHCI root hub" rev 2.00/1.00 addr 1 sis0 at pci0 dev 4 function 0 "SiS 900 10/100BaseTX" rev 0x91: irq 3, address 00:16:36:3c:14:4a rlphy0 at sis0 phy 13: RTL8201L 10/100 PHY, rev. 1 cbb0 at pci0 dev 6 function 0 "TI PCI1510 CardBus" rev 0x00: couldn't map interrupt bwi0 at pci0 dev 11 function 0 "Broadcom BCM4318" rev 0x02: irq 4, address 00:16:ce:49:a8:e1 pchb1 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb2 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb4 at pci0 de
Re: Redirect traffic based on sub-domain?
On Sun, Apr 27, 2008 at 5:44 PM, Markus Bergkvist <[EMAIL PROTECTED]> wrote: > Hi, > > Is it possible to have PF redirecting traffic based on sub-domains? I.e. I > want traffic to a.mydomain.nu to be redirected to machine 'a and traffic to > b.mydomain.nu to be redirected to machine 'b'.' No. >From the pf.conf man page (http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html) pf(4) has the ability to block and pass packets based on attributes of their layer 3 (see ip(4) and ip6(4)) and layer 4 (see icmp(4), icmp6(4), tcp(4), udp(4)) headers. In addition, packets may also be assigned to queues for the purpose of bandwidth control. > > /Markus > > Look into reverse proxies: http://www.sans.org/reading_room/whitepapers/webservers/302.php Axton Grams
MPLS (Yay!)
Hi Misc@, Last weekend I took a peek at daily changelog. Suprising enough to see that MPLS actually made it. Wow! OpenBSD maybe the only multiplatform OS, that could turn a desktop into a MPLS router.. Great Job guys! (I wonder when you guys start on 802.1ad & 802.1ah :D) Cheers, Insan -- insandotpraja(at)gmaildotcom
Re: Redirect traffic based on sub-domain?
> -Urspr|ngliche Nachricht- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von Markus Bergkvist > Gesendet: Sonntag, 27. April 2008 23:45 > An: OpenBSD Misc > Betreff: Redirect traffic based on sub-domain? > > Hi, > > Is it possible to have PF redirecting traffic based on > sub-domains? I.e. > I want traffic to a.mydomain.nu to be redirected to machine 'a and > traffic to b.mydomain.nu to be redirected to machine 'b'.' > > /Markus > > Hi, that's not possible because the dns-name is not transmitted. It's only used for ip-lookup (http is IMHO the only exception). Regards Hagen Volpers
Re: MPLS (Yay!)
On Sun, Apr 27, 2008 at 4:28 PM, Insan Praja SW <[EMAIL PROTECTED]> wrote: > Hi Misc@, > Last weekend I took a peek at daily changelog. Suprising enough to see that > MPLS actually made it. Wow! > OpenBSD maybe the only multiplatform OS, that could turn a desktop into a > MPLS router.. Great Job guys! > (I wonder when you guys start on 802.1ad & 802.1ah :D) there is a significant amount of work to be done to make OpenBSD a usable LER. but yeah, it's very exciting...to me at least. aaron.glenn
Re: web development on OpenBSD
On Sun, Apr 27, 2008 at 6:21 PM, Sam Fourman Jr. <[EMAIL PROTECTED]> wrote: > > which components will be a good fit?: > > > > 1. Backend: MySQL or SQLite > > 2. webserver: apache or Lighttpd > > 3. development language: PHP or Java or Javascript (and XML I guess) > > > > Thanks in advance. > > -BG > > I would give PostgreSQL a look, it doesn't get as much press as MySQL, > But it is VERY solid, and it is BSD licensed I've also found it much easier to maintain than MySQL. As far as language, you should look for something that looks "fun" to you. Language's are really all over the place, it really depends on what looks like you are going to want to develop in it. Perl is popular as it is on nearly every *nix system in the world (it is also what the pkg_* tools are written in), Ruby is popular with its Ruby on Rails web framework (there is a lot more to Ruby than Rails fyi) and finally Python which is popular and I would recommend. But what matters to me may not matter to you. Take a look at some tutorials and find something that you _want_ to program in. (Sorry Sam for the spam). -- # Curt Micol
Re: MPLS (Yay!)
On Mon, 28 Apr 2008 07:00:47 +0700, Aaron Glenn <[EMAIL PROTECTED]> wrote: On Sun, Apr 27, 2008 at 4:28 PM, Insan Praja SW <[EMAIL PROTECTED]> wrote: Hi Misc@, Last weekend I took a peek at daily changelog. Suprising enough to see that MPLS actually made it. Wow! OpenBSD maybe the only multiplatform OS, that could turn a desktop into a MPLS router.. Great Job guys! (I wonder when you guys start on 802.1ad & 802.1ah :D) there is a significant amount of work to be done to make OpenBSD a usable LER. but yeah, it's very exciting...to me at least. aaron.glenn I share the same excitement Aaron, glad that I'm not alone :D -- insandotpraja(at)gmaildotcom
Re: MPLS (Yay!)
Me too! I can't wait to play with this. Thanks guys! N On Sun, Apr 27, 2008 at 8:00 PM, Aaron Glenn <[EMAIL PROTECTED]> wrote: > On Sun, Apr 27, 2008 at 4:28 PM, Insan Praja SW <[EMAIL PROTECTED]> > wrote: > > Hi Misc@, > > Last weekend I took a peek at daily changelog. Suprising enough to see > that > > MPLS actually made it. Wow! > > OpenBSD maybe the only multiplatform OS, that could turn a desktop into > a > > MPLS router.. Great Job guys! > > (I wonder when you guys start on 802.1ad & 802.1ah :D) > > there is a significant amount of work to be done to make OpenBSD a > usable LER. but yeah, it's very exciting...to me at least. > > aaron.glenn
irc
Is there an official OpenBSD IRC channel? thank you, and i am sorry but couldnt find info about it in faqs
Re: irc
[EMAIL PROTECTED] wrote: Is there an official OpenBSD IRC channel? thank you, and i am sorry but couldnt find info about it in faqs use the archives, this has been discussed.
Re: web development on OpenBSD
On Sun, Apr 27, 2008 at 4:29 PM, badeguruji <[EMAIL PROTECTED]> wrote: > Hello, > > requirement: Browser based app. with AJAX (multiuser if possible) > my_hardware_limitation: 40gig disk, 1GB RAM , no video RAM, pentium 4 CPU > 2GHz > Since people were running multi user systems on UNIX on 64k of ram in the past, this should not present any kind of issue. You'd probably want to investigate tools that allow you to profile usage so that you can see which parts of your code suck the most time and can be improved upon. > which components will be a good fit?: > > 1. Backend: MySQL or SQLite > 2. webserver: apache or Lighttpd > 3. development language: PHP or Java or Javascript (and XML I guess) As others have mentioned - postgresql. Superior database, scalable above 8 cpus, unlike mysql. And everything comes with it, unlike mysql, where you have to pay for "enterprise features" (at least 4.x, no idea about 5.x). If you want to run it on a default openbsd box - apache 1.3. On language - remember, PHP's design goal (as late as v3) was for complete non-programmers to be able to pick it up and write programs immediately. You can imagine how that can cause issues for security. Most libraries or add-ons you install for PHP require you to run in insecure mode. PHP is the opensource answer to visual basic, in the "yes, we can create absolute insecure crap too" sense. If you want to do something similar to what openbsd is doing, use C. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
Re: Nvidia Quadro NVS 140M
On Sun, Apr 27, 2008 at 07:09:02PM +, Matthew Szudzik wrote: > > It's so fucking hard to find a correct laptop where most everything will > > work correctly these days... > > Generally, the best-supported laptops on OpenBSD are the Lenovo > ThinkPads. isn't espie griping about a thinkpad? I bought an acer, on clearance, for $350 from CircuitCity, more or less on a whim. everything but the card reader works. the intel graphics actually works better than any of the graphics devices in other machines I have. I think the best advice: buy something you can return. the first laptop I got (it was $300), almost nothing was supported, so I took it back and got the acer instead. -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
Re: irc
On Mon, 28 Apr 2008 03:03:06 +0200 [EMAIL PROTECTED] wrote: > Is there an official OpenBSD IRC channel? > thank you, and i am sorry but couldnt find info about it in > faqs > > I know how frustrating it is to get an answer like: look elsewhere, or search the archives so... You would be best served to use freenode. -- Best regards, Chris () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments "There's no place like 127.0.0.1" [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: Redirect traffic based on sub-domain?
On Sun, Apr 27, 2008 at 5:44 PM, Markus Bergkvist < [EMAIL PROTECTED]> wrote: > Hi, > > Is it possible to have PF redirecting traffic based on sub-domains? I.e. I > want traffic to a.mydomain.nu to be redirected to machine 'a and traffic > to b.mydomain.nu to be redirected to machine 'b'.' > What you want is a reverse proxy, assuming you're talking about http. Not sure if relayd will do it, but certainly apache and pound would both do it. Otherwise, you'll need an application reverse proxy if you're not talking about http/s. If you're talking about general TCP/IP traffic - think about what a domain name or FQDN is - at the packet level, is the FQDN part of the 3 way handshake? -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
Re: RAID 0+1
Lars NoodC)n wrote: I'm looking to set up a test unit this summer to try RAID 1+0 or 3+0. The goal is to be able to stream data quickly but tolerate loss of at least one disk at a time. It looks like there are three options supporting at least RAID level 0 and 1, can/should any of these be stacked yet? softraid http://www.openbsd.org/cgi-bin/man.cgi?query=softraid raidframe http://www.openbsd.org/cgi-bin/man.cgi?query=raid ccd http://www.openbsd.org/cgi-bin/man.cgi?query=ccd It looks like one disk (or CF) is needed for a base OpenBSD system, and the other 4+ for RAID. Is that the best way to ensure unattended booting? Also, what kind of data would you want back on the tests? It's early enough that I can work it into the plans. Regards, -Lars Hey Lars, I'm using raidframe with 1+0. From my reading of the raidctl(8) man page it looks like you can compose raid sets from any valid devices, including other properly configured raidframe devices. If you're interested I'll send you my /etc/raid*.conf files. I'm sure you know this but for posterity, read the raidctl(8) man page closely. Everything is in there. Nevertheless, it took me two passes to figure out how to get auto configuration working correctly. As for test results, I'd be interested in throughput performance when a drive is taken out of the pool (failed) and throughput performance while the array is rebuilding once a spare has been brought online. Cheers, Aaron
Re: web development on OpenBSD
On Mon, Apr 28, 2008 at 6:50 AM, bofh <[EMAIL PROTECTED]> wrote: > As others have mentioned - postgresql. Superior database, scalable above 8 > cpus, unlike mysql. And everything comes with it, unlike mysql, where you > have to pay for "enterprise features" (at least 4.x, no idea about 5.x). > > If you want to run it on a default openbsd box - apache 1.3. > > On language - remember, PHP's design goal (as late as v3) was for complete > non-programmers to be able to pick it up and write programs immediately. > You can imagine how that can cause issues for security. Most libraries or > add-ons you install for PHP require you to run in insecure mode. PHP is the > opensource answer to visual basic, in the "yes, we can create absolute > insecure crap too" sense. If you want to do something similar to what > openbsd is doing, use C. [...] IMHO, C is not very easy to pick up for a started, and is not very well suited for web-development (well, yes, there are web apps in C, but they are exceptions than the norm). I strongly recommend python, as I find it easier to learn and get productive. Plus it allows you to use object orientation, once you are comfortable with it. -Amarendra
Re: web development on OpenBSD
Hi there, I was in a similar position to you a few months ago. I decided to go with Ruby on Rails, it's really simple! But to get the most out of it you should buy a book. "Agile Development with rails" is a good one. It might be worth reading a php + mysql tutorial just to see how yucky it is. Kind regards, Timothy.
Re: web development on OpenBSD
On Sun, Apr 27, 2008 at 10:50 PM, Amarendra Godbole < [EMAIL PROTECTED]> wrote: > IMHO, C is not very easy to pick up for a started, and is not very > well suited for web-development (well, yes, there are web apps in C, > but they are exceptions than the norm). I strongly recommend python, > as I find it easier to learn and get productive. Plus it allows you to > use object orientation, once you are comfortable with it. Python is good. Google hired the guy who wrote python, so you know the language will be well supported. -- http://www.glumbert.com/media/shift http://www.youtube.com/watch?v=tGvHNNOLnCk "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation. "Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted." -- Gene Spafford learn french: http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related
Re: Redirect traffic based on sub-domain?
On Sun, Apr 27, 2008 at 2:44 PM, Markus Bergkvist <[EMAIL PROTECTED]> wrote: > Is it possible to have PF redirecting traffic based on sub-domains? I.e. I > want traffic to a.mydomain.nu to be redirected to machine 'a and traffic to > b.mydomain.nu to be redirected to machine 'b'.' Only if each of those domains resolve to a separate IP address. Otherwise you'll have to use a layer 7 proxy.
symon/symux and syweb PF reporting
Hi, I have symon, symux working and reporting on 2 of the systems. How do I get more graphs for PF ? Currently I only see bytes in/out for PF graph? Thanks