Re: Backup disk over USB good idea??

[Edho P Arief]

On Fri, Dec 18, 2009 at 12:31 AM, Mauro Rezzonico l...@ch23.org wrote:
 Joakim Aronius wrote:

 I have an old home server which ran out of disk space

 I added a big disk over USB which I use for
 backup (mounted on /backup).

 Well don't do that!

 Mount under /usr/backup, or /var/backup, or /tmp/backup or whatever!


can you please enlighten me on why that's a bad thing?

-- 
O ascii ribbon campaign - stop html mail - www.asciiribbon.org

[Programme TV] Vendredi 18 Décembre 2009

[Télé Loisirs]

Si ce message ne s'affiche pas correctement, voir ici

Ajoutez tele-lois...@ml.tv-news.fr ` votre carnet d'adresses pour
recevoir vos programmes plus facilement

Programme-TV.net - TC)lC) Loisirs

Votre programme TV
Vend redi 18 DC)cembre 2009

DC)couvrez immC)diatement si vous avez gagnC) ICI!

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

[IMAGE]

*Consulter le rC(glement

Jeu gratuit sans obligation d'achat. Photos non contractuelles.
ConformC)ment C  la loi B+ informatique et libertC)s B; du 6 janvier
1978, vous pouvez C  tout moment demander C  accC)der, faire rectifier ou
supprimer les informations personnelles vous concernant ou vous opposer
C  leur traitement par Sofinco.
Les logos ou les marques reprC)sentC)s sont la propriC)tC) de leurs
titulaires respectifs.
Tout droit rC)servC).

[IMAGE]

A la une

Pernaut attaqui par des boules
de neige ! (VIDEO)

Pernaut attaqui par des boules de neige ! (VIDEO)

Azap (W9) : Des imissions spiciales !

Azap (W9) : Des imissions spiciales !

Susan Boyle : M6 vous a trompis
! (Incroyable Talent)

Susan Boyle : M6 vous a trompis ! (Incroyable Talent)

Les Guignols : Guerre Le Figaro-Canal +

Les Guignols : Guerre Le Figaro-Canal +

plus de news...

Vidio du jour
Smaon (Incroyable Talent)
Interview de Smaon, juri de l'imission La France a un incroyable talent
(M6).

Vos programmes

TF1

Le grand duel des ginirations

20h45
Le grand duel des...
divertissement

Sans aucun doute

23h15
Sans aucun doute
culture-infos

France 2

Juste un peu d'@mour

20h35
Juste un peu d'@mour
divertissement

Central nuit

22h10
Central nuit
series-tv

France 3

Thalassa

20h35
Thalassa
culture-infos

Vie privie, vie publique,
l'hebdo

23h00
Vie privie, vie...
culture-infos

Canal+

Ratatouille

20h50
Ratatouille
jeunesse

Spicial investigation

22h40
Spicial investigation
culture-infos

Arte

Le retour de Jack l'iventreur

20h45
Le retour de Jack...
series-tv

Tracks

23h05
Tracks
divertissement

M6

NCIS : enqujtes spiciales

20h40
NCIS : enqujtes...
series-tv

Sons of Anarchy

23h05
Sons of Anarchy
series-tv

Vos programmes TNT

France 4

La route du rire

20h35
La route du rire
divertissement

FBI : portis disparus

22h40
FBI : portis disparus
series-tv

France 5

Empreintes

20h35
Empreintes
culture-infos

Cafi Picouly

21h35
Cafi Picouly
divertissement

Direct 8

L'icole des stars

20h40
L'icole des stars
divertissement

Les perles du net

22h45
Les perles du net
divertissement

W9

Enqujte d'action

20h35
Enqujte d'action
culture-infos

Enqujte d'action

23h15
Enqujte d'action
culture-infos

TMC

Une femme d'honneur

20h40
Une femme d'honneur
divertissement

Une femme d'honneur

22h15
Une femme d'honneur
divertissement

NT1

Mission sauvage

20h35
Mission sauvage
culture-infos

Catch Attack

22h35
Catch Attack
sport

NRJ 12

Voyage au centre de la terre

20h35
Voyage au centre de la terre
divertissement

La nuit nous appartient

23h45
La nuit nous appartient
divertissement

La Channe Parlementaire / Public Sinat

Entre les lignes

19h30
Entre les lignes
culture-infos

Un monde de bulles

23h00
Un monde de bulles
divertissement

Virgin 17

L'nle de la tentation US (Saison
3)

20h35
L'nle de la...
divertissement

Touche pas ` mon fils ! (Saison 1)

23h05
Touche pas ` mon...
divertissement

Gulli

Les petits ginies des affaires

20h35
Les petits ginies...
jeunesse

Gulli Mag

22h30
Gulli Mag
culture-infos

France T

Zandoli pa tini pat

20h35
Zandoli pa tini pat
divertissement

9 semaines et 1 jour

22h00
9 semaines et 1 jour
divertissement

Faites des ECONOMIES en 2009

[IMAGE]

BlC)dina vous couvre de cadeaux !

ici

[IMAGE]

DC)couvrez immC)diatement si vous avez gagnC) 1000 b, !

ici

[IMAGE]

Gagnez une semaine de vacances au ski A VIE

ici

[IMAGE]

Vous avez C)tC) sC)lectionnC)(e) pour gagner 3 bagues diamants

ici

[IMAGE]

Offrez C  bC)bC), son 1er shopping d'une valeur de 1000 euros

ici

[IMAGE]

Devenez propriC)taire de votre vignoble : vos bouteilles C  votre nom !

ici

[IMAGE]

Etes-vous le gagnant des 2 000 euros offert par Cdiscount ?

ici

[IMAGE]

Remportez 10 000 euros grCce C  la Redoute

ici

[IMAGE]

Remportez des sC)jours dC)tente 4* en Espagne et bien d'autres cadeaux

ici

[IMAGE]

Faites le plein de cadeaux pour vos vacances d'hiver !

ici

[IMAGE]

OpC)ration 100 % remboursC) !

ici

[IMAGE]

DC)couvrez immC)diatement si vous avez gagnC) les 5 000 euros CASH !

ici

[IMAGE]

DC)fiez vos amis au Trivial Pursuit ! Serez vous le meilleur ?

ici

[IMAGE]

BOSCH vous offre l'appareil C)lectromC)nager de votre choix !

ici

[IMAGE]

Gagnez un voyage aux Seychelles !

ici

[IMAGE]

TC)lC)chargez GRATUITEMENT et LEGALEMENT vos chansons prC)fC)rC)es

ici

[IMAGE]

Gagnez 1 an de Dentastix pour votre chien

ici

Besoin de vacances ? Ne les payez pas ! Gagnez les !

ici

[IMAGE]

Repartez avec UN AN DE SALAIRE en poche !

ici

[IMAGE]

Venez remporter votre voyage en RC)p Dom !

ici

[IMAGE]

Remportez 

Root file system is growing strangely

[Daniel Zhelev]

Hello list.
I`ve set up a little bash script to tell me when some file system is over
95% full and after a month I got a mail
about my root file system ( / ) after log in I sow that the root file system
is over 100%. That is fine I tried to
do a search for big and nasty files and so on but after a hour magically the
file system was at 20%.
That got me very worried about any security issue, but nothing was missing
and so on.
The issue is that the file system continues to grow about a 2 presents a
day, which is strange.
Here is some output:

Filesystem SizeUsed   Avail Capacity  Mounted on
/dev/wd0a 1005M251M704M26%/
/dev/wd0k 46.7G   26.0K   44.4G 0%/home
/dev/wd0d  3.9G8.0K3.7G 0%/tmp
/dev/wd0f  2.0G615M1.3G32%/usr
/dev/wd0g 1005M145M809M15%/usr/X11R6
/dev/wd0h  5.4G206M5.0G 4%/usr/local
/dev/wd0i  2.0G619M1.3G32%/usr/src
/dev/wd0e  8.9G585M7.8G 7%/var
/dev/wd0j  2.0G961M951M50%/usr/obj
/dev/wd1a  295G562M280G 0%/storage/storages
/dev/wd1b  110G   20.7G   83.7G20%/storage/windows

r...@sgate:/root# find / -xdev -size +1000 -type f | xargs ls -laSh
-rwxr-xr-x  1 root  wheel   6.9M Nov 25 16:39 /bsd
-rw-r--r--  1 root  wheel   6.9M Nov 25 14:16 /obsd
-rw-r--r--  1 root  wheel   5.8M Nov 25 14:16 /bsd.rd
-r-xr-xr-x  1 root  bin 1.2M Dec  7 15:05 /sbin/isakmpd
-r--r--r--  1 root  bin 526K Dec  7 15:06 /etc/magic

r...@sgate:/root# find / -xdev -mtime -1 -type f | xargs ls -laSh
-rw---  1 root  wheel   2.0K Dec 18 03:09 /etc/pf.conf
-rw-r--r--  1 root  wheel   507B Dec 18 03:08 /etc/hosts
-rw-r--r--  1 root  wheel 0B Dec 18 02:49 /etc/resolv.conf


The other strange thing is that I`ve set up the /etc/daily root backup
and here is the compare between two discs:

/dev/wd1d 1005M   42.2M912M 4%/altroot
/dev/wd0a 1005M251M704M26%/

since /altroot is exact dd copy of / isn`t they at the same size?

Thank you for your time
Best regards.

Re: vi in /bin

[Igor Sobrado]

On Fri, Dec 18, 2009 at 6:07 AM, David Gwynne l...@animata.net wrote:
 On 18/12/2009, at 1:26 PM, Raymond Lillard wrote:

 Real men use cat. :-)

 real men use COPY CON PROGRAM.EXE

real men use EDIT/TECO.

Re: vi in /bin

[Han Boetes]

I just compiled mg statically and put it in /bin, which is rather
simple:

Add 'LDFLAGS+=-static' somewhere in the makefile with your
favourite editor. And then run:

$ make
$ strip mg
$ ldd mg
$ ls -l mg
$ sudo install mg /bin/mg

400kb! that barely larger than a dynamic vi :-)



# Han

Re: vi in /bin

[Paul M]

On 18/12/2009, at 7:09 PM, Chris Bennett wrote:


Brad Tilley wrote:

On Thu, 17 Dec 2009 17:12 -0800, Randal L. Schwartz
mer...@stonehenge.com wrote:
  stuff

Just out of curiosity, my emergencies usually involve having
to edit /etc/fstab that has entries that no longer apply after
moving disks around.
I just export TERM=xterm, fsck /usr and / mount both rw and vi away


In the past, I've kept a basic fstab so that when my disks dont
mount as they should for any reason, I can move /etc/fstab out the
way, replace it with my simple one, and bingo - no editing required.


paulm

Re: vi in /bin

[Gregory Edigarov]

On Fri, 18 Dec 2009 10:28:25 +0100
Igor Sobrado igor.sobr...@gmail.com wrote:

 On Fri, Dec 18, 2009 at 6:07 AM, David Gwynne l...@animata.net
 wrote:
  On 18/12/2009, at 1:26 PM, Raymond Lillard wrote:
 
  Real men use cat. :-)
 
  real men use COPY CON PROGRAM.EXE
 
 real men use EDIT/TECO.
 
real men use XEDIT.

-- 
With best regards,
Gregory Edigarov

Re: BSD and Active Directory?

[Joakim Dellrud]

Okay, I have understood that there is some difference between a solution and
another. But what I need to do is to pull a user with the unix attributes in
a 2k3 ad server to a bsd machine. It is already working seamless in a centos
enviroment. But there is the nsswitch and pam. My problem is that I have to
use the smallest amount possible of space and packages for this to work. For
the record I already have the UNIX SFU installed (thought I did mention
that).

I had the impression that ypldap.conf is equal to the ldap.conf I use in the
centos env. Is that not the case? Is ypldap not used to bind against an ad
with a user and pull info that then are used to auth against?

==

I don't know if I need to clarify what I want to do but I will anyway:
The existing Active Directory (with SFU) are going to host two types of
users one USER with one password and another USER.root with a different
password. Then when I ssh against one server I want to use my USER and when
inside I use kinit USER.root to gain a root ticket (afterwards I use ksu
to elevate the USER to the local root account). In Centos I've managed to
make this work through editing of /etc/krb5.conf, /etc/openldap/ldap.conf,
/etc/ldap.conf, /etc/nsswitch.conf and /etc/pam.d/system-auth. The same
applies to all the debian based systems. What I am aiming for is to have the
possiblity in BSD just to ssh with my USER and then use su(?) to change to
my USER.root. The trouble I'm having is that ypldap.conf does not give the
functionality I want and login_ldap seems to do nothing. I know the error is
with me so what have I done wrong. The kerberos is working against the AD
and I can get tickets but to be able to have all users in one place I need
the AD to LDAP connection and this is where I fail.

Here is a getent passwd from a centos host (it is still in testing :P)

  unixUser:*:10001:7:TEST:/home/bananas:/bin/bash
  UnixUser.root:*:10005:7:TEST:/home/bananas:/bin/false
  test:*:10006:7:test:/home/bananas:/bin/bash
  root:x:0:0:root:/root:/bin/bash

I want the same to be the case on the bsd but I'm stuck at the error:
yp_first: clnt_call: RPC : Timed out. My first thought was that there was
something in the DNS/name space that where giving me trouble but even when I
change to the IP of the AD it wont work. I've checked and the kerberos
connection never fails.

// Regards Spixx

Re: Root file system is growing strangely

[Joachim Schipper]

On Fri, Dec 18, 2009 at 10:36:46AM +0200, Daniel Zhelev wrote:
 Hello list.
 I`ve set up a little bash script to tell me when some file system is
 over 95% full and after a month I got a mail about my root file system
 ( / ) after log in I sow that the root file system is over 100%. That
 is fine I tried to do a search for big and nasty files and so on but
 after a hour magically the file system was at 20%.  That got me very
 worried about any security issue, but nothing was missing and so on.
 The issue is that the file system continues to grow about a 2 presents
 a day, which is strange.

 Here is some output:
 
 Filesystem SizeUsed   Avail Capacity  Mounted on
 /dev/wd0a 1005M251M704M26%/
 /dev/wd0k 46.7G   26.0K   44.4G 0%/home
 /dev/wd0d  3.9G8.0K3.7G 0%/tmp
 /dev/wd0f  2.0G615M1.3G32%/usr
 /dev/wd0g 1005M145M809M15%/usr/X11R6
 /dev/wd0h  5.4G206M5.0G 4%/usr/local
 /dev/wd0i  2.0G619M1.3G32%/usr/src
 /dev/wd0e  8.9G585M7.8G 7%/var
 /dev/wd0j  2.0G961M951M50%/usr/obj
 /dev/wd1a  295G562M280G 0%/storage/storages
 /dev/wd1b  110G   20.7G   83.7G20%/storage/windows
 
 r...@sgate:/root# find / -xdev -size +1000 -type f | xargs ls -laSh
 -rwxr-xr-x  1 root  wheel   6.9M Nov 25 16:39 /bsd
 -rw-r--r--  1 root  wheel   6.9M Nov 25 14:16 /obsd
 -rw-r--r--  1 root  wheel   5.8M Nov 25 14:16 /bsd.rd
 -r-xr-xr-x  1 root  bin 1.2M Dec  7 15:05 /sbin/isakmpd
 -r--r--r--  1 root  bin 526K Dec  7 15:06 /etc/magic
 
 r...@sgate:/root# find / -xdev -mtime -1 -type f | xargs ls -laSh
 -rw---  1 root  wheel   2.0K Dec 18 03:09 /etc/pf.conf
 -rw-r--r--  1 root  wheel   507B Dec 18 03:08 /etc/hosts
 -rw-r--r--  1 root  wheel 0B Dec 18 02:49 /etc/resolv.conf

 The other strange thing is that I`ve set up the /etc/daily root backup
 and here is the compare between two discs:
 
 /dev/wd1d 1005M   42.2M912M 4%/altroot
 /dev/wd0a 1005M251M704M26%/
 
 since /altroot is exact dd copy of / isn`t they at the same size?

It's quite possible that some process is holding open a file descriptor
to a file which has no links from the filesystem. To see this, run 'vi
bigfile', suspend, and run 'rm bigfile'. The space is still used. Then
quit vi, and optionally run 'sync', and you'll see the space has been
reclaimed.

To see which process is the culprit, try fstat.

(Note that this is only one possibility!)

Joachim

Re: Backup disk over USB good idea??

[Jussi Peltola]

On Fri, Dec 18, 2009 at 02:51:34PM +0700, Edho P Arief wrote:
 can you please enlighten me on why that's a bad thing?

Filling up / can be more annoying than filling up /usr.

It's better to make sure your mounts work and not try to work around
broken systems, though.

Re: No RTF_UP after route change to an interface that is up

[Claudio Jeker]

On Thu, Dec 17, 2009 at 09:17:12PM +, Stuart Henderson wrote:
 On 2009-12-15, Doran Mori dhm...@gmail.com wrote:
  It looks like the last road block in my router project is going to be
  similar to Vladimir Kirillov's problem.  In my case I'm having a
  downed link layer host route take precedence over an up ospf /32 route
 
 So it seems that any host routes, even RTP_DOWN, take priority over
 higher priority net routes for the same address.
 

Host routes are allways more specific then network routes (even /32 ones).
So they will used in that case. Currently the lookup will not try less
specific routes in case their RTP_DOWN (or actually not RTF_UP). This
could be regarded as bug -- the code is just too insane to fix it easily.

 This explains a little trouble I've been having when I restart ospfd
 (which I do a bit more often than is good for me, but haven't been able
 to put my finger on exactly why I have to...)
 

Hmm. If you know what goes wrong I will try to fix it :)

 My bgp routers run sessions between loopbacks on lo1 which are advertised
 into ospf. My defaults are localhost -reject routes. A pretty typical setup
 for a network with multiple links between routers.
 
 If I stop and restart ospfd on router X, typically the bgp sessions
 go down, and if I go to the other routers I see dynamic host routes
 directing X's traffic towards 127.0.0.1;
 
 Y# route -n get X
route to: aa.bb.cc.9
 destination: aa.bb.cc.9
 gateway: 127.0.0.1
   interface: lo0
  if address: 127.0.0.1
priority: 56 (default)
   flags: UP,GATEWAY,HOST,DYNAMIC,DONE
  use   mtuexpire
41060 33160L  522
 
 Y# netstat -rnfinet | grep aa.bb.cc.9
 aa.bb.cc.9   127.0.0.1  UGHD   241188 33160 L  56 lo0
 aa.bb.cc.9/32aa.bb.cc.244   UGP00 -32 vlan2244
 aa.bb.cc.9/32aa.bb.cc.243   UGP00 -32 vlan2244
 
 and I have to route delete aa.bb.cc.9 to get things flowing again.
 I'm not quite sure why it's RTF_DYNAMIC, ICMP redirects are off and
 I haven't spotted where other than ICMP redirects that sets this,
 so I'm not entirely sure where this entry has come from.
 

This is PMTU fucking around because TCP is no longer getting ACKs back and
so it goes and tries to disable PMTU by creating a dynamic route cloned
from the parent route. In your case that's the default reject route.
Now that's totaly stupid I know and especially the created route is
wrong in so far that the reject bit is dropped. It is also questionable
why we should create a dynamic route cloned from a reject or blackhole
route.

 All pretty recent code, Y is running Nov 11th, X running Dec 14th,
 this isn't new though, I have just managed to get past enough other
 problems that I can see it a bit more clearly..;-)
 

As a workaround I would try to use blackhole routes instead of reject ones
and see if this will make the event of TCPs PMTU magic kicking in less
probable.

-- 
:wq Claudio

Leiloes completamente incriveis - IPHONE por €30,97!!!

[Bidoloo.pt]

Caso nco visualize correctamente este e-mail, por favor clique AQUI.






NOTA INFORMATIVA: O presente email destina-se znica e exclusivamente a informar 
potenciais utilizadores e nco pode ser considerado SPAM. De acordo com a 
legislagco internacional que regulamenta o correio electrsnico, o email nco 
pode sera ser considerado SPAM quando incluir uma forma do receptor ser 
removido da lista do emissor. 
Se pretender nco receber mais estes emails clique AQUI.

Unofficial OpenBSD 4.6 USB installer on LiveUSB-OpenBSD page!

[Girish Venkatachalam]

Dear all,

My friend wanted it. I wanted it too just for fun. So I did it.

Please remember, it is 100% unofficial.

This project is not officially or unofficially endorsed by OpenBSD in any way.

So use it at your own risk!

That said, I am quite certain that many of you will benefit in a big
way from a USB installer for OpenBSD 4.6
instead of a DVD/CD install method.

http://liveusb-openbsd.sf.net

and direct download link here:

https://sf.net/projects/liveusb-openbsd/files/usb-inst46.bin/download

It is a lot of fun I tell you.

I recently tested it and it worked like a charm.

I have tried to make the installer as official as I can.

I played no tricks, it is just the CD/DVD installer in the USB  stick. ;)

As to how I did this, that is an altogether different matter.

-Girish

-- 
Gayatri Hitech
web: http://gayatri-hitech.com

SpamCheetah Spam filter:
http://spam-cheetah.com

Re: No RTF_UP after route change to an interface that is up

[Stuart Henderson]

On 2009/12/18 12:31, Claudio Jeker wrote:
  So it seems that any host routes, even RTP_DOWN, take priority over
  higher priority net routes for the same address.
 
 Host routes are allways more specific then network routes (even /32 ones).
 So they will used in that case. Currently the lookup will not try less
 specific routes in case their RTP_DOWN (or actually not RTF_UP). This
 could be regarded as bug -- the code is just too insane to fix it easily.

Hmmm... given this, would it make any kind of sense to have the routing
daemons install /32 as host rather than network routes?

  This explains a little trouble I've been having when I restart ospfd
  (which I do a bit more often than is good for me, but haven't been able
  to put my finger on exactly why I have to...)
 
 Hmm. If you know what goes wrong I will try to fix it :)

The relevant machines were running old code, but this week I've finally
got them over the nat-to bump, so I'll be able to do some meaningful
testing with -current soon (I hate reporting problems unless I know
I've collected enough information to at least point someone in
approximately the right direction ;)

 This is PMTU fucking around because TCP is no longer getting ACKs back and
 so it goes and tries to disable PMTU by creating a dynamic route cloned
 from the parent route. In your case that's the default reject route.
 Now that's totaly stupid I know and especially the created route is
 wrong in so far that the reject bit is dropped. It is also questionable
 why we should create a dynamic route cloned from a reject or blackhole
 route.   

aha...yes this does indeed seem to be the explanation, and certainly
for disabling PMTU, cloning a reject or blackhole route makes no sense.

 As a workaround I would try to use blackhole routes instead of reject ones
 and see if this will make the event of TCPs PMTU magic kicking in less
 probable.

This doesn't noticably help. But now I remember that since I started
sending full BGP tables everywhere I don't actually need a default route
to redist into OSPF any more...and after removing the route completely,
this does work as expected, fixing my immediate problem.

Re: vi in /bin

[Eugene Yunak]

2009/12/18 Gregory Edigarov g...@bestnet.kharkov.ua:
 On Fri, 18 Dec 2009 10:28:25 +0100
 Igor Sobrado igor.sobr...@gmail.com wrote:

 On Fri, Dec 18, 2009 at 6:07 AM, David Gwynne l...@animata.net
 wrote:
  On 18/12/2009, at 1:26 PM, Raymond Lillard wrote:
 
  Real men use cat. :-)
 
  real men use COPY CON PROGRAM.EXE

 real men use EDIT/TECO.

 real men use XEDIT.


REAL men use butterflies

// http://xkcd.com/378/

-- 
The best the little guy can do is what
the little guy does right

Re: vi in /bin

[Dale Rahn]

On Fri, Dec 18, 2009 at 12:09:41AM -0600, Chris Bennett wrote:
 Brad Tilley wrote:
 On Thu, 17 Dec 2009 17:12 -0800, Randal L. Schwartz
 mer...@stonehenge.com wrote:
   
 Brad == Brad Tilley b...@16systems.com writes:
   
 Brad I use ed in emergencies when /usr is inaccessible, but I'm a lot
 more
 Brad comfortable with vi. Will a static vi ever live in /bin? Helping
 someone
 Brad use ed remotely, who has never used ed, when I myself don't use it
 Brad regularly is always an adventure.
 
 Solution: learn ed a bit more.
 
 It's really *not* that hard. :)
 
 
 Good advice. Guess I'm looking for the easy way out. I'll make myself
 edit in ed every Friday or something.
 
 Brad
 
 
   
 Just out of curiosity, my emergencies usually involve having to edit 
 /etc/fstab that has entries that no longer apply after moving disks around.
 I just export TERM=xterm, fsck /usr and / mount both rw and vi away
 
 Is there a common emergency that comes up where /usr is not available?
 

When working on changed to the dynamic linker, vi was always the first 
test program (sanity testing). And yes, it broke quite a number of times.

Dale Rahn   dr...@dalerahn.com

Re: vi in /bin

[Nick Bender]

On Fri, Dec 18, 2009 at 7:33 AM, Eugene Yunak e.yu...@gmail.com wrote:
 2009/12/18 Gregory Edigarov g...@bestnet.kharkov.ua:
 On Fri, 18 Dec 2009 10:28:25 +0100
 Igor Sobrado igor.sobr...@gmail.com wrote:

 On Fri, Dec 18, 2009 at 6:07 AM, David Gwynne l...@animata.net
 wrote:
  On 18/12/2009, at 1:26 PM, Raymond Lillard wrote:
 
  Real men use cat. :-)
 
  real men use COPY CON PROGRAM.EXE

 real men use EDIT/TECO.

 real men use XEDIT.


 REAL men use butterflies

 // http://xkcd.com/378/

Real men use punch cards. Paper tape is acceptable for backups...

Re: vi in /bin

[Matthew Szudzik]

On Thu, Dec 17, 2009 at 07:47:18PM -0500, Brad Tilley wrote:
 I use ed in emergencies when /usr is inaccessible, but I'm a lot more
 comfortable with vi. Will a static vi ever live in /bin? Helping someone
 use ed remotely, who has never used ed, when I myself don't use it
 regularly is always an adventure.

If using ed is an adventure, then you don't really know how to use vi.

ed, sed, and vi are three of the most important Unix utilities, and
there's no excuse for not learning all three.  That's because they all
use the same commands and syntax.  If you know how to use one of them,
then you know how to use the other two.

Each is useful in a slightly different situation.  vi is for interactive
editing.  ed and sed are most useful for writing editing scripts.  ed
reads a file into a buffer for editing and can write those edits back to
the file.  sed works as a filter, reading a stream from standard input
line-by-line and editing each line before writing it to standard output.
Short, one-line sed scripts are useful in command line pipes for
translating the output of one program into the input of another program.

Although most of the basic commands are the same in ed, sed, and vi,
there are subtle differences.  After you have spent some time using ed
and sed, I suggest that you ask yourself the follow questions to test
your understanding of those differences: When is the global command
(that is, g) useful in ed and vi?  Why is the global command missing
from sed?

Re: vi in /bin

[Internet Retard]

 On Fri, Dec 18, 2009 at 7:33 AM, Eugene Yunak e.yu...@gmail.com wrote:

 Real men use punch cards. Paper tape is acceptable for backups...

You mean real *Internet* men. In person, these men (for lack of a better word)
are easily de-assified and can be made to cry. However, they are fearless
keyboard warriors while alone, in the dark, dusty corner of their mother's
basement at night. I made one of these Internet Men cry once by scattering his
nicely organized punch card program all over the floor.

Your pal,

IR

_
Windows Live: Keep your friends up to date with what you do online.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/soci
al-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010

Re: vi in /bin

[Chris Bennett]

Matthew Szudzik wrote:

On Thu, Dec 17, 2009 at 07:47:18PM -0500, Brad Tilley wrote:
  

I use ed in emergencies when /usr is inaccessible, but I'm a lot more
comfortable with vi. Will a static vi ever live in /bin? Helping someone
use ed remotely, who has never used ed, when I myself don't use it
regularly is always an adventure.



If using ed is an adventure, then you don't really know how to use vi.

ed, sed, and vi are three of the most important Unix utilities, and
there's no excuse for not learning all three.  That's because they all
use the same commands and syntax.  If you know how to use one of them,
then you know how to use the other two.

Each is useful in a slightly different situation.  vi is for interactive
editing.  ed and sed are most useful for writing editing scripts.  ed
reads a file into a buffer for editing and can write those edits back to
the file.  sed works as a filter, reading a stream from standard input
line-by-line and editing each line before writing it to standard output.
Short, one-line sed scripts are useful in command line pipes for
translating the output of one program into the input of another program.

Although most of the basic commands are the same in ed, sed, and vi,
there are subtle differences.  After you have spent some time using ed
and sed, I suggest that you ask yourself the follow questions to test
your understanding of those differences: When is the global command
(that is, g) useful in ed and vi?  Why is the global command missing
from sed?


  
I would like to learn to use sed, however, I did not find that the man 
page was sufficient as a tutorial. I was not able to find any sed 
tutorials that were consistent with OpenBSD's variation.


Does anyone know of any sed tutorials that work with OpenBSD's version?

--
A human being should be able to change a diaper, plan an invasion,
butcher a hog, conn a ship, design a building, write a sonnet, balance
accounts, build a wall, set a bone, comfort the dying, take orders,
give orders, cooperate, act alone, solve equations, analyze a new
problem, pitch manure, program a computer, cook a tasty meal, fight
efficiently, die gallantly. Specialization is for insects.
  -- Robert Heinlein

Re: vi in /bin

[Nick Bender]

On Fri, Dec 18, 2009 at 10:10 AM, Internet Retard webret...@live.com wrote:
 On Fri, Dec 18, 2009 at 7:33 AM, Eugene Yunak e.yu...@gmail.com wrote:

 Real men use punch cards. Paper tape is acceptable for backups...

 You mean real *Internet* men. In person, these men (for lack of a better word)
 are easily de-assified and can be made to cry. However, they are fearless
 keyboard warriors while alone, in the dark, dusty corner of their mother's
 basement at night. I made one of these Internet Men cry once by scattering his
 nicely organized punch card program all over the floor.


Fail. Real men put sequence numbers in the comment columns
so the card sorter can put them back in order.

-N

Handling HTTP virtual hosts with relayd

[James Stocks]

Hello everyone,

I'm presently using Apache to reverse-proxy HTTP connections through to our
Microsoft IIS servers so that we don't have to expose IIS directly to Internet
hosts.  Recently, I've been testing relayd in this role.

Apache can reverse-proxy requests for several internal HTTP servers through a
single internet-routable IP address by using virtual hosts.  I've not yet
discovered a way of getting relayd to forward the request to a different host
depending on the content of the 'Host:' header.  Does relayd have this
capability?  If so how do I do it?

Regards,
James.

Re: vi in /bin

[ropers]

 Matthew Szudzik wrote:
 I would like to learn to use sed, however, I did not find that the man page
 was sufficient as a tutorial. I was not able to find any sed tutorials that
 were consistent with OpenBSD's variation.

2009/12/18 Chris Bennett ch...@bennettconstruction.biz:
 Does anyone know of any sed tutorials that work with OpenBSD's version?

I've personally thus far never bumped into any particular behaviours
that would differentiate OpenBSD's sed(1) command syntax from that of
other implementations. (That could be because of my relative
inexperience, or because there are no substantial differences.)

With that said, this page --which was not authored specifically for
OpenBSD sed(1)-- may be of use:

http://www.grymoire.com/Unix/Sed.html#uh-0

--regards,
ropers

Re: vi in /bin

[Matthew Szudzik]

On Fri, Dec 18, 2009 at 11:30:13AM -0600, Chris Bennett wrote:
 I would like to learn to use sed, however, I did not find that the
 man page was sufficient as a tutorial. I was not able to find any

I learned sed from the book Sed  Awk by Dougherty and Robbins.

 http://amazon.com/dp/1565922255

I highly recommend it.  Of the three utilities ed, sed, and vi, sed is
probably the most challenging because it doesn't have an interactive
mode.  With ed or vi you can always do something interactively if you
don't know the relevant command, but sed forces you to understand the
commands if you want to get anything done.

Learning sed will make you a better user of ed and vi.

Re: vi in /bin

[Chris Bennett]

ropers wrote:

Matthew Szudzik wrote:
I would like to learn to use sed, however, I did not find that the man page
was sufficient as a tutorial. I was not able to find any sed tutorials that
were consistent with OpenBSD's variation.



2009/12/18 Chris Bennett ch...@bennettconstruction.biz:
  

Does anyone know of any sed tutorials that work with OpenBSD's version?



I've personally thus far never bumped into any particular behaviours
that would differentiate OpenBSD's sed(1) command syntax from that of
other implementations. (That could be because of my relative
inexperience, or because there are no substantial differences.)

With that said, this page --which was not authored specifically for
OpenBSD sed(1)-- may be of use:

http://www.grymoire.com/Unix/Sed.html#uh-0

--regards,
ropers


  

Nope, I ran into many pages like these. OpenBSD doesn't support sed -i

--
A human being should be able to change a diaper, plan an invasion,
butcher a hog, conn a ship, design a building, write a sonnet, balance
accounts, build a wall, set a bone, comfort the dying, take orders,
give orders, cooperate, act alone, solve equations, analyze a new
problem, pitch manure, program a computer, cook a tasty meal, fight
efficiently, die gallantly. Specialization is for insects.
  -- Robert Heinlein

Re: OpenBSD 4.6-stable on IBM x3550 freezes on boot until key is pressed

[Rouslan Iskhakov]

Tried to boot i386, same result.

Rouslan

- Original Message -
From: Mauro Rezzonico l...@ch23.org
To: misc misc@openbsd.org
Sent: P'P5QP2P5QP3, 17 PP5P:P0P1QQ 2009 P3 19:06:40 (GMT+0200)
Auto-Detected
Subject: Re: OpenBSD 4.6-stable on IBM x3550 freezes on boot until key is
pressed

Rouslan Iskhakov wrote:
 Tried both options (with redirection and without).
 Same behavior with default kernel (without aac driver).

I think the problem lies in BOOT/amd64, Have you tried with i386 arch?

You don't have to install anything, just try to bootstrap from a i386
Install disk/cdrom...

--
Mauro Rezzonico ma...@ch23.org, Como, Italia
Maybe this world is another planet's hell - H.Huxley

Re: OpenBSD 4.6-stable on IBM x3550 freezes on boot until key is pressed

[Rouslan Iskhakov]

Hi,

Disabled Proc Performance States, nothing changed...

Regards,
Rouslan

- Original Message -
From: Imre Oolberg i...@auul.pri.ee
To: Rouslan Iskhakov rous...@rshell.net
Sent: P'P5QP2P5QP3, 17 PP5P:P0P1QQ 2009 P3 19:16:43 (GMT+0200)
Auto-Detected
Subject: Re: OpenBSD 4.6-stable on IBM x3550 freezes on boot until key is
pressed

Hi!

I think i run 4.6 on the same computer but i have different harddisk
adapter, try to set

Processors - Processor Performance
  - Proc Performance States: Disabled

http://kuutorvaja.eenet.ee/wiki/IBM_System_x3550_M2

And also i use single cpu kernel, i hope i may help though i am by no
means expert on those ibm machines or openbsd kernel.


Imre


Rouslan Iskhakov wrote:
 Tried both options (with redirection and without).
 Same behavior with default kernel (without aac driver).

 Regards,
 Rouslan


 - Original Message -
 From: Mauro Rezzonico l...@ch23.org
 To: misc@openbsd.org
 Sent: P'P5QP2P5QP3, 17 PP5P:P0P1QQ 2009 P3 16:51:28 (GMT+0200)
 Auto-Detected
 Subject: Re: OpenBSD 4.6-stable on IBM x3550 freezes on boot until key is
 pressed

 Rouslan Iskhakov wrote:
 OpenBSD 4.6-stable freezes on boot until any key pressed.
 ...
 Using drive 0, partition 3.
 Loading...
 probing: pc0 com0 mem[619K 2814M 1280M a20=on]
 disk: hd0+
 OpenBSD/amd64 BOOT 3.01
 boot
 ...

 Something in the BIOS, perhaps? Like console redirection etc.?

 --
 Mauro Rezzonico ma...@ch23.org, Como, Italia
 Maybe this world is another planet's hell - H.Huxley

Web Browsers

[nixlists]

Hi. People on this list are security-conscious. I wonder what browsers they use?
What browsers do you consider more secure than others?
Granted, they're all full of all kinds of holes, but what do you do to
tighten their security?

Thanks.

Re: vi in /bin

[Anders Langworthy]

On Fri, Dec 18, 2009 at 1:35 PM, Chris Bennett
ch...@bennettconstruction.biz wrote:
 ropers wrote:
 I've personally thus far never bumped into any particular behaviours
 that would differentiate OpenBSD's sed(1) command syntax from that of
 other implementations. (That could be because of my relative
 inexperience, or because there are no substantial differences.)

 With that said, this page --which was not authored specifically for
 OpenBSD sed(1)-- may be of use:

 http://www.grymoire.com/Unix/Sed.html#uh-0

 Nope, I ran into many pages like these. OpenBSD doesn't support sed -i

GNU sed's file-in-place editing is a convenience, but not having it
won't hamper your ability to learn to use sed. This is particularly
true here, as that tutorial makes no mention of 'sed -i'

Cheers,
Anders.

Re: Web Browsers

[Brad Tilley]

On Fri, 18 Dec 2009 19:25 +, nixlists nixmli...@gmail.com wrote:
 Hi. People on this list are security-conscious. I wonder what browsers
 they use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

I like Firefox with noscript and adblock to stop the javascript.

Re: Unofficial OpenBSD 4.6 USB installer on LiveUSB-OpenBSD page!

[Nick Holland]

Girish Venkatachalam wrote:
...

http://liveusb-openbsd.sf.net

and direct download link here:

https://sf.net/projects/liveusb-openbsd/files/usb-inst46.bin/download

...

As to how I did this, that is an altogether different matter.


http://www.openbsd.org/faq/faq14.html#flashmemLive

Nick.

Re: Web Browsers

[Jesus Sanchez]

El 18/12/2009 20:50, Brad Tilley escribis:

On Fri, 18 Dec 2009 19:25 +, nixlistsnixmli...@gmail.com  wrote:
   

Hi. People on this list are security-conscious. I wonder what browsers
they use?
What browsers do you consider more secure than others?
Granted, they're all full of all kinds of holes, but what do you do to
tighten their security?
 

I like Firefox with noscript and adblock to stop the javascript.


   


+1

Firefox it's a good browser.

Re: Web Browsers

[ropers]

2009/12/18 Brad Tilley misc@openbsd.org:
 On Fri, 18 Dec 2009 19:25 +, nixlists nixmli...@gmail.com wrote:
 Hi. People on this list are security-conscious. I wonder what browsers
 they use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

 I like Firefox with noscript and adblock to stop the javascript.

Some people wouldn't consider these strictly *security* features, but
if you're using Firefox it helps to be aware of
  firefox -ProfileManager
and use that to keep stuff separate. Additionally, you can also use
-no-remote and -P profilename to concurrently run two or more
firefox instances with different profiles. Cf.:
  http://kb.mozillazine.org/Command_line_arguments

Also be aware that even after you've deleted all traditional cookies,
so-called Flash cookies (LSOs) may still persist, and sneaky sites
do use those to track you as well.
One add-on that you can use to kill those is this;
  http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm
(And even after deleting all cookies and LSOs, sites can still tell
what other places on the web you've been to, due to CSS leaking that
info, which may be unfixable, cf. e.g.
http://www.amirharel.com/2009/09/20/css-privacy/ )

Finally, if you use Adblock Plus, you owe it to yourself to also use
Element Hiding Helper.

This will not necessarily make Firefox more secure than others, and
there are lots of things about Firefox that suck ass, but the above
will, tighten [its] security, at least for some value of security.

--regards,
ropers

Re: Web Browsers

[ropers]

PS: I don't actually know to what extent the LSO issues apply to
OpenBSD, as there is only limited Flash compatibility, but anyway.

2009/12/18 ropers rop...@gmail.com:
 2009/12/18 Brad Tilley misc@openbsd.org:
 On Fri, 18 Dec 2009 19:25 +, nixlists nixmli...@gmail.com wrote:
 Hi. People on this list are security-conscious. I wonder what browsers
 they use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

 I like Firefox with noscript and adblock to stop the javascript.

 Some people wouldn't consider these strictly *security* features, but
 if you're using Firefox it helps to be aware of
  firefox -ProfileManager
 and use that to keep stuff separate. Additionally, you can also use
 -no-remote and -P profilename to concurrently run two or more
 firefox instances with different profiles. Cf.:
  http://kb.mozillazine.org/Command_line_arguments

 Also be aware that even after you've deleted all traditional cookies,
 so-called Flash cookies (LSOs) may still persist, and sneaky sites
 do use those to track you as well.
 One add-on that you can use to kill those is this;
  http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm
 (And even after deleting all cookies and LSOs, sites can still tell
 what other places on the web you've been to, due to CSS leaking that
 info, which may be unfixable, cf. e.g.
 http://www.amirharel.com/2009/09/20/css-privacy/ )

 Finally, if you use Adblock Plus, you owe it to yourself to also use
 Element Hiding Helper.

 This will not necessarily make Firefox more secure than others, and
 there are lots of things about Firefox that suck ass, but the above
 will, tighten [its] security, at least for some value of security.

 --regards,
 ropers

Re: Web Browsers

[Marco Peereboom]

firefox + adsuck

On Fri, Dec 18, 2009 at 07:25:13PM +, nixlists wrote:
 Hi. People on this list are security-conscious. I wonder what browsers they 
 use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?
 
 Thanks.

Encrypt entire filesystem with AES 256bit. Softraid tutorial?

[Andres Salazar]

Hello,
Iam looking for ways to encrypt my entire filesystem, but it must be
with AES 256bits... Ive bene searching and I deduce that the only
option I have is using softraid, however iam unable to find any
tutorial or guide. Anybody know if this is possible, if I have any
other option (with 256 AES cipher) and if there is a guide?

Thank you.

Andres

Re: Web Browsers

[Bryan Irvine]

On Fri, Dec 18, 2009 at 11:25 AM, nixlists nixmli...@gmail.com wrote:
 Hi. People on this list are security-conscious. I wonder what browsers they 
 use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

I use netcat.

Re: OT: Have you hugged your local OpenBSD dev lately?

[Lars Nooden]

Ted Unangst wrote:
 On Sat, Dec 12, 2009 at 4:47 PM, Lars Nooden lars.cura...@gmail.com wrote:
 So everything under X should be considered available to everything else
 under X.

 I presume new models for displays, or new ways to get some kind of privilege
 separation for X, have been discussed to death already.  Is there any key
 discussion or publication?
 
 I'm not sure what you're after, but two conceivable starting points
 would be the man pages for xauth and XSelectInput.

Those help.  I'm trying to get an idea, even an abstract one, of how
individual windows could be kept from poaching i/o from each other.

/Lars

Re: Encrypt entire filesystem with AES 256bit. Softraid tutorial?

[Brad Tilley]

On Fri, 18 Dec 2009 15:18 -0600, Andres Salazar ndrsslz...@gmail.com
wrote:
 Hello,
 Iam looking for ways to encrypt my entire filesystem, but it must be
 with AES 256bits... Ive bene searching and I deduce that the only
 option I have is using softraid, however iam unable to find any
 tutorial or guide. Anybody know if this is possible, if I have any
 other option (with 256 AES cipher) and if there is a guide?
 
 Thank you.
 
 Andres

Here are some softraid crypto notes I wrote that might help:

http://16systems.com/OpenBSD/softraid.txt

Softraid crypto does use AES, not sure it's 256-bit. Also understand
that several key mount points cannot be encrypted... so when you say
entire filesystem understand what is and is not encrypted. softraid
crypto is experimental too, but in my experience works well enough for
day to day use.

Brad

Re: OT: Have you hugged your local OpenBSD dev lately?

[Ted Unangst]

On Fri, Dec 18, 2009 at 4:31 PM, Lars Nooden lars.cura...@gmail.com wrote:
 Ted Unangst wrote:
 I'm not sure what you're after, but two conceivable starting points
 would be the man pages for xauth and XSelectInput.

 Those help.  I'm trying to get an idea, even an abstract one, of how
 individual windows could be kept from poaching i/o from each other.

XGrabKeyboard.  There's also a whole section on security in man xterm,
sorry, forgot about it before.

But it's no magic bullet.  Suddenly, your window manager hotkeys stop
working, so you can't really have a default current window grabs
keyboard policy.  Your screensaver also needs to grab the keyboard.
So if your browser only grabs the keyboard while entering a password
field, that essentially means the screen locker will never activate in
that state.  Rare, but totally confusing to users.

Re: Encrypt entire filesystem with AES 256bit. Softraid tutorial?

[Ted Unangst]

On Fri, Dec 18, 2009 at 4:18 PM, Andres Salazar ndrsslz...@gmail.com wrote:
 Iam looking for ways to encrypt my entire filesystem, but it must be
 with AES 256bits... Ive bene searching and I deduce that the only
 option I have is using softraid, however iam unable to find any
 tutorial or guide. Anybody know if this is possible, if I have any
 other option (with 256 AES cipher) and if there is a guide?

softraid uses 256 bit AES, but whatever your requirements are, if they
specify a key size but not a mode, I'd say they are underspecified.

Re: vi in /bin

[Antoine Jacoutot]

On Fri, 18 Dec 2009, Anders Langworthy wrote:
  Nope, I ran into many pages like these. OpenBSD doesn't support sed -i
 
 GNU sed's file-in-place editing is a convenience, but not having it
 won't hamper your ability to learn to use sed. This is particularly
 true here, as that tutorial makes no mention of 'sed -i'

$ echo foo  blah
$ cat blah 
foo
$ sed -a 's/foo/bar/wblah' blah
bar
$ cat blah
bar


-- 
Antoine

Re: Web Browsers

[Antoine Jacoutot]

On Fri, 18 Dec 2009, nixlists wrote:

 Hi. People on this list are security-conscious. I wonder what browsers they 
 use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

I send mail to a demon which runs wget and mails the page back to me.

-- 
Antoine

Re: BSD and Active Directory?

[Nigel Taylor]

I use password authentication to login with an AD account into a windows
terminal services platform. All windows platforms are 2003 R2, then ssh using
gssapi to get to OpenBSD - no password required, or the same to Solaris 10, Red
Hat v4 platforms. I use a modified version of putty from Quest that supports
gssapi on Windows, sshd_config has gssapi enabled. I can login using cygwin ssh
or locally with the AD account/password to OpenBSD. The real aim in this case is
to use a single sign-on. I can also use smart card authentication to the
terminal server, and the single sign-on to any Linux/Unix platform and OpenBSD.

I am using OpenBSD v4.6 stable, running samba v3.4.3 ads favour see mail lists,
ldap-client, ldap-server, p5-ldap from ports, portmap, ypldap, ypbind, plus
other ports. Note I use a modified ypldap - that allows empty groups, this is
for another system using smbldap-tools the aim to automatically add samba users
in ldap.

ypldap uses an extra login class kauth defined in login.conf with auth=krb5. An
entry in ypldap.conf fixed attribute class kauth is used.

Red Hat and Solaris are using Quest's Vintela, this extends the AD schema in a
manner ypldap does not support (or I haven't found a way to make this work so
far, I need to do some sub queries for memberships), instead I extract using a
perl script creating a ldif file which creates the entries in local ldap server
for users/groups using the nis schema. I have around 140 users and 30 groups
from AD in the local ldap, the perl script also filters out any users that
haven't been assigned a uid, or groups with no gid and users with a uid's below
a value, and disabled accounts. the perl script uses Net::LDAP from the p5-ldap
port.

This also works with samba, the terminal server can get to samba shares on the
OpenBSD, using the group/users setup in ldap and authenticating with AD.

To get multiple groups for users besides a +, as the last line the group file,
the group file must contain an exclusion see getgrouplist man page, or you need
to create /etc/netid for the user to group mappings. ypldap doesn't support
netid.byname currently, sudo doesn't work because of this.

The only difference is the ypldap.conf refers to the local ldap in my case
populated with the AD accounts/groups, rather than using ypldap directly against
the active directory ldap.

getent passwd or group will return both local and those accounts/groups in ldap.

The yp_first is reported by ypbind, your initial e-mail suggests ypldap hasn't
completed the first stages, you should see something like this

# ypldap -dv
startup [debug mode]
configuration starting
applying configuration
connecting to directories
starting directory update
updates are over, cleaning up trees now
flattening trees
pushing line: aalle01:*:5020671:5046:kauth:0:0::/home/adusers/aalle01
:/bin/bash
pushing line: aarno01:*:5972151:5002:kauth:0:0::/home/adusers/aarno
 01:/bin/sh
pushing line: acham01:*:5617157:5002:kauth:0:0::/home/adusers/acham
 03:/bin/sh
pushing line: acham02:*:5020098:5046:kauth:0:0::/home/adusers/ach
   am02:/bin/bash
pushing line: achil01:*:50042186:5001:kauth:0:0::/home/adusers/achil01
:/bin/sh
.
pushing line: ncwadmins:*:5024:dmell01,npres01
pushing line: ncwops:*:5043:dmell01,npres01
pushing line: nfmadmins:*:5032:dmell01,npres01
pushing line: nfmops:*:5031:dmell01,npres01
pushing line: nmnadmins:*:5028:dmell01,npres01
.

I think until ypldap reaches this point it's not listening, and ypbind can't
connect.

You could try ypldap.conf with a filter for a small set of users / groups. This
will tell you if you exceeded a limit or there something wrong in the 
ypldap.conf.


Regards

Nigel Taylor


Joakim Dellrud wrote:
 Okay, I have understood that there is some difference between a solution and
 another. But what I need to do is to pull a user with the unix attributes in
 a 2k3 ad server to a bsd machine. It is already working seamless in a centos
 enviroment. But there is the nsswitch and pam. My problem is that I have to
 use the smallest amount possible of space and packages for this to work. For
 the record I already have the UNIX SFU installed (thought I did mention
 that).
 
 I had the impression that ypldap.conf is equal to the ldap.conf I use in the
 centos env. Is that not the case? Is ypldap not used to bind against an ad
 with a user and pull info that then are used to auth against?
 
 ==
 
 I don't know if I need to clarify what I want to do but I will anyway:
 The existing Active Directory (with SFU) are going to host two types of
 users one USER with one password and another USER.root with a different
 password. Then when I ssh against one server I want to use my USER and when
 inside I use kinit USER.root to gain a root ticket (afterwards I use ksu
 to elevate the USER to the local root account). In Centos I've managed to
 make this work through editing of /etc/krb5.conf, /etc/openldap/ldap.conf,
 /etc/ldap.conf, 

Re: Web Browsers

[nixlists]

On Fri, Dec 18, 2009 at 9:07 PM, Marco Peereboom sl...@peereboom.us wrote:
 firefox + adsuck

What is your opnion on Chrome, OpenBSD gurus? Okay we all know about
it's privacy and identity leakage concerns. It's designed by Google
with this built-in - they want to know everything about you and don't
care about your privacy, yada yada. But what about its supposedly more
secure multi-process design. Is it really better than Firefox and
others in this regard?

Re: vi in /bin

[Jason McIntyre]

On Fri, Dec 18, 2009 at 11:30:13AM -0600, Chris Bennett wrote:
 I would like to learn to use sed, however, I did not find that the man 
 page was sufficient as a tutorial. I was not able to find any sed 
 tutorials that were consistent with OpenBSD's variation.
 
 Does anyone know of any sed tutorials that work with OpenBSD's version?
 

the man page is not a tutorial,  but it does document everything. you
can use google and SEE ALSO for other stuff. actually the man page is
surprisingly complete, though i wouldn;t blame you for googling.

everyone else has joked about it, but ed(1) is a braw wee editor... real
mem tire of comparisons.

jmc

Re: Web Browsers

[Bryan Irvine]

On Fri, Dec 18, 2009 at 3:01 PM, Antoine Jacoutot ajacou...@bsdfrog.org wrote:
 On Fri, 18 Dec 2009, nixlists wrote:

 Hi. People on this list are security-conscious. I wonder what browsers they 
 use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

 I send mail to a demon which runs wget and mails the page back to me.

Richard is that you?

Re: vi in /bin

[Randal L. Schwartz]

 Matthew == Matthew Szudzik mszud...@andrew.cmu.edu writes:

Matthew ed, sed, and vi are three of the most important Unix utilities, and
Matthew there's no excuse for not learning all three.  That's because they all
Matthew use the same commands and syntax.  If you know how to use one of them,
Matthew then you know how to use the other two.

Everything I used to know about sed, I've forgotten once learning Perl.

There's really no excuse for not knowing Perl and Python these days.

And if you need to learn Perl, I can recommend a good book (or two :).

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
mer...@stonehenge.com URL:http://www.stonehenge.com/merlyn/
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion

Re: Web Browsers

[Marco Peereboom]

All your ads are belong to us.

Max Headroom might have an opinion too.

On Fri, Dec 18, 2009 at 11:12:14PM +, nixlists wrote:
 On Fri, Dec 18, 2009 at 9:07 PM, Marco Peereboom sl...@peereboom.us wrote:
  firefox + adsuck
 
 What is your opnion on Chrome, OpenBSD gurus? Okay we all know about
 it's privacy and identity leakage concerns. It's designed by Google
 with this built-in - they want to know everything about you and don't
 care about your privacy, yada yada. But what about its supposedly more
 secure multi-process design. Is it really better than Firefox and
 others in this regard?

Re: Web Browsers

[Chris Bennett]

Antoine Jacoutot wrote:

On Fri, 18 Dec 2009, nixlists wrote:

  

Hi. People on this list are security-conscious. I wonder what browsers they use?
What browsers do you consider more secure than others?
Granted, they're all full of all kinds of holes, but what do you do to
tighten their security?



I send mail to a demon which runs wget and mails the page back to me.

  

Well you really shouldn't use DEMONS to do your computer work.
They should never be trusted.

But a daemon is OK :)

--
A human being should be able to change a diaper, plan an invasion,
butcher a hog, conn a ship, design a building, write a sonnet, balance
accounts, build a wall, set a bone, comfort the dying, take orders,
give orders, cooperate, act alone, solve equations, analyze a new
problem, pitch manure, program a computer, cook a tasty meal, fight
efficiently, die gallantly. Specialization is for insects.
  -- Robert Heinlein

Re: Web Browsers

[Internet Retard]

 Date: Fri, 18 Dec 2009 15:24:25 -0800
 Subject: Re: Web Browsers
 From: sparcta...@gmail.com
 To: ajacou...@bsdfrog.org
 CC: misc@openbsd.org

 On Fri, Dec 18, 2009 at 3:01 PM, Antoine Jacoutot ajacou...@bsdfrog.org
wrote:
  On Fri, 18 Dec 2009, nixlists wrote:
 
  Hi. People on this list are security-conscious. I wonder what browsers
they use?
  What browsers do you consider more secure than others?
  Granted, they're all full of all kinds of holes, but what do you do to
  tighten their security?
 
  I send mail to a demon which runs wget and mails the page back to me.

 Richard is that you?



Only his mom calls him Richard. To us, he is RMS.



Your Friend,



IR


_
Windows Live: Keep your friends up to date with what you do online.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/soci
al-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010

Re: Handling HTTP virtual hosts with relayd

[Ben Calvert]

This is what squid is for.

On Dec 18, 2009, at 10:01 AM, James Stocks wrote:

 Hello everyone,

 I'm presently using Apache to reverse-proxy HTTP connections through to our
 Microsoft IIS servers so that we don't have to expose IIS directly to
Internet
 hosts.  Recently, I've been testing relayd in this role.

 Apache can reverse-proxy requests for several internal HTTP servers through
a
 single internet-routable IP address by using virtual hosts.  I've not yet
 discovered a way of getting relayd to forward the request to a different
host
 depending on the content of the 'Host:' header.  Does relayd have this
 capability?  If so how do I do it?

 Regards,
 James.

Re: vi in /bin

[Ingo Schwarze]

Randal L. Schwartz wrote on Fri, Dec 18, 2009 at 03:27:07PM -0800:

 Everything I used to know about sed, I've forgotten once learning Perl.

That's bad: sed is still needed, see /usr/src/distrib/miniroot/list
for a striking example.

That said, liking and using Perl a lot, the same happens to me,
but i see that as deficiency, not a virtue.

Re: Web Browsers

[Bob Beck]

2009/12/18 nixlists nixmli...@gmail.com:
 On Fri, Dec 18, 2009 at 9:07 PM, Marco Peereboom sl...@peereboom.us wrote:
 firefox + adsuck

 What is your opnion on Chrome, OpenBSD gurus? Okay we all know about
 it's privacy and identity leakage concerns. It's designed by Google
 with this built-in - they want to know everything about you and don't
 care about your privacy, yada yada. But what about its supposedly more
 secure multi-process design. Is it really better than Firefox and
 others in this regard?



Well, in theory, if they can stick to it, a privsep design is more
secure from the point of view of the application.

When done right.

Now, is it a small and secure program? I dunno: You decide:



# uname -a
OpenBSD cthulhu.cns.ualberta.ca 4.6 GENERIC.MP#27 amd64
# pwd
/usr/local/chrome
# ldd chrome
chrome:
StartEnd  Type Open Ref GrpRef Name
0040 02c9f000 exe  10   0  chrome
000209b99000 00020a0cc000 rlib 014   0
/usr/X11R6/lib/libX11.so.12.0
000210dbf000 0002111c8000 rlib 07   0
/usr/X11R6/lib/libXrender.so.5.0
0002069ca000 000206ddb000 rlib 07   0
/usr/X11R6/lib/libXext.so.10.0
000212468000 000212877000 rlib 01   0
/usr/local/lib/libexecinfo.so.0.0
00021037f000 000210bab000 rlib 01   0
/usr/local/lib/libgtk-x11-2.0.so.1402.0
0002111f4000 0002116aa000 rlib 02   0
/usr/local/lib/libgdk-x11-2.0.so.1402.0
000214671000 000214a8c000 rlib 03   0
/usr/local/lib/libgdk_pixbuf-2.0.so.1402.0
00020449 00020489d000 rlib 03   0
/usr/local/lib/libpangocairo-1.0.so.1801.0
00020a66 00020aa62000 rlib 03   0
/usr/X11R6/lib/libXinerama.so.5.0
00020ff75000 00021037f000 rlib 03   0
/usr/X11R6/lib/libXi.so.10.1
0002058fc000 000205d04000 rlib 03   0
/usr/X11R6/lib/libXrandr.so.6.1
00020db06000 00020df1 rlib 03   0
/usr/X11R6/lib/libXcursor.so.4.0
0002029e5000 000202de8000 rlib 03   0
/usr/X11R6/lib/libXcomposite.so.3.0
000202e4d000 00020325 rlib 03   0
/usr/X11R6/lib/libXdamage.so.3.1
0002065c 0002069c5000 rlib 06   0
/usr/X11R6/lib/libXfixes.so.5.0
000211fc2000 0002123e rlib 02   0
/usr/local/lib/libatk-1.0.so.2800.0
00020ce25000 00020d2b rlib 04   0
/usr/local/lib/libcairo.so.9.2
000213dfc000 000214236000 rlib 05   0
/usr/X11R6/lib/libpixman-1.so.15.8
00020976e000 000209b99000 rlib 05   0
/usr/local/lib/libglitz.so.2.0
00020df1 00020e338000 rlib 01   0
/usr/local/lib/libpng.so.9.0
00020efb6000 00020f3d2000 rlib 015   0
/usr/X11R6/lib/libxcb.so.2.0
000205d04000 000206105000 rlib 016   0
/usr/X11R6/lib/libpthread-stubs.so.0.0
00020d532000 00020d935000 rlib 016   0
/usr/X11R6/lib/libXau.so.9.0
0002130c2000 0002134c7000 rlib 016   0
/usr/X11R6/lib/libXdmcp.so.10.0
000207434000 0002078e1000 rlib 04   0
/usr/local/lib/libgio-2.0.so.1802.0
0002156c4000 000215af4000 rlib 04   0
/usr/local/lib/libpangoft2-1.0.so.1801.0
000204a99000 000204ee3000 rlib 05   0
/usr/local/lib/libpango-1.0.so.1801.0
00020610a000 00020654a000 rlib 012   0
/usr/local/lib/libgobject-2.0.so.1802.0
   00020c7da000 00020cbdd000 rlib 010   0
/usr/local/lib/libgmodule-2.0.so.1802.0
00020eb7a000 00020efb1000 rlib 06   0
/usr/X11R6/lib/libfontconfig.so.6.0
000204ee3000 000205307000 rlib 07   0
/usr/lib/libexpat.so.9.0
000209038000 0002094ba000 rlib 07   0
/usr/X11R6/lib/libfreetype.so.17.0
000214a8c000 000214ea rlib 08   0
/usr/lib/libz.so.4.1
0002079f7000 000207dfb000 rlib 03   0
/usr/local/lib/libgthread-2.0.so.1802.0
00020fa0e000 00020fed7000 rlib 015   0
/usr/local/lib/libglib-2.0.so.1802.0
000203e02000 00020420d000 rlib 016   0
/usr/local/lib/libintl.so.4.0
00020326b000 000203764000 rlib 017   0
/usr/local/lib/libiconv.so.6.0
00020b96a000 00020bea5000 rlib 03   0
/usr/local/lib/libnss3.so.24.0
000212c95000 0002130c2000 rlib 01   0
/usr/local/lib/libsmime3.so.24.0
0002116aa000 000211af rlib 01   0
/usr/local/lib/libsoftokn3.so.24.0
00020e73c000 00020eb75000 rlib 01   0
/usr/local/lib/libssl3.so.24.0
0002152c1000 0002156c4000 rlib 06   0
/usr/local/lib/libplds4.so.21.0
00020e338000 00020e73c000 rlib 06   0
/usr/local/lib/libplc4.so.21.0
000206de 000207219000 rlib 08   0

Spooky spamd happening

[Rod Whitworth]

I have a bunch of client machines that do their daily/weekly/monthly
reports to a dedicated mailbox here.

I notice things like  a missing host or a low uptime figure etc and can
talk to their owners about what problems may be.

Works fine and did today but there is something spooky happening:

The 0130 daily messages came through on time.
The 0330 weekly messages were all there.
My next task= inspect the spamdb and /var/log/spamd to find if false
positives or other anomalies happening. This is where I spotted  the
following entries.

At 015528 spamd said  queueing deletion of a.b.c.d 
and that is weird because that IP was happily delivering mail to us at
0130 without going through greylisting.

So at 033030 spamd showed a.b.c.d attempting to deliver and greylisted
it.
At 035606 a.b.c.d called again and just afterwards spamd showed it
being whitelisted.

The mail arrived in the inbound mailbox at  0425  so that looks pretty
normal.

But at 073041 spamd shows queueing deletion of a.b.c.d .
and yet here I am at 1220 and in spamdb output I see that a.b.c.d is
whitelisted.
WHITE|a.b.c.d|||1261153830|1261155366|1264265792|2|0
So, whitelisted at Sat Dec 19 03:56:06 EST 2009 agrees with log above.
 and expires Sun Jan 24 03:56:32 EST 2010.

So no other host suffered this treatment and this one got through at
0130 so the expiry should have been updated so it didn't get greylisted
later. Add that the deletion obviously has not happened in the last 4
hours as would be expected from the log note.

The box has been running 4.5 release faultlessly since Mar 4. Update
due in new year quiet time.

Any clues?

*** NOTE *** Please DO NOT CC me. I am subscribed to the list.
Mail to the sender address that does not originate at the list server is 
tarpitted. The reply-to: address is provided for those who feel compelled to 
reply off list. Thankyou.

Rod/
---
This life is not the real thing.
It is not even in Beta.
If it was, then OpenBSD would already have a man page for it.

Re: Unofficial OpenBSD 4.6 USB installer on LiveUSB-OpenBSD page!

[Girish Venkatachalam]

No you got it wrong.

You are supposed to say

install from disk (instead of install from cd0)

Already mounted? [no]

(Press enter)

And the sets will all show up.

Try again.

All sets are there in the USB stick but you have to follow a slightly
different procedure.

-Girish

On Fri, Dec 18, 2009 at 8:10 PM, Brad Tilley misc@openbsd.org wrote:
 On Fri, 18 Dec 2009 19:34 +0530, Girish Venkatachalam
 girishvenkatacha...@gmail.com wrote:

 I played no tricks, it is just the CD/DVD installer in the USB  stick. ;)

 I normally just install -current or -release to a USB stick and then use
 that (booting from bsd.rd on the USB stick). Granted, the sets have to
 install over the network, but it works well.

 Brad




--
Gayatri Hitech
web: http://gayatri-hitech.com

SpamCheetah Spam filter:
http://spam-cheetah.com

Re: Web Browsers

[Christopher Linn]

On Fri, Dec 18, 2009 at 07:25:13PM +, nixlists wrote:
 Hi. People on this list are security-conscious. I wonder what browsers they 
 use?
 What browsers do you consider more secure than others?
 Granted, they're all full of all kinds of holes, but what do you do to
 tighten their security?

I'm not telling.

cel

OpenBSD book

[Eric Furman]

Does anyone have any info on this book?
http://www.amazon.com/OpenBSD-Frederic-P-Miller/dp/6130089511/ref=sr_1_6?ie=UTF8s=booksqid=1261193825sr=1-6

The title is simply OpenBSD.
I ask because it seems to be pretty new, 
Published in October of 2009, and most of the
other OBSD books I've seen are fairly old.
Amazon gives remarkably little info on it.

Re: smtpd(8) local delivery failure - help needed with diagnosis

[Adam Thompson]

In article 20091217185401.ga13...@bramka.kerhand.co.uk, 
j...@kerhand.co.uk says...
 On Thu, Dec 17, 2009 at 02:45:25AM -0600, Adam Thompson wrote:
r...@server:~# cat /etc/mailer.conf | grep -v '^#'
sendmail/usr/sbin/smtpd
send-mail   /usr/sbin/smtpctl
mailq   /usr/sbin/smtpctl
makemap /usr/libexec/smtpd/makemap
newaliases  /usr/libexec/smtpd/makemap
  Not sure if this is right or not, it doesn't seem to be documented 
  anywhere yet.
 it is documented in mailer.conf(5) and smtpd(8) itself. they are 
fairly
 recent additions (not sure if they are included in the last release or
 not), so you may find it easier to check the web man pages.

Bang on.  The manpages in -current have the writeup.  I tend to refer 
only to manpages that match the release I'm using, as I've been bitten a 
few times by new functionality documented in the man page that doesn't 
actually exist on my -stable system.

So it looks like I had it almost right, anyway.

Thanks, though for pointing out that it *is* in the man pages, after 
all.

-Adam

Re: OpenBSD book

[Bryan Irvine]

It does give very little.  However it does give the ISBN number which
I googled and at least found the cover:
http://www.wikio.com/books/openbsd-6130089511-9575144,b.html

Seems like maybe an interesting geek coffee table book.  Except it
pretty much seems impossible to find.


On Fri, Dec 18, 2009 at 7:52 PM, Eric Furman ericfur...@fastmail.net wrote:
 Does anyone have any info on this book?
 http://www.amazon.com/OpenBSD-Frederic-P-Miller/dp/6130089511/ref=sr_1_6?ie=UTF8s=booksqid=1261193825sr=1-6

 The title is simply OpenBSD.
 I ask because it seems to be pretty new,
 Published in October of 2009, and most of the
 other OBSD books I've seen are fairly old.
 Amazon gives remarkably little info on it.

Re: OpenBSD book

[ropers]

2009/12/19 Eric Furman ericfur...@fastmail.net:
 Does anyone have any info on this book?
 http://www.amazon.com/OpenBSD-Frederic-P-Miller/dp/6130089511/ref=sr_1_6?ie=UTF8s=booksqid=1261193825sr=1-6

 The title is simply OpenBSD.
 I ask because it seems to be pretty new,
 Published in October of 2009, and most of the
 other OBSD books I've seen are fairly old.
 Amazon gives remarkably little info on it.

Does this answer your question?

http://i.imgur.com/ggkB5.png

regards,
--ropers

Re: vi in /bin

[Paul M]

On 19/12/2009, at 12:27 PM, Randal L. Schwartz wrote:


Everything I used to know about sed, I've forgotten once learning Perl.

There's really no excuse for not knowing Perl and Python these days.

And if you need to learn Perl, I can recommend a good book (or two :).


You can do anything in Perl.
Tho' it's never the right tool for the job.


pailm

[Programme TV] Samedi 19 Décembre 2009

[Télé Loisirs]

Si ce message ne s'affiche pas correctement, voir ici

Ajoutez tele-lois...@ml.tv-news.fr ` votre carnet d'adresses pour
recevoir vos programmes plus facilement

Programme-TV.net - TC)lC) Loisirs

Votre programme TV
Same di 19 DC)cembre 2009

Gagnez une semaine au ski en famille

Remportez une semaine au ski

Remportez une semaine au ski

Je participe

Remportez une semaine au ski

Remportez une semaine au ski

Remportez une semaine au ski

Remportez une semaine au ski

Remportez une semaine au ski

Remportez une semaine au ski

Partez pour une semaine entiC(re dC)valer les pistes des Alpes C  4 pour
des vacances inoubliables. Neige, fondue et chocolat chaud, de quoi
rC*ver en famille.

Remportez une semaine au ski

Remportez une semaine au ski

Je participe

Remportez une semaine au ski

Remportez une semaine au ski

Le gagnant de chaque loterie sera sC)lectionnC) au hasard par un
ordinateur. Il nby a pas de nombre minimum ou maximum de participants.
Les chances pour chaque participant de gagner une loterie dC)pendent du
nombre total de participants C  cette loterie. Les gagnants pourront
C*tre notifiC)s par tC)lC)phone, e-mail ou courrier postal. Clash-Media
pourra disqualifier un gagnant si elle nba pas rC)ussi C  entrer en
contact avec ledit gagnant dans les sept jours suivant la premiC(re
tentative de le joindre. DC(s lors, Clash pourra choisir un autre
gagnant. Le tirage aura lieu le 30 avril 2010.

A la une

Miss France : Genevihve est jeune
dans sa tjte !

Miss France : Genevihve est jeune dans sa tjte !

Handball : la finale sur France
Tilivisions

Handball : la finale sur France Tilivisions

CanalSat : les channes TNT changent de
numiros

CanalSat : les channes TNT changent de numiros

Grey's Anatomy : Les premihres minutes
de la saison 6 !

Grey's Anatomy : Les premihres minutes de la saison 6 !

plus de news...

Vidio du jour
Smaon (Incroyable Talent)
Interview de Smaon, juri de l'imission La France a un incroyable talent
(M6).

Vos programmes

TF1

La bataille des chorales

20h45
La bataille des chorales
divertissement

New York Uniti Spiciale

23h10
New York Uniti...
series-tv

France 2

L'aventure inattendue

20h35
L'aventure inattendue
divertissement

On n'est pas couchi

22h55
On n'est pas...
divertissement

France 3

Le bourgeois gentilhomme

20h35
Le bourgeois gentilhomme
divertissement

Va, vis et deviens

22h45
Va, vis et deviens
cinema

Canal+

Les enfants de Timpelbach

20h50
Les enfants de Timpelbach
cinema

Jour de foot

23h00
Jour de foot
sport

Arte

La dernihre citi des
Etrusques

20h45
La dernihre...
culture-infos

Les soldats du rock

23h15
Les soldats du rock
culture-infos

M6

XIII

20h40
XIII
divertissement

XIII

22h30
XIII
divertissement

Vos programmes TNT

France 4

Safari prihistorique

20h35
Safari prihistorique
culture-infos

Demaison s'envole

22h00
Demaison s'envole
divertissement

France 5

Echappies belles

20h35
Echappies belles
culture-infos

La Thaolande, fleur de l'Asie

21h30
La Thaolande, fleur...
culture-infos

Direct 8

Le comte de Monte-Cristo

20h40
Le comte de Monte-Cristo
divertissement

Enqujte inidite

22h40
Enqujte inidite
culture-infos

W9

Les Simpson

20h35
Les Simpson
jeunesse

Menu W9

23h30
Menu W9
divertissement

TMC

Les nouveaux secrets de la magie

20h40
Les nouveaux secrets de la...
divertissement

NT1

Catch Attack

20h35
Catch Attack
sport

Estate of Panic, le manoir de la peur

22h25
Estate of Panic, le manoir...
divertissement

NRJ 12

Le fanttme du cinima

20h35
Le fanttme du...
jeunesse

Cliopbtre

22h10
Cliopbtre
divertissement

La Channe Parlementaire / Public Sinat

Bibliothhque Midicis

21h00
Bibliothhque...
culture-infos

Profession humanitaire

22h00
Profession humanitaire
culture-infos

Virgin 17

L'affaire Ranucci : Le combat d'une
mhre

20h35
L'affaire Ranucci :...
divertissement

Chante si tu peux ! (Saison 1)

22h25
Chante si tu peux ! (Saison 1)
divertissement

Gulli

L'ecole des fans

20h35
L'ecole des fans
divertissement

Ils sont fous ces humains

21h25
Ils sont fous ces humains
divertissement

France T

Concert anniversaire de Nelson Mandela

20h35
Concert anniversaire de...
divertissement

Soweto

22h05
Soweto
divertissement

Faites des ECONOMIES en 2009

[IMAGE]

Avez vous gagnC) 1 sC)jour au soleil, un stage de pilotage, 500 euros...

ici

[IMAGE]

BlC)dina vous couvre de cadeaux !

ici

[IMAGE]

Pour gagner votre voyage aux Maldives, il suffit de participer !

ici

[IMAGE]

DC)couvrez immC)diatement si vous avez gagnC) 1000 b, !

ici

[IMAGE]

Gagnez une semaine de vacances au ski A VIE

ici

[IMAGE]

Vous avez C)tC) sC)lectionnC)(e) pour gagner 3 bagues diamants

ici

[IMAGE]

Offrez C  bC)bC), son 1er shopping d'une valeur de 1000 euros

ici

[IMAGE]

Devenez propriC)taire de votre vignoble : vos bouteilles C  votre nom !

ici

[IMAGE]

Etes-vous le gagnant des 2 000 euros offert par Cdiscount ?

ici

[IMAGE]

Remportez 10 000 euros grCce C  la Redoute

ici

[IMAGE]

Remportez des sC)jours dC)tente 4* en