Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Janne Johansson]

Not that I have a better suggestion than yours, but I don't like
"whitelisting" at the ip level. If I have multiple trusted routers this
ends up as a long shell-script that tries to feed ips until it works.
I can see a point (for both v4 and v6) to sometimes lock the arp/ndp for
your def-gw so that noone else can trivially spoof the gw ip, but adding
the gws own idea of some other ip it has to a whitelist of acceptable
senders of ndp feels like a layering violation to me.



2013/5/8 Stefan Bagdohn 

> > Maby something along the lines of the 'nd6_onlink_ns_rfc4861' sysctl
> > flag mentioned at
> > http://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
> > could be used for the odd cases where it's needed?
>
> This is an all-or-nothing approach. What about the option to provide the
> "known-good" address of the router (via sysctl or by other means)?
> If an address is given, treat this exception as a neighbor. If left empty,
> just behave as-is.
>
>


-- 
May the most significant bit of your life be positive.

Re: smtpd setup

[Eric Faurot]

On Tue, May 07, 2013 at 05:23:35PM -0700, Scott wrote:
> Greetings all,
> 
> I was excited to try out smtpd because of future plans to go away from
> webmail. Right after installing 5.3 I followed the directions in man smtpd
> to make the switch. smtpd.conf is untouched, but here are the values anyway:
> 
> listen on lo0
> table aliases db:/etc/mail/aliases.db
> accept for local alias  deliver to mbox
> accept for any relay
> 
> However, sending a test mail to myself yields two different errors. On my
> server:
> # echo 'test' | mail -s TEST scott
> send-mail: command failed: 553 Sender address syntax error
> 
> on my desktop:
> # echo 'test' | mail -s TEST scott
> send-mail: command failed: 550 Invalid recipient
> 
> The same test works with sendmail enabled. What have I missed?
> 
> -Scott

I would bet it has something to do with the hostname.  Run the
server with "smtpd -d -T smtp" and look at the addresses in the smtp
transaction.

Eric.

Re: Ethernet card not working

[Riccardo Mottola]

Hi all,

perhaps my reply went astray, but let me repeat that this patch fixed my 
problem and the ethernet cards get recognized correctly, works and is 
stable with this patch.


Riccardo

Miod Vallat wrote:

Hi,

I inserted the card into a debian laptop which recongizes it. Here
some output.

dmesg:
[  149.244112] pcmcia_socket pcmcia_socket1: pccard: PCMCIA card
inserted into slot 1
[  149.244234] pcmcia_socket pcmcia_socket1: cs: memory probe
0xa000-0xa0ff: excluding 0xa000-0xa00f
[  149.254856] pcmcia 1.0: pcmcia: registering new device pcmcia1.0 (IRQ: 4)
[  149.351576] pcnet_cs 1.0: eth0: NE2000 (DL10022 rev 30): io
0x320, irq 4, hw_addr 00:13:46:34:0d:62


pccardctl ident:
Socket 1:
   product info: "D-Link
", "DFE-670TXD
", "PC Card
", ""
   manfid: 0x0149, 0x4530
   function: 6 (network)

Is this enough? what can I provide more?
 

Does the following diff help?

Index: if_ne_pcmcia.c
===
RCS file: /cvs/src/sys/dev/pcmcia/if_ne_pcmcia.c,v
retrieving revision 1.95
diff -u -p -r1.95 if_ne_pcmcia.c
--- if_ne_pcmcia.c  3 Jul 2011 15:47:17 -   1.95
+++ if_ne_pcmcia.c  16 Apr 2013 20:26:47 -
@@ -296,19 +296,23 @@ const struct ne2000dev {
PCMCIA_CIS_IODATA_PCETTXR,
0, -1, { 0x00, 0xa0, 0xb0 } },

-{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
+{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
PCMCIA_CIS_DLINK_DFE670TXD,
0, -1, { 0x00, 0x05, 0x5d } },

-{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
+{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
PCMCIA_CIS_DLINK_DFE670TXD,
0, -1, { 0x00, 0x50, 0xba } },

- { PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
+ { PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
 PCMCIA_CIS_DLINK_DFE670TXD,
 0, -1, { 0x00, 0x0d, 0x88 } },

-{ PCMCIA_VENDOR_LINKSYS, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
+{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
+  PCMCIA_CIS_DLINK_DFE670TXD,
+  0, -1, { 0x00, 0x13, 0x46 } },
+
+{ PCMCIA_VENDOR_NETGEAR, PCMCIA_PRODUCT_NETGEAR_FA410TXC,
PCMCIA_CIS_DLINK_DFE670TXD,
0, -1, { 0x00, 0x40, 0x05 } },

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Stefan Bagdohn]

> Maby something along the lines of the 'nd6_onlink_ns_rfc4861' sysctl
> flag mentioned at
> http://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
> could be used for the odd cases where it's needed?

This is an all-or-nothing approach. What about the option to provide the 
"known-good" address of the router (via sysctl or by other means)?
If an address is given, treat this exception as a neighbor. If left empty, just 
behave as-is.

Re: OpenBSD official reference book ( like FreeBSD handbook / NetBSD Guide )

[Peter N. M. Hansteen]

"TRUNASUCI TRUNASUCI"  writes:

> I just wanna ask if there is a project for this official refernce book
> for all users ( if any please inform ). Since i cant find any kind of
> like this on openbsd web. Just my reference is on FAQ and some other
> doc.

The closest thing to an official 'handbook' that the OpenBSD project
offers is the FAQ, http://www.openbsd.org/faq/. That one should take you
some way, supplemented with a bit of man page reading now and then. For
actual books, well, as others have mentioned, the more recent titles
from http://www.openbsd.org/books.html are generally considered useful.

- Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: NPPPD with intermediate LTS

[YASUOKA Masahiko]

Hi,

On Tue, 07 May 2013 22:38:46 +0100
Joe Holden  wrote:
> I'm testing out npppd as a termination device which is being fed from
> existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC
> begins LCP to challenge the client for it's username in order to
> lookup the destination LNS, npppd just repeats the following until it
> gives up:
> 
> 2013-05-07 22:29:03:INFO: ppp id=1 layer=chap proto=unknown Received
> chap packet.  But chap is not started
> 2013-05-07 22:29:05:INFO: ppp id=1 layer=chap proto=unknown Received
> chap packet.  But chap is not started

Do you have the "dialin-proxy" message before these messages?  If you
have, I would like to see it.

> This is on a test setup currently, but mirrors the behaviour as it
> would see on a real network.
> 
> If I blindly switch to npppd all is well, I've got l2tp-lcp-reneg
> enabled but it doesn't seem to make any difference, likewise with
> force.
> 
> Is this known behaviour or am I missing something?

Does the config

  l2tp-accept-dialin yes

line in the `tunnel' config?

--yasuoka

Re: OpenBSD official reference book ( like FreeBSD handbook / NetBSD Guide )

[Richard Toohey]

On 05/08/13 16:01, TRUNASUCI TRUNASUCI wrote:

Hi all;

I just wanna ask if there is a project for this official refernce book for all 
users ( if any please inform ). Since i cant find any kind of like this on 
openbsd web. Just my reference is on FAQ and some other doc.

I love to have or if any handbook like this in PDF, so i can download it, and 
use/read it anywhere.

Not "official", but these are good ...

http://www.nostarch.com/obenbsd2e
http://www.nostarch.com/pf2.htm

Both of them (and more) mentioned here:

http://www.openbsd.org/books.html

HTH


So do we have it? if not, is there any plan to do it?

Thank you

TRUNASUCI Arafat
http://trunasuci.pbworks.com

OpenBSD official reference book ( like FreeBSD handbook / NetBSD Guide )

[TRUNASUCI TRUNASUCI]

Hi all;

I just wanna ask if there is a project for this official refernce book for all 
users ( if any please inform ). Since i cant find any kind of like this on 
openbsd web. Just my reference is on FAQ and some other doc.

I love to have or if any handbook like this in PDF, so i can download it, and 
use/read it anywhere.

So do we have it? if not, is there any plan to do it?

Thank you

TRUNASUCI Arafat
http://trunasuci.pbworks.com

Re: OpenBSD 5.3 released May 1, 2013

[SJP Lists]

On 1 May 2013 23:42, Stuart Henderson  wrote:

> 
> May 1, 2013.
>
> We are pleased to announce the official release of OpenBSD 5.3.
> This is our 33rd release on CD-ROM (and 34th via FTP).  We remain
> proud of OpenBSD's record of more than ten years with only two remote
> holes in the default install.
>
> As in our previous releases, 5.3 provides significant improvements,
> including new features, in nearly all areas of the system:
>


Another awesome release!  You guys rock!

Especially love the Full Disk Encryption!

rename(2) and readonly source dir

[Mike Small]

The rename system call in OpenBSD will error with EACCES if you try to
rename a read only directory (test done in non-sticky dir):

$ mkdir testdir
$ chmod 555 testdir
$ mv testdir tdir
mv: rename testdir to tdir: Permission denied
$ ls -ld .
drwxr-xr-x  4 smallm  smallm  512 May  7 22:12 ./

I also tried my own program to make sure this wasn't mv specific:

===
#include 
#include 
#include 
#include 

int
main()
{
mkdir("testdir", 0555);
if (rename("testdir", "tdir") == -1) {
fprintf(stderr, "errno %d: %s\n", errno, strerror(errno));
}
return 0;
}
===
$ ./a.out
errno 13: Permission denied

So I guess this is one of the ways a Unix system is allowed to work, if
I'm reading IEEE 1003.1 as intended:

"[EACCES]  A component of either path prefix denies
search permission; or one of the directories containing old or new
denies write permissions; or, write permission is required and is
denied for a directory pointed to by the old or new
arguments. "

http://www.opengroup.org/onlinepubs/009695399/functions/rename.html


But should OpenBSD's man page mention the case?

$ man -c rename | col -b | grep -C2 EACCES
prefix of to does not exist.

 [EACCES]   A component of either path prefix denies search
permission.

 [EACCES]   The requested link requires writing in a directory
with a mode that denies write permission.

--
file descriptor but it does not reference a directory.

 [EACCES]   The from or to argument specifies a relative path but
search permission is denied for the directory which
the fromfd or tofd file descriptor, respectively,

I noticed this when wondering why test fCmd9.4 fails in the tcl test
suite and reporting its failure, after finding an old bug against
systems with similar rename behaviour:

https://sourceforge.net/tracker/?func=detail&atid=110894&aid=219158&group_id=10894

As a general question of process or etiquette, would you have preferred
that I had written here first before communicating upstream?

-- 
Mike Small
sma...@panix.com

smtpd setup

[Scott]

Greetings all,

I was excited to try out smtpd because of future plans to go away from
webmail. Right after installing 5.3 I followed the directions in man smtpd
to make the switch. smtpd.conf is untouched, but here are the values anyway:

listen on lo0
table aliases db:/etc/mail/aliases.db
accept for local alias  deliver to mbox
accept for any relay

However, sending a test mail to myself yields two different errors. On my
server:
# echo 'test' | mail -s TEST scott
send-mail: command failed: 553 Sender address syntax error

on my desktop:
# echo 'test' | mail -s TEST scott
send-mail: command failed: 550 Invalid recipient

The same test works with sendmail enabled. What have I missed?

-Scott

dmesg (server):
OpenBSD 5.3 (RAMDISK_CD) #51: Tue Mar 12 18:27:15 MDT 2013
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 4292739072 (4093MB)
avail mem = 4158402560 (3965MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.3 @ 0xf (41 entries)
bios0: vendor Sun Microsystems version "2.2.4" date 08/16/2006
bios0: Sun Microsystems Sun Ultra 20 Workstation
acpi0 at bios0: rev 0
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP SSDT SRAT MCFG APIC
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Opteron(tm) Processor 152, 2613.69 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB
64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: AMD erratum 89 present, BIOS upgrade may be required
cpu0: apic clock running at 201MHz
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (HUB0)
pci0 at mainbus0 bus 0
"NVIDIA nForce4 DDR" rev 0xa3 at pci0 dev 0 function 0 not configured
"NVIDIA nForce4 ISA" rev 0xa3 at pci0 dev 1 function 0 not configured
"NVIDIA nForce4 SMBus" rev 0xa2 at pci0 dev 1 function 1 not configured
ohci0 at pci0 dev 2 function 0 "NVIDIA nForce4 USB" rev 0xa2: apic 2 int
20, version 1.0, legacy support
ehci0 at pci0 dev 2 function 1 "NVIDIA nForce4 USB" rev 0xa3: apic 2 int 20
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "NVIDIA EHCI root hub" rev 2.00/1.00 addr 1
"NVIDIA nForce4 AC97" rev 0xa2 at pci0 dev 4 function 0 not configured
pciide0 at pci0 dev 6 function 0 "NVIDIA nForce4 IDE" rev 0xf2: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  ATAPI 5/cdrom
removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 disabled (no drives)
pciide1 at pci0 dev 7 function 0 "NVIDIA nForce4 SATA" rev 0xf3: DMA
pciide1: using apic 2 int 20 for native-PCI interrupt
wd0 at pciide1 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors
wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 6
wd1 at pciide1 channel 1 drive 0: 
wd1: 16-sector PIO, LBA48, 953869MB, 1953525168 sectors
wd1(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 6
pciide2 at pci0 dev 8 function 0 "NVIDIA nForce4 SATA" rev 0xf3: DMA
pciide2: using apic 2 int 20 for native-PCI interrupt
wd2 at pciide2 channel 1 drive 0: 
wd2: 16-sector PIO, LBA48, 953869MB, 1953525168 sectors
wd2(pciide2:1:0): using PIO mode 4, Ultra-DMA mode 6
ppb0 at pci0 dev 9 function 0 "NVIDIA nForce4 PCI-PCI" rev 0xa2
pci1 at ppb0 bus 1
vga1 at pci1 dev 5 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
"VIA VT6306 FireWire" rev 0x80 at pci1 dev 6 function 0 not configured
re0 at pci1 dev 7 function 0 "Linksys EG1032" rev 0x10: RTL8110S (0x0400),
apic 2 int 5, address 00:22:6b:bf:4a:40
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 0
ral0 at pci1 dev 8 function 0 "Ralink RT2760" rev 0x00: apic 2 int 7,
address 00:08:54:97:ff:11
ral0: MAC/BBP RT2860 (rev 0x0102), RF RT2720 (MIMO 1T2R)
nfe0 at pci0 dev 10 function 0 "NVIDIA CK804 LAN" rev 0xa3: apic 2 int 20,
address 00:e0:81:5c:3a:e3
eephy0 at nfe0 phy 1: 88E Gigabit PHY, rev. 2
ppb1 at pci0 dev 11 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci2 at ppb1 bus 2
ppb2 at pci0 dev 12 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci3 at ppb2 bus 3
ppb3 at pci0 dev 13 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci4 at ppb3 bus 4
ppb4 at pci0 dev 14 function 0 "NVIDIA nForce4 PCIE" rev 0xa3
pci5 at ppb4 bus 5
pchb0 at pci0 dev 24 function 0 "AMD AMD64 0Fh HyperTransport" rev 0x00
pchb1 at pci0 dev 24 function 1 "AMD AMD64 0Fh Address Map" rev 0x00
pchb2 at pci0 dev 24 function 2 "AMD AMD64 0Fh DRAM Cfg" rev 0x00
pchb3 at pci0 dev 24 function 3 "AMD AMD64 0Fh Misc Cfg" rev 0x00
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 "NVIDIA OHCI root hub" rev 1.00/1.00 addr 1

Re: Thinkpad X230t convertible and openbsd

[Ted Unangst]

On Tue, May 07, 2013 at 23:47, Edd Barrett wrote:

> I see it has one of those useless intel wireless cards too. Can this be
> swapped out easily? If not I can use my urtwn dongle.

Depends on why you think it's useless. After the first boot, fw_update
will get the firmware for it, and then it should work just fine.

All Lenovo systems have a BIOS whitelist of permitted wireless cards,
although for many laptop models that turns out to be only variants of
iwn anyway.

Re: BCM5720, LACP and CARP serious problem

[Stuart Henderson]

On 2013-05-07, Loïc BLOT  wrote:
> Hello Stuart, ok for the console, (i would tell i use keyboard and
> screen on the server directly, sorry for the mistake :s).
> I can't test this week, because of production (and then i have shutted
> down the server because he interfers with the CARP master and take the
> hand whereas he mustn't...)
> Can i access to this ddb console when server is totally frozen ? And can

You may be able to, it depends on the type of hang.

> i access to ddb console via directly connected keyboard ?

ctrl+alt+escape. But the keyboard may not work after entering DDB
particularly if it's connected via USB (including via an internal-only
USB interface as done on some server hardware even for PS/2 ports).

RS232 serial console is easier to use if you can do it, more chance
of it working after entering DDB, and you can easily copy-and-paste the
output rather than having to transcribe etc.

Thinkpad X230t convertible and openbsd

[Edd Barrett]

Hi,

I'm starting a new job and have the option to choose a new laptop.

I read a lot of papers in PDF form and have been using print/xournal
for anotations. Annotating with the mouse sucks a bit. I wonder if these
convertible thinkpads are any good for this.

Does anyone own this:
http://shop.lenovo.com/gb/en/laptops/thinkpad/x-series/x230t/

Is the touchscreen supported? Does it work well?

Is anything else unsupported?

I see it has one of those useless intel wireless cards too. Can this be
swapped out easily? If not I can use my urtwn dongle.

Cheers

-- 
Best Regards
Edd Barrett

http://www.theunixzoo.co.uk

Re: OT: term "hackathon" trademarked in Germany

[Reiner Jung]

Hi Peter,

it looks like the problem with the usage of "Hackathon is solved". 

>From their own site: http://www.young-targets.com/free-licences/

#

Why?

Because we did not first founded the nonprofit organization “Tech_Hub”
that will manage the revenue for the free tech scene. We went a
different way. We wanted to finance the creation and development of this
platform by license fees. We are aware that we have thereby made us
vulnerable, because you could assume, that we did this for a different
cause.

Thats why we will delete the trademark “hackathon”. 10 companies that
have been asked to license, have been informed that we take distance
from plans to charge royalties.

#

Regards
Reiner

CTO M:Tier Ltd. 


On Tue, 2013-05-07 at 22:49 +0200, Peter N. M. Hansteen wrote:
> A bit late to the party, but here's my take on the situation - 
> 
> http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html
> 
> - Peter

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Stefan Sperling]

On Tue, May 07, 2013 at 09:16:25PM +0200, Stefan Bagdohn wrote:
> Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago? 
> E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch

Right, thanks for pointing that out.
Claudio added this check in 2008. RFC 4861 is older than that.
I should have used cvs blame first. This issue definitely needs
more thought.

Re: OT: term "hackathon" trademarked in Germany

[Juan Francisco Cantero Hurtado]

There is a new update.

"The attempt to take revenue for non-commercial purposes on a licensing
model failed.
[...] we will delete the trademark "hackathon"".

http://www.young-targets.com/free-licences/


On Tue, May 07, 2013 at 10:49:27PM +0200, Peter N. M. Hansteen wrote:
> A bit late to the party, but here's my take on the situation - 
> 
> http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html
> 
> - Peter
> -- 
> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
> "Remember to set the evil bit on all malicious network traffic"
> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

-- 
Juan Francisco Cantero Hurtado http://juanfra.info

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Todd T. Fries]

Penned by Patrik Lundin on 20130507 16:02.25, we have:
| On Tue, May 07, 2013 at 09:16:25PM +0200, Stefan Bagdohn wrote:
| > Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago?
| > E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch
| > 
| 
| Maby something along the lines of the 'nd6_onlink_ns_rfc4861' sysctl
| flag mentioned at
| http://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
| could be used for the odd cases where it's needed?
| 
| Regards,
| Patrik Lundin

This makes the most sense to me.  Otherwise, someone should fix their
broken router.

-- 
Todd Fries .. t...@fries.net

 
|\  1.636.410.0632 (voice)
| Free Daemon Consulting, LLC\  1.405.227.9094 (voice)
| http://FreeDaemonConsulting.com\  1.866.792.3418 (FAX)
| PO Box 16169, Oklahoma City, OK 73113  \  sip:freedae...@ekiga.net
| "..in support of free software solutions." \  sip:4052279...@ekiga.net
 \
 
  37E7 D3EB 74D0 8D66 A68D  B866 0326 204E 3F42 004A
http://todd.fries.net/pgp.txt

NPPPD with intermediate LTS

[Joe Holden]

Hi all,

I'm testing out npppd as a termination device which is being fed from 
existing LACs (in this particular setup, mpd on FreeBSD) - if the LAC 
begins LCP to challenge the client for it's username in order to lookup 
the destination LNS, npppd just repeats the following until it gives up:


2013-05-07 22:29:03:INFO: ppp id=1 layer=chap proto=unknown Received 
chap packet.  But chap is not started
2013-05-07 22:29:05:INFO: ppp id=1 layer=chap proto=unknown Received 
chap packet.  But chap is not started


This is on a test setup currently, but mirrors the behaviour as it would 
see on a real network.


If I blindly switch to npppd all is well, I've got l2tp-lcp-reneg 
enabled but it doesn't seem to make any difference, likewise with force.


Is this known behaviour or am I missing something?

Cheers.

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Patrik Lundin]

On Tue, May 07, 2013 at 09:16:25PM +0200, Stefan Bagdohn wrote:
> Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago?
> E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch
> 

Maby something along the lines of the 'nd6_onlink_ns_rfc4861' sysctl
flag mentioned at
http://www.freebsd.org/security/advisories/FreeBSD-SA-08:10.nd6.asc
could be used for the odd cases where it's needed?

Regards,
Patrik Lundin

Re: OT: term "hackathon" trademarked in Germany

[Peter N. M. Hansteen]

A bit late to the party, but here's my take on the situation - 

http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html

- Peter
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: strange errors on OpenBSD

[Matthew Dempsky]

Please learn to use Gmail's "Reply" and "Reply to all" features.

Re: strange errors on OpenBSD

[Philip Guenther]

On Tue, May 7, 2013 at 12:26 PM, Friedrich Locke
 wrote:
> i would like some here to run the small program in the previous email on a
> OBSD machine acting like a nis client. May you ?

Or, you could stop wasting time and post a ktrace of it on *your*
system and your system's dmesg.


Philip Guenther

strange error on openbsd: program listing

[Friedrich Locke]

Here you have it:

#include 
#include 
#include 
#include 

int
main(int argc, char **argv)
{
struct passwd   *p;
int e;

e = errno, errno = 0;
p = getpwuid(0);
if (errno) {
fprintf(stdout, "errno is: %u\n", errno);
return 127;
}
errno = e;

if (p) fprintf(stdout, "%s\n", p->pw_name);
return 0;
}

strange errors on OpenBSD

[Friedrich Locke]

Hi folks,

i would like some here to run the small program in the previous email on a
OBSD machine acting like a nis client. May you ?

If you did it, let me know you results.

[]s gustavo.

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Stefan Bagdohn]

Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago? 
E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch

Am 07.05.2013 um 18:26 schrieb Stefan Sperling :

> On Tue, May 07, 2013 at 04:48:41PM +0200, Janne Johansson wrote:
>> this patch (stupidly) fixes my problem. I don't like my broken setup,
>> but this works.
> 
> We've determined the RFC doesn't require source addresses in
> neighbour solicitations to be sent from a matching prefix.
> 
> I don't see any reason why responding to such solicitations is bad.
> I agree with removing this check.
> 
>> Index: nd6_nbr.c
>> ===
>> RCS file: /cvs/src/sys/netinet6/nd6_nbr.c,v
>> retrieving revision 1.66
>> diff -u -p -r1.66 nd6_nbr.c
>> --- nd6_nbr.c7 Mar 2013 09:03:16 -   1.66
>> +++ nd6_nbr.c7 May 2013 11:44:56 -
>> @@ -132,17 +132,7 @@ nd6_ns_input(struct mbuf *m, int off, in
>>  "(wrong ip6 dst)\n"));
>>  goto bad;
>>  }
>> -} else {
>> -/*
>> - * Make sure the source address is from a neighbor's address.
>> - */
>> -if (!in6_ifpprefix(ifp, &saddr6)) {
>> -nd6log((LOG_INFO, "nd6_ns_input: "
>> -"NS packet from non-neighbor\n"));
>> -goto bad;
>> -}
>>  }
>> -
>> 
>>  if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
>>  nd6log((LOG_INFO, "nd6_ns_input: bad NS target (multicast)\n"));

Re: chmod(1) Absolute modes section rewrite?

[patrick keshishian]

On Tue, May 7, 2013 at 7:43 AM, Ted Unangst  wrote:
> On Tue, May 07, 2013 at 22:06, f5b wrote:
>> Should  chmod(1) "Absolute modes" section rewrite, adding some text as
>> follows?
>>
>> Value Permission  Directory Listing
>> 0 No read, no write, no execute   ---
>> 1 No read, no write, execute  --x
>> 2 No read, write, no execute  -w-
>> 3 No read, write, execute -wx
>> 4 Read, no write, no execute  r--
>> 5 Read, no write, execute r-x
>> 6 Read, write, no execute rw-
>> 7 Read, write, executerwx
>>
>> From
>> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/permissions.html
>
> It's important to keep the man page ordering that differentiates 700
> from 007. Although there's no reason for the man to list the 7 modes
> as is, since those are constructed by ORing other values.
> I think a combination would be clear:
> 1. Keep existing section, but removing 7 modes.
> 2. Add a table like the above after it.

what problem is this change solving?

--patrick

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Stefan Sperling]

On Tue, May 07, 2013 at 04:48:41PM +0200, Janne Johansson wrote:
> this patch (stupidly) fixes my problem. I don't like my broken setup,
> but this works.

We've determined the RFC doesn't require source addresses in
neighbour solicitations to be sent from a matching prefix.

I don't see any reason why responding to such solicitations is bad.
I agree with removing this check.

> Index: nd6_nbr.c
> ===
> RCS file: /cvs/src/sys/netinet6/nd6_nbr.c,v
> retrieving revision 1.66
> diff -u -p -r1.66 nd6_nbr.c
> --- nd6_nbr.c 7 Mar 2013 09:03:16 -   1.66
> +++ nd6_nbr.c 7 May 2013 11:44:56 -
> @@ -132,17 +132,7 @@ nd6_ns_input(struct mbuf *m, int off, in
>   "(wrong ip6 dst)\n"));
>   goto bad;
>   }
> - } else {
> - /*
> -  * Make sure the source address is from a neighbor's address.
> -  */
> - if (!in6_ifpprefix(ifp, &saddr6)) {
> - nd6log((LOG_INFO, "nd6_ns_input: "
> - "NS packet from non-neighbor\n"));
> - goto bad;
> - }
>   }
> -
> 
>   if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
>   nd6log((LOG_INFO, "nd6_ns_input: bad NS target (multicast)\n"));

virtio doesn't support volumes >2tbytes

[John Morrissey]

newfs(8) fails with EIO on a 3tbyte volume presented via vioblk(4).
Maybe the virtio code is using 32-bit sector counters, since 2tbytes with a
512 byte block size is 2**32, and that's causing the failure.

A 2tbyte volume is fine, and so is the same 3tbyte volume presented as a wd(4).

$ time sudo newfs /dev/rsd8c
newfs: wtfs: write error on block 6442450943: Input/output error
0m0.01s real 0m0.00s user 0m0.01s system

vioblk8 at virtio10
scsibus8 at vioblk8: 2 targets
sd8 at scsibus8 targ 0 lun 0:  SCSI3 0/direct fixed
sd8: 3145728MB, 512 bytes/sector, 6442450944 sectors

john
-- 
John Morrissey  _o/\   __o
j...@horde.net_-< \_  /  \     <  \,
www.horde.net/__(_)/_(_)/\___(_) /_(_)__

Re: Sturdy and secure mail server

[Bruno Flueckiger]

Hi Irek

I had pretty much the same requirements for my mail server at home as 
you have. Over the time I got different mail accounts for different 
purposes. So I wanted to consolidate all the accounts on my own server 
running in my home network. Since several years (and releases) I'm 
running my home mail server under OpenBSD.


The server is not directly reachable as a MX host because I only use a 
DynDNS address to access it from outside through a proxy server (nginx 
for IMAP and SMTP) also running OpenBSD.


My mail server fetches the mails from all accounts via POP3 with 
fetchmail. The mails are delivered to Postfix which acts as the mail 
server for my internal domain at home. Postfix then delivers the mail to 
my personal user account on the server using procmail. Procmail runs 
each mail through ClamAV (antivirus) and SpamAssassin (antispam). Mails 
containing viruses are delivered to /dev/null, mails recognized as spam 
are delivered to the Spam folder. Every other mail is delivered to the 
mail folder specified in the procmail receipt or, if there is no other 
destination specified in .procmailrc, to the INBOX.


All mails are stored in ~/mails which is a Maildir folder structure. I 
prefer Maildir to store mails because it creates a file for each mail. 
This make backup and restore much easier.


I use Courier IMAP to access all my mails through IMAP clients like 
Thunderbird (on all my clients) and - since some days - BlackBerry Z10 
(access from the Internet through the IMAP proxy feature of nginx). This 
way I have always the same sight on my mailbox, no matter which client I 
use. No more manual sync or having mails downloaded to the "wrong" 
client. My Maildir folders also act as the archive for my mails.


All components on my mail server support of course TLS. I've configured 
Postfix and Courier IMAP to support TLS. For this I use my personal PKI. 
It is based on a self-signed root CA with two sub CAs, one for client 
certificates and one for server certificates.


I make an hourly backup of my mails folder using rsync to one of my 
NAS. Additionally there is the daily backup using dump of the whole mail 
server.


I hope my explanations give some ideas about how you could solve your 
problem. Feel free to contact me if you would like to get more details 
about the configuration.


Best regards,
Bruno

Re: strange error on openbsd

[MJ]

Why reinvent the wheel?

[root@black ~]# getent passwd 1
daemon:*:1:1:The devil himself:/root:/sbin/nologin
[root@black ~]#


-mike


On May 7, 2013, at 4:06 AM, Friedrich Locke  wrote:

> Dear list members,
> 
> I am in need to write a simple program to return the passwd entry for a
> given uid number.
> 
> Here you have it:
> 
> #include 
> #include 
> #include 
> #include 
> 
> int
> main(int argc, char **argv)
> {
>struct passwd   *p;
>int e;
> 
>e = errno, errno = 0;
>p = getpwuid(0);
>if (errno) {
>fprintf(stdout, "errno is: %u\n", errno);
>return 127;
>}
>errno = e;
> 
>fprintf(stdout, "%s\n", p->pw_name);
>return 0;
> }
> 
> 
> When i execute it i get this on a openbsd:
> 
> sioux@lion$ ./pw
> errno is: 13
> sioux@lion$
> 
> 
> Any ideia why openbsd implementation of getpwuid returns error ?
> 
> Thanks in advance.

Re: OpenBSD ignoring RFC-compliant IPv6 neighbor solicitation?

[Janne Johansson]

this patch (stupidly) fixes my problem. I don't like my broken setup,
but this works.


Index: nd6_nbr.c
===
RCS file: /cvs/src/sys/netinet6/nd6_nbr.c,v
retrieving revision 1.66
diff -u -p -r1.66 nd6_nbr.c
--- nd6_nbr.c   7 Mar 2013 09:03:16 -   1.66
+++ nd6_nbr.c   7 May 2013 11:44:56 -
@@ -132,17 +132,7 @@ nd6_ns_input(struct mbuf *m, int off, in
"(wrong ip6 dst)\n"));
goto bad;
}
-   } else {
-   /*
-* Make sure the source address is from a neighbor's address.
-*/
-   if (!in6_ifpprefix(ifp, &saddr6)) {
-   nd6log((LOG_INFO, "nd6_ns_input: "
-   "NS packet from non-neighbor\n"));
-   goto bad;
-   }
}
-

if (IN6_IS_ADDR_MULTICAST(&taddr6)) {
nd6log((LOG_INFO, "nd6_ns_input: bad NS target (multicast)\n"));




2013/5/6 Janne Johansson 

> I have now run into this problem also. (which sadly affects
> anoncvs.eu.openbsd.org).
> The router has another ip on a loopback interface somewhere which it
> thinks is it's own "main" v6 ip, and then it sends it as the source ip of
> the solictation.
> This in turn means that my obsd wont respond to the NDP which makes the
> router ignore my box and v6 anoncvs users don't get v6 access. 8-/
>
> 14:21:43.113824 2001:6b0:5:1::151 > ff02::1:ffa9:f5ba: icmp6: neighbor
> sol: who
> has 2001:6b0:5:1825:1c2f:5c1b:dfa9:f5ba
>
> So the network segment is really 2001:6b0:5:1825/64 but the NDP'ing router
> sends from 2001:6b0:5:1::151 instead which isn't inside the prefix of
> course.
>
> Grrr.
>
>
>
>
> 2013/2/12 Stuart Henderson 
>
>> On 2013-02-11, Martin Schmitt  wrote:
>> > Am 11.02.2013 12:12, schrieb Stefan Sperling:
>> >
>> >> I believe the code path you're hitting is this one in
>> netinet6/nd6_nbr.c,
>> >> in nd6_ns_input():
>> >>
>> >>  } else {
>> >>  /*
>> >>   * Make sure the source address is from a neighbor's
>> address.
>> >>   */
>> >>  if (!in6_ifpprefix(ifp, &saddr6)) {
>> >>  nd6log((LOG_INFO, "nd6_ns_input: "
>> >>  "NS packet from non-neighbor\n"));
>> >>  goto bad;
>> >>  }
>> >>  }
>> >
>> > Thanks for your quick response!
>> >
>> > The ISP has now worked around the issue by adding a fixed NDP entry for
>> > my router's address so I can't really test with it, but I have added
>> > another address on the interface, which gives me this, after sysctl
>> > net.inet6.icmp6.nd6_debug=1:
>> >
>> > nd6_ns_input: src=2001:0db8:1234:5678::0009
>> > nd6_ns_input: dst=ff02:0001::0001:ff00:0015
>> > nd6_ns_input: tgt=2001:0db8:1234:5678::0015
>> > nd6_ns_input: NS packet from non-neighbor
>> >
>> >> Have you tried using a /64 netmask at your end of the transfer link,
>> >> instead of the /125?
>> >
>> > I had already tried /123, which made it work. Such a workaround comes
>> > across a bit desperate, because with further expansion of the ISP's IPv6
>> > customer base, further widening of the prefix will be required. I'm not
>> > sure whether this is how the uplink is intended to work and if it has
>> > the potential to do any damage.
>> >
>> > How is your understanding of NDP? Do you think OpenBSD is at fault for
>> > ignoring these solicitations, or do you think the ISP router's OS
>> > selects the wrong source IP? The wording in the RFC is really very terse
>> > and leaves room for interpretation.
>>
>> RFC 4861 says
>>
>>If the source address of the packet prompting the solicitation is the
>>same as one of the addresses assigned to the outgoing interface, that
>>address SHOULD be placed in the IP Source Address of the outgoing
>>solicitation.  Otherwise, any one of the addresses assigned to the
>>interface should be used.
>>
>> so it would seem permissible for another address to appear here.
>> RFC 5942 updates RFC 4861 and to my reading it doesn't change this.
>>
>> NetBSD will have the same problem btw, the check in nd6_nbr.c came
>> from there. The check goes beyond the validation specified by RFC
>> 4861 7.1.1 (by itself this is not necessarily a problem, in some
>> cases it is eminently sensible to be stricter than RFC, but it
>> looks like we may possibly need to relax this here..).
>>
>>
>
>
> --
> May the most significant bit of your life be positive.
>



-- 
May the most significant bit of your life be positive.

Re: chmod(1) Absolute modes section rewrite?

[Ted Unangst]

On Tue, May 07, 2013 at 22:06, f5b wrote:
> Should  chmod(1) "Absolute modes" section rewrite, adding some text as
> follows?
> 
> Value Permission  Directory Listing
> 0 No read, no write, no execute   ---
> 1 No read, no write, execute  --x
> 2 No read, write, no execute  -w-
> 3 No read, write, execute -wx
> 4 Read, no write, no execute  r--
> 5 Read, no write, execute r-x
> 6 Read, write, no execute rw-
> 7 Read, write, executerwx
> 
> From
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/permissions.html

It's important to keep the man page ordering that differentiates 700
from 007. Although there's no reason for the man to list the 7 modes
as is, since those are constructed by ORing other values.
I think a combination would be clear:
1. Keep existing section, but removing 7 modes.
2. Add a table like the above after it.

Re: strange error on openbsd

[Remco]

On Tuesday 07 May 2013 15:45:55 you wrote:
> On Tue, May 07, 2013 at 03:25:04PM +0200, Remco wrote:
> | The way I read the man page on my OpenBSD 5.2 system, as well as on the
> | www.openbsd.org web site, errno has no specific meaning when getpwuid
> | returns. It only tells you whether it succeeded or not, it doesn't say it

Maybe this sentence would have been clearer as follows:
The man page only tells you how to check whether the getpwuid function 
succeeded or not, it doesn't say it

> | sets errno, nor does it provide a clear way to determine why the function
> | didn't succeed. (however, if you're right the man page may be lacking)
>
> Where do you see that ?  errno is not used to tell you wether a call
> succeeded or not.  If a call did not succeed, errno would get set.  If
> a call was successful, it never sets errno.
>
> From intro(2) (get there via the errno(2) mlink):
>
>   When a system call detects an error, it returns an
>   integer value indicating failure (usually -1) and
>   sets the variable errno accordingly.  (This allows
>   interpretation of the failure on receiving a -1
>   and to take action accordingly.)  Successful calls
>   never set errno; once set, it remains until
>   another error occurs.  It should only be examined
>   after an error.
>
> This is how errno should behave across the entire system.  If you find
> a case where this is not true, please report it.
>
> Paul 'WEiRD' de Weerd

It might be that errno gets set by getpwuid by doing system calls behind the 
scenes. However, my point was that errno has no specific meaning when 
getpwuid returns because it does not provide me with any useful context about 
what failed. (And simply put, the man page does not instruct me to check 
errno, so errno cannot have meaning here) Otherwise, if errno does have 
meaning anyway, I think the man page lacks that specific information about 
what errno values could possibly be set.

Apart from being able to tell that some system call failed, I don't really see 
much point in checking errno as a way to check for specific errors upon 
returning from getpwuid.

I feel that the OP's program behaves as expected and the way he checks for 
errors, by not adhering to the instructions in the man page, is simply asking 
for unnecessary trouble.

I hope this clarifies my point.

chmod(1) Absolute modes section rewrite?

[f5b]

Should  chmod(1) "Absolute modes" section rewrite, adding some text as follows?

Value   Permission  Directory Listing
0   No read, no write, no execute   ---
1   No read, no write, execute  --x
2   No read, write, no execute  -w-
3   No read, write, execute -wx
4   Read, no write, no execute  r--
5   Read, no write, execute r-x
6   Read, write, no execute rw-
7   Read, write, executerwx

>From http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/permissions.html

Re: strange error on openbsd

[Paul de Weerd]

On Tue, May 07, 2013 at 03:25:04PM +0200, Remco wrote:
| The way I read the man page on my OpenBSD 5.2 system, as well as on the 
| www.openbsd.org web site, errno has no specific meaning when getpwuid 
| returns. It only tells you whether it succeeded or not, it doesn't say it 
| sets errno, nor does it provide a clear way to determine why the function 
| didn't succeed. (however, if you're right the man page may be lacking)

Where do you see that ?  errno is not used to tell you wether a call
succeeded or not.  If a call did not succeed, errno would get set.  If
a call was successful, it never sets errno.

>From intro(2) (get there via the errno(2) mlink):

When a system call detects an error, it returns an
integer value indicating failure (usually -1) and
sets the variable errno accordingly.  (This allows
interpretation of the failure on receiving a -1
and to take action accordingly.)  Successful calls
never set errno; once set, it remains until
another error occurs.  It should only be examined
after an error.

This is how errno should behave across the entire system.  If you find
a case where this is not true, please report it.

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: BCM5720, LACP and CARP serious problem

[Loïc BLOT]

Hello Stuart, ok for the console, (i would tell i use keyboard and
screen on the server directly, sorry for the mistake :s).
I can't test this week, because of production (and then i have shutted
down the server because he interfers with the CARP master and take the
hand whereas he mustn't...)
Can i access to this ddb console when server is totally frozen ? And can
i access to ddb console via directly connected keyboard ?

--
Best regards,
Loïc BLOT,
UNIX systems, security and network expert
http://www.unix-experience.fr




Le mardi 07 mai 2013 à 13:28 +, Stuart Henderson a écrit :
> On 2013-05-06, Loïc BLOT  wrote:
> > Hello,
> > I use the same stack:
> > Carp on vlan on trunk on physical,
> > There is no backtrace its a complète server freeze (im on a serial), i
would prefer a ddb but there isn't
>
> Can you get into ddb if you send BREAK over serial?
>
> You will need to reboot with ddb.console=1 in sysctl.conf if you don't
> already have it set.

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Re: strange error on openbsd

[Remco]

Philip Guenther wrote:

> On Mon, May 6, 2013 at 6:06 PM, Friedrich Locke
>  wrote:
>> I am in need to write a simple program to return the passwd entry for a
>> given uid number.
>>
>> Here you have it:
>>
>> #include 
>> #include 
>> #include 
>> #include 
>>
>> int
>> main(int argc, char **argv)
>> {
>> struct passwd   *p;
>> int e;
>>
>> e = errno, errno = 0;
>> p = getpwuid(0);
>> if (errno) {
> 
> This isn't right.  To test for whether getpwuid() found an entry for
> the UID, test whether its return value is not NULL.  If it found the
> UID it'll return non-NULL.  If it didn't find the UID but didn't hit
> any error (it could read the passwd file, etc), then it will return
> NULL and not change errno.  Only if it didn't find it because of an
> error will it set errno.
> 

To be clear, are you sure about this ?

The way I read the man page on my OpenBSD 5.2 system, as well as on the 
www.openbsd.org web site, errno has no specific meaning when getpwuid 
returns. It only tells you whether it succeeded or not, it doesn't say it 
sets errno, nor does it provide a clear way to determine why the function 
didn't succeed. (however, if you're right the man page may be lacking)

Xf86-video-qxl on openbsd possible ?

[Jan Lambertz]

Hi,

with virtio drivers and spice-protocol available in 5.3, i wonder if it is
possible to bring the qxl driver to openbsd. I assume this might be quite
difficult. Has someone already started (or given up) doing this ?

Jan

Re: BCM5720, LACP and CARP serious problem

[Stuart Henderson]

On 2013-05-06, Loïc BLOT  wrote:
> Hello,
> I use the same stack:
> Carp on vlan on trunk on physical,
> There is no backtrace its a complète server freeze (im on a serial), i would 
> prefer a ddb but there isn't

Can you get into ddb if you send BREAK over serial?

You will need to reboot with ddb.console=1 in sysctl.conf if you don't
already have it set.

Re: athn error

[Stefan Sperling]

On Tue, May 07, 2013 at 12:07:01PM +0200, Holger Glaess wrote:
> hi
> 
> can someone help me about this error ?
> 
> athn0: could not initialize calibration
> athn0: unable to reset hardware; reset status 60

I'm getting the same error with an AR9485 card. I couldn't yet
figure out what is wrong. I believe that some cards the athn driver
is already attaching to, such as yours, don't actually work yet.

Re: ML 310 G8

[Peter Hessler]

HP usually includes 3 years next-business-day, but you can contact them
for faster response times.

On 2013 May 05 (Sun) at 03:16:33 -0700 (-0700), Steve wrote:
:Hi,
:
:Is anyone running 5.3 on one of these.
:
:Just hoping to get an an idea of
:support before we purchase.
:
:Thanks
:

-- 
Whistler's Law:
You never know who is right, but you always know who is in
charge.

ML 310 G8

[Steve]

Hi,

Is anyone running 5.3 on one of these.

Just hoping to get an an idea of
support before we purchase.

Thanks

Re: strange error on openbsd

[Janne Johansson]

mtree wants them to be:
# grep ^pwd.db /etc/mtree/*
/etc/mtree/special:pwd.db   type=file mode=0444 uname=root
gname=wheel optional



2013/5/7 noah pugsley 

> On Mon, May 6, 2013 at 6:31 PM, Ted Unangst  wrote:
>
> > On Mon, May 06, 2013 at 22:06, Friedrich Locke wrote:
> >
> > > e = errno, errno = 0;
> > > p = getpwuid(0);
> > > if (errno) {
> > > fprintf(stdout, "errno is: %u\n", errno);
> > >
> > > sioux@lion$ ./pw
> > > errno is: 13
> > > sioux@lion$
> > >
> > >
> > > Any ideia why openbsd implementation of getpwuid returns error ?
> >
> > That is not how the man page says you check for getpwuid errors.
> >
> >
> Bad error checking regardless (and whether I'm qualified to comment aside),
> it should have worked. What are the permissions for /etc/pwd.db?
>
>


-- 
May the most significant bit of your life be positive.

athn error

[Holger Glaess]

hi

can someone help me about this error ?

athn0: could not initialize calibration
athn0: unable to reset hardware; reset status 60


dmesg

OpenBSD 5.3 (GENERIC) #50: Tue Mar 12 18:35:23 MDT 2013
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 533 MHz
cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX,3DNOW
real mem  = 528019456 (503MB)
avail mem = 508399616 (484MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/05/02, BIOS32 rev. 0 @ 0xfb510, 
SMBIOS rev. 2.2 @ 0xf0800 (43 entries)

bios0: vendor Phoenix Technologies, LTD version "6.00 PG" date 12/05/2002
bios0: VIA Technologies, Inc. VT8601
apm0 at bios0: Power Management spec V1.2 (slowidle)
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0xdf94
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdeb0/224 (12 entries)
pcibios0: PCI Exclusive IRQs: 5 10 11 14
pcibios0: PCI Interrupt Router at 000:07:0 ("VIA VT82C596A ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xc000 0xcc000/0x4000!
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "VIA VT8601 PCI" rev 0x05
viaagp0 at pchb0: v2
agp0 at viaagp0: aperture at 0xe300, size 0xe40
ppb0 at pci0 dev 1 function 0 "VIA VT82C601 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "Trident CyberBlade i1" rev 0x6a
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 7 function 0 "VIA VT82C686 ISA" rev 0x40
pciide0 at pci0 dev 7 function 1 "VIA VT82C571 IDE" rev 0x06: ATA100, 
channel 0 configured to compatibility, channel 1 configured to compatibility

pciide0: channel 0 ignored (disabled)
wd0 at pciide0 channel 1 drive 0: 
wd0: 1-sector PIO, LBA, 15296MB, 31326208 sectors
wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4
uhci0 at pci0 dev 7 function 2 "VIA VT83C572 USB" rev 0x1a: irq 5
viapm0 at pci0 dev 7 function 4 "VIA VT82C686 SMBus" rev 0x40: SMI
iic0 at viapm0
iic0: addr 0x2d 00=01 01=84 02=07 03=ff 04=ff 07=a0 08=ad 09=ad 0b=15 
13=7f 14=54 15=f1 16=c5 17=8a 1d=cc 1e=1d 1f=7f 20=aa 21=b4 22=67 23=d3 
24=d7 25=c4 26=d5 27=7f 28=7f 2a=3b 2b=ff 2d=d6 2e=c1 2f=d4 30=bf 31=cd 
32=ba 33=cb 34=b8 35=b5 36=87 37=1d 38=90 39=ff 3b=01 3c=1d 3d=ff 3f=a2 
40=01 43=ff 44=ff 47=a0 48=ad 49=ad 4b=15 53=7e 54=9c 55=f1 56=40 57=80 
5d=cc 5e=1d 5f=7f 60=aa 61=b4 62=67 63=d3 64=d7 65=c4 66=d5 67=7f 68=7f 
6a=3b 6b=ff 6d=d6 6e=c1 6f=d4 70=bf 71=cd 72=ba 73=cb 74=b8 75=b5 76=87 
77=1d 78=90 79=ff 7b=01 7c=1d 7d=ff 7f=a2 80=01 83=ff 84=ff 87=a0 88=ad 
89=ad 8b=15 93=55 94=30 95=f1 96=44 97=81 9d=cc 9e=1d 9f=7f a0=aa a1=b4 
a2=67 a3=d3 a4=d7 a5=c4 a6=d5 a7=7f a8=7f aa=3b ab=ff ad=d6 ae=c1 af=d4 
b0=bf b1=cd b2=ba b3=cb b4=b8 b5=b5 b6=87 b7=1d b8=90 b9=ff bb=01 bc=1d 
bd=ff bf=a2 c0=01 c3=ff c4=ff c7=a0 c8=ad c9=ad cb=15 d3=55 d4=2e d5=f1 
d6=49 d7=81 dd=cc de=1d df=7f e0=aa e1=b4 e2=67 e3=d3 e4=d7 e5=c4 e6=d5 
e7=7f e8=7f ea=3b eb=ff ed=d6 ee=c1 ef=d4 f0=bf f1=cd f2=ba f3=cb f4=b8 
f5=b5 f6=87 f7=1d f8=90 f9=ff fb=01 fc=1d fd=ff ff=a2 words 00=01ff 
01=00ff 02=00ff 03= 04= 05=00ff 06=00ff 07=a0ff

spdmem0 at iic0 addr 0x50: 512MB SDRAM non-parity PC66
viapm0: 24-bit timer at 3579545Hz
re0 at pci0 dev 9 function 0 "Realtek 8139" rev 0x20: RTL8139C+ 
(0x7480), irq 11, address 00:90:fb:04:46:04

rlphy0 at re0 phy 0: RTL internal PHY
re1 at pci0 dev 10 function 0 "Realtek 8139" rev 0x20: RTL8139C+ 
(0x7480), irq 5, address 00:90:fb:04:46:03

rlphy1 at re1 phy 0: RTL internal PHY
re2 at pci0 dev 11 function 0 "Realtek 8139" rev 0x20: RTL8139C+ 
(0x7480), irq 14, address 00:90:fb:04:46:02

rlphy2 at re2 phy 0: RTL internal PHY
re3 at pci0 dev 12 function 0 "Realtek 8139" rev 0x20: RTL8139C+ 
(0x7480), irq 10, address 00:90:fb:04:46:01

rlphy3 at re3 phy 0: RTL internal PHY
re4 at pci0 dev 13 function 0 "Realtek 8139" rev 0x20: RTL8139C+ 
(0x7480), irq 11, address 00:90:fb:04:46:00

rlphy4 at re4 phy 0: RTL internal PHY
athn0 at pci0 dev 20 function 0 "Atheros AR9227" rev 0x01: irq 10
athn0: AR9287 rev 2 (2T2R), ROM rev 4, address f8:d1:11:38:45:19
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 "VIA UHCI root hub" rev 1.00/1.00 addr 1
mtrr: Pentium Pro MTRR support
umass0 at uhub0 port 1 configuration 1 interface 0 "BUFFALO ClipDrive" 
rev 2.00/2.00 addr 2

umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0:  SCSI2 0/direct 
removable serial.0ea02168071560100149

sd0: 125MB, 512 bytes/sector, 256000 sectors
vscsi0 at root
scsibus1 at vscsi0: 256 targets
sof