Re: GNOME on OpenBSD 5.3 amd64
On 10/10/13 18:13, obsd, cgi wrote: Hi! "External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below." -->> I went to openbsd.org, typed GNOME in the search form: - the first hit was a PDF from 2007 - all the remaining were regarding packages What now? Can you please point out where is the "official GNOME install documentation for 5.3"? or no one uses GNOME with 5.3 on the misc list? ps.: I found that other people have problems with GNOME on 5.3, maybe it's a bug? ( http://community.spiceworks.com/topic/349701-gnome-on-openbsd-5-3-amd64 ) Thanks UPDATE: oh, ok I just read the bottom part: "don't use virtualbox." - so the bug comes out when using virtualbox?, ok, Thanks! I will try it with other VM's or directly! 2013/10/9 Jérémie Courrèges-Anglas "obsd, cgi" writes: I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on VirtualBox), see the howto below. But after the howto, reboot, startx with a normal user: https://i.imgur.com/MaT8lcW.png Xorg.0.log https://pastee.org/p8ppa # original: http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-disp lay-manager-on-openbsd-4-8/ External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below. --- when installing: -g* --- echo 'export PKG_PATH= ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' ~/.profile; . ~/.profile pkg_add -i -vv gnome-session gdm # if there was "Can't install foo" message, try the pkg_add line again --- vi /etc/rc.local Append/modify the following lines in /etc/rc.local: if [ -x /usr/local/sbin/gdm ]; then echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) & fi --- echo 'exec gnome-session' > /root/.xinitrc; chmod +x /root/.xinitrc exit echo 'exec gnome-session' > .xinitrc; chmod +x .xinitrc --- pkg_add -i -vv metacity pkg_add -i -vv gnome-panel pkg_add -i -vv nautilus --- vi /etc/rc.conf.local Append/modify the following lines : xdm_flags=NO gnome_enable=YES gdm_enable=YES --- pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus gnome-settings-daemon gnome-themes-standard # for some reason, these aren't found: gnome-themes-extras gnome-utils gnome-applets2 gnome-system-monitor gnome-nettool --- So the question is anybody has a working howto for installing GNOME on OpenBSD? Just so that Antoine doesn't feel forced to send another mail about this recurring subject: pkg_add gnome, *read* the various readmes, don't use virtualbox. Did you look in the archives - e.g. marc.info is a good place to search? e.g. http://marc.info/?l=openbsd-misc&m=135275664028541&w=2 Don't use Gnome on OpenBSD these days, but used to without problems. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: GNOME on OpenBSD 5.3 amd64
"obsd, cgi" writes: > Hi! > > "External tutorial for 4.8 vs. official documentation for 5.3. > This leads to the nonsense you've done to your 5.3 system below." > > -->> > > I went to openbsd.org, typed GNOME in the search form: > - the first hit was a PDF from 2007 > - all the remaining were regarding packages Very few (if any) external software packages are documented on the website. > What now? Can you please point out where is the "official GNOME install > documentation for 5.3"? or no one uses GNOME with 5.3 on the misc list? "pkg_add gnome, *read* the various readmes, ..." The OpenBSD-specific documentation is either printed on screen at pkg_add time or installed at /usr/local/share/doc/pkg-readmes/$package (you *need* to read. pkg_add doesn't spit out information for fun). > ps.: I found that other people have problems with GNOME on 5.3, maybe it's > a bug? ( > http://community.spiceworks.com/topic/349701-gnome-on-openbsd-5-3-amd64 ) I don't think this page is of any value, neither for the OpenBSD porters nor for you... > Thanks > > UPDATE: oh, ok I just read the bottom part: "don't use virtualbox." - so > the bug comes out when using virtualbox?, ok, Thanks! I will try it with > other VM's or directly! Getting an accelerated Xorg using virtualbox is afaik not possible. If you want gnome-shell, don't use vb or a non-intel graphics card (on 5.3, that is). [...] -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: GNOME on OpenBSD 5.3 amd64
Hi! "External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below." -->> I went to openbsd.org, typed GNOME in the search form: - the first hit was a PDF from 2007 - all the remaining were regarding packages What now? Can you please point out where is the "official GNOME install documentation for 5.3"? or no one uses GNOME with 5.3 on the misc list? ps.: I found that other people have problems with GNOME on 5.3, maybe it's a bug? ( http://community.spiceworks.com/topic/349701-gnome-on-openbsd-5-3-amd64 ) Thanks UPDATE: oh, ok I just read the bottom part: "don't use virtualbox." - so the bug comes out when using virtualbox?, ok, Thanks! I will try it with other VM's or directly! 2013/10/9 Jérémie Courrèges-Anglas > "obsd, cgi" writes: > > > I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on > > VirtualBox), see the howto below. > > > > But after the howto, reboot, startx with a normal user: > > https://i.imgur.com/MaT8lcW.png > > > > Xorg.0.log > > https://pastee.org/p8ppa > > > > # original: > > > http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-disp lay-manager-on-openbsd-4-8/ > > External tutorial for 4.8 vs. official documentation for 5.3. > This leads to the nonsense you've done to your 5.3 system below. > > > --- > > > > when installing: > > -g* > > > > --- > > > > echo 'export PKG_PATH= > ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' > >>> ~/.profile; . ~/.profile > > pkg_add -i -vv gnome-session gdm > > # if there was "Can't install foo" message, try the pkg_add line again > > > > --- > > > > vi /etc/rc.local > > > > Append/modify the following lines in /etc/rc.local: > > > > if [ -x /usr/local/sbin/gdm ]; then > > echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) & > > fi > > > > --- > > > > echo 'exec gnome-session' > /root/.xinitrc; chmod +x /root/.xinitrc > > exit > > echo 'exec gnome-session' > .xinitrc; chmod +x .xinitrc > > > > --- > > > > pkg_add -i -vv metacity > > pkg_add -i -vv gnome-panel > > pkg_add -i -vv nautilus > > > > --- > > > > vi /etc/rc.conf.local > > > > Append/modify the following lines : > > > > xdm_flags=NO > > gnome_enable=YES > > gdm_enable=YES > > > > --- > > > > pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus > > gnome-settings-daemon gnome-themes-standard > > # for some reason, these aren't found: gnome-themes-extras gnome-utils > > gnome-applets2 gnome-system-monitor gnome-nettool > > > > --- > > > > So the question is anybody has a working howto for installing GNOME on > > OpenBSD? > > Just so that Antoine doesn't feel forced to send another mail about this > recurring subject: pkg_add gnome, *read* the various readmes, don't use > virtualbox. > > -- > jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: why icmp timestamping is enabled by default ?
> > it turned out that OpenBSD allows icmp timestamping by default: > > > > net.inet.icmp.tstamprepl=1 > > > > what was that done for ? > > well, why not? > > if you have some program vulnerable to a "the attacker knows the time" > attack, i don't think turning off icmp timestamps will save you. the > attacker could reasonably guess that your system time is going to be > close to his system time. unless you are going to deliberately set the > clock wrong on all your systems. fixing the vulnerability seems like a > better idea. there is also this thing called ntp that is becoming rather common. if you're not doing time distribution to your systems, ah, i see the problem.
Re: why icmp timestamping is enabled by default ?
On Thu, Oct 10, 2013 at 09:21, Илья Шипицин wrote: > it turned out that OpenBSD allows icmp timestamping by default: > > net.inet.icmp.tstamprepl=1 > > what was that done for ? well, why not? if you have some program vulnerable to a "the attacker knows the time" attack, i don't think turning off icmp timestamps will save you. the attacker could reasonably guess that your system time is going to be close to his system time. unless you are going to deliberately set the clock wrong on all your systems. fixing the vulnerability seems like a better idea.
why icmp timestamping is enabled by default ?
Hello! it turned out that OpenBSD allows icmp timestamping by default: net.inet.icmp.tstamprepl=1 what was that done for ? Cheers, Ilya Shipitsin
No console output on 5.4-Current
Just installed the Oct 3rd snapshot on my desktop. During the boot process it loses console output and just shows a blank screen. The screen doesn't go into power saving - just no output. At first I though the machine froze, but it continued running and I was able to SSH into the machine. Here is the DMESG. Looks like some issues with DRM. At a bit of a loss on the next troubleshooting steps, any ideas? -Bryan OpenBSD 5.4-current (GENERIC.MP) #65: Thu Oct 3 18:48:14 MDT 2013 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 6424166400 (6126MB) avail mem = 6245064704 (5955MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0x9f400 (68 entries) bios0: vendor American Megatrends Inc. version "1005" date 08/24/2010 bios0: ASUSTeK Computer INC. M4A87TD EVO acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG OEMB SRAT HPET SSDT acpi0: wakeup devices PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) PCE7(S4) PCE9(S4) PCEA(S4) PCEB(S4) PCEC(S4) SBAZ(S4) P0PC(S4) UHC1(S4) UHC2(S4) USB3(S4) UHC4(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Phenom(tm) II X4 925 Processor, 2809.76 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache, 6MB 64b/line 48-way L3 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu0: AMD erratum 721 detected and fixed cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 200MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Phenom(tm) II X4 925 Processor, 2809.44 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache, 6MB 64b/line 48-way L3 cache cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu1: AMD erratum 721 detected and fixed cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: AMD Phenom(tm) II X4 925 Processor, 2809.44 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache, 6MB 64b/line 48-way L3 cache cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu2: AMD erratum 721 detected and fixed cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: AMD Phenom(tm) II X4 925 Processor, 2809.44 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache, 6MB 64b/line 48-way L3 cache cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu3: AMD erratum 721 detected and fixed cpu3: smt 0, core 3, package 0 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318180 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (PCE2) acpiprt2 at acpi0: bus -1 (PCE3) acpiprt3 at acpi0: bus -1 (PCE4) acpiprt4 at acpi0: bus -1 (PCE5) acpiprt5 at acpi0: bus -1 (PCE6) acpiprt6 at acpi0: bus -1 (PCE7) acpiprt7 at acpi0: bus 4 (PCE9) acpiprt8 at acpi0: bus 3 (PCEA) acpiprt9 at acpi0: bus -1 (PCEB) acpiprt10 at acpi0: bus -1 (PCEC) acpiprt11 at acpi0: bus 2 (P0PC) acpiprt12 at acpi0: bus 1 (PE20) acpiprt13 at acpi0: bus -1 (PE21) acpiprt14 at acpi0: bus -1 (PE22) acpiprt15 at acpi0: bus -1 (PE23) acpiec0 at acpi0 acpicpu0 at acpi0: PSS acpicpu1 at acpi0: PSS acpicpu2 at acpi0: PSS acpicpu3 at acpi0: PSS aibs0 at acpi0: GGRP GITM SITM acpibtn0 at acpi0: PWRB cpu0: 2809 MHz: speeds: 2800 2100 1600 800 MHz pci0 at mainbus0 bus 0 0:0:0: mem address conflict 0xe000/0x2000 pchb0 at pci0 dev 0 function 0 "ATI RX780 Host" rev 0x00 ppb0
Re: Help vote for OpenBSD
Keep them coming guys! Couple hundred more and OpenBSD will top the list: https://digitalocean.uservoice.com/forums/136585-digital-ocean/filters/top Would be great PR for OpenBSD too. On 9. oktober 2013 at 9:45 PM, "Stuart Henderson" wrote: > > On 2013-10-09, openda...@hushmail.com wrote: > >> Basically it's the only SSD cloud hosting provider >> (https://www.youtube.com/watch?v=vHZLCahai4Q) in existance > > No it isn't. Do share. O.D.
Re: Best OpenBSD cloud hosting?
On 9. oktober 2013 at 7:06 PM, "Dorian H." wrote: > >I've got a few OpenBSD boxes running at TransIP, very satisfied >about it. QEMU/KVM based, and they recently added a new feature, 'private >networks' between two or more VPS's. > >It might not explicitly have the label 'cloud' attached to it, but >still very nice; and quite cheap as well. TransIP's OpenBSD boxes do not have virtio. Have you tried running I/O intensive tasks on your servers to see how they compare to normal servers? O.D.
Re: Upgrading by installing post time_t snapshot
No, if being static was enough you wouldn't need to copy /sbin/reboot. Static binaries only help when library ABIs change, not the kernel syscall ABI. The kernel ABI has changed. By unpacking base*.tgz you have replaced the binaries in /sbin with copies that expect a new kernel, but you are still running the old kernel. In principle you can't safely run anything you have unpacked from the new base*.tgz because they expect a newer kernel than you are running. That's why you need to save a copy of the old /sbin/reboot that matches the running kernel - the new /sbin/reboot won't work. Things that are already in memory should mostly be fine because they were started (that is, the running binary was loaded from disk) before you replaced the files. They won't always work though, for example if you try to create a new tmux window it will try to run /bin/ksh which has been replaced and won't start. After you have unpacked the new sets, you should not expect anything except /sbin/oreboot to work. Why that actually doesn't work for you is a mystery. On Wed, Oct 09, 2013 at 03:56:49PM -0600, Jeff Ross wrote: > Speaking of failing internet...using my phone... > > All of the programs at the end of my script are static binaries, either in > /bin or /usr/sbin, so they should work, right? Yet nothing ran, ls and cat > both failed with the bad system call error. > > I only have one version of my script. It doesn't call tmux nor did I kill > the tmux server. > > Interesting! Thanks for replying. > > Jeff > Sent from my iPhone, > Reluctantly hunting and pecking on a virtual keyboard :-) > > > On Oct 9, 2013, at 3:19 PM, Nicholas Marriott > > wrote: > > > > So long as tmux is running and attached it is already in memory and > > replacing the binary on disk should have no effect. > > > > Also ksh is still ksh even if it's inside tmux. tmux is not a > > shell. Once your script is going then whether you are running it inside > > tmux or not should make no difference. Assuming the script doesn't > > itself invoke tmux and you don't do anything to kill the tmux server. > > > > Your script is running rm, sync, pwd_mkdb and cp after replacing them so > > I guess they it is expected they will fail. > > > > No idea why oreboot is failing. > > > > Are you sure you aren't running an old version of the script by > > accident, or something like that? > > > > > >> On Wed, Oct 09, 2013 at 02:47:52PM -0600, Jeff Ross wrote: > >>> On 10/9/13 1:29 PM, Nick Holland wrote: > On 10/09/2013 02:43 PM, Jeff Ross wrote: > I've got to upgrade some remote machines that I only have access > via ssh. > > I've been using a script based on the "Upgrade without install kernel" > for years. I modified it slightly for this upgrade by adding > > /usr/sbin/pwd_mkdb /etc/master.passwd > > to /etc/rc.local so the password databases can be updated and I can log > in after the first reboot. > > But how do I make the remote system reboot? Attempting to use the > /sbin/oreboot file I made in accordance to the "Upgrade without install > kernel" method fails with a "Bad system call (core dump)" error, as does > trying *any* command after base is extracted. > >>> > >>> I think you are doing something wrong here... > >>> /sbin/oreboot should be the old binary, which should -- and can! > >>> -- run on the old kernel. > >>> > >>> I just did this last night, so I know it can work. :) > >>> > >>> Are you using standard, supplied shells, such as ksh, sh, or csh? > >>> I could imagine that bash or something else would get really > >>> really unhappy there, but ksh et al. should be fully resident in > >>> RAM. > >>> > >>> or did you happen to try "sudo oreboot"? that also would be > >>> expected to not work, not because of oreboot, but because of sudo. > >>> > >>> Do an ls -l /sbin/*reboot, I think your /sbin/oreboot isn't what > >>> you are thinking it is. > >>> > >>> Nick. > >> Hi Nick! > >> > >> Just the person I was hoping to hear chime in! > >> > >> Standard ksh shell, as root, although I got there via sudo. > >> > >> I for sure thought it was odd, but actually on 4 separate systems > >> I've had reboot fail. The first was my little netbook in my lap, > >> but that was not problem because I could physically access the > >> keyboard. The next was half of another pair of CARPed firewalls--I > >> have yet to get someone in there to fix that--and then the CARPed > >> pair at my work--yesterday for one and this morning for the other. > >> > >> Here is the output of ls -l /sbin/*reboot > >> > >> jross@samsara1:/home/jross $ ls -l /sbin/*reboot > >> -r-xr-xr-x 1 root wheel 189236 Oct 8 13:42 /sbin/oreboot > >> -r-xr-xr-x 2 root bin193332 Oct 1 11:46 /sbin/reboot > >> > >> The oreboot is the copy of the previous /sbin/reboot--and the size > >> matches exactly the /sbin/reboot file on another system from about a > >> month before the time_
growfs - thanks!
Thanks for growfs - phew me@small-host$ sudo umount /var/growing-app operator@larger-host$ ssh small-host dump -0anu -f - -h 0 /dev/rwd1f | dd of=small-host_var_growing-app.dump operator@larger-host$ chflags nodump small-host_var_growing-app.dump operator@larger-host$ restore -if small-host_var_growing-app.dump # just checking... me@small-host$ disklabel -p G wd1 me@small-host$ sudo disklabel -E wd1 # increase the partition size with 'm f', then 'w', 'q' me@small-host$ growfs -N /dev/rwd1f me@small-host$ sudo growfs /dev/rwd1f me@small-host$ sudo fsck /dev/wd1f me@small-host$ sudo mount /var/growing-app me@small-host$ df me@small-host$ ls -lR /var/growing-app operator@larger-host$ rm small-host_var_growing-app.dump Happy, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: Upgrading by installing post time_t snapshot
Ah, sure that makes perfect sense. I'll have to gather up someone to run the power button on the other servers that need upgrading. Thanks! Sent from my iPhone, Reluctantly hunting and pecking on a virtual keyboard :-) > On Oct 9, 2013, at 4:20 PM, Paul de Weerd wrote: > > On Wed, Oct 09, 2013 at 03:56:49PM -0600, Jeff Ross wrote: > | Speaking of failing internet...using my phone... > | > | All of the programs at the end of my script are static binaries, > | either in /bin or /usr/sbin, so they should work, right? Yet nothing > | ran, ls and cat both failed with the bad system call error. > > All of these programs have just been replaced with newer versions that > have a different idea of which system call does what compared to the > old situation (the one your running kernel knows about). These > binaries being static or dynamic is irrelevant. Only the old ones are > capable of still running, that's why you copy /sbin/reboot to > /sbin/oreboot. > > Note that the oreboot trick isn't perfect: a proper shutdown will try > to nicely stop things (do you have stuff in /etc/rc.shutdown?) that > may fail too. > > The only guarranteed way to not fuck this up is to shutdown the > system and boot an upgrade kernel (e.g. bsd.rd). > > Paul 'WEiRD' de Weerd > > -- >> [<++>-]<+++.>+++[<-->-]<.>+++[<+ > +++>-]<.>++[<>-]<+.--.[-] > http://www.weirdnet.nl/
Re: Upgrading by installing post time_t snapshot
On Wed, Oct 09, 2013 at 03:56:49PM -0600, Jeff Ross wrote: | Speaking of failing internet...using my phone... | | All of the programs at the end of my script are static binaries, | either in /bin or /usr/sbin, so they should work, right? Yet nothing | ran, ls and cat both failed with the bad system call error. All of these programs have just been replaced with newer versions that have a different idea of which system call does what compared to the old situation (the one your running kernel knows about). These binaries being static or dynamic is irrelevant. Only the old ones are capable of still running, that's why you copy /sbin/reboot to /sbin/oreboot. Note that the oreboot trick isn't perfect: a proper shutdown will try to nicely stop things (do you have stuff in /etc/rc.shutdown?) that may fail too. The only guarranteed way to not fuck this up is to shutdown the system and boot an upgrade kernel (e.g. bsd.rd). Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: Upgrading by installing post time_t snapshot
Speaking of failing internet...using my phone...
All of the programs at the end of my script are static binaries, either in /bin
or /usr/sbin, so they should work, right? Yet nothing ran, ls and cat both
failed with the bad system call error.
I only have one version of my script. It doesn't call tmux nor did I kill the
tmux server.
Interesting! Thanks for replying.
Jeff
Sent from my iPhone,
Reluctantly hunting and pecking on a virtual keyboard :-)
> On Oct 9, 2013, at 3:19 PM, Nicholas Marriott
> wrote:
>
> So long as tmux is running and attached it is already in memory and
> replacing the binary on disk should have no effect.
>
> Also ksh is still ksh even if it's inside tmux. tmux is not a
> shell. Once your script is going then whether you are running it inside
> tmux or not should make no difference. Assuming the script doesn't
> itself invoke tmux and you don't do anything to kill the tmux server.
>
> Your script is running rm, sync, pwd_mkdb and cp after replacing them so
> I guess they it is expected they will fail.
>
> No idea why oreboot is failing.
>
> Are you sure you aren't running an old version of the script by
> accident, or something like that?
>
>
>> On Wed, Oct 09, 2013 at 02:47:52PM -0600, Jeff Ross wrote:
>>> On 10/9/13 1:29 PM, Nick Holland wrote:
On 10/09/2013 02:43 PM, Jeff Ross wrote:
I've got to upgrade some remote machines that I only have access
via ssh.
I've been using a script based on the "Upgrade without install kernel"
for years. I modified it slightly for this upgrade by adding
/usr/sbin/pwd_mkdb /etc/master.passwd
to /etc/rc.local so the password databases can be updated and I can log
in after the first reboot.
But how do I make the remote system reboot? Attempting to use the
/sbin/oreboot file I made in accordance to the "Upgrade without install
kernel" method fails with a "Bad system call (core dump)" error, as does
trying *any* command after base is extracted.
>>>
>>> I think you are doing something wrong here...
>>> /sbin/oreboot should be the old binary, which should -- and can!
>>> -- run on the old kernel.
>>>
>>> I just did this last night, so I know it can work. :)
>>>
>>> Are you using standard, supplied shells, such as ksh, sh, or csh?
>>> I could imagine that bash or something else would get really
>>> really unhappy there, but ksh et al. should be fully resident in
>>> RAM.
>>>
>>> or did you happen to try "sudo oreboot"? that also would be
>>> expected to not work, not because of oreboot, but because of sudo.
>>>
>>> Do an ls -l /sbin/*reboot, I think your /sbin/oreboot isn't what
>>> you are thinking it is.
>>>
>>> Nick.
>> Hi Nick!
>>
>> Just the person I was hoping to hear chime in!
>>
>> Standard ksh shell, as root, although I got there via sudo.
>>
>> I for sure thought it was odd, but actually on 4 separate systems
>> I've had reboot fail. The first was my little netbook in my lap,
>> but that was not problem because I could physically access the
>> keyboard. The next was half of another pair of CARPed firewalls--I
>> have yet to get someone in there to fix that--and then the CARPed
>> pair at my work--yesterday for one and this morning for the other.
>>
>> Here is the output of ls -l /sbin/*reboot
>>
>> jross@samsara1:/home/jross $ ls -l /sbin/*reboot
>> -r-xr-xr-x 1 root wheel 189236 Oct 8 13:42 /sbin/oreboot
>> -r-xr-xr-x 2 root bin193332 Oct 1 11:46 /sbin/reboot
>>
>> The oreboot is the copy of the previous /sbin/reboot--and the size
>> matches exactly the /sbin/reboot file on another system from about a
>> month before the time_t change.
>>
>> Here's my update script from the first system I tried to upgrade at
>> work. In this case I tried running pwd_mkdb (since I'd checked that
>> it was a static binary) before rebooting.
>>
>> Every command after the extracting base failed.
>>
>> #!/bin/sh
>> path=/usr/releasedir/
>>
>> export RELEASEPATH=$path # where you put the files
>> cd ${RELEASEPATH}
>> rm /obsd ; ln /bsd /obsd && cp bsd.mp /nbsd && mv /nbsd /bsd
>> cp bsd.rd /
>> cp bsd /bsd.sp
>>
>> rm -rf /usr/X11R6/lib/modules/*
>>
>> cp /sbin/reboot /sbin/oreboot
>> files="xserv xfont xshare xetc xbase game comp man base"
>> for i in $files
>> do
>>echo $i
>>tar -C / -xzphf $i*
>>rm -f $i*
>>sync
>>done
>> /usr/sbin/pwd_mkdb /etc/master.passwd
>> cp /dev/null /var/log/lastlog
>> cp /dev/null /var/log/wtmp
>> /sbin/oreboot
>>
>>
>> However, it just occurred to me that I was in a tmux shell as
>> root--so it was *not* ksh! I'll bet it was tmux that was croaking!
>> I've gotten in the habit of using tmux since it's been in base so if
>> my internet connection drops the script doesn't stop, leaving the
>> whole system in an inconsistent state--which I had happen about
>> halfway through extracting base one time.
>>
>> Hmm--should (
Re: Help vote for OpenBSD
On 2013-10-09, openda...@hushmail.com wrote: > Basically it's the only SSD cloud hosting provider > (https://www.youtube.com/watch?v=vHZLCahai4Q) in existance No it isn't.
Re: Upgrading by installing post time_t snapshot
So long as tmux is running and attached it is already in memory and
replacing the binary on disk should have no effect.
Also ksh is still ksh even if it's inside tmux. tmux is not a
shell. Once your script is going then whether you are running it inside
tmux or not should make no difference. Assuming the script doesn't
itself invoke tmux and you don't do anything to kill the tmux server.
Your script is running rm, sync, pwd_mkdb and cp after replacing them so
I guess they it is expected they will fail.
No idea why oreboot is failing.
Are you sure you aren't running an old version of the script by
accident, or something like that?
On Wed, Oct 09, 2013 at 02:47:52PM -0600, Jeff Ross wrote:
> On 10/9/13 1:29 PM, Nick Holland wrote:
> >On 10/09/2013 02:43 PM, Jeff Ross wrote:
> >>I've got to upgrade some remote machines that I only have access
> >>via ssh.
> >>
> >>I've been using a script based on the "Upgrade without install kernel"
> >>for years. I modified it slightly for this upgrade by adding
> >>
> >> /usr/sbin/pwd_mkdb /etc/master.passwd
> >>
> >>to /etc/rc.local so the password databases can be updated and I can log
> >>in after the first reboot.
> >>
> >>But how do I make the remote system reboot? Attempting to use the
> >>/sbin/oreboot file I made in accordance to the "Upgrade without install
> >>kernel" method fails with a "Bad system call (core dump)" error, as does
> >>trying *any* command after base is extracted.
> >
> >I think you are doing something wrong here...
> >/sbin/oreboot should be the old binary, which should -- and can!
> >-- run on the old kernel.
> >
> >I just did this last night, so I know it can work. :)
> >
> >Are you using standard, supplied shells, such as ksh, sh, or csh?
> >I could imagine that bash or something else would get really
> >really unhappy there, but ksh et al. should be fully resident in
> >RAM.
> >
> >or did you happen to try "sudo oreboot"? that also would be
> >expected to not work, not because of oreboot, but because of sudo.
> >
> >Do an ls -l /sbin/*reboot, I think your /sbin/oreboot isn't what
> >you are thinking it is.
> >
> >Nick.
> >
> Hi Nick!
>
> Just the person I was hoping to hear chime in!
>
> Standard ksh shell, as root, although I got there via sudo.
>
> I for sure thought it was odd, but actually on 4 separate systems
> I've had reboot fail. The first was my little netbook in my lap,
> but that was not problem because I could physically access the
> keyboard. The next was half of another pair of CARPed firewalls--I
> have yet to get someone in there to fix that--and then the CARPed
> pair at my work--yesterday for one and this morning for the other.
>
> Here is the output of ls -l /sbin/*reboot
>
> jross@samsara1:/home/jross $ ls -l /sbin/*reboot
> -r-xr-xr-x 1 root wheel 189236 Oct 8 13:42 /sbin/oreboot
> -r-xr-xr-x 2 root bin193332 Oct 1 11:46 /sbin/reboot
>
> The oreboot is the copy of the previous /sbin/reboot--and the size
> matches exactly the /sbin/reboot file on another system from about a
> month before the time_t change.
>
> Here's my update script from the first system I tried to upgrade at
> work. In this case I tried running pwd_mkdb (since I'd checked that
> it was a static binary) before rebooting.
>
> Every command after the extracting base failed.
>
> #!/bin/sh
> path=/usr/releasedir/
>
> export RELEASEPATH=$path # where you put the files
> cd ${RELEASEPATH}
> rm /obsd ; ln /bsd /obsd && cp bsd.mp /nbsd && mv /nbsd /bsd
> cp bsd.rd /
> cp bsd /bsd.sp
>
> rm -rf /usr/X11R6/lib/modules/*
>
> cp /sbin/reboot /sbin/oreboot
> files="xserv xfont xshare xetc xbase game comp man base"
> for i in $files
> do
> echo $i
> tar -C / -xzphf $i*
> rm -f $i*
> sync
> done
> /usr/sbin/pwd_mkdb /etc/master.passwd
> cp /dev/null /var/log/lastlog
> cp /dev/null /var/log/wtmp
> /sbin/oreboot
>
>
> However, it just occurred to me that I was in a tmux shell as
> root--so it was *not* ksh! I'll bet it was tmux that was croaking!
> I've gotten in the habit of using tmux since it's been in base so if
> my internet connection drops the script doesn't stop, leaving the
> whole system in an inconsistent state--which I had happen about
> halfway through extracting base one time.
>
> Hmm--should (and can) tmux be switched to a static binary in base?
> It's great to have that safety net if either side of my sometimes
> crappy internet goes away.
>
> Thanks, as always, Nick!
>
> Jeff
Re: Upgrading by installing post time_t snapshot
On 10/9/13 1:29 PM, Nick Holland wrote:
On 10/09/2013 02:43 PM, Jeff Ross wrote:
I've got to upgrade some remote machines that I only have access via
ssh.
I've been using a script based on the "Upgrade without install kernel"
for years. I modified it slightly for this upgrade by adding
/usr/sbin/pwd_mkdb /etc/master.passwd
to /etc/rc.local so the password databases can be updated and I can log
in after the first reboot.
But how do I make the remote system reboot? Attempting to use the
/sbin/oreboot file I made in accordance to the "Upgrade without install
kernel" method fails with a "Bad system call (core dump)" error, as does
trying *any* command after base is extracted.
I think you are doing something wrong here...
/sbin/oreboot should be the old binary, which should -- and can! --
run on the old kernel.
I just did this last night, so I know it can work. :)
Are you using standard, supplied shells, such as ksh, sh, or csh? I
could imagine that bash or something else would get really really
unhappy there, but ksh et al. should be fully resident in RAM.
or did you happen to try "sudo oreboot"? that also would be expected
to not work, not because of oreboot, but because of sudo.
Do an ls -l /sbin/*reboot, I think your /sbin/oreboot isn't what you
are thinking it is.
Nick.
Hi Nick!
Just the person I was hoping to hear chime in!
Standard ksh shell, as root, although I got there via sudo.
I for sure thought it was odd, but actually on 4 separate systems I've
had reboot fail. The first was my little netbook in my lap, but that
was not problem because I could physically access the keyboard. The
next was half of another pair of CARPed firewalls--I have yet to get
someone in there to fix that--and then the CARPed pair at my
work--yesterday for one and this morning for the other.
Here is the output of ls -l /sbin/*reboot
jross@samsara1:/home/jross $ ls -l /sbin/*reboot
-r-xr-xr-x 1 root wheel 189236 Oct 8 13:42 /sbin/oreboot
-r-xr-xr-x 2 root bin193332 Oct 1 11:46 /sbin/reboot
The oreboot is the copy of the previous /sbin/reboot--and the size
matches exactly the /sbin/reboot file on another system from about a
month before the time_t change.
Here's my update script from the first system I tried to upgrade at
work. In this case I tried running pwd_mkdb (since I'd checked that it
was a static binary) before rebooting.
Every command after the extracting base failed.
#!/bin/sh
path=/usr/releasedir/
export RELEASEPATH=$path # where you put the files
cd ${RELEASEPATH}
rm /obsd ; ln /bsd /obsd && cp bsd.mp /nbsd && mv /nbsd /bsd
cp bsd.rd /
cp bsd /bsd.sp
rm -rf /usr/X11R6/lib/modules/*
cp /sbin/reboot /sbin/oreboot
files="xserv xfont xshare xetc xbase game comp man base"
for i in $files
do
echo $i
tar -C / -xzphf $i*
rm -f $i*
sync
done
/usr/sbin/pwd_mkdb /etc/master.passwd
cp /dev/null /var/log/lastlog
cp /dev/null /var/log/wtmp
/sbin/oreboot
However, it just occurred to me that I was in a tmux shell as root--so
it was *not* ksh! I'll bet it was tmux that was croaking! I've gotten
in the habit of using tmux since it's been in base so if my internet
connection drops the script doesn't stop, leaving the whole system in an
inconsistent state--which I had happen about halfway through extracting
base one time.
Hmm--should (and can) tmux be switched to a static binary in base? It's
great to have that safety net if either side of my sometimes crappy
internet goes away.
Thanks, as always, Nick!
Jeff
Re: GNOME on OpenBSD 5.3 amd64
"obsd, cgi" writes: > I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on > VirtualBox), see the howto below. > > But after the howto, reboot, startx with a normal user: > https://i.imgur.com/MaT8lcW.png > > Xorg.0.log > https://pastee.org/p8ppa > > # original: > http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-display-manager-on-openbsd-4-8/ External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below. > --- > > when installing: > -g* > > --- > > echo 'export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' >>> ~/.profile; . ~/.profile > pkg_add -i -vv gnome-session gdm > # if there was "Can't install foo" message, try the pkg_add line again > > --- > > vi /etc/rc.local > > Append/modify the following lines in /etc/rc.local: > > if [ -x /usr/local/sbin/gdm ]; then > echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) & > fi > > --- > > echo 'exec gnome-session' > /root/.xinitrc; chmod +x /root/.xinitrc > exit > echo 'exec gnome-session' > .xinitrc; chmod +x .xinitrc > > --- > > pkg_add -i -vv metacity > pkg_add -i -vv gnome-panel > pkg_add -i -vv nautilus > > --- > > vi /etc/rc.conf.local > > Append/modify the following lines : > > xdm_flags=NO > gnome_enable=YES > gdm_enable=YES > > --- > > pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus > gnome-settings-daemon gnome-themes-standard > # for some reason, these aren't found: gnome-themes-extras gnome-utils > gnome-applets2 gnome-system-monitor gnome-nettool > > --- > > So the question is anybody has a working howto for installing GNOME on > OpenBSD? Just so that Antoine doesn't feel forced to send another mail about this recurring subject: pkg_add gnome, *read* the various readmes, don't use virtualbox. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
GNOME on OpenBSD 5.3 amd64
I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on VirtualBox), see the howto below. But after the howto, reboot, startx with a normal user: https://i.imgur.com/MaT8lcW.png Xorg.0.log https://pastee.org/p8ppa # original: http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-display-manager-on-openbsd-4-8/ --- when installing: -g* --- echo 'export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' >> ~/.profile; . ~/.profile pkg_add -i -vv gnome-session gdm # if there was "Can't install foo" message, try the pkg_add line again --- vi /etc/rc.local Append/modify the following lines in /etc/rc.local: if [ -x /usr/local/sbin/gdm ]; then echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) & fi --- echo 'exec gnome-session' > /root/.xinitrc; chmod +x /root/.xinitrc exit echo 'exec gnome-session' > .xinitrc; chmod +x .xinitrc --- pkg_add -i -vv metacity pkg_add -i -vv gnome-panel pkg_add -i -vv nautilus --- vi /etc/rc.conf.local Append/modify the following lines : xdm_flags=NO gnome_enable=YES gdm_enable=YES --- pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus gnome-settings-daemon gnome-themes-standard # for some reason, these aren't found: gnome-themes-extras gnome-utils gnome-applets2 gnome-system-monitor gnome-nettool --- So the question is anybody has a working howto for installing GNOME on OpenBSD? Thanks
Re: Upgrading by installing post time_t snapshot
On 10/09/2013 02:43 PM, Jeff Ross wrote: I've got to upgrade some remote machines that I only have access via ssh. I've been using a script based on the "Upgrade without install kernel" for years. I modified it slightly for this upgrade by adding /usr/sbin/pwd_mkdb /etc/master.passwd to /etc/rc.local so the password databases can be updated and I can log in after the first reboot. But how do I make the remote system reboot? Attempting to use the /sbin/oreboot file I made in accordance to the "Upgrade without install kernel" method fails with a "Bad system call (core dump)" error, as does trying *any* command after base is extracted. I think you are doing something wrong here... /sbin/oreboot should be the old binary, which should -- and can! -- run on the old kernel. I just did this last night, so I know it can work. :) Are you using standard, supplied shells, such as ksh, sh, or csh? I could imagine that bash or something else would get really really unhappy there, but ksh et al. should be fully resident in RAM. or did you happen to try "sudo oreboot"? that also would be expected to not work, not because of oreboot, but because of sudo. Do an ls -l /sbin/*reboot, I think your /sbin/oreboot isn't what you are thinking it is. Nick.
Re: Best OpenBSD cloud hosting?
I've got a few OpenBSD boxes running at TransIP, very satisfied about it. QEMU/KVM based, and they recently added a new feature, 'private networks' between two or more VPS's. It might not explicitly have the label 'cloud' attached to it, but still very nice; and quite cheap as well. On Wed, Oct 9, 2013 at 8:45 PM, Antoine Jacoutot wrote: > On Wed, Oct 09, 2013 at 02:31:02PM -0400, Jiri B wrote: >> What about Joyent? They "ported" KVM from Linux to "Solaris" >> and they run it under zones. I would trust more Solaris based >> solution they some hackish Linux setups where every VM runs under >> root :) > > I personally use SmartOS and while it is an awesome system, OpenBSD does not > always behave perfectly well under Solaris KVM. > I've had several vdisk related issues. > In my experience, Linux KVM is a better container for our OS. > > -- > Antoine
Re: Best OpenBSD cloud hosting?
On 10/09/13 03:16, openda...@hushmail.com wrote: > Can anyone recommend a decent OpenBSD cloud hosting provider? RootBSD are quite good, I have been using them for a few years now with zero downtime. A bit more pricey compaired to Digital Ocean, but they are solid and support new releases rather quickly. http://www.rootbsd.net/services/virtual-servers-vps/
Re: Best OpenBSD cloud hosting?
On Wed, Oct 09, 2013 at 02:31:02PM -0400, Jiri B wrote: > What about Joyent? They "ported" KVM from Linux to "Solaris" > and they run it under zones. I would trust more Solaris based > solution they some hackish Linux setups where every VM runs under > root :) I personally use SmartOS and while it is an awesome system, OpenBSD does not always behave perfectly well under Solaris KVM. I've had several vdisk related issues. In my experience, Linux KVM is a better container for our OS. -- Antoine
Upgrading by installing post time_t snapshot
I've got to upgrade some remote machines that I only have access via ssh. I've been using a script based on the "Upgrade without install kernel" for years. I modified it slightly for this upgrade by adding /usr/sbin/pwd_mkdb /etc/master.passwd to /etc/rc.local so the password databases can be updated and I can log in after the first reboot. But how do I make the remote system reboot? Attempting to use the /sbin/oreboot file I made in accordance to the "Upgrade without install kernel" method fails with a "Bad system call (core dump)" error, as does trying *any* command after base is extracted. In the two systems I just upgraded (a pair of CARPed firewalls) I had a person on-site that could power-down the system I just updated but I have a few out there in the wild where that is more problematic--not impossible, but definitely inconvenient. What am I missing? Thanks, Jeff Ross
Re: Best OpenBSD cloud hosting?
On Wed, Oct 09, 2013 at 01:16:54AM +, openda...@hushmail.com wrote: > Hi, > > Can anyone recommend a decent OpenBSD cloud hosting provider? > > Digital Ocean looks nice but they don't yet offer OpenBSD > (https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os-). > > There's ARP Networks and TransIP but they don't offer clouds. > > Thanks. > > O.D. What about Joyent? They "ported" KVM from Linux to "Solaris" and they run it under zones. I would trust more Solaris based solution they some hackish Linux setups where every VM runs under root :) j.
Re: Best OpenBSD cloud hosting?
cloudsigma does qemu/KVM cloud hosting. i've spun up openbsd VMs there. too pricey for my needs, but maybe it'll work out for you. http://www.cloudsigma.com/ -w On Wed, 9 Oct 2013, at 17:29, Francisco Valladolid H. wrote: > On Wed, Oct 9, 2013 at 8:14 AM, Beto > wrote: > > Hi, arpnetworks is other option. > > > > arpnetwork is simple VM, no cloud. > > I think no support for OpenBSD cloud at this time > > Regards > > > > > 2013/10/8 > > > >> Hi, > >> > >> Can anyone recommend a decent OpenBSD cloud hosting provider? > >> > >> Digital Ocean looks nice but they don't yet offer OpenBSD ( > >> https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os- > >> ). > >> > >> There's ARP Networks and TransIP but they don't offer clouds. > >> > >> Thanks. > >> > >> O.D. > > > > > > -- > Francisco Valladolid H. > -- http://blog.bsdguy.net - Jesus Christ follower.
Re: Looking for good, small, canadian version laptop suggestions
- Original message - From Tomas Bodzar Sent Wed Oct 9 2013 11:29:07 AM CEST To g.lis...@nodeunit.com Subject Re: Looking for good, small, canadian version laptop suggestions On Wed, Oct 9, 2013 at 12:14 AM, g.lister wrote: > Hi guys, > > I am looking for some suggestions for a good, small quite laptop. I was > looking at futureshop.ca and bestbuy.ca. I currently have an HP dv3 which > runs OpenBSD 5.2 but it is veeey loud some issue with keeping heat down > it has i7 cores but I am willing to settle for a lot less threads and power > I need it for some vim C coding and basic duties. > Really 5.2 version? Why don't you try latest relase or better current which will have much better support of HW in your laptop. I tried 5.3, first, and it installed OK but at boot it stops at "mtrr: Intel MTRR check" after that is normally the USB stuff. I am not sure but I think I have to go into some kernel debugger to get anywhere from there and I needed to have OpenBSD setup so I can poke around using Michael's book. Anyway the laptop is noisy with Linux and Windows and I have tried disabling "fan always on" in the BIOS to no avail, it is basically either badly made or the BIOS is to be blamed or..., which is why I decided to see what other people are using as a laptop and draw some conclusion from that. Thanks for reading. > > I would like to get something quieter and that also runs OpenBSD without > major issues. I saw a lenovo thinkpad x131e on futureshop but it is kind of > small on the screen size 11.6" and I am not sure if OpenBSD will work on it. > > Does anyone care to mention what they are using. > Thanks in advance. > Cheers, > George
Re: My VPS is acting slow (KVM)
On 6. oktober 2013 at 1:15 PM, "Manolis Tzanidakis" wrote: > >First, upgrade to STABLE to avoid potential kernel panics. Check >patch 007 in http://openbsd.org/errata53.html for more info. M:Tier >offers pre-built patches and packages, if you want to avoid compiling. >Check https://stable.mtier.org/ . > >To be able to switch back and forth from wd/em to vioblk/vio: >- make sure you use DUID in fstab. disklabel(8) for more info. >- copy /etc/hostname.em0 to /etc/hostname.vio0 . >- ask your vps provider to enable virtio for disk and net. My VPS provider says it will take them a couple of weeks to enable virtio. Does it really take that long? They also say they have virtio enabled for FreeBSD, meaning they were aware that their OpenBSD offering was going to be below par, but chose to sell it to me anyway. O.D.
Re: setgid problem
On Wed, Oct 09, 2013 at 05:47:36PM +0200, Bambero wrote:
> Thanks fo the answer.
>
> But, another example:
>
> #!/usr/local/bin/php-5.2 -q
>
> //set group ID to operator
> posix_setgid(5);
> posix_setegid(5);
>
> //set user ID to nobody
> posix_setuid($_uid);
>
> echo 'getuid: ' . posix_getuid() . "\n";
> echo 'getgid: ' . posix_getgid() . "\n";
> echo 'getegid: ' . posix_getegid() . "\n";
>
> echo file_get_contents('/etc/sudoers');
>
>
> This script returns contents of /etc/sudoers file.
> But it shouldn't becouse perms of /etc/sudoers permissions are:
> -
> -r--r- 1 root wheel 1354 Aug 17 2011 /etc/sudoers
>
>
> I'm I right ?
No, there are also a group list. See getgroups(2) and setgroups().
getgroups(2) maps to posix_getgroups(). But is seems posix_setgroups() was
forgotten by the php folks.
-Otto
>
> Bambero
>
>
> On Wed, Oct 9, 2013 at 4:30 PM, Otto Moerbeek wrote:
>
> > On Wed, Oct 09, 2013 at 04:26:20PM +0200, Bambero wrote:
> >
> > > Hello
> > >
> > > I have a small php script which creates a file:
> > >
> > >
> > > #!/usr/local/bin/php-5.2 -q
> > >
> > > //set group ID to operator
> > > posix_setgid(5);
> > > posix_setegid(5);
> > >
> > > //set user ID to nobody
> > > posix_setuid($_uid);
> > >
> > > // create file
> > > touch('/tmp/permtest');
> > >
> > > echo 'getuid: ' . posix_getuid() . "\n";
> > > echo 'getgid: ' . posix_getgid() . "\n";
> > > echo 'getegid: ' . posix_getegid() . "\n";
> > >
> > >
> > > Script returns (as expected):
> > > --
> > > getuid: 2
> > > getgid: 5
> > > getegid: 5
> > > --
> > >
> > > But file created with that script has perms:
> > >
> > > -rw-r--r-- 1 operator wheel 0 Oct 9 16:16 permtest
> > >
> > > So it looks like the setgid not works ?
> > >
> > > Can anyone help ?
> > >
> > > Bambero
> >
> > On *BSD systems, the group owner of a file is inherited from the directory.
> >
> > -Otto
Re: setgid problem
Thanks fo the answer.
But, another example:
#!/usr/local/bin/php-5.2 -q
//set group ID to operator
posix_setgid(5);
posix_setegid(5);
//set user ID to nobody
posix_setuid($_uid);
echo 'getuid: ' . posix_getuid() . "\n";
echo 'getgid: ' . posix_getgid() . "\n";
echo 'getegid: ' . posix_getegid() . "\n";
echo file_get_contents('/etc/sudoers');
This script returns contents of /etc/sudoers file.
But it shouldn't becouse perms of /etc/sudoers permissions are:
-
-r--r- 1 root wheel 1354 Aug 17 2011 /etc/sudoers
I'm I right ?
Bambero
On Wed, Oct 9, 2013 at 4:30 PM, Otto Moerbeek wrote:
> On Wed, Oct 09, 2013 at 04:26:20PM +0200, Bambero wrote:
>
> > Hello
> >
> > I have a small php script which creates a file:
> >
> >
> > #!/usr/local/bin/php-5.2 -q
> >
> > //set group ID to operator
> > posix_setgid(5);
> > posix_setegid(5);
> >
> > //set user ID to nobody
> > posix_setuid($_uid);
> >
> > // create file
> > touch('/tmp/permtest');
> >
> > echo 'getuid: ' . posix_getuid() . "\n";
> > echo 'getgid: ' . posix_getgid() . "\n";
> > echo 'getegid: ' . posix_getegid() . "\n";
> >
> >
> > Script returns (as expected):
> > --
> > getuid: 2
> > getgid: 5
> > getegid: 5
> > --
> >
> > But file created with that script has perms:
> >
> > -rw-r--r-- 1 operator wheel 0 Oct 9 16:16 permtest
> >
> > So it looks like the setgid not works ?
> >
> > Can anyone help ?
> >
> > Bambero
>
> On *BSD systems, the group owner of a file is inherited from the directory.
>
> -Otto
Re: Best OpenBSD cloud hosting?
On Wed, Oct 9, 2013 at 8:14 AM, Beto wrote: > Hi, arpnetworks is other option. > arpnetwork is simple VM, no cloud. I think no support for OpenBSD cloud at this time Regards > > 2013/10/8 > >> Hi, >> >> Can anyone recommend a decent OpenBSD cloud hosting provider? >> >> Digital Ocean looks nice but they don't yet offer OpenBSD ( >> https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os- >> ). >> >> There's ARP Networks and TransIP but they don't offer clouds. >> >> Thanks. >> >> O.D. > -- Francisco Valladolid H. -- http://blog.bsdguy.net - Jesus Christ follower.
Re: altq on multiple interfaces
On Wed 09 Oct 2013 13:53:06 BST, Andy wrote: On Wed 09 Oct 2013 12:29:48 BST, Leonardo Lombardo wrote: Thanks for your reply Andy. What if I have: - multiple VLANs on an internal IF Just have a different set of queues for each 'on vlanX' etc. - have a limited bandwidth on external (say 10/10Mbit/s) Do as was suggested, have a smaller bandwidth for the WAN traffic (100Mbit in the example). Just change that to 10Mbit. and I want to share the external bandwidth among all VLANs giving some IPs (from different VLANs) each a bandwidth guarantee ? You cannot share the 'download' bandwidth across all internal VLANS for the inbound direction, you have to divide it out so that the egress bandwith of each of the internal VLANs sum to the total ingress bandwidth of your WAN. This is a horrible limitation which I *hate* :( Thinking about it, this might not be true.. After-all the packets egress the physical underlying interface so I wonder if its possible to 'queue' on the physical interface 'on emX' for example underneath the 802.1Q tagging, such that all the traffic for all VLANs on top of that phys interface would go through the same queues! If that were the case it would be wonderful :) and I would be changing my own topology immediately to take advantage of having all my different internal nets share the same WAN downstream bandwidth! Someone on here who knows OpenBSD better than me might know if this is possible? You can share the upstream bandwith however as this can be all applied to the single WAN interface. Remember you can only queue egress, not ingress. Sorry if I was not clear in my original question... Thanks
Re: Delay starting OpenOSPFd and OpenBGPd
Hi Theo, Agreed, I guess I'm really just concerned about CARP and PF and not wanting to direct packets to the firewall before its ready. But I guess this should be fine and I'm just worrying.. Because I cannot get the carp backup to announce routes with a higher cost I'm struggling to come up with a design which I think will be stable. For all important purposes, our internal v4 nets are RFC1918 nets and so I have to run CARP on the internal NICs (server default routes), and CARP on the outside for NAT RDR BINAT etc, with filtering and state checking/modulation. So v4 OSPF is mostly fine for now (adding 'network carp1' to area 0 where carp1 is the internal carp) with 5.4 as I would like the different data centres to communicate across our layer 2 WAN without NATing reliably even during CARP failover. The bad feeling I have ;) is to do with v6. We are trying to dual-stack our entire network, we have /many/ networks behind our BSD routers, and I'm freaked at the thought of loops (packet enters the backup firewall, ingresses the network, server replies, and the reply egresses the network via the master firewall. 'defer' seems like it would slow things down, and sloppy states scares me as it disables security (server has to use its own mechanism to prevent ICMP teardown attack and/or insertion attacks etc etc). But I admit I don't understand it properly yet. To me being able to control route costs would be a better solution and stop any loops. I appreciate this problem is being born out of the fact that I am trying to run the boxes as both firewalls /and/ routers. Does this make sense, and does anyone have an idea of how to cope with this dual-stack scenario? Cheers, Andy. PS; ignore all the slanderus bull It's impossible to make everyone happy and to think the same way.. ;) On Wed 09 Oct 2013 15:20:33 BST, Theo de Raadt wrote: It seems that OSPF starts quite early in the boot process before other things have finished booting. Is their a way to delay the start so that it only starts announcing once all the start up scripts have run etc? That would be wrong. I can figure out why you want it. The starting of routes from OSPF is not meant to indicate that higher level services are now available. In fact there may be higher-level services which require that the routes are available before they can start.
Re: setgid problem
On Wed, Oct 09, 2013 at 04:26:20PM +0200, Bambero wrote:
> Hello
>
> I have a small php script which creates a file:
>
>
> #!/usr/local/bin/php-5.2 -q
>
> //set group ID to operator
> posix_setgid(5);
> posix_setegid(5);
>
> //set user ID to nobody
> posix_setuid($_uid);
>
> // create file
> touch('/tmp/permtest');
>
> echo 'getuid: ' . posix_getuid() . "\n";
> echo 'getgid: ' . posix_getgid() . "\n";
> echo 'getegid: ' . posix_getegid() . "\n";
>
>
> Script returns (as expected):
> --
> getuid: 2
> getgid: 5
> getegid: 5
> --
>
> But file created with that script has perms:
>
> -rw-r--r-- 1 operator wheel 0 Oct 9 16:16 permtest
>
> So it looks like the setgid not works ?
>
> Can anyone help ?
>
> Bambero
On *BSD systems, the group owner of a file is inherited from the directory.
-Otto
setgid problem
Hello
I have a small php script which creates a file:
#!/usr/local/bin/php-5.2 -q
//set group ID to operator
posix_setgid(5);
posix_setegid(5);
//set user ID to nobody
posix_setuid($_uid);
// create file
touch('/tmp/permtest');
echo 'getuid: ' . posix_getuid() . "\n";
echo 'getgid: ' . posix_getgid() . "\n";
echo 'getegid: ' . posix_getegid() . "\n";
Script returns (as expected):
--
getuid: 2
getgid: 5
getegid: 5
--
But file created with that script has perms:
-rw-r--r-- 1 operator wheel 0 Oct 9 16:16 permtest
So it looks like the setgid not works ?
Can anyone help ?
Bambero
Re: Delay starting OpenOSPFd and OpenBGPd
> It seems that OSPF starts quite early in the boot process before other > things have finished booting. > > Is their a way to delay the start so that it only starts announcing once > all the start up scripts have run etc? That would be wrong. I can figure out why you want it. The starting of routes from OSPF is not meant to indicate that higher level services are now available. In fact there may be higher-level services which require that the routes are available before they can start.
Delay starting OpenOSPFd and OpenBGPd
Hi, It seems that OSPF starts quite early in the boot process before other things have finished booting. Is their a way to delay the start so that it only starts announcing once all the start up scripts have run etc? Cheers, Andy.
Re: Help vote for OpenBSD
* existence On 9. oktober 2013 at 2:09 PM, openda...@hushmail.com wrote: > >Hi, > >Could you guys help me vote for OpenBSD at Digital Ocean? > >https://digitalocean.uservoice.com/forums/136585-digital- >ocean/suggestions/3232571-support-bsd-os- > >Basically it's the only SSD cloud hosting provider >(https://www.youtube.com/watch?v=vHZLCahai4Q) in existance and if >the response is good enough, they'll start offering OpenBSD. > >Thanks! > >O.D.
Help vote for OpenBSD
Hi, Could you guys help me vote for OpenBSD at Digital Ocean? https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os- Basically it's the only SSD cloud hosting provider (https://www.youtube.com/watch?v=vHZLCahai4Q) in existance and if the response is good enough, they'll start offering OpenBSD. Thanks! O.D.
Re: Best OpenBSD cloud hosting?
Hi, arpnetworks is other option. 2013/10/8 > Hi, > > Can anyone recommend a decent OpenBSD cloud hosting provider? > > Digital Ocean looks nice but they don't yet offer OpenBSD ( > https://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3232571-support-bsd-os- > ). > > There's ARP Networks and TransIP but they don't offer clouds. > > Thanks. > > O.D.
Re: altq on multiple interfaces
On Wed 09 Oct 2013 12:29:48 BST, Leonardo Lombardo wrote: Thanks for your reply Andy. What if I have: - multiple VLANs on an internal IF Just have a different set of queues for each 'on vlanX' etc. - have a limited bandwidth on external (say 10/10Mbit/s) Do as was suggested, have a smaller bandwidth for the WAN traffic (100Mbit in the example). Just change that to 10Mbit. and I want to share the external bandwidth among all VLANs giving some IPs (from different VLANs) each a bandwidth guarantee ? You cannot share the 'download' bandwidth across all internal VLANS for the inbound direction, you have to divide it out so that the egress bandwith of each of the internal VLANs sum to the total ingress bandwidth of your WAN. This is a horrible limitation which I *hate* :( You can share the upstream bandwith however as this can be all applied to the single WAN interface. Remember you can only queue egress, not ingress. Sorry if I was not clear in my original question... Thanks
Re: Sorry OpenBSD people, been a bit busy
Please stop -- There are people so addicted to exaggeration that they can't tell the truth without lying. -- Josh Billings
Re: Sorry OpenBSD people, been a bit busy
John Long writes: > On Wed, Oct 09, 2013 at 12:41:07PM +0100, sbienddr...@googlemail.com wrote: >> Am I being monitored for receiving these emails? > > No, you're being monitored for using google, stupid. Please follow Peter's advice: >On 10/09/13 12:18, Peter Hessler wrote: >> This has gotten massively off topic. Can we please let the thread end here? > Did anybody consider the possibility Theo didn't start this thread? The > email headers looked ok at a quick glance but that didn't sound very much > like him. He did. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Sorry OpenBSD people, been a bit busy
On Wed, Oct 09, 2013 at 12:41:07PM +0100, sbienddr...@googlemail.com wrote: > Am I being monitored for receiving these emails? No, you're being monitored for using google, stupid. Did anybody consider the possibility Theo didn't start this thread? The email headers looked ok at a quick glance but that didn't sound very much like him.
Re: Sorry OpenBSD people, been a bit busy
Am I being monitored for receiving these emails? On 10/09/13 12:18, Peter Hessler wrote: This has gotten massively off topic. Can we please let the thread end here?
Re: altq on multiple interfaces
Thanks for your reply Andy. What if I have: - multiple VLANs on an internal IF - have a limited bandwidth on external (say 10/10Mbit/s) and I want to share the external bandwidth among all VLANs giving some IPs (from different VLANs) each a bandwidth guarantee ? Sorry if I was not clear in my original question... Thanks
Re: Sorry OpenBSD people, been a bit busy
You're right! I am outa here! Bye! On Wed, Oct 9, 2013 at 7:18 AM, Peter Hessler wrote: > This has gotten massively off topic. Can we please let the thread end > here?
Re: Sorry OpenBSD people, been a bit busy
It might come as a shock for you all. But we don't give a flying fuck for what you guys think about X where X is not related to OpenBSD. Try #ihavetheurgetoexpressmyfeeelings in irc.disney.com
Re: Sorry OpenBSD people, been a bit busy
This has gotten massively off topic. Can we please let the thread end here?
Re: Sorry OpenBSD people, been a bit busy
I am not stupid & midwestern enough to believe that all Muslims are a terrorist threat. My son is half jewish and I am not even reflexively pro-israel. I find that when I enter a church or a temple, its a bit of mental torture; over the weekend I was at a bat mitzvah and believe me, it was torture. I am about as far from the beliefs of david horowitz as you can get. I live near Princeton, and personally I think that NJ is a police state; they actually monitor people's license plates and I was harrassed 5 years ago in a park near princeton, because I was caught there after dark in my car with a partially used bottle of wine. They harrassed me for over 15 minutes making me dance around out of my car, then they let me go; later I was in the starbucks in princeton, about midnite, and these two saw me and started laughing. Its all a joke to these guys - "law & order." Anyway, according to bin laden, he just wanted us out of arab lands. That was his main gripe. Boy, if thats all it takes, I would go in a heart beat, why fight these guys? But somehow I think they also want us out of portugal, spain, turkey, north africa, and ultimately israel. Last year I saw David Broza at 92nd St Y; he personally sponsored 4 young musicians from Nazareth, 3 of whom were palestinian. I have to tell you, at least 85% of the audience, standing room only was jewish, and all loved this guy and the concert. Obviously there are people on the other side, including myself, looking for an olive branch and a way out of this global mess, buts whats with all these draconian blasphemy laws in places like pakistand, iran, and saudi arabia? Why cant a britsh citizen like Rushdie write a book iranians dont like and be in hiding for literally years? They even targeted publishers in NYC over his book. What about the Van Gogh murder? It is a concern of mine that what is happening in France with Algerians, and others, and what is in England with Pakistanis will spill into NJ. We shouldnt unfairly target muslims, but they should likewise leave me alone; I may be the great satan, but I have never advocated military action in any of their lands, except to get bin laden in 2002. On Wed, 9 Oct 2013, Zé Loff wrote: > On Oct 9, 2013, at 12:15 AM, Scott McEachern wrote: > >> On 10/08/13 17:38, Richard Thornton wrote: >>> I am not flippant enough to say that the NSA revelations do not matter, >>> but what are we supposed to do? The Middle Eastern terrorism threat is >>> real and we need to be able to stop them anyway necessary. >>> >>> All it takes is one of them to hit every Walmart in the neighborhood, >>> buy every pay-as-you-go phone they have, then pass them out to their >>> friends in every Mosque. Now you have a new terrorism threat. So, >>> welcome to the real world my friend, and wake up. > > [...] > >> And for the record, both you and Ze Loff should stick to facts and rational discussion. Bigots and morons are best defeated with those, and they'll show their true colours, debasing their own opinions. There's no need for insults and ad hominem attacks. > > First of all I owe an apology to the list and, albeit partially, to Richard. I now realise I overreacted a bit. I don't think hate (in the broadest sense of the word) belongs in this list and the comments the kind of which Richard made really get on my nerves. Ironically enough, I ended up spreading the hate myself. Again, my apologies. > > That being said, Richard, if you still stand behind your comment and your gross generalisation about muslims, I must still call you a bigot. And just for the sake of clarity I have the utmost respect for the victims of 9/11, as I have for those in Boston, Fallujah, Gaza, Auschwitz, Sbrenica, Sudan, Rwanda, Chechnya or in that theatre in Moscow a few years ago. In short for every one who was harmed by some idiot/state who thinks his beliefs (religious or not) is better than the rest of them. The "all muslims are terrorists" generalisation is as dumb and shortsighted as saying all blond girls are stupid, all americans are fat gun fanatics, all germans are nazis, all jews are... I'm sure you get the point. > > Just to bring this slightly back on-topic, please realise that terrorism (as real as it is) has been used as an pretext. Intercepting communications on the UN has nothing to do with it, nor does planting bugs on the European Parliament, nor does spying on Brasil's President or its state oil company. > > And Scott, thanks for setting me straight and for the rest of your message. > > > Again sorry for the noise and kudos on the YYCIX, Theo. > Zé
Re: Looking for good, small, canadian version laptop suggestions
On Wed, Oct 9, 2013 at 12:14 AM, g.lister wrote: > Hi guys, > > I am looking for some suggestions for a good, small quite laptop. I was > looking at futureshop.ca and bestbuy.ca. I currently have an HP dv3 which > runs OpenBSD 5.2 but it is veeey loud some issue with keeping heat down > it has i7 cores but I am willing to settle for a lot less threads and power > I need it for some vim C coding and basic duties. > Really 5.2 version? Why don't you try latest relase or better current which will have much better support of HW in your laptop. > > I would like to get something quieter and that also runs OpenBSD without > major issues. I saw a lenovo thinkpad x131e on futureshop but it is kind of > small on the screen size 11.6" and I am not sure if OpenBSD will work on it. > > Does anyone care to mention what they are using. > Thanks in advance. > Cheers, > George
Re: Sorry OpenBSD people, been a bit busy
On 10/09/13 05:08, Zé Loff wrote: (Quite) a few years ago, the Dutch government wanted to make sure everyone had a proper burial, according to each one's beliefs and rituals. So they asked people to state their religious beliefs. This is a good idea right? Everyone's wishes get respected even if you had no family or if your whole family died in an accident or fire or whatever. Besides, "I've got nothing to hide, being is nothing to be ashamed of and I'm proud of my heritage". So the government made a nice list. And then a few years later Germany invaded the Netherlands. Point being, it's not naiveté. It's this whole "I've got nothing to hide anyway, let them look" / "I am not that important" mentality. People fail to realise that this is not about you having something to hide or not. It's about your right to hide something /if and when you want to/. Both of your last two posts, well said. Thanks for pointing out that it was the Netherlands that kept that data, and why. When I mentioned it earlier, I wasn't sure earlier if it was the Belgians or the Dutch, or why. Good to know, and remember. -- Scott McEachern https://www.blackstaff.ca "Beware the Four Horsemen of the Information Apocalypse: terrorists, drug dealers, kidnappers, and child pornographers. Seems like you can scare any public into allowing the government to do anything with those four." -- Bruce Schneier
Re: Sorry OpenBSD people, been a bit busy
On Oct 9, 2013, at 3:44 AM, Benjamin Heath wrote: > But, people have given up this information. They weren't even paid or > coerced. Why so naive? (Quite) a few years ago, the Dutch government wanted to make sure everyone had a proper burial, according to each one's beliefs and rituals. So they asked people to state their religious beliefs. This is a good idea right? Everyone's wishes get respected even if you had no family or if your whole family died in an accident or fire or whatever. Besides, "I've got nothing to hide, being is nothing to be ashamed of and I'm proud of my heritage". So the government made a nice list. And then a few years later Germany invaded the Netherlands. Point being, it's not naiveté. It's this whole "I've got nothing to hide anyway, let them look" / "I am not that important" mentality. People fail to realise that this is not about you having something to hide or not. It's about your right to hide something /if and when you want to/.
Re: OpenBSD on 64 cores and 256 GB of RAM
On Wed, October 9, 2013 01:25, Predrag Punosevac wrote: > We just received two new OEM Supermicro computing nodes for our Lab 4x16 > cores = 64 in total, 16x16GB RAM =256 GB of RAM in total. NIC: Intel > 82574 Dual-Port Gigabit. I just could not resist and I had to install > OpenBSD first. Everything works as expected. Please see the dmesg below > to get an idea how OpenBSD handles 64 CPUs and 256 GB or RAM. > > I installed amd64 snapshot from 29 of July. I am guessing this is a very > common hardware but if any of developers want me to spin the current on > this thing and do some serious network packets pushing before I deploy > this in production please let me know. Unfortunately I will have to run > RedHat on these two because we use MATLAB and few other proprietary > things on our computing nodes but I can assure you that these two babies > will be protected by OpenBSD boxes. > Hi. > OpenBSD 5.4 (GENERIC.MP) #39: Mon Jul 29 00:28:39 MDT 2013 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP [snip] > acpibtn0 at acpi0: PWRB > ipmi at mainbus0 not configured > cpu0: 2500 MHz: speeds: 2500 2300 2000 1700 1400 MHz > pci0 at mainbus0 bus 0 > pchb0 at pci0 dev 0 function 0 "ATI SR5690 Host" rev 0x02 > ppb0 at pci0 dev 13 function 0 "ATI SR5690 PCIE" rev 0x00: msi > pci1 at ppb0 bus 2 > em0 at pci1 dev 0 function 0 "Intel 82576" rev 0x01: msi, address > 00:25:90:5a:aa:2c > em1 at pci1 dev 0 function 1 "Intel 82576" rev 0x01: msi, address > 00:25:90:5a:aa:2d > ahci0 at pci0 dev 17 function 0 "ATI SBx00 SATA" rev 0x00: apic 0 int 22, AHCI > 1.1 > scsibus0 at ahci0: 32 targets > sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct > fixed naa.50015178f3650416 > sd0: 457860MB, 512 bytes/sector, 937698855 sectors, thin > ohci0 at pci0 dev 18 function 0 "ATI SB700 USB" rev 0x00: apic 0 int 16, > version 1.0, legacy support > ohci1 at pci0 dev 18 function 1 "ATI SB700 USB" rev 0x00: apic 0 int 16, > version 1.0, legacy support > ehci0 at pci0 dev 18 function 2 "ATI SB700 USB2" rev 0x00: apic 0 int 17 > usb0 at ehci0: USB revision 2.0 > uhub0 at usb0 "ATI EHCI root hub" rev 2.00/1.00 addr 1 > ohci2 at pci0 dev 19 function 0 "ATI SB700 USB" rev 0x00: apic 0 int 18, > version 1.0, legacy support > ohci3 at pci0 dev 19 function 1 "ATI SB700 USB" rev 0x00: apic 0 int 18, > version 1.0, legacy support > ehci1 at pci0 dev 19 function 2 "ATI SB700 USB2" rev 0x00: apic 0 int 19 > usb1 at ehci1: USB revision 2.0 > uhub1 at usb1 "ATI EHCI root hub" rev 2.00/1.00 addr 1 > piixpm0 at pci0 dev 20 function 0 "ATI SBx00 SMBus" rev 0x3d: SMI > iic0 at piixpm0 > sdtemp0 at iic0 addr 0x19: mcp98243 > sdtemp1 at iic0 addr 0x1b: mcp98243 > sdtemp2 at iic0 addr 0x1d: mcp98243 > sdtemp3 at iic0 addr 0x1f: mcp98243 > lm1 at iic0 addr 0x2d: W83627DHG > nvt0 at iic0 addr 0x2f: W83795G > spdmem0 at iic0 addr 0x51: 16GB DDR3 SDRAM registered ECC PC3-12800 with > thermal sensor > spdmem1 at iic0 addr 0x53: 16GB DDR3 SDRAM registered ECC PC3-12800 with > thermal sensor > spdmem2 at iic0 addr 0x55: 16GB DDR3 SDRAM registered ECC PC3-12800 with > thermal sensor > spdmem3 at iic0 addr 0x57: 16GB DDR3 SDRAM registered ECC PC3-12800 with > thermal sensor Strange. And where are other 12 banks of memory? > pcib0 at pci0 dev 20 function 3 "ATI SB700 ISA" rev 0x00 > ppb1 at pci0 dev 20 function 4 "ATI SB600 PCI" rev 0x00 > pci2 at ppb1 bus 1 > vga1 at pci2 dev 4 function 0 "Matrox MGA G200eW" rev 0x0a > wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) > wsdisplay0: screen 1-5 added (80x25, vt100 emulation) > ohci4 at pci0 dev 20 function 5 "ATI SB700 USB" rev 0x00: apic 0 int 18, > version 1.0, legacy support > pchb1 at pci0 dev 24 function 0 "AMD AMD64 15h Link Cfg" rev 0x00 > pchb2 at pci0 dev 24 function 1 "AMD AMD64 15h Address Map" rev 0x00 > pchb3 at pci0 dev 24 function 2 "AMD AMD64 15h DRAM Cfg" rev 0x00 > km0 at pci0 dev 24 function 3 "AMD AMD64 15h Misc Cfg" rev 0x00 > pchb4 at pci0 dev 24 function 4 "AMD AMD64 15h CPU Power" rev 0x00 > pchb5 at pci0 dev 24 function 5 "AMD AMD64 15h Host" rev 0x00 > pchb6 at pci0 dev 25 function 0 "AMD AMD64 15h Link Cfg" rev 0x00 > pchb7 at pci0 dev 25 function 1 "AMD AMD64 15h Address Map" rev 0x00 > pchb8 at pci0 dev 25 function 2 "AMD AMD64 15h DRAM Cfg" rev 0x00 > km1 at pci0 dev 25 function 3 "AMD AMD64 15h Misc Cfg" rev 0x00 > pchb9 at pci0 dev 25 function 4 "AMD AMD64 15h CPU Power" rev 0x00 > pchb10 at pci0 dev 25 function 5 "AMD AMD64 15h Host" rev 0x00 > pchb11 at pci0 dev 26 function 0 "AMD AMD64 15h Link Cfg" rev 0x00 > pchb12 at pci0 dev 26 function 1 "AMD AMD64 15h Address Map" rev 0x00 > pchb13 at pci0 dev 26 function 2 "AMD AMD64 15h DRAM Cfg" rev 0x00 > km2 at pci0 dev 26 function 3 "AMD AMD64 15h Misc Cfg" rev 0x00 > pchb14 at pci0 dev 26 function 4 "AMD AMD64 15h CPU Power" rev 0x00 > pchb15 at pci0 dev 26 function 5 "AMD AMD64 15h Host" rev 0x00 > pchb16 at pci0 dev 27 function 0 "AMD AMD64 15h Link Cfg" rev 0x00 > pchb17 at pci0 dev 27 function 1 "AMD AMD64
Re: altq on multiple interfaces
# WAN egress Queues
altq on $if_ext bandwidth 970Mb hfsc queue { ext_local, ext_wan }
queue ext_local bandwidth 800Mb priority 4 hfsc(upperlimit 800Mb) {
_local_kernel, _local_data }
queue _local_kernel on $if_ext bandwidth 1% priority 6
hfsc(realtime 1%, linkshare 10%)
queue _local_data on $if_ext bandwidth 99% priority 0
hfsc(linkshare 80%)
queue ext_wan bandwidth 100Mb priority 15 hfsc(linkshare 100Mb) {
_wan_pri, _wan_int, _wan_web, _wan_dflt }
queue _wan_pri on $if_ext bandwidth 20% priority 6 qlimit 100
hfsc(realtime 20%, linkshare 20%)
queue _wan_int on $if_ext bandwidth 5% priority 5 qlimit 100
hfsc(realtime 5%, linkshare 5%)
queue _wan_web on $if_ext bandwidth 50% priority 4 qlimit 100
hfsc(realtime(10%, 1000, 1%), linkshare 50%, ecn)
queue _wan_dflt on $if_ext bandwidth 5% priority 2 qlimit 100
hfsc(realtime(10%, 1000, 1%), linkshare 5%, ecn, default)
# LAN egress Queues
altq on $if_lan bandwidth 970Mb hfsc queue { lan_local, lan_wan }
queue lan_local bandwidth 800Mb priority 4 hfsc(upperlimit 800Mb) {
_local_kernel, _local_data }
queue _local_kernel on $if_lan bandwidth 1% priority 6
hfsc(realtime 1%, linkshare 10%)
queue _local_data on $if_lan bandwidth 99% priority 0
hfsc(linkshare 80%)
queue lan_wan bandwidth 100Mb priority 15 hfsc(linkshare 100Mb) {
_wan_pri, _wan_int, _wan_web, _wan_dflt }
queue _wan_pri on $if_lan bandwidth 10% priority 6 qlimit 100
hfsc(realtime 10%, linkshare 10%)
queue _wan_int on $if_lan bandwidth 5% priority 5 qlimit 100
hfsc(realtime 5%, linkshare 5%)
queue _wan_web on $if_lan bandwidth 60% priority 4 qlimit 100
hfsc(realtime(10%, 1000, 1%), linkshare 60%, ecn)
queue _wan_dflt on $if_lan bandwidth 5% priority 2 qlimit 100
hfsc(realtime(10%, 1000, 1%), linkshare 5%, ecn, default)
Note the 'on $if_ext'
You can now write the rule;
pass quick proto { tcp } from { } to {
} port { ssh } queue (_wan_dflt,_wan_int) set prio (2,5)
This would queue the traffic in both directions with only one rule.
NB; I use '_local_kernel' for local CARP traffic etc, and '_local_data'
for traffic which is not distined for the WAN link but other local
networks and so can run at wire speed.
And _wan_* for the wan based traffic..
Hope this helps,
Andy.
On 09/10/13 07:47, Leonardo Lombardo wrote:
Hi all,
is there a way to configure altq on multiple interfaces, sharing the same
parameters (bandwidth, priorities, etc) ?
If not, is there some other mechanism to obtain the same result ?
Thanks for any suggestion.
Leonardo
Re: Sorry OpenBSD people, been a bit busy
On Oct 9, 2013, at 12:15 AM, Scott McEachern wrote: > On 10/08/13 17:38, Richard Thornton wrote: >> I am not flippant enough to say that the NSA revelations do not matter, >> but what are we supposed to do? The Middle Eastern terrorism threat is >> real and we need to be able to stop them anyway necessary. >> >> All it takes is one of them to hit every Walmart in the neighborhood, >> buy every pay-as-you-go phone they have, then pass them out to their >> friends in every Mosque. Now you have a new terrorism threat. So, >> welcome to the real world my friend, and wake up. [...] > And for the record, both you and Ze Loff should stick to facts and rational > discussion. Bigots and morons are best defeated with those, and they'll show > their true colours, debasing their own opinions. There's no need for insults > and ad hominem attacks. First of all I owe an apology to the list and, albeit partially, to Richard. I now realise I overreacted a bit. I don't think hate (in the broadest sense of the word) belongs in this list and the comments the kind of which Richard made really get on my nerves. Ironically enough, I ended up spreading the hate myself. Again, my apologies. That being said, Richard, if you still stand behind your comment and your gross generalisation about muslims, I must still call you a bigot. And just for the sake of clarity I have the utmost respect for the victims of 9/11, as I have for those in Boston, Fallujah, Gaza, Auschwitz, Sbrenica, Sudan, Rwanda, Chechnya or in that theatre in Moscow a few years ago. In short for every one who was harmed by some idiot/state who thinks his beliefs (religious or not) is better than the rest of them. The "all muslims are terrorists" generalisation is as dumb and shortsighted as saying all blond girls are stupid, all americans are fat gun fanatics, all germans are nazis, all jews are... I'm sure you get the point. Just to bring this slightly back on-topic, please realise that terrorism (as real as it is) has been used as an pretext. Intercepting communications on the UN has nothing to do with it, nor does planting bugs on the European Parliament, nor does spying on Brasil's President or its state oil company. And Scott, thanks for setting me straight and for the rest of your message. Again sorry for the noise and kudos on the YYCIX, Theo. Zé
altq on multiple interfaces
Hi all, is there a way to configure altq on multiple interfaces, sharing the same parameters (bandwidth, priorities, etc) ? If not, is there some other mechanism to obtain the same result ? Thanks for any suggestion. Leonardo
