Re: I have several questions

2014-08-11 Thread Theo de Raadt 
> I raise the question again.
> During installation, I am asked:
> 
> Directory does not contain SHA256.sig. Continue without verification? [no]
> 
> I have to enter yes to let it proceed:
> 
> Installing bsd
> Installing bsd.rd
> Installing base55.tgz
> ...
> 
> I have downloaded CD image for i386 and burned it and booted it
> I think I shall not encounter such a question
> Why SHA256.sig isn't on CD?

Because that CD cannot be internally signed and externally signed
with the current build mechanism.

It is in the FAQ.

Very the CD image media itself.  You didn't do that?  Then you booted it?

Re: I have several questions

2014-08-11 Thread Long Wind 
I raise the question again.
During installation, I am asked:

Directory does not contain SHA256.sig. Continue without verification? [no]

I have to enter yes to let it proceed:

Installing bsd
Installing bsd.rd
Installing base55.tgz
...

I have downloaded CD image for i386 and burned it and booted it
I think I shall not encounter such a question
Why SHA256.sig isn't on CD?

Thanks to all those who reply (replied)!!

Re: I have several questions

2014-08-11 Thread Alexander Hall 
On August 12, 2014 7:34:58 AM CEST, Long Wind  wrote:
>On 8/12/14, Stuart Henderson  wrote:
>>
>> Yes.
>>
>> Did you use separate disk partitions, or just make one big /
>partition?
>>
>>
>
>does that matter?
>I am new to OpenBSD, and I let installation program decide how to
>disk-label

Oh come on. Stuart is very much *not* new to OpenBSD, and now he asked the 
exact same question twice. Why would it *not* matter?

Just answer the [essence of the] question.

/Alexander

Re: Good thing

2014-08-11 Thread Eric Furman 
On Mon, Aug 11, 2014, at 11:53 AM, Alexandre Ratchov wrote:
> On Mon, Aug 11, 2014 at 05:05:17PM +0200, Gustav Fransson Nyvell wrote:
> > On 08/11/14 11:49, Alexandre Ratchov wrote:
> > >On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
> > >>Good thing OpenBSD didn't go down the multiple versions path.
> > >>
> > >>$ au
> > >>aucat   autoheader-2.59 automake-1.11 autoscan-2.63
> > >>audioctlautoheader-2.61 automake-1.14 autoscan-2.65
> > >[...]
> > >
> > >since you seem to dislike this, awaiting your diff to fix it. Talk
> > >is cheap and wastes other people's time.
> > There's no guarantee a patch would be accepted.
> 
> Just fix the problem you're complaining about, for you. Nobody
> forces you to share your solution; in case you share it, nobody
> will prevent you from using it, right?
> 
> Still I don't see your patch to fix the problem you're complaining
> about. Complaining wont fix this problem.
> 

This "problem" was created by the original posters ignorance.
There is in fact no actual problem.

Re: I have several questions

2014-08-11 Thread Long Wind 
On 8/12/14, Stuart Henderson  wrote:
>
> Yes.
>
> Did you use separate disk partitions, or just make one big / partition?
>
>

does that matter?
I am new to OpenBSD, and I let installation program decide how to disk-label

pf queuing not limiting bandwidth

2014-08-11 Thread Raimundo Santos 
Hello misc!

I am with a very non expected behaviour. With this simple pf.conf

# pfctl -vnf /etc/pf.conf

set skip on { lo }

queue root on alc0 bandwidth 600M default

pass out on alc0 all flags S/SA set ( queue root )

I got this queue output when running tcpbench in client mode

# pfctl -vvvsq

  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

queue root on alc0 bandwidth 600M default qlimit 50

  [ pkts:6099167  bytes: 9233990662  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]


  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

  [ measured: 0.0 packets/s, 0 b/s ]

queue root on alc0 bandwidth 600M default qlimit 50

  [ pkts:6500911  bytes: 9842225822  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

  [ measured: 80348.8 packets/s, 973.18Mb/s ]


  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

  [ measured: 0.0 packets/s, 0 b/s ]

queue root on alc0 bandwidth 600M default qlimit 50

  [ pkts:6902593  bytes: 10450369962  dropped pkts:  0 bytes:
0 ]

  [ qlength:   0/ 50 ]

  [ measured: 80342.6 packets/s, 973.10Mb/s ]

# pfctl -vsr

pass out on alc0 all flags S/SA set ( queue root )

  [ Evaluations: 493   Packets: 14082601  Bytes: 13949048492  States: 1
]

  [ Inserted: uid 0 pid 3493 State Creations: 1 ]


I've tried with 100M, 200M and 400M, all not shaping.

I've also tried to setup a root queue with 200M and two child: a default
with 1M and the other, referred in the rule, with 100M, also not working.

I am playing with tcpbench and this is the only traffic I really care about
on this machine. I restarted the tcpbench client on this machine every time
I reloaded the testing rule and queue, and even deleted the related states
(or states, in cases that I run tcpbench -b ), but nothing
leads me to the desired bandwidth shaping.

I am experiencing the same behaviour in a virtual machine under KVM with
PCI Passthrough of an Intel NIC. These are the conf and results from the
virtual machine:

# pfctl -vf /etc/pf.conf



set skip on { lo }

queue std on em0 bandwidth 100M default

pass out on em0 all flags S/SA set ( queue std )


# pfctl -vvvsq

  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

queue std on em0 bandwidth 100M default qlimit 50

  [ pkts: 1195513815  bytes: 87858084628  dropped pkts:  0 bytes:
0 ]

  [ qlength:   0/ 50 ]


  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

  [ measured: 0.0 packets/s, 0 b/s ]

queue std on em0 bandwidth 100M default qlimit 50

  [ pkts: 1195734870  bytes: 88192747866  dropped pkts:  0 bytes:
0 ]

  [ qlength:   0/ 50 ]

  [ measured: 44211.0 packets/s, 535.46Mb/s ]


  [ pkts:  0  bytes:  0  dropped pkts:  0 bytes:  0
]

  [ qlength:   0/ 50 ]

  [ measured: 0.0 packets/s, 0 b/s ]

queue std on em0 bandwidth 100M default qlimit 50

  [ pkts: 1195960995  bytes: 88535089028  dropped pkts:  0 bytes:
0 ]

  [ qlength:   0/ 50 ]

  [ measured: 44718.0 packets/s, 541.60Mb/s ]

# pfctl -vsr

pass out on em0 all flags S/SA set ( queue std )

  [ Evaluations: 2 Packets: 1853414   Bytes: 1708817040  States: 2
]

  [ Inserted: uid 0 pid 19622 State Creations: 2 ]

The traffic passes through a Linux box where I have per ip bandwitdh
control (justifying tcpbench -b ), an in house bandwidth controller
(poor man's 'net equalizer'). My intent was to not put a very high load
over this machine by getting close to my real pps and bps and so make my
capacity planing.

What am I doing wrong with these queues?

Thank you all,
Raimundo Santos

Here is my dmesgs, first from the physical machine and after from the
virtual machine:

OpenBSD 5.5 (GENERIC.MP) #315: Wed Mar  5 09:37:46 MST 2014
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8538095616 (8142MB)
avail mem = 8302202880 (7917MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0x9f400 (53 entries)
bios0: vendor American Megatrends Inc. version "0803" date 07/23/2012
bios0: ASUSTeK Computer INC. M4A78LT-M-LE
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG OEMB SRAT HPET SSDT
acpi0: wakeup devices PCE2(S4) PCE3(S4) PCE4(S4) PCE5(S4) PCE6(S4) ALAN(S4)
PCE7(S4) PCE9(S4) PCEA(S4) PCEB(S4) PCEC(S4) SBAZ(S4) PS2M(S4) PS2K(S4)
UAR1(S4) P0PC(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Phenom(tm) II X2 565 Processor, 3415.72 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,

Re: openbsd as debian's pxe server , but dhcp error happens

2014-08-11 Thread Tuyosi Takesima 
sorry for dirty mail ( becasue on gmail , it is not dirty )
so again send .

---
'original initrd.gz' doesn't have firmware of  e100/d101m_ucode.bin .
so ifailed .

i read http://qiita.com/harukasan/items/98db5f4639433e5e40d4 .
then i make initrd_nonfree.gz .

cd  /tftpdboot/debian-installer/i386/
cp  initrd.gz   initrd.gz-original
mv   initrd.gz-original  initrd.gz

 ls -l /tftpdboot/debian-installer/i386/
total 52096
drwxr-xr-x  5 root  wheel   512 Jul 20 00:19 boot-screens
-rw-r--r--  1 root  wheel  17706681 Aug 12 11:24 initrd.gz

-rw-r--r--  1 root  wheel   6683528 Aug 12 11:24 initrd.gz-original
-rw-r--r--  1 root  wheel   2195008 Jul 15 12:52 linux
-rw-r--r--  1 root  wheel 26816 Jul 15 12:47 pxelinux.0
drwxr-xr-x  2 root  wheel   512 Jul 15 12:44 pxelinux.cfg

cat
/etc/dhcpd.conf
option  domain-name-servers 192.168.1.1;
subnet 192.168.11.0 netmask 255.255.255.0 {
option routers 192.168.11.1;
range 192.168.11.32 192.168.11.33;
filename"pxelinux.0";
next-server 192.168.11.1;
}
--
and in addition

i install openbsd by openbsd PXE server.
this process is much faster and simpler .
next is only memo .

mkdir /tftpdboot
cd /tftpdboot
wget http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/pxeboot

wget http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/bsd.rd
ln -s pxeboot pxelinux.0
mkdir etc/
cat etc/boot.conf
boot tftp:/bsd.rd

tftpd  /tftpdboot/
-
tuyosi

Re: openbsd as debian's pxe server , but dhcp error happens

2014-08-11 Thread Tuyosi Takesima 
*Hi , all .*


*'original **initrd.gz' doesn't have firmware of  *


*e100/d101m_ucode.bin .so ifailed .*


*i read http://qiita.com/harukasan/items/98db5f4639433e5e40d4
 .*

*then i make *initrd_nonfree.gz .

then cd
* /tftpdboot/debian-installer/i386/ .*

*cp *
* initrd.gz   initrd.gz-original*

*mv *  *initrd.gz-original  *
*initrd.gz*


























* ls -l /tftpdboot/debian-installer/i386/ total 52096drwxr-xr-x  5
root  wheel   512 Jul 20 00:19 boot-screens-rw-r--r--  1 root
wheel  17706681 Aug 12 11:24 initrd.gz-rw-r--r--  1 root  wheel
6683528 Aug 12 11:24 initrd.gz-original-rw-r--r--  1 root  wheel
2195008 Jul 15 12:52 linux-rw-r--r--  1 root  wheel 26816 Jul 15
12:47 pxelinux.0drwxr-xr-x  2 root  wheel   512 Jul 15 12:44
pxelinux.cfgcat /etc/dhcpd.conf
  option  domain-name-servers 192.168.1.1;subnet
192.168.11.0 netmask 255.255.255.0 {option routers
192.168.11.1;range 192.168.11.32 192.168.11.33;#host
pxe-client {#hardware ethernet 00:00:39:E3:38:99; #debian
installing PC's MACfilename"pxelinux.0";
next-server 192.168.11.1;#}}--*


*and in addition *


*i install openbsd by openbsd PXE server.*


*this process is much faster and simpler .*

































*next is only memo .cat /etc/dhcpd.interfaces   ne3cat /etc/dhcpd.conf
option
domain-name-servers 192.168.1.1;subnet 192.168.11.0 netmask
255.255.255.0 {option routers 192.168.11.1;range
192.168.11.32 192.168.11.33;#host pxe-client {#
hardware ethernet 00:00:39:E3:38:99; #debian installing PC's MAC
 filename"pxelinux.0";next-server 192.168.11.1;#
 }}mkdir /tftpdbootcd /tftpdbootwget
http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/pxeboot
wget
http://ftp.openbsd.org/pub/OpenBSD/5.5/i386/bsd.rd
ln -s pxeboot
pxelinux.0mkdir etc/cat etc/boot.conf  boot tftp:/bsd.rdtftpd
/tftpdboot/-*


*tuyosi*

Re: disklabel/scan_ffs

2014-08-11 Thread Stefan Olsson 
Bliss! -A simple power cycle while bridge was still connected with USB, woke
the disk up! Both disklabel and fdisk worked fine on the disk after this and
I've got my files.
Before the powercycle I got same Input/output error from fdisk as from
disklabel:







# fdisk sd1
fdisk: DIOCGPDINFO: Input/output error
fdisk:
Can't get disk geometry, please use [-chs] to specify.

Re: [Bulk] I have several questions

2014-08-11 Thread Kevin Chadwick 
previously on this list Long Wind contributed:

> i plan to use online banking on OpenBSD, so
> security is very important
> 
> which package can select part of mp3 file to create a new mp3?
> 
> why jdk(java) support is poor on OpenBSD? according to faq, it runs
> only on amd64. do I have to use Linux emulation?

Personally I wouldn't use JAVA or be very careful about using it on any
machine that I was using for online banking so may I suggest if you
haven't already giving some consideration to the possibility of
isolating tasks?

-- 
___

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)

In Other Words - Don't design like polkit or systemd
___

Re: disklabel/scan_ffs

2014-08-11 Thread Stuart Henderson 
On 2014-08-11, Stefan Olsson  wrote:
> Hi,
> I have a hard drive that crashed in some way or the other, and I'd like to see
> if I can access it, and ideally retrieve some of the files. I've connected it
> to a USB-bridge, but I fear it is beyond repair as it gets an error when I try
> to do disklabel: # disklabel sd1disklabel: ioctl DIOCGDINFO: Input/output
> error
>
> I also tried scan_ffs in different ways:# scan_ffs /dev/rsd1c scan_ffs: read:
> Input/output error# scan_ffs /dev/sd1c  
> scan_ffs: /dev/sd1c: No medium found
> # scan_ffs /dev/sd1  
> scan_ffs: /dev/sd1: No such file or directory
> # scan_ffs
> /dev/sd1a
> scan_ffs: /dev/sd1a: No medium found
> # scan_ffs /dev/rsd1a
> scan_ffs:
> /dev/rsd1a: No medium found
>
> -Should I just give up, or are there other options?
> Some info:# sysctl hw.disknameshw.disknames=sd0:1ea2ee1a14a6352d,cd0:,sd1:

What does 'fdisk sd1' say?

Have you used this USB bridge before? Does it work with a known-good disk?

FWIW (commercial software though), r-studio can read OpenBSD FFS. Might be
worth a try with the demo of that if you have access to a (Windows|Mac|Linux)
box to run it on.

Re: I have several questions

2014-08-11 Thread Stuart Henderson 
On 2014-08-11, Long Wind  wrote:
> On 8/12/14, Stuart Henderson  wrote:
>> On 2014-08-11, Mxher  wrote:
>>
>> Did you use separate disk partitions, or just make one big / partition?
>> If the latter, that would *probably* stop the signature verification from
>> being possible.
>>
>
> By "installation files" I mean installation files on CD
> The installation program says it can't verify
> and I have to make an answer to let installation program go ahead
>
>

Yes. 

Did you use separate disk partitions, or just make one big / partition?

Re: I have several questions

2014-08-11 Thread Theo de Raadt 
> > Did you use separate disk partitions, or just make one big / partition?
> > If the latter, that would *probably* stop the signature verification from
> > being possible.
> >
> 
> By "installation files" I mean installation files on CD
> The installation program says it can't verify
> and I have to make an answer to let installation program go ahead

You mean you used the install*.iso or install*.fs files for installation.

This is documented that these media do not have signatures for the
contents inside themselves.  For those install methods you have to verify
the install media files themselves beforehands.

Did you do that?  You didn't, did you.  And then you booted that on
your machine?  Tsk tsk.  This is the least of your problems...

Re: I have several questions

2014-08-11 Thread Long Wind 
On 8/12/14, Stuart Henderson  wrote:
> On 2014-08-11, Mxher  wrote:
>
> Did you use separate disk partitions, or just make one big / partition?
> If the latter, that would *probably* stop the signature verification from
> being possible.
>

By "installation files" I mean installation files on CD
The installation program says it can't verify
and I have to make an answer to let installation program go ahead

Re: disklabel/scan_ffs

2014-08-11 Thread Zé Loff 
On Mon, Aug 11, 2014 at 12:36:35PM -0400, Stefan Olsson wrote:
> Hi,
> I have a hard drive that crashed in some way or the other, and I'd like to see
> if I can access it, and ideally retrieve some of the files. I've connected it
> to a USB-bridge, but I fear it is beyond repair as it gets an error when I try
> to do disklabel: # disklabel sd1disklabel: ioctl DIOCGDINFO: Input/output
> error
> 
> I also tried scan_ffs in different ways:# scan_ffs /dev/rsd1c scan_ffs: read:
> Input/output error# scan_ffs /dev/sd1c  
> scan_ffs: /dev/sd1c: No medium found
> # scan_ffs /dev/sd1  
> scan_ffs: /dev/sd1: No such file or directory
> # scan_ffs
> /dev/sd1a
> scan_ffs: /dev/sd1a: No medium found
> # scan_ffs /dev/rsd1a
> scan_ffs:
> /dev/rsd1a: No medium found
> 
> -Should I just give up, or are there other options?
> Some info:# sysctl hw.disknameshw.disknames=sd0:1ea2ee1a14a6352d,cd0:,sd1:

Have you tried sleuthkit? I've used it in the past but it was so long
ago I can't quite remember what problem needed fixing, but IIRC it was
for something similar to your problem and it did the job. Best of luck.

--

Re: Good thing

2014-08-11 Thread Stuart Henderson 
On 2014-08-11, Gustav Fransson Nyvell  wrote:
> On 08/11/14 11:49, Alexandre Ratchov wrote:
>> On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
>>> Good thing OpenBSD didn't go down the multiple versions path.
>>>
>>> $ au
>>> aucat   autoheader-2.59 automake-1.11 autoscan-2.63
>>> audioctlautoheader-2.61 automake-1.14 autoscan-2.65
>> [...]
>>
>> since you seem to dislike this, awaiting your diff to fix it. Talk
>> is cheap and wastes other people's time.
> There's no guarantee a patch would be accepted.

It would not be accepted, there is a reason for multiple versions of autoconf.
If you don't like it polluting your system directories, install packages rather
than build from ports.

Re: I have several questions

2014-08-11 Thread Stuart Henderson 
On 2014-08-11, Mxher  wrote:
> Le 11/08/2014 22:47, Long Wind a écrit :
>> how to list packages that belong to a section?
>> (e.g. audio section)
>> 
> My first guess would be to fetch ports
> (http://www.openbsd.org/faq/faq15.html#PortsFetch) and then list
> packages in the "audio" directory :)
>
> Another way could be to use pkg_mgr (http://dawn.rhaalovely.net/pkg_mgr/).
>
> There is probably some other ways for which I am not aware of.

+1 for pkg_mgr if you want a "package browser".

>> during installation it says it can't verify signatures of installation
>> files (I use 5.5 CD for i386)
>> is that important? i plan to use online banking on OpenBSD, so
>> security is very important

Did you use separate disk partitions, or just make one big / partition?
If the latter, that would *probably* stop the signature verification from
being possible.

>> which package can select part of mp3 file to create a new mp3?

mp3splt / mp3splt-gtk
audacity
sox
probably others

>> why jdk(java) support is poor on OpenBSD? according to faq, it runs
>> only on amd64.

It was broken for 5.5 release on i386, iirc this was to do with stack
alignment, packages are available again for snapshots and will be in 5.6
though there is still an intermittent problem where javac fails from
time to time.

>> do I have to use Linux emulation?

I suspect this is unlikely to be very successful for jdk. If you have
64-bit capable hardware then it might be better to reinstall with amd64
if you're going to be using this regularly..

Re: I have several questions

2014-08-11 Thread Mxher 
Le 11/08/2014 22:47, Long Wind a écrit :
> how to list packages that belong to a section?
> (e.g. audio section)
> 
My first guess would be to fetch ports
(http://www.openbsd.org/faq/faq15.html#PortsFetch) and then list
packages in the "audio" directory :)

Another way could be to use pkg_mgr (http://dawn.rhaalovely.net/pkg_mgr/).

There is probably some other ways for which I am not aware of.


> during installation it says it can't verify signatures of installation
> files (I use 5.5 CD for i386)
> is that important? i plan to use online banking on OpenBSD, so
> security is very important
> 
> which package can select part of mp3 file to create a new mp3?
> 
> why jdk(java) support is poor on OpenBSD? according to faq, it runs
> only on amd64. do I have to use Linux emulation?
> 
> Thanks!

I have several questions

2014-08-11 Thread Long Wind 
how to list packages that belong to a section?
(e.g. audio section)

during installation it says it can't verify signatures of installation
files (I use 5.5 CD for i386)
is that important? i plan to use online banking on OpenBSD, so
security is very important

which package can select part of mp3 file to create a new mp3?

why jdk(java) support is poor on OpenBSD? according to faq, it runs
only on amd64. do I have to use Linux emulation?

Thanks!

disklabel/scan_ffs

2014-08-11 Thread Stefan Olsson 
Hi,
I have a hard drive that crashed in some way or the other, and I'd like to see
if I can access it, and ideally retrieve some of the files. I've connected it
to a USB-bridge, but I fear it is beyond repair as it gets an error when I try
to do disklabel: # disklabel sd1disklabel: ioctl DIOCGDINFO: Input/output
error

I also tried scan_ffs in different ways:# scan_ffs /dev/rsd1c scan_ffs: read:
Input/output error# scan_ffs /dev/sd1c  
scan_ffs: /dev/sd1c: No medium found
# scan_ffs /dev/sd1  
scan_ffs: /dev/sd1: No such file or directory
# scan_ffs
/dev/sd1a
scan_ffs: /dev/sd1a: No medium found
# scan_ffs /dev/rsd1a
scan_ffs:
/dev/rsd1a: No medium found

-Should I just give up, or are there other options?
Some info:# sysctl hw.disknameshw.disknames=sd0:1ea2ee1a14a6352d,cd0:,sd1:









# dmesg







OpenBSD 5.6 (GENERIC.MP) #299: Fri Aug  8 00:10:33 MDT
2014
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz ("GenuineIntel" 686-class)
1.29 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,V
MX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF,PERF
real mem  =
3745349632 (3571MB)
avail mem = 3671699456 (3501MB)
mpath0 at root
scsibus0 at
mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date
08/11/09, BIOS32 rev. 0 @ 0xffa10, SMBIOS rev. 2.4 @ 0xf67a0 (55 entries)
bios0: vendor Dell Inc. version "A07" date 08/11/2009
bios0: Dell Inc.
Precision M6400
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0:
tables DSDT FACP HPET DMAR APIC ASF! MCFG TCPA SLIC SSDT
acpi0: wakeup devices
PCI0(S5) PCIE(S4) USB1(S0) USB2(S0) USB3(S0) USB4(S0) USB5(S0) USB6(S0)
EHC2(S0) EHCI(S0) AZAL(S3) RP01(S4) RP02(S4) RP03(S4) RP04(S3) RP05(S3) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0
(boot processor)
mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges
cpu0: apic clock running at 266MHz
cpu0: mwait min=64, max=64,
C-substates=0.2.2.2.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz ("GenuineIntel" 686-class)
2.80 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,LONG,SSE3,DTES64,MWAIT,DS-CPL,V
MX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF,PERF
ioapic0 at
mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as
apic 0, remapped to apid 2
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 3 (PCIE)
acpiprt1 at acpi0: bus 1 (AGP_)
acpiprt2 at
acpi0: bus 11 (RP01)
acpiprt3 at acpi0: bus 12 (RP02)
acpiprt4 at acpi0: bus
13 (RP03)
acpiprt5 at acpi0: bus 14 (RP04)
acpiprt6 at acpi0: bus 16 (RP05)
acpiprt7 at acpi0: bus 9 (RP06)
acpiprt8 at acpi0: bus 0 (PCI0)
acpiec0 at
acpi0
acpicpu0 at acpi0: C3, C2, C1, PSS
acpicpu1 at acpi0: C3, C2, C1, PSS
acpitz0 at acpi0: critical temperature is 107 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: PBTN
acpibtn2 at acpi0: SBTN
acpiac0 at acpi0: AC unit
online
acpibat0 at acpi0: BAT0 model "DELL H355F8A" serial 10297 type LION oem
"Samsung SDI"
acpivideo0 at acpi0: VID_
acpivout0 at acpivideo0: LCD_
bios0:
ROM list: 0xc/0xe000 0xce000/0x2000
cpu0: Enhanced SpeedStep 2794 MHz:
speeds: 2801, 2800, 2134, 1600 MHz
pci0 at mainbus0 bus 0: configuration mode
1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel Q45 Host" rev 0x03
ppb0 at pci0
dev 1 function 0 "Intel Q45 PCIE" rev 0x03: apic 2 int 16
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 vendor "NVIDIA", unknown product 0x063a rev 0xa1
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen
1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 26 function 0 "Intel
82801I USB" rev 0x02: apic 2 int 20
uhci1 at pci0 dev 26 function 1 "Intel
82801I USB" rev 0x02: apic 2 int 21
uhci2 at pci0 dev 26 function 2 "Intel
82801I USB" rev 0x02: apic 2 int 22
ehci0 at pci0 dev 26 function 7 "Intel
82801I USB" rev 0x02: apic 2 int 22
usb0 at ehci0: USB revision 2.0
uhub0 at
usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27
function 0 "Intel 82801I HD Audio" rev 0x02: msi
azalia0: codecs: IDT 92HD71B7
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x02:
apic 2 int 16
pci2 at ppb1 bus 11
ppb2 at pci0 dev 28 function 1 "Intel 82801I
PCIE" rev 0x02: apic 2 int 17
pci3 at ppb2 bus 12
"Broadcom BCM4313" rev 0x01
at pci3 dev 0 function 0 not configured
ppb3 at pci0 dev 28 function 2 "Intel
82801I PCIE" rev 0x02: apic 2 int 18
pci4 at ppb3 bus 13
ppb4 at pci0 dev 28
function 3 "Intel 82801I PCIE" rev 0x02: apic 2 int 19
pci5 at ppb4 bus 14
re0
at pci5 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E-VL (0x2c80),
msi, address 00:13:3b:85:05:69
rgephy0 at re0 phy 7: RTL8169S/8110S PHY,

nginx in the default newsyslog.conf

2014-08-11 Thread Jan Stary 
The default newsyslog.conf as installed with the latest i386 snapshot
contains lines referencing the running nginx's pid as follows:

/var/www/logs/access.log 644 4 *  $W0  Z /var/run/nginx.pid SIGUSR1
/var/www/logs/error.log  644 7 250  *  Z /var/run/nginx.pid SIGUSR1

The defult configuration of nginx, however,
makes nginx run chrooted in /var/www
which makes the PID file /var/www/run/nginx.pid

Should that be reflected in the default newsyslog.conf?

Jan

Using pkg_add corners

2014-08-11 Thread sven falempin 
Dear misc readers,

On an amd64 vm, with 5.5 patch branch.

# pkg_add -D libdepends -Q /usr/packs /usr/ports/packages/`uname -m`/all/*
Can't install curl-7.34.0p0 because of libraries
|library c.73.1 not found
| not found anywhere
|library crypto.23.0 not found
| not found anywhere
|library ssl.20.0 not found
| not found anywhere
|library z.5.0 not found
| not found anywhere
Direct dependencies for curl-7.34.0p0 resolve to libidn-1.28p0
libiconv-1.14p1 gettext-0.18.2p4
Full dependency tree is libidn-1.28p0 libiconv-1.14p1 gettext-0.18.2p4

copying libs in /usr/packs  the problem.
Is it a bug or i do not understand -D libdepends ?

Best regards,


-- 
-
() ascii ribbon campaign - against html e-mail
/\

Re: OpenSSL static

2014-08-11 Thread Ed Hynan 

On Mon, 11 Aug 2014, Theo de Raadt wrote:


Do any of the system's static binaries use lib(ssl|crypto).a?


A few use -lcrypto:
   iked isakmpd dc ftp

Only one uses -lssl and -lcrypto:
   ftp



Thanks for the prompt reply.

dc! That caught me by surprise.

-Ed

Re: Good thing

2014-08-11 Thread Alexandre Ratchov 
On Mon, Aug 11, 2014 at 05:05:17PM +0200, Gustav Fransson Nyvell wrote:
> On 08/11/14 11:49, Alexandre Ratchov wrote:
> >On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
> >>Good thing OpenBSD didn't go down the multiple versions path.
> >>
> >>$ au
> >>aucat   autoheader-2.59 automake-1.11 autoscan-2.63
> >>audioctlautoheader-2.61 automake-1.14 autoscan-2.65
> >[...]
> >
> >since you seem to dislike this, awaiting your diff to fix it. Talk
> >is cheap and wastes other people's time.
> There's no guarantee a patch would be accepted.

Just fix the problem you're complaining about, for you. Nobody
forces you to share your solution; in case you share it, nobody
will prevent you from using it, right?

Still I don't see your patch to fix the problem you're complaining
about. Complaining wont fix this problem.

Re: Good thing

2014-08-11 Thread Giancarlo Razzolini 
On 11-08-2014 12:05, Gustav Fransson Nyvell wrote:
> There's no guarantee a patch would be accepted.
Don't feed the troll, please.

--
Giancarlo Razzolini
GPG: 4096R/77B981BC

[demime 1.01d removed an attachment of type application/pkcs7-signature which 
had a name of smime.p7s]

Re: Good thing

2014-08-11 Thread Philip Guenther 
On Mon, Aug 11, 2014 at 8:05 AM, Gustav Fransson Nyvell 
wrote:

> On 08/11/14 11:49, Alexandre Ratchov wrote:
>
>> On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
>>
>>> Good thing OpenBSD didn't go down the multiple versions path.
>>>
>>> $ au
>>> aucat   autoheader-2.59 automake-1.11 autoscan-2.63
>>> audioctlautoheader-2.61 automake-1.14 autoscan-2.65
>>>
>> [...]
>>
>> since you seem to dislike this, awaiting your diff to fix it. Talk
>> is cheap and wastes other people's time.
>>
> There's no guarantee a patch would be accepted.


You'll only write a patch if we guarantee to accept it before you write it?
 No *committer* gets that promise.

Of course, you are guaranteed that you can run your patch on your own
system.  Indeed, that's part of your own testing and understanding the
consequences of your design choices.


Philip Guenther

OpenSSL static

2014-08-11 Thread Ed Hynan 

The latest openssl patch was announced on the announce list.

Do any of the system's static binaries use lib(ssl|crypto).a?

-Ed

Re: OpenSSL static

2014-08-11 Thread Theo de Raadt 
> Do any of the system's static binaries use lib(ssl|crypto).a?

A few use -lcrypto:
iked isakmpd dc ftp

Only one uses -lssl and -lcrypto:
ftp

This latest diff is mostly concerned with -lssl.  Previous errata in
this area have mentioned the need for recompiling / relinking ftp, as
a precaution.  Probably should also be included this time...

Re: Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

On 08/11/14 11:49, Alexandre Ratchov wrote:

On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.

$ au
aucat   autoheader-2.59 automake-1.11 autoscan-2.63
audioctlautoheader-2.61 automake-1.14 autoscan-2.65

[...]

since you seem to dislike this, awaiting your diff to fix it. Talk
is cheap and wastes other people's time.

There's no guarantee a patch would be accepted.

--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.

Re: Patch: mention "tc" capability in login.conf(5)

2014-08-11 Thread Jason McIntyre 
On Fri, Aug 08, 2014 at 10:16:43AM +0800, Edward wrote:
> Hi,
> 
> While reading on login.conf(5), can't find "tc" capability mentions.
> But, examples & usage are demonstrated in /etc/login.conf. After some
> search and readings, found out that it has a few paragraph explaining in
> getcap(3):
> 
> "A special capability, tc= name, is used to indicate that the record specified
> by name should be substituted for the tc capability.  tc capabilities may
> interpolate records which also contain tc capabilities and more than one tc
> capability may be used in a record.  A tc expansion scope (i.e., where the
> argument is searched for) contains the file in which the tc is declared and 
> all
> subsequent files in the file array.
>
> When a database is searched for a capability record, the first matching record
> in the search is returned.  When a record is scanned for a capability, the
> first matching capability is returned; the capability :nameT@: will hide any
> following definition of a value of type T for name; and the capability :name@:
> will prevent any following values of name from being seen.
>  
> These features combined with tc capabilities can be used to generate 
> variations
> of other databases and records by either adding new capabilities, overriding
> definitions with new definitions, or hiding following definitions via `@'
> capabilities."
> 
> I though it should be mention in login.conf(5). Attached is a diff
> inserting "tc" capability into the table of login.conf(5).
> 
> Comments?
> 
> Regards,
> Edward.
> 
> Index: login.conf.5
> ===
> RCS file: /cvs/src/share/man/man5/login.conf.5,v
> retrieving revision 1.52
> diff -u -p -r1.52 login.conf.5
> --- login.conf.5  18 Feb 2014 22:54:14 -  1.52
> +++ login.conf.5  8 Aug 2014 02:00:04 -
> @@ -310,6 +310,13 @@ The
>  environment variable will contain the shell specified in the password file.
>  .\"
>  .Pp
> +.It tc Ta string Ta "" Ta
> +Interpolate / Expands records from corresponding
> +.Pa login.conf .
> +See
> +.Xr getcap 3 .
> +.\"
> +.Pp
>  .It term Ta string Ta Dv su Ta
>  Default terminal type if not able to determine from other means.
>  .\"
> 

fixed, thanks.
jmc

Re: Good thing

2014-08-11 Thread Alexandre Ratchov 
On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
> Good thing OpenBSD didn't go down the multiple versions path.
> 
> $ au
> aucat   autoheader-2.59 automake-1.11 autoscan-2.63
> audioctlautoheader-2.61 automake-1.14 autoscan-2.65

[...]

since you seem to dislike this, awaiting your diff to fix it. Talk
is cheap and wastes other people's time.

Re: Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

On 08/11/14 09:22, Peter N. M. Hansteen wrote:

On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.

does the word 'dependencies' ring a bell?

- P
Oh, I thought you had to keep all programs up to date on OpenBSD because 
that's the "OpenBSD way?"


--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.

Re: Good thing

2014-08-11 Thread Henning Brauer 
* Gustav Fransson Nyvell  [2014-08-11 09:04]:
> Good thing OpenBSD didn't go down the multiple versions path.

Good thing OpenBSD doesn't attract more idiots like you.
Go away.

Everybody else: don't feed the troll.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: Good thing

2014-08-11 Thread Peter N. M. Hansteen 
On Mon, Aug 11, 2014 at 09:02:29AM +0200, Gustav Fransson Nyvell wrote:
> Good thing OpenBSD didn't go down the multiple versions path.

does the word 'dependencies' ring a bell?

- P
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

On 08/11/14 09:13, Brad Smith wrote:

On 11/08/14 3:16 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:10, Brad Smith wrote:

On 11/08/14 3:10 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:04, Brad Smith wrote:

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?


If I explain, will you ask what the point of my explanation is? You're
stuck in an eternal loop.


So I'll take it you're just trying to make yourself look like a fool.


Okay. Well, what I mean is, you are hypocrites.


This isn't a venting list for your retarded bullshit.



What is bullshit?

--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.

Re: Good thing

2014-08-11 Thread Brad Smith 

On 11/08/14 3:16 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:10, Brad Smith wrote:

On 11/08/14 3:10 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:04, Brad Smith wrote:

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?


If I explain, will you ask what the point of my explanation is? You're
stuck in an eternal loop.


So I'll take it you're just trying to make yourself look like a fool.


Okay. Well, what I mean is, you are hypocrites.


This isn't a venting list for your retarded bullshit.


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

On 08/11/14 09:10, Brad Smith wrote:

On 11/08/14 3:10 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:04, Brad Smith wrote:

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?


If I explain, will you ask what the point of my explanation is? You're
stuck in an eternal loop.


So I'll take it you're just trying to make yourself look like a fool.


Okay. Well, what I mean is, you are hypocrites.

--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.

Re: Good thing

2014-08-11 Thread Brad Smith 

On 11/08/14 3:10 AM, Gustav Fransson Nyvell wrote:

On 08/11/14 09:04, Brad Smith wrote:

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?


If I explain, will you ask what the point of my explanation is? You're
stuck in an eternal loop.


So I'll take it you're just trying to make yourself look like a fool.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

On 08/11/14 09:04, Brad Smith wrote:

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?

If I explain, will you ask what the point of my explanation is? You're 
stuck in an eternal loop.


--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.

Re: Good thing

2014-08-11 Thread Brad Smith 

On 11/08/14 3:02 AM, Gustav Fransson Nyvell wrote:

Good thing OpenBSD didn't go down the multiple versions path.


The point of your sarcastic post is?

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Good thing

2014-08-11 Thread Gustav Fransson Nyvell 

Good thing OpenBSD didn't go down the multiple versions path.

$ au
aucat   autoheader-2.59 automake-1.11 autoscan-2.63
audioctlautoheader-2.61 automake-1.14 autoscan-2.65
aumix   autoheader-2.63 automake-1.9 autoscan-2.67
authpf  autoheader-2.65 autopoint autoscan-2.68
authpf-noip autoheader-2.67 autoreconf autoscan-2.69
autoconfautoheader-2.68 autoreconf-2.13 autoupdate
autoconf-2.13   autoheader-2.69 autoreconf-2.52 autoupdate-2.13
autoconf-2.52   autoloadautoreconf-2.59 autoupdate-2.52
autoconf-2.59   autom4teautoreconf-2.61 autoupdate-2.59
autoconf-2.61   autom4te-2.59   autoreconf-2.63 autoupdate-2.61
autoconf-2.63   autom4te-2.61   autoreconf-2.65 autoupdate-2.63
autoconf-2.65   autom4te-2.63   autoreconf-2.67 autoupdate-2.65
autoconf-2.67   autom4te-2.65   autoreconf-2.68 autoupdate-2.67
autoconf-2.68   autom4te-2.67   autoreconf-2.69 autoupdate-2.68
autoconf-2.69   autom4te-2.68   autoscan-2.13 autoupdate-2.69
autoheader  autom4te-2.69   autoscan-2.52
autoheader-2.13 automakeautoscan-2.59
autoheader-2.52 automake-1.10   autoscan-2.61

--
This e-mail is confidential and may not be shared with anyone other than 
recipient(s) without written permission from sender.