Re: Hitting the bootable cylinder limit?

2015-11-23 Thread Theo de Raadt 
In OpenBSD, we have largely side-stepped these issue... by no longer
pandering to the tweaker-mindset that builds multiboot systems.

We think all the parts are there, but nothing makes it trivial because
the potential set of configurations is too large.

Essentially, you are on your own. :-)

> It seems like there should be a better way to detect this other than
> trial and error.  I put a new 1 TB drive in my laptop (Seagate
> ST1000LM024) about a month ago.  Being aware there was such a limit I
> made small boot partitions at the beginning of the drive (I thought):
> 32 GB Windows, 64 GB OpenBSD, 32 GB Linux.  As predicted everything
> worked at first, then installing MeTV keys made my Linux unbootable
> with an error from Lilo about the key file being corrupt and I suspect
> it's related to this limit.  The original position of the file was
> probably OK, the new file got made in an unreachable position.
> 
> So I've probably got some storage-only partitions that won't boot, but
> I want to avoid the same thing happening when I put a 1 TB drive
> (Seagate
> ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I
> really would like Linux working somewhere since I want to play with
> Android stuff.  I need to be able to build kernels for my phones and
> use Android Studio.
> 
> So on the laptop:
> Disk: wd0 geometry: 121601/255/63 [1953525168 Sectors]
> Offset: 0 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
> *0: 0C  0   1   1 -   4079 254  63 [  63:65545137 ] Win95 
> FAT32L
>  1: A6   4080   0   1 -  12365 254  63 [65545200:   133114590 ] OpenBSD
>  2: 83  12366   0   1 -  16444 254  63 [   198659790:65529135 ] Linux 
> files*
>  3: 05  16445   0  62 - 121600 254  63 [   264188986:  1689331079 ] Extended 
> DOS
> Offset: 264188986 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
>  0: 0B  16445   1   1 -  20524 254  63 [   264188988:65545137 ] Win95 
> FAT-32
>  1: 05  20525   0   1 -  24604 254  63 [   329734125:65545200 ] Extended 
> DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 329734125 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
>  0: 0B  20525   1   1 -  24604 254  63 [   329734188:65545137 ] Win95 
> FAT-32
>  1: 05  24605   0   1 -  25114 254  63 [   395279325: 8193150 ] Extended 
> DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 395279325 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
>  0: 82  24605   1   1 -  25114 254  63 [   395279388: 8193087 ] Linux swap
>  1: 05  25115   0   1 -  88856  76  52 [   403472475:  1024004005 ] Extended 
> DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 403472475 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
>  0: A6  25115  63  37 -  88856  76  52 [   403476480:  102400 ] OpenBSD
>  1: 05  88857   0   1 - 121600 254  63 [  1427487705:   526032360 ] Extended 
> DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 1427487705Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
> ---
>  0: 83  88857   1   1 - 121600 254  63 [  1427487768:   526032297 ] Linux 
> files*
>  1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> 
> # /dev/rwd0c:
> type: ESDI
> disk: ESDI/IDE disk
> label: ST1000LM024 HN-M
> duid: abd27361b43df756
> flags:
> bytes/sector: 512
> sectors/track: 63
>

Mesa update glxinfo incorrect?

2015-11-23 Thread Michael Lesniewski 

Hi misc,
After yesterdays update to mesa 11.0.6 the output of glxinfo suggests 
that I no longer have OpenGL 3 support on my graphics chip.
I am not sure if this is the fault of glxinfo picking up the settings 
incorrectly in the newer mesa or mesa itself not liking my graphics or 
me just misunderstanding the output.

If you would like any other info, let me know.

Renderer info mesa 11.0.6:
Extended renderer info (GLX_MESA_query_renderer):
Vendor: X.Org (0x1002)
Device: AMD PALM (DRM 2.29.0) (0x9807)
Version: 11.0.6
Accelerated: yes
Video memory: 256MB
Unified memory: no
Preferred profile: compat (0x2)
Max core profile version: 0.0
Max compat profile version: 2.1
Max GLES1 profile version: 1.1
Max GLES[23] profile version: 2.0
OpenGL vendor string: X.Org
OpenGL renderer string: Gallium 0.4 on AMD PALM (DRM 2.29.0)
OpenGL version string: 2.1 Mesa 11.0.6
OpenGL shading language version string: 1.30

Renderer info mesa 10.2.9:
Extended renderer info (GLX_MESA_query_renderer):
Vendor: X.Org (0x1002)
Device: AMD PALM (0x9807)
Version: 10.2.9
Accelerated: yes
Video memory: 256MB
Unified memory: no
Preferred profile: core (0x1)
Max core profile version: 3.3
Max compat profile version: 3.0
Max GLES1 profile version: 1.1
Max GLES[23] profile version: 3.0
OpenGL vendor string: X.Org
OpenGL renderer string: Gallium 0.4 on AMD PALM
OpenGL version string: 2.1 Mesa 10.2.9
OpenGL shading language version string: 1.30

dmesg:
OpenBSD 5.8-current (GENERIC.MP) #1651: Mon Nov 23 01:05:22 MST 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error 80
real mem = 8281387008 (7897MB)
avail mem = 8026255360 (7654MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe4800 (29 entries)
bios0: vendor Insyde Corp. version "V1.08" date 07/30/2013
bios0: Acer AO725
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP UEFI HPET APIC MCFG ASF! BOOT SLIC SPCR WDRT 
WDAT FPDT SSDT SSDT
acpi0: wakeup devices PB4_(S4) PB6_(S0) SPB0(S0) SPB1(S4) SPB2(S4) 
SPB3(S0) GEC_(S4) OHC1(S3) OHC2(S3) OHC3(S3) OHC4(S3) XHC0(S3) XHC1(S4) 
P2P_(S0)

acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpihpet0 at acpi0: 14318180 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD C-60 APU with Radeon(tm) HD Graphics, 998.30 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 
64b/line 16-way L2 cache

cpu0: 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 199MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD C-60 APU with Radeon(tm) HD Graphics, 998.19 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC
cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 
64b/line 16-way L2 cache

cpu1: 8 4MB entries fully associative
cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 4
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PB4_)
acpiprt2 at acpi0: bus 2 (PB5_)
acpiprt3 at acpi0: bus -1 (PB6_)
acpiprt4 at acpi0: bus -1 (PB7_)
acpiprt5 at acpi0: bus -1 (SPB0)
acpiprt6 at acpi0: bus -1 (SPB1)
acpiprt7 at acpi0: bus -1 (SPB2)
acpiprt8 at acpi0: bus -1 (SPB3)
acpiprt9 at acpi0: bus 3 (P2P_)
acpiec0 at acpi0
acpicpu0 at acpi0: !C2(0@100 io@0x841), C1(@1 halt!), PSS
acpicpu1 at acpi0: !C2(0@100 io@0x841), C1(@1 halt!), PSS
acpitz0 at acpi0: critical temperature is 100 degC
acpibtn0 at acpi0: PWRB
acpibtn1 at acpi0: SLPB
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT1 model "AL12B32" serial 23547 type LION oem "SANYO"
acpibtn2 at acpi0: LID_
acpivideo0 at acpi0: VGA_
acpivout0 at acpivideo0: LCD_
cpu0: 998 MHz: speeds: 1000 800 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00
radeondrm0 at pci0 dev 1 function 0 "ATI Radeon HD 6290" rev 0x00
drm0 at radeondrm0
radeondrm0: msi
azalia0 at pci0 dev 1 function 1 "ATI Radeon HD 6310 HD Audio" rev 0x00: msi
azalia0: no supported codecs
ppb0 at pci0 dev 4 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
re0

Recognizing USB plug-ins

2015-11-23 Thread Mark Carroll 
With OpenBSD 5.8 if I plug in my USB external drive then check usbdevs
or sysctl hw.disknames then I don't see it and dmesg doesn't show
anything. If I boot with the drive already plugged in then I see it. I
am happy to mount it manually, etc., but I wonder how to get the system
to notice the device at all if it wasn't there at boot time. Do I need
hotplug for even that, or is there some other thing I should do?
(Possibly just read some other bit of documentation that I missed.)

-- Mark

Re: 5.8 freezes on Shuttle DS87, anybody else?

2015-11-23 Thread Harald Dunkel 
On 11/16/2015 04:28 PM, Harald Dunkel wrote:
> 
> See attachment. Hope this helps.
> 
> Regards
> Harri
> 
Obviously attachments are not working. Here you go.

Hope this helps
Harri
-
login:

OpenBSD/amd64 (redgate.red.aixigo.de) (tty00)

login:

Stopped at  Debugger+0x9:   leave

ddb{0}> trace
Debugger() at Debugger+0x9
comintr() at comintr+0x253
intr_handler() at intr_handler+0x67
Xintr_ioapic_edge4() at Xintr_ioapic_edge4+0xc9
--- interrupt ---
x86_bus_space_io_write_2() at x86_bus_space_io_write_2+0xf
re_intr() at re_intr+0xbd
intr_handler() at intr_handler+0x67
Xintr_ioapic_edge22() at Xintr_ioapic_edge22+0xc9
--- interrupt ---
Xsoftclock() at Xsoftclock+0x15
--- interrupt ---
end trace frame: 0x0, count: -9
0x8:
ddb{0}> ps
   PID   PPID   PGRPUID  S   FLAGS  WAIT  COMMAND
 23791  27180   5661  0  30x83  ttyin less
 27180   4667  27180  0  30x83  wait  bash
  4667   6058   4667  0  30x8b  pause ksh
  6058  11179   6058  0  30x92  selectsshd
 26887  1  1  0  30x82  ttyopngetty
  9959  1   9959  0  30x83  ttyin getty
   167  1167  0  30x83  ttyin getty
 14289  1  14289  0  30x83  ttyin getty
 23518  1  23518  0  30x83  ttyin getty
 26304  1  26304  0  30x83  ttyin getty
 27872  1  27872  0  30x83  ttyin getty
 31785  1  31785  0  30x80  poll  cron
 28768  1  28768  0  30x80  kqreadapmd
 18511  1948631  30x90  poll  dnsmasq
 17033  1  17033 99  30x90  poll  sndiod
  6479  12666  12666 95  30x90  kqreadsmtpd
 24124  12666  12666 95  30x90  kqreadsmtpd
 27005  12666  12666 95  30x90  kqreadsmtpd
  8097  12666  12666 95  30x90  kqreadsmtpd
 11978  12666  12666 95  30x90  kqreadsmtpd
 19689  12666  12666103  30x90  kqreadsmtpd
 12666  1  12666  0  30x80  kqreadsmtpd
 11179  1  11179  0  30x80  selectsshd
 24589  24236   8654 83  30x90  poll  ntpd
 24236   8654   8654 83  30x90  poll  ntpd
  8654  1   8654  0  30x80  poll  ntpd
 27871  21455  21455 74  30x90  bpf   pflogd
 21455  1  21455  0  30x80  netio pflogd
 18631750750 73  30x90  kqreadsyslogd
   750  1750  0  30x80  netio syslogd
 16413  0  0  0  3 0x14200  pgzerozerothread
  7272  0  0  0  3 0x14200  aiodoned  aiodoned
 31812  0  0  0  3 0x14200  syncerupdate
 30554  0  0  0  3 0x14200  cleaner   cleaner
 12801  0  0  0  3 0x14200  reaperreaper
 23371  0  0  0  3 0x14200  pgdaemon  pagedaemon
  8472  0  0  0  3 0x14200  bored crypto
  8667  0  0  0  3 0x14200  pftm  pfpurge
 11541  0  0  0  3 0x14200  usbtskusbtask
  9707  0  0  0  3 0x14200  usbatsk   usbatsk
 22037  0  0  0  3 0x14200  bored intelrel
 26221  0  0  0  3  0x40014200  acpi0 acpi0
 17359  0  0  0  7  0x40014200idle3
 12468  0  0  0  7  0x40014200idle2
  9787  0  0  0  7  0x40014200idle1
 32157  0  0  0  3 0x14200  bored sensors
 15878  0  0  0  2 0x14200softnet
  6342  0  0  0  3 0x14200  bored systqmp
 28852  0  0  0  3 0x14200  bored systq
*23231  0  0  0  7  0x40014200idle0
 1  0  1  0  30x82  wait  init
 0 -1  0  0  3 0x10200  scheduler swapper
ddb{0}> show registers
rdi0x3f8
rsi0
rbp   0x800032d33a38
rbx 0xf9
rdx0x3f8
rcx   0x8188c640cpu_info_primary
rax0
r8   0x1
r9 0
r10 0x40
r11   0x81340170x86_bus_space_mem_read_4
r12   0x8023b110
r13   0x8023b000
r14   0x801ce5c0
r150x3f8
rip   0x81343b09Debugger+0x9
cs   0x8
rflags 0x286
rsp

Re: inotifywait alternative

2015-11-23 Thread Stuart Henderson 
On 2015-11-22, Peter Hajdu  wrote:
> Hi,
>
> I had been looking around and failed to find an inotifywait alternative
> for the kqueue interface.  The solutions I know of are far too
> heavyweight for my needs.  I want to run "make test" automatically each
> time a file changes while working on my projects.
> Since I wanted to experiment with pledge, kqueue and c anyway,  I've
> implemented the bare minimum I needed.  I'm not sure however if there
> are other solutions that would fit my need.  Do you know about one?
> If not, feel free to try out the outcome and give feedback.
> http://github.com/peterhajdu/fwa

There is one in ports actually, sysutils/entr - it's a bit more complex
than fwa (it also has directory monitoring and executes commands directly,
and supports inotify as well as kqueue) but is still reasonably light.

NSD/Unbound clarifications

2015-11-23 Thread Alessandro Baggi 

Hi list,
I've switched from Obsd 5.3 from Pfsense to try it. Now I want come back 
to Obsd. I prefer it.


Today, the last version is 5.8 and from 5.6 named was replaced from nsd 
and unbound.


The first is only authoritative and the other is 
recursive/forwarder/caching/validating/authoritative.


In my last valid OBSD config, I used named for my lan (not exposed on 
internet) only for lan dns serving, not exposed, with recursion and 
forwarder.


Now today I've nsd and unbound that I can use on my firewall.
I don't need authoritative server, and I should use unbound.
nsd and unbound have similar syntax and I reading from web I can resolve 
dns with each of them.


Now I'm confused...who use? Correct me if I'm wrong:

1) I must use only nsd for authoritative server (internet exposed) for 
my ipotetic zone (I can use it in my lan for dns resolver?).


2) I can use only unbound for lan dns resolving/caching/validating with 
zones if not needed an authoritative domain.


3) I can use nsd for authoritative server (internet exposed) and for lan 
use unbound as recursive/cache dns with the authoritative server.


4) I can use unbound as authoritative server and for recursing and other.


5) NSD is the best for authoritative and unbound for other things.

support new

2015-11-23 Thread Luiz Gustavo Costa 
0
C Brazil
P Rio de Janeiro
T Teresopolis/RJ
Z 25961-225
O Mundounix Consultoria
I Luiz Gustavo Costa
A
M luizgust...@mundounix.com.br
U http://www.mundounix.com.br
B 55 (21) 2642-0881
X
N Opensource consulting, more than 10 years of work with free software,
experiencie with Linux/BSD variants, network appliancies and other
hardware, python/php/c/c++ code to sysadmin, cloud computer, automation
software, cluster. CARP, BGP, Balance/Failover

Re: Bridge and blocknonip

2015-11-23 Thread Momtchil Momtchev 
Yeah sorry, English is not my first language and I started by the 
solution, not the problem.


So here is my setup:

NETWORK A is a wired network with private IPv4/24 addr a public 
IPv6/64 addr
NETWORK B is a wireless network with private IPv4/24 addr a public 
IPv6/64 addr
The Broadband equipment provides a single IPv4/32 public addr and a 
public IPv6 /64 addr (French broadband provider Free/Proxad)
So the OpenBSD box (PC Engines APU) has one public IPv4/32 addr and 
one public IPv6 addr on a /64 network.



NETWORK A <-> (re0) (bridge0) (re2) <-> Broadband equipment
NETWORK B <-/  (athn0)

TV Decoder <-> (re0 vlan 100) (bridge1) (re2 vlan 100) <->  IPTV Server


The only way I can manage this setup is by bridging the IPv6 
traffic and routing/NATing the IPv4 traffic.
So what I did, I started from the BLOCKNONIP code and made a bridge 
that passes only IPv6 traffic.
This setup is very common in France and was working perfectly with 
my patch on OpenBSD 4.x.


There is a bridge0 with
re0
athn0
re2 (modified blocknonip)

And a bridge1 with
re2.100
re0.100

Since I upgraded to 5.8 I found that IPv4 ARP requests were 
slipping through my version of blocknonip. This is a problem because the 
broadband equipment picks them up. When I started looking at the code, I 
found that ARP requests from NETWORK B (only from NETWORK B, never 
NETWORK A, don't know why, maybe because B doesn't have an IP address 
assigned) were being resent to the external network via new code path 
that didn't exist in 4.8/4.9. Also, ARP requests on the bridge1 are 
being resent to the bridge0. Those packets are being sent by 
bridge_output(). These are not forwarded packets. In my setup, receiving 
an ARP request from athn0 will spawn another ARP request on re0. 
Receiving an ARP request on re2.100 will spawn another request on re0 
(besides forwarding the request to re0.100). That one does not feel very 
right even without my patch. So my questions were :


First of all, is bridge_output() used to forward packets now? Or is 
it only for local traffic? If it is sometimes used to forward packets, 
then a check against BLOCKNONIP would be needed? Reyk Floeter confirmed 
that it was used only for local traffic.


Second, why bridge_output()? In my understanding output is never 
done directly on the bridge, it is always on one of the underlying 
interfaces? This could have implications for pf too? From what I saw 
bridge_output() is used directly only in one obscure case for sending 
back ICMP errors. But it is also the output function of the interface? 
This is why I have a hard time finding the origin of those ARP requests. 
So this is my real question, who sends ARP requests directly on the 
bridge via bridge_output()?


Thank you and I hope that I was clear enough.

On 22/11/15 20:37, Martin Pieuchot wrote:

On 22/11/15(Sun) 18:30, Momtchil Momtchev wrote:

On 22/11/2015 17:48, Martin Pieuchot wrote:

On 22/11/15(Sun) 16:56, Momtchil Momtchev wrote:

On 22/11/2015 15:52, Martin Pieuchot wrote:

When you say "the bridge changed somewhat" are you saying that you see
a regression?  Could you share your setup that, I guess work with 4.9,
and no longer work with 5.8.



I don't understand what you mean with "_BLOCKNONIPV6_ bridge". ifconfig(8)
clearly say:

  blocknonip interface
  Mark interface so that no non-IPv4, IPv6, ARP, or Reverse ARP
  packets are accepted from it or forwarded to it from other
  bridge member interfaces

 I have a modified bridge that adds a new bridge option - BLOCKNONIPV6 -
to block IPv4 traffic but pass IPv6 traffic. There's no regression, my only
problem was that in 4.9 bridge_output() was never used in my particular
case. In 5.8 bridge_output() is used for some strange forwarding of ARP
packets - every ARP request on the internal side coming from a bridge
interface without an IP address (yes, only on interfaces without an IP
address) spawns an ARP request on the external side. That request is coming
from bridge_output(), not the usual bridge code path in bridgeintr().

The result of your analysis is either incorrect or there's a bug I
couldn't found by looking briefly at the code.  In both cases I can't
help you because you're not sharing the important pieces of informations.

When an ARP packet is received on a bridge member bridgeintr() is called.
So what you say about "strange forwarding of ARP packets" doesn't match
with what you say as "That request is coming from bridge_output()".


   In a
non-modified stock OpenBSD bridge this would be the correct behaviour, so
there is no bug here.

What would be this correct behaviour?  I don't understand what you're
describing so I cannot say if I agree that there's no bug here.  But I'd
be glad if I could understand.


   It is just

Re: Who teach the true message about the true free software?

2015-11-23 Thread français 
Benjamin Heath wrote
> On Nov 20, 2015 9:15 AM, "français" 

> romapera15@

>  wrote:
>>
>> Please excuse me because I have posted on OpenBSD lists and other lists.
>>
>> Who teach the true message about the true free software?
>>
>> I ask this because I not want be deceived by hypocritical liars that
>> teach
>> falsely about free software.
>>
>> Hardcore OpenBSD user community, please, for avoid flames, answer me
>> using
>> message private.
>
> "I do not want to be deceived by hypocritical liars that teach falsely"...
> You're not at church, this isn't a religious organization, they aren't
> prophets, and free software should not be a religious doctrine.
>
> The fact that it's used like one is peculiar, isn't it?
>
> Now if you'll excuse me, my dogma just got hit by a karma.

 Benjamin,

The doubts that I have are the following:

Stallman still is hypocritical liar?

reference: http://marc.info/?l=openbsd-misc=119776126523033=2

The projects that are quoted in link that it is below, for example, FreeBSD,
still are hypocritical?

reference: http://marc.info/?l=openbsd-misc=117407155404984=2




--
View this message in context:
http://openbsd-archive.7691.n7.nabble.com/Who-teach-the-true-message-about-th
e-true-free-software-tp283358p283563.html
Sent from the openbsd user - misc mailing list archive at Nabble.com.

Re: NSD/Unbound clarifications

2015-11-23 Thread Stuart Henderson 
On 2015-11-23, Alessandro Baggi  wrote:
> Hi list,
> I've switched from Obsd 5.3 from Pfsense to try it. Now I want come back 
> to Obsd. I prefer it.
>
> Today, the last version is 5.8 and from 5.6 named was replaced from nsd 
> and unbound.
>
> The first is only authoritative and the other is 

Yes, NSD is authoritative only.

> recursive/forwarder/caching/validating/authoritative.

No, Unbound is *not* authoritative.

For simple use cases Unbound can serve local data - but only for answering
queries from standard clients, not from other nameservers.

> In my last valid OBSD config, I used named for my lan (not exposed on 
> internet) only for lan dns serving, not exposed, with recursion and 
> forwarder.

You can do this with just Unbound (local-zone / local-data).

You can also do this with a combination of NSD and Unbound if you prefer
(configuring Unbound to pass the local zone requests to NSD), but you
don't need to.

> Now today I've nsd and unbound that I can use on my firewall.
> I don't need authoritative server, and I should use unbound.
> nsd and unbound have similar syntax and I reading from web I can resolve 
> dns with each of them.
>
> Now I'm confused...who use? Correct me if I'm wrong:
>
> 1) I must use only nsd for authoritative server (internet exposed) for 
> my ipotetic zone (I can use it in my lan for dns resolver?).
>
> 2) I can use only unbound for lan dns resolving/caching/validating with 
> zones if not needed an authoritative domain.
>
> 3) I can use nsd for authoritative server (internet exposed) and for lan 
> use unbound as recursive/cache dns with the authoritative server.
>
> 4) I can use unbound as authoritative server and for recursing and other.
>
> 5) NSD is the best for authoritative and unbound for other things.

You must use an authoritative server (e.g. NSD) to answer external queries
(i.e. if your machine is listed as an NS),

Re: azalia audio works, then stutters until reboot

2015-11-23 Thread Alexandre Ratchov 
On Fri, Nov 20, 2015 at 10:31:34AM -0700, luke...@onemodel.org wrote:
>
> $ls -ltrd /tmp/aucat
> drwx--  2 root  wheel   512B Nov 20 09:39 /tmp/aucat/
> $ls -ltr /tmp/aucat
> ls: aucat: Permission denied
> [and timidity playing a .mid file was working]
> [then i killed sndiod with ^C.]
> 
> Could the root umask of 0077 be a problem?  my /tmp/aucat directory
> has different permissions than yours.

The problem is in sndiod; it's supposed create a world readable
directory regardless the user umask.

I just commited the fix; you could either start it with the 022
umask now or rebuild sndiod with sndiod.c rev 1.14 or newer.

Let me know if things work better.

> I set that umask for all
> users to avoid forgetfully
> bleeding information between accounts.

Another option is to create the home directories with mode 0700 and
leave the default umask.  This doesn't protect files outside their
home dir, but I'm not sure this would be a problem.

MacbookPro 11,1

2015-11-23 Thread Bryan C. Everly 
Hi everyone,

I tried a few months ago to boot this into OpenBSD and one of the big
problems I ran into was that this is a USB 3 only machine and as such, the
keyboard worked at the boot prompt but did not work when I got to the first
installer prompt.

I'm seeing people talking about working on Macbook Air machines (some of
quite recent vintage) so I'm wondering if:

1.  There is a patch I can apply to get keyboard support working on the
Macbook Pro Retina; or

2.  The Macbook Air doesn't have all USB 3 ports so this isn't a problem
for that hardware

Any suggestions would be appreciated.

Thanks,
Bryan

Re: Recognizing USB plug-ins

2015-11-23 Thread Mihai Popescu 
I had the same problem with a computer in the past - if you search the
archives, you will find details. Anyway, it was an old IBM machine and
got this problem after a BIOS update.
I retired it and got a Lenovo which is not having this problem.

Maybe yours is not related, but how can one know if you didn't post a
dmesg for your model?

Re: Recognizing USB plug-ins

2015-11-23 Thread Mark Carroll 
On 23 Nov 2015, Mihai Popescu wrote:

> I had the same problem with a computer in the past - if you search the
> archives, you will find details. Anyway, it was an old IBM machine and
> got this problem after a BIOS update.
> I retired it and got a Lenovo which is not having this problem.
>
> Maybe yours is not related, but how can one know if you didn't post a
> dmesg for your model?

I thought it was probably the way OpenBSD generally behaves rather than
a platform-specific bug. I'm still learning my way around -- it took me
long enough to realize that the bundled domain name server is nsd -- so
when I'm surprised by something it generally doesn't indicate a problem
with anything other than my ignorance. In case it is platform-specific,
dmesg here, after booting with the external drive plugged in:

OpenBSD 5.8 (GENERIC.MP) #1236: Sun Aug 16 02:31:04 MDT 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 17035468800 (16246MB)
avail mem = 16515284992 (15750MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xec7b0 (86 entries)
bios0: vendor Intel Corporation version "RYBDWi35.86A.0130.2014.1203.1639" date 
12/03/2014
bios0: 
\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?
 
\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI SSDT ASF! SSDT SSDT 
SSDT DMAR
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) 
PS2K(S3) PS2M(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) 
PXSX(S4) RP04(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.48 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpimadt0: bogus nmi for apid 0
acpimadt0: bogus nmi for apid 2
acpimadt0: bogus nmi for apid 1
acpimadt0: bogus nmi for apid 3
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG0)
acpiprt2 at acpi0: bus -1 (PEG1)
acpiprt3 at acpi0: bus -1 (PEG2)
acpiprt4 at acpi0: bus 1 (RP01)
acpiprt5 at acpi0: bus -1 (RP02)
acpiprt6 at acpi0: bus -1 (RP03)
acpiprt7 at acpi0: bus 2 (RP04)
acpiprt8 at acpi0: bus -1 (RP05)
acpiprt9 at acpi0: bus -1 (RP06)
acpiprt10 at acpi0: bus -1 (RP07)
acpiprt11 at acpi0: bus -1 (RP08)
acpiec0 at acpi0: not present

Re: Recognizing USB plug-ins

2015-11-23 Thread Mihai Popescu 
> OpenBSD 5.8 (GENERIC.MP) #1236: Sun Aug 16 02:31:04 MDT 2015

First suggestion is to try the latest snapshot - development is going on.

For the ignorant one, you can always see the OpenBSD FAQ, it is an
evolving part, too and it explains in details many common tasks in
OpenBSD.
http://www.openbsd.org/faq/index.html

Re: Logging removal of dependent packages - disregard please

2015-11-23 Thread Mihai Popescu 
> Was getting kind of weary with the python workarounds.

Too bad, pkg_* suite is using perl, if i remember ...

Re: Hitting the bootable cylinder limit?

2015-11-23 Thread Joel Rees 
Theo, if want to suggest that the OP look at Ubuntu-bugs bug 491602, should
I do so off-list?

;-)

2015/11/24 1:55 "Alan Corey" :
>
> It seems like there should be a better way to detect this other than
> trial and error.  I put a new 1 TB drive in my laptop (Seagate
> ST1000LM024) about a month ago.  Being aware there was such a limit I
> made small boot partitions at the beginning of the drive (I thought):
> 32 GB Windows, 64 GB OpenBSD, 32 GB Linux.  As predicted everything
> worked at first, then installing MeTV keys made my Linux unbootable
> with an error from Lilo about the key file being corrupt and I suspect
> it's related to this limit.  The original position of the file was
> probably OK, the new file got made in an unreachable position.
>
[...]

Joel Rees

Computer memory is just fancy paper,
CPUs just fancy pens.
All is a stream of text
flowing from the past into the future.

Re: Hitting the bootable cylinder limit?

2015-11-23 Thread Alan Corey 
I don't think that's it, I've never had me-tv running.  Not too
serious about watching TV, I just have a Diamond TVW750U USB dongle
tuner I couldn't get to work under Windows, wanted to try it under
Linux.  I think that Ubuntu bug relates to having a colon in the file
name.

I'm using Lilo in that partition, which I might be able to fix by
reinstalling it, but the same thing is likely to happen at some random
point in the future.

On 11/23/15, Joel Rees  wrote:
> Theo, if want to suggest that the OP look at Ubuntu-bugs bug 491602, should
> I do so off-list?
>
> ;-)
>
> 2015/11/24 1:55 "Alan Corey" :
>>
>> It seems like there should be a better way to detect this other than
>> trial and error.  I put a new 1 TB drive in my laptop (Seagate
>> ST1000LM024) about a month ago.  Being aware there was such a limit I
>> made small boot partitions at the beginning of the drive (I thought):
>> 32 GB Windows, 64 GB OpenBSD, 32 GB Linux.  As predicted everything
>> worked at first, then installing MeTV keys made my Linux unbootable
>> with an error from Lilo about the key file being corrupt and I suspect
>> it's related to this limit.  The original position of the file was
>> probably OK, the new file got made in an unreachable position.
>>
> [...]
>
> Joel Rees
>
> Computer memory is just fancy paper,
> CPUs just fancy pens.
> All is a stream of text
> flowing from the past into the future.
>


-- 
Credit is the root of all evil.  - AB1JX

Re: TLS intercepting proxy [MitM]

2015-11-23 Thread Stefan Wollny 

Am 11/23/15 um 23:41 schrieb Lampshade:

Hello,
I would like to use privoxy to scrub/delete
some informations in application layer (HTTP) going out from my PC.
Problem is that a lot of connections are secured with TLS, so privoxy can not 
filter them.
Is there any way to do something like that:
Firefox -> decrypt [MitM] -> privoxy -> encrypt securely  -(NIC)-> Internet?
It is my PC, so I can install new certificate or something like that,
but neverthless I don't know how to achieve that result.
Is this possible using relayd?
Is it possible with other tool in ports or something that I can compile from 
source?


It is about 2 years old but should give you a starting poing:
http://www.reykfloeter.com/post/41814177050/relayd-ssl-interception

Best,
STEFAN

Re: MacbookPro 11,1

2015-11-23 Thread Bryan Everly 
I only had to bless my thumb drive so the keyboard worked. Everything
else is native when booting from the hard drive afaik.

Thanks,
Bryan

> On Nov 23, 2015, at 4:37 PM, Bryan Vyhmeister  wrote:
>
>> On Mon, Nov 23, 2015 at 04:20:56PM -0500, Bryan C. Everly wrote:
>> The /usr/sbin/bless command was the key that unlocked this for me.  I have
>> managed to get the latest snapshot installed and booting on this machine.
>> I'm in the process of installing a desktop (I run gnome) so I'll let you
>> know how that goes.
>
> You must be using BIOS emulation then? My goal with my install was to
> avoid using BIOS emulation if possible. I wanted to be able to install
> OpenBSD on a Mac without needing to use OS X at all or dual boot. As I'm
> sure you've read, jcs@ has a gist about this process and jasper@ has a
> blog post detailing how to do the efiboot like I did.
>
> I'm looking forward to finding out how it works out for you.
>
> Bryan

TLS intercepting proxy [MitM]

2015-11-23 Thread Lampshade 
Hello,
I would like to use privoxy to scrub/delete
some informations in application layer (HTTP) going out from my PC. 
Problem is that a lot of connections are secured with TLS, so privoxy can not 
filter them.
Is there any way to do something like that:
Firefox -> decrypt [MitM] -> privoxy -> encrypt securely  -(NIC)-> Internet?
It is my PC, so I can install new certificate or something like that, 
but neverthless I don't know how to achieve that result.
Is this possible using relayd?
Is it possible with other tool in ports or something that I can compile from 
source?

Re: MacbookPro 11,1

2015-11-23 Thread Bryan Vyhmeister 
On Mon, Nov 23, 2015 at 06:28:04PM -0500, Bryan Everly wrote:
> I only had to bless my thumb drive so the keyboard worked. Everything
> else is native when booting from the hard drive afaik.

Very good. I didn't think about "blessing" the thumb drive. Good idea.

Bryan

fritzing menu entry doesn't use the --folder option

2015-11-23 Thread Domovoy 
Just installed frietzing using pkg_add. AFAIK i'm running the latest
-current snapshot (upgraded on 2015/11/13).

It installs two files in /usr/local/bin:
Fritzing, the main executable
fritzing, a shell script that runs Fritzing with the
"--folder /usr/local/share/fritzing/" option, telling it where to find
parts and other ressources.

Now, if i'm right, the menu entry (i use xfce) is built
from /usr/local/share/applications/fritzing.desktop, this file contains
the line "Exec=Fritzing".
It is my understanding that by default Fritzing looks for its
ressources in the same directory as the binary.
Because of that, launching fritzing from the menu entry (or
using /usr/local/bin/Fritzing without the --folder option) makes it
unable to find its ressources and complains about it.

Now, i'm new to OpenBSD, and don't know what to do from there:
_ should i report it as a bug? where?
_ should i fix it? how? (modify the .desktop to exec "fritzing"
instead of "Fritzing"?), where do i send the correction?

Thanks

Re: Hitting the bootable cylinder limit?

2015-11-23 Thread Raimo Niskanen 
Hi Alan.

So you are still using Lilo - I thought Grub had taken over :/

I would try to use 32GB FAT32L, 1GB Linux /boot, 64 GB OpenBSD,
and the rest of the Linux filesystems including / in Extended DOS.
This puts Linux /boot and OpenBSD wd0a within in this case 35GB
from disk start.

/ Raimo Niskanen, Erlang/OTP, Ericsson AB



On Mon, Nov 23, 2015 at 11:52:10AM -0500, Alan Corey wrote:
> It seems like there should be a better way to detect this other than
> trial and error.  I put a new 1 TB drive in my laptop (Seagate
> ST1000LM024) about a month ago.  Being aware there was such a limit I
> made small boot partitions at the beginning of the drive (I thought):
> 32 GB Windows, 64 GB OpenBSD, 32 GB Linux.  As predicted everything
> worked at first, then installing MeTV keys made my Linux unbootable
> with an error from Lilo about the key file being corrupt and I suspect
> it's related to this limit.  The original position of the file was
> probably OK, the new file got made in an unreachable position.
>
> So I've probably got some storage-only partitions that won't boot, but
> I want to avoid the same thing happening when I put a 1 TB drive
> (Seagate
> ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I
> really would like Linux working somewhere since I want to play with
> Android stuff.  I need to be able to build kernels for my phones and
> use Android Studio.
>
> So on the laptop:
> Disk: wd0 geometry: 121601/255/63 [1953525168 Sectors]
> Offset: 0 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
> *0: 0C  0   1   1 -   4079 254  63 [  63:65545137 ] Win95
FAT32L
>  1: A6   4080   0   1 -  12365 254  63 [65545200:   133114590 ] OpenBSD
>  2: 83  12366   0   1 -  16444 254  63 [   198659790:65529135 ] Linux
files*
>  3: 05  16445   0  62 - 121600 254  63 [   264188986:  1689331079 ] Extended
DOS
> Offset: 264188986 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
>  0: 0B  16445   1   1 -  20524 254  63 [   264188988:65545137 ] Win95
FAT-32
>  1: 05  20525   0   1 -  24604 254  63 [   329734125:65545200 ] Extended
DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 329734125 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
>  0: 0B  20525   1   1 -  24604 254  63 [   329734188:65545137 ] Win95
FAT-32
>  1: 05  24605   0   1 -  25114 254  63 [   395279325: 8193150 ] Extended
DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 395279325 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
>  0: 82  24605   1   1 -  25114 254  63 [   395279388: 8193087 ] Linux
swap
>  1: 05  25115   0   1 -  88856  76  52 [   403472475:  1024004005 ] Extended
DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 403472475 Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
>  0: A6  25115  63  37 -  88856  76  52 [   403476480:  102400 ] OpenBSD
>  1: 05  88857   0   1 - 121600 254  63 [  1427487705:   526032360 ] Extended
DOS
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
> Offset: 1427487705Signature: 0xAA55
> Starting Ending LBA Info:
>  #: id  C   H   S -  C   H   S [   start:size ]
>
-
--
>  0: 83  88857   1   1 - 121600 254  63 [  1427487768:   526032297 ] Linux
files*
>  1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>  3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
>
> # /dev/rwd0c:
> type: ESDI
> disk: ESDI/IDE disk
> label: ST1000LM024 HN-M
> duid:

Re: Bridge and blocknonip

2015-11-23 Thread Martin Pieuchot 
On 23/11/15(Mon) 12:57, Momtchil Momtchev wrote:
> [...]
> So here is my setup:
> 
> NETWORK A is a wired network with private IPv4/24 addr a public IPv6/64
> addr
> NETWORK B is a wireless network with private IPv4/24 addr a public
> IPv6/64 addr
> The Broadband equipment provides a single IPv4/32 public addr and a
> public IPv6 /64 addr (French broadband provider Free/Proxad)
> So the OpenBSD box (PC Engines APU) has one public IPv4/32 addr and one
> public IPv6 addr on a /64 network.
> 
> 
> NETWORK A <-> (re0) (bridge0) (re2) <-> Broadband equipment
> NETWORK B <-/  (athn0)
> 
> TV Decoder <-> (re0 vlan 100) (bridge1) (re2 vlan 100) <->  IPTV Server
> 
> 
> The only way I can manage this setup is by bridging the IPv6 traffic and
> routing/NATing the IPv4 traffic.
> So what I did, I started from the BLOCKNONIP code and made a bridge that
> passes only IPv6 traffic.
> This setup is very common in France and was working perfectly with my
> patch on OpenBSD 4.x.
> 
> There is a bridge0 with
> re0
> athn0
> re2 (modified blocknonip)
> 
> And a bridge1 with
> re2.100
> re0.100
> 
> Since I upgraded to 5.8 I found that IPv4 ARP requests were slipping
> through my version of blocknonip. This is a problem because the broadband
> equipment picks them up. When I started looking at the code, I found that
> ARP requests from NETWORK B (only from NETWORK B, never NETWORK A, don't
> know why, maybe because B doesn't have an IP address assigned) were being
> resent to the external network via new code path that didn't exist in
> 4.8/4.9. 

It's hard to discuss without seeing your "version of blocknonip".  But
still what have you seen?  You're still giving your conclusion instead
of what you observed.

Did you use tcpdump(8) on the interfaces?  What kind of ARP request are
we talking about here?  echo, reply?  Sent from which host?  To which
destination?

>  Also, ARP requests on the bridge1 are being resent to the bridge0.
> Those packets are being sent by bridge_output().

That seems to be a known regression on 5.8 because re(4) supports
hardware VLAN.  The problem is that bridge_input() is called before
vlan_input() for every packet received on a physical interface.  Since
the hardware have already removed the VLAN header you see it in bridge0.

This should be fixed in -current as long as you configure your pseudo
interfaces in the order you need:

# ifconfig bridge0 add re0
# ifconfig vlan0 vlan 100 vlandev re0

This way vlan_input() will run before bridge_input() and the packets
with a VLAN ID 100 wont enter bridge0

> Those packets are being sent by bridge_output(). These are not forwarded
> packets.

Which packets?  Sorry but I don't understand what kind of packets you're
talking about so I cannot help.

>  In my setup, receiving an ARP request from athn0 will spawn another
> ARP request on re0. Receiving an ARP request on re2.100 will spawn another
> request on re0 (besides forwarding the request to re0.100). That one does
> not feel very right even without my patch. So my questions were :
> 
> First of all, is bridge_output() used to forward packets now? Or is it
> only for local traffic? If it is sometimes used to forward packets, then a
> check against BLOCKNONIP would be needed? Reyk Floeter confirmed that it was
> used only for local traffic.

It is only used to send local traffic, just like Reyk said.

> Second, why bridge_output()? In my understanding output is never done
> directly on the bridge, it is always on one of the underlying interfaces?

Please look at the code, we write Free Software for a reason:
  http://bxr.su/search?q=bridge_outputOpenBSD

> This could have implications for pf too?

I don't understand your question.  What could have implication?

>  From what I saw bridge_output() is
> used directly only in one obscure case for sending back ICMP errors.

Why do you think it's an obscure case?

>  But it
> is also the output function of the interface? This is why I have a hard time
> finding the origin of those ARP requests. So this is my real question, who
> sends ARP requests directly on the bridge via bridge_output()?

One do not find who send packets by looking at the code but by looking
at the packets.  Since the beginning of this thread we don't know the
content of the packets, so we don't if they are forwarded or not, if
they are multicast or not if they are addressed to the OpenBSD machine
or not, if they are reply to other packets: we know nothing.

Plus we don't know the output of your ifconfig nor which code you're
running.  Come on, if you want some help, let others help you ;)

Cheers,
Martin

Re: Logging removal of dependent packages

2015-11-23 Thread Marc Espie 
On Mon, Nov 23, 2015 at 05:20:54PM +0200, li...@wrant.com wrote:
> Hi misc@ readers, Marc,
> 
> Interactive removal of a package with pkg_delete $pkg_name also asks
> the removal of dependent packages (cool).
> 
> This works OK and logs the removal of the package $pkg_name in messages
> at the end of the procedure.  But does not seem to log the removal of
> the packages that also depend on the removed bits (and got removed).  I
> may be looking at the wrong place or something, but expected this to be
> the same place.
> 
> Would it be a good idea to also log removal of the dependent packages
> while removing a package, for the sake of operator awareness?
> 
> P.S. Running pkg_delete -a manually afterwards logs fine removed
> packages (fallout) just fine.  The removed dependants of $pkg_name
> however are not logged in messages log.  The result is, some details
> are missed in the messages, while others comparative details are there.
> 
> I'm asking because a python 2.7 upgrade from packages fails on a i386
> older machine here, and have to remove it to upgrade my packages.  I
> really don't care much about the python bit, just asking for the
> logging case as explained above.
> 
> Please ignore if this is superfluous noise, or wastes precious time.
> 
> Regards,
> Anton

/var/log/messages has all the info, actually.

Re: NSD/Unbound clarifications

2015-11-23 Thread Alessandro Baggi 

Thanks for clarification.
Unbound configured and works well.
Another question abount unbound "capacity".
I've configured unbound for a small network. What is "maximum capacity" 
of Unbound? Is suitable for big networks?


Il 23/11/2015 13:28, Dahlberg, David ha scritto:

Am Montag, den 23.11.2015, 12:24 +0100 schrieb Alessandro Baggi:


Today, the last version is 5.8 and from 5.6 named was replaced from
nsd
and unbound.

The first is only authoritative and the other is
recursive/forwarder/caching/validating/authoritative.


Right. Except that unbound is not really intended to work as an
authoritative server, except maybe for a tiny local stub zone.


Now today I've nsd and unbound that I can use on my firewall.
I don't need authoritative server, and I should use unbound.


Correct.


nsd and unbound have similar syntax and I reading from web I can
resolve
dns with each of them.


Wrong. You cannot use nsd as a resolver. It is authoritative only.


Now I'm confused...who use?


You want to announce your domain to the whole internet? Use NSD.
You want to resolve internet domain names for your clients? Use unbound.
You want to do both? Use both.


  Correct me if I'm wrong:

1) I must use only nsd for authoritative server (internet exposed) for
my ipotetic zone (I can use it in my lan for dns resolver?).


No. It is not a resolver. It won't answer to queries for domains that it
does not host.



2) I can use only unbound for lan dns resolving/caching/validating
with
zones if not needed an authoritative domain.


Correct.


3) I can use nsd for authoritative server (internet exposed) and for
lan
use unbound as recursive/cache dns with the authoritative server.


With the authoritative server being nsd, right.


4) I can use unbound as authoritative server and for recursing and
other.


You seem to confuse the concepts of authoritative and recursing. The
authoritative server is the Facebook DNS server that answers queries for
the facebook.com domain. Just for that domain. It won't answer queries
for other domains nor queries that have the "recurse" flag set.

A resolver is typically located at your provider. You query it for any
domain and it will happily resolve that query for you (by querying the
authoritative servers). See https://en.wikipedia.org/wiki/Domain_Name_Sy
stem image in chapter "Address resolution mechanism": The "DNS recurser"
in the image is the resolver, the "root/org/wikipedia.org nameservers"
are authoritative ones.

Unbound is a resolver. It may also have authoritative functions for a
small local zone (e.g. "mylaptop.local", "myfileshare.local" and
"mytv.local"). But if you really want to host a domain, you should use
NSD instead.



5) NSD is the best for authoritative and unbound for other things.


NSD is /only/ useful as an authoritative server (i.e. serving a zone).
It cannot resolve.

Unbound is most useful for resolving DNS names (i.e. you send it a
query, it will figure out the answer).

Here is how it works:
(1) Your clients (PC, Laptop, Playstation) will send queries to the
resolver (e.g. dnsmasq, unbound, bind9). Asking them for IP adresses for
openbsd.org, gmail.com and sony.com.
(2) The resolver will send queries to the authoritative nameservers
(e.g. bind9, nsd) of Root, Verisign (.com and .org), Google (gmail.com)
OpenBSD and Sony to find out the requested IP addresses.
(3) The resolver will return the result to your clients.

Bind9 of the Internet Systems Consortium just happens to be a software,
that can do both jobs: It can be a resolver, or an authoritative
nameserver, or even both at the same time.

NLnet Labs decided not to go that way. They created software just for
the authoritative nameserver task (NSD) and one for the resolver task
(unbound).


Cheers
David

Re: Bridge and blocknonip

2015-11-23 Thread Momtchil Momtchev 

On 23/11/15 16:01, Martin Pieuchot wrote:

On 23/11/15(Mon) 12:57, Momtchil Momtchev wrote:

[...]

That seems to be a known regression on 5.8 because re(4) supports
hardware VLAN.  The problem is that bridge_input() is called before
vlan_input() for every packet received on a physical interface.  Since
the hardware have already removed the VLAN header you see it in bridge0.

This should be fixed in -current as long as you configure your pseudo
interfaces in the order you need:

# ifconfig bridge0 add re0
# ifconfig vlan0 vlan 100 vlandev re0

This way vlan_input() will run before bridge_input() and the packets
with a VLAN ID 100 wont enter bridge0



Ok, this was the missing piece of information. Thank you. This 
explains everything. I will try -current asap and then will try to sort 
out things with my patch.
Before I was using 4.9 on PC Engines ALIX with vr(4), and now I 
have 5.8 on PC Engines APU with re(4).

Re: NSD/Unbound clarifications

2015-11-23 Thread Florian Obser 
On Mon, Nov 23, 2015 at 04:27:08PM +0100, Alessandro Baggi wrote:
> I've configured unbound for a small network. What is "maximum
> capacity" of Unbound? Is suitable for big networks?

What was the maximum capacity of bind? Was it suitable for big
networks? How did you find out?

-- 
I'm not entirely sure you are real.

Re: azalia audio works, then stutters until reboot

2015-11-23 Thread luke350 

On 11/23/15 05:11, Alexandre Ratchov wrote:

On Fri, Nov 20, 2015 at 10:31:34AM -0700, luke...@onemodel.org wrote:

Could the root umask of 0077 be a problem?  my /tmp/aucat directory
has different permissions than yours.


The problem is in sndiod; it's supposed create a world readable
directory regardless the user umask.

I just commited the fix; you could either start it with the 022
umask now or rebuild sndiod with sndiod.c rev 1.14 or newer.

Let me know if things work better.


Thanks. Now sndiod -ddd log output is more like what you were looking 
for.  Would it be good for sndiod to complain more verbosely when that

problem occurs (ie, in a way that's easier to diagnose such an issue
in the future)?



I set that umask for all
users to avoid forgetfully
bleeding information between accounts.


Another option is to create the home directories with mode 0700 and
leave the default umask.  This doesn't protect files outside their
home dir, but I'm not sure this would be a problem.


Would the 0077 umask simply be a better default for the OS?  I haven't 
checked historical discussions behind that yet, but on the surface it 
seems better to me. Some issues would have to be addressed in packages.

Or is that a question I should ask in a separate thread?


Now, having changed that permission, and restarted sndiod to get the
log output, I duplicated your earlier diagnostic tips with aucat,
then played part of a .mid file with timidity, no problems to there, all 
showing in the log, then started a video in smplayer (now under a 
different account, via ssh -X), jumping forward/backward with L/R arrow

keys, and then adjusting the volume using the xfce applet, which
finally duplicated the stuttering sound problem.

/tmp#la aucat/
total 24
srw-rw-rw-   1 root  wheel 0 Nov 23 08:26 aucat0
drwxr-xr-x   2 root  wheel   512 Nov 23 08:26 .
drwxrwxrwt  30 root  wheel  7168 Nov 23 08:46 ..

Does the log show anything useful about what might cause the
stuttering or what I could do for more info?  I posted the new log at:
ftp://onemodel.org/sndiod2.log

Thanks again,
Luke

Re: Who teach the true message about the true free software?

2015-11-23 Thread Raul Miller 
On Fri, Nov 20, 2015 at 11:20 AM, français  wrote:
> Who teach the true message about the true free software?

You are asking a false question.

--
Raul

Hitting the bootable cylinder limit?

2015-11-23 Thread Alan Corey 
It seems like there should be a better way to detect this other than
trial and error.  I put a new 1 TB drive in my laptop (Seagate
ST1000LM024) about a month ago.  Being aware there was such a limit I
made small boot partitions at the beginning of the drive (I thought):
32 GB Windows, 64 GB OpenBSD, 32 GB Linux.  As predicted everything
worked at first, then installing MeTV keys made my Linux unbootable
with an error from Lilo about the key file being corrupt and I suspect
it's related to this limit.  The original position of the file was
probably OK, the new file got made in an unreachable position.

So I've probably got some storage-only partitions that won't boot, but
I want to avoid the same thing happening when I put a 1 TB drive
(Seagate
ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I
really would like Linux working somewhere since I want to play with
Android stuff.  I need to be able to build kernels for my phones and
use Android Studio.

So on the laptop:
Disk: wd0   geometry: 121601/255/63 [1953525168 Sectors]
Offset: 0   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
*0: 0C  0   1   1 -   4079 254  63 [  63:65545137 ] Win95 FAT32L
 1: A6   4080   0   1 -  12365 254  63 [65545200:   133114590 ] OpenBSD
 2: 83  12366   0   1 -  16444 254  63 [   198659790:65529135 ] Linux files*
 3: 05  16445   0  62 - 121600 254  63 [   264188986:  1689331079 ] Extended DOS
Offset: 264188986   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 0B  16445   1   1 -  20524 254  63 [   264188988:65545137 ] Win95 FAT-32
 1: 05  20525   0   1 -  24604 254  63 [   329734125:65545200 ] Extended DOS
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
Offset: 329734125   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 0B  20525   1   1 -  24604 254  63 [   329734188:65545137 ] Win95 FAT-32
 1: 05  24605   0   1 -  25114 254  63 [   395279325: 8193150 ] Extended DOS
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
Offset: 395279325   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 82  24605   1   1 -  25114 254  63 [   395279388: 8193087 ] Linux swap
 1: 05  25115   0   1 -  88856  76  52 [   403472475:  1024004005 ] Extended DOS
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
Offset: 403472475   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: A6  25115  63  37 -  88856  76  52 [   403476480:  102400 ] OpenBSD
 1: 05  88857   0   1 - 121600 254  63 [  1427487705:   526032360 ] Extended DOS
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
Offset: 1427487705  Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 83  88857   1   1 - 121600 254  63 [  1427487768:   526032297 ] Linux files*
 1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused

# /dev/rwd0c:
type: ESDI
disk: ESDI/IDE disk
label: ST1000LM024 HN-M
duid: abd27361b43df756
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 121601
total sectors: 1953525168
boundstart: 65545200
boundend: 198659790
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize  cpg]
  a:  4194288 65545200  4.2BSD   2048 163841 # /
  b:   524288 69739488swap   # none
  c:   19535251680  unused
  d:  6291456 70263776  4.2BSD   2048 163841

Logging removal of dependent packages

2015-11-23 Thread lists 
Hi misc@ readers, Marc,

Interactive removal of a package with pkg_delete $pkg_name also asks
the removal of dependent packages (cool).

This works OK and logs the removal of the package $pkg_name in messages
at the end of the procedure.  But does not seem to log the removal of
the packages that also depend on the removed bits (and got removed).  I
may be looking at the wrong place or something, but expected this to be
the same place.

Would it be a good idea to also log removal of the dependent packages
while removing a package, for the sake of operator awareness?

P.S. Running pkg_delete -a manually afterwards logs fine removed
packages (fallout) just fine.  The removed dependants of $pkg_name
however are not logged in messages log.  The result is, some details
are missed in the messages, while others comparative details are there.

I'm asking because a python 2.7 upgrade from packages fails on a i386
older machine here, and have to remove it to upgrade my packages.  I
really don't care much about the python bit, just asking for the
logging case as explained above.

Please ignore if this is superfluous noise, or wastes precious time.

Regards,
Anton

Re: MacbookPro 11,1

2015-11-23 Thread Bryan Vyhmeister 
On Mon, Nov 23, 2015 at 09:22:04AM -0500, Bryan C. Everly wrote:
> I tried a few months ago to boot this into OpenBSD and one of the big
> problems I ran into was that this is a USB 3 only machine and as such, the
> keyboard worked at the boot prompt but did not work when I got to the first
> installer prompt.

I never had any success with any Apple machine of recent vintage until
efiboot became available very recently. Now with the changes to
inteldrm(4) over the weekend, most things are working well for me.

> I'm seeing people talking about working on Macbook Air machines (some of
> quite recent vintage) so I'm wondering if:
> 
> 1.  There is a patch I can apply to get keyboard support working on the
> Macbook Pro Retina; or

I was corresponding with Joerg Jung about his 2015 12-inch Retina
MacBook and he also has the same issue. I also booted up my 2015 12-inch
Retina MacBook yesterday and had no keyboard at all. His solution was a
USB keyboard and a USB hub. I didn't have either handy but may try that
later today. In the case of the 12-inch Retina MacBook, there is only
that single USB-C port so I'm not sure if the USB hub was needed for any
reason other than to provide at least two ports (one for USB flash drive
and one for USB keyboard).

> 2.  The Macbook Air doesn't have all USB 3 ports so this isn't a problem
> for that hardware

The last several generations only show xhci(4) rather than any uhci(4).
I don't know what is different about the MacBook Air systems that allows
the keyboard to work since the keyboard does attach as ukbd(4).

> Any suggestions would be appreciated.

My solution was to create an OpenBSD efiboot flash drive and then things
worked fairly well. In your case, you probably need a USB keyboard and
possibly a USB hub. I will post a separate post soon with more
information about both of my MacBook Air systems but, in short, the 2013
MacBook Air, which is a Haswell system like your MacBook Pro, works
quite well.  Obviously wireless is not supported but a urtwn(4) USB
wireless adapter works fine. X acceleration works fine as does
xbacklight(1) to set screen brightness. The brightness buttons on the
keyboard do not work though. Keyboard backlight is functional (although
not yet adjustable) due to Joerg Jung's recent asmc(4) driver.

The 2015 MacBook Air which is a Broadwell system works almost as well
but does not have X acceleration at this time (disabled for now due to
instability) and also does not respond to xbacklight(1) so there is no
way to adjust screen brightness. To see the state of things in Linux, I
also installed Fedora 23 last week which comes with Linux kernel 4.2 and
that also could not adjust the brightness of the display at all even
though it acted as though it was working.

I am interested to see what you find with your system since I am looking
to pick up a similar Haswell Retina MacBook Pro from the refurbished
store to use with OpenBSD as well.

Bryan

Re: Logging removal of dependent packages

2015-11-23 Thread lists 
On Mon, 23 Nov 2015 16:31:35 +0100 Marc Espie  wrote:

> On Mon, Nov 23, 2015 at 05:20:54PM +0200, li...@wrant.com wrote:
> > Hi misc@ readers, Marc,
> > 
> > Interactive removal of a package with pkg_delete $pkg_name also asks
> > the removal of dependent packages (cool).
> > 
> > This works OK and logs the removal of the package $pkg_name in messages
> > at the end of the procedure.  But does not seem to log the removal of
> > the packages that also depend on the removed bits (and got removed).  I
> > may be looking at the wrong place or something, but expected this to be
> > the same place.
> > 
> > Would it be a good idea to also log removal of the dependent packages
> > while removing a package, for the sake of operator awareness?
> > 
> > P.S. Running pkg_delete -a manually afterwards logs fine removed
> > packages (fallout) just fine.  The removed dependants of $pkg_name
> > however are not logged in messages log.  The result is, some details
> > are missed in the messages, while others comparative details are there.
> > 
> > I'm asking because a python 2.7 upgrade from packages fails on a i386
> > older machine here, and have to remove it to upgrade my packages.  I
> > really don't care much about the python bit, just asking for the
> > logging case as explained above.
> 
> /var/log/messages has all the info, actually.
> 

Thanks for looking into this, Marc.  Here is what happened:

$ sudo pkg_delete python
can't delete python-2.7.10 without deleting glib2-2.46.1p0
Delete them as well ? [y/N/a] y
can't delete glib2-2.46.1p0 without deleting desktop-file-utils-0.22p0 
irssi-0.8.16p0 irssi-xmpp-0.52p2 loudmouth-1.4.3p6 mcabber-0.10.3
Delete them as well ? [y/N/a] y
desktop-file-utils-0.22p0:mcabber-0.10.3: ok
desktop-file-utils-0.22p0: ok
loudmouth-1.4.3p6:irssi-xmpp-0.52p2: ok
loudmouth-1.4.3p6: ok
can't delete irssi-0.8.16p0 without deleting irssi-icb-0.14p10 irssi-otr-1.0.1
Delete them as well ? [y/N/a] y
irssi-otr-1.0.1: ok
irssi-icb-0.14p10: ok
irssi-0.8.16p0: ok
glib2-2.46.1p0: ok
python-2.7.10: ok
Read shared items: ok
--- -python-2.7.10 ---
Don't forget to remove /usr/local/bin/python,
/usr/local/bin/2to3, /usr/local/bin/python-config and/or
/usr/local/bin/pydoc if they were symlinks to
/usr/local/bin/python2.7, /usr/local/bin/python2.7-2to3,
/usr/local/bin/python2.7-config or to /usr/local/bin/pydoc2.7.
Error deleting directory /usr/local/include/python2.7: Directory not empty

$ sudo pkg_delete -a
nghttp2-1.4.0:gpgme-1.5.1p1: ok
nghttp2-1.4.0:gnupg-1.4.19p0: ok
libelf-0.8.13p3: ok
partial-python-2.7.10: ok
libassuan-2.1.1: ok
libotr-4.1.0: ok
libgpg-error-1.20:libgcrypt-1.6.4: ok
libgpg-error-1.20: ok
bzip2-1.0.6p7: ok
libffi-3.2.1: ok
Read shared items: ok

This got logged in /var/log/messages

Nov 23 16:00:57 fire pkg_delete: Removed python-2.7.10
Nov 23 16:01:18 fire pkg_delete: Removed gpgme-1.5.1p1
Nov 23 16:01:22 fire pkg_delete: Removed gnupg-1.4.19p0
Nov 23 16:01:23 fire pkg_delete: Removed libelf-0.8.13p3
Nov 23 16:01:23 fire pkg_delete: Removed partial-python-2.7.10
Nov 23 16:01:26 fire pkg_delete: Removed libassuan-2.1.1
Nov 23 16:01:28 fire pkg_delete: Removed libotr-4.1.0
Nov 23 16:01:30 fire pkg_delete: Removed libgcrypt-1.6.4
Nov 23 16:01:32 fire pkg_delete: Removed libgpg-error-1.20
Nov 23 16:01:34 fire pkg_delete: Removed bzip2-1.0.6p7
Nov 23 16:01:35 fire pkg_delete: Removed libffi-3.2.1

I'm missing notion of removed "delete them as well" packages, or should
I expect these to be logged at all?

Regards,
Anton

Re: Logging removal of dependent packages - disregard please

2015-11-23 Thread lists 
On Mon, 23 Nov 2015 20:56:58 +0100 Marc Espie  wrote:

> On Mon, Nov 23, 2015 at 08:10:01PM +0200, li...@wrant.com wrote:
> > 
> > You're right Marc, I found these, sorry for the noise (duh):
> >  
> > Nov 23 15:58:37 fire pkg_delete: Removed mcabber-0.10.3
> > Nov 23 15:58:38 fire pkg_delete: Removed desktop-file-utils-0.22p0
> > Nov 23 15:58:38 fire pkg_delete: Removed irssi-xmpp-0.52p2
> > Nov 23 15:58:40 fire pkg_delete: Removed loudmouth-1.4.3p6
> > Nov 23 15:58:44 fire pkg_delete: Removed irssi-otr-1.0.1
> > Nov 23 15:58:44 fire pkg_delete: Removed irssi-icb-0.14p10
> > Nov 23 15:58:53 fire pkg_delete: Removed irssi-0.8.16p0
> > Nov 23 15:59:38 fire pkg_delete: Removed glib2-2.46.1p0
> > Nov 23 16:00:01 fire newsyslog[4165]: logfile turned over
> > 
> > An unfortunate coincidence of log file turnover, less --follow-name
> > misuse and a forehead slapping moment.  Was getting kind of weary with
> > the python workarounds.
> >   
> To expand on this (answered quickly this morning): the idea with
> recent iterations of pkg_add/pkg_delete (with manual vs automatic
> installs) is to try to present the user with slightly less information
> (e.g., only the apps he's concerned about), so we hide various
> details such as pkg_delete -a "summary".

Got it, thanks and I concur on this.  I should have checked better
before asking and eliminate coincidence / uncertainties my end first.

> On the other hand, we do log everything, without any indication of
> 'why' a package got added or removed, as complementary information
> (allows you to simply log 'snapshots' of the state of your system,
> possibly usable by security scripts to check for anything funny).

That's the main reason behind me questioning it and the head scratching
moments.  My idea is to process the logs for state tracking, at least
observational purposes for now.

> In short, there's so much information actually computed inside the
> tools that it's quite difficult to figure out what to display and
> where...
> 
> 
> What you have is the best compromise at the moment.

Understood.  Thank you for the good high level explanation, appreciated.
I feel good about it.  The only comments I'll ever make related to pkg
tools is if there is some (any at all) ambiguity, and/or state tracking
consistency anyway, so don't expect to hear annoying stuff from me
anytime soon ;-)  I am a proponent of the idea of ability to feed status
data (logs etc), or any data / output produced for further processing
much in the Unix philosophy of interfacing programs.  Sorry for the
noise once again, thanks Marc.

Regards,
Anton

Re: MacbookPro 11,1

2015-11-23 Thread Bryan C. Everly 
Bryan,

The /usr/sbin/bless command was the key that unlocked this for me.  I have
managed to get the latest snapshot installed and booting on this machine.
I'm in the process of installing a desktop (I run gnome) so I'll let you
know how that goes.

Thanks to everyone for their help.


Thanks,
Bryan

On Mon, Nov 23, 2015 at 12:15 PM, Bryan Vyhmeister 
wrote:

> On Mon, Nov 23, 2015 at 09:22:04AM -0500, Bryan C. Everly wrote:
> > I tried a few months ago to boot this into OpenBSD and one of the big
> > problems I ran into was that this is a USB 3 only machine and as such,
> the
> > keyboard worked at the boot prompt but did not work when I got to the
> first
> > installer prompt.
>
> I never had any success with any Apple machine of recent vintage until
> efiboot became available very recently. Now with the changes to
> inteldrm(4) over the weekend, most things are working well for me.
>
> > I'm seeing people talking about working on Macbook Air machines (some of
> > quite recent vintage) so I'm wondering if:
> >
> > 1.  There is a patch I can apply to get keyboard support working on the
> > Macbook Pro Retina; or
>
> I was corresponding with Joerg Jung about his 2015 12-inch Retina
> MacBook and he also has the same issue. I also booted up my 2015 12-inch
> Retina MacBook yesterday and had no keyboard at all. His solution was a
> USB keyboard and a USB hub. I didn't have either handy but may try that
> later today. In the case of the 12-inch Retina MacBook, there is only
> that single USB-C port so I'm not sure if the USB hub was needed for any
> reason other than to provide at least two ports (one for USB flash drive
> and one for USB keyboard).
>
> > 2.  The Macbook Air doesn't have all USB 3 ports so this isn't a problem
> > for that hardware
>
> The last several generations only show xhci(4) rather than any uhci(4).
> I don't know what is different about the MacBook Air systems that allows
> the keyboard to work since the keyboard does attach as ukbd(4).
>
> > Any suggestions would be appreciated.
>
> My solution was to create an OpenBSD efiboot flash drive and then things
> worked fairly well. In your case, you probably need a USB keyboard and
> possibly a USB hub. I will post a separate post soon with more
> information about both of my MacBook Air systems but, in short, the 2013
> MacBook Air, which is a Haswell system like your MacBook Pro, works
> quite well.  Obviously wireless is not supported but a urtwn(4) USB
> wireless adapter works fine. X acceleration works fine as does
> xbacklight(1) to set screen brightness. The brightness buttons on the
> keyboard do not work though. Keyboard backlight is functional (although
> not yet adjustable) due to Joerg Jung's recent asmc(4) driver.
>
> The 2015 MacBook Air which is a Broadwell system works almost as well
> but does not have X acceleration at this time (disabled for now due to
> instability) and also does not respond to xbacklight(1) so there is no
> way to adjust screen brightness. To see the state of things in Linux, I
> also installed Fedora 23 last week which comes with Linux kernel 4.2 and
> that also could not adjust the brightness of the display at all even
> though it acted as though it was working.
>
> I am interested to see what you find with your system since I am looking
> to pick up a similar Haswell Retina MacBook Pro from the refurbished
> store to use with OpenBSD as well.
>
> Bryan

Re: MacbookPro 11,1

2015-11-23 Thread Bryan Vyhmeister 
On Mon, Nov 23, 2015 at 04:20:56PM -0500, Bryan C. Everly wrote:
> The /usr/sbin/bless command was the key that unlocked this for me.  I have
> managed to get the latest snapshot installed and booting on this machine.
> I'm in the process of installing a desktop (I run gnome) so I'll let you
> know how that goes.

You must be using BIOS emulation then? My goal with my install was to
avoid using BIOS emulation if possible. I wanted to be able to install
OpenBSD on a Mac without needing to use OS X at all or dual boot. As I'm
sure you've read, jcs@ has a gist about this process and jasper@ has a
blog post detailing how to do the efiboot like I did.

I'm looking forward to finding out how it works out for you.

Bryan