Re: Hitting the bootable cylinder limit?
In OpenBSD, we have largely side-stepped these issue... by no longer pandering to the tweaker-mindset that builds multiboot systems. We think all the parts are there, but nothing makes it trivial because the potential set of configurations is too large. Essentially, you are on your own. :-) > It seems like there should be a better way to detect this other than > trial and error. I put a new 1 TB drive in my laptop (Seagate > ST1000LM024) about a month ago. Being aware there was such a limit I > made small boot partitions at the beginning of the drive (I thought): > 32 GB Windows, 64 GB OpenBSD, 32 GB Linux. As predicted everything > worked at first, then installing MeTV keys made my Linux unbootable > with an error from Lilo about the key file being corrupt and I suspect > it's related to this limit. The original position of the file was > probably OK, the new file got made in an unreachable position. > > So I've probably got some storage-only partitions that won't boot, but > I want to avoid the same thing happening when I put a 1 TB drive > (Seagate > ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I > really would like Linux working somewhere since I want to play with > Android stuff. I need to be able to build kernels for my phones and > use Android Studio. > > So on the laptop: > Disk: wd0 geometry: 121601/255/63 [1953525168 Sectors] > Offset: 0 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > *0: 0C 0 1 1 - 4079 254 63 [ 63:65545137 ] Win95 > FAT32L > 1: A6 4080 0 1 - 12365 254 63 [65545200: 133114590 ] OpenBSD > 2: 83 12366 0 1 - 16444 254 63 [ 198659790:65529135 ] Linux > files* > 3: 05 16445 0 62 - 121600 254 63 [ 264188986: 1689331079 ] Extended > DOS > Offset: 264188986 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > 0: 0B 16445 1 1 - 20524 254 63 [ 264188988:65545137 ] Win95 > FAT-32 > 1: 05 20525 0 1 - 24604 254 63 [ 329734125:65545200 ] Extended > DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 329734125 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > 0: 0B 20525 1 1 - 24604 254 63 [ 329734188:65545137 ] Win95 > FAT-32 > 1: 05 24605 0 1 - 25114 254 63 [ 395279325: 8193150 ] Extended > DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 395279325 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > 0: 82 24605 1 1 - 25114 254 63 [ 395279388: 8193087 ] Linux swap > 1: 05 25115 0 1 - 88856 76 52 [ 403472475: 1024004005 ] Extended > DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 403472475 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > 0: A6 25115 63 37 - 88856 76 52 [ 403476480: 102400 ] OpenBSD > 1: 05 88857 0 1 - 121600 254 63 [ 1427487705: 526032360 ] Extended > DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 1427487705Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > --- > 0: 83 88857 1 1 - 121600 254 63 [ 1427487768: 526032297 ] Linux > files* > 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > > # /dev/rwd0c: > type: ESDI > disk: ESDI/IDE disk > label: ST1000LM024 HN-M > duid: abd27361b43df756 > flags: > bytes/sector: 512 > sectors/track: 63 >
Mesa update glxinfo incorrect?
Hi misc, After yesterdays update to mesa 11.0.6 the output of glxinfo suggests that I no longer have OpenGL 3 support on my graphics chip. I am not sure if this is the fault of glxinfo picking up the settings incorrectly in the newer mesa or mesa itself not liking my graphics or me just misunderstanding the output. If you would like any other info, let me know. Renderer info mesa 11.0.6: Extended renderer info (GLX_MESA_query_renderer): Vendor: X.Org (0x1002) Device: AMD PALM (DRM 2.29.0) (0x9807) Version: 11.0.6 Accelerated: yes Video memory: 256MB Unified memory: no Preferred profile: compat (0x2) Max core profile version: 0.0 Max compat profile version: 2.1 Max GLES1 profile version: 1.1 Max GLES[23] profile version: 2.0 OpenGL vendor string: X.Org OpenGL renderer string: Gallium 0.4 on AMD PALM (DRM 2.29.0) OpenGL version string: 2.1 Mesa 11.0.6 OpenGL shading language version string: 1.30 Renderer info mesa 10.2.9: Extended renderer info (GLX_MESA_query_renderer): Vendor: X.Org (0x1002) Device: AMD PALM (0x9807) Version: 10.2.9 Accelerated: yes Video memory: 256MB Unified memory: no Preferred profile: core (0x1) Max core profile version: 3.3 Max compat profile version: 3.0 Max GLES1 profile version: 1.1 Max GLES[23] profile version: 3.0 OpenGL vendor string: X.Org OpenGL renderer string: Gallium 0.4 on AMD PALM OpenGL version string: 2.1 Mesa 10.2.9 OpenGL shading language version string: 1.30 dmesg: OpenBSD 5.8-current (GENERIC.MP) #1651: Mon Nov 23 01:05:22 MST 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP RTC BIOS diagnostic error 80 real mem = 8281387008 (7897MB) avail mem = 8026255360 (7654MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe4800 (29 entries) bios0: vendor Insyde Corp. version "V1.08" date 07/30/2013 bios0: Acer AO725 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP UEFI HPET APIC MCFG ASF! BOOT SLIC SPCR WDRT WDAT FPDT SSDT SSDT acpi0: wakeup devices PB4_(S4) PB6_(S0) SPB0(S0) SPB1(S4) SPB2(S4) SPB3(S0) GEC_(S4) OHC1(S3) OHC2(S3) OHC3(S3) OHC4(S3) XHC0(S3) XHC1(S4) P2P_(S0) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD C-60 APU with Radeon(tm) HD Graphics, 998.30 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: 8 4MB entries fully associative cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 199MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD C-60 APU with Radeon(tm) HD Graphics, 998.19 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,SSSE3,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,IBS,SKINIT,ITSC cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 512KB 64b/line 16-way L2 cache cpu1: 8 4MB entries fully associative cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 4 acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PB4_) acpiprt2 at acpi0: bus 2 (PB5_) acpiprt3 at acpi0: bus -1 (PB6_) acpiprt4 at acpi0: bus -1 (PB7_) acpiprt5 at acpi0: bus -1 (SPB0) acpiprt6 at acpi0: bus -1 (SPB1) acpiprt7 at acpi0: bus -1 (SPB2) acpiprt8 at acpi0: bus -1 (SPB3) acpiprt9 at acpi0: bus 3 (P2P_) acpiec0 at acpi0 acpicpu0 at acpi0: !C2(0@100 io@0x841), C1(@1 halt!), PSS acpicpu1 at acpi0: !C2(0@100 io@0x841), C1(@1 halt!), PSS acpitz0 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: PWRB acpibtn1 at acpi0: SLPB acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT1 model "AL12B32" serial 23547 type LION oem "SANYO" acpibtn2 at acpi0: LID_ acpivideo0 at acpi0: VGA_ acpivout0 at acpivideo0: LCD_ cpu0: 998 MHz: speeds: 1000 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "AMD AMD64 14h Host" rev 0x00 radeondrm0 at pci0 dev 1 function 0 "ATI Radeon HD 6290" rev 0x00 drm0 at radeondrm0 radeondrm0: msi azalia0 at pci0 dev 1 function 1 "ATI Radeon HD 6310 HD Audio" rev 0x00: msi azalia0: no supported codecs ppb0 at pci0 dev 4 function 0 "AMD AMD64 14h PCIE" rev 0x00: msi pci1 at ppb0 bus 1 re0
Recognizing USB plug-ins
With OpenBSD 5.8 if I plug in my USB external drive then check usbdevs or sysctl hw.disknames then I don't see it and dmesg doesn't show anything. If I boot with the drive already plugged in then I see it. I am happy to mount it manually, etc., but I wonder how to get the system to notice the device at all if it wasn't there at boot time. Do I need hotplug for even that, or is there some other thing I should do? (Possibly just read some other bit of documentation that I missed.) -- Mark
Re: 5.8 freezes on Shuttle DS87, anybody else?
On 11/16/2015 04:28 PM, Harald Dunkel wrote: > > See attachment. Hope this helps. > > Regards > Harri > Obviously attachments are not working. Here you go. Hope this helps Harri - login: OpenBSD/amd64 (redgate.red.aixigo.de) (tty00) login: Stopped at Debugger+0x9: leave ddb{0}> trace Debugger() at Debugger+0x9 comintr() at comintr+0x253 intr_handler() at intr_handler+0x67 Xintr_ioapic_edge4() at Xintr_ioapic_edge4+0xc9 --- interrupt --- x86_bus_space_io_write_2() at x86_bus_space_io_write_2+0xf re_intr() at re_intr+0xbd intr_handler() at intr_handler+0x67 Xintr_ioapic_edge22() at Xintr_ioapic_edge22+0xc9 --- interrupt --- Xsoftclock() at Xsoftclock+0x15 --- interrupt --- end trace frame: 0x0, count: -9 0x8: ddb{0}> ps PID PPID PGRPUID S FLAGS WAIT COMMAND 23791 27180 5661 0 30x83 ttyin less 27180 4667 27180 0 30x83 wait bash 4667 6058 4667 0 30x8b pause ksh 6058 11179 6058 0 30x92 selectsshd 26887 1 1 0 30x82 ttyopngetty 9959 1 9959 0 30x83 ttyin getty 167 1167 0 30x83 ttyin getty 14289 1 14289 0 30x83 ttyin getty 23518 1 23518 0 30x83 ttyin getty 26304 1 26304 0 30x83 ttyin getty 27872 1 27872 0 30x83 ttyin getty 31785 1 31785 0 30x80 poll cron 28768 1 28768 0 30x80 kqreadapmd 18511 1948631 30x90 poll dnsmasq 17033 1 17033 99 30x90 poll sndiod 6479 12666 12666 95 30x90 kqreadsmtpd 24124 12666 12666 95 30x90 kqreadsmtpd 27005 12666 12666 95 30x90 kqreadsmtpd 8097 12666 12666 95 30x90 kqreadsmtpd 11978 12666 12666 95 30x90 kqreadsmtpd 19689 12666 12666103 30x90 kqreadsmtpd 12666 1 12666 0 30x80 kqreadsmtpd 11179 1 11179 0 30x80 selectsshd 24589 24236 8654 83 30x90 poll ntpd 24236 8654 8654 83 30x90 poll ntpd 8654 1 8654 0 30x80 poll ntpd 27871 21455 21455 74 30x90 bpf pflogd 21455 1 21455 0 30x80 netio pflogd 18631750750 73 30x90 kqreadsyslogd 750 1750 0 30x80 netio syslogd 16413 0 0 0 3 0x14200 pgzerozerothread 7272 0 0 0 3 0x14200 aiodoned aiodoned 31812 0 0 0 3 0x14200 syncerupdate 30554 0 0 0 3 0x14200 cleaner cleaner 12801 0 0 0 3 0x14200 reaperreaper 23371 0 0 0 3 0x14200 pgdaemon pagedaemon 8472 0 0 0 3 0x14200 bored crypto 8667 0 0 0 3 0x14200 pftm pfpurge 11541 0 0 0 3 0x14200 usbtskusbtask 9707 0 0 0 3 0x14200 usbatsk usbatsk 22037 0 0 0 3 0x14200 bored intelrel 26221 0 0 0 3 0x40014200 acpi0 acpi0 17359 0 0 0 7 0x40014200idle3 12468 0 0 0 7 0x40014200idle2 9787 0 0 0 7 0x40014200idle1 32157 0 0 0 3 0x14200 bored sensors 15878 0 0 0 2 0x14200softnet 6342 0 0 0 3 0x14200 bored systqmp 28852 0 0 0 3 0x14200 bored systq *23231 0 0 0 7 0x40014200idle0 1 0 1 0 30x82 wait init 0 -1 0 0 3 0x10200 scheduler swapper ddb{0}> show registers rdi0x3f8 rsi0 rbp 0x800032d33a38 rbx 0xf9 rdx0x3f8 rcx 0x8188c640cpu_info_primary rax0 r8 0x1 r9 0 r10 0x40 r11 0x81340170x86_bus_space_mem_read_4 r12 0x8023b110 r13 0x8023b000 r14 0x801ce5c0 r150x3f8 rip 0x81343b09Debugger+0x9 cs 0x8 rflags 0x286 rsp
Re: inotifywait alternative
On 2015-11-22, Peter Hajduwrote: > Hi, > > I had been looking around and failed to find an inotifywait alternative > for the kqueue interface. The solutions I know of are far too > heavyweight for my needs. I want to run "make test" automatically each > time a file changes while working on my projects. > Since I wanted to experiment with pledge, kqueue and c anyway, I've > implemented the bare minimum I needed. I'm not sure however if there > are other solutions that would fit my need. Do you know about one? > If not, feel free to try out the outcome and give feedback. > http://github.com/peterhajdu/fwa There is one in ports actually, sysutils/entr - it's a bit more complex than fwa (it also has directory monitoring and executes commands directly, and supports inotify as well as kqueue) but is still reasonably light.
NSD/Unbound clarifications
Hi list, I've switched from Obsd 5.3 from Pfsense to try it. Now I want come back to Obsd. I prefer it. Today, the last version is 5.8 and from 5.6 named was replaced from nsd and unbound. The first is only authoritative and the other is recursive/forwarder/caching/validating/authoritative. In my last valid OBSD config, I used named for my lan (not exposed on internet) only for lan dns serving, not exposed, with recursion and forwarder. Now today I've nsd and unbound that I can use on my firewall. I don't need authoritative server, and I should use unbound. nsd and unbound have similar syntax and I reading from web I can resolve dns with each of them. Now I'm confused...who use? Correct me if I'm wrong: 1) I must use only nsd for authoritative server (internet exposed) for my ipotetic zone (I can use it in my lan for dns resolver?). 2) I can use only unbound for lan dns resolving/caching/validating with zones if not needed an authoritative domain. 3) I can use nsd for authoritative server (internet exposed) and for lan use unbound as recursive/cache dns with the authoritative server. 4) I can use unbound as authoritative server and for recursing and other. 5) NSD is the best for authoritative and unbound for other things.
support new
0 C Brazil P Rio de Janeiro T Teresopolis/RJ Z 25961-225 O Mundounix Consultoria I Luiz Gustavo Costa A M luizgust...@mundounix.com.br U http://www.mundounix.com.br B 55 (21) 2642-0881 X N Opensource consulting, more than 10 years of work with free software, experiencie with Linux/BSD variants, network appliancies and other hardware, python/php/c/c++ code to sysadmin, cloud computer, automation software, cluster. CARP, BGP, Balance/Failover
Re: Bridge and blocknonip
Yeah sorry, English is not my first language and I started by the solution, not the problem. So here is my setup: NETWORK A is a wired network with private IPv4/24 addr a public IPv6/64 addr NETWORK B is a wireless network with private IPv4/24 addr a public IPv6/64 addr The Broadband equipment provides a single IPv4/32 public addr and a public IPv6 /64 addr (French broadband provider Free/Proxad) So the OpenBSD box (PC Engines APU) has one public IPv4/32 addr and one public IPv6 addr on a /64 network. NETWORK A <-> (re0) (bridge0) (re2) <-> Broadband equipment NETWORK B <-/ (athn0) TV Decoder <-> (re0 vlan 100) (bridge1) (re2 vlan 100) <-> IPTV Server The only way I can manage this setup is by bridging the IPv6 traffic and routing/NATing the IPv4 traffic. So what I did, I started from the BLOCKNONIP code and made a bridge that passes only IPv6 traffic. This setup is very common in France and was working perfectly with my patch on OpenBSD 4.x. There is a bridge0 with re0 athn0 re2 (modified blocknonip) And a bridge1 with re2.100 re0.100 Since I upgraded to 5.8 I found that IPv4 ARP requests were slipping through my version of blocknonip. This is a problem because the broadband equipment picks them up. When I started looking at the code, I found that ARP requests from NETWORK B (only from NETWORK B, never NETWORK A, don't know why, maybe because B doesn't have an IP address assigned) were being resent to the external network via new code path that didn't exist in 4.8/4.9. Also, ARP requests on the bridge1 are being resent to the bridge0. Those packets are being sent by bridge_output(). These are not forwarded packets. In my setup, receiving an ARP request from athn0 will spawn another ARP request on re0. Receiving an ARP request on re2.100 will spawn another request on re0 (besides forwarding the request to re0.100). That one does not feel very right even without my patch. So my questions were : First of all, is bridge_output() used to forward packets now? Or is it only for local traffic? If it is sometimes used to forward packets, then a check against BLOCKNONIP would be needed? Reyk Floeter confirmed that it was used only for local traffic. Second, why bridge_output()? In my understanding output is never done directly on the bridge, it is always on one of the underlying interfaces? This could have implications for pf too? From what I saw bridge_output() is used directly only in one obscure case for sending back ICMP errors. But it is also the output function of the interface? This is why I have a hard time finding the origin of those ARP requests. So this is my real question, who sends ARP requests directly on the bridge via bridge_output()? Thank you and I hope that I was clear enough. On 22/11/15 20:37, Martin Pieuchot wrote: On 22/11/15(Sun) 18:30, Momtchil Momtchev wrote: On 22/11/2015 17:48, Martin Pieuchot wrote: On 22/11/15(Sun) 16:56, Momtchil Momtchev wrote: On 22/11/2015 15:52, Martin Pieuchot wrote: When you say "the bridge changed somewhat" are you saying that you see a regression? Could you share your setup that, I guess work with 4.9, and no longer work with 5.8. I don't understand what you mean with "_BLOCKNONIPV6_ bridge". ifconfig(8) clearly say: blocknonip interface Mark interface so that no non-IPv4, IPv6, ARP, or Reverse ARP packets are accepted from it or forwarded to it from other bridge member interfaces I have a modified bridge that adds a new bridge option - BLOCKNONIPV6 - to block IPv4 traffic but pass IPv6 traffic. There's no regression, my only problem was that in 4.9 bridge_output() was never used in my particular case. In 5.8 bridge_output() is used for some strange forwarding of ARP packets - every ARP request on the internal side coming from a bridge interface without an IP address (yes, only on interfaces without an IP address) spawns an ARP request on the external side. That request is coming from bridge_output(), not the usual bridge code path in bridgeintr(). The result of your analysis is either incorrect or there's a bug I couldn't found by looking briefly at the code. In both cases I can't help you because you're not sharing the important pieces of informations. When an ARP packet is received on a bridge member bridgeintr() is called. So what you say about "strange forwarding of ARP packets" doesn't match with what you say as "That request is coming from bridge_output()". In a non-modified stock OpenBSD bridge this would be the correct behaviour, so there is no bug here. What would be this correct behaviour? I don't understand what you're describing so I cannot say if I agree that there's no bug here. But I'd be glad if I could understand. It is just
Re: Who teach the true message about the true free software?
Benjamin Heath wrote > On Nov 20, 2015 9:15 AM, "français" > romapera15@ > wrote: >> >> Please excuse me because I have posted on OpenBSD lists and other lists. >> >> Who teach the true message about the true free software? >> >> I ask this because I not want be deceived by hypocritical liars that >> teach >> falsely about free software. >> >> Hardcore OpenBSD user community, please, for avoid flames, answer me >> using >> message private. > > "I do not want to be deceived by hypocritical liars that teach falsely"... > You're not at church, this isn't a religious organization, they aren't > prophets, and free software should not be a religious doctrine. > > The fact that it's used like one is peculiar, isn't it? > > Now if you'll excuse me, my dogma just got hit by a karma. Benjamin, The doubts that I have are the following: Stallman still is hypocritical liar? reference: http://marc.info/?l=openbsd-misc=119776126523033=2 The projects that are quoted in link that it is below, for example, FreeBSD, still are hypocritical? reference: http://marc.info/?l=openbsd-misc=117407155404984=2 -- View this message in context: http://openbsd-archive.7691.n7.nabble.com/Who-teach-the-true-message-about-th e-true-free-software-tp283358p283563.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: NSD/Unbound clarifications
On 2015-11-23, Alessandro Baggiwrote: > Hi list, > I've switched from Obsd 5.3 from Pfsense to try it. Now I want come back > to Obsd. I prefer it. > > Today, the last version is 5.8 and from 5.6 named was replaced from nsd > and unbound. > > The first is only authoritative and the other is Yes, NSD is authoritative only. > recursive/forwarder/caching/validating/authoritative. No, Unbound is *not* authoritative. For simple use cases Unbound can serve local data - but only for answering queries from standard clients, not from other nameservers. > In my last valid OBSD config, I used named for my lan (not exposed on > internet) only for lan dns serving, not exposed, with recursion and > forwarder. You can do this with just Unbound (local-zone / local-data). You can also do this with a combination of NSD and Unbound if you prefer (configuring Unbound to pass the local zone requests to NSD), but you don't need to. > Now today I've nsd and unbound that I can use on my firewall. > I don't need authoritative server, and I should use unbound. > nsd and unbound have similar syntax and I reading from web I can resolve > dns with each of them. > > Now I'm confused...who use? Correct me if I'm wrong: > > 1) I must use only nsd for authoritative server (internet exposed) for > my ipotetic zone (I can use it in my lan for dns resolver?). > > 2) I can use only unbound for lan dns resolving/caching/validating with > zones if not needed an authoritative domain. > > 3) I can use nsd for authoritative server (internet exposed) and for lan > use unbound as recursive/cache dns with the authoritative server. > > 4) I can use unbound as authoritative server and for recursing and other. > > 5) NSD is the best for authoritative and unbound for other things. You must use an authoritative server (e.g. NSD) to answer external queries (i.e. if your machine is listed as an NS),
Re: azalia audio works, then stutters until reboot
On Fri, Nov 20, 2015 at 10:31:34AM -0700, luke...@onemodel.org wrote: > > $ls -ltrd /tmp/aucat > drwx-- 2 root wheel 512B Nov 20 09:39 /tmp/aucat/ > $ls -ltr /tmp/aucat > ls: aucat: Permission denied > [and timidity playing a .mid file was working] > [then i killed sndiod with ^C.] > > Could the root umask of 0077 be a problem? my /tmp/aucat directory > has different permissions than yours. The problem is in sndiod; it's supposed create a world readable directory regardless the user umask. I just commited the fix; you could either start it with the 022 umask now or rebuild sndiod with sndiod.c rev 1.14 or newer. Let me know if things work better. > I set that umask for all > users to avoid forgetfully > bleeding information between accounts. Another option is to create the home directories with mode 0700 and leave the default umask. This doesn't protect files outside their home dir, but I'm not sure this would be a problem.
MacbookPro 11,1
Hi everyone, I tried a few months ago to boot this into OpenBSD and one of the big problems I ran into was that this is a USB 3 only machine and as such, the keyboard worked at the boot prompt but did not work when I got to the first installer prompt. I'm seeing people talking about working on Macbook Air machines (some of quite recent vintage) so I'm wondering if: 1. There is a patch I can apply to get keyboard support working on the Macbook Pro Retina; or 2. The Macbook Air doesn't have all USB 3 ports so this isn't a problem for that hardware Any suggestions would be appreciated. Thanks, Bryan
Re: Recognizing USB plug-ins
I had the same problem with a computer in the past - if you search the archives, you will find details. Anyway, it was an old IBM machine and got this problem after a BIOS update. I retired it and got a Lenovo which is not having this problem. Maybe yours is not related, but how can one know if you didn't post a dmesg for your model?
Re: Recognizing USB plug-ins
On 23 Nov 2015, Mihai Popescu wrote: > I had the same problem with a computer in the past - if you search the > archives, you will find details. Anyway, it was an old IBM machine and > got this problem after a BIOS update. > I retired it and got a Lenovo which is not having this problem. > > Maybe yours is not related, but how can one know if you didn't post a > dmesg for your model? I thought it was probably the way OpenBSD generally behaves rather than a platform-specific bug. I'm still learning my way around -- it took me long enough to realize that the bundled domain name server is nsd -- so when I'm surprised by something it generally doesn't indicate a problem with anything other than my ignorance. In case it is platform-specific, dmesg here, after booting with the external drive plugged in: OpenBSD 5.8 (GENERIC.MP) #1236: Sun Aug 16 02:31:04 MDT 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17035468800 (16246MB) avail mem = 16515284992 (15750MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xec7b0 (86 entries) bios0: vendor Intel Corporation version "RYBDWi35.86A.0130.2014.1203.1639" date 12/03/2014 bios0: \M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^? \M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^?\M^? acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI SSDT ASF! SSDT SSDT SSDT DMAR acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PS2K(S3) PS2M(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.48 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 1, core 0, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz, 2095.15 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins acpimadt0: bogus nmi for apid 0 acpimadt0: bogus nmi for apid 2 acpimadt0: bogus nmi for apid 1 acpimadt0: bogus nmi for apid 3 acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG0) acpiprt2 at acpi0: bus -1 (PEG1) acpiprt3 at acpi0: bus -1 (PEG2) acpiprt4 at acpi0: bus 1 (RP01) acpiprt5 at acpi0: bus -1 (RP02) acpiprt6 at acpi0: bus -1 (RP03) acpiprt7 at acpi0: bus 2 (RP04) acpiprt8 at acpi0: bus -1 (RP05) acpiprt9 at acpi0: bus -1 (RP06) acpiprt10 at acpi0: bus -1 (RP07) acpiprt11 at acpi0: bus -1 (RP08) acpiec0 at acpi0: not present
Re: Recognizing USB plug-ins
> OpenBSD 5.8 (GENERIC.MP) #1236: Sun Aug 16 02:31:04 MDT 2015 First suggestion is to try the latest snapshot - development is going on. For the ignorant one, you can always see the OpenBSD FAQ, it is an evolving part, too and it explains in details many common tasks in OpenBSD. http://www.openbsd.org/faq/index.html
Re: Logging removal of dependent packages - disregard please
> Was getting kind of weary with the python workarounds. Too bad, pkg_* suite is using perl, if i remember ...
Re: Hitting the bootable cylinder limit?
Theo, if want to suggest that the OP look at Ubuntu-bugs bug 491602, should I do so off-list? ;-) 2015/11/24 1:55 "Alan Corey": > > It seems like there should be a better way to detect this other than > trial and error. I put a new 1 TB drive in my laptop (Seagate > ST1000LM024) about a month ago. Being aware there was such a limit I > made small boot partitions at the beginning of the drive (I thought): > 32 GB Windows, 64 GB OpenBSD, 32 GB Linux. As predicted everything > worked at first, then installing MeTV keys made my Linux unbootable > with an error from Lilo about the key file being corrupt and I suspect > it's related to this limit. The original position of the file was > probably OK, the new file got made in an unreachable position. > [...] Joel Rees Computer memory is just fancy paper, CPUs just fancy pens. All is a stream of text flowing from the past into the future.
Re: Hitting the bootable cylinder limit?
I don't think that's it, I've never had me-tv running. Not too serious about watching TV, I just have a Diamond TVW750U USB dongle tuner I couldn't get to work under Windows, wanted to try it under Linux. I think that Ubuntu bug relates to having a colon in the file name. I'm using Lilo in that partition, which I might be able to fix by reinstalling it, but the same thing is likely to happen at some random point in the future. On 11/23/15, Joel Reeswrote: > Theo, if want to suggest that the OP look at Ubuntu-bugs bug 491602, should > I do so off-list? > > ;-) > > 2015/11/24 1:55 "Alan Corey" : >> >> It seems like there should be a better way to detect this other than >> trial and error. I put a new 1 TB drive in my laptop (Seagate >> ST1000LM024) about a month ago. Being aware there was such a limit I >> made small boot partitions at the beginning of the drive (I thought): >> 32 GB Windows, 64 GB OpenBSD, 32 GB Linux. As predicted everything >> worked at first, then installing MeTV keys made my Linux unbootable >> with an error from Lilo about the key file being corrupt and I suspect >> it's related to this limit. The original position of the file was >> probably OK, the new file got made in an unreachable position. >> > [...] > > Joel Rees > > Computer memory is just fancy paper, > CPUs just fancy pens. > All is a stream of text > flowing from the past into the future. > -- Credit is the root of all evil. - AB1JX
Re: TLS intercepting proxy [MitM]
Am 11/23/15 um 23:41 schrieb Lampshade: Hello, I would like to use privoxy to scrub/delete some informations in application layer (HTTP) going out from my PC. Problem is that a lot of connections are secured with TLS, so privoxy can not filter them. Is there any way to do something like that: Firefox -> decrypt [MitM] -> privoxy -> encrypt securely -(NIC)-> Internet? It is my PC, so I can install new certificate or something like that, but neverthless I don't know how to achieve that result. Is this possible using relayd? Is it possible with other tool in ports or something that I can compile from source? It is about 2 years old but should give you a starting poing: http://www.reykfloeter.com/post/41814177050/relayd-ssl-interception Best, STEFAN
Re: MacbookPro 11,1
I only had to bless my thumb drive so the keyboard worked. Everything else is native when booting from the hard drive afaik. Thanks, Bryan > On Nov 23, 2015, at 4:37 PM, Bryan Vyhmeisterwrote: > >> On Mon, Nov 23, 2015 at 04:20:56PM -0500, Bryan C. Everly wrote: >> The /usr/sbin/bless command was the key that unlocked this for me. I have >> managed to get the latest snapshot installed and booting on this machine. >> I'm in the process of installing a desktop (I run gnome) so I'll let you >> know how that goes. > > You must be using BIOS emulation then? My goal with my install was to > avoid using BIOS emulation if possible. I wanted to be able to install > OpenBSD on a Mac without needing to use OS X at all or dual boot. As I'm > sure you've read, jcs@ has a gist about this process and jasper@ has a > blog post detailing how to do the efiboot like I did. > > I'm looking forward to finding out how it works out for you. > > Bryan
TLS intercepting proxy [MitM]
Hello, I would like to use privoxy to scrub/delete some informations in application layer (HTTP) going out from my PC. Problem is that a lot of connections are secured with TLS, so privoxy can not filter them. Is there any way to do something like that: Firefox -> decrypt [MitM] -> privoxy -> encrypt securely -(NIC)-> Internet? It is my PC, so I can install new certificate or something like that, but neverthless I don't know how to achieve that result. Is this possible using relayd? Is it possible with other tool in ports or something that I can compile from source?
Re: MacbookPro 11,1
On Mon, Nov 23, 2015 at 06:28:04PM -0500, Bryan Everly wrote: > I only had to bless my thumb drive so the keyboard worked. Everything > else is native when booting from the hard drive afaik. Very good. I didn't think about "blessing" the thumb drive. Good idea. Bryan
fritzing menu entry doesn't use the --folder option
Just installed frietzing using pkg_add. AFAIK i'm running the latest -current snapshot (upgraded on 2015/11/13). It installs two files in /usr/local/bin: Fritzing, the main executable fritzing, a shell script that runs Fritzing with the "--folder /usr/local/share/fritzing/" option, telling it where to find parts and other ressources. Now, if i'm right, the menu entry (i use xfce) is built from /usr/local/share/applications/fritzing.desktop, this file contains the line "Exec=Fritzing". It is my understanding that by default Fritzing looks for its ressources in the same directory as the binary. Because of that, launching fritzing from the menu entry (or using /usr/local/bin/Fritzing without the --folder option) makes it unable to find its ressources and complains about it. Now, i'm new to OpenBSD, and don't know what to do from there: _ should i report it as a bug? where? _ should i fix it? how? (modify the .desktop to exec "fritzing" instead of "Fritzing"?), where do i send the correction? Thanks
Re: Hitting the bootable cylinder limit?
Hi Alan. So you are still using Lilo - I thought Grub had taken over :/ I would try to use 32GB FAT32L, 1GB Linux /boot, 64 GB OpenBSD, and the rest of the Linux filesystems including / in Extended DOS. This puts Linux /boot and OpenBSD wd0a within in this case 35GB from disk start. / Raimo Niskanen, Erlang/OTP, Ericsson AB On Mon, Nov 23, 2015 at 11:52:10AM -0500, Alan Corey wrote: > It seems like there should be a better way to detect this other than > trial and error. I put a new 1 TB drive in my laptop (Seagate > ST1000LM024) about a month ago. Being aware there was such a limit I > made small boot partitions at the beginning of the drive (I thought): > 32 GB Windows, 64 GB OpenBSD, 32 GB Linux. As predicted everything > worked at first, then installing MeTV keys made my Linux unbootable > with an error from Lilo about the key file being corrupt and I suspect > it's related to this limit. The original position of the file was > probably OK, the new file got made in an unreachable position. > > So I've probably got some storage-only partitions that won't boot, but > I want to avoid the same thing happening when I put a 1 TB drive > (Seagate > ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I > really would like Linux working somewhere since I want to play with > Android stuff. I need to be able to build kernels for my phones and > use Android Studio. > > So on the laptop: > Disk: wd0 geometry: 121601/255/63 [1953525168 Sectors] > Offset: 0 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > *0: 0C 0 1 1 - 4079 254 63 [ 63:65545137 ] Win95 FAT32L > 1: A6 4080 0 1 - 12365 254 63 [65545200: 133114590 ] OpenBSD > 2: 83 12366 0 1 - 16444 254 63 [ 198659790:65529135 ] Linux files* > 3: 05 16445 0 62 - 121600 254 63 [ 264188986: 1689331079 ] Extended DOS > Offset: 264188986 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > 0: 0B 16445 1 1 - 20524 254 63 [ 264188988:65545137 ] Win95 FAT-32 > 1: 05 20525 0 1 - 24604 254 63 [ 329734125:65545200 ] Extended DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 329734125 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > 0: 0B 20525 1 1 - 24604 254 63 [ 329734188:65545137 ] Win95 FAT-32 > 1: 05 24605 0 1 - 25114 254 63 [ 395279325: 8193150 ] Extended DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 395279325 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > 0: 82 24605 1 1 - 25114 254 63 [ 395279388: 8193087 ] Linux swap > 1: 05 25115 0 1 - 88856 76 52 [ 403472475: 1024004005 ] Extended DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 403472475 Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > 0: A6 25115 63 37 - 88856 76 52 [ 403476480: 102400 ] OpenBSD > 1: 05 88857 0 1 - 121600 254 63 [ 1427487705: 526032360 ] Extended DOS > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > Offset: 1427487705Signature: 0xAA55 > Starting Ending LBA Info: > #: id C H S - C H S [ start:size ] > - -- > 0: 83 88857 1 1 - 121600 254 63 [ 1427487768: 526032297 ] Linux files* > 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused > > # /dev/rwd0c: > type: ESDI > disk: ESDI/IDE disk > label: ST1000LM024 HN-M > duid:
Re: Bridge and blocknonip
On 23/11/15(Mon) 12:57, Momtchil Momtchev wrote: > [...] > So here is my setup: > > NETWORK A is a wired network with private IPv4/24 addr a public IPv6/64 > addr > NETWORK B is a wireless network with private IPv4/24 addr a public > IPv6/64 addr > The Broadband equipment provides a single IPv4/32 public addr and a > public IPv6 /64 addr (French broadband provider Free/Proxad) > So the OpenBSD box (PC Engines APU) has one public IPv4/32 addr and one > public IPv6 addr on a /64 network. > > > NETWORK A <-> (re0) (bridge0) (re2) <-> Broadband equipment > NETWORK B <-/ (athn0) > > TV Decoder <-> (re0 vlan 100) (bridge1) (re2 vlan 100) <-> IPTV Server > > > The only way I can manage this setup is by bridging the IPv6 traffic and > routing/NATing the IPv4 traffic. > So what I did, I started from the BLOCKNONIP code and made a bridge that > passes only IPv6 traffic. > This setup is very common in France and was working perfectly with my > patch on OpenBSD 4.x. > > There is a bridge0 with > re0 > athn0 > re2 (modified blocknonip) > > And a bridge1 with > re2.100 > re0.100 > > Since I upgraded to 5.8 I found that IPv4 ARP requests were slipping > through my version of blocknonip. This is a problem because the broadband > equipment picks them up. When I started looking at the code, I found that > ARP requests from NETWORK B (only from NETWORK B, never NETWORK A, don't > know why, maybe because B doesn't have an IP address assigned) were being > resent to the external network via new code path that didn't exist in > 4.8/4.9. It's hard to discuss without seeing your "version of blocknonip". But still what have you seen? You're still giving your conclusion instead of what you observed. Did you use tcpdump(8) on the interfaces? What kind of ARP request are we talking about here? echo, reply? Sent from which host? To which destination? > Also, ARP requests on the bridge1 are being resent to the bridge0. > Those packets are being sent by bridge_output(). That seems to be a known regression on 5.8 because re(4) supports hardware VLAN. The problem is that bridge_input() is called before vlan_input() for every packet received on a physical interface. Since the hardware have already removed the VLAN header you see it in bridge0. This should be fixed in -current as long as you configure your pseudo interfaces in the order you need: # ifconfig bridge0 add re0 # ifconfig vlan0 vlan 100 vlandev re0 This way vlan_input() will run before bridge_input() and the packets with a VLAN ID 100 wont enter bridge0 > Those packets are being sent by bridge_output(). These are not forwarded > packets. Which packets? Sorry but I don't understand what kind of packets you're talking about so I cannot help. > In my setup, receiving an ARP request from athn0 will spawn another > ARP request on re0. Receiving an ARP request on re2.100 will spawn another > request on re0 (besides forwarding the request to re0.100). That one does > not feel very right even without my patch. So my questions were : > > First of all, is bridge_output() used to forward packets now? Or is it > only for local traffic? If it is sometimes used to forward packets, then a > check against BLOCKNONIP would be needed? Reyk Floeter confirmed that it was > used only for local traffic. It is only used to send local traffic, just like Reyk said. > Second, why bridge_output()? In my understanding output is never done > directly on the bridge, it is always on one of the underlying interfaces? Please look at the code, we write Free Software for a reason: http://bxr.su/search?q=bridge_outputOpenBSD > This could have implications for pf too? I don't understand your question. What could have implication? > From what I saw bridge_output() is > used directly only in one obscure case for sending back ICMP errors. Why do you think it's an obscure case? > But it > is also the output function of the interface? This is why I have a hard time > finding the origin of those ARP requests. So this is my real question, who > sends ARP requests directly on the bridge via bridge_output()? One do not find who send packets by looking at the code but by looking at the packets. Since the beginning of this thread we don't know the content of the packets, so we don't if they are forwarded or not, if they are multicast or not if they are addressed to the OpenBSD machine or not, if they are reply to other packets: we know nothing. Plus we don't know the output of your ifconfig nor which code you're running. Come on, if you want some help, let others help you ;) Cheers, Martin
Re: Logging removal of dependent packages
On Mon, Nov 23, 2015 at 05:20:54PM +0200, li...@wrant.com wrote: > Hi misc@ readers, Marc, > > Interactive removal of a package with pkg_delete $pkg_name also asks > the removal of dependent packages (cool). > > This works OK and logs the removal of the package $pkg_name in messages > at the end of the procedure. But does not seem to log the removal of > the packages that also depend on the removed bits (and got removed). I > may be looking at the wrong place or something, but expected this to be > the same place. > > Would it be a good idea to also log removal of the dependent packages > while removing a package, for the sake of operator awareness? > > P.S. Running pkg_delete -a manually afterwards logs fine removed > packages (fallout) just fine. The removed dependants of $pkg_name > however are not logged in messages log. The result is, some details > are missed in the messages, while others comparative details are there. > > I'm asking because a python 2.7 upgrade from packages fails on a i386 > older machine here, and have to remove it to upgrade my packages. I > really don't care much about the python bit, just asking for the > logging case as explained above. > > Please ignore if this is superfluous noise, or wastes precious time. > > Regards, > Anton /var/log/messages has all the info, actually.
Re: NSD/Unbound clarifications
Thanks for clarification. Unbound configured and works well. Another question abount unbound "capacity". I've configured unbound for a small network. What is "maximum capacity" of Unbound? Is suitable for big networks? Il 23/11/2015 13:28, Dahlberg, David ha scritto: Am Montag, den 23.11.2015, 12:24 +0100 schrieb Alessandro Baggi: Today, the last version is 5.8 and from 5.6 named was replaced from nsd and unbound. The first is only authoritative and the other is recursive/forwarder/caching/validating/authoritative. Right. Except that unbound is not really intended to work as an authoritative server, except maybe for a tiny local stub zone. Now today I've nsd and unbound that I can use on my firewall. I don't need authoritative server, and I should use unbound. Correct. nsd and unbound have similar syntax and I reading from web I can resolve dns with each of them. Wrong. You cannot use nsd as a resolver. It is authoritative only. Now I'm confused...who use? You want to announce your domain to the whole internet? Use NSD. You want to resolve internet domain names for your clients? Use unbound. You want to do both? Use both. Correct me if I'm wrong: 1) I must use only nsd for authoritative server (internet exposed) for my ipotetic zone (I can use it in my lan for dns resolver?). No. It is not a resolver. It won't answer to queries for domains that it does not host. 2) I can use only unbound for lan dns resolving/caching/validating with zones if not needed an authoritative domain. Correct. 3) I can use nsd for authoritative server (internet exposed) and for lan use unbound as recursive/cache dns with the authoritative server. With the authoritative server being nsd, right. 4) I can use unbound as authoritative server and for recursing and other. You seem to confuse the concepts of authoritative and recursing. The authoritative server is the Facebook DNS server that answers queries for the facebook.com domain. Just for that domain. It won't answer queries for other domains nor queries that have the "recurse" flag set. A resolver is typically located at your provider. You query it for any domain and it will happily resolve that query for you (by querying the authoritative servers). See https://en.wikipedia.org/wiki/Domain_Name_Sy stem image in chapter "Address resolution mechanism": The "DNS recurser" in the image is the resolver, the "root/org/wikipedia.org nameservers" are authoritative ones. Unbound is a resolver. It may also have authoritative functions for a small local zone (e.g. "mylaptop.local", "myfileshare.local" and "mytv.local"). But if you really want to host a domain, you should use NSD instead. 5) NSD is the best for authoritative and unbound for other things. NSD is /only/ useful as an authoritative server (i.e. serving a zone). It cannot resolve. Unbound is most useful for resolving DNS names (i.e. you send it a query, it will figure out the answer). Here is how it works: (1) Your clients (PC, Laptop, Playstation) will send queries to the resolver (e.g. dnsmasq, unbound, bind9). Asking them for IP adresses for openbsd.org, gmail.com and sony.com. (2) The resolver will send queries to the authoritative nameservers (e.g. bind9, nsd) of Root, Verisign (.com and .org), Google (gmail.com) OpenBSD and Sony to find out the requested IP addresses. (3) The resolver will return the result to your clients. Bind9 of the Internet Systems Consortium just happens to be a software, that can do both jobs: It can be a resolver, or an authoritative nameserver, or even both at the same time. NLnet Labs decided not to go that way. They created software just for the authoritative nameserver task (NSD) and one for the resolver task (unbound). Cheers David
Re: Bridge and blocknonip
On 23/11/15 16:01, Martin Pieuchot wrote: On 23/11/15(Mon) 12:57, Momtchil Momtchev wrote: [...] That seems to be a known regression on 5.8 because re(4) supports hardware VLAN. The problem is that bridge_input() is called before vlan_input() for every packet received on a physical interface. Since the hardware have already removed the VLAN header you see it in bridge0. This should be fixed in -current as long as you configure your pseudo interfaces in the order you need: # ifconfig bridge0 add re0 # ifconfig vlan0 vlan 100 vlandev re0 This way vlan_input() will run before bridge_input() and the packets with a VLAN ID 100 wont enter bridge0 Ok, this was the missing piece of information. Thank you. This explains everything. I will try -current asap and then will try to sort out things with my patch. Before I was using 4.9 on PC Engines ALIX with vr(4), and now I have 5.8 on PC Engines APU with re(4).
Re: NSD/Unbound clarifications
On Mon, Nov 23, 2015 at 04:27:08PM +0100, Alessandro Baggi wrote: > I've configured unbound for a small network. What is "maximum > capacity" of Unbound? Is suitable for big networks? What was the maximum capacity of bind? Was it suitable for big networks? How did you find out? -- I'm not entirely sure you are real.
Re: azalia audio works, then stutters until reboot
On 11/23/15 05:11, Alexandre Ratchov wrote: On Fri, Nov 20, 2015 at 10:31:34AM -0700, luke...@onemodel.org wrote: Could the root umask of 0077 be a problem? my /tmp/aucat directory has different permissions than yours. The problem is in sndiod; it's supposed create a world readable directory regardless the user umask. I just commited the fix; you could either start it with the 022 umask now or rebuild sndiod with sndiod.c rev 1.14 or newer. Let me know if things work better. Thanks. Now sndiod -ddd log output is more like what you were looking for. Would it be good for sndiod to complain more verbosely when that problem occurs (ie, in a way that's easier to diagnose such an issue in the future)? I set that umask for all users to avoid forgetfully bleeding information between accounts. Another option is to create the home directories with mode 0700 and leave the default umask. This doesn't protect files outside their home dir, but I'm not sure this would be a problem. Would the 0077 umask simply be a better default for the OS? I haven't checked historical discussions behind that yet, but on the surface it seems better to me. Some issues would have to be addressed in packages. Or is that a question I should ask in a separate thread? Now, having changed that permission, and restarted sndiod to get the log output, I duplicated your earlier diagnostic tips with aucat, then played part of a .mid file with timidity, no problems to there, all showing in the log, then started a video in smplayer (now under a different account, via ssh -X), jumping forward/backward with L/R arrow keys, and then adjusting the volume using the xfce applet, which finally duplicated the stuttering sound problem. /tmp#la aucat/ total 24 srw-rw-rw- 1 root wheel 0 Nov 23 08:26 aucat0 drwxr-xr-x 2 root wheel 512 Nov 23 08:26 . drwxrwxrwt 30 root wheel 7168 Nov 23 08:46 .. Does the log show anything useful about what might cause the stuttering or what I could do for more info? I posted the new log at: ftp://onemodel.org/sndiod2.log Thanks again, Luke
Re: Who teach the true message about the true free software?
On Fri, Nov 20, 2015 at 11:20 AM, françaiswrote: > Who teach the true message about the true free software? You are asking a false question. -- Raul
Hitting the bootable cylinder limit?
It seems like there should be a better way to detect this other than trial and error. I put a new 1 TB drive in my laptop (Seagate ST1000LM024) about a month ago. Being aware there was such a limit I made small boot partitions at the beginning of the drive (I thought): 32 GB Windows, 64 GB OpenBSD, 32 GB Linux. As predicted everything worked at first, then installing MeTV keys made my Linux unbootable with an error from Lilo about the key file being corrupt and I suspect it's related to this limit. The original position of the file was probably OK, the new file got made in an unreachable position. So I've probably got some storage-only partitions that won't boot, but I want to avoid the same thing happening when I put a 1 TB drive (Seagate ST31000340AS) in my laptop machine (Dell Optiplex GX270) because I really would like Linux working somewhere since I want to play with Android stuff. I need to be able to build kernels for my phones and use Android Studio. So on the laptop: Disk: wd0 geometry: 121601/255/63 [1953525168 Sectors] Offset: 0 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- *0: 0C 0 1 1 - 4079 254 63 [ 63:65545137 ] Win95 FAT32L 1: A6 4080 0 1 - 12365 254 63 [65545200: 133114590 ] OpenBSD 2: 83 12366 0 1 - 16444 254 63 [ 198659790:65529135 ] Linux files* 3: 05 16445 0 62 - 121600 254 63 [ 264188986: 1689331079 ] Extended DOS Offset: 264188986 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 0B 16445 1 1 - 20524 254 63 [ 264188988:65545137 ] Win95 FAT-32 1: 05 20525 0 1 - 24604 254 63 [ 329734125:65545200 ] Extended DOS 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused Offset: 329734125 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 0B 20525 1 1 - 24604 254 63 [ 329734188:65545137 ] Win95 FAT-32 1: 05 24605 0 1 - 25114 254 63 [ 395279325: 8193150 ] Extended DOS 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused Offset: 395279325 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 82 24605 1 1 - 25114 254 63 [ 395279388: 8193087 ] Linux swap 1: 05 25115 0 1 - 88856 76 52 [ 403472475: 1024004005 ] Extended DOS 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused Offset: 403472475 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: A6 25115 63 37 - 88856 76 52 [ 403476480: 102400 ] OpenBSD 1: 05 88857 0 1 - 121600 254 63 [ 1427487705: 526032360 ] Extended DOS 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused Offset: 1427487705 Signature: 0xAA55 Starting Ending LBA Info: #: id C H S - C H S [ start:size ] --- 0: 83 88857 1 1 - 121600 254 63 [ 1427487768: 526032297 ] Linux files* 1: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 2: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused 3: 00 0 0 0 - 0 0 0 [ 0: 0 ] unused # /dev/rwd0c: type: ESDI disk: ESDI/IDE disk label: ST1000LM024 HN-M duid: abd27361b43df756 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 121601 total sectors: 1953525168 boundstart: 65545200 boundend: 198659790 drivedata: 0 16 partitions: #size offset fstype [fsize bsize cpg] a: 4194288 65545200 4.2BSD 2048 163841 # / b: 524288 69739488swap # none c: 19535251680 unused d: 6291456 70263776 4.2BSD 2048 163841
Logging removal of dependent packages
Hi misc@ readers, Marc, Interactive removal of a package with pkg_delete $pkg_name also asks the removal of dependent packages (cool). This works OK and logs the removal of the package $pkg_name in messages at the end of the procedure. But does not seem to log the removal of the packages that also depend on the removed bits (and got removed). I may be looking at the wrong place or something, but expected this to be the same place. Would it be a good idea to also log removal of the dependent packages while removing a package, for the sake of operator awareness? P.S. Running pkg_delete -a manually afterwards logs fine removed packages (fallout) just fine. The removed dependants of $pkg_name however are not logged in messages log. The result is, some details are missed in the messages, while others comparative details are there. I'm asking because a python 2.7 upgrade from packages fails on a i386 older machine here, and have to remove it to upgrade my packages. I really don't care much about the python bit, just asking for the logging case as explained above. Please ignore if this is superfluous noise, or wastes precious time. Regards, Anton
Re: MacbookPro 11,1
On Mon, Nov 23, 2015 at 09:22:04AM -0500, Bryan C. Everly wrote: > I tried a few months ago to boot this into OpenBSD and one of the big > problems I ran into was that this is a USB 3 only machine and as such, the > keyboard worked at the boot prompt but did not work when I got to the first > installer prompt. I never had any success with any Apple machine of recent vintage until efiboot became available very recently. Now with the changes to inteldrm(4) over the weekend, most things are working well for me. > I'm seeing people talking about working on Macbook Air machines (some of > quite recent vintage) so I'm wondering if: > > 1. There is a patch I can apply to get keyboard support working on the > Macbook Pro Retina; or I was corresponding with Joerg Jung about his 2015 12-inch Retina MacBook and he also has the same issue. I also booted up my 2015 12-inch Retina MacBook yesterday and had no keyboard at all. His solution was a USB keyboard and a USB hub. I didn't have either handy but may try that later today. In the case of the 12-inch Retina MacBook, there is only that single USB-C port so I'm not sure if the USB hub was needed for any reason other than to provide at least two ports (one for USB flash drive and one for USB keyboard). > 2. The Macbook Air doesn't have all USB 3 ports so this isn't a problem > for that hardware The last several generations only show xhci(4) rather than any uhci(4). I don't know what is different about the MacBook Air systems that allows the keyboard to work since the keyboard does attach as ukbd(4). > Any suggestions would be appreciated. My solution was to create an OpenBSD efiboot flash drive and then things worked fairly well. In your case, you probably need a USB keyboard and possibly a USB hub. I will post a separate post soon with more information about both of my MacBook Air systems but, in short, the 2013 MacBook Air, which is a Haswell system like your MacBook Pro, works quite well. Obviously wireless is not supported but a urtwn(4) USB wireless adapter works fine. X acceleration works fine as does xbacklight(1) to set screen brightness. The brightness buttons on the keyboard do not work though. Keyboard backlight is functional (although not yet adjustable) due to Joerg Jung's recent asmc(4) driver. The 2015 MacBook Air which is a Broadwell system works almost as well but does not have X acceleration at this time (disabled for now due to instability) and also does not respond to xbacklight(1) so there is no way to adjust screen brightness. To see the state of things in Linux, I also installed Fedora 23 last week which comes with Linux kernel 4.2 and that also could not adjust the brightness of the display at all even though it acted as though it was working. I am interested to see what you find with your system since I am looking to pick up a similar Haswell Retina MacBook Pro from the refurbished store to use with OpenBSD as well. Bryan
Re: Logging removal of dependent packages
On Mon, 23 Nov 2015 16:31:35 +0100 Marc Espiewrote: > On Mon, Nov 23, 2015 at 05:20:54PM +0200, li...@wrant.com wrote: > > Hi misc@ readers, Marc, > > > > Interactive removal of a package with pkg_delete $pkg_name also asks > > the removal of dependent packages (cool). > > > > This works OK and logs the removal of the package $pkg_name in messages > > at the end of the procedure. But does not seem to log the removal of > > the packages that also depend on the removed bits (and got removed). I > > may be looking at the wrong place or something, but expected this to be > > the same place. > > > > Would it be a good idea to also log removal of the dependent packages > > while removing a package, for the sake of operator awareness? > > > > P.S. Running pkg_delete -a manually afterwards logs fine removed > > packages (fallout) just fine. The removed dependants of $pkg_name > > however are not logged in messages log. The result is, some details > > are missed in the messages, while others comparative details are there. > > > > I'm asking because a python 2.7 upgrade from packages fails on a i386 > > older machine here, and have to remove it to upgrade my packages. I > > really don't care much about the python bit, just asking for the > > logging case as explained above. > > /var/log/messages has all the info, actually. > Thanks for looking into this, Marc. Here is what happened: $ sudo pkg_delete python can't delete python-2.7.10 without deleting glib2-2.46.1p0 Delete them as well ? [y/N/a] y can't delete glib2-2.46.1p0 without deleting desktop-file-utils-0.22p0 irssi-0.8.16p0 irssi-xmpp-0.52p2 loudmouth-1.4.3p6 mcabber-0.10.3 Delete them as well ? [y/N/a] y desktop-file-utils-0.22p0:mcabber-0.10.3: ok desktop-file-utils-0.22p0: ok loudmouth-1.4.3p6:irssi-xmpp-0.52p2: ok loudmouth-1.4.3p6: ok can't delete irssi-0.8.16p0 without deleting irssi-icb-0.14p10 irssi-otr-1.0.1 Delete them as well ? [y/N/a] y irssi-otr-1.0.1: ok irssi-icb-0.14p10: ok irssi-0.8.16p0: ok glib2-2.46.1p0: ok python-2.7.10: ok Read shared items: ok --- -python-2.7.10 --- Don't forget to remove /usr/local/bin/python, /usr/local/bin/2to3, /usr/local/bin/python-config and/or /usr/local/bin/pydoc if they were symlinks to /usr/local/bin/python2.7, /usr/local/bin/python2.7-2to3, /usr/local/bin/python2.7-config or to /usr/local/bin/pydoc2.7. Error deleting directory /usr/local/include/python2.7: Directory not empty $ sudo pkg_delete -a nghttp2-1.4.0:gpgme-1.5.1p1: ok nghttp2-1.4.0:gnupg-1.4.19p0: ok libelf-0.8.13p3: ok partial-python-2.7.10: ok libassuan-2.1.1: ok libotr-4.1.0: ok libgpg-error-1.20:libgcrypt-1.6.4: ok libgpg-error-1.20: ok bzip2-1.0.6p7: ok libffi-3.2.1: ok Read shared items: ok This got logged in /var/log/messages Nov 23 16:00:57 fire pkg_delete: Removed python-2.7.10 Nov 23 16:01:18 fire pkg_delete: Removed gpgme-1.5.1p1 Nov 23 16:01:22 fire pkg_delete: Removed gnupg-1.4.19p0 Nov 23 16:01:23 fire pkg_delete: Removed libelf-0.8.13p3 Nov 23 16:01:23 fire pkg_delete: Removed partial-python-2.7.10 Nov 23 16:01:26 fire pkg_delete: Removed libassuan-2.1.1 Nov 23 16:01:28 fire pkg_delete: Removed libotr-4.1.0 Nov 23 16:01:30 fire pkg_delete: Removed libgcrypt-1.6.4 Nov 23 16:01:32 fire pkg_delete: Removed libgpg-error-1.20 Nov 23 16:01:34 fire pkg_delete: Removed bzip2-1.0.6p7 Nov 23 16:01:35 fire pkg_delete: Removed libffi-3.2.1 I'm missing notion of removed "delete them as well" packages, or should I expect these to be logged at all? Regards, Anton
Re: Logging removal of dependent packages - disregard please
On Mon, 23 Nov 2015 20:56:58 +0100 Marc Espiewrote: > On Mon, Nov 23, 2015 at 08:10:01PM +0200, li...@wrant.com wrote: > > > > You're right Marc, I found these, sorry for the noise (duh): > > > > Nov 23 15:58:37 fire pkg_delete: Removed mcabber-0.10.3 > > Nov 23 15:58:38 fire pkg_delete: Removed desktop-file-utils-0.22p0 > > Nov 23 15:58:38 fire pkg_delete: Removed irssi-xmpp-0.52p2 > > Nov 23 15:58:40 fire pkg_delete: Removed loudmouth-1.4.3p6 > > Nov 23 15:58:44 fire pkg_delete: Removed irssi-otr-1.0.1 > > Nov 23 15:58:44 fire pkg_delete: Removed irssi-icb-0.14p10 > > Nov 23 15:58:53 fire pkg_delete: Removed irssi-0.8.16p0 > > Nov 23 15:59:38 fire pkg_delete: Removed glib2-2.46.1p0 > > Nov 23 16:00:01 fire newsyslog[4165]: logfile turned over > > > > An unfortunate coincidence of log file turnover, less --follow-name > > misuse and a forehead slapping moment. Was getting kind of weary with > > the python workarounds. > > > To expand on this (answered quickly this morning): the idea with > recent iterations of pkg_add/pkg_delete (with manual vs automatic > installs) is to try to present the user with slightly less information > (e.g., only the apps he's concerned about), so we hide various > details such as pkg_delete -a "summary". Got it, thanks and I concur on this. I should have checked better before asking and eliminate coincidence / uncertainties my end first. > On the other hand, we do log everything, without any indication of > 'why' a package got added or removed, as complementary information > (allows you to simply log 'snapshots' of the state of your system, > possibly usable by security scripts to check for anything funny). That's the main reason behind me questioning it and the head scratching moments. My idea is to process the logs for state tracking, at least observational purposes for now. > In short, there's so much information actually computed inside the > tools that it's quite difficult to figure out what to display and > where... > > > What you have is the best compromise at the moment. Understood. Thank you for the good high level explanation, appreciated. I feel good about it. The only comments I'll ever make related to pkg tools is if there is some (any at all) ambiguity, and/or state tracking consistency anyway, so don't expect to hear annoying stuff from me anytime soon ;-) I am a proponent of the idea of ability to feed status data (logs etc), or any data / output produced for further processing much in the Unix philosophy of interfacing programs. Sorry for the noise once again, thanks Marc. Regards, Anton
Re: MacbookPro 11,1
Bryan, The /usr/sbin/bless command was the key that unlocked this for me. I have managed to get the latest snapshot installed and booting on this machine. I'm in the process of installing a desktop (I run gnome) so I'll let you know how that goes. Thanks to everyone for their help. Thanks, Bryan On Mon, Nov 23, 2015 at 12:15 PM, Bryan Vyhmeisterwrote: > On Mon, Nov 23, 2015 at 09:22:04AM -0500, Bryan C. Everly wrote: > > I tried a few months ago to boot this into OpenBSD and one of the big > > problems I ran into was that this is a USB 3 only machine and as such, > the > > keyboard worked at the boot prompt but did not work when I got to the > first > > installer prompt. > > I never had any success with any Apple machine of recent vintage until > efiboot became available very recently. Now with the changes to > inteldrm(4) over the weekend, most things are working well for me. > > > I'm seeing people talking about working on Macbook Air machines (some of > > quite recent vintage) so I'm wondering if: > > > > 1. There is a patch I can apply to get keyboard support working on the > > Macbook Pro Retina; or > > I was corresponding with Joerg Jung about his 2015 12-inch Retina > MacBook and he also has the same issue. I also booted up my 2015 12-inch > Retina MacBook yesterday and had no keyboard at all. His solution was a > USB keyboard and a USB hub. I didn't have either handy but may try that > later today. In the case of the 12-inch Retina MacBook, there is only > that single USB-C port so I'm not sure if the USB hub was needed for any > reason other than to provide at least two ports (one for USB flash drive > and one for USB keyboard). > > > 2. The Macbook Air doesn't have all USB 3 ports so this isn't a problem > > for that hardware > > The last several generations only show xhci(4) rather than any uhci(4). > I don't know what is different about the MacBook Air systems that allows > the keyboard to work since the keyboard does attach as ukbd(4). > > > Any suggestions would be appreciated. > > My solution was to create an OpenBSD efiboot flash drive and then things > worked fairly well. In your case, you probably need a USB keyboard and > possibly a USB hub. I will post a separate post soon with more > information about both of my MacBook Air systems but, in short, the 2013 > MacBook Air, which is a Haswell system like your MacBook Pro, works > quite well. Obviously wireless is not supported but a urtwn(4) USB > wireless adapter works fine. X acceleration works fine as does > xbacklight(1) to set screen brightness. The brightness buttons on the > keyboard do not work though. Keyboard backlight is functional (although > not yet adjustable) due to Joerg Jung's recent asmc(4) driver. > > The 2015 MacBook Air which is a Broadwell system works almost as well > but does not have X acceleration at this time (disabled for now due to > instability) and also does not respond to xbacklight(1) so there is no > way to adjust screen brightness. To see the state of things in Linux, I > also installed Fedora 23 last week which comes with Linux kernel 4.2 and > that also could not adjust the brightness of the display at all even > though it acted as though it was working. > > I am interested to see what you find with your system since I am looking > to pick up a similar Haswell Retina MacBook Pro from the refurbished > store to use with OpenBSD as well. > > Bryan
Re: MacbookPro 11,1
On Mon, Nov 23, 2015 at 04:20:56PM -0500, Bryan C. Everly wrote: > The /usr/sbin/bless command was the key that unlocked this for me. I have > managed to get the latest snapshot installed and booting on this machine. > I'm in the process of installing a desktop (I run gnome) so I'll let you > know how that goes. You must be using BIOS emulation then? My goal with my install was to avoid using BIOS emulation if possible. I wanted to be able to install OpenBSD on a Mac without needing to use OS X at all or dual boot. As I'm sure you've read, jcs@ has a gist about this process and jasper@ has a blog post detailing how to do the efiboot like I did. I'm looking forward to finding out how it works out for you. Bryan