Re: cannot allocate memory

2016-03-18 Thread Roman Gorelov 
Solved, thank you. I was imprudent.

Re: OpenNTP features

2016-03-18 Thread Brent Cook 
> On Mar 16, 2016, at 6:23 AM, Gabor Juhasz  wrote:
>
> Hi All,
>
> In our IoT project we have to select an NTPd for our embedded device
> in order it can have accurate time.
> It uses 3G/4G mobile net. Of course the net is expensive so we have to
> reduce the
> network usage. Currently we have 2 candidates : OpenNTPd and Chrony.
>
> In OpenNTP (5.7p4)  we are missing some features and we are looking
> for some solutions
> or workarounds to provide them. Do you have any idea how to do it with
> OpenNTPd :
>
> * Maxchange
> Maximum allowed offset corrected on a clock update. If the delta is
> bigger ntpd exists.

I think you need to explain more about why you need this. I can guess, but
that's not necessarily solving your problem.

So hypothetically, you have a device that might have a big initial delta on
boot, but might not have network access within the first 15 seconds of
starting ntpd. Is that why simply using 'ntpd -s' at startup is not enough for
this case? How would you know to trust any big jumps from NTP servers later
on? Is your proposal to still only allow for a one-time initial setting
(basically, make -s active forever until the time is initially set)?
Otherwise, this opens a big hole.

http://www.slideshare.net/jselvi/breaking-ssl-51430174


> * Polltime
> maxpoll /minpoll : setting the minimum/maximum polling interval
>
> * Offline mode
> You tell the ntpd that network is not available. So it will not keep
> trying to connect to ntp servers.
>
> Kind regards,
> Gabor Juhasz

minor corrections diff for 59.html

2016-03-18 Thread Rob Pierce 
Some punctuation, case and grammer corrections along with a few hrefs.

For your consideration.

Index: 59.html
===
RCS file: /cvs/www/59.html,v
retrieving revision 1.72
diff -u -p -r1.72 59.html
--- 59.html 16 Mar 2016 19:10:52 -  1.72
+++ 59.html 18 Mar 2016 19:48:20 -
@@ -120,7 +120,7 @@ to 5.9.
 driver now supports sector mode for eMMC devices, such as those found 
on
 some BeagleBone Black boards.
 The http://www.openbsd.org/cgi-bin/man.cgi?query=cnmac";>cnmac(4)
-driver now supports checksum offloading
+driver now supports checksum offloading.
 The http://www.openbsd.org/cgi-bin/man.cgi?query=ipmi";>ipmi(4)
 driver now supports OpenIPMI compatible character device.
 ...
@@ -171,7 +171,7 @@ to 5.9.
 
 Userland programs were audited so that they could be properly annotated
 with pledge(2).
-This resulted in design changes such as
+This resulted in design changes such as:
 
 
 addition of
@@ -206,17 +206,17 @@ to 5.9.
 
 SMP network stack improvements:
 
-The task processing incoming packets can now runs mostly in parallel
+The task processing incoming packets can now run mostly in parallel
 of the rest of the kernel, this include:
 
 http://www.openbsd.org/cgi-bin/man.cgi?query=carp";>carp(4),
 http://www.openbsd.org/cgi-bin/man.cgi?query=trunk";>trunk(4),
 http://www.openbsd.org/cgi-bin/man.cgi?query=vlan";>vlan(4)
 and other pseudo-driver with the exception of
-http://www.openbsd.org/cgi-bin/man.cgi?query=bridge";>bridge(4)
-Ethernet decapsulation, ARP processing and MPLS forwarding path
+http://www.openbsd.org/cgi-bin/man.cgi?query=bridge";>bridge(4).
+Ethernet decapsulation, ARP processing and MPLS forwarding path.
 http://www.openbsd.org/cgi-bin/man.cgi?query=bpf";>bpf(4)
-filter matching
+filter matching.
 
 The Rx and Tx rings of the
 http://www.openbsd.org/cgi-bin/man.cgi?query=ix";>ix(4),
@@ -228,10 +228,10 @@ to 5.9.
 http://www.openbsd.org/cgi-bin/man.cgi?query=gem";>gem(4),
 http://www.openbsd.org/cgi-bin/man.cgi?query=re";>re(4) and
 http://www.openbsd.org/cgi-bin/man.cgi?query=cas";>cas(4)
-drivers can now be processed in parallel of the rest of the kernel
+drivers can now be processed in parallel of the rest of the kernel.
 The Rx ring of the
 http://www.openbsd.org/cgi-bin/man.cgi?query=cnmac";>cnmac(4)
-driver can now be processed in parallel of the rest of the kernel
+driver can now be processed in parallel of the rest of the kernel.
 
 
 
@@ -401,13 +401,20 @@ to 5.9.
 and reduce dynamic linking overhead.
 Handle intra-thread kills via new
 http://www.openbsd.org/cgi-bin/man.cgi?query=thrkill";>thrkill(2)
-system call to tighten pledge(2) restrictions and improve 
pthread_kill(3)
-and pthread_cancel(3) compliance.
+system call to tighten
+http://www.openbsd.org/cgi-bin/man.cgi?query=pledge";>pledge(2).
+restrictions and improve
+http://www.openbsd.org/cgi-bin/man.cgi?query=pthread_kill";>pthread_kill(3)
+and
+http://www.openbsd.org/cgi-bin/man.cgi?query=pthread_cancel";>pthread_cancel(3)
+compliance.
 Added http://www.openbsd.org/cgi-bin/man.cgi?query=getpwnam_shadow";>
 getpwnam_shadow(3)
 and http://www.openbsd.org/cgi-bin/man.cgi?query=getpwuid_shadow";>
 getpwuid_shadow(3)
-to permit tighter pledge(2) restrictions.
+to permit tighter
+http://www.openbsd.org/cgi-bin/man.cgi?query=pledge";>pledge(2).
+restrictions.
 Added support to
 http://www.openbsd.org/cgi-bin/man.cgi?query=ktrace";>ktrace(1)
 the arguments to
@@ -525,7 +532,7 @@ to 5.9.
 based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt.
   http://www.openbsd.org/cgi-bin/man.cgi?query=ssh";>ssh(1):
-Add an AddKeysToAgent client option which can be set to
+add an AddKeysToAgent client option which can be set to
 yes, no, ask, or confirm, and
 defaults to no.  When enabled, a private key that is used
 during authentication will be added to
@@ -578,7 +585,7 @@ to 5.9.
 http://www.openbsd.org/cgi-bin/man.cgi?query=sshd";>sshd(8):
 refine compatibility workarounds for WinSCP.
   Fix a number of memory faults (double-free, free of uninitialised
-memory, etc) in
+memory, etc.) in
 http://www.openbsd.org/cgi-bin/man.cgi?query=ssh";>ssh(1)
 and
 http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen";>ssh-keygen(1).
@@ -676,7 +683,7 @@ to 5.9.
 http://www.openbsd.org/cgi-bin/man.cgi?query=sshd";>sshd(8):
 fix som

Re: OpenNTP features

2016-03-18 Thread Theo de Raadt 
> * Maxchange
> Maximum allowed offset corrected on a clock update. If the delta is
> bigger ntpd exists.

I don't see the purpose of that.

> * Polltime
> maxpoll /minpoll : setting the minimum/maximum polling interval

Have you measured the actual $ cost for what it does now, and determined
that it is completely outside your budget?

> * Offline mode
> You tell the ntpd that network is not available. So it will not keep
> trying to connect to ntp servers.

you already have that:  /etc/rc.d/ntpd stop


I don't see the need for these features.

cannot allocate memory

2016-03-18 Thread Roman Gorelov 
I have strange issues. I installed go port and figured out that go
compiler and executables produced by it require 770 MB of datasize.
I bumped datasize-max and datasize-cur of login class `default' to
771 MB. Then programs being run as another user stopped working with
`cannot allocate memory' error, while there's clearly plenty of
memory. E.g. useradd -m a7sl4 ; doas -u a7sl4 mpv "$x". Then reboot,
cannot login as usual user to xdm. Login(1)s on ttys didn't even run.
Logged in as root to xdm, changed login class of user to `staff', and
then only relogged as usual user. I don't really know what is going
on and appreciate any help.

ps auxw

USER   PID %CPU %MEM   VSZ   RSS TT  STAT  STARTED   TIME COMMAND
_x11  2566 21.8  1.5 13536 15856 ??  Rs 2:51AM1:39.99 
/usr/X11R6/bin/X :0 vt05 -auth /etc/X11/xdm/authdir/authfiles/A:0
root 1  0.0  0.0   480   480 ??  Ss 2:51AM0:01.15 /sbin/init
root  3899  0.0  0.0   628   396 ??  Is 2:51AM0:00.04 dhclient: 
alc0 [priv] (dhclient)
_dhcp14600  0.0  0.0   744   484 ??  Is 2:51AM0:00.01 dhclient: 
alc0 (dhclient)
_syslogd 28193  0.0  0.1   944  1296 ??  S  2:51AM0:00.05 
/usr/sbin/syslogd
root 15932  0.0  0.1   944  1160 ??  Is 2:51AM0:00.02 syslogd: 
[priv] (syslogd)
root 20610  0.0  0.1   624   552 ??  Is 2:51AM0:00.04 pflogd: 
[priv] (pflogd)
_pflogd  31696  0.0  0.0   688   364 ??  S  2:51AM0:00.05 pflogd: 
[running] -s 160 -i pflog0 -f /var/log/pflog (pflogd)
root  2681  0.0  0.1   660  1316 ??  I rlkok pckbc0
  noram
Namei Sys-cacheProc-cacheNo-cache  42 ndcpy
Calls hits%hits %miss   % fltcp
  256  256  10015 zfod
   29 cow
Disks   sd0  8359 fmin
seeks   11145 ftarg
xfers 1   itarg
speed   10K49 wired
  sec   0.1   pdfre
  pdscn
  pzidle
   26 kmapent












IPKTS
OPKTS


dmesg

OpenBSD 5.8 (GENERIC.MP) #1: Wed Mar 16 10:05:46 CET 2016

r...@stable-58-i386.mtier.org:/binpatchng/work-binpatch58-i386/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF,ITSC
real mem  = 1060052992 (1010MB)
avail mem = 1026433024 (978MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 03/15/11, SMBIOS rev. 2.7 @ 0xe96d0 (31 entries)
bios0: vendor American Megatrends Inc. version "X101CH.1203" date 07/30/2012
bios0: ASUSTeK COMPUTER INC. X101CH
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC MCFG RTCF HPET SSDT SLIC BGRT
acpi0: wakeup devices P0P8(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) 
RP03(S4) PXSX(S4) RP04(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
mtrr: Pentium Pro MTRR support, 7 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=22785, max=32960
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu1: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF,ITSC
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu2: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF,ITSC
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz
cpu3: 
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,DTES64,MWAIT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,LAHF,PERF,ITSC
ioapic0 at mainbus0: apid 4 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xe000, bus 0-255
acpihpet0 at acp

Re: reference ipsec.conf in ipsec.4 under SEE ALSO?

2016-03-18 Thread Rob Pierce 
> From: "Jason McIntyre" 
> To: "misc" 
> Sent: Friday, March 18, 2016 5:40:07 PM
> Subject: Re: reference ipsec.conf in ipsec.4 under SEE ALSO?

> On Fri, Mar 18, 2016 at 04:59:29PM -0400, Rob Pierce wrote:
>> I think it make sense for ipsec.4 to reference it's own configuration file 
>> under
> > SEE ALSO.


> fixed, thanks. but note SEE ALSO is sorted by section first, so it should
> be after the options Xr.

> jmc
I totally missed that, thanks! 

Rob

Re: Ruby 1.9.3 package on OpenBSD 5.9 (snapshots) missing

2016-03-18 Thread ML mail 
You mean I should just take the ports.tar.gz file of OpenBSD 5.8 and compile 
ruby 1.9 from there? 


I don't really know where is this CVS attic that you mention. 




On Friday, March 18, 2016 9:55 PM, Jeremy Evans  wrote:
On Fri, Mar 18, 2016 at 10:49 AM, ML mail  wrote:

> Thanks for the info. I have now started to compile Ruby 1.9.3 on OpenBSD
> 5.9 but face the following errors:
>

Check the port out of the CVS Attic, and try to built it via the ports
system (it may need a few patches).

Ruby 1.8.7 is still needed by other packages in the ports tree, which is
why it is still in ports.  Ruby 1.9.3 is not used by anything else in the
ports tree, so it was removed after Ruby 2.0 was EOL.


Thanks,
Jeremy

Re: reference ipsec.conf in ipsec.4 under SEE ALSO?

2016-03-18 Thread Jason McIntyre 
On Fri, Mar 18, 2016 at 04:59:29PM -0400, Rob Pierce wrote:
> I think it make sense for ipsec.4 to reference it's own configuration file 
> under SEE ALSO.
> 

fixed, thanks. but note SEE ALSO is sorted by section first, so it should
be after the options Xr.

jmc

> Index: ipsec.4
> ===
> RCS file: /cvs/src/share/man/man4/ipsec.4,v
> retrieving revision 1.83
> diff -u -p -r1.83 ipsec.4
> --- ipsec.4   16 Feb 2015 16:38:54 -  1.83
> +++ ipsec.4   18 Mar 2016 20:51:05 -
> @@ -378,6 +378,7 @@ allocations).
>  .\".Xr ipcomp 4 ,
>  .Xr options 4 ,
>  .Xr iked 8 ,
> +.Xr ipsec.conf 5 ,
>  .Xr ipsecctl 8 ,
>  .Xr isakmpd 8 ,
>  .Xr sysctl 8

Re: Ruby 1.9.3 package on OpenBSD 5.9 (snapshots) missing

2016-03-18 Thread Fred 

On 03/18/16 22:08, ML mail wrote:

You mean I should just take the ports.tar.gz file of OpenBSD 5.8 and compile 
ruby 1.9 from there?


I don't really know where is this CVS attic that you mention.


Deleted files go to the attic in CVS:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/1.9/Attic/

hth

Fred

Ruby 1.9.3 package on OpenBSD 5.9 (snapshots) missing

2016-03-18 Thread ML mail 
Hi,

I just noticed that there is no Ruby version 1.9.3 package anymore in OpenBSD 
5.9 (snapshots) although there is still version 1.8.7... Any ideas why? or was 
it simply forgotten?

Regards
ML