Re: l2tp and openbsd 6.1
Quoting Stuart Henderson: On 2017-10-02, Charles Amstutz wrote: Hello Sterling, Thanks for the response. I changed it to ike passive esp transport \ proto udp from $public_ip to any port 1701 \ main auth "hmac-sha1" enc "aes-256" group modp1024\ quick auth "hmac-sha1" enc "aes-256" \ PSK "PSK-GOES-HERE" and still no luck. I found out that Android 8 will connect (using aes). I am dumpping pflog0 and seeing no blocks. However, that doesn't mean it still isn't a potential pf problem I guess. However, if IOS and android 8 would connect, I would think that would rule a pf problem? Is there a way to turn on additional debugging? I'm using isakmpd -K in rc.conf.local, so not using isakmpd.policy/.conf (from my understanding) Everything in /var/log/messages is just from npppd. Unless I'm reading it wrong, there doesn't appear to be any errors. I have "isakmpd_flags=-Kv -D0=29 -D1=49 -D2=10 -D3=30 -D5=20 -D6=30 -D8=30 -D9=30 -D10=20" in rc.conf.local as a general-purpose debugging config, then if there's a particular area I look at isakmpd source to see if I need to bump one of them up a little. These end up in /var/log/daemon (or start it by hand to run in the foreground using -d). 1) Can you have more than one ike line in ipsec.conf? from my presumption of looking at sites on the internet, you can, however, I am not sure. You can, *but* only one "default peer" ("to any" line) will take effect. https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless it is just two examples That site makes it look like you can use the two, but it won't work like that. One config will override the other. I don't know about Android 8 but have been able to use iPhones as well as Android tablets with the following on an older version on OpenBSD. Hope this is helpful and not sending the OP in the wrong direction. In npppd.conf, I am using interface tun0 address 10.0.0.1 ipcp IPCP bind tunnel from L2TP_ipv4 authenticated by LOCAL to tun0 instead of interface pppx0 address 10.0.0.1 ipcp IPCP bind tunnel from L2TP authenticated by LOCAL to pppx0 and in pf.conf, I have pass in quick on tun0 inet proto tcp from 10.0.0.0/24 -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited vsan...@foretell.ca
Re: l2tp and openbsd 6.1
On 2017-10-02, Charles Amstutzwrote: > Hello Sterling, > > Thanks for the response. I changed it to > > ike passive esp transport \ >proto udp from $public_ip to any port 1701 \ >main auth "hmac-sha1" enc "aes-256" group modp1024\ >quick auth "hmac-sha1" enc "aes-256" \ >PSK "PSK-GOES-HERE" > > and still no luck. I found out that Android 8 will connect (using aes). I > am dumpping pflog0 and seeing no blocks. However, that doesn't mean it still > isn't a potential pf problem I guess. However, if IOS and android 8 would > connect, I would think that would rule a pf problem? > > Is there a way to turn on additional debugging? I'm using isakmpd -K in > rc.conf.local, so not using isakmpd.policy/.conf (from my understanding) > Everything in /var/log/messages is just from npppd. Unless I'm reading it > wrong, there doesn't appear to be any errors. I have "isakmpd_flags=-Kv -D0=29 -D1=49 -D2=10 -D3=30 -D5=20 -D6=30 -D8=30 -D9=30 -D10=20" in rc.conf.local as a general-purpose debugging config, then if there's a particular area I look at isakmpd source to see if I need to bump one of them up a little. These end up in /var/log/daemon (or start it by hand to run in the foreground using -d). >> 1) Can you have more than one ike line in ipsec.conf? from my >> presumption of looking at sites on the internet, you can, however, I am not >> sure. You can, *but* only one "default peer" ("to any" line) will take effect. >> https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless >> it is just two examples That site makes it look like you can use the two, but it won't work like that. One config will override the other.
Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'
> The error is missing when I do a reboot Oh, I missed this bit before... That's rather unexpected. Please set LD_DEBUG= in the environment as well (or instead?) and see if you get anything useful from the output there (there will be a couple of screens full, but should fit within the dmesg -s buffer). You might be out of luck for new snapshots for a little while..
Re: l2tp and openbsd 6.1
Hello Sterling, Thanks for the response. I changed it to ike passive esp transport \ proto udp from $public_ip to any port 1701 \ main auth "hmac-sha1" enc "aes-256" group modp1024\ quick auth "hmac-sha1" enc "aes-256" \ PSK "PSK-GOES-HERE" and still no luck. I found out that Android 8 will connect (using aes). I am dumpping pflog0 and seeing no blocks. However, that doesn't mean it still isn't a potential pf problem I guess. However, if IOS and android 8 would connect, I would think that would rule a pf problem? Is there a way to turn on additional debugging? I'm using isakmpd -K in rc.conf.local, so not using isakmpd.policy/.conf (from my understanding) Everything in /var/log/messages is just from npppd. Unless I'm reading it wrong, there doesn't appear to be any errors. -Original Message- From: Sterling Archer [mailto:deb...@gmail.com] Sent: Monday, October 2, 2017 5:35 PM To: Charles AmstutzCc: misc@openbsd.org Subject: Re: l2tp and openbsd 6.1 On Mon, Oct 2, 2017 at 10:03 PM, Charles Amstutz wrote: > Hello everyone, > > I'm new to this list and l2tp/openbsd (but do have working UNIX/Linux > knowledge). After searching the previous forum posts (and the internet) I > have found a lot of information on l2tp ipsec.conf connection strings. > However, I can't get android to connect. I keep getting IKE negotiation > failed errors. > > I've looked at sites such as: > > http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-andro > id-601-ios.html > https://www.authbsd.com/blog/?p=20 > http://daemonforums.org/showthread.php?t=10326 > https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openb > sd-invalid_cookie/ > https://man.openbsd.org/npppd.conf.5 > https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for- > ios-and-osx/ > https://marc.info/?l=openbsd-misc=145922338026396=2 > https://marc.info/?l=openbsd-misc=145614573528471=2 > https://www.mail-archive.com/misc@openbsd.org/msg145747.html > ... etc > > > I can get IOS to connect, but I can't get android 7 to connect. I've > read that android has bugs with the vpn client in 6.x and 7.x (not > sure if it is fixed in 8 or not). However, what is confusing is it > connections just fine To my windows l2tp server. Bug tracker: > https://issuetracker.google.com/issues/37074640#c35 > > > My goal: Setup openbsd to work with IOS/android/windows/whatever. > > My questions. > > > 1) Can you have more than one ike line in ipsec.conf? from my > presumption of looking at sites on the internet, you can, however, I am not > sure. > > https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless > it is just two examples > > > 2) Every time I read a site that says, "this configuration worked for me > on android", it doesn't work for me. I presume it is my lack of > understanding, though, I'm not ruling out the possible android bug. > > > I appreciate any help. > > > > Here is my ipsec.conf (this allows IOS to connect) > > public_ip = "x.x.x.x" > > > > ike passive esp transport \ > > proto udp from $public_ip to any port 1701 \ > > main auth "hmac-sha1" enc "aes" group modp1024\ > > quick auth "hmac-sha1" enc "aes" \ > > psk "PSK-GOES-HERE" > > Here is my npppd.conf > > > > authentication LOCAL type local { > > users-file "/etc/npppd/npppd-users" > > } > > > > tunnel L2TP protocol l2tp { > > listen on 0.0.0.0 > > listen on :: > > } > > > > ipcp IPCP { > > pool-address 10.0.0.101-10.0.0.254 > > dns-servers x.x.x.x > > } > > > > # use pppx(4) interface. use an interface per a ppp session. > > interface pppx0 address 10.0.0.1 ipcp IPCP > > bind tunnel from L2TP authenticated by LOCAL to pppx0 I'm able to connect using a similar setup, but using aes-256 instead of aes as encoding in ipsec.conf. -- :wq!
Re: l2tp and openbsd 6.1
On Mon, Oct 2, 2017 at 10:03 PM, Charles Amstutzwrote: > Hello everyone, > > I'm new to this list and l2tp/openbsd (but do have working UNIX/Linux > knowledge). After searching the previous forum posts (and the internet) I > have found a lot of information on l2tp ipsec.conf connection strings. > However, I can't get android to connect. I keep getting IKE negotiation > failed errors. > > I've looked at sites such as: > > http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-android-601-ios.html > https://www.authbsd.com/blog/?p=20 > http://daemonforums.org/showthread.php?t=10326 > https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openbsd-invalid_cookie/ > https://man.openbsd.org/npppd.conf.5 > https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for-ios-and-osx/ > https://marc.info/?l=openbsd-misc=145922338026396=2 > https://marc.info/?l=openbsd-misc=145614573528471=2 > https://www.mail-archive.com/misc@openbsd.org/msg145747.html > ... etc > > > I can get IOS to connect, but I can't get android 7 to connect. I've read > that android has bugs with the vpn client in 6.x and 7.x (not sure if it is > fixed in 8 or not). However, what is confusing is it connections just fine > To my windows l2tp server. Bug tracker: > https://issuetracker.google.com/issues/37074640#c35 > > > My goal: Setup openbsd to work with IOS/android/windows/whatever. > > My questions. > > > 1) Can you have more than one ike line in ipsec.conf? from my > presumption of looking at sites on the internet, you can, however, I am not > sure. > > https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless it is > just two examples > > > 2) Every time I read a site that says, "this configuration worked for me > on android", it doesn't work for me. I presume it is my lack of > understanding, though, I'm not ruling out the possible android bug. > > > I appreciate any help. > > > > Here is my ipsec.conf (this allows IOS to connect) > > public_ip = "x.x.x.x" > > > > ike passive esp transport \ > > proto udp from $public_ip to any port 1701 \ > > main auth "hmac-sha1" enc "aes" group modp1024\ > > quick auth "hmac-sha1" enc "aes" \ > > psk "PSK-GOES-HERE" > > Here is my npppd.conf > > > > authentication LOCAL type local { > > users-file "/etc/npppd/npppd-users" > > } > > > > tunnel L2TP protocol l2tp { > > listen on 0.0.0.0 > > listen on :: > > } > > > > ipcp IPCP { > > pool-address 10.0.0.101-10.0.0.254 > > dns-servers x.x.x.x > > } > > > > # use pppx(4) interface. use an interface per a ppp session. > > interface pppx0 address 10.0.0.1 ipcp IPCP > > bind tunnel from L2TP authenticated by LOCAL to pppx0 I'm able to connect using a similar setup, but using aes-256 instead of aes as encoding in ipsec.conf. -- :wq!
l2tp and openbsd 6.1
Hello everyone, I'm new to this list and l2tp/openbsd (but do have working UNIX/Linux knowledge). After searching the previous forum posts (and the internet) I have found a lot of information on l2tp ipsec.conf connection strings. However, I can't get android to connect. I keep getting IKE negotiation failed errors. I've looked at sites such as: http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-android-601-ios.html https://www.authbsd.com/blog/?p=20 http://daemonforums.org/showthread.php?t=10326 https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openbsd-invalid_cookie/ https://man.openbsd.org/npppd.conf.5 https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for-ios-and-osx/ https://marc.info/?l=openbsd-misc=145922338026396=2 https://marc.info/?l=openbsd-misc=145614573528471=2 https://www.mail-archive.com/misc@openbsd.org/msg145747.html ... etc I can get IOS to connect, but I can't get android 7 to connect. I've read that android has bugs with the vpn client in 6.x and 7.x (not sure if it is fixed in 8 or not). However, what is confusing is it connections just fine To my windows l2tp server. Bug tracker: https://issuetracker.google.com/issues/37074640#c35 My goal: Setup openbsd to work with IOS/android/windows/whatever. My questions. 1) Can you have more than one ike line in ipsec.conf? from my presumption of looking at sites on the internet, you can, however, I am not sure. https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless it is just two examples 2) Every time I read a site that says, "this configuration worked for me on android", it doesn't work for me. I presume it is my lack of understanding, though, I'm not ruling out the possible android bug. I appreciate any help. Here is my ipsec.conf (this allows IOS to connect) public_ip = "x.x.x.x" ike passive esp transport \ proto udp from $public_ip to any port 1701 \ main auth "hmac-sha1" enc "aes" group modp1024\ quick auth "hmac-sha1" enc "aes" \ psk "PSK-GOES-HERE" Here is my npppd.conf authentication LOCAL type local { users-file "/etc/npppd/npppd-users" } tunnel L2TP protocol l2tp { listen on 0.0.0.0 listen on :: } ipcp IPCP { pool-address 10.0.0.101-10.0.0.254 dns-servers x.x.x.x } # use pppx(4) interface. use an interface per a ppp session. interface pppx0 address 10.0.0.1 ipcp IPCP bind tunnel from L2TP authenticated by LOCAL to pppx0
Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'
On 2017-10-02 21:54, Jeremie Courreges-Anglas wrote: On Mon, Oct 02 2017, Atanas Vladimirovwrote: On 2017-10-02 18:47, Stuart Henderson wrote: On 2017-10-01, Atanas Vladimirov wrote: I'm running -current and I'm seeing that error on first boot when upgrading to a newer snapshot: .. em0: DHCPACK from 95.87.227.225 (64:87:88:58:b2:b8) em0: bound to 95.87.227.232 -- renewal in 300 seconds ld.so: openvpn: can't load library 'liblzo2.so.1.0' Killed OpenVPN started here ^^ reordering libraries: done. starting early daemons: syslogd pflogd nsd unbound ntpd isakmpd npppd. starting RPC daemons:. savecore: no core dump checking quotas: done. clearing /tmp kern.securelevel: 0 -> 1 creating runtime link editor directory cache. but ldconfig runs here ^^ liblzo2.so.1.0 isn't reachable until the above is run. Try something like "env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib" when starting openvpn from hostname.if. If this used to work, there is a chance that maybe this changed in libexec/ld.so/path.c r1.7. I'm not sure that I did it in the right way: ~$ cat /etc/hostname.tun4 up description dn42-w0h !env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib !/usr/local/sbin/openvpn --daemon --config /etc/dn42-w0h.ovpn This should rather be !env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib /usr/local/sbin/openvpn --daemon --config /etc/dn42-w0h.ovpn Thank you. I'll wait for a newer snapshot and will let you know the result.
Re: vmm issues - vioblk_notifyq: unsupported command 0x8
On 2017-10-02 11:57, Jiri B wrote: > On Mon, Oct 02, 2017 at 02:56:18PM -0400, Josh Grosse wrote: >> Hey Jiri. >> >>> I started this vm with: >>> >>> vmctl start suse01 -c -d $iso -d $disk -L >>> >>> where iso is openSUSE-Leap-42.3-DVD-x86_64.iso[1]. >>> >>> Any idea what's going on? >> >> I'll bet it's because you are attempting to boot a DVD image, >> which doesn't have an MBR. Bootable DVDs use the El Torito >> standard for booting.[1] >> >> Tho the best of my recollection, vmm(4) guests must boot from disk images >> with the seabios or from BSD kernels with -b. > > -b path Boot the VM with the specified kernel or BIOS image. >If not specified, the default is to boot using the BIOS >image in /etc/firmware/vmm-bios. > > IIUC you do not need to define anything, if not specified it is using > seabios. > > I was able to boot opensuse from that dvd, although later on I got an > error in the installer :/ This was because the installer couldn't locate the "dvd", correct? > j. > >> [1] https://en.wikipedia.org/wiki/El_Torito_(CD-ROM_standard) > +--+ Carlos
Re: vmm issues - vioblk_notifyq: unsupported command 0x8
On 2017-10-02 11:34, Jiri B wrote: > Hello, > > I'm playing with vmm and I got these in daemon log: > > Oct 2 20:12:14 t440s vmd[13344]: startup > Oct 2 20:12:14 t440s vmd[53680]: SIOCBRDGADD: No such file or directory > Oct 2 20:12:24 t440s vmd[13344]: suse01: started vm 1 successfully, tty > /dev/ttyp3 > Oct 2 20:13:12 t440s vmd[98531]: vcpu_process_com_data: guest reading com1 > when not ready > Oct 2 20:13:18 t440s last message repeated 5 times > Oct 2 20:13:19 t440s vmd[98531]: vioblk_notifyq: unsupported command 0x8 > Oct 2 20:13:19 t440s last message repeated 3 times > Do you have a /etc/vm.conf file? Trying to identify why you would get an error adding an interface to a bridge before you started your vm. > I started this vm with: > > vmctl start suse01 -c -d $iso -d $disk -L I didn't see in your vm console output, that you told the ISO to redirect your console to /dev/ttyS0 (but I'm guessing you did otherwise, I don't think you would have gotten the boot log info). Does the installer know it's going to do a text mode install? I'm guessing so. > where iso is openSUSE-Leap-42.3-DVD-x86_64.iso[1]. > > Any idea what's going on? dmesg and suse boot log below. > > [1] > https://download.opensuse.org/distribution/leap/42.3/iso/openSUSE-Leap-42.3-DVD-x86_64.iso > > Jiri > > OpenBSD 6.2 (GENERIC.MP) #115: Wed Sep 27 10:45:53 MDT 2017 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > real mem = 12540866560 (11959MB) > avail mem = 12153765888 (11590MB) > mpath0 at root > scsibus0 at mpath0: 256 targets > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdcd3d000 (62 entries) > bios0: vendor LENOVO version "GJET79WW (2.29 )" date 09/03/2014 > bios0: LENOVO 20ARS19C0B > acpi0 at bios0: rev 2 > acpi0: sleep states S0 S3 S4 S5 > acpi0: tables DSDT FACP DBGP ECDT HPET APIC MCFG SSDT SSDT SSDT SSDT SSDT > SSDT SSDT SSDT PCCT SSDT TCPA UEFI POAT ASF! BATB FPDT UEFI DMAR > acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3) > acpitimer0 at acpi0: 3579545 Hz, 24 bits > acpiec0 at acpi0 > acpihpet0 at acpi0: 14318179 Hz > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2694.10 MHz > cpu0: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT > cpu0: 256KB 64b/line 8-way L2 cache > cpu0: TSC frequency 2694099150 Hz > cpu0: smt 0, core 0, package 0 > mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges > cpu0: apic clock running at 99MHz > cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE > cpu1 at mainbus0: apid 1 (application processor) > cpu1: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz > cpu1: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT > cpu1: 256KB 64b/line 8-way L2 cache > cpu1: smt 1, core 0, package 0 > cpu2 at mainbus0: apid 2 (application processor) > cpu2: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz > cpu2: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT > cpu2: 256KB 64b/line 8-way L2 cache > cpu2: smt 0, core 1, package 0 > cpu3 at mainbus0: apid 3 (application processor) > cpu3: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz > cpu3: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT > cpu3: 256KB 64b/line 8-way L2 cache > cpu3: smt 1, core 1, package 0 > ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins > acpimcfg0 at acpi0 addr 0xf800, bus 0-63 > acpiprt0 at acpi0: bus 0 (PCI0) > acpiprt1 at acpi0: bus -1 (PEG_) > acpiprt2 at acpi0: bus 2 (EXP1) > acpiprt3 at acpi0: bus 3 (EXP2) > acpiprt4 at acpi0: bus -1 (EXP3) > acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), > C1(1000@1
[solved]httpd.conf authenticate with question
hi, was my mistake I forgot the evaluation order is diffrent in httpd.conf! put the auth location for the general wildcard location. regards Markus Am 02.10.2017 um 19:13 schrieb Michael Hekeler: location "/some/secret/location/*" { directory index index.php authenticate with "/path/to/the/htpasswd/file" } Can we use "authenticate [realm] with htpasswd" in a location? From httpd.conf(5) I thought http-Auth is enabled in server section and only disabled in location. No? -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: vmm issues - vioblk_notifyq: unsupported command 0x8
On Mon, Oct 02, 2017 at 02:56:18PM -0400, Josh Grosse wrote: > Hey Jiri. > > >I started this vm with: > > > >vmctl start suse01 -c -d $iso -d $disk -L > > > >where iso is openSUSE-Leap-42.3-DVD-x86_64.iso[1]. > > > >Any idea what's going on? > > I'll bet it's because you are attempting to boot a DVD image, > which doesn't have an MBR. Bootable DVDs use the El Torito > standard for booting.[1] > > Tho the best of my recollection, vmm(4) guests must boot from disk images > with the seabios or from BSD kernels with -b. -b path Boot the VM with the specified kernel or BIOS image. If not specified, the default is to boot using the BIOS image in /etc/firmware/vmm-bios. IIUC you do not need to define anything, if not specified it is using seabios. I was able to boot opensuse from that dvd, although later on I got an error in the installer :/ j. > [1] https://en.wikipedia.org/wiki/El_Torito_(CD-ROM_standard)
Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'
On Mon, Oct 02 2017, Atanas Vladimirovwrote: > On 2017-10-02 18:47, Stuart Henderson wrote: >> On 2017-10-01, Atanas Vladimirov wrote: >>> I'm running -current and I'm seeing that error on first boot when >>> upgrading to a newer snapshot: >>> >> .. >>> em0: DHCPACK from 95.87.227.225 (64:87:88:58:b2:b8) >>> em0: bound to 95.87.227.232 -- renewal in 300 seconds >>> ld.so: openvpn: can't load library 'liblzo2.so.1.0' >>> Killed >> >> OpenVPN started here ^^ >> >>> reordering libraries: done. >>> starting early daemons: syslogd pflogd nsd unbound ntpd isakmpd npppd. >>> starting RPC daemons:. >>> savecore: no core dump >>> checking quotas: done. >>> clearing /tmp >>> kern.securelevel: 0 -> 1 >>> creating runtime link editor directory cache. >> >> but ldconfig runs here ^^ >> >> liblzo2.so.1.0 isn't reachable until the above is run. >> >> Try something like "env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib" when >> starting openvpn from hostname.if. >> >> If this used to work, there is a chance that maybe this changed in >> libexec/ld.so/path.c r1.7. > > I'm not sure that I did it in the right way: > > ~$ cat /etc/hostname.tun4 > up > description dn42-w0h > !env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib > !/usr/local/sbin/openvpn --daemon --config /etc/dn42-w0h.ovpn This should rather be !env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib /usr/local/sbin/openvpn --daemon --config /etc/dn42-w0h.ovpn > And after upgrade to the newest snap: > ... > _=/usr/bin/env > INRC=1 > HOME=/ > PATH=/sbin:/bin:/usr/sbin:/usr/bin > LD_LIBRARY_PATH=/usr/lib:/usr/local/lib > ld.so: openvpn: can't load library 'liblz4.so.2.0' > Killed > ... > > Thanks. > -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
vmm issues - vioblk_notifyq: unsupported command 0x8
Hello, I'm playing with vmm and I got these in daemon log: Oct 2 20:12:14 t440s vmd[13344]: startup Oct 2 20:12:14 t440s vmd[53680]: SIOCBRDGADD: No such file or directory Oct 2 20:12:24 t440s vmd[13344]: suse01: started vm 1 successfully, tty /dev/ttyp3 Oct 2 20:13:12 t440s vmd[98531]: vcpu_process_com_data: guest reading com1 when not ready Oct 2 20:13:18 t440s last message repeated 5 times Oct 2 20:13:19 t440s vmd[98531]: vioblk_notifyq: unsupported command 0x8 Oct 2 20:13:19 t440s last message repeated 3 times I started this vm with: vmctl start suse01 -c -d $iso -d $disk -L where iso is openSUSE-Leap-42.3-DVD-x86_64.iso[1]. Any idea what's going on? dmesg and suse boot log below. [1] https://download.opensuse.org/distribution/leap/42.3/iso/openSUSE-Leap-42.3-DVD-x86_64.iso Jiri OpenBSD 6.2 (GENERIC.MP) #115: Wed Sep 27 10:45:53 MDT 2017 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 12540866560 (11959MB) avail mem = 12153765888 (11590MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdcd3d000 (62 entries) bios0: vendor LENOVO version "GJET79WW (2.29 )" date 09/03/2014 bios0: LENOVO 20ARS19C0B acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP DBGP ECDT HPET APIC MCFG SSDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT PCCT SSDT TCPA UEFI POAT ASF! BATB FPDT UEFI DMAR acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2694.10 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: TSC frequency 2694099150 Hz cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0, core 1, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG_) acpiprt2 at acpi0: bus 2 (EXP1) acpiprt3 at acpi0: bus 3 (EXP2) acpiprt4 at acpi0: bus -1 (EXP3) acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu2 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu3 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1 acpipwrres1 at acpi0: NVP3, resource for PEG_ acpipwrres2 at acpi0: NVP2, resource for PEG_ acpitz0 at acpi0: critical temperature is 200 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB "LEN0071" at acpi0 not configured "LEN0036" at acpi0 not configured
Re: boot> does not "time out" after failed PXE boot
Only one boot attempt occurs, whether network or disk. It is expected behaviour. > After a failed/aborted PXE boot (e.g., hitting a key or no network) > a laptop is "hanging" at the (OpenBSD 6.2 snapshot) > >boot > prompt which normally (AFAICT) times out and just boots after a few > seconds (from disk); it boots fine after hitting "Return". > > Can someone please clarify if this is known/expected behaviour or > a problem with the software or the hardware? > > dmesg from the laptop (running a recent snapshot) > > OpenBSD 6.2 (GENERIC.MP) #123: Sat Sep 30 22:51:56 MDT 2017 > dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP > real mem = 8495951872 (8102MB) > avail mem = 8231452672 (7850MB) > mpath0 at root > scsibus0 at mpath0: 256 targets > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xf2440 (67 entries) > bios0: vendor Dell Inc. version "A12" date 05/09/2012 > bios0: Dell Inc. Latitude E6510 > acpi0 at bios0: rev 2 > acpi0: sleep states S0 S3 S4 S5 > acpi0: tables DSDT FACP APIC TCPA MCFG HPET BOOT SLIC SSDT > acpi0: wakeup devices AGP_(S4) P0P1(S4) HDEF(S4) PXSX(S4) RP01(S4) PXSX(S4) > RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) > RP07(S4) PXSX(S4) [...] > acpitimer0 at acpi0: 3579545 Hz, 24 bits > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2660.43 MHz > cpu0: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT > cpu0: 256KB 64b/line 8-way L2 cache > cpu0: TSC frequency 2660428950 Hz > cpu0: smt 0, core 0, package 0 > mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges > cpu0: apic clock running at 132MHz > cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE > cpu1 at mainbus0: apid 4 (application processor) > cpu1: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz > cpu1: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT > cpu1: 256KB 64b/line 8-way L2 cache > cpu1: smt 0, core 2, package 0 > cpu2 at mainbus0: apid 1 (application processor) > cpu2: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz > cpu2: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT > cpu2: 256KB 64b/line 8-way L2 cache > cpu2: smt 1, core 0, package 0 > cpu3 at mainbus0: apid 5 (application processor) > cpu3: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz > cpu3: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT > cpu3: 256KB 64b/line 8-way L2 cache > cpu3: smt 1, core 2, package 0 > ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins > acpimcfg0 at acpi0 addr 0xf800, bus 0-63 > acpihpet0 at acpi0: 14318179 Hz > acpiprt0 at acpi0: bus 0 (PCI0) > acpiprt1 at acpi0: bus -1 (AGP_) > acpiprt2 at acpi0: bus 10 (P0P1) > acpiprt3 at acpi0: bus 1 (RP01) > acpiprt4 at acpi0: bus -1 (RP02) > acpiprt5 at acpi0: bus 2 (RP03) > acpiprt6 at acpi0: bus 4 (RP04) > acpiprt7 at acpi0: bus -1 (RP05) > acpiprt8 at acpi0: bus -1 (RP07) > acpiprt9 at acpi0: bus -1 (RP08) > acpiprt10 at acpi0: bus -1 (PEG3) > acpiprt11 at acpi0: bus -1 (PEG5) > acpiec0 at acpi0 > acpicpu0 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), > C1(1000@3 mwait.1), PSS > acpicpu1 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), > C1(1000@3 mwait.1), PSS > acpicpu2 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), > C1(1000@3 mwait.1), PSS > acpicpu3 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), > C1(1000@3 mwait.1), PSS > "PNP0401" at acpi0 not configured > "DLL040B" at acpi0 not configured > "SMO8800" at acpi0 not configured > acpibtn0 at acpi0: LID_ > acpibtn1 at acpi0: PBTN > acpibtn2 at acpi0: SBTN > acpiac0 at acpi0: AC unit offline > acpibat0 at acpi0: BAT0 model "DELL RG04908" serial 7861 type LION oem "Sanyo" > acpibat1 at acpi0: BAT1 not present > "*pnp0c14" at acpi0 not configured > acpivideo0 at acpi0: VID_ > acpivideo1 at acpi0: VID_ > acpivideo2 at acpi0: VID_ > acpivout0 at acpivideo2: LCD_ > cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2667, 2666, 2533, 2399, 2266, > 2133, 1999, 1866, 1733, 1599, 1466, 1333, 1199 MHz > pci0 at mainbus0 bus 0 > pchb0 at pci0 dev
boot> does not "time out" after failed PXE boot
After a failed/aborted PXE boot (e.g., hitting a key or no network) a laptop is "hanging" at the (OpenBSD 6.2 snapshot) >boot prompt which normally (AFAICT) times out and just boots after a few seconds (from disk); it boots fine after hitting "Return". Can someone please clarify if this is known/expected behaviour or a problem with the software or the hardware? dmesg from the laptop (running a recent snapshot) OpenBSD 6.2 (GENERIC.MP) #123: Sat Sep 30 22:51:56 MDT 2017 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8495951872 (8102MB) avail mem = 8231452672 (7850MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xf2440 (67 entries) bios0: vendor Dell Inc. version "A12" date 05/09/2012 bios0: Dell Inc. Latitude E6510 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC TCPA MCFG HPET BOOT SLIC SSDT acpi0: wakeup devices AGP_(S4) P0P1(S4) HDEF(S4) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP07(S4) PXSX(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2660.43 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: TSC frequency 2660428950 Hz cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 132MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 2, package 0 cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 1, core 0, package 0 cpu3 at mainbus0: apid 5 (application processor) cpu3: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 2, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 10 (P0P1) acpiprt3 at acpi0: bus 1 (RP01) acpiprt4 at acpi0: bus -1 (RP02) acpiprt5 at acpi0: bus 2 (RP03) acpiprt6 at acpi0: bus 4 (RP04) acpiprt7 at acpi0: bus -1 (RP05) acpiprt8 at acpi0: bus -1 (RP07) acpiprt9 at acpi0: bus -1 (RP08) acpiprt10 at acpi0: bus -1 (PEG3) acpiprt11 at acpi0: bus -1 (PEG5) acpiec0 at acpi0 acpicpu0 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS acpicpu1 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS acpicpu2 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS acpicpu3 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205 mwait.3@0x10), C1(1000@3 mwait.1), PSS "PNP0401" at acpi0 not configured "DLL040B" at acpi0 not configured "SMO8800" at acpi0 not configured acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PBTN acpibtn2 at acpi0: SBTN acpiac0 at acpi0: AC unit offline acpibat0 at acpi0: BAT0 model "DELL RG04908" serial 7861 type LION oem "Sanyo" acpibat1 at acpi0: BAT1 not present "*pnp0c14" at acpi0 not configured acpivideo0 at acpi0: VID_ acpivideo1 at acpi0: VID_ acpivideo2 at acpi0: VID_ acpivout0 at acpivideo2: LCD_ cpu0: Enhanced SpeedStep 2660 MHz: speeds: 2667, 2666, 2533, 2399, 2266, 2133, 1999, 1866, 1733, 1599, 1466, 1333, 1199 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel Core Host" rev 0x02 inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics" rev 0x02 drm0 at inteldrm0 intagp0 at inteldrm0 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0: msi inteldrm0: 1920x1080, 32bpp wsdisplay0 at inteldrm0 mux 1:
question on proper ownership and permissions of /var/spool and /var/spool/output for printing
Hello list, Please advise about proper ownership and permissions of /var/spool and /var/spool/output. After every syspatch upgrade I need to set it again to enable printing. Present ownership and permissions after the syspatch upgrade are: Script started on Mon Oct 2 20:10:21 2017 $ ls -lh /var/spool/ total 16 dr-xr-xr-x 5 root wheel512B Apr 1 2017 ftp drwxrwxr-t 3 root dialer 512B Apr 1 2017 lock drwxr-xr-x 3 root wheel512B Sep 19 17:54 output drwx--x--x 8 root wheel512B Oct 2 18:53 smtpd $ ls -lh /var/spool/output/ total 12 -rw-r- 1 daemon daemon27B Sep 19 17:54 lock drwxrwxr-x 2 rootdaemon 512B Apr 1 2017 lpd -rw-rw 1 rootdaemon25B Sep 19 17:53 status $ id branislav uid=1001(branislav) gid=1001(branislav) groups=1001(branislav), 1(daemon), 5(operator), 9(wsrc), 117(dialer), 553(_saned) $ dmesg OpenBSD 6.1 (GENERIC.MP) #21: Wed Aug 30 08:21:38 CEST 2017 rob...@syspatch-61-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/ GENERIC.MP $ ^D Script done on Mon Oct2 20:10:51 2017 Regards, Soko Tica
Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'
On 2017-10-02 18:47, Stuart Henderson wrote: On 2017-10-01, Atanas Vladimirovwrote: I'm running -current and I'm seeing that error on first boot when upgrading to a newer snapshot: .. em0: DHCPACK from 95.87.227.225 (64:87:88:58:b2:b8) em0: bound to 95.87.227.232 -- renewal in 300 seconds ld.so: openvpn: can't load library 'liblzo2.so.1.0' Killed OpenVPN started here ^^ reordering libraries: done. starting early daemons: syslogd pflogd nsd unbound ntpd isakmpd npppd. starting RPC daemons:. savecore: no core dump checking quotas: done. clearing /tmp kern.securelevel: 0 -> 1 creating runtime link editor directory cache. but ldconfig runs here ^^ liblzo2.so.1.0 isn't reachable until the above is run. Try something like "env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib" when starting openvpn from hostname.if. If this used to work, there is a chance that maybe this changed in libexec/ld.so/path.c r1.7. I'm not sure that I did it in the right way: ~$ cat /etc/hostname.tun4 up description dn42-w0h !env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib !/usr/local/sbin/openvpn --daemon --config /etc/dn42-w0h.ovpn And after upgrade to the newest snap: ... _=/usr/bin/env INRC=1 HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin LD_LIBRARY_PATH=/usr/lib:/usr/local/lib ld.so: openvpn: can't load library 'liblz4.so.2.0' Killed ... Thanks.
Re: httpd.conf authenticate with question
> location "/some/secret/location/*" { > directory index index.php > authenticate with "/path/to/the/htpasswd/file" > } > Can we use "authenticate [realm] with htpasswd" in a location? From httpd.conf(5) I thought http-Auth is enabled in server section and only disabled in location. No?
Re: Apollo Lake
The Asrock J3710 is supported with inteldrm and ethernet etc... Predrag Punosevac [punoseva...@gmail.com] wrote: > Hi Misc, > > The motherboard on my desktop machine just died. I would like to go > fanless embedded. Something like ASRock J3455-ITX. > > https://www.newegg.com/Product/Product.aspx?Item=N82E16813157728=1 > > However I am bit concern about Apollo Lake family of products. Can > anyone post a dmesg? I am open for any suggestions. > > Best, > Predrag
Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'
On 2017-10-01, Atanas Vladimirovwrote: > I'm running -current and I'm seeing that error on first boot when > upgrading to a newer snapshot: > .. > em0: DHCPACK from 95.87.227.225 (64:87:88:58:b2:b8) > em0: bound to 95.87.227.232 -- renewal in 300 seconds > ld.so: openvpn: can't load library 'liblzo2.so.1.0' > Killed OpenVPN started here ^^ > reordering libraries: done. > starting early daemons: syslogd pflogd nsd unbound ntpd isakmpd npppd. > starting RPC daemons:. > savecore: no core dump > checking quotas: done. > clearing /tmp > kern.securelevel: 0 -> 1 > creating runtime link editor directory cache. but ldconfig runs here ^^ liblzo2.so.1.0 isn't reachable until the above is run. Try something like "env LD_LIBRARY_PATH=/usr/lib:/usr/local/lib" when starting openvpn from hostname.if. If this used to work, there is a chance that maybe this changed in libexec/ld.so/path.c r1.7.
Re: Fw: cwm questions
On Mon, 02 Oct 2017 08:22 +, Dell Sanders wrote: > Is there a way to bind a key to move a window to specified position on > the screen (for example coordinates 0,0)? Might have to resort to an external program like xdotool.
httpd.conf authenticate with question
Hi there, I can protecat a location with a password like so: location "/some/secret/location/*" { directory index index.php authenticate with "/path/to/the/htpasswd/file" } this works if I request https://my.domain.tld/some/secret/location/ and it will ask for the password but if I request https://my.domain.tld/some/secret/location/index.php It will simply load the site without asking for credentials. So how do I prevent the access over a full url ??? Regards -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: du algorithm to calculate diskspace
On Mon, Oct 02, 2017 at 12:11:21PM +0200, Peter Hessler wrote: > hardlinks will not duplicate disk space. > > scp doesn't understand hardlinks. > > > On 2017 Oct 02 (Mon) at 12:08:28 +0200 (+0200), rosjat wrote: > :hi there, > : > :I just noticed, while copying stuf from a very old OpenBSD 4.2 to a OpenBSD > :6.1 that du on both systems gives me different results. Did something change > :in the calculation from 4.2 to 6.1 ? > : > :for example > : > :4.2 calculates ~ 136MB > :6.1 calculates ~ 148MB > : > :I copied the files with scp > : > :regards > : > :-- > :Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de > : > :G+H Webservice GbR Gorzolla, Herrmann > :Königsbrücker Str. 70, 01099 Dresden > : > :http://www.ghweb.de > :fon: +49 351 8107220 fax: +49 351 8107227 > : > :Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you > :print it, think about your responsibility and commitment to the ENVIRONMENT > : > > -- > Indifference will be the downfall of mankind, but who cares? It is also posisble that your new system uses a larger blocksize for the filesystem. Some time ago defaults changed. A larger blocksize allows for larger filesystems and better performance in most cases, but it will waste some space. -Otto
Re: du algorithm to calculate diskspace
hardlinks will not duplicate disk space. scp doesn't understand hardlinks. On 2017 Oct 02 (Mon) at 12:08:28 +0200 (+0200), rosjat wrote: :hi there, : :I just noticed, while copying stuf from a very old OpenBSD 4.2 to a OpenBSD :6.1 that du on both systems gives me different results. Did something change :in the calculation from 4.2 to 6.1 ? : :for example : :4.2 calculates ~ 136MB :6.1 calculates ~ 148MB : :I copied the files with scp : :regards : :-- :Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de : :G+H Webservice GbR Gorzolla, Herrmann :Königsbrücker Str. 70, 01099 Dresden : :http://www.ghweb.de :fon: +49 351 8107220 fax: +49 351 8107227 : :Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you :print it, think about your responsibility and commitment to the ENVIRONMENT : -- Indifference will be the downfall of mankind, but who cares?
du algorithm to calculate diskspace
hi there, I just noticed, while copying stuf from a very old OpenBSD 4.2 to a OpenBSD 6.1 that du on both systems gives me different results. Did something change in the calculation from 4.2 to 6.1 ? for example 4.2 calculates ~ 136MB 6.1 calculates ~ 148MB I copied the files with scp regards -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: stickers
Secondary sticker sources (like Red Bubble et al) are very low quality compared to the original art and make no money for the project; I wouldn't waste my time on that. I have supplies for my next two laptops, so I suppose we have a year to persuade you on how good would be making stickers again. Regards, 2017-10-02 5:21 GMT+02:00 Theo de Raadt: > > Now that there are no CDs, are stickers also gone? > > I guess many people didn't think through what happened when CD > production stopped. > > Stickers, posters, etc. were subsidized by the sales of CDs. > > With CDs gone, of course there isn't an efficient way to sell > stickers, and make even a few pennies in return for producing art. > > Some shops now print our older stickers or newer (minimal) release > art, and there's nothing we can do about it. We can complain but it > solves nothing. The project and I don't get a single penny. > > Sure those of you who want the stickers benefit, but that's selfish > isn't it. > > The OpenBSD Foundation never participated in making artwork. It was > always done by me, out of CD income. It was a tremendous amount of > effort twice a year, coming up with the ideas and completing them. > When CDs stopped returning at least some income, that process had to > stop for everything. > >
Re: cwm questions
Hello Dell, the current key bindings are displayed in cwm(1), your settings in cwmrc(5) override these. There is currently no way to move windows, to a specified position, with a keyboard shortcut. You can still move windows with ALT+M1 or resize with ALT+M1+M3. This is a faster way, than with keyboard shortcuts. Regards, Stefan Von: test1dellb...@yahoo.co.uk Gesendet: 2. Oktober 2017 10:27 vorm. An: misc@openbsd.org Antworten: test1dellb...@yahoo.co.uk Betreff: Fw: cwm questions Thanks Stefan, but even after a reboot, CM-r (window-vtile) does not work. Perhaps CM-r is not bound to anything. Is there anyway to display the current key bindings in cwm? Is there a way to bind a key to move a window to specified position on the screen (for example coordinates 0,0)? On Sunday, 1 October 2017, 13:13, "Kapfhammer, Stefan"wrote: Hey Dell, I am working with cwm since OpenBSD 5.8 I inserted the command you mentioned in my ~/.cwmrc and restarted cwm with CMS-r (The default for restarting cwm) CM-r works as expected and moves the window, the mouse cursor is in, to the left half of the screen. Did you move the mouse cursor to the background and then press the CMS-r to restart cwm? Maybe some programs own keybindings surpress the desired action in cwm. I am using OpenBSD 6.1-stable. There is a little difference with windows-vtile between -current and 6.1-stable, as mentioned below: Current: http://man.openbsd.org/amd64/cwmrc.5#BIND_FUNCTION_LIST "Current window is placed on the left of the screen, maximized vertically and resized to half of the horizontal screen space. Other windows in its group share remaining screen space." 6.1-stable: http://man.openbsd.org/OpenBSD-6.1/amd64/cwmrc.5#BIND_FUNCTION_LIST "Current window is placed on the left of the screen and maximized vertically, other windows in its group share remaining screen space." Regards, Stefan Von: test1dellb...@yahoo.co.uk Gesendet: 1. Oktober 2017 9:07 vorm. An: misc@openbsd.org Antworten: test1dellb...@yahoo.co.uk Betreff: cwm questions Hello, I have recently installed OpenBSD snapshot 6.2.I created a simple ~/.cwmrc with a single line - bind-key CM-r window-vtile then I restarted cwm, opened a few windows and hit CTRL-ALT-r. I expected the current window to move to the left half of the screen but it did not work.I tried this with xterm, firefox, keepassx and vim as current windows but nothing happened.Does anyone know why? Is there a way to bind a key to move a window to specified position on the screen (for example coordinates 0,0)?
Fw: cwm questions
Thanks Stefan, but even after a reboot, CM-r (window-vtile) does not work. Perhaps CM-r is not bound to anything. Is there anyway to display the current key bindings in cwm? Is there a way to bind a key to move a window to specified position on the screen (for example coordinates 0,0)? On Sunday, 1 October 2017, 13:13, "Kapfhammer, Stefan"wrote: Hey Dell, I am working with cwm since OpenBSD 5.8 I inserted the command you mentioned in my ~/.cwmrc and restarted cwm with CMS-r (The default for restarting cwm) CM-r works as expected and moves the window, the mouse cursor is in, to the left half of the screen. Did you move the mouse cursor to the background and then press the CMS-r to restart cwm? Maybe some programs own keybindings surpress the desired action in cwm. I am using OpenBSD 6.1-stable. There is a little difference with windows-vtile between -current and 6.1-stable, as mentioned below: Current: http://man.openbsd.org/amd64/cwmrc.5#BIND_FUNCTION_LIST "Current window is placed on the left of the screen, maximized vertically and resized to half of the horizontal screen space. Other windows in its group share remaining screen space." 6.1-stable: http://man.openbsd.org/OpenBSD-6.1/amd64/cwmrc.5#BIND_FUNCTION_LIST "Current window is placed on the left of the screen and maximized vertically, other windows in its group share remaining screen space." Regards, Stefan Von: test1dellb...@yahoo.co.uk Gesendet: 1. Oktober 2017 9:07 vorm. An: misc@openbsd.org Antworten: test1dellb...@yahoo.co.uk Betreff: cwm questions Hello, I have recently installed OpenBSD snapshot 6.2.I created a simple ~/.cwmrc with a single line - bind-key CM-r window-vtile then I restarted cwm, opened a few windows and hit CTRL-ALT-r. I expected the current window to move to the left half of the screen but it did not work.I tried this with xterm, firefox, keepassx and vim as current windows but nothing happened.Does anyone know why? Is there a way to bind a key to move a window to specified position on the screen (for example coordinates 0,0)?
Re: the whole greylisting, spam filtering thing
Hi there again, so I will try to ask the question about implementing rspam on a dedicated machine oder at the mailsystem again because I don't know if it was lost in the converstion :). Is there some effort in NOT run rspamd on the same machine as the mailsystem? I was just wondering because it could make some transitioning a little easier but if the amount of "workarounds" to relays mails through another instance is not worth it then I will go with spamfilterting on the mailsystem. regards -- Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT