af-to ipv6 -> ipv4 server

[lists+misc]

Hello all!

I'm new to ipv6, and was hoping that someone could check my
understanding of the af-to option.

My ISP has given me a /64 block - say 1234:1234:1234:5d6f:/64

I have a subnet of servers that are ipv4-only, and want to use the af-to
option to provide some of these servers with ipv6 addresses.  I did not
have luck with auto-translation, but don't really need it.  I just want
to map 1 ipv6 external ip to 1 ipv4 ip.

The rule I came up with is:

pass in quick on egress inet6 proto { tcp udp } from any to \
1234:1234:1234:5d6f:::a65:64 port dns af-to inet \
from 10.101.0.1 to 10.101.0.100 port dns

Is there anything inherently wrong with doing it this way?  I ask,
because all the examples I've seen so far are dealing with entire
subnets.

Thanks!

One more off-topic question... my ISP has given me a /64.  It's my
understanding that rtadvd is unable to work with anything smaller than
that -- eg if I wanted to split out several /96's on the internal
interfaces?

Re: Resize partitions?

[Nick Holland]

On 10/03/17 10:10, Niels Kobschaetzki wrote:
> On 17/10/03 13:48, Niels Kobschaetzki wrote:
>> Hi,
>> 
>> I am running currently constantly into the problem that I do not
>> have enough space left for installing packages and today even
>> upgrading a snapshot failed because I had not enough space left. Is
>> there a way to resize partitions? I guess probably not because
>> there is no volume manager, right? I used originally the suggested
>> layout by the installer. Any idea what could fill up the space on
>> /? The partition is only 1GB in size and if I see it correctly only
>> the base-system is installed there. Did base grew with the latest
>> snapshots?
> 
> I found the problem. It sat in front of the keyboard m) At some point
> I created apparently by accident a huge file in /dev and that ate up
> all the space in / One problem solved. Now to my other space-problems
> where resizing would be a solution but maybe I just need to tidy up
> more.

and that's one reason we tell you to partition the heck out of your system.

Best/worst story I heard along those lines was someone who typoed their
backup script, and instead of writing to tape, wrote to a FILE in /dev.
Unfortunately, they used one big partition, so there was plenty of space
for this file...but of course, if the bad thing happened, the tape was
blank.

If you fill a 100M root partition, you clean up junk you left laying
around.  If you fill a 1G root partition, something went horribly wrong,
and you find and fix the problem.  Enlarging is NOT the answer there.

Disks are stupid big these days.  You can't get too small a disk for
many applications.  Leave most of your disk unpartitioned, and you can
go back and "enlarge" anything you want at a later time (well...'cept
for root.  and 1G is a HUGE root partition).  Just create a new
partition, copy everything from the old to the new, change fstab, reboot.

Nick.

Re: 6.1 amd64 errata 30_xrstor patch fails

[Paulm]

On Wed, Oct 04, 2017 at 12:59:36AM +0200, Oliver Marugg wrote:
> sorry for my previous markdown formatted mail:
> I entered the commands correctly:
> 
> ...
> # KK=`sysctl -n kern.osversion | cut -d# -f1`
> # cd /usr/src/sys/arch/`machine`/compile/$KK
> # make obj
> # make config
> make: don't know how to make config
> Stop in /usr/src/sys/arch/amd64/compile/GENERIC.MP
> ...
> 

FWIW - it worked for me (OpenBSD ... 6.1 GENERIC.MP#4 amd64):

# KK=`sysctl -n kern.osversion | cut -d# -f1`
# cd /usr/src/sys/arch/`machine`/compile/$KK  
# make obj
# make config
cd /usr/obj/sys/arch/amd64/compile/GENERIC.MP && config -s /usr/src/sys -b 
/usr/src/sys/arch/amd64/compile/GENERIC.MP/obj 
/usr/src/sys/arch/amd64/conf/GENERIC.MP
#

Re: 6.1 amd64 errata 30_xrstor patch fails

[Oliver Marugg]

sorry for my previous markdown formatted mail:
I entered the commands correctly:

...
# KK=`sysctl -n kern.osversion | cut -d# -f1`
# cd /usr/src/sys/arch/`machine`/compile/$KK
# make obj
# make config
make: don't know how to make config
Stop in /usr/src/sys/arch/amd64/compile/GENERIC.MP
...

6.1 amd64 errata 30_xrstor patch fails

[Oliver Marugg]

Just wanted to update one of my servers (6.1-stable) with erata 30 
xrstor


# signify -Vep /etc/signify/openbsd-61-base.pub -x 030_xrstor.patch.sig 
\

-m - | (cd /usr/src && patch -p0)

Hmm...  Looks like a unified diff to me...
The text leading up to this was:
--
|Signature Verified
|
|OpenBSD 6.1 errata 030, October 4th, 2017:
|
|Correctly handle exceptions when restoring an invalid FPU context.
|
|Apply by doing:
|signify -Vep /etc/signify/openbsd-61-base.pub -x 
030_xrstor.patch.sig \

|-m - | (cd /usr/src && patch -p0)
|
|And then rebuild and install a new kernel:
|KK=`sysctl -n kern.osversion | cut -d# -f1`
|cd /usr/src/sys/arch/`machine`/compile/$KK
|make obj
|make config
|make
|make install
|
|Index: sys/arch/amd64/amd64/fpu.c
|===
|RCS file: /cvs/src/sys/arch/amd64/amd64/fpu.c,v
|retrieving revision 1.35
|diff -u -p -u -r1.35 fpu.c
|--- sys/arch/amd64/amd64/fpu.c 29 May 2017 14:19:49 -  1.35
|+++ sys/arch/amd64/amd64/fpu.c 3 Oct 2017 04:38:35 -
--
Patching file sys/arch/amd64/amd64/fpu.c using Plan A...
Hunk #1 succeeded at 56 (offset 1 line).
Hunk #2 succeeded at 256 (offset 1 line).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--
|Index: sys/arch/amd64/amd64/locore.S
|===
|RCS file: /cvs/src/sys/arch/amd64/amd64/locore.S,v
|retrieving revision 1.87
|diff -u -p -u -r1.87 locore.S
|--- sys/arch/amd64/amd64/locore.S  6 Jul 2017 06:17:04 -   
1.87

|+++ sys/arch/amd64/amd64/locore.S  3 Oct 2017 04:38:35 -
--
Patching file sys/arch/amd64/amd64/locore.S using Plan A...
Hunk #1 succeeded at 1203 (offset 512 lines).
Hmm...  The next patch looks like a unified diff to me...
The text leading up to this was:
--
|Index: sys/arch/amd64/amd64/trap.c
|===
|RCS file: /cvs/src/sys/arch/amd64/amd64/trap.c,v
|retrieving revision 1.58
|diff -u -p -u -r1.58 trap.c
|--- sys/arch/amd64/amd64/trap.c16 Sep 2017 02:03:40 -  
1.58

|+++ sys/arch/amd64/amd64/trap.c3 Oct 2017 04:38:35 -
--
Patching file sys/arch/amd64/amd64/trap.c using Plan A...
Hunk #1 succeeded at 148 (offset 4 lines).
Hunk #2 succeeded at 218 (offset 14 lines).
Hunk #3 succeeded at 246 (offset 6 lines).
done
# KK=`sysctl -n kern.osversion | cut -d# -f1`
# cd /usr/src/sys/arch/`machine`/compile/$KK
# make obj
# make config
make: don't know how to make config
Stop in /usr/src/sys/arch/amd64/compile/GENERIC.MP
# KK=`sysctl -n kern.osversion | cut -d# -f1`
# cd /usr/src/sys/arch/`machine`/compile/$KK
# make obj
# make config
make: don't know how to make config
Stop in /usr/src/sys/arch/amd64/compile/GENERIC.MP
# make
cc -D_LOCORE -x assembler-with-cpp -Werror -Wall 
-Wimplicit-function-declaration  -Wno-uninitialized -Wno-pointer-sign  
-Wframe-larger-than=2047 -mcmodel=kernel -mno-red-zone -mno-sse2 
-mno-sse -mno-3dnow  -mno-mmx -msoft-float -fno-omit-frame-pointer 
-ffreestanding -fno-pie -nostdinc -I/usr/src/sys 
-I/usr/src/sys/arch/amd64/compile/GENERIC.MP/obj -I/usr/src/sys/arch 
-DDDB -DDIAGNOSTIC -DKTRACE -DACCOUNTING -DKMEMSTATS -DPTRACE -DCRYPTO 
-DSYSVMSG -DSYSVSEM -DSYSVSHM -DUVM_SWAP_ENCRYPT -DFFS -DFFS2 
-DFFS_SOFTUPDATES -DUFS_DIRHASH -DQUOTA -DEXT2FS -DMFS -DNFSCLIENT 
-DNFSSERVER -DCD9660 -DUDF -DMSDOSFS -DFIFO -DFUSE -DSOCKET_SPLICE 
-DTCP_SACK -DTCP_ECN -DTCP_SIGNATURE -DART -DINET6 -DIPSEC -DPPP_BSDCOMP 
-DPPP_DEFLATE -DPIPEX -DMROUTING -DMPLS -DBOOT_CONFIG -DUSER_PCICONF 
-DAPERTURE -DMTRR -DNTFS -DHIBERNATE -DPCIVERBOSE -DUSBVERBOSE 
-DWSDISPLAY_COMPAT_USL -DWSDISPLAY_COMPAT_RAWKBD 
-DWSDISPLAY_DEFAULTSCREENS="6" -DX86EMU -DONEWIREVERBOSE 
-DMULTIPROCESSOR -DMAXUSERS=80 -D_KERNEL -MD -MP -c 
/usr/src/sys/arch/amd64/amd64/locore.S

/usr/src/sys/arch/amd64/amd64/locore.S: Assembler messages:
/usr/src/sys/arch/amd64/amd64/locore.S:441: Error: undefined symbol 
`NKL4_KIMG_ENTRIES' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:441: Error: undefined symbol 
`NKL3_KIMG_ENTRIES' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:441: Error: undefined symbol `L0' 
in operation
/usr/src/sys/arch/amd64/amd64/locore.S:441: Error: undefined symbol 
`NDML3_ENTRIES' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:441: Error: undefined symbol `L0' 
in operation
/usr/src/sys/arch/amd64/amd64/locore.S:446: Error: undefined symbol 
`NKL4_KIMG_ENTRIES' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:446: Error: undefined symbol 
`NKL3_KIMG_ENTRIES' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:469: Error: undefined symbol 
`PG_V' in operation
/usr/src/sys/arch/amd64/amd64/locore.S:469: Error: undefined symbol 
`PG_KR' in operation

Re: simple-mtpfs kernel panic

[Olivier Antoine]

Hi,

I tested this patch. From what I've seen, it works perfectly.
After suspend / resume, I did not notice any problem.

Thanks for the resolution of this bug.



On Tue, Oct 3, 2017 at 11:27 AM, Martin Pieuchot  wrote:
> On 01/10/17(Sun) 20:35, Olivier Antoine wrote:
>> Hi,
>>
>> Looks like this bug: 
>>
>> I can also reproduce this with:
>>
>> $ while true ; do adb shell ls / ; adb kill-server ; done
>>
>> The code which is triggered in /sys/dev/usb/ehci.c:
>>
>> ehci_device_clear_toggle(struct usbd_pipe *pipe)
>> {
>> struct ehci_pipe *epipe = (struct ehci_pipe *)pipe;
>>
>> #ifdef DIAGNOSTIC
>> if ((epipe->sqh->qh.qh_qtd.qtd_status & htole32(EHCI_QTD_ACTIVE)) != 
>> 0)
>> panic("ehci_device_clear_toggle: queue active");
>> #endif
>> epipe->sqh->qh.qh_qtd.qtd_status &= htole32(~EHCI_QTD_TOGGLE_MASK);
>> }
>>
>> Don't know if it's hardware specific. But I can confirm that it hit me too.
>
> Bug reports without dmesg are useless, see sendbug(1).
>
> Anyway, here's a diff that should fix the problem.  However last I
> couldn't narrow down possible regressions.  So make sure everything
> works with it, including suspend/resume.
>
> Index: ehci.c
> ===
> RCS file: /cvs/src/sys/dev/usb/ehci.c,v
> retrieving revision 1.200
> diff -u -p -r1.200 ehci.c
> --- ehci.c  15 May 2017 10:52:08 -  1.200
> +++ ehci.c  3 Oct 2017 09:24:08 -
> @@ -116,6 +116,7 @@ usbd_status ehci_open(struct usbd_pipe *
>  intehci_setaddr(struct usbd_device *, int);
>  void   ehci_poll(struct usbd_bus *);
>  void   ehci_softintr(void *);
> +intehci_start(struct ehci_softc *);
>  intehci_intr1(struct ehci_softc *);
>  void   ehci_check_intr(struct ehci_softc *, struct usbd_xfer *);
>  void   ehci_check_qh_intr(struct ehci_softc *, struct usbd_xfer *);
> @@ -188,12 +189,11 @@ int   ehci_alloc_sitd_chain(struct ehci_s
>  void   ehci_abort_isoc_xfer(struct usbd_xfer *xfer,
> usbd_status status);
>
> -usbd_statusehci_device_setintr(struct ehci_softc *, struct ehci_soft_qh 
> *,
> -   int ival);
> +struct ehci_soft_qh * ehci_intr_get_sqh(struct usbd_pipe *);
>
> -void   ehci_add_qh(struct ehci_soft_qh *, struct ehci_soft_qh *);
> -void   ehci_rem_qh(struct ehci_softc *, struct ehci_soft_qh *);
> -void   ehci_set_qh_qtd(struct ehci_soft_qh *, struct ehci_soft_qtd 
> *);
> +void   ehci_add_qh(struct usbd_pipe *, struct ehci_soft_qh *,
> +   struct ehci_soft_qtd *);
> +void   ehci_rem_qh(struct ehci_softc *, struct usbd_pipe *);
>  void   ehci_sync_hc(struct ehci_softc *);
>
>  void   ehci_close_pipe(struct usbd_pipe *);
> @@ -295,7 +295,7 @@ ehci_reverse_bits(u_int8_t c, int nbits)
>  usbd_status
>  ehci_init(struct ehci_softc *sc)
>  {
> -   u_int32_t sparams, cparams, hcr;
> +   uint32_t sparams;
> u_int i, j;
> usbd_status err;
> struct ehci_soft_qh *sqh;
> @@ -316,20 +316,8 @@ ehci_init(struct ehci_softc *sc)
> sparams = EREAD4(sc, EHCI_HCSPARAMS);
> DPRINTF(("ehci_init: sparams=0x%x\n", sparams));
> sc->sc_noport = EHCI_HCS_N_PORTS(sparams);
> -   cparams = EREAD4(sc, EHCI_HCCPARAMS);
> -   DPRINTF(("ehci_init: cparams=0x%x\n", cparams));
> -
> -   /* MUST clear segment register if 64 bit capable. */
> -   if (EHCI_HCC_64BIT(cparams))
> -   EWRITE4(sc, EHCI_CTRLDSSEGMENT, 0);
> -
> sc->sc_bus.usbrev = USBREV_2_0;
>
> -   DPRINTF(("%s: resetting\n", sc->sc_bus.bdev.dv_xname));
> -   err = ehci_reset(sc);
> -   if (err)
> -   return (err);
> -
> if (ehcixfer == NULL) {
> ehcixfer = malloc(sizeof(struct pool), M_DEVBUF, M_NOWAIT);
> if (ehcixfer == NULL) {
> @@ -365,8 +353,6 @@ ehci_init(struct ehci_softc *sc)
> for (i = 0; i < sc->sc_flsize; i++)
> sc->sc_flist[i] = htole32(EHCI_LINK_TERMINATE);
>
> -   EOWRITE4(sc, EHCI_PERIODICLISTBASE, DMAADDR(>sc_fldma, 0));
> -
> sc->sc_softitds = mallocarray(sc->sc_flsize,
> sizeof(struct ehci_soft_itd *), M_USB, M_NOWAIT | M_ZERO);
> if (sc->sc_softitds == NULL) {
> @@ -412,7 +398,6 @@ ehci_init(struct ehci_softc *sc)
> sqh->qh.qh_qtd.qtd_next = htole32(EHCI_LINK_TERMINATE);
> sqh->qh.qh_qtd.qtd_altnext = htole32(EHCI_LINK_TERMINATE);
> sqh->qh.qh_qtd.qtd_status = htole32(EHCI_QTD_HALTED);
> -   sqh->sqtd = NULL;
> usb_syncmem(>dma, sqh->offs, sizeof(sqh->qh),
> BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
> }
> @@ -443,18 +428,47 @@ ehci_init(struct ehci_softc *sc)
> sqh->qh.qh_qtd.qtd_next 

Re: l2tp and openbsd 6.1

[Noth]

The problem is on Android 6.x/7.x that need to be rooted to change their 
ipsec settings to allow for higher encryption. The following works on 
those OSes:


cat ipsec.conf:

ike passive esp transport \
    proto udp from "publicip" to any port l2tp \
    main group "modp1024" \
    quick group "modp1024" \
    psk "yourpass"

It's bad, but what can you do? Google won't deal with it, and the 
vendors claim it would break current solutions. I've seen in debug that 
after a few tries Android would give the right aes2-256 keying but by 
then isakmpd was having none of it...


Cheers,

Noth


On 03/10/17 00:49, Charles Amstutz wrote:

Hello Sterling,

Thanks for the response. I changed it to

ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth "hmac-sha1" enc "aes-256" group modp1024\
quick auth "hmac-sha1" enc "aes-256" \
PSK "PSK-GOES-HERE"

and still no luck. I found out that Android 8 will connect (using aes).   I am 
dumpping pflog0 and seeing no blocks. However, that doesn't mean it still isn't 
a potential pf problem I guess. However, if IOS and android 8 would connect, I 
would think that would rule a pf problem?

Is there a way to turn on additional debugging?  I'm using isakmpd -K in 
rc.conf.local, so not using isakmpd.policy/.conf  (from my understanding)
Everything in /var/log/messages is just from npppd. Unless I'm reading it 
wrong, there doesn't appear to be any errors.



-Original Message-
From: Sterling Archer [mailto:deb...@gmail.com]
Sent: Monday, October 2, 2017 5:35 PM
To: Charles Amstutz 
Cc: misc@openbsd.org
Subject: Re: l2tp and openbsd 6.1

On Mon, Oct 2, 2017 at 10:03 PM, Charles Amstutz  
wrote:

Hello everyone,

I'm new to this list and l2tp/openbsd (but do have working UNIX/Linux 
knowledge).  After searching the previous forum posts (and the internet) I have 
found a lot of information on l2tp ipsec.conf connection strings. However, I 
can't get android to connect. I keep getting IKE negotiation failed errors.

I've looked at sites such as:

http://bluepilltech.blogspot.com/2017/02/openbsd-l2tp-over-ipsec-andro
id-601-ios.html
https://www.authbsd.com/blog/?p=20
http://daemonforums.org/showthread.php?t=10326
https://rzemieniecki.wordpress.com/2014/05/28/debugging-ipsec-on-openb
sd-invalid_cookie/
https://man.openbsd.org/npppd.conf.5
https://blog.gordonturner.com/2016/12/10/openbsd-6-0-vpn-endpoint-for-
ios-and-osx/
https://marc.info/?l=openbsd-misc=145922338026396=2
https://marc.info/?l=openbsd-misc=145614573528471=2
https://www.mail-archive.com/misc@openbsd.org/msg145747.html
... etc


I can get IOS to connect, but I can't get android 7 to connect.  I've
read that android has bugs with the vpn client in 6.x and 7.x (not
sure if it is fixed in 8 or not). However, what is confusing is it
connections just fine To my windows l2tp server.  Bug tracker:
https://issuetracker.google.com/issues/37074640#c35


My goal: Setup openbsd to work with IOS/android/windows/whatever.

My questions.


1)  Can you have more than one ike line in ipsec.conf? from my presumption 
of looking at sites on the internet, you can, however, I am not sure.

https://www.authbsd.com/blog/?p=20 makes it seem like you can, unless
it is just two examples


2)  Every time I read a site that says, "this configuration worked for me on 
android", it doesn't work for me. I presume it is my lack of understanding, though, 
I'm not ruling out the possible android bug.


I appreciate any help.



Here is my ipsec.conf (this allows IOS to connect)

public_ip = "x.x.x.x"



ike passive esp transport \

   proto udp from $public_ip to any port 1701 \

   main auth "hmac-sha1" enc "aes" group modp1024\

   quick auth "hmac-sha1" enc "aes" \

   psk "PSK-GOES-HERE"

 Here is my npppd.conf



authentication LOCAL type local {

 users-file "/etc/npppd/npppd-users"

}



tunnel L2TP protocol l2tp {

 listen on 0.0.0.0

 listen on ::

}



ipcp IPCP {

 pool-address 10.0.0.101-10.0.0.254

 dns-servers x.x.x.x

}



# use pppx(4) interface.  use an interface per a ppp session.

interface pppx0 address 10.0.0.1 ipcp IPCP

bind tunnel from L2TP authenticated by LOCAL to pppx0

I'm able to connect using a similar setup, but using aes-256 instead of aes as 
encoding in ipsec.conf.

--
:wq!

pf route-to vs static route

[Scott Bonds]

Hi everybody. I used to host my own email and I have ambitions to give 
it another try. I prefer to keep my email on my home server if I can, 
but I use Comcast and they block port 25. So, I thought I'd try setting 
up an IKEDv2 based VPN between my home network (including my email 
server at home) and a VPS which doesn't have any ports blocked, so as to 
have an unblocked path to the internet for my email traffic from my home 
network.


I've got the VPN setup and working fine. I'm able to ping from my home 
servers through the VPN and out the cloud server. I'm able to telnet 
port 25 from my home network too:


$ ping -I $vpn_if_ip 8.8.8.8
$ telnet -b $vpn_if_ip smtp.gmail.com 25

Those work great. Adding a route works great too, i.e.:

# route add smtp.gmail.com $vpn_if
# telnet smtp.gmail.com 25

That works, and I don't need to specify the -b option with telnet once I 
have the static route setup.


What I'm having trouble with is simulating a static route with PF, so 
instead of setting up a static route for every email server in the 
world, I was hoping I could do something like:


pass out inet proto tcp to port smtp nat-to $vpn_if route-to \
   $vpn_gateway_ip@$vpn_if

So that *only* traffic bound for port 25 gets sent over the VPN 
connection, but it does so for all hosts. Anyhow, I haven't been able to 
get it to work, and I realize I don't understand enough about how pf 
route-to and static routes work and are different from each other.


I've read and reread the nat-to and route-to sections in man pf.conf.  
I've used tcpdump on the various interfaces on both sides of the vpn 
connection to try and understand how the packets are moving, where they 
are stopping and why, in both the static routing scenario (which works) 
and my failed attempts at configuring pf to do something similar (which 
doesn't work). I searched for route-to in the Book of PF 3rd Edition, 
but didn't find it there.


Before I give up on this approach and try using an smtpd relay server or 
relayd or just host my mail on the VPS like any sensible PF newb should 
perhaps do, I thought I'd try subjecting myself to public ridicule and 
the possibility that someone else might have attempted something like 
this before and maybe willing to share their insights and help me 
understand PF vs static routes a bit better than I do today. Thanks to 
those who made it to the bottom of this long email--I'll be grateful for 
any pointers.

Re: vmm issues - vioblk_notifyq: unsupported command 0x8

[Mike Larkin]

On Mon, Oct 02, 2017 at 02:34:58PM -0400, Jiri B wrote:
> Hello,
> 
> I'm playing with vmm and I got these in daemon log:
> 
> Oct  2 20:12:14 t440s vmd[13344]: startup
> Oct  2 20:12:14 t440s vmd[53680]: SIOCBRDGADD: No such file or directory
> Oct  2 20:12:24 t440s vmd[13344]: suse01: started vm 1 successfully, tty 
> /dev/ttyp3
> Oct  2 20:13:12 t440s vmd[98531]: vcpu_process_com_data: guest reading com1 
> when not ready
> Oct  2 20:13:18 t440s last message repeated 5 times
> Oct  2 20:13:19 t440s vmd[98531]: vioblk_notifyq: unsupported command 0x8

PS, this message is harmless, it's because linux is trying to find a serial
number or other unique ID for the disk:

uapi/linux/virtio_blk.h:#define VIRTIO_BLK_T_GET_ID8

... and we don't implement that.

-ml

> Oct  2 20:13:19 t440s last message repeated 3 times
> 
> I started this vm with:
> 
> vmctl start suse01 -c -d $iso -d $disk -L
> 
> where iso is openSUSE-Leap-42.3-DVD-x86_64.iso[1].
> 
> Any idea what's going on? dmesg and suse boot log below.
> 
> [1] 
> https://download.opensuse.org/distribution/leap/42.3/iso/openSUSE-Leap-42.3-DVD-x86_64.iso
> 
> Jiri
> 
> OpenBSD 6.2 (GENERIC.MP) #115: Wed Sep 27 10:45:53 MDT 2017
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 12540866560 (11959MB)
> avail mem = 12153765888 (11590MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdcd3d000 (62 entries)
> bios0: vendor LENOVO version "GJET79WW (2.29 )" date 09/03/2014
> bios0: LENOVO 20ARS19C0B
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP DBGP ECDT HPET APIC MCFG SSDT SSDT SSDT SSDT SSDT 
> SSDT SSDT SSDT PCCT SSDT TCPA UEFI POAT ASF! BATB FPDT UEFI DMAR
> acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpiec0 at acpi0
> acpihpet0 at acpi0: 14318179 Hz
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2694.10 MHz
> cpu0: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
> cpu0: 256KB 64b/line 8-way L2 cache
> cpu0: TSC frequency 2694099150 Hz
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
> cpu0: apic clock running at 99MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz
> cpu1: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
> cpu1: 256KB 64b/line 8-way L2 cache
> cpu1: smt 1, core 0, package 0
> cpu2 at mainbus0: apid 2 (application processor)
> cpu2: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz
> cpu2: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
> cpu2: 256KB 64b/line 8-way L2 cache
> cpu2: smt 0, core 1, package 0
> cpu3 at mainbus0: apid 3 (application processor)
> cpu3: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 2693.77 MHz
> cpu3: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT
> cpu3: 256KB 64b/line 8-way L2 cache
> cpu3: smt 1, core 1, package 0
> ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
> acpimcfg0 at acpi0 addr 0xf800, bus 0-63
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus -1 (PEG_)
> acpiprt2 at acpi0: bus 2 (EXP1)
> acpiprt3 at acpi0: bus 3 (EXP2)
> acpiprt4 at acpi0: bus -1 (EXP3)
> acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), 
> C1(1000@1 mwait.1), PSS
> acpicpu1 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33), 
> C1(1000@1 mwait.1), PSS
> acpicpu2 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 

Re: vmm issues - vioblk_notifyq: unsupported command 0x8

[Mike Larkin]

On Tue, Oct 03, 2017 at 04:49:30AM -0400, Jiri B wrote:
> > > I was able to boot opensuse from that dvd, although later on I got an
> > > error in the installer :/
> > 
> > This was because the installer couldn't locate the "dvd", correct?
> 
> It so seems so.
> 
> ~~~
> Unable to create repository
> from URL 'hd:/?device=/dev/disk/by-id/virtio-_U_2_-part2'.
> 
> Details:
> Invalid query string component 'device=/dev/disk/by-id/virtio-_U_2_-p
> 
> Try again?
> ~~~
> 
> It would be nice to have IDE cdrom emulation.
> 
> j.
> 

your diff is welcome on tech@

Re: Resize partitions?

[Otto Moerbeek]

On Tue, Oct 03, 2017 at 04:10:11PM +0200, Niels Kobschaetzki wrote:

> On 17/10/03 13:48, Niels Kobschaetzki wrote:
> > Hi,
> > 
> > I am running currently constantly into the problem that I do not have 
> > enough space left for installing packages and today even upgrading a 
> > snapshot failed because I had not enough space left.
> > Is there a way to resize partitions? I guess probably not because there is 
> > no volume manager, right?
> > I used originally the suggested layout by the installer. Any idea what 
> > could fill up the space on /? The partition is only 1GB in size and if I 
> > see it correctly only the base-system is installed there. Did base grew 
> > with the latest snapshots?
> 
> I found the problem. It sat in front of the keyboard m)
> At some point I created apparently by accident a huge file in /dev and
> that ate up all the space in /
> One problem solved. Now to my other space-problems where resizing would
> be a solution but maybe I just need to tidy up more.
> 
> -- 
> Schöne Grüße
> 
> Niels

http://www.openbsd.org/faq/faq14.html#GrowPartition has some hints,
but that method only works for partitions that have free space next to
them.  Sometimes you have to move another partition first to create an
empty partition.  Sometimes you are lucky and /tmp is next to the
partion you wat to grow, so you can avoid some juggling. But this is
all pretty risky, mistakes are easily made since this is all hand
work. Often it is jiust easier to backup /etc and /home and other
local stuff and reinstall.

-Otto

Re: boot> does not "time out" after failed PXE boot

[Claus Assmann]

On Tue, Oct 03, 2017, Alexander Hall wrote:
> Unless I'm mistaken, Claus refers to things that happen prior to the
> boot prompt appearing the first time.

Yes. It's the boot order in the BIOS, i.e., it tries PXE boot before
the HD (i.e., before the ">boot" prompt even shows up).

> Once the boot prompt does up,
> I'd expect at least one attempt.

Me too.

Does it fail because I pressed the ESC key to abort the PXE boot
and the ">boot" prompt considers that keystroke as some kind of
input?

> Claus, do you by any chance have anything fancy in /etc/boot.conf?

No, that file doesn't exist on the laptop.

Re: boot> does not "time out" after failed PXE boot

[Alexander Hall]

Unless I'm mistaken, Claus refers to things that happen prior to the boot 
prompt appearing the first time. Once the boot prompt does up, I'd expect at 
least one attempt. 

Claus, do you by any chance have anything fancy in /etc/boot.conf?

/Alexander 

On October 2, 2017 8:30:29 PM GMT+02:00, Theo de Raadt  
wrote:
>Only one boot attempt occurs, whether network or disk.
>
>It is expected behaviour.
>
>> After a failed/aborted PXE boot (e.g., hitting a key or no network)
>> a laptop is "hanging" at the (OpenBSD 6.2 snapshot)
>> >boot
>> prompt which normally (AFAICT) times out and just boots after a few
>> seconds (from disk); it boots fine after hitting "Return".
>> 
>> Can someone please clarify if this is known/expected behaviour or
>> a problem with the software or the hardware?
>> 
>> dmesg from the laptop (running a recent snapshot)
>> 
>> OpenBSD 6.2 (GENERIC.MP) #123: Sat Sep 30 22:51:56 MDT 2017
>>
>dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>> real mem = 8495951872 (8102MB)
>> avail mem = 8231452672 (7850MB)
>> mpath0 at root
>> scsibus0 at mpath0: 256 targets
>> mainbus0 at root
>> bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xf2440 (67 entries)
>> bios0: vendor Dell Inc. version "A12" date 05/09/2012
>> bios0: Dell Inc. Latitude E6510
>> acpi0 at bios0: rev 2
>> acpi0: sleep states S0 S3 S4 S5
>> acpi0: tables DSDT FACP APIC TCPA MCFG HPET BOOT SLIC SSDT
>> acpi0: wakeup devices AGP_(S4) P0P1(S4) HDEF(S4) PXSX(S4) RP01(S4)
>PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4)
>PXSX(S4) RP07(S4) PXSX(S4) [...]
>> acpitimer0 at acpi0: 3579545 Hz, 24 bits
>> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
>> cpu0 at mainbus0: apid 0 (boot processor)
>> cpu0: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2660.43 MHz
>> cpu0:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu0: 256KB 64b/line 8-way L2 cache
>> cpu0: TSC frequency 2660428950 Hz
>> cpu0: smt 0, core 0, package 0
>> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
>> cpu0: apic clock running at 132MHz
>> cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
>> cpu1 at mainbus0: apid 4 (application processor)
>> cpu1: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz
>> cpu1:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu1: 256KB 64b/line 8-way L2 cache
>> cpu1: smt 0, core 2, package 0
>> cpu2 at mainbus0: apid 1 (application processor)
>> cpu2: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz
>> cpu2:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu2: 256KB 64b/line 8-way L2 cache
>> cpu2: smt 1, core 0, package 0
>> cpu3 at mainbus0: apid 5 (application processor)
>> cpu3: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz, 2659.99 MHz
>> cpu3:
>FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,AES,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
>> cpu3: 256KB 64b/line 8-way L2 cache
>> cpu3: smt 1, core 2, package 0
>> ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
>> acpimcfg0 at acpi0 addr 0xf800, bus 0-63
>> acpihpet0 at acpi0: 14318179 Hz
>> acpiprt0 at acpi0: bus 0 (PCI0)
>> acpiprt1 at acpi0: bus -1 (AGP_)
>> acpiprt2 at acpi0: bus 10 (P0P1)
>> acpiprt3 at acpi0: bus 1 (RP01)
>> acpiprt4 at acpi0: bus -1 (RP02)
>> acpiprt5 at acpi0: bus 2 (RP03)
>> acpiprt6 at acpi0: bus 4 (RP04)
>> acpiprt7 at acpi0: bus -1 (RP05)
>> acpiprt8 at acpi0: bus -1 (RP07)
>> acpiprt9 at acpi0: bus -1 (RP08)
>> acpiprt10 at acpi0: bus -1 (PEG3)
>> acpiprt11 at acpi0: bus -1 (PEG5)
>> acpiec0 at acpi0
>> acpicpu0 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205
>mwait.3@0x10), C1(1000@3 mwait.1), PSS
>> acpicpu1 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205
>mwait.3@0x10), C1(1000@3 mwait.1), PSS
>> acpicpu2 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205
>mwait.3@0x10), C1(1000@3 mwait.1), PSS
>> acpicpu3 at acpi0: C3(350@245 mwait.3@0x20), C2(500@205
>mwait.3@0x10), C1(1000@3 mwait.1), PSS
>> "PNP0401" at acpi0 not configured
>> "DLL040B" at acpi0 not configured
>> "SMO8800" at acpi0 not configured
>> acpibtn0 at acpi0: LID_
>> acpibtn1 at acpi0: PBTN
>> acpibtn2 at acpi0: SBTN
>> acpiac0 at acpi0: AC unit offline
>> acpibat0 at acpi0: BAT0 model "DELL 

Re: the whole greylisting, spam filtering thing

[Boudewijn Dijkstra]

Op Sun, 01 Oct 2017 22:11:27 +0200 schreef Rupert Gallagher  
:
Spammers keep trying, from the same IPs, for days here, so graylisting  
is useless for us.


All of them?  On my end about 90% only try once.



--
Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/

Re: Resize partitions?

[Niels Kobschaetzki]

On 17/10/03 13:48, Niels Kobschaetzki wrote:

Hi,

I am running currently constantly into the problem that I do not have enough 
space left for installing packages and today even upgrading a snapshot failed 
because I had not enough space left.
Is there a way to resize partitions? I guess probably not because there is no 
volume manager, right?
I used originally the suggested layout by the installer. Any idea what could 
fill up the space on /? The partition is only 1GB in size and if I see it 
correctly only the base-system is installed there. Did base grew with the 
latest snapshots?


I found the problem. It sat in front of the keyboard m)
At some point I created apparently by accident a huge file in /dev and
that ate up all the space in /
One problem solved. Now to my other space-problems where resizing would
be a solution but maybe I just need to tidy up more.

--
Schöne Grüße

Niels

Resize partitions?

[Niels Kobschaetzki]

Hi,

I am running currently constantly into the problem that I do not have enough 
space left for installing packages and today even upgrading a snapshot failed 
because I had not enough space left. 
Is there a way to resize partitions? I guess probably not because there is no 
volume manager, right?
I used originally the suggested layout by the installer. Any idea what could 
fill up the space on /? The partition is only 1GB in size and if I see it 
correctly only the base-system is installed there. Did base grew with the 
latest snapshots?

Niels

Re: ld.so: openvpn: can't load library 'liblzo2.so.1.0'

[Atanas Vladimirov]

On 2017-10-03 02:35, Stuart Henderson wrote:

The error is missing when I do a reboot


Oh, I missed this bit before... That's rather unexpected. Please set
LD_DEBUG= in the environment as well (or instead?) and see if you get
anything useful from the output there (there will be a couple of 
screens

full, but should fit within the dmesg -s buffer).

You might be out of luck for new snapshots for a little while..


Hello Stuart,
Here is the relevant output (regular reboot) of `dmesg -s` with the 
following in /etc/hostname.tun4


---
up
description dn42-w0h
!env LD_DEBUG= /usr/local/sbin/openvpn --daemon --config 
/etc/dn42-w0h.ovpn

---

After the reboot `tun4` is up and running. Is there a way to "simulate" 
or force a reboot as when I do an upgrade and boot for "first time" the 
new snapshot.

Thanks.

rtld loading: 'openvpn'
exe load offset:  0x13aa4720
 flags /usr/local/sbin/openvpn = 0x0
head /usr/local/sbin/openvpn
obj /usr/local/sbin/openvpn has /usr/local/sbin/openvpn as head
examining: '/usr/local/sbin/openvpn'
loading: liblz4.so.2.0 required by /usr/local/sbin/openvpn
 flags /usr/local/lib/liblz4.so.2.0 = 0x0
obj /usr/local/lib/liblz4.so.2.0 has /usr/local/sbin/openvpn as head
loading: libcrypto.so.42.0 required by /usr/local/sbin/openvpn
 flags /usr/lib/libcrypto.so.42.0 = 0x0
obj /usr/lib/libcrypto.so.42.0 has /usr/local/sbin/openvpn as head
loading: libc.so.90.0 required by /usr/local/sbin/openvpn
 flags /usr/lib/libc.so.90.0 = 0x0
obj /usr/lib/libc.so.90.0 has /usr/local/sbin/openvpn as head
loading: liblzo2.so.1.0 required by /usr/local/sbin/openvpn
 flags /usr/local/lib/liblzo2.so.1.0 = 0x0
obj /usr/local/lib/liblzo2.so.1.0 has /usr/local/sbin/openvpn as head
loading: libssl.so.44.1 required by /usr/local/sbin/openvpn
 flags /usr/lib/libssl.so.44.1 = 0x0
obj /usr/lib/libssl.so.44.1 has /usr/local/sbin/openvpn as head
linking dep /usr/local/lib/liblzo2.so.1.0 as child of 
/usr/local/sbin/openvpn
linking dep /usr/local/lib/liblz4.so.2.0 as child of 
/usr/local/sbin/openvpn

linking dep /usr/lib/libssl.so.44.1 as child of /usr/local/sbin/openvpn
linking dep /usr/lib/libcrypto.so.42.0 as child of 
/usr/local/sbin/openvpn

linking dep /usr/lib/libc.so.90.0 as child of /usr/local/sbin/openvpn
examining: '/usr/local/lib/liblzo2.so.1.0'
examining: '/usr/local/lib/liblz4.so.2.0'
examining: '/usr/lib/libssl.so.44.1'
loading: libcrypto.so.42.0 required by /usr/lib/libssl.so.44.1
linking dep /usr/lib/libcrypto.so.42.0 as child of 
/usr/lib/libssl.so.44.1

examining: '/usr/lib/libcrypto.so.42.0'
examining: '/usr/lib/libc.so.90.0'
 flags /usr/libexec/ld.so = 0x0
obj /usr/libexec/ld.so has /usr/local/sbin/openvpn as head
protect start RELRO = 0x13ad41183f78 in /usr/lib/libc.so.90.0
protect end RELRO = 0x13ad41186000 in /usr/lib/libc.so.90.0
protect start RELRO = 0x13acf6e24bb8 in /usr/lib/libcrypto.so.42.0
protect end RELRO = 0x13acf6e4 in /usr/lib/libcrypto.so.42.0
protect start RELRO = 0x13aca9cae048 in /usr/lib/libssl.so.44.1
protect end RELRO = 0x13aca9cb1000 in /usr/lib/libssl.so.44.1
protect start RELRO = 0x13ace69e3cb0 in /usr/local/lib/liblz4.so.2.0
protect end RELRO = 0x13ace69e4000 in /usr/local/lib/liblz4.so.2.0
protect start RELRO = 0x13acf7ddbc78 in /usr/local/lib/liblzo2.so.1.0
protect end RELRO = 0x13acf7ddc000 in /usr/local/lib/liblzo2.so.1.0
protect start RELRO = 0x13aa474b0348 in /usr/local/sbin/openvpn
protect end RELRO = 0x13aa474b1ff0 in /usr/local/sbin/openvpn
StartEnd  Type Open Ref GrpRef Name
13aa4720 13aa474b3000 exe  10   0  
/usr/local/sbin/openvpn
13acf7bae000 13acf7ddd000 rlib 01   0  
/usr/local/lib/liblzo2.so.1.0
13ace67cd000 13ace69e5000 rlib 01   0  
/usr/local/lib/liblz4.so.2.0
13aca9a6 13aca9cb5000 rlib 01   0  
/usr/lib/libssl.so.44.1
13acf6a74000 13acf6e48000 rlib 02   0  
/usr/lib/libcrypto.so.42.0
13ad40eba000 13ad41199000 rlib 01   0  
/usr/lib/libc.so.90.0
13ad2400 13ad2400 rtld 01   0  
/usr/libexec/ld.so

symcache lookups 342 hits 0 ratio 0% hits
dynamic loading done, success.
tib new=0x13ac4d612a00
setting environ 0x13ad24212530@/usr/libexec/ld.so[0x13ac72660800] from 
0x13ad24212530
setting __progname 0x13ad24212538@/usr/libexec/ld.so[0x13ac72660800] 
from 0x13ad24212538
doing ctors obj 0x13acd564b000 @0x13acf7bae2e0: 
[/usr/local/lib/liblzo2.so.1.0]
doing ctors obj 0x13acd564b400 @0x13ace67cd2e0: 
[/usr/local/lib/liblz4.so.2.0]
doing ctors obj 0x13ac72660c00 @0x13acf6a742e0: 
[/usr/lib/libcrypto.so.42.0]
doing ctors obj 0x13ac72660400 @0x13aca9a602e0: 
[/usr/lib/libssl.so.44.1]

entry point: 0x13aa47201870

Re: Change Time zones cause ddb in 6.2 snapshot

[YASUOKA Masahiko]

The problem is fixed

https://marc.info/?l=openbsd-cvs=150702971726161=2

Thank you for your report.

On Fri, 29 Sep 2017 18:33:50 +0800
"Fung"  wrote:
> snapshots/amd64/
> Build date: 1506531075 - Wed Sep 27 16:51:15 UTC 2017
> 
> how to repeat the problem
> 
> # config -ef /bsd
> [...]
> Enter 'help' for information
> ukc> timezone -480
> timezone = -480, dst = 0
> ukc> quit
> Saving modified kernel.
> 
> reboot 
> 
> wait boot 
> ...
> ...
> ddb>

Re: migrate .htaccess conent to httpd.conf

[Gregory Edigarov]

On 03.10.17 15:10, rosjat wrote:

Hi there,

I was wondering if there is some guidence out there for this sort of 
thing? I know it's possible to simply block directories or put basic 
auth in front of it but what's about some more fine grained stuff for 
a file in a directory? Like this



    order deny,allow
    
    deny from all
    


    
    Require all denied
    


Is there a way to rewrite this for the httpd.conf ?


try this:
location template.* {
    block;
}
untested, but should work.

And 2nd question would be how to give the user a way to implement 
something like it on there own? I was thinking of a simply standard 
include in the server definition but this might mess things up



there is no such thing as .htaccess in httpd.

regards

migrate .htaccess conent to httpd.conf

[rosjat]

Hi there,

I was wondering if there is some guidence out there for this sort of 
thing? I know it's possible to simply block directories or put basic 
auth in front of it but what's about some more fine grained stuff for a 
file in a directory? Like this



order deny,allow

deny from all




Require all denied



Is there a way to rewrite this for the httpd.conf ?

And 2nd question would be how to give the user a way to implement 
something like it on there own? I was thinking of a simply standard 
include in the server definition but this might mess things up


regards

--
Markus Rosjatfon: +49 351 8107223mail: ros...@ghweb.de

G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden

http://www.ghweb.de
fon: +49 351 8107220   fax: +49 351 8107227

Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before 
you print it, think about your responsibility and commitment to the 
ENVIRONMENT

Re: question on proper ownership and permissions of /var/spool and /var/spool/output for printing

[soko.tica]

Mani thanks, Paul, it worked.

On Tue, Oct 3, 2017 at 8:00 AM, Paul de Weerd  wrote:

> Check the path in /etc/printcap and make sure it's correctly set.  You
> want the spool directory (sd) to point at /var/spool/output/lpd.  Note
> that this changed some releases ago.
>
> Permissions there should be:
>
> drwxrwxr-x  2 rootdaemon  512 Sep 15 16:19 .
> drwxr-xr-x  3 rootwheel   512 May 24 14:22 ..
> -rw-rw---x  1 daemon  daemon4 Sep 15 16:18 .seq
> -rw-r-  1 daemon  daemon   32 Sep 15 16:19 lock
> -rw-r--r--  1 daemon  daemon   31 Sep 15 16:19 status
>
> Cheers,
>
> Paul 'WEiRD' de Weerd
>
> On Mon, Oct 02, 2017 at 08:18:21PM +0200, soko.tica wrote:
> | Hello list,
> |
> | Please advise about proper ownership and permissions of /var/spool and
> | /var/spool/output. After every syspatch upgrade I need to set it again to
> | enable printing.
> |
> | Present ownership and permissions after the syspatch upgrade are:
> |
> | Script started on Mon Oct  2 20:10:21 2017
> | $ ls -lh /var/spool/
> | total 16
> | dr-xr-xr-x  5 root  wheel512B Apr  1  2017 ftp
> | drwxrwxr-t  3 root  dialer   512B Apr  1  2017 lock
> | drwxr-xr-x  3 root  wheel512B Sep 19 17:54 output
> | drwx--x--x  8 root  wheel512B Oct  2 18:53 smtpd
> | $ ls -lh /var/spool/output/
> | total 12
> | -rw-r-  1 daemon  daemon27B Sep 19 17:54 lock
> | drwxrwxr-x  2 rootdaemon   512B Apr 1  2017 lpd
> | -rw-rw  1 rootdaemon25B Sep 19 17:53 status
> | $ id branislav
> | uid=1001(branislav) gid=1001(branislav) groups=1001(branislav),
> 1(daemon),
> | 5(operator), 9(wsrc), 117(dialer), 553(_saned)
> | $ dmesg
> | OpenBSD 6.1 (GENERIC.MP) #21: Wed Aug 30 08:21:38 CEST 2017
> | rob...@syspatch-61-amd64.openbsd.org:/usr/src/sys/arch/
> amd64/compile/
> | GENERIC.MP
> | 
> | $ ^D
> |
> | Script done on Mon Oct2 20:10:51 2017
> |
> | Regards,
> |
> | Soko Tica
>
> --
> >[<++>-]<+++.>+++[<-->-]<.>+++[<+
> +++>-]<.>++[<>-]<+.--.[-]
>  http://www.weirdnet.nl/
>

Re: simple-mtpfs kernel panic

[Martin Pieuchot]

On 01/10/17(Sun) 20:35, Olivier Antoine wrote:
> Hi,
> 
> Looks like this bug: 
> 
> I can also reproduce this with:
> 
> $ while true ; do adb shell ls / ; adb kill-server ; done
> 
> The code which is triggered in /sys/dev/usb/ehci.c:
> 
> ehci_device_clear_toggle(struct usbd_pipe *pipe)
> {
> struct ehci_pipe *epipe = (struct ehci_pipe *)pipe;
> 
> #ifdef DIAGNOSTIC
> if ((epipe->sqh->qh.qh_qtd.qtd_status & htole32(EHCI_QTD_ACTIVE)) != 
> 0)
> panic("ehci_device_clear_toggle: queue active");
> #endif
> epipe->sqh->qh.qh_qtd.qtd_status &= htole32(~EHCI_QTD_TOGGLE_MASK);
> }
> 
> Don't know if it's hardware specific. But I can confirm that it hit me too.

Bug reports without dmesg are useless, see sendbug(1).

Anyway, here's a diff that should fix the problem.  However last I
couldn't narrow down possible regressions.  So make sure everything
works with it, including suspend/resume.

Index: ehci.c
===
RCS file: /cvs/src/sys/dev/usb/ehci.c,v
retrieving revision 1.200
diff -u -p -r1.200 ehci.c
--- ehci.c  15 May 2017 10:52:08 -  1.200
+++ ehci.c  3 Oct 2017 09:24:08 -
@@ -116,6 +116,7 @@ usbd_status ehci_open(struct usbd_pipe *
 intehci_setaddr(struct usbd_device *, int);
 void   ehci_poll(struct usbd_bus *);
 void   ehci_softintr(void *);
+intehci_start(struct ehci_softc *);
 intehci_intr1(struct ehci_softc *);
 void   ehci_check_intr(struct ehci_softc *, struct usbd_xfer *);
 void   ehci_check_qh_intr(struct ehci_softc *, struct usbd_xfer *);
@@ -188,12 +189,11 @@ int   ehci_alloc_sitd_chain(struct ehci_s
 void   ehci_abort_isoc_xfer(struct usbd_xfer *xfer,
usbd_status status);
 
-usbd_statusehci_device_setintr(struct ehci_softc *, struct ehci_soft_qh *,
-   int ival);
+struct ehci_soft_qh * ehci_intr_get_sqh(struct usbd_pipe *);
 
-void   ehci_add_qh(struct ehci_soft_qh *, struct ehci_soft_qh *);
-void   ehci_rem_qh(struct ehci_softc *, struct ehci_soft_qh *);
-void   ehci_set_qh_qtd(struct ehci_soft_qh *, struct ehci_soft_qtd *);
+void   ehci_add_qh(struct usbd_pipe *, struct ehci_soft_qh *,
+   struct ehci_soft_qtd *);
+void   ehci_rem_qh(struct ehci_softc *, struct usbd_pipe *);
 void   ehci_sync_hc(struct ehci_softc *);
 
 void   ehci_close_pipe(struct usbd_pipe *);
@@ -295,7 +295,7 @@ ehci_reverse_bits(u_int8_t c, int nbits)
 usbd_status
 ehci_init(struct ehci_softc *sc)
 {
-   u_int32_t sparams, cparams, hcr;
+   uint32_t sparams;
u_int i, j;
usbd_status err;
struct ehci_soft_qh *sqh;
@@ -316,20 +316,8 @@ ehci_init(struct ehci_softc *sc)
sparams = EREAD4(sc, EHCI_HCSPARAMS);
DPRINTF(("ehci_init: sparams=0x%x\n", sparams));
sc->sc_noport = EHCI_HCS_N_PORTS(sparams);
-   cparams = EREAD4(sc, EHCI_HCCPARAMS);
-   DPRINTF(("ehci_init: cparams=0x%x\n", cparams));
-
-   /* MUST clear segment register if 64 bit capable. */
-   if (EHCI_HCC_64BIT(cparams))
-   EWRITE4(sc, EHCI_CTRLDSSEGMENT, 0);
-
sc->sc_bus.usbrev = USBREV_2_0;
 
-   DPRINTF(("%s: resetting\n", sc->sc_bus.bdev.dv_xname));
-   err = ehci_reset(sc);
-   if (err)
-   return (err);
-
if (ehcixfer == NULL) {
ehcixfer = malloc(sizeof(struct pool), M_DEVBUF, M_NOWAIT);
if (ehcixfer == NULL) {
@@ -365,8 +353,6 @@ ehci_init(struct ehci_softc *sc)
for (i = 0; i < sc->sc_flsize; i++)
sc->sc_flist[i] = htole32(EHCI_LINK_TERMINATE);
 
-   EOWRITE4(sc, EHCI_PERIODICLISTBASE, DMAADDR(>sc_fldma, 0));
-
sc->sc_softitds = mallocarray(sc->sc_flsize,
sizeof(struct ehci_soft_itd *), M_USB, M_NOWAIT | M_ZERO);
if (sc->sc_softitds == NULL) {
@@ -412,7 +398,6 @@ ehci_init(struct ehci_softc *sc)
sqh->qh.qh_qtd.qtd_next = htole32(EHCI_LINK_TERMINATE);
sqh->qh.qh_qtd.qtd_altnext = htole32(EHCI_LINK_TERMINATE);
sqh->qh.qh_qtd.qtd_status = htole32(EHCI_QTD_HALTED);
-   sqh->sqtd = NULL;
usb_syncmem(>dma, sqh->offs, sizeof(sqh->qh),
BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
}
@@ -443,18 +428,47 @@ ehci_init(struct ehci_softc *sc)
sqh->qh.qh_qtd.qtd_next = htole32(EHCI_LINK_TERMINATE);
sqh->qh.qh_qtd.qtd_altnext = htole32(EHCI_LINK_TERMINATE);
sqh->qh.qh_qtd.qtd_status = htole32(EHCI_QTD_HALTED);
-   sqh->sqtd = NULL;
usb_syncmem(>dma, sqh->offs, sizeof(sqh->qh),
BUS_DMASYNC_PREWRITE | BUS_DMASYNC_PREREAD);
 
/* Point to async list */
sc->sc_async_head = sqh;
-   EOWRITE4(sc, EHCI_ASYNCLISTADDR, sqh->physaddr | 

Re: vmm issues - vioblk_notifyq: unsupported command 0x8

[Jiri B]

> > I was able to boot opensuse from that dvd, although later on I got an
> > error in the installer :/
> 
> This was because the installer couldn't locate the "dvd", correct?

It so seems so.

~~~
Unable to create repository
from URL 'hd:/?device=/dev/disk/by-id/virtio-_U_2_-part2'.

Details:
Invalid query string component 'device=/dev/disk/by-id/virtio-_U_2_-p

Try again?
~~~

It would be nice to have IDE cdrom emulation.

j.

Re: question on proper ownership and permissions of /var/spool and /var/spool/output for printing

[Paul de Weerd]

Check the path in /etc/printcap and make sure it's correctly set.  You
want the spool directory (sd) to point at /var/spool/output/lpd.  Note
that this changed some releases ago.

Permissions there should be:

drwxrwxr-x  2 rootdaemon  512 Sep 15 16:19 .
drwxr-xr-x  3 rootwheel   512 May 24 14:22 ..
-rw-rw---x  1 daemon  daemon4 Sep 15 16:18 .seq
-rw-r-  1 daemon  daemon   32 Sep 15 16:19 lock
-rw-r--r--  1 daemon  daemon   31 Sep 15 16:19 status

Cheers,

Paul 'WEiRD' de Weerd

On Mon, Oct 02, 2017 at 08:18:21PM +0200, soko.tica wrote:
| Hello list,
| 
| Please advise about proper ownership and permissions of /var/spool and
| /var/spool/output. After every syspatch upgrade I need to set it again to
| enable printing.
| 
| Present ownership and permissions after the syspatch upgrade are:
| 
| Script started on Mon Oct  2 20:10:21 2017
| $ ls -lh /var/spool/
| total 16
| dr-xr-xr-x  5 root  wheel512B Apr  1  2017 ftp
| drwxrwxr-t  3 root  dialer   512B Apr  1  2017 lock
| drwxr-xr-x  3 root  wheel512B Sep 19 17:54 output
| drwx--x--x  8 root  wheel512B Oct  2 18:53 smtpd
| $ ls -lh /var/spool/output/
| total 12
| -rw-r-  1 daemon  daemon27B Sep 19 17:54 lock
| drwxrwxr-x  2 rootdaemon   512B Apr 1  2017 lpd
| -rw-rw  1 rootdaemon25B Sep 19 17:53 status
| $ id branislav
| uid=1001(branislav) gid=1001(branislav) groups=1001(branislav), 1(daemon),
| 5(operator), 9(wsrc), 117(dialer), 553(_saned)
| $ dmesg
| OpenBSD 6.1 (GENERIC.MP) #21: Wed Aug 30 08:21:38 CEST 2017
| rob...@syspatch-61-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/
| GENERIC.MP
| 
| $ ^D
| 
| Script done on Mon Oct2 20:10:51 2017
| 
| Regards,
| 
| Soko Tica

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/