Re: productivity/khard (or python) seem slow

[Paco Esteban]

Hi Joel,

On Wed, 15 May 2019, Joel Carnat wrote:

> Hello,
> 
> I've just setup vdirsync and khard to sync my addressbook from
> nextcloud. It works but querying the local vcf is damm slow. I also
> noticed that ranger felt a bit slow to start but thought it was the
> software ; so I switched to nnn.
> 
> # time (khard list | wc -l)
>  112
>  0m07.10s real 0m04.08s user 0m02.99s system
> 
> Is this an issue with my VM (2 vCPU / 4GB RAM / 20GB SSD) or are Python
> software just slow?

Can't say about your VM. On my desktop:

  $ time (khard list | wc -l)
   104
  ( khard list | wc -l; )  0.51s user 0.25s system 97% cpu 0.779 total

Ranger works just fine. It takes less than a second to start.

Cheers,

-- 
Paco Esteban.
https://onna.be/gpgkey.asc
9A6B 6083 AD9E FDC2 0EAF  5CB3 5818 130B 8A6D BC03

Re: web hosting

[Roderick]

On Wed, 15 May 2019, Gustavo Rios wrote:


I am in need to host my homepage and programs i have written.
Do have any suggestion on web hosting services that alllow ssh access too?


I think, the first step is to see what you need: web hosting or server?
For what do you need ssh?

Do you need to run programs there or just store them? And are they for
the public? Perhaps you only need a public repository, there are a lot,
they offer not only storage.

Yesterday I discovered this one: http://chiselapp.com/

fossil allows you also to write a web page. See here:

https://www.fossil-scm.org

Rodrigo

Re: single user question

[Roderick]

On Thu, 16 May 2019, Ingo Schwarze wrote:


Wow.  Some might feel offended when somebody, in 2019, asks them
to read a text written in 1975 in order to improve their understanding
of computer security.


Or perhaps he should read this to get an idea of how to write an
init program:

https://people.eecs.berkeley.edu/~brewer/cs262/unix.pdf

I am not ashamed because I read it again from time to time. I am
not a system programer, and I like very much the simple way he
explains unix.

Rodrigo

Re: web hosting

[ropers]

AFAICT, devio.us has been in maintenance mode for a while now.
I'm not sure it's coming back, or is it?

On 15/05/2019, Solène Rapenne  wrote:
>
> Le 15 mai 2019 21:06, Gustavo Rios  a écrit :
>>
>> I am in need to host my homepage and programs i have written.
>> Do have any suggestion on web hosting services that alllow ssh access too?
>>
>>
>> Thanks a lot
>>
>> --
>> Pag Bem Fácil Ltda
>> www.pagbemfacil.com.br
>>
>
> You can try some community shell provider like devio.us, sdf.org or
> tilde.town
> You'll have some http space and a ssh shell.
>
>

Re: sndio? aucat -i s.wav: "default: couldn't open audio device"

[Juan Zuluaga]

:(
no, no sound yet, same message as before.

# sndiod -ddd -r 44100 -f rsnd/0 -m play
snd0 pst=cfg.default: play=0:1 vol=23170 dup
helper(helper|ini): created
worker(worker|ini): created
listen(/tmp/sndio/sock0|ini): created
sock(sock|ini): created
sock,rmsg,widl: AUTH message
sock,rmsg,widl: HELLO message
sock,rmsg,widl: hello from , mode = 1, ver 7
aucat0: overwritten slot 0
snd0 pst=cfg: device requested
worker: send: cmd = 0, num = 0, mode = 1, fd = -1
worker: recv: cmd = 3, num = 0, mode = 0, fd = -1
snd0 pst=cfg: rsnd/0: failed to open audio device
sock,rmsg,widl: closing
sock(sock|zom): destroyed
sock(sock|zom): processed in 240002us
helper: recv: cmd = 0, num = 0, mode = 1, fd = -1
helper: send: cmd = 3, num = 0, mode = 0, fd = -1
helper(helper|ini): processed in 247958us


# SNDIO_DEBUG=5 aucat -i sound.wav
_aucat_open: host= unit=0 devnum=0 opt=default
/tmp/sndio-0/sock0: No such file or directory
/tmp/sndio/sock0: connected
_aucat_rmsg: eof
aucat_init: mode refused
/dev/audio0: Invalid argument
default: couldn't open audio device


On Wed, May 15, 2019 at 2:01 AM Alexandre Ratchov  wrote:

> On Tue, May 14, 2019 at 06:57:48PM -0500, Juan Zuluaga wrote:
> > Thank you Alexandre!
> >
> > I did
> > # sndiod -ddd -r 44100 -f rsnd/1 -m play
>
> sorry, there's a typo in the command I sent you, the correct device
> number is "0", as the device appears as "audio0" in dmesg. The correct
> command is:
>
> sndiod -ddd -r 44100 -f rsnd/0 -m play
>
>

I want to use I2Pd on OpenBSD.

[hanayome]

I2P (Invisible Internet Protocol) is a universal anonymous network layer.
Ofcouse I2P(Java) is already exist on packages.

but, I2P is Java application and so big.

While Java I2P and i2pd are both clients for the I2P network.

i2pd has some big differences and advantages:
i2pd is just a router which you can use with other software through I2CP
interface.
i2pd does not require Java. It's written in C++.
i2pd consumes less memory and CPU.
i2pd can be compiled everywhere gcc or clang presented (including
Raspberry and routers).
i2pd has some major optimizations for faster cryptography which leads to
less consumption of processor time and energy.

https://github.com/PurpleI2P/i2pd

Re: single user question

[Ingo Schwarze]

Hi,

Stefan R. Filipek wrote on Wed, May 15, 2019 at 05:20:04PM -0400:

> If you have not already, be sure to read the 1975 paper "The
> Protection of Information in Computer Systems" by Saltzer, et. al., at
> least through section 1 A, for an introduction to computer security.

Wow.  Some might feel offended when somebody, in 2019, asks them
to read a text written in 1975 in order to improve their understanding
of computer security.  That article predates a number of modern
mitigations contained in OpenBSD, including those in UNIX 32v (1979)
and in 3BSD (1980)...  ;-)

Then again, 10 years before he wrote this article, the author, Prof.
Dr. Jerry Salzer, while working on his Ph.D thesis, laid the crucial
foundations for the documentation system we are still using today,
so he appears to have a certain inclination towards creations of
lasting value:

  https://manpages.bsd.lv/history.html

Maybe i should read that article after all...  :-)

Yours,
  Ingo

Re: web hosting

[Solène Rapenne]

Le 15 mai 2019 21:06, Gustavo Rios  a écrit :
>
> I am in need to host my homepage and programs i have written. 
> Do have any suggestion on web hosting services that alllow ssh access too? 
>
> Thanks a lot 
>
> -- 
> Pag Bem Fácil Ltda 
> www.pagbemfacil.com.br 
>

You can try some community shell provider like devio.us, sdf.org or tilde.town
You'll have some http space and a ssh shell.

Re: single user question

[Stefan R. Filipek]

If you have not already, be sure to read the 1975 paper "The
Protection of Information in Computer Systems" by Saltzer, et. al., at
least through section 1 A, for an introduction to computer security.

Re: single user question

[Raul Miller]

On Wed, May 15, 2019 at 3:05 PM James Huddle  wrote:
> What I am trying to do (thank you Troy Martin), is work through
> the standard answers and missteps toward a more secure OS,
> starting with OpenBSD and a flashlight.  It is my humble opinion
> that the optimal number of users for (say) a laptop is one.
> And the optimal number for a server is zero.  I doubt many would
> agree with that assessment, but I'm looking for solutions, regardless.

I'm going to try to phrase this politely, but I might trigger other
people to say some rude things (not sure if they'll be aimed at
myself, or not). Anyways...  I have two hypothetical questions you
should think about:

1) Why do you doubt that many would agree with that assessment?

2) Also, what is a "user"?

If by "user" you mean "person", that leads to some lines of discussion.

If by "user" you mean an integer value which appears under the label
"user_id" (or some variant, such as perhaps "uid") in a C structure,
that leads to other lines of discussion.

If by "user" you mean a line in the /etc/passwd file which identifies
a directory, that leads to yet other lines of discussion.

...

>From skimming this thread, I don't think you mean any of those. But if
no one knows what you mean, it doesn't really matter whether they
agree or disagree with you.

Thanks,

-- 
Raul

Re: ix0: CRITICAL: EXTERNAL PHY OVER TEMP!!

[Predrag Punosevac]

Stuart Henderson wrote:

> On 2019-05-15, Predrag Punosevac  wrote:
> > Hi,
> >
> > I am having an issue with a single 10 Gigabit interface on one of
> Intel
> > Xeon D-1541 network servers. Namely after the reboot the interface
> > appears to be down even with a static route
> >
> > phobos# ifconfig ix0
> > ix0: flags=8843 mtu 1500
> > lladdr ac:1f:6b:19:f7:72
> > index 1 priority 0 llprio 3
> > groups: egress
> > media: Ethernet autoselect
> > status: no carrier
> > inet 128.2.204.160 netmask 0xfc00 broadcast 128.2.207.255
> >
> > The only thing I can see is 
> >
> > ix0: CRITICAL: EXTERNAL PHY OVER TEMP!!  PHY will downshift to lower
> pow
> > er state!
> 
> Looking at the driver it looks like this is a high temperature alarm
> coming from the transceiver (PHY) passed on by the nic. The driver
> attempts to powers down the PHY in this condition, presumably to try to
> avoid damage.
> 
> Is the cooling in this system working correctly?
> 
> Do you still see it if you power it off for a while and let it cool
> down?
> 
> (10GBase-T is relatively power hungry.)


Hi Sten,

The network interface does come after a cold reboot (complete power off
not just reboot command). I replaced network cable and made sure that
university network guys don't have some of DHCP server "enterprise
features" on. Breaking into UEFI is not very useful but I am logged into
IPMI to a two identical SuperMicro X10SDV-TLN4F servers. One of them has
that problematic 

ix0 at pci3 dev 0 function 0 "Intel X552/X557-AT" rev 0x00: msi

interface

The only difference I see is that problematic server run 4 Celsius
degrees warmer (75 instead of 71) but according to the limits I should be
ok up until 95.

Little more search reveals that I am not the only one who got hit with
this thing 

https://tinkertry.com/how-to-work-around-intermittent-intel-x557-network-outages-on-12-core-xeon-d

I will have to think through before I decide what to do. 

Thanks for heads up. 
Predrag

P.S. I was ready to fire up Linux live CD in order to try to reproduce
the problem and see if the Intel guys have pushed some changes into the
Linux version of the driver which is not shared with this community.

Re: web hosting

[noah pugsley]

Second that. Great service, super reliable, and they donate a percentage to the 
foundation.Mischa will take care of you..‎

Sent from mobile.
  Original Message  
From: mathijs
Sent: Wednesday, May 15, 2019 12:12
To: misc@openbsd.org
Subject: Re: web hosting

If you want to get a OpenBSD VM, I would suggest openbsd.amsterdam.


https://openbsd.amsterdam/


Cheers,


Mathijs Hengst

On 5/15/19 9:06 PM, Gustavo Rios wrote:
> I am in need to host my homepage and programs i have written.
> Do have any suggestion on web hosting services that alllow ssh access too?
>
> Thanks a lot
>

Re: web hosting

[mathijs]

If you want to get a OpenBSD VM, I would suggest openbsd.amsterdam.


https://openbsd.amsterdam/


Cheers,


Mathijs Hengst

On 5/15/19 9:06 PM, Gustavo Rios wrote:

I am in need to host my homepage and programs i have written.
Do have any suggestion on web hosting services that alllow ssh access too?

Thanks a lot

Re: single user question

[James Huddle]

>What I"m saying is that it takes less work overall to subtract from a
>system in a supportable way than it is to try and handcraft an
>unsupportable system.

If you know the supportable system well and your goal is only
a slight variation of that that system does, then that makes
perfect sense.

If, on the other hand, you are new to the system, and you
notice many examples of problems caused by what appears
to be the basic underpinnings of the system (things like
multiuser and TCP, itself, not to mention the open, welcoming
nature of open source), the kinds of things hard to avoid in a
modern OS,  then your argument is less convincing.

If what I've said sounds absurd or unsound, a calm reaction
might be, "try building you own OS!"  And I have tried, and it
is not trivial.  So I look for answers outside of that and of course
OpenBSD is the smallest, strongest, most popular alternative
(for people who seek a secure platform).

And I ask simple (sometimes *too* simple!) questions, and get
answers and move slowly forward.

What I am trying to do (thank you Troy Martin), is work through
the standard answers and missteps toward a more secure OS,
starting with OpenBSD and a flashlight.  It is my humble opinion
that the optimal number of users for (say) a laptop is one.
And the optimal number for a server is zero.  I doubt many would
agree with that assessment, but I'm looking for solutions, regardless.

And yes I do respect the decades and megahours that have gone
into Unix and OpenBSD, by people who are far superior to me
intellectually.  My flashlight is weak, but it still works.

Thanks to all (Rodrigo, esp.) for helping me to see straighter.

-Jim



On Fri, May 10, 2019 at 11:52 AM Misc User 
wrote:

> On 5/10/2019 1:28 AM, cho...@jtan.com wrote:
> > Misc User writes:
> >> It is theoretically possible to do that, but you'd have to do -a lot-
> >> of work to get it to do so.  It'd be much easier finding a proper
> >> way to accomplish what you want without running single-user.
> >
> > I wouldn't recommend using single user mode to do anything other than
> > repair but it's not true to say that doing so is a lot of work. /etc/rc
> > is only ~600 lines and a lot of that is unnecessary if the server is
> > going to run a single thing. In many cases you can probably get away
> > with just mount/fsck/pfctl/netstart.
> >
> > There is actually no such thing as "single user mode". All there is is a
> > kernel which hasn't done anything yet, and everything OpenBSD's does as
> > it "enters multi-user mode" is described clearly and comprehensively in
> > /etc/rc. Duplicating what little of it you want is, literally, as simple
> > as copy-paste.
> >
> > Matthew
> >
> What I'm saying is that it would take far more work to get something
> like httpd to run at that stage than it would take to make the changes
> to a fully booted, and supportable, system.  Making changes to rc is
> going to force the system's operator to make adjustments at every
> system upgrade.
>
> Besides, it is possible to build a very light-weight system to run a
> single thing while still be secure and supportable.  I have a VM
> template (Wel, a sitexx.tgz file) that just contains an rc.conf.local,
> a new crontab, a syslogd.conf, and a few trivial scripts.  The system
> weighs in at 8 MB of used RAM in normal operation and a load average of
> zero.  It is also trivial to upgrade, has all its protections, and I can
> remotely monitor it.  Took me two hours to build it, most of that spent
> modifying copies of daily/weekly/monthly to output via syslog instead of
> mail.
>
>
> What I"m saying is that it takes less work overall to subtract from a
> system in a supportable way than it is to try and handcraft an
> unsupportable system.
>

web hosting

[Gustavo Rios]

I am in need to host my homepage and programs i have written.
Do have any suggestion on web hosting services that alllow ssh access too?

Thanks a lot

-- 
Pag Bem Fácil Ltda
www.pagbemfacil.com.br

arpresolve: 10.128.0.1: route contains no arp information

[Greg Steuck]

Looks like I'm on a roll with finding snapshot bugs today. May 15 snapshot
(unlike May 11) experiences arp problems on Google Compute. Full dmesg way
below, but in general it appears dhclient is not getting what it wants and
keeps on asking.
# arp -an
Host Ethernet AddressNetif Expire
Flags
10.128.0.1   (incomplete) vio0 expired
10.128.15.23542:01:0a:80:0f:ebvio0 permanent l
# tcpdump -i vio0 -n -nnXSs 1000
tcpdump: listening on vio0, link-type EN10MB
12:02:30.438513 10.128.15.235.68 > 255.255.255.255.67:  xid:0x6e483c2c
vend-rfc1048 DHCP:REQUEST RQ:10.128.15.235
PR:SM+BR+TZ+121+DG+DN+119+NS+HN+BF+TFTP CID:1.66.1.10.128.15.235 [tos 0x10]
  : 4510 0148   8011 1f2b 0a80 0feb  E..H...+
  0010:   0044 0043 0134 d219 0101 0600  .D.C.4..
  0020: 6e48 3c2c        nH<,
  0030:     4201 0a80 0feb   B...
  0040:          
  0050:          
  0060:          
  0070:          
  0080:          
  0090:          
  00a0:          
  00b0:          
  00c0:          
  00d0:          
  00e0:          
  00f0:          
  0100:     6382 5363 3501 0332  c.Sc5..2
  0110: 040a 800f eb37 0b01 1c02 7903 0f77 060c  .7y..w..
  0120: 4342 3d07 0142 010a 800f ebff    CB=..B..
  0130:          
  0140:      

12:02:30.438647 169.254.169.254.67 > 10.128.15.235.68:  xid:0x6e483c2c
Y:10.128.15.235 S:10.128.0.1 G:10.128.0.1 vend-rfc1048 DHCP:ACK
SID:169.254.169.254 NS:169.254.169.254 LT:86400 DN:"c.syzkaller.internal"
T119:1.99.9.115.121.122.107.97.108.108.101.114.8.105.110.116.101.114.110.97.108.0.6.103.111.111.103.108.101.8.105.110.116.101.114.110.97.108.0
SM:255.255.255.255 DG:10.128.0.1 T121:8202,32768,256,0,0,2688,1 MTU:1460
HN:"ci-openbsd.c.syzkaller.internal" NTP:169.254.169.254 [ttl 1]
  : 4500 01a8   0111 49de a9fe a9fe  E.I.
  0010: 0a80 0feb 0043 0044 0194 6746 0201 0600  .C.D..gF
  0020: 6e48 3c2c     0a80 0feb  nH<,
  0030: 0a80 0001 0a80 0001 4201 0a80 0feb   B...
  0040:          
  0050:          
  0060:          
  0070:          
  0080:          
  0090:          
  00a0:          
  00b0:          
  00c0:          
  00d0:          
  00e0:          
  00f0:          
  0100:     6382 5363 3501 0536  c.Sc5..6
  0110: 04a9 fea9 fe06 04a9 fea9 fe33 0400 0151  ...3...Q
  0120: 800f 1463 2e73 797a 6b61 6c6c 6572 2e69  ...c.syzkaller.i
  0130: 6e74 6572 6e61 6c77 2701 6309 7379 7a6b  nternalw'.c.syzk
  0140: 616c 6c65 7208 696e 7465 726e 616c 0006  aller.internal..
  0150: 676f 6f67 6c65 0869 6e74 6572 6e61 6c00  google.internal.
  0160: 0104   0304 0a80 0001 790e 200a  y. .
  0170: 8000 0100   0a80 0001 1a02 05b4  
  0180: 0c1f 6369 2d6f 7065 6e62 7364 2e63 2e73  ..ci-openbsd.c.s
  0190: 797a 6b61 6c6c 6572 2e69 6e74 6572 6e61  yzkaller.interna
  01a0: 6c2a 04a9 fea9 feff  l*..

May 15 11:55:03 /bsd: OpenBSD 6.5-current (GENERIC.MP) #22: Wed May 15
10:02:36 MDT 2019
May 15 11:55:03 /bsd: dera...@amd64.openbsd.org:
/usr/src/sys/arch/amd64/compile/GENERIC.MP
May 15 11:55:03 /bsd: real mem = 8573145088 (8175MB)
May 15 11:55:03 /bsd: avail mem = 8303222784 (7918MB)
May 15 11:55:03 /bsd: mpath0 at root
May 15 11:55:03 /bsd: scsibus0 at mpath0: 256 targets
May 15 11:55:03 /bsd: mainbus0 at root
May 15 11:55:03 /bsd: bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xbcc0 (20
entries)
May 15 11:55:03 /bsd: bios0: vendor Google version "Google" date 01/01/2011
May 15 11:55:03 /bsd: bios0: Goo

Re: ftp: child terminated: signal 11

[Greg Steuck]

>
> I am preparing a diff to not crash on an invalid URI. Meanwhile,
> IIRC, a valid file URI must one of file:/path, file:///path or
> file://hostname/path.  While omitting hostname, the slash should
> not be omitted. Does file:///disklabel.template work?
>

Thanks Sunil, file:///disklabel.template  does work.

Thanks
Greg
-- 
nest.cx is Gmail hosted, use PGP:
https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3  4D50 0B15 42BD 8DF5 A1B0

Re: ftp: child terminated: signal 11

[Sunil Nimmagadda]

Greg Steuck  wrote:
> Looks like new ftp is not quite a drop-in replacement for the old one. My
> install script[1] that worked for in May 12 snapshot is broken in May 15.
> Most likely it's because of file:// url, but I haven't root-caused it.
> [1]
> https://github.com/google/syzkaller/blob/master/tools/create-openbsd-gce-ci.sh
> 
> The relevant section is:
> 
> Setting OpenBSD MBR partition to whole sd0...done.
> URL to autopartitioning template for disklabel? [none]
> file://disklabel.template
> Fetching file://disklabel.template
> ftp: child terminated: signal 11
> No autopartitioning template found.
> failed; check /tmp/ai/ai.log

Hi,

I am preparing a diff to not crash on an invalid URI. Meanwhile,
IIRC, a valid file URI must one of file:/path, file:///path or
file://hostname/path.  While omitting hostname, the slash should
not be omitted. Does file:///disklabel.template work?

ftp: child terminated: signal 11

[Greg Steuck]

Looks like new ftp is not quite a drop-in replacement for the old one. My
install script[1] that worked for in May 12 snapshot is broken in May 15.
Most likely it's because of file:// url, but I haven't root-caused it.
[1]
https://github.com/google/syzkaller/blob/master/tools/create-openbsd-gce-ci.sh

The relevant section is:

Setting OpenBSD MBR partition to whole sd0...done.
URL to autopartitioning template for disklabel? [none]
file://disklabel.template
Fetching file://disklabel.template
ftp: child terminated: signal 11
No autopartitioning template found.
failed; check /tmp/ai/ai.log

Full transcript below.
% ~/s/syzkaller/tools/create-openbsd-gce-ci.sh
install.site
etc/installurl
etc/rc.conf.local
etc/rc.local
etc/sysctl.conf
1+0 records in
1+0 records out
4096 bytes (4.1 kB, 4.0 KiB) copied, 0.000326984 s, 12.5 MB/s
Executing 'genisoimage -C 16,207104 -M /dev/fd/3 -l -R -graft-points
/6.5/amd64/site65.tgz=site65.tgz /auto_install.conf=auto_install.conf
/disklabel.template=disklabel.template /etc/boot.conf=boot.conf
/etc/random.seed=random.seed | builtin_dd of=install65-amd64-patched.iso
obs=32k seek=12944'
I: -input-charset not specified, using utf-8 (detected in locale settings)
Rock Ridge signatures found
Total translation table size: 0
Total rockridge attributes bytes: 2521
Total directory bytes: 8192
Path table size(bytes): 48
Max brk space used 0
207289 extents written (404 MB)
builtin_dd: 192*2KB out @ average infx1352KBps
install65-amd64-patched.iso: copying volume descriptor(s)
Formatting 'disk.raw', fmt=raw size=10737418240
spawn qemu-system-x86_64 -nographic -smp 2 -drive
if=virtio,file=disk.raw,format=raw -cdrom install65-amd64-patched.iso -net
nic,model=virtio -net user -boot once=d -m 4000 -enable-kvm
>> OpenBSD/amd64 CDBOOT 3.43
boot>
booting cd0a:/6.5/amd64/bsd.rd: 3707729+1532928+3893112+0+598016
[372407+128+451320+300418]=0xa5cbb8
entry point at 0x81001000
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2019 OpenBSD. All rights reserved.
https://www.OpenBSD.org

OpenBSD 6.5-current (RAMDISK_CD) #22: Wed May 15 10:09:19 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 4177387520 (3983MB)
avail mem = 4046807040 (3859MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf68a0 (11 entries)
bios0: vendor SeaBIOS version "1.10.2-1" date 04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: rev 0
acpi0: tables DSDT FACP APIC HPET
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: QEMU Virtual CPU version 2.5+, 2594.33 MHz, 06-06-03
cpu0:
FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,CX16,x2APIC,HV,NXE,LONG,LAHF,MELTDOWN
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: apic clock running at 1000MHz
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu at acpi0 not configured
"ACPI0006" at acpi0 not configured
"PNP0A03" at acpi0 not configured
acpicmos0 at acpi0
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
"ACPI0010" at acpi0 not configured
pvbus0 at mainbus0: KVM
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
"Intel 82371SB ISA" rev 0x00 at pci0 dev 1 function 0 not configured
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel
0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  ATAPI 5/cdrom
removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
"Intel 82371AB Power" rev 0x03 at pci0 dev 1 function 3 not configured
vga1 at pci0 dev 2 function 0 "Bochs VGA" rev 0x02
vga1: aperture needed
wsdisplay1 at vga1 mux 1: console (80x25, vt100 emulation)
virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 52:54:00:12:34:56
virtio0: msix shared
virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus1 at vioblk0: 2 targets
sd0 at scsibus1 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 10240MB, 512 bytes/sector, 20971520 sectors
virtio1: msix shared
isa0 at mainbus0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay1
softraid0 at root
scsibus2 at softraid0: 256 targets
root on rd0a swap on rd0b dump on rd0b
erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to t

productivity/khard (or python) seem slow

[Joel Carnat]

Hello,

I've just setup vdirsync and khard to sync my addressbook from
nextcloud. It works but querying the local vcf is damm slow. I also
noticed that ranger felt a bit slow to start but thought it was the
software ; so I switched to nnn.

# time (khard list | wc -l)
 112
 0m07.10s real 0m04.08s user 0m02.99s system

Is this an issue with my VM (2 vCPU / 4GB RAM / 20GB SSD) or are Python
software just slow?

Thanks.

Re: Blind OpenBSD users

[Dumitru Moldovan]

On Tue, May 14, 2019 at 11:02:47AM +0200, Marc Espie wrote:

As far as I know, the only software we have for blind people
(and not just people with very poor eye sight)
is misc/brltty.


The above might be true only for console applications.

GNOME has support both for low vision users and blind users (which
should install Orca for reading the screen aloud or in Braille.)
More at https://help.gnome.org/users/gnome-help/stable/a11y.html.en

Re: Pf rdr-to and rdomain issue

[Benjamin Girard]

After troubleshooting this a bit more, it appears that adding a default route 
to rdomain0 is sufficient to make it work.
Even if that default route leads to nowhere, the kernel seems to need it to be 
able to move the return traffic back from rdomain0 to rdomain2.

Without a default route, we can see some icmp unreachable packets:

1557916273.174002 ac:1f:6b:2d:bb:ca 52:54:00:d1:c6:a1 0800 70: 172.30.128.83 > 
172.30.128.84: icmp: host 123.123.123.123 unreachable

Just adding a default route with a valid IP on rdomain0 solves the problem.

It looks like a bug in my opinion, or is it the expected behavior?

Thanks,
Ben


From: owner-m...@openbsd.org  on behalf of Benjamin 
Girard 
Sent: 14 May 2019 19:46
To: Josh Grosse; misc@openbsd.org
Subject: Re: Pf rdr-to and rdomain issue

So we did manage to make it work by adding a pair in each rdomain and a default 
route from rdomain 0 using the pair on rdomain 2 as a gateway but it doesn't 
the seem correct.
Is there any better proper way to make the traffic flowing back from one 
rdomain to another when using an rdr-to rule in pf?


From: owner-m...@openbsd.org  on behalf of Benjamin 
Girard 
Sent: 14 May 2019 18:02
To: Josh Grosse; misc@openbsd.org
Subject: Re: Pf rdr-to and rdomain issue

Can't we just use pf to move the traffic, rather than using pair?

From: Josh Grosse 
Sent: 14 May 2019 17:42
To: Benjamin Girard
Subject: Re: Pf rdr-to and rdomain issue

I think pair(4) may come to your rescue.

Re: Blind OpenBSD users

[Stuart Henderson]

On 2019-05-14, Marc Espie  wrote:
> As far as I know, the only software we have for blind people
> (and not just people with very poor eye sight)
> is misc/brltty.
>
> misc/screen  also has support in the form of the shm flavor,
> which hooks to misc/brltty
>
> The main issue for this kind of thing is of course testing.
>
> This was done over 10 years ago.  I have zero idea if this
> still works, or if there are better tools these days.

On Linux brltty works with the console driver to read the standard
system console, on OpenBSD we don't have that support so brltty is
only usable with the version of screen with the shared-memory
patches (shm flavour). 

If I build brltty with X support I can see that it does still work
with the version of screen in the ports tree. (I wasn't able to get
it to work with updated screen however; it's probably worth adding a
new screen-shm port so that we can update the main screen port without
affecting this).

Re: ix0: CRITICAL: EXTERNAL PHY OVER TEMP!!

[Stuart Henderson]

On 2019-05-15, Predrag Punosevac  wrote:
> Hi,
>
> I am having an issue with a single 10 Gigabit interface on one of Intel
> Xeon D-1541 network servers. Namely after the reboot the interface
> appears to be down even with a static route
>
> phobos# ifconfig ix0
> ix0: flags=8843 mtu 1500
> lladdr ac:1f:6b:19:f7:72
> index 1 priority 0 llprio 3
> groups: egress
> media: Ethernet autoselect
> status: no carrier
> inet 128.2.204.160 netmask 0xfc00 broadcast 128.2.207.255
>
> The only thing I can see is 
>
> ix0: CRITICAL: EXTERNAL PHY OVER TEMP!!  PHY will downshift to lower pow
> er state!

Looking at the driver it looks like this is a high temperature alarm
coming from the transceiver (PHY) passed on by the nic. The driver
attempts to powers down the PHY in this condition, presumably to try to
avoid damage.

Is the cooling in this system working correctly?

Do you still see it if you power it off for a while and let it cool down?

(10GBase-T is relatively power hungry.)

Re: LibreOffice, and others, not usable via ssh at OpenBSD 6.4

[Roger Marsh]

On Sun, 12 May 2019 17:28:15 +0200
Normen Wohner  wrote:

> Did you try setting the $DISPLAY?
> In the past I had situations where ssh starts 
> DISPLAY=:1 if there is already a session running on 
> the server. Also sometimes I had to specify 
> DISPLAY=:0. Would be news to me that Open has 
> issues with this however 
> 
> On May 12, 2019, at 11:27, Roger Marsh  wrote:
> > I am guessing, but the following explanation of the 'ssh -Y hostname 
> > libreoffice' problem seems reasonable.  Libreoffice asks 'is accelerated 
> > graphics available?' and gets a yes or no answer depending on the driver 
> > availble on hostname.   
> 
> maybe either of you could try to just ssh -Y (-X if on 
> a corresponding machine) and then start Libreoffice 
> to get some verbose output on the issue.
> If it complains about being unable to open the 
> Xsession it should already be running and you can 
> try stuff like DISPLAY=:1 libreoffice
> 

'ssh -X hostname libreoffice' works.  Same for the others, seamonkey etc, with 
problem.  Years ago 'ssh -X ..' did not work for the applications I was using, 
and I assumed it did not work now too.

It is possible to stop 'ssh -X hostname libreoffice' working by throwing in a 
'ssh hostname libreoffice' or 'ssh -Y hostname libreoffice' command.  'ssh -X 
hostname seamonkey' still works, and neither 'ssh hostname seamonkey' nor 'ssh 
-Y hostname seamonkey' cause 'ssh -X hostname libreoffice' to stop working.  
The only way out found is reboot hostname.

'ssh a@hostname libreoffice' does not stop 'ssh -X b@hostname libreoffice' 
working.

Roger

Re: sndio? aucat -i s.wav: "default: couldn't open audio device"

[Alexandre Ratchov]

On Tue, May 14, 2019 at 06:57:48PM -0500, Juan Zuluaga wrote:
> Thank you Alexandre!
> 
> I did
> # sndiod -ddd -r 44100 -f rsnd/1 -m play

sorry, there's a typo in the command I sent you, the correct device
number is "0", as the device appears as "audio0" in dmesg. The correct
command is:

sndiod -ddd -r 44100 -f rsnd/0 -m play