Re: cmp(1) '-s' flag ignoring byte offset argument?
On Fri, Jan 08, 2021 at 07:09:01PM -0800, Jordan Geoghegan wrote: > Hey folks, > > I've noticed some surprising behaviour from cmp(1) when using the '-s' flag. > > It appears that cmp -s is ignoring the byte offset arguments I'm giving it. > > I don't want to waste time babbling, so here's an example snippet to show > what I'm talking about: > > #!/bin/sh > > echo 'my line' > /tmp/1.txt > echo 'my other line' >> /tmp/1.txt > echo 'same same' >> /tmp/1.txt > > echo 'my differnt line' > /tmp/2.txt > echo 'my other different line' >> /tmp/2.txt > echo 'same same' >> /tmp/2.txt > > # Determine byte offsets (we only want to compare lines >= 3) > offset1="$(head -2 /tmp/1.txt | wc -c)" > offset2="$(head -2 /tmp/2.txt | wc -c)" > > # Compare files and show exit code > cmp /tmp/1.txt /tmp/2.txt "$offset1" "$offset2" > printf '\nReturn code = %s\n' "$?" > > cmp -s /tmp/1.txt /tmp/2.txt "$offset1" "$offset2" > printf '\nReturn code with "-s" = %s\n' "$?" > > As you can see, 'cmp -s' returns an exit code of '1', unlike cmp without the > '-s' which returns '0'. > > Not sure what to make of this, I noticed this same behaviour on DragonflyBSD > and FreeBSD, so maybe I'm just missing something obvious. This certainly > caused some frustration before I figured out what was going on. > > Regards, > > Jordan > This is a bug. It has been there since the beginning, according to http://cvsweb.openbsd.org/src/usr.bin/cmp/regular.c FreeBSD has it fixed, NetBSD not. -Otto Index: regular.c === RCS file: /cvs/src/usr.bin/cmp/regular.c,v retrieving revision 1.12 diff -u -p -r1.12 regular.c --- regular.c 6 Feb 2015 23:21:59 - 1.12 +++ regular.c 9 Jan 2021 06:53:20 - @@ -51,15 +51,15 @@ c_regular(int fd1, char *file1, off_t sk off_t byte, length, line; int dfound; - if (sflag && len1 != len2) - exit(1); - if (skip1 > len1) eofmsg(file1); len1 -= skip1; if (skip2 > len2) eofmsg(file2); len2 -= skip2; + + if (sflag && len1 != len2) + exit(1); length = MINIMUM(len1, len2); if (length > SIZE_MAX) {
Clang sanitizer support
Hi all, I'd like to use Clang's AddressSanitizer and ThreadSanitizer on my OpenBSD development machine. However, the Clang 10 documentation lists OpenBSD support for only the UndefinedBehaviorSanitizer. Does anyone know how hard it would be to port them? Are they absent because nobody really cares about them, or is it because of a significant technical challenge to get them on OpenBSD? Also, are there alternatives to these sanitizers? Valgrind? Running clang on another OS in vmm(4)? I tried the valgrind package but it segfaulted immediately when I ran it early last year. OS support for sanitizers, as reported by the docs: AddressSanitizer * Android ARM * FreeBSD i386/x86_64 (tested on FreeBSD 11-current) * Linux i386/x86_64 (tested on Ubuntu 12.04) * NetBSD i386/x86_64 * Windows 8.1+ (i386/x86_64) * iOS Simulator * macOS 10.7 - 10.11 (i386/x86_64) ThreadSanitizer * Android aarch64, x86_64 * Darwin arm64, x86_64 * FreeBSD * Linux aarch64, x86_64, powerpc64, powerpc64le * NetBSD MemorySanitizer * FreeBSD * Linux * NetBSD UndefinedBehaviorSanitizer * Android * FreeBSD * Linux * NetBSD * OpenBSD * Windows * macOS
cmp(1) '-s' flag ignoring byte offset argument?
Hey folks, I've noticed some surprising behaviour from cmp(1) when using the '-s' flag. It appears that cmp -s is ignoring the byte offset arguments I'm giving it. I don't want to waste time babbling, so here's an example snippet to show what I'm talking about: #!/bin/sh echo 'my line' > /tmp/1.txt echo 'my other line' >> /tmp/1.txt echo 'same same' >> /tmp/1.txt echo 'my differnt line' > /tmp/2.txt echo 'my other different line' >> /tmp/2.txt echo 'same same' >> /tmp/2.txt # Determine byte offsets (we only want to compare lines >= 3) offset1="$(head -2 /tmp/1.txt | wc -c)" offset2="$(head -2 /tmp/2.txt | wc -c)" # Compare files and show exit code cmp /tmp/1.txt /tmp/2.txt "$offset1" "$offset2" printf '\nReturn code = %s\n' "$?" cmp -s /tmp/1.txt /tmp/2.txt "$offset1" "$offset2" printf '\nReturn code with "-s" = %s\n' "$?" As you can see, 'cmp -s' returns an exit code of '1', unlike cmp without the '-s' which returns '0'. Not sure what to make of this, I noticed this same behaviour on DragonflyBSD and FreeBSD, so maybe I'm just missing something obvious. This certainly caused some frustration before I figured out what was going on. Regards, Jordan
Fw: ospf question
I'll try this message one more time. I have a question regarding the use of ospf with OpenBSD 6.8. > I have a network that consists of 23 OpenBSD 6.8 based routers (created, > within a virtualbox environment on a GNU/Linux server, to match the physical > network I manage - the only different being that the physical network > consists of FreeBSD based routers rather than OpenBSD ones). I set this up > after have replaced a FreeBSD based router with an OpenBSD based one in the > real network and immediately experiencing an issue accessing parts of the > network. > > Within my setup there is one router (router22) that is six hops away from the > designated default gateway (which I'll call the firewall) and there are two > paths (going different ways around the network) to get to it. I am able to > run a traceroute to router22, but am not able to ping it or ssh onto it. If I > ssh to the router connected to the firewall then I can ping and ssh to > router22 (at that point it's only 5 hops away). If I reboot any router that > lies within the path to router22 then I am subsequently able to ping and ssh > router22 from the firewall. > > I have also subsequently duplicated the entire network again using FreeBSD > 12.2 and the problem does not occur, so as far as I can see it's just an > OpenBSD ospf issue. > > I first set this up after replacing a FreeBSD based router with an OpenBSD > based one and experiencing another strange issue. In this instance the > shortest path from my server network (accessible from router01) to router08, > router11 and router12 was router01 <-> router13 <-> router21 <-> router08 <-> > router11 <-> router12, when I put the OpenBSD router in as router13 I could > no longer ping router08, router11 or router12 (though I could still ping > router21). If I connected to a router in a different part of the network I > was able to ping each of the inaccessible ones, so it was only when the > OpenBSD based router was along the shortest path the issue manifested itself. > > Is anyone aware of incompatibilities between the OSPF implementation within > OpenBSD and that provided by quagga on FreeBSD? Or of any limitations of OSPF > on OpenBSD? > > In each setup I have the same hello and dead interval and have md5 crypt > authentication in place on each link between routers. Each router is in area > 0.0.0.0. > > regards, > Mark
Re: phonetics on OpenBSD: IPA transcription
Hullo Jan, It might be worth your while to involve yourself with LaTeX. The TexMaker package is available in OpenBSD and it's almost trivial via that. There are plenty of resources around, including a very comprehensive work on Wikibooks - downloadable as a .pdf. Just load the package `tipa' into your preamble (document definition: depending on whether you went to Oxford or Cambridge), and you're good to go. Cheers! Harry. -- `We'll know our disinformation program is complete when everything the American public believes is false'. -- William Casey, CIA Director (first staff meeting, 1981)
Re: Fw: ospf question
Hello Mark you need to give more detail on the IP address types are you using b roadcast networks or point to point / tunnel type addresses are you seeing anything in also can you be certain your hypervisor switches (real switches in the datacentre allow for vm -vm communication and dont filter certain types of traffic (OSPF) /var/log/messages when you run the daemons, are you allowing ip protocol 89 (OSPF) on your PF rules on boxes running pf ? have you configured loopback ips on each router (on a separate loopback interface) on each open BSD Router (so as not to have 127.0.0.0/8 routes advertised have you confirmed you dont have a network conflict 2 routers with the same ip range on interfaces that are not connected .. you can start ospfd with -df switches to see if there are any warnings / messages that might hint what is up and running only other high level things I can thing of is check your neighbour adjacencies are they forming, and focus where they are not forming and usual things for OSPF adjacencies not forming MTU of interfaces not matching between neighbours Authentication key authentication type authentication key id usually = 1 switch between routers with a smaller MTU / L2MTU than what the neighbour routers have configured on their interfaces if ospf neighbours are forming are you learning any routes.. avoid static default routes they are the spawn of satan and you can run into issues learning and propagating default routes otherwise ... Peace out and Happy new year On Fri, 8 Jan 2021 at 23:08, Mark wrote: > > I'll try this message one more time. > > I have a question regarding the use of ospf with OpenBSD 6.8. > > > I have a network that consists of 23 OpenBSD 6.8 based routers (created, > > within a virtualbox environment on a GNU/Linux server, to match the > > physical network I manage - the only different being that the physical > > network consists of FreeBSD based routers rather than OpenBSD ones). I set > > this up after have replaced a FreeBSD based router with an OpenBSD based > > one in the real network and immediately experiencing an issue accessing > > parts of the network. > > > > Within my setup there is one router (router22) that is six hops away from > > the designated default gateway (which I'll call the firewall) and there are > > two paths (going different ways around the network) to get to it. I am able > > to run a traceroute to router22, but am not able to ping it or ssh onto it. > > If I ssh to the router connected to the firewall then I can ping and ssh to > > router22 (at that point it's only 5 hops away). If I reboot any router that > > lies within the path to router22 then I am subsequently able to ping and > > ssh router22 from the firewall. > > > > I have also subsequently duplicated the entire network again using FreeBSD > > 12.2 and the problem does not occur, so as far as I can see it's just an > > OpenBSD ospf issue. > > > > I first set this up after replacing a FreeBSD based router with an OpenBSD > > based one and experiencing another strange issue. In this instance the > > shortest path from my server network (accessible from router01) to > > router08, router11 and router12 was router01 <-> router13 <-> router21 <-> > > router08 <-> router11 <-> router12, when I put the OpenBSD router in as > > router13 I could no longer ping router08, router11 or router12 (though I > > could still ping router21). If I connected to a router in a different part > > of the network I was able to ping each of the inaccessible ones, so it was > > only when the OpenBSD based router was along the shortest path the issue > > manifested itself. > > > > Is anyone aware of incompatibilities between the OSPF implementation within > > OpenBSD and that provided by quagga on FreeBSD? Or of any limitations of > > OSPF on OpenBSD? > > > > In each setup I have the same hello and dead interval and have md5 crypt > > authentication in place on each link between routers. Each router is in > > area 0.0.0.0. > > > > regards, > > Mark -- Kindest regards, Tom Smyth.
Re: phonetics on OpenBSD: IPA transcription
Mihai Popescu(mih...@gmail.com) on 2021.01.08 23:00:44 +0200: > > I mostly use macOS for that now [...] > > I think it's better to stay on that system only, and avoid spamming misc > with your cross-breeding experiments. Seriously now. He asked a perfectly valid question. If you don't know the answer, don't answer.
Re: phonetics on OpenBSD: IPA transcription
On 2021-01-08, Jan Stary wrote: > How do I install a font that has glyphs for those symbols? > Is there anything for that in ports? The Dejavu font that is included by default covers IPA. It's unlikely that you need to install anything else. And if you do, just install the Noto fonts and be done with it. Even the "fixed" font that xterm uses by default covers IPA for all practical purposes. -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: phonetics on OpenBSD: IPA transcription
On 2021-01-08 20:42:20, Jan Stary wrote: > Is there anyone doing phonetics on OpenBSD? > > [...] > > If there are actualy phoneticians running on OpenBSD, > how do you do it? > > Thank you > > Jan > Hello, I wrote about my setup in an email to misc@ about a year ago. https://marc.info/?l=openbsd-misc=153960218915258=2 (You may need to manually set your browser to UTF-8 to see the line of IPA symbols in it.) In brief, I installed ports/inputmethods/uim and use it to switch into IPA layout. I can write IPA symbols in both GUI and terminal applications, though getting the symbols to show up correctly in terminals requires a little more work. Base vi doesn't support them, but nvi from ports works fine. Trying to type commands into (n)vi while in IPA mode obviously doesn't do what one expects though, so be sure to switch out of it first. I don't use emacs or mg, so can't comment on whether or not they support them, but I suspect emacs most likely does. I switch between layouts with either CTRL-shift or ALT-shift, and then type according to the X-SAMPA rules which are documented in /usr/local/share/uim/ipa-x-sampa.scm which is installed by the uim port mentioned above. Hopefully the above should get you a good working setup. At the very least, I'd recommend that you get your system set up to allow X-SAMPA input since that seems to be the universal standard for reducing the IPA into ASCII. That way, no matter what system you type IPA on, you'll have a consistent layout and won't need to relearn anything. Hope this helps! -- Bryan
Re: phonetics on OpenBSD: IPA transcription
> I mostly use macOS for that now [...] I think it's better to stay on that system only, and avoid spamming misc with your cross-breeding experiments. Seriously now.
Re: phonetics on OpenBSD: IPA transcription
On Fri, Jan 08, 2021 at 08:42:20PM +0100, Jan Stary wrote: > Is there anyone doing phonetics on OpenBSD? > > I suppose the first thing to figure out is transcription. > I mostly use macOS for that now, having installed an IPA keyboard > and the Charis and Doulos fonts (as recommended on the Praat page). > Now I'm looking to do that on OpenBSD. > > As far as I understand, I need a XKB keymap that describes a layout > of the IPA symbols, and a font that has the glyphs for those symbols. > Please bare with my ignorance of XKB internals. > I am also interested in this. Fell in love with IPA once I saw it. Nope, I don't have the skills. But I'd be happy to help. Feel free to contact me off-list. I didn't know there were IPA keyboards. My interests are personal and not professional. Chris Bennett
Re: phonetics on OpenBSD: IPA transcription
Hi Jan, Jan Stary writes: > Assigning the keysymbols for IPA symbols to the keycodes > (in some way I choose, preferably compatible to the existing > IPA keyboards out there) would amount to writing a layout > such as those in /usr/X11R6/share/X11/xkb/symbols/, right? > > A quick search for 'xkb layout ipa' shows that a few of those exist. > Is any of them prevalent, or at least used by phoneticians? > Are any such layouts in the Xorg distribution already? As I'm not a phoneticist I use Compose(5) instead of a full layout. I have no special insights as to designing or loading such layouts. SIL, which authored the Doulos and Charis fonts you mentioned and is a big player in the open source linguistics space, recommends their keyboard layout: https://keyman.com/keyboards/sil_ipa This is used by Keyman, which seems to be some sort of frontend to load keyboard layouts into ibus. We don't have Keyman in ports, but if it's useful software it would be good to add it. If you'd rather write an X keyboard layout directly (to avoid extra software like ibus), and no other layout exists, it would probably be a good idea to use their key arrangement as a base for writing your own. > How do I install a font that has glyphs for those symbols? > Is there anything for that in ports? There are lots of Unicode fonts in ports. XTerm's default font supports the IPA ranges. Several fixed-width fonts in ports, like Go Mono, are also usable in the terminal and cover those characters. The Doulos and Charis fonts you mentioned are also in ports. -- Anthony J. Bentley
Re: adding user to a group
Todd C. Miller writes: > You need to login in again. Logging in via ssh, a virtual console, > X11 or running su will set the groups list. Setting groups is a > privileged operation so simply starting a new shell or opening a > new xterm is not sufficient. Thanks, su helped. (Although I do not understand the reasoning behind the need to log out/in, i.e., why isn't the group membership just updated after the usemod command...) Ruda
phonetics on OpenBSD: IPA transcription
Is there anyone doing phonetics on OpenBSD? I suppose the first thing to figure out is transcription. I mostly use macOS for that now, having installed an IPA keyboard and the Charis and Doulos fonts (as recommended on the Praat page). Now I'm looking to do that on OpenBSD. As far as I understand, I need a XKB keymap that describes a layout of the IPA symbols, and a font that has the glyphs for those symbols. Please bare with my ignorance of XKB internals. As a first step, I did xmodmap -e 'keycode 30 = u U00028a' and now I can write `put' as /pʊt/. (U00028a is the unicode of ʊ) Assigning the keysymbols for IPA symbols to the keycodes (in some way I choose, preferably compatible to the existing IPA keyboards out there) would amount to writing a layout such as those in /usr/X11R6/share/X11/xkb/symbols/, right? A quick search for 'xkb layout ipa' shows that a few of those exist. Is any of them prevalent, or at least used by phoneticians? Are any such layouts in the Xorg distribution already? As for the font, the reason I can see the ʊ above (as do you, right?) is that the font I use in this here xterm -misc-fixed-medium-r-normal--15-140-75-75-c-90-iso10646-1 covers the glyphs for Unicode, or at least parts of it, in particular the IPA range of 0250-02af (see below). So do some other fonts, including some in /usr/X11R6/lib/X11/fonts/, so I can type ʊ in a libreoffice document too using those fonts. Please note that I use the words keycode and keysym and glyph and layout without any actual knowledge of XKB or fonts. I guess I am asking: How do I install a XKB layout that covers the IPA symbols? How do I install a font that has glyphs for those symbols? Is there anything for that in ports? If there are actualy phoneticians running on OpenBSD, how do you do it? Thank you Jan $ unitool 250-2af | unitool c990 U+000250 ɐ LATIN SMALL LETTER TURNED A c991 U+000251 ɑ LATIN SMALL LETTER SCRIPT A c992 U+000252 ɒ LATIN SMALL LETTER TURNED SCRIPT A c993 U+000253 ɓ LATIN SMALL LETTER B HOOK c994 U+000254 ɔ LATIN SMALL LETTER OPEN O c995 U+000255 ɕ LATIN SMALL LETTER C CURL c996 U+000256 ɖ LATIN SMALL LETTER D RETROFLEX HOOK c997 U+000257 ɗ LATIN SMALL LETTER D HOOK c998 U+000258 ɘ LATIN SMALL LETTER REVERSED E c999 U+000259 ə LATIN SMALL LETTER SCHWA c99a U+00025a ɚ LATIN SMALL LETTER SCHWA HOOK c99b U+00025b ɛ LATIN SMALL LETTER EPSILON c99c U+00025c ɜ LATIN SMALL LETTER REVERSED EPSILON c99d U+00025d ɝ LATIN SMALL LETTER REVERSED EPSILON HOOK c99e U+00025e ɞ LATIN SMALL LETTER CLOSED REVERSED EPSILON c99f U+00025f ɟ LATIN SMALL LETTER DOTLESS J BAR c9a0 U+000260 ɠ LATIN SMALL LETTER G HOOK c9a1 U+000261 ɡ LATIN SMALL LETTER SCRIPT G c9a2 U+000262 ɢ LATIN LETTER SMALL CAPITAL G c9a3 U+000263 ɣ LATIN SMALL LETTER GAMMA c9a4 U+000264 ɤ LATIN SMALL LETTER BABY GAMMA c9a5 U+000265 ɥ LATIN SMALL LETTER TURNED H c9a6 U+000266 ɦ LATIN SMALL LETTER H HOOK c9a7 U+000267 ɧ LATIN SMALL LETTER HENG HOOK c9a8 U+000268 ɨ LATIN SMALL LETTER BARRED I c9a9 U+000269 ɩ LATIN SMALL LETTER IOTA c9aa U+00026a ɪ LATIN LETTER SMALL CAPITAL I c9ab U+00026b ɫ LATIN SMALL LETTER L WITH MIDDLE TILDE c9ac U+00026c ɬ LATIN SMALL LETTER L BELT c9ad U+00026d ɭ LATIN SMALL LETTER L RETROFLEX HOOK c9ae U+00026e ɮ LATIN SMALL LETTER L YOGH c9af U+00026f ɯ LATIN SMALL LETTER TURNED M c9b0 U+000270 ɰ LATIN SMALL LETTER TURNED M WITH LONG LEG c9b1 U+000271 ɱ LATIN SMALL LETTER M HOOK c9b2 U+000272 ɲ LATIN SMALL LETTER N HOOK c9b3 U+000273 ɳ LATIN SMALL LETTER N RETROFLEX HOOK c9b4 U+000274 ɴ LATIN LETTER SMALL CAPITAL N c9b5 U+000275 ɵ LATIN SMALL LETTER BARRED O c9b6 U+000276 ɶ LATIN LETTER SMALL CAPITAL O E c9b7 U+000277 ɷ LATIN SMALL LETTER CLOSED OMEGA c9b8 U+000278 ɸ LATIN SMALL LETTER PHI c9b9 U+000279 ɹ LATIN SMALL LETTER TURNED R c9ba U+00027a ɺ LATIN SMALL LETTER TURNED R WITH LONG LEG c9bb U+00027b ɻ LATIN SMALL LETTER TURNED R HOOK c9bc U+00027c ɼ LATIN SMALL LETTER R WITH LONG LEG c9bd U+00027d ɽ LATIN SMALL LETTER R HOOK c9be U+00027e ɾ LATIN SMALL LETTER FISHHOOK R c9bf U+00027f ɿ LATIN SMALL LETTER REVERSED FISHHOOK R ca80 U+000280 ʀ LATIN LETTER SMALL CAPITAL R ca81 U+000281 ʁ LATIN LETTER SMALL CAPITAL INVERTED R ca82 U+000282 ʂ LATIN SMALL LETTER S HOOK ca83 U+000283 ʃ LATIN SMALL LETTER ESH ca84 U+000284 ʄ LATIN SMALL LETTER DOTLESS J BAR HOOK ca85 U+000285 ʅ LATIN SMALL LETTER SQUAT REVERSED ESH ca86 U+000286 ʆ LATIN SMALL LETTER ESH CURL ca87 U+000287 ʇ LATIN SMALL LETTER TURNED T ca88 U+000288 ʈ LATIN SMALL LETTER T RETROFLEX HOOK ca89
Re: npppd - problem with simultaneous sessions
Hi, > When the problem is happening, is the counter "dropped due to missing > IPsec protection" incremented? Yes, it is. No VPN session: $ netstat -sp udp udp: 360413 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 39898 with no checksum 108780 input packets software-checksummed 135430 output packets software-checksummed 187992 dropped due to no socket 50819 broadcast/multicast datagrams dropped due to no socket 970 dropped due to missing IPsec protection 0 dropped due to full socket buffers 121602 delivered 222326 datagrams output 285255 missed PCB cache First VPN session: $ netstat -sp udp udp: 360863 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 40104 with no checksum 108780 input packets software-checksummed 135518 output packets software-checksummed 188056 dropped due to no socket 50885 broadcast/multicast datagrams dropped due to no socket 970 dropped due to missing IPsec protection 0 dropped due to full socket buffers 121922 delivered 222532 datagrams output 285534 missed PCB cache Second VPN session (the first ses. was disconencted) [root@@fw-u/home/rdk:]netstat -sp udp udp: 361306 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 40446 with no checksum 108780 input packets software-checksummed 135660 output packets software-checksummed 188109 dropped due to no socket 50888 broadcast/multicast datagrams dropped due to no socket 977 dropped due to missing IPsec protection 0 dropped due to full socket buffers 122309 delivered 222708 datagrams output 285800 missed PCB cache and after ~2 minutes: [root@@fw-u/home/rdk:]netstat -sp udp udp: 361814 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 40862 with no checksum 108780 input packets software-checksummed 135837 output packets software-checksummed 188150 dropped due to no socket 50900 broadcast/multicast datagrams dropped due to no socket 1005 dropped due to missing IPsec protection 0 dropped due to full socket buffers 122764 delivered 222912 datagrams output 286078 missed PCB cache On Fri, 08 Jan 2021 18:15:37 +0900 (JST) YASUOKA Masahiko wrote: > Hi, > > >> It seems that only last person can use the tunnel. This reminds me > >> problems through NAT. > > True. Can it be caused by wrong PF rules? > > No, I don't think so. > > I suppose I could repeat the problem. > > When the problem is happening, is the counter "dropped due to missing > IPsec protection" incremented? > >% netstat -sp udp >udp: >655 datagrams received >0 with incomplete header >0 with bad data length field >0 with bad checksum >297 with no checksum >356 input packets software-checksummed >236 output packets software-checksummed >46 dropped due to no socket >0 broadcast/multicast datagrams dropped due to no socket >3 dropped due to missing IPsec protection >0 dropped due to full socket buffers >609 delivered >236 datagrams output >354 missed PCB cache > > I started looking into this problem. > > On Thu, 7 Jan 2021 09:45:07 +0100 > radek wrote: > > Hi, > > > >> It seems that only last person can use the tunnel. This reminds me > >> problems through NAT. > > True. Can it be caused by wrong PF rules? > > > >> Both sessions seem to be connected from A.B.C.D. Are the clients > >> behind a NAT? > > Yes, both client are behind the same router/NAT. > > I have a 66/i386 box running npppd on producion and my two clients > > can be connected the same time flawlessly. > > > >> How about the npppd side? Does the client directly connect to > >> > >> > tunnel L2TP protocol l2tp { > >> > listen on X.Y.Z.13 > >> > } > >> > >> X.Y.Z.13 ? Or a NAT is there? > > It is directly connected do X.Y.Z.13, no NAT. > > > > On Thu, 07 Jan 2021 16:27:57 +0900 (JST) > > YASUOKA Masahiko wrote: > > > >> Hi, > >> > >> On Wed, 6 Jan 2021 21:33:49 +0100 > >> Radek wrote: > >> > I have a box with relatively fresh install of 68/amd64, fully > >> > syspatched. There is a npppd server running on it. The problem is > >> > that I can have only one nppp session at one time. If the second > >> > vpn user connects the box, the first nppp session hangs/drops. I > >> > probably have missed something obvious in my setup but I really > >> > can't find what it is. > >> > >> It seems that only last person can
adding user to a group
Dear list, I tried to add myself to the "dialer" group: #usermod -G dialer ruda But when I write $groups in a terminal I still do not see the new group. Not even if I open a new login shell (by writing "ksh -l"). However, when I log in in a text console (ctrl-alt-1), I see the new group there. What is it that I have to do to have the membership updated, i.e., how can I open e.g. a terminal in the running environment that would see my new groups? Thanks for comments Ruda
Re: adding user to a group
On 8.1.2021 16:21, Rudolf Sykora wrote: Dear list, I tried to add myself to the "dialer" group: #usermod -G dialer ruda But when I write $groups in a terminal I still do not see the new group. Not even if I open a new login shell (by writing "ksh -l"). However, when I log in in a text console (ctrl-alt-1), I see the new group there. What is it that I have to do to have the membership updated, i.e., how can I open e.g. a terminal in the running environment that would see my new groups? Thanks for comments Ruda There seems to be some change in behavior in OpenBSD and to be honest do not know when it happened. This is your start https://man.openbsd.org/user which will get you to https://man.openbsd.org/usermod.8 BUT using -G resets your membership and you will be in only group you specified. If you want to add additional group you need to use -S instead
Re: adding user to a group
On Fri, Jan 08, 2021 at 05:20:36PM +0100, Rudolf Sykora wrote: > > Todd C. Miller writes: > > > You need to login in again. Logging in via ssh, a virtual console, > > X11 or running su will set the groups list. Setting groups is a > > privileged operation so simply starting a new shell or opening a > > new xterm is not sufficient. > > Thanks, su helped. > (Although I do not understand the reasoning behind the need to log > out/in, i.e., why isn't the group membership just updated after the > usermod command...) Todd's message contains the explanation. If you did not understand it, please do some homework, like, read up on and understand how processes work on Unix.
Re: 4G mini PCI-e modem support?
On Fri, Jan 08, 2021 at 05:13:52PM +0100, Patrick Wildt wrote: > Am Fri, Jan 08, 2021 at 02:29:02PM + schrieb Peter Kay: > > There appear to be no 4G modem support at the moment, specifically a > > mini PCI-e one so I can stick it in a PC engines apu4d4 and have a > > backup connection. > > > > Presuming a driver would need to be written, but just checking if I've > > missed anything? > > There's umb(4). It supports USB's MBIM standard. There are some MBIM > compatible chips around, one for instance is this one: > > https://www.varia-store.com/de/produkt/87272-simcom-sim7600e-h-mpcie-eu-lte-cat-4-modul.html > > You'll probably need to switch it into MBIM mode once via a specific > AT-command over the serial, but otherwise it should do. > > I'm sure there are plenty of other MBIM-compatible devices, this is just > the one from the top of my head. I have umb(4) working on an APU1 board. It's a Sierra Wireless EM7345, the one shipped with x250 Thinkpads. Installation in an APU requires a compatible M.2 to miniPCIe adapter. Make sure to get an adapter with the correct M.2 keying. If the vendor advertises GSM/UMTS/LTE modem support the adapter should work. If they don't, better ask before buying. This combo works fine in the middle miniPCIe slot of the APU. You'll need a full size SIM card for the SIM card slot. Again, an adapter will help to fit a micro or nano SIM. You will also want LTE antennas and compatible pigtails. Using wifi antennas will result in about 50% packet loss.
Re: 4G mini PCI-e modem support?
Am Fri, Jan 08, 2021 at 02:29:02PM + schrieb Peter Kay: > There appear to be no 4G modem support at the moment, specifically a > mini PCI-e one so I can stick it in a PC engines apu4d4 and have a > backup connection. > > Presuming a driver would need to be written, but just checking if I've > missed anything? There's umb(4). It supports USB's MBIM standard. There are some MBIM compatible chips around, one for instance is this one: https://www.varia-store.com/de/produkt/87272-simcom-sim7600e-h-mpcie-eu-lte-cat-4-modul.html You'll probably need to switch it into MBIM mode once via a specific AT-command over the serial, but otherwise it should do. I'm sure there are plenty of other MBIM-compatible devices, this is just the one from the top of my head.
Re: M2 SSD in a PCI-E adapter
Am Fri, Jan 08, 2021 at 08:46:20AM -0700 schrieb Todd C. Miller: > On Fri, 08 Jan 2021 16:19:02 +0100, Jan Stary wrote: > > > I know the disk itself works: this is the disk plugged into > > an M.2 slot in a Dell Latitude E5570 (full dmesg below): > > sd0 at scsibus1 targ 0 lun 0: > > naa.5001b448b85325 > > 30 > > sd0: 238475MB, 512 bytes/sector, 488397168 sectors, thin > > That is not an NVME SSD, it is an M.2 SATA SSD. You need a different > adaptor. > > - todd > Yes, todd is right. It's a M2 SATA SSD, but the Adapter will only work with M2 NVMe SSDs. So you might need a different adapter. Some- thing like these two could maybe work: https://www.delock.de/produkte/1140_M-2/89388/merkmale.html https://www.delock.de/produkte/1140_M-2/89379/merkmale.html Both say "supports Key B+M on SATA basis" and both have active chipsets which should be PCIe AHCI-compatible controller.
Re: adding user to a group
User and group information is set during login. When running a new shell with -l it only reads the shell profile: -l Login shell. If the basename the shell is called with (i.e. argv[0]) starts with ‘-’ or if this option is used, the shell is assumed to be a login shell and the shell reads and executes the contents of /etc/profile and $HOME/.profile if they exist and are readable. So you need to log out and log in again (either from your terminal session or X11 session). If you want to make sure your user is added to the group dialer you can verify via: $ getent group dialer dialer:*:117:ruda martijn@ On Fri, 2021-01-08 at 16:21 +0100, Rudolf Sykora wrote: > Dear list, > > > I tried to add myself to the "dialer" group: > > #usermod -G dialer ruda > > But when I write > > $groups > > in a terminal I still do not see the new group. Not even if I open a new login > shell (by writing "ksh -l"). However, when I log in in a text console > (ctrl-alt-1), I see the new group there. > > What is it that I have to do to have the membership updated, i.e., how > can I open e.g. a terminal in the running environment that would see my > new groups? > > > Thanks for comments > Ruda >
Re: M2 SSD in a PCI-E adapter
On Fri, 08 Jan 2021 16:19:02 +0100, Jan Stary wrote: > I know the disk itself works: this is the disk plugged into > an M.2 slot in a Dell Latitude E5570 (full dmesg below): > sd0 at scsibus1 targ 0 lun 0: naa.5001b448b85325 > 30 > sd0: 238475MB, 512 bytes/sector, 488397168 sectors, thin That is not an NVME SSD, it is an M.2 SATA SSD. You need a different adaptor. - todd
Re: adding user to a group
On Fri, 08 Jan 2021 16:21:08 +0100, Rudolf Sykora wrote: > I tried to add myself to the "dialer" group: > > #usermod -G dialer ruda > > But when I write > > $groups > > in a terminal I still do not see the new group. Not even if I open a new logi > n > shell (by writing "ksh -l"). However, when I log in in a text console > (ctrl-alt-1), I see the new group there. Yes, group membership it set at login time. Running ksh as a login shell is not the same as actually logging in with a new session. > What is it that I have to do to have the membership updated, i.e., how > can I open e.g. a terminal in the running environment that would see my > new groups? You need to login in again. Logging in via ssh, a virtual console, X11 or running su will set the groups list. Setting groups is a privileged operation so simply starting a new shell or opening a new xterm is not sufficient. - todd
Re: [new] sysutils/obsdpkgup - tools for creating and using a package index
> On 2021/01/06 12:03, Stuart Henderson wrote: > Looking at this it's better than I thought it would be, there are some > problems though - > Hey thanks! > - The version number comparison using mcuadros/go-version is wrong, > it doesn't match packages-specs(5). > I took the time to learn some perl yesterday, and holy moly my version comparison code was *very* wrong. Thanks for taking the time to point that out. As a result, I went through and mirrored the perl code as closely as I could to ensure that it matches what OpenBSD does. > - There doesn't seem to be a way to validate that index.pkgup.gz is done > against the current available package build. For this I would suggest > recording the timestamp of the @digital-signature on the quirks package > in the index, and verifying when the update is run. (grep out of > "PKG_DBDIR=/var/empty PKG_PATH=$whatever pkg_info -f quirks" will do > the trick). > Added. I'm parsing the signify block in pure Go (instead of shelling out to pkg_info) because I want to be able to use the index generation code on any Go-supported platform. My own mirror (and from what I understand, some of OpenBSD's own mirrors) aren't necessarily running OpenBSD. > Between those two it could cause problems because the user may try to > update a too-small subset of packages. The first problem is obvious. > The second problem, if a library is bumped after the index is generated, > the required updates won't show up. For both if people use it and then > run into problems it's likely the bug reports will end up with openbsd > rather than pkgup. This makes me not want to add it to packages yet > (adding it could easily be seen as an endorsement of using it). > This would be less of a problem if it at least tries to detect outdated > caches and prints a clear warning. > I hope that my above two fixes rectify this situation in your mind. > Less important but I'd be happier if it used the signature from pkg_info > -qS rather than its own version using grep on +CONTENTS, to guard > against possible future changes to things that pkg_add considers when > deciding whether to update (also I think it would make sense to include > the whole string rather than a hash of the signature, there's no need to > hide that), as long as the full url/filename is used pkg_add will fetch > the file directly without grabbing the index first. i.e. > PKG_DBDIR=/var/empty pkg_info -qS > http://mirror/pub/OpenBSD/snapshots/packages/amd64/moo-1.5p0.tgz > I would like this as well. The problem is that pkg_info -qS is slow. It takes orders of magnitude more time to run than my current signature generation code. I can currently build a complete index from a remote mirror in less than ten minutes. If I switched to using pkg_info, it would take several hours by my math. In addition, I would like to keep genpkgup able to be run on any OS that Go supports instead of only OpenBSD machines. I went ahead and sorta-implemented your suggestion though by matching OpenBSD's current signature format. No more hashes. I was torn on this before, but I actually like your approach better because A: it's easier to debug when things go wrong and B: it's much less CPU-intensive not having to do sha256 stuff. So again, thank you for the recommendation. If the signature format changes in the future, I will gladly update my code to match, or revisit the problem if necessary. Again, thank you for taking the time to look at my tool!
4G mini PCI-e modem support?
There appear to be no 4G modem support at the moment, specifically a mini PCI-e one so I can stick it in a PC engines apu4d4 and have a backup connection. Presuming a driver would need to be written, but just checking if I've missed anything?
Re: -current amd64 packages not updated? Impatient or broken?
On Jan 07 21:30, Christian Weisgerber wrote: > A new build is running now and will take another 24h to complete > if all goes well. Thanks for the ETA. You build ports faster than I can. I appreciate your service.
Re: msdos partition is too small in arm64/miniroot68.img
On 2021-01-07, tech-lists wrote: > What I wanted to do was to write latest firmwares from > https://github.com/pftf/RPi4 as described in OpenBSD/6.8/arm64/INSTALL.arm64 > into the (mdconfig-mounted) msdos partition of miniroot68.img prior to writing > it to the sdcard as I didn't have an additional USB storage device. That is not as described in the install notes, they specifically say to use a second storage device exactly to avoid this complication. (They don't need to describe every possible method, only a simple one that works).
Re: -current amd64 packages not updated? Impatient or broken?
On Jan 07 16:40:37, ch...@nmedia.net wrote: > For those trying to use the latest snap and the latest ports, try link > libc++.so.4.0 to libc++.so.5.0 and libc++abi.so.2.1 to libc++abi.so.3.0 > for now. Frankenstein, indeed. You'll feel dirty just doing it. While at it, link /bin/ls to /bin/rm
Re: -current amd64 packages not updated? Impatient or broken?
On Thu, Jan 07, 2021 at 09:30:13PM +0100, Christian Weisgerber wrote: | Steve Williams: | | > I hesitate to send this because perhaps I'm just too impatient, but then | > again, perhaps not. This is not critical/time sensitive. | > | > I just thought I'd check if there a problem with the current packages folder | > from the mirrors? | | No, the amd64 package builds have been slightly delayed. A good reminder that you are building these package snaps very often, thanks to you (and all the other pkg builders and Theo and other base snap builders) for providing us with with these very regular updates. Cheers, Paul -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: -current amd64 packages not updated? Impatient or broken?
On 2021-01-07, Patrick Wildt wrote: > Maybe I should have asked ports to run with the build first, so that > base and packages would be aligned. We (package builders) don't really do that - and in the majority of cases it's not much of a problem anyway, it normally only affects people that have freshly installed from snapshot and usually clears itself in a few days.
Re: npppd - problem with simultaneous sessions
Hi, It seems that only last person can use the tunnel. This reminds me problems through NAT. True. Can it be caused by wrong PF rules? No, I don't think so. I suppose I could repeat the problem. When the problem is happening, is the counter "dropped due to missing IPsec protection" incremented? % netstat -sp udp udp: 655 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 297 with no checksum 356 input packets software-checksummed 236 output packets software-checksummed 46 dropped due to no socket 0 broadcast/multicast datagrams dropped due to no socket 3 dropped due to missing IPsec protection 0 dropped due to full socket buffers 609 delivered 236 datagrams output 354 missed PCB cache I started looking into this problem. On Thu, 7 Jan 2021 09:45:07 +0100 radek wrote: Hi, It seems that only last person can use the tunnel. This reminds me problems through NAT. True. Can it be caused by wrong PF rules? Both sessions seem to be connected from A.B.C.D. Are the clients behind a NAT? Yes, both client are behind the same router/NAT. I have a 66/i386 box running npppd on producion and my two clients can be connected the same time flawlessly. How about the npppd side? Does the client directly connect to > tunnel L2TP protocol l2tp { > listen on X.Y.Z.13 > } X.Y.Z.13 ? Or a NAT is there? It is directly connected do X.Y.Z.13, no NAT. On Thu, 07 Jan 2021 16:27:57 +0900 (JST) YASUOKA Masahiko wrote: Hi, On Wed, 6 Jan 2021 21:33:49 +0100 Radek wrote: > I have a box with relatively fresh install of 68/amd64, fully > syspatched. There is a npppd server running on it. The problem is > that I can have only one nppp session at one time. If the second > vpn user connects the box, the first nppp session hangs/drops. I > probably have missed something obvious in my setup but I really > can't find what it is. It seems that only last person can use the tunnel. This reminds me problems through NAT. > Jan 6 20:53:16 fw-u npppd[82720]: ppp id=0 layer=base > logtype=TUNNELSTART user="rdk" duration=1sec layer2=L2TP > layer2from=A.B.C.D:1701 auth=MS-CHAP-V2 ip=10.109.4.1 iface=pppx0 > Jan 6 20:53:44 fw-u npppd[82720]: ppp id=1 layer=base > logtype=TUNNELSTART user="rdk-test" duration=1sec layer2=L2TP > layer2from=A.B.C.D:1701 auth=MS-CHAP-V2 ip=10.109.4.11 iface=pppx0 Both sessions seem to be connected from A.B.C.D. Are the clients behind a NAT? How about the npppd side? Does the client directly connect to > tunnel L2TP protocol l2tp { > listen on X.Y.Z.13 > } X.Y.Z.13 ? Or a NAT is there? On Wed, 6 Jan 2021 21:33:49 +0100 Radek wrote: > Hi @misc, > > I have a box with relatively fresh install of 68/amd64, fully > syspatched. There is a npppd server running on it. The problem is > that I can have only one nppp session at one time. If the second > vpn user connects the box, the first nppp session hangs/drops. I > probably have missed something obvious in my setup but I really > can't find what it is. > > Please help me to solve the problem. > Thank you. > > $cat /etc/npppd/npppd.conf > authentication LOCAL type local { > users-file "/etc/npppd/npppd-users" > } > tunnel L2TP protocol l2tp { > listen on X.Y.Z.13 > } > ipcp IPCP { > pool-address 10.109.4.1-10.109.4.32 > dns-servers 1.1.1.1 > } > # use pppx(4) interface. use an interface per a ppp session. > interface pppx0 address 10.109.4.254 ipcp IPCP > bind tunnel from L2TP authenticated by LOCAL to pppx0 > > $cat /etc/hostname.enc0 > up > > > $cat /etc/sysctl.conf > net.inet.ip.forwarding=1 > net.inet.ipcomp.enable=1 > net.inet.esp.enable=1 > net.inet.gre.allow=1 > net.pipex.enable=1 > > $cat /etc/rc.conf.local > ipsec=YES > ipsec_rules=/etc/ipsec.conf > isakmpd_flags="-K" > npppd_flags="" > > $cat /etc/ipsec.conf > wan_ipv4 = X.Y.Z.13 > ike passive esp transport \ > proto udp from $wan_ipv4 to any port 1701 \ > main auth "hmac-sha1" enc "3des" group modp1024 \ > quick auth "hmac-sha1" enc "aes" group modp1024 \ > psk "pskpskpsk" > > $cat /etc/pf.conf > [...] > vpn_if = "pppx" > vpn_local = "10.109.4.0/24" > > pass in on $ext_if proto udp from any to (egress:0) port > {isakmp,ipsec-nat-t,l2tp} > pass in on $ext_if proto {ah,esp} > pass log proto { gre } from any to any keep state > > # filter all IPSec traffic on the enc interface > pass on enc0 keep state (if-bound) > > # allow all trafic in on and out to the VPN network > pass on $vpn_if from $vpn_local > pass on $vpn_if to $vpn_local > > # NAT VPN traffic going out on the public interface with the public > IP > match out log on $ext_if inet proto { tcp, udp, icmp } from > $vpn_local nat-to ($ext_if) set prio (3,7) > > some logs... > > Jan 6 20:53:14 fw-u last message repeated 4 times > Jan 6 20:53:16 fw-u isakmpd[11638]: