Re: I wrote this about packages and ports in 2023, hopefully still useful to some who come here
On 2024-08-31 15:55, Peter N. M. Hansteen wrote: > After offering https://marc.info/?l=openbsd-misc&m=172503305621176&w=2, > I remembered writing that slightly longer piece, which offers some explanation > of how things work in addition to copy-pasteable material. > > There is room for both approaches. There is one piece of advice in Peters https://nxdomain.no/~peter/youve_installed_it_now_what_packages.html that is virtually invaluable: use the "script" command to get a log of all commands you enter and their output. https://man.openbsd.org/script I'll add one piece of advice: keep a log book, a diary of what problems you face and how you intend to solve them. Then, if something doesn't work the way you intended, your script files and the log book tells you where to start digging. As a bonus, when you eventually replace the machine, you will know a lot better what you need to do to get the new one in the working order you prefer. Even if you're a seasoned Unix admin and work with OpenBSD systems all day, you will forget details about individual systems. Keeping a log book is how you still can stay on top of your game. It also improves learning. -- Åke Nordin , resident Net/Lunix/telecom geek. Netia Data AB, Stockholm SWEDEN *46#7O466OI99#
Re: Automatic Disk Partitioning
On 2024-08-04 21:16, David Uhden Collado wrote: > Hello, > I have observed that the automatic partitioning feature of disklabel(8) > does not allocate more than approximately 350GB to system partitions > [1]. In my opinion, the tool should have been designed to use all > available space on the storage device when partitioning. To address this > limitation, I had to write a custom program that calculates partition > sizes to maintain their initial proportions while occupying the entire > storage device. > I would like to understand the rationale behind this design choice. Is > there a specific reason why the automatic partitioning is limited to > around 350GB for system partitions? Any insights or explanations you can > provide would be greatly appreciated. There is at least one quite prevalent problem with using Really Large filesystems that is a good reason for this: when you need to boot a system that wasn't shut down orderly enough that all filesystems got properly unmounted, the amount of time it takes for the fsck (file system repair tool) that is automatically triggered at the next reboot to finish will be a nuisance long before it completes. A few other, possibly less convincing reasons to cap the sizes of filesystems is backups and restores get cumbersome, solving problems where you need to grow a partition is far easier if you have unused disk space, and solid state disk reliability improves when a decent fraction of available storage is unused. MfG, -- Åke Nordin , resident Net/Lunix/telecom geek. Netia Data AB, Stockholm SWEDEN *46#7O466OI99#
Re: IPv6 link-local addresses outside of fe80::/64 are not handled correctly
On 2023-07-12 16:23, Zack Newman wrote: > Before I raise a bug report, I wanted to pass it by @misc in case I'm > confused. It appears there is an issue with link-local addresses at > least as far as route(8) is concerned. Since May 2, /var/log/messages > has been getting spammed with the following: > > router$ tail -6 /var/log/messages > Jul 12 03:02:47 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:cf35 by c4:ca:2b:5a:cf:35 on em0 > Jul 12 03:02:51 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:cf35 by 00:1c:73:00:00:99 on em0 > Jul 12 04:57:30 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:8723 by c4:ca:2b:5a:87:23 on em0 > Jul 12 04:57:34 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:8723 by 00:1c:73:00:00:99 on em0 > Jul 12 06:16:31 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:cf35 by c4:ca:2b:5a:cf:35 on em0 > Jul 12 06:16:35 router /bsd: ndp info overwritten for > fe80:4::c6ca:2bff:fe5a:cf35 by 00:1c:73:00:00:99 on em0 > > The MAC address 00:1c:73:00:00::99 belongs to the gateway on my ISP's > side. I have no clue about the other 2 MAC addresses. Anyway, when > trying to investigate the matter, I found that link-local > addresses (i.e., fe80::/10) that are not part of fe80::/64, the only > block that is actually defined to be used per RFC 4291 Section 2.5.6, > always have the second octet pair as 0: > > router$ route -n get fe80:4::c6ca:2bff:fe5a:cf35%em0 -inet6 > route to: fe80::c6ca:2bff:fe5a:cf35%em0 > destination: fe80::c6ca:2bff:fe5a:cf35%em0 > mask: ::::::: > interface: em0 > if address: fe80::7ec2:55ff:fe62:31fb%em0 > priority: 3 () > flags: > use mtu expire > 34 0 85085 > > Notice how "route to" does not have the same IP as the IP I passed to > route(8). Here is another example with a "random" link-local IP: > > router$ route -n get fe80:4:8349:adfe:1ca:2eff:95a:14%em0 -inet6 > route to: fe80:0:8349:adfe:1ca:2eff:95a:14%em0 > destination: fe80:: > mask: ffc0:: > gateway: ::1 > interface: lo0 > if address: ::1 > priority: 8 (static) > flags: > use mtu expire > 27 32768 0 > > Is there something I am missing, or is this a bug? > I believe you are missing that Link-Local IPv6 addresses aren't the whole /10, they are only the /64. This is by design, since quite a few IPv6 functions depend on fe80::/64 being there. For further reference, see section 2.5.6 of RFC4291, the current version of the IPv6 Address Architecture. https://datatracker.ietf.org/doc/html/rfc4291#section-2.5.6 Kind Regards, -- Åke Nordin , resident Net/Lunix/telecom geek. Netia Data AB, Stockholm SWEDEN
Re: sndio and bit perfect playback
On 10/14/22 11:21, Alexandre Ratchov wrote: > Here are the measures of the aliasing noise using sine sweeps. Check > the figure for the 44.1kHz to 48kH conversion, the sndiod column: > > https://arverb.com/pub/src/ Those are interesting results, indeed. Is there a write-up about the testing method somewhere where I can read how to reproduce such tests? MfG, -- Åke Nordin , resident Net/Lunix/telecom geek. Netia Data AB, Stockholm SWEDEN +46704660199
Re: Editing C with...
On Sun, May 4, 2008 at 3:25 AM, Stephan Andre' <[EMAIL PROTECTED]> wrote: > Nah, teco. > > Or, SOS > > --STeve Andre' (ducks) AMIS, in fuldamental mode. At least one old hand will recall times when v7 wasn't much more than rumours in our part of the world, and the creatures of rms still were mostly benign (and certainly worth to clone). /moose (Bedard ?)
Re: OpenBSD sticker considered cool by a layman
On 10/2/07, Nick Guenther <[EMAIL PROTECTED]> wrote: > On 10/2/07, Eke Nordin <[EMAIL PROTECTED]> wrote: > > On 10/2/07, Hannah Schroeter <[EMAIL PROTECTED]> wrote: > > > Hello! > > > > > > On Mon, Oct 01, 2007 at 10:29:30PM -0500, Todd Alan Smith wrote: > > > >On 10/1/07, Anton Karpov <[EMAIL PROTECTED]> wrote: > > > >> i have nothing to hide ;) > > > > > > >http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565 > > > > > > "Cool" link... Information about an article about privacy, and for > > > downloading it you need javascript and whatever more... (I didn't manage > > > to get the full text). > > > > Not to mention no download unless registration. > > > > Sort of makes the whole excercise rather pointless (if the point > > wasn't to laugh at gullible people). > > Yes, I thought that too, but then I just noticed the download links on > the left. Here is a direct link to the one I downloaded--no javascript > needed. Tell me if it works for you: > http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID998565_code249137.pdf?abstrac tid=998565&mirid=1 It's flaky at best for me. Didn't work at all from the office, worked once from home. I read the "download difficulties, click here" when it didn't work at the office. That page states that download requires registration and login, which apparently isn't exactly the truth. Whatever. Thanks for the support and clarifications, the paper seems (after the most superficial skimming) well worth the effort to read. Now returning to normal mode of silent, stumped lurking. -- Eke Nordin Unix/net geek, Netia.se consultant, Stacken member. Damian Conway: "The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity."
Re: OpenBSD sticker considered cool by a layman
On 10/2/07, Hannah Schroeter <[EMAIL PROTECTED]> wrote: > Hello! > > On Mon, Oct 01, 2007 at 10:29:30PM -0500, Todd Alan Smith wrote: > >On 10/1/07, Anton Karpov <[EMAIL PROTECTED]> wrote: > >> i have nothing to hide ;) > > >http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565 > > "Cool" link... Information about an article about privacy, and for > downloading it you need javascript and whatever more... (I didn't manage > to get the full text). Not to mention no download unless registration. Sort of makes the whole excercise rather pointless (if the point wasn't to laugh at gullible people). -- Eke Nordin Unix/net geek, Netia.se consultant, Stacken member. Damian Conway: "The programmer is fighting against the two most destructive forces in the universe: entropy and human stupidity."
Re: using spamd to block outbound spam
On 4/14/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 16:43]:
> 1. Fixing the code is impossible :-( I already tried it, the developers
> keep saying that they're code is sound and safe. I've shown logs and
> statistics to the bosses of the company that owns the webapp, but the
> only response I got was: "fix it" (they aren't making the connection
> between the webapp and the spam emails). The only thing I can do to
> prove my point is exploit the webapp in front of them, but I don't know
> how to do that.
then you should obviously find out how to do the latter.
you cannot fix this problem without fixing the buggy application.
A word of caution: Don't get yourself fired in the process.
Be very certain that you have written approval to "break in"
when you demonstrate how the webapp can be misused
by spammers.
--
Eke Nordin, moose (a) {stacken.kth|enting|netia} (o) se
Re: Mail Server (seeking recommendations)
On 4/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
On Fri, Apr 13, 2007 at 09:33:00PM -0400, Steven Presser wrote:
> Hello,
> I'm working for a small company which has settled on OpenBSD as its
> server software (because the security is excellent). We have settled on
> what software to use for everything but the mail server. I'd like to
> request recommendations from the knowledgeable people of this
> list. The priorities for the mail server are:
> 1. Security
> 2. Usability (for the end user - not everyone is technically skilled,
> although the setup can be done for anyone who needs help)
> 3. Ease of setup
> 4. Scaleability
> Obviously the first is by far the most important. The other three
> are more perks than anything else.
I'm going to go with the Postfix/Dovecot chorus here, which has worked
very well for me, with one caveat: Dovecot doesn't like concurrent
access to mailboxes. There were plans to fix this a while ago, but the
sole batch of users who often use concurrent mailboxes are still unhappy
about this. (Dovecot doesn't eat data or anything; it just drops the
connection.)
As to spam control, greylisting works very well; spamd or postgrey will
be extremely helpful.
My operation have just the most superficial resemblance of a "company"
(it's years since I earned any money out of it), but the setup I have is
sendfail+spamd on one box and dovecot on another, that works far better
than I've ever dreamt of.
Security: at least not much worse than the alternatives
- Only stuuf in "base" + dovecot (which hasn't been laughed at
too much security-wise, and it's got a security stance)
Ease of setup: Quite.
- Dovecot is in ports (v1.0.0 checked in yesterday)
- The version I believe is in 4.1 (1.0.rc22) is the one I run
(from a late february snapshot) hasn't failed me at all
(but see the errata at http://dovecot.org/oldnews.html)
- sendfail setup has never been easier than with the
exquisite OpenBSD documentation
- ditto spamd
Scalability: I think so, but I might have fallen prey to a
certail nevel of hype. Especially Dovecot seems to have
a good track record.
I don't know much about ease of use by end users. I
find it easy but I don't think I'm typical. My few users
(mainly in the family) asked me to set their mail up,
but I do have the users I deserve...
--
Eke Nordin, moose (a) {stacken.kth|enting|netia} (o) se
