Re: netstat -I in 4.3 shows lo0 too
On Tue, Sep 09, 2008 at 04:14:48PM +0200, Federico Giannici wrote: > Since we upgraded from 4.2 to 4.3 the "netstat -I ifname" command changed > it's output and now includes the lo0 statistics too. Hi. Yes it is a bug and was previously discussed here: http://marc.info/?l=openbsd-misc&m=121403404706602&w=2 You can download a diff for this issue here: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/netstat/if.c.diff?r1=1.56&r2=1.57 and rebuilding netstat by cd /usr/src/usr.bin/netstat/ make && make install (Assuming you installed the src.tar.gz tarball). HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Is it necessary to recompile just to apply a security patch?
On Tue, Jul 29, 2008 at 08:41:36AM -0700, skogzort wrote: > Is it necessary to recompile just to apply a security patch? Of course! ;) > In order to do this it appears that I have to download the source code > re-compile the entire OS. Recompiling the OS seems to involve a lot of steps. > Before I continue to read through them all, I just want to confirm that it is > actually necessary to do all of this, simply to apply a security patch: Do you use the current 4.3 or do you use a CVS snapshot ? If you use 4.3 you _have_ to download and install src.tar.gz and install it. Now download only the bind patch for 4.3 and apply the patch and rebuild and reinstall named. (Don't forget to restart named ;) ) If you use a older version check the appropriate errata page instead ;) Its OpenBSD. Its soo easy :P HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning
On Wed, Jul 09, 2008 at 12:22:17PM -0400, bofh wrote: > Love your gimme gimme attitude. If you spent half a second thinking about > this: Hehehe ;) Furthermore you can see in the US-CERT that this VULN was: Date First Published07/08/2008 02:46:15 PM As you know some developers may live outside .us in a different timezone (and developers in .us/.ca have to work at this time). So in e.g. Europe this was yesterdays evening. You can accelerate proceedings by a) donating to OpenBSD and b) - if you need this patch REALLY FAST - hire a paid conslutant to develope the patch and send it to the list. And OpenBSD doesn't have a SLA ... So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning
On Wed, Jul 09, 2008 at 10:45:09PM +0800, Zamri Besar wrote: > Good morning, > > Today, I'm received alert from one of my friends regarding to > Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable > to cache poisoning. > http://www.kb.cert.org/vuls/id/800113 > > I checked the above site, and found that most of the *BSD status are > unknown. Is this bug affected OpenBSD default bind dns? > > I'm don't know either the above bug is similar to this thread or not. > http://marc.info/?l=openbsd-misc&m=118539211412877&w=2 I think named on OpenBSD 4.3 is affected too. See http://www.nabble.com/Actual-BIND-error---Patching-OpenBSD-4.3-named---td18357465.html So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Actual BIND error - Patching OpenBSD 4.3 named ?
On Wed, Jul 09, 2008 at 11:19:24AM +0100, mark reardon wrote: > Hi Andreas, > > Aren't you dumping on the wrong interface here? > Should it not be your $ext_if where the alleged poisoning will come from? Hi Mark. Excuse me? The tcpdump was provided by Rod Whitworth <[EMAIL PROTECTED]>. So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Actual BIND error - Patching OpenBSD 4.3 named ?
Hi. I guess OpenBSDs named is affected by the actual issue: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://www.kb.cert.org/vuls/id/800113 So I hope a patch is in progress ? Or is OpenBSD not affected by this issue? So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Unexpected behavior of netstat in 4.3
On Sat, Jun 21, 2008 at 09:07:14AM +0100, Jason McIntyre wrote: > this was fixed here: > > > revision 1.57 > date: 2008/03/18 20:03:37; author: claudio; state: Exp; lines: +4 -1 > Make -I work correctly. RTM_NEWADDR needs to filter the ifname as well. > Aha! Known issue ;) Well I will extract a diff and recompile only netstat. (I'm not comfortable rebuilding everything on a 500MHz server ...) Thanks for your help. Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Unexpected behavior of netstat in 4.3
Hi. I noticed the following misbehavior of netstat in 4.3. The manual page says: [... snipp ...] -I interface Show information about the specified interface; used with a wait interval as described below. [... snipp ...] O.K. Using 4.2 netstat -I works as expected: -bash-3.2$ uname -a OpenBSD piglet.badphish.dyndns.org 4.2 GENERIC#0 i386 -bash-3.2$ netstat -ib -I fxp0 NameMtu Network Address Ibytes Obytes fxp0150000:a0:c9:a0:73:84 514885834 263525662 fxp01500 fe80::%fxp0 fe80::2a0:c9ff:fe 514885834 263525662 But using the same command in 4.3 returns: -bash-3.2$ uname -a OpenBSD son-goku.badphish.dyndns.org 4.3 GENERIC#698 i386 -bash-3.2$ netstat -ib -I vr0 NameMtu Network Address Ibytes Obytes lo0 33208 localhost localhost.badphis 37219614 37219614 lo0 33208 localhost.b localhost.badphis 37219614 37219614 lo0 33208 fe80::%lo0/ fe80::1%lo0 37219614 37219614 vr0 150000:00:24:ca:68:38 26230376471 6788235902 vr0 1500 son-goku-un son-goku-untruste 26230376471 6788235902 vr0 1500 fe80::%vr0/ fe80::200:24ff:fe 26230376471 6788235902 vr1 1500 son-goku-dm son-goku-dmz.badp 21983028148 89288229482 vr1 1500 fe80::%vr1/ fe80::200:24ff:fe 21983028148 89288229482 vr2 1500 son-goku-tr son-goku-trusted. 93517695317 47526180347 vr2 1500 fe80::%vr2/ fe80::200:24ff:fe 93517695317 47526180347 vr3 1500 192.168.211 192.168.211.1 174328335 863529211 vr3 1500 fe80::%vr3/ fe80::200:24ff:fe 174328335 863529211 At least list of changes (http://openbsd.org/plus43.html) notes some modifications to netstat but not this behavior. Maybe a bug? Or how do I request the information for just a single interface? So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Wrong ownership of /var/named/master ?
On Mon, Jun 16, 2008 at 09:32:39AM +, Jussi Peltola wrote: Hi. > It's reasonable to me: named doesn't need to modify master zones, so don't let > it do that. Principle of the least privilege. Using "static" zones ... I totally agree. > Simpler fix: put dynamically updated zones in slave, which I have done for > years. O.K. But I am easy to confuse ;) I will never look into slave/ for dynamic zones. So I guess the best method - and to close this thread ;) - is to make a directory called ... say ... dynamic make it writable by named and put the zone file of the dynamic zones in it. Case closed ^^ Thanks for your input. So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Wrong ownership of /var/named/master ?
On Mon, Jun 16, 2008 at 03:06:46AM -0500, Jamie Gavahan wrote: > Hello, Hi. > A quick search of the archives yielded these results* (among others): > > Someone correct me if I'm wrong. You are wrong :P named supports dynamic updates via allow-update { key ...; }; But the _DHCP_ server does not support dynamic updates. I've never said the the dhcpd runs on the OpenBSD system. So long, Andreas. P.S.: > * http://marc.info/?l=openbsd-misc&m=109755604901842&w=2 > * http://marc.info/?l=openbsd-misc&m=115312797220810&w=2 > * http://marc.info/?l=openbsd-misc&m=115296366703096&w=2 > * http://marc.info/?l=openbsd-misc&m=117662121618527&w=2 They are all talking about the dhcpd of OpenBSD. In my case the dhcpd comes from a Linux system and is a ISC DHCPD v3.0.3 (which supports dynamic updates). -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Wrong ownership of /var/named/master ?
On Sun, Jun 15, 2008 at 09:15:41PM +0200, Dorian B|ttner wrote: > propably the file you gave named in the zone-section of named.conf needs to > be existing in the first place. give named sufficient permission to read > and, for dynamic update, to write in it - no bug here and no need to change > directory ownership. Hi. I don't think so. a) The manual (http://www.isc.org/sw/bind/arm95/Bv9ARM-all.html) doesn't list an option to specify the location of the journal file. b) It is automagically created by named (http://www.isc.org/sw/bind/arm95/Bv9ARM.ch04.html#journal) [... snipp ...] This file is automatically created by the server when the first dynamic update takes place. [... snipp ...] Although the documentation didn't specify the location of the journal. But even it would do so named _NEEDS_ to write to the master directory because c) (http://www.isc.org/sw/bind/arm95/Bv9ARM.ch04.html#journal again): [... snipp ...] The server will also occasionally write ("dump") the complete contents of the updated zone to its zone file. This is not done immediately after each dynamic update, because that would be too slow when a large zone is updated frequently. Instead, the dump is delayed by up to 15 minutes, allowing additional updates to take place. [... snipp ...] Oh and BTW. /var/named/slave _IS_ writeble by named: # ls -ld /var/named/slave/ drwxrwxr-x 2 root named 512 Mar 12 17:28 /var/named/slave/ Of cause it is. named needs it to store and update zone data from the master. So slave/ is writeble by named because it needs to update the (slave) zone files. The same applies to the master directory (see c) ). So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Wrong ownership of /var/named/master ?
Hi. While configuring named on my sweet new Soekris 5501 I discovered a little *uhm* misconfiguration (I would not call it a bug). By default the permissions of /var/named/master is set to 0755 and owned by root:wheel. named runs in the chroot /var/named with the user named, group named. For most operations this permission/ownership is sufficient. But if you try to use dynamic updates named will fail to create the required "journals": 15-Jun-2008 16:31:29.885 zone internal.wlan.badphish.dyndns.org/IN: sending notifies (serial 200806131) 15-Jun-2008 16:40:22.278 client 192.168.254.202#1025: updating zone '11g.wlan.badphish.dyndns.org/IN': adding an RR at 'nibbler.11g.wlan.badphish.dyndns.org' A 15-Jun-2008 16:40:22.279 client 192.168.254.202#1025: updating zone '11g.wlan.badphish.dyndns.org/IN': adding an RR at 'nibbler.11g.wlan.badphish.dyndns.org' TXT 15-Jun-2008 16:40:22.280 journal file master/11g.wlan.badphish.dyndns.org.jnl does not exist, creating it 15-Jun-2008 16:40:22.280 master/11g.wlan.badphish.dyndns.org.jnl: create: permission denied 15-Jun-2008 16:40:22.280 client 192.168.254.202#1025: updating zone '11g.wlan.badphish.dyndns.org/IN': error: journal open failed: unexpected error and dynmic updates will not work. Simple fix: chown named /var/named/master Is this a known issue? At least the permissions of /var/named/master is root:wheel since 4.1 (I am using 4.3 right now). Perhaps can be fixed in 4.4 or is there a special reason to set /var/named/master to root:wheel? Many thanks in advance, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Unbound: a validating, recursive, and caching DNS resolver
On Wed, May 21, 2008 at 02:09:23PM -0300, Andris wrote: > I just read about this project, might be of interest: > http://unbound.net/ Hi. Yeah and a port for unbound is just in progress ;) http://marc.info/?l=openbsd-ports&m1131428431723&w=2 So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: gmake error, please help :)
On Thu, May 08, 2008 at 10:22:01AM -0700, vatocleti wrote: > Hey all, Hi. > I'm running OpenBSD 4.2/i386 and am booting bsd.mp. I have brought over a > linux program that uses gcc as the compiler. > > I have installed the following sets: > > - gmake-3.80p1.tgz > - gettext-0.14.6p0.tgz > - libiconv-1.9.2p3.tgz > > and when I do a "gmake" I get the following two errors: > > - " /bin/gmake[1]: ELF: not found" > - "/bin/gmake[365]: no closing quote *ahem* Where does /bin/gmake come from ? The gmake from gmake-3.80p1.tgz lives in /usr/local/bin/gmake (And your /bin/gmake looks like a shell script. Did you take a look at this script?) HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Editing C with...
On Sat, May 03, 2008 at 02:15:19PM -0400, bofh wrote: > Real men use ed. No. REAL programmers use ... http://xkcd.com/378/ Sorry, couldn't resist ;) Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Abort trap on 4.3 release
On Tue, Apr 15, 2008 at 08:01:37PM +0200, Pieter Verberne wrote: > Hi guys, Hi Pieter. > Yesterday I installed OpenBSD 4.3 release from CD. I copied both Congratulations for your OpenBSD 4.3 CD set ;) > PORTS_TA.GZ and SRC_TAR.GZ to /tmp. I extracted the ports to /usr/, and And here is your error. src.tgz has to be extractes in /usr/src. You extracted in in /tmp and copied the files to /usr. tigger:/share/netinst/pub/OpenBSD/4.2# tar tvzf src.tar.gz [... snipp ...] drwxr-xr-x root/wheel0 2007-06-18 22:25 ./bin/chmod drwxr-xr-x root/wheel0 2007-08-21 00:24 ./bin/chmod/CVS -rw-r--r-- root/wheel 14 2006-03-01 03:10 ./bin/chmod/CVS/Repository -rw-r--r-- root/wheel 250 2007-06-18 22:25 ./bin/chmod/CVS/Entries -rw-r--r-- root/wheel 421 2001-09-06 20:52 ./bin/chmod/Makefile -rw-r--r-- root/wheel 4864 2007-06-18 22:25 ./bin/chmod/chflags.1 -rw-r--r-- root/wheel 3651 2007-06-18 22:25 ./bin/chmod/chgrp.1 and this will overwrite e.g. /usr/bin/chmod (the file) with the directory /usr/bin/chmod. And this is causing the "abort trap" because under /usr the files has been replaced by directories. > [date] init: can't exec getty '/usr/libexec/getty' for port > /dev/sttyC[012345]: Is a directory --^ See it has been replaced by a directory. If you extract src.tar.gz to /tmp make sure you copy this to /usr/src. > (Uhm, I'm not sure if I'll try to fix this install. I think I'll do just > a fresh install instead. But let's just wait for yours commends) Either do a fresh install or boot the installation CD, exit to the shell when prompted if you want to (I)nstall, (U)grade or (S)hell. Mount your partition and change to the mount point and extract the filesets you need (base43.tgz, ...) using tar xvzpf ... HTH, Andreas. P.S.: Don't worry I made this error several times ;) -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: download problems
On Tue, Jan 08, 2008 at 11:03:50AM -0500, Frank Bax wrote: > Doug: > > Just curious. Does the same problem exist on your OpenBSD boxes? You > can also use lynx if you don't have wget installed. > > time lynx -dump http://www.openbsd.org/spamd/traplist.gz > /dev/null > > Frank Well, of couse it depends on your link saturation (and other details) but I don't have a problem downloading this file: [EMAIL PROTECTED]:/tmp $ time wget http://www.openbsd.org/spamd/traplist.gz --20:06:41-- http://www.openbsd.org/spamd/traplist.gz => `traplist.gz' Resolving www.openbsd.org... 129.128.5.191 Connecting to www.openbsd.org|129.128.5.191|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 648,560 (633K) [text/plain] 100%[==>] 648,560 48.22K/sETA 00:00 20:06:56 (44.73 KB/s) - `traplist.gz' saved [648560/648560] real0m14.712s user0m0.000s sys 0m0.016s HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: avoiding a mac address filter
On Mon, Jan 07, 2008 at 12:19:26PM -0500, Dave Anderson wrote: > On Mon, 7 Jan 2008, Pau Amaro-Seoane wrote: > > >loosen up a bit, you're too tight up... I just want to check my > >emails, I don't want to download p0nr movies > > Theft of service is theft, regardless of how much or little service > you're stealing. If someone's gone to the trouble of filtering on MAC > addresses, they've clearly indicated that they're not a public service > -- and no amount of weasel-wording will get around that. ACK! Furthermore, depending on your origin this is considered a criminal act if you circumvent the MAC filter. E.g. here in germany you will pay for that crime or go to jail (for up to 5 years) doing this for a: sniffing the traffic to get a valid IP/MAC association b: breaking into the system which is protected (even a MAC filter is considered a protection). And NO A SYSTEM THAT USES MAC FILTERING IS NOT AN OPEN ACCESSPOINT! Oh and by the way it may be considered a crime trying to do or giving you tips how to do this (incitement). If you have a similar system at work and you will try to figure out how bad guys may attack this ... well talk to your boss or your IT security team. Maybe you will be assigned to a penetration test. But in this case you have to sign an agreement what you should do, what you shouldn't do and when and how to to such tests. (and if you are in a position to do penetration test you wouldn't ask such questions ;) ) So don't expect any answer on this list. Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
OT: 5 years of OpenBSD ... Thank you ;)
O.K. This is totally off-topic. But I wish to say "Thank you". ;) In the end of 2002 I used Linux and ipchains (now iptables) and I was really pissed off by making a syntax error and I shot myself right in the foot. So someone tells me about about this "pf thingy". (*) After installing OpenBSD 3.2 on my front router I was VERY pleased ;) So I installed OpenBSD on every host in my DMZ (and since 2005 on every Desktop system). To make this post as short as possible ... I NEVER regret this decission. O.K. PenguinOS has been installed on some hosts but as years passing by I was frustrated that it includes new drivers but the drivers was never tested (even on i386 !!1!elf!!). E.g. the -binary only- bcm43xx firmware using 2.6.19 (or so) locked up the system after a few frames. Well it compiled o.k but does anyone tested it on a real system ?!? So I really stick with OpenBSD. It doesn't cover the ultra-up-to-date hardware but the at least it was tested on a real systems! And if it doesn't work I file a bug report. And I don't have any problems using a daily CVS snapshot and recompile it. Usually it works more stable than the so called "stable" kernel. O.K. I stop the rant ... ;) So ... I love OpenBSD. And THANK YOU FOR 5 YEARS OF PROTECTING MY NETWORK ;) Keep on running! A. (*) To be exactly I installed my first OpenBSD system on 26-Dec-2002 P.S.: Since 3.4 I bought every CD set. Even the one I doesn't need anymore (like my 4.1 set bought on 27-Oct ;) ) -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: https access error www.fistofiron.com
On Mon, Dec 24, 2007 at 09:19:13AM -0800, badeguruji wrote: > Hello, Hi. > I am hosting www.fistofiron.com on a home network behind dsl link. i am able > to pull up the site on netscape sometimes, and sometimes it gives error > (timeout). it is a very small page. i am not sure, if there is some > configuration error. Well do you use ADSL? If one of your links (up- or download) are saturated you will see this error. > $ lynx -dump https://www.fistofiron.com > > Looking up www.fistofiron.com > Making HTTPS connection to www.fistofiron.com > Retrying connection without TLS. > Looking up www.fistofiron.com > Making HTTPS connection to www.fistofiron.com > Alert!: Unable to make secure connection to remote host. > > lynx: Can't access startfile https://www.fistofiron.com/ Well ... you think this is somehow OpenBSD related why not posting more info? Did you try it from an internal host? From an external host? Do you have _ANY_ pf related rules installed? If yes post these rules. The usual questions: - can you ping the host (without packet loss?) - is your lynx SSL-aware? - what does openssl s_client -host www.fistofiron.com -port 443 say? This is somehow OpenBSD related, isnt it ? HTH, Andreas. P.S.: Oh and merry christmas ;) -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: BIND and the measure of system entropy (randomness?)
On Wed, Dec 12, 2007 at 01:08:42AM +1100, mufurcz wrote: Hi. > Greetings, > > A disk in one of the old firewalls (not exactly critical) failed (running > OpenBSD 2.9!), and I urgently > need a DNS server to work. Replaced the disk and installed 4.2. Starting > `named -g` (listing below), > produces a few surprising messages, like: > > a) line 3: BIND trying to load the configuration from /etc an not from > /var/named/etc (my understanding > was that the default -c option looks for the named.config in /var/named/etc > an not in /etc); AFAIK the originale,unmodified bind from OpenBSD runs in a chroot()ed environment under /var/named. So its root is really at /. So if it says it reads from /etc/named.conf it _REALLY_ reads from /var/named/etc/named.conf because of the chroot. > b) lines 34 and 35: `could not open entropy source /dev/arandom: file not > found` and `using pre-chroot > entropy source /dev/arandom` complaining about a missing > /var/named/dev/arandom device. Same as above. /dev/arandom is _REALLY_ /var/named/dev/arandom. So just why not creating this device? cd /var/named/dev mknod arandom c 45 4 > What BIND has to do with the laws of thermo-dynamics? Can I safely ignore > the above messages. BIND needs /dev/arandom for some stuff like generating random IDs. > BTW, I am NOT a BIND expert! Neither do I ;) Oh and don't forget the chroot() thingy mentioned above. If you write to logfiles etc. they will get written to /var/named/var/log/... ! HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: inetd needed for basic NAT/Firewall operation?
On Wed, Dec 05, 2007 at 11:49:07AM -0500, Chris Smith wrote: > Hello, > > When using OpenBSD only as a NAT router / Firewall with all of the > services in inetd.conf commented out is there any need to enable inetd? Hi Chris. The only service that should (or could,depends on your point of view) be allowed from the internet is IMHO the identd service. Blocking this service may cause some delay because some mailers and irc servers are checking for this service. OTOH it may be considered as a security risc to give strangers valid usernames. (If you need inetd requests from the outside and dont want to give them valid usernames you can install a other identd, e.g. oidentd or just a fakeidentd to return an arbitrary username) > I believe it's no longer necessary for ftp-proxy and want to make sure > I'm not missing anything. I don't run ftp-proxy so I don't know about this, sorry. HTH, Andreas -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: OT: OpenBSD on Asus eeePC
On Wed, Nov 14, 2007 at 01:02:55AM +0200, Alexey Suslikov wrote: Hi Alexey. > Looks like WLAN is Atheros 5212 which is ath(4) under OpenBSD. > See here http://forums.bsdnexus.com/viewtopic.php?pid=16360#p16360 > > About LAN. I think it is Attansic/Atheros L2. It is unsupported as of > 4.2 and -current. There are linux drivers: Thank you for your enlightment ;) > Attansic L1 Gigabit (also can be found on ASUS P5K mainboards) > http://atl1.sourceforge.net/ > > Attansic L2 10/100 (also can be found on ASUS F5R laptops) > http://lwn.net/Articles/218588/ > > Btw, Attansic drivers (according to source code and module naming) > are somehow based on (derived from) Intel drivers. O.K. As long as the WLAN interface is working I have no problem. The CPU is "powerfull" enough to do IPSec so LAN is a "nice to have" for me ;) > Ask developers. Maybe these drivers are easy to port if you'll donate > couple of Eee-PCs. They are so cheap :) H I'm really thinking about this idea ;) Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: OT: OpenBSD on Asus eeePC
On Wed, Nov 14, 2007 at 08:27:00AM +0100, Marc Balmer wrote: > nice to see you have one. can you boot -current and mail the dmesg to > [EMAIL PROTECTED] > > Does anybody know where I could buy such a machine, preferrably in > .ch or .de? Hi Marc. I found only 4 online shops in germany which sells the eee: http://www.arlt.com/index.php?cl=details&anid=3002853 http://www.campuspoint.de/shop/notebooks/notebooks-nach-hersteller/basusb/nach-modellen/eee-pc/asus-asus-eee-pc-black.html http://www.notebook.de/index.php?section=shop&group=734&productid=9474 http://www.t-online-shop.de/tonline/product.do?action=getProductDetail&product=38444 Unfortunately you have to wait several weeks :/ If someone on the list knows where to get a eeePC in .de without waiting several weeks ... contact me offlist ;) So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
OT: OpenBSD on Asus eeePC
Hi. O.k. this question seems to be a little offtopic, but ... ;) Did anyone try to run OpenBSD on Asus new small eeePC? Output of /proc/cpuinfo (1) and lspci (2) can be found here: (1) http://scr3.golem.de/?d=0711/Eee-Test&a=55901&s=9 (2) http://scr3.golem.de/?d=0711/Eee-Test&a=55901&s=10 4 GB Flashdrive and 512MB+ RAM is enough and the CPU is a simple Celeron ... O.K. the Atheros (LAN and WLAN) adapters may be the problem ... So did anyone tried to install OpenBSD on it ? Will it work (of couse! ;) ) but has anyone experience about the nonworking devices ? (esp. the mentioned LAN/WLAN adapters) Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Remove escape characters from file
On Fri, Oct 26, 2007 at 03:45:39PM +0200, Pieter Verberne wrote: > Hi, Hi Pieter. > does OpenBSD have a program/script to remove control characters (escape > sequence) from text files? Do you mean something like the ^M (\r) character ? I recommend using tr, e.g.: tr -d '\r' < name_of_inputfile > name_of_outputfile HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: Loading PF after ppp
On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote: > I connect to the internet using pppoe(8) by putting the following line > in /etc/rc.local.conf: > > ppp -ddial pppoe > > However, the pf rules load before I have an internet connection and > therefore pfctl reports an error. > > How does one load PF after ppp? Hi Amit. I guess pf complains about the non-existant interface. Starting and stopping pf can be done with entries in /etc/ppp/ppp.linkup and /etc/ppp/ppp.linkdown e.g I use: # cat /etc/ppp/ppp.linkup [... snipp ...] ! sh -c "ifconfig pflog0 up" ! sh -c "pfctl -e" ! sh -c "pfctl -f /etc/pf.conf" ! sh -c "/usr/local/bin/svc -u /service/pflogd" [... snipp ...] and # cat /etc/ppp/ppp.linkdown [... snipp ...] ! sh -c "/usr/local/bin/svc -d /service/pflogd" ! sh -c "/usr/local/bin/svc -t /service/pflogd" ! sh -c "pfctl -d" [... snipp ...] I use djbs daemontools to start and stop pflogd, but I think you can also use ! sh -c "/sbin/pflogd" and ! sh -c "pkill pflogd" HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: help needed with laptop hdd
On Mon, Sep 10, 2007 at 05:48:31PM +0200, Henning Brauer wrote: > Hi, > > unfortunately the harddisk in my X40 died. And even worse, I just > learned that the disk in the X40 is kind of special. It is a 1.8" hard > disk that does NOT use the ZIF connector (these are somewhat common) > but the same 44pin connector 2.5" disks use. 1.8" disks with that > connector have only ever been made by Hitachi. I have looked for a disk > up and down all day without success. So, if anyone is able to kind-of > quickly get me a Hitachi HTC426060G9AT00, that would be most welcome > and would allow me to hack when I am at home again ;( > I am in Hamburg/Germany, btw. Hi Henning. Unfortunately my X40 died too (acid from the battery leaked into the system killing half of the keyboard and almost all of the screen :/) But the Harddisk seems to be intact (I could retrieve the data without any problems). I can ship it to you (I from germany too ;). So if you whish contact me offlist. So long, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: sockaddr_in in manpage and /usr/include different
On Tue, Jun 05, 2007 at 05:29:47PM +0200, Karel Kulhavy wrote: > I made a mistake I actually looked on a manpage in a Linux system. But there O.K. Good to hear ^^ > is still a problem, in which manpage on OpenBSD 4.0 is the sockaddr_in > described, then? I tried various ones like ip, socket, bind, and couldn't > find any. Take a look at man 4 inet (man inet will take you to man 3 inet). HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: sockaddr_in in manpage and /usr/include different
On Tue, Jun 05, 2007 at 03:29:52PM +0200, Karel Kulhavy wrote: Hi. > OpenBSD 4.0 man 7 ip says: Thats interesting. On my OpenBSD 4.0 systems I don't have a man 7 ip. I have a man 4 ip instead - and only man 4 ip. Where did your man 7 ip come from? Section 7 of the man pages are dedicated to "Macros and Conventions". What file will be use when you run man 7 ip ? My systems will use: [EMAIL PROTECTED] ~ $ man -w ip /usr/share/man/cat4/ip.0 HTH, Andreas. -- Windows 95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition.
Re: nv(4) driver on nVidia 7600GS card
On 3/1/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: No, but you can already use 7.1 in -current. (To help with testing, obviously, and some stuff is still broken. So it's not a good idea if you want the easy way out. Xenocara, and 7.1, will be merged as soon as 4.1 is sent to the CD guys). You guys rock ! ;) Running xenocara for 8 days and it is amazing! nv driver works like a charm- Although I'm still in the process of rebuilding apps, it is running without any crashes nor problems yet (neither applications nor X). This is sooo awesome ^^ Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Strange behavior with new suse dostro, vista and openbsd vpn tunel
On 3/9/07, Claude Brassel <[EMAIL PROTECTED]> wrote: Hello, I'm using two openbsd VPN gateways between my home and my office, everything work's fine, but .. I have try some new linux distro (opensuse 10.2, mandriva 2007) so if I try to join a host through the vpn it's working only for "small packets" in ex: the telnet login session work's great, but if I try some "ls" or everithing else that produce a big amount of lines the connection will timed out, I have no idea why. The same is for the new vista, on my XP hosts I can do anything (telnet, ssh, remote desktop) but on the new vista (same hardware) I have the same problem as on the linux boxes. Have somebody any idea ? Try lowering the MTU. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: nv(4) driver on nVidia 7600GS card.
On 3/1/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: No, but you can already use 7.1 in -current. (To help with testing, obviously, and some stuff is still broken. So it's not a good idea if you want the easy way out. Xenocara, and 7.1, will be merged as soon as 4.1 is sent to the CD guys). I _LOVE_ to try it from the current tree! ;) (I already use the current tree - except XF4 - because of some problems with the nfe* NICs). I will try it. Many thanks, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: nv(4) driver on nVidia 7600GS card.
On 3/1/07, Sunnz <[EMAIL PROTECTED]> wrote: Hi, I have an nVidia 7600GS Graphics card, and attempted to get it to work with the NV(4) driver. There shall be no hardware problem, as I have tested it with VESA(4) driver, and X -config /root/xorg.conf.new works. This is the monitor that I was trying to get to work: http://support.ap.dell.com/support/edocs/monitors/2407WFP/en/about.htm#Specifications Its modeline has been specified in the xorg.conf.new file. I don't quite get the "warnings" in the log, I have only specified ONE resolution to be used in xorg.conf.new but it is trying all different one's?? Attached dmesg, xorg.conf.new and Xorg.0.log, hope they can help. If you do not prefer attachments I can upload it to a http server instead. Thanks for the help. Hi. Look at your Xorg.0.log file. Your problem is: Fatal server error: Caught signal 8. Server aborting This is not a hardware problem. It is the nv driver. I had similar problems with my 7800GS. The thread was discussed here: http://marc.theaimsgroup.com/?l=openbsd-misc&m=116017301426487&w=2 As a workaround you have to use the vesa driver till we have X 7.x HTH, Andreas. P.S.: By the way ... will we switch to X 7.x in 4.1 ? The vesa driver can be annoying, because I can't watch movies in fullscreen with mplayer. ;) -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: OpenBSD as Virtualbox guest
On 2/27/07, Peter <[EMAIL PROTECTED]> wrote: I'm looking for comments from people who have installed OpenBSD 4.0 as a Virtualbox guest. I am currently running Virtualbox 1.3.6 on Gentoo Linux 2006.1. The manual does not mention OBSD as guest even though their website states that it is possible. My main question is how to create an OBSD image since it seems that I need an ISO image. You can fetch a installation iso (cd40.iso) from a mirror and install via network. Or support OpenBSD and buy the CD sets ^^ Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: hot spot with OBSD 4.0
On 2/22/07, earx <[EMAIL PROTECTED]> wrote: Le Thu, 22 Feb 2007 16:22:35 +0700 sonjaya <[EMAIL PROTECTED]> a pris sa plume: > more secure more better , i would happy if you want share to all . if it is just for you and familly/friends authpf and openvpn is the solution Right. My access point is only for my friends, but never the less it uses ipsec. Because openvpn was too easy and any unexperienced user can setup a vpn with openvpn. So we decided we are experienced users and used ipsec (with certificates) ;) So I can (and will) contribute a a AP with WEP+ipsec (not with ipsec.conf) and configurations for OpenBSD and Linux clients (I'm still working on WinDOS XP). Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: hot spot with OBSD 4.0
On 2/22/07, sonjaya <[EMAIL PROTECTED]> wrote: more secure more better , i would happy if you want share to all . Thats the right attitude! ;) O.K. I will dump my /dev/brain into a documentation and put it online today or tomorrow. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: hot spot with OBSD 4.0
On 2/22/07, sonjaya <[EMAIL PROTECTED]> wrote: Dear all Very newbie question : How to setup OBSD 4.0 become hotspot machine , any link to start over beside google. Hi. Depends on your setup. Which card? Which encryption? WEP 64Bit? 128Bit? Do you plan to use ipsec as an additional encryption layer? There is some documentation inside my /dev/brain (and not written down yet). Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: FuzzyOCR on OpenBSD?
On 2/16/07, Peter <[EMAIL PROTECTED]> wrote: I'm looking for guidance in installing the FuzzyOCR SA plugin on OpenBSD 4.0. Has anyone done this? Hi. The basic steps (for debian) are documented here: http://www200.pair.com/mecham/spam/image_spam2.html AFAIK, I installed every required program from ports except orcad and the -required, but not mentioned - Perl module String::Approx (from cpan.org) HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: remove sendmail/install postfix
On 2/3/07, Toni Mueller <[EMAIL PROTECTED]> wrote: Hi. I dislike the mailwrapper and instead adjust the link in /usr/sbin/sendmail to point to the "real" sendmail program. But doing the mailwrapper thing is probably the safe(r) way to go. I also don't "need" (nor get) the mailq etc functionality wrapped... This will work too. But the mailwraper provides a more generic way for OpenBSD to use mail without dealing much about the uses mail system. (sendmail,postfix,exim,qmail, ...) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Out of Office AutoReply:
Respect! 1 line greeting 3 lines message 2 lines regards and 20 LINES OF STUPID DISCLAIMER ! (sorry couldn't resist ;) On 2/2/07, Richard Francis <[EMAIL PROTECTED]> wrote: Thank you for your email. I am currently out of the office until Monday the 12th of February and will have no access to emails until then. If you have an urgent requirement please contact Ruth Hardacre on +44 161 772 7100. Regards Richard This communication is confidential and the information in it may not be used or disclosed except for the purpose for which it has been sent. If you are not the intended recipient, please contact the sender immediately and delete this message from your system. Do not open or store any attachments. Opinions, conclusions and statements of intent contained in this communication are those of the sender and not Amcat unless confirmed independently of this message. Computer viruses can be transmitted by email and Amcat do not accept any responsibility for their presence. Whilst all reasonable measures have been taken to scan this email for known viruses, it is the responsibility of the recipient to check this email and any attachments. Please note that communication sent to and from Amcat is routinely monitored for record keeping, quality control and training purposes in order to ensure regulatory compliance and prevent viruses and unauthorised use of Amcat's computer systems. Amcat Ltd Registered in England. Reg No. 03869504 European Development Centre, 11 Commerce Way, Westinghouse Road, Manchester, M17 1HW This disclaimer was brought to you by a trial version of mxClaim from www.mxclaim.com -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Troubles with nfe0 and system freezes with MP kernel
On 2/1/07, Srebrenko Sehic <[EMAIL PROTECTED]> wrote: > the problem remains. You should try 2 different things. 1) Get the latest -current and try that. I think some fixes went into post 4.0 for the nfe(4) driver which might fix your issue. Sure. Thats the first thing I will do. 2) nfe(4) phy has "issues" with 10 mbit. You should try 1gbit and make sure to set the full-duplex mode. I remember havning an nfe(4) system which whould not work unless I forced mediaopt mode to full-duplex. Nope. The card is connected with 1000MBit. I remembered a problem in the Linux driver which locks the system when running with 10 or 100 MBit and autonegotiation was set to off (and duplexmode and speed were set manually). This problem went away using autonegotiation. Anyway, I will try the latest -cuurent this weekend. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Troubles with nfe0 and system freezes with MP kernel
Hi. Last week I got a fresh system (my old system died) and so I had to install. The system is a DualCore AMD64 X2 4600+ with integrated NVIDIA NICs (nfe0 and nfe1) and build in NVIDIA RAID. (for details see dmesg below) The first problem I ran into was the problem with the onboard NICs. I had to boot about 20 or 30 times to get networking working (read get a DHCP lease). Usually the network starts, dhclient tries to obtain a IP address and fails after about 5 sec. with "nfe0: watchdog timeout". I tried the latest CVS snapshot yesterday (it wasn't that fun to fetch it without a sporadic working NIC) but the problem remains. The second problem is the permanent system freeze without any error (or kernel panic) after some minutes when using the MP kernel. At first I suspected a borken RAM, but I had no problems building Gentoolinux from stage1 and memtest reports no error. Curiously the problem disappears when I boot the "vanilla" (read non-SMP) kernel. I will look for a old 3com card tomorrow and install it so I can at least fetch the new CVS tree ;) Is there anyone out there who can point me to a possible solution of these problems? (A SMP system would be nice but I can live with the non-SMP kernel but the network issue is driving me nuts ;) Andreas. dmesg: OpenBSD 4.0 (GENERIC.MP) #967: Sat Sep 16 20:38:15 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 2146881536 (2096564K) avail mem = 1835012096 (1792004K) using 22937 buffers containing 214896640 bytes (209860K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xfb990 (54 entries) bios0: MSI MS-7250 mainbus0: Intel MP Specification (Version 1.4) (nVidia MCP55 ) cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+, 2412.72 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: apic clock running at 201MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+, 2412.37 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,NXE,MMXX,FFXSR,LONG,3DNOW2,3DNOW cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative mpbios: bus 0 is type PCI mpbios: bus 1 is type PCI mpbios: bus 2 is type PCI mpbios: bus 3 is type PCI mpbios: bus 4 is type PCI mpbios: bus 5 is type PCI mpbios: bus 6 is type PCI mpbios: bus 7 is type PCI mpbios: bus 8 is type ISA ioapic0 at mainbus0 apid 2 pa 0xfec0, version 11, 24 pins pci0 at mainbus0 bus 0: configuration mode 1 "NVIDIA MCP55 Memory" rev 0xa1 at pci0 dev 0 function 0 not configured pcib0 at pci0 dev 1 function 0 "NVIDIA MCP55 ISA" rev 0xa2 nviic0 at pci0 dev 1 function 1 "NVIDIA MCP55 SMBus" rev 0xa2 iic0 at nviic0 iic1 at nviic0 "unknown" at iic1 addr 0x2f not configured admtemp0 at iic1 addr 0x4c: gl523sm ohci0 at pci0 dev 2 function 0 "NVIDIA MCP55 USB" rev 0xa1: apic 2 int 10 (irq 10), version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: NVIDIA OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 10 ports with 10 removable, self powered ehci0 at pci0 dev 2 function 1 "NVIDIA MCP55 USB" rev 0xa2: apic 2 int 11 (irq 11) usb1 at ehci0: USB revision 2.0 uhub1 at usb1 uhub1: NVIDIA EHCI root hub, rev 2.00/1.00, addr 1 uhub1: 10 ports with 10 removable, self powered pciide0 at pci0 dev 4 function 0 "NVIDIA MCP55 IDE" rev 0xa1: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable atapiscsi1 at pciide0 channel 0 drive 1 scsibus1 at atapiscsi1: 2 targets cd1 at scsibus1 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 cd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 5 function 0 "NVIDIA MCP55 SATA" rev 0xa2: DMA pciide1: using apic 2 int 5 (irq 5) for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1 at pciide1 channel 1 drive 0: wd1: 16-sector PIO, LBA48, 238475MB, 488397168 sectors wd1(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5 pciide2 at pci0 dev 5 function 1 "NVIDIA MCP55 SATA" rev 0xa2: DMA pciide2: using apic 2 int 11 (irq 10) for native-PCI interrupt pciide3 at pci0 dev 5 fu
Re: remove sendmail/install postfix
On 2/1/07, David B. <[EMAIL PROTECTED]> wrote: hi, hate to bother, but... I looked around on the net and couldn't find a howto on howto uninstall sendmail, the default in 3.8, and then install postfix. You don't need to do this (well at least on OpenBSD). Just install postfix form the ports. It will tell you what to do to enable postfix and disable sendmail: [... snipp ...] ===> Installing postfix-2.3.3 from /usr/ports/packages/i386/all/ postfix-2.3.3: complete --- postfix-2.3.3 --- -> Creating /etc/mailer.conf.postfix -> Creating Postfix spool directory and chroot area under /var/spool/postfix Warning: you still need to edit myorigin/mydestination/mynetworks parameter settings in /etc/postfix/main.cf. See also http://www.postfix.org/faq.html for information about dialup sites or about sites inside a firewalled network. BTW: Check your /etc/mail/aliases file and be sure to set up aliases that send mail for root and postmaster to a real person, then run /usr/local/sbin/newaliases. +--- | Configuration files has been installed in /etc/postfix. | Please update these files to meet your needs. +--- +--- | Postfix can be set up to replace sendmail entirely. Please read the | documentation at file:/usr/local/share/doc/postfix/html/index.html or | http://www.postfix.org/ carefully before you decide to do this! | | To replace sendmail with postfix you have to install a new mailer.conf | using the following command: | | /usr/local/sbin/postfix-enable | | If you want to restore sendmail, this is done using the following command: | | /usr/local/sbin/postfix-disable +--- [... snipp ...] I know how to install postfix, but how do you completely remove sendmail, since it isn't a package where I can just pkg_delete it? Because its in the base system. my understanding is that postfix and sendmail aren't friendly on the same box, and I've found quite a few articles that strongly suggest removing sendmail if you've chosen to use postfix. Why not having sendmail and postfix on a box. As long as the right executables are installed for the current mail system, there is no problem ... HTH, Andreas -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Block device required
On 12/19/06, Greg Thomas <[EMAIL PROTECTED]> wrote: How do you know it's i? disklabel wd1 Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Block device required
On 12/19/06, ibanex22 <[EMAIL PROTECTED]> wrote: Hi. mount_ext2fs: /dev/rwd1c on /mnt: Block device required Of cause! rwd1c is a charcter device, not a block device: $ ls -l /dev/rwd1c crw-r- 1 root operator3, 18 Dec 9 12:03 /dev/rwd1c You have to use wd1c instead, which is a block device: $ ls -l /dev/wd1c brw-r- 1 root operator0, 18 Dec 9 12:03 /dev/wd1c fdisk /dev/rwd1c returns: ... make sure you don't mistake fdisk for disklabel. fdisk on OpenBSD is way different than on Linux. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: 64-bit Linux Emulation on AMD64?
On 12/19/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Hi Alex. Hello, I've got a fresh new 4.0/AMD64 system installed, and after sitting down Congratulations ;) to add Linux binary compatibility, I see that it apparently doesn't exist on this platform. After some archive digging, it doesn't appear that the idea has been thoroughly discussed, especially since adding 32-bit Linux binary support would be difficult at best (http://marc.theaimsgroup.com/?l=openbsd-misc&m=109036873227847&w=2). Unfortunately Linux compatbility is for i386 only - from options(4): option COMPAT_LINUX On those architectures that support it, this enables binary compatibility with Linux ELF and a.out applications built for the same architecture. This option is supported on the i386 architecture. See compat_linux(8). Although I would love to see compatibilty for Linux 64Bit (amd64 - not ia64 ;) on OpenBSD, I can live without it. If there applications that ships _only_ with Linux binaries - and without source code to compile for myself - I consider this apps as "BLOB"s and BLOBs are bd! ^^ Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Problems in my wireless card
On 12/18/06, Eduardo Jorge <[EMAIL PROTECTED]> wrote: Hi. This is my dmesg OpenBSD 4.0 (NEIN) #0: Sun Dec 17 05:20:14 BRST 2006 ^ At first. Before you post make sure you use a GENERIC kernel (because we can only guess what option your kernel uses). vendor "Atheros", unknown product 0x001a (class network subclass ethernet, rev 0x01) at pci1 dev 5 function 0 not configured As you can see your card vendor is recognized but not the card itself. It is not supported by OpenBSD. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: 4.0 frozen
Hi Stephen. On 12/17/06, Stephen Schaff <[EMAIL PROTECTED]> wrote: wd0(pciide1:0:0): timeout type: ata c_bcount: 65536 c_skip: 0 pciide1:0:0: bus-master DMA error: missing interrupt, status=0x21 wd0d: device timeout reading fsbn 234162112 of 234162112-234162239 (wd0 bn 235334857; cn 14648 tn 233 sn 58), retrying wd0: soft error (corrected) wd0(pciide1:0:0): timeout type: ata c_bcount: 65536 c_skip: 0 pciide1:0:0: bus-master DMA error: missing interrupt, status=0x21 wd0d: device timeout reading fsbn 234997440 of 234997440-234997567 (wd0 bn 236170185; cn 14700 tn 233 sn 6), retrying wd0: soft error (corrected) wd0(pciide1:0:0): timeout type: ata c_bcount: 65536 c_skip: 0 pciide1:0:0: bus-master DMA error: missing interrupt, status=0x21 wd0d: device timeout reading fsbn 235719872 of 235719872-23571 (wd0 bn 236892617; cn 14745 tn 225 sn 17), retrying wd0: soft error (corrected) I guess wd0 holds your root file system, right? I had the same problem with my OpenBSD access point over one year ago. After replacing the disk my system works like a charm :) I suggest that you replace the dying harddisk with a new one and give it a try. HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Moving a 100GB directory tree with lots of hardlinks
Ahhh I was enlightened by you and Andy Hayward ;) If it is memory consumption is the problem, adding a swapfile via swapon could help. Andreas. On 12/15/06, Jaye Mathisen <[EMAIL PROTECTED]> wrote: You might need to compile a kernel with a large default data segment size, make sure tmp has enough room, or set TMPDIR/TEMPDIR for restore. Dump/resture should DTRT. rsync -H will as well, but again, going back to needing lots of memory to store all that hardlink info... On Fri, Dec 15, 2006 at 11:04:25PM +0100, Andreas Maus wrote: > Hi. > > Just a wild guess ... > Do you tried rsync? > (Although I don't know how rsync deals with _hard_ links). > > HTH, > > Andreas. > > > On 12/15/06, Matthias Bertschy <[EMAIL PROTECTED]> > wrote: > >OpenBSD 3.7 - i386 > >Pentium 4 3GHz - 1GB RAM - 2GB swap > > > >Hello list, > > > >For the past 3 weeks, I have been working on a difficult problem: moving > >a backuppc (http://backuppc.sourceforge.net/) pool from a RAID0 to a big > >disk, in order to free the RAID0 before rebuilding a RAID5. > > > >The RAID0 has one partition, its size is 2112984700 blocks (512-blocks), > >roughly 1008GB, which is close to the maximum allowed by ffs. The big > >disk is 300GB. > > > >I need to move 96GB of data which are, due to backuppc design, full of > >hardlinks! > > > >So far, I have tried to use: > >1) dd: impossible because the partitions cannot be the same size > >(and the RAID5 won't be the same size as the RAID0) > >2) pax -rw: after transferring almost 70GB, it bails out with a > >"Segmentation fault" > >3) tar to archive: after something like 60GB, it complains with some > >"file name too long" errors > >4) gtar to archive (from package gtar-1.15.1p0-static.tgz): ends up > >with a "gtar: memory exhauted" error > >5) dump to file: successful but > >5') restore from file: stops even before starting due to a "no > >memory for entry table" error (there is still a lot of unused memory and > >swap - and no ulimit) > > > >Any help is appreciated because I really don't know what to do next. > > > >Matthias Bertschy > >Echo Technologies SA > > > > > > > -- > Hobbes : Shouldn't we read the instructions? > Calvin : Do I look like a sissy? > > > !DSPAM:45831ea2743981250431860! > -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Moving a 100GB directory tree with lots of hardlinks
Hi. Just a wild guess ... Do you tried rsync? (Although I don't know how rsync deals with _hard_ links). HTH, Andreas. On 12/15/06, Matthias Bertschy <[EMAIL PROTECTED]> wrote: OpenBSD 3.7 - i386 Pentium 4 3GHz - 1GB RAM - 2GB swap Hello list, For the past 3 weeks, I have been working on a difficult problem: moving a backuppc (http://backuppc.sourceforge.net/) pool from a RAID0 to a big disk, in order to free the RAID0 before rebuilding a RAID5. The RAID0 has one partition, its size is 2112984700 blocks (512-blocks), roughly 1008GB, which is close to the maximum allowed by ffs. The big disk is 300GB. I need to move 96GB of data which are, due to backuppc design, full of hardlinks! So far, I have tried to use: 1) dd: impossible because the partitions cannot be the same size (and the RAID5 won't be the same size as the RAID0) 2) pax -rw: after transferring almost 70GB, it bails out with a "Segmentation fault" 3) tar to archive: after something like 60GB, it complains with some "file name too long" errors 4) gtar to archive (from package gtar-1.15.1p0-static.tgz): ends up with a "gtar: memory exhauted" error 5) dump to file: successful but 5') restore from file: stops even before starting due to a "no memory for entry table" error (there is still a lot of unused memory and swap - and no ulimit) Any help is appreciated because I really don't know what to do next. Matthias Bertschy Echo Technologies SA -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: dhcpd question
Hi Richard. > yes, "don't" :) True. > You could write a simple script to modify dhcpd.conf as needed, but I set I don't recommend that. A little typo or unexpected error and all your clients are unable to resolve or even get a lease - depending on the errors the script introduces. This happens to me some years ago :/ Very true :-) long time back I did this on my firewalls http://cr.yp.to/djbdns/install.html http://cr.yp.to/djbdns/run-cache-x.html I installed djbdns/dnscache from DJB some years ago because of this problem. It gives you a DNS cache too so you clients DNS lookups will speed up, especially if your line to your ISP is nearly saturated. I used a real old Pentium 120 with 64MB RAM and give the DNS cache about 30 MB and that was a good thing (tm) for my small network (5 active users). Although the djbdns is a old package, it is reliable and secure with a small memory footprint. (It is not in the ports because of the copyright issues I guess). you could use bind that comes with the base also :-) Thats also a solution. But for small LANs I recommend djbdns because I am a "DJB fanatic" ;) HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: STUPID file permission question
On 12/13/06, stupidmail4me <[EMAIL PROTECTED]> wrote: Hi. My username is foo and primary group is therefore also foo. I am also in the group bar. Did you logout and login again after adding yourself to the group "bar"? If not do so. Whats the output of id? I have a directory called "anything" owned by bar:bar. It's permissions are 770. Why can't I traverse it's tree? Doesn't my being in the bar group allow me with the second 7 to traverse anything's tree? Depends on the permissions of the upper directory. e.g. if the directory is /home/bar/foo_bar and /home/bar is only readable+executable for user bar (read 0700) you are not allowed to enter this directory and so you can't enter any directories below that dir. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: autoconf error message suggestion
On 12/12/06, Karel Kulhavy <[EMAIL PROTECTED]> wrote: Hi. > You are kidding, aren't you ? No. o.k. > csh/tcsh uses setenv and sh/ksh/bash uses export No I mean explanation how the user obtains a list of available numbers and how to select from them. Short answer: [EMAIL PROTECTED] ~ $ ls -l /usr/local/bin/autoconf-* -r-xr-xr-x 1 root bin 4853 Jul 28 09:59 /usr/local/bin/autoconf-2.13 -r-xr-xr-x 1 root bin 7686 Jun 27 16:38 /usr/local/bin/autoconf-2.57 -r-xr-xr-x 1 root bin 7674 Jun 27 16:35 /usr/local/bin/autoconf-2.59 Or you can use pkg_info to get a more detailed output: [EMAIL PROTECTED] ~ $ pkg_info autoconf Information for autoconf-2.13p0 Comment: automatically configure source code on many Un*x platforms Description: Autoconf is an extensible package of m4 macros that produce shell scripts to automatically configure software source code packages. These scripts can adapt the packages to many kinds of UNIX-like systems without manual user intervention. Autoconf creates a [EMAIL PROTECTED] ~ $ pkg_info autoconf | head -n 20 Information for autoconf-2.13p0 Comment: automatically configure source code on many Un*x platforms Description: Autoconf is an extensible package of m4 macros that produce shell scripts to automatically configure software source code packages. These scripts can adapt the packages to many kinds of UNIX-like systems without manual user intervention. Autoconf creates a configuration script for a package from a template file that lists the operating system features that the package can use, in the form of m4 macro calls. The FSF would make you believe that only gnu-m4 can handle autoconf. This is no longer true. This package does not depend on gnu-m4. This is autoconf-2.13. The actual autoconf drivers for selecting autoconf version are in [... snipp ...] > No, because you should have at least basic Un*x knowledge. I have a basic Unix knowledge. Do you think that someone who wrote 25% of a graphical web browser that runs on the following platforms: [... snipp ...] PMShell, AtheOS GUI, doesn't have a basic Unix knowledge? Honestly, I dont care about that. I don't understand what's the point in refusing to do this - this looks like some kind of OpenBSD script and it should be easy to change the text it prints, shouldn't? I guess the work will be minimal and the benefit will be obvious. Sure. The file is not brand new: [EMAIL PROTECTED] ~ $ head /usr/local/bin/autoconf #! /bin/sh # $OpenBSD: meta.in,v 1.3 2004/11/08 22:00:09 mbalmer Exp $ # Copyright (c) 2003,2004 Marc Espie. # You can make the changes, update the corresponding package (metaauto-0.5) and commit the changes after testing. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
OpenBSD 4.0 seems to be very picky about USB mass storage devices
Hi * ! After upgrading my X40 from 3.9 to 4.0 I have problems mounting a specific USB stick. Running OpenBSD 3.9 I see some errors when accessing this USB stick after it is plugged in: sd1 at scsibus2 targ 1 lun 0: SCSI2 0/direct removable sd1: 62MB, 62 cyl, 64 head, 32 sec, 512 bytes/sec, 127744 sec total sd1(umass1:1:0): Check Condition (error 0x70) on opcode 0x0 SENSE KEY: Not Ready ASC/ASCQ: Medium Not Present But I can mount the stick. After upgrading to OpenBSD 4.0 the system sets the USB mass storage device to offline: umass0 at uhub3 port 3 configuration 1 interface 0 umass0: vendor 0x0204 product 0x6025, rev 2.00/1.00, addr 2 umass0: using SCSI over Bulk-Only scsibus0 at umass0: 2 targets sd0 at scsibus0 targ 1 lun 0: SCSI2 0/direct removable sd0: drive offline And of cause this action I am not able to access the USB stick: # disklabel sd0 disklabel: ioctl DIOCGDINFO: Input/output error Using an othe USB stick - which doesnt print the "Medium Not Present" on OpenBSD 3.9 - there is no problem with this stick: umass0 at uhub3 port 3 configuration 1 interface 0 umass0: TTI-WDE U20 Mobile Disk, rev 2.00/2.00, addr 2 umass0: using SCSI over Bulk-Only scsibus0 at umass0: 2 targets sd0 at scsibus0 targ 1 lun 0: SCSI2 0/direct removable sd0: 125MB, 125 cyl, 64 head, 32 sec, 512 bytes/sec, 256000 sec total Is it possible to enforce a "more relaxed" handling of the problematic USB stick or should I just backup the data (under OpenBSD 3.9) and throw the stick away? Thanks for your help. Andreas. P.S.: OpenBSD 3.9 and 4.0 are using the GENERIC kernel. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: bridge with nat
Hi. On 12/5/06, Roberto Pereyra <[EMAIL PROTECTED]> wrote: can I use OpenBSD to bridge two wireless interfaces and use nat in one ? No. A simple answer ;) A bridge forwards packets on layer 2 based on their MAC. NAT rewrites packets at layer 3. Or do you bridge two wireless interfaces and do NAT on a other non-bridged interface? Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: [EMAIL PROTECTED]: ET1310 Documentation]
On 12/4/06, Martin Schrvder <[EMAIL PROTECTED]> wrote: And now they have been bought by LSI. :-) http://www.lsi.com/news/corporate_news/2006_12_04.html So there is hope that LSI will release specifications :) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Openldap
On 12/4/06, Dr. Harry Knitter <[EMAIL PROTECTED]> wrote: Hi. trying to get Openldap running I got the following problems: Starting slapd results in unrecognized database bdb (should be the standard database for openldap) If you want openldap with bdb use bdb-flavor, e.g.: root@@nergal /usr/ports/databases/openldap # env FLAVOR=bdb make install HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: autoconf error message suggestion
Hi. On 12/4/06, Karel Kulhavy <[EMAIL PROTECTED]> wrote: [EMAIL PROTECTED]:~$ autoconf Provide an AUTOCONF_VERSION environment variable, please Yes. Just do it. e.g.: [EMAIL PROTECTED]:~ $ env | grep AUTO AUTOMAKE_VERSION=1.9 AUTOCONF_VERSION=2.59 I suggest this error message to be extended with a pointer to information how to set this environment variable. As I wrote, I didn't find any manpage You are kidding, aren't you ? Setting up environment variables depends on your shell. csh/tcsh uses setenv and sh/ksh/bash uses export but maybe there is some URL explaining this topic. No, because you should have at least basic Un*x knowledge. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: [EMAIL PROTECTED]: ET1310 Documentation]
Hi. Thanks for the information. If I see any of their products on a list for my customer I will _strongly_ vote against their product - independant of used the OS. On 11/28/06, Jonathan Gray <[EMAIL PROTECTED]> wrote: This is an example of us trying to talk to a vendor and being totally shut down. Not only did they license the PCI express and MAC portions, but they don't want to help us to support their products at all. No information, no people to talk to, nothing. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: problem with 003_systrace.patch
On 11/22/06, Andreas Maus <[EMAIL PROTECTED]> wrote: |And then rebuild your kernel. *ahem* Do you have the kernel sources (sys.tar.gz) installed in /usr/src/sys ? Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: problem with 003_systrace.patch
On 11/22/06, martin g <[EMAIL PROTECTED]> wrote: if it is allready patched i have the latest sources. is this possible Nope. If it is already patched you will see something like this: # cd /usr/src # patch -p0 < 4.0/common/003_systrace.patch Hmm... Looks like a unified diff to me... The text leading up to this was: -- |Apply by doing: | cd /usr/src | patch -p0 < 003_systrace.patch | |And then rebuild your kernel. | |Index: sys/dev/systrace.c |=== |RCS file: /cvs/src/sys/dev/systrace.c,v |retrieving revision 1.42 |retrieving revision 1.42.2.1 |diff -u -p -r1.42 -r1.42.2.1 |--- sys/dev/systrace.c 28 May 2006 17:06:38 - 1.42 |+++ sys/dev/systrace.c 1 Nov 2006 20:03:35 - 1.42.2.1 -- Patching file sys/dev/systrace.c using Plan A... Reversed (or previously applied) patch detected! Assume -R? [y] ^C# Andreas. P.S.: Please Cc to the list. Maybe there are other guys/girls out there who could give you a clue. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: problem with 003_systrace.patch
On 11/22/06, martin g <[EMAIL PROTECTED]> wrote: Hello all when i apply this patch system asks me File to patch: what should i enter here Hi. Nothing. You are a) not standing in /usr/src (read the first few lines from the patch file) or b) you don't have anythin under /usr/src Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Problems applying 002_openssl.patch for OpenBSD 4.0
Hi Allie. Thanks. Clearing /usr/obj did it. I guess running make clean (as suggested by Christopher <[EMAIL PROTECTED]>) would also a solution. Thanks, Andreas. On 11/12/06, Allie D. <[EMAIL PROTECTED]> wrote: rm -rf /usr/obj/* and then try again. P.S. I have an error code 71 on one of my boxes on the make install...think my disk is now full of cruft from countless upgrades, it's time to wipe it and start over. -- ~Allie D. On Sun, November 12, 2006 09:28, Andreas Maus wrote: > Hi. > > After updating from OpenBSD 3.9 to 4.0 I extracted the new tarballs > src.tar.gz and sys.tar.gz and got the patches for OpenBSD 4.0 > from openbsd.org/errata.html > > I had no problem applying the patches except for 002_openssl which > stops while "make" with: > > # make > [... snipp ...] > ===> crypto > cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H > -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM > -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 > -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER > -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC > -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA > -I/usr/src/lib/libssl/crypto/../src > -I/usr/src/lib/libssl/crypto/../src/crypto > -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM > -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c > /usr/src/lib/libssl/src/crypto/rsa/rsa_eay.c -o rsa_eay.o > cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H > -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM > -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 > -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER > -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC > -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA > -I/usr/src/lib/libssl/crypto/../src > -I/usr/src/lib/libssl/crypto/../src/crypto > -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM > -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c > /usr/src/lib/libssl/src/crypto/rsa/rsa_err.c -o rsa_err.o > cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H > -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM > -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 > -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER > -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC > -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA > -I/usr/src/lib/libssl/crypto/../src > -I/usr/src/lib/libssl/crypto/../src/crypto > -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM > -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c -o rsa_x931.o > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c: In function > `RSA_X931_hash_id': > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: `NID_sha256' > undeclared (first use in this function) > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: (Each > undeclared identifier is reported only once > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: for each > function it appears in.) > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:168: error: `NID_sha384' > undeclared (first use in this function) > /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:171: error: `NID_sha512' > undeclared (first use in this function) > *** Error code 1 > > Stop in /usr/src/lib/libssl/crypto. > *** Error code 1 > > Stop in /usr/src/lib/libssl. > > All previous commands for this patch ( cd lib/libssl, > make obj make depend make includes ) didn't produce > any errors. > > Can someone give me some hints about this? > > Thanks, > > Andreas. > > -- > Hobbes : Shouldn't we read the instructions? > Calvin : Do I look like a sissy? -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Problems applying 002_openssl.patch for OpenBSD 4.0
Hi. After updating from OpenBSD 3.9 to 4.0 I extracted the new tarballs src.tar.gz and sys.tar.gz and got the patches for OpenBSD 4.0 from openbsd.org/errata.html I had no problem applying the patches except for 002_openssl which stops while "make" with: # make [... snipp ...] ===> crypto cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA -I/usr/src/lib/libssl/crypto/../src -I/usr/src/lib/libssl/crypto/../src/crypto -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_eay.c -o rsa_eay.o cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA -I/usr/src/lib/libssl/crypto/../src -I/usr/src/lib/libssl/crypto/../src/crypto -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_err.c -o rsa_err.o cc -O2 -pipe -g -DL_ENDIAN -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_IDEA -DTERMIOS -DANSI_SOURCE -DNO_ERR -DOPENSSL_NO_ASM -DOPENSSL_NO_RC5 -DOPENSSL_NO_KRB5 -DOPENSSL_NO_MDC2 -DNO_WINDOWS_BRAINDEATH -DOPENSSL_NO_HW_CSWIFT -DOPENSSL_NO_HW_NCIPHER -DOPENSSL_NO_HW_ATALLA -DOPENSSL_NO_HW_NURON -DOPENSSL_NO_HW_UBSEC -DOPENSSL_NO_HW_AEP -DOPENSSL_NO_HW_SUREWARE -DOPENSSL_NO_HW_4758_CCA -I/usr/src/lib/libssl/crypto/../src -I/usr/src/lib/libssl/crypto/../src/crypto -I/usr/src/lib/libssl/crypto/obj -DAES_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENBSD_CAST_ASM -DOPENBSD_DES_ASM -c /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c -o rsa_x931.o /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c: In function `RSA_X931_hash_id': /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: `NID_sha256' undeclared (first use in this function) /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: (Each undeclared identifier is reported only once /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:165: error: for each function it appears in.) /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:168: error: `NID_sha384' undeclared (first use in this function) /usr/src/lib/libssl/src/crypto/rsa/rsa_x931.c:171: error: `NID_sha512' undeclared (first use in this function) *** Error code 1 Stop in /usr/src/lib/libssl/crypto. *** Error code 1 Stop in /usr/src/lib/libssl. All previous commands for this patch ( cd lib/libssl, make obj make depend make includes ) didn't produce any errors. Can someone give me some hints about this? Thanks, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Problem when apply 001_httpd.patch
Hi. So whats your question/problem ? Andreas. On 11/9/06, Maverick <[EMAIL PROTECTED]> wrote: Hi i am trying to apply the 001 patch What i have done is cd /usr/src patch -p0 < 001_httpd.patch and i come back to me as: Hmm... Looks like a unified diff to me... The text leading up to this was: -- |Apply by doing: | cd /usr/src | patch -p0 < 001_httpd.patch | |And then rebuild and install httpd and its modules: | cd usr.sbin/httpd | make -f Makefile.bsd-wrapper obj | make -f Makefile.bsd-wrapper cleandir | make -f Makefile.bsd-wrapper depend | make -f Makefile.bsd-wrapper | make -f Makefile.bsd-wrapper install | -- View this message in context: http://www.nabble.com/Problem-when-apply-001_httpd.patch-tf2603928.html#a7265560 Sent from the openbsd user - misc mailing list archive at Nabble.com. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Bizarre Abort Trap on sparc64
Hi. On 11/9/06, Edd Barrett <[EMAIL PROTECTED]> wrote: Same again. This time i noted when it started happening. After tar zxvf src.tar.gz -C /usr . At this point I assumed bad hardware and bought a new box. *ahem* You shoul untar src.tar.gz to /usr/src not /usr. Untarring the file to /usr will overwrite your binaries (e.g. tar) with the _directories_ (e.g. bin/tar/) and this will confuse the system. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: How do I convert a man page to PS or PDF?
On 10/20/06, Sevan / Venture37 <[EMAIL PROTECTED]> wrote: > man2ps http://spectral.mscs.mu.edu/USA2005/examples/man2ps/ or use man2web from ports & print off the html files? Why install extra packages? groff is capable of converting man pages to ps (-Tps) and HTML (-Thtml) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: How do I convert a man page to PS or PDF?
*ahem* Using a man page from /usr/src is not that good :) Try e.g. /usr/share/man/cat4/em.0 Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: How do I convert a man page to PS or PDF?
Hi Steve. On 10/20/06, Steve B <[EMAIL PROTECTED]> wrote: I'm leaving on vacation and wanted to have something to read on the plane and at the beach. How can I convert a couple of man pages into either PS or PDF so that I can print them? Thats easy ;) To convert a man page you just have to find the file and use the -T parameter of groff. e.g. convert man (4) em to a PS file: groff -Tps /usr/src/share/man/man4/em.4 > em.ps if you have ps2pdf installed you can pipe the groff -Tps output directly into it: e.g. groff -Tps /usr/src/share/man/man4/em.4 | ps2pdf - em.pdf HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: web browsing
Hi. i have a pppoe conn. to my isp and i managed to get it working. Working from which host? The gateway or an internal host. on the internal interface rl1 my hostname.rl1 looks like this: inet 192.168.0.1 255.255.255.0 NONE Assuming your interface rl1 is up ... 1. Is my hostname.rl1 OK do i have to add an alias for client( XP ) comp Is IP forwarding enabled? (Check by running sysctl net.inet.ip.forwarding) If not enable it. 2. what would be the NAT rule in my case I tried the rule from pf - NAT section and pf - firewall for home of small office and it doesnt work Whats your internal and whats your external interface? My internal interface is xl0 and my external tun0 and so this NAT line works for me: ext_if="tun0" int_if="xl0" nat on $ext_if from $intranet to any -> $ext_if HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: PPP problems
Hi. On 10/16/06, Monah Baki <[EMAIL PROTECTED]> wrote: Hi All, I'm running PPP on OpenBSD 3.9, machine runs great for 3-4 weeks and then disconnects then I have to restart PPP for it to work. Is this normal, is I think thats normal. My PPPoE connection will be terminated every 24 hours by my ISP :/ there a way to keep it up indefinitely? Sure. You can place the call in the /etc/inittab or use e.g. daemontools ( http://cr.yp.to/daemontools.html ) to restart it automagically. HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: PPP problems
HI. You can place the call in the /etc/inittab or use e.g. daemontools ( http://cr.yp.to/daemontools.html ) to restart it automagically. By the way you have to keep the dialin command in the foreground. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi. On 10/13/06, Matthias Kilian <[EMAIL PROTECTED]> wrote: > to the kismet developers. Unfortunately, i've no ath(4) available. I'll see wether I can do something next week. I'll also drop a mail to upstream. It would be nice if other people could verify wether this is really ath(4) specific (afaik, at least wi(4) and ral(4) are fine). Tested with an RALink card (RaLink RT2500) and it kismet works with this card. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Kismet - Propably problems with ath0 (IBM brand)?
Hi Sebastian. On 10/13/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Hello everybody, [... snipp ...] Yes this is a problem with kismet (even the current svn snapshot). It was already mentioned a while ago: http://marc.theaimsgroup.com/?l=openbsd-misc&m=115548207902728&w=2 Due to the lack of a recent mailinglist (only a forum) I didn't report this to the kismet developers. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Wireless trouble
On 10/9/06, Fred Crowson <[EMAIL PROTECTED]> wrote: hostname.if does not need the !ifconfig command, the netstart(8) script calls ifconfig. Hence hostname.wi0 would be: inet 172.16.211.1 255.255.255.0 NONE \ chan 6 media autoselect mode 11b \ nwid MyName nwkey persist:abcde123456 Amazing! ;) Never thought about that. Thank you for this tip, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Wireless trouble
Hi Stuart. On 10/9/06, Stuart Henderson <[EMAIL PROTECTED]> wrote: > ifconfig. In this case it would be: this is wi(4) on 3.8, ifconfig didn't know how to configure wireless settings on prism/wavelan cards back then Doh! I assumed a current 3.9. I guess (because I don't have any wi cards - just ath and ra) it would work with 3.9. Anyway upgrading to 3.9 is not a bad idea ;) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Wireless trouble
Hi Rafael. On 10/9/06, Rafael Morales <[EMAIL PROTECTED]> wrote: I have OpenBSD 3.8 on a PowerBook G4, an Avaya wireless card (wi0) and my AP. My problem is when I active the WEP in the AP (WEP-Open), my wireless lost connection. This my card configuration: wicontrol -e 1 -k abcde123456 -t 6 -n MyName -p1 -f 6 [... snip ...] Never used wicontrol ... but you can do the same thing using ifconfig. In this case it would be: /sbin/ifconfig wi0 chan 6 media autoselect mode 11b nwid MyName \ nwkey persist:abcde123456 You can even put this in your /etc/hostname.wi0 file (writing ! before ifconfig) and replace wi0 with $if. E.g. inet 172.16.211.1 255.255.255.0 NONE !ifconfig $if chan 6 media autoselect mode 11b nwid MyName nwkey persist:abcde123456 Then it should be set on boot time. Hope that helps, Andreas. P.S.: See man ifconfig and get the list of supported modes running ifconfig -m wi0 -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: X not working with NVIDIA GeForce 7800 GS on amd64
Hi. On 10/8/06, Andreas Bihlmaier <[EMAIL PROTECTED]> wrote: [... snipp ...] p.s. This xorg.conf section might be of interest to you. Section "Device" Identifier "Card0" Driver "vesa" #Driver "nv" VendorName "nVidia Corporation" BoardName "Unknown Board" BusID "PCI:2:0:0" EndSection [... snipp ...] Ahhh. Good old vesa! It gives me my 1280x1024 with a color depth 24 bits and thats all I need ;) Thanks, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: X not working with NVIDIA GeForce 7800 GS on amd64
Hi Andreas. On 10/8/06, Andreas Bihlmaier <[EMAIL PROTECTED]> wrote: I have the same problem with a GeForce 7300GT. The problem is these chips are only supported by X.org 7.x (which is not yet in OpenBSD). After reading: http://www.undeadly.org/cgi?action=article&sid=2006071016 I guess you are right. It works under Linux and it uses X v7 instead v6.9. I hope 7.x will be OpenBSD soon. I already mailed matthieu@, but I didn't receive an answer. Since I'm the one asking for a favor and he is the one doing the work I didn't bother him further and will use the "vesa" driver until 7.x hits the tree. At that time I'll be a happy current tester :) Yeah! Running a -current system is no problem for me. Ususally it runs more stable than a so called "stable" Linux. :) p.s. This xorg.conf section might be of interest to you. Section "Device" Identifier "Card0" Driver "vesa" #Driver "nv" VendorName "nVidia Corporation" BoardName "Unknown Board" BusID "PCI:2:0:0" EndSection Interesting! I will try it this when I'm at home. Thanks. Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: X not working with NVIDIA GeForce 7800 GS on amd64
Hi Matthew. On 10/7/06, Matthew Weigel <[EMAIL PROTECTED]> wrote: [demime 1.01d removed an attachment of type application/octet-stream which had a name of dmesg] Attachments are stripped on misc@ emails. Doh! Second, have you verified that you *need* an xorg.conf? X.org now auto-detects many things for you. You may be fine without one, or you Didn't know that. I usually did it the "old school" way by creating an xorg.conf file... may find that you only need certain sections of the configuration file. Unfortunately this doesn't work. If that doesn't work, try again but including the three files in line. O.K. Here we go: At first the Xorg.0.log file (from the X startup without any xorg.conf file): X Window System Version 6.9.0 (for OpenBSD) Release Date: 21 December 2005 X Protocol Version 11, Revision 0, Release 6.9 Build Operating System: OpenBSD 3.9 amd64 [ELF] Current Operating System: OpenBSD gorg.badphish.dyndns.org 3.9 GORG#4 amd64 Build Date: 07 July 2006 Before reporting problems, check http://wiki.X.Org to make sure that you have the latest version. Module Loader present Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Sun Oct 8 00:12:22 2006 (EE) Unable to locate/open config file (II) Module ABI versions: X.Org ANSI C Emulation: 0.2 X.Org Video Driver: 0.8 X.Org XInput driver : 0.5 X.Org Server Extension : 0.2 X.Org Font Renderer : 0.4 (II) Loader running on openbsd (II) LoadModule: "bitmap" (II) Loading /usr/X11R6/lib/modules/fonts/libbitmap.so (II) Module bitmap: vendor="X.Org Foundation" compiled for 6.9.0, module version = 1.0.0 Module class: X.Org Font Renderer ABI class: X.Org Font Renderer, version 0.4 (II) Loading font Bitmap (II) LoadModule: "pcidata" (II) Loading /usr/X11R6/lib/modules/libpcidata.so (II) Module pcidata: vendor="X.Org Foundation" compiled for 6.9.0, module version = 1.0.0 ABI class: X.Org Video Driver, version 0.8 (II) PCI: Probing config type using method 1 (II) PCI: Config type is 1 (II) PCI: stages = 0x03, oldVal1 = 0x8000c29c, mode1Res1 = 0x8000 (II) PCI: PCI scan (all values are in hex) (II) PCI: 00:00:0: chip 1106,0282 card 1043,80a3 rev 00 class 06,00,00 hdr 80 (II) PCI: 00:00:1: chip 1106,1282 card , rev 00 class 06,00,00 hdr 00 (II) PCI: 00:00:2: chip 1106,2282 card , rev 00 class 06,00,00 hdr 00 (II) PCI: 00:00:3: chip 1106,3282 card , rev 00 class 06,00,00 hdr 00 (II) PCI: 00:00:4: chip 1106,4282 card , rev 00 class 06,00,00 hdr 00 (II) PCI: 00:00:7: chip 1106,7282 card , rev 00 class 06,00,00 hdr 00 (II) PCI: 00:01:0: chip 1106,b188 card , rev 00 class 06,04,00 hdr 01 (II) PCI: 00:07:0: chip 1106,3044 card 1043,808a rev 80 class 0c,00,10 hdr 00 (II) PCI: 00:09:0: chip 109e,036e card 0070,13eb rev 02 class 04,00,00 hdr 80 (II) PCI: 00:09:1: chip 109e,0878 card 0070,13eb rev 02 class 04,80,00 hdr 80 (II) PCI: 00:0a:0: chip 11ab,4320 card 1043,811a rev 13 class 02,00,00 hdr 00 (II) PCI: 00:0e:0: chip 1102,0004 card 1102,2002 rev 04 class 04,01,00 hdr 80 (II) PCI: 00:0e:1: chip 1102,7003 card 1102,0040 rev 04 class 09,80,00 hdr 80 (II) PCI: 00:0e:2: chip 1102,4001 card 1102,0010 rev 04 class 0c,00,10 hdr 80 (II) PCI: 00:0f:0: chip 1106,3149 card 1043,80ed rev 80 class 01,04,00 hdr 80 (II) PCI: 00:0f:1: chip 1106,0571 card 1043,80ed rev 06 class 01,01,8a hdr 00 (II) PCI: 00:10:0: chip 1106,3038 card 1043,80ed rev 81 class 0c,03,00 hdr 80 (II) PCI: 00:10:1: chip 1106,3038 card 1043,80ed rev 81 class 0c,03,00 hdr 80 (II) PCI: 00:10:2: chip 1106,3038 card 1043,80ed rev 81 class 0c,03,00 hdr 80 (II) PCI: 00:10:3: chip 1106,3038 card 1043,80ed rev 81 class 0c,03,00 hdr 80 (II) PCI: 00:10:4: chip 1106,3104 card 1043,80ed rev 86 class 0c,03,20 hdr 80 (II) PCI: 00:11:0: chip 1106,3227 card 1043,80ed rev 00 class 06,01,00 hdr 80 (II) PCI: 00:18:0: chip 1022,1100 card , rev 00 class 06,00,00 hdr 80 (II) PCI: 00:18:1: chip 1022,1101 card , rev 00 class 06,00,00 hdr 80 (II) PCI: 00:18:2: chip 1022,1102 card , rev 00 class 06,00,00 hdr 80 (II) PCI: 00:18:3: chip 1022,1103 card , rev 00 class 06,00,00 hdr 80 (II) PCI: 01:00:0: chip 10de,00f5 card 10b0,0801 rev a2 class 03,00,00 hdr 00 (II) PCI: End of PCI scan (II) Host-to-PCI bridge: (II) Bus 0: bridge is at (0:0:0), (0,0,1), BCTRL: 0x0008 (VGA_EN is set) (II) Bus 0 I/O range: [0] -1 0 0x - 0x (0x1) IX[B] (II) Bus 0 non-prefetchable memory range: [0] -1 0 0x8000 - 0x (0x8000) MX[B] (II) Bus 0 prefetchable memory range: [0] -1 0 0x8000 - 0x (0x8000) MX[B] (II) PCI-to-PCI bridge: (II) Bus 1: bridge is at (0:1:0), (0,1,1), BCTRL: 0x000a (VGA_EN
X not working with NVIDIA GeForce 7800 GS on amd64
Hi. I recently replaced my ATI X800 with a new NVIDIA GeForce 7800 GS. Checking the nv(4) man page and it states that it supports: [... snipp ...] GeForce 7XXX [... snipp ...] So I setup the corresponding "Device" section to: Section "Device" Identifier "NVIDIA" Driver "nv" #VideoRam524288 # Insert Clocks lines here if appropriate EndSection (see attached xorg.conf) and started X. Unfortunately X died instantly with signal 8 (SIGFPE): [... snipp ...] (WW) NV(0): remove MTRR 0 - 1000 (--) Depth 24 pixmap format is 32 bpp (WW) NV(0): set MTRR e000 - f000 (WW) NV(0): remove MTRR a - b *** If unresolved symbols were reported above, they might not *** be the reason for the server aborting. Fatal server error: Caught signal 8. Server aborting Please consult the The X.Org Foundation support at http://wiki.X.Org for help. Please also check the log file at "/var/log/Xorg.0.log" for additional information. [... snipp ...] (Xorg.0.log is also attached). Using the nv driver under Linux (Gentoo) and the X starts and works as expected. The card -listed by pcitweak -l - is: [... snipp ...] PCI: 01:00:0: chip 10de,00f5 card 10b0,0801 rev a2 class 03,00,00 hdr 00 [... snipp ...] System is running OpenBSD 3.9 (GENERIC kernel) from the CDs on amd64. Has someone running an amd64 system with this graphic card? Many thanks in advance, Andreas. P.S.: dmesg is also attached. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy? [demime 1.01d removed an attachment of type application/octet-stream which had a name of xorg.conf] [demime 1.01d removed an attachment of type application/octet-stream which had a name of Xorg.0.log] [demime 1.01d removed an attachment of type application/octet-stream which had a name of dmesg]
Re: squid ldap auth on OpenBSD
Hi Alexandre. On 10/6/06, Alexandre ADAM <[EMAIL PROTECTED]> wrote: But when I launch "make" again, there is the following error message : warning: strcpy() is almost always misused, please use strlcpy() Thats not an error. Its just a warning. Do you know what means this message ? It means that strcpy() is almos always misused and should be replaced by strlcpy() (or strncpy but OpenBSD prefers strlcpy). HTH, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: How do I redirect the daily log messages to another address?
On 9/21/06, Steve B <[EMAIL PROTECTED]> wrote: Hi Steve. I'd like to redirect the daily log messages that go to root to an external [... snip ...] Could someone point me in the right direction as to what I should be looking for? I'm pretty sure it has to do with Sendmail. Setting up an alias for root that points to the external address should work. Putting the alias in /etc/mail/aliases and rebuild the aliases database with newaliases -see man 8 newaliases. HTH, Andreas. P.S.: Of cause the external address can be resolved. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: OpenBSD 4.0 pre-orders are up
Hi. On 9/20/06, Theo de Raadt <[EMAIL PROTECTED]> wrote: We have activated OpenBSD 4.0 pre-orders. The official release date is November 1. For more information on the release, please see http://www.openbsd.org/40.html And don't forget to order the cute Pluffy: http://undeadly.org/cgi?action=article&sid=20060921164308 https://https.openbsd.org/images/pluffy.jpg ;) Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Sometimes OpenBSD "forgets" the disklabel
On 8/23/06, Nick Guenther <[EMAIL PROTECTED]> wrote: Hi Nick. > Does anyone knows whats wrong or what I should do the fix this > behaviour? My first guess is that something is wiping out the disklabel on wd1. That is, some boundary is configured wrong and, in the process of writing to the ccd, sometimes it "spills over" and smashes the disklabel. In that case you'd also be losing whatever data is getting put there when you fix the disklabel. Oh look, the disklabel is stored in the first 512b of wd1a, and you are using wd1a as part of the ccd. Aha! This would explain the mysterious "works mostly" thing ;) Maybe the man page should mention something like this ? (Or I missed it while reading it ;) Here, to fix it, make wd1a small, only one sector (or more, if you aren't comfortable with it being that small) and then make wd1d start Nope. I dont have a problem with such small things ;) after it, and use wd1d as part of your ccd instead. O.K. Together with the reply from Kyle I will recreate the ccd0 next week (after a backup of several gigabytes). So long, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Sometimes OpenBSD "forgets" the disklabel
On 8/23/06, Kyle George <[EMAIL PROTECTED]> wrote: Hi Kyle. > or what I should do the fix this behaviour? See: http://inglorion.net/documents/tutorials/ccd See: http://morgenes.shire.sytes.net/~inglorion/documents/tutorials/ccd Thanks I will take a look at this. And as far I can see I use ccd0c as a file system. Ooops! I will change this to ccd0a as soon as I can. Note: I dont use the mirror option. I just want a RAID0. Assuming you don't have any bad disks, I think you are forgetting that the Nope. I can read both disks with dd without any errors. I don't see your fstab. Are you trying to mount ccd0c? Yes. Here is /etc/fstab: # cat /etc/fstab /dev/wd0a / ffs rw 1 1 /dev/wd0d /usr ffs rw,nodev 1 2 /dev/ccd0c /home ffs rw,nodev,nosuid,softdep 1 2 Ugh *ahem* I try to mount ccd0c. Treat ccd0 like it's it's own disk; like how you would treat a physical disk. This is what I do. See below for my 3.9 ccd configuration which is working fine. O.K. First I will move the filesystem from ccd0c to ccd0a. Whats puzzling me is the fact that it works most of the time. (Only 5 -or so- failures because of the disklabel of wd1. I use this desktop system with OpenBSD since 3 months and the system was shutdown every night). So long, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Sometimes OpenBSD "forgets" the disklabel
Hello everybody. I have a ccd containing two disks: [EMAIL PROTECTED]:~ $ cat /etc/ccd.conf # $OpenBSD: ccd.conf,v 1.1 1996/08/24 20:52:22 deraadt Exp $ # Configuration file for concatenated disk devices # ccd ileave flags component devices ccd064 0x8 /dev/wd0e /dev/wd1a Sometimes after a reboot the system is can not build ccd0 because wd1 doesn't have a correcte disklabel. I can set it manually (disklabel -E wd1) to: # disklabel wd1 # Inside MBR partition 0: type A6 start 63 size 23437 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: ST3120026A flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 16 sectors/cylinder: 1008 cylinders: 16383 total sectors: 234375000 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: # sizeoffset fstype [fsize bsize cpg] a: 2343763 4.2BSD 0 00 # Cyl 0*-232512* c: 234375000 0 unused 0 0 # Cyl 0 -232514* and I am able to build the ccd. Usually (~95%) the disklabel is correct and ccd0 can be build on startup. But sometimes it "forgets" the disklabel and wd1 contains: # disklabel wd1 # Inside MBR partition 0: type A6 start 63 size 23437 # /dev/rwd1c: type: ESDI disk: ESDI/IDE disk label: ST3120026A flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 16 sectors/cylinder: 1008 cylinders: 16383 total sectors: 234375000 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: # sizeoffset fstype [fsize bsize cpg] a: 2343763 unused 0 00 # Cyl 0*-232512* c: 234375000 0 unused 0 0 # Cyl 0 -232514* and with a "unused" fstype ccdconfig fails to build the ccd-device. Unfortunately I am not able to reproduce this bevaiour. It happens sometimes. The system runs: OpenBSD gorg.badphish.dyndns.org 3.9 GORG#4 amd64 (3.9-STABLE) Does anyone knows whats wrong or what I should do the fix this behaviour? Many thanks in advance, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: port kismet wont run as it should on openbsd current
Hi. Tested some wireless chipsets (ti,ra,ath0). It seems that only ath doesn't show anything in kismet (neither from ports nor from the latest svn sources) - no powerlevel,no packets, no packet rates. Anyhow I would blame kismet,because monitor mode can be set using ifconfig ans I can see access points using ifconfig -M. So long, Andreas. P.S.: Is there a kismet mailinglist? I only found a forum on there page. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: port kismet wont run as it should on openbsd current
On 8/15/06, Matthias Kilian <[EMAIL PROTECTED]> wrote: Hi. > source=radiotap_bsd_b,ath0,scan Did you try with other source types than radiotap_bsd_b? I never tried another source. I wasn't sure if a/g are working Any error messages? What does ifconfig ath0 say, is the interface in monitor mode? If I remember correctly, yes. And heere I stopped reading. I confirm this behaviour with 3.8 and 3.9 (installed from CD) But I blamed it to kismet, because ifconfig -M works as expected. So long, Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
SSH connection from UNKNOWN ?
Hi folks. During the last weeks I received some alerts about ssh connections from UNKNOWN. E.g.: Jul 17 08:54:25 piglet sshd[7762]: Did not receive identification string from UNKNOWN Jul 26 05:27:54 piglet sshd[31895]: Did not receive identification string from UNKNOWN After a fast look at the code it seems that getpeername() fails. According to the man page there are several reasons: [... snipp ...] ERRORS On failure, errno is set to one of the following: [EBADF] The argument s is not a valid descriptor. [ENOTSOCK]The argument s is a file, not a socket. [ENOTCONN]The socket is not connected. [ENOBUFS] Insufficient resources were available in the system to per- form the operation. [EFAULT] The name or namelen parameter points to memory not in a valid part of the process address space. [... snipp ...] So some thougts about the reasons that may be a failure: ENOBUFS - Not possible. Although I use 68% of the allocated mbufs I was able to establish new connections from the outside. ENOTCONN and EBADF - As far as I know it is not possible, because the connection log occurs after completing the TCP hand shake. EFAULT- Impossible since I am using OpenBSD :) ENOTSOCK- Connecting to OpenSSH not using a socket? WTF? Is there anyone out there who can help me with this -strange (at least for me)- message. Many thanks in advance, Andreas. P.S.: The system is: OpenBSD piglet.badphish.dyndns.org 3.9 GENERIC#617 i386 running sshd version: OpenSSH_4.3, OpenSSL 0.9.7g 11 Apr 2005 -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: DDOS attack
Hi. You can bind ssh to another port and/or you can play with a little scripting and the excellent packet filter. I run a script from cron that greps the IP addresses from the sshscans, dups them in an file and a pf table uses this file to drop connections from these IPs. Depending on the type these IP addresses will be removed after a specific amount of time. The script is really stupid and easy: #!/bin/sh exec 2>&1 LOGTAIL=/usr/local/bin/logtail PF_TABLE=sshscanners # Penalties: PENALTY_SCAN=1.0 PENALTY_INVALID_USER=2.0 PENALTY_ROOT_ACCESS=4.0 # Time to expire TTE_BLACK_LIST=43200 # 12 hours TMPFILE=/tmp/authlog.tail.$$ NOW=`date +'%s'` $LOGTAIL /var/log/authlog > $TMPFILE grep 'Did not receive identification string from' $TMPFILE | awk -v SCORE=$PENALTY_SCAN '{print $12,SCORE;}' | grep -v '[a-zA-Z]' | sort | uniq -c > /tmp/sshd_no_id.$$ grep 'Invalid user' $TMPFILE | awk -v SCORE=$PENALTY_INVALID_USER '{print $10,SCORE;}' | grep -v '[a-zA-Z]' | sort | uniq -c > /tmp/sshd_invalid_users.$$ grep 'Failed password for root from' $TMPFILE | awk -v SCORE=$PENALTY_ROOT_ACCESS '{print $11,SCORE;}' | grep -v '[a-zA-Z]' | sort | uniq -c > /tmp/sshd_root_hackers.$$ cat /tmp/sshd_root_hackers.$$ /tmp/sshd_invalid_users.$$ /tmp/sshd_no_id.$$ | awk -v STAMP=$NOW '{bastards[$2]+=$1*$3;} END{for (ip in bastards) {print ip" # "bastards[ip]" "STAMP;}}' > /tmp/new_bastards.$$ cp /etc/pf.d/sshscans /tmp/sshscans.$$ echo "Updating table ${PF_TABLE}: " echo "" cat /tmp/sshscans.$$ /tmp/new_bastards.$$ | grep '^[0-9]' | awk -v NOW=$NOW -v TTE=$TTE_BLACK_LIST '{if ((NOW-$4) /etc/pf.d/sshscans /sbin/pfctl -t $PF_TABLE -T replace -f /etc/pf.d/sshscans -v | grep -v '^X' | sed -e 's/^A /Adding /g' -e 's/`D /Deleting /g' 2>&1 echo "" /bin/rm -f /tmp/sshd_root_hackers.$$ /tmp/sshd_invalid_users.$$ /tmp/sshd_no_id.$$ /tmp/new_bastards.$$ $TMPFILE pf.conf defines a table with the addresse build from that file and drops them: [... snipp ...] table file "/etc/pf.d/sshscans" persist [...] block return-rst in log quick on $ext_if proto tcp from to any port 22 [... snipp ...] This works for me but zour mileage may vary. HTH, Andreas. On 7/4/06, sonjaya <[EMAIL PROTECTED]> wrote: Dear all How to blok ddos/Flooding/ssh brute attack with pf . -sonjaya- -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Samba 3.0.21b from ports dies with SIGABRT when creating password file (tdbsam)
Hi. After installing Samba from the ports tree (Samba version 3.021b without any flavors) running smbd the first time -the password file passdb.tdb does not exist- smbd dies with SIGABRT after creating the password file # /usr/local/libexec/smbd -D # ps axuw | grep smbd root 4370 0.0 0.1 452 476 p2 S+ 3:41PM0:00.02 grep smbd root 7642 0.0 0.1 352 420 p3 S+ 3:36PM0:00.02 tail -f /var/log/samba/log.smbd The generated logfile (/var/log/samba/log.smbd) shows an "INTERNAL ERROR": [2006/07/04 15:40:50, 1] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/smbd/files.c:file_init(197) file_init: Information only: requested 1 open files, 1752 are available. [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/passdb/pdb_tdb.c:tdbsam_tdbopen(196) Unable to open/create TDB passwd [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/passdb/pdb_tdb.c:tdbsam_getsampwrid(490) pdb_getsampwrid: Unable to open TDB rid database! [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/passdb/pdb_tdb.c:tdbsam_tdbopen(196) Unable to open/create TDB passwd [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/passdb/pdb_tdb.c:tdbsam_tdbopen(196) Unable to open/create TDB passwd [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/passdb/pdb_tdb.c:tdbsam_getsampwnam(425) pdb_getsampwnam: TDB passwd (/etc/samba/passdb.tdb) did not exist. File successfully created. [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/lib/fault.c:fault_report(36) === [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 13571 (3.0.21b) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/lib/fault.c:fault_report(39) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/lib/fault.c:fault_report(40) === [2006/07/04 15:40:50, 0] /usr/ports/net/samba/w-samba-3.0.21bp2/samba-3.0.21b/source/lib/util.c:smb_panic2(1554) PANIC: internal error The password file was created successfully and smbd can be restarted and runs without any problems. I can reproduce this behaviour by stopping smbd and removing the password file. This system is running: # uname -a OpenBSD son-goku.badphish.dyndns.org 3.9 GENERIC#617 i386 Did anyone see such a behaviour? Is this an OpenBSD specific bug or should I report this to the bugzilla.samba.org? Many thanks in advance, Andreas. P.S.: If someone is interested I can provide a ktrace output. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?
Re: Problems mounting a usb disk
Hi. Does it contain a (V)FAT file system? Try mounting /dev/sd0i What does disklabel sd0 say? HTH, Andreas. On 6/1/06, David Burau <[EMAIL PROTECTED]> wrote: Hi, i've installed OpenBSD 3.9 on a IBM T20 notebook. Everything is working fine. Bit I'm not able to mount a usb disk. dmesg output ist: - sd0 at scsibus1 targ 1 lun 0... sd0: 76319MN, 76319 cyl, ... -- and that's my disk. The Problem is, that there is no "sd0" in /dev and when I try to mount sd0a (mount /dev/sd0a /mnt/usb) I get a note, that the device is not configured. Does anybody have a clue, what the Problem might be? Thanks! David Burau
Re: "make install" is not the same as "pkg_add' ?
Thanks for all your help. Now it is cristal clear ;) Although using ports for years, I should read the fine manual pages before posting ;) ... next step, kill the penguin OS on my desktop (this was just my laptop) and install a reliable OS ;) Andreas.
"make install" is not the same as "pkg_add' ?
Hello everbody. I'm using OpenBSD since version 3.1 (or so) usually for servers and my firewalls. Getting my IBM X40 and I installed OpenBSD 3.9 and started to build the packages I need from /usr/ports. Everything works as expected (means without any problem ;) But after installing xmms from /usr/ports/audio/xmms/ I discovered that xmms was not able to play MP3 and OGG files. After some hours of searching and looking around I found a package named xmms-mp3-*(and xmms-vorbis) in /usr/ports/packages/i386/all/. So I run pkg_add /usr/ports/packages/i386/all/xmms-mp3-1.2.10p6.tgz. After this pkg_add xmms was able to play MP3 files. All the years I believed that "make install" will do the same as a pkg_add. Now I am real confused ;) Am I missing something? Is this a bug or does it work as expected? Many thanks in advance. Andreas.
Re: Laptop recommendations
Hi RJ. I would recommend IBM/Lenovo. OpenBSD 3.9 works out of the box including (but not limited to ;) suspend, buttons, ... on my IBM X40. After a hard disk error on my Mac PowerBook (ppc architecture) I discovered that the support from Mac is really sh*t. Having a choice between IBM/Lenovo I strongly recommend an IBM/Lenovo notebook. But check http://www.openbsd.org/laptop.html . HTH, Andreas. On 5/11/06, rjn <[EMAIL PROTECTED]> wrote: Hi all, I'm looking into getting a new laptop (I start college in the fall). In particular, I'm looking for something OpenBSD compatible. I considering either a Lenovo Thinkpad or the MacBook Pro. From what I've seen you can only boot the macbook pro if you have windows installed. I'm wondering if anybody has experience with the new Lenovo models and the macbook pro? Thanks, RJ -- em: [EMAIL PROTECTED] Poster: "I am a Windows Systems Administrator and work for a pretty large corporation" Anonymous: "I am so very sorry for you..." -- Slashdot