Re: I hate Spam
Not wanting to end up in your killfile, but... what I've noticed is that I don't see any English-language spam at all on any of the lists. What I do see when periodically checking my junk folders for false positives is spam in Spanish, Russian, and maybe a bit of Chinese, French, and Portuguese. I don't say that to complain, just to observe. If someone more bothered wants to pitch in, download the last year or so of archives and knock yourself finding a way to extend the existing protections to catch non-English spam without, saying, deciding that posts containing patches are spam because they aren't in English. On 11 May 2011, at 20:11, Stuart Henderson wrote: In gmane.os.openbsd.misc, you wrote: I'm new to this list and to OpenBSD, and currently signed up for misc, ports and www lists, and receive a lot of spam mail through the lists. Most of it is on www@ (because the address is at the bottom of many of the web pages), unsubscribe from that and you'll see a big reduction. Just wondering how other subscribers solving this mather ? Personally I read these lists on gmane.org via NNTP, using slrn with decent killfiles which get rid of a lot of the junk (and even better, can killfile a thread or an annoying person with about 3 keypresses, which saves way more time than the spam filtering). smime.p7s Description: S/MIME cryptographic signature PGP.sig Description: This is a digitally signed message part
Re: Like OpenBSD? Like to see new stuff happening? You really need to order a CD today :)
Surely there are two separate problems here: 1) you think OpenBSD needs to work to open up loopholes so that people who aren't donating or aren't donating as much because of tax reasons will now do so (and Amit thinks this is a series of technical problems that can be solved by non-strategic and sometimes non-sensical deliverables, such as finding a way to license distribution of a product that in its original distribution requires no license, which looks more like a tax avoidance or money laundering scheme than a legitimate fundraising tool and in any case not like anything that sentients will pay for in substantial numbers); and 2) you personally would like to give more, it's just that your tax accountant can't find a way. Maybe we could add a scheme where people pay OpenBSD for each time they don't send mail to misc, even though they really want to? Or when they mail misc and realise a few replies later they really ought to have thought better of it? Or when they flame the hell out of someone on misc and feel a lot better for it. There have to be the rudiments of a previously undiscovered licensing, royalty, or subscription scheme in there somewhere. Maybe you could consult Apple and discover that OpenBSD should demand 30% of your monthly bills for Internet access from your ISP(s), on the view that you wouldn't use the Internet if it weren't for OpenBSD. ;-, Bayard On 21 Apr 2011, at 02:33, Benny Lofgren wrote: On 2011-04-21 02.51, Marco Peereboom wrote: When ordering a CD it lets you tack on a donation. Call it 20 CDs and tax life is good. Yes I know, but as I tried to explain it doesn't help me if the receipt says donation or anything like it. You clearly don't know my accountant... :-) A simple multi-license article on the order form with a proper article text on the invoice would let me donate while keeping my accountant happy, as well as avoiding paying more taxes than necessary. - or - Order 20 CDs, give 19 away. Not very hard... I don't think I can muster 19 willing recipients of a gift CD set among my friends to be honest... :-/ Besides, it may sound silly but I really don't like to waste resources, be it my money, someone elses or some finite natural resource (CD:s don't grow on trees, do they? :-) ). Really, I'd happily pay the same price for one CD set plus n-1 CD-less licenses (and hopefully get the same volume discount as well), and it would be a true win-win for everyone. Regards, /Benny [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: what is the “Online Certificate Status Protocol”
The simple answer as to why OCSP isn't itself via HTTPS is that this would be a cyclical dependency: if you need to accept a certificate, you need to confirm its continuing validity. If you have to use a connection relying on that same logic to confirm validity, at what point are you then able to make a connection? The cryptographic component of OCSP, as WIkipedia points out, is providing a validating signature with the response. On 9 Mar 2011, at 09:30, erikmccaskey64 wrote: But: with wireshark i can see some OCSP packets [ http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol ] Question: What are these packets? Why aren't there in HTTPS? [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
nfsv4?
The last mail I can find on the subject seems to indicate that there were problems getting RPC to work with ipv6 (from Henning: http://marc.info/?l=openbsd-miscm=120291072230011w=3). I'm not sure if this was for lack of a TI-RPC implementation or other reasons. Any info on where this is? [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: nfsv4?
Henning, I wouldn't say that there's anything wrong with the OpenBSD NFSv3 implementation, as the problems with NFSv3 are largely with the specification (and/or the proliferation of specifications and protocols to deal with what's not in the 1995 original). I'd anticipate a response not unlike evaluating IPv4 vs. IPv6: granted the original is flawed, the fact that the successor protocol is *supposed* to solve the problems of its predecessor doesn't mean that it does as comprehensively or as well as hoped or that it doesn't have problems of its own. If I were looking for an objection to the OpenBSD implementation, I'd probably follow the analogy between IPv4/IPv6 and NFSv3/NFSv4. Whereas OpenBSD implements features like IPSec that are optional in IPv4 but mandatory in the successor, the approach taken to the extensions in NFSv3 that were subsequently made part of the core v4 spec seem to be displaced to transport- rather than application-level measures (e.g. use IPSec rather than Kerberos RPCSEC_GSS or RPCSEC_GSSv2, retaining system- rather than principal-based authentication). Insofar as being stuck with NFSv3 means being stuck with NFSv3 plus extensions or other supplements, I know that the interoperability story across platforms is going to have some sad chapters. Again, I'm not arguing that NFSv4 is or isn't a cure worse than the disease, but I'm just as interested in what analysis may be available to argue that conclusion if that's where the consensus is. I believe something similar was done around IPv6 that helped feed back to changes in the protocol specification. I also suspect that consensus may have moved or divided around this. Looking at a source like Secure Architectures with OpenBSD (admittedly written when NFSv4 was rather over the horizon), I find that the relatively brief concluding section on NFS security contends that, NFSv4 offers significantly more security via GSS API and Kerberos. To the extent that people may have moved on from that view, it would be helpful if the reasoning were documented and available for broader dissemination. Insofar as there may be some agreement and clarity as to what to deploy instead of NFSv4 that improves on vanilla NFSv3, I don't think it well-advertised. Speaking more broadly, I have this general sense that NFSv4 has disappointed and that adoption has lagged, although more in terms of deployment than implementation (OpenBSD seems exceptional in this regard, although perhaps not exceptionally so by its own standards). There seem to be a lot of summary expressions, but I've not found anything that really argues the case against it and outlines how to learn to live with something that isn't NFSv4 and the bomb. In other words: it seems to me that OpenBSD's not implementing NFSv4 may be a more decisive expression of objections that are elsewhere given more mumbled expressionI'd just like to see the case laid out and an acceptable alternative more clearly articulated. Cheers, Bayard On 27 Oct 2010, at 17:54, Henning Brauer wrote: * Bayard Bell buffer.g.overf...@googlemail.com [2010-10-27 17:19]: Sorry, but it's not entirely clear where the obstacles are. Is this unhappiness with the specification(s)? the code base for NFSv4 that's been rolled into the other BSDs? something else? personally I haven't looked closely at nfsv4, but what I saw didn't please me. i am not aware of anybody else (from us) looking into it deeply. what problem do you think nfsv4 solves for you again? what's wrong with our nfs implementation? -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: nfsv4?
To judge from the question I don't think you've accurately parsed the argument, which isn't so much about IPv6 per se as about how IETF corrects the mistakes that invariably result in specifying more ambitious protocols like IPv6 or NFSv4 (or doesn't and precludes itself from doing so). If you nonetheless want to read more about the OpenBSD IPv6 audit of the IPv6 implementation, you might start with something like: http://ipv6samurais.com/ipv6samurais/openbsd-audit/ On 27 Oct 2010, at 22:26, FRLinux wrote: On Wed, Oct 27, 2010 at 9:45 PM, Theo de Raadt dera...@cvs.openbsd.org wrote: The design process followed by the NFSv4 team members matches the methodology taken by the IPV6 people. (As in, once a mistake is made, Sorry, I'll bite. What exactly is wrong with IPv6 here? I gathered from this list not a lot of developers here like it, but I still don't get it. Please educate me (this should be enlightening). Cheers, Steph [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: OpenBSD culture?
Am 14 Apr 2010 um 10:11 schrieb Zachary Uram: As a long time Linux user I will soon try out OpenBSD, I have been reading the list emails and contacted 1 OpenBSD top person who was very rude. There is some of the RTFM or get lost attitude in Linux, but if a questioner seems sincere there is usually a certain level of friendliness in Linux community towards them. Just what I have briefly observed the OpenBSD community is more abrupt and less interested in helping newbies, they prefer one find the answer solely on their own if possible. I must say I detect a certain attitude that smacks of superiority and even condescension at times. Is this a fair assessment of 6the OpenBSD culture? Zach http://www.fidei.org I'd take this for why can't we all just get along? scolding. I'd argue OpenBSD has the best documentation of any OS I've ever seen. Not answering these questions lets the developers get on with it. Non- developer members of the community know that the docs rock, so they've got a reasonable basis for thinking that anyone who's asking a question with a documented answer is being lazy (thus implicitly rejecting the sincerity standard you're proposing). People new to OpenBSD may need to get used to having documentation that doesn't suck, but the point is that OpenBSD also gets considerable advantage from having docs to which to refer. Not just developers but the OpenBSD community generally would rather emphasise that distinction to the point of hostility to accommodating people who don't (or don't yet) appreciate it. I follow you in terms of a sense of superiority, in that I think that the approach taken is demonstrably better, even if it's not intuitive to those with a perspective shaped by other communities (and may be sufficiently jarring to some people that they don't give it a full go because they don't understand the sense in which the OpenBSD community is nevertheless very much there to help), but I don't think it's condescending to try to protect a hard-earned and highly beneficial distinction. To the extent that such insistence on self-help through documentation excellence selects against community growth in a direction where bigger wouldn't be better, certainly not on the terms that have allowed OpenBSD to prosper thus far, I don't see that as objectionable, either. Thus in proposing that people be given the benefit of the doubt (sincere), the problem is precisely that the OpenBSD community is signalling clear distinctions about what it considers to be the standard of sincerity, based on strong functional motives. To put the problem more generally: how exactly does one accommodate such contrary standards without undermining the standard you mean to support? To the extent that the Linux community has a soft spot for n00bs, I'd take it as largely an accommodation of the fact that documentation quality is widely inconsistent in quality or the bare fact of its existence. I don't think it can be taken to suggest that somehow the people who respond to questions about Linux have some greater generosity of spirit than can be found here, and I think that their reasons for behaving as they do are also functional. Why not ask instead why the Linux community continues to work around the root of the problem, thus creating some of the forces of habit that you treat with apparently uncritical discernment? Even if you don't find yourself comfortable here, you might reconsider the going standards of the Linux community and challenge those instead. I don't mean to suggest that it's all sorted out in OpenBSD-land, but I reckon you'd have something more compelling (not to forget fair) to say if you took these differences and their rationales more thoroughly into account. Cheers, Bayard
Re: OpenBSD culture?
Am 14 Apr 2010 um 14:50 schrieb Theo de Raadt: I guess this is the get lost mail he is referring to. Yes, it is a damn fair assessment. When you pay your taxes, do you go make a personal request for assistance of your prime minister? Your mail lies about what you saw, so here is the full exchange: Surely he's contrasting his Linux experience based on the response to something like: Torvalds, I have been hearing very good things about Linux from people whose opinions I value highly. I have a MacBook and a Windows PC on which I'd like to run Linux dual-boot with the existing operating system. Could you please recommend a distribution and provide detailed installation instructions for each. Do you need to know the exact models? Do you need to know which version of Mac and Windows I am running? I am happy to provide that information if necessary. Look forward to hearing from you soon, and please keep up the good work! Cheers, n00b
Re: Refusal to mention OpenBSD in a MSc Advanced Networking course
I'd venture that your professor isn't particularly well-educated if he thinks BSD is dead or dying from either a commercial or a pedagogical perspective. A considerable amount of literature on the subject of networking is written using the BSD codebase as reference (e.g. the Richard Stevens TCP/IP books), and I don't expect that anyone is going to turn around and tell you that the Linux people got to where they are by ignoring all of that literature and the code base around which it was written. Second, beyond the base of open source host networking stacks, the BSD code base has been extensively grafted into proprietary Unix implementations, not to mention serving as the foundation for dedicated network devices such as Junos. You might argue that Junos isn't as prominent in the market as Cisco, but there are a fairly considerable number of arguments against teaching using IOS implementation pedagogically, except perhaps as a long series of gotcha lessons. Third, BSD networking continues to be grafted into other systems. A perfectly good example of this is that Sun has ported BPF into the Solaris kernel to support firewall portability as one of recent extension and refactoring initiatives to improve its network performance and provide an alternate set of interfaces for portability of networking code (e.g. for kernel code, or as an alternative to write directly to DLPI or through libpcap for anything that can't be implemented via [*cough*] Berkeley sockets). The crux here is that the wisdom of acting as though *nix networking is a monoculture completely dominated by Linux (which in my opinion can both fail to be a monoculture in the way it needs to be and succeed in being a monoculture in ways it needs to curb) or will become one doesn't seem the only possible conclusion from examining the history or contemporary dynamics (and that's setting aside the rather material question of whether such a monoculture would be desirable in any case, given how important cycles of divergence and convergences have been to making *nix what it is qua dynamic and open systemnot to say that Linux is a monoculture... or as dynamic and open as ). Sure, Linux can have its value as teaching material, but it's far less credible to do so if the premise is that this is the only open source implementation worth teaching. There may be valid reasons for focusing on a single implementation in course design, but dismissing the value of a comparative approach or of subsequent independent study of other systems strikes me as pissing away credibility as an instructor and being dishonest about course design decisions. As for the instructor, you can lead a horse to water and all that. Perhaps the more important thing to learn here is how and why he's mistaken rather than that he is or to push him to such concessions. If you can't push him so far as to change his decision, but you can perhaps offer sufficient judicious counter-arguments to make other students want to learn more and build some continuing study groups on top of that. Cheers, Bayard Am 13 Feb 2010 um 08:06 schrieb TS Lura: Dear OpenBSD community, I'm a student for a MSc Advanced Networking degree. I have a little situation maybe you guys could give me some feedback on. The issue is that my module leader is refusing even to consider mentioning OpenBSD, or any BSD in introductory Linux course where the focus is on network services. DNS, iptables, Apache. It is a introductory course, with limited time. So it's understandable that one has to be level-headed on what's to go in as material in the course. My argument is only to have a reference to OpenBSD, PF, and maybe the jailing of named, when we go through the topics of iptables, and DNS. My professor (the module leader) argue that almost no one is using BSD, and those that does is probably 70+ and so it will soon die off, in a humours tone. In more serious tone, lack of applications. I'm a bit resigned by this attitude, because we are at a master level about networking. We learn about all the technologies surrounding routers, switches, wan, security, etc. As such I think that OpenBSD is really a bean to be counted when we learn about open/free software. So in relation to this, I would argue that OpenBSD is a excellent platform for networking services. I have said so in writing, and verbally only to be brushed off. I feel it's game over, at this point. But maybe you guys have some suggestion about good arguments that might persuade my professor? Cheers, TSLura. PS. This might be the wrong crowd, but I also argue for the documents on the internal web-learning facility to be published in PDF (ISO 32000 standard) (he insist on doc), and that Linux at least once should be mentioned as GNU/Linux.(system-tools/Kernel, to pay tribute). This is also met in the same way as my BSD arguments. Which I find strange, since my professor has developed a bit of stuff for the GNU/Linux platform.
Re: Is OpenBSD + PF accredited or certified in any way ?
Formal evaluation just means that the features judged relevant to the evaluation can be minimally verified. On the flip side, there's David Litchfield's observation in the introduction to The Oracle Hacker's Handbook: The Oracle RDBMS was evaluated under Common Criteria to EAL4... However, the first few versions of Oracle that gained EAL4 had a buffer overflow in the authentication mechanism. He goes on to that standards are necessary to some extent but not fully indicative. You'll find summary arguments and starting links off the Common Criteria's Wikipedia entry. Given such limitations, perhaps you might propose a more open evaluation and make code access for audit, including by escrow access for an established third-party authority, as a major criteria? Am 1 Feb 2010 um 23:06 schrieb Keith: I've used OpenBSD PF for a number of years without issue and am now in the position that I want to create a dmz between the Internet and my organisations WAN. Our security people are asking if the firewall that we use is accreditated by ITSEC and I am pretty sure it isn't but it turns out that our security people will be happy is the firewall is accredited for use by another government ! I am very happy with my PF firewalls and their reliability and don't want to be forced into purchasing some cisco / forenet comercial firewall that I've never used before so am desperate to find some details of any foreign governments that are using OpenBSD / PF as a firewall or any details of any certification of the PF firewall. Can anyone help me out ? Thanks Keith __ Information from ESET NOD32 Antivirus, version of virus signature database 4825 (20100201) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
Re: OpenBSD in VirtualBox 3.1.x on non-SMP machine
According to http://www.virtualbox.org/wiki/Guest_OSes: Requires VT-x or AMD-V hardware virtualization support. It would appear they've therefore made VT-x and friends non- configurable. You can file a bug report and see where that goes. Am 20 Dec 2009 um 10:18 schrieb Tomas Bodzar: Hi all, someone have running OpenBSD release/stable/current on new line of VirtualBox (3.1.x) on non-SMP machine? Older version 3.0.x was ok. Now it sets VT-x/AMD-V as default and you can't change it. Even when I disable it directly in .xml config file for guest it still try this feature. With release I can't continue even with boot. With current I can start installation, but too much segfaults and then Illegal instruction. On host capable of VT-x/AMD-V no problems. So it looks like they changed again something in their horrible way :-( -- http://www.openbsd.org/lyrics.html
Re: A question about puting OpenBSD on a Soekris
I've been playing around with this lately, so I'm happy to have a stab at an answer, with the caveat that this reflects a recollection of my reading of the code rather than any attempt to make it work to your requirements. Whatever I may fail to clarify, recall, or understand is best taken to suggest that you'd be best served by reading the docs in full, consulting the code as necessary. To start with the details, I reckon that reading mkdist shows that it does a du on vnddirs in the filesystem tree from which you're building and add then pads out those sizes (i.e. look for the loop in mkdist following the comment Determine sizes for partitions). Reading code isn't, however, strictly necessary to answer your question: see the section of the FAQ that starts with What is the basic flahrd layout? What are tardirs? mfsdirs? vnddirs?. More fundamentally, though: what are you trying to accomplish in growing /usr after laying down the flash image? It's likely more straightforward to lay down changes to the build (if not the personality, depending on whether your goal is to limit yourself to maintaining a single system or define a baseline build for use on multiple systems--if you're managing multiple systems, you might want to tweak the way you are preparing your builds and/or to modify the flashrd code so that it can pick up personality-related files from a separate tree than the build) on the regular filesystem tree from which you build the post-bootstrap flash svnd (i.e. the top-level directory you're passing as the mandatory parameter to flashrd), rather than trying to stack stuff onto the flash after this initial assembly is done. By the time you've got the basic image laid down in a file for your svnd, the initial partition scheme is already set. That doesn't mean that it's immutable, but it's a bit more work to do the slice and dice at that point. (cfgflashrd, on the other hand, is largely about configuring the bootstrap (terminal, root ramdisk) rather than what's subsequently brought up from the openbsd.vnd containing the full build.) Not meaning to put too fine a point on it: I don't imagine you want to be trying this kind of post-op slice and dice if you've not spent time understanding how much of your problem may be adequately addressed in less baroque ways by documented behaviour. Am 15 Dec 2009 um 15:25 schrieb stan: I am trying to put OpenBSD on some Soekris machines. I have looked around and fount the flashrd toolkit. Uinsg it, I was able to create a bootable compact flash image for one of the machines. However, I pretty much did it by following the driections without understnaidng what was being don, and we all know where that leads :-) Now, I am trying to change a fwe things, and I need to get a better understnading of what is being done here. Specifically, I want to create a larger /usr partion in the vnd iamge. What determiens the size of these? I have looked through the cfgflashrd, and the growimg scripts, but I don't see any knobs to tweak in these for this. -- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Re: ComixWall terminated
Am 11 Dec 2009 um 09:19 schrieb P-O Yliniemi: There are a lot more abuse of the misc list than Soner posting about his OpenBSD project. Maybe Theo should install a decent spam filter for the lists ? This is levelling down a distinction: there's spam that's definitely spam and can be filtered reasonably easily before or after being sent to the list. Sending something to the list that's not readily distinguishable from other content is no longer a problem for a spam filter, wherever it may sit. The fact that the list doesn't filter spam for you mechanically doesn't mean members shouldn't intervene against a different class of posting. What's wrong with posting OpenBSD-related 'adverts', and in this special case with ComixWall which is totally free ? Well, if the principle is that this list is to build and support community around OpenBSD, it's a question about what's considered acceptable conduct within the community. Clearly there are strong feelings on either side, but I gotta ask whether advertising a redistribution, where there's not a lot of evidence of other involvement in the community, doesn't at least come across as, at minimum, genuinely subject to question. We can disagree as to what the answer is, but the exceptional characteristics that make this a question don't just answer themselves by the kinds of characteristics or implications that have been argued in its favour. I agree with a lot of the other posts that ComixWall doesn't really promote OpenBSD in any way, but for those who are looking for a solution like the one that it provides, this distribution will save some hours of installation and compilation time. Sure, but how about substantial questions like code audits for the PHP code and determining processes and mechanisms for patching? Binary distribution may not be a sin in itself (I've come around to the opinion that it's largely oversold as to its benefits), but, particularly if it's claiming to carry the flag of simplification, one may nevertheless be circumspect about the approach and implementation, by people who've not otherwise established standing in the community and demonstrated the viability of their work in that context. I understand why people who've made sustained contributions to OpenBSD would not be happy with advertising a redistribution vexed by these kinds of questions. I've had enough experience with Unix engineering to have both sympathy for someone who does this kind of work independently of established community organs and a strong scepticism as to whether the product will be nearly as robust as advertised or imagined for lack of strong challenges and correctives from peers and existing centres of expertise. I can't think it reasonable to be so taken away with the sympathetic element of response as to overlook or underweight the strong prospect of flaws resulting from the approach taken, and I think it's adequate here that the issues be merely prospective, as vetting needs to happen before a product is announced as shipping. Conversely, with time spent talking about how you might solve the kinds of problems entailed by such project, developers have a decent chance of establishing credibility and the prospective quality of their project well enough that they wouldn't necessarily have to overload an existing channel to make release announcements. Alternatively, such developers would recognise some fundamental misconceptions and find other projects on which to expend their energies. My 2p, Buffer G. Overflow
Re: ComixWall terminated
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 11 Dec 2009 um 09:19 schrieb P-O Yliniemi: There are a lot more abuse of the misc list than Soner posting about his OpenBSD project. Maybe Theo should install a decent spam filter for the lists ? Just a few of the recent ones: From: Commonwealth Bankmemberserv...@commonwealth.com.au To: misc@openbsd.org Subject: Commonwealth Bank of Australia Security Department Team. Date: 10 Dec 2009 15:47:59 -0800 From: Systat Software, Incnewversi...@systat.us To: misc@openbsd.orgmisc@openbsd.org Subject: SigmaPlot11.2 - NoCost Update Available Date: Thu, 10 Dec 2009 14:25:49 -0800 From: Akis Angelakisi...@image-a.gr To:misc@openbsd.org Subject: LIFE GOOD NEWSLETTER no 57 Date: Thu, 10 Dec 2009 13:28:46 +0200 From: ma-boutique-deco.commaboutique-d...@my-deco-shop.com To: misc@openbsd.org Subject: =?utf-8?q?[blog_deco_et_design]_nouveaut=c3=a9s_my-deco-shop_-_m...@openbsd.org?= Date: Thu, 10 Dec 2009 11:30:07 +0100 This is levelling down a distinction: there's spam that's definitely spam and can be filtered reasonably easily before or after being sent to the list. Sending something to the list that's not readily distinguishable from other content is no longer a problem for a spam filter, wherever it may sit. What's wrong with posting OpenBSD-related 'adverts', and in this special case with ComixWall which is totally free ? Well, if the principle is that this list is to build and support community around OpenBSD, it's a question about what's considered appropriate conduct within the community. Clearly there are strong feelings on either side, but I gotta ask whether advertising a redistribution, where there's not a lot of evidence of other involvement in the community, doesn't at least come across as, at minimum, genuinely subject to question. You can disagree as to what the answer is, but the exceptional characteristics that make this a question don't just answer themselves by the kinds of characteristics or implications that have been argued in its favour. I agree with a lot of the other posts that ComixWall doesn't really promote OpenBSD in any way, but for those who are looking for a solution like the one that it provides, this distribution will save some hours of installation and compilation time. Sure, but how about substantial questions like code audits for the PHP code and determining processes and mechanisms for patching? Binary distribution may not be a sin in itself (I've come around to the opinion that it's largely oversold as to its benefits), but, particularly if it's claiming to carry the flag of simplification, one may nevertheless be circumspect about the approach and implementation, by people who've not otherwise established standing in the community. I've had enough experience with Unix engineering to have both sympathy for someone who does this kind of work independently of established community organs and a strong scepticism as to whether the product will be nearly as robust as advertised or imagined for lack of strong challenges and correctives from peers and existing centres of expertise. I certainly can't think it reasonable to be so taken away with the sympathetic element of response as to overlook or underweight the strong prospect of flaws resulting from the approach taken. Conversely, with time spent talking about how you might solve the kinds of problems entailed by such project, you'd have a decent chance of establishing your credibility and the prospective quality of your project well enough that you wouldn't have to overload an existing channel to make release announcements, no? ...my 217 kronor of time... /PeO iEYEARECAAYFAksiLBQACgkQcZQHT1XL9xkQ5ACgoF7xk2XHGkgYAJSWBEBBJnnX orgAnixN3QXb89yZiZQ0v6hSr6nS+jbn =UbvM -END PGP SIGNATURE-
Re: softraid not building on boot
Am 10 Dec 2009 um 23:00 schrieb Marco Peereboom: On Thu, Dec 10, 2009 at 05:00:34PM -0500, nixlists wrote: Hmmm. I've used hardware raid cards for mirrors that have the verify function. It would be interesting to know how and what those cards do. They read the data to make sure the disk is working. If one disk is failed they can rebuild that block from the remaining disk provided that the remaining disk isn't corrupt or broken too. They assume that the data that was read is accurate; if it isn't you are SOL. They either don't detect or ignore blocks that are different because they can not know which one is accurate (if any). Verify for RAID 1 is mostly marketing fluff. Not that it provides concrete options in deciding between the options available here, but doesn't intent logging combined with checksums allow this problem to be solved in software mirroring implementations such as VxVM or ZFS? Intent logging allows you to play back pending writes to deal with the question of differences in state after I/O is interrupted without detectable erroring, and checksums let you figure out whether a mirror is reading out data that is verifiably wrong (which may be the checksum or the data). You've mentioned RAID 5 and RAID 6 as solving these problems, where you by and large have to do checksum/parity operations for most kinds of I/O, but these characteristics needn't be exclusive to those RAID levels, even if they are necessarily to their implementation, no? (Again, this is an argument in principle, intended largely/solely as food for thought, rather than claiming that these problems are solved in any of the options at hand.)
Re: ComixWall terminated [WAS: ComixWall 4.6 released, December 8, 2009]
Am 9 Dec 2009 um 19:01 schrieb Christopher Zimmermann: On Wed, 9 Dec 2009 13:38:56 -0500 Jason Dixon ja...@dixongroup.net wrote: How does the announcement of new releases for ComixWall help OpenBSD? It helps in promoting OpenBSD. And this is the official purpose of the advocasy mailing list. So I think that announcements of ComixWall releases could go into the advocasy list. Is this a false conclusion? If not Soner Tari could go on with his project and post his announcements to the advocacy list. Anyway, since the advocascy list is dead, the two announcements to misc should not be censured in such a harsh way. The premise that this is advocacy may be entirely mistaken, as it does not strike me as a strong argument in favour of OpenBSD to say that it needs to be redistributed with an alternate installer, a web GUI, and some additional software builds to be *really* useful than as released by the core development community. Might it not be the case that the existing packages and ports system already makes OpenBSD a fully FOSS and freely available UTM firewall or that improving support for what's bundled with ComixWall to make more components available as packages and/or ports would be offer greater flexibility in how people decide to acquire and deploy the product, more effectively supporting and growing the community? This creates a problem of due recognition and attribution, which is what's feeding all the moments of dispute and misunderstanding that follow. How does abstraction of arguably the cleanest, easiest to learn UNIX, help OpenBSD? It helps in promoting OpenBSD. Promoting OpenBSD will make OpenBSD more widely known. This will attract more possible developers. They will write code for OpenBSD. This will help OpenBSD. These conclusions are tenuous leaps, amounting to a secret sauce argument: OpenBSD tastes good, but with the secret sauce it would be able attract all kinds of smart people it somehow can't attract with its current recipe. This logic of supplementarity rather makes the supplement the essential thing rather than the essential thing that it's supposed to promote, and that seems to sell what OpenBSD already is and its ability to continue to evolve as a technology, a development process, and a series of communities short. Not even prospectively can the proposition that there is no ComixWall without OpenBSD be not made reversible in the way you seem to suggest, any more than supporting a redistribution on premises overstated with respect to the OpenBSD core will amount to support in various forms getting back to OpenBSD per se. You say grafting, I say grifting. I know I just added some additional noise, still I would be glad to see this issue settled in a non-destructive way. It is settled. You're whining. If this is true, it's a pity. Then comixwall just died. I still hope this issue can be settled in a NON-DESTRUCTIVE way. And yes. I AM WHINING. It bothers me when people destroy such a huge amount of good work just because of a stupid attack of bad mood. Sorry if I'm repeating myself for a moment here, but isn't imagining ComixWall as a (or the) vital supplement to OpenBSD in the way you're suggesting selling a huge amount of very far good work short? I find myself able to reach that conclusion without being seized by a fit of pique, but I can imagine having good reason to be angry at the suggestion, the more so if I was one of the people with a sustained record of contribution to the project. If there's an attack that's happened, it may be a stupid, but that's as far as the agreed facts go. I'm sure you mean well, but I for one don't follow your account of what's destruction and what's supportive here. If the question is how to do better, the prospects for improvement are substantially reduced if one fails to grasp what has succeeded thus far. OpenBSD is a great OS and ComixWall enables many people to use it. I don't see any reason why the two projects should not be able to cooperate. Because they are not cooperative projects. OpenBSD doesn't need ComixWall. OpenBSD is Free, Functional and Secure(*). (*) And easy. Right. And the devil may care. Not helping comixwall by bearing one release announcement per year is not lazy, not even selfish, its just PLAIN FUCKING STUPID! As for the devil, aren't those the details the difference between Faust I lines 4611 and 4612? OpenBSD doesn't face Gretchen's problems, and overstating self-deprecation in the name of self-promotion seems more rather than less stupid, even if these indulgences are limited to a few annual episodes. Oh, the sauce! If the complaint here is that there's something overwrought, it seems ironic in not quite the right way to be so overwrought in response. If I've poked you with a stick here it's aimed at ticklish spots so that we might now take a moment to have a chuckle and then get back on track.