Re: Problem with Intel PRO/1000GT (82541GI) adaptors
On Wed, Nov 15, 2006 at 09:25:38AM -0800, Kian Mohageri wrote: > On 11/14/06, Brian Keefer <[EMAIL PROTECTED]> wrote: > > > > > > FWIW I was having very similar problems with em(4) in OpenBSD 4.0- > > release under VMware (amd64 SMP). It would cease to recognize ARP > > replies and just flood the network with ARP requests endlessly. It > > was enough to bring VMware to it's knees and totally swamp my cheap > > switch. > > > > The same card too? > > -- > Kian Mohageri I'm pretty sure it was the same card, but my info was second-hand and I don't have a part number for you in the event that Intel is now using a different revision of the chipset. Have you tried using a more recent version of the em(4) driver? -Damian
Re: java on openbsd
On Wed, Nov 15, 2006 at 11:31:21AM +0800, Lars Hansson wrote: > On Tue, 14 Nov 2006 10:53:54 -0500 > Josh Grosse <[EMAIL PROTECTED]> wrote: > > > Per FAQ 8.3, Java 1.5 or 1.4 must be built from source. An overnight > > download have an > > of the files should not be a huge problem, considering how much time, > > computing, memory, and storage resource is needed to build it. > > Except that you need to navigate the Sun download pages mess, click thru > license agreements and have an account (I think). Then you need to > install X number of Linux JDK's, wich pulls in all the Linux emulation > packages and then you have to actually compile it and hope you enough > disk and ram. Wouldnt it be possible for someone other then the OpenBSD > project to legally share their built packages? > > --- > Lars Hansson I don't suppose it's possible to enable Solaris emulation and just rip the necessary bits from their x86 Java packages? -Damian
Re: java on openbsd
On Tue, Nov 14, 2006 at 11:27:36PM +0100, Matthias Kilian wrote: [snip] > It does not run on arm/OpenBSD. It does not run on powerpc/OpenBSD. > It does not run on vax/OpenBSD. Heck, it even behaves differently > in on i386/Linux, i386/Windows, sparc/Solaris and pSeries/Linux, > and to this platform diversity the vendor diversity (Sun vs. IBM) > yet adds more subtile differences, especially if it comes to threads > or GC behaviour. > > Believe it or not: Java is *not* platform independent, at least not > in so-called "enterprise" environments. [snip] > Ciao, > Kili, making a life with Java since about 1998. Java, the language, is an open specification that can be implemented by anyone. Java, the brand, requires the implementor to license Sun's test suite (for like $10,000 if memory serves me) and pass the tests in order to use their logos, etc. The Java Virtual Machine is also an open specification that can be implemented by anyone. Not every part of the system is defined and various implementors have done certain things differently. Also, the JVM must run on top of an operating system, so bugs in the OS may impact its performance. The bytecode should be portable assuming that the JVM works as advertised. I agree that Sun makes it a pain in the ass for people not running certain operating systems to use their Java tools. Whatever. Either deal with it, don't use it, work on one of the non-commercial JVMs or use a different OS for your Java environment. That being said, I've run Blackdown's JVM and class libraries for Java2 rev. 1.4.X on BSD without issue. Actually, that's not true I did run into some issues with cryptographic classes (license validation), but it was easy enough to work around that problem. Java may make certain classes of applications extremely easy to develop, but it's not going to replace something like C. Indeed, some Java classes in the standard class library require callouts to C routines via JNI. Also, remember that Java was initially called Oak and was targetting the embedded space. I'm not surprised there have been issues in the non-embedded space. http://ei.cs.vt.edu/book/chap1/java_hist.html -Damian
Re: AMD dual core, deciding factors for a platform?
On Thu, Nov 16, 2006 at 07:56:03PM +0200, turha turha wrote: > I haven't got the final specs yet, probably a MoBo with a nVidia chipset, > since those are the only ones I've seen with enough SATA controller, I'd > prefe eight, but so far all I've found has been six. If you like working devices I'd advise against buying a system board with an nVidia chipset. I picked up an Asus K8N-E some time ago, but my on-board audio, gig ethernet, video and some other miscellaneous devices didn't work under OpenBSD 3.8. I have yet to try a current release; maybe this weekend. > Was the problems with seagates OBSD related, or general to the HDDs? I've > had nothing but good experience with seagates so far, quiet, fast and cheap. > The newest I have is in 24/7 use, and has been for the past year or so... ISTR there being some bad runs of Seagate drives a few years ago, maybe that was the problem? I have a small Seagate drive from maybe 2000 that's worked without issue. I've been buying Maxtor SATA drives these days. > The first thing I'd need to know is there any real gain from dual core's on > OBSD (I think they do work, but how well?), if there's a real performance > gain using dual cores then I'm probably going with dual cores and need to > find out if there are some chipsets that work better, or more importantly if > there are chipsets that don't work at all. Also I'd like to know if there's > improvement on amd's 64bit vs 32bit. I think this is really going to depend on your application. If none of your processes are threaded, you're probably not going to see a big performance gain by going multi-proc. Likewise, a 64-bit CPU will give you more memory bandwidth, but if you're not using it what's the point? If you use any binary device drivers, you'll want to check that they're available for your specific platform. > And of course if there's some knowledge about running software RAID (SATA) > on OBSD, how much it takes CPU, what kinda speeds people have gotten with > it, etc. > > Btw, better to keep these thru the misc mailing list, in case somebody else > needs similar info. > > - turha -Damian
Re: Which tools the OpenBSD developers are using?
On Tue, Nov 28, 2006 at 02:48:27PM -0600, Alvaro Mantilla Gimenez wrote: > Hi OpenBSD developers, > > > Which are your preferred tools for develop? (For C, C++, Java, > etcno matter the language) > > It is good to know which tools and why... > > > Thanks, > > > Alvaro I'm assuming you mean software tools and not hardware (just got a Dell 2405FPW that I'm lovin'). Here's a typical list in no particular order: 1) visual editor -- ed, vi, emacs 2) revision control system -- RCS, CVS, Subversion 3) portability tools -- autotools (autoconf, automake, libtool) 4) build system -- make, gmake, bmake 5) packaging system -- pkgsrc, Open and FreeBSD ports systems 6) debugger -- ddb, gdb 7) decompiler -- jad (for "fixing" Java bytecode) 8) bug tracking/feature request system -- gnats, bugzilla 9) team collaboration tools -- email, IRC 10) typesetting tools -- teTeX 11) Web browser -- lynx, w3m, Mozilla Apologies to the list for the lack of snide comments. -Damian ps. Two items regarding the AK47. I've heard that the majority of these are being produced illegally (manufacturer didn't get the required license from the Soviet inventor) and that, besides the gun barrel, most parts can be stamped out of sheet metal instead of having to be machined.
Re: reading sensor RS-232/485 output
On Thu, Jan 11, 2007 at 10:23:31PM -0800, J.C. Roberts wrote: [snip] > Since I'm probably the worst person you could ask, hopefully one of the > many shell scripting gods inhabiting this mailing list will chime in on > how do useful work in shell scripts with serial. I've typically used kermit (C-Kermit) for this sort of thing. The man page includes some examples of kermit based shell scripts. You could also probably put something together with tip/cu and Expect (or Tcl). [snip] -Damian
Re: IBM ServeRAID
On Mon, Jan 22, 2007 at 08:57:58PM -0500, Nick Holland wrote: > Peter Matulis wrote: > > Hi. I would like to install OpenBSD 4.0 on an IBM eServer (xSeries 220) > > that contains a ServeRAID SCSI controller. I see that in OpenBSD > > Current a driver has been added (ips). Does that mean I cannot install > > OpenBSD 4.0 and have access to the controller on this machine? Any > > comments welcome. > > > > Thanks in advance, > > > > Peter > > yep. > New drivers are never back-ported. > > See FAQ 5 for more info on the OpenBSD development process... > > Keep in mind: whatever your hesitation is about installing -current on > your machine is pretty completely negated by the fact that 4.0 won't > work. (though, admittedly, you can't beat the stability and security > of a non-functioning system. :) > > Nick. I'm guessing that it's not worth the time and potential problems of attempting to recompile a 4.0 kernel with the new driver or just running a current kernel with an old userland? -Damian
Re: install image to computer
On Fri, Jan 26, 2007 at 03:53:48PM -0500, Steve Shockley wrote: > smith wrote: > >Why?: > > > >I've received a few new computers that I have to configure. > > http://www.openbsd.org/faq/faq4.html#Multiple Disk imaging Unfortunately, there are no known disk imaging packages which are FFS-aware and can make an image containing only the active file space. Most of the major disk imaging solutions will treat an OpenBSD partition as a "generic" partition, and can make an image of the whole disk. This often accomplishes your goal, but usually with huge amounts of wasted space -- an empty, 10G /home partition will require 10G of space in the image, even if there isn't a single file in it. While you can typically install a drive image to a larger drive, you would not be able to directly use the extra space, and you would not be able to install an image to a smaller drive. --- I don't believe that section is entirely correct, frisbee includes both filesystem aware as well as filesystem naive compression algorithms to be used when creating disk images. Frisbee can also do installs via multicast and the paper referenced below includes data showing that install times remain pretty much constant no matter how many systems are being setup at once. Emulab (emulab.com) can push images to hundreds of their machines in under two minutes. I must admit that I have yet to use frisbee myself. I'm cloning disks at this very minute, but due to time constraints have had to use our existing solution (Acronis). We're having problems due to lack of nic driver support with newer systems, but I expect to be able to create a BSD boot disc with the needed drivers along with the frisbee client in the near future. Another method that might work for you is to get one machine setup and then mirror the boot drive. You may then be able to detach a sub-mirror and move it to a different system. -Damian [1] http://www.cs.utah.edu/flux/papers/frisbee-usenix03-base.html
Re: Sendmail Issue
On Mon, Feb 05, 2007 at 02:07:02PM -0200, Giancarlo Razzolini wrote: > Hi all, > > I'm having some trouble with sendmail. My problem is the following: i > do have many firewalls in many places and would like to receive all the > daily/weekly/monthly reports in my e-mail. All the machines have their > fqdn hostnames as frw.domain.com. And most of then have dynamic ip. When > i issue a mail command from any of then and try to send an e-mail to me, > my MTA reject the message because of the sender domain, which sendmail > send as frw.domain.com. I tried changing the SMART_HOST and the > DOMAIN_NAME directives in sendmail, to relay the e-mail to my MTA and to > send another domain, not the frw.domain.com, respectively. But neither > of them worked. I would like to have another solution than configuring > my MTA to accept mail from those domains. I would like to have the > domain rewrited to domain.com not frw.domain.com. Any ideias? > > My regards, > -- > Giancarlo Razzolini > Linux User 172199 > Red Hat Certified Engineer no:804006389722501 > Moleque Sem Conteudo Numero #002 > Slackware Current > OpenBSD Stable > Ubuntu 6.10 Edgy Eft > Snike Tecnologia em Informatica > 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 It's been awhile since I've configured sendmail on OpenBSD, so I'm hoping I didn't botch the procedure too badly. Read the "Masquerading and Relaying" section from /usr/share/sendmail/README, You'll most likely want to use the following features on your external systems: FEATURE(`MASQUERADE_AS', `domain.com') FEATURE(`MASQUERADE_ENVELOPE') ...and this on your main server: FEATURE(`access_db', `hash -T /etc/mail/access_map') I see two problems with your desired configuration. All of the messages from your remote systems are going to appear to be from senders like [EMAIL PROTECTED], and you're not going to be able to tell which machine really sent the message unless you read the headers. Secondly, since some of your machines are on dynamic IP addresses you're going to have to keep updating the access map. You could just not use it, but then you can be spammed from remote systems that claim to be sending mail from domain.com. -Damian
Re: Launching the Internet
Re: Kernel Hangs; Supermicro 5015M-MR (Intel E7230)
I was setting up a couple of NetFRAME 1420's this morning with OpenBSD 3.9 and ran into the kernel hang that was mentioned on the list back in June. I just thought I'd let everyone know that the kernel on the current 4.0 snapshot floppies works fine for me. -Damian
Re: soekris boot console
On Tue, Sep 19, 2006 at 02:17:35PM -0400, Michael Hernandez wrote: > On Sep 19, 2006, at 1:58 PM, Gustavo Rios wrote: > > >My soekris is a net4801-60. I am trying to access it before i can see > >the speed ! > > > > > You need a null modem cable. Check this link out, I found it the > other day > > http://www.ultradesic.com/?section=34 > > Mike A plain old serial cable should work fine assuming the line settings are correct. What are the specs for the serial port on the Soekris board? Are you sure you have the flow control, data bits, stop bits, parity and speed set properly? Also, you may find that kermit is easier to use than tip. I've been using it to interface with my Denon AVR2805 receiver and it works great. My guess is that you have the flow control set improperly. Sometimes the correct setting isn't documented, so you'll have to experiment. -Damian
Re: Secure Apache Webserver
On Fri, Sep 29, 2006 at 11:16:44AM +0200, Toni Mueller wrote: > Hello, > > On Thu, 28.09.2006 at 09:47:51 -0400, James Strandboge <[EMAIL PROTECTED]> > wrote: > > Its extra work, but you could setup completely different chroots for > > each domain. This way each domain is isolated and you can tailor each > > one to the user's needs. > > with this, you quickly run into the problem of consuming too many IP > numbers, or do you have good argumentation against RIPE's objections? > > Also, you can put much less Apache instances on one physical server > than you can put on virtual hosts that share one server instance. > > > Best, > --Toni++ If you're running each website with its own SSL certificate, don't you need a unique IP for each server? Regarding number of instances, I'm pretty confident that a modern server could handle hundreds to thousands of instances. -Damian
Re: Looking for HowTo instructions ...
On Mon, Oct 02, 2006 at 08:21:30PM +0200, Manuel Bouyer wrote: > On Mon, Oct 02, 2006 at 12:02:34AM -0300, Marc G. Fournier wrote: > > > > The point of using periodic, at least under FreeBSD, is that there is a > > 'report' that is issued at the end of the monthly periodic run letting the > > admin know the status of various things on their servers ... > > > > So, for instance, it would give them a monthly reminder that the script > > *is* running on their machine ... > > The standard output and errors of cron jobs is mailed to the owner of the > cron tab. I'm not sure what periodic can do more in this area. > > -- > Manuel Bouyer, LIP6, Universite Paris VI. [EMAIL PROTECTED] > NetBSD: 26 ans d'experience feront toujours la difference > -- Suppose your cron jobs don't emit output, which any good job shouldn't do. -Damian
Re: Intel policy wrt OSS [was: Re: cvs.openbsd.org: src]
On Sat, Sep 30, 2006 at 03:03:57AM -0600, Theo de Raadt wrote: [snip] > Majid Awad at Intel has stated to developers that he is the current > person who is responsible for this particular area. So go ahead, let > him know how you feel about this. > > Again, his email address is [EMAIL PROTECTED] > > So let's win back the rights to run the hardware we purchased. > > Please feel free to let other open source communities know about this > matter. Thank you. Does anyone happen to have a snail-mail address for Majid? -Damian
Re: Intel's Open Source Policy Doesn't Make Sense
On Sun, Oct 01, 2006 at 11:14:37AM -0700, Brian wrote: [snip] > What does Intel gain by not being open? I am puzzled. I am not an engineer, > so is there something that I am overlooking? > > Cheers, > > Brian I can think of a few possibilities: a) Intel doesn't own the technology, but licensed it from another vendor. The licensing terms don't allow Intel to release full details. b) Intel has agreements with other customers/vendors to not release information about a particular piece of hardware. c) Intel doesn't feel that it's worth the cost to provide information for driver developers. I suspect that in most cases it's a matter of will rather than any technical or legal obstacles. -Damian
Re: OpenBSD Paypal used against User Agreement?
On Sat, Sep 30, 2006 at 10:40:40AM +0200, viq wrote: [snip] > I read some not-really-nice comments about paypal, and as one of > alternatives listed were moneybookers (.com) Can't say i tried either, > but comments seemed positive. > > -- > viq Google has a payment service, but it's restricted to pre-approved sellers: http://checkout.google.com/ >From what I've heard, PayPal tends to simply lock accounts and ban people versus investigate allegations. For example, a former co-worker had his account banned because one of his buyers included a comment in a transaction about illicit drugs. Needless to say the buyer was joking, but PayPal refused to reinstate the seller's account. -Damian
Re: Looking for HowTo instructions ...
On Mon, Oct 02, 2006 at 07:54:05PM -0400, Adam wrote: > Damian Wiest <[EMAIL PROTECTED]> wrote: > > > Suppose your cron jobs don't emit output, which any good job shouldn't do. > > Huh? If you want a task to run on a schedule, and then mail you the results, > then cron is exactly what you want. Any "good job" does what its author > wants it to. If they want it to emit output, then having it be silent for > no reason does not make it a "good job". > > Adam The way I structure my jobs, no output is _ever_ mailed by the cron daemon. Instead, the job itself traps output and sends an appropriate email message, with an appropriate subject to the appropriate user. An email message with a subject line of 'Output from "cron" job' is useless. Messages with a subject of "[SUCCESS] backup.sh" or "[FAILURE] backup.sh" are much more useful. I can filter the messages more easily, I have more confidence in a junior admin not missing an important message and I can have success and error conditions notify different people. I get daily email messages from too many jobs running as root on too many different machines for cron's default email output to be useful. -Damian
Re: [MAYBE SPAM] Re: Looking for HowTo instructions ...
On Tue, Oct 03, 2006 at 03:06:20PM -0400, Adam wrote: > Damian Wiest <[EMAIL PROTECTED]> wrote: > > > On Mon, Oct 02, 2006 at 07:54:05PM -0400, Adam wrote: > > > Damian Wiest <[EMAIL PROTECTED]> wrote: > > > > > > > Suppose your cron jobs don't emit output, which any good job shouldn't > > > > do. > > > > > > Huh? If you want a task to run on a schedule, and then mail you the > > > results, > > > then cron is exactly what you want. Any "good job" does what its author > > > wants it to. If they want it to emit output, then having it be silent for > > > no reason does not make it a "good job". > > > > > > Adam > > > > The way I structure my jobs, no output is _ever_ mailed by the cron > > daemon. Instead, the job itself traps output and sends an appropriate > > email message, with an appropriate subject to the appropriate user. > > Good for you. But "what Damian likes to do" is not the definition of > "good". It's my definition :) > Like I said, if someone wants output mailed from cron, then > making the job silent just because Damian thinks that's "good" is dumb. > > Adam Do whatever you like. I'm simply stating my preference and providing an alternative setup for people to consider. I don't find receiving 200+ messages a day from cron jobs running on the network with identical subject lines to be a particularly good setup. In this case, having cron mail me the results of the job is not "exactly what I want" as you seem to believe. If you can come up with a better scheme for managing emailed output from hundreds of jobs running on hundreds of machines, then please share. As it stands, you're merely trolling. -Damian
Re: Intel's Open Source Policy Doesn't Make Sense
On Tue, Oct 03, 2006 at 08:39:37PM -0600, Breen Ouellette wrote: > Wolfgang S. Rupprecht wrote: > >>a) Intel doesn't own the technology, but licensed it from another > >> vendor. The licensing terms don't allow Intel to release full > >> details. > >> > >>b) Intel has agreements with other customers/vendors to not release > >> information about a particular piece of hardware. > >> > >>c) Intel doesn't feel that it's worth the cost to provide information > >> for driver developers. > >> > > > >d) There are so many patents issued for obvious techniques used in > > computer peripheral chips that releasing documentation might tempt > > an ethically challenged company to sue them for royalties. > > > >Intel has been on record as stating that patent issues are now a > >significant problem for them. > > > >-wolfgang > > > > That's just their way of saying that AMD is patenting technology that > Intel has to licence, and that is just so very terrible for them. I > mean, shame on AMD for taking the shiny toy away from Intel. :) > > And seriously, is Intel insinuating that they are using patented > technology without licencing it? That seems rather bogus to me. > Ignorance of breaking the law does not waive their liability under the > law, and if they get caught in this kind of lie then I hope the legal > system stomps all over them. It would serve them right. If Intel doesn't > like the patent system, then they can lobby against it. But they are > just a hair's width shy of admitting guilt if they actually make > arguments like the one attributed above. > > Breeno > > PS - before I get accused of being a 'commie' in this latest round of > discussions regarding bad corporate behaviour, I'd just like to say that > it was my understanding that believing the law should not be broken is > not how you define a communist. Intel may just be worried that there _might_ be a problem they don't know about and are trying to protect themselves. I imagine that there are plenty of opportunities for someone to either willfully or accidentally introduce patented technologies, for which Intel does not hold a license, into their commercial products. Rather than releasing information and potentially having to deal with an intellectual property issue, Intel just doesn't release the information. -Damian
Re: Intel's Open Source Policy Doesn't Make Sense
On Wed, Oct 04, 2006 at 03:54:36PM -0600, Theo de Raadt wrote: > > Intel may just be worried that there _might_ be a problem they don't > > know about and are trying to protect themselves. > > "may just be"? > > > I imagine that there > > are plenty of opportunities for someone to either willfully or > > accidentally introduce patented technologies, for which Intel does not > > hold a license, into their commercial products. > > "imagine" > > > Rather than releasing > > information and potentially having to deal with an intellectual property > > issue, Intel just doesn't release the information. > > No facts? None at all? Just "theories" as to why they "might have to > not give things away"? All phrased to let them get away with it? > > That's a lot of apologies you are making for a vendor who sells you > broken hardware. Sorry, I didn't mean to apologize for them. Just making some guesses at how Intel is rationalizing the decision to not release information. Personally, I don't buy their products. -Damian
Re: Looking for HowTo instructions ...
> On 10/5/06, Greg Thomas <[EMAIL PROTECTED]> wrote: > >On 10/4/06, Marc G. Fournier <[EMAIL PROTECTED]> wrote: > >> > >> What the software is measuring, or is trying to measure, is the number of > >> active *BSD installations there are ... > >> > > > >So why doesn't it do only that? Just "Systems This Month: 2938" and > >the numbers broken down by country or continent. > > > >Greg On Thu, Oct 05, 2006 at 02:38:49AM +, Sam Fourman Jr. wrote: > I for one do not mind that, BSDstats breaks out the BSD operating systems. > > I only wish that someone with sufficient knowledge would put the > BSDstats script in the OpenBSD ports tree. because if I could install > it I could add 27 OpenBSD systems. > > Sam Fourman Jr. I just took a look at the script, all you have to do is schedule it to be run from cron and add a line to rc.conf. I'm not sure what you'd gain by having a port. -Damian
Re: [MAYBE SPAM] Can't start symux --> symux: could not get a semaphore
On Thu, Oct 05, 2006 at 11:39:25PM -0300, Marcos Laufer wrote: > I have a problem starting symux on OpenBSD 3.7, it was working > fine untill today that the machine crashed leaving no log at all, and > when i went up again something went wrong with symux, > maybe someone knows what's going on. > > > I run the following command to start it: > > /usr/local/libexec/symon > su -m nobody -c /usr/local/libexec/symux > > and i get this in /var/log/messages: > > Oct 5 23:29:01 srv1 symux: symux version 2.67 > Oct 5 23:29:01 srv1 symux: could not get a semaphore > > symon starts properly, i get no error or problem, but symux shows that > message and doesn't start. [snip] > Best Regards, > Marcos Laufer What does ipcs show you? -Damian
Re: FTP Account Lockout
On Fri, Oct 06, 2006 at 02:41:31PM -0400, stuartv wrote: > Ryan, > > Thanks for your input. I have been gently pushing those who make > the decisions here towards sftp for some time now; however, > ultimately that is one decision that is out of my hands. > According to the inspector that is doing our PCI inspection the > only requirement we haven't met as reguards to our FTP server is the > one for locking out an account that has failed 3 times in a row. > Personally I think that this requirement is rather dumb and adds > little to security, but we have to do what the inspector wants if > we want certification. I have told my supervisor of your thoughts > as to encrypted passwords (or the lack of in FTP) so we'll see if > that helps. > > Thanks again, > stuart > > >You mean besides the fact that you're running FTP at all, right? > >- PCI requires that all passwords are encrypted in transmission, and FTP > > doesn't do this. > >- Depending on how you interpret the wording, PCI either prohibits or > > strongly discourages the use of FTP from 'untrusted' networks/hosts > > > >Consider replacing your FTP solution with scp/sftp. > > > >-Ryan I've had the misfortune of working with auditors regarding SOX compliance. I'm not sure who's coming up with these security policies, but they don't seem to have a background in security work. To compound the problem, the auditors I've dealt with seemed to simply be following a checklist. It's almost like the people creating the auditing requirements read Gene Spafford's article on "Security Myths and Passwords" [1] and decided to base their policies on the myths. So where did the change passwords once a month dictum come from? Back in the days when people were using mainframes without networking, the biggest uncontrolled authentication concern was cracking. Resources, however, were limited. As best as I can find, some DoD contractors did some back-of-the-envelope calculation about how long it would take to run through all the possible passwords using their mainframe, and the result was several months. So, they (somewhat reasonably) set a password change period of 1 month as a means to defeat systematic cracking attempts. This was then enshrined in policy, which got published, and largely accepted by others over the years. As time went on, auditors began to look for this and ended up building it into their best practice that they expected. It also got written into several lists of security recommendations. -Damian [1] http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/
Re: Slogan for OpenBSD goodies
> On 10/7/06, Samurai Chef <[EMAIL PROTECTED]> wrote: > >On 10/6/06, Jason Mao <[EMAIL PROTECTED]> wrote: > >> Hi, Bruno > >> > >> I think that depends on your definiton for the word "free". > >> > >> > >> Best rgds, > >> > >> Jason > >> > >> On 10/6/06, Bruno Carnazzi <[EMAIL PROTECTED]> wrote: > >> > Hi misc, > >> > > >> > I was thinking to a slogan that could be printed on some openbsd > >goodies : > >> > > >> > "Free software can't exist without Free hardware." > >> > > >> > I think this is really the core of the current free software problem. > >> > > >> > Best regards, > >> > > >> > Bruno. > >> > >> > > > >s/Free/Open/g On Sat, Oct 07, 2006 at 12:27:47AM +0800, Jason Mao wrote: > Hi, Samurai > > Well, software may be open, but how could hardware be open > in the same way as software? > > Anyway, this is also a neat idea, in that this is "Open"BSD rather > than "Free"BSD. > > > Jason You've obviously never designed hardware or visited sites like opencores.org. Briefly speaking, hardware designs are typically written in some language like VHDL, Verilog, etc. and then tested in a simulator. Once the bugs in the design are worked out, the source code is sent off to a factory to print the boards, build the chips, etc. What's really exciting is the work being done with 3d printers and how the ideals of open source software can be applied in that realm. -Damian
Re: [MAYBE SPAM] Re: Version 4.0 release
On Mon, Oct 09, 2006 at 03:59:29PM -0600, Theo de Raadt wrote: > > I see 4.0 is coming out, and yet, no hardware raid support, no fixes for > > raidframe, > > and still no SMP support, for sparc64 on Ultrasparc II machines. > > > > I'm using only 1 processor out of 4, and 4 hard drives out of 30 because I > > can't hardware raid > > my enterprise fiberchannel array, I can't hardware raid the majority of the > > drives in my > > E450, and because raidframe is so old and buggy, I can't raid5 any of it, > > and am left > > mirroring my 2 boot drives together, and 2 data drives together. > > > > This is a $125,000 machine 5 years ago, and I treat it no better than some > > crappy i686 box > > because security is my primary issue. If I went with another OS, I could > > get a lot of the > > functionality I want, but what good is it, if some 12 y/o kid in pakistan > > can hack my box. > > > > I just can't see why SMP and hardware raid aren't supported on sparc64/II. > > > > Thanks at least for a very secure OS. I've been online now for 6 months on > > this E450 with > > no hacks. > > We welcome code submissions. I think you have no idea at all how much > effort it takes to support all the things we do, and you are just > being rude. Heh. I've actually got an E450 at home myself that hasn't been setup yet. It's got quad processors, a couple of gigs of RAM and one or two of the disk expansion boards (with Symbios 2201, 2202 or 2204 cards). Do many people have these things? I'm just wondering how much help I could be to the project if I ran OpenBSD on the thing versus Solaris 10. I'd suggest the original poster just put Solaris on the damn thing and lock it down; maybe put an OpenBSD firewall in front. -Damian
Re: [MAYBE SPAM] Re: Version 4.0 release
Sorry about the subject line. The spam filter here flagged the message and I keep forgetting to check to see if it changed the subject. -Damian
Re: Version 4.0 release
On Mon, Oct 09, 2006 at 05:16:09PM -0600, Jack J. Woehr wrote: > On Oct 9, 2006, at 5:09 PM, Bryan Irvine wrote: > > > [1] I'm pretty sure the 250 and 450 are similar, though I could be > > wrong. > > Similar, but the 250 is typically "half a 450", two procs instead of > four > and less of other resources, otherwise quite similar. > > -- > Jack J. Woehr > Director of Development > Absolute Performance, Inc. > [EMAIL PROTECTED] > 303-443-7000 ext. 527 > Yup, very similar; I was responsible for a few e250's at my last job. The 250 has six internal bays versus twenty on the 450 (four by default, and then an additional eight with each disk expansion board) and two power supplies instead of three. The 450 also has more PCI slots and is easier to service IMHO. You think the 250 is heavy, try the 450. I had to pull the supplies and system board to get the thing home. http://sunsolve.sun.com/handbook_pub/Systems/E250/E250.html http://sunsolve.sun.com/handbook_pub/Systems/E450/E450.html -Damian
Re: OpenBSD 4.0 as a PostgreSQL Database Server
On Wed, Oct 11, 2006 at 03:08:36PM -0500, Sam Fourman Jr. wrote: > For those of you that are knowledgeable, and have the time to respond > > does anyone see any troubles with this hardware selection? > I am mostly concerned with the raid Controller selection I am > expecting it to have raid 5 across 16 drives with 1 spare > > the intent is to run a PostgreSQL 8.2 Server with OpenBSD 4.0 when > they are both released > > MotherBoard GIGABYTE GA-4MXSV Socket T (LGA 775) Intel E7230 ATX > Server CPUIntel Pentium D 940 Presler 3.2GHz 2 x 2MB L2 Cache LGA > 775 Dual Core > 16 Raid Drives Western Digital 200GB WD2000JS SATA II 7200RPM 8MB > - OEM > Raid Card Areca ARC-1260 16-Port PCI Express x8 SATA 3Gb/s RAID > Controller - Retail > > > > Thank you for any Help > > Sam Fourman Jr. I know you have your reasons for wanting RAID-5, but check this out: http://www.baarf.com/ -Damian
Re: UPS just delivered the 4.0 release CD-set
On Fri, Oct 13, 2006 at 10:25:15AM -0400, Jeff Quast wrote: > On 10/13/06, Sideris Michael <[EMAIL PROTECTED]> wrote: > >On Fri, Oct 13, 2006 at 02:35:35PM +0200, Joris Van Herzele wrote: > >> It's true this is hardly relevant for a discussion forum, but I hope you > >> will all forgive me ... I just felt the need to voice my joy. > >> > >> We all agree it's great software, but other than that just look at it : > >> The packaging in itself is already enough to put me in a festive mood :) > > > >Probably I am missing something here, but, isn't the release date > >20061101? If so, why the early shipping? Just out of curiosity. > > It has always been this way. Nico forgot to add your question in his > very short explanation of 'the way it is'. > > Pressing, Printing, Packaging, Shipping -- these are all done early as > necessary to ensure that the pre-ordered CD's arrive BEFORE the > release date. > > So, > If the CD's have been printed and packaged earlier than expected and > are sitting around in somebody's living room -- why not begin shipping > them off? > > Consequently, > Those who make pre-orders are often rewarded specialy, getting the > release earlier than those who did not pre-order. This is not WHY, > this is just a consequence of good time management. > > I can't wait to see this post next release, too :) (only because I > always enjoy releases) Aw, heck. I had to install FreeBSD 6.1 on a couple of servers because they were needed before OpenBSD 4.0 would be released and we didn't want to run pre-release code (which resolved an ACPI issue on NetFrame 1420). I suppose the lesson here is to pre-order your copy. -Damian
Re: blobs are bad
On Wed, Oct 18, 2006 at 01:40:19PM +0200, Martin Schr?der wrote: > 2006/10/18, Sam Fourman Jr. <[EMAIL PROTECTED]>: > >Pardon me if my Knowledge is lacking, but is there actually *any* > >video card vendor that would support Full 3D acceleration and *most* > >of the stuff desktop users want? > > Not really. Matrox is open, but the cards don't do DVI higher than > 1280x1024. And ATI is as closed as NVIDIA, but the drivers are even > more broken. > > Best > Martin Do you have more details regarding ATI versus NVIDIA video cards? From what I understand, ATI's Radeon cards have pretty good support. Meaning that all of the video-out ports work with the radeon driver and some versions have 3d support. I don't believe the nv driver supports any video-out ports besides VGA (DVI?) and only does 2d. I got burned by this some time ago when I discovered that while NVIDIA releases binary drivers for FreeBSD, they're only available for the x86 platform. If you're looking to add dual, or triple-headed support or connect your system to a television or A/V receiver, good luck. I've had nothing but problems trying to find a suitable card with BSD support. I'm currently trying a Radeon 9600XT which some people have claimed will work. -Damian
Re: How open is Intel?
On Thu, Oct 19, 2006 at 11:14:20AM +1000, Jonathan Gray wrote: [snip] > For the longest time it was quite hard to get documentation out > of the networking side of Intel, but it recent years they > publish reasonably detailed manuals for 10/100 (fxp) and > 10/100/1000 (em) controllers and some PHYs. I have not > been able to find any 10GbE (ixgb) manuals and suspect > they don't publish them. Anything at all to do with > wireless there is no documentation from Intel at all also. > > fxp > http://www.intel.com/design/network/manuals/8255x_opensdm.htm > > em > http://www.intel.com/design/network/manuals/8254x_GBe_SDM.htm Funny you should mention this as I just grabbed some docs for the 82563EB (Intel Pro/1000). Device driver writing is an area I haven't yet explored, but the datasheet for the Pro/1000 looks pretty detailed and includes block diagrams, pin descriptions, signalling, timing specs, etc. Is this sort of document sufficient for device driver writers? I apologize if this is a stupid question, but I really would like to learn more about writing device drivers. -Damian
Re: NOD32 Antivirus and OpenBSD?
> On 10/24/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote: > >Hello everyone, > > > >I'm thinking on purchasing this NOD32 anti-virus solution from > >ESET.COM and use it here at work. I really want to use it with > >OpenBSD, since every other server machine runs OpenBSD as well. The > >problem is that eset.com claims that their product will run on Linux > >and FreeBSD, they say nothing about OpenBSD. I've heard rumors of > >NOD32 being also able to run on OpenBSD, but I *think* that was for > >earlier versions of NOD32. I'm not very fond of rumors, so I came here > >to ask your opinion about it. Does anyone here have any experience > >with NOD32 and OpenBSD? Or another really good antivirus that I may > >consider? > > > >Thanks in advance, > > > >Leonardo Rodrigues > >-- > >An OpenBSD user... and that's all you need to know =) On Tue, Oct 24, 2006 at 01:07:36AM -0500, Der Engel wrote: > lol? Some people like to run antivirus software on UNIX boxes to ensure they're not carriers for Windows viruses, etc. Personally, I think it should be the responsibility of the Windows users to secure their own machines rather than relying on the kindness of others. -Damian
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
On Mon, Oct 23, 2006 at 01:24:11PM -0400, Daniel Ouellet wrote: > Stuart Henderson wrote: > >On 2006/10/22 17:29, Daniel Ouellet wrote: > >>It work,s but as soon as the setup for OpenBSD start to boot the bsd.rd, > >>the access to both the ethernet management port as well as the serial > >>console is lost and the only way is to use local keyboard and monitor. > > > >Usually BIOS serial redirection stops after the bootloader, > >so you have to 'set tty com0' (either typed or, if you're booting > >from PXE you can place it in $TFTPROOT/etc/boot.conf) > > But you can't do that if you boot from CD for example to do a fresh > install. I was trying to see if I could do that for future needs before > installing it in the field. But no success. (:< > > As for regular operation, I will try this and see if that does any > difference. > > >The ethernet management is probably asf/ipmi and I guess it would > >be on one of the broadcom nics, bge(4) doesn't support this at present > >(was added for a short while but removed again, if_bge.c 1.104-1.106) > > It is the bge1 interface actually on this box. > > >4 ethernet, 2 card slots, LOM improvements... sounds like it's a lot > >more useful machine. > > So far looks like a very nice server. Front loaded SAS drives, could do > RAID as well, (don't know if that works well or not, didn't try yet), > dual core CPU and a bunch more of nice features. > > I wasn't sure OpenBSD was going to work, so I took a chance, got one for > testing and see. So, far, pretty nice! > > A few things don't look right in DMESG, but nothing that is a show > stopper yet anyway. > > Just this management interface, either serial, or Ethernet that doesn't > work. Would be nice, but I can live without. It's not to much of a > drive, about 40 minutes at worst. > > But I have to say that I much prefer that box to my IBM 326e or HP 145 > G2 or G1 so far. > > I have nothing bad to say about it yet anyway. Minor things, that's all. Besides the Broadcom, what other nic is on the system board? ISTR newer x2100's shipping with Nvidia ck8-04 Gigabit Ethernet for the primary interface which may not be supported. I believe all of our x2100's are running Solaris 10; I can check to see if we have one available for testing with OpenBSD. I know for a fact that we have the BIOS and console writing to serial port A under Solaris 10. -Damian
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
On Tue, Oct 24, 2006 at 11:11:43PM -0700, Pawel S. Veselov wrote: > Daniel Ouellet wrote: > >stan wrote: > >> > >>That's actually not a given IFIRK Sun says the RAID on the 2100's > >>is "Windows only". > >> > > > >Interesting! I didn't read that. Must have skip my reading then > >somehow. The choice are in the BIOS to enable it. I didn't buy two > >drives as it was for testing only, so I can't say if it would work or > >not for sure, or if it would be supported in OpenBSD or not. No clue. > > > >If there is feedback as to it should be supported, not only in > >Windows, and some are interested to know if it does or not, I could > >buy an other drive and try it. Not that I will need two drives for > >what this baby will be use in. > So, what's the controller in x2100 ? In v65x it was a u320 aic79xx, > Adaptec only provides Windows drivers for it, and is not so willing > to share with the microcode needed to support built-in RAID. > Someone also mentioned that enabling these kind of RAIDs is of > little use, since they put almost the same strain on the CPU, making > it run controller's microcode. > > Why Sun picks that kinda hardware for it's servers, is another kinda > question But the controller manufacturers play evil here... > > > Thanks, > Pawel. Well, I just found about a half-dozen of these machines in the back room... It's not easy to get to, but the RAID controller is an NVidia nf4-ultra-n-a3; I didn't see any sort of EEPROM or SRAM chip to hold metadata. From what I've heard, there are only Windows drivers available. -Damian
Re: Modemsupport?
On Tue, Oct 24, 2006 at 08:23:06PM -0400, STeve Andre' wrote: > On Tuesday 24 October 2006 19:47, Stuart Henderson wrote: > > On 2006/10/25 01:18, [EMAIL PROTECTED] wrote: > > > I had a old Laptop and in my Dmesg was a Modemchip from VIA wich wasn`t > > > supported. Now I do own a Thinkpad and I`ve a INTEL Modem-Chip wich isn`t > > > supported either. > > > > Often they're no modem chip, just a telephone line interface to > > the sound codec, and the modulation/demodulation is done on the cpu. > > > > > So does OpenBSD support any Modems except some via USB? > > > > Anything with a standard RS232 interface - puc(4), com(4) - and some > > USB (though other USB will not work). > > I have a cardbus modem that I've used for years. The relevant line in > the dmesg data is > > pccom3 at pcmcia1 function 0 "U.S. Robotics, XJ/CC1560, Megahertz 56kbps \ > Modem" port 0xa3f8/8: ns16550a, 16 byte fifo > > --STeve Andre' FWIW, I've got a bunch of cardbus modems like the one Steve mentioned. If anyone wants them and is going to be at NYCBSDCon this weekend I can bring 'em. -Damian
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 02:43:21PM +1000, Damien Miller wrote: > On Tue, 24 Oct 2006, Sam Fourman Jr. wrote: > > > I am Searching the Internet for a Basic Hello World Ajax sample > > written in C if anyone has one laying around please reply to this post > > I think you would be nuts to write your web applications in C, unless > you are a master with a good reason. > > -d I did that back in the mid-nineties. More than half of the code ends up being calls to string, memory and regex functions. -Damian
Re: OpenBSD AJAX
On Wed, Oct 25, 2006 at 03:06:36PM +0200, Joachim Schipper wrote: [snip] > > Just a half-baked thought, but escaping any non-constant expression > (i.e., actual variable, not fixed string) passed to the browser or a > database would go a long way toward solving most problems. > > That is, > > $hello = ""; > echo " ", $hello; > > could produce >> > And > > do_query('select var1, var2 from mydb where id = ' . $my_id); > > would not be as dangerous as it is now. > > Of course, this is an ugly hack [1]. But a hack that would make my life > quite a bit easier. > > Joachim > > [1] The first example is not that bad, treating constants and variables > differently is just one sin; the interesting part is figuring out a sane > way to do the latter. > Or you could use DBI's bind parameters and not have to worry about the issue. My main problem with PHP is that it allows programmers to be extremely sloppy and embed application logic into what would otherwise be an HTML page. Using code to iterate through a list and display the values contained within is fine, but I see a lot of people doing transactional processing in PHP pages. This isn't unique to PHP, as JSPs tend to have the same problems. -Damian
Re: Whatever happened to the 64bit SH-5 dsign?
On Wed, Oct 25, 2006 at 02:28:22PM -0600, Jack J. Woehr wrote: > On Oct 25, 2006, at 2:09 PM, Miod Vallat wrote: > > >> Ahhh, crap, I'm so much more a Winter Solstice kind of person. > >> Besides, > > > > This is so has been. Smart people celebrate Agnostica those days. > > I celebrate Sir Isaac Newton's Birthday. (12/25) > > -- > Jack J. Woehr > Director of Development > Absolute Performance, Inc. > [EMAIL PROTECTED] > 303-443-7000 ext. 527 It's Festivus for the rest of us. -Damian
Re: Lenovo notebooks
On Thu, Oct 26, 2006 at 10:57:27PM +0200, ropers wrote: > On 26/10/06, stuartv <[EMAIL PROTECTED]> wrote: > >>On 10/26/06, Johan P. Lindstrvm <[EMAIL PROTECTED]> wrote: > >>> > >>> You should really get yours too, not buying the CD's will not improve > >>> the hardware support now will it? > >> > >> > >>The way it works here is "boss, I need to buy an openbsd license for each > >>openbsd box we run. It's $50 each, + shipping. Sign here please". > >> > >>Speaking of that, I need to get off my ass and buy my 4.0 licenses > >already. > >> > > > >Awww... Too late for that for me, I had to use the whole "Look Boss, it's > >free" line along with plenty of documentation that OpenBSD is as secure as > >it gets for them to let me put in the first OpenBSD box. They are pretty > >happy with them so far. I'm going to try to hit them up with the whole > >"Wouldn't it be nice to support such a great project that we use so much" > >argument as soon as things slow down here a bit and there is time to chat. > >That should work. > > > >stuart > > That's what I'm planning to do as well... but it may be a pipe dream > -- the single small department that I sysadmin for on a part time > basis took a lot of convincing to even let me put in that one OpenBSD > firewall... OTOH, if I wait half a year and we haven't gotten the > Windows 2003 server rootkitted again by that time, I may have a much > stronger case. "Look guys, this seems to be doing us some good right > here..." It prolly works in OpenBSD's advantage that the software can > be paid for after the fact. You wouldn't believe the politics and red > tape that's getting in the way of buying and deploying just about any > additional security product. "We've already got our antivirus program, > now why would we want to buy an antispyware program.?" "We're already > using Firefox, now why do we need a firewall?" Slightly embellished, > but in the broad strokes that's what took place. I am not making this > up. > Why do you continue to work there? Sorry, I just left that sort of environment and have been kicking myself for not leaving earlier. -Damian
Re: OpenBSD Wiki
On Thu, Oct 26, 2006 at 08:52:20PM -0500, Kenny Mann wrote: > Dudes, > > Many months ago I started a website called OpenBSD-Wiki (located at > http://www.openbsd-wiki.org). > > The orginal goal was pretty selfish: Document what it took to get my > systems going so I wouldn't forget. > > I'm not a complete moron (eek! I hope!) , but I'm no where near as > skilled as many on this list -- so I needed some documentation for > myself. Wiki seemed to make the most sense, especially considering that > many articles on the web are out of date and could use some minor (and > sometimes major) adjustments. > > As I lurked the misc@ list, I found some pretty helpful things, emailed > the offer off-list asking if their works can be placed on that site > released under the BSD license and so far everyone I've asked has been > kind enough to say yes. > > Anyone is welcome to create articles or create content they think is > useful for other people to know (so long as either you or the original > author will release it under the BSD license). > > As far as how thinks should be organized and all that, I haven't > entirely thought that through and am open to suggestions. My orginal > thoughts where to make it close to the Gentoo-Wiki project (located at: > http://www.gentoo-wiki.org). > > I've been pretty busy lately and haven't had time to produce as many > articles as I'd like but I'm also waiting for the 4.0 CD to arrive (it's > already shipped and I have a tracking number! yay! I'm excited!) and I > will update as many articles to that as possible. > > I lack design abilities, so any criticism is welcome. Well _any_ > criticism is welcome. > > I'm trying to figure out a sane method to extract the articles into > being a plain-text dump, so everyone can take copies if they need, once > I get that figured out I'll post on the site. > > Those that have already contributed or allowed me to take their articles > and place them their, I thank you very much and would like to say: You rock! > > One final thing, this is hosted off of my SBC DSL Business Elite line. > This means I have 3-6mb down and 384-618 up (static IP's), so if the > lines start getting clogged too hard then I'm willing to pay for some > real hosting -- so no worries. > > > --Kenny I typically use LaTeX for this sort of thing. You can create a simple makefile that will produce output in many different formats. I also typically have an rsync based installer that pushes the changes out from my CVS working copy to the webserver. LaTex is pretty easy to pick up; an example article should be enough to get you going. I can also recommend Leslie Lamport's book, "LaTeX: A Document Preparation System" http://research.microsoft.com/users/lamport/pubs/pubs.html#latex -Damian
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
On Sat, Oct 28, 2006 at 09:17:11AM -0700, Pawel S. Veselov wrote: > stan wrote: > >On Tue, Oct 24, 2006 at 11:11:43PM -0700, Pawel S. Veselov wrote: > > > >>Daniel Ouellet wrote: > >> > >>>stan wrote: > >>> > That's actually not a given IFIRK Sun says the RAID on the 2100's > is "Windows only". > > > >>Why Sun picks that kinda hardware for it's servers, is another kinda > >>question But the controller manufacturers play evil here... > >> > >> > > > >Might be beacuse these machines are about $750US each list. > > > > > What about v65x then ? :) I don't know if I mentioned this already, but the Intel Gigabit Ethernet chip on Sun's AMD64 systems isn't even supported under Solaris. Windows drivers only. I have heard rumors that a recent build of OpenSolaris includes driver support though. -Damian
Re: understanding the kernel
On Sun, Oct 29, 2006 at 11:18:28PM -0700, George Mihai IACOB wrote: > Jonathan Gray wrote: > >On Sun, Oct 29, 2006 at 08:24:16PM -0700, George Mihai IACOB wrote: > >>Hello! > >> > >>I am a not-so-experienced programmer and I started a personal project > >>which requires a deep understanding of the OpenBSD kernel - no, I am not > >>going to fork another BSD style operating system. I wonder if there is > >>documentation describing the kernel, other that the comments in the > >>source. For a start, I am reading Andrew Tanenbaum's "Modern Operating > >>Systems", 2nd edition and trying to follow the code in the kernel > >>source, starting with sys/kern/init_main.c > >>Is this a wrong approach? Do you have other suggestions? I know there's > >>no easy way and I am not looking for one, all I want is a starting point. > >>Regards, > >>George > > > >You don't mention what you had in mind so it is hard to point at anything. > >"The Design and Implementation of the 4.4 BSD Operating System" by > >McKusick and friends is likely to be more relevant for implementation > >details, Tanebaum's book is more high level theory. > > > > Well, I want to be able to write software which should run in kernel > mode and/or modify the kernel. Basically, I'm just like a college > student taking an operating systems course and using OpenBSD as an example. "Operating System Concepts" by Silbershatz, Galvin and Gagne: http://codex.cs.yale.edu/avi/os-book/os7/ As a bonus, there are pretty dinosaur pictures at the start of each chapter. Also, get the BSD book mentioned above. -Damian
Re: Nintendo Wifi Connector and Nintendo DS (WEP)
On Tue, Oct 31, 2006 at 11:08:15AM +0100, Guido Tschakert wrote: > Hello, > > after reading through the "ralink broken after last update" thread and > seeing that Bruno is using an Nintendo Wifi Connector > I wonder if someone has connected a Nintendo DS via an OpenBSD Box and > the Nintendo Wifi Connector as AP using WEP. > Without WEP everything works fine for me (i put my /etc/hostname.ural0 > at the bottom of this message) > But I haven't worked out how to configure WEP. > What worked was using WEP for a connection between the Wifi Connector as > Accesspoint and my notebook. > So if anybody know in which format I have to use the WEP Key on both the > OpenBSD Box and the Nintendo DS, I really would like to know. > > thanks > > guido > > > > > > /etc/hostname.ural0 > inet 192.168.22.1 255.255.255.252 NONE media DS2 mediaopt hostap mode > 11b nwid zelda chan 12 -nwkey > > (btw the DS only works with 2Mbps) I've got a couple DS's (and a PSP :( ) at home and have been using them with various systems (FreeBSD and OpenBSD with Aironet and Prism cards and a Linksys 54WRTG) acting as access points. I don't seem to recall encountering any problems. What does the Nintendo wireless adapter attach as? Is there some reason you're hardcoding the transmit speed on your AP? I had no end of trouble trying to connect when I tried this. I believe that if you specify the transmit speed, then all devices must use that speed. Meaning, you can't have one using DS2, one using DS11 and your AP doing autoselect. At least I couldn't get that sort of setup to function. As for the WEP key, you should enter it just like you did on your AP. -Damian
Re: Sun x2100 M2 DMESG weirdenn and remote access. OpenBSD 4.0
On Tue, Oct 31, 2006 at 04:22:52PM -1000, [EMAIL PROTECTED] wrote: > On 31-Oct-06, at 3:59 PM, Damian Wiest wrote: > > >On Sat, Oct 28, 2006 at 09:17:11AM -0700, Pawel S. Veselov wrote: > >>stan wrote: > >>>On Tue, Oct 24, 2006 at 11:11:43PM -0700, Pawel S. Veselov wrote: > >>> > >>>>Daniel Ouellet wrote: > >>>> > >>>>>stan wrote: > >>>>> > >>>>>>That's actually not a given IFIRK Sun says the RAID on the 2100's > >>>>>>is "Windows only". > >>>>>> > >>>>>> > >>>>Why Sun picks that kinda hardware for it's servers, is another > >>>>kinda > >>>>question But the controller manufacturers play evil here... > >>>> > >>>> > >>> > >>>Might be beacuse these machines are about $750US each list. > >>> > >>> > >>What about v65x then ? :) > > > >I don't know if I mentioned this already, but the Intel Gigabit > >Ethernet > >chip on Sun's AMD64 systems isn't even supported under Solaris. > >Windows drivers only. I have heard rumors that a recent build > >of OpenSolaris includes driver support though. > > > >-Damian > > > > That is incorrect. The Intel chipset on the Sun AMD64 servers is > supported under Solaris with the Sun e1000g driver (and the older > ipge driver on SPARC systems that have that same chipset, anyway). > The e1000g adds jumbo frames and a few other features over the ipge > driver. > > Also, the RAID controller configuration is available via the BIOS and > in Solaris as raidctl(1M) > > -Mike I'll have to talk to one of my co-workers about this. I seem to recall there being a driver available, but that it didn't work properly. Getting OT, but are you using the SUNWintgige package? Are you talking about the Nvidia RAID controller? -Damian
Re: OpenBSD Audio series other than bsdtalk ?
On Tue, Oct 31, 2006 at 05:10:25PM +, Douglas Hunter wrote: > NYCBSDCon2006 now has its talks available in MP3 and with slides in pdf from > http://www.fetissov.org/public/nycbsdcon06/ > > I saw this in the OpenBSD Journal ( http://undeadly.org/) > > > Douglas I suppose this saves me the trouble, or should I go ahead and post my recordings? I was one of two people doing audio recording at the conference, but I used a MiniDisc recorder. It's a really old one, so I have to do analog transfer which will take like 10+ hours for everything. -Damian
Re: Sun BlackBox
On Wed, Nov 01, 2006 at 01:31:01PM -0500, Nick Guenther wrote: > On 11/1/06, Chris Cameron <[EMAIL PROTECTED]> wrote: > > > > > >On Wed, 2006-11-01 at 14:55 -0300, Gustavo Rios wrote: > >> Dear list members, > >> > >> While visiting sun blackbox home page, i saw they have a new project > >> called blackbox. But i don't know whether openbsd could be used within > >> it. > >> > >> Gustavo Rios > > > >Do you plan to need a trailer full of Sun hardware? > > > > > >They're just normal Sun machines in a trailer. > > Why would you ever want a trailer of computers? So you can go RV'ing > and still hack?; get a double degree in Hick/Nerdism? > > -Nick I haven't priced shipping containers lately, but I imagine this sort of setup could be useful in more rural areas instead of building out a facility. Plus, they're shipping containers so you could stack a bunch of them together. -Damian
Re: OpenBSD Audio series other than bsdtalk ?
On Tue, Oct 31, 2006 at 11:09:17PM -0500, Jason Dixon wrote: > On Oct 31, 2006, at 9:44 PM, Damian Wiest wrote: > > >On Tue, Oct 31, 2006 at 05:10:25PM +, Douglas Hunter wrote: > >>NYCBSDCon2006 now has its talks available in MP3 and with slides > >>in pdf from > >>http://www.fetissov.org/public/nycbsdcon06/ > >> > >>I saw this in the OpenBSD Journal ( http://undeadly.org/) > > > >I suppose this saves me the trouble, or should I go ahead and post my > >recordings? > > > >I was one of two people doing audio recording at the conference, but I > >used a MiniDisc recorder. It's a really old one, so I have to do > >analog > >transfer which will take like 10+ hours for everything. > > If yours sounds substantially better than Nikolai's, I'd like to get > a copy. I might start over from scratch to remove some unexpected > encoding artifacts. If I'm going to, it would be nice to have the > best audio available too. > > Thanks, > > -- > Jason Dixon > DixonGroup Consulting > http://www.dixongroup.net >From what I've heard so far, Nikolai's recordings sound great! I'd be interested to know what sort of digital recorder he used. I haven't been feeling so well the past few days, but I've started converting things. If I'm lucky, I'll have everything done this weekend. A few people have contacted me about getting copies so I imagine the easiest thing to do would be to mail out CD-R's (DVD-R?) and post mp3's for the general public. -Damian
Re: Nintendo Wifi Connector and Nintendo DS (WEP)
On Fri, Nov 03, 2006 at 12:56:07PM -0600, Sam Fourman Jr. wrote: > Does OpenBSD accually run on a Nintendo DS? > > is it a i386? or ARM? > > Sam Fourman Jr. The OP's not running OpenBSD on the DS, he's trying to connect his DS to an OpenBSD server with a Nintendo Wi-Fi adapter plugged in. I'll pick up an adapter this weekend and see if I can get it working with 4.0. My guess is that it's either an issue with the transmit speed setting, or possibly the auth mode the OP's using. -Damian
ifconfig and authmode
Can the authentication mode for an 802.11 wireless connection be configured using ifconfig? I'd like to be able to configure my cards without having to use a driver-specific utility. I haven't yet installed 4.0, but I saw this entry from the What's New document: spppcontrol(8) and wicontrol(8) functionality has been merged into ifconfig(8). Does this change address the authmode issue? I didn't see anything mentioned in the current manpage for ifconfig (rev. 1.135). Thanks! -Damian
Re: spamd
On Tue, Nov 07, 2006 at 08:47:27AM -0700, Bob Beck wrote:
> No, not yet. see http://www.ualberta.ca/~beck/nycbug06/spamd/
>
> * edgarz <[EMAIL PROTECTED]> [2006-11-07 01:54]:
> > Hi misc!
> >
> > Is it possible to keep in sync two or more spamdb over the network? :)
> >
> > Thanks.
> > Edgars.
> >
>
> --
> #!/usr/bin/perl
> if ((not 0 && not 1) != (! 0 && ! 1)) {
>print "Larry and Tom must smoke some really primo stuff...\n";
> }
Great talk, BTW. I'm listening to it right now.
Have people had any complaints from users that were blacklisted due to
an attempt to send a message to a non-existant email address? It seems
to me that accidentally transposing characters in an email address is a
fairly common occurance.
-Damian
Porting GEOM
Has anyone attempted to port GEOM from FreeBSD to OpenBSD? I'm inclined to try my hand at it, but I thought I'd check to see if anyone else was working on it. -Damian
Re: layout of filesystems on OpenBSD
On Fri, Nov 10, 2006 at 05:55:27PM +0100, Igor Sobrado wrote: > Hello. [snip] > 2. Are the sizes of the filesystems right ones? I am thinking on > >- "/var" (on the installation booklet provided with the OS >it is recommended a size of 200 MB for this filesystem, >I *never* found a /var filesystem larger than 10-20 MB). >Can it really be so large? Don't some of the database ports install into /var? It seems to me that you're not running one, so it's probably not an issue. I've made the mistake before of only allocating a gigabyte of space to /var and then had someone install a database that eats up close to 80% of that. Needless to say, that can cause some problems if users aren't paying attention and fill the filesystem (ISTR some database ports keeping log files in the same filesystem as the data files by default). If you have any applications writing logs to /var, you may want to take a look at how much data they're writing in a given amount of time. I've seen systems where /var is large enough most of the time, but as soon as someone turns on the debugging flags for an application, /var is filled extremely quickly. Also, savecore will write crash dumps to /var/core by default, so you'll need to allocate at least as much space as you have RAM if you want to capture that information. [snip] >- "/usr/ports" (is 512 MB enough for it?) I usually stay >at binary packages, but sometimes I need to build software >from source and would like to know the recommended space >for this filesystem. I'm most likely doing something improperly, but if you're not careful about cleaning up after yourself, you can easily leave object files lying around in /usr/ports and run out of space during a large build. I don't separate out /usr/ports, but I typically allocate at least 10 gigabytes to /usr. Then again, that's for a workstation with a lot of dev. tools installed. [snip] > 3. Any though about the filesystem layout? I know that it is > certainly complex, but worked nicely for me in the last years. > All these filesystems (except /var/tmp) are recommended in > the documentation and, as I said, I do not remember any of > these filesystem growing up to 60% in either space or inodes > usage in the last years... but I never did a full rebuild > of the operating system nor installed large packages from > source code (mwm is soo nice, and it comes in the official > CD-ROMs!) It seems to me that you have a relatively large number of filesystems present. This may cause you problems in the future if you're using that as a standard layout in a heterogeneous environment. I typically create only five filesystems: /, /usr, /var, /home and /tmp. > ...I do not need a large /usr/local either. I just install mwm, > firefox, nmh and a LaTeX distribution. Most utilities I need come > with the operating system (nearly all, and for making figures I like > MetaPost that comes with the LaTeX distribution.) No problem at all > with these filesystems: its size is highly site dependent, but very > easy to work out for me. As I said, I usually do not install third > party applications. > > Thanks a lot for reading this post. > > Igor. I've had the misfortune of running AIX for a short time and am aware of how Veritas Volume Manager encapsulates disks, but what's the equivalent in OpenBSD? One benefit of those systems is that they allow you to resize filesystems on the fly, which is helpful if you're not sure how much space you're going to need. I sometimes end up performing two installs. The first one lets me see how much space the OS distribution is likely to occupy and I then use those numbers when I redo the install. HTH. -Damian
Re: OpenBSD hoodies
On Fri, Nov 10, 2006 at 10:17:09AM -0600, Sam Fourman Jr. wrote: > ok I would REALLY like a hoodie, but a Sweater would be even better, > even if the price tag was some $65 i would still buy it. > > Sam Fourman Jr. > > On 11/10/06, Radu-Cristian FOTESCU <[EMAIL PROTECTED]> wrote: > >> https://kd85.com/notforsale.html > > > >Any place to see pics with items like: sweater, fleece, badge, t-shirt? > > > >Also, for people who have bought from CafePress and the like: it's > >important > >to know "what means" XL, XXL, or any size for the particular maker used, as > >they usually vary. > > > >Thx, > >BĂ©ranger > >Tired of spam? Yahoo! Mail has the best spam protection around > >http://mail.yahoo.com I'm hoping I won't get scolded for mentioning this: http://bsd.ee/~olev/ -Damian
Re: OpenBSD hoodies
On Sat, Nov 11, 2006 at 12:25:10PM -0600, Sam Fourman Jr. wrote: > that is VERY Cool, you did a Great job on that > > Someone should do a Puffy one :) > > Sam Fourman Jr. > > On 11/11/06, Jeroen Massar <[EMAIL PROTECTED]> wrote: > >Damian Wiest wrote: > >[..] > >> I'm hoping I won't get scolded for mentioning this: http://bsd.ee/~olev/ > > > >If you spend 770+ hours on that, I don't think anybody will even try to > >make an argument with you ;) Looks really cool! > > > >Greets, > > Jeroen For the record neither I, nor my mother, made that blanket. -Damian
Re: Problem with Intel PRO/1000GT (82541GI) adaptors
On Mon, Nov 13, 2006 at 03:03:55PM -0800, Joe wrote: > I have 2 of these adaptors > "Intel PRO/1000GT (82541GI)" rev 0x05 > > The 82541GI chipset is supported by em(4). > > Every day, the box "drops" of the network. The interfaces show > themselves as active, but I can't ping, arp, or sniff any traffic. A > reboot solves the problem. Is anyone else having this problem? > > For now, I had to remove the NICs because the box is a firewall and goes > down at random times throughout the day. I didn't notice any particular > traffic patterns. We've encountered similar problems in the past with that chip. I believe we resolved the issue by using a newer driver, but this was not under OpenBSD. Can you try a more recent version of the em(4) driver? Some commits were made very recently. -Damian
Re: Widescreen flat panel
On Mon, Apr 02, 2007 at 06:33:25PM +0200, Eric Dillenseger wrote: > On Sun, Apr 01, 2007 at 10:44:46AM -0700, J.C. Roberts wrote: > > On Sunday 01 April 2007 09:22, Srebrenko Sehic wrote: > > > On 3/31/07, Eric Dillenseger <[EMAIL PROTECTED]> wrote: > > > > I tried different ModeLine generators from the net, and tried to do > > > > it myself using Xorg' logfile. Not helping me out. > > > > > > I have a Dell 20 inch monitor and it works fine with it's native > > > 1680x1050. I had to tweak the Modeline manually but eventually got it > > > to work. On a oldish S3 card though. But it just might work for you > > > too. > > > > > > Section "Monitor" > > > > > > Identifier "Monitor0" > > > VendorName "DEL" > > > ModelName"DELL 2007WFP" > > > #HorizSync30.0 - 83.0 > > > #VertRefresh 56.0 - 76.0 > > > Option "DPMS" > > > > > > ModeLine"[EMAIL PROTECTED]" 119.0 1680 1728 1760 1840 1050 > > > 1053 1059 1080 -HSync +VSync > > > EndSection > > > > Monitor timing/sync is hardware specific and in some cases, if you get > > it wrong, you can do permanent damage to your monitor. > > > > Use gtf(1) to probe your hardware to figure out timings/sync for your > > desired resolution/refresh, and then do a sanity check of the reported > > values against the hardware documentation. > > > > Hi, > > Now I have it working with the right resolution, but I can't go over > 16bit colors. My photos don't look very good but at least it works for > most common tasks. Or perhaps it isn't even 16, anyway. > I'm wondering why X doesn't handle 24 bit, even with videoram defined. > > -- > "Linux is for Windows(c) haters while BSD is for UNIX lovers". > http://teardrop.free.fr/ I'm using a Dell 2405FPW with an on-board Intel 82915G/P/GV graphic adapter under OpenBSD 3.9 without issue. Newer displays will automatically report their capabilities; have you tried running X without a config file? -Damian
