Re: It is 2010. Still no 3GB support by default?

[Jason Beaudoin]

maybe I haven't been on this list long enoug.. but it seems like 2010
has been the year of the troll, first update to the chinese calander
in ages..


On Mon, Jun 7, 2010 at 2:52 PM, Dexter Tomisson dexterto...@gmail.com wrote:
 I'd really, really like to know what's the matter with a larger memory
 support?

 Why is 'bigmem' still not default? What faults/bugs does it still has?

 What do you need to make it ok? Do you need a hardware donation to make that
 better,
 do you need few bucks, do you need a good coder to improve that, or again
 some license problems perhaps?,
 what's the problem, share with us please, I'd really like to help with
 everything i can.

 I hope, maybe someday, our beloved Puffy will catch up to the 21st century.

 Regards.

 deX

Re: OT: javascript deobfuscator?

[Jason Beaudoin]

On Wed, Apr 7, 2010 at 5:20 PM, bofh goodb...@gmail.com wrote:
 On Wed, Apr 7, 2010 at 5:13 PM, Jean-Philippe Ouellet 
 jean-phili...@ouellet.biz wrote:

 On 4/7/10 4:47 PM, bofh wrote:

 Anyone know of a good standalone javascript deobfuscator?  We want to run
 it
 against something like the results from tcpflow.


 Standalone... not really, but I use a firefox plugin[1] and that has
worked
 nicely for everything I've had to do so far. I looked for a good
standalone
 deobfuscator a while back, but couldn't find one, and came to the
conclusion
 that it was because you'd need a javascript engine anyway, and to make
sure
 the code was properly reverse engineered to what is done in the browser,
it
 would be best to actually use a browser and trace what is done.

 I know this isn't standalone, but I still hope it helps in your scenario.

 [1] https://addons.mozilla.org/en-US/firefox/addon/10345


 Thanks.  I know about that, but I need it to run in a from a script, and
 have the output parseable by a script.


doing some fun stuff with bro?

Re: DDOS on Apache / PF countermeasures

[Jason Beaudoin]

On Wed, Mar 31, 2010 at 7:59 PM, mowsen mow...@googlemail.com wrote:
 Hej volks!


 I'm experiencing some DDOS attacks against my wordpress blog wich runs
 on a PIII/600 MHz/256 MB Ram/100 MBit machine lately. The attacker
 commands approx. 500 different IPs to my blog that all request the same
 post.

Have you considered giving nginx a run? you could set this up as a
reverse proxy mitigating requests for apache running on localhost:8080
or whatever you desire. nginx is much more capable of handling this
sort of situation, and you might have more leverage towards
selectively/accurately (to a degree) filtering the illegitimate
requests out.

maybe, maybe not.. but this is one of the roles nginx was built for,
so I imagine it might get you a little further than apache so far..
:)

~Jason

OT: vmware mind control (WAS: Re: Dell PE850 CERC SATA controller)

[Jason Beaudoin]

On Fri, Mar 5, 2010 at 7:42 AM, Nick Holland
n...@holland-consulting.net wrote:
 Tomas Bodzar wrote:
 Which VMware August bug you mean? This one or different?
 http://communities.vmware.com/thread/162377?tstart=0start=0

 yep, that's the one.

 Short version: VMware accidentally shipped a production release of ESX
 and ESXi (yes, both the expensive and no-charge version) which turned
 off management of the VMs on August 12, 2008 -- a turned on VM could
 stay running, but an off VM could not be started, and their wonderful
 vmotion feature stops working...which would be critical for less
 painful recovery from this problem.  VMware regularly time bombed
 their beta versions of the software, and in this case, the time bomb
 slipped out the door.

Hilarious, yet depressing (and telling):

FAQ for Express Patches

   1.  What do the express patches do?

  There are two express patches:
  *
For an affected ESX 3.5 Update 2 (build number 103908),
use ESX Update 2 Express Patch (build 110181)
  *
For an affected ESXi 3.5 Update 2 (build number 103909),
use ESXi Update 2 Express Patch (build number 110180).

They are specifically targeted for customers who have
installed or fully upgraded to ESX/ESXi 3.5 Update 2 or who have
applied the ESX350-200806201-UG/ESXe350-200807401-I-UG patch to
ESX/ESXi 3.5 or ESX/ESX 3.5 Update 1 hosts. For customers who havent
done either, these express patches should not be applied.

Note: These patches have been validated to work with both
esxupdate and VMware Update Manager. Maintenance mode is required, but
a reboot of the ESX host is not required with these patches.

We are currently testing an option to apply the patch
without requiring VMotion or VM power-off and re-power-on at the point
of patch application. To immediately refresh vmx on the VM, one can
VMotion off running VMs, apply the patches and VMotion the VMs back.
If VMotion capability is not available, VMs can be powered off before
the patches are applied and powered back on afterwards.


Did anyone else find an answer to the proposed question?1.  What
do the express patches do?

from the kb article (their follow up) to that issue:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=disp
layKCexternalId=1006716

What a crock of shite. Good to know as I am just getting into a few
small-scale virtualizing projects.. not so sure I am at *all*
surprised.


/end rant.

~Jason

Re: OT: vmware mind control (WAS: Re: Dell PE850 CERC SATA controller)

[Jason Beaudoin]

On Fri, Mar 5, 2010 at 10:24 PM, Ted Roby ted.r...@gmail.com wrote:
 On Fri, Mar 5, 2010 at 8:05 PM, Jason Beaudoin
jasonbeaud...@gmail.comwrote:

 On Fri, Mar 5, 2010 at 7:42 AM, Nick Holland
 n...@holland-consulting.net wrote:
  Tomas Bodzar wrote:
  Which VMware August bug you mean? This one or different?
  http://communities.vmware.com/thread/162377?tstart=0start=0
 
  yep, that's the one.
 
  Short version: VMware accidentally shipped a production release of ESX
  and ESXi (yes, both the expensive and no-charge version) which turned
  off management of the VMs on August 12, 2008 -- a turned on VM could
  stay running, but an off VM could not be started, and their wonderful
  vmotion feature stops working...which would be critical for less
  painful recovery from this problem.  VMware regularly time bombed
  their beta versions of the software, and in this case, the time bomb
  slipped out the door.

 Hilarious, yet depressing (and telling):

 FAQ for Express Patches

   1.  What do the express patches do?

  There are two express patches:
  *
For an affected ESX 3.5 Update 2 (build number 103908),
 use ESX Update 2 Express Patch (build 110181)
  *
For an affected ESXi 3.5 Update 2 (build number 103909),
 use ESXi Update 2 Express Patch (build number 110180).

They are specifically targeted for customers who have
 installed or fully upgraded to ESX/ESXi 3.5 Update 2 or who have
 applied the ESX350-200806201-UG/ESXe350-200807401-I-UG patch to
 ESX/ESXi 3.5 or ESX/ESX 3.5 Update 1 hosts. For customers who haven t
 done either, these express patches should not be applied.

Note: These patches have been validated to work with both
 esxupdate and VMware Update Manager. Maintenance mode is required, but
 a reboot of the ESX host is not required with these patches.

We are currently testing an option to apply the patch
 without requiring VMotion or VM power-off and re-power-on at the point
 of patch application. To immediately refresh vmx on the VM, one can
 VMotion off running VMs, apply the patches and VMotion the VMs back.
 If VMotion capability is not available, VMs can be powered off before
 the patches are applied and powered back on afterwards.


 Did anyone else find an answer to the proposed question?1.  What
 do the express patches do?

 from the kb article (their follow up) to that issue:


http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=disp

layKCexternalId=1006716http://kb.vmware.com/selfservice/microsites/search.d
o?language=en_UScmd=disp%0AlayKCexternalId=1006716

 What a crock of shite. Good to know as I am just getting into a few
 small-scale virtualizing projects.. not so sure I am at *all*
 surprised.


 Hey, I got a 2 GB usb stick for my troubles over a recent fiasco with
 VMWare's release of Fusion 3.
 It seems their PR department is doing a better job than QC.

HAH!

just to think they believe that is suitable in buying you off.. it's
just ridiculous..

Re: Dell R610 problems with Openbsd?

[Jason Beaudoin]

Hi Theo,

That is great news!


On Tue, Feb 23, 2010 at 8:13 PM, Theo de Raadt dera...@cvs.openbsd.org
wrote:
 I'm planing to get a Dell R610 with single Xeon 5570
 (since it's the only supporting the 5570)
 and and dual Intel PRO/1000 ET for routing/pf.

 I jumped on this
 http://marc.info/?l=openbsd-miscm=126350942910630w=2
 and
 http://marc.info/?l=openbsd-miscm=126015771720104w=2

 mentioning about problems with R610 and OpenBSD.

 Do you guys still have problems with -current on this machine?

 Bot the R610 and R710 had issues (2nd generation bnx(4) was
 unsupported, and the disk performance sucked). Two people stood up and
 contributed one of each to the project, and these issues were
 resolved.  Getting these leading edge machines into our hands is
 always the best way to ensure that support for them will be improved!

 They now work very well.  The amd64 snapshot builds are done on one:
 zoom zoom zoom.


To clarify, this was very recent work, so only really available in
cvs/snapshots, correct?


Thanks!

~Jason

Re: Average time for compiling userland? == benchmarking CPU/IO? best result for database hosting?

[Jason Beaudoin]

On Mon, Mar 1, 2010 at 10:27 AM, Andres Salazar ndrsslz...@gmail.com wrote:
 Hello,

 I dont have obj on ram, or /tmp . Iam using make build.


Use gentoo?

 Thank you

 Andres

 On Mon, Mar 1, 2010 at 5:48 AM, Marc Espie es...@nerim.net wrote:
 On Sun, Feb 28, 2010 at 11:02:37AM -0600, Andres Salazar wrote:
 Hello,

 Iam confused on the different result I get when I compile userland on
 any machine better then a Dual Core 2.5Ghz 2GB RAM 160GB 7200 SATA /
 SATA ii

 You're not even telling us how you compile userland. How should we help ?
 is your obj in ram ? your tmp in ram ? are you building with make build ?
 make -j4 build ? something else ?

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

Having looked into BroIDS and a couple of potential options/setups,
I'd be interested in hearing anyone's experience working with either
or both BroIDS / Snort..

 - i like that BroIDS is network-based as opposed to signature, though
it doesn't seem like Bro has frontend as polished as one might like..
are the alarms only sent out via mail/etc.. or are there utilities to
help parse/graph/htmlize the results? I like the idea of something
like BASE for analysis.

 - anyone running BroIDS / snort who might be able to share the system
specs and what sort of traffic / analysis / capturing they are doing?

 - is BroIDS capable of working in sentry mode, as a sensor
reporting to one analysis system? I see the options for full capturing
and offline analysis, but this is just going to spit out some flat
files.. getting them to another system for analysis seems a bit
cumbersome..

 - in terms of BroIDS/Snort and PF.. who comes first in processing
network traffic?

 - is Bro able to log, compress, store and index events for later
reviewing/searching? or should I just have the events forwarded to a
central logging server running splunk..?


thanks for the insight..

~Jason

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Tue, Feb 23, 2010 at 12:40 AM, Johan Beisser j...@caustic.org wrote:
 On Mon, Feb 22, 2010 at 8:53 PM, Jason Beaudoin jasonbeaud...@gmail.com
wrote:

  - in terms of BroIDS/Snort and PF.. who comes first in processing
 network traffic?

 hardware interface
 kernel device driver
 bpf/pcap -- application (tcpdump, snort, BroIDS, etc)
 packet filter (PF)


thanks you Johan!

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

Hi Rich!


On Fri, Feb 19, 2010 at 7:52 AM, Rich Kulawiec r...@gsp.org wrote:
 On Wed, Feb 17, 2010 at 10:59:05PM -0500, Jason Beaudoin wrote:
 As I often have greater respect for a much larger portion of this list
 than the rest of the internet, I am curious what is thought about
 current IDS/IPS hardware from vendors like Trustwave, Checkpoint,
 Alert Logic, mod_security, even snort.. etc, and in particular, the
 sensibility and effectiveness of using them in high-security
 environments.

 They're very-overpriced junk.

I'm not going to argue, and this discussion has certainly brought up a
few good points which enumerate why, I had just been hoping that the
investment spent would not go towards hardware or a crap system, as
much as the service of having someone looking over the information.

 Let me explain why.

 First, if you're using a good firewall (like pf on OpenBSD) and you've
 configured it sensibly (read: default deny-all, bidirectionally) and
 you've done the other things that good network and system design tell
 you to do, then you've done far more for your operation's security
 than any of these overpriced overhyped devices will do for you.

agreed, my situation isn't one with overall flexibility - an IDS/IPS
is a compliance requirement, but I don't really see a commercial
solution fitting my network so much any more.

 Don't forget the value of application-aware proxies behind a
 stateful packet filter.

yes, I am considering mod_security for this, though I'm still trying
to determine how to best organize it, as I just put in an nginx proxy.


 And don't forget to drop packets to/from as much of the Internet
 as you can -- see ipdeny.com.  (Do you *really* need to allow incoming
 port 22 connections from Korea?  Peru?  the US?)  Also use the Spamhaus
 DROP list in your perimeter devices *and* in onboard firewalls just in
 case there's a configuration screwup.  Once you've done this, you
 can fret a lot less about what particular SQL injection attack is
 being carried via HTTP...because you're not even allowing [most of]
 the packets to get anywhere near a web server.

Definitely great suggestions - and while our client-base is
international, and we do travel, I can still use this selectively and
it makes sense to do even with the added overhead to maintain.

 Second, these devices are guaranteed to fail when you'll need them most:
 when an attack comes that they don't have a signature for, won't recognize,
 and won't stop.  (And please don't anyone tell me that this won't happen:
 the Bad Guys can test against them, too, you know.)  See Marcus Ranum's
 Six Dumbest Ideas in Computer Security and note #2: Enumerating
 Badness, which is expounds the fundamental error that all these devices
 make.  Quoting Ranum:

One clear symptom that you have a case of Enumerating Badness
is that you've got a system or software that needs signature
updates on a regular basis, or a system that lets past a new
worm that it hasn't seen before.

 Yeah.  Like that.

Indeed. see the ref below

 Third, any sufficiently determined attacker will either bypass or elude
 these devices.  I don't know where you are, what your operation is, etc.,
 but I'll bet that if I *really* wanted to get inside it, that handing
 out free USB memory sticks (with your company's logo on them) to your
 colleagues in the parking lot would be enough to gain a foothold.
 So rather than buying one of these, I think a much more prudent step
 would be to install *internal* firewalls that treat end-user systems
 as untrusted.

Here's a great article that exemplifies the results:
http://www.informationweek.com/blog/main/archives/2010/02/another_massive.htm
l


 To put it another way: your own users are easily the biggest threat.
 Presume that they are either apathetic, idiotic, or actively hostile,
 and defend accordingly.

 ---Rsk



indeed, hence the challenge. thank you for sharing!

~Jason

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Wed, Feb 17, 2010 at 11:47 PM, mehma sarja mehmasa...@gmail.com wrote:
  Don't bypass Snort because PFSense package makes it so easy to install and
 configure. A a one-click install of Snort and the only thing left to do was
 register and select what you want it to do.

 Mehma

Hi Mehma,

I'm hoping you can expand on this - maybe it is just me, but I'm not
quite sure what you're trying to say or communicate.

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Wed, Feb 17, 2010 at 11:28 PM, Johan Beisser j...@caustic.org wrote:
 On Wed, Feb 17, 2010 at 7:59 PM, Jason Beaudoin jasonbeaud...@gmail.com 
 wrote:
 From a compliance perspective, I don't have much choice. From the
 costs, infrastructure, and administrative perspectives, I am currently
 evaluating whether or not I should be leaning towards and IDS or IPS
 solution, and of course which system/vendor. My understanding is that
 something like snort requires a fair bit of maintenance and
 IT-attention, the trade-off being cost, so I am leaning away from
 this. Between detection and prevention, preventing break-ins seems a
 bit sillier than trying to actively monitor what's going on and to
 then look for threats, so this pushes me more towards IDS over IPS.

 I agree with you. High rates of false positives, but fairly low rates
 of false negatives. Once the care and feeding is taken care of
 (turning off everything and gradually fine tuning to your current
 traffic helps), they're useful for alerting against unusual traffic
 leaving your network; not so much against automated attacks coming in
 the network. My own deployments are specifically to monitor for odd
 outbound traffic from my office. It's a rapid way to find out about
 the latest trojan, worm, or other infection my users have brought in
 on their laptops.

Indeed, this is why IDS makes more sense to me, and I am glad to see
this confirmed/validated by others here. So I guess this is now just a
question of setting up snort versus a commercial solution.


 That said, the usefulness of an IDP is specifically preventing most
 automated and known attacks from passing in to your network. By using
 one of the commercial systems, you gain support, tuning, and the fact
 that you don't have to spend as much time with the care and feeding or
 writing/testing new rulesets against your current version.

This is the difficult place I'm in.. to me, the commercial solution
means I have someone else looking at and dealing with all of the false
positives, which is something that I won't kid myself on - I don't
know if I even have the time to be the fine tuning machine.. then
again the cost is just plain silly when compared with a snort/bsd
setup.

Are there any good open source alternatives to Snort that are worth
considering here?


 As a compliance feature, I've found most administrators put them in
 place and promptly turn the reporting off due to the high rate of
 false positives reducing the signal from the noise.

 jb


right, which is just silly and a waste of everyone's time.

thanks for sharing..

~Jason

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Thu, Feb 18, 2010 at 2:33 AM, Tomas Bodzar tomas.bod...@gmail.com wrote:
 http://www.ranum.com/security/computer_security/editorials/dumb/index.html

 especially number 2 is targeted against IDS/IPS, antivirus and similar
 solutions. I found this link thanks to my colleague and it's really
 very descriptive.


Great article, and definitely right on.. and it certainly makes me
appreciate the openbsd community, as I've picked up on this more
true perspective of security having hung around here for long enough
that it all rubs off.

Anyway.. thanks Tomas!

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Thu, Feb 18, 2010 at 10:08 AM, Vijay Sankar vsan...@foretell.ca wrote:
 bro-ids

Great suggestion! thank you :)

Re: OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

On Thu, Feb 18, 2010 at 2:59 PM, bofh goodb...@gmail.com wrote:
 On Thu, Feb 18, 2010 at 11:48 AM, Laurens Vets laur...@daemon.be wrote:

 interesting  spot on remarks


  Just don't get ISS crap.

 Also, snort is good, but you must know what you're doing.  Our snort box,
 running on an old throw away box, and only capturing/analyzing 10 minutes
 of
 every hour, is giving us *MORE* useful data than half a mil worth of ISS
 crap.


 Care to elaborate? :)

 Which parts?  ISS suck so much that even though IBM spent $$ to acquire
 them, IBM is now killing the entire product line?  What kills me (and *TAKE
 NOTE - THOSE WHO REPORT TO PHBs*) is that just a few months ago, we read a
 report on how ISS's IPS took top billing in some magazine or review.

I haven't done my indepth homework on commercial solutions - we're a
small company with a small budget, and have been reviewing various
solutions in the 20k / yr range (trustwave, alert logic, tripwire,
etc). But a good point has been brought up about overall access and
the depth of information available.. I'll have to dig deeper on this.
I don't know if this is a big enough issue for us to overcome the
major plus (offloading the constant analysis, our team is small).


 On what we're doing internally, we're capturing data for 10 minutes every
 hour, and then having the box analyze that data using a variety of tools
 including snort.  It then sends us information on crap such as botnet
 command/control traffic among other things.  Things that we have full
packet
 captures on, that ISS refuses to provide.  We also drop it into a graphing
 tool, so we get nice maps of green/good traffic and red/bad traffic, and
you
 can see that 3 boxes that's talking to all the botnet CC servers, etc.

Sounds pretty rockin' - I'm sure it took a while to get that sorted
out and up to a usable form.

 We're still working on it, and I hope the new(er) servers we are putting in
 will be able to provide better/more info.  Hopefully we'll buy some really
 beefy servers later in the year so that we can do full analysis.

 I'll send a list of the tools we used later, have to ping my guy for it :)

That would be fantastic, I am surely interested in some of the details
of how you have put this together.

Thanks for sharing!

~Jason

OT: opinions on IDS / IPS solutions

[Jason Beaudoin]

Hi There,

As I often have greater respect for a much larger portion of this list
than the rest of the internet, I am curious what is thought about
current IDS/IPS hardware from vendors like Trustwave, Checkpoint,
Alert Logic, mod_security, even snort.. etc, and in particular, the
sensibility and effectiveness of using them in high-security
environments.

From a compliance perspective, I don't have much choice. From the
costs, infrastructure, and administrative perspectives, I am currently
evaluating whether or not I should be leaning towards and IDS or IPS
solution, and of course which system/vendor. My understanding is that
something like snort requires a fair bit of maintenance and
IT-attention, the trade-off being cost, so I am leaning away from
this. Between detection and prevention, preventing break-ins seems a
bit sillier than trying to actively monitor what's going on and to
then look for threats, so this pushes me more towards IDS over IPS.

Thoughts, suggestions, flames, are all welcome.

Thanks.

~Jason

Re: brgphy(4) diff needs testing. | hijacked thread: jetway nf76-n1g5

[Jason Beaudoin]

On Thu, Sep 3, 2009 at 4:34 AM, Stuart Henderson s...@spacehopper.orgwrote:

 On 2009-09-03, Jason Beaudoin jasonbeaud...@gmail.com wrote:
  --
  401.837.8417
  jasonbeaud...@gmail.com
 
 
  On Wed, Sep 2, 2009 at 7:51 PM, Stuart Henderson s...@spacehopper.org
 wrote:
 
  On 2009-08-29, Jason Beaudoin jasonbeaud...@gmail.com wrote:
  
   Hiya Kevin,
  
   I'm hoping this dmesg is from a jetway NF76-N1G:
   http://www.mini-box.com/Jetway-NF76-N1G6-mini-ITX_2
 
  try again.
 
  might you know what it actually is? (curious)

 I quoted that bit back but you trimmed it;

  On Thu, Jun 11, 2009 at 3:51 AM, Kevin Lo ke...@openbsd.org wrote:
  bios0: iDOT Computers, Inc. iDOT VED8900 Series.

 (easy to find in a web search).

  I'm trying to determine which (if any) chips from this board might be a
  problem in openbsd. Between this dmesg (which shares some of the
 chipsets)
  and a few snippets I've seen elsewhere it looks good, the only thing I
  haven't determined is the sound chipset.

 For the NF76? it's on the page you quoted actually; VT1708B.

 One (the?) major problem nowadays though isn't with support for the
 chips, but with the information about how they're connected together.
 You can have two systems with the same chips and have one work
 totally ok and another be unusable, just because of buggy or
 wierd AML in the acpi tables provided by the BIOS. This isn't
 just a set of static information, it's a computer program in a
 special restricted machine language stored in the BIOS that the
 OS runs - see a disassembled version with acpidump. With white
 box systems these appear to usually be provided by the BIOS
 vendor then tweaked, with varying levels of competence, by the OEM.

 So without someone having the same system, BIOS version, settings
 in the BIOS configuration screens, etc, you won't get more than
 most things on the board are likely to work (and that's already
 the case with most PC hardware).

 http://www.openbsd.org/lyrics.html#45


indeed, thank you for the insight!


~jason

Re: brgphy(4) diff needs testing. | hijacked thread: jetway nf76-n1g5

[Jason Beaudoin]

--
401.837.8417
jasonbeaud...@gmail.com


On Wed, Sep 2, 2009 at 7:51 PM, Stuart Henderson s...@spacehopper.orgwrote:

 On 2009-08-29, Jason Beaudoin jasonbeaud...@gmail.com wrote:
 
  Hiya Kevin,
 
  I'm hoping this dmesg is from a jetway NF76-N1G:
  http://www.mini-box.com/Jetway-NF76-N1G6-mini-ITX_2

 try again.

 might you know what it actually is? (curious)

I'm trying to determine which (if any) chips from this board might be a
problem in openbsd. Between this dmesg (which shares some of the chipsets)
and a few snippets I've seen elsewhere it looks good, the only thing I
haven't determined is the sound chipset.

~jason

Hardware compatibility question : VIA VX 800 chipset

[Jason Beaudoin]

On Fri, May 29, 2009 at 8:27 AM, Benjamin G. aza...@gmail.com wrote:

 Hello list,

 I would like to buy a motherboard based on Via Nano and
 VX 800 chipset. Before buying this motherboard I would like
 to be sure that OpenBSD works well on it.

 This is the motherboard Jetway JNF76 VIA NANO 1GHz
 and here is the specs :


Did you have any luck with this?

I'm considering the same system..


Cheers,

~Jason

Re: Hardware compatibility question : VIA VX 800 chipset

[Jason Beaudoin]

On Sat, Aug 29, 2009 at 12:56 PM, Benjamin GUERIN aza...@gmail.com wrote:

 No, I didn't receive any response from the list and I have given up this
 project for now.So I still don't know if OpenBSD works on it.

 Benjamin.


Thanks for the reply!

From what I can tell:
 - the NIC (RTL8111C) is supported by re(4), there may still be an issue
with jumbo frames - not something that should concern a desktop/home server
user..
 - audio is the VIA VT1708B, I've only found references to alsa, so this may
or may not work.. the dmesg below suggests azalia support?
 - this appears to be the board, and very promising:
http://archives.neohapsis.com/archives/openbsd/2009-06/0681.html
 - this dmesg points out:  VIA VX800 IOAPIC rev 0x00 at pci0 dev 0
function 5 not configured - not much of a surprise knowing APIC, but other
APIC devices came up
 - not sure what this is referring to, but this may be an issue for CF
readers (available through the add-in daughter cards): VIA VX800 SD/MMC
rev 0x00 at pci0 dev 13 function 0 not configured

Looks promising..

~jason

Re: brgphy(4) diff needs testing.

[Jason Beaudoin]

On Thu, Jun 11, 2009 at 3:51 AM, Kevin Lo ke...@openbsd.org wrote:

 On Thu, 2009-06-11 at 01:06 -0400, Brad wrote:
  Please test the following diff for brgphy(4), especially for bge(4).
  Also for bnx(4) and gem(4), any other NICs if I've forgotten any.

 Seems to be working fine.

  Please send a full dmesg.

 OpenBSD 4.5-current (GENERIC) #0: Thu Jun 11 14:05:05 CST 2009
r...@via:/usr/src/sys/arch/amd64/compile/GENERIC
 real mem = 938213376 (894MB)
 avail mem = 898895872 (857MB)
 mainbus0 at root
 bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xfb7e0 (47 entries)
 bios0: vendor American Megatrends Inc. version 1.0A-0008-0523 date
 02/26/2009
 bios0: iDOT Computers, Inc. iDOT VED8900 Series.
 acpi0 at bios0: rev 2
 acpi0: tables DSDT FACP APIC MCFG OEMB HPET SSDT
 acpi0: wakeup devices PS2K(S3) PS2M(S3) P0P4(S4) PWRB(S3)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
 cpu0 at mainbus0: apid 0 (boot processor)
 cpu0: VIA Nano processor u1...@1000+mhz, 1296.94 MHz
 cpu0:

 FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,SSE3,MWAIT,VMX,EST,TM2,CX16,xTPR,NXE,FFXSR,LONG
 cpu0: 64KB 64b/line 16-way I-cache, 64KB 64b/line 16-way D-cache, 1MB
 64b/line 16-way L2 cache
 cpu0: ITLB 128 4KB entries 8-way
 cpu0: DTLB 128 4KB entries 8-way
 cpu0: RNG AES AES-CTR SHA1 SHA256
 cpu0: apic clock running at 203MHz
 ioapic0 at mainbus0 apid 1 pa 0xfec0, version 3, 24 pins
 ioapic1 at mainbus0 apid 2 pa 0xfecc, version 3, 24 pins
 acpihpet0 at acpi0: 14318179 Hz
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpiprt1 at acpi0: bus 1 (P0P4)
 acpiec0 at acpi0
 acpicpu0 at acpi0: C3, C2, PSS
 acpitz0 at acpi0: critical temperature 94 degC
 acpibtn0 at acpi0: SLPB
 acpibtn1 at acpi0: PWRB
 acpibtn2 at acpi0: LID_
 acpibat0 at acpi0: BAT0 model NBP3A62-3S1P serial 093E type Li-ion
 acpiac0 at acpi0: AC unit online
 acpivideo0 at acpi0: VGA_
 acpivout0 at acpivideo0: CRT_
 acpivout1 at acpivideo0: LCD_
 cpu0: Enhanced SpeedStep 1296 MHz: speeds: 1300, 1200, 1100, 1000, 900,
 800 MHz
 pci0 at mainbus0 bus 0
 pchb0 at pci0 dev 0 function 0 VIA VX800 Host rev 0x12
 pchb1 at pci0 dev 0 function 1 VIA VX800 Host rev 0x00
 pchb2 at pci0 dev 0 function 2 VIA VX800 Host rev 0x00
 pchb3 at pci0 dev 0 function 3 VIA VX800 DRAM rev 0x00
 pchb4 at pci0 dev 0 function 4 VIA VX800 Host rev 0x00
 VIA VX800 IOAPIC rev 0x00 at pci0 dev 0 function 5 not configured
 pchb5 at pci0 dev 0 function 6 VIA VX800 Host rev 0x00
 pchb6 at pci0 dev 0 function 7 VIA VX800 Host rev 0x00
 vga1 at pci0 dev 1 function 0 VIA Chrome9 HC3 IGP rev 0x11
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 sdhc0 at pci0 dev 12 function 0 VIA VX800 SDIO rev 0x10: apic 1 int 22
 (irq 11)
 sdmmc0 at sdhc0
 sdmmc1 at sdhc0
 VIA VX800 SD/MMC rev 0x00 at pci0 dev 13 function 0 not configured
 pciide0 at pci0 dev 15 function 0 VIA CX700 IDE rev 0x00: ATA133,
 channel 0 configured to compatibility, channel 1 configured to
 compatibility
 wd0 at pciide0 channel 0 drive 0: ST9160310AS
 wd0: 16-sector PIO, LBA48, 152627MB, 312581808 sectors
 wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
 pciide0: channel 1 disabled (no drives)
 uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0xa0: apic 1 int
 20 (irq 11)
 uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0xa0: apic 1 int
 22 (irq 7)
 uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0xa0: apic 1 int
 21 (irq 6)
 ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x90: apic 1 int 23
 (irq 11)
 usb0 at ehci0: USB revision 2.0
 uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1
 viapm0 at pci0 dev 17 function 0 VIA VX800 ISA rev 0x00
 iic0 at viapm0
 spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5 SO-DIMM
 pchb7 at pci0 dev 17 function 7 VIA VX800 Host rev 0x00
 ppb0 at pci0 dev 19 function 0 VIA VX800 PCI-PCI rev 0x00
 pci1 at ppb0 bus 1
 bge0 at pci1 dev 5 function 0 Broadcom BCM5788 rev 0x03, BCM5705 A3
 (0x3003): apic 1 int 18 (irq 6), address 00:1e:33:17:f0:4f
 brgphy0 at bge0 phy 1: BCM5705 10/100/1000baseT PHY, rev. 2
 azalia0 at pci0 dev 20 function 0 VIA HD Audio rev 0x20: apic 1 int 17
 (irq 7)
 azalia0: codecs: Realtek ALC262
 audio0 at azalia0
 usb1 at uhci0: USB revision 1.0
 uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1
 usb2 at uhci1: USB revision 1.0
 uhub2 at usb2 VIA UHCI root hub rev 1.00/1.00 addr 1
 usb3 at uhci2: USB revision 1.0
 uhub3 at usb3 VIA UHCI root hub rev 1.00/1.00 addr 1
 isa0 at mainbus0
 isadma0 at isa0
 pckbc0 at isa0 port 0x60/5
 pckbd0 at pckbc0 (kbd slot)
 pckbc0: using irq 1 for kbd slot
 wskbd0 at pckbd0: console keyboard, using wsdisplay0
 pms0 at pckbc0 (aux slot)
 pckbc0: using irq 12 for aux slot
 wsmouse0 at pms0 mux 0
 pcppi0 at isa0 port 0x61
 midi0 at pcppi0: PC speaker
 spkr0 at pcppi0
 mtrr: Pentium Pro MTRR support
 uvideo0 at uhub0 port 5 configuration 1 interface 0 Importek Corp.
 

Re: Winbind Samba on OpenBSD

[Jason Beaudoin]

 The major advantage of Winbind is that it automagically enumerates
 your ADS users and binds them to UIDs on your *nix box. I've not
 worked with ypldap specifically, but IIRC it's going to require that
 the Win server have an NIS server aboard with UIDs already mapped. See
 http://www.microsoft.com/windowsserver2003/r2/unixinterop/default.mspx
 for info on the ADS NIS server.

 If you're just looking for authentication and don't mind creating the
 individual users on your OpenBSD system, just use Kerberos.It's a much
 simpler and resilient setup.

 -HKS


yea.. I'm looking to serve files to a set of AD-authenticated windows users,
and based on my understanding of the various  constraints involved (between
yldap, nfs, samba/winbind, etc and openbsd), it looks like a samba/AD-auth'd
serve is better setup on FreeBSD - unless there is another suggestion?


Cheers!

~Jason

Re: Winbind Samba on OpenBSD

[Jason Beaudoin]

  Did you have a look at www.kernel-panic.it ? There are some tutorials.

yes, there's some helpful info for samba, but I haven't yet seen anything
related to winbind.. unless my google foo needs some work.

Winbind Samba on OpenBSD

[Jason Beaudoin]

Hiya,

I'm considering using OpenBSD in a way that would need to run Samba and
Winbind to authenticate users against a windows 2003 active directory. In
the searching I've done so far, it doesn't appear like too many folks are
using OpenBSD to do this (though there's enough out there to suggest it,
nothing really recent though). Thus, I am curious:

Is anyone currently successfully running Samba/Winbind on OpenBSD, and if
so, is the configuration pretty standard to what Samba/Winbind require on
other BSDs?

I'd much rather use OpenBSD here than Free, so I'm simply looking for some
confirmation that this is possible, workable, and sensible for production
use. Thanks!


Regards,

~Jason

Re: Winbind Samba on OpenBSD

[Jason Beaudoin]

Geoff,

Thanks for the reply!

On Mon, Jul 6, 2009 at 5:52 PM, Geoff g...@lib.oat.com wrote:

 Is anyone currently successfully running Samba/Winbind on OpenBSD, and if
 so, is the configuration pretty standard to what Samba/Winbind require on
 other BSDs?

 I've been using Samba successfully for years.  The small amount
 I've used various M$ authentication schemes have also worked OK.
 Making sure user IDs and so on are congruent across machines is
 sometimes a pain; once that's set up it works.


to clarify.. you are using Samba, or Samba  Winbind?

~Jason

Re: atheros 5424 wireless chipset

[Jason Beaudoin]

On Thu, Nov 20, 2008 at 4:46 PM, jimerickso [EMAIL PROTECTED] wrote:
 does openbsd current have support for the atheros 5424 wireless chipset?
 --
 View this message in context: 
 http://www.nabble.com/atheros-5424-wireless-chipset-tp20610633p20610633.html
 Sent from the openbsd user - misc mailing list archive at Nabble.com.



from ath(4):

The ath driver provides support for wireless network devices based on
the Atheros AR5210, AR5211, and AR5212 chips.

I don't know if there are other drivers that support other chipsets,
but either way, you can check the manpage, you can also check the
supported hardware list off www.openbsd.org


regards,
~Jason

Re: Research for a Software Security paper

[Jason Beaudoin]

On Wed, Nov 19, 2008 at 10:34 PM, Jose de Paula Eufrasio Junior
[EMAIL PROTECTED] wrote:
 Hello, before anything else, I did read all material about the OpenBSD
 security policies on the website. Now I am trying to get some more
 insider insight on it.
 Writing a paper about open source software security and not including
 OpenBSD case is kinda idiot so I am running against time to find more
 info.

I don't  believe you'll adequately summarize or even fully
understand, what makes OpenBSD succeed where it has, with a 5 question
survey.. particularly the questions you've asked. spending time in the
community sure will expose these characteristics though. in my
opinion, the problem is that you are rating the success of these
projects based on meaningless points.

for example:

4) How the OpenBSD and OpenSSH projects deal with security problems and
vulnerabilities found on the wild? Are the OpenBSD and OpenSSH discovered
vulnerabilities full disclosed or are they worked under a blanket
until fixed? Security fixes are rapidly developed and integrated on
the current released version or only for a next release?

from my humble perspective, these sorts of things are *NOT* what make
for success, this is the corporate mentality. it's the philosophies
(or difference from others) that have brought success.

either way, understanding the philosophical differences we (the
developers, the project as a whole, and the community of users) have
from other projects might lend you your best guest.

if I were to make a suggestion, (aside from getting what you can out
of the official website) combing through the misc@ archives for cases
where both openbsd developers and users have spoken up, capturing the
essence of what sets openbsd apart.

I could give you a list of such threads that come to mind, but I think
you should seek these out yourself, this is a research paper right?


best of luck,
~Jason

Re: PF and the old SIP issue

[Jason Beaudoin]

On Wed, Nov 19, 2008 at 11:24 AM, Mikel Lindsaar [EMAIL PROTECTED] wrote:
 On Thu, Nov 20, 2008 at 1:44 AM, marrandy [EMAIL PROTECTED]wrote:

 On Wednesday 19 November 2008 09:07:31 you wrote:
   OpenBSD PF firewall consisting of ext, DMZ, internal/private
 interfaces.
   VOIP server sitting in the DMZ.
   Multiple (pick any number, 5, 10, 100) SIP phones in the private LAN.
   Multiple mobile (pick any number, 5, 10, 100) SIP phones anywhere in
 the
   USA. (NOTE: Mobile means they are carried and plugged in anywhere, but
   are programmed with the static IP gateway address.
  
   How would you create a working pf.conf file so everything  'just
 works'.
 Sounds like a lot of work.  I need to go and hit the asterisk list.

 I'll let you know if I find anything out.


 FWIW I run about 8 asterisk servers behind openbsd firewalls.  I have found
 the most non-problematic way to run them has been by using the asterisk
 servers as a SIP proxy for your SIP clients and making sure that canreinvite
 in asterisk is turned off, this increases your load on the asterisk server,
 but I haven't found that to be a real problem.

sounds like a great article for undeadly.org!

:)

Re: smtpd - developer blog on undeadly

[Jason Beaudoin]

On Sat, Nov 15, 2008 at 5:38 AM, Toni Mueller [EMAIL PROTECTED] wrote:
 Hi,

 On Thu, 13.11.2008 at 18:17:24 +0100, RC)mi Bougard [EMAIL PROTECTED] wrote:
 For those of you who where asking informations about (open ?)smtpd :
 Gilles Chehade writes a long and clear text about it on undeadly.org :
 http://undeadly.org/cgi?action=articlesid=20081112084647

 what about using this: http://smtpd.develooper.com/

 It's BSD licensed, too.

 Kind regards,
 --Toni++


it's remarks like these that give the rest of misc a bad rap. did you
lose your appreciation for the work *others* do, or what's the
problem?


~Jason

Re: 3.8 stable to 4.4 snapshot and the system is about 95% in interrupts with tcpdump on em(82541GI)

[Jason Beaudoin]

On Thu, Nov 13, 2008 at 1:54 PM, Denis Doroshenko
[EMAIL PROTECTED] wrote:
 Hi,

 upgraded a box from 3.8 stable to 4.4 snapshot and am wondering now,
 why it is hogged with interrupts when i run tcpdump on em0. According
 to vmstat iterrupt rate is more or less the following:

snip

re upgraded from 3.8 to 4.4 snapshot: how (explicitly) did you do
this? is this a fresh install? or an actual upgrade? if it was an
upgrade, did you go from 3.8-3.9---4.4, or did you fudge from 3.8
-- 4.4 with a snapshot?

cheers,
~Jason

Re: (open)smtpd, the mystery smtpd daemon

[Jason Beaudoin]

snip

 I am willing to give it hundreds of hours of my time because it is a fun
 and interesting project, and I have free time.

 As to the rest of the mail, I can't be bothered to answer it all, mostly
 because I disliked the tone of it. If you want to know if it is ESMTP or
 if it has chroot/privsep/whatever, you can either grep the sources or be
 patient and wait until I write something up for undeadly, or ask it with
 a less aggressive tone as I don't owe you any of my time.

 Gilles

 --
 Gilles Chehade
 http://www.poolp.org/~gilles/
Please, contribute to my happiness ;)
http://www.amazon.com/gp/registry/wishlist/2O09ACKR1A8HD/



while I wasn't a fan of the tone that came across in the original
email, I too am curious about this new development (and I have
complete confidence that smtpd will be a far better piece of work for
OpenBSD's needs :)

so, I would like to express my excitement and anticipation over a
future undeadly article, or whatever type of communication you send
forth, if it happens. If not, I look forward to stmpd's progress.
thank you for the great work!


oh.. is the stuffed puffy (seen in your photos) available for
purchase? I threw out my stress-tux, but my speaker needs a
replacement toy :P


thanks and appreciation for sharing your work and time!

~Jason

Re: BSD Port from OpenJDK

[Jason Beaudoin]

 Your negativity sucks. Porting Java to OpenBSD was and is not
 a trivial effort. It also serves as an excellent test bed for
 threads, the runtime linker and large memory applications.

 Porting Java to OpenBSD enabled the LOCKSS project to use it
 for its noble goals. It uncovered deadlocks in our pthread
 lib that resulted in large improvements to libpthread. Its use
 of dlopen() and friends resulted in significant improvements
 in our runtime linker. Oh and who made those improvements???
 The same person who took the time to port Java to OpenBSD!! Me
 and other OpenBSD developers who saw the need to improve things.

 BTW, all those system level improvements have made significant
 stability gains for applications like firefox, KDE, OpenOffice,
 Asterisk, etc, etc which all use threads and dlopen() alot.

 Quite frankly I'm pretty upset at all the 'Java sucks' banter on
 misc. If you and the other naysayers don't realize that porting
 Java to OpenBSD was a 'Good-Thing' then you are just UNINFORMED!

 -Kurt



Any negativity shed on misc@ or elsewhere shall never be enough to
overcome how much you folks rock, and how much appreciation had for
the work we all invest in progressing this system we love so much!

So thank you, to all, saying it is never enough, let's hack :)


Cheers,
~Jason

Re: Need some information...

[Jason Beaudoin]

On Tue, Aug 26, 2008 at 1:17 PM, mojo fms [EMAIL PROTECTED] wrote:
 Sadly it needs to be realtime syncing.  I found a program called
 Fileschanged but its limited by the amount of files it can monitor, I
 was hoping for a file system based one that can watch the real time
 files system changes and then maybe call rsync to update the file on
 the replication client server.  I basically need it to update
 everything with the exception of ports and dev.  Is there another
 program similar to fileschanged that could could report directories as
 well?

what is the higher-level goal you are really trying to accomplish? It
sounds like maybe that can be reconsidered for a better solution?

share your situation here, maybe someone has a good idea or another path..


cheers,
~Jason

Re: TV out for Xorg/OpenBSD?

[Jason Beaudoin]

snip

 This sounds great! I think we should take this off list perhaps to
 stop boring people.

 Bye misc@

I am certainly interested in your results though, maybe you can update
us in the end?


thanks!
~Jason

Re: cross-compiling for NetBSD?

[Jason Beaudoin]

Nick and Ted,

Thank you for the responses.

 The warning never kills the process. That warning is generated by
 OpenBSD's modified ld(1). It looks like the error is in a shellscript
 (perhaps `nbmake`?). Probably something is getting generated wrong
 because OpenBSD doesn't work the way NetBSD's tools expect, but it's
 hard to say any more.

awesome, and you are correct, nbmake was the offending process.


On Thu, Jul 17, 2008 at 2:01 PM, Ted Unangst [EMAIL PROTECTED] wrote:
 On 7/17/08, Jason Beaudoin [EMAIL PROTECTED] wrote:
  has anyone attempted (maybe with success) building a NetBSD toolchain
  on OpenBSD?

 This would fall more into the NetBSD camp.  After all, it's their toolchain.

indeed.. I sought out assistance in #netbsd, getting only childish responses.


  make: illegal argument to -d option -- e
  usage: make [-BeiknPqrSst] [-D variable] [-d flags] [-f makefile]
 [-I directory] [-j max_jobs] [-m directory] [-V variable]
 [NAME=value] [target ...]
  dir.o(.text+0x54e): In function 'DirExpandCurly':
  : warning: strcpy() is almost always misused, please use strlcpy()
  /bin/sh: syntax error: `(' unexpected

 This means your executable was not identified, and the kernel passed
 it off as a shell script.


with some help from #netbsd-code and ktrace, we were able to determine
that nbmake uses uname to get information about the system.

This build script breaks the posix standards with uname -p, which on
NetBSD, prints MACHINE_ARCH.. where as uname -p on OpenBSD prints the
extended processor information.. this is where that extraneous ( came
from.

Changing uname -p to -m in the build script got me past this error,
but I now have others to sort through :)

I'll post here if I get this working, simply for the archives.


Thanks again Ted and Nick.


regards,
~Jason

Re: cross-compiling for NetBSD?

[Jason Beaudoin]

On Wed, Jul 23, 2008 at 10:27 AM, dermiste [EMAIL PROTECTED] wrote:
 and what about NetBSD on qemu ? sure you'll get speed loss, but you
 won't have to worry about inconsistencies ...

it is certainly another option, though I  feel rather involved at this
point, and interested in fixing what ever is broken.

:P

~Jason

Re: Memory not detected

[Jason Beaudoin]

On Wed, Jul 23, 2008 at 10:59 AM, John Nietzsche
[EMAIL PROTECTED] wrote:
 Dear OpenBSD user,

 i am installing openbsd 4.3 on a dell poweredge 2900 hardware. It has
 8GB RAM but openbsd seems to detect only 4 GB.
 Any suggestions on this matter (i would like to have openbsd detecting 8 GB)?

what arch are you trying to install with? amd64?

have you looked at the apci options?


regards,
~Jason

Re: UPDATE: mozilla-firefox-3.0

[Jason Beaudoin]

On Thu, Jul 17, 2008 at 4:08 AM, Marco Peereboom [EMAIL PROTECTED] wrote:
 I have done just fine without flash for years.  For me it is very
 simple; if your site has flash it means:
 1. I suddenly don't care
 2. I will not purchase anything from you
 3. I'll find alternatives who make my experience better
 4. I'll save some time by not watching some retarded video

 It wouldn't be the first business/site I abandon.  It wouldn't be the
 first site at work that I simply reply to originators saying: sorry
 can't view the content.

and I agree.

my point is that there are many times, particularly in artistic
communitities, where this simply does not apply.

and no, I could not care less about the flash ladies.


Regards,
~Jason

Re: GPL version 4

[Jason Beaudoin]

 Most of the people who have replied seem to be missing the point.

I just don't know what you brought the discussion to this mailing
list. If it is of serious concern to you, and if you haven't realized
that he probably won't care (or agree), talk to rms about this.

Either way, it's all your freedom of choice.
But bringing the conversation here seemed pointless.


Regards,
~Jason

cross-compiling for NetBSD?

[Jason Beaudoin]

Hiya!

maybe I'll get flames for inquiring, but I'll try anyway:

has anyone attempted (maybe with success) building a NetBSD toolchain
on OpenBSD?

I understand that this might seem senseless to some folks, but it's a
good option for my situation. From the research I've done (archives,
google, etc) it doesn't appear that others have tried (or documented
trying), but I find it hard to believe that this hasn't been attempted
before.

I'd like to do this for the same reason you would cross-compile for
another architecture; I've got to build NetBSD kernels for
development, the system is currently running on seriously underpowered
hardware, and I've got my more powerful (and idle) OpenBSD workstation
sitting next to me (I'm perfectly happy with OpenBSD and not putting
NetBSD on my workstation :)

 NetBSD has a build script that facilitates building the system,
including cross-compilation situations. Aside from make complaining
about options for -d (about printing errors), I ran into the
following:


make: illegal argument to -d option -- e
usage: make [-BeiknPqrSst] [-D variable] [-d flags] [-f makefile]
[-I directory] [-j max_jobs] [-m directory] [-V variable]
[NAME=value] [target ...]
dir.o(.text+0x54e): In function `DirExpandCurly':
: warning: strcpy() is almost always misused, please use strlcpy()
/bin/sh: syntax error: `(' unexpected

ERROR: raw_getmakevar TOOLDIR: /tmp/nbbuild22761/nbmake failed
*** BUILD ABORTED ***


in this case, is the strcpy() string warning killing the build
process? If so, can it be suppressed for the build? Should I hack the
build script to use gmake?


any and all thoughts welcome,
thanks..

~Jason
-- 
401.837.8417
[EMAIL PROTECTED]

Re: UPDATE: mozilla-firefox-3.0

[Jason Beaudoin]

snip



 This guy's day job is at a bank, and they're really into it-- it solves a
 number of problems for them.  So if this is the kind of thing that
 developers are going to pick up en masse, then it's something that will
 need to be addressed, else people who won't or can't run Flash will be
 increasingly marginalized.

 Flash is only good for a few things such as naked ladies performing
 anatomic tricks, dude getting punched in the ding-dong  Trogodor
 the burninator.  Nothing makes me happier than visiting a website and
 having some ad puking its irrelevant content on me.

 What's perplexing to me is that most people sit idle watching the
 internet as we know it disintegrate in front of their eyes.  Allowing
 themselves to be bombarded with ads.  Removing the actual reason for why
 html exists which is indexing content so that it can be retrieved and
 used by many.  Those people are all ok with being shat on as long as
 they can watch youtube or $whatever_infantile_site_here.  The 14 year
 old demographic is apparently the dominating one on teh intartubez
 these days.

 I for one can't wait to be marginalized.


While I agree with you in many respects, I will also acknowledge that
there are plenty of legitimate cases where viewing flash content is
necessary. This is particularly true in artistic communities (and
increasingly so, for the reasons Daniel pointed out).

Flash sure is shit, I'll agree.. and philosophically, I believe its
use continues its proliferation by adobe.. but regardless, casting it
all off isn't a viable solution. For example, if a site has
information I absolutely need to access (maybe you're researching a
particular artist or company that uses flash on their site, etc..)
your options are to either not view that content, attempt opera or
gnash or some other broken open alternative, or boot up windows.

Not viewing the content doesn't help you.
opera and/or gnash are close options, sometimes
booting windows is not an option I feel good about even considering,
and as soon as I give away this extra laptop I have, there won't be
any windows here.

so protest if you must, but I hope you can acknowledge a user's
legitimate use, as opposed to adobe's horrific domination, or
spammer's obsession with inducing seizures.


regards,
~Jason
-- 
401.837.8417
[EMAIL PROTECTED]

Re: Google in shell - looks interesting

[Jason Beaudoin]

2008/6/4 Tomas Bodzar [EMAIL PROTECTED]:
 http://goosh.org



while borderline useless in some respects, it's a tremendously
interesting concept.

:D

thanks!

(sorry Marti for that last message..)

-- 
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: Nvidia Quadro NVS 140M

[Jason Beaudoin]

 I talked with the nvidia guy and he assured me that there is no way
  that they'll fix this in the open source driver.


that's rather horrendous..
anymore info on this? Was he referring to the nv developers from being
able to figure out the magick? or that his nVidia people were
unwilling to intervene? both?

so frustrating..

thanks for sharing!

regards,
~Jason

Re: Nvidia Quadro NVS 140M

[Jason Beaudoin]

On Sun, Apr 27, 2008 at 2:29 PM, Leonardo Rodrigues
[EMAIL PROTECTED] wrote:
 Damnit, my T61 will arrive next week, and I didn't know how serious
  this issue was when I ordered the laptop =(
  I may be stuck with it, since Lenovo takes almost a month to deliver a
  laptop here in Brazil, and if I decide to change the motherboard, I
  wouldn't like to even think about the time it would take.

  How about using the vesa driver instead?

I've been using/testing the vesa driver for about a week now with my
(older) 6200 PCIex, as I was experiencing similar sporatic lockups in
X. My only issue with the vesa driver is support for running mplayer
in full screen mode.. no problems other than that.


cheers,
~Jason

Re: Rolling release?

[Jason Beaudoin]

 wouldn't be in
  such situation reasonable to switch to s.c. rolling release model - and
  even more convenient for both devs and users?
  --

the devs have been hard at work for many years, and I'd be willing to
bet that they like the system they've come up with. If they didn't,
they'd change it.

No harsh intentions, just logic.


Regards,
~Jason

Re: Optimising OpenBSD

[Jason Beaudoin]

On Tue, Apr 8, 2008 at 6:51 PM, Matthew Smith [EMAIL PROTECTED] wrote:
 Hi Folks

  As part of my move from GNU/Linux to OpenBSD on my server, I just want to
 clarify what I need to do to ensure that I have performance optimised.  I am
 coming from Gentoo Linux, where optimisation is mostly about using the
 appropriate compiler flags.

What one does in Gentoo does not apply to OpenBSD.


  If I were to use the appropriate base distribution (x86_64), configure my
 kernel correctly (as per the likes of
 http://www.onlamp.com/pub/a/bsd/2000/10/31/OpenBSD.html) and set the
 appropriate compiler flags, is this all I need to do?

Linux mannerisms don't apply either - you're better off with the stock kernel.

  I'm only really concerned about the base system as I always build all my
 LAMPP components, Postfix, etc., by hand so that migrating box-to-box can go
 without [a hitch|many hitches].

At times, PpenBSD doesn't seem as snappy as Linux.. (more so with
desktop stuff) but then again, Linux *never* seems as stable. So take
your pick.

I imagine, if you run the standard OpenBSD system on your servers for
some time, you'll be satisfied.


Cheers,
~Jason

Re: xenocara source

[Jason Beaudoin]

  I'm not concerned about long time users like you or me, or people who
  are already familiar with UNIX and it's tools. But if this was your
  very first adventure into CVS, both the docs and ways things work
  should be clear and correct.

As a new user of CVS and maintaining an OpenBSD install, I'm certainly
a bit confused about this. Even more so now.. what is the suggested
method.. I understand that depends on what you're trying to
accomplish:

I'm not (yet) modifying any code under /usr/src.. so my goal is simply
pulling the -stable repositories and updating my system as needed.


thanks!

~Jason

Re: photo/ image viewing software

[Jason Beaudoin]

 Cheap USB memory card readers are well recognized as a mass storage
 device and probably should be
 the last resort for the most stubborn  digital cameras.

agreed.

 Personally, I use Sony Cybershot DSC-W70.  Unfortunately the camera can
 not be mounted directly as a file system.
 As  with  quite a  few  Sony  cameras the  trick  is to put the camera
 into PTP mode. Once in
 PTP mode camera memory can be accessed by gphoto2 command line and
 library of drivers program. I believe that fancy GUI applications
 as gtkam and digkam are using the same library of drivers. Other people
 on the list probably correct me if I am wrong.

I dunno what luck you've had, but I always ran into problems when
trying to transfer movies (and I think larger photos). but as you
pointed out.. cheap flash readers work to resolve this.


regards,
~Jason

Re: photo/ image viewing software

[Jason Beaudoin]

On Feb 1, 2008 8:24 PM, Chris [EMAIL PROTECTED] wrote:
 I am after a software that would allow me to view photos from my
 digital camera which I usually mount in /mnt/camera. I tried from the
 ports tree: digikam, gphoto, gtkam, kphotoalbum, wmphoto, kamera -
 none of them really work well in showing the pictures; some of them
 want to detect my camera when all I want is to view my photos
 (thumbnails and full size) from /mnt/camera.

 Anyone would recommend any decent program to do this? Thanks.


I usually use gqview for general photo viewing, simple fast, and effective.
The underlying assumption here is that you've successfully mounted the
camera, which is seen as a mass storage device (sd*)

if the camera manufacturer has obfuscated the flash storage behind
other stuff, you'd probably do yourself a favor by getting another
camera (I've never had good results with those types)


Good luck..

~Jason

Re: : no 4.2-stable package updates??

[Jason Beaudoin]

 Maybe I'm missing something, but it seems like security on a lot of
 systems is trying to play catch-up with the latest patches.
 I I have an enemy, that is exactly where I want him.

 Seems like long ago OBSD tended to have fixed the latest whatever
 about 6 months before everybody else woke up to the whatever.

 Compared to most other systems, methinks you'd come out ahead
 by waiting for the next CDs and then upgrading.
 The -release does need to be in place just in case anything critical
 is actually needed.

 To paraphrase something or other,
 Security is never having to patch.

 Dunno if OBSD is really there yet, but seems like they're close.



Well.. I agree in some ways.. though I think I'm a bit too experienced
to really know better. That being said, my real goal is to understand
the system, how it works, and how development is done, so I'm
investing the effort to better understand how to do these things.


Kind regards,

~Jason

Re: Real men don't attack straw men

[Jason Beaudoin]

 I've been trying for a couple of years to get going a modified version
 of Firefox that won't offer to install any non-free plug-ins, but we
 don't have enough people to make this work very well.  If you would
 like to help, please let me know.  It is an important project.



One last question..

simple: how is this a useful venture of engineering effort?

more involved remarks: The people who'll use an application such as
this, with these restrictions, won't be installing said non-free
software any way... and trying to provide other folks (i.e. the
general public, who wouldn't otherwise know better...in that they'll
use whatever application they're given) with this type of software is
simply upsetting and frustrating for them (what?! no youtube??),
resulting in them not wanting to use open source stuff (because they
don't know the basic difference in what you've provided versus what
opensource, or free software, or whatever we're trying to provide the
world, is about, etc).. and *avoiding* applications *they* label as
such.

Why does that matter? well.. it would seem to me, that it should
matter to you because this would effectively work against the software
world you are trying to create.


Regards,

~Jason

Re: Real men don't attack straw men

[Jason Beaudoin]

 What puzzles me is why you think this mistake was a lie, or that it
 might make me look like a fool.  People normally don't call someone
 a liar, or a fool, because of a little (and tangential) mistake like
 this.

Because someone in your position, with the influence you have,
communicating these messages, requires that the information you base
these statements on be more accurate, more of the time.. and if
anything at least more so than has been displayed in *this*
discussion.

With greater influence and power comes greater responsibility.


Kindest regards,

~Jason

Re: Getting envolved

[Jason Beaudoin]

On Dec 13, 2007 11:11 AM, Bob Beck [EMAIL PROTECTED] wrote:
   If you like the current way it works, you should be able to continue
   with this system. But what if my mum, who has low computer skill, would
   like to install a free, functional and secure system? I think the
   software should help her to make the most accurate choices. Because I
   think my mum too deserves a reliable operating system. :P

 I disagree.

 A complex interface implies a lot of code. a lot of code
 leads to  unreliablity, either through bugs or detracting valuable
 developer time from more important things

 A simple interface (well designed) imples less code, which leads
 to reliability.

 Users who can no invest the effort learn enough to use a simple
 interface do not deserve a reliable operating system. They deserve windows,
 and they deserve pop up buttong in their browsers that they click ok blindly
 for everything.

Agreed.

and as a relatively new user.. and coming from the linux world. I
found the openbsd installer to be the SIMPLEST I have ever used.
Setting aside disklayout and slicing, I've yet to give OpenBSD to my
fellow students and experience problems.

~J

Re: : no 4.2-stable package updates??

[Jason Beaudoin]

On Dec 13, 2007 1:05 PM, Raimo Niskanen [EMAIL PROTECTED] wrote:
 On Thu, Dec 13, 2007 at 01:07:17PM +, Jonathan Thornburg wrote:
  First, I'd like to thank those who provided useful responces to my
  query (which started this thread), both on- and off-list.  I had missed
  the announcement (http://marc.info/?l=openbsd-portsm=119347390302171w=1)
  that -stable ports  packages are no longer maintained.
 

 As I recall from the FAQ and installation manual, an overall
 philosphy for OpenBSD is that the package system is the
 recommended. Users are encouraged to install from binary
 packages. And regular users should follow the stable
 branch.

 Does this still apply. It seems not from this thread, so
 in what way should a regular user now follow the stable branch?

 And yes, it should be in the FAQ.

 Or is this just a temporary setback?


As an inexperienced user, I still hear: use the package system. But
on -release.. which is *supported.*

If security is of the utmost importance, following security
announcements and applying patches yourself, as necessary, is the
thing to do. The developers have work to do.. which involves
continuing development.  If you want to use -stable, which is
unmaintained/unsupported, use the appropriate cvs repo and build from
ports.


This is how I've interpreted things, maybe I'm wrong.. but I see no
point in bothering developers for package maintenance. They should be
able to invest themselves as they see fit, and I'd be willing to bet
that more often than not, this work would be in developing the
system.. making it better for themselves, and in turn, us.

We are free to do as we please. and our beloved developers are not
under any support contracts. Let us let them invest themselves as they
see fit.. I'm sure we'll all benefit, we have thus far. In turn, let's
see where and how we can give back to them.


Best regards,

~Jason

Re: Real men don't attack straw men

[Jason Beaudoin]

This is what I've learned - and how my perspective has changed - In
following this thread, over the last two days:

 - Stallman cares more about appearances and outward responses than actions
 - Stallman is a hypocrite, circles himself within his words, and
attempts to confuse others in the process.
 - Words seem to mean more to Stallman than actions.
 - Stallman is incapable of admitting any wrong doing. What an ego.
 - Stallman has yet to actually use OpenBSD, least I have yet to see
evidence otherwise
 - Not only has Theo been awarded the open-whatever award from the
FSF, which Stallman seems to play a great role in leading, Theo was
also a finalist *two* other years, yet OpenBSD seems to be a problem
for Stallman..
 - Stallman likes to lose people in speech.
 - Stallman's arguments make no sense.
 - Stallman's greatest actions are that of requests. At best, he will
ask developers to make the changes which he sees necessary.
 - Stallman will overlook facts to further prove a failing point.
 - Theft of BSD code (or any other code for that matter.. and theft in
the sense that something has been taken, expanded upon for the
greater good of the community, and later cannot be returned to its
original owner), means nothing to Stallman when for the greater GPL
good.
 - Stallman cares little about empowering people through code and
software, caring more about folks following in his ways.. even when
this concerns or involves intellectual theft.
 - Stallman sees the *use* of a given application or pieces of code as
a mechanism that *supports* said application, BUT his use of linux
(despite being free of non-free software/code), is seen as not
supporting the greater use of Linus' linux itself, which he agrees
is non-free
 - Stallman hasn't looked at (or thought about) his own gcc code in a
*long* time


Mr. Stallman, while it may mean little to you, it's pretty clear  you
have made a fool out of yourself on this list. I personally, have lost
what respect I had for you.

You make no sense.


~Jason

Re: : Real men don't attack straw men

[Jason Beaudoin]

snip

 If OpenBSD's port tree would be stated to contain only (pointers to) free
 software, that is the current port tree would be split into a free port
 tree in the distribution and a non-free tree to download from some
 other site ready to drop into the free port tree. Then the distribution
 would be Stallman-kosher. With a not too huge effort.

nope. From what I am interpreting, the OS should not (in any way)
recommend non-free software. Recommendations would be in the form of
acknowledging (in any way) how to install/use non-free software on the
OS.


 If then the installation pages would have links to and explanation
 about the non-free part of the port tree, I do not know if that
 would render the whole distribution non-Stallman-kosher.


yes. again, from how I have interpreted his (distorted and often
twisted) writings.


 But if there is enough benefit for OpenBSD to be on Stallman's list
 of free operating systems, to do such a change, that is a
 completely different question.


personally.. I could care less about what he promotes and what he
doesn't.. and if individuals can't see through his garbage, that's too
bad. Stallman's influence, one way or the other, won't be stopping
OpenBSD's efforts.. not as I see it.



Regards,

~J

Re: Real men don't attack straw men

[Jason Beaudoin]

On Dec 11, 2007 2:00 PM, Richard Stallman [EMAIL PROTECTED] wrote:
 OpenBSD is by far the most free OS in the landscape.  Everything that
 ships with it is free or else it won't be distributed with it.

 Yes, that's what I was told.  I was also told that OpenBSD's ports
 system includes non-free programs.  Is that accurate too?

   There is
 not a single open source OS out there that is more careful than OpenBSD
 on licensing, copyrights and frivolous patents.

 Maybe that is true, but it's not the issue I'm talking about.  I'm not
 a supporter of open source anyway; I fight for free software.

 Ututo and gNewSense have the policy not to include non-free programs,
 not even in a ports system.  Thus, they don't do anything that
 contradicts the philosophy of free software.  That's why I can
 recommend them.


While I completely understand this point of view - and (more
importantly) the motivation behind such decisions - what I am hearing
from you is that an individual's (or project's) actions in fighting
*against* proprietary and the closed-source mentality (whether it's a
blob, no documentation, not considering NDA's etc..) is *less*
important than whether or not users are allowed the *freedom* to add
in software, that might possibly not follow these other goals..

This I simply don't understand.

We are fighting for the same thing.

And you cast the OpenBSD project out because there are users that
invest the effort to provide other users ports that may or may not
follow the *projects* goals and work?

Mr. Stallman, it is with great respect that I say these things, as I
believe your noble efforts in these areas are commendable and have had
a great influence on our communities, but I do not understand the
discrepancies here.

 Unlinke linux OpenBSD does not contain proprietary firmware blobs in the
 distribution.

 Torvalds' version of Linux is not free software, for this reason.
 Ututo and gNewSense include a version of Linux which remove the
 firmware blobs, in order to make it free software.



that's awesome, can users add these back in if they choose? is your
project worthless because of these users 'actions?


kind regards,
Jason

Re: Real men don't attack straw men

[Jason Beaudoin]

RMS,

Given what I've read, listened to, and specifically what you've said here:

 From what I have heard, OpenBSD does not contain non-free software
 (though I am not sure whether it contains any non-free firmware
 blobs).  However, its ports system does suggest non-free programs, or
 at least so I was told when I looked for some BSD variant that I could
 recommend.  I therefore exercise my freedom of speech by not including
 OpenBSD in the list of systems that I recommend to the public.

..maybe you should look into the OpenBSD project, methods, and the end
result - not necessarily to promote OpenBSD in some way, because I
don't believe anyone here sees value in that - but to educate
yourself, rather than speak from what someone else has commented on,
or little bits of cursory research. I think it's difficult getting a
sense of what OpenBSD stands for without having used the OS itself, or
what it provides.

 I could recommend OpenBSD privately with a clear conscience to someone
 I know will not install those non-free programs, but it is rare that I
 am asked for such recommendations, and I know of no practical reason
 to prefer OpenBSD to gNewSense.

the ultimate freedom is that of free choice. As I've seen, the OpenBSD
developers have fought tooth-and-nail, in many cases to the bitter
end, to provide the cleanest and freest operating system available. It
is coherent, and cohesive. In some cases, it's frustrating, simply
because support for non-free entities are sketchy or flat-out aren't
available. But at the same time, the opportunity remains open for
folks to implement their non-free whatevers if they so choose, though
they probably won't get the support of the developers, they may get
support from other users.. all of us are working with varying levels
of conviction and outside influences. That being said, I believe those
of the developers, many openbsd users, are stricter and more focused
any other single group of computer users.

again.. my words come from my perspective, from what I've heard/read
on this list and across the internet, as well as my experiences in
using windows, linux, *BSD, and seeing the effects of these sorts of
issues even in the non-technical areas of our lives.


So again.. I think OpenBSD should be tried and explored before being labeled.


Thank you for your time,

~Jason

Re: OT: OpenBSD on Asus eeePC

[Jason Beaudoin]

I just bought one to play and hack around with, I'll let ya'll know
how the experiment goes when it comes in!

~Jason

Re: Instant Messenger client

[Jason Beaudoin]

snip


Gaim?
It's compatible with AIM, ICQ, MSN Messenger, Yahoo, IRC, Jabber,
Gadu-Gadu, Novell GroupWise, and Zephyr networks.
And simple enough to use.




Note that as of gaim's 2.0 release, the project has been renamed to pidgin
I've been using it in linux for quite some time now with no problems,
but I am not sure how it runs on openbsd (though I'd expect no
issues).


~Jason

Re: No i partition when connecting camera to USB

[Jason Beaudoin]

On 5/30/07, Martin Toft [EMAIL PROTECTED] wrote:

When connecting a Nikon Coolpix L10 camera to my laptop via USB, no i
partition shows up:


snip

Check out the gphoto2 libraries, there are a couple qt/gtk based gui
frontends to extract the photos. Most of these cameras have
proprietary methods of accessing the memory card in an attempt to
convolute the process..so you often won't see the memory card as a sd*
device..like you should.

I also picked up a simple memory card reader from newegg, because
while I could extract photos through the gphoto method, mpeg movies
liked to crash the various apps I tried.

Good luck.


~Jason

Re: openbsd on a geode

[Jason Beaudoin]

And PC Engines WRAP boards, too, but neither it nor the Soekris
net4801 units are as small as what the other person is looking at.

Greg



Nor as feature-packed..these little Geode boards end up having quite a
list of devices/chips integrated into the system.

~J


--
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: openbsd on a geode

[Jason Beaudoin]

snip

 hahaha.. I actually *just* started working on getting OpenBSD on the
 geode. I picked up one of these (used):
 http://www.alptech.com/html/embedded/em_351a.htm

where did you buy it from, and how much was it, if you don't mind me asking?


Found it around the engineering firm I have been working for ;)  I got
lucky. These things aren't cheap. Industrial grade  We have 3, I
have one, another guy got one, and the third will be swapped if either
of ours is toast. If both of ours are bricked, I'm out. But I'll let
you  know how it all goes :D



Cheers,

Jason

Re: Recommendation for a UPS

[Jason Beaudoin]

- Fresh install of 4.1 (as soon as my copy gets here)
- I Will probably be using nut to shutdown the server.

I'm trying to find something that won't require too much
configs/poking around.  I'm not looking for something fancy either, I
just need enough juice to shutdown the server properly when the
electricity goes out.


What are your power requirements? Just a single server? How big of a
system are we talking about? ...mainframe, onyx, or a single opteron?


Regards,
~Jason

Re: iwi firmware error on snapshot

[Jason Beaudoin]

On 4/7/07, James Turner [EMAIL PROTECTED] wrote:

I'm running OpenBSD -current from the snapshot dated 04-06.  Everytime I bring
my thinkpad x40 out of sleep I get iwi0: fatal firmware error.  I'm running
the generic kernel and have a intel 2200bg card.


Yep..the card sucks.  I have the same issues on 4.0.
~J

--
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: obsd with soekris as On board computer

[Jason Beaudoin]

On 4/2/07, Raul Aldaz [EMAIL PROTECTED] wrote:

Hi misc,

Does any body know of any experience mounting this in a vehicle? I would
like to use it to provide wireless internet access with something like a
Merlin or Novatel pcmcia card.


What sort of specifics do you have in mind..physically mounting? Type
of chasis? Where to put it, considerations to make when mounting a
computer inside a car? or something specific to the soekris?

~J

Re: iwi0: XXX too many rates (count=13, last=108)

[Jason Beaudoin]

can anyone please give me some knowledge on this:

# dmesg

iwi0: XXX too many rates (count=13, last=108)



snip

I've had nothing but problems with my iwi card:

iwi0 at pci2 dev 3 function 0 Intel PRO/Wireless 2200BG rev 0x05: irq 11, addr
ess 00:0e:35:53:ed:56
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0x20
pcmcia0 at cardslot0


When I've got the card enabled, and are around ap's that have
auth/encryption, the card freaks out. dmesg is slowly filled with
authentication and firmware errors.

I ended simply picking up an orinoco pcmcia card for cheap.. uses the
madwifi driver in linux, wi in BSD..works wonderfully.


Cheers,

Jason

Re: Are Atheros AR5005G Wifi Network Adapter and Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller supported?

[Jason Beaudoin]

On 3/26/07, Tito Mari Francis Escaqo [EMAIL PROTECTED] wrote:

Greetings!
I need to know if Atheros AR5005G Wifi Network Adapter and Marvell
Yukon 88E8038 PCI-E Fast Ethernet Controller are already supported in
OBSD 4.0 or will be in the next release.




Have you checked the hardware compatibility page?

http://www.openbsd.org/i386.html#hardware


I bought me a laptop built-in

with these and I'd love to have OpenBSD on it rather than any other
OS.


::yay::

Re: adding X11 libraries after the fact

[Jason Beaudoin]

On 3/20/07, Lars D. Noodin [EMAIL PROTECTED] wrote:

 I excluded X11 from an installation of OpenBSD 4.0 and now find that some
 packages I would use seem to depend on some of the X11 libraries.  What is
 the best way to resolve package dependencies and/or install X11?


I believe this is covered in the FAQ..but you can simply boot an install cd.
Also check the archives for misc@


Regards,

Jason

Re: Does anyone know a good file manager for OpenBSD?

[Jason Beaudoin]

wget?

and no..your subject does not say it all..I interpreted that as file
manager, as in mc, xfe, nautilus, etc..


On 3/20/07, Leonardo Rodrigues [EMAIL PROTECTED] wrote:

 Hello everyone =)

 So, the title says it all. Anyone know a nice download manager utility
 for OpenBSD? Something along the lines of downloader 4 X for linux, or
 maybe even something like flashget/getright from the Windows world.




I get the feeling that a nice download manager is a rare sight in the
 Unix world...


not a bad assumption.. though wget works great for me..


Cheers,
Jason

Re: OpenBSD speed on desktops

[Jason Beaudoin]

snip


  Everything is much slower than existing Linux system. For example,
  Firefox takes 3-5 seconds to start on Linux but ~10 seconds on
  OpenBSD on same machine!

 I have the same problem. The FFS doesn't seem to be as fast as ext2.


The issue is not filesystem speed, but rather prelinking and the differences
in how libraries are loaded. Trying comparing transfer times for a given set
of (differing) files on both filesystems..


Regards,

~J


-- 
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: dhclient on a Sokeris

[Jason Beaudoin]

 The only solution I see right now is making a script that watches for a
 dhclient process, and then manually starts it whenever it goes away.
 This doesn't seem that elegant in my mind.


What about a simple program that checks for a network link, then call
dhclient? I dunno if you could do something like that with a script..but I
believe this would be relatively easy with a little C.   :D


Cheers,

Jason

Re: OpenSSH 4.6 released?

[Jason Beaudoin]

 Read the article more carefully;


And you should check more sources before making assumptions.
thought #2: maybe you are misinterpreting what the article is saying?

OpenSSH 4.6 has just been released. It will be available from the
 mirrors
 listed at http://www.openssh.com/ shortly.
  ^^^

 Released may not be used properly, but the article makes it
 clear it's not actually available yet.


What about the possibility of the author covering for delay in propagation?
The mirror servers do sync off of one *another*

Think before you come to conclusions, then argue about them.


Regards,

Jason

---
Consider yourself wrong, before assuming others are.

Re: Wireless PCI card recommendation needed

[Jason Beaudoin]

Could someone please recommend an 802.11g card that as a stronger transmit
power?  Or another card they have had good success with?



I use an orinoco card in my laptop..works wonderfully. Under linux the
madwifi driver is used, wi0 in OpenBSD. I know you're looking for a pci
card; I would look for cards based off of the same chip. Here is the
relevant info from dmesg..

wi0 at pcmcia0 function 0 Lucent Technologies, WaveLAN/IEEE, Version 01.01
port 0xa000/64
wi0: Firmware 8.72 variant 1, address 00:02:2d:8a:d5:31


good luck,

Jason
-- 
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: Daylight Saving Time (DST)

[Jason Beaudoin]

On 3/7/07, Claus [EMAIL PROTECTED] wrote:

 How does the new daylight saving times for the US effect an generic
 OpenBSD installation with a US time zone (e.g. US/Central) that has not
 been patched with the 009_timezone.patch?  Do things change if ntpd is
 being used?


The timezone data is simply a set of dates and times to tell the system when
to switch to/from DST. So without the patch, the system will not make any
changes. Ntpd won't change this, as the DST change occurs on the next level.
(i.e. ntp sets the system time, the system will then change that time based
on the DST settings)

please correct me if I am wrong..


Either way, you need that patch for things to work smoothly, and it isn't a
difficult update to make.


Regards,

Jason

Re: ctrl+alt+del reboot

[Jason Beaudoin]

On 3/6/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

 guys what file should i need to edit so that if i'm going to press ctrl
 alt del my box will just reboot?


Have you checked either the FAQ or mailing list archives? What does google
have to say?

~J

Re: OT: parallel programming book recs

[Jason Beaudoin]

On 3/6/07, Bret Lambert [EMAIL PROTECTED] wrote:

 Sorry for the OT post, but I wanted to pick the list's hive mind as to
 any recommendations for solid, in-depth references for parallel
 programming. College-level textbooks would be preferred.


While I don't have any good suggestions for books specifically, I ended up
resorting to the numerous white papers found online and in various technical
publications (IEEE, supercomputing, etc). Unfortunately, documentation in
the clustering and supercomputing industries is rather poor, difficult to
find, and/or highly specific to that group's research. I did a fair amount
of research on this topic last year for a cluster at my school, and found
generic information in short supply.

I would also consider looking directly at the MPI library as a good place to
start..


Goodluck,

~J
-- 
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: ssh in to a qemu guest

[Jason Beaudoin]

On 3/5/07, Lars D. Noodin [EMAIL PROTECTED] wrote:

 qemu is now running on an OpenBSD host, with Debian as the guest system.
 I can reach the net from inside the guest systems.

 What changes must be made to the networking on the host so that I can ssh
 *into* the guest systems from outside?


Depends on whether  how the networking has been setup for qemu; if the guest
system has it's own ip..use ssh like you would otherwise. If the guest
shares an IP with the host, well then, you'll have to look into qemu's
configuration - something I'm not terribly familiar with. VMware also has an
option for host - guest only networking..but if you've got the debian
guest connected to the net already..I'm assuming this isn't setup.

Good luck

~Jason

Re: nv(4) driver on nVidia 7600GS card.

[Jason Beaudoin]

On 3/1/07, Sunnz [EMAIL PROTECTED] wrote:

 Ok I am keen to be a tester, any documentation on how does one test
 and send useful information to the port maintainer? (Will be getting
 -current, but that's only the first step.)

 I have learnt C from college as well, so I like to do a bit of code
 too if I can... any documentation on how Xorg was ported and such?

 Linkage would be good.

 Thanks.


you could start with x:

http://www.X.org

no?

~J

2007/3/1, Joachim Schipper [EMAIL PROTECTED]:
  On Thu, Mar 01, 2007 at 08:22:22AM +0100, Andreas Maus wrote:
   On 3/1/07, Sunnz [EMAIL PROTECTED] wrote:
   I have an nVidia 7600GS Graphics card, and attempted to get it to
 work
   with the NV(4) driver.
  
   This is not a hardware problem. It is the nv driver.
   I had similar problems with my 7800GS.
   The thread was discussed here:
  
   http://marc.theaimsgroup.com/?l=openbsd-miscm=116017301426487w=2
  
   As a workaround you have to use the vesa driver till we have X 7.x
 
   P.S.: By the way ... will we switch to X 7.x in 4.1 ? The vesa driver
   can be annoying, because I can't watch movies in fullscreen with
 mplayer. ;)
 
  No, but you can already use 7.1 in -current. (To help with testing,
  obviously, and some stuff is still broken. So it's not a good idea if
  you want the easy way out. Xenocara, and 7.1, will be merged as soon as
  4.1 is sent to the CD guys).
 
  Joachim
 
 


 --
 Please avoid sending me Word or PowerPoint attachments.
 See http://www.gnu.org/philosophy/no-word-attachments.html




-- 
IEEE Student Branch President
Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA. 02115
401.837.8417
[EMAIL PROTECTED]

Re: Issues on Dell Inspirion 6400 with wpi (3945ABG) + WEP on current (+-ACPI)

[Jason Beaudoin]

Andreas Bihlmaier wrote:
 Hello misc@,
 
 on my quest to promote OpenBSD I found a new user today, but we ran into
 some issues concerning wpi.
 The laptop is a Dell Inspirion 6400.
 
snip


I have a similar Dell Inspiron 8600 currently running 4.0 I too have had
a difficult time with the built-in WiFi card (using the iwi driver).
It's a piece of junk Intel that simply *cannot* and encrypted
traffic/communication. I can use the device just fine when connecting to
an ap without any encryption enabled. But just being in the presence of
an ap supporting the secure communication, iwi spits out Firmware and
Authentication Errors.

Eventually I came across an orinoco based card that uses the wi driver
(madwifi in linux). So far my week has been great :D

I would just pick up a similar, well-supported pcmcia card and avoid the
 Intel hardware.

Cheers,

Jason

Re: iwi unknown authentication state 1

[Jason Beaudoin]

I'd like to say this is amusing..but it really isn't. I too receive the same
kernel messages from my iwi interface, though on a Dell Inspiron 8600.

The variety I see:

  iwi0: fatal firmware error
  iwi0: unknown authentication state 1

This is among one of the many reasons [EMAIL PROTECTED] should be taken out of
existance.


Cheers,

Jason

Re: Dedicated OpenBSD web hosting.

[Jason Beaudoin]

 On 2/5/07, Francisco Valladolid [EMAIL PROTECTED] wrote:
 
  Hi folks.
 
  Dedicated OpenBSD web Hosting ?,  In the past this theme has been too
  discussed.
  Now I want to know if some people have experience using some OpenBSD web
  hosting in dedicated enviroment such as www.servepronto.com or some
  other.
  if any, please let me know, I'm searching a good service running OpenBSD
  for
  migrate a old Linux server



If it has been too discussed, why are we discussing it any further? Do you
have specific questions or issues that you are having difficulty with?


Regards,
Jason

Re: [OpenSSH] an option for setting the login name?

[Jason Beaudoin]

snip

On the other hand, if options cannot be specified after the
hostname I doubt this patch will be really useful.  I would like
being able to type something like sftp hostname -l username
(most times I type -l username because I missed the username
when I was typing the hostname and do not want to edit the command.)

Might want to take a look at zsh and it's *powerful* autocomplete 
functionality. Super customizable. When I ssh, I am able to tab complete 
usernames, hostnames, and (through the use of keychain/ssh-agent) even 
directories on the remote system.

snip


Regards,

Jason