Re: Feedback on redesigned OpenBSD.org
On my desktop with dual 4K screens @3840x2160 (16:9) resolution the new design is basically illegible because the css wrongly determines this to be a high resolution small screen (aka phone) which is a step backwards, browser-zooming to 200% is not really an option because that also changes the layout. Also centering text blocks on the page really doesn't improve legibility on big screens.
Re: Probelm when building QGIS
On 27-07-18 14:03, tao wrote: Rashad Kanavath wrote On Thu, Jul 26, 2018 at 12:36 AM tao uponmyword@ wrote: Hello, I am in OpenBSD6.3. QGIS 2.18.17 in packages can not render style just like things in http://openbsd-archive.7691.n7.nabble.com/qgis-bug-since-last-security-update-under-stable-td339707.html So, I am trying to build QGIS 2.18.17 from source. Succeeded to ccmake the source. But get error when make. Here is the message: tao$ make [ 0%] Built target version make: don't know how to make /home/tao/Software/qgis/qgis-2.18.22/resources/function_help/json/rea (prerequisite of: src/core/qgsexpression_texts.cpp) Stop in . *** Error 2 in . (CMakeFiles/Makefile2:1165 'src/core/CMakeFiles/qgis_core.dir/all') *** Error 1 in /home/tao/Software/qgis/build-2.18.22 (Makefile:163 'all') Tried to find the file mentioned above "/home/tao/Software/qgis/qgis-2.18.22/resources/function_help/json/rea ", but could not find anything. Anyone has an idea? could you try gmake instead of make? make != gmake (unless you simlink or alias it) Could not find gmake. And also could not use cmake to build it. I think make is the right one. I have to give up ^ \^ snapshots already have qgis 3, so you can upgrade to current to get all the latest. since there is a port, you should start from there (eg. upgrade the qgis source version and start with that) -m
Re: Mount CD/DVD and playback DVD as normal user
2013/11/11 Laurence Rochfort laurence.rochf...@gmail.com: Hello, I'm trying to configure my laptop so that a normal user may mount a CD/DVD or playback a DVD in Xine. I never used it but have you seen: http://www.bsdua.org/hotplug-diskmount.html ? mark So far I've just put an entry in /etc/fbtab. /cdrom permissions look OK, but the devices themselves less so. What are the consequences of putting myself in the operator group? Where can I find a description of those groups? Advice greatly appreciated. Cheers, Laurence. drwxr-xr-x 2 root wheel 512 Nov 8 14:29 cdrom brw-r- 1 root operator6, 0 Nov 8 14:13 /dev/cd0a brw-r- 1 root operator6, 2 Nov 8 14:13 /dev/cd0c brw-r- 1 root operator6, 16 Nov 8 14:13 /dev/cd1a brw-r- 1 root operator6, 18 Nov 8 14:13 /dev/cd1c crw-r- 1 root operator 15, 0 Nov 8 14:13 /dev/rcd0a crw-r- 1 root operator 15, 2 Nov 8 14:13 /dev/rcd0c crw-r- 1 root operator 15, 16 Nov 8 14:13 /dev/rcd1a crw-r- 1 root operator 15, 18 Nov 8 14:13 /dev/rcd1c # $OpenBSD: fbtab.head,v 1.2 1999/05/05 06:56:34 deraadt Exp $ # login(1) reads this file to determine which devices should be chown'd to # the new user. Format is: # login-tty permdevice:[device]:... /dev/ttyC0 0600 /dev/console:/dev/wskbd:/dev/wskbd0:/dev/wsmouse:/dev/wsmouse0:/dev/ttyCcfg /dev/X0 0600/dev/wsmouse:/dev/wsmouse0 # samples #/dev/ttyC0 0600/dev/fd0 /dev/ttyC4 0755/dev/cd0a:/dev/rcd0c -- Disclaimer; This message is just a reflection of what I thought at the time of sending. The message may contain information that is not intended for you or that you don't understand.
Re: azalia -- no sound on CURRENT
2008/10/24 Dan Harnett [EMAIL PROTECTED]: On Fri, Oct 24, 2008 at 12:57:54AM -0700, Aaron Stellman wrote: Hello misc@, Compiled freshly checked out -current from 10/23/08 -- no sound. Looked through mixerctl and audioctl outputs, didn't find anything I think I lost sound on my Asus1000H as well; I'll check tonight...
Re: Update release 3.8 on AMD64 with a “fix” for the recent “DNS cache poisoning” vulnerability?
you could save some time and energy by using the 4.3-stable release from ftp://ftp.su.se/pub/mirrors/openbsd_stable/4.3-stable/ as this has the errata/patches applied... 2008/7/30, Nick Guenther [EMAIL PROTECTED]: On Wed, Jul 30, 2008 at 2:43 PM, skogzort [EMAIL PROTECTED] wrote: Hello, Ib m trying to protect our DNS server from the vulnerability referred to in: CVE -2008-1447 and US-Cert Vulnerability Note VU#800113. I see that there is a patch for BIND in 4.2 and 4.3 that addresses this vulnerability, but not for 3.8. I have inherited an Open BSD DNS server that provides external DNS for our web server and serves NTP for our infrastructure. I donb t know UNIX or Open BSD. Ib m reading through the Open BSD website and asking questions on the mailing lists to try and get an overview of what I need to do to upgrade/update/patch this server.B It was suggested to me that I may have to b manually merge the patchb , but I canb t find any instructions for that. I know that if I could upgrade our release to 4.2 or 4.3 then I could follow the instructions in the patch itself, but I wonder if that would be more work and potential for mistakes then necessary. No, do it that way. Upgrade your system cleanly. As a bonus, any other bugs/security holes that got fixed along the way will also be fixed for you. Since your system is so old, the best route for you is to just do a fresh install and then paste in the NTP and DNS config files (and turn named and ntpd back on in /etc/rc.conf). I was also told to use b portsb , but I read that using ports was only for people who have experience with Open BSD and beginners were not allowed to ask questions in mailing lists about using ports. What do you think: manually merge the patch, upgrade to 4.2 or 4.3 and apply, or use ports? named is a part of the base system, so it is not in ports. ports are all the other programs you can install on the systems My inexperience is a factor, I am looking for the shortest steps (so there will be less chance for error) that will still allow for a quick revert, should the b fixb fail. BACKUP, do you has it? Why don't you create the system in a virtual machine first and test it there? Once its working copy it out to a fresh disk, replace the disk in the box with that disk, make it work there, and -only then- do you wipe the old server disk and put it back on your extras rack. That's way safer than trying to do this to your live system. Good luck, I know that the initial learning curve is very steep, and doing this on a deadline must be a lot of stress. -Nick
Re: correct way to run kdm?
I've had kdm/kde on my laptop running for a couple of releases and I recall having keyboard problems initially; now it just works. 2008/7/20, Ted Unangst [EMAIL PROTECTED]: just an xterm. This was fixed by running genkdmconf which did some stuff. I don't know why this was needed. it builds the kdm config file I guess.. I have rc.local fire kdm: if [ X${kdm_flags} != XNO ]; then /usr/local/bin/kdm ${kdm_flags} ; echo -n 'kdm ' fi without any flags/options Solution to this: Edit /usr/local/share/config/kdmrc and find the line about TerminateServer and change it to true. For some reason, this would be /usr/local/share/config/kdm/kdmrc I don't have this option in mine; I have the shutdown command modified so it shuts down the machine on logout: HaltCmd=/sbin/shutdown -ph now
Re: correct way to run kdm?
2008/7/20, Predrag Punosevac [EMAIL PROTECTED]: I am not running it but I thought that this was more or less correct way http://www.openbsdsupport.org/KDM.html step 2.2-2.6 should do the trick. the rest of the document, i find, is just plain confusing
Re: Updates for old releases
2008/2/22, Antonio Lobato [EMAIL PROTECTED]: Hi all! I read http://openbsd.org/security.html (and stable.html), but could not make sure about my question. If today I download old versions (say /pub/OpenBSD/4.0/i386/cd40.iso) of openbsd, does it already includes the fixes listed in release != stable; you'll have to apply the patches (or get the/a newer release)
Re: symon and pfq
On Tuesday 21 November 2006 21:04, Martin Schrvder wrote: symon/symux is 2.72 on 3.9 I can't get the pfq resources working. :-( I've had this problem since somewhere post 3.8-ish; I've had a brief look and poke but no solution. [EMAIL PROTECTED]
Re: Mail gateway behind MS Exchange
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote on : spamassassin and smtp-vilter works quite nicely for this, you will want to generate an /etc/mail/access containing the list of valid usernames so you can reject unknown users with an SMTP error rather than having bounces for all the spam sent to unknown addresses being backscattered to the people whose addresses were forged:- To:example.comerror:550 5.1.1 No such user To:[EMAIL PROTECTED] OK To:[EMAIL PROTECTED] OK To:[EMAIL PROTECTED] OK M$ Exchange (2003) will do this just as well, possibly at a slightly greater overhead because of directory lookups... Look for filter recpients not in the directory Have you looked at the M$ Intelligent Message Filter which is part of SP2? I have spamassain+virus scan done by my provider; then run a virusscan+IMF on the exchangebox. -- drs. Mark C. Prins Spatial Fusion Specialist / Network Administration SkypeMe@ skype:mark.prins-caris.nl __ Ping to Chart World Tour 2006 CARIS is hosting a five-day workshop near you. Visit www.caris.com/worldtour for details. __ CARIS 2007 11th International User Group Conference and Educational Sessions 5 - 9 March 2007, Kuala Lumpur, Malaysia Register now to qualify for an early registration discount. Visit www.caris.com/caris2007 to learn more __ CARIS Geographic Information Systems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] __ This email contains confidential information for the intended recipient. If you are not the intended addressee, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. __ This message has been scanned for viruses using McAfee Groupshield. This message has been modified by the virusscanner. __
Re: Problem with apache-proxy on sparc
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote on : Hi Group, [Tue Mar 28 17:25:18 2006] [notice] Apache/1.3.29 (Unix) mod_ssl/2.8.16 OpenSSL/0.9.7g configured -- resuming normal operations [Tue Mar 28 17:25:18 2006] [info] Server built: unknown [Tue Mar 28 17:25:18 2006] [notice] Accept mutex: sysvsem (Default: sysvsem) [Tue Mar 28 17:25:25 2006] [debug] proxy_cache.c(0): No CacheRoot, so no caching. Declining. [Tue Mar 28 17:25:25 2006] [error] [client 81.14.150.150] (22)Invalid argument: proxy connect to 0.0.0.0 port 443 failed [Tue Mar 28 17:25:25 2006] [debug] proxy_cache.c(0): No CacheRoot, so no caching. Declining. I think you gotta have a valid CacheRoot or stick in: NoCache * As in IfModule mod_proxy.c ProxyRequests Off NoCache * [EMAIL PROTECTED] The proxy.conf is included by the httpd.conf. proxy.conf ProxyRequests Off # ProxyVia On Directory proxy:* SSLRequireSSL Order deny,allow Deny from all Allow from all AuthType Basic AuthName picturesafe | Interner Bereich AuthUserFile conf/.htpasswd AuthGroupFile /dev/null Require valid-user /Directory # SLOX #--- ProxyPass /appl https://10.0.20.38 ProxyPassReverse /appl https://10.0.20.38 ProxyPass /servlet/ https://10.0.20.38/servlet/ ProxyPassReverse /servlet/ https://10.0.20.38/servlet/ ProxyPass /start/ https://10.0.20.38/start/ ProxyPassReverse /start/ https://10.0.20.38/start/ ProxyPass /suse/ https://10.0.20.38/suse/ . ProxyPass /wiki/ http://10.64.5.247/wiki/ ProxyPassReverse /wiki/ http://10.64.5.247/wiki/ Thanks a lot for reading up to here :) Greetings, o/s -- drs. Mark C. Prins Spatial Fusion Specialist / Network Administration SkypeMe@ skype:mark.prins-caris.nl -- CARIS Geographic Information Systems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] This email contains confidential information for the intended recipient. If you are not the intended addressee, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the virusscanner.
Re: pflog gets no data
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote on : Hi, I want to log some pf-rules via pflog but unfortunately simply nothing gets logged although I think I did the correct steps: - created rules that include something like 'pass in log (all) on...' (actually the rules themselves work and let packets pass) - ifconfig up pflog0 ('ifconfig -a' shows the interface) - 'ps auxw' tells me that pflogd is running ('pflogd: [running] -s 116 \ -f /var/log/pflog (pflogd)') - the file var/log/pflog exists but according to its timestamp it wasn't touched since 2004!? - 'tcpdump -n -e -ttt -i pflog0' shows nothing more than a warning about no assigned ipv4 address (quite ok I think) - 'pflogd -D' returns nothing What am I missing? set loginterface ? -- drs. Mark C. Prins Spatial Fusion Specialist / Network Administration SkypeMe@ skype:mark.prins-caris.nl -- CARIS Geographic Information Systems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] This email contains confidential information for the intended recipient. If you are not the intended addressee, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the virusscanner. We are exhibiting at Oceanology International London. Visit us on stand 931. For more information visit www.oi06.com
Re: Security tools
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote on : On Wed, Mar 15, 2006 at 12:31:06PM +, Gaby vanhegan wrote: 1. How do I find out their attack vector? I have had a nessus scan performed on the machine, but it did not present any security (I can supply on request). I've checked the security releases in security.html and there are no pertinent ones for httpd. Snort has provided little useful information (I can provide access to the snort logs if required). Your access log only shows the request errors (404, 408) this makes it useless for finding the entry point (which would be logged with 2xx) assuming it's httpd. The error log looks kinda scary... btw rotating the logs makes them easier to manage) 2. If I can't stop them getting in, is there any way to observe what they're doing, or how they're doing it, so I can get a pointer to the hole. i've run out of ideas here. Can you help? php is old, and best avoided as a matter of general principle. There have been several security bugs found and fixed since 4.3.8. my bets are on php -- drs. Mark C. Prins Spatial Fusion Specialist / Network Administration SkypeMe@ skype:mark.prins-caris.nl -- CARIS Geographic Information Systems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] This email contains confidential information for the intended recipient. If you are not the intended addressee, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the virusscanner. We are exhibiting at Oceanology International London. Visit us on stand 931. For more information visit www.oi06.com
Re: [OT]: good home switch?
On 9/4/05, Przemyslaw Nowaczyk [EMAIL PROTECTED] wrote: Hi misc, I'm trying to find buy a stable reliable 5 to 8 port 100Mbit switch for my home network. My first impression was to buy the 3COM OfficeConnect Dual Speed Switch 10/100 5 Plus (3C16790) or the D-Link DES-1005D Switch 10/100 Mbit/s 5-port but I thought that it might be a good idea to ask here for some advice, not only about those two Have bunch of 3com officeconnect 8/16 plus 10/100 switches that have been running for upto 4 years now without problems. Only thing is after a power failure they get confused and need an extra hard reset (power cycle) but that's probably because they're strewn all over the building and the way the power comes back up. They have external power supply and no fan. -- drs. Mark C. Prins Spatial Fusion Specialist / Network Specialist SkypeMe@ callto:mark.prins-caris.nl __ CARIS 2005 - Mapping A Seamless Society 10th International User Group Conference and Educational Sessions 26-29 September 2005 - World Trade Center, Halifax, Nova Scotia, Canada Visit http://www.caris.com/caris2005 or send email enquiries to [EMAIL PROTECTED] for more information __ CARIS Geographic Informations Sytems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] __ This email contains confidential informations for the intended recipient. If you are not the intended adressee please, notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. __ This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the scanner. __
Re: rdr question
Stuart Henderson scribbled on : --On 27 July 2005 00:27 +0200, GV wrote: In general I would like to have one static IP where more than one domains are registered and for each domain a different internal web server should serve the incoming requests! No, you need some kind of 'reverse-proxy' to do this type of thing (maybe pound, tinyproxy 1.70, or squid in accelerator-mode). It would run on either the PF box or another box that you rdr to. httpd with mod_proxy enabled does this just fine for http; https is problematic... -- Mark C. Prins Spatial Fusion Specialist / Network Specialist SkypeMe@ callto:mark.prins-caris.nl -- _ CARIS 2005 - Mapping A Seamless Society 10th International User Group Conference and Educational Sessions 26-29 September 2005: World Trade Center, Halifax (Nova Scotia) Canada Visit http://www.caris.com/caris2005 or send email enquiries to [EMAIL PROTECTED] for more information. _ CARIS Geographic Informations Sytems BV phone: +31 413 296 010 fax: +31 413 296 012 web: http://www.caris.nl product support: [EMAIL PROTECTED] sales/marketing: [EMAIL PROTECTED] _ This email contains confidential information for the intended recipient. If you are not the intended addressee please, notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this message until such a time as a written contract has been signed on behalf of the company named above. _ This message has been scanned for viruses using McAfee Groupshield. This message may have been modified by the scanner. _