Re: Proper IPv6, want to host tunnels for IPv4 users.
>>>>> "John" == John Tate writes: John> I have a OpenBSD 4.7 VPS with 64 proper IPv6 addresses. What I John> wanted to do is provide like other services an IPv6 address to John> clients. I was wondering what software I would need to learn to do John> this. That's a pretty clueless ISP. They should have given you either a /128 or a /64. Why they gave you a /122 is baffling. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: License
>>>>> "Simranjit" == Simranjit Gill writes: Simranjit> Hello, I want to use the IPv6 source code in one of the Simranjit> products manufactured by my company and need to know if there Simranjit> are any restrictions or limitations regarding the use of Simranjit> source code in commercial products. Please let me know if Simranjit> this is not right place to enquire regarding the Simranjit> license. Thank you. Very sad for people's ability to read. The future looks bleak. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: a GOOD idea to harden OpenSSH!
>>>>> "Peter" == Peter N M Hansteen writes: Peter> We've seen quite a bit of what appears to be industrial-scale password Peter> guessing (google 'hail mary cloud' or a few more obvious keywords), so Peter> on any internet-facing system the probability that someone is trying Peter> to bruteforce their way in via some account or other right now is not Peter> negligible. And about 1/1000th the traffic if you move your sshd from 22 to something far less standard, based on my experience. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: Is VPN initiation by traffic possible?
>>>>> "Scott" == Scott McEachern writes: Scott> It's called "port knocking". Google is your friend here. And if you recommend or use port knocking, you're an amateur at crypto. If adding 8 sniffable bits to your effective key length makes you significantly more secure, you've lost the game already. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11)
>>>>> "Dragos" == Dragos Ruiu writes: Dragos> It's been up on the site for a while with a Dec 29 deadline, Dragos> but this is the real last call for submissions. Really? Then why did you use "Penultimate" (which means "next to last") instead of "Ultimate" in the subject line? Yours for a more literate education, -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: OT - secondary DNS recommendations
>>>>> "Scott" == Scott McEachern writes: Scott> It seems my free-as-in-beer secondary DNS service, EveryDNS.net, has Scott> abandoned WikiLeaks, so I'd like to return the favour. Scott> Given the (general) support of WikiLeaks here, I was wondering if anyone could Scott> recommend a free alternative to replace EveryDNS.net? 1) Get a free tunnelbroker.net account from Hurricane Electric by signing up. 2) secondary up to 25 domains using that account, for free, on DNS servers that are geographically diverse and ipv6 enabled. 3) if you're feeling lucky, use two of your five free tunnels to have an endpoint in the USA (to see streaming media available only in the USA) and the UK (to use BBC iplayer). Of course, the tunnels are meant for you to have ipv6 anywhere. I just consider that a bonus. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: Donations
>>>>> "Theo" == Theo de Raadt writes: Theo> If you don't know why I am sending this mail.. you are reading US Theo> managed news, and need to much much more informed If this is in reference to Wikileaks, it's because Paypal believes that Wikileaks is involved in illegal activity, and to some degree, I agree with them. (I believe a lot of the "diplomatic actions" we do in the US are wrong, but two wrongs don't make a right.) Are you planning on having the OpenBSD development team perform some sort of illegal activity soon? If not, you shouldn't be worried about Paypal. If it's not about Wikileaks, google searches don't show anything else particularly interesting about Paypal recently, so I wonder what triggered your message. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: Why renice not work in OpenBSD?
>>>>> "Dmitry-T" == Dmitry-T writes: Dmitry-T> Is in OpenBSD lacks developers? That might as well be the last message you post here. Any little help you would get, you've just offended them. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: FreeBSD isn't Free
>>>>> "Alex" == Alex Libman writes: Alex> Apache, sendmail, and artsy licenses (i.e. perl) aren't really copyFREE Alex> either (I have a 256 word threshold for legalese). Ahem. Stop with the FUD. Artistic 2.0 was written by lawyers who are every bit as good as the ones at Berkeley or FSF. Perl is about as free as anything gets. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion
Re: a minor correction to rc.conf comments
>>>>> "Jason" == Jason McIntyre writes: Jason> fixed this and the syslogd_flags example above it, which had the same Jason> error. The style guide for a former employer of mine forbid these, requiring us to spell out "for example" and "that is". Even if you can get them right, it's not obvious that the reader would know them as well. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: OpenBSD culture?
>>>>> "Michal" == Michal writes: Michal> "Where can I get this piece of software" which just makes you angry as Michal> it takes 5 seconds to search it. There's a reason I have an IRC alias (/goo) for lmgtfy.com . Far too many users want me to operate google for them. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: whiteboard over the net
>>>>> "Patrick" == Patrick YU writes: Patrick> Etherpad, http://en.wikipedia.org/wiki/EtherPad Until a few days from now, when they'll be shut down because Google bought the entire company for its talent pool. Luckily, they open-sourced the code before the shutdown: http://etherpad.com/ep/blog/posts/etherpad-open-source-release and a few hosted solutions have popped up, like typewith.me and piratepad.net. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: PF log parser and dynamic PF rules...
>>>>> "Paul" == Paul de Weerd writes: Paul> Jeez... As an asker, you don't really get to decide how or what other Paul> people answer, or if they even answer at all. As I snipped off a Usenet group once: Get real! This is a discussion group, not a helpdesk. You post something -- we discuss its implications. If the discussion happens to answer a question you've asked, that's incidental. If you post a question that implies that you've got a problem finding answers to trivial questions in the manual, then it is perfectly reasonable for us to discuss how to do that. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Seeking Advice on URL Redirection
>>>>> "Aaron" == Aaron Mason writes: Aaron> While I was looking for ways to parse Apache logs, I stumbled upon a Aaron> web page that dealt with "Cool tricks" with Perl and Apache [1] (12 Aaron> years old now, but a few decent ideas) which has some perl script for Aaron> a very basic "load balancer" which would dynamically redirect requests Aaron> to random web servers in your server farm (which you would have to Aaron> define). Poor man's load balancer: http://www.stonehenge.com/merlyn/WebTechniques/col55.html -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: PF cluestick please - low priority queue spills over into normal queue
>>>>> "Aaron" == Aaron Mason writes: Aaron> hi_bw = "33Mb" Aaron> norm_bw = "20Mb" Aaron> lo_bw = "178415b" Aaron> A typical output from pftop shows the contents of Aaron> http://paste2.org/p/596043 - notice the upstream going crazy. Aaron> Unfortunately pfTop hasn't been updated to take advantage of the Aaron> changes to pf, so it refuses to display the rules. I'd do it myself Aaron> if I had a better understanding of how pf worked within, but I'm not Aaron> quite at that stage yet. I don't see anything that is exceeding the threshold. 33M > 387 20M > 3273 178K > 20K 33M > 359 20M > 48K 178K > 18K Where do you see "going crazy"? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: vi in /bin
>>>>> "Matthew" == Matthew Szudzik writes: Matthew> ed, sed, and vi are three of the most important Unix utilities, and Matthew> there's no excuse for not learning all three. That's because they all Matthew> use the same commands and syntax. If you know how to use one of them, Matthew> then you know how to use the other two. Everything I used to know about sed, I've forgotten once learning Perl. There's really no excuse for not knowing Perl and Python these days. And if you need to learn Perl, I can recommend a good book (or two :). -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: vi in /bin
>>>>> "Brad" == Brad Tilley writes: Brad> I use ed in emergencies when /usr is inaccessible, but I'm a lot more Brad> comfortable with vi. Will a static vi ever live in /bin? Helping someone Brad> use ed remotely, who has never used ed, when I myself don't use it Brad> regularly is always an adventure. Solution: learn "ed" a bit more. It's really *not* that hard. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: cron problem
>>>>> "Chris" == Chris Bennett writes: Chris> During testing, I put the following entry in cron: Chris> 33 * * * * * LWP4.pl; LWP5.pl; LWP6.pl; Chris> When it ran, I got 6 versions of each of these scripts running concurrently Chris> and in order also. If the total time to run the three scripts in sequence is greater than an hour, you will get overlapping runs. If you don't want that, you should put some sort of "highlander" ("there can be only one!") locking in your scripts. I addressed this subject in my column at: http://www.stonehenge.com/merlyn/WebTechniques/col54.html -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: SOCKS proxy
>>>>> "Diana" == Diana Eichert writes: Diana> First, I put on my corporate network security hat on. If you're trying Diana> to get around corporate policies you're setting yourself up for other Diana> problem if they catch you. We find you doing this where I work and Diana> ... . And if you think bad things can't happen to good people, that's pretty much the story behind my conviction, described at http://www.lightlink.com/fors/. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: ftp from script
>>>>> "Ed" == Ed Ahlsen-Girard writes: Ed> #!/bin/sh Ed> export cvsroot=anon...@rt.fm:/cvs Ed> cd /usr Ed> cvs checkout -P src Ed> date You still haven't learned to check the return value of cd. :) That should be: cd /usr || exit 1 -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: ftp from script
>>>>> "Ed" == Ed Ahlsen-Girard writes: Ed> #!/usr/bin/perl Ed> `cd /home/ed/snap`; This doesn't do anything, except waste time. May I suggest a good book or two for "learning perl", so you won't keep wasting time on this? :) Might be a good way to learn to check return values as well. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: ftp from script
>>>>> "Daniel" == Daniel A Ramaley writes: Daniel> chdir "/path-to-dir"; You didn't check the success of the chdir. This will ruin your original current directory if that fails... Daniel> unlink <*>; Oops! The proper solution is rmtree, a function defined in File::Path: use File::Path; rmtree('/path-to-dir'); -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Missing security announcements
>>>>> "Ted" == Ted Unangst <[EMAIL PROTECTED]> writes: Ted> What you can do is monitor the list. If an erratum comes out and Ted> nothing happens for a day, email the person responsible and remind Ted> them. The person responsible is not necessarily the person who Ted> happened to commit to stable, though, it's the person who made the Ted> original fix. There's no announcements on the list because probably Ted> half the developers don't know they are supposed to make such Ted> announcements. Who handles the errata page, assigning the sequential numbers and deciding whether it's a security fix or not? Surely, it would be easier to teach that small set of people (one?) to cc the mailing list on a security announcement, rather than expect that everyone with a core commit bit be reminded to watch errata to notice when their particular contribution has been accepted as a security patch. What am I missing here? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Why Perl for pkg_* tools ?
>>>>> "Douglas" == Douglas A Tutty <[EMAIL PROTECTED]> writes: Douglas> Of course, without an actual here's-my-problem issue to discuss, its Douglas> philosophical and hypothetical which allows us to argue over the Douglas> periphery instead of the core issue. Douglas> Is there any scenario where one could not easily ship a product that Douglas> uses OpenBSD with its perl interpreter intact? How many times do we have to say "Perl's license is Artistic 2.0 which is roughly as broad (if not even a tiny bit broader) than BSD's own?" Are you not paying attention in the thread to the three prior times I (and others) have already said this? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: [OT] Python License
>>>>> "Martin" == Martin Marcher <[EMAIL PROTECTED]> writes: Martin> How about the python license? Not that I'm really capable of rewriting Martin> and/or patching the pkg_* tools but from a license point of view I Martin> think that the license under which python is distributed is quite Martin> similiar to a BSD license. Especiall this: And what makes you think that is *closer* to the BSD license than Perl's Artistic 2.0 license, which says essentially the same thing? Or even the classic "Artistic 1" license, which was even more "do nearly whatever you want", with less legalese? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Why Perl for pkg_* tools ?
>>>>> "comfooc" == comfooc <[EMAIL PROTECTED]> writes: comfooc> Sorry, but I've clearly misphrased my question and might be a little comfooc> offtopic. I should ask if python has better license than perl from comfooc> OpenBSD perspective. If you're serious, the answer is no. They're roughly equivalent. But your question is moot, since that's not what pkg_* is written in. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Why Perl for pkg_* tools ?
>>>>> "Paul" == Paul de Weerd <[EMAIL PROTECTED]> writes: Paul> "[Perl is not BSD licensed] What technical reasons have lead the Paul> developers to elect this language ?" I think you'll find that the Artistic License (especially 2.0) is roughly the same level of liberation as the BSD license. I'd be hard pressed to find an application of Perl where having a BSD license would have been the deciding factor. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: Doubt about license
>>>>> "Pieter" == Pieter Verberne <[EMAIL PROTECTED]> writes: Pieter> I'm wondering what OpenBSD people think about BSD (-like) licenses Pieter> versus public domain. "public domain" is not a legal "license" in some countries. In other words, you can't totally give away all your rights. So, an explicit license is required. I learned this while taping the FLOSS Weekly show about SQLite (twit.tv/floss26), which Richard Hipp placed in "the public domain" before determining that later there would be problems. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
Re: zombies
>>>>> "Otto" == Otto Moerbeek <[EMAIL PROTECTED]> writes: Otto> zombie state happend if a child process exits, but its parent did not Otto> execute a wait(2) system call (or one if its alternatives) for the Otto> process (yet). So this seem a bug in the handling of CGIs. Most likely a bug in a Perl script that forks but doesn't wait for its kid. I generally *don't* see zombies in well-written Perl programs. Was this FastCGI by any chance? I know there's unique problems related to that for naive code that creates a child, because the parent never goes away (since it's shared by the next series of CGI hits). But again, with proper care, even a FastCGI script can be written properly. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: openbsd's perl and thread support
>>>>> "Stephen" == Stephen Takacs <[EMAIL PROTECTED]> writes: Stephen> Perl threads on Unix aren't nearly as useful as on platforms like Stephen> Win32 that don't have a native fork(), and even there you have to be Stephen> careful because Perl's threads are not at all "lightweight". You can Stephen> easily end up with processes that have huge memory footprints if you Stephen> don't exert extreme caution. Also some modules aren't safe to use in Stephen> multiple threads. Stephen> Another alternative that's cross-platform and perhaps more robust is Stephen> POE (http://poe.perl.org). This is just a CPAN module, so you don't Stephen> have to rebuild perl in order to use it. There's also the "forks" module in the CPAN which simulates threads for thread-based Perl programs using "fork()", albeit with a few restrictions. I've installed this on OpenBSD and a few other platforms, and at least most of the tests pass. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Get rid of leaf packages
>>>>> "Jona" == Jona Joachim <[EMAIL PROTECTED]> writes: Jona> I don't know Perl that well. There are ways to fix that. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
looking for person to be interviewed for FLOSS Weekly
I'm co-producing the FLOSS Weekly podcast with Leo Laporte (roughly 50K downloads, if I recall). I'm looking for someone who can speak about the past, present and future of OpenBSD. I particularly also want someone who can speak about the additional freedoms of the BSD license. An added bonus would be someone who has been in open source software for a long time. Past shows can be found at www.twit.tv/floss, including the one I just did with Josh Berkus of the PostgreSQL project. Any volunteers? Thanks. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Regular Expression Problem
>>>>> "OBSD" == OBSD <[EMAIL PROTECTED]> writes: OBSD> With this it works: For some meaning of "works". Maybe you're not listening, but if someone googles this page, I want to make sure you're corrected. OBSD> cat mail.txt | egrep "[EMAIL PROTECTED]" | egrep "\.[a-zA-Z]{2,4}$" This is *not* an email matching regex. See my message earlier in the thread. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Regular Expression Problem
>>>>> "OBSD" == OBSD <[EMAIL PROTECTED]> writes: OBSD> I wants to egrep from a big text file all mail addresses. ... OBSD> cat mail.txt | egrep "[EMAIL PROTECTED],4}" That's not even VAGUELY CLOSE to a regex for email addresses. You need to read RFC822 and RFC2822, or just grab the regex at: <http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html>. And no, I'm not kidding. (It's easier to use the Perl module, which creates that regex on the fly.) You're in good company though. Nearly *everyone* gets this wrong until being properly informed. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: setting up ssh tunnel/vpn
>>>>> "Steffen" == Steffen Sch|tz <[EMAIL PROTECTED]> writes: Steffen> You can try "man ssh" and then search Steffen> for the section "SSH-BASED VIRTUAL PRIVATE NETWORKS" Beware TCP-over-TCP though, which is what these networks will necessarily be. If you have bandwidth to spare, no biggy, but if you ever start getting congested, all hell breaks loose. Google for "TCP-over-TCP" for more info. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Is the PERL in base stock?
>>>>> "Marc" == Marc Espie <[EMAIL PROTECTED]> writes: Marc> The perl in 4.1 is not 100% stock, and the one in 4.2 will be slightly Marc> farther from that. Marc> We have a few minor fixes and adaptations that are not in 5.8.8: Marc> - handling of E in various pod converters Marc> - path lookup to handle /usr/local along /usr Marc> and possibly a few others I'm not too familiar with... I presume you've sent those changes to perl5-porters to get them into 5.8.9 or 5.10.1. I'd hate to see a divergence from lack of communication. Marc> and we are starting to make use of basic OpenBSD Marc> libc code (crypto hashes and mkstemp) in XS code that will yield the same Marc> interface as the CPAN perl module. Might be interesting to make this available as a CPAN module too. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Is the PERL in base stock?
>>>>> "Michael" == Michael Dexter <[EMAIL PROTECTED]> writes: >> From what I can tell, the PERL used in OpenBSD is stock: Michael> http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/perl/ Michael> Could someone confirm or deny this? Is it reviewed or hardened in any way? As far as I can tell, it's the stock 5.8.8 in OpenBSD 4.0. I seem to recall a couple of security patches applied as part of "errata" in past releases, but there are no security patches for 5.8.8 as I type this. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: amavisd-new under OpenBSD 4.0
>>>>> "Bob" == Bob Eby <[EMAIL PROTECTED]> writes: Bob> Instead, I'm going to follow Mr. Roberts' advice and try out a base Bob> system with spamd and greylisting. In the mean time, while such a Bob> system is keeping my few users afloat, I'll see if I can come up with Bob> something more tailored to our situation. If you have a spare IP address or two, you can also consider low-MX and high-MX traps. I've been using a high-MX trap for two years, and it eliminates about half of my spam. I just recently learned about low-MX traps, and am anxious to try that as well. Basically, you need to turn off the mailer on your A record, and point your lowest MX value at that same IP. Spammers will try to deliver here, and fail. Legitimate mailers will roll over to... Have a mid-range MX pointing at your actual mailer on a *different* IP. Ideally, this should be the same machine, so that you get consistent results with the following... Have a hi-range MX pointing at a different IP *with a mailer listening*. This mailer should return 450 for all mail, but also block that IP for an hour or so from reaching either your actual mailer IP or your hi-range MX ip again (temporary blacklist using PF, preferably on a separate ingres machine if you can). These "lightning rods" attract the spammers, while allowing normal RFC-compliant mail to get through. Like I said, I've been VERY happy with my high-MX trap for over two years. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Screen resolution and ACPI
>>>>> "Passeur" == Passeur <[EMAIL PROTECTED]> writes: Passeur> bios0: VMware, Inc. VMware Virtual Platform Aha... if you get VMWare working nicely, please publish the instructions. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: OpenBSD dedicated hosting
>>>>> "Jay" == Jay Truesdale <[EMAIL PROTECTED]> writes: Jay> In the past year they kept having "router problems" with no end of Jay> excuses. After a 12+ hour power outage we had it and went Jay> elsewhere. Elsewhere does not support OpenBSD though. Yes, I suffered those too. However, they're still in the 4 or 5 9's category, even with those outages, and for the price, it's a nice deal. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: OpenBSD dedicated hosting
>>>>> "Gilles" == Gilles Chehade <[EMAIL PROTECTED]> writes: Gilles> I am looking for companies that provide OpenBSD-powered dedicated Gilles> hosting. Currently, I am being hosted by a french company which Gilles> turned out to be as incompetent as can be, and I am willing to switch Gilles> as soon as possible (preferably before the 25th of September). stonehenge.com has been on an openbsd-based dedicated box since april of 2002 at sprocketdata.com. You can ask me privately about details. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: ksh vs bash
>>>>> "Woodchuck" == Woodchuck <[EMAIL PROTECTED]> writes: Woodchuck> Perl has obviated the need for some sort of interactive interpreted Woodchuck> system language. Bash has some new and expanded features, but not Woodchuck> enough to make its use compelling. Since discovering Perl, the longest thing I ever write in any shell script is .profile, and that's annoying enough, and making me wish I could just cut the cord and use Perl as my login shell. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: VPN help needed: OpenBSD in the corporate environment instead of Linux
>>>>> "Jason" == Jason Dixon <[EMAIL PROTECTED]> writes: Jason> Everything you need is in the base install. With the recent changes to Jason> ipsecctl and ipsec.conf, there's no need to consider OpenVPN (except perhaps Jason> on technical merits, which I believe it loses on). Maybe not on "getting it set up", but there are definitely some problems with ipsec that make OpenVPN a winner for some circumstances, such as NAT traversal and hostile-to-v6 routers and ISPs. Unless something has happened with ipsec/ipv6 in general recently that I'm not aware of. If so, please share. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: happy upgrade camper
>>>>> "victorc" == victorc <[EMAIL PROTECTED]> writes: victorc> I heard your interview on Perlcast a few months ago. victorc> I found it helpful and interesting. victorc> Josh McAdams does a great job of podcasting and interviewing. victorc> I know this reply is off topic, but I thought the list may want victorc> to check out perlcast.com. And as long as you opened the off-topic podcast window, you can also listen to *my* weekly podcast for Geekcruises at podcast.geekcruises.com where I interview famous people who have been (or will be) on the Cruises. OpenBSD ought to have a cruise coming up, don't ya think? That'd be cool. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
happy upgrade camper
After the heat I took trying to upgrade from 3.7 to 3.8 via source recompile, I took the advice to heart to simply untar some binaries right over the top of my running system, which seemed a lot more scary to me. However, I'm happy to report that my system is now running 3.9 with little if any problems. CGI.pm got downgraded, so my webserver died until I figured that out, but everything else was minor. Thanks y'all for making it just work! -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: (OT: PostgreSQL vs MySQL)
>>>>> "Craig" == Craig Skinner <[EMAIL PROTECTED]> writes: Craig> MySQL is a wee bit faster, I keep seeing this, but I sometimes see the opposite. That "MySQL is faster" meme seems peristent though, as if the PostgreSQL want to provide *some* justification for people to continue to have a reason for MySQL. Given the cost of programmer time (and the cost of lost data) vs the cost of a slightly faster processor, is it ever really worth it even if MySQL is *twice* as fast? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: OpenSSH funding: Mark Shuttleworth?
>>>>> "nick" == nick thompson <[EMAIL PROTECTED]> writes: nick> Sure sounds like a good idea to me. Since OpenSSH is such a vital part nick> of a linux distribution (or any unix like os) , I would imagine nick> Mr. Shuttleworth would be inclined to want it's development to continue. Probably want to go through the Shuttleworth Foundation (http://www.tsf.org.za/), set up specifically to field such requests and proposals. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Backup MX server
>>>>> "Peter" == Peter Fraser <[EMAIL PROTECTED]> writes: Peter> Wouldn't a even simpler solution be to define a Peter> high MX record to a dummy address that would never Peter> answer. The spammers were going to retry, they would Peter> anyway and a real server would retry for sure. My understanding is that the most popular spam delivery agents simply scan downward in the MX values until they can connect once, and then go on to the next domain. The error return doesn't matter to them... they're trying for as many different domains as possible, and once having "delivered" the message (even a 4xx), they move on. Thus, you need something that will at least connect and try to accept the message. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Backup MX server
>>>>> "Constantine" == Constantine A Murenin <[EMAIL PROTECTED]> writes: Constantine> Correction: this very neat trick is by Randal L. Schwartz; Graham Constantine> was the one opposing it in this thread. :-) Constantine> Here are some results of 'You Had Me at HELO': Constantine> http://fas.sfu.ca/Members/hebron/oscon2005/spam_session/document_view Here's the actual link to the talk: http://www.stonehenge.com/merlyn/Pictures/Trips/2004/04-09-DragonCon/HELO.pdf> That might actually be an older version. I need to find the current version and upload it somewhere. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Backup MX server
>>>>> "Graham" == Graham Toal <[EMAIL PROTECTED]> writes: Graham> Ouch! You're a brave one. That's fine until your first big network outage :-) Graham> Oh wait - I bet they're both on the same net segment, right? You wouldn't Graham> dare do that with a machine elsewhere on the net! No, they're both on the same machine! I told postfix to listen to two specific addresses instead of 255.255.255.255, each with their own config file. It's a simple but elegant solution. Also, the 450 merely says (to legit senders) "try again". So on the bizarre chance that my blue listener is down and it gets rolled to spamtrap, the sender will retry in a half hour or so. Graham> I might use the fact that mail had been delivered to a backup MX as Graham> *one* factor in a spam evaluation function but rejecting it all Graham> entirely is pretty risky. I think you've just been lucky so far. Graham> Doesn't your main machine ever reject calls because the load average Graham> is too high, for example? As I said, it's *one* machine for both listeners. Graham> I bet you're not running greylisting either. If you were, legitimate Graham> mail would frequently try your backup MX. It's a neat observation that Graham> several of us have made, and it is tempting to find a way to take Graham> advantage of it, but I think that rejecting *everything* that arrives Graham> on your lowest-valued MX is just going too far! I hate greylisting. It hurts legit mail to solve the spam problem. And I don't need it, based on the amount of spam I can kill with this (and a few other tricks described in the referenced paper). -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: Backup MX server
>>>>> "Rod" == Rod Whitworth <[EMAIL PROTECTED]> writes: Rod> As a result spammers target secondaries strongly in preference to Rod> primaries. As a project I listed a secondary for a server I support Rod> using an alias on the same machine. All of the mail sent to the Rod> secondary address (unless I missed one or two) was spam. Only about 60% Rod> directed to the primary was spam. $ host -t mx stonehenge.com stonehenge.com mail is handled by 666 spamtrap.stonehenge.com. stonehenge.com mail is handled by 5 blue.stonehenge.com. Any mail delivered to spamtrap gets the following response: 450 Violation of RFC2821 Section 5 Paragraph 8 correlates highly with spamming and is therefore rejected. And yes, that's the paragraph that says "deliver to lowest MX first". I'm skipping about *half* of the incoming spam just with this one trick. For more details, find the PDF I wrote titled "you had me at HELO" via google. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: errata 001_perl.patch
>>>>> "Diana" == Diana Eichert <[EMAIL PROTECTED]> writes: Diana> Did you ever get your PF/OpenVPN issue resolved? Commenting out the only line related to OpenVPN still fails to load it, and I didn't yet have an opportunity to put stdout/stderr capture on the /etc/rc load. Oddly enough, I copied those same lines to the end of my /etc/rc.local, and it works fine, so I'm not worried for now, just puzzled. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: errata 001_perl.patch
>>>>> "Clint" == Clint M Sand <[EMAIL PROTECTED]> writes: Clint> On Thu, Jan 12, 2006 at 09:38:07PM +0100, Han Boetes wrote: >> I doubt you need perl at all on a box like that. You can also >> consider to simply remove all the perl on that system. >> >> >> # Han Clint> The pkg_* tools are perl. Even though its a firewall he may need to Clint> install/remove/maintain pkg's of some sort. If it's the bug I'm thinking of (the sprintf issue), only the /usr/bin/perl binary is affected. You can probably get away with copying only that. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: stuck on "upgrading from 3.7 to 3.8 - Exception handling flag day"
>>>>> "Hannah" == Hannah Schroeter <[EMAIL PROTECTED]> writes: Hannah> Please don't. There're people who use the upgrade FAQ as it's intended Hannah> (i.e. one may try it out, but one is on one's own, if things fail and Hannah> one can't fix it, use binaries to get close to the revision(s) one wants Hannah> to compile, i.e. the release binaries to get to stable, the latest Hannah> snapshot to possibly get to current). And it successfully worked for the past five upgrades. That's why I was surprised when it didn't work *immediately* this time. Now that I know that using source to leap from one release to the next is *less* supported than a binary leap, I understand the risk better. Prior to that, I had equated the risk. So thank you all. I learned, but I also spent the time to learn. By the way, I was thinking through my workaround, and have a hypothesis that binary cross-platform builds may actually be tainted... because that part of the build step must have been looking at *installed* include files, not just in-build-area include files, which is why it more or less "works" now, after the first bootstrap installation. Thus, there may be a bug there. Might deserve some investigation. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: stuck on "upgrading from 3.7 to 3.8 - Exception handling flag day"
>>>>> "Theo" == Theo de Raadt <[EMAIL PROTECTED]> writes: >> As it is, I worked out the problems. For the record, the workaround is: >> >> 1) remove the obj directory Theo> Look, if you did not do this, you are an idiot. However, what I meant was that this was in addition to the "don't do the make obj step" (which I didn't make clear by its absence), because that breaks the paths more than they should. So, the "binaries" need to end up in the original paths, not the obj paths. This is contrary to the FAQ, which says to do the "make obj" step. So, I added a step which cleans up from the "normal" build process. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: stuck on "upgrading from 3.7 to 3.8 - Exception handling flag day"
>>>>> "Theo" == Theo de Raadt <[EMAIL PROTECTED]> writes: >> I'm upgrading a remote box, so a "standard upgrade" is not an option, >> nor is a reinstall. There was no warning in the FAQ that the >> information was definitely broken. It must have worked for *someone* >> or it wouldn't have been put in the FAQ, I presume. Theo> Oh, but you don't understand. Actually, I do. I've been around the block on open source projects. I'm surprised you don't recognize that. :) I was hoping to get *lucky* that someone had this problem already. As it is, I worked out the problems. For the record, the workaround is: 1) remove the obj directory 2) issue "cleandir" and the default build, which will fail 3) Edit /usr/src/gnu/lib/libstdc++/include/Makefile to read GCC_SRCDIR=/usr/src/gnu/usr.bin/gcc/gcc instead of the broken relative path it generates 3) reissue the default build, and install I'm restarting the /usr/src "make build", so I've also edited the parent Makefile so that it won't try to redescend into libstc++. I hope that works. :) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
Re: stuck on "upgrading from 3.7 to 3.8 - Exception handling flag day"
>>>>> "Theo" == Theo de Raadt <[EMAIL PROTECTED]> writes: Theo> If you get stuck doing an upgrade build, please do a standard upgrade Theo> or reinstall. Theo> We have never promised that such builds will work perfectly, nor can we Theo> dedicate 3-4 developers full-time to making sure they do. Which is Theo> pretty much what it would take. I understand that. However, I'm hoping that someone else reading this mailing list will have tried the paragraph given in the FAQ, and either succeeded with a workaround, or discovered the futility as well. I'm upgrading a remote box, so a "standard upgrade" is not an option, nor is a reinstall. There was no warning in the FAQ that the information was definitely broken. It must have worked for *someone* or it wouldn't have been put in the FAQ, I presume. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
stuck on "upgrading from 3.7 to 3.8 - Exception handling flag day"
>From http://openbsd.org/faq/upgrade-old.html I see that I need to issue the following: # cd /usr/src/gnu/lib/libstdc++ # make -f Makefile.bsd-wrapper cleandir # make -f Makefile.bsd-wrapper obj # make -f Makefile.bsd-wrapper # make -f Makefile.bsd-wrapper install I have updated my gcc (3 times now :). When I get to the next-to-last step (before install), my build aborts with: c++ -I/usr/src/gnu/lib/libstdc++/../../usr.bin/gcc/gcc -I/usr/src/gnu/lib/libstdc++/../libiberty/include -I/usr/src/gnu/lib/libstdc++/obj/include/i386-unknown-openbsd3.8 -I/usr/src/gnu/lib/libstdc++/obj/include -I/usr/src/gnu/lib/libstdc++/libstdc++/libsupc++ -O2 -pipe -fno-implicit-templates -Wall -Wno-format -W -Wwrite-strings -fdiagnostics-show-location=once -ffunction-sections -fdata-sections -c /usr/src/gnu/lib/libstdc++/libstdc++/libsupc++/eh_alloc.cc -fPIC -DPIC -o eh_alloc.o In file included from /usr/src/gnu/lib/libstdc++/obj/include/cstdlib:49, from /usr/src/gnu/lib/libstdc++/libstdc++/libsupc++/eh_alloc.cc:33: /usr/src/gnu/lib/libstdc++/obj/include/i386-unknown-openbsd3.8/bits/c++config.h:35:29: bits/os_defines.h: No such file or directory *** Error code 1 Stop in /usr/src/gnu/lib/libstdc++/obj/libsupc++. *** Error code 1 Stop in /usr/src/gnu/lib/libstdc++/obj (line 304 of Makefile). *** Error code 1 Stop in /usr/src/gnu/lib/libstdc++/obj (line 419 of Makefile). *** Error code 1 Stop in /usr/src/gnu/lib/libstdc++ (line 22 of /usr/src/gnu/lib/libstdc++/Makefile.bsd-wrapper). Help! What am I doing wrong? It's holding up a "cd /usr/src && make build" as well. Do I dare issue "make -k" to get past that? -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!