Re: pledge(2) API ideas for libraries
pledge should be used to restrict a program to whatever it is necessary to do, rather than everything the library can do. So if I use libimaginarydb to parse a csv file I've already read into a memory buffer (nearly pledge("", NULL)), but the library can read/write/create files, do remote db connections, and fork shells, we don't want it to do all that (pledge("rpath wpath cpath dns inet exec proc", NULL)). > On Jun 13, 2016, at 12:56 PM,wrote: > > I have thought of a way pledge(2) can be made a little more > library-friendly. > > This is not a patch, but just a thought. > There are 2 setups I have thought of: > > === 1. Variable arguments === > > int pledge(const char *promises, const char *paths[]) > { >return vpledge(1, promises, paths); > } > > int vpledge(const size_t npledge, ...); > > - > > In a program, this may be something like this: > > #include > #include > #include > #include > #include > #include > > int main(void) { >if(vpledge(5, "stdio rpath wpath cpath", NULL, >ultra_promises, ultra_pledgepaths, >extra_promises, NULL, super_promises, NULL, >mecha_promises, mecha_pledgepaths) == -1) >errx("pledge"); > >... [other code] ... > }; > > > --- > > In vpledge(), "npledge" refers to the number of pledge-pairs, which > consist of: > >const char *promises, const char *paths[] > > These have the same semantics as the original pledge(). > > A library can export *_promises and *_pledgepaths symbols, pointing to > static text. This allows the library to change without the program > being affected because the new library changes call something outside > the original pledge() of a program. > > = 2. Using a struct == > > - > > struct pledge { >char *promises; >char *paths[]; > }; > > - > > int pledge(const char *promises, const char *paths[]) > { >struct pledge pl = { >.promises, paths >}; > >return pledges(1, ); > } > > int pledges(const size_t npledge, const struct pledge pledge_array[]); > > - > > In a program, this may be something like this: > > #include > #include > #include > #include > #include > #include > > int main(void) { >struct pledge pl[4]; > >pl[0].promises = "stdio rpath wpath cpath"; >ultra_getpledge([1]); >extra_getpledge([2]); >super_getpledge([3]); >mecha_getpledge([4]); > >if(pledges(5, pl) == -1) >errx("pledge"); > >... [other code] ... > > > }; > > > --- > > > A library can tell the application what pledges are in use as follows: > > > static const char *pledge_promises = "stdio fattr sendfd recvfd" > > void ultra_getpledge(struct pledge *const pl) > { >pl->promises = pledge_promises; >pl->paths = NULL; > } > > > == > > I think that #1 has the advantage of it being easier to code so a > program can ratchet down its abilities. #2 allows one to group the > pledge arguments into a single struct. > > Thoughts?
Re: wifind(8) find your wifi
> On Jun 3, 2016, at 8:42 PM, Erling Westenvikwrote: > As much as I endorse and approve of any effort to create a good solution > for handling wifi's, I must say I find the use of perl and json > unnecessary for such a project. I've been using a "pure ksh" solution > named wiconfig since 2013 and which was posted here at @misc back in > 2011 or 2012: I've checked out wiconfig prior to wifind, but I couldn't figure out how to use it, and couldn't figure it out from the 500-line shell script. This script, for now, merely parses a config file and ifconfig scan output and writes a new hostname.if. I understand it. > http://openbsd-archive.7691.n7.nabble.com/wiconfig-simplifies-the-configurati on-of-wireless-interfaces-td89829.html > > It is available on github: > > https://github.com/devious/wiconfig/blob/master/wiconfig > > wiconfig: > - Works great with apm/resume, including trunk(4) interfaces. > - Has no dependencies. Just pure old fashioned ksh. This is a nice benefit, as it can be run even when upgrading, theoretically. > - Stores (accepted) connections in plain text format. (/etc/wiconfig.db) I couldn't figure this out from the documentation and code, unfortunately. > - Handles quoted nwids. Does it handle nwids with quotes within, eg "network "name""? > - Does not require writing to /etc/hostname.if-files. The reason I chose to write hostname.if files is upgrades. I don't expect this program to be functional during upgrades, nor any other non-base solution. So the simplest solution was to save the latest best-known network configuration so that the network would have a decent chance of being usable during upgrades. Cheers, Ray
Re: wifind(8) find your wifi
On Fri, 3 Jun 2016 10:33:47 +0100 skin...@britvault.co.uk (Craig Skinner) wrote: > Hi Ray, > > On 2016-06-03 Fri 00:26 AM |, Ray Lai wrote: > > > > I got tired of configuring my wifi every time I had to move my laptop. > > Here's a script a whipped up. > > port it up: http://www.OpenBSD.Org/faq/ports/guide.html > > Cheers! Done: http://permalink.gmane.org/gmane.os.openbsd.ports/80223
Re: wifind(8) find your wifi
On Fri, 3 Jun 2016 15:52:34 +0200 Stefan Sperlingwrote: > On Fri, Jun 03, 2016 at 03:22:19PM +0200, Kamil Cholewiński wrote: > > Perhaps it's time that the best tool be chosen and made a part of the > > base install? I've already seen like a 100 different OBSD WiFi scripts > > floating around the 'net, and naturally I also have a DIY one. > > No scripts for this, please. > > We need a well engineered to make the kernel handle this, perhaps with some > help from userland. Various ideas have been porposed (not always on list, > but mostly during face-to-face discussions at hackathons). > > What we need is someone who wants to sit down and drive the project home, > i.e. wrap up the design discussion within the community and write the code. > I'm up for helping people through this, but it really needs someone else > dedicated to take responsibility for this project and the implementation. > > One thing we should probably fix first is roaming support in the kernel. Do you mean 802.11r support?
Re: wifind(8) find your wifi
> On Jun 3, 2016, at 8:59 PM, Etienne <etienne.m...@magickarpet.org> wrote: > On 06/03/16 05:12, Ray Lai wrote: >>> >>> #!/bin/sh >>> >>> if [[ $1 == "home" ]]; then >>>doas ifconfig run0 nwid foonet wpa wpakey ultrasecret >>>doas dhclient run0 >>> fi >> Yup. The goal of wifind is to do exactly this, the moment I resume my laptop, >> without my interaction. > May I know what's triggering it? I have something similar, but I need to click on a button to run it. /etc/apm/resume Check apmd(8)
Re: wifind(8) find your wifi
> On Jun 3, 2016, at 6:17 AM, Gleydson Soareswrote: > > I usually just use a small script that lives in ~/bin > > cat ~/bin/wifi > > #!/bin/sh > > if [[ $1 == "home" ]]; then >doas ifconfig run0 nwid foonet wpa wpakey ultrasecret >doas dhclient run0 > fi Yup. The goal of wifind is to do exactly this, the moment I resume my laptop, without my interaction. Ray
Re: wifind(8) find your wifi
> On Jun 3, 2016, at 2:36 AM, Kamil Cholewiński <harry6...@gmail.com> wrote: >> On Thu, 02 Jun 2016, Ray Lai <r...@raylai.com> wrote: >> use JSON::PP; > > That's just my personal opinion, but JSON sucks for configuration files. > It's more of a human-readable data interchange format. > > It feels like the same functionality can be achieved with something much > simpler, getent or CSV style. I agree. All I need are hashes and arrays. Any examples would be welcome, I'm open to changing the file format. But as wifind.conf(5) says, I chose json because it's included in Perl. I was more concerned with having a set-it-and-forget-it solution. The config file is a minor detail that can be changed. > >> my $tmp = "/etc/wifind.tmp"; > > mkstemp? Will fix >> Please avoid nwid or wpakey with quotes, dollar signs, or backslashes. > > Without knowing or assuming much about how WiFi works, why would this be > a concern in a well-designed program? Currently wifind parses 'ifconfig if scan' output, which, according to my reading of the code, simply adds "double quotes" around any nwid with white space when printing. (I've not tested my theory that nwid with " in the name would cause problem. ) Likewise, netstart takes nwid and wpakey, which could include spaces, but as netstart is a shell script, I have not tested what happens when the values contain backslashes, dollar signs, or double quotes. Caveat emptor! Thanks for your feedback, I appreciate it! Ray
wifind(8) find your wifi
Hi all, I got tired of configuring my wifi every time I had to move my laptop. Here's a script a whipped up. It scans the wifi for known networks and writes the strongest one to /etc/hostname.if. Then it runs netstart. Easy to use, simple config file, no arguments needed, perfect for /etc/apm/resume. Oh, and it uses pledge for good measure. I hope this is helpful! Ray wifind(8) System Manager's Manual wifind(8) NAME wifind – connect to known wifi networks SYNOPSIS wifind DESCRIPTION The wifind utility scans for the strongest recognized wifi networks, writes an appropriate hostname.if(5) file, and starts the network with /etc/netstart(8). FILES /etc/wifind.conf EXIT STATUS Exits 0 on success, 1 if no network found. EXAMPLES Add the following line to your /etc/apm/resume: wifind SEE ALSO hostname.if(5) HISTORY I got really tired of editing hostname.if(5) every time I moved my laptop. AUTHORS Ray Lai <r...@raylai.com> CAVEATS Please avoid nwid or wpakey with quotes, dollar signs, or backslashes. I'm sorry if you dislike Perl, but it comes stock with OpenBSD. OpenBSD 6.0 June 3, 2016 OpenBSD 6.0 == wifind == #!/usr/bin/env perl # Written by Ray Lai <r...@raylai.com>. # Public domain. use JSON::PP; use OpenBSD::Pledge; use strict; use warnings; my $ifconfig = '/sbin/ifconfig'; my $tmp = "/etc/wifind.tmp"; my $head = "lladdr random\n" . "-chan -bssid -wpakey\n"; my $tail = "dhcp\n"; sub slurp { my $file = shift; open F, '<', $file or die "Can't read $file: $!"; local $/; # enable slurp mode, locally. my $data = ; close F; $data; } sub write_hostname_if { my ($if, $ap) = @_; my $hostname_if = "/etc/hostname.$if"; umask 077; open TMP, '>', $tmp or die "Unable to open $tmp: $!"; print TMP $head; # set nwid, bssid, chan printf TMP 'nwid "%s"', $ap->{nwid}; printf TMP ' bssid "%s"', $ap->{bssid} if $ap->{bssid}; printf TMP ' chan "%s"', $ap->{chan} if $ap->{chan}; print TMP "\n"; # wpa needs to be set after nwid printf TMP "wpakey \"%s\"\n", $ap->{wpakey} if $ap->{wpakey}; print TMP $tail; close TMP; rename $hostname_if, "$hostname_if.orig" or die "rename failed: $!"; rename $tmp, $hostname_if or die "rename failed: $!"; print STDERR "found $ap->{nwid}, wrote $hostname_if\n"; } # we only need rpath to read config file pledge(qw( rpath wpath cpath proc exec )) || die "Unable to pledge: $!"; my $conf = decode_json(slurp '/etc/wifind.conf'); my $wlan = $conf->{wlan}; my $if = $conf->{if}; # initial scan open L, '-|', $ifconfig, $if, 'scan' or die "Can't open pipe: $!"; pledge(qw( rpath wpath cpath exec )) || die "Unable to pledge: $!"; for () { if (/^\s+nwid (.+) chan (\d+) bssid ([0-9a-f:]+) (-\d+)dBm ([\w-]+) ([\w,-]+)\s*$/) { my ($nwid, $chan, $bssid, $dbm, $mystery, $csv) = ($1, $2, $3, $4, $5, $6); my %cap = map { $_ => 1 } split(/,/, $csv); # remove quotes from nwid, if any $nwid =~ s/^"(.*)"$/$1/; # reject hostile characters if ($nwid =~ /["\\\$]/) { print STDERR "malformed nwid: $nwid\n"; next; } # check for recognized access points # i assume we will match the strongest signal first for my $ap (@$wlan) { next if $ap->{nwid} ne $nwid || ($ap->{bssid} && $ap->{bssid} ne $bssid) || ($ap->{chan} && $ap->{chan} ne $chan) || ($ap->{wpakey} && !$cap{wpa2}); # reject hostile characters if ($ap->{wpakey} =~ /["\\\$]/) { print STDERR "malformed wpakey\n"; next; } write_hostname_if $if, $ap; exec '/bin/sh', '/etc/netstart', $if or die "exec failed: $!"; } } } print STDERR "no network found\n"; exit 1; = wifind.conf.5 = .\" $OpenBSD$ .\" .\" Written by Ray Lai <r...@raylai.com>. .\" Public domain. .\" .Dd $Mdocdate$ .Dt WIFIND.CONF 5 .Os .Sh NAME .Nm wifind.conf .Nd wifind
Re: Can't use sshfs as user
I've fixed "sshfs -o idmap=user", please test and give feedback: https://marc.info/?l=openbsd-tech=146383589632694=2 Index: fuse_opt.c === RCS file: /home/cvs/src/lib/libfuse/fuse_opt.c,v retrieving revision 1.15 diff -u -p -r1.15 fuse_opt.c --- fuse_opt.c 19 Oct 2015 17:24:07 - 1.15 +++ fuse_opt.c 21 May 2016 12:53:57 - @@ -247,13 +247,14 @@ parse_opt(const struct fuse_opt *o, cons ret = f(data, [idx], o->val, arg); else ret = f(data, val, o->val, arg); - } - - if (o->off != ULONG_MAX && data && o->val >= 0) { - ret = f(data, val, o->val, arg); - int *addr = (int *)(data + o->off); - *addr = o->val; - ret = 0; + /* exact match, e.g. "idmap=user" (instead of "idmap=%s") */ + } else if (keyval && strcmp(val, o->templ) == 0) { + if (data && o->val >= 0) { + ret = f(data, val, o->val, arg); + int *addr = (int *)(data + o->off); + *addr = o->val; + ret = 0; + } } if (ret == -1)
Re: pftpx
On Thu, May 25, 2006 at 08:28:12PM +0100, Gaby vanhegan wrote: The last mention of this on misc@ was march, and not much prior to that. Does anybody have any good/bad experiences with pftpx? I plan to use it to proxy incoming FTP connections, the opposite of what I'd use ftp-proxy for... It's been imported as the new ftp-proxy: http://marc.theaimsgroup.com/?m=111708277030478 -Ray-
Re: bash vs. ksh
On Wed, May 10, 2006 at 04:35:46PM -0400, Michael Erdely wrote: Janjaap van Velthooven wrote: Luke Bakken wrote: cmd1 21 $WHERE What you would want is cmd1 $WHERE 21 I was going to respond with the exact same thing. Then, just for kicks, I decided to read ksh(1) from 3.9 and searched for 2. I found: $ cat /foo/bar 21 /dev/null | cat -n Here's a patch: --- ksh.1.orig Wed May 10 16:33:50 2006 +++ ksh.1 Wed May 10 16:34:27 2006 @@ -2108,7 +2108,7 @@ pipelines are created and in the order they are given, so the following will print an error with a line number prepended to it: .Pp -.D1 $ cat /foo/bar 2\*(Gt1 \*(Gt /dev/null \*(Ba cat -n +.D1 $ cat /foo/bar \*(Gt /dev/null 2\*(Gt1 \*(Ba cat -n .Ss Arithmetic expressions Integer arithmetic expressions can be used with the .Ic let Did you read the text above the example? -Ray-
Re: www.openbsd.org defaults to Japanese
On Tue, May 02, 2006 at 11:26:37PM +, Tan Dang wrote: Any reason why www.openbsd.org displays Japanese by default now? April Fools! -Ray-
Re: OpenBSD via serial line
On Tue, May 02, 2006 at 12:15:09PM +1000, John Kintaro Tate wrote: I was wondering about installing OpenBSD on a very old laptop (no cdrom) via serial line. I am aware it would take literally ages. I am guessing slip would be the way to go, I have never used it before. Does anyone have anything they can point me at with a reasonable introduction, such as certain manpages etc. No network? -Ray-
Re: Problem Compiling Stevens' Socket Source Code
On Tue, Apr 25, 2006 at 12:10:14AM +0200, Tobias Ulmer wrote: Here's a patch that removes all(?) warnings/errors from the intro chapter if you followed the instructions in the readme... diff -ru unpv13e.orig/intro/byteorder.c unpv13e/intro/byteorder.c --- unpv13e.orig/intro/byteorder.cThu Nov 14 04:33:33 2002 +++ unpv13e/intro/byteorder.c Tue Apr 18 04:39:40 2006 @@ -18,7 +18,7 @@ else printf(unknown\n); } else - printf(sizeof(short) = %d\n, sizeof(short)); + printf(sizeof(short) = %zd\n, sizeof(short)); Use %zu for sizeof(), since it returns size_t, an unsigned type. -Ray-
Re: Verizon PC5740 card (Curitel Communications) wireless WAN card
On Mon, Apr 24, 2006 at 08:52:09PM -0500, Chris Paul wrote: Thanks to Jolan's recommendation to fiddle with umodem.c has helped. I now have #define UMODEMIBUFSIZE 2048 #define UMODEMOBUFSIZE 2048 It works quite well now except that almost everytime I pull out the card, OpenBSD freezes. I guiltily admit that this may be due to me using an instable window manager (fvwm 2.5). I supposed I could try killing the window manager next time. Try doing that in console mode instead of X, you'll probably get a kernel panic. Follow the instructions. -Ray-
Re: heads up about filesystem troubles
On Wed, Apr 12, 2006 at 04:49:29PM +0200, Jonathan Thornburg wrote: Hi, The window of danger was booting a kernel from any time _after_ 2 weeks ago and running a fsck from any time _before_ 4 days ago. If you have booted a new kernel, do not use the old fsck. Do I infer correctly from the following paragraph I have backed out the new superblock changes. The next snapshot will not upgrade the superblock and will simply use the old format. You are encouraged to move away from any snapshot installed in the last 2 weeks. that these changes *only* went into -current, and did *not* go into -stable? Yes. -Ray-
Re: OpenBSD todo list?
On Mon, Apr 10, 2006 at 08:44:36PM -0700, Shawn Nock wrote: A quick search of the archive and google didn't turn anything up, so I'll ask here. Is there (if not could there be) a document that describes portions of the tree that particularly need attention? I am looking for a way to contribute and without a little direction the task seems daunting. The FreeBSD folks recently started maintaining such a todo list. It seems to have worked out fairly well for them. I realize that those in a position to put together such a list are also the ones not likely to have the time, but I believe this could prove useful (I assume there are more like me who are new and/or haven't found a comfort zone/focus yet). OpenRCS needs help. Diffs that implement missing functionality, diffs that match GNU RCS behavior in existing functions, and additional regression tests are all welcome. I look forward to your code. -Ray-
Re: RedBlack trees
On Thu, Apr 06, 2006 at 05:07:14PM -0300, Gustavo Rios wrote: Hey folks, i saw OpenBSD comes with a library that implements a redblack tree features. I know there are many ways to implement it. The difference is in performance. I don't know the fastest one. May some of the openbsd friends suggest one? Thanks a lot for your time and cooperation. man tree(3) -Ray-
Re: Spamd and verbose logging...
On Mon, Mar 27, 2006 at 09:53:01AM -0700, Jeff Ross wrote: Hi all, I'm trying to understand why spamd isn't doing any verbose logging on my mail server. Spamd is working fine, so this is more curiosity/learning than anything else. NOTE: I have replaced the standard syslog with socklog. I understand that this may be a socklog problem and not a spamd problem, but socklog is working fine with other processes logging to syslog (including chrooted httpd error logs) so I thought I'd start here. Do you have socklog logging from /var/empty/dev/log? spamd chroots to /var/empty. -Ray- I use this in /etc/rc.conf.local: spamd_flags=-v -p 8024 -G 25:4:864 spamd_grey=YES spamlogd_flags= and the correct parameters are being picked up by spamd: [EMAIL PROTECTED]:/tmp $ ps -wwwaux | grep [s]pam _spamd 18445 0.0 0.2 8720 548 ?? Is11Mar06 22:08.83 spamd: (pf spamd-white update) (spamd) _spamd 290 0.0 1.9 9892 4888 ?? S 11Mar06 32:48.75 /usr/libexec/spamd -v -p 8024 -G 25:4:864 -g _spamd2714 0.0 0.2 8688 376 ?? I 11Mar061:43.45 spamd: (/var/db/spamd update) (spamd) root 19930 0.0 0.1 380 348 ?? Is11Mar060:25.46 /usr/libexec/spamlogd Some logging, and logging at the debug level, does occur. 2006-03-27 07:28:41.855565500 daemon.debug: spamd[18445]: whitelisting 209.59.202.133 in /var/db/spamd I ran ktrace on spamd with the following: sudo ktrace -id -p 290 -f /tmp/spamd.trace and even caught a spammer in action ;-) 290 spamdEMUL native 290 spamdRET select 1 290 spamdCALL read(0x7,0x84e0,0x4000) 290 spamdGIO fd 7 read 388 bytes spamd-greytrap;Your address %A has mailed to spamtraps here\\n;12.24.45.234/32;140.134.27.177/32;194.\ 50.7.57/32;200.243.249.130/32;200.50.112.201/32;200.86.156.91/32;200.90.205.20/32;201.215.80.209/32;203\ .200.147.5/32;212.158.149.62/32;216.127.70.18/32;217.125.161.0/32;222.165.171.51/32;69.63.58.88/32;81.5\ 7.208.215/32;82.194.48.154/32;82.224.12.56/32;82.67.89.103/32;84.227.237.99/32; 290 spamdRET read 388/0x184 290 spamdCALL gettimeofday(0xcfbe6d88,0) 290 spamdRET gettimeofday 0 290 spamdCALL select(0xb,0x80eb4080,0x80eb40e0,0,0) 290 spamdRET select 1 290 spamdCALL accept(0x3,0xcfbe6e14,0xcfbe6de0) 290 spamdRET accept 5 290 spamdCALL gettimeofday(0xcfbe6d58,0) 290 spamdRET gettimeofday 0 290 spamdCALL mmap(0,0x2000,0x3,0x1002,0x,0,0,0) 290 spamdRET mmap 2142023680/0x7facb000 290 spamdCALL mmap(0,0x1000,0x3,0x1002,0x,0,0,0) 290 spamdRET mmap -2040590336/0x865f1000 290 spamdCALL getpid() 290 spamdRET getpid 290/0x122 290 spamdCALL socket(0x1,0x2,0) 290 spamdRET socket 8 290 spamdCALL fcntl(0x8,0x2,0x1) 290 spamdRET fcntl 0 290 spamdCALL connect(0x8,0xcfbe6030,0x6a) 290 spamdNAMI /dev/log 290 spamdRET connect -1 errno 2 No such file or directory 290 spamdCALL close(0x8) 290 spamdRET close 0 290 spamdCALL sendto(0x,0xcfbe6530,0x2f,0,0,0) 290 spamdRET sendto -1 errno 9 Bad file descriptor 290 spamdCALL socket(0x1,0x2,0) 290 spamdRET socket 8 290 spamdCALL fcntl(0x8,0x2,0x1) 290 spamdRET fcntl 0 290 spamdCALL connect(0x8,0xcfbe6030,0x6a) 290 spamdNAMI /dev/log 290 spamdRET connect -1 errno 2 No such file or directory 290 spamdCALL close(0x8) Yet, /dev/log certainly does exist: ls -al /dev/log srwxrwxrwx 1 root wheel 0 Mar 11 13:10 /dev/log I've read the connect(2) man page (and again and again), but other than the fact that connect is failing and returning -1 and errno, I'm stuck. Any clues or pointers in how better to investigate would be greatly appreciated. Jeff
Re: openbsd and the money
On Mon, Mar 27, 2006 at 09:57:25PM +0200, Tobias Kirschstein wrote: On Mon, 27 Mar 2006 13:50:04 +0200 Henning Brauer [EMAIL PROTECTED] wrote: * Tobias Kirschstein [EMAIL PROTECTED] [2006-03-25 20:26]: Maybe our friends of humppa.com will make a Humppa OpenBSD Support Tour 2006 or add them to the 11 OpenBSD songs. ... as you mention it: an (maybe more funny) idea would be some benefit humppa concerts with e.g. Elaekelaeiset where some percent of the entrance fee will be donated to the OpenBSD project. Some CDs and t-shirts can be sold there, too. This way nobody has to pay for any have you organzied that yet? is this a rhetorical question? :) no i haven't, but oliver and i will meet Elaekelaeiset next week in regensburg maybe i could ask them there if they are interested in such a thing at all. it doesn't hurt to ask. (This rant applies to every respondent to these threads, not one person in particular.) But it does. Ideas like these have been filling up my mailbox and wasting everybody's time and bandwidth. Under your logic, spam doesn't hurt either. Prank calls don't hurt. What you don't realize is that it wastes everybody's time to read and respond. That doesn't even take into account the implementation cost of each idea. Want to help? Really help? Just do it. Organize a benefit Humppa concert, then let us know. Set up collection funds, sell MMs for $1 each, whatever. Whatever idea it is you have, implement it. Then pass the proceeds to the project. This has been done in the past. That's how the G5 was donated to the project. Someone stepped up to organize the collection funds and once the funds were complete the money was sent to the appropriate people. Do you think the same thing would have happened if 50 people just kept saying, Apple should donate to OpenBSD. Somebody should organize a fund raiser. Let's sign up for an online petition!? You may think your ideas are easy to set up and that you are being helpful by submitting more and more ideas (despite being repeatedly told otherwise), but all these things take time to do, and every idea without an action just wastes time. -Ray-
Re: UPEK Fingerprint-Reader (ThinkPad Notebooks)
On Fri, Mar 24, 2006 at 02:24:31AM +, Deanna Phillips wrote: Karsten McMinn [EMAIL PROTECTED] writes: On 3/20/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Oops, that's a good heads up. I was considering getting an R51. Is that going to have an unsupported wireless NIC? Paul ath0 at pci4 dev 0 function 0 Atheros AR5212 (IBM MiniPCI) rev 0x01: cannot map register space I've turned all knobs on the laptop (rf switch, varios bios settings, bios versions etc) to no avail. Its on my todo list though. Huh. ath0 at pci4 dev 2 function 0 Atheros AR5212 (IBM MiniPCI) rev 0x01: irq 11 What's in your /etc/hostname.ath0? You can XXX out the IPs if you want, I'm mainly interested in what parameters you pass ifconfig. Thanks! -Ray-
Re: Reminder about the X Aperture
On Thu, Mar 16, 2006 at 01:56:44PM -0800, A Rossi wrote: snip modern PC video card architecture containing a large quantity of PURE EVIL. This joke has a whole new meaning... http://ctrlaltdel-online.com/comic.php?d=20021029 As an aside, there are no alternative windows systems that are functional or secure? Use a -current Zaurus. And I think you mean functional AND secure. =) -Ray-
Re: Fw: Why packets are not blocked
On Tue, Mar 07, 2006 at 09:48:14PM -0600, Jim wrote: don't forget to flush/kill states if you want existing connections to be torn down. How do I do that? pfctl -k -Ray-
Re: Dependancies with make search key=
On Tue, Feb 28, 2006 at 04:04:46PM -0600, Harry Putnam wrote: Maybe I don't understand what the dependancy lines are supposed to do. I thought they would list any dependancies. I have no part of X installed so should I see some dependancies listed here? # make search key=ratpoison Port: ratpoison-1.3.0p1 Path: x11/ratpoison Info: minimal wm based on GNU screen Maint: William Yodlowsky [EMAIL PROTECTED] Index: x11 L-deps: B-deps: R-deps: Archs: any I guess this means ratpoison is unbelievably lightweight, having no dependencies (other than X, of course). -Ray-
Re: systrace filename exists rule
On Mon, Feb 27, 2006 at 05:48:26PM +0200, [EMAIL PROTECTED] wrote: i was writing a systrace rule and i could not find a way to create a rule that would permit writing to a file but only if it does not exists, so it could only create new files but not override old ones. Would that require a new feature to systrace or is it already possible do it in a way that I'm not seeing. Use ``systrace -u''. It allows for finer-grained control of system calls. -Ray-
Re: squid cachemgr: Unknown host: localhost
On Fri, Feb 24, 2006 at 09:57:24PM +0100, Martin Schr?der wrote: Hi, I've a firewall/proxy with 3.7 running a named and transparent squid. I want to use cachemgr.cgi, so I've setup apache to listen on port 8080 and copied /usr/local/libexec/cachemgr.cgi to /var/www/cgi-bin Now, the Cache Manager Interface comes up on http://firewall:8080/cgi-bin/cachemgr.cgi, but whatever I enter (or if I simply press Continue), I always get an error page: Cache Manager Error Unknown host: localhost I'm stymied; dig localhost works. :-( Any clues? Apache is chrooted so it has no access to /etc/hosts and /etc/resolv.conf. Try changing all ``localhost'' references to ``127.0.0.1'' in the CGI. -Ray-
Re: auto-adding bad hosts to a table
On Wed, Feb 22, 2006 at 02:47:02PM -0500, Chris Smith wrote: In addition to preventing infected PC's from using their own SMTP engine to send out spam by blocking port 25 from all but the mail server. I would also like to add those hosts automatically to a table in order to block their access altogether so that the infected PC's cannot attempt other damage. How can this be accomplished? Do ``block in log on port 25'' and listen to pflog0 to add bad hosts. Basically the opposite of spamlogd(8). -Ray-
Re: auto-adding bad hosts to a table
On Wed, Feb 22, 2006 at 03:31:41PM -0500, Daniel Ouellet wrote: Chris Smith wrote: In addition to preventing infected PC's from using their own SMTP engine to send out spam by blocking port 25 from all but the mail server. I would also like to add those hosts automatically to a table in order to block their access altogether so that the infected PC's cannot attempt other damage. How can this be accomplished? You can use PF for that. pass connection from any to your smtp server and block everything else to port 25 with log into a table. You also use that table to block all outgoing connections. Can you really log into a table? I don't see anything in pf.conf(5) for that. -Ray-
Re: auto-adding bad hosts to a table
On Wed, Feb 22, 2006 at 04:17:35PM -0500, Daniel Ouellet wrote: Ray Lai wrote: On Wed, Feb 22, 2006 at 03:31:41PM -0500, Daniel Ouellet wrote: Chris Smith wrote: In addition to preventing infected PC's from using their own SMTP engine to send out spam by blocking port 25 from all but the mail server. I would also like to add those hosts automatically to a table in order to block their access altogether so that the infected PC's cannot attempt other damage. How can this be accomplished? You can use PF for that. pass connection from any to your smtp server and block everything else to port 25 with log into a table. You also use that table to block all outgoing connections. Can you really log into a table? I don't see anything in pf.conf(5) for that. Why not? spamd use it and you can do many things. I use something like this for example to limit the connection to ssh. Just reverse it to limit connection to smtp instead. And then instead of blocking the users in the table to the port ssh only, block all. Just play with it, it's fun! (: I use different rules to trap various virus for example. Very efficient! snip # define macros for each network interface ext_if=fxp0 snip # Define some variable for clarity SSH_LIMIT=(max-src-conn-rate 5/30, overload bad_ssh flush global) snip # Table directive table bad_ssh persist file /var/log/bad_ssh snip # Allow quick valid traffic to ssh but log all attempts as well block return-rst log quick proto tcp from bad_ssh label ssh-pirate pass in log quick on $ext_if inet proto tcp from !bad_ssh \ to $ext_if port ssh flags S/SA keep state \ $SSH_LIMIT label ssh snip Then you add a cronjob to update your file /var/log/bad_ssh once a day or something in case you patch your box and reboot as to not loose the list. Or you can flush it every 24 hours as well, your choice really if you want to be more forgiving. I thought you meant you could do something like: block in log-table zombie to port 25 where zombie is updated automatically. -Ray-
Re: auto-adding bad hosts to a table
On Wed, Feb 22, 2006 at 04:48:19PM -0500, Daniel Ouellet wrote: Ray Lai wrote: I thought you meant you could do something like: block in log-table zombie to port 25 where zombie is updated automatically. If you read on the PF and look at what I send you, you will see that bad-ssh IS updated automatically. That's what the line: (max-src-conn-rate 5/30, overload bad_ssh flush global) does. After 5 connection in 30 seconds, the IP address is put automatically into the table bad_ssh and flush global remove any state in the PF table. Just adjust the max-src-conn-rate 5/30 for what you want. Hope this make it more clear. Ah, neat. -Ray-
Re: filesystem full problem
On Fri, Feb 17, 2006 at 02:54:43PM +0100, Adam Papai wrote: Hello list, I've run into a problem. My /var reached the 105% disk usage. I've deleted 1.5G from /var but the df shows me still 2Gb. du -csh /var shows 38M What can I do? I tried: sync but nothin happens. The programs can't write to /var so it intiditaces a little deffect.. What's the solution? Only the reboot? There is probably a program that is running with an open file handle. Whichever program caused your /var to be filled up is probably still growing that file, so you have to close it. Try fstat(1). -Ray-
Re: iwlist scan equivalent command under OpenBSD
On Thu, Feb 16, 2006 at 05:17:30PM +0100, Ramiro Aceves wrote: Hi OpenBSD fans. I have been googling around and have not been able to solve this question. ?How can one discover what wireless networks are available under OpenBSD? I am used to the iwlist scan eth0 under Linux, and I hate to halt OpenBSD and boot Linux only to discover the networks, then come back and start OpenBSD again to continue the configuration. What is the OpenBSD equivalent to Linux iwlist? Anyway, my Intel 2200 card is recogniced very well under OpenBSD with iwi driver. Thank you very much in advance. I usually use the kismet package, but I think you can do ``ifconfig -M'' as well. -Ray-
Re: xargs PF or BPF
On Tue, Feb 14, 2006 at 11:39:45AM +0100, Otto Moerbeek wrote: On Tue, 14 Feb 2006, Michael Schmidt wrote: Matthias Kilian wrote: And watch out for silly file names containing whitespace. BTW: if this is a contest on creative use of find(1) and other standard tools: $ find . -type f | sed '[EMAIL PROTECTED]@grep -l -- foo @' | sh Yes, this isn't robust against whitespace, either PLUS it's inefficient. But in some cases the find ... | sed ... | sh pattern is quite useful. Sometime ago I have had the same problem with spaces in filenames and dealing with them as xargs parameters. There I have used (here only as an example): find . -print | grep -i ' ' | xargs -I {} ls -ald {} FYI, that has been on a non-OpenBSD system. I4m not at my OpenBSD system at the moment, so I can4t check whether OpenBSD xargs supports the shown options. Maybe someone may test it. One may check this at a directory with space-containing filenames. Without the -I {} and {} parts you get funny output. Well, -print0 in find and xargs -0 are designed to deal with that. Sadly these are not in POSIX (which is not documented correctly in the xargs case). Does this diff fix it? (I also added a comma after the last -R.) -Ray- Index: xargs.1 === RCS file: /cvs/src/usr.bin/xargs/xargs.1,v retrieving revision 1.15 diff -u -r1.15 xargs.1 --- xargs.1 12 Sep 2005 09:44:59 - 1.15 +++ xargs.1 14 Feb 2006 13:37:48 - @@ -316,7 +316,8 @@ .St -p1003.2 compliant. The -.Fl J , o , P , R +.Fl 0 , J , o , P , +.Fl R , and .Fl r options are non-standard
Re: PF or BPF
On Mon, Feb 13, 2006 at 05:28:22PM -0500, Jason Crawford wrote: Well in the case of /usr/src, I think you must MIGHT hit the maximum argument length for the shell by using xargs, unless you did it inside of each directory in /usr/src. That and well, explaining xargs to Dave will end up leading to another 20+ mail thread xargs runs the command multiple times when it hits this limit: [EMAIL PROTECTED] jot 0 | xargs echo | sed 's/ .*//' 1 5001 10001 15001 20001 25001 ^C The manual tries to describe this behavior: Any arguments specified on the command line are given to the utility upon each invocation, followed by some number of the arguments read from stan- dard input. The utility is repeatedly executed one or more times until standard input is exhausted. -Ray-
Re: Interface ranges in pf.conf (i.e. tun[0-10])
On Mon, Feb 13, 2006 at 11:13:17PM -0500, Ray Lai wrote: On Tue, Feb 14, 2006 at 04:26:29AM +0100, Tobias Ulmer wrote: On Mon, Feb 13, 2006 at 09:28:12PM -0500, kyle wrote: Im having trouble finding out if(I'm sure it does) the pf.conf supports interface ranges and how to implement it. Right now, I have an ugly rule that specifies each interface(tun0, tun1, tun2, etc..). If I somehow missed this in some documentation, please feel free to tell me to STFA or RTFM - but I have checked both the past week and haven't found anything. I also don't have the luxury to just try it out at the moment..Any help is appreciated - thanks! I don't know if this works with regular rules, but there is a recent post from Ray Lai where he points out that it's possible to use just interface instead of interface[0-n] [1]. Wow, I'm referenced. =) I didn't find this documented in pf.conf(5), but maybe I just should get some sleep... They are called ``interface groups'', and there are several of them. ifconfig(8) can show some groups: And is the post by Henning: https://marc.theaimsgroup.com/?m=111894940807554 -Ray-
Re: users filling partitions crashing system
On Tue, Feb 07, 2006 at 11:00:41AM +, MikeyG wrote: Is there any way to direct cores to be saved somewhere else? ... Feb 6 10:36:36 boxname /bsd: WARNING: / was not properly unmounted Feb 6 10:37:37 boxname savecore: reboot after panic: trap type 6, code=2, pc=d033737c Feb 6 10:37:37 boxname savecore: no dump, not enough free space on device Feb 6 13:00:01 boxname syslogd: restart Feb 6 17:00:01 boxname syslogd: restart Feb 7 10:00:01 boxname syslogd: restart And just to check: $ swapctl -l Device 512-blocks UsedAvail Capacity Priority swap_device10483200 1048320 0%0 You also need enough space in /var/crash to store the core dump. See crash(8). -Ray-
Re: pf question - solved
On Thu, Feb 02, 2006 at 05:59:54PM -0500, Dave Feustel wrote: I found the solution in the pf faq: skip lo0. This rule is not mentioned in Artymiak's book which I had been reading. I will now read the complete pf faq to see what I have not been aware of. You can also do ``set skip on lo'' to skip all loopback interfaces (not that most people have more than one). -Ray-
Re: Brain wash for live partition, or directory mirroring concept idea(s)?
On Wed, Feb 01, 2006 at 11:37:19PM -0500, Daniel Ouellet wrote: snip This way, continuous live mirroring can be done and no need for cronjob, etc. And this would be much more efficient as well. snip https://marc.theaimsgroup.com/?l=openbsd-miscm=86187916316 https://marc.theaimsgroup.com/?l=openbsd-miscm=105358689405500 -Ray-
Re: A small patch to make input style in license.template consistent
On Sun, Jan 29, 2006 at 12:37:07PM -0300, Andr??s Delfino wrote: Or... somehow I changed that word when sending the message. Anyway, this is the correct diff: --- license.templateTue Jun 3 19:37:00 2003 +++ license.template.1 Sun Jan 29 12:33:55 2006 @@ -5,11 +5,14 @@ should be separated by a comma, e.g. Copyright (c) 2003, 2004 +Note that less than and greater than signs below must be removed; +they are there for you to enter your own information. + If you add extra text to the body of the license, be careful not to add further restrictions. /* - * Copyright (c) CCYY YOUR NAME HERE [EMAIL PROTECTED] + * Copyright (c) YEAR YOUR NAME YOUR E-MAIL * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above 1. I think the original was clearer (though I prefer to CCYY). What should I type for YEAR, 1984, 84, or Nineteen Eighty-Four? 2. The angle brackets around the e-mail address are lost. 3. ``Copyright (c) CCYY YOUR NAME HERE [EMAIL PROTECTED]'' is obvious enough and does not need an explanatory note. -Ray-
Re: Ralink - device timeout
On Mon, Jan 23, 2006 at 01:20:36PM +0100, Joakim Aronius wrote: * Jonathan Gray ([EMAIL PROTECTED]) wrote: On Mon, Jan 23, 2006 at 12:36:46PM +0100, Joakim Aronius wrote: Hi Anders, From your dmesg: pcibios0 at bios0: rev 2.1 @ 0xfd7a0/0x860 From RAL(4) CAVEATS PCI ral adapters seem to strictly require a system supporting PCI 2.2 or greater and will likely not work in systems based on older revisions of the PCI specification. /jkm I keep saying this no one listens. The pcibios string does _not_ indicate PCI 2.2 compliance or not. If you have a system that can't deal with the 3V PCI 2.2+ cards and you put a ral in it, it will not post. Oh. And how does one know if the system can handle 3V PCI 2.2+ cards? Any hint in the dmesg or do i need to dig up the mobo manual? Depending on jsg's definition of ``post'' (Power On Self Test or post in dmesg?) your system will either refuse to boot or won't show up in the dmesg. That is, if you have a ral card. -Ray-
Re: which cf wifi card for a Zaurus C3100?
On Mon, Jan 16, 2006 at 05:29:02PM +0100, Maik Kuendig wrote: can someone recommend a CF WiFi card for a Zaurus C3100? My dealer has the following cards available: - D-Link DCF-660W - Linksys WCF12-EU I use a Linksys WCF12 (no ``-EU'', bought in the US). Works great. -Ray-
Re: ipv6 tentative address generation
On Tue, Jan 17, 2006 at 01:11:29AM -0600, Travers Buda wrote: Ipv6 allows for stateless configuration of a interface. The IEEE (aka MAC or hardware address) is generally used to generate tentative addresses which commonly end up being the assigned address provided stateful addressing does not exist on the network (such as DHCP.) This is the case in OpenBSD's import of KAME. Since the same method to generate an IP is used over an over (the host has an unchanging, persistant address,) the traffic generated and recieved by hosts would be open to many forms of analysis not necessairly confined to the computing world. For example, when some is at home, at work; what they access could be more easily tied to them (and the hardware they use,) decreasing anonymity. The problem and solution are outlined in RFC 3041. http://www.ietf.org/rfc/rfc3041.txt The solution is to use random data to generate ipv6 stateless addresses. Trying to be productive and not an asshole, Is there a question? If you wish to generate random ipv6 stateless addresses, ``jot -rs: -w%.2x 6 0 255'' and ifconfig(8) work. -Ray-
Re: Linksys WMP55AG (ath0) Not Finding Wireless Network
On Thu, Jan 12, 2006 at 10:55:35PM -0700, Theo de Raadt wrote: Some AR5212 chips seem to have problems, even though they are detected by OpenBSD. I read something about newer firmwares? The atheros chips do not use firmware. Please ignore my ignorance, I meant PHY: http://www.monkey.org/openbsd/archive2/misc/200507/msg00564.html -Ray-
Re: Linksys WMP55AG (ath0) Not Finding Wireless Network
Some AR5212 chips seem to have problems, even though they are detected by OpenBSD. I read something about newer firmwares? Try searching the archives. One person recently reported having success by setting COUNTRYCODE to de and rebuilding his kernel; it didn't work for me but I guess it's worth a shot. Good luck. As this is not a tech@ topic I've moved it back to [EMAIL PROTECTED] -Ray- On Thu, Jan 12, 2006 at 11:24:41PM -0500, [EMAIL PROTECTED] wrote: I apologize for the cross-post, but since this has gone unanswered on misc@ for 3+ days, I figured that it was unlikely to ever get a response there. Hello All, I've got a Linksys WMP55AG that's refusing to see my wireless network. While it's entirely possible that I've misconfigured it, given other somewhat recent posts I've seen about problems with ath devices (i.e. http://marc.theaimsgroup.com/?l=openbsd-miscm=113166150212987w=2), I figure it's also possible that there's some sort of a driver bug, which I'd like to help fix if it exists. My setup should be relatively straightforward: I've got a 3.7-stable system running a National Datacomm NCP130 as an access point. Its relevant info is: dmesg: wi0 at pci0 dev 12 function 0 National Datacomm Corp NCP130 Rev A2 rev 0x01: irq 9 wi0: PRISM2 HWB3163 rev.B, Firmware 0.3.0 (primary), 1.7.1 (station), address 00:80:c6:e3:72:2c wicontrol wi0 output: NIC serial number: [ 99SA0100 ] Station name: [ WaveLAN/IEEE node ] SSID for IBSS creation: [ kirknet ] Current netname (SSID): [ kirknet ] Desired netname (SSID): [ kirknet ] Current BSSID: [ 00:80:c6:e3:72:2c ] Channel list: [ 2047 ] IBSS channel: [ 3 ] Current channel:[ 3 ] Comms quality/signal/noise: [ 0 81 27 ] Promiscuous mode: [ Off ] Process 802.11b Frame: [ Off ] Port type (1=BSS, 3=ad-hoc, 6=Host AP): [ 6 ] MAC address:[ 00:80:c6:e3:72:2c ] TX rate (selection):[ 3 ] TX rate (actual speed): [ 2 ] Maximum data length:[ 2304 ] RTS/CTS handshake threshold:[ 2347 ] Create IBSS:[ Off ] Antenna diversity (0=auto,1=pri,2=aux): [ ] Microwave oven robustness: [ On ] Roaming mode(1=firm,3=disable): [ 1 ] Access point density: [ 1 ] Power Management: [ Off ] Max sleep time: [ 100 ] Enhanced Security mode: [ 0 ] Intersil Prism2-based card: [ 1 ] Card info: [ PRISM2 HWB3163 rev.B, Firmware 1.7.1 ] Encryption: [ On ] Encryption algorithm: [ Firmware WEP ] Authentication type (1=OpenSys, 2=Shared Key): [ 2 ] TX encryption key: [ 1 ] Encryption keys:[ not shown ][ ][ ][ ] ifconfig: wi0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:80:c6:e3:72:2c ieee80211: nwid kirknet nwkey not shown -11dBm (auto) media: IEEE802.11 autoselect hostap (DS2) status: active inet 192.168.1.42 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::280:c6ff:fee3:722c%wi0 prefixlen 64 scopeid 0x3 Several clients with different OSes connect to this AP without hassle, including WinXP SP2, OS X 10.2.8, and Ubuntu's 5.10 release (a 2.6.12 Linux kernel), so clearly the access point is working. My client with the Linksys card shows the following from dmesg: ath0 at pci1 dev 10 function 0 Atheros AR5212 rev 0x01: irq 11 ath0: AR5213 5.6 phy 4.1 rf5111 1.7 rf2111 2.3, FCC1A, address 00:0c:41:16:cb:d4 Going along with man ath, I figured I could just run ifconfig ath0 nwid kirknet nwkey my key and be good to go. After doing so, I can see that the card has picked up the right AP and channel; unfortunately, however, it thinks it's not connected to the network: ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:0c:41:16:cb:d4 media: IEEE802.11 autoselect mode 11b (DS1 mode 11b) status: no network ieee80211: nwid kirknet chan 3 bssid 00:80:c6:e3:72:2c nwkey my key inet 192.168.1.101 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::20c:41ff:fe16:cbd4%ath0 prefixlen 64 scopeid 0x2 What's particularly strange is the output of wicontrol wi0 -l on the access point: 00:04:23:4b:38:fd asid=02d0, flags=3AUTH,ASSOC, caps=31ESS,PRIVACY,SHORT_PREAMBLE, rates=f1M,2M,5.5M,11M, sig=35/14 00:30:65:11:35:b0 asid=0140, flags=3AUTH,ASSOC, caps=11ESS,PRIVACY, rates=f1M,2M,5.5M,11M,
MAXNAMLEN, NAME_MAX, FILENAME_MAX Plus One or Not?
What are the proper uses of MAXNAMLEN, NAME_MAX, and FILENAME_MAX? Do they represent filenames with or without paths? Do they include the terminating null or not? The source seems inconsistent: [EMAIL PROTECTED]/usr/src] egrep -R '(MAXNAMLEN|NAME_MAX) ?\+ ?1' . ./bin/csh/file.c:Charname[MAXNAMLEN + 1], extended_name[MAXNAMLEN + 1]; ./games/hunt/huntd/conf.c: char nm[MAXNAMLEN + 1]; ./gnu/egcs/gcc/config/winnt/dirent.h:char d_name[MAXNAMLEN + 1]; ./gnu/usr.bin/cvs/contrib/dirfns.shar:X chard_name[MAXNAMLEN + 1]; /* name must be no longer than this */ ./gnu/usr.bin/cvs/contrib/dirfns.shar:X chard_name[MAXNAMLEN + 1]; /* name must be no longer than this */ ./gnu/usr.bin/cvs/contrib/dirfns.shar:X((sizeof (struct direct) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3)) ./gnu/usr.bin/cvs/vms/ndir.h: chard_name[MAXNAMLEN+1];/* name of file */ ./gnu/usr.bin/cvs/windows-NT/ndir.h: char d_name[MAXNAMLEN + 1]; /* garentee null termination */ ./gnu/usr.bin/gcc/gcc/config/i386/xm-djgpp.h: static char fixed_path[FILENAME_MAX + 1];\ ./gnu/usr.bin/lynx/WWW/Library/Implementation/HTVMSUtils.c: char d_name[255+1]; /* name (up to MAXNAMLEN + 1) */ ./gnu/usr.bin/lynx/WWW/Library/Implementation/HTVMSUtils.c: * at least MAXNAMLEN + 1 (more may be added for padding). ./gnu/usr.bin/lynx/WWW/Library/Implementation/HTVMSUtils.c: (((sizeof(struct dirent) - (MAXNAMLEN+1) + ((dp)-d_namlen+1)) +3) ~3) ./gnu/usr.bin/perl/doio.c:char newname[FILENAME_MAX+1]; ./lib/csu/common.h:char __progname_storage[NAME_MAX+1]; ./lib/csu/alpha/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/amd64/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/arm/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/hppa/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/i386/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/powerpc/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/sparc/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/sparc64/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/csu/hppa64/crt0.c:char __progname_storage[NAME_MAX+1]; ./lib/libc/gen/authenticate.c: char namebuf[MAXLOGNAME + 1 + NAME_MAX + 1]; ./lib/libc/gen/authenticate.c: char namebuf[MAXLOGNAME + 1 + NAME_MAX + 1]; ./lib/libc/gen/getcwd.c:if (bup + 3 + MAXNAMLEN + 1 = eup) { ./lib/libc/sys/getdirentries.2:char d_name[MAXNAMLEN + 1]; /* see below */ ./lib/libc/sys/.#getdirentries.2.1.19:char d_name[MAXNAMLEN + 1]; /* see below */ ./lib/libc/time/localtime.c:(2 * (MY_TZNAME_MAX + 1)))]; ./lib/libssl/src/crypto/dso/dso_vms.c: char filename[FILENAME_MAX+1]; ./lib/libssl/src/crypto/dso/dso_vms.c: char imagename[FILENAME_MAX+1]; ./sbin/newfs/mkfs.c:u_char d_name[MAXNAMLEN + 1]; ./share/man/man5/dir.5: chard_name[MAXNAMLEN + 1]; /* maximum name length */ ./sys/compat/ibcs2/ibcs2_dirent.h: chard_name[IBCS2_MAXNAMLEN + 1]; ./sys/compat/linux/linux_dirent.h: chard_name[LINUX_MAXNAMLEN + 1]; ./sys/compat/linux/linux_dirent.h: chard_name[LINUX_MAXNAMLEN + 1]; ./sys/compat/linux/linux_getcwd.c:#define DIRENT_MINSIZE (sizeof(struct dirent) - (LINUX_MAXNAMLEN+1) + 4) ./sys/compat/netbsd/netbsd_getcwd.c:#define DIRENT_MINSIZE (sizeof(struct dirent) - (MAXNAMLEN+1) + 4) ./sys/compat/sunos/sunos_dirent.h: chard_name[SUNOS_MAXNAMLEN + 1]; ./sys/compat/svr4/svr4_dirent.h:chard_name[SVR4_MAXNAMLEN + 1]; ./sys/compat/svr4/svr4_dirent.h:chard_name[SVR4_MAXNAMLEN + 1]; ./sys/isofs/udf/udf_vnops.c:((sizeof (struct dirent) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3)) ./sys/nfs/nfs_vnops.c:#define NFS_DIRHDSIZ(sizeof (struct nfs_dirent) - (MAXNAMLEN + 1)) ./sys/stand/ls.c: if (((DP *)dp)-d_namlen MAXNAMLEN+1) { ./sys/sys/dir.h:((sizeof (struct direct) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3)) ./sys/sys/dirent.h: chard_name[MAXNAMLEN + 1]; /* name must be no longer than this */ ./sys/sys/dirent.h:((sizeof (struct dirent) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3)) ./sys/ufs/ufs/dir.h:char d_name[MAXNAMLEN + 1];/* name with length = MAXNAMLEN */ ./sys/ufs/ufs/dir.h:((sizeof(struct direct) - (MAXNAMLEN+1)) + (((dp)-d_type+1 + 3) ~ 3)) : \ ./sys/ufs/ufs/dir.h:((sizeof(struct direct) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3))) ./sys/ufs/ufs/dir.h:((sizeof(struct direct) - (MAXNAMLEN+1)) + (((dp)-d_namlen+1 + 3) ~ 3)) ./sys/ufs/ufs/dirhash.h:#define DH_NFSTATS (DIRECTSIZ(MAXNAMLEN + 1) / DIRALIGN) ./sys/xfs/xfs_node-bsd.c:char name[MAXNAMLEN + 1]; ./usr.bin/ar/archive.h: char name[MAXNAMLEN + 1]; /* name */ ./usr.bin/ctags/tree.c: charnbuf[1+MAXNAMLEN+1]; ./usr.bin/less/lsystem.c: char cwd[FILENAME_MAX+1]; ./usr.bin/patch/patch.c:static char
Re: MAXNAMLEN, NAME_MAX, FILENAME_MAX Plus One or Not?
On Sat, Jan 07, 2006 at 12:11:32AM +0100, Otto Moerbeek wrote: On Fri, 6 Jan 2006, Ray Lai wrote: What are the proper uses of MAXNAMLEN, NAME_MAX, and FILENAME_MAX? Do they represent filenames with or without paths? Do they include the terminating null or not? The source seems inconsistent: Posix says: {NAME_MAX} Maximum number of bytes in a filename (not including terminating null). Minimum Acceptable Value: {_POSIX_NAME_MAX} The other two are non-posix: MAXNAMLEN is file name length, not a path, excluding the NUL byte. FILENAME_MAX is from ANSI C, in practise it's value is equal to the posix PATH_MAX, which is the maximum length of a path name _including_ NUL. In practice, a lot of unix programs use MAXPATHLEN, which is in general equal to the posix PATH_MAX. I keep forgetting to, but thanks to everybody for answering my questions. -Ray-
How Do I Get snprintf(3) to Return -1?
According to printf(3): snprintf() and vsnprintf() will write at most size-1 of the characters printed into the output string (the size'th character then gets the ter- minating `\0'); if the return value is greater than or equal to the size argument, the string was too short and some of the printed characters were discarded. If size is zero, str may be a null pointer and no char- acters will be written; the number of bytes that would have been written excluding the terminating `\0' byte, or -1 on error, will be returned. and: The snprintf() and vsnprintf() functions return the number of characters that would have been output if the size were unlimited (again, not including the final `\0'). If an output or encoding error occurs, a val- ue of -1 is returned instead. I'm having trouble making snprintf return -1. I've tried stuff like: len = snprintf(str, 0, %.-Z\n, 9); printf(%d, len); but that just prints `2'. Does snprintf ever return -1? -Ray-
sdiff implementation
Ever since the GNU diffutils were removed from OpenBSD there hasn't been an sdiff. So I wrote one and placed it into the public domain. It can be found at http://cyth.net/~ray/sdiff/. This sdiff supports all of GNU sdiff's options and is compatible with OpenBSD's diff. All feedback is welcome. -Ray-
Re: additional features in bsd.rd
On Tue, Nov 22, 2005 at 12:01:05PM +0100, Pete Vickers wrote: 1. Get a dmesg output from CD-ROM booted bsd.rd to my other machine for emailing etc. # dmesg | nc 10.20.30.40 1234 2. Get information off a machine, either for backup purposes or data recovery etc. # dd if=/dev/rwd0c | nc 10.20.30.40 1234 3. Restore a 'disk image' from above... # nc -l 1234 | dd of=/dev/rwd0c Why not just use ftp? -Ray-
Re: Assigning static device names for USB devices
On Sun, Oct 16, 2005 at 09:00:16PM +0300, Antti Harri wrote: I have two USB printers, is there a way to assign a fixed device name instead of device name being assigned dynamically? If it's not possible at all, are there plans to implement it? If it's not possible at all, how does one go about implementing it? -Ray-
Re: Webmail recommendations?
On Tue, Oct 04, 2005 at 01:20:24PM -0500, Bob Bostwick (Lists) wrote: Not sure if it will run on OBSD or not (haven't had time to try yet...), but hands down Zimbra is the best looking web interface out there - including Exchange OWA. http://www.zimbra.com/ Egads, it's 150 MB! Just for webmail? It does look good, though. -Ray- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Sent: Saturday, October 01, 2005 5:35 PM To: misc@openbsd.org Subject: Webmail recommendations? Hello I want to setup a OBSD box for my email server. It will service probably about 2 dozen people, but It could conceivably double or more over the next year or two. I was wondering if anyone had any recommendations for an mta, and for a webmail program that is easy to use and fully featured for users who are not so computer savvy. I am pretty comfortable with Sendmail, but I hear a lot of people are moving more toward postfix (which I know nothing about). I am at a loss for a good web interface. Anyone care to make any recommendations? Thank you. Chris
Re: OpenBSD on IBM X40 ...
On Thu, Sep 29, 2005 at 12:46:26PM +0200, Reyk Floeter wrote: hi, Waldemar Brodkorb wrote: ... just rocks :} openbsd always rocks ;) Thanks to the developers. I got some minor problems with one of the snapshots (ath0 kernel crash), but this is already fixed in -current. thx Waldemar which crash exactly? and btw., does your thinkpad wireless led work (i haven't test it with x40, i have a t42)? Doesn't work for me, but then the ath0, while detected, doesn't actually work. How are you supposed to turn on the LED, anyway? Fn-wireless? -Ray-
Re: Time limited internet connection
On Sun, Sep 25, 2005 at 11:27:05PM +0200, Remy Heiden wrote: OR: root cron job: 11pm: pfctl -f /etc/pf.conf-night 6am: pfctl -f pf.conf-day Until the kid learns, Hey, I can reboot daddy's firewall and have internet access again! (Assuming /etc/pf.conf allows it.) -Ray-
Latest ath changes panics system
On Mon, Sep 19, 2005 at 04:27:09AM -0600, Reyk Floeter wrote: CVSROOT: /cvs Module name: src Changes by: [EMAIL PROTECTED] 2005/09/19 04:27:08 Modified files: sys/dev/ic : ar5210.c ar5211.c ar5212.c ar5xxx.c ar5xxx.h ath.c Log message: don't attach unsupported radio chipsets Hi, This seems to have broken my laptop entirely (dmesg at https://marc.theaimsgroup.com/?l=openbsd-miscm=112667018017607w=2). ... ath0 at pci1 dev 2 function 0 Atheros AR5212 rev 0x01: irq 11 ath: AR5213 5.9 phy 4.3 rf2112a 4.6, WOR4W, address 00:0e:9b:b3:27:d1 uvm_fault(0xd05cd960, 0x4000, 0, 1) - e kernel: page fault trap, code=0 Stopped at ar5k_ar5212_set_gpio_input+0x4d:movl0x4014(%ebx),%e ax ddb trace ar5k_ar5212_set_gpio_input(d1f81000,3,10,d1f80030,1) at ar5k_ar5212_set_gpio_in put+0x4d ath_gpio_attach(d1f8,13,d0596a28,d1f8) at ath_gpio_attach+0x4b ath_attach(13,d1f8,4,d057aeac) at ath_attach+0x50c ath_pci_attach(d1f7dec0,d1f8,d06f2cb0,0,0) at ath_pci_attach+0x123 config_attach(d1f7dec0,d057aeac,d06f2cb0,d0360808) at config_attach+0xef pciattach(d1f7df00,d1f7dec0,d06f2d50,0,d05807e4) at pciattach+0x1c8 config_attach(d1f7df00,d0579fe8,d06f2d50,d03a1cb0,d0547d64) at config_attach+0x ef ppbattach(d1f60f40,d1f7df00,d06f2df0,0,0) at ppbattach+0x8e config_attach(d1f60f40,d057a660,d06f2df0,d0360808) at config_attach+0xef pciattach(d1f60fc0,d1f60f40,d06f2eb0,0,d0589b98) at pciattach+0x1c8 config_attach(d1f60fc0,d0579fe8,d06f2eb0,d03603d4) at config_attach+0xef mainbus_attach(0,d1f60fc0,0,0,d06f2f10) at mainbus_attach+0x164 config_attach(0,d0579fc4,0,0,d05cda40) at config_attach+0xef config_rootfound(d0514cbc,0,d06f2f58,d03373f8) at config_rootfound+0x27 cpu_configure(0,1,3,0,5f6e) at cpu_configure+0x1f main(0,0,0,0,0) at main+0x339 ddb ps PID PPID PGRPUID S FLAGS WAIT COMMAND *0 -1 0 0 7 0x80204 swapper ddb ... Following http://www.benzedrine.cx/crashreport.html, I have narrowed down the crash point to line 122 of machine/pio.h: ... /usr/src/sys/dev/ic/ar5212.c:1933 34ac: 8b 59 14mov0x14(%ecx),%ebx 34af: ba 03 00 00 00 mov$0x3,%edx 34b4: 8d 0c 00lea(%eax,%eax,1),%ecx 34b7: d3 e2 shl$cl,$edx machine/pio.h:122 34b9: 9b 83 14 40 00 00 mov0x4014(%ebx),%eax /usr/src/sys/dev/ic/ar5212.c:1933 34bf: f7 d2 not%edx ... And the actual C file: ... AR4K_REG_WRITE(AR4K_AR5212_GPIOCR, (AR5K_REG_READ(AR5K_AR5212_GPIOCR) ~ AR5K_AR5212_GPIOCR_ALL(gpio)) | AR5K_AR5212_GPIOCR_NONE(gpio)); ... I hope I didn't copy anything wrong. I still have the exact CVS checkout that I built this kernel with, if it can be of any use. -Ray-
Re: more 1 than client can use same port from router (for bittorrent)
On Sat, Aug 06, 2005 at 05:19:46PM +0200, Erik Wikstrvm wrote: On 2005-08-06 16:48, Vivek Ayer wrote: Hi guys, I was wondering if it was possible to port forward the same port to more than one client behind a router. Currently, my client is the only one using bittorrent behind the router. I have this in /etc/pf.conf: rdr pass on $ext_if proto tcp to port 6881:6889 - 192.168.0.3 port 6881:6889 What do I do if other people on the subnet wanted to use the same ports (6881:6889) to use bittorrent (clients other than 192.168.0.3)? Thanks. Sorry, no can do. The other clients would have to use a BT-client where they can specify the port(s) to use and forward those to the right one. Or round-robin redirect to each client and pray. With so many connections, it might not even be noticable. -Ray-