Re: HP DL360 Fan Control
Mikel Lindsaar wrote: I am looking at working out how to control the fans in a HP DL360. Right now, the fans start low, but if the room gets warm, they go to high (Boeing 747) volume, and the only way to put them back down to low, is a reboot, PITA. It looks like the HP website mentions OS specific "system health drivers", which doesn't help too much as it is for Windows and precompiled. Does anyone have any idea on where to start? I am willing to dive into the source, but have never hacked on OpenBSD or an OS before, and not sure where to begin. I am willing to learn and have a system I can crash with abandon. Or even if there is a budding hacker out there, I can provide access to a freshly formatted box. Mikel Actually these should be able to control themselves without intervention from the OS (meaning no HP software installed). Does it happen on other OS'es as well? OpenBSD hardware monitoring may be doing something the management processor doesn't like, causing the fans to rev up and not go down again. Glenn
Re: hello whiners and crybabies
kytoon wrote: hello whiners and crybabies, you people make me sick. theo has a right to run obsd anyway he wants. why? he runs the project! don't like that? start coding. because that's the only thing that matters. you know, like you got anything going on in there? oh, that's right. you don't, and you can't code. you can only whine and cry, and take up theo's and the developer's valuable time. screw you punks. that's right! you are punks. you don't even understand what he and the developers do. you think they do this for you? screw you. they do it because they like clean and efficient code. you know, code that works. they do it for themselves! you cry because they don't cave in and sign some nda to implement a poorly coded wireless device. these guys rule the world of operating systems! hey! and they _GIVE_ you a chance to tag along. THEY GIVE YOU THE CODE! they produce! every six months, obsd gets better and better. you bunch of whining crying punks! you should be giving theo all the money he needs to make obsd even better! so, shut up and show the developers what you got, if you got anything at all, other than the dribble of a paralyzed brain. with love to theo and the developers Just because they (the openbsd team) give it away for free, people aren't allowed to voice their opinions on it? OpenBSD has its shortcomings, you cannot deny that, and people will always complain about those. Saying "write it yourself" is avoiding responsibility. But they have the right to avoid their responsibility because they gave it away for free. Glenn
Re: Dealing with Seagate's problematic 7200.11 firmware.
Dieter wrote: Recovering from Seagate's problematic 7200.11 firmware. Most of you have read about the problems with Seagate's 7200.11 disks. For those of you that haven't, the firmware on many of these drives is buggy, and can "brick" the drive when powering up or rebooting the system. Thus far, Seagate's response has been less than wonderful. We need a FLOSS solution. Goals: 1) Ability to read the number of log entries. 2) Ability to change the number of log entries. 3) Ability to install new firmware from Unix. We need for this to work with any flavor of Unix, on any CPU arch, without reboot or power cycle. We need for this to work on one drive without affecting other drives. I don't expect to be able to write FLOSS firmware for the drives, so this isn't listed as a goal. If you think you can, please feel free. The problem: "IF the drive is powered down when there are 320 entries in this journal or log, then when it is powered back up, the drive errors out on init and won't boot properly - to the point that it won't even report it's information to the BIOS." Maxtorman, slashdot discussion [2] Just a hypothetical situation, since we do not have the sourcecode of the firmware: isn't it possible some kind of mathematical operation is occuring on the number of log entries causing some kind of infinite loop to occur or a division that leads to/by 0 that the software/hardware is unable to handle? That could mean this problem could also manifest itself on for example multiples of 320, so just putting the counter on 321 may just be delaying the inevitable. And what happens if the counter overflows and reaches 320 again? Glenn If Maxtorman is correct, then once the drive has been operating awhile, we have a 1 in 320 chance that the circular log is at entry 320. We want to be able to find out how many log entries the disk currently has, and we want to be able to change the number of log entries away from 320, while we wait for Seagate to get its act together and release firmware that works properly. Since Seagate's solution will require attaching the drive to an x86 system and booting a FreeDOS ISO from CD, if the log is at 320 that boot will brick the drive. There are other firmware problems with the 7200.11 series, but this is the biggie. Once Seagate releases working firmware, we want to be able to install it from Unix, on any CPU arch. Seagate's release can only install on x86 using FreeDOS. *ATA Commands that may be useful: command namecommand code in hex page [1] pdf page [1] Read Log Ext0x2F27 33 S.M.A.R.T. Read Log Sector 0xB0 / 0xD5 28,34 34,40 S.M.A.R.T. Write Log Sector 0xB0 / 0xD6 28,34 34.40 Write Log Extended 0x3F28 34 Download Microcode 0x9227 33 Questions: Is Maxtorman correct about the 320 log entries? Are the commands listed above the ones we need? What is the difference between the "Log Extended" and the S.M.A.R.T. Log Sector? Is "Microcode" the same as "firmware"? (Seagate uses the term firmware elsewhere in the manual, but I don't find any sort of "write firmware" command.) Where can we get more detailed info about these commands and how to use them? References: [1] Seagate Barracuda 7200.11 Serial ATA Product Manual rev C August 2008 http://www.seagate.com/staticfiles/support/disc/manuals/desktop/Barracuda%207200.11/100507013c.pdf [2] http://it.slashdot.org/article.pl?sid=09/01/21/0052236
Re: looking for openbsd friendly server vendor
Lord Sporkton wrote: Im about to buy a small server, mostly for personal use looking for a 1u was hoping to find some vendors that are openbsd friendly if they offer more than just i386 that is a plus as im investigating other archs as a possiblilty, any suggestions welcome this server will be doing mostly webhosting, dns, mail, small firewalling, and a vpn or 2 thanks Hello, I use HP and Supermicro servers, they usually work quite fine. I can recommend the DL320G5P, it has an optional 4-disk bay and has 800 Mhz DDR2 memory. Processor is a xeon 3xxx series. Glenn
Re: HP DL320G5P doesn't boot
Boris Goldberg wrote: Hello RedShift, Friday, December 21, 2007, 4:41:53 AM, you wrote: R> I've got a new DL320G5P to play with for a very short while, while I'm R> waiting for the SAS controller cable to arrive (it's supposed to have R> another OS on it, which shall remain nameless). So I have the luxury of R> testing out this fine machine, but it doesn't boot under OpenBSD. It R> hangs at the following point: R> uhid at uhidev4 not configured It looks like your box is an "upgraded" version of DL320G I have. OpenBSD works on mine after some kernel tuning - there are couple threads about it in the archive. I think you need to enable acpi and (may be) disable uhid (in my case it's uhci) in a kernel. If it doesn't help with amd64 kernel you can try i386 (because your cpu is Intel). I don't see a reason for all that work in a first place, because you don't really need an OpenBSD on that box (you are saying that it will get an another OS anyway). Hi, My intent was improving OpenBSD: I have no code writing skills but every once in a while I have access to hardware like this. Seeing if everything works is my contribution to this project. Glenn
Re: HP DL320G5P doesn't boot -> Solved!
Stuart Henderson wrote: On 2007/12/21 12:58, RedShift wrote: OpenBSD 4.2 (RAMDISK_CD) #1249: Tue Aug 28 10:56:45 MDT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/RAMDISK_CD The first thing to do is try a snapshot, there's no point chasing a problem which may already be fixed. Hi, Indeed, the cd42.iso snapshot from 17 december fixed the problem! Sorry for all the traffic, it's solved. Best Regards, Glenn
Re: HP DL320G5P doesn't boot (with disabled uhub dmesg)
RedShift wrote: Hello all, I've got a new DL320G5P to play with for a very short while, while I'm waiting for the SAS controller cable to arrive (it's supposed to have another OS on it, which shall remain nameless). So I have the luxury of testing out this fine machine, but it doesn't boot under OpenBSD. It hangs at the following point: uhid at uhidev4 not configured When entering the UKC prompt I can't type anything, only garbage comes out. When I remove my USB keyboard and mouse, the kernel stops at: uhub6 at uhub 1 port 2: HP Virtual Hub, rev 1.10/0.01, addr 3 So I used a linux distribution installer CD to gather some more information: You can find these documents also at: http://users.opengate.be/~glenn/dl320g5p/ If I set in the UKC prompt: disable uhub The boot hangs at rd0: fixed, 4480 blocks Here's the dmesg with uhub disabled: [7l[0m[2J[01;01H[01;01H[7l[0m[2J[01;01H[7l[0m[2J[01;01H Press "F9" key for ROM-Based Setup Utility Press "F10" key for System Maintenance Menu Press "F12" key for PXE boot For access via BIOS Serial Console Press "ESC+9" for ROM-Based Setup Utility Press "ESC+0" for System Maintenance Menu Press "ESC+@" for PXE boot [7l[0m[2J[01;01H[01;01H[01;01H[7l[0m[2J[01;01H[01;01HAttempting Boot From[01;01H[01;22HCD-ROM[01;01H[02;01HCD-ROM: 9F Loading /4.2/AMD64/CDBOOT probing: pc0 com0 com1 mem[637K 3453M 639M a20=on] disk: fd0 fd1 hd0+* hd1+* cd0 >> OpenBSD/amd64 CDBOOT 2.00 |/-\boot> set tty com0 switching console to com0 >> OpenBSD/amd64 CDBOOT 2.00 boot> boot -c booting cd0a:/4.2/amd64/bsd.rd: |/-\|/2203904-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\ |/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/- \|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-+456039\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\
Re: HP DL320G5P doesn't boot (with full verbose OpenBSD dmesg)
Raimo Niskanen wrote: On Fri, Dec 21, 2007 at 11:41:53AM +0100, RedShift wrote: Hello all, I've got a new DL320G5P to play with for a very short while, while I'm waiting for the SAS controller cable to arrive (it's supposed to have another OS on it, which shall remain nameless). So I have the luxury of testing out this fine machine, but it doesn't boot under OpenBSD. It hangs at the following point: uhid at uhidev4 not configured When entering the UKC prompt I can't type anything, only garbage comes out. When I remove my USB keyboard and mouse, the kernel stops at: uhub6 at uhub 1 port 2: HP Virtual Hub, rev 1.10/0.01, addr 3 So I used a linux distribution installer CD to gather some more information: Can you connect a serial console, perhaps play with serial console settings in the BIOS and catch a dmsg from OpenBSD's failed boot? Here's the full dmesg with verbose enabled at the UKC prompt (UKC works with the serial console) You can find it here: http://users.opengate.be/~glenn/dl320g5p/screenlog-openbsd-dmesg-verbose.txt I'm not going to paste it in this email because it's 108 kilobytes large. Glenn
Re: HP DL320G5P doesn't boot [with full OpenBSD dmesg]
Raimo Niskanen wrote: On Fri, Dec 21, 2007 at 11:41:53AM +0100, RedShift wrote: Hello all, I've got a new DL320G5P to play with for a very short while, while I'm waiting for the SAS controller cable to arrive (it's supposed to have another OS on it, which shall remain nameless). So I have the luxury of testing out this fine machine, but it doesn't boot under OpenBSD. It hangs at the following point: uhid at uhidev4 not configured When entering the UKC prompt I can't type anything, only garbage comes out. When I remove my USB keyboard and mouse, the kernel stops at: uhub6 at uhub 1 port 2: HP Virtual Hub, rev 1.10/0.01, addr 3 So I used a linux distribution installer CD to gather some more information: Can you connect a serial console, perhaps play with serial console settings in the BIOS and catch a dmsg from OpenBSD's failed boot? Hi, I connected a serial console (why didn't I think of that earlier?) and here's the result: (You can also find this in http://users.opengate.be/~glenn/dl320g5p/screenlog.0) There is also a verbose option on the kernel somewhere, I'm searching the docs for that and see where that gets me. [7l[0m[2J[01;01H[01;01H[7l[0m[2J[01;01H[7l[0m[2J[01;01H Press "F9" key for ROM-Based Setup Utility Press "F10" key for System Maintenance Menu Press "F12" key for PXE boot For access via BIOS Serial Console Press "ESC+9" for ROM-Based Setup Utility Press "ESC+0" for System Maintenance Menu Press "ESC+@" for PXE boot [7l[0m[2J[01;01H[01;01H[01;01H[7l[0m[2J[01;01H[01;01HAttempting Boot From[01;01H[01;22HCD-ROM[01;01H[02;01HCD-ROM: 9F Loading /4.2/AMD64/CDBOOT probing: pc0 com0 com1 mem[637K 3453M 639M a20=on] disk: fd0 fd1 hd0+* hd1+* cd0 >> OpenBSD/amd64 CDBOOT 2.00 |/-\boot> set tty0 com set tty com0 switching console to com0 >> OpenBSD/amd64 CDBOOT 2.00 boot> boot booting cd0a:/4.2/amd64/bsd.rd: |/-\|/2203904-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\ |/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/- \|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-+456039\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|
HP DL320G5P doesn't boot
Hello all, I've got a new DL320G5P to play with for a very short while, while I'm waiting for the SAS controller cable to arrive (it's supposed to have another OS on it, which shall remain nameless). So I have the luxury of testing out this fine machine, but it doesn't boot under OpenBSD. It hangs at the following point: uhid at uhidev4 not configured When entering the UKC prompt I can't type anything, only garbage comes out. When I remove my USB keyboard and mouse, the kernel stops at: uhub6 at uhub 1 port 2: HP Virtual Hub, rev 1.10/0.01, addr 3 So I used a linux distribution installer CD to gather some more information: You can find these documents also at: http://users.opengate.be/~glenn/dl320g5p/ -- dmesg -- Linux version 2.6.22-ARCH ([EMAIL PROTECTED]) (gcc version 4.2.1) #1 SMP PREEMPT Wed Sep 26 21:45:47 CEST 2007 Command line: initrd=initrd.img rootdelay=5 BOOT_IMAGE=vmlinuz BIOS-provided physical RAM map: BIOS-e820: - 0009f400 (usable) BIOS-e820: 0009f400 - 000a (reserved) BIOS-e820: 000f - 0010 (reserved) BIOS-e820: 0010 - d7e66000 (usable) BIOS-e820: d7e66000 - d7e6e000 (ACPI data) BIOS-e820: d7e6e000 - d7e6f000 (usable) BIOS-e820: d7e6f000 - d800 (reserved) BIOS-e820: fec0 - fed0 (reserved) BIOS-e820: fee0 - fee1 (reserved) BIOS-e820: ffc0 - 0001 (reserved) BIOS-e820: 0001 - 000127fff000 (usable) Entering add_active_range(0, 0, 159) 0 entries of 256 used Entering add_active_range(0, 256, 884326) 1 entries of 256 used Entering add_active_range(0, 884334, 884335) 2 entries of 256 used Entering add_active_range(0, 1048576, 1212415) 3 entries of 256 used end_pfn_map = 1212415 DMI 2.4 present. ACPI: RSDP 000F4F00, 0024 (r2 HP) ACPI: XSDT D7E667C0, 0074 (r1 HP ProLiant2 R 162E) ACPI: FACP D7E66840, 00F4 (r3 HP ProLiant2 R 162E) ACPI: DSDT D7E66940, 2D59 (r1 HP DSDT1 INTL 20030228) ACPI: FACS D7E66100, 0040 ACPI: SPCR D7E66140, 0050 (r1 HP SPCRRBSU1 R 162E) ACPI: MCFG D7E661C0, 003C (r1 HP ProLiant1 0) ACPI: HPET D7E66200, 0038 (r1 HP ProLiant2 R 162E) ACPI: SPMI D7E66240, 0040 (r5 HP ProLiant1 R 162E) ACPI: ERST D7E66280, 01D0 (r1 HP ProLiant1 R 162E) ACPI: APIC D7E66480, 0092 (r1 HP ProLiant2 0) ACPI: D7E66540, 0176 (r1 HP ProLiant1 R 162E) ACPI: BERT D7E666C0, 0030 (r1 HP ProLiant1 R 162E) ACPI: HEST D7E66700, 00BC (r1 HP ProLiant1 R 162E) Entering add_active_range(0, 0, 159) 0 entries of 256 used Entering add_active_range(0, 256, 884326) 1 entries of 256 used Entering add_active_range(0, 884334, 884335) 2 entries of 256 used Entering add_active_range(0, 1048576, 1212415) 3 entries of 256 used Zone PFN ranges: DMA 0 -> 4096 DMA324096 -> 1048576 Normal1048576 -> 1212415 early_node_map[4] active PFN ranges 0:0 -> 159 0: 256 -> 884326 0: 884334 -> 884335 0: 1048576 -> 1212415 On node 0 totalpages: 1048069 DMA zone: 56 pages used for memmap DMA zone: 1116 pages reserved DMA zone: 2827 pages, LIFO batch:0 DMA32 zone: 14280 pages used for memmap DMA32 zone: 865951 pages, LIFO batch:31 Normal zone: 2239 pages used for memmap Normal zone: 161600 pages, LIFO batch:31 ACPI: PM-Timer IO Port: 0x908 ACPI: Local APIC address 0xfee0 ACPI: LAPIC (acpi_id[0x00] lapic_id[0x00] enabled) Processor #0 (Bootup-CPU) ACPI: LAPIC (acpi_id[0x04] lapic_id[0x04] disabled) ACPI: LAPIC (acpi_id[0x02] lapic_id[0x02] disabled) ACPI: LAPIC (acpi_id[0x06] lapic_id[0x06] disabled) ACPI: LAPIC (acpi_id[0x01] lapic_id[0x01] enabled) Processor #1 ACPI: LAPIC (acpi_id[0x05] lapic_id[0x05] disabled) ACPI: LAPIC (acpi_id[0x03] lapic_id[0x03] disabled) ACPI: LAPIC (acpi_id[0x07] lapic_id[0x07] disabled) ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1]) ACPI: IOAPIC (id[0x08] address[0xfec0] gsi_base[0]) IOAPIC[0]: apic_id 8, address 0xfec0, GSI 0-23 ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 high edge) ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) ACPI: IRQ0 used by override. ACPI: IRQ2 used by override. ACPI: IRQ9 used by override. Setting APIC routing to flat ACPI: HPET id: 0x10228201 base: 0xfed0 Using ACPI (MADT) for SMP configuration information swsusp: Registered nosave memory region: 0009f000 - 000a swsusp: Registered nosave memory region: 000a - 000f swsusp: Registered nosave memory region: 000f - 0010 swsusp: Registered nosave memory region: d7e66000 - d7e6e000 swsusp: Registered nosave memory region: d7e6f000 - d80
Re: OpenBSD supported servers ?
Mathieu Sauve-Frankel wrote: On Thu, Dec 20, 2007 at 04:37:34PM +0530, Selva Raj wrote: Hi all, I am looking for a HP or IBM server which can run OpenBSD Operating System out of the box? we're using G5 HP DL360 and DL380 with no problems whatsoever. Note that the DL320G5P (the G5P, the newer model of the G5) doesn't work here, hangs after detecting the usbdevices. I'm collecting more details. Glenn
Re: Real men don't attack straw men
Richard Stallman wrote: OpenBSD is by far the most free OS in the landscape. Everything that ships with it is free or else it won't be distributed with it. Yes, that's what I was told. I was also told that OpenBSD's ports system includes non-free programs. Is that accurate too? There is not a single open source OS out there that is more careful than OpenBSD on licensing, copyrights and frivolous patents. Maybe that is true, but it's not the issue I'm talking about. I'm not a supporter of open source anyway; I fight for free software. Ututo and gNewSense have the policy not to include non-free programs, not even in a ports system. Thus, they don't do anything that contradicts the philosophy of free software. That's why I can recommend them. Unlinke linux OpenBSD does not contain proprietary firmware blobs in the distribution. Torvalds' version of Linux is not free software, for this reason. Ututo and gNewSense include a version of Linux which remove the firmware blobs, in order to make it free software. Where's the freedom in not being able to use (under your definition of non-free software) non-free or otherwise "restricted" software? Freedom is about being free to make your own choice, no matter what the content of that choice is. Even if that choice inhibits freedom. Glenn
Re: Real men don't attack straw men
Richard Stallman wrote: It looks like some people are having a discussion in which they construct views they would find outrageous, attribute them to me, and then try to blame me for them. For such purposes, knowledge of my actual views might be superfluous, even inconvenient. However, if anyone wants to know what I do think, I've stated it in various articles in http://www.gnu.org/philosophy/. In particular, see http://www.gnu.org/philosophy/freedom-or-power.html. One question particularly relevant for this list is why I don't recommend OpenBSD. It is not about what the system allows. (Any general purpose system allows doing anything at all.) It is about what the system suggests to the user. Since I consider non-free software to be unethical and antisocial, I think it would be wrong for me to recommend it to others. Therefore, if a collection of software contains (or suggests installation of) some non-free program, I do not recommend it. The systems I recommend are therefore those that do not contain (or suggest installation of) non-free software. From what I have heard, OpenBSD does not contain non-free software (though I am not sure whether it contains any non-free firmware blobs). However, its ports system does suggest non-free programs, or at least so I was told when I looked for some BSD variant that I could recommend. I therefore exercise my freedom of speech by not including OpenBSD in the list of systems that I recommend to the public. I could recommend OpenBSD privately with a clear conscience to someone I know will not install those non-free programs, but it is rare that I am asked for such recommendations, and I know of no practical reason to prefer OpenBSD to gNewSense. The fact that OpenBSD is not a variant of GNU is not ethically important. If OpenBSD did not suggest non-free programs, I would recommend it along with the free GNU/Linux distros. You've got too much time on your hands.
Re: RAID1 powerloss - can parity rewrite be safely backgrounded?
Greg Oster wrote: I worry more about a hardware RAID card forgetting its configuration after a power outage than I do about parity checking in the background :) ("What do you mean these 14 disks in this 2TB hardware RAID array are now all 'unassigned'!?!?!?!". That wasn't a fun day.) Really? We've had something similar happening to us a while ago. The system was running on a 3 disk RAID 5 array. A supermicro backplane went up in flames[1] and the server was shut down. An engineer booted the server without the backplane, but with one disk missing from the RAID 5 array, so upon next boot the missing disk was connected and a rebuild was ordered. However, the rebuild was taking too long and the server was rebooted to do the rebuild in the background. The server came up fine and we were searching for the necessary tools to start the background rebuild. We thought we were in the clear when suddenly windows started acting all weird, eventually crashed (I didn't see if it was a bluescreen, we were working via terminal server at that time), and the server was rebooted again. After this incident, the controller configuration was gone and all three disks appeared as "Ready". Gone was the RAID. We eventually were able to recover some data by re-creating the array (luckily someone knew the blocksize originally used) and not initializing when reconstructing the RAID. The operating system was foobar though and couldn't be booted anymore. This was with an intel-rebranded LSI card with an intel BIOS. Anyone got any similar experiences with hardware RAID cards? Hardware RAID has always been misery for me. [1] http://users.opengate.be/~glenn/album/index.php?folder=/Misc/Burnt%20Supermicro%20Backplane/
Re: Intel Core 2
Constantine A. Murenin wrote: On 27/06/07, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote: you make more money if your widgets break because your new widget is vastly improved. new packaging, same great defects! The best thing about computer parts randomly failing will hit us in a few years, due to RoHS directives: http://en.wikipedia.org/wiki/RoHS#Impact_on_reliability http://en.wikipedia.org/wiki/Whisker_%28metallurgy%29 Another problem that lead-free solders face is the growth of tin whiskers. These thin strands of tin can grow and make contact with an adjacent trace, developing a short circuit. Tin whiskers have already been responsible for at least one failure at a nuclear power plant. Other documented failures include satellites in orbit, aircraft in flight, and implanted medical pacemakers. Reliability decay of low-lead materials may be economically desirable for some consumer product companies because it provides a mechanism to enforce planned obsolescence and replacement. Ironically, this is the opposite of the claimed intent of RoHS legislation. C. uuhhh that's scary. Are you sure "they" haven't found a solution for that?
Re: Failing to get [EMAIL PROTECTED] in X
Alex Holst wrote: Quoting Nick Holland ([EMAIL PROTECTED]): [..] I tried tweaking xorg.conf like you suggested and some other things: http://a.mongers.org/x/xorg.conf http://a.mongers.org/x/Xorg.0.log Now X outputs [EMAIL PROTECTED] Uh. Xorg.log mentions CRT as an active display on pipe A with no active displays on pipe B. I have no idea what it means but wonder if that's related to my problem. The display on my laptop is blank. Any other hints? Make sure HorizSync is correct (have a look at the manual for your monitor, it probably has a VESA table) and set VertRefresh to 60. Change the Modes for your monitor to only include 1680x1050, no others.
Re: bcw(4) is gone
Marco Peereboom wrote: I have to reply to this horse shit. :-) *snip* Regarding freedom: Take the Linksys routing devices. They ship with GPL software. Taking what you said as an example, it would be OK if Linksys made proprietary changes to the free software and deliver a closed software on the device. If for example the proprietary changes make the free software work on the device in the first place, the software is in effect not free anymore, as the free version of the software is useless in effect. If there is no other option than to buy these Linksys devices or similar devices in the future and the originally free software cannot be used on any other device anymore, then the propriety changes to a free software has made this software unfree for users. What's the freedom of BSD software worth when it can't be used in its free form anymore? That can't happen with GPL'ed software. You are talking without saying anything. What is your fucking point? Have you actually read that piece of text?? *snip* There are many cases where a GPL license is the only sensible choice in my opinion. Of course, I don't reject the BSD license either. It all depends on what you want to bring about and secure. There is no one-and-only-free license. The only good use so for of the GPL is java. Sun gets to pretend to put "free" code out there and it is completely protected by the GPL. It will never take any patches from the community; it simply wants to retain full control. The joke is on GPL since it protects the companies it "hates". One has got to love unforeseen consequences. Have you tried submitting patches to them? You are just being prejudist. Please don't say things you "think", say things that are proven fact. *snip* Glenn
Re: running OpenBSD on switch hardware
Claudio Jeker wrote: On Fri, Apr 06, 2007 at 02:54:03AM -0600, rc wrote: Let us know if you get this working. I would love to run OpenBSD on my switches. PF running at wire speed would be beyond awesome. Oh please. A managed switch is not even closely able to run PF especially those cheapo Linksys thingis with a massivly under powered ARM CPU with probably a hopping 64M RAM. Switching chips are built for switching packets. They read the mac header and managed switches the vlan header. Expensive Layer 3 switches will read the dest IP header. These infos are used to do a lookup in a CAM table and based on that result forwarding is done. The CPU will only see packets that can not be handled in HW (e.g. because there is no CAM entry). Even the most expensive Cisco/Foundry/Extreme switches have not the CPU power to route or filter packets. Sure you could use a good L3 switch chip and combine it with a modern CPU (amd64 or core 2 duo) but that's an other story. Very true, but the point here is the fun of being able to do it ;-) Since it's got no use to me because of the administrative problems it has, maybe I could find some other use with it and not have my money wasted ;-) Glenn
Re: running OpenBSD on switch hardware
RedShift wrote: Hello all, I've got this linksys SRW2016 managed 16 port gigabit switch at home. The only problem with it, is that the firmware well eh, sucks. The telnet interface can't configure everything (just basic setup, you can't even set up SNMP or VLANs) and the webinterface only works correctly with Internet Explorer. Now during the bootup messages I see that the processor is an ARM946E-S. Since OpenBSD should run on ARM processors (armish port?) I wonder if it would be possible to replace the current firmware with an OpenBSD install. To upgrade the firmware, you need two images, a "boot" image and "software" image. But before I get started, would this even be possible? I'm already having a hard time screwing open the device :-(. You have to keep in mind I'm no good at programming, I know very little C beyond hello world, let alone booting such a piece of hardware. Thanks, Glenn Update: I misread the bootup information, it says it has an "88E6218 with ARM946E-S". The 88E6218 seems to be a marvell chip commonly used in cheap routers for home.
Re: running OpenBSD on switch hardware
Sam Fourman Jr. wrote: On 4/5/07, Steve Shockley <[EMAIL PROTECTED]> wrote: Siju George wrote: > I wish somebody would design a simple hardware that has 24 or more NIC > ports ( and of course WiFi ) and processor than can install OpenBSD. > With PF then I could have a very inexpensive managed switch with ACLS > for all hosts on the network:-) The problem isn't just getting lots of ports on a device (usb could probably do that), it's getting lots of ports on a device and getting them all to run at full bandwidth. I have been interested for quite some time in making a Switch with OpenBSD See this post http://archives.neohapsis.com/archives/openbsd/2007-03/2353.html you may find this interesting Sam Fourman Jr. I have already done this. In essence a switch is nothing more but a big bridge. Ofcourse, with a regular computer you are limited on how many ports you can use, and since a switch is made for this goal... http://www.uclinux.org/ is a collection of patches to run linux without an MMU. It does have some restrictions though. I've tried to analyze the original linksys firmware images, but it's just a big heap of binary code. In both images (it has a boot and a "software" image) the letters RNTP occur, which could be led to runtop. Does anyone know about this runtop software? Thanks, Glenn
running OpenBSD on switch hardware
Hello all, I've got this linksys SRW2016 managed 16 port gigabit switch at home. The only problem with it, is that the firmware well eh, sucks. The telnet interface can't configure everything (just basic setup, you can't even set up SNMP or VLANs) and the webinterface only works correctly with Internet Explorer. Now during the bootup messages I see that the processor is an ARM946E-S. Since OpenBSD should run on ARM processors (armish port?) I wonder if it would be possible to replace the current firmware with an OpenBSD install. To upgrade the firmware, you need two images, a "boot" image and "software" image. But before I get started, would this even be possible? I'm already having a hard time screwing open the device :-(. You have to keep in mind I'm no good at programming, I know very little C beyond hello world, let alone booting such a piece of hardware. Thanks, Glenn
Re: Microsoft gets the Most Secure Operating Systems award
Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software.
Re: Saving memory on small machines
Kamil Monticolo wrote: The OpenBSD kernel is a bit over 5MB. I assume that gets loaded into memory and is not swappable, giving me 43MB left, which isn't a lot. You can turn off ipv6, altq if not needed, and of course lots of hardware that you don't need also. For example I have a 2 x smaller kernel that GENERIC on my laptop: $ uname -a OpenBSD squirrel 4.1 BIRKOFF#0 i386 $ ls -lh /bsd{,.orig} -rw-r--r-- 1 root wheel 2.9M Mar 9 00:39 /bsd -rw-r--r-- 1 root wheel 5.8M Feb 22 13:32 /bsd.orig You may also stripe nearly all of your libraries, for example: # ls -lhS /usr/lib/libcrypto*a -r--r--r-- 1 root bin 11.7M Mar 22 13:53 /usr/lib/libcrypto_pic.a -r--r--r-- 1 root bin 11.6M Mar 22 13:53 /usr/lib/libcrypto_p.a -r--r--r-- 1 root bin 11.5M Mar 22 13:53 /usr/lib/libcrypto.a # strip -s /usr/lib/libcrypto*a # ls -lhS /usr/lib/libcrypto*a -r--r--r-- 1 root bin 909K Mar 22 13:53 /usr/lib/libcrypto_pic.a -r--r--r-- 1 root bin 865K Mar 22 13:53 /usr/lib/libcrypto_p.a -r--r--r-- 1 root bin 835K Mar 22 13:53 /usr/lib/libcrypto.a looks fine? Hope this helps. Kamil Monticolo aka birkoff Interesting, does this stripping also have a speed increase during usage?
Re: OpenBSD speed on desktops
Marco Peereboom wrote: If you like losing data ext3 and reiserfs work just fine. I manage to lose Linux installations pretty often by doing crazy things like rebooting. On Mon, Mar 19, 2007 at 03:41:05PM +0100, RedShift wrote: Claudio Jeker wrote: On Mon, Mar 19, 2007 at 01:48:44PM +0100, Karel Kulhavy wrote: On Sat, Feb 17, 2007 at 12:36:00PM -0500, R. Fumione wrote: Hello, I am using OpenBSD on server since few years now, and I am very happy with it's easy maintenance and it's stability. I want to try on desktop, and I am having trouble. Everything is much slower than existing Linux system. For example, Firefox takes 3-5 seconds to start on Linux but ~10 seconds on OpenBSD on same machine! I have the same problem. The FFS doesn't seem to be as fast as ext2. On the other hand I never lost data on ffs while a crashing linux box likes to eat up file systems. If you like to get ext2 speed just mount your filesystems async and hope for the best (that's what linux is doing). That's what transactional filesystems like ext3 and reiserfs are for. I can highly recommend reiserfs. Glenn Do you have some evidence to back up your pretty bold statement?
Re: OpenBSD speed on desktops
Claudio Jeker wrote: On Mon, Mar 19, 2007 at 01:48:44PM +0100, Karel Kulhavy wrote: On Sat, Feb 17, 2007 at 12:36:00PM -0500, R. Fumione wrote: Hello, I am using OpenBSD on server since few years now, and I am very happy with it's easy maintenance and it's stability. I want to try on desktop, and I am having trouble. Everything is much slower than existing Linux system. For example, Firefox takes 3-5 seconds to start on Linux but ~10 seconds on OpenBSD on same machine! I have the same problem. The FFS doesn't seem to be as fast as ext2. On the other hand I never lost data on ffs while a crashing linux box likes to eat up file systems. If you like to get ext2 speed just mount your filesystems async and hope for the best (that's what linux is doing). That's what transactional filesystems like ext3 and reiserfs are for. I can highly recommend reiserfs. Glenn
Re: ES40 (alpha servers) available for donation in the munich area
Robert Urban wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Folks, a friend is in about to scrap several ES40 Alpha servers. The approximate configuration is: - - 4x CPUs (533MHz maybe, 833 is unlikely) - - several gigs of memory (4?) - - 1 or 2 SCSI controllers these things weigh a ton and suck power. you have been warned :) There are three hot-swap power supply bays in the back, two of which must be populated to support 4 CPUs. Each PS is rated at 720W. Aside from the their appetite for power, these were, in their day, some of the nicest alphas DEC ever built. The CPUs are connected to a 5.2GB/sec crossbar switch which made this machine scream. I can make the specs available if anyone is interested... cheers, Rob Urban This thread is useless without pictures! ;-)
Re: DragonflyBSD creating a new FS
Miod Vallat wrote: Since I know little about filesystems, I'm basically asking to any developper if this FS would be a good addition to OpenBSD...or the goals are way too different and it wouldn't be very useful. How can we answer your question as long as the design itself is a moving target? Miod It is a mental challenge for the writer...
Re: problem booting Supermicro PDSMA
Jean-Yves Boisiaud wrote: hello, We've just bought a Supermicro PDSMA motherboard and we would like to install OBSD 4.0. Specific hardware is a SATA II RAID controler, an Areca 1110. North bridge : Mukilteo E7230 South bridge : ICH7R 2 GB lan controlers on the motherboard, an Intel PRO/1000MT and a 1000PT. Here is the end of the boot sequence (the Areca seems to be ok) : pci5 at ppb4 bus13 em0 at pci5 dev 0 function 0 "Intel PRO/1000MT (82573E)" rev 0x03 : irq 11, address ... vendor "Intel", unknown product 0x108f (class communications subclass serial, rev 0x03) at pci 5 dev 0 function 3 not configured em1 at pci5 dev 0 function 4 "Intel PRO/100PT (82573E)" rev 0x03 : irq ^^ That looks weird (Intel PRO/*100*PT). Can you try with disabling those onboard NICs? 11uvm_fault(0xd067a780, 0xe8f4F000, 0, 1) -> e fatal page fault (6) in supervisor mode trap type 6 code0 eip ... panic: trap type 6, code 0, pc=d0391733 Thanks for your answer.
dmesg for supermicro x7dvl-e
Hello I've got a new toy today, here's the dmesg: What does this server contain? * Intel Xeon 5130 * SuperMicro X7DVL-E (http://www.supermicro.com/products/motherboard/Xeon1333/5000V/X7DVL-E.cfm) No other specialities. The keyboard is connected via USB, works. Disks are attached to the SATA controller, detected. Fully functional it appears. Made using cd40.iso from amd64. OpenBSD 4.0 (RAMDISK_CD) #883: Sat Sep 16 20:46:50 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/RAMDISK_CD real mem = 2146426880 (2096120K) avail mem = 1836118016 (1793084K) using 22937 buffers containing 214851584 bytes (209816K) of memory mainbus0 (root) cpu0 at mainbus0: (uniprocessor) cpu0: Intel(R) Xeon(R) CPU 5130 @ 2.00GHz, 2000.31 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,NXE,LONG cpu0: 4MB 64b/line 16-way L2 cache pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 vendor "Intel", unknown product 0x25d4 rev 0xb1 ppb0 at pci0 dev 2 function 0 vendor "Intel", unknown product 0x25f7 rev 0xb1 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci2 at ppb1 bus 2 ppb2 at pci2 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci3 at ppb2 bus 3 ppb3 at pci2 dev 2 function 0 vendor "Intel", unknown product 0x3518 rev 0x01 pci4 at ppb3 bus 4 em0 at pci4 dev 0 function 0 "Intel PRO/1000 PT (80003ES2)" rev 0x01: irq 11, address 00:30:48:8b:58:b0 em1 at pci4 dev 0 function 1 "Intel PRO/1000 PT (80003ES2)" rev 0x01: irq 10, address 00:30:48:8b:58:b1 ppb4 at pci1 dev 0 function 3 "Intel 6321ESB PCIE-PCIX" rev 0x01 pci5 at ppb4 bus 5 vendor "Intel", unknown product 0x1a38 (class system subclass miscellaneous, rev 0xb1) at pci0 dev 8 function 0 not configured pchb1 at pci0 dev 16 function 0 "Intel 5000 Error Reporting" rev 0xb1 pchb2 at pci0 dev 16 function 1 "Intel 5000 Error Reporting" rev 0xb1 pchb3 at pci0 dev 16 function 2 "Intel 5000 Error Reporting" rev 0xb1 pchb4 at pci0 dev 17 function 0 "Intel 5000 Reserved" rev 0xb1 pchb5 at pci0 dev 19 function 0 "Intel 5000 Reserved" rev 0xb1 pchb6 at pci0 dev 21 function 0 "Intel 5000 FBD" rev 0xb1 pchb7 at pci0 dev 22 function 0 "Intel 5000 FBD" rev 0xb1 ppb5 at pci0 dev 28 function 0 "Intel 6321ESB PCIE" rev 0x09 pci6 at ppb5 bus 6 uhci0 at pci0 dev 29 function 0 "Intel 6321ESB USB" rev 0x09: irq 5 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 "Intel 6321ESB USB" rev 0x09: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 "Intel 6321ESB USB" rev 0x09: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 29 function 3 "Intel 6321ESB USB" rev 0x09: irq 7 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 "Intel 6321ESB USB" rev 0x09: irq 5 ehci0: timed out waiting for BIOS usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports with 8 removable, self powered ppb6 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xd9 pci7 at ppb6 bus 7 vga1 at pci7 dev 1 function 0 "ATI ES1000" rev 0x02 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) "Intel 6321ESB LPC" rev 0x09 at pci0 dev 31 function 0 not configured pciide0 at pci0 dev 31 function 1 "Intel 6321ESB IDE" rev 0x09: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 ignored (disabled) pciide1 at pci0 dev 31 function 2 "Intel 6321ESB SATA" rev 0x09: DMA, channel 0 configured to native-PCI, channel 1 configured to native-PCI pciide1: using irq 10 for native-PCI interrupt wd0 at pciide1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 143089MB, 293046768 sectors wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1 at pciide1 channel 1 drive 0: wd1: 16-sector PIO, LBA48, 143089MB, 293046768 sectors wd1(pciide1:1:0): using PIO mode 4, Ultra-DMA mode 5 "Intel 6321ESB SMBus" rev 0x09 at pci0 dev 31 function 3 not configured isa0 at mainbus0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 rd0: fixed, 3584 blocks uhidev0 at uhub0 port 2 configuration 1 interface 0 uhidev0: BTC USB Multimedia Keyboard, rev 1.10/1.20, addr 2, iclass 3/1 ukbd0 at uhidev0 wskbd1 at ukbd0 mux 1 wskbd1: connecting to wsdispla
Re: apache security
Lars Hansson wrote: Toni Mueller wrote: To me, this currently comes down to using unique user and group ids for individual web site instances, and then chroot each server into their respective tree where the requirement for reading other people's data is to break out of the chroot first. This can be done with the default chroot as long as you dont allow your users to run any cgi's. Just make each vhosts docroot be owned by the user and readable by the www group and you're set. If you're hosting PHP sites you also need to remember to set (and enforce) open_basedir for the vhosts. --- Lars Hansson We dealt with this another way. We create a separate instance of httpd for every user, and let httpd run under that user. Each instance is on a different port number bound to 127.0.0.1. To tie it all together we use a reverse proxy (pound) and enable virtual hosting in the proxy to redirect vhosts to the right apache instance.
Re: set obsd 3.9 as dns server
Craig Skinner wrote: On Wed, Jan 24, 2007 at 09:25:13AM +0700, sonjaya wrote: Dear all i have obsd 3.9 , i want setup as dns name for my ip public and mydomain , i try follow step in openbsdsupport.org , but until now always get error lame server and etc , so where i get good tutorial about setup obsd as name server for my public ip and my domain . http://www.oreilly.com/catalog/dnsbindckbk/ http://www.oreilly.com/catalog/dns4/ http://sicute.blogspot.com/2007/01/dns-fundamentalsbind.html -sonjaya- http://sicute.blogspot.com www.dnsstuff.com Very usefull site with all sorts of DNS/ip testing. It will not only tell you you have lame name resolving, but will also tell you what it is and therefore how to solve it
Re: Redundant web servers
Jeff Simmons wrote: I'm setting up some auto-failover web servers (load balancing isn't needed). CARP would seem ideal for the case where a machine fails, but I'd also like to failover if httpd stops responding for some reason. Some research has shown a couple of possible solutions, but there doesn't seem to be a 'standard' way of doing this. Does anyone have any recommendations? Actually pound (http://www.apsis.ch/pound/) can be set to forward to only one webserver, but when that server fails, to forward to another server untill the first one comes up again.
Re: Flash Player 9 on OpenBSD
Frank Denis wrote: Le Wed, Jan 17, 2007 at 03:36:07PM -0500, Matthew Szudzik ecrivait : Adobe released Flash Player 9 for Linux today. (I know, it's not open-source, but it's sometimes hard to navigate the web without it.) http://www.adobe.com/aboutadobe/pressroom/pressreleases/200701/011707FlashPlayerLinux.html Well, I see two ways of having flash work with native apps: - linuxpluginwrapper: this is an horrible hack for DragonflyBSD and FreeBSD. It's an userland linux to openbsd functions wrapper. Scary, but it works. It easily compiles on OpenBSD but don't expect it to run without much tweaking. - GenRes, a generic scriptable plugin. It's designed to use external programs for EMBED and OBJECT tags , like OpenOffice documents, mplayer, etc. Is there a standalone Flash 9 player for Linux, or is it easy to build one around the plugin? If this is the case, we could get Flash 9 run as an external Linux app, and GenRes would be the bridge to Firefox / Seamonkey / Konqueror. That strongly reminds me of Microsoft ActiveX. And we all know the security problems with that. Best regards,
Re: Intel ICH8DO Raid support
Tom Spencer wrote: Jonathan, Thanks for the reply, but I'm not exactly sure I understand. When you say "the disks will show up" - does that mean the individual disks, or the raid volume set? It means the individual disks will show up in /dev I'm also not sure I understand what you mean by it not being a real hardware RAID controller. Is it like a WinModem, where the driver is doing all the work? Yes Thanks again, Tom Jonathan Gray wrote: On Sun, Jan 07, 2007 at 03:05:47PM -0800, Tom Spencer wrote: I've been looking at buying the Intel DQ965GFEKR motherboard, but I need the onboard RAID (I can't afford to buy a separate raid controller for this setup). From what I can tell it uses the ICH8DO chipset, which doesn't appear to be supported in OBSD currently. Am I mistaken, does it work now? Or, if I am correct, is there any expectation that it will be supported any time soon? Thanks, Tom It doesn't actually have a real hardware RAID controller. What is there should work in the disks will show up normally and be usable sense though.
Re: reverse http proxy on OpenBSD (or not)?
Soner Tari wrote: Hi All, On my network, ASP sites are served on a Microsoft IIS, and PHP sites are on OpenBSD Apache, and there is only one Internet connection with a single IP (all DNS records point to this IP). Since these web servers run on different hardware/IPs, I need to distribute http requests based on the requested URL, thus I think I need a reverse http proxy (Q1: am I right?) running on my firewall (OpenBSD, of course). So I've found Pound v2.2. I think it works fine, does the job, and is very simple to configure, with a caveat being that I had to build openssl again with threads enabled. I also thought that Apache in reverse proxy mode could do the job, but I failed to have OpenBSD httpd running in that mode. (Q2: could somebody point me to a help page which describes how to do that?) (Note that http://www.apachetutor.org/admin/reverseproxies deals with Apache 2 only. And I'm not sure that would help anyway.) I could not find another reverse proxy package among OpenBSD ports/packages (Q3: is there any other reverse proxy package?). Probably, there is another (or the right) way of doing all this (Q4: could somebody give any hint?). Thanks, Why don't you just use pound then?
Re: OpenBSD motherboard
J.C. Roberts wrote: On Thursday 28 December 2006 15:33, Anthony Hennessy wrote: I was thinking of using an Intel S3000AHLX because of their high build quality Either your personal experience with Intel mother boards is a statistical anomaly, or you've mistakenly believed the hype told by Intel sales and marketing. Yes, Intel does employ some top-notch engineers and yes, extreme care is used when designing and building a small subset of their boards, but said subset are not mass market boards and are not available to the general public. The subset where extreme care is used is mainly their specialized designs used for internal chip/device development and testing within Intel itself. The stuff built for internal Intel use is absolutely beautiful and is as close to flawless as one can imagine. The publicly available mass market mother boards with the Intel brand stamped on them are usually not engineered, designed or built by Intel. Worse yet, they are roughly reference designs built with a primary emphasis on cost. Intel dictates the specs, features and price point, then the work is farmed out to the lowest bidder. Dell and other brand name "System Vendors" regularly take the Intel designs and tweak them further to differentiate features and/or further reduce costs (as well as the usual bug fixing). You should think of Intel branded mother boards the same way you think about Microsoft branded keyboards and mice... -A known brand name slapped on the work of another, unknown company, simply because the mistakenly trusted brand name will sell. If you're really after "build quality" in a mother board, you'd be better off with SuperMicro for Intel procs. If you'd consider AMD Opteron, Sun is well known for their over-engineering, but truth be told, all of the Sun Opteron stuff is actually engineered and built by Sanmina-SCI yet in this case, it is extremely high quality work. DISCLAIMER: Yes, I'm the same idiot who writes the PCB layout analysis software available at www.DesignTools.org, not all designs are done with the Cadence tool chain, and layout is only one chunk of many in the process of building a high quality board. Kind Regards, JCR I can "confirm" this and must say that lately, the quality of intel boards is bad. Very bad. Of 30 workstations 4 motherboards turned up broken, the SATA controller on a server motherboard went foobar (and lost all data in the process) and the IDE controller on another intel server motherboard broke twice (!!). You're better off with some regular motherboard from MSI or gigabyte, when it's broken you just replace it by something else. If you really want decent stuff go with supermicro like mr. jc roberts suggests. They have motherboards for amd processors too. Glenn
Re: Commands don't work after rm -rf /*
Shane J Pearson wrote: On 06/12/2006, at 12:14 PM, Bryan Irvine wrote: It's the anti-unix newbie avoidance system. I propose a source change to rm that *after* it has completed removing / it then displays a dialog that "the system would prefer it if you ran windows millennium". ;) Oh man, that's low. I can understand being sentenced to Windows, but ME? That's harsh. Yeah true, the whole 9x series are the worst operating systems in history. I do like windows xp though. Glenn
Re: Missile Launcher For OpenBSD?
Sam Fourman Jr. wrote: Does anyone have one of these? http://www.latestbuy.com.au/usb_missile_launcher.html I was wondering if this would work in OpenBSD Sam Fourman Jr. Finally, a solution to the "physical access == root access" ;-)
Re: Oldest Server you run
Intel Pentium 1 166 Mhz (with mmx!) 32 MB RAM Network: 1 x fxp & 1 x ne Hard Disk: Western Digital 80 GB IDE Connection internet: 15 mbit cable http://redshift.mine.nu:8080/~glenn/phpsysinfo/ Falk Husemann wrote: Hello List! We're trying to put an old server to good use again and would like to know what's exactly the oldest machine running OpenBSD? As machine we defined something with processor, ram, network, hard disk and a connection to the internet. So no Newton or toaster (at least not if there's no disk being toasted). Thank you in advance, Falk
Re: Firefox/Iceweasel in OpenBSD
David Sampson wrote: Due to the recent flair over the use of the Firefox logo, the GNU camp has decided to fork the entire project, into IceWeasel. The idea here is that they can't use the FF logo freely, so of course they must fork it. I just want to know how this is going to affect the OpenBSD camp, if at all. David Sampson Actually I quickly read the license file included with the source distribution of firefox, and found no reason why the logo/name can't be used in custom builds. I'm no license expert, but does anyone have a clue how mozilla decided that builds other than those from mozilla can't use the name/logo? Imho that was a pretty stupid decision by the mozilla team, things like names and logos are one of the most important aspects in marketing. It would be foolish to wreck it. Finally, how do the mozilla developers feel about this? Do they agree with this "management decision"? Glenn
Re: Version 4.0 release
Theo de Raadt wrote: I see 4.0 is coming out, and yet, no hardware raid support, no fixes for raidframe, and still no SMP support, for sparc64 on Ultrasparc II machines. I'm using only 1 processor out of 4, and 4 hard drives out of 30 because I can't hardware raid my enterprise fiberchannel array, I can't hardware raid the majority of the drives in my E450, and because raidframe is so old and buggy, I can't raid5 any of it, and am left mirroring my 2 boot drives together, and 2 data drives together. This is a $125,000 machine 5 years ago, and I treat it no better than some crappy i686 box because security is my primary issue. If I went with another OS, I could get a lot of the functionality I want, but what good is it, if some 12 y/o kid in pakistan can hack my box. I just can't see why SMP and hardware raid aren't supported on sparc64/II. Thanks at least for a very secure OS. I've been online now for 6 months on this E450 with no hacks. We welcome code submissions. I think you have no idea at all how much effort it takes to support all the things we do, and you are just being rude. Actually I agree with David B. here. I know developing an OS is a huge task and with nothing but security on your mind, building bridges seems a trivial task compared to it. However having more than one processor is rapidly becoming a commodity and not supporting enough hardware is a death stab. If a 5 year old RAID controller is not supported, what can be expected in the future? Yes I'm sure there isn't enough documentation available, license disagreements, etc... but come on, it's 5 years old! You would think _somebody_ would at least make an attempt at it. I can imagine OpenBSD being reduced to something that is used on embedded devices. It's not really much for desktop (compared with other operating systems) and without decent SMP support and a huge list of RAID controllers, active use of OpenBSD in server environments could drop rapidly. Even the most basic servers nowadays are equipped with a dual core processor. If OpenBSD's performance/scalability doesn't improve this is the most likely scenario. Yes I'm pretty sure that OpenBSD features a lot of proper, decent and intuitive code, but performance in some areas lacks tremendously. I'm not saying OpenBSD is a bad operating system. Far from it. However I would only use it for routers, firewalls, bridges, etc... Anything that has to do with networking because after all, OpenBSD's networking is great. Outside these areas OpenBSD is just too slow and doesn't support enough hardware. Asking for code submission if you want feature x or y doesn't really float my boat. I only do some high level programming and I know nothing about kernel internals. I use it where it fits me and equals customer benefit. If it doesn't I need to search for something else. We are all specialized in our field, you can't ask a butcher to do a heart operation even if they both handle meat all the time. Please note that this is all IMHO. Glenn
Re: [Love Letter] Functionnality vs State of mind
Bruno Carnazzi wrote: Hi misc, I'd just like to say that nowadays, in free software world (real free software, not open source), from my point of view, I feel you have to choose between "featurefullness" and state of mind. By state of mind, I mean project goals and moral values. From this point of view, I love OpenBSD operating system, they are the core of the free software ideas and values. I have a Linux background, and despite Linux featurefullness, I feel it's a technical mess (blobs, unstable api, desynched userland/kernel) and Linux is getting more and more money-driven by big companies such as IBM, HP & friends... This is not free software values from my point of view. Free software is about code, knowledge and people. Linux is about functionnalities-through-blobs, NDA, and big companies. This is definitively not a good way. I don't mind if OpenBSD lacks some stuff right now. I can wait, and help. Thank you for your contribution for building a more human world in your technical area. OpenBSD guys, you rules ! :) Best regards, Bruno. PS: Excuse my approximative english (I try to improve !) Just for the record, FreeBSD isn't holy too.
Re: The new 4.0 song(s)
Yeah! This one will definitely score some chicks! Theo de Raadt wrote: We have just put up the new songs for 4.0 There are two... well, there is one for 4.0, but there is an extra song that Ty made by himself (without any input from us) specifically for the audio CD. Much to our amusement that track relates so strongly to the current Intel (open source frauds) situation, so I decided to release the audio for that on the net as well. Enjoy at http://www.openbsd.org/lyrics.html
Re: Good Bye OpenBSD/cats
Dale Rahn wrote: Sigh. It is time to say good bye to another OpenBSD port. OpenBSD/cats will no longer be supported and shortly, cats specific files will be obsoleted from the OpenBSD source tree. Cats was a nice ARM architecture to get OpenBSD started on the ARM cpu. However at this point there is little incentive to continue supporting it. The extremely few running machines in developers hands along with the speed/usefulness of the machine compounded with the number of estimated users just doesn't warrant the effort. Realize that OpenBSD/zaurus and OpenBSD/armish would have been much harder to get started if OpenBSD/cats had not existed, however at this point it has no significant use. Time to spend our time on more useful pursuits. A clever decision. Imho.
Re: Do mp3 concatenation programs exist?
Peter Philipp wrote: On Sat, Jul 15, 2006 at 11:09:13PM +0200, Timo Schoeler wrote: if there were some more guys like you authenticating every minute, there'd be no chance to get authenticated in a decent amount of time. you'd be offline due do a self caused DDoS, rendering the RADIUS machines (or whatever they might use) into slaves doing dull work :D It's not a DDoS. Computers are almighty today, if they can't be pushed to do their freakin' work they may as well be sniffing your packets all day long right? If RADIUS is too slow, start caching, memory is cheap. There is a lot of solutions and technical solutions around this. And it's this service that people pay for anyhow. You haven't heard of an mp3 concatenate utility either right? Computers aren't almighty. Why the hell am I even replying to you? If you don't want to authenticate, don't use PPPoE then. What you are trying to do is idiotic. This topic is by far the most ridiculous I have ever read. What's the point? What do you expect from us? And you ARE bothering your ISP's authentication servers. Just because they have enough of processing power to serve your requests, doesn't allow to abuse it. Get a life, you computer pervert!
Router with NAT and DMZ host
Hi everyone I've got a simple router set up as home, replacing an old US Robotics 8000. I set up NAT translation with pf. I have the following rules: -- begin /etc/pf.conf -- red_if="ne3" green_if="fxp0" dmz_host="192.168.0.102" dmz_ports="{1024:65535}" local_public_services="{, 8080}" set skip on lo # NAT nat on $red_if from $green_if:network to any -> ($red_if) # Local public services rdr on $red_if proto tcp from any to any port $local_public_services -> 127.0.0.1 # DMZ Host rdr on $red_if proto tcp from any to any port $dmz_ports -> $dmz_host -- end /etc/pf.conf -- green_if is the interface to my local network, red_if is the interface to the internet. the ne3 is configured as DHCP. The DMZ host is meant for my computer, because I run a lot of software that require alot of open ports, so I always set it up as a DMZ host (as like I did with the US Robotics router). The local_public_servers is for two servers running on the router itself, prohibiting it being forwarded to the dmz_host. Now there is one issue remaining, for some reason I cannot surf the internet, make an FTP connection, etc... from the router itself. When try to surf the internet lynx hangs at "making http connection to x". So how do I fix this? Is there some problem with my network configuration, or did I configure something wrong in pf.conf? Thanks! Best Regards Glenn Matthys Some other information that might be useful: # route -n show Routing tables Internet: DestinationGatewayFlagsRefs UseMtu Interface default81.164.128.1 UGS 0 915573 - ne3 81.164.128/20 link#2 UC 00 - ne3 81.164.128.1 00:30:b8:c1:85:20 UHLc00 - ne3 81.164.133.29 127.0.0.1 UGHS00 33224 lo0 127/8 127.0.0.1 UGRS00 33224 lo0 127.0.0.1 127.0.0.1 UH 0 153 33224 lo0 192.168.0/24 link#1 UC 00 - fxp0 192.168.0.102 00:11:09:cb:62:5c UHLc0 1556226 - L fxp0 224/4 127.0.0.1 URS 00 33224 lo0 Internet6: DestinationGatewayFlags Refs UseMtu Interface ::/104 ::1UGRS 00 - lo0 ::/96 ::1UGRS 00 - lo0 ::1::1UH 00 33224 lo0 ::127.0.0.0/104::1UGRS 00 - lo0 ::224.0.0.0/100::1UGRS 00 - lo0 ::255.0.0.0/104::1UGRS 00 - lo0 :::0.0.0.0/96 ::1UGRS 00 - lo0 2002::/24 ::1UGRS 00 - lo0 2002:7f00::/24 ::1UGRS 00 - lo0 2002:e000::/20 ::1UGRS 00 - lo0 2002:ff00::/24 ::1UGRS 00 - lo0 fe80::/10 ::1UGRS 00 - lo0 fe80::%fxp0/64 link#1 UC 00 - fxp0 fe80::280:5fff:feb7:7a44%fxp0 00:80:5f:b7:7a:44 UHL 00 - lo0 fe80::%ne3/64 link#2 UC 00 - ne3 fe80::240:caff:fe10:fcb%ne300:40:ca:10:0f:cb UHL 00 - lo0 fe80::%lo0/64 fe80::1%lo0U 00 - lo0 fe80::1%lo0link#6 UHL 00 - lo0 fec0::/10 ::1UGRS 00 - lo0 ff01::/32 ::1UC 00 - lo0 ff02::%fxp0/32 link#1 UC 00 - fxp0 ff02::%ne3/32 link#2 UC 00 - ne3 ff02::%lo0/32 ::1UC 00 - lo0 # # cat /etc/hostname.fxp0 inet 192.168.0.2 255.255.255.0 NONE # # cat /etc/hostname.ne3 dhcp NONE NONE NONE # and a dmesg for completeness' sake # dmesg OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium/MMX ("G
Re: What does that drive access every 3 seconds?
Can you show us the output of lsof? Peter Philipp wrote: Hi, I have an ibook that has a broken ata controller and thus I boot and run the OS off an USB stick. It ran fine for months on a 512 MB stick until 3.9 which increased the size (I think of the libraries) of OpenBSD, I switched to a 1 gig stick which surprisingly came down in cost the last little while. I've configured the system to use disk as little as possible, it uses a small MFS for /tmp, processes like cron are disabled, syslogd writes to its memory ringbuffers, filesystems when possible are noatime. However on the led on the USB stick I notice a disk operation every 3 seconds or so. I ktraced every process and found that none is writing or reading, so it must come from the kernel. What operation in the kernel causes reads / writes like this? I originally thought update does this but I'm sorta skeptical since there is nothing to write/sync to the filesystem.. Here is some data if it helps any.. $ df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/sd0a 815M515M259M67%/ mfs:21581 15.7M6.0K 14.9M 0%/tmp $ mount /dev/sd0a on / type ffs (local, noatime) mfs:21581 on /tmp type mfs (asynchronous, local, nodev, nosuid, size=32768 512-blocks) $ ps ax PID TT STAT TIME COMMAND 1 ?? Is 0:00.01 /sbin/init 21581 ?? Is 0:00.02 /sbin/mount_mfs -o rw -s 32768 -o nodev -o nosuid /dev/sd0 2635 ?? Is 0:00.01 dhclient: gem0 (dhclient) 6060 ?? Is 0:00.01 syslogd: [priv] (syslogd) 25663 ?? I 0:00.23 syslogd -a /var/empty/dev/log -s /var/run/syslogd.sock -a 193 ?? Is 0:00.01 /usr/sbin/apmd 11319 ?? Is 0:13.87 SCREEN (screen) 6351 p0 Is 0:00.08 /bin/ksh 29520 p0 I+ 0:00.06 /usr/bin/cu -l /dev/cuaU0 -s 9600 25830 p0 I+ 0:01.30 /usr/bin/cu -l /dev/cuaU0 -s 9600 3676 p1 Is 0:00.07 /bin/ksh 4394 p1 R+ 0:00.01 ps -ax 11940 C0- I 0:00.00 dhclient: gem0 [priv] (dhclient) 12415 C0 Is 0:01.10 -ksh (ksh) 24495 C0 I+ 0:00.03 screen $ [ using 338996 bytes of bsd ELF symbol table ] console out [ATY,RageM3p29s]console in [keyboard] ADB found : memaddr 9400 size 400, : consaddr 96008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000: width 1024 linebytes 1024 height 768 depth 8 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2006 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.9 (GENERIC) #853: Tue Feb 28 22:42:40 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 134217728 (131072K) avail mem = 110862336 (108264K) using 1254 buffers containing 6709248 bytes (6552K) of memory mainbus0 (root): model PowerBook4,1 cpu0 at mainbus0: 750 (Revision 0x2214): 499 MHz: 256KB backside cache memc0 at mainbus0: uni-n ki2c0 at memc0 offset 0xf8001000 iic0 at ki2c0 mpcpcibr0 at mainbus0 pci: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 "Apple Pangea AGP" rev 0x00 vgafb0 at pci0 dev 16 function 0 "ATI Mobility M3" rev 0x02, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0 pci: uni-north, Revision 0x0 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 "Apple Pangea" rev 0x00 macobio0 at pci1 dev 23 function 0 "Apple Pangea Macio" rev 0x00 openpic0 at macobio0 offset 0x4: version 0x4614 macgpio0 at macobio0 offset 0x50 macgpio1 at macgpio0 irq 47 "programmer-switch" at macgpio0 not configured "firewire-linkon" at macgpio0 not configured "gpio1" at macgpio0 not configured "gpio9" at macgpio0 not configured "extint-gpio4" at macgpio0 not configured "extint-gpio12" at macgpio0 not configured "escc-legacy" at macobio0 offset 0x12000 not configured zsc0 at macobio0 offset 0x13000: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 tumbler0 at macobio0 offset 0x1: irq 30,1,2 "timer" at macobio0 offset 0x15000 not configured adb0 at macobio0 offset 0x16000 irq 25: via-pmu, 3 targets akbd0 at adb0 addr 2: PowerBook G4 keyboard (Inverted T) wskbd0 at akbd0: console keyboard, using wsdisplay0 ams0 at adb0 addr 3: EMP trackpad 2-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x5, 100% charged "battery" at macobio0 offset 0x0 not configured "backlight" at macobio0 offset 0xf300 not configured ki2c1 at macobio0 offset 0x18000 iic1 at ki2c1 wdc0 at macobio0 offset 0x1f000 irq 19: DMA wd0 at wdc0 channel 0 drive 0: wd0: 16-sector PIO, LBA, 14403MB, 29498112 sectors wd0(wdc0:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 4 audio0 at tumbler0 ohci0 at pci1 dev 24 function 0 "Apple Pangea USB" rev 0x00: irq 27, version 1.0 usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 "Apple Pangea USB"
Re: why is there . [dot] in default PATH?
Jon Kent wrote: Hi, This one kinda supprised me. When I was looking around by new 3.8 install I noticed that in /etc/skel/.profile that PATH contains a . in it, which I found supprising as I've always assumed that this was not a sensible thing to do. I've taken it out as I'm not too happy when having the current directory in the path. Any ideas why this is there? Thanks I cannot see how this would be exploitable. root doesn't have . in it's PATH. Other people were discussing cat and cta for example. For this to work, one would have to be able to write to the victim's home directory, and - of course - the victim would have to make that typo. And it only works when targeting a user, not the computer itself. I would consider it something handy, in case you don't have write access outside your home directory, so you can use your own executables, that can be executed without adding the full path. In my opinion this bug|feature|exploit doesn't pose any threat to system security. Actually that . has been there since the very first version of skel/dot.profile CVS check in. Glenn
Re: OpenBSD has bad security
[EMAIL PROTECTED] ~]$ nslookup > www.wideopenbsd.org www.wideopenbsd.org A 129.128.5.191 > 129.128.5.191 Name: openbsd.sunsite.ualberta.ca Address: 129.128.5.191 > www.openbsd.org www.openbsd.org A 129.128.5.191 > *** insert conspiracy theory here *** Bryan Irvine wrote: For a laugh go here. http://wideopenbsd.org/ I dunno what his deal is, all I can say is that I've run OBSD since 2.5, and not one of them has been rooted. Compare that with various Linuxes I've run that have been rooted/defaced/turned into zombies/warez/movie servers, and I think what we've got is a genuine FUD site. Funny read though. --Bryan
Re: I can't find my scsi hard drives...
Openbsd User wrote: From: Otto Moerbeek <[EMAIL PROTECTED]> To: Openbsd User <[EMAIL PROTECTED]> CC: misc@openbsd.org Subject: Re: I can't find my scsi hard drives... Date: Mon, 6 Mar 2006 20:13:19 +0100 (CET) On Mon, 6 Mar 2006, Openbsd User wrote: > I've got two hard scsi drives in my server but the dmesg only says there is > one: > > sd0 at scsibus0 targ 0 lun 0: SCSI2 0/direct fixed > sd0: 69880MB, 8908 cyl, 255 head, 63 sec, 512 bytes/sec, 143114240 sec total Your card is a RAID card. It is very likely your two dirves have gotten themselves into the default mirroring setup, forming one logical drive. What does "bioctl ami0" say (assuming you have at least 3.8, next time post a complete dmesg!). $ sudo bioctl ami0 Volume Status Size Device ami0 0 Online 146695782400 sd0 RAID1 0 Online 146811125760 0:0.0 safte0 ATLAS10K5_146SCAJNZY> 1 Online 146811125760 0:1.0 safte0 ATLAS10K5_146SCAJNZY> Does this mean that there are two drives in my system working as raid device? Looks like it. > ami0 0 Online 146695782400 sd0 RAID1 Raid 1 = mirroring However, I see there's only 69880 MB available (sd0: 69880MB), and your drives are both 146 GB (MAXTOR ATLAS10K5_146SCAJNZY: is a 146 GB drive)
Re: X11 Demo programs
Dave Feustel wrote: The source and OpenBSD executables for five X11 demo programs is now available at http://dfeustel.home.mindspring.com/e-files.zip. The programs are xkey, xspy, xwatchwin, xghostwriter, and xevact. The code and makefiles have been tweaked enough to compile and run on OpenBSD 3.8, but the original unmodified code is contained in the .tgz files in the zip file. Xspy and xkey are key logging programs. I got one of these programs to log kde konsole keystrokes to a different user login running in console mode after I ran xhost + in the kde session. Xwatchwin allows you to peek at a window on another X server. Xghostwriter is supposed to make the x11 keyboard seem to be demonically possessed. It doesn't quite work, but probably can be made to work by anyone with a little x11 experience. Xevact is a more complicated program. Read the documentation to see what it does. I took the sound features out of the OpenBSD version of the program to get it to compile since I never use sound effects on my computer. Documentation of these programs is sparse, but adequate to run the programs. Have Fun, Dave Feustel My sister is a bigger threat to my system than these tools are...
Re: The Apache Question
Wouldn't it be better then to start a spinoff project (openhttpd or something comes to mind) instead of still calling it apache httpd 1.3? Stuart Henderson wrote: On 2006/02/07 21:23, RedShift wrote: I've noticed OpenBSD still uses Apache httpd 1.3. Well, not exactly. Diff the source trees and you'll see it's not quite the same thing...
The Apache Question
Hi everyone I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that on the OpenBSD side of things, it is maintained and there's an additional focus on security for httpd. However, sooner or later, httpd 1.3 *will be deprecated* in favor of newer versions (2.0, 2.2), and now certainly with 2.2 released. Are there any plans about when 2.2 (or 2.0) will be included in the base fileset? Or remove apache out of the fileset and let the users install it themselfs with a port? Glenn
Re: Why /bin/[
It's a digital phone for left-handed people. [EMAIL PROTECTED] wrote: Why is there a file called "[" in the /bin directory of my generic 3.8 build? 144 -r-xr-xr-x 2 root bin 72128 Sep 10 15:18 [ Tim B Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: multi-port NIC cards
33 Mhz * 32 bits = 1 056 000 000 bits per tick, 1 056 000 000 / 10^6 (1 megahertz = 10^6 ticks per second) = 1 056 megabits per second 1 056 / 8 = 132 megabytes per second It should actually be 100/3 Mhz. kami petersen wrote: Daniel Ouellet skrev: May be good, but the bus is PCI only if I am not mistaken looking at the spec. Not even PCI Express or PCI X, so it would be interesting to see, but if you are concern about congestions with the Intel one, may be this would be saturating the bus at 33MHz, or may be it might go at 66, but sure not 100 or 133 however. I saw some others, but none that support PCI Express as a minimum however. So, I discarded them. i haven't tested any 4 port nic's whatsoever yet, and don't know much about these things, but isn't the theoretical throughput of the 33 MHz 32-bit pci bus around ~1 Gbit/s? so, assuming the system is dedicated to routing, why would a theoretical maximum of ~0.4 Gbit/s be so hard to handle, especially as most of it should stay on the internal pci bus of the nic? kindly kami petersen
RAID on AAA-131U2
Hi I've set up a RAID 0 set on two 9 GB SCSI disks, using an Adaptec AAA-131U2 controller. However, when I want to install OpenBSD on it, I get asked for which disk should be the root disk. Ofcourse, I see two disks, sd0 and sd1. This probably means that the hardware RAID on the AAA-131U2 isn't supported, as I see the same with linux. Will it ever be supported? Glenn
Re: cloned route gets wrong mtu
Solar rays. Toni Mueller wrote: Hello, I just stumbled across a problem where a directly connected host gets a wrong MTU in his route entry in an OpenBSD 3.7 box. Network diagram: openbsd .1 -- linux .2 The two hosts are connected via Fast Ethernet which has a nominal MTU of 1500. The entry for the linux box in the OpenBSD's routing table says that the MTU is only 1428. This wasn't always the case, but occurred "suddenly" - without any known human interference. Manually deleting the route returned operation back to normal (the routing entry now shows a '-' in the MTU column). If you have an idea about how and why such things happen, I'd very much like to know. Thank you! Best, --Toni++
Re: Hardware RNG speed
I tought one of the new features of the Intel Pentium 4, was it's new real hardware-based random number generator, I remember reading about it. Also take a look at this: http://www.irisa.fr/caps/projects/hipsor/HAVEGE1.0.html If you need alot of random numbers in a short time, you are looking for a pseudo-random device. Michael Alexander Hamburg wrote: Hello to the list, I'm working on a cryptography project, and one of the things the project requires is a moderately high-bandwidth source of truly random numbers. To accomplish this, I set up OpenBSD on a board with a (Soekris) Hifn 7955 accelerator card, but the rate I'm getting by reading out of /dev/srandom is pretty low (200B/s). However, this has to be coming from the card, because the machine has no other reasonable source of entropy other than the network: no hard drive, no keyboard, etc. Now, unless the card's specs are deceptive, its random number generator must support a higher rate than this: it claims 70 1024-bit Diffie-Hellman key exchanges per second, and each such key exchange requires a full 1024-bit random number, which comes out to 8.8kB/s. The minimum data rate for my application is about 1k/s, and I would strongly prefer not to use a PRNG. Is there a more direct way to query the RNG? random(4) claims that the RNG is not mapped directly to a device (/dev/random is not currently implemented), but rather that it periodically refreshes the system entropy pool. Is there a way to force this to occur more often, or to transfer more data? Or do the numbers lie, and I'm getting all the data I can? Thanks for your time, Mike Hamburg P.S. I'm looking at different sources of random numbers, and cost and integration are important factors. Would an AMD Geode LX or VIA C3 or C7 processor's on-board RNG provide a significantly higher data rate than a Soekris card, at a comparable quality?
Re: VIA fanless motherboard - NICS
Does it happen on *all* fxp cards? Even on other boxes using different motherboards/CPU's? Greg Mortensen wrote: On Sat, 17 Dec 2005, martin wrote: I'm looking at a VIA motherboard with the following NICS. 3 x INTEL 82551QM & 1x 82540EM (Gigabit) Any issues with these ? (Commell LE-564 - Eden 533MHz) If you intend on using the fxp NICs to do bridging with pf + "scrub" rules, you'll get kernel panics[1]. It's unclear what's actually causing them, though[2]. Other than that, they're fast little boxes. Regards, Greg [1] http://marc.theaimsgroup.com/?l=openbsd-bugs&m=113138720504668&w=2 [2] http://marc.theaimsgroup.com/?l=openbsd-bugs&m=113257636330953&w=2 \|/ ___ \|/[EMAIL PROTECTED]+- 2048R/38BD6CAB -+ @~./'O o`\.~@| 02BD EF81 91B3 1B33 64C2 | /__( \___/ )__\ | 3247 6722 7006 38BD 6CAB | `\__`U_/' +--+