Re: uninstalling packages
On Thu, 13 Dec 2018 11:20:37 +0100 Sebastian Benoit wrote: > --- -cups-2.2.8p1 --- > You should also run rm -rf /etc/cups/*.conf.O /var/log/cups > You should also remove /etc/cups/cupsd.conf (which was modified) > You should also remove /etc/cups/classes.conf (which was modified) > You should also remove /etc/cups/printers.conf (which was modified) > You should also remove /etc/cups/subscriptions.conf (which was modified) > You should also remove /etc/cups/snmp.conf (which was modified) > You should also run rm -rf /var/cache/cups > You should also run rm -rf /var/spool/cups > > If I want to actually delete all that stuff, thats a lot of > copy Are we actually expecting users to do that? It is trying to help by not deleting modified, cached & spooled files/logs. If /etc/cups/snmp.conf wasn't modified, it would already have been removed. The remove list depends on what the admin changed, which varies from machine to machine. If everything is backed up and you want to re-install it later, everything can be nuked. Simple version: rm -rf /etc/cups/ /var/cache/cups/ /var/log/cups/ /var/spool/cups/ or even: rm -rf /etc/cups/ /var/{cache,log,spool}/cups/ Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
Re: sshguard-2.2.0 (still problems with startup) Re: UPDATE: security/sshguard, 1.5-->2.1.0 (2nd try)
On Wed, 5 Dec 2018 17:11:46 -0500 trondd wrote: > The init process send HUP. If HUP means to shutdown, it's not going > to work. Oh That could explain these 2014/15 hack "solutions": http://marc.info/?l=openbsd-ports=142109480706198 http://marc.info/?l=openbsd-ports=141951815113690 Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
Re: Drop maintainership completely
On Fri, 10 Aug 2018 01:56:58 +0300 (EEST) Leonid Bobrov wrote: > ... ignore my update over 2 weeks ... Summer holidays/people out enjoying the weather/with family/etc? Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
Re: webmail
On Mon, 22 Jan 2018 17:33:30 +0100 Jan Stary wrote: > What do people use as a light-weight webmail Base ssh & packaged mutt. (Works fine with PuTTY on Widows, etc.) Cheers, -- Craig Skinner | http://linkd.in/yGqkv7
Re: sshguard 2.0 startup assistance
Hi J.B., On Sun, 8 Jan 2017 00:21:56 -0800 jungle boogie wrote: > During the boot up process, I can see sshguard attempts to > start but after a little while, it will fail. > > Any ideas on how to get sshguard to start at boot? > It crashes when /etc/rc exits (with a blacklist db file), so it needs to be started after /etc/rc has finished. Delayed @reboot cron or rc.local at(1) jobs both work: http://marc.info/?l=openbsd-ports=2=1=sshguard+boot Cheers, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
Re: [NEW] mail/ungrey-robins port
Hello, On 2016-05-07 Sat 23:27 PM |, Craig Skinner wrote: > Hi folks, > > Attached here is a new port of ungrey-robins: > > $ fgrep COMMENT Makefile > COMMENT= pf spamd auto-whitelister of round-robin SMTP clients > > > $ cat pkg/DESCR > ungrey-robins assists postmasters by automatically whitelisting > round robin SMTP clients (which often fail to pass greylisting), > without resorting to manual maintenance of whitelists. > Here's 1 of the included syslog samples, showing auto-whitelisting: Feb 15 20:56:15 teak spamd[12533]: 209.85.220.50: connected (1/0) Feb 15 20:57:51 teak spamd[326]: new entry 209.85.220.50 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f50.google.com Feb 15 20:57:51 teak spamd[12533]: 209.85.220.50: disconnected after 96 seconds. Feb 15 21:01:16 teak spamd[12533]: 209.85.220.41: connected (1/0) Feb 15 21:02:47 teak spamd[326]: new entry 209.85.220.41 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f41.google.com Feb 15 21:02:47 teak spamd[12533]: 209.85.220.41: disconnected after 91 seconds. Feb 15 21:22:24 teak spamd[12533]: 209.85.220.44: connected (1/0) Feb 15 21:24:00 teak spamd[326]: new entry 209.85.220.44 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f44.google.com Feb 15 21:24:00 teak spamd[12533]: 209.85.220.44: disconnected after 96 seconds. Feb 15 21:54:07 teak spamd[12533]: 209.85.220.54: connected (1/0) Feb 15 21:55:42 teak spamd[326]: new entry 209.85.220.54 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f54.google.com Feb 15 21:55:43 teak spamd[12533]: 209.85.220.54: disconnected after 96 seconds. Feb 15 22:45:57 teak spamd[12533]: 209.85.220.52: connected (1/0) Feb 15 22:47:32 teak spamd[326]: new entry 209.85.220.52 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f52.google.com Feb 15 22:47:33 teak spamd[12533]: 209.85.220.52: disconnected after 96 seconds. Feb 15 23:50:00 teak spamd[12533]: 209.85.220.50: connected (1/0) Feb 15 23:51:36 teak spamd[12533]: 209.85.220.50: disconnected after 96 seconds. Feb 15 23:52:09 teak spamd[18136]: queueing add of 209.85.220.50 Feb 15 23:52:09 teak spamd[18136]: whitelisting 209.85.220.50 in /var/db/spamd Feb 16 00:11:02 teak ungrey-robins: 209.85.160.177 mail-yk0-f177.google.com. scored 18 (granted grace) Feb 16 00:11:03 teak ungrey-robins: 209.85.220.41 mail-pa0-f41.google.com. scored 18 (granted grace) Feb 16 00:11:03 teak ungrey-robins: 209.85.220.52 mail-pa0-f52.google.com. scored 18 (granted grace) Feb 16 00:11:04 teak ungrey-robins: 209.85.220.44 mail-pa0-f44.google.com. scored 17 (granted grace) Feb 16 00:11:05 teak ungrey-robins: 209.85.220.54 mail-pa0-f54.google.com. scored 18 (granted grace) Feb 16 00:11:05 teak ungrey-robins: spamdb whitelisted: 209.85.160.177 209.85.220.41 209.85.220.52 209.85.220.44 209.85.220.54 Feb 16 00:44:18 teak spamd[12533]: 209.85.220.43: connected (1/0) Feb 16 00:45:53 teak spamd[326]: new entry 209.85.220.43 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f43.google.com Feb 16 00:45:53 teak spamd[12533]: 209.85.220.43: disconnected after 95 seconds. Feb 16 00:58:13 teak spamd[18136]: queueing deletion of 209.85.220.50 mail-pa0-f50.google.com <redac...@gmail.com> <redac...@britvault.co.uk> Feb 16 01:03:13 teak spamd[18136]: queueing deletion of 209.85.220.41 mail-pa0-f41.google.com <redac...@gmail.com> <redac...@britvault.co.uk> Feb 16 01:24:14 teak spamd[18136]: queueing deletion of 209.85.220.44 mail-pa0-f44.google.com <redac...@gmail.com> <redac...@britvault.co.uk> Feb 16 01:56:18 teak spamd[18136]: queueing deletion of 209.85.220.54 mail-pa0-f54.google.com <redac...@gmail.com> <redac...@britvault.co.uk> Feb 16 02:16:56 teak spamd[12533]: 209.85.220.45: connected (1/0) Feb 16 02:18:31 teak spamd[326]: new entry 209.85.220.45 from <redac...@gmail.com> to <redac...@britvault.co.uk>, helo mail-pa0-f45.google.com Feb 16 02:18:32 teak spamd[12533]: 209.85.220.45: disconnected after 96 seconds. Feb 16 02:48:20 teak spamd[18136]: queueing deletion of 209.85.220.52 mail-pa0-f52.google.com <redac...@gmail.com> <redac...@britvault.co.uk> Feb 16 04:11:03 teak ungrey-robins: 209.85.220.43 mail-pa0-f43.google.com. scored 17 (granted grace) Feb 16 04:11:03 teak ungrey-robins: 209.85.220.45 mail-pa0-f45.google.com. scored 18 (granted grace) Feb 16 04:11:04 teak ungrey-robins: spamdb whitelisted: 209.85.220.43 209.85.220.45 Feb 16 04:16:37 teak spamlogd[12344]: inbound 209.85.220.45 Feb 16 04:16:37 teak postfix/postscreen[7556]: CONNECT from [209.85.220.45]:34165 to [78.33.153.148]:25 Feb 16 04:16:38 teak postfix/dnsblog[24767]: addr 209.85.220.45 listed by domain hostkarma.junkemailfilter.com as 127.0.0.3 Feb 16 04:16:38 teak postfix/dnsblog[2
Re: [new] devel/cargo
On 2016-05-24 Tue 13:52 PM |, Theo de Raadt wrote: > > Any verbiage after "public domain" is purely advisory. So judge -- > either it has absolutely no impact and can be ignored, or the text is > dangerous. I cannot decide. > Here is an exposition of the 5 paragraphs: http://ar.to/2010/01/dissecting-the-unlicense Cheers. -- The opposite of a correct statement is a false statement. But the opposite of a profound truth may well be another profound truth. -- Niels Bohr
Re: [NEW] mail/ungrey-robins port
ping On 2016-05-07 Sat 23:27 PM |, Craig Skinner wrote: > Hi folks, > > Attached here is a new port of ungrey-robins: > > > $ fgrep COMMENT Makefile > COMMENT= pf spamd auto-whitelister of round-robin SMTP clients > > > $ cat pkg/DESCR > ungrey-robins assists postmasters by automatically whitelisting > round robin SMTP clients (which often fail to pass greylisting), > without resorting to manual maintenance of whitelists. > > > Also at: http://web.Britvault.Co.UK/products/ungrey-robins/ > With syslog samples, a more descriptive README + man pages in HTML too. > > > The project name of 'ungrey-robins' is a word play on: > o greylisting > o the 'un-' prefix, to mean not grey > o round-robin > o the popular and silly computer game 'Angry Birds' > > ungrey-robins is a computer tool which ungreylists silly squawking > round robin SMTP sending mail servers, which stupidly play about with > established Internet mail delivery standards. > > > Comments/improvements? > Craig. OpenBSD-port-ungrey-robins.tar.gz Description: application/tar-gz
[NEW] mail/ungrey-robins port
Hi folks, Attached here is a new port of ungrey-robins: $ fgrep COMMENT Makefile COMMENT= pf spamd auto-whitelister of round-robin SMTP clients $ cat pkg/DESCR ungrey-robins assists postmasters by automatically whitelisting round robin SMTP clients (which often fail to pass greylisting), without resorting to manual maintenance of whitelists. Also at: http://web.Britvault.Co.UK/products/ungrey-robins/ With syslog samples, a more descriptive README + man pages in HTML too. The project name of 'ungrey-robins' is a word play on: o greylisting o the 'un-' prefix, to mean not grey o round-robin o the popular and silly computer game 'Angry Birds' ungrey-robins is a computer tool which ungreylists silly squawking round robin SMTP sending mail servers, which stupidly play about with established Internet mail delivery standards. Comments/improvements? Craig. OpenBSD-port-ungrey-robins.tar.gz Description: application/gzip
Re: lynx on OpenBSD moved from base to ports
On 2016-04-13 Wed 20:46 PM |, Thomas Dickey wrote: > On Wed, Apr 13, 2016 at 10:01:19AM +0100, Craig Skinner wrote: > > Hello Thomas, > > > > Lynx was moved from OpenBSD's base to ports > > tree at release 5.6 (1st November 2014): > > http://www.openbsd.org/faq/upgrade56.html#ToPorts > > thanks for the reminder (I was aware of this, but had not thought of > the note in the webpage...) > > > OpenBSD > > (OpenBSD provides an older version in the base system, does not provide a > > port) > > http://lynx.invisible-island.net/current/index.html > > done > Thanks Thomas. The cvs@ mailling list post you linked to is about some html files, not the actual removal of lynx from base. This commit log seems better: http://marc.info/?l=openbsd-cvs=140547383709719 (A related item: http://marc.info/?l=openbsd-cvs=140547620010284) My gut instinct is OpenBSD people might be more comfortable with the OpenBSD.org links provided, rather than those offsite. http://www.openbsd.org/faq/upgrade56.html#ToPorts http://www.openbsd.org/56.html http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/lynx/ Here is a link to the tech@ mailling list long discussion: http://news.gmane.org/group/gmane.os.openbsd.tech/thread=37492 Or 4 pages. starting from here: http://openbsd-archive.7691.n7.nabble.com/lynx-disable-old-protocols-td251700.html Thanks again! -- How wonderful opera would be if there were no singers.
lynx on OpenBSD moved from base to ports
Hello Thomas, Lynx was moved from OpenBSD's base to ports tree at release 5.6 (1st November 2014): http://www.openbsd.org/faq/upgrade56.html#ToPorts "Lynx has been removed from the base system and added to the ports tree." http://www.openbsd.org/56.html Web link to the port: http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/lynx/ Recently, the port has also been pledged: http://man.openbsd.org/pledge Please update this (and any other pages) which currently reads: OpenBSD (OpenBSD provides an older version in the base system, does not provide a port) http://lynx.invisible-island.net/current/index.html Cheers! -- The party adjourned to a hot tub, yes. Fully clothed, I might add. -- IBM employee, testifying in California State Supreme Court
Re: moving sudo to ports
On 2015-06-18 Thu 14:38 PM |, Todd C. Miller wrote: After discussions with Theo we've agreed to move sudo from base to ports. That way people who want sudo can run a modern version, as opposed to the ancient thing in base. Superb. http://marc.info/?l=openbsd-bugsm=142270265216628w=2 Thanks. -- Rembrandt's first name was Beauregard, which is why he never used it. -- Dave Barry
[NEW] print/cups-readonly-usr
Hi there, Works for me, maybe it's useful for others too. NO_BUILD, just an alternative rc script + {en,dis}able script: $ cat pkg/DESCR An alternative CUPS rc script toggle script, which enables CUPS to run on production boxes which usually read-only mount /usr (and /usr/local). Items in /usr, /dev /etc aren't altered with each CUPS start/box boot. For print servers running cupsd, not for clients using cups_browsed. Inspiration taken from the postfix-{enable,disable,install} scripts, with much code copied from the cupsd rc script and into 'cups-toggle (enable|disable)'. See: http://marc.info/?t=14342232901 Cheers, Craig. cups-readonly-usr.tar.gz Description: application/tar-gz
Re: [UPDATE] print/cups enable/disable script for ro /usr mount
On 2015-06-14 Sun 08:36 AM |, Antoine Jacoutot wrote: On Sat, Jun 13, 2015 at 10:31:28PM +0100, Craig Skinner wrote: On 2015-06-13 Sat 22:39 PM |, Antoine Jacoutot wrote: On Sat, Jun 13, 2015 at 08:18:41PM +0100, Craig Skinner wrote: Inspiration taken from the postfix-{en,dis}able,install scripts: Much moved out of the rc script and into 'cups-toggle (enable|disable)'. I prefer the way it's done now. It's automatic -- I don't want to have to remember to run yet another command each time I update (which is very often). As the changes made to /dev, /etc /usr by either script aren't in PLIST, they should be OK during an upgrade. The /usr symlinks just point to upgraded files in /usr/local Ownership of the /dev items wont matter. /etc/printcap isn't in PLIST as it's a symlink to a cups generated file. So once cups-toggle is run once, /usr can be mounted read only. And then /usr/local after the install/upgrade too. Also /usr, /dev /etc aren't altered with each reboot. Would something like these in the PLIST automate it Antoine? @extraexec ${TRUEPREFIX}/sbin/cups-toggle enable @extraunexec ${TRUEPREFIX}/sbin/cups-toggle disable No because that means it will run at pkg_add time -- which is not good at all. In that case, is the MESSAGE better? As 'cups-toggle disable' needs run before cups-toggle is removed, I put in an @extraunexec rather than an UNMESSAGE. At least with the rc.d script it makes sense: if I want to start cups, then I obviously want it to replace lpd the time it is running. And when I stop it, lpd is back. Sorry Antoine,... I don't understand;- If CUPS has been set up as the printing system, why would lpd be needed back regularily on a production host? Postfix doesn't renable smtpd on each stop/start. Does nginx do that for httpd? I don't run that many daemons. Are there other base replacing daemons which do this enable/disable dance each stop/start? Confused. -- UNIX was half a billion (5) seconds old on Tue Nov 5 00:53:20 1985 GMT (measuring since the time(2) epoch). -- Andy Tannenbaum
[UPDATE] print/cups enable/disable script for ro /usr mount
]; then - mv -f $i.pre-cups $i - fi - done - fi - fi + # XXX cups-driverd(8) can crash when setting up a printer driver + # find /var/cache/cups -type f -name ppds.dat -exec rm -- {} \; - [ -e /dev/lpt0 ] chown root /dev/lp[a,t][0-2] + # rcexec is needed if openfiles limits are bumped and cupsd(8) + # runs in debug mode to prevent MaxClients warnings in logs + ${rcexec} ${daemon} ${daemon_flags} -t } + rc_cmd $1 --- /dev/null Sat Jun 13 19:28:37 2015 +++ pkg/MESSAGE-mainSat Jun 13 16:41:13 2015 @@ -0,0 +1,10 @@ +CUPS can be set up to replace lpd entirely. + +To backup the lp* tools and symlink in the CUPS replacements, do: + +${PREFIX}/sbin/cups-toggle enable + +To revert to the base lp* tools, do: + +${PREFIX}/sbin/cups-toggle disable + --- /dev/null Sat Jun 13 19:29:04 2015 +++ files/cups-toggle Sat Jun 13 19:17:39 2015 @@ -0,0 +1,161 @@ +#!/bin/ksh +# +# $OpenBSD$ +# +#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +# +# Copyright (c) 2015 Craig Skinner skin...@britvault.co.uk +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +# +#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +# + + +EX_USAGE='64' +BINARIES='/usr/bin/lp{q,r,rm} /usr/sbin/lp{c,d}' +MAN_PAGES='/usr/share/man/man1/lp{q,r,rm}.1 /usr/share/man/man8/lp{c,d}.8' + +readonly EX_USAGE BINARIES MAN_PAGES + + +function enable +{ + print $0() + + ${RCDIR}/lpd check + { + ${RCDIR}/lpd stop || return + } + + print -n 'Backing up:' + for _lpfile in ${BINARIES} ${MAN_PAGES} ${SYSCONFDIR}/printcap + do + [[ -f ${_lpfile} ]] || continue + [[ -h ${_lpfile} ]] continue + [[ -f ${_lpfile}.pre-cups ]] continue + print -n ${_lpfile##*/} + mv ${_lpfile} ${_lpfile}.pre-cups || return + done + print '.' + + [[ -h ${SYSCONFDIR}/printcap ]] || + { + print -n 'Symlinking ${SYSCONFDIR}/printcap' + ln -s ${SYSCONFDIR}/cups/printcap ${SYSCONFDIR}/printcap || return + print '.' + } + + print -n 'Symlinking binaries:' + for binary in ${BINARIES} + do + [[ -h ${binary} ]] continue + [[ -f ${TRUEPREFIX}/bin/${binary##*/} ]] + { + print -n ${binary##*/} + ln -s ${TRUEPREFIX}/bin/${binary##*/} ${binary} || return + continue + } + [[ -f ${TRUEPREFIX}/sbin/${binary##*/} ]] + { + print -n ${binary##*/} + ln -s ${TRUEPREFIX}/sbin/${binary##*/} ${binary} || return + continue + } + print -n ${binary##*/} + ln -s /usr/bin/false ${binary} || return + done + print '.' + + chown_lp_devs _cups +} + + +function disable +{ + print $0() + + ${RCDIR}/cups_browsed check + { + ${RCDIR}/cups_browsed stop || return + } + ${RCDIR}/cupsd check + { + ${RCDIR}/cupsd stop || return + } + + print -n 'Reverting to base:' + for _lpfile in ${BINARIES} ${MAN_PAGES} ${SYSCONFDIR}/printcap + do + [[ -h ${_lpfile} ]] + { + rm ${_lpfile} || return + } + [[ -f ${_lpfile}.pre-cups ]] || continue + print -n ${_lpfile##*/} + mv ${_lpfile}.pre-cups ${_lpfile} || return + done + print '.' + + chown_lp_devs root +} + + +function usage +{ + print -u2 usage: ${0##*/} (enable|disable) + exit ${EX_USAGE} +} + + +function chown_lp_devs +{ + print $0() $1 + userinfo -e $1 || return + + lp_devs='/dev/lp[a,t][0-2]' + log_devs_are=$(mktemp) + ls -l ${lp_devs} ${log_devs_are} + + for lp_dev in ${lp_devs} + do + [[ -c ${lp_dev} ]] || continue + [[ $(stat -f %Su ${lp_dev}) == $1 ]] continue + chown $1 ${lp_dev} || return + done + + log_devs_now
Re: [UPDATE] print/cups enable/disable script for ro /usr mount
On 2015-06-13 Sat 20:18 PM |, Craig Skinner wrote: Inspiration taken from the postfix-{en,dis}able,install scripts: Much moved out of the rc script and into 'cups-toggle (enable|disable)'. So as to not clutter the last mail, here's a sample script run: craig@spruce:~ 0$ sudo cups-toggle enable enable() Backing up: lpq lpr lprm lpc lpd lpq.1 lpr.1 lprm.1 lpc.8 lpd.8. Symlinking /etc/printcap. Symlinking binaries: lpq lpr lprm lpc lpd. chown_lp_devs() _cups devices are: crw--- 1 root wheel 16, 128 Jan 22 11:31 /dev/lpa0 crw--- 1 root wheel 16, 129 Jan 22 11:31 /dev/lpa1 crw--- 1 root wheel 16, 130 Jan 22 11:31 /dev/lpa2 crw--- 1 root wheel 16, 0 Jan 22 11:31 /dev/lpt0 crw--- 1 root wheel 16, 1 Jan 22 11:31 /dev/lpt1 crw--- 1 root wheel 16, 2 Jan 22 11:31 /dev/lpt2 devices now: crw--- 1 _cups wheel 16, 128 Jan 22 11:31 /dev/lpa0 crw--- 1 _cups wheel 16, 129 Jan 22 11:31 /dev/lpa1 crw--- 1 _cups wheel 16, 130 Jan 22 11:31 /dev/lpa2 crw--- 1 _cups wheel 16, 0 Jan 22 11:31 /dev/lpt0 crw--- 1 _cups wheel 16, 1 Jan 22 11:31 /dev/lpt1 crw--- 1 _cups wheel 16, 2 Jan 22 11:31 /dev/lpt2 lrwxr-xr-x 1 root wheel 18 May 28 21:27 /etc/printcap@ - /etc/cups/printcap lrwxr-xr-x 1 root wheel 18 May 28 21:27 /usr/bin/lpq@ - /usr/local/bin/lpq -r-xr-sr-x 1 root daemon 26660 Aug 8 2014 /usr/bin/lpq.pre-cups* lrwxr-xr-x 1 root wheel 18 May 28 21:27 /usr/bin/lpr@ - /usr/local/bin/lpr -r-sr-sr-x 1 root daemon 30724 Aug 8 2014 /usr/bin/lpr.pre-cups* lrwxr-xr-x 1 root wheel 19 May 28 21:27 /usr/bin/lprm@ - /usr/local/bin/lprm lrwxr-xr-x 1 root wheel 19 May 28 21:27 /usr/bin/lprm@ - /usr/local/bin/lprm -r-sr-sr-x 1 root daemon 26596 Aug 8 2014 /usr/bin/lprm.pre-cups* -r-sr-sr-x 1 root daemon 26596 Aug 8 2014 /usr/bin/lprm.pre-cups* lrwxr-xr-x 1 root wheel 19 May 28 21:27 /usr/sbin/lpc@ - /usr/local/sbin/lpc -r-xr-sr-x 1 root daemon 37796 Aug 8 2014 /usr/sbin/lpc.pre-cups* lrwxr-xr-x 1 root wheel 14 May 28 21:27 /usr/sbin/lpd@ - /usr/bin/false -r-xr-s--- 1 root daemon 72452 Aug 8 2014 /usr/sbin/lpd.pre-cups* -r--r--r-- 1 root bin 4525 Aug 8 2014 /usr/share/man/man1/lpq.1.pre-cups -r--r--r-- 1 root bin 7230 Aug 8 2014 /usr/share/man/man1/lpr.1.pre-cups -r--r--r-- 1 root bin 4496 Aug 8 2014 /usr/share/man/man1/lprm.1.pre-cups -r--r--r-- 1 root bin 5799 Aug 8 2014 /usr/share/man/man8/lpc.8.pre-cups -r--r--r-- 1 root bin 9392 Aug 8 2014 /usr/share/man/man8/lpd.8.pre-cups Cheers -- Numeric stability is probably not all that important when you're guessing.
Re: [UPDATE] print/cups enable/disable script for ro /usr mount
On 2015-06-13 Sat 22:39 PM |, Antoine Jacoutot wrote: On Sat, Jun 13, 2015 at 08:18:41PM +0100, Craig Skinner wrote: Inspiration taken from the postfix-{en,dis}able,install scripts: Much moved out of the rc script and into 'cups-toggle (enable|disable)'. I prefer the way it's done now. It's automatic -- I don't want to have to remember to run yet another command each time I update (which is very often). Would something like these in the PLIST automate it Antoine? @extraexec ${TRUEPREFIX}/sbin/cups-toggle enable @extraunexec ${TRUEPREFIX}/sbin/cups-toggle disable Cheers. -- Zero Defects, n.: The result of shutting down a production line.
Re: [UPDATE] print/hplip + RUN_DEP of py-gobject
On 2015-06-06 Sat 09:46 AM |, Craig Skinner wrote: Hi, I've found installing the OpenPrinting HPLIP plugins with their python script needs py-gobject installed. So as to not clutter the last mail, here's steps to show the dep: $ cd $(mktemp -d) $ umask 022 $ sudo pkg_delete py-gobject $ sudo /etc/rc.d/dbus_daemon restart $ sudo /etc/rc.d/avahi_daemon restart $ sudo /etc/rc.d/cupsd restart $ ftp http://www.openprinting.org/download/printdriver/auxfiles/HP/plugins/hplip-3.15.4-plugin.run $ sh hplip-3.15.4-plugin.run --keep --nox11 --noexec $ cd plugin_tmp/ $ patch plugin_install.py /tmp/plugin_install.py.patch # attached here $ python ./plugin_install.py -g -i ... .. error: Unable to load pkit...is HPLIP installed? error: No module named gobject 162c162 except ImportError: --- except ImportError, e: 163a164 log.error(e)
[UPDATE] print/hplip + RUN_DEP of py-gobject
Hi, I've found installing the OpenPrinting HPLIP plugins with their python script needs py-gobject installed. FreshPorts shows devel/py-gobject as both build runtime dependencies: http://www.freshports.org/print/hplip/ I'm not sure if it would be better in some other port, such as py-dbus. Also update the README for mostly non-root plugins fetch/install: Index: Makefile === RCS file: /cvs/ports/print/hplip/Makefile,v retrieving revision 1.127 diff -u -p -r1.127 Makefile --- Makefile17 Apr 2015 04:18:13 - 1.127 +++ Makefile6 Jun 2015 07:49:27 - @@ -10,6 +10,7 @@ COMMENT-hpijs=HP ghostscript driver (s COMMENT-gui= HPLIP graphical tools V= 3.15.4 +REVISION= 0 DISTNAME= hplip-${V} SUBST_VARS=V @@ -107,6 +108,8 @@ LIB_DEPENDS-hpijs= print/hplip,-common \ # foomatic-rip(1), foomatic-db(-engine) RUN_DEPENDS-hpijs += print/cups-filters + +RUN_DEPENDS-hplip += devel/py-gobject ### -gui WANTLIB-gui += #empty Index: pkg/README-common === RCS file: /cvs/ports/print/hplip/pkg/README-common,v retrieving revision 1.6 diff -u -p -r1.6 README-common --- pkg/README-common 15 Aug 2014 15:45:38 - 1.6 +++ pkg/README-common 6 Jun 2015 07:49:27 - @@ -103,8 +103,10 @@ Plugin installation Some devices will not work properly without a corresponding proprietary binary plugin. HPLIP plugins automated installation is not available on OpenBSD but it can be installed manually by running the following as -root: -cd /tmp +non-root: +cd $(mktemp -d) ftp http://www.openprinting.org/download/printdriver/auxfiles/HP/plugins/hplip-${V}-plugin.run -/bin/sh ./hplip-${V}-plugin.run --keep 2/dev/null -cd plugin_tmp ${MODPY_BIN} ./plugin_install.py -i +umask 022 +/bin/sh ./hplip-${V}-plugin.run --keep --nox11 --noexec +cd plugin_tmp sudo ${MODPY_BIN} ./plugin_install.py -g -i +
Re: mj2.org
On 2015-03-13 Fri 07:47 AM |, Todd C. Miller wrote: On Tue, 10 Mar 2015 16:29:41 -, Kevin Chadwick wrote: I am looking into using majordomo with opensmtpd and I am unsure whether to use majordomo from ports or majordomo from mj2.org. Any advice? The OpenBSD list machine uses mj2 but it will take some minor patches to make it work with modern perl. Unfortunately, mj2 is effectively abandonware at ths point. mlmmj works well. Ported packaged runs the OpenSMTPd lists. -- Claude believed that only smart attractive people had the right to fuck, and it sincerely hurt him when he discovered evidence to the contrary. -- Tom Robbins
[UPDATE] security/sshguard: temp boot death workaround
Hi folks, Addition of pkg/{UN}MESSAGE with workarounds to sshguard's death on boot Sorry I don't know the root cause of the problem... Index: Makefile === RCS file: /cvs/ports/security/sshguard/Makefile,v retrieving revision 1.8 diff -u -p -r1.8 Makefile --- Makefile25 Mar 2014 12:31:50 - 1.8 +++ Makefile12 Jan 2015 20:17:18 - @@ -3,7 +3,7 @@ COMMENT= protect against brute force attacks on sshd and others DISTNAME= sshguard-1.5 -REVISION= 1 +REVISION= 2 CATEGORIES=security # BSD Index: pkg/MESSAGE === RCS file: pkg/MESSAGE diff -N pkg/MESSAGE --- /dev/null 1 Jan 1970 00:00:00 - +++ pkg/MESSAGE 12 Jan 2015 20:17:18 - @@ -0,0 +1,13 @@ + +sshguard is reported to die on boot: +http://marc.info/?l=openbsd-portsw=2r=1s=sshguard+boot + +Known workarounds are EITHER: + +1) a root cron job (will operate everytime cron starts): +@rebootsleep 5; /etc/rc.d/sshguard start + +2) an addition to /etc/rc.local (will operate once on boot): +print unset INRC\nprint -n -- '$0 start '\n/etc/rc.d/sshguard start | + at -q a 'now + 2 minutes' + Index: pkg/UNMESSAGE === RCS file: pkg/UNMESSAGE diff -N pkg/UNMESSAGE --- /dev/null 1 Jan 1970 00:00:00 - +++ pkg/UNMESSAGE 12 Jan 2015 20:17:18 - @@ -0,0 +1 @@ +Remove boot re-starter from root's crontab or /etc/rc.local
sshguard dies on boot + workaround
$ uname -mrsv OpenBSD 5.6 GENERIC#274 i386 # reboot /var/log/authlog: Dec 25 14:04:11 palm sshd[23898]: Server listening on 0.0.0.0 port 22. Dec 25 14:04:16 palm sshguard[18164]: Started successfully [(a,p,s)=(30, 3600, 6000)], now ready to scan. /etc/rc exits: Dec 25 14:04:41 palm sshguard[18164]: Got exit signal, flushing blocked addresses and exiting... root cronjob: @reboot sleep 5; /etc/rc.d/sshguard check || /etc/rc.d/sshguard start Dec 25 14:04:48 palm sshguard[13329]: Started successfully [(a,p,s)=(30, 3600, 6000)], now ready to scan. Dinnae ken if it dies due to the parent process (rc) exiting: /etc/rc reboot output: ... .. setting tty flags keyboard.encoding - uk display.vblank - on display.screen_off - 30 display.msact - off display.kbdact - on display.outact - off pf enabled starting network starting early daemons: syslogd pflogd nsd unbound ntpd. starting RPC daemons:. savecore: no core dump checking quotas: done. clearing /tmp kern.securelevel: 0 - 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd dhcpd nginx spamd spamlogd. starting package daemons: sshguard greyscanner postfix viagrad. starting local daemons: cron. sshguard up Thu Dec 25 14:04:41 GMT 2014 dies now $ tail -n 6 /etc/rc echo -n 'starting local daemons:' start_daemon apmd sensorsd hotplugd watchdogd cron wsmoused xdm echo '.' /etc/rc.d/sshguard check print 'sshguard up' date exit 0 Whatever,... the cronjob hack gets it back up. Then my brain quits. Ta, -- The Story of Your Enslavement http://www.youtube.com/watch?v=Xbp6umQT58Afeature=related
Re: please remove the procmail port
On 2014-11-18 Tue 22:01 PM |, frantisek holop wrote: Philip Guenther, 18 Nov 2014 12:42: Executive summary: delete the procmail port; the code is not safe and should not be used as a basis for any further work. just for the record, what is the alternative you would recommend? $ pkg_info dovecot-pigeonhole Information for inst:dovecot-pigeonhole-0.4.2p2v0 Comment: Sieve mail filtering for Dovecot Description: Sieve mail filtering for Dovecot. Maintainer: Brad Smith b...@comstyle.com WWW: http://pigeonhole.dovecot.org/ http://wiki2.dovecot.org/Pigeonhole http://wiki2.dovecot.org/Pigeonhole/ManageSieve/ -- The press conference THEY didn't want broadcast: http://www.youtube.com/watch?v=Bzim6hQUoC8index=18list=PLHLREeMe4S0OmV_BYAfWNWi0qQzu2FWzK
Re: make plist ignores @rcscript
On 02/05/2013 15:54, Stuart Henderson wrote: On 2013/05/02 12:36, Craig Skinner wrote: I see there is a plist database under /usr/ports/plist those have extra @depend, @name @comment lines not present in generated pkg/PLISTs. These are the lists as written in +CONTENTS files in the packages, see the bsd.port.mk(5) manual about PLIST_DB. I get it now. I wrongly thought that 'make plist' populated the DB, rather than 'make package' Thanks.
Re: make plist ignores @rcscript
On 01/05/2013 22:36, Craig Skinner wrote: When I remove the @rcscript stuff from the PLIST run this: make clean=all \ make clean=fake \ make fetch-all \ make checksum \ make build \ make fake \ make plist || { sudo make plist; sudo chmod g+w pkg/PLIST; } I get: ... Installing /usr/ports/mystuff/net/vgrd/pkg/vgrd.rc as /usr/ports/pobj/vgrd-1.13/fake-i386/etc/rc.d/vgrd === Updating plist for vgrd-1.13 Subpackage -: Stripping dirs from sysutils/libsysexits Scanning destdir Getting old lists 1st pass identifying files Attaching annotations Sorting out destdir files make-plist: Bogus element outside of every prefix: /etc/rc.d/vgrd So 'make plist' fails when the rc script is present in the fake tree, while not mentioned in the PLIST. Any thoughts on how to get around the bogus element problem? Is it essential that I run 'make plist' before 'make package', or can I use my handwritten PLIST? I see there is a plist database under /usr/ports/plist those have extra @depend, @name @comment lines not present in generated pkg/PLISTs. I've successfully built 29 other packages without rc scripts. What direction should I proceed in? Craig.
Re: make plist ignores @rcscript
On 01/05/2013 20:02, Stuart Henderson wrote: 'make plist' only gets you part-way there, manual editing is still required. Ta. When I remove the @rcscript stuff from the PLIST run this: make clean=all \ make clean=fake \ make fetch-all \ make checksum \ make build \ make fake \ make plist || { sudo make plist; sudo chmod g+w pkg/PLIST; } I get: ... Installing /usr/ports/mystuff/net/vgrd/pkg/vgrd.rc as /usr/ports/pobj/vgrd-1.13/fake-i386/etc/rc.d/vgrd === Updating plist for vgrd-1.13 Subpackage -: Stripping dirs from sysutils/libsysexits Scanning destdir Getting old lists 1st pass identifying files Attaching annotations Sorting out destdir files make-plist: Bogus element outside of every prefix: /etc/rc.d/vgrd So 'make plist' fails when the rc script is present in the fake tree, while not mentioned in the PLIST. What should I do now? Remove the rc script from pkg/? Ta, Craig.
Re: Add -f flags to rm and mv
On Mon, May 14, 2007 at 09:30:48PM +0200, Tobias Ulmer wrote: I export ENV=~/.profile That leads to 'funny' results. Do something like this in your .profile: if [ -o interactive ]; then : fi $ cat /etc/profile [ -o interactive ] [ $SHELL = /bin/ksh ] . /etc/ksh.kshrc $ diff /etc/ksh.kshrc /etc/ksh.kshrc.orig | grep ^ | fgrep -v \# HOST=${HOST:-`hostname -s`} PROMPT=[EMAIL PROTECTED] \W$PS1S export TERM=xterm-color alias rm='rm -i' alias cp='cp -i' if [ -x /usr/local/bin/colorls ]; then alias ls='colorls -GF' fi alias ns='netstat -naf inet; netstat -naf inet6' alias mutt='mutt -y' alias vim='vim -u /etc/vimrc' if [ -e /usr/local/bin/view ]; then alias view='/usr/local/bin/view -u /etc/vimrc' fi alias df='df -h' alias du='du -h'
Re: mbox(3) man page error?
On Sat, Dec 30, 2006 at 10:37:52PM +, Tom Cosgrove wrote: Craig Skinner 30-Dec-06 19:41 Hi misc@ There is probably some history here that I am unaware of, but at first glance there seems to be an error with the mbox(3) man page: FILES /var/spool/mail/$LOGNAME $LOGNAME's incoming mail folder. Should that not be, as per hier(7): /var/mail/$LOGNAME There is no such man page in OpenBSD (base). What port/package have you installed that included such a strange (and wrong) man page? (Section 3 is for the C library; section 5 is more properly for file formats.) typo on my part, should be 5: $ pkg_info -L mutt-1.5.12 Information for mutt-1.5.12 Files: .. /usr/local/man/man5/mbox.5 I guess this is a Linuxism. CC'd the maintainer
mailgraph on 4.0 [SOLVED:ldconfig path - for archives]
Hi misc@ ports@ I'm migrating boxes from 3.9 to 4.0 and was unable to run mailgraph on 4.0/i386. # /usr/local/bin/mailgraph -d -l /var/log/maillog --rbl-is-spam Can't load '/usr/local/libdata/perl5/site_perl/i386-openbsd/auto/RRDs/RRDs.so' for module RRDs: Cannot load specified object at /usr/libdata/perl5/i386-openbsd/5.8.8/DynaLoader.pm line 230. at /usr/local/bin/mailgraph line 287 Compilation failed in require at /usr/local/bin/mailgraph line 287. BEGIN failed--compilation aborted at /usr/local/bin/mailgraph line 287. Perl is not yet one of my languages, so I checked a few basics (permissions, mounts, and wotnot as below) and did'nae come up with anything obvious. Google said this was due to ldconfig on 3.9: http://archives.neohapsis.com/archives/openbsd/2006-05/3009.html I cannae mind having to dae this on 3.9/i386, nevertheless: # ldconfig /usr/lib /usr/local/lib /usr/X11R6/lib # /usr/local/bin/mailgraph -d -l /var/log/maillog --rbl-is-spam $ ps ax | fgrep mailgraph 22431 ?? Is 0:11.94 /usr/bin/perl -w /usr/local/bin/mailgraph -d -l /var/log/maillog --rbl- $ /sbin/ldconfig -r | fgrep fontconfig 73:-lfontconfig.3.0 = /usr/X11R6/lib/libfontconfig.so.3.0 I have not yet applied errata 005 for ld.so Any pointers would be great, eg: do I have to place /usr/X11R6/lib in $shlib_dirs variable in /etc/rc.conf.local? I did'nae have xbase40.tgz installed, so had to untar it as part of the install of mailgraph. Would this have fixed it selv on the next boot? Thanks. $ ls -lh /usr/local/bin/mailgraph -r-xr-xr-x 1 root bin 24.6K Sep 2 12:27 /usr/local/bin/mailgraph* $ ls -lh /usr/local/libdata/perl5/site_perl/i386-openbsd/auto/RRDs/RRDs.so -rwxr-xr-x 1 root bin 120K Sep 2 20:41 /usr/local/libdata/perl5/site_perl/i386-openbsd/auto/RRDs/RRDs.so* $ ls -lh /usr/libdata/perl5/i386-openbsd/5.8.8/DynaLoader.pm -r--r--r-- 1 root wheel 27.5K Sep 17 02:17 /usr/libdata/perl5/i386-openbsd/5.8.8/DynaLoader.pm $ mount | fgrep /usr /dev/wd0i on /usr type ffs (local, noatime, nodev) /dev/wd0j on /usr/local type ffs (local, noatime, nodev) $ grep ^use /usr/local/bin/mailgraph use Carp; use Symbol; use Time::Local; use strict; use vars qw($VERSION); use RRDs; use strict; use File::Tail; use Getopt::Long; use POSIX 'setsid'; $ pkg_info apg-2.2.3p0 automated password generator colorls-3.9 ls that can use color to display file attributes expat-2.0.0 XML 1.0 parser written in C expect-5.43.0p0-no_tk sophisticated scripter based on Tcl/Tk gd-2.0.33p3 library for dynamic creation of images gdbm-1.8.3p0GNU dbm gettext-0.14.5p1GNU gettext jpeg-6bp3 IJG's JPEG compression utilities libiconv-1.9.2p3character set conversion library links-0.99 text browser, displays while downloading maildrop-1.7.0 local mail delivery agent with filtering abilities mailgraph-1.12 a RRDtool frontend for Postfix statistics mod_gzip-1.3.26.1ap0 transparently compress Apache output mutt-1.5.12 tty-based e-mail client, development version nsping-0.8 DNS ping p5-File-Tail-0.99.3 library for reading from continuously updated files passwdqc-0.1plugin password complexity checker for passwd(1) pcre-6.4p1 perl-compatible regular expression library png-1.2.12 library for manipulating PNG images postfix-2.3.2 fast, secure sendmail replacement rrdtool-1.0.49p3system to store and display time-series data squid-2.5.STABLE13 WWW and FTP proxy cache and accelerator tcl-8.4.7p1 Tool Command Language vim-7.0.42-no_x11 vi clone, many additional features $ cat -n /usr/local/bin/mailgraph | fgrep 287 287 use RRDs; $ cat -n /usr/libdata/perl5/i386-openbsd/5.8.8/DynaLoader.pm | egrep '230|231' 230 my $libref = dl_load_file($file, $module-dl_load_flags) or 231 croak(Can't load '$file' for module $module: .dl_error()); $ uname -a OpenBSD teak.kepax.co.uk 4.0 GENERIC#1107 i386