Re: switch tacacs+ to python3
Hi ports@ I don't have access to openbsd tacacs boxes and switches anymore, so I can't really test this. Maybe Daniel could take over maintainer as he'll be the last one to touch this? :-) JV
kibana in OpenBSD 7.1
Hello Pavel, ports, contacting you as a maintainer of kibana, logstash and elasticsearch; Does kibana still work for you in OpenBSD 7.1? I was able to get it running on OpenBSD 7.0 by hardcoding node version (10.x->12.22.6) in /usr/local/kibana/package.json, but same trick stopped working in 7.1, where system node is at 16.16.0. Kibana starts, but in web browser, it just shows loading animation and eventually ends up with cryptic error. # rcctl -d start kibana doing _rc_parse_conf doing _rc_quirks kibana_flags empty, using default >< doing rc_check kibana doing rc_start doing _rc_wait_for_start doing rc_check No home directory /nonexistent! Logging in with home = "/". doing rc_check Alarm clock doing _rc_write_runfile (ok) ... Kibana does not support the current Node.js version v16.16.0. Please use Node.js v12.16.1. Elastic runs on same host at localhost:9200 The error is: NetworkError when attempting to fetch resource. Version: 7.10.0 Build: 35949 Error: NetworkError when attempting to fetch resource. _construct@http://localhost:5601/35949/bundles/core/core.entry.js:6:4859 Wrapper@http://localhost:5601/35949/bundles/core/core.entry.js:6:4249 _createSuperInternal@http://localhost:5601/35949/bundles/core/core.entry.js:6:3388 HttpFetchError@http://localhost:5601/35949/bundles/core/core.entry.js:6:6016 _callee3$@http://localhost:5601/35949/bundles/core/core.entry.js:6:58583 l@http://localhost:5601/35949/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:1740519 s/o._invokehttp://localhost:5601/35949/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:1740273 _/http://localhost:5601/35949/bundles/kbn-ui-shared-deps/kbn-ui-shared-deps.js:380:1740876 fetch_asyncGeneratorStep@http://localhost:5601/35949/bundles/core/core.entry.js:6:52652 _throw@http://localhost:5601/35949/bundles/core/core.entry.js:6:53084 What would be the best approach to getting this fixed? Trying to bundle node-12 again (seems to be EOL though)? Trying to port over the Amazon opensource flavor that forked from 7.10? What do you think? Thank you, JV
ubench - bitrotted on AMD CPUs?
Hello ports@, I've got computers of various vintage running OpenBSD and I'd like to get a better idea what kind of workload could the machine handle compared to others. I came across package called ubench, but it behaves weird on these AMD CPUs: - cpu0: AMD GX-217GA SOC with Radeon(tm) HD Graphics, 1647.11 MHz, 16-00-01 - cpu0: AMD Athlon(tm) II Neo N36L Dual-Core Processor, 1298.10 MHz, 10-06-03 Description at (http://www.phystech.com/download/ubench.html) and even in pkg_info ubench says: "Ubench will spawn about 2 concurrent processes for each CPU available on the system. This ensures all available raw CPU horsepower is used." This is not the case for AMD CPUs, as there's just one process jumping around those two dual-core systems. (could be seen in sysstat or htop) Intel CPUs work as expected, I can see multiple processes in top/htop and all cores are busy and I get a "score" after run. The run ends with either ubench score of 0 or exiting on signal 28 $ ubench -c Unix Benchmark Utility v.0.3 Copyright (C) July, 1999 PhysTech, Inc. Author: Sergei Viznyuk http://www.phystech.com/download/ubench.html OpenBSD 6.9 GENERIC.MP#0 amd64 Ubench CPU:0 $ ubench -c Unix Benchmark Utility v.0.3 Copyright (C) July, 1999 PhysTech, Inc. Author: Sergei Viznyuk http://www.phystech.com/download/ubench.html OpenBSD 6.9 GENERIC.MP#0 amd64 cpubench: exiting on signal 28 # - seems to be triggered by resizing terminal window running or not running as root makes no difference. Any idea what's going on here? The code is from 2000, should the port be decomissioned? What do people generally use to benchmark hardware these days? Thank you, Jan
isc-bind-9.16.2v0 fails to start on OpenBSD6.7, patch + note for upgrade guide might be nice
Hello Stuart, ports@, latest isc-bind on OpenBSD 6.7 caught me off-guard with upgrading, as CWD now must be writeable or it doesn't start at all. (there's a note on packge install, but I missed it on package upgrade) clean isc-bind on clean new OpenBSD 6.7 install still doesn't come up, as it has relative paths and now CWD is /tmp (in chroot). Patch for stock named.conf below, also console log with steps to reproduce. Took me a while to fix all relative paths to absolute (from chroot point of view) and also, DNSSEC was broken as managed-keys directive is now deprecated. (had 2 keys there for the trust anchor)) removing managed-keys directive, stopping, deleting /var/named/tmp/managed-keys.bind{,.jnl} and restarting fixed DNSSEC for me. Clean package works with DNSSEC fine. Maybe note in the upgrade guide might be helpful that paths need to be absolute now in named.conf. - console log on clean 6.7 in vmd below the patch - dmesg below console log Thank you for new release and have a nice day, Jan - patch for named.conf: ### --- named.conf.orig Wed May 20 17:45:20 2020 +++ named.conf Wed May 20 17:45:56 2020 @@ -35,24 +35,24 @@ // zone "." { type hint; - file "etc/root.hint"; + file "/etc/root.hint"; }; zone "localhost" { type master; - file "standard/localhost"; + file "/standard/localhost"; allow-transfer { localhost; }; }; zone "127.in-addr.arpa" { type master; - file "standard/loopback"; + file "/standard/loopback"; allow-transfer { localhost; }; }; zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" { type master; - file "standard/loopback6.arpa"; + file "/standard/loopback6.arpa"; allow-transfer { localhost; }; }; @@ -61,13 +61,13 @@ // //zone "myzone.net" { // type master; -// file "master/myzone.net"; +// file "/master/myzone.net"; //}; // Slave zones // //zone "otherzone.net" { // type slave; -// file "slave/otherzone.net"; +// file "/slave/otherzone.net"; // masters { 192.0.2.1; [...;] }; //}; ### ## HOW TO REPRODUCE ISSUE: bsd67# pkg_add isc-bind quirks-3.325 signed on 2020-05-09T19:52:28Z Ambiguous: choose package for isc-bind a 0: 1: isc-bind-9.16.2v0 2: isc-bind-9.16.2v0-geoip Your choice: 1 isc-bind-9.16.2v0: ok The following new rcscripts were installed: /etc/rc.d/isc_named See rcctl(8) for details. --- +isc-bind-9.16.2v0 --- BIND: named 9.12+ insists that the "working directory" (inside the /var/named chroot) is writable. Simplest fix if upgrading is probably to add 'directory "/tmp";' to the options section of named.conf. bsd67# rcctl enable isc_named bsd67# rcctl start isc_named isc_named(failed) bsd67# tail -5 /var/log/messages May 20 17:48:19 bsd67 named[76037]: May 20 17:48:19 bsd67 named[76037]: max open files (7030) is smaller than max sockets (21000) May 20 17:48:19 bsd67 named[76037]: could not configure root hints from 'etc/root.hint': file not found May 20 17:48:19 bsd67 named[76037]: loading configuration: file not found May 20 17:48:19 bsd67 named[76037]: exiting (due to fatal error) vim /var/named/etc/named.conf # fix absolute paths rcctl start isc_named May 20 17:51:57 bsd67 named[40740]: max open files (7030) is smaller than max sockets (21000) May 20 17:51:57 bsd67 named[40740]: command channel listening on 127.0.0.1#953 May 20 17:51:57 bsd67 named[40740]: command channel listening on ::1#953 May 20 17:51:57 bsd67 named[40740]: all zones loaded May 20 17:51:57 bsd67 named[40740]: running May 20 17:51:57 bsd67 named[40740]: managed-keys-zone: Initializing automatic trust anchor management for zone '.'; DNSKEY ID 20326 is now trusted, waiving the normal 30-day waiting period. May 20 17:51:58 bsd67 named[40740]: checkhints: b.root-servers.net/A (199.9.14.201) missing from hints May 20 17:51:58 bsd67 named[40740]: checkhints: b.root-servers.net/A (192.228.79.201) extra record in hints May 20 17:51:58 bsd67 named[40740]: checkhints: b.root-servers.net/ (2001:500:200::b) missing from hints May 20 17:51:58 bsd67 named[40740]: checkhints: b.root-servers.net/ (2001:500:84::b) extra record in hints May 20 17:51:58 bsd67 named[40740]: checkhints: h.root-servers.net/A (198.97.190.53) missing from hints May 20 17:51:58 bsd67 named[40740]: checkhints: h.root-servers.net/A (128.63.2.53) extra record in hints May 20 17:51:58 bsd67 named[40740]: checkhints: h.root-servers.net/ (2001:500:1::53) missing from hints May 20 17:51:58 bsd67 named[40740]: checkhints: h.root-servers.net/ (2001:500:1::803f:235) extra record in hints May 20 17:51:58 bsd67 named[40740]: checkhints: l.root-servers.net/ (2001:500:9f::42) missing from hints May 20 17:51:58 bsd67 named[40740]: checkhints: l.root-servers.net/ (2001:500:3::42) extra record in hints bsd67# dig +dnssec seznam.cz 127.0.0.1 | fgrep ad ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; flags: qr rd ra ad; QUERY:
Re: NEW: Tacacs+ port - shrubbery.net version
Hi, tac_plus compiles and runs fine on octeon too. (Edge Router Lite, -current) Tested slightly with py_tacacs_plus. Encrypted and cleartext logins work, and authentication both to syslog and dedicated file. jvl On Fri, May 24, 2019 at 01:49:29PM +0200, Ampie Niemand wrote: > This does the trick and installs perfectly on macppc, will test i386 > and amd64 when I get home. > > My thoughts are that because all the TACACS+ ports were obsolete after > 6.2, the _tacacs user was sort of "deauthorized" in the infrastructure > userlist. > Reading the error message properly this time it confirms 100% what you > said so that even I can understand it. :-D > > Thanks, this is amazing. > > Regards > Ampie > >
Re: NEW: Tacacs+ port - shrubbery.net version
Gleydson, > Done. > Thanks for the feedback, i'm pushing it to openbsd-wip. is this the correct openbsd-wip? https://github.com/jasperla/openbsd-wip I don't see the changes sthen@ pointed out there ... > PS.: I'm running it and works just fine It has a dozen of Cisco Nexus > switches already connected. > privdrop (_tacacs) fine. > > I will add some changes to example files provided by Jan Vlach, for pointing > out how to use tac_plus on the fly on OpenBSD.(like features available with > and without privdrop / etc). > > Also should be nice sent patches upstream. Jan Vlach, what do you think about? not sure there's an upstream at all: lftp ftp.shrubbery.net:/pub/tac_plus> ls -l *28* -r--r--r-- 1 7053 wheel 530049 Jan 6 2015 tacacs-F4.0.4.28.tar.gz -r--r--r-- 1 7053 wheel 287 Apr 9 2018 tacacs-F4.0.4.28.tar.gz.sig
Re: NEW: Tacacs+ port - shrubbery.net version
Hi Gleydson, Stuart, ports, I'm running tac_plus with 200+ boxes with IOS, IOS-XE and IOS-XR. please see attached tgz for updated port. - I've taken Gleydson's latest work from openbsd-wip (I don't see the unexec and/or doc/shared implemented in PLIST) * - provided simplified tac_plus.conf.sample of stuff I have tested - logging in as full admins with level 15 and limited show users that I use for scripting/metrics. I can't really vouch for the functionality of dialup users etc. The full-blown config file example is still in the manpage - fixed typo in manpage for accounting to syslog - using `accounting syslog;` (including semicolon) does not work, but parser does not complain. If I remove the semicolon, accounting info gets logged to syslog as daemon.info (this was nasty :) ) - fixed paths for tac.acct, tac.log and tac.who - all of them go to /var/log/tac_plus directory that's owned by _tacacs:_tacacs - ^ This fixes the case where you don't want to log into accounting file and want syslog accounting only (disabling accounting file directive leads to tacacs complaining of permission denied with with default path of /var/log/tac.acct) Changing the default path to /var/log/tac_plus/tac.acct and removing `accounting file = ...' directive properly disables logging to this file. Go figure :) - Updated paths in manpage (tac_plus.conf.5.in) as one is automatically substituted from configure variables, while the other is hardcoded. - Added README file to remind administrator to rotate his/her files. * I've tried to add the @extraunexec rm -rf /var/log/tac_plus/*, but I'm not sure it works: On package deletion pkg_delete complains that directory is not empty: [20:07][root@samsara:/var/log]# pkg_delete tacacs+ tacacs+-4.0.4.28v0: ok Read shared items: ok --- -tacacs+-4.0.4.28v0 --- You should also remove /etc/tac_plus.conf (which was modified) You should also run rm -f /var/log/tac_plus/* Error deleting directory /var/log/tac_plus: Directory not empty You should also run /usr/sbin/userdel _tacacs You should also run /usr/sbin/groupdel _tacacs I'm sorry, I've wrestled, but I don't understand how the doc/examples directories work - what needs to be done in pkg configure phase and what is done in PLIST? Cluestick please? I've tested the accounting part with py-tacacs_plus on -current, don't have a real network box around at this time. (Gonna dogfood this tomorrow or next week) Could you please have a look if this is okay? jvl On Thu, May 23, 2019 at 11:34:23AM -0300, Gleydson Soares wrote: > > Can you use the standard locations for doc/examples please rather > > than /usr/local/share/tacacs? > > Yep. > > > Needs @extraunexec rm -f /var/log/tac_plus/* for pkg_delete -c. > > Done. > Thanks for the feedback, i'm pushing it to openbsd-wip. > > PS.: I'm running it and works just fine It has a dozen of Cisco Nexus > switches already connected. > privdrop (_tacacs) fine. > > I will add some changes to example files provided by Jan Vlach, for pointing > out how to use tac_plus on the fly on OpenBSD.(like features available with > and without privdrop / etc). > > Also should be nice sent patches upstream. Jan Vlach, what do you think about? > > Cheers, > tacacs+-20190523-2.tar.gz Description: application/tar-gz
Re: NEW: Tacacs+ port - shrubbery.net version
Hi Gleydson, thank you for getting in touch! I'm running it in production, so yes, taking maintainer is ok. I haven't tried to rebuild with 6.5 yet, that's on my TODO list though. Could do that in next few days for both 6.5 and -current. Thank you, Jan On Mon, May 20, 2019 at 04:55:33PM -0300, Gleydson Soares wrote: > Hi Jan, > > thank you for your effort on this port. > i've pushed it to openbsd-wip at > https://github.com/jasperla/openbsd-wip/tree/master/net/tacacs%2B > it addresses the joint work of you and sthen@ > > are you still ok regarding of taking maintanership? > > i will give some extra tests and double review next days. > > Thank you, > Gleydson. >
Re: NEW: py-tacacs_plus (tacacs+ client written in python)
Hello Daniel, thank you for feedback. Please see updated port: - port is now flavored for python 2 and 3 - make test passes for both pythons - managed version conflict, so both flavors could be installed alongside - incorporated your comments below. Is this OK? Thank you, Jan > I quickly looked at it. Can you please: > - remove the license link > - stop using GH stuff and use MODPY_PI > - vertically align stuff > > I think providing a py3 flavour would be a good thing. > > Cheers, > Daniel py-tacacs_plus.tar.gz,2 Description: Binary data
Re: NEW: Tacacs+ port - shrubbery.net version
Hello Stuart, thank you for fixing and feedback on the tacacs+ port. I've learned a lot here. Sorry for late response, I was missing some commmands in accounting log and command denies were not enforced properly and I needed to find out why. I was missing part of config on the catalyst side, so the port works ok. Re-tested: - acls - password backend (running as root) - cleartext backend - bcrypt backend - command permit/deny I've also tested this with HP5800 Series switch and both logging and command enforcement work. There's a minor typo in tac_plus.rc, there's slash missing after ${TRUEPREFIX} --- tac_plus.rc.origThu Oct 25 14:21:34 2018 +++ tac_plus.rc Thu Oct 25 14:21:43 2018 @@ -2,7 +2,7 @@ # # $OpenBSD$ -daemon="${TRUEPREFIX}sbin/tac_plus" +daemon="${TRUEPREFIX}/sbin/tac_plus" daemon_flags="-C ${SYSCONFDIR}/tac_plus.conf -Q _tacacs -U _tacacs" . /etc/rc.d/rc.subr ### What is the case with: ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py ${PREFIX}/share/tacacs/do_auth.py ? /usr/ports/infrastructure/bin/portcheck complained: Python module without compiled version, consider using ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py: share/tacacs/do_auth.py is this the case where packages don't provide compiled python by default? Would a more minimal config as sample make sense? (please see attachment:) Thank you again, Jan > : daemon="/usr/local/sbin/tac_plus" > > should use ${TRUEPREFIX}, see all other rc scripts in ports > > : daemon_flags="-C /etc/tac_plus.conf -Q _tacacs -U _tacacs" > > should use ${SYSCONFDIR} > > : Before running tac_plus, a configuration file needs to be created. > : Copy the provided ${PREFIX}/share/tacacs/tac_plus.conf.sample to > : /etc/tac_plus.conf and modify as necessary. > > should use @sample to copy the file, so it's registered in the package > database (e.g. used by sysmerge -p, sysclean, pkg_delete -c) and you can > set permissions/ownership appropriately. > > editing the config file is expected, it doesn't really need a MESSAGE > for this. > > : encrypt(1) could be used to generate hashes for login = des $HASH > : directives. > > encrypt(1) doesn't generate des hashes, so by itself this adds confusion. > I'd modify the sample config to explain it better and get rid of MESSAGE > completely. > > :# use `encrypt -p' to get blowfish hash (see: man encrypt(1)) > :# test123 > :login = des $2b$10$rhfyMY/VeB7Tm1nCy4hDpeJNcfI32EcEZBYZ1sy/qpQf5YhAahVqG > > # "login = des" actually uses the OS crypt() function, it is not really > # using DES encryption. On OpenBSD this uses bcrypt. See encrypt(1) to > # generate suitable hashes. > > : ${MODPY_BIN} ${MODPY_LIBDIR}/compileall.py > ${PREFIX}/share/tacacs/do_auth.py > > that's not needed here, but on the other hand the #! line does need fixing > (MODPY_ADJ_FILES = do_auth.py) and it's not marked as executable. > > : CONFIGURE_ENV = YACC="${LOCALBASE}/bin/bison -y" > : YACC = bison -y > : > : pre-configure: > : ln -sf ${LOCALBASE}/bin/bison ${WRKDIR}/bin/yacc > > I think this whole lot can just be replaced by > > CONFIGURE_ENV = YACC=bison > > : COMMENT = version of Cisco System's TACACS+ AAA service > > "the name of Cisco Systems, Inc. not be used in advertising or publicity > pertaining to distribution of the program without specific prior > permission" > > Other things, the old tacacs+ package version was tacacs+-4.0.4ap1 > which compares as "newer" than 4.0.4.28, so needs EPOCH. > > Picks up libwrap if present at build time. > > Some patch parts are no longer needed. > > Simpler to just remove the built tac_pwd rather than do a more complex > patch to an automake-generated Makefile. > > Above are addressed in the tar attached, does that still work ok for you? > > # $OpenBSD$ key = "your key here" accounting file = /var/log/tac_plus/tac.acct # authentication users not appearing elsewhere via # the file /etc/passwd # # passwd backend needs tac_plus running a root, # `cleartext' and `des' backends can run as # _tacacs:_tacacs # acl = management_networks_acl { permit = ^192\.168\.50\. deny = .* } acl = monitoring_acl { permit = 192\.168\.10\. deny = .* } # administrators with direct enable mode access group = admin { default service = permit service = exec { priv-lvl = 15 } acl = management_networks_acl } # group for monitoring group = monitoring { default service = deny service = exec { priv-lvl = 15 } # COMWARE example cmd = display { permit mac-address deny .* } # IOS example cmd = show { permit version deny .* } acl = monitoring_acl } user = fred { # "login = des" actually uses the OS crypt() function, it is not really # using DES encryption. On
Re: UPDATE: devel/cmake (i386 build wanted)
> Hi Rafael, > > Builds fine on 6.4-current i386 running in VMM VM on 6.4-current amd64. > Tomorrow I will have access to real i386 laptop with Pentium 4. I could > test there too. > > Have build libmusicbrainz and colobot packages that seem to use/require > cmake. > > Jan Hello Rafael, as promised, I've also built cmake + colobot on real i386. Works just fine. Jan dmesg attached: OpenBSD 6.4-current (GENERIC) #940: Mon Oct 22 22:31:08 MDT 2018 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC real mem = 267804672 (255MB) avail mem = 247877632 (236MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: date 03/04/03, BIOS32 rev. 0 @ 0xffe90, SMBIOS rev. 2.3 @ 0xf7690 (61 entries) bios0: vendor Dell Computer Corporation version "A08" date 03/04/2003 bios0: Dell Computer Corporation Latitude C640 acpi0 at bios0: rev 0 acpi0: sleep states S0 S1 S3 S4 S5 acpi0: tables DSDT FACP acpi0: wakeup devices LID_(S3) PBTN(S4) PCI0(S3) UAR1(S3) USB0(S1) USB1(S1) USB2(S1) MODM(S3) PCIE(S3) MPCI(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (AGP_) acpiprt2 at acpi0: bus 2 (PCIE) acpiprt3 at acpi0: bus -1 (MPCI) acpipwrres0 at acpi0: PADA, resource for ADPT acpitz0 at acpi0: critical temperature is 99 degC acpiac0 at acpi0: AC unit online acpibat0 at acpi0: BAT0 model "LIP8120DLP" serial 32546 type LION oem "Sony Corp." acpibat1 at acpi0: BAT1 not present acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: PBTN acpibtn2 at acpi0: SBTN "PNP0A03" at acpi0 not configured acpicmos0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) acpivideo0 at acpi0: VID_ bios0: ROM list: 0xc/0xf000 0xcf000/0x800! 0xcf800/0x800! cpu0 at mainbus0: (uniprocessor) cpu0: Mobile Intel(R) Pentium(R) 4 - M CPU 1.80GHz ("GenuineIntel" 686-class) 1.80 GHz, 0f-02-07 cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,CNXT-ID,PERF,MELTDOWN mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 82845 Host" rev 0x04 intelagp0 at pchb0 agp0 at intelagp0: aperture at 0xe800, size 0x400 ppb0 at pci0 dev 1 function 0 "Intel 82845 AGP" rev 0x04 pci1 at ppb0 bus 1 radeondrm0 at pci1 dev 0 function 0 "ATI Radeon Mobility M7" rev 0x00 drm0 at radeondrm0 radeondrm0: irq 11 uhci0 at pci0 dev 29 function 0 "Intel 82801CA/CAM USB" rev 0x02: irq 11 ppb1 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0x42 pci2 at ppb1 bus 2 xl0 at pci2 dev 0 function 0 "3Com 3c905C 100Base-TX" rev 0x78: irq 11, address 00:0b:db:9f:29:2a exphy0 at xl0 phy 24: 3Com internal media interface cbb0 at pci2 dev 1 function 0 "TI PCI1420 CardBus" rev 0x00: irq 11 cbb1 at pci2 dev 1 function 1 "TI PCI1420 CardBus" rev 0x00: irq 11 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 4 device 0 cacheline 0x8, lattimer 0x20 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 cardbus1 at cardslot1: bus 5 device 0 cacheline 0x8, lattimer 0x20 pcmcia1 at cardslot1 ichpcib0 at pci0 dev 31 function 0 "Intel 82801CAM LPC" rev 0x02 pciide0 at pci0 dev 31 function 1 "Intel 82801CAM IDE" rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA, 19077MB, 39070080 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 auich0 at pci0 dev 31 function 5 "Intel 82801CA/CAM AC97" rev 0x02: irq 11, ICH3 ac97: codec id 0x4352595b (Cirrus Logic CS4205 rev 3) ac97: codec features mic channel, tone, simulated stereo, bass boost, 20 bit DAC, 18 bit ADC, SRS 3D audio0 at auich0 "Intel 82801CA/CAM Modem" rev 0x02 at pci0 dev 31 function 6 not configured usb0 at uhci0: USB revision 1.0 uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard pms0 at pckbc0 (aux slot) wsmouse0 at pms0 mux 0 wsmouse1 at pms0 mux 0 pms0: Synaptics touchpad, firmware 5.9, 0x9b4cb1 0x0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets sd0 at scsibus3 targ 1 lun 0: SCSI2 0/direct fixed sd0: 19076MB, 512 bytes/sector, 39069488 sectors root on sd0a (9e331bf883a9d7df.a) swap on sd0b dump on sd0b initializing kernel modesetting (RV200 0x1002:0x4C57 0x1028:0x012A). radeondrm0: 1024x768, 8bpp wsdisplay0 at radeondrm0 mux 1:
NEW: py-tacacs_plus (tacacs+ client written in python)
Hello ports@ this is py-tacacs_plus python module / standalone tacacs+ client. It could speak with the new tacacs+ power based on shrubbery.net's implementation. basic usage/syntax is here: https://github.com/ansible/tacacs_plus/ py-tacacs_plus.tar.gz Description: application/tar-gz
NEW: Tacacs+ port - shrubbery.net version
Hi, this is NEW port of tacacs+ based on the version from people at shrubbery.net (as hinted in net/tacacs+ in attic) * I've patched out tac_pwd, so it is not being built. It just segfaults, can generate md5 and des passwords. encrypt(1) is better choice to get supported hash. * Verified against real Catalyst 2960 * Verified with py-tacacs+ client (might send port later, if this one is okay) * _tacacs:_tacacs needs to get re-enabled in user.list * init script runs it by default as _tacacs:tacacs - that enables: cleartext, empty and crypt authenticators (blowfish passwords as generated by encrypt(1) - system users could get verified too, but tac_plus needs to run as root then. * build and run tested on i386 and amd64 * sample tac_plus.conf is provided, copied out from the manpage for now Can you please look and provide feedback? Thank you, Jan tacacs+.tar.gz Description: application/tar-gz
Re: UPDATE: devel/cmake (i386 build wanted)
On Sat, Oct 20, 2018 at 10:56:35PM +0200, Rafael Sadowski wrote: > Hi All. > > Please find below diff to update cmake to the latest stable version. The > last time it failed on i386 so it would be great if someone could build > it on i386 and report to me/ports@. Please ignore the wrong CVS tags, > the diff based on an old diff from sthen@. > > Rafael Sadowski Hi Rafael, Builds fine on 6.4-current i386 running in VMM VM on 6.4-current amd64. Tomorrow I will have access to real i386 laptop with Pentium 4. I could test there too. Have build libmusicbrainz and colobot packages that seem to use/require cmake. Jan
Re: NEW: games/pioneer
Thank you for the port Anthony! Compiles and runs fine on 6.3-stable on amd64. There is a bug in the 20180203 tag though: When you pause the game, you can sell 10% of your fuel indefinitely and the level of your ship's tank does not change. (i.e. infinite money) I've asked around on pioneer IRC channel and devs over there said that February tag is too old and there have been lots of fixes and improvements. I wasn't able to reproduce the bug with latest release (GH_COMMIT = 2df911dc2a70592cd54eb3e36820ff51621a5f09) The patch-contrib_imgui_imgui_draw_cpp does not apply anymore, but seems to be included correctly on OpenBSD. The game segfaults when I quit from the menu for me though. Jan On Thu, Oct 04, 2018 at 05:12:36AM -0600, Anthony J. Bentley wrote: > On Wed, Sep 19, 2018 at 3:55 AM Anthony J. Bentley wrote: > > Here's a port for pioneer, a game of lonely space and adventure. > > > > Pioneer is a space adventure game set in the Milky Way galaxy at the > > turn of the 31st century. > > > > The game is open-ended, and you are free to explore the millions of star > > systems in the game. You can land on planets, slingshot past gas giants, > > and burn yourself to a crisp flying between binary star systems. You can > > try your hand at piracy, make your fortune trading between systems, or > > do missions for the various factions fighting for power, freedom or > > self-determination. > > > > ok? > > Any interest in this port? > > -- > Anthony J. Bentley pioneer.tar.gz Description: application/tar-gz
surf2-0.6.20160922p0 segmentation fault on -current (#155) on i386
Hello openbsd-ports, I'm trying to move away from surf towards surf2 on my Asus EeePC, but surf2 segfaults on right at start. Deleting ~/.surf does not help. $ surf2 Segmentation fault (core dumped) --->8--- (gdb) backtrace #0 L1 () at /usr/src/lib/libc/arch/i386/string/strchr.S:16 #1 0x071a8c78 in g_param_spec_pool_lookup () from /usr/local/lib/libgobject-2.0.so.4200.4 #2 0x071a61bf in g_object_new_valist () from /usr/local/lib/libgobject-2.0.so.4200.4 #3 0x074a7fbe in webkit_settings_new_with_settings () from /usr/local/lib/libwebkit2gtk-4.0.so.2.1 #4 0x170b0fe9 in newview () from /usr/local/bin/surf2 #5 0x170af7c2 in newclient () from /usr/local/bin/surf2 #6 0x170b3938 in main () from /usr/local/bin/surf2 Current language: auto; currently asm (gdb) --->8--- Building with `DEBUG="-ggdb -O0" INSTALL_STRIP= make' does not provide "better" backtrace. Dmesg and full gdb log follows. What am I doing wrong? Thank you, Jan P.S. re-post to ports@ after cluestick from misc@ ### FULL GDB script log [21:57][janus@maya:~]$ gdb $(which surf2) surf.core [?1034hGNU gdb 6.3 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-openbsd6.0"...(no debugging symbols found) Core was generated by `surf2'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libpthread.so.23.0...done. Loaded symbols for /usr/lib/libpthread.so.23.0 Loaded symbols for /usr/local/bin/surf2 Reading symbols from /usr/local/lib/libwebkit2gtk-4.0.so.2.1...done. Loaded symbols for /usr/local/lib/libwebkit2gtk-4.0.so.2.1 Reading symbols from /usr/local/lib/libgtk-3.so.2200.2...done. Loaded symbols for /usr/local/lib/libgtk-3.so.2200.2 Reading symbols from /usr/local/lib/libgdk-3.so.2200.2...done. Loaded symbols for /usr/local/lib/libgdk-3.so.2200.2 Reading symbols from /usr/local/lib/libgobject-2.0.so.4200.4...done. Loaded symbols for /usr/local/lib/libgobject-2.0.so.4200.4 Reading symbols from /usr/local/lib/libglib-2.0.so.4200.4...done. Loaded symbols for /usr/local/lib/libglib-2.0.so.4200.4 Reading symbols from /usr/lib/libc.so.89.2...done. Loaded symbols for /usr/lib/libc.so.89.2 Reading symbols from /usr/X11R6/lib/libX11.so.16.1...done. Loaded symbols for /usr/X11R6/lib/libX11.so.16.1 Reading symbols from /usr/local/lib/libpangocairo-1.0.so.3800.0...done. Loaded symbols for /usr/local/lib/libpangocairo-1.0.so.3800.0 Reading symbols from /usr/local/lib/libpango-1.0.so.3800.0...done. Loaded symbols for /usr/local/lib/libpango-1.0.so.3800.0 Reading symbols from /usr/local/lib/libatk-1.0.so.21809.1...done. Loaded symbols for /usr/local/lib/libatk-1.0.so.21809.1 Reading symbols from /usr/local/lib/libcairo-gobject.so.1.1...done. Loaded symbols for /usr/local/lib/libcairo-gobject.so.1.1 Reading symbols from /usr/local/lib/libcairo.so.12.3...done. Loaded symbols for /usr/local/lib/libcairo.so.12.3 Reading symbols from /usr/local/lib/libgdk_pixbuf-2.0.so.3200.1...done. Loaded symbols for /usr/local/lib/libgdk_pixbuf-2.0.so.3200.1 Reading symbols from /usr/local/lib/libgio-2.0.so.4200.4...done. Loaded symbols for /usr/local/lib/libgio-2.0.so.4200.4 Reading symbols from /usr/local/lib/libintl.so.6.0...done. Loaded symbols for /usr/local/lib/libintl.so.6.0 Reading symbols from /usr/local/lib/libnotify.so.4.0...done. Loaded symbols for /usr/local/lib/libnotify.so.4.0 Reading symbols from /usr/local/lib/libjavascriptcoregtk-4.0.so.2.1...done. Loaded symbols for /usr/local/lib/libjavascriptcoregtk-4.0.so.2.1 Reading symbols from /usr/local/lib/libicudata.so.11.0... warning: Lowest section in /usr/local/lib/libicudata.so.11.0 is .hash at 2000 done. Loaded symbols for /usr/local/lib/libicudata.so.11.0 Reading symbols from /usr/local/lib/libicui18n.so.11.0...done. Loaded symbols for /usr/local/lib/libicui18n.so.11.0 Symbols already loaded for /usr/lib/libpthread.so.23.0 Reading symbols from /usr/local/lib/libicuuc.so.11.0...done. Loaded symbols for /usr/local/lib/libicuuc.so.11.0 Reading symbols from /usr/X11R6/lib/libGL.so.17.1...done. Loaded symbols for /usr/X11R6/lib/libGL.so.17.1 Reading symbols from /usr/X11R6/lib/libEGL.so.1.1...done. Loaded symbols for /usr/X11R6/lib/libEGL.so.1.1 Reading symbols from /usr/local/lib/libgstapp-1.0.so.3.1...done. Loaded symbols for /usr/local/lib/libgstapp-1.0.so.3.1 Reading symbols from /usr/local/lib/libgstbase-1.0.so.3.1...done. Loaded symbols for /usr/local/lib/libgstbase-1.0.so.3.1 Reading symbols from /usr/local/lib/libgstreamer-1.0.so.3.1...done. Loaded symbols for /usr/local/lib/libgstreamer-1.0.so.3.1 Reading symbols from /usr/local/lib/libgstpbutils-1.0.so.3.1...done. Loaded symbols for /usr/local/lib/libgstpbutils-1.0.so.3.1 Reading symbols from
Re: 10GB zipfile
Hi Jan, I believe 7z (p7zip package) can uncompress *zip files too. Give it a shot. Jan On Wed, Jan 18, 2017 at 06:33:17PM +0100, Jan Stary wrote: > I have a big zipfile that I am trying to unzip witn archivers/unzip. > > $ unzip -ql file.zip > warning [file.zip]: 6682546438 extra bytes at beginning or within > zipfile (attempting to process anyway) > error [file.zip]: start of central directory not found; zipfile corrupt. > > $ ls -l file.zip > -rw-r--r-- 1 hans hans 10977521995 Jan 18 18:24 file.zip > > I am pretty sure the zipfile is OK. Given that the fie size > minus the "extra bytes" is very near 4GB, could this be > a 4GB file-size problem? If so, would people please recommend > an unzipper which can go beyond 4GB? > > Thank you > > Jan
Re: Forcing reinstall of a port
Hi Alan, the locale should be LC_CTYPE=en_US.UTF-8 not en-US.UTF-8 (underscore versus minus) Jan On Fri, Oct 23, 2015 at 11:07:38PM -0400, Alan Corey wrote: > When I set LC_CTYPE to en-US.UTF-8 as has been mentioned here and in > the OpenBSD FAQ, then do something like type uxterm into an rxvt > window I get the warning: > > Warning: locale not supported by Xlib, locale set to C > > So could the Xlib version be causing this? I'm floundering. Maybe > uxterm's trying to set a locale on startup. > > On 10/23/15, Stuart Hendersonwrote: > > On 2015/10/23 14:48, Alan Corey wrote: > >> This is related to my pasting from Abiword which at the moment seems > >> to be a gettext/libiconv order thing. > > > > I think this is probably an Abiword bug. They've had problems in this > > area before, and even just copying and pasting entirely within Abiword > > doesn't work for me (-current amd64). > > > > > > > -- > Credit is the root of all evil. - AB1JX > -- Be the change you want to see in the world.
Re: CVS: cvs.openbsd.org: ports
Hello Antoine, any chance of putting this back? I still use my Palm Tungsten E2 with DateBk as a PDA. (I understand it's 2015, neither ipod + pocket informant, nor android + pimlical work for me ...) should I take maintainer? Thank you, Jan __ > Od: Antoine Jacoutot> Komu: > Datum: 20.09.2015 00:22 > Předmět: CVS: cvs.openbsd.org: ports > >CVSROOT: /cvs >Module name: ports >Changes by: ajacou...@cvs.openbsd.org 2015/09/19 16:21:20 > >Modified files: > comms : Makefile > >Log message: >-jpilot >-pilot-link > >
Re: [tobi...@tmux.org: mark net/rtorrent as broken on powerpc]
Hello Martin, There's only one atomic operation on a 64bit value and it is just for instrumentation. So by adding --disable-instrumentation to the configure arguments libtorrent builds just fine on macppc. I did not try i386 but it should be the same. Works fine on i386 for me. Thank you, Jan