Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Theo de Raadt
> On Thu, Jul 09, 2015 at 10:01:01PM -0600, Theo de Raadt wrote: > > The 4.4BSD chflags model of "security" on inodes is unmaintained, and > > the utilitization of this is not realized OpenBSD. > > > > To be honest, I doubt any of us see much benefit in it, relative to > > other features of the sy

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Michael McConville
On Thu, Jul 09, 2015 at 10:01:01PM -0600, Theo de Raadt wrote: > The 4.4BSD chflags model of "security" on inodes is unmaintained, and > the utilitization of this is not realized OpenBSD. > > To be honest, I doubt any of us see much benefit in it, relative to > other features of the system. When

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Theo de Raadt
> On Thu, 09 Jul 2015 18:18:37 -0700, Edgar Pettijohn > wrote: > > > # chflags schg /etc/resolv.conf > > > > Just keep in mind you have to go to single user mode to undo the above. > > That's an interesting workaround I hadn't considered. The problem is that > this setting must be deployed v

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Seth
On Thu, 09 Jul 2015 19:40:05 -0700, Philip Guenther wrote: Uh, so you want to _ignore_ the option from the server? Then add ignore domain-name-servers; to your dhclient.conf and put the desired nameserver line in your resolv.conf.tail file. That was the missing link, problem solved, than

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Philip Guenther
On Thu, Jul 9, 2015 at 4:36 PM, Seth wrote: > I'm trying to use the following statement in /etc/dhclient.conf > > supersede domain-name-servers [127.0.0.1]:40; > > But when the machine boots and the network starts it fails to apply the > setting. The error message is: > > /etc/dhclient.conf line 4

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Seth
On Thu, 09 Jul 2015 18:18:37 -0700, Edgar Pettijohn wrote: # chflags schg /etc/resolv.conf Just keep in mind you have to go to single user mode to undo the above. That's an interesting workaround I hadn't considered. The problem is that this setting must be deployed via an Ansible playbo

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Seth
On Thu, 09 Jul 2015 18:01:42 -0700, Ryan Freeman wrote: don't wrap the ip address in square [] brackets. should clear it up The square brackets are necessary when specifying a non-standard DNS port [1] nameserver IPv4 address (in dot notation) or IPv6 address (in hex-and-

Re: dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Edgar Pettijohn
# chflags schg /etc/resolv.conf Just keep in mind you have to go to single user mode to undo the above. On 07/09/15 18:36, Seth wrote: I'm trying to use the following statement in /etc/dhclient.conf supersede domain-name-servers [127.0.0.1]:40; But when the machine boots and the network start

dhclient.conf does not appear to support resolv.conf formatting for nameservers on non-standard port

2015-07-09 Thread Seth
I'm trying to use the following statement in /etc/dhclient.conf supersede domain-name-servers [127.0.0.1]:40; But when the machine boots and the network starts it fails to apply the setting. The error message is: /etc/dhclient.conf line 4: expecting decimal octet. supersede domain-name-serve

Re: Mplayer/VLC crashes on yesterdays 5.8 snapshot on i386

2015-07-09 Thread Stefan Wollny
Am 07/08/15 um 21:58 schrieb Jan Vlach: > Hello misc team, > > Yesterday I've updated to fresh 5.8 snapshot on i386 and mplayer and vlc > don't play videos anymore. > > It's always reproducible with different video files, that worked before. > > Is this known/reported? > > I'm trying to recompi

BitCoin donations to the OpenBSD Foundation.

2015-07-09 Thread Bob Beck
We've recently noticed a few attempts at larger Bitcoin donations to the OpenBSD Foundation. Due to the nature of these, we don't actually know who is attempting to donate, so I'm posting here. Due to changing laws, our provider (BitPay) had to limit transactions to $1000/day causing these donati

Re: www.openbsd.dk is not up to date

2015-07-09 Thread Gleydson Soares
On Thu, Jul 9, 2015 at 6:32 AM, Max Fillinger wrote: > However, until 90 minutes ago, openbsd.dk was linked as a mirror on the > *official* website. I sent the e-mail to either get the mirror admin's > attention (I could not find his e-mail address) or to get it removed > from the official website

Re: nat on addresses with different default routes

2015-07-09 Thread Giancarlo Razzolini
Em 09-07-2015 02:27, lausg...@gmail.com escreveu: Thank you for the answer! Indeed its a more correct approach. Is there a simple way to teach (any openbsd compliant) dhcp client to use mpath? Also not sure whether it will work in this case:http://www.rinta-aho.org/blog/?p=214 I don't recall if

Re: Microsoft Now OpenBSD Foundation Gold Contributor

2015-07-09 Thread Giancarlo Razzolini
Em 08-07-2015 18:48, Артур Истомин escreveu: And it was send from Linux OS User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 Shame for you, linux fan boy:) And this proves what exactly? You don't know about my use for neither Linux nor OpenBSD, you don't g

Re: httpd stops accepting connections after a few hours on current

2015-07-09 Thread Matthew Martin
On 7/9/15, Tor Houghton wrote: > On Wed, Jul 08, 2015 at 10:04:27PM -0500, Theodore Wynnychenko wrote: >> >> [snip] >> >> server https://server2.tldn.com, client 2067 (63 active), >> 10.0.28.254:60330 -> >> 10.0.28.130:443, buffer event error >> [..] >> server https://server2.tldn.com, client 2068

Re: httpd stops accepting connections after a few hours on current

2015-07-09 Thread Tor Houghton
On Wed, Jul 08, 2015 at 10:04:27PM -0500, Theodore Wynnychenko wrote: > > [snip] > > server https://server2.tldn.com, client 2067 (63 active), 10.0.28.254:60330 -> > 10.0.28.130:443, buffer event error > [..] > server https://server2.tldn.com, client 2068 (63 active), 10.0.28.254:52350 -> > 10.0.2

Re: www.openbsd.dk is not up to date

2015-07-09 Thread Max Fillinger
However, until 90 minutes ago, openbsd.dk was linked as a mirror on the *official* website. I sent the e-mail to either get the mirror admin's attention (I could not find his e-mail address) or to get it removed from the official website. I thought misc@ would be the right place for that. On Wed,

Re: ospfd lost tunnel interface

2015-07-09 Thread Bastien Durel
Le jeudi 09 juillet 2015 à 07:57 +, Stuart Henderson a écrit : > On 2015-07-08, Bastien Durel wrote: > > Le 08/07/2015 22:08, Claudio Jeker a écrit : > > > Feature... with maybe a bug. > > > > > Jul 8 09:04:07 ospfd[27052]: interface tun0:10.120.0.1 gone > > > So openvpn is reconfiguring the

Re: ospfd lost tunnel interface

2015-07-09 Thread Stuart Henderson
On 2015-07-08, Bastien Durel wrote: > Le 08/07/2015 22:08, Claudio Jeker a écrit : >> Feature... with maybe a bug. >>> >Jul 8 09:04:07 ospfd[27052]: interface tun0:10.120.0.1 gone >> So openvpn is reconfiguring the interface and ospfd does not like this all >> that much because of the way interfa