Re: Questions on pf limit table-entries PFR_KENTRY_HIWAT_SMALL

On Sat, January 1, 2022 8:02 pm, Paul Pace wrote: > Hello! > > I'm trying to understand the limits in PF, and I can't seem to figure > this out: > > In pf.conf(5) I see two limits called table-entries, and one of them is > > table-entries PFR_KENTRY_HIWAT_SMALL 10 > > Some searching an

Re: How to set a HTTP proxy for sysupgrade

On Thu, July 1, 2021 4:25 am, Raimo Niskanen wrote: > On Wed, Jun 30, 2021 at 09:23:15PM -0400, trondd wrote: >> >> I simply echo the export statements of the proxy environment variables >> to >> /etc/rc.firstime before reboot. The installer will always append to the &

Re: How to set a HTTP proxy for sysupgrade

On Wed, June 30, 2021 5:28 am, Raimo Niskanen wrote: > Hello list! > > I just upgraded one of our lab machines from 6.8 to 6.9 > (amd64), and our lab environment is closed to the Internet, > so using an HTTP proxy is required to reach out. > > I have set http_proxy, ftp_proxy and https_proxy in > /

Re: Not possible to sysupgrade via snapshots right now?

On Sat, May 8, 2021 9:19 pm, Scott Vanderbilt wrote: > On 5/8/2021 6:04 PM, trondd wrote: >> On Sat, May 8, 2021 7:58 pm, Scott Vanderbilt wrote: >>> Apologies if this is a question to which there is an obvious answer, >>> but >>> I could not find one in th

Re: Not possible to sysupgrade via snapshots right now?

On Sat, May 8, 2021 9:04 pm, trondd wrote: > On Sat, May 8, 2021 7:58 pm, Scott Vanderbilt wrote: >> Apologies if this is a question to which there is an obvious answer, but >> I could not find one in the sysupgrade man page, > > What is sysupgrade trying to do? What do you

Re: Not possible to sysupgrade via snapshots right now?

On Sat, May 8, 2021 7:58 pm, Scott Vanderbilt wrote: > Apologies if this is a question to which there is an obvious answer, but > I could not find one in the sysupgrade man page, What is sysupgrade trying to do? What do you want it to do? No? Read it again. It's not that long.

Re: tc= in remote(5) example

On Thu, February 18, 2021 11:38 am, Jan Stary wrote: > /etc/examples/remote contains the following stanzas: > > unixhost:\ > :br#9600: > > cua00|For i386,macppc:\ > :dv=/dev/cua00:tc=unixhost: > > cuaa|For sparc:\ > :dv=/dev/cuaa:tc=unixho

Re: pflogd write /var/run/mypflogdinstance.pid?

>> On 2020-12-13, Harald Dunkel wrote: > On 12/13/20 7:10 PM, Theo de Raadt wrote: >> >> And I'm suggesting the arguments should look like this: >> >> pflogd: [priv] -s 160 -i pflog0 -f /var/log/pflog (pflogd) >> pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd) >> >> That mi

Re: pflogd write /var/run/mypflogdinstance.pid?

Stuart Henderson wrote: > On 2020-12-07, Harald Dunkel wrote: > > About the PIDs: Maybe a systctl like > > > > kernel.pid_max = 4194303 > > > > known from other OSes could help to reduce the risk for PID conflicts. > > This doesn't help if you actually want reliability, rather than just > "

Re: Can't cron sct.

On Tue, October 27, 2020 11:10 am, avv. Nicola Dell'Uomo wrote: > Hi, > > maybe I'm missing something trivial, but I can't figure out how to cron > sct(1) > > My user cron config works and cron log reports sct was executed, but > screen temp doesn't change ... > > Here's my user crontab: > > #Â
Â
Â

Re: Having trouble enabling TLSv1.3 on httpd(8)

On Thu, September 3, 2020 2:18 pm, Parker Ellertson wrote: > According to my understanding of the manpages (specifically > httpd.conf(5) and tls_config_set_protocols(3)), setting up TLSv1.3 > should be just as easy as adding: > > tls { > protocols "TLS_PROTOCOL_TLSv1_3" >

Re: Can I boot without GPU ("headless")?

On Sun, August 30, 2020 7:12 am, Henry W. Peterson wrote: > If I write at the boot prompt "set timeout 5" and then "set tty pc0" it > waits indefinitely for new commands (as expected). > > I was asking if there is a way to start a new timeout or instantly boot > the kernel after the console switchi

Re: email attachments in firefox

On Fri, August 21, 2020 5:24 pm, Jan Stary wrote: > On Aug 21 18:06:59, falsif...@falsifian.org wrote: >> On 2020-08-21 16:51, Raymond, David wrote: >> > I noticed that trying to load an attachment to Gmail in Firefox leads >> > to a basically empty menu for selecting the file to be loaded? What >

Re: httpd - bypass tls misconfig different ciphers, ecdhe

On Wed, August 19, 2020 3:33 am, Hisacro Root wrote: > On Tue, Aug 18, 2020 at 09:28:18PM -0400, trondd wrote: >> The bug here is in how additional listen lines interact with the >> remaining >> configuration. The first listen line in a server block gets the tls >>

Re: httpd - bypass tls misconfig different ciphers, ecdhe

On Sun, August 16, 2020 3:20 pm, hisacro wrote: > On Sun, Aug 16, 2020 at 02:34:27PM -0400, trondd wrote: > >> Oh, I see what you're doing. BOTH listen lines are active in the second >> server block. When you connect to port 443 with that config, which TLS >> set

Re: httpd - bypass tls misconfig different ciphers, ecdhe

On Sun, August 16, 2020 1:23 pm, hisacro wrote: > Aug 16, 2020, 11:44 AM by tro...@kagu-tsuchi.com: > >> Because it's not the same IP and port anymore. You can only have one >> thing listening on an ip+port > > I got a working httpd config with same IP and same Port > > server "domain.tld" { >

Re: httpd - bypass tls misconfig different ciphers, ecdhe

On Sun, August 16, 2020 1:49 am, hisacro wrote: > Aug 16, 2020, 7:50 AM by tro...@kagu-tsuchi.com: > >>>On Sat, Aug 15, 2020 at 04:13:51PM -0700, hisacro wrote: >> >>> $ doas httpd -nv >>> server "sub.domain.tld": tls configuration mismatch on same >>> address/port >>> >>> instead of defining same

Re: httpd - bypass tls misconfig different ciphers, ecdhe

On Sat, August 15, 2020 7:13 pm, hisacro wrote: > I'm on -current, httpd throws tls misconfig error when different > cipher or ecdhe used but it's bypassed by listen statment. > > server "domain.tld" { > listen on * tls port 443 > log style combined > hsts > { > subdomains >

Re: checksums after reboot

On Fri Feb 7, 2020 at 2:40 PM, Justin Muir wrote: > Hello all, > > > Posting here for the first time! Using OBSD as daily laptop OS. Trying > to > be a little more security conscious these days by keeping checksums on > system files with mtree. Did a reboot and several files were changed > includi

Re: vpn.rebehn.net upgrade log

On Mon, October 28, 2019 6:37 pm, Heinrich Rebehn wrote: > Hello list, > > After upgrading a OpenBSD host running 6.5 to 6.6 using sysupgrade(8), I > received the email below. > It suggests that the upgrade has been aborted upon failure to upgrade > comp66.tgz. This set was not part of the initial

Re: relayd: "listen on egress" only listens to IPv4 and not IPv6

On Thu, August 29, 2019 8:55 am, Muhammad Kaisar Arkhan wrote: > Hi Tom, > >> listen on 2a03:6000:9106::50f7:f07a:d1cc port 443 tls > > I've tried this before, it just results in this: > > /etc/relayd.conf:33: cannot load certificates for relay https2:443 > > I'm not sure why it does this despite

Re: Duplicity & /etc/daily.local

On Mon, May 20, 2019 5:50 pm, Noth wrote: > Hi misc@, > > > Â
I'm trying to run daily backups to a sftp server for various VMs and > devices on my network, and want to use /etc/daily.local for this. I'm > calling this script from the daily.local file: > > env 'GNUPG="/usr/local/bin/gpg" PASSPHRAS

Re: Activating second crypted (or other raid) device

On Sun, May 5, 2019 3:57 pm, cho...@jtan.com wrote: > Thomas Frohwein writes: >> On Sun, May 05, 2019 at 08:57:55PM +0300, cho...@jtan.com wrote: >> [...] >> > Currently after every upgrade I patch /etc/rc to run /etc/rc.blockdev >> > (containing bioctl -cC -p /etc/sd0.key -l sd0a softraid0) before

Re: Use xenodm like startx?

On Thu, January 31, 2019 5:57 am, John Ankarström wrote: > >> Only thing I never figured out is how to make X and xenodm shutdown when >> I >> exit my window manager. > > This too makes me feel like xenodm is far too complex for what I want. > It's not an issue of complexity. It's a different to

Re: Use xenodm like startx?

On Thu, January 31, 2019 7:35 am, Bruno Flueckiger wrote: > > Add the following line to /etc/X11/xenodm/xenodm-config: > > DisplayManager.*.terminateServer: true > > Cheers, > Bruno > That doesn't work how you think it does. It does shut down the X server after quitting a window manager but t

Re: Use xenodm like startx?

On Wed, January 30, 2019 8:02 pm, John Ankarström wrote: > Hi, > > I just got OpenBSD installed on my new laptop, and so far, it works great. > But since I applied the latest X11 patch, I can no longer use startx to > launch X11, unless I do it as root, which probably isnâ**t a good idea. > Seems

Re: apu2 em0/dhclient problems

On Sun, January 27, 2019 12:44 pm, Edgar Pettijohn wrote: > I'm trying to replace my dieing soekris box with an apu2 dmesg below. > However, I can't seem to get em0 to connect to my isp. It will work > when connecting to the soekris box though. So I don't think its the > interface that is the probl

Re: relayd: Layer 7 proxy: forward failed

On Thu, December 6, 2018 12:04 pm, Leo Unglaub wrote: > Hi, > i am trying to use relayd as an outbound proxy. I am following the > manual page and also the book "Httpd and Relayd Mastery". I did this on > the latest release 6.4 and also on the latest snapshot to make sure this > was not already fix

Re: procmail and new grammar in smtpd.conf

On Wed, December 5, 2018 6:22 am, Eda Sky wrote: > > the original rule is > > accept from any for domain "example.com" alias deliver to mda > "/usr/local/bin/procmail -f -" > > I do not know how to write new rules. > Everything I'm trying to do ends with syntax error. > What have you tried?

Re: Core Dev?

On Tue, December 4, 2018 6:50 am, Ahmad Bilal wrote: > > @Marc: Thanks for the information, but based on what you said, what would > you consider as 'official' then? Just curious. > Let go of this concept. These are your systems. You're the only official. If you want to build an AMI for AWS, yo

Re: Cannot mount install.fs disk image to create custom auto_install.conf based USB flash drive

On Sun, November 11, 2018 4:28 pm, Andrew Lemin wrote: > > 4b) Mount new vnd1c device (this is where I'm stuck) > > ** Here is where I get lost. All the guides refer only to using > install.iso (whos 'a:' and 'c:' partitions are ISO9660 filetypes - for CD > based installs), but I need to use th

Re: mail doesn't read mail from /var/mail/root

On November 8, 2018 1:39:13 AM CST, ivp...@eml.cc wrote: >Hello, > >I must be missing something obvious, but since installing 6.4-current >(on a few versions in a row), I can't get mail to read /var/mail/root. > >After logging in, I see: > >>---< >OpenBSD 6.4-current (GENERIC.MP) #425: Sun N

Re: Severe clock problems with OpenBSD VM on OpenBSD Host

On Sat, November 3, 2018 7:10 pm, Stefan Arentz wrote: > Hi everyone, > > I am having an issue where an OpenBSD VM running on vmd is having > serious clock skew issues. > > I am relatively new to OpenBSD, so I am not sure how to properly debug > this. What I hope is that I can provide a good amount

Re: smtpd new "relay as" syntax?

On October 31, 2018 5:31:44 PM EDT, "Paul B. Henson" wrote: >I just upgraded to OpenBSD 6.4, and I'm trying to figure out how to do >this with the new syntax: > >accept from local for any relay via smtp://smtp.domain.com as >"@domain.com" > >This would rewrite the outbound message to masquerade

Re: acme-client memory setup failure

On October 28, 2018 12:09:02 AM EDT, "연락 연락" wrote: >Thank you indeed for your reply, trondd. >Yes, I added certificate(s) to cert.pem, probably more than one time so >far. >But the size looks not much bigger than normal one that I see from >another host. >s

Re: acme-client memory setup failure

On Sat, October 27, 2018 6:19 am, ì*°ë*½ ì*°ë*½ wrote: > Dear misc, > > I am getting an error saying "ssl verify memory setup failure" whenever > I try to renew existing certificates on a host -- Openbsd 6.3, httpd, > acme-client. > Recently there were changes in a few configurations, including net

Re: httpd and cgi

On Thu, October 4, 2018 12:54 pm, Kihaguru Gathura wrote: > Hi, > > For the following httpd setup, cgi scripts give a 403 Page not found > on browser. However after removing the line: > > location "/*" { > authenticate "Staff Only" with "/htpasswds" > } > > c

Re: Let's Encrypt Error with cgit, httpd, acme-client

On Sun, August 26, 2018 4:40 pm, Parikh, Samir wrote: > > I guess my only remaining question is how did you know I needed to make > this change? I know the OpenBSD documentation is really good but I'm > still fascinated how people manage to sort things like this out. Maybe > it's just pure experi

Re: Let's Encrypt Error with cgit, httpd, acme-client

On Wed, August 22, 2018 1:23 pm, Parikh, Samir wrote: > flipchan wrote on 22/08/18 01:19: >> Try removing all keys in the ssl directory aswell as >> /etc/acme/letsencrypt-privkey.pem > > Thank you for your suggestion! I tried that and still received a similar > error: > > # acme-client -vAD git.exa

Re: dump/restore and crontab(5)

On Mon, July 2, 2018 10:26 am, Ed Ahlsen-Girard wrote: > On Mon, 2 Jul 2018 09:25:37 -0400 > "trondd" wrote: > >> On Mon, July 2, 2018 8:14 am, Ed Ahlsen-Girard wrote: >> [...] >> >> I'd have to look later to see if my dumps are coreectly grabbing

Re: dump/restore and crontab(5)

On Mon, July 2, 2018 8:14 am, Ed Ahlsen-Girard wrote: > Having clobbered my crontab (5) file in error (-r and -e are close) I > merrily went to my level 0 dump to restore it. It's present on the dump > (which is to file) but the restored file is zero bytes. > > Should I have run those dumps manuall

Re: attach chroot-jail to switchd(8) ?

On Thu, May 24, 2018 1:28 pm, Claudio Jeker wrote: > On Thu, May 24, 2018 at 09:22:32AM -0400, trondd wrote: >> On Wed, May 23, 2018 4:35 am, Thomas Huber wrote: >> > Hi all, >> > >> > IÃ*´m just tinkering a little bit and try to mimic some >> "con

Re: attach chroot-jail to switchd(8) ?

On Wed, May 23, 2018 4:35 am, Thomas Huber wrote: > Hi all, > > I´m just tinkering a little bit and try to mimic some "containerization" > on > OpenBSD with chroot. Is it somehow possible to attach a chrooted > envirionment to swtichd(8) ? > > Thanks > Thomas > OpenBSD's chroot is not like a Linu

Re: stop syslogd from opening port 514 UDP

On Fri, March 16, 2018 6:42 am, Torsten wrote: > I know I could use PF as a workaround Really? I wouldn't consider blocking incomming connections to unused ports by default to be a workaround, but a necessity.

Re: Opensmtpd authentication error

On Wed, March 7, 2018 10:06 am, flipchan wrote: > smtpctl encrypt mypassword > > Then syntax > user:password ? > > On March 6, 2018 9:46:26 PM UTC, trondd wrote: >>On Tue, March 6, 2018 1:48 pm, flipchan wrote: >>> Hello, >>> im trying to create

Re: Opensmtpd authentication error

On Tue, March 6, 2018 1:48 pm, flipchan wrote: > Hello, > im trying to create a mail server and i keep getting opensmtpd > authentication fail > > > i tried using neomutt and regular mutt, but no success > > > tail -f /var/log/maillog > Mar 6 18:15:37 mail dovecot: imap-login: Login: user=, > meth

Re: Loop problem in sending mail to root

On Mon, March 5, 2018 2:45 pm, Chris Bennett wrote: > That did the trick. > For the future, page 2 'Trace subsystem': https://www.bsdcan.org/2016/schedule/attachments/378_smtpd_cheatsheet.pdf You can see which rule gets matched.

Re: Loop problem in sending mail to root

On Mon, March 5, 2018 1:05 pm, Chris Bennett wrote: > I cannot get mail to reach root from /etc/daily for example. > Not sure what I have setup wrong. > also both femail-chroot and sendmail-mini-chroot fail > femail: socket: Connection refused > /var/www/bin/sendmail_mini: connect: Connection refus

Re: Upgrade 6.1->6.2 fails with "id 0 on/: file system full"

On Tue, February 20, 2018 8:34 am, Nicolas Schmidt wrote: > Hey, > > it's me again, still trying to upgrade to 6.2. > > After choosing to skip verification and continue the upgrade process, I > now immediately get the following error: > > Installing bsd0% | > id 0 on /:

Re: SWAP should always be inside crypto softRAID, right? (For OS crash dump data to be encrypted.)

On Thu, February 8, 2018 1:49 pm, Tinker wrote: > Hi misc@, > > I looked through previous discussions on whether a SWAP partition > should be inside or outside the RAID partition when making a crypto > softraid. > > The only argument I stumbled into was that it should be outside because > swap is e

Re: Kernel panic with openbsd 6.2

On Thu, January 25, 2018 4:29 am, Maxim Bourmistrov wrote: > As Stuart mentioned, em(4) on top of e1000 proven to be more stable. > Even under higher load. > Vmx starting to misbehave under high load, resulting for ex. with unstable > CARP setup. > > //mxb > >> 25 jan.

Re: Kernel panic with openbsd 6.2

On Mon, January 22, 2018 10:47 am, Mik J wrote: > Hello Stuart, > For me it takes just a few days... > I have a crash every 3/4 days maybe (2 crashes so far) and my server does > not handle load. > Yes I read your reports this morning, although you wrote that there was a > combination with snmpd, I

Re: iwm errors with new snapshot

On Tue, January 23, 2018 2:09 pm, Stefan Sperling wrote: > On Tue, Jan 23, 2018 at 11:50:28AM -0600, Vijay Sankar wrote: >> Over the weekend, I was trying to do some tests requested in tech@ >> (inteldrm). I downloaded the latest snapshot but had problems with iwm >> firmware on my laptops (X1 Carb

Re: http_proxy for rc.firsttime after Upgrade

On Mon, January 22, 2018 2:36 am, Raimo Niskanen wrote: > On Fri, Jan 19, 2018 at 10:47:15AM -0500, trondd wrote: >> On Fri, January 19, 2018 4:29 am, Raimo Niskanen wrote: >> > Hello list! >> > >> > I have some machines behind a squid proxy and have set

Re: http_proxy for rc.firsttime after Upgrade

On Fri, January 19, 2018 4:29 am, Raimo Niskanen wrote: > Hello list! > > I have some machines behind a squid proxy and have set the http_proxy and > ftp_proxy environment variables both in /etc/profile and in > /etc/login.conf > for the default login class. This works well. > > But after an upgra

Re: Writing "ones" instead of "zeroes" when wiping disk

On Thu, January 11, 2018 5:12 pm, worik wrote: > On 12/01/18 11:09, Jan Stary wrote: >> On Jan 11 14:45:21, andreasthu...@gmail.com wrote: >>> in order to achieve paranoid disk-wiping? >> Ones are not nearly as secure as zeros. >> > Why not?Â
Is it not arbitrary? > A 1 is too narrow to fully cove

Re: Probable mistake in PF tagging example ruleset order

On Wed, January 10, 2018 2:44 pm, Aham Brahmasmi wrote: > Hi, > > I am trying to learn and understand the pf tagging mechanism. I was > wondering whether my understanding of the order in the example at > https://www.openbsd.org/faq/pf/tagging.html is correct. If it is, then > there might be a mista

Re: trouble while building a release

On Wed, January 3, 2018 1:07 pm, Etienne wrote: > Hello list, > > I'm a bit confused. I believe I have correctly applied the instructions > in release(8), but I hit this error when running "make release" in > paragraph 4, on unmodified sources: > > # cd /usr/src/etc && make release > [â*¦] > sh /us

Re: Keeping up to date with ports and putting ports/pobj on wxallowed filesystem

On Thu, November 9, 2017 4:54 pm, Jeff wrote: > On Thu, 9 Nov 2017 22:06:43 +0100 > "Christoph R. Murauer" wrote: > >> If I understood your question correct ... >> >> > Running: OpenBSD6.2-release >> > >> > Goal: To run a secure and functional web server. >> > (the server is currently up and runni

Re: pf not redirecting DNS queries

On Mon, November 6, 2017 8:50 pm, Scott Bennett wrote: > I have an APU2 running 6.2, acting as pf NAT gateway, DHCP server, and > DNS cache (unbound) for my internal LAN. > > I've attempted to make all DNS queries redirect to the APU2, as many > examples have illustrated, so that they can be forwar

Re: Streamlining disklabel...

On Sat, November 4, 2017 5:09 pm, Implausibility wrote: > Again, the interactive editor is way too many steps, too many > opportunities for screw-ups, and does nothing to streamline the process of > adding a new disk for me. > > So this is what I've come up with... > > fdisk -i sd1 > echo "/disk2

Re: Sorry for the n00b question but I could use some education on relayd

On Thu, November 2, 2017 2:17 pm, Bryan C. Everly wrote: > Hi misc@, > > I have a use case where I'm using OpenBSD 6.2 as my router/firewall > and there are several websites that sit behind it on separate servers > (let's call them http://one.com, http://two.com and http://three.com > > I'd like to

Re: Install process: couple of comments

On Wed, October 18, 2017 6:15 pm, Limaunion wrote: > On 10/17/2017 05:44 PM, Stuart Henderson wrote: >> On 2017-10-16, Limaunion wrote: >>> Hi! Last friday I upgraded my ALIX system from 6.0 to 6.2 using the PXE >>> boot method. In previous years I used an internal FTP server to perform >>> the up

Re: log up or down interface end change physical address

On Thu, September 21, 2017 9:29 am, Krzysztof Strzeszewski wrote: > Hi, > > How to log up or down (connect or not connect cable) interface end > change physical address on OpenBSD? > > > -- > Regards, > Krzysztof Strzeszewski > ifstated(8) and some scripts?

Re: relayd https relay

#x27;ca file', the imsg was not chunked and if the file is too big, relayd will fail to start the relay. Take the CA cert that signed the web server certificates and put that into a file and reference that file like 'ca file "/etc/ssl/webca.pem"' > Am 21.09.2017 um

Re: relayd https relay

On Thu, September 21, 2017 3:49 am, rosjat wrote: > Hi, > > so I added the with tls keywords to the relay and my webserver gets > request now but from my relayhost and this is making the way back quiet > hard :( > > so I added the X Headers for Forwarded-For and Forwarded-By but it still > leaves t

Re: OpenBSD router / firewall / gateway device

On Tue, September 19, 2017 10:25 pm, Usexy Nerd wrote: > https://beagleboard.org/x15 > > > What is BeagleBoard-X15? > > BeagleBoard-X15 is the top performing, mainline Linux enabled, > power-usersâ** > dream board with a core tailored for

Re: relayd https relay

On Wed, September 20, 2017 8:10 am, Bryan Harris wrote: > I don't think you can know the host header unless you decrypt the https > using a certificate. It seems that idea would require SNI but I don't > know > if they have SNI in relayd/httpd. (I could be wrong about that.) > httpd has SNI, rel

Re: Open /dev/mem file failed when running as a root priviledge

On Mon, September 11, 2017 8:58 pm, Nan Xiao wrote: > Hi all, > > Greetings from me! > > I want to run dmidecode (https://github.com/mirror/dmidecode) on OpenBSD > 6.1, but executing it will report following errors: > > # ./dmidecode > # dmidecode 3.1 > Scanning /dev/mem for entry point. > /dev/mem

Re: vio(4) tap(4) question

On Mon, August 28, 2017 6:03 pm, Bryan Harris wrote: > > pass on { vether0 tap0 tap1 tap2 tap3 tap4 tap5 tap6 tap7 tap8 tap9 } > > Thanks all. > > V/r, > Bryan > Can't you just use the interface group 'tap'? pass on { vether0 tap }

Re: Best way to monitor battery status on laptop

On Wed, July 26, 2017 8:11 pm, Carlos Cardenas wrote: > Howdy. > > Been using my toughbook with OpenBSD more and more and one of the things > that I seem to be missing is simple battery status (percent remaining, > if it's being charged, etc...) in my tmux(1) or wmii(1) session. > > Using sysctl(1)

Re: Openbsd 6.1 and Current Console Freezes and lockup Proxmox PVE5.0

On Tue, July 18, 2017 8:14 pm, Tom Smyth wrote: > Apologies... > Incomplete Mail ... was feeling Trigger happy and now im certainly > feeling uncomfortably dumb :) > > proper bug report to come tomorrow, > Its a long story... :/ > Thanks > When you do come back, mention if this is new with Proxmox

Re: siteXX.tgz with /home/user/.ssh/authorized_keys results in empty file

Site is installed last *of the sets*, not the last thing that happens. And the user is created after the sets are extracted, also. The *.site scripts are run nearly last (close enough, that it doesn't matter).

Re: siteXX.tgz with /home/user/.ssh/authorized_keys results in empty file

On Mon, May 29, 2017 5:47 pm, Erling Westenvik wrote: > everything is okay. > > What is going on? Why is the process extracting siteXX.tgz > treating /mnt/home/user/.ssh different than /mnt/root/.ssh? > > *continues scratching head* > > Cheers. > Erling. > You didn't really explain the failure ca

Re: /usr/sbin/httpd and chunked transfer encoding

On Mon, May 8, 2017 5:22 pm, r...@tamos.net wrote: > On Mon, 08 May 2017 18:45 +0800, johnw wrote: >> Both tried and not work. > > Yeah, you might be waiting for a while. According to the following, > both projects have this as an open issue but haven't been able to commit > resources to it. In t

Re: DHCP in vmm guest

On Thu, May 4, 2017 8:51 am, Francois Stephany wrote: > Hi, > > I'm new to OpenBSD and I'm trying a simple setup where a VMM guest has > access to the network via tap and bridge. The host uses a wired connection > and gets its network address with DHCP. > > Here's my /etc/vm.conf: > > switch "vms_s

Re: Etnernal & infernal browser woes

On Sat, April 29, 2017 6:07 pm, Mihai Popescu wrote: > Do not forget to use (activate) uBlock Origin too, there is in Add-Ons > for Firefox. > > Teh guy with 134 opened tabs at once in firefox was funny. How many > monitors is firefox windows spreading across? > > Thanks. > It's tabs. You only ne

Re: Etnernal & infernal browser woes

On Fri, April 28, 2017 10:17 am, Fred wrote: > I have to agree with David - here I used chrome on a daily basis with a > minimum of two chrome windows with at least 4 tabs in each I don't want to get into the conversation, but I thought this was funny. I am a heavy tabs user. I currently have fi

Re: softraid mirror & large drives (3T)

On Tue, April 18, 2017 8:48 am, Kamil CholewiÅ*ski wrote: > On Tue, 18 Apr 2017, Jiri B wrote: >> On Tue, Apr 18, 2017 at 08:23:56AM -0400, Allan Streib wrote: >>> Buy a hardware RAID controller. >> >> I suppose you wanted to write - 'buy two equal hardware RAID >> controllers', >> or how would yo

Re: DHCP over bridge(4) was: OpenBSD as a non-routing access point

On Thu, April 13, 2017 9:00 am, Stuart Henderson wrote: > On 2017-04-12, trondd wrote: >> >> I have this problem as well. DHCP requests go out over the bridge to >> the >> main interface. The response comes back to the main interface but never >> goes to the br

Re: OpenBSD as a non-routing access point

On Wed, April 12, 2017 4:27 am, Stuart Henderson wrote: > On 2017-04-12, Jordon wrote: >>> rcctl enable dhcrelay >>> rcctl set dhcrelay flags -i athn0 192.168.1.1 "assuming that is your >>> routers >> address" >>> rcctl start dhcrelay >>> >>> and possibly add -d (log to stderr) to see what its doi

Little bump in the upgrade path

Just FYI: I upgraded 6.0 to 6.1 and /etc/installurl was populated with: https://ftp4.usa.openbsd.org/pub/OpenBSD/6.1 (as is my mirror) But when running pkg_add -u to upgrade, it searched http://ftp4.usa.openbsd.org/pub/OpenBSD/6.1/6.1 for packages. Chopped the 6.1 out of installurl to fix. Tim

Re: Is there something to replace zaurus?

On Wed, March 29, 2017 6:49 pm, Ryan Freeman wrote: > On Wed, Mar 29, 2017 at 05:00:44PM -0500, Jordon wrote: >> > On Mar 29, 2017, at 4:51 AM, Luke Small wrote: >> > >> > I thought I read that there is an arm7 based mobile device, but I >> can't >> > find anything about it. >> > >> >> I???m reall

Re: relayd(8) relay: redirect based on URL paths

On Wed, February 22, 2017 9:02 pm, Lyndon Nerenberg wrote: > My relayd.conf fu is lame and needs help. Given the following config: > > > ---8<---8<--- > > interval 60 > timeout 2000 > > table { w1.example.com w2.example.com w3.example.com } > > http protocol https { > > tcp { nodelay, sac

Re: http 408 messages in httpd logs

On Tue, February 14, 2017 2:27 pm, trondd wrote: > http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/server.c.diff?r1=1.106&r2=1.107&f=h > > Unfortunately the commit message is not helpful here. > Ah hah. I knew it'd be somewhere: http://marc.info/?l=openbsd-

Re: http 408 messages in httpd logs

On Tue, February 14, 2017 1:48 pm, Walter Alejandro Iglesias wrote: > Starting from Feb 11 my httpd logs are filled with 408 messages: > > roquesor.com 79.xxx.150.xx4 - - [14/Feb/2017:15:48:32 +0100] "GET / > HTTP/1.1" 200 2535 > roquesor.com 79.xxx.150.xx4 - - [14/Feb/2017:15:48:32 +0100] "GET > /

Re: relayd and letsencrypt certificates

On Fri, February 10, 2017 11:48 am, Thuban wrote: > Hello, > I can't figure how to use letsencrypt certificates with relayd. I keep > getting this error : > > # relayd -vvv -n > /etc/relayd.conf:33: cannot load certificates for relay tlsforward > > > My relayd.conf : > > # cat /etc/rela

Re: edge router lite with double NAT

On Tue, January 24, 2017 3:19 am, jungle boogie wrote: > On 01/23/2017 05:43 PM, trondd wrote: >>> >> >> >> Maybe make rules that are very specific to the BBB and ERL IPs in >> question. And/or make sure 'egress' is the interface you thing it is.

Re: edge router lite with double NAT

On Mon, January 23, 2017 5:26 pm, jungle Boogie wrote: > On 23 January 2017 at 08:29, trondd wrote: >> >> Can the BBB ping the ISP router internal interface IP? >> > > Yes, it can ping 192.168.0.1 and anything else connected to the ISP > router. > >> Double

Re: httpd weirdness ("connection max request body")

On Mon, January 23, 2017 7:47 am, Farid Joubbi wrote: > Does anyone know if I should report this as a bug (or is it me being > incompetent)? > > On Fri, Dec 16, 2016 at 3:17 PM, Farid Joubbi wrote: > >> Hello, >> >> I noticed a weird thing which I can not explain. >> To me it feels like a bug with

Re: edge router lite with double NAT

On Mon, January 23, 2017 12:09 am, jungle boogie wrote: > On 01/22/2017 04:44 PM, trondd wrote: >> On Sun, January 22, 2017 7:19 pm, jungle boogie wrote: >>> On 01/22/2017 04:13 PM, trondd wrote: >>>> On Sun, January 22, 2017 5:38 pm, jungle boogie wrote: >>

Re: edge router lite with double NAT

On Sun, January 22, 2017 7:19 pm, jungle boogie wrote: > On 01/22/2017 04:13 PM, trondd wrote: >> On Sun, January 22, 2017 5:38 pm, jungle boogie wrote: >>> Hi All, >>> >>> So I want to actually use my edge router lite instead of it collecting >>> dus

Re: edge router lite with double NAT

On Sun, January 22, 2017 5:38 pm, jungle boogie wrote: > Hi All, > > So I want to actually use my edge router lite instead of it collecting > dust. At the moment I don't have a way to put my ISP provided > router/modem into bridge mode. It acts as a DHCP server for my devices > and does all gateway

Re: OpenBSD Stable

On Wed, January 18, 2017 12:51 pm, George wrote: > > # /usr/ports/infrastructure/bin/dpb -f 20 -R pkglist > > dpb fetches the packages and i get the following result > Elapsed time=00:28:34 > I=0 B=0 Q=0 T=547 F=0 !=9 > L=devel/quirks libglade-2.6.4.tar.bz2.dist > ... Everything is locked now bec

Re: OpenBSD Stable

On Tue, January 17, 2017 8:46 pm, George wrote: > Hello. > Im new here. > I installed OpenBSD on my laptop. I used anoncvs to download the stable > sources for kernel, xenocara and ports. I rebuild my kernel,system and > xenocara and i tried to update various packages to stable. > I used > /usr/por

Re: doas prompting for password in script

On Thu, December 15, 2016 12:28 pm, Ax0n wrote: > I don't know how doas is keeping track of a session. If it's by > interactive > tty session only, that could cause problems with non-interactive scripts. > I'll let someone closer to the code answer that question. > It's tied to the shell. http://

Re: IP Forwarding is not working?

On Fri, December 9, 2016 2:24 pm, é*·è*´å¼º wrote: > Hi, I donâ**t really think ip forwarding is broken either as I can still > access the Internet. > > # ifconfig > lo0: flags=8049 mtu 32768 >index 6 priority 0 llprio 3 >groups: lo >inet6 ::1 prefixlen 128 >inet6 fe

Re: trouble adding user to a chroot sandbox

On Fri, November 25, 2016 4:24 pm, trondd wrote: > On Fri, November 25, 2016 2:01 pm, Dave Cohen wrote: >> I'm new to `chroot`. Trying to make sandbox where I can build and run >> untrusted code without affecting the base system. >> >> Following instruct

Re: trouble adding user to a chroot sandbox

On Fri, November 25, 2016 2:01 pm, Dave Cohen wrote: > I'm new to `chroot`. Trying to make sandbox where I can build and run > untrusted code without affecting the base system. > > Following instructions from > https://www.ibm.com/developerworks/community/blogs/karsten/entry/openbsd_chroot?lang=en

Re: mailx as root ignores set keep

On Fri, November 25, 2016 12:36 pm, Walter Alejandro Iglesias wrote: > Hello trondd, > > On Fri, Nov 25, 2016 at 11:03:49AM -0500, trondd wrote: >> On Fri, November 25, 2016 4:17 am, Walter Alejandro Iglesias wrote: >> > Is this on purpose? >> > >> > I&

  1   2   3   >