Limiting CPU to a process or process group?

[Andreas Kahari]

Hi,

Is there a way of limiting the amount of CPU given to a particular
process or process group? For example, I would want the build of the
qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
75% idle if nothing else is happening on the machine.

I know about 'nice', but it doesn't fulfil the criteria that the
machine is left otherwise idle if nothing else runs on it.

I don't have a real reason for why I would want to do this, I'm mainly
curious as to if it's possible.

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Is there a way of limiting the amount of CPU given to a particular
> process or process group? For example, I would want the build of the
> qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> 75% idle if nothing else is happening on the machine.
>
> I know about 'nice', but it doesn't fulfil the criteria that the
> machine is left otherwise idle if nothing else runs on it.
>
> I don't have a real reason for why I would want to do this, I'm mainly
> curious as to if it's possible.
>
> Regards,
> Andreas
>
> --
> Andreas Kahari
> Somewhere in the general Cambridge area, UK
>
>

I have never done this myself, but I believe this is possible by
creating a login class in /etc/login.conf and set the cputime option.
See login.conf(5) for a better description.

Zend Optimizer with apache and php5 on 4.2

[Evgeniy Sudyr]

Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension="/var/www/lib/ZendOptimizer.so"

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.


  

-- 
Best regards,
 Evgeniy  mailto:[EMAIL PROTECTED]

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Joe <[EMAIL PROTECTED]> writes:

>> # Secure Distribution.
>>  The most secure operation system gets distributed on FTP servers
>>  as unsigned binaries.
>
> You should create your own binaries if you want secure binaries.

He's also conveniently forgetting about the MD5 sums, conveniently
provided in a file called MD5 along with the installables.  IMO
'signed binaries' is an overhyped buzzword.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Nikns Siankin <[EMAIL PROTECTED]> writes:

> When we will meet in Riga, I will like to hear from you explanation,
> how does putting md5 checksum file *along* with installables on the
> same vulnerable channel, helps to make sure, that they are not backdoored ;]

you don't have to wait that long. fetch the files from different mirrors.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 12:11:13PM +0100, Peter N. M. Hansteen wrote:
>Joe <[EMAIL PROTECTED]> writes:
>
>>> # Secure Distribution.
>>>  The most secure operation system gets distributed on FTP servers
>>>  as unsigned binaries.
>>
>> You should create your own binaries if you want secure binaries.
>
>He's also conveniently forgetting about the MD5 sums, conveniently
>provided in a file called MD5 along with the installables.  IMO
>'signed binaries' is an overhyped buzzword.

When we will meet in Riga, I will like to hear from you explanation,
how does putting md5 checksum file *along* with installables on the
same vulnerable channel, helps to make sure, that they are not backdoored ;]



>
>-- 
>Peter N. M. Hansteen, member of the first RFC 1149 implementation team
>http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
>"Remember to set the evil bit on all malicious network traffic"
>delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > Hi,
> >
> > Is there a way of limiting the amount of CPU given to a particular
> > process or process group? For example, I would want the build of the
> > qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> > 75% idle if nothing else is happening on the machine.
> >
> > I know about 'nice', but it doesn't fulfil the criteria that the
> > machine is left otherwise idle if nothing else runs on it.
> >
> > I don't have a real reason for why I would want to do this, I'm mainly
> > curious as to if it's possible.
[cut]
>
> I have never done this myself, but I believe this is possible by
> creating a login class in /etc/login.conf and set the cputime option.
> See login.conf(5) for a better description.

Hi Alexander,

I believe that the cputime resource limit will limit the maximum
amount of CPU time that the user may use in a session, which is not
really what I asked for. I'd like the process or process group to run
for as long as it needs to run, but that it only ever uses a fraction
of the CPU power.

It's like limiting the network bandwidth for a particular type of
traffic, only this is about time on the CPU.

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote:
>Nikns Siankin <[EMAIL PROTECTED]> writes:
>
>> When we will meet in Riga, I will like to hear from you explanation,
>> how does putting md5 checksum file *along* with installables on the
>> same vulnerable channel, helps to make sure, that they are not backdoored ;]
>
>you don't have to wait that long. fetch the files from different mirrors.
hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
see ya

>
>-- 
>Peter N. M. Hansteen, member of the first RFC 1149 implementation team
>http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
>"Remember to set the evil bit on all malicious network traffic"
>delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

Re: facts about OpenBSD

[NetOne - Doichin Dokov]

Nikns Siankin P=P0P?P8Q
P0:

On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote:
  

Nikns Siankin <[EMAIL PROTECTED]> writes:



When we will meet in Riga, I will like to hear from you explanation,
how does putting md5 checksum file *along* with installables on the
same vulnerable channel, helps to make sure, that they are not backdoored ;]
  

you don't have to wait that long. fetch the files from different mirrors.


hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
see ya

  

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.


Go buy the CD set, Mr. Security - or you don't trust the postman either?

Now - seriuosly - let's stop all the shit. The misc@ has been 99% flame 
these days...


Regards,
Doichin

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > >
> > > Is there a way of limiting the amount of CPU given to a particular
> > > process or process group? For example, I would want the build of the
> > > qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> > > 75% idle if nothing else is happening on the machine.
> > >
> > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > machine is left otherwise idle if nothing else runs on it.
> > >
> > > I don't have a real reason for why I would want to do this, I'm mainly
> > > curious as to if it's possible.
> [cut]
> >
> > I have never done this myself, but I believe this is possible by
> > creating a login class in /etc/login.conf and set the cputime option.
> > See login.conf(5) for a better description.
>
> Hi Alexander,
>
> I believe that the cputime resource limit will limit the maximum
> amount of CPU time that the user may use in a session, which is not
> really what I asked for. I'd like the process or process group to run
> for as long as it needs to run, but that it only ever uses a fraction
> of the CPU power.
>
> It's like limiting the network bandwidth for a particular type of
> traffic, only this is about time on the CPU.
>
>
> Regards,
> Andreas
>
> --
> Andreas Kahari
> Somewhere in the general Cambridge area, UK
>

Yes, you are right. It is also possible to set a priority for a
process in a login class.

>From login.conf(5)
 priority  number  Initial priority (nice) level.

This is not exactly what you want, but it is pretty close. I am
curious why do you want to set an exact limit and not let the
scheduler do this for you?

Re: facts about OpenBSD

[Peter N. M. Hansteen]

Nikns Siankin <[EMAIL PROTECTED]> writes:

> hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP.
> see ya

the other option of course is to just buy the CDs.

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

pflogd -p problems

[Didier Wiroth]

Hello,

I'm running current (a few days old).

I would like to log some traffic to the pflog1 interface. Everything works 
fine except a problem with pflogd and the -p switch.

I use the following as default:
1) pflogd -s 116 -i pflog0 -f /var/log/pflog
The process is:
$ cat /var/run/pflogd.pid
9293

Everything is fine here!


Now, I would like to use the following for the pflog1 interface:
1) pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

But the -p switch doesn't work "-p /var/log/pflogd1.pid", pflogd does not
write the PID to pflogd1.pid ...
"sudo cat /var/run/pflogd1.pid" returns nothing. 
It looks like "-p" is simply ignored.

The (old/previous) PID file is still the same which is actually normal ... but 
just in case ...:
$ sudo cat /var/run/pflogd.pid
9293

Here is the output of pstree:
$ pstree -s pflogd -w
-+= 1 root /sbin/init
 |-+= 09293 root pflogd: [priv] (pflogd)
 | \--- 18342 _pflogd pflogd: [running] -s 116 -i pflog0 -f /var/log/pflog 
(pflogd)
 \-+= 19480 root pflogd: [priv] (pflogd)
   \--- 19710 _pflogd pflogd: [running] -s 116 -i pflog1 -f /var/log/pflog1 
(pflogd)

I'm not a specialist and may be I overlooked something.

How can I make this to work:
pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

Thanks a lot!!!

Didier

XING ağıma davet

[MUSTAFA MESUT NEBİOĞLU]

Merhaba,

Sizi XING C'evreme davet etmek isterim! 
 
Kararlar sC6zkonusu olduDunda iliEkiler gittikC'e daha C'ok C6nem kazanD1yor. 
 
XING Chttp://www.xing.com/go/inv/14755969.b7b977



ArtD1k XING davetiyesi almak istemiyorum:
http://www.xing.com/go/opt_out_invite/U2FsdGVkX189MreMiOactwZkxsirJ91rhN0iRZtqGybJ8zTEZPv2Yg

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > Hi,
> > > >
> > > > Is there a way of limiting the amount of CPU given to a particular
> > > > process or process group? For example, I would want the build of the
> > > > qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> > > > 75% idle if nothing else is happening on the machine.
> > > >
> > > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > > machine is left otherwise idle if nothing else runs on it.
> > > >
> > > > I don't have a real reason for why I would want to do this, I'm mainly
> > > > curious as to if it's possible.
> > [cut]
> > >
> > > I have never done this myself, but I believe this is possible by
> > > creating a login class in /etc/login.conf and set the cputime option.
> > > See login.conf(5) for a better description.
> >
> > Hi Alexander,
> >
> > I believe that the cputime resource limit will limit the maximum
> > amount of CPU time that the user may use in a session, which is not
> > really what I asked for. I'd like the process or process group to run
> > for as long as it needs to run, but that it only ever uses a fraction
> > of the CPU power.
> >
> > It's like limiting the network bandwidth for a particular type of
> > traffic, only this is about time on the CPU.
> >
> >
> > Regards,
> > Andreas
> >
> > --
> > Andreas Kahari
> > Somewhere in the general Cambridge area, UK
> >
>
> Yes, you are right. It is also possible to set a priority for a
> process in a login class.
>
> From login.conf(5)
>  priority  number  Initial priority (nice) level.
>
> This is not exactly what you want, but it is pretty close. I am
> curious why do you want to set an exact limit and not let the
> scheduler do this for you?
>

As I said, I don't have a good reason for wanting to do this. It just
seemed like something someone might want to do. But let me dream up
three examples: Sometimes firefox (or whatever program) goes a bit
haywire and brings the machine to a crawl. It would be nice to limit
firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
50% of the machine to work with.

Another example: Let's say I'm rebuilding the kernel, base system, and
all my packages after a major update from CVS after a long time away.
I'm not worried about how long this takes so I'm quite happy to run
the build at 5% of the CPU while I get on with my work.

Third example, similar to the last one: I'm running a distributed.net
or SETI-at-home client in the background, but I don't ever want it to
run at 100% of the CPU, maybe because that would make the machine too
noisy during the night (due to the fans).

Maybe no-one has these kind of requirements?

Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: cwm: root window unavailable

[Martin Toft]

On Sat, Jan 12, 2008 at 08:32:50PM +0100, Martin Toft wrote:
> Hi,
> 
> when starting X (and thereby cwm due to my .xinitrc), I get the
> following error:
> 
> cwm: root window unavailable - perhaps another wm is running?
> 
> It happens right after boot up, where I'm sure no other wm is running.
> My computer boots up without starting e.g. xdm and I type "startx" to
> launch X.

For the archive: I've solved the problem.

cwm echoes the error message above and terminates if xbindkeys is
running. My solution at the moment is to not use xbindkeys...

Martin

Re: facts about OpenBSD

[Thordur I. Bjornsson]

Lots of whining.

Where are your diffs to fix these issues ?

Oh, no wait. you want *other* people todo the work for you,
its not enough that you got what they gave already you want
more, you ungrateful whining dick.

-- 
Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
(Who does not love wine, women, and song, Remains a fool his whole life long.)
-- Johann Heinrich Voss

Re: Limiting CPU to a process or process group?

[Alexander Schrijver]

On Jan 14, 2008 2:34 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
>
> On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > > Hi,
> > > > >
> > > > > Is there a way of limiting the amount of CPU given to a particular
> > > > > process or process group? For example, I would want the build of the
> > > > > qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> > > > > 75% idle if nothing else is happening on the machine.
> > > > >
> > > > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > > > machine is left otherwise idle if nothing else runs on it.
> > > > >
> > > > > I don't have a real reason for why I would want to do this, I'm mainly
> > > > > curious as to if it's possible.
> > > [cut]
> > > >
> > > > I have never done this myself, but I believe this is possible by
> > > > creating a login class in /etc/login.conf and set the cputime option.
> > > > See login.conf(5) for a better description.
> > >
> > > Hi Alexander,
> > >
> > > I believe that the cputime resource limit will limit the maximum
> > > amount of CPU time that the user may use in a session, which is not
> > > really what I asked for. I'd like the process or process group to run
> > > for as long as it needs to run, but that it only ever uses a fraction
> > > of the CPU power.
> > >
> > > It's like limiting the network bandwidth for a particular type of
> > > traffic, only this is about time on the CPU.
> > >
> > >
> > > Regards,
> > > Andreas
> > >
> > > --
> > > Andreas Kahari
> > > Somewhere in the general Cambridge area, UK
> > >
> >
> > Yes, you are right. It is also possible to set a priority for a
> > process in a login class.
> >
> > From login.conf(5)
> >  priority  number  Initial priority (nice) 
> > level.
> >
> > This is not exactly what you want, but it is pretty close. I am
> > curious why do you want to set an exact limit and not let the
> > scheduler do this for you?
> >
>
> As I said, I don't have a good reason for wanting to do this. It just
> seemed like something someone might want to do. But let me dream up
> three examples: Sometimes firefox (or whatever program) goes a bit
> haywire and brings the machine to a crawl. It would be nice to limit
> firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
> 50% of the machine to work with.
>
> Another example: Let's say I'm rebuilding the kernel, base system, and
> all my packages after a major update from CVS after a long time away.
> I'm not worried about how long this takes so I'm quite happy to run
> the build at 5% of the CPU while I get on with my work.
>

What you describe here is exactly what you can accomplish with either
nice or the priority option in login.conf. Also, I am not exactly sure
what you mean with percent of CPU. Do you mean the difference of cpu
time scheduled between a 'normal' process?

> Third example, similar to the last one: I'm running a distributed.net
> or SETI-at-home client in the background, but I don't ever want it to
> run at 100% of the CPU, maybe because that would make the machine too
> noisy during the night (due to the fans).

I think this is a different issue. I don't know how this can be
solved. An idea might be to underclock your cpu at night.

>
> Maybe no-one has these kind of requirements?
>
>
> Andreas
>
> --
> Andreas Kahari
> Somewhere in the general Cambridge area, UK

Software for traffic analyzer

[João Salvatti]

Hi Folks,

I would like to know what web traffic analyzer should I use on my
network. I mean, what do you recommend.

Thanks in advance.

-- 
Joao Salvatti
Undergraduating in Computer Science
Federal University of Para - UFPA
web: http://www.openbsd-pa.org
e-mail: [EMAIL PROTECTED]

Re: Limiting CPU to a process or process group?

[Andreas Kahari]

On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> On Jan 14, 2008 2:34 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> >
> > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > > > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > > > Hi,
> > > > > >
> > > > > > Is there a way of limiting the amount of CPU given to a particular
> > > > > > process or process group? For example, I would want the build of the
> > > > > > qt4 port to use a maximum of 25% of the available CPU, leaving the 
> > > > > > CPU
> > > > > > 75% idle if nothing else is happening on the machine.
> > > > > >
> > > > > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > > > > machine is left otherwise idle if nothing else runs on it.
> > > > > >
> > > > > > I don't have a real reason for why I would want to do this, I'm 
> > > > > > mainly
> > > > > > curious as to if it's possible.
> > > > [cut]
> > > > >
> > > > > I have never done this myself, but I believe this is possible by
> > > > > creating a login class in /etc/login.conf and set the cputime option.
> > > > > See login.conf(5) for a better description.
> > > >
> > > > Hi Alexander,
> > > >
> > > > I believe that the cputime resource limit will limit the maximum
> > > > amount of CPU time that the user may use in a session, which is not
> > > > really what I asked for. I'd like the process or process group to run
> > > > for as long as it needs to run, but that it only ever uses a fraction
> > > > of the CPU power.
> > > >
> > > > It's like limiting the network bandwidth for a particular type of
> > > > traffic, only this is about time on the CPU.
[cut sigs]
> > >
> > > Yes, you are right. It is also possible to set a priority for a
> > > process in a login class.
> > >
> > > From login.conf(5)
> > >  priority  number  Initial priority (nice) 
> > > level.
> > >
> > > This is not exactly what you want, but it is pretty close. I am
> > > curious why do you want to set an exact limit and not let the
> > > scheduler do this for you?
> > >
> >
> > As I said, I don't have a good reason for wanting to do this. It just
> > seemed like something someone might want to do. But let me dream up
> > three examples: Sometimes firefox (or whatever program) goes a bit
> > haywire and brings the machine to a crawl. It would be nice to limit
> > firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
> > 50% of the machine to work with.
> >
> > Another example: Let's say I'm rebuilding the kernel, base system, and
> > all my packages after a major update from CVS after a long time away.
> > I'm not worried about how long this takes so I'm quite happy to run
> > the build at 5% of the CPU while I get on with my work.
> >
>
> What you describe here is exactly what you can accomplish with either
> nice or the priority option in login.conf. Also, I am not exactly sure
> what you mean with percent of CPU. Do you mean the difference of cpu
> time scheduled between a 'normal' process?

It is not quite the same because a process, even running at niceness
level 20, will grab as much CPU as it can (unless it has to wait for
data).

What I mean is what I wrote in my first email: "For example, I would
want the build of the qt4 port to use a maximum of 25% of the
available CPU, leaving the CPU 75% idle if nothing else is happening
on the machine."

> > Third example, similar to the last one: I'm running a distributed.net
> > or SETI-at-home client in the background, but I don't ever want it to
> > run at 100% of the CPU, maybe because that would make the machine too
> > noisy during the night (due to the fans).
>
> I think this is a different issue. I don't know how this can be
> solved. An idea might be to underclock your cpu at night.

Yes, I could "sysctl -w hw.setperf=0" or something like that on my
SpeedStep'able CPU, but with hw.setperf=0, a process still have the
possibility to get 100% of the CPU. It will be a slower CPU, but it's
still not limiting the process to use only a fraction of the CPU at
any instance in time.

Again, maybe no-one has these kind of requirements in real life?

Regards,
Andreas

-- 
Andreas Kahari
Somewhere in the general Cambridge area, UK

Re: cwm: root window unavailable

[Jan Stary]

On Jan 14 14:55:32, Martin Toft wrote:
> On Sat, Jan 12, 2008 at 08:32:50PM +0100, Martin Toft wrote:
> > when starting X (and thereby cwm due to my .xinitrc), I get the
> > following error:
> > 
> > cwm: root window unavailable - perhaps another wm is running?

> cwm echoes the error message above and terminates if xbindkeys is
> running. My solution at the moment is to not use xbindkeys...

This is strange. I am running xbindkeys and it never bothered cwm
(or any other WM). This is my ~/.xinitrc:

--- cut -
#!/bin/sh

xset -b -c dpms 300 600 900 m 4 100 r rate 400 30 s off
xsetroot -solid black
xrdb $HOME/.Xresources
xbindkeys

setxkbmap -rules xorg -model pc105 -layout "us,cz" \
-option "grp:shifts_toggle,grp_led:scroll"

exec cwm
--- cut -

What exactly is yours? In particular, how are you launching xbindkeys?
I really doubt xbindkeys would be causing it.

Looking at the source,

if (Starting && 
e->error_code == BadAccess &&   
e->request_code == X_GrabKey)
errx(1, "root window unavailable - perhaps another "
"wm is running?");  

is the only place where the message appears.
What exactly is a BadAccess when trying to X_GrabKey?

Jan

Re: Limiting CPU to a process or process group?

[Martin Schröder]

2008/1/14, Andreas Kahari <[EMAIL PROTECTED]>:
> What I mean is what I wrote in my first email: "For example, I would
> want the build of the qt4 port to use a maximum of 25% of the
> available CPU, leaving the CPU 75% idle if nothing else is happening
> on the machine."

This not possible in OpenBSD (and AFAIK no Unix scheduler does that).

Best
   Martin

Re: [Fwd: Open-Hardware]

[Uwe Stuehler]

On Sun, Jan 06, 2008 at 01:10:01PM -0500, Richard Stallman wrote:
> If users don't normally install microcode in the CPU, then ethically
> it may as well be a circuit.  It is not built as a circuit, but that's
> a different question.

That may as well be an ethically confusing sentence.

If users don't normally install ice cream in the banana, then ethically
it may as well be a fruit.

Oh My Gnu!...

We shall not endorse restaurants which serve pre-compiled banana split
for dessert to innocent guests when those guests ask for it, unless the
restaurant provides them with the complete recipe and all ingredients!

Re: Bluetooth on 4.2

[Uwe Stuehler]

On Sun, Jan 13, 2008 at 03:20:46AM +, Wim Lewis wrote:
> How much should I expect Bluetooth to be working on OBSD 4.2? I can get some
> things to work, but I can't successfully open an RFCOMM connecton.

The ubt(4) driver was fixed in -current, -r1.10 of sys/dev/usb/ubt.c.

Uwe

Re: Limiting CPU to a process or process group?

[Paul de Weerd]

On Mon, Jan 14, 2008 at 04:10:12PM +0100, Martin Schr?der wrote:
| 2008/1/14, Andreas Kahari <[EMAIL PROTECTED]>:
| > What I mean is what I wrote in my first email: "For example, I would
| > want the build of the qt4 port to use a maximum of 25% of the
| > available CPU, leaving the CPU 75% idle if nothing else is happening
| > on the machine."
| 
| This not possible in OpenBSD (and AFAIK no Unix scheduler does that).

The best you can get is on an SMP system consuming 100% of 1 CPU, in
effect consuming only 50% (or 25% or whatever) of all available cpu
cycles, but this is cheating as it's not really doing what you want.

Cheers,

Paul 'WEiRD' de Weerd

-- 
>[<++>-]<+++.>+++[<-->-]<.>+++[<+
+++>-]<.>++[<>-]<+.--.[-]
 http://www.weirdnet.nl/ 

Re: pflogd -p problems

[Okan Demirmen]

On Mon 2008.01.14 at 14:17 +0100, Didier Wiroth wrote:
> How can I make this to work:
> pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p /var/log/pflogd1.pid

you want:
pflogd -s 116 -i pflog1 -f /var/log/pflog1 -p pflogd1

which will write /var/run/pflogd1.pid .

Re: Limiting CPU to a process or process group?

[Ryan Flannery]

On Jan 14, 2008 9:27 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> It is not quite the same because a process, even running at niceness
> level 20, will grab as much CPU as it can (unless it has to wait for
> data).
>
> What I mean is what I wrote in my first email: "For example, I would
> want the build of the qt4 port to use a maximum of 25% of the
> available CPU, leaving the CPU 75% idle if nothing else is happening
> on the machine."
>

This is impossible in OpenBSD, and afaik it's also impossible in any other *nix.
Just curious: why would you want the cpu to stay 75% idle when nothing
else is running?

What you're specifically asking for is impossible, but I believe what
you want is possible (and quite common).

> Again, maybe no-one has these kind of requirements in real life?

Some of us have some very similar requirements, but we accomplish them
differently.
For example, to keep firefox from bringing my box to a crawl, I'll
usually run it with a priority (nice) much lower than normal.  When
I'm not doing anything else, firefox still uses nearly 100% of the
cpu, but that's only because *nothing* else is running.  When I
alt-tab over to an xterm and kick-off a large compile (or something of
the sort), the build job will then eat up most of the cpu and firefox
will be reduced to only a few percent.  Bottom line: firefox doesn't
slow anything else down (at least not too much), since it has a lower
scheduling priority.

Good use of nice(1) and renice(8) are what allows one to run processes
that do not interfere (too much) with other processes, which is what I
believe you are wanting.

Apologies if I misunderstood you.

-ryan

Re: Limiting CPU to a process or process group?

[Henri Salo]

On Mon, 14 Jan 2008 16:10:12 +0100
"Martin SchrC6der" <[EMAIL PROTECTED]> wrote:

> 2008/1/14, Andreas Kahari <[EMAIL PROTECTED]>:
> > What I mean is what I wrote in my first email: "For example, I would
> > want the build of the qt4 port to use a maximum of 25% of the
> > available CPU, leaving the CPU 75% idle if nothing else is happening
> > on the machine."
>
> This not possible in OpenBSD (and AFAIK no Unix scheduler does that).
>
> Best
>Martin

What about Solaris or plan9? I remember those could do something tricky
with CPU. Do I remember wrong or was I asleep?

--
Henri Salo  +358407705733
GPG ID: 2EA46E4F  fp: 14D0 7803 BFF6 EFA0 9998  8C4B 5DFE A106 2EA4 6E4F

[demime 1.01d removed an attachment of type application/pgp-signature which had 
a name of signature.asc]

Re: Limiting CPU to a process or process group?

[Douglas A. Tutty]

On Mon, Jan 14, 2008 at 01:34:13PM +, Andreas Kahari wrote:
> On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > >
> > > > > Is there a way of limiting the amount of CPU given to a particular
> > > > > process or process group? For example, I would want the build of the
> > > > > qt4 port to use a maximum of 25% of the available CPU, leaving the CPU
> > > > > 75% idle if nothing else is happening on the machine.
> > > > >
> > > > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > > > machine is left otherwise idle if nothing else runs on it.
> > > > >
> > > > > I don't have a real reason for why I would want to do this, I'm mainly
> > > > > curious as to if it's possible.
> > > [cut]
> > > >
> > > > I have never done this myself, but I believe this is possible by
> > > > creating a login class in /etc/login.conf and set the cputime option.
> > > > See login.conf(5) for a better description.

> > >
> > > I believe that the cputime resource limit will limit the maximum
> > > amount of CPU time that the user may use in a session, which is not
> > > really what I asked for. I'd like the process or process group to run
> > > for as long as it needs to run, but that it only ever uses a fraction
> > > of the CPU power.
> > >
> > > It's like limiting the network bandwidth for a particular type of
> > > traffic, only this is about time on the CPU.
> > >

> 
> As I said, I don't have a good reason for wanting to do this. It just
> seemed like something someone might want to do. But let me dream up
> three examples: Sometimes firefox (or whatever program) goes a bit
> haywire and brings the machine to a crawl. It would be nice to limit
> firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
> 50% of the machine to work with.

Well, if firefox is set to be quite nice, then your normal user session
should end up with a higher priority and you shouldn't notice that
firefox has gone haywire.  In this instance, you really don't have a
need to keep the CPU from being at 0% idle but rather want to maintain
responsiveness with other processes.  This is what nice is for.

> 
> Another example: Let's say I'm rebuilding the kernel, base system, and
> all my packages after a major update from CVS after a long time away.
> I'm not worried about how long this takes so I'm quite happy to run
> the build at 5% of the CPU while I get on with my work.
> 

As above.

> Third example, similar to the last one: I'm running a distributed.net
> or SETI-at-home client in the background, but I don't ever want it to
> run at 100% of the CPU, maybe because that would make the machine too
> noisy during the night (due to the fans).
> 

What you want to do here is throttle the CPU down.

> Maybe no-one has these kind of requirements?

On my machines, if something is going haywire its more likely that its
I/O bound and regular nice doesn't help.  

If I want a process to plod along, I'll farm it out to a slower box, eg
a P-II instead of the Athlon64.

So perhaps this is your answer.  Get a slow quiet box for your
SETI-at-home or whatever for over night and use your main box during the
day.

Doug.

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
>Lots of whining.
>
>Where are your diffs to fix these issues ?

Well, before you ask for diffs,
I have to hear from devs, that these ARE
considered to be issues that MUST be fixed.
Until that, i can stick my diffs in your ass.


>
>Oh, no wait. you want *other* people todo the work for you,
>its not enough that you got what they gave already you want
>more, you ungrateful whining dick.
>
>-- 
>Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
>(Who does not love wine, women, and song, Remains a fool his whole life long.)
>-- Johann Heinrich Voss

Re: cwm: root window unavailable

[Martin Toft]

On Mon, Jan 14, 2008 at 03:54:33PM +0100, Jan Stary wrote:
> On Jan 14 14:55:32, Martin Toft wrote:
> > cwm echoes the error message above and terminates if xbindkeys is
> > running. My solution at the moment is to not use xbindkeys...
> 
> This is strange. I am running xbindkeys and it never bothered cwm (or
> any other WM). This is my ~/.xinitrc:
[snip]

After a bit of poking around, I've discovered that the error only occurs
if I define one or more short cuts using xbindkeys that use the same
keys as the short cuts in cwm do. I guess this behaviour should be
expected, even though I was confused about cwm's error message.

I had this short cut for starting firefox in .xbindkeysrc:

"firefox"
  control + alt + q

After replacing q with b (b for browser ;-)), xbindkeys and cwm are
friends again.

Jan: You ask how I start xbindkeys -- if you still want to know, my
.xinitrc is attached inline in my original mail.

Martin

Re: Zend Optimizer with apache and php5 on 4.2

[Matt]

Evgeniy Sudyr schreef:

Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension="/var/www/lib/ZendOptimizer.so"

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.


Zend does not care about OpenBSD. I once had contact with the Zend 
Optimizer devs (around 3.9 I think) and there were no plans to keep up 
to date.
Using 3.4 is never going to work; I can tell you that much. Don't even 
bother trying.


Look for an alternative PHP op-cache. OpenBSD includes APC in ports 
which works good.
If you need encryption look at Ioncube they tend to be more flexible and 
will compile it for you on your box.


Matt

Re: Zend Optimizer with apache and php5 on 4.2

[Marcos Laufer]

Hello Evgeniy,

You can try this how-to, this might work for you:

Solution for ZendOptimizer to work under OpenBSD 4.1/i386
1. Download the file for OpenBSD 3.x as distributed by Zend
currently ZendOptimizer-3.2.8-openbsd3.4-i386.tar.gz

2. Untar (tar -xzf ZendOpt*), and fetch the files
-> ZendOptimizer*/data/ZendExtensionManager.so
-> ZendOptimizer*/data/5_1_x_comp/ZendOptimizer.so
where 5_1_x is the php you have installed

3. Put those file somewhere clean like
-> /var/www/lib/php/ZendExtensionManager.so
-> /var/www/lib/php/ZendOptimizer.so
you NEED to keep the names unchanged

4. Simulate old libs (here's the magic)
type in the console the following command
# ln -s libm.so.2.3 /usr/lib/libm.so.1.0

Alternatively, if you don't like symlinking you can edit the binaries and 
change the
string 'libm.so.1.0' into 'libm.so.2.3' in both of Zend*.so files
- change 0x[31 2E 30] -> 0x[32 2E 33] in ZendExtensionManager.so at offset 
0x0720
- change 0x[31 2E 30] -> 0x[32 2E 33] in ZendOptimizer.so at offset 0xCEAE

5. Edit your /var/www/conf/php.ini and add the section
[Zend]
zend_extension=/var/www/lib/php/ZendExtensionManager.so
zend_extension=/var/www/lib/php/ZendOptimizer.so

6. Test
Reboot your webserver
# apachectl stop
# apachectl start
Write down one php page containing  and browse it !



- Original Message - 
From: "Evgeniy Sudyr" <[EMAIL PROTECTED]>
To: 
Sent: Monday, January 14, 2008 9:25 AM
Subject: Zend Optimizer with apache and php5 on 4.2


Hi all,

I want use Zend optimizer with apache and php5.

I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
website (latest version is only for 3.4) and unpacked archive and copied PHP 
module from
/data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

I put lines below to php.ini

;zend_optimizer.optimization_level=15
zend_extension="/var/www/lib/ZendOptimizer.so"

Module not loading :(


# php -v
Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


Is it possible run Zend optimizer with -current or 4.2 ? Please give a
bit instructions how make it workable.




-- 
Best regards,
 Evgeniy  mailto:[EMAIL PROTECTED]

Re: cwm: root window unavailable

[Owain Ainsworth]

On Mon, Jan 14, 2008 at 05:35:25PM +0100, Martin Toft wrote:
> After a bit of poking around, I've discovered that the error only occurs
> if I define one or more short cuts using xbindkeys that use the same
> keys as the short cuts in cwm do. I guess this behaviour should be
> expected, even though I was confused about cwm's error message.

If you want to solve this (in current):

either use cwm's keybinding support (it abuses symlinks right now, which
is evil, but at least it works), or look into the "unmap" keyword. For
both man 1 cwm is your friend. I may look into if there's a nicer way of
dealing with this conflict.

Cheers,

-0-
-- 
Learned men are the cisterns of knowledge, not the fountainheads.

Re: 7800GS + 2 monitors under 4.2-release

[Chris Harper]

Just checking if anyone has made any progress thus far getting dual
screens to function ?

On 05/11/2007, Paulo Rodriguez <[EMAIL PROTECTED]> wrote:
> Hi misc,
>
> Just wondering about any success stories getting dual-screen/xinerama
> running under OpenBSD 4.2-release with nVidia cards (G73) under X. If I
> read correctly the necessary code for this was imported by matthieu@
> after 4.2-release code was frozen, so it should be in -current.
>
> Kind regards,
>
> Paulo

spamd not un-greylisting entries?

[Daniel Barowy]

Hello everyone,

  I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|<[EMAIL PROTECTED]>|<[EMAIL 
PROTECTED]>|1200331179|1200345579|1200345579|8|0

  Notice that the "block" column count is high.  In the past, I don't 
recall this number ever exceeding 2.  Our users are now complaining that 
they are not receiving many expected inbound emails.  My understanding is 
that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
retry.  No?


  I was troubleshooting a separate issue that required a restart of our 
firewall (spamd is running on the firewall and not the mail servers), and 
this problem popped up shortly thereafter.


  I have not changed anything with our pf.conf or spamd.conf that I know 
of, except that I've added a number of crucial mailhosts to our PF 
whitelist-- something I've done dozens of times before.


  This is on an OpenBSD 4.0 machine.

  Any suggestions?

Many thanks,
Dan

spamd not un-greylisting entries?

[Daniel Barowy]

Hello everyone,

  My apologies if you get this twice-- it just occurred to me that I sent 
my original message out using the wrong email address.


  I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|<[EMAIL PROTECTED]>|<[EMAIL 
PROTECTED]>|1200331179|1200345579|1200345579|8|0

  Notice that the "block" column count is high.  In the past, I don't 
recall this number ever exceeding 2.  Our users are now complaining that 
they are not receiving many expected inbound emails.  My understanding is 
that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
retry.  No?


  I was troubleshooting a separate issue that required a restart of our 
firewall (spamd is running on the firewall and not the mail servers), and 
this problem popped up shortly thereafter.


  I have not changed anything with our pf.conf or spamd.conf that I know 
of, except that I've added a number of crucial mailhosts to our PF 
whitelist-- something I've done dozens of times before.


  This is on an OpenBSD 4.0 machine.

  Any suggestions?

Many thanks,
Dan

Re: Zend Optimizer with apache and php5 on 4.2

[Evgeniy Sudyr]

Hello Marcos,

Monday, January 14, 2008, 7:18:27 PM, you wrote:

> Hello Evgeniy,

> You can try this how-to, this might work for you:

> Solution for ZendOptimizer to work under OpenBSD 4.1/i386
> 1. Download the file for OpenBSD 3.x as distributed by Zend
> currently ZendOptimizer-3.2.8-openbsd3.4-i386.tar.gz

> 2. Untar (tar -xzf ZendOpt*), and fetch the files
->> ZendOptimizer*/data/ZendExtensionManager.so
->> ZendOptimizer*/data/5_1_x_comp/ZendOptimizer.so
> where 5_1_x is the php you have installed

> 3. Put those file somewhere clean like
->> /var/www/lib/php/ZendExtensionManager.so
->> /var/www/lib/php/ZendOptimizer.so
> you NEED to keep the names unchanged

> 4. Simulate old libs (here's the magic)
> type in the console the following command
> # ln -s libm.so.2.3 /usr/lib/libm.so.1.0

> Alternatively, if you don't like symlinking you can edit the binaries and 
> change the
> string 'libm.so.1.0' into 'libm.so.2.3' in both of Zend*.so files
> - change 0x[31 2E 30] -> 0x[32 2E 33] in ZendExtensionManager.so at offset 
> 0x0720
> - change 0x[31 2E 30] -> 0x[32 2E 33] in ZendOptimizer.so at offset 0xCEAE

> 5. Edit your /var/www/conf/php.ini and add the section
> [Zend]
> zend_extension=/var/www/lib/php/ZendExtensionManager.so
> zend_extension=/var/www/lib/php/ZendOptimizer.so

> 6. Test
> Reboot your webserver
> # apachectl stop
> # apachectl start
> Write down one php page containing  and browse it !



> - Original Message - 
> From: "Evgeniy Sudyr" <[EMAIL PROTECTED]>
> To: 
> Sent: Monday, January 14, 2008 9:25 AM
> Subject: Zend Optimizer with apache and php5 on 4.2


> Hi all,

> I want use Zend optimizer with apache and php5.

> I downloaded  ZendOptimizer-3.3.0a-openbsd3.4-i386.tar.gz from Zend
> website (latest version is only for 3.4) and unpacked archive and copied PHP 
> module from
> /data/5_2_x_comp/ZendOptimizer.so to /var/www/lib/ZendOptimizer.so

> I put lines below to php.ini

> ;zend_optimizer.optimization_level=15
> zend_extension="/var/www/lib/ZendOptimizer.so"

> Module not loading :(


> # php -v
> Failed loading /var/www/lib/ZendOptimizer.so:  Cannot load specified object
> PHP 5.2.3 with Suhosin-Patch 0.9.6.2 (cli) (built: Aug 16 2007 02:21:38)
> Copyright (c) 1997-2007 The PHP Group
> Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies


> Is it possible run Zend optimizer with -current or 4.2 ? Please give a
> bit instructions how make it workable.





Thanks! I used this how-to but its not work for me :(

-- 
Best regards,
 Evgeniymailto:[EMAIL PROTECTED]

Re: [Fwd: Open-Hardware]

[Marco Peereboom]

I really tried resisting replying to this but this is simply too much.

On Mon, Jan 14, 2008 at 06:27:24AM -0500, Richard Stallman wrote:
> And who controls GPL? What will you do when all GPL software and 
> subsequent 
> developments are "kept" on servers out of reach of users (BSD 
> situation...)? 
> 
> You are making an extreme projection, which I doubt will happen.
> I am going to urge people to avoid using servers to do their
> own computing.

I am not making an extreme projection.  The FSF for all intents and
purposes outlived its usefulness 10 years ago.  It was reinvented to
remain relevant.  It'll fade away just like any other organization that
has no real use anymore.  Then what?  To remain in power the FSF needs
to collect ownership of as much software as possible.  That's where
things like GPLv3 come in because your organization is losing control.
Retain control as long as possible!

> 
> However, as regards the release of source code for those modified,
> we've already taken a step to deal with that.  We have already
> published the GNU Affero GPL which deals with the issue that someone
> might use an improved version on a public server and never release his
> changes.

This is such a dumb argument that I don't even know where to start.

The anti-tivo argument is shallow because there is no difference between
a TiVo that boots linux and a CPU that needs micro code.  The "they will
close the code" argument is 100% a farce; one can not close code, it is
still out there on the mirrors; licenses can not retroactively be
revoked.

You have regurgitated some lame arguments on ethics however you clearly
don't subscribe to them.  Then you go around and claim ignorance on
topics that you are supposed to be an expert on.  Your arguments have
therefore lost all credibility.

I can go on and point out all fallacies in your arguments but I am
pretty sure we have covered that ad nauseam.

> 
> What will be in GPLv4?
> 
> GPLv4 will be basically the same as all previous versions: it will
> grant the four freedoms to everyone, and protect them for everyone, as
> best as we can achieve.  We will change only details.

Those so called freedoms are covered by copyright law.  You really don't
need a 1 word license.

The only thing you are trying to protect is the relevance of the FSF.

> 
> Why more rights to the user than to the creator?
> 
> By "the creator", do you mean the author of a program?  When the author
> releases a program under the GNU GPL, he gives users a subset of his
> legal rights.  So your question is based on a misunderstanding.

No it is not.  Copyright takes good care of author.  The GPL revokes
copyright holders rights and therefore is a bad license for people
authoring software.

It is however a fantastic license for large corporations to give away
code without giving it away.  This is an awesome marketing tool.

As usual your arguments are backwards.  You say you protect one group
but really you are protecting self interests.

> 
> Why do you Balkanize the open source community without any sound reason?
> 
> There is no such thing as the "open source community".  Open source
> supporters are part of the free software community, which was built by
> the free software movement starting in 1983.

This sentence does not even make sense.  If I read this correctly you
are claiming 100% credit of all Open and Free software (man do I hate
these made up words) efforts because you started a foundation that has
something to do with FOSS.

The only credit you get to claim is the fact that there was no user
space available when Linus launched Linux and it filled a nice niche.
There was all kinds of open/free/gratis code available long before you
came up with the FSF.  You got to piggy back Linus' work and the fear of
the outcome of the BSD legal battle in California.  You didn't do that
much; you were simply lucky that at that time you had something that did
something.  All this grandeur that *you* did it is quite frankly
delusional.  You got lucky, that's it.

> 
> If "balkanize" refers to incompatible licenses, that would not happen
> if everyone followed our licensing recommendations.  If all free
> software were released under "GPL version N or later", as we
> recommend, then all free software would be license-compatible.

This is the most insulting thing you have said so far.  Now you are
challenging everyone's intelligence who does not agree with your
license.  Wow, I really thought that I had heard it all from you.

I know this will sound foreign to you but are you aware that the GPL is
not everyone's first choice?

Are you aware that large corporations are using the GPL to pretend to be
open source friendly?

The GPL has a virus clause and by that definition it is a balkanizing
license.  People will not agree with you and by throwing a tantrum
saying boohoo you should agree with my license is childish at best and 
power mongering for your irrelevant foundation at worst.

Re: Limiting CPU to a process or process group?

[Ted Unangst]

On 1/14/08, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> As I said, I don't have a good reason for wanting to do this. It just
> seemed like something someone might want to do. But let me dream up
> three examples: Sometimes firefox (or whatever program) goes a bit
> haywire and brings the machine to a crawl. It would be nice to limit
> firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
> 50% of the machine to work with.

nice.

> Another example: Let's say I'm rebuilding the kernel, base system, and
> all my packages after a major update from CVS after a long time away.
> I'm not worried about how long this takes so I'm quite happy to run
> the build at 5% of the CPU while I get on with my work.

nice.

> Third example, similar to the last one: I'm running a distributed.net
> or SETI-at-home client in the background, but I don't ever want it to
> run at 100% of the CPU, maybe because that would make the machine too
> noisy during the night (due to the fans).

while true do kill -STOP pid, sleep 1; kill -CONT pid; sleep 1; done

NVidia 8800GT (not GTS or GTX) and X @ 1680x1050 not fully working?

[Richard Daemon]

Hi,

Has anyone been able to get X (xenocara?) working properly with an nvidia
8800GT (not GTS or GTX).

It worked right out of the box with my 8600GTS but so far, not the 8800GT.

Would it help if I include any logs or anything specific or any
recommendations as to what I can try to get full support working?

TIA!

Re: spamd not un-greylisting entries?

[Daniel Barowy]

On Mon, 14 Jan 2008, Daniel Barowy wrote:
 I would greatly appreciate it someone would help me diagnose this spamd 
problem.  We've been running spamd since last October, and until this past 
Thursday, it was working great.  I may be mistaken, but I don't think I've 
ever seen entries like the following before (email addresses munged 
intentionally):


GREY|76.96.62.64|<[EMAIL PROTECTED]>|<[EMAIL 
PROTECTED]>|1200331179|1200345579|1200345579|8|0



I was pressed for time, and users were beginning to revolt, so I shut down 
spamd, moved the /var/db/spamd and /var/log/spamd files, and started the 
whole thing back up again.  spamd appears to be normal again, but if 
anyone would like to see these files, I will be happy to send them along. 
They're big-- we ran spamd nonstop for an entire year before we had this 
problem.


Dan

Re: facts about OpenBSD

[Jacob Yocom-Piatt]

Nikns Siankin wrote:

On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
  

Lots of whining.

Where are your diffs to fix these issues ?



Well, before you ask for diffs,
I have to hear from devs, that these ARE
considered to be issues that MUST be fixed.
Until that, i can stick my diffs in your ass.

  



you are correct that some of the issues you brought up are actual 
shortcomings in openbsd. however, **bitching** that these are problems 
that need to be fixed is about as rude as you can get. a number of the 
issues you complained about are in the process of getting fixed, but you 
obviously neglected to thoroughly investigate the options. i see no 
reason these issues "MUST" be fixed (you've provided no compelling 
argument) only that they can and likely are being fixed.


if openbsd had a steady budget of several 100K CAD per annum and more 
devs, your bitching might be perceived as reasonable since it would 
likely mean that those areas had been disproportionately or unreasonably 
neglected. as it stands there is only so much dev time for so many 
things and nobody is actively neglecting the areas you've complained about.


i was just thinking about emailing volkswagen corporate HQ and bitching 
about how my VW is not a porsche and that they should immediately double 
my car's horsepower and torque, fix the suspension, refit the brakes, 
etc. does that seem reasonable?



  

Oh, no wait. you want *other* people todo the work for you,
its not enough that you got what they gave already you want
more, you ungrateful whining dick.

--
Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang.
(Who does not love wine, women, and song, Remains a fool his whole life long.)
   -- Johann Heinrich Voss



  



--

Re: facts about OpenBSD

[STeve Andre']

On Monday 14 January 2008 11:30:11 Nikns Siankin wrote:
> On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote:
> >Lots of whining.
> >
> >Where are your diffs to fix these issues ?
>
> Well, before you ask for diffs,
> I have to hear from devs, that these ARE
> considered to be issues that MUST be fixed.
> Until that, i can stick my diffs in your ass.

Actually, writing something and submitting it is a very reasonable
thing to do.  It could solve your problem, and might help someone
else.  It's also educational, in that diffs need to be of high quality
(ie, correct) to be accepted.

--STeve Andre'

Re: [Fwd: Open-Hardware]

[chefren]

On 1/14/08 7:58 PM, Marco Peereboom wrote:

On Mon, Jan 14, 2008 at 06:27:24AM -0500, Richard Stallman wrote:

>

What will be in GPLv4?

GPLv4 will be basically the same as all previous versions: it will
grant the four freedoms to everyone, and protect them for everyone, as
best as we can achieve.  We will change only details.


Those so called freedoms are covered by copyright law.  You really don't
need a 1 word license.


My idea. And every new word can hide a new bug or even more, so the 
version count will get much higher than 4. Less code is by design the 
only thing that gives more clarity and security...



The only thing you are trying to protect is the relevance of the FSF.


It's clear that one of Richard Stallman's main goals is further 
Balkanizing the open source community. Divide and conquer, a primitive 
and mean way to proceed with this idealistic matter. Really very sad 
that such an influential person uses this kind of methods.


But yes, you may Richard, you may. This is a BSD list, nobody here 
holds you with your primitive pursuit of happiness.



..

[

All your code are belong to FSF!


The funniest remark in this sad thread.
]

+++chefren

Re: facts about OpenBSD

[Nikns Siankin]

On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote:
> you are correct that some of the issues you brought up are actual 
> shortcomings in openbsd. however, **bitching** that these are problems that 
> need to be fixed is about as rude as you can get. a number of the issues 
> you complained about are in the process of getting fixed, but you obviously 
> neglected to thoroughly investigate the options. i see no reason these 
> issues "MUST" be fixed (you've provided no compelling argument) only that 
> they can and likely are being fixed.
>
> if openbsd had a steady budget of several 100K CAD per annum and more devs, 
> your bitching might be perceived as reasonable since it would likely mean 
> that those areas had been disproportionately or unreasonably neglected. as 
> it stands there is only so much dev time for so many things and nobody is 
> actively neglecting the areas you've complained about.
>
> i was just thinking about emailing volkswagen corporate HQ and bitching 
> about how my VW is not a porsche and that they should immediately double my 
> car's horsepower and torque, fix the suspension, refit the brakes, etc. 
> does that seem reasonable?

If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.

If you claim to produce the most secure OS, you have to prove that by
provaiding secure wifi encryption for masses (WPAx) and usable disk
encryption design for laptops and so on...
...or let's just call it perfect wired firewall...

>
>
>>   
>>> Oh, no wait. you want *other* people todo the work for you,
>>> its not enough that you got what they gave already you want
>>> more, you ungrateful whining dick.
>>>
>>> -- 
>>> Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein 
>>> Lebelang.
>>> (Who does not love wine, women, and song, Remains a fool his whole life 
>>> long.)
>>>-- Johann Heinrich Voss
>>> 
>>
>>   
>
>
> -- 

Re: Limiting CPU to a process or process group?

[Tito Mari Francis Escaño]

Maybe it would be feasible to run your ideal user space in a virtual
environment (i.e. qemu), where the guest user space thinks it can use
the CPU for itself when in fact it's just 50-75% of the actual
machine.

On Jan 14, 2008 10:27 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
>
> On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > On Jan 14, 2008 2:34 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > >
> > > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > > On Jan 14, 2008 1:30 PM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > > On 14/01/2008, Alexander Schrijver <[EMAIL PROTECTED]> wrote:
> > > > > > On Jan 14, 2008 11:52 AM, Andreas Kahari <[EMAIL PROTECTED]> wrote:
> > > > > > > Hi,
> > > > > > >
> > > > > > > Is there a way of limiting the amount of CPU given to a particular
> > > > > > > process or process group? For example, I would want the build of 
> > > > > > > the
> > > > > > > qt4 port to use a maximum of 25% of the available CPU, leaving 
> > > > > > > the CPU
> > > > > > > 75% idle if nothing else is happening on the machine.
> > > > > > >
> > > > > > > I know about 'nice', but it doesn't fulfil the criteria that the
> > > > > > > machine is left otherwise idle if nothing else runs on it.
> > > > > > >
> > > > > > > I don't have a real reason for why I would want to do this, I'm 
> > > > > > > mainly
> > > > > > > curious as to if it's possible.
> > > > > [cut]
> > > > > >
> > > > > > I have never done this myself, but I believe this is possible by
> > > > > > creating a login class in /etc/login.conf and set the cputime 
> > > > > > option.
> > > > > > See login.conf(5) for a better description.
> > > > >
> > > > > Hi Alexander,
> > > > >
> > > > > I believe that the cputime resource limit will limit the maximum
> > > > > amount of CPU time that the user may use in a session, which is not
> > > > > really what I asked for. I'd like the process or process group to run
> > > > > for as long as it needs to run, but that it only ever uses a fraction
> > > > > of the CPU power.
> > > > >
> > > > > It's like limiting the network bandwidth for a particular type of
> > > > > traffic, only this is about time on the CPU.
> [cut sigs]
> > > >
> > > > Yes, you are right. It is also possible to set a priority for a
> > > > process in a login class.
> > > >
> > > > From login.conf(5)
> > > >  priority  number  Initial priority (nice) 
> > > > level.
> > > >
> > > > This is not exactly what you want, but it is pretty close. I am
> > > > curious why do you want to set an exact limit and not let the
> > > > scheduler do this for you?
> > > >
> > >
> > > As I said, I don't have a good reason for wanting to do this. It just
> > > seemed like something someone might want to do. But let me dream up
> > > three examples: Sometimes firefox (or whatever program) goes a bit
> > > haywire and brings the machine to a crawl. It would be nice to limit
> > > firefox's CPU to a maximum of, say, 50% so that I'm guaranteed to have
> > > 50% of the machine to work with.
> > >
> > > Another example: Let's say I'm rebuilding the kernel, base system, and
> > > all my packages after a major update from CVS after a long time away.
> > > I'm not worried about how long this takes so I'm quite happy to run
> > > the build at 5% of the CPU while I get on with my work.
> > >
> >
> > What you describe here is exactly what you can accomplish with either
> > nice or the priority option in login.conf. Also, I am not exactly sure
> > what you mean with percent of CPU. Do you mean the difference of cpu
> > time scheduled between a 'normal' process?
>
> It is not quite the same because a process, even running at niceness
> level 20, will grab as much CPU as it can (unless it has to wait for
> data).
>
> What I mean is what I wrote in my first email: "For example, I would
> want the build of the qt4 port to use a maximum of 25% of the
> available CPU, leaving the CPU 75% idle if nothing else is happening
> on the machine."
>
> > > Third example, similar to the last one: I'm running a distributed.net
> > > or SETI-at-home client in the background, but I don't ever want it to
> > > run at 100% of the CPU, maybe because that would make the machine too
> > > noisy during the night (due to the fans).
> >
> > I think this is a different issue. I don't know how this can be
> > solved. An idea might be to underclock your cpu at night.
>
> Yes, I could "sysctl -w hw.setperf=0" or something like that on my
> SpeedStep'able CPU, but with hw.setperf=0, a process still have the
> possibility to get 100% of the CPU. It will be a slower CPU, but it's
> still not limiting the process to use only a fraction of the CPU at
> any instance in time.
>
> Again, maybe no-one has these kind of requirements in real life?
>
>
> Regards,
> Andreas
>
> --
> Andreas Kahari
> Somewhere in the general Cambridge area, UK
>
>



-- 
Tito Mari Francis H. EscaC1o
Computer Engineer and Free Software Proponent

Re: facts about OpenBSD

[Ted Unangst]

On 1/14/08, Nikns Siankin <[EMAIL PROTECTED]> wrote:
> Well, before you ask for diffs,
> I have to hear from devs, that these ARE
> considered to be issues that MUST be fixed.

they are not issues that must be fixed.

Re: facts about OpenBSD

[Dusty]

On Jan 14, 2008 10:09 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote:

> On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote:
> > you are correct that some of the issues you brought up are actual
> > shortcomings in openbsd. however, **bitching** that these are problems
> that
> > need to be fixed is about as rude as you can get. a number of the issues
> > you complained about are in the process of getting fixed, but you
> obviously
> > neglected to thoroughly investigate the options. i see no reason these
> > issues "MUST" be fixed (you've provided no compelling argument) only
> that
> > they can and likely are being fixed.
> >
> > if openbsd had a steady budget of several 100K CAD per annum and more
> devs,
> > your bitching might be perceived as reasonable since it would likely
> mean
> > that those areas had been disproportionately or unreasonably neglected.
> as
> > it stands there is only so much dev time for so many things and nobody
> is
> > actively neglecting the areas you've complained about.
> >
> > i was just thinking about emailing volkswagen corporate HQ and bitching
> > about how my VW is not a porsche and that they should immediately double
> my
> > car's horsepower and torque, fix the suspension, refit the brakes, etc.
> > does that seem reasonable?
>
> If you get money from selling CDs/soft, its just clearly unfair to not
> support it. Yes, I'm talking about stable ports.
>
> If you claim to produce the most secure OS, you have to prove that by


Cam you prove that another OS is more secure?

>
> provaiding secure wifi encryption for masses (WPAx) and usable disk
> encryption design for laptops and so on...
> ...or let's just call it perfect wired firewall...


Less talking. More coding. kthnkbye

>
>
> >
> >
> >>
> >>> Oh, no wait. you want *other* people todo the work for you,
> >>> its not enough that you got what they gave already you want
> >>> more, you ungrateful whining dick.
> >>>
> >>> --
> >>> Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein
> >>> Lebelang.
> >>> (Who does not love wine, women, and song, Remains a fool his whole
> life
> >>> long.)
> >>>-- Johann Heinrich Voss
> >>>
> >>
> >>
> >
> >
> > --

Re: Limiting CPU to a process or process group?

[RJ Nowling]

I think what you're referring to is called "process accounting."  I 
don't know about OpenBSD's support for this, though.



RJ

Re: facts about OpenBSD

[johan beisser]

On Jan 14, 2008, at 12:09 PM, Nikns Siankin wrote:


If you get money from selling CDs/soft, its just clearly unfair to not
support it. Yes, I'm talking about stable ports.


Actually, the OpenBSD OS is supported. Your argument is pointless.  
Stable ports are NOT supported because, well, it's not really part of  
the OS.


If you want stable ports, build it all yourself, for the architectures  
you need. If you really think they're so important, donate hardware to  
OpenBSD, and create your own position in the ranks of various devs.


Bitching and whining get you nothing.


If you claim to produce the most secure OS, you have to prove that by
provaiding secure wifi encryption for masses (WPAx) and usable disk
encryption design for laptops and so on...


I fail to see where those features make you "more secure." WPA is a  
clusterfuck. Wireless by its very nature is almost un-securable, even  
with cruft like WPA added in. If you want "more secure" you should  
look at alternate solutions (IPSec, OpenVPN, etc). And, even then, you  
may want to just review your code and implementation.


Full disk encryption also only provides so much benefit to code  
complexity increase. I like OpenBSD, but if I need full disk  
encryption I still use vnd(4), a passphrase that's different from my  
account password, and mount that locally. Manually. Every time you  
mount the image.


If you want FileVault style access, write your own login patch to  
handle mounting the image, and submit it.



...or let's just call it perfect wired firewall...


Does quite well for me.

Re: facts about OpenBSD (FOOOLS)

[Rico Secada]

On Mon, 14 Jan 2008 12:53:35 -0800
johan beisser <[EMAIL PROTECTED]> wrote:

> Bitching and whining get you nothing.

When will you people stop responding to whiners like this!? He's
bitching and your just bitching back.

Leave the ignorant fool alone, and he will stop barking up your three!
It's not that difficult!!

Re: spamd-setup hangup/timeout settings

[Frank Bax]

Jason George wrote:

My spamd-setup always takes 20-30 minutes on two servers (4.1 and 4.2).
  This is not normal?  When I run it manually; most of the time is
spent downloading traplist.gz


You are all connecting to beck@'s machine at the University of Alberta 
(www.openbsd.org) ?


I use the same major ISP that the U of A uses as one of its principal peers.  
I get timeouts, poor throughput and generally the same behaviour as mentioned 
above for all transfers to that site (spamd lists, snapshots, etc).



It appears somebody changed something on Saturday.  I had several 
downloads on that day timeout after 332 minutes.  Since then, they are 
most often in 15-35 second range; never over 2 minutes.  Thanks!

Re: spamd not un-greylisting entries?

[Calomel]

Dan,

The "blocked while grey listed" number of 8 is dependent on the amount of
retries the remote mail server attempted while grey listed. Comcast servers
for example will try once per minute to deliver their mail. For example, if
you grey listed comcast for 25 minutes the blocked number would be around
24-26.

What is your grey listed time out? By default I believe it is set at 25
minutes. (-G 25:4:864) Perhaps it is too low or too high?

This is probably not your issue, but may give you a place to start.


Spamd anti-spam "how to" (spamdb)
http://calomel.org/spamd_config.html

--
 Calomel @ http://calomel.org
 Open Source Research and Reference


On Mon, Jan 14, 2008 at 01:00:44PM -0500, Daniel Barowy wrote:
>Hello everyone,
>
>  My apologies if you get this twice-- it just occurred to me that I sent 
>my original message out using the wrong email address.
>
>  I would greatly appreciate it someone would help me diagnose this spamd 
>problem.  We've been running spamd since last October, and until this past 
>Thursday, it was working great.  I may be mistaken, but I don't think I've 
>ever seen entries like the following before (email addresses munged 
>intentionally):
>
>GREY|76.96.62.64|<[EMAIL PROTECTED]>|<[EMAIL 
>PROTECTED]>|1200331179|1200345579|1200345579|8|0
>
>  Notice that the "block" column count is high.  In the past, I don't 
>recall this number ever exceeding 2.  Our users are now complaining that 
>they are not receiving many expected inbound emails.  My understanding is 
>that the GREY spamdb entry should turn to WHITE upon the remote MTA's 
>retry.  No?
>
>  I was troubleshooting a separate issue that required a restart of our 
>firewall (spamd is running on the firewall and not the mail servers), and 
>this problem popped up shortly thereafter.
>
>  I have not changed anything with our pf.conf or spamd.conf that I know 
>of, except that I've added a number of crucial mailhosts to our PF 
>whitelist-- something I've done dozens of times before.
>
>  This is on an OpenBSD 4.0 machine.
>
>  Any suggestions?
>
>Many thanks,
>Dan

Need a major favor from Theo!

[Billy B. Bilano]

Hey guys!!! (with special request for Theor pls!)

Theo, I need a favor big guy! (only an easy one this time, I swear to it 
sir! LOLSLS)!


See, we have the audit happening here at the bank this time and it's 
causing me a lot of headaches and pains. A whiles back I replaced Cisco 
stuff here with OBSD and pf and OpenBPG and all that jazz because you 
(you = Theo) and Danny J. Harmminereater (or what everyour name is guy 
who wrote OepnBGP) said that is the smarty thing to do! Well, it turns 
out we still got some Cisco contracts open and all, and these auditors 
need some docs filled out by you two.


It's no big deal, I swear! They just want me to sent these docs (only 
about twenty pages) titled "Assumption of Vendor Liability" off to you 
for you to fill out and send back. Easy as punch!!!


So if you could give a an mailing address that would be swell. I promise 
that if you do this, I will buy a CD set this time and not take the 
bootlegs ISOs that Maddog releases!



--
Mr. Billy B. Bilano, MSCE, CCNA, CISSP, and now QISP

Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS

Re: Need a major favor from Theo!

[Ken Ismert]

http://www.encyclopediadramatica.com/Bilano

Excerpt:
"Last name of "Billy B. Bilano" troll genius. Mr. Bilano posts 
incredibly plausible-sounding pleas for help on various alpha geek 
mailing lists..."


Is January some kind of official troll month? Why can't it be the 
shortest month of the year?


-Ken

Billy B. Bilano wrote:

Hey guys!!! (with special request for Theor pls!)

Theo, I need a favor big guy! (only an easy one this time, I swear to 
it sir! LOLSLS)!


See, we have the audit happening here at the bank this time and it's 
causing me a lot of headaches and pains. A whiles back I replaced 
Cisco stuff here with OBSD and pf and OpenBPG and all that jazz 
because you (you = Theo) and Danny J. Harmminereater (or what everyour 
name is guy who wrote OepnBGP) said that is the smarty thing to do! 
Well, it turns out we still got some Cisco contracts open and all, and 
these auditors need some docs filled out by you two.


It's no big deal, I swear! They just want me to sent these docs (only 
about twenty pages) titled "Assumption of Vendor Liability" off to you 
for you to fill out and send back. Easy as punch!!!


So if you could give a an mailing address that would be swell. I 
promise that if you do this, I will buy a CD set this time and not 
take the bootlegs ISOs that Maddog releases!

Re: Limiting CPU to a process or process group?

[scott]

***
Analogy:  You're on a highway with a posted speed of 100 km/h.  You want
to operate your car and your car only 25 km/h only on the 100 km/h
highway.
***

And for this happy privilege, you want to impose the attendant nuisance
(highway analogy), read overhead (o/s analogy), on all the other cars to
have to slow behind and pass around you.

Generally, a time slice is a time slice.  Regardless whether you get 1
sec of every 10 sec or 100 ms of every 1 s, you're going to execute your
instructions at a rate of 100% of the cpu within your time slice
allocation.

Now you can impose scheduler and threading overhead and discipline to
make your time slices very, very fine grained so that overall at a
system level it looks like 25% of a resource, but your rate of execution
within your context is going to be 100%.

That said and for the cited examples, the workable answer that I know of
is virtual machines.  Be it VMWare, XEN, solaris containers (zones),
freeBSD jails, qemu(*) or to a degree dragonflybsd (vkernel(*) --
"system-in-a-box" running as a userland process), each has a means to
say that VM(1) gets 25% of the CPU resources and the vm-engine by
whatever implement will effectively do so. And you will see that seti,
for example, takes 100% of its VM(1) resource but only 25% of machine as
a whole, less the overhead.  (*)Not used personally.

And, yes, we're aware of the opines herein and about re VM.

/S

-Original Message-
From: Andreas Kahari <[EMAIL PROTECTED]>
To: Alexander Schrijver <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: Limiting CPU to a process or process group?
Date: Mon, 14 Jan 2008 14:27:33 +

Re: [Fwd: Open-Hardware]

[chefren]

On 01/14/08 12:27, Richard Stallman wrote:
> And who controls GPL? What will you do when all GPL software and 
> subsequent 
> developments are "kept" on servers out of reach of users (BSD 
> situation...)? 
> 
> You are making an extreme projection, which I doubt will happen.

I see more revenue from our services, where we keep up servers for
others, every moment. People who bought servers from us in the past
would love to hire them, and yes yes yes, with maintenance.

> I am going to urge people to avoid using servers to do their
> own computing.

You need programs for that, most new programs are offered as web
services, out of reach of your GPLv0/1/2/3.

..

> What will be in GPLv4?
> 
> GPLv4 will be basically the same as all previous versions: it will
> grant the four freedoms to everyone, and protect them for everyone, as
> best as we can achieve.  We will change only details.

If I read and read between the lines you clearly admit you are not
satisfied with the current GPLvX more restrictions will follow.

If I see your first line above I understand, but maybe better to ask
it directly: How come you cannot fix a license for once and for all? I
admit the BSD license has changed somewhat in time, it became =less=
restrictive. You clearly want more restrictions.

Am I right that it could end with the FSF looking over the shoulder of
 anybody who uses GPL to see if something is changed or added while
being used for a third party?

I presume you would love it if also scripts that connect GPLvX
programs will automatically be GPLvX too?


> Why more rights to the user than to the creator?
> 
> By "the creator", do you mean the author of a program?

Yes, or the creator of a change or extra line to a program. Someone
who creates something in general. Preferable pushing the edge!

> When the author
> releases a program under the GNU GPL, he gives users a subset of his
> legal rights.  So your question is based on a misunderstanding.

Since you mention the word "misunderstanding": Why don't you mention
that (s)he also "gives" the clear =restriction= to open up all further
changes?

> Why do you Balkanize the open source community without any sound reason?
> 
> There is no such thing as the "open source community".

"There is ..", to your opionion I may hope?? I cannot remember anyone
else denying that there is an open source community. People and
companies who deliver publicly available sourcecode with various less
or more restrictive licenses form the open source community.

> Open source
> supporters are part of the free software community, which was built by
> the free software movement starting in 1983.

I know a lot of "open source supporters" who want no connection at all
with the movement you started (don't ask around her at
[EMAIL PROTECTED]), if only for your denying above of any
=restrictions= in the GPLvX. Your publishings only uses pluses and no
minuses concerning "freedoms". Every of your four freedoms have
accompanying restrictions equally big/bold if you like it or not.

If you keep denying that it's not difficult to envision: Every
subsequent GPLvX version will undoubtedly be more restrictive while
you will need to scream louder and louder that it brings "more" freedom.

Compare that with BSD, simple message, no screaming necessary, no
serious changes in the license to be foreseen, its decent.

> If "balkanize" refers to incompatible licenses, that would not happen
> if everyone followed our licensing recommendations.  If all free
> software were released under "GPL version N or later", as we
> recommend, then all free software would be license-compatible.

Did you recommend that since version 0 of GPL? I doubt so, that would
have awakened more people at the right moment. Now with GPLv4 in the
works people start thinking "hey where will it end up"?

Who knows what will be in GPLv5? Is it possible that GPLv5 will be
100% compatible with the 2 clause BSD license?


It's clear you doubt most GPLv0/1/2/3 will be behind servers but let's
think and say it is so. In that situation for both users and
programmers there is no difference between BSD and GPLv0/2/3 !!!

My estimate is that the open source community will still take up and
produce clever ideas and produce open source code. If it's not
published (open) it doesn't exist and cannot be build upon by the
community (world!).


On the other hand, if most code is used for services on servers, there
is often almost no way to check if GPLvX is used. Enforcing GPLvX in a
services world seems a little bit clueless to me. You will need
investigating searches by the police et cetera.

You want too much and without a sound reason, only Balkanizes the
community. BSD is good enough for the users of open source and clearly
better for programmers and companies who use and produce code. Gives
them maximum privacy and a better chance of earning money with it.

+++chefren

Re: Need a major favor from Theo!

[bofh]

On Jan 14, 2008 6:00 PM, Billy B. Bilano <
[EMAIL PROTECTED]> wrote:

> See, we have the audit happening here at the bank this time and it's
> causing me a lot of headaches and pains. A whiles back I replaced Cisco
> stuff here with OBSD and pf and OpenBPG and all that jazz because you
> (you = Theo) and Danny J. Harmminereater (or what everyour name is guy
> who wrote OepnBGP) said that is the smarty thing to do! Well, it turns
> out we still got some Cisco contracts open and all, and these auditors
> need some docs filled out by you two.
>
> It's no big deal, I swear! They just want me to sent these docs (only
> about twenty pages) titled "Assumption of Vendor Liability" off to you
> for you to fill out and send back. Easy as punch!!!
>

Hey no problems.  If Theo's too busy to do it, I'll be happy to step in, and
you'll have the full backing of my organization too - the Church of
Security!

So if you could give a an mailing address that would be swell. I promise
> that if you do this, I will buy a CD set this time and not take the
> bootlegs ISOs that Maddog releases!


Not a problem.  As part of the service (minor detail, just sign here on the
service agreement), we will even buy your CDs for you.  And send it to you
for free!

The Grand bofh
Church Of Security (.com)

-- 
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
"This officer's men seem to follow him merely out of idle curiosity."  --
Sandhurst officer cadet evaluation.
"Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks factory
where smoking on the job is permitted."  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=j1G-3laJJP0&feature=related

Re: facts about OpenBSD

[Markus Lude]

On Wed, Jan 09, 2008 at 05:07:35PM -0600, Jacob Yocom-Piatt wrote:
> Marc Balmer wrote:
> >Nikns Siankin wrote:
> >
> >>Facts about OpenBSD:
> >>
> >># Stable release cycle.   If you want to run latest bugfree ClamAV or 
> >>FireFox - upgrade to CURRENT!   But don't forget to buy release CD's!!!
> >># Secure By Default.
> >>  OpenBSD uses broken WEP for securing WiFi networks.
> >>  Has no WPA/WPA2 support.
> >># Do not let serious problems sit unsolved.   OpenBSD doesn't need 
> >>MAC because it has their own security flawed systrace.
> >># Use of Cryptography.   OpenBSD uses file-backed encryption (svnd) 
> >>which is very suited
> >>  for Full-disk-encryption. NOT.
> >># Full Disclosure.   OpenBSD at first denies remote exploitable 
> >>flaws.   DoS flaws gets marked as reliability not security issues.
> >># Easy maintainable.   OpenBSD distributes source patches to make 
> >>your farm of
> >>  Pentium2 firewalls updated easly.
> >># Secure Distribution.
> >>  The most secure operation system gets distributed on FTP servers
> >>  as unsigned binaries.
> 
> 
> Facts about Nikns Siankin:
> 
> # Whiner.  He bitches incessantly about stuff and does nothing to fix 
> it.  AFAICT he's even saying that purchasing the CDs is pointless.
> # Jerk.  He ignores that most of the development time that goes into 
> OpenBSD is DONATED by highly-skilled individuals.  You can only add as 
> many bells and whistles as you have resources and time.
> # Misleading.  He claims the system is distributed on FTP servers and 
> elects not to note that code is available via cvs over ssh.
> # Ignorant.  OpenBSD has myriad additional security technologies in it 
> that help to moderate vulnerabilities in poorly coded applications like 
> firefox and clamav.
> # Idiot.  By whining in a totally counterproductive fashion he alienates 
> himself from those who would otherwise, provided his requests were 
> reasonable, help him out.

I'd add some points:
# Possibly frustrated because quite a few diffs never made it into
ports. I guess due to lack of time or interest of the devs
# Helpful with testing ports and get bugs fixed there

Thanks Nikns, for your help so far.

I don't feel great about the situation with -stable ports. But as I only
run 2 OpenBSD boxes at the moment, I usually stick to -current anyway.
And as I don't have time nor machines to contribute/test -stable ports I
think I don't should complain about the -stable situation. What is a bit
unclear to me: are some developers willing to commit security patches
for -stable ports if
# posts of security patches for -stable ports are welcome on @ports?
# someone put them together?
# they get enough testing?
Apart from this, I haven't seen any posts of security patches (not
updates) for -stable on @ports during last months. At least I can't
remember any.
 
Regards,
Markus

Re: Suggested PF Setup when using BitTorrent?

[Max Hayden Chiz]

Brian,

After your post (and several others), I tried BitTorrent out on my
network (sparc64 router + DOCSIS 2.0 cable connection; see
http://marc.info/?l=openbsd-misc&m=120019379210857&w=2)

After some experimentation, I was able to determine that running
BitTorrent with a large number of connections causes a huge increase
in latency regardless of bandwidth.  No one seems to know why this is,
but that might just be because my thread got buried by trolls and
other posts.

I'm not having watchdog timeouts but there is an off chance that the
latency increase that I experience and your timeout problem may be
related.  My work around is to use the max-src-states feature of pf to
limit the number of bit torrent connections to a reasonable number (50
seems to be a good trade-off on my machine, YMMV).

Could you modify your pf.conf to do this (or limit your connections at
the client and use pf to confirm) and let us know if that works on
your end as well?

--MHC

On Jan 5, 2008 1:22 PM, Brian <[EMAIL PROTECTED]> wrote:
> Is there any suggested PF setup when using BitTorrent?
>
> Right now, the biggest problem I have when using BitTorrent is watchdog
> timeouts.
>
> Thanks,
>
> Brian
>
>
>
>
>   
> 
> Never miss a thing.  Make Yahoo your home page.
> http://www.yahoo.com/r/hs

Re: Suggested PF Setup when using BitTorrent?

[Chris Kuethe]

On Jan 14, 2008 4:06 PM, Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
> Brian,
>
> After your post (and several others), I tried BitTorrent out on my
> network (sparc64 router + DOCSIS 2.0 cable connection; see
> http://marc.info/?l=openbsd-misc&m=120019379210857&w=2)
>
> After some experimentation, I was able to determine that running
> BitTorrent with a large number of connections causes a huge increase
> in latency regardless of bandwidth.  No one seems to know why this is,
> but that might just be because my thread got buried by trolls and
> other posts.

My theory is that you're using a ... uh... well, not very good
connection that bogs down easily. Some time ago, I tossed together a
little undeadly article on how to use altq to keep bittorrent from
dragging your network down -
http://www.undeadly.org/cgi?action=article&sid=20061109202501

I think you can solve this by tuning your service classes a little
better. I'm currently stuck on a 1.5M/384k dsl - to minimize the pain,
I told altq that i have 1.3M/340k.

CK

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: spamd not un-greylisting entries?

[Daniel Barowy]

On Mon, 14 Jan 2008, Calomel wrote:


Dan,

The "blocked while grey listed" number of 8 is dependent on the amount of
retries the remote mail server attempted while grey listed. Comcast servers
for example will try once per minute to deliver their mail. For example, if
you grey listed comcast for 25 minutes the blocked number would be around
24-26.


Aha!  This explains the spamdb entry I posted, which also goes to show 
that no matter how many times I read something in the documentation, 
sometimes I just don't get it.  I was under the mistaken impression that 
spamd simply counted retries and changed the GREY entries to WHITE once 
the block count reached a certain magic number.  The fact that I could not 
find this magic number in the documentation should have tipped me off.


I am using the spamd default timeouts-- on startup I only specify to use 
greylisting, that the hostname match our real MX, and to use 451's instead 
of 450's.


So that particular problem was a red herring.  I will upgrade my system to 
4.2 before I complain about spamd any more.


Thanks!
Dan

Re: Need some guidance booting OpenBSD on an ALIX device,

[baldoni]

I've always had consistent success with a crossover cable and ssh.  Serial
connections with Wrap and Alix can be hit and miss and it's hard to see
why it worked yesterday but not today.  You may consider spending the
pesos on the cable instead of coffee, cigarettes or aspirin.

Are you in BA?  What a lovely country you have there.


Gian

Re: Suggested PF Setup when using BitTorrent?

[Max Hayden Chiz]

On Jan 14, 2008 6:30 PM, Chris Kuethe <[EMAIL PROTECTED]> wrote:
> My theory is that you're using a ... uh... well, not very good
> connection that bogs down easily.

My connection normally works fine; even when I max out my 7Mb/512Kb
line.  Running BitTorrent (even with a fraction of the bandwidth)
makes my latency go through the roof.

> Some time ago, I tossed together a
> little undeadly article on how to use altq to keep bittorrent from
> dragging your network down -
> http://www.undeadly.org/cgi?action=article&sid=20061109202501

See the thread I referenced in my previous email.  The issue I am
experiencing seems to have nothing to do with bandwidth usage.

> I think you can solve this by tuning your service classes a little
> better.

If you have a specific suggestion, I will try it and post the result
here, but as I discussed in the previous thread, altq shows that there
is no backlog of packets, and even with BitTorrent rate limited to a
small fraction of the bandwidth (via CBQ or HFSC) it is still able to
cause the latency issue.  By contrast if I limit the number of
connections, BitTorrent can consume almost all of the bandwidth and
the issue will not appear.

Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems).  But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.

--MHC

Re: Suggested PF Setup when using BitTorrent?

[Chris Kuethe]

On Jan 14, 2008 5:00 PM, Max Hayden Chiz <[EMAIL PROTECTED]> wrote:
> cause the latency issue.  By contrast if I limit the number of
> connections, BitTorrent can consume almost all of the bandwidth and
> the issue will not appear.
>
> Perhaps this problem is specific to my configuration (or specific to
> DOCSIS cable modems).  But if it makes Brian (or someone else's
> problem) go away, then it is likely that this problem is not unique.

i doubt it's your machine not being happy with number of connections -
i routinely have hundreds of states. depends on your modem, maybe? or
who made the board inside your modems? or what crack-addled rhesus
monkey pretended to write the firmware. If several different
manufacturers licensed the IP stack or NAT engine from the same
vendor, then it's perfectly possible that you both have ill-designed
hardware.

if you have a shell host somewhere, you could use netcat to determine
where your router falls over. use netcat to send /dev/zero over the
wire, with just a single stream, that should be pretty fast. then
start opening up more tcp connections (but don't send anything through
them) until it starts to bog down. That should give you enough
information to create several different rule classes to limit number
of connections by port. Web,ssh, dns and chat get to open connections
first, and can always open one more connection, all other ports get to
share ... 80% of max connections?

-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?

Re: Suggested PF Setup when using BitTorrent?

[Brian]

--- Max Hayden Chiz <[EMAIL PROTECTED]> wrote:

> Perhaps this problem is specific to my configuration (or specific to
> DOCSIS cable modems).  But if it makes Brian (or someone else's
> problem) go away, then it is likely that this problem is not unique.
> 
> --MHC
> 

Let me read through the documentation to figure out how to set this up.  I am
running a cable modem as well.

Here are my bittorrent settings:

--minport 13000 --maxport 14000 --max_initiate 15 --max_allow_in 15
--max_upload_rate 25 --max_uploads 5

Give me some time to figure out the altq and pf.  I have only used pf for a
week, so I'm still learning it.

Thanks,

Brian



  

Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  
http://tools.search.yahoo.com/newsearch/category.php?category=shopping

Re: Suggested PF Setup when using BitTorrent?

[johan beisser]

On Jan 14, 2008, at 5:10 PM, Brian wrote:


--- Max Hayden Chiz <[EMAIL PROTECTED]> wrote:


Perhaps this problem is specific to my configuration (or specific to
DOCSIS cable modems).  But if it makes Brian (or someone else's
problem) go away, then it is likely that this problem is not unique.


It's not unique, I saw the same issue recently. I basically exceeded  
the number of states my CPU/RAM combo could handle easily (roughly  
2400, "normal" average is 200 state rules) while pushing major amounts  
of data.


If I reduced the number of connections through bittorrent, performance  
improved.  During the download, at 350 peers, regardless of the  
download rate, I had 2400 some odd state rules. I suddenly saw round  
trip ICMP echo taking 900+ ms to the first hop. At 325, times were  
merely 90ms to the first hop, and normal is around 10ms.


The hardware is a slightly loaded Soekris net4501 with 64mb of RAM  
running OpenBSD 4.1 (GENERIC). It does not have a crypto accelerator,  
and handles ssh and openvpn on the main CPU (both are fairly low in  
usage at this time).


My guess, so far, is an issue with my ruleset, the hardware, and the  
use of synproxy for some of the TCP states (almost all of the BT  
clients I had were over TCP). OpenBSD itself seems to be fine, up  
until I get close to the limits of the hardware.


Let me read through the documentation to figure out how to set this  
up.  I am

running a cable modem as well.

Here are my bittorrent settings:

--minport 13000 --maxport 14000 --max_initiate 15 --max_allow_in 15
--max_upload_rate 25 --max_uploads 5

Give me some time to figure out the altq and pf.  I have only used  
pf for a

week, so I'm still learning it.


Ask around if you have questions. There are excellent articles and  
examples available.