remastering as a live disk
Are there any tools for cloning an OpenBSD installation as a live disk, like the ones in the in the Debian (Respin; Remastersys) and Mandrake (Makecd?) families of Gnu/Linuxes? Or any reasonably painless way of making a customized OpenBSD live disk? Sent with [ProtonMail](https://protonmail.com) Secure Email. Because the Constitution must not be allowed to become "a literary fiction."
Re: remastering as a live disk
On 23/12/17 00:23, Philip Mundhenk wrote: > Are there any tools for cloning an OpenBSD installation as a live disk, like > the ones in the in the Debian (Respin; Remastersys) and Mandrake (Makecd?) > families of Gnu/Linuxes? Or any reasonably painless way of making a > customized OpenBSD live disk? > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > Because the Constitution must not be allowed to become "a literary fiction." Try fuguita.org
Re: bug tracking system for OpenBSD
On 2017-12-22, Kapetanakis Giannis wrote: > But to be fair with the OP it all depends on dev's (mainly) > willingness to track/respond/close tickets. > > I say devs because these are the people who commit fixes of bugs and > so they should monitor/update this system as well. It's extra work for > them instead of developing... and I understand that. I'm sure that often devs will do this, but sometimes not (maybe they'll forget, maybe they'll fix something without noticing that it relates to a ticket, etc). It needs someone to take responsibility for maintaining the database, if it's left *only* up to the developer fixing a problem you're just going to end up with the gnats database and hundreds (or was it thousands) of tickets in limbo again. > I don't see a reason @tech should be forwarded to this ticket system. Forwarded? No way! Same for bugs@ as tech@. It needs manual work to triage, identify what is a bug, follow up with the reporter to make sure the report is accurate and has enough information to be useful. Same whatever the entry point is. If reporters can add bugs to it directly, they need to go into a triage queue and *not* appear in the main system until that's done. The idea of a bug tracking system is to spread the work and help people remember things. It should *reduce* work done by devs because they no longer have to drag even the most basic information out of a reporter and figure out whether it's a bug or user error or a support request in disguise. If it means *extra* work for devs, it's not going to work.
Re: Is it okay to clone OpenBSD from GitHub from India?
>From https://www.openbsd.org/cvsync.html " IMPORTANT NOTE: There are a few issues relating to cryptographic software that everyone should be aware of: ... However, if you are outside the USA or Canada, you should not fetch the cryptographic sections of the OpenBSD sources from a CVSync server located in the USA. The files in question are... src/kerberosIV/* src/kerberosV/* src/lib/libdes/* src/lib/libc/crypt/crypt.c src/lib/libc/crypt/morecrypt.c src/sys/crypto src/sys/netinet src/usr.sbin/afs/src/rxkad/* Because of the USA ITAR munitions list, crypto software may only be exported to Canada from the USA." generalising cvsync server to any version control software server, we get: "if you are outside the USA or Canada, you should not fetch the cryptographic sections of the OpenBSD sources from **any version control software** server located in the USA" That would include github.com so is using the combination (OpenBSD, GitHub, India) uncool (gulp illegal)? If illegal, this kind of sucks for me and my intern. May be someone experienced in these matters could confirm/deny? Thanks, Dinesh
Re: Is it okay to clone OpenBSD from GitHub from India?
On Sat, Dec 23, 2017 at 04:24:22PM +0530, Dinesh Thirumurthy wrote: > >From https://www.openbsd.org/cvsync.html > > " IMPORTANT NOTE: There are a few issues relating to cryptographic > software that everyone should be aware of: > ... > However, if you are outside the USA or Canada, you should not fetch > the cryptographic sections of the OpenBSD sources from a CVSync server > located in the USA. The files in question are... > src/kerberosIV/* > src/kerberosV/* > src/lib/libdes/* > src/lib/libc/crypt/crypt.c > src/lib/libc/crypt/morecrypt.c > src/sys/crypto > src/sys/netinet > src/usr.sbin/afs/src/rxkad/* > > Because of the USA ITAR munitions list, crypto software may only be > exported to Canada from the USA." > > generalising cvsync server to any version control software server, we > get: > > "if you are outside the USA or Canada, you should not fetch the > cryptographic sections of the OpenBSD sources from **any > version control software** server located in the USA" > > That would include github.com > > so is using the combination (OpenBSD, GitHub, India) uncool (gulp > illegal)? > > If illegal, this kind of sucks for me and my intern. > > May be someone experienced in these matters could confirm/deny? > > Thanks, > Dinesh Just use cvs from a mirror outisde the US? You don't *need* to use github, github is a copy anyway and only cvs is authorative. -Otto
Re: Is it okay to clone OpenBSD from GitHub from India?
> Just use cvs from a mirror outisde the US? You don't *need* to use > github, github is a copy anyway and only cvs is authorative. > > -Otto Otto, Thanks. I was trying to distribute a tweaked OpenBSD to teachers and students in India, so they could compile kernel, base, and xenocara very easily. Not that it is difficult now. But just made it easier. I was using github.com as my distribution platform from a forked OpenBSD. Now I need to find another way to distribute it. Regards, Dinesh
relayd stops processing traffic intermittently
Hi All,
Since OpenBSD 6.2, just confirmed this in the latest snapshot (GENERIC.MP#305)
as well, for some reason relayd stops processing traffic and starts flooding
the log file with the following message:
Dec 23 11:19:11 lb2 relayd[22515]: rsae_send_imsg: poll timeout
Dec 23 11:19:12 lb2 relayd[52110]: rsae_send_imsg: poll timeout
Dec 23 11:19:12 lb2 relayd[69641]: rsae_send_imsg: poll timeout
Dec 23 11:19:12 lb2 relayd[22515]: rsae_send_imsg: poll timeout
[snip]
Dec 23 11:19:17 lb2 relayd[69641]: rsae_send_imsg: poll timeout
Dec 23 11:19:18 lb2 relayd[22515]: rsae_send_imsg: poll timeout
Dec 23 11:19:18 lb2 relayd[52110]: rsae_send_imsg: poll timeout
Dec 23 11:19:18 lb2 relayd[69641]: rsae_send_imsg: poll timeout
...etc...
Restarting the daemon "fixes" the problem.
Not sure how to trouble shoot this but I am able to reproduce this consistently
by pointing SSLLabs towards relayd.
Would be great to get some pointers.
Anonymised config below:
# relayd.conf
local_v4 = "xxx"
local_v6 = "xxx"
table { 127.0.0.1 }
www1_addr_v4 = "xxx"
www1_addr_v6 = "xxx"
table { xxx }
www3_addr_v4 = "xxx"
www3_addr_v6 = "xxx"
table { xxx }
cust1_addr_v4 = "xxx"
cust1_addr_v6 = "xxx"
cust2_addr_v4 = "xxx"
cust3_addr_v4 = "xxx"
cust4_addr_v4 = "xxx"
table { xxx }
table { xxx }
table { xxx }
cust5_addr_v4 = "xxx"
table { xxx }
http protocol httpfilter_default {
match request header remove "Proxy"
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match response header set "Server" value "Sever"
match response header set "X-Powered-By" value "Power"
tcp { no splice }
}
http protocol httpsfilter_default {
match request header remove "Proxy"
match request header set "X-ClientIP" value "$REMOTE_ADDR"
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match response header set "Strict-Transport-Security" value
"max-age=31536000"
match response header set "Server" value "Sever"
match response header set "X-Powered-By" value "Power"
match request quick header "Host" value "images.webcam.nl" forward to
tcp { no splice }
tls { no client-renegotiation }
}
http protocol httpfilter {
match request header remove "Proxy"
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match response header set "Content-Security-Policy" value "default-src
high5.nl; script-src https://high5.nl http://www.w3.org/; style-src 'self'
'unsafe-inline'; img-src 'self'"
match response header set "Server" value "Sever"
match response header set "X-Powered-By" value "Power"
match response header set "X-Frame-Options" value "SAMEORIGIN"
match response header set "X-Xss-Protection" value "1; mode=block"
match response header set "X-Content-Type-Options" value "nosniff"
match request quick header "Host" value "*xxx*" forward to
match request quick header "Host" value "*xxx*" forward to
tcp { no splice }
}
http protocol httpsfilter {
return error
match request header remove "Proxy"
match request header set "X-ClientIP" value "$REMOTE_ADDR"
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
match response header set "Strict-Transport-Security" value
"max-age=31536000"
match response header set "Content-Security-Policy" value "default-src
high5.nl; script-src https://high5.nl http://www.w3.org/; style-src 'self'
'unsafe-inline'; img-src 'self'"
match response header set "Server" value "Sever"
match response header set "X-Powered-By" value "Power"
match response header set "X-Frame-Options" value "SAMEORIGIN"
match response header set "X-Xss-Protection" value "1; mode=block"
match response header set "X-Content-Type-Options" value "nosniff"
tcp { no splice }
tls { no client-renegotiation }
}
relay default {
listen on $local_v4 port 80
listen on $local_v6 port 80
protocol httpfilter_default
forward to port 8080
}
relay default_redirect {
listen on $cust2_addr_v4 port 80
listen on $cust3_addr_v4 port 80
listen on $cust4_addr_v4 port 80
listen on $cust5_addr_v4 port 80
listen on $cust1_addr_v4 port 80
listen on $cust1_addr_v6 port 80
protocol httpfilter_default
forward to port 8081
}
relay default_redirect_tls {
listen on $cust4_addr_v4 port 443 tls
protocol httpsfilter_default
forward to port 8081
}
relay www1 {
li
Re: relayd stops processing traffic intermittently
On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote:
> Hi All,
>
> Since OpenBSD 6.2, just confirmed this in the latest snapshot
> (GENERIC.MP#305) as well, for some reason relayd stops processing traffic and
> starts flooding the log file with the following message:
>
> Dec 23 11:19:11 lb2 relayd[22515]: rsae_send_imsg: poll timeout
> Dec 23 11:19:12 lb2 relayd[52110]: rsae_send_imsg: poll timeout
> Dec 23 11:19:12 lb2 relayd[69641]: rsae_send_imsg: poll timeout
> Dec 23 11:19:12 lb2 relayd[22515]: rsae_send_imsg: poll timeout
> [snip]
> Dec 23 11:19:17 lb2 relayd[69641]: rsae_send_imsg: poll timeout
> Dec 23 11:19:18 lb2 relayd[22515]: rsae_send_imsg: poll timeout
> Dec 23 11:19:18 lb2 relayd[52110]: rsae_send_imsg: poll timeout
> Dec 23 11:19:18 lb2 relayd[69641]: rsae_send_imsg: poll timeout
> ...etc...
>
> Restarting the daemon "fixes" the problem.
> Not sure how to trouble shoot this but I am able to reproduce this
> consistently by pointing SSLLabs towards relayd.
> Would be great to get some pointers.
>
I have seen this as well on our production systems. This is a problem in
the privsep part of the TLS code. I could not do more testing yet but my
assumption is that a new option / feature is freaking this code out.
--
:wq Claudio
> Anonymised config below:
> # relayd.conf
> local_v4 = "xxx"
> local_v6 = "xxx"
> table { 127.0.0.1 }
>
> www1_addr_v4 = "xxx"
> www1_addr_v6 = "xxx"
> table { xxx }
>
> www3_addr_v4 = "xxx"
> www3_addr_v6 = "xxx"
> table { xxx }
>
> cust1_addr_v4 = "xxx"
> cust1_addr_v6 = "xxx"
>
> cust2_addr_v4 = "xxx"
> cust3_addr_v4 = "xxx"
> cust4_addr_v4 = "xxx"
> table { xxx }
> table { xxx }
> table { xxx }
>
> cust5_addr_v4 = "xxx"
> table { xxx }
>
> http protocol httpfilter_default {
> match request header remove "Proxy"
> match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-By" value
> "$SERVER_ADDR:$SERVER_PORT"
> match response header set "Server" value "Sever"
> match response header set "X-Powered-By" value "Power"
> tcp { no splice }
> }
> http protocol httpsfilter_default {
> match request header remove "Proxy"
> match request header set "X-ClientIP" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-By" value
> "$SERVER_ADDR:$SERVER_PORT"
> match response header set "Strict-Transport-Security" value
> "max-age=31536000"
> match response header set "Server" value "Sever"
> match response header set "X-Powered-By" value "Power"
> match request quick header "Host" value "images.webcam.nl" forward to
>
> tcp { no splice }
> tls { no client-renegotiation }
> }
>
> http protocol httpfilter {
> match request header remove "Proxy"
> match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-By" value
> "$SERVER_ADDR:$SERVER_PORT"
> match response header set "Content-Security-Policy" value
> "default-src high5.nl; script-src https://high5.nl http://www.w3.org/;
> style-src 'self' 'unsafe-inline'; img-src 'self'"
> match response header set "Server" value "Sever"
> match response header set "X-Powered-By" value "Power"
> match response header set "X-Frame-Options" value "SAMEORIGIN"
> match response header set "X-Xss-Protection" value "1; mode=block"
> match response header set "X-Content-Type-Options" value "nosniff"
> match request quick header "Host" value "*xxx*" forward to
> match request quick header "Host" value "*xxx*" forward to
> tcp { no splice }
> }
> http protocol httpsfilter {
> return error
> match request header remove "Proxy"
> match request header set "X-ClientIP" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-By" value
> "$SERVER_ADDR:$SERVER_PORT"
> match response header set "Strict-Transport-Security" value
> "max-age=31536000"
> match response header set "Content-Security-Policy" value
> "default-src high5.nl; script-src https://high5.nl http://www.w3.org/;
> style-src 'self' 'unsafe-inline'; img-src 'self'"
> match response header set "Server" value "Sever"
> match response header set "X-Powered-By" value "Power"
> match response header set "X-Frame-Options" value "SAMEORIGIN"
> match response header set "X-Xss-Protection" value "1; mode=block"
> match response header set "X-Content-Type-Options" value "nosniff"
> tcp { no splice }
> tls { no client-renegotiation }
> }
> relay default {
> listen on $local_v4 port 80
> listen on $local_v6 port 80
> protocol httpfilter_default
> forward
Re: Is it okay to clone OpenBSD from GitHub from India?
On Sat, Dec 23, 2017 at 05:19:54PM +0530, Dinesh Thirumurthy wrote:
>
> > Just use cvs from a mirror outisde the US? You don't *need* to use
> > github, github is a copy anyway and only cvs is authorative.
> >
> > -Otto
>
> Otto,
>
> Thanks.
>
> I was trying to distribute a tweaked OpenBSD to teachers and students in
> India, so they could compile kernel, base, and xenocara very easily.
> Not that it is difficult now. But just made it easier. I was using
> github.com as my distribution platform from a forked OpenBSD. Now I need
> to find another way to distribute it.
>
> Regards,
> Dinesh
>
>
Note that openbsd's github conversion is not considered stable yet.
Which means all commit hashes could change at any time. Regardless
of the crypto export issue, I would not rely on it for very important
tasks until it is declared stable.
If you really want it in git format without legal trouble, you could
create your own git conversion with e.g. git-cvs ('pkg_add git-cvs').
Re: Is it okay to clone OpenBSD from GitHub from India?
Stephan,
Thank you.
> Note that openbsd's github conversion is not considered stable yet.
I was using github.com because it is (ahem) more palatable. :-)
So, it should be a hit with students.
> Which means all commit hashes could change at any time. Regardless
> of the crypto export issue, I would not rely on it for very important
> tasks until it is declared stable.
Okay. I fine with that.
> If you really want it in git format without legal trouble, you could
> create your own git conversion with e.g. git-cvs ('pkg_add git-cvs').
Thanks very much. I was trying to get in touch with Bob Beck to figure
this out.
Regards,
Dinsh
Simple scripts to rebuild your OpenBSD src and xenocara and cut an ISO.
Hi, If anyone wants to try to very simple way to compile your OpenBSD box, (man release rocks), but that might be a daunting for a person just getting into the UNIX/OpenBSD world. So, I wrote some syntactic sugar which makes it very easy: doas mkkern.sh # compile kernel doas mkbase.sh # compile base doas mkxeno.sh # compile xenocara doas mkrel.sh # cut an iso You can get it from: https://github.com/hakrtech/reladm.git Usage Instructions at: https://github.com/hakrtech/src/wiki/Home I would also like to give back by appropriately OpenBSD style/philosophy licensing it. I have not figured that out yet. Hopefully soon. BSD2,3,4 vs MIT vs ... Thanks. Have fun! Regards, Dinesh
Re: relayd stops processing traffic intermittently
> On 23 Dec 2017, at 13:08, Claudio Jeker wrote: > >> On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote: >> Hi All, >> >> Since OpenBSD 6.2, just confirmed this in the latest snapshot >> (GENERIC.MP#305) as well, for some reason relayd stops processing traffic >> and starts flooding the log file with the following message: >> >> Dec 23 11:19:11 lb2 relayd[22515]: rsae_send_imsg: poll timeout >> Dec 23 11:19:12 lb2 relayd[52110]: rsae_send_imsg: poll timeout >> Dec 23 11:19:12 lb2 relayd[69641]: rsae_send_imsg: poll timeout >> Dec 23 11:19:12 lb2 relayd[22515]: rsae_send_imsg: poll timeout >> [snip] >> Dec 23 11:19:17 lb2 relayd[69641]: rsae_send_imsg: poll timeout >> Dec 23 11:19:18 lb2 relayd[22515]: rsae_send_imsg: poll timeout >> Dec 23 11:19:18 lb2 relayd[52110]: rsae_send_imsg: poll timeout >> Dec 23 11:19:18 lb2 relayd[69641]: rsae_send_imsg: poll timeout >> ...etc... >> >> Restarting the daemon "fixes" the problem. >> Not sure how to trouble shoot this but I am able to reproduce this >> consistently by pointing SSLLabs towards relayd. >> Would be great to get some pointers. >> > > I have seen this as well on our production systems. This is a problem in > the privsep part of the TLS code. I could not do more testing yet but my > assumption is that a new option / feature is freaking this code out. Anything I can do or collect to give you more information? Mischa
Re: relayd stops processing traffic intermittently
On Sat, Dec 23, 2017 at 02:04:19PM +0100, Mischa Peters wrote: > > > On 23 Dec 2017, at 13:08, Claudio Jeker wrote: > > > >> On Sat, Dec 23, 2017 at 11:40:57AM +0100, Mischa wrote: > >> Hi All, > >> > >> Since OpenBSD 6.2, just confirmed this in the latest snapshot > >> (GENERIC.MP#305) as well, for some reason relayd stops processing traffic > >> and starts flooding the log file with the following message: > >> > >> Dec 23 11:19:11 lb2 relayd[22515]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:12 lb2 relayd[52110]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:12 lb2 relayd[69641]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:12 lb2 relayd[22515]: rsae_send_imsg: poll timeout > >> [snip] > >> Dec 23 11:19:17 lb2 relayd[69641]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:18 lb2 relayd[22515]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:18 lb2 relayd[52110]: rsae_send_imsg: poll timeout > >> Dec 23 11:19:18 lb2 relayd[69641]: rsae_send_imsg: poll timeout > >> ...etc... > >> > >> Restarting the daemon "fixes" the problem. > >> Not sure how to trouble shoot this but I am able to reproduce this > >> consistently by pointing SSLLabs towards relayd. > >> Would be great to get some pointers. > >> > > > > I have seen this as well on our production systems. This is a problem in > > the privsep part of the TLS code. I could not do more testing yet but my > > assumption is that a new option / feature is freaking this code out. > > Anything I can do or collect to give you more information? Your tip with SSLLabs is hopefully good enough to produce it at will. I will try to fix this in the next days. Keep you posted. -- :wq Claudio
Re: rdomain/rtable
Paul B. Henson(hen...@acm.org) on 2017.12.19 17:54:48 -0800: > I've got a box with an LTE cellular modem in it whose purpose is to provide > a backup connection to the Internet if the hardwire service goes down. It's > running OSPF to connect to the rest of the network, and the only time any > traffic should go over the cellular link (which is slower and bandwidth > capped) is if the hardwire interconnection is down, including ideally > traffic generated from the system itself. > > I have that part working, by adding in a local static default route to the > cellular gateway with less priority than the OSPF default route. However, > for testing purposes, I'd like to be able to poke out the cellular link on > an as-needed basis without having to switch the entire box over to using it. > Virtual routing tables looked perfect for this purpose, as I could just > spawn a single process with a different default route, we do something > similar with network name spaces under Linux. > > However, I can't quite get it to work. What I'd really like is to be able to > make a copy of the current system routing table, then change one thing about > it. However, a new rdomain shows up with no routes or interfaces in the > routing table. I can add the new default route pointing out the cellular > link, and get traffic to go out there. When you create a new routing domain, for example by adding an interface to a routing domain (e.g. ifconfig umb0 rdomain 10), you create a new routing table 10. It will be empty until you add an address on umb0 or, for example add your default route. This routing table will be used to forward packets that are "in that routing domain" (the packet is marked with the rdomain or rather the rtable it will use). How does the packet get marked? Three ways: * with pf, as you have discovered. As the manpage documents, the mark needs to be set before route lookup is done. * when a paket comes in on an interface in rdomain 10, it will stay in rdomain 10 (unless pf changes it). * a packet is generated on the local machine by a process that "is in that routing domain". I.e. processes are also marked with a rdomain. To start a process in a specific rdomain (10), use "route -T 10 exec command", for example route -T 10 exec ping -n ip or even route -T 10 exec ksh Processes spawned by that shell will inherit the rdomain. Note that i used -n in the ping example. DNS resolving using the resolvers in resolv.conf might not work, as long as those resolvers are not reachable in rdomain 10. Hope this helps ... > But I haven't sorted out how to make > all the traffic for my internal network still go through the internal link > rather than get sent out the default route. While ideally all the OSPF > routes would propagate to the other routing domain I tried just adding a > static to the /16 for our internal address space: > > Internet: > DestinationGatewayFlags Refs Use Mtu Prio > Iface > default24.x.x.x UGS06 - 8 umb0 > 10.0/1610.128.0.21UGS00 - 8 em0 > > That doesn't work; the documentation says you need to get pf to pass packets > across routing domains. However, it says: > > rtable number > Used to select an alternate routing table for the routing lookup. > Only effective before the route lookup happened, i.e. when > filtering inbound. > > Unfortunately, for traffic originating from the system itself, there isn't > really an "inbound" interface? So I'm not sure what pf rule would make this > work. Is it just not possible, or am I missing something? > > Thanks much. > --
Re: Is it okay to clone OpenBSD from GitHub from India?
On 2017-12-23, Dinesh Thirumurthy wrote:
> Stephan,
>
> Thank you.
>
>> Note that openbsd's github conversion is not considered stable yet.
>
> I was using github.com because it is (ahem) more palatable. :-)
> So, it should be a hit with students.
>
>> Which means all commit hashes could change at any time. Regardless
>> of the crypto export issue, I would not rely on it for very important
>> tasks until it is declared stable.
>
> Okay. I fine with that.
>
>> If you really want it in git format without legal trouble, you could
>> create your own git conversion with e.g. git-cvs ('pkg_add git-cvs').
>
> Thanks very much. I was trying to get in touch with Bob Beck to figure
> this out.
>
> Regards,
> Dinsh
>
>
>
The conversion on github is done with cvs2gitdump. After testing all of
the conversion tools I could find, this was the one which had the fewest
problems with OpenBSD's slightly broken rcs files. (In particular,
anything which tries to convert branches is very likely to break).
For git-cvs here's a snip from the mail I wrote Uwe back in 2015:
<< When an update is committed to a file that was previously imported,
the import is shown again in "git log". It looks like it happens for the
first commit after import. >>
Re: bug tracking system for OpenBSD
On 23/12/17 12:24, Stuart Henderson wrote: Forwarded? No way! Same for bugs@ as tech@. It needs manual work to triage, identify what is a bug, follow up with the reporter to make sure the report is accurate and has enough information to be useful. Same whatever the entry point is. If reporters can add bugs to it directly, they need to go into a triage queue and *not* appear in the main system until that's done. The idea of a bug tracking system is to spread the work and help people remember things. It should *reduce* work done by devs because they no longer have to drag even the most basic information out of a reporter and figure out whether it's a bug or user error or a support request in disguise. If it means *extra* work for devs, it's not going to work. I still don't agree with you about maintaining both @tech/@bugs in correlation with a web interface (bugtracking). Not a gain, just extra trouble. What happens in other places is that if a mail comes that looks like a possible ticket (not resolvable by mail), someone replies and says "please open bug report in https://..."; so we can track it. However you 're right with the last paragraph above and it's something I haven't thought before. More people might get involved and eventually this might get some work out of the devs. G
Re: Simple scripts to rebuild your OpenBSD src and xenocara and cut an ISO.
Hi Dinesh, The OpenBSD homepage describes a preferred license. It's the first link on https://www.openbsd.org/policy.html Thomas On December 23, 2017 4:56:51 AM PST, Dinesh Thirumurthy wrote: >Hi, > >If anyone wants to try to very simple way to compile your OpenBSD box, >(man release rocks), but that might be a daunting for a person >just getting into the UNIX/OpenBSD world. > >So, I wrote some syntactic sugar which makes it very easy: > >doas mkkern.sh # compile kernel >doas mkbase.sh # compile base >doas mkxeno.sh # compile xenocara >doas mkrel.sh # cut an iso > >You can get it from: >https://github.com/hakrtech/reladm.git > >Usage Instructions at: > >https://github.com/hakrtech/src/wiki/Home > >I would also like to give back by appropriately OpenBSD >style/philosophy >licensing it. I have not figured that out yet. Hopefully soon. BSD2,3,4 >vs MIT vs ... > >Thanks. Have fun! > >Regards, >Dinesh -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: Is it okay to clone OpenBSD from GitHub from India?
Stuart, > The conversion on github is done with cvs2gitdump. Thanks very much. I will try this. > For git-cvs here's a snip from the mail I wrote Uwe back in 2015: > > << When an update is committed to a file that was previously imported, > the import is shown again in "git log". It looks like it happens for the > first commit after import. >> Okay. Thanks. I hope to understand it better when I do it myself. I am looking to create a git repo outside USA/Canada for to serve a whole bunch of people downstream. I do not expect users/students/teachers to have great connectivity, Disconnected operation is important for me/my users. I believe if students start tracking OpenBSD current and keep recompiling OpenBSD nightly, they will feel pumped and probably do more coding, look around the various parts of it, and then I will be able to reach out to a whole set of graduates who will become proficient C programmers, using 1 UNIX-like OS (OpenBSD here). Better still, they are programming on a solid production grade OS. I am seeing that effect on myself and my intern. :-) You always end up liking something if you have built/assembled it or have been a part of building it. I recently came to know that is called the IKEA Effect [https://en.wikipedia.org/wiki/IKEA_effect]. I think OpenBSD, git, a git hosting server(TBD) and VirtualBox will be good combination. Thanks again for your help. Regards, Dinesh
Re: Simple scripts to rebuild your OpenBSD src and xenocara and cut an ISO.
Hi Thomas, > The OpenBSD homepage describes a preferred license. It's the first link on > https://www.openbsd.org/policy.html Thanks very much. Licensed it OpenBSD style. :-) https://github.com/hakrtech/reladm/blob/master/LICENSE with a basic README https://github.com/hakrtech/reladm/blob/master/README A droplet of an indirect contribution the OpenBSD Project. My first contribution to OpenBSD community. Hopefully not last. If any one wants to review it, improve it, kindly feel free. And connect with me on github.com. I am hakrdinesh. Thanks again. Regards, Dinesh
Re: remastering as a live disk
On 12/23/17 00:23, Philip Mundhenk wrote: > Are there any tools for cloning an OpenBSD installation as a live > disk, like the ones in the in the Debian (Respin; Remastersys) and > Mandrake (Makecd?) families of Gnu/Linuxes? Or any reasonably > painless way of making a customized OpenBSD live disk? Live CD? Do people still do that? There are ways, not worth the trouble. Sheesh. CDROMs are so ... 1990s, apparently. Live USB? Sure. Just (get this) INSTALL TO A USB DRIVE! (what a surprise, huh?). Just a normal install. Really. When it asks what drive to install on, point it to your USB drive. Ok, ok, people love to twist knobs to say they DID SOMETHING unique and special, so here are a few tips: * Don't bother to install compXX.tgz. It's slow to install on a flash drive, and you are unlikely to be compiling anything. * Create lots of "/etc/hostname.xx0" files (or hard link them all) for every NIC you are likely to encounter. contents of the file: "dhcp" * noatime and softdeps are not just your friend, but just about required on a flash drive (/etc/fstab) * Encrypting your flash drive is a good idea. I lose mine all the time. Bad to lose your ssh keys or whatever it is you are trying to carry around with you, worse to have someone else find them (bioctl). * change the code in /boot from saying ">> OpenBSD/amd64 BOOT 3.33" to "HaHa! your machine is now infected with a virus", and "boot>" to "you're screwed>". Or "UR Skrewd>" to make it look more authentic. At least when you lose your flash drive, you will get a good laugh knowing what will happen when someone finds it and wonders what's on it! (and cool thing is, since they will probably try to boot it on a Windows machine...and they are prone to stupidly sticking things in their computer, the message is very possibly right!) (man release) * A small MFS /tmp might be a really good idea if your apps use it. (mount_mfs) * Put an FAT partition at the beginning of the disk, that way it's still handy to move files around...double duty! You will probably have to partition it on OpenBSD, last I looked, Windows doesn't believe there is any reason to partition removable media (heh), but it will use just FAT partitions if they exist "somehow". (fdisk, newfs_msdos) * If you really use this a lot, maybe invest in a USB SSD rather than USB Flash drive. Nick.
Re: New default setup for touchpads in X
Hi Ulf, * Ulf Brosziewski wrote: > If you're following -current, or if you upgrade your system with the > next or a future snapshot, please note that the default setup for > touchpads in X will change. Finally, I found the time to switch from Synaptics to the ws driver. Running current from Dec 23 here. mouse.type=synaptics mouse.rawmode=0 mouse.scale=1266,5676,1096,4758,0,45,68 mouse.tp.tapping=0 mouse.tp.scaling=0.160 mouse.tp.swapsides=0 mouse.tp.disable=0 mouse1.type=ps2 Using a Thinkpad T450s here. So far, I tested two-finger scrolling and the usual touchpad actions. I noticed two things: 1. The pointer speed seems a bit slow for me. Can I somehow increase the speed? 2. Two-finger scrolling takes more 'activation energy' compared to the Synaptic driver. With the latter I only needed to lightly scroll over the touchpad to trigger scrolling. With ws I need to push the fingers harder on the trackpad. Example: With ws I need 7 scroll actions to scroll down the entire "Install FAQ" article. With synaptics I only need 4 scroll actions. Cheers Matthias
Re: New default setup for touchpads in X
* Matthias Schmidt wrote: > Hi Ulf, > > * Ulf Brosziewski wrote: > > If you're following -current, or if you upgrade your system with the > > next or a future snapshot, please note that the default setup for > > touchpads in X will change. > > Finally, I found the time to switch from Synaptics to the ws driver. > Running current from Dec 23 here. > > mouse.type=synaptics > mouse.rawmode=0 > mouse.scale=1266,5676,1096,4758,0,45,68 > mouse.tp.tapping=0 > mouse.tp.scaling=0.160 > mouse.tp.swapsides=0 > mouse.tp.disable=0 > mouse1.type=ps2 > > Using a Thinkpad T450s here. So far, I tested two-finger scrolling and > the usual touchpad actions. I noticed two things: > > 1. The pointer speed seems a bit slow for me. Can I somehow > increase the speed? Ignore this. While I looked at the man page I overlooked the misc@ posting. Cheers Matthias
Re: PCEngines APU2 Wifi router issues
On 22/12/2017 7:00 PM, Carlos Cardenas wrote: George wrote: On Thu, 21 Dec 2017 21:25:44 -0800 Carlos Cardenas wrote: George wrote: Hi guys, I got the apu2b4 to build a wifi router with an Intel Dual Band Wireless AC 7260 wifi module. The module firmware was loaded by fw_update at first boot and connecting to my existing AP works but when I try to set it up as an access point with: ifconfig iwm0 up media autoselect mediaopt hostap mode 11g nwid MySSID wpakey MyKey I get in ifconfig iwm0 ... status: no network ... and associating/connecting from my Linux laptop does not work... I am not even seeing the AP with this "MySSID" in the scan listing. Any suggestions or ideas as to what might be wrong are welcome. TIA George George, iwm(4) is not capable for access point usage. Check out https://www.openbsd.org/faq/faq6.html#Wireless for a list. +--+ Carlos Sorry but now I have another question I live in Canada and the PCEngines website points to one reseller here and they seem to not have the right card: https://corpshadow.biz/bizstore/system-components/wireless-components/radio-cards/ any idea where I can get one preferably in Canada. Thanks in advance. George They had the WLE200NX listed on the page: https://corpshadow.biz/bizstore/compex/dualband-80211n-mimo-2x2-minipcie.html If you don't like that card, you can always pick something up on ebay. +--+ Carlos Hi, I have one of those cards (WLE200NX ) in my APU. Be aware that OpenBSD drivers don't give very fast performance for it. Lots about it in the email list archives. Mine shows up (OpenBSD 6.1) as: athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 5 int 16 athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:1b:b3:68 Cheers, Steve Williams
cvs2gitdump dumps core when trying process src
Hi Stuart and Everyone, > The conversion on github is done with cvs2gitdump. git2cvsdump dumps core on latest current. I am stumped after some basic investigation. /usr/local/bin/cvs2gitdump dumps core. Repeated it with latest cvs2gitdump at https://github.com/yasuoka/cvs2gitdump/blob/master/cvs2gitdump.py That also failed. Looked into stacktrace, some problem at rcsparse. So tried installing pkg_add -vvv py-rcsparse It said I am ok. No change in py-rcsparse-20151027. What I did: mkdir x cd x cvs -qd anon...@anoncvs.jp.openbsd.org:/cvs checkout -P src mv src src0 # save a copy for later use cp -r src0 src1 # use a copy of the repo pkg_add -vvv cvs2gitdump # follow instructions given in source also at https://github.com/yasuoka/cvs2gitdump/blob/master/cvs2gitdump.py git init --bare git1.git cvs2gitdump -k OpenBSD -e openbsd.org /home/user/x/src1 > openbsd.dump # will dump core or rather dumps core for me. # running generic kernel on virtual box of current session and stack trace below. Some issues in rcscheckout() But most likely some configuration or user error. Any pointers? Thank you. Those which to see the session output separately, it is at https://github.com/hakrtech/issues/blob/master/001-x.txt Regards, Dinesh Script started on Sun Dec 24 08:17:47 2017 openbsd$ pwd /home/dt/x openbsd$ ls -l total 48 -rwxr-xr-x 1 dt dt 20899 Dec 24 08:00 cvs2gitdump.py drwxr-xr-x 17 dt dt512 Dec 24 08:09 src1 -rw-r--r-- 1 dt dt 0 Dec 24 08:17 x.out openbsd$ git init --bare /home/dt/x/git1.git Initialized empty Git repository in /home/dt/x/git1.git/ openbsd$ type cvs2gitdump cvs2gitdump is /usr/local/bin/cvs2gitdump openbsd$ cvs2gitdump -k OpenBSD -e openbsd.org /home/dt/x/src1 > openbsd.dump ** walk cvs tree Segmentation fault (core dumped) openbsd$ ls -l total 16536 -rwxr-xr-x 1 dt dt20899 Dec 24 08:00 cvs2gitdump.py drwxr-xr-x 7 dt dt 512 Dec 24 08:19 git1.git -rw-r--r-- 1 dt dt0 Dec 24 08:20 openbsd.dump -rw--- 1 dt dt 8414024 Dec 24 08:20 python2.7.core drwxr-xr-x 17 dt dt 512 Dec 24 08:09 src1 -rw-r--r-- 1 dt dt 577 Dec 24 08:20 x.out openbsd$ gdb python2.7 python2.7.core GNU gdb 6.3 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-unknown-openbsd6.2"... (no debugging symbols found) Core was generated by `python2.7'. Program terminated with signal 11, Segmentation fault. Reading symbols from /usr/lib/libpthread.so.25.1...done. Loaded symbols for /usr/lib/libpthread.so.25.1 Loaded symbols for /usr/local/bin/python2.7 Reading symbols from /usr/local/lib/libpython2.7.so.0.0...done. Loaded symbols for /usr/local/lib/libpython2.7.so.0.0 Symbols already loaded for /usr/lib/libpthread.so.25.1 Reading symbols from /usr/lib/libutil.so.13.0...done. Loaded symbols for /usr/lib/libutil.so.13.0 Reading symbols from /usr/lib/libm.so.10.0...done. Loaded symbols for /usr/lib/libm.so.10.0 Reading symbols from /usr/lib/libc.so.92.1...done. Loaded symbols for /usr/lib/libc.so.92.1 Reading symbols from /usr/libexec/ld.so...done. Loaded symbols for /usr/libexec/ld.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/_locale.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_locale.so Reading symbols from /usr/local/lib/libintl.so.6.0...done. Loaded symbols for /usr/local/lib/libintl.so.6.0 Reading symbols from /usr/local/lib/libiconv.so.6.0...done. Loaded symbols for /usr/local/lib/libiconv.so.6.0 Reading symbols from /usr/local/lib/python2.7/site-packages/rcsparse.so...done. Loaded symbols for /usr/local/lib/python2.7/site-packages/rcsparse.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/strop.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/strop.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/time.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/time.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/select.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/select.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/fcntl.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/fcntl.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/_struct.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_struct.so Reading symbols from /usr/local/lib/python2.7/lib-dynload/binascii.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/binascii.so Reading symbols from /usr/lib/libz.so.5.0...done. Loaded symbols for /usr/lib/libz.so.5.0 Reading symbols from /usr/local/lib/python2.7/lib-dynload/cStringIO.so...done. Loaded symbols for /usr/local/lib/python2.7/lib-dynload/cStringIO.so Reading s
Re: cvs2gitdump dumps core when trying process src
On Dec 23, 2017 4:02 PM, Dinesh Thirumurthy wrote: > > Hi Stuart and Everyone, > > > > The conversion on github is done with cvs2gitdump. > > git2cvsdump dumps core on latest current. > I am stumped after some basic investigation. > > /usr/local/bin/cvs2gitdump dumps core. Not sure if this would cause it or not, but is your /usr/local mounted with wxallowed? > > Repeated it with latest cvs2gitdump at > https://github.com/yasuoka/cvs2gitdump/blob/master/cvs2gitdump.py > > That also failed. > Looked into stacktrace, some problem at rcsparse. So tried installing > > pkg_add -vvv py-rcsparse > > It said I am ok. No change in py-rcsparse-20151027. > > What I did: > > mkdir x > cd x > cvs -qd anon...@anoncvs.jp.openbsd.org:/cvs checkout -P src > mv src src0 # save a copy for later use > cp -r src0 src1 # use a copy of the repo > pkg_add -vvv cvs2gitdump > # follow instructions given in source also at > https://github.com/yasuoka/cvs2gitdump/blob/master/cvs2gitdump.py > git init --bare git1.git > cvs2gitdump -k OpenBSD -e openbsd.org /home/user/x/src1 > openbsd.dump > # will dump core or rather dumps core for me. > # running generic kernel on virtual box of current > > session and stack trace below. > Some issues in rcscheckout() > But most likely some configuration or user error. > > Any pointers? > > Thank you. > > Those which to see the session output separately, it is at > > https://github.com/hakrtech/issues/blob/master/001-x.txt > > Regards, > Dinesh > > > Script started on Sun Dec 24 08:17:47 2017 > openbsd$ pwd > /home/dt/x > openbsd$ ls -l > total 48 > -rwxr-xr-x 1 dt dt 20899 Dec 24 08:00 cvs2gitdump.py > drwxr-xr-x 17 dt dt 512 Dec 24 08:09 src1 > -rw-r--r-- 1 dt dt 0 Dec 24 08:17 x.out > openbsd$ git init --bare /home/dt/x/git1.git > Initialized empty Git repository in /home/dt/x/git1.git/ > openbsd$ type cvs2gitdump > cvs2gitdump is /usr/local/bin/cvs2gitdump > openbsd$ cvs2gitdump -k OpenBSD -e openbsd.org /home/dt/x/src1 > > openbsd.dump > ** walk cvs tree > Segmentation fault (core dumped) > openbsd$ ls -l > total 16536 > -rwxr-xr-x 1 dt dt 20899 Dec 24 08:00 cvs2gitdump.py > drwxr-xr-x 7 dt dt 512 Dec 24 08:19 git1.git > -rw-r--r-- 1 dt dt 0 Dec 24 08:20 openbsd.dump > -rw--- 1 dt dt 8414024 Dec 24 08:20 python2.7.core > drwxr-xr-x 17 dt dt 512 Dec 24 08:09 src1 > -rw-r--r-- 1 dt dt 577 Dec 24 08:20 x.out > openbsd$ gdb python2.7 python2.7.core > GNU gdb 6.3 > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you > are > welcome to change it and/or distribute copies of it under certain > conditions. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for > details. > This GDB was configured as "amd64-unknown-openbsd6.2"... > (no debugging symbols found) > > Core was generated by `python2.7'. > Program terminated with signal 11, Segmentation fault. > Reading symbols from /usr/lib/libpthread.so.25.1...done. > Loaded symbols for /usr/lib/libpthread.so.25.1 > Loaded symbols for /usr/local/bin/python2.7 > Reading symbols from /usr/local/lib/libpython2.7.so.0.0...done. > Loaded symbols for /usr/local/lib/libpython2.7.so.0.0 > Symbols already loaded for /usr/lib/libpthread.so.25.1 > Reading symbols from /usr/lib/libutil.so.13.0...done. > Loaded symbols for /usr/lib/libutil.so.13.0 > Reading symbols from /usr/lib/libm.so.10.0...done. > Loaded symbols for /usr/lib/libm.so.10.0 > Reading symbols from /usr/lib/libc.so.92.1...done. > Loaded symbols for /usr/lib/libc.so.92.1 > Reading symbols from /usr/libexec/ld.so...done. > Loaded symbols for /usr/libexec/ld.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/_locale.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_locale.so > Reading symbols from /usr/local/lib/libintl.so.6.0...done. > Loaded symbols for /usr/local/lib/libintl.so.6.0 > Reading symbols from /usr/local/lib/libiconv.so.6.0...done. > Loaded symbols for /usr/local/lib/libiconv.so.6.0 > Reading symbols > from /usr/local/lib/python2.7/site-packages/rcsparse.so...done. > Loaded symbols for /usr/local/lib/python2.7/site-packages/rcsparse.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/strop.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/strop.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/time.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/time.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/select.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/select.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/fcntl.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/fcntl.so > Reading symbols > from /usr/local/lib/python2.7/lib-dynload/_struct.so...done. > Loaded symbols for /usr/local/lib/python2.7/lib-dynload/_struct.so > Reading symbols > from
Re: cvs2gitdump dumps core when trying process src
Hi Edgar, Thanks. > Not sure if this would cause it or not, but is your /usr/local mounted with > wxallowed? Yes. It is. $ mount | grep /usr/local /dev/wd0h on /usr/local type ffs (local, nodev, wxallowed) Regards, Dinesh
Picking the nearest (not necessarily fastest) anoncvs server
Hi, > Just use cvs from a mirror outisde the US? You don't *need* to use > github, github is a copy anyway and only cvs is authorative. > > -Otto So was wondering which anoncvs server to pick? After some text processing of traceroute outputs, we get ... (server, rtt in ms, path info from geoip) openbsd$ doas pkg_add GeoIP openbsd$ ./do.sh # no usa files.venture37.com 259.876 ok path in eu nl fr anoncvs.fr.openbsd.org 272.584 ok path in eu de fr mirror.osn.de 273.362 ok path in eu de anoncvs.eu.openbsd.org 285.433 ok path in eu se anoncvs.comstyle.com 296.403 ok path in eu fr de ca openbsd.park.rambler.ru 298.014 ok path in eu ru ftp.hostserver.de 307.055 ok path in eu de fr de anoncvs.au.openbsd.org 324.136 ok path in au # usa in path or destination anoncvs1.usa.openbsd.org 247.272 !! path in us sg us anoncvs.obsd.esc7.net 257.454 !! path in eu us anoncvs.spacehopper.org 261.560 !! path in eu us es gb anoncvs4.usa.openbsd.org 263.134 !! path in eu us mirror.planetunix.net 270.129 !! path in us anoncvs2.usa.openbsd.org 278.932 !! path in eu us anoncvs.jp.openbsd.org 280.826 !! path in sg us sg us jp obsdacvs.cs.toronto.edu 286.313 !! path in us ca anoncvs.obsd.si 296.748 !! path in eu us eu us rs si anoncvs2.ca.openbsd.org 298.337 !! path in eu us ca anoncvs3.usa.openbsd.org 301.577 !! path in eu us anoncvs1.ca.openbsd.org 305.934 !! path in eu us ca mirror.litnet.lt 309.189 !! path in eu us eu us gb lt openbsd$ ^D Source: https://github.com/hakrtech/anoncvs.git Have fun! Checkout paths to all anoncvs servers. No South American nor African servers. Or them along the paths. :-( Interestingly if I choose a Canada server from India, it reaches Canada via USA. I am assuming crypto source should not transit through USA. I observed GeoIP database has some bugs. It generates a few wrong answers. It mentions a bunch of places as US. But other databases mention it as Austria. Path from India to Japan is mentioned as India -> Singapore -> USA Singapore -> USA -> Japan. That cant be right. Kindly do not believe the path info too much. An approximation at best. Thanks very much. Regards, Dinesh
