socket I/O on openbsd
Dear gentleman, i have the an ANSI C code that do the following: 0. open a socket 1. write data to the socket 2. close the writing end of the socket 3. read data from the socket 4. close the read end of the socket The the step number 4 returns an error, why ? Here it is (Only the relevant part of the code ) if (!r) r = apx_connect(s, &sa); if (!r) r = pmp_set(&ap, 1ul, &bp); if (!r) r = pmpsend(s, &ap); if (!r) r = apx_shutdown(s, shut_wr); if (!r) r = pmprecv(&ap, s, &l); if (!r) r = apx_shutdown(s, shut_rd);
Re: socket I/O on openbsd
apx_connect is an wrapper for connect. apx_shutdown is an wrapper for shutdown Em qua., 22 de abr. de 2020 às 02:09, Stuart Longland escreveu: > > On 22/4/20 11:48 am, Gustavo Rios wrote: > > Dear gentleman, > > > > i have the an ANSI C code that do the following: > > > > 0. open a socket > > 1. write data to the socket > > 2. close the writing end of the socket > > 3. read data from the socket > > 4. close the read end of the socket > > > > The the step number 4 returns an error, why ? > > > > Here it is (Only the relevant part of the code ) > > > > if (!r) r = apx_connect(s, &sa); > > if (!r) r = pmp_set(&ap, 1ul, &bp); > > if (!r) r = pmpsend(s, &ap); > > if (!r) r = apx_shutdown(s, shut_wr); > > if (!r) r = pmprecv(&ap, s, &l); > > if (!r) r = apx_shutdown(s, shut_rd); > > > > Dumb question this way… > > > vk4msl-gap$ man apx_connect > > man: No entry for apx_connect in the manual. > > vk4msl-gap$ man apx_shutdown > > man: No entry for apx_shutdown in the manual. > > what's `apx_connect` and `apx_shutdown`? There's some library here you > are not telling us about. > -- > Stuart Longland (aka Redhatter, VK4MSL) > > I haven't lost my mind... > ...it's backed up on a tape somewhere.
gpt/uefi
Hi folks! I would like to install on my notebook 3 operating systems: OpenBSD, Linux and Windows 10. Do you know any tutorial on how the create the partitions using GPT before i install any of the 3 OSes ? I would like to boot via UEFI; is there any special partition for the UEFI booting ? May the 3 OSes use the UEFI boot partition ? This will be my first experience with GPT/UEFI so i need a little help. May you point me in the right direction? Thanks a lot.
Re: TCP wrapper alternative?
look at: http://cr.yp.to. Em ter, 9 de jul de 2019 às 16:52, Thomas Smith escreveu: > > Hi, > > I'm considering an option to evaluate connecting IPs before they're evaluated > by `pf` in order to make some decisions about the "reputation" of a > connecting IP. Then if that reputation is low enough, some action could > either be taken: in `pf` to protect the associated application (say by > blocking the connection); or in the app responsible for the listening port. > > `pf`, unfortunately, isn't able to make routing decisions based on external > factors (insofar as I understand)--I'm hoping to add some additional (very > simple) intelligence to that. Just another metric or two for determining if a > connection is legitimate. > > I've been looking into TCP wrappers for OpenBSD but it seems that this > functionality was removed in version 5. Is my understanding of that correct? > > If so, is there an alternate way to achieve what I mentioned? > > I know I can use something like sshguard or fail2ban, but I'm looking for a > much simpler option and one that preferably doesn't rely on tailing log files > (if there aren't viable alternatives, I may consider these, however). > > ~ Tom > -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
storage
Doaes anybody uses Dell machines with OpenBSD ? Is the current models fully supported by OpenBSD (In special raid and network interfaces ) Thanks in advance. -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
Dell
Anyone running OBSD on DELL 840 server? -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
obsd web server
Hi folks, i would like to confgiure my obsd server as a web server. I would like to configure my web server to handle multiple domains without having to set each domain one by one. I mean: Every request for www.x.com is mapped into the root directory /var/web/www.x.com Got the idea ? If a new server is required, All i needed to do would create a directory inside /var/web with the full access string : mkdir /var/web/www.newdomain.com And i should not need to manipulate config files. Thanks in advance -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
ypldap
Hi folks. I am aware that ypldap serves information about user and group from ldap. My doubt is: what about other information like netgroup, bootparams, etc, etc ... ? Does it grab these data from local file ? Thanks in advance -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
openbsd rpc behavior
I am writing a program to query my portmap server. I am using the getport routine. The parameters i am using is program = 10 version = 3 protocol = 17 And it returns the port 111. But when i change version from 3 to, say, 10 It stills returns port 111. Should not it return another value ? I am querying a version that it is not registered . Thanks for clarifications. -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
yp and ldap
Hi folks, may some one in this list show me the standard that specifies the messages exchanged between ypserv and ldap server ? Thanks. -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
off-topic
Is qmail dead ? Does anyone here use openbsd with qmail+ldap ? -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
web server security
Hi folks! I am planning a web serve using openbsd as the os and using php. My question is: how to avoid any given user from implement an php script that will read some else file, since everything will run as the web server user and group ? thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
autofs
Hi folks! I have a questions regarding OpenBSD. Does it supports autofs ? Any reference regarding how to implement it? Thanks in advance. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: autofs
avoid autofs ? or amd ? Which should i avoid ? Em dom., 13 de jun. de 2021 às 18:48, Stuart Henderson escreveu: > On 2021-06-12, James Cook wrote: > > On Fri, Jun 11, 2021 at 11:04:15PM -0300, Gustavo Rios wrote: > >> Hi folks! > >> > >> I have a questions regarding OpenBSD. Does it supports autofs ? > >> Any reference regarding how to implement it? > >> > >> Thanks in advance. > >> > >> -- > >> The lion and the tiger may be more powerful, but the wolves do not > perform > >> in the circus > > > > See amd(8). I have not used it or Linux's autofs, but I think they have > the > > same purpose. > > > > They do, but they work quite differently; amd(8) uses a localhost NFSv2 > mount. There are some issues with this, including a 2GB maximum file size. > You might do better to avoid it if possible. > > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
amd and 2GB limit
Hi folks, Is there this limit yet in amd ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
am and nfsv3
Hi folks! Does openbsd amd use NFSv3 ? Thanks in advance. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
socket core
Hi folks. I have a simple question : How many cores does OBSD support ? Thanks a lot -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
socket cores
Hi folks! I have a simple question: how many cores does OBSD support ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
rpc
Hi folks! I wonder if nis/nfs/amd a good choice for sharing information and data in a heterogeneous environment? If not how to replace these technologies Thanks a lot. Gustavo -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: rpc
Em qua., 20 de mar. de 2024 às 01:44, Geoff Steckel escreveu: > On 3/20/24 00:06, Gustavo Rios wrote: > > Hi folks! > > > > I wonder if nis/nfs/amd a good choice for sharing information and data > > in a heterogeneous environment? > > If not how to replace these technologies > > > > Thanks a lot. > > Gustavo > > NFS/NIS/AMD are very old technology and are not robust. > How to replace NIS ? > Each OS implements different and only somewhat interoperable versions. > > You really need to give a better idea of the size and shape of the problem. > How much data? > What size is each datum? > What latency is allowed? > Concurrency & locking? > What kind of data? > Tightly coupled or looser networked? > Central control or fully distributed? > > It sounds like you want a real-time networked message passing system but > you need to supply vital details. > best, > Geoff Steckel > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: rpc
how to replace nfs ? Em qua., 20 de mar. de 2024 às 19:27, Alexis escreveu: > Gustavo Rios writes: > > >> NFS/NIS/AMD are very old technology and are not robust. > > > > How to replace NIS ? > > Perhaps an LDAP implementation, e.g. OpenLDAP? > https://www.openldap.org/ > > > Alexis. > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
maximum file system size
Hi folks! What is the maximum file size in OpenBSD ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
python dev
Hi folks! May some here tell me if openbsd supports python dev package in the ports collection ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: Geomant - Would you review my first C project ?
Hi! Do you want to learn howto program ? This is the book: The Science Of Programming, by David Gries Do you want to learn how to code ? You need to specify the language. In case of C (ANSI C) the book is: The C Programming Labguage, by Brian W. Kernihghan and Dennis M. Ritche Good Luck. Em sáb., 6 de ago. de 2022 às 16:17, Sylvain Saboua escreveu: > Hi. > > I want to learn C and to that effect I started > a first project of a program, Geomant. > > The version-named file is the first version that > I both consider accomplished and bug-free. > (using clang on openbsd 7.1) > > The geomant.c file is an attempt at improving the > code (mainly by declaring more variable locally) > that produces my first run-time bug instead of > a compiler warning or error. > > Would you review part of whole of either file > and tell me what you think of my code ? > > Thank you. > > For more information on geomanteia, see: > > http://naosofiakkhos.blogspot.com/2011/01/casting-of-shield-of-geomanteia.html > https://en.wikipedia.org/wiki/Geomantic_figures > > -- > Sylvain Saboua > from webmail -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Hpe and obsd
Hi folks! Does anybody here run obsd on hpe proliant dl 380 gen 10 Thanks.
*BSD and MariaDB server
Hi folks! I would like to know what would it be the best bsd (net/free/open) server to run a MariaDB server ? i mean in terms of performance. Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Installing with usb
Hi folks! I am trying to get openbsd installed in my notebook, i am using usb device (sandisk) to install it. The problem is that when i am given the choice of source for the install file sets, does not appear usb; only cd0 disk nfs http and the like. May someone help me ? Thanks a lot -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
login string size
What is the maximum login length on OpenBSD ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
hardware
What is the best supported servers by OpenBSD ? Dell, HPE, IBM or Oracle's ones ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: login string size
i meant not the time, but it's length: strlen(login). Sorry not to be clear. Thanks Em seg., 17 de abr. de 2023 às 17:21, Theo de Raadt escreveu: > Gustavo Rios wrote: > > > What is the maximum login length on OpenBSD ? > > You can stay logged in as long as you want. > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
web hosting
I am in need to host my homepage and programs i have written. Do have any suggestion on web hosting services that alllow ssh access too? Thanks a lot -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
Re: When will be created a great desktop experience for OpenBSD?
desktop! Never, at least that Em qui, 23 de mai de 2019 às 16:00, Patrick Harper escreveu: > > Our ideas of the setup process aren't equal so I disagree. > > -- > Patrick Harper > paia...@fastmail.com > > On Thu, 23 May 2019, at 18:16, Raul Miller wrote: > > This looks like violent agreement. (It's perhaps worth noting that if > > you change the first word here from "No" to "Yes" that the idea being > > expressed does not change.) > > > > Thanks, > > > > -- > > Raul > > > > On Thu, May 23, 2019 at 1:35 PM Patrick Harper wrote: > > > > > > No, the installation program should make setup as easy as possible. The > > > idea of a common development platform for X being suited only for circa > > > 100dpi screens in 2019 is ludicrous. Making users pore through > > > half-a-dozen man pages and config files to make their X systems usable on > > > hidpi screens is ludicrous. > > > > > > -- > > > Patrick Harper > > > paia...@fastmail.com > > > > > > On Thu, 23 May 2019, at 16:58, Ingo Schwarze wrote: > > > > Hi, > > > > > > > > Patrick Harper wrote on Thu, May 23, 2019 at 04:50:54PM +0100: > > > > > > > > > I think OpenBSD could be made easier to set up for GUI applications > > > > > if some configuration that is currently done in files could be moved > > > > > to the install program. > > > > > > > > I very strongly oppose the idea. > > > > > > > > > These questions (or similar) could be shown > > > > > > > > Absolutely not. The installer should ask as few questions as possible, > > > > ideally none whatsoever. *That* is a way to simplify setup. > > > > > > > > The topics you mention have nothing to do with installation. > > > > They are merely low-importance user configuration that can be done > > > > at any time if desired. But almost no user will ever have to consider > > > > any of those; i certainly didn't, ever, and i have been using many > > > > OpenBSD computers for almost two decades now, including with a wide > > > > variety of GUI applications. > > > > > > > > Yours, > > > > Ingo > > > > > > > > > > -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
network io
Hi folks, is there anyone using obsd with dell servers using 50Gb/s network card ? Or even 10 Gb/s ? What do you heave to report ? Thanks to share your experience.! -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
50Gbe
Hi folks! I wonder if OBSD supports 50Gbe network cards. And what is the cable standard to support such data transfers ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
documentation
Hi folks, I would like to download a pdf version of the faq and pf guide for openbsd 7.1. May some one here point me where i could fetch the pdf documentation from ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
gpt+uefi boot+openbsd+linux
May some one here suggest a documentation the explains this scenario ? I am in needof this. Thanks in advance! Gustavo. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
rpcbind security
Hi folks! How does openbsd rpcbind prevent ordinary users to unset a given rpc port mapping registered by, for instance, the root user ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: rpcbind security
may some here points me where rpcbind is implemented ? I would like to see the C code of it. Thanks. Em sex., 17 de jun. de 2022 às 00:20, Theo de Raadt escreveu: > Gustavo Rios wrote: > > > Hi folks! > > > > How does openbsd rpcbind prevent ordinary users to unset a given rpc port > > mapping registered by, for instance, the root user ? > > Poorly. > > It will only allow local root (who request upon a reserved port) to touch > ports which are reserved (< 1024), and 2049 is treated the same way. > > If root wants safe RPC, it needs to use reserved ports. > > Please don't bring up the argument that reserved ports are an outdated > concept, it is obvious right here they aren't. > > It is difficult to improve the RPC ecosystem, it kind of is what it is, > and noone new services use it. > > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
rpcbind security
Excuse me, but how does rpcbind know that a incoming request, for set/unset, comes from the root user ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
obsd wifi
Hi folks! I have just installed OpenBSD in my brand new notebook. It is a dell notebook that came with just a wifi NIC. How do i discover the name o my wifi nic ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: obsd wifi
how to install via pkg_add if i have no network connection ? Em sáb., 4 de mai. de 2024 às 15:25, Mikhail Pchelin escreveu: > On Sat, May 04, 2024 at 03:01:54PM -0300, Gustavo Rios wrote: > > Hi folks! > > > > I have just installed OpenBSD in my brand new notebook. It is a dell > > notebook that came with just a wifi NIC. How do i discover the name o my > > wifi nic ? > > Look at 'dmesg' and 'lspci' output, last one from 'pkg_add pciutils'. > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
wifi
Hi folks! I would like to setup my openbsd wifi but up to now, no success. Here is my lspci output. May some one help me ? Thanks a lot. 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE 802.11ac PCIe Wireless Network Adapter -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: wifi
Here you have them: Em qui., 23 de mai. de 2024 às 02:59, Otto Moerbeek escreveu: > On Thu, May 23, 2024 at 01:44:57AM -0300, Gustavo Rios wrote: > > > Hi folks! > > > > I would like to setup my openbsd wifi but up to now, no success. > > Here is my lspci output. May some one help me ? > > > > Thanks a lot. > > > > 02:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE > > 802.11ac PCIe Wireless Network Adapter > > > > -- > > The lion and the tiger may be more powerful, but the wolves do not > perform > > in the circus > > It helps more to send a dmesg, to see what the kernel thinks about the > device, > > -Otto > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus OpenBSD 7.5 (GENERIC.MP) #82: Wed Mar 20 15:48:40 MDT 2024 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8242978816 (7861MB) avail mem = 7972106240 (7602MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.4 @ 0x5d033000 (75 entries) bios0: vendor Dell Inc. version "1.16.0" date 06/20/2023 bios0: Dell Inc. Inspiron 15 3520 efi0 at bios0: UEFI 2.7 efi0: Dell rev 0x1 acpi0 at bios0: ACPI 6.3 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP SSDT SSDT SSDT HPET APIC MCFG SSDT SSDT SSDT NHLT SSDT LPIT SSDT SSDT DBGP DBG2 BOOT MSDM SSDT TPM2 DMAR SSDT SSDT SSDT SSDT PHAT BGRT FPDT acpi0: wakeup devices PEG0(S4) PEGP(S4) PEGP(S4) PEG2(S4) PEGP(S4) XHCI(S0) XDCI(S4) HDAS(S4) CNVW(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 1920 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.68 MHz, 06-9a-04, patch 042a cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 38MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.2.0.1.0.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.69 MHz, 06-9a-04, patch 042a cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 8 (application processor) cpu2: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042a cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu2: smt 0, core 4, package 0 cpu3 at mainbus0: apid 9 (application processor) cpu3: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042a cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,C
Re: wifi
Is there plan to add support ? Thanks a lot Em qui., 23 de mai. de 2024 às 04:10, Otto Moerbeek escreveu: > On Thu, May 23, 2024 at 03:56:01AM -0300, Gustavo Rios wrote: > > > Here you have them: > > ... > "Realtek 8821CE" rev 0x00 at pci2 dev 0 function 0 not configured > > That means there is no driver available in OpenBSD for that card. > > -Otto > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
x64
Dear OpenBSD-Misc. i have installed obsd 7.5 amd64. I wrote a small function and apparently, obsd is not generating x64 bit code. I am very confused by the output os file and nm program on my anci c code. Here you have them: etosha# file xdr_vopq.o xdr_vopq.o: ELF 64-bit LSB relocatable, x86-64, version 1 etosha# That´s ok, the output above reports 64-bit, but when i run nm: etosha# nm xdr_vopq.o W __retguard_1176 W __retguard_3137 U __xdri32 U __xdropq T __xdrvopq 0070 T xdr_vopq F xdr_vopq.c etosha# Why the address showed are 32-bit. I simply cannot understand this. Thanks a lot -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
cpu cores
Hi folks! i have installed obsd on my dell notebook 8 cores processor. When i execute the top utility, it is showed the cores, from 0 (cpu0) to 7 (cpu7), but cpu1 and cpu3 is not listed. What is the problem ? Thanks a lot. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: cpu cores
here it goes! Em sáb., 8 de jun. de 2024 às 04:30, Philip Guenther escreveu: > On Fri, Jun 7, 2024 at 10:58 PM Gustavo Rios > wrote: > > i have installed obsd on my dell notebook 8 cores processor. When i > execute the top utility, it is showed the cores, from 0 (cpu0) to 7 (cpu7), > but cpu1 and cpu3 is not listed. What is the problem ? > > You've been on these lists for over 15 years and yet didn't include a > complete dmesg. Ok. > > If your dmesg completely lacks lines for cpu1 and cpu3 (but not 2 or 4 > or 5) then it's a limitation of that exact model and how the BIOS has > it configured. > > But that's really bizarre. Too bad we have zero information about > your laptop and the cpus inside it. > > > Philip Guenther > -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus OpenBSD 7.5 (GENERIC.MP) #82: Wed Mar 20 15:48:40 MDT 2024 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8242978816 (7861MB) avail mem = 7972089856 (7602MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.4 @ 0x5d033000 (75 entries) bios0: vendor Dell Inc. version "1.16.0" date 06/20/2023 bios0: Dell Inc. Inspiron 15 3520 efi0 at bios0: UEFI 2.7 efi0: Dell rev 0x1 acpi0 at bios0: ACPI 6.3 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP SSDT SSDT SSDT HPET APIC MCFG SSDT SSDT SSDT NHLT SSDT LPIT SSDT SSDT DBGP DBG2 BOOT MSDM SSDT TPM2 DMAR SSDT SSDT SSDT SSDT PHAT BGRT FPDT acpi0: wakeup devices PEG0(S4) PEGP(S4) PEGP(S4) PEG2(S4) PEGP(S4) XHCI(S0) XDCI(S4) HDAS(S4) CNVW(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 1920 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.68 MHz, 06-9a-04, patch 042a cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 38MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.2.0.1.0.1, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: 12th Gen Intel(R) Core(TM) i3-1215U, 4390.69 MHz, 06-9a-04, patch 042a cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 8 (application processor) cpu2: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042a cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,PT,SHA,UMIP,PKU,WAITPKG,PKS,MD_CLEAR,IBT,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TAA_NO,MISC_PKG_CT,ENERGY_FILT,DOITM,SBDR_SSDP_N,FBSDP_NO,PSDP_NO,RRSBA,OVERCLOCK,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 48KB 64b/line 12-way D-cache, 32KB 64b/line 8-way I-cache, 1MB 64b/line 10-way L2 cache, 10MB 64b/line 10-way L3 cache cpu2: smt 0, core 4, package 0 cpu3 at mainbus0: apid 9 (application processor) cpu3: 12th Gen Intel(R) Core(TM) i3-1215U, 3991.51 MHz, 06-9a-04, patch 042
openbsd console
Hi folks! How to change my console resolution to 1920x1080 ? What is the command ? Thanks. -- The lion and the tiger may be more powerful, but the wolves do not perform in the circus
Re: Any experiences with HP hw.product=ProLiant DL365 and DL385 G2?
I am interested too! If possible, let me know what feedback you got. thanks in advance. best regards. On 12/15/06, Reyk Floeter <[EMAIL PROTECTED]> wrote: hi, i'm looking for OpenBSD test reports on the new HP ProLiant DL365 and DL385 G2 series servers (the new opteron servers, not the intel stuff). i'm trying to get demo boxes but this will unfortunately take some more time... :(. i would appreciate to get a dmesg, please contact me if you have access to one of these products. thanks in advance, reyk
HP Server
Dear list members, i am searching for reports from ones running openbsd 4.0 on the followig hardware: 0) HP Proliant 320 G5 1) HP Proliant 320s 2) HP Proliant 360 G5 3) Dell PowerEdge 860 4) Dell PowerEdge 1950 5) IBM eSystem x306m 6) IBM System X3550 Are they fully supported Network/RAID/SCSI/etc (i mean rock solid operation under very high stress load?) Could you send me a dmesg? Thanks in advance
Re: Looking for PE860 dmesg
I am considering a PE860 for my new Obsd 4.0 server, but i am confused
about this hardware.
My main doubt is if i can have two raid controller within this device!
Thanks a lot for your time and cooperation.
On 12/12/06, Jason Dixon <[EMAIL PROTECTED]> wrote:
On Nov 29, 2006, at 1:08 PM, Jason Dixon wrote:
> Anyone have a working dmesg from a Dell PowerEdge 860?
For the archives. I got ahold of a new PE860, runs OpenBSD 4.0 just
fine.
# sysctl hw.sensors
hw.sensors.0=ipmi0, Temp, 44.00 degC, OK
hw.sensors.1=ipmi0, Planar Temp, 30.00 degC, OK
hw.sensors.2=ipmi0, CMOS Battery, 3.04 V DC, OK
hw.sensors.3=ipmi0, PROC Fan, 3075 RPM, OK
hw.sensors.4=ipmi0, DIMM Fan, 3000 RPM, OK
hw.sensors.5=ipmi0, PCI Fan, 1350 RPM, CRITICAL
hw.sensors.6=ipmi0, Intrusion, Off, OK
# dmesg
OpenBSD 4.0 (GENERIC.MP) #936: Sat Sep 16 19:27:28 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel(R) Pentium(R) D CPU 2.80GHz ("GenuineIntel" 686-class)
2.81 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-
CPL,EST,CNXT-ID,CX16
real mem = 1073053696 (1047904K)
avail mem = 970772480 (948020K)
using 4256 buffers containing 53755904 bytes (52496K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 11/02/06, BIOS32 rev. 0 @
0xffe90, SMBIOS rev. 2.4 @ 0xfa5b0 (48 entries)
bios0: Dell Computer Corporation PowerEdge 860
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfba60/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801GB LPC" rev
0x00)
pcibios0: PCI bus #5 is the last bus
bios0: ROM list: 0xc/0x9000 0xc9000/0x1000 0xca000/0x1800
0xec000/0x4000!
ipmi0 at mainbus0: version 1.5 interface KCS iobase 0xca8/8 spacing 4
mainbus0: Intel MP Specification (Version 1.4) (DELL PE 01E6 )
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 200 MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Pentium(R) D CPU 2.80GHz ("GenuineIntel" 686-class)
2.81 GHz
cpu1:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,
CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-
CPL,EST,CNXT-ID,CX16
mainbus0: bus 0 is type PCI
mainbus0: bus 1 is type PCI
mainbus0: bus 2 is type PCI
mainbus0: bus 3 is type PCI
mainbus0: bus 4 is type PCI
mainbus0: bus 5 is type PCI
mainbus0: bus 6 is type ISA
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel E7230 MCH" rev 0x00
ppb0 at pci0 dev 1 function 0 "Intel E7230 PCIE" rev 0x00
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01
pci2 at ppb1 bus 2
ppb2 at pci0 dev 28 function 4 "Intel 82801G PCIE" rev 0x01
pci3 at ppb2 bus 3
bge0 at pci3 dev 0 function 0 "Broadcom BCM5721" rev 0x11, BCM5750 B1
(0x4101): apic 2 int 16 (irq 5), address 00:15:c5:f5:74:ce
brgphy0 at bge0 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
ppb3 at pci0 dev 28 function 5 "Intel 82801G PCIE" rev 0x01
pci4 at ppb3 bus 4
bge1 at pci4 dev 0 function 0 "Broadcom BCM5721" rev 0x11, BCM5750 B1
(0x4101): apic 2 int 17 (irq 3), address 00:15:c5:f5:74:cf
brgphy1 at bge1 phy 1: BCM5750 10/100/1000baseT PHY, rev. 0
uhci0 at pci0 dev 29 function 0 "Intel 82801GB USB" rev 0x01: apic 2
int 20 (irq 11)
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801GB USB" rev 0x01: apic 2
int 21 (irq 10)
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: apic 2
int 22 (irq 6)
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01: apic 2
int 20 (irq 11)
usb3 at ehci0: USB revision 2.0
uhub3 at usb3
uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub3: 6 ports with 6 removable, self powered
ppb4 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xe1
pci5 at ppb4 bus 5
vga1 at pci5 dev 5 function 0 "ATI ES1000" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ichpcib0 at pci0 dev 31 function 0 "Intel 82801GB LPC" rev 0x01: PM
disabled
pciide0 at pci0 dev 31 function 1 "Intel 82801GB IDE" rev 0x01: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
atapiscsi0 at pciide0 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:
SCSI0 5/cdrom removable
cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
pciide1 at pci0 dev 31
openbsd and APC UPS
Dear list members, i would like to configure my UPS device for openbsd. But i am unsure whether it is supported by any of openbsd port's ups programs. Is there anyone that would allow to handle it under openbsd ? Here you got information about my ups system (from my dmesg output) uhidev1 at uhub3 port 1 configuration 1 interface 0 uhidev1: American Power Conversion Back-UPS ES 600 FW:820.x1d.D USB FW:x1d, rev 1.10/0.06, addr 2, iclass 3/0 Thanks in advance.
Re: openbsd and APC UPS
Is there any anything already done in ports ? On 12/31/06, Michael <[EMAIL PROTECTED]> wrote: Gustavo Rios schrieb: > i would like to configure my UPS device for openbsd. But i am unsure > whether it is supported by any of openbsd port's ups programs. Is > there anyone that would allow to handle it under openbsd ? > > Here you got information about my ups system (from my dmesg output) > > uhidev1 at uhub3 port 1 configuration 1 interface 0 > uhidev1: American Power Conversion Back-UPS ES 600 FW:820.x1d.D USB > FW:x1d, rev > 1.10/0.06, addr 2, iclass 3/0 Just go to apcupsd.com, download the stable sources and follow the instructions from the documentation. Also take a look at the OpenBSD section because you'll have to recompile the kernel to make it work. After that it works like a charm... ugen0 at uhub0 port 1 ugen0: American Power Conversion Back-UPS CS 500 FW:808.q5.I USB FW:q5, rev 1.10/0.06, addr 2 $ apcaccess APC : 001,041,1064 DATE : Sun Dec 31 18:58:01 CET 2006 HOSTNAME : *censored* RELEASE : 3.12.4 VERSION : 3.12.4 (19 August 2006) openbsd UPSNAME : Soekris CABLE: USB Cable MODEL: Back-UPS CS 500 UPSMODE : Stand Alone STARTTIME: Tue Dec 05 07:26:42 CET 2006 STATUS : ONLINE LINEV: 226.0 Volts LOADPCT : 12.0 Percent Load Capacity BCHARGE : 100.0 Percent TIMELEFT : 39.8 Minutes MBATTCHG : 10 Percent MINTIMEL : 5 Minutes MAXTIME : 0 Seconds OUTPUTV : 230.0 Volts DWAKE: 000 Seconds DSHUTD : 000 Seconds LOTRANS : 196.0 Volts HITRANS : 256.0 Volts RETPCT : 000.0 Percent ITEMP: 29.2 C Internal ALARMDEL : Always BATTV: 13.5 Volts LINEFREQ : 49.0 Hz LASTXFER : Low line voltage NUMXFERS : 1 XONBATT : Sun Dec 10 12:10:59 CET 2006 TONBATT : 0 seconds CUMONBATT: 2 seconds XOFFBATT : Sun Dec 10 12:11:01 CET 2006 SELFTEST : NO STATFLAG : 0x0708 Status Flag SERIALNO : BB0524039036 BATTDATE : 2005-06-10 NOMBATTV : 12.0 FIRMWARE : 08.q5.I USB FW:q5 APCMODEL : Back-UPS CS 500 END APC : Sun Dec 31 18:58:05 CET 2006
NIS and DNS
Dear list members, i have reading Makefiles for building nis databases and realized there is an option "-b" for allowing hostnames to be retrieved from DNS. Correct me if i am wrong but i understand all hostname spaces are made available for each of the nis domains one is managing after enabling such option. After managing to have yp lookuing up hostnames on DNS what would it be the rationale behind using netgroups for managing hostnames after they all have been made available through DNS usage. Thanks in advance.
Re: User authentication
Do you have it working with openbsd too ? I mean for replacing NIS! If not, is there a NIS server that uses openldap as backend for its data ? Is it open source? Wouldn't it be an interesting approach ? Thanks in advance. On 1/4/07, L. V. Lammert <[EMAIL PROTECTED]> wrote: At 09:18 PM 1/4/2007 +0100, Diego . wrote: >Hello, > >I'm new on this list, and use openbsd since 3.8. And now i'm pretty deciced >to make it my main server os at work. But i got a question about user >authentication. > >At work all machines are linux machines, and we got 3 windows machines. >Network on my work is getting bigger, so i wonder what should be the best >way to make centralized user authentication ( including gruops, logon >scripts, and some file sharing like home dir ). > >I know about nis+nfs, OpenLDAP is the best repository, .. it does work with the current version of Samba. We're actually implementing it here for mail users, but have not finished the production version. Lee
Re: User authentication
Could it be OpenAFS ? On 1/4/07, Diego . <[EMAIL PROTECTED]> wrote: Jacob, your aproach is interesting. I will take a look at this. Gustavo, well i'm looking for something to avoid have two differents servers ( samba and nfs ). But, maybe this one is the easiest way. What about login scripts? is it posible? thanks On 1/4/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > Do you have it working with openbsd too ? I mean for replacing NIS! > > If not, is there a NIS server that uses openldap as backend for its > data ? Is it open source? > Wouldn't it be an interesting approach ? > > Thanks in advance. > > On 1/4/07, L. V. Lammert <[EMAIL PROTECTED]> wrote: > > At 09:18 PM 1/4/2007 +0100, Diego . wrote: > > >Hello, > > > > > >I'm new on this list, and use openbsd since 3.8. And now i'm pretty deciced > > >to make it my main server os at work. But i got a question about user > > >authentication. > > > > > >At work all machines are linux machines, and we got 3 windows machines. > > >Network on my work is getting bigger, so i wonder what should be the best > > >way to make centralized user authentication ( including gruops, logon > > >scripts, and some file sharing like home dir ). > > > > > >I know about nis+nfs, > > > > OpenLDAP is the best repository, .. it does work with the current version > > of Samba. We're actually implementing it here for mail users, but have not > > finished the production version. > > > > Lee
Re: java on openbsd 4.0?
Is it possible to build jdk;java directly from openbsd: I always believed i had to "install" linux emulation first. Thanks for the clarifications. On 1/9/07, J.C. Roberts <[EMAIL PROTECTED]> wrote: On Tuesday 09 January 2007 06:20, bofh wrote: > On 1/9/07, J.C. Roberts <[EMAIL PROTECTED]> wrote: > > On Monday 08 January 2007 17:38, bofh wrote: > > > I tried installing the jdk I had built under 3.9, jdk-1.5.0p14, > > > that installed without problems, however: > > > > It has been said many, many times yet people still regularly make > > same the mistake which you have made: Packages (and ports) from one > > version of OpenBSD are not supported under other versions. > > > > You might think you and your FrankenSystem are somehow clever but > > more often than not, you are wasting your time. You are much better > > off doing things in the supported manner. > > Dude, > I *was* trying to set it up in the supported manner. See the > previous parts of the email. I was just testing it to see if it may > work, since the supported manner did not work. > > Thanx. I've been in no rush to build and install java, and in fact I've been dreading the idea for a couple months but since you're hitting problems, I decided to start on it after reading your post to see if I could help. In the handful of hours since my last reply, I've managed to download, build and install jdk 1.3 from ports and I've got 1.4 currently building while I type this. As you probably know, having a working JVM is a prerequisite for building 1.4 and 1.5. As soon as I get 1.4 built and installed, I'll start on 1.5 Like OpenOffice, building java seems to use a a lot of swap. How large is your swap partition/slice? My limits are (far) more conservative than yours: $ ulimit -a time(cpu-seconds)unlimited file(blocks) unlimited coredump(blocks) unlimited data(kbytes) 524288 stack(kbytes)4096 lockedmem(kbytes)315906 memory(kbytes) 946192 nofiles(descriptors) 64 processes64 $ Lastly, as what user are you building the port? Kind Regards, JCR
Re: Merchandise idea: OpenBSD mug
I am interested in buying some. Good ideia. On 1/12/07, Samurai Chef <[EMAIL PROTECTED]> wrote: I'll do it. I'll order some and announce here. I'll set up a ebay store for the merchandise. contact me with requests.
Re: BSD thin client
I am very interested in this matter. Are you doing any development on openbsd 4.0 for such regard ? Where is the home page? BTW: i could not see in current openbsd dhcpd server configuration options as stated in www.thinbsd.org manual instructions. Good Bye. On 2/1/07, Ramdas <[EMAIL PROTECTED]> wrote: On 2/1/07, David DELAVENNAT <[EMAIL PROTECTED]> wrote: > Ramdas a icrit : > > On 1/28/07, Josh Tolley <[EMAIL PROTECTED]> wrote: > >> On 1/27/07, Reiner Jung <[EMAIL PROTECTED]> wrote: > >> > In the next 2 weeks, a free NX client will be released which is > >> runs on > >> > OpenBSD without Linux emulation. All closed source parts from > >> Nomachine > >> > client are rewritten. As there are some parts from original Nomachine > >> > client was used, it will be released under the GPL > >> > >> That's excellent news! I assume this email list list will hear about it? > >> > >> -Josh > >> > >> > > > > Hi all, > > > > I was on leave so I didnot reply. > > Thanx for the responses. > > > > Here is config of the box: > > Ram : 256 MB > > Hdd : 20 GB (hdd space is not an issue. and we won't be using NFS as > > these terminals might be placed at remote locations.) > > Processor : pIII. > > > > We are basically trying to biuld a GUI interface for the end user on a > > robust OS / platform . Idea is that the box should boot and start the > > application GUI directly which will take input from the user & send > > the data to the central server ( over lan or dial up modem ). > > > > Also kindly advise if OpenBsd with some X interface will be a correct > > choice for this or we should be looking for Java OS / Java X > > interface. > > > > Is there any good howto/link to build a thin client for Obsd. > > > > Thanx again. > > > > Regards > > Ram > > > Hi Ram, > > i done an obsd based pxe boot thin client (it works too with local boot > from flash or hd). > It is composed by a kernel in which is rdestrooted a minimal system that > fetch the > workable system by ftp/http for lan based boot or from local flash. > As the system fetched is a regular tgz, you can put a full X and > whatever custom business oriented application you want. > After, the most ram you have the most things you can do. > and yes openbsd is well suited for this kind of usage ;) > I can send you the build framework if you want. > > You can see what we previously done with a FreeBSD based system at > http://www.thinbsd.org/ > The current developments are done with OpenBSD 4.0. > > Cordialement / Best regards > > /david > > Thanx for the info & quick reply. Regards Ram
pf multicast address: very simple question
Dear list members, i am setting up a firewall and would like to block any packet destinated to a multicast address with a protocol not equal to udp. Is this a sound rule? Is it possible? Thanks.
web sites not accessible
Dear list members,
i am trying to build a firewall. Up to now, everything is ok, except
for some http sites that cannot be shown.
I am really having a hard time trying to figure it out what is happening !
I believe something is wrong between rule 7 to 10 ( i am on network
defined by interface sis1).
I can ping world outside my private network, as also telnet, ssh, etc ...
I can access everything from inside the firewall itself. The problem
is that some web sites does not appear when accessing from the local
desktop, the scenario is the following:
access from access to status
firewall ok
desktopwww.unix.org nothing appears
desktopwww.gmail.com ok
Does anybody have any ideia about what is wrong (again, ssh, telnet,
ntp access from wihtin dekstop is 100% ok, only some web sites)
here goes my firewall rules:
#
# Macros
#
IIF_0 = "sis0"
IIF_1 = "sis1"
IIF_2 = "sis2"
EIF = "pppoe0"
#
# Tables
#
table persist const { 127/8 255/8 0/8 }
table persist const { 10/8 172.16/12 192.168/16 }
table persist const { 224/4 }
table persist { 10/8 172.16/12 192.168/16 !10/25
!10.0.0.128/26 !10.0.0.192/26 }
table persist
table persist { 10/25 10.0.0.128/26 10.0.0.192/26 }
#
#
# Options
#
#
set loginterface $EIF
set skip on lo0
set debug misc
set state-policy if-bound
set block-policy return
###
#
# Traffic Normalization
#
###
##
#
# Queueing
#
##
#
#
# Translation (first match wins). Only appliable if $EIF is a public address.
#
#
no nat on $EIF from { ($IIF_0) ($IIF_1) ($IIF_2) }
nat on $EIF from ($IIF_0:network) to ! tag NAT -> ($EIF)
nat on $EIF from ($IIF_1:network) to ! tag NAT -> ($EIF)
nat on $EIF from ($IIF_2:network) to ! tag NAT -> ($EIF)
##
#
# Packet Filtering (last match wins)
#
##
# let's block everything by default
block log all
# everything may come in and out the host itself (two rules per interface)
pass in log on $IIF_0 from ($IIF_0:network) to ($IIF_0) flags S/SA keep state
pass out log on $IIF_0 from ($IIF_0) to ($IIF_0:network) flags S/SA keep state
pass in log on $IIF_1 from ($IIF_1:network) to ($IIF_1) flags S/SA keep state
pass out log on $IIF_1 from ($IIF_1) to ($IIF_1:network) flags S/SA keep state
pass in log on $IIF_2 from ($IIF_2:network) to ($IIF_2) flags S/SA keep state
pass out log on $IIF_2 from ($IIF_2) to ($IIF_2:network) flags S/SA keep state
pass in log on $EIF to ($EIF) flags S/SA keep state
pass out log on $EIF from ($EIF) flags S/SA keep state ! tagged NAT
# allowed traffic configuration goes here
pass out log on $EIF from ($EIF) flags S/SA keep state tagged NAT
pass in log on $IIF_1 flags S/SA keep state
# default on each internal interface (private address)
block in log on $IIF_0 from { ($IIF_0) ($IIF_0:broadcast) !($IIF_0:network) }
block in log on !$IIF_0 to ($IIF_0:broadcast)
block in log on $IIF_0 to
#block in log on $IIF_0 proto ! udp to
block in log on $IIF_1 from { ($IIF_1) ($IIF_1:broadcast) !($IIF_1:network) }
block in log on !$IIF_1 to ($IIF_1:broadcast)
block in log on $IIF_1 to
#block in log on $IIF_1 proto ! udp to
block in log on $IIF_2 from { ($IIF_2) ($IIF_2:broadcast) !($IIF_2:network) }
block in log on !$IIF_2 to ($IIF_2:broadcast)
block in log on $IIF_2 to
#block in log on $IIF_2 proto ! udp to
# default external interface (public address)
block in log on $EIF from ($EIF)
# additional rules
block in log on $EIF from {}
block in log on $EIF to ! tagged RDR
block in log on $EIF to { }
#block in log on $EIF proto ! udp to
Re: web sites not accessible
Thanks, but i am using kernel pppoe! How can it be changed? On 2/11/07, Paul D. Ouderkirk <[EMAIL PROTECTED]> wrote: >On 2/10/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > Dear list members, > > i am trying to build a firewall. Up to now, everything is ok, except > for some http sites that cannot be shown. > ... > > I can ping world outside my private network, as also telnet, ssh, etc ... > This may be a long-shot, but I once had similar symptoms on a network with a PPPoE DSL connection. Everything would work as I expected, but certain web sites would just never load. Try lowering the MTU on the PPPoE interface, it worked for me. In /etc/ppp/ppp.conf: set mtu max 1480 Try setting various values starting at 1480 and lowering the value until the web page problem is fixed. -- -- Paul D. Ouderkirk Senior UNIX System Administrator JadedPixel Technologies [EMAIL PROTECTED] -- laughing, in the mechanism -- William Gibson
Re: web sites not accessible
Dear gentelmen/madams, i would like to thank you all for you suggestion. They were to the point. Now, one doubt raised up in regards to man 4 pppoe and the link suggested below. In theory, what should it be the maximum MSS over a PPPoE interface; 1452 or 1454 ? Thanks once more. On 2/11/07, Timo Schoeler <[EMAIL PROTECTED]> wrote: In epistula a "Gustavo Rios" <[EMAIL PROTECTED]> die horaque Sun, 11 Feb 2007 12:55:14 -0200: > Thanks, but i am using kernel pppoe! How can it be changed? might be of help http://www.mynetwatchman.com/kb/adsl/pppoemtu.htm HTH, timo > On 2/11/07, Paul D. Ouderkirk <[EMAIL PROTECTED]> wrote: > > >On 2/10/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > > > Dear list members, > > > > > > i am trying to build a firewall. Up to now, everything is ok, > > > except for some http sites that cannot be shown. > > > > > ... > > > > > > I can ping world outside my private network, as also telnet, ssh, > > > etc ... > > > > > > > This may be a long-shot, but I once had similar symptoms on a > > network with a PPPoE DSL connection. Everything would work as I > > expected, but certain web sites would just never load. > > > > Try lowering the MTU on the PPPoE interface, it worked for me. > > > > In /etc/ppp/ppp.conf: > > > > set mtu max 1480 > > > > Try setting various values starting at 1480 and lowering the value > > until the web page problem is fixed. > > > > -- > > -- > > Paul D. Ouderkirk > > Senior UNIX System Administrator > > JadedPixel Technologies > > [EMAIL PROTECTED] > > -- > > laughing, > > in the mechanism > > -- William Gibson
rwhod
Dear list members, i am trying as root to get the output of rwhod daemon, but nothing is show when stdout is redirected. # rwhod -d sendto 10.0.0.191.513 hostname etosha up 0:07 load 0.37, 0.36, 0.19 host etosha But, # rwhod -d | cat As you can see nothing is show. Any ideia about what i am doing wrong ? Thanks in advance.
Re: pf log question
Could you send your pf.conf entirely? On 2/27/07, Frans Haarman <[EMAIL PROTECTED]> wrote: # tcpdump -e -ttt -n -i pflog0 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes 00 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 > 224.0.0.22: igmp v3 report, 1 group record(s) 001063 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 > 224.0.0.22: igmp v3 report, 1 group record(s) 875640 rule 4294967295/unkn(8): pass in on bge0: 172.16.10.89 > 224.0.0.22: igmp v3 report, 1 group record(s) I dont remember setting any log options in PF! But this is what I get Am I supposed to see this or is my setup broken ? ;)
Re: HP Prolliant DL320 G4 -SAS- Supported?
I am interested too. On 2/27/07, Alejandro Lozanoff <[EMAIL PROTECTED]> wrote: Hi list, I was wondering if anyone has tried this machine succesfully? The SmarArray P800 is supported on 4.0 (and the P400 and e200 seems to have been added to 4.1), altough ciss(4) doesnt mention SAS on the 4.0 version, only SATA. Is it the same? The nic exact model isnt listed on bge(4) but it might just work. I dont know about the rest of the stuff, chipsets, motherboard, sensors, etc. If it doesnt work it'll be the same as paperweight, so i want to be sure before buying. Thanks in advance, Alejandro. PS: I know about http://www.armorlogic.com/openbsd_information_server_compatibility_list.html but it's not listed there.
strange configuration file
Hey folks, good morning. i have just remote installed one openbsd box. While doing initial configuration, i realized a "strange" file inside /etc tree. Every time i installed openbsd i had to create it by hand, it is resolv.conf.tail. Every other installation i had performed so far it never existed. Does anybody now what "resolv.conf.tail" means? Where did it come from ? Thanks in advance.
i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
Dear gentlemen/mamdam, i have managed to get my openbsd kerberos server working. It is working almost 100%. When i try to log in into a server by its name, no password is requested; and that's what i am expecting. It is like in: $ kinit [EMAIL PROTECTED]'s Password: $ ssh -l grios foo Last login: Mon Mar 12 14:23:23 2007 from 10.0.0.250 Could not chdir to home directory /home/grios: No such file or directory $ But when i try to log on the same server but by means of its ip address, i am requested to provide a password, like in: $ ssh -l grios 10.0.0.1 [EMAIL PROTECTED]'s password: Last login: Mon Mar 12 15:04:19 2007 from 10.0.0.250 Could not chdir to home directory /home/grios: No such file or directory $ I would like that sshd should only accept incoming connection authenticated by means of the ticket, and not by means of the password itself. So i have done the following configuration (only relevant parts) GSSAPIAuthentication yes KerberosAuthentication no KerberosGetAFSToken no KerberosOrLocalPasswd no KerberosTicketCleanup yes What i am doing wrong? I am really confused PS: Of course, /etc/passwd user grios entry's password is "*". THANK YOU A LOT FOR YOUR TIME AND COOPERATION.
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
How can i prevent a session to be openned without a ticket ? I do not want a password based authentication. Is it possible? On 3/12/07, Ryan Corder <[EMAIL PROTECTED]> wrote: On Mon, 2007-03-12 at 15:11 -0300, Gustavo Rios wrote: > But when i try to log on the same server but by means of its ip > address, i am requested to provide a password, like in: > > $ ssh -l grios 10.0.0.1 > [EMAIL PROTECTED]'s password: > Last login: Mon Mar 12 15:04:19 2007 from 10.0.0.250 > Could not chdir to home directory /home/grios: No such file or directory > $ Kerberos is fairly dependent on two things: name resolution and time synchronization. In the case of names, you probably have a host/my.server.com principle in your Kerberos realm, but there isn't one for host/1.2.3.4, thus Kerberos won't work since SSH is trying to request a ticket for a hostname that doesn't exist in the realm. > GSSAPIAuthentication yes > KerberosAuthentication no > KerberosGetAFSToken no > KerberosOrLocalPasswd no > KerberosTicketCleanup yes ChallengeResponseAuthentication, HostbasedAuthentication, PasswordAuthentication, and PubkeyAuthentication can all be set to 'no' to turn them off. However, I would suggest that you leave at least one alterntive authentication method on in case your Kerberos ever gets hosed or the time on your machine(s) get out of sync. later. ryanc -- Ryan Corder <[EMAIL PROTECTED]> Systems Engineer, NovaSys Health LLC. 501-219- ext. 646
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
Great, now i know howto prevent password autentication. But one thing remains strange. I have a user entry without a password. But there is a principal for it in kerberos. I re enabled password authentication but the Kerberos* sshd options remains no, and : He is still able to login. I believed since "KerberosAuthentication no" he should not login. What am i during wrong ? Thanks in advance. On 3/12/07, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote: Gustavo Rios wrote: > How can i prevent a session to be openned without a ticket ? > I do not want a password based authentication. > > Is it possible? > of course it is. you can disable password-based logins if you like, see /etc/ssh/sshd_config. get a simple setup working, use google and please, RTFM. cheers, jake > On 3/12/07, Ryan Corder <[EMAIL PROTECTED]> wrote: >> On Mon, 2007-03-12 at 15:11 -0300, Gustavo Rios wrote: >> > But when i try to log on the same server but by means of its ip >> > address, i am requested to provide a password, like in: >> > >> > $ ssh -l grios 10.0.0.1 >> > [EMAIL PROTECTED]'s password: >> > Last login: Mon Mar 12 15:04:19 2007 from 10.0.0.250 >> > Could not chdir to home directory /home/grios: No such file or >> directory >> > $ >> >> Kerberos is fairly dependent on two things: name resolution and time >> synchronization. In the case of names, you probably have a >> host/my.server.com principle in your Kerberos realm, but there isn't one >> for host/1.2.3.4, thus Kerberos won't work since SSH is trying to >> request a ticket for a hostname that doesn't exist in the realm. >> >> > GSSAPIAuthentication yes >> > KerberosAuthentication no >> > KerberosGetAFSToken no >> > KerberosOrLocalPasswd no >> > KerberosTicketCleanup yes >> >> ChallengeResponseAuthentication, HostbasedAuthentication, >> PasswordAuthentication, and PubkeyAuthentication can all be set to 'no' >> to turn them off. However, I would suggest that you leave at least one >> alterntive authentication method on in case your Kerberos ever gets >> hosed or the time on your machine(s) get out of sync. >> >> later. >> ryanc >> >> -- >> Ryan Corder <[EMAIL PROTECTED]> >> Systems Engineer, NovaSys Health LLC. >> 501-219- ext. 646
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
I don't want to disable GSSAPI. I want only one of two: 0) Autenticate via tickets (GSSAPI) 1) Authenticate via /etc/passwd. I don't want sshd perfoming password autenticating based on kerberos passwords. Ok? On 3/12/07, Darren Spruell <[EMAIL PROTECTED]> wrote: On 3/12/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > Great, now i know howto prevent password autentication. > > But one thing remains strange. > > I have a user entry without a password. But there is a principal for > it in kerberos. I re enabled password authentication but the Kerberos* > sshd options remains no, and : > > He is still able to login. I believed since "KerberosAuthentication > no" he should not login. Are you using Kerberos or GSSAPI to log in? > What am i during wrong ? Disabling KerberosAuthentication won't prohibit GSSAPI from working. see sshd_config(5) DS
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
I am imaging the following scenario: passwd user entry password is "*" user has not acquired a ticket user principal is setted in kerberos database sshd_options is setted: KerberosAuthentication No\nPasswordAuthentication yes Now, if the user issue: $ ssh -l xxx hostname My gues is that the session will fail to authenticate, right? Thanks in advance. On 3/12/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: I don't want to disable GSSAPI. I want only one of two: 0) Autenticate via tickets (GSSAPI) 1) Authenticate via /etc/passwd. I don't want sshd perfoming password autenticating based on kerberos passwords. Ok? On 3/12/07, Darren Spruell <[EMAIL PROTECTED]> wrote: > On 3/12/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > > Great, now i know howto prevent password autentication. > > > > But one thing remains strange. > > > > I have a user entry without a password. But there is a principal for > > it in kerberos. I re enabled password authentication but the Kerberos* > > sshd options remains no, and : > > > > He is still able to login. I believed since "KerberosAuthentication > > no" he should not login. > > Are you using Kerberos or GSSAPI to log in? > > > What am i during wrong ? > > Disabling KerberosAuthentication won't prohibit GSSAPI from working. > > see sshd_config(5) > > DS
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
All those are disabled! The fact that it is accepting a password for a users that have no password in passwd file when KerberosAuthentication is setted no is dropping down my hairs. Somebody could help me? On 3/12/07, Marco S Hyman <[EMAIL PROTECTED]> wrote: "Gustavo Rios" writes: > My gues is that the session will fail to authenticate, right? What about RSAAuthentication? What about PubkeyAuthentication? I've a non-kerberos system with a few users that have password entries of "*" to force ssh login using PubkeyAuthentication. // marc
KerberosAuthentication
Dear list members, I have setted openssh to work with kerberos. My initial ideia is to permit credential (tickets) or login password (/etc/passwd). In order to achieve so, i have the following (relevant part only) configuration: GSSAPIAuthentication yes KerberosAuthentication no KerberosGetAFSToken no KerberosOrLocalPasswd no KerberosTicketCleanup yes PasswordAuthentication yes I created a user with "*" password to force GSSAPI authentication. I got surprised when without having pulled the ticket (and remenber, with a "*" password entry in /etc/passwd) the user was still allowed to login by providing a password (from the kerberos server principal) Now, an explanation: PasswordAuthentication Use this directive to specify if a password must be accepted as proof of identity at login. If KerberosAuthentication is disabled, the login password is sufficient. However, when KerberosAuthentication is also enabled, the Kerberos Server password is accepted as a proof of identity. Does anybody know where am i wrong? PS: I am using openbsd 4.0 stable.
preveting password authentication through kerberos server login
I would like to prevent password authentication for users that does not have a valid /etc/passwd password entry. It that possible? My current configuration retrieves the kerberos server login password! How could it be done? thanks in advance.
Interpretation:
I would like to prevent password validation through the kerberos KDC, so i setted the KerberosAuthentication to "no". But user supplied passwords are still being validade through kerberos KDC. Is there anything i am forgetting, i.e., a miss interpretation? from sshd_config(5): KerberosAuthentication Specifies whether the password provided by the user for PasswordAuthentication will be validated through the Kerberos KDC. To use this option, the server needs a Kerberos servtab which allows the verification of the KDC's identity. The default is ``no''. Thanks in advance.
Re: i cannot understand GSSAPI/ SSH(openbsd 4.0): i am desperated
Thank you a lot Mr. Corder. You were, simply put, to the point. On 3/13/07, Ryan Corder <[EMAIL PROTECTED]> wrote: On Mon, 2007-03-12 at 18:45 -0300, Gustavo Rios wrote: > All those are disabled! > > The fact that it is accepting a password for a users that have no > password in passwd file when KerberosAuthentication is setted no is > dropping down my hairs. > > Somebody could help me? read VERY closely. 1) in my experience, if you are using a Heimdal or MIT Kerberos service, then OpenSSH use GSSAPIAuthentication and NOT KerberosAuthentication. 2) make sure that in your login.conf that in auth-defaults: auth=passwd and not auth=krb5-or-pwd otherwise PasswordAuthentication will try Kerberos as well before /etc/passwd. 3) just to be absolutely sure, set all of the following to 'no' and then set to 'yes' just the ones you know that you want to turn on... PasswordAuthentication no ChallengeResponseAuthentication no GSSAPIAuthentication no HostbasedAuthentication no KerberosAuthentication no KerberosOrLocalPasswd no PubkeyAuthentication no most likely, what you are looking for, which is the same thing I use is PasswordAuthentication set to 'yes' and GSSAPIAuthentication set to 'yes' and all others set to 'no'. also, combine this with auth=passwd in /etc/login.conf and you get a system where the users are authenticated against Kerberos but denied otherwise unless the explictely have a password set in /etc/passwd. -- Ryan Corder <[EMAIL PROTECTED]> Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Mbufs tunning
Dear gentleman, when i execute some command on my server box, i got a complain about not enough buffer available. For instance. $ rusers rusers: can't send broadcast packet: No buffer space available $ I don't how to perform tunning on mbufs. Rather than simply reasing its limits i wonder which parameters should i choose to guide a tunning effort on this regard. Thank you for your time and cooperation. Best regards.
Re: Mbufs tunning
Thank you a lot! I would like to do it without recompiling the kernel! Is that possible? Thanks in advance. On 3/18/07, Brian A. Seklecki <[EMAIL PROTECTED]> wrote: On Fri, 2007-03-16 at 18:30 -0300, Gustavo Rios wrote: > Dear gentleman, > > when i execute some command on my server box, i got a complain about > not enough buffer available. For instance. > > $ rusers > rusers: can't send broadcast packet: No buffer space available > $ netstat(8) -m gives some variety of historical data from which to base your decision making. ~BAS > > I don't how to perform tunning on mbufs. Rather than simply reasing > its limits i wonder which parameters should i choose to guide a > tunning effort on this regard. > > Thank you for your time and cooperation. > > Best regards.
adjusting mbuf
Dear list members, how could i adjust my mbuf size? Need i to compile a news kernel ?
Re: adjusting mbuf
Ok, Here is my output of netstat: $ netstat -m 331 mbufs in use: 326 mbufs allocated to data 2 mbufs allocated to packet headers 3 mbufs allocated to socket names and addresses 72/152/6144 mbuf clusters in use (current/peak/max) 420 Kbytes allocated to network (53% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines $ But rusers still gives that warning message, as also rup: $ rusers rusers: can't send broadcast packet: No buffer space available $ rup rup: RPC: Unable to send $ How could i fix it? On 3/19/07, Darren Spruell <[EMAIL PROTECTED]> wrote: On 3/19/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > Dear list members, > > how could i adjust my mbuf size? Need i to compile a news kernel ? > kern.maxclusters allows setting new limits for mbufs. This would supposedly go out with the same tuning warnings as usual; you may find you need a very good reason to adjust that, if it should be adjusted at all. Does 'netstat -m' show that you're hitting limits? This advice may apply to your situation as well: http://archives.neohapsis.com/archives/openbsd/2004-07/1783.html DS
strange output on openbsd C code
I am writing a very simple program but the output change for the c
variable value change every time i run it. What would it be my mistake
on the source? Did i forget some thing?
#include
int
main(int argc, char **argv)
{
unsigned long long x, c;
unsigned*p;
x = 1, x+= (unsigned long long)1 << 33 ;
p = (void *)&x;
c = p[0] * p[1];
fprintf(stdout, "x:%llu\n", x);
fprintf(stdout, "0,1:%u,%u\n", p[0], p[1]);
fprintf(stdout, "c:%llu\n", c);
return 0;
}
Re: adjusting mbuf
Here is the output: $ ifconfig -a lo0: flags=8049 mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7 sis0: flags=8843 mtu 1500 lladdr 00:00:24:c7:31:20 media: Ethernet 100baseTX (100baseTX full-duplex) status: active inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 inet6 fe80::200:24ff:fec7:3120%sis0 prefixlen 64 scopeid 0x1 sis1: flags=8843 mtu 1500 lladdr 00:00:24:c7:31:21 media: Ethernet 100baseTX (none) status: no carrier inet 10.0.1.1 netmask 0xff00 broadcast 10.0.1.255 inet6 fe80::200:24ff:fec7:3121%sis1 prefixlen 64 scopeid 0x2 sis2: flags=8843 mtu 1500 lladdr 00:00:24:c7:31:22 media: Ethernet 100baseTX (none) status: no carrier inet 10.0.2.1 netmask 0xff00 broadcast 10.0.2.255 inet6 fe80::200:24ff:fec7:3122%sis2 prefixlen 64 scopeid 0x3 pflog0: flags=141 mtu 33224 pfsync0: flags=0<> mtu 1460 groups: carp enc0: flags=0<> mtu 1536 pppoe0: flags=8851 mtu 1492 dev: sis0 state: session sid: 0xdda5 PADI retries: 0 PADR retries: 0 time: 2d 21:08:21 sppp: phase network authproto pap authname "[EMAIL PROTECTED]" groups: pppoe egress inet6 fe80::200:24ff:fec7:3120%pppoe0 -> prefixlen 64 scopeid 0x8 inet 201.78.27.251 --> 0.0.0.1 netmask 0x $ So, this is! What i am doing wrong ? On 3/19/07, Otto Moerbeek <[EMAIL PROTECTED]> wrote: On Mon, 19 Mar 2007, Gustavo Rios wrote: > Ok, > > Here is my output of netstat: > $ netstat -m > 331 mbufs in use: >326 mbufs allocated to data >2 mbufs allocated to packet headers >3 mbufs allocated to socket names and addresses > 72/152/6144 mbuf clusters in use (current/peak/max) > 420 Kbytes allocated to network (53% in use) > 0 requests for memory denied > 0 requests for memory delayed > 0 calls to protocol drain routines > $ > > But rusers still gives that warning message, as also rup: > $ rusers > rusers: can't send broadcast packet: No buffer space available > $ rup > rup: RPC: Unable to send > $ > > How could i fix it? This is more probably a case of a funky network interface config than a real mbuf shortage. Check your ip's, netmasks and broadcasts addresses. -Otto > > On 3/19/07, Darren Spruell <[EMAIL PROTECTED]> wrote: > > On 3/19/07, Gustavo Rios <[EMAIL PROTECTED]> wrote: > > > Dear list members, > > > > > > how could i adjust my mbuf size? Need i to compile a news kernel ? > > > > > > > kern.maxclusters allows setting new limits for mbufs. > > > > This would supposedly go out with the same tuning warnings as usual; > > you may find you need a very good reason to adjust that, if it should > > be adjusted at all. Does 'netstat -m' show that you're hitting limits? > > > > This advice may apply to your situation as well: > > > > http://archives.neohapsis.com/archives/openbsd/2004-07/1783.html > > > > DS
Re: strange output on openbsd C code
So, why when i printf p[1], it correctly prints 2?
On 3/19/07, Nick ! <[EMAIL PROTECTED]> wrote:
On 3/19/07, Gustavo Rios <[EMAIL PROTECTED]> wrote:
> I am writing a very simple program but the output change for the c
> variable value change every time i run it. What would it be my mistake
> on the source? Did i forget some thing?
>
> #include
>
> int
> main(int argc, char **argv)
> {
> unsigned long long x, c;
> unsigned*p;
^ this is bad. always say your types in full.
>
> x = 1, x+= (unsigned long long)1 << 33 ;
This sets *(&x) to 1, and then sets *(&x) (yes, the same one) to 1+(1<<33)
> p = (void *)&x;
> c = p[0] * p[1];
That is, p[1] == *(&x+1) is never getting set to anything. Thus the
reason the output is always changing is because p[1] is always
pointing at a different, random location in memory that has some
previous value.
Further, p[1] is not your memory, and it's only by chance that you're
not segfaulting.
> fprintf(stdout, "x:%llu\n", x);
> fprintf(stdout, "0,1:%u,%u\n", p[0], p[1]);
> fprintf(stdout, "c:%llu\n", c);
>
> return 0;
> }
>
-Nick
Re: strange output on openbsd C code
No!
p sizeof is 4 bytes, p is the frst byt of &x, and p + 1 is the 4th
byte. Casting is only on attribution of &x to p.
Realize, p[0] evals to 1 and p[1] evals to 2 as it should be. Only
problem relates to p[0] * p[1]. I believe it should (1 * 2), i.e., 2.
Not a random value.
On 3/19/07, Nick ! <[EMAIL PROTECTED]> wrote:
On 3/19/07, Gustavo Rios <[EMAIL PROTECTED]> wrote:
>
> On 3/19/07, Nick ! <[EMAIL PROTECTED]> wrote:
> > On 3/19/07, Gustavo Rios <[EMAIL PROTECTED]> wrote:
> > > I am writing a very simple program but the output change for the c
> > > variable value change every time i run it. What would it be my mistake
> > > on the source? Did i forget some thing?
> > >
> > > #include
> > >
> > > int
> > > main(int argc, char **argv)
> > > {
> > > unsigned long long x, c;
> > > unsigned*p;
> >
> > ^ this is bad. always say your types in full.
> >
> > >
> > > x = 1, x+= (unsigned long long)1 << 33 ;
> >
> > This sets *(&x) to 1, and then sets *(&x) (yes, the same one) to 1+(1<<33)
> >
> > > p = (void *)&x;
> > > c = p[0] * p[1];
> >
> > That is, p[1] == *(&x+1) is never getting set to anything. Thus the
> > reason the output is always changing is because p[1] is always
> > pointing at a different, random location in memory that has some
> > previous value.
> >
> > Further, p[1] is not your memory, and it's only by chance that you're
> > not segfaulting.
> >
> > > fprintf(stdout, "x:%llu\n", x);
> > > fprintf(stdout, "0,1:%u,%u\n", p[0], p[1]);
> > > fprintf(stdout, "c:%llu\n", c);
> > >
> > > return 0;
> > > }
> > >
> So, why when i printf p[1], it correctly prints 2?
Uhm. Hmm. Well, x is a long long which is 8 bytes right? A void (when
doing pointer arithmetic) is taken to only be 1 byte (right?). So p[0]
is the first byte of those 8, and p[1] is the second, and due to
coincidence and twos-complement encoding it happens to show you the
expected numbers. Maybe?
But that doesn't explain why the output is always changing.
Wait, how is * defined on two voids? That shouldn't even compile
(unless it's autocasting to int?).
-Nick
external storage system
Dear gentleman, i would like to know openbsd system administrator with the Dell/EMC CX3-20 storage enginee! Is anybody using such with openbsd server? What is your report on such matter? Thanks in advance. best regards.
NIS: how to fetch input files from another directory than "/etc" (please, i am desperated)
Dear gentleman,
i am trying to get nis to build their maps from files located in
another directory than "/etc".
So, my Makefile (inside /var/yp/`domainname`) has the following lines :
YPDBDIR=/var/yp
DIR=/asd/etc
AMDDIR=/asd/etc/amd
NOPUSH=""
UNSECURE=
USEDNS=-b
So my ideia is to grab as input, passwd and group files from
"/asd/etc"; all others are empty.
My group file inside "/asd/etc" is:
its:*:1000:
asd:*:1001:sioux
dba:*:1002:sioux
wbx:*:1003:
alg:*:1004:sioux
djb:*:1005:
nofiles:*:1006:
qmail:*:1007:
ftp:*:1008:
ord:*:2000:
adc:*:2001:
bod:*:2002:
frn:*:2003:
And my master.passwd is:
sioux:$2a$08$B8PLPgdw18I.TlnZC8RnZezg1Ed8gQL8WU/4rpxdyGdOk/PO/9Ude:1000:1000:mojave:0:0::/home/sioux:/bin/sh
mysql:*:1001:1002:mojave:0:0::/home/mysql:/usr/bin/false
oldap:*:1002:1002:mojave:0:0::/home/oldap:/usr/bin/false
dnscache:*:1003:1005:mojave:0:0::/home/dnscache:/usr/bin/false
dnslog:*:1004:1005:mojave:0:0::/home/dnslog:/usr/bin/false
tinydns:*:1005:1005:mojave:0:0::/home/tinydns:/usr/bin/false
ftp:*:1006:1008:mojave:0:0::/asd/var/ftp:/sbin/nologin
alias:*:1007:1006:mojave:0:0::/var/qmail/alias:/usr/bin/true
qmaild:*:1008:1006:mojave:0:0::/var/qmail:/usr/bin/true
qmaill:*:1009:1006:mojave:0:0::/var/qmail:/usr/bin/true
qmailp:*:1010:1006:mojave:0:0::/var/qmail:/usr/bin/true
qmailq:*:1011:1007:mojave:0:0::/var/qmail:/usr/bin/true
qmailr:*:1012:1007:mojave:0:0::/var/qmail:/usr/bin/true
qmails:*:1013:1007:mojave:0:0::/var/qmail:/usr/bin/true
Then i issued :
# pwd_mkdb -d /asd/etc -s master.passwd
# cd /var/yp/`domainname`
# make
Everything was built ok! But, the problem is the following: I cannot
login as user sioux using the password i setted for it. But if i try
the login as user sioux using a empty password ("") the authentication
procedure passes.
I can't understand what i am doing wrong?
thanks a lot for your time and cooperation.
Best regards.
SMP
Dear friends, i have been having an increasing interest on OpenBSD internals. So, my first movement was to buy some Unix books on OS design like The Design of the 4.4BSD . One thing i would like to know better is about SMP. Up to now i could not figure it out about the algorithm choice and motivation, not i can have a good ideia about how openbsd does behave on an SMP system compared other unices like Solaris/AIX, etc or even pretenders like Linux. Thank you a lot for your time and cooperation.
which package to install?
Hey folks, i would like to install python in my 3.8 box, but when i cd'ed to /usr/ports/lang/python, i saw two directories, once for 2.3 another for 2.4. I would like to install on 2.4, but not both. I could not figure it out how to install only 2.4 the "official" way, since a "make install" the that directory would end up installing them both. Thanks a lot for your time and cooperation. Best regards.
SMP
Dear folks, some time ago, i posted a message asking about SMP support in openbsd. I wondered what was the state-of-art algorithm for massive parallel performance and the one openbsd picked. Sorry, but i turn to this subject again because i don't have that thread of conversation, so please, forgive me if this hurts you. One new question i would like to add to the current thread is about high performance 64 bit clean file system. I know, nowadays OBSD does not support Multi Tera/Peta byte file systems. Is there plan to add support for such file systems? What could it be the trend for openbsd to follows? /all the best.
Re: PF & SMP
I have the same understanding you have Pachl. I believe OpenBSD IP Stack is not multithreaded implemented. A core developer could deny/confirm such belief. /all the best. On 6/30/06, Clint Pachl <[EMAIL PROTECTED]> wrote: Does PF utilize multiple processors? One of my router/firewalls is a dual Pentium Pro 200. It also runs ftp-proxy, but that's it. Would a PII 400MHz be equivalent, better, or worse? Just curious. From what I understand, the network stack is not threaded, thus multiple processors would not be beneficial. - pachl
environment variables: simple question, sorry!
Dear folks, i am trying to get the following line in my /etc/rc.local file: csh -cf '$ASDROOT/thr/svscanboot &' And in my /etc/rc.conf.local i added: ASDROOT=/asd During the system boot, all i get is the ASDROOT variable is undefined. How could it be accomplished? thanks in advance. best regards.
VoIP
Hey folks, have anyone deployed VoIP using exclusively OpenBSD? I would be interested hearing your reports. Thanks a lot for your time and cooperation. Best regards.
Re: VoIP
Performance and reliability. On 7/13/06, Paul de Weerd <[EMAIL PROTECTED]> wrote: On Thu, Jul 13, 2006 at 06:19:57PM -0300, Gustavo Rios wrote: | Hey folks, | | have anyone deployed VoIP using exclusively OpenBSD? I would be | interested hearing your reports. | | Thanks a lot for your time and cooperation. I'm running a PBX with OpenBSD 3.9 and asterisk 1.2.9.1 (port) on a sparc64 (Sun Netra T1 105, 440MHz UltraSparc II). I use hardware SIP clients and a softphone on MacOSX (loudhush). Works perfectly, what is it specifically you'd like to know ? Cheers, Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
OT: Reactive Systems/Event Driven Arch
Dear friends, some time ago, i posted a message concerning event driven software design. I did so, because i am in need to develop server system that needs to scale far than the current one in the market. I was suggest libevent. I tried it. I got very impressed with what i saw. I did not finnished my reearch on such subject. Browsing the web, i saw SDL, from the ITU-T. From the little reading about SDL, i get vrey confident i could benefit from using it. I wonder if some one here have any experience design software with SDL. I would like to hear your experiences. I could keep up with libevent, but what i am really seeking is a design paradigm shift towards reactive design approach. Many things could be done in terms of building a framework for a common denominator in every software like timers, I/O, etc. Once done, i do consider having it released under BSD license. Again, if some here share the same interest, i would like to know.
KerberosV
Hey folks, i have jsut setted keberos for my openbsd 3.8 server. It is working well, but during configuration i could see that some directives stated in krb5.conf(5) was not valid. kdc insisted in complaining on them: /appdefaults/x no valid. For instance, kdc did not accept direcive encrypt in [appdefaults] section, and the man page for krb5.conf(5) states it. I am very confused about all that. Of course, i am running the default installation. Thanks in advance.
Kerberos
Well, here i am again.
I was expecting that the granted ticket always hold the address to
which it is valid. After obtaining a ticket by means of kinit, i got
the following:
$ kinit
[EMAIL PROTECTED]'s Password:
$ klist -v
Credentials cache: FILE:/tmp/krb5cc_1000
Principal: [EMAIL PROTECTED]
Cache version: 4
Server: krbtgt/[EMAIL PROTECTED]
Ticket etype: des3-cbc-sha1, kvno 1
Auth time: Jul 15 23:11:42 2006
End time: Jul 16 03:11:42 2006
Renew till: Aug 14 23:11:42 2006
Ticket flags: renewable, initial
Addresses:
The address information line is empty. I don't understand why!
Here you have my krb5.conf:
[appdefaults]
forwardable = no
proxiable = no
# no-addresses = no
ticket_lifetime = 14400
renew_lifetime = 3600
# encrypt =
# forward =
[libdefaults]
default_realm = SSO.NET
clockskew = 300
kdc_timeout = 4
# v4_name_convert
# v4_instance_resolve
# capath = { }
# default_etypes = arcfour-hmac-md5
# default_etypes_des = des-cbc-crc
default_keytab_name = FILE:/etc/kerberosV/krb5.keytab
dns_lookup_kdc = yes
dns_lookup_realm = no
kdc_timesync = yes
# max_retries = 4
ticket_lifetime = 14400
# renew_lifetime = 3600
forwardable = no
# proxiable = yes
verify_ap_req_nofail = yes
# warn_pwexpire = 86400
# http_proxy =
# dns_proxy =
# extra_addresses =
# time_format =
# date_format =
log_utc = yes
scan_interfaces = no
# fcache_version =
# krb4_get_tickets = no
# fcc-mit-ticketflags = yes
[domain_realm]
.my.domain = SSO.NET
[realms]
SSO.NET = {
kdc = etosha.my.domain
admin_server = etosha.my.domain
kpasswd_server = etosha.my.domain
# krb524_server =
# v4_instance_convert
# v4_name_convert
# default_domain
# tgs_require_subkey
}
#[capaths]
# CLIENT-REALM = {
# SERVER-REALM = hop-realm
# }
[logging]
kadmind = FILE:/var/heimdal/kadmind.log
kdc = STDERR
default = STDERR
[kdc]
database = {
# dbname =
realm = SSO.NET
# mkey_file =
# acl_file =
# log_file =
}
max-request = 1024
# require-preauth = yes
# ports =
addresses = 10.0.0.2
enable-kerberos4 = no
# v4-realm = SSO.NET
enable-524 = no
enable-http = no
enable-kaserver = no
# check-ticket-addresses = yes
# allow-null-ticket-addresses = no
allow-anonymous = no
# enable_as_rep_as_tgs_rep = no
kdc_warn_pwexpire = 86400
# logging =
# use_2b =
[kadmin]
# require-preauth = yes
default_keys = v5
use_v4_salt = no
sh and process management
Hey folks, i am trying to set a process as the session leader of its own. I wrote a simple program that handles that. It is working when i call it from my shell command line: $ sux -s -e -E \ PATH==/home/grios/.bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:/asd/bin:/asd/sbin:/asd/thr=,ASDROOT==/asd= /asd/sbin/algr algr argm But when i write a simple shell script like in : #!/bin/sh sux -s -e -E \ PATH==/home/grios/.bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:/asd/bin:/asd/sbin:/asd/thr=,ASDROOT==/asd= /asd/sbin/algr algr argm The process is not put on its own session as a leader the (setsid) returns no errors. Does anybody have any ideia what the behavior problem i am not seeing ? Thanks in advance.
Two file eadem on the same directory
He folks, i am facing this scenario i could never imagine to be possible (I am serious, ok). Look the entry for file "q". # pwd;ls -li /root total 8 77 -rw-r--r-- 2 root wheel 578 Sep 10 2005 .cshrc 10869 -rw--- 1 root wheel 125 Sep 10 2005 .klogin 10870 -rw-r--r-- 1 root wheel 299 Sep 10 2005 .login 78 -rw-r--r-- 2 root wheel 526 Jul 12 19:55 .profile 10874 lrwxr-xr-x 1 root wheel 21 Jun 5 20:42 cvsup -> /home/grios/bck/cvsup 10792 -rw-r--r-- 1 root wheel0 Jul 16 17:08 q 10799 -rw-r--r-- 1 root wheel0 Jul 16 17:05 q Does anybody here have an ideia about what is going on?
rwhod standard I/O
i am trying to get standard messages for rwhod redirected bu i am not able to do it, does anybody know where the error is? # rwhod -d sendto 10.0.0.255.513 hostname etosha up 0:09 load 0.26, 0.28, 0.15 griosetosha:ttyp0 Jul 16 17:09 griosetosha:ttyp1 Jul 16 17:09 :05 griosetosha:ttyp2 Jul 16 17:09 :06 griosetosha:ttyp3 Jul 16 17:09 host etosha ^C # rwhod -d | less # rwhod -d 2>&1 | less The last two invocation shows nothing! Where did the first output went to? Thanks in advance.
