Re: When will OpenBSD support UTF8?
i wrote a previous e-mail about use of UTF-8 on [EMAIL PROTECTED] if you want to use a UTF-8 on OpenBSD, you can reference patches on some sites. (one is a kevlo's previous citrus patch, other site is a Takehiko NOZAKI 's home) http://web.archive.org/web/20040604124636/www.kevlo.org/patch-src_citrus http://sigsegv.s25.xrea.com/distfiles/citrus/OpenBSD/ thanks - Jung
Re: When will OpenBSD support UTF8?
it's not my patch , it's a Takehiko NOZAKI's patch ;-) http://sigsegv.s25.xrea.com/distfiles/citrus/OpenBSD/ he is a NetBSD's Citrus Developer. thanks - Jung
Re: Can I use citrus for current ?
if you want to use that patch, you need some modification that you can
use the patch for current.
i knew, no public cvs
i think, if you want to use a korean(hangul) on openbsd,
another method for korean, it's some quick ulgy hack ;-)
these lines comment in src/lib/libc/locale/setrunelocale.c
then libc re-compile.
if (strcmp(rl->rl_encoding, _CITRUS_DEFAULT_CTYPE_NAME) != 0) {
_NukeRune(rl);
return EINVAL;
}
these lines remove a comment in src/share/locale/ctype/Makefile
then korean locale install.
#LOCALES += ko_KR.eucKR
# LOCALESRC_ko_KR.eucKR = ko_KR.eucKR
and use a nabi for X
http://marc.info/?l=openbsd-ports&m=115871943726656&w=2
thanks
- Jung
> I found the only citrus patch is 20071008:
> http://sigsegv.s25.xrea.com/distfiles/citrus/OpenBSD/OpenBSD-HEAD-citrus-20071008.tar.bz2
> Can I use the patch for current ? Is there a public cvs ?
> Thanks for some help.
> Dongsheng
Dell PowerEdge 1950 Xeon Quad-Core
Dell PowerEdge 1950 Intel Xeon Quad-Core * 2 it's a work fine. - kernel compile # time make -j16 textdatabss dec hex 6382651 149620 883904 7416175 71296f 1m52.57s real 5m20.07s user 8m51.52s system - dmesg OpenBSD 4.2-current (GENERIC.MP) #1555: Mon Feb 11 19:29:59 MST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3488907264 (3327MB) avail mem = 3373596672 (3217MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xcffbc000 (62 entries) bios0: vendor Dell Inc. version "1.3.7" date 03/26/2007 bios0: Dell Inc. PowerEdge 1950 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR HPET MCFG acpi0: wakeup devices PCI0(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1596.15 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu0: 4MB 64b/line 16-way L2 cache cpu0: apic clock running at 265MHz cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu1: 4MB 64b/line 16-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu2: 4MB 64b/line 16-way L2 cache cpu3 at mainbus0: apid 5 (application processor) cpu3: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu3: 4MB 64b/line 16-way L2 cache cpu4 at mainbus0: apid 2 (application processor) cpu4: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu4: 4MB 64b/line 16-way L2 cache cpu5 at mainbus0: apid 6 (application processor) cpu5: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu5: 4MB 64b/line 16-way L2 cache cpu6 at mainbus0: apid 3 (application processor) cpu6: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu6: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu6: 4MB 64b/line 16-way L2 cache cpu7 at mainbus0: apid 7 (application processor) cpu7: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu7: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu7: 4MB 64b/line 16-way L2 cache ioapic0 at mainbus0 apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 ioapic1 at mainbus0 apid 9 pa 0xfec81000, version 20, 24 pins ioapic1: misconfigured as apic 0, remapped to apid 9 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (PEX2) acpiprt2 at acpi0: bus 6 (UPST) acpiprt3 at acpi0: bus 7 (DWN1) acpiprt4 at acpi0: bus 9 (DWN2) acpiprt5 at acpi0: bus 1 (PEX3) acpiprt6 at acpi0: bus 2 (PE2P) acpiprt7 at acpi0: bus 11 (PEX4) acpiprt8 at acpi0: bus 13 (PEX6) acpiprt9 at acpi0: bus 3 (SBEX) acpiprt10 at acpi0: bus 15 (COMP) acpicpu0 at acpi0 acpicpu1 at acpi0 acpicpu2 at acpi0 acpicpu3 at acpi0 acpicpu4 at acpi0 acpicpu5 at acpi0 acpicpu6 at acpi0 acpicpu7 at acpi0 ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 "Intel 5000X Host" rev 0x12 ppb0 at pci0 dev 2 function 0 "Intel 5000 PCIE" rev 0x12 pci1 at ppb0 bus 5 ppb1 at pci1 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci2 at ppb1 bus 6 ppb2 at pci2 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci3 at ppb2 bus 7 ppb3 at pci3 dev 0 function 0 "ServerWorks PCIE-PCIX" rev 0xc3 pci4 at ppb3 bus 8 bnx0 at pci4 dev 0 function 0 "Broadcom BCM5708" rev 0x12: apic 8 int 16 (irq 5) ppb4 at pci2 dev 1 function 0 "Intel 6321ESB PCIE" rev 0x01 pci5 at ppb4 bus 9 ppb5 at pci1 dev 0 function 3 "Intel 6321ESB PCIE-PCIX" rev 0x01 pci6 at ppb5 bus 10 ppb6 at pci0 dev 3 function 0 "Intel 5000 PCIE" rev 0x12 pci7 at ppb6 bus 1 ppb7 at pci7 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09 pci8 at ppb7 bus 2 mpi0 at pci8 dev 8 function 0 "Symbios Logic SAS1068" rev 0x01: apic 9 int 0 (irq
Re: Dell PowerEdge 1950 Xeon Quad-Core
it's a work fine with 4.3-beta - kernel compile # time make -j8 textdatabss dec hex 6139672 181824 439328 6760824 672978 1m27.80s real 4m15.21s user 6m45.58s system - dmesg OpenBSD 4.3-beta (GENERIC.MP) #1: Fri Feb 22 02:11:55 KST 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3488907264 (3327MB) avail mem = 3373576192 (3217MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xcffbc000 (62 entries) bios0: vendor Dell Inc. version "1.3.7" date 03/26/2007 bios0: Dell Inc. PowerEdge 1950 acpi0 at bios0: rev 2 acpi0: tables DSDT FACP APIC SPCR HPET MCFG acpi0: wakeup devices PCI0(S5) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1596.16 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu0: 4MB 64b/line 16-way L2 cache cpu0: apic clock running at 265MHz cpu1 at mainbus0: apid 4 (application processor) cpu1: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu1: 4MB 64b/line 16-way L2 cache cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu2: 4MB 64b/line 16-way L2 cache cpu3 at mainbus0: apid 5 (application processor) cpu3: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu3: 4MB 64b/line 16-way L2 cache cpu4 at mainbus0: apid 2 (application processor) cpu4: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu4: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu4: 4MB 64b/line 16-way L2 cache cpu5 at mainbus0: apid 6 (application processor) cpu5: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu5: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu5: 4MB 64b/line 16-way L2 cache cpu6 at mainbus0: apid 3 (application processor) cpu6: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu6: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu6: 4MB 64b/line 16-way L2 cache cpu7 at mainbus0: apid 7 (application processor) cpu7: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz, 1595.93 MHz cpu7: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,TM2,CX16,xTPR,NXE,LONG cpu7: 4MB 64b/line 16-way L2 cache ioapic0 at mainbus0 apid 8 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 0, remapped to apid 8 ioapic1 at mainbus0 apid 9 pa 0xfec81000, version 20, 24 pins ioapic1: misconfigured as apic 0, remapped to apid 9 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 5 (PEX2) acpiprt2 at acpi0: bus 6 (UPST) acpiprt3 at acpi0: bus 7 (DWN1) acpiprt4 at acpi0: bus 9 (DWN2) acpiprt5 at acpi0: bus 1 (PEX3) acpiprt6 at acpi0: bus 2 (PE2P) acpiprt7 at acpi0: bus 11 (PEX4) acpiprt8 at acpi0: bus 13 (PEX6) acpiprt9 at acpi0: bus 3 (SBEX) acpiprt10 at acpi0: bus 15 (COMP) acpicpu0 at acpi0 acpicpu1 at acpi0 acpicpu2 at acpi0 acpicpu3 at acpi0 acpicpu4 at acpi0 acpicpu5 at acpi0 acpicpu6 at acpi0 acpicpu7 at acpi0 ipmi at mainbus0 not configured pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 "Intel 5000X Host" rev 0x12 ppb0 at pci0 dev 2 function 0 "Intel 5000 PCIE" rev 0x12 pci1 at ppb0 bus 5 ppb1 at pci1 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci2 at ppb1 bus 6 ppb2 at pci2 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01 pci3 at ppb2 bus 7 ppb3 at pci3 dev 0 function 0 "ServerWorks PCIE-PCIX" rev 0xc3 pci4 at ppb3 bus 8 bnx0 at pci4 dev 0 function 0 "Broadcom BCM5708" rev 0x12: apic 8 int 16 (irq 5) ppb4 at pci2 dev 1 function 0 "Intel 6321ESB PCIE" rev 0x01 pci5 at ppb4 bus 9 ppb5 at pci1 dev 0 function 3 "Intel 6321ESB PCIE-PCIX" rev 0x01 pci6 at ppb5 bus 10 ppb6 at pci0 dev 3 function 0 "Intel 5000 PCIE" rev 0x12 pci7 at ppb6 bus 1 ppb7 at pci7 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09 pci8 at ppb7 bus 2 mpi0 at pci8 dev 8 function 0 "Symbios Logic SAS1068" rev 0x01: apic 9 int 0 (irq 5) scsibus0 at mpi0: 173 targets sd0 at
Re: openbsd 4.0 and utf8
Hello, I just wondering if openbsd 4.0 supports uft8. I googled around and can't find nothing about this. Thanks. OpenBSD 4.0 doesn't support a UTF-8. if you want to use a UTF-8 on OpenBSD, you can reference patches on some sites. (one is a kevlo's previous citrus patch, other site is a some japanese site) http://web.archive.org/web/20040604124636/www.kevlo.org/patch-src_citrus http://sigsegv.s25.xrea.com/distfiles/citrus/OpenBSD/ thanks - Jung
Re: SPARC64-V support
here Sun SPARC Enterprise M9000 's prtconf -pv infomation. http://www.sun.com/bigadmin/hcl/data/systems/prtconf/2541.txt Sun's Sparc Server's information site is the http://www.sun.com/bigadmin/hcl/data/sol/systems/views/sun_systems_sparc.page1.html yet, couldn't find a PRIMEPOWER machines prtconf information. thanks - Jung
Re: Installing openbsd on MacBook air 2014
> On 17. May 2017, at 13:51, flipchan wrote: > > Yeah the amd64 works to install and it boots but it disabled all port > includeing the keyboard: > > I have tried both 6.1 6.0 and 5.9 all same > error: [drm:pid0:intel_uncore_check_errors] eERROR Unclaimed register before > interupt > nvram invalid checksum > uhub0: device problem, disabling port 1,3,5,12 Are you sure that you bootet a amd64 6.1 or 6.0? If I remember correctly, the “nvram invalid checksum” message was removed earlier. Are your EFI/SMC/firmwares up2date (patched via OSX)? Does any other OS boot and work, e.g. can you rule out that the hub is is not broken? I used similar MacBook Air's from various generations all working fine here. > On May 16, 2017 3:49:57 PM GMT+02:00, Stefan Sperling wrote: >> On Tue, May 16, 2017 at 12:22:18PM +, flipchan wrote: >>> Here is the output: >>> >>> >>> first boot didnt work so i searched around and found this blog post >> http://www.sacrideo.us/openbsd-on-macbook/ and i tried typing in the >> mkdir commands i it booted >>> > OpenBSD/i386 BOOT 3.31 >>> boot> >>> boot>mkdir cd-dir >>> boot>cd cd-dir >>> boot>mkdir -p 4.2/i386 >>> boot>mkdir -p etc >>> boot>cp ~/cdboot ~/cdbr ~/bsd.rd 4.2/i386 >>> boot>config -ef 4.2/i386/bsd.rd >> >> These aren't commands for the boot loader. This guide recommends that >> you create a custom ISO image. It's very outdated. I would not rely on >> it. >> >>> Welcome to the OpenBSD/i386 6.1 installation program: >> >> Please try amd64 instead of i386. > > -- > Take Care Sincerely flipchan layerprox dev
Re: (U)EFI install and boot not finding hd0a:/bsd
> On 06 Nov 2015, at 21:39, Sevan / Venture37 wrote: > > It's still not possible to boot miniroot58.fs on a mid-2012 > MacBookAir5,1, the miniroot58.fs I tried is dated 06-Nov-2015 13:24 > from ftp.fr.openbsd.org. > > https://pbs.twimg.com/media/CTJ9GCcUcAAtDvh.jpg Yes, this is a known problem. See https://github.com/yasuoka/openbsd-uefi/issues/2 Try latest install58.fs and boot the uncompressed bsd.rd.
Re: Rspamd with smtpd
> Am 11.11.2015 um 05:44 schrieb Daniel Ouellet : > > Does anyone use this port yet Rspamd. > > I saw Stuart + a few helpers making a port of Rspamd. Only on current > now, so I install current on a server and try to run it. > > But anyone have any clue stick to provide on how to actually plug it > with smtpd? I do not use it, but I guess you can use it in LDA mode with "... deliver to mda rspamc..." in smtpd.conf, as described here https://rspamd.com/doc/integration.html > Looks like Rspamd accept only input via the http standard. > > I have to say google provide me more questions, then answers. > > I thought that may be relay to the rspamd port 11333 where it is > listening at would work, but well, it's not coming back on port 11334 > that appear to definitely listening for http request > > In any case, either ports doesn't do it. > > It appear to be a nice port to use and fast, but well, can't fugue out > how to use it yet... > > # telnet 127.0.0.1 11333 > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > EHLO home.ouellet.biz > Connection closed by foreign host. > > # telnet 127.0.0.1 11334 > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > EHLO home.ouellet.biz > HTTP/1.1 14 (NULL) > Connection: close > Server: rspamd/1.0.9 > Date: Wed, 11 Nov 2015 04:43:20 GMT > Content-Length: 38 > Content-Type: text/plain > > HTTP parser error: invalid HTTP methodConnection closed by foreign host. > > So, how one can or would use this if I would like to try it?
Re: inteldrm(4) display corruption on MacBook
On Sat, Nov 21, 2015 at 04:27:34PM +0100, Mark Kettenis wrote: > Hi Ossi, > > Your digging: > > > I went digging what produces the error > > > > error: [drm:pid0:inteldrm_attach] *ERROR* failed to init modeset > > > > and it looks like in sys/dev/pci/drm/drm_irq.c:1.66 > > > > drm_irq_install() calls > > > > if (drm_dev_to_irq(dev) == 0) > > return -EINVAL; > > > > drm_dev_to_irq(dev) returns 0 and my skills end here to dig this > > further. > > > > these lines in dmesg are my debugging from kernel (and "stacktrace"): > > > > error: [drm:pid0:drm_dev_to_irq] *ERROR* irq == 0 > > error: [drm:pid0:drm_irq_install] *ERROR* oherrala: drm_irq_install: > > drm_dev_to_irq > > error: [drm:pid0:i915_load_modeset_init] *ERROR* oherrala: > > i915_load_modeset_init: drm_irq_install > > error: [drm:pid0:inteldrm_attach] *ERROR* oherrala: i915_drm.c: failed to > > init modeset > > Helped quite a bit. I'm fairly certain the diff I just committed will fix > your problem. This also fixed the 12" Macbook Retina (2015). Thanks!
Re: MacbookPro 11,1
> Am 23.11.2015 um 18:15 schrieb Bryan Vyhmeister : > >> On Mon, Nov 23, 2015 at 09:22:04AM -0500, Bryan C. Everly wrote: >> I tried a few months ago to boot this into OpenBSD and one of the big >> problems I ran into was that this is a USB 3 only machine and as such, the >> keyboard worked at the boot prompt but did not work when I got to the first >> installer prompt. > > I never had any success with any Apple machine of recent vintage until > efiboot became available very recently. Now with the changes to > inteldrm(4) over the weekend, most things are working well for me. > >> I'm seeing people talking about working on Macbook Air machines (some of >> quite recent vintage) so I'm wondering if: >> >> 1. There is a patch I can apply to get keyboard support working on the >> Macbook Pro Retina; or > > I was corresponding with Joerg Jung about his 2015 12-inch Retina > MacBook and he also has the same issue. I also booted up my 2015 12-inch > Retina MacBook yesterday and had no keyboard at all. The problem with the MacBook8,1 is the USB trackpad/keyboard is connected via SPI internally. No SPI driver in OpenBSD. Moreover, the internal SSD is connected via NVMe, also not supported. Also, both seem not really working in any other open source OS yet. See here http://moepi.net/?page_id=213 Interesting is, MacBookPro12,1 seems to use same SPI Trackpad as well, but (ACPI?) behaves differently and seems working using Linux, see here: http://www.spinics.net/lists/linux-acpi/msg61848.html > His solution was a > USB keyboard and a USB hub. I didn't have either handy but may try that > later today. In the case of the 12-inch Retina MacBook, there is only > that single USB-C port so I'm not sure if the USB hub was needed for any > reason other than to provide at least two ports (one for USB flash drive > and one for USB keyboard). No real success here, the USB 3.x hub I tried was passive (likely not enough power) and crashed the machine on attach/detach. >> 2. The Macbook Air doesn't have all USB 3 ports so this isn't a problem >> for that hardware > > The last several generations only show xhci(4) rather than any uhci(4). > I don't know what is different about the MacBook Air systems that allows > the keyboard to work since the keyboard does attach as ukbd(4). > >> Any suggestions would be appreciated. > > My solution was to create an OpenBSD efiboot flash drive and then things > worked fairly well. In your case, you probably need a USB keyboard and > possibly a USB hub. I will post a separate post soon with more > information about both of my MacBook Air systems but, in short, the 2013 > MacBook Air, which is a Haswell system like your MacBook Pro, works > quite well. Obviously wireless is not supported but a urtwn(4) USB > wireless adapter works fine. X acceleration works fine as does > xbacklight(1) to set screen brightness. The brightness buttons on the > keyboard do not work though. Keyboard backlight is functional (although > not yet adjustable) due to Joerg Jung's recent asmc(4) driver. > > The 2015 MacBook Air which is a Broadwell system works almost as well > but does not have X acceleration at this time (disabled for now due to > instability) and also does not respond to xbacklight(1) so there is no > way to adjust screen brightness. To see the state of things in Linux, I > also installed Fedora 23 last week which comes with Linux kernel 4.2 and > that also could not adjust the brightness of the display at all even > though it acted as though it was working. > > I am interested to see what you find with your system since I am looking > to pick up a similar Haswell Retina MacBook Pro from the refurbished > store to use with OpenBSD as well. > > Bryan
Re: MacbookPro 11,1
> Am 26.11.2015 um 00:50 schrieb Bryan Vyhmeister : > >> On Thu, Nov 26, 2015 at 12:02:18AM +0100, Joerg Jung wrote: >> The problem with the MacBook8,1 is the USB trackpad/keyboard is connected >> via SPI internally. No SPI driver in OpenBSD. >> Moreover, the internal SSD is connected via NVMe, also not supported. >> >> Also, both seem not really working in any other open source OS yet. >> See here http://moepi.net/?page_id=213 >> >> Interesting is, MacBookPro12,1 seems to use same SPI Trackpad as well, >> but (ACPI?) behaves differently and seems working using Linux, see here: >> http://www.spinics.net/lists/linux-acpi/msg61848.html > > Perhaps all the "Force Touch" trackpads are SPI connected? > >>> His solution was a >>> USB keyboard and a USB hub. I didn't have either handy but may try that >>> later today. In the case of the 12-inch Retina MacBook, there is only >>> that single USB-C port so I'm not sure if the USB hub was needed for any >>> reason other than to provide at least two ports (one for USB flash drive >>> and one for USB keyboard). >> >> No real success here, the USB 3.x hub I tried was passive (likely not enough power) >> and crashed the machine on attach/detach. > > It sounds like the MacBook8,1 does not work for now then. That's too > bad. I wonder if the MacBookPro11,4 (2015 15-inch with integrated > graphics) also has the same SPI trackpad? I wonder if it also has > storage issues with OpenBSD? > > My goal is to document how well OpenBSD works on all the recent Apple > hardware I can. I'm intending to purchase a MacBookPro11,1 (2014 > 13-inch) which it sounds like from the thread works pretty well. I am > interested to find out if the SD card slot works. > > I'm also hoping to find out more about the storage, SD card, and > trackpad of the MacBookPro11,4 (2015 15-inch with integrated graphics) > and also of the MacBookPro11,2 (2014 15-inch with integrated graphics). > Both of these machines still have Haswell chips (unlike the > MacBookPro12,1). > > The MacBookAir6,1 (2013/2014 11-inch MacBook Air) I have works very well > in all respects but since it's the 11-inch it does not have an SD card > and my MacBookAir7,2 (2015 13-inch MacBook Air) works reasonably well > but lacks X acceleration (due to Broadwell) and the brightness cannot be > adjusted with xbacklight(1). The SD card slot also is not detected in > any way. Can you send a dmesg for this Air7,2 please? > I'm hoping to get some feedback on the SD card slot on the > MacBookAir6,2 if possible as well. > > Bryan
Re: Fwd: CVS: cvs.openbsd.org: src
On Mon, Nov 30, 2015 at 04:48:05PM -0500, Daniel Ouellet wrote: > Even removed the table password? Yes. > NO way anymore to have difference password for emails then the system > password without smtp-extra install? You may want to read table(5) the section about credentials tables. > I can understand may be sqlite and ldap, but as a base system having > different password from the system was and is very useful and I do it on > all systems. Still possible. > Or am I missing something or miss understand the commit? Yes, it looks like you never used table-passwd, that is why it is removed. > Forwarded Message > Subject: CVS: cvs.openbsd.org: src > Date: Mon, 30 Nov 2015 12:54:26 -0700 (MST) > From: Joerg Jung > To: source-chan...@openbsd.org > > CVSROOT: /cvs > Module name: src > Changes by: j...@cvs.openbsd.org2015/11/30 12:54:26 > > Modified files: > usr.sbin/smtpd : Makefile > Removed files: > usr.sbin/smtpd : aldap.c aldap.h ber.c ber.h table_ldap.c >table_passwd.5 table_passwd.c table_sqlite.c > usr.sbin/smtpd/table-ldap: Makefile > usr.sbin/smtpd/table-passwd: Makefile > usr.sbin/smtpd/table-sqlite: Makefile > > Log message: > remove table-passwd, table-sqlite, and table-ldap > about 4k lines seldom used code > > people who rely on this install mail/opensmtpd-extras > > direction discussed (and agreed) with many > > ok gilles
Re: filter-spamassassin
On Sat, Jan 02, 2016 at 07:21:13PM -0600, Edgar Pettijohn wrote: > I finally got around to trying out filter-spamassassin. It appears to work > correctly. However, I was trying to change the default action from accept > to reject. I've tried everything I can think of but continue to get syntax > errors. I assumed something like this would work: > > filter spam spamassassin -s reject You need to quote the args: filter spam spamassassin "-s reject" > listen on egress filter spam > > But it didn't. > > Any help is appreciated. > > Edgar Pettijohn
Re: puppet and cross-platform password hashes
> On 05 Feb 2016, at 08:33, Peter N. M. Hansteen wrote:
>
> I'm assuming I'm not the first to encounter this -
>
> the scenario is a group of admins who have so far run mainly Linux and some
Solaris,
> and who have a fairly well developed Puppet setup for maintaining among
other things
> local users for admins to log in and fix, running sudo as required. For
non-admin role
> users, LDAP (AD) is considered good enough, but that's out of scope here.
>
> The interesting part is when we start introducing OpenBSD machines to the
mix, and
> creating users with the password hashes from Linux or Solaris fails,
apparently because
> the hashes are not bcrypt hashes.
>
> I see two obvious solutions to this. Either
>
> 1) skip password logins, require key logins for all local users (they're
> admins after all), tackle any extra privilege needs via specific sudo or
> doas config, or
>
> 2) maintain a separate set of user definitions with bcrypt hashes for the
OpenBSD
> boxes in the puppet setup. Then supplement as before with sudo or doas
tricks.
>
> My next question is, what other workable options are there? When you found
yourself
> in a similar situation, introducing OpenBSD to an existing environment of
other
> unixes, what did you do? Are there other solutions out there, possibly with
more
> sophisticated approaches than the ones I've mentioned here?
There is: 3) dynamically chose the pass hash string depending on OS.
Last time I used puppet was with 2.x release, so I do not know the exact
syntax,
but something like this should work:
@user {
myuser:
comment => “my user”,
ensure = “present”,
password => case $operatingsystem {
OpenBSD: { “$2b$….” },
RedHat: { “$6$...” },
Solaris: { “...” }
}
}
I do similar in Ansible, setting a dynamic variable “user_hash” to either
“blowfish” or “sha512”
depending on the OS, and the use this variable to choose the right hash string
from an dict,
which looks like this:
users:
root:
blowfish: $2b$...
sha512: $6$…
…referencing it later (in loops), like this:
user: name=root password=users[root][user_hash]
> Good suggestions may merit a beverage of choice (within reason) at the
first
> possible opportunity.
> --
> Peter N. M. Hansteen, member of the first RFC 1149 implementation team
> http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
> "Remember to set the evil bit on all malicious network traffic"
> delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: 6.2-current on a MacBook
> Am 13.01.2018 um 16:35 schrieb Jan Stary : > > What do people use for pasting instead of > the nonexistent and shift-insert? Do you have a key? Try ++ to get insert, works for me on newer models. Similar page scroll up/down can be reached through fn and cursor keys. delete is backspace + fn.
Re: Can't cron sct.
> On 27. Oct 2020, at 16:10, avv. Nicola Dell'Uomo > wrote: > > maybe I'm missing something trivial, but I can't figure out how to cron sct(1) > > My user cron config works and cron log reports sct was executed, but screen > temp doesn't change ... > > Here's my user crontab: > > # $OpenBSD: crontab,v 1.28 2020/04/18 17:22:43 jmc Exp $ > # > # SHELL=/bin/sh > PATH=/bin:/sbin:/usr/bin:/usr/sbin > HOME=/var/log > # > #minute hourmdaymonth wday[flags] command > # > # rotate log files every hour, if necessary > # 3519 * * * touch /home/nicola/sct > > 3519 * * * /usr/local/bin/sct 5000 > > # touch /home/nicola/sct was a test in order to verify I had not > misconfigured crontab. > # cron was tested with SHELL variable defined and then commented out and the > result was the same. FYI, there is a small sctd in the sct package, which probably does exactly what you try to achieve manually here.
Re: who is using obsd
You are wrong with your statement that OpenBSD is not designed for the desktop. We are running several hundred desktop on the enterprise, thin clients and so on ... On Mon, 2013-05-13 at 17:28 -0400, Salim Shaw wrote: > OpenBSD is a server/router/network service OS, it's not designed for > desktops. OpenBSD is the pre-eminent platform for Firewalling, IPsec, IPv6. > Trying to shove OpenBSD onto the desktop is the ultimate case of square > peg/round hole. > > > > On 05/13/2013 05:12 PM, Pau wrote: > > on his/her laptop as *only* OS and uses it daily for scientific work? > > please contact me off list. Thanks > > > > -- Reiner Jung
Re: opensmtpd-extras-[clamav|spamassassin] packages in 6.0
> Am 10.10.2016 um 17:59 schrieb mabi : > > Hi, > > Just noticed that the OpenBSD 6.0 release does not include the opensmtpd-extras-clamav nor the opensmtpd-extras-spamassassin packages. I would like to upgrade my 5.9 OpenBSD mail gateway to 6.0 and was wondering if I can use the old packages from 5.9 with 6.0? No. > Or what is the alternative to these two packages? Various options. One could be to proxy mails through spampd and clamsmtp. Amavisd might also be an option. > Regards, > Mabi
Re: lyrics.html nit.
On Fri, Aug 12, 2016 at 01:14:56PM +, Michal Bozon wrote: > > -With twitchy fingers on flashing keys > > +Twitchy fingers, flashing keys > > > > -always claiming "it was just a prank!" > > +Claiming "it was just a prank!" > > hi, this time (60c), i hear this: > > Money, donate your pay. > Automate with a cron job and we'll be ok. > +Money, donate your pay. > Thoughtful programming versus "just make it fast". > ... > Not donating, it's a crime. > ... Fixed, thanks! > finnally, i would do s/\.$//, to be consistent. > > ps: not guilty, bought at least 0b100 mugs
Re: 3k machines
We are managing several hundred OpenBSD workstations in production. On Tue, 2013-01-01 at 23:28 +0100, Johan Ryberg wrote: > Puppet may useful for that many work stations. > > Are one single company using 3000 OpenBSD work stations? Cool, but I have > never heard anything like this before. > > // Johan > On Jan 1, 2013 11:15 PM, "Friedrich Locke" > wrote: > > > Hi folks, > > > > i am managing some openbsd machines. There are a company, here, in the city > > a live that holds about 3k machines and i not including servers hardware; > > only desktop. > > > > I was wondering: How do you manage such a volume of nodes, i mean, in an > > efficient manner. > > Any experience with that ? > > > > Thanks.
Re: OT: term "hackathon" trademarked in Germany
Hi Peter, it looks like the problem with the usage of "Hackathon is solved". >From their own site: http://www.young-targets.com/free-licences/ # Why? Because we did not first founded the nonprofit organization “Tech_Hub” that will manage the revenue for the free tech scene. We went a different way. We wanted to finance the creation and development of this platform by license fees. We are aware that we have thereby made us vulnerable, because you could assume, that we did this for a different cause. Thats why we will delete the trademark “hackathon”. 10 companies that have been asked to license, have been informed that we take distance from plans to charge royalties. # Regards Reiner CTO M:Tier Ltd. On Tue, 2013-05-07 at 22:49 +0200, Peter N. M. Hansteen wrote: > A bit late to the party, but here's my take on the situation - > > http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html > > - Peter
Pre-orders for 5.8
To celebrate the upcoming 20 years anniversary release of OpenBSD, four (instead of the usual one) songs are contributed and will be included in the release. The song I contributed is being released today: http://www.openbsd.org/lyrics.html#58c By the way, pre-orders for 5.8 CDs and posters were enabled moments ago. Also, please see: http://www.openbsd.org/58.html for more details about what is coming in this release.
Re: OpenSMTPD with filter-spamassassin / max-children
> Am 18.04.2016 um 16:56 schrieb ML mail : > > I have configured OpenSMTPD on OpenBSD 5.9 with the filter-spamassassin as a relay for a few of my webapp servers and have the problem when a webapp suddently sends over 30 mails at the same time. Basically the problem is that as I have configured spamd with 30 as max-children, as soon as I receive 30 mails at the same time OpenSMTPD stops answering because all spamd childs are in busy state. This means that as long as all spamd child are in busy state I can not receive any more mails during that time. So you get what you configured/requested. > So in theory I would just raise the max-children setting of spamassassin but then it just postpones the problem really... so is there maybe another way to deal better with that issue? Not really. If these are your own web servers they will not send spam, right? So considering skip the filtering for them? There is a max-inflight limit in smtpd.conf(5) which you may want to lower (below your 30). Also, the most recent git head of -extras contains a limit option which restricts the messages piped to spamassassin based on their size. The idea is: fewer/smaller mails are checked (fast), assuming that larger ones are rarely spam.
Re: MacBook 9,1 or 8,1
On Wed, Apr 27, 2016 at 09:41:50AM -0400, Bryan Everly wrote: > > Has anyone had success with either of the new 12" Retina MacBooks? My > search of marc.info came up empty. I own a MacBook8,2 and efiboot as well as inteldrm graphics seems to work fine. However, internal nvme(4) ssd is not detected and the SPI connected trackpad/mouse also does not work. The built-in WLAN might never work. A standard USB3 HUB (connected via adapter), I tested was not really working. So you you can either only attach a USB keyboard or disk or wlan card to the single USB-C port, your choice :) Due to this fact I can not provide a copy&paste dmesg. Linux support seems not much better [1]. I have no idea about the 9,x but would like to see a dmesg. Newer MacbookAir might have the same nvme(4) problem. Regards, Joerg [1] https://bugzilla.kernel.org/show_bug.cgi?id=99891
Re: MacBook 9,1 or 8,1
> On 28 Apr 2016, at 09:00, Marcus MERIGHI wrote:
>
> m...@umaxx.net (Joerg Jung), 2016.04.27 (Wed) 21:53 (CEST):
>> On Wed, Apr 27, 2016 at 09:41:50AM -0400, Bryan Everly wrote:
>>>
>>> Has anyone had success with either of the new 12" Retina MacBooks? My
>>> search of marc.info came up empty.
>>
>> I own a MacBook8,2 and efiboot as well as inteldrm graphics seems to
>> work fine. However, internal nvme(4) ssd is not detected and the SPI
>
> Before or after this one?
After of course, with an additional diff to enable it (see below),
but the controller does not work (yet).
> http://marc.info/?l=openbsd-cvs&m=146069961907725
> Log message:
> enable nvme(4)
> ok dlg@
>
> Bye, Marcus
>
>
>> connected trackpad/mouse also does not work. The built-in WLAN might
>> never work. A standard USB3 HUB (connected via adapter), I tested was
>> not really working. So you you can either only attach a USB keyboard or
>> disk or wlan card to the single USB-C port, your choice :)
>>
>> Due to this fact I can not provide a copy&paste dmesg.
>> Linux support seems not much better [1].
>>
>> I have no idea about the 9,x but would like to see a dmesg.
>> Newer MacbookAir might have the same nvme(4) problem.
>>
>> Regards,
>> Joerg
>>
>> [1] https://bugzilla.kernel.org/show_bug.cgi?id=99891
>>
>>
>> !DSPAM:57211a01134006737330760!
Index: sys/dev/pci/nvme_pci.c
===
RCS file: /cvs/src/sys/dev/pci/nvme_pci.c,v
retrieving revision 1.3
diff -u -p -r1.3 nvme_pci.c
--- sys/dev/pci/nvme_pci.c 14 Apr 2016 11:18:32 - 1.3
+++ sys/dev/pci/nvme_pci.c 20 Apr 2016 22:10:22 -
@@ -70,6 +70,10 @@ nvme_pci_match(struct device *parent, vo
PCI_INTERFACE(pa->pa_class) == NVME_PCI_INTERFACE)
return (1);
+ if (PCI_VENDOR(pa->pa_id) == PCI_VENDOR_APPLE &&
+ PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_APPLE_NVME)
+ return (1);
+
return (0);
}
Index: sys/dev/pci/pcidevs
===
RCS file: /cvs/src/sys/dev/pci/pcidevs,v
retrieving revision 1.1792
diff -u -p -r1.1792 pcidevs
--- sys/dev/pci/pcidevs 8 Apr 2016 09:59:47 - 1.1792
+++ sys/dev/pci/pcidevs 20 Apr 2016 22:10:22 -
@@ -923,6 +923,7 @@ product APPLE INTREPID2_ATA 0x0069 Intre
product APPLE INTREPID2_FW 0x006a Intrepid 2 FireWire
product APPLE INTREPID2_GMAC0x006b Intrepid 2 GMAC
product APPLE BCM5701 0x1645 BCM5701
+product APPLE NVME 0x2001 NVM Express Controller
/* Aralion products */
product ARALION ARS106S 0x0301 ARS106S
Index: sys/dev/pci/pcidevs.h
===
RCS file: /cvs/src/sys/dev/pci/pcidevs.h,v
retrieving revision 1.1786
diff -u -p -r1.1786 pcidevs.h
--- sys/dev/pci/pcidevs.h 8 Apr 2016 10:00:24 - 1.1786
+++ sys/dev/pci/pcidevs.h 20 Apr 2016 22:10:22 -
@@ -928,6 +928,7 @@
#define PCI_PRODUCT_APPLE_INTREPID2_FW 0x006a /* Intrepid 2 FireWire
*/
#define PCI_PRODUCT_APPLE_INTREPID2_GMAC0x006b /* Intrepid 2
GMAC */
#define PCI_PRODUCT_APPLE_BCM5701 0x1645 /* BCM5701 */
+#definePCI_PRODUCT_APPLE_NVME 0x2001 /* NVM Express
Controller */
/* Aralion products */
#define PCI_PRODUCT_ARALION_ARS106S 0x0301 /* ARS106S */
Index: sys/dev/pci/pcidevs_data.h
===
RCS file: /cvs/src/sys/dev/pci/pcidevs_data.h,v
retrieving revision 1.1781
diff -u -p -r1.1781 pcidevs_data.h
--- sys/dev/pci/pcidevs_data.h 8 Apr 2016 10:00:24 - 1.1781
+++ sys/dev/pci/pcidevs_data.h 20 Apr 2016 22:10:23 -
@@ -2024,6 +2024,10 @@ static const struct pci_known_product pc
"BCM5701",
},
{
+ PCI_VENDOR_APPLE, PCI_PRODUCT_APPLE_NVME,
+ "NVM Express Controller",
+ },
+ {
PCI_VENDOR_ARALION, PCI_PRODUCT_ARALION_ARS106S,
"ARS106S",
},
Re: httpd - POST request size problem
> On 29 Apr 2016, at 15:29, Romain wrote: > > Dear All, > > I use OpenBSD 5.8, and the httpd & php & sqlite3 which are provided with. > ($ uname -a => OpenBSD xx.my.domain 5.8 GENERIC#1170 amd64) > > I have a problem with the length of a POST request with seems to be limited to 6588 (more or less) characters. > (I use a simple html form with a hidden input which has many characters.) > > I tried with lighttpd + php + sqlite3 and it works without this problem. > > I tried to add this line to httpd.conf: > connection max request body 8388608 Can you show your whole httpd.conf please? Are you using a subdomain like foo.example.com? There is a known bug were this directive needs to be added earlier on the main domain to be applied/passed through to the subdomain. > And then I restarted httpd. > But it did not solve to the problem. > > And now I do not know what to do. > > Thanks for your help. > > Best, > Romain
Re: httpd apex->www redirect issues
> Am 05.05.2016 um 20:50 schrieb alex :
>
> Hi all,
>
> I'm trying to set up httpd to do an apex->www redirect, and it works except
for the fact that other subdomains also get redirected. It seems as if 'server
"pnnk.org"' matches any subdomain.
Which OpenBSD version?
> DNS:
> pnnk.org. A 192.30.33.33
> phoenix A 192.30.33.33
> mail A 192.30.33.33
> www CNAME phoenix
> pnnk.org. MXmail
>
> $ cat /etc/httpd.conf
> server "pnnk.org" {
>listen on * port 80
>listen on :: port 80
>block return 301 "http://www.pnnk.org";
> }
>
> server "www.pnnk.org" {
>listen on * port 80
>listen on :: port 80
> }
>
> Here's an example of the problem. I expected this to fail, not redirect:
>
> $ telnet mail.pnnk.org 80
> Trying 192.30.33.33...
> Connected to mail.pnnk.org.
> Escape character is '^]'.
> GET / HTTP/1.1
> Host: mail.pnnk.org
>
> HTTP/1.0 301 Moved Permanently
> Date: Thu, 05 May 2016 13:21:19 GMT
> Server: OpenBSD httpd
> Connection: close
> Content-Type: text/html
> Content-Length: 374
> Location: http://www.pnnk.org
>
>
>
>
> 301 Moved Permanently
>
>
>
> 301 Moved Permanently
>
> OpenBSD httpd
>
>
> Connection closed by foreign host.
>
> Is there something I can do to get the behavior I expect?
>
> Thanks,
> Alex
>
> p.s. I apologize if my message shows up more than once, I had an issue with
my mail setup but I think it's fixed now.
Re: bioctl: unable to read passphrase
> Am 13.05.2016 um 21:56 schrieb Ted Unangst : > > Theo Buehler wrote: >>> On Fri, May 13, 2016 at 07:28:51PM +0200, Leo Unglaub wrote: >>> Hey friends, >>> i have two identical ssd drives in my laptop. sd0 and sd1. I created a Raid >>> 1 (mirroring) on them resulting in sd3. I used the following command: >>> bioctl -c 1 -l sd0a,sd1a softraid0 >>> >>> >>> On the resulting disk i created sd3b with 2 GB Swap and sd3a with 100GB with >>> a type RAID. >>> >>> Now i want to put a crypto layer (Cryptoraid) on the resulting sd3a. I >>> wanted to use the following command: >>> bioctl -c C -l sd3a softraid0 >>> >>> But i get the following error message: bioctl: unable to read passphrase. >>> >>> Do you have any ideas why this is happening? >> >> I think this is due to the fact that nested disciplines are not (yet?) >> supported. See stsp@'s notes on softraid: >> https://www.openbsd.org/papers/eurobsdcon2015-softraid-boot.pdf >> page 5 where it says: >> >>Disciplines cannot be nested yet! >>So no CRYPTO on top of RAID 1, for instance > > that will cause problems later Which problems? This should really be mentioned in softraid(4) CAVEATS section then, no? Personally, I'm running CRYPTO on top of a large RAID1 for years without any problems.
Re: letsencrypt redux
> Am 15.05.2016 um 18:56 schrieb Kristaps Dzonsons : > > A few days ago, there was a thread regarding letsencrypt clients and > their, um, cavalier approach to security. Since I like my free certs > and I like automation, and I also like not worrying about being owned, I > reckoned I could do better than mystery-meat clients. > > https://github.com/kristapsdz/letskencrypt > > This isolates the steps of refreshing a certificate into isolated > processes, each of which is priv-dropped, chrooted, pledged, etc. The > manpage says it all: > > https://github.com/kristapsdz/letskencrypt/blob/master/letskencrypt.1 > > It's obviously brand-new, but it works and I thought I'd see if > anybody's interested in looking over the libcrypto bits--if not the > approach in general. The stuff that has manpages I think I get, but > there's some (e.g., X509v3 extension handling, properly seeding RAND, > calling _free if the ptr is NULL, memory management, ...) that's > undocumented and is just shot in the dark. Moreover, the answers > offered on OpenSSL mailing lists seem... questionable. > > It's designed to run on OpenBSD but works crappily on Mac OS X and > Linux. Crappily because both are hostile to good security practises. > I'm not going to put any extra effort into these for compatibility. I think you already added a lot of compatibility goo. Might have been better if you started with a clean OpenBSD only client. > (Side note: this requires the patch to json-c posted 09/05/2015 to the > ports list. Or is there a better json parser in C?) This one looks promising: http://zserge.bitbucket.org/jsmn.html > Thoughts? Letsencrypt experts? > > Best, > > Kristaps
Re: Fifteen questions
> Am 11.06.2016 um 11:42 schrieb "danston...@yahoo.com.hk" : > > Hi guys! > > I am currently thinking of buying a new MacBook Air and setting up a dual-boot OpenBSD + MacOSX. Reading the mailing-list, I understood that OpenBSD is mostly working well on Mac hardware, but I still have some questions: > a. I read that the wifi is not working, so I will have to buy a wifi usb stick. >Which one is the best working with OpenBSD? Driver man pages contain suggestions. http://man.openbsd.org/?query=wireless&apropos=1&sec=0&arch=default&manpath=O penBSD-current I use run and urtwn devices. > b. Would it be possible to write a driver for the wifi? Yes, but very, very hard. >If I want to write one, where should I look at? Probably, the existing Linux one might be a start. > c. Some people reported that the SSD drive was working, others reported the opposite. >I really would like to use a SSD drive instead of a standard hard drive. (I am the kind of guy who drops his laptop…) >Is there a way to determine if the SSD drive gonna work or not? (I mean, before buying the MacBook Air.) I'm not aware of any Air where the SSD is not working and I own(ed) and tested various older to new(est) models. However, for recent MacBooks (not Air, not Pro) the NVMe connected SSD is not working. > d. Just to be sure: hibernate/ZZZ can be used over a softraid-crypto disk, huh? Never tried myself, but I expect it to work. > e. Some time ago, I read that RAID & encryption cannot be used altogether - Is it still true? No. AFAIK, the vnd related issues seems to be fixed in -current. >I am interested in privacy and reliability. So I am thinking of combining a mirroring discipline and an encrypting discipline: a RAID 1 system, and each disk of the RAID 1 would contains the same encrypted data. Can I do that? Yes, but expect slow disk throughputs, due to encryption. Btw. how did you plan to add the second disk into the Air? > f. In a RAID 1 system with three disks, what happened if one read byte is not the same on all the disks? Three disks in the Air? > g. Is it possible to set up a RAID 1 system on a single physical drive? > (The physical drive would be split in two equal parts, and the second part would be a copy of the first part.) Makes no sense. If disk dies, both parts are gone. Just setup a proper backup instead. >When I read > https://www.openbsd.org/faq/faq14.html#softraid > http://man.openbsd.org/OpenBSD-current/man4/softraid.4 >it does not seem possible. > h. For softraid-crypto, are there multiple encrypting algorithms provided? Is it possible to choose? >I mean something like "ssh -c cipher_spec". AFAIK, no. However, you may want to check bioctl man page and -r argument. > i. As RAID is good but not enough, I think of using rsnapshot for backing up data (to a remote server). >But dump(8) seems good too - Is there any cases in which dump(8) should be used instead of rsnapshot? Both can be used to achieve different goals, so it depends on the use case. > j. Just to be sure: Would it make sense to back up encrypted data? Or is there no other choice but to decrypt, back up, and then encrypt the backed up data? Depends on how you encrypted the data. > k. Between the i386 and amd64 arch, which one would make more sense to use? As far as I am concerned, I am interested in reliability and simple-ness (not interested in speed nor coffee-and-toasts-making-features). On the Air: amd64. > l. I understood that signify(1) only signs a file - It cannot encrypt it. To encrypt a file, a software like gnupg should be used, right? >Does OpenBSD come up with any in-house software to encrypt a file? Or do I have to use gnupg? > m. Is it possible to encrypt a disk image file? Replacing 'sd' by 'vnd' in the document > http://man.openbsd.org/OpenBSD-current/man4/softraid.4 >should do it, right? > n. In reading > https://www.openbsd.org/faq/faq14.html#MountImage >it seems like that mounting a disk image file needs to be root, true? Is there a way so that a user could mount a disk image? > o. Finally, I am thinking of resizing a disk image file. I understood that it can done in using disklabel(8), then growfs(8), finally fsck(8) - That's it? Any comments that I should be aware of? > > Thanks a lot for your help. > > Romain
Re: [Q] Thinkpad x230, softraid crypto and ZZZ
> On 03 Jul 2016, at 20:30, Mike Larkin wrote: > > On Sun, Jul 03, 2016 at 01:40:39PM -0400, Bryan Everly wrote: >> Hi, >> >> I have suspend to RAM working just fine on this system but when I try to >> suspend to disk (ZZZ) it just hangs the system (I thought it might just >> be slow so I let it run for 2 hours and it never completed). Some data >> points: >> >> 1. I encrypt my boot drive (sd0) with softraid >> >> 2. My /etc/fstab points to a swap partition outside of the softraid >> volume and is 2x my RAM size >> > > from your dmesg below: >> root on sd2a (71b4bf84dbfc9f74.a) swap on sd2b dump on sd2b > > That's where we take the swap location from. And that's your sr crypto > device according to the dmesg. Is this large enough? > > Try putting swap inside the sr crypto volume and it should be fine. > Don't try to use some strange mix of half-crypto and half-not. (why > someone would go to the effort of encrypting everything *except* swap > leaves me scratching my head). If I remember correctly, swap is encrypted by default anyway. > Note - you have just about the exact same machine as I do, where > ZZZ was developed. I also have sr crypto in use and 16GB. As a matter of > fact, the x230 in configs like yours probably received the most testing > of any machine out there as that's what most developers had during the > timeframe ZZZ was being shaken out. > > Generally, when ZZZing, an x230 with 16GB writes out about 600-800MB > when doing general purpose stuff like browsing, compiling, etc. Strictly for > ZZZ, you don't need 2X RAM size. Just 1X RAM size is "enough" as if we can't fit > the hibernated image into a size 1X the size of your RAM, you're hooped > anyway. This will still take a few minutes as the I/O routines used by > ZZZ are not optimal, but you should see the disk activity light (faintly, > as you are using SSDs). > > If you still can't get it working, you'll need to do some surgery to > see what's failing. You'll need to disable X and inteldrm temporarily, > and remove the call to wsdisplay_suspend around line 2370 in > sys/dev/acpi/acpi.c to leave the screen on while ZZZing. Then, initiate > a ZZZ from the text console and see what's going on. Maybe a panic. If you do > this test, remember that the suspending and resuming kernels must match (eg, > if you ZZZ after booting "/bsd.test", make sure you boot "/bsd.test" again > after powering back up or it will discard the hibernated image). > > -ml > >> 3. I am running apmd with the -A flag >> >> 4. I have 16gb of RAM on the machine >> >> Thanks in advance for any help. Some relevant information below: >> >> $ cat /etc/fstab >> >> 71b4bf84dbfc9f74.a / ffs rw,softdep,noatime 1 1 >> 71b4bf84dbfc9f74.g /home ffs rw,softdep,noatime,nodev,nosuid 1 2 >> 71b4bf84dbfc9f74.d /tmp ffs rw,softdep,noatime,nodev,nosuid 1 2 >> 71b4bf84dbfc9f74.f /usr ffs rw,softdep,noatime,nodev,wxallowed 1 2 >> 71b4bf84dbfc9f74.e /var ffs rw,softdep,noatime,nodev,nosuid 1 2 >> /dev/sd0b none swap sw 0 0 >> >> $ doas disklabel -p g sd0 >> # /dev/rsd0c: >> type: SCSI >> disk: SCSI disk >> label: Samsung SSD 850 >> duid: 25c676a513f5cd3d >> flags: >> bytes/sector: 512 >> sectors/track: 63 >> tracks/cylinder: 255 >> sectors/cylinder: 16065 >> cylinders: 121601 >> total sectors: 1953525168 # total bytes: 931.5G >> boundstart: 64 >> boundend: 1953520065 >> drivedata: 0 >> >> 16 partitions: >> #size offset fstype [fsize bsize cpg] >> a: 899.5G 67119570RAID >> b:32.0G 64swap # none >> c: 931.5G0 unused >> >> $ doas disklabel -p g sd2 >> # /dev/rsd2c: >> type: SCSI >> disk: SCSI disk >> label: SR CRYPTO >> duid: 71b4bf84dbfc9f74 >> flags: >> bytes/sector: 512 >> sectors/track: 63 >> tracks/cylinder: 255 >> sectors/cylinder: 16065 >> cylinders: 117422 >> total sectors: 1886399967 # total bytes: 899.5G >> boundstart: 64 >> boundend: 1886384430 >> drivedata: 0 >> >> 16 partitions: >> #size offset fstype [fsize bsize cpg] >> a: 1.0G 64 4.2BSD 2048 163841 # / >> c: 899.5G0 unused >> d: 4.0G 35904832 4.2BSD 2048 163841 # /tmp >> e:35.7G 44293408 4.2BSD 2048 163841 # /var >> f: 400.0G119248640 4.2BSD 4096 327681 # /usr >> g: 442.6G958100480 4.2BSD 4096 327681 # /home >> >> $ cat /etc/rc.conf.local >> apmd_flags=-A >> hotplugd_flags= >> httpd_flags= >> pkg_scripts=postgresql nagios php56_fpm slim >> postgresql_flags=-D /var/postgresql/data >> slowcgi_flags="" >> >> $ swapctl -l >> Device 512-blocks UsedAvail Capacity Priority >> /dev/sd0b 671195060 67119506 0%0 >> >> dmesg attached as dmesg.txt >> OpenBSD 6.0-beta (GENERIC.MP) #2: Sun Jul 3 10:17:41 EDT 2016 >> bceve...@bcebsd.theeverlys.com:/usr/src/sys/arch/amd64/co
Re: LibreSSL 2.1.1 released.
On Fri, 2014-10-17 at 16:52 -0400, Ian Grant wrote: > On Thu, Oct 16, 2014 at 9:15 AM, Bob Beck wrote: > > We have released LibreSSL 2.1.1- which should be arriving in the > > LIbreSSL directory of an OpenBSD mirror near you very soon. > > If I clone the GitHub repo from Bolivia, do I have to cut my eyeballs > out or stand guilty of re-exporting munitions from the USA? > > Ian > >From US point of view, when you download a software from a server located in the US, it is a export.
Re: IPv6 and OpenBSD
Am 18.02.2014 um 20:46 schrieb Vigdis : > I recently set up IPv6 on my computers, and now I have some questions : > > 1) Why is there a difference with the -I option whether it is ping or > ping6? (ping -I wants an ifaddr and ping6 -I an interface name) AFAIK this is because of IPv6 scoped addresses With link-local addresses, the kernel does not know which interface to use, so you need to specify. > 2) From man resolv.conf: "By default IPv4 addresses are queried first, > and then IPv6 addresses." Why this choice ? According to > [1], this policy is since 4.6, so were IPv6 queried first before? Commit message says: "Add a resolv.conf option to specify the order in which getaddrinfo PF_UNSPEC queries are made. While there change the default from inet6 first then inet4 to inet4 first then inet6, this prevents the many people with IPv4 only connectivity from constantly trying to contact IPv6 addresses, and also unbreaks many ports who don't use getaddrinfo right. [...]" > 3) I saw that jung@ worked during b2k13 to make spamd IPv6 capable [2], > any chance that it will be IPv6 capable in 5.5? Nope. Not yet ready. Regards, Joerg
Re: BSD thin client
In the next 2 weeks, a free NX client will be released which is runs on OpenBSD without Linux emulation. All closed source parts from Nomachine client are rewritten. As there are some parts from original Nomachine client was used, it will be released under the GPL Am Samstag, den 27.01.2007, 10:26 -0700 schrieb Josh Tolley: > On 1/27/07, Joachim Schipper <[EMAIL PROTECTED]> wrote: > > Without details, that's about the best I can do. Some things which may > > or may not be useful to you: > > siteXYtools > > some form of binary patching > > freeNX, some VNC, or just plain X-over-the-network; or rdesktop, > > if you use Windows servers > > Along these lines, is there an NX client that works on OpenBSD? I've > played (only briefly) with the only one I've found available, namely > the linux client downloadable from nomachine.com. It starts up under > linux compatibility, but complains that it can't set TCP_NODELAY. I > didn't have the smarts or time to dig further than that. Anyone else? > > -Josh
Re: US Export of Cryptography
Hi, the export regulations from the US government are very strict when there is any crypto code developed in the US. Developed in the US is = developed from a developer when he stay in the US, when he work for a US company (also abroad), when he have a green-card or when he is US citizen and write the code as example in Europe. The EAR divide between restricted countries and highly restricted countries and when there is any crypto code US origin, you fall under the export restrictions from the EAR. As example you can use OpenSSL, developed mostly outside from the US, but a few patches contributed from US developers. The US developers need to send a TSU notification for every patch. When you want export OpenSSL to a country which is restricted from US export you need to go also for Open Source Software trough all the bureaucracy to export the OpenSSL package. There are a lot of countries which are under the radar from the EAR, not only the T5. At the moment the OpenBSD core system is not controlled by the EAR so long you don't download it from a US server. As a private person it is not a problem, but when a company want use OpenBSD and there is US crypto in, the thing will become very complicated and OpenBSD will be automatically restricted. At the moment OpenBSD is the only modern Operation system which is in the core free from export restrictions.
Re: Fwd: US Export of Cryptography
Mark Reitblatt wrote: (Sorry, forgot to reply-to-all) On 5/19/07, Reiner Jung <[EMAIL PROTECTED]> wrote: Hi, the export regulations from the US government are very strict when there is any crypto code developed in the US. Developed in the US is = developed from a developer when he stay in the US, when he work for a US company (also abroad), when he have a green-card or when he is US citizen and write the code as example in Europe. They also don't apply once the code is released publicly. At that point, both the code AND the object code are exempt. As pointed out in the above sections. This is not true from the point of view of the EAR or the US government. This rule is true for countries like from the European Union or Canada where public available code is at the moment free from export restrictions. The EAR divide between restricted countries and highly restricted countries and when there is any crypto code US origin, you fall under the export restrictions from the EAR. As example you can use OpenSSL, developed mostly outside from the US, but a few patches contributed from US developers. The US developers need to send a TSU notification for every patch. Right. Which places a one time burden upon the US contributors, NOT on the project as a whole. It will affect the core OpenBSD system latest when someone want export OpenBSD. A export is general when you will deliever a OpenBSD based solution to a customer. When you want export OpenSSL to a country which is restricted from US export you need to go also for Open Source Software trough all the bureaucracy to export the OpenSSL package. If you exporting FROM the US, this might be the case. But that would be so whether or not there were US contributions. As OpenBSD doesn't export from the US, this is a non-starter. Here we go: There is the rule of re-export which is the case when you export the code origin developed in the US from a other country. You should have also a look at the Waasenar export controls as example There are a lot of countries which are under the radar from the EAR, not only the T5. At the moment the OpenBSD core system is not controlled by the EAR so long you don't download it from a US server. And that doesn't change w/ US contributions. Once the code has been made publicly available, it is exempt from licensing and export restrictions. It is NO LONGER UNDER US CONTROL. Just as if it had originated outside of the US. This is the entire point of section 740.13 e, which I point out above. This is not true. Otherwise companies don't have such a trouble to go for a de-minimis or to become the export permission to export software (Open Source) which includes US crypto. Read the export restriction very careful and you will see that US crypto can be only exported from the US WITHOUT any restrictions to Canada. As a private person it is not a problem, but when a company want use OpenBSD and there is US crypto in, the thing will become very complicated and OpenBSD will be automatically restricted. No, it will not. I see nothing in the regulations/laws that makes this so. Once the code is public, it is unrestricted, so long as it is not knowingly exported FROM the US to a restricted country. This is a restriction which exists regardless of US contributions. This would not affect the status quo wrt exportability or US jurisdiction. At the moment OpenBSD is the only modern Operation system which is in the core free from export restrictions. And this would not change that. There seem to be some strong misconceptions about US export restrictions/jurisdictions. I am OFFERING to do extensive research and create a document that will explain in detail what exactly is involved/the possible repercussions (if any) therein. I am NOT asking for the policy to be changed here and now. All I ask is that I receive reassurances that policy change wrt US contributions be considered should reasonable restrictions apply. Namely, that OpenBSD not be tainted/brought under US export restrictions by accepting such contributions, that any extra burden be placed solely upon US contributors, and the status quo for those not contributing code from inside the US remain. You don't need to research. I work for a international company as a IT Architect and we study WITH lawyers the US export restrictions since more then one year. I can tell you that public available code is not free from US export restrictions. When you want, contact Red Hat or Novell and ask them how compliant their operation system is when we speak about US export controls for high crypto ;-)
Re: That whole "Linux stealing our code" thing
Gents, the driver was developed from Reyk in Germany. Reyk add a license to his code. So the question will be, what is the Europen/German law here. Maybe the OpenBSD project/Reyk should solve the problem in the same way as the gpl-violations.org initiative do it. Let the court decide. Will be happy to donate some money to force a decision at court. Reiner
Re: The Atheros story in much fewer words
Rui, as you are not a lawyer, you should stop to interpret any law, copyright questions or give any legal advice from your own interpretation. This will give a wrong assumption to the story. When there is a statement needed, please let talk the legals and until they give advise, you should stop your own legal advice. Maybe you don't notice it, but a wrong advice can people bring in trouble. Regards Reiner On Thu, 13 Sep 2007 22:25:44 +0100, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: >> | While it may be seen as distateful to make modifications to > BSD-licensed >> | code, and place those modifications under the GPL or a similar "share >> | alike" license, based upon what I understand of copyright law, it's >> | perfectly legal. Even though BSD-style licenses are compatible with > the >> | GPL, there are perfectly acceptable social goals achieved only by >> | releasing under the GPL or a similar license. >> >> I'd say that it goes against the GPL. Yes, the GPL, not the BSD >> license (or the ISC license), GPL. Theo already quoted the relevant >> bits, but I'll quote them again : >> >> For example, if you distribute copies of such a program, whether >> gratis or for a fee, you must give the recipients all the rights > that >> you have. You must make sure that they, too, receive or can get the >> source code. And you must show them these terms so they know their >> rights. > > 1. that's in the preamble, which establishes the spirit > 2. 4 paragraphs below you read: > > The precise terms and conditions for copying, distribution and > modification follow. > > 3. later on you learn the "precise term" which is "under the terms of this >License" > > So no, you're wrong. Don't bother defending your point of view, it's a > waste > of time to both of us, more to you who will write it. :) > > Rui > > -- > P'tang! > Today is Sweetmorn, the 37th day of Bureaucracy in the YOLD 3173 > + No matter how much you do, you never do enough -- unknown > + Whatever you do will be insignificant, > | but it is very important that you do it -- Gandhi > + So let's do it...?
Re: The Atheros story in much fewer words
Rui, what have this to do with Microsoft? I assume nothing. Don't let us mix up this topic. The question here is not Microsoft again OpenBSD, Linux or ..., the point is that here nobody should give any interpretation without licensed to practice law. So let the specialist decide on the topic. As I assume you are not aware of the law in Europe and maybe not the law in Portugal, please stop to discuss until we have the facts. Everything else will end in nowhere. When you are able to show any court decision about this topic, which can prove the facts, it will be fine. Otherwise let us wait for the facts. When you not notice, the hole "license" issue help not the Open Source community, it support the closed source vendors to argue again OSS. When this is your target, then continue. Have a nice evening. Regards Reiner On Thu, 13 Sep 2007 23:58:43 +0100, Rui Miguel Silva Seabra <[EMAIL PROTECTED]> wrote: > On Fri, Sep 14, 2007 at 12:50:31AM +0200, Reiner Jung wrote: >> as you are not a lawyer, you should stop to interpret any law, copyright >> questions or give any legal advice from your own interpretation. > > Go see if I'm employed by Microsoft, will you? > > It's in every citizen's duty to know about the law. Lawyers are merely > experts who deal with it for a living. > >> This will >> give a wrong assumption to the story. When there is a statement needed, >> please let talk the legals and until they give advise, you should stop > your >> own legal advice. >> >> Maybe you don't notice it, but a wrong advice can people bring in > trouble. > > Which is why on such absurd statements, like the one I corrected, I find > it > is a duty to clarify. > > Regards, > Rui > > -- > Or not. > Today is Sweetmorn, the 37th day of Bureaucracy in the YOLD 3173 > + No matter how much you do, you never do enough -- unknown > + Whatever you do will be insignificant, > | but it is very important that you do it -- Gandhi > + So let's do it...? -- Regards Reiner Jung Open Source Community and Business Consultant The-Ganghttp://www.the-gang.net/ Email [EMAIL PROTECTED] Jabber [EMAIL PROTECTED] IRC[EMAIL PROTECTED] [EMAIL PROTECTED] The Community Company
