Re: Recommendation for Beowulf/Apache Setup
Hi Vivek- On Thu, May 07, 2009 at 09:36:17AM -0700, Vivek Ayer wrote: > 1 OpenBSD Router running 4.5 routing to a subnet of 13 nodes running > FreeBSD 7.2. Of the 13 nodes, 1 node is a master mysql server and the > 12 nodes will run apache running LAMP-like services. The router will > round-robin using hoststated for load-balancing. There are some FreeBSD clusters out there (NCSA has one, IIRC), but they're certainly not as common as Linux. If your users can run on FreeBSD, you might as well use it. If their code is all Linuxy (and lots of cluster and -- even more so -- grid code make silly assumptions like that), you should give them a platform that they can easily use. > However, they will serve an additional task: The master mysql server > will be head node for MPI jobs delivered to the 12 nodes. Basically, > this setup will double up as a beowulf and web server. Is this > efficient? I imagine the MPI jobs won't be running all the time and > while they're up, might as well do something. This might work. But you're setting yourself up for contention and degraded service to at least one set of users. Do the people who care about perfomance of your LAMP stack mind waiting a bit while MPI jobs chew memory and network bandwidth? Do your MPI users mind if their jobs take longer to complete while your LAMP stuff is getting pounded? With regard to MPI, what sort of interconnects will your execute nodes have? MPI wants lots of bandwidth between nodes and regular gigabit might not cut it (depending on your users' applications). -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
[OT] Re: Recommendation for Beowulf/Apache Setup
Hi Vivek- This has gone decidedly off topic... On Thu, May 07, 2009 at 12:05:35PM -0700, Vivek Ayer wrote: > I was going to start small given the budget I have. Eventually, I'd > like dedicate a gigabit switch for HTTP traffic and Infiniband for > compute traffic. At first, I don't expect too much MPI work to be > done, but I've heard FreeBSD performing better under duress than linux > as the number of HTTP threads increases. [...] > The final option would be to divide and conquer: 6 for HTTP, 6 for > computing, but my reasoning is why not scale for HTTP as much as > possible. This is really the only reasonable approach. No one would run a production web service on top of a parallel computing cluster unless they had to. Remember that your execute nodes will run random jobs from random users -- do you want that on a box that hosts a critical database or webserver? The scenario is worse if you participate on a grid. As always, use the best tool for the job. As you've noticed, OpenBSD will do well managing your network. Frankly, in most cases it also makes for an excellent database or webserver. As for the execute nodes, run Linux on them unless you have some reason (user requirements, demonstrated performance gains, etc) to do otherwise. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
Re: Separate desktop list?
Hi Bill- On Mon, Jun 08, 2009 at 04:33:56PM +0200, Bill Maas wrote: [...] > Granted, only the last one is a potential GNOME bug, but they're > definitely all "desktop". These occur on _my_ machine, I don't know > if these quirks are universal and reproducible, hence the need for > discussion before firing bug reports at maintainers. You don't need to show that the failure is universal to make it worth a note to the maintainer. If you can reproduce it (and you're running a reasonably configured system without any frankentweaks), send a message. If the maintainer can't help you (or times out), contact po...@. > I've been reluctant to post a message each time I encounter an issue > like these, because I know (and strongly agree) that desktop isn't > OpenBSD's core business. There certainly are developers for whom OpenBSD-on-the-desktop matters very much. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
Re: Automated service/daemon management
On Tue, Jun 09, 2009 at 02:06:59PM -0400, (private) HKS wrote: > The much larger problem, though, is with starting/stopping/restarting > services. Say I add spamd as an enabled service on host1. For my > scripts to start it properly, I have to replicate the code already in > /etc/rc defining how spamd starts. This is prone to errors and runs > the risk of breaking on upgrades. Restarting services that need more > than a HUP is also a chore. As for stopping, some services like > postgresql need some careful attention. This means replicating code > from /etc/rc.shutdown. You can make this easier in rc.local by using a construct along the lines described here: http://erdelynet.com/tech/openbsd/rclocal-trick/ > I've looked at adding some stupid delimiters to /etc/rc, > /etc/rc.local, and /etc/rc.shutdown so I can just pull in the > necessary chunks, but I'm wondering if there's anything available > that's more elegant and won't break on every upgrade. It sounds like using rc.d would be better suited to your environment. FreeBSD and NetBSD both use rcorder(8), which runs well on OpenBSD. Hook that into your rc.local and write/manage init scripts under /etc/rc.d. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | email.willma...@ml1.net | *-[ BSD: Live Free or Die ]*
Re: Best way to automate administration of multiple servers
On Wed, Nov 14, 2007 at 07:45:06PM +1100, Mikel Lindsaar wrote: > 1) Create images or post install diffs so that if I need to add a > blade to expand, I put it in, connect via the console, install via > PXE and then download the diff - I know you can do this wth the > post install scrips in OpenBSD's install script, but any real > world use of this, things to avoid or good things to do? cfengine[0] (which we use at work to manage ~500 Linux machines) or radmind (which I use at home to manage my OpenBSD servers, workstations and laptops). There are at least two schools of thought on how one should manage > 1 machine. cfengine is the most popular convergent tool, where you specify an ideal state using a declarative language and the clients iterate towards that state. radmind is the most useful congruent tool, where you specify (or directly imply) the exact sequence of operations that each client must perform to reach an ideal state. I've used both approaches for years, and I greatly prefer radmind both for its simple design and the implicit guarantees of congruence. See below for references on each: http://www.cfengine.org/papers.html http://www.infrastructures.org/papers/turing/turing.html > 2) Keeping 10 - 20 copies of OpenBSD up to the latest patch levels > without having to do more than trial on one (for each type) and > then for the rest type something as trivial as "/bin/sh -x > update.sh" rotating through the servers and testing as you go? I > can see myself spending two days a month otherwise doing upgrades > on all the servers. Same as above. > 3) Guides on how to manage the logs of this many servers. Any > experiences with splunk on this sort of environment, other > options? Log centrally using syslog; syslog-ng is a well-used central log server. [0] http://www.cfengine.org/ [1] http://rsug.itd.umich.edu/software/radmind/ -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Best way to automate administration of multiple servers
On Wed, Nov 14, 2007 at 02:30:34PM +, Edd Barrett wrote: > On 14/11/2007, Mikel Lindsaar <[EMAIL PROTECTED]> wrote: > > Hello all, > > I want to automate handling them as much as possible and would like > > some list suggestions on reading materials, software, or web howtos. > > The multixterm program that comes with expect is useful for ssh'ing to > lots of machines and running the same commands on them all. See also sysutils/clusterit, which has several tools useful for this purpose. I use dsh to run oneliners on groups of machines, though you can use it interactively, too. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: What is our ultimate goal??
On Sun, Feb 17, 2008 at 04:18:16PM +0100, Zbigniew Baniewski wrote: > On Sun, Feb 17, 2008 at 09:50:21AM -0500, William Boshuck wrote: > > I can imagine one response: Port whatever it is, or else > > That cannot be a valid response, when given to the _user_. You don't get it. This system isn't for you, even if you donate a bazillion dollars. This system is for the people who make it. Time and again, the people who make it have very clearly explained that they have no intention of making silly changes just to please or expand the user base. For some reason, new users sometimes seem to have a hard time understanding or accepting this concept. I suggest you spend some time thinking about it before you fuel the next time-wasting flamefest. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Possible discrepancy between sshd_config(5) and ssh-agent(1)
On Thu, Mar 13, 2008 at 02:07:57PM +0200, Lars Nood'en wrote: > http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1 > ssh-agent(1) >... > -t life > Set a default value for the maximum lifetime of > identities added to the agent. The lifetime may > be specified in seconds or in a time format > specified in sshd_config(5). A lifetime > specified for an identity with ssh-add(1) > overrides this value. Without this option the > default maximum lifetime is forever... Both this reference and the quoted reference in ssh-add(1) refer to a _time format_ defined in sshd_config(5), not a keyword. Look in sshd_config(5) under TIME FORMATS. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Forcing ports install
On Wed, Apr 02, 2008 at 10:33:00PM +1000, N J wrote: > Basically my question is how do I get the port to install without > having to remove then old package and dependencies first? I'm > trying to build pidgin out of the ports tree. See bsd.port.mk(5) -- specifically, look at the update (or reinstall) target. Folks using ports should be pretty familiar with things like bsd.port.mk(5) and ports(7), though. Is there a reason you're not using packages from the mirrors? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: how to get new port versions when following 4.0-patch
On Mon, Dec 11, 2006 at 01:12:15PM +0100, Robert Urban wrote: > Is there any "supported" way of getting 0.88.6 via ports? If you're following the -stable branch, you will receive security (and, as of late, some feature) updates to your ports tree. If you want/need a feature that isn't backported to -stable but is in -current, you have to do the (unsupported) backporting yourself. > Or are people running production systems installed from -RELEASE > versions never supposed to benefit from newer port versions? You get the new ports when you update your system to the next release. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Errors Compiling OpenOffice
On Sun, Dec 17, 2006 at 08:22:05AM -0500, Jim Michael wrote: > I apologize. I incorrectly reported that I am using stable. I > did upgrade ports to -current on 12/16 before make install. Did you also upgrade your base system to -current? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: revision control system for system administration
On Tue, Dec 19, 2006 at 03:00:04AM -0700, Clint Pachl wrote: > I would use a dedicated, highly secure and always backed-up box to > store/manage a central repository (CVS/SVN). This repos will hold > all the necessary bytes (binaries, config files, ports, etc.) to > "re-image" any machine from scratch. Each node on the network > would then "pull" everything it needs from the central repos using > method X. That's the part I'm trying to figure out. I want the > whole automation system to be simple and would like to use only > default tools. I think I understand the reason why you want this ('only default tools'). That said, there are good reasons that specialized tools exist to solve this problem: it's complex. You want your install and configuration management system to be robust; something hacked out of whatever happens to be in base seems potentially quite fragile. A pull-only system assumes that the clients actually pull. What if they don't? How do you know when their last successful pull was? If all they're doing is pulling, do you need eg one pf.conf file per client? How many clients do you have? How many might you have in a year? two years? Using a client imaging system as the sole configuration management system is heavy-handed and inflexible -- you'll find lots of situations where you want more control over who gets what file (or what action occurs where). cfengine was mentioned elsewhere in this thread, and it's the most prominent FOSS configuration management thingy that I'm aware of. It's got warts, but it's widely used and mostly solves the problems you're looking to solve. I've worked at large sites that used cfengine, and large sites that used hacked imaging systems based on rsync or rdist. I quickly came to understand and appreciate _why_ cfengine exists, even if I also started a list of Things I Don't Really Like About CFengine. It's a mixed bag, but in my experience, the warts are worth it. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: revision control system for system administration
On Tue, Dec 19, 2006 at 05:44:45AM -0700, Clint Pachl wrote: > So your're saying cfengine would need to be included in an install > set, such as base40.tgz or some custom install set in order to be > used in a base install (an obvious yes)? So how do we automate to > that point? I would like to automate the install process, as well > as the upgrade process. What do you do when you need to install 50 > machines? I may be wrong, but if cfengine can take me from a bare > bones system to a fully function server, let me know. I assume you've already checked the FAQ: http://www.openbsd.org/faq/faq4.html#site http://www.openbsd.org/faq/faq4.html#Multiple > I am currently working on the automated install script and it is > fairly simple. In fact, once it is setup and talking to a central > repository for install purposes, making it also perform system > updates will be a breeze. cfengine isn't an automated installer; it's a configuration management thingy. At my previous job, we used kickstart (solaris) and FAI (debian) to automate the installation, and cfengine to manage post-install configuration. > I will look into cfengine. I always figured it was one of those > bloated apps that did about 90% of what you needed, dropping the > ball on the last and most complex 10%. For that last 10% you > usually end up building a custom solution. Can others comment on > cfengine? How many managed boxen? What are its quirks, pros, cons? We manage several thousand compute and storage nodes in a dozen or so labs with cfengine in our grid; in my department, we manage maybe 600 CPUs. We use it to install complicated software (eg dCache, which requires java and postgres and all sorts of badnesses), sync user accounts/uids, etc. cfengine is the best thing available, but it's not perfect. I've looked briefly at the obvious alternatives (bcfg2, puppet), but wasn't impressed. radmind (also in ports) might work for some sites; I haven't had time to really evaluate it. I and others have already mentioned some benefits of cfengine -- other advantages should be obvious by now. As for drawbacks, you should know that cfengine is declarative, so some procedural tasks (like, in our case, installing dCache) are a bit trickier than I wish they were. There are some problems with the upstream code, too (string handling) that have been kludged-around in the OpenBSD port. Lastly, cfengine2 has been evolving for a while, so it's a bit crufty and at times befuddling. cfengine3 will (hopefully) address this problem with a rewrite, but that's still years away. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: revision control system for system administration
On Tue, Dec 19, 2006 at 06:23:16AM -0700, Clint Pachl wrote: > I'm not so convinced it is that complex on a homogeneous OpenBSD > network. OpenBSD is a very manageable system, such as the entire > OS contained in compressed tarballs for easy extraction and the > flexible ports system. Both of these entities are easily > scriptable. Then all there is to worry about is system configs and > custom binaries, which can be easily managed by CVS. A hierarchal > CVS structure can be built to mange global (all nodes in network), > group (groups of similar servers), and single (things specific to > a node, like /etc/myname) nodes. You apply global settings first, > overwriting with more specific settings. You now have an asston of files to keep track of. We did this _exact thing_ using rsync at my previous job. It sucked. We moved to cfengine. It sucked less. > If you implement a "push" system, how do you know if something was > actually pushed? What if something was pushed, how do you know the > "pushee" did the right thing with what it was given? This argument > goes both ways, but solved simply. A system should report what it > does after it pushes or pulls. The other end should also report. > So if the results show someone is pushing, but no one is pulling > or visa-versa, you have a problem. This system could be > implemented using mail or central syslog. My point wasn't that it's not possible, but that you have to do it yourself. There are lots of details that make these management systems reasonable; if you're building your own, you've got a lot of work cut out for you. And if you make a mistake, things hit the fan rather quickly. It's not fun, and, in a lot of cases, not necessary. [...] > This is what I don't like to hear: as you say, "It's got > worts...", "mostly solves the problems.." Why not build something > that has no worts and solves all problems all the time to your > specs. And most importantly, I use OpenBSD because of its > simplicity and robustness and I like my tools to act the same. I > guess I haven't heard enough good about cfengine to pique my > interest in it. I gave up looking for perfect software a long time ago. Everything I use -- including OpenBSD -- has bugs. I accept that. I agree that finding the simplest solution to a problem is a good approach, but I haven't found that designing and implementing a brand new configuration management scheme is ever a simple approach, and I've designed a couple in-house ones before. These days, I look for what sucks the least, and improve it as best I can to meet my needs. There are presentations every year at conferences like LISA about the state of configuration management, and it's getting better. But all of those systems have problems, and the one you plan to build will have problems, too. People have been working on this for decades, now, and it's not an easy problem to solve. Perhaps your site/case is relatively straightforward and you can come up with a compact solution that works for you. That'd be cool. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: revision control system for system administration
On Wed, Dec 20, 2006 at 02:31:09PM +, Brian Candler wrote: > That makes a lot of sense. But enforcing that policy might be > difficult. This is important if you're relying on your gold server > for disaster recovery purposes - if the target machines had some > change made which nobody remembers and weren't reflected in the > gold server, then any freshly-built machines will be > non-functional. This is a cultural problem, but there's an adequate technical solution: aggressively sync the client machines. Admins quickly learn to make changes in the central when their changes get blown away every hour. At my last job, we used cfengine to manage a handful of Solaris zones that bounced around a cluster of machines. Each zone would be built and destroyed every time it moved from one machine to the other, so any non-cfengine changes made to the system would be lost. We hadn't been using cfengine for very long, but everyone picked up on it quite rapidly. ;) cfengine (and other configuration management thingies, I suppose) can alert you when key files change. So if someone's mucking around with /etc/rc on the machine, cfengine can back it up, put in the 'gold' copy, and whine about it. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Groklaw artical about the BSD license
On Tue, Jan 16, 2007 at 10:44:54PM +0100, Vim Visual wrote: > btw are you using X? and if so, which wm? most of them are under > the gpl, right? this must hurt if you're such a bsd license > defender... Stop baiting the list. Also, not that it's related to anything, but there are a number of BSD-licensed WMs, several of which can be found in the ports tree. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: p5-MIME-tools-5.420.tgz
On Wed, Jan 17, 2007 at 06:36:31PM -0800, sausted wrote: > I am trying to install p5-MIME-tools-5.420 using pkg_add but I keep getting > the following error: > > p5-MIME-tools-5.420:Can't find p5-Convert-BinHex-1.119 > /usr/sbin/pkg_add: p5-Convert-BinHex-1.119:Fatal error > > I am new to OpenBSD...could someone help me? Did you read the FAQ[0] and pkg_add[1] man page? Is PKG_PATH set correctly in your environment? [0] http://www.openbsd.org/faq [1] http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add, pkg_add(1) -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Virtualisation on OpenBSD?
On Wed, Jan 24, 2007 at 08:02:01AM -0800, Lawrence Horvath wrote: > I tried looking for source but was unable, vmware is a closed > source as far as i can tell(please correct me if im wrong, as i > like to get hold of the source) when i was looking for it online > you have to download the binarys, and you have to email in for a > serial number to use it, they also have higher up pay-for > versions, with more features VMware is closed source. http://www.vmware.com/download/eula/workstation.html -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: packages question
On Mon, Jan 29, 2007 at 02:56:44PM -0800, Daniel E. Hassler wrote: > Is it reasonable to assume all of the dependencies for a package > should also be available as either packages or via ports? Yes. Some ports have licenses which prohibit redistribution as packages, though, so N(ports) > N(packages). > I'm trying to install p5-Mail-Box-2.018. - "p5-Mail-Box-2.018:Can't > find p5-Convert-BinHex-1.119" > I can't find p5-Convert-BinHex-1.119 in either packages or ports. > p5-MIME-tools-5.420 has the same dependency. How are you looking? $ man 7 ports $ cd /usr/ports $ make search name="BinHex" Port: p5-Convert-BinHex-1.119p1 Path: converters/p5-Convert-BinHex Info: module to extract data from Macintosh BinHex files Maint: The OpenBSD ports mailing-list Index: converters perl5 L-deps: B-deps: R-deps: Archs: any -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Can OpenBSD do what BusyBox does?
On Wed, Mar 21, 2007 at 11:04:32PM +1100, Sunnz wrote: > I doubt if OpenBSD can be replace it on the router... but if you > has done so it be cool to know how you made it work. It would help if you mentioned what hardware you're running on... OpenBSD is an operating system; Busybox is a single executable that rolls many common *nix utilities into one. They're totally different things. Busybox doesn't have a kernel or a packet filter (or a web server, or a...), so I don't know what the point of comparing them is. If you want to run OpenBSD on your router, you'd need to tell us what hardware you're using, though I haven't heard of anyone installing OpenBSD on something like the Linksys WRT54G. If you want to run an OpenBSD router, grab a Soekris or an old i386 and install OpenBSD on it. Many, many people do this; it works well. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Problem on installing new packages
On Mon, Mar 26, 2007 at 11:31:56PM +0800, Stephen Liu wrote: > > On 2007/03/26 23:14, Stephen Liu wrote: > > > 250 CWD command successful > > > ftp> exit > > > 221 Goodbye > > > > try 'ls' too; it will open a data channel. certain > > firewall/nat-related problems will allow the command channel to > > open but not the data channel. > > # ls > .Xauthority .cshrc .klogin .login .profile .ssh > > Other noted wit tks. Is that in a shell? or during your FTP session? Simply running /bin/ls in your shell isn't helpful. Stuart wanted you to use FTP's data channel to make sure that you could fully communicate with the server. I doubt he cares what files you have in your home directory. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: sshd.config and AllowUsers
On Mon, Mar 26, 2007 at 01:33:17PM -0400, Jerome Santos wrote: > I want to add something like this: > > AllowUsers user1, user2, user3 > > I added that in but also with an # in front like all the other > entries. Now I find that I can still ssh to the box with a user > acct that I didn't include in the entry. Should it be in there > without the #? Yes. sshd_config(5) > And if so, do I also then have to uncomment all the other > entries?? No, they're the default settings. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
cron doesn't run commands in /etc/crontab?
According to cron(8), cron should be able to read commands from a properly formatted and chmoded /etc/crontab file. I've created such a file, but I can't seem to get cron to run the test command in it. # cat < /etc/crontab */1 * * * * /usr/bin/touch /tmp/crontest EOF # chmod 0600 /etc/crontab cron then successfully loads the changes made to that file: Mar 28 07:23:01 lass cron[11652]: (*system*) RELOAD (/etc/crontab) I can also verify that the system file is loaded by watching the output of `cron -x load`. The command is valid per crontab(5) and works when inserted in root's tab using `crontab -e`. After the system tab is reloaded, cron fails to run any commands listed there: no CMD messages are logged (or seen in the debugging output) and the file is never touched. I've tried to get this to work on a semi-recent -current/i386 as well as the latest snapshot (also i386) with no luck. I browsed the code, but didn't see any obvious problems. Any ideas? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: cron doesn't run commands in /etc/crontab?
On Wed, Mar 28, 2007 at 03:58:35PM +0200, Paul de Weerd wrote: > Reread crontab(5), the /etc/crontab has a slightly different > format (to specify username). Oh. ;) Quite right -- thanks for the cluestick. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Problem: Raid mounting root as read-only, and not from the partition desired...
On Sat, Apr 07, 2007 at 12:11:23PM -0700, Merp.com Volunteer wrote: > Considering all the workarounds to even just getting > python/zope/plone to install, let alone the list of other > bugs/issues related to that config on openbsd (that hasn't been an > issue on other bsd and nix setups for us), as well as the > scattered knowledge/experience of openbsd in the volunteer group > (whereas most are familiar with Linux), should we just abandon the > entire effort of converting to openbsd and just stick with Linux? You sound like a Linux shop. It doesn't sound like your group has sufficient background to migrate whole-hog to OpenBSD (or Solaris, or AIX, or Windows). What problem are you trying to solve by migrating to OpenBSD? > Or will there be sufficient support from the openbsd community to > help us get through the entire trainsition to openbsd? This list (and the other various parts of the user and developer communities) is a great resource, but it shouldn't be part of your migration plan. From what you've described, OpenBSD is a fine technical solution to your problem. But with your group, it doesn't sound like you can make it work in the time you have. Migrations are big, scary things, and they need planning and experience. Even a great list like this can't be the cornerstone of your plan. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Binary kernel and base update
On Tue, Apr 10, 2007 at 01:43:56AM +0200, [EMAIL PROTECTED] wrote: > I have noticed that the OpenBSD team puts a lot of emphasis on > using binary packets rather than building from ports, which I > think IMHO is good, but why is it that there is no binary kernel > updates, rather than patching the kernel from source? Among the several likely reasons I can think of, one obvious one is that there simply isn't enough hardware or free development time to manage that infrastructure. It takes time and work to make binary patches, and OpenBSD isn't as large (or as well-funded) a project as Debian, which you mention later. [...] > Last week management decided to go back to using Debian on some of > our servers due to them being easy to upgrade including kernel and > basesystem upgrades. OpenBSD is quite easy to upgrade if you have a build host for your network. Setting one up on a spare box is rather straightforward (release(8), among other things). -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Webservers with Terrabytes of Data in - recomended setups
On Fri, Apr 20, 2007 at 09:03:54AM -0500, Jacob Yocom-Piatt wrote: > from my observations redundancy is the biggest problem with NFS > and that its ability to efficiently serve up data is more than > ample. Redundancy is certainly a problem, but lots of US HPC and distributed computing sites have severe scaling problems with NFS. High r/w traffic has killed several file servers in projects that we work with, and it sucks big time. I don't know anyone who's happy or excited or confident in their HPC NFS deployments; everyone I've talked to hopes for a real solution to this problem. ;) If the OP's use case involves lots of writes (especially from many clients), I'd be concerned about NFS' ability to keep up. Then again, I've had problems with pretty much all of the network filesystems (including AFS, though it's the least bad in my experience). I'm still waiting for Ceph[0] to mature (and to shed its linuxisms). ;) [0] http://ceph.sf.net/ -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: www.openbsd.org (and vs openbsd.org)
On Fri, May 11, 2007 at 12:10:13AM +0200, Martin Toft wrote: > Nobody answered my second "question" though :) Maybe nobody knows > the answer? :) Summary: I was once told not to use openbsd.org; it > was said that www.openbsd.org was the only valid site (ignoring > mirror sites). Is this just bullshit? Yes, it's bullshit, and yes, Theo answered your question. www is a mirror. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: issues starting wmii window manager
On Sun, May 20, 2007 at 12:21:16AM +1000, atstake atstake wrote: > I just installed wmii window manager on 4.1 on i386 but when I try > to start by typing "wmii" it says - > > "wmiiwm: cannot open display" > > However, I can start fvwm fine by typing "startx" in the console. And > /usr/X11R6/bin in my $PATH xinit(1), startx(1); specifically, look at ~/.xinitrc. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: OpenBSD and Kerberos Client
On Tue, Jun 05, 2007 at 01:59:07PM +0100, [EMAIL PROTECTED] wrote: > Any chance you could help write up some documentation? Kerberos on > OpenBSD doesn't really have any good docs that I could find. Maybe > I could then retry this effort in the future. For expediency > though, I will have to reinstall with RedHat as it only takes 5 > minutes to get it working as a kerberos client. I set up a Heimdal kdc and several OpenBSD clients with krb5 auth in about ten minutes based on the info page. What, exactly, is lacking in the documentation? I'm no fan of info pages, but Heimdal's covered all the topics I needed to get set. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: OpenBSD and Kerberos Client
On Tue, Jun 05, 2007 at 03:16:06PM +0100, [EMAIL PROTECTED] wrote: > I don't have the audacity to do anything. The email signature is > defined through company policy and tacked on by the M$ Exchange > Server on the way out. I have no say and only see it when I get > replies to my email. Have you considered getting a free mail account somewhere else and using that for your non-work correspondence? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Locations of stable ports vs current ports
On Wed, Jun 20, 2007 at 10:05:25AM -0700, Joe S wrote: > This site has a nice interface to ports: http://ports.openbsd.nu/ > But they ports it says are in OpenBSD are not in my tree. Is this > site showing current only? That site isn't run by the project; I assume it follows -current, but you could check their FAQ (or compare file revisions). > The cvs website on openbsd.org > (http://www.openbsd.org/cgi-bin/cvsweb/ports/) also has the www/rt > port. Is the cvs website showing current too? cvsweb will show you whatever you want it to. Look for the 'Show only files with tag' button at the bottom, and select the version you're interested in. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: telnetd ?
On Mon, Jun 25, 2007 at 02:59:58PM -0400, stan wrote: > Yes, I know it's a bad idea, but for reasons beyond my control, I > need to provide a telnet service on an OpeBSD 4.0 machine. > Unfortunately there does not seem to be a telnetd built by > default. > > How can I get this daemon built? Search the archives... http://marc.info/?l=openbsd-misc&w=2&r=1&s=telnetd&q=b? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: ps wrapping
On Tue, Jun 26, 2007 at 02:28:37PM -0400, Nick Guenther wrote: > Is there anyway to make ps format its output to not cut off lines > at the edge of the screen? Is have a long command line I'm trying > to remember and I can't see it all. I tried -o command but it's > still too long. ps(1): -w Use 132 columns to display information, instead of the default, which is the window size. If the -w option is specified more than once, ps will use as many columns as necessary without re- gard for window size. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Rename multiple files at once
On Wed, Jun 27, 2007 at 02:37:07PM +0200, Pieter Verberne wrote: > How do I rename multiple files at once? This is a function of your shell, not mv. See ksh(1), zsh(1), etc... Alternatively, you could write a simple script/function to address the same problem: for FILE in *jpg; do NEW=$(echo $FILE | sed -e 's/\.jpg$/_thumb.jpg/') mv "${FILE}" "${NEW}" done -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Double mails from mailing list
On Wed, Jun 27, 2007 at 04:57:17PM +0200, Pieter Verberne wrote: > I'm getting some mails double from [EMAIL PROTECTED] In the > header is this: > X-Loop: misc@openbsd.org > > Does that say enough? Some people are setting To: to misc@openbsd.org and adding you to the Cc:. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: dhcp question
On Tue, Jul 03, 2007 at 02:45:00PM +0100, mgb wrote: > So if I defined a large pool of IP addresses in dhcpd.conf that > would avert the problem described above, however I'm struggling to > think of a solution on how would clients would request the correct > configuration file? and how could I handle new clients replacing > broken ones with regard to dishing out the correct configuration > file? Use lladdrs, not IP addresses, to name or serve the files. This is how most PXE setups work. See pxeboot(8) for some discussion. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Secure Network File System - Or Lack Thereof
On Sat, Jul 14, 2007 at 02:41:40PM +0200, Landry Breuil wrote: > man -k afs seems to say that AFS is in base, using ARLA > implementation. This is true, but ARLA doesn't have a production server implementation available. The AFS client is great (and obviously) interoperates with OpenAFS servers). > (and OpenAFS is in ports) This port is a bit broken, IIRC, and out of date. I spent a week or two a few months ago trying to update the port, but it's non-trivial. It would be great to update it, but I wasn't really making progress. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: How to track port updates in stable?
On Fri, Aug 03, 2007 at 06:35:51PM -0500, Todd Pytel wrote: > I don't spend as much time following OpenBSD as I used to, so > perhaps I'm missing something. But there used to be a > ports-security mailing list used for announcing updated ports. > That list doesn't exist any more, or at least doesn't appear to > have had anything posted to it in a very long time. It exists, but is inactive. > Is there some other official way to track changes to ports? By looking at the output of `cvs up`? By watching commits via [EMAIL PROTECTED] I do both, and find it sufficient. > Absent that, has anyone come up with a simple hack to feed to cron > to accomplish the same thing? I pull updated ports and src daily via cron, and read (ports|source)-changes@ for commit messages, etc. Does that not achieve what you need? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: howto set global environment variable (e.g. PATH, JAVA_HOME)
On Wed, Aug 08, 2007 at 06:09:16AM -0700, pixotec wrote: > but I want it for all users: > 1. could change all .profile-files of all users: no thanx ;-( (and > change /etc/skel/.profile for future new users) This would work. > 2. change /etc/login.conf ??? This would also work (see login.conf(5)). > 3. create /etc/profile, change all existing .profile of users (to > source /etc/profile) and change /etc/skel/.profile As would this. > 4. change /etc/ksh.kshrc and create .kshrc sourcing /etc/ksh.kshrc > for all users (and in /etc/skel...) And this. > IS THERE A EASY WAY (change only on central file for all users) TO > SET THEM? Well, choose whichever of the above is easiest for you. Based on your criteria, it seems that modifying login.conf would require the fewest keystrokes. I prefer to provide a global/site profile or shell init script and allow users to source it if they'd like, but that fits my site's policies well; depending on what you do and where you work, loginf.conf(5) may be more appropriate. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add can't install a package
On Fri, Aug 17, 2007 at 11:48:34AM +0300, Tomas wrote: > I'm having some trouble installing clamav-0.90.3.tgz package. I'm using > OpenBSD_4_1. > My steps: > 1. export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386 > 2. sudo pkg_add -v clamav-0.90.3.tgz > And I have this error: > > parsing clamav-0.90.3 > Can't install clamav-0.90.3 because of conflicts (.libs-clamav-0.90) ^ > Error from ftp://ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386/: > ftp: -: short write > 421 Service not available, remote server has closed connection. > /usr/sbin/pkg_add: clamav-0.90.3.tgz:Fatal error Use pkg_delete(1) to remove the .libs- package. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add can't install a package
On Fri, Aug 17, 2007 at 12:58:34PM +0300, Tomas Stankevicius wrote: > But then again... Why .libs-clamav-0.90 was left behind when I > removed clamav-0.90.tgz with pkg_delete ? This has been covered in the archives[0]. When you delete a package that may still have shared libraries in use by other packages, a .libs stub is kept for compatibility purposes with older stuff. [0] http://marc.info/?l=openbsd-misc&m=117742456031949&w=2 -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Looking for something similar to "screen"-command
On Wed, Sep 12, 2007 at 01:50:00PM +0200, Jon Sj"ostedt wrote: > I have installed BitTorrent-4.2.2 on my 3.9-box. With this i would like to > start file sharing on a console, logout, login later and reattach to the > console of the BitTorrent-4.2.2 session. AFAIK this is done in most > Linux-distros using the command screen, but how can I do it in BSD? You can install the screen package? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Package configurations
On Fri, Jun 09, 2006 at 05:06:48AM -0700, Allen Theobald wrote: > For installing a package how can I tell what the configure script > (./configure) or command line arguments to the build were? packages(7) are built from ports(7). In most (all?) cases, they use the default configuration specified in the port; packages with a FLAVOR (eg 'no_x11') will use the FLAVOR's specific configuration. -- o------{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: recording streams with OpenBSD
On Wed, Jun 14, 2006 at 12:57:48PM -0700, Bryan wrote: > Does anyone have a good way of taking streams from the web (like music > streams) and record them to whatever format, specifically .ogg or > .mp3? I first tried to use Mplayer and "dd if=/dev/sound > of=/var/audio.raw" like in the FAQ, but it kept saying that the audio > device was busy. $ man mplayer [...] $ mplayer -dumpstream http://your.stream.com/stream.mp3 -dumpfile stream.mp3 -- o------{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: recording streams with OpenBSD
On Wed, Jun 14, 2006 at 03:01:58PM -0700, Bryan wrote: > Will Maier wrote: > >$ mplayer -dumpstream http://your.stream.com/stream.mp3 -dumpfile > >stream.mp3 > > I did find that, but the stream is not an .mp3 file. So? Mplayer will dump an ASF stream. In fact, I tried that with your stream, and it worked fine. What's the problem? > Can I dump the stream directly as an .mp3 file? Prolly not directly with Mplayer, but you could dump to a FIFO and read the FIFO in your encoder (or decoder first) of choice. Or just reencode the dumped ASF file later on, although that will likely degrade file quality. -- o------{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: cruxports for OpenBSD
On Sat, Jun 17, 2006 at 07:51:15PM +0530, Siju George wrote: > it didn't update my packages. Could someone please tell me what I missed > out? Did you read pkg_add(1)? '-F' requires _keywords_, not package names, as its option. > # echo $PKG_PATH > ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/ > # > # pkg_add -uF mozilla-firefox-1.5.0.1 pkg_add understands 'mozilla*' as the argument to '-F' here; since it's not a valid keyword, it tries to update all your packages (hence the 'Candidates...' stuff). Use '-i' to manually select from a list of possible candidates to resolve the 'Ambiguous...' warnings. > # Candidates for updating clamav-0.88 -> clamav-0.88 clamav-0.88.2 > ksh: Candidates: not found What are you doing here? > # Ambiguous: clamav-0.88 could be clamav-0.88 clamav-0.88.2 > ksh: Ambiguous:: not found And here? This is all very straightforward and, more importantly, spelled out very explicitly in pkg_add(1). Read it. -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: FIX:vpnc
Alexander- Your mail would probably do more good on [EMAIL PROTECTED] On Mon, Jun 19, 2006 at 01:22:41AM +0200, Alexander Hall wrote: > Some updates to vpnc: > > - Put vpnc.conf in /etc instead of /etc/vpnc where it does no good. > - Install the supplied man file > > /Alexander > > Index: Makefile > === > RCS file: /cvs/ports/security/vpnc/Makefile,v > retrieving revision 1.9 > diff -u -r1.9 Makefile > --- Makefile 4 Mar 2006 15:10:31 - 1.9 > +++ Makefile 15 Jun 2006 14:57:38 - > @@ -34,5 +34,6 @@ > ${INSTALL_DATA} ${WRKBUILD}/vpnc.conf ${PREFIX}/share/examples/vpnc > ${INSTALL_DATA} ${WRKBUILD}/vpnc-script ${PREFIX}/share/examples/vpnc > ${INSTALL_DATA} ${WRKBUILD}/vpnc.sh ${PREFIX}/share/examples/vpnc > + ${INSTALL_MAN} ${WRKBUILD}/vpnc.8 ${PREFIX}/man/man8 > > .include > Index: pkg/PLIST > === > RCS file: /cvs/ports/security/vpnc/pkg/PLIST,v > retrieving revision 1.4 > diff -u -r1.4 PLIST > --- pkg/PLIST 11 Nov 2005 19:38:07 - 1.4 > +++ pkg/PLIST 15 Jun 2006 14:57:38 - > @@ -1,4 +1,5 @@ > @comment $OpenBSD: PLIST,v 1.4 2005/11/11 19:38:07 sturm Exp $ > [EMAIL PROTECTED] man/man8/vpnc.8 > sbin/vpnc > share/doc/vpnc/ > share/doc/vpnc/README > @@ -10,6 +11,6 @@ > @mode > share/examples/vpnc/vpnc.conf > @mode 0600 > [EMAIL PROTECTED] ${SYSCONFDIR}/vpnc/vpnc.conf > [EMAIL PROTECTED] ${SYSCONFDIR}/vpnc.conf > @mode > share/examples/vpnc/vpnc.sh -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add -ui - Using Ports except or real Packages?
Sebastian: you screwed up the attributions. That makes things (more) confusing. Fix your MUA. On Mon, Jun 19, 2006 at 05:10:21PM +0200, [EMAIL PROTECTED] wrote: > > You can do this the other way round, and make ports use packages > > where possible; see FETCH_PACKAGES in bsd.port.mk(5). > > Bad idea because the packages at $ANY_OFFICIAL_FTP are not > updated. Yes, they are. Packages are built for stable, too, if security updates are backported to the stable ports tree. What's the problem here? > That`s not what I ment as I said up2date. up2date for stables > means all Patches avaiable for stable. So if you use Stable but > curl *.1 except of *.3 you`re not up2date. :) That`s how I ment > it. What? I have no clue what you meant by this. Updated packages are bulit for stable when updates are backported. Period. Look at the updates[0] available for 3.9-stable. What's the problem here? > > Or if you have enough systems using the same arch for it to be > > worthwhile, you can build your own packages and point PKG_PATH > > there. > > Well at home 1 AMD64 and 3 i386 (even just 2 of 3 use OpenBSD). I > just wanted to point out that with pkg_add -ui there`s a VERY GOOD > solution but even the best solution is useless if the packages > don`t get updated. Maybe that can get solved with a Script *looks > to the dev-Team* to update the packages on the FTP if a update is > avaiable via Ports. This happens already[0]. > Or, the other solution, would be enable pkg_add -ui (maybe with > another argument to use Ports) using the Port-system to update. > It`s not so easy to update all machines using the ports Easy > == like pkg_add -ui :-/ So, assuming there's no package available, just make the package (ports(7)) and install it on other machines with the same arch (like Stuart suggested). Or add your build machine to your other machines' PKG_PATH. It's easy. But chances are, there's an updated package available. Don't expect new features if you're running -stable. > That`s all I wanted to point out. Why not using this neat > update-tool (pkg_add -ui) because for now the dev-team limits it > to a "upgrade"-tool (from one release to another) except an > update-tool. And that`s kind of sad in my oppinion. Again, this is unclear. But pkg_add handles upgrades _and_ updates. If you're running -stable, you might not notice many package updates, since that'll only happen when a new package is built to address a security problem. If you want more packages to be built faster, submit diffs to update the ports you're concerned with, donate resources for a larger build infrastructure, or build your own packages. [0]http://www.openbsd.org/pkg-stable.html -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:#madlug,#wilug | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add -u not working
On Tue, Jun 20, 2006 at 09:29:08AM -0500, Benjamin Collins wrote: > What actually happens after the above invocation is what Sebastian > pointed out - updatable package names are printed, but nothing is > actually updated. And you're running 3.9 or -current? -- o------{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:..#openbsd,#madlug | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add -u not working
On Tue, Jun 20, 2006 at 06:41:09PM +0200, [EMAIL PROTECTED] wrote: > 3.9-amd64 (stable). > But it was mentioned that there are no updated packages avaiable for amd64... > Yes I can update using Ports... but it`s realy not so good (compared to > pkg_add -ui). Right; pkg_add is nice. > *my oppinion* > There are not so many updates in the STABLE-Branch so I realy > don`t understand why nobody can spend 3hrs of Compiling (a day, in > the night, even developers have to speel :)) ) STABLE Packages > (just the updated software! Not ALL Packages..). It`s realy > something I can`t understand if it deals with the great idea of > pkg_add -ui. > */my oppinion* It's not that developers don't have time; it's that they don't have resources. We all agree -- it would be great to see updates built for more/all of the arches. And that can happen, I imagine. The only problem is money and resources. So if you care as much about having packages built for your arch as you seem to, donate money or hardware. Nikolay has already asked[0] for an amd64 to make -stable packages happen; can you help? [0]http://undeadly.org/cgi?action=article&sid=20060619214229 -- o--{ Will Maier }--o | jabber:[EMAIL PROTECTED] | [EMAIL PROTECTED] | | freenode:..lt_kije | freenode:..#openbsd,#madlug | *--[ BSD Unix: Live Free or Die ]--*
Re: Webalizer packages for AMD64 is corrupted
On Mon, Jun 26, 2006 at 04:35:11PM -0400, Daniel Ouellet wrote: > # pkg_add webalizer > Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/amd64/: > Unknown command. > Can't install gd-2.0.33p2: lib not found fontconfig.3.0 Do you have the x*.tgz sets installed? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Webalizer packages for AMD64 is corrupted
On Mon, Jun 26, 2006 at 05:16:58PM -0400, Daniel Ouellet wrote: > Interesting as I never install any x* before 3.9. Never did on any > systems what so ever. Not sure why it's needed now, but you were > right. Search the archives; there was a bit of a to-do over it. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: nload on OpenBSD - or an alternative
On Wed, Jul 19, 2006 at 04:34:49PM +0100, Richard Wilson wrote: > Did it ever make it in? Might it at some point? Possibly a better > question, is there something similar/better already there? $ cd /usr/ports && make search key='bandwidth.*monitor' Port: bwm-ng-0.5p0 Path: net/bwm-ng Info: realtime bandwidth monitoring of interfaces Maint: Genadijus Paleckis <[EMAIL PROTECTED]> Index: net L-deps: B-deps: R-deps: Archs: any -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: OpenWebMail (package)
On Thu, Jul 20, 2006 at 04:06:54PM -0700, Rob Baldassano wrote: > However, when I tried to install the package, the system gave an > error message about not finding a library. Forgive me I don't > have the error handy at the moment but it was a P5 (something > about compression) lib. I'd take a look at the FAQ[0]; did you install the x* filesets? It's hard to read minds -- pasting the error will get you better help here. > Does anyone know if this is fixed in the 3.9 release? If so, > COOL. If Not, any suggestions for getting around this issue? The port hasn't been touched in 16 months[1]. If you really have found a problem, it still need fixing, although I bet you're just missing some libs. [0]http://www.openbsd.org/faq/faq15.html#PkgInstall [1]http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/openwebmail/ -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Man mksmbpasswd
On Wed, Jul 26, 2006 at 12:50:41PM +0200, Karel Kulhavy wrote: > [EMAIL PROTECTED]:~$ which mksmbpasswd > /usr/local/bin/mksmbpasswd > [EMAIL PROTECTED]:~$ man mksmbpasswd > man: no entry for mksmbpasswd in the manual. > [EMAIL PROTECTED]:~$ pkg_info | grep samba > samba-3.0.21bp2 SMB and CIFS client and server for UNIX > > Is there an aim in OpenBSD to have also manual pages for programs > where the original supplier doesn't supply a manual page? Sure, but not every binary has/needs its own man page. The package you're talking about comes with fully 39 man pages, including smbpasswd(8). I don't use samba, but I'd be surprised if whatever it was you were looking for wasn't described in one of those 39 pages. $ grep '@man' /usr/ports/net/samba/pkg/PLIST* 39 net/samba could hardly be called undocumented. If you think mksmbpasswd needs a man page, you should probably send a diff to the samba folks. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Easy for a newbie to manage an OpenBSD server?
On Tue, Aug 01, 2006 at 10:26:23AM -0500, Titan wrote: > I have quite a predicament. I have been tasked with setting up an > FTP server for the research group I'm involved with. Do you need FTP? Can you use SFTP instead? > The problem is once I'm gone someone with no *NIX experience will > be maintaining the server. Why? Can't you train them? I can understand if most research groups can't afford to hire a full sysadmin, but hiring an up-and-coming undergrad for seven peanuts an hour shouldn't be too bad. > I've been considering using OpenBSD because it looks like it can > go far longer without updates than Windows and Linux servers and > looks to be very secure. /me sighs OpenBSD, while very, very useful, isn't a magic bullet. System security is as much the admin's job as it is the OS's. If you leave your box unpatched, even if it's running IdealOS v20, you'll eventually regret it. Period. No matter what OS you put on your server, you'll need to make sure that it's patched. Some OSes make that task easier; others have strong security track records. But with a dumb or negligent admin at the console, it doesn't matter what bonafides your OS has -- you're screwed. > In your experience, would it be possible for someone with no *NIX > experience to maintain a simple FTP server? Yes. > How long would you trust an unpatched OpenBSD server to go > unhacked? This is silly. Patch your system. If you and your successor spend a day or two reading the FAQ and afterboot(8) and keep your eye on your system, you'll stand a good chance of not having too much trouble. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: firefox 1.5.0.6 for openbsd
On Thu, Aug 03, 2006 at 12:11:08PM -0400, David T Harris wrote: > The easiest way to install firefox on OpenBSD or any other package > (that is available from OpenBSD) is to download the package from > the OpenBSD website (or a mirror) or the ftp mirrors. No, the easiest way is like so: $ man pkg_add [...] $ ftp ftp://ftp.openbsd.org/pub/OpenBSD/ftplist [choose a mirror] $ export PKG_PATH="ftp://your.mirror.com/pub/OpenBSD/$(sysctl -n kern.version)/packages/$(machine)/" $ sudo pkg_add -i your-package -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Multi-tabbed Terminal
On Fri, Aug 04, 2006 at 10:02:50AM -0700, Clint Pachl wrote: > Can anyone recommend a light-weight multi-tabbed terminal for OBSD 3.9? > I looked through the i386 packages, but didn't notice any. I'm using FVWM2. xterm + misc/screen. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Tyan v. Supermicro for Opteron?
On Sun, Aug 06, 2006 at 03:47:02PM -0700, Darrin Chandler wrote: > Ok, I've got it narrowed down a bit. Anyone have experiences good > or bad to report with Tyan versus Supermicro mobos? I find > archives for people using one or the other, so they both seem > workable. Anyone used both and prefer one for some reason? I'm > looking at 2xCPU, and maybe dual-core in addition. We've been buying Supermicro Opterons (dual duals) for the past year or so. We're not running OpenBSD, but we've been quite pleased with the boards. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: obsd 3.8 does not detect new HD
On Wed, Aug 09, 2006 at 04:29:26PM -0300, Gustavo Rios wrote: > i am running 3.8 stable on a DELL Precision Workstation 370. In my > first hard disk i have openbsd and Windows XP. I have bought a > second Hard Disk. It is working perfectly on XP, OpenBSD 3.8 does > not detec it. > > Have anyone already faced such scenario? Maybe -- how should I know, though, when you don't even say what type of disk it is? or provide a dmesg? or give us any indication as to what you've tried to do to get it recognized? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: mirroring packages without much bandwidth overhead
On Mon, Aug 14, 2006 at 03:47:07PM +0200, Andreas Bartelt wrote: > is there a simple way to efficiently mirror packages solely based on > package filenames in order to reduce bandwidth overhead? A bit of shell/Perl scripting could compare the index.txt on the FTP mirror with what you have locally... -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Web access to sysctl hw.sensors
On Fri, Aug 18, 2006 at 01:13:49AM +, Douglas Maus wrote: > 1. Is there an easier way to remotely observe such hardware status? SNMP (for better or worse) or any number of real monitoring products do that for you; nagios and munin are both in ports. If you really want to write your own, consider logging information from hw.sensors to a file available in the chroot and running your CGI on that. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: packages failure (was dsniff ports failure)
On Thu, Aug 24, 2006 at 01:44:04PM -0700, Edward Ray wrote: [...] > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> > # export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/ > > # pkg_add bash-3.1.1p0.tgz > Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: > Unknown command. > Not an ustar archive header > bash-3.1.1p0:libiconv-1.9.2p3: complete > Adjusting md5 for /usr/local/lib/libiconv.a from > 044a57b2de335fa8b5c24f977e9dc0af to 4e50ca5fc370e7247ffddea2ac1bd5af > /usr/sbin/pkg_add: Installation of libiconv-1.9.2p3 failed , partial > installation recorded as partial-libiconv-1.9.2p3 # bash $(pkg_info | grep partial) should verify that partial-libiconv-1.9.2p3 is installed. You should use pkg_delete to get rid of the partial- package (and figure out what you did to cause pkg_add to fail). > ksh: bash: not found > # pkg_add amap-5.2.tgz > Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: > Unknown command. > amap-5.2:pcre-6.4p1: complete > > amap-5.2: complete OK... > # pkg_add nmap-3.95p0.tgz > Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: > Unknown command. > Can't install libiconv-1.9.2p3 because of conflicts > (partial-libiconv-1.9.2p3) > /usr/sbin/pkg_add: libiconv-1.9.2p3:Fatal error # pkg_add wget-1.10.2p0.tgz > Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/: > Unknown command. > Can't install libiconv-1.9.2p3 because of conflicts > (partial-libiconv-1.9.2p3) > /usr/sbin/pkg_add: libiconv-1.9.2p3:Fatal error This is quite clear. It can't install libiconv because it conflicts with the partial- package it told you that it installed above. Delete the partial- package, figure out what's really wrong (if anything), and try again. > My only choice appears to be rebuild, which I have done three > times now. Rebuild what? libiconv? pkg_add will fetch dependencies for you. If you're having trouble with ports, stop using them (except for the very few cases where licensing dictates otherwise). > If someone could point me to the magic formula of package > downloads, much appreciated. pkg_add(1), pkg_delete(1), the FAQ. > I am trying to build a box for pen testing, and will switch to a > Linux variant or FreeBSD if OpenBSDs ports and packages are > screwed up. Packages and ports have worked just fine for me on 3.9 and -current. > It never used to be that difficult to build an OpenBSD pen test > box, at least with v3.6/v3.7/v3.8 It still isn't. Make sure your kernel and userland are up to date, and use packages. It's easy. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: UTC vs UCT timezone
On Tue, Sep 05, 2006 at 06:31:21PM -0300, Gustavo Rios wrote: > On 9/5/06, Scott Plumlee <[EMAIL PROTECTED]> wrote: > >The FAQ seems to reference UTC (at least in section 8), which would > >translate at Universal Time, Coordinated, from what I understand. Are > >these two the same? > > I had always had sych questions and had never had an answer. Good > question Plumlee. http://en.wikipedia.org/wiki/Coordinated_Universal_Time#Abbreviation -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: XEN
On Fri, Sep 08, 2006 at 11:08:49PM +0200, openbsd misc wrote: > I wasn't able to figure out if it is possible to run openbsd > as xen guest system. Does anyone know? Short answer: not yet, really. Longer answer: people are working on it. http://www.google.com/search?rls=en&q=openbsd+xen http://anil.recoil.org/blog/articles/2006/08/21/openbsd-xen-boots-multi-user http://kerneltrap.org/openbsd/c2k6/who1 http://hg.recoil.org/openbsd-xen-sys.hg -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: preferred hardware platform
On Sun, Sep 10, 2006 at 11:39:57AM +0530, Raja Subramanian wrote: > rdiff-backup however, does not suffer from this problem. > And it's a bit more space efficient than rsnapshot as > well. Give it a shot and I doubt you'll be disappointed. I've had an experimental port of rdiff-backup 1.0.4 and librsync (upon which it depends) available[0] for a month or two. I haven't looked at it much since the ports tree locked, but it's working well on several systems running -current. Feel free to give it a try; I'd be glad to get feedback on it, but it won't be a priority until after the thaw. [0]http://www.lfod.us/openbsd/ports.html#rdiff-backup http://www.lfod.us/openbsd/ports.html#librsync -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: clearing /tmp
Hi Lars- On Thu, Oct 30, 2008 at 05:15:53PM +0200, Lars Nood'en wrote: > I notice there is also /var/tmp. What is the reason for having > two directories for apparently similar purposes? Would there be > any major problems from combining the two, either by linking or > symlinking one to the other? Did you check hier(7)? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Unbound: a validating, recursive, and caching DNS resolver
On Wed, May 21, 2008 at 02:09:23PM -0300, Andr'es wrote: > I just read about this project, might be of interest: > http://unbound.net/ > > It's developed by Kirei, NLnet Labs, Nominet, and VeriSign; and > released under a permissive free software license: > http://unbound.net/svn/trunk/LICENSE > > I read about it at: > http://tech.slashdot.org/tech/08/05/21/0153201.shtml > > Original source for the article: > http://www.networkworld.com/news/2008/052008-open-source-dns-server.html And jakob@ has already made a draft port[0] available. There's still time to follow up on ports@ with test results. [0] http://www.schlyter.se/jakob/openbsd/unbound.tar.gz http://archive.netbsd.se/?ml=openbsd-ports&a=2008-05&m=7431665 -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Why Perl for pkg_* tools ?
On Fri, May 23, 2008 at 01:42:05PM +0200, Almir Karic wrote: > On Fri, May 23, 2008 at 9:37 AM, Marc Espie <[EMAIL PROTECTED]> wrote: > > As far as perl goes, it's about the only language that fit the > > bill. The older pkg_* were totally impossible to maintain and > > extend, and I needed a sensible script language that was in > > base. > > at the risk of starting a flame war, considered python? beside not > being in the base, any other downsides for this particular task? That's a pretty big downside. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Monitor Open Files
On Fri, Jun 20, 2008 at 07:22:40PM -0700, Peter_APIIT wrote: > I think this command may help you. lsof. On OpenBSD, fstat(1) is often more interesting. As an added bonus, it's in base. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: mirror.cs.wisc.edu
Hi Roger- On Tue, Jul 01, 2008 at 06:54:32AM -0500, Roger Midmore wrote: > I actually made a mistake for the email address for technical > support is [EMAIL PROTECTED] although the I think csl might work as > well since it stands for Computer Systems Lab. But sending to lab > actually creates a complaint that is logged and taken care of as > soon as possible. I forwarded your message on to the department > though. If you notice anything else just send a message to lab > with [CSL #354961] in the subject since someone else noticed that > to be the proper path to the release should be /pub/OpenBSD not > /pub/mirrors/OpenBSD. I created a request for them to add a link > to fix that problem as well. Thanks for getting this started. I've contacted the CSL and will work to get their mirror in order and listed on ftp.html. I work at hep.wisc.edu, so it shouldn't be too hard to keep them on top of updates. ;) -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Broken Webalizer for 4.3?
On Tue, Jul 08, 2008 at 01:34:32PM -0500, L. V. Lammert wrote: > OpenBSD Zeus.omnitec.net 4.3 GENERIC#698 i38 > > Looks like a problem with webalizer: > > # pkg_add webalizer-2.01.10p5 > Can't install gd-2.0.35: lib not found fontconfig.5.1 > Dependencies for gd-2.0.35 resolve to: libiconv-1.9.2p5, jpeg-6bp3, png-1.2.22 > Full dependency tree is libiconv-1.9.2p5,jpeg-6bp3,png-1.2.22 > Can't install gd-2.0.35: lib not found freetype.16.0 > Can't install webalizer-2.01.10p5: can't resolve gd-2.0.35 > > Looks like gd-2.0.35 is requiring freetype.16.0? The current freetype is: > freetype-1.3.1p3? Do you have the X sets installed? http://www.openbsd.org/faq/faq15.html#NoFun -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Broken Webalizer for 4.3?
On Tue, Jul 08, 2008 at 01:43:06PM -0500, L. V. Lammert wrote: > At 01:34 PM 7/8/2008 -0500, you wrote: >> # pkg_add webalizer-2.01.10p5 >> Can't install gd-2.0.35: lib not found fontconfig.5.1 > > Looks like fontconfig might have been moved to xbase? WHY?? What's > the reason to install X on a production server just to get some > bogus libraries for web work? Sounds pretty BOGUS to me?? If you can't stand the idea of untarring the entire fileset (and you're moderately clever), grab the libraries you need. In my book, 'BOGUS' includes: * Not checking the archives for answers to a question before spamming the list * Not checking the FAQ * Whining -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: sendmail STARTTLS
On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote: [...] > did try to setup STARTTLS but I don't think that it works! here are the > modifications in my .mc file: > > -- > define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl > define(`confCACERT_PATH', `CERT_DIR')dnl > define(`confCACERT', `CERT_DIR/cacert.pem')dnl > define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl > define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl > define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl > define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl > - Do those files exist? > Following 'man starttls' I should get: [...] > but I'm missing the '250 STARTTLS' entry from the above output! > > Any idea what might gone wrong? Did you look in your maillogs? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: sendmail STARTTLS
On Thu, Jul 10, 2008 at 03:56:48PM +0200, GVG GVG wrote: > On Thu, Jul 10, 2008 at 3:33 PM, Will Maier <[EMAIL PROTECTED]> wrote: > > On Thu, Jul 10, 2008 at 02:08:30PM +0200, GVG GVG wrote: > > > -- > > > define(`CERT_DIR', `MAIL_SETTINGS_DIR`'CA')dnl > > > define(`confCACERT_PATH', `CERT_DIR')dnl > > > define(`confCACERT', `CERT_DIR/cacert.pem')dnl > > > define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl > > > define(`confSERVER_KEY', `CERT_DIR/key.pem')dnl > > > define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl > > > define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl > > > - [...] > Yes they do exist: > > -- > -bash-3.2$ pwd > /etc/mail/CA > -bash-3.2$ ls -l > total 56 > -rw-r--r-- 1 root wheel 1229 Jun 23 17:02 cacert.pem > -rw-r--r-- 1 root wheel 875 Jun 18 13:46 cacert.pm > -rw--- 1 root wheel 3848 Jun 23 17:11 cert.pem > drwxr-xr-x 2 root wheel 512 Jun 17 16:25 certs > drwxr-xr-x 2 root wheel 512 Jun 23 17:17 crl > -rw--- 1 root wheel 3 Jun 23 17:17 crlnumber > -rw--- 1 root wheel68 Jun 23 17:11 index.txt > -rw--- 1 root wheel21 Jun 23 17:11 index.txt.attr > -rw-r--r-- 1 root wheel 0 Jun 23 16:46 index.txt.old > -rw-r--r-- 1 root wheel 1679 Jun 23 17:04 key.pem > drwxr-xr-x 2 root wheel 512 Jun 23 17:11 newcerts > drwx-- 2 root wheel 512 Jun 23 16:53 private > -rw--- 1 root wheel 3 Jun 23 17:11 serial > -rw-r--r-- 1 root wheel 3 Jun 23 16:46 serial.old > --- You're missing my{cert,key}.pem. > and in the mail_log there is nothing recorded! No errors or > warnings! Did you restart sendmail? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: sendmail STARTTLS
On Thu, Jul 10, 2008 at 04:26:38PM +0200, GVG GVG wrote: > In a sendmail book I found following entry they suggested to put > in the .mc file. Could be the reason for my problems? > > -- > dnl define(`confCRL', `CERT_DIR/crl/crl.pem')dnl > - No. So you updated your .mc file as above, installed it as /etc/mail/localhost.cf and HUPed sendmail? By default on OpenBSD, sendmail is started with the following flags: -L sm-mta -C/etc/mail/localhost.cf -bd -q30m If you installed your new .cf file as sendmail.cf, sendmail won't read it (unless you change or drop the -C flag). -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: sshd_config(5) PermitRootLogin yes
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote: > Am I reading this right? Yes. [...] > I remember that I filed PRs with FreeBSD/NetBSD a few years ago to get > this changed, but Redhat Support is giving some some noise about: > > "Well the source vendor doesn't disable it by default ..." This has been discussed. Check the archives if you'd like. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Sendmail won't use port 587 instead of 25
On Sun, Jul 13, 2008 at 04:16:20PM -0700, Joe S wrote: > I can't get sendmail to use port 587 and not port 25, which my ISP > Comcast blocks. > > I've added these lines to my sendmail.mc file, which is a copy of > openbsd-proto.mc I've tried this with the openbsd-localhost.mc file > also, but no success. > > ~ > define(`SMART_HOST', `smtp.comcast.net')dnl > define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl > define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl > define(`SMTP_MAILER_ARGS', `TCP $h 587')dnl > MASQUERADE_AS(`comcast.net')dnl > FEATURE(masquerade_envelope)dnl > ~ These defines need to come before the MAILER macros. Though you didn't post your whole .mc, I bet the above defines are down by the MASQUERADE* section, which is too late. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: 'Nother broken package - git-1.5.4.2
On Tue, Jul 15, 2008 at 02:30:36PM -0500, L. V. Lammert wrote: > Depends on tcl-8.4.7p6, .. maybe, .. but what does X have to do > with git?? http://en.wikipedia.org/wiki/Tk_%28framework%29 > Can't install tk-8.4.7p1: lib not found X11.11.1 > > Is this a broken dependency No. > or . . . ? Seems like git installed cleanly on 4.2. Are you going to send a mail to misc@ every time a package depends on X? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: OpenBSD 4.3 FAQ in PDF?
On Tue, Jul 22, 2008 at 09:32:15AM -0500, Daniel A. Ramaley wrote: > The number list could be collapsed into `seq 1 15` on a system > with seq installed. Have you met jot(1)? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *-[ BSD: Live Free or Die ]*
Re: Low priority or real coders
On Thu, Sep 14, 2006 at 11:29:49AM -0400, steve szmidt wrote: > (Say what you will about Linux being inferior in ways, it managed > to do what no other Unice did for all that time -- captured a > mainstream. A lot of development is being done benefitting most if > not all Open Source platforms because of the attention coming down > the Linux shute. So in the end we all win regardless of the O/S.) In many cases, this is simply not true. Much of the hardware support added to Linux is prohibitively Linux-specific or not worth the effort to bring over to OpenBSD (or other BSDs) -- assuming the driver is something more than a wrapper around a binary. Much of the new software developed for GNU/Linux systems is messy, unportable and utterly useless on different platforms. Linux's popularity has drawn developers to Linux, and they've developed Linuxy things. In some cases, BSD users benefit, too, especially when licensing and code portability aren't total disasters. In lots of cases, though, we get nil. And as you should know, Unix *was* the computing mainstream for a long period. Not on home desktops (which didn't exist for most of that period), granted, but on workstations and servers, Unix was The Right Choice. IMHO, Unix *continues* to be the right choice in its traditional environments, and has become quite useful on desktops and laptops in the last decade or so. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Upgrading 3.7 -> 3.9
On Tue, Sep 19, 2006 at 02:28:06PM -0400, ICMan wrote: > I want to upgrade from 3.7 to 3.9. Can someone give me some pointers? http://www.openbsd.org/faq/ If you have specific problems, ask here again. You may find it easier to simply reinstall. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Help with chroot
On Tue, Sep 19, 2006 at 09:59:38PM -0400, Kim Mackey wrote: > Anyway the symptom is that when I visit my wiki site I go there > with the url 192.168.1.106/wiki/ but as it starts to load the > page it changes my url to > myhost.my.domain/wiki/index.php/Main_Page and then fails to load. > but if I type the url as 192.168.1.106/wiki/index.php/ Man_Page it > will load the page just fine. From there I can click on the > links and every thing continues to work fine. (On some pages if > I leave the page up for a little while it will automaticallyswithc > the url to the myhostname.my.domain and fail to load. I just > retype the url with my local IP and things load back up fine > again, but I have to leave that page or it will fail again. Either configure your wiki correctly or add a line to /etc/hosts. hosts(5) -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Some recommendations on file locations sought
On Fri, Sep 22, 2006 at 01:29:56PM -0700, John Draper wrote: > Here is what I did... > > htpasswd -c /var/www/conf/auth/passwd edp > < I set the password here > > > chown root.nogroup /var/www/conf/auth/passwd > chmod 640 /var/www/conf/auth/passwd What user/group are you running httpd as? Is that user a member of nogroup? Can that user read the file? [...] > But the Apache rejects my password. I tried it several times, > same thing, rejection. Did you look at the error_log? -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: couple of scp questions
On Sat, Sep 23, 2006 at 12:27:21PM +0200, frantisek holop wrote: > i realize that for some, this might seem as an unnecessary wasting > of resources (think moving lots of small files) but i think it's > good to know if the transport was really finished and the files > really are the ones i started copying and not only its parts. > > was there any consideration to give scp similar functionality? $ scp [EMAIL PROTECTED]:file file.part && mv file.part file -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: ipsec vpn: freebsd and openbsd
On Thu, Oct 05, 2006 at 03:47:07PM +0200, Martin Schr"oder wrote: > Should I take the silence of the list as evidence that all ports > are secure or is the list simply ignored by the developers? Or is > it only used in dire emergencies (like security-announce)? The list just hasn't been used in a while. It could be seen as redundant effort, since ports-changes@ receives messages for each commit to the ports tree (including security-related commits), and pkg-stable.html is updated rather frequently. This issue has come up on #OpenBSD on freenode a few times recently, too. Would it be a good idea to update the FAQ to point to pkg-stable.html and [EMAIL PROTECTED] Or would it be preferable to make use of that list again (in conjunction, perhaps, with updates to the VuXML)? -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: File system monitoring: another PCI cert requirement question
On Mon, Oct 09, 2006 at 04:07:52PM -0400, stuartv wrote: > In the company I work for's ever expanding quest for PCI certification, > I am told that we are required to have in place something to monitor all > system files and log files for changes. Does anyone have any suggestions > on software to do this? I am currently looking at Osiris but would like > some input as to what is out there and actually being used by people. Well, /etc/security already does some of this. See security(8) for more info; you can extend it pretty easily. Otherwise, there's AIDE or Tripwire, among others. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: ports question
On Wed, Oct 11, 2006 at 03:28:08PM -0700, Bryan Irvine wrote: > Sometimes these get installed as a dependency of another app > though and so the screen just keeps right on trucking and you > don't have time to read it. Is there some command or somewhere > you can go to see what the message was? $ man pkg_info $ pkg_info -D python-2.4.3p0 Information for python-2.4.3p0 Install notice: If you want to use this package as your default system python, create symbolic links like so: ln -s /usr/local/bin/python2.4 /usr/local/bin/python ln -s /usr/local/bin/pydoc2.4 /usr/local/bin/pydoc -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: update automaticly
On Thu, Oct 19, 2006 at 09:28:23PM +0700, sonjaya wrote: > i have script for update automaticly here: > # cat /root/update_part1.sh > #!/bin/csh > cd /usr/src > setenv CVS_CLIENT_PORT -1 > setenv CVSROOT [EMAIL PROTECTED]:/cvs > cvs -d $CVSROOT -q up -rOPENBSD_3_9 -Pd > date > /root/update_part1.log > > when i try run that script get error such like this : > # sh /root/update_part1.sh > /root/update_part1.sh[3]: setenv: not found > /root/update_part1.sh[4]: setenv: not found > cvs update: CVSROOT "-q" must be an absolute pathname > cvs [update aborted]: Bad CVSROOT. sh(1) isn't csh(1) -- if you run `sh your_csh_script.sh`, sh ignores the interpreter line and tries to run the script itself. sh doesn't use setenv, which is why you get 'setenv: not found.' If I were you, I'd write the script in sh. csh has long been considered harmful, and isn't very much fun to write. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Freetype2 without X11 or no_x11 package
On Tue, Oct 31, 2006 at 02:24:58AM +0100, Jean-Gerard Pailloncy wrote: > How to solve this ? > Create flavor no_x11 ? > But, I need the freetype2 ! and there is no package. > Create a freetype2 package ?!?! > Or install X11... It seems like you should already know what you need to do (per the FAQ[0] and the messages pkg_add(1) spits at you), but this thread[1] explains why the change was made. In that thread, Matthieu Herrb wrote: For now install 'xbase39.tgz' or the strict subset of it that ports depending on X need. dot. This may change in future OpenBSD release, but dont start building plans on it. Search the archives next time... [0] http://www.openbsd.org/faq/faq15.html#PkgInstall [1] http://marc.theaimsgroup.com/?l=openbsd-ports&m=114794229516567&w=2 -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add(1) over ssh(1)?
On Wed, Nov 01, 2006 at 07:45:16PM +0100, Andreas Bartelt wrote: > is there any documentation about using pkg_add over ssh available > yet? pkg_add(1); look for 'scp://'... > Can this feature be used with some of the official mirrors? If you have ssh access on them, sure. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: pkg_add(1) over ssh(1)?
On Wed, Nov 01, 2006 at 02:25:23PM -0500, John Fiore wrote: > > is there any documentation about using pkg_add over ssh > > available yet? Can this feature be used with some of the > > official mirrors? > > Just out of curiosity, why would you want to do this? pkg_add > verifies the packages after downloading them. Is this some kind > of firewalling issue? As espie@ has said a couple of times now, pkg_add(1) over ssh is much faster since it only uses one TCP connection. In my testing, it has been much faster than similar operations over FTP and has approached local disk reads in speed. It's a real handy addition. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Large scale deployments
On Thu, Nov 02, 2006 at 08:10:50PM -0500, Michael Lockhart wrote: > 2. Command and Control. What projects or capabilities are > available for performing remote command and control over services, > packages, and system health? Currently, all push/pull is done > with perl/sh scripts to bring files over, sanity check, install, > update, etc. I've been leaning towards creating a daemon that > runs on each system and has a secure connection back to a > centralized location for determining if updates are available. My > proof of concept works, but thoughts on how to do this right are > GREATLY appreciated. I've used cfengine on large (500+ nodes) Linux clusters. There lots of things I wish were better in cfengine, but I haven't found a more capable tool. For one-time mass administration tasks, I use dsh from sysutils/clusterit, though the scenario you describe above seems cfenginy to me. > 3. Remote upgrading. Going from 3.2 -> 3.8 or 4.0 is going to be > very difficult, and the approach that I am taking right now is > creating a bsd.rd based kernel/image that will boot fully into > memory, and contain the appropriate scripts to re-initialized the > disks, rsync/scp/ftp/get/whatever the new base image and kernel > over, then reboot, and go into the new image, and perform the rest > of the upgrade from there. Has anyone done something similar to > this or know of any projects along these lines? Upgrading from 3.2 to 4.0 is going to be a headache. The clusters I've worked in have all used network filesystems (mostly AFS) for most data storage; reimaging a node has never cost much. Combined with a well-thought-out configuration management system, and major upgrades seem like less of a problem. Of course, you need to vet your new system image with your applications first. I sure wish I had 600 OpenBSD boxes to worry about...Scientific Linux is a headache. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Shared library without SHARED_LIBS:
On Tue, Nov 07, 2006 at 11:04:26AM +0100, Badbanchi Hossein wrote: > Tried to install the 3.8 package. Didn't work since the 3.8 packages are > linked against 3.8 libraries. This is documented in the FAQ; it's unsupported. > Next installed 3.8 ports.tar.gz on my 3.9 OpenBSD, and tried "make build > key=mysql-server-4.0.24p1". ports(7); key=... is not used. > The process stops by creating the "mysql-client-4.0.24" package, with > the following message: This, too, is documented in the FAQ; it's unsupported. [...] > Have tried all I could think of, and have done much googling, but > no chance. In all your googling, you didn't find the FAQ entries that make it clear that what your doing isn't supposed to work? > From the list of what I have already tried: > 1) Added > #SHARED_LIBS= ??? > to /usr/ports/infrastructure/templates/Makefile.template. bsd.port.mk(5); Makefile.template isn't read by anything. Moreover, how could adding a comment affect anything? The right way to do what you want to do is to build the old MySQL yourself. Better yet, fix/ditch the software that requires the old MySQL. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Error in php5-gd-5.1.4 packages for OpenBSD 4.0
On Thu, Nov 09, 2006 at 05:00:34PM +0100, Anders J wrote: > I think something is wrong in the php5-gd-5.1.4 packages (all > flavors) The dependency can't be satisfied (see below) and i find > only freetype-1.3.1p2.tgz and not freetype.13.1 in > /4.0/packages/i386 It's not a package dependency; freetype.13.1 is provided by the X install sets. Read the FAQ. http://www.openbsd.org/faq/faq15.html#PkgInstall If you're still confused, read the port's Makefile. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: where is unarj-2.43?
On Sat, Nov 11, 2006 at 08:07:24PM -0600, Default User wrote: > Okay, I give up. Where is unarj-2.43 in the OpenBSD 4.0 i386 > packages? Clamav seems to need it, but pkg_add said it could not > be found. Is it indeed missing? Look at the port's Makefile. http://www.openbsd.org/cgi-bin/cvsweb/ports/archivers/unarj/Makefile Blame upstream. If you need the package, you get to build it yourself. -- o------{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: Firewall partially failing with high traffic
On Tue, Nov 14, 2006 at 09:28:47AM -0700, Chris Cameron wrote: > Upgrading isn't an option. I mean it is, but as soon as I say > "Don't know, lets just upgrade", that's a major hit to something > that was tough to get in in the first place. This will be a > Firewall-1 shop again quite quickly and any future thing I > recommend isn't going to have much weight. You need to upgrade anyway to properly keep up with security updates. You're now running a system that is no longer supported; upgrading to a supported system is a Good Thing regardless of the issue you're currently dealing with. As a bonus, things generally get better and 'more fixed' with each new version and, as Tobias says, there's a good chance the problem you're running up against is resolved. -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: packages
On Wed, Nov 15, 2006 at 08:24:16AM -0500, Marc Ravensbergen wrote: > Hi, is there any way I can find out the entire list of files (and > dependencies) needed before installing a given package? Let's say > I want to add "wget" to openbsd. I export the PKG_PATH to the > appropriate mirror, then type "pkg_add wget". This will do the > installation of wget and all dependencies, but I would like to > know before the actual installation what files are needed (if > possible of course). First, ftp(1) does much of what you get from wget(1), and is included in base. As to your question, pkg_add(1) suggests: [...] -n Don't actually install a package, just report the steps that would be taken if it was. As espie@ noted in a previous thread on this topic[0], you can just install pkg_add on the system with the nice network connection and use PKG_CACHE to download the files. See also pkg_info(1), though package signatures will give you more information than you're probably looking for: [...] -S Show the package signature for each package. This signature is a unique tag showing the package name, and the version number of every dependency and shared library necessary to build this pack- age. If you have a ports tree handy, you could also use the 'print-run-depends' or 'describe' make targets documented in bsd.port.mk(5) and ports(7). > My reason for this is so that I can generate a complete list of > files needed to download for a given program, run over to a > computer with high speed, download, run back to my computer, dump > the files in the correct directory (/var/db/pkg) and then install > the package. Don't do that. You can use pkg_add(1) on local files, too, you know. $ sudo pkg_add all the packages you downloaded at your friend's house This is a rather common question -- search the archives next time. [0] http://marc.theaimsgroup.com/?l=openbsd-misc&m=115041186327151&w=2 -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: ports installing files in /etc?
On Sat, Nov 18, 2006 at 02:35:27PM +0100, Igor Sobrado wrote: > I suppose that configuration files were on a different directory, > as in NetBSD. As both NetBSD and OpenBSD are using the same tools > to manage ports/packages, and I am certainly accustomed to > /usr/pkg/etc on NetBSD, I supposed it was an error on these > packages. OpenBSD and NetBSD do not use the same tools to manage ports and packages. > As I said, it is a certainly unusual behaviour and it is not > described on the pkg_* manual pages (though!). As I did not find > a comment on this behaviour on pkg_add(1), but there are detailed > notes on the use of /usr/ports, /usr/local, /var/db/pkg and so on > I supposed I did a mistake installing the packages. Look at hier(7): /usr/ Contains the majority of user utilities and applications. [...] local/Local executables, libraries, etc. Also, look at packages(7): [...] Some packages installation scripts will also create new configuration files in /etc, or need some working directory under /var to function cor- rectly (e.g., squid, or mysql). This is well documented; as you noted, there's even a helpful FAQ entry. > I read a lot of documentation on the utilities for managing > packages on NetBSD, where /usr/pkg/etc is used. I expected the > same behaviour on OpenBSD. Why would you expect that? > I just asked because this behaviour is not documented on the man > pages and it is certainly different to the way pkg_* works on > NetBSD (where there is a different /etc for the packages). Assuming OpenBSD works just like NetBSD will make things hard for you. Read the FAQ and man pages, and trust pkg_info(1). -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*