Re: radeondrm(?) change causes console to recognize only 1024x768
On Thu, 10 Aug 2017, frohwein wrote: > On Sat, 2017-08-05 at 18:31 +0200, Robert wrote: > > During the last couple of weeks some change (radeondrm update?) > > caused the console to be locked to 1024x768, instead of whatever EDID > > the TFT supports, when using a Radeon card. > > Same issue here for the past couple of weeks when using DisplayPort. X > only recognizes resolutions up to 1024x768. Note that this problem > doesn't occur for me when using DVI which I have been using for the > past few weeks. > I too have this issue with both 6.2 and the new 6.3 snapshot. It seems like the kernel does not find the EDID of my monitor anymore and so neither does Xorg. OpenBSD 6.1 shows this in the dmesg: radeondrm0: 1280x1024, 32bpp OpenBSD 6.2 and 6.3 snapshot show this: radeondrm0: 1024x768, 32bpp Here is my current dmesg: OpenBSD 6.3 (GENERIC.MP) #103: Fri Mar 23 10:07:55 MDT 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 7991291904 (7621MB) avail mem = 7742033920 (7383MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe9650 (30 entries) bios0: vendor American Megatrends Inc. version "P01-A4" date 12/20/2011 bios0: Acer Aspire M3470G acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC MCFG SLIC HPET SSDT SSDT acpi0: wakeup devices SBAZ(S4) P0PC(S4) USB5(S4) UHC6(S4) UHC7(S4) XHC0(S4) XHC1(S4) BR12(S5) BR15(S5) PCE7(S5) UHC1(S4) UHC2(S4) USB3(S4) UHC4(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD A6-3620 APU with Radeon(tm) HD Graphics, 2196.25 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu0: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu0: AMD erratum 721 detected and fixed acpitimer0: recalibrated TSC frequency 2196014267 Hz cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 199MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD A6-3620 APU with Radeon(tm) HD Graphics, 2196.01 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu1: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu1: AMD erratum 721 detected and fixed cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: AMD A6-3620 APU with Radeon(tm) HD Graphics, 2196.01 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu2: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu2: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu2: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu2: AMD erratum 721 detected and fixed cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: AMD A6-3620 APU with Radeon(tm) HD Graphics, 2196.01 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,MWAIT,CX16,POPCNT,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,ITSC cpu3: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu3: ITLB 32 4KB entries fully associative, 16 4MB entries fully associative cpu3: DTLB 48 4KB entries fully associative, 48 4MB entries fully associative cpu3: AMD erratum 721 detected and fixed cpu3: smt 0, core 3, package 0 ioapic0 at mainbus0: apid 5 pa 0xfec0, version 21, 24 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 14318180 Hz acpihpet0: recalibrated TSC frequency 2196005479 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (BR12) acpiprt2 at acpi0: bus 2 (BR15) acpiprt3 at acpi0: bus 3 (PCE7) acpicpu0 at acpi0: C2(0@100 io@0x1771), C1(@1 halt!), PSS acpicpu1 at acpi0: C2(0@100 io@0x1771), C1(@1 halt!), PSS acpicpu2 at acpi0: C2(0@100 io@0x
submit.cf & sendmail.cf configuration
I have a simple OpenBSD 5.3 Sparc 64 box, which runs very well, given it is 12+ years old. I would like to set it up so I could send email from it, and receive email, since I do have a personal domain name,which I could point to my house IP, if desired. The documentation is wonderful, somehow it should be relatively simple,to edit the proper config files. Any help from anyone, or is there a good link you could provide, which explainshow to do this? In years past, I used to use other systems even Solaris 9, and I knew nothing, but was able tofigure out what to do, but OpenBSD seems harder to me for this problem. Thanks for any pleasant help.
Martin Luther King Jr. Day
Today is Martin Luther King Jr. Day in the United States, a federal holiday in all 52 states. The /usr/bin/calendar program shows incorrectly that yesterday, Jan 18, was Martin Luther King day in New York. And it does not show that today, Jan 19 the third Monday in January, is the correct US holiday. Below are my suggested patches to calendar.holiday and calendar.usholiday: Richard Narron - --- calendar.holiday.orig Mon Jan 19 00:33:44 2015 +++ calendar.holidayMon Jan 19 08:16:06 2015 @@ -32,7 +32,6 @@ 01/19 Nameday of Archbishop Makarios in Cyprus 01/20 Army Day in Mali 01/20 National Heroes Day in Guinea-Bissau -01/SunThirdMartin Luther King Day in New York (3rd Sunday) 01/MonThirdRobert E. Lee's Birthday in Alabama & Mississippi (3rd Monday) 01/MonThirdLee-Jackson Day in Virginia (3rd Monday) 01/21 Our Lady of Altagracia in Dominican Republic --- calendar.usholiday.orig Mon Jan 19 00:33:44 2015 +++ calendar.usholiday Mon Jan 19 08:06:28 2015 @@ -8,6 +8,7 @@ #define _calendar_usholiday_ 01/01 New Year's Day +01/MonThirdMartin Luther King Jr. Day (3rd Monday of January) 02/02 Groundhog Day 02/14 St. Valentine's Day 02/MonThirdPresident's Day (3rd Monday of February)
Re: Martin Luther King Jr. Day
On Mon, 19 Jan 2015, Alexander Hall wrote: > On January 19, 2015 5:43:58 PM CET, Richard wrote: > >Today is Martin Luther King Jr. Day in the United States, > >a federal holiday in all 52 states. > > Darn, man. That subject and initial sentence was pretty darn close to hit the > spam training bucket. :-) > It does look like spam. As ropers pointed out to me, there are 50 states not 52... The point I want to make is that Martin Luther King Jr. Day is a holiday in all US states, not just New York state alone. Richard
enabling sendmail
Is sendmail enabled by default? If not, how do I do that?
Re: Current snapshot (7/14) has mismatched libc
Theo just announced that 5.6 "beta" testing is begun: http://marc.info/?l=openbsd-cvs&m=140546158205874&w=2 So, I downloaded today's snapshot and installed it. But when I try to install any package from the snapshot packages, I get the same "mismatched libc" errors... Here for example are the errors for installing rsync using PKG_PATH='http://ftp3.usa.openbsd.org/pub/OpenBSD/snapshots/packages/amd64' #pkg_add rsync Ambiguous: choose package for rsync a 0: 1: rsync-3.1.1 2: rsync-3.1.1-iconv Your choice: quirks-1.147 signed on 2014-07-08T12:48:35Z Can't install rsync-3.1.1 because of libraries |library c.76.0 not found | /usr/lib/libc.so.77.0 (system): bad major Richard Narron - Q: How many Martians does it take to screw in a lightbulb? A: One and a half.
current snapshot (7/16) missing files in /etc
I found several files missing from a clean install of the snapshot of 7/16/2014: /etc/ntpd.conf /etc/rc.local /etc/mtree/BSD.local.dist I just copied these from a 5.5 installation, but a newbie would have trouble... The /etc/mtree/BSD.local.dist file was discovered missing by doing a "make update-plist" inside a /usr/ports directory. rich...@aaazen.com Richard Narron - Corruption is not the #1 priority of the Police Commissioner. His job is to enforce the law and fight crime. -- P.B.A. President E. J. Kiernan
Re: Files corrupted by one byte when downloading from my HTTPD server, any idea?
On 06/07/17 22:10, tec...@protonmail.com wrote: Hello, I am using 6.1 Release - all patched, including packages with mtier. I'm running a PHP56 web server, I am initiating automatic downloads using headers but whenever I download an image it cant be opened because no matter what image type it is I get: Error interpreting JPEG image file (Not a JPEG file: starts with 0x0a 0xff) I have been trying to figure this out all morning, I found a blog post which a guy has the exact same problem. https://shareithq.wordpress.com/tag/php-nginx-or-php-seems-to-be-adding-1-byte-to-image-files/ But I tested his fix on the file, and it works.. tail -c +2 avatest_local.jpg > avatest_fixed.jpg Is it possible some sort of automatic compression is in use on the system? or is that just ridiculous? Has anyone experienced this before and worked out the issue? Thanks 0x0a is a line feed (LF), and 0xFF looks like it is the start of the JPG image. Does your PHP source file have a blank line at the top? e.g. [blank line] i.e. your PHP source file has the 0x0a in it? If I'm right then that will be sent as part of the output (the first byte in fact - what you are seeing). Just an idea!
Re: Enabling ngx_http_addition_module on OpenBSD?
On 06/28/18 19:43, Stuart Henderson wrote: On 2018-06-28, Özgür Kazancci wrote: I need to use "add_before_body" and "add_after_body" directives for Nginx for my personal webpage, by setting them in nginx.conf. However, it seems that my Nginx installation (from OpenBSD packages) doesn't support these directives: a 'cat' to log file reports; "2018/06/28 09:14:09 [emerg] 52287#0: unknown directive "add_before_body" in /etc/nginx/nginx.conf:162" These directives probably belong to the module: ngx_http_addition_module. So, is there any way to dynamically activate that module without manually fetching and compiling Nginx on the system? I don't want to build Nginx from source. I cannot do that - it's a production server. Not sure how much work would be involved ... but I think that you could build and test on a machine set up as per your production machine? Then copy across the binary file(s). The module selection is part of the nginx build system - you can't do this without building nginx.
Wireless on ThinkPad T40 - Connects but no data
rev 0x01: irq 11 em0 at pci2 dev 1 function 0 "Intel 82540EP" rev 0x03: irq 11, address 00:16:41:a8:8d:8b ipw0 at pci2 dev 2 function 0 "Intel PRO/Wireless 2100" rev 0x04: irq 11, address 00:04:23:61:fe:6c cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 3 device 0 cacheline 0x8, lattimer 0xb0 pcmcia0 at cardslot0 cardslot1 at cbb1 slot 1 flags 0 cardbus1 at cardslot1: bus 6 device 0 cacheline 0x8, lattimer 0xb0 pcmcia1 at cardslot1 ichpcib0 at pci0 dev 31 function 0 "Intel 82801DBM LPC" rev 0x01 pciide0 at pci0 dev 31 function 1 "Intel 82801DBM IDE" rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 atapiscsi0 at pciide0 channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 ichiic0 at pci0 dev 31 function 3 "Intel 82801DB SMBus" rev 0x01: irq 11 iic0 at ichiic0 spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC2100CL2.5 spdmem1 at iic0 addr 0x51: 512MB DDR SDRAM non-parity PC2700CL2.5 auich0 at pci0 dev 31 function 5 "Intel 82801DB AC97" rev 0x01: irq 11, ICH4 ac97: codec id 0x41445374 (Analog Devices AD1981B) ac97: codec features headphone, 20 bit DAC, No 3D Stereo audio0 at auich0 "Intel 82801DB Modem" rev 0x01 at pci0 dev 31 function 6 not configured usb1 at uhci0: USB revision 1.0 uhub1 at usb1 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb2 at uhci1: USB revision 1.0 uhub2 at usb2 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard pms0 at pckbc0 (aux slot) wsmouse0 at pms0 mux 0 wsmouse1 at pms0 mux 0 pms0: Synaptics touchpad, firmware 5.9, 0x2c6ab1 0x0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 uhidev0 at uhub2 port 1 configuration 1 interface 0 "Logitech USB Receiver" rev 2.00/12.03 addr 2 uhidev0: iclass 3/1 ukbd0 at uhidev0: 8 variable keys, 6 key codes wskbd1 at ukbd0 mux 1 uhidev1 at uhub2 port 1 configuration 1 interface 1 "Logitech USB Receiver" rev 2.00/12.03 addr 2 uhidev1: iclass 3/1, 8 report ids ums0 at uhidev1 reportid 2: 16 buttons, Z and W dir wsmouse2 at ums0 mux 0 uhid0 at uhidev1 reportid 3: input=4, output=0, feature=0 uhid1 at uhidev1 reportid 4: input=1, output=0, feature=0 uhid2 at uhidev1 reportid 8: input=1, output=0, feature=0 uhidev2 at uhub2 port 1 configuration 1 interface 2 "Logitech USB Receiver" rev 2.00/12.03 addr 2 uhidev2: iclass 3/0, 33 report ids uhid3 at uhidev2 reportid 16: input=6, output=6, feature=0 uhid4 at uhidev2 reportid 17: input=19, output=19, feature=0 uhid5 at uhidev2 reportid 32: input=14, output=14, feature=0 uhid6 at uhidev2 reportid 33: input=31, output=31, feature=0 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on wd0a (96ea0dc55ec74d33.a) swap on wd0b dump on wd0b radeondrm0: 1024x768, 8bpp wsdisplay0 at radeondrm0 mux 1: console (std, vt100 emulation), using wskbd0 wskbd1: connecting to wsdisplay0 wsdisplay0: screen 1-5 added (std, vt100 emulation) Regards, Richard
Re: Wireless on ThinkPad T40 - Connects but no data
On Thu, 12 Jul 2018 16:37:27 +0100 Richard Laysell wrote: The solution in the end was to use a spare USB wireless dongle that I had lying around. This was detected as a run(4) device. Everything now works perfectly Thanks to all who responded. Regards, Richard
Re: PF possibly causing weird SSL issues ?
On 09/19/18 09:02, Tim Jones wrote: Hi, I'm wracking my brains here. I have just replaced with one based on OpenBSD 6.3 PF. Nothing else has changed on the network, just the firewall. Lots of "stuff" that used to work (e.g. various nightly pushes of data to "the cloud") have suddenly stopped working after the new firewall was put in place. It seems to be down to some sort of weird handling of SSL by PF ? I can't see why it should be OpenBSD, and yet I also can't see why it cannot be OpenBSD, given nothing else has changed. The reason I say this is because of what I see if I take troubleshooting down to its most basic level : This: wget -O bp_linux.tar.gz https://github.com/Azure/blobporter/releases/download/v0.6.15/bp_linux.tar.gz Fails with: OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to establish SSL connection. And yet this (ironically !) : wget https://cdn.openbsd.org/pub/OpenBSD/6.3/amd64/install63.iso Works fine. Similarly, this : openssl s_client -connect github-production-release-asset-2e65be.s3.amazonaws.com:443 -servername github-production-release-asset-2e65be.s3.amazonaws. com Returns: no peer certificate available No client certificate CA names sent And yet this : openssl s_client -connect google.com:443 -servername google.com Shows SSL certs OK ! My PF is simple as follows (there is no NAT here, its fully routable) : match in all scrub (no-df random-id) block drop set block-policy drop set syncookies always pass from to any flags S/SA modulate state (pflow) DNS and everything else is working fine. (Not an expert, just suggesting some things that might provoke inspiration. Hopefully. But probably stuff already tried/eliminated.) Are you sure it's pf? If you disable pf (if that's an option here) - any difference? If you take the rules out and then introduce them one-by-one - is there one that seems to break things? What do the pf logs show? Are you trying the commands on the firewall or an (OpenBSD?) machine behind the firewall? [OpenBSD machine]---[OpenBSD firewall]---[the internet] (Anything to do with LibreSSL versus OpenSSL?) If you try those commands on another OpenBSD machine at a different location, do they work? They work here (on a snapshot), so that does suggest they should work in general so yes, maybe the ruleset or pf. I've not got wget installed, but can achieve the same request with ftp e.g. $ ftp https://github.com/Azure/blobporter/releases/download/v0.6.15/bp_linux.tar.gz Trying 192.30.255.112... Requesting https://github.com/Azure/blobporter/releases/download/v0.6.15/bp_linux.tar.gz Redirected to https://github-production-release-asset-2e65be.s3.amazonaws.com/74929278/e5e4422c-58f2-11e8-9582-3447e8bc9081?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20180919%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180919T043531Z&X-Amz-Expires=300&X-Amz-Signature=d99e4c16a020810445620a2dc532f53e192ea382bff9785059d2f886981defb7&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3Dbp_linux.tar.gz&response-content-type=application%2Foctet-stream Trying 54.231.81.40... Requesting https://github-production-release-asset-2e65be.s3.amazonaws.com/74929278/e5e4422c-58f2-11e8-9582-3... What do you get if you try ftp instead of wget? $ openssl s_client -connect github-production-release-asset-2e65be.s3.amazonaws.com:443 -servername github-production-release-asset-2e65be.s3.amazonaws.com CONNECTED(0003) depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root ...
Re: Monitoring system
On 10/06/18 07:16, Stuart Henderson wrote: On 2018/10/05 17:35, flipchan wrote: It's weird because I have no error files that it describes the error in, I am promted with "Configuration file errror DB type MYSQL is not supported by current setup" I don't think the issue here - but if you are using PHP 7 make sure mysqli is used. http://php.net/manual/en/mysqlinfo.api.choosing.php Oh, in that case (always include the actual error message!) I'm pretty sure you didn't enable the relevant PHP database module. I don't know which one zabbix-web needs but I'd try php-pdo_mysql first. I have set all configs (/var/www/zabbix/conf/zabbix.conf.php and /etc/zabbix*) to use 127.0.0.1 3306 , but nono :/ On October 5, 2018 12:55:15 PM UTC, Stuart Henderson wrote: On 2018-10-05, flipchan wrote: Hey how did everyone get zabbix running I tried the zabbix MySQL with the zabbix web on 6.2 but I get a database connection error in the php , I assume the php can't read the config This is usually mysql/mariadb's annoying feature of automatically trying to use a unix socket when you try to make a TCP connection to localhost. See pkg-readmes/mariadb-server (the "chrooted daemons and MariaDB socket" for a workaround. -- Take Care Sincerely flipchan layerprox dev
Re: Monitoring system
On 10/07/18 09:05, flipchan wrote: My phpinfo: dpaste.com/0VDR4TE Have you looked in /usr/local/share/doc/pkg-readmes/ for anything useful. I've moved off PHP 5.6 so not exactly sure what the file will be called. The instructions for 7.0.31: /usr/local/share/doc/pkg-readmes/php-7.0.31 ... include instructions about what to do for some extensions so you /may/ need to do something similar. - some 'core' extensions with extra dependencies are packaged separately (e.g. php-pdo_mysql, php-ldap, php-soap, and others) and can be installed with pkg_add(1). ... For all extensions packaged separately (and for opcache), you will find a file named /etc/php-7.0.sample/(MODULE_NAME).ini. To enable it, add a symlink into /etc/php-7.0 and restart: ln -sf ../php-7.0.sample/MODULE_NAME.ini /etc/php-7.0/ Obviously these instructions will not be directly applicable in your case, but do have a look in /usr/local/share/doc/pkg-readmes for anything php-related. On October 6, 2018 4:42:16 PM UTC, Stuart Henderson wrote: On 2018-10-06, Richard Toohey wrote: On 10/06/18 07:16, Stuart Henderson wrote: On 2018/10/05 17:35, flipchan wrote: It's weird because I have no error files that it describes the error in, I am promted with "Configuration file errror DB type MYSQL is not supported by current setup" I don't think the issue here - but if you are using PHP 7 make sure mysqli is used. http://php.net/manual/en/mysqlinfo.api.choosing.php It all depends what zabbix-web wants. If it's written to use one specific api then you will need to use the module providing that. pdo_mysql is probably the most common nowadays.
Intel X553 and Supermicro A2SDi-4C-HLN4F Networking
Hello, For those who are interested, the most recent snapshots contain support for the Intel X553 copper NICs used on the Supermicro A2SDi-4C-HLN4F boards. I have tested this on a couple of systems and I am seeing about 940 Mbps with tcpbench(1) using a direct cable connection. I am guessing that this support is likely to be in the 6.7 release Thanks to all the OpenBSD developers for your great work! dmesg from one of the systems below Richard OpenBSD 6.6-current (GENERIC.MP) #43: Mon Mar 9 20:52:27 MDT 2020 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17125621760 (16332MB) avail mem = 16594010112 (15825MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x7f0c3000 (35 entries) bios0: vendor American Megatrends Inc. version "1.2" date 11/05/2019 bios0: Supermicro Super Server acpi0 at bios0: ACPI 6.1 acpi0: sleep states S0 S4 S5 acpi0: tables DSDT FACP FPDT FIDT SPMI MCFG WDAT APIC BDAT HPET UEFI SSDT DMAR HEST BERT ERST EINJ WSMT acpi0: wakeup devices XHC1(S4) OBL1(S4) LAN1(S4) PEX0(S4) LAN2(S4) LAN3(S4) PEX1(S4) PEX6(S4) PEX7(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 acpimcfg0: addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 4 (boot processor) cpu0: Intel(R) Atom(TM) CPU C3558 @ 2.20GHz, 2200.42 MHz, 06-5f-01 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu0: 2MB 64b/line 16-way L2 cache cpu0: cannot disable silicon debug cpu0: smt 0, core 2, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 25MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.2, IBE cpu1 at mainbus0: apid 12 (application processor) cpu1: Intel(R) Atom(TM) CPU C3558 @ 2.20GHz, 2200.02 MHz, 06-5f-01 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu1: 2MB 64b/line 16-way L2 cache cpu1: cannot disable silicon debug cpu1: smt 0, core 6, package 0 cpu2 at mainbus0: apid 16 (application processor) cpu2: Intel(R) Atom(TM) CPU C3558 @ 2.20GHz, 2200.01 MHz, 06-5f-01 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu2: 2MB 64b/line 16-way L2 cache cpu2: cannot disable silicon debug cpu2: smt 0, core 8, package 0 cpu3 at mainbus0: apid 24 (application processor) cpu3: Intel(R) Atom(TM) CPU C3558 @ 2.20GHz, 2200.01 MHz, 06-5f-01 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SMEP,ERMS,MPX,RDSEED,SMAP,CLFLUSHOPT,PT,SHA,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,SENSOR,ARAT,XSAVEOPT,XSAVEC,XGETBV1,XSAVES cpu3: 2MB 64b/line 16-way L2 cache cpu3: cannot disable silicon debug cpu3: smt 0, core 12, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 2399 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 6 (VRP0) acpiprt2 at acpi0: bus 2 (PEX0) acpiprt3 at acpi0: bus 1 (VRP2) acpiprt4 at acpi0: bus 7 (VRP1) acpiprt5 at acpi0: bus -1 (PEX1) acpiprt6 at acpi0: bus 3 (PEX6) acpiprt7 at acpi0: bus 4 (PEX7) acpiprt8 at acpi0: bus 5 (BR28) acpicpu0 at acpi0: C2(10@50 mwait.1@0x21), C1(1000@1 mwait.1@0x1), PSS acpicpu1 at acpi0: C2(10@50 mwait.1@0x21), C1(1000@1 mwait.1@0x1), PSS acpicpu2 at acpi0: C2(10@50 mwait.1@0x21), C1(1000@1 mwait.1@0x1), PSS acpicpu3 at acpi0: C2(10@50 mwait.1@0x21), C1(1000@1 mwait.1@0x1), PSS acpipci0 at acpi0 PCI0: 0x0010 0x0011 0x "PNP0003" at acpi0 not configured acpicmos0 at acpi0 "IPI0001" at acpi0 not configured "PNP0C33" at acpi0 not configured ipmi at mainbus0 not configured cpu0: E
OSPF seems to stops processing updates
We have been having a strange issue, whereby OSPF stops updating properly.
We can see an entry for an ip route in the database but it is not in the
kernel routing table, and when it is the DR, other routers then do not have
the route at all.
We are seeing this across multiple boxes. We have 10+ ospf speakers, and
seem to see the issue at different times.
The problem starts with:
ospfd[6960]: recv_db_description: neighbor ID x.x.x.x: seq num mismatch,
bad flags
ospfd[30114]: lsa_check: bad age
And these just then continue, until we restart ospfd, and the problem
appears to go away.
We are running some old routers on 5.8 and some new on 6.4. We appreciate
that we need to upgrade the 5.8 routers but we are keen to stabalise things
first.
Having looked at the source, we can see the line generating the message:
case NBR_STA_FULL:
if (dd_hdr.bits & OSPF_DBD_I ||
!(dd_hdr.bits & OSPF_DBD_MS) == !nbr->dd_master) {
log_warnx("recv_db_description: neighbor ID %s: "..
Could anyone explain the scenario in which this would be expected, so we
can see how to resolve the issue.
We run some of our routers under VMware, could some sort of OS pause cause
this?
Thanks
Richard
Re: OSPF seems to stops processing updates
Hi, Thanks everyone, we will update to start with and see how it goes from there. If the issues continue we will dump the ospf traffic. When we were looking at these issues I noticed when running ospfctl sh nei that we had two DR. I thought there could/should only be a single one. Any ideas on this, are there snearios where this is valid? We only run a single area. Thanks Richard On Mon, 13 Apr 2020, 14:39 Stuart Henderson, wrote: > On 2020-04-13, Claudio Jeker wrote: > > On Mon, Apr 13, 2020 at 02:08:31PM +0200, Remi Locherer wrote: > >> On Mon, Apr 13, 2020 at 12:05:10PM +0100, Richard Chivers wrote: > >> > On Mon, 13 Apr 2020, 10:18 Remi Locherer, > wrote: > >> > > > >> > > On Mon, Apr 13, 2020 at 08:38:31AM +0100, Richard Chivers wrote: > >> > > > We have been having a strange issue, whereby OSPF stops updating > >> > > properly. > >> > > > > >> > > > We can see an entry for an ip route in the database but it is not > in the > >> > > > kernel routing table, and when it is the DR, other routers then > do not > >> > > have > >> > > > the route at all. > >> > > > > >> > > > We are seeing this across multiple boxes. We have 10+ ospf > speakers, and > >> > > > seem to see the issue at different times. > >> > > > > >> > > > The problem starts with: > >> > > > > >> > > > ospfd[6960]: recv_db_description: neighbor ID x.x.x.x: seq num > mismatch, > >> > > > bad flags > >> > > > >> > > The neighbor sent a db desc with the master flag set differently > than what > >> > > this ospfd instance recorded before for that particular neighbor. > >> > > > >> > > See 2nd last item on page 100 of RFC 2328: > >> > > https://tools.ietf.org/html/rfc2328#page-100 > >> > > >> > > >> > Thanks, should the routers just recover then from this scenario even > if it > >> > was happening due to lost packets, CPU pause etc. > >> > >> I think so. But it may take quite a while. It might also be an bug in > ospfd > >> or in another implementation. > > On my 6.6/current boxes it seems to recover fairly quickly from this (30 > seconds or so). I've definitely seen it take a long time in the past > though. > > > Since this issues happen with 5.8 and 6.4 ospfd I would suggest to update > > to at least 6.6 (especially the 5.8). IIRC there was some issue with > ospfd > > neighbor selection that caused troubles when sessions flapped. This was > > fixed some time ago but I doubt 5.8 has that fix in. > > That one was fixed in 6.3. > > If you also run bgpd then be aware there are crashes with the version in > 6.6 release - fixed in syspatches (and of course in snapshots), but one > of the crashes is at startup with some configurations and it's hard to > run syspatch if you have no routing ;) so either be ready to cope with > that in case you run into it (e.g. pre-download the syspatch directory > and make sure you have console access), or consider skipping 6.6 (go > straight to a -current snapshot). > > >
MultiPath / ADD_PATH for bgpd
Hi, Just wondering if anyone can help. I saw back in late 2018 that there were some initial plans for ADD_PATH and Multipath in bgpd, it was in a list on a slide right after the portable version. https://youtu.be/4gOoPxGKKjA?t=1500 Does anyone know if there are still plans in this area, or if there has been any progress, we are really interested to explore using this in a project we are working on, and just keen to understand if it may be coming? Thanks Richard
BGPD announce deprecation query
Hi,
Just been building a copy of our production system in vagrant to test
upgrading to the latest version, in order to resolve an issue we were
having.
In our current config we have:
group "core" {
local-address $localaddr
remote-as xx
announce all
neighbor x.x.x.x {
descr "router-a"
}
neighbor x.x.x.x {
descr "router-b"
}
}
>From the upgrade guide it says: In OpenBSD 6.4, the announce keyword was
deprecated in bgpd.conf(5). It has now been removed and must be replaced
with export.
We also have another group with announce none
Is it fair to suggest that removing the announce all will be the same as
not having it in >= 6.4, and that we replace announce none with export none.
Probably a stupid question, but I only touch BGP occasionally, and was just
hoping to understand in more detail.
The group core is our own internal bgp speakers, each of these also have
transit connections too.
All our config is templated using ansible, so we can easily adjust the
config based on the actual version.
Probably worth saying we are running on 6.6 with patches applied, in the
test environment.
Thanks
Richard
Ospfd default route query
Hi, Hope someone can help, I am having a strange issue and can't seem to isolate the problem. We have "redistribute default" set globally on our bgp/ibgp speakers in the ospfd.conf. The bsd boxes are all 6.6. These routers are connected via ibgp to some other routers and have external bgp sessions taking at present a couple of basic network announcements from their egbp peers. e.g. 2.2.2.0/24 ( we have faked our transit provider) Connected to these routers we have a pair of firewalls, which previously received a default route from the bgp/ibgp speakers. I am trying to understand exactly what the redistribute default in the ospfd.conf does. I assume it is saying if i have a static default route or another default route from an upstream then tell other routers about it? Or is it saying tell others to use me as a default route. I can't seem to find anything specific in the docs to clarify this, and would like to understand it clearly if pos. In our case our previous configuration on 5.8 and this configuration has a static route on the bgp speakers of 0.0.0.0/24 -> 127.0.0.1. If I do a ospfctl sh rib or ospfctl sh data on the firewalls i just don't see any default route being provided by the bgp speakers. Hope this makes sense. I am sure I am missing something obvious... Effectively I want the bgp speakers to announce themselves as the default route for their neighbor firewalls over ospf. Thanks
Re: Ospfd default route query
Not sure how I missed the clear information in the man page... "If set to default, a default route pointing to this router will be announced over OSPF" It seems I am just having an issue and it should work as I expected. I will do some more diagnosis in the morning... On Sun, 26 Apr 2020, 17:09 Richard Chivers, wrote: > Hi, > > Hope someone can help, I am having a strange issue and can't seem to > isolate the problem. > > We have "redistribute default" set globally on our bgp/ibgp speakers > in the ospfd.conf. The bsd boxes are all 6.6. > > These routers are connected via ibgp to some other routers and have > external bgp sessions taking at present a couple of basic network > announcements from their egbp peers. e.g. 2.2.2.0/24 ( we have faked our > transit provider) > > Connected to these routers we have a pair of firewalls, which previously > received a default route from the bgp/ibgp speakers. > > I am trying to understand exactly what the redistribute default in the > ospfd.conf does. I assume it is saying if i have a static default route or > another default route from an upstream then tell other routers about it? Or > is it saying tell others to use me as a default route. I can't seem to find > anything specific in the docs to clarify this, and would like to understand > it clearly if pos. > > In our case our previous configuration on 5.8 and this configuration has a > static route on the bgp speakers of 0.0.0.0/24 -> 127.0.0.1. > > If I do a ospfctl sh rib or ospfctl sh data on the firewalls i just don't > see any default route being provided by the bgp speakers. > > Hope this makes sense. I am sure I am missing something obvious... > > Effectively I want the bgp speakers to announce themselves as the default > route for their neighbor firewalls over ospf. > > Thanks >
Re: Ospfd default route query
Hi, That makes a lot of sense thanks, and appears to have solved the problem, we had a route added through our loopback interface in production" "!/sbin/route add -reject default 127.0.0.1" Is that the best/general practise in general? Cheers Richard On Mon, Apr 27, 2020 at 8:25 AM Claudio Jeker wrote: > On Sun, Apr 26, 2020 at 08:44:42PM +0100, Richard Chivers wrote: > > Not sure how I missed the clear information in the man page... > > > > "If set to default, a default route pointing to this router will be > > announced over OSPF" > > > > It seems I am just having an issue and it should work as I expected. > > > > I will do some more diagnosis in the morning... > > > > I think the man page is not optimal here. ospfd(8) and ospf6d(8) will only > redistribute networks that are in the FIB. So in case of redistribute > default the router needs to have a default route 0/0 or ::/0 in the > routing table. Also that route's priority needs to be less than 32 > to be picked up. > > This is different from bgpd where the network statements and export > default-route statement work even if there is no matching route in the > FIB. > > > On Sun, 26 Apr 2020, 17:09 Richard Chivers, > wrote: > > > > > Hi, > > > > > > Hope someone can help, I am having a strange issue and can't seem to > > > isolate the problem. > > > > > > We have "redistribute default" set globally on our bgp/ibgp speakers > > > in the ospfd.conf. The bsd boxes are all 6.6. > > > > > > These routers are connected via ibgp to some other routers and have > > > external bgp sessions taking at present a couple of basic network > > > announcements from their egbp peers. e.g. 2.2.2.0/24 ( we have faked > our > > > transit provider) > > > > > > Connected to these routers we have a pair of firewalls, which > previously > > > received a default route from the bgp/ibgp speakers. > > > > > > I am trying to understand exactly what the redistribute default in the > > > ospfd.conf does. I assume it is saying if i have a static default > route or > > > another default route from an upstream then tell other routers about > it? Or > > > is it saying tell others to use me as a default route. I can't seem to > find > > > anything specific in the docs to clarify this, and would like to > understand > > > it clearly if pos. > > > > > > In our case our previous configuration on 5.8 and this configuration > has a > > > static route on the bgp speakers of 0.0.0.0/24 -> 127.0.0.1. > > > > > > If I do a ospfctl sh rib or ospfctl sh data on the firewalls i just > don't > > > see any default route being provided by the bgp speakers. > > > > > > Hope this makes sense. I am sure I am missing something obvious... > > > > > > Effectively I want the bgp speakers to announce themselves as the > default > > > route for their neighbor firewalls over ospf. > > > > > > Thanks > > > > > -- > :wq Claudio >
OSPF lsa_check issue
Hi, Following on from the OSPF issue we were seeing in 5.8, we have built a vagrant lab with a complete replica of our production network in order to test config against 6.6 (latest syspatch applied) and test a number of scenarios. All in all everything has gone well, and other than some minor config enhancements, everything is fundamentally working. The original issue we had was routes not being advertised beyond the DR, when there were situations like a network blip or restart of the ospf process on another router/firewall. Since moving to 6.6 we have been able to recreate the same situation we have had in production, we do this by doing a "rcctl restart ospfd" on the DR, typically a few times. Eventually other routers start logging as follows: May 4 15:44:19 va-l1-tun ospfd[75371]: lsa_check: bad age May 4 15:44:19 va-l1-tun ospfd[75371]: lsa_check: bad age May 4 15:44:24 va-l1-br-02 ospfd[27625]: lsa_check: bad age May 4 15:44:24 va-l1-br-02 ospfd[27625]: lsa_check: bad age May 4 15:44:24 1 va-l1-tun ospfd[75371]: lsa_check: bad age If we run a tcpdump using tcpdump -i vio0 -s 1500 -w /tmp/ospf.pcap proto ospf, we can then see the ospf hello packets fully in wireshark, but the LS update packets are fragmented so we can not see the full detail or what is being passed from the relevant neighbor. We have tried to increase the verbosity of logging using "ospfctl log verbose", but still we are unsure which lsa update is incorrect. The only way we have found to stop these logs from appearing is to "rcctl restart ospfd" on various boxes until it stops. What we are hoping for help with is diagnosing exactly which record has the lsa_check: bad age, and understanding whether this should in effect clear itself for example. We have looked at the source code, but do not fully understand the flow beyond the check itself in lsa_check. We are wondering if there is something fundamentally wrong with our config, but it is pretty simple. Effectively a set of connected routers in a single area with one of the hops having a backup across the internet with a GRE tunnel. At most we are only ever 3 hops away between a source and destination. We have also on occasion seen "seq num mismatch, bad flags" messages, but these have appeared to clear themselves. Thanks
Re: OSPF lsa_check issue
After some more work this morning we have managed to extract the
information from tcpdump of the full LS-Update packet, we couldn't see it
on bsd, but running:
tcpdump -v -r ~/Downloads/ospf.pcap on osx did the trick.
What we are seeing is that a pair of firewalls are both sending updates
like this:
07:16:09.346525 IP (tos 0xc0, ttl 1, id 47473, offset 0, flags [+], proto
OSPF (89), length 1500)
x.x.x.x > ospf-dsig.mcast.net: OSPFv2, LS-Update, length 1480 [len 1672]
Router-ID x.x.x.x, Backbone Area, Authentication Type: simple (1)
Simple text password: dslkfjld, 1 LSA
LSA #1
Advertising Router x.x.x.x, seq 0x806e, age 0s, length 1624
Router LSA (1), LSA-ID: x.x.x.x
Options: [External]
Router LSA Options: [ASBR]
Stub Network: 10.128.32.128, Mask: 255.255.255.128
topology default (0), metric 10
Stub Network: 10.128.9.0, Mask: 255.255.255.128
*{ another 50 or so networks here}*
Each time we get one of these updates the DR logs the lsa_check: bad age.
Another 5 or so seconds later the same LS-Update comes in with the same seq
number. This appears to continue indefinitely. Our only fix appears to be
restarting ospfd on the routers.
Does anyone have an idea what is going wrong here?
Something we have considered being a problem is that we do have many
interfaces, we have 90 or so, so the LS-Update packets are quite large and
do get fragmented, as we are using a 1500mtu.
The fact that ospfd sees the age and complains though makes us think this
is not a problem.
Cheers
Richard
On Mon, May 4, 2020 at 6:12 PM Richard Chivers
wrote:
> Hi,
>
> Following on from the OSPF issue we were seeing in 5.8, we have built a
> vagrant lab with a complete replica of our production network in order to
> test config against 6.6 (latest syspatch applied) and test a number of
> scenarios.
>
> All in all everything has gone well, and other than some minor config
> enhancements, everything is fundamentally working.
>
> The original issue we had was routes not being advertised beyond the DR,
> when there were situations like a network blip or restart of the ospf
> process on another router/firewall.
>
> Since moving to 6.6 we have been able to recreate the same situation we
> have had in production, we do this by doing a "rcctl restart ospfd" on the
> DR, typically a few times.
>
> Eventually other routers start logging as follows:
>
> May 4 15:44:19 va-l1-tun ospfd[75371]: lsa_check: bad age
> May 4 15:44:19 va-l1-tun ospfd[75371]: lsa_check: bad age
> May 4 15:44:24 va-l1-br-02 ospfd[27625]: lsa_check: bad age
> May 4 15:44:24 va-l1-br-02 ospfd[27625]: lsa_check: bad age
> May 4 15:44:24 1 va-l1-tun ospfd[75371]: lsa_check: bad age
>
> If we run a tcpdump using tcpdump -i vio0 -s 1500 -w /tmp/ospf.pcap proto
> ospf, we can then see the ospf hello packets fully in wireshark, but the LS
> update packets are fragmented so we can not see the full detail or what is
> being passed from the relevant neighbor.
>
> We have tried to increase the verbosity of logging using "ospfctl log
> verbose", but still we are unsure which lsa update is incorrect.
>
> The only way we have found to stop these logs from appearing is to "rcctl
> restart ospfd" on various boxes until it stops.
>
> What we are hoping for help with is diagnosing exactly which record has
> the lsa_check: bad age, and understanding whether this should in effect
> clear itself for example.
>
> We have looked at the source code, but do not fully understand the flow
> beyond the check itself in lsa_check.
>
> We are wondering if there is something fundamentally wrong with our
> config, but it is pretty simple. Effectively a set of connected routers in
> a single area with one of the hops having a backup across the internet with
> a GRE tunnel. At most we are only ever 3 hops away between a source and
> destination.
>
> We have also on occasion seen "seq num mismatch, bad flags" messages, but
> these have appeared to clear themselves.
>
> Thanks
>
Re: OSPF lsa_check issue
Hi,
We have sent the pcap directly for the raw packets.
In terms of the above change, we haven't compiled ospf previously, we will
give it a go and see how we get on.
Are we ok to clone off the github mirror?
Cheers
Richard
On Tue, May 5, 2020 at 10:22 AM Claudio Jeker
wrote:
> On Tue, May 05, 2020 at 10:51:40AM +0200, Claudio Jeker wrote:
> > On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote:
> > > After some more work this morning we have managed to extract the
> > > information from tcpdump of the full LS-Update packet, we couldn't see
> it
> > > on bsd, but running:
> > >
> > > tcpdump -v -r ~/Downloads/ospf.pcap on osx did the trick.
> > >
> > > What we are seeing is that a pair of firewalls are both sending updates
> > > like this:
> > >
> > > 07:16:09.346525 IP (tos 0xc0, ttl 1, id 47473, offset 0, flags [+],
> proto
> > > OSPF (89), length 1500)
> > > x.x.x.x > ospf-dsig.mcast.net: OSPFv2, LS-Update, length 1480
> [len 1672]
> > > Router-ID x.x.x.x, Backbone Area, Authentication Type: simple (1)
> > > Simple text password: dslkfjld, 1 LSA
> > > LSA #1
> > > Advertising Router x.x.x.x, seq 0x806e, age 0s, length 1624
> > >Router LSA (1), LSA-ID: x.x.x.x
> > >Options: [External]
> > >Router LSA Options: [ASBR]
> > > Stub Network: 10.128.32.128, Mask: 255.255.255.128
> > > topology default (0), metric 10
> > > Stub Network: 10.128.9.0, Mask: 255.255.255.128
> > > *{ another 50 or so networks here}*
> > >
> > > Each time we get one of these updates the DR logs the lsa_check: bad
> age.
> > >
> > > Another 5 or so seconds later the same LS-Update comes in with the
> same seq
> > > number. This appears to continue indefinitely. Our only fix appears to
> be
> > > restarting ospfd on the routers.
> > >
> > > Does anyone have an idea what is going wrong here?
> > >
> > > Something we have considered being a problem is that we do have many
> > > interfaces, we have 90 or so, so the LS-Update packets are quite large
> and
> > > do get fragmented, as we are using a 1500mtu.
> > >
> > > The fact that ospfd sees the age and complains though makes us think
> this
> > > is not a problem.
> > >
> >
> > Looking at the tcpdump output there is something strange with the various
> > reported length fields. Is it possible to get the raw packet dumps?
> >
>
> Can you try the following diff and see if it fixes the issue?
>
> --
> :wq Claudio
>
> Index: lsupdate.c
> ===
> RCS file: /cvs/src/usr.sbin/ospfd/lsupdate.c,v
> retrieving revision 1.47
> diff -u -p -r1.47 lsupdate.c
> --- lsupdate.c 19 Nov 2019 09:55:55 - 1.47
> +++ lsupdate.c 5 May 2020 09:20:50 -
> @@ -186,7 +186,7 @@ add_ls_update(struct ibuf *buf, struct i
> return (0);
> }
>
> - lsage = ibuf_reserve(buf, 0);
> + lsage = ibuf_reserve(buf, len);
> if (ibuf_add(buf, data, len)) {
> log_warn("add_ls_update");
> return (0);
>
Re: OSPF lsa_check issue
Hi,
Some progress has been made, we can now replicate this consistently and it
appears that whenever a LS update exceeds the mtu (1500) we get this issue
of lsa_check bad age.
When running with the diff Claudio sent we start getting a bunch of errors
complaining about:
recv_ls_update: bad packet size, neighbor ID x.x.x.x
lsa_check: bad packet size
We don't ever move to a state of FULL/DR or similar.
Does anyone have any suggestions? We are just starting to look at the wider
code to see if we can comprehend what may be occurring, but it will
likely be a steep learning curve :)
Thanks
Richard
On Tue, May 5, 2020 at 1:04 PM Richard Chivers
wrote:
> Hi,
>
> We have sent the pcap directly for the raw packets.
>
> In terms of the above change, we haven't compiled ospf previously, we will
> give it a go and see how we get on.
>
> Are we ok to clone off the github mirror?
>
> Cheers
>
> Richard
>
> On Tue, May 5, 2020 at 10:22 AM Claudio Jeker
> wrote:
>
>> On Tue, May 05, 2020 at 10:51:40AM +0200, Claudio Jeker wrote:
>> > On Tue, May 05, 2020 at 09:07:34AM +0100, Richard Chivers wrote:
>> > > After some more work this morning we have managed to extract the
>> > > information from tcpdump of the full LS-Update packet, we couldn't
>> see it
>> > > on bsd, but running:
>> > >
>> > > tcpdump -v -r ~/Downloads/ospf.pcap on osx did the trick.
>> > >
>> > > What we are seeing is that a pair of firewalls are both sending
>> updates
>> > > like this:
>> > >
>> > > 07:16:09.346525 IP (tos 0xc0, ttl 1, id 47473, offset 0, flags [+],
>> proto
>> > > OSPF (89), length 1500)
>> > > x.x.x.x > ospf-dsig.mcast.net: OSPFv2, LS-Update, length 1480
>> [len 1672]
>> > > Router-ID x.x.x.x, Backbone Area, Authentication Type: simple (1)
>> > > Simple text password: dslkfjld, 1 LSA
>> > > LSA #1
>> > > Advertising Router x.x.x.x, seq 0x806e, age 0s, length 1624
>> > >Router LSA (1), LSA-ID: x.x.x.x
>> > >Options: [External]
>> > >Router LSA Options: [ASBR]
>> > > Stub Network: 10.128.32.128, Mask: 255.255.255.128
>> > > topology default (0), metric 10
>> > > Stub Network: 10.128.9.0, Mask: 255.255.255.128
>> > > *{ another 50 or so networks here}*
>> > >
>> > > Each time we get one of these updates the DR logs the lsa_check: bad
>> age.
>> > >
>> > > Another 5 or so seconds later the same LS-Update comes in with the
>> same seq
>> > > number. This appears to continue indefinitely. Our only fix appears
>> to be
>> > > restarting ospfd on the routers.
>> > >
>> > > Does anyone have an idea what is going wrong here?
>> > >
>> > > Something we have considered being a problem is that we do have many
>> > > interfaces, we have 90 or so, so the LS-Update packets are quite
>> large and
>> > > do get fragmented, as we are using a 1500mtu.
>> > >
>> > > The fact that ospfd sees the age and complains though makes us think
>> this
>> > > is not a problem.
>> > >
>> >
>> > Looking at the tcpdump output there is something strange with the
>> various
>> > reported length fields. Is it possible to get the raw packet dumps?
>> >
>>
>> Can you try the following diff and see if it fixes the issue?
>>
>> --
>> :wq Claudio
>>
>> Index: lsupdate.c
>> ===
>> RCS file: /cvs/src/usr.sbin/ospfd/lsupdate.c,v
>> retrieving revision 1.47
>> diff -u -p -r1.47 lsupdate.c
>> --- lsupdate.c 19 Nov 2019 09:55:55 - 1.47
>> +++ lsupdate.c 5 May 2020 09:20:50 -
>> @@ -186,7 +186,7 @@ add_ls_update(struct ibuf *buf, struct i
>> return (0);
>> }
>>
>> - lsage = ibuf_reserve(buf, 0);
>> + lsage = ibuf_reserve(buf, len);
>> if (ibuf_add(buf, data, len)) {
>> log_warn("add_ls_update");
>> return (0);
>>
>
Re: OSPF lsa_check issue
Hi,
Thanks so much for the diff, it appears to have resolved the issue.
We are now trying to establish whether we need the fix widely deployed or
only on the box that originates with the large LSA updates, pushing it over
the 1500mtu.
We are going to run some tests, but our expectation is that when the DR
sends the message from the originating router on to its neighbors that they
will then see the same issue.
Out of interest is there any way of just announcing a single network.
In this particular case the large LS-Update is caused because we have many
interfaces, but these are all carp so will failover in one hit anyway. We
have allocated 10.128.0.0/16 to this firewall so there are many networks,
but anything in our network with a destination of 10.128.0.0/16 can end up
here.
We tried something like *redistribute 10.128.0.0/16 <http://10.128.0.0/16>
depend on carp0*, but what that appears to do is limit advertisements to
the subnets that fall within that range, so we still have a very large LSA
update anyway.
Just wondering if there was any workaround, as it would just simplify
processing etc.
It is probably a non issue anyway now, with the fix, but just interested if
anyone has done anything similar.
Regards
Richard
On Wed, May 6, 2020 at 9:52 AM Claudio Jeker
wrote:
> On Wed, May 06, 2020 at 09:33:11AM +0100, Richard Chivers wrote:
> > Hi,
> >
> > Some progress has been made, we can now replicate this consistently and
> it
> > appears that whenever a LS update exceeds the mtu (1500) we get this
> issue
> > of lsa_check bad age.
> >
> > When running with the diff Claudio sent we start getting a bunch of
> errors
> > complaining about:
> >
> > recv_ls_update: bad packet size, neighbor ID x.x.x.x
> > lsa_check: bad packet size
> >
> > We don't ever move to a state of FULL/DR or similar.
> >
> > Does anyone have any suggestions? We are just starting to look at the
> wider
> > code to see if we can comprehend what may be occurring, but it will
> > likely be a steep learning curve :)
> >
>
> Just realized that my diff was wrong since ibuf_reserve() would change the
> write position of the buffer and so you end up with some empty space in
> the buffer.
>
> Here is a better diff. This is using ibuf_size to get the current write
> position and then ibuf_seek() to write the age back into the right spot.
> Using the position instead of the pointer has the benefit that a realloc()
> in ibuf_add() will not result in the stale pointer to lsage that the
> current code has.
>
> I have currently no ospf setup so my testing is limited.
> --
> :wq Claudio
>
> Index: lsupdate.c
> ===
> RCS file: /cvs/src/usr.sbin/ospfd/lsupdate.c,v
> retrieving revision 1.47
> diff -u -p -r1.47 lsupdate.c
> --- lsupdate.c 19 Nov 2019 09:55:55 - 1.47
> +++ lsupdate.c 6 May 2020 08:48:19 -
> @@ -175,8 +175,8 @@ int
> add_ls_update(struct ibuf *buf, struct iface *iface, void *data,
> u_int16_t len,
> u_int16_t older)
> {
> - void*lsage;
> - u_int16_tage;
> + size_t ageoff;
> + u_int16_t age;
>
> if ((size_t)iface->mtu < sizeof(struct ip) + sizeof(struct
> ospf_hdr) +
> sizeof(u_int32_t) + ibuf_size(buf) + len + MD5_DIGEST_LENGTH) {
> @@ -186,7 +186,7 @@ add_ls_update(struct ibuf *buf, struct i
> return (0);
> }
>
> - lsage = ibuf_reserve(buf, 0);
> + ageoff = ibuf_size(buf);
> if (ibuf_add(buf, data, len)) {
> log_warn("add_ls_update");
> return (0);
> @@ -198,7 +198,7 @@ add_ls_update(struct ibuf *buf, struct i
> if ((age += older + iface->transmit_delay) >= MAX_AGE)
> age = MAX_AGE;
> age = htons(age);
> - memcpy(lsage, &age, sizeof(age));
> + memcpy(ibuf_seek(buf, ageoff, sizeof(age)), &age, sizeof(age));
>
> return (1);
> }
>
How do I set up a Wi-Fi access point (using APU2)?
Hi,
I got myself an APU2E2 and am trying to set it up as a router. To learn
how to do this I'm mostly following the "Building a Router" FAQ [1]. For
simplicity's sake I'm only using em0 and athn0. This is my setup:
.---.
.--. .. | APU2| ))) client1
| Internet | <--> | ISP-Router | <--> | em0 athn0 | ))) client2
`--' `' `---'
I want the clients, that are connected to athn0 to be able to access the
internet, but it doesn't work. What works is this:
1. I can connect my laptop to athn0, ping the IP of athn0 and even the
IP of em0. Pinging the ISP-Router doesn't work.
2. If I connect my laptop to the ISP-Router, I can ping em0.
3. When I am on the router (via ssh or COM-Port) I can ping em0, athn0
the ISP-Router, openbsd.org, ...
So what I can't figure out is why I can't ping the ISP-Router and
servers on the internet, when I'm connected to athn0. My APU2 setup is:
$ sysctl net.inet.ip.forwarding
net.inet.ip.forwarding=1
$ cat /etc/mygate
# This is the ISP-Router:
192.168.178.1
$ cat /etc/hostname.em0
inet 192.168.178.2 255.255.255.0 192.168.178.255
up
$ cat /etc/hostname.athn0
media autoselect mode 11n mediaopt hostap chan 36
nwid wpakey
inet 192.168.3.1 255.255.255.0
$ cat /etc/pf.conf
pass in log (all)
$ cat /etc/rc.conf.local
dhcpd_flags=athn0
$ cat /etc/dhcpd.conf
subnet 192.168.3.0 netmask 255.255.255.0 {
option routers 192.168.3.1;
option domain-name-servers 192.168.178.1;
range 192.168.3.20 192.168.3.100;
}
I'm an absolute noob when it comes to network configuration, so the
problem is probably something really stupid, but I can't figure it out.
I'll appreciate any hint!
Greetings,
Richard Ulmer
[1] https://www.openbsd.org/faq/pf/example1.html
Re: How do I set up a Wi-Fi access point (using APU2)?
infoomatic wrote: > it seems you skipped the firewall part of the document you were > referring, you need NAT connections. Indeed I did, because I thought if I said `pass in log (all)`, all traffic would be allowed to pass. It seems like I have a lot to learn... With this pf.conf I can reach the internet: $ cat /etc/pf.conf match in all scrub (no-df random-id max-mss 1440) match out on egress inet from !(egress:network) to any nat-to (egress:0) pass out quick inet Thank you for taking the time to bother with my noobish question!
Re: athn on APU2
> None of the clients gets more than cca 1.5MB/s from that, alone. > Is that to be expected with 11g? (Not that I expect the 54 Mbit/s) I faced the same problem with my new APU2 just yesterday and found more info here: https://marc.info/?l=openbsd-misc&m=158680303103003&w=2 It seems like 11a is really much better than 11g on athn right now. I'm getting ca. 16-20Mbit/s now (but the bottleneck might be the iwm driver on my laptop). On a side note: I thought channel 1 was a 2.4GHz channel [1]. I'm surprised it works for you. I'm using something like 36, 100 or 128 on my APU2. [1] https://en.wikipedia.org/wiki/List_of_WLAN_channels
ls -R bug?
Hi, Output of ls -R between OpenBSD and GNU coreutils seems to differ, OpenBSD ls -R will apparently list "hidden" directories like .git, whereas GNU coreutils will not, is this expected behaviour or a bug? Thanks, Richard
Re: ls -R bug?
On Sat, Jul 04, 2020 at 02:16:29PM -0600, Todd C. Miller wrote: > On Sat, 04 Jul 2020 20:59:08 +0200, Richard Ipsum wrote: > > > Output of ls -R between OpenBSD and GNU coreutils seems to differ, > > OpenBSD ls -R will apparently list "hidden" directories like .git, > > whereas GNU coreutils will not, is this expected behaviour or a bug? > > I think this is actually a bug. Historic behavior is to not descend > into directories that begin with a '.'. Our existing ls code looks > like it is written to support that behavior but is missing one > thing. Hi Todd, Thanks for the explanation! Richard
Re: Firefox and mail attachments
On Sat, 22 Aug 2020 at 4:45 AM, djraymondnm wrote: > I notice that in firefox, when trying to add an attachment in gmail that > the menu of available files to attach is basically empty. Is this a feature > or a bug? I suspect it has to do with pledge/unvail. If so, how do you deal > with attachments? You can only use the user’s Downloads directory. Copy files in there first and then you can attach them. I couldn't find any documentation on this, though I vaguely remember a misc > post on the subject. > > > > Dave Raymond > > > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > >
install of 6.7 failed on acer Swift
Hello all: I tried to install OpenBSD 6.7 on my acer Swift SF113 with amd64, 4GB RAM, 64GB HD. I downloaded the image from openbsd.org and used Rawrite under Win 10 to create a bootable USB key, then used Advanced startup options > Restart now ... Use EFI USB device. After about a minute of black screen I got a "Security boot fail: message with icon. I tried to boot from an older version (6.3), but then I got a blue screen with an old-style ASCII double-bordered box saying "This machine has no UEFI boot options.." Any ideas about what I am doing wrong? -- rick dot darwin at gmail dot com --Charles Darwin? He was my grandfather. Oh, *that* Charles. We share a common ancestor.
OpenBSD fakeroot
Hi, I needed fakeroot for some tests I'm writing, but it seemed to be Linux only and looked like it would be hard to port. So I've written a fakeroot clone for OpenBSD, it's not complete but it does enough to be useful to me personally, if anyone's interested the code is here: https://git.vx21.xyz/sfakeroot/ Since OpenBSD's coreutils are statically linked and it needs LD_PRELOAD to work you'll probably want to use it with sbase[1] to be able to do anything useful. Thanks, Richard [1]: https://git.suckless.org/sbase/
Re: OpenBSD fakeroot
Hi, Sorry I'm not sure I understand, but anyway as far as I know you have to be root already to use chroot, and the main goal of fakeroot is to avoid having to become root when you don't really need to. So fakeroot just gives the appearances of being root without actually running anything as root. Thanks, Richard On Sat, Oct 03, 2020 at 12:30:30PM +0100, Tom Smyth wrote: > Hi Richard, > pardon my ignorance but would chroot with a copy of the / and sub > directories, do the same thing ? > > thanks > > On Sat, 3 Oct 2020 at 12:30, Richard Ipsum wrote: > > > > Hi, > > > > I needed fakeroot for some tests I'm writing, but it seemed to be Linux > > only and looked like it would be hard to port. > > > > So I've written a fakeroot clone for OpenBSD, it's not complete but it > > does enough to be useful to me personally, if anyone's interested the > > code is here: https://git.vx21.xyz/sfakeroot/ > > > > Since OpenBSD's coreutils are statically linked and it needs LD_PRELOAD > > to work you'll probably want to use it with sbase[1] to be able to do > > anything useful. > > > > Thanks, > > Richard > > > > [1]: https://git.suckless.org/sbase/ > > > > > -- > Kindest regards, > Tom Smyth.
Re: OpenBSD fakeroot
On Sat, Oct 03, 2020 at 02:21:45PM +0200, Ingo Schwarze wrote: > Hi Richard, Hi Ingo, > > Richard Ipsum wrote on Sat, Oct 03, 2020 at 01:14:07PM +0200: > > > I needed fakeroot for some tests I'm writing, > > You are not really explaining what it is that you actually > want to do... > > So i'm guessing a bit: > > https://manpages.debian.org/buster/fakeroot/fakeroot.1.en.html > > says: > > fakeroot runs a command in an environment wherein it appears to > have root privileges for file manipulation. This is useful for > allowing users to create archives (tar, ar, .deb etc.) with files > in them with root permissions/ownership. Yeah that's exactly what sfakeroot does. Like I say I looked into porting fakeroot, but it was way too complicated for me to be honest. > > If that is what you need, then the OpenBSD facility serving the > same purpuse is documented here: > > https://man.openbsd.org/mount.8#noperm > > Yours, > Ingo Someone told me about that, but I couldn't see how to use it without already being root (in order to mount an fs with noperm). Maybe I missed something though? Thanks, Richard
Re: ping time fluctuates, any idea?
Hello, > On 9/09/2019, at 8:45 PM, Jihyun Yu wrote: > > It seems that time from ping command fluctuates. Here's a output from ping > command. > [...snip ping with negative rtt...] This is symptomatic of unsynchronized time stamp counters (TSC). I would expect that setting: # sysctl kern.timecounter.hardware=acpihpet0 would fix your ping results, and probably improve your ntpd(8) performance, too. There has been some work in this area on -current. best, Richard. PS. Please make sure to include a complete dmesg next time - half a dmesg is like half a photograph! > 00=2828 01=a1a1 02=f7f7 03=2020 04=d9d9 05=5b5b 06=0b0b 07=3030 > isa0 at pcib0 > isadma0 at isa0 > com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo > pckbc0 at isa0 port 0x60/5 irq 1 irq 12 > pckbd0 at pckbc0 (kbd slot) > wskbd0 at pckbd0: console keyboard, using wsdisplay0 > pcppi0 at isa0 port 0x61 > spkr0 at pcppi0 > wbsio0 at isa0 port 0x2e/2: NCT6776F rev 0x33 > lm1 at wbsio0 port 0x290/8: NCT6776F > pci13 at mainbus0 bus 255 > "Intel E5 QPI Link" rev 0x07 at pci13 dev 8 function 0 not configured > vendor "Intel", unknown product 0x3c83 (class system subclass > miscellaneous, rev 0x07) at pci13 dev 8 function 3 not configured > vendor "Intel", unknown product 0x3c84 (class system subclass > miscellaneous, rev 0x07) at pci13 dev 8 function 4 not configured > "Intel E5 QPI Link" rev 0x07 at pci13 dev 9 function 0 not configured > vendor "Intel", unknown product 0x3c93 (class system subclass > miscellaneous, rev 0x07) at pci13 dev 9 function 3 not configured > vendor "Intel", unknown product 0x3c94 (class system subclass > miscellaneous, rev 0x07) at pci13 dev 9 function 4 not configured > "Intel E5 PCU" rev 0x07 at pci13 dev 10 function 0 not configured > "Intel E5 PCU" rev 0x07 at pci13 dev 10 function 1 not configured > "Intel E5 PCU" rev 0x07 at pci13 dev 10 function 2 not configured > "Intel E5 PCU" rev 0x07 at pci13 dev 10 function 3 not configured > "Intel E5 Scratch" rev 0x07 at pci13 dev 11 function 0 not configured > "Intel E5 Scratch" rev 0x07 at pci13 dev 11 function 3 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 12 function 0 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 12 function 1 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 12 function 2 not configured > "Intel E5 SAD" rev 0x07 at pci13 dev 12 function 6 not configured > "Intel E5 SAD" rev 0x07 at pci13 dev 12 function 7 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 13 function 0 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 13 function 1 not configured > "Intel E5 Unicast" rev 0x07 at pci13 dev 13 function 2 not configured > "Intel E5 Broadcast" rev 0x07 at pci13 dev 13 function 6 not configured > "Intel E5 Home Agent" rev 0x07 at pci13 dev 14 function 0 not configured > "Intel E5 Home Agent" rev 0x07 at pci13 dev 14 function 1 not configured > "Intel E5 TA" rev 0x07 at pci13 dev 15 function 0 not configured > "Intel E5 RAS" rev 0x07 at pci13 dev 15 function 1 not configured > "Intel E5 TAD" rev 0x07 at pci13 dev 15 function 2 not configured > "Intel E5 TAD" rev 0x07 at pci13 dev 15 function 3 not configured > "Intel E5 TAD" rev 0x07 at pci13 dev 15 function 4 not configured > "Intel E5 TAD" rev 0x07 at pci13 dev 15 function 5 not configured > "Intel E5 TAD" rev 0x07 at pci13 dev 15 function 6 not configured > "Intel E5 Thermal" rev 0x07 at pci13 dev 16 function 0 not configured > "Intel E5 Thermal" rev 0x07 at pci13 dev 16 function 1 not configured > "Intel E5 Error" rev 0x07 at pci13 dev 16 function 2 not configured > "Intel E5 Error" rev 0x07 at pci13 dev 16 function 3 not configured > "Intel E5 Thermal" rev 0x07 at pci13 dev 16 function 4 not configured > "Intel E5 Thermal" rev 0x07 at pci13 dev 16 function 5 not configured > "Intel E5 Error" rev 0x07 at pci13 dev 16 function 6 not configured > "Intel E5 Error" rev 0x07 at pci13 dev 16 function 7 not configured > "Intel E5 DDRIO" rev 0x07 at pci13 dev 17 function 0 not configured > "Intel E5 R2PCIE" rev 0x07 at pci13 dev 19 function 0 not configured > "Intel E5 PCIE Monitor" rev 0x07 at pci13 dev 19 function 1 not configured > "Intel E5 QPI" rev 0x07 at pci13 dev 19 function 4 not configured > "Intel E5 QPI Link Monitor" rev 0x07 at pci13 dev 19 function 5 not > configured > "Intel E5 QPI Link Monitor" rev 0x07 at pci13 dev 19 function 6 not > configured > vmm0 at mainbus0: VMX/EPT > uhub4 at uhub0 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" > rev 2.00/0.00 addr 2 > uhub5 at uhub3 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" > rev 2.00/0.00 addr 2 > vscsi0 at root > scsibus4 at vscsi0: 256 targets > softraid0 at root > scsibus5 at softraid0: 256 targets > root on sd0a (74fd07b06a4f30a1.a) swap on sd0b dump on sd0b > > > Thanks, > Jihyun Yu
Small typo in upgrade66.html
Hi, Thanks for 6.6. And sysupgrade. Read the 6.6 upgrade notes at http://www.openbsd.org/faq/upgrade66.html and there's a small typo near the top. "Before rebooting into the install kernel Check diskspace of /usr. Verify that the /usr partition has a size of at least 1.1G. With less space the upgrade may fail and you should consider to reinstall the system instead." I think: "may fail and you should consider to reinstall the system instead" should probably be something like: "may fail and you should consider reinstalling the system instead" Thanks, Richard.
[sh] Single quote in comment withing subshell buggy
Hi, when there is a single ' in a comment within a subshell, I get this error: foo[6]: no closing quote Here is an example script to reproduce the problem: foo=$( # It's bar: echo bar ) echo $foo I found this behaviour unexpected und suspect it's a bug. I had encountered this as a real world problem in a project on GitHub [1]. With best regards, Richard Ulmer [1] https://github.com/mawww/kakoune/pull/2943
Re: [sh] Single quote in comment withing subshell buggy
Hi Matthew, I'm unable to judge the patch, but appreciate your quick fix. Thanks a lot! I'm looking forward to the next release, in which it is contained. I just occurred to me, that the problem also exists for ". Is this covered with your patch as well? Richard cho...@jtan.com wrote: > Richard Ulmer writes: > > Hi, > > when there is a single ' in a comment within a subshell, I get this > > error: foo[6]: no closing quote > > > > Here is an example script to reproduce the problem: > > > > foo=$( > > # It's bar: > > echo bar > > ) > > echo $foo > > This is certainly not the best way to do this but it does the job: > > ~/src/ksh [OpenBSD 6.6] > [ksh]flask@void$ /bin/ksh > void$ foo=$( > > # quote: ' > > echo bar > > ) > > ^D > /bin/ksh: no closing quote > ~/src/ksh [OpenBSD 6.6] > [ksh]flask@void$ ./ksh > void$ foo=$( > > # quote: ' > > echo bar > > ) > void$ echo $foo > bar > void$ > > In particular it just reeks of kludge, which I'm not happy with > because according to the comment two-dozen lines up it's already a > kludge. The loop is lifted from the beginning of the same function, > where regular comments are skipped. > > Matthew > > --- lex.c.~1.78.~ Mon Jan 15 16:58:05 2018 > +++ lex.c Sat Dec 14 10:55:06 2019 > @@ -496,6 +496,12 @@ > statep->ls_scsparen.csstate = 4; > ignore_backslash_newline++; > break; > +case '#': > +ignore_backslash_newline++; > +while ((c = getsc()) != '\0' && c != > '\n') > +; > +ignore_backslash_newline--; > +break; > } > break; >
less --no-init and multiline $PS1
Hi,
when using a $PS1, which has more than one line, `less --no-init` cuts
of some lines at the top, when it quits. This is especially annyoing
when using `git diff` and `git show`. For example,
`echo "foo\nbar" | less --no-init --quit-if-one-screen` with a two-line
$PS1 leads to terminal content like this:
.---.
| bar |
| ~ |
| ~ |
| PS1 line 1|
| PS1 line 2$ |
`---'
I think, that using an environment variable like $PS1_LINES to inform
less about a multiline $PS1, would be a solution for the problem. This
is what I came up with:
Index: usr.bin/less/funcs.h
===
RCS file: /cvs/src/usr.bin/less/funcs.h,v
retrieving revision 1.25
diff -u -p -u -r1.25 funcs.h
--- usr.bin/less/funcs.h2 Sep 2019 14:07:45 - 1.25
+++ usr.bin/less/funcs.h19 Jan 2020 11:23:56 -
@@ -30,6 +30,7 @@ void ring_bell(void);
void do_clear(void);
void clear_eol(void);
void clear_bot(void);
+void clear_above_bot(int);
void at_enter(int);
void at_exit(void);
void at_switch(int);
Index: usr.bin/less/main.c
===
RCS file: /cvs/src/usr.bin/less/main.c,v
retrieving revision 1.37
diff -u -p -u -r1.37 main.c
--- usr.bin/less/main.c 28 Jun 2019 05:44:09 - 1.37
+++ usr.bin/less/main.c 19 Jan 2020 11:23:56 -
@@ -47,6 +47,7 @@ extern char *tags;
extern char*tagoption;
extern int jump_sline;
extern int less_is_more;
+extern int ps1_lines;
extern int missing_cap;
extern int know_dumb;
extern int quit_if_one_screen;
@@ -102,6 +103,9 @@ main(int argc, char *argv[])
}
}
+ if ((s = lgetenv("PS1_LINES")) != NULL)
+ ps1_lines = atoi(s);
+
/*
* Process command line arguments and LESS environment arguments.
* Command line arguments override environment arguments.
@@ -383,8 +387,10 @@ quit(int status)
edit(NULL);
if (!secure)
save_cmdhist();
- if (any_display && is_tty)
+ if (any_display && is_tty) {
clear_bot();
+ clear_above_bot(ps1_lines - 1);
+ }
deinit();
flush(1);
raw_mode(0);
Index: usr.bin/less/opttbl.c
===
RCS file: /cvs/src/usr.bin/less/opttbl.c,v
retrieving revision 1.19
diff -u -p -u -r1.19 opttbl.c
--- usr.bin/less/opttbl.c 17 Sep 2016 15:06:41 - 1.19
+++ usr.bin/less/opttbl.c 19 Jan 2020 11:23:56 -
@@ -53,6 +53,7 @@ int opt_use_backslash;/* Use backslash
int hilite_search; /* Highlight matched search patterns? */
int less_is_more = 0; /* Make compatible with POSIX more */
+int ps1_lines = 1; /* Height of the primary prompt */
/*
* Long option names.
Index: usr.bin/less/screen.c
===
RCS file: /cvs/src/usr.bin/less/screen.c,v
retrieving revision 1.25
diff -u -p -u -r1.25 screen.c
--- usr.bin/less/screen.c 3 Sep 2019 23:08:42 - 1.25
+++ usr.bin/less/screen.c 19 Jan 2020 11:23:56 -
@@ -34,6 +34,7 @@ static char
*sc_lower_left, /* Cursor to last line, first column */
*sc_return, /* Cursor to beginning of current line */
*sc_move, /* General cursor positioning */
+ *sc_up, /* Cursor up one line */
*sc_clear, /* Clear screen */
*sc_eol_clear, /* Clear to end of line */
*sc_eos_clear, /* Clear to end of screen */
@@ -87,6 +88,7 @@ extern int tty;
extern int top_scroll;
extern int oldbot;
extern int hilite_search;
+extern int ps1_lines;
/*
* Change terminal to "raw mode", or restore to "normal" mode.
@@ -414,6 +416,10 @@ get_term(void)
}
sc_lower_left = cheaper(t1, t2, "\r");
+ sc_up = cursor_up;
+ if (ps1_lines > 1 && sc_up == NULL)
+ missing_cap = 1;
+
/*
* Get carriage return string.
*/
@@ -699,6 +705,20 @@ clear_bot(void)
at_exit();
clear_eol_bot();
at_enter(saved_attrmode);
+ }
+}
+
+/*
+ * Clear n lines above the bottom line of the display.
+ * The cursor must be set to the beginning of the bottom line before.
+ */
+void
+clear_above_bot(int n)
+{
+ int i;
+ for (i = 0; i < n; i++) {
+ tputs(sc_up, 1, putchr);
+ tputs(sc_eol_clear, 1, putchr);
}
}
Re: less --no-init and multiline $PS1
Hi Theo, "Theo de Raadt" wrote: > The diff is clearly a layer violation, trying to interpret and dance > for an event which happens after less terminates. I didn't think about it this way, but now agree with you that my patch should be disregarded. I thought about a solution which doesn't violate any layers and came up with something much simpler: I will replace my less with a script similar to this: /usr/bin/less $@ for arg in "$@"; do test "$arg" = '--no-init' -o "$arg" = '-X' && tput up el && exit done Thanks for making me re-think the problem! Best regards, Richard Ulmer
Re: CD's arrived
I am in NJ. Have not received anything yet. RT Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Raf Czlonka Sent: Wednesday, October 7, 2015 2:38 PM To: misc@openbsd.org Subject: Re: CD's arrived On Wed, Oct 07, 2015 at 03:51:28PM BST, M Wheeler wrote: > CD's arrived today UK. Thanks again. Got mine today, too :^) Raf
Re: CD's arrived
I know I paid for a 5.8 disk, but I have never received it. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Carl Trachte Sent: Wednesday, October 14, 2015 10:36 PM To: OpenBSD general usage list Subject: Re: CD's arrived Tucson, Arizona On Tue, Oct 13, 2015 at 5:25 PM, Ralph Siegler wrote: > On Wed, 07 Oct 2015 14:51:28 +, M Wheeler wrote: > >> CD's arrived today UK. Thanks again. > > Just arrived just north of Chicago, IL USA (pre-ordered Sept 15) Many > thanks!
Re: CD's arrived
I spoke too soon earlier - mine arrived today as well! 10/15/2015. Princeton area, NJ On 10/15/15 14:26, Vijay Sankar wrote: Quoting Carl Trachte : Tucson, Arizona On Tue, Oct 13, 2015 at 5:25 PM, Ralph Siegler wrote: On Wed, 07 Oct 2015 14:51:28 +, M Wheeler wrote: CD's arrived today UK. Thanks again. Just arrived just north of Chicago, IL USA (pre-ordered Sept 15) Many thanks! I received mine today in Winnipeg, MB, Canada. The cover looks great!! Thanks very much to all the developers. Reporting this to the list only because I did not notice anyone from Canada mentioning that they received the CDs yet. Also, just in case you all are wondering, it is a very nice day in Winnipeg (7 Celsius, 42 kmph wind, excellent day for biking :)
Avahi daemon, dbus daemon
I am now using the 5.8 release. I have tried to start avahi in my rc.conf.local file but it always fails to load. In 5.7 I never had this problem. What's the correct way to load these daemons? Sent from my BlackBerry ;10 smartphone on the Verizon Wireless 4G LTE network.
Re: Paris..
France is screwed and perhaps Europe, translation, WWIII, unless they get their Muslim problem under control ASAP. Glad I don't live there. Let's not forget Mr. Roy who went back home to Bangladesh for an award, or Van Gogh walking down a street in Amsterdam. Are France and the few remaining Euro fenchmen, finally ready to admit that they need to do what Israel has done? But unfortunately, no they don't and you will see this again, worse, soon. You don't see these massacres in Switzerland do you? Wonder why? Had enough yet France? Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Francois Pussault Sent: Saturday, November 14, 2015 4:07 AM To: Rod Whitworth; misc@openbsd.org; Ryan Freeman Reply To: Francois Pussault Subject: Re: Paris.. Thanks for all, now there is calm again even in Paris. But this stay chocking. > > From: Rod Whitworth > Sent: Sat Nov 14 03:49:18 CET 2015 > To: misc@openbsd.org , Ryan Freeman > Subject: Re: Paris.. > > > On Fri, 13 Nov 2015 16:10:53 -0800, Ryan Freeman wrote: > > >Completely off-topic but I am concerned for the .fr devs.. > > > >http://www.theglobeandmail.com/news/world/paris-police-report-shootout-at-re staurant-explosion-near-stadium/article27256201/ > > > >Can I get a ping to this thread from all the .fr folks? > >Stay strong France... > > > >-Ryan > > > > And all the users and those who contribute to development in any way. > > Keep your heads down. It is frustrating that I can do nothing. > Rod/ > > > *** NOTE *** Please DO NOT CC me. I subscribed to the list. > Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. > > Rod/ > --- > This life is not the real thing. > It is not even in Beta. > If it was, then OpenBSD would already have a man page for it. > Cordialement Francois Pussault 10 chemin de négo saoumos apt 202 - bat 2 31300 Toulouse +33 6 17 230 820 +33 5 34 365 269 fpussa...@contactoffice.fr
Unix::Pledge perl module
Hi misc@,
I've put together a simple CPAN module that allows you to use pledge(2)
in your Perl programs. Of course it will only work on -current.
Simple example:
$> perl -MUnix::Pledg|e -e '||pledge(||"stdio rpath"||,
[||"/home/$ENV{USER}/.profile"||]);||open||(||my $fd||, ||">"||,
||"/home/$ENV{USER}/.profile"||);'|
$>|Abort trap (core dumped)|
The github repo is available at:
https://github.com/rfarr/Unix-Pledge
Cheers,
Richard
Re: A branded USB stick as an alternative to the CD set?
The reality is obvious - most users of open source are pure unadulterated free loaders. Nobody pays but we all use it. That includes very large corporations as well. Torvalds solved it the old fashioned way; he is an employee of his own foundation. McKusick sells training videos. All I can do is buy the CD's and give some $ to the foundation. Any other suggestion is not productive. Original Message From: Bryan Vyhmeister Sent: Monday, November 30, 2015 10:36 PM To: Bal??zs Nagy Cc: Theo de Raadt; grazzol...@gmail.com; Tati Chevron; Stuart Henderson; misc@openbsd.org Subject: Re: A branded USB stick as an alternative to the CD set? On Mon, Nov 30, 2015 at 06:20:02PM -0700, Bal??zs Nagy wrote: > On Nov 30, 2015, at 2:34 PM, Theo de Raadt wrote: > > > > These days the CD revenue is about what a cashier at a store makes. > > I'm sick to my stomack when I read this. I won't get into how unjust, > unfair, unethical this situation is, we all know that life is unfair. > We also all know that Theo could have a high six figure, probably even > seven figure salary if he chose to. I don't think the issue is what > new technology to deliver the CD sets on. I think the question is how > to deliver Theo a recurring revenue so that he gets to draw a salary > that is at least somewhat commensurate with his contribution to the IT > industry. Just like a lot of us do recurring contributions to the > OpenBSD Foundation, we need to find a way to provide Theo directly as > well. Am I beeing too naive, am I missing somthing here? I agree completely. This is the core issue we need to look at and find solutions to. Bryan
Re: A branded USB stick as an alternative to the CD set?
I have no clue what a hackathon costs, any ballpark averages? Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Theo de Raadt Sent: Wednesday, December 2, 2015 11:11 AM To: Donald Allen Cc: Theo de Raadt; misc; Richard Thornton Subject: Re: A branded USB stick as an alternative to the CD set? > But if we lose the project leader due to lack of exercise and food, > that's not good for the project. You made it very clear in a previous > message to this thread that no Foundation money comes to you. So while > the Foundation may be doing good things with their money, we, the > community, need to be sure that you have what you need. And in the > unlikely event that the freeloader factor decreases and we send you > more than you need, couldn't you turn the excess over to the > Foundation? Easily done by paying for a hackathon or two directly.
Re: HP LaserJet Problem
On 12/05/15 07:33, bluesun08 wrote: hmm, the "device busy" message is gone. But now there is a new message: # ./testfile > /dev/ulpt0 ksh: ./testfile: cannot execute - Permission denied So what permissions fail? You don't have execute permissions on testfile? $ touch testfile $ ./testfile ksh: ./testfile: cannot execute - Permission denied -- View this message in context: http://openbsd-archive.7691.n7.nabble.com/HP-LaserJet-Problem-tp284216p284602.html Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: Is true that the BSD developers were inspired to make their code free software by the example of the GNU Project, and explicit appeals from GNU activists helped persuade them?
I would read McKusick's book on FreeBSD. He gives a good historical accounting of the BSD's. Also the book Raymond's book "The Cathedral and the Bazaar". Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. Original Message From: Jorge Luis Sent: Tuesday, February 16, 2016 12:08 PM To: misc@openbsd.org Subject: Is true that the BSD developers were inspired to make their code free software by the example of the GNU Project, and explicit appeals from GNU activists helped persuade them? It is written in article 'Linux and the GNU System' posted in GNU Operating System: "People sometimes ask whether BSD too is a version of GNU, like GNU/Linux. The BSD developers were inspired to make their code free software by the example of the GNU Project, and explicit appeals from GNU activists helped persuade them, but the code had little overlap with GNU. BSD systems today use some GNU programs, just as the GNU system and its variants use some BSD programs; however, taken as wholes, they are two different systems that evolved separately. The BSD developers did not write a kernel and add it to the GNU system, and a name like GNU/BSD would not fit the situation.(5)" Is true that the BSD developers were inspired to make their code free software by the example of the GNU Project, and explicit appeals from GNU activists helped persuade them? If no, what is the true story of BSD developers? -- View this message in context: http://openbsd-archive.7691.n7.nabble.com/Is-true-that-the-BSD-developers-wer e-inspired-to-make-their-code-free-software-by-the-example-of-the-tp289840.ht ml Sent from the openbsd user - misc mailing list archive at Nabble.com.
Re: OpenBSD Puffy Stickers
I don't like stickers on my computers. I don't do bumper stickers either. On Thu, Nov 30, 2017 at 11:29 PM, Theo de Raadt wrote: > > My goal is not to rip off anyone, but to help the project. > > You cannot help the project by begging on a mailing list that > I partake in business. > > Get over yourself Jay. > >
Re: Virtualbox vs latest snapshot
On 04/11/18 10:50, Stuart Henderson wrote: On 2018-04-10, csszep wrote: Hi! I installed the latest 04.10 snapshot, the install procedure went fine, but after reboot the VM stucks at endless boot loop . It prints only the "booting hda0:/bsd" line.. before reboot The 04.03 snapshot works fine. There is a similar experience for someone with Virtualbox 5.2.8? There's a recent bootloader problem, possibly following the update to clang 6, that affects some machines. I suspect this might be involved here. Ah, that might (?) explain what was happening to me with a Lenovo Thinkpad X1 Carbon? Not a VM. Stuck in an endless boot loop, with a flash of a "heap full" message before the next reboot. Tried the same snapshot on an older Thinkpad and no issues. Looked like it was a possible SSD problem (from what I could find in the archives), so I tried the 6.3 installer and that was fine. Repeated the snapshot install and got back into the endless rebooting. To confirm if this is the problem, can you install the older snapshot as normal, then update kernel and file sets to the newer one? (follow the "Upgrade without the install kernel" steps on http://www.openbsd.org/faq/upgrade63.html, except skip the part about running installboot do install a new bootloader). Can you report back either way please (preferably to bugs@, with dmesg and anything special about the VM config).. If it is the same thing it would be useful for developers to have a way to reproduce the problem that doesn't involve specific hardware..
Weird file(1) behaviour with multiple matching tests
Hi all, I'm trying to understand how file(1) behaves, when there are multiple matches, but I'm not skilled enough to understand the source code and the man page describes a different behaviour than what I'm seeing. man file(1) says "The first test which succeeds causes the file type to be printed.", however, this does not seem to be true: $ cat ~/.magic 0 string foo foo file 0 string foorfoor file $ cat foo foor $ file foo foo: foor file $ vim ~/.magic && cat ~/.magic 0 string foorfoor file 0 string foo foo file $ file foo foo: foor file Have I misunderstood the definition of "The first test"? I assumed this meant "the test with the lowest line number". Is this the expected behaviour? It seems to me like others misunderstood this before me; for example: With the default magic-file (/etc/magic), I cannot get this line's message to be printed: 0 search/1#!/usr/bin/env\ lua Lua script text executable Instead this happens: $ cat foo $ file foo foo: a lua script text executable Which seems to be the result of this test: 0 string #!/usr/bin/env a >15 string >\0 %s script text executable Greetings, Richard Ulmer
Re: Auto-mounting removable disks
On Tue, Mar 23, 2021 at 12:43:09AM +, tetrahe...@danwin1210.me wrote: > I have a removable disk that I want to auto-mount. However, it may not > always be present. If I put an entry in fstab for it, will the system be > able to cope even if the disk is not present? > > Is there a better way to do this? > https://vx21.xyz/automounting-usb-drives-openbsd/
Open-source security processor
Apologies, this might be a little bit OT but I was thinking of this and I thought about the wonderful folks at OpenBSD. Say you had the guts of an x86_64 desktop running Windows on the bench and another computer running OpenBSD right next to it, is there some mechanism available that could allow you to integrity scan the NVMe drive (and also the firmware but that's probably an easier problem solved with something like SPI) of the powered-off x86_64 with the OpenBSD box, like a hardware device that allows both OpenBSD and the laptop physical hardware level access to the same NVMe, or would you have the NVMe in OpenBSD, scan it and then somehow "hand over" the NVMe to Windows? The NVMe drive can't be physically touched, not just swapped from board to board, I'm thinking of this from a more "embedded" viewpoint. Or am I thinking about an external CPU validating an OS install in completely the wrong way? Thanks Richard
Sleep induces acpi0 interrupt storm
Hi all, I've just set up a new T480 ThinkPad with OpenBSD 7.4. I have noticed that after sleeping (by closing and opening the lid of the laptop) my fan turns up and one of my CPU cores is fully loaded. `top -U -S root` and `systat vmstat` tell me, that acpi0 is generating a lot of interrupts, close to 2000/s. Once I had this high interrupt count directly after booting, without even putting the laptop to sleep. Can anyone help me debug this or does someone know of a workaround? >From what I've read I could probably disable certain ACPI functions using bsd.re-config(5), but I'm not sure where to start. Do I have to go through all 49 devices listed in acpi(4)? Greetings, Richard dmesg; the last 22 lines were generated when closing and opening the lid: OpenBSD 7.4 (GENERIC.MP) #1397: Tue Oct 10 09:02:37 MDT 2023 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8200216576 (7820MB) avail mem = 7931973632 (7564MB) random: good seed from bootblocks mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0x9a628000 (63 entries) bios0: vendor LENOVO version "N24ET74W (1.49 )" date 08/15/2023 bios0: LENOVO 20L6SF8C00 acpi0 at bios0: ACPI 5.0 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT SSDT TPM2 UEFI SSDT SSDT HPET APIC MCFG ECDT SSDT SSDT SSDT BOOT BATB SLIC SSDT SSDT SSDT LPIT WSMT SSDT SSDT SSDT DBGP DBG2 MSDM DMAR ASF! FPDT UEFI acpi0: wakeup devices GLAN(S4) XHC_(S3) XDCI(S4) HDAS(S4) RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) RP05(S4) PXSX(S4) RP06(S4) PXSX(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpihpet0 at acpi0: 2399 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz, 1496.52 MHz, 06-8e-0a, patch 00f4 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,RSBA,MISC_PKG_CT,ENERGY_FILT,GDS_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 4-way L2 cache, 6MB 64b/line 12-way L3 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 24MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz, 1496.52 MHz, 06-8e-0a, patch 00f4 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,RSBA,MISC_PKG_CT,ENERGY_FILT,GDS_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 4-way L2 cache, 6MB 64b/line 12-way L3 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz, 1496.52 MHz, 06-8e-0a, patch 00f4 cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SRBDS_CTRL,MD_CLEAR,TSXFA,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,RSBA,MISC_PKG_CT,ENERGY_FILT,GDS_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES,MELTDOWN cpu2: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB 64b/line 4-way L2 cache, 6MB 64b/line 12-way L3 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz, 1496.52 MHz, 06-8e-0a, patch 00f4 cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,R
Re: Sleep induces acpi0 interrupt storm
Mike Larkin wrote: > check the lists; this was reported lots of times. I think it was some > thunderbolt related thing in the BIOS. Ah, I missed the right threads when searching previously. Apparently I wasn't specific enough. Now I found the message you mentioned: https://marc.info/?l=openbsd-misc&m=164789521428035&w=2 I've set Security > I/O Port Access > Thunderbolt(TM) 3 to "Disabled" in the BIOS and now the problem is gone. Thanks a ton!
Re: Many video frames dropped unless sound is muted
Hi Maurice, Maurice McCarthy wrote: > I too have had poorer video performance too since 7.1 Not _certain > of the cause but since 7.1 one of my pair of 2-core cpu is always > offline. I suspect this may be to do with the deliberate removal of > hyper-threading support. (Yet this happened in 2018! It was done to > eliminate possible data leaks. > https://www.theregister.com/2018/06/20/openbsd_disables_intels_hyperthreading/ > ) There is a consequent drop in performance. I believe hyperthreading was never enabled since I've used OpenBSD, so I'll rule that out. > I use youtube-dl to download anything I want to see. (Performance is > far better from a local file.) As I said, I also experience the new performance problems with mpv, so downloading the video won't help. It looks very similar to the performance within Firefox: ca. half the frames are dropped when audio is turned on and almost no frames are dropped when using mpv --no-audio with the same file. - Richard
Re: Many video frames dropped unless sound is muted
Hi again, > As a side note: After upgrading from 7.0 to 7.1 I experienced a > significant increase in audio stutter. Sometimes (I think when a > "hiccup" became too big) YouTube would even pause a video on it's own or > mpd(1) would stop playback. As a workaround I increased the buffer size > with sndiod_flags=-b12000 in /etc/rc.conf.local, which helped a little, > but didn't eliminate the problem. I started playing around with the -b flag again and found, that if I make the buffer very small, my problem goes away and video playback works better than it ever had. I can now even watch videos at 1920x1080 with 60 FPS and barely drop any frame. As soon as configure the buffer to contain more than ca. 1000 frames, video playback begins to suffer. With the default (according to sndiod(8) and FAQ 13 [1]) 7680 frames, performance is already very poor. So for now I'm going to go with -b960 (20 ms buffer); in the brief testing I've done, even the audio stutter seems to have disappeared. Maybe I just went the wrong way when adjusting the audio buffer before... - Richard [1] https://www.openbsd.org/faq/faq13.html
less prints superfluous characters with --no-init
Hi all, I find this behaviour unexpected: $ printf foo | less --no-init | xxd : 666f 6f1b 5b41 1b5b 4b foo.[A.[K less prints ANSI escape codes for 'cursor up' and 'erase in line' at the end of my message. Interestingly, when doing the same within tmux, the result is different: $ printf foo | less --no-init | xxd : 666f 6f1b 4d1b 5b4b foo.M.[K Is this intended behaviour? If so, is there any flag to disable this? Greetings, Richard
Re: less prints superfluous characters with --no-init
"Richard Ulmer" wrote: > Hi all, > I find this behaviour unexpected: > > $ printf foo | less --no-init | xxd > : 666f 6f1b 5b41 1b5b 4b foo.[A.[K > > less prints ANSI escape codes for 'cursor up' and 'erase in line' at the > end of my message. Interestingly, when doing the same within tmux, the > result is different: > > $ printf foo | less --no-init | xxd > : 666f 6f1b 4d1b 5b4b foo.M.[K > > Is this intended behaviour? If so, is there any flag to disable this? > > Greetings, > Richard Another user mentioned, that he couldn't reproduce the problem, which made me check 'which less'. I found that I wasn't using /usr/bin/less, but a script around it, which I forgot about. The script caused the problem. Sorry for the unnecessary mail. Richard
Re: Problems w/apache+php+mysqld since 4.9-5.0 OpenBSD Upgrade
On 05/23/13 10:15, Damon Getsman wrote: Hello all, and thank you for taking the time to take a look at this issue that I am currently having. I've been a strong advocate of OpenBSD for some time, but have only recently taken steps to start upgrading some of my machines instead of reinstalling. My primary server was a 4.9 installation, and it was running apache, with PHP and MySQL integrated for the purpose of serving a mediawiki, a gallery2 installation, and a few other utilities that I have had up for myself and some friends. Unfortunately, ever since I've made the leap from 4.9 to 5.0, I've been unable to get anything other than plain HTML documents to display via apache. The server tells me that there are either '500' server errors or with a little more detail MediaWiki tells me "(Can't contact the database server: MySQL functions missing, have you compiled PHP with the --with-mysql option? )". Now according to the pkg_info listing that I have, I _believe_ that I have all of the proper packages and libraries installed, but I guess I am mistaken as I'm still not able to serve pages up with any sort of MySQL back end handling. Here is the output of 'pkg_info -a -m' for anybody who cares to verify this: BitTorrent-4.4.0p10 cooperative file distribution system implemented in Python ImageMagick-6.6.6.10p0 image processing tools alacarte-0.12.4p7 easy GNOME menu editing tool apache-httpd-2.2.15p0 apache HTTP server apcupsd-3.14.8p2daemon for controlling APC UPSes archie-1.4.1Prospero client for the archie service bash-4.2.10 GNU Bourne Again Shell beav-1.40.15binary editor and viewer bzip2-1.0.6 block-sorting file compressor, unencumbered calc-2.11.7 C-style arbitrary precision calculator camlimages-3.0.2p0 image manipulation functions for Objective Caml check_bioctl-1.9Nagios plugin to check RAID status with bioctl check_email_delivery-0.7.0 Nagios plugin to check full email delivery loop (SMTP /IMAP) check_hw_sensors-1.42 Nagios plugin to monitor sysctl hw.sensors check_mssql_health-1.5.3 Nagios plugin to check Microsoft SQL Server check_openbgpd-1.5 Nagios plugin to monitor OpenBGPd peers cups-1.4.7p0Common Unix Printing System cups-pdf-2.5.1 PDF backend for CUPS curl-7.21.7 get files from FTP, Gopher, HTTP or HTTPS servers dosbox-0.74p0 x86 with DOS emulator targeted at playing games emacs-22.3p10 GNU editor: extensible, customizable, self-documenting fedora_base-4.0p8 Linux compatibility package based on Fedora Core 4 firefox-5.0p3 Mozilla web browser firefox35-3.5.19p2 Mozilla web browser ghostview-1.5p3 X11 front-end for ghostscript git-1.7.6p0 GIT - Tree History Storage Tool git-svn-1.7.6p0 GIT - subversion interoperability tools git-x11-1.7.6p0 GIT - graphical tools gnome-common-2.34.0 common automake macros for GNOME gnome-desktop-2.32.1p4 components for the GNOME desktop gnome-mplayer-1.0.4p1 GTK+/GNOME frontend for MPlayer gnome-panel-2.32.1p5 GNOME panel gnome-screensaver-2.30.2p2 screen saver and locker for GNOME gnome-system-monitor-2.28.2p6 sytem monitor for GNOME gnome-system-tools-2.32.0p6 sytem configuration GUI for desktops gnuchess-5.08 chess program gpgme-1.1.5p1 GnuPG Made Easy gstoraster-1.03p0 filter to convert PostScript or PDF to cups raster format ircII-20081115p0Internet Relay Chat client ispell-3.2.06p6 interactive spelling checker jove-4.16p1 Jonathan's Own Version of Emacs kdebase-3.5.10p13 K Desktop Environment, basic applications kermit-8.0.211 serial and network communications package latex-mk-1.9.1p0set of Makefile fragments to manage LaTeX documents libpurple-2.9.0 multi-protocol instant messaging library libreoffice-3.4.1.3p1v0 multi-platform productivity suite mediawiki-1.15.5p3 web-based collaborative editing environment minicom-2.2p0 MS-DOS Telix-like serial communication program mpg123-1.13.1 fast console MPEG audio player and decoder library mrtg-2.17.1p1 multi-router traffic grapher mutt-1.5.21v0-sasl tty-based e-mail client, development version mysql-server-5.1.54p9 multithreaded SQL database (server) ncftp-3.2.3 ftp replacement with advanced user interface nethack-3.4.3p4-qt dungeon explorin', hackin', game. Piece of cake nmap-5.51p0 scan ports and fingerprint stack of network hosts ntop-1.1network usage, interface similar to top(1) ntp-4.2.6pl2p7 Network Time Protocol reference implementation ocaml-3.12.0p0 ML language based on complete class-based objective system oinkmaster-2.0p0update your Snort rules p7zip-9.20.1file archiver with high compression ratio partial-wordpress-3.0.2 standard compliant weblog pgp-2.6.3 Pretty Good Privacy 2.6.3ia php-5.2.17p5server-side HTML-embedded scripting language php-curl-5.2.17p3 curl URL library extensions for php5 php-gd-5.2.17p4 image manipulation extensions for p
Re: Problems w/apache+php+mysqld since 4.9-5.0 OpenBSD Upgrade
On 05/23/13 11:44, Damon Getsman wrote: Bryan, after doing that it appears that it's not even getting executed. I put the script into a web accessible file called debug.php, loaded it in my browser and saw a blank page. Viewing the source is showing the original , leading me to believe that it is not even handing it off to the appropriate script engine... Not sure if I'm right but does that help at all? You can't use shorttags* ... You need to use ... * Well, you can if you tweak settings.
Re: Problems w/apache+php+mysqld since 4.9-5.0 OpenBSD Upgrade
On 05/23/13 12:08, Damon Getsman wrote: Okay, now I've got the phpinfo output. Nothing is jumpin' out at me, if y'all care to take a look at it I've got it available at bismaninfo.hopto.org/debug.php for a limited time here. No mysql in the output. What does php -m give you, etc. It's like the message you are getting - something is up with the mysql extension in your install. Check the ini files, etc. You are using the base Apache and PHP is working - you need to look at the mysql extension and find out why it is not enabled or not loading.
Re: Seeking GUI refuge
On 05/25/13 10:48, Patrick Mc(avery wrote: Hi Everyone [chop] While about 7 out of the 9 years with Linux have been good, the graphical experience on Linux has plummeted for me. I don't really want to send prospective customers to Linux any more. I am fearing that Windows may end up being my only option. Which Windows GUI is that? Last version I liked was Windows 2000; XP was OK, 7 a disaster, and sounds like Microsoft are backpedaling on Windows 8 and the tile-based approach. Not sure there is any perfect GUI - if you are looking for something exactly like Windows, then you are going to have Windows (but as I say, "Windows" is a moving target - you talking about XP, 7 or 8, or "Blue"?) KDE 4 and Gnome 3 have been big jumps from their previous versions. I've been through KDE 3.5.10 to Gnome 3 to cwm, currently on XFCE which suits me personally. If you get put off by a few links to non-installed applications, then don't think much is going to help you. OS X looks nice, but there are a few frustrations in there, too. And if your customers prefer the Windows experience, then it's no help - it's not Windows, it is different. Anyway, everything is meant to be on the cloud, Web 2.0 (or is it 3.0), iOS, Android, etc. so no-one cares about the desktop anymore. Yeah, right! Good luck!
Re: From the military propaganda department
Time to drink a beer and chill out, dude! Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Justin LindbergSent: Saturday, May 25, 2013 2:01 PMTo: misc@openbsd.orgReply To: Justin LindbergSubject: From the military propaganda department Excuse the Yahoo address. That's the best I can do here in the United States of Amerikkka. How is life in OpenBSD-land? The gummint dont trust me when I use OpenBSD because they don't have a clue what I'm doing when I'm at my computer. Even after they've read my code, and obtained all my passwords via rubber-hose cryptanalysis, and they're sitting at my keyboard staring at the hash prompt, they still don't have a clue what I am doing, and they think the problem can be solved by the more liberal use of rubber hoses. Oh, I was writing a letter to my attorney. But some people consider that to be illegal here in Amerikkka. They don't understand that when I am ready to release my software, I release it, and when it's released, it's released. That is my right under our First Amendment guarantee of freedom of speech and of the press. I think it works pretty similarly over there in Canada. When you've tested your code and you are ready, you commit it, and when it's committed, it's committed, and the rest of the team is free to tear it to shreds. The best defense to rubber-hose cryptanalysis is small pieces of lead, saboted and silenced and projected at high speed at anyone and everyone armed with a rubber hose. The Penguins over in Linux-land understand this very well. Do the Pufferfish? Because that's my right, too, under our Second Amendment guarantee of the right to keep and bear arms. So when I'm ready, I fire a shot, and when it's fired, it's fired, and there is no calling it back. And that's why I make dead certain that I am ready before I fire. Even if the U.S. Department of Defense considers computer cryptography to be a munition of war, then the right to use it is still protected, only under the Second Amendment rather than the First. Some communications are private, confidential, classified, or privileged and not obtainable with a warrant, and that is why we use cryptography here in the United States of America.
Compiling BOINC/Seti@Home for OpenBSD 5.3 Sparc64
My Sun Blade 100, has a fresh install of 5.3, and its very good, much better than 5.1; XFCE is very stable and R is much better than prior ports. you guys did a great job! Now this computer sits running actively, with nothing to do! So lets run Seti on it, but alas, no recent binary for OpenBSD Sparc64 seems to be found. Thus I tried last night to compile my own, but the _autosetup script fails saying it can't find M4 >= 1.4 (not true, I have latest), automake( not true I have latest), autoconf (not true I have latest). The only thing it finds is gmake, which passes. Is there some sort of special tailoring necessary for OpenBSD? Or has someone solved all these issues already and could help me out? Thanks, Richard.
Re: user can not shutdown PC in xfce
When I want to shut down, I use on/off switch. No permissions needed. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: James GriffinSent: Friday, August 30, 2013 6:00 AMTo: misc@openbsd.orgSubject: Re: user can not shutdown PC in xfce !-- On Fri 30.Aug'13 at 9:08:05 BST, Fung (fungm...@qq.com), wrote: > -- Original -- > From: "Tomas Bodzar"; > > On Tue, Aug 27, 2013 at 2:34 PM, Fung wrote: > > > 1. root login xfce can shutdown the pc smoothly using mouse. > > 2. other user in xfce can not shutdown the pc, why? > > > > # visudo > > ... > > %wheel ALL=(ALL) SETENV: ALL > > share ALL=NOPASSWD: /usr/local/lib/xfce4/session/xfsm-shutdown-helper > > ... > > > > # id share > > uid=1000(share) gid=1000(share) groups=1000(share), 0(wheel) > > > > > > # sysctl kern.version > > kern.version=OpenBSD 5.4-current (GENERIC.MP) #48: Sat Aug 24 20:31:41 > > MDT 2013 > > dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP > > > > > > # cat /usr/local/share/doc/pkg-readmes/xfce-4.10p0 > > said > > Logging out and shutting down the computer > > == > > If your installation supports complete shutdown, clicking on the logout > > button on panel will permit you to either logout, rebooting or halt > > the computer, provided you have the needed sudo credentials. > > If you don't want to have to enter your password, simply add this line > > to the /etc/sudoers file using visudo: > > $your_username ALL=NOPASSWD: > > /usr/local/lib/xfce4/session/xfsm-shutdown-helper > > == > > > > are you in operator group? ;-) > > $ ls -l /sbin/shutdown > -r-sr-x--- 1 root operator 222416 Aug 20 00:46 /sbin/shutdown > $ > > . > > > hi, tomas, > > Shutdown in xfce not work with operator group . > > BTW, from terminal , user share can halt -p/ shutdown the system. > You could use a better Window Manager/Desktop. The cwm in base is excellent. Also, fvwm2 in packages is excellent (I use that one), so are some tiling WM's, like dwm and spectrwm. -- James Griffin: jmz at kontrol.kode5.net A4B9 E875 A18C 6E11 F46D B788 BEE6 1251 1D31 DC38
Re: Compiling BOINC/Seti Home for OpenBSD 5.3 Sparc64
You are right. I am using a virtual installation right now until I figure it all out. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Daniel OuelletSent: Thursday, August 29, 2013 6:19 PMTo: misc@openbsd.orgSubject: Re: Compiling BOINC/Seti Home for OpenBSD 5.3 Sparc64 On 8/29/2013 4:15 PM, Alexey E. Suslikov wrote: > Christian Weisgerber mips.inka.de> writes: > >> Richard Thornton gmail.com> wrote: >> >>> My Sun Blade 100, has a fresh install of 5.3, and its very good, much >>> better than 5.1; XFCE is very stable and R is much better than prior >>> ports. you guys did a great job! Now this computer sits running actively, >>> with nothing to do! >> >> Use apm -L or -C and save 10 W. > > Wonder why keep running something doing nothing ;) > Still happily married I see. (:>
thunar-archive-0.3.0p3 sparc64
FYI: Trying to pkg_add this package for sparc64 using the ftp3.usa.openbsd.org failed due to a broken package but ftp5.usa.openbsd.orgwas ok.
install5x.iso
I am curious - given that OpenBSD ships each RELEASE with X , but applications like Firefox will not work without installing another DE, like XFCE; why not ship OpenBSD with the basic X, but with the necessary libraries to allow FireFox to run and other applications like R to output graphics? Also why not go ahead and ship with Firefox? The disk would still be within the size of a standard CD.
Re: install5x.iso
In general I really like and appreciate all that is done by developers with OpenBSD. The OS is stable and it works well, and shipping it with X already functional is a big help, especially on older boxes. Because to compile xorg with this old sparc box under FreeBSD was taking > 24 hours and it still was not done. On Fri, Sep 13, 2013 at 11:19 AM, Gregor Best wrote: > On Fri, Sep 13, 2013 at 10:06:10AM -0400, Richard Thornton wrote: > > I am curious - given that OpenBSD ships each RELEASE with X , but > > applications like Firefox will not work without installing another DE, > > [...] > > That is not true. I ran Firefox and Chrome on a clean OpenBSD 4.9 > installation when it was released and I have been able to since then, > and I find it hard to believe it was different before. > > > [...] > > XFCE; why not ship OpenBSD with the basic X, but with the necessary > > libraries to allow FireFox to run and other applications like R to output > > graphics? Also why not go ahead and ship with Firefox? The disk would > > still be within the size of a standard CD. > > [...] > > Installing Firefox with pkg_add adds the required libraries > automatically. If it does not, that's a bug in the port that should be > reported. > > Adding Firefox to the base system would be a very bad idea. It is a huge > load of code that needs to be maintained and not everyone uses Firefox. > What if I want Chrome instead? Add that to base? What about dillo? > netsurf? Why not add OpenOffice while we are at it? > > -- > Gregor Best
thunar-settings
This file located in /usr/local/bin seems to prevent thunar from working properly on sparc64, when xfce is running under a user. When xfce is running under a root account, there is no problem. On amd64, there is no issue period. On my sparc box, I removed this file, and now thunar works properly. Why does this file not work properly on a sparc box? #!/bin/sh # # vi:set et ai sw=2 sts=2 ts=2: */ test "x$DISPLAY" != "x" || DISPLAY=:0 output=`dbus-send --session --print-reply --dest=org.xfce.FileManager \ /org/xfce/FileManager org.xfce.FileManager.DisplayPreferencesDialog \ "string:$DISPLAY" "string:$DESKTOP_STARTUP_ID"` if ! [ $? -eq 0 ]; then echo $output exit 1 fi
Re: pkg_add hung?
sometimes a mirror will time out, I have seen this, so I swap between ftp3.usa.openbsd.org and ftp5.usa.openbsd.org; I have had very good response from both of these; alos sometimes, a file is missing, and this throws an error. Then I switch mirrors, kill the pkg_add process and restart pkg_add. otherwise I never have a problem. On Sun, Sep 15, 2013 at 10:17 AM, Jeffrey Walton wrote: > On Sun, Sep 15, 2013 at 9:48 AM, Maxime wrote: > > Le 15/09/2013 15:25, Jeffrey Walton a écrit : > >> On Sun, Sep 15, 2013 at 8:28 AM, Roman Gorelov > wrote: > Jeffrey Walton writes: > > Mt bad. That was the mirror. Here's the full PKG_PATH (from the > > capture): > ftp://mirror.jmu.edu/pub/OpenBSD/OpenBSD/5.3.packages/amd64/ > > (with the trailing slash). > > >>> > >>> Look carefully at yout $PKG_PATH. > >>> Should be: ftp://mirror.jmu.edu/pub/OpenBSD/5.3/packages/amd64/ > >>> Really is: > ftp://mirror.jmu.edu/pub/OpenBSD/OpenBSD/5.3.packages/amd64/ > >> Thanks Roman. It was a typo. The screen capture is correct. > >> > > > > Don't use screen capture attached as they are removed from the > > mailing-list. > Thanks Maxime. I provided a link to the capture. It was not attached. > > > Are you able to do a "telnet mirror.jmu.edu 21" and get successfully > > connected or not? > > You could just copy/paste text of your terminal. > The first few dependent packages were downloaded. It hung on the libiconv. > > > My guess is there is a firewall which is not allowing your OpenBSD > > server to connect to the mirror (dropping packets). > > It can be the local firewall itself or another one depending of your > > network architecture. > OK, thanks. > > So am I safe to ^C this process and try again? I don't want to corrupt > the package database since I'll probably not be able to fix it. > > Did I do something wrong when attempting to follow the manual? The > command woud have been: > > sudo -E pkg_add subversion > > Jeff
Re: Feedback about Desktop Environments
Definitely XFCE 4.10. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: James GriffinSent: Monday, September 16, 2013 6:20 AMTo: misc@openbsd.orgSubject: Feedback about Desktop Environments I need to install a Dektop Environment for my partner. I thought about KDE or xfce, i've tried neither on OpenBSD before. Which of the 3 main main DE's (gnome, KDE, XFCE) do you feel work best on OpenBSD. I would need things like removable media mounting from within the graphical environment, good sound support and multimedia applications. Any advice would be helpful from those using any of these Desktop's. I thought i'd ask on this list before installing loads of packages. Cheers, Jamie.
Re: Feedback about Desktop Environments
On 09/16/13 22:18, James Griffin wrote: I need to install a Dektop Environment for my partner. I thought about KDE or xfce, i've tried neither on OpenBSD before. Which of the 3 main main DE's (gnome, KDE, XFCE) do you feel work best on OpenBSD. I'm currently on XFCE and it works for me. Used both Gnome and KDE and found good things and bad things - from *my* point-of-view. I was happy with KDE 3.5.10 - but was missing the eye candy of newer things, so tried Gnome 3. Was really enjoying Gnome 3 but it got a bit sluggish on the hardware I was using at the time, so headed for something more light-weight. I've tried the more bare-bones ones like fvwm and cwm - bit too minimal for my liking, but worth trying cwm (in base so nothing to install.) So moved to XFCE and been happy there for a while. Alt-Tab works, performance is good, enough eye-candy for me. Parole (the multi-media app) times out on some of my DVDs, so I use mplayer for those. Picture viewer, GIMP for graphics, thunar file manager, Firefox & Chromium, Thunderbird, nice console, Libreoffice, etc., etc. Does everything I need and looks pretty enough. It is really going to be down to personal preference and your requirements - no real short-cut to trying all three out for a few days and see which one works for you. I would need things like removable media mounting from within the graphical environment, good sound support and multimedia applications. Any advice would be helpful from those using any of these Desktop's. I thought i'd ask on this list before installing loads of packages. Cheers, Jamie.
general ports question
So if one has a 5.3 release system running, but finds a desired package in say 5.1, will pkg_add work on this, assuming I adjust the PKG_PATH to point to a 5.1 package folder? Or will doing this cause other instabilities? Thanks, Richard
Re: general ports question
Ok, thanks for the help. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Marc EspieSent: Wednesday, September 18, 2013 6:24 PMTo: Richard ThorntonReply To: espie@nerim.netCc: OpenBSD general usage listSubject: Re: general ports question On Wed, Sep 18, 2013 at 06:16:20PM -0400, Richard Thornton wrote: > So if one has a 5.3 release system running, but finds a desired package in > say 5.1, will pkg_add work on this, assuming I adjust the PKG_PATH to point > to a 5.1 package folder? Or will doing this cause other instabilities? The dependency mechanisms in pkg_add apply to the library of the base system. Meaning that if you manage to install a package from 5.1 on a "pure" 5.3 machine, your package has *no* dependency at all on any shared library whatsoever from the base system. So, yeah, you can install the books from 5.1. And some of the fonts. That's about it.
Re: Verified OS concerns
Interesting thread... Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: josef.winger@email.deSent: Thursday, September 19, 2013 4:30 PMTo: misc@openbsd.orgSubject: Verified OS concerns Does OpenBSD plan to varify its (main) components, to reach the level of zero-bug software? If not, isn't there any concern that (future) varified OS will render OBSD redundant one day? /jo
Re: update my box and Cinnamon avaible
I do not think that Cinnamon is available with OpenBSD. But, I could easily be wrong. On Sun, 22 Sep 2013, Roelof Wobben wrote: Hello, Before I try OpenBSd I have two questions. 1) The manual says that I can use pkg -upgrade But how do I know which packages can be updated or which security patches there are avaible. 2) Is a new version of Cinnamon avaible for OpenBSD and if so, how can I install it. Regards, Roelof Wobben
Re: update my box and Cinnamon avaible
On 09/23/13 22:54, Marc Espie wrote: On Mon, Sep 23, 2013 at 11:25:57AM +0100, James Griffin wrote: * Marc Espie [2013-09-23 12:22:47 +0200]: On Mon, Sep 23, 2013 at 10:32:20AM +0100, James Griffin wrote: To update packages: pkg_add -iu (-i is for interaction to selection flavors of pkg's and -u is for update). Must be run with privileges, i.e. sudo or root user. You don't need -i in most cases these days, pkg_tools default to interactive if run on a terminal now. (-I can be used to revert to non-interactive mode) Cheers Marc, I wasn't aware of that. Just a habit I got into ages ago. Yeah, it's something I look at in usage patterns. Lots of people don't follow the tools development too closely, and so they keep using options which are no longer needed. I use pkg_add -ui because that's what is in the upgrade instructions e.g. http://www.openbsd.org/faq/upgrade53.html#Pkgup Is that a special case? Thanks. Then they teach those to other people, thus ensuring that people keep thinking things are more complicated than they are... I'd really like a solution that didn't involve me having to rectify things again and again, but it's better than nothing :)
Re: mailx : mime handling?
I like both pine/alpine; Both compile with no tweaking. Richard On Wed, 25 Sep 2013, Eric Johnson wrote: On Wed, 25 Sep 2013, Dmitrij D. Czarkoff wrote: Mayuresh Kathe said: hi, how do mailx users currently handle mime? They don't. They install mutt, s-nail or whatever. pine/alpine Eric
Re: Claws-mail frequently dumps core on 5.3R
I have experienced same behaviour, on sparc, openbsd, version 5.3, kernel
#40.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
network.
From: Stefan WollnySent: Saturday, September 28, 2013 6:20 PMTo: Stefan
WollnyCc: Erwin Geerdink; OpenBSDSubject: Re: Claws-mail frequently dumps
core on 5.3R
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Sun, 5 May 2013 15:12:07 +0200
schrieb Stefan Wollny :
> On Sat, 4 May 2013 21:18:35 +0200
> Erwin Geerdink wrote:
>
> > Hi,
> >
> > Since I upgraded to OpenBSD 5.3 Release (following the upgrade guide
> > on the website), I have experienced the following problem with
> > claws-mail v3.8.1: Every time I try to fetch mail, a dialog 'Changed
> > SSL certificate' pops up, for each of my mailboxes. No matter if I
> > choose 'Cancel connection' or 'Accept and Save certificates', both
> > frequently result in a core dump.
> > Even when claws does not crash, the certs are not properly saved,
> > for the dialog shows up every subsequent fetch. The SSL certs are
> > stored to disk (~/.claws-mail/certs/), but information about owner
> > and signer is ''.
> >
> > Core dumps also occur when sending mail.
> > As you understand, this makes usage quite a pain.
> >
> > Does anyone experience this issue as well?
> Hi Erwin,
> Hi misc@!
>
> I do experience this behaviour as well - as of this morning I use the
> latest 5.3-current (#148) and claws-mail hasn't crashed for an hour.
> Yet it keeps complaining about the SSL certs being changed.
>
> I just did a fresh install of my system based on 5.3-current (#147).
>
> The ./claws-mail/certs folder has permissions 700 while the certs
> within have 644 - I have no idea if this has an effect on claws-mail.
>
> If I can help with any other info or testing just drop me a line.
>
> Cheers,
> STEFAN
>
> OpenBSD 5.3-current (GENERIC.MP) #148: Tue Apr 30 11:41:58 MDT 2013
> t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
> cpu0: Intel(R) Core(TM) Duo CPU T2400 @ 1.83GHz ("GenuineIntel"
> 686-class) 1.83 GHz cpu0:
>
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,
MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,MWAIT,VMX,EST,TM2,xTPR,PDCM,PERF
> real mem = 3219517440 (3070MB) avail mem = 3155484672 (3009MB)
> mainbus0 at root
> bios0 at mainbus0: AT/286+ BIOS, date 08/27/09, BIOS32 rev. 0 @
> 0xfd6b0, SMBIOS rev. 2.4 @ 0xe0010 (68 entries) bios0: vendor LENOVO
> version "79ETE5WW (2.25 )" date 08/27/2009 bios0: LENOVO 200855G
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP SSDT ECDT TCPA APIC MCFG HPET BOOT SSDT SSDT
> SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) LURT(S3)
> DURT(S3) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) PCI1(S4) USB0(S3)
> USB1(S3) USB2(S3) USB7(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz,
> 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT
> compat cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: apic clock running at 166MHz
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM) Duo CPU T2400 @ 1.83GHz ("GenuineIntel"
> 686-class) 1.83 GHz cpu1:
>
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,CFLUSH,DS,ACPI,
MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,NXE,SSE3,MWAIT,VMX,EST,TM2,xTPR,PDCM,PERF
> ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
> ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at
> acpi0 addr 0xf000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus 1 (AGP_)
> acpiprt2 at acpi0: bus 2 (EXP0)
> acpiprt3 at acpi0: bus 3 (EXP1)
> acpiprt4 at acpi0: bus 4 (EXP2)
> acpiprt5 at acpi0: bus 12 (EXP3)
> acpiprt6 at acpi0: bus 21 (PCI1)
> acpicpu0 at acpi0: C2, C1, PSS
> acpicpu1 at acpi0: C2, C1, PSS
> acpipwrres0 at acpi0: PUBS
> acpitz0 at acpi0: critical temperature is 127 degC
> acpitz1 at acpi0: critical temperature is 99 degC
> acpibtn0 at acpi0: LID_
> acpibtn1 at acpi0: SLPB
> acpibat0 at acpi0: BAT0 model "92P1139" serial 6480 type LION oem
> "Panasonic" acpibat1 at acpi0: BAT1 not present
> acpiac0 at acpi0: AC unit online
> acpithinkpad0 at acpi0
> acpidock0 at acpi0: GDCK not docked (0)
> bios0: ROM list: 0xc/0xfe00 0xd/0x1000 0xd1000/0x1000
> 0xdc000/0x4000! 0xe/0x1! cpu0: Enhanced SpeedStep 1829 MHz:
> speeds: 1833, 1333, 1000 MHz pci0 at mainbus0 bus 0: configuration
> mode 1 (bios) pchb0 at pci0 dev 0 function 0 "Intel 82945GM Host" rev
> 0x03 ppb0 at pci0 dev 1 function 0 "Intel 82945GM PCIE" rev 0x03:
> apic 1 int 16 pci1 at ppb0 bus 1
> vga1 at pci1 dev 0 function 0 "ATI Radeon Mobility X1300 M52-64" rev
> 0x00 radeondrm0 at vga1: apic 1 int 16
> drm0 at radeondrm0
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x02:
> msi azalia0: codecs: Analog Devices AD1981HD, Conexant/0x2bfa, using
> Analog Devices AD1981HD audio0 at azal
Re: Sorry OpenBSD people, been a bit busy
I am glad to know that it is a "parody" account; You can easily go to court, in order to force Twitter to give up the names & contact info of those responsible for the parody account if you would like to sue, but then any off-color public remarks you have actually made could be turned against you. The best approach is to sue Twitter directly. It would be fun to see that stupid service shutdown. On Mon, 7 Oct 2013, InterNetX - Robert Garrett wrote: > Because people, are idiots, and like to attack others who do useful things. > Keep your head up. > > RG > > On 10/07/2013 02:48 AM, dera...@cvs.openbsd.org wrote: >> Hi, yeah, it is really me. I find it strange posting to misc, >> starting an email thread. Normally I finish the threads here. >> >> Most OpenBSD developers have known for a while, but I think it is >> important to tell the greater community that I've been a bit busy for >> about the last year. I have not been paying as much attention to >> OpenBSD development as I'm expected to. Luckily, other developers >> have done a great job keeping it on track. >> >> Why? With a group of others, I started setting up an Internet >> Exchange in Calgary, and this has taken much time because it is highly >> politicized and has encountered some resistance. >> >> http://yycix.ca >> https://en.wikipedia.org/wiki/YYCIX_Internet_Exchange_Community_Ltd >> >> Now, why do I mention this in relation to OpenBSD? Well, at the end >> of 2007 someone decided to open an impersonation account on twitter in >> my name, and start sending a mix of things I have said (see wikiquote >> for instance), with things that I would never say. That account is >> http://twitter.com/theoderaadt >> >> A few notes: The account has now changed to declare that it is a >> parody account and renamed to "Not Theo de Raadt", as of a few days >> ago. If you read back into the past, you will see true character of >> the account and the individual. >> >> People in the local community were directed to the account, to give a >> negative, if not slanderous, view of my character. The ones directing >> them have high-profile roles in the community, so people would take >> what they say as true. Since I am the network manager for the >> exchange equipment, this by extension was meant to hurt YYCIX. >> >> Why would stewards of important infrastructure projects deliberately >> spread such false stories? >> >> I will not mention names. I don't need to; many can dig a little and >> figure out who those actors are. As a hint, search a little bit >> higher. >> >> Finally, one thing that particularily bothers me in the old postings >> is the mention of my old friend Itojun, a very dedicated developer of >> IPv6. As many of you know, he and John Postel are the only two >> internet architects currently honoured on an annual basis by the >> Internet Society in the form of an award. >> >> http://www.internetsociety.org/what-we-do/grants-and-awards/awards/itojun-ser vice-award >> >> Layers of hurt being thrown around. Why? >> > > > Mit freundlichen Grüßen > > Robert Garrett > Senior System Engineer > Technical Projects & Solutions > -- > InterNetX GmbH > Maximilianstr. 6 > 93047 Regensburg > Germany > > Tel. +49 941 59559-480 > Fax +49 941 59559-245 > > www.internetx.com > www.facebook.com/InterNetX > www.twitter.com/InterNetX > > Geschäftsführer/CEO: Thomas Mörz > Amtsgericht Regensburg, HRB 7142
Re: Sorry OpenBSD people, been a bit busy
I am not flippant enough to say that the NSA revelations do not matter, but what are we supposed to do? The Middle Eastern terrorism threat is real and we need to be able to stop them anyway necessary. All it takes is one of them to hit every Walmart in the neighborhood, buy every pay-as-you-go phone they have, then pass them out to their friends in every Mosque. Now you have a new terrorism threat. So, welcome to the real world my friend, and wake up. On Tue, 8 Oct 2013, Scott McEachern wrote: > On 10/08/13 16:36, Martin Schröder wrote: >> YYCIX is subject to canadian laws. >> It likely must have a lawful interception interface for the canadian >> police/whatever. > > Americans are subject to the highest law of the land: The US Constitution. > You know, that document the President and damned near every government > employee has sworn an oath to obey and protect. > > The NSA has broken that oath. Not long after the Snowden leaks started, the > Director of National Intelligence, James Clapper, spoke before congress and > explained what the NSA is "up to", in an attempt to play down Snowden's > revelations. Then more Snowden documents came out, proving that the DNI just > /lied/ to congress. Curiously, he's not in jail, and is still in office. > Lying to congress is an indictable offense, er, a "felony offence" in US > legal-speak. > > Now here's another fun bit of trivia for you: The constitution outranks > *all* other laws, like state, regional, municipal, etc. All except one: > Foreign treaties. They hold equal rank to the constitution. Think about > that, vis a vis foreign treaties with other intelligence agencies. The same > applies in Canada with our Constitution and Bill of Rights. > > Lawful interception, you say? Subject to Canadian laws? Privacy laws? > There are no privacy laws in either the US or Canadian constitutions; look it > up. But we /do/ have treaties. > >> Canada is a member of Five Eyes. > > Thank-you for proving my point. Nice treaties with the other members since > 1948. Treaties that have equivalent legal weight to the constitutions of the > respective countries. > > If you think our (Canadian) "morally superior" privacy laws, and our > national/provincial privacy commissioners have any say in the matter, you're > fooling yourself. > > A couple of weeks ago, John Tory, a very well-respected radio commentator > (and former lawyer, former CEO of Rogers, former politician, etc.) on a > respected AM talk radio station, interviewed a fellow who works deep inside > the telecom industry. Sorry, I can't remember the chap's name. Tory asked > the guy, "So what ISPs are giving customer data to the government?" The guy > deadpanned, "All of them. All of them are doing it." > > Of course, there's no actual proof of this at the moment, but given what > Snowden has released so far, and what those documents indicate (eg. PRISM) I > think this theory has moved from "pure speculation" to "most likely" status. > > -- > Scott McEachern > > https://www.blackstaff.ca > > "Beware the Four Horsemen of the Information Apocalypse: terrorists, drug > dealers, kidnappers, and child pornographers. Seems like you can scare any > public into allowing the government to do anything with those four." -- > Bruce Schneier
Re: Sorry OpenBSD people, been a bit busy
I used to work at empire blue cross. I had many friends who worked in the Trade Towers.I lived for a time in Battery Park nearby.So go to hell asshole, the USA will neverLet another 9/11 happen again, And Snowden is quite the jerk. These guys were recently planning attacks on Toronto as a matter of fact and were discovered in time, maybe thanks to the NSA. So sit in your tea house pouring over your netbook,Fuckin around, and hide. And go to hell. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Zé LoffSent: Tuesday, October 8, 2013 6:08 PMTo: Richard ThorntonCc: Scott McEachern; misc@openbsd.orgSubject: Re: Sorry OpenBSD people, been a bit busy > The Middle Eastern terrorism threat is > real and we need to be able to stop them anyway necessary. > > All it takes is one of them to hit every Walmart in the neighborhood, > buy every pay-as-you-go phone they have, then pass them out to their > friends in every Mosque. Well fuck you and your fucking stereotypes, you fucking bigot. And thank you for validating the quote on Scott's signature, btw.
Re: Sorry OpenBSD people, been a bit busy
I love OpenBSD, seriously, and developers of it are clearly geniuses. And any chance I get I promote it. Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. From: Scott McEachernSent: Tuesday, October 8, 2013 7:17 PMTo: misc@openbsd.orgSubject: Re: Sorry OpenBSD people, been a bit busy On 10/08/13 17:38, Richard Thornton wrote: > I am not flippant enough to say that the NSA revelations do not matter, > but what are we supposed to do? The Middle Eastern terrorism threat is > real and we need to be able to stop them anyway necessary. > > All it takes is one of them to hit every Walmart in the neighborhood, > buy every pay-as-you-go phone they have, then pass them out to their > friends in every Mosque. Now you have a new terrorism threat. So, > welcome to the real world my friend, and wake up. Seriously, after everything I've said so far (I see you just replied privately to my most recent post), you're suggesting that *I* wake up to the real world? I suggest you take that message to the ignorant, complacent, apathetic masses. Please. Take a look at the prime-time TV lineup on the major US networks, and the "cable" stations like Showcase, HBO, etc. What are their plots mostly focussed on? Terrorism. Top-rated shows like NCIS, NCIS: LA, and the like: Terrorism. My point is that the media is feeding the viewers a non-stop diet of potential terrorist plots. It's ridiculously pervasive, and the fear is taking over peoples' minds. Why do you think Bruce Schneier calls the TSA's actions "security theatre"? They're reactive, not proactive. Maybe the NSA/CIA/FBI are trying to be proactive, but what's their track record? The intelligence agencies each had a piece of the 9/11 puzzle. Due to infighting and protecting their respective turf, they didn't share information, and 9/11 happened. Hindsight is 20/20, but it was revealed that if they had only cooperated, 9/11 could have been prevented. Look at the Boston bombings. The FBI received intel from the Russians, of all people, beforehand that the two brothers were up to something. How did that work out for them? The Times Square bomber was stopped by a curious NYPD cop, not an three-letter agency. How about those US soldiers that converted to Islam, raising red flags with their unusual behaviour and behavioural changes, going on shooting rampages? How did the FBI do there? Maybe they have foiled attacks, but you'd think they'd be shouting that from the rooftops saying, "Look! We're doing good! Our Billion dollar budgets are justified!" People know about PRISM now, but even if they wanted to keep the source of their intel under wraps, I'm sure they could find a way to "parallel construct" a plausible explanation without revealing too much. Like you said in a fresh post, maybe the NSA was helpful in stopping the potential attacks on Toronto and various rail lines. Who knows. Read my previous paragraph again. And for the record, both you and Ze Loff should stick to facts and rational discussion. Bigots and morons are best defeated with those, and they'll show their true colours, debasing their own opinions. There's no need for insults and ad hominem attacks. You feel that Snowden is "quite the jerk"? You're entitled to that opinion, but there are a great many people, myself included, that think he is a hero for exposing blantant lies and violations of the law and constitution. Snowden, and some other previous NSA employees, saw the insanity of this, and the future of it. They were appalled, and went public. They are heroes. Privately, you casually dismissed Wolf as "another blow hard", "the liberal version of Ann Coulter". Maybe so, but attacking her personally does not negate the validity of her points. Watch the video, and think about it with an open mind, if you can. You asked, "What are we supposed to do?" There are no easy answers here. I fully realize that there are shades of grey involved. But you aren't looking at the thin end of the wedge; we've long passed that point, and you are ceding your rights to allow it to not only continue, but to expand. Remeber what Ben Franklin said: "Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." His point in that quote speaks directly to the nature of government. It hasn't changed since then. Government will take a mile when you give them an inch. You've probably heard the glib comments that more people in the US have died from choking on fishbones/car accidents/etc. in the last 12 years than have died from terrorism. But at what price, both financially (military spending) and in terms of rights in a growing surveillance state? Where does it end, and what is the logical conclusion? I just don't have the answer
Re: Sorry OpenBSD people, been a bit busy
The NSA is just a backdrop against the real corruption, which guys like Sen. Ted Cruz, who intentionally manipulate the markets by threatening to default on USA debt. Only an idiot would not assume these Senators are selling their stocks before this stupid debate, drive the markets down, buy on the cheap, then bam! Come up with a deal, and make a huge windfall profit. meanwhile they keep everyone focused on other issues such as NSA while they literally rape the country. On Tue, 8 Oct 2013, Scott McEachern wrote: > On 10/08/13 16:36, Martin Schröder wrote: >> YYCIX is subject to canadian laws. >> It likely must have a lawful interception interface for the canadian >> police/whatever. > > Americans are subject to the highest law of the land: The US Constitution. > You know, that document the President and damned near every government > employee has sworn an oath to obey and protect. > > The NSA has broken that oath. Not long after the Snowden leaks started, the > Director of National Intelligence, James Clapper, spoke before congress and > explained what the NSA is "up to", in an attempt to play down Snowden's > revelations. Then more Snowden documents came out, proving that the DNI just > /lied/ to congress. Curiously, he's not in jail, and is still in office. > Lying to congress is an indictable offense, er, a "felony offence" in US > legal-speak. > > Now here's another fun bit of trivia for you: The constitution outranks > *all* other laws, like state, regional, municipal, etc. All except one: > Foreign treaties. They hold equal rank to the constitution. Think about > that, vis a vis foreign treaties with other intelligence agencies. The same > applies in Canada with our Constitution and Bill of Rights. > > Lawful interception, you say? Subject to Canadian laws? Privacy laws? > There are no privacy laws in either the US or Canadian constitutions; look it > up. But we /do/ have treaties. > >> Canada is a member of Five Eyes. > > Thank-you for proving my point. Nice treaties with the other members since > 1948. Treaties that have equivalent legal weight to the constitutions of the > respective countries. > > If you think our (Canadian) "morally superior" privacy laws, and our > national/provincial privacy commissioners have any say in the matter, you're > fooling yourself. > > A couple of weeks ago, John Tory, a very well-respected radio commentator > (and former lawyer, former CEO of Rogers, former politician, etc.) on a > respected AM talk radio station, interviewed a fellow who works deep inside > the telecom industry. Sorry, I can't remember the chap's name. Tory asked > the guy, "So what ISPs are giving customer data to the government?" The guy > deadpanned, "All of them. All of them are doing it." > > Of course, there's no actual proof of this at the moment, but given what > Snowden has released so far, and what those documents indicate (eg. PRISM) I > think this theory has moved from "pure speculation" to "most likely" status. > > -- > Scott McEachern > > https://www.blackstaff.ca > > "Beware the Four Horsemen of the Information Apocalypse: terrorists, drug > dealers, kidnappers, and child pornographers. Seems like you can scare any > public into allowing the government to do anything with those four." -- > Bruce Schneier
Re: Sorry OpenBSD people, been a bit busy
I am not stupid & midwestern enough to believe that all Muslims are a terrorist threat. My son is half jewish and I am not even reflexively pro-israel. I find that when I enter a church or a temple, its a bit of mental torture; over the weekend I was at a bat mitzvah and believe me, it was torture. I am about as far from the beliefs of david horowitz as you can get. I live near Princeton, and personally I think that NJ is a police state; they actually monitor people's license plates and I was harrassed 5 years ago in a park near princeton, because I was caught there after dark in my car with a partially used bottle of wine. They harrassed me for over 15 minutes making me dance around out of my car, then they let me go; later I was in the starbucks in princeton, about midnite, and these two saw me and started laughing. Its all a joke to these guys - "law & order." Anyway, according to bin laden, he just wanted us out of arab lands. That was his main gripe. Boy, if thats all it takes, I would go in a heart beat, why fight these guys? But somehow I think they also want us out of portugal, spain, turkey, north africa, and ultimately israel. Last year I saw David Broza at 92nd St Y; he personally sponsored 4 young musicians from Nazareth, 3 of whom were palestinian. I have to tell you, at least 85% of the audience, standing room only was jewish, and all loved this guy and the concert. Obviously there are people on the other side, including myself, looking for an olive branch and a way out of this global mess, buts whats with all these draconian blasphemy laws in places like pakistand, iran, and saudi arabia? Why cant a britsh citizen like Rushdie write a book iranians dont like and be in hiding for literally years? They even targeted publishers in NYC over his book. What about the Van Gogh murder? It is a concern of mine that what is happening in France with Algerians, and others, and what is in England with Pakistanis will spill into NJ. We shouldnt unfairly target muslims, but they should likewise leave me alone; I may be the great satan, but I have never advocated military action in any of their lands, except to get bin laden in 2002. On Wed, 9 Oct 2013, Zé Loff wrote: > On Oct 9, 2013, at 12:15 AM, Scott McEachern wrote: > >> On 10/08/13 17:38, Richard Thornton wrote: >>> I am not flippant enough to say that the NSA revelations do not matter, >>> but what are we supposed to do? The Middle Eastern terrorism threat is >>> real and we need to be able to stop them anyway necessary. >>> >>> All it takes is one of them to hit every Walmart in the neighborhood, >>> buy every pay-as-you-go phone they have, then pass them out to their >>> friends in every Mosque. Now you have a new terrorism threat. So, >>> welcome to the real world my friend, and wake up. > > [...] > >> And for the record, both you and Ze Loff should stick to facts and rational discussion. Bigots and morons are best defeated with those, and they'll show their true colours, debasing their own opinions. There's no need for insults and ad hominem attacks. > > First of all I owe an apology to the list and, albeit partially, to Richard. I now realise I overreacted a bit. I don't think hate (in the broadest sense of the word) belongs in this list and the comments the kind of which Richard made really get on my nerves. Ironically enough, I ended up spreading the hate myself. Again, my apologies. > > That being said, Richard, if you still stand behind your comment and your gross generalisation about muslims, I must still call you a bigot. And just for the sake of clarity I have the utmost respect for the victims of 9/11, as I have for those in Boston, Fallujah, Gaza, Auschwitz, Sbrenica, Sudan, Rwanda, Chechnya or in that theatre in Moscow a few years ago. In short for every one who was harmed by some idiot/state who thinks his beliefs (religious or not) is better than the rest of them. The "all muslims are terrorists" generalisation is as dumb and shortsighted as saying all blond girls are stupid, all americans are fat gun fanatics, all germans are nazis, all jews are... I'm sure you get the point. > > Just to bring this slightly back on-topic, please realise that terrorism (as real as it is) has been used as an pretext. Intercepting communications on the UN has nothing to do with it, nor does planting bugs on the European Parliament, nor does spying on Brasil's President or its state oil company. > > And Scott, thanks for setting me straight and for the rest of your message. > > > Again sorry for the noise and kudos on the YYCIX, Theo. > Zé
Re: Sorry OpenBSD people, been a bit busy
You're right! I am outa here! Bye! On Wed, Oct 9, 2013 at 7:18 AM, Peter Hessler wrote: > This has gotten massively off topic. Can we please let the thread end > here?
Re: GNOME on OpenBSD 5.3 amd64
On 10/10/13 18:13, obsd, cgi wrote: Hi! "External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below." -->> I went to openbsd.org, typed GNOME in the search form: - the first hit was a PDF from 2007 - all the remaining were regarding packages What now? Can you please point out where is the "official GNOME install documentation for 5.3"? or no one uses GNOME with 5.3 on the misc list? ps.: I found that other people have problems with GNOME on 5.3, maybe it's a bug? ( http://community.spiceworks.com/topic/349701-gnome-on-openbsd-5-3-amd64 ) Thanks UPDATE: oh, ok I just read the bottom part: "don't use virtualbox." - so the bug comes out when using virtualbox?, ok, Thanks! I will try it with other VM's or directly! 2013/10/9 Jérémie Courrèges-Anglas "obsd, cgi" writes: I tried to install GNOME on OpenBSD 5.3 amd64 for Desktop use (on VirtualBox), see the howto below. But after the howto, reboot, startx with a normal user: https://i.imgur.com/MaT8lcW.png Xorg.0.log https://pastee.org/p8ppa # original: http://www.gabsoftware.com/tips/tutorial-install-gnome-desktop-and-gnome-disp lay-manager-on-openbsd-4-8/ External tutorial for 4.8 vs. official documentation for 5.3. This leads to the nonsense you've done to your 5.3 system below. --- when installing: -g* --- echo 'export PKG_PATH= ftp://ftp.openbsd.org/pub/OpenBSD/5.3/packages/amd64/' ~/.profile; . ~/.profile pkg_add -i -vv gnome-session gdm # if there was "Can't install foo" message, try the pkg_add line again --- vi /etc/rc.local Append/modify the following lines in /etc/rc.local: if [ -x /usr/local/sbin/gdm ]; then echo -n ' gdm'; (sleep 5; /usr/local/sbin/gdm) & fi --- echo 'exec gnome-session' > /root/.xinitrc; chmod +x /root/.xinitrc exit echo 'exec gnome-session' > .xinitrc; chmod +x .xinitrc --- pkg_add -i -vv metacity pkg_add -i -vv gnome-panel pkg_add -i -vv nautilus --- vi /etc/rc.conf.local Append/modify the following lines : xdm_flags=NO gnome_enable=YES gdm_enable=YES --- pkg_add -i -vv gnome-terminal gnome-control-center gnome-menus gnome-settings-daemon gnome-themes-standard # for some reason, these aren't found: gnome-themes-extras gnome-utils gnome-applets2 gnome-system-monitor gnome-nettool --- So the question is anybody has a working howto for installing GNOME on OpenBSD? Just so that Antoine doesn't feel forced to send another mail about this recurring subject: pkg_add gnome, *read* the various readmes, don't use virtualbox. Did you look in the archives - e.g. marc.info is a good place to search? e.g. http://marc.info/?l=openbsd-misc&m=135275664028541&w=2 Don't use Gnome on OpenBSD these days, but used to without problems. -- jca | PGP: 0x06A11494 / 61DB D9A0 00A4 67CF 2A90 8961 6191 8FBF 06A1 1494
Re: Dell servers
On 10/11/13 16:42, Friedrich Locke wrote: Is anyone running OBSD 5.3 on Dell R*** series servers ? What about 10G etherner devices ? And Storage ? Is there any concern when buying these machines ? Thanks in advance. I had trouble with a Dell R620 with the iDRAC and FreeBSD / OpenBSD. There's some issue to do with the iDRAC being Broadcom and also the other NICs. FreeBSD 9.2 RC1 had the fix, so that was good enough for me for this machine: http://forums.freebsd.org/archive/index.php/t-31769.html I didn't keep very good notes (sorry!), but with OpenBSD 5.3 (and the latest snap at the time) I was getting "bge0: watchdog timeout --- resetting" I did try turning the iDRAC NIC off, changing settings, etc., but had no joy until I used 9.2. Obviously YMMV, I might have missed something, the FBSD changes might give you a clue what to do, etc. but it did give me a bit of grief at the time. No other obvious issues with OpenBSD(/FreeBSD) on the machine - installed and found drives, RAM, etc. - just this NIC issue. HTH, Richard.
Re: Thunderbird 24.0 and Firefox 24.0 spell checking broken?
On 10/14/13 23:41, Fred wrote: Hi misc@ I recently upgraded thunderbird and firefox to 24 and since then spell checking has stopped working - in both applications - all words get underlined in with a red squiggle - I've added the en-GB language packs: port:fred ~> pkg_info|grep fire firefox-24.0p0 Mozilla web browser firefox-i18n-en-GB-24.0 en-GB language pack for Firefox port:fred ~> pkg_info|grep thun thunderbird-24.0p0 Mozilla e-mail, rss and usenet client thunderbird-i18n-en-GB-24.0 en-GB language pack for Thunderbird general.useragent.locale is set to en-GB I have the same problem if I set the language to en-US. Am I missing something obvious? I am about to delete both firefox and thunderbird profiles to see if that resolves the issue... Hi, Fred, It's been there a while - I haven't found a solution yet (also using amd64): http://marc.info/?l=openbsd-ports&m=137950359628970&w=2 I tried the spellchecker.dictionary_path but no difference. You get to the stage where it looks like everything should work - but it just doesn't. Cheers Fred [cut]
5.4 CDs in New Zealand
Hi, all. CD sets arrived today in Tauranga, New Zealand. Thanks to Theo and all the developers and other people behind OpenBSD - your work is much appreciated.
Re: Autoinstall
On 11/05/13 11:14, Predrag Punosevac wrote: I was driving last night so I have not had much sleep. I just want to make sure that I am not hallucinating. Then minutes ago when I installed the latest snapshot I was presented with an additional installation option Autoinstall [A] I picked out of curiosity but since I have "not provided configuration file" I was dropped to the shell. I think I can see where is this going and I would like to thank you everyone involved. I assume it's this? http://undeadly.org/cgi?action=article&sid=20131029073058&mode=expanded Cheers, Predrag
Re: no ocamlopt in openbsd?
Hi Vivek and list : > How would I do that? Should I look into the texvc Makefile and just > change all the ocamlopt lines to ocamlc? Have a glance at the Makefile, yes, it seems to me that running something like gmake texvc.bc will get you what you want, i.e. the bytecode executable (I have no idea why this wasn't included in the "all" target in the first place) Regards -- Richard Bonichon
Re: PHP5 And Apache on 4.4
On 11/12/2008, at 5:10 PM, Bret wrote: Greets: I recently did a clean install of OpenBSD 4.4 on a system that had been running 4.0. I have tried getting Php5 to run but I have not had any luck. Apache works fine. I installed from packages and followed the Instructions to do: ln -s /var/www/conf/modules.sample/php5.conf /var/www/conf/modules and mkdir /var/www/tmp I also enabled the: AddType application/x-httpd-php .php I have yet to find any idea other than the straight forward descrpition you get on the install. I am out of ideas after making the dirs and moving libphp6.so and also a copy of php from /usr/local/bin I have also did another clean install when my first tries did not work and then used ports to see if that would work instead. Bret Clean install = scrubbed the 4.0 install completely? Or did you try and upgrade? How do you know that it is not working? What symptoms? Any error messages? i386? Does the command line version work e.g. php -i ? Restarted Apache / machine?
