On Wed, Dec 21, 2005 at 10:26:38PM -0700, Ludwig Mises wrote:
> It seems that only root can access /dev/rcd0c when using tools such as
> cdrdao, cdda2wav and cdparanoia, even when the user is in the operator
> group:
>
> $ cdparanoia -v -d /dev/rcd0c -B
>
> Checking /dev/rcd0c for cdrom...
>
yeah, that's how X works.
On 12/21/05, Dave Feustel <[EMAIL PROTECTED]> wrote:
> After kde starts, the file /tmp/.X11-unix/X0 is created and assigned
> to the kde user with world rw privileges.
> This vulnerability can be removed by executing
>
> chmod 700 /tmp/.X11-unix/X0
>
> in a konsol
It seems that only root can access /dev/rcd0c when using tools such as
cdrdao, cdda2wav and cdparanoia, even when the user is in the operator
group:
$ cdparanoia -v -d /dev/rcd0c -B
Checking /dev/rcd0c for cdrom...
Testing /dev/rcd0c for SCSI interface
generic device: /dev
> Does anyone have any news on VIA C7, or VIA EPIA platform in general?
> The current offers are so outdated, they still don't offer gigabit
> ethernet in most solutions, and the things that are offered are indeed
> overpriced (whereas VIA C3 is supposed to be a really cheap solution,
> it looks t
Constantine A. Murenin <[EMAIL PROTECTED]> wrote:
> Does anyone have any news on VIA C7, or VIA EPIA platform in general?
The C7 (Esther) looks like a wet dream for an IPsec gateway, but I
can't find any evidence that it actually exists. Apart from VIAs
pages, a web search only turns up press re
> I work for an ISP
It shows. Disagree off-list please.
After kde starts, the file /tmp/.X11-unix/X0 is created and assigned
to the kde user with world rw privileges.
This vulnerability can be removed by executing
chmod 700 /tmp/.X11-unix/X0
in a konsole session immediately after kde initializes.
Also, kde does not chown /dev/[tp]typ* files
I know this is going to be OT, but since this bug seems to deal with only
OpenBSD on alpha, possibly in locore.s and does not seem to affect netbsd,
that I might point out a coincidental, but most likely unrelated "bug".
http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/arch/alpha/alpha/locore.s.diff
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stuart Henderson
Sent: Wednesday, December 21, 2005 4:55 PM
To: Thomas Bvrnert
Cc: misc@openbsd.org
Subject: Re: vr0 interrupt_vector: spurious vector 7c3 at pil 7 sparc64
> On Wed, 2005-12-21 at 23:20 +,
Hello Fred,
Wednesday, December 21, 2005, 4:49:51 PM, you wrote:
FC> You could put your local changes in /etc/resolv.conf.tail - thus when
FC> resolv.conf is overwritten your local changes will be preserved.
Yep, thanks!
Another listmember suggested this to me off-list, and I did it, and it
has
> On Wed, 2005-12-21 at 23:20 +, Stuart Henderson wrote:
> > > now i've a sun netra t1 105 with openbsd 3.8 with the same
> > > card and i've problems.
> >
> > irq swizzling is broken on the t1 on OpenBSD. Cards requiring an irq
> > mostly won't work right, it is possible to work around for so
> I don't make any exceptions. I tell users sending me email to
> repeatedly submit the message or contact the relevant support staff to
> fix their servers. Obviously this is never going to cause Yahoo and
> Google to change their email strategy... But I relish the challenge.
> I'm a purist at
On 21/12/05, Jim Razmus <[EMAIL PROTECTED]> wrote:
> * Lukas Kubin <[EMAIL PROTECTED]> [051221 05:59]:
> > We have a problem getting mail from gmail through spamd. Google's gmail
> > public mail service use a large number of smtp servers. The first time
> > gmail tries to contact our smtp, it is be
On Wed, 2005-12-21 at 23:20 +, Stuart Henderson wrote:
> > now i've a sun netra t1 105 with openbsd 3.8 with the same
> > card and i've problems.
>
> irq swizzling is broken on the t1 on OpenBSD. Cards requiring an irq
> mostly won't work right, it is possible to work around for some cards
> i
Hello,
Does anyone have any news on VIA C7, or VIA EPIA platform in general?
The current offers are so outdated, they still don't offer gigabit
ethernet in most solutions, and the things that are offered are indeed
overpriced (whereas VIA C3 is supposed to be a really cheap solution,
it looks tod
the defaults are hmac-sha2-256 and aesctr which uses a 160 bit key.
On Wed, Dec 21, 2005 at 03:25:26PM -0500, Will H. Backman wrote:
> OpenBSD 3.8 release.
> I'm getting the same errors as this thread:
> http://archives.neohapsis.com/archives/openbsd/2005-11/1980.html
> I'm trying to use as many d
Hello Tobias,
Wednesday, December 21, 2005, 1:00:08 PM, you wrote:
TU> To fix these values locally, take a look at dhclient.conf(5), especially
TU> at the supersede option and domain-name-servers.
Right now 'dhclient.conf' is completely commented out.
Would adding the line:
supercede domain-na
> now i've a sun netra t1 105 with openbsd 3.8 with the same
> card and i've problems.
irq swizzling is broken on the t1 on OpenBSD. Cards requiring an irq
mostly won't work right, it is possible to work around for some cards
in ofw which you'll find some info in the sparc@ archives.
hi folks,
i've a sun ultra 5 running openbsd 3.5 with a 5 port levelone
switch ethernet card without any problems.
the card runs also on a intel pc with openbsd 3.8 without
any problems.
now i've a sun netra t1 105 with openbsd 3.8 with the same
card and i've problems.
ifconfig vr0 up
interrupt
Robert C Wittig wrote:
So I wrote a shell script that, when run, will re-write
/etc/resolv.conf with the current working DNS-1 and DNS-2 values, that
I can run after boot, to replace the faulty info that is being place
in /etc/resolv.conf, during bootup... but the 'fix' only works for 30
minute
On Wed, 21 Dec 2005 22:46:00 +0100 (CET), "Siegbert Marschall"
<[EMAIL PROTECTED]> wrote:
>Hi,
>
>> As far as I can tell, the bug smells like a race condition of some sort
>> and if my wild guess is correct, it will be difficult to reproduce
>> consistently. With some (but not all) race conditions
On your question, this is what I have used form my IPSec tunnel's nat:
Internal network 192.168.8.0/24
Remote network 192.168.1.0/24
vpnip="192.168.1.1"
scrub in
nat on enc0 from { gem0, gem0:network } -> $vpnip
Together with:
# cat /etc/hostname.enc0
up
!ipsecadm flow -out -require -proto e
Hi,
> As far as I can tell, the bug smells like a race condition of some sort
> and if my wild guess is correct, it will be difficult to reproduce
> consistently. With some (but not all) race conditions, you can increase
> the chance of triggering them by increasing loads. Since I want the race
>
OpenBSD 3.8 release.
I'm getting the same errors as this thread:
http://archives.neohapsis.com/archives/openbsd/2005-11/1980.html
I'm trying to use as many defaults as possible in this test setup, and
sha1 is not being chosen by the defaults. Any ideas?
Here is my ipsec.conf (yes, key values a
On 12/21/05, Christoph Leser <[EMAIL PROTECTED]> wrote:
> I came across
>
> http://www.kb.cert.org/vuls/id/226364
>
> which describes some vulnerablities in IKE Protocol V1 implementations.
>
> That page state ( that is at least what I read from it ) that it is unknown
> whether OpenBSD is affecte
Bug Hunting 101 - Finding "The" Alpha Bug
I've been told that "The" alpha bug has been around for quite some time
and no one has been able to find or fix it. I've also been told looking
for this bug has driven a few developers to drink, well, probably "drink
more" is a better description. Anyhow,
On Wed, Dec 21, 2005 at 08:55:39PM +0100, Christoph Leser wrote:
> I came across
>
> http://www.kb.cert.org/vuls/id/226364
>
> which describes some vulnerablities in IKE Protocol V1 implementations.
>
> That page state ( that is at least what I read from it ) that it is unknown
> whether OpenBS
I came across
http://www.kb.cert.org/vuls/id/226364
which describes some vulnerablities in IKE Protocol V1 implementations.
That page state ( that is at least what I read from it ) that it is unknown
whether OpenBSD is affected or not.
Is anything known about this issue? Should I care about it
On Wed, Dec 21, 2005 at 11:31:07AM -0600, Robert C Wittig wrote:
> I re-wrote /etc/resolv.conf with the nameserver values that my
> Modem/Router describes as DNS-1 and DNS-2, and as soon as I saved the
> file, lynx, whois, etc., worked fast like a rocket, when domain names
> were used, so obviously
I have a fair amount of experience networking in Windows 2000, Linux
Red Hat, and FreeBSD, but I am a relative newbie to OpenBSD, just
setting up my first practice machine, which is still basically a
typical default installation.
I have an SBC DSL connection, non-static IP (Netopia Cayman
Modem/F
On Wed, 21 Dec 2005, Christoph Leser wrote:
Does this imply that I must not mention VPN-2 in the isakmpd.conf Connections
statement?
Thanks for your help.
I tried with and without and didn't get it working either way. I think if
you do not include it in your Connections statement then it i
Does this imply that I must not mention VPN-2 in the isakmpd.conf Connections
statement?
Thanks for your help.
> -Urspr|ngliche Nachricht-
> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag
> von Nick Suckling
> Gesendet: Mittwoch, 21. Dezember 2005 15:32
> An: misc@openbsd.org
>
* Lukas Kubin <[EMAIL PROTECTED]> [051221 05:59]:
> We have a problem getting mail from gmail through spamd. Google's gmail
> public mail service use a large number of smtp servers. The first time
> gmail tries to contact our smtp, it is being greylisted on our spamd
> server. The problem is the
On Wed, Dec 21, 2005 at 03:13:10PM +0100, Peter N. M. Hansteen wrote:
> Joachim Schipper <[EMAIL PROTECTED]> writes:
>
> > pfctl -n? It should catch, at least, typos.
>
> I had the impression ed was looking for something to do about those the
> typos which do not produce a syntax error, just sill
Make sure the filesystem you are trying to compile on does not have
noexec mount options.
On Thu, 2005-12-22 at 00:06, Reza Muhammad wrote:
> Dear All
>
> "C Compiler cannot create executable" ?
> what does it mean ?
> My system is OpenBSD-3.8 Generic Kernel at Intel
> Pentium M Proc 1600 Mhz (I
Actually, the correct thing to do is to make one match with a single
letter and the other match with two or more letters. I chose to
make eject match "e". This resolves the ambiguity.
- todd
On Wed, December 21, 2005 14:45, Reza Muhammad said:
> --- Jens Teglhus Mxller <[EMAIL PROTECTED]> wrote:
>
>> On Wed, December 21, 2005 12:06, Reza Muhammad said:
>> > Dear All
>> >
>> > "C Compiler cannot create executable" ?
>> > what does it mean ?
>> > My system is OpenBSD-3.8 Generic Kernel a
Hello,
Since 3.8 my VIA EPIA-PD6000E board has sensor support via viasio
driver.
$ dmesg | grep viasio
viasio0 at isa0 port 0x2e/2: VT1211 rev 0x02: HM
viasio1 at isa0 port 0x4e/2: VT1211 rev 0x02: HM: not activated
# sysctl hw.sensors
hw.sensors.1=viasio0, UCH1, volts_dc, 3.47 V
hw.sensors.2=vi
--- Jens Teglhus Mxller <[EMAIL PROTECTED]> wrote:
> On Wed, December 21, 2005 12:06, Reza Muhammad said:
> > Dear All
> >
> > "C Compiler cannot create executable" ?
> > what does it mean ?
> > My system is OpenBSD-3.8 Generic Kernel at Intel
> > Pentium M Proc 1600 Mhz (IBM Think Pad T41)
> >
>
Reza, do you expect everyone to pull the details out of you?
Well, I use T41 too and it works ;-) Hope this helps
Or reinstall 3.8 and don't touch /usr/bin/gcc
On 12/21/05, Reza Muhammad <[EMAIL PROTECTED]> wrote:
> --- Stuart Henderson <[EMAIL PROTECTED]> wrote:
>
> > > "C Compiler cannot creat
No the other side does not need to know about this additional section if
you are using NAT as described.
Nick
On Wed, 2005-12-21 at 14:06 +0100, Christoph Leser wrote:
> If you add this extra section to your isakmpd.conf, do you need to add it to
> the remote site too? Does this extra section ch
At 06:41 AM 12/21/2005, Steve Murdoch wrote:
Hi all,
This has been asked a truck load of times in the archives but I
havent found a solution.
HP DL server fans ran flat out all the time.
Any way of slowing them up and quieting them down ?
Does the new ACPI stuff have any impact on this.
St
Hi all,
This has been asked a truck load of times in the archives but I havent
found a solution.
HP DL server fans ran flat out all the time.
Any way of slowing them up and quieting them down ?
Does the new ACPI stuff have any impact on this.
Steve
--- Stuart Henderson <[EMAIL PROTECTED]> wrote:
> > "C Compiler cannot create executable" ?
> > what does it mean ?
> > My system is OpenBSD-3.8 Generic Kernel at Intel
> > Pentium M Proc 1600 Mhz (IBM Think Pad T41)
>
> You should repost, including this information:
>
> what you were trying to
Joachim Schipper <[EMAIL PROTECTED]> writes:
> pfctl -n? It should catch, at least, typos.
I had the impression ed was looking for something to do about those the
typos which do not produce a syntax error, just silly rules.
pfctl -s [mumble] supplemented with -g and -v should help. Creative use
I have been using IPSec a lot on OpenBSD and Mac OS X, but switched
almost completely to OpenVPN.
As far as I'm concerned OpenVPN is far less complex, works well with
NAT (off course you can NAT-T with OpenBSD, but Mac OS for example
doesn't support that), the design looks good, is based on
Thankyou so much Rickie, Jason,Chris, Alex and JC for the replies :-)
On 12/21/05, J. C. Roberts <[EMAIL PROTECTED]> wrote:
> On Wed, 21 Dec 2005 02:54:23 +0530, Siju George <[EMAIL PROTECTED]>
> wrote:
>
> >I have a new Broadband Internet connection. It uses PPPoE with a
> >username and password
On Wed, December 21, 2005 12:06, Reza Muhammad said:
> Dear All
>
> "C Compiler cannot create executable" ?
> what does it mean ?
> My system is OpenBSD-3.8 Generic Kernel at Intel
> Pentium M Proc 1600 Mhz (IBM Think Pad T41)
>
> Please help ...
>
> regards
> reza
http://www.openbsd.org/mail.html
On 12/21/05, Lukas Kubin <[EMAIL PROTECTED]> wrote:
>
> We have a problem getting mail from gmail through spamd. Google's gmail
> public mail service use a large number of smtp servers. The first time
> gmail tries to contact our smtp, it is being greylisted on our spamd
> server. The problem is th
If you add this extra section to your isakmpd.conf, do you need to add it to
the remote site too? Does this extra section change the negotiation between the
two endpoints.
Thanks
> -Urspr|ngliche Nachricht-
> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag
> von Nick Suckling
One easier way I have had this working is to add an additional section
to your isakmpd.conf. Something like the following. Your NAT then takes
care of the rest.
[VPN-1]
Phase= 2
ISAKMP-peer=remote
Configuration= Default
> /root/whitelist.txt:
> 216.239.32.0/19 #gmail servers
I just allowed all the announcements I saw from their AS for now.
64.233.160/19
66.102/20
66.249.64/19
72.14.192/19
72.14.224/20
216.239.32/19
Unless you run a site with enough users that they stay whitelisted
anyway, the larger shared
Dear All
"C Compiler cannot create executable" ?
what does it mean ?
My system is OpenBSD-3.8 Generic Kernel at Intel
Pentium M Proc 1600 Mhz (IBM Think Pad T41)
Please help ...
regards
reza
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
> We have a problem getting mail from gmail through spamd. Google's gmail
> public mail service use a large number of smtp servers. The first time
> gmail tries to contact our smtp, it is being greylisted on our spamd
> server. The problem is the next time it tries to repeat the
> transmission, it
Thus Lukas Kubin <[EMAIL PROTECTED]> spake on Wed, 21 Dec 2005 11:55:30
+0100:
> We have a problem getting mail from gmail through spamd. Google's
> gmail public mail service use a large number of smtp servers. The
> first time gmail tries to contact our smtp, it is being greylisted on
> our spamd
We have a problem getting mail from gmail through spamd. Google's gmail
public mail service use a large number of smtp servers. The first time
gmail tries to contact our smtp, it is being greylisted on our spamd
server. The problem is the next time it tries to repeat the
transmission, it appear
I tought one of the new features of the Intel Pentium 4, was it's new
real hardware-based random number generator, I remember reading about it.
Also take a look at this:
http://www.irisa.fr/caps/projects/hipsor/HAVEGE1.0.html
If you need alot of random numbers in a short time, you are looking f
On Tue, Dec 20, 2005 at 07:05:45PM +0300, Sizov Alexander wrote:
> Hi!
>
> I have OpenBSD 3.8+vsftpd (from ports)+pf on my box.
> pfrules:
> table persist file "/etc/rusip"
> block in from any to xx.xxx.xx.xxx
> pass in from to xx.xxx.xx.xxx
> pass in from yy.yy.yyy.yy to xx.xxx.
Hello,
I'm running into an issue which was brought up on the list before, the
last reference I found was in 2004:
http://archive.openbsd.nu/?ml=openbsd-pf&a=2004-10&m=430206
I have an OpenBSD 3.8 machine.
dc0 is an internal NIC assigned 192.168.20.250
fxp0 is an external NIC assigned a.b.c.d
On Tue, Dec 20, 2005 at 07:42:30PM +, ed wrote:
> Hello,
>
> Just a stab in the dark, does anyone have advise/experience/suggestions
> for debugging firewall problems?
>
> Every now and then I do something which is just brain dead but takes a
> while to figure out, its usually a typo in my ru
60 matches
Mail list logo
