Re: pam-devel package??

Check out the port net/openbsd_bsdauth. While not PAM auth, it will actually work on OpenBSD. (Hint: we don't do PAM) On 2009 Nov 18 (Wed) at 19:28:55 -0800 (-0800), Elliott Barrere wrote: :Hi all, : :I need to build a pam-dependent plugin (openvpn-auth-pam) that requires the :pam-devel librari

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, 18 Nov 2009 16:05:04 -0800 Bryan wrote: > So glad we don't have these kinds of issues... New around here, but I'm noticing a lot of tooting of our own horn...so to speak. With all the possible vectors for compromising a system that are available it just sounds naive to keep touting how s

Re: pam-devel package??

Openbsd doesn't use pam, so you aren't going to have much luck getting openvpn to use it either. On Nov 18, 2009, at 7:28 PM, Elliott Barrere wrote: Hi all, I need to build a pam-dependent plugin (openvpn-auth-pam) that requires the pam-devel libraries; I think that's why it's failing

Re: pam-devel package??

On Wed, 18 Nov 2009 19:28:55 -0800, Elliott Barrere wrote: >Hi all, > >I need to build a pam-dependent plugin (openvpn-auth-pam) that requires the >pam-devel libraries; I think that's why it's failing to build. I can't seem >to find them in any OpenBSD port or package list; can someone point me i

Re: Odd name lookup behavior

On Wed, 18 Nov 2009, Bryan Irvine wrote: >> You apparently have a system with multiple names and a single IP >> address. Both cvsup.mch.chs and cvsup.meadwestvaco.com are assigned >> address 10.209.142.151, but the reverse-lookup entry can't return both >> names. > > >You made that up. Yes it can

Re: OT: Have you hugged your local OpenBSD dev lately?

To be sure, I don't think it's the best idea. But practically? For actual users running fedora? I doubt the change makes much difference for many of them. The reason I even brought this up is not because I like the idea, but because I think it is a good opportunity to reflect on what user

Re: Odd name lookup behavior

> You apparently have a system with multiple names and a single IP > address. Both cvsup.mch.chs and cvsup.meadwestvaco.com are assigned > address 10.209.142.151, but the reverse-lookup entry can't return both > names. You made that up. Yes it can. If it's configured to do so. I'm guessing tha

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, Nov 18, 2009 at 05:38:38PM -0800, Ted Unangst wrote: > Before everyone goes too bonkers, consider exactly how safe/dangerous > this behavior actually is on a single user machine. but did they also by default restrict the system to 1 user? it's not so much the idea that's laughable, but

pam-devel package??

Hi all, I need to build a pam-dependent plugin (openvpn-auth-pam) that requires the pam-devel libraries; I think that's why it's failing to build. I can't seem to find them in any OpenBSD port or package list; can someone point me in the right direction or tell me what to look for? ...Alternativ

Re: Changing the NIC on installed system?

Roger Schreiter writes: > Hello, > > I did not yet understand very well, how the NIC drivers are > selected. Is it done while installing OpenBSD or is it > done at boot? > > In the latter case, I assume, I can replace a PCI network > interface without changing any driver settings. NIC drivers ar

Re: Odd name lookup behavior

On Wed, 18 Nov 2009, stan wrote: >On Wed, Nov 18, 2009 at 05:00:02PM -0500, Dave Anderson wrote: >> On Wed, 18 Nov 2009, stan wrote: >> >> >Can anyone xplain this behavior to me? >> >> Without access to your nameservers it's not possible to be sure, but see >> below -- this looks normal to me. >>

Re: OT: Have you hugged your local OpenBSD dev lately?

Not a change i would make, but for a desktop? Not a big deal. On Nov 18, 2009, at 5:48 PM, "Eric Furman" wrote: but making it *default* behaviour?? On Wed, 18 Nov 2009 17:38 -0800, "Ted Unangst" wrote: Before everyone goes too bonkers, consider exactly how safe/dangerous this behavior actua

Re: OT: Have you hugged your local OpenBSD dev lately?

If you give untrusted people unsupervised access to your laptop, I hope you have a better lock than I do. On Nov 18, 2009, at 5:45 PM, Martin SchrC6der wrote: 2009/11/19 Ted Unangst : Think to yourself: what *exactly* is the difference between the only user account on your machine and root? H

Re: OT: Have you hugged your local OpenBSD dev lately?

On Nov 18, 2009, at 5:47 PM, Theo de Raadt wrote: Before everyone goes too bonkers, consider exactly how safe/dangerous this behavior actually is on a single user machine. Food for thought. Think to yourself: what *exactly* is the difference between the only user account on your machine

Re: Match rule with scrub options cause some websites to "hang"

Here's a brief overview of what I did. If it's not what you are looking for, let me know (or we can take a more detailed discussion off-list). I don't claim to be an expert in this. I did a lot of Googling/reading, and cobbled together my "strategy" from several sources. Even then, I think

Re: OT: Have you hugged your local OpenBSD dev lately?

--- On Wed, 11/18/09, Bryan wrote: > From: Bryan > Subject: OT: Have you hugged your local OpenBSD dev lately? > To: "Misc OpenBSD" > Received: Wednesday, November 18, 2009, 7:05 PM > So glad we don't have these kinds of > issues... > > https://bugzilla.redhat.com/show_bug.cgi?id=534047 > >

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, Nov 18, 2009 at 05:38:38PM -0800, Ted Unangst wrote: > Before everyone goes too bonkers, consider exactly how safe/dangerous > this behavior actually is on a single user machine. Food for thought. > > Think to yourself: what *exactly* is the difference between the only > user account o

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, 18 Nov 2009 17:08 -0800, "Bryan" wrote: > On Wed, Nov 18, 2009 at 16:55, Abel Abraham Camarillo Ojeda > wrote: > > On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote: > >> So glad we don't have these kinds of issues... > >> > >> https://bugzilla.redhat.com/show_bug.cgi?id=534047 > >> >

Re: OT: Have you hugged your local OpenBSD dev lately?

2009/11/19 Ted Unangst : > Think to yourself: what *exactly* is the difference between the only user > account on your machine and root? How are you "safe"? And then you create a guest account on your netbook... Read the comments. There are some interesting exploits for this... Best Martin

Re: OT: Have you hugged your local OpenBSD dev lately?

> Before everyone goes too bonkers, consider exactly how safe/dangerous > this behavior actually is on a single user machine. Food for thought. > > Think to yourself: what *exactly* is the difference between the only > user account on your machine and root? How are you "safe"? Not everyone r

Re: OT: Have you hugged your local OpenBSD dev lately?

Before everyone goes too bonkers, consider exactly how safe/dangerous this behavior actually is on a single user machine. Food for thought. Think to yourself: what *exactly* is the difference between the only user account on your machine and root? How are you "safe"? On Nov 18, 2009, at 4:

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, Nov 18, 2009 at 16:55, Abel Abraham Camarillo Ojeda wrote: > On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote: >> So glad we don't have these kinds of issues... >> >> https://bugzilla.redhat.com/show_bug.cgi?id=534047 >> > > Wow that's tremendously funny. > > -- > DISCLAIMER: http

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote: > So glad we don't have these kinds of issues... > > https://bugzilla.redhat.com/show_bug.cgi?id=534047 > Wow that's tremendously funny. -- DISCLAIMER: http://goldmark.org/jeff/stupid-disclaimers/ This message will self-destruct in 3

Re: OT: Have you hugged your local OpenBSD dev lately?

On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote: > So glad we don't have these kinds of issues... > > https://bugzilla.redhat.com/show_bug.cgi?id=534047 > no one offered a diff to implement that feature on OpenBSD yet ? it can easily be done by writing a sudoKit policy :-) Gilles -- Gil

OT: Have you hugged your local OpenBSD dev lately?

So glad we don't have these kinds of issues... https://bugzilla.redhat.com/show_bug.cgi?id=534047

Re: Odd name lookup behavior

On Wed, Nov 18, 2009 at 11:21:41PM +0100, Robert wrote: > On Wed, 18 Nov 2009 15:06:28 -0500 > stan wrote: > > > Can anyone xplain this behavior to me? > > > > Given the following resolv.conf file: > > > > r...@pm3fw:root# cat /etc/resolv.conf > > lookup file bind > > search mcn.chs kapstonepap

Re: Odd name lookup behavior

On Wed, Nov 18, 2009 at 11:21:41PM +0100, Robert wrote: > On Wed, 18 Nov 2009 15:06:28 -0500 > stan wrote: > > > Can anyone xplain this behavior to me? > > > > Given the following resolv.conf file: > > > > r...@pm3fw:root# cat /etc/resolv.conf > > lookup file bind > > search mcn.chs kapstonepap

Re: Odd name lookup behavior

On Wed, Nov 18, 2009 at 05:00:02PM -0500, Dave Anderson wrote: > On Wed, 18 Nov 2009, stan wrote: > > >Can anyone xplain this behavior to me? > > Without access to your nameservers it's not possible to be sure, but see > below -- this looks normal to me. > > >Given the following resolv.conf file

SPAMd blacklists unavailable

Hi, While trying to get http://www.openbsd.org/spamd/chinacidr.txt.gz and http://www.openbsd.org/spamd/koreacidr.txt.gz i'm getting 404's. Have those resources been moved ? I'm in the meantime using http://ipdeny.com/ipblocks/data/countries/cn.zone and http://ipdeny.com/ipblocks/data/countr

Re: Odd name lookup behavior

On Wed, 18 Nov 2009 15:06:28 -0500 stan wrote: > Can anyone xplain this behavior to me? > > Given the following resolv.conf file: > > r...@pm3fw:root# cat /etc/resolv.conf > lookup file bind > search mcn.chs kapstonepaper.com pm3.charleston.meadwestvaco.com > nameserver 127.0.0.1 > nameserver

Re: Odd name lookup behavior

On Wed, 18 Nov 2009, stan wrote: >Can anyone xplain this behavior to me? Without access to your nameservers it's not possible to be sure, but see below -- this looks normal to me. >Given the following resolv.conf file: > >r...@pm3fw:root# cat /etc/resolv.conf >lookup file bind >search mcn.chs ka

Re: Questions about chrooted apache and exec() in php

On Wed, 18 Nov 2009 22:44:51 +0100 Robert wrote: > # kdump ktrace.out kdump -f ...

Re: Questions about chrooted apache and exec() in php

On Wed, 18 Nov 2009 14:23:42 -0600 Matthew Young wrote: > Hello, > > > Iam running the apache in base 4.5 with the chroot. > > Iam trying to run this simple script (as a test) but I cannot make it > to output anything... > > > I have done a cp /usr/bin/whoami /var/www/bin/ , made sure that >

Re: midwest US mirror

> I should mention things that I didn't before and reiterate others . . . > > 1) I am committed to maintaining this service > 2) At the moment, I have a ~300G hard drive devoted to it (and willing > to devotre more, in the future) > 3) I have a DSL (high-speed) connection i'm not sure what kind o

Re: php5-core package install problems

On Thu, 19 Nov 2009 05:10:12 +1100 John wrote: > I am having trouble with installing a package, php5-core for OpenBSD > 4.6 (i386). There is a dependency that cannot be resolved. php5-core > requires libiconv-1.12, and a package only exists for libiconv-1.13. > > # pkg_add -r > php5-core Can't i

Re: php5-core package install problems

On Thu, Nov 19, 2009 at 05:10:12AM +1100, John wrote: > I am having trouble with installing a package, php5-core for OpenBSD 4.6 > (i386). There is a dependency that cannot be resolved. php5-core > requires libiconv-1.12, and a package only exists for libiconv-1.13. > > # pkg_add -r php5-core

Questions about chrooted apache and exec() in php

Hello, Iam running the apache in base 4.5 with the chroot. Iam trying to run this simple script (as a test) but I cannot make it to output anything... I have done a cp /usr/bin/whoami /var/www/bin/ , made sure that ownership is root:daemon, and permissions are 600, i have even tried 777 i ha

5 PKK'lı İmralıya gönderildi

BC6lgesel Haberler GC

Re: OpenBSD blog software

On Wed, 18 Nov 2009 20:04:01 +0100 Gilles Chehade wrote: > Bret S. Lambert wrote: > > On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: > > > >> now a wiki > >> > > > > And before you know, it, a social networking site. > > > > I want you to be my friend on Dixonspace!!

Odd name lookup behavior

Can anyone xplain this behavior to me? Given the following resolv.conf file: r...@pm3fw:root# cat /etc/resolv.conf lookup file bind search mcn.chs kapstonepaper.com pm3.charleston.meadwestvaco.com nameserver 127.0.0.1 nameserver 10.209.128.20 nameserver 10.209.128.26 nameserver 10.209.142.158 A

php5-core package install problems

I am having trouble with installing a package, php5-core for OpenBSD 4.6 (i386). There is a dependency that cannot be resolved. php5-core requires libiconv-1.12, and a package only exists for libiconv-1.13. # pkg_add -r php5-core Can't install php5

Re: Authpf and more than 992 users

2009/11/18 Janusz Gumkowski : >> Is it at all possible to have more than 992 simultaneous authpf users ? >> > Yes, use more than one machine. > Digging out an old post of mine, still not having any real solution > but a couple of ugly hacks instead, trying to get rid of them finally. > > To the

Re: OpenBSD blog software

> On Wed, Nov 18, 2009 at 07:37:48PM +0100, Bret S. Lambert wrote: > > On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: > > > now a wiki > > > > And before you know, it, a social networking site. > > > > I want you to be my friend on Dixonspace!!! > > > Gotta have realtime plai

Re: OpenBSD blog software

Bret S. Lambert wrote: On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: now a wiki And before you know, it, a social networking site. I want you to be my friend on Dixonspace!!! so you can draw ascii-art penises on his Dixonspace profile ? :-) Gilles

Re: OpenBSD blog software

Bret S. Lambert wrote: On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: now a wiki And before you know, it, a social networking site. Wake me when it becomes a cloud.

Re: OpenBSD blog software

I was actually being serious :-) But a little ragging never hurt anyone. I be teh jdixon freind!! On Wed, Nov 18, 2009 at 07:37:48PM +0100, Bret S. Lambert wrote: > On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: > > now a wiki > > And before you know, it, a social networki

Re: OpenBSD blog software

On Wed, Nov 18, 2009 at 12:00:21PM -0600, Marco Peereboom wrote: > now a wiki And before you know, it, a social networking site. I want you to be my friend on Dixonspace!!! > > On Wed, Nov 18, 2009 at 12:33:32PM -0500, Jason Dixon wrote: > > On Tue, Nov 17, 2009 at 06:56:40PM +0100, Daniel

Re: OpenBSD blog software

On Wed, 18 Nov 2009, Jason Dixon wrote: Not at all. I intentionally wrote Blogsum so I could begin blogging. I avoided installing the bloat-heavy CMS/blogging alternatives out there until I was satisfied it would meet my own criteria. howabout a Blogsum LKM ? ;-)

Re: OpenBSD blog software

now a wiki On Wed, Nov 18, 2009 at 12:33:32PM -0500, Jason Dixon wrote: > On Tue, Nov 17, 2009 at 06:56:40PM +0100, Daniel Gracia Garallar wrote: > >> [...] > >> P.S. And this will be the last you hear about it from me. ;) > > > > I hope this doesn't come to mean the project falls dead. I've

Intel PRO/1000 QP

Hi, we have a Dell PowerEdge R610 with two Intel PRO/1000 QP cards connected to a Cisco 2960G switch. Each card has four giga interfaces, but only two interfaces per card work properly. Works only the first and third interface of each card. The other interfaces do not negotiate the correct speed.

Re: Authpf and more than 992 users

On Thu, Jan 08, 2009 at 03:21:42PM +0100, Janusz Gumkowski wrote: > I'm running out of PTYs on my authpf firewall. > Simply, more than 992 (max pty limit) users are trying to log in > simultaneously. > > In theory I could disable (in authpf.c) checking whether or not session > has been successful

Re: OpenBSD blog software

On Tue, Nov 17, 2009 at 06:56:40PM +0100, Daniel Gracia Garallar wrote: >> [...] >> P.S. And this will be the last you hear about it from me. ;) > > I hope this doesn't come to mean the project falls dead. I've been > reading the source and seems surprisingly simple, but those damned > regular

Re: OpenBSD blog software

[...] P.S. And this will be the last you hear about it from me. ;) I hope this doesn't come to mean the project falls dead. I've been reading the source and seems surprisingly simple, but those damned regulars... hehehe. My treat!

Re: Changing the NIC on installed system?

On Wed, Nov 18, 2009 at 06:01:26PM +0100, Roger Schreiter wrote: > Hello, > > I did not yet understand very well, how the NIC drivers are > selected. Is it done while installing OpenBSD or is it > done at boot? > > In the latter case, I assume, I can replace a PCI network > interface without chan

Changing the NIC on installed system?

Hello, I did not yet understand very well, how the NIC drivers are selected. Is it done while installing OpenBSD or is it done at boot? In the latter case, I assume, I can replace a PCI network interface without changing any driver settings. If the logical interface name will be different, I may

PCI ADSL2+ watchdog timeout

I've been getting frequent 'watchdog timeout' errors with 4.6: Nov 18 18:00:13 net /bsd: re0: watchdog timeout Nov 18 18:01:03 net /bsd: re0: watchdog timeout Nov 18 18:18:55 net /bsd: re0: watchdog timeout Nov 18 18:28:56 net last message repeated 4 times N

Re: why is pf reseting this ssh connection?

Todd Alan Smith wrote: This only happens with SSH connections? Are the rulesets identical between the two machines? Also, why are you still running 4.2? As I'm sure you know, there have been many improvements to pf since that release. No, I also see it happening with every TCP-based protocol and

Re: Spanish language resources for OpenBSD

On Wed, 18 Nov 2009, Chris Bennett wrote: There is that website that records older websites, waybackmachine or something like that. http://www.archive.org/

Re: Spanish language resources for OpenBSD

On Wed, Nov 18, 2009 at 7:54 AM, Chris Bennett wrote: > There is that website that records older websites, waybackmachine or > something like that. Maybe the Mexican site has been recorded there? I will > try and look for it. http://www.archive.org/index.php

Re: Spanish language resources for OpenBSD

Abel Abraham Camarillo Ojeda wrote: I also don't like too much translating... but can help whenever possible (native spanish speaker). It's just that all the people that I know that can use (thoroughly) OpenBSD in my city can also read english very well (at least)... On Tue, Nov 17, 2009 at 08:

Re: PF per-ip statistics

* Leonardo Lombardo [2009-11-18 10:23]: > Hi all, > > reading pfctl manpage I've seen this: > > # pfctl -t test -vTshow > 129.128.5.191 > Cleared: Thu Feb 13 18:55:18 2003 > In/Block:[ Packets: 0Bytes: 0] >

Re: anyone, low power rack-mount server for home usage?

Just a note, although supermicro says max 2g of ram, the X7SLA-H works well with 4G of ram. spdmem0 at iic0 addr 0x50: 2GB DDR2 SDRAM non-parity PC2-5300CL5 spdmem1 at iic0 addr 0x52: 2GB DDR2 SDRAM non-parity PC2-5300CL5 spdmem0 at iic0 addr 0x50: 2GB DDR2 SDRAM non-parity PC2-5300CL5 spdmem1 at

Stacking RAID sets

It was said in http://marc.info/?l=openbsd-misc&m=125139976027774&w=2 that stacking RAID sets is not a good idea. I.e. this # bioctl -ih softraid0 Volume Status Size Device softraid0 0 Online 447G sd2 RAID0 0 Online 149G 0:0.0 noencl 1

PF per-ip statistics

Hi all, reading pfctl manpage I've seen this: # pfctl -t test -vTshow 129.128.5.191 Cleared: Thu Feb 13 18:55:18 2003 In/Block:[ Packets: 0Bytes: 0] In/Pass: [ Packets: 10 Byt

Re: OpenBSD 4.6 pfsync kernel panic

Hi David Thank you for the quick reply! The stack trace from the console at the time of the crash: Starting stack trace panic(d07a8c58,0,de1b4b28,0,d8a282b8) at panic+0x65 panic(d071ad67,6,0,d031baf5,de1b4b20) at panic+0x65 trap() at trap+0x119 --- trap (number 6) --- pfsync_state_import(d899e83

OpenBSD 4.6 distributed through Linux For You magazine India

hi. http://www.lfymag.com/currentissue.asp?id=13 towards the end OpenBSD 4.6 & Eclipse 3.5 OpenBSD being security guru Theo de Raadts baby, includes a number of security features absent or optional in other OS. Siju

misc@openbsd.org

On 18/11/2009, at 1:56 AM, W.E.B. Schrott wrote: Hi These 2 files do not seem to be there anymore. I couldn't find any info about this facts anywhere. www.openbsd.org/spamd/koreacidr.txt.gz www.openbsd.org/spamd/chinacidr.txt.gz I guess, I will have to get them directly and reformat them to f